korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-26 21:54:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
7e7db86c7e
linux/fs/cifs
History
Steve French 7e7db86c7e smb3: allow decryption keys to be dumped by admin for debugging 
In order to debug certain problems it is important to be able
to decrypt network traces (e.g. wireshark) but to do this we
need to be able to dump out the encryption/decryption keys.
Dumping them to an ioctl is safer than dumping then to dmesg,
(and better than showing all keys in a pseudofile).

Restrict this to root (CAP_SYS_ADMIN), and only for a mount
that this admin has access to.

Sample smbinfo output:
SMB3.0 encryption
Session Id:   0x82d2ec52
Session Key:  a5 6d 81 d0 e c1 ca e1 d8 13 aa 20 e8 f2 cc 71
Server Encryption Key:  1a c3 be ba 3d fc dc 3c e bc 93 9e 50 9e 19 c1
Server Decryption Key:  e0 d4 d9 43 1b a2 1b e3 d8 76 77 49 56 f7 20 88

Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
2019-09-21 06:02:26 -05:00
..
asn1.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cache.c cifs: use 64-bit timestamps for fscache 2018-08-07 14:15:41 -05:00
cifs_debug.c smb3: display max smb3 requests in flight at any one time 2019-09-16 11:43:38 -05:00
cifs_debug.h cifs: add a debug macro that prints \\server\share for errors 2019-09-16 11:43:38 -05:00
cifs_dfs_ref.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cifs_fs_sb.h smb3: add mount option to allow RW caching of share accessed by only 1 client 2019-09-16 11:43:38 -05:00
cifs_ioctl.h smb3: allow decryption keys to be dumped by admin for debugging 2019-09-21 06:02:26 -05:00
cifs_spnego.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
cifs_spnego.h [CIFS] Rename three structures to avoid camel case 2011-05-27 04:34:02 +00:00
cifs_unicode.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifs_unicode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifs_uniupr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifsacl.c cifs: modefromsid: write mode ACE first 2019-09-16 18:49:11 -05:00
cifsacl.h cifs: modefromsid: make room for 4 ACE 2019-09-16 11:43:38 -05:00
cifsencrypt.c fs: cifs: switch to RC4 library interface 2019-06-20 14:19:55 +08:00
cifsfs.c smb3: allow disabling requesting leases 2019-09-16 11:43:38 -05:00
cifsfs.h cifs: update internal module version number 2019-09-16 19:18:39 -05:00
cifsglob.h cifs: Add support for root file systems 2019-09-16 11:43:38 -05:00
cifspdu.h smb3: missing defines and structs for reparse point handling 2018-11-02 14:09:41 -05:00
cifsproto.h cifs: add a helper to find an existing readable handle to a file 2019-09-16 11:43:38 -05:00
cifsroot.c cifs: cifsroot: add more err checking 2019-09-16 11:43:39 -05:00
cifssmb.c fs: cifs: cifsssmb: remove redundant assignment to variable ret 2019-09-16 11:43:37 -05:00
connect.c cifs: Add support for root file systems 2019-09-16 11:43:38 -05:00
dfs_cache.c fs: cifs: Drop unlikely before IS_ERR(_OR_NULL) 2019-07-07 22:37:42 -05:00
dfs_cache.h cifs: Fix DFS cache refresher for DFS links 2019-05-07 23:24:54 -05:00
dir.c cifs: create a helper to find a writeable handle by path name 2019-09-16 11:43:37 -05:00
dns_resolve.c keys: Pass the network namespace into request_key mechanism 2019-06-27 23:02:12 +01:00
dns_resolve.h DNS: Separate out CIFS DNS Resolver code 2010-08-05 17:17:51 +00:00
export.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
file.c cifs: add a helper to find an existing readable handle to a file 2019-09-16 11:43:38 -05:00
fscache.c cifs: use 64-bit timestamps for fscache 2018-08-07 14:15:41 -05:00
fscache.h cifs: use 64-bit timestamps for fscache 2018-08-07 14:15:41 -05:00
inode.c cifs: allow chmod to set mode bits using special sid 2019-09-16 11:43:37 -05:00
ioctl.c smb3: allow decryption keys to be dumped by admin for debugging 2019-09-21 06:02:26 -05:00
Kconfig cifs: Add support for root file systems 2019-09-16 11:43:38 -05:00
link.c SMB3: Clean up query symlink when reparse point 2019-05-07 23:24:55 -05:00
Makefile cifs: Add support for root file systems 2019-09-16 11:43:38 -05:00
misc.c cifs: replace various strncpy with strscpy and similar 2019-08-27 17:25:12 -05:00
netmisc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
nterr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
nterr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
ntlmssp.h cifs: dynamic allocation of ntlmssp blob 2016-06-23 23:45:07 -05:00
readdir.c cifs: check ntwrk_buf_start for NULL before dereferencing it 2018-12-23 22:41:31 -06:00
rfc1002pdu.h
sess.c cifs: replace various strncpy with strscpy and similar 2019-08-27 17:25:12 -05:00
smb1ops.c cifs: simplify code by removing CONFIG_CIFS_ACL ifdef 2019-07-07 22:37:43 -05:00
smb2file.c smb3: optimize open to not send query file internal info 2019-07-18 17:44:13 -05:00
smb2glob.h cifs: change SMB2_OP_RENAME and SMB2_OP_HARDLINK to use compounding 2018-10-23 21:16:04 -05:00
smb2inode.c smb3: improve handling of share deleted (and share recreated) 2019-09-16 11:43:38 -05:00
smb2maperror.c smb3: improve handling of share deleted (and share recreated) 2019-09-16 11:43:38 -05:00
smb2misc.c CIFS: keep FileInfo handle live during oplock break 2019-04-16 09:38:38 -05:00
smb2ops.c smb3: fix potential null dereference in decrypt offload 2019-09-16 11:43:38 -05:00
smb2pdu.c smb3: add missing worker function for SMB3 change notify 2019-09-16 11:43:39 -05:00
smb2pdu.h smb3: add missing flag definitions 2019-09-16 11:43:37 -05:00
smb2proto.h cifs: prepare SMB2_Flush to be usable in compounds 2019-09-16 11:43:37 -05:00
smb2status.h cifs: don't use __constant_cpu_to_le32() 2019-05-07 23:24:54 -05:00
smb2transport.c smb3: allow skipping signature verification for perf sensitive configurations 2019-09-16 11:43:38 -05:00
smbdirect.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157 2019-05-30 11:26:37 -07:00
smbdirect.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157 2019-05-30 11:26:37 -07:00
smbencrypt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
smberr.h cifs: map NT_STATUS_ERROR_WRITE_PROTECTED to -EROFS 2010-08-02 12:40:40 +00:00
smbfsctl.h cifs: add fiemap support 2019-05-07 23:24:55 -05:00
trace.c smb3: Cleanup license mess 2019-01-24 09:37:33 -06:00
trace.h smb3: add missing worker function for SMB3 change notify 2019-09-16 11:43:39 -05:00
transport.c smb3: display max smb3 requests in flight at any one time 2019-09-16 11:43:38 -05:00
winucase.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
xattr.c cifs: simplify code by removing CONFIG_CIFS_ACL ifdef 2019-07-07 22:37:43 -05:00