* [PATCH] cifs: fix regression in very old smb1 mounts
@ 2022-10-11 23:12 Ronnie Sahlberg
2022-11-01 17:53 ` Thorsten Leemhuis
0 siblings, 1 reply; 6+ messages in thread
From: Ronnie Sahlberg @ 2022-10-11 23:12 UTC (permalink / raw)
To: linux-cifs; +Cc: Steve French
BZ: 215375
Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
---
fs/cifs/connect.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 93e59b3b36c7..c77232096c12 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
pSMB->AndXCommand = 0xFF;
pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
bcc_ptr = &pSMB->Password[0];
- if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
- pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
- *bcc_ptr = 0; /* password is null byte */
- bcc_ptr++; /* skip password */
- /* already aligned so no need to do it below */
- }
+
+ pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
+ *bcc_ptr = 0; /* password is null byte */
+ bcc_ptr++; /* skip password */
+ /* already aligned so no need to do it below */
if (ses->server->sign)
smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
--
2.35.3
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts
2022-10-11 23:12 [PATCH] cifs: fix regression in very old smb1 mounts Ronnie Sahlberg
@ 2022-11-01 17:53 ` Thorsten Leemhuis
2022-11-07 13:17 ` Thorsten Leemhuis
0 siblings, 1 reply; 6+ messages in thread
From: Thorsten Leemhuis @ 2022-11-01 17:53 UTC (permalink / raw)
To: Ronnie Sahlberg, linux-cifs; +Cc: Steve French, regressions
On 12.10.22 01:12, Ronnie Sahlberg wrote:
> BZ: 215375
>
> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so
far? If not: could you please consider submitting this change for
inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days
that according to the bugzilla ticket seem to annoy some people a lot.
Ciao, Thorsten
> ---
> fs/cifs/connect.c | 11 +++++------
> 1 file changed, 5 insertions(+), 6 deletions(-)
>
> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
> index 93e59b3b36c7..c77232096c12 100644
> --- a/fs/cifs/connect.c
> +++ b/fs/cifs/connect.c
> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
> pSMB->AndXCommand = 0xFF;
> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
> bcc_ptr = &pSMB->Password[0];
> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> - *bcc_ptr = 0; /* password is null byte */
> - bcc_ptr++; /* skip password */
> - /* already aligned so no need to do it below */
> - }
> +
> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> + *bcc_ptr = 0; /* password is null byte */
> + bcc_ptr++; /* skip password */
> + /* already aligned so no need to do it below */
>
> if (ses->server->sign)
> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts
2022-11-01 17:53 ` Thorsten Leemhuis
@ 2022-11-07 13:17 ` Thorsten Leemhuis
2022-11-07 13:31 ` ronnie sahlberg
0 siblings, 1 reply; 6+ messages in thread
From: Thorsten Leemhuis @ 2022-11-07 13:17 UTC (permalink / raw)
To: Ronnie Sahlberg, Steve French; +Cc: regressions, linux-cifs
On 01.11.22 18:53, Thorsten Leemhuis wrote:
> On 12.10.22 01:12, Ronnie Sahlberg wrote:
>> BZ: 215375
>>
>> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
>> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
>
> Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so
> far? If not: could you please consider submitting this change for
> inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days
> that according to the bugzilla ticket seem to annoy some people a lot.
Ronnie, Steve, if you have a minute, I would really appreciate your help
in this matter, you are the best people to judge here.
Ciao, Thorsten
>> ---
>> fs/cifs/connect.c | 11 +++++------
>> 1 file changed, 5 insertions(+), 6 deletions(-)
>>
>> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
>> index 93e59b3b36c7..c77232096c12 100644
>> --- a/fs/cifs/connect.c
>> +++ b/fs/cifs/connect.c
>> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
>> pSMB->AndXCommand = 0xFF;
>> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
>> bcc_ptr = &pSMB->Password[0];
>> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
>> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
>> - *bcc_ptr = 0; /* password is null byte */
>> - bcc_ptr++; /* skip password */
>> - /* already aligned so no need to do it below */
>> - }
>> +
>> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
>> + *bcc_ptr = 0; /* password is null byte */
>> + bcc_ptr++; /* skip password */
>> + /* already aligned so no need to do it below */
>>
>> if (ses->server->sign)
>> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts
2022-11-07 13:17 ` Thorsten Leemhuis
@ 2022-11-07 13:31 ` ronnie sahlberg
2022-11-07 13:40 ` Thorsten Leemhuis
0 siblings, 1 reply; 6+ messages in thread
From: ronnie sahlberg @ 2022-11-07 13:31 UTC (permalink / raw)
To: Thorsten Leemhuis; +Cc: Ronnie Sahlberg, Steve French, regressions, linux-cifs
On Mon, 7 Nov 2022 at 23:20, Thorsten Leemhuis
<regressions@leemhuis.info> wrote:
>
> On 01.11.22 18:53, Thorsten Leemhuis wrote:
> > On 12.10.22 01:12, Ronnie Sahlberg wrote:
> >> BZ: 215375
> >>
> >> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
> >> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> >
> > Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so
> > far? If not: could you please consider submitting this change for
> > inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days
> > that according to the bugzilla ticket seem to annoy some people a lot.
>
> Ronnie, Steve, if you have a minute, I would really appreciate your help
> in this matter, you are the best people to judge here.
Thanks for the reminder. I don't think there were any issues in the
pre-release so we should try to get it into the stable kernels.
I am not sure how that process works since the patch is already in upstream.
(I have only seen the process where you flag the patch with cc-stable.)
Can you explain the process on how to flag this existing patch for backporting?
>
> Ciao, Thorsten
>
> >> ---
> >> fs/cifs/connect.c | 11 +++++------
> >> 1 file changed, 5 insertions(+), 6 deletions(-)
> >>
> >> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
> >> index 93e59b3b36c7..c77232096c12 100644
> >> --- a/fs/cifs/connect.c
> >> +++ b/fs/cifs/connect.c
> >> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
> >> pSMB->AndXCommand = 0xFF;
> >> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
> >> bcc_ptr = &pSMB->Password[0];
> >> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
> >> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> >> - *bcc_ptr = 0; /* password is null byte */
> >> - bcc_ptr++; /* skip password */
> >> - /* already aligned so no need to do it below */
> >> - }
> >> +
> >> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> >> + *bcc_ptr = 0; /* password is null byte */
> >> + bcc_ptr++; /* skip password */
> >> + /* already aligned so no need to do it below */
> >>
> >> if (ses->server->sign)
> >> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts
2022-11-07 13:31 ` ronnie sahlberg
@ 2022-11-07 13:40 ` Thorsten Leemhuis
2022-11-07 21:40 ` ronnie sahlberg
0 siblings, 1 reply; 6+ messages in thread
From: Thorsten Leemhuis @ 2022-11-07 13:40 UTC (permalink / raw)
To: ronnie sahlberg; +Cc: Ronnie Sahlberg, Steve French, regressions, linux-cifs
On 07.11.22 14:31, ronnie sahlberg wrote:
> On Mon, 7 Nov 2022 at 23:20, Thorsten Leemhuis
> <regressions@leemhuis.info> wrote:
>>
>> On 01.11.22 18:53, Thorsten Leemhuis wrote:
>>> On 12.10.22 01:12, Ronnie Sahlberg wrote:
>>>> BZ: 215375
>>>>
>>>> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
>>>> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
>>>
>>> Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so
>>> far? If not: could you please consider submitting this change for
>>> inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days
>>> that according to the bugzilla ticket seem to annoy some people a lot.
>>
>> Ronnie, Steve, if you have a minute, I would really appreciate your help
>> in this matter, you are the best people to judge here.
>
> Thanks for the reminder. I don't think there were any issues in the
> pre-release so we should try to get it into the stable kernels.
Great.
> I am not sure how that process works since the patch is already in upstream.
> (I have only seen the process where you flag the patch with cc-stable.)
> Can you explain the process on how to flag this existing patch for backporting?
Documentation/process/stable-kernel-rules.rst (or
https://docs.kernel.org/process/stable-kernel-rules.html ) explains this
(see option 3 there) better than I can. The patch afaics needs to got to
6.0 and 5.15.
Many thx for taking care of this!
Ciao, Thorsten
>>>> ---
>>>> fs/cifs/connect.c | 11 +++++------
>>>> 1 file changed, 5 insertions(+), 6 deletions(-)
>>>>
>>>> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
>>>> index 93e59b3b36c7..c77232096c12 100644
>>>> --- a/fs/cifs/connect.c
>>>> +++ b/fs/cifs/connect.c
>>>> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
>>>> pSMB->AndXCommand = 0xFF;
>>>> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
>>>> bcc_ptr = &pSMB->Password[0];
>>>> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
>>>> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
>>>> - *bcc_ptr = 0; /* password is null byte */
>>>> - bcc_ptr++; /* skip password */
>>>> - /* already aligned so no need to do it below */
>>>> - }
>>>> +
>>>> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
>>>> + *bcc_ptr = 0; /* password is null byte */
>>>> + bcc_ptr++; /* skip password */
>>>> + /* already aligned so no need to do it below */
>>>>
>>>> if (ses->server->sign)
>>>> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts
2022-11-07 13:40 ` Thorsten Leemhuis
@ 2022-11-07 21:40 ` ronnie sahlberg
0 siblings, 0 replies; 6+ messages in thread
From: ronnie sahlberg @ 2022-11-07 21:40 UTC (permalink / raw)
To: Thorsten Leemhuis; +Cc: Ronnie Sahlberg, Steve French, regressions, linux-cifs
On Mon, 7 Nov 2022 at 23:40, Thorsten Leemhuis
<regressions@leemhuis.info> wrote:
>
> On 07.11.22 14:31, ronnie sahlberg wrote:
> > On Mon, 7 Nov 2022 at 23:20, Thorsten Leemhuis
> > <regressions@leemhuis.info> wrote:
> >>
> >> On 01.11.22 18:53, Thorsten Leemhuis wrote:
> >>> On 12.10.22 01:12, Ronnie Sahlberg wrote:
> >>>> BZ: 215375
> >>>>
> >>>> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
> >>>> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> >>>
> >>> Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so
> >>> far? If not: could you please consider submitting this change for
> >>> inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days
> >>> that according to the bugzilla ticket seem to annoy some people a lot.
> >>
> >> Ronnie, Steve, if you have a minute, I would really appreciate your help
> >> in this matter, you are the best people to judge here.
> >
> > Thanks for the reminder. I don't think there were any issues in the
> > pre-release so we should try to get it into the stable kernels.
>
> Great.
>
> > I am not sure how that process works since the patch is already in upstream.
> > (I have only seen the process where you flag the patch with cc-stable.)
> > Can you explain the process on how to flag this existing patch for backporting?
>
> Documentation/process/stable-kernel-rules.rst (or
> https://docs.kernel.org/process/stable-kernel-rules.html ) explains this
> (see option 3 there) better than I can. The patch afaics needs to got to
> 6.0 and 5.15.
Thanks. What we need here is option 2.
Steve, can you send an email for option 2 so we get it in the older kernels?
>
> Many thx for taking care of this!
>
> Ciao, Thorsten
>
>
> >>>> ---
> >>>> fs/cifs/connect.c | 11 +++++------
> >>>> 1 file changed, 5 insertions(+), 6 deletions(-)
> >>>>
> >>>> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
> >>>> index 93e59b3b36c7..c77232096c12 100644
> >>>> --- a/fs/cifs/connect.c
> >>>> +++ b/fs/cifs/connect.c
> >>>> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
> >>>> pSMB->AndXCommand = 0xFF;
> >>>> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
> >>>> bcc_ptr = &pSMB->Password[0];
> >>>> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
> >>>> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> >>>> - *bcc_ptr = 0; /* password is null byte */
> >>>> - bcc_ptr++; /* skip password */
> >>>> - /* already aligned so no need to do it below */
> >>>> - }
> >>>> +
> >>>> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> >>>> + *bcc_ptr = 0; /* password is null byte */
> >>>> + bcc_ptr++; /* skip password */
> >>>> + /* already aligned so no need to do it below */
> >>>>
> >>>> if (ses->server->sign)
> >>>> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
> >
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-11-07 21:40 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-11 23:12 [PATCH] cifs: fix regression in very old smb1 mounts Ronnie Sahlberg
2022-11-01 17:53 ` Thorsten Leemhuis
2022-11-07 13:17 ` Thorsten Leemhuis
2022-11-07 13:31 ` ronnie sahlberg
2022-11-07 13:40 ` Thorsten Leemhuis
2022-11-07 21:40 ` ronnie sahlberg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).