[RFC PATCH 15/36] cifs: Pass smb_message to cifs_verify_signature()
From: David Howells
Date: Tue May 19 2026 - 06:32:20 EST
Pass smb_message to cifs_verify_signature() rather than an smb_rqst.
Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
cc: Steve French <sfrench@xxxxxxxxx>
cc: Paulo Alcantara <pc@xxxxxxxxxxxxx>
cc: Shyam Prasad N <sprasad@xxxxxxxxxxxxx>
cc: Tom Talpey <tom@xxxxxxxxxx>
cc: linux-cifs@xxxxxxxxxxxxxxx
cc: netfs@xxxxxxxxxxxxxxx
cc: linux-fsdevel@xxxxxxxxxxxxxxx
---
fs/smb/client/cifssmb.c | 13 +------------
fs/smb/client/smb1encrypt.c | 19 ++++++++++++++-----
fs/smb/client/smb1proto.h | 2 +-
fs/smb/client/smb1transport.c | 16 ++++------------
4 files changed, 20 insertions(+), 30 deletions(-)
diff --git a/fs/smb/client/cifssmb.c b/fs/smb/client/cifssmb.c
index 62f554f97a5c..c5b18e1c44ab 100644
--- a/fs/smb/client/cifssmb.c
+++ b/fs/smb/client/cifssmb.c
@@ -1432,11 +1432,6 @@ cifs_readv_callback(struct TCP_Server_Info *server, struct smb_message *smb)
struct netfs_inode *ictx = netfs_inode(rdata->rreq->inode);
struct cifs_tcon *tcon = tlink_tcon(rdata->req->cfile->tlink);
struct inode *inode = &ictx->inode;
- struct kvec iov = {
- .iov_base = smb->response,
- .iov_len = smb->resp_len,
- };
- struct smb_rqst rqst = { .rq_iov = &iov, .rq_nvec = 1 };
struct cifs_credits credits = {
.value = 1,
.instance = 0,
@@ -1450,19 +1445,13 @@ cifs_readv_callback(struct TCP_Server_Info *server, struct smb_message *smb)
__func__, smb->mid, smb->mid_state, rdata->result,
rdata->subreq.len);
- if (smb->resp_data_len)
- iov_iter_bvec_queue(&rqst.rq_iter, ITER_DEST,
- rdata->subreq.content.bvecq, rdata->subreq.content.slot,
- rdata->subreq.content.offset, rdata->subreq.len);
-
switch (smb->mid_state) {
case MID_RESPONSE_RECEIVED:
/* result already set, check signature */
if (server->sign) {
int rc;
- iov_iter_truncate(&rqst.rq_iter, smb->resp_data_len);
- rc = cifs_verify_signature(&rqst, server,
+ rc = cifs_verify_signature(smb, server,
smb->sequence_number);
if (rc)
cifs_dbg(VFS, "SMB signature verification returned error = %d\n",
diff --git a/fs/smb/client/smb1encrypt.c b/fs/smb/client/smb1encrypt.c
index 819c736c26e9..c61202ae54c6 100644
--- a/fs/smb/client/smb1encrypt.c
+++ b/fs/smb/client/smb1encrypt.c
@@ -106,14 +106,23 @@ int cifs_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server,
return rc;
}
-int cifs_verify_signature(struct smb_rqst *rqst,
+int cifs_verify_signature(struct smb_message *smb,
struct TCP_Server_Info *server,
__u32 expected_sequence_number)
{
- unsigned int rc;
- char server_response_sig[8];
+ struct smb_hdr *cifs_pdu = smb->response;
+ struct kvec iov = {
+ .iov_base = smb->response,
+ .iov_len = smb->resp_len,
+ };
+ struct smb_rqst rqst = {
+ .rq_iov = &iov,
+ .rq_nvec = 1,
+ .rq_iter = smb->response_iter
+ };
char what_we_think_sig_should_be[20];
- struct smb_hdr *cifs_pdu = (struct smb_hdr *)rqst->rq_iov[0].iov_base;
+ char server_response_sig[8];
+ int rc;
if (cifs_pdu == NULL || server == NULL)
return -EINVAL;
@@ -145,7 +154,7 @@ int cifs_verify_signature(struct smb_rqst *rqst,
cifs_pdu->Signature.Sequence.Reserved = 0;
cifs_server_lock(server);
- rc = cifs_calc_signature(rqst, server, what_we_think_sig_should_be);
+ rc = cifs_calc_signature(&rqst, server, what_we_think_sig_should_be);
cifs_server_unlock(server);
if (rc)
diff --git a/fs/smb/client/smb1proto.h b/fs/smb/client/smb1proto.h
index b2ad0ef64051..54a5261fabce 100644
--- a/fs/smb/client/smb1proto.h
+++ b/fs/smb/client/smb1proto.h
@@ -227,7 +227,7 @@ void cifs_dump_mids(struct TCP_Server_Info *server);
*/
int cifs_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server,
__u32 *pexpected_response_sequence_number);
-int cifs_verify_signature(struct smb_rqst *rqst,
+int cifs_verify_signature(struct smb_message *smb,
struct TCP_Server_Info *server,
__u32 expected_sequence_number);
int cifs_verify_trans_signature(struct TCP_Server_Info *server,
diff --git a/fs/smb/client/smb1transport.c b/fs/smb/client/smb1transport.c
index 776d615f69d3..a6af5bd20847 100644
--- a/fs/smb/client/smb1transport.c
+++ b/fs/smb/client/smb1transport.c
@@ -156,22 +156,14 @@ int
cifs_check_receive(struct smb_message *smb, struct TCP_Server_Info *server,
bool log_error)
{
- unsigned int len = smb->resp_len;
-
- dump_smb(smb->response, min_t(u32, 92, len));
+ dump_smb(smb->response, min_t(u32, 92, smb->resp_len));
/* convert the length into a more usable form */
if (server->sign && !smb->sig_checked) {
- struct kvec iov[1];
- int rc = 0;
- struct smb_rqst rqst = { .rq_iov = iov,
- .rq_nvec = ARRAY_SIZE(iov) };
-
- iov[0].iov_base = smb->response;
- iov[0].iov_len = len;
+ int rc;
- rc = cifs_verify_signature(&rqst, server,
- smb->sequence_number);
+ /* FIXME: add code to kill session */
+ rc = cifs_verify_signature(smb, server, smb->sequence_number);
if (rc) {
cifs_server_dbg(VFS, "SMB signature verification returned error = %d\n",
rc);