1. 02 10月, 2012 1 次提交
  2. 25 9月, 2012 2 次提交
  3. 23 5月, 2012 1 次提交
    • S
      CIFS: Introduce SMB2 Kconfig option · 675f36fb
      Steve French 提交于
      SMB2 is the followon to the CIFS (and SMB) protocols
      and the default for Windows since Windows Vista, and also
      now implemented by various non-Windows servers. SMB2
      is more secure, has various performance advantages, including
      larger i/o sizes, flow control, better caching model and more.
      SMB2 also resolves some scalability limits in the CIFS
      protocol and adds many new features while being much
      simpler (only a few dozen commands instead of hundreds)
      and since the protocol is clearer it is also more consistently
      implemented across servers and thus easier to optimize.
      
      After much discussion with Jeff Layton, Jeremy Allison
      and others at Connectathon, we decided to move the SMB2
      code from a distinct .ko and fstype into distinct
      C files that optionally build in cifs.ko. As a result
      the Kconfig gets simpler.
      
      To avoid destabilizing CIFS, the SMB2 code is going
      to be moved into its own experimental CONFIG_CIFS_SMB2 ifdef
      as it is merged and rereviewed. The changes to stable
      CIFS (builds with the SMB2 ifdef off) are expected to be
      fairly small.
      Reviewed-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      Signed-off-by: NPavel Shilovsky <piastry@etersoft.ru>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      675f36fb
  4. 01 2月, 2012 1 次提交
  5. 19 1月, 2012 1 次提交
  6. 25 6月, 2011 1 次提交
  7. 07 6月, 2011 1 次提交
  8. 04 6月, 2011 1 次提交
  9. 24 5月, 2011 1 次提交
  10. 19 5月, 2011 3 次提交
    • S
      [CIFS] Use ecb des kernel crypto APIs instead of · 43988d76
      Steve French 提交于
       local cifs functions (repost)
      
      Using kernel crypto APIs for DES encryption during LM and NT hash generation
      instead of local functions within cifs.
      Source file smbdes.c is deleted sans four functions, one of which
      uses ecb des functionality provided by kernel crypto APIs.
      
      Remove function SMBOWFencrypt.
      
      Add return codes to various functions such as calc_lanman_hash,
      SMBencrypt, and SMBNTencrypt.  Includes fix noticed by Dan Carpenter.
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      CC: Dan Carpenter <error27@gmail.com>
      Acked-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      43988d76
    • S
      cifs: cleanup: Rename and remove config flags · 25720873
      Shirish Pargaonkar 提交于
      Remove config flag CIFS_EXPERIMENTAL.
      Do export operations under new config flag CIFS_NFSD_EXPORT
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      Reviewed-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      25720873
    • S
      Introduce SMB2 Kconfig option · b34cb85c
      Steve French 提交于
      SMB2 is the followon to the CIFS (and SMB) protocols
      and the default for Windows since Windows Vista, and also
      now implemented by various non-Windows servers.  SMB2
      is more secure, has various performance advantages, including
      larger i/o sizes, flow control, better caching model and more.
      SMB2 also resolves some scalability limits in the cifs
      protocol and adds many new features while being much
      simpler (only a few dozen commands instead of hundreds)
      and since the protocol is clearer it is
      also more consistently implemented across servers
      and thus easier to optimize.
      
      After much discussion with Jeff Layton, Jeremy Allison
      and others at Connectathon, we decided to move the smb2
      code from a distinct .ko and fstype into distinct
      C files that optionally build in cifs.ko.  As a result
      the Kconfig gets simpler.
      
      To avoid destabilizing cifs, the smb2 code is going
      to be moved into its own experimental CONFIG_CIFS_SMB2 ifdef
      as it is merged and rereviewed.  The changes to stable
      cifs (builds with the smb2 ifdef off) are expected to be
      fairly small.
      Reviewed-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      b34cb85c
  11. 31 1月, 2011 1 次提交
  12. 30 11月, 2010 1 次提交
  13. 14 11月, 2010 1 次提交
    • S
      [CIFS] fs/cifs/Kconfig: CIFS depends on CRYPTO_HMAC · 362d3129
      Steve French 提交于
      linux-2.6.37-rc1: I compiled a kernel with CIFS which subsequently
      failed with an error indicating it couldn't initialize crypto module
      "hmacmd5".  CONFIG_CRYPTO_HMAC=y fixed the problem.
      
      This patch makes CIFS depend on CRYPTO_HMAC in kconfig.
      
      Signed-off-by: Jody Bruchon<jody@nctritech.com>
      CC: Shirish Pargaonkar <shirishp@us.ibm.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      362d3129
  14. 27 10月, 2010 1 次提交
    • S
      NTLM auth and sign - Define crypto hash functions and create and send keys needed for key exchange · d2b91521
      Shirish Pargaonkar 提交于
      Mark dependency on crypto modules in Kconfig.
      
      Defining per structures sdesc and cifs_secmech which are used to store
      crypto hash functions and contexts.  They are stored per smb connection
      and used for all auth mechs to genereate hash values and signatures.
      
      Allocate crypto hashing functions, security descriptiors, and respective
      contexts when a smb/tcp connection is established.
      Release them when a tcp/smb connection is taken down.
      
      md5 and hmac-md5 are two crypto hashing functions that are used
      throught the life of an smb/tcp connection by various functions that
      calcualte signagure and ntlmv2 hash, HMAC etc.
      
      structure ntlmssp_auth is defined as per smb connection.
      
      ntlmssp_auth holds ciphertext which is genereated by rc4/arc4 encryption of
      secondary key, a nonce using ntlmv2 session key and sent in the session key
      field of the type 3 message sent by the client during ntlmssp
      negotiation/exchange
      
      A key is exchanged with the server if client indicates so in flags in
      type 1 messsage and server agrees in flag in type 2 message of ntlmssp
      negotiation.  If both client and agree, a key sent by client in
      type 3 message of ntlmssp negotiation in the session key field.
      The key is a ciphertext generated off of secondary key, a nonce, using
      ntlmv2 hash via rc4/arc4.
      
      Signing works for ntlmssp in this patch. The sequence number within
      the server structure needs to be zero until session is established
      i.e. till type 3 packet of ntlmssp exchange of a to be very first
      smb session on that smb connection is sent.
      Acked-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      d2b91521
  15. 09 9月, 2010 1 次提交
  16. 21 8月, 2010 1 次提交
  17. 06 8月, 2010 1 次提交
    • W
      DNS: Separate out CIFS DNS Resolver code · 1a4240f4
      Wang Lei 提交于
      Separate out the DNS resolver key type from the CIFS filesystem into its own
      module so that it can be made available for general use, including the AFS
      filesystem module.
      
      This facility makes it possible for the kernel to upcall to userspace to have
      it issue DNS requests, package up the replies and present them to the kernel
      in a useful form.  The kernel is then able to cache the DNS replies as keys
      can be retained in keyrings.
      
      Resolver keys are of type "dns_resolver" and have a case-insensitive
      description that is of the form "[<type>:]<domain_name>".  The optional <type>
      indicates the particular DNS lookup and packaging that's required.  The
      <domain_name> is the query to be made.
      
      If <type> isn't given, a basic hostname to IP address lookup is made, and the
      result is stored in the key in the form of a printable string consisting of a
      comma-separated list of IPv4 and IPv6 addresses.
      
      This key type is supported by userspace helpers driven from /sbin/request-key
      and configured through /etc/request-key.conf.  The cifs.upcall utility is
      invoked for UNC path server name to IP address resolution.
      
      The CIFS functionality is encapsulated by the dns_resolve_unc_to_ip() function,
      which is used to resolve a UNC path to an IP address for CIFS filesystem.  This
      part remains in the CIFS module for now.
      
      See the added Documentation/networking/dns_resolver.txt for more information.
      Signed-off-by: NWang Lei <wang840925@gmail.com>
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      Acked-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      1a4240f4
  18. 02 8月, 2010 1 次提交
  19. 23 7月, 2010 1 次提交
    • T
      cifs: use workqueue instead of slow-work · 9b646972
      Tejun Heo 提交于
      Workqueue can now handle high concurrency.  Use system_nrt_wq
      instead of slow-work.
      
      * Updated is_valid_oplock_break() to not call cifs_oplock_break_put()
        as advised by Steve French.  It might cause deadlock.  Instead,
        reference is increased after queueing succeeded and
        cifs_oplock_break() briefly grabs GlobalSMBSeslock before putting
        the cfile to make sure it doesn't put before the matching get is
        finished.
      
      * Anton Blanchard reported that cifs conversion was using now gone
        system_single_wq.  Use system_nrt_wq which provides non-reentrance
        guarantee which is enough and much better.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Acked-by: NSteve French <sfrench@samba.org>
      Cc: Anton Blanchard <anton@samba.org>
      9b646972
  20. 25 9月, 2009 1 次提交
    • J
      cifs: convert oplock breaks to use slow_work facility (try #4) · 3bc303c2
      Jeff Layton 提交于
      This is the fourth respin of the patch to convert oplock breaks to
      use the slow_work facility.
      
      A customer of ours was testing a backport of one of the earlier
      patchsets, and hit a "Busy inodes after umount..." problem. An oplock
      break job had raced with a umount, and the superblock got torn down and
      its memory reused. When the oplock break job tried to dereference the
      inode->i_sb, the kernel oopsed.
      
      This patchset has the oplock break job hold an inode and vfsmount
      reference until the oplock break completes.  With this, there should be
      no need to take a tcon reference (the vfsmount implicitly holds one
      already).
      
      Currently, when an oplock break comes in there's a chance that the
      oplock break job won't occur if the allocation of the oplock_q_entry
      fails. There are also some rather nasty races in the allocation and
      handling these structs.
      
      Rather than allocating oplock queue entries when an oplock break comes
      in, add a few extra fields to the cifsFileInfo struct. Get rid of the
      dedicated cifs_oplock_thread as well and queue the oplock break job to
      the slow_work thread pool.
      
      This approach also has the advantage that the oplock break jobs can
      potentially run in parallel rather than be serialized like they are
      today.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      3bc303c2
  21. 12 3月, 2009 1 次提交
  22. 20 10月, 2008 1 次提交