smb3: fix setting SecurityFlags when encryption is required

Setting encryption as required in security flags was broken.
For example (to require all mounts to be encrypted by setting):

  "echo 0x400c5 > /proc/fs/cifs/SecurityFlags"

Would return "Invalid argument" and log "Unsupported security flags"
This patch fixes that (e.g. allowing overriding the default for
SecurityFlags  0x00c5, including 0x40000 to require seal, ie
SMB3.1.1 encryption) so now that works and forces encryption
on subsequent mounts.

Acked-by: Bharath SM <bharathsm@microsoft.com>
Cc: stable@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>

diff --git a/Documentation/admin-guide/cifs/usage.rst b/Documentation/admin-guide/cifs/usage.rst
index fd4b56c..c09674a 100644 (file)
--- a/Documentation/admin-guide/cifs/usage.rst
+++ b/Documentation/admin-guide/cifs/usage.rst
@@ -742,7 +742,7 @@ SecurityFlags               Flags which control security negotiation and
                          may use NTLMSSP                               0x00080
                          must use NTLMSSP                              0x80080
                          seal (packet encryption)                      0x00040
-                         must seal (not implemented yet)               0x40040
+                         must seal                                     0x40040
 
 cifsFYI                        If set to non-zero value, additional debug information
                        will be logged to the system error log.  This field

diff --git a/fs/smb/client/cifs_debug.c b/fs/smb/client/cifs_debug.c
index c71ae5c..4a20e92 100644 (file)
--- a/fs/smb/client/cifs_debug.c
+++ b/fs/smb/client/cifs_debug.c
@@ -1072,7 +1072,7 @@ static int cifs_security_flags_proc_open(struct inode *inode, struct file *file)
 static void
 cifs_security_flags_handle_must_flags(unsigned int *flags)
 {
-       unsigned int signflags = *flags & CIFSSEC_MUST_SIGN;
+       unsigned int signflags = *flags & (CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL);
 
        if ((*flags & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5)
                *flags = CIFSSEC_MUST_KRB5;

diff --git a/fs/smb/client/cifsglob.h b/fs/smb/client/cifsglob.h
index f6d1f07..b9f46d2 100644 (file)
--- a/fs/smb/client/cifsglob.h
+++ b/fs/smb/client/cifsglob.h
@@ -1881,7 +1881,7 @@ static inline bool is_replayable_error(int error)
 #define   CIFSSEC_MAY_SIGN     0x00001
 #define   CIFSSEC_MAY_NTLMV2   0x00004
 #define   CIFSSEC_MAY_KRB5     0x00008
-#define   CIFSSEC_MAY_SEAL     0x00040 /* not supported yet */
+#define   CIFSSEC_MAY_SEAL     0x00040
 #define   CIFSSEC_MAY_NTLMSSP  0x00080 /* raw ntlmssp with ntlmv2 */
 
 #define   CIFSSEC_MUST_SIGN    0x01001
@@ -1891,11 +1891,11 @@ require use of the stronger protocol */
 #define   CIFSSEC_MUST_NTLMV2  0x04004
 #define   CIFSSEC_MUST_KRB5    0x08008
 #ifdef CONFIG_CIFS_UPCALL
-#define   CIFSSEC_MASK          0x8F08F /* flags supported if no weak allowed */
+#define   CIFSSEC_MASK          0xCF0CF /* flags supported if no weak allowed */
 #else
-#define          CIFSSEC_MASK          0x87087 /* flags supported if no weak allowed */
+#define          CIFSSEC_MASK          0xC70C7 /* flags supported if no weak allowed */
 #endif /* UPCALL */
-#define   CIFSSEC_MUST_SEAL    0x40040 /* not supported yet */
+#define   CIFSSEC_MUST_SEAL    0x40040
 #define   CIFSSEC_MUST_NTLMSSP 0x80080 /* raw ntlmssp with ntlmv2 */
 
 #define   CIFSSEC_DEF (CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_NTLMSSP | CIFSSEC_MAY_SEAL)

diff --git a/fs/smb/client/smb2pdu.c b/fs/smb/client/smb2pdu.c
index 9a06b55..83facb5 100644 (file)
--- a/fs/smb/client/smb2pdu.c
+++ b/fs/smb/client/smb2pdu.c
@@ -82,6 +82,9 @@ int smb3_encryption_required(const struct cifs_tcon *tcon)
        if (tcon->seal &&
            (tcon->ses->server->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION))
                return 1;
+       if (((global_secflags & CIFSSEC_MUST_SEAL) == CIFSSEC_MUST_SEAL) &&
+           (tcon->ses->server->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION))
+               return 1;
        return 0;
 }