Patch "ksmbd: don't need 8byte alignment for request length in ksmbd_check_message" has been added to the 5.15-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Mon, 15 Nov 2021 14:49:52 +0100

This is a note to let you know that I've just added the patch titled

    ksmbd: don't need 8byte alignment for request length in ksmbd_check_message

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ksmbd-don-t-need-8byte-alignment-for-request-length-in-ksmbd_check_message.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From b53ad8107ee873795ecb5039d46b5d5502d404f2 Mon Sep 17 00:00:00 2001
From: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Date: Fri, 29 Oct 2021 08:09:50 +0900
Subject: ksmbd: don't need 8byte alignment for request length in ksmbd_check_message

From: Namjae Jeon <linkinjeon@xxxxxxxxxx>

commit b53ad8107ee873795ecb5039d46b5d5502d404f2 upstream.

When validating request length in ksmbd_check_message, 8byte alignment
is not needed for compound request. It can cause wrong validation
of request length.

Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable@xxxxxxxxxxxxxxx # v5.15
Acked-by: Hyunchul Lee <hyc.lee@xxxxxxxxx>
Signed-off-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 fs/ksmbd/smb2misc.c |    6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -358,12 +358,10 @@ int ksmbd_smb2_check_message(struct ksmb
 		hdr = &pdu->hdr;
 	}
 
-	if (le32_to_cpu(hdr->NextCommand) > 0) {
+	if (le32_to_cpu(hdr->NextCommand) > 0)
 		len = le32_to_cpu(hdr->NextCommand);
-	} else if (work->next_smb2_rcv_hdr_off) {
+	else if (work->next_smb2_rcv_hdr_off)
 		len -= work->next_smb2_rcv_hdr_off;
-		len = round_up(len, 8);
-	}
 
 	if (check_smb2_hdr(hdr))
 		return 1;


Patches currently in stable-queue which might be from linkinjeon@xxxxxxxxxx are

queue-5.15/exfat-fix-incorrect-loading-of-i_blocks-for-large-files.patch
queue-5.15/ksmbd-fix-buffer-length-check-in-fsctl_validate_negotiate_info.patch
queue-5.15/ksmbd-don-t-need-8byte-alignment-for-request-length-in-ksmbd_check_message.patch
queue-5.15/ksmbd-set-unique-value-to-volume-serial-field-in-fs_volume_information.patch






