Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp983662rwi;
        Wed, 19 Oct 2022 05:29:07 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM4ndsChoaJhYCg5eK/NRfc6Wpb5gx4RFaLEp2CejdkFLqnJ9ETbyqf/KA+pE9M72ot7Ib3m
X-Received: by 2002:a63:ea48:0:b0:43c:69c4:68d4 with SMTP id l8-20020a63ea48000000b0043c69c468d4mr7108840pgk.416.1666182547189;
        Wed, 19 Oct 2022 05:29:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1666182547; cv=none;
        d=google.com; s=arc-20160816;
        b=bieY4sdefY1VHOyrjPUL7UCghcHhxsCjvekWmkVs7vIpsejgmgEYmyq22TYkaoAPRW
         57OwUuT56Y1BQz95Cm+SDgWWz89Do6eFg3nqz/B+gbdox6ny+Jwkyz2s5d/S8DGcWYae
         DGsYuDOqldu3vOZcMlp6gY1lMyg4U0pxCsY1/J0PhE8Y3AwnbrLphkjLcRea9IZbsgAf
         Jp9bKbcERLBOlx8kWvtOZC7y9D7PE/aS12z/0JZ5n0huo/EE9xEAK0TGELmDbYxJ5DYl
         69cquF+WTBKBkF/Rn4NxcwrqF+kilsNbPsAOTl+m/H9V5pU8nRqqSMBPHTTcfMdwd/Dz
         qehA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=S5xSSGh7EJ6oAJETeInC6CrJLz3f2vN3RwUFl3HvtN4=;
        b=eKSEJc3BAbcukcX4TlqAqeP/I7etyteACA5IsYxK5ORKe8KJ/06KdlS+Tf2j8rp4bp
         //YFMvuffNa/A3uU98JJ+SSI91r4RKnT5z0Mvl1yaACqGNDEguU5T8XYOt1Dhxxjea8p
         Qyd/n4PZkDJev2XAucLilHx5KKgmyPQofxiTQBAp2PPDCJEwYj6DT+6x0Aeh0w89bx2v
         0jMCS/r8e+6oKTCCnckvTC68tC2yd3btKK8jWZT3N43x9cGjYmidtsCj9mjp+WwmuGbb
         gyKwIzljKOXn9YDuG4cvgAv8e7fUprn58Io7rq7VLFoyOT2ySO1RoKbiCtxEi0/lZrBw
         HG0Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1w0wdQP1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id q14-20020a17090311ce00b001789fa8f90esi20935314plh.408.2022.10.19.05.28.49;
        Wed, 19 Oct 2022 05:29:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1w0wdQP1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229993AbiJSMTN (ORCPT <rfc822;artur.folwarczny@gmail.com>
        + 99 others); Wed, 19 Oct 2022 08:19:13 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38898 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232902AbiJSMST (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 19 Oct 2022 08:18:19 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E00AFFF223;
        Wed, 19 Oct 2022 04:53:57 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id EF687B822CE;
        Wed, 19 Oct 2022 08:44:36 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5408FC433D6;
        Wed, 19 Oct 2022 08:44:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1666169075;
        bh=rCyFVxv5D3nRejcezEL/j3R7yTl+gDdfILEu0MAjraw=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=1w0wdQP1vfGdVGhprDeEd14L0lB5Cv//SNYkZWTX6uyA6sOLQ8TEm5EonU2N36Qmf
         J6jMFObN+6Liy/L+GzN3POwGMGlvqi1BGhi/2RrbswEOpTdPtUq3U8X1x5W6GmK2uN
         6a9ttUgsd7wyElex7kHOngXqTZFy5JnPvjpD1cxo=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Hyunchul Lee <hyc.lee@gmail.com>,
        Namjae Jeon <linkinjeon@kernel.org>,
        Steve French <stfrench@microsoft.com>
Subject: [PATCH 6.0 113/862] ksmbd: fix incorrect handling of iterate_dir
Date:   Wed, 19 Oct 2022 10:23:20 +0200
Message-Id: <20221019083254.912900126@linuxfoundation.org>
X-Mailer: git-send-email 2.38.0
In-Reply-To: <20221019083249.951566199@linuxfoundation.org>
References: <20221019083249.951566199@linuxfoundation.org>
User-Agent: quilt/0.67
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Namjae Jeon <linkinjeon@kernel.org>

commit 88541cb414b7a2450c45fc9c131b37b5753b7679 upstream.

if iterate_dir() returns non-negative value, caller has to treat it
as normal and check there is any error while populating dentry
information. ksmbd doesn't have to do anything because ksmbd already
checks too small OutputBufferLength to store one file information.

And because ctx->pos is set to file->f_pos when iterative_dir is called,
remove restart_ctx(). And if iterate_dir() return -EIO, which mean
directory entry is corrupted, return STATUS_FILE_CORRUPT_ERROR error
response.

This patch fixes some failure of SMB2_QUERY_DIRECTORY, which happens when
ntfs3 is local filesystem.

Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable@vger.kernel.org
Signed-off-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 fs/ksmbd/smb2pdu.c |   14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3808,11 +3808,6 @@ static int __query_dir(struct dir_contex
 	return 0;
 }
 
-static void restart_ctx(struct dir_context *ctx)
-{
-	ctx->pos = 0;
-}
-
 static int verify_info_level(int info_level)
 {
 	switch (info_level) {
@@ -3921,7 +3916,6 @@ int smb2_query_dir(struct ksmbd_work *wo
 	if (srch_flag & SMB2_REOPEN || srch_flag & SMB2_RESTART_SCANS) {
 		ksmbd_debug(SMB, "Restart directory scan\n");
 		generic_file_llseek(dir_fp->filp, 0, SEEK_SET);
-		restart_ctx(&dir_fp->readdir_data.ctx);
 	}
 
 	memset(&d_info, 0, sizeof(struct ksmbd_dir_info));
@@ -3968,11 +3962,9 @@ int smb2_query_dir(struct ksmbd_work *wo
 	 */
 	if (!d_info.out_buf_len && !d_info.num_entry)
 		goto no_buf_len;
-	if (rc == 0)
-		restart_ctx(&dir_fp->readdir_data.ctx);
-	if (rc == -ENOSPC)
+	if (rc > 0 || rc == -ENOSPC)
 		rc = 0;
-	if (rc)
+	else if (rc)
 		goto err_out;
 
 	d_info.wptr = d_info.rptr;
@@ -4029,6 +4021,8 @@ err_out2:
 		rsp->hdr.Status = STATUS_NO_MEMORY;
 	else if (rc == -EFAULT)
 		rsp->hdr.Status = STATUS_INVALID_INFO_CLASS;
+	else if (rc == -EIO)
+		rsp->hdr.Status = STATUS_FILE_CORRUPT_ERROR;
 	if (!rsp->hdr.Status)
 		rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;