evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs/cifs
History
Mark Syms 2297977609 CIFS: handle guest access errors to Windows shares 
[ Upstream commit 40920c2bb119fd49ba03e2f97a172171781be442 ]

Commit 1a967d6c9b39c226be1b45f13acd4d8a5ab3dc44 ("correctly to
anonymous authentication for the NTLM(v2) authentication") introduces
a regression in handling errors related to attempting a guest
connection to a Windows share which requires authentication. This
should result in a permission denied error but actually causes the
kernel module to enter a never-ending loop trying to follow a DFS
referal which doesn't exist.

The base cause of this is the failure now occurs later in the process
during tree connect and not at the session setup setup and all errors
in tree connect are interpreted as needing to follow the DFS paths
which isn't in this case correct. So, check the returned error against
EACCES and fail if this is returned error.

Feedback from Aurelien:

  PS> net user guest /activate:no
    PS> mkdir C:\guestshare
      PS> icacls C:\guestshare /grant 'Everyone:(OI)(CI)F'
        PS> new-smbshare -name guestshare -path C:\guestshare -fullaccess Everyone

        I've tested v3.10, v4.4, master, master+your patch using default options
        (empty or no user "NU") and user=abc (U).

        NT_LOGON_FAILURE in session setup: LF
        This is what you seem to have in 3.10.

        NT_ACCESS_DENIED in tree connect to the share: AD
        This is what you get before your infinite loop.

                     |   NU       U
                     --------------------------------
                     3.10         |   LF       LF
                     4.4          |   LF       LF
                     master       |   AD       LF
                     master+patch |   AD       LF

                     No infinite DFS loop :(
                     All these issues result in mount failing very fast with permission denied.

                     I guess it could be from either the Windows version or the share/folder
                     ACL. A deeper analysis of the packets might reveal more.

                     In any case I did not notice any issues for on a basic DFS setup with
                     the patch so I don't think it introduced any regressions, which is
                     probably all that matters. It still bothers me a little I couldn't hit
                     the bug.

                     I've included kernel output w/ debugging output and network capture of
                     my tests if anyone want to have a look at it. (master+patch = ml-guestfix).

Signed-off-by: Mark Syms <mark.syms@citrix.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Tested-by: Aurelien Aptel <aaptel@suse.com>
Acked-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2018-11-10 07:41:37 -08:00
..
asn1.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cache.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cifs_debug.c smb3: fix reset of bytes read and written stats 2018-09-15 09:40:39 +02:00
cifs_debug.h lib: update single-char callers of strtobool() 2016-10-28 03:01:30 -04:00
cifs_dfs_ref.c Fix that several functions handle incorrect value of mapchars 2015-05-10 19:56:35 -05:00
cifs_fs_sb.h fs/cifs: make share unaccessible at root level mountable 2016-08-20 18:09:20 +02:00
cifs_ioctl.h Add way to query server fs info for smb3 2015-08-20 10:19:25 -05:00
cifs_spnego.c KEYS: Merge the type-specific data with the payload data 2015-10-21 15:18:36 +01:00
cifs_spnego.h
cifs_unicode.c fs/cifs: don't translate SFM_SLASH (U+F026) to backslash 2018-10-10 08:52:11 +02:00
cifs_unicode.h CIFS: add misssing SFM mapping for doublequote 2017-05-20 14:27:01 +02:00
cifs_uniupr.h
cifsacl.c KEYS: Merge the type-specific data with the payload data 2015-10-21 15:18:36 +01:00
cifsacl.h cifs: fix SID binary to string conversion 2012-12-11 11:48:49 -06:00
cifsencrypt.c CIFS: zero sensitive data when freeing 2018-02-16 20:09:39 +01:00
cifsfs.c SMB3: GUIDs should be constructed as random but valid uuids 2016-10-28 03:01:32 -04:00
cifsfs.h Fix cifs_uniqueid_to_ino_t() function for s390x 2016-03-09 15:34:50 -08:00
cifsglob.h CIFS: Reconnect expired SMB sessions 2017-10-18 09:20:40 +02:00
cifspdu.h Add way to query server fs info for smb3 2015-08-20 10:19:25 -05:00
cifsproto.h CIFS: Fix a possible memory corruption during reconnect 2017-01-06 11:16:15 +01:00
cifssmb.c fs/cifs: suppress a string overflow warning 2018-10-10 08:52:12 +02:00
connect.c CIFS: handle guest access errors to Windows shares 2018-11-10 07:41:37 -08:00
dir.c cifs: do not allow creating sockets except with SMB1 posix exensions 2018-04-29 07:50:01 +02:00
dns_resolve.c cifs: fix composing of mount options for DFS referrals 2013-05-24 13:08:31 -05:00
dns_resolve.h
export.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
file.c CIFS: silence lockdep splat in cifs_relock_file() 2018-04-13 19:50:03 +02:00
fscache.c NFS client updates for Linux 3.13 2013-11-08 05:57:46 +09:00
fscache.h CIFS: FS-Cache: Uncache unread pages in cifs_readpages() before freeing them 2013-09-18 10:17:03 -05:00
inode.c smb3: Do not send SMB3 SET_INFO if nothing changed 2018-09-05 09:18:37 +02:00
ioctl.c cifs: fix CIFS_IOC_GET_MNT_INFO oops 2017-05-20 14:27:01 +02:00
Kconfig Allow parsing vers=3.11 on cifs mount 2015-06-27 20:23:32 -07:00
link.c smb3: don't request leases in symlink creation and query 2018-09-05 09:18:37 +02:00
Makefile cifs: add new case-insensitive conversion routines that are based on wchar_t's 2013-09-08 14:38:05 -05:00
misc.c cifs: read overflow in is_valid_oplock_break() 2018-10-10 08:52:12 +02:00
netmisc.c cifs: small underflow in cnvrtDosUnixTm() 2018-03-24 10:58:46 +01:00
nterr.c CIFS: Rename 7 error codes to NT_ style 2012-07-24 10:25:10 -05:00
nterr.h CIFS: Rename 7 error codes to NT_ style 2012-07-24 10:25:10 -05:00
ntlmssp.h cifs: dynamic allocation of ntlmssp blob 2016-07-27 09:47:39 -07:00
readdir.c cifs: prevent integer overflow in nxt_dir_entry() 2018-09-26 08:35:08 +02:00
rfc1002pdu.h
sess.c cifs: check kmalloc before use 2018-09-05 09:18:37 +02:00
smb1ops.c CIFS: Improve readdir verbosity 2017-06-29 12:48:51 +02:00
smb2file.c CIFS: Fix a possible memory corruption in push locks 2017-01-06 11:16:16 +01:00
smb2glob.h cifs: Limit the overall credit acquired 2016-10-28 03:01:32 -04:00
smb2inode.c smb3: Do not send SMB3 SET_INFO if nothing changed 2018-09-05 09:18:37 +02:00
smb2maperror.c Fix problem recognizing symlinks 2014-10-02 14:10:04 -05:00
smb2misc.c cifs: check if SMB2 PDU size has been padded and suppress the warning 2018-09-15 09:40:37 +02:00
smb2ops.c smb2: fix missing files in root share directory listing 2018-10-10 08:52:13 +02:00
smb2pdu.c CIFS: fix wrapping bugs in num_entries() 2018-09-26 08:35:08 +02:00
smb2pdu.h CIFS: Fix maximum SMB2 header size 2017-09-07 08:34:09 +02:00
smb2proto.h Handle mismatched open calls 2017-05-08 07:46:01 +02:00
smb2status.h CIFS: Add SMB2 status codes 2012-07-24 10:25:13 -05:00
smb2transport.c Handle mismatched open calls 2017-05-08 07:46:01 +02:00
smbencrypt.c cifs: use memzero_explicit to clear stack buffer 2015-01-19 15:32:13 -06:00
smberr.h
smbfsctl.h [SMB3] Send durable handle v2 contexts when use of persistent handles required 2015-11-03 09:26:27 -06:00
transport.c Handle mismatched open calls 2017-05-08 07:46:01 +02:00
winucase.c [CIFS] quiet sparse compile warning 2013-09-08 14:54:24 -05:00
xattr.c VFS: normal filesystems (and lustre): d_inode() annotations 2015-04-15 15:06:57 -04:00