aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs
Commit message (Collapse)AuthorAgeFilesLines
* always call inode_change_ok early in ->setattrChristoph Hellwig2010-08-091-16/+13
| | | | | | | | | Make sure we call inode_change_ok before doing any changes in ->setattr, and make sure to call it even if our fs wants to ignore normal UNIX permissions, but use the ATTR_FORCE to skip those. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* remove inode_setattrChristoph Hellwig2010-08-091-12/+33
| | | | | | | | | | | | | | | | | | | Replace inode_setattr with opencoded variants of it in all callers. This moves the remaining call to vmtruncate into the filesystem methods where it can be replaced with the proper truncate sequence. In a few cases it was obvious that we would never end up calling vmtruncate so it was left out in the opencoded variant: spufs: explicitly checks for ATTR_SIZE earlier btrfs,hugetlbfs,logfs,dlmfs: explicitly clears ATTR_SIZE earlier ufs: contains an opencoded simple_seattr + truncate that sets the filesize just above In addition to that ncpfs called inode_setattr with handcrafted iattrs, which allowed to trim down the opencoded variant. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* cifs: fsc should not default to "on"Jeff Layton2010-08-021-3/+0
| | | | | | | | | | | I'm not sure why this was merged with this flag hardcoded on, but it seems quite dangerous. Turn it off. Also, mount.cifs hands unrecognized options off to the kernel so there should be no need for changes there in order to support this. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* [CIFS] remove redundant path walking in dfs_do_refmountSteve French2010-08-021-17/+11
| | | | | | Reviewed-by: Dave Howells <dhowells@redhat.com> Signed-off-by: Igor Mammedov <niallain@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: ignore the "mand", "nomand" and "_netdev" mount optionsJeff Layton2010-08-021-0/+6
| | | | | | | | These are all handled by the userspace mount programs, but older versions of mount.cifs also handed them off to the kernel. Ignore them. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: map NT_STATUS_ERROR_WRITE_PROTECTED to -EROFSJeff Layton2010-08-022-0/+2
| | | | | | | Seems like a more sensible mapping than -EIO. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: don't allow cifs_iget to match inodes of the wrong typeJeff Layton2010-08-021-0/+5
| | | | | | | | If the type is different from what we think it should be, then don't match the existing inode. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* [CIFS] relinquish fscache cookie before freeing CIFSTconInfoSteve French2010-08-021-1/+1
| | | | | | | | Doh, fix a use after free bug. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Reviewed-and-Tested-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: add separate cred_uid field to sesInfoJeff Layton2010-08-023-3/+10
| | | | | | | | | | | | | | | | | | | | | Right now, there's no clear separation between the uid that owns the credentials used to do the mount and the overriding owner of the files on that mount. Add a separate cred_uid field that is set to the real uid of the mount user. Unlike the linux_uid, the uid= option does not override this parameter. The parm is sent to cifs.upcall, which can then preferentially use the creduid= parm instead of the uid= parm for finding credentials. This is not the only way to solve this. We could try to do all of this in kernel instead by having a module parameter that affects what gets passed in the uid= field of the upcall. That said, we have a lot more flexibility to change things in userspace so I think it probably makes sense to do it this way. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* fs: cifs: check kmalloc() resultKulikov Vasiliy2010-08-021-0/+5
| | | | | | | | | If kmalloc() fails exit with -ENOMEM. Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Acked-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* [CIFS] Missing ifdefSteve French2010-08-021-0/+4
| | | | Signed-off-by: Steve French <sfrench@us.ibm.com>
* [CIFS] Missing line from previous commitSteve French2010-08-021-3/+3
| | | | | CC: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* [CIFS] Fix build break when CONFIG_CIFS_FSCACHE disabledSteve French2010-08-022-2/+2
| | | | | CC: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: add mount option to enable local cachingSuresh Jayaraman2010-08-022-0/+9
| | | | | | | | | | | | | | Add a mount option 'fsc' to enable local caching on CIFS. I considered adding a separate debug bit for caching, but it appears that debugging would be relatively easier with the normal CIFS_INFO level. As the cifs-utils (userspace) changes are not done yet, this patch enables 'fsc' by default to enable testing. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: read pages from FS-CacheSuresh Jayaraman2010-08-023-1/+129
| | | | | | | | Read pages from a FS-Cache data storage object into a CIFS inode. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: store pages into local cacheSuresh Jayaraman2010-08-023-0/+29
| | | | | | | | Store pages from an CIFS inode into the data storage object associated with that inode. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: FS-Cache page managementSuresh Jayaraman2010-08-024-0/+93
| | | | | | | | | Takes care of invalidation and release of FS-Cache marked pages and also invalidation of the FsCache page flag when the inode is removed. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: define inode-level cache object and register themSuresh Jayaraman2010-08-027-0/+183
| | | | | | | | | | | | Define inode-level data storage objects (managed by cifsInodeInfo structs). Each inode-level object is created in a super-block level object and is itself a data storage object in to which pages from the inode are stored. The inode object is keyed by UniqueId. The coherency data being used is LastWriteTime, LastChangeTime and end of file reported by the server. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: define superblock-level cache index objects and register themSuresh Jayaraman2010-08-026-0/+142
| | | | | | | | | | | | Define superblock-level cache index objects (managed by cifsTconInfo structs). Each superblock object is created in a server-level index object and in itself an index into which inode-level objects are inserted. The superblock object is keyed by sharename. The UniqueId/IndexNumber is used to validate that the exported share is the same since we accessed it last time. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: remove unused cifsUidInfo structJeff Layton2010-08-021-16/+0
| | | | | Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: clean up cifs_find_smb_ses (try #2)Jeff Layton2010-08-022-9/+19
| | | | | | | | | | | | | | | | | | | | This patch replaces the earlier patch by the same name. The only difference is that MAX_PASSWORD_SIZE has been increased to attempt to match the limits that windows enforces. Do a better job of matching sessions by authtype. Matching by username for a Kerberos session is incorrect, and anonymous sessions need special handling. Also, in the case where we do match by username, we also need to match by password. That ensures that someone else doesn't "borrow" an existing session without needing to know the password. Finally, passwords can be longer than 16 bytes. Bump MAX_PASSWORD_SIZE to 512 to match the size that the userspace mount helper allows. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: match secType when searching for existing tcp sessionJeff Layton2010-08-022-4/+54
| | | | | | | | | The secType is a per-tcp session entity, but the current routine doesn't verify that it is acceptible when attempting to match an existing TCP session. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: move address comparison into separate functionJeff Layton2010-08-021-37/+36
| | | | | | | | | | | Move the address comparator out of cifs_find_tcp_session and into a separate function for cleanliness. Also change the argument to that function to a "struct sockaddr" pointer. Passing pointers to sockaddr_storage is a little odd since that struct is generally for declaring static storage. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: set the port in sockaddr in a more clearly defined fashionJeff Layton2010-08-024-10/+31
| | | | | | | | | | | | | | | | | | This patch should replace the patch I sent a couple of weeks ago to set the port in cifs_convert_address. Currently we set this in cifs_find_tcp_session, but that's more of a side effect than anything. Add a new function called cifs_fill_sockaddr. Have it call cifs_convert_address and then set the port. This also allows us to skip passing in the port as a separate parm to cifs_find_tcp_session. Also, change cifs_convert_address take a struct sockaddr * rather than void * to make it clearer how this function should be called. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: define server-level cache index objects and register themSuresh Jayaraman2010-08-026-1/+126
| | | | | | | | | | | | Define server-level cache index objects (as managed by TCP_ServerInfo structs) and register then with FS-Cache. Each server object is created in the CIFS top-level index object and is itself an index into which superblock-level objects are inserted. The server objects are now keyed by {IPaddress,family,port} tuple. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: register CIFS for cachingSuresh Jayaraman2010-08-024-0/+95
| | | | | | | | | Define CIFS for FS-Cache and register for caching. Upon registration the top-level index object cookie will be stuck to the netfs definition by FS-Cache. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* fs/cifs: Remove unnecessary casts of private_dataJoe Perches2010-08-023-18/+13
| | | | | Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: add kernel config option for CIFS Client caching supportSuresh Jayaraman2010-08-021-0/+9
| | | | | | | Add a kernel config option to enable local caching for CIFS. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: remove unused ip_address field in struct TCP_Server_InfoSuresh Jayaraman2010-08-021-1/+0
| | | | | | | | The ip_address field is not used and seems redundant as there is union addr already and I don't see any future use as well. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: remove an potentially confusing, obsolete commentSuresh Jayaraman2010-08-021-6/+0
| | | | | | | | | | The recent commit 6ca9f3bae8b1854794dfa63cdd3b88b7dfe24c13 modified the code so that filp is full instantiated whenever the file is created and passed back. The below comment is no longer true, remove it. Cc: Jeff Layton <jlayton@redhat.com> Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: guard cifsglob.h against multiple inclusionSuresh Jayaraman2010-08-021-0/+5
| | | | | | | | | Add conditional compile macros to guard the header file against multiple inclusion. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* CIFS: Remove __exit mark from cifs_exit_dns_resolver()David Howells2010-07-302-2/+2
| | | | | | | | | | Remove the __exit mark from cifs_exit_dns_resolver() as it's called by the module init routine in case of error, and so may have been discarded during linkage. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* CIFS: Fix a malicious redirect problem in the DNS lookup codeDavid Howells2010-07-223-5/+74
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the security problem in the CIFS filesystem DNS lookup code in which a malicious redirect could be installed by a random user by simply adding a result record into one of their keyrings with add_key() and then invoking a CIFS CFS lookup [CVE-2010-2524]. This is done by creating an internal keyring specifically for the caching of DNS lookups. To enforce the use of this keyring, the module init routine creates a set of override credentials with the keyring installed as the thread keyring and instructs request_key() to only install lookup result keys in that keyring. The override is then applied around the call to request_key(). This has some additional benefits when a kernel service uses this module to request a key: (1) The result keys are owned by root, not the user that caused the lookup. (2) The result keys don't pop up in the user's keyrings. (3) The result keys don't come out of the quota of the user that caused the lookup. The keyring can be viewed as root by doing cat /proc/keys: 2a0ca6c3 I----- 1 perm 1f030000 0 0 keyring .dns_resolver: 1/4 It can then be listed with 'keyctl list' by root. # keyctl list 0x2a0ca6c3 1 key in keyring: 726766307: --alswrv 0 0 dns_resolver: foo.bar.com Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-and-Tested-by: Jeff Layton <jlayton@redhat.com> Acked-by: Steve French <smfrench@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* cifs: remove bogus first_time check in NTLMv2 session setup codeJeff Layton2010-06-161-9/+1
| | | | | | | | | | | | | | | | This bug appears to be the result of a cut-and-paste mistake from the NTLMv1 code. The function to generate the MAC key was commented out, but not the conditional above it. The conditional then ended up causing the session setup key not to be copied to the buffer unless this was the first session on the socket, and that made all but the first NTLMv2 session setup fail. Fix this by removing the conditional and all of the commented clutter that made it difficult to see. Cc: Stable <stable@kernel.org> Reported-by: Gunther Deschner <gdeschne@redhat.com> Signed-off-by: Jeff Layton <jlayton@redhat.com>
* cifs: don't call cifs_new_fileinfo unless cifs_open succeedsJeff Layton2010-06-161-6/+11
| | | | | | | | | | | | It's currently possible for cifs_open to fail after it has already called cifs_new_fileinfo. In that situation, the new fileinfo will be leaked as the caller doesn't call fput. That in turn leads to a busy inodes after umount problem since the fileinfo holds an extra inode reference now. Shuffle cifs_open around a bit so that it only calls cifs_new_fileinfo if it's going to succeed. Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-and-Tested-by: Suresh Jayaraman <sjayaraman@suse.de>
* cifs: don't ignore cifs_posix_open_inode_helper return valueSuresh Jayaraman2010-06-161-2/+2
| | | | | | | ...and ensure that we propagate the error back to avoid any surprises. Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Reviewed-and-Tested-by: Jeff Layton <jlayton@redhat.com>
* cifs: clean up arguments to cifs_open_inode_helperJeff Layton2010-06-161-16/+14
| | | | | | | | ...which takes a ton of unneeded arguments and does a lot more pointer dereferencing than is really needed. Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-and-Tested-by: Suresh Jayaraman <sjayaraman@suse.de>
* cifs: pass instantiated filp back after open callJeff Layton2010-06-162-50/+29
| | | | | | | | | | | | | | | | | | The current scheme of sticking open files on a list and assuming that cifs_open will scoop them off of it is broken and leads to "Busy inodes after umount..." errors at unmount time. The problem is that there is no guarantee that cifs_open will always be called after a ->lookup or ->create operation. If there are permissions or other problems, then it's quite likely that it *won't* be called. Fix this by fully instantiating the filp whenever the file is created and pass that filp back to the VFS. If there is a problem, the VFS can clean up the references. Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-and-Tested-by: Suresh Jayaraman <sjayaraman@suse.de>
* cifs: move cifs_new_fileinfo call out of cifs_posix_openJeff Layton2010-06-163-31/+30
| | | | | | | | | | | | | | | | | | Having cifs_posix_open call cifs_new_fileinfo is problematic and inconsistent with how "regular" opens work. It's also buggy as cifs_reopen_file calls this function on a reconnect, which creates a new struct cifsFileInfo that just gets leaked. Push it out into the callers. This also allows us to get rid of the "mnt" arg to cifs_posix_open. Finally, in the event that a cifsFileInfo isn't or can't be created, we always want to close the filehandle out on the server as the client won't have a record of the filehandle and can't actually use it. Make sure that CIFSSMBClose is called in those cases. Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-and-Tested-by: Suresh Jayaraman <sjayaraman@suse.de>
* cifs: implement drop_inode superblock opJeff Layton2010-06-121-3/+13
| | | | | | | | | | | | | | | | | | | | The standard behavior for drop_inode is to delete the inode when the last reference to it is put and the nlink count goes to 0. This helps keep inodes that are still considered "not deleted" in cache as long as possible even when there aren't dentries attached to them. When server inode numbers are disabled, it's not possible for cifs_iget to ever match an existing inode (since inode numbers are generated via iunique). In this situation, cifs can keep a lot of inodes in cache that will never be used again. Implement a drop_inode routine that deletes the inode if server inode numbers are disabled on the mount. This helps keep the cifs inode caches down to a more manageable size when server inode numbers are disabled. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: don't attempt busy-file rename unless it's in same directoryJeff Layton2010-06-121-0/+4
| | | | | | | | | | | | | Busy-file renames don't actually work across directories, so we need to limit this code to renames within the same dir. This fixes the bug detailed here: https://bugzilla.redhat.com/show_bug.cgi?id=591938 Signed-off-by: Jeff Layton <jlayton@redhat.com> CC: Stable <stable@kernel.org> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: fix page refcount leakJeff Layton2010-06-011-0/+1
| | | | | | | | | | | | Commit 315e995c63a15cb4d4efdbfd70fe2db191917f7a is causing OOM kills when stress-testing a CIFS filesystem. The VFS readpages operation takes a page reference. The older code just handed this reference off to the page cache, but the new code takes an extra one. The simplest fix is to put the new reference after add_to_page_cache_lru. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Nick Piggin <npiggin@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
* drop unused dentry argument to ->fsyncChristoph Hellwig2010-05-272-3/+3
| | | | | Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* cifs: fix noserverino handling when unix extensions are enabledJeff Layton2010-05-173-0/+15
| | | | | | | | | The uniqueid field sent by the server when unix extensions are enabled is currently used sometimes when it shouldn't be. The readdir codepath is correct, but most others are not. Fix it. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: don't update uniqueid in cifs_fattr_to_inodeJeff Layton2010-05-171-1/+0
| | | | | | | | | | | | | We use this value to find an inode within the hash bucket, so we can't change this without re-hashing the inode. For now, treat this value as immutable. Eventually, we should probably use an inode number change on a path based operation to indicate that the lookup cache is invalid, but that's a bit more code to deal with. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* cifs: always revalidate hardlinked inodes when using noserverinoJeff Layton2010-05-171-0/+5
| | | | | | | | | The old cifs_revalidate logic always revalidated hardlinked inodes. This hack allowed CIFS to pass some connectathon tests when server inode numbers aren't used (basic test7, in particular). Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
* Merge branch 'master' of /pub/scm/linux/kernel/git/torvalds/linux-2.6Steve French2010-05-134-2/+33
|\ | | | | | | | | Conflicts: fs/cifs/inode.c
| * Merge branch 'for-linus' of ↵Linus Torvalds2010-05-132-2/+20
| |\ | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: cifs: guard against hardlinking directories
| | * cifs: guard against hardlinking directoriesJeff Layton2010-05-112-2/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we made serverino the default, we trusted that the field sent by the server in the "uniqueid" field was actually unique. It turns out that it isn't reliably so. Samba, in particular, will just put the st_ino in the uniqueid field when unix extensions are enabled. When a share spans multiple filesystems, it's quite possible that there will be collisions. This is a server bug, but when the inodes in question are a directory (as is often the case) and there is a collision with the root inode of the mount, the result is a kernel panic on umount. Fix this by checking explicitly for directory inodes with the same uniqueid. If that is the case, then we can assume that using server inode numbers will be a problem and that they should be disabled. Fixes Samba bugzilla 7407 Signed-off-by: Jeff Layton <jlayton@redhat.com> CC: Stable <stable@kernel.org> Reviewed-and-Tested-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
| * | cifs: add bdi backing to mount sessionJens Axboe2010-04-222-0/+13
| |/ | | | | | | | | | | This ensures that dirty data gets flushed properly. Signed-off-by: Jens Axboe <jens.axboe@oracle.com>