- 01 8月, 2013 1 次提交
-
-
由 Jeff Layton 提交于
Jarod reported an Oops like when testing with fips=1: CIFS VFS: could not allocate crypto hmacmd5 CIFS VFS: could not crypto alloc hmacmd5 rc -2 CIFS VFS: Error -2 during NTLMSSP authentication CIFS VFS: Send error in SessSetup = -2 BUG: unable to handle kernel NULL pointer dereference at 000000000000004e IP: [<ffffffff812b5c7a>] crypto_destroy_tfm+0x1a/0x90 PGD 0 Oops: 0000 [#1] SMP Modules linked in: md4 nls_utf8 cifs dns_resolver fscache kvm serio_raw virtio_balloon virtio_net mperf i2c_piix4 cirrus drm_kms_helper ttm drm i2c_core virtio_blk ata_generic pata_acpi CPU: 1 PID: 639 Comm: mount.cifs Not tainted 3.11.0-0.rc3.git0.1.fc20.x86_64 #1 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 task: ffff88007bf496e0 ti: ffff88007b080000 task.ti: ffff88007b080000 RIP: 0010:[<ffffffff812b5c7a>] [<ffffffff812b5c7a>] crypto_destroy_tfm+0x1a/0x90 RSP: 0018:ffff88007b081d10 EFLAGS: 00010282 RAX: 0000000000001f1f RBX: ffff880037422000 RCX: ffff88007b081fd8 RDX: 000000000000001f RSI: 0000000000000006 RDI: fffffffffffffffe RBP: ffff88007b081d30 R08: ffff880037422000 R09: ffff88007c090100 R10: 0000000000000000 R11: 00000000fffffffe R12: fffffffffffffffe R13: ffff880037422000 R14: ffff880037422000 R15: 00000000fffffffe FS: 00007fc322f4f780(0000) GS:ffff88007fc80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b CR2: 000000000000004e CR3: 000000007bdaa000 CR4: 00000000000006e0 Stack: ffffffff81085845 ffff880037422000 ffff8800375e7400 ffff880037422000 ffff88007b081d48 ffffffffa0176022 ffff880037422000 ffff88007b081d60 ffffffffa015c07b ffff880037600600 ffff88007b081dc8 ffffffffa01610e1 Call Trace: [<ffffffff81085845>] ? __cancel_work_timer+0x75/0xf0 [<ffffffffa0176022>] cifs_crypto_shash_release+0x82/0xf0 [cifs] [<ffffffffa015c07b>] cifs_put_tcp_session+0x8b/0xe0 [cifs] [<ffffffffa01610e1>] cifs_mount+0x9d1/0xad0 [cifs] [<ffffffffa014ff50>] cifs_do_mount+0xa0/0x4d0 [cifs] [<ffffffff811ab6e9>] mount_fs+0x39/0x1b0 [<ffffffff811c466f>] vfs_kern_mount+0x5f/0xf0 [<ffffffff811c6a9e>] do_mount+0x23e/0xa20 [<ffffffff811c66e6>] ? copy_mount_options+0x36/0x170 [<ffffffff811c7303>] SyS_mount+0x83/0xc0 [<ffffffff8165c8d9>] system_call_fastpath+0x16/0x1b Code: eb 9e 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 66 66 90 55 48 89 e5 41 55 41 54 49 89 fc 53 48 83 ec 08 48 85 ff 74 46 <48> 83 7e 48 00 48 8b 5e 50 74 4b 48 89 f7 e8 83 fc ff ff 4c 8b RIP [<ffffffff812b5c7a>] crypto_destroy_tfm+0x1a/0x90 RSP <ffff88007b081d10> CR2: 000000000000004e The cifs code allocates some crypto structures. If that fails, it returns an error, but it leaves the pointers set to their PTR_ERR values. Then later when it tries to clean up, it sees that those values are non-NULL and then passes them to the routine that frees them. Fix this by setting the pointers to NULL after collecting the error code in this situation. Cc: Sachin Prabhu <sprabhu@redhat.com> Reported-by: NJarod Wilson <jarod@redhat.com> Signed-off-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 31 7月, 2013 3 次提交
-
-
由 Andi Shyti 提交于
In the cifs_reopen_file function, if the following statement is asserted: (tcon->unix_ext && cap_unix(tcon->ses) && (CIFS_UNIX_POSIX_PATH_OPS_CAP & (tcon->fsUnixInfo.Capability))) and we succeed to open with cifs_posix_open, the function jumps to the label reopen_success and checks for oparms.reconnect which is not initialized. This issue has been reported by scan.coverity.com Signed-off-by: NAndi Shyti <andi@etezian.org> Reviewed-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
When use of symlinks is enabled (mounting with mfsymlinks option) to non-Samba servers, we always tried to use cifs, even when we were mounted with SMB2 or SMB3, which causes the server to drop the network connection. This patch separates out the protocol specific operations for cifs from the code which recognizes symlinks, and fixes the problem where with SMB2 mounts we attempt cifs operations to open and read symlinks. The next patch will add support for SMB2 for opening and reading symlinks. Additional followon patches will address the similar problem creating symlinks. Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Chen Gang 提交于
For cifs_set_cifscreds() in "fs/cifs/connect.c", 'desc' buffer length is 'CIFSCREDS_DESC_SIZE' (56 is less than 256), and 'ses->domainName' length may be "255 + '\0'". The related sprintf() may cause memory overflow, so need extend related buffer enough to hold all things. It is also necessary to be sure of 'ses->domainName' must be less than 256, and define the related macro instead of hard code number '256'. Signed-off-by: NChen Gang <gang.chen@asianux.com> Reviewed-by: NJeff Layton <jlayton@redhat.com> Reviewed-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Reviewed-by: NScott Lovenberg <scott.lovenberg@gmail.com> CC: <stable@vger.kernel.org> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 12 7月, 2013 2 次提交
-
-
由 Pavel Shilovsky 提交于
If we request reading or writing on a file that needs to be reopened, it causes the deadlock: we are already holding rw semaphore for reading and then we try to acquire it for writing in cifs_relock_file. Fix this by acquiring the semaphore for reading in cifs_relock_file due to we don't make any changes in locks and don't need a write access. CC: <stable@vger.kernel.org> Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Acked-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Pavel Shilovsky 提交于
This is a follow-on patch for 8/8 patch from the durable handles series. It fixes the problem when durable file handle timeout expired on the server and reopen returns -ENOENT for such files. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 11 7月, 2013 9 次提交
-
-
由 Steve French 提交于
Fix endian warning: CHECK fs/cifs/smb2pdu.c fs/cifs/smb2pdu.c:1068:40: warning: incorrect type in assignment (different base types) fs/cifs/smb2pdu.c:1068:40: expected restricted __le32 [usertype] Next fs/cifs/smb2pdu.c:1068:40: got unsigned long Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Pavel Shilovsky 提交于
On reconnects, we need to reopen file and then obtain all byte-range locks held by the client. SMB2 protocol provides feature to make this process atomic by reconnecting to the same file handle with all it's byte-range locks. This patch adds this capability for SMB2 shares. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
由 Pavel Shilovsky 提交于
to prepare it for further durable handle reconnect processing. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
由 Pavel Shilovsky 提交于
and pass it to the open() call. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
由 Pavel Shilovsky 提交于
by passing durable context together with a handle caching lease or batch oplock. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
由 Pavel Shilovsky 提交于
to make it easier to add other create context further. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
由 Pavel Shilovsky 提交于
by passing a filename to a separate iovec regardless of its length. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
由 Pavel Shilovsky 提交于
and eliminated unused file_attribute parms of SMB2_open. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
由 Pavel Shilovsky 提交于
to prevent missing RqLs context if it's not the first one. Signed-off-by: NPavel Shilovsky <pshilovsky@samba.org> Signed-off-by: NSteven French <steven@steven-GA-970A-DS3.(none)>
-
- 05 7月, 2013 2 次提交
-
-
由 Steve French 提交于
Certain servers may not set the NumberOfLinks field in query file/path info responses. In such a case, cifs_inode_needs_reval() assumes that all regular files are hardlinks and triggers revalidation, leading to excessive and unnecessary network traffic. This change hardcodes cf_nlink (and subsequently i_nlink) when not returned by the server, similar to what already occurs in cifs_mkdir(). Cc: <stable@vger.kernel.org> Signed-off-by: NDavid Disseldorp <ddiss@suse.de> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
Updated patch to try to prevent allocation of cifs, smb2 or smb3 crypto secmech structures unless needed. Currently cifs allocates all crypto mechanisms when the first session is established (4 functions and 4 contexts), rather than only allocating these when needed (smb3 needs two, the rest of the dialects only need one). Acked-by: NJeff Layton <jlayton@redhat.com> Reviewed-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 29 6月, 2013 5 次提交
-
-
由 Jeff Layton 提交于
Having a global lock that protects all of this code is a clear scalability problem. Instead of doing that, move most of the code to be protected by the i_lock instead. The exceptions are the global lists that the ->fl_link sits on, and the ->fl_block list. ->fl_link is what connects these structures to the global lists, so we must ensure that we hold those locks when iterating over or updating these lists. Furthermore, sound deadlock detection requires that we hold the blocked_list state steady while checking for loops. We also must ensure that the search and update to the list are atomic. For the checking and insertion side of the blocked_list, push the acquisition of the global lock into __posix_lock_file and ensure that checking and update of the blocked_list is done without dropping the lock in between. On the removal side, when waking up blocked lock waiters, take the global lock before walking the blocked list and dequeue the waiters from the global list prior to removal from the fl_block list. With this, deadlock detection should be race free while we minimize excessive file_lock_lock thrashing. Finally, in order to avoid a lock inversion problem when handling /proc/locks output we must ensure that manipulations of the fl_block list are also protected by the file_lock_lock. Signed-off-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
-
由 Jeff Layton 提交于
commit 66189be7 (CIFS: Fix VFS lock usage for oplocked files) exported the locks_delete_block symbol. There's already an exported helper function that provides this capability however, so make cifs use that instead and turn locks_delete_block back into a static function. Note that if fl->fl_next == NULL then this lock has already been through locks_delete_block(), so we should be OK to ignore an ENOENT error here and simply not retry the lock. Cc: Pavel Shilovsky <piastryyy@gmail.com> Signed-off-by: NJeff Layton <jlayton@redhat.com> Acked-by: NJ. Bruce Fields <bfields@fieldses.org> Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
-
由 Linus Torvalds 提交于
Instances either don't look at it at all (the majority of cases) or only want it to find the superblock (which can be had as dentry->d_sb). A few cases that want more are actually safe with dentry->d_inode - the only precaution needed is the check that it hadn't been replaced with NULL by rmdir() or by overwriting rename(), which case should be simply treated as cache miss. Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org> Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
-
由 Al Viro 提交于
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
-
由 David Disseldorp 提交于
Currently the trans2 ByteCount field is incorrectly left zero in TRANS2_QUERY_FILE_INFO info_level=SMB_QUERY_FILE_ALL_INFO and info_level=SMB_QUERY_FILE_UNIX_BASIC requests. The field should properly reflect the FID, information_level and padding bytes carried in these requests. Leaving this field zero causes such requests to fail against Novell CIFS servers. Other SMB servers (e.g. Samba) use the parameter count fields for data length calculations instead, so do not suffer the same fate. Signed-off-by: NDavid Disseldorp <ddiss@suse.de> Acked-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 28 6月, 2013 1 次提交
-
-
由 Jeff Layton 提交于
Commit 9ddec561 (cifs: move handling of signed connections into separate function) broke signing on SMB2/3 connections. While the code to enable signing on the connections was very similar between the two, the bits that get set in the sec_mode are different. Declare a couple of new smb_version_values fields and set them appropriately for SMB1 and SMB2/3. Then change cifs_enable_signing to use those instead. Reported-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: NJeff Layton <jlayton@redhat.com> Tested-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 27 6月, 2013 13 次提交
-
-
由 Steve French 提交于
Fix build warning in Shirish's recent SMB3 signing patch which occurs when SMB2 support is disabled in Kconfig. fs/built-in.o: In function `cifs_setup_session': >> (.text+0xa1767): undefined reference to `generate_smb3signingkey' Pointed out by: automated 0-DAY kernel build testing backend Intel Open Source Technology Center CC: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
SMB3 uses a much faster method of signing (which is also better in other ways), AES-CMAC. With the kernel now supporting AES-CMAC since last release, we are overdue to allow SMB3 signing (today only CIFS and SMB2 and SMB2.1, but not SMB3 and SMB3.1 can sign) - and we need this also for checking secure negotation and also per-share encryption (two other new SMB3 features which we need to implement). This patch needs some work in a few areas - for example we need to move signing for SMB2/SMB3 from per-socket to per-user (we may be able to use the "nosharesock" mount option in the interim for the multiuser case), and Shirish found a bug in the earlier authentication overhaul (setting signing flags properly) - but those can be done in followon patches. Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
If we would set SMB2_FLAGS_DFS_OPERATIONS on open we also would have to pass the path on the Open SMB prefixed by \\server\share. Not sure when we would need to do the augmented path (if ever) and setting this flag breaks the SMB2 open operation since it is illegal to send an empty path name (without \\server\share prefix) when the DFS flag is set in the SMB open header. We could consider setting the flag on all operations other than open but it is safer to net set it for now. Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
Dan Carpenter wrote: The patch 7f420cee8bd6: "[CIFS] Charge at least one credit, if server says that it supports multicredit" from Jun 23, 2013, leads to the following Smatch complaint: fs/cifs/smb2pdu.c:120 smb2_hdr_assemble() warn: variable dereferenced before check 'tcon->ses' (see line 115) CC: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Jeff Layton 提交于
The cifs.ko SecurityFlags interface wins my award for worst-designed interface ever, but we're sort of stuck with it since it's documented and people do use it (even if it doesn't work correctly). Case in point -- you can specify multiple sets of "MUST" flags. It makes absolutely no sense, but you can do it. What should the effect be in such a case? No one knows or seems to have considered this so far, so let's define it now. If you try to specify multiple MUST flags, clear any other MAY or MUST bits except for the ones that involve signing. Signed-off-by: NJeff Layton <jlayton@redhat.com> Reviewed-by: NPavel Shilovsky <piastry@etersoft.ru> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
According to MS-SMB2 section 2.2.4: if no blob, client picks default which for us will be ses->sectype = RawNTLMSSP; but for time being this is also our only auth choice so doesn't matter as long as we include this fix (which does not treat the empty SecurityBuffer as an error as the code had been doing). We just found a server which sets blob length to zero expecting raw so this fixes negotiation with that server. Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
This is RH bug 970891 Uppercasing of username during calculation of ntlmv2 hash fails because UniStrupr function does not handle big endian wchars. Also fix a comment in the same code to reflect its correct usage. [To make it easier for stable (rather than require 2nd patch) fixed this patch of Shirish's to remove endian warning generated by sparse -- steve f.] Reported-by: Nsteve <sanpatr1@in.ibm.com> Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com> Cc: <stable@kernel.org> Reviewed-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Jeff Layton 提交于
We've had a long-standing problem with DFS referral points. CIFS servers generally try to make them look like directories in FIND_FIRST/NEXT responses. When you go to try to do a FIND_FIRST on them though, the server will then (correctly) return STATUS_PATH_NOT_COVERED. Mostly this manifests as spurious EREMOTE errors back to userland. This patch attempts to fix this by marking directories that are discovered via FIND_FIRST/NEXT for revaldiation. When the lookup code runs across them again, we'll reissue a QPathInfo against them and that will make it chase the referral properly. There is some performance penalty involved here and no I haven't measured it -- it'll be highly dependent upon the workload and contents of the mounted share. To try and mitigate that though, the code only marks the inode for revalidation when it's possible to run across a DFS referral. i.e.: when the kernel has DFS support built in and the share is "in DFS" [At the Microsoft plugfest we noted that usually the DFS links had the REPARSE attribute tag enabled - DFS junctions are reparse points after all - so I just added a check for that flag too so the performance impact should be smaller - Steve] Signed-off-by: NJeff Layton <jlayton@redhat.com> Reviewed-by: NSachin Prabhu <sprabhu@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
This worker function is needed to send SMB2 fsctl (and ioctl) requests including: validating negotiation info (secure negotiate) querying the servers network interfaces copy offload (refcopy) Followon patches for the above three will use this. This patch also does general validation of the response. In the future, as David Disseldorp notes, for the copychunk ioctl case, we will want to enhance the response processing to allow returning the chunk request limits to the caller (even though the server returns an error, in that case we would return data that the caller could use - see 2.2.32.1). See MS-SMB2 Section 2.2.31 for more details on format of fsctl. Acked-by: NPavel Shilovsky <piastry@etersoft.ru> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
In SMB2.1 and later the server will usually set the large MTU flag, and we need to charge at least one credit, if server says that since it supports multicredit. Windows seems to let us get away with putting a zero there, but they confirmed that it is wrong and the spec says to put one there (if the request is under 64K and the CAP_LARGE_MTU was returned during protocol negotiation by the server. CC: Pavel Shilovsky <piastry@etersoft.ru> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
Cut and paste likely introduced accidentally inserted spurious #define in d60622eb causes no harm but looks weird Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
Acked-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Zhao Hongjiang 提交于
for NUL terminated string, need alway set '\0' in the end. Signed-off-by: NZhao Hongjiang <zhaohongjiang@huawei.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-
- 24 6月, 2013 4 次提交
-
-
由 Steve French 提交于
MS-SMB2 Section 2.2.31 lists fsctls. Update our list of valid cifs/smb2/smb3 fsctls and some related structs based on more recent version of docs. Additional detail on less common ones can be found in MS-FSCC section 2.3. CopyChunk (server side copy, ie refcopy) will depend on a few of these Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
More than 160 fixes since we last bumped the version number of cifs.ko. Update to version 2.01 so it is easier in modinfo to tell that fixes are in. Signed-off-by: NSteve French <smfrench@gmail.com>
-
由 Steve French 提交于
SMB3 protocol adds various optional per-share capabilities (and SMB3.02 adds one more beyond that). Add ability to dump (/proc/fs/cifs/DebugData) the share capabilities and share flags to improve debugging. Signed-off-by: NSteve French <smfrench@gmail.com> Acked-by: NJeff Layton <jlayton@redhat.com>
-
由 Steve French 提交于
A few missing flags from SMB3.0 dialect, one missing from 2.1, and the new #define flags for SMB3.02 Signed-off-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <smfrench@gmail.com>
-