[lucid/fsl-imx51, maverick/ti-omap4 CVE 1/2] cifs: always do is_path_accessible check in cifs_mount

[Andy Whitcroft]

From: Jeff Layton <jlayton at redhat.com>

Currently, we skip doing the is_path_accessible check in cifs_mount if
there is no prefixpath. I have a report of at least one server however
that allows a TREE_CONNECT to a share that has a DFS referral at its
root. The reporter in this case was using a UNC that had no prefixpath,
so the is_path_accessible check was not triggered and the box later hit
a BUG() because we were chasing a DFS referral on the root dentry for
the mount.

This patch fixes this by removing the check for a zero-length
prefixpath.  That should make the is_path_accessible check be done in
this situation and should allow the client to chase the DFS referral at
mount time instead.

Cc: stable at kernel.org
Reported-and-Tested-by: Yogesh Sharma <ysharma at cymer.com>
Signed-off-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Steve French <sfrench at us.ibm.com>

(cherry picked from commit 70945643722ffeac779d2529a348f99567fa5c33)
CVE-2011-3363
BugLink: http://bugs.launchpad.net/bugs/866034
Signed-off-by: Andy Whitcroft <apw at canonical.com>
---
 fs/cifs/connect.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 08a44ca..f4e13d6 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2512,7 +2512,7 @@ try_mount_again:
 
 remote_path_check:
 	/* check if a whole path (including prepath) is not remote */
-	if (!rc && cifs_sb->prepathlen && tcon) {
+	if (!rc && tcon) {
 		/* build_path_to_root works only when we have a valid tcon */
 		full_path = cifs_build_path_to_root(cifs_sb);
 		if (full_path == NULL) {
-- 
1.7.4.1