Commit 1e16624d authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag '5.14-rc-smb3-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6 

Pull cifs fixes from Steve French:
 "13 cifs/smb3 fixes. Most are to address minor issues pointed out by
  Coverity.

  Also includes a packet signing enhancement and mount improvement"

* tag '5.14-rc-smb3-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: update internal version number
  cifs: prevent NULL deref in cifs_compose_mount_options()
  SMB3.1.1: Add support for negotiating signing algorithm
  cifs: use helpers when parsing uid/gid mount options and validate them
  CIFS: Clarify SMB1 code for POSIX Lock
  CIFS: Clarify SMB1 code for rename open file
  CIFS: Clarify SMB1 code for delete
  CIFS: Clarify SMB1 code for SetFileSize
  smb3: fix typo in header file
  CIFS: Clarify SMB1 code for UnixSetPathInfo
  CIFS: Clarify SMB1 code for UnixCreateSymLink
  cifs: clarify SMB1 code for UnixCreateHardLink
  cifs: make locking consistent around the server session status
parents 67d8d365 4d069f60

fs/cifs/cifs_dfs_ref.c

+3 −0
Original line number Original line Diff line number Diff line
@@ -151,6 +151,9 @@ char *cifs_compose_mount_options(const char *sb_mountdata, 
		return ERR_PTR(-EINVAL);

		return ERR_PTR(-EINVAL);





	if (ref) {

	if (ref) {

		if (WARN_ON_ONCE(!ref->node_name || ref->path_consumed < 0))

			return ERR_PTR(-EINVAL);



		if (strlen(fullpath) - ref->path_consumed) {

		if (strlen(fullpath) - ref->path_consumed) {

			prepath = fullpath + ref->path_consumed;

			prepath = fullpath + ref->path_consumed;

			/* skip initial delimiter */

			/* skip initial delimiter */

fs/cifs/cifsfs.c

+4 −0
Original line number Original line Diff line number Diff line
@@ -65,6 +65,7 @@ bool lookupCacheEnabled = true; 
bool disable_legacy_dialects; /* false by default */

bool disable_legacy_dialects; /* false by default */

bool enable_gcm_256 = true;

bool enable_gcm_256 = true;

bool require_gcm_256; /* false by default */

bool require_gcm_256; /* false by default */

bool enable_negotiate_signing; /* false by default */

unsigned int global_secflags = CIFSSEC_DEF;

unsigned int global_secflags = CIFSSEC_DEF;

/* unsigned int ntlmv2_support = 0; */

/* unsigned int ntlmv2_support = 0; */

unsigned int sign_CIFS_PDUs = 1;

unsigned int sign_CIFS_PDUs = 1;
@@ -104,6 +105,9 @@ MODULE_PARM_DESC(enable_gcm_256, "Enable requesting strongest (256 bit) GCM encr 
module_param(require_gcm_256, bool, 0644);

module_param(require_gcm_256, bool, 0644);

MODULE_PARM_DESC(require_gcm_256, "Require strongest (256 bit) GCM encryption. Default: n/N/0");

MODULE_PARM_DESC(require_gcm_256, "Require strongest (256 bit) GCM encryption. Default: n/N/0");





module_param(enable_negotiate_signing, bool, 0644);

MODULE_PARM_DESC(enable_negotiate_signing, "Enable negotiating packet signing algorithm with server. Default: n/N/0");



module_param(disable_legacy_dialects, bool, 0644);

module_param(disable_legacy_dialects, bool, 0644);

MODULE_PARM_DESC(disable_legacy_dialects, "To improve security it may be "

MODULE_PARM_DESC(disable_legacy_dialects, "To improve security it may be "

				  "helpful to restrict the ability to "

				  "helpful to restrict the ability to "

fs/cifs/cifsfs.h

+1 −1
Original line number Original line Diff line number Diff line
@@ -153,5 +153,5 @@ extern struct dentry *cifs_smb3_do_mount(struct file_system_type *fs_type, 
extern const struct export_operations cifs_export_ops;

extern const struct export_operations cifs_export_ops;

#endif /* CONFIG_CIFS_NFSD_EXPORT */

#endif /* CONFIG_CIFS_NFSD_EXPORT */





#define CIFS_VERSION   "2.32"

#define CIFS_VERSION   "2.33"

#endif				/* _CIFSFS_H */
 
#endif				/* _CIFSFS_H */

fs/cifs/cifsglob.h

+5 −1
Original line number Original line Diff line number Diff line
@@ -577,6 +577,7 @@ struct TCP_Server_Info { 
	char server_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL];

	char server_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL];

	struct smb_version_operations	*ops;

	struct smb_version_operations	*ops;

	struct smb_version_values	*vals;

	struct smb_version_values	*vals;

	/* updates to tcpStatus protected by GlobalMid_Lock */

	enum statusEnum tcpStatus; /* what we think the status is */

	enum statusEnum tcpStatus; /* what we think the status is */

	char *hostname; /* hostname portion of UNC string */

	char *hostname; /* hostname portion of UNC string */

	struct socket *ssocket;

	struct socket *ssocket;
@@ -666,9 +667,11 @@ struct TCP_Server_Info { 
	unsigned int	max_write;

	unsigned int	max_write;

	unsigned int	min_offload;

	unsigned int	min_offload;

	__le16	compress_algorithm;

	__le16	compress_algorithm;

	__u16	signing_algorithm;

	__le16	cipher_type;

	__le16	cipher_type;

	 /* save initital negprot hash */

	 /* save initital negprot hash */

	__u8	preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE];

	__u8	preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE];

	bool	signing_negotiated; /* true if valid signing context rcvd from server */

	bool	posix_ext_supported;

	bool	posix_ext_supported;

	struct delayed_work reconnect; /* reconnect workqueue job */

	struct delayed_work reconnect; /* reconnect workqueue job */

	struct mutex reconnect_mutex; /* prevent simultaneous reconnects */

	struct mutex reconnect_mutex; /* prevent simultaneous reconnects */
@@ -1785,7 +1788,7 @@ require use of the stronger protocol */ 
 *	list operations on pending_mid_q and oplockQ

 *	list operations on pending_mid_q and oplockQ

 *      updates to XID counters, multiplex id  and SMB sequence numbers

 *      updates to XID counters, multiplex id  and SMB sequence numbers

 *      list operations on global DnotifyReqList

 *      list operations on global DnotifyReqList

 *      updates to ses->status

 *      updates to ses->status and TCP_Server_Info->tcpStatus

 *      updates to server->CurrentMid

 *      updates to server->CurrentMid

 *  tcp_ses_lock protects:

 *  tcp_ses_lock protects:

 *	list operations on tcp and SMB session lists

 *	list operations on tcp and SMB session lists
@@ -1868,6 +1871,7 @@ extern unsigned int global_secflags; /* if on, session setup sent 
extern unsigned int sign_CIFS_PDUs;  /* enable smb packet signing */

extern unsigned int sign_CIFS_PDUs;  /* enable smb packet signing */

extern bool enable_gcm_256; /* allow optional negotiate of strongest signing (aes-gcm-256) */

extern bool enable_gcm_256; /* allow optional negotiate of strongest signing (aes-gcm-256) */

extern bool require_gcm_256; /* require use of strongest signing (aes-gcm-256) */

extern bool require_gcm_256; /* require use of strongest signing (aes-gcm-256) */

extern bool enable_negotiate_signing; /* request use of faster (GMAC) signing if available */

extern bool linuxExtEnabled;/*enable Linux/Unix CIFS extensions*/

extern bool linuxExtEnabled;/*enable Linux/Unix CIFS extensions*/

extern unsigned int CIFSMaxBufSize;  /* max size not including hdr */

extern unsigned int CIFSMaxBufSize;  /* max size not including hdr */

extern unsigned int cifs_min_rcv;    /* min size of big ntwrk buf pool */

extern unsigned int cifs_min_rcv;    /* min size of big ntwrk buf pool */

fs/cifs/cifspdu.h

+1 −0
Original line number Original line Diff line number Diff line
@@ -1785,6 +1785,7 @@ struct smb_com_transaction2_sfi_req { 
	__u16 Fid;

	__u16 Fid;

	__le16 InformationLevel;

	__le16 InformationLevel;

	__u16 Reserved4;

	__u16 Reserved4;

	__u8  payload[];

} __attribute__((packed));

} __attribute__((packed));





struct smb_com_transaction2_sfi_rsp {

struct smb_com_transaction2_sfi_rsp {