5 cifs/smb3 fixes, 3 for stable, including an important ACL fix and security signature fix

-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmBWHtgACgkQiiy9cAdy
 T1HRZAv/Z3bxnkLLU/mIHHpaa7VpeB1gsF2dzWy1laF6NQ4hnlPKnTG4didlBvxz
 E/ekEsxiDx/OYik0/RJnI1VJf/7EJ9VdfNeQmRZHeGMAjLLAxKQeXpIek/XidVfT
 QQUjneJQBDglzlV/flzxqMAqq+v9fhlRzEq10YuGgMvRSlCXHn8O9lrHEYSQxXFf
 AehAoaDqRPht+PkDAcAjC90m1rE8zYaxIgwWeeXcKqVuXyxCf+1bWZJuLfNOJ3qY
 OXSK4YiAWWcW4MhhmLAGnDOqJZ9mGdAw5YPiIv60t9SF5bpvEmmuNv6ApeljzmAd
 Z2G7Ygr2vXyI+btB6om9gtBfG+1c0jqb8JzK/pGN7w7srIyFtHuUp3OX4Alp59y/
 2kAcW9cV1NYlKvP+0QAnZNqk7J90LmIAo5Dft9fb9PTc5CCmU9R2T6AuYQ+WTV/3
 vkUd5gAJDUCarhn+uWQdmJvNuoS7eueht6F/dX+8pZ9t2gGzGerGY5O2+82ByPBn
 BanDlHwh
 =h/5R
 -----END PGP SIGNATURE-----

Merge tag '5.12-rc3-smb3' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs fixes from Steve French:
 "Five cifs/smb3 fixes - three for stable, including an important ACL
  fix and security signature fix"

* tag '5.12-rc3-smb3' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: fix allocation size on newly created files
  cifs: warn and fail if trying to use rootfs without the config option
  fs/cifs/: fix misspellings using codespell tool
  cifs: Fix preauth hash corruption
  cifs: update new ACE pointer after populate_new_aces.
This commit is contained in:
Linus Torvalds 2021-03-20 11:00:25 -07:00
commit bfdc4aa9e9
5 changed files with 26 additions and 8 deletions

View File

@ -248,7 +248,7 @@ nlmsg_fail:
/*
* Try to find a matching registration for the tcon's server name and share name.
* Calls to this funciton must be protected by cifs_swnreg_idr_mutex.
* Calls to this function must be protected by cifs_swnreg_idr_mutex.
* TODO Try to avoid memory allocations
*/
static struct cifs_swn_reg *cifs_find_swn_reg(struct cifs_tcon *tcon)

View File

@ -1118,7 +1118,6 @@ static int set_chmod_dacl(struct cifs_acl *pdacl, struct cifs_acl *pndacl,
/* Retain old ACEs which we can retain */
for (i = 0; i < src_num_aces; ++i) {
pntace = (struct cifs_ace *) (acl_base + size);
pnntace = (struct cifs_ace *) (nacl_base + nsize);
if (!new_aces_set && (pntace->flags & INHERITED_ACE)) {
/* Place the new ACEs in between existing explicit and inherited */
@ -1131,14 +1130,18 @@ static int set_chmod_dacl(struct cifs_acl *pdacl, struct cifs_acl *pndacl,
}
/* If it's any one of the ACE we're replacing, skip! */
if ((compare_sids(&pntace->sid, &sid_unix_NFS_mode) == 0) ||
if (!mode_from_sid &&
((compare_sids(&pntace->sid, &sid_unix_NFS_mode) == 0) ||
(compare_sids(&pntace->sid, pownersid) == 0) ||
(compare_sids(&pntace->sid, pgrpsid) == 0) ||
(compare_sids(&pntace->sid, &sid_everyone) == 0) ||
(compare_sids(&pntace->sid, &sid_authusers) == 0)) {
(compare_sids(&pntace->sid, &sid_authusers) == 0))) {
goto next_ace;
}
/* update the pointer to the next ACE to populate*/
pnntace = (struct cifs_ace *) (nacl_base + nsize);
nsize += cifs_copy_ace(pnntace, pntace, NULL);
num_aces++;

View File

@ -1196,9 +1196,11 @@ static int smb3_fs_context_parse_param(struct fs_context *fc,
pr_warn_once("Witness protocol support is experimental\n");
break;
case Opt_rootfs:
#ifdef CONFIG_CIFS_ROOT
ctx->rootfs = true;
#ifndef CONFIG_CIFS_ROOT
cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
goto cifs_parse_mount_err;
#endif
ctx->rootfs = true;
break;
case Opt_posixpaths:
if (result.negated)

View File

@ -2395,7 +2395,7 @@ int cifs_getattr(struct user_namespace *mnt_userns, const struct path *path,
* We need to be sure that all dirty pages are written and the server
* has actual ctime, mtime and file length.
*/
if ((request_mask & (STATX_CTIME | STATX_MTIME | STATX_SIZE)) &&
if ((request_mask & (STATX_CTIME | STATX_MTIME | STATX_SIZE | STATX_BLOCKS)) &&
!CIFS_CACHE_READ(CIFS_I(inode)) &&
inode->i_mapping && inode->i_mapping->nrpages != 0) {
rc = filemap_fdatawait(inode->i_mapping);
@ -2585,6 +2585,14 @@ set_size_out:
if (rc == 0) {
cifsInode->server_eof = attrs->ia_size;
cifs_setsize(inode, attrs->ia_size);
/*
* i_blocks is not related to (i_size / i_blksize), but instead
* 512 byte (2**9) size is required for calculating num blocks.
* Until we can query the server for actual allocation size,
* this is best estimate we have for blocks allocated for a file
* Number of blocks must be rounded up so size 1 is not 0 blocks
*/
inode->i_blocks = (512 - 1 + attrs->ia_size) >> 9;
/*
* The man page of truncate says if the size changed,

View File

@ -1196,9 +1196,12 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses,
/*
* Compounding is never used during session establish.
*/
if ((ses->status == CifsNew) || (optype & CIFS_NEG_OP) || (optype & CIFS_SESS_OP))
if ((ses->status == CifsNew) || (optype & CIFS_NEG_OP) || (optype & CIFS_SESS_OP)) {
mutex_lock(&server->srv_mutex);
smb311_update_preauth_hash(ses, rqst[0].rq_iov,
rqst[0].rq_nvec);
mutex_unlock(&server->srv_mutex);
}
for (i = 0; i < num_rqst; i++) {
rc = wait_for_response(server, midQ[i]);
@ -1266,7 +1269,9 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses,
.iov_base = resp_iov[0].iov_base,
.iov_len = resp_iov[0].iov_len
};
mutex_lock(&server->srv_mutex);
smb311_update_preauth_hash(ses, &iov, 1);
mutex_unlock(&server->srv_mutex);
}
out: