Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 38107d45 authored by Steve French's avatar Steve French
Browse files

Do not send SMB2 signatures for SMB3 frames 



Restructure code to make SMB2 vs. SMB3 signing a protocol
specific op.  SMB3 signing (AES_CMAC) is not enabled yet,
but this restructuring at least makes sure we don't send
an smb2 signature on an smb3 signed connection. A followon
patch will add AES_CMAC and enable smb3 signing.

Signed-off-by: default avatarSteve French <smfrench@gmail.com>
Acked-by: default avatarJeff Layton <jlayton@samba.org>
parent 1f630680

fs/cifs/cifsglob.h

+3 −1
Original line number Diff line number Diff line
@@ -367,6 +367,8 @@ struct smb_version_operations { 
	void (*set_lease_key)(struct inode *, struct cifs_fid *fid);

	/* generate new lease key */

	void (*new_lease_key)(struct cifs_fid *fid);

	int (*calc_signature)(struct smb_rqst *rqst,

				   struct TCP_Server_Info *server);

};



struct smb_version_values {
@@ -1489,6 +1491,6 @@ extern struct smb_version_values smb20_values; 
extern struct smb_version_operations smb21_operations;

extern struct smb_version_values smb21_values;

#define SMB30_VERSION_STRING	"3.0"

/*extern struct smb_version_operations smb30_operations; */ /* not needed yet */

extern struct smb_version_operations smb30_operations;

extern struct smb_version_values smb30_values;

#endif	/* _CIFS_GLOB_H */

fs/cifs/connect.c

+1 −1
Original line number Diff line number Diff line
@@ -1085,7 +1085,7 @@ cifs_parse_smb_version(char *value, struct smb_vol *vol) 
		vol->vals = &smb21_values;

		break;

	case Smb_30:

		vol->ops = &smb21_operations; /* currently identical with 2.1 */

		vol->ops = &smb30_operations;

		vol->vals = &smb30_values;

		break;

#endif

fs/cifs/smb2ops.c

+68 −0
Original line number Diff line number Diff line
@@ -623,6 +623,74 @@ struct smb_version_operations smb21_operations = { 
	.get_lease_key = smb2_get_lease_key,

	.set_lease_key = smb2_set_lease_key,

	.new_lease_key = smb2_new_lease_key,

	.calc_signature = smb2_calc_signature,

};





struct smb_version_operations smb30_operations = {

	.compare_fids = smb2_compare_fids,

	.setup_request = smb2_setup_request,

	.setup_async_request = smb2_setup_async_request,

	.check_receive = smb2_check_receive,

	.add_credits = smb2_add_credits,

	.set_credits = smb2_set_credits,

	.get_credits_field = smb2_get_credits_field,

	.get_credits = smb2_get_credits,

	.get_next_mid = smb2_get_next_mid,

	.read_data_offset = smb2_read_data_offset,

	.read_data_length = smb2_read_data_length,

	.map_error = map_smb2_to_linux_error,

	.find_mid = smb2_find_mid,

	.check_message = smb2_check_message,

	.dump_detail = smb2_dump_detail,

	.clear_stats = smb2_clear_stats,

	.print_stats = smb2_print_stats,

	.is_oplock_break = smb2_is_valid_oplock_break,

	.need_neg = smb2_need_neg,

	.negotiate = smb2_negotiate,

	.negotiate_wsize = smb2_negotiate_wsize,

	.negotiate_rsize = smb2_negotiate_rsize,

	.sess_setup = SMB2_sess_setup,

	.logoff = SMB2_logoff,

	.tree_connect = SMB2_tcon,

	.tree_disconnect = SMB2_tdis,

	.is_path_accessible = smb2_is_path_accessible,

	.can_echo = smb2_can_echo,

	.echo = SMB2_echo,

	.query_path_info = smb2_query_path_info,

	.get_srv_inum = smb2_get_srv_inum,

	.query_file_info = smb2_query_file_info,

	.set_path_size = smb2_set_path_size,

	.set_file_size = smb2_set_file_size,

	.set_file_info = smb2_set_file_info,

	.mkdir = smb2_mkdir,

	.mkdir_setinfo = smb2_mkdir_setinfo,

	.rmdir = smb2_rmdir,

	.unlink = smb2_unlink,

	.rename = smb2_rename_path,

	.create_hardlink = smb2_create_hardlink,

	.open = smb2_open_file,

	.set_fid = smb2_set_fid,

	.close = smb2_close_file,

	.flush = smb2_flush_file,

	.async_readv = smb2_async_readv,

	.async_writev = smb2_async_writev,

	.sync_read = smb2_sync_read,

	.sync_write = smb2_sync_write,

	.query_dir_first = smb2_query_dir_first,

	.query_dir_next = smb2_query_dir_next,

	.close_dir = smb2_close_dir,

	.calc_smb_size = smb2_calc_size,

	.is_status_pending = smb2_is_status_pending,

	.oplock_response = smb2_oplock_response,

	.queryfs = smb2_queryfs,

	.mand_lock = smb2_mand_lock,

	.mand_unlock_range = smb2_unlock_range,

	.push_mand_locks = smb2_push_mandatory_locks,

	.get_lease_key = smb2_get_lease_key,

	.set_lease_key = smb2_set_lease_key,

	.new_lease_key = smb2_new_lease_key,

	.calc_signature = smb3_calc_signature,

};



struct smb_version_values smb20_values = {

fs/cifs/smb2proto.h

+4 −0
Original line number Diff line number Diff line
@@ -47,6 +47,10 @@ extern struct mid_q_entry *smb2_setup_request(struct cifs_ses *ses, 
			      struct smb_rqst *rqst);

extern struct mid_q_entry *smb2_setup_async_request(

			struct TCP_Server_Info *server, struct smb_rqst *rqst);

extern int smb2_calc_signature(struct smb_rqst *rqst,

				struct TCP_Server_Info *server);

extern int smb3_calc_signature(struct smb_rqst *rqst,

				struct TCP_Server_Info *server);

extern void smb2_echo_request(struct work_struct *work);

extern __le32 smb2_get_lease_state(struct cifsInodeInfo *cinode);

extern __u8 smb2_map_lease_to_oplock(__le32 lease_state);

fs/cifs/smb2transport.c

+10 −3
Original line number Diff line number Diff line
@@ -39,7 +39,7 @@ 
#include "smb2status.h"

#include "smb2glob.h"



static int

int

smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)

{

	int i, rc;
@@ -116,6 +116,13 @@ smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) 
	return rc;

}



int

smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)

{

	cFYI(1, "smb3 signatures not supported yet");

	return -EOPNOTSUPP;

}



/* must be called with server->srv_mutex held */

static int

smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
@@ -132,7 +139,7 @@ smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server) 
		return rc;

	}



	rc = smb2_calc_signature(rqst, server);

	rc = server->ops->calc_signature(rqst, server);



	return rc;

}
@@ -168,7 +175,7 @@ smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) 
	memset(smb2_pdu->Signature, 0, SMB2_SIGNATURE_SIZE);



	mutex_lock(&server->srv_mutex);

	rc = smb2_calc_signature(rqst, server);

	rc = server->ops->calc_signature(rqst, server);

	mutex_unlock(&server->srv_mutex);



	if (rc)