[SRU][Xenial][Zesty][Artful][PATCH 0/1] SMB3: Validate negotiate request must always be signed

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

[SRU][Xenial][Zesty][Artful][PATCH 0/1] SMB3: Validate negotiate request must always be signed

Joseph Salisbury-3
BugLink: http://bugs.launchpad.net/bugs/1729337

== SRU Justification ==
The bug reporter stated they have a cluster of servers that applied Xenial updates
and then were unable to mount CIFS shares after upgrading to 4.4.0-98. The
same machines on 4.4.0-97 do not hit the regression.  It was found that the
regression is fixed by mainline commit:
4587eee04e2a ("SMB3: Validate negotiate request must always be signed").

This fix is required in all Ubuntu supported releases.  Commit 4587eee04e2a
landed in mailine as of 4.14-rc7.  It  was also cc'd to upstream stable,
but it has not landed in any stable releases yet, which is the reason for
this SRU.  

Commit 4587eee04e2a is also required in Trusty, but Trusty needs a minor backort,
so it's SRU will be sent seperate.

   
== Fix ==
commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd
Author: Steve French <[hidden email]>
Date:   Wed Oct 25 15:58:31 2017 -0500
    SMB3: Validate negotiate request must always be signed

== Regression Potential ==
This patch is to fix a regression.  It was also cc'd to upstream stable, so
it received addition review upstream.

== Test Case ==
A test kernel was built with this patch and tested by the original bug reporter.
The bug reporter states the test kernel resolved the bug.

Steve French (1):
  SMB3: Validate negotiate request must always be signed

 fs/cifs/smb2pdu.c | 3 +++
 1 file changed, 3 insertions(+)

--
2.7.4


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

[SRU][Xenial][Zesty][Artful][PATCH 1/1] SMB3: Validate negotiate request must always be signed

Joseph Salisbury-3
From: Steve French <[hidden email]>

BugLink: http://bugs.launchpad.net/bugs/1729337

According to MS-SMB2 3.2.55 validate_negotiate request must
always be signed. Some Windows can fail the request if you send it unsigned

See kernel bugzilla bug 197311

CC: Stable <[hidden email]>
Acked-by: Ronnie Sahlberg <lsahlber.redhat.com>
Signed-off-by: Steve French <[hidden email]>
(cherry picked from commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd)
Signed-off-by: Joseph Salisbury <[hidden email]>
---
 fs/cifs/smb2pdu.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 7aa6720..58ce078 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -1888,6 +1888,9 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid,
  } else
  iov[0].iov_len = get_rfc1002_length(req) + 4;
 
+ /* validate negotiate request must be signed - see MS-SMB2 3.2.5.5 */
+ if (opcode == FSCTL_VALIDATE_NEGOTIATE_INFO)
+ req->hdr.sync_hdr.Flags |= SMB2_FLAGS_SIGNED;
 
  rc = SendReceive2(xid, ses, iov, n_iov, &resp_buftype, flags, &rsp_iov);
  cifs_small_buf_release(req);
--
2.7.4


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

ACK/cmnt[X/Z]: [SRU][Xenial][Zesty][Artful][PATCH 1/1] SMB3: Validate negotiate request must always be signed

Kleber Souza
On 11/03/17 17:44, Joseph Salisbury wrote:

> From: Steve French <[hidden email]>
>
> BugLink: http://bugs.launchpad.net/bugs/1729337
>
> According to MS-SMB2 3.2.55 validate_negotiate request must
> always be signed. Some Windows can fail the request if you send it unsigned
>
> See kernel bugzilla bug 197311
>
> CC: Stable <[hidden email]>
> Acked-by: Ronnie Sahlberg <lsahlber.redhat.com>
> Signed-off-by: Steve French <[hidden email]>
> (cherry picked from commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd)
> Signed-off-by: Joseph Salisbury <[hidden email]>
> ---
>  fs/cifs/smb2pdu.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index 7aa6720..58ce078 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -1888,6 +1888,9 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid,
>   } else
>   iov[0].iov_len = get_rfc1002_length(req) + 4;
>  
> + /* validate negotiate request must be signed - see MS-SMB2 3.2.5.5 */
> + if (opcode == FSCTL_VALIDATE_NEGOTIATE_INFO)
> + req->hdr.sync_hdr.Flags |= SMB2_FLAGS_SIGNED;
>  
>   rc = SendReceive2(xid, ses, iov, n_iov, &resp_buftype, flags, &rsp_iov);
>   cifs_small_buf_release(req);
>

The fix is already on the queue for Artful as update to 4.13.11 stable
release. So for Xenial and Zesty:

Acked-by: Kleber Sacilotto de Souza <[hidden email]>

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

ACK: [SRU][Xenial][Zesty][Artful][PATCH 1/1] SMB3: Validate negotiate request must always be signed

Stefan Bader-2
In reply to this post by Joseph Salisbury-3
On 03.11.2017 17:44, Joseph Salisbury wrote:

> From: Steve French <[hidden email]>
>
> BugLink: http://bugs.launchpad.net/bugs/1729337
>
> According to MS-SMB2 3.2.55 validate_negotiate request must
> always be signed. Some Windows can fail the request if you send it unsigned
>
> See kernel bugzilla bug 197311
>
> CC: Stable <[hidden email]>
> Acked-by: Ronnie Sahlberg <lsahlber.redhat.com>
> Signed-off-by: Steve French <[hidden email]>
> (cherry picked from commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd)
> Signed-off-by: Joseph Salisbury <[hidden email]>
Acked-by: Stefan Bader <[hidden email]>

> ---
>  fs/cifs/smb2pdu.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index 7aa6720..58ce078 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -1888,6 +1888,9 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid,
>   } else
>   iov[0].iov_len = get_rfc1002_length(req) + 4;
>  
> + /* validate negotiate request must be signed - see MS-SMB2 3.2.5.5 */
> + if (opcode == FSCTL_VALIDATE_NEGOTIATE_INFO)
> + req->hdr.sync_hdr.Flags |= SMB2_FLAGS_SIGNED;
>  
>   rc = SendReceive2(xid, ses, iov, n_iov, &resp_buftype, flags, &rsp_iov);
>   cifs_small_buf_release(req);
>


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team

signature.asc (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

NAK [SRU][Zesty][PATCH 0/1] SMB3: Validate negotiate request must always be signed

Joseph Salisbury-3
In reply to this post by Joseph Salisbury-3
Xenial still required.  Artful already applied.

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

APPLIED[Xenial]: [SRU][Xenial][Zesty][Artful][PATCH 0/1] SMB3: Validate negotiate request must always be signed

Stefan Bader-2
In reply to this post by Joseph Salisbury-3
On 03.11.2017 17:44, Joseph Salisbury wrote:

> BugLink: http://bugs.launchpad.net/bugs/1729337
>
> == SRU Justification ==
> The bug reporter stated they have a cluster of servers that applied Xenial updates
> and then were unable to mount CIFS shares after upgrading to 4.4.0-98. The
> same machines on 4.4.0-97 do not hit the regression.  It was found that the
> regression is fixed by mainline commit:
> 4587eee04e2a ("SMB3: Validate negotiate request must always be signed").
>
> This fix is required in all Ubuntu supported releases.  Commit 4587eee04e2a
> landed in mailine as of 4.14-rc7.  It  was also cc'd to upstream stable,
> but it has not landed in any stable releases yet, which is the reason for
> this SRU.  
>
> Commit 4587eee04e2a is also required in Trusty, but Trusty needs a minor backort,
> so it's SRU will be sent seperate.
>
>    
> == Fix ==
> commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd
> Author: Steve French <[hidden email]>
> Date:   Wed Oct 25 15:58:31 2017 -0500
>     SMB3: Validate negotiate request must always be signed
>
> == Regression Potential ==
> This patch is to fix a regression.  It was also cc'd to upstream stable, so
> it received addition review upstream.
>
> == Test Case ==
> A test kernel was built with this patch and tested by the original bug reporter.
> The bug reporter states the test kernel resolved the bug.
>
> Steve French (1):
>   SMB3: Validate negotiate request must always be signed
>
>  fs/cifs/smb2pdu.c | 3 +++
>  1 file changed, 3 insertions(+)
>
Applied to Xenial master-next. Wondering about the NAK for Zesty: was that
intentional or should that have been Artful (where it is said to be already
applied)?

-Stefan



--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team

signature.asc (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: APPLIED[Xenial]: [SRU][Xenial][Zesty][Artful][PATCH 0/1] SMB3: Validate negotiate request must always be signed

Joseph Salisbury-3
On 11/20/2017 06:09 AM, Stefan Bader wrote:

> On 03.11.2017 17:44, Joseph Salisbury wrote:
>> BugLink: http://bugs.launchpad.net/bugs/1729337
>>
>> == SRU Justification ==
>> The bug reporter stated they have a cluster of servers that applied Xenial updates
>> and then were unable to mount CIFS shares after upgrading to 4.4.0-98. The
>> same machines on 4.4.0-97 do not hit the regression.  It was found that the
>> regression is fixed by mainline commit:
>> 4587eee04e2a ("SMB3: Validate negotiate request must always be signed").
>>
>> This fix is required in all Ubuntu supported releases.  Commit 4587eee04e2a
>> landed in mailine as of 4.14-rc7.  It  was also cc'd to upstream stable,
>> but it has not landed in any stable releases yet, which is the reason for
>> this SRU.  
>>
>> Commit 4587eee04e2a is also required in Trusty, but Trusty needs a minor backort,
>> so it's SRU will be sent seperate.
>>
>>    
>> == Fix ==
>> commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd
>> Author: Steve French <[hidden email]>
>> Date:   Wed Oct 25 15:58:31 2017 -0500
>>     SMB3: Validate negotiate request must always be signed
>>
>> == Regression Potential ==
>> This patch is to fix a regression.  It was also cc'd to upstream stable, so
>> it received addition review upstream.
>>
>> == Test Case ==
>> A test kernel was built with this patch and tested by the original bug reporter.
>> The bug reporter states the test kernel resolved the bug.
>>
>> Steve French (1):
>>   SMB3: Validate negotiate request must always be signed
>>
>>  fs/cifs/smb2pdu.c | 3 +++
>>  1 file changed, 3 insertions(+)
>>
> Applied to Xenial master-next. Wondering about the NAK for Zesty: was that
> intentional or should that have been Artful (where it is said to be already
> applied)?
>
> -Stefan
>
>
Yes, the NAK is needed for Zesty was because the regression was
introduced by commit
0603c96f ("SMB: Validate negotiate (to protect against
downgrade)downgrade) even if signing off").

This commit never made it to Zesty because upstream 4.10 is EOL.


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team

signature.asc (836 bytes) Download Attachment