[Yakkety][PULL] CIFS: Enable encryption for SMB3

Joseph Salisbury joseph.salisbury at canonical.com
Mon Mar 27 16:00:34 UTC 2017 

There has been work upstream to enable encryption support for SMB3
connections. This is a particularly valuable (and commonly requested)
feature with the Azure Files service as encryption is required to connect
to an Azure Files storage share from on-prem or from a different Azure region.

BugLink: http://bugs.launchpad.net/bugs/1670508

The following changes since commit 1b11947c43f0f91b5a05a5faaa504611f7c0bbcb:

  UBUNTU: Ubuntu-4.8.0-41.44 (2017-03-03 13:08:42 +0100)

are available in the git repository at:

  kernel.ubuntu.com:/srv/kernel.ubuntu.com/git/jsalisbury/bugs/lp1670508/ubuntu-yakkety.git 

for you to fetch changes up to db0b8c4cd884cd96bc7fff807452cdeef6e4e72c:

  CIFS: Fix possible use after free in demultiplex thread (2017-03-27 11:19:17 -0400)

----------------------------------------------------------------
Jean Delvare (3):
      cifs: Simplify SMB2 and SMB311 dependencies
      cifs: Only select the required crypto modules
      cifs: Add soft dependencies

Pavel Shilovsky (16):
      CIFS: Separate SMB2 header structure
      CIFS: Make SendReceive2() takes resp iov
      CIFS: Make send_cancel take rqst as argument
      CIFS: Send RFC1001 length in a separate iov
      CIFS: Separate SMB2 sync header processing
      CIFS: Separate RFC1001 length processing for SMB2 read
      CIFS: Add capability to transform requests before sending
      CIFS: Enable encryption during session setup phase
      CIFS: Encrypt SMB3 requests before sending
      CIFS: Add transform header handling callbacks
      CIFS: Add mid handle callback
      CIFS: Add copy into pages callback for a read operation
      CIFS: Decrypt and process small encrypted packets
      CIFS: Add capability to decrypt big read responses
      CIFS: Allow to switch on encryption with seal mount option
      CIFS: Fix possible use after free in demultiplex thread

Sachin Prabhu (2):
      SMB2: Separate Kerberos authentication from SMB2_sess_setup
      SMB2: Separate RawNTLMSSP authentication from SMB2_sess_setup

Steve French (2):
      SMB3: Add mount parameter to allow user to override max credits
      SMB3: parsing for new snapshot timestamp mount parm

 fs/cifs/Kconfig         |   12 +-
 fs/cifs/cifsencrypt.c   |   51 ++-
 fs/cifs/cifsfs.c        |   14 +
 fs/cifs/cifsglob.h      |   46 +-
 fs/cifs/cifsproto.h     |   13 +-
 fs/cifs/cifssmb.c       |  135 +++---
 fs/cifs/connect.c       |  114 ++++-
 fs/cifs/file.c          |   52 ++-
 fs/cifs/sess.c          |   27 +-
 fs/cifs/smb1ops.c       |    4 +-
 fs/cifs/smb2glob.h      |   13 +-
 fs/cifs/smb2maperror.c  |    5 +-
 fs/cifs/smb2misc.c      |   61 +--
 fs/cifs/smb2ops.c       |  687 ++++++++++++++++++++++++++++-
 fs/cifs/smb2pdu.c       | 1102 ++++++++++++++++++++++++++++++-----------------
 fs/cifs/smb2pdu.h       |   27 +-
 fs/cifs/smb2proto.h     |    5 +
 fs/cifs/smb2transport.c |  132 +++---
 fs/cifs/transport.c     |  171 +++++---
 19 files changed, 1994 insertions(+), 677 deletions(-)

More information about the kernel-team mailing list