CIFS errors on 4.4.0-98, but not on 4.4.0-97 with same config
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Fix Released
|
High
|
Unassigned | ||
Xenial |
Fix Released
|
High
|
Unassigned | ||
Zesty |
Fix Released
|
High
|
Unassigned | ||
Artful |
Won't Fix
|
High
|
Unassigned |
Bug Description
== SRU Justification ==
The bug reporter stated they have a cluster of servers that applied Xenial updates
and then were unable to mount CIFS shares after upgrading to 4.4.0-98. The
same machines on 4.4.0-97 do not hit the regression. It was found that the
regression is fixed by mainline commit:
4587eee04e2a ("SMB3: Validate negotiate request must always be signed").
This fix is required in all Ubuntu supported releases. Commit 4587eee04e2a
landed in mailine as of 4.14-rc7. It was also cc'd to upstream stable,
but it has not landed in any stable releases yet, which is the reason for
this SRU.
== Fix ==
commit 4587eee04e2ac7a
Author: Steve French <email address hidden>
Date: Wed Oct 25 15:58:31 2017 -0500
SMB3: Validate negotiate request must always be signed
== Regression Potential ==
This patch is to fix a regression. It was also cc'd to upstream stable, so
it received addition review upstream.
We have a cluster of servers that applied a security update overnight and were unable to mount CIFS shares after upgrading to 4.4.0-98. The same machines on 4.4.0-97 were fine the night before, and are fine after downgrading. The only error message CIFS would report, even on verbose, was:
[ 257.089876] CIFS VFS: validate protocol negotiate failed: -11
[ 257.089964] CIFS VFS: cifs_mount failed w/return code = -5
Rebooting did not help. Nor did attempting to mount the share manually using mount -t cifs.
Here's the offending line from our /etc/fstab (with hostnames sanitized):
//server/share /mnt/share cifs rw,user,
,exec,soft,
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-
ProcVersionSign
Uname: Linux 4.4.0-98-generic x86_64
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Nov 1 07:56 seq
crw-rw---- 1 root audio 116, 33 Nov 1 07:56 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
ApportVersion: 2.20.1-0ubuntu2.10
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
Date: Wed Nov 1 08:49:47 2017
HibernationDevice: RESUME=
InstallationDate: Installed on 2016-12-16 (319 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: VMware, Inc. VMware Virtual Platform
PciMultimedia:
ProcFB: 0 svgadrmfb
ProcKernelCmdLine: BOOT_IMAGE=
RelatedPackageV
linux-
linux-
linux-firmware 1.157.13
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 09/21/2015
dmi.bios.vendor: Phoenix Technologies LTD
dmi.bios.version: 6.00
dmi.board.name: 440BX Desktop Reference Platform
dmi.board.vendor: Intel Corporation
dmi.board.version: None
dmi.chassis.
dmi.chassis.type: 1
dmi.chassis.vendor: No Enclosure
dmi.chassis.
dmi.modalias: dmi:bvnPhoenixT
dmi.product.name: VMware Virtual Platform
dmi.product.
dmi.sys.vendor: VMware, Inc.
CVE References
Changed in linux (Ubuntu): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Xenial): | |
status: | New → Incomplete |
importance: | Undecided → High |
status: | Incomplete → In Progress |
assignee: | nobody → Joseph Salisbury (jsalisbury) |
Changed in linux (Ubuntu): | |
assignee: | nobody → Joseph Salisbury (jsalisbury) |
status: | Confirmed → In Progress |
Changed in linux (Ubuntu Trusty): | |
status: | New → In Progress |
Changed in linux (Ubuntu Zesty): | |
status: | New → In Progress |
Changed in linux (Ubuntu Artful): | |
status: | New → In Progress |
Changed in linux (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Zesty): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Artful): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Trusty): | |
assignee: | nobody → Joseph Salisbury (jsalisbury) |
Changed in linux (Ubuntu Zesty): | |
assignee: | nobody → Joseph Salisbury (jsalisbury) |
Changed in linux (Ubuntu Artful): | |
assignee: | nobody → Joseph Salisbury (jsalisbury) |
description: | updated |
description: | updated |
Changed in linux (Ubuntu Artful): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Zesty): | |
status: | In Progress → Fix Released |
Changed in linux (Ubuntu Trusty): | |
status: | In Progress → Fix Released |
Changed in linux (Ubuntu): | |
status: | In Progress → Fix Released |
tags: | added: cscc |
This change was made by a bot.