1. 20 1月, 2011 3 次提交
  2. 15 1月, 2011 1 次提交
    • J
      cifs: add cruid= mount option · bd763319
      Jeff Layton 提交于
      In commit 3e4b3e1f we separated the "uid" mount option such that it
      no longer determined the owner of the credential cache by default. When
      we did this, we added a new option to cifs.upcall (--legacy-uid) to
      try to make it so that it would behave the same was as it did before.
      
      This ignored a rather important point -- the kernel has no way to know
      what options are being passed to cifs.upcall, so it doesn't know what
      uid it should use to determine whether to match an existing krb5 session.
      
      The simplest solution is to simply add a new "cruid=" mount option that
      only governs the uid owner of the credential cache for the mount.
      
      Unfortunately, this means that the --legacy-uid option in cifs.upcall was
      ill-considered and is now useless, but I don't see a better way to deal
      with this.
      
      A patch for the mount.cifs manpage will follow once this patch has been
      accepted.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      bd763319
  3. 10 1月, 2011 2 次提交
  4. 07 1月, 2011 2 次提交
  5. 08 12月, 2010 2 次提交
  6. 07 12月, 2010 1 次提交
  7. 03 12月, 2010 1 次提交
    • S
      cifs: add attribute cache timeout (actimeo) tunable · 6d20e840
      Suresh Jayaraman 提交于
      Currently, the attribute cache timeout for CIFS is hardcoded to 1 second. This
      means that the client might have to issue a QPATHINFO/QFILEINFO call every 1
      second to verify if something has changes, which seems too expensive. On the
      other hand, if the timeout is hardcoded to a higher value, workloads that
      expect strict cache coherency might see unexpected results.
      
      Making attribute cache timeout as a tunable will allow us to make a tradeoff
      between performance and cache metadata correctness depending on the
      application/workload needs.
      
      Add 'actimeo' tunable that can be used to tune the attribute cache timeout.
      The default timeout is set to 1 second. Also, display actimeo option value in
      /proc/mounts.
      
      It appears to me that 'actimeo' and the proposed (but not yet merged)
      'strictcache' option cannot coexist, so care must be taken that we reset the
      other option if one of them is set.
      
      Changes since last post:
         - fix option parsing and handle possible values correcly
      Reviewed-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSuresh Jayaraman <sjayaraman@suse.de>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      6d20e840
  8. 30 11月, 2010 1 次提交
  9. 05 11月, 2010 1 次提交
  10. 03 11月, 2010 2 次提交
    • J
      cifs: convert tlink_tree to a rbtree · b647c35f
      Jeff Layton 提交于
      Radix trees are ideal when you want to track a bunch of pointers and
      can't embed a tracking structure within the target of those pointers.
      The tradeoff is an increase in memory, particularly if the tree is
      sparse.
      
      In CIFS, we use the tlink_tree to track tcon_link structs. A tcon_link
      can never be in more than one tlink_tree, so there's no impediment to
      using a rb_tree here instead of a radix tree.
      
      Convert the new multiuser mount code to use a rb_tree instead. This
      should reduce the memory required to manage the tlink_tree.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      b647c35f
    • J
      cifs: store pointer to master tlink in superblock (try #2) · 413e661c
      Jeff Layton 提交于
      This is the second version of this patch, the only difference between
      it and the first one is that this explicitly makes cifs_sb_master_tlink
      a static inline.
      
      Instead of keeping a tag on the master tlink in the tree, just keep a
      pointer to the master in the superblock. That eliminates the need for
      using the radix tree to look up a tagged entry.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      413e661c
  11. 29 10月, 2010 2 次提交
    • S
      cifs: Cleanup and thus reduce smb session structure and fields used during authentication · d3686d54
      Shirish Pargaonkar 提交于
      Removed following fields from smb session structure
       cryptkey, ntlmv2_hash, tilen, tiblob
      and ntlmssp_auth structure is allocated dynamically only if the auth mech
      in NTLMSSP.
      
      response field within a session_key structure is used to initially store the
      target info (either plucked from type 2 challenge packet in case of NTLMSSP
      or fabricated in case of NTLMv2 without extended security) and then to store
      Message Authentication Key (mak) (session key + client response).
      
      Server challenge or cryptkey needed during a NTLMSSP authentication
      is now part of ntlmssp_auth structure which gets allocated and freed
      once authenticaiton process is done.
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      d3686d54
    • S
      NTLM auth and sign - Use appropriate server challenge · d3ba50b1
      Shirish Pargaonkar 提交于
      Need to have cryptkey or server challenge in smb connection
      (struct TCP_Server_Info) for ntlm and ntlmv2 auth types for which
      cryptkey (Encryption Key) is supplied just once in Negotiate Protocol
      response during an smb connection setup for all the smb sessions over
      that smb connection.
      
      For ntlmssp, cryptkey or server challenge is provided for every
      smb session in type 2 packet of ntlmssp negotiation, the cryptkey
      provided during Negotiation Protocol response before smb connection
      does not count.
      
      Rename cryptKey to cryptkey and related changes.
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      d3ba50b1
  12. 27 10月, 2010 4 次提交
    • S
      NTLM auth and sign - minor error corrections and cleanup · f7c5445a
      Shirish Pargaonkar 提交于
      Minor cleanup - Fix spelling mistake, make meaningful (goto) label
      
      In function setup_ntlmv2_rsp(), do not return 0 and leak memory,
      let the tiblob get freed.
      
      For function find_domain_name(), pass already available nls table pointer
      instead of loading and unloading the table again in this function.
      
      For ntlmv2, the case sensitive password length is the length of the
      response, so subtract session key length (16 bytes) from the .len.
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      f7c5445a
    • S
      NTLM auth and sign - Define crypto hash functions and create and send keys needed for key exchange · d2b91521
      Shirish Pargaonkar 提交于
      Mark dependency on crypto modules in Kconfig.
      
      Defining per structures sdesc and cifs_secmech which are used to store
      crypto hash functions and contexts.  They are stored per smb connection
      and used for all auth mechs to genereate hash values and signatures.
      
      Allocate crypto hashing functions, security descriptiors, and respective
      contexts when a smb/tcp connection is established.
      Release them when a tcp/smb connection is taken down.
      
      md5 and hmac-md5 are two crypto hashing functions that are used
      throught the life of an smb/tcp connection by various functions that
      calcualte signagure and ntlmv2 hash, HMAC etc.
      
      structure ntlmssp_auth is defined as per smb connection.
      
      ntlmssp_auth holds ciphertext which is genereated by rc4/arc4 encryption of
      secondary key, a nonce using ntlmv2 session key and sent in the session key
      field of the type 3 message sent by the client during ntlmssp
      negotiation/exchange
      
      A key is exchanged with the server if client indicates so in flags in
      type 1 messsage and server agrees in flag in type 2 message of ntlmssp
      negotiation.  If both client and agree, a key sent by client in
      type 3 message of ntlmssp negotiation in the session key field.
      The key is a ciphertext generated off of secondary key, a nonce, using
      ntlmv2 hash via rc4/arc4.
      
      Signing works for ntlmssp in this patch. The sequence number within
      the server structure needs to be zero until session is established
      i.e. till type 3 packet of ntlmssp exchange of a to be very first
      smb session on that smb connection is sent.
      Acked-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      d2b91521
    • D
      cifs: cifs_convert_address() returns zero on error · b235f371
      Dan Carpenter 提交于
      The cifs_convert_address() returns zero on error but this caller is
      testing for negative returns.
      
      Btw. "i" is unsigned here, so it's never negative.
      Reviewed-by: NJeff Layton <jlayton@samba.org>
      Signed-off-by: NDan Carpenter <error27@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      b235f371
    • S
      NTLM auth and sign - Allocate session key/client response dynamically · 21e73393
      Shirish Pargaonkar 提交于
      Start calculating auth response within a session.  Move/Add pertinet
      data structures like session key, server challenge and ntlmv2_hash in
      a session structure.  We should do the calculations within a session
      before copying session key and response over to server data
      structures because a session setup can fail.
      
      Only after a very first smb session succeeds, it copy/make its
      session key, session key of smb connection.  This key stays with
      the smb connection throughout its life.
      sequence_number within server is set to 0x2.
      
      The authentication Message Authentication Key (mak) which consists
      of session key followed by client response within structure session_key
      is now dynamic.  Every authentication type allocates the key + response
      sized memory within its session structure and later either assigns or
      frees it once the client response is sent and if session's session key
      becomes connetion's session key.
      
      ntlm/ntlmi authentication functions are rearranged.  A function
      named setup_ntlm_resp(), similar to setup_ntlmv2_resp(), replaces
      function cifs_calculate_session_key().
      
      size of CIFS_SESS_KEY_SIZE is changed to 16, to reflect the byte size
      of the key it holds.
      Reviewed-by: NJeff Layton <jlayton@samba.org>
      Signed-off-by: NShirish Pargaonkar <shirishpargaonkar@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      21e73393
  13. 21 10月, 2010 1 次提交
    • S
      cifs: convert cifs_tcp_ses_lock from a rwlock to a spinlock · 3f9bcca7
      Suresh Jayaraman 提交于
      cifs_tcp_ses_lock is a rwlock with protects the cifs_tcp_ses_list,
      server->smb_ses_list and the ses->tcon_list. It also protects a few
      ref counters in server, ses and tcon. In most cases the critical section
      doesn't seem to be large, in a few cases where it is slightly large, there
      seem to be really no benefit from concurrent access. I briefly considered RCU
      mechanism but it appears to me that there is no real need.
      
      Replace it with a spinlock and get rid of the last rwlock in the cifs code.
      Signed-off-by: NSuresh Jayaraman <sjayaraman@suse.de>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      3f9bcca7
  14. 15 10月, 2010 1 次提交
  15. 08 10月, 2010 4 次提交
    • S
      [CIFS] Remove build warning · d2445556
      Steve French 提交于
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      d2445556
    • J
      cifs: implement recurring workqueue job to prune old tcons · 2de970ff
      Jeff Layton 提交于
      Create a workqueue job that cleans out unused tlinks. For now, it uses
      a hardcoded expire time of 10 minutes. When it's done, the work rearms
      itself. On umount, the work is cancelled before tearing down the tlink
      tree.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      2de970ff
    • J
      cifs: add "multiuser" mount option · 0eb8a132
      Jeff Layton 提交于
      This allows someone to declare a mount as a multiuser mount.
      
      Multiuser mounts also imply "noperm" since we want to allow the server
      to handle permission checking. It also (for now) requires Kerberos
      authentication. Eventually, we could expand this to other authtypes, but
      that requires a scheme to allow per-user credential stashing in some
      form.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      0eb8a132
    • J
      cifs: add routines to build sessions and tcons on the fly · 9d002df4
      Jeff Layton 提交于
      This patch is rather large, but it's a bit difficult to do piecemeal...
      
      For non-multiuser mounts, everything will basically work as it does
      today. A call to cifs_sb_tlink will return the "master" tcon link.
      
      Turn the tcon pointer in the cifs_sb into a radix tree that uses the
      fsuid of the process as a key. The value is a new "tcon_link" struct
      that contains info about a tcon that's under construction.
      
      When a new process needs a tcon, it'll call cifs_sb_tcon. That will
      then look up the tcon_link in the radix tree. If it exists and is
      valid, it's returned.
      
      If it doesn't exist, then we stuff a new tcon_link into the tree and
      mark it as pending and then go and try to build the session/tcon.
      If that works, the tcon pointer in the tcon_link is updated and the
      pending flag is cleared.
      
      If the construction fails, then we set the tcon pointer to an ERR_PTR
      and clear the pending flag.
      
      If the radix tree is searched and the tcon_link is marked pending
      then we go to sleep and wait for the pending flag to be cleared.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      9d002df4
  16. 30 9月, 2010 8 次提交
  17. 15 9月, 2010 1 次提交
    • J
      cifs: fix potential double put of TCP session reference · 460cf341
      Jeff Layton 提交于
      cifs_get_smb_ses must be called on a server pointer on which it holds an
      active reference. It first does a search for an existing SMB session. If
      it finds one, it'll put the server reference and then try to ensure that
      the negprot is done, etc.
      
      If it encounters an error at that point then it'll return an error.
      There's a potential problem here though. When cifs_get_smb_ses returns
      an error, the caller will also put the TCP server reference leading to a
      double-put.
      
      Fix this by having cifs_get_smb_ses only put the server reference if
      it found an existing session that it could use and isn't returning an
      error.
      
      Cc: stable@kernel.org
      Reviewed-by: NSuresh Jayaraman <sjayaraman@suse.de>
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      460cf341
  18. 09 9月, 2010 3 次提交
    • J
      cifs: prevent possible memory corruption in cifs_demultiplex_thread · 32670396
      Jeff Layton 提交于
      cifs_demultiplex_thread sets the addr.sockAddr.sin_port without any
      regard for the socket family. While it may be that the error in question
      here never occurs on an IPv6 socket, it's probably best to be safe and
      set the port properly if it ever does.
      
      Break the port setting code out of cifs_fill_sockaddr and into a new
      function, and call that from cifs_demultiplex_thread.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      32670396
    • J
      cifs: eliminate some more premature cifsd exits · 7332f2a6
      Jeff Layton 提交于
      If the tcpStatus is still CifsNew, the main cifs_demultiplex_loop can
      break out prematurely in some cases. This is wrong as we will almost
      always have other structures with pointers to the TCP_Server_Info. If
      the main loop breaks under any other condition other than tcpStatus ==
      CifsExiting, then it'll face a use-after-free situation.
      
      I don't see any reason to treat a CifsNew tcpStatus differently than
      CifsGood. I believe we'll still want to attempt to reconnect in either
      case. What should happen in those situations is that the MIDs get marked
      as MID_RETRY_NEEDED. This will make CIFSSMBNegotiate return -EAGAIN, and
      then the caller can retry the whole thing on a newly reconnected socket.
      If that fails again in the same way, the caller of cifs_get_smb_ses
      should tear down the TCP_Server_Info struct.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      7332f2a6
    • J
      cifs: prevent cifsd from exiting prematurely · 522bbe65
      Jeff Layton 提交于
      When cifs_demultiplex_thread exits, it does a number of cleanup tasks
      including freeing the TCP_Server_Info struct. Much of the existing code
      in cifs assumes that when there is a cisfSesInfo struct, that it holds a
      reference to a valid TCP_Server_Info struct.
      
      We can never allow cifsd to exit when a cifsSesInfo struct is still
      holding a reference to the server. The server pointers will then point
      to freed memory.
      
      This patch eliminates a couple of questionable conditions where it does
      this.  The idea here is to make an -EINTR return from kernel_recvmsg
      behave the same way as -ERESTARTSYS or -EAGAIN. If the task was
      signalled from cifs_put_tcp_session, then tcpStatus will be CifsExiting,
      and the kernel_recvmsg call will return quickly.
      
      There's also another condition where this can occur too -- if the
      tcpStatus is still in CifsNew, then it will also exit if the server
      closes the socket prematurely.  I think we'll probably also need to fix
      that situation, but that requires a bit more consideration.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      522bbe65