ksmbd: require source read access for duplicate extents - kernel/linux.git

diff options

author	Namjae Jeon <linkinjeon@kernel.org>	2026-06-13 16:00:02 +0300
committer	Steve French <stfrench@microsoft.com>	2026-06-17 02:57:22 +0300
commit	cedff600f1642aa982178503552f0d007bc829c8 (patch)
tree	fa7becae55fc78a387f2f81d263c1865c75588e2 /include
parent	b383bcad3d2fe634b26efbce53e22bbb5753a520 (diff)
download	linux-cedff600f1642aa982178503552f0d007bc829c8.tar.xz

ksmbd: require source read access for duplicate extents

FSCTL_DUPLICATE_EXTENTS_TO_FILE passes the source file directly to vfs_clone_file_range() or vfs_copy_file_range() without checking the SMB access mask granted to the source handle. A handle opened with attribute access can consequently be used to copy file contents into an attacker-readable destination. Require FILE_READ_DATA on the source handle before either VFS operation, matching other ksmbd data-copy paths. Cc: stable@vger.kernel.org Reported-by: Musaab Khan <musaab.khan@protonmail.com> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>

Diffstat (limited to 'include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: