Commit bf9f243f authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag '5.15-rc-ksmbd-part2' of git://git.samba.org/ksmbd 

Pull ksmbd fixes from Steve French:

 - various fixes pointed out by coverity, and a minor cleanup patch

 - id mapping and ownership fixes

 - an smbdirect fix

* tag '5.15-rc-ksmbd-part2' of git://git.samba.org/ksmbd:
  ksmbd: fix control flow issues in sid_to_id()
  ksmbd: fix read of uninitialized variable ret in set_file_basic_info
  ksmbd: add missing assignments to ret on ndr_read_int64 read calls
  ksmbd: add validation for ndr read/write functions
  ksmbd: remove unused ksmbd_file_table_flush function
  ksmbd: smbd: fix dma mapping error in smb_direct_post_send_data
  ksmbd: Reduce error log 'speed is unknown' to debug
  ksmbd: defer notify_change() call
  ksmbd: remove setattr preparations in set_file_basic_info()
  ksmbd: ensure error is surfaced in set_file_basic_info()
  ndr: fix translation in ndr_encode_posix_acl()
  ksmbd: fix translation in sid_to_id()
  ksmbd: fix subauth 0 handling in sid_to_id()
  ksmbd: fix translation in acl entries
  ksmbd: fix translation in ksmbd_acls_fattr()
  ksmbd: fix translation in create_posix_rsp_buf()
  ksmbd: fix translation in smb2_populate_readdir_entry()
  ksmbd: fix lookup on idmapped mounts
parents 8dde2086 4cf0ccd0

fs/ksmbd/ndr.c

+274 −109
Original line number Diff line number Diff line
@@ -28,37 +28,60 @@ static int try_to_realloc_ndr_blob(struct ndr *n, size_t sz) 
	return 0;

}



static void ndr_write_int16(struct ndr *n, __u16 value)

static int ndr_write_int16(struct ndr *n, __u16 value)

{

	if (n->length <= n->offset + sizeof(value))

		try_to_realloc_ndr_blob(n, sizeof(value));

	if (n->length <= n->offset + sizeof(value)) {

		int ret;



		ret = try_to_realloc_ndr_blob(n, sizeof(value));

		if (ret)

			return ret;

	}



	*(__le16 *)ndr_get_field(n) = cpu_to_le16(value);

	n->offset += sizeof(value);

	return 0;

}



static void ndr_write_int32(struct ndr *n, __u32 value)

static int ndr_write_int32(struct ndr *n, __u32 value)

{

	if (n->length <= n->offset + sizeof(value))

		try_to_realloc_ndr_blob(n, sizeof(value));

	if (n->length <= n->offset + sizeof(value)) {

		int ret;



		ret = try_to_realloc_ndr_blob(n, sizeof(value));

		if (ret)

			return ret;

	}



	*(__le32 *)ndr_get_field(n) = cpu_to_le32(value);

	n->offset += sizeof(value);

	return 0;

}



static void ndr_write_int64(struct ndr *n, __u64 value)

static int ndr_write_int64(struct ndr *n, __u64 value)

{

	if (n->length <= n->offset + sizeof(value))

		try_to_realloc_ndr_blob(n, sizeof(value));

	if (n->length <= n->offset + sizeof(value)) {

		int ret;



		ret = try_to_realloc_ndr_blob(n, sizeof(value));

		if (ret)

			return ret;

	}



	*(__le64 *)ndr_get_field(n) = cpu_to_le64(value);

	n->offset += sizeof(value);

	return 0;

}



static int ndr_write_bytes(struct ndr *n, void *value, size_t sz)

{

	if (n->length <= n->offset + sz)

		try_to_realloc_ndr_blob(n, sz);

	if (n->length <= n->offset + sz) {

		int ret;



		ret = try_to_realloc_ndr_blob(n, sz);

		if (ret)

			return ret;

	}



	memcpy(ndr_get_field(n), value, sz);

	n->offset += sz;
@@ -70,8 +93,13 @@ static int ndr_write_string(struct ndr *n, char *value) 
	size_t sz;



	sz = strlen(value) + 1;

	if (n->length <= n->offset + sz)

		try_to_realloc_ndr_blob(n, sz);

	if (n->length <= n->offset + sz) {

		int ret;



		ret = try_to_realloc_ndr_blob(n, sz);

		if (ret)

			return ret;

	}



	memcpy(ndr_get_field(n), value, sz);

	n->offset += sz;
@@ -81,8 +109,13 @@ static int ndr_write_string(struct ndr *n, char *value) 


static int ndr_read_string(struct ndr *n, void *value, size_t sz)

{

	int len = strnlen(ndr_get_field(n), sz);

	int len;



	if (n->offset + sz > n->length)

		return -EINVAL;



	len = strnlen(ndr_get_field(n), sz);

	if (value)

		memcpy(value, ndr_get_field(n), len);

	len++;

	n->offset += len;
@@ -92,41 +125,52 @@ static int ndr_read_string(struct ndr *n, void *value, size_t sz) 


static int ndr_read_bytes(struct ndr *n, void *value, size_t sz)

{

	if (n->offset + sz > n->length)

		return -EINVAL;



	if (value)

		memcpy(value, ndr_get_field(n), sz);

	n->offset += sz;

	return 0;

}



static __u16 ndr_read_int16(struct ndr *n)

static int ndr_read_int16(struct ndr *n, __u16 *value)

{

	__u16 ret;

	if (n->offset + sizeof(__u16) > n->length)

		return -EINVAL;



	ret = le16_to_cpu(*(__le16 *)ndr_get_field(n));

	if (value)

		*value = le16_to_cpu(*(__le16 *)ndr_get_field(n));

	n->offset += sizeof(__u16);

	return ret;

	return 0;

}



static __u32 ndr_read_int32(struct ndr *n)

static int ndr_read_int32(struct ndr *n, __u32 *value)

{

	__u32 ret;

	if (n->offset + sizeof(__u32) > n->length)

		return 0;



	ret = le32_to_cpu(*(__le32 *)ndr_get_field(n));

	if (value)

		*value = le32_to_cpu(*(__le32 *)ndr_get_field(n));

	n->offset += sizeof(__u32);

	return ret;

	return 0;

}



static __u64 ndr_read_int64(struct ndr *n)

static int ndr_read_int64(struct ndr *n, __u64 *value)

{

	__u64 ret;

	if (n->offset + sizeof(__u64) > n->length)

		return -EINVAL;



	ret = le64_to_cpu(*(__le64 *)ndr_get_field(n));

	if (value)

		*value = le64_to_cpu(*(__le64 *)ndr_get_field(n));

	n->offset += sizeof(__u64);

	return ret;

	return 0;

}



int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)

{

	char hex_attr[12] = {0};

	int ret;



	n->offset = 0;

	n->length = 1024;
@@ -136,97 +180,161 @@ int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da) 


	if (da->version == 3) {

		snprintf(hex_attr, 10, "0x%x", da->attr);

		ndr_write_string(n, hex_attr);

		ret = ndr_write_string(n, hex_attr);

	} else {

		ndr_write_string(n, "");

		ret = ndr_write_string(n, "");

	}

	ndr_write_int16(n, da->version);

	ndr_write_int32(n, da->version);

	if (ret)

		return ret;



	ret = ndr_write_int16(n, da->version);

	if (ret)

		return ret;



	ret = ndr_write_int32(n, da->version);

	if (ret)

		return ret;



	ret = ndr_write_int32(n, da->flags);

	if (ret)

		return ret;



	ret = ndr_write_int32(n, da->attr);

	if (ret)

		return ret;



	ndr_write_int32(n, da->flags);

	ndr_write_int32(n, da->attr);

	if (da->version == 3) {

		ndr_write_int32(n, da->ea_size);

		ndr_write_int64(n, da->size);

		ndr_write_int64(n, da->alloc_size);

		ret = ndr_write_int32(n, da->ea_size);

		if (ret)

			return ret;

		ret = ndr_write_int64(n, da->size);

		if (ret)

			return ret;

		ret = ndr_write_int64(n, da->alloc_size);

	} else {

		ndr_write_int64(n, da->itime);

		ret = ndr_write_int64(n, da->itime);

	}

	ndr_write_int64(n, da->create_time);

	if (ret)

		return ret;



	ret = ndr_write_int64(n, da->create_time);

	if (ret)

		return ret;



	if (da->version == 3)

		ndr_write_int64(n, da->change_time);

	return 0;

		ret = ndr_write_int64(n, da->change_time);

	return ret;

}



int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)

{

	char *hex_attr;

	int version2;



	hex_attr = kzalloc(n->length, GFP_KERNEL);

	if (!hex_attr)

		return -ENOMEM;

	char hex_attr[12];

	unsigned int version2;

	int ret;



	n->offset = 0;

	ndr_read_string(n, hex_attr, n->length);

	kfree(hex_attr);

	da->version = ndr_read_int16(n);

	ret = ndr_read_string(n, hex_attr, sizeof(hex_attr));

	if (ret)

		return ret;



	ret = ndr_read_int16(n, &da->version);

	if (ret)

		return ret;



	if (da->version != 3 && da->version != 4) {

		pr_err("v%d version is not supported\n", da->version);

		return -EINVAL;

	}



	version2 = ndr_read_int32(n);

	ret = ndr_read_int32(n, &version2);

	if (ret)

		return ret;



	if (da->version != version2) {

		pr_err("ndr version mismatched(version: %d, version2: %d)\n",

		       da->version, version2);

		return -EINVAL;

	}



	ndr_read_int32(n);

	da->attr = ndr_read_int32(n);

	ret = ndr_read_int32(n, NULL);

	if (ret)

		return ret;



	ret = ndr_read_int32(n, &da->attr);

	if (ret)

		return ret;



	if (da->version == 4) {

		da->itime = ndr_read_int64(n);

		da->create_time = ndr_read_int64(n);

		ret = ndr_read_int64(n, &da->itime);

		if (ret)

			return ret;



		ret = ndr_read_int64(n, &da->create_time);

	} else {

		ndr_read_int32(n);

		ndr_read_int64(n);

		ndr_read_int64(n);

		da->create_time = ndr_read_int64(n);

		ndr_read_int64(n);

		ret = ndr_read_int32(n, NULL);

		if (ret)

			return ret;



		ret = ndr_read_int64(n, NULL);

		if (ret)

			return ret;



		ret = ndr_read_int64(n, NULL);

		if (ret)

			return ret;



		ret = ndr_read_int64(n, &da->create_time);

		if (ret)

			return ret;



		ret = ndr_read_int64(n, NULL);

	}



	return 0;

	return ret;

}



static int ndr_encode_posix_acl_entry(struct ndr *n, struct xattr_smb_acl *acl)

{

	int i;

	int i, ret;



	ret = ndr_write_int32(n, acl->count);

	if (ret)

		return ret;



	ndr_write_int32(n, acl->count);

	n->offset = ALIGN(n->offset, 8);

	ndr_write_int32(n, acl->count);

	ndr_write_int32(n, 0);

	ret = ndr_write_int32(n, acl->count);

	if (ret)

		return ret;



	ret = ndr_write_int32(n, 0);

	if (ret)

		return ret;



	for (i = 0; i < acl->count; i++) {

		n->offset = ALIGN(n->offset, 8);

		ndr_write_int16(n, acl->entries[i].type);

		ndr_write_int16(n, acl->entries[i].type);

		ret = ndr_write_int16(n, acl->entries[i].type);

		if (ret)

			return ret;



		ret = ndr_write_int16(n, acl->entries[i].type);

		if (ret)

			return ret;



		if (acl->entries[i].type == SMB_ACL_USER) {

			n->offset = ALIGN(n->offset, 8);

			ndr_write_int64(n, acl->entries[i].uid);

			ret = ndr_write_int64(n, acl->entries[i].uid);

		} else if (acl->entries[i].type == SMB_ACL_GROUP) {

			n->offset = ALIGN(n->offset, 8);

			ndr_write_int64(n, acl->entries[i].gid);

			ret = ndr_write_int64(n, acl->entries[i].gid);

		}

		if (ret)

			return ret;



		/* push permission */

		ndr_write_int32(n, acl->entries[i].perm);

		ret = ndr_write_int32(n, acl->entries[i].perm);

	}



	return 0;

	return ret;

}



int ndr_encode_posix_acl(struct ndr *n,
@@ -235,7 +343,8 @@ int ndr_encode_posix_acl(struct ndr *n, 
			 struct xattr_smb_acl *acl,

			 struct xattr_smb_acl *def_acl)

{

	int ref_id = 0x00020000;

	unsigned int ref_id = 0x00020000;

	int ret;



	n->offset = 0;

	n->length = 1024;
@@ -245,35 +354,46 @@ int ndr_encode_posix_acl(struct ndr *n, 


	if (acl) {

		/* ACL ACCESS */

		ndr_write_int32(n, ref_id);

		ret = ndr_write_int32(n, ref_id);

		ref_id += 4;

	} else {

		ndr_write_int32(n, 0);

		ret = ndr_write_int32(n, 0);

	}

	if (ret)

		return ret;



	if (def_acl) {

		/* DEFAULT ACL ACCESS */

		ndr_write_int32(n, ref_id);

		ret = ndr_write_int32(n, ref_id);

		ref_id += 4;

	} else {

		ndr_write_int32(n, 0);

		ret = ndr_write_int32(n, 0);

	}

	if (ret)

		return ret;



	ndr_write_int64(n, from_kuid(user_ns, inode->i_uid));

	ndr_write_int64(n, from_kgid(user_ns, inode->i_gid));

	ndr_write_int32(n, inode->i_mode);

	ret = ndr_write_int64(n, from_kuid(&init_user_ns, i_uid_into_mnt(user_ns, inode)));

	if (ret)

		return ret;

	ret = ndr_write_int64(n, from_kgid(&init_user_ns, i_gid_into_mnt(user_ns, inode)));

	if (ret)

		return ret;

	ret = ndr_write_int32(n, inode->i_mode);

	if (ret)

		return ret;



	if (acl) {

		ndr_encode_posix_acl_entry(n, acl);

		if (def_acl)

			ndr_encode_posix_acl_entry(n, def_acl);

		ret = ndr_encode_posix_acl_entry(n, acl);

		if (def_acl && !ret)

			ret = ndr_encode_posix_acl_entry(n, def_acl);

	}

	return 0;

	return ret;

}



int ndr_encode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)

{

	int ref_id = 0x00020004;

	unsigned int ref_id = 0x00020004;

	int ret;



	n->offset = 0;

	n->length = 2048;
@@ -281,36 +401,65 @@ int ndr_encode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl) 
	if (!n->data)

		return -ENOMEM;



	ndr_write_int16(n, acl->version);

	ndr_write_int32(n, acl->version);

	ndr_write_int16(n, 2);

	ndr_write_int32(n, ref_id);

	ret = ndr_write_int16(n, acl->version);

	if (ret)

		return ret;



	ret = ndr_write_int32(n, acl->version);

	if (ret)

		return ret;



	ret = ndr_write_int16(n, 2);

	if (ret)

		return ret;



	ret = ndr_write_int32(n, ref_id);

	if (ret)

		return ret;



	/* push hash type and hash 64bytes */

	ndr_write_int16(n, acl->hash_type);

	ndr_write_bytes(n, acl->hash, XATTR_SD_HASH_SIZE);

	ndr_write_bytes(n, acl->desc, acl->desc_len);

	ndr_write_int64(n, acl->current_time);

	ndr_write_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE);

	ret = ndr_write_int16(n, acl->hash_type);

	if (ret)

		return ret;



	/* push ndr for security descriptor */

	ndr_write_bytes(n, acl->sd_buf, acl->sd_size);

	ret = ndr_write_bytes(n, acl->hash, XATTR_SD_HASH_SIZE);

	if (ret)

		return ret;



	return 0;

	ret = ndr_write_bytes(n, acl->desc, acl->desc_len);

	if (ret)

		return ret;



	ret = ndr_write_int64(n, acl->current_time);

	if (ret)

		return ret;



	ret = ndr_write_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE);

	if (ret)

		return ret;



	/* push ndr for security descriptor */

	ret = ndr_write_bytes(n, acl->sd_buf, acl->sd_size);

	return ret;

}



int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)

{

	int version2;

	unsigned int version2;

	int ret;



	n->offset = 0;

	acl->version = ndr_read_int16(n);

	ret = ndr_read_int16(n, &acl->version);

	if (ret)

		return ret;

	if (acl->version != 4) {

		pr_err("v%d version is not supported\n", acl->version);

		return -EINVAL;

	}



	version2 = ndr_read_int32(n);

	ret = ndr_read_int32(n, &version2);

	if (ret)

		return ret;

	if (acl->version != version2) {

		pr_err("ndr version mismatched(version: %d, version2: %d)\n",

		       acl->version, version2);
@@ -318,11 +467,22 @@ int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl) 
	}



	/* Read Level */

	ndr_read_int16(n);

	ret = ndr_read_int16(n, NULL);

	if (ret)

		return ret;



	/* Read Ref Id */

	ndr_read_int32(n);

	acl->hash_type = ndr_read_int16(n);

	ndr_read_bytes(n, acl->hash, XATTR_SD_HASH_SIZE);

	ret = ndr_read_int32(n, NULL);

	if (ret)

		return ret;



	ret = ndr_read_int16(n, &acl->hash_type);

	if (ret)

		return ret;



	ret = ndr_read_bytes(n, acl->hash, XATTR_SD_HASH_SIZE);

	if (ret)

		return ret;



	ndr_read_bytes(n, acl->desc, 10);

	if (strncmp(acl->desc, "posix_acl", 9)) {
@@ -331,15 +491,20 @@ int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl) 
	}



	/* Read Time */

	ndr_read_int64(n);

	ret = ndr_read_int64(n, NULL);

	if (ret)

		return ret;



	/* Read Posix ACL hash */

	ndr_read_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE);

	ret = ndr_read_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE);

	if (ret)

		return ret;



	acl->sd_size = n->length - n->offset;

	acl->sd_buf = kzalloc(acl->sd_size, GFP_KERNEL);

	if (!acl->sd_buf)

		return -ENOMEM;



	ndr_read_bytes(n, acl->sd_buf, acl->sd_size);



	return 0;

	ret = ndr_read_bytes(n, acl->sd_buf, acl->sd_size);

	return ret;

}

fs/ksmbd/oplock.c

+4 −2
Original line number Diff line number Diff line
@@ -1614,9 +1614,11 @@ void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp) 
	buf->nlink = cpu_to_le32(inode->i_nlink);

	buf->reparse_tag = cpu_to_le32(fp->volatile_id);

	buf->mode = cpu_to_le32(inode->i_mode);

	id_to_sid(from_kuid(user_ns, inode->i_uid),

	id_to_sid(from_kuid_munged(&init_user_ns,

				   i_uid_into_mnt(user_ns, inode)),

		  SIDNFS_USER, (struct smb_sid *)&buf->SidBuffer[0]);

	id_to_sid(from_kgid(user_ns, inode->i_gid),

	id_to_sid(from_kgid_munged(&init_user_ns,

				   i_gid_into_mnt(user_ns, inode)),

		  SIDNFS_GROUP, (struct smb_sid *)&buf->SidBuffer[20]);

}

fs/ksmbd/smb2pdu.c

+32 −37
Original line number Diff line number Diff line
@@ -2381,10 +2381,12 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work, 
			    le32_to_cpu(sd_buf->ccontext.DataLength), true);

}



static void ksmbd_acls_fattr(struct smb_fattr *fattr, struct inode *inode)

static void ksmbd_acls_fattr(struct smb_fattr *fattr,

			     struct user_namespace *mnt_userns,

			     struct inode *inode)

{

	fattr->cf_uid = inode->i_uid;

	fattr->cf_gid = inode->i_gid;

	fattr->cf_uid = i_uid_into_mnt(mnt_userns, inode);

	fattr->cf_gid = i_gid_into_mnt(mnt_userns, inode);

	fattr->cf_mode = inode->i_mode;

	fattr->cf_acls = NULL;

	fattr->cf_dacls = NULL;
@@ -2893,7 +2895,7 @@ int smb2_open(struct ksmbd_work *work) 
					struct smb_ntsd *pntsd;

					int pntsd_size, ace_num = 0;



					ksmbd_acls_fattr(&fattr, inode);

					ksmbd_acls_fattr(&fattr, user_ns, inode);

					if (fattr.cf_acls)

						ace_num = fattr.cf_acls->a_count;

					if (fattr.cf_dacls)
@@ -3324,7 +3326,6 @@ static int dentry_name(struct ksmbd_dir_info *d_info, int info_level) 
 */

static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,

				       struct ksmbd_dir_info *d_info,

				       struct user_namespace *user_ns,

				       struct ksmbd_kstat *ksmbd_kstat)

{

	int next_entry_offset = 0;
@@ -3478,9 +3479,9 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level, 
			S_ISDIR(ksmbd_kstat->kstat->mode) ? ATTR_DIRECTORY_LE : ATTR_ARCHIVE_LE;

		if (d_info->hide_dot_file && d_info->name[0] == '.')

			posix_info->DosAttributes |= ATTR_HIDDEN_LE;

		id_to_sid(from_kuid(user_ns, ksmbd_kstat->kstat->uid),

		id_to_sid(from_kuid_munged(&init_user_ns, ksmbd_kstat->kstat->uid),

			  SIDNFS_USER, (struct smb_sid *)&posix_info->SidBuffer[0]);

		id_to_sid(from_kgid(user_ns, ksmbd_kstat->kstat->gid),

		id_to_sid(from_kgid_munged(&init_user_ns, ksmbd_kstat->kstat->gid),

			  SIDNFS_GROUP, (struct smb_sid *)&posix_info->SidBuffer[20]);

		memcpy(posix_info->name, conv_name, conv_len);

		posix_info->name_len = cpu_to_le32(conv_len);
@@ -3543,7 +3544,7 @@ static int process_query_dir_entries(struct smb2_query_dir_private *priv) 
			return -EINVAL;



		lock_dir(priv->dir_fp);

		dent = lookup_one_len(priv->d_info->name,

		dent = lookup_one(user_ns, priv->d_info->name,

				  priv->dir_fp->filp->f_path.dentry,

				  priv->d_info->name_len);

		unlock_dir(priv->dir_fp);
@@ -3571,7 +3572,6 @@ static int process_query_dir_entries(struct smb2_query_dir_private *priv) 
		rc = smb2_populate_readdir_entry(priv->work->conn,

						 priv->info_level,

						 priv->d_info,

						 user_ns,

						 &ksmbd_kstat);

		dput(dent);

		if (rc)
@@ -5008,7 +5008,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work, 


	user_ns = file_mnt_user_ns(fp->filp);

	inode = file_inode(fp->filp);

	ksmbd_acls_fattr(&fattr, inode);

	ksmbd_acls_fattr(&fattr, user_ns, inode);



	if (test_share_config_flag(work->tcon->share_conf,

				   KSMBD_SHARE_FLAG_ACL_XATTR))
@@ -5246,7 +5246,9 @@ int smb2_echo(struct ksmbd_work *work) 
	return 0;

}



static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,

static int smb2_rename(struct ksmbd_work *work,

		       struct ksmbd_file *fp,

		       struct user_namespace *user_ns,

		       struct smb2_file_rename_info *file_info,

		       struct nls_table *local_nls)

{
@@ -5310,7 +5312,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp, 
		if (rc)

			goto out;



		rc = ksmbd_vfs_setxattr(file_mnt_user_ns(fp->filp),

		rc = ksmbd_vfs_setxattr(user_ns,

					fp->filp->f_path.dentry,

					xattr_stream_name,

					NULL, 0, 0);
@@ -5438,11 +5440,11 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf, 
{

	struct smb2_file_all_info *file_info;

	struct iattr attrs;

	struct iattr temp_attrs;

	struct timespec64 ctime;

	struct file *filp;

	struct inode *inode;

	struct user_namespace *user_ns;

	int rc;

	int rc = 0;



	if (!(fp->daccess & FILE_WRITE_ATTRIBUTES_LE))

		return -EACCES;
@@ -5462,11 +5464,11 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf, 
	}



	if (file_info->ChangeTime) {

		temp_attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);

		attrs.ia_ctime = temp_attrs.ia_ctime;

		attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);

		ctime = attrs.ia_ctime;

		attrs.ia_valid |= ATTR_CTIME;

	} else {

		temp_attrs.ia_ctime = inode->i_ctime;

		ctime = inode->i_ctime;

	}



	if (file_info->LastWriteTime) {
@@ -5505,13 +5507,6 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf, 
		rc = 0;

	}



	/*

	 * HACK : set ctime here to avoid ctime changed

	 * when file_info->ChangeTime is zero.

	 */

	attrs.ia_ctime = temp_attrs.ia_ctime;

	attrs.ia_valid |= ATTR_CTIME;



	if (attrs.ia_valid) {

		struct dentry *dentry = filp->f_path.dentry;

		struct inode *inode = d_inode(dentry);
@@ -5519,17 +5514,15 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf, 
		if (IS_IMMUTABLE(inode) || IS_APPEND(inode))

			return -EACCES;



		rc = setattr_prepare(user_ns, dentry, &attrs);

		if (rc)

			return -EINVAL;



		inode_lock(inode);

		setattr_copy(user_ns, inode, &attrs);

		attrs.ia_valid &= ~ATTR_CTIME;

		rc = notify_change(user_ns, dentry, &attrs, NULL);

		if (!rc) {

			inode->i_ctime = ctime;

			mark_inode_dirty(inode);

		}

		inode_unlock(inode);

	}

	return 0;

	return rc;

}



static int set_file_allocation_info(struct ksmbd_work *work,
@@ -5624,6 +5617,7 @@ static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp, 
static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,

			   char *buf)

{

	struct user_namespace *user_ns;

	struct ksmbd_file *parent_fp;

	struct dentry *parent;

	struct dentry *dentry = fp->filp->f_path.dentry;
@@ -5634,11 +5628,12 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp, 
		return -EACCES;

	}



	user_ns = file_mnt_user_ns(fp->filp);

	if (ksmbd_stream_fd(fp))

		goto next;



	parent = dget_parent(dentry);

	ret = ksmbd_vfs_lock_parent(parent, dentry);

	ret = ksmbd_vfs_lock_parent(user_ns, parent, dentry);

	if (ret) {

		dput(parent);

		return ret;
@@ -5655,7 +5650,7 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp, 
		}

	}

next:

	return smb2_rename(work, fp,

	return smb2_rename(work, fp, user_ns,

			   (struct smb2_file_rename_info *)buf,

			   work->sess->conn->local_nls);

}
@@ -7116,7 +7111,7 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn, 
			netdev->ethtool_ops->get_link_ksettings(netdev, &cmd);

			speed = cmd.base.speed;

		} else {

			pr_err("%s %s\n", netdev->name,

			ksmbd_debug(SMB, "%s %s\n", netdev->name,

				    "speed is unknown, defaulting to 1Gb/sec");

			speed = SPEED_1000;

		}

fs/ksmbd/smb_common.c

+1 −3
Original line number Diff line number Diff line
@@ -291,7 +291,6 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level, 
				      char *search_pattern,

				      int (*fn)(struct ksmbd_conn *, int,

						struct ksmbd_dir_info *,

						struct user_namespace *,

						struct ksmbd_kstat *))

{

	int i, rc = 0;
@@ -322,8 +321,7 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level, 
						    user_ns,

						    dir->filp->f_path.dentry->d_parent,

						    &ksmbd_kstat);

			rc = fn(conn, info_level, d_info,

				user_ns, &ksmbd_kstat);

			rc = fn(conn, info_level, d_info, &ksmbd_kstat);

			if (rc)

				break;

			if (d_info->out_buf_len <= 0)

fs/ksmbd/smb_common.h

+0 −1
Original line number Diff line number Diff line
@@ -511,7 +511,6 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, 
				      int (*fn)(struct ksmbd_conn *,

						int,

						struct ksmbd_dir_info *,

						struct user_namespace *,

						struct ksmbd_kstat *));



int ksmbd_extract_shortname(struct ksmbd_conn *conn,