<feed xmlns='http://www.w3.org/2005/Atom'>
<title>kernel/git/stable/linux.git/fs/smb, branch linux-6.7.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<id>https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-6.7.y</id>
<link rel='self' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-6.7.y'/>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/'/>
<updated>2024-04-03T13:11:29+00:00</updated>
<entry>
<title>ksmbd: fix potencial out-of-bounds when buffer offset is invalid</title>
<updated>2024-04-03T13:11:29+00:00</updated>
<author>
<name>Namjae Jeon</name>
<email>linkinjeon@kernel.org</email>
</author>
<published>2024-03-18T23:40:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2dcda336b6e80b72d58d30d40f2fad9724e5fe63'/>
<id>urn:sha1:2dcda336b6e80b72d58d30d40f2fad9724e5fe63</id>
<content type='text'>
[ Upstream commit c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da ]

I found potencial out-of-bounds when buffer offset fields of a few requests
is invalid. This patch set the minimum value of buffer offset field to
-&gt;Buffer offset to validate buffer length.

Cc: stable@vger.kernel.org
Signed-off-by: Namjae Jeon &lt;linkinjeon@kernel.org&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()</title>
<updated>2024-04-03T13:11:29+00:00</updated>
<author>
<name>Namjae Jeon</name>
<email>linkinjeon@kernel.org</email>
</author>
<published>2024-03-16T14:36:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3b8da67191e938a63d2736dabb4ac5d337e5de57'/>
<id>urn:sha1:3b8da67191e938a63d2736dabb4ac5d337e5de57</id>
<content type='text'>
[ Upstream commit a80a486d72e20bd12c335bcd38b6e6f19356b0aa ]

If -&gt;NameOffset of smb2_create_req is smaller than Buffer offset of
smb2_create_req, slab-out-of-bounds read can happen from smb2_open.
This patch set the minimum value of the name offset to the buffer offset
to validate name length of smb2_create_req().

Cc: stable@vger.kernel.org
Reported-by: Xuanzhe Yu &lt;yuxuanzhe@outlook.com&gt;
Signed-off-by: Namjae Jeon &lt;linkinjeon@kernel.org&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>cifs: open_cached_dir(): add FILE_READ_EA to desired access</title>
<updated>2024-04-03T13:11:28+00:00</updated>
<author>
<name>Eugene Korenevsky</name>
<email>ekorenevsky@astralinux.ru</email>
</author>
<published>2024-03-01T14:53:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fc58bd35ee2974f364437b7d178842893b37d5f6'/>
<id>urn:sha1:fc58bd35ee2974f364437b7d178842893b37d5f6</id>
<content type='text'>
[ Upstream commit f1b8224b4e6ed59e7e6f5c548673c67410098d8d ]

Since smb2_query_eas() reads EA and uses cached directory,
open_cached_dir() should request FILE_READ_EA access.

Otherwise listxattr() and getxattr() will fail with EACCES
(0xc0000022 STATUS_ACCESS_DENIED SMB status).

Link: https://bugzilla.kernel.org/show_bug.cgi?id=218543
Cc: stable@vger.kernel.org
Signed-off-by: Eugene Korenevsky &lt;ekorenevsky@astralinux.ru&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>cifs: reduce warning log level for server not advertising interfaces</title>
<updated>2024-04-03T13:11:27+00:00</updated>
<author>
<name>Shyam Prasad N</name>
<email>sprasad@microsoft.com</email>
</author>
<published>2024-03-13T10:40:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=645f0106b7c69b975e0563adee751426eb97f3e8'/>
<id>urn:sha1:645f0106b7c69b975e0563adee751426eb97f3e8</id>
<content type='text'>
[ Upstream commit 16a57d7681110b25708c7042688412238e6f73a9 ]

Several users have reported this log getting dumped too regularly to
kernel log. The likely root cause has been identified, and it suggests
that this situation is expected for some configurations
(for example SMB2.1).

Since the function returns appropriately even for such cases, it is
fairly harmless to make this a debug log. When needed, the verbosity
can be increased to capture this log.

Cc: stable@vger.kernel.org
Reported-by: Jan Čermák &lt;sairon@sairon.cz&gt;
Signed-off-by: Shyam Prasad N &lt;sprasad@microsoft.com&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>cifs: make cifs_chan_update_iface() a void function</title>
<updated>2024-04-03T13:11:27+00:00</updated>
<author>
<name>Dan Carpenter</name>
<email>dan.carpenter@linaro.org</email>
</author>
<published>2024-01-08T09:08:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0c51a2737a97b4a9cd6a79bd5273572146953035'/>
<id>urn:sha1:0c51a2737a97b4a9cd6a79bd5273572146953035</id>
<content type='text'>
[ Upstream commit 8d606c311b75e81063b4ea650b301cbe0c4ed5e1 ]

The return values for cifs_chan_update_iface() didn't match what the
documentation said and nothing was checking them anyway.  Just make it
a void function.

Signed-off-by: Dan Carpenter &lt;dan.carpenter@linaro.org&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Stable-dep-of: 16a57d768111 ("cifs: reduce warning log level for server not advertising interfaces")
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>cifs: delete unnecessary NULL checks in cifs_chan_update_iface()</title>
<updated>2024-04-03T13:11:27+00:00</updated>
<author>
<name>Dan Carpenter</name>
<email>dan.carpenter@linaro.org</email>
</author>
<published>2024-01-08T09:07:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9e010afd7f4b40266e885ab24b00a42b37b71b34'/>
<id>urn:sha1:9e010afd7f4b40266e885ab24b00a42b37b71b34</id>
<content type='text'>
[ Upstream commit c3a11c0ec66c1e0652e3a2bb4f5cc74eea0ba486 ]

We return early if "iface" is NULL so there is no need to check here.
Delete those checks.

Signed-off-by: Dan Carpenter &lt;dan.carpenter@linaro.org&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Stable-dep-of: 16a57d768111 ("cifs: reduce warning log level for server not advertising interfaces")
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>cifs: make sure server interfaces are requested only for SMB3+</title>
<updated>2024-04-03T13:11:27+00:00</updated>
<author>
<name>Shyam Prasad N</name>
<email>sprasad@microsoft.com</email>
</author>
<published>2024-03-13T10:40:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2ac506974f7a0c050091bc6d60ae7cc540315cbc'/>
<id>urn:sha1:2ac506974f7a0c050091bc6d60ae7cc540315cbc</id>
<content type='text'>
[ Upstream commit 13c0a74747cb7fdadf58c5d3a7d52cfca2d51736 ]

Some code paths for querying server interfaces make a false
assumption that it will only get called for SMB3+. Since this
function now can get called from a generic code paths, the correct
thing to do is to have specific handler for this functionality
per SMB dialect, and call this handler.

This change adds such a handler and implements this handler only
for SMB 3.0 and 3.1.1.

Cc: stable@vger.kernel.org
Cc: Jan Čermák &lt;sairon@sairon.cz&gt;
Reported-by: Paulo Alcantara &lt;pc@manguebit.com&gt;
Signed-off-by: Shyam Prasad N &lt;sprasad@microsoft.com&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>ksmbd: retrieve number of blocks using vfs_getattr in set_file_allocation_info</title>
<updated>2024-04-03T13:11:24+00:00</updated>
<author>
<name>Marios Makassikis</name>
<email>mmakassikis@freebox.fr</email>
</author>
<published>2024-02-22T09:58:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bf7dcdf54a314d93a908be965e26d191356d109a'/>
<id>urn:sha1:bf7dcdf54a314d93a908be965e26d191356d109a</id>
<content type='text'>
[ Upstream commit 34cd86b6632718b7df3999d96f51e63de41c5e4f ]

Use vfs_getattr() to retrieve stat information, rather than make
assumptions about how a filesystem fills inode structs.

Cc: stable@vger.kernel.org
Signed-off-by: Marios Makassikis &lt;mmakassikis@freebox.fr&gt;
Acked-by: Namjae Jeon &lt;linkinjeon@kernel.org&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>ksmbd: replace generic_fillattr with vfs_getattr</title>
<updated>2024-04-03T13:11:24+00:00</updated>
<author>
<name>Marios Makassikis</name>
<email>mmakassikis@freebox.fr</email>
</author>
<published>2024-02-22T09:58:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f9278ba4967027ad2bf001694f0e489c7bbae6d5'/>
<id>urn:sha1:f9278ba4967027ad2bf001694f0e489c7bbae6d5</id>
<content type='text'>
[ Upstream commit 5614c8c487f6af627614dd2efca038e4afe0c6d7 ]

generic_fillattr should not be used outside of -&gt;getattr
implementations.

Use vfs_getattr instead, and adapt functions to return an
error code to the caller.

Cc: stable@vger.kernel.org
Signed-off-by: Marios Makassikis &lt;mmakassikis@freebox.fr&gt;
Acked-by: Namjae Jeon &lt;linkinjeon@kernel.org&gt;
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
<entry>
<title>cifs: allow changing password during remount</title>
<updated>2024-04-03T13:11:22+00:00</updated>
<author>
<name>Steve French</name>
<email>stfrench@microsoft.com</email>
</author>
<published>2024-02-13T06:40:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e78308a6dcab1e53b38b8dd952e69c515cd324d7'/>
<id>urn:sha1:e78308a6dcab1e53b38b8dd952e69c515cd324d7</id>
<content type='text'>
[ Upstream commit c1eb537bf4560b3ad4df606c266c665624f3b502 ]

There are cases where a session is disconnected and password has changed
on the server (or expired) for this user and this currently can not
be fixed without unmount and mounting again.  This patch allows
remount to change the password (for the non Kerberos case, Kerberos
ticket refresh is handled differently) when the session is disconnected
and the user can not reconnect due to still using old password.

Future patches should also allow us to setup the keyring (cifscreds)
to have an "alternate password" so we would be able to change
the password before the session drops (without the risk of races
between when the password changes and the disconnect occurs -
ie cases where the old password is still needed because the new
password has not fully rolled out to all servers yet).

Cc: stable@vger.kernel.org
Signed-off-by: Steve French &lt;stfrench@microsoft.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
</entry>
</feed>
