| From 7db0a6efdc3e990cdfd4b24820d010e9eb7890ad Mon Sep 17 00:00:00 2001 |
| From: Steve French <smfrench@gmail.com> |
| Date: Wed, 3 May 2017 21:12:20 -0500 |
| Subject: [PATCH] SMB3: Work around mount failure when using SMB3 dialect to |
| Macs |
| |
| commit 7db0a6efdc3e990cdfd4b24820d010e9eb7890ad upstream. |
| |
| Macs send the maximum buffer size in response on ioctl to validate |
| negotiate security information, which causes us to fail the mount |
| as the response buffer is larger than the expected response. |
| |
| Changed ioctl response processing to allow for padding of validate |
| negotiate ioctl response and limit the maximum response size to |
| maximum buffer size. |
| |
| Signed-off-by: Steve French <steve.french@primarydata.com> |
| CC: Stable <stable@vger.kernel.org> |
| |
| diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c |
| index 02da648041fc..0fd63f0bc440 100644 |
| --- a/fs/cifs/smb2pdu.c |
| +++ b/fs/cifs/smb2pdu.c |
| @@ -632,8 +632,12 @@ int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon) |
| } |
| |
| if (rsplen != sizeof(struct validate_negotiate_info_rsp)) { |
| - cifs_dbg(VFS, "invalid size of protocol negotiate response\n"); |
| - return -EIO; |
| + cifs_dbg(VFS, "invalid protocol negotiate response size: %d\n", |
| + rsplen); |
| + |
| + /* relax check since Mac returns max bufsize allowed on ioctl */ |
| + if (rsplen > CIFSMaxBufSize) |
| + return -EIO; |
| } |
| |
| /* check validate negotiate info response matches what we got earlier */ |
| @@ -1853,8 +1857,12 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid, |
| * than one credit. Windows typically sets this smaller, but for some |
| * ioctls it may be useful to allow server to send more. No point |
| * limiting what the server can send as long as fits in one credit |
| + * Unfortunately - we can not handle more than CIFS_MAX_MSG_SIZE |
| + * (by default, note that it can be overridden to make max larger) |
| + * in responses (except for read responses which can be bigger. |
| + * We may want to bump this limit up |
| */ |
| - req->MaxOutputResponse = cpu_to_le32(0xFF00); /* < 64K uses 1 credit */ |
| + req->MaxOutputResponse = cpu_to_le32(CIFSMaxBufSize); |
| |
| if (is_fsctl) |
| req->Flags = cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL); |
| -- |
| 2.12.0 |
| |