Commit b7a838ee authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'v6.12-rc1-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 

Pull smb client fixes from Steve French:

 - statfs fix (e.g. when limited access to root directory of share)

 - special file handling fixes: fix packet validation to avoid buffer
   overflow for reparse points, fixes for symlink path parsing (one for
   reparse points, and one for SFU use case), and fix for cleanup after
   failed SET_REPARSE operation.

 - fix for SMB2.1 signing bug introduced by recent patch to NFS symlink
   path, and NFS reparse point validation

 - comment cleanup

* tag 'v6.12-rc1-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: Do not convert delimiter when parsing NFS-style symlinks
  cifs: Validate content of NFS reparse point buffer
  cifs: Fix buffer overflow when parsing NFS reparse points
  smb: client: Correct typos in multiple comments across various files
  smb: client: use actual path when queryfs
  cifs: Remove intermediate object of failed create reparse call
  Revert "smb: client: make SHA-512 TFM ephemeral"
  smb: Update comments about some reparse point tags
  cifs: Check for UTF-16 null codepoint in SFU symlink target location
parents 6cca1195 d3a49f60

fs/smb/client/cifsacl.h

+1 −1
Original line number Diff line number Diff line
@@ -55,7 +55,7 @@ struct smb3_sd { 
#define ACL_CONTROL_SI	0x0800	/* SACL Auto-Inherited */

#define ACL_CONTROL_DI	0x0400	/* DACL Auto-Inherited */

#define ACL_CONTROL_SC	0x0200	/* SACL computed through inheritance */

#define ACL_CONTROL_DC	0x0100	/* DACL computed through inheritence */

#define ACL_CONTROL_DC	0x0100	/* DACL computed through inheritance */

#define ACL_CONTROL_SS	0x0080	/* Create server ACL */

#define ACL_CONTROL_DT	0x0040	/* DACL provided by trusted source */

#define ACL_CONTROL_SD	0x0020	/* SACL defaulted */

fs/smb/client/cifsencrypt.c

+2 −1
Original line number Diff line number Diff line
@@ -239,7 +239,7 @@ int cifs_verify_signature(struct smb_rqst *rqst, 
		cifs_dbg(FYI, "dummy signature received for smb command 0x%x\n",

			 cifs_pdu->Command);



	/* save off the origiginal signature so we can modify the smb and check

	/* save off the original signature so we can modify the smb and check

		its signature against what the server sent */

	memcpy(server_response_sig, cifs_pdu->Signature.SecuritySignature, 8);
@@ -700,6 +700,7 @@ cifs_crypto_secmech_release(struct TCP_Server_Info *server) 
	cifs_free_hash(&server->secmech.aes_cmac);

	cifs_free_hash(&server->secmech.hmacsha256);

	cifs_free_hash(&server->secmech.md5);

	cifs_free_hash(&server->secmech.sha512);



	if (!SERVER_IS_CHAN(server)) {

		if (server->secmech.enc) {

fs/smb/client/cifsfs.c

+14 −3
Original line number Diff line number Diff line
@@ -161,7 +161,7 @@ __u32 cifs_lock_secret; 


/*

 * Bumps refcount for cifs super block.

 * Note that it should be only called if a referece to VFS super block is

 * Note that it should be only called if a reference to VFS super block is

 * already held, e.g. in open-type syscalls context. Otherwise it can race with

 * atomic_dec_and_test in deactivate_locked_super.

 */
@@ -289,7 +289,7 @@ static void cifs_kill_sb(struct super_block *sb) 
	struct cifs_sb_info *cifs_sb = CIFS_SB(sb);



	/*

	 * We ned to release all dentries for the cached directories

	 * We need to release all dentries for the cached directories

	 * before we kill the sb.

	 */

	if (cifs_sb->root) {
@@ -313,8 +313,17 @@ cifs_statfs(struct dentry *dentry, struct kstatfs *buf) 
	struct TCP_Server_Info *server = tcon->ses->server;

	unsigned int xid;

	int rc = 0;

	const char *full_path;

	void *page;



	xid = get_xid();

	page = alloc_dentry_path();



	full_path = build_path_from_dentry(dentry, page);

	if (IS_ERR(full_path)) {

		rc = PTR_ERR(full_path);

		goto statfs_out;

	}



	if (le32_to_cpu(tcon->fsAttrInfo.MaxPathNameComponentLength) > 0)

		buf->f_namelen =
@@ -330,8 +339,10 @@ cifs_statfs(struct dentry *dentry, struct kstatfs *buf) 
	buf->f_ffree = 0;	/* unlimited */



	if (server->ops->queryfs)

		rc = server->ops->queryfs(xid, tcon, cifs_sb, buf);

		rc = server->ops->queryfs(xid, tcon, full_path, cifs_sb, buf);



statfs_out:

	free_dentry_path(page);

	free_xid(xid);

	return rc;

}

fs/smb/client/cifsglob.h

+3 −2
Original line number Diff line number Diff line
@@ -180,6 +180,7 @@ struct session_key { 
struct cifs_secmech {

	struct shash_desc *md5; /* md5 hash function, for CIFS/SMB1 signatures */

	struct shash_desc *hmacsha256; /* hmac-sha256 hash function, for SMB2 signatures */

	struct shash_desc *sha512; /* sha512 hash function, for SMB3.1.1 preauth hash */

	struct shash_desc *aes_cmac; /* block-cipher based MAC function, for SMB3 signatures */



	struct crypto_aead *enc; /* smb3 encryption AEAD TFM (AES-CCM and AES-GCM) */
@@ -480,7 +481,7 @@ struct smb_version_operations { 
			__u16 net_fid, struct cifsInodeInfo *cifs_inode);

	/* query remote filesystem */

	int (*queryfs)(const unsigned int, struct cifs_tcon *,

		       struct cifs_sb_info *, struct kstatfs *);

		       const char *, struct cifs_sb_info *, struct kstatfs *);

	/* send mandatory brlock to the server */

	int (*mand_lock)(const unsigned int, struct cifsFileInfo *, __u64,

			 __u64, __u32, int, int, bool);
@@ -774,7 +775,7 @@ struct TCP_Server_Info { 
	} compression;

	__u16	signing_algorithm;

	__le16	cipher_type;

	 /* save initital negprot hash */

	 /* save initial negprot hash */

	__u8	preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE];

	bool	signing_negotiated; /* true if valid signing context rcvd from server */

	bool	posix_ext_supported;

fs/smb/client/cifspdu.h

+2 −2
Original line number Diff line number Diff line
@@ -781,7 +781,7 @@ typedef struct smb_com_logoff_andx_rsp { 
	__u16 ByteCount;

} __attribute__((packed)) LOGOFF_ANDX_RSP;



typedef union smb_com_tree_disconnect {	/* as an altetnative can use flag on

typedef union smb_com_tree_disconnect {	/* as an alternative can use flag on

					tree_connect PDU to effect disconnect */

					/* tdis is probably simplest SMB PDU */

	struct {
@@ -2406,7 +2406,7 @@ struct cifs_posix_ace { /* access control entry (ACE) */ 
	__le64 cifs_uid; /* or gid */

} __attribute__((packed));



struct cifs_posix_acl { /* access conrol list  (ACL) */

struct cifs_posix_acl { /* access control list  (ACL) */

	__le16	version;

	__le16	access_entry_count;  /* access ACL - count of entries */

	__le16	default_entry_count; /* default ACL - count of entries */