From: Enzo Matsumiya <ematsumiya@suse.de>
To: Tom Talpey <tom@talpey.com>
Cc: linux-cifs@vger.kernel.org, smfrench@gmail.com, pc@cjr.nz,
ronniesahlberg@gmail.com, nspmangalore@gmail.com
Subject: Re: [PATCH] cifs: verify signature only for valid responses
Date: Sun, 18 Sep 2022 21:21:58 -0300 [thread overview]
Message-ID: <20220919002158.wgta4konh6c4wfjr@suse.de> (raw)
In-Reply-To: <3e03b3ec-f733-06b1-3023-592801414ae8@talpey.com>
Hi Tom,
On 09/17, Tom Talpey wrote:
<snip>
>Wait, we process the message *before* we check the signature??? Apart
>from inspecting the MID and verifying it's a response to a request we
>made, there isn't a lot to cause such an error. See 3.2.5.1.3.
You're right. By processing I actually meant "parsing" done right after
receive, but even that doesn't have many failure spots.
I found that the mids with STATUS_END_OF_FILE are being discarded,
apparently as per 3.2.5.11:
If the Status field of the SMB2 header of the response indicates an
error, the client MUST return the received status code to the calling
application.
What I found is that mid->callback() (smb2_readv_callback()) was being
called from another thread, so even though the mid had been dequeued by
mid->receive() earlier, smb2_readv_callback() was treating it as a
valid (non-NULL), existing (mid_state == MID_RESPONSE_RECEIVED) mid.
From this perspective, it makes sense to me to skip the signature
verification when the mid wasn't supposed to be there in the first
place, but if we consider that other messages with status !=
STATUS_SUCCESS have their signatures correctly computed (apparently),
then I'd guess there's something wrong with computing signatures for
STATUS_END_OF_FILE responses.
Sent this just now:
https://lore.kernel.org/linux-cifs/20220918235442.2981-1-ematsumiya@suse.de/T/#u
I'd appreciate your, and Cc'd folks', feedback.
Cheers,
Enzo
next prev parent reply other threads:[~2022-09-19 0:22 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-17 2:07 [PATCH] cifs: verify signature only for valid responses Enzo Matsumiya
2022-09-17 14:24 ` Tom Talpey
2022-09-17 16:28 ` Enzo Matsumiya
2022-09-17 16:52 ` Enzo Matsumiya
2022-09-18 0:10 ` Tom Talpey
2022-09-19 0:21 ` Enzo Matsumiya [this message]
2022-09-19 15:15 ` Enzo Matsumiya
2022-09-20 19:04 ` Tom Talpey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220919002158.wgta4konh6c4wfjr@suse.de \
--to=ematsumiya@suse.de \
--cc=linux-cifs@vger.kernel.org \
--cc=nspmangalore@gmail.com \
--cc=pc@cjr.nz \
--cc=ronniesahlberg@gmail.com \
--cc=smfrench@gmail.com \
--cc=tom@talpey.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox