- 10 8月, 2018 1 次提交
-
-
由 Ronnie Sahlberg 提交于
Change smb2_queryfs() to use a Create/QueryInfo/Close compound request. Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <stfrench@microsoft.com> Reviewed-by: NPaulo Alcantara <palcantara@suse.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
-
- 09 8月, 2018 3 次提交
-
-
由 Ronnie Sahlberg 提交于
Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <stfrench@microsoft.com> Reviewed-by: NPaulo Alcantara <palcantara@suse.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
-
由 Ronnie Sahlberg 提交于
Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <stfrench@microsoft.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com> Reviewed-by: NPaulo Alcantara <palcantara@suse.com>
-
由 Ronnie Sahlberg 提交于
Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <stfrench@microsoft.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com> Reviewed-by: NPaulo Alcantara <palcantara@suse.com>
-
- 08 8月, 2018 3 次提交
-
-
由 Ronnie Sahlberg 提交于
Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <stfrench@microsoft.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com> Cc: <stable@vger.kernel.org>
-
由 Steve French 提交于
We really, really want to be encouraging use of secure dialects, and SMB3.1.1 offers useful security features, and will soon be the recommended dialect for many use cases. Simplify the code by removing the CONFIG_CIFS_SMB311 ifdef so users don't disable it in the build, and create compatibility and/or security issues with modern servers - many of which have been supporting this dialect for multiple years. Also clarify some of the Kconfig text for cifs.ko about SMB3.1.1 and current supported features in the module. Signed-off-by: NSteve French <stfrench@microsoft.com> Acked-by: NAurelien Aptel <aaptel@suse.com> Reviewed-by: NRonnie Sahlberg <lsahlber@redhat.com>
-
由 Steve French 提交于
Output now matches expected stat -f output for all fields except for Namelen and ID which were addressed in a companion patch (which retrieves them from existing SMB3 mechanisms and works whether POSIX enabled or not) Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NAurelien Aptel <aaptel@suse.com>
-
- 06 7月, 2018 1 次提交
-
-
由 Ronnie Sahlberg 提交于
SMB1 mounting broke in commit 35e2cc1b ("cifs: Use correct packet length in SMB2_TRANSFORM header") Fix it and also rename smb2_rqst_len to smb_rqst_len to make it less unobvious that the function is also called from CIFS/SMB1 Good job by Paulo reviewing and cleaning up Ronnie's original patch. Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Reviewed-by: NPaulo Alcantara <palcantara@suse.de> Signed-off-by: NSteve French <stfrench@microsoft.com>
-
- 16 6月, 2018 1 次提交
-
-
由 Paulo Alcantara 提交于
In smb3_init_transform_rq(), 'orig_len' was only counting the request length, but forgot to count any data pages in the request. Writing or creating files with the 'seal' mount option was broken. In addition, do some code refactoring by exporting smb2_rqst_len() to calculate the appropriate packet size and avoid duplicating the same calculation all over the code. The start of the io vector is either the rfc1002 length (4 bytes) or a SMB2 header which is always > 4. Use this fact to check and skip the rfc1002 length if requested. Signed-off-by: NPaulo Alcantara <palcantara@suse.de> Reviewed-by: NAurelien Aptel <aaptel@suse.com> Signed-off-by: NSteve French <stfrench@microsoft.com>
-
- 15 6月, 2018 1 次提交
-
-
由 Steve French 提交于
mkdir was not passing the mode on smb3.11 mounts with posix extensions Signed-off-by: NSteve French <stfrench@microsoft.com>
-
- 08 6月, 2018 1 次提交
-
-
由 Ronnie Sahlberg 提交于
This leak was introduced in 91cb74f5 and caused us to leak one small buffer for every symlink query. Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <stfrench@microsoft.com>
-
- 01 6月, 2018 1 次提交
-
-
由 Ronnie Sahlberg 提交于
Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <stfrench@microsoft.com>
-
- 28 5月, 2018 3 次提交
-
-
由 Ronnie Sahlberg 提交于
And make SMB2_close just a wrapper for SMB2_close_flags. We need this as we will start to send SMB2_CLOSE pdus using special flags. Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Ronnie Sahlberg 提交于
and change the smb2 version to take heder_preamble_size into account instead of hardcoding it as 4 bytes. Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
In SMB2/SMB3 unlike in cifs we unnecessarily open the root of the share over and over again in various places during mount and path revalidation and also in statfs. This patch cuts redundant traffic (opens and closes) by simply keeping the directory handle for the root around (and reopening it as needed on reconnect), so query calls don't require three round trips to copmlete - just one, and eases load on network, client and server (on mount alone, cuts network traffic by more than a third). Also add a new cifs mount parm "nohandlecache" to allow users whose servers might have resource constraints (eg in case they have a server with so many users connecting to it that this extra handle per mount could possibly be a resource concern). Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NRonnie Sahlberg <lsahlber@redhat.com>
-
- 13 4月, 2018 1 次提交
-
-
由 Ronnie Sahlberg 提交于
Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
-
- 02 4月, 2018 2 次提交
-
-
由 Aurelien Aptel 提交于
SMB3.11 clients must implement pre-authentification integrity. * new mechanism to certify requests/responses happening before Tree Connect. * supersedes VALIDATE_NEGOTIATE * fixes signing for SMB3.11 Signed-off-by: NAurelien Aptel <aaptel@suse.com> Signed-off-by: NSteve French <smfrench@gmail.com> CC: Stable <stable@vger.kernel.org> Reviewed-by: NRonnie Sahlberg <lsahlber@redhat.com>
-
由 Aurelien Aptel 提交于
* prepare for SMB3.11 pre-auth integrity * enable sha512 when SMB311 is enabled in Kconfig * add sha512 as a soft dependency Signed-off-by: NAurelien Aptel <aaptel@suse.com> Signed-off-by: NSteve French <smfrench@gmail.com> CC: Stable <stable@vger.kernel.org> Reviewed-by: NRonnie Sahlberg <lsahlber@redhat.com>
-
- 27 1月, 2018 1 次提交
-
-
由 Aurelien Aptel 提交于
Since IPC now has a tcon object, the caller can just pass it. This allows domain-based DFS requests to work with smb2+. Link: https://bugzilla.samba.org/show_bug.cgi?id=12917 Fixes: 9d49640a ("CIFS: implement get_dfs_refer for SMB2+") Signed-off-by: NAurelien Aptel <aaptel@suse.com> Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
-
- 19 10月, 2017 1 次提交
-
-
由 Ronnie Sahlberg 提交于
Update reading the EA using increasingly larger buffer sizes until the response will fit in the buffer, or we exceed the (arbitrary) maximum set to 64kb. Without this change, a user is able to add more and more EAs using setfattr until the point where the total space of all EAs exceed 2kb at which point the user can no longer list the EAs at all and getfattr will abort with an error. The same issue still exists for EAs in SMB1. Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Reported-by: NXiaoli Feng <xifeng@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 05 9月, 2017 2 次提交
-
-
由 Ronnie Sahlberg 提交于
This adds support for writing extended attributes on SMB2+ shares. Attributes can be written using the setfattr command. RH-bz: 1110709 Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
-
由 Ronnie Sahlberg 提交于
SMB1 already has support to read attributes. This adds similar support to SMB2+. With this patch, tools such as 'getfattr' will now work with SMB2+ shares. RH-bz: 1110709 Signed-off-by: NRonnie Sahlberg <lsahlber@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
-
- 09 7月, 2017 1 次提交
-
-
由 Shirish Pargaonkar 提交于
Modified current set info function to accommodate multiple info types and additional information. Added cifs acl specific function to invoke set info functionality. Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
-
- 06 7月, 2017 1 次提交
-
-
由 Shirish Pargaonkar 提交于
Add definition and declaration of function to get cifs acls when mounting with smb version 2 onwards to 3. Extend/Alter query info function to allocate and return security descriptors within the response. Not yet handling the error case when the size of security descriptors in response to query exceeds SMB2_MAX_BUFFER_SIZE. Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 07 4月, 2017 1 次提交
-
-
由 Sachin Prabhu 提交于
A signal can interrupt a SendReceive call which result in incoming responses to the call being ignored. This is a problem for calls such as open which results in the successful response being ignored. This results in an open file resource on the server. The patch looks into responses which were cancelled after being sent and in case of successful open closes the open fids. For this patch, the check is only done in SendReceive2() RH-bz: 1403319 Signed-off-by: NSachin Prabhu <sprabhu@redhat.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com> Cc: Stable <stable@vger.kernel.org>
-
- 03 3月, 2017 1 次提交
-
-
由 Sachin Prabhu 提交于
If the security type specified using a mount option is not supported, the SMB2 session setup code changes the security type to RawNTLMSSP. We should instead fail the mount and return an error. The patch changes the code for SMB2 to make it similar to the code used for SMB1. Like in SMB1, we now use the global security flags to select the security method to be used when no security method is specified and to return an error when the requested auth method is not available. For SMB2, we also use ntlmv2 as a synonym for nltmssp. Signed-off-by: NSachin Prabhu <sprabhu@redhat.com> Acked-by: NPavel Shilovsky <pshilov@microsoft.com> Acked-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 02 3月, 2017 1 次提交
-
-
由 Aurelien Aptel 提交于
when set, use the session IPC tree id instead of the tid in the provided tcon. Signed-off-by: NAurelien Aptel <aaptel@suse.com> Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 02 2月, 2017 2 次提交
-
-
由 Pavel Shilovsky 提交于
Allow to decrypt transformed packets, find a corresponding mid and process as usual further. Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
-
由 Pavel Shilovsky 提交于
This change allows to encrypt packets if it is required by a server for SMB sessions or tree connections. Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
-
- 06 12月, 2016 1 次提交
-
-
由 Pavel Shilovsky 提交于
We can not unlock/lock cifs_tcp_ses_lock while walking through ses and tcon lists because it can corrupt list iterator pointers and a tcon structure can be released if we don't hold an extra reference. Fix it by moving a reconnect process to a separate delayed work and acquiring a reference to every tcon that needs to be reconnected. Also do not send an echo request on newly established connections. CC: Stable <stable@vger.kernel.org> Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
-
- 18 5月, 2016 1 次提交
-
-
由 Steve French 提交于
Wrong return code was being returned on SMB3 rmdir of non-empty directory. For SMB3 (unlike for cifs), we attempt to delete a directory by set of delete on close flag on the open. Windows clients set this flag via a set info (SET_FILE_DISPOSITION to set this flag) which properly checks if the directory is empty. With this patch on smb3 mounts we correctly return "DIRECTORY NOT EMPTY" on attempts to remove a non-empty directory. Signed-off-by: NSteve French <steve.french@primarydata.com> CC: Stable <stable@vger.kernel.org> Acked-by: NSachin Prabhu <sprabhu@redhat.com>
-
- 15 1月, 2016 1 次提交
-
-
由 Steve French 提交于
Prepare for encryption support (first part). Add decryption and encryption key generation. Thanks to Metze for helping with this. Reviewed-by: NStefan Metzmacher <metze@samba.org> Signed-off-by: NSteve French <steve.french@primarydata.com>
-
- 17 10月, 2014 2 次提交
-
-
由 Steve French 提交于
Adds support on SMB2.1 and SMB3 mounts for emulation of symlinks via the "Minshall/French" symlink format already used for cifs mounts when mfsymlinks mount option is used (and also used by Apple). http://wiki.samba.org/index.php/UNIX_Extensions#Minshall.2BFrench_symlinks This second patch adds support to query them (recognize them as symlinks and read them). Third version of patch makes minor corrections to error handling. Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NStefan Metzmacher <metze@samba.org>
-
由 Steve French 提交于
Adds support on SMB2.1 and SMB3 mounts for emulation of symlinks via the "Minshall/French" symlink format already used for cifs mounts when mfsymlinks mount option is used (and also used by Apple). http://wiki.samba.org/index.php/UNIX_Extensions#Minshall.2BFrench_symlinks This first patch adds support to create them. The next patch will add support for recognizing them and reading them. Although CIFS/SMB3 have other types of symlinks, in the many use cases they aren't practical (e.g. either require cifs only mounts with unix extensions to Samba, or require the user to be Administrator to Windows for SMB3). This also helps enable running additional xfstests over SMB3 (since some xfstests directly or indirectly require symlink support). Signed-off-by: NSteve French <smfrench@gmail.com> CC: Stefan Metzmacher <metze@samba.org>
-
- 06 8月, 2014 1 次提交
-
-
由 Steve French 提交于
Adds setinfo worker function for SMB2/SMB3 support of SET_ALLOCATION_INFORMATION Signed-off-by: NSteve French <smfrench@gmail.com> Reviewed-by: NPavel Shilovsky <pshilovsky@samba.org>
-
- 08 2月, 2014 1 次提交
-
-
由 Steve French 提交于
In the event that a send fails in an uncached write, or we end up needing to reissue it (-EAGAIN case), we'll kfree the wdata but the pages currently leak. Fix this by adding a new kref release routine for uncached writedata that releases the pages, and have the uncached codepaths use that. [original patch by Jeff modified to fix minor formatting problems] Signed-off-by: NJeff Layton <jlayton@redhat.com> Reviewed-by: NPavel Shilovsky <piastry@etersoft.ru> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 20 11月, 2013 1 次提交
-
-
由 Steve French 提交于
When we are running SMB3 or SMB3.02 connections which are signed we need to validate the protocol negotiation information, to ensure that the negotiate protocol response was not tampered with. Add the missing FSCTL which is sent at mount time (immediately after the SMB3 Tree Connect) to validate that the capabilities match what we think the server sent. "Secure dialect negotiation is introduced in SMB3 to protect against man-in-the-middle attempt to downgrade dialect negotiation. The idea is to prevent an eavesdropper from downgrading the initially negotiated dialect and capabilities between the client and the server." For more explanation see 2.2.31.4 of MS-SMB2 or http://blogs.msdn.com/b/openspecification/archive/2012/06/28/smb3-secure-dialect-negotiation.aspxReviewed-by: NPavel Shilovsky <piastry@etersoft.ru> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 12 11月, 2013 1 次提交
-
-
由 Pavel Shilovsky 提交于
Now we treat any reparse point as a symbolic link and map it to a Unix one that is not true in a common case due to many reparse point types supported by SMB servers. Distinguish reparse point types into two groups: 1) that can be accessed directly through a reparse point (junctions, deduplicated files, NFS symlinks); 2) that need to be processed manually (Windows symbolic links, DFS); and map only Windows symbolic links to Unix ones. Cc: <stable@vger.kernel.org> Acked-by: NJeff Layton <jlayton@redhat.com> Reported-and-tested-by: NJoao Correia <joaomiguelcorreia@gmail.com> Signed-off-by: NPavel Shilovsky <piastry@etersoft.ru> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 03 11月, 2013 1 次提交
-
-
由 Steven French 提交于
Currently SMB2 and SMB3 mounts do not query the device information at mount time from the server as is done for cifs. These can be useful for debugging. This is a minor patch, that extends the previous one (which added ability to query file system attributes at mount time - this returns the device characteristics - also via in /proc/fs/cifs/DebugData) Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 28 10月, 2013 1 次提交
-
-
由 Steve French 提交于
Currently SMB2 and SMB3 mounts do not query the file system attributes from the server at mount time as is done for cifs. These can be useful for debugging. Signed-off-by: NSteve French <smfrench@gmail.com>
-