Linux-CIFS Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH][SMB3] Improve check for when we send security descriptor context on open
@ 2019-12-07 23:46 Steve French
  0 siblings, 0 replies; only message in thread
From: Steve French @ 2019-12-07 23:46 UTC (permalink / raw)
  To: CIFS

[-- Attachment #1: Type: text/plain, Size: 302 bytes --]

    We had cases in the modetosid patch where we were sending the security
    descriptor context on SMB3 open (file create) in cases when we hadn't
    mounted with with "modefromsid" mount option.

    Add check for that mount flag before calling ad_sd_context in
    open init.


-- 
Thanks,

Steve

[-- Attachment #2: 0001-smb3-improve-check-for-when-we-send-the-security-des.patch --]
[-- Type: text/x-patch, Size: 1174 bytes --]

From 231e2a0ba56733c95cb77d8920e76502b2134e72 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Sat, 7 Dec 2019 17:38:22 -0600
Subject: [PATCH] smb3: improve check for when we send the security descriptor
 context on create

We had cases in the previous patch where we were sending the security
descriptor context on SMB3 open (file create) in cases when we hadn't
mounted with with "modefromsid" mount option.

Add check for that mount flag before calling ad_sd_context in
open init.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
---
 fs/cifs/smb2pdu.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index b77643e02157..0ab6b1200288 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -2630,6 +2630,8 @@ SMB2_open_init(struct cifs_tcon *tcon, struct smb_rqst *rqst, __u8 *oplock,
 	}
 
 	if ((oparms->disposition != FILE_OPEN) &&
+	    (oparms->cifs_sb) &&
+	    (oparms->cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MODE_FROM_SID) &&
 	    (oparms->mode != ACL_NO_MODE)) {
 		if (n_iov > 2) {
 			struct create_context *ccontext =
-- 
2.23.0


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-07 23:46 [PATCH][SMB3] Improve check for when we send security descriptor context on open Steve French

Linux-CIFS Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-cifs/0 linux-cifs/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-cifs linux-cifs/ https://lore.kernel.org/linux-cifs \
		linux-cifs@vger.kernel.org
	public-inbox-index linux-cifs

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-cifs


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git