Merge tag '4.17-rc2-smb3' of git://git.samba.org/sfrench/cifs-2.6

+3

fs/cifs/cifssmb.c

··· 455 455 server->sign = true; 456 456 } 457 457 458 + if (cifs_rdma_enabled(server) && server->sign) 459 + cifs_dbg(VFS, "Signing is enabled, and RDMA read/write will be disabled"); 460 + 458 461 return 0; 459 462 } 460 463

+16 -16

fs/cifs/connect.c

··· 2959 2959 } 2960 2960 } 2961 2961 2962 + if (volume_info->seal) { 2963 + if (ses->server->vals->protocol_id == 0) { 2964 + cifs_dbg(VFS, 2965 + "SMB3 or later required for encryption\n"); 2966 + rc = -EOPNOTSUPP; 2967 + goto out_fail; 2968 + } else if (tcon->ses->server->capabilities & 2969 + SMB2_GLOBAL_CAP_ENCRYPTION) 2970 + tcon->seal = true; 2971 + else { 2972 + cifs_dbg(VFS, "Encryption is not supported on share\n"); 2973 + rc = -EOPNOTSUPP; 2974 + goto out_fail; 2975 + } 2976 + } 2977 + 2962 2978 /* 2963 2979 * BB Do we need to wrap session_mutex around this TCon call and Unix 2964 2980 * SetFS as we do on SessSetup and reconnect? ··· 3021 3005 goto out_fail; 3022 3006 } 3023 3007 tcon->use_resilient = true; 3024 - } 3025 - 3026 - if (volume_info->seal) { 3027 - if (ses->server->vals->protocol_id == 0) { 3028 - cifs_dbg(VFS, 3029 - "SMB3 or later required for encryption\n"); 3030 - rc = -EOPNOTSUPP; 3031 - goto out_fail; 3032 - } else if (tcon->ses->server->capabilities & 3033 - SMB2_GLOBAL_CAP_ENCRYPTION) 3034 - tcon->seal = true; 3035 - else { 3036 - cifs_dbg(VFS, "Encryption is not supported on share\n"); 3037 - rc = -EOPNOTSUPP; 3038 - goto out_fail; 3039 - } 3040 3008 } 3041 3009 3042 3010 /*

+14 -4

fs/cifs/smb2ops.c

··· 252 252 wsize = volume_info->wsize ? volume_info->wsize : CIFS_DEFAULT_IOSIZE; 253 253 wsize = min_t(unsigned int, wsize, server->max_write); 254 254 #ifdef CONFIG_CIFS_SMB_DIRECT 255 - if (server->rdma) 256 - wsize = min_t(unsigned int, 255 + if (server->rdma) { 256 + if (server->sign) 257 + wsize = min_t(unsigned int, 258 + wsize, server->smbd_conn->max_fragmented_send_size); 259 + else 260 + wsize = min_t(unsigned int, 257 261 wsize, server->smbd_conn->max_readwrite_size); 262 + } 258 263 #endif 259 264 if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU)) 260 265 wsize = min_t(unsigned int, wsize, SMB2_MAX_BUFFER_SIZE); ··· 277 272 rsize = volume_info->rsize ? volume_info->rsize : CIFS_DEFAULT_IOSIZE; 278 273 rsize = min_t(unsigned int, rsize, server->max_read); 279 274 #ifdef CONFIG_CIFS_SMB_DIRECT 280 - if (server->rdma) 281 - rsize = min_t(unsigned int, 275 + if (server->rdma) { 276 + if (server->sign) 277 + rsize = min_t(unsigned int, 278 + rsize, server->smbd_conn->max_fragmented_recv_size); 279 + else 280 + rsize = min_t(unsigned int, 282 281 rsize, server->smbd_conn->max_readwrite_size); 282 + } 283 283 #endif 284 284 285 285 if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))

+7 -6

fs/cifs/smb2pdu.c

··· 383 383 build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt) 384 384 { 385 385 pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES; 386 - pneg_ctxt->DataLength = cpu_to_le16(6); 387 - pneg_ctxt->CipherCount = cpu_to_le16(2); 388 - pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM; 389 - pneg_ctxt->Ciphers[1] = SMB2_ENCRYPTION_AES128_CCM; 386 + pneg_ctxt->DataLength = cpu_to_le16(4); /* Cipher Count + le16 cipher */ 387 + pneg_ctxt->CipherCount = cpu_to_le16(1); 388 + /* pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM;*/ /* not supported yet */ 389 + pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_CCM; 390 390 } 391 391 392 392 static void ··· 444 444 return -EINVAL; 445 445 } 446 446 server->cipher_type = ctxt->Ciphers[0]; 447 + server->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION; 447 448 return 0; 448 449 } 449 450 ··· 2591 2590 * If we want to do a RDMA write, fill in and append 2592 2591 * smbd_buffer_descriptor_v1 to the end of read request 2593 2592 */ 2594 - if (server->rdma && rdata && 2593 + if (server->rdma && rdata && !server->sign && 2595 2594 rdata->bytes >= server->smbd_conn->rdma_readwrite_threshold) { 2596 2595 2597 2596 struct smbd_buffer_descriptor_v1 *v1; ··· 2969 2968 * If we want to do a server RDMA read, fill in and append 2970 2969 * smbd_buffer_descriptor_v1 to the end of write request 2971 2970 */ 2972 - if (server->rdma && wdata->bytes >= 2971 + if (server->rdma && !server->sign && wdata->bytes >= 2973 2972 server->smbd_conn->rdma_readwrite_threshold) { 2974 2973 2975 2974 struct smbd_buffer_descriptor_v1 *v1;

+1 -1

fs/cifs/smb2pdu.h

··· 297 297 __le16 DataLength; 298 298 __le32 Reserved; 299 299 __le16 CipherCount; /* AES-128-GCM and AES-128-CCM */ 300 - __le16 Ciphers[2]; /* Ciphers[0] since only one used now */ 300 + __le16 Ciphers[1]; /* Ciphers[0] since only one used now */ 301 301 } __packed; 302 302 303 303 struct smb2_negotiate_rsp {

+12 -24

fs/cifs/smbdirect.c

··· 2086 2086 int start, i, j; 2087 2087 int max_iov_size = 2088 2088 info->max_send_size - sizeof(struct smbd_data_transfer); 2089 - struct kvec iov[SMBDIRECT_MAX_SGE]; 2089 + struct kvec *iov; 2090 2090 int rc; 2091 2091 2092 2092 info->smbd_send_pending++; ··· 2096 2096 } 2097 2097 2098 2098 /* 2099 - * This usually means a configuration error 2100 - * We use RDMA read/write for packet size > rdma_readwrite_threshold 2101 - * as long as it's properly configured we should never get into this 2102 - * situation 2103 - */ 2104 - if (rqst->rq_nvec + rqst->rq_npages > SMBDIRECT_MAX_SGE) { 2105 - log_write(ERR, "maximum send segment %x exceeding %x\n", 2106 - rqst->rq_nvec + rqst->rq_npages, SMBDIRECT_MAX_SGE); 2107 - rc = -EINVAL; 2108 - goto done; 2109 - } 2110 - 2111 - /* 2112 - * Remove the RFC1002 length defined in MS-SMB2 section 2.1 2113 - * It is used only for TCP transport 2099 + * Skip the RFC1002 length defined in MS-SMB2 section 2.1 2100 + * It is used only for TCP transport in the iov[0] 2114 2101 * In future we may want to add a transport layer under protocol 2115 2102 * layer so this will only be issued to TCP transport 2116 2103 */ 2117 - iov[0].iov_base = (char *)rqst->rq_iov[0].iov_base + 4; 2118 - iov[0].iov_len = rqst->rq_iov[0].iov_len - 4; 2119 - buflen += iov[0].iov_len; 2104 + 2105 + if (rqst->rq_iov[0].iov_len != 4) { 2106 + log_write(ERR, "expected the pdu length in 1st iov, but got %zu\n", rqst->rq_iov[0].iov_len); 2107 + return -EINVAL; 2108 + } 2109 + iov = &rqst->rq_iov[1]; 2120 2110 2121 2111 /* total up iov array first */ 2122 - for (i = 1; i < rqst->rq_nvec; i++) { 2123 - iov[i].iov_base = rqst->rq_iov[i].iov_base; 2124 - iov[i].iov_len = rqst->rq_iov[i].iov_len; 2112 + for (i = 0; i < rqst->rq_nvec-1; i++) { 2125 2113 buflen += iov[i].iov_len; 2126 2114 } 2127 2115 ··· 2186 2198 goto done; 2187 2199 } 2188 2200 i++; 2189 - if (i == rqst->rq_nvec) 2201 + if (i == rqst->rq_nvec-1) 2190 2202 break; 2191 2203 } 2192 2204 start = i; 2193 2205 buflen = 0; 2194 2206 } else { 2195 2207 i++; 2196 - if (i == rqst->rq_nvec) { 2208 + if (i == rqst->rq_nvec-1) { 2197 2209 /* send out all remaining vecs */ 2198 2210 remaining_data_length -= buflen; 2199 2211 log_write(INFO,

+6 -3

fs/cifs/transport.c

··· 753 753 goto out; 754 754 755 755 #ifdef CONFIG_CIFS_SMB311 756 - if (ses->status == CifsNew) 756 + if ((ses->status == CifsNew) || (optype & CIFS_NEG_OP)) 757 757 smb311_update_preauth_hash(ses, rqst->rq_iov+1, 758 758 rqst->rq_nvec-1); 759 759 #endif ··· 798 798 *resp_buf_type = CIFS_SMALL_BUFFER; 799 799 800 800 #ifdef CONFIG_CIFS_SMB311 801 - if (ses->status == CifsNew) { 801 + if ((ses->status == CifsNew) || (optype & CIFS_NEG_OP)) { 802 802 struct kvec iov = { 803 803 .iov_base = buf + 4, 804 804 .iov_len = get_rfc1002_length(buf) ··· 834 834 if (n_vec + 1 > CIFS_MAX_IOV_SIZE) { 835 835 new_iov = kmalloc(sizeof(struct kvec) * (n_vec + 1), 836 836 GFP_KERNEL); 837 - if (!new_iov) 837 + if (!new_iov) { 838 + /* otherwise cifs_send_recv below sets resp_buf_type */ 839 + *resp_buf_type = CIFS_NO_BUFFER; 838 840 return -ENOMEM; 841 + } 839 842 } else 840 843 new_iov = s_iov; 841 844

Configure Feed

Configure Feed