summaryrefslogtreecommitdiff
path: root/fs/cifs
AgeCommit message (Collapse)Author
2009-06-11push BKL down into ->put_superChristoph Hellwig
Move BKL into ->put_super from the only caller. A couple of filesystems had trivial enough ->put_super (only kfree and NULLing of s_fs_info + stuff in there) to not get any locking: coda, cramfs, efs, hugetlbfs, omfs, qnx4, shmem, all others got the full treatment. Most of them probably don't need it, but I'd rather sort that out individually. Preferably after all the other BKL pushdowns in that area. [AV: original used to move lock_super() down as well; these changes are removed since we don't do lock_super() at all in generic_shutdown_super() now] [AV: fuse, btrfs and xfs are known to need no damn BKL, exempt] Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-06-11switch follow_down()Al Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-06-10cifs: remove never-used in6_addr optionJeff Layton
This option was never used to my knowledge. Remove it before someone does... Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-06-10cifs: add addr= mount option alias for ip=Jeff Layton
When you look in /proc/mounts, the address of the server gets displayed as "addr=". That's really a better option to use anyway since it's more generic. What if we eventually want to support non-IP transports? It also makes CIFS option consistent with the NFS option of the same name. Begin the migration to that option name by adding an alias for ip= called addr=. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-06-06[CIFS] Add mention of new mount parm (forceuid) to cifs readmeSteve French
Also update fs/cifs/CHANGES Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-06-06cifs: make overriding of ownership conditional on new mount optionsJeff Layton
We have a bit of a problem with the uid= option. The basic issue is that it means too many things and has too many side-effects. It's possible to allow an unprivileged user to mount a filesystem if the user owns the mountpoint, /bin/mount is setuid root, and the mount is set up in /etc/fstab with the "user" option. When doing this though, /bin/mount automatically adds the "uid=" and "gid=" options to the share. This is fortunate since the correct uid= option is needed in order to tell the upcall what user's credcache to use when generating the SPNEGO blob. On a mount without unix extensions this is fine -- you generally will want the files to be owned by the "owner" of the mount. The problem comes in on a mount with unix extensions. With those enabled, the uid/gid options cause the ownership of files to be overriden even though the server is sending along the ownership info. This means that it's not possible to have a mount by an unprivileged user that shows the server's file ownership info. The result is also inode permissions that have no reflection at all on the server. You simply cannot separate ownership from the mode in this fashion. This behavior also makes MultiuserMount option less usable. Once you pass in the uid= option for a mount, then you can't use unix ownership info and allow someone to share the mount. While I'm not thrilled with it, the only solution I can see is to stop making uid=/gid= force the overriding of ownership on mounts, and to add new mount options that turn this behavior on. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-06-02cifs: fix IPv6 address length checkJeff Layton
For IPv6 the userspace mount helper sends an address in the "ip=" option. This check fails if the length is > 35 characters. I have no idea where the magic 35 character limit came from, but it's clearly not enough for IPv6. Fix it by making it use the INET6_ADDRSTRLEN #define. While we're at it, use the same #define for the address length in SPNEGO upcalls. Reported-by: Charles R. Anderson <cra@wpi.edu> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-28cifs: clean up set_cifs_acl interfacesChristoph Hellwig
Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-28cifs: reorganize get_cifs_aclChristoph Hellwig
Thus spake Christoph: "But this whole set_cifs_acl function is a real mess anyway and needs some splitting up." With this change too, it's possible to call acl_to_uid_mode() with a NULL inode pointer. That (or something close to it) will eventually be necessary when cifs_get_inode_info is reorganized. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-28[CIFS] Update readme to indicate change to default mount (serverino)Steve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-28cifs: make serverino the default when mountingJeff Layton
Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-28cifs: rename cifs_iget to cifs_root_igetJeff Layton
The current cifs_iget isn't suitable for anything but the root inode. Rename it with a more appropriate name. Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-28cifs: make cnvrtDosUnixTm take a little-endian args and an offsetJeff Layton
The callers primarily end up converting the args from le anyway. Also, most of the callers end up needing to add an offset to the result. The exception to these rules is cnvrtDosCifsTm, but there are no callers of that function, so we might as well remove it. Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-28cifs: have cifs_NTtimeToUnix take a little-endian argJeff Layton
...and just have the function call le64_to_cpu. Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-26cifs: tighten up default file_mode/dir_modeJeff Layton
The current default file mode is 02767 and dir mode is 0777. This is extremely "loose". Given that CIFS is a single-user protocol, these permissions allow anyone to use the mount -- in effect, giving anyone on the machine access to the credentials used to mount the share. Change this by making the default permissions restrict write access to the default owner of the mount. Give read and execute permissions to everyone else. These are the same permissions that VFAT mounts get by default so there is some precedent here. Note that this patch also removes the mandatory locking flags from the default file_mode. After having looked at how these flags are used by the kernel, I don't think that keeping them as the default offers any real benefit. That flag combination makes it so that the kernel enforces mandatory locking. Since the server is going to do that for us anyway, I don't think we want the client to enforce this by default on applications that just want advisory locks. Anyone that does want this behavior can always enable it by setting the file_mode appropriately. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-26cifs: fix artificial limit on reading symlinksJeff Layton
There's no reason to limit the size of a symlink that we can read to 4000 bytes. That may be nowhere near PATH_MAX if the server is sending UCS2 strings. CIFS should be able to read in a symlink up to the size of the buffer. The size of the header has already been accounted for when creating the slabcache, so CIFSMaxBufSize should be the correct size to pass in. Fixes samba bug #6384. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-23[CIFS] Avoid open on possible directories since Samba now rejects themSteve French
Small change (mostly formatting) to limit lookup based open calls to file create only. After discussion yesteday on samba-technical about the posix lookup regression, and looking at a problem with cifs posix open to one particular Samba version, Jeff and JRA realized that Samba server's behavior changed in this area (posix open behavior on files vs. directories). To make this behavior consistent, JRA just made a fix to Samba server to alter how it handles open of directories (now returning the equivalent of EISDIR instead of success). Since we don't know at lookup time whether the inode is a directory or file (and thus whether posix open will succeed with most current Samba server), this change avoids the posix open code on lookup open (just issues posix open on creates). This gets the semantic benefits we want (atomicity, posix byte range locks, improved write semantics on newly created files) and file create still is fast, and we avoid the problem that Jeff noticed yesterday with "openat" (and some open directory calls) of non-cached directories to one version of Samba server, and will work with future Samba versions (which include the fix jra just pushed into Samba server). I confirmed this approach with jra yesterday and with Shirish today. Posix open is only called (at lookup time) for file create now. For opens (rather than creates), because we do not know if it is a file or directory yet, and current Samba no longer allows us to do posix open on dirs, we could end up wasting an open call on what turns out to be a dir. For file opens, we wait to call posix open till cifs_open. It could be added here (lookup) in the future but the performance tradeoff of the extra network request when EISDIR or EACCES is returned would have to be weighed against the 50% reduction in network traffic in the other paths. Reviewed-by: Shirish Pargaonkar <shirishp@us.ibm.com> Tested-by: Jeff Layton <jlayton@redhat.com> CC: Jeremy Allison <jra@samba.org> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-21[CIFS] fix posix open regressionSteve French
Posix open code was not properly adding the file to the list of open files. Fix allocating cifsFileInfo more than once, and adding twice to flist and tlist. Also fix mode setting to be done in one place in these paths. Signed-off-by: Steve French <sfrench@us.ibm.com> Reviewed-by: Shirish Pargaonkar <shirishp@us.ibm.com> Tested-by: Jeff Layton <jlayton@redhat.com> Tested-by: Luca Tettamanti <kronos.it@gmail.com>
2009-05-19cifs: fix pointer initialization and checks in cifs_follow_symlink (try #4)Jeff Layton
This is the third respin of the patch posted yesterday to fix the error handling in cifs_follow_symlink. It also includes a fix for a bogus NULL pointer check in CIFSSMBQueryUnixSymLink that Jeff Moyer spotted. It's possible for CIFSSMBQueryUnixSymLink to return without setting target_path to a valid pointer. If that happens then the current value to which we're initializing this pointer could cause an oops when it's kfree'd. This patch is a little more comprehensive than the last patches. It reorganizes cifs_follow_link a bit for (hopefully) better readability. It should also eliminate the uneeded allocation of full_path on servers without unix extensions (assuming they can get to this point anyway, of which I'm not convinced). On a side note, I'm not sure I agree with the logic of enabling this query even when unix extensions are disabled on the client. It seems like that should disable this as well. But, changing that is outside the scope of this fix, so I've left it alone for now. Reported-by: Jeff Moyer <jmoyer@redhat.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-by: Jeff Moyer <jmoyer@redhat.com> Reviewed-by: Christoph Hellwig <hch@inraded.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-14cifs: fix error handling in parse_DFS_referralsJeff Layton
cifs_strndup_from_ucs returns NULL on error, not an ERR_PTR Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-09Convert obvious places to deactivate_locked_super()Al Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-05-09vfs: umount_begin BKL pushdownAlessio Igor Bogani
Push BKL down into ->umount_begin() Signed-off-by: Alessio Igor Bogani <abogani@texware.it> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-05-08[CIFS] Fix double list addition in cifs posix open codeSteve French
Remove adding open file entry twice to lists in the file Do not fill file info twice in case of posix opens and creates Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-06[CIFS] Allow raw ntlmssp code to be enabled with sec=ntlmsspSteve French
On mount, "sec=ntlmssp" can now be specified to allow "rawntlmssp" security to be enabled during CIFS session establishment/authentication (ntlmssp used to require specifying krb5 which was counterintuitive). Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-06[CIFS] Fix SMB uid in NTLMSSP authenticate requestSteve French
We were not setting the SMB uid in NTLMSSP authenticate request which could lead to INVALID_PARAMETER error on 2nd session setup. Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-04[CIFS] NTLMSSP reenabled after move from connect.c to sess.cSteve French
The NTLMSSP code was removed from fs/cifs/connect.c and merged (75% smaller, cleaner) into fs/cifs/sess.c As with the old code it requires that cifs be built with CONFIG_CIFS_EXPERIMENTAL, the /proc/fs/cifs/Experimental flag must be set to 2, and mount must turn on extended security (e.g. with sec=krb5). Although NTLMSSP encapsulated in SPNEGO is not enabled yet, "raw" ntlmssp is common and useful in some cases since it offers more complete security negotiation, and is the default way of negotiating security for many Windows systems. SPNEGO encapsulated NTLMSSP will be able to reuse the same code. Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-02[CIFS] Remove sparse warningSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-02[CIFS] remove checkpatch warningSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-02[CIFS] Fix final user of old string conversion codeSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-02[CIFS] remove cifs_strfromUCS_leJeff Layton
Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-02[CIFS] NTLMSSP support moving into new file, old dead code removedSteve French
Remove dead NTLMSSP support from connect.c prior to addition of the new code to replace it. Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-01[CIFS] Fix endian conversion of vcnum fieldSteve French
When multiply mounting from the same client to the same server, with different userids, we create a vcnum which should be unique if possible (this is not the same as the smb uid, which is the handle to the security context). We were not endian converting additional (beyond the first which is zero) vcnum properly. CC: Stable <stable@kernel.org> Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-01[CIFS] Remove trailing whitespaceSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-01[CIFS] Remove sparse endian warningsSteve French
Removes two sparse CHECK_ENDIAN warnings from Jeffs earlier patch, and removes the dead readlink code (after noting where in findfirst we will need to add something like that in the future to handle the newly discovered unexpected error on FindFirst of NTFS symlinks. Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-01[CIFS] Add remaining ntlmssp flags and standardize field namesSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-01[CIFS] Fix build warningSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-05-01cifs: fix length handling in cifs_get_name_from_search_bufJeff Layton
The earlier patch to move this code to use the new unicode helpers assumed that the filename strings would be null terminated. That's not always the case. Instead of passing "max_len" to the string converter, pass "min(len, max_len)", which makes it do the right thing while still keeping the parser confined to the response. Also fix up the prototypes of this function and the callers so that max_len is unsigned (like len is). Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30[CIFS] Remove unneeded QuerySymlink call and fix mapping for unmapped statusSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30[CIFS] rename cifs_strndup to cifs_strndup_from_ucsSteve French
In most cases, cifs_strndup is converting from Unicode (UCS2 / UTF-32) to the configured local code page for the Linux mount (usually UTF8), so Jeff suggested that to make it more clear that cifs_strndup is doing a conversion not just memory allocation and copy, rename the function to including "from_ucs" (ie Unicode) Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30Added loop check when mounting DFS tree.Igor Mammedov
Added loop check when mounting DFS tree. mount will fail with ELOOP if referral walks exceed MAX_NESTED_LINK count. Signed-off-by: Igor Mammedov <niallain@gmail.com> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30Enable dfs submounts to handle remote referrals.Igor Mammedov
Having remote dfs root support in cifs_mount, we can afford to pass into it UNC that is remote. Signed-off-by: Igor Mammedov <niallain@gmail.com> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30[CIFS] Remove older session setup implementationSteve French
Two years ago, when the session setup code in cifs was rewritten and moved to fs/cifs/sess.c, we were asked to keep the old code for a release or so (which could be reenabled at runtime) since it was such a large change and because the asn (SPNEGO) and NTLMSSP code was not rewritten and needed to be. This was useful to avoid regressions, but is long overdue to be removed. Now that the Kerberos (asn/spnego) code is working in fs/cifs/sess.c, and the NTLMSSP code moved (NTLMSSP blob setup be rewritten with the next patch in this series) quite a bit of dead code from fs/cifs/connect.c now can be removed. This old code should have been removed last year, but the earlier krb5 patches did not move/remove the NTLMSSP code which we had asked to be done first. Since no one else volunteered, I am doing it now. It is extremely important that we continue to examine the documentation for this area, to make sure our code continues to be uptodate with changes since Windows 2003. Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: change cifs_get_name_from_search_buf to use new unicode helperJeff Layton
...and remove cifs_convertUCSpath. There are no more callers. Also add a #define for the buffer used in the readdir path so that we don't have so many magic numbers floating around. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: change CIFSSMBUnixQuerySymLink to use new helpersJeff Layton
Change CIFSSMBUnixQuerySymLink to use the new unicode helper functions. Also change the calling conventions so that the allocation of the target name buffer is done in CIFSSMBUnixQuerySymLink rather than by the caller. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: fix session setup unicode string saving to use new unicode helpersJeff Layton
...and change decode_unicode_ssetup to be a void function. It never returns an actual error anyway. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: convert CIFSTCon to use new unicode helper functionsJeff Layton
Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: rename cifs_strlcpy_to_host and make it use new functionsJeff Layton
Rename cifs_strlcpy_to_host to cifs_strndup since that better describes what this function really does. Then, convert it to use the new string conversion and measurement functions that work in units of bytes rather than wide chars. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: add new function to get unicode string length in bytesJeff Layton
Working in units of words means we do a lot of unnecessary conversion back and forth. Standardize on bytes instead since that's more useful for allocating buffers and such. Also, remove hostlen_fromUCS since the new function has a similar purpose. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: add replacement for cifs_strtoUCS_le called cifs_from_ucs2Jeff Layton
Add a replacement function for cifs_strtoUCS_le. cifs_from_ucs2 takes args for the source and destination length so that we can ensure that the function is confined within the intended buffers. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2009-04-30cifs: move #defines for mapchars into cifs_unicode.hJeff Layton
Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>