* [PATCH] cifs: fix regression in very old smb1 mounts
@ 2022-10-11 23:12 Ronnie Sahlberg
2022-11-01 17:53 ` Thorsten Leemhuis
0 siblings, 1 reply; 6+ messages in thread
From: Ronnie Sahlberg @ 2022-10-11 23:12 UTC (permalink / raw)
To: linux-cifs; +Cc: Steve French
BZ: 215375
Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
---
fs/cifs/connect.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 93e59b3b36c7..c77232096c12 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
pSMB->AndXCommand = 0xFF;
pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
bcc_ptr = &pSMB->Password[0];
- if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
- pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
- *bcc_ptr = 0; /* password is null byte */
- bcc_ptr++; /* skip password */
- /* already aligned so no need to do it below */
- }
+
+ pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
+ *bcc_ptr = 0; /* password is null byte */
+ bcc_ptr++; /* skip password */
+ /* already aligned so no need to do it below */
if (ses->server->sign)
smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
--
2.35.3
^ permalink raw reply related [flat|nested] 6+ messages in thread* Re: [PATCH] cifs: fix regression in very old smb1 mounts 2022-10-11 23:12 [PATCH] cifs: fix regression in very old smb1 mounts Ronnie Sahlberg @ 2022-11-01 17:53 ` Thorsten Leemhuis 2022-11-07 13:17 ` Thorsten Leemhuis 0 siblings, 1 reply; 6+ messages in thread From: Thorsten Leemhuis @ 2022-11-01 17:53 UTC (permalink / raw) To: Ronnie Sahlberg, linux-cifs; +Cc: Steve French, regressions On 12.10.22 01:12, Ronnie Sahlberg wrote: > BZ: 215375 > > Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms") > Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so far? If not: could you please consider submitting this change for inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days that according to the bugzilla ticket seem to annoy some people a lot. Ciao, Thorsten > --- > fs/cifs/connect.c | 11 +++++------ > 1 file changed, 5 insertions(+), 6 deletions(-) > > diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c > index 93e59b3b36c7..c77232096c12 100644 > --- a/fs/cifs/connect.c > +++ b/fs/cifs/connect.c > @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses, > pSMB->AndXCommand = 0xFF; > pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO); > bcc_ptr = &pSMB->Password[0]; > - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) { > - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ > - *bcc_ptr = 0; /* password is null byte */ > - bcc_ptr++; /* skip password */ > - /* already aligned so no need to do it below */ > - } > + > + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ > + *bcc_ptr = 0; /* password is null byte */ > + bcc_ptr++; /* skip password */ > + /* already aligned so no need to do it below */ > > if (ses->server->sign) > smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts 2022-11-01 17:53 ` Thorsten Leemhuis @ 2022-11-07 13:17 ` Thorsten Leemhuis 2022-11-07 13:31 ` ronnie sahlberg 0 siblings, 1 reply; 6+ messages in thread From: Thorsten Leemhuis @ 2022-11-07 13:17 UTC (permalink / raw) To: Ronnie Sahlberg, Steve French; +Cc: regressions, linux-cifs On 01.11.22 18:53, Thorsten Leemhuis wrote: > On 12.10.22 01:12, Ronnie Sahlberg wrote: >> BZ: 215375 >> >> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms") >> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> > > Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so > far? If not: could you please consider submitting this change for > inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days > that according to the bugzilla ticket seem to annoy some people a lot. Ronnie, Steve, if you have a minute, I would really appreciate your help in this matter, you are the best people to judge here. Ciao, Thorsten >> --- >> fs/cifs/connect.c | 11 +++++------ >> 1 file changed, 5 insertions(+), 6 deletions(-) >> >> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c >> index 93e59b3b36c7..c77232096c12 100644 >> --- a/fs/cifs/connect.c >> +++ b/fs/cifs/connect.c >> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses, >> pSMB->AndXCommand = 0xFF; >> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO); >> bcc_ptr = &pSMB->Password[0]; >> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) { >> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ >> - *bcc_ptr = 0; /* password is null byte */ >> - bcc_ptr++; /* skip password */ >> - /* already aligned so no need to do it below */ >> - } >> + >> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ >> + *bcc_ptr = 0; /* password is null byte */ >> + bcc_ptr++; /* skip password */ >> + /* already aligned so no need to do it below */ >> >> if (ses->server->sign) >> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts 2022-11-07 13:17 ` Thorsten Leemhuis @ 2022-11-07 13:31 ` ronnie sahlberg 2022-11-07 13:40 ` Thorsten Leemhuis 0 siblings, 1 reply; 6+ messages in thread From: ronnie sahlberg @ 2022-11-07 13:31 UTC (permalink / raw) To: Thorsten Leemhuis; +Cc: Ronnie Sahlberg, Steve French, regressions, linux-cifs On Mon, 7 Nov 2022 at 23:20, Thorsten Leemhuis <regressions@leemhuis.info> wrote: > > On 01.11.22 18:53, Thorsten Leemhuis wrote: > > On 12.10.22 01:12, Ronnie Sahlberg wrote: > >> BZ: 215375 > >> > >> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms") > >> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> > > > > Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so > > far? If not: could you please consider submitting this change for > > inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days > > that according to the bugzilla ticket seem to annoy some people a lot. > > Ronnie, Steve, if you have a minute, I would really appreciate your help > in this matter, you are the best people to judge here. Thanks for the reminder. I don't think there were any issues in the pre-release so we should try to get it into the stable kernels. I am not sure how that process works since the patch is already in upstream. (I have only seen the process where you flag the patch with cc-stable.) Can you explain the process on how to flag this existing patch for backporting? > > Ciao, Thorsten > > >> --- > >> fs/cifs/connect.c | 11 +++++------ > >> 1 file changed, 5 insertions(+), 6 deletions(-) > >> > >> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c > >> index 93e59b3b36c7..c77232096c12 100644 > >> --- a/fs/cifs/connect.c > >> +++ b/fs/cifs/connect.c > >> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses, > >> pSMB->AndXCommand = 0xFF; > >> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO); > >> bcc_ptr = &pSMB->Password[0]; > >> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) { > >> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ > >> - *bcc_ptr = 0; /* password is null byte */ > >> - bcc_ptr++; /* skip password */ > >> - /* already aligned so no need to do it below */ > >> - } > >> + > >> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ > >> + *bcc_ptr = 0; /* password is null byte */ > >> + bcc_ptr++; /* skip password */ > >> + /* already aligned so no need to do it below */ > >> > >> if (ses->server->sign) > >> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts 2022-11-07 13:31 ` ronnie sahlberg @ 2022-11-07 13:40 ` Thorsten Leemhuis 2022-11-07 21:40 ` ronnie sahlberg 0 siblings, 1 reply; 6+ messages in thread From: Thorsten Leemhuis @ 2022-11-07 13:40 UTC (permalink / raw) To: ronnie sahlberg; +Cc: Ronnie Sahlberg, Steve French, regressions, linux-cifs On 07.11.22 14:31, ronnie sahlberg wrote: > On Mon, 7 Nov 2022 at 23:20, Thorsten Leemhuis > <regressions@leemhuis.info> wrote: >> >> On 01.11.22 18:53, Thorsten Leemhuis wrote: >>> On 12.10.22 01:12, Ronnie Sahlberg wrote: >>>> BZ: 215375 >>>> >>>> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms") >>>> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> >>> >>> Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so >>> far? If not: could you please consider submitting this change for >>> inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days >>> that according to the bugzilla ticket seem to annoy some people a lot. >> >> Ronnie, Steve, if you have a minute, I would really appreciate your help >> in this matter, you are the best people to judge here. > > Thanks for the reminder. I don't think there were any issues in the > pre-release so we should try to get it into the stable kernels. Great. > I am not sure how that process works since the patch is already in upstream. > (I have only seen the process where you flag the patch with cc-stable.) > Can you explain the process on how to flag this existing patch for backporting? Documentation/process/stable-kernel-rules.rst (or https://docs.kernel.org/process/stable-kernel-rules.html ) explains this (see option 3 there) better than I can. The patch afaics needs to got to 6.0 and 5.15. Many thx for taking care of this! Ciao, Thorsten >>>> --- >>>> fs/cifs/connect.c | 11 +++++------ >>>> 1 file changed, 5 insertions(+), 6 deletions(-) >>>> >>>> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c >>>> index 93e59b3b36c7..c77232096c12 100644 >>>> --- a/fs/cifs/connect.c >>>> +++ b/fs/cifs/connect.c >>>> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses, >>>> pSMB->AndXCommand = 0xFF; >>>> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO); >>>> bcc_ptr = &pSMB->Password[0]; >>>> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) { >>>> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ >>>> - *bcc_ptr = 0; /* password is null byte */ >>>> - bcc_ptr++; /* skip password */ >>>> - /* already aligned so no need to do it below */ >>>> - } >>>> + >>>> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ >>>> + *bcc_ptr = 0; /* password is null byte */ >>>> + bcc_ptr++; /* skip password */ >>>> + /* already aligned so no need to do it below */ >>>> >>>> if (ses->server->sign) >>>> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cifs: fix regression in very old smb1 mounts 2022-11-07 13:40 ` Thorsten Leemhuis @ 2022-11-07 21:40 ` ronnie sahlberg 0 siblings, 0 replies; 6+ messages in thread From: ronnie sahlberg @ 2022-11-07 21:40 UTC (permalink / raw) To: Thorsten Leemhuis; +Cc: Ronnie Sahlberg, Steve French, regressions, linux-cifs On Mon, 7 Nov 2022 at 23:40, Thorsten Leemhuis <regressions@leemhuis.info> wrote: > > On 07.11.22 14:31, ronnie sahlberg wrote: > > On Mon, 7 Nov 2022 at 23:20, Thorsten Leemhuis > > <regressions@leemhuis.info> wrote: > >> > >> On 01.11.22 18:53, Thorsten Leemhuis wrote: > >>> On 12.10.22 01:12, Ronnie Sahlberg wrote: > >>>> BZ: 215375 > >>>> > >>>> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms") > >>>> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> > >>> > >>> Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so > >>> far? If not: could you please consider submitting this change for > >>> inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days > >>> that according to the bugzilla ticket seem to annoy some people a lot. > >> > >> Ronnie, Steve, if you have a minute, I would really appreciate your help > >> in this matter, you are the best people to judge here. > > > > Thanks for the reminder. I don't think there were any issues in the > > pre-release so we should try to get it into the stable kernels. > > Great. > > > I am not sure how that process works since the patch is already in upstream. > > (I have only seen the process where you flag the patch with cc-stable.) > > Can you explain the process on how to flag this existing patch for backporting? > > Documentation/process/stable-kernel-rules.rst (or > https://docs.kernel.org/process/stable-kernel-rules.html ) explains this > (see option 3 there) better than I can. The patch afaics needs to got to > 6.0 and 5.15. Thanks. What we need here is option 2. Steve, can you send an email for option 2 so we get it in the older kernels? > > Many thx for taking care of this! > > Ciao, Thorsten > > > >>>> --- > >>>> fs/cifs/connect.c | 11 +++++------ > >>>> 1 file changed, 5 insertions(+), 6 deletions(-) > >>>> > >>>> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c > >>>> index 93e59b3b36c7..c77232096c12 100644 > >>>> --- a/fs/cifs/connect.c > >>>> +++ b/fs/cifs/connect.c > >>>> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses, > >>>> pSMB->AndXCommand = 0xFF; > >>>> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO); > >>>> bcc_ptr = &pSMB->Password[0]; > >>>> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) { > >>>> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ > >>>> - *bcc_ptr = 0; /* password is null byte */ > >>>> - bcc_ptr++; /* skip password */ > >>>> - /* already aligned so no need to do it below */ > >>>> - } > >>>> + > >>>> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ > >>>> + *bcc_ptr = 0; /* password is null byte */ > >>>> + bcc_ptr++; /* skip password */ > >>>> + /* already aligned so no need to do it below */ > >>>> > >>>> if (ses->server->sign) > >>>> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; > > ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-11-07 21:40 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-10-11 23:12 [PATCH] cifs: fix regression in very old smb1 mounts Ronnie Sahlberg 2022-11-01 17:53 ` Thorsten Leemhuis 2022-11-07 13:17 ` Thorsten Leemhuis 2022-11-07 13:31 ` ronnie sahlberg 2022-11-07 13:40 ` Thorsten Leemhuis 2022-11-07 21:40 ` ronnie sahlberg
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).