Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp3905012rwi;
        Sat, 22 Oct 2022 01:58:15 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM7kACcQT0c7g1VKzbsKzblflhYJ6BPR075bYC/Mvk5JnClQMtJY0WUjHPVWFrU75nl3cIVw
X-Received: by 2002:a05:6402:2949:b0:451:fabf:d88a with SMTP id ed9-20020a056402294900b00451fabfd88amr21009492edb.324.1666429095707;
        Sat, 22 Oct 2022 01:58:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1666429095; cv=none;
        d=google.com; s=arc-20160816;
        b=NDIgNRuIN/IbN5w9hc3flcKHNiFFVbfdcjVczMPsSGNEDaNpsDq2Mc4xIxQVdTNRD7
         9wdnAig6Gp83fCP4TY/0i9KJVBYrQ4LJK5LifGi+BOZFl9/Ii5Mpy+SqBHYQUxCcZZLu
         COGEYieAXmncKCrn/uhgd8x2AhXRKGyno9Ceqf9wZZh7E0hxQ2zSbltjQ9VNbJ0JKub+
         atB5AlfnWsFMOoxWbP8d1bnQOcYC60Oxfjt4YPX29Qk7kTrvTMQom3Sk91zwn63UU+/e
         CcVc2asOZqMfadDWcHI9X8dt23PZvFUxf0hfagGk0r1d+XEMZDLmlQ9wJ+JIPMEfi+eE
         jqfw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=5qxlKD239SAObHbe+oQ5t/YT3p6LsO/5eHwdsOHzIqg=;
        b=rfpqAWsqCSh39xgFfmh0aR9M5KNzUJWBXIEA1vyfcA0eahzCDce/VzUcNt5sTAWrto
         2CKTHtZz1SJT6gyJx2HRhcOIcJKK7QGMngZEgo00wpAFZ3LxT3V+NNZSAl/lnmfuSmg+
         USU6z17sCZVZo+fFqAEu2m/OVpp3SdKOlu71SekYC8jOWXg/IicgH42C9JIOC/8mo4pc
         Hg743Toayd5QEGCtCSvYfyLAga7bgvwH/qKJpXa5fK206oqYpPHxQMM0RIbdYY8/awQr
         XCyAyIHk/XcEdWVR4S2PPaultGp8ZrdZwyXbywtlOSQAjnz66riUO4TcfV2/099c9r8e
         10+A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=B3upmPbI;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id o19-20020a170906975300b00787b0b0a96esi15732099ejy.131.2022.10.22.01.57.41;
        Sat, 22 Oct 2022 01:58:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=B3upmPbI;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231154AbiJVHtp (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Sat, 22 Oct 2022 03:49:45 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47176 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231464AbiJVHsW (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 22 Oct 2022 03:48:22 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6DA091162E8;
        Sat, 22 Oct 2022 00:45:14 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 9301160B7B;
        Sat, 22 Oct 2022 07:40:05 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id A8D8BC433D6;
        Sat, 22 Oct 2022 07:40:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1666424405;
        bh=YM3SqOcd6qfQDxgru8hP2ZRk2JPDBV2YiiP87EKq/UA=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=B3upmPbIg6/CZ+wrdDvUJbUoJpKkP6xT87KsRbR5cBpwZ5dNhfASOP9io5QBL6T1k
         h7T9cwVJTlpoTq6yHlmhdydZk3un+YWSZ45oXTELYKEvsWvZdQ5r/vy2KzpSaa+HgX
         oW/Sc9p4yAFPu4s8ZvSPuprKnNT10oD0a4af2l9w=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Hyunchul Lee <hyc.lee@gmail.com>,
        Namjae Jeon <linkinjeon@kernel.org>,
        Steve French <stfrench@microsoft.com>
Subject: [PATCH 5.19 102/717] ksmbd: fix incorrect handling of iterate_dir
Date:   Sat, 22 Oct 2022 09:19:41 +0200
Message-Id: <20221022072433.424389283@linuxfoundation.org>
X-Mailer: git-send-email 2.38.1
In-Reply-To: <20221022072415.034382448@linuxfoundation.org>
References: <20221022072415.034382448@linuxfoundation.org>
User-Agent: quilt/0.67
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Namjae Jeon <linkinjeon@kernel.org>

commit 88541cb414b7a2450c45fc9c131b37b5753b7679 upstream.

if iterate_dir() returns non-negative value, caller has to treat it
as normal and check there is any error while populating dentry
information. ksmbd doesn't have to do anything because ksmbd already
checks too small OutputBufferLength to store one file information.

And because ctx->pos is set to file->f_pos when iterative_dir is called,
remove restart_ctx(). And if iterate_dir() return -EIO, which mean
directory entry is corrupted, return STATUS_FILE_CORRUPT_ERROR error
response.

This patch fixes some failure of SMB2_QUERY_DIRECTORY, which happens when
ntfs3 is local filesystem.

Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable@vger.kernel.org
Signed-off-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 fs/ksmbd/smb2pdu.c |   14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3798,11 +3798,6 @@ static int __query_dir(struct dir_contex
 	return 0;
 }
 
-static void restart_ctx(struct dir_context *ctx)
-{
-	ctx->pos = 0;
-}
-
 static int verify_info_level(int info_level)
 {
 	switch (info_level) {
@@ -3911,7 +3906,6 @@ int smb2_query_dir(struct ksmbd_work *wo
 	if (srch_flag & SMB2_REOPEN || srch_flag & SMB2_RESTART_SCANS) {
 		ksmbd_debug(SMB, "Restart directory scan\n");
 		generic_file_llseek(dir_fp->filp, 0, SEEK_SET);
-		restart_ctx(&dir_fp->readdir_data.ctx);
 	}
 
 	memset(&d_info, 0, sizeof(struct ksmbd_dir_info));
@@ -3958,11 +3952,9 @@ int smb2_query_dir(struct ksmbd_work *wo
 	 */
 	if (!d_info.out_buf_len && !d_info.num_entry)
 		goto no_buf_len;
-	if (rc == 0)
-		restart_ctx(&dir_fp->readdir_data.ctx);
-	if (rc == -ENOSPC)
+	if (rc > 0 || rc == -ENOSPC)
 		rc = 0;
-	if (rc)
+	else if (rc)
 		goto err_out;
 
 	d_info.wptr = d_info.rptr;
@@ -4019,6 +4011,8 @@ err_out2:
 		rsp->hdr.Status = STATUS_NO_MEMORY;
 	else if (rc == -EFAULT)
 		rsp->hdr.Status = STATUS_INVALID_INFO_CLASS;
+	else if (rc == -EIO)
+		rsp->hdr.Status = STATUS_FILE_CORRUPT_ERROR;
 	if (!rsp->hdr.Status)
 		rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;