mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-11-25 00:30:52 +07:00
[CIFS] Incorrect signature sent on SMB Read
Fixes Samba bug 3621 and kernel.org bug 6147 For servers which require SMB/CIFS packet signing, we were sending the wrong signature (all zeros) on SMB Read request. The new cifs routine to do signatures across an iovec was not complete - and SMB Read, unlike the new SMBWrite2, did not fall back to the older routine (ie use SendReceive vs. the more efficient SendReceive2 ie used the older cifs_sign_smb vs. the disabled cifs_sign_smb2) for calculating signatures. This finishes up cifs_sign_smb2/cifs_calc_signature2 so that the callers of SendReceive2 can get SMB/CIFS packet signatures. Now that cifs_sign_smb2 is supported, we could start using it in the write path but this smaller fix does not include the change to use SMBWrite2 when signatures are required (which when enabled will make more Writes more efficient and alloc less memory). Currently Write2 is only used when signatures are not required at the moment but after more testing we will enable that as well). Thanks to James Slepicka and Sam Flory for initial investigation. Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
f1682e94a3
commit
e9917a000f
@ -57,9 +57,6 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
|
||||
int rc = 0;
|
||||
char smb_signature[20];
|
||||
|
||||
/* BB remember to initialize sequence number elsewhere and initialize mac_signing key elsewhere BB */
|
||||
/* BB remember to add code to save expected sequence number in midQ entry BB */
|
||||
|
||||
if((cifs_pdu == NULL) || (server == NULL))
|
||||
return -EINVAL;
|
||||
|
||||
@ -86,20 +83,33 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
|
||||
static int cifs_calc_signature2(const struct kvec * iov, int n_vec,
|
||||
const char * key, char * signature)
|
||||
{
|
||||
struct MD5Context context;
|
||||
struct MD5Context context;
|
||||
int i;
|
||||
|
||||
if((iov == NULL) || (signature == NULL))
|
||||
return -EINVAL;
|
||||
if((iov == NULL) || (signature == NULL))
|
||||
return -EINVAL;
|
||||
|
||||
MD5Init(&context);
|
||||
MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);
|
||||
MD5Init(&context);
|
||||
MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);
|
||||
for(i=0;i<n_vec;i++) {
|
||||
if(iov[i].iov_base == NULL) {
|
||||
cERROR(1,("null iovec entry"));
|
||||
return -EIO;
|
||||
} else if(iov[i].iov_len == 0)
|
||||
break; /* bail out if we are sent nothing to sign */
|
||||
/* The first entry includes a length field (which does not get
|
||||
signed that occupies the first 4 bytes before the header */
|
||||
if(i==0) {
|
||||
if (iov[0].iov_len <= 8 ) /* cmd field at offset 9 */
|
||||
break; /* nothing to sign or corrupt header */
|
||||
MD5Update(&context,iov[0].iov_base+4, iov[0].iov_len-4);
|
||||
} else
|
||||
MD5Update(&context,iov[i].iov_base, iov[i].iov_len);
|
||||
}
|
||||
|
||||
/* MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); */ /* BB FIXME BB */
|
||||
MD5Final(signature,&context);
|
||||
|
||||
MD5Final(signature,&context);
|
||||
|
||||
return -EOPNOTSUPP;
|
||||
/* return 0; */
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user