tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

ksmbd: remove unused compression negotiate ctx packing

build_compression_ctxt() is currently unreachable due to
conn.compress_algorithm remaining zero (SMB3_COMPRESS_NONE).

It appears to have been broken in a couple of subtle ways over the
years:
- prior to d6c9ad23b421 ("ksmbd: use the common definitions for
NEGOTIATE_PROTOCOL") smb2_compression_ctx.DataLength was set to 8,
which didn't account for the single CompressionAlgorithms flexible
array member.
- post d6c9ad23b421 smb2_compression_capabilities_context
CompressionAlgorithms is a three member array, while
CompressionAlgorithmCount is set to indicate only one member.
assemble_neg_contexts() ctxt_size is also incorrectly incremented by
sizeof(struct smb2_compression_capabilities_context) + 2, which
assumes one flexible array member.

Signed-off-by: David Disseldorp <ddiss@suse.de>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

authored by

David Disseldorp and committed by
Steve French af36c51e a12a07a8

+2 -24
+2 -24
fs/ksmbd/smb2pdu.c
··· 756 756 pneg_ctxt->Ciphers[0] = cipher_type; 757 757 } 758 758 759 - static void build_compression_ctxt(struct smb2_compression_capabilities_context *pneg_ctxt, 760 - __le16 comp_algo) 761 - { 762 - pneg_ctxt->ContextType = SMB2_COMPRESSION_CAPABILITIES; 763 - pneg_ctxt->DataLength = 764 - cpu_to_le16(sizeof(struct smb2_compression_capabilities_context) 765 - - sizeof(struct smb2_neg_context)); 766 - pneg_ctxt->Reserved = cpu_to_le32(0); 767 - pneg_ctxt->CompressionAlgorithmCount = cpu_to_le16(1); 768 - pneg_ctxt->Flags = cpu_to_le32(0); 769 - pneg_ctxt->CompressionAlgorithms[0] = comp_algo; 770 - } 771 - 772 759 static void build_sign_cap_ctxt(struct smb2_signing_capabilities *pneg_ctxt, 773 760 __le16 sign_algo) 774 761 { ··· 819 832 ctxt_size += sizeof(struct smb2_encryption_neg_context) + 2; 820 833 } 821 834 822 - if (conn->compress_algorithm) { 823 - ctxt_size = round_up(ctxt_size, 8); 824 - ksmbd_debug(SMB, 825 - "assemble SMB2_COMPRESSION_CAPABILITIES context\n"); 826 - /* Temporarily set to SMB3_COMPRESS_NONE */ 827 - build_compression_ctxt((struct smb2_compression_capabilities_context *) 828 - (pneg_ctxt + ctxt_size), 829 - conn->compress_algorithm); 830 - neg_ctxt_cnt++; 831 - ctxt_size += sizeof(struct smb2_compression_capabilities_context) + 2; 832 - } 835 + /* compression context not yet supported */ 836 + WARN_ON(conn->compress_algorithm != SMB3_COMPRESS_NONE); 833 837 834 838 if (conn->posix_ext_supported) { 835 839 ctxt_size = round_up(ctxt_size, 8);