aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--fs/cifs/cifsencrypt.c16
-rw-r--r--fs/cifs/cifsfs.c18
-rw-r--r--fs/cifs/cifsfs.h4
-rw-r--r--fs/cifs/cifsglob.h2
-rw-r--r--fs/cifs/cifssmb.c6
-rw-r--r--fs/cifs/connect.c659
-rw-r--r--fs/cifs/file.c27
-rw-r--r--fs/cifs/misc.c11
-rw-r--r--fs/cifs/sess.c3
9 files changed, 370 insertions, 376 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 259991bd211..e76bfeb6826 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -87,9 +87,15 @@ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server,
87 if ((cifs_pdu == NULL) || (server == NULL)) 87 if ((cifs_pdu == NULL) || (server == NULL))
88 return -EINVAL; 88 return -EINVAL;
89 89
90 if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0) 90 if (!(cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) ||
91 server->tcpStatus == CifsNeedNegotiate)
91 return rc; 92 return rc;
92 93
94 if (!server->session_estab) {
95 strncpy(cifs_pdu->Signature.SecuritySignature, "BSRSPYL", 8);
96 return rc;
97 }
98
93 cifs_pdu->Signature.Sequence.SequenceNumber = 99 cifs_pdu->Signature.Sequence.SequenceNumber =
94 cpu_to_le32(server->sequence_number); 100 cpu_to_le32(server->sequence_number);
95 cifs_pdu->Signature.Sequence.Reserved = 0; 101 cifs_pdu->Signature.Sequence.Reserved = 0;
@@ -178,9 +184,15 @@ int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server,
178 if ((cifs_pdu == NULL) || (server == NULL)) 184 if ((cifs_pdu == NULL) || (server == NULL))
179 return -EINVAL; 185 return -EINVAL;
180 186
181 if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0) 187 if (!(cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) ||
188 server->tcpStatus == CifsNeedNegotiate)
182 return rc; 189 return rc;
183 190
191 if (!server->session_estab) {
192 strncpy(cifs_pdu->Signature.SecuritySignature, "BSRSPYL", 8);
193 return rc;
194 }
195
184 cifs_pdu->Signature.Sequence.SequenceNumber = 196 cifs_pdu->Signature.Sequence.SequenceNumber =
185 cpu_to_le32(server->sequence_number); 197 cpu_to_le32(server->sequence_number);
186 cifs_pdu->Signature.Sequence.Reserved = 0; 198 cifs_pdu->Signature.Sequence.Reserved = 0;
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index 86551747096..212e5629cc1 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -86,24 +86,6 @@ extern mempool_t *cifs_sm_req_poolp;
86extern mempool_t *cifs_req_poolp; 86extern mempool_t *cifs_req_poolp;
87extern mempool_t *cifs_mid_poolp; 87extern mempool_t *cifs_mid_poolp;
88 88
89void
90cifs_sb_active(struct super_block *sb)
91{
92 struct cifs_sb_info *server = CIFS_SB(sb);
93
94 if (atomic_inc_return(&server->active) == 1)
95 atomic_inc(&sb->s_active);
96}
97
98void
99cifs_sb_deactive(struct super_block *sb)
100{
101 struct cifs_sb_info *server = CIFS_SB(sb);
102
103 if (atomic_dec_and_test(&server->active))
104 deactivate_super(sb);
105}
106
107static int 89static int
108cifs_read_super(struct super_block *sb) 90cifs_read_super(struct super_block *sb)
109{ 91{
diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h
index fbd050c8d52..cb71dc1f94d 100644
--- a/fs/cifs/cifsfs.h
+++ b/fs/cifs/cifsfs.h
@@ -41,10 +41,6 @@ extern struct file_system_type cifs_fs_type;
41extern const struct address_space_operations cifs_addr_ops; 41extern const struct address_space_operations cifs_addr_ops;
42extern const struct address_space_operations cifs_addr_ops_smallbuf; 42extern const struct address_space_operations cifs_addr_ops_smallbuf;
43 43
44/* Functions related to super block operations */
45extern void cifs_sb_active(struct super_block *sb);
46extern void cifs_sb_deactive(struct super_block *sb);
47
48/* Functions related to inodes */ 44/* Functions related to inodes */
49extern const struct inode_operations cifs_dir_inode_ops; 45extern const struct inode_operations cifs_dir_inode_ops;
50extern struct inode *cifs_root_iget(struct super_block *); 46extern struct inode *cifs_root_iget(struct super_block *);
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 1fcf4e5b311..38ce6d44b14 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -942,8 +942,6 @@ GLOBAL_EXTERN spinlock_t siduidlock;
942GLOBAL_EXTERN spinlock_t sidgidlock; 942GLOBAL_EXTERN spinlock_t sidgidlock;
943 943
944void cifs_oplock_break(struct work_struct *work); 944void cifs_oplock_break(struct work_struct *work);
945void cifs_oplock_break_get(struct cifsFileInfo *cfile);
946void cifs_oplock_break_put(struct cifsFileInfo *cfile);
947 945
948extern const struct slow_work_ops cifs_oplock_break_ops; 946extern const struct slow_work_ops cifs_oplock_break_ops;
949 947
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 1a9fe7f816d..aac37d99a48 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -107,7 +107,7 @@ static void mark_open_files_invalid(struct cifs_tcon *pTcon)
107static int 107static int
108cifs_reconnect_tcon(struct cifs_tcon *tcon, int smb_command) 108cifs_reconnect_tcon(struct cifs_tcon *tcon, int smb_command)
109{ 109{
110 int rc = 0; 110 int rc;
111 struct cifs_ses *ses; 111 struct cifs_ses *ses;
112 struct TCP_Server_Info *server; 112 struct TCP_Server_Info *server;
113 struct nls_table *nls_codepage; 113 struct nls_table *nls_codepage;
@@ -5720,6 +5720,7 @@ CIFSSMBQAllEAs(const int xid, struct cifs_tcon *tcon,
5720 char *temp_ptr; 5720 char *temp_ptr;
5721 char *end_of_smb; 5721 char *end_of_smb;
5722 __u16 params, byte_count, data_offset; 5722 __u16 params, byte_count, data_offset;
5723 unsigned int ea_name_len = ea_name ? strlen(ea_name) : 0;
5723 5724
5724 cFYI(1, "In Query All EAs path %s", searchName); 5725 cFYI(1, "In Query All EAs path %s", searchName);
5725QAllEAsRetry: 5726QAllEAsRetry:
@@ -5837,7 +5838,8 @@ QAllEAsRetry:
5837 } 5838 }
5838 5839
5839 if (ea_name) { 5840 if (ea_name) {
5840 if (strncmp(ea_name, temp_ptr, name_len) == 0) { 5841 if (ea_name_len == name_len &&
5842 strncmp(ea_name, temp_ptr, name_len) == 0) {
5841 temp_ptr += name_len + 1; 5843 temp_ptr += name_len + 1;
5842 rc = value_len; 5844 rc = value_len;
5843 if (buf_size == 0) 5845 if (buf_size == 0)
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index e66297bad41..80c2e3add3a 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -319,25 +319,328 @@ requeue_echo:
319 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL); 319 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
320} 320}
321 321
322static bool
323allocate_buffers(char **bigbuf, char **smallbuf, unsigned int size,
324 bool is_large_buf)
325{
326 char *bbuf = *bigbuf, *sbuf = *smallbuf;
327
328 if (bbuf == NULL) {
329 bbuf = (char *)cifs_buf_get();
330 if (!bbuf) {
331 cERROR(1, "No memory for large SMB response");
332 msleep(3000);
333 /* retry will check if exiting */
334 return false;
335 }
336 } else if (is_large_buf) {
337 /* we are reusing a dirty large buf, clear its start */
338 memset(bbuf, 0, size);
339 }
340
341 if (sbuf == NULL) {
342 sbuf = (char *)cifs_small_buf_get();
343 if (!sbuf) {
344 cERROR(1, "No memory for SMB response");
345 msleep(1000);
346 /* retry will check if exiting */
347 return false;
348 }
349 /* beginning of smb buffer is cleared in our buf_get */
350 } else {
351 /* if existing small buf clear beginning */
352 memset(sbuf, 0, size);
353 }
354
355 *bigbuf = bbuf;
356 *smallbuf = sbuf;
357
358 return true;
359}
360
361static int
362read_from_socket(struct TCP_Server_Info *server, struct msghdr *smb_msg,
363 struct kvec *iov, unsigned int to_read,
364 unsigned int *ptotal_read, bool is_header_read)
365{
366 int length, rc = 0;
367 unsigned int total_read;
368 char *buf = iov->iov_base;
369
370 for (total_read = 0; total_read < to_read; total_read += length) {
371 length = kernel_recvmsg(server->ssocket, smb_msg, iov, 1,
372 to_read - total_read, 0);
373 if (server->tcpStatus == CifsExiting) {
374 /* then will exit */
375 rc = 2;
376 break;
377 } else if (server->tcpStatus == CifsNeedReconnect) {
378 cifs_reconnect(server);
379 /* Reconnect wakes up rspns q */
380 /* Now we will reread sock */
381 rc = 1;
382 break;
383 } else if (length == -ERESTARTSYS ||
384 length == -EAGAIN ||
385 length == -EINTR) {
386 /*
387 * Minimum sleep to prevent looping, allowing socket
388 * to clear and app threads to set tcpStatus
389 * CifsNeedReconnect if server hung.
390 */
391 usleep_range(1000, 2000);
392 length = 0;
393 if (!is_header_read)
394 continue;
395 /* Special handling for header read */
396 if (total_read) {
397 iov->iov_base = (to_read - total_read) +
398 buf;
399 iov->iov_len = to_read - total_read;
400 smb_msg->msg_control = NULL;
401 smb_msg->msg_controllen = 0;
402 rc = 3;
403 } else
404 rc = 1;
405 break;
406 } else if (length <= 0) {
407 cERROR(1, "Received no data, expecting %d",
408 to_read - total_read);
409 cifs_reconnect(server);
410 rc = 1;
411 break;
412 }
413 }
414
415 *ptotal_read = total_read;
416 return rc;
417}
418
419static bool
420check_rfc1002_header(struct TCP_Server_Info *server, char *buf)
421{
422 char temp = *buf;
423 unsigned int pdu_length = be32_to_cpu(
424 ((struct smb_hdr *)buf)->smb_buf_length);
425
426 /*
427 * The first byte big endian of the length field,
428 * is actually not part of the length but the type
429 * with the most common, zero, as regular data.
430 */
431 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
432 return false;
433 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
434 cFYI(1, "Good RFC 1002 session rsp");
435 return false;
436 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
437 /*
438 * We get this from Windows 98 instead of an error on
439 * SMB negprot response.
440 */
441 cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
442 pdu_length);
443 /* give server a second to clean up */
444 msleep(1000);
445 /*
446 * Always try 445 first on reconnect since we get NACK
447 * on some if we ever connected to port 139 (the NACK
448 * is since we do not begin with RFC1001 session
449 * initialize frame).
450 */
451 cifs_set_port((struct sockaddr *)
452 &server->dstaddr, CIFS_PORT);
453 cifs_reconnect(server);
454 wake_up(&server->response_q);
455 return false;
456 } else if (temp != (char) 0) {
457 cERROR(1, "Unknown RFC 1002 frame");
458 cifs_dump_mem(" Received Data: ", buf, 4);
459 cifs_reconnect(server);
460 return false;
461 }
462
463 /* else we have an SMB response */
464 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
465 (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
466 cERROR(1, "Invalid size SMB length %d pdu_length %d",
467 4, pdu_length+4);
468 cifs_reconnect(server);
469 wake_up(&server->response_q);
470 return false;
471 }
472
473 return true;
474}
475
476static struct mid_q_entry *
477find_cifs_mid(struct TCP_Server_Info *server, struct smb_hdr *buf,
478 int *length, bool is_large_buf, bool *is_multi_rsp, char **bigbuf)
479{
480 struct mid_q_entry *mid = NULL, *tmp_mid, *ret = NULL;
481
482 spin_lock(&GlobalMid_Lock);
483 list_for_each_entry_safe(mid, tmp_mid, &server->pending_mid_q, qhead) {
484 if (mid->mid != buf->Mid ||
485 mid->midState != MID_REQUEST_SUBMITTED ||
486 mid->command != buf->Command)
487 continue;
488
489 if (*length == 0 && check2ndT2(buf, server->maxBuf) > 0) {
490 /* We have a multipart transact2 resp */
491 *is_multi_rsp = true;
492 if (mid->resp_buf) {
493 /* merge response - fix up 1st*/
494 *length = coalesce_t2(buf, mid->resp_buf);
495 if (*length > 0) {
496 *length = 0;
497 mid->multiRsp = true;
498 break;
499 }
500 /* All parts received or packet is malformed. */
501 mid->multiEnd = true;
502 goto multi_t2_fnd;
503 }
504 if (!is_large_buf) {
505 /*FIXME: switch to already allocated largebuf?*/
506 cERROR(1, "1st trans2 resp needs bigbuf");
507 } else {
508 /* Have first buffer */
509 mid->resp_buf = buf;
510 mid->largeBuf = true;
511 *bigbuf = NULL;
512 }
513 break;
514 }
515 mid->resp_buf = buf;
516 mid->largeBuf = is_large_buf;
517multi_t2_fnd:
518 if (*length == 0)
519 mid->midState = MID_RESPONSE_RECEIVED;
520 else
521 mid->midState = MID_RESPONSE_MALFORMED;
522#ifdef CONFIG_CIFS_STATS2
523 mid->when_received = jiffies;
524#endif
525 list_del_init(&mid->qhead);
526 ret = mid;
527 break;
528 }
529 spin_unlock(&GlobalMid_Lock);
530
531 return ret;
532}
533
534static void clean_demultiplex_info(struct TCP_Server_Info *server)
535{
536 int length;
537
538 /* take it off the list, if it's not already */
539 spin_lock(&cifs_tcp_ses_lock);
540 list_del_init(&server->tcp_ses_list);
541 spin_unlock(&cifs_tcp_ses_lock);
542
543 spin_lock(&GlobalMid_Lock);
544 server->tcpStatus = CifsExiting;
545 spin_unlock(&GlobalMid_Lock);
546 wake_up_all(&server->response_q);
547
548 /*
549 * Check if we have blocked requests that need to free. Note that
550 * cifs_max_pending is normally 50, but can be set at module install
551 * time to as little as two.
552 */
553 spin_lock(&GlobalMid_Lock);
554 if (atomic_read(&server->inFlight) >= cifs_max_pending)
555 atomic_set(&server->inFlight, cifs_max_pending - 1);
556 /*
557 * We do not want to set the max_pending too low or we could end up
558 * with the counter going negative.
559 */
560 spin_unlock(&GlobalMid_Lock);
561 /*
562 * Although there should not be any requests blocked on this queue it
563 * can not hurt to be paranoid and try to wake up requests that may
564 * haven been blocked when more than 50 at time were on the wire to the
565 * same server - they now will see the session is in exit state and get
566 * out of SendReceive.
567 */
568 wake_up_all(&server->request_q);
569 /* give those requests time to exit */
570 msleep(125);
571
572 if (server->ssocket) {
573 sock_release(server->ssocket);
574 server->ssocket = NULL;
575 }
576
577 if (!list_empty(&server->pending_mid_q)) {
578 struct list_head dispose_list;
579 struct mid_q_entry *mid_entry;
580 struct list_head *tmp, *tmp2;
581
582 INIT_LIST_HEAD(&dispose_list);
583 spin_lock(&GlobalMid_Lock);
584 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
585 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
586 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
587 mid_entry->midState = MID_SHUTDOWN;
588 list_move(&mid_entry->qhead, &dispose_list);
589 }
590 spin_unlock(&GlobalMid_Lock);
591
592 /* now walk dispose list and issue callbacks */
593 list_for_each_safe(tmp, tmp2, &dispose_list) {
594 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
595 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
596 list_del_init(&mid_entry->qhead);
597 mid_entry->callback(mid_entry);
598 }
599 /* 1/8th of sec is more than enough time for them to exit */
600 msleep(125);
601 }
602
603 if (!list_empty(&server->pending_mid_q)) {
604 /*
605 * mpx threads have not exited yet give them at least the smb
606 * send timeout time for long ops.
607 *
608 * Due to delays on oplock break requests, we need to wait at
609 * least 45 seconds before giving up on a request getting a
610 * response and going ahead and killing cifsd.
611 */
612 cFYI(1, "Wait for exit from demultiplex thread");
613 msleep(46000);
614 /*
615 * If threads still have not exited they are probably never
616 * coming home not much else we can do but free the memory.
617 */
618 }
619
620 kfree(server->hostname);
621 kfree(server);
622
623 length = atomic_dec_return(&tcpSesAllocCount);
624 if (length > 0)
625 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
626 GFP_KERNEL);
627}
628
322static int 629static int
323cifs_demultiplex_thread(void *p) 630cifs_demultiplex_thread(void *p)
324{ 631{
325 int length; 632 int length;
326 struct TCP_Server_Info *server = p; 633 struct TCP_Server_Info *server = p;
327 unsigned int pdu_length, total_read; 634 unsigned int pdu_length, total_read;
635 char *buf = NULL, *bigbuf = NULL, *smallbuf = NULL;
328 struct smb_hdr *smb_buffer = NULL; 636 struct smb_hdr *smb_buffer = NULL;
329 struct smb_hdr *bigbuf = NULL;
330 struct smb_hdr *smallbuf = NULL;
331 struct msghdr smb_msg; 637 struct msghdr smb_msg;
332 struct kvec iov; 638 struct kvec iov;
333 struct socket *csocket = server->ssocket;
334 struct list_head *tmp, *tmp2;
335 struct task_struct *task_to_wake = NULL; 639 struct task_struct *task_to_wake = NULL;
336 struct mid_q_entry *mid_entry; 640 struct mid_q_entry *mid_entry;
337 char temp;
338 bool isLargeBuf = false; 641 bool isLargeBuf = false;
339 bool isMultiRsp; 642 bool isMultiRsp = false;
340 int reconnect; 643 int rc;
341 644
342 current->flags |= PF_MEMALLOC; 645 current->flags |= PF_MEMALLOC;
343 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current)); 646 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
@@ -351,35 +654,16 @@ cifs_demultiplex_thread(void *p)
351 while (server->tcpStatus != CifsExiting) { 654 while (server->tcpStatus != CifsExiting) {
352 if (try_to_freeze()) 655 if (try_to_freeze())
353 continue; 656 continue;
354 if (bigbuf == NULL) {
355 bigbuf = cifs_buf_get();
356 if (!bigbuf) {
357 cERROR(1, "No memory for large SMB response");
358 msleep(3000);
359 /* retry will check if exiting */
360 continue;
361 }
362 } else if (isLargeBuf) {
363 /* we are reusing a dirty large buf, clear its start */
364 memset(bigbuf, 0, sizeof(struct smb_hdr));
365 }
366 657
367 if (smallbuf == NULL) { 658 if (!allocate_buffers(&bigbuf, &smallbuf,
368 smallbuf = cifs_small_buf_get(); 659 sizeof(struct smb_hdr), isLargeBuf))
369 if (!smallbuf) { 660 continue;
370 cERROR(1, "No memory for SMB response");
371 msleep(1000);
372 /* retry will check if exiting */
373 continue;
374 }
375 /* beginning of smb buffer is cleared in our buf_get */
376 } else /* if existing small buf clear beginning */
377 memset(smallbuf, 0, sizeof(struct smb_hdr));
378 661
379 isLargeBuf = false; 662 isLargeBuf = false;
380 isMultiRsp = false; 663 isMultiRsp = false;
381 smb_buffer = smallbuf; 664 smb_buffer = (struct smb_hdr *)smallbuf;
382 iov.iov_base = smb_buffer; 665 buf = smallbuf;
666 iov.iov_base = buf;
383 iov.iov_len = 4; 667 iov.iov_len = 4;
384 smb_msg.msg_control = NULL; 668 smb_msg.msg_control = NULL;
385 smb_msg.msg_controllen = 0; 669 smb_msg.msg_controllen = 0;
@@ -393,158 +677,50 @@ incomplete_rcv:
393 "Reconnecting...", server->hostname, 677 "Reconnecting...", server->hostname,
394 (echo_retries * SMB_ECHO_INTERVAL / HZ)); 678 (echo_retries * SMB_ECHO_INTERVAL / HZ));
395 cifs_reconnect(server); 679 cifs_reconnect(server);
396 csocket = server->ssocket;
397 wake_up(&server->response_q); 680 wake_up(&server->response_q);
398 continue; 681 continue;
399 } 682 }
400 683
401 length = 684 rc = read_from_socket(server, &smb_msg, &iov, pdu_length,
402 kernel_recvmsg(csocket, &smb_msg, 685 &total_read, true /* header read */);
403 &iov, 1, pdu_length, 0 /* BB other flags? */); 686 if (rc == 3)
404 687 goto incomplete_rcv;
405 if (server->tcpStatus == CifsExiting) { 688 else if (rc == 2)
406 break; 689 break;
407 } else if (server->tcpStatus == CifsNeedReconnect) { 690 else if (rc == 1)
408 cFYI(1, "Reconnect after server stopped responding");
409 cifs_reconnect(server);
410 cFYI(1, "call to reconnect done");
411 csocket = server->ssocket;
412 continue;
413 } else if (length == -ERESTARTSYS ||
414 length == -EAGAIN ||
415 length == -EINTR) {
416 msleep(1); /* minimum sleep to prevent looping
417 allowing socket to clear and app threads to set
418 tcpStatus CifsNeedReconnect if server hung */
419 if (pdu_length < 4) {
420 iov.iov_base = (4 - pdu_length) +
421 (char *)smb_buffer;
422 iov.iov_len = pdu_length;
423 smb_msg.msg_control = NULL;
424 smb_msg.msg_controllen = 0;
425 goto incomplete_rcv;
426 } else
427 continue;
428 } else if (length <= 0) {
429 cFYI(1, "Reconnect after unexpected peek error %d",
430 length);
431 cifs_reconnect(server);
432 csocket = server->ssocket;
433 wake_up(&server->response_q);
434 continue; 691 continue;
435 } else if (length < pdu_length) {
436 cFYI(1, "requested %d bytes but only got %d bytes",
437 pdu_length, length);
438 pdu_length -= length;
439 msleep(1);
440 goto incomplete_rcv;
441 }
442
443 /* The right amount was read from socket - 4 bytes */
444 /* so we can now interpret the length field */
445 692
446 /* the first byte big endian of the length field, 693 /*
447 is actually not part of the length but the type 694 * The right amount was read from socket - 4 bytes,
448 with the most common, zero, as regular data */ 695 * so we can now interpret the length field.
449 temp = *((char *) smb_buffer); 696 */
450 697
451 /* Note that FC 1001 length is big endian on the wire, 698 /*
452 but we convert it here so it is always manipulated 699 * Note that RFC 1001 length is big endian on the wire,
453 as host byte order */ 700 * but we convert it here so it is always manipulated
701 * as host byte order.
702 */
454 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length); 703 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
455 704
456 cFYI(1, "rfc1002 length 0x%x", pdu_length+4); 705 cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
457 706 if (!check_rfc1002_header(server, buf))
458 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
459 continue;
460 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
461 cFYI(1, "Good RFC 1002 session rsp");
462 continue;
463 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
464 /* we get this from Windows 98 instead of
465 an error on SMB negprot response */
466 cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
467 pdu_length);
468 /* give server a second to clean up */
469 msleep(1000);
470 /* always try 445 first on reconnect since we get NACK
471 * on some if we ever connected to port 139 (the NACK
472 * is since we do not begin with RFC1001 session
473 * initialize frame)
474 */
475 cifs_set_port((struct sockaddr *)
476 &server->dstaddr, CIFS_PORT);
477 cifs_reconnect(server);
478 csocket = server->ssocket;
479 wake_up(&server->response_q);
480 continue;
481 } else if (temp != (char) 0) {
482 cERROR(1, "Unknown RFC 1002 frame");
483 cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
484 length);
485 cifs_reconnect(server);
486 csocket = server->ssocket;
487 continue; 707 continue;
488 }
489
490 /* else we have an SMB response */
491 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
492 (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
493 cERROR(1, "Invalid size SMB length %d pdu_length %d",
494 length, pdu_length+4);
495 cifs_reconnect(server);
496 csocket = server->ssocket;
497 wake_up(&server->response_q);
498 continue;
499 }
500 708
501 /* else length ok */ 709 /* else length ok */
502 reconnect = 0;
503
504 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) { 710 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
505 isLargeBuf = true; 711 isLargeBuf = true;
506 memcpy(bigbuf, smallbuf, 4); 712 memcpy(bigbuf, smallbuf, 4);
507 smb_buffer = bigbuf; 713 smb_buffer = (struct smb_hdr *)bigbuf;
714 buf = bigbuf;
508 } 715 }
509 length = 0; 716
510 iov.iov_base = 4 + (char *)smb_buffer; 717 iov.iov_base = 4 + buf;
511 iov.iov_len = pdu_length; 718 iov.iov_len = pdu_length;
512 for (total_read = 0; total_read < pdu_length; 719 rc = read_from_socket(server, &smb_msg, &iov, pdu_length,
513 total_read += length) { 720 &total_read, false);
514 length = kernel_recvmsg(csocket, &smb_msg, &iov, 1, 721 if (rc == 2)
515 pdu_length - total_read, 0);
516 if (server->tcpStatus == CifsExiting) {
517 /* then will exit */
518 reconnect = 2;
519 break;
520 } else if (server->tcpStatus == CifsNeedReconnect) {
521 cifs_reconnect(server);
522 csocket = server->ssocket;
523 /* Reconnect wakes up rspns q */
524 /* Now we will reread sock */
525 reconnect = 1;
526 break;
527 } else if (length == -ERESTARTSYS ||
528 length == -EAGAIN ||
529 length == -EINTR) {
530 msleep(1); /* minimum sleep to prevent looping,
531 allowing socket to clear and app
532 threads to set tcpStatus
533 CifsNeedReconnect if server hung*/
534 length = 0;
535 continue;
536 } else if (length <= 0) {
537 cERROR(1, "Received no data, expecting %d",
538 pdu_length - total_read);
539 cifs_reconnect(server);
540 csocket = server->ssocket;
541 reconnect = 1;
542 break;
543 }
544 }
545 if (reconnect == 2)
546 break; 722 break;
547 else if (reconnect == 1) 723 else if (rc == 1)
548 continue; 724 continue;
549 725
550 total_read += 4; /* account for rfc1002 hdr */ 726 total_read += 4; /* account for rfc1002 hdr */
@@ -562,75 +738,13 @@ incomplete_rcv:
562 */ 738 */
563 length = checkSMB(smb_buffer, smb_buffer->Mid, total_read); 739 length = checkSMB(smb_buffer, smb_buffer->Mid, total_read);
564 if (length != 0) 740 if (length != 0)
565 cifs_dump_mem("Bad SMB: ", smb_buffer, 741 cifs_dump_mem("Bad SMB: ", buf,
566 min_t(unsigned int, total_read, 48)); 742 min_t(unsigned int, total_read, 48));
567 743
568 mid_entry = NULL;
569 server->lstrp = jiffies; 744 server->lstrp = jiffies;
570 745
571 spin_lock(&GlobalMid_Lock); 746 mid_entry = find_cifs_mid(server, smb_buffer, &length,
572 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) { 747 isLargeBuf, &isMultiRsp, &bigbuf);
573 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
574
575 if (mid_entry->mid != smb_buffer->Mid ||
576 mid_entry->midState != MID_REQUEST_SUBMITTED ||
577 mid_entry->command != smb_buffer->Command) {
578 mid_entry = NULL;
579 continue;
580 }
581
582 if (length == 0 &&
583 check2ndT2(smb_buffer, server->maxBuf) > 0) {
584 /* We have a multipart transact2 resp */
585 isMultiRsp = true;
586 if (mid_entry->resp_buf) {
587 /* merge response - fix up 1st*/
588 length = coalesce_t2(smb_buffer,
589 mid_entry->resp_buf);
590 if (length > 0) {
591 length = 0;
592 mid_entry->multiRsp = true;
593 break;
594 } else {
595 /* all parts received or
596 * packet is malformed
597 */
598 mid_entry->multiEnd = true;
599 goto multi_t2_fnd;
600 }
601 } else {
602 if (!isLargeBuf) {
603 /*
604 * FIXME: switch to already
605 * allocated largebuf?
606 */
607 cERROR(1, "1st trans2 resp "
608 "needs bigbuf");
609 } else {
610 /* Have first buffer */
611 mid_entry->resp_buf =
612 smb_buffer;
613 mid_entry->largeBuf = true;
614 bigbuf = NULL;
615 }
616 }
617 break;
618 }
619 mid_entry->resp_buf = smb_buffer;
620 mid_entry->largeBuf = isLargeBuf;
621multi_t2_fnd:
622 if (length == 0)
623 mid_entry->midState = MID_RESPONSE_RECEIVED;
624 else
625 mid_entry->midState = MID_RESPONSE_MALFORMED;
626#ifdef CONFIG_CIFS_STATS2
627 mid_entry->when_received = jiffies;
628#endif
629 list_del_init(&mid_entry->qhead);
630 break;
631 }
632 spin_unlock(&GlobalMid_Lock);
633
634 if (mid_entry != NULL) { 748 if (mid_entry != NULL) {
635 mid_entry->callback(mid_entry); 749 mid_entry->callback(mid_entry);
636 /* Was previous buf put in mpx struct for multi-rsp? */ 750 /* Was previous buf put in mpx struct for multi-rsp? */
@@ -648,7 +762,7 @@ multi_t2_fnd:
648 !isMultiRsp) { 762 !isMultiRsp) {
649 cERROR(1, "No task to wake, unknown frame received! " 763 cERROR(1, "No task to wake, unknown frame received! "
650 "NumMids %d", atomic_read(&midCount)); 764 "NumMids %d", atomic_read(&midCount));
651 cifs_dump_mem("Received Data is: ", (char *)smb_buffer, 765 cifs_dump_mem("Received Data is: ", buf,
652 sizeof(struct smb_hdr)); 766 sizeof(struct smb_hdr));
653#ifdef CONFIG_CIFS_DEBUG2 767#ifdef CONFIG_CIFS_DEBUG2
654 cifs_dump_detail(smb_buffer); 768 cifs_dump_detail(smb_buffer);
@@ -658,88 +772,13 @@ multi_t2_fnd:
658 } 772 }
659 } /* end while !EXITING */ 773 } /* end while !EXITING */
660 774
661 /* take it off the list, if it's not already */
662 spin_lock(&cifs_tcp_ses_lock);
663 list_del_init(&server->tcp_ses_list);
664 spin_unlock(&cifs_tcp_ses_lock);
665
666 spin_lock(&GlobalMid_Lock);
667 server->tcpStatus = CifsExiting;
668 spin_unlock(&GlobalMid_Lock);
669 wake_up_all(&server->response_q);
670
671 /* check if we have blocked requests that need to free */
672 /* Note that cifs_max_pending is normally 50, but
673 can be set at module install time to as little as two */
674 spin_lock(&GlobalMid_Lock);
675 if (atomic_read(&server->inFlight) >= cifs_max_pending)
676 atomic_set(&server->inFlight, cifs_max_pending - 1);
677 /* We do not want to set the max_pending too low or we
678 could end up with the counter going negative */
679 spin_unlock(&GlobalMid_Lock);
680 /* Although there should not be any requests blocked on
681 this queue it can not hurt to be paranoid and try to wake up requests
682 that may haven been blocked when more than 50 at time were on the wire
683 to the same server - they now will see the session is in exit state
684 and get out of SendReceive. */
685 wake_up_all(&server->request_q);
686 /* give those requests time to exit */
687 msleep(125);
688
689 if (server->ssocket) {
690 sock_release(csocket);
691 server->ssocket = NULL;
692 }
693 /* buffer usually freed in free_mid - need to free it here on exit */ 775 /* buffer usually freed in free_mid - need to free it here on exit */
694 cifs_buf_release(bigbuf); 776 cifs_buf_release(bigbuf);
695 if (smallbuf) /* no sense logging a debug message if NULL */ 777 if (smallbuf) /* no sense logging a debug message if NULL */
696 cifs_small_buf_release(smallbuf); 778 cifs_small_buf_release(smallbuf);
697 779
698 if (!list_empty(&server->pending_mid_q)) {
699 struct list_head dispose_list;
700
701 INIT_LIST_HEAD(&dispose_list);
702 spin_lock(&GlobalMid_Lock);
703 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
704 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
705 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
706 mid_entry->midState = MID_SHUTDOWN;
707 list_move(&mid_entry->qhead, &dispose_list);
708 }
709 spin_unlock(&GlobalMid_Lock);
710
711 /* now walk dispose list and issue callbacks */
712 list_for_each_safe(tmp, tmp2, &dispose_list) {
713 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
714 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
715 list_del_init(&mid_entry->qhead);
716 mid_entry->callback(mid_entry);
717 }
718 /* 1/8th of sec is more than enough time for them to exit */
719 msleep(125);
720 }
721
722 if (!list_empty(&server->pending_mid_q)) {
723 /* mpx threads have not exited yet give them
724 at least the smb send timeout time for long ops */
725 /* due to delays on oplock break requests, we need
726 to wait at least 45 seconds before giving up
727 on a request getting a response and going ahead
728 and killing cifsd */
729 cFYI(1, "Wait for exit from demultiplex thread");
730 msleep(46000);
731 /* if threads still have not exited they are probably never
732 coming home not much else we can do but free the memory */
733 }
734
735 kfree(server->hostname);
736 task_to_wake = xchg(&server->tsk, NULL); 780 task_to_wake = xchg(&server->tsk, NULL);
737 kfree(server); 781 clean_demultiplex_info(server);
738
739 length = atomic_dec_return(&tcpSesAllocCount);
740 if (length > 0)
741 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
742 GFP_KERNEL);
743 782
744 /* if server->tsk was NULL then wait for a signal before exiting */ 783 /* if server->tsk was NULL then wait for a signal before exiting */
745 if (!task_to_wake) { 784 if (!task_to_wake) {
@@ -3193,15 +3232,9 @@ mount_fail_check:
3193 else 3232 else
3194 cifs_put_tcp_session(srvTcp); 3233 cifs_put_tcp_session(srvTcp);
3195 bdi_destroy(&cifs_sb->bdi); 3234 bdi_destroy(&cifs_sb->bdi);
3196 goto out;
3197 } 3235 }
3198 3236
3199 /* volume_info->password is freed above when existing session found
3200 (in which case it is not needed anymore) but when new sesion is created
3201 the password ptr is put in the new session structure (in which case the
3202 password will be freed at unmount time) */
3203out: 3237out:
3204 /* zero out password before freeing */
3205 FreeXid(xid); 3238 FreeXid(xid);
3206 return rc; 3239 return rc;
3207} 3240}
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 378acdafa35..9f41a10523a 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -314,6 +314,8 @@ void cifsFileInfo_put(struct cifsFileInfo *cifs_file)
314 } 314 }
315 spin_unlock(&cifs_file_list_lock); 315 spin_unlock(&cifs_file_list_lock);
316 316
317 cancel_work_sync(&cifs_file->oplock_break);
318
317 if (!tcon->need_reconnect && !cifs_file->invalidHandle) { 319 if (!tcon->need_reconnect && !cifs_file->invalidHandle) {
318 int xid, rc; 320 int xid, rc;
319 321
@@ -2418,31 +2420,6 @@ void cifs_oplock_break(struct work_struct *work)
2418 cinode->clientCanCacheRead ? 1 : 0); 2420 cinode->clientCanCacheRead ? 1 : 0);
2419 cFYI(1, "Oplock release rc = %d", rc); 2421 cFYI(1, "Oplock release rc = %d", rc);
2420 } 2422 }
2421
2422 /*
2423 * We might have kicked in before is_valid_oplock_break()
2424 * finished grabbing reference for us. Make sure it's done by
2425 * waiting for cifs_file_list_lock.
2426 */
2427 spin_lock(&cifs_file_list_lock);
2428 spin_unlock(&cifs_file_list_lock);
2429
2430 cifs_oplock_break_put(cfile);
2431}
2432
2433/* must be called while holding cifs_file_list_lock */
2434void cifs_oplock_break_get(struct cifsFileInfo *cfile)
2435{
2436 cifs_sb_active(cfile->dentry->d_sb);
2437 cifsFileInfo_get(cfile);
2438}
2439
2440void cifs_oplock_break_put(struct cifsFileInfo *cfile)
2441{
2442 struct super_block *sb = cfile->dentry->d_sb;
2443
2444 cifsFileInfo_put(cfile);
2445 cifs_sb_deactive(sb);
2446} 2423}
2447 2424
2448const struct address_space_operations cifs_addr_ops = { 2425const struct address_space_operations cifs_addr_ops = {
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index 03a1f491d39..7c169339259 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -585,15 +585,8 @@ is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv)
585 585
586 cifs_set_oplock_level(pCifsInode, 586 cifs_set_oplock_level(pCifsInode,
587 pSMB->OplockLevel ? OPLOCK_READ : 0); 587 pSMB->OplockLevel ? OPLOCK_READ : 0);
588 /* 588 queue_work(system_nrt_wq,
589 * cifs_oplock_break_put() can't be called 589 &netfile->oplock_break);
590 * from here. Get reference after queueing
591 * succeeded. cifs_oplock_break() will
592 * synchronize using cifs_file_list_lock.
593 */
594 if (queue_work(system_nrt_wq,
595 &netfile->oplock_break))
596 cifs_oplock_break_get(netfile);
597 netfile->oplock_break_cancelled = false; 590 netfile->oplock_break_cancelled = false;
598 591
599 spin_unlock(&cifs_file_list_lock); 592 spin_unlock(&cifs_file_list_lock);
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index d3e619692ee..243d5872051 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -124,7 +124,8 @@ static __u32 cifs_ssetup_hdr(struct cifs_ses *ses, SESSION_SETUP_ANDX *pSMB)
124 /* that we use in next few lines */ 124 /* that we use in next few lines */
125 /* Note that header is initialized to zero in header_assemble */ 125 /* Note that header is initialized to zero in header_assemble */
126 pSMB->req.AndXCommand = 0xFF; 126 pSMB->req.AndXCommand = 0xFF;
127 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf); 127 pSMB->req.MaxBufferSize = cpu_to_le16(min_t(u32, CIFSMaxBufSize - 4,
128 USHRT_MAX));
128 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq); 129 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
129 pSMB->req.VcNumber = get_next_vcnum(ses); 130 pSMB->req.VcNumber = get_next_vcnum(ses);
130 131
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-19 08:44:15 -0400