linux-kernel - [GIT PULL] ksmbd server fixes

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Date:   Fri, 5 May 2023 19:19:00 -0500
From:   Steve French <smfrench@...il.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     CIFS <linux-cifs@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Namjae Jeon <linkinjeon@...nel.org>
Subject: [GIT PULL] ksmbd server fixes

Please pull the following changes since commit
1ae78a14516b9372e4c90a89ac21b259339a3a3a:

  Merge tag '6.4-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd
(2023-04-29 11:10:39 -0700)

are available in the Git repository at:

  git://git.samba.org/ksmbd.git tags/6.4-rc-ksmbd-server-fixes-part2

for you to fetch changes up to eb307d09fe15844fdaebeb8cc8c9b9e925430aa5:

  ksmbd: call rcu_barrier() in ksmbd_server_exit() (2023-05-03 23:03:02 -0500)

----------------------------------------------------------------
Ten ksmbd server fixes, including some important security fixes
- Two use after free fixes
- Fix RCU callback race
- Deadlock fix
- Three patches to prevent session setup attacks
- Prevent guest users from establishing multichannel sessions
- Fix null pointer dereference in query FS info
- Memleak fix
----------------------------------------------------------------
Namjae Jeon (10):
      ksmbd: fix memleak in session setup
      ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
      ksmbd: fix racy issue from session setup and logoff
      ksmbd: destroy expired sessions
      ksmbd: block asynchronous requests when making a delay on session setup
      ksmbd: fix deadlock in ksmbd_find_crypto_ctx()
      ksmbd: not allow guest user on multichannel
      ksmbd: fix racy issue from smb2 close and logoff with multichannel
      ksmbd: fix racy issue under cocurrent smb2 tree disconnect
      ksmbd: call rcu_barrier() in ksmbd_server_exit()

 fs/ksmbd/auth.c              |  19 +++++++++++--------
 fs/ksmbd/connection.c        |  68
++++++++++++++++++++++++++++++++++++++++++++++++--------------------
 fs/ksmbd/connection.h        |  58
+++++++++++++++++++++++++++++++++++++++-------------------
 fs/ksmbd/mgmt/tree_connect.c |  13 ++++++++++++-
 fs/ksmbd/mgmt/tree_connect.h |   3 +++
 fs/ksmbd/mgmt/user_session.c |  81
++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------
 fs/ksmbd/mgmt/user_session.h |   1 +
 fs/ksmbd/server.c            |   4 +++-
 fs/ksmbd/smb2pdu.c           | 109
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------------------------------
 fs/ksmbd/smb2pdu.h           |   2 ++
 fs/ksmbd/transport_tcp.c     |   2 +-
 11 files changed, 250 insertions(+), 110 deletions(-)

-- 
Thanks,

Steve