ksmbd: conn lock to serialize smb2 negotiate

If client send parallel smb2 negotiate request on same connection, ksmbd_conn can be racy. smb2 negotiate handling that are not performance-related can be serialized with conn lock. Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
author: Namjae Jeon <linkinjeon@kernel.org> 2024-12-14 12:19:03 +0900
committer: Steve French <stfrench@microsoft.com> 2024-12-15 22:20:03 -0600
commit: fe4ed2f09b492e3507615a053814daa8fafdecb1 (patch)
tree: 38f7e401af1975eadbec47aaf130d96c3f57ac73
parent: 43fb7bce8866e793275c4f9f25af6a37745f3416 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c
index 803b35b89513..23e21845f928 100644
--- a/fs/smb/server/smb2pdu.c
+++ b/fs/smb/server/smb2pdu.c
@@ -1097,6 +1097,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
 		return rc;
 	}
 
+	ksmbd_conn_lock(conn);
 	smb2_buf_len = get_rfc1002_len(work->request_buf);
 	smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects);
 	if (smb2_neg_size > smb2_buf_len) {
@@ -1247,6 +1248,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
 	ksmbd_conn_set_need_negotiate(conn);
 
 err_out:
+	ksmbd_conn_unlock(conn);
 	if (rc)
 		rsp->hdr.Status = STATUS_INSUFFICIENT_RESOURCES;
author	Namjae Jeon <linkinjeon@kernel.org>	2024-12-14 12:19:03 +0900
committer	Steve French <stfrench@microsoft.com>	2024-12-15 22:20:03 -0600
commit	fe4ed2f09b492e3507615a053814daa8fafdecb1 (patch)
tree	38f7e401af1975eadbec47aaf130d96c3f57ac73
parent	43fb7bce8866e793275c4f9f25af6a37745f3416 (diff)