diff options
| author |   Namjae Jeon <linkinjeon@kernel.org> | 2024-12-14 12:19:03 +0900 |
|---|---|---|
| committer |   Steve French <stfrench@microsoft.com> | 2024-12-15 22:20:03 -0600 |
| commit | fe4ed2f09b492e3507615a053814daa8fafdecb1 (patch) | |
| tree | 38f7e401af1975eadbec47aaf130d96c3f57ac73 | |
| parent | ksmbd: fix broken transfers when exceeding max simultaneous operations (diff) | |
| download | wireguard-linux-fe4ed2f09b492e3507615a053814daa8fafdecb1.tar.xz wireguard-linux-fe4ed2f09b492e3507615a053814daa8fafdecb1.zip | |
ksmbd: conn lock to serialize smb2 negotiate
If client send parallel smb2 negotiate request on same connection,
ksmbd_conn can be racy. smb2 negotiate handling that are not
performance-related can be serialized with conn lock.
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Diffstat (limited to '')
| -rw-r--r-- | fs/smb/server/smb2pdu.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c index 803b35b89513..23e21845f928 100644 --- a/fs/smb/server/smb2pdu.c +++ b/fs/smb/server/smb2pdu.c @@ -1097,6 +1097,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work) return rc; } + ksmbd_conn_lock(conn); smb2_buf_len = get_rfc1002_len(work->request_buf); smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects); if (smb2_neg_size > smb2_buf_len) { @@ -1247,6 +1248,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work) ksmbd_conn_set_need_negotiate(conn); err_out: + ksmbd_conn_unlock(conn); if (rc) rsp->hdr.Status = STATUS_INSUFFICIENT_RESOURCES; |