lwn.git/fs/cifs, branch standardize-docs

cifs: Clean up unused variables in smb2pdu.c

2017-07-10T04:38:00+00:00

There are multiple unused variables struct TCP_Server_Info *server defined in many methods in smb2pdu.c. They should be removed and related logic simplified. Signed-off-by: Christos Gkekas Signed-off-by: Steve French

[SMB3] Improve security, move default dialect to SMB3 from old CIFS

2017-07-08T23:59:42+00:00

Due to recent publicity about security vulnerabilities in the much older CIFS dialect, move the default dialect to the widely accepted (and quite secure) SMB3.0 dialect from the old default of the CIFS dialect. We do not want to be encouraging use of less secure dialects, and both Microsoft and CERT now strongly recommend not using the older CIFS dialect (SMB Security Best Practices "recommends disabling SMBv1"). SMB3 is both secure and widely available: in Windows 8 and later, Samba and Macs. Users can still choose to explicitly mount with the less secure dialect (for old servers) by choosing "vers=1.0" on the cifs mount Signed-off-by: Steve French Reviewed-by: Pavel Shilovsky

[SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred

2017-07-08T23:57:07+00:00

Remove the CONFIG_CIFS_SMB2 ifdef and Kconfig option since they must always be on now. For various security reasons, SMB3 and later are STRONGLY preferred over CIFS and older dialects, and SMB3 (and later) will now be the default dialects so we do not want to allow them to be ifdeffed out. In the longer term, we may be able to make older CIFS support disableable in Kconfig with a new set of #ifdef, but we always want SMB3 and later support enabled. Signed-off-by: Steven French Reviewed-by: Pavel Shilovsky

CIFS: Reconnect expired SMB sessions

2017-07-08T22:23:10+00:00

According to the MS-SMB2 spec (3.2.5.1.6) once the client receives STATUS_NETWORK_SESSION_EXPIRED error code from a server it should reconnect the current SMB session. Currently the client doesn't do that. This can result in subsequent client requests failing by the server. The patch adds an additional logic to the demultiplex thread to identify expired sessions and reconnect them. Cc: Signed-off-by: Pavel Shilovsky Signed-off-by: Steve French

CIFS: Display SMB2 error codes in the hex format

2017-07-08T22:23:10+00:00

Signed-off-by: Pavel Shilovsky Signed-off-by: Steve French

cifs: Use smb 2 - 3 and cifsacl mount options setacl function

2017-07-08T22:23:10+00:00

Added set acl function. Very similar to set cifs acl function for smb1. Signed-off-by: Shirish Pargaonkar Signed-off-by: Steve French Reviewed-by: Pavel Shilovsky

cifs: prototype declaration and definition to set acl for smb 2 - 3 and cifsacl mount options

2017-07-08T20:08:38+00:00

Modified current set info function to accommodate multiple info types and additional information. Added cifs acl specific function to invoke set info functionality. Signed-off-by: Shirish Pargaonkar Signed-off-by: Steve French Reviewed-by: Pavel Shilovsky

Merge tag 'cifs-bug-fixes-for-4.13' of git://git.samba.org/sfrench/cifs-2.6

2017-07-08T00:44:36+00:00

Pull cifs fixes from Steve French: "First set of CIFS/SMB3 fixes for the merge window. Also improves POSIX character mapping for SMB3" * tag 'cifs-bug-fixes-for-4.13' of git://git.samba.org/sfrench/cifs-2.6: CIFS: fix circular locking dependency cifs: set oparms.create_options rather than or'ing in CREATE_OPEN_BACKUP_INTENT cifs: Do not modify mid entry after submitting I/O in cifs_call_async CIFS: add SFM mapping for 0x01-0x1F cifs: hide unused functions cifs: Use smb 2 - 3 and cifsacl mount options getacl functions cifs: prototype declaration and definition for smb 2 - 3 and cifsacl mount options CIFS: add CONFIG_CIFS_DEBUG_KEYS to dump encryption keys cifs: set mapping error when page writeback fails in writepage or launder_pages SMB3: Enable encryption for SMB3.1.1

CIFS: fix circular locking dependency

2017-07-06T01:08:39+00:00

When a CIFS filesystem is mounted with the forcemand option and the following command is run on it, lockdep warns about a circular locking dependency between CifsInodeInfo::lock_sem and the inode lock. while echo foo > hello; do :; done & while touch -c hello; do :; done cifs_writev() takes the locks in the wrong order, but note that we can't only flip the order around because it releases the inode lock before the call to generic_write_sync() while it holds the lock_sem across that call. But, AFAICS, there is no need to hold the CifsInodeInfo::lock_sem across the generic_write_sync() call either, so we can release both the locks before generic_write_sync(), and change the order. ====================================================== WARNING: possible circular locking dependency detected 4.12.0-rc7+ #9 Not tainted ------------------------------------------------------ touch/487 is trying to acquire lock: (&cifsi->lock_sem){++++..}, at: cifsFileInfo_put+0x88f/0x16a0 but task is already holding lock: (&sb->s_type->i_mutex_key#11){+.+.+.}, at: utimes_common+0x3ad/0x870 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&sb->s_type->i_mutex_key#11){+.+.+.}: __lock_acquire+0x1f74/0x38f0 lock_acquire+0x1cc/0x600 down_write+0x74/0x110 cifs_strict_writev+0x3cb/0x8c0 __vfs_write+0x4c1/0x930 vfs_write+0x14c/0x2d0 SyS_write+0xf7/0x240 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #0 (&cifsi->lock_sem){++++..}: check_prevs_add+0xfa0/0x1d10 __lock_acquire+0x1f74/0x38f0 lock_acquire+0x1cc/0x600 down_write+0x74/0x110 cifsFileInfo_put+0x88f/0x16a0 cifs_setattr+0x992/0x1680 notify_change+0x61a/0xa80 utimes_common+0x3d4/0x870 do_utimes+0x1c1/0x220 SyS_utimensat+0x84/0x1a0 entry_SYSCALL_64_fastpath+0x1f/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&sb->s_type->i_mutex_key#11); lock(&cifsi->lock_sem); lock(&sb->s_type->i_mutex_key#11); lock(&cifsi->lock_sem); *** DEADLOCK *** 2 locks held by touch/487: #0: (sb_writers#10){.+.+.+}, at: mnt_want_write+0x41/0xb0 #1: (&sb->s_type->i_mutex_key#11){+.+.+.}, at: utimes_common+0x3ad/0x870 stack backtrace: CPU: 0 PID: 487 Comm: touch Not tainted 4.12.0-rc7+ #9 Call Trace: dump_stack+0xdb/0x185 print_circular_bug+0x45b/0x790 __lock_acquire+0x1f74/0x38f0 lock_acquire+0x1cc/0x600 down_write+0x74/0x110 cifsFileInfo_put+0x88f/0x16a0 cifs_setattr+0x992/0x1680 notify_change+0x61a/0xa80 utimes_common+0x3d4/0x870 do_utimes+0x1c1/0x220 SyS_utimensat+0x84/0x1a0 entry_SYSCALL_64_fastpath+0x1f/0xbe Fixes: 19dfc1f5f2ef03a52 ("cifs: fix the race in cifs_writev()") Signed-off-by: Rabin Vincent Signed-off-by: Steve French Acked-by: Pavel Shilovsky

cifs: set oparms.create_options rather than or'ing in CREATE_OPEN_BACKUP_INTENT

2017-07-06T01:01:22+00:00

Currently oparms.create_options is uninitialized and the code is logically or'ing in CREATE_OPEN_BACKUP_INTENT onto a garbage value of oparms.create_options from the stack. Fix this by just setting the value rather than or'ing in the setting. Detected by CoverityScan, CID#1447220 ("Unitialized scale value") Signed-off-by: Colin Ian King Signed-off-by: Steve French Reviewed-by: Pavel Shilovsky