[PATCH RFC v3 0/3] smb: fix minimum PDU size

[PATCH RFC v3 0/3] smb: fix minimum PDU size

[chenxiaosong.chenxiaosong]

From: ChenXiaoSong <chenxiaosong@kylinos.cn>

If my understanding is incorrect, please let me know.

v1: https://lore.kernel.org/all/20251218171038.55266-1-chenxiaosong.chenxiaosong@linux.dev/
v1->v3:
  - Create patch #0001 #0003
  - Patch #0002: update value of SMB2_MIN_SUPPORTED_PDU_SIZE

v2: https://lore.kernel.org/linux-cifs/20251219170057.337496-1-chenxiaosong.chenxiaosong@linux.dev/
v2->v3:
  - Patch #0002: fix typo in commit message (smb_pdu -> smb2_pdu)

ChenXiaoSong (3):
  smb/server: fix minimum SMB1 PDU size
  smb/server: fix minimum SMB2 PDU size
  smb: use sizeof() to get __SMB2_HEADER_STRUCTURE_SIZE

 fs/smb/common/smb1pdu.h    | 5 +++++
 fs/smb/common/smb2pdu.h    | 8 ++++----
 fs/smb/server/connection.c | 8 ++++----
 3 files changed, 13 insertions(+), 8 deletions(-)

-- 
2.43.0

[PATCH RFC v3 1/3] smb/server: fix minimum SMB1 PDU size

[chenxiaosong.chenxiaosong]

From: ChenXiaoSong <chenxiaosong@kylinos.cn>

Since the RFC1002 header has been removed from `struct smb_hdr`,
the minimum SMB1 PDU size should be updated as well.

Fixes: 83bfbd0bb902 ("cifs: Remove the RFC1002 header from smb_hdr")
Suggested-by: David Howells <dhowells@redhat.com>
Suggested-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
---
 fs/smb/common/smb1pdu.h    | 5 +++++
 fs/smb/server/connection.c | 4 ++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/fs/smb/common/smb1pdu.h b/fs/smb/common/smb1pdu.h
index df6d4e11ae92..3c5332a82ea7 100644
--- a/fs/smb/common/smb1pdu.h
+++ b/fs/smb/common/smb1pdu.h
@@ -53,4 +53,9 @@ typedef struct smb_negotiate_req {
 	unsigned char DialectsArray[];
 } __packed SMB_NEGOTIATE_REQ;
 
+struct smb_pdu {
+	struct smb_hdr;
+	__le16 ByteCount;
+} __packed;
+
 #endif /* _COMMON_SMB1_PDU_H */
diff --git a/fs/smb/server/connection.c b/fs/smb/server/connection.c
index b6b4f1286b9c..f372486ebcc5 100644
--- a/fs/smb/server/connection.c
+++ b/fs/smb/server/connection.c
@@ -295,7 +295,7 @@ bool ksmbd_conn_alive(struct ksmbd_conn *conn)
 	return true;
 }
 
-#define SMB1_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb_hdr))
+#define SMB1_MIN_SUPPORTED_PDU_SIZE (sizeof(struct smb_pdu))
 #define SMB2_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr) + 4)
 
 /**
@@ -363,7 +363,7 @@ int ksmbd_conn_handler_loop(void *p)
 		if (pdu_size > MAX_STREAM_PROT_LEN)
 			break;
 
-		if (pdu_size < SMB1_MIN_SUPPORTED_HEADER_SIZE)
+		if (pdu_size < SMB1_MIN_SUPPORTED_PDU_SIZE)
 			break;
 
 		/* 4 for rfc1002 length field */
-- 
2.43.0

[PATCH RFC v3 2/3] smb/server: fix minimum SMB2 PDU size

[chenxiaosong.chenxiaosong]

From: ChenXiaoSong <chenxiaosong@kylinos.cn>

The minimum SMB2 PDU size should be updated to the size of
`struct smb2_pdu`.

Suggested-by: David Howells <dhowells@redhat.com>
Suggested-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
---
 fs/smb/server/connection.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/smb/server/connection.c b/fs/smb/server/connection.c
index f372486ebcc5..4a8eb4fef763 100644
--- a/fs/smb/server/connection.c
+++ b/fs/smb/server/connection.c
@@ -296,7 +296,7 @@ bool ksmbd_conn_alive(struct ksmbd_conn *conn)
 }
 
 #define SMB1_MIN_SUPPORTED_PDU_SIZE (sizeof(struct smb_pdu))
-#define SMB2_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr) + 4)
+#define SMB2_MIN_SUPPORTED_PDU_SIZE (sizeof(struct smb2_pdu))
 
 /**
  * ksmbd_conn_handler_loop() - session thread to listen on new smb requests
@@ -396,7 +396,7 @@ int ksmbd_conn_handler_loop(void *p)
 
 		if (((struct smb2_hdr *)smb2_get_msg(conn->request_buf))->ProtocolId ==
 		    SMB2_PROTO_NUMBER) {
-			if (pdu_size < SMB2_MIN_SUPPORTED_HEADER_SIZE)
+			if (pdu_size < SMB2_MIN_SUPPORTED_PDU_SIZE)
 				break;
 		}
 
-- 
2.43.0

[PATCH RFC v3 3/3] smb: use sizeof() to get __SMB2_HEADER_STRUCTURE_SIZE

[chenxiaosong.chenxiaosong]

From: ChenXiaoSong <chenxiaosong@kylinos.cn>

I have checked the size of the structure using GDB:

  gdb ./build/fs/smb/server/ksmbd.ko
  (gdb) p sizeof(struct smb2_hdr)
  $1 = 64

  gdb ./build/fs/smb/client/cifs.ko
  (gdb) p sizeof(struct smb2_hdr)
  $1 = 64

Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
---
 fs/smb/common/smb2pdu.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/fs/smb/common/smb2pdu.h b/fs/smb/common/smb2pdu.h
index f5ebbe31384a..f2a6b7191f43 100644
--- a/fs/smb/common/smb2pdu.h
+++ b/fs/smb/common/smb2pdu.h
@@ -107,10 +107,6 @@
  *
  */
 
-#define __SMB2_HEADER_STRUCTURE_SIZE	64
-#define SMB2_HEADER_STRUCTURE_SIZE				\
-	cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE)
-
 #define SMB2_PROTO_NUMBER cpu_to_le32(0x424d53fe)
 #define SMB2_TRANSFORM_PROTO_NUM cpu_to_le32(0x424d53fd)
 #define SMB2_COMPRESSION_TRANSFORM_ID cpu_to_le32(0x424d53fc)
@@ -157,6 +153,10 @@ struct smb2_hdr {
 	__u8   Signature[16];
 } __packed;
 
+#define __SMB2_HEADER_STRUCTURE_SIZE	(sizeof(struct smb2_hdr))
+#define SMB2_HEADER_STRUCTURE_SIZE				\
+	cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE)
+
 struct smb3_hdr_req {
 	__le32 ProtocolId;	/* 0xFE 'S' 'M' 'B' */
 	__le16 StructureSize;	/* 64 */
-- 
2.43.0

Re: [PATCH RFC v3 1/3] smb/server: fix minimum SMB1 PDU size

[Namjae Jeon]

On Sat, Dec 20, 2025 at 8:55 AM <chenxiaosong.chenxiaosong@linux.dev> wrote:
>
> From: ChenXiaoSong <chenxiaosong@kylinos.cn>
>
> Since the RFC1002 header has been removed from `struct smb_hdr`,
> the minimum SMB1 PDU size should be updated as well.
>
> Fixes: 83bfbd0bb902 ("cifs: Remove the RFC1002 header from smb_hdr")
> Suggested-by: David Howells <dhowells@redhat.com>
> Suggested-by: Namjae Jeon <linkinjeon@kernel.org>
> Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
> ---
>  fs/smb/common/smb1pdu.h    | 5 +++++
>  fs/smb/server/connection.c | 4 ++--
>  2 files changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/fs/smb/common/smb1pdu.h b/fs/smb/common/smb1pdu.h
> index df6d4e11ae92..3c5332a82ea7 100644
> --- a/fs/smb/common/smb1pdu.h
> +++ b/fs/smb/common/smb1pdu.h
> @@ -53,4 +53,9 @@ typedef struct smb_negotiate_req {
>         unsigned char DialectsArray[];
>  } __packed SMB_NEGOTIATE_REQ;
>
> +struct smb_pdu {
> +       struct smb_hdr;
> +       __le16 ByteCount;
> +} __packed;
I don't prefer adding unused structure for size. Please use + 2 and
add a comment to clarify why it's there.
> +
>  #endif /* _COMMON_SMB1_PDU_H */
> diff --git a/fs/smb/server/connection.c b/fs/smb/server/connection.c
> index b6b4f1286b9c..f372486ebcc5 100644
> --- a/fs/smb/server/connection.c
> +++ b/fs/smb/server/connection.c
> @@ -295,7 +295,7 @@ bool ksmbd_conn_alive(struct ksmbd_conn *conn)
>         return true;
>  }
>
> -#define SMB1_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb_hdr))
> +#define SMB1_MIN_SUPPORTED_PDU_SIZE (sizeof(struct smb_pdu))
>  #define SMB2_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr) + 4)
>
>  /**
> @@ -363,7 +363,7 @@ int ksmbd_conn_handler_loop(void *p)
>                 if (pdu_size > MAX_STREAM_PROT_LEN)
>                         break;
>
> -               if (pdu_size < SMB1_MIN_SUPPORTED_HEADER_SIZE)
> +               if (pdu_size < SMB1_MIN_SUPPORTED_PDU_SIZE)
>                         break;
>
>                 /* 4 for rfc1002 length field */
> --
> 2.43.0
>

Re: [PATCH RFC v3 3/3] smb: use sizeof() to get __SMB2_HEADER_STRUCTURE_SIZE

[Namjae Jeon]

On Sat, Dec 20, 2025 at 8:55 AM <chenxiaosong.chenxiaosong@linux.dev> wrote:
>
> From: ChenXiaoSong <chenxiaosong@kylinos.cn>
>
> I have checked the size of the structure using GDB:
>
>   gdb ./build/fs/smb/server/ksmbd.ko
>   (gdb) p sizeof(struct smb2_hdr)
>   $1 = 64
>
>   gdb ./build/fs/smb/client/cifs.ko
>   (gdb) p sizeof(struct smb2_hdr)
>   $1 = 64
>
> Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
When reading the patch description, I don't know why this change is needed.
You don't need to include this patch on the v3 patch-set.
Thanks!
> ---
>  fs/smb/common/smb2pdu.h | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/fs/smb/common/smb2pdu.h b/fs/smb/common/smb2pdu.h
> index f5ebbe31384a..f2a6b7191f43 100644
> --- a/fs/smb/common/smb2pdu.h
> +++ b/fs/smb/common/smb2pdu.h
> @@ -107,10 +107,6 @@
>   *
>   */
>
> -#define __SMB2_HEADER_STRUCTURE_SIZE   64
> -#define SMB2_HEADER_STRUCTURE_SIZE                             \
> -       cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE)
> -
>  #define SMB2_PROTO_NUMBER cpu_to_le32(0x424d53fe)
>  #define SMB2_TRANSFORM_PROTO_NUM cpu_to_le32(0x424d53fd)
>  #define SMB2_COMPRESSION_TRANSFORM_ID cpu_to_le32(0x424d53fc)
> @@ -157,6 +153,10 @@ struct smb2_hdr {
>         __u8   Signature[16];
>  } __packed;
>
> +#define __SMB2_HEADER_STRUCTURE_SIZE   (sizeof(struct smb2_hdr))
> +#define SMB2_HEADER_STRUCTURE_SIZE                             \
> +       cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE)
> +
>  struct smb3_hdr_req {
>         __le32 ProtocolId;      /* 0xFE 'S' 'M' 'B' */
>         __le16 StructureSize;   /* 64 */
> --
> 2.43.0
>

Re: [PATCH RFC v3 2/3] smb/server: fix minimum SMB2 PDU size

[ChenXiaoSong]

Hi Namjae,

Thank you for reviewing patch 01 and 03. I will update the patches 
according to your suggestions.

Do you have any suggestions for this patch 02?

Thanks,
ChenXiaoSong.

On 12/20/25 7:54 AM, chenxiaosong.chenxiaosong@linux.dev wrote:
> From: ChenXiaoSong <chenxiaosong@kylinos.cn>
> 
> The minimum SMB2 PDU size should be updated to the size of
> `struct smb2_pdu`.
> 
> Suggested-by: David Howells <dhowells@redhat.com>
> Suggested-by: Namjae Jeon <linkinjeon@kernel.org>
> Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
> ---
>   fs/smb/server/connection.c | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/smb/server/connection.c b/fs/smb/server/connection.c
> index f372486ebcc5..4a8eb4fef763 100644
> --- a/fs/smb/server/connection.c
> +++ b/fs/smb/server/connection.c
> @@ -296,7 +296,7 @@ bool ksmbd_conn_alive(struct ksmbd_conn *conn)
>   }
>   
>   #define SMB1_MIN_SUPPORTED_PDU_SIZE (sizeof(struct smb_pdu))
> -#define SMB2_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr) + 4)
> +#define SMB2_MIN_SUPPORTED_PDU_SIZE (sizeof(struct smb2_pdu))
>   
>   /**
>    * ksmbd_conn_handler_loop() - session thread to listen on new smb requests
> @@ -396,7 +396,7 @@ int ksmbd_conn_handler_loop(void *p)
>   
>   		if (((struct smb2_hdr *)smb2_get_msg(conn->request_buf))->ProtocolId ==
>   		    SMB2_PROTO_NUMBER) {
> -			if (pdu_size < SMB2_MIN_SUPPORTED_HEADER_SIZE)
> +			if (pdu_size < SMB2_MIN_SUPPORTED_PDU_SIZE)
>   				break;
>   		}
>   

Re: [PATCH RFC v3 3/3] smb: use sizeof() to get __SMB2_HEADER_STRUCTURE_SIZE

[David Howells]

Namjae Jeon <linkinjeon@kernel.org> wrote:

> > +#define __SMB2_HEADER_STRUCTURE_SIZE   (sizeof(struct smb2_hdr))
> > +#define SMB2_HEADER_STRUCTURE_SIZE                             \
> > +       cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE)
> > +

You don't want to use this SMB2_HEADER_STRUCTURE_SIZE for your comparison as
it's little-endian if that's your intent.

David

Re: [PATCH RFC v3 3/3] smb: use sizeof() to get __SMB2_HEADER_STRUCTURE_SIZE

[ChenXiaoSong]

This was just an incidental change and is unrelated to the issue we are 
fixing.

I will drop this patch in the next version.

Thanks,
ChenXiaoSong.

On 12/20/25 4:47 PM, David Howells wrote:
> You don't want to use this SMB2_HEADER_STRUCTURE_SIZE for your comparison as
> it's little-endian if that's your intent.