diff mbox series

[v2] ksmbd: remove unused compression negotiate ctx packing

Message ID 20230404142954.26674-1-ddiss@suse.de
State New
Headers show
Series [v2] ksmbd: remove unused compression negotiate ctx packing | expand

Commit Message

David Disseldorp April 4, 2023, 2:29 p.m. UTC
build_compression_ctxt() is currently unreachable due to
conn.compress_algorithm remaining zero (SMB3_COMPRESS_NONE).

It appears to have been broken in a couple of subtle ways over the
years:
- prior to d6c9ad23b421 ("ksmbd: use the common definitions for
  NEGOTIATE_PROTOCOL") smb2_compression_ctx.DataLength was set to 8,
  which didn't account for the single CompressionAlgorithms flexible
  array member.
- post d6c9ad23b421 smb2_compression_capabilities_context
  CompressionAlgorithms is a three member array, while
  CompressionAlgorithmCount is set to indicate only one member.
  assemble_neg_contexts() ctxt_size is also incorrectly incremented by
  sizeof(struct smb2_compression_capabilities_context) + 2, which
  assumes one flexible array member.

Signed-off-by: David Disseldorp <ddiss@suse.de>
---
v2: update changelog to also mention incorrect ctxt_size increment.

Note: this applies atop my previous assemble_neg_contexts cleanups
  ksmbd: set NegotiateContextCount once instead of every inc
  ksmbd: avoid duplicate negotiate ctx offset increments

 fs/ksmbd/smb2pdu.c | 26 ++------------------------
 1 file changed, 2 insertions(+), 24 deletions(-)

Comments

Namjae Jeon April 5, 2023, 1:16 p.m. UTC | #1
2023-04-04 23:29 GMT+09:00, David Disseldorp <ddiss@suse.de>:
> build_compression_ctxt() is currently unreachable due to
> conn.compress_algorithm remaining zero (SMB3_COMPRESS_NONE).
>
> It appears to have been broken in a couple of subtle ways over the
> years:
> - prior to d6c9ad23b421 ("ksmbd: use the common definitions for
>   NEGOTIATE_PROTOCOL") smb2_compression_ctx.DataLength was set to 8,
>   which didn't account for the single CompressionAlgorithms flexible
>   array member.
> - post d6c9ad23b421 smb2_compression_capabilities_context
>   CompressionAlgorithms is a three member array, while
>   CompressionAlgorithmCount is set to indicate only one member.
>   assemble_neg_contexts() ctxt_size is also incorrectly incremented by
>   sizeof(struct smb2_compression_capabilities_context) + 2, which
>   assumes one flexible array member.
>
> Signed-off-by: David Disseldorp <ddiss@suse.de>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>

Thanks for your patch!
diff mbox series

Patch

diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 9416c766483e..6dbc2300bd2a 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -747,19 +747,6 @@  static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt,
 	pneg_ctxt->Ciphers[0] = cipher_type;
 }
 
-static void build_compression_ctxt(struct smb2_compression_capabilities_context *pneg_ctxt,
-				   __le16 comp_algo)
-{
-	pneg_ctxt->ContextType = SMB2_COMPRESSION_CAPABILITIES;
-	pneg_ctxt->DataLength =
-		cpu_to_le16(sizeof(struct smb2_compression_capabilities_context)
-			- sizeof(struct smb2_neg_context));
-	pneg_ctxt->Reserved = cpu_to_le32(0);
-	pneg_ctxt->CompressionAlgorithmCount = cpu_to_le16(1);
-	pneg_ctxt->Flags = cpu_to_le32(0);
-	pneg_ctxt->CompressionAlgorithms[0] = comp_algo;
-}
-
 static void build_sign_cap_ctxt(struct smb2_signing_capabilities *pneg_ctxt,
 				__le16 sign_algo)
 {
@@ -823,17 +810,8 @@  static void assemble_neg_contexts(struct ksmbd_conn *conn,
 		ctxt_size += sizeof(struct smb2_encryption_neg_context) + 2;
 	}
 
-	if (conn->compress_algorithm) {
-		ctxt_size = round_up(ctxt_size, 8);
-		ksmbd_debug(SMB,
-			    "assemble SMB2_COMPRESSION_CAPABILITIES context\n");
-		/* Temporarily set to SMB3_COMPRESS_NONE */
-		build_compression_ctxt((struct smb2_compression_capabilities_context *)
-				       (pneg_ctxt + ctxt_size),
-				       conn->compress_algorithm);
-		neg_ctxt_cnt++;
-		ctxt_size += sizeof(struct smb2_compression_capabilities_context) + 2;
-	}
+	/* compression context not yet supported */
+	WARN_ON(conn->compress_algorithm != SMB3_COMPRESS_NONE);
 
 	if (conn->posix_ext_supported) {
 		ctxt_size = round_up(ctxt_size, 8);