Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp2386134pxb; Mon, 20 Sep 2021 21:00:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyN4PXzk81Fq/NQOMZVeSsDFjpISR2t6nOcTG0VWDKK96cu8T4Ao3q972ofTuLvGRr9Aa37 X-Received: by 2002:a17:906:c1c9:: with SMTP id bw9mr32535404ejb.3.1632196836371; Mon, 20 Sep 2021 21:00:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632196836; cv=none; d=google.com; s=arc-20160816; b=h1xTVzco7jqzxFBVT4VFXtJcfxCLhfCHmOrfDoBIWksRcXYAACkRz+yJ2ZzvT0RTbB J/jlLQ+4wL9XUYWt9r/Op8ATyIfH73ly9uOD6sW+b6BVyogK6eF/Y2zp5zBzBdesONR4 v8VjFKmJf4/VWspvjR4QXLSs5FIq4urEG2FFSy6RPAfgzvhL7LeXT0jIIjWQvRfncKlz SzGJo60yaEcQ9AJcIXAmQ41Fs6/gkDzvRf/cDc0vsHw+wQk7k/payad6GgEwMS7JVhaw 7WLOv5jD5sYD6ee9/ACHvU2XrMf5j+KxzDRrWO+G352OoAGRV44PoyVDki+OeKs2Oylg YH8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=CSvzruZ7yrH3cGppBMPI3R0ozg6uVIR6o4wSeRhpPb4=; b=G1lUeSLwKHvoS04B6voHZI+5d9V6XcCxF7W0R7fkdNBalCd94rNTlds8VmDSQfbb+p MwsXO2e/d6ukPACuJV6xBO2+ARWXRbCbyBWm2aZ8shgyYhRKM0umNvoGACnxKFIj/1Yw offKmjAVeaYrD4Sg7AXA34azyeHlBPfriPgtGYXbHmp3hImPZx2CyQrKzN8y0fX5nwkm d4c2mQ/YMwVxTuVLpoOHpRmPcjq1aLaP8VSYWx16cDQi/17yXyp17tIulNx4DbA8o1Bk TXbFVLaR1+riL4FvjYjfc3LXmsZzgTWjWI0dzy425cOvVSgPw/VW2zjS10PpqyBJoBlB jbig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=LDjsVKKm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 21si10747407ejc.493.2021.09.20.21.00.12; Mon, 20 Sep 2021 21:00:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=LDjsVKKm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244053AbhIUCHj (ORCPT + 99 others); Mon, 20 Sep 2021 22:07:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32946 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236811AbhIUBvb (ORCPT ); Mon, 20 Sep 2021 21:51:31 -0400 Received: from mail-lf1-x136.google.com (mail-lf1-x136.google.com [IPv6:2a00:1450:4864:20::136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8C9C5C0612A4 for ; Mon, 20 Sep 2021 15:46:06 -0700 (PDT) Received: by mail-lf1-x136.google.com with SMTP id g41so41287991lfv.1 for ; Mon, 20 Sep 2021 15:46:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CSvzruZ7yrH3cGppBMPI3R0ozg6uVIR6o4wSeRhpPb4=; b=LDjsVKKmmK9IHt+0xSI4WhrZQsDZOajyP74jFpI8bn/RHKfwdF3Ntdcp/J0brBth6M rTFcXjE1Q4MISd6lo+ge52o8NsB3m0d7+jizr2EyMR9RJyZIV7tZwLV46WUCc9pBPv23 ITXPDL/fZ/d87T0+EoSZ8Tgcw0UMBm/5jCT2s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CSvzruZ7yrH3cGppBMPI3R0ozg6uVIR6o4wSeRhpPb4=; b=HGddwrPb1oyOMQxH9Uax2LxQQc49l9EV5tOfYh0ytSOeaBeoRaLq8H6Eh4EGyLPa3V xR5v51G6+r/GIbFJ5ZoWvr6B4PqxbBTYXXpz6Yx20P8JdEykkHj3rTmsIUbeG+wFa7sz /w5YR+Zdgh8zXCa2V6T8L+9TlifF298lmSlxybLeOlpTEWY2Dcs4NKqM3henSSUvdgvy F5xH9W5595DwQJ9XZoqqNAw1hKwAKWCN/PtzhuHRO5QJAyf9lZYeL7PEoL4h0+pO7scM sTEvptjtgei0twIekDlxv5oGfendCww/al06603lLPPk+p5KxbarjUXymtGziRS40Rrd btAQ== X-Gm-Message-State: AOAM531DpsV/CNmHlbvJEHl7TDc96Eh1zxCCDqtj6DAyAOo9nOGvm07Q MD49kwcvUo6IC00xvXgIVDoe3UjCl4/mkIHJM3U= X-Received: by 2002:a2e:858e:: with SMTP id b14mr24369792lji.508.1632177964548; Mon, 20 Sep 2021 15:46:04 -0700 (PDT) Received: from mail-lf1-f53.google.com (mail-lf1-f53.google.com. [209.85.167.53]) by smtp.gmail.com with ESMTPSA id a26sm1365436lfg.193.2021.09.20.15.46.03 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 20 Sep 2021 15:46:04 -0700 (PDT) Received: by mail-lf1-f53.google.com with SMTP id t10so67562666lfd.8 for ; Mon, 20 Sep 2021 15:46:03 -0700 (PDT) X-Received: by 2002:a05:6512:12c4:: with SMTP id p4mr1896311lfg.280.1632177963635; Mon, 20 Sep 2021 15:46:03 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Mon, 20 Sep 2021 15:45:47 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [GIT PULL] ksmbd server security fixes To: Steve French Cc: CIFS , LKML Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Sep 19, 2021 at 7:22 AM Steve French wrote: > > 3 ksmbd fixes: including an important security fix for path > processing, and a missing buffer overflow check, and a trivial fix for > incorrect header inclusion > > There are three additional patches (and also a patch to improve > symlink checks) for other buffer overflow cases that are being > reviewed and tested. Note that if you are working on a path basis, you should really take a look at our vfs lookup_flags, and LOOKUP_BENEATH in particular. The way to deal with '..' and symlinks is not to try to figure it out yourself. You'll get it wrong, partly because the races with rename are quite interesting. The VFS layer knows how to limit pathname lookup to the particular directory you started in these days. Of course, that is only true for the actual path lookup functions. Once you start doing things manually one component at a time yourself, you're on your own. Linus