- Sep 07, 2020
-
-
Ronnie Sahlberg authored
RHBZ: 1871246 If during cifs_lookup()/get_inode_info() we encounter a DFS link and we use the cifsacl or modefromsid mount options we must suppress any -EREMOTE errors that triggers or else we will not be able to follow the DFS link and automount the target. This fixes an issue with modefromsid/cifsacl where these mountoptions would break DFS and we would no longer be able to access the share. Signed-off-by:
Ronnie Sahlberg <lsahlber@redhat.com> Reviewed-by:
Paulo Alcantara (SUSE) <pc@cjr.nz> Signed-off-by:
Steve French <stfrench@microsoft.com>
-
- Aug 28, 2020
-
-
Paulo Alcantara authored
For SMB1, the DFS flag should be checked against tcon->Flags rather than tcon->share_flags. While at it, add an is_tcon_dfs() helper to check for DFS capability in a more generic way. Signed-off-by:
Shyam Prasad N <nspmangalore@gmail.com>
-
- Aug 23, 2020
-
-
Gustavo A. R. Silva authored
Replace the existing /* fall through */ comments and its variants with the new pseudo-keyword macro fallthrough[1]. Also, remove unnecessary fall-through markings when it is the case. [1] https://www.kernel.org/doc/html/v5.7/process/deprecated.html?highlight=fallthrough#implicit-switch-case-fall-through Signed-off-by:
Gustavo A. R. Silva <gustavoars@kernel.org>
-
- Aug 14, 2020
-
-
Steve French authored
mkdir uses a compounded create operation which was not setting the security descriptor on create of a directory. Fix so mkdir now sets the mode and owner info properly when idsfromsid and modefromsid are configured on the mount. Signed-off-by:
Pavel Shilovsky <pshilov@microsoft.com>
-
- Aug 10, 2020
-
-
Miaohe Lin authored
Convert the uses of fallthrough comments to fallthrough macro. Signed-off-by:
Hongxiang Lou <louhongxiang@huawei.com> Signed-off-by:
Miaohe Lin <linmiaohe@huawei.com> Signed-off-by:
-
- Aug 07, 2020
-
-
Waiman Long authored
As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_. The main reason that kzfree() exists is to clear sensitive information that should not be leaked to other future users of the same memory objects. Rename kzfree() to kfree_sensitive() to follow the example of the recently added kvfree_sensitive() and make the intention of the API more explicit. In addition, memzero_explicit() is used to clear the memory to make sure that it won't get optimized away by the compiler. The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/' followed by some editing of the kfree_sensitive() kerneldoc and adding a kzfree backward compatibility macro in slab.h. [akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h] [akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more] Suggested-by:
Joe Perches <joe@perches.com> Signed-off-by:
Waiman Long <longman@redhat.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Acked-by:
David Howells <dhowells@redhat.com> Acked-by:
Michal Hocko <mhocko@suse.com> Acked-by:
Johannes Weiner <hannes@cmpxchg.org> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Joe Perches <joe@perches.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: David Rientjes <rientjes@google.com> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.com Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Dan Carpenter authored
The error handling calls kfree(full_path) so we can't let it be a NULL pointer. There used to be a NULL assignment here but we accidentally deleted it. Add it back. Fixes: 7efd0815 ("cifs: document and cleanup dfs mount") Signed-off-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
-
- Aug 02, 2020
-
-
Paulo Alcantara authored
cifs_mount() for DFS mounts is for a long time way too complex to follow, mostly because it lacks some documentation, does a lot of operations like resolving DFS roots and links, checking for path components, perform failover, crap code, etc. Besides adding some documentation to it, do some cleanup and ensure that the following is implemented and supported: * non-DFS mounts * DFS failover * DFS root mounts - tcon and cifs_sb must contain DFS path (NOT including prefix) - if prefix path, then save it in cifs_sb and it must not be changed * DFS link mounts - tcon and cifs_sb must contain DFS path (including prefix) - if prefix path, then save it in cifs_sb and it may be changed * prevent recursion on broken link referrals (MAX_NESTED_LINKS) * check every path component of the currently resolved target (including prefix), and chase them accordingly * make sure that DFS referrals go through newly resolved root servers Signed-off-by:Aurelien Aptel <aaptel@suse.com> Signed-off-by:
-
Paulo Alcantara authored
For DFS root mounts that contain a prefix path, do not change them after failover. E.g., if the user mounts //srvA/root/dir1 and then lost connection to srvA, it will reconnect to //srvB/root/dir1 In case of DFS links, which may resolve to different prefix paths depending on their list of targets, the following must be supported: - mount //srvA/root/link/bar - connect to //srvA/share - set prefix path to "bar" - lost connection to srvA - reconnect to next target: //srvB/share/foo - set new prefix path to "foo/bar" In cifs_tree_connect(), check the server_type field of the cached DFS referral to determine whether or not prefix path should be updated. Signed-off-by:
-
Colin Ian King authored
Currently if the call dfs_cache_get_tgt_share fails we cannot fully guarantee that share and prefix are set to NULL and the next iteration of the loop can end up potentially double freeing these pointers. Since the semantics of dfs_cache_get_tgt_share are ambiguous for failure cases with the setting of share and prefix (currently now and the possibly the future), it seems prudent to set the pointers to NULL when the objects are free'd to avoid any double frees. Addresses-Coverity: ("Double free") Fixes: 96296c946a2a ("cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect") Signed-off-by:Colin Ian King <colin.king@canonical.com> Signed-off-by:
-
Paulo Alcantara authored
Use PathConsumed field when parsing prefixes of referral paths that either match a cache entry or are a complete prefix path of an existing entry. Signed-off-by:
-
Paulo Alcantara authored
In case there were no cached DFS referrals in reconn_setup_dfs_targets(), set cifs_sb to NULL prior to calling reconn_set_next_dfs_target() so it would not try to access an empty tgt_list. Signed-off-by:
-
Paulo Alcantara authored
This function has nothing to do with *invalidation* but setting up the next target server from a cached referral. Rename it to reconn_set_next_dfs_target(). While at it, get rid of some meaningless checks. Signed-off-by:
-
Paulo Alcantara authored
When looking up the DFS cache with a referral path that has more than two path components, and is a complete prefix of an existing cache entry, do not request another referral and just return the matched entry as specified in MS-DFSC 3.2.5.5 Receiving a Root Referral Request or Link Referral Request. Signed-off-by:
-
Stefan Metzmacher authored
They were identical execpt to CIFSTCon() vs. SMB2_tcon(). These are also available via ops->tree_connect(). Signed-off-by:
Stefan Metzmacher <metze@samba.org> Signed-off-by:
-
Qinglang Miao authored
Convert cpu_to_be32(be32_to_cpu(E1) + E2) to use be32_add_cpu(). Signed-off-by:
Qinglang Miao <miaoqinglang@huawei.com> Signed-off-by:
-
Randy Dunlap authored
Drop repeated words in multiple comments. (be, use, the, See) Signed-off-by:
Randy Dunlap <rdunlap@infradead.org> Cc: Steve French <sfrench@samba.org> Cc: linux-cifs@vger.kernel.org Cc: samba-technical@lists.samba.org Signed-off-by:
-
Liao Pingfang authored
Remove the superfuous break, as there is a 'return' before it. Signed-off-by:
Liao Pingfang <liao.pingfang@zte.com.cn> Signed-off-by:
Yi Wang <wang.yi59@zte.com.cn> Signed-off-by:
-
Ronnie Sahlberg authored
RHBZ 1145308 Some very old server may not support SetPathInfo to adjust the timestamps of directories. For these servers, try to open the directory and use SetFileInfo. Minor correction to patch included that was Reported-by:
kernel test robot <lkp@intel.com> Signed-off-by:
Kenneth D'souza <kdsouza@redhat.com>
-
Roberto Bergantinos Corpas authored
If server returns ERRBaduid but does not reset transport connection, we'll keep sending command with a non-valid UID for the server as long as transport is healthy, without actually recovering. This have been observed on the field. This patch adds ERRBaduid handling so that we set CifsNeedReconnect. map_and_check_smb_error() can be modified to extend use cases. Signed-off-by:
Roberto Bergantinos Corpas <rbergant@redhat.com> Signed-off-by:
-
Wei Yongjun authored
Fix build warning by removing unused variable 'server': fs/cifs/inode.c:1089:26: warning: variable server set but not used [-Wunused-but-set-variable] 1089 | struct TCP_Server_Info *server; | ^~~~~~ Signed-off-by:Wei Yongjun <weiyongjun1@huawei.com> Signed-off-by:
-
Steve French authored
When mounting with Kerberos, users have been confused about the default error returned in scenarios in which either keyutils is not installed or the user did not properly acquire a krb5 ticket. Log a warning message in the case that "ENOKEY" is returned from the get_spnego_key upcall so that users can better understand why mount failed in those two cases. CC: Stable <stable@vger.kernel.org> Signed-off-by: -
Paul Aurich authored
Handling a lease break for the cached root didn't free the smb2_lease_break_work allocation, resulting in a leak: unreferenced object 0xffff98383a5af480 (size 128): comm "cifsd", pid 684, jiffies 4294936606 (age 534.868s) hex dump (first 32 bytes): c0 ff ff ff 1f 00 00 00 88 f4 5a 3a 38 98 ff ff ..........Z:8... 88 f4 5a 3a 38 98 ff ff 80 88 d6 8a ff ff ff ff ..Z:8........... backtrace: [<0000000068957336>] smb2_is_valid_oplock_break+0x1fa/0x8c0 [<0000000073b70b9e>] cifs_demultiplex_thread+0x73d/0xcc0 [<00000000905fa372>] kthread+0x11c/0x150 [<0000000079378e4e>] ret_from_fork+0x22/0x30 Avoid this leak by only allocating when necessary. Fixes: a93864d9 ("cifs: add lease tracking to the cached root fid") Signed-off-by:Paul Aurich <paul@darkrain42.org> CC: Stable <stable@vger.kernel.org> # v4.18+ Reviewed-by:
-
- Jul 23, 2020
-
-
Steve French authored
This reverts commit 9ffad926. Upon additional testing with older servers, it was found that the original commit introduced a regression when using the old SMB1 dialect and rsyncing over an existing file. The patch will need to be respun to address this, likely including a larger refactoring of the SMB1 and SMB3 rename code paths to make it less confusing and also to address some additional rename error cases that SMB3 may be able to workaround. Signed-off-by:
Patrick Fernie <patrick.fernie@gmail.com> CC: Stable <stable@vger.kernel.org> Acked-by:
Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
-
- Jul 09, 2020
-
-
Steve French authored
To 2.28 Signed-off-by: -
Ronnie Sahlberg authored
Don't leak a reference to tlink during the NOTIFY ioctl Signed-off-by:
-
- Jul 08, 2020
-
-
Steve French authored
We should not be logging a warning repeatedly on change notify. CC: Stable <stable@vger.kernel.org> # v5.6+ Signed-off-by:
-
yangerkun authored
The caller of cifs_posix_lock_set will do retry(like fcntl_setlk64->do_lock_file_wait) if we will wait for any file_lock. So the retry in cifs_poxis_lock_set seems duplicated, remove it to make a cleanup. Signed-off-by:
yangerkun <yangerkun@huawei.com> Signed-off-by:
NeilBrown <neilb@suse.de>
-
- Jul 07, 2020
-
-
Steve French authored
read permission, not just read attributes permission, is required on the directory. See MS-SMB2 (protocol specification) section 3.3.5.19. Signed-off-by:
-
- Jul 05, 2020
-
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by:Alexander A. Klimov <grandmaster@al2klimov.de> Reviewed-by:
Jonathan Corbet <corbet@lwn.net>
-
- Jul 02, 2020
-
-
Ronnie Sahlberg authored
The wait_event_... defines evaluate to long so we should not assign it an int as this may truncate the value. Reported-by:
Marshall Midden <marshallmidden@gmail.com> Signed-off-by:
-
Zhang Xiaoxu authored
When xfstest generic/035, we found the target file was deleted if the rename return -EACESS. In cifs_rename2, we unlink the positive target dentry if rename failed with EACESS or EEXIST, even if the target dentry is positived before rename. Then the existing file was deleted. We should just delete the target file which created during the rename. Reported-by:
Hulk Robot <hulkci@huawei.com> Signed-off-by:
-
Paul Aurich authored
The flag from the primary tcon needs to be copied into the volume info so that cifs_get_tcon will try to enable extensions on the per-user tcon. At that point, since posix extensions must have already been enabled on the superblock, don't try to needlessly adjust the mount flags. Fixes: ce558b0e ("smb3: Add posix create context for smb3.11 posix mounts") Fixes: b326614e ("smb3: allow "posix" mount option to enable new SMB311 protocol extensions") Signed-off-by:
-
Paul Aurich authored
Fixes: ca567eb2 ("SMB3: Allow persistent handle timeout to be configurable on mount") Signed-off-by:
-
Paul Aurich authored
Fixes: 3e7a02d4 ("smb3: allow disabling requesting leases") Signed-off-by:
-
Paul Aurich authored
Without this: - persistent handles will only be enabled for per-user tcons if the server advertises the 'Continuous Availabity' capability - resilient handles would never be enabled for per-user tcons Signed-off-by:
-
Paul Aurich authored
Ensure multiuser SMB3 mounts use encryption for all users' tcons if the mount options are configured to require encryption. Without this, only the primary tcon and IPC tcons are guaranteed to be encrypted. Per-user tcons would only be encrypted if the server was configured to require encryption. Signed-off-by:
-
Paul Aurich authored
This is useful for distinguishing SMB sessions on a multiuser mount. Signed-off-by:
-
- Jun 24, 2020
-
-
Gustavo A. R. Silva authored
Use array_size() instead of the open-coded version in the controlling expression of the if statement. Also, while there, use the preferred form for passing a size of a struct. The alternative form where struct name is spelled out hurts readability and introduces an opportunity for a bug when the pointer variable type is changed but the corresponding sizeof that is passed as argument is not. This issue was found with the help of Coccinelle and, audited and fixed manually. Addresses-KSPP-ID: https://github.com/KSPP/linux/issues/83 Signed-off-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
-
Zhang Xiaoxu authored
As the man description of the truncate, if the size changed, then the st_ctime and st_mtime fields should be updated. But in cifs, we doesn't do it. It lead the xfstests generic/313 failed. So, add the ATTR_MTIME|ATTR_CTIME flags on attrs when change the file size Reported-by:
-
