diff options
| author | Jeff Layton <jlayton@redhat.com> | 2011-05-04 08:05:26 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2011-05-19 10:10:53 -0400 |
| commit | 820a803ffac3ef591e597bc107f8e289a823a29c (patch) | |
| tree | 246451259a7efc5027647de639a69cb121b889e0 /fs/cifs | |
| parent | 0e6e37a7a81f370d9aafafdf88aca13977f6fb5f (diff) | |
cifs: keep BCC in little-endian format
This is the same patch as originally posted, just with some merge
conflicts fixed up...
Currently, the ByteCount is usually converted to host-endian on receive.
This is confusing however, as we need to keep two sets of routines for
accessing it, and keep track of when to use each routine. Munging
received packets like this also limits when the signature can be
calulated.
Simplify the code by keeping the received ByteCount in little-endian
format. This allows us to eliminate a set of routines for accessing it
and we can now drop the *_le suffixes from the accessor functions since
that's now implied.
While we're at it, switch all of the places that read the ByteCount
directly to use the get_bcc inline which should also clean up some
unaligned accesses.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs')
| -rw-r--r-- | fs/cifs/cifs_debug.c | 2 | ||||
| -rw-r--r-- | fs/cifs/cifspdu.h | 22 | ||||
| -rw-r--r-- | fs/cifs/cifsproto.h | 1 | ||||
| -rw-r--r-- | fs/cifs/cifssmb.c | 62 | ||||
| -rw-r--r-- | fs/cifs/connect.c | 4 | ||||
| -rw-r--r-- | fs/cifs/misc.c | 4 | ||||
| -rw-r--r-- | fs/cifs/netmisc.c | 7 | ||||
| -rw-r--r-- | fs/cifs/sess.c | 2 | ||||
| -rw-r--r-- | fs/cifs/transport.c | 19 |
9 files changed, 41 insertions, 82 deletions
diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index 30d01bc90855..18f4272d9047 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c | |||
| @@ -63,7 +63,7 @@ void cifs_dump_detail(struct smb_hdr *smb) | |||
| 63 | cERROR(1, "Cmd: %d Err: 0x%x Flags: 0x%x Flgs2: 0x%x Mid: %d Pid: %d", | 63 | cERROR(1, "Cmd: %d Err: 0x%x Flags: 0x%x Flgs2: 0x%x Mid: %d Pid: %d", |
| 64 | smb->Command, smb->Status.CifsError, | 64 | smb->Command, smb->Status.CifsError, |
| 65 | smb->Flags, smb->Flags2, smb->Mid, smb->Pid); | 65 | smb->Flags, smb->Flags2, smb->Mid, smb->Pid); |
| 66 | cERROR(1, "smb buf %p len %d", smb, smbCalcSize_LE(smb)); | 66 | cERROR(1, "smb buf %p len %d", smb, smbCalcSize(smb)); |
| 67 | } | 67 | } |
| 68 | 68 | ||
| 69 | 69 | ||
diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index eac95e26d696..291d735abaac 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h | |||
| @@ -435,36 +435,18 @@ struct smb_hdr { | |||
| 435 | /* given a pointer to an smb_hdr retrieve the pointer to the byte area */ | 435 | /* given a pointer to an smb_hdr retrieve the pointer to the byte area */ |
| 436 | #define pByteArea(smb_var) (BCC(smb_var) + 2) | 436 | #define pByteArea(smb_var) (BCC(smb_var) + 2) |
| 437 | 437 | ||
| 438 | /* get the converted ByteCount for a SMB packet and return it */ | ||
| 439 | static inline __u16 | ||
| 440 | get_bcc(struct smb_hdr *hdr) | ||
| 441 | { | ||
| 442 | __u16 *bc_ptr = (__u16 *)BCC(hdr); | ||
| 443 | |||
| 444 | return get_unaligned(bc_ptr); | ||
| 445 | } | ||
| 446 | |||
| 447 | /* get the unconverted ByteCount for a SMB packet and return it */ | 438 | /* get the unconverted ByteCount for a SMB packet and return it */ |
| 448 | static inline __u16 | 439 | static inline __u16 |
| 449 | get_bcc_le(struct smb_hdr *hdr) | 440 | get_bcc(struct smb_hdr *hdr) |
| 450 | { | 441 | { |
| 451 | __le16 *bc_ptr = (__le16 *)BCC(hdr); | 442 | __le16 *bc_ptr = (__le16 *)BCC(hdr); |
| 452 | 443 | ||
| 453 | return get_unaligned_le16(bc_ptr); | 444 | return get_unaligned_le16(bc_ptr); |
| 454 | } | 445 | } |
| 455 | 446 | ||
| 456 | /* set the ByteCount for a SMB packet in host-byte order */ | ||
| 457 | static inline void | ||
| 458 | put_bcc(__u16 count, struct smb_hdr *hdr) | ||
| 459 | { | ||
| 460 | __u16 *bc_ptr = (__u16 *)BCC(hdr); | ||
| 461 | |||
| 462 | put_unaligned(count, bc_ptr); | ||
| 463 | } | ||
| 464 | |||
| 465 | /* set the ByteCount for a SMB packet in little-endian */ | 447 | /* set the ByteCount for a SMB packet in little-endian */ |
| 466 | static inline void | 448 | static inline void |
| 467 | put_bcc_le(__u16 count, struct smb_hdr *hdr) | 449 | put_bcc(__u16 count, struct smb_hdr *hdr) |
| 468 | { | 450 | { |
| 469 | __le16 *bc_ptr = (__le16 *)BCC(hdr); | 451 | __le16 *bc_ptr = (__le16 *)BCC(hdr); |
| 470 | 452 | ||
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 7c1ed01d03f8..136d2f2febcc 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h | |||
| @@ -93,7 +93,6 @@ extern void cifs_update_eof(struct cifsInodeInfo *cifsi, loff_t offset, | |||
| 93 | extern struct cifsFileInfo *find_writable_file(struct cifsInodeInfo *, bool); | 93 | extern struct cifsFileInfo *find_writable_file(struct cifsInodeInfo *, bool); |
| 94 | extern struct cifsFileInfo *find_readable_file(struct cifsInodeInfo *, bool); | 94 | extern struct cifsFileInfo *find_readable_file(struct cifsInodeInfo *, bool); |
| 95 | extern unsigned int smbCalcSize(struct smb_hdr *ptr); | 95 | extern unsigned int smbCalcSize(struct smb_hdr *ptr); |
| 96 | extern unsigned int smbCalcSize_LE(struct smb_hdr *ptr); | ||
| 97 | extern int decode_negTokenInit(unsigned char *security_blob, int length, | 96 | extern int decode_negTokenInit(unsigned char *security_blob, int length, |
| 98 | struct TCP_Server_Info *server); | 97 | struct TCP_Server_Info *server); |
| 99 | extern int cifs_convert_address(struct sockaddr *dst, const char *src, int len); | 98 | extern int cifs_convert_address(struct sockaddr *dst, const char *src, int len); |
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 88004094ebd1..83df937b814e 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
| @@ -582,7 +582,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
| 582 | 582 | ||
| 583 | if ((pSMBr->hdr.Flags2 & SMBFLG2_EXT_SEC) && | 583 | if ((pSMBr->hdr.Flags2 & SMBFLG2_EXT_SEC) && |
| 584 | (server->capabilities & CAP_EXTENDED_SECURITY)) { | 584 | (server->capabilities & CAP_EXTENDED_SECURITY)) { |
| 585 | count = pSMBr->ByteCount; | 585 | count = get_bcc(&pSMBr->hdr); |
| 586 | if (count < 16) { | 586 | if (count < 16) { |
| 587 | rc = -EIO; | 587 | rc = -EIO; |
| 588 | goto neg_err_exit; | 588 | goto neg_err_exit; |
| @@ -736,7 +736,7 @@ CIFSSMBEcho(struct TCP_Server_Info *server) | |||
| 736 | smb->hdr.Tid = 0xffff; | 736 | smb->hdr.Tid = 0xffff; |
| 737 | smb->hdr.WordCount = 1; | 737 | smb->hdr.WordCount = 1; |
| 738 | put_unaligned_le16(1, &smb->EchoCount); | 738 | put_unaligned_le16(1, &smb->EchoCount); |
| 739 | put_bcc_le(1, &smb->hdr); | 739 | put_bcc(1, &smb->hdr); |
| 740 | smb->Data[0] = 'a'; | 740 | smb->Data[0] = 'a'; |
| 741 | inc_rfc1001_len(smb, 3); | 741 | inc_rfc1001_len(smb, 3); |
| 742 | 742 | ||
| @@ -1079,7 +1079,7 @@ PsxCreat: | |||
| 1079 | cFYI(1, "copying inode info"); | 1079 | cFYI(1, "copying inode info"); |
| 1080 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 1080 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 1081 | 1081 | ||
| 1082 | if (rc || (pSMBr->ByteCount < sizeof(OPEN_PSX_RSP))) { | 1082 | if (rc || get_bcc(&pSMBr->hdr) < sizeof(OPEN_PSX_RSP)) { |
| 1083 | rc = -EIO; /* bad smb */ | 1083 | rc = -EIO; /* bad smb */ |
| 1084 | goto psx_create_err; | 1084 | goto psx_create_err; |
| 1085 | } | 1085 | } |
| @@ -1100,7 +1100,7 @@ PsxCreat: | |||
| 1100 | pRetData->Type = cpu_to_le32(-1); /* unknown */ | 1100 | pRetData->Type = cpu_to_le32(-1); /* unknown */ |
| 1101 | cFYI(DBG2, "unknown type"); | 1101 | cFYI(DBG2, "unknown type"); |
| 1102 | } else { | 1102 | } else { |
| 1103 | if (pSMBr->ByteCount < sizeof(OPEN_PSX_RSP) | 1103 | if (get_bcc(&pSMBr->hdr) < sizeof(OPEN_PSX_RSP) |
| 1104 | + sizeof(FILE_UNIX_BASIC_INFO)) { | 1104 | + sizeof(FILE_UNIX_BASIC_INFO)) { |
| 1105 | cERROR(1, "Open response data too small"); | 1105 | cERROR(1, "Open response data too small"); |
| 1106 | pRetData->Type = cpu_to_le32(-1); | 1106 | pRetData->Type = cpu_to_le32(-1); |
| @@ -1867,7 +1867,7 @@ CIFSSMBPosixLock(const int xid, struct cifsTconInfo *tcon, | |||
| 1867 | __u16 data_count; | 1867 | __u16 data_count; |
| 1868 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 1868 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 1869 | 1869 | ||
| 1870 | if (rc || (pSMBr->ByteCount < sizeof(struct cifs_posix_lock))) { | 1870 | if (rc || get_bcc(&pSMBr->hdr) < sizeof(*parm_data)) { |
| 1871 | rc = -EIO; /* bad smb */ | 1871 | rc = -EIO; /* bad smb */ |
| 1872 | goto plk_err_exit; | 1872 | goto plk_err_exit; |
| 1873 | } | 1873 | } |
| @@ -2494,7 +2494,7 @@ querySymLinkRetry: | |||
| 2494 | 2494 | ||
| 2495 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 2495 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 2496 | /* BB also check enough total bytes returned */ | 2496 | /* BB also check enough total bytes returned */ |
| 2497 | if (rc || (pSMBr->ByteCount < 2)) | 2497 | if (rc || get_bcc(&pSMBr->hdr) < 2) |
| 2498 | rc = -EIO; | 2498 | rc = -EIO; |
| 2499 | else { | 2499 | else { |
| 2500 | bool is_unicode; | 2500 | bool is_unicode; |
| @@ -2576,14 +2576,14 @@ CIFSSMBQueryReparseLinkInfo(const int xid, struct cifsTconInfo *tcon, | |||
| 2576 | } else { /* decode response */ | 2576 | } else { /* decode response */ |
| 2577 | __u32 data_offset = le32_to_cpu(pSMBr->DataOffset); | 2577 | __u32 data_offset = le32_to_cpu(pSMBr->DataOffset); |
| 2578 | __u32 data_count = le32_to_cpu(pSMBr->DataCount); | 2578 | __u32 data_count = le32_to_cpu(pSMBr->DataCount); |
| 2579 | if ((pSMBr->ByteCount < 2) || (data_offset > 512)) { | 2579 | if (get_bcc(&pSMBr->hdr) < 2 || data_offset > 512) { |
| 2580 | /* BB also check enough total bytes returned */ | 2580 | /* BB also check enough total bytes returned */ |
| 2581 | rc = -EIO; /* bad smb */ | 2581 | rc = -EIO; /* bad smb */ |
| 2582 | goto qreparse_out; | 2582 | goto qreparse_out; |
| 2583 | } | 2583 | } |
| 2584 | if (data_count && (data_count < 2048)) { | 2584 | if (data_count && (data_count < 2048)) { |
| 2585 | char *end_of_smb = 2 /* sizeof byte count */ + | 2585 | char *end_of_smb = 2 /* sizeof byte count */ + |
| 2586 | pSMBr->ByteCount + (char *)&pSMBr->ByteCount; | 2586 | get_bcc(&pSMBr->hdr) + (char *)&pSMBr->ByteCount; |
| 2587 | 2587 | ||
| 2588 | struct reparse_data *reparse_buf = | 2588 | struct reparse_data *reparse_buf = |
| 2589 | (struct reparse_data *) | 2589 | (struct reparse_data *) |
| @@ -2841,8 +2841,8 @@ queryAclRetry: | |||
| 2841 | /* decode response */ | 2841 | /* decode response */ |
| 2842 | 2842 | ||
| 2843 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 2843 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 2844 | if (rc || (pSMBr->ByteCount < 2)) | ||
| 2845 | /* BB also check enough total bytes returned */ | 2844 | /* BB also check enough total bytes returned */ |
| 2845 | if (rc || get_bcc(&pSMBr->hdr) < 2) | ||
| 2846 | rc = -EIO; /* bad smb */ | 2846 | rc = -EIO; /* bad smb */ |
| 2847 | else { | 2847 | else { |
| 2848 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | 2848 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
| @@ -2991,8 +2991,8 @@ GetExtAttrRetry: | |||
| 2991 | } else { | 2991 | } else { |
| 2992 | /* decode response */ | 2992 | /* decode response */ |
| 2993 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 2993 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 2994 | if (rc || (pSMBr->ByteCount < 2)) | ||
| 2995 | /* BB also check enough total bytes returned */ | 2994 | /* BB also check enough total bytes returned */ |
| 2995 | if (rc || get_bcc(&pSMBr->hdr) < 2) | ||
| 2996 | /* If rc should we check for EOPNOSUPP and | 2996 | /* If rc should we check for EOPNOSUPP and |
| 2997 | disable the srvino flag? or in caller? */ | 2997 | disable the srvino flag? or in caller? */ |
| 2998 | rc = -EIO; /* bad smb */ | 2998 | rc = -EIO; /* bad smb */ |
| @@ -3067,6 +3067,7 @@ validate_ntransact(char *buf, char **ppparm, char **ppdata, | |||
| 3067 | char *end_of_smb; | 3067 | char *end_of_smb; |
| 3068 | __u32 data_count, data_offset, parm_count, parm_offset; | 3068 | __u32 data_count, data_offset, parm_count, parm_offset; |
| 3069 | struct smb_com_ntransact_rsp *pSMBr; | 3069 | struct smb_com_ntransact_rsp *pSMBr; |
| 3070 | u16 bcc; | ||
| 3070 | 3071 | ||
| 3071 | *pdatalen = 0; | 3072 | *pdatalen = 0; |
| 3072 | *pparmlen = 0; | 3073 | *pparmlen = 0; |
| @@ -3076,8 +3077,8 @@ validate_ntransact(char *buf, char **ppparm, char **ppdata, | |||
| 3076 | 3077 | ||
| 3077 | pSMBr = (struct smb_com_ntransact_rsp *)buf; | 3078 | pSMBr = (struct smb_com_ntransact_rsp *)buf; |
| 3078 | 3079 | ||
| 3079 | /* ByteCount was converted from little endian in SendReceive */ | 3080 | bcc = get_bcc(&pSMBr->hdr); |
| 3080 | end_of_smb = 2 /* sizeof byte count */ + pSMBr->ByteCount + | 3081 | end_of_smb = 2 /* sizeof byte count */ + bcc + |
| 3081 | (char *)&pSMBr->ByteCount; | 3082 | (char *)&pSMBr->ByteCount; |
| 3082 | 3083 | ||
| 3083 | data_offset = le32_to_cpu(pSMBr->DataOffset); | 3084 | data_offset = le32_to_cpu(pSMBr->DataOffset); |
| @@ -3103,7 +3104,7 @@ validate_ntransact(char *buf, char **ppparm, char **ppdata, | |||
| 3103 | *ppdata, data_count, (data_count + *ppdata), | 3104 | *ppdata, data_count, (data_count + *ppdata), |
| 3104 | end_of_smb, pSMBr); | 3105 | end_of_smb, pSMBr); |
| 3105 | return -EINVAL; | 3106 | return -EINVAL; |
| 3106 | } else if (parm_count + data_count > pSMBr->ByteCount) { | 3107 | } else if (parm_count + data_count > bcc) { |
| 3107 | cFYI(1, "parm count and data count larger than SMB"); | 3108 | cFYI(1, "parm count and data count larger than SMB"); |
| 3108 | return -EINVAL; | 3109 | return -EINVAL; |
| 3109 | } | 3110 | } |
| @@ -3389,7 +3390,7 @@ QFileInfoRetry: | |||
| 3389 | 3390 | ||
| 3390 | if (rc) /* BB add auto retry on EOPNOTSUPP? */ | 3391 | if (rc) /* BB add auto retry on EOPNOTSUPP? */ |
| 3391 | rc = -EIO; | 3392 | rc = -EIO; |
| 3392 | else if (pSMBr->ByteCount < 40) | 3393 | else if (get_bcc(&pSMBr->hdr) < 40) |
| 3393 | rc = -EIO; /* bad smb */ | 3394 | rc = -EIO; /* bad smb */ |
| 3394 | else if (pFindData) { | 3395 | else if (pFindData) { |
| 3395 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | 3396 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
| @@ -3477,9 +3478,9 @@ QPathInfoRetry: | |||
| 3477 | 3478 | ||
| 3478 | if (rc) /* BB add auto retry on EOPNOTSUPP? */ | 3479 | if (rc) /* BB add auto retry on EOPNOTSUPP? */ |
| 3479 | rc = -EIO; | 3480 | rc = -EIO; |
| 3480 | else if (!legacy && (pSMBr->ByteCount < 40)) | 3481 | else if (!legacy && get_bcc(&pSMBr->hdr) < 40) |
| 3481 | rc = -EIO; /* bad smb */ | 3482 | rc = -EIO; /* bad smb */ |
| 3482 | else if (legacy && (pSMBr->ByteCount < 24)) | 3483 | else if (legacy && get_bcc(&pSMBr->hdr) < 24) |
| 3483 | rc = -EIO; /* 24 or 26 expected but we do not read | 3484 | rc = -EIO; /* 24 or 26 expected but we do not read |
| 3484 | last field */ | 3485 | last field */ |
| 3485 | else if (pFindData) { | 3486 | else if (pFindData) { |
| @@ -3555,7 +3556,7 @@ UnixQFileInfoRetry: | |||
| 3555 | } else { /* decode response */ | 3556 | } else { /* decode response */ |
| 3556 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 3557 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 3557 | 3558 | ||
| 3558 | if (rc || (pSMBr->ByteCount < sizeof(FILE_UNIX_BASIC_INFO))) { | 3559 | if (rc || get_bcc(&pSMBr->hdr) < sizeof(FILE_UNIX_BASIC_INFO)) { |
| 3559 | cERROR(1, "Malformed FILE_UNIX_BASIC_INFO response.\n" | 3560 | cERROR(1, "Malformed FILE_UNIX_BASIC_INFO response.\n" |
| 3560 | "Unix Extensions can be disabled on mount " | 3561 | "Unix Extensions can be disabled on mount " |
| 3561 | "by specifying the nosfu mount option."); | 3562 | "by specifying the nosfu mount option."); |
| @@ -3641,7 +3642,7 @@ UnixQPathInfoRetry: | |||
| 3641 | } else { /* decode response */ | 3642 | } else { /* decode response */ |
| 3642 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 3643 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 3643 | 3644 | ||
| 3644 | if (rc || (pSMBr->ByteCount < sizeof(FILE_UNIX_BASIC_INFO))) { | 3645 | if (rc || get_bcc(&pSMBr->hdr) < sizeof(FILE_UNIX_BASIC_INFO)) { |
| 3645 | cERROR(1, "Malformed FILE_UNIX_BASIC_INFO response.\n" | 3646 | cERROR(1, "Malformed FILE_UNIX_BASIC_INFO response.\n" |
| 3646 | "Unix Extensions can be disabled on mount " | 3647 | "Unix Extensions can be disabled on mount " |
| 3647 | "by specifying the nosfu mount option."); | 3648 | "by specifying the nosfu mount option."); |
| @@ -4046,8 +4047,8 @@ GetInodeNumberRetry: | |||
| 4046 | } else { | 4047 | } else { |
| 4047 | /* decode response */ | 4048 | /* decode response */ |
| 4048 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4049 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4049 | if (rc || (pSMBr->ByteCount < 2)) | ||
| 4050 | /* BB also check enough total bytes returned */ | 4050 | /* BB also check enough total bytes returned */ |
| 4051 | if (rc || get_bcc(&pSMBr->hdr) < 2) | ||
| 4051 | /* If rc should we check for EOPNOSUPP and | 4052 | /* If rc should we check for EOPNOSUPP and |
| 4052 | disable the srvino flag? or in caller? */ | 4053 | disable the srvino flag? or in caller? */ |
| 4053 | rc = -EIO; /* bad smb */ | 4054 | rc = -EIO; /* bad smb */ |
| @@ -4272,13 +4273,13 @@ getDFSRetry: | |||
| 4272 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4273 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4273 | 4274 | ||
| 4274 | /* BB Also check if enough total bytes returned? */ | 4275 | /* BB Also check if enough total bytes returned? */ |
| 4275 | if (rc || (pSMBr->ByteCount < 17)) { | 4276 | if (rc || get_bcc(&pSMBr->hdr) < 17) { |
| 4276 | rc = -EIO; /* bad smb */ | 4277 | rc = -EIO; /* bad smb */ |
| 4277 | goto GetDFSRefExit; | 4278 | goto GetDFSRefExit; |
| 4278 | } | 4279 | } |
| 4279 | 4280 | ||
| 4280 | cFYI(1, "Decoding GetDFSRefer response BCC: %d Offset %d", | 4281 | cFYI(1, "Decoding GetDFSRefer response BCC: %d Offset %d", |
| 4281 | pSMBr->ByteCount, | 4282 | get_bcc(&pSMBr->hdr), |
| 4282 | le16_to_cpu(pSMBr->t2.DataOffset)); | 4283 | le16_to_cpu(pSMBr->t2.DataOffset)); |
| 4283 | 4284 | ||
| 4284 | /* parse returned result into more usable form */ | 4285 | /* parse returned result into more usable form */ |
| @@ -4344,12 +4345,12 @@ oldQFSInfoRetry: | |||
| 4344 | } else { /* decode response */ | 4345 | } else { /* decode response */ |
| 4345 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4346 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4346 | 4347 | ||
| 4347 | if (rc || (pSMBr->ByteCount < 18)) | 4348 | if (rc || get_bcc(&pSMBr->hdr) < 18) |
| 4348 | rc = -EIO; /* bad smb */ | 4349 | rc = -EIO; /* bad smb */ |
| 4349 | else { | 4350 | else { |
| 4350 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | 4351 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
| 4351 | cFYI(1, "qfsinf resp BCC: %d Offset %d", | 4352 | cFYI(1, "qfsinf resp BCC: %d Offset %d", |
| 4352 | pSMBr->ByteCount, data_offset); | 4353 | get_bcc(&pSMBr->hdr), data_offset); |
| 4353 | 4354 | ||
| 4354 | response_data = (FILE_SYSTEM_ALLOC_INFO *) | 4355 | response_data = (FILE_SYSTEM_ALLOC_INFO *) |
| 4355 | (((char *) &pSMBr->hdr.Protocol) + data_offset); | 4356 | (((char *) &pSMBr->hdr.Protocol) + data_offset); |
| @@ -4423,7 +4424,7 @@ QFSInfoRetry: | |||
| 4423 | } else { /* decode response */ | 4424 | } else { /* decode response */ |
| 4424 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4425 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4425 | 4426 | ||
| 4426 | if (rc || (pSMBr->ByteCount < 24)) | 4427 | if (rc || get_bcc(&pSMBr->hdr) < 24) |
| 4427 | rc = -EIO; /* bad smb */ | 4428 | rc = -EIO; /* bad smb */ |
| 4428 | else { | 4429 | else { |
| 4429 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | 4430 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
| @@ -4503,7 +4504,7 @@ QFSAttributeRetry: | |||
| 4503 | } else { /* decode response */ | 4504 | } else { /* decode response */ |
| 4504 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4505 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4505 | 4506 | ||
| 4506 | if (rc || (pSMBr->ByteCount < 13)) { | 4507 | if (rc || get_bcc(&pSMBr->hdr) < 13) { |
| 4507 | /* BB also check if enough bytes returned */ | 4508 | /* BB also check if enough bytes returned */ |
| 4508 | rc = -EIO; /* bad smb */ | 4509 | rc = -EIO; /* bad smb */ |
| 4509 | } else { | 4510 | } else { |
| @@ -4574,7 +4575,8 @@ QFSDeviceRetry: | |||
| 4574 | } else { /* decode response */ | 4575 | } else { /* decode response */ |
| 4575 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4576 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4576 | 4577 | ||
| 4577 | if (rc || (pSMBr->ByteCount < sizeof(FILE_SYSTEM_DEVICE_INFO))) | 4578 | if (rc || get_bcc(&pSMBr->hdr) < |
| 4579 | sizeof(FILE_SYSTEM_DEVICE_INFO)) | ||
| 4578 | rc = -EIO; /* bad smb */ | 4580 | rc = -EIO; /* bad smb */ |
| 4579 | else { | 4581 | else { |
| 4580 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | 4582 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
| @@ -4643,7 +4645,7 @@ QFSUnixRetry: | |||
| 4643 | } else { /* decode response */ | 4645 | } else { /* decode response */ |
| 4644 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4646 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4645 | 4647 | ||
| 4646 | if (rc || (pSMBr->ByteCount < 13)) { | 4648 | if (rc || get_bcc(&pSMBr->hdr) < 13) { |
| 4647 | rc = -EIO; /* bad smb */ | 4649 | rc = -EIO; /* bad smb */ |
| 4648 | } else { | 4650 | } else { |
| 4649 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | 4651 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
| @@ -4788,7 +4790,7 @@ QFSPosixRetry: | |||
| 4788 | } else { /* decode response */ | 4790 | } else { /* decode response */ |
| 4789 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 4791 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 4790 | 4792 | ||
| 4791 | if (rc || (pSMBr->ByteCount < 13)) { | 4793 | if (rc || get_bcc(&pSMBr->hdr) < 13) { |
| 4792 | rc = -EIO; /* bad smb */ | 4794 | rc = -EIO; /* bad smb */ |
| 4793 | } else { | 4795 | } else { |
| 4794 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | 4796 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
| @@ -5517,7 +5519,7 @@ QAllEAsRetry: | |||
| 5517 | of these trans2 responses */ | 5519 | of these trans2 responses */ |
| 5518 | 5520 | ||
| 5519 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 5521 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
| 5520 | if (rc || (pSMBr->ByteCount < 4)) { | 5522 | if (rc || get_bcc(&pSMBr->hdr) < 4) { |
| 5521 | rc = -EIO; /* bad smb */ | 5523 | rc = -EIO; /* bad smb */ |
| 5522 | goto QAllEAsOut; | 5524 | goto QAllEAsOut; |
| 5523 | } | 5525 | } |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 5d331cdd0b27..2b511991187a 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
| @@ -317,12 +317,12 @@ static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB) | |||
| 317 | put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount); | 317 | put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount); |
| 318 | 318 | ||
| 319 | /* fix up the BCC */ | 319 | /* fix up the BCC */ |
| 320 | byte_count = get_bcc_le(pTargetSMB); | 320 | byte_count = get_bcc(pTargetSMB); |
| 321 | byte_count += total_in_buf2; | 321 | byte_count += total_in_buf2; |
| 322 | /* is the result too big for the field? */ | 322 | /* is the result too big for the field? */ |
| 323 | if (byte_count > USHRT_MAX) | 323 | if (byte_count > USHRT_MAX) |
| 324 | return -EPROTO; | 324 | return -EPROTO; |
| 325 | put_bcc_le(byte_count, pTargetSMB); | 325 | put_bcc(byte_count, pTargetSMB); |
| 326 | 326 | ||
| 327 | byte_count = be32_to_cpu(pTargetSMB->smb_buf_length); | 327 | byte_count = be32_to_cpu(pTargetSMB->smb_buf_length); |
| 328 | byte_count += total_in_buf2; | 328 | byte_count += total_in_buf2; |
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c index 533f863067e5..907531ac5888 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c | |||
| @@ -462,7 +462,7 @@ checkSMB(struct smb_hdr *smb, __u16 mid, unsigned int length) | |||
| 462 | 462 | ||
| 463 | if (check_smb_hdr(smb, mid)) | 463 | if (check_smb_hdr(smb, mid)) |
| 464 | return 1; | 464 | return 1; |
| 465 | clc_len = smbCalcSize_LE(smb); | 465 | clc_len = smbCalcSize(smb); |
| 466 | 466 | ||
| 467 | if (4 + len != length) { | 467 | if (4 + len != length) { |
| 468 | cERROR(1, "Length read does not match RFC1001 length %d", | 468 | cERROR(1, "Length read does not match RFC1001 length %d", |
| @@ -519,7 +519,7 @@ is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv) | |||
| 519 | (struct smb_com_transaction_change_notify_rsp *)buf; | 519 | (struct smb_com_transaction_change_notify_rsp *)buf; |
| 520 | struct file_notify_information *pnotify; | 520 | struct file_notify_information *pnotify; |
| 521 | __u32 data_offset = 0; | 521 | __u32 data_offset = 0; |
| 522 | if (get_bcc_le(buf) > sizeof(struct file_notify_information)) { | 522 | if (get_bcc(buf) > sizeof(struct file_notify_information)) { |
| 523 | data_offset = le32_to_cpu(pSMBr->DataOffset); | 523 | data_offset = le32_to_cpu(pSMBr->DataOffset); |
| 524 | 524 | ||
| 525 | pnotify = (struct file_notify_information *) | 525 | pnotify = (struct file_notify_information *) |
diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c index 79f641eeda30..79b71c2c7c9d 100644 --- a/fs/cifs/netmisc.c +++ b/fs/cifs/netmisc.c | |||
| @@ -919,13 +919,6 @@ smbCalcSize(struct smb_hdr *ptr) | |||
| 919 | 2 /* size of the bcc field */ + get_bcc(ptr)); | 919 | 2 /* size of the bcc field */ + get_bcc(ptr)); |
| 920 | } | 920 | } |
| 921 | 921 | ||
| 922 | unsigned int | ||
| 923 | smbCalcSize_LE(struct smb_hdr *ptr) | ||
| 924 | { | ||
| 925 | return (sizeof(struct smb_hdr) + (2 * ptr->WordCount) + | ||
| 926 | 2 /* size of the bcc field */ + get_bcc_le(ptr)); | ||
| 927 | } | ||
| 928 | |||
| 929 | /* The following are taken from fs/ntfs/util.c */ | 922 | /* The following are taken from fs/ntfs/util.c */ |
| 930 | 923 | ||
| 931 | #define NTFS_TIME_OFFSET ((u64)(369*365 + 89) * 24 * 3600 * 10000000) | 924 | #define NTFS_TIME_OFFSET ((u64)(369*365 + 89) * 24 * 3600 * 10000000) |
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 1daadade4d3c..7dd462100378 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c | |||
| @@ -862,7 +862,7 @@ ssetup_ntlmssp_authenticate: | |||
| 862 | smb_buf->smb_buf_length = | 862 | smb_buf->smb_buf_length = |
| 863 | cpu_to_be32(be32_to_cpu(smb_buf->smb_buf_length) + count); | 863 | cpu_to_be32(be32_to_cpu(smb_buf->smb_buf_length) + count); |
| 864 | 864 | ||
| 865 | put_bcc_le(count, smb_buf); | 865 | put_bcc(count, smb_buf); |
| 866 | 866 | ||
| 867 | rc = SendReceive2(xid, ses, iov, 3 /* num_iovecs */, &resp_buf_type, | 867 | rc = SendReceive2(xid, ses, iov, 3 /* num_iovecs */, &resp_buf_type, |
| 868 | CIFS_LOG_ERROR); | 868 | CIFS_LOG_ERROR); |
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c index 19df0e5af122..f2513fb8c391 100644 --- a/fs/cifs/transport.c +++ b/fs/cifs/transport.c | |||
| @@ -484,7 +484,7 @@ send_nt_cancel(struct TCP_Server_Info *server, struct smb_hdr *in_buf, | |||
| 484 | in_buf->smb_buf_length = cpu_to_be32(sizeof(struct smb_hdr) - 4 + 2); | 484 | in_buf->smb_buf_length = cpu_to_be32(sizeof(struct smb_hdr) - 4 + 2); |
| 485 | in_buf->Command = SMB_COM_NT_CANCEL; | 485 | in_buf->Command = SMB_COM_NT_CANCEL; |
| 486 | in_buf->WordCount = 0; | 486 | in_buf->WordCount = 0; |
| 487 | put_bcc_le(0, in_buf); | 487 | put_bcc(0, in_buf); |
| 488 | 488 | ||
| 489 | mutex_lock(&server->srv_mutex); | 489 | mutex_lock(&server->srv_mutex); |
| 490 | rc = cifs_sign_smb(in_buf, server, &mid->sequence_number); | 490 | rc = cifs_sign_smb(in_buf, server, &mid->sequence_number); |
| @@ -644,11 +644,6 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses, | |||
| 644 | rc = map_smb_to_linux_error(midQ->resp_buf, | 644 | rc = map_smb_to_linux_error(midQ->resp_buf, |
| 645 | flags & CIFS_LOG_ERROR); | 645 | flags & CIFS_LOG_ERROR); |
| 646 | 646 | ||
| 647 | /* convert ByteCount if necessary */ | ||
| 648 | if (receive_len >= sizeof(struct smb_hdr) - 4 | ||
| 649 | /* do not count RFC1001 header */ + | ||
| 650 | (2 * midQ->resp_buf->WordCount) + 2 /* bcc */ ) | ||
| 651 | put_bcc(get_bcc_le(midQ->resp_buf), midQ->resp_buf); | ||
| 652 | if ((flags & CIFS_NO_RESP) == 0) | 647 | if ((flags & CIFS_NO_RESP) == 0) |
| 653 | midQ->resp_buf = NULL; /* mark it so buf will | 648 | midQ->resp_buf = NULL; /* mark it so buf will |
| 654 | not be freed by | 649 | not be freed by |
| @@ -798,12 +793,6 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses, | |||
| 798 | 793 | ||
| 799 | /* BB special case reconnect tid and uid here? */ | 794 | /* BB special case reconnect tid and uid here? */ |
| 800 | rc = map_smb_to_linux_error(out_buf, 0 /* no log */ ); | 795 | rc = map_smb_to_linux_error(out_buf, 0 /* no log */ ); |
| 801 | |||
| 802 | /* convert ByteCount if necessary */ | ||
| 803 | if (receive_len >= sizeof(struct smb_hdr) - 4 | ||
| 804 | /* do not count RFC1001 header */ + | ||
| 805 | (2 * out_buf->WordCount) + 2 /* bcc */ ) | ||
| 806 | put_bcc(get_bcc_le(midQ->resp_buf), midQ->resp_buf); | ||
| 807 | } else { | 796 | } else { |
| 808 | rc = -EIO; | 797 | rc = -EIO; |
| 809 | cERROR(1, "Bad MID state?"); | 798 | cERROR(1, "Bad MID state?"); |
| @@ -1012,12 +1001,6 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon, | |||
| 1012 | /* BB special case reconnect tid and uid here? */ | 1001 | /* BB special case reconnect tid and uid here? */ |
| 1013 | rc = map_smb_to_linux_error(out_buf, 0 /* no log */ ); | 1002 | rc = map_smb_to_linux_error(out_buf, 0 /* no log */ ); |
| 1014 | 1003 | ||
| 1015 | /* convert ByteCount if necessary */ | ||
| 1016 | if (receive_len >= sizeof(struct smb_hdr) - 4 | ||
| 1017 | /* do not count RFC1001 header */ + | ||
| 1018 | (2 * out_buf->WordCount) + 2 /* bcc */ ) | ||
| 1019 | put_bcc(get_bcc_le(out_buf), out_buf); | ||
| 1020 | |||
| 1021 | out: | 1004 | out: |
| 1022 | delete_mid(midQ); | 1005 | delete_mid(midQ); |
| 1023 | if (rstart && rc == -EACCES) | 1006 | if (rstart && rc == -EACCES) |