linux_dsm_epyc7002/fs/cifs
Vincent Whitchurch de1126ea44 cifs: Fix preauth hash corruption
commit 05946d4b7a7349ae58bfa2d51ae832e64a394c2d upstream.

smb311_update_preauth_hash() uses the shash in server->secmech without
appropriate locking, and this can lead to sessions corrupting each
other's preauth hashes.

The following script can easily trigger the problem:

	#!/bin/sh -e

	NMOUNTS=10
	for i in $(seq $NMOUNTS);
		mkdir -p /tmp/mnt$i
		umount /tmp/mnt$i 2>/dev/null || :
	done
	while :; do
		for i in $(seq $NMOUNTS); do
			mount -t cifs //192.168.0.1/test /tmp/mnt$i -o ... &
		done
		wait
		for i in $(seq $NMOUNTS); do
			umount /tmp/mnt$i
		done
	done

Usually within seconds this leads to one or more of the mounts failing
with the following errors, and a "Bad SMB2 signature for message" is
seen in the server logs:

 CIFS: VFS: \\192.168.0.1 failed to connect to IPC (rc=-13)
 CIFS: VFS: cifs_mount failed w/return code = -13

Fix it by holding the server mutex just like in the other places where
the shashes are used.

Fixes: 8bd68c6e47 ("CIFS: implement v3.11 preauth integrity")
Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com>
CC: <stable@vger.kernel.org>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
[aaptel: backport to kernel without CIFS_SESS_OP]
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-03-25 09:04:18 +01:00
..
asn1.c cifs: remove bogus debug code 2020-10-22 12:17:52 -05:00
cache.c smb3: extend fscache mount volume coherency check 2020-06-06 11:16:25 -05:00
cifs_debug.c cifs: Display local UID details for SMB sessions in DebugData 2020-07-01 19:38:19 -05:00
cifs_debug.h cifs: Standardize logging output 2020-06-01 00:10:18 -05:00
cifs_dfs_ref.c cifs: fix potential mismatch of UNC paths 2020-02-24 14:20:38 -06:00
cifs_fs_sb.h smb3: add mount option to allow RW caching of share accessed by only 1 client 2019-09-16 11:43:38 -05:00
cifs_ioctl.h cifs: add SMB3 change notification support 2020-02-06 09:14:28 -06:00
cifs_spnego.c cifs: switch servers depending on binding state 2019-11-25 01:16:30 -06:00
cifs_spnego.h [CIFS] Rename three structures to avoid camel case 2011-05-27 04:34:02 +00:00
cifs_unicode.c Convert trailing spaces and periods in path components 2020-10-11 23:57:18 -05:00
cifs_unicode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifs_uniupr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifsacl.c cifs: fix a memleak with modefromsid 2020-11-15 23:05:33 -06:00
cifsacl.h cifs: delete duplicated words in header files 2020-08-02 18:00:26 -05:00
cifsencrypt.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
cifsfs.c cifs: return proper error code in statfs(2) 2021-03-17 17:06:13 +01:00
cifsfs.h cifs: update internal module version number 2020-10-23 23:41:49 -05:00
cifsglob.h cifs: do not send close in compound create+close requests 2021-03-17 17:06:28 +01:00
cifspdu.h cifs: cifspdu.h: Replace zero-length array with flexible-array member 2020-03-22 22:49:10 -05:00
cifsproto.h SMB3.1.1: Fix ids returned in POSIX query dir 2020-10-20 11:51:24 -05:00
cifsroot.c cifs: Standardize logging output 2020-06-01 00:10:18 -05:00
cifssmb.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
connect.c cifs: fix credit accounting for extra channel 2021-03-17 17:06:20 +01:00
dfs_cache.c cifs: check pointer before freeing 2021-01-19 18:27:19 +01:00
dfs_cache.h cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect 2020-08-02 18:00:26 -05:00
dir.c cifs: report error instead of invalid when revalidating a dentry fails 2021-02-10 09:29:17 +01:00
dns_resolve.c keys: Pass the network namespace into request_key mechanism 2019-06-27 23:02:12 +01:00
dns_resolve.h DNS: Separate out CIFS DNS Resolver code 2010-08-05 17:17:51 +00:00
export.c docs: fs: convert docs without extension to ReST 2019-07-31 13:31:05 -06:00
file.c cifs: remove the retry in cifs_poxis_lock_set 2020-07-07 23:51:16 -05:00
fs_context.c cifs: move smb version mount options into fs_context.c 2020-10-22 12:17:31 -05:00
fs_context.h cifs: move smb version mount options into fs_context.c 2020-10-22 12:17:31 -05:00
fscache.c smb3: extend fscache mount volume coherency check 2020-06-06 11:16:25 -05:00
fscache.h smb3: extend fscache mount volume coherency check 2020-06-06 11:16:25 -05:00
inode.c cifs: fix allocation size on newly created files 2021-03-25 09:04:09 +01:00
ioctl.c cifs: fix reference leak for tlink 2020-07-09 10:06:52 -05:00
Kconfig smb3: smbdirect support can be configured by default 2020-04-07 13:39:00 -05:00
link.c smb311: add support for using info level for posix extensions query 2020-06-12 08:54:12 -05:00
Makefile cifs: add files to host new mount api 2020-10-22 12:16:24 -05:00
misc.c Merge branch 'akpm' (patches from Andrew) 2020-08-07 11:39:33 -07:00
netmisc.c cifs`: handle ERRBaduid for SMB1 2020-08-02 18:00:25 -05:00
nterr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
nterr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
ntlmssp.h cifs: dynamic allocation of ntlmssp blob 2016-06-23 23:45:07 -05:00
readdir.c SMB3: add support for recognizing WSL reparse tags 2020-10-22 12:17:59 -05:00
rfc1002pdu.h [CIFS] whitespace cleanup 2007-06-05 18:30:44 +00:00
sess.c cifs: fix credit accounting for extra channel 2021-03-17 17:06:20 +01:00
smb1ops.c cifs: smb1: Try failing back to SetFileInfo if SetPathInfo fails 2020-08-02 18:00:25 -05:00
smb2file.c cifs: allow unlock flock and OFD lock across fork 2020-03-22 22:49:09 -05:00
smb2glob.h smb3.1.1: set gcm256 when requested 2020-10-19 15:11:11 -05:00
smb2inode.c cifs: do not send close in compound create+close requests 2021-03-17 17:06:28 +01:00
smb2maperror.c cifs: map STATUS_ACCOUNT_LOCKED_OUT to -EACCES 2020-10-15 23:58:14 -05:00
smb2misc.c cifs: do not send close in compound create+close requests 2021-03-17 17:06:28 +01:00
smb2ops.c cifs: do not send close in compound create+close requests 2021-03-17 17:06:28 +01:00
smb2pdu.c cifs: fix interrupted close commands 2021-01-19 18:27:19 +01:00
smb2pdu.h smb3: Fix out-of-bounds bug in SMB2_negotiate() 2021-02-10 09:29:17 +01:00
smb2proto.h cifs: do not send close in compound create+close requests 2021-03-17 17:06:28 +01:00
smb2status.h cifs: don't use __constant_cpu_to_le32() 2019-05-07 23:24:54 -05:00
smb2transport.c smb3.1.1: set gcm256 when requested 2020-10-19 15:11:11 -05:00
smbdirect.c cifs: Standardize logging output 2020-06-01 00:10:18 -05:00
smbdirect.h cifs: smbd: Do not schedule work to send immediate packet on every receive 2020-04-07 12:41:16 -05:00
smbencrypt.c fs: cifs: move from the crypto cipher API to the new DES library interface 2019-08-22 14:57:34 +10:00
smberr.h cifs: map NT_STATUS_ERROR_WRITE_PROTECTED to -EROFS 2010-08-02 12:40:40 +00:00
smbfsctl.h smb3: add some missing definitions from MS-FSCC 2020-10-23 15:38:10 -05:00
trace.c smb3: Cleanup license mess 2019-01-24 09:37:33 -06:00
trace.h smb3: add dynamic trace point to trace when credits obtained 2020-10-20 11:50:42 -05:00
transport.c cifs: Fix preauth hash corruption 2021-03-25 09:04:18 +01:00
winucase.c Replace HTTP links with HTTPS ones: CIFS 2020-07-05 14:23:38 -06:00
xattr.c CIFS: Add support for setting owner info, dos attributes, and create time 2020-01-26 19:24:17 -06:00