{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":172506892,"defaultBranch":"master","name":"ksmbd","ownerLogin":"cifsd-team","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2019-02-25T13:02:14.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/47977451?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1715782911.0","currentOid":""},"activityList":{"items":[{"before":"01311ab94223257f01081135c8d2ca7f25e6858f","after":"1391bab6a4bd48ec85ec21fd2021715da9ef1b37","ref":"refs/heads/master","pushedAt":"2024-05-15T14:19:58.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: release 3.5.0 version\n\nMajor changes are:\n- Durable handles v1/v2 support.\n- Fix several out of bounds issues.\n- Fix possible null-deref in smb_lazy_parent_lease_break_close.\n- Fix invalid file size on XFS backed share.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: release 3.5.0 version"}},{"before":"f878f249489b70386d33ee7e5273d7ae70bc9607","after":"01311ab94223257f01081135c8d2ca7f25e6858f","ref":"refs/heads/master","pushedAt":"2024-05-15T14:17:49.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: release 3.5.0 version\n\nMajor changes are:\n- Durable handles v1/v2 support.\n- Fix several out of bounds issues.\n- Fix possible null-deref in smb_lazy_parent_lease_break_close.\n- Fix invalid file size on XFS backed share.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: release 3.5.0 version"}},{"before":"5868974ea92224c4ceca4626ef09d14712488974","after":"f878f249489b70386d33ee7e5273d7ae70bc9607","ref":"refs/heads/master","pushedAt":"2024-04-27T01:08:11.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix uninitialized symbol 'share' in smb2_tree_connect()\n\nFix uninitialized symbol 'share' in smb2_tree_connect().\n\nFixes: e9d8c2f95ab8 (\"ksmbd: add continuous availability share parameter\")\nReported-by: kernel test robot <lkp@intel.com>\nReported-by: Dan Carpenter <dan.carpenter@linaro.org>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix uninitialized symbol 'share' in smb2_tree_connect()"}},{"before":"43b80c50acc17a66ecf2896d612b2e73983d2f72","after":"5868974ea92224c4ceca4626ef09d14712488974","ref":"refs/heads/master","pushedAt":"2024-04-05T23:12:55.000Z","pushType":"push","commitsCount":20,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: validate payload size in ipc response\n\nIf installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc\nresponse to ksmbd kernel server. ksmbd should validate payload size of\nipc response from ksmbd.mountd to avoid memory overrun or\nslab-out-of-bounds. This patch validate 3 ipc response that has payload.\n\nReported-by: Chao Ma <machao2019@gmail.com>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: validate payload size in ipc response"}},{"before":"a27991791bf7d0bc8210c595703e970f894b932e","after":"43b80c50acc17a66ecf2896d612b2e73983d2f72","ref":"refs/heads/master","pushedAt":"2024-02-05T14:13:36.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: release 3.4.9 version\n\nMajor changes are:\n - add support for v2 leases.\n - add support for read compound request.\n - several smb1 fixes.\n - add support for surrogate pair conversion.\n - fix warnings from atomic sleep and lockdep.\n - fix security issues.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: release 3.4.9 version"}},{"before":"0590dfae7a6e0a50eda6584286b2c6215aaddea1","after":"a27991791bf7d0bc8210c595703e970f894b932e","ref":"refs/heads/master","pushedAt":"2024-02-05T14:06:40.000Z","pushType":"push","commitsCount":25,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix global oob in ksmbd_nl_policy\n\nSimilar to a reported issue (check the commit b33fb5b801c6 (\"net:\nqualcomm: rmnet: fix global oob in rmnet_policy\"), my local fuzzer finds\nanother global out-of-bounds read for policy ksmbd_nl_policy. See bug\ntrace below:\n\n==================================================================\nBUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:386 [inline]\nBUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\nRead of size 1 at addr ffffffff8f24b100 by task syz-executor.1/62810\n\nCPU: 0 PID: 62810 Comm: syz-executor.1 Tainted: G                 N 6.1.0 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8b/0xb3 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x172/0x475 mm/kasan/report.c:395\n kasan_report+0xbb/0x1c0 mm/kasan/report.c:495\n validate_nla lib/nlattr.c:386 [inline]\n __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\n __nla_parse+0x3e/0x50 lib/nlattr.c:697\n __nlmsg_parse include/net/netlink.h:748 [inline]\n genl_family_rcv_msg_attrs_parse.constprop.0+0x1b0/0x290 net/netlink/genetlink.c:565\n genl_family_rcv_msg_doit+0xda/0x330 net/netlink/genetlink.c:734\n genl_family_rcv_msg net/netlink/genetlink.c:833 [inline]\n genl_rcv_msg+0x441/0x780 net/netlink/genetlink.c:850\n netlink_rcv_skb+0x14f/0x410 net/netlink/af_netlink.c:2540\n genl_rcv+0x24/0x40 net/netlink/genetlink.c:861\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x54e/0x800 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x930/0xe50 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0x154/0x190 net/socket.c:734\n ____sys_sendmsg+0x6df/0x840 net/socket.c:2482\n ___sys_sendmsg+0x110/0x1b0 net/socket.c:2536\n __sys_sendmsg+0xf3/0x1c0 net/socket.c:2565\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fdd66a8f359\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fdd65e00168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007fdd66bbcf80 RCX: 00007fdd66a8f359\nRDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000003\nRBP: 00007fdd66ada493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007ffc84b81aff R14: 00007fdd65e00300 R15: 0000000000022000\n </TASK>\n\nThe buggy address belongs to the variable:\n ksmbd_nl_policy+0x100/0xa80\n\nThe buggy address belongs to the physical page:\npage:0000000034f47940 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ccc4b\nflags: 0x200000000001000(reserved|node=0|zone=2)\nraw: 0200000000001000 ffffea00073312c8 ffffea00073312c8 0000000000000000\nraw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffffffff8f24b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffffffff8f24b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n>ffffffff8f24b100: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 00 00 07 f9\n                   ^\n ffffffff8f24b180: f9 f9 f9 f9 00 05 f9 f9 f9 f9 f9 f9 00 00 00 05\n ffffffff8f24b200: f9 f9 f9 f9 00 00 03 f9 f9 f9 f9 f9 00 00 04 f9\n==================================================================\n\nTo fix it, add a placeholder named __KSMBD_EVENT_MAX and let\nKSMBD_EVENT_MAX to be its original value - 1 according to what other\nnetlink families do. Also change two sites that refer the\nKSMBD_EVENT_MAX to correct value.\n\nCc: stable@vger.kernel.org\nFixes: 0626e6641f6b (\"cifsd: add server handler for central processing and tranport layers\")\nSigned-off-by: Lin Ma <linma@zju.edu.cn>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix global oob in ksmbd_nl_policy"}},{"before":"7dec4e9aa879132a92d730aedaebfff130e2963f","after":"0590dfae7a6e0a50eda6584286b2c6215aaddea1","ref":"refs/heads/master","pushedAt":"2023-12-22T00:34:07.000Z","pushType":"push","commitsCount":19,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix wrong allocation size update in smb2_open()\n\nWhen client send SMB2_CREATE_ALLOCATION_SIZE create context, ksmbd update\nold size to ->AllocationSize in smb2 create response. ksmbd_vfs_getattr()\nshould be called after it to get updated stat result.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix wrong allocation size update in smb2_open()"}},{"before":"681b66600314590de3290507890999b1dee82128","after":"7dec4e9aa879132a92d730aedaebfff130e2963f","ref":"refs/heads/master","pushedAt":"2023-11-09T04:25:18.000Z","pushType":"push","commitsCount":31,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: handle malformed smb1 message\n\nIf set_smb1_rsp_status() is not implemented, It will cause NULL pointer\ndereferece error when client send malformed smb1 message.\nThis patch add set_smb1_rsp_status() to ignore malformed smb1 message.\n\nReported-by: Robert Morris <rtm@csail.mit.edu>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: handle malformed smb1 message"}},{"before":"57f08e6c71d6732904f5bdb6eb285e983ec63473","after":"681b66600314590de3290507890999b1dee82128","ref":"refs/heads/master","pushedAt":"2023-10-14T03:51:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix recursive locking in vfs helpers\n\nRunning smb2.rename test from Samba smbtorture suite against a kernel built\nwith lockdep triggers a \"possible recursive locking detected\" warning.\n\nThis is because mnt_want_write() is called twice with no mnt_drop_write()\nin between:\n  -> ksmbd_vfs_mkdir()\n    -> ksmbd_vfs_kern_path_create()\n       -> kern_path_create()\n          -> filename_create()\n            -> mnt_want_write()\n       -> mnt_want_write()\n\nFix this by removing the mnt_want_write/mnt_drop_write calls from vfs\nhelpers that call kern_path_create().\n\nFull lockdep trace below:\n\n============================================\nWARNING: possible recursive locking detected\n6.6.0-rc5 #775 Not tainted\n--------------------------------------------\nkworker/1:1/32 is trying to acquire lock:\nffff888005ac83f8 (sb_writers#5){.+.+}-{0:0}, at: ksmbd_vfs_mkdir+0xe1/0x410\n\nbut task is already holding lock:\nffff888005ac83f8 (sb_writers#5){.+.+}-{0:0}, at: filename_create+0xb6/0x260\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n       CPU0\n       ----\n  lock(sb_writers#5);\n  lock(sb_writers#5);\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n4 locks held by kworker/1:1/32:\n #0: ffff8880064e4138 ((wq_completion)ksmbd-io){+.+.}-{0:0}, at: process_one_work+0x40e/0x980\n #1: ffff888005b0fdd0 ((work_completion)(&work->work)){+.+.}-{0:0}, at: process_one_work+0x40e/0x980\n #2: ffff888005ac83f8 (sb_writers#5){.+.+}-{0:0}, at: filename_create+0xb6/0x260\n #3: ffff8880057ce760 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: filename_create+0x123/0x260\n\nCc: stable@vger.kernel.org\nFixes: 40b268d384a2 (\"ksmbd: add mnt_want_write to ksmbd vfs functions\")\nSigned-off-by: Marios Makassikis <mmakassikis@freebox.fr>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix recursive locking in vfs helpers"}},{"before":"9b5d328d2bf6c2cf47a3f6fd9d5188e2980710da","after":"57f08e6c71d6732904f5bdb6eb285e983ec63473","ref":"refs/heads/master","pushedAt":"2023-10-14T00:57:28.000Z","pushType":"push","commitsCount":21,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: smb1: implement SMB_COM_QUERY_INFORMATION_DISK command\n\nSMB_COM_QUERY_INFORMATION_DISK is marked as deprecated, but smbclient\nwill use it if SMB Trans2/QUERY_FS_INFO fails. ksmbd will disconnect\nthe client because the command is not implemented.\n\nThe response to this command contains the same information as\nQUERY_FS_SIZE_INFO/QUERY_FS_FULL_SIZE_INFO infolevels. The difference is\nthat the fields are u16, so they may not be large enough. Values are\nadjusted so that the client can determine free and used space in bytes\n(which is what it really cares about).\n\nSigned-off-by: Marios Makassikis <mmakassikis@freebox.fr>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: smb1: implement SMB_COM_QUERY_INFORMATION_DISK command"}},{"before":"63eebf4ee781dc905c62c7990c9bed461e5619e9","after":"9b5d328d2bf6c2cf47a3f6fd9d5188e2980710da","ref":"refs/heads/master","pushedAt":"2023-09-21T06:44:05.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: check iov vector index in ksmbd_conn_write()\n\nIf ->iov_idx is zero, This means that the iov vector for the response\nwas not added during the request process. In other words, it means that\nthere is a problem in generating a response, So this patch return as\nan error to avoid NULL pointer dereferencing problem.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: check iov vector index in ksmbd_conn_write()"}},{"before":"15dc00e0026e2f679e10f03ea72dd6870d79a2bc","after":"63eebf4ee781dc905c62c7990c9bed461e5619e9","ref":"refs/heads/master","pushedAt":"2023-09-20T00:44:15.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: check iov vector index in ksmbd_conn_write()\n\nIf ->iov_idx is zero, This means that the iov vector for the response\nwas not added during the request process. In other words, it means that\nthere is a problem in generating a response, So this patch dump the command\ninformation in the request and returned as an error to avoid NULL pointer\ndereferencing problem.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: check iov vector index in ksmbd_conn_write()"}},{"before":"bf249dcef4d5a20eabf9656154419a0042769b90","after":"15dc00e0026e2f679e10f03ea72dd6870d79a2bc","ref":"refs/heads/master","pushedAt":"2023-09-12T14:07:22.000Z","pushType":"push","commitsCount":20,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: change ksmbd-tools option in github action script\n\nThis patch change options as the latest ksmbd.adduser and ksmbd.mountd\nin ksmbd-tools are updated.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: change ksmbd-tools option in github action script"}},{"before":"11aa06fbc7307b3ff68ebbdb96d42484d9b5ae6a","after":"bf249dcef4d5a20eabf9656154419a0042769b90","ref":"refs/heads/master","pushedAt":"2023-07-21T01:15:06.000Z","pushType":"push","commitsCount":24,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: check if a mount point is crossed during path lookup\n\nSince commit 74d7970febf7 (\"ksmbd: fix racy issue from using ->d_parent and\n->d_name\"), ksmbd can not lookup cross mount points. If last component is\na cross mount point during path lookup, check if it is crossed to follow it\ndown. And allow path lookup to cross a mount point when a crossmnt\nparameter is set to 'yes' in smb.conf.\n\nFixes: 74d7970febf7 (\"ksmbd: fix racy issue from using ->d_parent and ->d_name\")\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: check if a mount point is crossed during path lookup"}},{"before":"11fc883e8e83a325a62874eac96d3493681daf20","after":"11aa06fbc7307b3ff68ebbdb96d42484d9b5ae6a","ref":"refs/heads/master","pushedAt":"2023-05-17T00:51:15.374Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix UAF issue from opinfo->conn\n\nIf opinfo->conn is another connection and while ksmbd send oplock break\nrequest to cient on current connection, The connection for opinfo->conn\ncan be disconnect and conn could be freed. When sending oplock break\nrequest, this ksmbd_conn can be used and cause user-after-free issue.\nWhen getting opinfo from the list, ksmbd check connection is being\nreleased. If it is not released, Increase ->r_count to wait that connection\nis freed.\n\nReported-by: Per Forlin <per.forlin@axis.com>\nTested-by: Per Forlin <per.forlin@axis.com>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix UAF issue from opinfo-&gt;conn"}},{"before":"b807bb2bab1da8ba2db27675b6ed506ccf8b07ea","after":"11fc883e8e83a325a62874eac96d3493681daf20","ref":"refs/heads/master","pushedAt":"2023-05-17T00:45:38.543Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix UAF issue from opinfo->conn\n\nIf opinfo->conn is another connection and while ksmbd send oplock break\nrequest to cient on current connection, The connection for opinfo->conn\ncan be disconnect and conn could be freed. When sending oplock break\nrequest, this ksmbd_conn can be used and cause user-after-free issue.\nWhen getting opinfo from the list, ksmbd check connection is being\nreleased. If it is not released, Increase ->r_count to wait that connection\nis freed.\n\nReported-by: Per Forlin <per.forlin@axis.com>\nTested-by: Per Forlin <per.forlin@axis.com>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix UAF issue from opinfo-&gt;conn"}},{"before":"c43009709ff3217f01fe3146fea8cafc42ae08d5","after":"b807bb2bab1da8ba2db27675b6ed506ccf8b07ea","ref":"refs/heads/master","pushedAt":"2023-05-16T00:11:34.289Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix UAF issue from opinfo->conn\n\nIf opinfo->conn is another connection and while ksmbd send oplock break\nrequest to cient on current connection, The connection for opinfo->conn\ncan be disconnect and conn could be freed. When sending oplock break\nrequest, this ksmbd_conn can be used and cause user-after-free issue.\nWhen getting opinfo from the list, ksmbd check connection is being\nreleased. If it is not released, Increase ->r_count to wait that connection\nis freed.\n\nReported-by: Per Forlin <per.forlin@axis.com>\nTested-by: Per Forlin <per.forlin@axis.com>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix UAF issue from opinfo-&gt;conn"}},{"before":"af3b68388094ebddb14fb33eb144111a568dc069","after":"c43009709ff3217f01fe3146fea8cafc42ae08d5","ref":"refs/heads/master","pushedAt":"2023-05-15T23:48:49.429Z","pushType":"push","commitsCount":8,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fix UAF issue from opinfo->conn\n\nIf opinfo->conn is another connection and while ksmbd send oplock break\nrequest to cient on current connection, The connection for opinfo->conn\ncan be disconnect and conn could be freed. When sending oplock break\nrequest, this ksmbd_conn can be used and cause user-after-free issue.\nWhen getting opinfo from the list, ksmbd check connection is being\nreleased. If it is not released, Increase ->r_count to wait that connection\nis freed.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fix UAF issue from opinfo-&gt;conn"}},{"before":"7094aedc5db933d2c09f8acb63f79d021148f02c","after":"af3b68388094ebddb14fb33eb144111a568dc069","ref":"refs/heads/master","pushedAt":"2023-05-08T13:28:35.000Z","pushType":"push","commitsCount":13,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: drivers: remove struct module * setting from struct class\n\nThere is no need to manually set the owner of a struct class, as the\nregistering function does it automatically, so remove all of the\nexplicit settings from various drivers that did so as it is unneeded.\n\nThis allows us to remove this pointer entirely from this structure going\nforward.\n\nCc: \"Rafael J. Wysocki\" <rafael@kernel.org>\nLink: https://lore.kernel.org/r/20230313181843.1207845-2-gregkh@linuxfoundation.org\nSigned-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: drivers: remove struct module * setting from struct class"}},{"before":"274377cd20807ae91ac81f42ad2823d812289a31","after":"7094aedc5db933d2c09f8acb63f79d021148f02c","ref":"refs/heads/master","pushedAt":"2023-05-08T13:12:02.000Z","pushType":"push","commitsCount":6,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: fs: port vfs{g,u}id helpers to mnt_idmap\n\nConvert to struct mnt_idmap.\n\nLast cycle we merged the necessary infrastructure in\n256c8aed2b42 (\"fs: introduce dedicated idmap type for mounts\").\nThis is just the conversion to struct mnt_idmap.\n\nCurrently we still pass around the plain namespace that was attached to a\nmount. This is in general pretty convenient but it makes it easy to\nconflate namespaces that are relevant on the filesystem with namespaces\nthat are relevent on the mount level. Especially for non-vfs developers\nwithout detailed knowledge in this area this can be a potential source for\nbugs.\n\nOnce the conversion to struct mnt_idmap is done all helpers down to the\nreally low-level helpers will take a struct mnt_idmap argument instead of\ntwo namespace arguments. This way it becomes impossible to conflate the two\neliminating the possibility of any bugs. All of the vfs and all filesystems\nonly operate on struct mnt_idmap.\n\nAcked-by: Dave Chinner <dchinner@redhat.com>\nReviewed-by: Christoph Hellwig <hch@lst.de>\nSigned-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: fs: port vfs{g,u}id helpers to mnt_idmap"}},{"before":"9699755c5b6fac62168318932e57e50ba5fbcdca","after":"274377cd20807ae91ac81f42ad2823d812289a31","ref":"refs/heads/master","pushedAt":"2023-04-08T03:24:49.000Z","pushType":"push","commitsCount":9,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: release 3.4.8 version\n\nMajor changes are:\n - Code cleanups and optimization.\n - Fix xfstests generic/551 test failure.\n - Fix memleaks and KASAN warnings.\n - return correct error for unsupported smb1, smb2.0 mount.\n - Fix AES256 signing bug when connected to from MacOS.\n - Fix for overly frequent inactive session termination.\n - Fix to advertise named stream support correctly.\n - Two fixes to return less confusing messages on unsupported dialects\n   (STATUS_NOT_SUPPORTED instead of I/O error)\n - Two important fixes for frame length checks (which are also now stricter)\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: release 3.4.8 version"}},{"before":"eed822e8e697e7eda82cead5e0f13ff97888e6bd","after":"9699755c5b6fac62168318932e57e50ba5fbcdca","ref":"refs/heads/master","pushedAt":"2023-03-27T13:26:22.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: do not call kvmalloc() with __GFP_NORETRY | __GFP_NO_WARN\n\nCommit 83dcedd5540d (\"ksmbd: fix infinite loop in ksmbd_conn_handler_loop()\"),\nchanges GFP modifiers passed to kvmalloc(). This cause xfstests generic/551\ntest to fail. We limit pdu length size according to connection status and\nmaximum number of connections. In the rest, memory allocation of request\nis limited by credit management. so these flags are no longer needed.\n\nFixes: 83dcedd5540d (\"ksmbd: fix infinite loop in ksmbd_conn_handler_loop()\")\nCc: stable@vger.kernel.org\nSigned-off-by: Marios Makassikis <mmakassikis@freebox.fr>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: do not call kvmalloc() with __GFP_NORETRY | __GFP_NO_WARN"}},{"before":"c100ad6df2bc430596518c7a35ff54caa7a71886","after":"eed822e8e697e7eda82cead5e0f13ff97888e6bd","ref":"refs/heads/master","pushedAt":"2023-03-27T13:24:08.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: do not call kvmalloc() with __GFP_NORETRY | __GFP_NO_WARN\n\nCommit 83dcedd5540d (\"ksmbd: fix infinite loop in ksmbd_conn_handler_loop()\"),\nchanges GFP modifiers passed to kvmalloc(). This cause xfstests generic/551\ntest to fail. We limit pdu length size according to connection status and\nmaximum number of connections. In the rest, memory allocation of request\nis limited by credit management. so these flags are no longer needed.\n\nFixes: 83dcedd5540d (\"ksmbd: fix infinite loop in ksmbd_conn_handler_loop()\")\nCc: stable@vger.kernel.org\nSigned-off-by: Marios Makassikis <mmakassikis@freebox.fr>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: do not call kvmalloc() with __GFP_NORETRY | __GFP_NO_WARN"}},{"before":"bed00335f2712a5cdc96320b7310a15d007d6a8b","after":"c100ad6df2bc430596518c7a35ff54caa7a71886","ref":"refs/heads/master","pushedAt":"2023-03-22T00:05:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: return unsupported error on smb1 mount\n\nksmbd disconnect connection when mounting with vers=smb1.\nksmbd should send smb1 negotiate response to client for correct\nunsupported error return. This patch add needed SMB1 macros and fill\nNegProt part of the response for smb1 negotiate response.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: return unsupported error on smb1 mount"}},{"before":"97d13fc7205ef74ff13a1338ab22ca43c7488de1","after":"bed00335f2712a5cdc96320b7310a15d007d6a8b","ref":"refs/heads/master","pushedAt":"2023-03-22T00:05:01.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: don't terminate inactive sessions after a few seconds\n\nSteve reported that inactive sessions are terminated after a few\nseconds. ksmbd terminate when receiving -EAGAIN error from\nkernel_recvmsg(). -EAGAIN means there is no data available in timeout.\nSo ksmbd should keep connection with unlimited retries instead of\nterminating inactive sessions.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: don't terminate inactive sessions after a few seconds"}},{"before":"6ae5f0ca2f7252658f2dd19e0ff20d6b654f73e4","after":"97d13fc7205ef74ff13a1338ab22ca43c7488de1","ref":"refs/heads/master","pushedAt":"2023-03-22T00:04:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"github actions: remove generic/590 test\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"github actions: remove generic/590 test"}},{"before":"9eca519d729d3302d8658389a5e890e26be70236","after":"6ae5f0ca2f7252658f2dd19e0ff20d6b654f73e4","ref":"refs/heads/master","pushedAt":"2023-03-19T13:21:47.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: smb1: fix return value in ksmbd_fill_dirent\n\nThe return value must also be changed in kernel 6.1+.\n\nFixes: 82477bc (\"ksmbd: smb1: fix build error on kernel 6.1\")\nReported-by: Gnaggnoy Il <gnaggnoyil@gmail.com>\nSigned-off-by: Chukun Pan <amadeus@jmu.edu.cn>\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: smb1: fix return value in ksmbd_fill_dirent"}},{"before":"fdfef8281f223b1a8f66d4ed2950538cd99df927","after":"9eca519d729d3302d8658389a5e890e26be70236","ref":"refs/heads/master","pushedAt":"2023-03-12T00:13:56.084Z","pushType":"push","commitsCount":1,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: add xfstests to github actions","shortMessageHtmlLink":"ksmbd: add xfstests to github actions"}},{"before":"6a2fb9a8656533a16ad382c3519e6e41a2a58eb3","after":"fdfef8281f223b1a8f66d4ed2950538cd99df927","ref":"refs/heads/master","pushedAt":"2023-03-12T00:12:59.232Z","pushType":"push","commitsCount":4,"pusher":{"login":"namjaejeon","name":"Namjae Jeon","path":"/namjaejeon","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13989893?s=80&v=4"},"commit":{"message":"ksmbd: remove travis-CI script\n\nReplace travis-CI with github actions.\n\nSigned-off-by: Namjae Jeon <linkinjeon@kernel.org>","shortMessageHtmlLink":"ksmbd: remove travis-CI script"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAESqOkkwA","startCursor":null,"endCursor":null}},"title":"Activity · cifsd-team/ksmbd"}