Commit 9f4b9bee authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag '6.1-rc-ksmbd-fixes' of git://git.samba.org/ksmbd 

Pull ksmbd updates from Steve French:

 - RDMA (smbdirect) fixes

 - fixes for SMB3.1.1 POSIX Extensions (especially for id mapping)

 - various casemapping fixes for mount and lookup

 - UID mapping fixes

 - fix confusing error message

 - protocol negotiation fixes, including NTLMSSP fix

 - two encryption fixes

 - directory listing fix

 - some cleanup fixes

* tag '6.1-rc-ksmbd-fixes' of git://git.samba.org/ksmbd: (24 commits)
  ksmbd: validate share name from share config response
  ksmbd: call ib_drain_qp when disconnected
  ksmbd: make utf-8 file name comparison work in __caseless_lookup()
  ksmbd: Fix user namespace mapping
  ksmbd: hide socket error message when ipv6 config is disable
  ksmbd: reduce server smbdirect max send/receive segment sizes
  ksmbd: decrease the number of SMB3 smbdirect server SGEs
  ksmbd: Fix wrong return value and message length check in smb2_ioctl()
  ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob
  ksmbd: fix encryption failure issue for session logoff response
  ksmbd: fix endless loop when encryption for response fails
  ksmbd: fill sids in SMB_FIND_FILE_POSIX_INFO response
  ksmbd: set file permission mode to match Samba server posix extension behavior
  ksmbd: change security id to the one samba used for posix extension
  ksmbd: update documentation
  ksmbd: casefold utf-8 share names and fix ascii lowercase conversion
  ksmbd: port to vfs{g,u}id_t and associated helpers
  ksmbd: fix incorrect handling of iterate_dir
  MAINTAINERS: remove Hyunchul Lee from ksmbd maintainers
  MAINTAINERS: Add Tom Talpey as ksmbd reviewer
  ...
parents 4c861141 f5ba1cda

Documentation/filesystems/cifs/ksmbd.rst

+30 −12
Original line number Diff line number Diff line
@@ -118,26 +118,44 @@ ksmbd/nfsd interoperability Planned for future. The features that ksmbd 
How to run

==========



1. Download ksmbd-tools and compile them.

	- https://github.com/cifsd-team/ksmbd-tools

1. Download ksmbd-tools(https://github.com/cifsd-team/ksmbd-tools/releases) and

   compile them.



2. Create user/password for SMB share.

   - Refer README(https://github.com/cifsd-team/ksmbd-tools/blob/master/README.md)

     to know how to use ksmbd.mountd/adduser/addshare/control utils



	# mkdir /etc/ksmbd/

	# ksmbd.adduser -a <Enter USERNAME for SMB share access>

     $ ./autogen.sh

     $ ./configure --with-rundir=/run

     $ make && sudo make install



3. Create /etc/ksmbd/smb.conf file, add SMB share in smb.conf file

	- Refer smb.conf.example and

          https://github.com/cifsd-team/ksmbd-tools/blob/master/Documentation/configuration.txt

2. Create /usr/local/etc/ksmbd/ksmbd.conf file, add SMB share in ksmbd.conf file.



4. Insert ksmbd.ko module

   - Refer ksmbd.conf.example in ksmbd-utils, See ksmbd.conf manpage

     for details to configure shares.



	# insmod ksmbd.ko

        $ man ksmbd.conf



3. Create user/password for SMB share.



   - See ksmbd.adduser manpage.



     $ man ksmbd.adduser

     $ sudo ksmbd.adduser -a <Enter USERNAME for SMB share access>



4. Insert ksmbd.ko module after build your kernel. No need to load module

   if ksmbd is built into the kernel.



   - Set ksmbd in menuconfig(e.g. $ make menuconfig)

       [*] Network File Systems  --->

           <M> SMB3 server support (EXPERIMENTAL)



	$ sudo modprobe ksmbd.ko



5. Start ksmbd user space daemon

	# ksmbd.mountd



6. Access share from Windows or Linux using CIFS

	$ sudo ksmbd.mountd



6. Access share from Windows or Linux using SMB3 client (cifs.ko or smbclient of samba)



Shutdown KSMBD

==============

MAINTAINERS

+1 −1
Original line number Diff line number Diff line
@@ -11101,8 +11101,8 @@ F: tools/testing/selftests/ 
KERNEL SMB3 SERVER (KSMBD)

M:	Namjae Jeon <linkinjeon@kernel.org>

M:	Steve French <sfrench@samba.org>

M:	Hyunchul Lee <hyc.lee@gmail.com>

R:	Sergey Senozhatsky <senozhatsky@chromium.org>

R:	Tom Talpey <tom@talpey.com>

L:	linux-cifs@vger.kernel.org

S:	Maintained

T:	git git://git.samba.org/ksmbd.git

fs/ksmbd/auth.c

+11 −4
Original line number Diff line number Diff line
@@ -424,6 +424,9 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, 
				   NTLMSSP_NEGOTIATE_56);

	}



	if (cflags & NTLMSSP_NEGOTIATE_SEAL && smb3_encryption_negotiated(conn))

		flags |= NTLMSSP_NEGOTIATE_SEAL;



	if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)

		flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
@@ -984,13 +987,16 @@ int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len, 
	return rc;

}



static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,

static int ksmbd_get_encryption_key(struct ksmbd_work *work, __u64 ses_id,

				    int enc, u8 *key)

{

	struct ksmbd_session *sess;

	u8 *ses_enc_key;



	sess = ksmbd_session_lookup_all(conn, ses_id);

	if (enc)

		sess = work->sess;

	else

		sess = ksmbd_session_lookup_all(work->conn, ses_id);

	if (!sess)

		return -EINVAL;
@@ -1078,9 +1084,10 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec, 
	return sg;

}



int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,

int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,

			unsigned int nvec, int enc)

{

	struct ksmbd_conn *conn = work->conn;

	struct smb2_transform_hdr *tr_hdr = smb2_get_msg(iov[0].iov_base);

	unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;

	int rc;
@@ -1094,7 +1101,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov, 
	unsigned int crypt_len = le32_to_cpu(tr_hdr->OriginalMessageSize);

	struct ksmbd_crypto_ctx *ctx;



	rc = ksmbd_get_encryption_key(conn,

	rc = ksmbd_get_encryption_key(work,

				      le64_to_cpu(tr_hdr->SessionId),

				      enc,

				      key);

fs/ksmbd/auth.h

+2 −1
Original line number Diff line number Diff line
@@ -33,9 +33,10 @@ 


struct ksmbd_session;

struct ksmbd_conn;

struct ksmbd_work;

struct kvec;



int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,

int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,

			unsigned int nvec, int enc);

void ksmbd_copy_gss_neg_header(void *buf);

int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess,

fs/ksmbd/connection.c

+8 −0
Original line number Diff line number Diff line
@@ -60,6 +60,12 @@ struct ksmbd_conn *ksmbd_conn_alloc(void) 
	conn->local_nls = load_nls("utf8");

	if (!conn->local_nls)

		conn->local_nls = load_nls_default();

	if (IS_ENABLED(CONFIG_UNICODE))

		conn->um = utf8_load(UNICODE_AGE(12, 1, 0));

	else

		conn->um = ERR_PTR(-EOPNOTSUPP);

	if (IS_ERR(conn->um))

		conn->um = NULL;

	atomic_set(&conn->req_running, 0);

	atomic_set(&conn->r_count, 0);

	conn->total_credits = 1;
@@ -350,6 +356,8 @@ int ksmbd_conn_handler_loop(void *p) 
	wait_event(conn->r_count_q, atomic_read(&conn->r_count) == 0);





	if (IS_ENABLED(CONFIG_UNICODE))

		utf8_unload(conn->um);

	unload_nls(conn->local_nls);

	if (default_conn_ops.terminate_fn)

		default_conn_ops.terminate_fn(conn);