On Mon, 7 Nov 2022 at 23:40, Thorsten Leemhuis
<regressions@xxxxxxxxxxxxx> wrote:
>
> On 07.11.22 14:31, ronnie sahlberg wrote:
> > On Mon, 7 Nov 2022 at 23:20, Thorsten Leemhuis
> > <regressions@xxxxxxxxxxxxx> wrote:
> >>
> >> On 01.11.22 18:53, Thorsten Leemhuis wrote:
> >>> On 12.10.22 01:12, Ronnie Sahlberg wrote:
> >>>> BZ: 215375
> >>>>
> >>>> Fixes: 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c ("cifs: remove support for NTLM and weaker authentication algorithms")
> >>>> Signed-off-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx>
> >>>
> >>> Ronnie, Steve, did this change create any trouble in 6.1 pre-releases so
> >>> far? If not: could you please consider submitting this change for
> >>> inclusion in 6.0 and 5.15, as this is a regression from the 5.15 days
> >>> that according to the bugzilla ticket seem to annoy some people a lot.
> >>
> >> Ronnie, Steve, if you have a minute, I would really appreciate your help
> >> in this matter, you are the best people to judge here.
> >
> > Thanks for the reminder. I don't think there were any issues in the
> > pre-release so we should try to get it into the stable kernels.
>
> Great.
>
> > I am not sure how that process works since the patch is already in upstream.
> > (I have only seen the process where you flag the patch with cc-stable.)
> > Can you explain the process on how to flag this existing patch for backporting?
>
> Documentation/process/stable-kernel-rules.rst (or
> https://docs.kernel.org/process/stable-kernel-rules.html ) explains this
> (see option 3 there) better than I can. The patch afaics needs to got to
> 6.0 and 5.15.
Thanks. What we need here is option 2.
Steve, can you send an email for option 2 so we get it in the older kernels?
>
> Many thx for taking care of this!
>
> Ciao, Thorsten
>
>
> >>>> ---
> >>>> fs/cifs/connect.c | 11 +++++------
> >>>> 1 file changed, 5 insertions(+), 6 deletions(-)
> >>>>
> >>>> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
> >>>> index 93e59b3b36c7..c77232096c12 100644
> >>>> --- a/fs/cifs/connect.c
> >>>> +++ b/fs/cifs/connect.c
> >>>> @@ -3922,12 +3922,11 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
> >>>> pSMB->AndXCommand = 0xFF;
> >>>> pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
> >>>> bcc_ptr = &pSMB->Password[0];
> >>>> - if (tcon->pipe || (ses->server->sec_mode & SECMODE_USER)) {
> >>>> - pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> >>>> - *bcc_ptr = 0; /* password is null byte */
> >>>> - bcc_ptr++; /* skip password */
> >>>> - /* already aligned so no need to do it below */
> >>>> - }
> >>>> +
> >>>> + pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
> >>>> + *bcc_ptr = 0; /* password is null byte */
> >>>> + bcc_ptr++; /* skip password */
> >>>> + /* already aligned so no need to do it below */
> >>>>
> >>>> if (ses->server->sign)
> >>>> smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
> >
