[linux-cifs-client] Re: CIFS, 2.6.9 versus NetApp Filer
Steven French
sfrench at us.ibm.com
Tue Mar 7 16:06:30 GMT 2006
> 2. I've tried to recompile 2.6.9 kernel with CIFS manually upgraded to
> 1.40a (cifs-1.40a-forFC3orRHEL4orSuSEWrk9.tar.gz).
> Now it appears to solve the problem in point 1, but now another issue
> strikes - umount takes a significant amount of time, with the following
> errors visible in dmesg:
>
> CIFS VFS: Calculated size 0x126 vs actual length 0x27
> CIFS VFS: bad smb size detected for Mid=9
> Bad SMB: : dump of 48 bytes of data at 0x14602580
>
> 00000023 424d53ff 00000074 00018800 # . . . ÿ S M B t . . . . . . .
> 00000000 00000000 00000000 08d90000 . . . . . . . . . . . . . . Ù .
> 00090000 0000ff00 57000000 00570000 . . . . . ÿ . . . . . W . . W .
> CIFS VFS: No response for cmd 116 mid 9
>
> It happens only with our NetApp Filer.
Yes - as far as I can tell some (or all) versions of their filer
return a malformed response to SMB uLogoffX. As frames whose
internal length is longer than their tcp length could result in a
potential buffer overflow the malformed response from the server is
discarded.
Earlier versions of cifs were not checking frame length strictly enough so
did not run into this. Fortunately if a server is going to give a bad
response, returning it on uLogoffX is pretty harmless (the client will
kill the tcp session when the request times out - but this is only an
inconvenience when the client has mounted with two different userids
to the same NetApp server).
I have reported this bug to NetApp at test events, but don't have a
customer
id so can't open an official defect against their bug tracking system, but
if you can, this is a fairly clear (albeit relatively minor) bug.
Apparently
other clients don't check strictly enough for buffer overflows :)
> In ethereal I can find (upon umount) the following requsts:
> Tree Disconnect Request 0x71
> Logoff AndX Request 0x74
> Both seem succesful.
LogoffX response from the server is bad so it is discarded and times out.
Then
umount proceeds
Steve French
Senior Software Engineer
Linux Technology Center - IBM Austin
phone: 512-838-2294
email: sfrench at-sign us dot ibm dot com
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the linux-cifs-client
mailing list