Merge tag 'v7.0-rc1-ksmbd-server-fixes' of git://git.samba.org/ksmbd (a75cb869) · Commits · git / linux-net

fs/smb/server/Kconfig

+1 −0

+3 −1

Original line number	Diff line number	Diff line
		@@ -15,6 +15,7 @@
		#include <crypto/aead.h>
		#include <crypto/md5.h>
		#include <crypto/sha2.h>
		#include <crypto/utils.h>
		#include <linux/random.h>
		#include <linux/scatterlist.h>

		@@ -165,7 +166,8 @@ int ksmbd_auth_ntlmv2(struct ksmbd_conn conn, struct ksmbd_session sess,
		ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE,
		sess->sess_key);

		if (memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE) != 0)
		if (crypto_memneq(ntlmv2->ntlmv2_hash, ntlmv2_rsp,
		CIFS_HMAC_MD5_HASH_SIZE))
		return -EINVAL;
		return 0;
		}

+3 −2

Original line number	Diff line number	Diff line
		@@ -4,6 +4,7 @@
		* Copyright (C) 2018 Samsung Electronics Co., Ltd.
		*/

		#include <crypto/utils.h>
		#include <linux/inetdevice.h>
		#include <net/addrconf.h>
		#include <linux/syscalls.h>
		@@ -8880,7 +8881,7 @@ int smb2_check_sign_req(struct ksmbd_work *work)
		ksmbd_sign_smb2_pdu(work->conn, work->sess->sess_key, iov, 1,
		signature);

		if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
		if (crypto_memneq(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
		pr_err("bad smb2 signature\n");
		return 0;
		}
		@@ -8968,7 +8969,7 @@ int smb3_check_sign_req(struct ksmbd_work *work)
		if (ksmbd_sign_smb3_pdu(conn, signing_key, iov, 1, signature))
		return 0;

		if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
		if (crypto_memneq(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
		pr_err("bad smb2 signature\n");
		return 0;
		}

+2 −2

Original line number	Diff line number	Diff line
		@@ -2540,9 +2540,9 @@ static int smb_direct_prepare(struct ksmbd_transport *t)
		goto put;

		req = (struct smbdirect_negotiate_req *)recvmsg->packet;
		sp->max_recv_size = min_t(int, sp->max_recv_size,
		sp->max_recv_size = min_t(u32, sp->max_recv_size,
		le32_to_cpu(req->preferred_send_size));
		sp->max_send_size = min_t(int, sp->max_send_size,
		sp->max_send_size = min_t(u32, sp->max_send_size,
		le32_to_cpu(req->max_receive_size));
		sp->max_fragmented_send_size =
		le32_to_cpu(req->max_fragmented_size);