diff options
Diffstat (limited to 'fs/cifs')
-rw-r--r-- | fs/cifs/CHANGES | 5 | ||||
-rw-r--r-- | fs/cifs/cifsfs.h | 2 | ||||
-rw-r--r-- | fs/cifs/cifsglob.h | 3 | ||||
-rw-r--r-- | fs/cifs/cifspdu.h | 6 | ||||
-rw-r--r-- | fs/cifs/cifsproto.h | 7 | ||||
-rw-r--r-- | fs/cifs/cifssmb.c | 360 | ||||
-rw-r--r-- | fs/cifs/connect.c | 38 | ||||
-rw-r--r-- | fs/cifs/inode.c | 15 | ||||
-rw-r--r-- | fs/cifs/misc.c | 2 | ||||
-rw-r--r-- | fs/cifs/readdir.c | 8 | ||||
-rw-r--r-- | fs/cifs/sess.c | 11 | ||||
-rw-r--r-- | fs/cifs/xattr.c | 8 |
12 files changed, 198 insertions, 267 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 7b2600b380d7..bc0025cdd1c9 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES | |||
@@ -1,3 +1,8 @@ | |||
1 | Version 1.62 | ||
2 | ------------ | ||
3 | Add sockopt=TCP_NODELAY mount option. EA (xattr) routines hardened | ||
4 | to more strictly handle corrupt frames. | ||
5 | |||
1 | Version 1.61 | 6 | Version 1.61 |
2 | ------------ | 7 | ------------ |
3 | Fix append problem to Samba servers (files opened with O_APPEND could | 8 | Fix append problem to Samba servers (files opened with O_APPEND could |
diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index ac2b24c192f8..78c1b86d55f6 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h | |||
@@ -113,5 +113,5 @@ extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg); | |||
113 | extern const struct export_operations cifs_export_ops; | 113 | extern const struct export_operations cifs_export_ops; |
114 | #endif /* EXPERIMENTAL */ | 114 | #endif /* EXPERIMENTAL */ |
115 | 115 | ||
116 | #define CIFS_VERSION "1.61" | 116 | #define CIFS_VERSION "1.62" |
117 | #endif /* _CIFSFS_H */ | 117 | #endif /* _CIFSFS_H */ |
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 4b35f7ec0583..a1c817eb291a 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h | |||
@@ -149,6 +149,7 @@ struct TCP_Server_Info { | |||
149 | bool svlocal:1; /* local server or remote */ | 149 | bool svlocal:1; /* local server or remote */ |
150 | bool noblocksnd; /* use blocking sendmsg */ | 150 | bool noblocksnd; /* use blocking sendmsg */ |
151 | bool noautotune; /* do not autotune send buf sizes */ | 151 | bool noautotune; /* do not autotune send buf sizes */ |
152 | bool tcp_nodelay; | ||
152 | atomic_t inFlight; /* number of requests on the wire to server */ | 153 | atomic_t inFlight; /* number of requests on the wire to server */ |
153 | #ifdef CONFIG_CIFS_STATS2 | 154 | #ifdef CONFIG_CIFS_STATS2 |
154 | atomic_t inSend; /* requests trying to send */ | 155 | atomic_t inSend; /* requests trying to send */ |
@@ -204,7 +205,7 @@ struct cifsUidInfo { | |||
204 | struct cifsSesInfo { | 205 | struct cifsSesInfo { |
205 | struct list_head smb_ses_list; | 206 | struct list_head smb_ses_list; |
206 | struct list_head tcon_list; | 207 | struct list_head tcon_list; |
207 | struct semaphore sesSem; | 208 | struct mutex session_mutex; |
208 | #if 0 | 209 | #if 0 |
209 | struct cifsUidInfo *uidInfo; /* pointer to user info */ | 210 | struct cifsUidInfo *uidInfo; /* pointer to user info */ |
210 | #endif | 211 | #endif |
diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index 3877737f96a6..14d036d8db11 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h | |||
@@ -415,10 +415,10 @@ struct smb_hdr { | |||
415 | __u8 WordCount; | 415 | __u8 WordCount; |
416 | } __attribute__((packed)); | 416 | } __attribute__((packed)); |
417 | /* given a pointer to an smb_hdr retrieve the value of byte count */ | 417 | /* given a pointer to an smb_hdr retrieve the value of byte count */ |
418 | #define BCC(smb_var) (*(__u16 *)((char *)smb_var + sizeof(struct smb_hdr) + (2 * smb_var->WordCount))) | 418 | #define BCC(smb_var) (*(__u16 *)((char *)(smb_var) + sizeof(struct smb_hdr) + (2 * (smb_var)->WordCount))) |
419 | #define BCC_LE(smb_var) (*(__le16 *)((char *)smb_var + sizeof(struct smb_hdr) + (2 * smb_var->WordCount))) | 419 | #define BCC_LE(smb_var) (*(__le16 *)((char *)(smb_var) + sizeof(struct smb_hdr) + (2 * (smb_var)->WordCount))) |
420 | /* given a pointer to an smb_hdr retrieve the pointer to the byte area */ | 420 | /* given a pointer to an smb_hdr retrieve the pointer to the byte area */ |
421 | #define pByteArea(smb_var) ((unsigned char *)smb_var + sizeof(struct smb_hdr) + (2 * smb_var->WordCount) + 2) | 421 | #define pByteArea(smb_var) ((unsigned char *)(smb_var) + sizeof(struct smb_hdr) + (2 * (smb_var)->WordCount) + 2) |
422 | 422 | ||
423 | /* | 423 | /* |
424 | * Computer Name Length (since Netbios name was length 16 with last byte 0x20) | 424 | * Computer Name Length (since Netbios name was length 16 with last byte 0x20) |
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 5646727e33f5..88e2bc44ac58 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h | |||
@@ -363,13 +363,10 @@ extern int CIFSSMBNotify(const int xid, struct cifsTconInfo *tcon, | |||
363 | __u32 filter, struct file *file, int multishot, | 363 | __u32 filter, struct file *file, int multishot, |
364 | const struct nls_table *nls_codepage); | 364 | const struct nls_table *nls_codepage); |
365 | extern ssize_t CIFSSMBQAllEAs(const int xid, struct cifsTconInfo *tcon, | 365 | extern ssize_t CIFSSMBQAllEAs(const int xid, struct cifsTconInfo *tcon, |
366 | const unsigned char *searchName, char *EAData, | 366 | const unsigned char *searchName, |
367 | const unsigned char *ea_name, char *EAData, | ||
367 | size_t bufsize, const struct nls_table *nls_codepage, | 368 | size_t bufsize, const struct nls_table *nls_codepage, |
368 | int remap_special_chars); | 369 | int remap_special_chars); |
369 | extern ssize_t CIFSSMBQueryEA(const int xid, struct cifsTconInfo *tcon, | ||
370 | const unsigned char *searchName, const unsigned char *ea_name, | ||
371 | unsigned char *ea_value, size_t buf_size, | ||
372 | const struct nls_table *nls_codepage, int remap_special_chars); | ||
373 | extern int CIFSSMBSetEA(const int xid, struct cifsTconInfo *tcon, | 370 | extern int CIFSSMBSetEA(const int xid, struct cifsTconInfo *tcon, |
374 | const char *fileName, const char *ea_name, | 371 | const char *fileName, const char *ea_name, |
375 | const void *ea_value, const __u16 ea_value_len, | 372 | const void *ea_value, const __u16 ea_value_len, |
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 941441d3e386..9d17df3e0768 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
@@ -170,19 +170,19 @@ cifs_reconnect_tcon(struct cifsTconInfo *tcon, int smb_command) | |||
170 | * need to prevent multiple threads trying to simultaneously | 170 | * need to prevent multiple threads trying to simultaneously |
171 | * reconnect the same SMB session | 171 | * reconnect the same SMB session |
172 | */ | 172 | */ |
173 | down(&ses->sesSem); | 173 | mutex_lock(&ses->session_mutex); |
174 | if (ses->need_reconnect) | 174 | if (ses->need_reconnect) |
175 | rc = cifs_setup_session(0, ses, nls_codepage); | 175 | rc = cifs_setup_session(0, ses, nls_codepage); |
176 | 176 | ||
177 | /* do we need to reconnect tcon? */ | 177 | /* do we need to reconnect tcon? */ |
178 | if (rc || !tcon->need_reconnect) { | 178 | if (rc || !tcon->need_reconnect) { |
179 | up(&ses->sesSem); | 179 | mutex_unlock(&ses->session_mutex); |
180 | goto out; | 180 | goto out; |
181 | } | 181 | } |
182 | 182 | ||
183 | mark_open_files_invalid(tcon); | 183 | mark_open_files_invalid(tcon); |
184 | rc = CIFSTCon(0, ses, tcon->treeName, tcon, nls_codepage); | 184 | rc = CIFSTCon(0, ses, tcon->treeName, tcon, nls_codepage); |
185 | up(&ses->sesSem); | 185 | mutex_unlock(&ses->session_mutex); |
186 | cFYI(1, ("reconnect tcon rc = %d", rc)); | 186 | cFYI(1, ("reconnect tcon rc = %d", rc)); |
187 | 187 | ||
188 | if (rc) | 188 | if (rc) |
@@ -700,13 +700,13 @@ CIFSSMBLogoff(const int xid, struct cifsSesInfo *ses) | |||
700 | if (!ses || !ses->server) | 700 | if (!ses || !ses->server) |
701 | return -EIO; | 701 | return -EIO; |
702 | 702 | ||
703 | down(&ses->sesSem); | 703 | mutex_lock(&ses->session_mutex); |
704 | if (ses->need_reconnect) | 704 | if (ses->need_reconnect) |
705 | goto session_already_dead; /* no need to send SMBlogoff if uid | 705 | goto session_already_dead; /* no need to send SMBlogoff if uid |
706 | already closed due to reconnect */ | 706 | already closed due to reconnect */ |
707 | rc = small_smb_init(SMB_COM_LOGOFF_ANDX, 2, NULL, (void **)&pSMB); | 707 | rc = small_smb_init(SMB_COM_LOGOFF_ANDX, 2, NULL, (void **)&pSMB); |
708 | if (rc) { | 708 | if (rc) { |
709 | up(&ses->sesSem); | 709 | mutex_unlock(&ses->session_mutex); |
710 | return rc; | 710 | return rc; |
711 | } | 711 | } |
712 | 712 | ||
@@ -721,7 +721,7 @@ CIFSSMBLogoff(const int xid, struct cifsSesInfo *ses) | |||
721 | pSMB->AndXCommand = 0xFF; | 721 | pSMB->AndXCommand = 0xFF; |
722 | rc = SendReceiveNoRsp(xid, ses, (struct smb_hdr *) pSMB, 0); | 722 | rc = SendReceiveNoRsp(xid, ses, (struct smb_hdr *) pSMB, 0); |
723 | session_already_dead: | 723 | session_already_dead: |
724 | up(&ses->sesSem); | 724 | mutex_unlock(&ses->session_mutex); |
725 | 725 | ||
726 | /* if session dead then we do not need to do ulogoff, | 726 | /* if session dead then we do not need to do ulogoff, |
727 | since server closed smb session, no sense reporting | 727 | since server closed smb session, no sense reporting |
@@ -5269,22 +5269,34 @@ int CIFSSMBNotify(const int xid, struct cifsTconInfo *tcon, | |||
5269 | cifs_buf_release(pSMB); | 5269 | cifs_buf_release(pSMB); |
5270 | return rc; | 5270 | return rc; |
5271 | } | 5271 | } |
5272 | |||
5272 | #ifdef CONFIG_CIFS_XATTR | 5273 | #ifdef CONFIG_CIFS_XATTR |
5274 | /* | ||
5275 | * Do a path-based QUERY_ALL_EAS call and parse the result. This is a common | ||
5276 | * function used by listxattr and getxattr type calls. When ea_name is set, | ||
5277 | * it looks for that attribute name and stuffs that value into the EAData | ||
5278 | * buffer. When ea_name is NULL, it stuffs a list of attribute names into the | ||
5279 | * buffer. In both cases, the return value is either the length of the | ||
5280 | * resulting data or a negative error code. If EAData is a NULL pointer then | ||
5281 | * the data isn't copied to it, but the length is returned. | ||
5282 | */ | ||
5273 | ssize_t | 5283 | ssize_t |
5274 | CIFSSMBQAllEAs(const int xid, struct cifsTconInfo *tcon, | 5284 | CIFSSMBQAllEAs(const int xid, struct cifsTconInfo *tcon, |
5275 | const unsigned char *searchName, | 5285 | const unsigned char *searchName, const unsigned char *ea_name, |
5276 | char *EAData, size_t buf_size, | 5286 | char *EAData, size_t buf_size, |
5277 | const struct nls_table *nls_codepage, int remap) | 5287 | const struct nls_table *nls_codepage, int remap) |
5278 | { | 5288 | { |
5279 | /* BB assumes one setup word */ | 5289 | /* BB assumes one setup word */ |
5280 | TRANSACTION2_QPI_REQ *pSMB = NULL; | 5290 | TRANSACTION2_QPI_REQ *pSMB = NULL; |
5281 | TRANSACTION2_QPI_RSP *pSMBr = NULL; | 5291 | TRANSACTION2_QPI_RSP *pSMBr = NULL; |
5282 | int rc = 0; | 5292 | int rc = 0; |
5283 | int bytes_returned; | 5293 | int bytes_returned; |
5284 | int name_len; | 5294 | int list_len; |
5295 | struct fealist *ea_response_data; | ||
5285 | struct fea *temp_fea; | 5296 | struct fea *temp_fea; |
5286 | char *temp_ptr; | 5297 | char *temp_ptr; |
5287 | __u16 params, byte_count; | 5298 | char *end_of_smb; |
5299 | __u16 params, byte_count, data_offset; | ||
5288 | 5300 | ||
5289 | cFYI(1, ("In Query All EAs path %s", searchName)); | 5301 | cFYI(1, ("In Query All EAs path %s", searchName)); |
5290 | QAllEAsRetry: | 5302 | QAllEAsRetry: |
@@ -5294,22 +5306,22 @@ QAllEAsRetry: | |||
5294 | return rc; | 5306 | return rc; |
5295 | 5307 | ||
5296 | if (pSMB->hdr.Flags2 & SMBFLG2_UNICODE) { | 5308 | if (pSMB->hdr.Flags2 & SMBFLG2_UNICODE) { |
5297 | name_len = | 5309 | list_len = |
5298 | cifsConvertToUCS((__le16 *) pSMB->FileName, searchName, | 5310 | cifsConvertToUCS((__le16 *) pSMB->FileName, searchName, |
5299 | PATH_MAX, nls_codepage, remap); | 5311 | PATH_MAX, nls_codepage, remap); |
5300 | name_len++; /* trailing null */ | 5312 | list_len++; /* trailing null */ |
5301 | name_len *= 2; | 5313 | list_len *= 2; |
5302 | } else { /* BB improve the check for buffer overruns BB */ | 5314 | } else { /* BB improve the check for buffer overruns BB */ |
5303 | name_len = strnlen(searchName, PATH_MAX); | 5315 | list_len = strnlen(searchName, PATH_MAX); |
5304 | name_len++; /* trailing null */ | 5316 | list_len++; /* trailing null */ |
5305 | strncpy(pSMB->FileName, searchName, name_len); | 5317 | strncpy(pSMB->FileName, searchName, list_len); |
5306 | } | 5318 | } |
5307 | 5319 | ||
5308 | params = 2 /* level */ + 4 /* reserved */ + name_len /* includes NUL */; | 5320 | params = 2 /* level */ + 4 /* reserved */ + list_len /* includes NUL */; |
5309 | pSMB->TotalDataCount = 0; | 5321 | pSMB->TotalDataCount = 0; |
5310 | pSMB->MaxParameterCount = cpu_to_le16(2); | 5322 | pSMB->MaxParameterCount = cpu_to_le16(2); |
5311 | /* BB find exact max SMB PDU from sess structure BB */ | 5323 | /* BB find exact max SMB PDU from sess structure BB */ |
5312 | pSMB->MaxDataCount = cpu_to_le16(4000); | 5324 | pSMB->MaxDataCount = cpu_to_le16(CIFSMaxBufSize); |
5313 | pSMB->MaxSetupCount = 0; | 5325 | pSMB->MaxSetupCount = 0; |
5314 | pSMB->Reserved = 0; | 5326 | pSMB->Reserved = 0; |
5315 | pSMB->Flags = 0; | 5327 | pSMB->Flags = 0; |
@@ -5334,237 +5346,117 @@ QAllEAsRetry: | |||
5334 | (struct smb_hdr *) pSMBr, &bytes_returned, 0); | 5346 | (struct smb_hdr *) pSMBr, &bytes_returned, 0); |
5335 | if (rc) { | 5347 | if (rc) { |
5336 | cFYI(1, ("Send error in QueryAllEAs = %d", rc)); | 5348 | cFYI(1, ("Send error in QueryAllEAs = %d", rc)); |
5337 | } else { /* decode response */ | 5349 | goto QAllEAsOut; |
5338 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 5350 | } |
5339 | 5351 | ||
5340 | /* BB also check enough total bytes returned */ | 5352 | |
5341 | /* BB we need to improve the validity checking | 5353 | /* BB also check enough total bytes returned */ |
5342 | of these trans2 responses */ | 5354 | /* BB we need to improve the validity checking |
5343 | if (rc || (pSMBr->ByteCount < 4)) | 5355 | of these trans2 responses */ |
5344 | rc = -EIO; /* bad smb */ | 5356 | |
5345 | /* else if (pFindData){ | 5357 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
5346 | memcpy((char *) pFindData, | 5358 | if (rc || (pSMBr->ByteCount < 4)) { |
5347 | (char *) &pSMBr->hdr.Protocol + | 5359 | rc = -EIO; /* bad smb */ |
5348 | data_offset, kl); | 5360 | goto QAllEAsOut; |
5349 | }*/ else { | ||
5350 | /* check that length of list is not more than bcc */ | ||
5351 | /* check that each entry does not go beyond length | ||
5352 | of list */ | ||
5353 | /* check that each element of each entry does not | ||
5354 | go beyond end of list */ | ||
5355 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | ||
5356 | struct fealist *ea_response_data; | ||
5357 | rc = 0; | ||
5358 | /* validate_trans2_offsets() */ | ||
5359 | /* BB check if start of smb + data_offset > &bcc+ bcc */ | ||
5360 | ea_response_data = (struct fealist *) | ||
5361 | (((char *) &pSMBr->hdr.Protocol) + | ||
5362 | data_offset); | ||
5363 | name_len = le32_to_cpu(ea_response_data->list_len); | ||
5364 | cFYI(1, ("ea length %d", name_len)); | ||
5365 | if (name_len <= 8) { | ||
5366 | /* returned EA size zeroed at top of function */ | ||
5367 | cFYI(1, ("empty EA list returned from server")); | ||
5368 | } else { | ||
5369 | /* account for ea list len */ | ||
5370 | name_len -= 4; | ||
5371 | temp_fea = ea_response_data->list; | ||
5372 | temp_ptr = (char *)temp_fea; | ||
5373 | while (name_len > 0) { | ||
5374 | __u16 value_len; | ||
5375 | name_len -= 4; | ||
5376 | temp_ptr += 4; | ||
5377 | rc += temp_fea->name_len; | ||
5378 | /* account for prefix user. and trailing null */ | ||
5379 | rc = rc + 5 + 1; | ||
5380 | if (rc < (int)buf_size) { | ||
5381 | memcpy(EAData, "user.", 5); | ||
5382 | EAData += 5; | ||
5383 | memcpy(EAData, temp_ptr, | ||
5384 | temp_fea->name_len); | ||
5385 | EAData += temp_fea->name_len; | ||
5386 | /* null terminate name */ | ||
5387 | *EAData = 0; | ||
5388 | EAData = EAData + 1; | ||
5389 | } else if (buf_size == 0) { | ||
5390 | /* skip copy - calc size only */ | ||
5391 | } else { | ||
5392 | /* stop before overrun buffer */ | ||
5393 | rc = -ERANGE; | ||
5394 | break; | ||
5395 | } | ||
5396 | name_len -= temp_fea->name_len; | ||
5397 | temp_ptr += temp_fea->name_len; | ||
5398 | /* account for trailing null */ | ||
5399 | name_len--; | ||
5400 | temp_ptr++; | ||
5401 | value_len = | ||
5402 | le16_to_cpu(temp_fea->value_len); | ||
5403 | name_len -= value_len; | ||
5404 | temp_ptr += value_len; | ||
5405 | /* BB check that temp_ptr is still | ||
5406 | within the SMB BB*/ | ||
5407 | |||
5408 | /* no trailing null to account for | ||
5409 | in value len */ | ||
5410 | /* go on to next EA */ | ||
5411 | temp_fea = (struct fea *)temp_ptr; | ||
5412 | } | ||
5413 | } | ||
5414 | } | ||
5415 | } | 5361 | } |
5416 | cifs_buf_release(pSMB); | ||
5417 | if (rc == -EAGAIN) | ||
5418 | goto QAllEAsRetry; | ||
5419 | 5362 | ||
5420 | return (ssize_t)rc; | 5363 | /* check that length of list is not more than bcc */ |
5421 | } | 5364 | /* check that each entry does not go beyond length |
5365 | of list */ | ||
5366 | /* check that each element of each entry does not | ||
5367 | go beyond end of list */ | ||
5368 | /* validate_trans2_offsets() */ | ||
5369 | /* BB check if start of smb + data_offset > &bcc+ bcc */ | ||
5422 | 5370 | ||
5423 | ssize_t CIFSSMBQueryEA(const int xid, struct cifsTconInfo *tcon, | 5371 | data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
5424 | const unsigned char *searchName, const unsigned char *ea_name, | 5372 | ea_response_data = (struct fealist *) |
5425 | unsigned char *ea_value, size_t buf_size, | 5373 | (((char *) &pSMBr->hdr.Protocol) + data_offset); |
5426 | const struct nls_table *nls_codepage, int remap) | ||
5427 | { | ||
5428 | TRANSACTION2_QPI_REQ *pSMB = NULL; | ||
5429 | TRANSACTION2_QPI_RSP *pSMBr = NULL; | ||
5430 | int rc = 0; | ||
5431 | int bytes_returned; | ||
5432 | int name_len; | ||
5433 | struct fea *temp_fea; | ||
5434 | char *temp_ptr; | ||
5435 | __u16 params, byte_count; | ||
5436 | 5374 | ||
5437 | cFYI(1, ("In Query EA path %s", searchName)); | 5375 | list_len = le32_to_cpu(ea_response_data->list_len); |
5438 | QEARetry: | 5376 | cFYI(1, ("ea length %d", list_len)); |
5439 | rc = smb_init(SMB_COM_TRANSACTION2, 15, tcon, (void **) &pSMB, | 5377 | if (list_len <= 8) { |
5440 | (void **) &pSMBr); | 5378 | cFYI(1, ("empty EA list returned from server")); |
5441 | if (rc) | 5379 | goto QAllEAsOut; |
5442 | return rc; | 5380 | } |
5443 | 5381 | ||
5444 | if (pSMB->hdr.Flags2 & SMBFLG2_UNICODE) { | 5382 | /* make sure list_len doesn't go past end of SMB */ |
5445 | name_len = | 5383 | end_of_smb = (char *)pByteArea(&pSMBr->hdr) + BCC(&pSMBr->hdr); |
5446 | cifsConvertToUCS((__le16 *) pSMB->FileName, searchName, | 5384 | if ((char *)ea_response_data + list_len > end_of_smb) { |
5447 | PATH_MAX, nls_codepage, remap); | 5385 | cFYI(1, ("EA list appears to go beyond SMB")); |
5448 | name_len++; /* trailing null */ | 5386 | rc = -EIO; |
5449 | name_len *= 2; | 5387 | goto QAllEAsOut; |
5450 | } else { /* BB improve the check for buffer overruns BB */ | ||
5451 | name_len = strnlen(searchName, PATH_MAX); | ||
5452 | name_len++; /* trailing null */ | ||
5453 | strncpy(pSMB->FileName, searchName, name_len); | ||
5454 | } | 5388 | } |
5455 | 5389 | ||
5456 | params = 2 /* level */ + 4 /* reserved */ + name_len /* includes NUL */; | 5390 | /* account for ea list len */ |
5457 | pSMB->TotalDataCount = 0; | 5391 | list_len -= 4; |
5458 | pSMB->MaxParameterCount = cpu_to_le16(2); | 5392 | temp_fea = ea_response_data->list; |
5459 | /* BB find exact max SMB PDU from sess structure BB */ | 5393 | temp_ptr = (char *)temp_fea; |
5460 | pSMB->MaxDataCount = cpu_to_le16(4000); | 5394 | while (list_len > 0) { |
5461 | pSMB->MaxSetupCount = 0; | 5395 | unsigned int name_len; |
5462 | pSMB->Reserved = 0; | 5396 | __u16 value_len; |
5463 | pSMB->Flags = 0; | 5397 | |
5464 | pSMB->Timeout = 0; | 5398 | list_len -= 4; |
5465 | pSMB->Reserved2 = 0; | 5399 | temp_ptr += 4; |
5466 | pSMB->ParameterOffset = cpu_to_le16(offsetof( | 5400 | /* make sure we can read name_len and value_len */ |
5467 | struct smb_com_transaction2_qpi_req, InformationLevel) - 4); | 5401 | if (list_len < 0) { |
5468 | pSMB->DataCount = 0; | 5402 | cFYI(1, ("EA entry goes beyond length of list")); |
5469 | pSMB->DataOffset = 0; | 5403 | rc = -EIO; |
5470 | pSMB->SetupCount = 1; | 5404 | goto QAllEAsOut; |
5471 | pSMB->Reserved3 = 0; | 5405 | } |
5472 | pSMB->SubCommand = cpu_to_le16(TRANS2_QUERY_PATH_INFORMATION); | ||
5473 | byte_count = params + 1 /* pad */ ; | ||
5474 | pSMB->TotalParameterCount = cpu_to_le16(params); | ||
5475 | pSMB->ParameterCount = pSMB->TotalParameterCount; | ||
5476 | pSMB->InformationLevel = cpu_to_le16(SMB_INFO_QUERY_ALL_EAS); | ||
5477 | pSMB->Reserved4 = 0; | ||
5478 | pSMB->hdr.smb_buf_length += byte_count; | ||
5479 | pSMB->ByteCount = cpu_to_le16(byte_count); | ||
5480 | 5406 | ||
5481 | rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB, | 5407 | name_len = temp_fea->name_len; |
5482 | (struct smb_hdr *) pSMBr, &bytes_returned, 0); | 5408 | value_len = le16_to_cpu(temp_fea->value_len); |
5483 | if (rc) { | 5409 | list_len -= name_len + 1 + value_len; |
5484 | cFYI(1, ("Send error in Query EA = %d", rc)); | 5410 | if (list_len < 0) { |
5485 | } else { /* decode response */ | 5411 | cFYI(1, ("EA entry goes beyond length of list")); |
5486 | rc = validate_t2((struct smb_t2_rsp *)pSMBr); | 5412 | rc = -EIO; |
5413 | goto QAllEAsOut; | ||
5414 | } | ||
5487 | 5415 | ||
5488 | /* BB also check enough total bytes returned */ | 5416 | if (ea_name) { |
5489 | /* BB we need to improve the validity checking | 5417 | if (strncmp(ea_name, temp_ptr, name_len) == 0) { |
5490 | of these trans2 responses */ | 5418 | temp_ptr += name_len + 1; |
5491 | if (rc || (pSMBr->ByteCount < 4)) | 5419 | rc = value_len; |
5492 | rc = -EIO; /* bad smb */ | 5420 | if (buf_size == 0) |
5493 | /* else if (pFindData){ | 5421 | goto QAllEAsOut; |
5494 | memcpy((char *) pFindData, | 5422 | if ((size_t)value_len > buf_size) { |
5495 | (char *) &pSMBr->hdr.Protocol + | 5423 | rc = -ERANGE; |
5496 | data_offset, kl); | 5424 | goto QAllEAsOut; |
5497 | }*/ else { | ||
5498 | /* check that length of list is not more than bcc */ | ||
5499 | /* check that each entry does not go beyond length | ||
5500 | of list */ | ||
5501 | /* check that each element of each entry does not | ||
5502 | go beyond end of list */ | ||
5503 | __u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); | ||
5504 | struct fealist *ea_response_data; | ||
5505 | rc = -ENODATA; | ||
5506 | /* validate_trans2_offsets() */ | ||
5507 | /* BB check if start of smb + data_offset > &bcc+ bcc*/ | ||
5508 | ea_response_data = (struct fealist *) | ||
5509 | (((char *) &pSMBr->hdr.Protocol) + | ||
5510 | data_offset); | ||
5511 | name_len = le32_to_cpu(ea_response_data->list_len); | ||
5512 | cFYI(1, ("ea length %d", name_len)); | ||
5513 | if (name_len <= 8) { | ||
5514 | /* returned EA size zeroed at top of function */ | ||
5515 | cFYI(1, ("empty EA list returned from server")); | ||
5516 | } else { | ||
5517 | /* account for ea list len */ | ||
5518 | name_len -= 4; | ||
5519 | temp_fea = ea_response_data->list; | ||
5520 | temp_ptr = (char *)temp_fea; | ||
5521 | /* loop through checking if we have a matching | ||
5522 | name and then return the associated value */ | ||
5523 | while (name_len > 0) { | ||
5524 | __u16 value_len; | ||
5525 | name_len -= 4; | ||
5526 | temp_ptr += 4; | ||
5527 | value_len = | ||
5528 | le16_to_cpu(temp_fea->value_len); | ||
5529 | /* BB validate that value_len falls within SMB, | ||
5530 | even though maximum for name_len is 255 */ | ||
5531 | if (memcmp(temp_fea->name, ea_name, | ||
5532 | temp_fea->name_len) == 0) { | ||
5533 | /* found a match */ | ||
5534 | rc = value_len; | ||
5535 | /* account for prefix user. and trailing null */ | ||
5536 | if (rc <= (int)buf_size) { | ||
5537 | memcpy(ea_value, | ||
5538 | temp_fea->name+temp_fea->name_len+1, | ||
5539 | rc); | ||
5540 | /* ea values, unlike ea | ||
5541 | names, are not null | ||
5542 | terminated */ | ||
5543 | } else if (buf_size == 0) { | ||
5544 | /* skip copy - calc size only */ | ||
5545 | } else { | ||
5546 | /* stop before overrun buffer */ | ||
5547 | rc = -ERANGE; | ||
5548 | } | ||
5549 | break; | ||
5550 | } | ||
5551 | name_len -= temp_fea->name_len; | ||
5552 | temp_ptr += temp_fea->name_len; | ||
5553 | /* account for trailing null */ | ||
5554 | name_len--; | ||
5555 | temp_ptr++; | ||
5556 | name_len -= value_len; | ||
5557 | temp_ptr += value_len; | ||
5558 | /* No trailing null to account for in | ||
5559 | value_len. Go on to next EA */ | ||
5560 | temp_fea = (struct fea *)temp_ptr; | ||
5561 | } | 5425 | } |
5426 | memcpy(EAData, temp_ptr, value_len); | ||
5427 | goto QAllEAsOut; | ||
5428 | } | ||
5429 | } else { | ||
5430 | /* account for prefix user. and trailing null */ | ||
5431 | rc += (5 + 1 + name_len); | ||
5432 | if (rc < (int) buf_size) { | ||
5433 | memcpy(EAData, "user.", 5); | ||
5434 | EAData += 5; | ||
5435 | memcpy(EAData, temp_ptr, name_len); | ||
5436 | EAData += name_len; | ||
5437 | /* null terminate name */ | ||
5438 | *EAData = 0; | ||
5439 | ++EAData; | ||
5440 | } else if (buf_size == 0) { | ||
5441 | /* skip copy - calc size only */ | ||
5442 | } else { | ||
5443 | /* stop before overrun buffer */ | ||
5444 | rc = -ERANGE; | ||
5445 | break; | ||
5562 | } | 5446 | } |
5563 | } | 5447 | } |
5448 | temp_ptr += name_len + 1 + value_len; | ||
5449 | temp_fea = (struct fea *)temp_ptr; | ||
5564 | } | 5450 | } |
5451 | |||
5452 | /* didn't find the named attribute */ | ||
5453 | if (ea_name) | ||
5454 | rc = -ENODATA; | ||
5455 | |||
5456 | QAllEAsOut: | ||
5565 | cifs_buf_release(pSMB); | 5457 | cifs_buf_release(pSMB); |
5566 | if (rc == -EAGAIN) | 5458 | if (rc == -EAGAIN) |
5567 | goto QEARetry; | 5459 | goto QAllEAsRetry; |
5568 | 5460 | ||
5569 | return (ssize_t)rc; | 5461 | return (ssize_t)rc; |
5570 | } | 5462 | } |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 3bbcaa716b3c..45eb6cba793f 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -98,7 +98,7 @@ struct smb_vol { | |||
98 | bool nostrictsync:1; /* do not force expensive SMBflush on every sync */ | 98 | bool nostrictsync:1; /* do not force expensive SMBflush on every sync */ |
99 | unsigned int rsize; | 99 | unsigned int rsize; |
100 | unsigned int wsize; | 100 | unsigned int wsize; |
101 | unsigned int sockopt; | 101 | bool sockopt_tcp_nodelay:1; |
102 | unsigned short int port; | 102 | unsigned short int port; |
103 | char *prepath; | 103 | char *prepath; |
104 | }; | 104 | }; |
@@ -1142,9 +1142,11 @@ cifs_parse_mount_options(char *options, const char *devname, | |||
1142 | simple_strtoul(value, &value, 0); | 1142 | simple_strtoul(value, &value, 0); |
1143 | } | 1143 | } |
1144 | } else if (strnicmp(data, "sockopt", 5) == 0) { | 1144 | } else if (strnicmp(data, "sockopt", 5) == 0) { |
1145 | if (value && *value) { | 1145 | if (!value || !*value) { |
1146 | vol->sockopt = | 1146 | cERROR(1, ("no socket option specified")); |
1147 | simple_strtoul(value, &value, 0); | 1147 | continue; |
1148 | } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) { | ||
1149 | vol->sockopt_tcp_nodelay = 1; | ||
1148 | } | 1150 | } |
1149 | } else if (strnicmp(data, "netbiosname", 4) == 0) { | 1151 | } else if (strnicmp(data, "netbiosname", 4) == 0) { |
1150 | if (!value || !*value || (*value == ' ')) { | 1152 | if (!value || !*value || (*value == ' ')) { |
@@ -1514,6 +1516,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info) | |||
1514 | 1516 | ||
1515 | tcp_ses->noblocksnd = volume_info->noblocksnd; | 1517 | tcp_ses->noblocksnd = volume_info->noblocksnd; |
1516 | tcp_ses->noautotune = volume_info->noautotune; | 1518 | tcp_ses->noautotune = volume_info->noautotune; |
1519 | tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay; | ||
1517 | atomic_set(&tcp_ses->inFlight, 0); | 1520 | atomic_set(&tcp_ses->inFlight, 0); |
1518 | init_waitqueue_head(&tcp_ses->response_q); | 1521 | init_waitqueue_head(&tcp_ses->response_q); |
1519 | init_waitqueue_head(&tcp_ses->request_q); | 1522 | init_waitqueue_head(&tcp_ses->request_q); |
@@ -1764,6 +1767,7 @@ static int | |||
1764 | ipv4_connect(struct TCP_Server_Info *server) | 1767 | ipv4_connect(struct TCP_Server_Info *server) |
1765 | { | 1768 | { |
1766 | int rc = 0; | 1769 | int rc = 0; |
1770 | int val; | ||
1767 | bool connected = false; | 1771 | bool connected = false; |
1768 | __be16 orig_port = 0; | 1772 | __be16 orig_port = 0; |
1769 | struct socket *socket = server->ssocket; | 1773 | struct socket *socket = server->ssocket; |
@@ -1845,6 +1849,14 @@ ipv4_connect(struct TCP_Server_Info *server) | |||
1845 | socket->sk->sk_rcvbuf = 140 * 1024; | 1849 | socket->sk->sk_rcvbuf = 140 * 1024; |
1846 | } | 1850 | } |
1847 | 1851 | ||
1852 | if (server->tcp_nodelay) { | ||
1853 | val = 1; | ||
1854 | rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY, | ||
1855 | (char *)&val, sizeof(val)); | ||
1856 | if (rc) | ||
1857 | cFYI(1, ("set TCP_NODELAY socket option error %d", rc)); | ||
1858 | } | ||
1859 | |||
1848 | cFYI(1, ("sndbuf %d rcvbuf %d rcvtimeo 0x%lx", | 1860 | cFYI(1, ("sndbuf %d rcvbuf %d rcvtimeo 0x%lx", |
1849 | socket->sk->sk_sndbuf, | 1861 | socket->sk->sk_sndbuf, |
1850 | socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo)); | 1862 | socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo)); |
@@ -1916,6 +1928,7 @@ static int | |||
1916 | ipv6_connect(struct TCP_Server_Info *server) | 1928 | ipv6_connect(struct TCP_Server_Info *server) |
1917 | { | 1929 | { |
1918 | int rc = 0; | 1930 | int rc = 0; |
1931 | int val; | ||
1919 | bool connected = false; | 1932 | bool connected = false; |
1920 | __be16 orig_port = 0; | 1933 | __be16 orig_port = 0; |
1921 | struct socket *socket = server->ssocket; | 1934 | struct socket *socket = server->ssocket; |
@@ -1987,6 +2000,15 @@ ipv6_connect(struct TCP_Server_Info *server) | |||
1987 | */ | 2000 | */ |
1988 | socket->sk->sk_rcvtimeo = 7 * HZ; | 2001 | socket->sk->sk_rcvtimeo = 7 * HZ; |
1989 | socket->sk->sk_sndtimeo = 5 * HZ; | 2002 | socket->sk->sk_sndtimeo = 5 * HZ; |
2003 | |||
2004 | if (server->tcp_nodelay) { | ||
2005 | val = 1; | ||
2006 | rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY, | ||
2007 | (char *)&val, sizeof(val)); | ||
2008 | if (rc) | ||
2009 | cFYI(1, ("set TCP_NODELAY socket option error %d", rc)); | ||
2010 | } | ||
2011 | |||
1990 | server->ssocket = socket; | 2012 | server->ssocket = socket; |
1991 | 2013 | ||
1992 | return rc; | 2014 | return rc; |
@@ -2366,13 +2388,13 @@ try_mount_again: | |||
2366 | */ | 2388 | */ |
2367 | cifs_put_tcp_session(srvTcp); | 2389 | cifs_put_tcp_session(srvTcp); |
2368 | 2390 | ||
2369 | down(&pSesInfo->sesSem); | 2391 | mutex_lock(&pSesInfo->session_mutex); |
2370 | if (pSesInfo->need_reconnect) { | 2392 | if (pSesInfo->need_reconnect) { |
2371 | cFYI(1, ("Session needs reconnect")); | 2393 | cFYI(1, ("Session needs reconnect")); |
2372 | rc = cifs_setup_session(xid, pSesInfo, | 2394 | rc = cifs_setup_session(xid, pSesInfo, |
2373 | cifs_sb->local_nls); | 2395 | cifs_sb->local_nls); |
2374 | } | 2396 | } |
2375 | up(&pSesInfo->sesSem); | 2397 | mutex_unlock(&pSesInfo->session_mutex); |
2376 | } else if (!rc) { | 2398 | } else if (!rc) { |
2377 | cFYI(1, ("Existing smb sess not found")); | 2399 | cFYI(1, ("Existing smb sess not found")); |
2378 | pSesInfo = sesInfoAlloc(); | 2400 | pSesInfo = sesInfoAlloc(); |
@@ -2415,12 +2437,12 @@ try_mount_again: | |||
2415 | } | 2437 | } |
2416 | pSesInfo->linux_uid = volume_info->linux_uid; | 2438 | pSesInfo->linux_uid = volume_info->linux_uid; |
2417 | pSesInfo->overrideSecFlg = volume_info->secFlg; | 2439 | pSesInfo->overrideSecFlg = volume_info->secFlg; |
2418 | down(&pSesInfo->sesSem); | 2440 | mutex_lock(&pSesInfo->session_mutex); |
2419 | 2441 | ||
2420 | /* BB FIXME need to pass vol->secFlgs BB */ | 2442 | /* BB FIXME need to pass vol->secFlgs BB */ |
2421 | rc = cifs_setup_session(xid, pSesInfo, | 2443 | rc = cifs_setup_session(xid, pSesInfo, |
2422 | cifs_sb->local_nls); | 2444 | cifs_sb->local_nls); |
2423 | up(&pSesInfo->sesSem); | 2445 | mutex_unlock(&pSesInfo->session_mutex); |
2424 | } | 2446 | } |
2425 | 2447 | ||
2426 | /* search for existing tcon to this server share */ | 2448 | /* search for existing tcon to this server share */ |
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index cf18ee765590..8bdbc818164c 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c | |||
@@ -111,6 +111,7 @@ cifs_fattr_to_inode(struct inode *inode, struct cifs_fattr *fattr) | |||
111 | 111 | ||
112 | cifs_i->delete_pending = fattr->cf_flags & CIFS_FATTR_DELETE_PENDING; | 112 | cifs_i->delete_pending = fattr->cf_flags & CIFS_FATTR_DELETE_PENDING; |
113 | 113 | ||
114 | cifs_i->server_eof = fattr->cf_eof; | ||
114 | /* | 115 | /* |
115 | * Can't safely change the file size here if the client is writing to | 116 | * Can't safely change the file size here if the client is writing to |
116 | * it due to potential races. | 117 | * it due to potential races. |
@@ -366,7 +367,7 @@ static int cifs_sfu_mode(struct cifs_fattr *fattr, const unsigned char *path, | |||
366 | char ea_value[4]; | 367 | char ea_value[4]; |
367 | __u32 mode; | 368 | __u32 mode; |
368 | 369 | ||
369 | rc = CIFSSMBQueryEA(xid, cifs_sb->tcon, path, "SETFILEBITS", | 370 | rc = CIFSSMBQAllEAs(xid, cifs_sb->tcon, path, "SETFILEBITS", |
370 | ea_value, 4 /* size of buf */, cifs_sb->local_nls, | 371 | ea_value, 4 /* size of buf */, cifs_sb->local_nls, |
371 | cifs_sb->mnt_cifs_flags & | 372 | cifs_sb->mnt_cifs_flags & |
372 | CIFS_MOUNT_MAP_SPECIAL_CHR); | 373 | CIFS_MOUNT_MAP_SPECIAL_CHR); |
@@ -1762,8 +1763,18 @@ cifs_setattr_unix(struct dentry *direntry, struct iattr *attrs) | |||
1762 | CIFS_MOUNT_MAP_SPECIAL_CHR); | 1763 | CIFS_MOUNT_MAP_SPECIAL_CHR); |
1763 | } | 1764 | } |
1764 | 1765 | ||
1765 | if (!rc) | 1766 | if (!rc) { |
1766 | rc = inode_setattr(inode, attrs); | 1767 | rc = inode_setattr(inode, attrs); |
1768 | |||
1769 | /* force revalidate when any of these times are set since some | ||
1770 | of the fs types (eg ext3, fat) do not have fine enough | ||
1771 | time granularity to match protocol, and we do not have a | ||
1772 | a way (yet) to query the server fs's time granularity (and | ||
1773 | whether it rounds times down). | ||
1774 | */ | ||
1775 | if (!rc && (attrs->ia_valid & (ATTR_MTIME | ATTR_CTIME))) | ||
1776 | cifsInode->time = 0; | ||
1777 | } | ||
1767 | out: | 1778 | out: |
1768 | kfree(args); | 1779 | kfree(args); |
1769 | kfree(full_path); | 1780 | kfree(full_path); |
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c index d27d4ec6579b..d1474996a812 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c | |||
@@ -79,7 +79,7 @@ sesInfoAlloc(void) | |||
79 | ++ret_buf->ses_count; | 79 | ++ret_buf->ses_count; |
80 | INIT_LIST_HEAD(&ret_buf->smb_ses_list); | 80 | INIT_LIST_HEAD(&ret_buf->smb_ses_list); |
81 | INIT_LIST_HEAD(&ret_buf->tcon_list); | 81 | INIT_LIST_HEAD(&ret_buf->tcon_list); |
82 | init_MUTEX(&ret_buf->sesSem); | 82 | mutex_init(&ret_buf->session_mutex); |
83 | } | 83 | } |
84 | return ret_buf; | 84 | return ret_buf; |
85 | } | 85 | } |
diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c index f84062f9a985..c343b14ba2d3 100644 --- a/fs/cifs/readdir.c +++ b/fs/cifs/readdir.c | |||
@@ -77,6 +77,11 @@ cifs_readdir_lookup(struct dentry *parent, struct qstr *name, | |||
77 | 77 | ||
78 | cFYI(1, ("For %s", name->name)); | 78 | cFYI(1, ("For %s", name->name)); |
79 | 79 | ||
80 | if (parent->d_op && parent->d_op->d_hash) | ||
81 | parent->d_op->d_hash(parent, name); | ||
82 | else | ||
83 | name->hash = full_name_hash(name->name, name->len); | ||
84 | |||
80 | dentry = d_lookup(parent, name); | 85 | dentry = d_lookup(parent, name); |
81 | if (dentry) { | 86 | if (dentry) { |
82 | /* FIXME: check for inode number changes? */ | 87 | /* FIXME: check for inode number changes? */ |
@@ -666,12 +671,11 @@ static int cifs_get_name_from_search_buf(struct qstr *pqst, | |||
666 | min(len, max_len), nlt, | 671 | min(len, max_len), nlt, |
667 | cifs_sb->mnt_cifs_flags & | 672 | cifs_sb->mnt_cifs_flags & |
668 | CIFS_MOUNT_MAP_SPECIAL_CHR); | 673 | CIFS_MOUNT_MAP_SPECIAL_CHR); |
674 | pqst->len -= nls_nullsize(nlt); | ||
669 | } else { | 675 | } else { |
670 | pqst->name = filename; | 676 | pqst->name = filename; |
671 | pqst->len = len; | 677 | pqst->len = len; |
672 | } | 678 | } |
673 | pqst->hash = full_name_hash(pqst->name, pqst->len); | ||
674 | /* cFYI(1, ("filldir on %s",pqst->name)); */ | ||
675 | return rc; | 679 | return rc; |
676 | } | 680 | } |
677 | 681 | ||
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 7085a6275c4c..aaa9c1c5a5bd 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c | |||
@@ -223,9 +223,9 @@ static void unicode_ssetup_strings(char **pbcc_area, struct cifsSesInfo *ses, | |||
223 | /* null user mount */ | 223 | /* null user mount */ |
224 | *bcc_ptr = 0; | 224 | *bcc_ptr = 0; |
225 | *(bcc_ptr+1) = 0; | 225 | *(bcc_ptr+1) = 0; |
226 | } else { /* 300 should be long enough for any conceivable user name */ | 226 | } else { |
227 | bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, ses->userName, | 227 | bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, ses->userName, |
228 | 300, nls_cp); | 228 | MAX_USERNAME_SIZE, nls_cp); |
229 | } | 229 | } |
230 | bcc_ptr += 2 * bytes_ret; | 230 | bcc_ptr += 2 * bytes_ret; |
231 | bcc_ptr += 2; /* account for null termination */ | 231 | bcc_ptr += 2; /* account for null termination */ |
@@ -246,11 +246,10 @@ static void ascii_ssetup_strings(char **pbcc_area, struct cifsSesInfo *ses, | |||
246 | /* copy user */ | 246 | /* copy user */ |
247 | if (ses->userName == NULL) { | 247 | if (ses->userName == NULL) { |
248 | /* BB what about null user mounts - check that we do this BB */ | 248 | /* BB what about null user mounts - check that we do this BB */ |
249 | } else { /* 300 should be long enough for any conceivable user name */ | 249 | } else { |
250 | strncpy(bcc_ptr, ses->userName, 300); | 250 | strncpy(bcc_ptr, ses->userName, MAX_USERNAME_SIZE); |
251 | } | 251 | } |
252 | /* BB improve check for overflow */ | 252 | bcc_ptr += strnlen(ses->userName, MAX_USERNAME_SIZE); |
253 | bcc_ptr += strnlen(ses->userName, 300); | ||
254 | *bcc_ptr = 0; | 253 | *bcc_ptr = 0; |
255 | bcc_ptr++; /* account for null termination */ | 254 | bcc_ptr++; /* account for null termination */ |
256 | 255 | ||
diff --git a/fs/cifs/xattr.c b/fs/cifs/xattr.c index a75afa3dd9e1..3e2ef0de1209 100644 --- a/fs/cifs/xattr.c +++ b/fs/cifs/xattr.c | |||
@@ -244,7 +244,7 @@ ssize_t cifs_getxattr(struct dentry *direntry, const char *ea_name, | |||
244 | /* revalidate/getattr then populate from inode */ | 244 | /* revalidate/getattr then populate from inode */ |
245 | } /* BB add else when above is implemented */ | 245 | } /* BB add else when above is implemented */ |
246 | ea_name += 5; /* skip past user. prefix */ | 246 | ea_name += 5; /* skip past user. prefix */ |
247 | rc = CIFSSMBQueryEA(xid, pTcon, full_path, ea_name, ea_value, | 247 | rc = CIFSSMBQAllEAs(xid, pTcon, full_path, ea_name, ea_value, |
248 | buf_size, cifs_sb->local_nls, | 248 | buf_size, cifs_sb->local_nls, |
249 | cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); | 249 | cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); |
250 | } else if (strncmp(ea_name, CIFS_XATTR_OS2_PREFIX, 4) == 0) { | 250 | } else if (strncmp(ea_name, CIFS_XATTR_OS2_PREFIX, 4) == 0) { |
@@ -252,7 +252,7 @@ ssize_t cifs_getxattr(struct dentry *direntry, const char *ea_name, | |||
252 | goto get_ea_exit; | 252 | goto get_ea_exit; |
253 | 253 | ||
254 | ea_name += 4; /* skip past os2. prefix */ | 254 | ea_name += 4; /* skip past os2. prefix */ |
255 | rc = CIFSSMBQueryEA(xid, pTcon, full_path, ea_name, ea_value, | 255 | rc = CIFSSMBQAllEAs(xid, pTcon, full_path, ea_name, ea_value, |
256 | buf_size, cifs_sb->local_nls, | 256 | buf_size, cifs_sb->local_nls, |
257 | cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); | 257 | cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); |
258 | } else if (strncmp(ea_name, POSIX_ACL_XATTR_ACCESS, | 258 | } else if (strncmp(ea_name, POSIX_ACL_XATTR_ACCESS, |
@@ -364,8 +364,8 @@ ssize_t cifs_listxattr(struct dentry *direntry, char *data, size_t buf_size) | |||
364 | /* if proc/fs/cifs/streamstoxattr is set then | 364 | /* if proc/fs/cifs/streamstoxattr is set then |
365 | search server for EAs or streams to | 365 | search server for EAs or streams to |
366 | returns as xattrs */ | 366 | returns as xattrs */ |
367 | rc = CIFSSMBQAllEAs(xid, pTcon, full_path, data, buf_size, | 367 | rc = CIFSSMBQAllEAs(xid, pTcon, full_path, NULL, data, |
368 | cifs_sb->local_nls, | 368 | buf_size, cifs_sb->local_nls, |
369 | cifs_sb->mnt_cifs_flags & | 369 | cifs_sb->mnt_cifs_flags & |
370 | CIFS_MOUNT_MAP_SPECIAL_CHR); | 370 | CIFS_MOUNT_MAP_SPECIAL_CHR); |
371 | 371 | ||