aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/cifs/CHANGES3
-rw-r--r--fs/cifs/cifs_spnego.c2
-rw-r--r--fs/cifs/cifsfs.c48
-rw-r--r--fs/cifs/cifsglob.h3
-rw-r--r--fs/cifs/cifspdu.h8
-rw-r--r--fs/cifs/cifssmb.c6
-rw-r--r--fs/cifs/connect.c205
-rw-r--r--fs/cifs/dir.c145
-rw-r--r--fs/cifs/dns_resolve.c2
-rw-r--r--fs/cifs/file.c127
-rw-r--r--fs/cifs/inode.c77
-rw-r--r--fs/cifs/readdir.c6
-rw-r--r--fs/cifs/sess.c47
13 files changed, 407 insertions, 272 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES
index 65984006192c..9d1fb6ec8a5a 100644
--- a/fs/cifs/CHANGES
+++ b/fs/cifs/CHANGES
@@ -15,7 +15,8 @@ Posix file open support added (turned off after one attempt if server
15fails to support it properly, as with Samba server versions prior to 3.3.2) 15fails to support it properly, as with Samba server versions prior to 3.3.2)
16Fix "redzone overwritten" bug in cifs_put_tcon (CIFSTcon may allocate too 16Fix "redzone overwritten" bug in cifs_put_tcon (CIFSTcon may allocate too
17little memory for the "nativeFileSystem" field returned by the server 17little memory for the "nativeFileSystem" field returned by the server
18during mount). 18during mount). Endian convert inode numbers if necessary (makes it easier
19to compare inode numbers on network files from big endian systems).
19 20
20Version 1.56 21Version 1.56
21------------ 22------------
diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c
index 3fd3a9df043a..67bf93a40d2e 100644
--- a/fs/cifs/cifs_spnego.c
+++ b/fs/cifs/cifs_spnego.c
@@ -41,7 +41,7 @@ cifs_spnego_key_instantiate(struct key *key, const void *data, size_t datalen)
41 41
42 /* attach the data */ 42 /* attach the data */
43 memcpy(payload, data, datalen); 43 memcpy(payload, data, datalen);
44 rcu_assign_pointer(key->payload.data, payload); 44 key->payload.data = payload;
45 ret = 0; 45 ret = 0;
46 46
47error: 47error:
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index 38491fd3871d..0d6d8b573652 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -66,9 +66,6 @@ unsigned int sign_CIFS_PDUs = 1;
66extern struct task_struct *oplockThread; /* remove sparse warning */ 66extern struct task_struct *oplockThread; /* remove sparse warning */
67struct task_struct *oplockThread = NULL; 67struct task_struct *oplockThread = NULL;
68/* extern struct task_struct * dnotifyThread; remove sparse warning */ 68/* extern struct task_struct * dnotifyThread; remove sparse warning */
69#ifdef CONFIG_CIFS_EXPERIMENTAL
70static struct task_struct *dnotifyThread = NULL;
71#endif
72static const struct super_operations cifs_super_ops; 69static const struct super_operations cifs_super_ops;
73unsigned int CIFSMaxBufSize = CIFS_MAX_MSGSIZE; 70unsigned int CIFSMaxBufSize = CIFS_MAX_MSGSIZE;
74module_param(CIFSMaxBufSize, int, 0); 71module_param(CIFSMaxBufSize, int, 0);
@@ -316,6 +313,7 @@ cifs_alloc_inode(struct super_block *sb)
316 cifs_inode->clientCanCacheAll = false; 313 cifs_inode->clientCanCacheAll = false;
317 cifs_inode->delete_pending = false; 314 cifs_inode->delete_pending = false;
318 cifs_inode->vfs_inode.i_blkbits = 14; /* 2**14 = CIFS_MAX_MSGSIZE */ 315 cifs_inode->vfs_inode.i_blkbits = 14; /* 2**14 = CIFS_MAX_MSGSIZE */
316 cifs_inode->server_eof = 0;
319 317
320 /* Can not set i_flags here - they get immediately overwritten 318 /* Can not set i_flags here - they get immediately overwritten
321 to zero by the VFS */ 319 to zero by the VFS */
@@ -1040,34 +1038,6 @@ static int cifs_oplock_thread(void *dummyarg)
1040 return 0; 1038 return 0;
1041} 1039}
1042 1040
1043#ifdef CONFIG_CIFS_EXPERIMENTAL
1044static int cifs_dnotify_thread(void *dummyarg)
1045{
1046 struct list_head *tmp;
1047 struct TCP_Server_Info *server;
1048
1049 do {
1050 if (try_to_freeze())
1051 continue;
1052 set_current_state(TASK_INTERRUPTIBLE);
1053 schedule_timeout(15*HZ);
1054 /* check if any stuck requests that need
1055 to be woken up and wakeq so the
1056 thread can wake up and error out */
1057 read_lock(&cifs_tcp_ses_lock);
1058 list_for_each(tmp, &cifs_tcp_ses_list) {
1059 server = list_entry(tmp, struct TCP_Server_Info,
1060 tcp_ses_list);
1061 if (atomic_read(&server->inFlight))
1062 wake_up_all(&server->response_q);
1063 }
1064 read_unlock(&cifs_tcp_ses_lock);
1065 } while (!kthread_should_stop());
1066
1067 return 0;
1068}
1069#endif
1070
1071static int __init 1041static int __init
1072init_cifs(void) 1042init_cifs(void)
1073{ 1043{
@@ -1144,21 +1114,8 @@ init_cifs(void)
1144 goto out_unregister_dfs_key_type; 1114 goto out_unregister_dfs_key_type;
1145 } 1115 }
1146 1116
1147#ifdef CONFIG_CIFS_EXPERIMENTAL
1148 dnotifyThread = kthread_run(cifs_dnotify_thread, NULL, "cifsdnotifyd");
1149 if (IS_ERR(dnotifyThread)) {
1150 rc = PTR_ERR(dnotifyThread);
1151 cERROR(1, ("error %d create dnotify thread", rc));
1152 goto out_stop_oplock_thread;
1153 }
1154#endif
1155
1156 return 0; 1117 return 0;
1157 1118
1158#ifdef CONFIG_CIFS_EXPERIMENTAL
1159 out_stop_oplock_thread:
1160#endif
1161 kthread_stop(oplockThread);
1162 out_unregister_dfs_key_type: 1119 out_unregister_dfs_key_type:
1163#ifdef CONFIG_CIFS_DFS_UPCALL 1120#ifdef CONFIG_CIFS_DFS_UPCALL
1164 unregister_key_type(&key_type_dns_resolver); 1121 unregister_key_type(&key_type_dns_resolver);
@@ -1196,9 +1153,6 @@ exit_cifs(void)
1196 cifs_destroy_inodecache(); 1153 cifs_destroy_inodecache();
1197 cifs_destroy_mids(); 1154 cifs_destroy_mids();
1198 cifs_destroy_request_bufs(); 1155 cifs_destroy_request_bufs();
1199#ifdef CONFIG_CIFS_EXPERIMENTAL
1200 kthread_stop(dnotifyThread);
1201#endif
1202 kthread_stop(oplockThread); 1156 kthread_stop(oplockThread);
1203} 1157}
1204 1158
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 9fbf4dff5da6..df40ab64cd95 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -350,7 +350,7 @@ struct cifsFileInfo {
350 bool invalidHandle:1; /* file closed via session abend */ 350 bool invalidHandle:1; /* file closed via session abend */
351 bool messageMode:1; /* for pipes: message vs byte mode */ 351 bool messageMode:1; /* for pipes: message vs byte mode */
352 atomic_t wrtPending; /* handle in use - defer close */ 352 atomic_t wrtPending; /* handle in use - defer close */
353 struct semaphore fh_sem; /* prevents reopen race after dead ses*/ 353 struct mutex fh_mutex; /* prevents reopen race after dead ses*/
354 struct cifs_search_info srch_inf; 354 struct cifs_search_info srch_inf;
355}; 355};
356 356
@@ -370,6 +370,7 @@ struct cifsInodeInfo {
370 bool clientCanCacheAll:1; /* read and writebehind oplock */ 370 bool clientCanCacheAll:1; /* read and writebehind oplock */
371 bool oplockPending:1; 371 bool oplockPending:1;
372 bool delete_pending:1; /* DELETE_ON_CLOSE is set */ 372 bool delete_pending:1; /* DELETE_ON_CLOSE is set */
373 u64 server_eof; /* current file size on server */
373 struct inode vfs_inode; 374 struct inode vfs_inode;
374}; 375};
375 376
diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h
index b370489c8da5..a785f69dbc9f 100644
--- a/fs/cifs/cifspdu.h
+++ b/fs/cifs/cifspdu.h
@@ -2163,7 +2163,7 @@ typedef struct {
2163 __le32 Type; 2163 __le32 Type;
2164 __le64 DevMajor; 2164 __le64 DevMajor;
2165 __le64 DevMinor; 2165 __le64 DevMinor;
2166 __u64 UniqueId; 2166 __le64 UniqueId;
2167 __le64 Permissions; 2167 __le64 Permissions;
2168 __le64 Nlinks; 2168 __le64 Nlinks;
2169} __attribute__((packed)) FILE_UNIX_BASIC_INFO; /* level 0x200 QPathInfo */ 2169} __attribute__((packed)) FILE_UNIX_BASIC_INFO; /* level 0x200 QPathInfo */
@@ -2308,7 +2308,7 @@ struct unlink_psx_rq { /* level 0x20a SetPathInfo */
2308} __attribute__((packed)); 2308} __attribute__((packed));
2309 2309
2310struct file_internal_info { 2310struct file_internal_info {
2311 __u64 UniqueId; /* inode number */ 2311 __le64 UniqueId; /* inode number */
2312} __attribute__((packed)); /* level 0x3ee */ 2312} __attribute__((packed)); /* level 0x3ee */
2313 2313
2314struct file_mode_info { 2314struct file_mode_info {
@@ -2338,7 +2338,7 @@ typedef struct {
2338 __le32 Type; 2338 __le32 Type;
2339 __le64 DevMajor; 2339 __le64 DevMajor;
2340 __le64 DevMinor; 2340 __le64 DevMinor;
2341 __u64 UniqueId; 2341 __le64 UniqueId;
2342 __le64 Permissions; 2342 __le64 Permissions;
2343 __le64 Nlinks; 2343 __le64 Nlinks;
2344 char FileName[1]; 2344 char FileName[1];
@@ -2386,7 +2386,7 @@ typedef struct {
2386 __le32 FileNameLength; 2386 __le32 FileNameLength;
2387 __le32 EaSize; /* EA size */ 2387 __le32 EaSize; /* EA size */
2388 __le32 Reserved; 2388 __le32 Reserved;
2389 __u64 UniqueId; /* inode num - le since Samba puts ino in low 32 bit*/ 2389 __le64 UniqueId; /* inode num - le since Samba puts ino in low 32 bit*/
2390 char FileName[1]; 2390 char FileName[1];
2391} __attribute__((packed)) SEARCH_ID_FULL_DIR_INFO; /* level 0x105 FF rsp data */ 2391} __attribute__((packed)) SEARCH_ID_FULL_DIR_INFO; /* level 0x105 FF rsp data */
2392 2392
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index bc09c998631f..a0845dc7b8a9 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -1626,6 +1626,8 @@ CIFSSMBWrite2(const int xid, struct cifsTconInfo *tcon,
1626 int smb_hdr_len; 1626 int smb_hdr_len;
1627 int resp_buf_type = 0; 1627 int resp_buf_type = 0;
1628 1628
1629 *nbytes = 0;
1630
1629 cFYI(1, ("write2 at %lld %d bytes", (long long)offset, count)); 1631 cFYI(1, ("write2 at %lld %d bytes", (long long)offset, count));
1630 1632
1631 if (tcon->ses->capabilities & CAP_LARGE_FILES) { 1633 if (tcon->ses->capabilities & CAP_LARGE_FILES) {
@@ -1682,11 +1684,9 @@ CIFSSMBWrite2(const int xid, struct cifsTconInfo *tcon,
1682 cifs_stats_inc(&tcon->num_writes); 1684 cifs_stats_inc(&tcon->num_writes);
1683 if (rc) { 1685 if (rc) {
1684 cFYI(1, ("Send error Write2 = %d", rc)); 1686 cFYI(1, ("Send error Write2 = %d", rc));
1685 *nbytes = 0;
1686 } else if (resp_buf_type == 0) { 1687 } else if (resp_buf_type == 0) {
1687 /* presumably this can not happen, but best to be safe */ 1688 /* presumably this can not happen, but best to be safe */
1688 rc = -EIO; 1689 rc = -EIO;
1689 *nbytes = 0;
1690 } else { 1690 } else {
1691 WRITE_RSP *pSMBr = (WRITE_RSP *)iov[0].iov_base; 1691 WRITE_RSP *pSMBr = (WRITE_RSP *)iov[0].iov_base;
1692 *nbytes = le16_to_cpu(pSMBr->CountHigh); 1692 *nbytes = le16_to_cpu(pSMBr->CountHigh);
@@ -3918,7 +3918,7 @@ GetInodeNumberRetry:
3918 } 3918 }
3919 pfinfo = (struct file_internal_info *) 3919 pfinfo = (struct file_internal_info *)
3920 (data_offset + (char *) &pSMBr->hdr.Protocol); 3920 (data_offset + (char *) &pSMBr->hdr.Protocol);
3921 *inode_number = pfinfo->UniqueId; 3921 *inode_number = le64_to_cpu(pfinfo->UniqueId);
3922 } 3922 }
3923 } 3923 }
3924GetInodeNumOut: 3924GetInodeNumOut:
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 0de3b5615a22..bacdef1546b7 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2214,9 +2214,58 @@ is_path_accessible(int xid, struct cifsTconInfo *tcon,
2214 return rc; 2214 return rc;
2215} 2215}
2216 2216
2217static void
2218cleanup_volume_info(struct smb_vol **pvolume_info)
2219{
2220 struct smb_vol *volume_info;
2221
2222 if (!pvolume_info && !*pvolume_info)
2223 return;
2224
2225 volume_info = *pvolume_info;
2226 kzfree(volume_info->password);
2227 kfree(volume_info->UNC);
2228 kfree(volume_info->prepath);
2229 kfree(volume_info);
2230 *pvolume_info = NULL;
2231 return;
2232}
2233
2234#ifdef CONFIG_CIFS_DFS_UPCALL
2235/* build_path_to_root returns full path to root when
2236 * we do not have an exiting connection (tcon) */
2237static char *
2238build_unc_path_to_root(const struct smb_vol *volume_info,
2239 const struct cifs_sb_info *cifs_sb)
2240{
2241 char *full_path;
2242
2243 int unc_len = strnlen(volume_info->UNC, MAX_TREE_SIZE + 1);
2244 full_path = kmalloc(unc_len + cifs_sb->prepathlen + 1, GFP_KERNEL);
2245 if (full_path == NULL)
2246 return ERR_PTR(-ENOMEM);
2247
2248 strncpy(full_path, volume_info->UNC, unc_len);
2249 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) {
2250 int i;
2251 for (i = 0; i < unc_len; i++) {
2252 if (full_path[i] == '\\')
2253 full_path[i] = '/';
2254 }
2255 }
2256
2257 if (cifs_sb->prepathlen)
2258 strncpy(full_path + unc_len, cifs_sb->prepath,
2259 cifs_sb->prepathlen);
2260
2261 full_path[unc_len + cifs_sb->prepathlen] = 0; /* add trailing null */
2262 return full_path;
2263}
2264#endif
2265
2217int 2266int
2218cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, 2267cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2219 char *mount_data, const char *devname) 2268 char *mount_data_global, const char *devname)
2220{ 2269{
2221 int rc = 0; 2270 int rc = 0;
2222 int xid; 2271 int xid;
@@ -2225,6 +2274,13 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2225 struct cifsTconInfo *tcon = NULL; 2274 struct cifsTconInfo *tcon = NULL;
2226 struct TCP_Server_Info *srvTcp = NULL; 2275 struct TCP_Server_Info *srvTcp = NULL;
2227 char *full_path; 2276 char *full_path;
2277 char *mount_data = mount_data_global;
2278#ifdef CONFIG_CIFS_DFS_UPCALL
2279 struct dfs_info3_param *referrals = NULL;
2280 unsigned int num_referrals = 0;
2281try_mount_again:
2282#endif
2283 full_path = NULL;
2228 2284
2229 xid = GetXid(); 2285 xid = GetXid();
2230 2286
@@ -2371,11 +2427,9 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2371 } 2427 }
2372 } 2428 }
2373 2429
2374 /* check for null share name ie connect to dfs root */
2375 if ((strchr(volume_info->UNC + 3, '\\') == NULL) 2430 if ((strchr(volume_info->UNC + 3, '\\') == NULL)
2376 && (strchr(volume_info->UNC + 3, '/') == NULL)) { 2431 && (strchr(volume_info->UNC + 3, '/') == NULL)) {
2377 /* rc = connect_to_dfs_path(...) */ 2432 cERROR(1, ("Missing share name"));
2378 cFYI(1, ("DFS root not supported"));
2379 rc = -ENODEV; 2433 rc = -ENODEV;
2380 goto mount_fail_check; 2434 goto mount_fail_check;
2381 } else { 2435 } else {
@@ -2392,7 +2446,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2392 } 2446 }
2393 } 2447 }
2394 if (rc) 2448 if (rc)
2395 goto mount_fail_check; 2449 goto remote_path_check;
2396 tcon->seal = volume_info->seal; 2450 tcon->seal = volume_info->seal;
2397 write_lock(&cifs_tcp_ses_lock); 2451 write_lock(&cifs_tcp_ses_lock);
2398 list_add(&tcon->tcon_list, &pSesInfo->tcon_list); 2452 list_add(&tcon->tcon_list, &pSesInfo->tcon_list);
@@ -2417,19 +2471,9 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2417 /* BB FIXME fix time_gran to be larger for LANMAN sessions */ 2471 /* BB FIXME fix time_gran to be larger for LANMAN sessions */
2418 sb->s_time_gran = 100; 2472 sb->s_time_gran = 100;
2419 2473
2420mount_fail_check: 2474 if (rc)
2421 /* on error free sesinfo and tcon struct if needed */ 2475 goto remote_path_check;
2422 if (rc) { 2476
2423 /* If find_unc succeeded then rc == 0 so we can not end */
2424 /* up accidently freeing someone elses tcon struct */
2425 if (tcon)
2426 cifs_put_tcon(tcon);
2427 else if (pSesInfo)
2428 cifs_put_smb_ses(pSesInfo);
2429 else
2430 cifs_put_tcp_session(srvTcp);
2431 goto out;
2432 }
2433 cifs_sb->tcon = tcon; 2477 cifs_sb->tcon = tcon;
2434 2478
2435 /* do not care if following two calls succeed - informational */ 2479 /* do not care if following two calls succeed - informational */
@@ -2461,7 +2505,9 @@ mount_fail_check:
2461 cifs_sb->rsize = min(cifs_sb->rsize, 2505 cifs_sb->rsize = min(cifs_sb->rsize,
2462 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE)); 2506 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2463 2507
2464 if (!rc && cifs_sb->prepathlen) { 2508remote_path_check:
2509 /* check if a whole path (including prepath) is not remote */
2510 if (!rc && cifs_sb->prepathlen && tcon) {
2465 /* build_path_to_root works only when we have a valid tcon */ 2511 /* build_path_to_root works only when we have a valid tcon */
2466 full_path = cifs_build_path_to_root(cifs_sb); 2512 full_path = cifs_build_path_to_root(cifs_sb);
2467 if (full_path == NULL) { 2513 if (full_path == NULL) {
@@ -2469,31 +2515,79 @@ mount_fail_check:
2469 goto mount_fail_check; 2515 goto mount_fail_check;
2470 } 2516 }
2471 rc = is_path_accessible(xid, tcon, cifs_sb, full_path); 2517 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
2472 if (rc) { 2518 if (rc != -EREMOTE) {
2473 cERROR(1, ("Path %s in not accessible: %d",
2474 full_path, rc));
2475 kfree(full_path); 2519 kfree(full_path);
2476 goto mount_fail_check; 2520 goto mount_fail_check;
2477 } 2521 }
2478 kfree(full_path); 2522 kfree(full_path);
2479 } 2523 }
2480 2524
2525 /* get referral if needed */
2526 if (rc == -EREMOTE) {
2527#ifdef CONFIG_CIFS_DFS_UPCALL
2528 /* convert forward to back slashes in prepath here if needed */
2529 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2530 convert_delimiter(cifs_sb->prepath,
2531 CIFS_DIR_SEP(cifs_sb));
2532 full_path = build_unc_path_to_root(volume_info, cifs_sb);
2533 if (IS_ERR(full_path)) {
2534 rc = PTR_ERR(full_path);
2535 goto mount_fail_check;
2536 }
2537
2538 cFYI(1, ("Getting referral for: %s", full_path));
2539 rc = get_dfs_path(xid, pSesInfo , full_path + 1,
2540 cifs_sb->local_nls, &num_referrals, &referrals,
2541 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
2542 if (!rc && num_referrals > 0) {
2543 char *fake_devname = NULL;
2544
2545 if (mount_data != mount_data_global)
2546 kfree(mount_data);
2547 mount_data = cifs_compose_mount_options(
2548 cifs_sb->mountdata, full_path + 1,
2549 referrals, &fake_devname);
2550 kfree(fake_devname);
2551 free_dfs_info_array(referrals, num_referrals);
2552
2553 if (tcon)
2554 cifs_put_tcon(tcon);
2555 else if (pSesInfo)
2556 cifs_put_smb_ses(pSesInfo);
2557
2558 cleanup_volume_info(&volume_info);
2559 FreeXid(xid);
2560 kfree(full_path);
2561 goto try_mount_again;
2562 }
2563#else /* No DFS support, return error on mount */
2564 rc = -EOPNOTSUPP;
2565#endif
2566 }
2567
2568mount_fail_check:
2569 /* on error free sesinfo and tcon struct if needed */
2570 if (rc) {
2571 if (mount_data != mount_data_global)
2572 kfree(mount_data);
2573 /* If find_unc succeeded then rc == 0 so we can not end */
2574 /* up accidently freeing someone elses tcon struct */
2575 if (tcon)
2576 cifs_put_tcon(tcon);
2577 else if (pSesInfo)
2578 cifs_put_smb_ses(pSesInfo);
2579 else
2580 cifs_put_tcp_session(srvTcp);
2581 goto out;
2582 }
2583
2481 /* volume_info->password is freed above when existing session found 2584 /* volume_info->password is freed above when existing session found
2482 (in which case it is not needed anymore) but when new sesion is created 2585 (in which case it is not needed anymore) but when new sesion is created
2483 the password ptr is put in the new session structure (in which case the 2586 the password ptr is put in the new session structure (in which case the
2484 password will be freed at unmount time) */ 2587 password will be freed at unmount time) */
2485out: 2588out:
2486 /* zero out password before freeing */ 2589 /* zero out password before freeing */
2487 if (volume_info) { 2590 cleanup_volume_info(&volume_info);
2488 if (volume_info->password != NULL) {
2489 memset(volume_info->password, 0,
2490 strlen(volume_info->password));
2491 kfree(volume_info->password);
2492 }
2493 kfree(volume_info->UNC);
2494 kfree(volume_info->prepath);
2495 kfree(volume_info);
2496 }
2497 FreeXid(xid); 2591 FreeXid(xid);
2498 return rc; 2592 return rc;
2499} 2593}
@@ -2673,8 +2767,7 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2673/* We look for obvious messed up bcc or strings in response so we do not go off 2767/* We look for obvious messed up bcc or strings in response so we do not go off
2674 the end since (at least) WIN2K and Windows XP have a major bug in not null 2768 the end since (at least) WIN2K and Windows XP have a major bug in not null
2675 terminating last Unicode string in response */ 2769 terminating last Unicode string in response */
2676 if (ses->serverOS) 2770 kfree(ses->serverOS);
2677 kfree(ses->serverOS);
2678 ses->serverOS = kzalloc(2 * (len + 1), 2771 ses->serverOS = kzalloc(2 * (len + 1),
2679 GFP_KERNEL); 2772 GFP_KERNEL);
2680 if (ses->serverOS == NULL) 2773 if (ses->serverOS == NULL)
@@ -2710,8 +2803,7 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2710 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words); 2803 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2711 /* last string is not always null terminated 2804 /* last string is not always null terminated
2712 (for e.g. for Windows XP & 2000) */ 2805 (for e.g. for Windows XP & 2000) */
2713 if (ses->serverDomain) 2806 kfree(ses->serverDomain);
2714 kfree(ses->serverDomain);
2715 ses->serverDomain = 2807 ses->serverDomain =
2716 kzalloc(2*(len+1), 2808 kzalloc(2*(len+1),
2717 GFP_KERNEL); 2809 GFP_KERNEL);
@@ -2725,8 +2817,7 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2725 ses->serverDomain[1+(2*len)] = 0; 2817 ses->serverDomain[1+(2*len)] = 0;
2726 } else { /* else no more room so create 2818 } else { /* else no more room so create
2727 dummy domain string */ 2819 dummy domain string */
2728 if (ses->serverDomain) 2820 kfree(ses->serverDomain);
2729 kfree(ses->serverDomain);
2730 ses->serverDomain = 2821 ses->serverDomain =
2731 kzalloc(2, GFP_KERNEL); 2822 kzalloc(2, GFP_KERNEL);
2732 } 2823 }
@@ -2772,8 +2863,7 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2772 bcc_ptr++; 2863 bcc_ptr++;
2773 2864
2774 len = strnlen(bcc_ptr, 1024); 2865 len = strnlen(bcc_ptr, 1024);
2775 if (ses->serverDomain) 2866 kfree(ses->serverDomain);
2776 kfree(ses->serverDomain);
2777 ses->serverDomain = kzalloc(len + 1, 2867 ses->serverDomain = kzalloc(len + 1,
2778 GFP_KERNEL); 2868 GFP_KERNEL);
2779 if (ses->serverDomain == NULL) 2869 if (ses->serverDomain == NULL)
@@ -3013,8 +3103,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
3013/* We look for obvious messed up bcc or strings in response so we do not go off 3103/* We look for obvious messed up bcc or strings in response so we do not go off
3014 the end since (at least) WIN2K and Windows XP have a major bug in not null 3104 the end since (at least) WIN2K and Windows XP have a major bug in not null
3015 terminating last Unicode string in response */ 3105 terminating last Unicode string in response */
3016 if (ses->serverOS) 3106 kfree(ses->serverOS);
3017 kfree(ses->serverOS);
3018 ses->serverOS = 3107 ses->serverOS =
3019 kzalloc(2 * (len + 1), GFP_KERNEL); 3108 kzalloc(2 * (len + 1), GFP_KERNEL);
3020 cifs_strfromUCS_le(ses->serverOS, 3109 cifs_strfromUCS_le(ses->serverOS,
@@ -3086,8 +3175,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
3086 if (((long) bcc_ptr + len) - (long) 3175 if (((long) bcc_ptr + len) - (long)
3087 pByteArea(smb_buffer_response) 3176 pByteArea(smb_buffer_response)
3088 <= BCC(smb_buffer_response)) { 3177 <= BCC(smb_buffer_response)) {
3089 if (ses->serverOS) 3178 kfree(ses->serverOS);
3090 kfree(ses->serverOS);
3091 ses->serverOS = 3179 ses->serverOS =
3092 kzalloc(len + 1, 3180 kzalloc(len + 1,
3093 GFP_KERNEL); 3181 GFP_KERNEL);
@@ -3414,8 +3502,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3414/* We look for obvious messed up bcc or strings in response so we do not go off 3502/* We look for obvious messed up bcc or strings in response so we do not go off
3415 the end since (at least) WIN2K and Windows XP have a major bug in not null 3503 the end since (at least) WIN2K and Windows XP have a major bug in not null
3416 terminating last Unicode string in response */ 3504 terminating last Unicode string in response */
3417 if (ses->serverOS) 3505 kfree(ses->serverOS);
3418 kfree(ses->serverOS);
3419 ses->serverOS = 3506 ses->serverOS =
3420 kzalloc(2 * (len + 1), GFP_KERNEL); 3507 kzalloc(2 * (len + 1), GFP_KERNEL);
3421 cifs_strfromUCS_le(ses->serverOS, 3508 cifs_strfromUCS_le(ses->serverOS,
@@ -3448,8 +3535,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3448 if (remaining_words > 0) { 3535 if (remaining_words > 0) {
3449 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words); 3536 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
3450 /* last string not always null terminated (e.g. for Windows XP & 2000) */ 3537 /* last string not always null terminated (e.g. for Windows XP & 2000) */
3451 if (ses->serverDomain) 3538 kfree(ses->serverDomain);
3452 kfree(ses->serverDomain);
3453 ses->serverDomain = 3539 ses->serverDomain =
3454 kzalloc(2 * 3540 kzalloc(2 *
3455 (len + 3541 (len +
@@ -3476,13 +3562,11 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3476 = 0; 3562 = 0;
3477 } /* else no more room so create dummy domain string */ 3563 } /* else no more room so create dummy domain string */
3478 else { 3564 else {
3479 if (ses->serverDomain) 3565 kfree(ses->serverDomain);
3480 kfree(ses->serverDomain);
3481 ses->serverDomain = kzalloc(2,GFP_KERNEL); 3566 ses->serverDomain = kzalloc(2,GFP_KERNEL);
3482 } 3567 }
3483 } else { /* no room so create dummy domain and NOS string */ 3568 } else { /* no room so create dummy domain and NOS string */
3484 if (ses->serverDomain) 3569 kfree(ses->serverDomain);
3485 kfree(ses->serverDomain);
3486 ses->serverDomain = kzalloc(2, GFP_KERNEL); 3570 ses->serverDomain = kzalloc(2, GFP_KERNEL);
3487 kfree(ses->serverNOS); 3571 kfree(ses->serverNOS);
3488 ses->serverNOS = kzalloc(2, GFP_KERNEL); 3572 ses->serverNOS = kzalloc(2, GFP_KERNEL);
@@ -3492,8 +3576,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3492 if (((long) bcc_ptr + len) - 3576 if (((long) bcc_ptr + len) -
3493 (long) pByteArea(smb_buffer_response) 3577 (long) pByteArea(smb_buffer_response)
3494 <= BCC(smb_buffer_response)) { 3578 <= BCC(smb_buffer_response)) {
3495 if (ses->serverOS) 3579 kfree(ses->serverOS);
3496 kfree(ses->serverOS);
3497 ses->serverOS = kzalloc(len + 1, GFP_KERNEL); 3580 ses->serverOS = kzalloc(len + 1, GFP_KERNEL);
3498 strncpy(ses->serverOS,bcc_ptr, len); 3581 strncpy(ses->serverOS,bcc_ptr, len);
3499 3582
@@ -3512,8 +3595,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3512 bcc_ptr++; 3595 bcc_ptr++;
3513 3596
3514 len = strnlen(bcc_ptr, 1024); 3597 len = strnlen(bcc_ptr, 1024);
3515 if (ses->serverDomain) 3598 kfree(ses->serverDomain);
3516 kfree(ses->serverDomain);
3517 ses->serverDomain = 3599 ses->serverDomain =
3518 kzalloc(len+1, 3600 kzalloc(len+1,
3519 GFP_KERNEL); 3601 GFP_KERNEL);
@@ -3674,16 +3756,15 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3674 BCC(smb_buffer_response)) { 3756 BCC(smb_buffer_response)) {
3675 kfree(tcon->nativeFileSystem); 3757 kfree(tcon->nativeFileSystem);
3676 tcon->nativeFileSystem = 3758 tcon->nativeFileSystem =
3677 kzalloc(2*(length + 1), GFP_KERNEL); 3759 kzalloc((4 * length) + 2, GFP_KERNEL);
3678 if (tcon->nativeFileSystem) 3760 if (tcon->nativeFileSystem) {
3679 cifs_strfromUCS_le( 3761 cifs_strfromUCS_le(
3680 tcon->nativeFileSystem, 3762 tcon->nativeFileSystem,
3681 (__le16 *) bcc_ptr, 3763 (__le16 *) bcc_ptr,
3682 length, nls_codepage); 3764 length, nls_codepage);
3683 bcc_ptr += 2 * length; 3765 cFYI(1, ("nativeFileSystem=%s",
3684 bcc_ptr[0] = 0; /* null terminate the string */ 3766 tcon->nativeFileSystem));
3685 bcc_ptr[1] = 0; 3767 }
3686 bcc_ptr += 2;
3687 } 3768 }
3688 /* else do not bother copying these information fields*/ 3769 /* else do not bother copying these information fields*/
3689 } else { 3770 } else {
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
index 54dce78fbb73..461750e01364 100644
--- a/fs/cifs/dir.c
+++ b/fs/cifs/dir.c
@@ -129,12 +129,62 @@ cifs_bp_rename_retry:
129 return full_path; 129 return full_path;
130} 130}
131 131
132static void
133cifs_fill_fileinfo(struct inode *newinode, __u16 fileHandle,
134 struct cifsTconInfo *tcon, bool write_only)
135{
136 int oplock = 0;
137 struct cifsFileInfo *pCifsFile;
138 struct cifsInodeInfo *pCifsInode;
139
140 pCifsFile = kzalloc(sizeof(struct cifsFileInfo), GFP_KERNEL);
141
142 if (pCifsFile == NULL)
143 return;
144
145 if (oplockEnabled)
146 oplock = REQ_OPLOCK;
147
148 pCifsFile->netfid = fileHandle;
149 pCifsFile->pid = current->tgid;
150 pCifsFile->pInode = newinode;
151 pCifsFile->invalidHandle = false;
152 pCifsFile->closePend = false;
153 mutex_init(&pCifsFile->fh_mutex);
154 mutex_init(&pCifsFile->lock_mutex);
155 INIT_LIST_HEAD(&pCifsFile->llist);
156 atomic_set(&pCifsFile->wrtPending, 0);
157
158 /* set the following in open now
159 pCifsFile->pfile = file; */
160 write_lock(&GlobalSMBSeslock);
161 list_add(&pCifsFile->tlist, &tcon->openFileList);
162 pCifsInode = CIFS_I(newinode);
163 if (pCifsInode) {
164 /* if readable file instance put first in list*/
165 if (write_only)
166 list_add_tail(&pCifsFile->flist,
167 &pCifsInode->openFileList);
168 else
169 list_add(&pCifsFile->flist, &pCifsInode->openFileList);
170
171 if ((oplock & 0xF) == OPLOCK_EXCLUSIVE) {
172 pCifsInode->clientCanCacheAll = true;
173 pCifsInode->clientCanCacheRead = true;
174 cFYI(1, ("Exclusive Oplock inode %p", newinode));
175 } else if ((oplock & 0xF) == OPLOCK_READ)
176 pCifsInode->clientCanCacheRead = true;
177 }
178 write_unlock(&GlobalSMBSeslock);
179}
180
132int cifs_posix_open(char *full_path, struct inode **pinode, 181int cifs_posix_open(char *full_path, struct inode **pinode,
133 struct super_block *sb, int mode, int oflags, 182 struct super_block *sb, int mode, int oflags,
134 int *poplock, __u16 *pnetfid, int xid) 183 int *poplock, __u16 *pnetfid, int xid)
135{ 184{
136 int rc; 185 int rc;
137 __u32 oplock; 186 __u32 oplock;
187 bool write_only = false;
138 FILE_UNIX_BASIC_INFO *presp_data; 188 FILE_UNIX_BASIC_INFO *presp_data;
139 __u32 posix_flags = 0; 189 __u32 posix_flags = 0;
140 struct cifs_sb_info *cifs_sb = CIFS_SB(sb); 190 struct cifs_sb_info *cifs_sb = CIFS_SB(sb);
@@ -172,6 +222,8 @@ int cifs_posix_open(char *full_path, struct inode **pinode,
172 if (oflags & O_DIRECT) 222 if (oflags & O_DIRECT)
173 posix_flags |= SMB_O_DIRECT; 223 posix_flags |= SMB_O_DIRECT;
174 224
225 if (!(oflags & FMODE_READ))
226 write_only = true;
175 227
176 rc = CIFSPOSIXCreate(xid, cifs_sb->tcon, posix_flags, mode, 228 rc = CIFSPOSIXCreate(xid, cifs_sb->tcon, posix_flags, mode,
177 pnetfid, presp_data, &oplock, full_path, 229 pnetfid, presp_data, &oplock, full_path,
@@ -187,8 +239,10 @@ int cifs_posix_open(char *full_path, struct inode **pinode,
187 if (!pinode) 239 if (!pinode)
188 goto posix_open_ret; /* caller does not need info */ 240 goto posix_open_ret; /* caller does not need info */
189 241
190 if (*pinode == NULL) 242 if (*pinode == NULL) {
191 *pinode = cifs_new_inode(sb, &presp_data->UniqueId); 243 __u64 unique_id = le64_to_cpu(presp_data->UniqueId);
244 *pinode = cifs_new_inode(sb, &unique_id);
245 }
192 /* else an inode was passed in. Update its info, don't create one */ 246 /* else an inode was passed in. Update its info, don't create one */
193 247
194 /* We do not need to close the file if new_inode fails since 248 /* We do not need to close the file if new_inode fails since
@@ -198,6 +252,8 @@ int cifs_posix_open(char *full_path, struct inode **pinode,
198 252
199 posix_fill_in_inode(*pinode, presp_data, 1); 253 posix_fill_in_inode(*pinode, presp_data, 1);
200 254
255 cifs_fill_fileinfo(*pinode, *pnetfid, cifs_sb->tcon, write_only);
256
201posix_open_ret: 257posix_open_ret:
202 kfree(presp_data); 258 kfree(presp_data);
203 return rc; 259 return rc;
@@ -239,7 +295,6 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
239 char *full_path = NULL; 295 char *full_path = NULL;
240 FILE_ALL_INFO *buf = NULL; 296 FILE_ALL_INFO *buf = NULL;
241 struct inode *newinode = NULL; 297 struct inode *newinode = NULL;
242 struct cifsInodeInfo *pCifsInode;
243 int disposition = FILE_OVERWRITE_IF; 298 int disposition = FILE_OVERWRITE_IF;
244 bool write_only = false; 299 bool write_only = false;
245 300
@@ -410,44 +465,8 @@ cifs_create_set_dentry:
410 /* mknod case - do not leave file open */ 465 /* mknod case - do not leave file open */
411 CIFSSMBClose(xid, tcon, fileHandle); 466 CIFSSMBClose(xid, tcon, fileHandle);
412 } else if (newinode) { 467 } else if (newinode) {
413 struct cifsFileInfo *pCifsFile = 468 cifs_fill_fileinfo(newinode, fileHandle,
414 kzalloc(sizeof(struct cifsFileInfo), GFP_KERNEL); 469 cifs_sb->tcon, write_only);
415
416 if (pCifsFile == NULL)
417 goto cifs_create_out;
418 pCifsFile->netfid = fileHandle;
419 pCifsFile->pid = current->tgid;
420 pCifsFile->pInode = newinode;
421 pCifsFile->invalidHandle = false;
422 pCifsFile->closePend = false;
423 init_MUTEX(&pCifsFile->fh_sem);
424 mutex_init(&pCifsFile->lock_mutex);
425 INIT_LIST_HEAD(&pCifsFile->llist);
426 atomic_set(&pCifsFile->wrtPending, 0);
427
428 /* set the following in open now
429 pCifsFile->pfile = file; */
430 write_lock(&GlobalSMBSeslock);
431 list_add(&pCifsFile->tlist, &tcon->openFileList);
432 pCifsInode = CIFS_I(newinode);
433 if (pCifsInode) {
434 /* if readable file instance put first in list*/
435 if (write_only) {
436 list_add_tail(&pCifsFile->flist,
437 &pCifsInode->openFileList);
438 } else {
439 list_add(&pCifsFile->flist,
440 &pCifsInode->openFileList);
441 }
442 if ((oplock & 0xF) == OPLOCK_EXCLUSIVE) {
443 pCifsInode->clientCanCacheAll = true;
444 pCifsInode->clientCanCacheRead = true;
445 cFYI(1, ("Exclusive Oplock inode %p",
446 newinode));
447 } else if ((oplock & 0xF) == OPLOCK_READ)
448 pCifsInode->clientCanCacheRead = true;
449 }
450 write_unlock(&GlobalSMBSeslock);
451 } 470 }
452cifs_create_out: 471cifs_create_out:
453 kfree(buf); 472 kfree(buf);
@@ -580,17 +599,21 @@ int cifs_mknod(struct inode *inode, struct dentry *direntry, int mode,
580 return rc; 599 return rc;
581} 600}
582 601
583
584struct dentry * 602struct dentry *
585cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry, 603cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry,
586 struct nameidata *nd) 604 struct nameidata *nd)
587{ 605{
588 int xid; 606 int xid;
589 int rc = 0; /* to get around spurious gcc warning, set to zero here */ 607 int rc = 0; /* to get around spurious gcc warning, set to zero here */
608 int oplock = 0;
609 int mode;
610 __u16 fileHandle = 0;
611 bool posix_open = false;
590 struct cifs_sb_info *cifs_sb; 612 struct cifs_sb_info *cifs_sb;
591 struct cifsTconInfo *pTcon; 613 struct cifsTconInfo *pTcon;
592 struct inode *newInode = NULL; 614 struct inode *newInode = NULL;
593 char *full_path = NULL; 615 char *full_path = NULL;
616 struct file *filp;
594 617
595 xid = GetXid(); 618 xid = GetXid();
596 619
@@ -632,12 +655,37 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry,
632 } 655 }
633 cFYI(1, ("Full path: %s inode = 0x%p", full_path, direntry->d_inode)); 656 cFYI(1, ("Full path: %s inode = 0x%p", full_path, direntry->d_inode));
634 657
635 if (pTcon->unix_ext) 658 if (pTcon->unix_ext) {
636 rc = cifs_get_inode_info_unix(&newInode, full_path, 659 if (!(nd->flags & (LOOKUP_PARENT | LOOKUP_DIRECTORY)) &&
637 parent_dir_inode->i_sb, xid); 660 (nd->flags & LOOKUP_OPEN)) {
638 else 661 if (!((nd->intent.open.flags & O_CREAT) &&
662 (nd->intent.open.flags & O_EXCL))) {
663 mode = nd->intent.open.create_mode &
664 ~current_umask();
665 rc = cifs_posix_open(full_path, &newInode,
666 parent_dir_inode->i_sb, mode,
667 nd->intent.open.flags, &oplock,
668 &fileHandle, xid);
669 /*
670 * This code works around a bug in
671 * samba posix open in samba versions 3.3.1
672 * and earlier where create works
673 * but open fails with invalid parameter.
674 * If either of these error codes are
675 * returned, follow the normal lookup.
676 * Otherwise, the error during posix open
677 * is handled.
678 */
679 if ((rc != -EINVAL) && (rc != -EOPNOTSUPP))
680 posix_open = true;
681 }
682 }
683 if (!posix_open)
684 rc = cifs_get_inode_info_unix(&newInode, full_path,
685 parent_dir_inode->i_sb, xid);
686 } else
639 rc = cifs_get_inode_info(&newInode, full_path, NULL, 687 rc = cifs_get_inode_info(&newInode, full_path, NULL,
640 parent_dir_inode->i_sb, xid, NULL); 688 parent_dir_inode->i_sb, xid, NULL);
641 689
642 if ((rc == 0) && (newInode != NULL)) { 690 if ((rc == 0) && (newInode != NULL)) {
643 if (pTcon->nocase) 691 if (pTcon->nocase)
@@ -645,7 +693,8 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry,
645 else 693 else
646 direntry->d_op = &cifs_dentry_ops; 694 direntry->d_op = &cifs_dentry_ops;
647 d_add(direntry, newInode); 695 d_add(direntry, newInode);
648 696 if (posix_open)
697 filp = lookup_instantiate_filp(nd, direntry, NULL);
649 /* since paths are not looked up by component - the parent 698 /* since paths are not looked up by component - the parent
650 directories are presumed to be good here */ 699 directories are presumed to be good here */
651 renew_parental_timestamps(direntry); 700 renew_parental_timestamps(direntry);
diff --git a/fs/cifs/dns_resolve.c b/fs/cifs/dns_resolve.c
index 1e0c1bd8f2e4..df4a306f697e 100644
--- a/fs/cifs/dns_resolve.c
+++ b/fs/cifs/dns_resolve.c
@@ -78,7 +78,7 @@ dns_resolver_instantiate(struct key *key, const void *data,
78 } 78 }
79 79
80 key->type_data.x[0] = datalen; 80 key->type_data.x[0] = datalen;
81 rcu_assign_pointer(key->payload.data, ip); 81 key->payload.data = ip;
82 82
83 return rc; 83 return rc;
84} 84}
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 81747acca4c4..50ca088d8860 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -46,7 +46,7 @@ static inline struct cifsFileInfo *cifs_init_private(
46 memset(private_data, 0, sizeof(struct cifsFileInfo)); 46 memset(private_data, 0, sizeof(struct cifsFileInfo));
47 private_data->netfid = netfid; 47 private_data->netfid = netfid;
48 private_data->pid = current->tgid; 48 private_data->pid = current->tgid;
49 init_MUTEX(&private_data->fh_sem); 49 mutex_init(&private_data->fh_mutex);
50 mutex_init(&private_data->lock_mutex); 50 mutex_init(&private_data->lock_mutex);
51 INIT_LIST_HEAD(&private_data->llist); 51 INIT_LIST_HEAD(&private_data->llist);
52 private_data->pfile = file; /* needed for writepage */ 52 private_data->pfile = file; /* needed for writepage */
@@ -284,35 +284,32 @@ int cifs_open(struct inode *inode, struct file *file)
284 cifs_sb = CIFS_SB(inode->i_sb); 284 cifs_sb = CIFS_SB(inode->i_sb);
285 tcon = cifs_sb->tcon; 285 tcon = cifs_sb->tcon;
286 286
287 if (file->f_flags & O_CREAT) { 287 /* search inode for this file and fill in file->private_data */
288 /* search inode for this file and fill in file->private_data */ 288 pCifsInode = CIFS_I(file->f_path.dentry->d_inode);
289 pCifsInode = CIFS_I(file->f_path.dentry->d_inode); 289 read_lock(&GlobalSMBSeslock);
290 read_lock(&GlobalSMBSeslock); 290 list_for_each(tmp, &pCifsInode->openFileList) {
291 list_for_each(tmp, &pCifsInode->openFileList) { 291 pCifsFile = list_entry(tmp, struct cifsFileInfo,
292 pCifsFile = list_entry(tmp, struct cifsFileInfo, 292 flist);
293 flist); 293 if ((pCifsFile->pfile == NULL) &&
294 if ((pCifsFile->pfile == NULL) && 294 (pCifsFile->pid == current->tgid)) {
295 (pCifsFile->pid == current->tgid)) { 295 /* mode set in cifs_create */
296 /* mode set in cifs_create */ 296
297 297 /* needed for writepage */
298 /* needed for writepage */ 298 pCifsFile->pfile = file;
299 pCifsFile->pfile = file; 299
300 300 file->private_data = pCifsFile;
301 file->private_data = pCifsFile; 301 break;
302 break;
303 }
304 }
305 read_unlock(&GlobalSMBSeslock);
306 if (file->private_data != NULL) {
307 rc = 0;
308 FreeXid(xid);
309 return rc;
310 } else {
311 if (file->f_flags & O_EXCL)
312 cERROR(1, ("could not find file instance for "
313 "new file %p", file));
314 } 302 }
315 } 303 }
304 read_unlock(&GlobalSMBSeslock);
305
306 if (file->private_data != NULL) {
307 rc = 0;
308 FreeXid(xid);
309 return rc;
310 } else if ((file->f_flags & O_CREAT) && (file->f_flags & O_EXCL))
311 cERROR(1, ("could not find file instance for "
312 "new file %p", file));
316 313
317 full_path = build_path_from_dentry(file->f_path.dentry); 314 full_path = build_path_from_dentry(file->f_path.dentry);
318 if (full_path == NULL) { 315 if (full_path == NULL) {
@@ -500,9 +497,9 @@ static int cifs_reopen_file(struct file *file, bool can_flush)
500 return -EBADF; 497 return -EBADF;
501 498
502 xid = GetXid(); 499 xid = GetXid();
503 down(&pCifsFile->fh_sem); 500 mutex_unlock(&pCifsFile->fh_mutex);
504 if (!pCifsFile->invalidHandle) { 501 if (!pCifsFile->invalidHandle) {
505 up(&pCifsFile->fh_sem); 502 mutex_lock(&pCifsFile->fh_mutex);
506 FreeXid(xid); 503 FreeXid(xid);
507 return 0; 504 return 0;
508 } 505 }
@@ -533,7 +530,7 @@ static int cifs_reopen_file(struct file *file, bool can_flush)
533 if (full_path == NULL) { 530 if (full_path == NULL) {
534 rc = -ENOMEM; 531 rc = -ENOMEM;
535reopen_error_exit: 532reopen_error_exit:
536 up(&pCifsFile->fh_sem); 533 mutex_lock(&pCifsFile->fh_mutex);
537 FreeXid(xid); 534 FreeXid(xid);
538 return rc; 535 return rc;
539 } 536 }
@@ -575,14 +572,14 @@ reopen_error_exit:
575 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags & 572 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
576 CIFS_MOUNT_MAP_SPECIAL_CHR); 573 CIFS_MOUNT_MAP_SPECIAL_CHR);
577 if (rc) { 574 if (rc) {
578 up(&pCifsFile->fh_sem); 575 mutex_lock(&pCifsFile->fh_mutex);
579 cFYI(1, ("cifs_open returned 0x%x", rc)); 576 cFYI(1, ("cifs_open returned 0x%x", rc));
580 cFYI(1, ("oplock: %d", oplock)); 577 cFYI(1, ("oplock: %d", oplock));
581 } else { 578 } else {
582reopen_success: 579reopen_success:
583 pCifsFile->netfid = netfid; 580 pCifsFile->netfid = netfid;
584 pCifsFile->invalidHandle = false; 581 pCifsFile->invalidHandle = false;
585 up(&pCifsFile->fh_sem); 582 mutex_lock(&pCifsFile->fh_mutex);
586 pCifsInode = CIFS_I(inode); 583 pCifsInode = CIFS_I(inode);
587 if (pCifsInode) { 584 if (pCifsInode) {
588 if (can_flush) { 585 if (can_flush) {
@@ -971,6 +968,40 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
971 return rc; 968 return rc;
972} 969}
973 970
971/*
972 * Set the timeout on write requests past EOF. For some servers (Windows)
973 * these calls can be very long.
974 *
975 * If we're writing >10M past the EOF we give a 180s timeout. Anything less
976 * than that gets a 45s timeout. Writes not past EOF get 15s timeouts.
977 * The 10M cutoff is totally arbitrary. A better scheme for this would be
978 * welcome if someone wants to suggest one.
979 *
980 * We may be able to do a better job with this if there were some way to
981 * declare that a file should be sparse.
982 */
983static int
984cifs_write_timeout(struct cifsInodeInfo *cifsi, loff_t offset)
985{
986 if (offset <= cifsi->server_eof)
987 return CIFS_STD_OP;
988 else if (offset > (cifsi->server_eof + (10 * 1024 * 1024)))
989 return CIFS_VLONG_OP;
990 else
991 return CIFS_LONG_OP;
992}
993
994/* update the file size (if needed) after a write */
995static void
996cifs_update_eof(struct cifsInodeInfo *cifsi, loff_t offset,
997 unsigned int bytes_written)
998{
999 loff_t end_of_write = offset + bytes_written;
1000
1001 if (end_of_write > cifsi->server_eof)
1002 cifsi->server_eof = end_of_write;
1003}
1004
974ssize_t cifs_user_write(struct file *file, const char __user *write_data, 1005ssize_t cifs_user_write(struct file *file, const char __user *write_data,
975 size_t write_size, loff_t *poffset) 1006 size_t write_size, loff_t *poffset)
976{ 1007{
@@ -981,6 +1012,7 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
981 struct cifsTconInfo *pTcon; 1012 struct cifsTconInfo *pTcon;
982 int xid, long_op; 1013 int xid, long_op;
983 struct cifsFileInfo *open_file; 1014 struct cifsFileInfo *open_file;
1015 struct cifsInodeInfo *cifsi = CIFS_I(file->f_path.dentry->d_inode);
984 1016
985 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb); 1017 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb);
986 1018
@@ -1000,11 +1032,7 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
1000 1032
1001 xid = GetXid(); 1033 xid = GetXid();
1002 1034
1003 if (*poffset > file->f_path.dentry->d_inode->i_size) 1035 long_op = cifs_write_timeout(cifsi, *poffset);
1004 long_op = CIFS_VLONG_OP; /* writes past EOF take long time */
1005 else
1006 long_op = CIFS_LONG_OP;
1007
1008 for (total_written = 0; write_size > total_written; 1036 for (total_written = 0; write_size > total_written;
1009 total_written += bytes_written) { 1037 total_written += bytes_written) {
1010 rc = -EAGAIN; 1038 rc = -EAGAIN;
@@ -1048,8 +1076,10 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
1048 FreeXid(xid); 1076 FreeXid(xid);
1049 return rc; 1077 return rc;
1050 } 1078 }
1051 } else 1079 } else {
1080 cifs_update_eof(cifsi, *poffset, bytes_written);
1052 *poffset += bytes_written; 1081 *poffset += bytes_written;
1082 }
1053 long_op = CIFS_STD_OP; /* subsequent writes fast - 1083 long_op = CIFS_STD_OP; /* subsequent writes fast -
1054 15 seconds is plenty */ 1084 15 seconds is plenty */
1055 } 1085 }
@@ -1085,6 +1115,7 @@ static ssize_t cifs_write(struct file *file, const char *write_data,
1085 struct cifsTconInfo *pTcon; 1115 struct cifsTconInfo *pTcon;
1086 int xid, long_op; 1116 int xid, long_op;
1087 struct cifsFileInfo *open_file; 1117 struct cifsFileInfo *open_file;
1118 struct cifsInodeInfo *cifsi = CIFS_I(file->f_path.dentry->d_inode);
1088 1119
1089 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb); 1120 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb);
1090 1121
@@ -1099,11 +1130,7 @@ static ssize_t cifs_write(struct file *file, const char *write_data,
1099 1130
1100 xid = GetXid(); 1131 xid = GetXid();
1101 1132
1102 if (*poffset > file->f_path.dentry->d_inode->i_size) 1133 long_op = cifs_write_timeout(cifsi, *poffset);
1103 long_op = CIFS_VLONG_OP; /* writes past EOF can be slow */
1104 else
1105 long_op = CIFS_LONG_OP;
1106
1107 for (total_written = 0; write_size > total_written; 1134 for (total_written = 0; write_size > total_written;
1108 total_written += bytes_written) { 1135 total_written += bytes_written) {
1109 rc = -EAGAIN; 1136 rc = -EAGAIN;
@@ -1166,8 +1193,10 @@ static ssize_t cifs_write(struct file *file, const char *write_data,
1166 FreeXid(xid); 1193 FreeXid(xid);
1167 return rc; 1194 return rc;
1168 } 1195 }
1169 } else 1196 } else {
1197 cifs_update_eof(cifsi, *poffset, bytes_written);
1170 *poffset += bytes_written; 1198 *poffset += bytes_written;
1199 }
1171 long_op = CIFS_STD_OP; /* subsequent writes fast - 1200 long_op = CIFS_STD_OP; /* subsequent writes fast -
1172 15 seconds is plenty */ 1201 15 seconds is plenty */
1173 } 1202 }
@@ -1380,11 +1409,12 @@ static int cifs_writepages(struct address_space *mapping,
1380 int nr_pages; 1409 int nr_pages;
1381 __u64 offset = 0; 1410 __u64 offset = 0;
1382 struct cifsFileInfo *open_file; 1411 struct cifsFileInfo *open_file;
1412 struct cifsInodeInfo *cifsi = CIFS_I(mapping->host);
1383 struct page *page; 1413 struct page *page;
1384 struct pagevec pvec; 1414 struct pagevec pvec;
1385 int rc = 0; 1415 int rc = 0;
1386 int scanned = 0; 1416 int scanned = 0;
1387 int xid; 1417 int xid, long_op;
1388 1418
1389 cifs_sb = CIFS_SB(mapping->host->i_sb); 1419 cifs_sb = CIFS_SB(mapping->host->i_sb);
1390 1420
@@ -1528,12 +1558,15 @@ retry:
1528 cERROR(1, ("No writable handles for inode")); 1558 cERROR(1, ("No writable handles for inode"));
1529 rc = -EBADF; 1559 rc = -EBADF;
1530 } else { 1560 } else {
1561 long_op = cifs_write_timeout(cifsi, offset);
1531 rc = CIFSSMBWrite2(xid, cifs_sb->tcon, 1562 rc = CIFSSMBWrite2(xid, cifs_sb->tcon,
1532 open_file->netfid, 1563 open_file->netfid,
1533 bytes_to_write, offset, 1564 bytes_to_write, offset,
1534 &bytes_written, iov, n_iov, 1565 &bytes_written, iov, n_iov,
1535 CIFS_LONG_OP); 1566 long_op);
1536 atomic_dec(&open_file->wrtPending); 1567 atomic_dec(&open_file->wrtPending);
1568 cifs_update_eof(cifsi, offset, bytes_written);
1569
1537 if (rc || bytes_written < bytes_to_write) { 1570 if (rc || bytes_written < bytes_to_write) {
1538 cERROR(1, ("Write2 ret %d, wrote %d", 1571 cERROR(1, ("Write2 ret %d, wrote %d",
1539 rc, bytes_written)); 1572 rc, bytes_written));
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
index f121a80fdd6f..f36b4e40e443 100644
--- a/fs/cifs/inode.c
+++ b/fs/cifs/inode.c
@@ -143,6 +143,7 @@ static void cifs_unix_info_to_inode(struct inode *inode,
143 143
144 inode->i_nlink = le64_to_cpu(info->Nlinks); 144 inode->i_nlink = le64_to_cpu(info->Nlinks);
145 145
146 cifsInfo->server_eof = end_of_file;
146 spin_lock(&inode->i_lock); 147 spin_lock(&inode->i_lock);
147 if (is_size_safe_to_change(cifsInfo, end_of_file)) { 148 if (is_size_safe_to_change(cifsInfo, end_of_file)) {
148 /* 149 /*
@@ -276,7 +277,8 @@ int cifs_get_inode_info_unix(struct inode **pinode,
276 277
277 /* get new inode */ 278 /* get new inode */
278 if (*pinode == NULL) { 279 if (*pinode == NULL) {
279 *pinode = cifs_new_inode(sb, &find_data.UniqueId); 280 __u64 unique_id = le64_to_cpu(find_data.UniqueId);
281 *pinode = cifs_new_inode(sb, &unique_id);
280 if (*pinode == NULL) { 282 if (*pinode == NULL) {
281 rc = -ENOMEM; 283 rc = -ENOMEM;
282 goto cgiiu_exit; 284 goto cgiiu_exit;
@@ -605,12 +607,12 @@ int cifs_get_inode_info(struct inode **pinode,
605 inode->i_mode |= S_IFREG; 607 inode->i_mode |= S_IFREG;
606 } 608 }
607 609
610 cifsInfo->server_eof = le64_to_cpu(pfindData->EndOfFile);
608 spin_lock(&inode->i_lock); 611 spin_lock(&inode->i_lock);
609 if (is_size_safe_to_change(cifsInfo, 612 if (is_size_safe_to_change(cifsInfo, cifsInfo->server_eof)) {
610 le64_to_cpu(pfindData->EndOfFile))) {
611 /* can not safely shrink the file size here if the 613 /* can not safely shrink the file size here if the
612 client is writing to it due to potential races */ 614 client is writing to it due to potential races */
613 i_size_write(inode, le64_to_cpu(pfindData->EndOfFile)); 615 i_size_write(inode, cifsInfo->server_eof);
614 616
615 /* 512 bytes (2**9) is the fake blocksize that must be 617 /* 512 bytes (2**9) is the fake blocksize that must be
616 used for this calculation */ 618 used for this calculation */
@@ -1138,6 +1140,7 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode)
1138 cFYI(1, ("posix mkdir returned 0x%x", rc)); 1140 cFYI(1, ("posix mkdir returned 0x%x", rc));
1139 d_drop(direntry); 1141 d_drop(direntry);
1140 } else { 1142 } else {
1143 __u64 unique_id;
1141 if (pInfo->Type == cpu_to_le32(-1)) { 1144 if (pInfo->Type == cpu_to_le32(-1)) {
1142 /* no return info, go query for it */ 1145 /* no return info, go query for it */
1143 kfree(pInfo); 1146 kfree(pInfo);
@@ -1151,8 +1154,8 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode)
1151 else 1154 else
1152 direntry->d_op = &cifs_dentry_ops; 1155 direntry->d_op = &cifs_dentry_ops;
1153 1156
1154 newinode = cifs_new_inode(inode->i_sb, 1157 unique_id = le64_to_cpu(pInfo->UniqueId);
1155 &pInfo->UniqueId); 1158 newinode = cifs_new_inode(inode->i_sb, &unique_id);
1156 if (newinode == NULL) { 1159 if (newinode == NULL) {
1157 kfree(pInfo); 1160 kfree(pInfo);
1158 goto mkdir_get_info; 1161 goto mkdir_get_info;
@@ -1450,7 +1453,8 @@ int cifs_rename(struct inode *source_dir, struct dentry *source_dentry,
1450 checking the UniqueId via FILE_INTERNAL_INFO */ 1453 checking the UniqueId via FILE_INTERNAL_INFO */
1451 1454
1452unlink_target: 1455unlink_target:
1453 if ((rc == -EACCES) || (rc == -EEXIST)) { 1456 /* Try unlinking the target dentry if it's not negative */
1457 if (target_dentry->d_inode && (rc == -EACCES || rc == -EEXIST)) {
1454 tmprc = cifs_unlink(target_dir, target_dentry); 1458 tmprc = cifs_unlink(target_dir, target_dentry);
1455 if (tmprc) 1459 if (tmprc)
1456 goto cifs_rename_exit; 1460 goto cifs_rename_exit;
@@ -1753,6 +1757,7 @@ cifs_set_file_size(struct inode *inode, struct iattr *attrs,
1753 } 1757 }
1754 1758
1755 if (rc == 0) { 1759 if (rc == 0) {
1760 cifsInode->server_eof = attrs->ia_size;
1756 rc = cifs_vmtruncate(inode, attrs->ia_size); 1761 rc = cifs_vmtruncate(inode, attrs->ia_size);
1757 cifs_truncate_page(inode->i_mapping, inode->i_size); 1762 cifs_truncate_page(inode->i_mapping, inode->i_size);
1758 } 1763 }
@@ -1792,20 +1797,21 @@ cifs_setattr_unix(struct dentry *direntry, struct iattr *attrs)
1792 goto out; 1797 goto out;
1793 } 1798 }
1794 1799
1795 if ((attrs->ia_valid & ATTR_MTIME) || (attrs->ia_valid & ATTR_SIZE)) { 1800 /*
1796 /* 1801 * Attempt to flush data before changing attributes. We need to do
1797 Flush data before changing file size or changing the last 1802 * this for ATTR_SIZE and ATTR_MTIME for sure, and if we change the
1798 write time of the file on the server. If the 1803 * ownership or mode then we may also need to do this. Here, we take
1799 flush returns error, store it to report later and continue. 1804 * the safe way out and just do the flush on all setattr requests. If
1800 BB: This should be smarter. Why bother flushing pages that 1805 * the flush returns error, store it to report later and continue.
1801 will be truncated anyway? Also, should we error out here if 1806 *
1802 the flush returns error? 1807 * BB: This should be smarter. Why bother flushing pages that
1803 */ 1808 * will be truncated anyway? Also, should we error out here if
1804 rc = filemap_write_and_wait(inode->i_mapping); 1809 * the flush returns error?
1805 if (rc != 0) { 1810 */
1806 cifsInode->write_behind_rc = rc; 1811 rc = filemap_write_and_wait(inode->i_mapping);
1807 rc = 0; 1812 if (rc != 0) {
1808 } 1813 cifsInode->write_behind_rc = rc;
1814 rc = 0;
1809 } 1815 }
1810 1816
1811 if (attrs->ia_valid & ATTR_SIZE) { 1817 if (attrs->ia_valid & ATTR_SIZE) {
@@ -1903,20 +1909,21 @@ cifs_setattr_nounix(struct dentry *direntry, struct iattr *attrs)
1903 return -ENOMEM; 1909 return -ENOMEM;
1904 } 1910 }
1905 1911
1906 if ((attrs->ia_valid & ATTR_MTIME) || (attrs->ia_valid & ATTR_SIZE)) { 1912 /*
1907 /* 1913 * Attempt to flush data before changing attributes. We need to do
1908 Flush data before changing file size or changing the last 1914 * this for ATTR_SIZE and ATTR_MTIME for sure, and if we change the
1909 write time of the file on the server. If the 1915 * ownership or mode then we may also need to do this. Here, we take
1910 flush returns error, store it to report later and continue. 1916 * the safe way out and just do the flush on all setattr requests. If
1911 BB: This should be smarter. Why bother flushing pages that 1917 * the flush returns error, store it to report later and continue.
1912 will be truncated anyway? Also, should we error out here if 1918 *
1913 the flush returns error? 1919 * BB: This should be smarter. Why bother flushing pages that
1914 */ 1920 * will be truncated anyway? Also, should we error out here if
1915 rc = filemap_write_and_wait(inode->i_mapping); 1921 * the flush returns error?
1916 if (rc != 0) { 1922 */
1917 cifsInode->write_behind_rc = rc; 1923 rc = filemap_write_and_wait(inode->i_mapping);
1918 rc = 0; 1924 if (rc != 0) {
1919 } 1925 cifsInode->write_behind_rc = rc;
1926 rc = 0;
1920 } 1927 }
1921 1928
1922 if (attrs->ia_valid & ATTR_SIZE) { 1929 if (attrs->ia_valid & ATTR_SIZE) {
diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c
index c2c01ff4c32c..1a8be6228333 100644
--- a/fs/cifs/readdir.c
+++ b/fs/cifs/readdir.c
@@ -239,6 +239,7 @@ static void fill_in_inode(struct inode *tmp_inode, int new_buf_type,
239 if (atomic_read(&cifsInfo->inUse) == 0) 239 if (atomic_read(&cifsInfo->inUse) == 0)
240 atomic_set(&cifsInfo->inUse, 1); 240 atomic_set(&cifsInfo->inUse, 1);
241 241
242 cifsInfo->server_eof = end_of_file;
242 spin_lock(&tmp_inode->i_lock); 243 spin_lock(&tmp_inode->i_lock);
243 if (is_size_safe_to_change(cifsInfo, end_of_file)) { 244 if (is_size_safe_to_change(cifsInfo, end_of_file)) {
244 /* can not safely change the file size here if the 245 /* can not safely change the file size here if the
@@ -375,6 +376,7 @@ static void unix_fill_in_inode(struct inode *tmp_inode,
375 tmp_inode->i_gid = le64_to_cpu(pfindData->Gid); 376 tmp_inode->i_gid = le64_to_cpu(pfindData->Gid);
376 tmp_inode->i_nlink = le64_to_cpu(pfindData->Nlinks); 377 tmp_inode->i_nlink = le64_to_cpu(pfindData->Nlinks);
377 378
379 cifsInfo->server_eof = end_of_file;
378 spin_lock(&tmp_inode->i_lock); 380 spin_lock(&tmp_inode->i_lock);
379 if (is_size_safe_to_change(cifsInfo, end_of_file)) { 381 if (is_size_safe_to_change(cifsInfo, end_of_file)) {
380 /* can not safely change the file size here if the 382 /* can not safely change the file size here if the
@@ -840,7 +842,7 @@ static int cifs_get_name_from_search_buf(struct qstr *pqst,
840 len = strnlen(filename, PATH_MAX); 842 len = strnlen(filename, PATH_MAX);
841 } 843 }
842 844
843 *pinum = pFindData->UniqueId; 845 *pinum = le64_to_cpu(pFindData->UniqueId);
844 } else if (level == SMB_FIND_FILE_DIRECTORY_INFO) { 846 } else if (level == SMB_FIND_FILE_DIRECTORY_INFO) {
845 FILE_DIRECTORY_INFO *pFindData = 847 FILE_DIRECTORY_INFO *pFindData =
846 (FILE_DIRECTORY_INFO *)current_entry; 848 (FILE_DIRECTORY_INFO *)current_entry;
@@ -856,7 +858,7 @@ static int cifs_get_name_from_search_buf(struct qstr *pqst,
856 (SEARCH_ID_FULL_DIR_INFO *)current_entry; 858 (SEARCH_ID_FULL_DIR_INFO *)current_entry;
857 filename = &pFindData->FileName[0]; 859 filename = &pFindData->FileName[0];
858 len = le32_to_cpu(pFindData->FileNameLength); 860 len = le32_to_cpu(pFindData->FileNameLength);
859 *pinum = pFindData->UniqueId; 861 *pinum = le64_to_cpu(pFindData->UniqueId);
860 } else if (level == SMB_FIND_FILE_BOTH_DIRECTORY_INFO) { 862 } else if (level == SMB_FIND_FILE_BOTH_DIRECTORY_INFO) {
861 FILE_BOTH_DIRECTORY_INFO *pFindData = 863 FILE_BOTH_DIRECTORY_INFO *pFindData =
862 (FILE_BOTH_DIRECTORY_INFO *)current_entry; 864 (FILE_BOTH_DIRECTORY_INFO *)current_entry;
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 5c68b4282be9..c652c73760dd 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -285,35 +285,36 @@ static int decode_unicode_ssetup(char **pbcc_area, int bleft,
285 int words_left, len; 285 int words_left, len;
286 char *data = *pbcc_area; 286 char *data = *pbcc_area;
287 287
288
289
290 cFYI(1, ("bleft %d", bleft)); 288 cFYI(1, ("bleft %d", bleft));
291 289
292 290 /*
293 /* SMB header is unaligned, so cifs servers word align start of 291 * Windows servers do not always double null terminate their final
294 Unicode strings */ 292 * Unicode string. Check to see if there are an uneven number of bytes
295 data++; 293 * left. If so, then add an extra NULL pad byte to the end of the
296 bleft--; /* Windows servers do not always double null terminate 294 * response.
297 their final Unicode string - in which case we 295 *
298 now will not attempt to decode the byte of junk 296 * See section 2.7.2 in "Implementing CIFS" for details
299 which follows it */ 297 */
298 if (bleft % 2) {
299 data[bleft] = 0;
300 ++bleft;
301 }
300 302
301 words_left = bleft / 2; 303 words_left = bleft / 2;
302 304
303 /* save off server operating system */ 305 /* save off server operating system */
304 len = UniStrnlen((wchar_t *) data, words_left); 306 len = UniStrnlen((wchar_t *) data, words_left);
305 307
306/* We look for obvious messed up bcc or strings in response so we do not go off
307 the end since (at least) WIN2K and Windows XP have a major bug in not null
308 terminating last Unicode string in response */
309 if (len >= words_left) 308 if (len >= words_left)
310 return rc; 309 return rc;
311 310
312 kfree(ses->serverOS); 311 kfree(ses->serverOS);
313 /* UTF-8 string will not grow more than four times as big as UCS-16 */ 312 /* UTF-8 string will not grow more than four times as big as UCS-16 */
314 ses->serverOS = kzalloc((4 * len) + 2 /* trailing null */, GFP_KERNEL); 313 ses->serverOS = kzalloc((4 * len) + 2 /* trailing null */, GFP_KERNEL);
315 if (ses->serverOS != NULL) 314 if (ses->serverOS != NULL) {
316 cifs_strfromUCS_le(ses->serverOS, (__le16 *)data, len, nls_cp); 315 cifs_strfromUCS_le(ses->serverOS, (__le16 *)data, len, nls_cp);
316 cFYI(1, ("serverOS=%s", ses->serverOS));
317 }
317 data += 2 * (len + 1); 318 data += 2 * (len + 1);
318 words_left -= len + 1; 319 words_left -= len + 1;
319 320
@@ -328,6 +329,7 @@ static int decode_unicode_ssetup(char **pbcc_area, int bleft,
328 if (ses->serverNOS != NULL) { 329 if (ses->serverNOS != NULL) {
329 cifs_strfromUCS_le(ses->serverNOS, (__le16 *)data, len, 330 cifs_strfromUCS_le(ses->serverNOS, (__le16 *)data, len,
330 nls_cp); 331 nls_cp);
332 cFYI(1, ("serverNOS=%s", ses->serverNOS));
331 if (strncmp(ses->serverNOS, "NT LAN Manager 4", 16) == 0) { 333 if (strncmp(ses->serverNOS, "NT LAN Manager 4", 16) == 0) {
332 cFYI(1, ("NT4 server")); 334 cFYI(1, ("NT4 server"));
333 ses->flags |= CIFS_SES_NT4; 335 ses->flags |= CIFS_SES_NT4;
@@ -343,12 +345,11 @@ static int decode_unicode_ssetup(char **pbcc_area, int bleft,
343 return rc; 345 return rc;
344 346
345 kfree(ses->serverDomain); 347 kfree(ses->serverDomain);
346 ses->serverDomain = kzalloc(2 * (len + 1), GFP_KERNEL); /* BB FIXME wrong length */ 348 ses->serverDomain = kzalloc((4 * len) + 2, GFP_KERNEL);
347 if (ses->serverDomain != NULL) { 349 if (ses->serverDomain != NULL) {
348 cifs_strfromUCS_le(ses->serverDomain, (__le16 *)data, len, 350 cifs_strfromUCS_le(ses->serverDomain, (__le16 *)data, len,
349 nls_cp); 351 nls_cp);
350 ses->serverDomain[2*len] = 0; 352 cFYI(1, ("serverDomain=%s", ses->serverDomain));
351 ses->serverDomain[(2*len) + 1] = 0;
352 } 353 }
353 data += 2 * (len + 1); 354 data += 2 * (len + 1);
354 words_left -= len + 1; 355 words_left -= len + 1;
@@ -702,12 +703,18 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
702 } 703 }
703 704
704 /* BB check if Unicode and decode strings */ 705 /* BB check if Unicode and decode strings */
705 if (smb_buf->Flags2 & SMBFLG2_UNICODE) 706 if (smb_buf->Flags2 & SMBFLG2_UNICODE) {
707 /* unicode string area must be word-aligned */
708 if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) {
709 ++bcc_ptr;
710 --bytes_remaining;
711 }
706 rc = decode_unicode_ssetup(&bcc_ptr, bytes_remaining, 712 rc = decode_unicode_ssetup(&bcc_ptr, bytes_remaining,
707 ses, nls_cp); 713 ses, nls_cp);
708 else 714 } else {
709 rc = decode_ascii_ssetup(&bcc_ptr, bytes_remaining, 715 rc = decode_ascii_ssetup(&bcc_ptr, bytes_remaining,
710 ses, nls_cp); 716 ses, nls_cp);
717 }
711 718
712ssetup_exit: 719ssetup_exit:
713 if (spnego_key) { 720 if (spnego_key) {
generated by cgit v1.2.2 (git 2.25.0) at 2026-01-08 11:06:28 -0500