From: Marios Makassikis <mmakassikis@freebox.fr> mainline inclusion from mainline-5.15-rc1 commit 79caa9606df1504b3b5104457cbb5d759f0e5fae category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G CVE: NA Reference: https://git.kernel.org/torvalds/linux/c/79caa9606df1 ------------------------------- Currently, a SMB2 client does not receive an error message if ksmbd_session_rpc_open() fails when opening a pipe. Fix this by responding with STATUS_NO_MEMORY or STATUS_INVALID_PARAMETER depending on the error that occurred. Signed-off-by: Marios Makassikis <mmakassikis@freebox.fr> Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Steve French <stfrench@microsoft.com> Signed-off-by: Jason Yan <yanaijie@huawei.com> Signed-off-by: Zhong Jinghua <zhongjinghua@huawei.com> --- fs/cifsd/smb2pdu.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c index e5aff1ca11e1..fec385318ff3 100644 --- a/fs/cifsd/smb2pdu.c +++ b/fs/cifsd/smb2pdu.c @@ -1917,9 +1917,13 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work) } id = ksmbd_session_rpc_open(work->sess, name); - if (id < 0) + if (id < 0) { ksmbd_err("Unable to open RPC pipe: %d\n", id); + err = id; + goto out; + } + rsp->hdr.Status = STATUS_SUCCESS; rsp->StructureSize = cpu_to_le16(89); rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE; rsp->Reserved = 0; @@ -1942,6 +1946,19 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work) return 0; out: + switch (err) { + case -EINVAL: + rsp->hdr.Status = STATUS_INVALID_PARAMETER; + break; + case -ENOSPC: + case -ENOMEM: + rsp->hdr.Status = STATUS_NO_MEMORY; + break; + } + + if (!IS_ERR(name)) + kfree(name); + smb2_set_err_rsp(work); return err; } -- 2.31.1