[Xenial][PULL] CIFS: Enable encryption for SMB3
Joseph Salisbury
joseph.salisbury at canonical.com
Mon Mar 27 16:00:54 UTC 2017
There has been work upstream to enable encryption support for SMB3
connections. This is a particularly valuable (and commonly requested)
feature with the Azure Files service as encryption is required to connect
to an Azure Files storage share from on-prem or from a different Azure region.
BugLink: http://bugs.launchpad.net/bugs/1670508
The following changes since commit 05022128a513a344d156de5bffd88e3dda4c8da6:
UBUNTU: Ubuntu-4.4.0-66.87 (2017-03-03 13:13:10 +0100)
are available in the git repository at:
kernel.ubuntu.com:/srv/kernel.ubuntu.com/git/jsalisbury/bugs/lp1670508/ubuntu-xenial.git
for you to fetch changes up to a16041fde91bd7e13bd1e237a8ca9a1cd28877bf:
CIFS: Fix possible use after free in demultiplex thread (2017-03-27 11:52:33 -0400)
----------------------------------------------------------------
Al Viro (5):
[net] drop 'size' argument of sock_recvmsg()
cifs: merge the hash calculation helpers
cifs: no need to wank with copying and advancing iovec on recvmsg side either
cifs: don't bother with kmap on read_pages side
cifs_readv_receive: use cifs_read_from_socket()
Jean Delvare (3):
cifs: Simplify SMB2 and SMB311 dependencies
cifs: Only select the required crypto modules
cifs: Add soft dependencies
Pavel Shilovsky (16):
CIFS: Separate SMB2 header structure
CIFS: Make SendReceive2() takes resp iov
CIFS: Make send_cancel take rqst as argument
CIFS: Send RFC1001 length in a separate iov
CIFS: Separate SMB2 sync header processing
CIFS: Separate RFC1001 length processing for SMB2 read
CIFS: Add capability to transform requests before sending
CIFS: Enable encryption during session setup phase
CIFS: Encrypt SMB3 requests before sending
CIFS: Add transform header handling callbacks
CIFS: Add mid handle callback
CIFS: Add copy into pages callback for a read operation
CIFS: Decrypt and process small encrypted packets
CIFS: Add capability to decrypt big read responses
CIFS: Allow to switch on encryption with seal mount option
CIFS: Fix possible use after free in demultiplex thread
Sachin Prabhu (3):
Fix memory leaks in cifs_do_mount()
SMB2: Separate Kerberos authentication from SMB2_sess_setup
SMB2: Separate RawNTLMSSP authentication from SMB2_sess_setup
Steve French (4):
cifs: Make echo interval tunable
Prepare for encryption support (first part). Add decryption and encryption key generation. Thanks to Metze for helping with this.
SMB3: Add mount parameter to allow user to override max credits
SMB3: parsing for new snapshot timestamp mount parm
drivers/target/iscsi/iscsi_target_util.c | 5 +-
fs/cifs/Kconfig | 12 +-
fs/cifs/cifsencrypt.c | 130 ++--
fs/cifs/cifsfs.c | 16 +
fs/cifs/cifsglob.h | 64 +-
fs/cifs/cifsproto.h | 28 +-
fs/cifs/cifssmb.c | 146 ++--
fs/cifs/connect.c | 273 ++++----
fs/cifs/file.c | 101 +--
fs/cifs/misc.c | 2 +-
fs/cifs/sess.c | 27 +-
fs/cifs/smb1ops.c | 4 +-
fs/cifs/smb2glob.h | 13 +-
fs/cifs/smb2maperror.c | 5 +-
fs/cifs/smb2misc.c | 83 ++-
fs/cifs/smb2ops.c | 698 ++++++++++++++++++-
fs/cifs/smb2pdu.c | 1104 +++++++++++++++++++-----------
fs/cifs/smb2pdu.h | 35 +-
fs/cifs/smb2proto.h | 8 +-
fs/cifs/smb2transport.c | 337 +++++----
fs/cifs/transport.c | 171 +++--
include/linux/net.h | 3 +-
net/socket.c | 23 +-
23 files changed, 2297 insertions(+), 991 deletions(-)
More information about the kernel-team
mailing list