Commit 071d001e authored by Steve French's avatar Steve French

return the right return code on failed ExtendedSecurity mount to SPNEGO enabled

servers to avoid mount oops.  Fix case in which tcp stack only returns 3 bytes
of larger peek of smb header (which would otherwise kill the
session and cause us to have to reconnect)

Signed-of-by: Steve French (sfrench@us.ibm.com)
parent 37658b57
...@@ -2,7 +2,10 @@ Version 1.28 ...@@ -2,7 +2,10 @@ Version 1.28
------------ ------------
Add module init parm for large SMB buffer size (to allow it to be changed Add module init parm for large SMB buffer size (to allow it to be changed
from its default of 16K) which is especially useful for large file copy from its default of 16K) which is especially useful for large file copy
when mounting with the directio mount option. when mounting with the directio mount option. Fix oops after
returning from mount when experimental ExtendedSecurity enabled and
SpnegoNegotiated returning invalid error. Fix case to retry better when
peek returns from 1 to 3 bytes on socket which should have more data.
Version 1.27 Version 1.27
------------ ------------
......
...@@ -64,6 +64,13 @@ trivially built from Samba 3.0 or later source e.g. by executing: ...@@ -64,6 +64,13 @@ trivially built from Samba 3.0 or later source e.g. by executing:
gcc samba/source/client/mount.cifs.c -o mount.cifs gcc samba/source/client/mount.cifs.c -o mount.cifs
If cifs is built as a module, then the size and number of network buffers
and maximum number of simultaneous requests to one server can be configured.
Changing these from their defaults is not recommended. By executing modinfo
modinfo kernel/fs/cifs/cifs.ko
on kernel/fs/cifs/cifs.ko the list of configuration changes that can be made
at module initialization time (by running insmod cifs.ko) can be seen.
Allowing User Mounts Allowing User Mounts
==================== ====================
To permit users to mount and unmount over directories they own is possible To permit users to mount and unmount over directories they own is possible
......
...@@ -389,6 +389,12 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) ...@@ -389,6 +389,12 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
SecurityBlob, SecurityBlob,
count - 16, count - 16,
&server->secType); &server->secType);
if(rc == 1) {
/* BB Need to fill struct for sessetup here */
rc = -EOPNOTSUPP;
} else {
rc = -EINVAL;
}
} }
} else } else
server->capabilities &= ~CAP_EXTENDED_SECURITY; server->capabilities &= ~CAP_EXTENDED_SECURITY;
......
...@@ -254,7 +254,8 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server) ...@@ -254,7 +254,8 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
cFYI(1,("call to reconnect done")); cFYI(1,("call to reconnect done"));
csocket = server->ssocket; csocket = server->ssocket;
continue; continue;
} else if ((length == -ERESTARTSYS) || (length == -EAGAIN)) { } else if ((length == -ERESTARTSYS) || (length == -EAGAIN)
|| ((length > 0) && (length <= 3)) ) {
set_current_state(TASK_INTERRUPTIBLE); set_current_state(TASK_INTERRUPTIBLE);
schedule_timeout(1); /* minimum sleep to prevent looping schedule_timeout(1); /* minimum sleep to prevent looping
allowing socket to clear and app threads to set allowing socket to clear and app threads to set
...@@ -280,7 +281,7 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server) ...@@ -280,7 +281,7 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
} }
pdu_length = 4 + ntohl(smb_buffer->smb_buf_length); pdu_length = 4 + ntohl(smb_buffer->smb_buf_length);
/* Ony read pdu_length after below checks for too short (due /* Only read pdu_length after below checks for too short (due
to e.g. int overflow) and too long ie beyond end of buf */ to e.g. int overflow) and too long ie beyond end of buf */
cFYI(1, ("Peek length rcvd: 0x%x beginning 0x%x)", length, pdu_length)); cFYI(1, ("Peek length rcvd: 0x%x beginning 0x%x)", length, pdu_length));
...@@ -330,13 +331,19 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server) ...@@ -330,13 +331,19 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
csocket = server->ssocket; csocket = server->ssocket;
continue; continue;
} else { } else {
if (/*(length != sizeof (struct smb_hdr) - 1) if (length < 16) {
||*/ (pdu_length > /* We can not validate the SMB unless
at least this much of SMB available
so give the socket time to copy
a few more bytes and retry */
set_current_state(TASK_INTERRUPTIBLE);
schedule_timeout(10);
continue;
} else if( (pdu_length >
CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) CIFSMaxBufSize + MAX_CIFS_HDR_SIZE)
|| (pdu_length < || (pdu_length <
sizeof (struct smb_hdr) - 1) sizeof (struct smb_hdr) - 1)
|| || (checkSMBhdr
(checkSMBhdr
(smb_buffer, smb_buffer->Mid))) { (smb_buffer, smb_buffer->Mid))) {
cERROR(1, cERROR(1,
("Invalid size or format for SMB found with length %d and pdu_length %d", ("Invalid size or format for SMB found with length %d and pdu_length %d",
......
...@@ -64,7 +64,7 @@ cifs_open(struct inode *inode, struct file *file) ...@@ -64,7 +64,7 @@ cifs_open(struct inode *inode, struct file *file)
read_lock(&GlobalSMBSeslock); read_lock(&GlobalSMBSeslock);
list_for_each(tmp, &pCifsInode->openFileList) { list_for_each(tmp, &pCifsInode->openFileList) {
pCifsFile = list_entry(tmp,struct cifsFileInfo, flist); pCifsFile = list_entry(tmp,struct cifsFileInfo, flist);
if((pCifsFile->pfile == NULL)&& (pCifsFile->pid = current->pid)){ if((pCifsFile->pfile == NULL)&& (pCifsFile->pid == current->tgid)){
/* mode set in cifs_create */ /* mode set in cifs_create */
pCifsFile->pfile = file; /* needed for writepage */ pCifsFile->pfile = file; /* needed for writepage */
file->private_data = pCifsFile; file->private_data = pCifsFile;
...@@ -168,7 +168,7 @@ cifs_open(struct inode *inode, struct file *file) ...@@ -168,7 +168,7 @@ cifs_open(struct inode *inode, struct file *file)
memset(file->private_data, 0, sizeof(struct cifsFileInfo)); memset(file->private_data, 0, sizeof(struct cifsFileInfo));
pCifsFile = (struct cifsFileInfo *) file->private_data; pCifsFile = (struct cifsFileInfo *) file->private_data;
pCifsFile->netfid = netfid; pCifsFile->netfid = netfid;
pCifsFile->pid = current->pid; pCifsFile->pid = current->tgid;
init_MUTEX(&pCifsFile->fh_sem); init_MUTEX(&pCifsFile->fh_sem);
pCifsFile->pfile = file; /* needed for writepage */ pCifsFile->pfile = file; /* needed for writepage */
pCifsFile->pInode = inode; pCifsFile->pInode = inode;
...@@ -598,7 +598,8 @@ cifs_lock(struct file *file, int cmd, struct file_lock *pfLock) ...@@ -598,7 +598,8 @@ cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
pfLock->fl_start, numUnlock, numLock, lockType, pfLock->fl_start, numUnlock, numLock, lockType,
wait_flag); wait_flag);
if (rc == 0 && (pfLock->fl_flags & FL_POSIX)) if (rc == 0 && (pfLock->fl_flags & FL_POSIX))
posix_lock_file(file, pfLock); if(experimEnabled)
posix_lock_file(file, pfLock);
FreeXid(xid); FreeXid(xid);
return rc; return rc;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment