Commit 9717d534 authored by Linus Torvalds's avatar Linus Torvalds

Merge tag 'v6.12-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd

Pull smb server fixes from Steve French:

 - fix querying dentry for char/block special files

 - small cleanup patches

* tag 'v6.12-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd:
  ksmbd: Correct typos in multiple comments across various files
  ksmbd: fix open failure from block and char device file
  ksmbd: remove unsafe_memcpy use in session setup
  ksmbd: Replace one-element arrays with flexible-array members
  ksmbd: fix warning: comparison of distinct pointer types lacks a cast
parents f04ff5a0 9e676e57
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
* Note that, due to trying to use names similar to the protocol specifications, * Note that, due to trying to use names similar to the protocol specifications,
* there are many mixed case field names in the structures below. Although * there are many mixed case field names in the structures below. Although
* this does not match typical Linux kernel style, it is necessary to be * this does not match typical Linux kernel style, it is necessary to be
* able to match against the protocol specfication. * able to match against the protocol specification.
* *
* SMB2 commands * SMB2 commands
* Some commands have minimal (wct=0,bcc=0), or uninteresting, responses * Some commands have minimal (wct=0,bcc=0), or uninteresting, responses
...@@ -491,7 +491,7 @@ struct smb2_encryption_neg_context { ...@@ -491,7 +491,7 @@ struct smb2_encryption_neg_context {
__le16 ContextType; /* 2 */ __le16 ContextType; /* 2 */
__le16 DataLength; __le16 DataLength;
__le32 Reserved; __le32 Reserved;
/* CipherCount usally 2, but can be 3 when AES256-GCM enabled */ /* CipherCount usually 2, but can be 3 when AES256-GCM enabled */
__le16 CipherCount; /* AES128-GCM and AES128-CCM by default */ __le16 CipherCount; /* AES128-GCM and AES128-CCM by default */
__le16 Ciphers[]; __le16 Ciphers[];
} __packed; } __packed;
...@@ -1061,7 +1061,7 @@ struct smb2_server_client_notification { ...@@ -1061,7 +1061,7 @@ struct smb2_server_client_notification {
#define IL_IMPERSONATION cpu_to_le32(0x00000002) #define IL_IMPERSONATION cpu_to_le32(0x00000002)
#define IL_DELEGATE cpu_to_le32(0x00000003) #define IL_DELEGATE cpu_to_le32(0x00000003)
/* File Attrubutes */ /* File Attributes */
#define FILE_ATTRIBUTE_READONLY 0x00000001 #define FILE_ATTRIBUTE_READONLY 0x00000001
#define FILE_ATTRIBUTE_HIDDEN 0x00000002 #define FILE_ATTRIBUTE_HIDDEN 0x00000002
#define FILE_ATTRIBUTE_SYSTEM 0x00000004 #define FILE_ATTRIBUTE_SYSTEM 0x00000004
......
...@@ -25,7 +25,7 @@ DECLARE_RWSEM(conn_list_lock); ...@@ -25,7 +25,7 @@ DECLARE_RWSEM(conn_list_lock);
/** /**
* ksmbd_conn_free() - free resources of the connection instance * ksmbd_conn_free() - free resources of the connection instance
* *
* @conn: connection instance to be cleand up * @conn: connection instance to be cleaned up
* *
* During the thread termination, the corresponding conn instance * During the thread termination, the corresponding conn instance
* resources(sock/memory) are released and finally the conn object is freed. * resources(sock/memory) are released and finally the conn object is freed.
......
...@@ -213,7 +213,7 @@ struct ksmbd_tree_connect_response { ...@@ -213,7 +213,7 @@ struct ksmbd_tree_connect_response {
}; };
/* /*
* IPC Request struture to disconnect tree connection. * IPC Request structure to disconnect tree connection.
*/ */
struct ksmbd_tree_disconnect_request { struct ksmbd_tree_disconnect_request {
__u64 session_id; /* session id */ __u64 session_id; /* session id */
......
...@@ -796,7 +796,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk) ...@@ -796,7 +796,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
/** /**
* smb2_lease_break_noti() - break lease when a new client request * smb2_lease_break_noti() - break lease when a new client request
* write lease * write lease
* @opinfo: conains lease state information * @opinfo: contains lease state information
* *
* Return: 0 on success, otherwise error * Return: 0 on success, otherwise error
*/ */
...@@ -1484,7 +1484,7 @@ void create_lease_buf(u8 *rbuf, struct lease *lease) ...@@ -1484,7 +1484,7 @@ void create_lease_buf(u8 *rbuf, struct lease *lease)
} }
/** /**
* parse_lease_state() - parse lease context containted in file open request * parse_lease_state() - parse lease context contained in file open request
* @open_req: buffer containing smb2 file open(create) request * @open_req: buffer containing smb2 file open(create) request
* *
* Return: allocated lease context object on success, otherwise NULL * Return: allocated lease context object on success, otherwise NULL
......
...@@ -279,7 +279,7 @@ static void handle_ksmbd_work(struct work_struct *wk) ...@@ -279,7 +279,7 @@ static void handle_ksmbd_work(struct work_struct *wk)
/** /**
* queue_ksmbd_work() - queue a smb request to worker thread queue * queue_ksmbd_work() - queue a smb request to worker thread queue
* for proccessing smb command and sending response * for processing smb command and sending response
* @conn: connection instance * @conn: connection instance
* *
* read remaining data from socket create and submit work. * read remaining data from socket create and submit work.
......
...@@ -1335,8 +1335,7 @@ static int ntlm_negotiate(struct ksmbd_work *work, ...@@ -1335,8 +1335,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
return rc; return rc;
sz = le16_to_cpu(rsp->SecurityBufferOffset); sz = le16_to_cpu(rsp->SecurityBufferOffset);
chgblob = chgblob = (struct challenge_message *)rsp->Buffer;
(struct challenge_message *)((char *)&rsp->hdr.ProtocolId + sz);
memset(chgblob, 0, sizeof(struct challenge_message)); memset(chgblob, 0, sizeof(struct challenge_message));
if (!work->conn->use_spnego) { if (!work->conn->use_spnego) {
...@@ -1369,9 +1368,7 @@ static int ntlm_negotiate(struct ksmbd_work *work, ...@@ -1369,9 +1368,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
goto out; goto out;
} }
sz = le16_to_cpu(rsp->SecurityBufferOffset); memcpy(rsp->Buffer, spnego_blob, spnego_blob_len);
unsafe_memcpy((char *)&rsp->hdr.ProtocolId + sz, spnego_blob, spnego_blob_len,
/* alloc is larger than blob, see smb2_allocate_rsp_buf() */);
rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len); rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len);
out: out:
...@@ -1453,10 +1450,7 @@ static int ntlm_authenticate(struct ksmbd_work *work, ...@@ -1453,10 +1450,7 @@ static int ntlm_authenticate(struct ksmbd_work *work,
if (rc) if (rc)
return -ENOMEM; return -ENOMEM;
sz = le16_to_cpu(rsp->SecurityBufferOffset); memcpy(rsp->Buffer, spnego_blob, spnego_blob_len);
unsafe_memcpy((char *)&rsp->hdr.ProtocolId + sz, spnego_blob,
spnego_blob_len,
/* alloc is larger than blob, see smb2_allocate_rsp_buf() */);
rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len); rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len);
kfree(spnego_blob); kfree(spnego_blob);
} }
...@@ -2058,18 +2052,20 @@ int smb2_tree_connect(struct ksmbd_work *work) ...@@ -2058,18 +2052,20 @@ int smb2_tree_connect(struct ksmbd_work *work)
* @access: file access flags * @access: file access flags
* @disposition: file disposition flags * @disposition: file disposition flags
* @may_flags: set with MAY_ flags * @may_flags: set with MAY_ flags
* @is_dir: is creating open flags for directory * @coptions: file creation options
* @mode: file mode
* *
* Return: file open flags * Return: file open flags
*/ */
static int smb2_create_open_flags(bool file_present, __le32 access, static int smb2_create_open_flags(bool file_present, __le32 access,
__le32 disposition, __le32 disposition,
int *may_flags, int *may_flags,
bool is_dir) __le32 coptions,
umode_t mode)
{ {
int oflags = O_NONBLOCK | O_LARGEFILE; int oflags = O_NONBLOCK | O_LARGEFILE;
if (is_dir) { if (coptions & FILE_DIRECTORY_FILE_LE || S_ISDIR(mode)) {
access &= ~FILE_WRITE_DESIRE_ACCESS_LE; access &= ~FILE_WRITE_DESIRE_ACCESS_LE;
ksmbd_debug(SMB, "Discard write access to a directory\n"); ksmbd_debug(SMB, "Discard write access to a directory\n");
} }
...@@ -2086,7 +2082,7 @@ static int smb2_create_open_flags(bool file_present, __le32 access, ...@@ -2086,7 +2082,7 @@ static int smb2_create_open_flags(bool file_present, __le32 access,
*may_flags = MAY_OPEN | MAY_READ; *may_flags = MAY_OPEN | MAY_READ;
} }
if (access == FILE_READ_ATTRIBUTES_LE) if (access == FILE_READ_ATTRIBUTES_LE || S_ISBLK(mode) || S_ISCHR(mode))
oflags |= O_PATH; oflags |= O_PATH;
if (file_present) { if (file_present) {
...@@ -3181,8 +3177,8 @@ int smb2_open(struct ksmbd_work *work) ...@@ -3181,8 +3177,8 @@ int smb2_open(struct ksmbd_work *work)
open_flags = smb2_create_open_flags(file_present, daccess, open_flags = smb2_create_open_flags(file_present, daccess,
req->CreateDisposition, req->CreateDisposition,
&may_flags, &may_flags,
req->CreateOptions & FILE_DIRECTORY_FILE_LE || req->CreateOptions,
(file_present && S_ISDIR(d_inode(path.dentry)->i_mode))); file_present ? d_inode(path.dentry)->i_mode : 0);
if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
if (open_flags & (O_CREAT | O_TRUNC)) { if (open_flags & (O_CREAT | O_TRUNC)) {
...@@ -3531,7 +3527,8 @@ int smb2_open(struct ksmbd_work *work) ...@@ -3531,7 +3527,8 @@ int smb2_open(struct ksmbd_work *work)
memcpy(fp->create_guid, dh_info.CreateGuid, memcpy(fp->create_guid, dh_info.CreateGuid,
SMB2_CREATE_GUID_SIZE); SMB2_CREATE_GUID_SIZE);
if (dh_info.timeout) if (dh_info.timeout)
fp->durable_timeout = min(dh_info.timeout, fp->durable_timeout =
min_t(unsigned int, dh_info.timeout,
DURABLE_HANDLE_MAX_TIMEOUT); DURABLE_HANDLE_MAX_TIMEOUT);
else else
fp->durable_timeout = 60; fp->durable_timeout = 60;
...@@ -4586,7 +4583,7 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp, ...@@ -4586,7 +4583,7 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
path = &fp->filp->f_path; path = &fp->filp->f_path;
/* single EA entry is requested with given user.* name */ /* single EA entry is requested with given user.* name */
if (req->InputBufferLength) { if (req->InputBufferLength) {
if (le32_to_cpu(req->InputBufferLength) < if (le32_to_cpu(req->InputBufferLength) <=
sizeof(struct smb2_ea_info_req)) sizeof(struct smb2_ea_info_req))
return -EINVAL; return -EINVAL;
...@@ -8090,7 +8087,7 @@ int smb2_ioctl(struct ksmbd_work *work) ...@@ -8090,7 +8087,7 @@ int smb2_ioctl(struct ksmbd_work *work)
goto out; goto out;
} }
if (in_buf_len < sizeof(struct copychunk_ioctl_req)) { if (in_buf_len <= sizeof(struct copychunk_ioctl_req)) {
ret = -EINVAL; ret = -EINVAL;
goto out; goto out;
} }
......
...@@ -194,7 +194,7 @@ struct copychunk_ioctl_req { ...@@ -194,7 +194,7 @@ struct copychunk_ioctl_req {
__le64 ResumeKey[3]; __le64 ResumeKey[3];
__le32 ChunkCount; __le32 ChunkCount;
__le32 Reserved; __le32 Reserved;
__u8 Chunks[1]; /* array of srv_copychunk */ __u8 Chunks[]; /* array of srv_copychunk */
} __packed; } __packed;
struct srv_copychunk { struct srv_copychunk {
...@@ -370,7 +370,7 @@ struct smb2_file_attr_tag_info { ...@@ -370,7 +370,7 @@ struct smb2_file_attr_tag_info {
struct smb2_ea_info_req { struct smb2_ea_info_req {
__le32 NextEntryOffset; __le32 NextEntryOffset;
__u8 EaNameLength; __u8 EaNameLength;
char name[1]; char name[];
} __packed; /* level 15 Query */ } __packed; /* level 15 Query */
struct smb2_ea_info { struct smb2_ea_info {
......
...@@ -488,7 +488,7 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level, ...@@ -488,7 +488,7 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
* @shortname: destination short filename * @shortname: destination short filename
* *
* Return: shortname length or 0 when source long name is '.' or '..' * Return: shortname length or 0 when source long name is '.' or '..'
* TODO: Though this function comforms the restriction of 8.3 Filename spec, * TODO: Though this function conforms the restriction of 8.3 Filename spec,
* but the result is different with Windows 7's one. need to check. * but the result is different with Windows 7's one. need to check.
*/ */
int ksmbd_extract_shortname(struct ksmbd_conn *conn, const char *longname, int ksmbd_extract_shortname(struct ksmbd_conn *conn, const char *longname,
......
...@@ -100,8 +100,8 @@ struct ksmbd_file { ...@@ -100,8 +100,8 @@ struct ksmbd_file {
struct list_head blocked_works; struct list_head blocked_works;
struct list_head lock_list; struct list_head lock_list;
int durable_timeout; unsigned int durable_timeout;
int durable_scavenger_timeout; unsigned int durable_scavenger_timeout;
/* if ls is happening on directory, below is valid*/ /* if ls is happening on directory, below is valid*/
struct ksmbd_readdir_data readdir_data; struct ksmbd_readdir_data readdir_data;
......
...@@ -99,7 +99,7 @@ struct xattr_ntacl { ...@@ -99,7 +99,7 @@ struct xattr_ntacl {
__u8 posix_acl_hash[XATTR_SD_HASH_SIZE]; /* 64bytes hash for posix acl */ __u8 posix_acl_hash[XATTR_SD_HASH_SIZE]; /* 64bytes hash for posix acl */
}; };
/* DOS ATTRIBUITE XATTR PREFIX */ /* DOS ATTRIBUTE XATTR PREFIX */
#define DOS_ATTRIBUTE_PREFIX "DOSATTRIB" #define DOS_ATTRIBUTE_PREFIX "DOSATTRIB"
#define DOS_ATTRIBUTE_PREFIX_LEN (sizeof(DOS_ATTRIBUTE_PREFIX) - 1) #define DOS_ATTRIBUTE_PREFIX_LEN (sizeof(DOS_ATTRIBUTE_PREFIX) - 1)
#define XATTR_NAME_DOS_ATTRIBUTE (XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX) #define XATTR_NAME_DOS_ATTRIBUTE (XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment