lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 18 Jul 2017 22:45:56 +0000
From:   Pavel Shilovskiy <pshilov@...rosoft.com>
To:     Ben Hutchings <ben@...adent.org.uk>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>
CC:     "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        Jonathan Liu <net147@...il.com>,
        Sachin Prabhu <sprabhu@...hat.com>,
        Steve French <smfrench@...il.com>
Subject: RE: [PATCH 3.16 155/178] cifs: Do not send echoes before Negotiate is
 complete

2017-07-16 6:57 Ben Hutchings <ben@...adent.org.uk>:
> 
> 3.16.46-rc1 review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Sachin Prabhu <sprabhu@...hat.com>
> 
> commit 62a6cfddcc0a5313e7da3e8311ba16226fe0ac10 upstream.
> 
> commit 4fcd1813e640 ("Fix reconnect to not defer smb3 session reconnect long after socket reconnect") added support for Negotiate requests to be initiated by echo calls.
> 
> To avoid delays in calling echo after a reconnect, I added the patch introduced by the commit b8c600120fc8 ("Call echo service immediately after socket reconnect").
>
> This has however caused a regression with cifs shares which do not have support for echo calls to trigger Negotiate requests. On connections which need to call Negotiation, the echo calls trigger an error which triggers a reconnect which in turn triggers another echo call. This results in a loop which is only broken when an operation is performed on the cifs share. For an idle share, it can DOS a server.
> 
> The patch uses the smb_operation can_echo() for cifs so that it is called only if connection has been already been setup.
> 
> kernel bz: 194531
> 
> Signed-off-by: Sachin Prabhu <sprabhu@...hat.com>
> Tested-by: Jonathan Liu <net147@...il.com>
> Acked-by: Pavel Shilovsky <pshilov@...rosoft.com>
> Signed-off-by: Steve French <smfrench@...il.com>
> Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
> ---
> fs/cifs/smb1ops.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)

I have just posted a backport of commit b8c600120fc8 ("Call echo service immediately after socket reconnect") for v3.16.x kernel to the stable mailing list. Please consider merging it too.

Best regards,
Pavel Shilovsky

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ