smb3: display security information in /proc/fs/cifs/DebugData more accurately (ffd1ef1e) · Commits · 戴 / test

When the server required encryption (but we didn't connect to it with the "seal" mount option) we weren't displaying in /proc/fs/cifs/DebugData that the tcon for that share was encrypted. Similarly we were not displaying that signing was required when ses->sign was enabled (we only checked ses->server->sign). This makes it easier to debug when in fact the connection is signed (or sealed), whether for performance or security questions. Signed-off-by:

Steve French <stfrench@microsoft.com> Reviewed-by:

Ronnie Sahlberg <lsahlber@redhat.com>

fs/cifs/cifs_debug.c

+7 −1

Original line number	Diff line number	Diff line
		@@ -115,7 +115,9 @@ static void cifs_debug_tcon(struct seq_file m, struct cifs_tcon tcon)
		seq_puts(m, " type: CDROM ");
		else
		seq_printf(m, " type: %d ", dev_type);
		if (tcon->seal)
		if ((tcon->seal) \|\|
		(tcon->ses->session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA) \|\|
		(tcon->share_flags & SHI1005_FLAGS_ENCRYPT_DATA))
		seq_printf(m, " Encrypted");
		if (tcon->nocase)
		seq_printf(m, " nocase");
		@@ -371,6 +373,10 @@ skip_rdma:
		atomic_read(&server->in_send),
		atomic_read(&server->num_waiters));
		#endif
		if (ses->session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA)
		seq_puts(m, " encrypted");
		if (ses->sign)
		seq_puts(m, " signed");

		seq_puts(m, "\n\tShares:");
		j = 0;

Admin message