diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index f3a78efc3109..f047e87871a1 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -148,5 +148,5 @@ extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg); extern const struct export_operations cifs_export_ops; #endif /* CONFIG_CIFS_NFSD_EXPORT */ -#define CIFS_VERSION "2.12" +#define CIFS_VERSION "2.13" #endif /* _CIFSFS_H */ diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 8b0502cd39af..aa23c00367ec 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -398,6 +398,12 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer, goto setup_ntlmv2_ret; } *pbuffer = kmalloc(size_of_ntlmssp_blob(ses), GFP_KERNEL); + if (!*pbuffer) { + rc = -ENOMEM; + cifs_dbg(VFS, "Error %d during NTLMSSP allocation\n", rc); + *buflen = 0; + goto setup_ntlmv2_ret; + } sec_blob = (AUTHENTICATE_MESSAGE *)*pbuffer; memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8); diff --git a/fs/cifs/smb2misc.c b/fs/cifs/smb2misc.c index 303d4592ebe7..db0453660ff6 100644 --- a/fs/cifs/smb2misc.c +++ b/fs/cifs/smb2misc.c @@ -237,6 +237,13 @@ smb2_check_message(char *buf, unsigned int len, struct TCP_Server_Info *srvr) if (clc_len == len + 1) return 0; + /* + * Some windows servers (win2016) will pad also the final + * PDU in a compound to 8 bytes. + */ + if (((clc_len + 7) & ~7) == len) + return 0; + /* * MacOS server pads after SMB2.1 write response with 3 bytes * of junk. Other servers match RFC1001 len to actual diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c index 541258447c4c..247a98e6c856 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -1582,7 +1582,7 @@ smb2_queryfs(const unsigned int xid, struct cifs_tcon *tcon, struct smb_rqst rqst[3]; int resp_buftype[3]; struct kvec rsp_iov[3]; - struct kvec open_iov[5]; /* 4 + potential padding. */ + struct kvec open_iov[SMB2_CREATE_IOV_SIZE]; struct kvec qi_iov[1]; struct kvec close_iov[1]; struct cifs_ses *ses = tcon->ses; @@ -1603,7 +1603,7 @@ smb2_queryfs(const unsigned int xid, struct cifs_tcon *tcon, memset(&open_iov, 0, sizeof(open_iov)); rqst[0].rq_iov = open_iov; - rqst[0].rq_nvec = 4; + rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE; oparms.tcon = tcon; oparms.desired_access = FILE_READ_ATTRIBUTES; diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 2f1938011395..5740aa809be6 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -2256,7 +2256,7 @@ SMB2_open(const unsigned int xid, struct cifs_open_parms *oparms, __le16 *path, struct TCP_Server_Info *server; struct cifs_tcon *tcon = oparms->tcon; struct cifs_ses *ses = tcon->ses; - struct kvec iov[5]; /* make sure at least one for each open context */ + struct kvec iov[SMB2_CREATE_IOV_SIZE]; struct kvec rsp_iov = {NULL, 0}; int resp_buftype; int rc = 0; @@ -2274,7 +2274,7 @@ SMB2_open(const unsigned int xid, struct cifs_open_parms *oparms, __le16 *path, memset(&rqst, 0, sizeof(struct smb_rqst)); memset(&iov, 0, sizeof(iov)); rqst.rq_iov = iov; - rqst.rq_nvec = 5; + rqst.rq_nvec = SMB2_CREATE_IOV_SIZE; rc = SMB2_open_init(tcon, &rqst, oplock, oparms, path); if (rc) diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h index a2eeae9e0432..8fb7887f2b3d 100644 --- a/fs/cifs/smb2pdu.h +++ b/fs/cifs/smb2pdu.h @@ -614,6 +614,18 @@ struct smb2_tree_disconnect_rsp { #define SMB2_CREATE_TAG_POSIX 0x93AD25509CB411E7B42383DE968BCD7C +/* + * Maximum number of iovs we need for an open/create request. + * [0] : struct smb2_create_req + * [1] : path + * [2] : lease context + * [3] : durable context + * [4] : posix context + * [5] : time warp context + * [6] : compound padding + */ +#define SMB2_CREATE_IOV_SIZE 7 + struct smb2_create_req { struct smb2_sync_hdr sync_hdr; __le16 StructureSize; /* Must be 57 */