[PATCH OLK-5.10 18/18] ksmbd: smb2: Allow messages padded to 8byte boundary

From: Gustav Johansson gustajo@axis.com

mainline inclusion from mainline-v6.3-rc1 commit e7b8b8ed9960bf699bf4029f482d9e869c094ed6 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I7CETC CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

clc length is now accepted to <= 8 less than length, rather than < 8.

Solve issues on some of Axis's smb clients which send messages where clc length is 8 bytes less than length.

The specific client was running kernel 4.19.217 with smb dialect 3.0.2 on armv7l.

Cc: stable@vger.kernel.org Signed-off-by: Gustav Johansson gustajo@axis.com Acked-by: Namjae Jeon linkinjeon@kernel.org Signed-off-by: Steve French stfrench@microsoft.com Signed-off-by: ZhaoLong Wang wangzhaolong1@huawei.com --- fs/ksmbd/smb2misc.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c index f5691399bf9d..0e951dfddc23 100644 --- a/fs/ksmbd/smb2misc.c +++ b/fs/ksmbd/smb2misc.c @@ -421,8 +421,11 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)

/* * Allow a message that padded to 8byte boundary. + * Linux 4.19.217 with smb 3.0.2 are sometimes + * sending messages where the cls_len is exactly + * 8 bytes less than len. */ - if (clc_len < len && (len - clc_len) < 8) + if (clc_len < len && (len - clc_len) <= 8) goto validate_credit;

pr_err_ratelimited(