From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.0 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 97A84C43381 for ; Tue, 26 Mar 2019 06:37:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 67D9020863 for ; Tue, 26 Mar 2019 06:37:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1553582240; bh=vqUKB/qBfQ34iruK18jYm1DkW+RcVP3891PCWS46gpY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=Bh4d1yTIyj3kvBFW57wMjyiqgMwk3ytrDHuhIt8Jy5FueCao3xqYElsnuXloXQh/M 0jkZGt8A0GdxZTK4Nl2EMOaiXQbcc0EiiwqGTu8dgq8956i68oKXIFhxA2QnE8svLD Oj3q3atv1xnagVEhWCbcbnnuzfXLuZx5Y5QXQNVY= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732355AbfCZGhT (ORCPT ); Tue, 26 Mar 2019 02:37:19 -0400 Received: from mail.kernel.org ([198.145.29.99]:50518 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731632AbfCZGhR (ORCPT ); Tue, 26 Mar 2019 02:37:17 -0400 Received: from localhost (unknown [104.132.152.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id D356F2075E; Tue, 26 Mar 2019 06:37:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1553582236; bh=vqUKB/qBfQ34iruK18jYm1DkW+RcVP3891PCWS46gpY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=HiXsOUBRXrbOi+OhL/bHtFNvmC+kobNfCj2z8LMudc93wQnXYyPNRysfnGHKgIMb4 8RHJLz2pcBLMKtOADI/CHEcKWH0zLTqyYUch0rhzSFnCYEcg/d2W7xTTjhIg6ZLgjp n/vhh0DcwoDHDrqNnYaC/Jd30oCNlMtckzQHOcpM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Ronnie Sahlberg , Paulo Alcantara , Steve French Subject: [PATCH 4.19 22/45] SMB3: Fix SMB3.1.1 guest mounts to Samba Date: Tue, 26 Mar 2019 15:30:05 +0900 Message-Id: <20190326042703.852771279@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190326042702.565683325@linuxfoundation.org> References: <20190326042702.565683325@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: Steve French commit 8c11a607d1d9cd6e7f01fd6b03923597fb0ef95a upstream. Workaround problem with Samba responses to SMB3.1.1 null user (guest) mounts. The server doesn't set the expected flag in the session setup response so we have to do a similar check to what is done in smb3_validate_negotiate where we also check if the user is a null user (but not sec=krb5 since username might not be passed in on mount for Kerberos case). Note that the commit below tightened the conditions and forced signing for the SMB2-TreeConnect commands as per MS-SMB2. However, this should only apply to normal user sessions and not for cases where there is no user (even if server forgets to set the flag in the response) since we don't have anything useful to sign with. This is especially important now that the more secure SMB3.1.1 protocol is in the default dialect list. An earlier patch ("cifs: allow guest mounts to work for smb3.11") fixed the guest mounts to Windows. Fixes: 6188f28bf608 ("Tree connect for SMB3.1.1 must be signed for non-encrypted shares") Reviewed-by: Ronnie Sahlberg Reviewed-by: Paulo Alcantara CC: Stable Signed-off-by: Steve French Signed-off-by: Greg Kroah-Hartman --- fs/cifs/smb2pdu.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -1503,10 +1503,13 @@ SMB2_tcon(const unsigned int xid, struct /* * 3.11 tcon req must be signed if not encrypted. See MS-SMB2 3.2.4.1.1 * unless it is guest or anonymous user. See MS-SMB2 3.2.5.3.1 + * (Samba servers don't always set the flag so also check if null user) */ if ((ses->server->dialect == SMB311_PROT_ID) && !smb3_encryption_required(tcon) && - !(ses->session_flags & (SMB2_SESSION_FLAG_IS_GUEST|SMB2_SESSION_FLAG_IS_NULL))) + !(ses->session_flags & + (SMB2_SESSION_FLAG_IS_GUEST|SMB2_SESSION_FLAG_IS_NULL)) && + ((ses->user_name != NULL) || (ses->sectype == Kerberos))) req->sync_hdr.Flags |= SMB2_FLAGS_SIGNED; memset(&rqst, 0, sizeof(struct smb_rqst));