[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Successfully tested the current Xenial kernel Xenial with xfstests and cthon test suites. $ uname -a Linux ubuntu-vm 4.4.0-87-generic #110-Ubuntu SMP Tue Jul 18 12:55:35 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
This bug was fixed in the package linux - 4.4.0-87.110 --- linux (4.4.0-87.110) xenial; urgency=low * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982) * CVE-2017-1000364 - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev * CIFS causes oops (LP: #1704857) - CIFS: Fix null pointer deref during read resp processing - CIFS: Fix some return values in case of error in 'crypt_message' -- Kleber Sacilotto de Souza Tue, 18 Jul 2017 13:58:43 +0200 ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000364 ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
This bug was fixed in the package linux - 4.4.0-87.110 --- linux (4.4.0-87.110) xenial; urgency=low * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982) * CVE-2017-1000364 - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev * CIFS causes oops (LP: #1704857) - CIFS: Fix null pointer deref during read resp processing - CIFS: Fix some return values in case of error in 'crypt_message' -- Kleber Sacilotto de Souza Tue, 18 Jul 2017 13:58:43 +0200 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
It seems like the kernel in xenial-proposed (4.4.0-87.110) has two commits mentioned above and according to https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1704857/comments/8 the problem should go away. Do you want me to test the updated package? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
The issue reported on comment #19 is being tracked on bug #1704857. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Tags removed: verification-needed-xenial ** Tags added: verification-failed-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Hi Kleber, I tested the Xenial kernel from -proposed and got the following crash: Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262084] BUG: unable to handle kernel NULL pointer dereference at (null) Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262087] IP: [] cifs_discard_remaining_data+0xc/0x70 [cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262098] PGD 7db4fb067 PUD 7d5e3a067 PMD 0 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262100] Oops: [#1] SMP Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262340] Modules linked in: cifs drbg ansi_cprng cmac arc4 md4 nls_utf8 ccm fscache crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel i2c_piix4 aes_x86_64 8250_fintek lrw hyperv_fb gf128mul hv_balloon glue_helper ablk_helper cryptd input_leds serio_raw joydev mac_hid nfsd auth_rpcgss nfs_acl lockd grace sunrpc parport_pc ppdev lp parport autofs4 hid_generic hv_netvsc hv_utils ptp hid_hyperv hv_storvsc pps_core hid scsi_transport_fc hyperv_keyboard psmouse pata_acpi hv_vmbus floppy fjes [last unloaded: cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262360] CPU: 2 PID: 18568 Comm: cifsd Not tainted 4.4.0-85-generic #108-Ubuntu Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262361] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS 090006 01/06/2017 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262362] task: 8807e1440f00 ti: 8807da868000 task.ti: 8807da868000 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262363] RIP: 0010:[] [] cifs_discard_remaining_data+0xc/0x70 [cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262371] RSP: 0018:8807da86bdc0 EFLAGS: 00010246 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262372] RAX: ffc3 RBX: 8807df0ae200 RCX: Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262373] RDX: c0390b80 RSI: RDI: 8807db71c000 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262373] RBP: 8807da86bdd0 R08: 004d R09: 8807da86bcfc Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262374] R10: 01fc R11: R12: 004d Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262375] R13: 8800f2fa1c00 R14: 8800f2fa1c00 R15: 8807df2ea680 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262376] FS: () GS:8807e568() knlGS: Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262377] CS: 0010 DS: ES: CR0: 80050033 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262377] CR2: CR3: 0007de707000 CR4: 003406e0 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262379] DR0: DR1: DR2: Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262380] DR3: DR6: fffe0ff0 DR7: 0400 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262380] Stack: Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262381] 8807df0ae200 004d 8807da86bdf8 c034159e Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262382] 8807db71c000 004d 8807df0ae200 8807da86be40 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262383] c0341694 8807e1440f00 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262385] Call Trace: Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262391] [] cifs_readv_discard+0x1e/0x40 [cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262396] [] cifs_readv_receive+0xd4/0x590 [cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262402] [] cifs_demultiplex_thread+0x778/0xac0 [cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262408] [] ? cifs_handle_standard+0x130/0x130 [cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262410] [] kthread+0xe5/0x100 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262412] [] ? kthread_create_on_node+0x1e0/0x1e0 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262414] [] ret_from_fork+0x3f/0x70 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262415] [] ? kthread_create_on_node+0x1e0/0x1e0 Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262416] Code: 84 69 fe ff ff 44 89 f0 eb 92 41 81 4d 00 00 00 02 00 e9 31 ff ff ff e8 03 fc d3 c0 0f 1f 00 0f 1f 44 00 00 55 48 89 e5 41 54 53 <8b> 06 bb 04 00 00 00 2b 9f 60 03 00 00 49 89 fc 0f c8 25 ff ff Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262429] RIP [] cifs_discard_remaining_data+0xc/0x70 [cifs] Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262435] RSP Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262435] CR2: Jul 13 14:38:05 ubuntu-vm kernel: [ 770.262437] ---[ end trace 5ac5926a1424b7e6 ]--- I think this issue is caused by commit http://kernel.ubuntu.com/git/ubuntu/ubuntu-xenial.git/commit/?h=master- next&id=bdf2bdef7c7b61663266d942fabd528a4c7eddda which is a copy of upstream commit. In upstream the issue has been fixed by commit https://github.com/torvalds/linux/commit/350be257ea83029daee974c72b1fe2e6f1f8e615. I did cherry-picked it into your Xenial branch and run small tests - it went well. Can you please apply the latter commit as well to the propose
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Hi Stephen and Pavel, Could you please run a test again with the xenial kernel currently on -proposed? Thank you. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed- xenial'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Successfully tested the patched kernel for Xenial with xfstests and cthon test suites. $ uname -a Linux ubuntu-vm 4.4.0-53-generic #74~lp1670508 SMP Wed Jun 21 19:42:04 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Hi, Stephen. There has been a rebase. We are going to include it in the -proposed kernel, but will not think twice before reverting them, in case any issue occurs, or that kernel is not verified. We have given this build to get this tested before applying it. It's unfortunate no test has been done. The need for this has been discussed in the mailing list as well. Regards. Cascardo. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Hi Joseph, We've tested your previous Xenial test kernel from comment #5. Have there been any changes that we need to test again, or can we test when the kernel moves to proposed? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
A new xenial test kernel has been built and uploaded to: http://kernel.ubuntu.com/~jsalisbury/lp1670508/ -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
This bug was fixed in the package linux - 4.8.0-54.57 --- linux (4.8.0-54.57) yakkety; urgency=low * linux: 4.8.0-54.57 -proposed tracker (LP: #1692589) * CVE-2017-0605 - tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline() * Populating Hyper-V MSR for Ubuntu 13.10 (LP: #1193172) - SAUCE: (no-up) hv: Supply vendor ID and package ABI * [Hyper-V] Implement Hyper-V PTP Source (LP: #1676635) - hv: allocate synic pages for all present CPUs - hv: init percpu_list in hv_synic_alloc() - Drivers: hv: vmbus: Prevent sending data on a rescinded channel - hv: switch to cpuhp state machine for synic init/cleanup - hv: make CPU offlining prevention fine-grained - Drivers: hv: vmbus: Fix a rescind handling bug - Drivers: hv: util: kvp: Fix a rescind processing issue - Drivers: hv: util: Fcopy: Fix a rescind processing issue - Drivers: hv: util: Backup: Fix a rescind processing issue - Drivers: hv: vmbus: Move the definition of hv_x64_msr_hypercall_contents - Drivers: hv: vmbus: Move the definition of generate_guest_id() - Revert "UBUNTU: SAUCE: (no-up) hv: Supply vendor ID and package ABI" - Drivers: hv vmbus: Move Hypercall page setup out of common code - Drivers: hv: vmbus: Move Hypercall invocation code out of common code - Drivers: hv: vmbus: Consolidate all Hyper-V specific clocksource code - Drivers: hv: vmbus: Move the extracting of Hypervisor version information - Drivers: hv: vmbus: Move the crash notification function - Drivers: hv: vmbus: Move the check for hypercall page setup - Drivers: hv: vmbus: Move the code to signal end of message - Drivers: hv: vmbus: Restructure the clockevents code - Drivers: hv: util: Use hv_get_current_tick() to get current tick - Drivers: hv: vmbus: Get rid of an unsused variable - Drivers: hv: vmbus: Define APIs to manipulate the message page - Drivers: hv: vmbus: Define APIs to manipulate the event page - Drivers: hv: vmbus: Define APIs to manipulate the synthetic interrupt controller - Drivers: hv: vmbus: Define an API to retrieve virtual processor index - Drivers: hv: vmbus: Define an APIs to manage interrupt state - Drivers: hv: vmbus: Cleanup hyperv_vmbus.h - hv_util: switch to using timespec64 - Drivers: hv: restore hypervcall page cleanup before kexec - Drivers: hv: restore TSC page cleanup before kexec - Drivers: hv: balloon: add a fall through comment to hv_memory_notifier() - Drivers: hv: vmbus: Use all supported IC versions to negotiate - Drivers: hv: Log the negotiated IC versions. - Drivers: hv: Fix the bug in generating the guest ID - hv: export current Hyper-V clocksource - hv_utils: implement Hyper-V PTP source - SAUCE: (no-up) hv: Supply vendor ID and package ABI * CIFS: Enable encryption for SMB3 (LP: #1670508) - SMB3: Add mount parameter to allow user to override max credits - SMB2: Separate Kerberos authentication from SMB2_sess_setup - SMB2: Separate RawNTLMSSP authentication from SMB2_sess_setup - SMB3: parsing for new snapshot timestamp mount parm - cifs: Simplify SMB2 and SMB311 dependencies - cifs: Only select the required crypto modules - cifs: Add soft dependencies - CIFS: Separate SMB2 header structure - CIFS: Make SendReceive2() takes resp iov - CIFS: Make send_cancel take rqst as argument - CIFS: Send RFC1001 length in a separate iov - CIFS: Separate SMB2 sync header processing - CIFS: Separate RFC1001 length processing for SMB2 read - CIFS: Add capability to transform requests before sending - CIFS: Enable encryption during session setup phase - CIFS: Encrypt SMB3 requests before sending - CIFS: Add transform header handling callbacks - CIFS: Add mid handle callback - CIFS: Add copy into pages callback for a read operation - CIFS: Decrypt and process small encrypted packets - CIFS: Add capability to decrypt big read responses - CIFS: Allow to switch on encryption with seal mount option - CIFS: Fix possible use after free in demultiplex thread * APST quirk needed for Samsung 512GB NVMe drive (LP: #1678184) - nvme: Adjust the Samsung APST quirk - nvme: Quirk APST off on "THNSF5256GPUK TOSHIBA" -- Kleber Sacilotto de Souza Mon, 22 May 2017 18:56:12 +0200 ** Changed in: linux (Ubuntu Yakkety) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-0605 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Released Status in linux source package in Zesty: Fix Released Bug descript
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Thank you, pshilovsky! ** Tags removed: verification-needed-yakkety ** Tags added: verification-done-yakkety -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Committed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Successfully tested the patched kernel for Xenial with xfstests and cthon test suites. $ uname -a Linux ubuntu-vm 4.8.0-54-generic #57-Ubuntu SMP Wed May 24 10:21:44 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Committed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- yakkety' to 'verification-done-yakkety'. If the problem still exists, change the tag 'verification-needed-yakkety' to 'verification-failed- yakkety'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-yakkety -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Committed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Changed in: linux (Ubuntu Yakkety) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: Fix Committed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Successfully tested the patched kernel for Xenial with xfstests and cthon test suites. $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 16.04.2 LTS Release:16.04 Codename: xenial $ uname -a Linux ubuntu-vm 4.4.0-71-generic #92~lp1670508 SMP Fri Mar 24 19:02:19 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Another test: Xenial test kernel on Ubuntu 14.04 (with HWE): root@u1404:~# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty root@u1404:~# uname -a Linux u1404 4.4.0-71-generic #92~lp1670508 SMP Fri Mar 24 19:02:19 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux Encrypted SMB mount is successful => bug for this configuration resolved. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
I tested the Yakkety test kernel on Ubuntu 16.04 (with HWE): root@u1604:/tmp/mnt# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 16.04.2 LTS Release:16.04 Codename: xenial root@u1604:/tmp/mnt# uname -a Linux u1604 4.8.0-44-generic #47~lp1670508 SMP Fri Mar 24 19:45:44 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I was able to perform an encrypted SMB mount successfully => bug for this configuration resolved. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
I built a Yakkety and a Xenial test kernel with the requested cifs commits. The following prereq commits were required: 8b217fe7fcad Prereq for X and Y - v4.10-rc1~9^2~9 166cea4dc3a4 Prereq for X and Y - v4.9-rc1~6^2~4 3baf1a7b9215 Prereq for X and Y - v4.9-rc1~6^2~5 141891f4727c Prereq for X and Y - v4.9-rc1~6^2~10 4214ebf46547 Prereq for X - v4.8-rc7~9^2~2 a6137305a8c4 Prereq for X - v4.7-rc1~145^2~1 71335664c38f Prereq for X - v4.7-rc1~145^2 09aab880f7c5 Prereq for X - v4.7-rc1~145^2~2 16c568efff82 Prereq for X - v4.7-rc1~145^2~4 2da62906b1e2 Prereq for X - v4.7-rc1~145^2~5 373512ec5c10 Prereq for X - v4.5-rc1~6^2~2 adfeb3e00e8e Prereq for X - v4.5-rc1~6^2~4 The test kernels can be downloaded from: Xenial: http://kernel.ubuntu.com/~jsalisbury/lp1670508/xenial Yakkety: http://kernel.ubuntu.com/~jsalisbury/lp1670508/yakkety Can these kernels be tested to see if they resolve this bug? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) ** Changed in: linux (Ubuntu Yakkety) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) ** Changed in: linux (Ubuntu Yakkety) Status: Confirmed => In Progress ** Changed in: linux (Ubuntu Xenial) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Medium ** Tags added: kernel-da-key kernel-hyper-v -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Confirmed Status in linux source package in Yakkety: Confirmed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Changed in: linux (Ubuntu Yakkety) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Confirmed Status in linux source package in Yakkety: Confirmed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux (Ubuntu Xenial) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Confirmed Status in linux source package in Yakkety: Confirmed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Also affects: linux (Ubuntu Yakkety) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Confirmed Status in linux source package in Yakkety: Confirmed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Changed in: linux (Ubuntu Zesty) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Yakkety) Importance: Undecided => Medium -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Confirmed Status in linux source package in Yakkety: Confirmed Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
This bug was fixed in the package linux - 4.10.0-13.15 --- linux (4.10.0-13.15) zesty; urgency=low [ Tim Gardner ] * Release Tracking Bug - LP: #1671614 * ehci-platform needed in usb-modules udeb (LP: #1671589) - d-i: add ehci-platform to usb-modules * irqchip/gic-v3-its: Enable cacheable attribute Read-allocate hints (LP: #1671598) - irqchip/gic-v3-its: Enable cacheable attribute Read-allocate hints * iommu: Fix static checker warning in iommu_insert_device_resv_regions (LP: #1671599) - iommu: Fix static checker warning in iommu_insert_device_resv_regions * QDF2400: Fix panic introduced by erratum 1003 (LP: #1671602) - arm64: Avoid clobbering mm in erratum workaround on QDF2400 * QDF2400 PCI ports require ACS quirk (LP: #1671601) - PCI: Add ACS quirk for Qualcomm QDF2400 and QDF2432 * tty: pl011: Work around QDF2400 E44 stuck BUSY bit (LP: #1671600) - tty: pl011: Work around QDF2400 E44 stuck BUSY bit * CVE-2017-2636 - tty: n_hdlc: get rid of racy n_hdlc.tbuf * Sync virtualbox to 5.1.16-dfsg-1 in zesty (LP: #1671470) - ubuntu: vbox -- Update to 5.1.16-dfsg-1 -- Tim Gardner Thu, 09 Mar 2017 06:16:24 -0700 ** Changed in: linux (Ubuntu Zesty) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-2636 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: New Status in linux source package in Zesty: Fix Released Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Committed Status in linux source package in Xenial: New Status in linux source package in Zesty: Fix Committed Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
** Also affects: linux (Ubuntu Zesty) Importance: Undecided Status: Confirmed ** Changed in: linux (Ubuntu Zesty) Status: Confirmed => Fix Committed ** Changed in: linux (Ubuntu Zesty) Assignee: (unassigned) => Tim Gardner (timg-tpi) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Fix Committed Status in linux source package in Zesty: Fix Committed Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1670508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1670508] Re: CIFS: Enable encryption for SMB3
No logs needed. Thanks. ** Description changed: There has been work upstream to enable encryption support for SMB3 - connections. This is particularly useful with the Azure Files feature as - encryption is required to connected to an Azure Files storage share from - on-prem or from a different region. + connections. This is a particularly valuable (and commonly requested) + feature with the Azure Files service as encryption is required to + connect to an Azure Files storage share from on-prem or from a different + Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 - CIFS: Allow to switch on encryption with seal mount option + CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules Commit 3692304bba6164be3810afd41b84ecb0e1e41db1 cifs: Simplify SMB2 and SMB311 dependencies Commit c1ecea87471bbb614f8121e00e5787f363140365 ** Changed in: linux (Ubuntu) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1670508 Title: CIFS: Enable encryption for SMB3 Status in linux package in Ubuntu: Confirmed Bug description: There has been work upstream to enable encryption support for SMB3 connections. This is a particularly valuable (and commonly requested) feature with the Azure Files service as encryption is required to connect to an Azure Files storage share from on-prem or from a different Azure region. The relevant commits are as follows: CIFS: Fix possible use after free in demultiplex thread Commit 61cfac6f267dabcf2740a7ec8a0295833b28b5f5 CIFS: Allow to switch on encryption with seal mount option Commit ae6f8dd4d0c87bfb72da9d9b56342adf53e69c31 CIFS: Add capability to decrypt big read responses Commit c42a6abe3012832a68a371dabe17c2ced97e62ad CIFS: Decrypt and process small encrypted packets Commit 4326ed2f6a16ae9d33e4209b540dc9a371aba840 CIFS: Add copy into pages callback for a read operation Commit d70b9104b1ca586f73aaf59426756cec3325a40e CIFS: Add mid handle callback Commit 9b7c18a2d4b798963ea80f6769701dcc4c24b55e CIFS: Add transform header handling callbacks Commit 9bb17e0916a03ab901fb684e874d77a1e96b3d1e CIFS: Encrypt SMB3 requests before sending Commit 026e93dc0a3eefb0be060bcb9ecd8d7a7fd5c398 CIFS: Enable encryption during session setup phase Commit cabfb3680f78981d26c078a26e5c748531257ebb CIFS: Add capability to transform requests before sending Commit 7fb8986e7449d0a5cebd84d059927afa423fbf85 CIFS: Separate RFC1001 length processing for SMB2 read Commit b8f57ee8aad414a3122bff72d7968a94baacb9b6 CIFS: Separate SMB2 sync header processing Commit cb200bd6264a80c04e09e8635fa4f3901cabdaef CIFS: Send RFC1001 length in a separate iov Commit 738f9de5cdb9175c19d24cfdf90b4543fc3b47bf CIFS: Make send_cancel take rqst as argument Commit fb2036d817584df42504910fe104f68517e8990e CIFS: Make SendReceive2() takes resp iov Commit da502f7df03d2d0b416775f92ae022f3f82bedd5 CIFS: Separate SMB2 header structure Commit 31473fc4f9653b73750d3792ffce6a6e1bdf0da7 cifs: Add soft dependencies Commit b9be76d585d48cb25af8db0d35e1ef9030fbe13a cifs: Only select the required crypto modules