lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 23 Oct 2021 10:06:41 -0500
From:   Steve French <smfrench@...il.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     Namjae Jeon <linkinjeon@...nel.org>,
        CIFS <linux-cifs@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] ksmbd fixes

Please pull the following changes since commit
64570fbc14f8d7cb3fe3995f20e26bc25ce4b2cc:

  Linux 5.15-rc5 (2021-10-10 17:01:59 -0700)

are available in the Git repository at:

  git://git.samba.org/ksmbd.git tags/5.15-rc6-ksmbd-fixes

for you to fetch changes up to 0d994cd482ee4e8e851388a70869beee51be1c54:

  ksmbd: add buffer validation in session setup (2021-10-20 00:07:10 -0500)

----------------------------------------------------------------
Ten fixes for the ksmbd kernel server:
- a security improvement to session establishment to reduce the
possibility of dictionary attacks
- fix to ensure that maximum i/o size negotiated in the protocol is
not less than 64K and not more than 8MB to better match expected
behavior
- fix for crediting (flow control) important to properly verify that
sufficient credits are available for the requested operation
- seven additional buffer overflow, buffer validation checks

Regression test results for current linux-next:
http://smb3-test-rhel-75.southcentralus.cloudapp.azure.com/#/builders/8/builds/89
----------------------------------------------------------------
Hyunchul Lee (3):
      ksmbd: improve credits management
      ksmbd: add buffer validation for smb direct
      ksmbd: validate OutputBufferLength of QUERY_DIR, QUERY_INFO,
IOCTL requests

Marios Makassikis (1):
      ksmbd: add buffer validation in session setup

Namjae Jeon (5):
      ksmbd: add validation in smb2_ioctl
      ksmbd: fix potencial 32bit overflow from data area check in smb2_write
      ksmbd: validate compound response buffer
      ksmbd: limit read/write/trans buffer size not to exceed 8MB
      ksmbd: throttle session setup failures to avoid dictionary attacks

Ralph Boehme (1):
      ksmbd: validate credit charge after validating SMB2 PDU body size

 fs/ksmbd/auth.c             |  16 +-
 fs/ksmbd/connection.c       |   2 +
 fs/ksmbd/ksmbd_netlink.h    |   2 +
 fs/ksmbd/mgmt/user_config.c |   2 +-
 fs/ksmbd/mgmt/user_config.h |   1 +
 fs/ksmbd/smb2misc.c         |  55 ++++---
 fs/ksmbd/smb2ops.c          |   3 +
 fs/ksmbd/smb2pdu.c          | 346 ++++++++++++++++++++++++++++---------------
 fs/ksmbd/smb2pdu.h          |   2 +
 fs/ksmbd/transport_ipc.c    |   3 +-
 fs/ksmbd/transport_ipc.h    |   2 +-
 fs/ksmbd/transport_rdma.c   |  21 ++-
 fs/ksmbd/vfs.c              |   2 +-
 fs/ksmbd/vfs.h              |   2 +-
 14 files changed, 306 insertions(+), 153 deletions(-)

-- 
Thanks,

Steve

Powered by blists - more mailing lists