Re: [PATCH] smb: client: Don't log plaintext credentials in cifs_set_cifscreds

Next message: Joel Fernandes: "Re: [PATCH v11 4/4] rust: gpu: Add GPU buddy allocator bindings"
Previous message: Thomas Wei&#xDF;schuh: "Re: [PATCH v3 next 04/17] selftests/nolibc: Improve reporting of vfprintf() errors"
In reply to: Thorsten Blum: "[PATCH] smb: client: Don't log plaintext credentials in cifs_set_cifscreds"
Next in thread: Steve French: "Re: [PATCH] smb: client: Don't log plaintext credentials in cifs_set_cifscreds"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Paulo Alcantara

Date: Thu Feb 26 2026 - 16:41:32 EST

Thorsten Blum <thorsten.blum@xxxxxxxxx> writes:

> When debug logging is enabled, cifs_set_cifscreds() logs the key
> payload and exposes the plaintext username and password. Remove the
> debug log to avoid exposing credentials.
>
> Fixes: 8a8798a5ff90 ("cifs: fetch credentials out of keyring for non-krb5 auth multiuser mounts")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>
> ---
> fs/smb/client/connect.c | 1 -
> 1 file changed, 1 deletion(-)

Acked-by: Paulo Alcantara (Red Hat) <pc@xxxxxxxxxxxxx>