Commit Graph

83 Commits

Author SHA1 Message Date
Pavel Shilovsky 2365c4eaf0 CIFS: Fix too big maxBuf size for SMB3 mounts
SMB3 servers can respond with MaxTransactSize of more than 4M
that can cause a memory allocation error returned from kmalloc
in a lock codepath. Also the client doesn't support multicredit
requests now and allows buffer sizes of 65536 bytes only. Set
MaxTransactSize to this maximum supported value.

Cc: stable@vger.kernel.org # 3.7+
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2014-02-14 16:50:47 -06:00
Steve French 4a5c80d7b5 [CIFS] clean up page array when uncached write send fails
In the event that a send fails in an uncached write, or we end up
needing to reissue it (-EAGAIN case), we'll kfree the wdata but
the pages currently leak.

Fix this by adding a new kref release routine for uncached writedata
that releases the pages, and have the uncached codepaths use that.

[original patch by Jeff modified to fix minor formatting problems]

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2014-02-07 20:47:00 -06:00
Steve French ff1c038add Check SMB3 dialects against downgrade attacks
When we are running SMB3 or SMB3.02 connections which are signed
we need to validate the protocol negotiation information,
to ensure that the negotiate protocol response was not tampered with.

Add the missing FSCTL which is sent at mount time (immediately after
the SMB3 Tree Connect) to validate that the capabilities match
what we think the server sent.

"Secure dialect negotiation is introduced in SMB3 to protect against
man-in-the-middle attempt to downgrade dialect negotiation.
The idea is to prevent an eavesdropper from downgrading the initially
negotiated dialect and capabilities between the client and the server."

For more explanation see 2.2.31.4 of MS-SMB2 or
http://blogs.msdn.com/b/openspecification/archive/2012/06/28/smb3-secure-dialect-negotiation.aspx

Reviewed-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-11-19 23:52:54 -06:00
Steve French 7d3fb24bce Removed duplicated (and unneeded) goto
Remove an unneeded goto (and also was duplicated goto target name).

Signed-off-by: Steve French <smfrench@gmail.com>
2013-11-18 17:24:24 -06:00
Steve French 9bf0c9cd43 CIFS: Fix SMB2/SMB3 Copy offload support (refcopy) for large files
This third version of the patch, incorparating feedback from David Disseldorp
extends the ability of copychunk (refcopy) over smb2/smb3 mounts to
handle servers with smaller than usual maximum chunk sizes
and also fixes it to handle files bigger than the maximum chunk sizes

In the future this can be extended further to handle sending
multiple chunk requests in on SMB2 ioctl request which will
further improve performance, but even with one 1MB chunk per
request the speedup on cp is quite large.

Reviewed-by: David Disseldorp <ddiss@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-11-18 17:24:14 -06:00
Steve French 0cbaa53cdd [CIFS] Warn if SMB3 encryption required by server
We do not support SMB3 encryption yet, warn if server responds
that SMB3 encryption is mandatory.

Signed-off-by: Steve French <smfrench@gmail.com>
2013-11-15 23:50:24 -06:00
Steve French de9f68df67 [CIFS] Set copychunk defaults
Patch 2 of the copy chunk series (the final patch will
use these to handle copies of files larger than the chunk size.

We set the same defaults that Windows and Samba expect for
CopyChunk.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-11-15 15:27:22 -06:00
Steven French af6a12ea8d Query File System Alignment
In SMB3 it is now possible to query the file system
alignment info, and the preferred (for performance)
sector size and whether the underlying disk
has no seek penalty (like SSD).

Query this information at mount time for SMB3,
and make it visible in /proc/fs/cifs/DebugData
for debugging purposes.

This alignment information and preferred sector
size info will be helpful for the copy offload
patches to setup the right chunks in the CopyChunk
requests.   Presumably the knowledge that the
underlying disk is SSD could also help us
make better readahead and writebehind
decisions (something to look at in the future).

Signed-off-by: Steve French <smfrench@gmail.com>
2013-11-02 12:52:41 -05:00
Steven French 2167114c6e Query device characteristics at mount time from server on SMB2/3 not just on cifs mounts
Currently SMB2 and SMB3 mounts do not query the device information at mount time
from the server as is done for cifs.  These can be useful for debugging.
This is a minor patch, that extends the previous one (which added ability to
query file system attributes at mount time - this returns the device
characteristics - also via in /proc/fs/cifs/DebugData)

Signed-off-by: Steve French <smfrench@gmail.com>
2013-11-02 12:52:38 -05:00
Steve French 34f626406c Query file system attributes from server on SMB2, not just cifs, mounts
Currently SMB2 and SMB3 mounts do not query the file system attributes
from the server at mount time as is done for cifs.  These can be useful for debugging.

Signed-off-by: Steve French <smfrench@gmail.com>
2013-10-28 09:22:55 -05:00
Steve French 64a5cfa6db Allow setting per-file compression via SMB2/3
Allow cifs/smb2/smb3 to return whether or not a file is compressed
via lsattr, and allow SMB2/SMB3 to set the per-file compression
flag ("chattr +c filename" on an smb3 mount).

Windows users often set the compressed flag (it can be
done from the desktop and file manager).  David Disseldorp
has patches to Samba server to support this (at least on btrfs)
which are complementary to this

Signed-off-by: Steve French <smfrench@gmail.com>
2013-10-28 09:22:31 -05:00
Steve French 7ff8d45c9d Fix corrupt SMB2 ioctl requests
We were off by one calculating the length of ioctls in some cases
because the protocol specification for SMB2 ioctl includes a mininum
one byte payload but not all SMB2 ioctl requests actually have
a data buffer to send. We were also not zeroing out the
return buffer (in case of error this is helpful).

Signed-off-by: Steve French <smfrench@gmail.com>
2013-10-28 09:21:36 -05:00
Shirish Pargaonkar eb4c7df6c2 cifs: Avoid umount hangs with smb2 when server is unresponsive
Do not send SMB2 Logoff command when reconnecting, the way smb1
code base works.

Also, no need to wait for a credit for an echo command when one is already
in flight.

Without these changes, umount command hangs if the server is unresponsive
e.g. hibernating.

Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@us.ibm.com>
2013-10-06 20:18:42 -05:00
Pavel Shilovsky 42873b0a28 CIFS: Respect epoch value from create lease context v2
that force a client to purge cache pages when a server requests it.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-09 22:52:18 -05:00
Pavel Shilovsky b5c7cde3fa CIFS: Move parsing lease buffer to ops struct
Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-09 22:52:11 -05:00
Pavel Shilovsky a41a28bda9 CIFS: Move creating lease buffer to ops struct
to make adding new types of lease buffers easier.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-09 22:52:08 -05:00
Pavel Shilovsky 53ef1016fd CIFS: Store lease state itself rather than a mapped oplock value
and separate smb20_operations struct.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-09 22:52:05 -05:00
Shirish Pargaonkar 32811d242f cifs: Start using per session key for smb2/3 for signature generation
Switch smb2 code to use per session session key and smb3 code to
    use per session signing key instead of per connection key to
    generate signatures.

    For that, we need to find a session to fetch the session key to
    generate signature to match for every request and response packet.

    We also forgo checking signature for a session setup response
    from the server.

Acked-by: Jeff Layton <jlayton@samba.org>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-08 14:47:50 -05:00
Shirish Pargaonkar 5c234aa5e3 cifs: Add a variable specific to NTLMSSP for key exchange.
Add a variable specific to NTLMSSP authentication to determine
whether to exchange keys during negotiation and authentication phases.

Since session key for smb1 is per smb connection, once a very first
sesion is established, there is no need for key exchange during
subsequent session setups. As a result, smb1 session setup code sets this
variable as false.

Since session key for smb2 and smb3 is per smb connection, we need to
exchange keys to generate session key for every sesion being established.
As a result, smb2/3 session setup code sets this variable as true.

Acked-by: Jeff Layton <jlayton@samba.org>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-08 14:47:49 -05:00
Shirish Pargaonkar d4e63bd6e4 cifs: Process post session setup code in respective dialect functions.
Move the post (successful) session setup code to respective dialect routines.

For smb1, session key is per smb connection.
For smb2/smb3, session key is per smb session.

If client and server do not require signing, free session key for smb1/2/3.

If client and server require signing
  smb1 - Copy (kmemdup) session key for the first session to connection.
         Free session key of that and subsequent sessions on this connection.
  smb2 - For every session, keep the session key and free it when the
         session is being shutdown.
  smb3 - For every session, generate the smb3 signing key using the session key
         and then free the session key.

There are two unrelated line formatting changes as well.

Reviewed-by: Jeff Layton <jlayton@samba.org>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-08 14:47:47 -05:00
Wei Yongjun 31f92e9a87 CIFS: convert to use le32_add_cpu()
Convert cpu_to_le32(le32_to_cpu(E1) + E2) to use le32_add_cpu().

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-08 14:47:43 -05:00
Pavel Shilovsky b42bf88828 CIFS: Implement follow_link for SMB2
that allows to access files through symlink created on a server.

Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-09-08 14:27:34 -05:00
Steve French 1c46943f84 [CIFS] Fix minor endian error in durable handle patch series
Fix endian warning:

  CHECK   fs/cifs/smb2pdu.c
fs/cifs/smb2pdu.c:1068:40: warning: incorrect type in assignment (different base types)
fs/cifs/smb2pdu.c:1068:40:    expected restricted __le32 [usertype] Next
fs/cifs/smb2pdu.c:1068:40:    got unsigned long

Signed-off-by: Steve French <smfrench@gmail.com>
2013-07-10 13:08:55 -05:00
Pavel Shilovsky 9cbc0b7339 CIFS: Reconnect durable handles for SMB2
On reconnects, we need to reopen file and then obtain all byte-range
locks held by the client. SMB2 protocol provides feature to make
this process atomic by reconnecting to the same file handle
with all it's byte-range locks. This patch adds this capability
for SMB2 shares.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steven French <steven@steven-GA-970A-DS3.(none)>
2013-07-10 13:08:40 -05:00
Pavel Shilovsky 064f6047a1 CIFS: Make SMB2_open use cifs_open_parms struct
to prepare it for further durable handle reconnect processing.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steven French <steven@steven-GA-970A-DS3.(none)>
2013-07-10 13:08:40 -05:00
Pavel Shilovsky 63eb3def32 CIFS: Request durable open for SMB2 opens
by passing durable context together with a handle caching lease or
batch oplock.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steven French <steven@steven-GA-970A-DS3.(none)>
2013-07-10 13:08:39 -05:00
Pavel Shilovsky d22cbfecbd CIFS: Simplify SMB2 create context handling
to make it easier to add other create context further.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steven French <steven@steven-GA-970A-DS3.(none)>
2013-07-10 13:08:39 -05:00
Pavel Shilovsky 59aa371841 CIFS: Simplify SMB2_open code path
by passing a filename to a separate iovec regardless of its length.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steven French <steven@steven-GA-970A-DS3.(none)>
2013-07-10 13:08:39 -05:00
Pavel Shilovsky ca81983fe5 CIFS: Respect create_options in smb2_open_file
and eliminated unused file_attribute parms of SMB2_open.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steven French <steven@steven-GA-970A-DS3.(none)>
2013-07-10 13:08:39 -05:00
Pavel Shilovsky fd55439638 CIFS: Fix lease context buffer parsing
to prevent missing RqLs context if it's not the first one.

Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steven French <steven@steven-GA-970A-DS3.(none)>
2013-07-10 13:08:39 -05:00
Steve French f87ab88b40 [CIFS] Do not set DFS flag on SMB2 open
If we would set SMB2_FLAGS_DFS_OPERATIONS on open we also would have
to pass the path on the Open SMB prefixed by \\server\share.
Not sure when we would need to do the augmented path (if ever) and
setting this flag breaks the SMB2 open operation since it is
illegal to send an empty path name (without \\server\share prefix)
when the DFS flag is set in the SMB open header. We could
consider setting the flag on all operations other than open
but it is safer to net set it for now.

Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-26 19:14:55 -05:00
Steve French 84ceeb9626 [CIFS] fix static checker warning
Dan Carpenter wrote:

The patch 7f420cee8bd6: "[CIFS] Charge at least one credit, if server
says that it supports multicredit" from Jun 23, 2013, leads to the
following Smatch complaint:

fs/cifs/smb2pdu.c:120 smb2_hdr_assemble()
         warn: variable dereferenced before check 'tcon->ses' (see line 115)

CC: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-26 17:52:17 -05:00
Steve French 5d875cc928 When server doesn't provide SecurityBuffer on SMB2Negotiate pick default
According to MS-SMB2 section 2.2.4: if no blob, client picks default which
for us will be
	ses->sectype = RawNTLMSSP;
but for time being this is also our only auth choice so doesn't matter
as long as we include this fix (which does not treat the empty
SecurityBuffer as an error as the code had been doing).
We just found a server which sets blob length to zero expecting raw so
this fixes negotiation with that server.

Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-26 17:31:50 -05:00
Steve French 4a72dafa19 SMB2 FSCTL and IOCTL worker function
This worker function is needed to send SMB2 fsctl
(and ioctl) requests including:

validating negotiation info (secure negotiate)
querying the servers network interfaces
copy offload (refcopy)

Followon patches for the above three will use this.
This patch also does general validation of the response.

In the future, as David Disseldorp notes, for the copychunk ioctl
case, we will want to enhance the response processing to allow
returning the chunk request limits to the caller (even
though the server returns an error, in that case we would
return data that the caller could use - see 2.2.32.1).

See MS-SMB2 Section 2.2.31 for more details on format of fsctl.

Acked-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-26 17:31:29 -05:00
Steve French 2b80d049eb Charge at least one credit, if server says that it supports multicredit
In SMB2.1 and later the server will usually set the large MTU flag, and
we need to charge at least one credit, if server says that since
it supports multicredit.  Windows seems to let us get away with putting
a zero there, but they confirmed that it is wrong and the spec says
to put one there (if the request is under 64K and the CAP_LARGE_MTU
was returned during protocol negotiation by the server.

CC: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-26 17:26:03 -05:00
Zhao Hongjiang 46b51d0835 cifs: using strlcpy instead of strncpy
for NUL terminated string, need alway set '\0' in the end.

Signed-off-by: Zhao Hongjiang <zhaohongjiang@huawei.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-26 17:25:20 -05:00
Steve French 769ee6a402 Add ability to dipslay SMB3 share flags and capabilities for debugging
SMB3 protocol adds various optional per-share capabilities (and
SMB3.02 adds one more beyond that).  Add ability to dump
(/proc/fs/cifs/DebugData) the share capabilities and share flags to
improve debugging.

Signed-off-by: Steve French <smfrench@gmail.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
2013-06-24 01:56:46 -05:00
Steve French 20b6d8b42e Add SMB3.02 dialect support
The new Windows update supports SMB3.02 dialect, a minor update to SMB3.
This patch adds support for mounting with vers=3.02

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
2013-06-24 01:56:45 -05:00
Steve French 9cd2e62c49 Fix endian error in SMB2 protocol negotiation
Fix minor endian error in Jeff's auth rewrite

Reviewed-by: Jeff Laytonn <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-24 01:56:45 -05:00
Jeff Layton 3f618223dc move sectype to the cifs_ses instead of TCP_Server_Info
Now that we track what sort of NEGOTIATE response was received, stop
mandating that every session on a socket use the same type of auth.

Push that decision out into the session setup code, and make the sectype
a per-session property. This should allow us to mix multiple sectypes on
a socket as long as they are compatible with the NEGOTIATE response.

With this too, we can now eliminate the ses->secFlg field since that
info is redundant and harder to work with than a securityEnum.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-24 01:56:44 -05:00
Jeff Layton 38d77c50b4 cifs: track the enablement of signing in the TCP_Server_Info
Currently, we determine this according to flags in the sec_mode, flags
in the global_secflags and via other methods. That makes the semantics
very hard to follow and there are corner cases where we don't handle
this correctly.

Add a new bool to the TCP_Server_Info that acts as a simple flag to tell
us whether signing is enabled on this connection or not, and fix up the
places that need to determine this to use that flag.

This is a bit weird for the SMB2 case, where signing is per-session.
SMB2 needs work in this area already though. The existing SMB2 code has
similar logic to what we're using here, so there should be no real
change in behavior. These changes should make it easier to implement
per-session signing in the future though.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-24 01:56:43 -05:00
Jeff Layton e598d1d8fb cifs: track the flavor of the NEGOTIATE reponse
Track what sort of NEGOTIATE response we get from the server, as that
will govern what sort of authentication types this socket will support.

There are three possibilities:

LANMAN: server sent legacy LANMAN-type response

UNENCAP: server sent a newer-style response, but extended security bit
wasn't set. This socket will only support unencapsulated auth types.

EXTENDED: server sent a newer-style response with the extended security
bit set. This is necessary to support krb5 and ntlmssp auth types.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-24 01:56:42 -05:00
Jeff Layton 9ddec56131 cifs: move handling of signed connections into separate function
Move the sanity checks for signed connections into a separate function.
SMB2's was a cut-and-paste job from CIFS code, so we can make them use
the same function.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-06-24 01:56:41 -05:00
Jeff Layton 3534b8508e cifs: throw a warning if negotiate or sess_setup ops are passed NULL server or session pointers
These look pretty cargo-culty to me, but let's be certain. Leave
them in place for now. Pop a WARN if it ever does happen. Also,
move to a more standard idiom for setting the "server" pointer.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2013-06-24 01:56:40 -05:00
Joe Perches f96637be08 [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg
It's not obvious from reading the macro names that these macros
are for debugging.  Convert the names to a single more typical
kernel style cifs_dbg macro.

	cERROR(1, ...)   -> cifs_dbg(VFS, ...)
	cFYI(1, ...)     -> cifs_dbg(FYI, ...)
	cFYI(DBG2, ...)  -> cifs_dbg(NOISY, ...)

Move the terminating format newline from the macro to the call site.

Add CONFIG_CIFS_DEBUG function cifs_vfs_err to emit the
"CIFS VFS: " prefix for VFS messages.

Size is reduced ~ 1% when CONFIG_CIFS_DEBUG is set (default y)

$ size fs/cifs/cifs.ko*
   text    data     bss     dec     hex filename
 265245	   2525	    132	 267902	  4167e	fs/cifs/cifs.ko.new
 268359    2525     132  271016   422a8 fs/cifs/cifs.ko.old

Other miscellaneous changes around these conversions:

o Miscellaneous typo fixes
o Add terminating \n's to almost all formats and remove them
  from the macros to be more kernel style like.  A few formats
  previously had defective \n's
o Remove unnecessary OOM messages as kmalloc() calls dump_stack
o Coalesce formats to make grep easier,
  added missing spaces when coalescing formats
o Use %s, __func__ instead of embedded function name
o Removed unnecessary "cifs: " prefixes
o Convert kzalloc with multiply to kcalloc
o Remove unused cifswarn macro

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-05-04 22:17:23 -05:00
Dia Vasile d455b72bdd cifs: replaced kmalloc + memset with kzalloc
Signed-off-by: Diana Vasile <kill.elohim@hotmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2013-05-04 22:08:19 -05:00
Steve French 6d8b59d712 fix "disabling echoes and oplocks" on SMB2 mounts
SMB2 and later will return only 1 credit for session setup (phase 1)
not just for the negotiate protocol response.  Do not disable
echoes and oplocks on session setup (we only need one credit
for tree connection anyway) as a resonse with only 1 credit
on phase 1 of sessionsetup is expected.

Fixes the "CIFS VFS: disabling echoes and oplocks" message
logged to dmesg.

Signed-off-by: Steve French <smfrench@gmail.com>
Acked-by: Jeff Layton <jlayton@samba.org>
2012-12-09 19:47:15 -06:00
Steve French 52c0f4ad8e SMB3 mounts fail with access denied to some servers
We were checking incorrectly if signatures were required to be sent,
so were always sending signatures after the initial session establishment.
For SMB3 mounts (vers=3.0) this was a problem because we were putting
SMB2 signatures in SMB3 requests which would cause access denied
on mount (the tree connection would fail).

This might also be worth considering for stable (for 3.7), as the
error message on mount (access denied) is confusing to users and
there is no workaround if the server is configured to only
support smb3.0. I am ok either way.

CC: stable <stable@kernel.org>
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
2012-12-05 13:27:31 -06:00
Steve French e4aa25e780 [CIFS] Fix SMB2 negotiation support to select only one dialect (based on vers=)
Based on whether the user (on mount command) chooses:

vers=3.0 (for smb3.0 support)
vers=2.1 (for smb2.1 support)
or (with subsequent patch, which will allow SMB2 support)
vers=2.0 (for original smb2.02 dialect support)

send only one dialect at a time during negotiate (we
had been sending a list).

Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2012-10-01 12:26:22 -05:00
Pavel Shilovsky 4ca3a99ca4 CIFS: Fix possible freed pointer dereference in SMB2_sess_setup
and remove redundant (rsp == NULL) checks after SendReceive2.

Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
2012-09-26 22:15:18 -05:00