1. 14 11月, 2007 1 次提交
    • S
      [CIFS] Fix buffer overflow if server sends corrupt response to small · 133672ef
      Steve French 提交于
      request
      
      In SendReceive() function in transport.c - it memcpy's
      message payload into a buffer passed via out_buf param. The function
      assumes that all buffers are of size (CIFSMaxBufSize +
      MAX_CIFS_HDR_SIZE) , unfortunately it is also called with smaller
      (MAX_CIFS_SMALL_BUFFER_SIZE) buffers.  There are eight callers
      (SMB worker functions) which are primarily affected by this change:
      
      TreeDisconnect, uLogoff, Close, findClose, SetFileSize, SetFileTimes,
      Lock and PosixLock
      
      CC: Dave Kleikamp <shaggy@austin.ibm.com>
      CC: Przemyslaw Wegrzyn <czajnik@czajsoft.pl>
      Acked-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      133672ef
  2. 13 11月, 2007 1 次提交
  3. 10 11月, 2007 1 次提交
    • J
      [CIFS] fix oops on second mount to same server when null auth is used · 9b8f5f57
      Jeff Layton 提交于
      When a share is mounted using no username, cifs_mount sets
      volume_info.username as a NULL pointer, and the sesInfo userName as an
      empty string. The volume_info.username is passed to a couple of other
      functions to see if there is an existing unc or tcp connection that can
      be used. These functions assume that the username will be a valid
      string that can be passed to strncmp. If the pointer is NULL, then the
      kernel will oops if there's an existing session to which the string
      can be compared.
      
      This patch changes cifs_mount to set volume_info.username to an empty
      string in this situation, which prevents the oops and should make it
      so that the comparison to other null auth sessions match.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      9b8f5f57
  4. 02 11月, 2007 1 次提交
  5. 20 10月, 2007 1 次提交
  6. 18 10月, 2007 1 次提交
    • S
      [CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_thread · c18c732e
      Steve French 提交于
      When kernel_recvmsg returns -EAGAIN or -ERESTARTSYS, then
      cifs_demultiplex_thread sleeps for a bit and then tries the read again.
      When it does this, it's not zeroing out the length and that throws off
      the value of total_read. Fix it to zero out the length.
      
      Can cause memory corruption:
      If kernel_recvmsg returns an error and total_read is a large enough
      value, then we'll end up going through the loop again. total_read will
      be a bogus value, as will (pdu_length-total_read). When this happens we
      end up calling kernel_recvmsg with a bogus value (possibly larger than
      the current iov_len).
      
      At that point, memcpy_toiovec can overrun iov. It will start walking
      up the stack, casting other things that are there to struct iovecs
      (since it assumes that it's been passed an array of them). Any pointer
      on the stack at an address above the kvec is a candidate for corruption
      here.
      
      Many thanks to Ulrich Obergfell for pointing this out.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      c18c732e
  7. 17 10月, 2007 1 次提交
  8. 05 10月, 2007 1 次提交
    • S
      [CIFS] Fix cifsd so shuts down when signing fails during mount · a013689d
      Steve French 提交于
      Fixes two problems:
      1) we dropped down to negotiating lanman if we did not recognize the
      mechanism (krb5 e.g.)
      2) we did not stop cifsd (thus will fail when doing rmod cifs with
      slab free errors) when we fail tcon but have a bad session (which is
      the case in which signing is required but we don't allow signing on
      the client)
      
      It also turns on extended security flag in the header when passing
      "sec=krb5" on mount command (although kerberos support is not done of
      course)
      Acked-by: NJeff Layton <jlayton@redhat.com>
      CC: Shaggy <shaggy@us.ibm.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      a013689d
  9. 04 10月, 2007 1 次提交
  10. 29 9月, 2007 1 次提交
  11. 25 9月, 2007 1 次提交
  12. 20 9月, 2007 2 次提交
  13. 15 9月, 2007 2 次提交
  14. 31 8月, 2007 3 次提交
  15. 19 7月, 2007 1 次提交
  16. 18 7月, 2007 2 次提交
    • S
      63135e08
    • R
      Freezer: make kernel threads nonfreezable by default · 83144186
      Rafael J. Wysocki 提交于
      Currently, the freezer treats all tasks as freezable, except for the kernel
      threads that explicitly set the PF_NOFREEZE flag for themselves.  This
      approach is problematic, since it requires every kernel thread to either
      set PF_NOFREEZE explicitly, or call try_to_freeze(), even if it doesn't
      care for the freezing of tasks at all.
      
      It seems better to only require the kernel threads that want to or need to
      be frozen to use some freezer-related code and to remove any
      freezer-related code from the other (nonfreezable) kernel threads, which is
      done in this patch.
      
      The patch causes all kernel threads to be nonfreezable by default (ie.  to
      have PF_NOFREEZE set by default) and introduces the set_freezable()
      function that should be called by the freezable kernel threads in order to
      unset PF_NOFREEZE.  It also makes all of the currently freezable kernel
      threads call set_freezable(), so it shouldn't cause any (intentional)
      change of behaviour to appear.  Additionally, it updates documentation to
      describe the freezing of tasks more accurately.
      
      [akpm@linux-foundation.org: build fixes]
      Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl>
      Acked-by: NNigel Cunningham <nigel@nigel.suspend2.net>
      Cc: Pavel Machek <pavel@ucw.cz>
      Cc: Oleg Nesterov <oleg@tv-sign.ru>
      Cc: Gautham R Shenoy <ego@in.ibm.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      83144186
  17. 13 7月, 2007 1 次提交
  18. 10 7月, 2007 1 次提交
  19. 09 7月, 2007 1 次提交
  20. 28 6月, 2007 1 次提交
  21. 26 6月, 2007 1 次提交
  22. 25 6月, 2007 1 次提交
  23. 24 5月, 2007 1 次提交
  24. 23 5月, 2007 1 次提交
  25. 05 5月, 2007 1 次提交
    • J
      [CIFS] Make sec=none force an anonymous mount · 8426c39c
      Jeff Layton 提交于
      We had a customer report that attempting to make CIFS mount with a null
      username (i.e. doing an anonymous mount) doesn't work. Looking through the
      code, it looks like CIFS expects a NULL username from userspace in order
      to trigger an anonymous mount. The mount.cifs code doesn't seem to ever
      pass a null username to the kernel, however.
      
      It looks also like the kernel can take a sec=none option, but it only seems
      to look at it if the username is already NULL. This seems redundant and
      effectively makes sec=none useless.
      
      The following patch makes sec=none force an anonymous mount.
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      8426c39c
  26. 03 5月, 2007 1 次提交
  27. 01 5月, 2007 1 次提交
    • S
      [CIFS] UID/GID override on CIFS mounts to Samba · 4523cc30
      Steve French 提交于
      When CIFS Unix Extensions are negotiated we get the Unix uid and gid
      owners of the file from the server (on the Unix Query Path Info
      levels), but if the server's uids don't match the client uid's users
      were having to disable the Unix Extensions (which turned off features
      they still wanted).   The changeset patch allows users to override uid
      and/or gid for file/directory owner with a default uid and/or gid
      specified at mount (as is often done when mounting from Linux cifs
      client to Windows server).  This changeset also displays the uid
      and gid used by default in /proc/mounts (if applicable).
      
      Also cleans up code by adding some of the missing spaces after
      "if" keywords per-kernel style guidelines (as suggested by Randy Dunlap
      when he reviewed the patch).
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      4523cc30
  28. 27 4月, 2007 1 次提交
  29. 25 4月, 2007 1 次提交
    • S
      [CIFS] Add IPv6 support · 5858ae44
      Steve French 提交于
      IPv6 support was started a few years ago in the cifs client, but lacked a
      kernel helper function for parsing the ascii form of the ipv6 address. Now
      that that is added (and now IPv6 is the default that some OS use now) it
      was fairly easy to finish  the cifs ipv6 support.  This  requires that
      CIFS_EXPERIMENTAL be enabled and (at least until the mount.cifs module is
      modified to use a new ipv6 friendly call instead of gethostbyname) and the
      ipv6 address be passed on the mount as "ip=" mount option.
      
      Thanks
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      5858ae44
  30. 04 4月, 2007 1 次提交
  31. 14 2月, 2007 1 次提交
  32. 08 12月, 2006 1 次提交
  33. 31 10月, 2006 1 次提交
  34. 13 10月, 2006 1 次提交
  35. 02 10月, 2006 1 次提交