cifs: allow disabling insecure dialects in the config

commit 7420451f6a109f7f8f1bf283f34d08eba3259fb3 upstream.

allow disabling cifs (SMB1 ie vers=1.0) and vers=2.0 in the
config for the build of cifs.ko if want to always prevent mounting
with these less secure dialects.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Cc: Alakesh Haloi <alakeshh@amazon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig
index 7b95e79..a78c413 100644 (file)
--- a/fs/cifs/Kconfig
+++ b/fs/cifs/Kconfig
@@ -66,9 +66,24 @@ config CIFS_STATS2
          Unless you are a developer or are doing network performance analysis
          or tuning, say N.
 
+config CIFS_ALLOW_INSECURE_LEGACY
+       bool "Support legacy servers which use less secure dialects"
+       depends on CIFS
+       default y
+       help
+         Modern dialects, SMB2.1 and later (including SMB3 and 3.1.1), have
+         additional security features, including protection against
+         man-in-the-middle attacks and stronger crypto hashes, so the use
+         of legacy dialects (SMB1/CIFS and SMB2.0) is discouraged.
+
+         Disabling this option prevents users from using vers=1.0 or vers=2.0
+         on mounts with cifs.ko
+
+         If unsure, say Y.
+
 config CIFS_WEAK_PW_HASH
        bool "Support legacy servers which use weaker LANMAN security"
-       depends on CIFS
+       depends on CIFS && CIFS_ALLOW_INSECURE_LEGACY
        help
          Modern CIFS servers including Samba and most Windows versions
          (since 1997) support stronger NTLM (and even NTLMv2 and Kerberos)

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index fd24c72..d624813 100644 (file)
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1130,6 +1130,7 @@ cifs_parse_smb_version(char *value, struct smb_vol *vol)
        substring_t args[MAX_OPT_ARGS];
 
        switch (match_token(value, cifs_smb_version_tokens, args)) {
+#ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
        case Smb_1:
                vol->ops = &smb1_operations;
                vol->vals = &smb1_values;
@@ -1138,6 +1139,14 @@ cifs_parse_smb_version(char *value, struct smb_vol *vol)
                vol->ops = &smb20_operations;
                vol->vals = &smb20_values;
                break;
+#else
+       case Smb_1:
+               cifs_dbg(VFS, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
+               return 1;
+       case Smb_20:
+               cifs_dbg(VFS, "vers=2.0 mount not permitted when legacy dialects disabled\n");
+               return 1;
+#endif /* CIFS_ALLOW_INSECURE_LEGACY */
        case Smb_21:
                vol->ops = &smb21_operations;
                vol->vals = &smb21_values;