Re: [PATCH] smb: client: Don't log plaintext credentials in cifs_set_cifscreds

Next message: David Matlack: "Re: [PATCH v2 08/22] vfio: Enforce preserved devices are retrieved via LIVEUPDATE_SESSION_RETRIEVE_FD"
Previous message: Steve French: "Re: [PATCH] smb: client: Use snprintf in cifs_set_cifscreds"
In reply to: Paulo Alcantara: "Re: [PATCH] smb: client: Don't log plaintext credentials in cifs_set_cifscreds"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Steve French

Date: Thu Feb 26 2026 - 18:27:24 EST

Added to cifs-2.6.git for-next pending additional testing (also added
the Acked-by)

On Thu, Feb 26, 2026 at 3:41 PM Paulo Alcantara <pc@xxxxxxxxxxxxx> wrote:
>
> Thorsten Blum <thorsten.blum@xxxxxxxxx> writes:
>
> > When debug logging is enabled, cifs_set_cifscreds() logs the key
> > payload and exposes the plaintext username and password. Remove the
> > debug log to avoid exposing credentials.
> >
> > Fixes: 8a8798a5ff90 ("cifs: fetch credentials out of keyring for non-krb5 auth multiuser mounts")
> > Cc: stable@xxxxxxxxxxxxxxx
> > Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>
> > ---
> > fs/smb/client/connect.c | 1 -
> > 1 file changed, 1 deletion(-)
>
> Acked-by: Paulo Alcantara (Red Hat) <pc@xxxxxxxxxxxxx>

--
Thanks,

Steve