Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cac26428 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag '4.17-rc2-smb3' of git://git.samba.org/sfrench/cifs-2.6 

Pull cifs fixes from Steve French:
 "A few security related fixes for SMB3, most importantly for SMB3.11
  encryption"

* tag '4.17-rc2-smb3' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: smbd: Avoid allocating iov on the stack
  cifs: smbd: Don't use RDMA read/write when signing is used
  SMB311: Fix reconnect
  SMB3: Fix 3.11 encryption to Windows and handle encrypted smb3 tcon
  CIFS: set *resp_buf_type to NO_BUFFER on error
parents 0d95cfa9 8bcda1d2

fs/cifs/cifssmb.c

+3 −0
Original line number Diff line number Diff line
@@ -455,6 +455,9 @@ cifs_enable_signing(struct TCP_Server_Info *server, bool mnt_sign_required) 
		server->sign = true;

	}



	if (cifs_rdma_enabled(server) && server->sign)

		cifs_dbg(VFS, "Signing is enabled, and RDMA read/write will be disabled");



	return 0;

}

fs/cifs/connect.c

+16 −16
Original line number Diff line number Diff line
@@ -2959,6 +2959,22 @@ cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info) 
		}

	}



	if (volume_info->seal) {

		if (ses->server->vals->protocol_id == 0) {

			cifs_dbg(VFS,

				 "SMB3 or later required for encryption\n");

			rc = -EOPNOTSUPP;

			goto out_fail;

		} else if (tcon->ses->server->capabilities &

					SMB2_GLOBAL_CAP_ENCRYPTION)

			tcon->seal = true;

		else {

			cifs_dbg(VFS, "Encryption is not supported on share\n");

			rc = -EOPNOTSUPP;

			goto out_fail;

		}

	}



	/*

	 * BB Do we need to wrap session_mutex around this TCon call and Unix

	 * SetFS as we do on SessSetup and reconnect?
@@ -3007,22 +3023,6 @@ cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info) 
		tcon->use_resilient = true;

	}



	if (volume_info->seal) {

		if (ses->server->vals->protocol_id == 0) {

			cifs_dbg(VFS,

				 "SMB3 or later required for encryption\n");

			rc = -EOPNOTSUPP;

			goto out_fail;

		} else if (tcon->ses->server->capabilities &

					SMB2_GLOBAL_CAP_ENCRYPTION)

			tcon->seal = true;

		else {

			cifs_dbg(VFS, "Encryption is not supported on share\n");

			rc = -EOPNOTSUPP;

			goto out_fail;

		}

	}



	/*

	 * We can have only one retry value for a connection to a share so for

	 * resources mounted more than once to the same server share the last

fs/cifs/smb2ops.c

+14 −4
Original line number Diff line number Diff line
@@ -252,9 +252,14 @@ smb2_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *volume_info) 
	wsize = volume_info->wsize ? volume_info->wsize : CIFS_DEFAULT_IOSIZE;

	wsize = min_t(unsigned int, wsize, server->max_write);

#ifdef CONFIG_CIFS_SMB_DIRECT

	if (server->rdma)

	if (server->rdma) {

		if (server->sign)

			wsize = min_t(unsigned int,

				wsize, server->smbd_conn->max_fragmented_send_size);

		else

			wsize = min_t(unsigned int,

				wsize, server->smbd_conn->max_readwrite_size);

	}

#endif

	if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))

		wsize = min_t(unsigned int, wsize, SMB2_MAX_BUFFER_SIZE);
@@ -272,9 +277,14 @@ smb2_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *volume_info) 
	rsize = volume_info->rsize ? volume_info->rsize : CIFS_DEFAULT_IOSIZE;

	rsize = min_t(unsigned int, rsize, server->max_read);

#ifdef CONFIG_CIFS_SMB_DIRECT

	if (server->rdma)

	if (server->rdma) {

		if (server->sign)

			rsize = min_t(unsigned int,

				rsize, server->smbd_conn->max_fragmented_recv_size);

		else

			rsize = min_t(unsigned int,

				rsize, server->smbd_conn->max_readwrite_size);

	}

#endif



	if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))

fs/cifs/smb2pdu.c

+7 −6
Original line number Diff line number Diff line
@@ -383,10 +383,10 @@ static void 
build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt)

{

	pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES;

	pneg_ctxt->DataLength = cpu_to_le16(6);

	pneg_ctxt->CipherCount = cpu_to_le16(2);

	pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM;

	pneg_ctxt->Ciphers[1] = SMB2_ENCRYPTION_AES128_CCM;

	pneg_ctxt->DataLength = cpu_to_le16(4); /* Cipher Count + le16 cipher */

	pneg_ctxt->CipherCount = cpu_to_le16(1);

/* pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM;*/ /* not supported yet */

	pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_CCM;

}



static void
@@ -444,6 +444,7 @@ static int decode_encrypt_ctx(struct TCP_Server_Info *server, 
		return -EINVAL;

	}

	server->cipher_type = ctxt->Ciphers[0];

	server->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;

	return 0;

}
@@ -2590,7 +2591,7 @@ smb2_new_read_req(void **buf, unsigned int *total_len, 
	 * If we want to do a RDMA write, fill in and append

	 * smbd_buffer_descriptor_v1 to the end of read request

	 */

	if (server->rdma && rdata &&

	if (server->rdma && rdata && !server->sign &&

		rdata->bytes >= server->smbd_conn->rdma_readwrite_threshold) {



		struct smbd_buffer_descriptor_v1 *v1;
@@ -2968,7 +2969,7 @@ smb2_async_writev(struct cifs_writedata *wdata, 
	 * If we want to do a server RDMA read, fill in and append

	 * smbd_buffer_descriptor_v1 to the end of write request

	 */

	if (server->rdma && wdata->bytes >=

	if (server->rdma && !server->sign && wdata->bytes >=

		server->smbd_conn->rdma_readwrite_threshold) {



		struct smbd_buffer_descriptor_v1 *v1;

fs/cifs/smb2pdu.h

+1 −1
Original line number Diff line number Diff line
@@ -297,7 +297,7 @@ struct smb2_encryption_neg_context { 
	__le16	DataLength;

	__le32	Reserved;

	__le16	CipherCount; /* AES-128-GCM and AES-128-CCM */

	__le16	Ciphers[2]; /* Ciphers[0] since only one used now */

	__le16	Ciphers[1]; /* Ciphers[0] since only one used now */

} __packed;



struct smb2_negotiate_rsp {