From: Aaditya Kansal <aadityakansal390@gmail.com>
Date: Thu, 5 Feb 2026 01:00:12 +0000 (+0530)
Subject: smb: client: terminate session upon failed client required signing
X-Git-Tag: v7.0-rc1~58^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dc96f01d54cc7c785c98ee6e2b53075949ac16ed;p=thirdparty%2Fkernel%2Flinux.git

smb: client: terminate session upon failed client required signing

Currently, when smb signature verification fails, the behaviour is to log
the failure without any action to terminate the session.

Call cifs_reconnect() when client required signature verification fails.
Otherwise, log the error without reconnecting.

Signed-off-by: Aaditya Kansal <aadityakansal390@gmail.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
---

diff --git a/fs/smb/client/smb1transport.c b/fs/smb/client/smb1transport.c
index 93731b00ca5d..38d6d5538b96 100644
--- a/fs/smb/client/smb1transport.c
+++ b/fs/smb/client/smb1transport.c
@@ -169,12 +169,18 @@ cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
 
 		iov[0].iov_base = mid->resp_buf;
 		iov[0].iov_len = len;
-		/* FIXME: add code to kill session */
+
 		rc = cifs_verify_signature(&rqst, server,
 					   mid->sequence_number);
-		if (rc)
+		if (rc) {
 			cifs_server_dbg(VFS, "SMB signature verification returned error = %d\n",
 				 rc);
+
+			if (!(server->sec_mode & SECMODE_SIGN_REQUIRED)) {
+				cifs_reconnect(server, true);
+				return rc;
+			}
+		}
 	}
 
 	/* BB special case reconnect tid and uid here? */