ksmbd: destroy expired sessions

client can indefinitely send smb2 session setup requests with the SessionId set to 0, thus indefinitely spawning new sessions, and causing indefinite memory usage. This patch limit to the number of sessions using expired timeout and session state. Cc: stable@vger.kernel.org Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-20478 Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
author: Namjae Jeon <linkinjeon@kernel.org> 2023-05-03 02:42:21 +0300
committer: Steve French <stfrench@microsoft.com> 2023-05-04 07:03:01 +0300
commit: ea174a91893956450510945a0c5d1a10b5323656 (patch)
tree: ad6c0cf2673430e70277868a0ec072c5849bd191 /fs/ksmbd/smb2pdu.h
parent: f5c779b7ddbda30866cf2a27c63e34158f858c73 (diff)
download: linux-ea174a91893956450510945a0c5d1a10b5323656.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index 9420dd2813fb..977a9ee6a5b3 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -61,6 +61,8 @@ struct preauth_integrity_info {
 #define SMB2_SESSION_IN_PROGRESS	BIT(0)
 #define SMB2_SESSION_VALID		BIT(1)
 
+#define SMB2_SESSION_TIMEOUT		(10 * HZ)
+
 struct create_durable_req_v2 {
 	struct create_context ccontext;
 	__u8   Name[8];
author	Namjae Jeon <linkinjeon@kernel.org>	2023-05-03 02:42:21 +0300
committer	Steve French <stfrench@microsoft.com>	2023-05-04 07:03:01 +0300
commit	ea174a91893956450510945a0c5d1a10b5323656 (patch)
tree	ad6c0cf2673430e70277868a0ec072c5849bd191 /fs/ksmbd/smb2pdu.h
parent	f5c779b7ddbda30866cf2a27c63e34158f858c73 (diff)
download	linux-ea174a91893956450510945a0c5d1a10b5323656.tar.xz