| Message ID | 20211008032931.60797-1-linkinjeon@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v2] ksmbd: limit read/write/trans buffer size not to exceed MAX_STREAM_PROT_LEN | expand |
2021년 10월 8일 (금) 오후 12:29, Namjae Jeon <linkinjeon@kernel.org>님이 작성: > > ksmbd limit read/write/trans buffer size not to exceed > maximum stream protocol length(0x00FFFFFF). > > Cc: Tom Talpey <tom@talpey.com> > Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com> > Cc: Ralph Böhme <slow@samba.org> > Cc: Hyunchul Lee <hyc.lee@gmail.com> > Cc: Steve French <smfrench@gmail.com> > Cc: Sergey Senozhatsky <senozhatsky@chromium.org> > Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> > --- > v2: > - change 8MB limitation to MAX_STREAM_PROT_LEN. > > fs/ksmbd/smb2ops.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c > index b06456eb587b..63289872da97 100644 > --- a/fs/ksmbd/smb2ops.c > +++ b/fs/ksmbd/smb2ops.c > @@ -284,6 +284,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn) > > void init_smb2_max_read_size(unsigned int sz) > { > + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); If the maximum read size is MAX_STREAM_PROT_LEN, couldn't headers + data exceed MAX_STREAM_PROT_LEN? > smb21_server_values.max_read_size = sz; > smb30_server_values.max_read_size = sz; > smb302_server_values.max_read_size = sz; > @@ -292,6 +293,7 @@ void init_smb2_max_read_size(unsigned int sz) > > void init_smb2_max_write_size(unsigned int sz) > { > + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); > smb21_server_values.max_write_size = sz; > smb30_server_values.max_write_size = sz; > smb302_server_values.max_write_size = sz; > @@ -300,6 +302,7 @@ void init_smb2_max_write_size(unsigned int sz) > > void init_smb2_max_trans_size(unsigned int sz) > { > + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); > smb21_server_values.max_trans_size = sz; > smb30_server_values.max_trans_size = sz; > smb302_server_values.max_trans_size = sz; > -- > 2.25.1 >
2021-10-11 21:28 GMT+09:00, Hyunchul Lee <hyc.lee@gmail.com>: > 2021년 10월 8일 (금) 오후 12:29, Namjae Jeon <linkinjeon@kernel.org>님이 작성: >> >> ksmbd limit read/write/trans buffer size not to exceed >> maximum stream protocol length(0x00FFFFFF). >> >> Cc: Tom Talpey <tom@talpey.com> >> Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com> >> Cc: Ralph Böhme <slow@samba.org> >> Cc: Hyunchul Lee <hyc.lee@gmail.com> >> Cc: Steve French <smfrench@gmail.com> >> Cc: Sergey Senozhatsky <senozhatsky@chromium.org> >> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> >> --- >> v2: >> - change 8MB limitation to MAX_STREAM_PROT_LEN. >> >> fs/ksmbd/smb2ops.c | 3 +++ >> 1 file changed, 3 insertions(+) >> >> diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c >> index b06456eb587b..63289872da97 100644 >> --- a/fs/ksmbd/smb2ops.c >> +++ b/fs/ksmbd/smb2ops.c >> @@ -284,6 +284,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn) >> >> void init_smb2_max_read_size(unsigned int sz) >> { >> + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); > > If the maximum read size is MAX_STREAM_PROT_LEN, couldn't headers + > data exceed MAX_STREAM_PROT_LEN? Right, I will fix it on v3. Thanks! > >> smb21_server_values.max_read_size = sz; >> smb30_server_values.max_read_size = sz; >> smb302_server_values.max_read_size = sz; >> @@ -292,6 +293,7 @@ void init_smb2_max_read_size(unsigned int sz) >> >> void init_smb2_max_write_size(unsigned int sz) >> { >> + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); >> smb21_server_values.max_write_size = sz; >> smb30_server_values.max_write_size = sz; >> smb302_server_values.max_write_size = sz; >> @@ -300,6 +302,7 @@ void init_smb2_max_write_size(unsigned int sz) >> >> void init_smb2_max_trans_size(unsigned int sz) >> { >> + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); >> smb21_server_values.max_trans_size = sz; >> smb30_server_values.max_trans_size = sz; >> smb302_server_values.max_trans_size = sz; >> -- >> 2.25.1 >> > > > -- > Thanks, > Hyunchul >
diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c index b06456eb587b..63289872da97 100644 --- a/fs/ksmbd/smb2ops.c +++ b/fs/ksmbd/smb2ops.c @@ -284,6 +284,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn) void init_smb2_max_read_size(unsigned int sz) { + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); smb21_server_values.max_read_size = sz; smb30_server_values.max_read_size = sz; smb302_server_values.max_read_size = sz; @@ -292,6 +293,7 @@ void init_smb2_max_read_size(unsigned int sz) void init_smb2_max_write_size(unsigned int sz) { + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); smb21_server_values.max_write_size = sz; smb30_server_values.max_write_size = sz; smb302_server_values.max_write_size = sz; @@ -300,6 +302,7 @@ void init_smb2_max_write_size(unsigned int sz) void init_smb2_max_trans_size(unsigned int sz) { + sz = min_t(u32, sz, MAX_STREAM_PROT_LEN); smb21_server_values.max_trans_size = sz; smb30_server_values.max_trans_size = sz; smb302_server_values.max_trans_size = sz;
ksmbd limit read/write/trans buffer size not to exceed maximum stream protocol length(0x00FFFFFF). Cc: Tom Talpey <tom@talpey.com> Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com> Cc: Ralph Böhme <slow@samba.org> Cc: Hyunchul Lee <hyc.lee@gmail.com> Cc: Steve French <smfrench@gmail.com> Cc: Sergey Senozhatsky <senozhatsky@chromium.org> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> --- v2: - change 8MB limitation to MAX_STREAM_PROT_LEN. fs/ksmbd/smb2ops.c | 3 +++ 1 file changed, 3 insertions(+)