Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v7.0.10 2026-02-21T19:02:58+00:00 2026-02-21T19:02:58+00:00 Linus Torvalds torvalds@linux-foundation.org 2026-02-21T19:02:58+00:00 urn:sha1:8934827db5403eae57d4537114a9ff88b0a8460f Pull kmalloc_obj conversion from Kees Cook: "This does the tree-wide conversion to kmalloc_obj() and friends using coccinelle, with a subsequent small manual cleanup of whitespace alignment that coccinelle does not handle. This uncovered a clang bug in __builtin_counted_by_ref(), so the conversion is preceded by disabling that for current versions of clang. The imminent clang 22.1 release has the fix. I've done allmodconfig build tests for x86_64, arm64, i386, and arm. I did defconfig builds for alpha, m68k, mips, parisc, powerpc, riscv, s390, sparc, sh, arc, csky, xtensa, hexagon, and openrisc" * tag 'kmalloc_obj-treewide-v7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: kmalloc_obj: Clean up after treewide replacements treewide: Replace kmalloc with kmalloc_obj for non-scalar types compiler_types: Disable __builtin_counted_by_ref for Clang 2026-02-21T09:02:28+00:00 Kees Cook kees@kernel.org 2026-02-21T07:49:23+00:00 urn:sha1:69050f8d6d075dc01af7a5f2f550a8067510366f This is the result of running the Coccinelle script from scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to avoid scalar types (which need careful case-by-case checking), and instead replace kmalloc-family calls that allocate struct or union object instances: Single allocations: kmalloc(sizeof(TYPE), ...) are replaced with: kmalloc_obj(TYPE, ...) Array allocations: kmalloc_array(COUNT, sizeof(TYPE), ...) are replaced with: kmalloc_objs(TYPE, COUNT, ...) Flex array allocations: kmalloc(struct_size(PTR, FAM, COUNT), ...) are replaced with: kmalloc_flex(*PTR, FAM, COUNT, ...) (where TYPE may also be *VAR) The resulting allocations no longer return "void *", instead returning "TYPE *". Signed-off-by: Kees Cook <kees@kernel.org> 2026-02-15T01:26:26+00:00 Chen Ni nichen@iscas.ac.cn 2026-02-11T04:55:33+00:00 urn:sha1:1aade89ecca465be1d08ea3fb55832254117932f Remove duplicate inclusion of misc.h in server.c to clean up redundant code. Signed-off-by: Chen Ni <nichen@iscas.ac.cn> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> 2026-02-09T02:25:16+00:00 Bahubali B Gumaji bahubali.bg@samsung.com 2026-02-05T00:08:35+00:00 urn:sha1:b38f99c1217ae04753340f0fdcd8f35bf56841dc This patch introduces a /proc filesystem interface to ksmbd, providing visibility into the internal state of the SMB server. This allows administrators and developers to monitor active connections, user sessions, and opened files in real-time without relying on external tools or heavy debugging. Key changes include: - Connection Monitoring (/proc/fs/ksmbd/clients): Displays a list of active network connections, including client IP addresses, SMB dialects, credits, and last active timestamps. - Session Management (/proc/fs/ksmbd/sessions/): Adds a global sessions file to list all authenticated users and their session IDs. - Creates individual session entries (e.g., /proc/fs/ksmbd/sessions/<id>) detailing capabilities (DFS, Multi-channel, etc.), signing/encryption algorithms, and connected tree shares. - File Tracking (/proc/fs/ksmbd/files): Shows all currently opened files across the server, including tree IDs, process IDs (PID), access modes (daccess/saccess), and oplock/lease states. - Statistics & Counters: Implements internal counters for global server metrics, such as the number of tree connections, total sessions, and processed read/write bytes. Signed-off-by: Hyunchul Lee <hyc.lee@gmail.com> Signed-off-by: Bahubali B Gumaji <bahubali.bg@samsung.com> Signed-off-by: Sang-Soo Lee <constant.lee@samsung.com> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> 2026-02-09T02:24:11+00:00 Namjae Jeon linkinjeon@kernel.org 2026-01-24T01:55:46+00:00 urn:sha1:010eb01ce23b34b50531448b0da391c7f05a72af The problem occurs when a signed request fails smb2 signature verification check. In __process_request(), if check_sign_req() returns an error, set_smb2_rsp_status(work, STATUS_ACCESS_DENIED) is called. set_smb2_rsp_status() set work->next_smb2_rcv_hdr_off as zero. By resetting next_smb2_rcv_hdr_off to zero, the pointer to the next command in the chain is lost. Consequently, is_chained_smb2_message() continues to point to the same request header instead of advancing. If the header's NextCommand field is non-zero, the function returns true, causing __handle_ksmbd_work() to repeatedly process the same failed request in an infinite loop. This results in the kernel log being flooded with "bad smb2 signature" messages and high CPU usage. This patch fixes the issue by changing the return value from SERVER_HANDLER_CONTINUE to SERVER_HANDLER_ABORT. This ensures that the processing loop terminates immediately rather than attempting to continue from an invalidated offset. Reported-by: tianshuo han <hantianshuo233@gmail.com> Cc: stable@vger.kernel.org Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> 2025-12-22T01:20:46+00:00 Namjae Jeon linkinjeon@kernel.org 2025-12-19T01:04:25+00:00 urn:sha1:0b444cfd8b74ebce421ccd96eac9c495e536c92e With the removal of the RFC1002 length field from the SMB header, smb2_get_msg is now used to get the smb1 request from the request buffer. Since this function is no longer exclusive to smb2 and now supports smb1 as well, This patch rename it to smb_get_msg to better reflect its usage. Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> 2025-12-22T01:20:46+00:00 David Howells dhowells@redhat.com 2025-12-18T16:20:34+00:00 urn:sha1:0a70cac7896712a08e3cd22c16f44be976d40dbf The commit that removed the RFC1002 header from struct smb_hdr didn't also fix the places in ksmbd that use it in order to provide graceful rejection of SMB1 protocol requests. Fixes: 83bfbd0bb902 ("cifs: Remove the RFC1002 header from smb_hdr") Reported-by: Namjae Jeon <linkinjeon@kernel.org> Link: https://lore.kernel.org/r/CAKYAXd9Ju4MFkkH5Jxfi1mO0AWEr=R35M3vQ_Xa7Yw34JoNZ0A@mail.gmail.com/ Cc: ChenXiaoSong <chenxiaosong.chenxiaosong@linux.dev> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> 2025-12-01T03:11:43+00:00 Eric Biggers ebiggers@kernel.org 2025-10-14T23:17:59+00:00 urn:sha1:3a597e6e9701eb7af04864ffdc0a6a91bc8c6496 For the HMAC-MD5 computations in NTLMv2, use the HMAC-MD5 library instead of a "hmac(md5)" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the HMAC-MD5 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. To preserve the existing behavior of NTLMv2 support being disabled when the kernel is booted with "fips=1", make ksmbd_auth_ntlmv2() check fips_enabled itself. Previously it relied on the error from crypto_alloc_shash("hmac(md5)") being bubbled up. I don't know for sure that this is actually needed, but this preserves the existing behavior. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> 2025-12-01T03:11:43+00:00 Eric Biggers ebiggers@kernel.org 2025-10-14T23:17:58+00:00 urn:sha1:924067ef183bd17f39d790752190f99982524598 Convert ksmbd_sign_smb2_pdu() and generate_key() to use the HMAC-SHA256 library instead of a "hmac(sha256)" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the HMAC-SHA256 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> 2025-12-01T03:11:42+00:00 Eric Biggers ebiggers@kernel.org 2025-10-14T23:17:57+00:00 urn:sha1:e009cb1e3093977c5b96a1c6697a7dc9332222d5 Convert ksmbd_gen_preauth_integrity_hash() to use the SHA-512 library instead of a "sha512" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the SHA-512 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>