lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAH2r5msOQ=OWAgRoYG5kO7fndMWt=_7ZBET-M3mkXMfgnLCM1A@mail.gmail.com>
Date: Tue, 1 Oct 2024 21:33:24 -0500
From: Steve French <smfrench@...il.com>
To: wangrong <wangrong@...ontech.com>
Cc: sfrench@...ba.org, pc@...guebit.com, ronniesahlberg@...il.com, 
	sprasad@...rosoft.com, tom@...pey.com, linux-cifs@...r.kernel.org, 
	samba-technical@...ts.samba.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] smb: client: use actual path when queryfs

Paulo just found this potentially important fix in email (it had gotten missed).

The one suspicious thing about this though ... we should have some
code paths where we would use the cached root handle for statfs
(which is preferable to doing an open of a new handle, since it is
already open we don't risk an error coming back on open).

Any ideas whether we also need additional changes to use the cached
root handle better in statfs (since in most cases to
Windows we would expect to have that)?


On Thu, Jun 20, 2024 at 3:54 AM wangrong <wangrong@...ontech.com> wrote:
>
> Due to server permission control, the client does not have access to
> the shared root directory, but can access subdirectories normally, so
> users usually mount the shared subdirectories directly. In this case,
> queryfs should use the actual path instead of the root directory to
> avoid the call returning an error (EACCES).
>
> Signed-off-by: wangrong <wangrong@...ontech.com>
> ---
>  fs/smb/client/cifsfs.c   | 13 ++++++++++++-
>  fs/smb/client/cifsglob.h |  2 +-
>  fs/smb/client/smb1ops.c  |  2 +-
>  fs/smb/client/smb2ops.c  | 19 ++++++++++++-------
>  4 files changed, 26 insertions(+), 10 deletions(-)
>
> diff --git a/fs/smb/client/cifsfs.c b/fs/smb/client/cifsfs.c
> index bb86fc064..a4d59f0f5 100644
> --- a/fs/smb/client/cifsfs.c
> +++ b/fs/smb/client/cifsfs.c
> @@ -313,8 +313,17 @@ cifs_statfs(struct dentry *dentry, struct kstatfs *buf)
>         struct TCP_Server_Info *server = tcon->ses->server;
>         unsigned int xid;
>         int rc = 0;
> +       const char *full_path;
> +       void *page;
>
>         xid = get_xid();
> +       page = alloc_dentry_path();
> +
> +       full_path = build_path_from_dentry(dentry, page);
> +       if (IS_ERR(full_path)) {
> +               rc = PTR_ERR(full_path);
> +               goto statfs_out;
> +       }
>
>         if (le32_to_cpu(tcon->fsAttrInfo.MaxPathNameComponentLength) > 0)
>                 buf->f_namelen =
> @@ -330,8 +339,10 @@ cifs_statfs(struct dentry *dentry, struct kstatfs *buf)
>         buf->f_ffree = 0;       /* unlimited */
>
>         if (server->ops->queryfs)
> -               rc = server->ops->queryfs(xid, tcon, cifs_sb, buf);
> +               rc = server->ops->queryfs(xid, tcon, full_path, cifs_sb, buf);
>
> +statfs_out:
> +       free_dentry_path(page);
>         free_xid(xid);
>         return rc;
>  }
> diff --git a/fs/smb/client/cifsglob.h b/fs/smb/client/cifsglob.h
> index 73482734a..d3118d748 100644
> --- a/fs/smb/client/cifsglob.h
> +++ b/fs/smb/client/cifsglob.h
> @@ -483,7 +483,7 @@ struct smb_version_operations {
>                         __u16 net_fid, struct cifsInodeInfo *cifs_inode);
>         /* query remote filesystem */
>         int (*queryfs)(const unsigned int, struct cifs_tcon *,
> -                      struct cifs_sb_info *, struct kstatfs *);
> +                      const char *, struct cifs_sb_info *, struct kstatfs *);
>         /* send mandatory brlock to the server */
>         int (*mand_lock)(const unsigned int, struct cifsFileInfo *, __u64,
>                          __u64, __u32, int, int, bool);
> diff --git a/fs/smb/client/smb1ops.c b/fs/smb/client/smb1ops.c
> index 212ec6f66..e3a195824 100644
> --- a/fs/smb/client/smb1ops.c
> +++ b/fs/smb/client/smb1ops.c
> @@ -909,7 +909,7 @@ cifs_oplock_response(struct cifs_tcon *tcon, __u64 persistent_fid,
>
>  static int
>  cifs_queryfs(const unsigned int xid, struct cifs_tcon *tcon,
> -            struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
> +            const char *path, struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
>  {
>         int rc = -EOPNOTSUPP;
>
> diff --git a/fs/smb/client/smb2ops.c b/fs/smb/client/smb2ops.c
> index c8e536540..bb7194386 100644
> --- a/fs/smb/client/smb2ops.c
> +++ b/fs/smb/client/smb2ops.c
> @@ -2784,7 +2784,7 @@ smb2_query_info_compound(const unsigned int xid, struct cifs_tcon *tcon,
>
>  static int
>  smb2_queryfs(const unsigned int xid, struct cifs_tcon *tcon,
> -            struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
> +            const char *path, struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
>  {
>         struct smb2_query_info_rsp *rsp;
>         struct smb2_fs_full_size_info *info = NULL;
> @@ -2793,7 +2793,7 @@ smb2_queryfs(const unsigned int xid, struct cifs_tcon *tcon,
>         int rc;
>
>
> -       rc = smb2_query_info_compound(xid, tcon, "",
> +       rc = smb2_query_info_compound(xid, tcon, path,
>                                       FILE_READ_ATTRIBUTES,
>                                       FS_FULL_SIZE_INFORMATION,
>                                       SMB2_O_INFO_FILESYSTEM,
> @@ -2821,28 +2821,33 @@ smb2_queryfs(const unsigned int xid, struct cifs_tcon *tcon,
>
>  static int
>  smb311_queryfs(const unsigned int xid, struct cifs_tcon *tcon,
> -              struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
> +              const char *path, struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
>  {
>         int rc;
> -       __le16 srch_path = 0; /* Null - open root of share */
> +       __le16 *utf16_path = NULL;
>         u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
>         struct cifs_open_parms oparms;
>         struct cifs_fid fid;
>
>         if (!tcon->posix_extensions)
> -               return smb2_queryfs(xid, tcon, cifs_sb, buf);
> +               return smb2_queryfs(xid, tcon, path, cifs_sb, buf);
>
>         oparms = (struct cifs_open_parms) {
>                 .tcon = tcon,
> -               .path = "",
> +               .path = path,
>                 .desired_access = FILE_READ_ATTRIBUTES,
>                 .disposition = FILE_OPEN,
>                 .create_options = cifs_create_options(cifs_sb, 0),
>                 .fid = &fid,
>         };
>
> -       rc = SMB2_open(xid, &oparms, &srch_path, &oplock, NULL, NULL,
> +       utf16_path = cifs_convert_path_to_utf16(path, cifs_sb);
> +       if (utf16_path == NULL)
> +               return -ENOMEM;
> +
> +       rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL,
>                        NULL, NULL);
> +       kfree(utf16_path);
>         if (rc)
>                 return rc;
>
> --
> 2.20.1
>
>


-- 
Thanks,

Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ