xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
派生 0
代码 工单 合并请求 工作流 软件包 项目 发布 百科 活动

smb3: do not allow insecure cifs mounts when using smb3

浏览代码 
if mounting as smb3 do not allow cifs (vers=1.0) or insecure vers=2.0
mounts.

For example:
root@smf-Thinkpad-P51:~/cifs-2.6# mount -t smb3 //127.0.0.1/scratch /mnt -o username=testuser,password=Testpass1
root@smf-Thinkpad-P51:~/cifs-2.6# umount /mnt
root@smf-Thinkpad-P51:~/cifs-2.6# mount -t smb3 //127.0.0.1/scratch /mnt -o username=testuser,password=Testpass1,vers=1.0
mount: /mnt: wrong fs type, bad option, bad superblock on //127.0.0.1/scratch ...
root@smf-Thinkpad-P51:~/cifs-2.6# dmesg | grep smb3
[ 4302.200122] CIFS VFS: vers=1.0 (cifs) not permitted when mounting with smb3
root@smf-Thinkpad-P51:~/cifs-2.6# mount -t smb3 //127.0.0.1/scratch /mnt -o username=testuser,password=Testpass1,vers=3.11

Signed-off-by: Steve French <stfrench@microsoft.com>
Acked-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Sachin Prabhu <sprabhu@redhat.com>
这个提交包含在:
Steve French
2018-06-06 17:59:29 -05:00
父节点 8ddecf5fd7
当前提交 c7c137b931
修改 3 个文件,包含 36 行新增14 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

22
fs/cifs/cifsfs.c
查看文件

@@ -698,8 +698,8 @@ static int cifs_set_super(struct super_block *sb, void *data)
}
static struct dentry *
cifs_do_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data)
cifs_smb3_do_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data, bool is_smb3)
{
int rc;
struct super_block *sb;
@@ -710,7 +710,7 @@ cifs_do_mount(struct file_system_type *fs_type,
cifs_dbg(FYI, "Devname: %s flags: %d\n", dev_name, flags);
volume_info = cifs_get_volume_info((char *)data, dev_name);
volume_info = cifs_get_volume_info((char *)data, dev_name, is_smb3);
if (IS_ERR(volume_info))
return ERR_CAST(volume_info);
@@ -790,6 +790,20 @@ out_nls:
goto out;
}
static struct dentry *
smb3_do_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data)
{
return cifs_smb3_do_mount(fs_type, flags, dev_name, data, true);
}
static struct dentry *
cifs_do_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data)
{
return cifs_smb3_do_mount(fs_type, flags, dev_name, data, false);
}
static ssize_t
cifs_loose_read_iter(struct kiocb *iocb, struct iov_iter *iter)
{
@@ -925,7 +939,7 @@ MODULE_ALIAS_FS("cifs");
static struct file_system_type smb3_fs_type = {
.owner = THIS_MODULE,
.name = "smb3",
.mount = cifs_do_mount,
.mount = smb3_do_mount,
.kill_sb = cifs_kill_sb,
/* .fs_flags */
};