From: Namjae Jeon Date: Thu, 2 Jul 2026 10:37:53 +0000 (+0900) Subject: ksmbd: mark invalid session responses as signed X-Git-Tag: v7.2-rc3~28^2~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9e8ad620ddfde5a5f4ef58372e3805e9388cb0f4;p=thirdparty%2Fkernel%2Flinux.git ksmbd: mark invalid session responses as signed When a signed request uses a session that is not registered on the connection, ksmbd returns STATUS_USER_SESSION_DELETED before reaching the normal response signing path. The response therefore lacks SMB2_FLAGS_SIGNED. Clients that require signing check this flag before handling STATUS_USER_SESSION_DELETED and replace the server status with STATUS_ACCESS_DENIED when it is absent. The protocol permits this error response to skip signature verification because the connection has no matching session key. Preserve SMB2_FLAGS_SIGNED on the early error response when the request was signed. This lets the client propagate STATUS_USER_SESSION_DELETED. It fixes smb2.session.bind2. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- diff --git a/fs/smb/server/server.c b/fs/smb/server/server.c index 36a5ea4828ad..bc861ca4f0cc 100644 --- a/fs/smb/server/server.c +++ b/fs/smb/server/server.c @@ -199,6 +199,12 @@ static void __handle_ksmbd_work(struct ksmbd_work *work, else conn->ops->set_rsp_status(work, STATUS_USER_SESSION_DELETED); + if (conn->ops->is_sign_req(work, conn->ops->get_cmd_val(work))) { + struct smb2_hdr *rsp_hdr; + + rsp_hdr = ksmbd_resp_buf_curr(work); + rsp_hdr->Flags |= SMB2_FLAGS_SIGNED; + } goto send; } else if (rc > 0) { rc = conn->ops->get_ksmbd_tcon(work);