[packages/kernel] revert fix limiting ksmbd to single connection per ip

[atler]

commit c8f69aa6611ff70209e390b4c81f1494dbccb5c9
Author: Jan Palus <atler at pld-linux.org>
Date:   Thu Oct 2 10:36:00 2025 +0200

    revert fix limiting ksmbd to single connection per ip
    
    until customizable number of connections is implemented. for more
    context see:
    
    https://github.com/namjaejeon/ksmbd/issues/512

 kernel.spec                 |   2 +
 ksmbd-one-conn-per-ip.patch | 174 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 176 insertions(+)
---
diff --git a/kernel.spec b/kernel.spec
index 0d0c8450..2ad9304b 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -133,6 +133,7 @@ Source44:	kernel-rt.config
 
 Source58:	kernel-inittmpfs.config
 
+Patch1:		ksmbd-one-conn-per-ip.patch
 Patch2:		android-enable-building-binder-as-module.patch
 # http://dev.gentoo.org/~spock/projects/fbcondecor/archive/fbcondecor-0.9.4-2.6.25-rc6.patch
 Patch3:		kernel-fbcondecor.patch
@@ -544,6 +545,7 @@ cd linux-%{basever}
 %endif
 
 %if %{without vanilla}
+%patch -P1 -p1 -R
 %patch -P2 -p1
 
 %if %{with fbcondecor}
diff --git a/ksmbd-one-conn-per-ip.patch b/ksmbd-one-conn-per-ip.patch
new file mode 100644
index 00000000..fb0a9e47
--- /dev/null
+++ b/ksmbd-one-conn-per-ip.patch
@@ -0,0 +1,174 @@
+From c0d41112f1a5828c194b59cca953114bc3776ef2 Mon Sep 17 00:00:00 2001
+From: Namjae Jeon <linkinjeon at kernel.org>
+Date: Sun, 17 Aug 2025 09:48:40 +0900
+Subject: ksmbd: extend the connection limiting mechanism to support IPv6
+
+Update the connection tracking logic to handle both IPv4 and IPv6
+address families.
+
+Cc: stable at vger.kernel.org
+Fixes: e6bb91939740 ("ksmbd: limit repeated connections from clients with the same IP")
+Signed-off-by: Namjae Jeon <linkinjeon at kernel.org>
+Signed-off-by: Steve French <stfrench at microsoft.com>
+---
+ fs/smb/server/connection.h    |  7 ++++++-
+ fs/smb/server/transport_tcp.c | 26 +++++++++++++++++++++++---
+ 2 files changed, 29 insertions(+), 4 deletions(-)
+
+(limited to 'fs/smb/server')
+
+diff --git a/fs/smb/server/connection.h b/fs/smb/server/connection.h
+index 31dd1caac1e8a8..2aa8084bb59302 100644
+--- a/fs/smb/server/connection.h
++++ b/fs/smb/server/connection.h
+@@ -46,7 +46,12 @@ struct ksmbd_conn {
+ 	struct mutex			srv_mutex;
+ 	int				status;
+ 	unsigned int			cli_cap;
+-	__be32				inet_addr;
++	union {
++		__be32			inet_addr;
++#if IS_ENABLED(CONFIG_IPV6)
++		u8			inet6_addr[16];
++#endif
++	};
+ 	char				*request_buf;
+ 	struct ksmbd_transport		*transport;
+ 	struct nls_table		*local_nls;
+diff --git a/fs/smb/server/transport_tcp.c b/fs/smb/server/transport_tcp.c
+index b1df02e321b00a..4337df97987da3 100644
+--- a/fs/smb/server/transport_tcp.c
++++ b/fs/smb/server/transport_tcp.c
+@@ -85,7 +85,14 @@ static struct tcp_transport *alloc_transport(struct socket *client_sk)
+ 		return NULL;
+ 	}
+ 
++#if IS_ENABLED(CONFIG_IPV6)
++	if (client_sk->sk->sk_family == AF_INET6)
++		memcpy(&conn->inet6_addr, &client_sk->sk->sk_v6_daddr, 16);
++	else
++		conn->inet_addr = inet_sk(client_sk->sk)->inet_daddr;
++#else
+ 	conn->inet_addr = inet_sk(client_sk->sk)->inet_daddr;
++#endif
+ 	conn->transport = KSMBD_TRANS(t);
+ 	KSMBD_TRANS(t)->conn = conn;
+ 	KSMBD_TRANS(t)->ops = &ksmbd_tcp_transport_ops;
+@@ -229,7 +236,6 @@ static int ksmbd_kthread_fn(void *p)
+ {
+ 	struct socket *client_sk = NULL;
+ 	struct interface *iface = (struct interface *)p;
+-	struct inet_sock *csk_inet;
+ 	struct ksmbd_conn *conn;
+ 	int ret;
+ 
+@@ -252,13 +258,27 @@ static int ksmbd_kthread_fn(void *p)
+ 		/*
+ 		 * Limits repeated connections from clients with the same IP.
+ 		 */
+-		csk_inet = inet_sk(client_sk->sk);
+ 		down_read(&conn_list_lock);
+ 		list_for_each_entry(conn, &conn_list, conns_list)
+-			if (csk_inet->inet_daddr == conn->inet_addr) {
++#if IS_ENABLED(CONFIG_IPV6)
++			if (client_sk->sk->sk_family == AF_INET6) {
++				if (memcmp(&client_sk->sk->sk_v6_daddr,
++					   &conn->inet6_addr, 16) == 0) {
++					ret = -EAGAIN;
++					break;
++				}
++			} else if (inet_sk(client_sk->sk)->inet_daddr ==
++				 conn->inet_addr) {
++				ret = -EAGAIN;
++				break;
++			}
++#else
++			if (inet_sk(client_sk->sk)->inet_daddr ==
++			    conn->inet_addr) {
+ 				ret = -EAGAIN;
+ 				break;
+ 			}
++#endif
+ 		up_read(&conn_list_lock);
+ 		if (ret == -EAGAIN)
+ 			continue;
+-- 
+cgit 1.2.3-korg
+
+From e6bb9193974059ddbb0ce7763fa3882bd60d4dc3 Mon Sep 17 00:00:00 2001
+From: Namjae Jeon <linkinjeon at kernel.org>
+Date: Tue, 5 Aug 2025 18:13:13 +0900
+Subject: ksmbd: limit repeated connections from clients with the same IP
+
+Repeated connections from clients with the same IP address may exhaust
+the max connections and prevent other normal client connections.
+This patch limit repeated connections from clients with the same IP.
+
+Reported-by: tianshuo han <hantianshuo233 at gmail.com>
+Cc: stable at vger.kernel.org
+Signed-off-by: Namjae Jeon <linkinjeon at kernel.org>
+Signed-off-by: Steve French <stfrench at microsoft.com>
+---
+ fs/smb/server/connection.h    |  1 +
+ fs/smb/server/transport_tcp.c | 17 +++++++++++++++++
+ 2 files changed, 18 insertions(+)
+
+(limited to 'fs/smb/server')
+
+diff --git a/fs/smb/server/connection.h b/fs/smb/server/connection.h
+index dd3e0e3f7bf046..31dd1caac1e8a8 100644
+--- a/fs/smb/server/connection.h
++++ b/fs/smb/server/connection.h
+@@ -46,6 +46,7 @@ struct ksmbd_conn {
+ 	struct mutex			srv_mutex;
+ 	int				status;
+ 	unsigned int			cli_cap;
++	__be32				inet_addr;
+ 	char				*request_buf;
+ 	struct ksmbd_transport		*transport;
+ 	struct nls_table		*local_nls;
+diff --git a/fs/smb/server/transport_tcp.c b/fs/smb/server/transport_tcp.c
+index 4e9f98db9ff409..d72588f33b9cd1 100644
+--- a/fs/smb/server/transport_tcp.c
++++ b/fs/smb/server/transport_tcp.c
+@@ -87,6 +87,7 @@ static struct tcp_transport *alloc_transport(struct socket *client_sk)
+ 		return NULL;
+ 	}
+ 
++	conn->inet_addr = inet_sk(client_sk->sk)->inet_daddr;
+ 	conn->transport = KSMBD_TRANS(t);
+ 	KSMBD_TRANS(t)->conn = conn;
+ 	KSMBD_TRANS(t)->ops = &ksmbd_tcp_transport_ops;
+@@ -230,6 +231,8 @@ static int ksmbd_kthread_fn(void *p)
+ {
+ 	struct socket *client_sk = NULL;
+ 	struct interface *iface = (struct interface *)p;
++	struct inet_sock *csk_inet;
++	struct ksmbd_conn *conn;
+ 	int ret;
+ 
+ 	while (!kthread_should_stop()) {
+@@ -248,6 +251,20 @@ static int ksmbd_kthread_fn(void *p)
+ 			continue;
+ 		}
+ 
++		/*
++		 * Limits repeated connections from clients with the same IP.
++		 */
++		csk_inet = inet_sk(client_sk->sk);
++		down_read(&conn_list_lock);
++		list_for_each_entry(conn, &conn_list, conns_list)
++			if (csk_inet->inet_daddr == conn->inet_addr) {
++				ret = -EAGAIN;
++				break;
++			}
++		up_read(&conn_list_lock);
++		if (ret == -EAGAIN)
++			continue;
++
+ 		if (server_conf.max_connections &&
+ 		    atomic_inc_return(&active_num_conn) >= server_conf.max_connections) {
+ 			pr_info_ratelimited("Limit the maximum number of connections(%u)\n",
+-- 
+cgit 1.2.3-korg
+
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/kernel.git/commitdiff/c8f69aa6611ff70209e390b4c81f1494dbccb5c9