iget: stop CIFS from using iget() and read_inode()
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ce634ab28e7dbcc13ebe6e7bc5bc7de4f8def4c8 Commit: ce634ab28e7dbcc13ebe6e7bc5bc7de4f8def4c8 Parent: e33ab086ae227a34e34b17e86dbb9d2dbaebb489 Author: David Howells [EMAIL PROTECTED] AuthorDate: Thu Feb 7 00:15:33 2008 -0800 Committer: Linus Torvalds [EMAIL PROTECTED] CommitDate: Thu Feb 7 08:42:27 2008 -0800 iget: stop CIFS from using iget() and read_inode() Stop the CIFS filesystem from using iget() and read_inode(). Replace cifs_read_inode() with cifs_iget(), and call that instead of iget(). cifs_iget() then uses iget_locked() directly and returns a proper error code instead of an inode in the event of an error. cifs_read_super() now returns any error incurred when getting the root inode instead of ENOMEM. cifs_iget() needs examining. The comment can not call macro FreeXid here since in a void func is no longer true. Signed-off-by: David Howells [EMAIL PROTECTED] Cc: Steven French [EMAIL PROTECTED] Acked-by: Christoph Hellwig [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Linus Torvalds [EMAIL PROTECTED] --- fs/cifs/cifsfs.c |8 fs/cifs/cifsfs.h |1 + fs/cifs/inode.c | 22 +++--- 3 files changed, 24 insertions(+), 7 deletions(-) diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index e9f4ec7..fcc4342 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -147,10 +147,11 @@ cifs_read_super(struct super_block *sb, void *data, #endif sb-s_blocksize = CIFS_MAX_MSGSIZE; sb-s_blocksize_bits = 14; /* default 2**14 = CIFS_MAX_MSGSIZE */ - inode = iget(sb, ROOT_I); + inode = cifs_iget(sb, ROOT_I); - if (!inode) { - rc = -ENOMEM; + if (IS_ERR(inode)) { + rc = PTR_ERR(inode); + inode = NULL; goto out_no_root; } @@ -520,7 +521,6 @@ static int cifs_remount(struct super_block *sb, int *flags, char *data) } static const struct super_operations cifs_super_ops = { - .read_inode = cifs_read_inode, .put_super = cifs_put_super, .statfs = cifs_statfs, .alloc_inode = cifs_alloc_inode, diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 195b14d..6897830 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -44,6 +44,7 @@ extern void cifs_read_inode(struct inode *); /* Functions related to inodes */ extern const struct inode_operations cifs_dir_inode_ops; +extern struct inode *cifs_iget(struct super_block *, unsigned long); extern int cifs_create(struct inode *, struct dentry *, int, struct nameidata *); extern struct dentry *cifs_lookup(struct inode *, struct dentry *, diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index 47f2621..b1a4a65 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -586,10 +586,18 @@ static const struct inode_operations cifs_ipc_inode_ops = { }; /* gets root inode */ -void cifs_read_inode(struct inode *inode) +struct inode *cifs_iget(struct super_block *sb, unsigned long ino) { - int xid, rc; + int xid; struct cifs_sb_info *cifs_sb; + struct inode *inode; + long rc; + + inode = iget_locked(sb, ino); + if (!inode) + return ERR_PTR(-ENOMEM); + if (!(inode-i_state I_NEW)) + return inode; cifs_sb = CIFS_SB(inode-i_sb); xid = GetXid(); @@ -606,10 +614,18 @@ void cifs_read_inode(struct inode *inode) inode-i_fop = simple_dir_operations; inode-i_uid = cifs_sb-mnt_uid; inode-i_gid = cifs_sb-mnt_gid; + _FreeXid(xid); + iget_failed(inode); + return ERR_PTR(rc); } - /* can not call macro FreeXid here since in a void func */ + unlock_new_inode(inode); + + /* can not call macro FreeXid here since in a void func +* TODO: This is no longer true +*/ _FreeXid(xid); + return inode; } int cifs_unlink(struct inode *inode, struct dentry *direntry) - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
deprecate smbfs in favour of cifs
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c773633916c66f8362ca01983d97bd33e35b743f Commit: c773633916c66f8362ca01983d97bd33e35b743f Parent: 9692bd9c140618e3f6a2848900aee96c9cd8a65c Author: Andrew Morton [EMAIL PROTECTED] AuthorDate: Tue Feb 5 14:22:58 2008 -0800 Committer: Linus Torvalds [EMAIL PROTECTED] CommitDate: Tue Feb 5 14:37:15 2008 -0800 deprecate smbfs in favour of cifs smbfs is a bit buggy and has no maintainer. Change it to shout at the user on the first five mount attempts - tell them to switch to CIFS. Come December we'll mark it BROKEN and see what happens. [EMAIL PROTECTED]: documentation update] Cc: Urban Widmark [EMAIL PROTECTED] Acked-by: Steven French [EMAIL PROTECTED] Signed-off-by: Oleg Verych [EMAIL PROTECTED] Cc: Jeff Layton [EMAIL PROTECTED] Cc: Adrian Bunk [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Linus Torvalds [EMAIL PROTECTED] --- fs/Kconfig | 28 ++-- fs/smbfs/inode.c |7 +++ 2 files changed, 21 insertions(+), 14 deletions(-) diff --git a/fs/Kconfig b/fs/Kconfig index 987b5d7..ea5b359 100644 --- a/fs/Kconfig +++ b/fs/Kconfig @@ -1152,7 +1152,7 @@ config BEFS_DEBUG depends on BEFS_FS help If you say Y here, you can use the 'debug' mount option to enable - debugging output from the driver. + debugging output from the driver. config BFS_FS tristate BFS file system support (EXPERIMENTAL) @@ -1263,7 +1263,7 @@ config JFFS2_FS_XATTR Extended attributes are name:value pairs associated with inodes by the kernel or by users (see the attr(5) manual page, or visit http://acl.bestbits.at/ for details). - + If unsure, say N. config JFFS2_FS_POSIX_ACL @@ -1274,10 +1274,10 @@ config JFFS2_FS_POSIX_ACL help Posix Access Control Lists (ACLs) support permissions for users and groups beyond the owner/group/world scheme. - + To learn more about Access Control Lists, visit the Posix ACLs for Linux website http://acl.bestbits.at/. - + If you don't know what Access Control Lists are, say N config JFFS2_FS_SECURITY @@ -1289,7 +1289,7 @@ config JFFS2_FS_SECURITY implemented by security modules like SELinux. This option enables an extended attribute handler for file security labels in the jffs2 filesystem. - + If you are not using a security module that requires using extended attributes for file security labels, say N. @@ -1835,7 +1835,7 @@ config RPCSEC_GSS_SPKM3 If unsure, say N. config SMB_FS - tristate SMB file system support (to mount Windows shares etc.) + tristate SMB file system support (OBSOLETE, please use CIFS) depends on INET select NLS help @@ -1858,8 +1858,8 @@ config SMB_FS General information about how to connect Linux, Windows machines and Macs is on the WWW at http://www.eats.com/linux_mac_win.html. - To compile the SMB support as a module, choose M here: the module will - be called smbfs. Most people say N, however. + To compile the SMB support as a module, choose M here: + the module will be called smbfs. Most people say N, however. config SMB_NLS_DEFAULT bool Use a default NLS @@ -1891,7 +1891,7 @@ config SMB_NLS_REMOTE smbmount from samba 2.2.0 or later supports this. config CIFS - tristate CIFS support (advanced network filesystem for Samba, Window and other CIFS compliant servers) + tristate CIFS support (advanced network filesystem, SMBFS successor) depends on INET select NLS help @@ -1949,16 +1949,16 @@ config CIFS_WEAK_PW_HASH LANMAN based servers such as OS/2 and Windows 95, but such mounts may be less secure than mounts using NTLM or more recent security mechanisms if you are on a public network. Unless you - have a need to access old SMB servers (and are on a private + have a need to access old SMB servers (and are on a private network) you probably want to say N. Even if this support is enabled in the kernel build, LANMAN authentication will not be used automatically. At runtime LANMAN mounts are disabled but can be set to required (or optional) either in /proc/fs/cifs (see fs/cifs/README for more detail) or via an - option on the mount command. This support is disabled by + option on the mount command. This support is disabled by default in order to reduce the possibility of a downgrade attack. - + If unsure, say N. config CIFS_XATTR @@ -1999,7 +1999,7 @@ config CIFS_DEBUG2 messages in some error
[CIFS] DFS build fixes
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=366781c19635d861f43ff5e03388a3873ec912d9 Commit: 366781c19635d861f43ff5e03388a3873ec912d9 Parent: 6d5ae0deb1641bf615eafd8fef64218e10cb2fd0 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Jan 25 10:12:41 2008 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Jan 25 10:12:41 2008 + [CIFS] DFS build fixes Also includes a few minor changes suggested by Christoph Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_dfs_ref.c | 14 -- fs/cifs/cifsglob.h | 41 - fs/cifs/cifsproto.h|4 ++-- fs/cifs/connect.c | 12 fs/cifs/dns_resolve.c |5 +++-- fs/cifs/link.c | 16 6 files changed, 61 insertions(+), 31 deletions(-) diff --git a/fs/cifs/cifs_dfs_ref.c b/fs/cifs/cifs_dfs_ref.c index 15e31f8..413ee23 100644 --- a/fs/cifs/cifs_dfs_ref.c +++ b/fs/cifs/cifs_dfs_ref.c @@ -3,8 +3,9 @@ * traversal via DFS junction point * * Copyright (c) 2007 Igor Mammedov + * Copyright (C) International Business Machines Corp., 2008 * Author(s): Igor Mammedov ([EMAIL PROTECTED]) - * + * Steve French ([EMAIL PROTECTED]) * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version @@ -107,8 +108,9 @@ static char *cifs_get_share_name(const char *node_name) * Returns: pointer to new mount options or ERR_PTR. * Caller is responcible for freeing retunrned value if it is not error. */ -char *compose_mount_options(const char *sb_mountdata, const char *ref_unc, - char **devname) +static char *compose_mount_options(const char *sb_mountdata, + const char *ref_unc, + char **devname) { int rc; char *mountdata; @@ -188,13 +190,13 @@ compose_mount_options_out: } -struct vfsmount *cifs_dfs_do_refmount(const struct vfsmount *mnt_parent, +static struct vfsmount *cifs_dfs_do_refmount(const struct vfsmount *mnt_parent, struct dentry *dentry, char *ref_unc) { struct cifs_sb_info *cifs_sb; struct vfsmount *mnt; char *mountdata; - char *devname; + char *devname = NULL; cifs_sb = CIFS_SB(dentry-d_inode-i_sb); mountdata = compose_mount_options(cifs_sb-mountdata, @@ -278,7 +280,7 @@ static int add_mount_helper(struct vfsmount *newmnt, struct nameidata *nd, return err; } -void dump_referral(const struct dfs_info3_param *ref) +static void dump_referral(const struct dfs_info3_param *ref) { cFYI(1, (DFS: ref path: %s, ref-path_name)); cFYI(1, (DFS: node path: %s, ref-node_name)); diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 1fde219..5d32d8d 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -1,7 +1,7 @@ /* * fs/cifs/cifsglob.h * - * Copyright (C) International Business Machines Corp., 2002,2007 + * Copyright (C) International Business Machines Corp., 2002,2008 * Author(s): Steve French ([EMAIL PROTECTED]) * Jeremy Allison ([EMAIL PROTECTED]) * @@ -70,14 +70,6 @@ #endif /* - * This information is kept on every Server we know about. - * - * Some things to note: - * - */ -#define SERVER_NAME_LEN_WITH_NULL (SERVER_NAME_LENGTH + 1) - -/* * CIFS vfs client Status information (based on what we know.) */ @@ -460,6 +452,37 @@ struct dir_notify_req { struct file *pfile; }; +struct dfs_info3_param { + int flags; /* DFSREF_REFERRAL_SERVER, DFSREF_STORAGE_SERVER*/ + int PathConsumed; + int server_type; + int ref_flag; + char *path_name; + char *node_name; +}; + +static inline void free_dfs_info_param(struct dfs_info3_param *param) +{ + if (param) { + kfree(param-path_name); + kfree(param-node_name); + kfree(param); + } +} + +static inline void free_dfs_info_array(struct dfs_info3_param *param, + int number_of_items) +{ + int i; + if ((number_of_items == 0) || (param == NULL)) + return; + for (i = 0; i number_of_items; i++) { + kfree(param[i].path_name); + kfree(param[i].node_name); + } + kfree(param); +} + #define MID_FREE 0 #define MID_REQUEST_ALLOCATED 1 #define MID_REQUEST_SUBMITTED 2 diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index aaaf748..2f09f56 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -1,7 +1,7 @@ /* * fs/cifs/cifsproto.h * - * Copyright (c) International Business Machines Corp., 2002,2007 + * Copyright (c) International Business Machines Corp., 2002,2008 * Author(s
[CIFS] DFS support: provide shrinkable mounts
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6d5ae0deb1641bf615eafd8fef64218e10cb2fd0 Commit: 6d5ae0deb1641bf615eafd8fef64218e10cb2fd0 Parent: ed2b91701d97047fa9970645e43d5e551e261adb Author: Igor Mammedov [EMAIL PROTECTED] AuthorDate: Fri Jan 25 03:28:31 2008 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Jan 25 03:28:31 2008 + [CIFS] DFS support: provide shrinkable mounts Signed-off-by: Igor Mammedov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/Makefile |2 +- fs/cifs/cifs_dfs_ref.c | 375 fs/cifs/cifsfs.c |4 + fs/cifs/cifsfs.h |4 + fs/cifs/cifsproto.h|3 + 5 files changed, 387 insertions(+), 1 deletions(-) diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile index 09898b8..6ba43fb 100644 --- a/fs/cifs/Makefile +++ b/fs/cifs/Makefile @@ -10,4 +10,4 @@ cifs-y := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o \ cifs-$(CONFIG_CIFS_UPCALL) += cifs_spnego.o -cifs-$(CONFIG_CIFS_DFS_UPCALL) += dns_resolve.o +cifs-$(CONFIG_CIFS_DFS_UPCALL) += dns_resolve.o cifs_dfs_ref.o diff --git a/fs/cifs/cifs_dfs_ref.c b/fs/cifs/cifs_dfs_ref.c new file mode 100644 index 000..15e31f8 --- /dev/null +++ b/fs/cifs/cifs_dfs_ref.c @@ -0,0 +1,375 @@ +/* + * Contains the CIFS DFS referral mounting routines used for handling + * traversal via DFS junction point + * + * Copyright (c) 2007 Igor Mammedov + * Author(s): Igor Mammedov ([EMAIL PROTECTED]) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#include linux/dcache.h +#include linux/mount.h +#include linux/namei.h +#include linux/vfs.h +#include linux/fs.h +#include cifsglob.h +#include cifsproto.h +#include cifsfs.h +#include dns_resolve.h +#include cifs_debug.h + +LIST_HEAD(cifs_dfs_automount_list); + +/* + * DFS functions +*/ + +void dfs_shrink_umount_helper(struct vfsmount *vfsmnt) +{ + mark_mounts_for_expiry(cifs_dfs_automount_list); + mark_mounts_for_expiry(cifs_dfs_automount_list); + shrink_submounts(vfsmnt, cifs_dfs_automount_list); +} + +/** + * cifs_get_share_name - extracts share name from UNC + * @node_name: pointer to UNC string + * + * Extracts sharename form full UNC. + * i.e. strips from UNC trailing path that is not part of share + * name and fixup missing '\' in the begining of DFS node refferal + * if neccessary. + * Returns pointer to share name on success or NULL on error. + * Caller is responsible for freeing returned string. + */ +static char *cifs_get_share_name(const char *node_name) +{ + int len; + char *UNC; + char *pSep; + + len = strlen(node_name); + UNC = kmalloc(len+2 /*for term null and additional \ if it's missed */, +GFP_KERNEL); + if (!UNC) + return NULL; + + /* get share name and server name */ + if (node_name[1] != '\\') { + UNC[0] = '\\'; + strncpy(UNC+1, node_name, len); + len++; + UNC[len] = 0; + } else { + strncpy(UNC, node_name, len); + UNC[len] = 0; + } + + /* find server name end */ + pSep = memchr(UNC+2, '\\', len-2); + if (!pSep) { + cERROR(1, (%s: no server name end in node name: %s, + __FUNCTION__, node_name)); + kfree(UNC); + return NULL; + } + + /* find sharename end */ + pSep++; + pSep = memchr(UNC+(pSep-UNC), '\\', len-(pSep-UNC)); + if (!pSep) { + cERROR(1, (%s:2 cant find share name in node name: %s, + __FUNCTION__, node_name)); + kfree(UNC); + return NULL; + } + /* trim path up to sharename end +* * now we have share name in UNC */ + *pSep = 0; + + return UNC; +} + + +/** + * compose_mount_options - creates mount options for refferral + * @sb_mountdata: parent/root DFS mount options (template) + * @ref_unc: refferral server UNC + * @devname: pointer for saving device name + * + * creates mount options for submount based on template options sb_mountdata + * and replacing unc,ip,prefixpath options with ones we've got form ref_unc. + * + * Returns: pointer to new mount options or ERR_PTR. + * Caller is responcible for freeing retunrned value if it is not error. + */ +char *compose_mount_options(const char *sb_mountdata, const char *ref_unc, + char **devname) +{ + int rc; + char *mountdata; + int md_len; + char *tkn_e; + char *srvIP = NULL
[CIFS] Forgot to add two new files from previous commit
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=197c183f3526dc08aa52ca97ec66c268442d4b84 Commit: 197c183f3526dc08aa52ca97ec66c268442d4b84 Parent: 6103335de8afa5d780dcd512abe85c696af7b040 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Jan 10 17:10:23 2008 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Jan 10 17:10:23 2008 + [CIFS] Forgot to add two new files from previous commit Thanks to Igor for noticing this. CC: Igor Mammedov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/dns_resolve.c | 123 + fs/cifs/dns_resolve.h | 32 + 2 files changed, 155 insertions(+), 0 deletions(-) diff --git a/fs/cifs/dns_resolve.c b/fs/cifs/dns_resolve.c new file mode 100644 index 000..777a086 --- /dev/null +++ b/fs/cifs/dns_resolve.c @@ -0,0 +1,123 @@ +/* + * fs/cifs/dns_resolve.c + * + * Copyright (c) 2007 Igor Mammedov + * Author(s): Igor Mammedov ([EMAIL PROTECTED]) + * Steve French ([EMAIL PROTECTED]) + * + * Contains the CIFS DFS upcall routines used for hostname to + * IP address translation. + * + * This library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See + * the GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include keys/user-type.h +#include dns_resolve.h +#include cifsglob.h +#include cifsproto.h +#include cifs_debug.h + +static int dns_resolver_instantiate(struct key *key, const void *data, + size_t datalen) +{ + int rc = 0; + char *ip; + + ip = kmalloc(datalen+1, GFP_KERNEL); + if (!ip) + return -ENOMEM; + + memcpy(ip, data, datalen); + ip[datalen] = '\0'; + + rcu_assign_pointer(key-payload.data, ip); + + return rc; +} + +struct key_type key_type_dns_resolver = { + .name= dns_resolver, + .def_datalen = sizeof(struct in_addr), + .describe= user_describe, + .instantiate = dns_resolver_instantiate, + .match = user_match, +}; + + +/* Resolves server name to ip address. + * input: + * unc - server UNC + * output: + * *ip_addr - pointer to server ip, caller responcible for freeing it. + * return 0 on success + */ +int +dns_resolve_server_name_to_ip(const char *unc, char **ip_addr) { + int rc = -EAGAIN; + struct key *rkey; + char *name; + int len; + + if ((!ip_addr) || (!unc)) + return -EINVAL; + + /* search for server name delimiter */ + len = strlen(unc); + if (len 3) { + cFYI(1, (%s: unc is too short: %s, __FUNCTION__, unc)); + return -EINVAL; + } + len -= 2; + name = memchr(unc+2, '\\', len); + if (!name) { + cFYI(1, (%s: probably server name is whole unc: %s, + __FUNCTION__, unc)); + } else { + len = (name - unc) - 2/* leading // */; + } + + name = kmalloc(len+1, GFP_KERNEL); + if (!name) { + rc = -ENOMEM; + return rc; + } + memcpy(name, unc+2, len); + name[len] = 0; + + rkey = request_key(key_type_dns_resolver, name, ); + if (!IS_ERR(rkey)) { + len = strlen(rkey-payload.data); + *ip_addr = kmalloc(len+1, GFP_KERNEL); + if (*ip_addr) { + memcpy(*ip_addr, rkey-payload.data, len); + (*ip_addr)[len] = '\0'; + cFYI(1, (%s: resolved: %s to %s, __FUNCTION__, + rkey-description, + *ip_addr + )); + rc = 0; + } else { + rc = -ENOMEM; + } + key_put(rkey); + } else { + cERROR(1, (%s: unable to resolve: %s, __FUNCTION__, name)); + } + + kfree(name); + return rc; +} + + diff --git a/fs/cifs/dns_resolve.h b/fs/cifs/dns_resolve.h new file mode 100644 index 000..073fdc3 --- /dev/null +++ b/fs/cifs/dns_resolve.h @@ -0,0 +1,32 @@ +/* + * fs/cifs/dns_resolve.h -- DNS Resolver upcall management for CIFS DFS
[CIFS] DNS name resolution helper upcall for cifs
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6103335de8afa5d780dcd512abe85c696af7b040 Commit: 6103335de8afa5d780dcd512abe85c696af7b040 Parent: f6d09982197c4163c70f6af0cf15bb78674105c0 Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Jan 9 16:21:36 2008 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Jan 9 16:21:36 2008 + [CIFS] DNS name resolution helper upcall for cifs Adds additional option CIFS_DFS_UPCALL to fs/Kconfig for enabling DFS support. Resolved IP address is saved as a string in the key payload. Igor has a series of related patches that will follow which finish up CIFS DFS support Acked-by: Igor Mammedov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/Kconfig | 39 ++- fs/cifs/Makefile |2 ++ fs/cifs/cifsfs.c | 15 ++- 3 files changed, 42 insertions(+), 14 deletions(-) diff --git a/fs/Kconfig b/fs/Kconfig index 487236c..18cd221 100644 --- a/fs/Kconfig +++ b/fs/Kconfig @@ -1905,13 +1905,15 @@ config CIFS file servers such as Windows 2000 (including Windows 2003, NT 4 and Windows XP) as well by Samba (which provides excellent CIFS server support for Linux and many other operating systems). Limited - support for OS/2 and Windows ME and similar servers is provided as well. - - The intent of the cifs module is to provide an advanced - network file system client for mounting to CIFS compliant servers, - including support for dfs (hierarchical name space), secure per-user - session establishment, safe distributed caching (oplock), optional - packet signing, Unicode and other internationalization improvements. + support for OS/2 and Windows ME and similar servers is provided as + well. + + The cifs module provides an advanced network file system + client for mounting to CIFS compliant servers. It includes + support for DFS (hierarchical name space), secure per-user + session establishment via Kerberos or NTLM or NTLMv2, + safe distributed caching (oplock), optional packet + signing, Unicode and other internationalization improvements. If you need to mount to Samba or Windows from this machine, say Y. config CIFS_STATS @@ -1943,7 +1945,8 @@ config CIFS_WEAK_PW_HASH (since 1997) support stronger NTLM (and even NTLMv2 and Kerberos) security mechanisms. These hash the password more securely than the mechanisms used in the older LANMAN version of the - SMB protocol needed to establish sessions with old SMB servers. + SMB protocol but LANMAN based authentication is needed to + establish sessions with some old SMB servers. Enabling this option allows the cifs module to mount to older LANMAN based servers such as OS/2 and Windows 95, but such @@ -1951,8 +1954,8 @@ config CIFS_WEAK_PW_HASH security mechanisms if you are on a public network. Unless you have a need to access old SMB servers (and are on a private network) you probably want to say N. Even if this support - is enabled in the kernel build, they will not be used - automatically. At runtime LANMAN mounts are disabled but + is enabled in the kernel build, LANMAN authentication will not be + used automatically. At runtime LANMAN mounts are disabled but can be set to required (or optional) either in /proc/fs/cifs (see fs/cifs/README for more detail) or via an option on the mount command. This support is disabled by @@ -2018,12 +2021,22 @@ config CIFS_UPCALL depends on CIFS_EXPERIMENTAL depends on KEYS help - Enables an upcall mechanism for CIFS which will be used to contact - userspace helper utilities to provide SPNEGO packaged Kerberos - tickets which are needed to mount to certain secure servers + Enables an upcall mechanism for CIFS which accesses + userspace helper utilities to provide SPNEGO packaged (RFC 4178) + Kerberos tickets which are needed to mount to certain secure servers (for which more secure Kerberos authentication is required). If unsure, say N. +config CIFS_DFS_UPCALL + bool DFS feature support (EXPERIMENTAL) + depends on CIFS_EXPERIMENTAL + depends on KEYS + help + Enables an upcall mechanism for CIFS which contacts userspace + helper utilities to provide server name resolution (host names to + IP addresses) which is needed for implicit mounts of DFS junction + points. If unsure, say N. + config NCP_FS tristate NCP file system support (to mount NetWare volumes
[CIFS] fix checkpatch warnings in fs/cifs/inode.c
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f6d09982197c4163c70f6af0cf15bb78674105c0 Commit: f6d09982197c4163c70f6af0cf15bb78674105c0 Parent: 88e7d705c4bdb729f02173583628ccbf49dba945 Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Jan 8 23:18:22 2008 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Jan 8 23:18:22 2008 + [CIFS] fix checkpatch warnings in fs/cifs/inode.c Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/README | 28 +--- fs/cifs/TODO| 14 ++ fs/cifs/inode.c | 14 -- 3 files changed, 31 insertions(+), 25 deletions(-) diff --git a/fs/cifs/README b/fs/cifs/README index bf11329..c623e2f 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -56,7 +56,8 @@ the CIFS VFS web site) copy it to the same directory in which mount.smbfs and similar files reside (usually /sbin). Although the helper software is not required, mount.cifs is recommended. Eventually the Samba 3.0 utility program net may also be helpful since it may someday provide easier mount syntax for -users who are used to Windows e.g. net use mount point UNC name or cifs URL +users who are used to Windows e.g. + net use mount point UNC name or cifs URL Note that running the Winbind pam/nss module (logon service) on all of your Linux clients is useful in mapping Uids and Gids consistently across the domain to the proper network user. The mount.cifs mount helper can be @@ -248,7 +249,7 @@ A partial list of the supported mount options follows: the CIFS session. password The user password. If the mount helper is installed, the user will be prompted for password - if it is not supplied. + if not supplied. ip The ip address of the target server unc The target server Universal Network Name (export) to mount. @@ -283,7 +284,7 @@ A partial list of the supported mount options follows: can be enabled by specifying file_mode and dir_mode on the client. Note that the mount.cifs helper must be at version 1.10 or higher to support specifying the uid - (or gid) in non-numberic form. + (or gid) in non-numeric form. gid Set the default gid for inodes (similar to above). file_mode If CIFS Unix extensions are not supported by the server this overrides the default mode for file inodes. @@ -417,9 +418,10 @@ A partial list of the supported mount options follows: acl Allow setfacl and getfacl to manage posix ACLs if server supports them. (default) noaclDo not allow setfacl and getfacl calls on this mount - user_xattrAllow getting and setting user xattrs as OS/2 EAs (extended - attributes) to the server (default) e.g. via setfattr - and getfattr utilities. + user_xattrAllow getting and setting user xattrs (those attributes whose + name begins with user. or os2.) as OS/2 EAs (extended + attributes) to the server. This allows support of the + setfattr and getfattr utilities. (default) nouser_xattr Do not allow getfattr/setfattr to get/set/list xattrs mapchars Translate six of the seven reserved characters (not backslash) *?|: @@ -434,6 +436,7 @@ A partial list of the supported mount options follows: nomapchars Do not translate any of these seven characters (default). nocase Request case insensitive path name matching (case sensitive is the default if the server suports it). + (mount option ignorecase is identical to nocase) posixpaths If CIFS Unix extensions are supported, attempt to negotiate posix path name support which allows certain characters forbidden in typical CIFS filenames, without @@ -485,6 +488,9 @@ A partial list of the supported mount options follows: ntlmv2i Use NTLMv2 password hashing with packet signing lanman (if configured in kernel config) use older lanman hash +hard Retry file operations if server is not responding +soft Limit retries to unresponsive servers (usually only + one retry) before returning an error. (default) The mount.cifs mount helper also accepts a few mount options before -o including: @@ -535,8 +541,8 @@ SecurityFlags Flags which control security negotiation and must use NTLM 0x02002 may use NTLMv2 0x4 must use NTLMv2 0x04004 - may use Kerberos security
[CIFS] Allow setting mode via cifs acl
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=97837582bc1e191d2792af74c1f3762ed01243b9 Commit: 97837582bc1e191d2792af74c1f3762ed01243b9 Parent: 28c5a02a11f70bb1fd8dd3b633206e2db3220308 Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Dec 31 07:47:21 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Dec 31 07:47:21 2007 + [CIFS] Allow setting mode via cifs acl Requires cifsacl mount flag to be on and CIFS_EXPERIMENTAL enabled CC: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |2 + fs/cifs/cifsacl.c | 240 +-- fs/cifs/cifspdu.h |3 + fs/cifs/cifsproto.h |4 +- fs/cifs/cifssmb.c | 65 ++ fs/cifs/inode.c | 14 ++- 6 files changed, 315 insertions(+), 13 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 0c77876..edd2483 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -5,6 +5,8 @@ Enable experimental Kerberos support. Return writebehind errors on flush and sync so that events like out of disk space get reported properly on cached files. Fix setxattr failure to certain Samba versions. Fix mount of second share to disconnected server session (autoreconnect on this). +Add ability to modify cifs acls for handling chmod (when mounted with +cifsacl flag). Version 1.51 diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index c312adc..a7035bd 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -129,6 +129,54 @@ int compare_sids(const struct cifs_sid *ctsid, const struct cifs_sid *cwsid) return (1); /* sids compare/match */ } + +/* copy ntsd, owner sid, and group sid from a security descriptor to another */ +static void copy_sec_desc(const struct cifs_ntsd *pntsd, + struct cifs_ntsd *pnntsd, __u32 sidsoffset) +{ + int i; + + struct cifs_sid *owner_sid_ptr, *group_sid_ptr; + struct cifs_sid *nowner_sid_ptr, *ngroup_sid_ptr; + + /* copy security descriptor control portion */ + pnntsd-revision = pntsd-revision; + pnntsd-type = pntsd-type; + pnntsd-dacloffset = cpu_to_le32(sizeof(struct cifs_ntsd)); + pnntsd-sacloffset = 0; + pnntsd-osidoffset = cpu_to_le32(sidsoffset); + pnntsd-gsidoffset = cpu_to_le32(sidsoffset + sizeof(struct cifs_sid)); + + /* copy owner sid */ + owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + + le32_to_cpu(pntsd-osidoffset)); + nowner_sid_ptr = (struct cifs_sid *)((char *)pnntsd + sidsoffset); + + nowner_sid_ptr-revision = owner_sid_ptr-revision; + nowner_sid_ptr-num_subauth = owner_sid_ptr-num_subauth; + for (i = 0; i 6; i++) + nowner_sid_ptr-authority[i] = owner_sid_ptr-authority[i]; + for (i = 0; i 5; i++) + nowner_sid_ptr-sub_auth[i] = owner_sid_ptr-sub_auth[i]; + + /* copy group sid */ + group_sid_ptr = (struct cifs_sid *)((char *)pntsd + + le32_to_cpu(pntsd-gsidoffset)); + ngroup_sid_ptr = (struct cifs_sid *)((char *)pnntsd + sidsoffset + + sizeof(struct cifs_sid)); + + ngroup_sid_ptr-revision = group_sid_ptr-revision; + ngroup_sid_ptr-num_subauth = group_sid_ptr-num_subauth; + for (i = 0; i 6; i++) + ngroup_sid_ptr-authority[i] = group_sid_ptr-authority[i]; + for (i = 0; i 5; i++) + ngroup_sid_ptr-sub_auth[i] = + cpu_to_le32(group_sid_ptr-sub_auth[i]); + + return; +} + + /* change posix mode to reflect permissions pmode is the existing mode (we only want to overwrite part of this @@ -220,6 +268,33 @@ static void mode_to_access_flags(umode_t mode, umode_t bits_to_use, return; } +static __le16 fill_ace_for_sid(struct cifs_ace *pntace, + const struct cifs_sid *psid, __u64 nmode, umode_t bits) +{ + int i; + __u16 size = 0; + __u32 access_req = 0; + + pntace-type = ACCESS_ALLOWED; + pntace-flags = 0x0; + mode_to_access_flags(nmode, bits, access_req); + if (!access_req) + access_req = SET_MINIMUM_RIGHTS; + pntace-access_req = cpu_to_le32(access_req); + + pntace-sid.revision = psid-revision; + pntace-sid.num_subauth = psid-num_subauth; + for (i = 0; i 6; i++) + pntace-sid.authority[i] = psid-authority[i]; + for (i = 0; i psid-num_subauth; i++) + pntace-sid.sub_auth[i] = psid-sub_auth[i]; + + size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid-num_subauth * 4); + pntace-size = cpu_to_le16(size); + + return (size); +} + #ifdef CONFIG_CIFS_DEBUG2 static void dump_ace(struct cifs_ace *pace, char *end_of_acl) @@ -243,7 +318,7 @@ static void dump_ace
[CIFS] fix unicode string alignment in SPNEGO setup
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=28c5a02a11f70bb1fd8dd3b633206e2db3220308 Commit: 28c5a02a11f70bb1fd8dd3b633206e2db3220308 Parent: bb5a9a04d4cab4b13d63ac5cd3e1fb35f9583607 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Mon Dec 31 04:56:21 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Dec 31 04:56:21 2007 + [CIFS] fix unicode string alignment in SPNEGO setup Unicode strings need to be word aligned, but the code that handles that is currently not taking the length of the SPNEGO blob into account. Fix it to do so. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/sess.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index ce698d5..d2153ab 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -542,7 +542,7 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, if (ses-capabilities CAP_UNICODE) { /* unicode strings must be word aligned */ - if (iov[0].iov_len % 2) { + if ((iov[0].iov_len + iov[1].iov_len) % 2) { *bcc_ptr = 0; bcc_ptr++; } - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] redo existing session setup if needed in cifs_mount
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1d9a8852c365fb7f8db0f8364210138985f457b8 Commit: 1d9a8852c365fb7f8db0f8364210138985f457b8 Parent: 05b3de63da2abe804f5dbe0174298bf48949079f Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Mon Dec 31 01:37:11 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Dec 31 01:37:11 2007 + [CIFS] redo existing session setup if needed in cifs_mount When cifs_mount finds an existing SMB session that it can use for a new mount, it does not check to see whether that session is in need of being reconnected. An easy way to reproduce: 1) mount //server/share1 2) watch /proc/fs/cifs/DebugData for the share to go DISCONNECTED 3) mount //server/share2 with same creds as in step 1. The second mount will fail because CIFSTCon returned -EAGAIN. If you do an operation in share1 and then reattempt the mount it will work (since the session is reestablished). The following patch fixes this by having cifs_mount check the status of the session when it picks an existing session and calling cifs_setup_session on it again if it's in need of reconnection. Thanks to Wojciech Pilorz for the initial bug report. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |3 ++- fs/cifs/connect.c | 10 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 13d788f..0c77876 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -3,7 +3,8 @@ Version 1.52 Fix oops on second mount to server when null auth is used. Enable experimental Kerberos support. Return writebehind errors on flush and sync so that events like out of disk space get reported properly on -cached files. Fix setxattr failure to certain Samba versions. +cached files. Fix setxattr failure to certain Samba versions. Fix mount +of second share to disconnected server session (autoreconnect on this). Version 1.51 diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index fd9147c..658f58b 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1964,7 +1964,15 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, if (existingCifsSes) { pSesInfo = existingCifsSes; - cFYI(1, (Existing smb sess found)); + cFYI(1, (Existing smb sess found (status=%d), + pSesInfo-status)); + if (pSesInfo-status == CifsNeedReconnect) { + cFYI(1, (Session needs reconnect)); + down(pSesInfo-sesSem); + rc = cifs_setup_session(xid, pSesInfo, + cifs_sb-local_nls); + up(pSesInfo-sesSem); + } } else if (!rc) { cFYI(1, (Existing smb sess not found)); pSesInfo = sesInfoAlloc(); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] fix SetEA failure to some Samba versions
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dae5dbdbd786798ad2249e54df1156d524da30aa Commit: dae5dbdbd786798ad2249e54df1156d524da30aa Parent: e697789d64f8748cb219d7f5c413c512953802cc Author: Steve French [EMAIL PROTECTED] AuthorDate: Sun Dec 30 23:49:57 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sun Dec 30 23:49:57 2007 + [CIFS] fix SetEA failure to some Samba versions Thanks to Oleg Gvozdev for noticing the problem. CC: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |2 +- fs/cifs/cifssmb.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index a609599..13d788f 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -3,7 +3,7 @@ Version 1.52 Fix oops on second mount to server when null auth is used. Enable experimental Kerberos support. Return writebehind errors on flush and sync so that events like out of disk space get reported properly on -cached files. +cached files. Fix setxattr failure to certain Samba versions. Version 1.51 diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 9e8a6be..618542b 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -5499,7 +5499,7 @@ SetEARetry: else name_len = strnlen(ea_name, 255); - count = sizeof(*parm_data) + ea_value_len + name_len + 1; + count = sizeof(*parm_data) + ea_value_len + name_len; pSMB-MaxParameterCount = cpu_to_le16(2); pSMB-MaxDataCount = cpu_to_le16(1000); /* BB find max SMB size from sess */ pSMB-MaxSetupCount = 0; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Only dump SPNEGO key if CONFIG_CIFS_DEBUG2 is set
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=05b3de63da2abe804f5dbe0174298bf48949079f Commit: 05b3de63da2abe804f5dbe0174298bf48949079f Parent: dae5dbdbd786798ad2249e54df1156d524da30aa Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Mon Dec 31 00:51:45 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Dec 31 00:51:45 2007 + [CIFS] Only dump SPNEGO key if CONFIG_CIFS_DEBUG2 is set The SPNEGO key data is not terribly interesting except in certain debugging situations. Only dump it to the ring buffer if needed. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_spnego.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c index 1529d2b..d543acc 100644 --- a/fs/cifs/cifs_spnego.c +++ b/fs/cifs/cifs_spnego.c @@ -122,11 +122,13 @@ cifs_get_spnego_key(struct cifsSesInfo *sesInfo) cFYI(1, (key description = %s, description)); spnego_key = request_key(cifs_spnego_key_type, description, ); +#ifdef CONFIG_CIFS_DEBUG2 if (cifsFYI !IS_ERR(spnego_key)) { struct cifs_spnego_msg *msg = spnego_key-payload.data; - cifs_dump_mem(SPNEGO reply blob:, msg-data, - msg-secblob_len + msg-sesskey_len); + cifs_dump_mem(SPNEGO reply blob:, msg-data, min(1024, + msg-secblob_len + msg-sesskey_len)); } +#endif /* CONFIG_CIFS_DEBUG2 */ out: kfree(description); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] use krb5 session key from first SMB session after a NegProt
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1a67570c76402b36695cd0725e28649ee8fe830d Commit: 1a67570c76402b36695cd0725e28649ee8fe830d Parent: 1d9a8852c365fb7f8db0f8364210138985f457b8 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Mon Dec 31 04:03:02 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Dec 31 04:03:02 2007 + [CIFS] use krb5 session key from first SMB session after a NegProt Currently, any new kerberos SMB session overwrites the server's session key. The session key should only be set by the first SMB session set up on the socket. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/sess.c |8 +--- 1 files changed, 5 insertions(+), 3 deletions(-) diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index d0cb469..ce698d5 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -528,9 +528,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, rc = -EOVERFLOW; goto ssetup_exit; } - ses-server-mac_signing_key.len = msg-sesskey_len; - memcpy(ses-server-mac_signing_key.data.krb5, msg-data, - msg-sesskey_len); + if (first_time) { + ses-server-mac_signing_key.len = msg-sesskey_len; + memcpy(ses-server-mac_signing_key.data.krb5, + msg-data, msg-sesskey_len); + } pSMB-req.hdr.Flags2 |= SMBFLG2_EXT_SEC; capabilities |= CAP_EXTENDED_SECURITY; pSMB-req.Capabilities = cpu_to_le32(capabilities); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] cifs_partialpagewrite() cleanup
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bb5a9a04d4cab4b13d63ac5cd3e1fb35f9583607 Commit: bb5a9a04d4cab4b13d63ac5cd3e1fb35f9583607 Parent: 1a67570c76402b36695cd0725e28649ee8fe830d Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Dec 31 04:21:29 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Dec 31 04:21:29 2007 + [CIFS] cifs_partialpagewrite() cleanup rc cannot be -EBADF now and condition is always true Signed-off-by: Vasily Averin [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/file.c |8 +++- 1 files changed, 3 insertions(+), 5 deletions(-) diff --git a/fs/cifs/file.c b/fs/cifs/file.c index dd26e27..5f7c374 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -1179,12 +1179,10 @@ static int cifs_partialpagewrite(struct page *page, unsigned from, unsigned to) atomic_dec(open_file-wrtPending); /* Does mm or vfs already set times? */ inode-i_atime = inode-i_mtime = current_fs_time(inode-i_sb); - if ((bytes_written 0) (offset)) { + if ((bytes_written 0) (offset)) rc = 0; - } else if (bytes_written 0) { - if (rc != -EBADF) - rc = bytes_written; - } + else if (bytes_written 0) + rc = bytes_written; } else { cFYI(1, (No writeable filehandles for inode)); rc = -EIO; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] DFS support patchset: Added mountdata
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e6ab15827eec0bc421f7ccf0223de321c708 Commit: e6ab15827eec0bc421f7ccf0223de321c708 Parent: 197c183f3526dc08aa52ca97ec66c268442d4b84 Author: Igor Mammedov [EMAIL PROTECTED] AuthorDate: Fri Jan 11 01:49:48 2008 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Jan 11 01:49:48 2008 + [CIFS] DFS support patchset: Added mountdata Also cifs_fs_type was made not static for ussage in dfs code. Signed-off-by: Igor Mammedov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_fs_sb.h |5 - fs/cifs/cifsfs.c | 37 - fs/cifs/cifsfs.h |1 + 3 files changed, 41 insertions(+), 2 deletions(-) diff --git a/fs/cifs/cifs_fs_sb.h b/fs/cifs/cifs_fs_sb.h index 34af556..8ad2330 100644 --- a/fs/cifs/cifs_fs_sb.h +++ b/fs/cifs/cifs_fs_sb.h @@ -43,6 +43,9 @@ struct cifs_sb_info { mode_t mnt_dir_mode; int mnt_cifs_flags; int prepathlen; - char *prepath; + char *prepath; /* relative path under the share to mount to */ +#ifdef CONFIG_CIFS_DFS_UPCALL + char *mountdata; /* mount options received at mount time */ +#endif }; #endif /* _CIFS_FS_SB_H */ diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index 000b4a5..93e1078 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -97,6 +97,9 @@ cifs_read_super(struct super_block *sb, void *data, { struct inode *inode; struct cifs_sb_info *cifs_sb; +#ifdef CONFIG_CIFS_DFS_UPCALL + int len; +#endif int rc = 0; /* BB should we make this contingent on mount parm? */ @@ -106,6 +109,25 @@ cifs_read_super(struct super_block *sb, void *data, if (cifs_sb == NULL) return -ENOMEM; +#ifdef CONFIG_CIFS_DFS_UPCALL + /* copy mount params to sb for use in submounts */ + /* BB: should we move this after the mount so we +* do not have to do the copy on failed mounts? +* BB: May be it is better to do simple copy before +* complex operation (mount), and in case of fail +* just exit instead of doing mount and attempting +* undo it if this copy fails?*/ + len = strlen(data); + cifs_sb-mountdata = kzalloc(len + 1, GFP_KERNEL); + if (cifs_sb-mountdata == NULL) { + kfree(sb-s_fs_info); + sb-s_fs_info = NULL; + return -ENOMEM; + } + strncpy(cifs_sb-mountdata, data, len + 1); + cifs_sb-mountdata[len] = '\0'; +#endif + rc = cifs_mount(sb, cifs_sb, data, devname); if (rc) { @@ -155,6 +177,12 @@ out_no_root: out_mount_failed: if (cifs_sb) { +#ifdef CONFIG_CIFS_DFS_UPCALL + if (cifs_sb-mountdata) { + kfree(cifs_sb-mountdata); + cifs_sb-mountdata = NULL; + } +#endif if (cifs_sb-local_nls) unload_nls(cifs_sb-local_nls); kfree(cifs_sb); @@ -178,6 +206,13 @@ cifs_put_super(struct super_block *sb) if (rc) { cERROR(1, (cifs_umount failed with return code %d, rc)); } +#ifdef CONFIG_CIFS_DFS_UPCALL + if (cifs_sb-mountdata) { + kfree(cifs_sb-mountdata); + cifs_sb-mountdata = NULL; + } +#endif + unload_nls(cifs_sb-local_nls); kfree(cifs_sb); return; @@ -553,7 +588,7 @@ static loff_t cifs_llseek(struct file *file, loff_t offset, int origin) return remote_llseek(file, offset, origin); } -static struct file_system_type cifs_fs_type = { +struct file_system_type cifs_fs_type = { .owner = THIS_MODULE, .name = cifs, .get_sb = cifs_get_sb, diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 2a21dc6..2e68126 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -32,6 +32,7 @@ #define TRUE 1 #endif +extern struct file_system_type cifs_fs_type; extern const struct address_space_operations cifs_addr_ops; extern const struct address_space_operations cifs_addr_ops_smallbuf; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Do not log path names in lookup errors
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ed2b91701d97047fa9970645e43d5e551e261adb Commit: ed2b91701d97047fa9970645e43d5e551e261adb Parent: e6ab15827eec0bc421f7ccf0223de321c708 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sun Jan 20 00:30:29 2008 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sun Jan 20 00:30:29 2008 + [CIFS] Do not log path names in lookup errors Andi Kleen noticed that we were logging access denied errors (which is noisy in the dmesg log, and not needed to be logged) and that we were logging path names on that an other errors (e.g. EIO) which we should not be doing. CC: Andi Kleen [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/dir.c | 10 -- 1 files changed, 4 insertions(+), 6 deletions(-) diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c index 37dc97a..699ec11 100644 --- a/fs/cifs/dir.c +++ b/fs/cifs/dir.c @@ -517,12 +517,10 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry, d_add(direntry, NULL); /* if it was once a directory (but how can we tell?) we could do shrink_dcache_parent(direntry); */ - } else { - cERROR(1, (Error 0x%x on cifs_get_inode_info in lookup of %s, - rc, full_path)); - /* BB special case check for Access Denied - watch security - exposure of returning dir info implicitly via different rc - if file exists or not but no access BB */ + } else if (rc != -EACCES) { + cERROR(1, (Unexpected lookup error %d, rc)); + /* We special case check for Access Denied - since that + is a common return code */ } kfree(full_path); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
regression: cifs endianness bug
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9b5e6857b3f3acc8ab434e565b7ec87bf9f9b53c Commit: 9b5e6857b3f3acc8ab434e565b7ec87bf9f9b53c Parent: ecaf18c15aac8bb9bed7b7aa0e382fe252e275d5 Author: Al Viro [EMAIL PROTECTED] AuthorDate: Wed Dec 5 08:24:38 2007 + Committer: Linus Torvalds [EMAIL PROTECTED] CommitDate: Wed Dec 5 09:25:19 2007 -0800 regression: cifs endianness bug access_flags_to_mode() gets on-the-wire data (little-endian) and treats it as host-endian. Introduced in commit e01b64001359034d04c695388870936ed3d1b56b ([CIFS] enable get mode from ACL when cifsacl mount option specified) Signed-off-by: Al Viro [EMAIL PROTECTED] Signed-off-by: Linus Torvalds [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 33 + 1 files changed, 17 insertions(+), 16 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index f02fdef..c312adc 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -134,9 +134,10 @@ int compare_sids(const struct cifs_sid *ctsid, const struct cifs_sid *cwsid) pmode is the existing mode (we only want to overwrite part of this bits to set can be: S_IRWXU, S_IRWXG or S_IRWXO ie 00700 or 00070 or 7 */ -static void access_flags_to_mode(__u32 ace_flags, int type, umode_t *pmode, +static void access_flags_to_mode(__le32 ace_flags, int type, umode_t *pmode, umode_t *pbits_to_set) { + __u32 flags = le32_to_cpu(ace_flags); /* the order of ACEs is important. The canonical order is to begin with DENY entries followed by ALLOW, otherwise an allow entry could be encountered first, making the subsequent deny entry like dead code @@ -146,17 +147,17 @@ static void access_flags_to_mode(__u32 ace_flags, int type, umode_t *pmode, /* For deny ACEs we change the mask so that subsequent allow access control entries do not turn on the bits we are denying */ if (type == ACCESS_DENIED) { - if (ace_flags GENERIC_ALL) { + if (flags GENERIC_ALL) { *pbits_to_set = ~S_IRWXUGO; } - if ((ace_flags GENERIC_WRITE) || - ((ace_flags FILE_WRITE_RIGHTS) == FILE_WRITE_RIGHTS)) + if ((flags GENERIC_WRITE) || + ((flags FILE_WRITE_RIGHTS) == FILE_WRITE_RIGHTS)) *pbits_to_set = ~S_IWUGO; - if ((ace_flags GENERIC_READ) || - ((ace_flags FILE_READ_RIGHTS) == FILE_READ_RIGHTS)) + if ((flags GENERIC_READ) || + ((flags FILE_READ_RIGHTS) == FILE_READ_RIGHTS)) *pbits_to_set = ~S_IRUGO; - if ((ace_flags GENERIC_EXECUTE) || - ((ace_flags FILE_EXEC_RIGHTS) == FILE_EXEC_RIGHTS)) + if ((flags GENERIC_EXECUTE) || + ((flags FILE_EXEC_RIGHTS) == FILE_EXEC_RIGHTS)) *pbits_to_set = ~S_IXUGO; return; } else if (type != ACCESS_ALLOWED) { @@ -165,25 +166,25 @@ static void access_flags_to_mode(__u32 ace_flags, int type, umode_t *pmode, } /* else ACCESS_ALLOWED type */ - if (ace_flags GENERIC_ALL) { + if (flags GENERIC_ALL) { *pmode |= (S_IRWXUGO (*pbits_to_set)); #ifdef CONFIG_CIFS_DEBUG2 cFYI(1, (all perms)); #endif return; } - if ((ace_flags GENERIC_WRITE) || - ((ace_flags FILE_WRITE_RIGHTS) == FILE_WRITE_RIGHTS)) + if ((flags GENERIC_WRITE) || + ((flags FILE_WRITE_RIGHTS) == FILE_WRITE_RIGHTS)) *pmode |= (S_IWUGO (*pbits_to_set)); - if ((ace_flags GENERIC_READ) || - ((ace_flags FILE_READ_RIGHTS) == FILE_READ_RIGHTS)) + if ((flags GENERIC_READ) || + ((flags FILE_READ_RIGHTS) == FILE_READ_RIGHTS)) *pmode |= (S_IRUGO (*pbits_to_set)); - if ((ace_flags GENERIC_EXECUTE) || - ((ace_flags FILE_EXEC_RIGHTS) == FILE_EXEC_RIGHTS)) + if ((flags GENERIC_EXECUTE) || + ((flags FILE_EXEC_RIGHTS) == FILE_EXEC_RIGHTS)) *pmode |= (S_IXUGO (*pbits_to_set)); #ifdef CONFIG_CIFS_DEBUG2 - cFYI(1, (access flags 0x%x mode now 0x%x, ace_flags, *pmode)); + cFYI(1, (access flags 0x%x mode now 0x%x, flags, *pmode)); #endif return; } - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix buffer overflow if server sends corrupt response to small
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=133672efbc1085f9af990bdc145e1822ea93bcf3 Commit: 133672efbc1085f9af990bdc145e1822ea93bcf3 Parent: 9418d5dc9ba40b88737580457bf3b7c63c60ec43 Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Nov 13 22:41:37 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Nov 13 22:41:37 2007 + [CIFS] Fix buffer overflow if server sends corrupt response to small request In SendReceive() function in transport.c - it memcpy's message payload into a buffer passed via out_buf param. The function assumes that all buffers are of size (CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) , unfortunately it is also called with smaller (MAX_CIFS_SMALL_BUFFER_SIZE) buffers. There are eight callers (SMB worker functions) which are primarily affected by this change: TreeDisconnect, uLogoff, Close, findClose, SetFileSize, SetFileTimes, Lock and PosixLock CC: Dave Kleikamp [EMAIL PROTECTED] CC: Przemyslaw Wegrzyn [EMAIL PROTECTED] Acked-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsglob.h | 11 ++ fs/cifs/cifsproto.h |5 ++- fs/cifs/cifssmb.c | 97 +++ fs/cifs/connect.c |9 +++-- fs/cifs/file.c | 14 fs/cifs/sess.c |2 +- fs/cifs/transport.c | 91 --- 7 files changed, 133 insertions(+), 96 deletions(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 87f51f2..4ff8179 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -471,6 +471,17 @@ struct dir_notify_req { #define CIFS_LARGE_BUFFER 2 #define CIFS_IOVEC4/* array of response buffers */ +/* Type of Request to SendReceive2 */ +#define CIFS_STD_OP 0/* normal request timeout */ +#define CIFS_LONG_OP 1/* long op (up to 45 sec, oplock time) */ +#define CIFS_VLONG_OP 2/* sloow op - can take up to 180 seconds */ +#define CIFS_BLOCKING_OP 4/* operation can block */ +#define CIFS_ASYNC_OP 8/* do not wait for response */ +#define CIFS_TIMEOUT_MASK 0x00F/* only one of 5 above set in req */ +#define CIFS_LOG_ERROR0x010/* log NT STATUS if non-zero */ +#define CIFS_LARGE_BUF_OP 0x020/* large request buffer */ +#define CIFS_NO_RESP 0x040/* no response buffer required */ + /* Security Flags: indicate type of session setup needed */ #define CIFSSEC_MAY_SIGN 0x1 #define CIFSSEC_MAY_NTLM 0x2 diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index dd1d7c2..0c55dff 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -48,10 +48,11 @@ extern int SendReceive(const unsigned int /* xid */ , struct cifsSesInfo *, struct smb_hdr * /* input */ , struct smb_hdr * /* out */ , int * /* bytes returned */ , const int long_op); +extern int SendReceiveNoRsp(const unsigned int xid, struct cifsSesInfo *ses, + struct smb_hdr *in_buf, int flags); extern int SendReceive2(const unsigned int /* xid */ , struct cifsSesInfo *, struct kvec *, int /* nvec to send */, - int * /* type of buf returned */ , const int long_op, - const int logError /* whether to log status code*/ ); + int * /* type of buf returned */ , const int flags); extern int SendReceiveBlockingLock(const unsigned int /* xid */ , struct cifsTconInfo *, struct smb_hdr * /* input */ , diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 59d7b7c..9e8a6be 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -698,9 +698,7 @@ int CIFSSMBTDis(const int xid, struct cifsTconInfo *tcon) { struct smb_hdr *smb_buffer; - struct smb_hdr *smb_buffer_response; /* BB removeme BB */ int rc = 0; - int length; cFYI(1, (In tree disconnect)); /* @@ -737,16 +735,12 @@ CIFSSMBTDis(const int xid, struct cifsTconInfo *tcon) if (rc) { up(tcon-tconSem); return rc; - } else { - smb_buffer_response = smb_buffer; /* BB removeme BB */ } - rc = SendReceive(xid, tcon-ses, smb_buffer, smb_buffer_response, -length, 0); + + rc = SendReceiveNoRsp(xid, tcon-ses, smb_buffer, 0); if (rc) cFYI(1, (Tree disconnect failed %d, rc)); - if (smb_buffer) - cifs_small_buf_release(smb_buffer); up(tcon-tconSem); /* No need to return error on this operation if tid invalidated and @@ -760,10 +754,8 @@ CIFSSMBTDis(const int xid, struct cifsTconInfo *tcon) int CIFSSMBLogoff(const int xid
[CIFS] clean up error handling in cifs_mount
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=70fe7dc05596a405ee6a83265f675a544e32f7d8 Commit: 70fe7dc05596a405ee6a83265f675a544e32f7d8 Parent: 68bf728a225b7f2045bb501854d6e7695b9b015d Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Fri Nov 16 22:21:07 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Nov 16 22:21:07 2007 + [CIFS] clean up error handling in cifs_mount Move all of the kfree's sprinkled in the middle of the function to the end, and have the code set rc and just goto there on error. Also zero out the password string before freeing it. Looks like this should also fix a potential memory leak of the prepath string if an error occurs near the end of the function. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c | 88 ++--- 1 files changed, 30 insertions(+), 58 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 26e1087..58c509e 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1781,11 +1781,8 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, memset(volume_info, 0, sizeof(struct smb_vol)); if (cifs_parse_mount_options(mount_data, devname, volume_info)) { - kfree(volume_info.UNC); - kfree(volume_info.password); - kfree(volume_info.prepath); - FreeXid(xid); - return -EINVAL; + rc = -EINVAL; + goto out; } if (volume_info.nullauth) { @@ -1798,11 +1795,8 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, cifserror(No username specified); /* In userspace mount helper we can get user name from alternate locations such as env variables and files on disk */ - kfree(volume_info.UNC); - kfree(volume_info.password); - kfree(volume_info.prepath); - FreeXid(xid); - return -EINVAL; + rc = -EINVAL; + goto out; } if (volume_info.UNCip volume_info.UNC) { @@ -1821,11 +1815,8 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, if (rc = 0) { /* we failed translating address */ - kfree(volume_info.UNC); - kfree(volume_info.password); - kfree(volume_info.prepath); - FreeXid(xid); - return -EINVAL; + rc = -EINVAL; + goto out; } cFYI(1, (UNC: %s ip: %s, volume_info.UNC, volume_info.UNCip)); @@ -1835,20 +1826,14 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, /* BB using ip addr as server name to connect to the DFS root below */ cERROR(1, (Connecting to DFS root not implemented yet)); - kfree(volume_info.UNC); - kfree(volume_info.password); - kfree(volume_info.prepath); - FreeXid(xid); - return -EINVAL; + rc = -EINVAL; + goto out; } else /* which servers DFS root would we conect to */ { cERROR(1, (CIFS mount error: No UNC path (e.g. -o unc=//192.168.1.100/public) specified)); - kfree(volume_info.UNC); - kfree(volume_info.password); - kfree(volume_info.prepath); - FreeXid(xid); - return -EINVAL; + rc = -EINVAL; + goto out; } /* this is needed for ASCII cp to Unicode converts */ @@ -1860,11 +1845,8 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, if (cifs_sb-local_nls == NULL) { cERROR(1, (CIFS mount error: iocharset %s not found, volume_info.iocharset)); - kfree(volume_info.UNC); - kfree(volume_info.password); - kfree(volume_info.prepath); - FreeXid(xid); - return -ELIBACC; + rc = -ELIBACC; + goto out; } } @@ -1878,11 +1860,8 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, sin_server6.sin6_addr, volume_info.username, srvTcp); } else { - kfree(volume_info.UNC); - kfree(volume_info.password); - kfree(volume_info.prepath); - FreeXid(xid); - return -EINVAL; + rc = -EINVAL; + goto out
[CIFS] add hostname field to TCP_Server_Info struct
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c359cf3c61c6ea9f4f461a8bd22023a15d75d9b5 Commit: c359cf3c61c6ea9f4f461a8bd22023a15d75d9b5 Parent: 70fe7dc05596a405ee6a83265f675a544e32f7d8 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Fri Nov 16 22:22:06 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Nov 16 22:22:06 2007 + [CIFS] add hostname field to TCP_Server_Info struct ...and populate it with the hostname portion of the UNC string. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsglob.h |1 + fs/cifs/connect.c | 36 2 files changed, 37 insertions(+), 0 deletions(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 4ff8179..3525082 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -139,6 +139,7 @@ struct TCP_Server_Info { /* 15 character server name + 0x20 16th byte indicating type = srv */ char server_RFC1001_name[SERVER_NAME_LEN_WITH_NULL]; char unicode_server_Name[SERVER_NAME_LEN_WITH_NULL * 2]; + char *hostname; /* hostname portion of UNC string */ struct socket *ssocket; union { struct sockaddr_in sockAddr; diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 58c509e..98ec57f 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -752,6 +752,7 @@ multi_t2_fnd: } write_unlock(GlobalSMBSeslock); + kfree(server-hostname); kfree(server); if (length 0) mempool_resize(cifs_req_poolp, length + cifs_min_rcv, @@ -760,6 +761,34 @@ multi_t2_fnd: return 0; } +/* extract the host portion of the UNC string */ +static char * +extract_hostname(const char *unc) +{ + const char *src; + char *dst, *delim; + unsigned int len; + + /* skip double chars at beginning of string */ + /* BB: check validity of these bytes? */ + src = unc + 2; + + /* delimiter between hostname and sharename is always '\\' now */ + delim = strchr(src, '\\'); + if (!delim) + return ERR_PTR(-EINVAL); + + len = delim - src; + dst = kmalloc((len + 1), GFP_KERNEL); + if (dst == NULL) + return ERR_PTR(-ENOMEM); + + memcpy(dst, src, len); + dst[len] = '\0'; + + return dst; +} + static int cifs_parse_mount_options(char *options, const char *devname, struct smb_vol *vol) @@ -1900,6 +1929,12 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, /* BB Add code for ipv6 case too */ srvTcp-ssocket = csocket; srvTcp-protocolType = IPV4; + srvTcp-hostname = extract_hostname(volume_info.UNC); + if (IS_ERR(srvTcp-hostname)) { + rc = PTR_ERR(srvTcp-hostname); + sock_release(csocket); + goto out; + } init_waitqueue_head(srvTcp-response_q); init_waitqueue_head(srvTcp-request_q); INIT_LIST_HEAD(srvTcp-pending_mid_q); @@ -1914,6 +1949,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, cERROR(1, (error %d create cifsd thread, rc)); srvTcp-tsk = NULL; sock_release(csocket); + kfree(srvTcp-hostname); goto out; } wait_for_completion(cifsd_complete); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] add ver= prefix to upcall format version
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=68bf728a225b7f2045bb501854d6e7695b9b015d Commit: 68bf728a225b7f2045bb501854d6e7695b9b015d Parent: 133672efbc1085f9af990bdc145e1822ea93bcf3 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Nov 16 18:32:52 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Nov 16 18:32:52 2007 + [CIFS] add ver= prefix to upcall format version Acked-by: Jeff Layton [EMAIL PROTECTED] Acked-by: Igor Mammedov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_spnego.c | 17 +++-- 1 files changed, 11 insertions(+), 6 deletions(-) diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c index ad54a3a..d79eee4 100644 --- a/fs/cifs/cifs_spnego.c +++ b/fs/cifs/cifs_spnego.c @@ -66,6 +66,11 @@ struct key_type cifs_spnego_key_type = { .describe = user_describe, }; +#define MAX_VER_STR_LEN 9 /* length of longest version string e.g. + strlen(;ver=0xFF) */ +#define MAX_MECH_STR_LEN 13 /* length of longest security mechanism name, eg + in future could have strlen(;sec=ntlmsspi) */ +#define MAX_IPV6_ADDR_LEN 42 /* eg FEDC:BA98:7654:3210:FEDC:BA98:7654:3210/60 */ /* get a key struct with a SPNEGO security blob, suitable for session setup */ struct key * cifs_get_spnego_key(struct cifsSesInfo *sesInfo, const char *hostname) @@ -75,11 +80,11 @@ cifs_get_spnego_key(struct cifsSesInfo *sesInfo, const char *hostname) size_t desc_len; struct key *spnego_key; - - /* version + ;ip{4|6}= + address + ;host=hostname + - ;sec= + ;uid= + NULL */ - desc_len = 4 + 5 + 32 + 1 + 5 + strlen(hostname) + - strlen(;sec=krb5) + 7 + sizeof(uid_t)*2 + 1; + /* BB: come up with better scheme for determining length */ + /* length of fields (with semicolons): ver=0xyz ipv4= ipaddress host= + hostname sec=mechanism uid=0x uid */ + desc_len = MAX_VER_STR_LEN + 5 + MAX_IPV6_ADDR_LEN + 1 + 6 + + strlen(hostname) + MAX_MECH_STR_LEN + 8 + (sizeof(uid_t) * 2); spnego_key = ERR_PTR(-ENOMEM); description = kzalloc(desc_len, GFP_KERNEL); if (description == NULL) @@ -88,7 +93,7 @@ cifs_get_spnego_key(struct cifsSesInfo *sesInfo, const char *hostname) dp = description; /* start with version and hostname portion of UNC string */ spnego_key = ERR_PTR(-EINVAL); - sprintf(dp, 0x%2.2x;host=%s;, CIFS_SPNEGO_UPCALL_VERSION, + sprintf(dp, ver=0x%x;host=%s;, CIFS_SPNEGO_UPCALL_VERSION, hostname); dp = description + strlen(description); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] have cifs_get_spnego_key get the hostname from TCP_Server_Info
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d6c2e4d02b72d8ae63784bdc57cfa285128de211 Commit: d6c2e4d02b72d8ae63784bdc57cfa285128de211 Parent: c359cf3c61c6ea9f4f461a8bd22023a15d75d9b5 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Fri Nov 16 22:23:17 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Nov 16 22:23:17 2007 + [CIFS] have cifs_get_spnego_key get the hostname from TCP_Server_Info Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_spnego.c |3 ++- fs/cifs/cifsproto.h |3 +-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c index d79eee4..c466b56 100644 --- a/fs/cifs/cifs_spnego.c +++ b/fs/cifs/cifs_spnego.c @@ -73,12 +73,13 @@ struct key_type cifs_spnego_key_type = { #define MAX_IPV6_ADDR_LEN 42 /* eg FEDC:BA98:7654:3210:FEDC:BA98:7654:3210/60 */ /* get a key struct with a SPNEGO security blob, suitable for session setup */ struct key * -cifs_get_spnego_key(struct cifsSesInfo *sesInfo, const char *hostname) +cifs_get_spnego_key(struct cifsSesInfo *sesInfo) { struct TCP_Server_Info *server = sesInfo-server; char *description, *dp; size_t desc_len; struct key *spnego_key; + const char *hostname = server-hostname; /* BB: come up with better scheme for determining length */ /* length of fields (with semicolons): ver=0xyz ipv4= ipaddress host= diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 0c55dff..3a37c6c 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -77,8 +77,7 @@ extern void header_assemble(struct smb_hdr *, char /* command */ , extern int small_smb_init_no_tc(const int smb_cmd, const int wct, struct cifsSesInfo *ses, void **request_buf); -extern struct key *cifs_get_spnego_key(struct cifsSesInfo *sesInfo, - const char *hostname); +extern struct key *cifs_get_spnego_key(struct cifsSesInfo *sesInfo); extern int CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, const int stage, const struct nls_table *nls_cp); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] minor checkpatch cleanup
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8840dee9dc53883883c321d2811e9f87700d9350 Commit: 8840dee9dc53883883c321d2811e9f87700d9350 Parent: d6c2e4d02b72d8ae63784bdc57cfa285128de211 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Nov 16 23:05:52 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Nov 16 23:05:52 2007 + [CIFS] minor checkpatch cleanup Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsproto.h | 10 +- fs/cifs/connect.c |2 +- fs/cifs/file.c |6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 3a37c6c..3748104 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -248,15 +248,15 @@ extern int CIFSSMBQueryReparseLinkInfo(const int xid, extern int CIFSSMBOpen(const int xid, struct cifsTconInfo *tcon, const char *fileName, const int disposition, const int access_flags, const int omode, - __u16 * netfid, int *pOplock, FILE_ALL_INFO *, + __u16 *netfid, int *pOplock, FILE_ALL_INFO *, const struct nls_table *nls_codepage, int remap); extern int SMBLegacyOpen(const int xid, struct cifsTconInfo *tcon, const char *fileName, const int disposition, const int access_flags, const int omode, - __u16 * netfid, int *pOplock, FILE_ALL_INFO *, + __u16 *netfid, int *pOplock, FILE_ALL_INFO *, const struct nls_table *nls_codepage, int remap); extern int CIFSPOSIXCreate(const int xid, struct cifsTconInfo *tcon, - u32 posix_flags, __u64 mode, __u16 * netfid, + u32 posix_flags, __u64 mode, __u16 *netfid, FILE_UNIX_BASIC_INFO *pRetData, __u32 *pOplock, const char *name, const struct nls_table *nls_codepage, int remap); @@ -277,7 +277,7 @@ extern int CIFSSMBWrite2(const int xid, struct cifsTconInfo *tcon, const __u64 offset, unsigned int *nbytes, struct kvec *iov, const int nvec, const int long_op); extern int CIFSGetSrvInodeNumber(const int xid, struct cifsTconInfo *tcon, - const unsigned char *searchName, __u64 * inode_number, + const unsigned char *searchName, __u64 *inode_number, const struct nls_table *nls_codepage, int remap_special_chars); extern int cifs_convertUCSpath(char *target, const __le16 *source, int maxlen, @@ -352,5 +352,5 @@ extern int CIFSSMBSetPosixACL(const int xid, struct cifsTconInfo *tcon, const char *local_acl, const int buflen, const int acl_type, const struct nls_table *nls_codepage, int remap_special_chars); extern int CIFSGetExtAttr(const int xid, struct cifsTconInfo *tcon, - const int netfid, __u64 * pExtAttrBits, __u64 *pMask); + const int netfid, __u64 *pExtAttrBits, __u64 *pMask); #endif /* _CIFSPROTO_H */ diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 98ec57f..c4b32b7 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1944,7 +1944,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, srvTcp-tcpStatus = CifsNew; init_MUTEX(srvTcp-tcpSem); srvTcp-tsk = kthread_run((void *)(void *)cifs_demultiplex_thread, srvTcp, cifsd); - if ( IS_ERR(srvTcp-tsk) ) { + if (IS_ERR(srvTcp-tsk)) { rc = PTR_ERR(srvTcp-tsk); cERROR(1, (error %d create cifsd thread, rc)); srvTcp-tsk = NULL; diff --git a/fs/cifs/file.c b/fs/cifs/file.c index 82326d2..8025641 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -1087,11 +1087,11 @@ refind_writable: read_unlock(GlobalSMBSeslock); return open_file; } - + read_unlock(GlobalSMBSeslock); /* Had to unlock since following call can block */ rc = cifs_reopen_file(open_file-pfile, FALSE); - if (!rc) { + if (!rc) { if (!open_file-closePend) return open_file; else { /* start over in case this was deleted */ @@ -1114,7 +1114,7 @@ refind_writable: /* can not use this handle, no write pending on this one after all */ atomic_dec(open_file-wrtPending
[CIFS] Have CIFS_SessSetup build correct SPNEGO SessionSetup request
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2442421b176420eca7cb68c575fc221332f488d8 Commit: 2442421b176420eca7cb68c575fc221332f488d8 Parent: 8840dee9dc53883883c321d2811e9f87700d9350 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Nov 16 23:37:35 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Nov 16 23:37:35 2007 + [CIFS] Have CIFS_SessSetup build correct SPNEGO SessionSetup request Have CIFS_SessSetup call cifs_get_spnego_key when Kerberos is negotiated. Use the info in the key payload to build a session setup request packet. Also clean up how the request buffer in the function is freed on error. With appropriate user space helper (in samba/source/client). Kerberos support (secure session establishment can be done now via Kerberos, previously users would have to use NTLMv2 instead for more secure session setup). Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES|1 + fs/cifs/TODO |2 +- fs/cifs/cifsglob.h |1 + fs/cifs/sess.c | 91 ++-- 4 files changed, 77 insertions(+), 18 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 64dd222..e31aa74 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,6 +1,7 @@ Version 1.52 Fix oops on second mount to server when null auth is used. +Enable experimental Kerberos support Version 1.51 diff --git a/fs/cifs/TODO b/fs/cifs/TODO index 29d4b27..a8852c2 100644 --- a/fs/cifs/TODO +++ b/fs/cifs/TODO @@ -16,7 +16,7 @@ SecurityDescriptors c) Better pam/winbind integration (e.g. to handle uid mapping better) -d) Kerberos/SPNEGO session setup support - (started) +d) Verify that Kerberos signing works e) Cleanup now unneeded SessSetup code in fs/cifs/connect.c and add back in NTLMSSP code if any servers diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 3525082..1fde219 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -110,6 +110,7 @@ struct mac_key { unsigned int len; union { char ntlm[CIFS_SESS_KEY_SIZE + 16]; + char krb5[CIFS_SESS_KEY_SIZE + 16]; /* BB: length correct? */ struct { char key[16]; struct ntlmv2_resp resp; diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index ed01ef3..d0cb469 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -29,6 +29,7 @@ #include ntlmssp.h #include nterr.h #include linux/utsname.h +#include cifs_spnego.h extern void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); @@ -340,11 +341,12 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, SESSION_SETUP_ANDX *pSMB; __u32 capabilities; int count; - int resp_buf_type = 0; - struct kvec iov[2]; + int resp_buf_type; + struct kvec iov[3]; enum securityEnum type; __u16 action; int bytes_remaining; + struct key *spnego_key = NULL; if (ses == NULL) return -EINVAL; @@ -377,24 +379,32 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, capabilities = cifs_ssetup_hdr(ses, pSMB); - /* we will send the SMB in two pieces, - a fixed length beginning part, and a - second part which will include the strings - and rest of bcc area, in order to avoid having - to do a large buffer 17K allocation */ + /* we will send the SMB in three pieces: + a fixed length beginning part, an optional + SPNEGO blob (which can be zero length), and a + last part which will include the strings + and rest of bcc area. This allows us to avoid + a large buffer 17K allocation */ iov[0].iov_base = (char *)pSMB; iov[0].iov_len = smb_buf-smb_buf_length + 4; + /* setting this here allows the code at the end of the function + to free the request buffer if there's an error */ + resp_buf_type = CIFS_SMALL_BUFFER; + /* 2000 big enough to fit max user, domain, NOS name etc. */ str_area = kmalloc(2000, GFP_KERNEL); if (str_area == NULL) { - cifs_small_buf_release(smb_buf); - return -ENOMEM; + rc = -ENOMEM; + goto ssetup_exit; } bcc_ptr = str_area; ses-flags = ~CIFS_SES_LANMAN; + iov[1].iov_base = NULL; + iov[1].iov_len = 0; + if (type == LANMAN) { #ifdef CONFIG_CIFS_WEAK_PW_HASH char lnm_session_key[CIFS_SESS_KEY_SIZE]; @@ -463,8 +473,8 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, struct ntlmv2_resp */ if (v2_sess_key == NULL
[CIFS] Fix potential data corruption when writing out cached dirty pages
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea218054ad277d6c126890213afde07b4eb1602 Commit: cea218054ad277d6c126890213afde07b4eb1602 Parent: 2a97468024fb5b6eccee2a67a7796485c829343a Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Tue Nov 20 23:19:03 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Nov 20 23:19:03 2007 + [CIFS] Fix potential data corruption when writing out cached dirty pages Fix RedHat bug 329431 The idea here is separate conscious from unconscious flushes. Conscious flushes are those due to a fsync() or close(). Unconscious ones are flushes that occur as a side effect of some other operation or due to memory pressure. Currently, when an error occurs during an unconscious flush (ENOSPC or EIO), we toss out the page and don't preserve that error to report to the user when a conscious flush occurs. If after the unconscious flush, there are no more dirty pages for the inode, the conscious flush will simply return success even though there were previous errors when writing out pages. This can lead to data corruption. The easiest way to reproduce this is to mount up a CIFS share that's very close to being full or where the user is very close to quota. mv a file to the share that's slightly larger than the quota allows. The writes will all succeed (since they go to pagecache). The mv will do a setattr to set the new file's attributes. This calls filemap_write_and_wait, which will return an error since all of the pages can't be written out. Then later, when the flush and release ops occur, there are no more dirty pages in pagecache for the file and those operations return 0. mv then assumes that the file was written out correctly and deletes the original. CIFS already has a write_behind_rc variable where it stores the results from earlier flushes, but that value is only reported in cifs_close. Since the VFS ignores the return value from the release operation, this isn't helpful. We should be reporting this error during the flush operation. This patch does the following: 1) changes cifs_fsync to use filemap_write_and_wait and cifs_flush and also sync to check its return code. If it returns successful, they then check the value of write_behind_rc to see if an earlier flush had reported any errors. If so, they return that error and clear write_behind_rc. 2) sets write_behind_rc in a few other places where pages are written out as a side effect of other operations and the code waits on them. 3) changes cifs_setattr to only call filemap_write_and_wait for ATTR_SIZE changes. 4) makes cifs_writepages accurately distinguish between EIO and ENOSPC errors when writing out pages. Some simple testing indicates that the patch works as expected and that it fixes the reproduceable known problem. Acked-by: Dave Kleikamp [EMAIL PROTECTED] Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |4 +++- fs/cifs/README | 27 --- fs/cifs/cifsfs.c |7 +-- fs/cifs/file.c | 24 ++-- fs/cifs/inode.c | 26 -- 5 files changed, 58 insertions(+), 30 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index e31aa74..a609599 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,7 +1,9 @@ Version 1.52 Fix oops on second mount to server when null auth is used. -Enable experimental Kerberos support +Enable experimental Kerberos support. Return writebehind errors on flush +and sync so that events like out of disk space get reported properly on +cached files. Version 1.51 diff --git a/fs/cifs/README b/fs/cifs/README index b806b11..bf11329 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -225,12 +225,9 @@ If no password is provided, mount.cifs will prompt for password entry Restrictions -Servers must support the NTLM SMB dialect (which is the most recent, supported -by Samba and Windows NT version 4, 2000 and XP and many other SMB/CIFS servers) Servers must support either pure-TCP (port 445 TCP/IP CIFS connections) or RFC -1001/1002 support for Netbios-Over-TCP/IP. Neither of these is likely to be a -problem as most servers support this. IPv6 support is planned for the future, -and is almost complete. +1001/1002 support for Netbios-Over-TCP/IP. This is not likely to be a +problem as most servers support this. Valid filenames differ between Windows and Linux. Windows typically restricts filenames which contain certain reserved characters (e.g.the character : @@ -458,6 +455,8 @@ A partial list of the supported mount options follows: byte range locks). remount
[CIFS] remove build warning
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f7a44eadd5a03b8455c7caab402ce96811c6903d Commit: f7a44eadd5a03b8455c7caab402ce96811c6903d Parent: 2442421b176420eca7cb68c575fc221332f488d8 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sat Nov 17 00:01:51 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Nov 17 00:01:51 2007 + [CIFS] remove build warning CC: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_spnego.c |2 +- fs/cifs/cifs_spnego.h |1 + fs/cifs/cifsproto.h |1 - 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c index c466b56..1529d2b 100644 --- a/fs/cifs/cifs_spnego.c +++ b/fs/cifs/cifs_spnego.c @@ -67,7 +67,7 @@ struct key_type cifs_spnego_key_type = { }; #define MAX_VER_STR_LEN 9 /* length of longest version string e.g. - strlen(;ver=0xFF) */ + strlen(;ver=0xFF) */ #define MAX_MECH_STR_LEN 13 /* length of longest security mechanism name, eg in future could have strlen(;sec=ntlmsspi) */ #define MAX_IPV6_ADDR_LEN 42 /* eg FEDC:BA98:7654:3210:FEDC:BA98:7654:3210/60 */ diff --git a/fs/cifs/cifs_spnego.h b/fs/cifs/cifs_spnego.h index f443f3b..05a34b1 100644 --- a/fs/cifs/cifs_spnego.h +++ b/fs/cifs/cifs_spnego.h @@ -41,6 +41,7 @@ struct cifs_spnego_msg { #ifdef __KERNEL__ extern struct key_type cifs_spnego_key_type; +extern struct key *cifs_get_spnego_key(struct cifsSesInfo *sesInfo); #endif /* KERNEL */ #endif /* _CIFS_SPNEGO_H */ diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 3748104..8350eec 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -77,7 +77,6 @@ extern void header_assemble(struct smb_hdr *, char /* command */ , extern int small_smb_init_no_tc(const int smb_cmd, const int wct, struct cifsSesInfo *ses, void **request_buf); -extern struct key *cifs_get_spnego_key(struct cifsSesInfo *sesInfo); extern int CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, const int stage, const struct nls_table *nls_cp); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix spurious reconnect on 2nd peek from read of SMB length
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2a97468024fb5b6eccee2a67a7796485c829343a Commit: 2a97468024fb5b6eccee2a67a7796485c829343a Parent: f7a44eadd5a03b8455c7caab402ce96811c6903d Author: Petr Tesarik [EMAIL PROTECTED] AuthorDate: Tue Nov 20 02:24:08 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Nov 20 02:24:08 2007 + [CIFS] Fix spurious reconnect on 2nd peek from read of SMB length When retrying kernel_recvmsg() because of a short read, check returned length against the remaining length, not against total length. This avoids unneeded session reconnects which would otherwise occur when kernel_recvmsg() finally returns zero when asked to read zero bytes. Signed-off-by: Petr Tesarik [EMAIL PROTECTED] Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index c4b32b7..fd9147c 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -438,9 +438,9 @@ incomplete_rcv: csocket = server-ssocket; wake_up(server-response_q); continue; - } else if (length 4) { - cFYI(1, (less than four bytes received (%d bytes), - length)); + } else if (length pdu_length) { + cFYI(1, (requested %d bytes but only got %d bytes, + pdu_length, length)); pdu_length -= length; msleep(1); goto incomplete_rcv; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix check after use error in ACL code
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2b83457bded19cb57c5bdd59ebe16fe1a919c088 Commit: 2b83457bded19cb57c5bdd59ebe16fe1a919c088 Parent: 058250a0d5886b4d96a195ecc7e3a75e2df5e4b1 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sun Nov 25 10:01:00 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sun Nov 25 10:01:00 2007 + [CIFS] Fix check after use error in ACL code Spotted by the coverity scanner. CC: Adrian Bunk [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 13 +++-- 1 files changed, 7 insertions(+), 6 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index dabbce0..f02fdef 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -269,6 +269,13 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, /* BB need to add parm so we can store the SID BB */ + if (!pdacl) { + /* no DACL in the security descriptor, set + all the permissions for user/group/other */ + inode-i_mode |= S_IRWXUGO; + return; + } + /* validate that we do not go past end of acl */ if (end_of_acl (char *)pdacl + le16_to_cpu(pdacl-size)) { cERROR(1, (ACL too small to parse DACL)); @@ -286,12 +293,6 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, user/group/other have no permissions */ inode-i_mode = ~(S_IRWXUGO); - if (!pdacl) { - /* no DACL in the security descriptor, set - all the permissions for user/group/other */ - inode-i_mode |= S_IRWXUGO; - return; - } acl_base = (char *)pdacl; acl_size = sizeof(struct cifs_acl); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] ACL support part 5
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4879b44829d94a1f8facf90cced3c5f23c5a8c62 Commit: 4879b44829d94a1f8facf90cced3c5f23c5a8c62 Parent: c4ec20717313daafba59225f812db89595952b83 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Oct 19 21:57:39 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Oct 19 21:57:39 2007 + [CIFS] ACL support part 5 Acked-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 23 +++ fs/cifs/cifsproto.h |2 +- fs/cifs/inode.c |6 ++ 3 files changed, 30 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index e8e5635..e808304 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -129,6 +129,29 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) return (1); /* sids compare/match */ } +void get_mode_from_acl(struct inode * inode, const char * path) +{ + + if (inode == NULL) + return; + + /* find an open readable handle + if handle found +lock handle + else open file + if no open file can not hurt to check if path is null + GetCIFSACL + for all ACEs in ACL { + if U or G or O + inode-i_mode = parse_ace(file_type, UG or O, ace-perms, inode-i_mode) + else continue + } + if handle open close it + else unlock handle */ + + return; +} + static void parse_ace(struct cifs_ace *pace, char *end_of_acl) { diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 1a88366..7c445f8 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -92,7 +92,7 @@ extern int cifs_get_inode_info(struct inode **pinode, extern int cifs_get_inode_info_unix(struct inode **pinode, const unsigned char *search_path, struct super_block *sb, int xid); - +extern void get_mode_from_acl(struct inode * inode, const char * search_path); extern int cifs_mount(struct super_block *, struct cifs_sb_info *, char *, const char *); extern int cifs_umount(struct super_block *, struct cifs_sb_info *); diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index 5e8b388..9a5c0c9 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -527,6 +527,12 @@ int cifs_get_inode_info(struct inode **pinode, /* BB fill in uid and gid here? with help from winbind? or retrieve from NTFS stream extended attribute */ +#ifdef CONFIG_CIFS_EXPERIMENTAL + if (cifs_sb-mnt_cifs_flags CIFS_MOUNT_CIFS_ACL) { + cFYI(1, (Getting mode bits from ACL)); + get_mode_from_acl(inode, search_path); + } +#endif if (cifs_sb-mnt_cifs_flags CIFS_MOUNT_UNX_EMUL) { /* fill in uid, gid, mode from server ACL */ /* BB FIXME this should also take into account the - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] remove unused funtion compile warning when experimental off
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c94897790e7c67dcfe3a0b6f035996398c268313 Commit: c94897790e7c67dcfe3a0b6f035996398c268313 Parent: 7efb35af738e96565934cc640d863eb18dba0206 Author: Parag Warudkar [EMAIL PROTECTED] AuthorDate: Tue Oct 23 18:09:48 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 23 18:09:48 2007 + [CIFS] remove unused funtion compile warning when experimental off get rid of couple of unused function warnings which show up when CONFIG_CIFS_EXPERIMENTAL is not defined - wrap them in #ifdef CONFIG_CIFS_EXPERIMENTAL. Patch against current git. Signed-off-by: Parag Warudkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifssmb.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index f0d9a48..61d24f6 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -2486,6 +2486,7 @@ querySymLinkRetry: return rc; } +#ifdef CONFIG_CIFS_EXPERIMENTAL /* Initialize NT TRANSACT SMB into small smb request buffer. This assumes that all NT TRANSACTS that we init here have total parm and data under about 400 bytes (to fit in small cifs @@ -2569,6 +2570,7 @@ validate_ntransact(char *buf, char **ppparm, char **ppdata, } return 0; } +#endif /* CIFS_EXPERIMENTAL */ int CIFSSMBQueryReparseLinkInfo(const int xid, struct cifsTconInfo *tcon, - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] acl support part 6
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=44093ca2fef3c52dc7d186116862d74f9a676e0f Commit: 44093ca2fef3c52dc7d186116862d74f9a676e0f Parent: c94897790e7c67dcfe3a0b6f035996398c268313 Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Oct 23 21:22:55 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 23 21:22:55 2007 + [CIFS] acl support part 6 CC: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 79 - fs/cifs/cifsacl.h | 12 ++-- fs/cifs/dir.c |2 +- 3 files changed, 28 insertions(+), 65 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index e808304..154cb84 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -38,8 +38,8 @@ static struct cifs_wksid wksidarr[NUM_WK_SIDS] = { {{1, 1, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(18), 0, 0, 0, 0} }, sys}, {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(544), 0, 0, 0} }, root}, {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(545), 0, 0, 0} }, users}, - {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(546), 0, 0, 0} }, guest} -}; + {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(546), 0, 0, 0} }, guest} } +; /* security id for everyone */ @@ -131,6 +131,8 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) void get_mode_from_acl(struct inode * inode, const char * path) { + + cFYI(1, (get mode from ACL for %s, path)); if (inode == NULL) return; @@ -159,50 +161,36 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) /* validate that we do not go past end of acl */ - /* XXX this if statement can be removed - if (end_of_acl (char *)pace + sizeof(struct cifs_ace)) { + if (le16_to_cpu(pace-size) 16) { + cERROR(1, (ACE too small, %d, le16_to_cpu(pace-size))); + return; + } + + if (end_of_acl (char *)pace + le16_to_cpu(pace-size)) { cERROR(1, (ACL too small to parse ACE)); return; - } */ + } - num_subauth = pace-num_subauth; + num_subauth = pace-sid.num_subauth; if (num_subauth) { #ifdef CONFIG_CIFS_DEBUG2 int i; - cFYI(1, (ACE revision %d num_subauth %d, - pace-revision, pace-num_subauth)); + cFYI(1, (ACE revision %d num_auth %d type %d flags %d size %d, + pace-sid.revision, pace-sid.num_subauth, pace-type, + pace-flags, pace-size)); for (i = 0; i num_subauth; ++i) { cFYI(1, (ACE sub_auth[%d]: 0x%x, i, - le32_to_cpu(pace-sub_auth[i]))); + le32_to_cpu(pace-sid.sub_auth[i]))); } /* BB add length check to make sure that we do not have huge num auths and therefore go off the end */ - - cFYI(1, (RID %d, le32_to_cpu(pace-sub_auth[num_subauth-1]))); #endif } return; } -static void parse_ntace(struct cifs_ntace *pntace, char *end_of_acl) -{ - /* validate that we do not go past end of acl */ - if (end_of_acl (char *)pntace + sizeof(struct cifs_ntace)) { - cERROR(1, (ACL too small to parse NT ACE)); - return; - } - -#ifdef CONFIG_CIFS_DEBUG2 - cFYI(1, (NTACE type %d flags 0x%x size %d, access Req 0x%x, - pntace-type, pntace-flags, pntace-size, - pntace-access_req)); -#endif - return; -} - - static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, struct cifs_sid *pownersid, struct cifs_sid *pgrpsid) @@ -211,7 +199,6 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, int num_aces = 0; int acl_size; char *acl_base; - struct cifs_ntace **ppntace; struct cifs_ace **ppace; /* BB need to add parm so we can store the SID BB */ @@ -233,45 +220,27 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, num_aces = le32_to_cpu(pdacl-num_aces); if (num_aces 0) { - ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *), - GFP_KERNEL); ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), GFP_KERNEL); /* cifscred-cecount = pdacl-num_aces; - cifscred-ntaces = kmalloc(num_aces * - sizeof(struct cifs_ntace *), GFP_KERNEL); cifscred-aces = kmalloc(num_aces * sizeof(struct cifs_ace *), GFP_KERNEL);*/ for (i = 0; i num_aces; ++i
[CIFS] acl support part 6
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=630f3f0c45a80ab907d216191ef4a205c249fa1b Commit: 630f3f0c45a80ab907d216191ef4a205c249fa1b Parent: 44093ca2fef3c52dc7d186116862d74f9a676e0f Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Oct 25 21:17:17 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Oct 25 21:17:17 2007 + [CIFS] acl support part 6 Acked-by: Shirish Pargaonkar [EMAIL PROTECTED] CC: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c| 91 +++--- fs/cifs/cifsproto.h |9 +++-- fs/cifs/cifssmb.c| 55 ++ fs/cifs/file.c | 31 + fs/cifs/inode.c |2 +- fs/cifs/md5.c|8 ++-- fs/cifs/misc.c | 10 +++--- fs/cifs/netmisc.c| 12 +++--- fs/cifs/smbencrypt.c |4 +- fs/cifs/xattr.c |7 ++-- 10 files changed, 169 insertions(+), 60 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 154cb84..14200bd 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -97,7 +97,7 @@ int match_sid(struct cifs_sid *ctsid) /* if the two SIDs (roughly equivalent to a UUID for a user or group) are the same returns 1, if they do not match returns 0 */ -int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) +int compare_sids(const struct cifs_sid *ctsid, const struct cifs_sid *cwsid) { int i; int num_subauth, num_sat, num_saw; @@ -129,28 +129,77 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) return (1); /* sids compare/match */ } -void get_mode_from_acl(struct inode * inode, const char * path) +/* + change posix mode to reflect permissions + pmode is the existing mode (we only want to overwrite part of this + bits to set can be: S_IRWXU, S_IRWXG or S_IRWXO ie 00700 or 00070 or 7 +*/ +static void access_flags_to_mode(__u32 access_flags, umode_t * pmode, +umode_t bits_to_set) +{ + +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (access flags 0x%x mode now 0x%x, access_flags, *pmode); +#endif + + return; +} + +/* Translate the CIFS ACL (simlar to NTFS ACL) for a file into mode bits */ + +void acl_to_uid_mode(struct inode *inode, const char *path) { + struct cifsFileInfo *open_file; + int unlock_file = FALSE; + int xid; + int rc = -EIO; + __u16 fid; + struct super_block *sb; + struct cifs_sb_info *cifs_sb; cFYI(1, (get mode from ACL for %s, path)); if (inode == NULL) return; - /* find an open readable handle - if handle found -lock handle - else open file - if no open file can not hurt to check if path is null - GetCIFSACL - for all ACEs in ACL { - if U or G or O - inode-i_mode = parse_ace(file_type, UG or O, ace-perms, inode-i_mode) - else continue - } - if handle open close it - else unlock handle */ + xid = GetXid(); + open_file = find_readable_file(CIFS_I(inode)); + if (open_file) { + unlock_file = TRUE; + fid = open_file-netfid; + } else { + int oplock = FALSE; + /* open file */ + sb = inode-i_sb; + if (sb == NULL) { + FreeXid(xid); + return; + } + cifs_sb = CIFS_SB(sb); + rc = CIFSSMBOpen(xid, cifs_sb-tcon, path, FILE_OPEN, + GENERIC_READ, 0, fid, oplock, NULL, + cifs_sb-local_nls, cifs_sb-mnt_cifs_flags + CIFS_MOUNT_MAP_SPECIAL_CHR); + if (rc != 0) { + cERROR(1, (Unable to open file to get ACL)); + FreeXid(xid); + return; + } + } + + /* rc = CIFSSMBGetCIFSACL(xid, cifs_sb-tcon, fid, pntsd, acllen, + ACL_TYPE_ACCESS); */ + + if (unlock_file == TRUE) + atomic_dec(open_file-wrtPending); + else + CIFSSMBClose(xid, cifs_sb-tcon, fid); + +/* parse ACEs e.g. + rc = parse_sec_desc(pntsd, acllen, inode); +*/ + FreeXid(xid); return; } @@ -193,7 +242,8 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, - struct cifs_sid *pownersid, struct cifs_sid *pgrpsid) + struct cifs_sid *pownersid, struct cifs_sid *pgrpsid + struct inode *inode) { int i; int num_aces = 0; @@ -281,7 +331,8 @@ static int
[CIFS] acl support part 7
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d61e5808d9a4e7c7f25914ceae50664a6454c3ca Commit: d61e5808d9a4e7c7f25914ceae50664a6454c3ca Parent: 630f3f0c45a80ab907d216191ef4a205c249fa1b Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Oct 26 04:32:43 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Oct 26 04:32:43 2007 + [CIFS] acl support part 7 Also fixes typo, build break Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 21 ++--- fs/cifs/cifsacl.h |2 +- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 14200bd..3a2d67b 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -134,14 +134,29 @@ int compare_sids(const struct cifs_sid *ctsid, const struct cifs_sid *cwsid) pmode is the existing mode (we only want to overwrite part of this bits to set can be: S_IRWXU, S_IRWXG or S_IRWXO ie 00700 or 00070 or 7 */ -static void access_flags_to_mode(__u32 access_flags, umode_t * pmode, +static void access_flags_to_mode(__u32 ace_flags, umode_t *pmode, umode_t bits_to_set) { + *pmode = ~bits_to_set; + + if (ace_flags GENERIC_ALL) { + *pmode |= (S_IRWXUGO bits_to_set); #ifdef CONFIG_CIFS_DEBUG2 - cFYI(1, (access flags 0x%x mode now 0x%x, access_flags, *pmode); + cFYI(1, (all perms)); #endif + return; + } + if ((ace_flags GENERIC_WRITE) || (ace_flags FILE_WRITE_RIGHTS)) + *pmode |= (S_IWUGO bits_to_set); + if ((ace_flags GENERIC_READ) || (ace_flags FILE_READ_RIGHTS)) + *pmode |= (S_IRUGO bits_to_set); + if ((ace_flags GENERIC_EXECUTE) || (ace_flags FILE_EXEC_RIGHTS)) + *pmode |= (S_IXUGO bits_to_set); +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (access flags 0x%x mode now 0x%x, ace_flags, *pmode); +#endif return; } @@ -242,7 +257,7 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, - struct cifs_sid *pownersid, struct cifs_sid *pgrpsid + struct cifs_sid *pownersid, struct cifs_sid *pgrpsid, struct inode *inode) { int i; diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 06d5200..30b0caf 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -73,7 +73,7 @@ struct cifs_wksid { #ifdef CONFIG_CIFS_EXPERIMENTAL extern int match_sid(struct cifs_sid *); -extern int compare_sids(struct cifs_sid *, struct cifs_sid *); +extern int compare_sids(const struct cifs_sid *, const struct cifs_sid *); #endif /* CONFIG_CIFS_EXPERIMENTAL */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] enable get mode from ACL when cifsacl mount option specified
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e01b64001359034d04c695388870936ed3d1b56b Commit: e01b64001359034d04c695388870936ed3d1b56b Parent: b9c7a2bb1e57f571d3b0763bdce1ce15510a7b78 Author: Shirish Pargaonkar [EMAIL PROTECTED] AuthorDate: Tue Oct 30 04:45:14 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 30 04:45:14 2007 + [CIFS] enable get mode from ACL when cifsacl mount option specified Part 9 of ACL patch series. getting mode from ACL now works in some cases (and requires CIFS_EXPERIMENTAL config option). Signed-off-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |4 +++- fs/cifs/cifsacl.c | 28 +--- 2 files changed, 24 insertions(+), 8 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 3d41916..c65c9da 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -12,7 +12,9 @@ leak that causes cifsd not to stop and rmmod to fail to cleanup cifs_request_buffers pool. Fix problem with POSIX Open/Mkdir on bigendian architectures. Fix possible memory corruption when EAGAIN returned on kern_recvmsg. Return better error if server -requires packet signing but client has disabled it. +requires packet signing but client has disabled it. When mounted +with cifsacl mount option - mode bits are approximated based +on the contents of the files ACL. Version 1.50 diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index cad2da3..629b96c 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -43,8 +43,8 @@ static struct cifs_wksid wksidarr[NUM_WK_SIDS] = { /* security id for everyone */ -static const struct cifs_sid sid_everyone = - {1, 1, {0, 0, 0, 0, 0, 0}, {} }; +static const struct cifs_sid sid_everyone = { + 1, 1, {0, 0, 0, 0, 0, 1}, {0} }; /* group users */ static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} }; @@ -138,8 +138,6 @@ static void access_flags_to_mode(__u32 ace_flags, umode_t *pmode, umode_t bits_to_set) { - *pmode = ~bits_to_set; - if (ace_flags GENERIC_ALL) { *pmode |= (S_IRWXUGO bits_to_set); #ifdef CONFIG_CIFS_DEBUG2 @@ -147,11 +145,14 @@ static void access_flags_to_mode(__u32 ace_flags, umode_t *pmode, #endif return; } - if ((ace_flags GENERIC_WRITE) || (ace_flags FILE_WRITE_RIGHTS)) + if ((ace_flags GENERIC_WRITE) || + ((ace_flags FILE_WRITE_RIGHTS) == FILE_WRITE_RIGHTS)) *pmode |= (S_IWUGO bits_to_set); - if ((ace_flags GENERIC_READ) || (ace_flags FILE_READ_RIGHTS)) + if ((ace_flags GENERIC_READ) || + ((ace_flags FILE_READ_RIGHTS) == FILE_READ_RIGHTS)) *pmode |= (S_IRUGO bits_to_set); - if ((ace_flags GENERIC_EXECUTE) || (ace_flags FILE_EXEC_RIGHTS)) + if ((ace_flags GENERIC_EXECUTE) || + ((ace_flags FILE_EXEC_RIGHTS) == FILE_EXEC_RIGHTS)) *pmode |= (S_IXUGO bits_to_set); #ifdef CONFIG_CIFS_DEBUG2 @@ -234,11 +235,24 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, cifscred-aces = kmalloc(num_aces * sizeof(struct cifs_ace *), GFP_KERNEL);*/ + /* reset rwx permissions for user/group/other */ + inode-i_mode = ~(S_IRWXUGO); + for (i = 0; i num_aces; ++i) { ppace[i] = (struct cifs_ace *) (acl_base + acl_size); parse_ace(ppace[i], end_of_acl); + if (compare_sids((ppace[i]-sid), pownersid)) + access_flags_to_mode(ppace[i]-access_req, + (inode-i_mode), S_IRWXU); + if (compare_sids((ppace[i]-sid), pgrpsid)) + access_flags_to_mode(ppace[i]-access_req, + (inode-i_mode), S_IRWXG); + if (compare_sids((ppace[i]-sid), sid_everyone)) + access_flags_to_mode(ppace[i]-access_req, + (inode-i_mode), S_IRWXO); + /* memcpy((void *)((cifscred-aces[i])), (void *)ppace[i], sizeof(struct cifs_ace)); */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Don't request too much permission when reading an ACL
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=953f868138dbf4300196780379476ab9f07f263a Commit: 953f868138dbf4300196780379476ab9f07f263a Parent: e01b64001359034d04c695388870936ed3d1b56b Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 31 04:54:42 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 31 04:54:42 2007 + [CIFS] Don't request too much permission when reading an ACL We were requesting GENERIC_READ but that fails when we do not have read permission on the file (even if we could read the ACL). Also move the dump access control entry code into debug ifdef. Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 32 +--- fs/cifs/cifspdu.h | 17 + fs/cifs/cifsproto.h |2 ++ fs/cifs/inode.c |9 - 4 files changed, 48 insertions(+), 12 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 629b96c..f1215df 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -162,7 +162,8 @@ static void access_flags_to_mode(__u32 ace_flags, umode_t *pmode, } -static void parse_ace(struct cifs_ace *pace, char *end_of_acl) +#ifdef CONFIG_CIFS_DEBUG2 +static void dump_ace(struct cifs_ace *pace, char *end_of_acl) { int num_subauth; @@ -180,7 +181,6 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) num_subauth = pace-sid.num_subauth; if (num_subauth) { -#ifdef CONFIG_CIFS_DEBUG2 int i; cFYI(1, (ACE revision %d num_auth %d type %d flags %d size %d, pace-sid.revision, pace-sid.num_subauth, pace-type, @@ -192,11 +192,11 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) /* BB add length check to make sure that we do not have huge num auths and therefore go off the end */ -#endif } return; } +#endif static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, @@ -240,9 +240,9 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, for (i = 0; i num_aces; ++i) { ppace[i] = (struct cifs_ace *) (acl_base + acl_size); - - parse_ace(ppace[i], end_of_acl); - +#ifdef CONFIG_CIFS_DEBUG2 + dump_ace(ppace[i], end_of_acl); +#endif if (compare_sids((ppace[i]-sid), pownersid)) access_flags_to_mode(ppace[i]-access_req, (inode-i_mode), S_IRWXU); @@ -385,7 +385,7 @@ void acl_to_uid_mode(struct inode *inode, const char *path) int oplock = FALSE; /* open file */ rc = CIFSSMBOpen(xid, cifs_sb-tcon, path, FILE_OPEN, - GENERIC_READ, 0, fid, oplock, NULL, + READ_CONTROL, 0, fid, oplock, NULL, cifs_sb-local_nls, cifs_sb-mnt_cifs_flags CIFS_MOUNT_MAP_SPECIAL_CHR); if (rc != 0) { @@ -409,4 +409,22 @@ void acl_to_uid_mode(struct inode *inode, const char *path) FreeXid(xid); return; } + +int mode_to_acl(struct inode *inode, const char *path) +{ + int rc = 0; + __u32 acllen = 0; + struct cifs_ntsd *pntsd = NULL; + + cFYI(1, (set ACL from mode for %s, path)); + + /* Get the security descriptor */ + + /* Add/Modify the three ACEs for owner, group, everyone */ + + /* Set the security descriptor */ + kfree(pntsd); + + return rc; +} #endif /* CONFIG_CIFS_EXPERIMENTAL */ diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index c41ff74..07464b6 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h @@ -220,6 +220,23 @@ | FILE_WRITE_EA | FILE_WRITE_ATTRIBUTES) #define FILE_EXEC_RIGHTS (FILE_EXECUTE) +#define SET_FILE_READ_RIGHTS (FILE_READ_DATA | FILE_READ_EA | FILE_WRITE_EA \ + | FILE_READ_ATTRIBUTES \ + | FILE_WRITE_ATTRIBUTES \ + | DELETE | READ_CONTROL | WRITE_DAC \ + | WRITE_OWNER | SYNCHRONIZE) +#define SET_FILE_WRITE_RIGHTS (FILE_WRITE_DATA | FILE_APPEND_DATA \ + | FILE_READ_EA | FILE_WRITE_EA \ + | FILE_DELETE_CHILD | FILE_READ_ATTRIBUTES \ + | FILE_WRITE_ATTRIBUTES \ + | DELETE | READ_CONTROL | WRITE_DAC \ + | WRITE_OWNER | SYNCHRONIZE) +#define SET_FILE_EXEC_RIGHTS (FILE_READ_EA | FILE_WRITE_EA | FILE_EXECUTE \ + | FILE_READ_ATTRIBUTES \ + | FILE_WRITE_ATTRIBUTES \ + | DELETE
[CIFS] when mount helper missing fix slash wrong direction in share
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1fb64bfc45b9ee5092b72474a5df216b8a0c7ff9 Commit: 1fb64bfc45b9ee5092b72474a5df216b8a0c7ff9 Parent: 953f868138dbf4300196780379476ab9f07f263a Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Nov 1 02:12:10 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Nov 1 02:12:10 2007 + [CIFS] when mount helper missing fix slash wrong direction in share Kernel bugzilla bug #9228 If mount helper (mount.cifs) missing, mounts with form like //10.11.12.13/c$ would not work (only mounts with slash e.g. //10.11.12.13\\c$ would work) due to problem with slash supposed to be converted to backslash by the mount helper (which is not there). If we fail on converting an IPv4 address in in4_pton then try to canonicalize the first slash (ie between sharename and host ip address) if necessary. If we have to retry to check for IPv6 address the slash is already converted if necessary. Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |5 - fs/cifs/netmisc.c | 40 +++- 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index c65c9da..6d3e736 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -14,7 +14,10 @@ bigendian architectures. Fix possible memory corruption when EAGAIN returned on kern_recvmsg. Return better error if server requires packet signing but client has disabled it. When mounted with cifsacl mount option - mode bits are approximated based -on the contents of the files ACL. +on the contents of the ACL of the file or directory. When cifs +mount helper is missing convert make sure that UNC name +has backslash (not forward slash) between ip address of server +and the share name. Version 1.50 diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c index 4d35c03..e1704da 100644 --- a/fs/cifs/netmisc.c +++ b/fs/cifs/netmisc.c @@ -132,6 +132,34 @@ static const struct smb_to_posix_error mapping_table_ERRHRD[] = { {0, 0} }; + +/* if the mount helper is missing we need to reverse the 1st slash + from '/' to backslash in order to format the UNC properly for + ip address parsing and for tree connect (unless the user + remembered to put the UNC name in properly). Fortunately we do + not have to call this twice (we check for IPv4 addresses + first, so it is already converted by the time we + try IPv6 addresses */ +static int canonicalize_unc(char *cp) +{ + int i; + + for (i = 0; i = 46 /* INET6_ADDRSTRLEN */ ; i++) { + if (cp[i] == 0) + break; + if (cp[i] == '\\') + break; + if (cp[i] == '/') { +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (change slash to backslash in malformed UNC)); +#endif + cp[i] = '\\'; + return 1; + } + } + return 0; +} + /* Convert string containing dotted ip address to binary form */ /* returns 0 if invalid address */ @@ -141,11 +169,13 @@ cifs_inet_pton(int address_family, char *cp, void *dst) int ret = 0; /* calculate length by finding first slash or NULL */ - /* BB Should we convert '/' slash to '\' here since it seems already -* done before this */ - if ( address_family == AF_INET ) { - ret = in4_pton(cp, -1 /* len */, dst , '\\', NULL); - } else if ( address_family == AF_INET6 ) { + if (address_family == AF_INET) { + ret = in4_pton(cp, -1 /* len */, dst, '\\', NULL); + if (ret == 0) { + if (canonicalize_unc(cp)) + ret = in4_pton(cp, -1, dst, '\\', NULL); + } + } else if (address_family == AF_INET6) { ret = in6_pton(cp, -1 /* len */, dst , '\\', NULL); } #ifdef CONFIG_CIFS_DEBUG2 - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] If no Access Control Entries, set mode perm bits to zero
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7505e0525c914cdfdb54f43a7e70f038a16a5486 Commit: 7505e0525c914cdfdb54f43a7e70f038a16a5486 Parent: 1fb64bfc45b9ee5092b72474a5df216b8a0c7ff9 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Nov 1 18:03:01 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Nov 1 18:03:01 2007 + [CIFS] If no Access Control Entries, set mode perm bits to zero Also clean up ACL code Acked-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 77 +--- fs/cifs/cifspdu.h | 23 fs/cifs/connect.c |2 +- 3 files changed, 79 insertions(+), 23 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index f1215df..bd75a3b 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -223,6 +223,17 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, le32_to_cpu(pdacl-num_aces))); #endif + /* reset rwx permissions for user/group/other. + Also, if num_aces is 0 i.e. DACL has no ACEs, + user/group/other have no permissions */ + inode-i_mode = ~(S_IRWXUGO); + + if (!pdacl) { + /* no DACL in the security descriptor, set + all the permissions for user/group/other */ + inode-i_mode |= S_IRWXUGO; + return; + } acl_base = (char *)pdacl; acl_size = sizeof(struct cifs_acl); @@ -235,9 +246,6 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, cifscred-aces = kmalloc(num_aces * sizeof(struct cifs_ace *), GFP_KERNEL);*/ - /* reset rwx permissions for user/group/other */ - inode-i_mode = ~(S_IRWXUGO); - for (i = 0; i num_aces; ++i) { ppace[i] = (struct cifs_ace *) (acl_base + acl_size); #ifdef CONFIG_CIFS_DEBUG2 @@ -309,6 +317,7 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, struct cifs_sid *owner_sid_ptr, *group_sid_ptr; struct cifs_acl *dacl_ptr; /* no need for SACL ptr */ char *end_of_acl = ((char *)pntsd) + acl_len; + __u32 dacloffset; if ((inode == NULL) || (pntsd == NULL)) return -EIO; @@ -317,15 +326,14 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, le32_to_cpu(pntsd-osidoffset)); group_sid_ptr = (struct cifs_sid *)((char *)pntsd + le32_to_cpu(pntsd-gsidoffset)); - dacl_ptr = (struct cifs_acl *)((char *)pntsd + - le32_to_cpu(pntsd-dacloffset)); + dacloffset = le32_to_cpu(pntsd-dacloffset); + dacl_ptr = (struct cifs_acl *)(char *)pntsd + dacloffset; #ifdef CONFIG_CIFS_DEBUG2 cFYI(1, (revision %d type 0x%x ooffset 0x%x goffset 0x%x sacloffset 0x%x dacloffset 0x%x, pntsd-revision, pntsd-type, le32_to_cpu(pntsd-osidoffset), le32_to_cpu(pntsd-gsidoffset), -le32_to_cpu(pntsd-sacloffset), -le32_to_cpu(pntsd-dacloffset))); +le32_to_cpu(pntsd-sacloffset), dacloffset)); #endif /* cifs_dump_mem(owner_sid: , owner_sid_ptr, 64); */ rc = parse_sid(owner_sid_ptr, end_of_acl); @@ -336,7 +344,11 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, if (rc) return rc; - parse_dacl(dacl_ptr, end_of_acl, owner_sid_ptr, group_sid_ptr, inode); + if (dacloffset) + parse_dacl(dacl_ptr, end_of_acl, owner_sid_ptr, + group_sid_ptr, inode); + else + cFYI(1, (no ACL)); /* BB grant all or default perms? */ /* cifscred-uid = owner_sid_ptr-rid; cifscred-gid = group_sid_ptr-rid; @@ -350,9 +362,9 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, } -/* Translate the CIFS ACL (simlar to NTFS ACL) for a file into mode bits */ - -void acl_to_uid_mode(struct inode *inode, const char *path) +/* Retrieve an ACL from the server */ +static struct cifs_ntsd *get_cifs_acl(u32 *pacllen, struct inode *inode, + const char *path) { struct cifsFileInfo *open_file; int unlock_file = FALSE; @@ -362,19 +374,18 @@ void acl_to_uid_mode(struct inode *inode, const char *path) struct super_block *sb; struct cifs_sb_info *cifs_sb; struct cifs_ntsd *pntsd = NULL; - __u32 acllen; cFYI(1, (get mode from ACL for %s, path)); if (inode == NULL) - return; + return NULL; xid = GetXid(); open_file = find_readable_file(CIFS_I(inode)); sb = inode-i_sb; if (sb == NULL) { FreeXid(xid
[CIFS] ACL support part 8
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9c7a2bb1e57f571d3b0763bdce1ce15510a7b78 Commit: b9c7a2bb1e57f571d3b0763bdce1ce15510a7b78 Parent: d61e5808d9a4e7c7f25914ceae50664a6454c3ca Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Oct 26 23:40:20 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Oct 26 23:40:20 2007 + [CIFS] ACL support part 8 Now GetACL in getinodeinfo path when cifsacl mount option used, and ACL is parsed for SIDs. Missing only one piece now to be able to retrieve the mode Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 133 - fs/cifs/cifssmb.c |6 +- 2 files changed, 73 insertions(+), 66 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 3a2d67b..cad2da3 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -155,69 +155,11 @@ static void access_flags_to_mode(__u32 ace_flags, umode_t *pmode, *pmode |= (S_IXUGO bits_to_set); #ifdef CONFIG_CIFS_DEBUG2 - cFYI(1, (access flags 0x%x mode now 0x%x, ace_flags, *pmode); + cFYI(1, (access flags 0x%x mode now 0x%x, ace_flags, *pmode)); #endif return; } -/* Translate the CIFS ACL (simlar to NTFS ACL) for a file into mode bits */ - -void acl_to_uid_mode(struct inode *inode, const char *path) -{ - struct cifsFileInfo *open_file; - int unlock_file = FALSE; - int xid; - int rc = -EIO; - __u16 fid; - struct super_block *sb; - struct cifs_sb_info *cifs_sb; - - cFYI(1, (get mode from ACL for %s, path)); - - if (inode == NULL) - return; - - xid = GetXid(); - open_file = find_readable_file(CIFS_I(inode)); - if (open_file) { - unlock_file = TRUE; - fid = open_file-netfid; - } else { - int oplock = FALSE; - /* open file */ - sb = inode-i_sb; - if (sb == NULL) { - FreeXid(xid); - return; - } - cifs_sb = CIFS_SB(sb); - rc = CIFSSMBOpen(xid, cifs_sb-tcon, path, FILE_OPEN, - GENERIC_READ, 0, fid, oplock, NULL, - cifs_sb-local_nls, cifs_sb-mnt_cifs_flags - CIFS_MOUNT_MAP_SPECIAL_CHR); - if (rc != 0) { - cERROR(1, (Unable to open file to get ACL)); - FreeXid(xid); - return; - } - } - - /* rc = CIFSSMBGetCIFSACL(xid, cifs_sb-tcon, fid, pntsd, acllen, - ACL_TYPE_ACCESS); */ - - if (unlock_file == TRUE) - atomic_dec(open_file-wrtPending); - else - CIFSSMBClose(xid, cifs_sb-tcon, fid); - -/* parse ACEs e.g. - rc = parse_sec_desc(pntsd, acllen, inode); -*/ - - FreeXid(xid); - return; -} - static void parse_ace(struct cifs_ace *pace, char *end_of_acl) { @@ -314,12 +256,12 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, static int parse_sid(struct cifs_sid *psid, char *end_of_acl) { - /* BB need to add parm so we can store the SID BB */ - /* validate that we do not go past end of acl */ - if (end_of_acl (char *)psid + sizeof(struct cifs_sid)) { - cERROR(1, (ACL too small to parse SID)); + /* validate that we do not go past end of ACL - sid must be at least 8 + bytes long (assuming no sub-auths - e.g. the null SID */ + if (end_of_acl (char *)psid + 8) { + cERROR(1, (ACL too small to parse SID %p, psid)); return -EINVAL; } @@ -354,6 +296,9 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, struct cifs_acl *dacl_ptr; /* no need for SACL ptr */ char *end_of_acl = ((char *)pntsd) + acl_len; + if ((inode == NULL) || (pntsd == NULL)) + return -EIO; + owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + le32_to_cpu(pntsd-osidoffset)); group_sid_ptr = (struct cifs_sid *)((char *)pntsd + @@ -368,6 +313,7 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, le32_to_cpu(pntsd-sacloffset), le32_to_cpu(pntsd-dacloffset))); #endif +/* cifs_dump_mem(owner_sid: , owner_sid_ptr, 64); */ rc = parse_sid(owner_sid_ptr, end_of_acl); if (rc) return rc; @@ -388,4 +334,65 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, return (0); } + + +/* Translate the CIFS ACL (simlar to NTFS ACL) for a file into mode bits */ + +void acl_to_uid_mode(struct inode *inode, const char *path) +{ + struct cifsFileInfo *open_file; + int
[CIFS] implement upcalls for SPNEGO blob via keyctl API
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=09fe7ba78dedb9017401ed555ecc4435c99a7556 Commit: 09fe7ba78dedb9017401ed555ecc4435c99a7556 Parent: 745542e210b3b15751ea9d511321924ac36b85db Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Sat Nov 3 04:48:29 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Nov 3 04:48:29 2007 + [CIFS] implement upcalls for SPNEGO blob via keyctl API Add routines to handle upcalls to userspace via keyctl for the purpose of getting a SPNEGO blob for a particular uid and server combination. Clean up the Makefile a bit and set it up to only compile cifs_spnego if CONFIG_CIFS_UPCALL is set. Also change CONFIG_CIFS_UPCALL to depend on CONFIG_KEYS rather than CONFIG_CONNECTOR. cifs_spnego.h defines the communications between kernel and userspace and is intended to be shared with userspace programs. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/Kconfig |2 +- fs/cifs/Makefile|7 ++- fs/cifs/cifsproto.h |2 ++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/fs/Kconfig b/fs/Kconfig index cc28a69..e431c38 100644 --- a/fs/Kconfig +++ b/fs/Kconfig @@ -2007,7 +2007,7 @@ config CIFS_EXPERIMENTAL config CIFS_UPCALL bool Kerberos/SPNEGO advanced session setup (EXPERIMENTAL) depends on CIFS_EXPERIMENTAL - depends on CONNECTOR + depends on KEYS help Enables an upcall mechanism for CIFS which will be used to contact userspace helper utilities to provide SPNEGO packaged Kerberos diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile index ff6ba8d..45e42fb 100644 --- a/fs/cifs/Makefile +++ b/fs/cifs/Makefile @@ -3,4 +3,9 @@ # obj-$(CONFIG_CIFS) += cifs.o -cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o cifsacl.o +cifs-y := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o \ + link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o \ + md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o \ + readdir.o ioctl.o sess.o export.o cifsacl.o + +cifs-$(CONFIG_CIFS_UPCALL) += cifs_spnego.o diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 1ffe255..dd1d7c2 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -76,6 +76,8 @@ extern void header_assemble(struct smb_hdr *, char /* command */ , extern int small_smb_init_no_tc(const int smb_cmd, const int wct, struct cifsSesInfo *ses, void **request_buf); +extern struct key *cifs_get_spnego_key(struct cifsSesInfo *sesInfo, + const char *hostname); extern int CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, const int stage, const struct nls_table *nls_cp); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Register and unregister cifs_spnego_key_type on module init/exit
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=84a15b935481fa651cc6ec60aed015312b67adda Commit: 84a15b935481fa651cc6ec60aed015312b67adda Parent: 09fe7ba78dedb9017401ed555ecc4435c99a7556 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Sat Nov 3 05:02:24 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Nov 3 05:02:24 2007 + [CIFS] Register and unregister cifs_spnego_key_type on module init/exit Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsfs.c | 16 ++-- 1 files changed, 14 insertions(+), 2 deletions(-) diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index a6fbea5..94c0f55 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -43,6 +43,7 @@ #include cifs_debug.h #include cifs_fs_sb.h #include linux/mm.h +#include linux/key-type.h #define CIFS_MAGIC_NUMBER 0xFF534D42 /* the first four bytes of SMB PDUs */ #ifdef CONFIG_CIFS_QUOTA @@ -1005,12 +1006,16 @@ init_cifs(void) rc = register_filesystem(cifs_fs_type); if (rc) goto out_destroy_request_bufs; - +#ifdef CONFIG_CIFS_UPCALL + rc = register_key_type(cifs_spnego_key_type); + if (rc) + goto out_unregister_filesystem; +#endif oplockThread = kthread_run(cifs_oplock_thread, NULL, cifsoplockd); if (IS_ERR(oplockThread)) { rc = PTR_ERR(oplockThread); cERROR(1, (error %d create oplock thread, rc)); - goto out_unregister_filesystem; + goto out_unregister_key_type; } dnotifyThread = kthread_run(cifs_dnotify_thread, NULL, cifsdnotifyd); @@ -1024,7 +1029,11 @@ init_cifs(void) out_stop_oplock_thread: kthread_stop(oplockThread); + out_unregister_key_type: +#ifdef CONFIG_CIFS_UPCALL + unregister_key_type(cifs_spnego_key_type); out_unregister_filesystem: +#endif unregister_filesystem(cifs_fs_type); out_destroy_request_bufs: cifs_destroy_request_bufs(); @@ -1046,6 +1055,9 @@ exit_cifs(void) #ifdef CONFIG_PROC_FS cifs_proc_clean(); #endif +#ifdef CONFIG_CIFS_UPCALL + unregister_key_type(cifs_spnego_key_type); +#endif unregister_filesystem(cifs_fs_type); cifs_destroy_inodecache(); cifs_destroy_mids(); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] add OIDs for KRB5 and MSKRB5 to ASN1 parsing routines
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e545937a51fe0cc78cea55752764daabb81ec96d Commit: e545937a51fe0cc78cea55752764daabb81ec96d Parent: 84a15b935481fa651cc6ec60aed015312b67adda Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Sat Nov 3 05:11:06 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Nov 3 05:11:06 2007 + [CIFS] add OIDs for KRB5 and MSKRB5 to ASN1 parsing routines Also, fix the parser to recognize them and set the secType accordingly. Make CIFSSMBNegotiate not error out automatically after parsing the securityBlob. Also thanks to Q (Igor) and Simo for their help on this set of kerberos patches (and Dave Howells for help on the upcall). Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/asn1.c| 35 --- fs/cifs/cifsfs.c |1 + fs/cifs/cifssmb.c |3 +-- 3 files changed, 26 insertions(+), 13 deletions(-) diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c index 2a01f3e..bcda2c6 100644 --- a/fs/cifs/asn1.c +++ b/fs/cifs/asn1.c @@ -77,8 +77,12 @@ #define SPNEGO_OID_LEN 7 #define NTLMSSP_OID_LEN 10 +#define KRB5_OID_LEN 7 +#define MSKRB5_OID_LEN 7 static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 }; static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 }; +static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 }; +static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 }; /* * ASN.1 context. @@ -457,6 +461,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, unsigned long *oid = NULL; unsigned int cls, con, tag, oidlen, rc; int use_ntlmssp = FALSE; + int use_kerberos = FALSE; *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/ @@ -545,18 +550,28 @@ decode_negTokenInit(unsigned char *security_blob, int length, return 0; } if ((tag == ASN1_OJI) (con == ASN1_PRI)) { - rc = asn1_oid_decode(ctx, end, oid, oidlen); - if (rc) { + if (asn1_oid_decode(ctx, end, oid, oidlen)) { + cFYI(1, (OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx, oidlen, *oid, *(oid + 1), *(oid + 2), *(oid + 3))); - rc = compare_oid(oid, oidlen, -NTLMSSP_OID, NTLMSSP_OID_LEN); - kfree(oid); - if (rc) + + if (compare_oid(oid, oidlen, + MSKRB5_OID, + MSKRB5_OID_LEN)) + use_kerberos = TRUE; + else if (compare_oid(oid, oidlen, +KRB5_OID, +KRB5_OID_LEN)) + use_kerberos = TRUE; + else if (compare_oid(oid, oidlen, +NTLMSSP_OID, +NTLMSSP_OID_LEN)) use_ntlmssp = TRUE; + + kfree(oid); } } else { cFYI(1, (Should be an oid what is going on?)); @@ -609,12 +624,10 @@ decode_negTokenInit(unsigned char *security_blob, int length, ctx.pointer)); /* is this UTF-8 or ASCII? */ } - /* if (use_kerberos) - *secType = Kerberos - else */ - if (use_ntlmssp) { + if (use_kerberos) + *secType = Kerberos; + else if (use_ntlmssp) *secType = NTLMSSP; - } return 1; } diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index 94c0f55..416dc9f 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -44,6 +44,7 @@ #include cifs_fs_sb.h #include linux/mm.h #include linux/key-type.h +#include cifs_spnego.h #define CIFS_MAGIC_NUMBER 0xFF534D42 /* the first four bytes of SMB PDUs */ #ifdef CONFIG_CIFS_QUOTA diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 0bb3e43..59d7b7c 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -647,8 +647,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses
[CIFS] Add upcall files for cifs to use spnego/kerberos
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f1d662a7d5e5322e583aad6b3cfec03d8f27b435 Commit: f1d662a7d5e5322e583aad6b3cfec03d8f27b435 Parent: e545937a51fe0cc78cea55752764daabb81ec96d Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Nov 5 14:38:08 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Nov 5 14:38:08 2007 + [CIFS] Add upcall files for cifs to use spnego/kerberos Acked-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_spnego.c | 124 + fs/cifs/cifs_spnego.h | 46 ++ 2 files changed, 170 insertions(+), 0 deletions(-) diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c new file mode 100644 index 000..e142faf --- /dev/null +++ b/fs/cifs/cifs_spnego.c @@ -0,0 +1,124 @@ +/* + * fs/cifs/cifs_spnego.c -- SPNEGO upcall management for CIFS + * + * Copyright (c) 2007 Red Hat, Inc. + * Author(s): Jeff Layton ([EMAIL PROTECTED]) + * + * This library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See + * the GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include linux/list.h +#include linux/string.h +#include keys/user-type.h +#include linux/key-type.h +#include cifsglob.h +#include cifs_spnego.h +#include cifs_debug.h + +/* create a new cifs key */ +static int +cifs_spnego_key_instantiate(struct key *key, const void *data, size_t datalen) +{ + char *payload; + int ret; + + ret = -ENOMEM; + payload = kmalloc(datalen, GFP_KERNEL); + if (!payload) + goto error; + + /* attach the data */ + memcpy(payload, data, datalen); + rcu_assign_pointer(key-payload.data, payload); + ret = 0; + +error: + return ret; +} + +static void +cifs_spnego_key_destroy(struct key *key) +{ + kfree(key-payload.data); +} + + +/* + * keytype for CIFS spnego keys + */ +struct key_type cifs_spnego_key_type = { + .name = cifs.spnego, + .instantiate= cifs_spnego_key_instantiate, + .match = user_match, + .destroy= cifs_spnego_key_destroy, + .describe = user_describe, +}; + +/* get a key struct with a SPNEGO security blob, suitable for session setup */ +struct key * +cifs_get_spnego_key(struct cifsSesInfo *sesInfo, const char *hostname) +{ + struct TCP_Server_Info *server = sesInfo-server; + char *description, *dp; + size_t desc_len; + struct key *spnego_key; + + + /* version + ;ip{4|6}= + address + ;host=hostname + ;sec= + NULL */ + desc_len = 2 + 5 + 32 + 1 + 5 + strlen(hostname) + + strlen(;sec=krb5) + 1; + spnego_key = ERR_PTR(-ENOMEM); + description = kzalloc(desc_len, GFP_KERNEL); + if (description == NULL) + goto out; + + dp = description; + /* start with version and hostname portion of UNC string */ + spnego_key = ERR_PTR(-EINVAL); + sprintf(dp, %2.2x;host=%s;, CIFS_SPNEGO_UPCALL_VERSION, + hostname); + dp = description + strlen(description); + + /* add the server address */ + if (server-addr.sockAddr.sin_family == AF_INET) + sprintf(dp, ip4= NIPQUAD_FMT, + NIPQUAD(server-addr.sockAddr.sin_addr)); + else if (server-addr.sockAddr.sin_family == AF_INET6) + sprintf(dp, ip6= NIP6_SEQFMT, + NIP6(server-addr.sockAddr6.sin6_addr)); + else + goto out; + + dp = description + strlen(description); + + /* for now, only sec=krb5 is valid */ + if (server-secType == Kerberos) + sprintf(dp, ;sec=krb5); + else + goto out; + + cFYI(1, (key description = %s, description)); + spnego_key = request_key(cifs_spnego_key_type, description, ); + + if (cifsFYI !IS_ERR(spnego_key)) { + struct cifs_spnego_msg *msg = spnego_key-payload.data; + cifs_dump_mem(SPNEGO reply blob:, msg-data, + msg-secblob_len + msg-sesskey_len); + } + +out: + kfree(description); + return spnego_key; +} diff --git a/fs/cifs/cifs_spnego.h b/fs/cifs/cifs_spnego.h new file mode 100644 index
[CIFS] Fix walking out end of cifs dacl
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=63d2583f5a1a0b72fea3f2171f23f0ca8fa556ec Commit: 63d2583f5a1a0b72fea3f2171f23f0ca8fa556ec Parent: f1d662a7d5e5322e583aad6b3cfec03d8f27b435 Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Nov 5 21:46:10 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Nov 5 21:46:10 2007 + [CIFS] Fix walking out end of cifs dacl Acked-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c |4 ++-- fs/cifs/cifsacl.h |3 +++ fs/cifs/cifsencrypt.c |4 ++-- fs/cifs/netmisc.c |2 +- fs/cifs/readdir.c |2 +- fs/cifs/smbencrypt.c | 14 -- fs/cifs/xattr.c |4 ++-- 7 files changed, 19 insertions(+), 14 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index bd75a3b..38d09fa 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -327,7 +327,7 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, group_sid_ptr = (struct cifs_sid *)((char *)pntsd + le32_to_cpu(pntsd-gsidoffset)); dacloffset = le32_to_cpu(pntsd-dacloffset); - dacl_ptr = (struct cifs_acl *)(char *)pntsd + dacloffset; + dacl_ptr = (struct cifs_acl *)((char *)pntsd + dacloffset); #ifdef CONFIG_CIFS_DEBUG2 cFYI(1, (revision %d type 0x%x ooffset 0x%x goffset 0x%x sacloffset 0x%x dacloffset 0x%x, @@ -346,7 +346,7 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len, if (dacloffset) parse_dacl(dacl_ptr, end_of_acl, owner_sid_ptr, - group_sid_ptr, inode); + group_sid_ptr, inode); else cFYI(1, (no ACL)); /* BB grant all or default perms? */ diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 30b0caf..93a7c34 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -35,6 +35,9 @@ #define UBITSHIFT 6 #define GBITSHIFT 3 +#define ACCESS_ALLOWED 0 +#define ACCESS_DENIED 1 + struct cifs_ntsd { __le16 revision; /* revision level */ __le16 type; diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 788f0ad..4ff8939 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -108,7 +108,7 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec, /* The first entry includes a length field (which does not get signed that occupies the first 4 bytes before the header */ if (i == 0) { - if (iov[0].iov_len = 8 ) /* cmd field at offset 9 */ + if (iov[0].iov_len = 8) /* cmd field at offset 9 */ break; /* nothing to sign or corrupt header */ MD5Update(context, iov[0].iov_base+4, iov[0].iov_len-4); @@ -123,7 +123,7 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec, int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, - __u32 * pexpected_response_sequence_number) + __u32 *pexpected_response_sequence_number) { int rc = 0; char smb_signature[20]; diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c index e1704da..646e1f0 100644 --- a/fs/cifs/netmisc.c +++ b/fs/cifs/netmisc.c @@ -770,7 +770,7 @@ cifs_print_status(__u32 status_code) static void -ntstatus_to_dos(__u32 ntstatus, __u8 * eclass, __u16 * ecode) +ntstatus_to_dos(__u32 ntstatus, __u8 *eclass, __u16 *ecode) { int i; if (ntstatus == 0) { diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c index 3746580..82497d4 100644 --- a/fs/cifs/readdir.c +++ b/fs/cifs/readdir.c @@ -495,7 +495,7 @@ ffirst_retry: static int cifs_unicode_bytelen(char *str) { int len; - __le16 * ustr = (__le16 *)str; + __le16 *ustr = (__le16 *)str; for (len = 0; len = PATH_MAX; len++) { if (ustr[len] == 0) diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c index bd3c467..58bbfd9 100644 --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c @@ -80,7 +80,7 @@ SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24) /* Routines for Windows NT MD4 Hash functions. */ static int -_my_wcslen(__u16 * str) +_my_wcslen(__u16 *str) { int len = 0; while (*str++ != 0) @@ -96,7 +96,7 @@ _my_wcslen(__u16 * str) */ static int -_my_mbstowcs(__u16 * dst, const unsigned char *src, int len) +_my_mbstowcs(__u16 *dst, const unsigned char *src, int len) { /* BB not a very good conversion routine - change/fix */ int i; __u16 val; @@ -125,9 +125,9 @@ E_md4hash(const unsigned char *passwd, unsigned char *p16) /* Password cannot be longer than 128 characters */ if (passwd) { len = strlen((char
[CIFS] add mode to acl conversion helper function
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ce06c9f025120dbb2978d9b84641d76c25f17902 Commit: ce06c9f025120dbb2978d9b84641d76c25f17902 Parent: 15b0395911eb45a0834755f0d9e84570644a8c22 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Nov 8 21:12:01 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Nov 8 21:12:01 2007 + [CIFS] add mode to acl conversion helper function Acked-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |3 +++ fs/cifs/cifsacl.c | 35 +-- fs/cifs/cifsfs.h |2 +- 3 files changed, 37 insertions(+), 3 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 6d3e736..53629b8 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,3 +1,6 @@ +Version 1.52 + + Version 1.51 Fix memory leak in statfs when mounted to very old servers (e.g. diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index ec44580..dabbce0 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -138,9 +138,9 @@ static void access_flags_to_mode(__u32 ace_flags, int type, umode_t *pmode, umode_t *pbits_to_set) { /* the order of ACEs is important. The canonical order is to begin with - DENY entries then follow with ALLOW, otherwise an allow entry could be + DENY entries followed by ALLOW, otherwise an allow entry could be encountered first, making the subsequent deny entry like dead code - which would be superflous since Windows stops when a match is made + which would be superflous since Windows stops when a match is made for the operation you are trying to perform for your user */ /* For deny ACEs we change the mask so that subsequent allow access @@ -188,6 +188,37 @@ static void access_flags_to_mode(__u32 ace_flags, int type, umode_t *pmode, return; } +/* + Generate access flags to reflect permissions mode is the existing mode. + This function is called for every ACE in the DACL whose SID matches + with either owner or group or everyone. +*/ + +static void mode_to_access_flags(umode_t mode, umode_t bits_to_use, + __u32 *pace_flags) +{ + /* reset access mask */ + *pace_flags = 0x0; + + /* bits to use are either S_IRWXU or S_IRWXG or S_IRWXO */ + mode = bits_to_use; + + /* check for R/W/X UGO since we do not know whose flags + is this but we have cleared all the bits sans RWX for + either user or group or other as per bits_to_use */ + if (mode S_IRUGO) + *pace_flags |= SET_FILE_READ_RIGHTS; + if (mode S_IWUGO) + *pace_flags |= SET_FILE_WRITE_RIGHTS; + if (mode S_IXUGO) + *pace_flags |= SET_FILE_EXEC_RIGHTS; + +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (mode: 0x%x, access flags now 0x%x, mode, *pace_flags)); +#endif + return; +} + #ifdef CONFIG_CIFS_DEBUG2 static void dump_ace(struct cifs_ace *pace, char *end_of_acl) diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 0a3ee5a..62357d2 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -106,5 +106,5 @@ extern int cifs_ioctl(struct inode *inode, struct file *filep, extern struct export_operations cifs_export_ops; #endif /* EXPERIMENTAL */ -#define CIFS_VERSION 1.51 +#define CIFS_VERSION 1.52 #endif /* _CIFSFS_H */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix stale mode after readdir when cifsacl specified
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a6f8de3d9b124c95893054fd2a78bc7be5bb9000 Commit: a6f8de3d9b124c95893054fd2a78bc7be5bb9000 Parent: ce06c9f025120dbb2978d9b84641d76c25f17902 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Nov 8 23:10:32 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Nov 8 23:10:32 2007 + [CIFS] Fix stale mode after readdir when cifsacl specified When mounted with cifsacl mount option, readdir can not instantiate the inode with the estimated mode based on the ACL for each file since we have not queried for the ACL for each of these files yet. So set the refresh time to zero for these inodes so that the next stat will cause the client to go to the server for the ACL info so we can build the estimated mode (this means we also will issue an extra QueryPathInfo if the stat happens within 1 second, but this is trivial compared to the time required to open/getacl/close for each). ls -l is slower when cifsacl mount option is specified, but displays correct mode information. Signed-off-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/readdir.c |8 +++- 1 files changed, 7 insertions(+), 1 deletions(-) diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c index 82497d4..0f22def 100644 --- a/fs/cifs/readdir.c +++ b/fs/cifs/readdir.c @@ -171,7 +171,13 @@ static void fill_in_inode(struct inode *tmp_inode, int new_buf_type, /* Linux can not store file creation time unfortunately so ignore it */ cifsInfo-cifsAttrs = attr; - cifsInfo-time = jiffies; +#ifdef CONFIG_CIFS_EXPERIMENTAL + if (cifs_sb-mnt_cifs_flags CIFS_MOUNT_CIFS_ACL) { + /* get more accurate mode via ACL - so force inode refresh */ + cifsInfo-time = 0; + } else +#endif /* CONFIG_CIFS_EXPERIMENTAL */ + cifsInfo-time = jiffies; /* treat dos attribute of read-only as read-only mode bit e.g. 555? */ /* 2767 perms - indicate mandatory locking */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] fix oops on second mount to same server when null auth is used
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9b8f5f573770f33b28c45255ac82e6457278c782 Commit: 9b8f5f573770f33b28c45255ac82e6457278c782 Parent: a6f8de3d9b124c95893054fd2a78bc7be5bb9000 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Fri Nov 9 23:25:04 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Nov 9 23:25:04 2007 + [CIFS] fix oops on second mount to same server when null auth is used When a share is mounted using no username, cifs_mount sets volume_info.username as a NULL pointer, and the sesInfo userName as an empty string. The volume_info.username is passed to a couple of other functions to see if there is an existing unc or tcp connection that can be used. These functions assume that the username will be a valid string that can be passed to strncmp. If the pointer is NULL, then the kernel will oops if there's an existing session to which the string can be compared. This patch changes cifs_mount to set volume_info.username to an empty string in this situation, which prevents the oops and should make it so that the comparison to other null auth sessions match. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |1 + fs/cifs/connect.c |2 +- 2 files changed, 2 insertions(+), 1 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 53629b8..64dd222 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,5 +1,6 @@ Version 1.52 +Fix oops on second mount to server when null auth is used. Version 1.51 diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 380ee99..1102160 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1790,7 +1790,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, if (volume_info.nullauth) { cFYI(1, (null user)); - volume_info.username = NULL; + volume_info.username = ; } else if (volume_info.username) { /* BB fixme parse for domain name here */ cFYI(1, (Username: %s, volume_info.username)); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] log better errors on failed mounts
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a761ac579b89bc1f00212a42401398108deba65c Commit: a761ac579b89bc1f00212a42401398108deba65c Parent: abb63d6c3d3d0e4d93b63589135962091154be9b Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Oct 18 21:45:27 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Oct 18 21:45:27 2007 + [CIFS] log better errors on failed mounts Also returns more accurate errors to mount for the cases of account expired and password expired Acked-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsproto.h |5 +++-- fs/cifs/cifssmb.c | 10 +- fs/cifs/netmisc.c | 28 ++-- fs/cifs/sess.c |3 ++- fs/cifs/smberr.h|5 +++-- fs/cifs/transport.c | 10 -- 6 files changed, 35 insertions(+), 26 deletions(-) diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 001f0dc..1a88366 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -50,7 +50,8 @@ extern int SendReceive(const unsigned int /* xid */ , struct cifsSesInfo *, int * /* bytes returned */ , const int long_op); extern int SendReceive2(const unsigned int /* xid */ , struct cifsSesInfo *, struct kvec *, int /* nvec to send */, - int * /* type of buf returned */ , const int long_op); + int * /* type of buf returned */ , const int long_op, + const int logError /* whether to log status code*/ ); extern int SendReceiveBlockingLock(const unsigned int /* xid */ , struct cifsTconInfo *, struct smb_hdr * /* input */ , @@ -65,7 +66,7 @@ extern unsigned int smbCalcSize_LE(struct smb_hdr *ptr); extern int decode_negTokenInit(unsigned char *security_blob, int length, enum securityEnum *secType); extern int cifs_inet_pton(int, char *source, void *dst); -extern int map_smb_to_linux_error(struct smb_hdr *smb); +extern int map_smb_to_linux_error(struct smb_hdr *smb, int logErr); extern void header_assemble(struct smb_hdr *, char /* command */ , const struct cifsTconInfo *, int /* length of fixed section (word count) in two byte units */); diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 2b2d4fe..f0d9a48 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -1446,9 +1446,8 @@ CIFSSMBRead(const int xid, struct cifsTconInfo *tcon, const int netfid, iov[0].iov_base = (char *)pSMB; iov[0].iov_len = pSMB-hdr.smb_buf_length + 4; - rc = SendReceive2(xid, tcon-ses, iov, - 1 /* num iovecs */, - resp_buf_type, 0); + rc = SendReceive2(xid, tcon-ses, iov, 1 /* num iovecs */, +resp_buf_type, 0 /* not long op */, 1 /* log err */ ); cifs_stats_inc(tcon-num_reads); pSMBr = (READ_RSP *)iov[0].iov_base; if (rc) { @@ -1667,7 +1666,7 @@ CIFSSMBWrite2(const int xid, struct cifsTconInfo *tcon, rc = SendReceive2(xid, tcon-ses, iov, n_vec + 1, resp_buf_type, - long_op); + long_op, 0 /* do not log STATUS code */ ); cifs_stats_inc(tcon-num_writes); if (rc) { cFYI(1, (Send error Write2 = %d, rc)); @@ -3094,7 +3093,8 @@ CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid, iov[0].iov_base = (char *)pSMB; iov[0].iov_len = pSMB-hdr.smb_buf_length + 4; - rc = SendReceive2(xid, tcon-ses, iov, 1 /* num iovec */, buf_type, 0); + rc = SendReceive2(xid, tcon-ses, iov, 1 /* num iovec */, buf_type, +0 /* not long op */, 0 /* do not log STATUS codes */ ); cifs_stats_inc(tcon-num_acl_get); if (rc) { cFYI(1, (Send error in QuerySecDesc = %d, rc)); diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c index 9ae4941..f06359c 100644 --- a/fs/cifs/netmisc.c +++ b/fs/cifs/netmisc.c @@ -114,10 +114,16 @@ static const struct smb_to_posix_error mapping_table_ERRSRV[] = { {ERRusempx, -EIO}, {ERRusestd, -EIO}, {ERR_NOTIFY_ENUM_DIR, -ENOBUFS}, - {ERRaccountexpired, -EACCES}, + {ERRnoSuchUser, -EACCES}, +/* {ERRaccountexpired, -EACCES}, {ERRbadclient, -EACCES}, {ERRbadLogonTime, -EACCES}, - {ERRpasswordExpired, -EACCES}, + {ERRpasswordExpired, -EACCES},*/ + {ERRaccountexpired, -EKEYEXPIRED}, + {ERRbadclient, -EACCES}, + {ERRbadLogonTime, -EACCES}, + {ERRpasswordExpired, -EKEYEXPIRED}, + {ERRnosupport, -EINVAL}, {0, 0} }; @@ -270,7 +276,7 @@ static const struct { from NT_STATUS_NO_SUCH_USER to NT_STATUS_LOGON_FAILURE during the session setup
[CIFS] fix typo
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d628ddb62d3050e8e474aa3566bc6bafbe4b9c26 Commit: d628ddb62d3050e8e474aa3566bc6bafbe4b9c26 Parent: a750e77c21d75abd26fbbde2e104fd406566b6e5 Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 17 23:06:07 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 17 23:06:07 2007 + [CIFS] fix typo Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index ecd6da9..e8e5635 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -182,7 +182,7 @@ static void parse_ntace(struct cifs_ntace *pntace, char *end_of_acl) static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, - struct cifs_sid *pownersid, struct cifs_sid pgrpsid) + struct cifs_sid *pownersid, struct cifs_sid *pgrpsid) { int i; int num_aces = 0; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] acl support part 4
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a750e77c21d75abd26fbbde2e104fd406566b6e5 Commit: a750e77c21d75abd26fbbde2e104fd406566b6e5 Parent: d5d18501090179d557a4ca976d1c30bfaf5de091 Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 17 22:50:39 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 17 22:50:39 2007 + [CIFS] acl support part 4 Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 19 ++- fs/cifs/cifsacl.h |9 + fs/cifs/cifspdu.h |6 ++ 3 files changed, 25 insertions(+), 9 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index c46f26b..ecd6da9 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -95,23 +95,24 @@ int match_sid(struct cifs_sid *ctsid) return (-1); } - +/* if the two SIDs (roughly equivalent to a UUID for a user or group) are + the same returns 1, if they do not match returns 0 */ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) { int i; int num_subauth, num_sat, num_saw; if ((!ctsid) || (!cwsid)) - return (-1); + return (0); /* compare the revision */ if (ctsid-revision != cwsid-revision) - return (-1); + return (0); /* compare all of the six auth values */ for (i = 0; i 6; ++i) { if (ctsid-authority[i] != cwsid-authority[i]) - return (-1); + return (0); } /* compare all of the subauth values if any */ @@ -121,11 +122,11 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) if (num_subauth) { for (i = 0; i num_subauth; ++i) { if (ctsid-sub_auth[i] != cwsid-sub_auth[i]) - return (-1); + return (0); } } - return (0); /* sids compare/match */ + return (1); /* sids compare/match */ } @@ -180,7 +181,8 @@ static void parse_ntace(struct cifs_ntace *pntace, char *end_of_acl) -static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) +static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, + struct cifs_sid *pownersid, struct cifs_sid pgrpsid) { int i; int num_aces = 0; @@ -219,7 +221,6 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) cifscred-aces = kmalloc(num_aces * sizeof(struct cifs_ace *), GFP_KERNEL);*/ - for (i = 0; i num_aces; ++i) { ppntace[i] = (struct cifs_ntace *) (acl_base + acl_size); @@ -317,7 +318,7 @@ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) if (rc) return rc; - parse_dacl(dacl_ptr, end_of_acl); + parse_dacl(dacl_ptr, end_of_acl, owner_sid_ptr, group_sid_ptr); /* cifscred-uid = owner_sid_ptr-rid; cifscred-gid = group_sid_ptr-rid; diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index fa01053..420f878 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -23,9 +23,18 @@ #define _CIFSACL_H +#define NUM_AUTHS 6 /* number of authority fields */ +#define NUM_SUBAUTHS 5 /* number of sub authority fields */ #define NUM_WK_SIDS 7 /* number of well known sids */ #define SIDNAMELENGTH 20 /* long enough for the ones we care about */ +#define READ_BIT0x4 +#define WRITE_BIT 0x2 +#define EXEC_BIT0x1 + +#define UBITSHIFT 6 +#define GBITSHIFT 3 + struct cifs_ntsd { __le16 revision; /* revision level */ __le16 type; diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index d2f0cf2..c41ff74 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h @@ -215,6 +215,12 @@ /* file_execute, file_read_attributes*/ /* write_dac, and delete. */ +#define FILE_READ_RIGHTS (FILE_READ_DATA | FILE_READ_EA | FILE_READ_ATTRIBUTES) +#define FILE_WRITE_RIGHTS (FILE_WRITE_DATA | FILE_APPEND_DATA \ + | FILE_WRITE_EA | FILE_WRITE_ATTRIBUTES) +#define FILE_EXEC_RIGHTS (FILE_EXECUTE) + + /* * Invalid readdir handle */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix minor problems noticed by scan
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d5d18501090179d557a4ca976d1c30bfaf5de091 Commit: d5d18501090179d557a4ca976d1c30bfaf5de091 Parent: c18c732ec6bf372aa959ca6534cbfc32e464defd Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 17 21:31:52 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 17 21:31:52 2007 + [CIFS] Fix minor problems noticed by scan Coverity scan pointed out some minor possible errors. Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsfs.c | 12 ++-- fs/cifs/netmisc.c |5 - 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index abca6b0..91ba328 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -308,15 +308,15 @@ cifs_show_options(struct seq_file *s, struct vfsmount *m) seq_printf(s, ,domain=%s, cifs_sb-tcon-ses-domainName); } + if ((cifs_sb-mnt_cifs_flags CIFS_MOUNT_OVERR_UID) || + !(cifs_sb-tcon-unix_ext)) + seq_printf(s, ,uid=%d, cifs_sb-mnt_uid); + if ((cifs_sb-mnt_cifs_flags CIFS_MOUNT_OVERR_GID) || + !(cifs_sb-tcon-unix_ext)) + seq_printf(s, ,gid=%d, cifs_sb-mnt_gid); } if (cifs_sb-mnt_cifs_flags CIFS_MOUNT_POSIX_PATHS) seq_printf(s, ,posixpaths); - if ((cifs_sb-mnt_cifs_flags CIFS_MOUNT_OVERR_UID) || - !(cifs_sb-tcon-unix_ext)) - seq_printf(s, ,uid=%d, cifs_sb-mnt_uid); - if ((cifs_sb-mnt_cifs_flags CIFS_MOUNT_OVERR_GID) || - !(cifs_sb-tcon-unix_ext)) - seq_printf(s, ,gid=%d, cifs_sb-mnt_gid); seq_printf(s, ,rsize=%d, cifs_sb-rsize); seq_printf(s, ,wsize=%d, cifs_sb-wsize); } diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c index 2bfed3f..9ae4941 100644 --- a/fs/cifs/netmisc.c +++ b/fs/cifs/netmisc.c @@ -899,8 +899,11 @@ struct timespec cnvrtDosUnixTm(__u16 date, __u16 time) cERROR(1, (illegal hours %d, st-Hours)); days = sd-Day; month = sd-Month; - if ((days 31) || (month 12)) + if ((days 31) || (month 12)) { cERROR(1, (illegal date, month %d day: %d, month, days)); + if (month 12) + month = 12; + } month -= 1; days += total_days_of_prev_months[month]; days += 3652; /* account for difference in days between 1980 and 1970 */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] build break
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a49ddf4ce5a5997f0695b194587290ea72e9 Commit: a49ddf4ce5a5997f0695b194587290ea72e9 Parent: adbc03587c17e8f50478c1d7744a454cfb9e0653 Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 17 02:48:17 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 17 02:48:17 2007 + [CIFS] build break Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index b1f448f..c46f26b 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -116,7 +116,7 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) /* compare all of the subauth values if any */ num_sat = ctsid-num_subauth; - num_saw = cwsid-num_subauth); + num_saw = cwsid-num_subauth; num_subauth = num_sat num_saw ? num_sat : num_saw; if (num_subauth) { for (i = 0; i num_subauth; ++i) { - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] missing #endif from a previous patch
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=016ec75f1a0c0e765fce65d794569979104f031d Commit: 016ec75f1a0c0e765fce65d794569979104f031d Parent: 6345a3a88012b0060ddeca8874e51cb442e1fb20 Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Oct 16 18:10:10 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 16 18:10:10 2007 + [CIFS] missing #endif from a previous patch Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsglob.h |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 9b7762c..87f51f2 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -499,11 +499,13 @@ require use of the stronger protocol */ #define CIFSSEC_MASK 0x3F03F /* allows weak security but also krb5 */ #else #define CIFSSEC_MASK 0x37037 /* current flags supported if weak */ +#endif /* UPCALL */ #else /* do not allow weak pw hash */ #ifdef CONFIG_CIFS_UPCALL #define CIFSSEC_MASK 0x0F00F /* flags supported if no weak allowed */ #else #define CIFSSEC_MASK 0x07007 /* flags supported if no weak allowed */ +#endif /* UPCALL */ #endif /* WEAK_PW_HASH */ #define CIFSSEC_MUST_SEAL0x40040 /* not supported yet */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] formatting fixes
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6345a3a88012b0060ddeca8874e51cb442e1fb20 Commit: 6345a3a88012b0060ddeca8874e51cb442e1fb20 Parent: 0d3a01fadacef5901005dc8f61688a8f0471dc79 Author: Cyrill Gorcunov [EMAIL PROTECTED] AuthorDate: Tue Oct 16 17:57:55 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 16 17:57:55 2007 + [CIFS] formatting fixes Signed-off-by: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c | 57 1 files changed, 26 insertions(+), 31 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index c0cd3ce..494455e 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1468,7 +1468,7 @@ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket, if (psin_server-sin_port) { /* user overrode default port */ rc = (*csocket)-ops-connect(*csocket, (struct sockaddr *) psin_server, - sizeof (struct sockaddr_in), 0); + sizeof(struct sockaddr_in), 0); if (rc = 0) connected = 1; } @@ -1484,7 +1484,7 @@ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket, rc = (*csocket)-ops-connect(*csocket, (struct sockaddr *) psin_server, - sizeof (struct sockaddr_in), 0); + sizeof(struct sockaddr_in), 0); if (rc = 0) connected = 1; } @@ -1493,7 +1493,7 @@ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket, psin_server-sin_port = htons(RFC1001_PORT); rc = (*csocket)-ops-connect(*csocket, (struct sockaddr *) psin_server, - sizeof (struct sockaddr_in), 0); + sizeof(struct sockaddr_in), 0); if (rc = 0) connected = 1; } @@ -1601,7 +1601,7 @@ ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket) if (psin_server-sin6_port) { /* user overrode default port */ rc = (*csocket)-ops-connect(*csocket, (struct sockaddr *) psin_server, - sizeof (struct sockaddr_in6), 0); + sizeof(struct sockaddr_in6), 0); if (rc = 0) connected = 1; } @@ -1617,7 +1617,7 @@ ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket) rc = (*csocket)-ops-connect(*csocket, (struct sockaddr *) psin_server, - sizeof (struct sockaddr_in6), 0); + sizeof(struct sockaddr_in6), 0); if (rc = 0) connected = 1; } @@ -1625,7 +1625,7 @@ ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket) if (!connected) { psin_server-sin6_port = htons(RFC1001_PORT); rc = (*csocket)-ops-connect(*csocket, (struct sockaddr *) -psin_server, sizeof (struct sockaddr_in6), 0); +psin_server, sizeof(struct sockaddr_in6), 0); if (rc = 0) connected = 1; } @@ -1920,7 +1920,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, return rc; } else { memcpy(srvTcp-addr.sockAddr, sin_server, - sizeof (struct sockaddr_in)); + sizeof(struct sockaddr_in)); atomic_set(srvTcp-inFlight, 0); /* BB Add code for ipv6 case too */ srvTcp-ssocket = csocket; @@ -2557,7 +2557,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, int remaining_words = 0; int bytes_returned = 0; int len; - int SecurityBlobLength = sizeof (NEGOTIATE_MESSAGE); + int SecurityBlobLength = sizeof(NEGOTIATE_MESSAGE); PNEGOTIATE_MESSAGE SecurityBlob; PCHALLENGE_MESSAGE SecurityBlob2; __u32 negotiate_flags, capabilities; @@ -2881,8 +2881,8 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, } static int CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, - char *ntlm_session_key, int ntlmv2_flag, - const struct nls_table *nls_codepage) + char *ntlm_session_key, int ntlmv2_flag
[CIFS] parse server_GUID in SPNEGO negProt response
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e187e44eb8902089da0c7725d606b0e20fee981d Commit: e187e44eb8902089da0c7725d606b0e20fee981d Parent: 7111d2144f17155b66e89b3655fcddbedefcf8a6 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Tue Oct 16 17:10:44 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 16 17:10:44 2007 + [CIFS] parse server_GUID in SPNEGO negProt response SPNEGO NegProt response also contains a server_GUID. Parse it as we would for RawNTLMSSP. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifssmb.c | 32 ++-- 1 files changed, 18 insertions(+), 14 deletions(-) diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 9eef724..14dabbb 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -621,22 +621,26 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) if ((pSMBr-hdr.Flags2 SMBFLG2_EXT_SEC) (server-capabilities CAP_EXTENDED_SECURITY)) { count = pSMBr-ByteCount; - if (count 16) + if (count 16) { rc = -EIO; - else if (count == 16) { - server-secType = RawNTLMSSP; - if (server-socketUseCount.counter 1) { - if (memcmp(server-server_GUID, - pSMBr-u.extended_response. - GUID, 16) != 0) { - cFYI(1, (server UID changed)); - memcpy(server-server_GUID, - pSMBr-u.extended_response.GUID, - 16); - } - } else + goto neg_err_exit; + } + + if (server-socketUseCount.counter 1) { + if (memcmp(server-server_GUID, + pSMBr-u.extended_response. + GUID, 16) != 0) { + cFYI(1, (server UID changed)); memcpy(server-server_GUID, - pSMBr-u.extended_response.GUID, 16); + pSMBr-u.extended_response.GUID, + 16); + } + } else + memcpy(server-server_GUID, + pSMBr-u.extended_response.GUID, 16); + + if (count == 16) { + server-secType = RawNTLMSSP; } else { rc = decode_negTokenInit(pSMBr-u.extended_response. SecurityBlob, - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS]
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7111d2144f17155b66e89b3655fcddbedefcf8a6 Commit: 7111d2144f17155b66e89b3655fcddbedefcf8a6 Parent: 8f2376adfb57d95973b64ecdf016937f436b9bf0 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Tue Oct 16 16:50:25 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 16 16:50:25 2007 + [CIFS] [CIFS] fix error message about packet signing When packet signing is disabled and the server requires it, cifs prints an error message. The current message refers to a file in /proc that no longer exists. Fix it to refer to the correct file. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifssmb.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index b179836..9eef724 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -661,8 +661,8 @@ signing_check: cFYI(1, (Signing disabled)); if (server-secMode SECMODE_SIGN_REQUIRED) cERROR(1, (Server requires - /proc/fs/cifs/PacketSigningEnabled - to be on)); + packet signing to be enabled in + /proc/fs/cifs/SecurityFlags.)); server-secMode = ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED); } else if ((secFlags CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) { - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix endian conversion problem in posix mkdir
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8f2376adfb57d95973b64ecdf016937f436b9bf0 Commit: 8f2376adfb57d95973b64ecdf016937f436b9bf0 Parent: 516897a208bc1423d561ce2ccce0624c3b652275 Author: Cyril Gorcunov [EMAIL PROTECTED] AuthorDate: Sun Oct 14 17:58:43 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sun Oct 14 17:58:43 2007 + [CIFS] Fix endian conversion problem in posix mkdir Signed-off-by: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |3 ++- fs/cifs/cifsacl.h |4 ++-- fs/cifs/cifsencrypt.c |5 +++-- fs/cifs/cifssmb.c |8 fs/cifs/inode.c |3 ++- 5 files changed, 13 insertions(+), 10 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 13071fa..70c90c0 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -9,7 +9,8 @@ ability to mount to IPC$ share (which allows CIFS named pipes to be opened, read and written as if they were files). When 1st tree connect fails (e.g. due to signing negotiation failure) fix leak that causes cifsd not to stop and rmmod to fail to cleanup -cifs_request_buffers pool. +cifs_request_buffers pool. Fix problem with POSIX Open/Mkdir on +bigendian architectures. Version 1.50 diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 1b11564..0362cd1 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -51,8 +51,8 @@ struct cifs_acl { struct cifs_ntace { /* first part of ACE which contains perms */ __u8 type; __u8 flags; - __u16 size; - __u32 access_req; + __le16 size; + __le32 access_req; } __attribute__((packed)); struct cifs_ace { /* last part of ACE which includes user info */ diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 3627229..632070b 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -345,7 +345,7 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, user = kmalloc(2 + (len * 2), GFP_KERNEL); if (user == NULL) goto calc_exit_2; - len = cifs_strtoUCS(user, ses-userName, len, nls_cp); + len = cifs_strtoUCS((__le16 *)user, ses-userName, len, nls_cp); UniStrupr(user); hmac_md5_update((char *)user, 2*len, pctxt); @@ -356,7 +356,8 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, domain = kmalloc(2 + (len * 2), GFP_KERNEL); if (domain == NULL) goto calc_exit_1; - len = cifs_strtoUCS(domain, ses-domainName, len, nls_cp); + len = cifs_strtoUCS((__le16 *)domain, ses-domainName, len, + nls_cp); /* the following line was removed since it didn't work well with lower cased domain name that passed as an option. Maybe converting the domain name earlier makes sense */ diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index eff3226..b179836 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -1069,7 +1069,7 @@ PsxCreat: InformationLevel) - 4; offset = param_offset + params; pdata = (OPEN_PSX_REQ *)(((char *)pSMB-hdr.Protocol) + offset); - pdata-Level = SMB_QUERY_FILE_UNIX_BASIC; + pdata-Level = cpu_to_le16(SMB_QUERY_FILE_UNIX_BASIC); pdata-Permissions = cpu_to_le64(mode); pdata-PosixOpenFlags = cpu_to_le32(posix_flags); pdata-OpenFlags = cpu_to_le32(*pOplock); @@ -1115,8 +1115,8 @@ PsxCreat: if (cpu_to_le32(FILE_CREATE) == psx_rsp-CreateAction) *pOplock |= CIFS_CREATE_ACTION; /* check to make sure response data is there */ - if (psx_rsp-ReturnedLevel != SMB_QUERY_FILE_UNIX_BASIC) { - pRetData-Type = -1; /* unknown */ + if (psx_rsp-ReturnedLevel != cpu_to_le16(SMB_QUERY_FILE_UNIX_BASIC)) { + pRetData-Type = cpu_to_le32(-1); /* unknown */ #ifdef CONFIG_CIFS_DEBUG2 cFYI(1, (unknown type)); #endif @@ -1124,7 +1124,7 @@ PsxCreat: if (pSMBr-ByteCount sizeof(OPEN_PSX_RSP) + sizeof(FILE_UNIX_BASIC_INFO)) { cERROR(1, (Open response data too small)); - pRetData-Type = -1; + pRetData-Type = cpu_to_le32(-1); goto psx_create_err; } memcpy((char *) pRetData, diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index ece17ca..cc119b2 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -947,7 +947,8 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) d_drop(direntry); } else { int obj_type; - if (pInfo-Type == -1) /* no return info - go query */ { + if (pInfo-Type
[CIFS] remove two sparse warnings
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2c2130e16f0e134aa65515fd0c2436fda465b1b6 Commit: 2c2130e16f0e134aa65515fd0c2436fda465b1b6 Parent: 8f18c1316b71df76bb7076c392134864a18636c1 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Oct 12 19:10:28 2007 + Committer: Cyrill Gorcunov [EMAIL PROTECTED] CommitDate: Fri Oct 12 19:10:28 2007 + [CIFS] remove two sparse warnings Signed-off-by: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/file.c|4 ++-- fs/cifs/readdir.c |6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/fs/cifs/file.c b/fs/cifs/file.c index 780c0e3..1e7e4c0 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -1755,7 +1755,7 @@ static int cifs_readpages(struct file *file, struct address_space *mapping, struct page *page; struct cifs_sb_info *cifs_sb; struct cifsTconInfo *pTcon; - int bytes_read = 0; + unsigned int bytes_read = 0; unsigned int read_size, i; char *smb_read_data = NULL; struct smb_com_read_rsp *pSMBr; @@ -1849,7 +1849,7 @@ static int cifs_readpages(struct file *file, struct address_space *mapping, i += bytes_read PAGE_CACHE_SHIFT; cifs_stats_bytes_read(pTcon, bytes_read); - if ((int)(bytes_read PAGE_CACHE_MASK) != bytes_read) { + if ((bytes_read PAGE_CACHE_MASK) != bytes_read) { i++; /* account for partial page */ /* server copy of file can have smaller size diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c index b5a9bff..3746580 100644 --- a/fs/cifs/readdir.c +++ b/fs/cifs/readdir.c @@ -121,7 +121,7 @@ static void AdjustForTZ(struct cifsTconInfo *tcon, struct inode *inode) static void fill_in_inode(struct inode *tmp_inode, int new_buf_type, - char *buf, int *pobject_type, int isNewInode) + char *buf, unsigned int *pobject_type, int isNewInode) { loff_t local_size; struct timespec local_mtime; @@ -294,7 +294,7 @@ static void fill_in_inode(struct inode *tmp_inode, int new_buf_type, } static void unix_fill_in_inode(struct inode *tmp_inode, - FILE_UNIX_INFO *pfindData, int *pobject_type, int isNewInode) + FILE_UNIX_INFO *pfindData, unsigned int *pobject_type, int isNewInode) { loff_t local_size; struct timespec local_mtime; @@ -826,7 +826,7 @@ static int cifs_filldir(char *pfindEntry, struct file *file, int rc = 0; struct qstr qstring; struct cifsFileInfo *pCifsF; - unsigned obj_type; + unsigned int obj_type; ino_t inum; struct cifs_sb_info *cifs_sb; struct inode *tmp_inode; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix cifsd so shuts down when signing fails during mount
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a013689ddb2a4ba5f0452c053c0bf00bafb686f1 Commit: a013689ddb2a4ba5f0452c053c0bf00bafb686f1 Parent: d12fd121afd4f87cbc7675f8f6b651d649534f15 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Oct 4 20:05:09 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Oct 4 20:05:09 2007 + [CIFS] Fix cifsd so shuts down when signing fails during mount Fixes two problems: 1) we dropped down to negotiating lanman if we did not recognize the mechanism (krb5 e.g.) 2) we did not stop cifsd (thus will fail when doing rmod cifs with slab free errors) when we fail tcon but have a bad session (which is the case in which signing is required but we don't allow signing on the client) It also turns on extended security flag in the header when passing sec=krb5 on mount command (although kerberos support is not done of course) Acked-by: Jeff Layton [EMAIL PROTECTED] CC: Shaggy [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_debug.c | 11 --- fs/cifs/cifsglob.h |4 +++- fs/cifs/cifssmb.c| 23 --- fs/cifs/connect.c| 12 +++- 4 files changed, 42 insertions(+), 8 deletions(-) diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index 56c5d91..73c4c41 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c @@ -879,11 +879,16 @@ security_flags_write(struct file *file, const char __user *buffer, if (count 3) { /* single char or single char followed by null */ c = flags_string[0]; - if (c == '0' || c == 'n' || c == 'N') + if (c == '0' || c == 'n' || c == 'N') { extended_security = CIFSSEC_DEF; /* default */ - else if (c == '1' || c == 'y' || c == 'Y') + return count; + } else if (c == '1' || c == 'y' || c == 'Y') { extended_security = CIFSSEC_MAX; - return count; + return count; + } else if (!isdigit(c)) { + cERROR(1, (invalid flag %c, c)); + return -EINVAL; + } } /* else we have a number */ diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 3fb046b..fbde55c 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -90,7 +90,8 @@ enum statusEnum { }; enum securityEnum { - LANMAN = 0, /* Legacy LANMAN auth */ + PLAINTXT = 0, /* Legacy with Plaintext passwords */ + LANMAN, /* Legacy LANMAN auth */ NTLM, /* Legacy NTLM012 auth with NTLM hash */ NTLMv2, /* Legacy NTLM auth with NTLMv2 hash */ RawNTLMSSP, /* NTLMSSP without SPNEGO */ @@ -499,6 +500,7 @@ require use of the stronger protocol */ #define CIFSSEC_DEF CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLM | CIFSSEC_MAY_NTLMV2 #define CIFSSEC_MAX CIFSSEC_MUST_SIGN | CIFSSEC_MUST_NTLMV2 +#define CIFSSEC_AUTH_MASK (CIFSSEC_MAY_NTLM | CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_LANMAN | CIFSSEC_MAY_PLNTXT | CIFSSEC_MAY_KRB5) /* * * All constants go here diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 90b8f8d..fda8b24 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -438,8 +438,13 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) pSMB-hdr.Mid = GetNextMid(server); pSMB-hdr.Flags2 |= (SMBFLG2_UNICODE | SMBFLG2_ERR_STATUS); + if ((secFlags CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5) pSMB-hdr.Flags2 |= SMBFLG2_EXT_SEC; + else if ((secFlags CIFSSEC_AUTH_MASK) == CIFSSEC_MAY_KRB5) { + cFYI(1, (Kerberos only mechanism, enable extended security)); + pSMB-hdr.Flags2 |= SMBFLG2_EXT_SEC; + } count = 0; for (i = 0; i CIFS_NUM_PROT; i++) { @@ -573,7 +578,20 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) server-secType = NTLM; else if (secFlags CIFSSEC_MAY_NTLMV2) server-secType = NTLMv2; - /* else krb5 ... any others ... */ + else if (secFlags CIFSSEC_MAY_KRB5) + server-secType = Kerberos; + else if (secFlags CIFSSEC_MAY_LANMAN) + server-secType = LANMAN; +/* #ifdef CONFIG_CIFS_EXPERIMENTAL + else if (secFlags CIFSSEC_MAY_PLNTXT) + server-secType = ?? +#endif */ + else { + rc = -EOPNOTSUPP; + cERROR(1, (Invalid security type)); + goto neg_err_exit; + } + /* else ... any others ...? */ /* one byte, so no need to convert this or EncryptionKeyLen from little endian */ @@ -3089,8 +3107,7
[CIFS] Reduce chance of list corruption in find_writable_file
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9b22b0b726c6e46048767728a0900c8c05f93c21 Commit: 9b22b0b726c6e46048767728a0900c8c05f93c21 Parent: 4084973dbae9a24e58598d6cdf60f0e5e4a3cabf Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Oct 2 01:11:08 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 2 01:11:08 2007 + [CIFS] Reduce chance of list corruption in find_writable_file When find_writable_file is racing with close and the session to the server goes down, Shaggy noticed that there was a chance that an open file in the list of files off the inode could have been freed by close since cifs_reconnect can block (the spinlock thus not held). This means that we have to start over at the beginning of the list in some cases. There is a 2nd change that needs to be made later (pointed out by Jeremy Allison and Shaggy) in order to prevent cifs_close ever freeing the cifs per file info when a write is pending. Although we delay close from freeing this memory for sufficiently long for all known cases, ultimately on a very, very slow write overlapping a close pending we need to allow close to return (without freeing the cifs file info) and defer freeing the memory to be the responsibility of the (slw) write thread (presumably have to look at every place wrtPending is decremented - and add a flag for deferred free for after wrtPending goes to zero). Acked-by: Shaggy [EMAIL PROTECTED] Acked-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/file.c | 54 +++--- 1 files changed, 39 insertions(+), 15 deletions(-) diff --git a/fs/cifs/file.c b/fs/cifs/file.c index 7925491..780c0e3 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -1042,6 +1042,7 @@ struct cifsFileInfo *find_writable_file(struct cifsInodeInfo *cifs_inode) } read_lock(GlobalSMBSeslock); +refind_writable: list_for_each_entry(open_file, cifs_inode-openFileList, flist) { if (open_file-closePend) continue; @@ -1049,26 +1050,49 @@ struct cifsFileInfo *find_writable_file(struct cifsInodeInfo *cifs_inode) ((open_file-pfile-f_flags O_RDWR) || (open_file-pfile-f_flags O_WRONLY))) { atomic_inc(open_file-wrtPending); + + if (!open_file-invalidHandle) { + /* found a good writable file */ + read_unlock(GlobalSMBSeslock); + return open_file; + } + read_unlock(GlobalSMBSeslock); - if (open_file-invalidHandle) { - rc = cifs_reopen_file(open_file-pfile, FALSE); - /* if it fails, try another handle - might be */ - /* dangerous to hold up writepages with retry */ - if (rc) { - cFYI(1, (wp failed on reopen file)); + /* Had to unlock since following call can block */ + rc = cifs_reopen_file(open_file-pfile, FALSE); + if (!rc) { + if (!open_file-closePend) + return open_file; + else { /* start over in case this was deleted */ + /* since the list could be modified */ read_lock(GlobalSMBSeslock); - /* can not use this handle, no write - pending on this one after all */ atomic_dec(open_file-wrtPending); - continue; + goto refind_writable; } } - if (open_file-closePend) { - read_lock(GlobalSMBSeslock); - atomic_dec(open_file-wrtPending); - continue; - } - return open_file; + + /* if it fails, try another handle if possible - + (we can not do this if closePending since + loop could be modified - in which case we + have to start at the beginning of the list + again. Note that it would be bad + to hold up writepages here (rather than + in caller) with continuous retries */ + cFYI(1, (wp failed on reopen
[CIFS] change misleading field name
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4084973dbae9a24e58598d6cdf60f0e5e4a3cabf Commit: 4084973dbae9a24e58598d6cdf60f0e5e4a3cabf Parent: 92ad9b93cd268371d1fc0edbd09383cc1c59be34 Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Oct 1 19:59:01 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Oct 1 19:59:01 2007 + [CIFS] change misleading field name num_auth is really num_subauth in ACL terminology Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c |4 ++-- fs/cifs/cifsacl.h | 10 -- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 9096910..9b84f37 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -46,11 +46,11 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl) } #ifdef CONFIG_CIFS_DEBUG2 cFYI(1, (revision %d num_auth %d First subauth 0x%x, - psid-revision, psid-num_auth, psid-sub_auth[0])); + psid-revision, psid-num_subauth, psid-sub_auth[0])); /* BB add length check to make sure that we do not have huge num auths and therefore go off the end */ - cFYI(1, (RID 0x%x, le32_to_cpu(psid-sub_auth[psid-num_auth]))); + cFYI(1, (RID 0x%x, le32_to_cpu(psid-sub_auth[psid-num_subauth]))); #endif return 0; } diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index b975ae1..5e7b567 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -33,10 +33,9 @@ struct cifs_ntsd { struct cifs_sid { __u8 revision; /* revision level */ - __u8 num_auth; + __u8 num_subauth; __u8 authority[6]; - __u32 sub_auth[4]; - __u32 rid; + __u32 sub_auth[0]; /* sub_auth[num_subauth] */ } __attribute__((packed)); struct cifs_acl { @@ -54,10 +53,9 @@ struct cifs_ntace { struct cifs_ace { __u8 revision; /* revision level */ - __u8 num_auth; + __u8 num_subauth; __u8 authority[6]; - __u32 sub_auth[4]; - __u32 rid; + __u32 sub_auth[0]; } __attribute__((packed)); /* everyone */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] named pipe support (part 2)
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=92ad9b93cd268371d1fc0edbd09383cc1c59be34 Commit: 92ad9b93cd268371d1fc0edbd09383cc1c59be34 Parent: 7f8ed420f80c91176dfd27c8089f22cab5c9ba78 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sat Sep 29 05:21:58 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Sep 29 05:21:58 2007 + [CIFS] named pipe support (part 2) Also fixes typo which could cause build break Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES|7 ++- fs/cifs/cifsglob.h |2 +- fs/cifs/cifspdu.h |8 fs/cifs/dir.c |5 ++--- 4 files changed, 17 insertions(+), 5 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index ea359a0..c8ad87d 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,7 +1,12 @@ Version 1.51 Fix memory leak in statfs when mounted to very old servers (e.g. -Windows 9x) +Windows 9x). Add new feature POSIX open which allows servers +which support the current POSIX Extensions to provide better semantics +(e.g. delete for open files opened with posix open). Take into +account umask on posix mkdir not just older style mkdir. Add +ability to mount to IPC$ share (which allows CIFS named pipes to be +opened, read and written as if they were files). Version 1.50 diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index f55be8e..3fb046b 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -342,7 +342,7 @@ struct cifsFileInfo { struct list_head llist; /* list of byte range locks we have. */ unsigned closePend:1; /* file is marked to close */ unsigned invalidHandle:1; /* file closed via session abend */ - unsigned messageMode:1/* for pipes: is message or byte mode */ + unsigned messageMode:1;/* for pipes: message vs byte mode */ atomic_t wrtPending; /* handle in use - defer close */ struct semaphore fh_sem; /* prevents reopen race after dead ses*/ char *search_resume_name; /* BB removeme BB */ diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index e975ce4..d2f0cf2 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h @@ -716,6 +716,14 @@ typedef struct smb_com_findclose_req { #define REQ_OPENDIRONLY0x0008 #define REQ_EXTENDED_INFO 0x0010 +/* File type */ +#define DISK_TYPE 0x +#define BYTE_PIPE_TYPE 0x0001 +#define MESSAGE_PIPE_TYPE 0x0002 +#define PRINTER_TYPE 0x0003 +#define COMM_DEV_TYPE 0x0004 +#define UNKNOWN_TYPE 0x + typedef struct smb_com_open_req { /* also handles create */ struct smb_hdr hdr; /* wct = 24 */ __u8 AndXCommand; diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c index 99321ab..793404b 100644 --- a/fs/cifs/dir.c +++ b/fs/cifs/dir.c @@ -269,7 +269,7 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode, CIFSSMBClose(xid, pTcon, fileHandle); } else if (newinode) { pCifsFile = - kzalloc(sizeof (struct cifsFileInfo), GFP_KERNEL); + kzalloc(sizeof(struct cifsFileInfo), GFP_KERNEL); if (pCifsFile == NULL) goto cifs_create_out; @@ -450,8 +450,7 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry, xid = GetXid(); - cFYI(1, -( parent inode = 0x%p name is: %s and dentry = 0x%p, + cFYI(1, ( parent inode = 0x%p name is: %s and dentry = 0x%p, parent_dir_inode, direntry-d_name.name, direntry)); /* check whether path exists */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix memory leak in statfs to very old servers
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=407f61a2b482ab9a6d03549ab9513e4a823ae4a2 Commit: 407f61a2b482ab9a6d03549ab9513e4a823ae4a2 Parent: 65874007c36930317c7a56d814a6a3e2966daaa8 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Sep 28 06:53:39 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Sep 28 06:53:39 2007 + [CIFS] Fix memory leak in statfs to very old servers We were allocating request buffers twice in the statfs path when mounted to very old (Windows 9x) servers. Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |5 + fs/cifs/cifssmb.c |4 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 41e3b6a..ea359a0 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,3 +1,8 @@ +Version 1.51 + +Fix memory leak in statfs when mounted to very old servers (e.g. +Windows 9x) + Version 1.50 Fix NTLMv2 signing. NFS server mounted over cifs works (if cifs mount is diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index cc05a26..a6ff324 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -4045,10 +4045,6 @@ oldQFSInfoRetry: (void **) pSMBr); if (rc) return rc; - rc = smb_init(SMB_COM_TRANSACTION2, 15, tcon, (void **) pSMB, - (void **) pSMBr); - if (rc) - return rc; params = 2; /* level */ pSMB-TotalDataCount = 0; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Support for CIFS ACLs (part 1)
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=442aa310f3bc49cf4e059da790fbae62411d50db Commit: 442aa310f3bc49cf4e059da790fbae62411d50db Parent: 2224f4e5d5317552d48ce9059761148b1516ba5d Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Sep 24 20:25:46 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Sep 24 20:25:46 2007 + [CIFS] Support for CIFS ACLs (part 1) Add code to be able to dump CIFS ACL information when Query Posix ACL with cifsacl mount parm enabled. Signed-off-by: Shirish Pargoankar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.h | 34 - fs/cifs/cifsglob.h | 12 ++ fs/cifs/cifssmb.c | 101 +-- fs/cifs/connect.c |4 +- 4 files changed, 143 insertions(+), 8 deletions(-) diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 5eff35d..97d03dc 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -22,12 +22,42 @@ #ifndef _CIFSACL_H #define _CIFSACL_H +struct cifs_ntsd { + __u16 revision; /* revision level */ + __u16 type; + __u32 osidoffset; + __u32 gsidoffset; + __u32 sacloffset; + __u32 dacloffset; +} __attribute__((packed)); + struct cifs_sid { __u8 revision; /* revision level */ - __u8 num_subauths; + __u8 num_auth; + __u8 authority[6]; + __u32 sub_auth[4]; + __u32 rid; +} __attribute__((packed)); + +struct cifs_acl { + __u16 revision; /* revision level */ + __u16 size; + __u32 num_aces; +} __attribute__((packed)); + +struct cifs_ntace { + __u8 type; + __u8 flags; + __u16 size; + __u32 access_req; +} __attribute__((packed)); + +struct cifs_ace { + __u8 revision; /* revision level */ + __u8 num_auth; __u8 authority[6]; __u32 sub_auth[4]; - /* next sub_auth if any ... */ + __u32 rid; } __attribute__((packed)); /* everyone */ diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index b98742f..bb468de 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -19,6 +19,7 @@ #include linux/in.h #include linux/in6.h #include cifs_fs_sb.h +#include cifsacl.h /* * The sizes of various internal tables and strings */ @@ -115,6 +116,17 @@ struct mac_key { } data; }; +struct cifs_cred { + int uid; + int gid; + int mode; + int cecount; + struct cifs_sid osid; + struct cifs_sid gsid; + struct cifs_ntace *ntaces; + struct cifs_ace *aces; +}; + /* * * Except the CIFS PDUs themselves all the diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index f33c89c..46c2bb4 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -3048,17 +3048,110 @@ static const struct cifs_sid sid_everyone = static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}}; +static void parse_sid(struct cifs_sid * psid, char * end_of_acl) +{ + /* BB need to add parm so we can store the SID BB */ + + /* validate that we do not go past end of acl */ + if (end_of_acl (char *)psid + sizeof(struct cifs_sid)) { + cERROR(1, (ACL to small to parse SID)); + return; + } +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (revision %d num_auth %d First subauth 0x%x, + psid-revision, psid-num_auth, psid-sub_auth[0])); + + /* BB add length check to make sure that we do not have huge num auths + and therefore go off the end */ + cFYI(1, (RID 0x%x, le32_to_cpu(psid-sub_auth[psid-num_auth]))); +#endif + return; +} + /* Convert CIFS ACL to POSIX form */ -static int parse_sec_desc(struct cifs_sid *psec_desc, int acl_len) +static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) { - return 0; + int i; + int num_aces = 0; + int acl_size; + struct cifs_sid *owner_sid_ptr, *group_sid_ptr; + struct cifs_acl *dacl_ptr; /* no need for SACL ptr */ + struct cifs_ntace **ppntace; + struct cifs_ace **ppace; + char *acl_base; + char *end_of_acl = ((char *)pntsd) + acl_len; + + owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + + cpu_to_le32(pntsd-osidoffset)); + group_sid_ptr = (struct cifs_sid *)((char *)pntsd + + cpu_to_le32(pntsd-gsidoffset)); + dacl_ptr = (struct cifs_acl *)((char *)pntsd + + cpu_to_le32(pntsd-dacloffset)); +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1,(revision %d type 0x%x ooffset 0x%x goffset 0x%x + sacloffset 0x%x dacloffset 0x%x, pntsd-revision, pntsd-type, + pntsd-osidoffset, pntsd-gsidoffset, pntsd-sacloffset, + pntsd-dacloffset)); +#endif + parse_sid
[CIFS] fix typo in previous commit
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2224f4e5d5317552d48ce9059761148b1516ba5d Commit: 2224f4e5d5317552d48ce9059761148b1516ba5d Parent: 1e71f25d14d70f2bf607b40ab6d7e18daca57f36 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Sep 20 15:37:29 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Sep 20 15:37:29 2007 + [CIFS] fix typo in previous commit Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 73ed9fc..5c3cc64 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1750,7 +1750,7 @@ void reset_cifs_unix_caps(int xid, struct cifsTconInfo *tcon, mounting with the Unix Extensions\n disabled, if problems are found, by specifying the nounix mount - option.); + option.)); } } - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Add warning message when broken server fails SetFSInfo call
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5a44b3190e3441986648ff664ef045685995324b Commit: 5a44b3190e3441986648ff664ef045685995324b Parent: c45d707f67b82236fcf9ca2af31c264669368b9b Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Sep 20 15:16:24 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Sep 20 15:16:24 2007 + [CIFS] Add warning message when broken server fails SetFSInfo call A reasonably common NAS server returns an error on the SetFSInfo of the Unix capabilities. Log a message for this alerting the user that the server may have problems with the Unix extensions, and telling them what they can do to workaround it. Unfortunately the server does not return other clues that we could easily use to turn the Unix Extension support off automatically in this case (since they claim to support it). Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c | 11 ++- 1 files changed, 10 insertions(+), 1 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 5f2ec19..73ed9fc 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1742,7 +1742,16 @@ void reset_cifs_unix_caps(int xid, struct cifsTconInfo *tcon, cFYI(1, (very large write cap)); #endif /* CIFS_DEBUG2 */ if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) { - cFYI(1, (setting capabilities failed)); + if (vol_info == NULL) + cFYI(1, (resetting capabilities failed)); + else + cERROR(1, (Negotiating Unix capabilities + with the server failed. Consider + mounting with the Unix Extensions\n + disabled, if problems are found, + by specifying the nounix mount + option.); + } } } - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fallback to standard mkdir if server incorrectly claims support for
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c45d707f67b82236fcf9ca2af31c264669368b9b Commit: c45d707f67b82236fcf9ca2af31c264669368b9b Parent: 5a07cdf86c1485b570789fb660c8ada7c2635b23 Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Sep 17 02:04:21 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Sep 17 02:04:21 2007 + [CIFS] Fallback to standard mkdir if server incorrectly claims support for posix ops Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsfs.h |2 +- fs/cifs/inode.c |7 +-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index dd64cec..13c53a4 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -101,5 +101,5 @@ extern ssize_t cifs_getxattr(struct dentry *, const char *, void *, size_t); extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); extern int cifs_ioctl(struct inode *inode, struct file *filep, unsigned int command, unsigned long arg); -#define CIFS_VERSION 1.50 +#define CIFS_VERSION 1.51 #endif /* _CIFSFS_H */ diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index 9dffa93..552d68b 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -925,7 +925,10 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) full_path, cifs_sb-local_nls, cifs_sb-mnt_cifs_flags CIFS_MOUNT_MAP_SPECIAL_CHR); - if (rc) { + if (rc == -EOPNOTSUPP) { + kfree(pInfo); + goto mkdir_retry_old; + } else if (rc) { cFYI(1, (posix mkdir returned 0x%x, rc)); d_drop(direntry); } else { @@ -977,7 +980,7 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) kfree(pInfo); goto mkdir_out; } - +mkdir_retry_old: /* BB add setting the equivalent of mode via CreateX w/ACLs */ rc = CIFSSMBMkDir(xid, pTcon, full_path, cifs_sb-local_nls, cifs_sb-mnt_cifs_flags CIFS_MOUNT_MAP_SPECIAL_CHR); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] missing field in debug output from previous fix
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a23d30698190f05491a6096f027311f94d4d26d5 Commit: a23d30698190f05491a6096f027311f94d4d26d5 Parent: 88f370a688e765de9755a343702ca04e6817e5f5 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sat Sep 15 03:43:47 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Sep 15 03:43:47 2007 + [CIFS] missing field in debug output from previous fix Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_debug.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index 0356694..56c5d91 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c @@ -213,7 +213,8 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset, tcon-treeName, atomic_read(tcon-useCount)); buf += length; if (tcon-nativeFileSystem) { - length = sprintf(Type: %s , tcon-nativeFileSystem); + length = sprintf(buf, Type: %s , +tcon-nativeFileSystem); buf += length; } length = sprintf(buf, DevInfo: 0x%x Attributes: 0x%x - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] lock inode open file list in close in case racing with open
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4efa53f0907bb4378015c129a2c11b8d3a90bce2 Commit: 4efa53f0907bb4378015c129a2c11b8d3a90bce2 Parent: 15745320f374aa6cbfe4836b76469159c0f49640 Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Sep 11 05:50:53 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Sep 11 05:50:53 2007 + [CIFS] lock inode open file list in close in case racing with open Harmless since it only protected turning off caching for the inode, but cleaner to lock around this in case we have a close racing with open. Signed-off-by: Shaggy [EMAIL PROTECTED] CC: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/file.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/fs/cifs/file.c b/fs/cifs/file.c index b1807fd..7925491 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -545,6 +545,7 @@ int cifs_close(struct inode *inode, struct file *file) } else rc = -EBADF; + read_lock(GlobalSMBSeslock); if (list_empty((CIFS_I(inode)-openFileList))) { cFYI(1, (closing last open instance for inode %p, inode)); /* if the file is not open we do not know if we can cache info @@ -552,6 +553,7 @@ int cifs_close(struct inode *inode, struct file *file) CIFS_I(inode)-clientCanCacheRead = FALSE; CIFS_I(inode)-clientCanCacheAll = FALSE; } + read_unlock(GlobalSMBSeslock); if ((rc == 0) CIFS_I(inode)-write_behind_rc) rc = CIFS_I(inode)-write_behind_rc; FreeXid(xid); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] formatting cleanup found by checkpatch
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=26f57364d7cdef9d7ebe27c931fff5e4f21ffb1c Commit: 26f57364d7cdef9d7ebe27c931fff5e4f21ffb1c Parent: f01d5e14e764b14b6bf5512678523d009254b209 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Aug 30 22:09:15 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Aug 30 22:09:15 2007 + [CIFS] formatting cleanup found by checkpatch Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/asn1.c | 10 -- fs/cifs/cifsfs.c| 20 ++-- fs/cifs/cifsfs.h|2 +- fs/cifs/cifspdu.h |6 +++--- fs/cifs/cifsproto.h |2 +- fs/cifs/cifssmb.c | 44 fs/cifs/connect.c | 48 fs/cifs/readdir.c |2 +- fs/cifs/sess.c | 27 ++- fs/cifs/transport.c | 24 ++-- 10 files changed, 80 insertions(+), 105 deletions(-) diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c index f50a88d..2a01f3e 100644 --- a/fs/cifs/asn1.c +++ b/fs/cifs/asn1.c @@ -385,10 +385,9 @@ asn1_oid_decode(struct asn1_ctx *ctx, unsigned long *optr; size = eoc - ctx-pointer + 1; - *oid = kmalloc(size * sizeof (unsigned long), GFP_ATOMIC); - if (*oid == NULL) { + *oid = kmalloc(size * sizeof(unsigned long), GFP_ATOMIC); + if (*oid == NULL) return 0; - } optr = *oid; @@ -581,9 +580,8 @@ decode_negTokenInit(unsigned char *security_blob, int length, return 0; } else if ((cls != ASN1_UNI) || (con != ASN1_CON) || (tag != ASN1_SEQ)) { - cFYI(1, -(Exit 6 cls = %d con = %d tag = %d end = %p (%d), - cls, con, tag, end, *end)); + cFYI(1, (cls = %d con = %d tag = %d end = %p (%d), + cls, con, tag, end, *end)); } if (asn1_header_decode(ctx, end, cls, con, tag) == 0) { diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index 2493cc4..c7c3521 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -240,9 +240,9 @@ static int cifs_permission(struct inode *inode, int mask, struct nameidata *nd) cifs_sb = CIFS_SB(inode-i_sb); - if (cifs_sb-mnt_cifs_flags CIFS_MOUNT_NO_PERM) { + if (cifs_sb-mnt_cifs_flags CIFS_MOUNT_NO_PERM) return 0; - } else /* file mode might have been restricted at mount time + else /* file mode might have been restricted at mount time on the client (above and beyond ACL on servers) for servers which do not support setting and viewing mode bits, so allowing client to check permissions is useful */ @@ -716,7 +716,7 @@ static int cifs_init_inodecache(void) { cifs_inode_cachep = kmem_cache_create(cifs_inode_cache, - sizeof (struct cifsInodeInfo), + sizeof(struct cifsInodeInfo), 0, (SLAB_RECLAIM_ACCOUNT| SLAB_MEM_SPREAD), cifs_init_once); @@ -816,8 +816,8 @@ static int cifs_init_mids(void) { cifs_mid_cachep = kmem_cache_create(cifs_mpx_ids, - sizeof (struct mid_q_entry), 0, - SLAB_HWCACHE_ALIGN, NULL); + sizeof(struct mid_q_entry), 0, + SLAB_HWCACHE_ALIGN, NULL); if (cifs_mid_cachep == NULL) return -ENOMEM; @@ -829,8 +829,8 @@ cifs_init_mids(void) } cifs_oplock_cachep = kmem_cache_create(cifs_oplock_structs, - sizeof (struct oplock_q_entry), 0, - SLAB_HWCACHE_ALIGN, NULL); + sizeof(struct oplock_q_entry), 0, + SLAB_HWCACHE_ALIGN, NULL); if (cifs_oplock_cachep == NULL) { mempool_destroy(cifs_mid_poolp); kmem_cache_destroy(cifs_mid_cachep); @@ -882,7 +882,8 @@ static int cifs_oplock_thread(void *dummyarg) the call */ /* mutex_lock(inode-i_mutex);*/ if (S_ISREG(inode-i_mode)) { - rc = filemap_fdatawrite(inode-i_mapping); + rc = + filemap_fdatawrite(inode-i_mapping); if (CIFS_I(inode)-clientCanCacheRead == 0
[CIFS][KJ] use abs() from kernel.h where appropriate
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8594c15ad226227aaf178b7cf57f2e7291684dd4 Commit: 8594c15ad226227aaf178b7cf57f2e7291684dd4 Parent: c19eb71020687e178b9fa564f4a8ac1880f87b10 Author: Andre Haupt [EMAIL PROTECTED] AuthorDate: Thu Aug 30 20:18:41 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Aug 30 20:18:41 2007 + [CIFS][KJ] use abs() from kernel.h where appropriate Signed-off-by: Andrew Haupt [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifssmb.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 8eb102f..4795143 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -513,7 +513,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) (int)ts.tv_sec, (int)utc.tv_sec, (int)(utc.tv_sec - ts.tv_sec))); val = (int)(utc.tv_sec - ts.tv_sec); - seconds = val 0 ? -val : val; + seconds = abs(val); result = (seconds / MIN_TZ_ADJ) * MIN_TZ_ADJ; remain = seconds % MIN_TZ_ADJ; if (remain = (MIN_TZ_ADJ / 2)) - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix unbalanced call to GetXid/FreeXid
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=95ba7362105646523ee712fd252ec2e34ccbec15 Commit: 95ba7362105646523ee712fd252ec2e34ccbec15 Parent: 8064ab4da104900505f33535d230ce0da5d18341 Author: Cyrill Gorcunov [EMAIL PROTECTED] AuthorDate: Fri Aug 24 00:23:36 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Aug 24 00:23:36 2007 + [CIFS] Fix unbalanced call to GetXid/FreeXid Signed-off-by: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsfs.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index cabb6a5..2493cc4 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -346,7 +346,7 @@ int cifs_xquota_set(struct super_block *sb, int quota_type, qid_t qid, if (pTcon) { cFYI(1, (set type: 0x%x id: %d, quota_type, qid)); } else { - return -EIO; + rc = -EIO; } FreeXid(xid); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] endian fixes
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=adbc03587c17e8f50478c1d7744a454cfb9e0653 Commit: adbc03587c17e8f50478c1d7744a454cfb9e0653 Parent: ce51ae14ae141eacecf2801f9a3646a737ce64a0 Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 17 02:12:46 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 17 02:12:46 2007 + [CIFS] endian fixes Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 9c4a296..b1f448f 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -115,8 +115,8 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) } /* compare all of the subauth values if any */ - num_sat = cpu_to_le32(ctsid-num_subauth); - num_saw = cpu_to_le32(cwsid-num_subauth); + num_sat = ctsid-num_subauth; + num_saw = cwsid-num_subauth); num_subauth = num_sat num_saw ? num_sat : num_saw; if (num_subauth) { for (i = 0; i num_subauth; ++i) { @@ -206,7 +206,7 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) acl_base = (char *)pdacl; acl_size = sizeof(struct cifs_acl); - num_aces = cpu_to_le32(pdacl-num_aces); + num_aces = le32_to_cpu(pdacl-num_aces); if (num_aces 0) { ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *), GFP_KERNEL); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] endian fixes in new acl code
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ce51ae14ae141eacecf2801f9a3646a737ce64a0 Commit: ce51ae14ae141eacecf2801f9a3646a737ce64a0 Parent: af6f4612fdfd782c6d35272836a2b97e7e5b790e Author: Dave Kleikamp [EMAIL PROTECTED] AuthorDate: Tue Oct 16 21:35:39 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 16 21:35:39 2007 + [CIFS] endian fixes in new acl code Signed-off-by: Dave Kleikamp [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 22 +++--- 1 files changed, 11 insertions(+), 11 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 4735e9b..9c4a296 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -34,11 +34,11 @@ static struct cifs_wksid wksidarr[NUM_WK_SIDS] = { {{1, 0, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0, 0} }, null user}, {{1, 1, {0, 0, 0, 0, 0, 1}, {0, 0, 0, 0, 0} }, nobody}, - {{1, 1, {0, 0, 0, 0, 0, 5}, {11, 0, 0, 0, 0} }, net-users}, - {{1, 1, {0, 0, 0, 0, 0, 5}, {18, 0, 0, 0, 0} }, sys}, - {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 544, 0, 0, 0} }, root}, - {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0, 0} }, users}, - {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 546, 0, 0, 0} }, guest} + {{1, 1, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(11), 0, 0, 0, 0} }, net-users}, + {{1, 1, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(18), 0, 0, 0, 0} }, sys}, + {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(544), 0, 0, 0} }, root}, + {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(545), 0, 0, 0} }, users}, + {{1, 2, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(32), cpu_to_le32(546), 0, 0, 0} }, guest} }; @@ -75,8 +75,8 @@ int match_sid(struct cifs_sid *ctsid) continue; /* all of the auth values did not match */ /* compare all of the subauth values if any */ - num_sat = cpu_to_le32(ctsid-num_subauth); - num_saw = cpu_to_le32(cwsid-num_subauth); + num_sat = ctsid-num_subauth; + num_saw = cwsid-num_subauth; num_subauth = num_sat num_saw ? num_sat : num_saw; if (num_subauth) { for (j = 0; j num_subauth; ++j) { @@ -141,7 +141,7 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) return; } */ - num_subauth = cpu_to_le32(pace-num_subauth); + num_subauth = pace-num_subauth; if (num_subauth) { #ifdef CONFIG_CIFS_DEBUG2 int i; @@ -228,7 +228,7 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) parse_ntace(ppntace[i], end_of_acl); if (end_of_acl ((char *)ppace[i] + - (ppntace[i]-size - + (le16_to_cpu(ppntace[i]-size) - sizeof(struct cifs_ntace { cERROR(1, (ACL too small to parse ACE)); break; @@ -243,7 +243,7 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) sizeof(struct cifs_ace)); */ acl_base = (char *)ppntace[i]; - acl_size = cpu_to_le32(ppntace[i]-size); + acl_size = le16_to_cpu(ppntace[i]-size); } kfree(ppace); @@ -307,7 +307,7 @@ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) pntsd-revision, pntsd-type, le32_to_cpu(pntsd-osidoffset), le32_to_cpu(pntsd-gsidoffset), le32_to_cpu(pntsd-sacloffset), -le32_to_cpu(pntsd-dacloffset)); +le32_to_cpu(pntsd-dacloffset))); #endif rc = parse_sid(owner_sid_ptr, end_of_acl); if (rc) - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Break up unicode_sessetup string functions
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0d3a01fadacef5901005dc8f61688a8f0471dc79 Commit: 0d3a01fadacef5901005dc8f61688a8f0471dc79 Parent: e187e44eb8902089da0c7725d606b0e20fee981d Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Tue Oct 16 17:32:19 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 16 17:32:19 2007 + [CIFS] Break up unicode_sessetup string functions SPNEGO setup needs only some of these strings. Break up unicode_ssetup_strings so we can call them individually. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsglob.h |8 +- fs/cifs/sess.c | 73 ++-- 2 files changed, 55 insertions(+), 26 deletions(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 61d6173..9b7762c 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -495,9 +495,15 @@ require use of the stronger protocol */ #ifdef CONFIG_CIFS_WEAK_PW_HASH #define CIFSSEC_MUST_LANMAN 0x10010 #define CIFSSEC_MUST_PLNTXT 0x20020 +#ifdef CONFIG_CIFS_UPCALL +#define CIFSSEC_MASK 0x3F03F /* allows weak security but also krb5 */ +#else #define CIFSSEC_MASK 0x37037 /* current flags supported if weak */ +#else /* do not allow weak pw hash */ +#ifdef CONFIG_CIFS_UPCALL +#define CIFSSEC_MASK 0x0F00F /* flags supported if no weak allowed */ #else -#define CIFSSEC_MASK 0x07007 /* flags supported if no weak config */ +#define CIFSSEC_MASK 0x07007 /* flags supported if no weak allowed */ #endif /* WEAK_PW_HASH */ #define CIFSSEC_MUST_SEAL0x40040 /* not supported yet */ diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 78797c0..c74a064 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -74,6 +74,52 @@ static __u32 cifs_ssetup_hdr(struct cifsSesInfo *ses, SESSION_SETUP_ANDX *pSMB) return capabilities; } +static void +unicode_oslm_strings(char **pbcc_area, const struct nls_table *nls_cp) +{ + char *bcc_ptr = *pbcc_area; + int bytes_ret = 0; + + /* Copy OS version */ + bytes_ret = cifs_strtoUCS((__le16 *)bcc_ptr, Linux version , 32, + nls_cp); + bcc_ptr += 2 * bytes_ret; + bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, init_utsname()-release, + 32, nls_cp); + bcc_ptr += 2 * bytes_ret; + bcc_ptr += 2; /* trailing null */ + + bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS, + 32, nls_cp); + bcc_ptr += 2 * bytes_ret; + bcc_ptr += 2; /* trailing null */ + + *pbcc_area = bcc_ptr; +} + +static void unicode_domain_string(char **pbcc_area, struct cifsSesInfo *ses, + const struct nls_table *nls_cp) +{ + char *bcc_ptr = *pbcc_area; + int bytes_ret = 0; + + /* copy domain */ + if (ses-domainName == NULL) { + /* Sending null domain better than using a bogus domain name (as + we did briefly in 2.6.18) since server will use its default */ + *bcc_ptr = 0; + *(bcc_ptr+1) = 0; + bytes_ret = 0; + } else + bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, ses-domainName, + 256, nls_cp); + bcc_ptr += 2 * bytes_ret; + bcc_ptr += 2; /* account for null terminator */ + + *pbcc_area = bcc_ptr; +} + + static void unicode_ssetup_strings(char **pbcc_area, struct cifsSesInfo *ses, const struct nls_table *nls_cp) { @@ -99,32 +145,9 @@ static void unicode_ssetup_strings(char **pbcc_area, struct cifsSesInfo *ses, } bcc_ptr += 2 * bytes_ret; bcc_ptr += 2; /* account for null termination */ - /* copy domain */ - if (ses-domainName == NULL) { - /* Sending null domain better than using a bogus domain name (as - we did briefly in 2.6.18) since server will use its default */ - *bcc_ptr = 0; - *(bcc_ptr+1) = 0; - bytes_ret = 0; - } else - bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, ses-domainName, - 256, nls_cp); - bcc_ptr += 2 * bytes_ret; - bcc_ptr += 2; /* account for null terminator */ - /* Copy OS version */ - bytes_ret = cifs_strtoUCS((__le16 *)bcc_ptr, Linux version , 32, - nls_cp); - bcc_ptr += 2 * bytes_ret; - bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, init_utsname()-release, - 32, nls_cp); - bcc_ptr += 2 * bytes_ret; - bcc_ptr += 2; /* trailing null */ - - bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS
[CIFS] fix build break when lanman not enabled
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=516897a208bc1423d561ce2ccce0624c3b652275 Commit: 516897a208bc1423d561ce2ccce0624c3b652275 Parent: 2c2130e16f0e134aa65515fd0c2436fda465b1b6 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Oct 12 19:24:06 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Oct 12 19:24:06 2007 + [CIFS] fix build break when lanman not enabled Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsglob.h |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index fbde55c..61d6173 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -479,6 +479,9 @@ struct dir_notify_req { #ifdef CONFIG_CIFS_WEAK_PW_HASH #define CIFSSEC_MAY_LANMAN 0x00010 #define CIFSSEC_MAY_PLNTXT 0x00020 +#else +#define CIFSSEC_MAY_LANMAN0 +#define CIFSSEC_MAY_PLNTXT0 #endif /* weak passwords */ #define CIFSSEC_MAY_SEAL 0x00040 /* not supported yet */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] CIFS ACL support part 3
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=297647c21f11dc1449f9bdb1601ae43e951bba0b Commit: 297647c21f11dc1449f9bdb1601ae43e951bba0b Parent: a013689ddb2a4ba5f0452c053c0bf00bafb686f1 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Oct 12 04:11:59 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Oct 12 04:11:59 2007 + [CIFS] CIFS ACL support part 3 Signed-off-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |5 ++- fs/cifs/cifsacl.c | 120 fs/cifs/cifsacl.h | 24 --- fs/cifs/cifsfs.c |4 -- fs/cifs/cifsfs.h |7 +++- fs/cifs/cifssmb.c |2 + fs/cifs/export.c |1 + 7 files changed, 141 insertions(+), 22 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index c8ad87d..13071fa 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -6,7 +6,10 @@ which support the current POSIX Extensions to provide better semantics (e.g. delete for open files opened with posix open). Take into account umask on posix mkdir not just older style mkdir. Add ability to mount to IPC$ share (which allows CIFS named pipes to be -opened, read and written as if they were files). +opened, read and written as if they were files). When 1st tree +connect fails (e.g. due to signing negotiation failure) fix +leak that causes cifsd not to stop and rmmod to fail to cleanup +cifs_request_buffers pool. Version 1.50 diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 52f9cb8..43ab26f 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -28,6 +28,20 @@ #include cifsproto.h #include cifs_debug.h + +#ifdef CONFIG_CIFS_EXPERIMENTAL + +struct cifs_wksid wksidarr[NUM_WK_SIDS] = { + {{1, 0, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0, 0} }, null user}, + {{1, 1, {0, 0, 0, 0, 0, 1}, {0, 0, 0, 0, 0} }, nobody}, + {{1, 1, {0, 0, 0, 0, 0, 5}, {11, 0, 0, 0, 0} }, net-users}, + {{1, 1, {0, 0, 0, 0, 0, 5}, {18, 0, 0, 0, 0} }, sys}, + {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 544, 0, 0, 0} }, root}, + {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0, 0} }, users}, + {{1, 2, {0, 0, 0, 0, 0, 5}, {32, 546, 0, 0, 0} }, guest} +}; + + /* security id for everyone */ static const struct cifs_sid sid_everyone = {1, 1, {0, 0, 0, 0, 0, 0}, {} }; @@ -35,33 +49,113 @@ static const struct cifs_sid sid_everyone = static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} }; + +int match_sid(struct cifs_sid *ctsid) +{ + int i, j; + int num_subauth, num_sat, num_saw; + struct cifs_sid *cwsid; + + if (!ctsid) + return (-1); + + for (i = 0; i NUM_WK_SIDS; ++i) { + cwsid = (wksidarr[i].cifssid); + + /* compare the revision */ + if (ctsid-revision != cwsid-revision) + continue; + + /* compare all of the six auth values */ + for (j = 0; j 6; ++j) { + if (ctsid-authority[j] != cwsid-authority[j]) + break; + } + if (j 6) + continue; /* all of the auth values did not match */ + + /* compare all of the subauth values if any */ + num_sat = cpu_to_le32(ctsid-num_subauth); + num_saw = cpu_to_le32(cwsid-num_subauth); + num_subauth = num_sat num_saw ? num_sat : num_saw; + if (num_subauth) { + for (j = 0; j num_subauth; ++j) { + if (ctsid-sub_auth[j] != cwsid-sub_auth[j]) + break; + } + if (j num_subauth) + continue; /* all sub_auth values do not match */ + } + + cFYI(1, (matching sid: %s\n, wksidarr[i].sidname)); + return (0); /* sids compare/match */ + } + + cFYI(1, (No matching sid)); + return (-1); +} + + +int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) +{ + int i; + int num_subauth, num_sat, num_saw; + + if ((!ctsid) || (!cwsid)) + return (-1); + + /* compare the revision */ + if (ctsid-revision != cwsid-revision) + return (-1); + + /* compare all of the six auth values */ + for (i = 0; i 6; ++i) { + if (ctsid-authority[i] != cwsid-authority[i]) + return (-1); + } + + /* compare all of the subauth values if any */ + num_sat = cpu_to_le32(ctsid-num_subauth); + num_saw = cpu_to_le32(cwsid-num_subauth); + num_subauth = num_sat num_saw ? num_sat : num_saw; + if (num_subauth) { + for (i = 0; i num_subauth; ++i
[CIFS] Cleanup formatting
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d12fd121afd4f87cbc7675f8f6b651d649534f15 Commit: d12fd121afd4f87cbc7675f8f6b651d649534f15 Parent: d0d66c443aefa51d5dbdd6a1d9b135a2a0e469cc Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 3 19:43:19 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 3 19:43:19 2007 + [CIFS] Cleanup formatting Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 78 ++-- fs/cifs/xattr.c | 19 - 2 files changed, 51 insertions(+), 46 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 23bff01..52f9cb8 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -30,12 +30,12 @@ /* security id for everyone */ static const struct cifs_sid sid_everyone = - {1, 1, {0, 0, 0, 0, 0, 0}, {}}; + {1, 1, {0, 0, 0, 0, 0, 0}, {} }; /* group users */ static const struct cifs_sid sid_user = - {1, 2 , {0, 0, 0, 0, 0, 5}, {}}; + {1, 2 , {0, 0, 0, 0, 0, 5}, {} }; -static void parse_ace(struct cifs_ace * pace, char * end_of_acl) +static void parse_ace(struct cifs_ace *pace, char *end_of_acl) { int i; int num_subauth; @@ -50,27 +50,27 @@ static void parse_ace(struct cifs_ace * pace, char * end_of_acl) num_subauth = cpu_to_le32(pace-num_subauth); if (num_subauth) { psub_auth = (__u32 *)((char *)pace + sizeof(struct cifs_ace)); -#ifdef CONFIG_CIFS_DEBUG2 - cFYI(1, (ACE revision %d num_subauth %d, - pace-revision, pace-num_subauth)); - for (i = 0; i num_subauth; ++i) { - cFYI(1, (ACE sub_auth[%d]: 0x%x, i, - le32_to_cpu(psub_auth[i]))); - } - - /* BB add length check to make sure that we do not have huge - num auths and therefore go off the end */ - - cFYI(1, (RID %d, le32_to_cpu(psub_auth[num_subauth-1]))); -#endif - } - - return; -} - -static void parse_ntace(struct cifs_ntace * pntace, char * end_of_acl) -{ - /* validate that we do not go past end of acl */ +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (ACE revision %d num_subauth %d, + pace-revision, pace-num_subauth)); + for (i = 0; i num_subauth; ++i) { + cFYI(1, (ACE sub_auth[%d]: 0x%x, i, + le32_to_cpu(psub_auth[i]))); + } + + /* BB add length check to make sure that we do not have huge + num auths and therefore go off the end */ + + cFYI(1, (RID %d, le32_to_cpu(psub_auth[num_subauth-1]))); +#endif + } + + return; +} + +static void parse_ntace(struct cifs_ntace *pntace, char *end_of_acl) +{ + /* validate that we do not go past end of acl */ if (end_of_acl (char *)pntace + sizeof(struct cifs_ntace)) { cERROR(1, (ACL too small to parse NT ACE)); return; @@ -86,7 +86,7 @@ static void parse_ntace(struct cifs_ntace * pntace, char * end_of_acl) -static void parse_dacl(struct cifs_acl * pdacl, char * end_of_acl) +static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) { int i; int num_aces = 0; @@ -118,11 +118,11 @@ static void parse_dacl(struct cifs_acl * pdacl, char * end_of_acl) ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), GFP_KERNEL); -/* cifscred-cecount = pdacl-num_aces; -cifscred-ntaces = kmalloc(num_aces * -sizeof(struct cifs_ntace *), GFP_KERNEL); -cifscred-aces = kmalloc(num_aces * -sizeof(struct cifs_ace *), GFP_KERNEL);*/ +/* cifscred-cecount = pdacl-num_aces; + cifscred-ntaces = kmalloc(num_aces * + sizeof(struct cifs_ntace *), GFP_KERNEL); + cifscred-aces = kmalloc(num_aces * + sizeof(struct cifs_ace *), GFP_KERNEL);*/ for (i = 0; i num_aces; ++i) { @@ -134,12 +134,12 @@ static void parse_dacl(struct cifs_acl * pdacl, char * end_of_acl) parse_ntace(ppntace[i], end_of_acl); parse_ace(ppace[i], end_of_acl); -/* memcpy((void *)((cifscred-ntaces[i])), -(void *)ppntace[i], -sizeof(struct cifs_ntace)); -memcpy((void *)((cifscred-aces[i])), -(void *)ppace[i], -sizeof(struct cifs_ace)); */ +/* memcpy((void *)((cifscred-ntaces[i])), + (void *)ppntace[i
[CIFS] CIFS ACL support (part 2)
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d0d66c443aefa51d5dbdd6a1d9b135a2a0e469cc Commit: d0d66c443aefa51d5dbdd6a1d9b135a2a0e469cc Parent: a8a11d399fc3c70f2aa645c7472235a06e8b8efa Author: Shirish Pargaonkar [EMAIL PROTECTED] AuthorDate: Wed Oct 3 18:22:19 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 3 18:22:19 2007 + [CIFS] CIFS ACL support (part 2) Signed-off-by: Shirish Pargaonkar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 203 +-- fs/cifs/cifsacl.h |4 +- fs/cifs/cifsproto.h |2 +- fs/cifs/cifssmb.c |2 +- 4 files changed, 151 insertions(+), 60 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 9b84f37..23bff01 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -24,48 +24,178 @@ #include linux/fs.h #include cifspdu.h #include cifsglob.h +#include cifsacl.h #include cifsproto.h #include cifs_debug.h -#include cifsacl.h /* security id for everyone */ static const struct cifs_sid sid_everyone = - {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}}; + {1, 1, {0, 0, 0, 0, 0, 0}, {}}; /* group users */ static const struct cifs_sid sid_user = - {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}}; + {1, 2 , {0, 0, 0, 0, 0, 5}, {}}; + +static void parse_ace(struct cifs_ace * pace, char * end_of_acl) +{ + int i; + int num_subauth; +__u32 *psub_auth; + + /* validate that we do not go past end of acl */ + if (end_of_acl (char *)pace + sizeof(struct cifs_ace)) { + cERROR(1, (ACL too small to parse ACE)); + return; + } + + num_subauth = cpu_to_le32(pace-num_subauth); + if (num_subauth) { + psub_auth = (__u32 *)((char *)pace + sizeof(struct cifs_ace)); +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (ACE revision %d num_subauth %d, + pace-revision, pace-num_subauth)); + for (i = 0; i num_subauth; ++i) { + cFYI(1, (ACE sub_auth[%d]: 0x%x, i, + le32_to_cpu(psub_auth[i]))); + } + + /* BB add length check to make sure that we do not have huge + num auths and therefore go off the end */ + + cFYI(1, (RID %d, le32_to_cpu(psub_auth[num_subauth-1]))); +#endif + } + + return; +} + +static void parse_ntace(struct cifs_ntace * pntace, char * end_of_acl) +{ + /* validate that we do not go past end of acl */ + if (end_of_acl (char *)pntace + sizeof(struct cifs_ntace)) { + cERROR(1, (ACL too small to parse NT ACE)); + return; + } + +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (NTACE type %d flags 0x%x size %d, access Req 0x%x, + pntace-type, pntace-flags, pntace-size, + pntace-access_req)); +#endif + return; +} + + + +static void parse_dacl(struct cifs_acl * pdacl, char * end_of_acl) +{ + int i; + int num_aces = 0; + int acl_size; + char *acl_base; + struct cifs_ntace **ppntace; + struct cifs_ace **ppace; + + /* BB need to add parm so we can store the SID BB */ + + /* validate that we do not go past end of acl */ + if (end_of_acl (char *)pdacl + pdacl-size) { + cERROR(1, (ACL too small to parse DACL)); + return; + } + +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (DACL revision %d size %d num aces %d, + pdacl-revision, pdacl-size, pdacl-num_aces)); +#endif + + acl_base = (char *)pdacl; + acl_size = sizeof(struct cifs_acl); + + num_aces = cpu_to_le32(pdacl-num_aces); + if (num_aces 0) { + ppntace = kmalloc(num_aces * sizeof(struct cifs_ntace *), + GFP_KERNEL); + ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), + GFP_KERNEL); + +/* cifscred-cecount = pdacl-num_aces; +cifscred-ntaces = kmalloc(num_aces * +sizeof(struct cifs_ntace *), GFP_KERNEL); +cifscred-aces = kmalloc(num_aces * +sizeof(struct cifs_ace *), GFP_KERNEL);*/ + + + for (i = 0; i num_aces; ++i) { + ppntace[i] = (struct cifs_ntace *) + (acl_base + acl_size); + ppace[i] = (struct cifs_ace *) ((char *)ppntace[i] + + sizeof(struct cifs_ntace)); + + parse_ntace(ppntace[i], end_of_acl); + parse_ace(ppace[i], end_of_acl); + +/* memcpy((void *)((cifscred-ntaces[i])), +(void *)ppntace[i
[CIFS] remove some redundant argument checks
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a8a11d399fc3c70f2aa645c7472235a06e8b8efa Commit: a8a11d399fc3c70f2aa645c7472235a06e8b8efa Parent: 9b22b0b726c6e46048767728a0900c8c05f93c21 Author: Mariusz Kozlowski [EMAIL PROTECTED] AuthorDate: Wed Oct 3 16:41:24 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 3 16:41:24 2007 + [CIFS] remove some redundant argument checks This patch does kmalloc + memset conversion to kzalloc and removes some redundant argument checks. Signed-off-by: Mariusz Kozlowski [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c | 22 -- 1 files changed, 8 insertions(+), 14 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 21cac15..fc3a851 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -673,9 +673,8 @@ multi_t2_fnd: server-ssocket = NULL; } /* buffer usuallly freed in free_mid - need to free it here on exit */ - if (bigbuf != NULL) - cifs_buf_release(bigbuf); - if (smallbuf != NULL) + cifs_buf_release(bigbuf); + if (smallbuf) /* no sense logging a debug message if NULL */ cifs_small_buf_release(smallbuf); read_lock(GlobalSMBSeslock); @@ -1910,8 +1909,8 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, return rc; } - srvTcp = kmalloc(sizeof (struct TCP_Server_Info), GFP_KERNEL); - if (srvTcp == NULL) { + srvTcp = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL); + if (!srvTcp) { rc = -ENOMEM; sock_release(csocket); kfree(volume_info.UNC); @@ -1920,7 +1919,6 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, FreeXid(xid); return rc; } else { - memset(srvTcp, 0, sizeof (struct TCP_Server_Info)); memcpy(srvTcp-addr.sockAddr, sin_server, sizeof (struct sockaddr_in)); atomic_set(srvTcp-inFlight, 0); @@ -2529,8 +2527,7 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses, sesssetup_nomem: /* do not return an error on nomem for the info strings, since that could make reconnection harder, and reconnection might be needed to free memory */ - if (smb_buffer) - cifs_buf_release(smb_buffer); + cifs_buf_release(smb_buffer); return rc; } @@ -2868,8 +2865,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, rc = -EIO; } - if (smb_buffer) - cifs_buf_release(smb_buffer); + cifs_buf_release(smb_buffer); return rc; } @@ -3277,8 +3273,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, rc = -EIO; } - if (smb_buffer) - cifs_buf_release(smb_buffer); + cifs_buf_release(smb_buffer); return rc; } @@ -3446,8 +3441,7 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, ses-ipc_tid = smb_buffer_response-Tid; } - if (smb_buffer) - cifs_buf_release(smb_buffer); + cifs_buf_release(smb_buffer); return rc; } - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] fix cut and paste error - missing defines cause cifsacl build error
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=65874007c36930317c7a56d814a6a3e2966daaa8 Commit: 65874007c36930317c7a56d814a6a3e2966daaa8 Parent: bcb020341a7d0fba6cd025f068d40f4ab5c36af8 Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Sep 25 19:53:44 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Sep 25 19:53:44 2007 + [CIFS] fix cut and paste error - missing defines cause cifsacl build error Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c |9 - 1 files changed, 8 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 11ac133..9096910 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -21,6 +21,13 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +#include linux/fs.h +#include cifspdu.h +#include cifsglob.h +#include cifsproto.h +#include cifs_debug.h +#include cifsacl.h + /* security id for everyone */ static const struct cifs_sid sid_everyone = {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}}; @@ -51,7 +58,7 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl) /* Convert CIFS ACL to POSIX form */ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) { - int i; + int i, rc; int num_aces = 0; int acl_size; struct cifs_sid *owner_sid_ptr, *group_sid_ptr; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Print better error when server returns malformed QueryUnixInfo response
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1e71f25d14d70f2bf607b40ab6d7e18daca57f36 Commit: 1e71f25d14d70f2bf607b40ab6d7e18daca57f36 Parent: 5a44b3190e3441986648ff664ef045685995324b Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Sep 20 15:30:07 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Sep 20 15:30:07 2007 + [CIFS] Print better error when server returns malformed QueryUnixInfo response Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifssmb.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index bb30455..f33c89c 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -3361,6 +3361,9 @@ UnixQPathInfoRetry: rc = validate_t2((struct smb_t2_rsp *)pSMBr); if (rc || (pSMBr-ByteCount sizeof(FILE_UNIX_BASIC_INFO))) { + cERROR(1, (Malformed FILE_UNIX_BASIC_INFO response.\n + Unix Extensions can be disabled on mount + by specifying the nosfu mount option.)); rc = -EIO; /* bad smb */ } else { __u16 data_offset = le16_to_cpu(pSMBr-t2.DataOffset); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] typo in earlier cifs_reconnect fix
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=638b250766272fcaaa0f7ed2776f58f4ac701914 Commit: 638b250766272fcaaa0f7ed2776f58f4ac701914 Parent: a8cd925f74c3b1b6d1192f9e75f9d12cc2ab148a Author: Steve French [EMAIL PROTECTED] AuthorDate: Sat Sep 15 02:35:51 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Sep 15 02:35:51 2007 + [CIFS] typo in earlier cifs_reconnect fix Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c |1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index f58fef5..a83684d 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -439,7 +439,6 @@ incomplete_rcv: cFYI(1, (less than four bytes received (%d bytes), length)); pdu_length -= length; - cifs_reconnect(server); msleep(1); goto incomplete_rcv; } - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix oops in find_writable_file
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=15745320f374aa6cbfe4836b76469159c0f49640 Commit: 15745320f374aa6cbfe4836b76469159c0f49640 Parent: 77159b4df894f9e5e31f709fb0e5e52f6c1b1048 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Sep 7 22:23:48 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Sep 7 22:23:48 2007 + [CIFS] Fix oops in find_writable_file There was a case in which find_writable_file was not waiting long enough under heavy stress when writepages was racing with close of the file handle being used by the write. Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/file.c | 37 - 1 files changed, 28 insertions(+), 9 deletions(-) diff --git a/fs/cifs/file.c b/fs/cifs/file.c index 26fa508..b1807fd 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -467,7 +467,7 @@ reopen_error_exit: int cifs_close(struct inode *inode, struct file *file) { int rc = 0; - int xid; + int xid, timeout; struct cifs_sb_info *cifs_sb; struct cifsTconInfo *pTcon; struct cifsFileInfo *pSMBFile = @@ -485,9 +485,9 @@ int cifs_close(struct inode *inode, struct file *file) /* no sense reconnecting to close a file that is already closed */ if (pTcon-tidStatus != CifsNeedReconnect) { - int timeout = 2; + timeout = 2; while ((atomic_read(pSMBFile-wrtPending) != 0) - (timeout 1000) ) { +(timeout = 2048)) { /* Give write a better chance to get to server ahead of the close. We do not want to add a wait_q here as it would @@ -522,6 +522,23 @@ int cifs_close(struct inode *inode, struct file *file) list_del(pSMBFile-flist); list_del(pSMBFile-tlist); write_unlock(GlobalSMBSeslock); + timeout = 10; + /* We waited above to give the SMBWrite a chance to issue + on the wire (so we do not get SMBWrite returning EBADF + if writepages is racing with close. Note that writepages + does not specify a file handle, so it is possible for a file + to be opened twice, and the application close the wrong + file handle - in these cases we delay long enough to allow + the SMBWrite to get on the wire before the SMB Close. + We allow total wait here over 45 seconds, more than + oplock break time, and more than enough to allow any write + to complete on the server, or to time out on the client */ + while ((atomic_read(pSMBFile-wrtPending) != 0) +(timeout = 5)) { + cERROR(1, (writes pending, delay free of handle)); + msleep(timeout); + timeout *= 8; + } kfree(pSMBFile-search_resume_name); kfree(file-private_data); file-private_data = NULL; @@ -1031,22 +1048,24 @@ struct cifsFileInfo *find_writable_file(struct cifsInodeInfo *cifs_inode) (open_file-pfile-f_flags O_WRONLY))) { atomic_inc(open_file-wrtPending); read_unlock(GlobalSMBSeslock); - if ((open_file-invalidHandle) - (!open_file-closePend) /* BB fixme -since the second clause can not be true remove it BB */) { + if (open_file-invalidHandle) { rc = cifs_reopen_file(open_file-pfile, FALSE); /* if it fails, try another handle - might be */ /* dangerous to hold up writepages with retry */ if (rc) { - cFYI(1, - (failed on reopen file in wp)); + cFYI(1, (wp failed on reopen file)); read_lock(GlobalSMBSeslock); /* can not use this handle, no write pending on this one after all */ - atomic_dec -(open_file-wrtPending); + atomic_dec(open_file-wrtPending); continue; } } + if (open_file-closePend
[CIFS] Byte range unlock request to non-Unix server can unlock too much
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=39db810cb6c1e7d1f2e43ae38b437b7ee72fe815 Commit: 39db810cb6c1e7d1f2e43ae38b437b7ee72fe815 Parent: 95ba7362105646523ee712fd252ec2e34ccbec15 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Fri Aug 24 03:16:51 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Aug 24 03:16:51 2007 + [CIFS] Byte range unlock request to non-Unix server can unlock too much On a mount without posix extensions enabled, when an unlock request is made, the client can release more than is intended. To reproduce, on a CIFS mount without posix extensions enabled: 1) open file 2) do fcntl lock: start=0 len=1 3) do fcntl lock: start=2 len=1 4) do fcntl unlock: start=0 len=1 ...on the unlock call the client sends an unlock request to the server for both locks. The problem is a bad test in cifs_lock. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |5 - fs/cifs/file.c |3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index bed6215..41e3b6a 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -6,7 +6,10 @@ done with serverino mount option). Add support for POSIX Unlink Samba supports newer POSIX CIFS Protocol Extensions). Add nounix mount option to allow disabling the CIFS Unix Extensions for just that mount. Fix hang on spinlock in find_writable_file (race when -reopening file after session crash). +reopening file after session crash). Byte range unlock request to +windows server could unlock more bytes (on server copy of file) +than intended if start of unlock request is well before start of +a previous byte range lock that we issued. Version 1.49 diff --git a/fs/cifs/file.c b/fs/cifs/file.c index 894b1f7..f9bd8b8 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -767,7 +767,8 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock) mutex_lock(fid-lock_mutex); list_for_each_entry_safe(li, tmp, fid-llist, llist) { if (pfLock-fl_start = li-offset - length = li-length) { + (pflock-fl_start + length) = + (li-offset + li-length)) { stored_rc = CIFSSMBLock(xid, pTcon, netfid, li-length, li-offset, - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] cifs truncate missing a fix for private map COW race
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8064ab4da104900505f33535d230ce0da5d18341 Commit: 8064ab4da104900505f33535d230ce0da5d18341 Parent: cb00e99c0abd844b884c64c6b54aa3b7d345ebb1 Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Aug 22 22:12:07 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Aug 22 22:12:07 2007 + [CIFS] cifs truncate missing a fix for private map COW race vmtruncate had added the same fix to handle the case of private pages being Copy on writed while truncate_inode_pages is going on Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/inode.c |9 + 1 files changed, 9 insertions(+), 0 deletions(-) diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index dd41677..97ccc51 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -1377,8 +1377,17 @@ static int cifs_vmtruncate(struct inode *inode, loff_t offset) } i_size_write(inode, offset); spin_unlock(inode-i_lock); + /* +* unmap_mapping_range is called twice, first simply for efficiency +* so that truncate_inode_pages does fewer single-page unmaps. However +* after this first call, and before truncate_inode_pages finishes, +* it is possible for private pages to be COWed, which remain after +* truncate_inode_pages finishes, hence the second unmap_mapping_range +* call must be made for correctness. +*/ unmap_mapping_range(mapping, offset + PAGE_SIZE - 1, 0, 1); truncate_inode_pages(mapping, offset); + unmap_mapping_range(mapping, offset + PAGE_SIZE - 1, 0, 1); goto out_truncate; do_expand: - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix some endianness problems in new acl code
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=af6f4612fdfd782c6d35272836a2b97e7e5b790e Commit: af6f4612fdfd782c6d35272836a2b97e7e5b790e Parent: 016ec75f1a0c0e765fce65d794569979104f031d Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Oct 16 18:40:37 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Oct 16 18:40:37 2007 + [CIFS] Fix some endianness problems in new acl code Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c | 28 ++-- fs/cifs/cifsacl.h | 23 +++ fs/cifs/cifssmb.c |2 +- 3 files changed, 26 insertions(+), 27 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 6015877..4735e9b 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -31,7 +31,7 @@ #ifdef CONFIG_CIFS_EXPERIMENTAL -struct cifs_wksid wksidarr[NUM_WK_SIDS] = { +static struct cifs_wksid wksidarr[NUM_WK_SIDS] = { {{1, 0, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0, 0} }, null user}, {{1, 1, {0, 0, 0, 0, 0, 1}, {0, 0, 0, 0, 0} }, nobody}, {{1, 1, {0, 0, 0, 0, 0, 5}, {11, 0, 0, 0, 0} }, net-users}, @@ -192,14 +192,15 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) /* BB need to add parm so we can store the SID BB */ /* validate that we do not go past end of acl */ - if (end_of_acl (char *)pdacl + pdacl-size) { + if (end_of_acl (char *)pdacl + le16_to_cpu(pdacl-size)) { cERROR(1, (ACL too small to parse DACL)); return; } #ifdef CONFIG_CIFS_DEBUG2 cFYI(1, (DACL revision %d size %d num aces %d, - pdacl-revision, pdacl-size, pdacl-num_aces)); + le16_to_cpu(pdacl-revision), le16_to_cpu(pdacl-size), + le32_to_cpu(pdacl-num_aces))); #endif acl_base = (char *)pdacl; @@ -255,7 +256,6 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) static int parse_sid(struct cifs_sid *psid, char *end_of_acl) { - int num_subauth; /* BB need to add parm so we can store the SID BB */ @@ -265,14 +265,13 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl) return -EINVAL; } - num_subauth = cpu_to_le32(psid-num_subauth); - if (num_subauth) { + if (psid-num_subauth) { #ifdef CONFIG_CIFS_DEBUG2 int i; cFYI(1, (SID revision %d num_auth %d First subauth 0x%x, psid-revision, psid-num_subauth, psid-sub_auth[0])); - for (i = 0; i num_subauth; ++i) { + for (i = 0; i psid-num_subauth; i++) { cFYI(1, (SID sub_auth[%d]: 0x%x , i, le32_to_cpu(psid-sub_auth[i]))); } @@ -280,7 +279,7 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl) /* BB add length check to make sure that we do not have huge num auths and therefore go off the end */ cFYI(1, (RID 0x%x, - le32_to_cpu(psid-sub_auth[num_subauth-1]))); + le32_to_cpu(psid-sub_auth[psid-num_subauth-1]))); #endif } @@ -297,17 +296,18 @@ int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) char *end_of_acl = ((char *)pntsd) + acl_len; owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + - cpu_to_le32(pntsd-osidoffset)); + le32_to_cpu(pntsd-osidoffset)); group_sid_ptr = (struct cifs_sid *)((char *)pntsd + - cpu_to_le32(pntsd-gsidoffset)); + le32_to_cpu(pntsd-gsidoffset)); dacl_ptr = (struct cifs_acl *)((char *)pntsd + - cpu_to_le32(pntsd-dacloffset)); + le32_to_cpu(pntsd-dacloffset)); #ifdef CONFIG_CIFS_DEBUG2 cFYI(1, (revision %d type 0x%x ooffset 0x%x goffset 0x%x sacloffset 0x%x dacloffset 0x%x, -pntsd-revision, pntsd-type, -pntsd-osidoffset, pntsd-gsidoffset, pntsd-sacloffset, -pntsd-dacloffset)); +pntsd-revision, pntsd-type, le32_to_cpu(pntsd-osidoffset), +le32_to_cpu(pntsd-gsidoffset), +le32_to_cpu(pntsd-sacloffset), +le32_to_cpu(pntsd-dacloffset)); #endif rc = parse_sid(owner_sid_ptr, end_of_acl); if (rc) diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 0362cd1..fa01053 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -27,25 +27,25 @@ #define SIDNAMELENGTH 20 /* long enough for the ones we care about */ struct cifs_ntsd { - __u16 revision; /* revision level */ - __u16 type; - __u32 osidoffset; - __u32 gsidoffset; - __u32 sacloffset; - __u32 dacloffset; + __le16
[CIFS] remove compile warnings when debug disabled
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8f18c1316b71df76bb7076c392134864a18636c1 Commit: 8f18c1316b71df76bb7076c392134864a18636c1 Parent: 297647c21f11dc1449f9bdb1601ae43e951bba0b Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Oct 12 18:54:12 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Oct 12 18:54:12 2007 + [CIFS] remove compile warnings when debug disabled Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsacl.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index 43ab26f..6015877 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c @@ -131,7 +131,6 @@ int compare_sids(struct cifs_sid *ctsid, struct cifs_sid *cwsid) static void parse_ace(struct cifs_ace *pace, char *end_of_acl) { - int i; int num_subauth; /* validate that we do not go past end of acl */ @@ -145,6 +144,7 @@ static void parse_ace(struct cifs_ace *pace, char *end_of_acl) num_subauth = cpu_to_le32(pace-num_subauth); if (num_subauth) { #ifdef CONFIG_CIFS_DEBUG2 + int i; cFYI(1, (ACE revision %d num_subauth %d, pace-revision, pace-num_subauth)); for (i = 0; i num_subauth; ++i) { @@ -255,7 +255,6 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl) static int parse_sid(struct cifs_sid *psid, char *end_of_acl) { - int i; int num_subauth; /* BB need to add parm so we can store the SID BB */ @@ -269,6 +268,7 @@ static int parse_sid(struct cifs_sid *psid, char *end_of_acl) num_subauth = cpu_to_le32(psid-num_subauth); if (num_subauth) { #ifdef CONFIG_CIFS_DEBUG2 + int i; cFYI(1, (SID revision %d num_auth %d First subauth 0x%x, psid-revision, psid-num_subauth, psid-sub_auth[0])); - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] CIFS support for named pipes (part 1)
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7f8ed420f80c91176dfd27c8089f22cab5c9ba78 Commit: 7f8ed420f80c91176dfd27c8089f22cab5c9ba78 Parent: 407f61a2b482ab9a6d03549ab9513e4a823ae4a2 Author: Steve French [EMAIL PROTECTED] AuthorDate: Fri Sep 28 22:28:55 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Fri Sep 28 22:28:55 2007 + [CIFS] CIFS support for named pipes (part 1) This allows cifs to mount to ipc shares (IPC$) which will allow user space applications to layer over authenticated cifs connections (useful for Wine and others that would want to put DCE/RPC over CIFS or run CIFS named pipes) Acked-by: Rob Shearman [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifsglob.h |2 ++ fs/cifs/connect.c | 18 -- fs/cifs/dir.c |2 +- fs/cifs/inode.c| 22 ++ fs/cifs/misc.c |1 - 5 files changed, 37 insertions(+), 8 deletions(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index bb468de..f55be8e 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -291,6 +291,7 @@ struct cifsTconInfo { FILE_SYSTEM_DEVICE_INFO fsDevInfo; FILE_SYSTEM_ATTRIBUTE_INFO fsAttrInfo; /* ok if fs name truncated */ FILE_SYSTEM_UNIX_INFO fsUnixInfo; + unsigned ipc:1; /* set if connection to IPC$ eg for RPC/PIPES */ unsigned retry:1; unsigned nocase:1; unsigned unix_ext:1; /* if off disable Linux extensions to CIFS protocol @@ -341,6 +342,7 @@ struct cifsFileInfo { struct list_head llist; /* list of byte range locks we have. */ unsigned closePend:1; /* file is marked to close */ unsigned invalidHandle:1; /* file closed via session abend */ + unsigned messageMode:1/* for pipes: is message or byte mode */ atomic_t wrtPending; /* handle in use - defer close */ struct semaphore fh_sem; /* prevents reopen race after dead ses*/ char *search_resume_name; /* BB removeme BB */ diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index e43cb88..21cac15 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -2186,8 +2186,10 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, tcon-ses = pSesInfo; /* do not care if following two calls succeed - informational */ - CIFSSMBQFSDeviceInfo(xid, tcon); - CIFSSMBQFSAttributeInfo(xid, tcon); + if (!tcon-ipc) { + CIFSSMBQFSDeviceInfo(xid, tcon); + CIFSSMBQFSAttributeInfo(xid, tcon); + } /* tell server which Unix caps we support */ if (tcon-ses-capabilities CAP_UNIX) @@ -3385,6 +3387,18 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, bcc_ptr = pByteArea(smb_buffer_response); length = strnlen(bcc_ptr, BCC(smb_buffer_response) - 2); /* skip service field (NB: this field is always ASCII) */ + if (length == 3) { + if ((bcc_ptr[0] == 'I') (bcc_ptr[1] == 'P') + (bcc_ptr[2] == 'C')) { + cFYI(1, (IPC connection)); + tcon-ipc = 1; + } + } else if (length == 2) { + if ((bcc_ptr[0] == 'A') (bcc_ptr[1] == ':')) { + /* the most common case */ + cFYI(1, (disk share connection)); + } + } bcc_ptr += length + 1; strncpy(tcon-treeName, tree, MAX_TREE_SIZE); if (smb_buffer-Flags2 SMBFLG2_UNICODE) { diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c index db5287a..99321ab 100644 --- a/fs/cifs/dir.c +++ b/fs/cifs/dir.c @@ -3,7 +3,7 @@ * * vfs operations that deal with dentries * - * Copyright (C) International Business Machines Corp., 2002,2005 + * Copyright (C) International Business Machines Corp., 2002,2007 * Author(s): Steve French ([EMAIL PROTECTED]) * * This library is free software; you can redistribute it and/or modify diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index 552d68b..ece17ca 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -115,7 +115,7 @@ int cifs_get_inode_info_unix(struct inode **pinode, inode-i_mode = le64_to_cpu(findData.Permissions); /* since we set the inode type below we need to mask off to avoid strange results if bits set above */ - inode-i_mode = ~S_IFMT; + inode-i_mode = ~S_IFMT; if (type == UNIX_FILE) { inode-i_mode |= S_IFREG; } else if (type == UNIX_SYMLINK) { @@ -575,19 +575,33 @@ int cifs_get_inode_info(struct inode
[CIFS] move cifs acl code to new file and fix build break
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bcb020341a7d0fba6cd025f068d40f4ab5c36af8 Commit: bcb020341a7d0fba6cd025f068d40f4ab5c36af8 Parent: 442aa310f3bc49cf4e059da790fbae62411d50db Author: Steve French [EMAIL PROTECTED] AuthorDate: Tue Sep 25 16:17:24 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Tue Sep 25 16:17:24 2007 + [CIFS] move cifs acl code to new file and fix build break Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/Makefile|2 +- fs/cifs/cifsacl.c | 134 +++ fs/cifs/cifsacl.h |2 +- fs/cifs/cifsproto.h |1 + fs/cifs/cifssmb.c | 107 5 files changed, 137 insertions(+), 109 deletions(-) diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile index 6ecd9d6..ff6ba8d 100644 --- a/fs/cifs/Makefile +++ b/fs/cifs/Makefile @@ -3,4 +3,4 @@ # obj-$(CONFIG_CIFS) += cifs.o -cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o +cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o cifsacl.o diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c new file mode 100644 index 000..11ac133 --- /dev/null +++ b/fs/cifs/cifsacl.c @@ -0,0 +1,134 @@ +/* + * fs/cifs/cifsacl.c + * + * Copyright (C) International Business Machines Corp., 2007 + * Author(s): Steve French ([EMAIL PROTECTED]) + * + * Contains the routines for mapping CIFS/NTFS ACLs + * + * This library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See + * the GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +/* security id for everyone */ +static const struct cifs_sid sid_everyone = + {1, 1, {0, 0, 0, 0, 0, 0}, {0, 0, 0, 0}}; +/* group users */ +static const struct cifs_sid sid_user = + {1, 2 , {0, 0, 0, 0, 0, 5}, {32, 545, 0, 0}}; + +static int parse_sid(struct cifs_sid *psid, char *end_of_acl) +{ + /* BB need to add parm so we can store the SID BB */ + + /* validate that we do not go past end of acl */ + if (end_of_acl (char *)psid + sizeof(struct cifs_sid)) { + cERROR(1, (ACL to small to parse SID)); + return -EINVAL; + } +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (revision %d num_auth %d First subauth 0x%x, + psid-revision, psid-num_auth, psid-sub_auth[0])); + + /* BB add length check to make sure that we do not have huge num auths + and therefore go off the end */ + cFYI(1, (RID 0x%x, le32_to_cpu(psid-sub_auth[psid-num_auth]))); +#endif + return 0; +} + +/* Convert CIFS ACL to POSIX form */ +int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len) +{ + int i; + int num_aces = 0; + int acl_size; + struct cifs_sid *owner_sid_ptr, *group_sid_ptr; + struct cifs_acl *dacl_ptr; /* no need for SACL ptr */ + struct cifs_ntace **ppntace; + struct cifs_ace **ppace; + char *acl_base; + char *end_of_acl = ((char *)pntsd) + acl_len; + + owner_sid_ptr = (struct cifs_sid *)((char *)pntsd + + cpu_to_le32(pntsd-osidoffset)); + group_sid_ptr = (struct cifs_sid *)((char *)pntsd + + cpu_to_le32(pntsd-gsidoffset)); + dacl_ptr = (struct cifs_acl *)((char *)pntsd + + cpu_to_le32(pntsd-dacloffset)); +#ifdef CONFIG_CIFS_DEBUG2 + cFYI(1, (revision %d type 0x%x ooffset 0x%x goffset 0x%x +sacloffset 0x%x dacloffset 0x%x, +pntsd-revision, pntsd-type, +pntsd-osidoffset, pntsd-gsidoffset, pntsd-sacloffset, +pntsd-dacloffset)); +#endif + rc = parse_sid(owner_sid_ptr, end_of_acl); + if (rc) + return rc; + + rc = parse_sid(group_sid_ptr, end_of_acl); + if (rc) + return rc; + +/* cifscred-uid = owner_sid_ptr-rid; + cifscred-gid
[CIFS] fix small memory leak in an error path in new posix mkdir
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5a07cdf86c1485b570789fb660c8ada7c2635b23 Commit: 5a07cdf86c1485b570789fb660c8ada7c2635b23 Parent: a23d30698190f05491a6096f027311f94d4d26d5 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sun Sep 16 23:12:47 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sun Sep 16 23:12:47 2007 + [CIFS] fix small memory leak in an error path in new posix mkdir There is a small memory leak in fs/cifs/inode.c::cifs_mkdir(). Storage for 'pInfo' is allocated with kzalloc(), but if the call to CIFSPOSIXCreate(...) happens to return 0 and pInfo-Type == -1, then we'll jump to the 'mkdir_get_info' label without freeing the storage allocated for 'pInfo'. This patch adds a kfree() call to free the storage just before jumping to the label, thus getting rid of the leak. Signed-off-by: Jesper Juhl [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/inode.c |8 ++-- 1 files changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index e800c0e..9dffa93 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -930,8 +930,10 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) d_drop(direntry); } else { int obj_type; - if (pInfo-Type == -1) /* no return info - go query */ + if (pInfo-Type == -1) /* no return info - go query */ { + kfree(pInfo); goto mkdir_get_info; + } /*BB check (cifs_sb-mnt_cifs_flags CIFS_MOUNT_SET_UID ) to see if need to set uid/gid */ inc_nlink(inode); @@ -941,8 +943,10 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) direntry-d_op = cifs_dentry_ops; newinode = new_inode(inode-i_sb); - if (newinode == NULL) + if (newinode == NULL) { + kfree(pInfo); goto mkdir_get_info; + } /* Is an i_ino of zero legal? */ /* Are there sanity checks we can use to ensure that the server is really filling in that field? */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Return better error when server requires signing but client forbids
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=abb63d6c3d3d0e4d93b63589135962091154be9b Commit: abb63d6c3d3d0e4d93b63589135962091154be9b Parent: d628ddb62d3050e8e474aa3566bc6bafbe4b9c26 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Oct 18 02:58:40 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Oct 18 02:58:40 2007 + [CIFS] Return better error when server requires signing but client forbids Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |3 ++- fs/cifs/cifssmb.c |4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 2459ef0..3d41916 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -11,7 +11,8 @@ connect fails (e.g. due to signing negotiation failure) fix leak that causes cifsd not to stop and rmmod to fail to cleanup cifs_request_buffers pool. Fix problem with POSIX Open/Mkdir on bigendian architectures. Fix possible memory corruption when -EAGAIN returned on kern_recvmsg. +EAGAIN returned on kern_recvmsg. Return better error if server +requires packet signing but client has disabled it. Version 1.50 diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index d22af63..2b2d4fe 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -663,10 +663,12 @@ signing_check: /* MUST_SIGN already includes the MAY_SIGN FLAG so if this is zero it means that signing is disabled */ cFYI(1, (Signing disabled)); - if (server-secMode SECMODE_SIGN_REQUIRED) + if (server-secMode SECMODE_SIGN_REQUIRED) { cERROR(1, (Server requires packet signing to be enabled in /proc/fs/cifs/SecurityFlags.)); + rc = -EOPNOTSUPP; + } server-secMode = ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED); } else if ((secFlags CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) { - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_thread
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c18c732ec6bf372aa959ca6534cbfc32e464defd Commit: c18c732ec6bf372aa959ca6534cbfc32e464defd Parent: a49ddf4ce5a5997f0695b194587290ea72e9 Author: Steve French [EMAIL PROTECTED] AuthorDate: Wed Oct 17 18:01:11 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Wed Oct 17 18:01:11 2007 + [CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_thread When kernel_recvmsg returns -EAGAIN or -ERESTARTSYS, then cifs_demultiplex_thread sleeps for a bit and then tries the read again. When it does this, it's not zeroing out the length and that throws off the value of total_read. Fix it to zero out the length. Can cause memory corruption: If kernel_recvmsg returns an error and total_read is a large enough value, then we'll end up going through the loop again. total_read will be a bogus value, as will (pdu_length-total_read). When this happens we end up calling kernel_recvmsg with a bogus value (possibly larger than the current iov_len). At that point, memcpy_toiovec can overrun iov. It will start walking up the stack, casting other things that are there to struct iovecs (since it assumes that it's been passed an array of them). Any pointer on the stack at an address above the kvec is a candidate for corruption here. Many thanks to Ulrich Obergfell for pointing this out. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |3 ++- fs/cifs/connect.c |6 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 70c90c0..2459ef0 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -10,7 +10,8 @@ opened, read and written as if they were files). When 1st tree connect fails (e.g. due to signing negotiation failure) fix leak that causes cifsd not to stop and rmmod to fail to cleanup cifs_request_buffers pool. Fix problem with POSIX Open/Mkdir on -bigendian architectures. +bigendian architectures. Fix possible memory corruption when +EAGAIN returned on kern_recvmsg. Version 1.50 diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 494455e..676bbf2 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -415,7 +415,10 @@ incomplete_rcv: msleep(1); /* minimum sleep to prevent looping allowing socket to clear and app threads to set tcpStatus CifsNeedReconnect if server hung */ - continue; + if (pdu_length 4) + goto incomplete_rcv; + else + continue; } else if (length = 0) { if (server-tcpStatus == CifsNew) { cFYI(1, (tcp session abend after SMBnegprot)); @@ -543,6 +546,7 @@ incomplete_rcv: allowing socket to clear and app threads to set tcpStatus CifsNeedReconnect if server hung*/ + length = 0; continue; } else if (length = 0) { cERROR(1, (Received no data, expecting %d, - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] fix for incorrect session reconnects
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f01d5e14e764b14b6bf5512678523d009254b209 Commit: f01d5e14e764b14b6bf5512678523d009254b209 Parent: 8594c15ad226227aaf178b7cf57f2e7291684dd4 Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Aug 30 21:13:31 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Aug 30 21:13:31 2007 + [CIFS] fix for incorrect session reconnects cifs reconnect could end up happening incorrectly due to the small initial tcp recvmsg response. When the socket was within three bytes of being full and the recvmsg returned only 1 to 3 bytes of the initial 4 byte read of the RFC1001 length field. Fortunately this seems to be less common on more current kernels, but this fixes it so cifs tries to retrieve all 4 bytes of the initial tcp read. Signed-off-by: Shirish Pargoankar [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/connect.c | 13 +++-- 1 files changed, 7 insertions(+), 6 deletions(-) diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 4af3588..8af993f 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -400,9 +400,11 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server) iov.iov_len = 4; smb_msg.msg_control = NULL; smb_msg.msg_controllen = 0; + pdu_length = 4; /* enough to get RFC1001 header */ +incomplete_rcv: length = kernel_recvmsg(csocket, smb_msg, -iov, 1, 4, 0 /* BB see socket.h flags */); + iov, 1, pdu_length, 0 /* BB other flags? */); if ( kthread_should_stop() ) { break; @@ -437,13 +439,12 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server) wake_up(server-response_q); continue; } else if (length 4) { - cFYI(1, - (Frame under four bytes received (%d bytes long), + cFYI(1, (less than four bytes received (%d bytes), length)); + pdu_length -= length; cifs_reconnect(server); - csocket = server-ssocket; - wake_up(server-response_q); - continue; + msleep(1); + goto incomplete_rcv; } /* The right amount was read from socket - 4 bytes */ - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix potential NULL pointer usage if kzalloc fails
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=88f370a688e765de9755a343702ca04e6817e5f5 Commit: 88f370a688e765de9755a343702ca04e6817e5f5 Parent: 638b250766272fcaaa0f7ed2776f58f4ac701914 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sat Sep 15 03:01:17 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Sep 15 03:01:17 2007 + [CIFS] Fix potential NULL pointer usage if kzalloc fails Potential problem was noticed by Cyrill Gorcunov CC: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_debug.c | 16 +--- fs/cifs/connect.c| 13 - 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index 1bf8cf5..0356694 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c @@ -209,13 +209,15 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset, i++; tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList); dev_type = le32_to_cpu(tcon-fsDevInfo.DeviceType); - length = - sprintf(buf, - \n%d) %s Uses: %d Type: %s DevInfo: 0x%x - Attributes: 0x%x\nPathComponentMax: %d Status: %d, - i, tcon-treeName, - atomic_read(tcon-useCount), - tcon-nativeFileSystem, + length = sprintf(buf, \n%d) %s Uses: %d , i, +tcon-treeName, atomic_read(tcon-useCount)); + buf += length; + if (tcon-nativeFileSystem) { + length = sprintf(Type: %s , tcon-nativeFileSystem); + buf += length; + } + length = sprintf(buf, DevInfo: 0x%x Attributes: 0x%x +\nPathComponentMax: %d Status: %d, le32_to_cpu(tcon-fsDevInfo.DeviceCharacteristics), le32_to_cpu(tcon-fsAttrInfo.Attributes), le32_to_cpu(tcon-fsAttrInfo.MaxPathNameComponentLength), diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index a83684d..5f2ec19 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -3386,9 +3386,11 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, kfree(tcon-nativeFileSystem); tcon-nativeFileSystem = kzalloc(length + 2, GFP_KERNEL); - cifs_strfromUCS_le(tcon-nativeFileSystem, - (__le16 *) bcc_ptr, - length, nls_codepage); + if (tcon-nativeFileSystem) + cifs_strfromUCS_le( + tcon-nativeFileSystem, + (__le16 *) bcc_ptr, + length, nls_codepage); bcc_ptr += 2 * length; bcc_ptr[0] = 0; /* null terminate the string */ bcc_ptr[1] = 0; @@ -3403,8 +3405,9 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, kfree(tcon-nativeFileSystem); tcon-nativeFileSystem = kzalloc(length + 1, GFP_KERNEL); - strncpy(tcon-nativeFileSystem, bcc_ptr, - length); + if (tcon-nativeFileSystem) + strncpy(tcon-nativeFileSystem, bcc_ptr, + length); } /* else do not bother copying these information fields*/ } - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
CIFS: ignore mode change if it's just for clearing setuid/setgid bits
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d32c4f2626acc385d5187bd5c0c24f442328dc60 Commit: d32c4f2626acc385d5187bd5c0c24f442328dc60 Parent: 188b95dd8ecb02dd6c6e5534cddc5a89aa4e2852 Author: Jeff Layton [EMAIL PROTECTED] AuthorDate: Thu Oct 18 03:05:22 2007 -0700 Committer: Linus Torvalds [EMAIL PROTECTED] CommitDate: Thu Oct 18 14:37:22 2007 -0700 CIFS: ignore mode change if it's just for clearing setuid/setgid bits If the ATTR_KILL_S*ID bits are set then any mode change is only for clearing the setuid/setgid bits. For CIFS, skip the mode change and let the server handle it. Signed-off-by: Jeff Layton [EMAIL PROTECTED] Cc: Steven French [EMAIL PROTECTED] Cc: Christoph Hellwig [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Linus Torvalds [EMAIL PROTECTED] --- fs/cifs/inode.c |5 + 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index dd41677..279f3c5 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -1538,6 +1538,11 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs) } time_buf.Attributes = 0; + + /* skip mode change if it's just for clearing setuid/setgid */ + if (attrs-ia_valid (ATTR_KILL_SUID|ATTR_KILL_SGID)) + attrs-ia_valid = ~ATTR_MODE; + if (attrs-ia_valid ATTR_MODE) { cFYI(1, (Mode changed to 0x%x, attrs-ia_mode)); mode = attrs-ia_mode; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Fix hang in find_writable_file
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a403a0a370946e7dbcda6464a3509089daee54bc Commit: a403a0a370946e7dbcda6464a3509089daee54bc Parent: e4903fb59590f86190280a549420f6cb85bd7f7e Author: Steve French [EMAIL PROTECTED] AuthorDate: Thu Jul 26 15:54:16 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Thu Jul 26 15:54:16 2007 + [CIFS] Fix hang in find_writable_file Caused by unneeded reopen during reconnect while spinlock held. Fixes kernel bugzilla bug #7903 Thanks to Lin Feng Shen for testing this, and Amit Arora for some nice problem determination to narrow this down. Acked-by: Dave Kleikamp [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |5 - fs/cifs/README |7 +++ fs/cifs/TODO|3 +-- fs/cifs/file.c | 33 +++-- 4 files changed, 35 insertions(+), 13 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 6d84ca2..bed6215 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -3,7 +3,10 @@ Version 1.50 Fix NTLMv2 signing. NFS server mounted over cifs works (if cifs mount is done with serverino mount option). Add support for POSIX Unlink (helps with certain sharing violation cases when server such as -Samba supports newer POSIX CIFS Protocol Extensions). +Samba supports newer POSIX CIFS Protocol Extensions). Add nounix +mount option to allow disabling the CIFS Unix Extensions for just +that mount. Fix hang on spinlock in find_writable_file (race when +reopening file after session crash). Version 1.49 diff --git a/fs/cifs/README b/fs/cifs/README index 85f1eb1..fa096f9 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -444,6 +444,13 @@ A partial list of the supported mount options follows: noposixpaths If CIFS Unix extensions are supported, do not request posix path name support (this may cause servers to reject creatingfile with certain reserved characters). + nounix Disable the CIFS Unix Extensions for this mount (tree + connection). This is rarely needed, but it may be useful + in order to turn off multiple settings all at once (ie + posix acls, posix locks, posix paths, symlink support + and retrieving uids/gids/mode from the server) or to + work around a bug in server which implement the Unix + Extensions. nobrl Do not send byte range lock requests to the server. This is necessary for certain applications that break with cifs style mandatory byte range locks (and most diff --git a/fs/cifs/TODO b/fs/cifs/TODO index d7bd515..29d4b27 100644 --- a/fs/cifs/TODO +++ b/fs/cifs/TODO @@ -82,8 +82,7 @@ u) DOS attrs - returned as pseudo-xattr in Samba format (check VFAT and NTFS for v) mount check for unmatched uids -w) Add mount option for Linux extension disable per mount, and partial -disable per mount (uid off, symlink/fifo/mknod on but what about posix acls?) +w) Add support for new vfs entry points for setlease and fallocate x) Fix Samba 3 server to handle Linux kernel aio so dbench with lots of processes can proceed better in parallel (on the server) diff --git a/fs/cifs/file.c b/fs/cifs/file.c index e13592a..894b1f7 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -1904,6 +1904,25 @@ static int cifs_readpage(struct file *file, struct page *page) return rc; } +static int is_inode_writable(struct cifsInodeInfo *cifs_inode) +{ + struct cifsFileInfo *open_file; + + read_lock(GlobalSMBSeslock); + list_for_each_entry(open_file, cifs_inode-openFileList, flist) { + if (open_file-closePend) + continue; + if (open_file-pfile + ((open_file-pfile-f_flags O_RDWR) || +(open_file-pfile-f_flags O_WRONLY))) { + read_unlock(GlobalSMBSeslock); + return 1; + } + } + read_unlock(GlobalSMBSeslock); + return 0; +} + /* We do not want to update the file size from server for inodes open for write - to avoid races with writepage extending the file - in the future we could consider allowing @@ -1912,19 +1931,13 @@ static int cifs_readpage(struct file *file, struct page *page) page caching in the current Linux kernel design */ int is_size_safe_to_change(struct cifsInodeInfo *cifsInode, __u64 end_of_file) { - struct cifsFileInfo *open_file = NULL; - - if (cifsInode) - open_file = find_writable_file(cifsInode); + if (!cifsInode) + return 1; - if (open_file) { + if (is_inode_writable(cifsInode)) { + /* This inode is open for write at least once */ struct cifs_sb_info *cifs_sb
[CIFS] Update CIFS project web site
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=af5a032b8082cddb4dc62a9ff94bf1ec4d34a044 Commit: af5a032b8082cddb4dc62a9ff94bf1ec4d34a044 Parent: a403a0a370946e7dbcda6464a3509089daee54bc Author: Steve French [EMAIL PROTECTED] AuthorDate: Mon Aug 13 19:53:17 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Mon Aug 13 19:53:17 2007 + [CIFS] Update CIFS project web site Signed-off-by: Steve French [EMAIL PROTECTED] --- MAINTAINERS |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/MAINTAINERS b/MAINTAINERS index 01f222e..24c1194 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -1001,7 +1001,7 @@ P:Steve French M: [EMAIL PROTECTED] L: [EMAIL PROTECTED] L: [EMAIL PROTECTED] -W: http://us1.samba.org/samba/Linux_CIFS_client.html +W: http://linux-cifs.samba.org/ T: git kernel.org:/pub/scm/linux/kernel/git/sfrench/cifs-2.6.git S: Supported - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Check return code on failed alloc
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e6e6232753482dc0024a319b9d8f611d7a80c19 Commit: 5e6e6232753482dc0024a319b9d8f611d7a80c19 Parent: af5a032b8082cddb4dc62a9ff94bf1ec4d34a044 Author: Cyrill Gorcunov [EMAIL PROTECTED] AuthorDate: Sat Aug 18 00:15:20 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sat Aug 18 00:15:20 2007 + [CIFS] Check return code on failed alloc Signed-off-by: Cyrill Gorcunov [EMAIL PROTECTED] Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/README |6 ++ fs/cifs/sess.c |4 2 files changed, 10 insertions(+), 0 deletions(-) diff --git a/fs/cifs/README b/fs/cifs/README index fa096f9..b806b11 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -458,6 +458,12 @@ A partial list of the supported mount options follows: byte range locks). remountremount the share (often used to change from ro to rw mounts or vice versa) + servernSpecify the server 's netbios name (RFC1001 name) to use + when attempting to setup a session to the server. This is + This is needed for mounting to some older servers (such + as OS/2 or Windows 98 and Windows ME) since they do not + support a default server name. A server name can be up + to 15 characters long and is usually uppercased. sfuWhen the CIFS Unix Extensions are not negotiated, attempt to create device files and fifos in a format compatible with Services for Unix (SFU). In addition retrieve bits 10-12 diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 2ea027d..892be9b 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -372,6 +372,10 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, /* 2000 big enough to fit max user, domain, NOS name etc. */ str_area = kmalloc(2000, GFP_KERNEL); + if (str_area == NULL) { + cifs_small_buf_release(smb_buf); + return -ENOMEM; + } bcc_ptr = str_area; ses-flags = ~CIFS_SES_LANMAN; - To unsubscribe from this list: send the line unsubscribe git-commits-head in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[CIFS] Add in some missing flags and cifs README and TODO corrections
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=75865f8cc8b38c30c3923b74de4b29a00cc4c0e4 Commit: 75865f8cc8b38c30c3923b74de4b29a00cc4c0e4 Parent: 75154f402ef18e459ff97ddece25656b6c2b329c Author: Steve French [EMAIL PROTECTED] AuthorDate: Sun Jun 24 18:30:48 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sun Jun 24 18:30:48 2007 + [CIFS] Add in some missing flags and cifs README and TODO corrections Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/CHANGES |5 - fs/cifs/README| 25 ++--- fs/cifs/TODO |6 ++ fs/cifs/cifspdu.h | 11 --- fs/cifs/connect.c | 53 + fs/cifs/file.c|9 +++-- 6 files changed, 80 insertions(+), 29 deletions(-) diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index a9b6bc5..b4d388d 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -8,7 +8,10 @@ when Unix Extensions were ignored). This allows users to override the default uid and gid for files when they are certain that the uids or gids on the server do not match those of the client. Make sec=none mount override username (so that null user connection is attempted) -to match what documentation said. +to match what documentation said. Support for very large reads, over 127K, +available to some newer servers (such as Samba 3.0.26 and later but +note that it also requires setting CIFSMaxBufSize at module install +time to a larger value which may hurt performance in some cases). Version 1.48 diff --git a/fs/cifs/README b/fs/cifs/README index 4d01697..eb3efd5 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -301,10 +301,21 @@ A partial list of the supported mount options follows: during the local client kernel build will be used. If server does not support Unicode, this parameter is unused. - rsizedefault read size (usually 16K) - wsizedefault write size (usually 16K, 32K is often better over GigE) - maximum wsize currently allowed by CIFS is 57344 (14 4096 byte - pages) + rsizedefault read size (usually 16K). The client currently + can not use rsize larger than CIFSMaxBufSize. CIFSMaxBufSize + defaults to 16K and may be changed (from 8K to the maximum + kmalloc size allowed by your kernel) at module install time + for cifs.ko. Setting CIFSMaxBufSize to a very large value + will cause cifs to use more memory and may reduce performance + in some cases. To use rsize greater than 127K (the original + cifs protocol maximum) also requires that the server support + a new Unix Capability flag (for very large read) which some + newer servers (e.g. Samba 3.0.26 or later) do. rsize can be + set from a minimum of 2048 to a maximum of 130048 (127K or + CIFSMaxBufSize, whichever is smaller) + wsizedefault write size (default 57344) + maximum wsize currently allowed by CIFS is 57344 (fourteen + 4096 byte pages) rw mount the network share read-write (note that the server may still consider the share read-only) ro mount network share read-only @@ -582,10 +593,10 @@ the start of smb requests and responses can be enabled via: echo 1 /proc/fs/cifs/traceSMB -Two other experimental features are under development and to test -require enabling CONFIG_CIFS_EXPERIMENTAL +Two other experimental features are under development. To test these +requires enabling CONFIG_CIFS_EXPERIMENTAL - More efficient write operations + ipv6 enablement DNOTIFY fcntl: needed for support of directory change notification and perhaps later for file leases) diff --git a/fs/cifs/TODO b/fs/cifs/TODO index 78b620e..d57dc29 100644 --- a/fs/cifs/TODO +++ b/fs/cifs/TODO @@ -106,6 +106,12 @@ but recognizes them succeed but still return access denied (appears to be Windows server not cifs client problem) and has not been reproduced recently. NTFS partitions do not have this problem. +4) Unix/POSIX capabilities are reset after reconnection, and affect +a few fields in the tree connection but we do do not know which +superblocks to apply these changes to. We should probably walk +the list of superblocks to set these. Also need to check the +flags on the second mount to the same share, and see if we +can do the same trick that NFS does to remount duplicate shares. Misc testing to do == diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index d619ca7..802d27d 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h @@ -712,6 +712,7 @@ typedef struct smb_com_findclose_req { #define REQ_OPLOCK
[CIFS] fix whitespace
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ffdd6e4d1685779a413e4a8d753b1862259ed42a Commit: ffdd6e4d1685779a413e4a8d753b1862259ed42a Parent: 75865f8cc8b38c30c3923b74de4b29a00cc4c0e4 Author: Steve French [EMAIL PROTECTED] AuthorDate: Sun Jun 24 21:15:44 2007 + Committer: Steve French [EMAIL PROTECTED] CommitDate: Sun Jun 24 21:15:44 2007 + [CIFS] fix whitespace More whitespace problems found by checkpatch Signed-off-by: Steve French [EMAIL PROTECTED] --- fs/cifs/cifs_debug.c | 10 ++-- fs/cifs/cifsencrypt.c | 104 + 2 files changed, 58 insertions(+), 56 deletions(-) diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index 07838b2..ebd1335 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c @@ -58,7 +58,7 @@ cifs_dump_mem(char *label, void *data, int length) } #ifdef CONFIG_CIFS_DEBUG2 -void cifs_dump_detail(struct smb_hdr * smb) +void cifs_dump_detail(struct smb_hdr *smb) { cERROR(1, (Cmd: %d Err: 0x%x Flags: 0x%x Flgs2: 0x%x Mid: %d Pid: %d, smb-Command, smb-Status.CifsError, @@ -67,10 +67,10 @@ void cifs_dump_detail(struct smb_hdr * smb) } -void cifs_dump_mids(struct TCP_Server_Info * server) +void cifs_dump_mids(struct TCP_Server_Info *server) { struct list_head *tmp; - struct mid_q_entry * mid_entry; + struct mid_q_entry *mid_entry; if (server == NULL) return; @@ -114,12 +114,12 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset, { struct list_head *tmp; struct list_head *tmp1; - struct mid_q_entry * mid_entry; + struct mid_q_entry *mid_entry; struct cifsSesInfo *ses; struct cifsTconInfo *tcon; int i; int length = 0; - char * original_buf = buf; + char *original_buf = buf; *beginBuffer = buf + offset; diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index fdeda51..8422df8 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -21,7 +21,7 @@ #include linux/fs.h #include cifspdu.h -#include cifsglob.h +#include cifsglob.h #include cifs_debug.h #include md5.h #include cifs_unicode.h @@ -29,54 +29,56 @@ #include linux/ctype.h #include linux/random.h -/* Calculate and return the CIFS signature based on the mac key and the smb pdu */ +/* Calculate and return the CIFS signature based on the mac key and SMB PDU */ /* the 16 byte signature must be allocated by the caller */ /* Note we only use the 1st eight bytes */ -/* Note that the smb header signature field on input contains the +/* Note that the smb header signature field on input contains the sequence number before this function is called */ extern void mdfour(unsigned char *out, unsigned char *in, int n); extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); extern void SMBencrypt(unsigned char *passwd, unsigned char *c8, - unsigned char *p24); + unsigned char *p24); -static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, - const char * key, char * signature) +static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, + const char *key, char *signature) { struct MD5Context context; - if((cifs_pdu == NULL) || (signature == NULL)) + if ((cifs_pdu == NULL) || (signature == NULL)) return -EINVAL; MD5Init(context); - MD5Update(context,key,CIFS_SESS_KEY_SIZE+16); - MD5Update(context,cifs_pdu-Protocol,cifs_pdu-smb_buf_length); - MD5Final(signature,context); + MD5Update(context, key, CIFS_SESS_KEY_SIZE+16); + MD5Update(context, cifs_pdu-Protocol, cifs_pdu-smb_buf_length); + MD5Final(signature, context); return 0; } -int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server, - __u32 * pexpected_response_sequence_number) +int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, + __u32 *pexpected_response_sequence_number) { int rc = 0; char smb_signature[20]; - if((cifs_pdu == NULL) || (server == NULL)) + if ((cifs_pdu == NULL) || (server == NULL)) return -EINVAL; - if((cifs_pdu-Flags2 SMBFLG2_SECURITY_SIGNATURE) == 0) + if ((cifs_pdu-Flags2 SMBFLG2_SECURITY_SIGNATURE) == 0) return rc; spin_lock(GlobalMid_Lock); - cifs_pdu-Signature.Sequence.SequenceNumber = cpu_to_le32(server-sequence_number); + cifs_pdu-Signature.Sequence.SequenceNumber = + cpu_to_le32(server-sequence_number); cifs_pdu-Signature.Sequence.Reserved = 0; *pexpected_response_sequence_number = server-sequence_number++; server-sequence_number