Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 24 Jan 2015 03:07:11 +0900
From:      "Daisuke Aoyama" <aoyama@peach.ne.jp>
To:        "Rui Paulo" <rpaulo@me.com>, "Dan Raymond" <draymond@foxvalley.net>
Cc:        freebsd-arm@freebsd.org
Subject:   Re: mount_smbfs
Message-ID:  <6E32991C3BD8465DB8DB0E65DFDA47AA@ad.peach.ne.jp>
In-Reply-To: <4759EAA0-D4AA-4923-9350-B7E753819169@me.com>
References:  <54B9DCD1.3040306@foxvalley.net> <4759EAA0-D4AA-4923-9350-B7E753819169@me.com>

next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.

------=_NextPart_000_01A0_01D03782.D8FE3940
Content-Type: text/plain;
	format=flowed;
	charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit

Hello,

> On Jan 16, 2015, at 19:53, Dan Raymond <draymond@foxvalley.net> wrote:
>>
>> Any reason why mount_smbfs is missing?
>>
>> # ls -la /sbin/mount*
>> -r-xr-xr-x  1 root  wheel  20628 Nov 24 05:30 /sbin/mount
>> -r-xr-xr-x  1 root  wheel  10156 Nov 24 05:30 /sbin/mount_cd9660
>> -r-xr-xr-x  1 root  wheel  14324 Nov 24 05:30 /sbin/mount_fusefs
>> -r-xr-xr-x  2 root  wheel  12200 Nov 24 05:30 /sbin/mount_mfs
>> -r-xr-xr-x  1 root  wheel  10896 Nov 24 05:30 /sbin/mount_msdosfs
>> -r-xr-xr-x  2 root  wheel  21164 Nov 24 05:30 /sbin/mount_nfs
>> -r-xr-xr-x  1 root  wheel   7200 Nov 24 05:30 /sbin/mount_nullfs
>> -r-xr-xr-x  2 root  wheel  21164 Nov 24 05:30 /sbin/mount_oldnfs
>> -r-xr-xr-x  1 root  wheel   8772 Nov 24 05:30 /sbin/mount_udf
>> -r-xr-xr-x  1 root  wheel   7852 Nov 24 05:30 /sbin/mount_unionfs
>
> Probably because no one tested it on arm.  Does it work for you if you build it manually?

I've tested mount_smbfs. It seems a word alignment bug similar C++ exception I wrote few days 
ago.
http://lists.freebsd.org/pipermail/freebsd-arm/2015-January/009998.html

Because of this, you will send bogus name to SMB sever like:

# mount_smbfs -I 172.18.0.241 -E UTF-8:UTF-8 //aoyama@nas4free/hast /smb
a bug somewhere in the nb_name* code
a bug somewhere in the nb_name* code

I don't know this crash the server.

/usr/src/contrib/smbfs/lib/smb/nb_name.c:
----------------------------------------------------------------------
call nb_name_encode() with snb->snb_name (malloced aligned buffer)

     92         error = nb_snballoc(nmlen, &snb);
     93         if (error)
     94                 return error;
     95         if (nmlen != nb_name_encode(np, snb->snb_name))
     96                 printf("a bug somewhere in the nb_name* code\n");

buffer used as u_short* but cp is odd address due to L.165.

    162         u_char *cp = dst;  // dst = snb->snb_name

    165         *cp++ = NB_ENCNAMELEN; // cp is odd address after this
    166         name = np->nn_name;
    167         if (name[0] == '*' && name[1] == 0) {
    168                 *(u_short*)cp = NBENCODE('*');  // BUG!! write odd address with 16bit 
width access

    173                         *(u_short*)cp = NBENCODE(toupper(*name)); // same

    179                 *(u_short*)cp = NBENCODE(np->nn_type); // same

    182         *cp = 0;
----------------------------------------------------------------------
So, we need byte access here, too :D
Quick hack patch is attached.

How to use this patch:
----------------------------------------------------------------------
If you don't have source tree, check out with your kernel version specified by "-r".
# uname -v
FreeBSD 11.0-CURRENT #0 r277169M: Wed Jan 14 22:06:07 JST 2015 
aoyama@fbs11.local:/usr/local/src/crochet-freebsd/work/obj/arm.armv6/usr/src/sys/RPI-B-test22
# svnlite checkout -r 277169 svn://svn.FreeBSD.org/base/head /usr/src

Apply the patch
# cd /usr/src
# patch < /path/to/nb_name.c.patch

Build the patched library and required files
# cd /usr/src/lib/libsmb
# make && make install

# cd /usr/src/sys/modules/smbfs
# make && make install

# cd /usr/src/usr.sbin/mount_smbfs
# make && make install

Now you have mount_smbfs. Try to connect SMB server:

# mkdir /smb
# mount_smbfs -I 172.18.0.241 -E UTF-8:UTF-8 //aoyama@nas4free/hast /smb
Password:

# df -h
Filesystem                Size    Used   Avail Capacity  Mounted on
/dev/mmcsd0s3a             28G    6.2G     20G    24%    /
devfs                     1.0K    1.0K      0B   100%    /dev
/dev/mmcsd0s1              19M    7.1M     12M    37%    /boot/msdos
tmpfs                      64M    4.0K     64M     0%    /tmp
tmpfs                     8.0M    4.0K    8.0M     0%    /var/tmp
//AOYAMA@NAS4FREE/HAST    992M    322M    669M    32%    /smb

It works! In server side, you can see the client machine name like this:

nas4free-testb: ~ # smbstatus -d0 -b

Samba version 4.1.16
PID     Username      Group         Machine
-------------------------------------------------------------------
3946      aoyama        admin         raspberry-pi (ipv4:172.18.0.148:56979)

nas4free-testb: ~ # ifconfig carp0
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
        inet 172.18.0.241 netmask 0xffff0000
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        carp: MASTER vhid 1 advbase 1 advskew 100
----------------------------------------------------------------------

Try it yourself.
-- 
Daisuke Aoyama
  
------=_NextPart_000_01A0_01D03782.D8FE3940
Content-Type: application/octet-stream;
	name="nb_name.c.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
	filename="nb_name.c.patch"

Index: contrib/smbfs/lib/smb/nb_name.c=0A=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A=
--- contrib/smbfs/lib/smb/nb_name.c	(revision 277169)=0A=
+++ contrib/smbfs/lib/smb/nb_name.c	(working copy)=0A=
@@ -150,7 +150,13 @@=0A=
 memsetw(char *dst, int n, u_short word)=0A=
 {=0A=
 	while (n--) {=0A=
+#if defined(__arm__)=0A=
+		// NBENCODE() use htole16=0A=
+		*(dst + 1) =3D (word >> 8) & 0xffU;=0A=
+		*(dst + 0) =3D (word >> 0) & 0xffU;=0A=
+#else=0A=
 		*(u_short*)dst =3D word;=0A=
+#endif=0A=
 		dst +=3D 2;=0A=
 	}=0A=
 }=0A=
@@ -165,18 +171,35 @@=0A=
 	*cp++ =3D NB_ENCNAMELEN;=0A=
 	name =3D np->nn_name;=0A=
 	if (name[0] =3D=3D '*' && name[1] =3D=3D 0) {=0A=
+#if defined(__arm__)=0A=
+		*(cp + 1) =3D (NBENCODE('*') >> 8) & 0xffU;=0A=
+		*(cp + 0) =3D (NBENCODE('*') >> 0) & 0xffU;=0A=
+#else=0A=
 		*(u_short*)cp =3D NBENCODE('*');=0A=
+#endif=0A=
 		memsetw(cp + 2, NB_NAMELEN - 1, NBENCODE(' '));=0A=
 		cp +=3D NB_ENCNAMELEN;=0A=
 	} else {=0A=
 		for (i =3D 0; *name && i < NB_NAMELEN - 1; i++, cp +=3D 2, name++)=0A=
+#if defined(__arm__)=0A=
+		{=0A=
+			*(cp + 1) =3D (NBENCODE(toupper(*name)) >> 8) & 0xffU;=0A=
+			*(cp + 0) =3D (NBENCODE(toupper(*name)) >> 0) & 0xffU;=0A=
+		}=0A=
+#else=0A=
 			*(u_short*)cp =3D NBENCODE(toupper(*name));=0A=
+#endif=0A=
 		i =3D NB_NAMELEN - i - 1;=0A=
 		if (i > 0) {=0A=
 			memsetw(cp, i, NBENCODE(' '));=0A=
 			cp +=3D i * 2;=0A=
 		}=0A=
+#if defined(__arm__)=0A=
+		*(cp + 1) =3D (NBENCODE(np->nn_type) >> 8) & 0xffU;=0A=
+		*(cp + 0) =3D (NBENCODE(np->nn_type) >> 0) & 0xffU;=0A=
+#else=0A=
 		*(u_short*)cp =3D NBENCODE(np->nn_type);=0A=
+#endif=0A=
 		cp +=3D 2;=0A=
 	}=0A=
 	*cp =3D 0;=0A=

------=_NextPart_000_01A0_01D03782.D8FE3940--




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6E32991C3BD8465DB8DB0E65DFDA47AA>