- 22 Jun, 2021 1 commit
-
-
Kees Cook authored
In preparation for FORTIFY_SOURCE performing compile-time and run-time field bounds checking for memcpy(), memmove(), and memset(), avoid intentionally reading across neighboring fields. Instead of using memcpy to read across multiple struct members, just perform per-member assignments as already done for other members. Signed-off-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
Steve French <stfrench@microsoft.com>
-
- 21 Jun, 2021 28 commits
-
-
Steve French authored
Although we may need this in some cases in the future, remove the currently unused, non-compounded version of POSIX query info, SMB11_posix_query_info (instead smb311_posix_query_path_info is now called e.g. when revalidating dentries or retrieving info for getattr) Addresses-Coverity: 1495708 ("Resource leaks") Signed-off-by: -
Steve French authored
We were trying to fill in uninitialized file attributes in the error case. Addresses-Coverity: 139689 ("Uninitialized variables") Signed-off-by: -
Steve French authored
Although in practice this can not occur (since IPv4 and IPv6 are the only two cases currently supported), it is cleaner to avoid uninitialized variable warnings. Addresses smatch warning: fs/cifs/cifs_swn.c:468 cifs_swn_store_swn_addr() error: uninitialized symbol 'port'. Reported-by:
kernel test robot <lkp@intel.com> Reported-by:
Dan Carpenter <dan.carpenter@oracle.com> CC: Samuel Cabrero <scabrero@suse.de> Signed-off-by:
-
Steve French authored
tcon can not be null in SMB2_tcon function so the check is not relevant and removing it makes Coverity happy. Acked-by:
Ronnie Sahlberg <lsahlber@redhat.com> Addresses-Coverity: 13250131 ("Dereference before null check") Signed-off-by:
-
Steve French authored
Add SPDX license identifier and replace license boilerplate. Corrects various checkpatch errors with the older format for noting the LGPL license. Signed-off-by: -
Baokun Li authored
convert list_for_each() to list_for_each_entry() where applicable. Reported-by:
Hulk Robot <hulkci@huawei.com> Signed-off-by:
Baokun Li <libaokun1@huawei.com> Signed-off-by:
-
Baokun Li authored
convert list_for_each() to list_for_each_entry() where applicable. Reported-by:
-
Ronnie Sahlberg authored
In posix_info_parse() we call posix_info_sid_size twice for each of the owner and the group sid. The first time to check that it is valid, i.e. >= 0 and the second time to just pass it in as a length to memcpy(). As this is a pure function we know that it can not be negative the second time and this is technically a false warning in coverity. However, as it is a pure function we are just wasting cycles by calling it a second time. Record the length from the first time we call it and save some cycles as well as make Coverity happy. Addresses-Coverity-ID: 1491379 ("Argument can not be negative") Signed-off-by: -
Thiago Rafael Becker authored
According to the investigation performed by Jacob Shivers at Red Hat, cifs_lookup and cifs_readdir leak EAGAIN when the user session is deleted on the server. Fix this issue by implementing a retry with limits, as is implemented in cifs_revalidate_dentry_attr. Reproducer based on the work by Jacob Shivers: ~~~ $ cat readdir-cifs-test.sh #!/bin/bash # Install and configure powershell and sshd on the windows # server as descibed in # https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_overview # This script uses expect(1) USER=dude SERVER=192.168.0.2 RPATH=root PASS='password' function debug_funcs { for line in $@ ; do echo "func $line +p" > /sys/kernel/debug/dynamic_debug/control done } function setup { echo 1 > /proc/fs/cifs/cifsFYI debug_funcs wait_for_compound_request \ smb2_query_dir_first cifs_readdir \ compound_send_recv cifs_reconnect_tcon \ generic_ip_connect cifs_reconnect \ smb2_reconnect_server smb2_reconnect \ cifs_readv_from_socket cifs_readv_receive tcpdump -i eth0 -w cifs.pcap host 192.168.2.182 & sleep 5 dmesg -C } function test_call { if [[ $1 == 1 ]] ; then tracer="strace -tt -f -s 4096 -o trace-$(date -Iseconds).txt" fi # Change the command here to anything appropriate $tracer ls $2 > /dev/null res=$? if [[ $1 == 1 ]] ; then if [[ $res == 0 ]] ; then 1>&2 echo success else 1>&2 echo "failure ($res)" fi fi } mountpoint /mnt > /dev/null || mount -t cifs -o username=$USER,pass=$PASS //$SERVER/$RPATH /mnt test_call 0 /mnt/ /usr/bin/expect << EOF set timeout 60 spawn ssh $USER@$SERVER expect "yes/no" { send "yes\r" expect "*?assword" { send "$PASS\r" } } "*?assword" { send "$PASS\r" } expect ">" { send "powershell close-smbsession -force\r" } expect ">" { send "exit\r" } expect eof EOF sysctl -w vm.drop_caches=2 > /dev/null sysctl -w vm.drop_caches=2 > /dev/null setup test_call 1 /mnt/ ~~~ Signed-off-by:
Thiago Rafael Becker <trbecker@gmail.com> Acked-by:
-
Paulo Alcantara authored
Interlink is a special type of DFS link that resolves to a different DFS domain-based namespace. To determine whether it is an interlink or not, check if ReferralServers and StorageServers bits are set to 1 and 0 respectively in ReferralHeaderFlags, as specified in MS-DFSC 3.1.5.4.5 Determining Whether a Referral Response is an Interlink. Signed-off-by:
Paulo Alcantara (SUSE) <pc@cjr.nz> Reviewed-by:
Aurelien Aptel <aaptel@suse.com> Signed-off-by:
-
Hyunchul Lee authored
Decode negTokenInit with lib/asn1_decoder. For that, add OIDs in linux/oid_registry.h and a negTokenInit ASN1 file, "spnego_negtokeninit.asn1". And define decoder's callback functions, which are the gssapi_this_mech for checking SPENGO oid and the neg_token_init_mech_type for getting authentication mechanisms supported by a server. Signed-off-by:
Hyunchul Lee <hyc.lee@gmail.com> Reviewed-by:
-
Paulo Alcantara authored
When refreshing the DFS cache, keep SMB2 IOCTL calls as much outside critical sections as possible and avoid read/write starvation when getting new DFS referrals by using broken or slow connections. Signed-off-by:
-
Steve French authored
CONFIG_CIFS_STATS2 can be very useful since it shows latencies by command, and allows enabling the slow response dynamic tracepoint which can be useful to identify performance problems. For example: Total time spent processing by command. Time units are jiffies (1000 per second) SMB3 CMD Number Total Time Fastest Slowest -------- ------ ---------- ------- ------- 0 1 2 2 2 1 2 6 2 4 2 0 0 0 0 3 4 11 2 4 4 2 16 5 11 5 4546 34104 2 487 6 4421 32901 2 487 7 0 0 0 0 8 695 2781 2 39 9 391 1708 2 27 10 0 0 0 0 11 4 6 1 2 12 0 0 0 0 13 0 0 0 0 14 3887 17696 0 128 15 0 0 0 0 16 1471 9950 1 487 17 169 2695 9 116 18 80 381 2 10 1 2 6 2 4 2 0 0 0 0 3 4 11 2 4 4 2 16 5 11 5 4546 34104 2 487 6 4421 32901 2 487 7 0 0 0 0 8 695 2781 2 39 9 391 1708 2 27 10 0 0 0 0 11 4 6 1 2 12 0 0 0 0 13 0 0 0 0 14 3887 17696 0 128 15 0 0 0 0 16 1471 9950 1 487 17 169 2695 9 116 18 80 381 2 10 Reviewed-by:
-
Shyam Prasad N authored
When we lookup an smb session based on session id, we did not up the ref-count for the session. This can potentially cause issues if the session is freed from under us. Signed-off-by:
Shyam Prasad N <sprasad@microsoft.com> Reviewed-by:
-
Paulo Alcantara authored
It isn't enough to have unshared tcons because multiple DFS mounts can connect to same target server and failover to different servers, so we can't use a single tcp server for such cases. For the simplest solution, use nosharesock option to achieve that. Signed-off-by:
-
Paulo Alcantara authored
We don't want to refresh the dfs cache in very short intervals, so setting a minimum interval of 2 minutes is OK. If it needs to be refreshed immediately, one could have the cache cleared with $ echo 0 > /proc/fs/cifs/dfscache and then remounting the dfs share. Signed-off-by:
-
Paulo Alcantara authored
Fix cache lookup and hash calculations when handling paths with different cases. Signed-off-by:
-
Paulo Alcantara authored
Convert all dfs paths to dfs cache's local codepage (@cache_cp) and avoid mixing them with different charsets. Signed-off-by:
-
Paulo Alcantara authored
At every mount, keep all sessions alive that were used for chasing the DFS referrals as long as the dfs mounts are active. Use those sessions in DFS cache to refresh all active tcons as well as cached entries. They will be managed by a list of mount_group structures that will be indexed by a randomly generated uuid at mount time, so we can put all the sessions related to specific dfs mounts and avoid leaking them. Signed-off-by:
-
Paulo Alcantara authored
@noreq param isn't used anywhere, so just remove it. Signed-off-by:
-
Paulo Alcantara authored
On session close, the IPC is closed and the server must release all tcons of the session. It doesn't matter if we send a ipc close or not. Besides, it will make the server to not close durable and resilient files on session close, as specified in MS-SMB2 3.3.5.6 Receiving an SMB2 LOGOFF Request. Signed-off-by:
-
Ronnie Sahlberg authored
RHBZ: 1866684 We don't have a real fallocate in the SMB2 protocol so we used to emulate fallocate by simply switching the file to become non-sparse. But as that could potantially consume a lot more data than we intended to fallocate (large sparse file and fallocating a thin slice in the middle) we would only do this IFF the fallocate request was for virtually the entire file. This patch improves this and starts allowing us to fallocate smaller chunks of a file by overwriting the region with 0, for the parts that are unallocated. The method used is to first query the server for FSCTL_QUERY_ALLOCATED_RANGES to find what is unallocated in the fallocate range and then to only overwrite-with-zero the unallocated ranges to fill in the holes. As overwriting-with-zero is different from just allocating blocks, and potentially much more expensive, we limit this to only allow fallocate ranges up to 1Mb in size. Reported-by:
-
Baokun Li authored
Add description for `cifs_compose_mount_options` to fix the W=1 warnings: fs/cifs/cifs_dfs_ref.c:139: warning: Function parameter or member 'devname' not described in 'cifs_compose_mount_options' Signed-off-by:
-
Colin Ian King authored
The variable rc is being initialized with a value that is never read, the assignment is redundant and can be removed. Addresses-Coverity: ("Unused value") Signed-off-by:Colin Ian King <colin.king@canonical.com> Reviewed-by:
-
Rikard Falkeborn authored
The only usage of cifs_genl_ops[] is to assign its address to the ops field in the genl_family struct, which is a pointer to const. Make it const to allow the compiler to put it in read-only memory. Signed-off-by:
Rikard Falkeborn <rikard.falkeborn@gmail.com> Reviewed-by:
-
YueHaibing authored
is_sysvol_or_netlogon() is never used, so can remove it. Signed-off-by:
YueHaibing <yuehaibing@huawei.com> Reviewed-by:
-
Steve French authored
smb2_find_smb_ses was defined twice in smb2proto.h Signed-off-by: -
Aurelien Aptel authored
Use %pI6 for IPv6 addresses Signed-off-by:
-
- 20 Jun, 2021 4 commits
-
-
Linus Torvalds authored
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull scheduler fix from Borislav Petkov: "A single fix to restore fairness between control groups with equal priority" * tag 'sched_urgent_for_v5.13_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched/fair: Correctly insert cfs_rq's to list on unthrottle
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull irq fix from Borislav Petkov: "A single fix for GICv3 to not take an interrupt in an NMI context" * tag 'irq_urgent_for_v5.13_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/gic-v3: Workaround inconsistent PMR setting on NMI entry
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull x86 fixes from Borislav Petkov: "A first set of urgent fixes to the FPU/XSTATE handling mess^W code. (There's a lot more in the pipe): - Prevent corruption of the XSTATE buffer in signal handling by validating what is being copied from userspace first. - Invalidate other task's preserved FPU registers on XRSTOR failure (#PF) because latter can still modify some of them. - Restore the proper PKRU value in case userspace modified it - Reset FPU state when signal restoring fails Other: - Map EFI boot services data memory as encrypted in a SEV guest so that the guest can access it and actually boot properly - Two SGX correctness fixes: proper resources freeing and a NUMA fix" * tag 'x86_urgent_for_v5.13_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mm: Avoid truncating memblocks for SGX memory x86/sgx: Add missing xa_destroy() when virtual EPC is destroyed x86/fpu: Reset state for all signal restore failures x86/pkru: Write hardware init value to PKRU when xstate is init x86/process: Check PF_KTHREAD and not current->mm for kernel threads x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer x86/fpu: Prevent state corruption in __fpu__restore_sig() x86/ioremap: Map EFI-reserved memory as encrypted for SEV
-
- 19 Jun, 2021 7 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linuxLinus Torvalds authored
Pull powerpc fixes from Michael Ellerman: "Fix initrd corruption caused by our recent change to use relative jump labels. Fix a crash using perf record on systems without a hardware PMU backend. Rework our 64-bit signal handling slighty to make it more closely match the old behaviour, after the recent change to use unsafe user accessors. Thanks to Anastasia Kovaleva, Athira Rajeev, Christophe Leroy, Daniel Axtens, Greg Kurz, and Roman Bolshakov" * tag 'powerpc-5.13-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not set powerpc: Fix initrd corruption with relative jump labels powerpc/signal64: Copy siginfo before changing regs->nip powerpc/mem: Add back missing header to fix 'no previous prototype' error
-
Linus Torvalds authored
Merge tag 'perf-tools-fixes-for-v5.13-2021-06-19' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux Pull perf tools fixes from Arnaldo Carvalho de Melo: - Fix refcount usage when processing PERF_RECORD_KSYMBOL. - 'perf stat' metric group fixes. - Fix 'perf test' non-bash issue with stat bpf counters. - Update unistd, in.h and socket.h with the kernel sources, silencing perf build warnings. * tag 'perf-tools-fixes-for-v5.13-2021-06-19' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: tools headers UAPI: Sync linux/in.h copy with the kernel sources tools headers UAPI: Sync asm-generic/unistd.h with the kernel original perf beauty: Update copy of linux/socket.h with the kernel sources perf test: Fix non-bash issue with stat bpf counters perf machine: Fix refcount usage when processing PERF_RECORD_KSYMBOL perf metricgroup: Return error code from metricgroup__add_metric_sys_event_iter() perf metricgroup: Fix find_evsel_group() event selector
-
git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linuxLinus Torvalds authored
Pull RISC-V fixes from Palmer Dabbelt: - A build fix to always build modules with the 'medany' code model, as the module loader doesn't support 'medlow'. - A Kconfig warning fix for the SiFive errata. - A pair of fixes that for regressions to the recent memory layout changes. - A fix for the FU740 device tree. * tag 'riscv-for-linus-5.13-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux: riscv: dts: fu740: fix cache-controller interrupts riscv: Ensure BPF_JIT_REGION_START aligned with PMD size riscv: kasan: Fix MODULES_VADDR evaluation due to local variables' name riscv: sifive: fix Kconfig errata warning riscv32: Use medany C model for modules
-
git://git.kernel.org/pub/scm/linux/kernel/git/s390/linuxLinus Torvalds authored
Pull s390 fixes from Vasily Gorbik: - Fix zcrypt ioctl hang due to AP queue msg counter dropping below 0 when pending requests are purged. - Two fixes for the machine check handler in the entry code. * tag 's390-5.13-4' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/ap: Fix hanging ioctl caused by wrong msg counter s390/mcck: fix invalid KVM guest condition check s390/mcck: fix calculation of SIE critical section size
-
Arnaldo Carvalho de Melo authored
To pick the changes in: 32182747 ("icmp: don't send out ICMP messages with a source address of 0.0.0.0") That don't result in any change in tooling, as INADDR_ are not used to generate id->string tables used by 'perf trace'. This addresses this build warning: Warning: Kernel ABI header at 'tools/include/uapi/linux/in.h' differs from latest version at 'include/uapi/linux/in.h' diff -u tools/include/uapi/linux/in.h include/uapi/linux/in.h Cc: David S. Miller <davem@davemloft.net> Cc: Toke Høiland-Jørgensen <toke@redhat.com> Signed-off-by:
Arnaldo Carvalho de Melo <acme@redhat.com>
-
Arnaldo Carvalho de Melo authored
To pick the changes in: 8b1462b6 ("quota: finish disable quotactl_path syscall") Those headers are used in some arches to generate the syscall table used in 'perf trace' to translate syscall numbers into strings. This addresses this perf build warning: Warning: Kernel ABI header at 'tools/include/uapi/asm-generic/unistd.h' differs from latest version at 'include/uapi/asm-generic/unistd.h' diff -u tools/include/uapi/asm-generic/unistd.h include/uapi/asm-generic/unistd.h Cc: Jan Kara <jack@suse.cz> Cc: Marcin Juszkiewicz <marcin@juszkiewicz.com.pl> Signed-off-by:
-
Arnaldo Carvalho de Melo authored
To pick the changes in: ea6932d7 ("net: make get_net_ns return error if NET_NS is disabled") That don't result in any changes in the tables generated from that header. This silences this perf build warning: Warning: Kernel ABI header at 'tools/perf/trace/beauty/include/linux/socket.h' differs from latest version at 'include/linux/socket.h' diff -u tools/perf/trace/beauty/include/linux/socket.h include/linux/socket.h Cc: Changbin Du <changbin.du@intel.com> Cc: David S. Miller <davem@davemloft.net> Signed-off-by:
-
