diff options
| author | Jeff Layton <jlayton@redhat.com> | 2010-09-29 15:27:08 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2010-10-01 13:50:08 -0400 |
| commit | f569599ae70f0899035f8d5876a7939f629c5976 (patch) | |
| tree | 4d7f7c32b9c89f15841bdbf372e75afe09bdef53 /fs | |
| parent | 522440ed55d2cc8855ea5f82bc067e0483b2e1be (diff) | |
cifs: prevent infinite recursion in cifs_reconnect_tcon
cifs_reconnect_tcon is called from smb_init. After a successful
reconnect, cifs_reconnect_tcon will call reset_cifs_unix_caps. That
function will, in turn call CIFSSMBQFSUnixInfo and CIFSSMBSetFSUnixInfo.
Those functions also call smb_init.
It's possible for the session and tcon reconnect to succeed, and then
for another cifs_reconnect to occur before CIFSSMBQFSUnixInfo or
CIFSSMBSetFSUnixInfo to be called. That'll cause those functions to call
smb_init and cifs_reconnect_tcon again, ad infinitum...
Break the infinite recursion by having those functions use a new
smb_init variant that doesn't attempt to perform a reconnect.
Reported-and-Tested-by: Michal Suchanek <hramrach@centrum.cz>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/cifs/cifssmb.c | 49 |
1 files changed, 33 insertions, 16 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index c65c3419dd37..7e83b356cc9e 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
| @@ -232,7 +232,7 @@ static int | |||
| 232 | small_smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, | 232 | small_smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, |
| 233 | void **request_buf) | 233 | void **request_buf) |
| 234 | { | 234 | { |
| 235 | int rc = 0; | 235 | int rc; |
| 236 | 236 | ||
| 237 | rc = cifs_reconnect_tcon(tcon, smb_command); | 237 | rc = cifs_reconnect_tcon(tcon, smb_command); |
| 238 | if (rc) | 238 | if (rc) |
| @@ -250,7 +250,7 @@ small_smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, | |||
| 250 | if (tcon != NULL) | 250 | if (tcon != NULL) |
| 251 | cifs_stats_inc(&tcon->num_smbs_sent); | 251 | cifs_stats_inc(&tcon->num_smbs_sent); |
| 252 | 252 | ||
| 253 | return rc; | 253 | return 0; |
| 254 | } | 254 | } |
| 255 | 255 | ||
| 256 | int | 256 | int |
| @@ -281,16 +281,9 @@ small_smb_init_no_tc(const int smb_command, const int wct, | |||
| 281 | 281 | ||
| 282 | /* If the return code is zero, this function must fill in request_buf pointer */ | 282 | /* If the return code is zero, this function must fill in request_buf pointer */ |
| 283 | static int | 283 | static int |
| 284 | smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, | 284 | __smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, |
| 285 | void **request_buf /* returned */ , | 285 | void **request_buf, void **response_buf) |
| 286 | void **response_buf /* returned */ ) | ||
| 287 | { | 286 | { |
| 288 | int rc = 0; | ||
| 289 | |||
| 290 | rc = cifs_reconnect_tcon(tcon, smb_command); | ||
| 291 | if (rc) | ||
| 292 | return rc; | ||
| 293 | |||
| 294 | *request_buf = cifs_buf_get(); | 287 | *request_buf = cifs_buf_get(); |
| 295 | if (*request_buf == NULL) { | 288 | if (*request_buf == NULL) { |
| 296 | /* BB should we add a retry in here if not a writepage? */ | 289 | /* BB should we add a retry in here if not a writepage? */ |
| @@ -309,7 +302,31 @@ smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, | |||
| 309 | if (tcon != NULL) | 302 | if (tcon != NULL) |
| 310 | cifs_stats_inc(&tcon->num_smbs_sent); | 303 | cifs_stats_inc(&tcon->num_smbs_sent); |
| 311 | 304 | ||
| 312 | return rc; | 305 | return 0; |
| 306 | } | ||
| 307 | |||
| 308 | /* If the return code is zero, this function must fill in request_buf pointer */ | ||
| 309 | static int | ||
| 310 | smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, | ||
| 311 | void **request_buf, void **response_buf) | ||
| 312 | { | ||
| 313 | int rc; | ||
| 314 | |||
| 315 | rc = cifs_reconnect_tcon(tcon, smb_command); | ||
| 316 | if (rc) | ||
| 317 | return rc; | ||
| 318 | |||
| 319 | return __smb_init(smb_command, wct, tcon, request_buf, response_buf); | ||
| 320 | } | ||
| 321 | |||
| 322 | static int | ||
| 323 | smb_init_no_reconnect(int smb_command, int wct, struct cifsTconInfo *tcon, | ||
| 324 | void **request_buf, void **response_buf) | ||
| 325 | { | ||
| 326 | if (tcon->ses->need_reconnect || tcon->need_reconnect) | ||
| 327 | return -EHOSTDOWN; | ||
| 328 | |||
| 329 | return __smb_init(smb_command, wct, tcon, request_buf, response_buf); | ||
| 313 | } | 330 | } |
| 314 | 331 | ||
| 315 | static int validate_t2(struct smb_t2_rsp *pSMB) | 332 | static int validate_t2(struct smb_t2_rsp *pSMB) |
| @@ -4534,8 +4551,8 @@ CIFSSMBQFSUnixInfo(const int xid, struct cifsTconInfo *tcon) | |||
| 4534 | 4551 | ||
| 4535 | cFYI(1, "In QFSUnixInfo"); | 4552 | cFYI(1, "In QFSUnixInfo"); |
| 4536 | QFSUnixRetry: | 4553 | QFSUnixRetry: |
| 4537 | rc = smb_init(SMB_COM_TRANSACTION2, 15, tcon, (void **) &pSMB, | 4554 | rc = smb_init_no_reconnect(SMB_COM_TRANSACTION2, 15, tcon, |
| 4538 | (void **) &pSMBr); | 4555 | (void **) &pSMB, (void **) &pSMBr); |
| 4539 | if (rc) | 4556 | if (rc) |
| 4540 | return rc; | 4557 | return rc; |
| 4541 | 4558 | ||
| @@ -4604,8 +4621,8 @@ CIFSSMBSetFSUnixInfo(const int xid, struct cifsTconInfo *tcon, __u64 cap) | |||
| 4604 | cFYI(1, "In SETFSUnixInfo"); | 4621 | cFYI(1, "In SETFSUnixInfo"); |
| 4605 | SETFSUnixRetry: | 4622 | SETFSUnixRetry: |
| 4606 | /* BB switch to small buf init to save memory */ | 4623 | /* BB switch to small buf init to save memory */ |
| 4607 | rc = smb_init(SMB_COM_TRANSACTION2, 15, tcon, (void **) &pSMB, | 4624 | rc = smb_init_no_reconnect(SMB_COM_TRANSACTION2, 15, tcon, |
| 4608 | (void **) &pSMBr); | 4625 | (void **) &pSMB, (void **) &pSMBr); |
| 4609 | if (rc) | 4626 | if (rc) |
| 4610 | return rc; | 4627 | return rc; |
| 4611 | 4628 | ||