ksmbd: throttle session setup failures to avoid dictionary attacks

To avoid dictionary attacks (repeated session setups rapidly sent) to connect to server, ksmbd make a delay of a 5 seconds on session setup failure to make it harder to send enough random connection requests to break into a server if a user insert the wrong password 10 times in a row. Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
author: Namjae Jeon <linkinjeon@kernel.org> 2021-10-13 11:28:31 +0300
committer: Steve French <stfrench@microsoft.com> 2021-10-20 08:07:10 +0300
commit: 621be84a9d1fbf0097fd058e249ec5cc4f35f3c5 (patch)
tree: e6d922ce3d5262c34c781768ee51588ce4c80e2e /fs/ksmbd/transport_ipc.c
parent: 34061d6b76a41b1e43c19e1e50d98e5d77f77d4e (diff)
download: linux-621be84a9d1fbf0097fd058e249ec5cc4f35f3c5.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c
index 44aea33a67fa..1acf1892a466 100644
--- a/fs/ksmbd/transport_ipc.c
+++ b/fs/ksmbd/transport_ipc.c
@@ -601,7 +601,7 @@ int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
 	return ret;
 }
 
-int ksmbd_ipc_logout_request(const char *account)
+int ksmbd_ipc_logout_request(const char *account, int flags)
 {
 	struct ksmbd_ipc_msg *msg;
 	struct ksmbd_logout_request *req;
@@ -616,6 +616,7 @@ int ksmbd_ipc_logout_request(const char *account)
 
 	msg->type = KSMBD_EVENT_LOGOUT_REQUEST;
 	req = (struct ksmbd_logout_request *)msg->payload;
+	req->account_flags = flags;
 	strscpy(req->account, account, KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
 
 	ret = ipc_msg_send(msg);
author	Namjae Jeon <linkinjeon@kernel.org>	2021-10-13 11:28:31 +0300
committer	Steve French <stfrench@microsoft.com>	2021-10-20 08:07:10 +0300
commit	621be84a9d1fbf0097fd058e249ec5cc4f35f3c5 (patch)
tree	e6d922ce3d5262c34c781768ee51588ce4c80e2e /fs/ksmbd/transport_ipc.c
parent	34061d6b76a41b1e43c19e1e50d98e5d77f77d4e (diff)
download	linux-621be84a9d1fbf0097fd058e249ec5cc4f35f3c5.tar.xz