updated patch with call stack and added cc:stable and merged into
cifs-2.6.git for-next
On Thu, Oct 15, 2020 at 5:25 PM ronnie sahlberg
<ronniesahlberg@xxxxxxxxx> wrote:
>
> On Fri, Oct 16, 2020 at 4:02 AM Shyam Prasad N <nspmangalore@xxxxxxxxx> wrote:
> >
> > Fixes bug:
> > https://bugzilla.kernel.org/show_bug.cgi?id=209669
> >
> > Please review.
>
> Since it is an oops, can you add the stack backtrace to the commit message ?
>
> >
> > --
> > -Shyam
--
Thanks,
Steve
From 9d05fc24b33bf285260d58b937b838b36530ea6d Mon Sep 17 00:00:00 2001
From: Shyam Prasad N <sprasad@xxxxxxxxxxxxx>
Date: Thu, 15 Oct 2020 10:41:31 -0700
Subject: [PATCH] cifs: Return the error from crypt_message when enc/dec key
not found.
In crypt_message, when smb2_get_enc_key returns error, we need to
return the error back to the caller. If not, we end up processing
the message further, causing a kernel oops due to unwarranted access
of memory.
Call Trace:
smb3_receive_transform+0x120/0x870 [cifs]
cifs_demultiplex_thread+0xb53/0xc20 [cifs]
? cifs_handle_standard+0x190/0x190 [cifs]
kthread+0x116/0x130
? kthread_park+0x80/0x80
ret_from_fork+0x1f/0x30
Signed-off-by: Shyam Prasad N <sprasad@xxxxxxxxxxxxx>
Reviewed-by: Pavel Shilovsky <pshilov@xxxxxxxxxxxxx>
Reviewed-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx>
CC: Stable <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
---
fs/cifs/smb2ops.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 48657ddbd75e..0dfa832a3de0 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -3944,7 +3944,7 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst,
if (rc) {
cifs_server_dbg(VFS, "%s: Could not get %scryption key\n", __func__,
enc ? "en" : "de");
- return 0;
+ return rc;
}
rc = smb3_crypto_aead_allocate(server);
--
2.25.1
