smb3: display security information in /proc/fs/cifs/DebugData more accurately
authorSteve French <stfrench@microsoft.com>
Sun, 10 Mar 2019 00:12:18 +0000 (18:12 -0600)
committerSteve French <stfrench@microsoft.com>
Fri, 15 Mar 2019 00:32:35 +0000 (19:32 -0500)
When the server required encryption (but we didn't connect to it with the
"seal" mount option) we weren't displaying in /proc/fs/cifs/DebugData that
the tcon for that share was encrypted. Similarly we were not displaying
that signing was required when ses->sign was enabled (we only
checked ses->server->sign).  This makes it easier to debug when in
fact the connection is signed (or sealed), whether for performance
or security questions.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
fs/cifs/cifs_debug.c

index e92a2fee3c577bd7fc8c63e3e10edf079ca97686..faeb1452cc2da64afd4be490ba4018affca71934 100644 (file)
@@ -115,7 +115,9 @@ static void cifs_debug_tcon(struct seq_file *m, struct cifs_tcon *tcon)
                seq_puts(m, " type: CDROM ");
        else
                seq_printf(m, " type: %d ", dev_type);
-       if (tcon->seal)
+       if ((tcon->seal) ||
+           (tcon->ses->session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA) ||
+           (tcon->share_flags & SHI1005_FLAGS_ENCRYPT_DATA))
                seq_printf(m, " Encrypted");
        if (tcon->nocase)
                seq_printf(m, " nocase");
@@ -371,6 +373,10 @@ skip_rdma:
                                atomic_read(&server->in_send),
                                atomic_read(&server->num_waiters));
 #endif
+                       if (ses->session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA)
+                               seq_puts(m, " encrypted");
+                       if (ses->sign)
+                               seq_puts(m, " signed");
 
                        seq_puts(m, "\n\tShares:");
                        j = 0;