unimore/kernel-hacking-2024-linux-steffo
unimore/kernel-hacking-2024-linux-steffo
1
Fork 0
Code Pull requests 5 Wiki Activity
kernel-hacking-2024-linux-s.../fs/cifs
History
Pavel Shilovsky 61cfac6f26 CIFS: Fix possible use after free in demultiplex thread 
The recent changes that added SMB3 encryption support introduced
a possible use after free in the demultiplex thread. When we
process an encrypted packed we obtain a pointer to SMB session
but do not obtain a reference. This can possibly lead to a situation
when this session was freed before we copy a decryption key from
there. Fix this by obtaining a copy of the key rather than a pointer
to the session under a spinlock.

Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2017-03-01 16:42:40 -06:00
..
asn1.c
cache.c
cifs_debug.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
cifs_debug.h
cifs_dfs_ref.c fs: Better permission checking for submounts 2017-02-02 04:36:12 +13:00
cifs_fs_sb.h CIFS: Add new mount option to set owner uid and gid from special sids in acl 2016-10-14 14:22:01 -05:00
cifs_ioctl.h Enable previous version support 2016-10-13 19:48:11 -05:00
cifs_spnego.c
cifs_spnego.h
cifs_unicode.c
cifs_unicode.h
cifs_uniupr.h
cifsacl.c CIFS: Retrieve uid and gid from special sid if enabled 2016-10-14 14:22:16 -05:00
cifsacl.h
cifsencrypt.c CIFS: Encrypt SMB3 requests before sending 2017-02-01 16:46:36 -06:00
cifsfs.c CIFS: Encrypt SMB3 requests before sending 2017-02-01 16:46:36 -06:00
cifsfs.h
cifsglob.h CIFS: Decrypt and process small encrypted packets 2017-02-01 16:46:36 -06:00
cifspdu.h
cifsproto.h CIFS: Add capability to decrypt big read responses 2017-02-01 16:46:37 -06:00
cifssmb.c CIFS: Add capability to decrypt big read responses 2017-02-01 16:46:37 -06:00
connect.c CIFS: Allow to switch on encryption with seal mount option 2017-02-01 16:46:37 -06:00
dir.c cifs_get_root shouldn't use path with tree name 2016-12-15 01:42:54 -06:00
dns_resolve.c
dns_resolve.h
export.c
file.c mm, fs: reduce fault, page_mkwrite, and pfn_mkwrite to take only vmf 2017-02-24 17:46:54 -08:00
fscache.c
fscache.h
inode.c
ioctl.c CIFS: Decrease verbosity of ioctl call 2016-12-02 16:04:33 -08:00
Kconfig CIFS: Encrypt SMB3 requests before sending 2017-02-01 16:46:36 -06:00
link.c cifs: use %16phN for formatting md5 sum 2016-12-15 00:21:37 -06:00
Makefile
misc.c Clarify locking of cifs file and tcon structures and make more granular 2016-10-12 12:08:32 -05:00
netmisc.c
nterr.c
nterr.h
ntlmssp.h
readdir.c cifs: initialize file_info_lock 2017-01-14 14:58:29 -06:00
rfc1002pdu.h
sess.c CIFS: Enable encryption during session setup phase 2017-02-01 16:46:36 -06:00
smb1ops.c CIFS: Make send_cancel take rqst as argument 2017-02-01 16:46:35 -06:00
smb2file.c CIFS: Fix a possible memory corruption in push locks 2016-12-05 11:08:55 -08:00
smb2glob.h CIFS: Separate SMB2 header structure 2017-02-01 16:46:34 -06:00
smb2inode.c Do not send SMB3 SET_INFO request if nothing is changing 2016-10-13 19:46:51 -05:00
smb2maperror.c CIFS: Separate SMB2 header structure 2017-02-01 16:46:34 -06:00
smb2misc.c CIFS: Separate SMB2 header structure 2017-02-01 16:46:34 -06:00
smb2ops.c CIFS: Fix possible use after free in demultiplex thread 2017-03-01 16:42:40 -06:00
smb2pdu.c CIFS: Allow to switch on encryption with seal mount option 2017-02-01 16:46:37 -06:00
smb2pdu.h CIFS: Encrypt SMB3 requests before sending 2017-02-01 16:46:36 -06:00
smb2proto.h CIFS: Decrypt and process small encrypted packets 2017-02-01 16:46:36 -06:00
smb2status.h
smb2transport.c CIFS: Decrypt and process small encrypted packets 2017-02-01 16:46:36 -06:00
smbencrypt.c cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack 2016-12-14 01:44:16 -06:00
smberr.h
smbfsctl.h
transport.c CIFS: Add mid handle callback 2017-02-01 16:46:36 -06:00
winucase.c
xattr.c