diff options
Diffstat (limited to 'fs/cifs/cifs_debug.c')
| -rw-r--r-- | fs/cifs/cifs_debug.c | 52 |
1 files changed, 45 insertions, 7 deletions
diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index d59748346020..f3ac4154cbb6 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c | |||
| @@ -213,7 +213,7 @@ static int cifs_debug_data_proc_show(struct seq_file *m, void *v) | |||
| 213 | tcon->nativeFileSystem); | 213 | tcon->nativeFileSystem); |
| 214 | } | 214 | } |
| 215 | seq_printf(m, "DevInfo: 0x%x Attributes: 0x%x" | 215 | seq_printf(m, "DevInfo: 0x%x Attributes: 0x%x" |
| 216 | "\nPathComponentMax: %d Status: 0x%d", | 216 | "\n\tPathComponentMax: %d Status: 0x%d", |
| 217 | le32_to_cpu(tcon->fsDevInfo.DeviceCharacteristics), | 217 | le32_to_cpu(tcon->fsDevInfo.DeviceCharacteristics), |
| 218 | le32_to_cpu(tcon->fsAttrInfo.Attributes), | 218 | le32_to_cpu(tcon->fsAttrInfo.Attributes), |
| 219 | le32_to_cpu(tcon->fsAttrInfo.MaxPathNameComponentLength), | 219 | le32_to_cpu(tcon->fsAttrInfo.MaxPathNameComponentLength), |
| @@ -224,6 +224,8 @@ static int cifs_debug_data_proc_show(struct seq_file *m, void *v) | |||
| 224 | seq_puts(m, " type: CDROM "); | 224 | seq_puts(m, " type: CDROM "); |
| 225 | else | 225 | else |
| 226 | seq_printf(m, " type: %d ", dev_type); | 226 | seq_printf(m, " type: %d ", dev_type); |
| 227 | if (server->ops->dump_share_caps) | ||
| 228 | server->ops->dump_share_caps(m, tcon); | ||
| 227 | 229 | ||
| 228 | if (tcon->need_reconnect) | 230 | if (tcon->need_reconnect) |
| 229 | seq_puts(m, "\tDISCONNECTED "); | 231 | seq_puts(m, "\tDISCONNECTED "); |
| @@ -595,9 +597,36 @@ static int cifs_security_flags_proc_open(struct inode *inode, struct file *file) | |||
| 595 | return single_open(file, cifs_security_flags_proc_show, NULL); | 597 | return single_open(file, cifs_security_flags_proc_show, NULL); |
| 596 | } | 598 | } |
| 597 | 599 | ||
| 600 | /* | ||
| 601 | * Ensure that if someone sets a MUST flag, that we disable all other MAY | ||
| 602 | * flags except for the ones corresponding to the given MUST flag. If there are | ||
| 603 | * multiple MUST flags, then try to prefer more secure ones. | ||
| 604 | */ | ||
| 605 | static void | ||
| 606 | cifs_security_flags_handle_must_flags(unsigned int *flags) | ||
| 607 | { | ||
| 608 | unsigned int signflags = *flags & CIFSSEC_MUST_SIGN; | ||
| 609 | |||
| 610 | if ((*flags & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5) | ||
| 611 | *flags = CIFSSEC_MUST_KRB5; | ||
| 612 | else if ((*flags & CIFSSEC_MUST_NTLMSSP) == CIFSSEC_MUST_NTLMSSP) | ||
| 613 | *flags = CIFSSEC_MUST_NTLMSSP; | ||
| 614 | else if ((*flags & CIFSSEC_MUST_NTLMV2) == CIFSSEC_MUST_NTLMV2) | ||
| 615 | *flags = CIFSSEC_MUST_NTLMV2; | ||
| 616 | else if ((*flags & CIFSSEC_MUST_NTLM) == CIFSSEC_MUST_NTLM) | ||
| 617 | *flags = CIFSSEC_MUST_NTLM; | ||
| 618 | else if ((*flags & CIFSSEC_MUST_LANMAN) == CIFSSEC_MUST_LANMAN) | ||
| 619 | *flags = CIFSSEC_MUST_LANMAN; | ||
| 620 | else if ((*flags & CIFSSEC_MUST_PLNTXT) == CIFSSEC_MUST_PLNTXT) | ||
| 621 | *flags = CIFSSEC_MUST_PLNTXT; | ||
| 622 | |||
| 623 | *flags |= signflags; | ||
| 624 | } | ||
| 625 | |||
| 598 | static ssize_t cifs_security_flags_proc_write(struct file *file, | 626 | static ssize_t cifs_security_flags_proc_write(struct file *file, |
| 599 | const char __user *buffer, size_t count, loff_t *ppos) | 627 | const char __user *buffer, size_t count, loff_t *ppos) |
| 600 | { | 628 | { |
| 629 | int rc; | ||
| 601 | unsigned int flags; | 630 | unsigned int flags; |
| 602 | char flags_string[12]; | 631 | char flags_string[12]; |
| 603 | char c; | 632 | char c; |
| @@ -620,26 +649,35 @@ static ssize_t cifs_security_flags_proc_write(struct file *file, | |||
| 620 | global_secflags = CIFSSEC_MAX; | 649 | global_secflags = CIFSSEC_MAX; |
| 621 | return count; | 650 | return count; |
| 622 | } else if (!isdigit(c)) { | 651 | } else if (!isdigit(c)) { |
| 623 | cifs_dbg(VFS, "invalid flag %c\n", c); | 652 | cifs_dbg(VFS, "Invalid SecurityFlags: %s\n", |
| 653 | flags_string); | ||
| 624 | return -EINVAL; | 654 | return -EINVAL; |
| 625 | } | 655 | } |
| 626 | } | 656 | } |
| 627 | /* else we have a number */ | ||
| 628 | 657 | ||
| 629 | flags = simple_strtoul(flags_string, NULL, 0); | 658 | /* else we have a number */ |
| 659 | rc = kstrtouint(flags_string, 0, &flags); | ||
| 660 | if (rc) { | ||
| 661 | cifs_dbg(VFS, "Invalid SecurityFlags: %s\n", | ||
| 662 | flags_string); | ||
| 663 | return rc; | ||
| 664 | } | ||
| 630 | 665 | ||
| 631 | cifs_dbg(FYI, "sec flags 0x%x\n", flags); | 666 | cifs_dbg(FYI, "sec flags 0x%x\n", flags); |
| 632 | 667 | ||
| 633 | if (flags <= 0) { | 668 | if (flags == 0) { |
| 634 | cifs_dbg(VFS, "invalid security flags %s\n", flags_string); | 669 | cifs_dbg(VFS, "Invalid SecurityFlags: %s\n", flags_string); |
| 635 | return -EINVAL; | 670 | return -EINVAL; |
| 636 | } | 671 | } |
| 637 | 672 | ||
| 638 | if (flags & ~CIFSSEC_MASK) { | 673 | if (flags & ~CIFSSEC_MASK) { |
| 639 | cifs_dbg(VFS, "attempt to set unsupported security flags 0x%x\n", | 674 | cifs_dbg(VFS, "Unsupported security flags: 0x%x\n", |
| 640 | flags & ~CIFSSEC_MASK); | 675 | flags & ~CIFSSEC_MASK); |
| 641 | return -EINVAL; | 676 | return -EINVAL; |
| 642 | } | 677 | } |
| 678 | |||
| 679 | cifs_security_flags_handle_must_flags(&flags); | ||
| 680 | |||
| 643 | /* flags look ok - update the global security flags for cifs module */ | 681 | /* flags look ok - update the global security flags for cifs module */ |
| 644 | global_secflags = flags; | 682 | global_secflags = flags; |
| 645 | if (global_secflags & CIFSSEC_MUST_SIGN) { | 683 | if (global_secflags & CIFSSEC_MUST_SIGN) { |