mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-10 18:53:38 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/cifs
History
Steve French 240a528684 cifs: do not allow creating sockets except with SMB1 posix exensions 
commit 1d0cffa674 upstream.

RHBZ: 1453123

Since at least the 3.10 kernel and likely a lot earlier we have
not been able to create unix domain sockets in a cifs share
when mounted using the SFU mount option (except when mounted
with the cifs unix extensions to Samba e.g.)
Trying to create a socket, for example using the af_unix command from
xfstests will cause :
BUG: unable to handle kernel NULL pointer dereference at 00000000
00000040

Since no one uses or depends on being able to create unix domains sockets
on a cifs share the easiest fix to stop this vulnerability is to simply
not allow creation of any other special files than char or block devices
when sfu is used.

Added update to Ronnie's patch to handle a tcon link leak, and
to address a buf leak noticed by Gustavo and Colin.

Acked-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
CC:  Colin Ian King <colin.king@canonical.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Reported-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-04-26 11:02:01 +02:00
..
asn1.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cache.c fscache: remove unused ->now_uncached callback 2017-09-06 17:27:26 -07:00
cifs_debug.c [SMB3] Update session and share information displayed for debugging SMB2/SMB3 2017-09-20 16:46:49 -05:00
cifs_debug.h lib: update single-char callers of strtobool() 2016-03-17 15:09:34 -07:00
cifs_dfs_ref.c CIFS: add build_path_from_dentry_optional_prefix() 2017-03-01 22:26:10 -06:00
cifs_fs_sb.h cifs: Convert to separately allocated bdi 2017-04-20 12:09:55 -06:00
cifs_ioctl.h Enable previous version support 2016-10-13 19:48:11 -05:00
cifs_spnego.c cifs: Create dedicated keyring for spnego operations 2016-05-19 21:56:30 -05:00
cifs_spnego.h
cifs_unicode.c [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
cifs_unicode.h [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
cifs_uniupr.h
cifsacl.c cifs: cifsacl: Use a temporary ops variable to reduce code length 2017-05-12 19:45:18 -05:00
cifsacl.h
cifsencrypt.c CIFS: fix sha512 check in cifs_crypto_secmech_release 2018-04-24 09:36:27 +02:00
cifsfs.c CIFS: add sha512 secmech 2018-04-24 09:36:27 +02:00
cifsfs.h Update version of cifs module 2017-09-17 23:10:48 -05:00
cifsglob.h CIFS: add sha512 secmech 2018-04-24 09:36:27 +02:00
cifspdu.h CIFS: move DFS response parsing out of SMB1 code 2017-03-01 22:26:10 -06:00
cifsproto.h CIFS: refactor crypto shash/sdesc allocation&free 2018-04-24 09:36:27 +02:00
cifssmb.c enable xattr support for smb3 and also a bugfix 2017-09-07 16:06:14 -07:00
connect.c CIFS: zero sensitive data when freeing 2018-02-16 20:22:43 +01:00
dir.c cifs: do not allow creating sockets except with SMB1 posix exensions 2018-04-26 11:02:01 +02:00
dns_resolve.c cifs: fix composing of mount options for DFS referrals 2013-05-24 13:08:31 -05:00
dns_resolve.h
export.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
file.c cifs: Fix missing put_xid in cifs_file_strict_mmap 2018-02-16 20:22:43 +01:00
fscache.c NFS client updates for Linux 3.13 2013-11-08 05:57:46 +09:00
fscache.h CIFS: FS-Cache: Uncache unread pages in cifs_readpages() before freeing them 2013-09-18 10:17:03 -05:00
inode.c smb3: Fix root directory when server returns inode number of zero 2018-04-24 09:36:26 +02:00
ioctl.c [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
Kconfig CIFS: add sha512 secmech 2018-04-24 09:36:27 +02:00
link.c CIFS: refactor crypto shash/sdesc allocation&free 2018-04-24 09:36:27 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
misc.c CIFS: refactor crypto shash/sdesc allocation&free 2018-04-24 09:36:27 +02:00
netmisc.c cifs: small underflow in cnvrtDosUnixTm() 2017-05-02 14:57:34 -05:00
nterr.c
nterr.h
ntlmssp.h cifs: dynamic allocation of ntlmssp blob 2016-06-23 23:45:07 -05:00
readdir.c cifs: initialize file_info_lock 2017-01-14 14:58:29 -06:00
rfc1002pdu.h
sess.c smb2: Enforce sec= mount option 2017-03-02 23:13:37 -06:00
smb1ops.c CIFS: Improve readdir verbosity 2017-06-20 19:13:47 -05:00
smb2file.c CIFS: add use_ipc flag to SMB2_ioctl() 2017-03-01 22:26:11 -06:00
smb2glob.h CIFS: Separate SMB2 header structure 2017-02-01 16:46:34 -06:00
smb2inode.c Do not send SMB3 SET_INFO request if nothing is changing 2016-10-13 19:46:51 -05:00
smb2maperror.c cifs: handle large EA requests more gracefully in smb2+ 2017-10-18 11:52:39 -05:00
smb2misc.c CIFS: fix oplock break deadlocks 2017-05-03 10:10:10 -05:00
smb2ops.c fix smb3-encryption breakage when CONFIG_DEBUG_SG=y 2018-04-24 09:36:26 +02:00
smb2pdu.c cifs: fix memory leak in SMB2_open() 2018-04-24 09:36:26 +02:00
smb2pdu.h CIFS: SMBD: Fix the definition for SMB2_CHANNEL_RDMA_V1_INVALIDATE 2017-10-18 11:52:39 -05:00
smb2proto.h CIFS: add sha512 secmech 2018-04-24 09:36:27 +02:00
smb2status.h
smb2transport.c CIFS: add sha512 secmech 2018-04-24 09:36:27 +02:00
smbencrypt.c CIFS: refactor crypto shash/sdesc allocation&free 2018-04-24 09:36:27 +02:00
smberr.h
smbfsctl.h [SMB3] Send durable handle v2 contexts when use of persistent handles required 2015-11-03 09:26:27 -06:00
transport.c cifs: Do not modify mid entry after submitting I/O in cifs_call_async 2017-07-05 19:58:08 -05:00
winucase.c [CIFS] quiet sparse compile warning 2013-09-08 14:54:24 -05:00
xattr.c cifs: Add support for writing attributes on SMB2+ 2017-09-04 14:03:45 -05:00