Would multichannel require a new negotiate protocol? We are only generating it in get_tcp_session - and would probably not go through that path when connecting another socket to the original parent struct. Currently the model where tcons hang off smb sessions which hang off tcp sessions looks strange when you consider multiple tcp connections but have to distinguish the code which connects the first tcp session for a machine and sets up the parent structure that all the others (tcons and smb sessions) hang off, from the code which connects subsequent tcp sessions for multichannel On Thu, May 15, 2014 at 8:36 AM, Tom Talpey <ttalpey@xxxxxxxxxxxxx> wrote: > Won't this need to be undone for multichannel support? The client GUID needs to be the same when connecting multiple channels, a different one will break cross-channel replay detection. > > It's definitely true that if you intend to negotiate a different dialect, then the client GUID should not be reused. > >> -----Original Message----- >> From: linux-cifs-owner@xxxxxxxxxxxxxxx [mailto:linux-cifs- >> owner@xxxxxxxxxxxxxxx] On Behalf Of Steve French >> Sent: Tuesday, May 13, 2014 10:49 PM >> To: Sachin Prabhu >> Cc: linux-cifs >> Subject: Re: [PATCH] cifs: Set client guid on per connection basis >> >> merged into cifs-2.6.git for-next >> >> but added an additional patch to fix the problem where we are sending a >> non-zero ClientGUID for SMB2.02 dialect (where it MUST be zero according >> to MS-SMB2, it is non-zero starting in SMB2.1) >> >> On Tue, May 13, 2014 at 1:48 AM, Sachin Prabhu <sprabhu@xxxxxxxxxx> >> wrote: >> > When mounting from a Windows 2012R2 server, we hit the following >> > problem: >> > 1) Mount with any of the following versions - 2.0, 2.1 or 3.0 >> > 2) unmount >> > 3) Attempt a mount again using a different SMB version >= 2.0. >> > >> > You end up with the following failure: >> > Status code returned 0xc0000203 STATUS_USER_SESSION_DELETED CIFS >> VFS: >> > Send error in SessSetup = -5 CIFS VFS: cifs_mount failed w/return code >> > = -5 >> > >> > I cannot reproduce this issue using a Windows 2008 R2 server. >> > >> > This appears to be caused because we use the same client guid for the >> > connection on first mount which we then disconnect and attempt to >> > mount again using a different protocol version. By generating a new >> > guid each time a new connection is Negotiated, we avoid hitting this >> problem. >> > >> > Signed-off-by: Sachin Prabhu <sprabhu@xxxxxxxxxx> >> > --- >> > fs/cifs/cifsfs.c | 8 -------- >> > fs/cifs/cifsglob.h | 1 + >> > fs/cifs/connect.c | 3 +++ >> > fs/cifs/smb2pdu.c | 5 +++-- >> > fs/cifs/smb2pdu.h | 2 -- >> > 5 files changed, 7 insertions(+), 12 deletions(-) >> > >> > diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index >> > 5be1f99..c80aa5a 100644 >> > --- a/fs/cifs/cifsfs.c >> > +++ b/fs/cifs/cifsfs.c >> > @@ -87,10 +87,6 @@ extern mempool_t *cifs_mid_poolp; >> > >> > struct workqueue_struct *cifsiod_wq; >> > >> > -#ifdef CONFIG_CIFS_SMB2 >> > -__u8 cifs_client_guid[SMB2_CLIENT_GUID_SIZE]; >> > -#endif >> > - >> > /* >> > * Bumps refcount for cifs super block. >> > * Note that it should be only called if a referece to VFS super >> > block is @@ -1192,10 +1188,6 @@ init_cifs(void) >> > spin_lock_init(&cifs_file_list_lock); >> > spin_lock_init(&GlobalMid_Lock); >> > >> > -#ifdef CONFIG_CIFS_SMB2 >> > - get_random_bytes(cifs_client_guid, SMB2_CLIENT_GUID_SIZE); >> > -#endif >> > - >> > if (cifs_max_pending < 2) { >> > cifs_max_pending = 2; >> > cifs_dbg(FYI, "cifs_max_pending set to min of 2\n"); >> > diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index >> > 30f6e92..f74edd2 100644 >> > --- a/fs/cifs/cifsglob.h >> > +++ b/fs/cifs/cifsglob.h >> > @@ -559,6 +559,7 @@ struct TCP_Server_Info { >> > int echo_credits; /* echo reserved slots */ >> > int oplock_credits; /* oplock break reserved slots */ >> > bool echoes:1; /* enable echoes */ >> > + __u8 client_guid[SMB2_CLIENT_GUID_SIZE]; /* Client GUID */ >> > #endif >> > u16 dialect; /* dialect index that server chose */ >> > bool oplocks:1; /* enable oplocks */ diff --git >> > a/fs/cifs/connect.c b/fs/cifs/connect.c index 8813ff7..8b8fe9b 100644 >> > --- a/fs/cifs/connect.c >> > +++ b/fs/cifs/connect.c >> > @@ -2144,6 +2144,9 @@ cifs_get_tcp_session(struct smb_vol >> *volume_info) >> > sizeof(tcp_ses->srcaddr)); >> > memcpy(&tcp_ses->dstaddr, &volume_info->dstaddr, >> > sizeof(tcp_ses->dstaddr)); >> > +#ifdef CONFIG_CIFS_SMB2 >> > + get_random_bytes(tcp_ses->client_guid, SMB2_CLIENT_GUID_SIZE); >> > +#endif >> > /* >> > * at this point we are the only ones with the pointer >> > * to the struct since the kernel thread not created yet diff >> > --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 3802f8c..dc44610 >> > 100644 >> > --- a/fs/cifs/smb2pdu.c >> > +++ b/fs/cifs/smb2pdu.c >> > @@ -375,7 +375,7 @@ SMB2_negotiate(const unsigned int xid, struct >> > cifs_ses *ses) >> > >> > req->Capabilities = >> > cpu_to_le32(ses->server->vals->req_capabilities); >> > >> > - memcpy(req->ClientGUID, cifs_client_guid, >> SMB2_CLIENT_GUID_SIZE); >> > + memcpy(req->ClientGUID, server->client_guid, >> > + SMB2_CLIENT_GUID_SIZE); >> > >> > iov[0].iov_base = (char *)req; >> > /* 4 for rfc1002 length field */ @@ -478,7 +478,8 @@ int >> > smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon >> > *tcon) >> > >> > vneg_inbuf.Capabilities = >> > cpu_to_le32(tcon->ses->server->vals->req_capabilities); >> > - memcpy(vneg_inbuf.Guid, cifs_client_guid, >> SMB2_CLIENT_GUID_SIZE); >> > + memcpy(vneg_inbuf.Guid, tcon->ses->server->client_guid, >> > + SMB2_CLIENT_GUID_SIZE); >> > >> > if (tcon->ses->sign) >> > vneg_inbuf.SecurityMode = diff --git >> > a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h index 2022c54..743e11e 100644 >> > --- a/fs/cifs/smb2pdu.h >> > +++ b/fs/cifs/smb2pdu.h >> > @@ -183,8 +183,6 @@ struct smb2_symlink_err_rsp { >> > >> > #define SMB2_CLIENT_GUID_SIZE 16 >> > >> > -extern __u8 cifs_client_guid[SMB2_CLIENT_GUID_SIZE]; >> > - >> > struct smb2_negotiate_req { >> > struct smb2_hdr hdr; >> > __le16 StructureSize; /* Must be 36 */ >> > -- >> > 1.8.4.2 >> > >> > -- >> > To unsubscribe from this list: send the line "unsubscribe linux-cifs" >> > in the body of a message to majordomo@xxxxxxxxxxxxxxx More >> majordomo >> > info at http://vger.kernel.org/majordomo-info.html >> >> >> >> -- >> Thanks, >> >> Steve >> -- >> To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the >> body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at >> http://vger.kernel.org/majordomo-info.html -- Thanks, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html