merged into cifs-2.6.git for-next pending testing
Xioli,
Let me know if you want me to add your reported-by and/or tested-by
On Tue, Jan 10, 2023 at 2:55 PM Paulo Alcantara <pc@xxxxxx> wrote:
>
> If session setup failed with kerberos auth, we ended up freeing
> cifs_ses::auth_key.response twice in SMB2_auth_kerberos() and
> sesInfoFree().
>
> Fix this by zeroing out cifs_ses::auth_key.response after freeing it
> in SMB2_auth_kerberos().
>
> Fixes: a4e430c8c8ba ("cifs: replace kfree() with kfree_sensitive() for sensitive data")
> Signed-off-by: Paulo Alcantara (SUSE) <pc@xxxxxx>
> Acked-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx>
> ---
> fs/cifs/smb2pdu.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index 2c484d47c592..727f16b426be 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -1482,8 +1482,11 @@ SMB2_auth_kerberos(struct SMB2_sess_data *sess_data)
> out_put_spnego_key:
> key_invalidate(spnego_key);
> key_put(spnego_key);
> - if (rc)
> + if (rc) {
> kfree_sensitive(ses->auth_key.response);
> + ses->auth_key.response = NULL;
> + ses->auth_key.len = 0;
> + }
> out:
> sess_data->result = rc;
> sess_data->func = NULL;
> --
> 2.39.0
>
--
Thanks,
Steve
