From patchwork Tue Jan  4 12:33:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tim Gardner <tim.gardner@canonical.com>
X-Patchwork-Id: 1575227
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: bilbo.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=canonical.com header.i=@canonical.com
 header.a=rsa-sha256 header.s=20210705 header.b=el7ivKnN;
	dkim-atps=neutral
Authentication-Results: ozlabs.org;
 spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com
 (client-ip=91.189.94.19; helo=huckleberry.canonical.com;
 envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=<UNKNOWN>)
Received: from huckleberry.canonical.com (huckleberry.canonical.com
 [91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by bilbo.ozlabs.org (Postfix) with ESMTPS id 4JSsVm0yBtz9t4b
	for <incoming@patchwork.ozlabs.org>; Tue,  4 Jan 2022 23:34:08 +1100 (AEDT)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1n4j0s-0005zI-Lg; Tue, 04 Jan 2022 12:34:02 +0000
Received: from smtp-relay-internal-1.internal ([10.131.114.114]
 helo=smtp-relay-internal-1.canonical.com)
 by huckleberry.canonical.com with esmtps
 (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2)
 (envelope-from <tim.gardner@canonical.com>) id 1n4j0o-0005wp-Le
 for kernel-team@lists.ubuntu.com; Tue, 04 Jan 2022 12:33:58 +0000
Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com
 [209.85.216.69])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 76A373F0EA
 for <kernel-team@lists.ubuntu.com>; Tue,  4 Jan 2022 12:33:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;
 s=20210705; t=1641299638;
 bh=8Afp8gPh/frqsgzGXD0Jgnpdvuap9sKvJ38GJVzpdVY=;
 h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
 MIME-Version;
 b=el7ivKnNcF2h5xGeAII/h/QrU4+ppEw/9t3yh9p3TjEM5qfS0ig4DUK0RKjOO/JTT
 K5XLm4j2ReBg/giRw8uL0Notzv/RsfNyxcsYGZcopIg4jnDhtscarp8OyUITlbRYaG
 ZGcMU7/A7FILBjjlEsVQEJ9+RFTgc/zUS+HY8V+S3PyCqazVxbP6R2YexyOxjhSBPc
 RISAEp4fPeBSioVWl+Jd1IU+s3/XUgtl+gnWMcDqMLushNO//0GsC0pmCXLPQOoohj
 ihi5FGirguIPJCwFgckvn9HTFaBpC1+FvjKvq0XBNFQx0PHEGTKVFsbbrtG/qYCyGE
 y/39X8aKv4SBQ==
Received: by mail-pj1-f69.google.com with SMTP id
 f11-20020a17090a664b00b001b0fbffc9d6so24074442pjm.1
 for <kernel-team@lists.ubuntu.com>; Tue, 04 Jan 2022 04:33:58 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=8Afp8gPh/frqsgzGXD0Jgnpdvuap9sKvJ38GJVzpdVY=;
 b=xt4Muc9kotd2GAe2/eOm3Ol19K5qR7D/oDbVRq1+TRx2I6GjoqFPjGs7AaTA5ZeM4k
 Ym/Qds2NyzOWjykgXz0629YrwqLLG+lqDW8bv3brQf/5CGjQf9TIb/UW91OxOdolwkbE
 Sx1pTJKvuxkfay5LRupQF4HUTbEqakaS6A/qoi6CDJI7YGGNQWNhajFlqxlbJRYlx3hK
 As6edt9n3EXa+9pNBipZhloBZCs8F2XeIZ4Ztzt9yYKQwgTUz426Yhl9ZGZpvuVKJ+pt
 MZdyfTJHMpk+rOg79A+et4jr3/muZvuSMvrJeNY3rg9vhkFXpW3Of/FPlIt74X2yaUFf
 +jZQ==
X-Gm-Message-State: AOAM533w+7aEC+z63fMwIoru4hSXUJGKwWd3RUTSxtqhpYjaXn4OVz3s
 lH97BK0JKFv+eCpkKbfCG6sqE91WIZ8kDhiMjTQTFEELkIofOAdHq8UP66N78Us0e4rtn6c0RWI
 6TH5giocoe1/22oASXzo1s7XQtjGCIH64KYN+CEMkvg==
X-Received: by 2002:a17:90a:6a4c:: with SMTP id
 d12mr60744665pjm.9.1641299636871;
 Tue, 04 Jan 2022 04:33:56 -0800 (PST)
X-Google-Smtp-Source: 
 ABdhPJyx9dlgBarGwmkmm2sa8Ncz/va1hvKYgVBoVIt1oxn7Mgn5bHFAglhbk4fafxWLp/BLeZcZtw==
X-Received: by 2002:a17:90a:6a4c:: with SMTP id
 d12mr60744637pjm.9.1641299636515;
 Tue, 04 Jan 2022 04:33:56 -0800 (PST)
Received: from localhost.localdomain ([69.163.84.166])
 by smtp.gmail.com with ESMTPSA id q2sm43280854pfu.66.2022.01.04.04.33.55
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 04 Jan 2022 04:33:56 -0800 (PST)
From: Tim Gardner <tim.gardner@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [PATCH 3/3] cifs: To match file servers,
 make sure the server hostname matches
Date: Tue,  4 Jan 2022 05:33:47 -0700
Message-Id: <20220104123347.13691-4-tim.gardner@canonical.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20220104123347.13691-1-tim.gardner@canonical.com>
References: <20220104123347.13691-1-tim.gardner@canonical.com>
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Shyam Prasad N <sprasad@microsoft.com>

BugLink: https://bugs.launchpad.net/bugs/1954926

commit 7be3248f313930ff3d3436d4e9ddbe9fccc1f541 upstream.

We generally rely on a bunch of factors to differentiate between servers.
For example, IP address, port etc.

For certain server types (like Azure), it is important to make sure
that the server hostname matches too, even if the both hostnames currently
resolve to the same IP address.

Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
Cc: stable@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
[rtg - backported by the Microsoft team. They dropped changes to
fs/cifs/fs_connect.[ch], added a structure tag to fs/cifs/cifsglob.h: struct smb_vol,
misc changes to fs/cifs/connect.c to reflect the intent of the original upstream patch]
---
 fs/cifs/cifsglob.h |  1 +
 fs/cifs/connect.c  | 38 ++++++++++++++++++++++++++++++--------
 2 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 10934d4d5ce33..9607f623c1357 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -538,6 +538,7 @@ struct smb_vol {
 	char *username;
 	char *password;
 	char *domainname;
+	char *server_hostname;
 	char *UNC;
 	char *iocharset;  /* local code page for mapping to and from Unicode */
 	char source_rfc1001_name[RFC1001_NAME_LEN_WITH_NULL]; /* clnt nb name */
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index de188a8b282a5..dfcac2489b46b 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1101,7 +1101,6 @@ static void clean_demultiplex_info(struct TCP_Server_Info *server)
 		 */
 	}
 
-	kfree(server->hostname);
 	kfree(server);
 
 	length = atomic_dec_return(&tcpSesAllocCount);
@@ -1653,6 +1652,11 @@ cifs_parse_devname(const char *devname, struct smb_vol *vol)
 	if (!pos)
 		return -EINVAL;
 
+	/* record the server hostname */
+	vol->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
+	if (!vol->server_hostname)
+		return -ENOMEM;
+
 	/* skip past delimiter */
 	++pos;
 
@@ -2510,6 +2514,12 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
 		goto cifs_parse_mount_err;
 	}
 #endif
+
+	if (!vol->server_hostname) {
+		cifs_dbg(VFS, "CIFS mount error: Unable to parse server name in device string!\n");
+		goto cifs_parse_mount_err;
+	}
+
 	if (!vol->UNC) {
 		cifs_dbg(VFS, "CIFS mount error: No usable UNC path provided in device string!\n");
 		goto cifs_parse_mount_err;
@@ -2712,6 +2722,9 @@ static int match_server(struct TCP_Server_Info *server, struct smb_vol *vol)
 	if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
 		return 0;
 
+	if (strcasecmp(server->hostname, vol->server_hostname))
+		return 0;
+
 	if (!match_address(server, addr,
 			   (struct sockaddr *)&vol->srcaddr))
 		return 0;
@@ -2796,6 +2809,7 @@ cifs_put_tcp_session(struct TCP_Server_Info *server, int from_reconnect)
 	kfree(server->session_key.response);
 	server->session_key.response = NULL;
 	server->session_key.len = 0;
+	kfree(server->hostname);
 
 	task = xchg(&server->tsk, NULL);
 	if (task)
@@ -2821,14 +2835,15 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
 		goto out_err;
 	}
 
+	tcp_ses->hostname = kstrdup(volume_info->server_hostname, GFP_KERNEL);
+	if (!tcp_ses->hostname) {
+		rc = -ENOMEM;
+		goto out_err;
+	}
+
 	tcp_ses->ops = volume_info->ops;
 	tcp_ses->vals = volume_info->vals;
 	cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
-	tcp_ses->hostname = extract_hostname(volume_info->UNC);
-	if (IS_ERR(tcp_ses->hostname)) {
-		rc = PTR_ERR(tcp_ses->hostname);
-		goto out_err_crypto_release;
-	}
 
 	tcp_ses->noblockcnt = volume_info->rootfs;
 	tcp_ses->noblocksnd = volume_info->noblocksnd || volume_info->rootfs;
@@ -2942,8 +2957,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
 
 out_err:
 	if (tcp_ses) {
-		if (!IS_ERR(tcp_ses->hostname))
-			kfree(tcp_ses->hostname);
+		kfree(tcp_ses->hostname);
 		if (tcp_ses->ssocket)
 			sock_release(tcp_ses->ssocket);
 		kfree(tcp_ses);
@@ -4272,6 +4286,7 @@ cifs_cleanup_volume_info_contents(struct smb_vol *volume_info)
 	kfree(volume_info->username);
 	kzfree(volume_info->password);
 	kfree(volume_info->UNC);
+	kfree(volume_info->server_hostname);
 	kfree(volume_info->domainname);
 	kfree(volume_info->iocharset);
 	kfree(volume_info->prepath);
@@ -4541,6 +4556,12 @@ static int update_vol_info(const struct dfs_cache_tgt_iterator *tgt_it,
 	kfree(vol->UNC);
 	vol->UNC = new_unc;
 
+	if (fake_vol->server_hostname) {
+		kfree(vol->server_hostname);
+		vol->server_hostname = fake_vol->server_hostname;
+		fake_vol->server_hostname = NULL;
+	}
+
 	if (fake_vol->prepath) {
 		kfree(vol->prepath);
 		vol->prepath = fake_vol->prepath;
@@ -5342,6 +5363,7 @@ cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid)
 	vol_info->linux_uid = fsuid;
 	vol_info->cred_uid = fsuid;
 	vol_info->UNC = master_tcon->treeName;
+	vol_info->server_hostname = master_tcon->ses->server->hostname;
 	vol_info->retry = master_tcon->retry;
 	vol_info->nocase = master_tcon->nocase;
 	vol_info->nohandlecache = master_tcon->nohandlecache;