From patchwork Wed Feb 4 13:25:46 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Igor Mammedov X-Patchwork-Id: 5382 Received: from lists.samba.org (mail.samba.org [66.70.73.150]) by demeter.kernel.org (8.14.2/8.14.2) with ESMTP id n14DVd0x029443 for ; Wed, 4 Feb 2009 13:31:39 GMT Received: from dp.samba.org (localhost [127.0.0.1]) by lists.samba.org (Postfix) with ESMTP id A077B163C93 for ; Wed, 4 Feb 2009 13:31:26 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on dp.samba.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=3.8 tests=AWL,BAYES_00, DNS_FROM_RFC_POST,SPF_PASS autolearn=no version=3.1.7 X-Original-To: linux-cifs-client@lists.samba.org Delivered-To: linux-cifs-client@lists.samba.org Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.157]) by lists.samba.org (Postfix) with ESMTP id 1FFC9163B88 for ; Wed, 4 Feb 2009 13:31:03 +0000 (GMT) Received: by fg-out-1718.google.com with SMTP id 13so1178348fge.20 for ; Wed, 04 Feb 2009 05:31:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type; bh=vt1vTtmGPrM1PoXIXojFQOR7BXurJgwVDUWvgA1toRo=; b=iZNOm7mQWUVUVODFNp6OYFJresBk677gMdaQuc+/na2AvEU1I4IV5CJu8MoQHJWBmg vDGpLQC0/wc/B7gSYbBNzS04yho9dl2Pmxm7aFDsd7lhp+7Sl2Bb4gJoVVKXwSAmYjb2 Wdgl5bsksvV8ukscUzD8mggaj757l00oUk4Xg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type; b=s3vy9dtx/whAu1J8ckffmVXOnC4W/ODm6BaHHpxoaI/BkWQSIrK1Fv79u4R/pQTvMo OwI6OMh/bzW8pdUKGPsi0nBDVbdxQ6p/dBxb3kX0FbuIqCVZgDP5Am8jp7hmOWVhqfLd +h99yRm1TTGJ5rRJVbN6ebiCl9ujalVecVTeg= Received: by 10.86.59.18 with SMTP id h18mr3604674fga.45.1233753949435; Wed, 04 Feb 2009 05:25:49 -0800 (PST) Received: from l102796.int.cboss.ru ([195.245.232.177]) by mx.google.com with ESMTPS id l12sm2117609fgb.41.2009.02.04.05.25.47 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 04 Feb 2009 05:25:48 -0800 (PST) Message-ID: <4989975A.2040103@gmail.com> Date: Wed, 04 Feb 2009 16:25:46 +0300 From: Igor Mammedov User-Agent: Thunderbird 2.0.0.19 (X11/20081209) MIME-Version: 1.0 To: Jeff Layton Subject: Re: [linux-cifs-client] [PATCH] [CIFS] Prevent OOPs when mounting with remote prefixpath References: <9F990792DAA5FF4F96FD0B95C9C44C0BB4F03DCC@ICTS-S-EXC1-CA.luna.kuleuven.be> <4a4634330901301022na22fee2x544c4b39449819a1@mail.gmail.com> <4986C6BC.2000903@gmail.com> <4a4634330902021156y71e61533j7a255aac3fa12ae8@mail.gmail.com> <49881AE6.4030109@gmail.com> <20090203211307.0b1a9122@tupile.poochiereds.net> <49896F64.5030106@gmail.com> <20090204071326.14779384@tleilax.poochiereds.net> In-Reply-To: <20090204071326.14779384@tleilax.poochiereds.net> Cc: Steve French , "linux-cifs-client@lists.samba.org" X-BeenThere: linux-cifs-client@lists.samba.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: The Linux CIFS VFS client List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-cifs-client-bounces+patchwork-cifs-client=patchwork.kernel.org@lists.samba.org Errors-To: linux-cifs-client-bounces+patchwork-cifs-client=patchwork.kernel.org@lists.samba.org Patch with Jeff's suggestions is attached. Jeff Layton wrote: > On Wed, 04 Feb 2009 13:35:16 +0300 ... > > Maybe something like: > > cERROR(1, ("Path %s not accessable: %d", full_path, rc)); > > ...of course, you'd need to not kfree full_path until after this is > printed but that's not too tough. > > Won't this error also fire when trying to mount with an inaccessable > prefixpath, even if DFS is involved? If so, then mentioning DFS in > the error is probably going to be confusing for users/admins. > > Actually, there's another problem too. If build_path_to_root ends up > returning NULL, then we'll just skip this check. Shouldn't we return > -ENOMEM or something at that point? It's probably better to fail the > mount than to leave the client subject to a later oops... > Acked-by: Jeff Layton >From e0ab3bd4afc8badf7faac83659d99afb91bc9e75 Mon Sep 17 00:00:00 2001 From: Igor Mammedov Date: Wed, 4 Feb 2009 16:18:27 +0300 Subject: [PATCH] [CIFS] Prevent OOPs when mounting with remote prefixpath. Fixes OOPs with message 'kernel BUG at fs/cifs/cifs_dfs_ref.c:274!'. Checks if the prefixpath in an accesible while we are still in cifs_mount and fails with reporting a error if we can't access the prefixpath Signed-off-by: Igor Mammedov --- fs/cifs/cifsproto.h | 1 + fs/cifs/connect.c | 34 ++++++++++++++++++++++++++++++++++ fs/cifs/inode.c | 2 +- 3 files changed, 36 insertions(+), 1 deletions(-) diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 382ba62..22ff09c 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -42,6 +42,7 @@ extern void _FreeXid(unsigned int); #define GetXid() (int)_GetXid(); cFYI(1,("CIFS VFS: in %s as Xid: %d with uid: %d",__func__, xid,current_fsuid())); #define FreeXid(curr_xid) {_FreeXid(curr_xid); cFYI(1,("CIFS VFS: leaving %s (xid = %d) rc = %d",__func__,curr_xid,(int)rc));} extern char *build_path_from_dentry(struct dentry *); +extern char *build_path_to_root(struct cifs_sb_info *cifs_sb); extern char *build_wildcard_path_from_dentry(struct dentry *direntry); /* extern void renew_parental_timestamps(struct dentry *direntry);*/ extern int SendReceive(const unsigned int /* xid */ , struct cifsSesInfo *, diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 2209be9..1b74728 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -2181,6 +2181,24 @@ static void setup_cifs_sb(struct smb_vol *pvolume_info, } int +is_path_accessible(int xid, struct cifsTconInfo *tcon, + struct cifs_sb_info *cifs_sb, const char *full_path) +{ + int rc; + FILE_ALL_INFO *pfindData; + pfindData = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL); + if (pfindData == NULL) + return -ENOMEM; + + rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfindData, + 0 /* not legacy */, + cifs_sb->local_nls, cifs_sb->mnt_cifs_flags & + CIFS_MOUNT_MAP_SPECIAL_CHR); + kfree(pfindData); + return rc; +} + +int cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, char *mount_data, const char *devname) { @@ -2190,6 +2208,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, struct cifsSesInfo *pSesInfo = NULL; struct cifsTconInfo *tcon = NULL; struct TCP_Server_Info *srvTcp = NULL; + char *full_path; xid = GetXid(); @@ -2426,6 +2445,21 @@ mount_fail_check: cifs_sb->rsize = min(cifs_sb->rsize, (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE)); + + full_path = build_path_to_root(cifs_sb); + if (full_path == NULL) { + rc = -ENOMEM; + goto mount_fail_check; + } + rc = is_path_accessible(xid, tcon, cifs_sb, full_path); + if (rc) { + cERROR(1, ("Path %s in not accessible: %d", full_path, rc)); + kfree(full_path); + goto mount_fail_check; + } + kfree(full_path); + + /* volume_info->password is freed above when existing session found (in which case it is not needed anymore) but when new sesion is created the password ptr is put in the new session structure (in which case the diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index bcf7b51..00c6a3f 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -621,7 +621,7 @@ static const struct inode_operations cifs_ipc_inode_ops = { .lookup = cifs_lookup, }; -static char *build_path_to_root(struct cifs_sb_info *cifs_sb) +char *build_path_to_root(struct cifs_sb_info *cifs_sb) { int pplen = cifs_sb->prepathlen; int dfsplen; -- 1.6.0.2