aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/Kconfig2
-rw-r--r--fs/ceph/caps.c43
-rw-r--r--fs/ceph/inode.c10
-rw-r--r--fs/ceph/mds_client.c10
-rw-r--r--fs/ceph/super.c2
-rw-r--r--fs/ceph/xattr.c3
-rw-r--r--fs/cifs/Makefile2
-rw-r--r--fs/cifs/README5
-rw-r--r--fs/cifs/cifs_debug.c10
-rw-r--r--fs/cifs/cifs_dfs_ref.c1
-rw-r--r--fs/cifs/cifs_fs_sb.h1
-rw-r--r--fs/cifs/cifs_unicode.c127
-rw-r--r--fs/cifs/cifsacl.c13
-rw-r--r--fs/cifs/cifsencrypt.c33
-rw-r--r--fs/cifs/cifsencrypt.h33
-rw-r--r--fs/cifs/cifsfs.c55
-rw-r--r--fs/cifs/cifsfs.h19
-rw-r--r--fs/cifs/cifsglob.h97
-rw-r--r--fs/cifs/cifspdu.h62
-rw-r--r--fs/cifs/cifsproto.h20
-rw-r--r--fs/cifs/cifssmb.c113
-rw-r--r--fs/cifs/connect.c211
-rw-r--r--fs/cifs/file.c491
-rw-r--r--fs/cifs/inode.c8
-rw-r--r--fs/cifs/link.c58
-rw-r--r--fs/cifs/md4.c205
-rw-r--r--fs/cifs/md5.c366
-rw-r--r--fs/cifs/md5.h38
-rw-r--r--fs/cifs/misc.c73
-rw-r--r--fs/cifs/netmisc.c4
-rw-r--r--fs/cifs/sess.c15
-rw-r--r--fs/cifs/smbdes.c1
-rw-r--r--fs/cifs/smbencrypt.c91
-rw-r--r--fs/cifs/transport.c434
-rw-r--r--fs/dcache.c4
-rw-r--r--fs/direct-io.c10
-rw-r--r--fs/ext3/super.c25
-rw-r--r--fs/ext4/super.c25
-rw-r--r--fs/gfs2/inode.c72
-rw-r--r--fs/gfs2/inode.h1
-rw-r--r--fs/gfs2/super.c1
-rw-r--r--fs/lockd/host.c9
-rw-r--r--fs/nfs/callback.c109
-rw-r--r--fs/nfs/callback.h4
-rw-r--r--fs/nfs/callback_proc.c12
-rw-r--r--fs/nfs/callback_xdr.c5
-rw-r--r--fs/nfs/client.c15
-rw-r--r--fs/nfs/delegation.c6
-rw-r--r--fs/nfs/direct.c34
-rw-r--r--fs/nfs/inode.c26
-rw-r--r--fs/nfs/internal.h3
-rw-r--r--fs/nfs/nfs3acl.c4
-rw-r--r--fs/nfs/nfs3xdr.c5
-rw-r--r--fs/nfs/nfs4filelayoutdev.c9
-rw-r--r--fs/nfs/nfs4proc.c30
-rw-r--r--fs/nfs/nfs4state.c6
-rw-r--r--fs/nfs/nfs4xdr.c9
-rw-r--r--fs/nfs/pnfs.c2
-rw-r--r--fs/nfs/write.c2
-rw-r--r--fs/nfs_common/nfsacl.c54
-rw-r--r--fs/nilfs2/super.c3
-rw-r--r--fs/ntfs/mft.c11
-rw-r--r--fs/ocfs2/super.c5
-rw-r--r--fs/pipe.c10
-rw-r--r--fs/posix_acl.c17
-rw-r--r--fs/proc/Kconfig6
-rw-r--r--fs/proc/consoles.c4
-rw-r--r--fs/quota/dquot.c18
-rw-r--r--fs/quota/quota.c41
-rw-r--r--fs/reiserfs/super.c17
-rw-r--r--fs/squashfs/block.c8
-rw-r--r--fs/squashfs/xz_wrapper.c6
-rw-r--r--fs/squashfs/zlib_wrapper.c6
-rw-r--r--fs/sysfs/Kconfig2
-rw-r--r--fs/xfs/linux-2.6/xfs_ioctl.c20
-rw-r--r--fs/xfs/quota/xfs_qm.c46
-rw-r--r--fs/xfs/xfs_alloc.h16
-rw-r--r--fs/xfs/xfs_bmap.c61
-rw-r--r--fs/xfs/xfs_buf_item.c12
-rw-r--r--fs/xfs/xfs_extfree_item.c3
-rw-r--r--fs/xfs/xfs_iomap.c7
-rw-r--r--fs/xfs/xfs_log.h2
-rw-r--r--fs/xfs/xfs_log_cil.c15
-rw-r--r--fs/xfs/xfs_trans.c41
84 files changed, 1755 insertions, 1760 deletions
diff --git a/fs/Kconfig b/fs/Kconfig
index 9a7921ae4763..3db9caa57edc 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -50,7 +50,7 @@ config EXPORTFS
50 tristate 50 tristate
51 51
52config FILE_LOCKING 52config FILE_LOCKING
53 bool "Enable POSIX file locking API" if EMBEDDED 53 bool "Enable POSIX file locking API" if EXPERT
54 default y 54 default y
55 help 55 help
56 This option enables standard file locking support, required 56 This option enables standard file locking support, required
diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c
index 60d27bc9eb83..6b61ded701e1 100644
--- a/fs/ceph/caps.c
+++ b/fs/ceph/caps.c
@@ -1560,9 +1560,10 @@ retry_locked:
1560 /* NOTE: no side-effects allowed, until we take s_mutex */ 1560 /* NOTE: no side-effects allowed, until we take s_mutex */
1561 1561
1562 revoking = cap->implemented & ~cap->issued; 1562 revoking = cap->implemented & ~cap->issued;
1563 if (revoking) 1563 dout(" mds%d cap %p issued %s implemented %s revoking %s\n",
1564 dout(" mds%d revoking %s\n", cap->mds, 1564 cap->mds, cap, ceph_cap_string(cap->issued),
1565 ceph_cap_string(revoking)); 1565 ceph_cap_string(cap->implemented),
1566 ceph_cap_string(revoking));
1566 1567
1567 if (cap == ci->i_auth_cap && 1568 if (cap == ci->i_auth_cap &&
1568 (cap->issued & CEPH_CAP_FILE_WR)) { 1569 (cap->issued & CEPH_CAP_FILE_WR)) {
@@ -1658,6 +1659,8 @@ ack:
1658 1659
1659 if (cap == ci->i_auth_cap && ci->i_dirty_caps) 1660 if (cap == ci->i_auth_cap && ci->i_dirty_caps)
1660 flushing = __mark_caps_flushing(inode, session); 1661 flushing = __mark_caps_flushing(inode, session);
1662 else
1663 flushing = 0;
1661 1664
1662 mds = cap->mds; /* remember mds, so we don't repeat */ 1665 mds = cap->mds; /* remember mds, so we don't repeat */
1663 sent++; 1666 sent++;
@@ -1940,6 +1943,35 @@ void ceph_kick_flushing_caps(struct ceph_mds_client *mdsc,
1940 } 1943 }
1941} 1944}
1942 1945
1946static void kick_flushing_inode_caps(struct ceph_mds_client *mdsc,
1947 struct ceph_mds_session *session,
1948 struct inode *inode)
1949{
1950 struct ceph_inode_info *ci = ceph_inode(inode);
1951 struct ceph_cap *cap;
1952 int delayed = 0;
1953
1954 spin_lock(&inode->i_lock);
1955 cap = ci->i_auth_cap;
1956 dout("kick_flushing_inode_caps %p flushing %s flush_seq %lld\n", inode,
1957 ceph_cap_string(ci->i_flushing_caps), ci->i_cap_flush_seq);
1958 __ceph_flush_snaps(ci, &session, 1);
1959 if (ci->i_flushing_caps) {
1960 delayed = __send_cap(mdsc, cap, CEPH_CAP_OP_FLUSH,
1961 __ceph_caps_used(ci),
1962 __ceph_caps_wanted(ci),
1963 cap->issued | cap->implemented,
1964 ci->i_flushing_caps, NULL);
1965 if (delayed) {
1966 spin_lock(&inode->i_lock);
1967 __cap_delay_requeue(mdsc, ci);
1968 spin_unlock(&inode->i_lock);
1969 }
1970 } else {
1971 spin_unlock(&inode->i_lock);
1972 }
1973}
1974
1943 1975
1944/* 1976/*
1945 * Take references to capabilities we hold, so that we don't release 1977 * Take references to capabilities we hold, so that we don't release
@@ -2687,7 +2719,7 @@ static void handle_cap_import(struct ceph_mds_client *mdsc,
2687 ceph_add_cap(inode, session, cap_id, -1, 2719 ceph_add_cap(inode, session, cap_id, -1,
2688 issued, wanted, seq, mseq, realmino, CEPH_CAP_FLAG_AUTH, 2720 issued, wanted, seq, mseq, realmino, CEPH_CAP_FLAG_AUTH,
2689 NULL /* no caps context */); 2721 NULL /* no caps context */);
2690 try_flush_caps(inode, session, NULL); 2722 kick_flushing_inode_caps(mdsc, session, inode);
2691 up_read(&mdsc->snap_rwsem); 2723 up_read(&mdsc->snap_rwsem);
2692 2724
2693 /* make sure we re-request max_size, if necessary */ 2725 /* make sure we re-request max_size, if necessary */
@@ -2785,8 +2817,7 @@ void ceph_handle_caps(struct ceph_mds_session *session,
2785 case CEPH_CAP_OP_IMPORT: 2817 case CEPH_CAP_OP_IMPORT:
2786 handle_cap_import(mdsc, inode, h, session, 2818 handle_cap_import(mdsc, inode, h, session,
2787 snaptrace, snaptrace_len); 2819 snaptrace, snaptrace_len);
2788 ceph_check_caps(ceph_inode(inode), CHECK_CAPS_NODELAY, 2820 ceph_check_caps(ceph_inode(inode), 0, session);
2789 session);
2790 goto done_unlocked; 2821 goto done_unlocked;
2791 } 2822 }
2792 2823
diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
index e835eff551e3..5625463aa479 100644
--- a/fs/ceph/inode.c
+++ b/fs/ceph/inode.c
@@ -710,10 +710,6 @@ static int fill_inode(struct inode *inode,
710 ci->i_ceph_flags |= CEPH_I_COMPLETE; 710 ci->i_ceph_flags |= CEPH_I_COMPLETE;
711 ci->i_max_offset = 2; 711 ci->i_max_offset = 2;
712 } 712 }
713
714 /* it may be better to set st_size in getattr instead? */
715 if (ceph_test_mount_opt(ceph_sb_to_client(inode->i_sb), RBYTES))
716 inode->i_size = ci->i_rbytes;
717 break; 713 break;
718 default: 714 default:
719 pr_err("fill_inode %llx.%llx BAD mode 0%o\n", 715 pr_err("fill_inode %llx.%llx BAD mode 0%o\n",
@@ -1819,7 +1815,11 @@ int ceph_getattr(struct vfsmount *mnt, struct dentry *dentry,
1819 else 1815 else
1820 stat->dev = 0; 1816 stat->dev = 0;
1821 if (S_ISDIR(inode->i_mode)) { 1817 if (S_ISDIR(inode->i_mode)) {
1822 stat->size = ci->i_rbytes; 1818 if (ceph_test_mount_opt(ceph_sb_to_client(inode->i_sb),
1819 RBYTES))
1820 stat->size = ci->i_rbytes;
1821 else
1822 stat->size = ci->i_files + ci->i_subdirs;
1823 stat->blocks = 0; 1823 stat->blocks = 0;
1824 stat->blksize = 65536; 1824 stat->blksize = 65536;
1825 } 1825 }
diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
index 1e30d194a8e3..a1ee8fa3a8e7 100644
--- a/fs/ceph/mds_client.c
+++ b/fs/ceph/mds_client.c
@@ -693,9 +693,11 @@ static int __choose_mds(struct ceph_mds_client *mdsc,
693 dout("choose_mds %p %llx.%llx " 693 dout("choose_mds %p %llx.%llx "
694 "frag %u mds%d (%d/%d)\n", 694 "frag %u mds%d (%d/%d)\n",
695 inode, ceph_vinop(inode), 695 inode, ceph_vinop(inode),
696 frag.frag, frag.mds, 696 frag.frag, mds,
697 (int)r, frag.ndist); 697 (int)r, frag.ndist);
698 return mds; 698 if (ceph_mdsmap_get_state(mdsc->mdsmap, mds) >=
699 CEPH_MDS_STATE_ACTIVE)
700 return mds;
699 } 701 }
700 702
701 /* since this file/dir wasn't known to be 703 /* since this file/dir wasn't known to be
@@ -708,7 +710,9 @@ static int __choose_mds(struct ceph_mds_client *mdsc,
708 dout("choose_mds %p %llx.%llx " 710 dout("choose_mds %p %llx.%llx "
709 "frag %u mds%d (auth)\n", 711 "frag %u mds%d (auth)\n",
710 inode, ceph_vinop(inode), frag.frag, mds); 712 inode, ceph_vinop(inode), frag.frag, mds);
711 return mds; 713 if (ceph_mdsmap_get_state(mdsc->mdsmap, mds) >=
714 CEPH_MDS_STATE_ACTIVE)
715 return mds;
712 } 716 }
713 } 717 }
714 } 718 }
diff --git a/fs/ceph/super.c b/fs/ceph/super.c
index bf6f0f34082a..9c5085465a63 100644
--- a/fs/ceph/super.c
+++ b/fs/ceph/super.c
@@ -290,6 +290,8 @@ static int parse_mount_options(struct ceph_mount_options **pfsopt,
290 290
291 fsopt->rsize = CEPH_MOUNT_RSIZE_DEFAULT; 291 fsopt->rsize = CEPH_MOUNT_RSIZE_DEFAULT;
292 fsopt->snapdir_name = kstrdup(CEPH_SNAPDIRNAME_DEFAULT, GFP_KERNEL); 292 fsopt->snapdir_name = kstrdup(CEPH_SNAPDIRNAME_DEFAULT, GFP_KERNEL);
293 fsopt->caps_wanted_delay_min = CEPH_CAPS_WANTED_DELAY_MIN_DEFAULT;
294 fsopt->caps_wanted_delay_max = CEPH_CAPS_WANTED_DELAY_MAX_DEFAULT;
293 fsopt->cap_release_safety = CEPH_CAP_RELEASE_SAFETY_DEFAULT; 295 fsopt->cap_release_safety = CEPH_CAP_RELEASE_SAFETY_DEFAULT;
294 fsopt->max_readdir = CEPH_MAX_READDIR_DEFAULT; 296 fsopt->max_readdir = CEPH_MAX_READDIR_DEFAULT;
295 fsopt->max_readdir_bytes = CEPH_MAX_READDIR_BYTES_DEFAULT; 297 fsopt->max_readdir_bytes = CEPH_MAX_READDIR_BYTES_DEFAULT;
diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c
index 6e12a6ba5f79..8c9eba6ef9df 100644
--- a/fs/ceph/xattr.c
+++ b/fs/ceph/xattr.c
@@ -219,6 +219,7 @@ static struct ceph_inode_xattr *__get_xattr(struct ceph_inode_info *ci,
219 struct rb_node **p; 219 struct rb_node **p;
220 struct rb_node *parent = NULL; 220 struct rb_node *parent = NULL;
221 struct ceph_inode_xattr *xattr = NULL; 221 struct ceph_inode_xattr *xattr = NULL;
222 int name_len = strlen(name);
222 int c; 223 int c;
223 224
224 p = &ci->i_xattrs.index.rb_node; 225 p = &ci->i_xattrs.index.rb_node;
@@ -226,6 +227,8 @@ static struct ceph_inode_xattr *__get_xattr(struct ceph_inode_info *ci,
226 parent = *p; 227 parent = *p;
227 xattr = rb_entry(parent, struct ceph_inode_xattr, node); 228 xattr = rb_entry(parent, struct ceph_inode_xattr, node);
228 c = strncmp(name, xattr->name, xattr->name_len); 229 c = strncmp(name, xattr->name, xattr->name_len);
230 if (c == 0 && name_len > xattr->name_len)
231 c = 1;
229 if (c < 0) 232 if (c < 0)
230 p = &(*p)->rb_left; 233 p = &(*p)->rb_left;
231 else if (c > 0) 234 else if (c > 0)
diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile
index 43b19dd39191..d87558448e3d 100644
--- a/fs/cifs/Makefile
+++ b/fs/cifs/Makefile
@@ -5,7 +5,7 @@ obj-$(CONFIG_CIFS) += cifs.o
5 5
6cifs-y := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o \ 6cifs-y := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o \
7 link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o \ 7 link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o \
8 md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o \ 8 cifs_unicode.o nterr.o xattr.o cifsencrypt.o \
9 readdir.o ioctl.o sess.o export.o 9 readdir.o ioctl.o sess.o export.o
10 10
11cifs-$(CONFIG_CIFS_ACL) += cifsacl.o 11cifs-$(CONFIG_CIFS_ACL) += cifsacl.o
diff --git a/fs/cifs/README b/fs/cifs/README
index 46af99ab3614..fe1683590828 100644
--- a/fs/cifs/README
+++ b/fs/cifs/README
@@ -452,6 +452,11 @@ A partial list of the supported mount options follows:
452 if oplock (caching token) is granted and held. Note that 452 if oplock (caching token) is granted and held. Note that
453 direct allows write operations larger than page size 453 direct allows write operations larger than page size
454 to be sent to the server. 454 to be sent to the server.
455 strictcache Use for switching on strict cache mode. In this mode the
456 client read from the cache all the time it has Oplock Level II,
457 otherwise - read from the server. All written data are stored
458 in the cache, but if the client doesn't have Exclusive Oplock,
459 it writes the data to the server.
455 acl Allow setfacl and getfacl to manage posix ACLs if server 460 acl Allow setfacl and getfacl to manage posix ACLs if server
456 supports them. (default) 461 supports them. (default)
457 noacl Do not allow setfacl and getfacl calls on this mount 462 noacl Do not allow setfacl and getfacl calls on this mount
diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c
index ede98300a8cd..65829d32128c 100644
--- a/fs/cifs/cifs_debug.c
+++ b/fs/cifs/cifs_debug.c
@@ -79,11 +79,11 @@ void cifs_dump_mids(struct TCP_Server_Info *server)
79 spin_lock(&GlobalMid_Lock); 79 spin_lock(&GlobalMid_Lock);
80 list_for_each(tmp, &server->pending_mid_q) { 80 list_for_each(tmp, &server->pending_mid_q) {
81 mid_entry = list_entry(tmp, struct mid_q_entry, qhead); 81 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
82 cERROR(1, "State: %d Cmd: %d Pid: %d Tsk: %p Mid %d", 82 cERROR(1, "State: %d Cmd: %d Pid: %d Cbdata: %p Mid %d",
83 mid_entry->midState, 83 mid_entry->midState,
84 (int)mid_entry->command, 84 (int)mid_entry->command,
85 mid_entry->pid, 85 mid_entry->pid,
86 mid_entry->tsk, 86 mid_entry->callback_data,
87 mid_entry->mid); 87 mid_entry->mid);
88#ifdef CONFIG_CIFS_STATS2 88#ifdef CONFIG_CIFS_STATS2
89 cERROR(1, "IsLarge: %d buf: %p time rcv: %ld now: %ld", 89 cERROR(1, "IsLarge: %d buf: %p time rcv: %ld now: %ld",
@@ -218,11 +218,11 @@ static int cifs_debug_data_proc_show(struct seq_file *m, void *v)
218 mid_entry = list_entry(tmp3, struct mid_q_entry, 218 mid_entry = list_entry(tmp3, struct mid_q_entry,
219 qhead); 219 qhead);
220 seq_printf(m, "\tState: %d com: %d pid:" 220 seq_printf(m, "\tState: %d com: %d pid:"
221 " %d tsk: %p mid %d\n", 221 " %d cbdata: %p mid %d\n",
222 mid_entry->midState, 222 mid_entry->midState,
223 (int)mid_entry->command, 223 (int)mid_entry->command,
224 mid_entry->pid, 224 mid_entry->pid,
225 mid_entry->tsk, 225 mid_entry->callback_data,
226 mid_entry->mid); 226 mid_entry->mid);
227 } 227 }
228 spin_unlock(&GlobalMid_Lock); 228 spin_unlock(&GlobalMid_Lock);
@@ -331,7 +331,7 @@ static int cifs_stats_proc_show(struct seq_file *m, void *v)
331 atomic_read(&totSmBufAllocCount)); 331 atomic_read(&totSmBufAllocCount));
332#endif /* CONFIG_CIFS_STATS2 */ 332#endif /* CONFIG_CIFS_STATS2 */
333 333
334 seq_printf(m, "Operations (MIDs): %d\n", midCount.counter); 334 seq_printf(m, "Operations (MIDs): %d\n", atomic_read(&midCount));
335 seq_printf(m, 335 seq_printf(m,
336 "\n%d session %d share reconnects\n", 336 "\n%d session %d share reconnects\n",
337 tcpSesReconnectCount.counter, tconInfoReconnectCount.counter); 337 tcpSesReconnectCount.counter, tconInfoReconnectCount.counter);
diff --git a/fs/cifs/cifs_dfs_ref.c b/fs/cifs/cifs_dfs_ref.c
index 7ed36536e754..f1c68629f277 100644
--- a/fs/cifs/cifs_dfs_ref.c
+++ b/fs/cifs/cifs_dfs_ref.c
@@ -297,7 +297,6 @@ static struct vfsmount *cifs_dfs_do_automount(struct dentry *mntpt)
297 297
298 cifs_sb = CIFS_SB(mntpt->d_inode->i_sb); 298 cifs_sb = CIFS_SB(mntpt->d_inode->i_sb);
299 tlink = cifs_sb_tlink(cifs_sb); 299 tlink = cifs_sb_tlink(cifs_sb);
300 mnt = ERR_PTR(-EINVAL);
301 if (IS_ERR(tlink)) { 300 if (IS_ERR(tlink)) {
302 mnt = ERR_CAST(tlink); 301 mnt = ERR_CAST(tlink);
303 goto free_full_path; 302 goto free_full_path;
diff --git a/fs/cifs/cifs_fs_sb.h b/fs/cifs/cifs_fs_sb.h
index 7852cd677051..ac51cd2d33ae 100644
--- a/fs/cifs/cifs_fs_sb.h
+++ b/fs/cifs/cifs_fs_sb.h
@@ -40,6 +40,7 @@
40#define CIFS_MOUNT_FSCACHE 0x8000 /* local caching enabled */ 40#define CIFS_MOUNT_FSCACHE 0x8000 /* local caching enabled */
41#define CIFS_MOUNT_MF_SYMLINKS 0x10000 /* Minshall+French Symlinks enabled */ 41#define CIFS_MOUNT_MF_SYMLINKS 0x10000 /* Minshall+French Symlinks enabled */
42#define CIFS_MOUNT_MULTIUSER 0x20000 /* multiuser mount */ 42#define CIFS_MOUNT_MULTIUSER 0x20000 /* multiuser mount */
43#define CIFS_MOUNT_STRICT_IO 0x40000 /* strict cache mode */
43 44
44struct cifs_sb_info { 45struct cifs_sb_info {
45 struct rb_root tlink_tree; 46 struct rb_root tlink_tree;
diff --git a/fs/cifs/cifs_unicode.c b/fs/cifs/cifs_unicode.c
index 430f510a1720..fc0fd4fde306 100644
--- a/fs/cifs/cifs_unicode.c
+++ b/fs/cifs/cifs_unicode.c
@@ -44,10 +44,14 @@ cifs_ucs2_bytes(const __le16 *from, int maxbytes,
44 int charlen, outlen = 0; 44 int charlen, outlen = 0;
45 int maxwords = maxbytes / 2; 45 int maxwords = maxbytes / 2;
46 char tmp[NLS_MAX_CHARSET_SIZE]; 46 char tmp[NLS_MAX_CHARSET_SIZE];
47 __u16 ftmp;
47 48
48 for (i = 0; i < maxwords && from[i]; i++) { 49 for (i = 0; i < maxwords; i++) {
49 charlen = codepage->uni2char(le16_to_cpu(from[i]), tmp, 50 ftmp = get_unaligned_le16(&from[i]);
50 NLS_MAX_CHARSET_SIZE); 51 if (ftmp == 0)
52 break;
53
54 charlen = codepage->uni2char(ftmp, tmp, NLS_MAX_CHARSET_SIZE);
51 if (charlen > 0) 55 if (charlen > 0)
52 outlen += charlen; 56 outlen += charlen;
53 else 57 else
@@ -58,9 +62,9 @@ cifs_ucs2_bytes(const __le16 *from, int maxbytes,
58} 62}
59 63
60/* 64/*
61 * cifs_mapchar - convert a little-endian char to proper char in codepage 65 * cifs_mapchar - convert a host-endian char to proper char in codepage
62 * @target - where converted character should be copied 66 * @target - where converted character should be copied
63 * @src_char - 2 byte little-endian source character 67 * @src_char - 2 byte host-endian source character
64 * @cp - codepage to which character should be converted 68 * @cp - codepage to which character should be converted
65 * @mapchar - should character be mapped according to mapchars mount option? 69 * @mapchar - should character be mapped according to mapchars mount option?
66 * 70 *
@@ -69,7 +73,7 @@ cifs_ucs2_bytes(const __le16 *from, int maxbytes,
69 * enough to hold the result of the conversion (at least NLS_MAX_CHARSET_SIZE). 73 * enough to hold the result of the conversion (at least NLS_MAX_CHARSET_SIZE).
70 */ 74 */
71static int 75static int
72cifs_mapchar(char *target, const __le16 src_char, const struct nls_table *cp, 76cifs_mapchar(char *target, const __u16 src_char, const struct nls_table *cp,
73 bool mapchar) 77 bool mapchar)
74{ 78{
75 int len = 1; 79 int len = 1;
@@ -82,7 +86,7 @@ cifs_mapchar(char *target, const __le16 src_char, const struct nls_table *cp,
82 * build_path_from_dentry are modified, as they use slash as 86 * build_path_from_dentry are modified, as they use slash as
83 * separator. 87 * separator.
84 */ 88 */
85 switch (le16_to_cpu(src_char)) { 89 switch (src_char) {
86 case UNI_COLON: 90 case UNI_COLON:
87 *target = ':'; 91 *target = ':';
88 break; 92 break;
@@ -109,8 +113,7 @@ out:
109 return len; 113 return len;
110 114
111cp_convert: 115cp_convert:
112 len = cp->uni2char(le16_to_cpu(src_char), target, 116 len = cp->uni2char(src_char, target, NLS_MAX_CHARSET_SIZE);
113 NLS_MAX_CHARSET_SIZE);
114 if (len <= 0) { 117 if (len <= 0) {
115 *target = '?'; 118 *target = '?';
116 len = 1; 119 len = 1;
@@ -149,6 +152,7 @@ cifs_from_ucs2(char *to, const __le16 *from, int tolen, int fromlen,
149 int nullsize = nls_nullsize(codepage); 152 int nullsize = nls_nullsize(codepage);
150 int fromwords = fromlen / 2; 153 int fromwords = fromlen / 2;
151 char tmp[NLS_MAX_CHARSET_SIZE]; 154 char tmp[NLS_MAX_CHARSET_SIZE];
155 __u16 ftmp;
152 156
153 /* 157 /*
154 * because the chars can be of varying widths, we need to take care 158 * because the chars can be of varying widths, we need to take care
@@ -158,19 +162,23 @@ cifs_from_ucs2(char *to, const __le16 *from, int tolen, int fromlen,
158 */ 162 */
159 safelen = tolen - (NLS_MAX_CHARSET_SIZE + nullsize); 163 safelen = tolen - (NLS_MAX_CHARSET_SIZE + nullsize);
160 164
161 for (i = 0; i < fromwords && from[i]; i++) { 165 for (i = 0; i < fromwords; i++) {
166 ftmp = get_unaligned_le16(&from[i]);
167 if (ftmp == 0)
168 break;
169
162 /* 170 /*
163 * check to see if converting this character might make the 171 * check to see if converting this character might make the
164 * conversion bleed into the null terminator 172 * conversion bleed into the null terminator
165 */ 173 */
166 if (outlen >= safelen) { 174 if (outlen >= safelen) {
167 charlen = cifs_mapchar(tmp, from[i], codepage, mapchar); 175 charlen = cifs_mapchar(tmp, ftmp, codepage, mapchar);
168 if ((outlen + charlen) > (tolen - nullsize)) 176 if ((outlen + charlen) > (tolen - nullsize))
169 break; 177 break;
170 } 178 }
171 179
172 /* put converted char into 'to' buffer */ 180 /* put converted char into 'to' buffer */
173 charlen = cifs_mapchar(&to[outlen], from[i], codepage, mapchar); 181 charlen = cifs_mapchar(&to[outlen], ftmp, codepage, mapchar);
174 outlen += charlen; 182 outlen += charlen;
175 } 183 }
176 184
@@ -193,24 +201,21 @@ cifs_strtoUCS(__le16 *to, const char *from, int len,
193{ 201{
194 int charlen; 202 int charlen;
195 int i; 203 int i;
196 wchar_t *wchar_to = (wchar_t *)to; /* needed to quiet sparse */ 204 wchar_t wchar_to; /* needed to quiet sparse */
197 205
198 for (i = 0; len && *from; i++, from += charlen, len -= charlen) { 206 for (i = 0; len && *from; i++, from += charlen, len -= charlen) {
199 207 charlen = codepage->char2uni(from, len, &wchar_to);
200 /* works for 2.4.0 kernel or later */
201 charlen = codepage->char2uni(from, len, &wchar_to[i]);
202 if (charlen < 1) { 208 if (charlen < 1) {
203 cERROR(1, "strtoUCS: char2uni of %d returned %d", 209 cERROR(1, "strtoUCS: char2uni of 0x%x returned %d",
204 (int)*from, charlen); 210 *from, charlen);
205 /* A question mark */ 211 /* A question mark */
206 to[i] = cpu_to_le16(0x003f); 212 wchar_to = 0x003f;
207 charlen = 1; 213 charlen = 1;
208 } else 214 }
209 to[i] = cpu_to_le16(wchar_to[i]); 215 put_unaligned_le16(wchar_to, &to[i]);
210
211 } 216 }
212 217
213 to[i] = 0; 218 put_unaligned_le16(0, &to[i]);
214 return i; 219 return i;
215} 220}
216 221
@@ -252,3 +257,79 @@ cifs_strndup_from_ucs(const char *src, const int maxlen, const bool is_unicode,
252 return dst; 257 return dst;
253} 258}
254 259
260/*
261 * Convert 16 bit Unicode pathname to wire format from string in current code
262 * page. Conversion may involve remapping up the six characters that are
263 * only legal in POSIX-like OS (if they are present in the string). Path
264 * names are little endian 16 bit Unicode on the wire
265 */
266int
267cifsConvertToUCS(__le16 *target, const char *source, int maxlen,
268 const struct nls_table *cp, int mapChars)
269{
270 int i, j, charlen;
271 int len_remaining = maxlen;
272 char src_char;
273 __u16 temp;
274
275 if (!mapChars)
276 return cifs_strtoUCS(target, source, PATH_MAX, cp);
277
278 for (i = 0, j = 0; i < maxlen; j++) {
279 src_char = source[i];
280 switch (src_char) {
281 case 0:
282 put_unaligned_le16(0, &target[j]);
283 goto ctoUCS_out;
284 case ':':
285 temp = UNI_COLON;
286 break;
287 case '*':
288 temp = UNI_ASTERIK;
289 break;
290 case '?':
291 temp = UNI_QUESTION;
292 break;
293 case '<':
294 temp = UNI_LESSTHAN;
295 break;
296 case '>':
297 temp = UNI_GRTRTHAN;
298 break;
299 case '|':
300 temp = UNI_PIPE;
301 break;
302 /*
303 * FIXME: We can not handle remapping backslash (UNI_SLASH)
304 * until all the calls to build_path_from_dentry are modified,
305 * as they use backslash as separator.
306 */
307 default:
308 charlen = cp->char2uni(source+i, len_remaining,
309 &temp);
310 /*
311 * if no match, use question mark, which at least in
312 * some cases serves as wild card
313 */
314 if (charlen < 1) {
315 temp = 0x003f;
316 charlen = 1;
317 }
318 len_remaining -= charlen;
319 /*
320 * character may take more than one byte in the source
321 * string, but will take exactly two bytes in the
322 * target string
323 */
324 i += charlen;
325 continue;
326 }
327 put_unaligned_le16(temp, &target[j]);
328 i++; /* move to next char in source string */
329 len_remaining--;
330 }
331
332ctoUCS_out:
333 return i;
334}
335
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index a437ec391a01..1e7636b145a8 100644
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c
@@ -41,9 +41,12 @@ static struct cifs_wksid wksidarr[NUM_WK_SIDS] = {
41; 41;
42 42
43 43
44/* security id for everyone */ 44/* security id for everyone/world system group */
45static const struct cifs_sid sid_everyone = { 45static const struct cifs_sid sid_everyone = {
46 1, 1, {0, 0, 0, 0, 0, 1}, {0} }; 46 1, 1, {0, 0, 0, 0, 0, 1}, {0} };
47/* security id for Authenticated Users system group */
48static const struct cifs_sid sid_authusers = {
49 1, 1, {0, 0, 0, 0, 0, 5}, {11} };
47/* group users */ 50/* group users */
48static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} }; 51static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} };
49 52
@@ -365,7 +368,7 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl,
365 if (num_aces > 0) { 368 if (num_aces > 0) {
366 umode_t user_mask = S_IRWXU; 369 umode_t user_mask = S_IRWXU;
367 umode_t group_mask = S_IRWXG; 370 umode_t group_mask = S_IRWXG;
368 umode_t other_mask = S_IRWXO; 371 umode_t other_mask = S_IRWXU | S_IRWXG | S_IRWXO;
369 372
370 ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), 373 ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
371 GFP_KERNEL); 374 GFP_KERNEL);
@@ -390,6 +393,12 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl,
390 ppace[i]->type, 393 ppace[i]->type,
391 &fattr->cf_mode, 394 &fattr->cf_mode,
392 &other_mask); 395 &other_mask);
396 if (compare_sids(&(ppace[i]->sid), &sid_authusers))
397 access_flags_to_mode(ppace[i]->access_req,
398 ppace[i]->type,
399 &fattr->cf_mode,
400 &other_mask);
401
393 402
394/* memcpy((void *)(&(cifscred->aces[i])), 403/* memcpy((void *)(&(cifscred->aces[i])),
395 (void *)ppace[i], 404 (void *)ppace[i],
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 66f3d50d0676..0db5f1de0227 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -24,7 +24,6 @@
24#include "cifspdu.h" 24#include "cifspdu.h"
25#include "cifsglob.h" 25#include "cifsglob.h"
26#include "cifs_debug.h" 26#include "cifs_debug.h"
27#include "md5.h"
28#include "cifs_unicode.h" 27#include "cifs_unicode.h"
29#include "cifsproto.h" 28#include "cifsproto.h"
30#include "ntlmssp.h" 29#include "ntlmssp.h"
@@ -37,11 +36,6 @@
37/* Note that the smb header signature field on input contains the 36/* Note that the smb header signature field on input contains the
38 sequence number before this function is called */ 37 sequence number before this function is called */
39 38
40extern void mdfour(unsigned char *out, unsigned char *in, int n);
41extern void E_md4hash(const unsigned char *passwd, unsigned char *p16);
42extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
43 unsigned char *p24);
44
45static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, 39static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu,
46 struct TCP_Server_Info *server, char *signature) 40 struct TCP_Server_Info *server, char *signature)
47{ 41{
@@ -234,6 +228,7 @@ int cifs_verify_signature(struct smb_hdr *cifs_pdu,
234/* first calculate 24 bytes ntlm response and then 16 byte session key */ 228/* first calculate 24 bytes ntlm response and then 16 byte session key */
235int setup_ntlm_response(struct cifsSesInfo *ses) 229int setup_ntlm_response(struct cifsSesInfo *ses)
236{ 230{
231 int rc = 0;
237 unsigned int temp_len = CIFS_SESS_KEY_SIZE + CIFS_AUTH_RESP_SIZE; 232 unsigned int temp_len = CIFS_SESS_KEY_SIZE + CIFS_AUTH_RESP_SIZE;
238 char temp_key[CIFS_SESS_KEY_SIZE]; 233 char temp_key[CIFS_SESS_KEY_SIZE];
239 234
@@ -247,13 +242,26 @@ int setup_ntlm_response(struct cifsSesInfo *ses)
247 } 242 }
248 ses->auth_key.len = temp_len; 243 ses->auth_key.len = temp_len;
249 244
250 SMBNTencrypt(ses->password, ses->server->cryptkey, 245 rc = SMBNTencrypt(ses->password, ses->server->cryptkey,
251 ses->auth_key.response + CIFS_SESS_KEY_SIZE); 246 ses->auth_key.response + CIFS_SESS_KEY_SIZE);
247 if (rc) {
248 cFYI(1, "%s Can't generate NTLM response, error: %d",
249 __func__, rc);
250 return rc;
251 }
252
253 rc = E_md4hash(ses->password, temp_key);
254 if (rc) {
255 cFYI(1, "%s Can't generate NT hash, error: %d", __func__, rc);
256 return rc;
257 }
252 258
253 E_md4hash(ses->password, temp_key); 259 rc = mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE);
254 mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE); 260 if (rc)
261 cFYI(1, "%s Can't generate NTLM session key, error: %d",
262 __func__, rc);
255 263
256 return 0; 264 return rc;
257} 265}
258 266
259#ifdef CONFIG_CIFS_WEAK_PW_HASH 267#ifdef CONFIG_CIFS_WEAK_PW_HASH
@@ -700,14 +708,13 @@ cifs_crypto_shash_allocate(struct TCP_Server_Info *server)
700 unsigned int size; 708 unsigned int size;
701 709
702 server->secmech.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0); 710 server->secmech.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0);
703 if (!server->secmech.hmacmd5 || 711 if (IS_ERR(server->secmech.hmacmd5)) {
704 IS_ERR(server->secmech.hmacmd5)) {
705 cERROR(1, "could not allocate crypto hmacmd5\n"); 712 cERROR(1, "could not allocate crypto hmacmd5\n");
706 return PTR_ERR(server->secmech.hmacmd5); 713 return PTR_ERR(server->secmech.hmacmd5);
707 } 714 }
708 715
709 server->secmech.md5 = crypto_alloc_shash("md5", 0, 0); 716 server->secmech.md5 = crypto_alloc_shash("md5", 0, 0);
710 if (!server->secmech.md5 || IS_ERR(server->secmech.md5)) { 717 if (IS_ERR(server->secmech.md5)) {
711 cERROR(1, "could not allocate crypto md5\n"); 718 cERROR(1, "could not allocate crypto md5\n");
712 rc = PTR_ERR(server->secmech.md5); 719 rc = PTR_ERR(server->secmech.md5);
713 goto crypto_allocate_md5_fail; 720 goto crypto_allocate_md5_fail;
diff --git a/fs/cifs/cifsencrypt.h b/fs/cifs/cifsencrypt.h
deleted file mode 100644
index 15d2ec006474..000000000000
--- a/fs/cifs/cifsencrypt.h
+++ /dev/null
@@ -1,33 +0,0 @@
1/*
2 * fs/cifs/cifsencrypt.h
3 *
4 * Copyright (c) International Business Machines Corp., 2005
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * Externs for misc. small encryption routines
8 * so we do not have to put them in cifsproto.h
9 *
10 * This library is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU Lesser General Public License as published
12 * by the Free Software Foundation; either version 2.1 of the License, or
13 * (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
18 * the GNU Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public License
21 * along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25/* md4.c */
26extern void mdfour(unsigned char *out, unsigned char *in, int n);
27/* smbdes.c */
28extern void E_P16(unsigned char *p14, unsigned char *p16);
29extern void E_P24(unsigned char *p21, const unsigned char *c8,
30 unsigned char *p24);
31
32
33
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index d9f652a522a6..f2970136d17d 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -77,7 +77,11 @@ unsigned int cifs_max_pending = CIFS_MAX_REQ;
77module_param(cifs_max_pending, int, 0); 77module_param(cifs_max_pending, int, 0);
78MODULE_PARM_DESC(cifs_max_pending, "Simultaneous requests to server. " 78MODULE_PARM_DESC(cifs_max_pending, "Simultaneous requests to server. "
79 "Default: 50 Range: 2 to 256"); 79 "Default: 50 Range: 2 to 256");
80 80unsigned short echo_retries = 5;
81module_param(echo_retries, ushort, 0644);
82MODULE_PARM_DESC(echo_retries, "Number of echo attempts before giving up and "
83 "reconnecting server. Default: 5. 0 means "
84 "never reconnect.");
81extern mempool_t *cifs_sm_req_poolp; 85extern mempool_t *cifs_sm_req_poolp;
82extern mempool_t *cifs_req_poolp; 86extern mempool_t *cifs_req_poolp;
83extern mempool_t *cifs_mid_poolp; 87extern mempool_t *cifs_mid_poolp;
@@ -596,10 +600,17 @@ static ssize_t cifs_file_aio_write(struct kiocb *iocb, const struct iovec *iov,
596{ 600{
597 struct inode *inode = iocb->ki_filp->f_path.dentry->d_inode; 601 struct inode *inode = iocb->ki_filp->f_path.dentry->d_inode;
598 ssize_t written; 602 ssize_t written;
603 int rc;
599 604
600 written = generic_file_aio_write(iocb, iov, nr_segs, pos); 605 written = generic_file_aio_write(iocb, iov, nr_segs, pos);
601 if (!CIFS_I(inode)->clientCanCacheAll) 606
602 filemap_fdatawrite(inode->i_mapping); 607 if (CIFS_I(inode)->clientCanCacheAll)
608 return written;
609
610 rc = filemap_fdatawrite(inode->i_mapping);
611 if (rc)
612 cFYI(1, "cifs_file_aio_write: %d rc on %p inode", rc, inode);
613
603 return written; 614 return written;
604} 615}
605 616
@@ -729,6 +740,25 @@ const struct file_operations cifs_file_ops = {
729 .setlease = cifs_setlease, 740 .setlease = cifs_setlease,
730}; 741};
731 742
743const struct file_operations cifs_file_strict_ops = {
744 .read = do_sync_read,
745 .write = do_sync_write,
746 .aio_read = cifs_strict_readv,
747 .aio_write = cifs_strict_writev,
748 .open = cifs_open,
749 .release = cifs_close,
750 .lock = cifs_lock,
751 .fsync = cifs_strict_fsync,
752 .flush = cifs_flush,
753 .mmap = cifs_file_strict_mmap,
754 .splice_read = generic_file_splice_read,
755 .llseek = cifs_llseek,
756#ifdef CONFIG_CIFS_POSIX
757 .unlocked_ioctl = cifs_ioctl,
758#endif /* CONFIG_CIFS_POSIX */
759 .setlease = cifs_setlease,
760};
761
732const struct file_operations cifs_file_direct_ops = { 762const struct file_operations cifs_file_direct_ops = {
733 /* no aio, no readv - 763 /* no aio, no readv -
734 BB reevaluate whether they can be done with directio, no cache */ 764 BB reevaluate whether they can be done with directio, no cache */
@@ -747,6 +777,7 @@ const struct file_operations cifs_file_direct_ops = {
747 .llseek = cifs_llseek, 777 .llseek = cifs_llseek,
748 .setlease = cifs_setlease, 778 .setlease = cifs_setlease,
749}; 779};
780
750const struct file_operations cifs_file_nobrl_ops = { 781const struct file_operations cifs_file_nobrl_ops = {
751 .read = do_sync_read, 782 .read = do_sync_read,
752 .write = do_sync_write, 783 .write = do_sync_write,
@@ -765,6 +796,24 @@ const struct file_operations cifs_file_nobrl_ops = {
765 .setlease = cifs_setlease, 796 .setlease = cifs_setlease,
766}; 797};
767 798
799const struct file_operations cifs_file_strict_nobrl_ops = {
800 .read = do_sync_read,
801 .write = do_sync_write,
802 .aio_read = cifs_strict_readv,
803 .aio_write = cifs_strict_writev,
804 .open = cifs_open,
805 .release = cifs_close,
806 .fsync = cifs_strict_fsync,
807 .flush = cifs_flush,
808 .mmap = cifs_file_strict_mmap,
809 .splice_read = generic_file_splice_read,
810 .llseek = cifs_llseek,
811#ifdef CONFIG_CIFS_POSIX
812 .unlocked_ioctl = cifs_ioctl,
813#endif /* CONFIG_CIFS_POSIX */
814 .setlease = cifs_setlease,
815};
816
768const struct file_operations cifs_file_direct_nobrl_ops = { 817const struct file_operations cifs_file_direct_nobrl_ops = {
769 /* no mmap, no aio, no readv - 818 /* no mmap, no aio, no readv -
770 BB reevaluate whether they can be done with directio, no cache */ 819 BB reevaluate whether they can be done with directio, no cache */
diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h
index 851030f74939..14789a97304e 100644
--- a/fs/cifs/cifsfs.h
+++ b/fs/cifs/cifsfs.h
@@ -61,6 +61,7 @@ extern int cifs_rename(struct inode *, struct dentry *, struct inode *,
61 struct dentry *); 61 struct dentry *);
62extern int cifs_revalidate_file(struct file *filp); 62extern int cifs_revalidate_file(struct file *filp);
63extern int cifs_revalidate_dentry(struct dentry *); 63extern int cifs_revalidate_dentry(struct dentry *);
64extern void cifs_invalidate_mapping(struct inode *inode);
64extern int cifs_getattr(struct vfsmount *, struct dentry *, struct kstat *); 65extern int cifs_getattr(struct vfsmount *, struct dentry *, struct kstat *);
65extern int cifs_setattr(struct dentry *, struct iattr *); 66extern int cifs_setattr(struct dentry *, struct iattr *);
66 67
@@ -72,19 +73,27 @@ extern const struct inode_operations cifs_dfs_referral_inode_operations;
72/* Functions related to files and directories */ 73/* Functions related to files and directories */
73extern const struct file_operations cifs_file_ops; 74extern const struct file_operations cifs_file_ops;
74extern const struct file_operations cifs_file_direct_ops; /* if directio mnt */ 75extern const struct file_operations cifs_file_direct_ops; /* if directio mnt */
75extern const struct file_operations cifs_file_nobrl_ops; 76extern const struct file_operations cifs_file_strict_ops; /* if strictio mnt */
76extern const struct file_operations cifs_file_direct_nobrl_ops; /* no brlocks */ 77extern const struct file_operations cifs_file_nobrl_ops; /* no brlocks */
78extern const struct file_operations cifs_file_direct_nobrl_ops;
79extern const struct file_operations cifs_file_strict_nobrl_ops;
77extern int cifs_open(struct inode *inode, struct file *file); 80extern int cifs_open(struct inode *inode, struct file *file);
78extern int cifs_close(struct inode *inode, struct file *file); 81extern int cifs_close(struct inode *inode, struct file *file);
79extern int cifs_closedir(struct inode *inode, struct file *file); 82extern int cifs_closedir(struct inode *inode, struct file *file);
80extern ssize_t cifs_user_read(struct file *file, char __user *read_data, 83extern ssize_t cifs_user_read(struct file *file, char __user *read_data,
81 size_t read_size, loff_t *poffset); 84 size_t read_size, loff_t *poffset);
85extern ssize_t cifs_strict_readv(struct kiocb *iocb, const struct iovec *iov,
86 unsigned long nr_segs, loff_t pos);
82extern ssize_t cifs_user_write(struct file *file, const char __user *write_data, 87extern ssize_t cifs_user_write(struct file *file, const char __user *write_data,
83 size_t write_size, loff_t *poffset); 88 size_t write_size, loff_t *poffset);
89extern ssize_t cifs_strict_writev(struct kiocb *iocb, const struct iovec *iov,
90 unsigned long nr_segs, loff_t pos);
84extern int cifs_lock(struct file *, int, struct file_lock *); 91extern int cifs_lock(struct file *, int, struct file_lock *);
85extern int cifs_fsync(struct file *, int); 92extern int cifs_fsync(struct file *, int);
93extern int cifs_strict_fsync(struct file *, int);
86extern int cifs_flush(struct file *, fl_owner_t id); 94extern int cifs_flush(struct file *, fl_owner_t id);
87extern int cifs_file_mmap(struct file * , struct vm_area_struct *); 95extern int cifs_file_mmap(struct file * , struct vm_area_struct *);
96extern int cifs_file_strict_mmap(struct file * , struct vm_area_struct *);
88extern const struct file_operations cifs_dir_ops; 97extern const struct file_operations cifs_dir_ops;
89extern int cifs_dir_open(struct inode *inode, struct file *file); 98extern int cifs_dir_open(struct inode *inode, struct file *file);
90extern int cifs_readdir(struct file *file, void *direntry, filldir_t filldir); 99extern int cifs_readdir(struct file *file, void *direntry, filldir_t filldir);
@@ -118,5 +127,5 @@ extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg);
118extern const struct export_operations cifs_export_ops; 127extern const struct export_operations cifs_export_ops;
119#endif /* EXPERIMENTAL */ 128#endif /* EXPERIMENTAL */
120 129
121#define CIFS_VERSION "1.68" 130#define CIFS_VERSION "1.69"
122#endif /* _CIFSFS_H */ 131#endif /* _CIFSFS_H */
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 606ca8bb7102..edd5b29b53c9 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -161,32 +161,27 @@ struct TCP_Server_Info {
161 int srv_count; /* reference counter */ 161 int srv_count; /* reference counter */
162 /* 15 character server name + 0x20 16th byte indicating type = srv */ 162 /* 15 character server name + 0x20 16th byte indicating type = srv */
163 char server_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL]; 163 char server_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL];
164 enum statusEnum tcpStatus; /* what we think the status is */
164 char *hostname; /* hostname portion of UNC string */ 165 char *hostname; /* hostname portion of UNC string */
165 struct socket *ssocket; 166 struct socket *ssocket;
166 struct sockaddr_storage dstaddr; 167 struct sockaddr_storage dstaddr;
167 struct sockaddr_storage srcaddr; /* locally bind to this IP */ 168 struct sockaddr_storage srcaddr; /* locally bind to this IP */
169#ifdef CONFIG_NET_NS
170 struct net *net;
171#endif
168 wait_queue_head_t response_q; 172 wait_queue_head_t response_q;
169 wait_queue_head_t request_q; /* if more than maxmpx to srvr must block*/ 173 wait_queue_head_t request_q; /* if more than maxmpx to srvr must block*/
170 struct list_head pending_mid_q; 174 struct list_head pending_mid_q;
171 void *Server_NlsInfo; /* BB - placeholder for future NLS info */
172 unsigned short server_codepage; /* codepage for the server */
173 enum protocolEnum protocolType;
174 char versionMajor;
175 char versionMinor;
176 bool svlocal:1; /* local server or remote */
177 bool noblocksnd; /* use blocking sendmsg */ 175 bool noblocksnd; /* use blocking sendmsg */
178 bool noautotune; /* do not autotune send buf sizes */ 176 bool noautotune; /* do not autotune send buf sizes */
179 bool tcp_nodelay; 177 bool tcp_nodelay;
180 atomic_t inFlight; /* number of requests on the wire to server */ 178 atomic_t inFlight; /* number of requests on the wire to server */
181#ifdef CONFIG_CIFS_STATS2
182 atomic_t inSend; /* requests trying to send */
183 atomic_t num_waiters; /* blocked waiting to get in sendrecv */
184#endif
185 enum statusEnum tcpStatus; /* what we think the status is */
186 struct mutex srv_mutex; 179 struct mutex srv_mutex;
187 struct task_struct *tsk; 180 struct task_struct *tsk;
188 char server_GUID[16]; 181 char server_GUID[16];
189 char secMode; 182 char secMode;
183 bool session_estab; /* mark when very first sess is established */
184 u16 dialect; /* dialect index that server chose */
190 enum securityEnum secType; 185 enum securityEnum secType;
191 unsigned int maxReq; /* Clients should submit no more */ 186 unsigned int maxReq; /* Clients should submit no more */
192 /* than maxReq distinct unanswered SMBs to the server when using */ 187 /* than maxReq distinct unanswered SMBs to the server when using */
@@ -199,8 +194,6 @@ struct TCP_Server_Info {
199 unsigned int max_vcs; /* maximum number of smb sessions, at least 194 unsigned int max_vcs; /* maximum number of smb sessions, at least
200 those that can be specified uniquely with 195 those that can be specified uniquely with
201 vcnumbers */ 196 vcnumbers */
202 char sessid[4]; /* unique token id for this session */
203 /* (returned on Negotiate */
204 int capabilities; /* allow selective disabling of caps by smb sess */ 197 int capabilities; /* allow selective disabling of caps by smb sess */
205 int timeAdj; /* Adjust for difference in server time zone in sec */ 198 int timeAdj; /* Adjust for difference in server time zone in sec */
206 __u16 CurrentMid; /* multiplex id - rotating counter */ 199 __u16 CurrentMid; /* multiplex id - rotating counter */
@@ -210,20 +203,53 @@ struct TCP_Server_Info {
210 __u32 sequence_number; /* for signing, protected by srv_mutex */ 203 __u32 sequence_number; /* for signing, protected by srv_mutex */
211 struct session_key session_key; 204 struct session_key session_key;
212 unsigned long lstrp; /* when we got last response from this server */ 205 unsigned long lstrp; /* when we got last response from this server */
213 u16 dialect; /* dialect index that server chose */
214 struct cifs_secmech secmech; /* crypto sec mech functs, descriptors */ 206 struct cifs_secmech secmech; /* crypto sec mech functs, descriptors */
215 /* extended security flavors that server supports */ 207 /* extended security flavors that server supports */
208 bool sec_ntlmssp; /* supports NTLMSSP */
209 bool sec_kerberosu2u; /* supports U2U Kerberos */
216 bool sec_kerberos; /* supports plain Kerberos */ 210 bool sec_kerberos; /* supports plain Kerberos */
217 bool sec_mskerberos; /* supports legacy MS Kerberos */ 211 bool sec_mskerberos; /* supports legacy MS Kerberos */
218 bool sec_kerberosu2u; /* supports U2U Kerberos */ 212 struct delayed_work echo; /* echo ping workqueue job */
219 bool sec_ntlmssp; /* supports NTLMSSP */
220 bool session_estab; /* mark when very first sess is established */
221#ifdef CONFIG_CIFS_FSCACHE 213#ifdef CONFIG_CIFS_FSCACHE
222 struct fscache_cookie *fscache; /* client index cache cookie */ 214 struct fscache_cookie *fscache; /* client index cache cookie */
223#endif 215#endif
216#ifdef CONFIG_CIFS_STATS2
217 atomic_t inSend; /* requests trying to send */
218 atomic_t num_waiters; /* blocked waiting to get in sendrecv */
219#endif
224}; 220};
225 221
226/* 222/*
223 * Macros to allow the TCP_Server_Info->net field and related code to drop out
224 * when CONFIG_NET_NS isn't set.
225 */
226
227#ifdef CONFIG_NET_NS
228
229static inline struct net *cifs_net_ns(struct TCP_Server_Info *srv)
230{
231 return srv->net;
232}
233
234static inline void cifs_set_net_ns(struct TCP_Server_Info *srv, struct net *net)
235{
236 srv->net = net;
237}
238
239#else
240
241static inline struct net *cifs_net_ns(struct TCP_Server_Info *srv)
242{
243 return &init_net;
244}
245
246static inline void cifs_set_net_ns(struct TCP_Server_Info *srv, struct net *net)
247{
248}
249
250#endif
251
252/*
227 * Session structure. One of these for each uid session with a particular host 253 * Session structure. One of these for each uid session with a particular host
228 */ 254 */
229struct cifsSesInfo { 255struct cifsSesInfo {
@@ -446,11 +472,11 @@ struct cifsInodeInfo {
446 /* BB add in lists for dirty pages i.e. write caching info for oplock */ 472 /* BB add in lists for dirty pages i.e. write caching info for oplock */
447 struct list_head openFileList; 473 struct list_head openFileList;
448 __u32 cifsAttrs; /* e.g. DOS archive bit, sparse, compressed, system */ 474 __u32 cifsAttrs; /* e.g. DOS archive bit, sparse, compressed, system */
449 unsigned long time; /* jiffies of last update/check of inode */ 475 bool clientCanCacheRead; /* read oplock */
450 bool clientCanCacheRead:1; /* read oplock */ 476 bool clientCanCacheAll; /* read and writebehind oplock */
451 bool clientCanCacheAll:1; /* read and writebehind oplock */ 477 bool delete_pending; /* DELETE_ON_CLOSE is set */
452 bool delete_pending:1; /* DELETE_ON_CLOSE is set */ 478 bool invalid_mapping; /* pagecache is invalid */
453 bool invalid_mapping:1; /* pagecache is invalid */ 479 unsigned long time; /* jiffies of last update of inode */
454 u64 server_eof; /* current file size on server */ 480 u64 server_eof; /* current file size on server */
455 u64 uniqueid; /* server inode number */ 481 u64 uniqueid; /* server inode number */
456 u64 createtime; /* creation time on server */ 482 u64 createtime; /* creation time on server */
@@ -508,6 +534,18 @@ static inline void cifs_stats_bytes_read(struct cifsTconInfo *tcon,
508 534
509#endif 535#endif
510 536
537struct mid_q_entry;
538
539/*
540 * This is the prototype for the mid callback function. When creating one,
541 * take special care to avoid deadlocks. Things to bear in mind:
542 *
543 * - it will be called by cifsd
544 * - the GlobalMid_Lock will be held
545 * - the mid will be removed from the pending_mid_q list
546 */
547typedef void (mid_callback_t)(struct mid_q_entry *mid);
548
511/* one of these for every pending CIFS request to the server */ 549/* one of these for every pending CIFS request to the server */
512struct mid_q_entry { 550struct mid_q_entry {
513 struct list_head qhead; /* mids waiting on reply from this server */ 551 struct list_head qhead; /* mids waiting on reply from this server */
@@ -519,7 +557,8 @@ struct mid_q_entry {
519 unsigned long when_sent; /* time when smb send finished */ 557 unsigned long when_sent; /* time when smb send finished */
520 unsigned long when_received; /* when demux complete (taken off wire) */ 558 unsigned long when_received; /* when demux complete (taken off wire) */
521#endif 559#endif
522 struct task_struct *tsk; /* task waiting for response */ 560 mid_callback_t *callback; /* call completion callback */
561 void *callback_data; /* general purpose pointer for callback */
523 struct smb_hdr *resp_buf; /* response buffer */ 562 struct smb_hdr *resp_buf; /* response buffer */
524 int midState; /* wish this were enum but can not pass to wait_event */ 563 int midState; /* wish this were enum but can not pass to wait_event */
525 __u8 command; /* smb command code */ 564 __u8 command; /* smb command code */
@@ -622,12 +661,9 @@ static inline void free_dfs_info_array(struct dfs_info3_param *param,
622#define CIFS_IOVEC 4 /* array of response buffers */ 661#define CIFS_IOVEC 4 /* array of response buffers */
623 662
624/* Type of Request to SendReceive2 */ 663/* Type of Request to SendReceive2 */
625#define CIFS_STD_OP 0 /* normal request timeout */ 664#define CIFS_BLOCKING_OP 1 /* operation can block */
626#define CIFS_LONG_OP 1 /* long op (up to 45 sec, oplock time) */ 665#define CIFS_ASYNC_OP 2 /* do not wait for response */
627#define CIFS_VLONG_OP 2 /* sloow op - can take up to 180 seconds */ 666#define CIFS_TIMEOUT_MASK 0x003 /* only one of above set in req */
628#define CIFS_BLOCKING_OP 4 /* operation can block */
629#define CIFS_ASYNC_OP 8 /* do not wait for response */
630#define CIFS_TIMEOUT_MASK 0x00F /* only one of 5 above set in req */
631#define CIFS_LOG_ERROR 0x010 /* log NT STATUS if non-zero */ 667#define CIFS_LOG_ERROR 0x010 /* log NT STATUS if non-zero */
632#define CIFS_LARGE_BUF_OP 0x020 /* large request buffer */ 668#define CIFS_LARGE_BUF_OP 0x020 /* large request buffer */
633#define CIFS_NO_RESP 0x040 /* no response buffer required */ 669#define CIFS_NO_RESP 0x040 /* no response buffer required */
@@ -790,6 +826,9 @@ GLOBAL_EXTERN unsigned int cifs_min_rcv; /* min size of big ntwrk buf pool */
790GLOBAL_EXTERN unsigned int cifs_min_small; /* min size of small buf pool */ 826GLOBAL_EXTERN unsigned int cifs_min_small; /* min size of small buf pool */
791GLOBAL_EXTERN unsigned int cifs_max_pending; /* MAX requests at once to server*/ 827GLOBAL_EXTERN unsigned int cifs_max_pending; /* MAX requests at once to server*/
792 828
829/* reconnect after this many failed echo attempts */
830GLOBAL_EXTERN unsigned short echo_retries;
831
793void cifs_oplock_break(struct work_struct *work); 832void cifs_oplock_break(struct work_struct *work);
794void cifs_oplock_break_get(struct cifsFileInfo *cfile); 833void cifs_oplock_break_get(struct cifsFileInfo *cfile);
795void cifs_oplock_break_put(struct cifsFileInfo *cfile); 834void cifs_oplock_break_put(struct cifsFileInfo *cfile);
diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h
index de36b09763a8..b5c8cc5d7a7f 100644
--- a/fs/cifs/cifspdu.h
+++ b/fs/cifs/cifspdu.h
@@ -23,6 +23,7 @@
23#define _CIFSPDU_H 23#define _CIFSPDU_H
24 24
25#include <net/sock.h> 25#include <net/sock.h>
26#include <asm/unaligned.h>
26#include "smbfsctl.h" 27#include "smbfsctl.h"
27 28
28#ifdef CONFIG_CIFS_WEAK_PW_HASH 29#ifdef CONFIG_CIFS_WEAK_PW_HASH
@@ -50,6 +51,7 @@
50#define SMB_COM_SETATTR 0x09 /* trivial response */ 51#define SMB_COM_SETATTR 0x09 /* trivial response */
51#define SMB_COM_LOCKING_ANDX 0x24 /* trivial response */ 52#define SMB_COM_LOCKING_ANDX 0x24 /* trivial response */
52#define SMB_COM_COPY 0x29 /* trivial rsp, fail filename ignrd*/ 53#define SMB_COM_COPY 0x29 /* trivial rsp, fail filename ignrd*/
54#define SMB_COM_ECHO 0x2B /* echo request */
53#define SMB_COM_OPEN_ANDX 0x2D /* Legacy open for old servers */ 55#define SMB_COM_OPEN_ANDX 0x2D /* Legacy open for old servers */
54#define SMB_COM_READ_ANDX 0x2E 56#define SMB_COM_READ_ANDX 0x2E
55#define SMB_COM_WRITE_ANDX 0x2F 57#define SMB_COM_WRITE_ANDX 0x2F
@@ -425,11 +427,49 @@ struct smb_hdr {
425 __u16 Mid; 427 __u16 Mid;
426 __u8 WordCount; 428 __u8 WordCount;
427} __attribute__((packed)); 429} __attribute__((packed));
428/* given a pointer to an smb_hdr retrieve the value of byte count */ 430
429#define BCC(smb_var) (*(__u16 *)((char *)(smb_var) + sizeof(struct smb_hdr) + (2 * (smb_var)->WordCount))) 431/* given a pointer to an smb_hdr retrieve a char pointer to the byte count */
430#define BCC_LE(smb_var) (*(__le16 *)((char *)(smb_var) + sizeof(struct smb_hdr) + (2 * (smb_var)->WordCount))) 432#define BCC(smb_var) ((unsigned char *)(smb_var) + sizeof(struct smb_hdr) + \
433 (2 * (smb_var)->WordCount))
434
431/* given a pointer to an smb_hdr retrieve the pointer to the byte area */ 435/* given a pointer to an smb_hdr retrieve the pointer to the byte area */
432#define pByteArea(smb_var) ((unsigned char *)(smb_var) + sizeof(struct smb_hdr) + (2 * (smb_var)->WordCount) + 2) 436#define pByteArea(smb_var) (BCC(smb_var) + 2)
437
438/* get the converted ByteCount for a SMB packet and return it */
439static inline __u16
440get_bcc(struct smb_hdr *hdr)
441{
442 __u16 *bc_ptr = (__u16 *)BCC(hdr);
443
444 return get_unaligned(bc_ptr);
445}
446
447/* get the unconverted ByteCount for a SMB packet and return it */
448static inline __u16
449get_bcc_le(struct smb_hdr *hdr)
450{
451 __le16 *bc_ptr = (__le16 *)BCC(hdr);
452
453 return get_unaligned_le16(bc_ptr);
454}
455
456/* set the ByteCount for a SMB packet in host-byte order */
457static inline void
458put_bcc(__u16 count, struct smb_hdr *hdr)
459{
460 __u16 *bc_ptr = (__u16 *)BCC(hdr);
461
462 put_unaligned(count, bc_ptr);
463}
464
465/* set the ByteCount for a SMB packet in little-endian */
466static inline void
467put_bcc_le(__u16 count, struct smb_hdr *hdr)
468{
469 __le16 *bc_ptr = (__le16 *)BCC(hdr);
470
471 put_unaligned_le16(count, bc_ptr);
472}
433 473
434/* 474/*
435 * Computer Name Length (since Netbios name was length 16 with last byte 0x20) 475 * Computer Name Length (since Netbios name was length 16 with last byte 0x20)
@@ -760,6 +800,20 @@ typedef struct smb_com_tconx_rsp_ext {
760 * 800 *
761 */ 801 */
762 802
803typedef struct smb_com_echo_req {
804 struct smb_hdr hdr;
805 __le16 EchoCount;
806 __le16 ByteCount;
807 char Data[1];
808} __attribute__((packed)) ECHO_REQ;
809
810typedef struct smb_com_echo_rsp {
811 struct smb_hdr hdr;
812 __le16 SequenceNumber;
813 __le16 ByteCount;
814 char Data[1];
815} __attribute__((packed)) ECHO_RSP;
816
763typedef struct smb_com_logoff_andx_req { 817typedef struct smb_com_logoff_andx_req {
764 struct smb_hdr hdr; /* wct = 2 */ 818 struct smb_hdr hdr; /* wct = 2 */
765 __u8 AndXCommand; 819 __u8 AndXCommand;
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
index e6d1481b16c1..8096f27ad9a8 100644
--- a/fs/cifs/cifsproto.h
+++ b/fs/cifs/cifsproto.h
@@ -61,6 +61,12 @@ extern char *cifs_compose_mount_options(const char *sb_mountdata,
61 const char *fullpath, const struct dfs_info3_param *ref, 61 const char *fullpath, const struct dfs_info3_param *ref,
62 char **devname); 62 char **devname);
63/* extern void renew_parental_timestamps(struct dentry *direntry);*/ 63/* extern void renew_parental_timestamps(struct dentry *direntry);*/
64extern struct mid_q_entry *AllocMidQEntry(const struct smb_hdr *smb_buffer,
65 struct TCP_Server_Info *server);
66extern void DeleteMidQEntry(struct mid_q_entry *midEntry);
67extern int cifs_call_async(struct TCP_Server_Info *server,
68 struct smb_hdr *in_buf, mid_callback_t *callback,
69 void *cbdata);
64extern int SendReceive(const unsigned int /* xid */ , struct cifsSesInfo *, 70extern int SendReceive(const unsigned int /* xid */ , struct cifsSesInfo *,
65 struct smb_hdr * /* input */ , 71 struct smb_hdr * /* input */ ,
66 struct smb_hdr * /* out */ , 72 struct smb_hdr * /* out */ ,
@@ -79,6 +85,8 @@ extern int checkSMB(struct smb_hdr *smb, __u16 mid, unsigned int length);
79extern bool is_valid_oplock_break(struct smb_hdr *smb, 85extern bool is_valid_oplock_break(struct smb_hdr *smb,
80 struct TCP_Server_Info *); 86 struct TCP_Server_Info *);
81extern bool is_size_safe_to_change(struct cifsInodeInfo *, __u64 eof); 87extern bool is_size_safe_to_change(struct cifsInodeInfo *, __u64 eof);
88extern void cifs_update_eof(struct cifsInodeInfo *cifsi, loff_t offset,
89 unsigned int bytes_written);
82extern struct cifsFileInfo *find_writable_file(struct cifsInodeInfo *, bool); 90extern struct cifsFileInfo *find_writable_file(struct cifsInodeInfo *, bool);
83extern struct cifsFileInfo *find_readable_file(struct cifsInodeInfo *, bool); 91extern struct cifsFileInfo *find_readable_file(struct cifsInodeInfo *, bool);
84extern unsigned int smbCalcSize(struct smb_hdr *ptr); 92extern unsigned int smbCalcSize(struct smb_hdr *ptr);
@@ -347,12 +355,13 @@ extern int CIFSSMBLock(const int xid, struct cifsTconInfo *tcon,
347 const __u16 netfid, const __u64 len, 355 const __u16 netfid, const __u64 len,
348 const __u64 offset, const __u32 numUnlock, 356 const __u64 offset, const __u32 numUnlock,
349 const __u32 numLock, const __u8 lockType, 357 const __u32 numLock, const __u8 lockType,
350 const bool waitFlag); 358 const bool waitFlag, const __u8 oplock_level);
351extern int CIFSSMBPosixLock(const int xid, struct cifsTconInfo *tcon, 359extern int CIFSSMBPosixLock(const int xid, struct cifsTconInfo *tcon,
352 const __u16 smb_file_id, const int get_flag, 360 const __u16 smb_file_id, const int get_flag,
353 const __u64 len, struct file_lock *, 361 const __u64 len, struct file_lock *,
354 const __u16 lock_type, const bool waitFlag); 362 const __u16 lock_type, const bool waitFlag);
355extern int CIFSSMBTDis(const int xid, struct cifsTconInfo *tcon); 363extern int CIFSSMBTDis(const int xid, struct cifsTconInfo *tcon);
364extern int CIFSSMBEcho(struct TCP_Server_Info *server);
356extern int CIFSSMBLogoff(const int xid, struct cifsSesInfo *ses); 365extern int CIFSSMBLogoff(const int xid, struct cifsSesInfo *ses);
357 366
358extern struct cifsSesInfo *sesInfoAlloc(void); 367extern struct cifsSesInfo *sesInfoAlloc(void);
@@ -366,7 +375,7 @@ extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *,
366extern int cifs_verify_signature(struct smb_hdr *, 375extern int cifs_verify_signature(struct smb_hdr *,
367 struct TCP_Server_Info *server, 376 struct TCP_Server_Info *server,
368 __u32 expected_sequence_number); 377 __u32 expected_sequence_number);
369extern void SMBNTencrypt(unsigned char *, unsigned char *, unsigned char *); 378extern int SMBNTencrypt(unsigned char *, unsigned char *, unsigned char *);
370extern int setup_ntlm_response(struct cifsSesInfo *); 379extern int setup_ntlm_response(struct cifsSesInfo *);
371extern int setup_ntlmv2_rsp(struct cifsSesInfo *, const struct nls_table *); 380extern int setup_ntlmv2_rsp(struct cifsSesInfo *, const struct nls_table *);
372extern int cifs_crypto_shash_allocate(struct TCP_Server_Info *); 381extern int cifs_crypto_shash_allocate(struct TCP_Server_Info *);
@@ -416,4 +425,11 @@ extern bool CIFSCouldBeMFSymlink(const struct cifs_fattr *fattr);
416extern int CIFSCheckMFSymlink(struct cifs_fattr *fattr, 425extern int CIFSCheckMFSymlink(struct cifs_fattr *fattr,
417 const unsigned char *path, 426 const unsigned char *path,
418 struct cifs_sb_info *cifs_sb, int xid); 427 struct cifs_sb_info *cifs_sb, int xid);
428extern int mdfour(unsigned char *, unsigned char *, int);
429extern int E_md4hash(const unsigned char *passwd, unsigned char *p16);
430extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
431 unsigned char *p24);
432extern void E_P16(unsigned char *p14, unsigned char *p16);
433extern void E_P24(unsigned char *p21, const unsigned char *c8,
434 unsigned char *p24);
419#endif /* _CIFSPROTO_H */ 435#endif /* _CIFSPROTO_H */
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 2f6795e524d3..3106f5e5c633 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -331,37 +331,35 @@ smb_init_no_reconnect(int smb_command, int wct, struct cifsTconInfo *tcon,
331 331
332static int validate_t2(struct smb_t2_rsp *pSMB) 332static int validate_t2(struct smb_t2_rsp *pSMB)
333{ 333{
334 int rc = -EINVAL; 334 unsigned int total_size;
335 int total_size; 335
336 char *pBCC; 336 /* check for plausible wct */
337 if (pSMB->hdr.WordCount < 10)
338 goto vt2_err;
337 339
338 /* check for plausible wct, bcc and t2 data and parm sizes */
339 /* check for parm and data offset going beyond end of smb */ 340 /* check for parm and data offset going beyond end of smb */
340 if (pSMB->hdr.WordCount >= 10) { 341 if (get_unaligned_le16(&pSMB->t2_rsp.ParameterOffset) > 1024 ||
341 if ((le16_to_cpu(pSMB->t2_rsp.ParameterOffset) <= 1024) && 342 get_unaligned_le16(&pSMB->t2_rsp.DataOffset) > 1024)
342 (le16_to_cpu(pSMB->t2_rsp.DataOffset) <= 1024)) { 343 goto vt2_err;
343 /* check that bcc is at least as big as parms + data */ 344
344 /* check that bcc is less than negotiated smb buffer */ 345 /* check that bcc is at least as big as parms + data */
345 total_size = le16_to_cpu(pSMB->t2_rsp.ParameterCount); 346 /* check that bcc is less than negotiated smb buffer */
346 if (total_size < 512) { 347 total_size = get_unaligned_le16(&pSMB->t2_rsp.ParameterCount);
347 total_size += 348 if (total_size >= 512)
348 le16_to_cpu(pSMB->t2_rsp.DataCount); 349 goto vt2_err;
349 /* BCC le converted in SendReceive */ 350
350 pBCC = (pSMB->hdr.WordCount * 2) + 351 total_size += get_unaligned_le16(&pSMB->t2_rsp.DataCount);
351 sizeof(struct smb_hdr) + 352 if (total_size > get_bcc(&pSMB->hdr) ||
352 (char *)pSMB; 353 total_size >= CIFSMaxBufSize + MAX_CIFS_HDR_SIZE)
353 if ((total_size <= (*(u16 *)pBCC)) && 354 goto vt2_err;
354 (total_size < 355
355 CIFSMaxBufSize+MAX_CIFS_HDR_SIZE)) { 356 return 0;
356 return 0; 357vt2_err:
357 }
358 }
359 }
360 }
361 cifs_dump_mem("Invalid transact2 SMB: ", (char *)pSMB, 358 cifs_dump_mem("Invalid transact2 SMB: ", (char *)pSMB,
362 sizeof(struct smb_t2_rsp) + 16); 359 sizeof(struct smb_t2_rsp) + 16);
363 return rc; 360 return -EINVAL;
364} 361}
362
365int 363int
366CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) 364CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
367{ 365{
@@ -452,7 +450,6 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
452 server->maxBuf = min((__u32)le16_to_cpu(rsp->MaxBufSize), 450 server->maxBuf = min((__u32)le16_to_cpu(rsp->MaxBufSize),
453 (__u32)CIFSMaxBufSize + MAX_CIFS_HDR_SIZE); 451 (__u32)CIFSMaxBufSize + MAX_CIFS_HDR_SIZE);
454 server->max_vcs = le16_to_cpu(rsp->MaxNumberVcs); 452 server->max_vcs = le16_to_cpu(rsp->MaxNumberVcs);
455 GETU32(server->sessid) = le32_to_cpu(rsp->SessionKey);
456 /* even though we do not use raw we might as well set this 453 /* even though we do not use raw we might as well set this
457 accurately, in case we ever find a need for it */ 454 accurately, in case we ever find a need for it */
458 if ((le16_to_cpu(rsp->RawMode) & RAW_ENABLE) == RAW_ENABLE) { 455 if ((le16_to_cpu(rsp->RawMode) & RAW_ENABLE) == RAW_ENABLE) {
@@ -566,7 +563,6 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
566 (__u32) CIFSMaxBufSize + MAX_CIFS_HDR_SIZE); 563 (__u32) CIFSMaxBufSize + MAX_CIFS_HDR_SIZE);
567 server->max_rw = le32_to_cpu(pSMBr->MaxRawSize); 564 server->max_rw = le32_to_cpu(pSMBr->MaxRawSize);
568 cFYI(DBG2, "Max buf = %d", ses->server->maxBuf); 565 cFYI(DBG2, "Max buf = %d", ses->server->maxBuf);
569 GETU32(ses->server->sessid) = le32_to_cpu(pSMBr->SessionKey);
570 server->capabilities = le32_to_cpu(pSMBr->Capabilities); 566 server->capabilities = le32_to_cpu(pSMBr->Capabilities);
571 server->timeAdj = (int)(__s16)le16_to_cpu(pSMBr->ServerTimeZone); 567 server->timeAdj = (int)(__s16)le16_to_cpu(pSMBr->ServerTimeZone);
572 server->timeAdj *= 60; 568 server->timeAdj *= 60;
@@ -706,6 +702,53 @@ CIFSSMBTDis(const int xid, struct cifsTconInfo *tcon)
706 return rc; 702 return rc;
707} 703}
708 704
705/*
706 * This is a no-op for now. We're not really interested in the reply, but
707 * rather in the fact that the server sent one and that server->lstrp
708 * gets updated.
709 *
710 * FIXME: maybe we should consider checking that the reply matches request?
711 */
712static void
713cifs_echo_callback(struct mid_q_entry *mid)
714{
715 struct TCP_Server_Info *server = mid->callback_data;
716
717 DeleteMidQEntry(mid);
718 atomic_dec(&server->inFlight);
719 wake_up(&server->request_q);
720}
721
722int
723CIFSSMBEcho(struct TCP_Server_Info *server)
724{
725 ECHO_REQ *smb;
726 int rc = 0;
727
728 cFYI(1, "In echo request");
729
730 rc = small_smb_init(SMB_COM_ECHO, 0, NULL, (void **)&smb);
731 if (rc)
732 return rc;
733
734 /* set up echo request */
735 smb->hdr.Tid = cpu_to_le16(0xffff);
736 smb->hdr.WordCount = 1;
737 put_unaligned_le16(1, &smb->EchoCount);
738 put_bcc_le(1, &smb->hdr);
739 smb->Data[0] = 'a';
740 smb->hdr.smb_buf_length += 3;
741
742 rc = cifs_call_async(server, (struct smb_hdr *)smb,
743 cifs_echo_callback, server);
744 if (rc)
745 cFYI(1, "Echo request failed: %d", rc);
746
747 cifs_small_buf_release(smb);
748
749 return rc;
750}
751
709int 752int
710CIFSSMBLogoff(const int xid, struct cifsSesInfo *ses) 753CIFSSMBLogoff(const int xid, struct cifsSesInfo *ses)
711{ 754{
@@ -1193,7 +1236,7 @@ OldOpenRetry:
1193 pSMB->ByteCount = cpu_to_le16(count); 1236 pSMB->ByteCount = cpu_to_le16(count);
1194 /* long_op set to 1 to allow for oplock break timeouts */ 1237 /* long_op set to 1 to allow for oplock break timeouts */
1195 rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB, 1238 rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
1196 (struct smb_hdr *)pSMBr, &bytes_returned, CIFS_LONG_OP); 1239 (struct smb_hdr *)pSMBr, &bytes_returned, 0);
1197 cifs_stats_inc(&tcon->num_opens); 1240 cifs_stats_inc(&tcon->num_opens);
1198 if (rc) { 1241 if (rc) {
1199 cFYI(1, "Error in Open = %d", rc); 1242 cFYI(1, "Error in Open = %d", rc);
@@ -1306,7 +1349,7 @@ openRetry:
1306 pSMB->ByteCount = cpu_to_le16(count); 1349 pSMB->ByteCount = cpu_to_le16(count);
1307 /* long_op set to 1 to allow for oplock break timeouts */ 1350 /* long_op set to 1 to allow for oplock break timeouts */
1308 rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB, 1351 rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
1309 (struct smb_hdr *)pSMBr, &bytes_returned, CIFS_LONG_OP); 1352 (struct smb_hdr *)pSMBr, &bytes_returned, 0);
1310 cifs_stats_inc(&tcon->num_opens); 1353 cifs_stats_inc(&tcon->num_opens);
1311 if (rc) { 1354 if (rc) {
1312 cFYI(1, "Error in Open = %d", rc); 1355 cFYI(1, "Error in Open = %d", rc);
@@ -1388,7 +1431,7 @@ CIFSSMBRead(const int xid, struct cifsTconInfo *tcon, const int netfid,
1388 iov[0].iov_base = (char *)pSMB; 1431 iov[0].iov_base = (char *)pSMB;
1389 iov[0].iov_len = pSMB->hdr.smb_buf_length + 4; 1432 iov[0].iov_len = pSMB->hdr.smb_buf_length + 4;
1390 rc = SendReceive2(xid, tcon->ses, iov, 1 /* num iovecs */, 1433 rc = SendReceive2(xid, tcon->ses, iov, 1 /* num iovecs */,
1391 &resp_buf_type, CIFS_STD_OP | CIFS_LOG_ERROR); 1434 &resp_buf_type, CIFS_LOG_ERROR);
1392 cifs_stats_inc(&tcon->num_reads); 1435 cifs_stats_inc(&tcon->num_reads);
1393 pSMBr = (READ_RSP *)iov[0].iov_base; 1436 pSMBr = (READ_RSP *)iov[0].iov_base;
1394 if (rc) { 1437 if (rc) {
@@ -1663,7 +1706,8 @@ int
1663CIFSSMBLock(const int xid, struct cifsTconInfo *tcon, 1706CIFSSMBLock(const int xid, struct cifsTconInfo *tcon,
1664 const __u16 smb_file_id, const __u64 len, 1707 const __u16 smb_file_id, const __u64 len,
1665 const __u64 offset, const __u32 numUnlock, 1708 const __u64 offset, const __u32 numUnlock,
1666 const __u32 numLock, const __u8 lockType, const bool waitFlag) 1709 const __u32 numLock, const __u8 lockType,
1710 const bool waitFlag, const __u8 oplock_level)
1667{ 1711{
1668 int rc = 0; 1712 int rc = 0;
1669 LOCK_REQ *pSMB = NULL; 1713 LOCK_REQ *pSMB = NULL;
@@ -1691,6 +1735,7 @@ CIFSSMBLock(const int xid, struct cifsTconInfo *tcon,
1691 pSMB->NumberOfLocks = cpu_to_le16(numLock); 1735 pSMB->NumberOfLocks = cpu_to_le16(numLock);
1692 pSMB->NumberOfUnlocks = cpu_to_le16(numUnlock); 1736 pSMB->NumberOfUnlocks = cpu_to_le16(numUnlock);
1693 pSMB->LockType = lockType; 1737 pSMB->LockType = lockType;
1738 pSMB->OplockLevel = oplock_level;
1694 pSMB->AndXCommand = 0xFF; /* none */ 1739 pSMB->AndXCommand = 0xFF; /* none */
1695 pSMB->Fid = smb_file_id; /* netfid stays le */ 1740 pSMB->Fid = smb_file_id; /* netfid stays le */
1696 1741
@@ -3087,7 +3132,7 @@ CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid,
3087 iov[0].iov_len = pSMB->hdr.smb_buf_length + 4; 3132 iov[0].iov_len = pSMB->hdr.smb_buf_length + 4;
3088 3133
3089 rc = SendReceive2(xid, tcon->ses, iov, 1 /* num iovec */, &buf_type, 3134 rc = SendReceive2(xid, tcon->ses, iov, 1 /* num iovec */, &buf_type,
3090 CIFS_STD_OP); 3135 0);
3091 cifs_stats_inc(&tcon->num_acl_get); 3136 cifs_stats_inc(&tcon->num_acl_get);
3092 if (rc) { 3137 if (rc) {
3093 cFYI(1, "Send error in QuerySecDesc = %d", rc); 3138 cFYI(1, "Send error in QuerySecDesc = %d", rc);
@@ -5562,7 +5607,7 @@ QAllEAsRetry:
5562 } 5607 }
5563 5608
5564 /* make sure list_len doesn't go past end of SMB */ 5609 /* make sure list_len doesn't go past end of SMB */
5565 end_of_smb = (char *)pByteArea(&pSMBr->hdr) + BCC(&pSMBr->hdr); 5610 end_of_smb = (char *)pByteArea(&pSMBr->hdr) + get_bcc(&pSMBr->hdr);
5566 if ((char *)ea_response_data + list_len > end_of_smb) { 5611 if ((char *)ea_response_data + list_len > end_of_smb) {
5567 cFYI(1, "EA list appears to go beyond SMB"); 5612 cFYI(1, "EA list appears to go beyond SMB");
5568 rc = -EIO; 5613 rc = -EIO;
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 9f59887badd2..47d8ff623683 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -52,8 +52,8 @@
52#define CIFS_PORT 445 52#define CIFS_PORT 445
53#define RFC1001_PORT 139 53#define RFC1001_PORT 139
54 54
55extern void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, 55/* SMB echo "timeout" -- FIXME: tunable? */
56 unsigned char *p24); 56#define SMB_ECHO_INTERVAL (60 * HZ)
57 57
58extern mempool_t *cifs_req_poolp; 58extern mempool_t *cifs_req_poolp;
59 59
@@ -84,6 +84,7 @@ struct smb_vol {
84 bool no_xattr:1; /* set if xattr (EA) support should be disabled*/ 84 bool no_xattr:1; /* set if xattr (EA) support should be disabled*/
85 bool server_ino:1; /* use inode numbers from server ie UniqueId */ 85 bool server_ino:1; /* use inode numbers from server ie UniqueId */
86 bool direct_io:1; 86 bool direct_io:1;
87 bool strict_io:1; /* strict cache behavior */
87 bool remap:1; /* set to remap seven reserved chars in filenames */ 88 bool remap:1; /* set to remap seven reserved chars in filenames */
88 bool posix_paths:1; /* unset to not ask for posix pathnames. */ 89 bool posix_paths:1; /* unset to not ask for posix pathnames. */
89 bool no_linux_ext:1; 90 bool no_linux_ext:1;
@@ -152,6 +153,7 @@ cifs_reconnect(struct TCP_Server_Info *server)
152 153
153 /* before reconnecting the tcp session, mark the smb session (uid) 154 /* before reconnecting the tcp session, mark the smb session (uid)
154 and the tid bad so they are not used until reconnected */ 155 and the tid bad so they are not used until reconnected */
156 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
155 spin_lock(&cifs_tcp_ses_lock); 157 spin_lock(&cifs_tcp_ses_lock);
156 list_for_each(tmp, &server->smb_ses_list) { 158 list_for_each(tmp, &server->smb_ses_list) {
157 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list); 159 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
@@ -163,7 +165,9 @@ cifs_reconnect(struct TCP_Server_Info *server)
163 } 165 }
164 } 166 }
165 spin_unlock(&cifs_tcp_ses_lock); 167 spin_unlock(&cifs_tcp_ses_lock);
168
166 /* do not want to be sending data on a socket we are freeing */ 169 /* do not want to be sending data on a socket we are freeing */
170 cFYI(1, "%s: tearing down socket", __func__);
167 mutex_lock(&server->srv_mutex); 171 mutex_lock(&server->srv_mutex);
168 if (server->ssocket) { 172 if (server->ssocket) {
169 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state, 173 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
@@ -180,22 +184,20 @@ cifs_reconnect(struct TCP_Server_Info *server)
180 kfree(server->session_key.response); 184 kfree(server->session_key.response);
181 server->session_key.response = NULL; 185 server->session_key.response = NULL;
182 server->session_key.len = 0; 186 server->session_key.len = 0;
187 server->lstrp = jiffies;
188 mutex_unlock(&server->srv_mutex);
183 189
190 /* mark submitted MIDs for retry and issue callback */
191 cFYI(1, "%s: issuing mid callbacks", __func__);
184 spin_lock(&GlobalMid_Lock); 192 spin_lock(&GlobalMid_Lock);
185 list_for_each(tmp, &server->pending_mid_q) { 193 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
186 mid_entry = list_entry(tmp, struct 194 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
187 mid_q_entry, 195 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
188 qhead);
189 if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
190 /* Mark other intransit requests as needing
191 retry so we do not immediately mark the
192 session bad again (ie after we reconnect
193 below) as they timeout too */
194 mid_entry->midState = MID_RETRY_NEEDED; 196 mid_entry->midState = MID_RETRY_NEEDED;
195 } 197 list_del_init(&mid_entry->qhead);
198 mid_entry->callback(mid_entry);
196 } 199 }
197 spin_unlock(&GlobalMid_Lock); 200 spin_unlock(&GlobalMid_Lock);
198 mutex_unlock(&server->srv_mutex);
199 201
200 while ((server->tcpStatus != CifsExiting) && 202 while ((server->tcpStatus != CifsExiting) &&
201 (server->tcpStatus != CifsGood)) { 203 (server->tcpStatus != CifsGood)) {
@@ -212,10 +214,9 @@ cifs_reconnect(struct TCP_Server_Info *server)
212 if (server->tcpStatus != CifsExiting) 214 if (server->tcpStatus != CifsExiting)
213 server->tcpStatus = CifsGood; 215 server->tcpStatus = CifsGood;
214 spin_unlock(&GlobalMid_Lock); 216 spin_unlock(&GlobalMid_Lock);
215 /* atomic_set(&server->inFlight,0);*/
216 wake_up(&server->response_q);
217 } 217 }
218 } 218 }
219
219 return rc; 220 return rc;
220} 221}
221 222
@@ -229,9 +230,8 @@ cifs_reconnect(struct TCP_Server_Info *server)
229static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize) 230static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
230{ 231{
231 struct smb_t2_rsp *pSMBt; 232 struct smb_t2_rsp *pSMBt;
232 int total_data_size;
233 int data_in_this_rsp;
234 int remaining; 233 int remaining;
234 __u16 total_data_size, data_in_this_rsp;
235 235
236 if (pSMB->Command != SMB_COM_TRANSACTION2) 236 if (pSMB->Command != SMB_COM_TRANSACTION2)
237 return 0; 237 return 0;
@@ -245,8 +245,8 @@ static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
245 245
246 pSMBt = (struct smb_t2_rsp *)pSMB; 246 pSMBt = (struct smb_t2_rsp *)pSMB;
247 247
248 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount); 248 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
249 data_in_this_rsp = le16_to_cpu(pSMBt->t2_rsp.DataCount); 249 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
250 250
251 remaining = total_data_size - data_in_this_rsp; 251 remaining = total_data_size - data_in_this_rsp;
252 252
@@ -272,21 +272,18 @@ static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
272{ 272{
273 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond; 273 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
274 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB; 274 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
275 int total_data_size;
276 int total_in_buf;
277 int remaining;
278 int total_in_buf2;
279 char *data_area_of_target; 275 char *data_area_of_target;
280 char *data_area_of_buf2; 276 char *data_area_of_buf2;
281 __u16 byte_count; 277 int remaining;
278 __u16 byte_count, total_data_size, total_in_buf, total_in_buf2;
282 279
283 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount); 280 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
284 281
285 if (total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) { 282 if (total_data_size !=
283 get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
286 cFYI(1, "total data size of primary and secondary t2 differ"); 284 cFYI(1, "total data size of primary and secondary t2 differ");
287 }
288 285
289 total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount); 286 total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
290 287
291 remaining = total_data_size - total_in_buf; 288 remaining = total_data_size - total_in_buf;
292 289
@@ -296,28 +293,28 @@ static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
296 if (remaining == 0) /* nothing to do, ignore */ 293 if (remaining == 0) /* nothing to do, ignore */
297 return 0; 294 return 0;
298 295
299 total_in_buf2 = le16_to_cpu(pSMB2->t2_rsp.DataCount); 296 total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
300 if (remaining < total_in_buf2) { 297 if (remaining < total_in_buf2) {
301 cFYI(1, "transact2 2nd response contains too much data"); 298 cFYI(1, "transact2 2nd response contains too much data");
302 } 299 }
303 300
304 /* find end of first SMB data area */ 301 /* find end of first SMB data area */
305 data_area_of_target = (char *)&pSMBt->hdr.Protocol + 302 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
306 le16_to_cpu(pSMBt->t2_rsp.DataOffset); 303 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
307 /* validate target area */ 304 /* validate target area */
308 305
309 data_area_of_buf2 = (char *) &pSMB2->hdr.Protocol + 306 data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
310 le16_to_cpu(pSMB2->t2_rsp.DataOffset); 307 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
311 308
312 data_area_of_target += total_in_buf; 309 data_area_of_target += total_in_buf;
313 310
314 /* copy second buffer into end of first buffer */ 311 /* copy second buffer into end of first buffer */
315 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2); 312 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
316 total_in_buf += total_in_buf2; 313 total_in_buf += total_in_buf2;
317 pSMBt->t2_rsp.DataCount = cpu_to_le16(total_in_buf); 314 put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
318 byte_count = le16_to_cpu(BCC_LE(pTargetSMB)); 315 byte_count = get_bcc_le(pTargetSMB);
319 byte_count += total_in_buf2; 316 byte_count += total_in_buf2;
320 BCC_LE(pTargetSMB) = cpu_to_le16(byte_count); 317 put_bcc_le(byte_count, pTargetSMB);
321 318
322 byte_count = pTargetSMB->smb_buf_length; 319 byte_count = pTargetSMB->smb_buf_length;
323 byte_count += total_in_buf2; 320 byte_count += total_in_buf2;
@@ -331,7 +328,26 @@ static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
331 return 0; /* we are done */ 328 return 0; /* we are done */
332 } else /* more responses to go */ 329 } else /* more responses to go */
333 return 1; 330 return 1;
331}
332
333static void
334cifs_echo_request(struct work_struct *work)
335{
336 int rc;
337 struct TCP_Server_Info *server = container_of(work,
338 struct TCP_Server_Info, echo.work);
339
340 /* no need to ping if we got a response recently */
341 if (time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
342 goto requeue_echo;
343
344 rc = CIFSSMBEcho(server);
345 if (rc)
346 cFYI(1, "Unable to send echo request to server: %s",
347 server->hostname);
334 348
349requeue_echo:
350 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
335} 351}
336 352
337static int 353static int
@@ -345,8 +361,7 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
345 struct msghdr smb_msg; 361 struct msghdr smb_msg;
346 struct kvec iov; 362 struct kvec iov;
347 struct socket *csocket = server->ssocket; 363 struct socket *csocket = server->ssocket;
348 struct list_head *tmp; 364 struct list_head *tmp, *tmp2;
349 struct cifsSesInfo *ses;
350 struct task_struct *task_to_wake = NULL; 365 struct task_struct *task_to_wake = NULL;
351 struct mid_q_entry *mid_entry; 366 struct mid_q_entry *mid_entry;
352 char temp; 367 char temp;
@@ -399,7 +414,20 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
399 smb_msg.msg_control = NULL; 414 smb_msg.msg_control = NULL;
400 smb_msg.msg_controllen = 0; 415 smb_msg.msg_controllen = 0;
401 pdu_length = 4; /* enough to get RFC1001 header */ 416 pdu_length = 4; /* enough to get RFC1001 header */
417
402incomplete_rcv: 418incomplete_rcv:
419 if (echo_retries > 0 &&
420 time_after(jiffies, server->lstrp +
421 (echo_retries * SMB_ECHO_INTERVAL))) {
422 cERROR(1, "Server %s has not responded in %d seconds. "
423 "Reconnecting...", server->hostname,
424 (echo_retries * SMB_ECHO_INTERVAL / HZ));
425 cifs_reconnect(server);
426 csocket = server->ssocket;
427 wake_up(&server->response_q);
428 continue;
429 }
430
403 length = 431 length =
404 kernel_recvmsg(csocket, &smb_msg, 432 kernel_recvmsg(csocket, &smb_msg,
405 &iov, 1, pdu_length, 0 /* BB other flags? */); 433 &iov, 1, pdu_length, 0 /* BB other flags? */);
@@ -559,10 +587,11 @@ incomplete_rcv:
559 continue; 587 continue;
560 } 588 }
561 589
590 mid_entry = NULL;
591 server->lstrp = jiffies;
562 592
563 task_to_wake = NULL;
564 spin_lock(&GlobalMid_Lock); 593 spin_lock(&GlobalMid_Lock);
565 list_for_each(tmp, &server->pending_mid_q) { 594 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
566 mid_entry = list_entry(tmp, struct mid_q_entry, qhead); 595 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
567 596
568 if ((mid_entry->mid == smb_buffer->Mid) && 597 if ((mid_entry->mid == smb_buffer->Mid) &&
@@ -603,20 +632,19 @@ incomplete_rcv:
603 mid_entry->resp_buf = smb_buffer; 632 mid_entry->resp_buf = smb_buffer;
604 mid_entry->largeBuf = isLargeBuf; 633 mid_entry->largeBuf = isLargeBuf;
605multi_t2_fnd: 634multi_t2_fnd:
606 task_to_wake = mid_entry->tsk;
607 mid_entry->midState = MID_RESPONSE_RECEIVED; 635 mid_entry->midState = MID_RESPONSE_RECEIVED;
636 list_del_init(&mid_entry->qhead);
637 mid_entry->callback(mid_entry);
608#ifdef CONFIG_CIFS_STATS2 638#ifdef CONFIG_CIFS_STATS2
609 mid_entry->when_received = jiffies; 639 mid_entry->when_received = jiffies;
610#endif 640#endif
611 /* so we do not time out requests to server
612 which is still responding (since server could
613 be busy but not dead) */
614 server->lstrp = jiffies;
615 break; 641 break;
616 } 642 }
643 mid_entry = NULL;
617 } 644 }
618 spin_unlock(&GlobalMid_Lock); 645 spin_unlock(&GlobalMid_Lock);
619 if (task_to_wake) { 646
647 if (mid_entry != NULL) {
620 /* Was previous buf put in mpx struct for multi-rsp? */ 648 /* Was previous buf put in mpx struct for multi-rsp? */
621 if (!isMultiRsp) { 649 if (!isMultiRsp) {
622 /* smb buffer will be freed by user thread */ 650 /* smb buffer will be freed by user thread */
@@ -625,11 +653,10 @@ multi_t2_fnd:
625 else 653 else
626 smallbuf = NULL; 654 smallbuf = NULL;
627 } 655 }
628 wake_up_process(task_to_wake);
629 } else if (!is_valid_oplock_break(smb_buffer, server) && 656 } else if (!is_valid_oplock_break(smb_buffer, server) &&
630 !isMultiRsp) { 657 !isMultiRsp) {
631 cERROR(1, "No task to wake, unknown frame received! " 658 cERROR(1, "No task to wake, unknown frame received! "
632 "NumMids %d", midCount.counter); 659 "NumMids %d", atomic_read(&midCount));
633 cifs_dump_mem("Received Data is: ", (char *)smb_buffer, 660 cifs_dump_mem("Received Data is: ", (char *)smb_buffer,
634 sizeof(struct smb_hdr)); 661 sizeof(struct smb_hdr));
635#ifdef CONFIG_CIFS_DEBUG2 662#ifdef CONFIG_CIFS_DEBUG2
@@ -677,44 +704,16 @@ multi_t2_fnd:
677 if (smallbuf) /* no sense logging a debug message if NULL */ 704 if (smallbuf) /* no sense logging a debug message if NULL */
678 cifs_small_buf_release(smallbuf); 705 cifs_small_buf_release(smallbuf);
679 706
680 /* 707 if (!list_empty(&server->pending_mid_q)) {
681 * BB: we shouldn't have to do any of this. It shouldn't be
682 * possible to exit from the thread with active SMB sessions
683 */
684 spin_lock(&cifs_tcp_ses_lock);
685 if (list_empty(&server->pending_mid_q)) {
686 /* loop through server session structures attached to this and
687 mark them dead */
688 list_for_each(tmp, &server->smb_ses_list) {
689 ses = list_entry(tmp, struct cifsSesInfo,
690 smb_ses_list);
691 ses->status = CifsExiting;
692 ses->server = NULL;
693 }
694 spin_unlock(&cifs_tcp_ses_lock);
695 } else {
696 /* although we can not zero the server struct pointer yet,
697 since there are active requests which may depnd on them,
698 mark the corresponding SMB sessions as exiting too */
699 list_for_each(tmp, &server->smb_ses_list) {
700 ses = list_entry(tmp, struct cifsSesInfo,
701 smb_ses_list);
702 ses->status = CifsExiting;
703 }
704
705 spin_lock(&GlobalMid_Lock); 708 spin_lock(&GlobalMid_Lock);
706 list_for_each(tmp, &server->pending_mid_q) { 709 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
707 mid_entry = list_entry(tmp, struct mid_q_entry, qhead); 710 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
708 if (mid_entry->midState == MID_REQUEST_SUBMITTED) { 711 cFYI(1, "Clearing Mid 0x%x - issuing callback",
709 cFYI(1, "Clearing Mid 0x%x - waking up ",
710 mid_entry->mid); 712 mid_entry->mid);
711 task_to_wake = mid_entry->tsk; 713 list_del_init(&mid_entry->qhead);
712 if (task_to_wake) 714 mid_entry->callback(mid_entry);
713 wake_up_process(task_to_wake);
714 }
715 } 715 }
716 spin_unlock(&GlobalMid_Lock); 716 spin_unlock(&GlobalMid_Lock);
717 spin_unlock(&cifs_tcp_ses_lock);
718 /* 1/8th of sec is more than enough time for them to exit */ 717 /* 1/8th of sec is more than enough time for them to exit */
719 msleep(125); 718 msleep(125);
720 } 719 }
@@ -732,18 +731,6 @@ multi_t2_fnd:
732 coming home not much else we can do but free the memory */ 731 coming home not much else we can do but free the memory */
733 } 732 }
734 733
735 /* last chance to mark ses pointers invalid
736 if there are any pointing to this (e.g
737 if a crazy root user tried to kill cifsd
738 kernel thread explicitly this might happen) */
739 /* BB: This shouldn't be necessary, see above */
740 spin_lock(&cifs_tcp_ses_lock);
741 list_for_each(tmp, &server->smb_ses_list) {
742 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
743 ses->server = NULL;
744 }
745 spin_unlock(&cifs_tcp_ses_lock);
746
747 kfree(server->hostname); 734 kfree(server->hostname);
748 task_to_wake = xchg(&server->tsk, NULL); 735 task_to_wake = xchg(&server->tsk, NULL);
749 kfree(server); 736 kfree(server);
@@ -1355,6 +1342,8 @@ cifs_parse_mount_options(char *options, const char *devname,
1355 vol->direct_io = 1; 1342 vol->direct_io = 1;
1356 } else if (strnicmp(data, "forcedirectio", 13) == 0) { 1343 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1357 vol->direct_io = 1; 1344 vol->direct_io = 1;
1345 } else if (strnicmp(data, "strictcache", 11) == 0) {
1346 vol->strict_io = 1;
1358 } else if (strnicmp(data, "noac", 4) == 0) { 1347 } else if (strnicmp(data, "noac", 4) == 0) {
1359 printk(KERN_WARNING "CIFS: Mount option noac not " 1348 printk(KERN_WARNING "CIFS: Mount option noac not "
1360 "supported. Instead set " 1349 "supported. Instead set "
@@ -1579,6 +1568,9 @@ cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1579 1568
1580 spin_lock(&cifs_tcp_ses_lock); 1569 spin_lock(&cifs_tcp_ses_lock);
1581 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) { 1570 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1571 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1572 continue;
1573
1582 if (!match_address(server, addr, 1574 if (!match_address(server, addr,
1583 (struct sockaddr *)&vol->srcaddr)) 1575 (struct sockaddr *)&vol->srcaddr))
1584 continue; 1576 continue;
@@ -1609,9 +1601,13 @@ cifs_put_tcp_session(struct TCP_Server_Info *server)
1609 return; 1601 return;
1610 } 1602 }
1611 1603
1604 put_net(cifs_net_ns(server));
1605
1612 list_del_init(&server->tcp_ses_list); 1606 list_del_init(&server->tcp_ses_list);
1613 spin_unlock(&cifs_tcp_ses_lock); 1607 spin_unlock(&cifs_tcp_ses_lock);
1614 1608
1609 cancel_delayed_work_sync(&server->echo);
1610
1615 spin_lock(&GlobalMid_Lock); 1611 spin_lock(&GlobalMid_Lock);
1616 server->tcpStatus = CifsExiting; 1612 server->tcpStatus = CifsExiting;
1617 spin_unlock(&GlobalMid_Lock); 1613 spin_unlock(&GlobalMid_Lock);
@@ -1681,6 +1677,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
1681 goto out_err; 1677 goto out_err;
1682 } 1678 }
1683 1679
1680 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1684 tcp_ses->hostname = extract_hostname(volume_info->UNC); 1681 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1685 if (IS_ERR(tcp_ses->hostname)) { 1682 if (IS_ERR(tcp_ses->hostname)) {
1686 rc = PTR_ERR(tcp_ses->hostname); 1683 rc = PTR_ERR(tcp_ses->hostname);
@@ -1701,8 +1698,10 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
1701 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL); 1698 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1702 tcp_ses->session_estab = false; 1699 tcp_ses->session_estab = false;
1703 tcp_ses->sequence_number = 0; 1700 tcp_ses->sequence_number = 0;
1701 tcp_ses->lstrp = jiffies;
1704 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list); 1702 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1705 INIT_LIST_HEAD(&tcp_ses->smb_ses_list); 1703 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1704 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1706 1705
1707 /* 1706 /*
1708 * at this point we are the only ones with the pointer 1707 * at this point we are the only ones with the pointer
@@ -1751,11 +1750,16 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
1751 1750
1752 cifs_fscache_get_client_cookie(tcp_ses); 1751 cifs_fscache_get_client_cookie(tcp_ses);
1753 1752
1753 /* queue echo request delayed work */
1754 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1755
1754 return tcp_ses; 1756 return tcp_ses;
1755 1757
1756out_err_crypto_release: 1758out_err_crypto_release:
1757 cifs_crypto_shash_release(tcp_ses); 1759 cifs_crypto_shash_release(tcp_ses);
1758 1760
1761 put_net(cifs_net_ns(tcp_ses));
1762
1759out_err: 1763out_err:
1760 if (tcp_ses) { 1764 if (tcp_ses) {
1761 if (!IS_ERR(tcp_ses->hostname)) 1765 if (!IS_ERR(tcp_ses->hostname))
@@ -2267,8 +2271,8 @@ generic_ip_connect(struct TCP_Server_Info *server)
2267 } 2271 }
2268 2272
2269 if (socket == NULL) { 2273 if (socket == NULL) {
2270 rc = sock_create_kern(sfamily, SOCK_STREAM, 2274 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2271 IPPROTO_TCP, &socket); 2275 IPPROTO_TCP, &socket, 1);
2272 if (rc < 0) { 2276 if (rc < 0) {
2273 cERROR(1, "Error %d creating socket", rc); 2277 cERROR(1, "Error %d creating socket", rc);
2274 server->ssocket = NULL; 2278 server->ssocket = NULL;
@@ -2580,6 +2584,8 @@ static void setup_cifs_sb(struct smb_vol *pvolume_info,
2580 if (pvolume_info->multiuser) 2584 if (pvolume_info->multiuser)
2581 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 2585 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2582 CIFS_MOUNT_NO_PERM); 2586 CIFS_MOUNT_NO_PERM);
2587 if (pvolume_info->strict_io)
2588 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2583 if (pvolume_info->direct_io) { 2589 if (pvolume_info->direct_io) {
2584 cFYI(1, "mounting share using direct i/o"); 2590 cFYI(1, "mounting share using direct i/o");
2585 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 2591 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
@@ -2936,8 +2942,8 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
2936 TCONX_RSP *pSMBr; 2942 TCONX_RSP *pSMBr;
2937 unsigned char *bcc_ptr; 2943 unsigned char *bcc_ptr;
2938 int rc = 0; 2944 int rc = 0;
2939 int length, bytes_left; 2945 int length;
2940 __u16 count; 2946 __u16 bytes_left, count;
2941 2947
2942 if (ses == NULL) 2948 if (ses == NULL)
2943 return -EIO; 2949 return -EIO;
@@ -2965,7 +2971,7 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
2965 bcc_ptr++; /* skip password */ 2971 bcc_ptr++; /* skip password */
2966 /* already aligned so no need to do it below */ 2972 /* already aligned so no need to do it below */
2967 } else { 2973 } else {
2968 pSMB->PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE); 2974 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
2969 /* BB FIXME add code to fail this if NTLMv2 or Kerberos 2975 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
2970 specified as required (when that support is added to 2976 specified as required (when that support is added to
2971 the vfs in the future) as only NTLM or the much 2977 the vfs in the future) as only NTLM or the much
@@ -2981,9 +2987,10 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
2981 bcc_ptr); 2987 bcc_ptr);
2982 else 2988 else
2983#endif /* CIFS_WEAK_PW_HASH */ 2989#endif /* CIFS_WEAK_PW_HASH */
2984 SMBNTencrypt(tcon->password, ses->server->cryptkey, bcc_ptr); 2990 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
2991 bcc_ptr);
2985 2992
2986 bcc_ptr += CIFS_SESS_KEY_SIZE; 2993 bcc_ptr += CIFS_AUTH_RESP_SIZE;
2987 if (ses->capabilities & CAP_UNICODE) { 2994 if (ses->capabilities & CAP_UNICODE) {
2988 /* must align unicode strings */ 2995 /* must align unicode strings */
2989 *bcc_ptr = 0; /* null byte password */ 2996 *bcc_ptr = 0; /* null byte password */
@@ -3021,7 +3028,7 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3021 pSMB->ByteCount = cpu_to_le16(count); 3028 pSMB->ByteCount = cpu_to_le16(count);
3022 3029
3023 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length, 3030 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3024 CIFS_STD_OP); 3031 0);
3025 3032
3026 /* above now done in SendReceive */ 3033 /* above now done in SendReceive */
3027 if ((rc == 0) && (tcon != NULL)) { 3034 if ((rc == 0) && (tcon != NULL)) {
@@ -3031,7 +3038,7 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3031 tcon->need_reconnect = false; 3038 tcon->need_reconnect = false;
3032 tcon->tid = smb_buffer_response->Tid; 3039 tcon->tid = smb_buffer_response->Tid;
3033 bcc_ptr = pByteArea(smb_buffer_response); 3040 bcc_ptr = pByteArea(smb_buffer_response);
3034 bytes_left = BCC(smb_buffer_response); 3041 bytes_left = get_bcc(smb_buffer_response);
3035 length = strnlen(bcc_ptr, bytes_left - 2); 3042 length = strnlen(bcc_ptr, bytes_left - 2);
3036 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) 3043 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3037 is_unicode = true; 3044 is_unicode = true;
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index d843631c028d..0de17c1db608 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -287,6 +287,7 @@ void cifsFileInfo_put(struct cifsFileInfo *cifs_file)
287 struct inode *inode = cifs_file->dentry->d_inode; 287 struct inode *inode = cifs_file->dentry->d_inode;
288 struct cifsTconInfo *tcon = tlink_tcon(cifs_file->tlink); 288 struct cifsTconInfo *tcon = tlink_tcon(cifs_file->tlink);
289 struct cifsInodeInfo *cifsi = CIFS_I(inode); 289 struct cifsInodeInfo *cifsi = CIFS_I(inode);
290 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
290 struct cifsLockInfo *li, *tmp; 291 struct cifsLockInfo *li, *tmp;
291 292
292 spin_lock(&cifs_file_list_lock); 293 spin_lock(&cifs_file_list_lock);
@@ -302,6 +303,13 @@ void cifsFileInfo_put(struct cifsFileInfo *cifs_file)
302 if (list_empty(&cifsi->openFileList)) { 303 if (list_empty(&cifsi->openFileList)) {
303 cFYI(1, "closing last open instance for inode %p", 304 cFYI(1, "closing last open instance for inode %p",
304 cifs_file->dentry->d_inode); 305 cifs_file->dentry->d_inode);
306
307 /* in strict cache mode we need invalidate mapping on the last
308 close because it may cause a error when we open this file
309 again and get at least level II oplock */
310 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_STRICT_IO)
311 CIFS_I(inode)->invalid_mapping = true;
312
305 cifs_set_oplock_level(cifsi, 0); 313 cifs_set_oplock_level(cifsi, 0);
306 } 314 }
307 spin_unlock(&cifs_file_list_lock); 315 spin_unlock(&cifs_file_list_lock);
@@ -726,12 +734,12 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
726 734
727 /* BB we could chain these into one lock request BB */ 735 /* BB we could chain these into one lock request BB */
728 rc = CIFSSMBLock(xid, tcon, netfid, length, pfLock->fl_start, 736 rc = CIFSSMBLock(xid, tcon, netfid, length, pfLock->fl_start,
729 0, 1, lockType, 0 /* wait flag */ ); 737 0, 1, lockType, 0 /* wait flag */, 0);
730 if (rc == 0) { 738 if (rc == 0) {
731 rc = CIFSSMBLock(xid, tcon, netfid, length, 739 rc = CIFSSMBLock(xid, tcon, netfid, length,
732 pfLock->fl_start, 1 /* numUnlock */ , 740 pfLock->fl_start, 1 /* numUnlock */ ,
733 0 /* numLock */ , lockType, 741 0 /* numLock */ , lockType,
734 0 /* wait flag */ ); 742 0 /* wait flag */, 0);
735 pfLock->fl_type = F_UNLCK; 743 pfLock->fl_type = F_UNLCK;
736 if (rc != 0) 744 if (rc != 0)
737 cERROR(1, "Error unlocking previously locked " 745 cERROR(1, "Error unlocking previously locked "
@@ -748,13 +756,13 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
748 rc = CIFSSMBLock(xid, tcon, netfid, length, 756 rc = CIFSSMBLock(xid, tcon, netfid, length,
749 pfLock->fl_start, 0, 1, 757 pfLock->fl_start, 0, 1,
750 lockType | LOCKING_ANDX_SHARED_LOCK, 758 lockType | LOCKING_ANDX_SHARED_LOCK,
751 0 /* wait flag */); 759 0 /* wait flag */, 0);
752 if (rc == 0) { 760 if (rc == 0) {
753 rc = CIFSSMBLock(xid, tcon, netfid, 761 rc = CIFSSMBLock(xid, tcon, netfid,
754 length, pfLock->fl_start, 1, 0, 762 length, pfLock->fl_start, 1, 0,
755 lockType | 763 lockType |
756 LOCKING_ANDX_SHARED_LOCK, 764 LOCKING_ANDX_SHARED_LOCK,
757 0 /* wait flag */); 765 0 /* wait flag */, 0);
758 pfLock->fl_type = F_RDLCK; 766 pfLock->fl_type = F_RDLCK;
759 if (rc != 0) 767 if (rc != 0)
760 cERROR(1, "Error unlocking " 768 cERROR(1, "Error unlocking "
@@ -797,8 +805,8 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
797 805
798 if (numLock) { 806 if (numLock) {
799 rc = CIFSSMBLock(xid, tcon, netfid, length, 807 rc = CIFSSMBLock(xid, tcon, netfid, length,
800 pfLock->fl_start, 808 pfLock->fl_start, 0, numLock, lockType,
801 0, numLock, lockType, wait_flag); 809 wait_flag, 0);
802 810
803 if (rc == 0) { 811 if (rc == 0) {
804 /* For Windows locks we must store them. */ 812 /* For Windows locks we must store them. */
@@ -818,9 +826,9 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
818 (pfLock->fl_start + length) >= 826 (pfLock->fl_start + length) >=
819 (li->offset + li->length)) { 827 (li->offset + li->length)) {
820 stored_rc = CIFSSMBLock(xid, tcon, 828 stored_rc = CIFSSMBLock(xid, tcon,
821 netfid, 829 netfid, li->length,
822 li->length, li->offset, 830 li->offset, 1, 0,
823 1, 0, li->type, false); 831 li->type, false, 0);
824 if (stored_rc) 832 if (stored_rc)
825 rc = stored_rc; 833 rc = stored_rc;
826 else { 834 else {
@@ -839,31 +847,8 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
839 return rc; 847 return rc;
840} 848}
841 849
842/*
843 * Set the timeout on write requests past EOF. For some servers (Windows)
844 * these calls can be very long.
845 *
846 * If we're writing >10M past the EOF we give a 180s timeout. Anything less
847 * than that gets a 45s timeout. Writes not past EOF get 15s timeouts.
848 * The 10M cutoff is totally arbitrary. A better scheme for this would be
849 * welcome if someone wants to suggest one.
850 *
851 * We may be able to do a better job with this if there were some way to
852 * declare that a file should be sparse.
853 */
854static int
855cifs_write_timeout(struct cifsInodeInfo *cifsi, loff_t offset)
856{
857 if (offset <= cifsi->server_eof)
858 return CIFS_STD_OP;
859 else if (offset > (cifsi->server_eof + (10 * 1024 * 1024)))
860 return CIFS_VLONG_OP;
861 else
862 return CIFS_LONG_OP;
863}
864
865/* update the file size (if needed) after a write */ 850/* update the file size (if needed) after a write */
866static void 851void
867cifs_update_eof(struct cifsInodeInfo *cifsi, loff_t offset, 852cifs_update_eof(struct cifsInodeInfo *cifsi, loff_t offset,
868 unsigned int bytes_written) 853 unsigned int bytes_written)
869{ 854{
@@ -882,7 +867,7 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
882 unsigned int total_written; 867 unsigned int total_written;
883 struct cifs_sb_info *cifs_sb; 868 struct cifs_sb_info *cifs_sb;
884 struct cifsTconInfo *pTcon; 869 struct cifsTconInfo *pTcon;
885 int xid, long_op; 870 int xid;
886 struct cifsFileInfo *open_file; 871 struct cifsFileInfo *open_file;
887 struct cifsInodeInfo *cifsi = CIFS_I(inode); 872 struct cifsInodeInfo *cifsi = CIFS_I(inode);
888 873
@@ -903,7 +888,6 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
903 888
904 xid = GetXid(); 889 xid = GetXid();
905 890
906 long_op = cifs_write_timeout(cifsi, *poffset);
907 for (total_written = 0; write_size > total_written; 891 for (total_written = 0; write_size > total_written;
908 total_written += bytes_written) { 892 total_written += bytes_written) {
909 rc = -EAGAIN; 893 rc = -EAGAIN;
@@ -931,7 +915,7 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
931 min_t(const int, cifs_sb->wsize, 915 min_t(const int, cifs_sb->wsize,
932 write_size - total_written), 916 write_size - total_written),
933 *poffset, &bytes_written, 917 *poffset, &bytes_written,
934 NULL, write_data + total_written, long_op); 918 NULL, write_data + total_written, 0);
935 } 919 }
936 if (rc || (bytes_written == 0)) { 920 if (rc || (bytes_written == 0)) {
937 if (total_written) 921 if (total_written)
@@ -944,8 +928,6 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
944 cifs_update_eof(cifsi, *poffset, bytes_written); 928 cifs_update_eof(cifsi, *poffset, bytes_written);
945 *poffset += bytes_written; 929 *poffset += bytes_written;
946 } 930 }
947 long_op = CIFS_STD_OP; /* subsequent writes fast -
948 15 seconds is plenty */
949 } 931 }
950 932
951 cifs_stats_bytes_written(pTcon, total_written); 933 cifs_stats_bytes_written(pTcon, total_written);
@@ -974,7 +956,7 @@ static ssize_t cifs_write(struct cifsFileInfo *open_file,
974 unsigned int total_written; 956 unsigned int total_written;
975 struct cifs_sb_info *cifs_sb; 957 struct cifs_sb_info *cifs_sb;
976 struct cifsTconInfo *pTcon; 958 struct cifsTconInfo *pTcon;
977 int xid, long_op; 959 int xid;
978 struct dentry *dentry = open_file->dentry; 960 struct dentry *dentry = open_file->dentry;
979 struct cifsInodeInfo *cifsi = CIFS_I(dentry->d_inode); 961 struct cifsInodeInfo *cifsi = CIFS_I(dentry->d_inode);
980 962
@@ -987,7 +969,6 @@ static ssize_t cifs_write(struct cifsFileInfo *open_file,
987 969
988 xid = GetXid(); 970 xid = GetXid();
989 971
990 long_op = cifs_write_timeout(cifsi, *poffset);
991 for (total_written = 0; write_size > total_written; 972 for (total_written = 0; write_size > total_written;
992 total_written += bytes_written) { 973 total_written += bytes_written) {
993 rc = -EAGAIN; 974 rc = -EAGAIN;
@@ -1017,7 +998,7 @@ static ssize_t cifs_write(struct cifsFileInfo *open_file,
1017 rc = CIFSSMBWrite2(xid, pTcon, 998 rc = CIFSSMBWrite2(xid, pTcon,
1018 open_file->netfid, len, 999 open_file->netfid, len,
1019 *poffset, &bytes_written, 1000 *poffset, &bytes_written,
1020 iov, 1, long_op); 1001 iov, 1, 0);
1021 } else 1002 } else
1022 rc = CIFSSMBWrite(xid, pTcon, 1003 rc = CIFSSMBWrite(xid, pTcon,
1023 open_file->netfid, 1004 open_file->netfid,
@@ -1025,7 +1006,7 @@ static ssize_t cifs_write(struct cifsFileInfo *open_file,
1025 write_size - total_written), 1006 write_size - total_written),
1026 *poffset, &bytes_written, 1007 *poffset, &bytes_written,
1027 write_data + total_written, 1008 write_data + total_written,
1028 NULL, long_op); 1009 NULL, 0);
1029 } 1010 }
1030 if (rc || (bytes_written == 0)) { 1011 if (rc || (bytes_written == 0)) {
1031 if (total_written) 1012 if (total_written)
@@ -1038,8 +1019,6 @@ static ssize_t cifs_write(struct cifsFileInfo *open_file,
1038 cifs_update_eof(cifsi, *poffset, bytes_written); 1019 cifs_update_eof(cifsi, *poffset, bytes_written);
1039 *poffset += bytes_written; 1020 *poffset += bytes_written;
1040 } 1021 }
1041 long_op = CIFS_STD_OP; /* subsequent writes fast -
1042 15 seconds is plenty */
1043 } 1022 }
1044 1023
1045 cifs_stats_bytes_written(pTcon, total_written); 1024 cifs_stats_bytes_written(pTcon, total_written);
@@ -1239,7 +1218,7 @@ static int cifs_writepages(struct address_space *mapping,
1239 struct pagevec pvec; 1218 struct pagevec pvec;
1240 int rc = 0; 1219 int rc = 0;
1241 int scanned = 0; 1220 int scanned = 0;
1242 int xid, long_op; 1221 int xid;
1243 1222
1244 cifs_sb = CIFS_SB(mapping->host->i_sb); 1223 cifs_sb = CIFS_SB(mapping->host->i_sb);
1245 1224
@@ -1377,43 +1356,67 @@ retry:
1377 break; 1356 break;
1378 } 1357 }
1379 if (n_iov) { 1358 if (n_iov) {
1359retry_write:
1380 open_file = find_writable_file(CIFS_I(mapping->host), 1360 open_file = find_writable_file(CIFS_I(mapping->host),
1381 false); 1361 false);
1382 if (!open_file) { 1362 if (!open_file) {
1383 cERROR(1, "No writable handles for inode"); 1363 cERROR(1, "No writable handles for inode");
1384 rc = -EBADF; 1364 rc = -EBADF;
1385 } else { 1365 } else {
1386 long_op = cifs_write_timeout(cifsi, offset);
1387 rc = CIFSSMBWrite2(xid, tcon, open_file->netfid, 1366 rc = CIFSSMBWrite2(xid, tcon, open_file->netfid,
1388 bytes_to_write, offset, 1367 bytes_to_write, offset,
1389 &bytes_written, iov, n_iov, 1368 &bytes_written, iov, n_iov,
1390 long_op); 1369 0);
1391 cifsFileInfo_put(open_file); 1370 cifsFileInfo_put(open_file);
1392 cifs_update_eof(cifsi, offset, bytes_written);
1393 } 1371 }
1394 1372
1395 if (rc || bytes_written < bytes_to_write) { 1373 cFYI(1, "Write2 rc=%d, wrote=%u", rc, bytes_written);
1396 cERROR(1, "Write2 ret %d, wrote %d", 1374
1397 rc, bytes_written); 1375 /*
1398 mapping_set_error(mapping, rc); 1376 * For now, treat a short write as if nothing got
1399 } else { 1377 * written. A zero length write however indicates
1378 * ENOSPC or EFBIG. We have no way to know which
1379 * though, so call it ENOSPC for now. EFBIG would
1380 * get translated to AS_EIO anyway.
1381 *
1382 * FIXME: make it take into account the data that did
1383 * get written
1384 */
1385 if (rc == 0) {
1386 if (bytes_written == 0)
1387 rc = -ENOSPC;
1388 else if (bytes_written < bytes_to_write)
1389 rc = -EAGAIN;
1390 }
1391
1392 /* retry on data-integrity flush */
1393 if (wbc->sync_mode == WB_SYNC_ALL && rc == -EAGAIN)
1394 goto retry_write;
1395
1396 /* fix the stats and EOF */
1397 if (bytes_written > 0) {
1400 cifs_stats_bytes_written(tcon, bytes_written); 1398 cifs_stats_bytes_written(tcon, bytes_written);
1399 cifs_update_eof(cifsi, offset, bytes_written);
1401 } 1400 }
1402 1401
1403 for (i = 0; i < n_iov; i++) { 1402 for (i = 0; i < n_iov; i++) {
1404 page = pvec.pages[first + i]; 1403 page = pvec.pages[first + i];
1405 /* Should we also set page error on 1404 /* on retryable write error, redirty page */
1406 success rc but too little data written? */ 1405 if (rc == -EAGAIN)
1407 /* BB investigate retry logic on temporary 1406 redirty_page_for_writepage(wbc, page);
1408 server crash cases and how recovery works 1407 else if (rc != 0)
1409 when page marked as error */
1410 if (rc)
1411 SetPageError(page); 1408 SetPageError(page);
1412 kunmap(page); 1409 kunmap(page);
1413 unlock_page(page); 1410 unlock_page(page);
1414 end_page_writeback(page); 1411 end_page_writeback(page);
1415 page_cache_release(page); 1412 page_cache_release(page);
1416 } 1413 }
1414
1415 if (rc != -EAGAIN)
1416 mapping_set_error(mapping, rc);
1417 else
1418 rc = 0;
1419
1417 if ((wbc->nr_to_write -= n_iov) <= 0) 1420 if ((wbc->nr_to_write -= n_iov) <= 0)
1418 done = 1; 1421 done = 1;
1419 index = next; 1422 index = next;
@@ -1525,27 +1528,47 @@ static int cifs_write_end(struct file *file, struct address_space *mapping,
1525 return rc; 1528 return rc;
1526} 1529}
1527 1530
1528int cifs_fsync(struct file *file, int datasync) 1531int cifs_strict_fsync(struct file *file, int datasync)
1529{ 1532{
1530 int xid; 1533 int xid;
1531 int rc = 0; 1534 int rc = 0;
1532 struct cifsTconInfo *tcon; 1535 struct cifsTconInfo *tcon;
1533 struct cifsFileInfo *smbfile = file->private_data; 1536 struct cifsFileInfo *smbfile = file->private_data;
1534 struct inode *inode = file->f_path.dentry->d_inode; 1537 struct inode *inode = file->f_path.dentry->d_inode;
1538 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
1535 1539
1536 xid = GetXid(); 1540 xid = GetXid();
1537 1541
1538 cFYI(1, "Sync file - name: %s datasync: 0x%x", 1542 cFYI(1, "Sync file - name: %s datasync: 0x%x",
1539 file->f_path.dentry->d_name.name, datasync); 1543 file->f_path.dentry->d_name.name, datasync);
1540 1544
1541 rc = filemap_write_and_wait(inode->i_mapping); 1545 if (!CIFS_I(inode)->clientCanCacheRead)
1542 if (rc == 0) { 1546 cifs_invalidate_mapping(inode);
1543 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
1544 1547
1545 tcon = tlink_tcon(smbfile->tlink); 1548 tcon = tlink_tcon(smbfile->tlink);
1546 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOSSYNC)) 1549 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOSSYNC))
1547 rc = CIFSSMBFlush(xid, tcon, smbfile->netfid); 1550 rc = CIFSSMBFlush(xid, tcon, smbfile->netfid);
1548 } 1551
1552 FreeXid(xid);
1553 return rc;
1554}
1555
1556int cifs_fsync(struct file *file, int datasync)
1557{
1558 int xid;
1559 int rc = 0;
1560 struct cifsTconInfo *tcon;
1561 struct cifsFileInfo *smbfile = file->private_data;
1562 struct cifs_sb_info *cifs_sb = CIFS_SB(file->f_path.dentry->d_sb);
1563
1564 xid = GetXid();
1565
1566 cFYI(1, "Sync file - name: %s datasync: 0x%x",
1567 file->f_path.dentry->d_name.name, datasync);
1568
1569 tcon = tlink_tcon(smbfile->tlink);
1570 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOSSYNC))
1571 rc = CIFSSMBFlush(xid, tcon, smbfile->netfid);
1549 1572
1550 FreeXid(xid); 1573 FreeXid(xid);
1551 return rc; 1574 return rc;
@@ -1596,42 +1619,242 @@ int cifs_flush(struct file *file, fl_owner_t id)
1596 return rc; 1619 return rc;
1597} 1620}
1598 1621
1599ssize_t cifs_user_read(struct file *file, char __user *read_data, 1622static int
1600 size_t read_size, loff_t *poffset) 1623cifs_write_allocate_pages(struct page **pages, unsigned long num_pages)
1601{ 1624{
1602 int rc = -EACCES; 1625 int rc = 0;
1603 unsigned int bytes_read = 0; 1626 unsigned long i;
1604 unsigned int total_read = 0; 1627
1605 unsigned int current_read_size; 1628 for (i = 0; i < num_pages; i++) {
1606 struct cifs_sb_info *cifs_sb; 1629 pages[i] = alloc_page(__GFP_HIGHMEM);
1630 if (!pages[i]) {
1631 /*
1632 * save number of pages we have already allocated and
1633 * return with ENOMEM error
1634 */
1635 num_pages = i;
1636 rc = -ENOMEM;
1637 goto error;
1638 }
1639 }
1640
1641 return rc;
1642
1643error:
1644 for (i = 0; i < num_pages; i++)
1645 put_page(pages[i]);
1646 return rc;
1647}
1648
1649static inline
1650size_t get_numpages(const size_t wsize, const size_t len, size_t *cur_len)
1651{
1652 size_t num_pages;
1653 size_t clen;
1654
1655 clen = min_t(const size_t, len, wsize);
1656 num_pages = clen / PAGE_CACHE_SIZE;
1657 if (clen % PAGE_CACHE_SIZE)
1658 num_pages++;
1659
1660 if (cur_len)
1661 *cur_len = clen;
1662
1663 return num_pages;
1664}
1665
1666static ssize_t
1667cifs_iovec_write(struct file *file, const struct iovec *iov,
1668 unsigned long nr_segs, loff_t *poffset)
1669{
1670 size_t total_written = 0, written = 0;
1671 unsigned long num_pages, npages;
1672 size_t copied, len, cur_len, i;
1673 struct kvec *to_send;
1674 struct page **pages;
1675 struct iov_iter it;
1676 struct inode *inode;
1677 struct cifsFileInfo *open_file;
1607 struct cifsTconInfo *pTcon; 1678 struct cifsTconInfo *pTcon;
1679 struct cifs_sb_info *cifs_sb;
1680 int xid, rc;
1681
1682 len = iov_length(iov, nr_segs);
1683 if (!len)
1684 return 0;
1685
1686 rc = generic_write_checks(file, poffset, &len, 0);
1687 if (rc)
1688 return rc;
1689
1690 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb);
1691 num_pages = get_numpages(cifs_sb->wsize, len, &cur_len);
1692
1693 pages = kmalloc(sizeof(struct pages *)*num_pages, GFP_KERNEL);
1694 if (!pages)
1695 return -ENOMEM;
1696
1697 to_send = kmalloc(sizeof(struct kvec)*(num_pages + 1), GFP_KERNEL);
1698 if (!to_send) {
1699 kfree(pages);
1700 return -ENOMEM;
1701 }
1702
1703 rc = cifs_write_allocate_pages(pages, num_pages);
1704 if (rc) {
1705 kfree(pages);
1706 kfree(to_send);
1707 return rc;
1708 }
1709
1710 xid = GetXid();
1711 open_file = file->private_data;
1712 pTcon = tlink_tcon(open_file->tlink);
1713 inode = file->f_path.dentry->d_inode;
1714
1715 iov_iter_init(&it, iov, nr_segs, len, 0);
1716 npages = num_pages;
1717
1718 do {
1719 size_t save_len = cur_len;
1720 for (i = 0; i < npages; i++) {
1721 copied = min_t(const size_t, cur_len, PAGE_CACHE_SIZE);
1722 copied = iov_iter_copy_from_user(pages[i], &it, 0,
1723 copied);
1724 cur_len -= copied;
1725 iov_iter_advance(&it, copied);
1726 to_send[i+1].iov_base = kmap(pages[i]);
1727 to_send[i+1].iov_len = copied;
1728 }
1729
1730 cur_len = save_len - cur_len;
1731
1732 do {
1733 if (open_file->invalidHandle) {
1734 rc = cifs_reopen_file(open_file, false);
1735 if (rc != 0)
1736 break;
1737 }
1738 rc = CIFSSMBWrite2(xid, pTcon, open_file->netfid,
1739 cur_len, *poffset, &written,
1740 to_send, npages, 0);
1741 } while (rc == -EAGAIN);
1742
1743 for (i = 0; i < npages; i++)
1744 kunmap(pages[i]);
1745
1746 if (written) {
1747 len -= written;
1748 total_written += written;
1749 cifs_update_eof(CIFS_I(inode), *poffset, written);
1750 *poffset += written;
1751 } else if (rc < 0) {
1752 if (!total_written)
1753 total_written = rc;
1754 break;
1755 }
1756
1757 /* get length and number of kvecs of the next write */
1758 npages = get_numpages(cifs_sb->wsize, len, &cur_len);
1759 } while (len > 0);
1760
1761 if (total_written > 0) {
1762 spin_lock(&inode->i_lock);
1763 if (*poffset > inode->i_size)
1764 i_size_write(inode, *poffset);
1765 spin_unlock(&inode->i_lock);
1766 }
1767
1768 cifs_stats_bytes_written(pTcon, total_written);
1769 mark_inode_dirty_sync(inode);
1770
1771 for (i = 0; i < num_pages; i++)
1772 put_page(pages[i]);
1773 kfree(to_send);
1774 kfree(pages);
1775 FreeXid(xid);
1776 return total_written;
1777}
1778
1779static ssize_t cifs_user_writev(struct kiocb *iocb, const struct iovec *iov,
1780 unsigned long nr_segs, loff_t pos)
1781{
1782 ssize_t written;
1783 struct inode *inode;
1784
1785 inode = iocb->ki_filp->f_path.dentry->d_inode;
1786
1787 /*
1788 * BB - optimize the way when signing is disabled. We can drop this
1789 * extra memory-to-memory copying and use iovec buffers for constructing
1790 * write request.
1791 */
1792
1793 written = cifs_iovec_write(iocb->ki_filp, iov, nr_segs, &pos);
1794 if (written > 0) {
1795 CIFS_I(inode)->invalid_mapping = true;
1796 iocb->ki_pos = pos;
1797 }
1798
1799 return written;
1800}
1801
1802ssize_t cifs_strict_writev(struct kiocb *iocb, const struct iovec *iov,
1803 unsigned long nr_segs, loff_t pos)
1804{
1805 struct inode *inode;
1806
1807 inode = iocb->ki_filp->f_path.dentry->d_inode;
1808
1809 if (CIFS_I(inode)->clientCanCacheAll)
1810 return generic_file_aio_write(iocb, iov, nr_segs, pos);
1811
1812 /*
1813 * In strict cache mode we need to write the data to the server exactly
1814 * from the pos to pos+len-1 rather than flush all affected pages
1815 * because it may cause a error with mandatory locks on these pages but
1816 * not on the region from pos to ppos+len-1.
1817 */
1818
1819 return cifs_user_writev(iocb, iov, nr_segs, pos);
1820}
1821
1822static ssize_t
1823cifs_iovec_read(struct file *file, const struct iovec *iov,
1824 unsigned long nr_segs, loff_t *poffset)
1825{
1826 int rc;
1608 int xid; 1827 int xid;
1828 unsigned int total_read, bytes_read = 0;
1829 size_t len, cur_len;
1830 int iov_offset = 0;
1831 struct cifs_sb_info *cifs_sb;
1832 struct cifsTconInfo *pTcon;
1609 struct cifsFileInfo *open_file; 1833 struct cifsFileInfo *open_file;
1610 char *smb_read_data;
1611 char __user *current_offset;
1612 struct smb_com_read_rsp *pSMBr; 1834 struct smb_com_read_rsp *pSMBr;
1835 char *read_data;
1836
1837 if (!nr_segs)
1838 return 0;
1839
1840 len = iov_length(iov, nr_segs);
1841 if (!len)
1842 return 0;
1613 1843
1614 xid = GetXid(); 1844 xid = GetXid();
1615 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb); 1845 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb);
1616 1846
1617 if (file->private_data == NULL) {
1618 rc = -EBADF;
1619 FreeXid(xid);
1620 return rc;
1621 }
1622 open_file = file->private_data; 1847 open_file = file->private_data;
1623 pTcon = tlink_tcon(open_file->tlink); 1848 pTcon = tlink_tcon(open_file->tlink);
1624 1849
1625 if ((file->f_flags & O_ACCMODE) == O_WRONLY) 1850 if ((file->f_flags & O_ACCMODE) == O_WRONLY)
1626 cFYI(1, "attempting read on write only file instance"); 1851 cFYI(1, "attempting read on write only file instance");
1627 1852
1628 for (total_read = 0, current_offset = read_data; 1853 for (total_read = 0; total_read < len; total_read += bytes_read) {
1629 read_size > total_read; 1854 cur_len = min_t(const size_t, len - total_read, cifs_sb->rsize);
1630 total_read += bytes_read, current_offset += bytes_read) {
1631 current_read_size = min_t(const int, read_size - total_read,
1632 cifs_sb->rsize);
1633 rc = -EAGAIN; 1855 rc = -EAGAIN;
1634 smb_read_data = NULL; 1856 read_data = NULL;
1857
1635 while (rc == -EAGAIN) { 1858 while (rc == -EAGAIN) {
1636 int buf_type = CIFS_NO_BUFFER; 1859 int buf_type = CIFS_NO_BUFFER;
1637 if (open_file->invalidHandle) { 1860 if (open_file->invalidHandle) {
@@ -1639,27 +1862,25 @@ ssize_t cifs_user_read(struct file *file, char __user *read_data,
1639 if (rc != 0) 1862 if (rc != 0)
1640 break; 1863 break;
1641 } 1864 }
1642 rc = CIFSSMBRead(xid, pTcon, 1865 rc = CIFSSMBRead(xid, pTcon, open_file->netfid,
1643 open_file->netfid, 1866 cur_len, *poffset, &bytes_read,
1644 current_read_size, *poffset, 1867 &read_data, &buf_type);
1645 &bytes_read, &smb_read_data, 1868 pSMBr = (struct smb_com_read_rsp *)read_data;
1646 &buf_type); 1869 if (read_data) {
1647 pSMBr = (struct smb_com_read_rsp *)smb_read_data; 1870 char *data_offset = read_data + 4 +
1648 if (smb_read_data) { 1871 le16_to_cpu(pSMBr->DataOffset);
1649 if (copy_to_user(current_offset, 1872 if (memcpy_toiovecend(iov, data_offset,
1650 smb_read_data + 1873 iov_offset, bytes_read))
1651 4 /* RFC1001 length field */ +
1652 le16_to_cpu(pSMBr->DataOffset),
1653 bytes_read))
1654 rc = -EFAULT; 1874 rc = -EFAULT;
1655
1656 if (buf_type == CIFS_SMALL_BUFFER) 1875 if (buf_type == CIFS_SMALL_BUFFER)
1657 cifs_small_buf_release(smb_read_data); 1876 cifs_small_buf_release(read_data);
1658 else if (buf_type == CIFS_LARGE_BUFFER) 1877 else if (buf_type == CIFS_LARGE_BUFFER)
1659 cifs_buf_release(smb_read_data); 1878 cifs_buf_release(read_data);
1660 smb_read_data = NULL; 1879 read_data = NULL;
1880 iov_offset += bytes_read;
1661 } 1881 }
1662 } 1882 }
1883
1663 if (rc || (bytes_read == 0)) { 1884 if (rc || (bytes_read == 0)) {
1664 if (total_read) { 1885 if (total_read) {
1665 break; 1886 break;
@@ -1672,13 +1893,57 @@ ssize_t cifs_user_read(struct file *file, char __user *read_data,
1672 *poffset += bytes_read; 1893 *poffset += bytes_read;
1673 } 1894 }
1674 } 1895 }
1896
1675 FreeXid(xid); 1897 FreeXid(xid);
1676 return total_read; 1898 return total_read;
1677} 1899}
1678 1900
1901ssize_t cifs_user_read(struct file *file, char __user *read_data,
1902 size_t read_size, loff_t *poffset)
1903{
1904 struct iovec iov;
1905 iov.iov_base = read_data;
1906 iov.iov_len = read_size;
1907
1908 return cifs_iovec_read(file, &iov, 1, poffset);
1909}
1910
1911static ssize_t cifs_user_readv(struct kiocb *iocb, const struct iovec *iov,
1912 unsigned long nr_segs, loff_t pos)
1913{
1914 ssize_t read;
1915
1916 read = cifs_iovec_read(iocb->ki_filp, iov, nr_segs, &pos);
1917 if (read > 0)
1918 iocb->ki_pos = pos;
1919
1920 return read;
1921}
1922
1923ssize_t cifs_strict_readv(struct kiocb *iocb, const struct iovec *iov,
1924 unsigned long nr_segs, loff_t pos)
1925{
1926 struct inode *inode;
1927
1928 inode = iocb->ki_filp->f_path.dentry->d_inode;
1929
1930 if (CIFS_I(inode)->clientCanCacheRead)
1931 return generic_file_aio_read(iocb, iov, nr_segs, pos);
1932
1933 /*
1934 * In strict cache mode we need to read from the server all the time
1935 * if we don't have level II oplock because the server can delay mtime
1936 * change - so we can't make a decision about inode invalidating.
1937 * And we can also fail with pagereading if there are mandatory locks
1938 * on pages affected by this read but not on the region from pos to
1939 * pos+len-1.
1940 */
1941
1942 return cifs_user_readv(iocb, iov, nr_segs, pos);
1943}
1679 1944
1680static ssize_t cifs_read(struct file *file, char *read_data, size_t read_size, 1945static ssize_t cifs_read(struct file *file, char *read_data, size_t read_size,
1681 loff_t *poffset) 1946 loff_t *poffset)
1682{ 1947{
1683 int rc = -EACCES; 1948 int rc = -EACCES;
1684 unsigned int bytes_read = 0; 1949 unsigned int bytes_read = 0;
@@ -1746,6 +2011,21 @@ static ssize_t cifs_read(struct file *file, char *read_data, size_t read_size,
1746 return total_read; 2011 return total_read;
1747} 2012}
1748 2013
2014int cifs_file_strict_mmap(struct file *file, struct vm_area_struct *vma)
2015{
2016 int rc, xid;
2017 struct inode *inode = file->f_path.dentry->d_inode;
2018
2019 xid = GetXid();
2020
2021 if (!CIFS_I(inode)->clientCanCacheRead)
2022 cifs_invalidate_mapping(inode);
2023
2024 rc = generic_file_mmap(file, vma);
2025 FreeXid(xid);
2026 return rc;
2027}
2028
1749int cifs_file_mmap(struct file *file, struct vm_area_struct *vma) 2029int cifs_file_mmap(struct file *file, struct vm_area_struct *vma)
1750{ 2030{
1751 int rc, xid; 2031 int rc, xid;
@@ -2192,7 +2472,8 @@ void cifs_oplock_break(struct work_struct *work)
2192 */ 2472 */
2193 if (!cfile->oplock_break_cancelled) { 2473 if (!cfile->oplock_break_cancelled) {
2194 rc = CIFSSMBLock(0, tlink_tcon(cfile->tlink), cfile->netfid, 0, 2474 rc = CIFSSMBLock(0, tlink_tcon(cfile->tlink), cfile->netfid, 0,
2195 0, 0, 0, LOCKING_ANDX_OPLOCK_RELEASE, false); 2475 0, 0, 0, LOCKING_ANDX_OPLOCK_RELEASE, false,
2476 cinode->clientCanCacheRead ? 1 : 0);
2196 cFYI(1, "Oplock release rc = %d", rc); 2477 cFYI(1, "Oplock release rc = %d", rc);
2197 } 2478 }
2198 2479
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
index 6c9ee8014ff0..8852470b4fbb 100644
--- a/fs/cifs/inode.c
+++ b/fs/cifs/inode.c
@@ -44,13 +44,17 @@ static void cifs_set_ops(struct inode *inode)
44 inode->i_fop = &cifs_file_direct_nobrl_ops; 44 inode->i_fop = &cifs_file_direct_nobrl_ops;
45 else 45 else
46 inode->i_fop = &cifs_file_direct_ops; 46 inode->i_fop = &cifs_file_direct_ops;
47 } else if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_STRICT_IO) {
48 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_BRL)
49 inode->i_fop = &cifs_file_strict_nobrl_ops;
50 else
51 inode->i_fop = &cifs_file_strict_ops;
47 } else if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_BRL) 52 } else if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_BRL)
48 inode->i_fop = &cifs_file_nobrl_ops; 53 inode->i_fop = &cifs_file_nobrl_ops;
49 else { /* not direct, send byte range locks */ 54 else { /* not direct, send byte range locks */
50 inode->i_fop = &cifs_file_ops; 55 inode->i_fop = &cifs_file_ops;
51 } 56 }
52 57
53
54 /* check if server can support readpages */ 58 /* check if server can support readpages */
55 if (cifs_sb_master_tcon(cifs_sb)->ses->server->maxBuf < 59 if (cifs_sb_master_tcon(cifs_sb)->ses->server->maxBuf <
56 PAGE_CACHE_SIZE + MAX_CIFS_HDR_SIZE) 60 PAGE_CACHE_SIZE + MAX_CIFS_HDR_SIZE)
@@ -1679,7 +1683,7 @@ cifs_inode_needs_reval(struct inode *inode)
1679/* 1683/*
1680 * Zap the cache. Called when invalid_mapping flag is set. 1684 * Zap the cache. Called when invalid_mapping flag is set.
1681 */ 1685 */
1682static void 1686void
1683cifs_invalidate_mapping(struct inode *inode) 1687cifs_invalidate_mapping(struct inode *inode)
1684{ 1688{
1685 int rc; 1689 int rc;
diff --git a/fs/cifs/link.c b/fs/cifs/link.c
index 306769de2fb5..02cd60aefbff 100644
--- a/fs/cifs/link.c
+++ b/fs/cifs/link.c
@@ -28,7 +28,6 @@
28#include "cifsproto.h" 28#include "cifsproto.h"
29#include "cifs_debug.h" 29#include "cifs_debug.h"
30#include "cifs_fs_sb.h" 30#include "cifs_fs_sb.h"
31#include "md5.h"
32 31
33#define CIFS_MF_SYMLINK_LEN_OFFSET (4+1) 32#define CIFS_MF_SYMLINK_LEN_OFFSET (4+1)
34#define CIFS_MF_SYMLINK_MD5_OFFSET (CIFS_MF_SYMLINK_LEN_OFFSET+(4+1)) 33#define CIFS_MF_SYMLINK_MD5_OFFSET (CIFS_MF_SYMLINK_LEN_OFFSET+(4+1))
@@ -47,6 +46,44 @@
47 md5_hash[12], md5_hash[13], md5_hash[14], md5_hash[15] 46 md5_hash[12], md5_hash[13], md5_hash[14], md5_hash[15]
48 47
49static int 48static int
49symlink_hash(unsigned int link_len, const char *link_str, u8 *md5_hash)
50{
51 int rc;
52 unsigned int size;
53 struct crypto_shash *md5;
54 struct sdesc *sdescmd5;
55
56 md5 = crypto_alloc_shash("md5", 0, 0);
57 if (IS_ERR(md5)) {
58 cERROR(1, "%s: Crypto md5 allocation error %d\n", __func__, rc);
59 return PTR_ERR(md5);
60 }
61 size = sizeof(struct shash_desc) + crypto_shash_descsize(md5);
62 sdescmd5 = kmalloc(size, GFP_KERNEL);
63 if (!sdescmd5) {
64 rc = -ENOMEM;
65 cERROR(1, "%s: Memory allocation failure\n", __func__);
66 goto symlink_hash_err;
67 }
68 sdescmd5->shash.tfm = md5;
69 sdescmd5->shash.flags = 0x0;
70
71 rc = crypto_shash_init(&sdescmd5->shash);
72 if (rc) {
73 cERROR(1, "%s: Could not init md5 shash\n", __func__);
74 goto symlink_hash_err;
75 }
76 crypto_shash_update(&sdescmd5->shash, link_str, link_len);
77 rc = crypto_shash_final(&sdescmd5->shash, md5_hash);
78
79symlink_hash_err:
80 crypto_free_shash(md5);
81 kfree(sdescmd5);
82
83 return rc;
84}
85
86static int
50CIFSParseMFSymlink(const u8 *buf, 87CIFSParseMFSymlink(const u8 *buf,
51 unsigned int buf_len, 88 unsigned int buf_len,
52 unsigned int *_link_len, 89 unsigned int *_link_len,
@@ -56,7 +93,6 @@ CIFSParseMFSymlink(const u8 *buf,
56 unsigned int link_len; 93 unsigned int link_len;
57 const char *md5_str1; 94 const char *md5_str1;
58 const char *link_str; 95 const char *link_str;
59 struct MD5Context md5_ctx;
60 u8 md5_hash[16]; 96 u8 md5_hash[16];
61 char md5_str2[34]; 97 char md5_str2[34];
62 98
@@ -70,9 +106,11 @@ CIFSParseMFSymlink(const u8 *buf,
70 if (rc != 1) 106 if (rc != 1)
71 return -EINVAL; 107 return -EINVAL;
72 108
73 cifs_MD5_init(&md5_ctx); 109 rc = symlink_hash(link_len, link_str, md5_hash);
74 cifs_MD5_update(&md5_ctx, (const u8 *)link_str, link_len); 110 if (rc) {
75 cifs_MD5_final(md5_hash, &md5_ctx); 111 cFYI(1, "%s: MD5 hash failure: %d\n", __func__, rc);
112 return rc;
113 }
76 114
77 snprintf(md5_str2, sizeof(md5_str2), 115 snprintf(md5_str2, sizeof(md5_str2),
78 CIFS_MF_SYMLINK_MD5_FORMAT, 116 CIFS_MF_SYMLINK_MD5_FORMAT,
@@ -94,9 +132,9 @@ CIFSParseMFSymlink(const u8 *buf,
94static int 132static int
95CIFSFormatMFSymlink(u8 *buf, unsigned int buf_len, const char *link_str) 133CIFSFormatMFSymlink(u8 *buf, unsigned int buf_len, const char *link_str)
96{ 134{
135 int rc;
97 unsigned int link_len; 136 unsigned int link_len;
98 unsigned int ofs; 137 unsigned int ofs;
99 struct MD5Context md5_ctx;
100 u8 md5_hash[16]; 138 u8 md5_hash[16];
101 139
102 if (buf_len != CIFS_MF_SYMLINK_FILE_SIZE) 140 if (buf_len != CIFS_MF_SYMLINK_FILE_SIZE)
@@ -107,9 +145,11 @@ CIFSFormatMFSymlink(u8 *buf, unsigned int buf_len, const char *link_str)
107 if (link_len > CIFS_MF_SYMLINK_LINK_MAXLEN) 145 if (link_len > CIFS_MF_SYMLINK_LINK_MAXLEN)
108 return -ENAMETOOLONG; 146 return -ENAMETOOLONG;
109 147
110 cifs_MD5_init(&md5_ctx); 148 rc = symlink_hash(link_len, link_str, md5_hash);
111 cifs_MD5_update(&md5_ctx, (const u8 *)link_str, link_len); 149 if (rc) {
112 cifs_MD5_final(md5_hash, &md5_ctx); 150 cFYI(1, "%s: MD5 hash failure: %d\n", __func__, rc);
151 return rc;
152 }
113 153
114 snprintf(buf, buf_len, 154 snprintf(buf, buf_len,
115 CIFS_MF_SYMLINK_LEN_FORMAT CIFS_MF_SYMLINK_MD5_FORMAT, 155 CIFS_MF_SYMLINK_LEN_FORMAT CIFS_MF_SYMLINK_MD5_FORMAT,
diff --git a/fs/cifs/md4.c b/fs/cifs/md4.c
deleted file mode 100644
index a725c2609d67..000000000000
--- a/fs/cifs/md4.c
+++ /dev/null
@@ -1,205 +0,0 @@
1/*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 a implementation of MD4 designed for use in the SMB authentication protocol
5 Copyright (C) Andrew Tridgell 1997-1998.
6 Modified by Steve French (sfrench@us.ibm.com) 2002-2003
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21*/
22#include <linux/module.h>
23#include <linux/fs.h>
24#include "cifsencrypt.h"
25
26/* NOTE: This code makes no attempt to be fast! */
27
28static __u32
29F(__u32 X, __u32 Y, __u32 Z)
30{
31 return (X & Y) | ((~X) & Z);
32}
33
34static __u32
35G(__u32 X, __u32 Y, __u32 Z)
36{
37 return (X & Y) | (X & Z) | (Y & Z);
38}
39
40static __u32
41H(__u32 X, __u32 Y, __u32 Z)
42{
43 return X ^ Y ^ Z;
44}
45
46static __u32
47lshift(__u32 x, int s)
48{
49 x &= 0xFFFFFFFF;
50 return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));
51}
52
53#define ROUND1(a,b,c,d,k,s) (*a) = lshift((*a) + F(*b,*c,*d) + X[k], s)
54#define ROUND2(a,b,c,d,k,s) (*a) = lshift((*a) + G(*b,*c,*d) + X[k] + (__u32)0x5A827999,s)
55#define ROUND3(a,b,c,d,k,s) (*a) = lshift((*a) + H(*b,*c,*d) + X[k] + (__u32)0x6ED9EBA1,s)
56
57/* this applies md4 to 64 byte chunks */
58static void
59mdfour64(__u32 *M, __u32 *A, __u32 *B, __u32 *C, __u32 *D)
60{
61 int j;
62 __u32 AA, BB, CC, DD;
63 __u32 X[16];
64
65
66 for (j = 0; j < 16; j++)
67 X[j] = M[j];
68
69 AA = *A;
70 BB = *B;
71 CC = *C;
72 DD = *D;
73
74 ROUND1(A, B, C, D, 0, 3);
75 ROUND1(D, A, B, C, 1, 7);
76 ROUND1(C, D, A, B, 2, 11);
77 ROUND1(B, C, D, A, 3, 19);
78 ROUND1(A, B, C, D, 4, 3);
79 ROUND1(D, A, B, C, 5, 7);
80 ROUND1(C, D, A, B, 6, 11);
81 ROUND1(B, C, D, A, 7, 19);
82 ROUND1(A, B, C, D, 8, 3);
83 ROUND1(D, A, B, C, 9, 7);
84 ROUND1(C, D, A, B, 10, 11);
85 ROUND1(B, C, D, A, 11, 19);
86 ROUND1(A, B, C, D, 12, 3);
87 ROUND1(D, A, B, C, 13, 7);
88 ROUND1(C, D, A, B, 14, 11);
89 ROUND1(B, C, D, A, 15, 19);
90
91 ROUND2(A, B, C, D, 0, 3);
92 ROUND2(D, A, B, C, 4, 5);
93 ROUND2(C, D, A, B, 8, 9);
94 ROUND2(B, C, D, A, 12, 13);
95 ROUND2(A, B, C, D, 1, 3);
96 ROUND2(D, A, B, C, 5, 5);
97 ROUND2(C, D, A, B, 9, 9);
98 ROUND2(B, C, D, A, 13, 13);
99 ROUND2(A, B, C, D, 2, 3);
100 ROUND2(D, A, B, C, 6, 5);
101 ROUND2(C, D, A, B, 10, 9);
102 ROUND2(B, C, D, A, 14, 13);
103 ROUND2(A, B, C, D, 3, 3);
104 ROUND2(D, A, B, C, 7, 5);
105 ROUND2(C, D, A, B, 11, 9);
106 ROUND2(B, C, D, A, 15, 13);
107
108 ROUND3(A, B, C, D, 0, 3);
109 ROUND3(D, A, B, C, 8, 9);
110 ROUND3(C, D, A, B, 4, 11);
111 ROUND3(B, C, D, A, 12, 15);
112 ROUND3(A, B, C, D, 2, 3);
113 ROUND3(D, A, B, C, 10, 9);
114 ROUND3(C, D, A, B, 6, 11);
115 ROUND3(B, C, D, A, 14, 15);
116 ROUND3(A, B, C, D, 1, 3);
117 ROUND3(D, A, B, C, 9, 9);
118 ROUND3(C, D, A, B, 5, 11);
119 ROUND3(B, C, D, A, 13, 15);
120 ROUND3(A, B, C, D, 3, 3);
121 ROUND3(D, A, B, C, 11, 9);
122 ROUND3(C, D, A, B, 7, 11);
123 ROUND3(B, C, D, A, 15, 15);
124
125 *A += AA;
126 *B += BB;
127 *C += CC;
128 *D += DD;
129
130 *A &= 0xFFFFFFFF;
131 *B &= 0xFFFFFFFF;
132 *C &= 0xFFFFFFFF;
133 *D &= 0xFFFFFFFF;
134
135 for (j = 0; j < 16; j++)
136 X[j] = 0;
137}
138
139static void
140copy64(__u32 *M, unsigned char *in)
141{
142 int i;
143
144 for (i = 0; i < 16; i++)
145 M[i] = (in[i * 4 + 3] << 24) | (in[i * 4 + 2] << 16) |
146 (in[i * 4 + 1] << 8) | (in[i * 4 + 0] << 0);
147}
148
149static void
150copy4(unsigned char *out, __u32 x)
151{
152 out[0] = x & 0xFF;
153 out[1] = (x >> 8) & 0xFF;
154 out[2] = (x >> 16) & 0xFF;
155 out[3] = (x >> 24) & 0xFF;
156}
157
158/* produce a md4 message digest from data of length n bytes */
159void
160mdfour(unsigned char *out, unsigned char *in, int n)
161{
162 unsigned char buf[128];
163 __u32 M[16];
164 __u32 b = n * 8;
165 int i;
166 __u32 A = 0x67452301;
167 __u32 B = 0xefcdab89;
168 __u32 C = 0x98badcfe;
169 __u32 D = 0x10325476;
170
171 while (n > 64) {
172 copy64(M, in);
173 mdfour64(M, &A, &B, &C, &D);
174 in += 64;
175 n -= 64;
176 }
177
178 for (i = 0; i < 128; i++)
179 buf[i] = 0;
180 memcpy(buf, in, n);
181 buf[n] = 0x80;
182
183 if (n <= 55) {
184 copy4(buf + 56, b);
185 copy64(M, buf);
186 mdfour64(M, &A, &B, &C, &D);
187 } else {
188 copy4(buf + 120, b);
189 copy64(M, buf);
190 mdfour64(M, &A, &B, &C, &D);
191 copy64(M, buf + 64);
192 mdfour64(M, &A, &B, &C, &D);
193 }
194
195 for (i = 0; i < 128; i++)
196 buf[i] = 0;
197 copy64(M, buf);
198
199 copy4(out, A);
200 copy4(out + 4, B);
201 copy4(out + 8, C);
202 copy4(out + 12, D);
203
204 A = B = C = D = 0;
205}
diff --git a/fs/cifs/md5.c b/fs/cifs/md5.c
deleted file mode 100644
index 98b66a54c319..000000000000
--- a/fs/cifs/md5.c
+++ /dev/null
@@ -1,366 +0,0 @@
1/*
2 * This code implements the MD5 message-digest algorithm.
3 * The algorithm is due to Ron Rivest. This code was
4 * written by Colin Plumb in 1993, no copyright is claimed.
5 * This code is in the public domain; do with it what you wish.
6 *
7 * Equivalent code is available from RSA Data Security, Inc.
8 * This code has been tested against that, and is equivalent,
9 * except that you don't need to include two pages of legalese
10 * with every copy.
11 *
12 * To compute the message digest of a chunk of bytes, declare an
13 * MD5Context structure, pass it to cifs_MD5_init, call cifs_MD5_update as
14 * needed on buffers full of bytes, and then call cifs_MD5_final, which
15 * will fill a supplied 16-byte array with the digest.
16 */
17
18/* This code slightly modified to fit into Samba by
19 abartlet@samba.org Jun 2001
20 and to fit the cifs vfs by
21 Steve French sfrench@us.ibm.com */
22
23#include <linux/string.h>
24#include "md5.h"
25
26static void MD5Transform(__u32 buf[4], __u32 const in[16]);
27
28/*
29 * Note: this code is harmless on little-endian machines.
30 */
31static void
32byteReverse(unsigned char *buf, unsigned longs)
33{
34 __u32 t;
35 do {
36 t = (__u32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
37 ((unsigned) buf[1] << 8 | buf[0]);
38 *(__u32 *) buf = t;
39 buf += 4;
40 } while (--longs);
41}
42
43/*
44 * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
45 * initialization constants.
46 */
47void
48cifs_MD5_init(struct MD5Context *ctx)
49{
50 ctx->buf[0] = 0x67452301;
51 ctx->buf[1] = 0xefcdab89;
52 ctx->buf[2] = 0x98badcfe;
53 ctx->buf[3] = 0x10325476;
54
55 ctx->bits[0] = 0;
56 ctx->bits[1] = 0;
57}
58
59/*
60 * Update context to reflect the concatenation of another buffer full
61 * of bytes.
62 */
63void
64cifs_MD5_update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
65{
66 register __u32 t;
67
68 /* Update bitcount */
69
70 t = ctx->bits[0];
71 if ((ctx->bits[0] = t + ((__u32) len << 3)) < t)
72 ctx->bits[1]++; /* Carry from low to high */
73 ctx->bits[1] += len >> 29;
74
75 t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
76
77 /* Handle any leading odd-sized chunks */
78
79 if (t) {
80 unsigned char *p = (unsigned char *) ctx->in + t;
81
82 t = 64 - t;
83 if (len < t) {
84 memmove(p, buf, len);
85 return;
86 }
87 memmove(p, buf, t);
88 byteReverse(ctx->in, 16);
89 MD5Transform(ctx->buf, (__u32 *) ctx->in);
90 buf += t;
91 len -= t;
92 }
93 /* Process data in 64-byte chunks */
94
95 while (len >= 64) {
96 memmove(ctx->in, buf, 64);
97 byteReverse(ctx->in, 16);
98 MD5Transform(ctx->buf, (__u32 *) ctx->in);
99 buf += 64;
100 len -= 64;
101 }
102
103 /* Handle any remaining bytes of data. */
104
105 memmove(ctx->in, buf, len);
106}
107
108/*
109 * Final wrapup - pad to 64-byte boundary with the bit pattern
110 * 1 0* (64-bit count of bits processed, MSB-first)
111 */
112void
113cifs_MD5_final(unsigned char digest[16], struct MD5Context *ctx)
114{
115 unsigned int count;
116 unsigned char *p;
117
118 /* Compute number of bytes mod 64 */
119 count = (ctx->bits[0] >> 3) & 0x3F;
120
121 /* Set the first char of padding to 0x80. This is safe since there is
122 always at least one byte free */
123 p = ctx->in + count;
124 *p++ = 0x80;
125
126 /* Bytes of padding needed to make 64 bytes */
127 count = 64 - 1 - count;
128
129 /* Pad out to 56 mod 64 */
130 if (count < 8) {
131 /* Two lots of padding: Pad the first block to 64 bytes */
132 memset(p, 0, count);
133 byteReverse(ctx->in, 16);
134 MD5Transform(ctx->buf, (__u32 *) ctx->in);
135
136 /* Now fill the next block with 56 bytes */
137 memset(ctx->in, 0, 56);
138 } else {
139 /* Pad block to 56 bytes */
140 memset(p, 0, count - 8);
141 }
142 byteReverse(ctx->in, 14);
143
144 /* Append length in bits and transform */
145 ((__u32 *) ctx->in)[14] = ctx->bits[0];
146 ((__u32 *) ctx->in)[15] = ctx->bits[1];
147
148 MD5Transform(ctx->buf, (__u32 *) ctx->in);
149 byteReverse((unsigned char *) ctx->buf, 4);
150 memmove(digest, ctx->buf, 16);
151 memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
152}
153
154/* The four core functions - F1 is optimized somewhat */
155
156/* #define F1(x, y, z) (x & y | ~x & z) */
157#define F1(x, y, z) (z ^ (x & (y ^ z)))
158#define F2(x, y, z) F1(z, x, y)
159#define F3(x, y, z) (x ^ y ^ z)
160#define F4(x, y, z) (y ^ (x | ~z))
161
162/* This is the central step in the MD5 algorithm. */
163#define MD5STEP(f, w, x, y, z, data, s) \
164 (w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x)
165
166/*
167 * The core of the MD5 algorithm, this alters an existing MD5 hash to
168 * reflect the addition of 16 longwords of new data. cifs_MD5_update blocks
169 * the data and converts bytes into longwords for this routine.
170 */
171static void
172MD5Transform(__u32 buf[4], __u32 const in[16])
173{
174 register __u32 a, b, c, d;
175
176 a = buf[0];
177 b = buf[1];
178 c = buf[2];
179 d = buf[3];
180
181 MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
182 MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
183 MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
184 MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
185 MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
186 MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
187 MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
188 MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
189 MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
190 MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
191 MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
192 MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
193 MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
194 MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
195 MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
196 MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
197
198 MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
199 MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
200 MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
201 MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
202 MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
203 MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
204 MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
205 MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
206 MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
207 MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
208 MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
209 MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
210 MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
211 MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
212 MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
213 MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
214
215 MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
216 MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
217 MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
218 MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
219 MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
220 MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
221 MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
222 MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
223 MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
224 MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
225 MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
226 MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
227 MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
228 MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
229 MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
230 MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
231
232 MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
233 MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
234 MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
235 MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
236 MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
237 MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
238 MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
239 MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
240 MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
241 MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
242 MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
243 MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
244 MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
245 MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
246 MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
247 MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
248
249 buf[0] += a;
250 buf[1] += b;
251 buf[2] += c;
252 buf[3] += d;
253}
254
255#if 0 /* currently unused */
256/***********************************************************************
257 the rfc 2104 version of hmac_md5 initialisation.
258***********************************************************************/
259static void
260hmac_md5_init_rfc2104(unsigned char *key, int key_len,
261 struct HMACMD5Context *ctx)
262{
263 int i;
264
265 /* if key is longer than 64 bytes reset it to key=MD5(key) */
266 if (key_len > 64) {
267 unsigned char tk[16];
268 struct MD5Context tctx;
269
270 cifs_MD5_init(&tctx);
271 cifs_MD5_update(&tctx, key, key_len);
272 cifs_MD5_final(tk, &tctx);
273
274 key = tk;
275 key_len = 16;
276 }
277
278 /* start out by storing key in pads */
279 memset(ctx->k_ipad, 0, sizeof(ctx->k_ipad));
280 memset(ctx->k_opad, 0, sizeof(ctx->k_opad));
281 memcpy(ctx->k_ipad, key, key_len);
282 memcpy(ctx->k_opad, key, key_len);
283
284 /* XOR key with ipad and opad values */
285 for (i = 0; i < 64; i++) {
286 ctx->k_ipad[i] ^= 0x36;
287 ctx->k_opad[i] ^= 0x5c;
288 }
289
290 cifs_MD5_init(&ctx->ctx);
291 cifs_MD5_update(&ctx->ctx, ctx->k_ipad, 64);
292}
293#endif
294
295/***********************************************************************
296 the microsoft version of hmac_md5 initialisation.
297***********************************************************************/
298void
299hmac_md5_init_limK_to_64(const unsigned char *key, int key_len,
300 struct HMACMD5Context *ctx)
301{
302 int i;
303
304 /* if key is longer than 64 bytes truncate it */
305 if (key_len > 64)
306 key_len = 64;
307
308 /* start out by storing key in pads */
309 memset(ctx->k_ipad, 0, sizeof(ctx->k_ipad));
310 memset(ctx->k_opad, 0, sizeof(ctx->k_opad));
311 memcpy(ctx->k_ipad, key, key_len);
312 memcpy(ctx->k_opad, key, key_len);
313
314 /* XOR key with ipad and opad values */
315 for (i = 0; i < 64; i++) {
316 ctx->k_ipad[i] ^= 0x36;
317 ctx->k_opad[i] ^= 0x5c;
318 }
319
320 cifs_MD5_init(&ctx->ctx);
321 cifs_MD5_update(&ctx->ctx, ctx->k_ipad, 64);
322}
323
324/***********************************************************************
325 update hmac_md5 "inner" buffer
326***********************************************************************/
327void
328hmac_md5_update(const unsigned char *text, int text_len,
329 struct HMACMD5Context *ctx)
330{
331 cifs_MD5_update(&ctx->ctx, text, text_len); /* then text of datagram */
332}
333
334/***********************************************************************
335 finish off hmac_md5 "inner" buffer and generate outer one.
336***********************************************************************/
337void
338hmac_md5_final(unsigned char *digest, struct HMACMD5Context *ctx)
339{
340 struct MD5Context ctx_o;
341
342 cifs_MD5_final(digest, &ctx->ctx);
343
344 cifs_MD5_init(&ctx_o);
345 cifs_MD5_update(&ctx_o, ctx->k_opad, 64);
346 cifs_MD5_update(&ctx_o, digest, 16);
347 cifs_MD5_final(digest, &ctx_o);
348}
349
350/***********************************************************
351 single function to calculate an HMAC MD5 digest from data.
352 use the microsoft hmacmd5 init method because the key is 16 bytes.
353************************************************************/
354#if 0 /* currently unused */
355static void
356hmac_md5(unsigned char key[16], unsigned char *data, int data_len,
357 unsigned char *digest)
358{
359 struct HMACMD5Context ctx;
360 hmac_md5_init_limK_to_64(key, 16, &ctx);
361 if (data_len != 0)
362 hmac_md5_update(data, data_len, &ctx);
363
364 hmac_md5_final(digest, &ctx);
365}
366#endif
diff --git a/fs/cifs/md5.h b/fs/cifs/md5.h
deleted file mode 100644
index 6fba8cb402fd..000000000000
--- a/fs/cifs/md5.h
+++ /dev/null
@@ -1,38 +0,0 @@
1#ifndef MD5_H
2#define MD5_H
3#ifndef HEADER_MD5_H
4/* Try to avoid clashes with OpenSSL */
5#define HEADER_MD5_H
6#endif
7
8struct MD5Context {
9 __u32 buf[4];
10 __u32 bits[2];
11 unsigned char in[64];
12};
13#endif /* !MD5_H */
14
15#ifndef _HMAC_MD5_H
16struct HMACMD5Context {
17 struct MD5Context ctx;
18 unsigned char k_ipad[65];
19 unsigned char k_opad[65];
20};
21#endif /* _HMAC_MD5_H */
22
23void cifs_MD5_init(struct MD5Context *context);
24void cifs_MD5_update(struct MD5Context *context, unsigned char const *buf,
25 unsigned len);
26void cifs_MD5_final(unsigned char digest[16], struct MD5Context *context);
27
28/* The following definitions come from lib/hmacmd5.c */
29
30/* void hmac_md5_init_rfc2104(unsigned char *key, int key_len,
31 struct HMACMD5Context *ctx);*/
32void hmac_md5_init_limK_to_64(const unsigned char *key, int key_len,
33 struct HMACMD5Context *ctx);
34void hmac_md5_update(const unsigned char *text, int text_len,
35 struct HMACMD5Context *ctx);
36void hmac_md5_final(unsigned char *digest, struct HMACMD5Context *ctx);
37/* void hmac_md5(unsigned char key[16], unsigned char *data, int data_len,
38 unsigned char *digest);*/
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index 43f10281bc19..a09e077ba925 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -571,7 +571,7 @@ is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv)
571 pCifsInode = CIFS_I(netfile->dentry->d_inode); 571 pCifsInode = CIFS_I(netfile->dentry->d_inode);
572 572
573 cifs_set_oplock_level(pCifsInode, 573 cifs_set_oplock_level(pCifsInode,
574 pSMB->OplockLevel); 574 pSMB->OplockLevel ? OPLOCK_READ : 0);
575 /* 575 /*
576 * cifs_oplock_break_put() can't be called 576 * cifs_oplock_break_put() can't be called
577 * from here. Get reference after queueing 577 * from here. Get reference after queueing
@@ -637,77 +637,6 @@ dump_smb(struct smb_hdr *smb_buf, int smb_buf_length)
637 return; 637 return;
638} 638}
639 639
640/* Convert 16 bit Unicode pathname to wire format from string in current code
641 page. Conversion may involve remapping up the seven characters that are
642 only legal in POSIX-like OS (if they are present in the string). Path
643 names are little endian 16 bit Unicode on the wire */
644int
645cifsConvertToUCS(__le16 *target, const char *source, int maxlen,
646 const struct nls_table *cp, int mapChars)
647{
648 int i, j, charlen;
649 int len_remaining = maxlen;
650 char src_char;
651 __u16 temp;
652
653 if (!mapChars)
654 return cifs_strtoUCS(target, source, PATH_MAX, cp);
655
656 for (i = 0, j = 0; i < maxlen; j++) {
657 src_char = source[i];
658 switch (src_char) {
659 case 0:
660 target[j] = 0;
661 goto ctoUCS_out;
662 case ':':
663 target[j] = cpu_to_le16(UNI_COLON);
664 break;
665 case '*':
666 target[j] = cpu_to_le16(UNI_ASTERIK);
667 break;
668 case '?':
669 target[j] = cpu_to_le16(UNI_QUESTION);
670 break;
671 case '<':
672 target[j] = cpu_to_le16(UNI_LESSTHAN);
673 break;
674 case '>':
675 target[j] = cpu_to_le16(UNI_GRTRTHAN);
676 break;
677 case '|':
678 target[j] = cpu_to_le16(UNI_PIPE);
679 break;
680 /* BB We can not handle remapping slash until
681 all the calls to build_path_from_dentry
682 are modified, as they use slash as separator BB */
683 /* case '\\':
684 target[j] = cpu_to_le16(UNI_SLASH);
685 break;*/
686 default:
687 charlen = cp->char2uni(source+i,
688 len_remaining, &temp);
689 /* if no match, use question mark, which
690 at least in some cases servers as wild card */
691 if (charlen < 1) {
692 target[j] = cpu_to_le16(0x003f);
693 charlen = 1;
694 } else
695 target[j] = cpu_to_le16(temp);
696 len_remaining -= charlen;
697 /* character may take more than one byte in the
698 the source string, but will take exactly two
699 bytes in the target string */
700 i += charlen;
701 continue;
702 }
703 i++; /* move to next char in source string */
704 len_remaining--;
705 }
706
707ctoUCS_out:
708 return i;
709}
710
711void 640void
712cifs_autodisable_serverino(struct cifs_sb_info *cifs_sb) 641cifs_autodisable_serverino(struct cifs_sb_info *cifs_sb)
713{ 642{
diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c
index 6783ce6cdc89..8d9189f64477 100644
--- a/fs/cifs/netmisc.c
+++ b/fs/cifs/netmisc.c
@@ -916,14 +916,14 @@ unsigned int
916smbCalcSize(struct smb_hdr *ptr) 916smbCalcSize(struct smb_hdr *ptr)
917{ 917{
918 return (sizeof(struct smb_hdr) + (2 * ptr->WordCount) + 918 return (sizeof(struct smb_hdr) + (2 * ptr->WordCount) +
919 2 /* size of the bcc field */ + BCC(ptr)); 919 2 /* size of the bcc field */ + get_bcc(ptr));
920} 920}
921 921
922unsigned int 922unsigned int
923smbCalcSize_LE(struct smb_hdr *ptr) 923smbCalcSize_LE(struct smb_hdr *ptr)
924{ 924{
925 return (sizeof(struct smb_hdr) + (2 * ptr->WordCount) + 925 return (sizeof(struct smb_hdr) + (2 * ptr->WordCount) +
926 2 /* size of the bcc field */ + le16_to_cpu(BCC_LE(ptr))); 926 2 /* size of the bcc field */ + get_bcc_le(ptr));
927} 927}
928 928
929/* The following are taken from fs/ntfs/util.c */ 929/* The following are taken from fs/ntfs/util.c */
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index eb746486e49e..1adc9625a344 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -277,7 +277,7 @@ static void ascii_ssetup_strings(char **pbcc_area, struct cifsSesInfo *ses,
277} 277}
278 278
279static void 279static void
280decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifsSesInfo *ses, 280decode_unicode_ssetup(char **pbcc_area, __u16 bleft, struct cifsSesInfo *ses,
281 const struct nls_table *nls_cp) 281 const struct nls_table *nls_cp)
282{ 282{
283 int len; 283 int len;
@@ -323,7 +323,7 @@ decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifsSesInfo *ses,
323 return; 323 return;
324} 324}
325 325
326static int decode_ascii_ssetup(char **pbcc_area, int bleft, 326static int decode_ascii_ssetup(char **pbcc_area, __u16 bleft,
327 struct cifsSesInfo *ses, 327 struct cifsSesInfo *ses,
328 const struct nls_table *nls_cp) 328 const struct nls_table *nls_cp)
329{ 329{
@@ -575,12 +575,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses,
575 char *str_area; 575 char *str_area;
576 SESSION_SETUP_ANDX *pSMB; 576 SESSION_SETUP_ANDX *pSMB;
577 __u32 capabilities; 577 __u32 capabilities;
578 int count; 578 __u16 count;
579 int resp_buf_type; 579 int resp_buf_type;
580 struct kvec iov[3]; 580 struct kvec iov[3];
581 enum securityEnum type; 581 enum securityEnum type;
582 __u16 action; 582 __u16 action, bytes_remaining;
583 int bytes_remaining;
584 struct key *spnego_key = NULL; 583 struct key *spnego_key = NULL;
585 __le32 phase = NtLmNegotiate; /* NTLMSSP, if needed, is multistage */ 584 __le32 phase = NtLmNegotiate; /* NTLMSSP, if needed, is multistage */
586 u16 blob_len; 585 u16 blob_len;
@@ -876,10 +875,10 @@ ssetup_ntlmssp_authenticate:
876 count = iov[1].iov_len + iov[2].iov_len; 875 count = iov[1].iov_len + iov[2].iov_len;
877 smb_buf->smb_buf_length += count; 876 smb_buf->smb_buf_length += count;
878 877
879 BCC_LE(smb_buf) = cpu_to_le16(count); 878 put_bcc_le(count, smb_buf);
880 879
881 rc = SendReceive2(xid, ses, iov, 3 /* num_iovecs */, &resp_buf_type, 880 rc = SendReceive2(xid, ses, iov, 3 /* num_iovecs */, &resp_buf_type,
882 CIFS_STD_OP /* not long */ | CIFS_LOG_ERROR); 881 CIFS_LOG_ERROR);
883 /* SMB request buf freed in SendReceive2 */ 882 /* SMB request buf freed in SendReceive2 */
884 883
885 pSMB = (SESSION_SETUP_ANDX *)iov[0].iov_base; 884 pSMB = (SESSION_SETUP_ANDX *)iov[0].iov_base;
@@ -910,7 +909,7 @@ ssetup_ntlmssp_authenticate:
910 cFYI(1, "UID = %d ", ses->Suid); 909 cFYI(1, "UID = %d ", ses->Suid);
911 /* response can have either 3 or 4 word count - Samba sends 3 */ 910 /* response can have either 3 or 4 word count - Samba sends 3 */
912 /* and lanman response is 3 */ 911 /* and lanman response is 3 */
913 bytes_remaining = BCC(smb_buf); 912 bytes_remaining = get_bcc(smb_buf);
914 bcc_ptr = pByteArea(smb_buf); 913 bcc_ptr = pByteArea(smb_buf);
915 914
916 if (smb_buf->WordCount == 4) { 915 if (smb_buf->WordCount == 4) {
diff --git a/fs/cifs/smbdes.c b/fs/cifs/smbdes.c
index b6b6dcb500bf..04721485925d 100644
--- a/fs/cifs/smbdes.c
+++ b/fs/cifs/smbdes.c
@@ -45,7 +45,6 @@
45 up with a different answer to the one above) 45 up with a different answer to the one above)
46*/ 46*/
47#include <linux/slab.h> 47#include <linux/slab.h>
48#include "cifsencrypt.h"
49#define uchar unsigned char 48#define uchar unsigned char
50 49
51static uchar perm1[56] = { 57, 49, 41, 33, 25, 17, 9, 50static uchar perm1[56] = { 57, 49, 41, 33, 25, 17, 9,
diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
index 192ea51af20f..b5450e9f40c0 100644
--- a/fs/cifs/smbencrypt.c
+++ b/fs/cifs/smbencrypt.c
@@ -32,9 +32,8 @@
32#include "cifs_unicode.h" 32#include "cifs_unicode.h"
33#include "cifspdu.h" 33#include "cifspdu.h"
34#include "cifsglob.h" 34#include "cifsglob.h"
35#include "md5.h"
36#include "cifs_debug.h" 35#include "cifs_debug.h"
37#include "cifsencrypt.h" 36#include "cifsproto.h"
38 37
39#ifndef false 38#ifndef false
40#define false 0 39#define false 0
@@ -48,14 +47,57 @@
48#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8) 47#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
49#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val))) 48#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))
50 49
51/*The following definitions come from libsmb/smbencrypt.c */ 50/* produce a md4 message digest from data of length n bytes */
51int
52mdfour(unsigned char *md4_hash, unsigned char *link_str, int link_len)
53{
54 int rc;
55 unsigned int size;
56 struct crypto_shash *md4;
57 struct sdesc *sdescmd4;
58
59 md4 = crypto_alloc_shash("md4", 0, 0);
60 if (IS_ERR(md4)) {
61 cERROR(1, "%s: Crypto md4 allocation error %d\n", __func__, rc);
62 return PTR_ERR(md4);
63 }
64 size = sizeof(struct shash_desc) + crypto_shash_descsize(md4);
65 sdescmd4 = kmalloc(size, GFP_KERNEL);
66 if (!sdescmd4) {
67 rc = -ENOMEM;
68 cERROR(1, "%s: Memory allocation failure\n", __func__);
69 goto mdfour_err;
70 }
71 sdescmd4->shash.tfm = md4;
72 sdescmd4->shash.flags = 0x0;
73
74 rc = crypto_shash_init(&sdescmd4->shash);
75 if (rc) {
76 cERROR(1, "%s: Could not init md4 shash\n", __func__);
77 goto mdfour_err;
78 }
79 crypto_shash_update(&sdescmd4->shash, link_str, link_len);
80 rc = crypto_shash_final(&sdescmd4->shash, md4_hash);
52 81
53void SMBencrypt(unsigned char *passwd, const unsigned char *c8, 82mdfour_err:
54 unsigned char *p24); 83 crypto_free_shash(md4);
55void E_md4hash(const unsigned char *passwd, unsigned char *p16); 84 kfree(sdescmd4);
56static void SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8, 85
57 unsigned char p24[24]); 86 return rc;
58void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); 87}
88
89/* Does the des encryption from the NT or LM MD4 hash. */
90static void
91SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8,
92 unsigned char p24[24])
93{
94 unsigned char p21[21];
95
96 memset(p21, '\0', 21);
97
98 memcpy(p21, passwd, 16);
99 E_P24(p21, c8, p24);
100}
59 101
60/* 102/*
61 This implements the X/Open SMB password encryption 103 This implements the X/Open SMB password encryption
@@ -118,9 +160,10 @@ _my_mbstowcs(__u16 *dst, const unsigned char *src, int len)
118 * Creates the MD4 Hash of the users password in NT UNICODE. 160 * Creates the MD4 Hash of the users password in NT UNICODE.
119 */ 161 */
120 162
121void 163int
122E_md4hash(const unsigned char *passwd, unsigned char *p16) 164E_md4hash(const unsigned char *passwd, unsigned char *p16)
123{ 165{
166 int rc;
124 int len; 167 int len;
125 __u16 wpwd[129]; 168 __u16 wpwd[129];
126 169
@@ -139,8 +182,10 @@ E_md4hash(const unsigned char *passwd, unsigned char *p16)
139 /* Calculate length in bytes */ 182 /* Calculate length in bytes */
140 len = _my_wcslen(wpwd) * sizeof(__u16); 183 len = _my_wcslen(wpwd) * sizeof(__u16);
141 184
142 mdfour(p16, (unsigned char *) wpwd, len); 185 rc = mdfour(p16, (unsigned char *) wpwd, len);
143 memset(wpwd, 0, 129 * 2); 186 memset(wpwd, 0, 129 * 2);
187
188 return rc;
144} 189}
145 190
146#if 0 /* currently unused */ 191#if 0 /* currently unused */
@@ -212,19 +257,6 @@ ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
212} 257}
213#endif 258#endif
214 259
215/* Does the des encryption from the NT or LM MD4 hash. */
216static void
217SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8,
218 unsigned char p24[24])
219{
220 unsigned char p21[21];
221
222 memset(p21, '\0', 21);
223
224 memcpy(p21, passwd, 16);
225 E_P24(p21, c8, p24);
226}
227
228/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */ 260/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
229#if 0 /* currently unused */ 261#if 0 /* currently unused */
230static void 262static void
@@ -242,16 +274,21 @@ NTLMSSPOWFencrypt(unsigned char passwd[8],
242#endif 274#endif
243 275
244/* Does the NT MD4 hash then des encryption. */ 276/* Does the NT MD4 hash then des encryption. */
245 277int
246void
247SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24) 278SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
248{ 279{
280 int rc;
249 unsigned char p21[21]; 281 unsigned char p21[21];
250 282
251 memset(p21, '\0', 21); 283 memset(p21, '\0', 21);
252 284
253 E_md4hash(passwd, p21); 285 rc = E_md4hash(passwd, p21);
286 if (rc) {
287 cFYI(1, "%s Can't generate NT hash, error: %d", __func__, rc);
288 return rc;
289 }
254 SMBOWFencrypt(p21, c8, p24); 290 SMBOWFencrypt(p21, c8, p24);
291 return rc;
255} 292}
256 293
257 294
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
index 59ca81b16919..c1ccca1a933f 100644
--- a/fs/cifs/transport.c
+++ b/fs/cifs/transport.c
@@ -36,7 +36,13 @@
36 36
37extern mempool_t *cifs_mid_poolp; 37extern mempool_t *cifs_mid_poolp;
38 38
39static struct mid_q_entry * 39static void
40wake_up_task(struct mid_q_entry *mid)
41{
42 wake_up_process(mid->callback_data);
43}
44
45struct mid_q_entry *
40AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server) 46AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
41{ 47{
42 struct mid_q_entry *temp; 48 struct mid_q_entry *temp;
@@ -58,28 +64,28 @@ AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
58 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */ 64 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
59 /* when mid allocated can be before when sent */ 65 /* when mid allocated can be before when sent */
60 temp->when_alloc = jiffies; 66 temp->when_alloc = jiffies;
61 temp->tsk = current; 67
68 /*
69 * The default is for the mid to be synchronous, so the
70 * default callback just wakes up the current task.
71 */
72 temp->callback = wake_up_task;
73 temp->callback_data = current;
62 } 74 }
63 75
64 spin_lock(&GlobalMid_Lock);
65 list_add_tail(&temp->qhead, &server->pending_mid_q);
66 atomic_inc(&midCount); 76 atomic_inc(&midCount);
67 temp->midState = MID_REQUEST_ALLOCATED; 77 temp->midState = MID_REQUEST_ALLOCATED;
68 spin_unlock(&GlobalMid_Lock);
69 return temp; 78 return temp;
70} 79}
71 80
72static void 81void
73DeleteMidQEntry(struct mid_q_entry *midEntry) 82DeleteMidQEntry(struct mid_q_entry *midEntry)
74{ 83{
75#ifdef CONFIG_CIFS_STATS2 84#ifdef CONFIG_CIFS_STATS2
76 unsigned long now; 85 unsigned long now;
77#endif 86#endif
78 spin_lock(&GlobalMid_Lock);
79 midEntry->midState = MID_FREE; 87 midEntry->midState = MID_FREE;
80 list_del(&midEntry->qhead);
81 atomic_dec(&midCount); 88 atomic_dec(&midCount);
82 spin_unlock(&GlobalMid_Lock);
83 if (midEntry->largeBuf) 89 if (midEntry->largeBuf)
84 cifs_buf_release(midEntry->resp_buf); 90 cifs_buf_release(midEntry->resp_buf);
85 else 91 else
@@ -103,6 +109,16 @@ DeleteMidQEntry(struct mid_q_entry *midEntry)
103 mempool_free(midEntry, cifs_mid_poolp); 109 mempool_free(midEntry, cifs_mid_poolp);
104} 110}
105 111
112static void
113delete_mid(struct mid_q_entry *mid)
114{
115 spin_lock(&GlobalMid_Lock);
116 list_del(&mid->qhead);
117 spin_unlock(&GlobalMid_Lock);
118
119 DeleteMidQEntry(mid);
120}
121
106static int 122static int
107smb_sendv(struct TCP_Server_Info *server, struct kvec *iov, int n_vec) 123smb_sendv(struct TCP_Server_Info *server, struct kvec *iov, int n_vec)
108{ 124{
@@ -244,31 +260,31 @@ smb_send(struct TCP_Server_Info *server, struct smb_hdr *smb_buffer,
244 return smb_sendv(server, &iov, 1); 260 return smb_sendv(server, &iov, 1);
245} 261}
246 262
247static int wait_for_free_request(struct cifsSesInfo *ses, const int long_op) 263static int wait_for_free_request(struct TCP_Server_Info *server,
264 const int long_op)
248{ 265{
249 if (long_op == CIFS_ASYNC_OP) { 266 if (long_op == CIFS_ASYNC_OP) {
250 /* oplock breaks must not be held up */ 267 /* oplock breaks must not be held up */
251 atomic_inc(&ses->server->inFlight); 268 atomic_inc(&server->inFlight);
252 return 0; 269 return 0;
253 } 270 }
254 271
255 spin_lock(&GlobalMid_Lock); 272 spin_lock(&GlobalMid_Lock);
256 while (1) { 273 while (1) {
257 if (atomic_read(&ses->server->inFlight) >= 274 if (atomic_read(&server->inFlight) >= cifs_max_pending) {
258 cifs_max_pending){
259 spin_unlock(&GlobalMid_Lock); 275 spin_unlock(&GlobalMid_Lock);
260#ifdef CONFIG_CIFS_STATS2 276#ifdef CONFIG_CIFS_STATS2
261 atomic_inc(&ses->server->num_waiters); 277 atomic_inc(&server->num_waiters);
262#endif 278#endif
263 wait_event(ses->server->request_q, 279 wait_event(server->request_q,
264 atomic_read(&ses->server->inFlight) 280 atomic_read(&server->inFlight)
265 < cifs_max_pending); 281 < cifs_max_pending);
266#ifdef CONFIG_CIFS_STATS2 282#ifdef CONFIG_CIFS_STATS2
267 atomic_dec(&ses->server->num_waiters); 283 atomic_dec(&server->num_waiters);
268#endif 284#endif
269 spin_lock(&GlobalMid_Lock); 285 spin_lock(&GlobalMid_Lock);
270 } else { 286 } else {
271 if (ses->server->tcpStatus == CifsExiting) { 287 if (server->tcpStatus == CifsExiting) {
272 spin_unlock(&GlobalMid_Lock); 288 spin_unlock(&GlobalMid_Lock);
273 return -ENOENT; 289 return -ENOENT;
274 } 290 }
@@ -278,7 +294,7 @@ static int wait_for_free_request(struct cifsSesInfo *ses, const int long_op)
278 294
279 /* update # of requests on the wire to server */ 295 /* update # of requests on the wire to server */
280 if (long_op != CIFS_BLOCKING_OP) 296 if (long_op != CIFS_BLOCKING_OP)
281 atomic_inc(&ses->server->inFlight); 297 atomic_inc(&server->inFlight);
282 spin_unlock(&GlobalMid_Lock); 298 spin_unlock(&GlobalMid_Lock);
283 break; 299 break;
284 } 300 }
@@ -308,53 +324,81 @@ static int allocate_mid(struct cifsSesInfo *ses, struct smb_hdr *in_buf,
308 *ppmidQ = AllocMidQEntry(in_buf, ses->server); 324 *ppmidQ = AllocMidQEntry(in_buf, ses->server);
309 if (*ppmidQ == NULL) 325 if (*ppmidQ == NULL)
310 return -ENOMEM; 326 return -ENOMEM;
327 spin_lock(&GlobalMid_Lock);
328 list_add_tail(&(*ppmidQ)->qhead, &ses->server->pending_mid_q);
329 spin_unlock(&GlobalMid_Lock);
311 return 0; 330 return 0;
312} 331}
313 332
314static int wait_for_response(struct cifsSesInfo *ses, 333static int
315 struct mid_q_entry *midQ, 334wait_for_response(struct TCP_Server_Info *server, struct mid_q_entry *midQ)
316 unsigned long timeout,
317 unsigned long time_to_wait)
318{ 335{
319 unsigned long curr_timeout; 336 int error;
320 337
321 for (;;) { 338 error = wait_event_killable(server->response_q,
322 curr_timeout = timeout + jiffies; 339 midQ->midState != MID_REQUEST_SUBMITTED);
323 wait_event_timeout(ses->server->response_q, 340 if (error < 0)
324 midQ->midState != MID_REQUEST_SUBMITTED, timeout); 341 return -ERESTARTSYS;
325 342
326 if (time_after(jiffies, curr_timeout) && 343 return 0;
327 (midQ->midState == MID_REQUEST_SUBMITTED) && 344}
328 ((ses->server->tcpStatus == CifsGood) ||
329 (ses->server->tcpStatus == CifsNew))) {
330 345
331 unsigned long lrt;
332 346
333 /* We timed out. Is the server still 347/*
334 sending replies ? */ 348 * Send a SMB request and set the callback function in the mid to handle
335 spin_lock(&GlobalMid_Lock); 349 * the result. Caller is responsible for dealing with timeouts.
336 lrt = ses->server->lstrp; 350 */
337 spin_unlock(&GlobalMid_Lock); 351int
352cifs_call_async(struct TCP_Server_Info *server, struct smb_hdr *in_buf,
353 mid_callback_t *callback, void *cbdata)
354{
355 int rc;
356 struct mid_q_entry *mid;
338 357
339 /* Calculate time_to_wait past last receive time. 358 rc = wait_for_free_request(server, CIFS_ASYNC_OP);
340 Although we prefer not to time out if the 359 if (rc)
341 server is still responding - we will time 360 return rc;
342 out if the server takes more than 15 (or 45 361
343 or 180) seconds to respond to this request 362 mutex_lock(&server->srv_mutex);
344 and has not responded to any request from 363 mid = AllocMidQEntry(in_buf, server);
345 other threads on the client within 10 seconds */ 364 if (mid == NULL) {
346 lrt += time_to_wait; 365 mutex_unlock(&server->srv_mutex);
347 if (time_after(jiffies, lrt)) { 366 return -ENOMEM;
348 /* No replies for time_to_wait. */
349 cERROR(1, "server not responding");
350 return -1;
351 }
352 } else {
353 return 0;
354 }
355 } 367 }
356}
357 368
369 /* put it on the pending_mid_q */
370 spin_lock(&GlobalMid_Lock);
371 list_add_tail(&mid->qhead, &server->pending_mid_q);
372 spin_unlock(&GlobalMid_Lock);
373
374 rc = cifs_sign_smb(in_buf, server, &mid->sequence_number);
375 if (rc) {
376 mutex_unlock(&server->srv_mutex);
377 goto out_err;
378 }
379
380 mid->callback = callback;
381 mid->callback_data = cbdata;
382 mid->midState = MID_REQUEST_SUBMITTED;
383#ifdef CONFIG_CIFS_STATS2
384 atomic_inc(&server->inSend);
385#endif
386 rc = smb_send(server, in_buf, in_buf->smb_buf_length);
387#ifdef CONFIG_CIFS_STATS2
388 atomic_dec(&server->inSend);
389 mid->when_sent = jiffies;
390#endif
391 mutex_unlock(&server->srv_mutex);
392 if (rc)
393 goto out_err;
394
395 return rc;
396out_err:
397 delete_mid(mid);
398 atomic_dec(&server->inFlight);
399 wake_up(&server->request_q);
400 return rc;
401}
358 402
359/* 403/*
360 * 404 *
@@ -382,6 +426,81 @@ SendReceiveNoRsp(const unsigned int xid, struct cifsSesInfo *ses,
382 return rc; 426 return rc;
383} 427}
384 428
429static int
430sync_mid_result(struct mid_q_entry *mid, struct TCP_Server_Info *server)
431{
432 int rc = 0;
433
434 cFYI(1, "%s: cmd=%d mid=%d state=%d", __func__, mid->command,
435 mid->mid, mid->midState);
436
437 spin_lock(&GlobalMid_Lock);
438 /* ensure that it's no longer on the pending_mid_q */
439 list_del_init(&mid->qhead);
440
441 switch (mid->midState) {
442 case MID_RESPONSE_RECEIVED:
443 spin_unlock(&GlobalMid_Lock);
444 return rc;
445 case MID_REQUEST_SUBMITTED:
446 /* socket is going down, reject all calls */
447 if (server->tcpStatus == CifsExiting) {
448 cERROR(1, "%s: canceling mid=%d cmd=0x%x state=%d",
449 __func__, mid->mid, mid->command, mid->midState);
450 rc = -EHOSTDOWN;
451 break;
452 }
453 case MID_RETRY_NEEDED:
454 rc = -EAGAIN;
455 break;
456 default:
457 cERROR(1, "%s: invalid mid state mid=%d state=%d", __func__,
458 mid->mid, mid->midState);
459 rc = -EIO;
460 }
461 spin_unlock(&GlobalMid_Lock);
462
463 DeleteMidQEntry(mid);
464 return rc;
465}
466
467/*
468 * An NT cancel request header looks just like the original request except:
469 *
470 * The Command is SMB_COM_NT_CANCEL
471 * The WordCount is zeroed out
472 * The ByteCount is zeroed out
473 *
474 * This function mangles an existing request buffer into a
475 * SMB_COM_NT_CANCEL request and then sends it.
476 */
477static int
478send_nt_cancel(struct TCP_Server_Info *server, struct smb_hdr *in_buf,
479 struct mid_q_entry *mid)
480{
481 int rc = 0;
482
483 /* -4 for RFC1001 length and +2 for BCC field */
484 in_buf->smb_buf_length = sizeof(struct smb_hdr) - 4 + 2;
485 in_buf->Command = SMB_COM_NT_CANCEL;
486 in_buf->WordCount = 0;
487 put_bcc_le(0, in_buf);
488
489 mutex_lock(&server->srv_mutex);
490 rc = cifs_sign_smb(in_buf, server, &mid->sequence_number);
491 if (rc) {
492 mutex_unlock(&server->srv_mutex);
493 return rc;
494 }
495 rc = smb_send(server, in_buf, in_buf->smb_buf_length);
496 mutex_unlock(&server->srv_mutex);
497
498 cFYI(1, "issued NT_CANCEL for mid %u, rc = %d",
499 in_buf->Mid, rc);
500
501 return rc;
502}
503
385int 504int
386SendReceive2(const unsigned int xid, struct cifsSesInfo *ses, 505SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
387 struct kvec *iov, int n_vec, int *pRespBufType /* ret */, 506 struct kvec *iov, int n_vec, int *pRespBufType /* ret */,
@@ -390,7 +509,6 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
390 int rc = 0; 509 int rc = 0;
391 int long_op; 510 int long_op;
392 unsigned int receive_len; 511 unsigned int receive_len;
393 unsigned long timeout;
394 struct mid_q_entry *midQ; 512 struct mid_q_entry *midQ;
395 struct smb_hdr *in_buf = iov[0].iov_base; 513 struct smb_hdr *in_buf = iov[0].iov_base;
396 514
@@ -413,7 +531,7 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
413 to the same server. We may make this configurable later or 531 to the same server. We may make this configurable later or
414 use ses->maxReq */ 532 use ses->maxReq */
415 533
416 rc = wait_for_free_request(ses, long_op); 534 rc = wait_for_free_request(ses->server, long_op);
417 if (rc) { 535 if (rc) {
418 cifs_small_buf_release(in_buf); 536 cifs_small_buf_release(in_buf);
419 return rc; 537 return rc;
@@ -457,65 +575,20 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
457 if (rc < 0) 575 if (rc < 0)
458 goto out; 576 goto out;
459 577
460 if (long_op == CIFS_STD_OP) 578 if (long_op == CIFS_ASYNC_OP)
461 timeout = 15 * HZ;
462 else if (long_op == CIFS_VLONG_OP) /* e.g. slow writes past EOF */
463 timeout = 180 * HZ;
464 else if (long_op == CIFS_LONG_OP)
465 timeout = 45 * HZ; /* should be greater than
466 servers oplock break timeout (about 43 seconds) */
467 else if (long_op == CIFS_ASYNC_OP)
468 goto out; 579 goto out;
469 else if (long_op == CIFS_BLOCKING_OP)
470 timeout = 0x7FFFFFFF; /* large, but not so large as to wrap */
471 else {
472 cERROR(1, "unknown timeout flag %d", long_op);
473 rc = -EIO;
474 goto out;
475 }
476
477 /* wait for 15 seconds or until woken up due to response arriving or
478 due to last connection to this server being unmounted */
479 if (signal_pending(current)) {
480 /* if signal pending do not hold up user for full smb timeout
481 but we still give response a chance to complete */
482 timeout = 2 * HZ;
483 }
484
485 /* No user interrupts in wait - wreaks havoc with performance */
486 wait_for_response(ses, midQ, timeout, 10 * HZ);
487
488 spin_lock(&GlobalMid_Lock);
489 580
490 if (midQ->resp_buf == NULL) { 581 rc = wait_for_response(ses->server, midQ);
491 cERROR(1, "No response to cmd %d mid %d", 582 if (rc != 0)
492 midQ->command, midQ->mid); 583 goto out;
493 if (midQ->midState == MID_REQUEST_SUBMITTED) {
494 if (ses->server->tcpStatus == CifsExiting)
495 rc = -EHOSTDOWN;
496 else {
497 ses->server->tcpStatus = CifsNeedReconnect;
498 midQ->midState = MID_RETRY_NEEDED;
499 }
500 }
501 584
502 if (rc != -EHOSTDOWN) { 585 rc = sync_mid_result(midQ, ses->server);
503 if (midQ->midState == MID_RETRY_NEEDED) { 586 if (rc != 0) {
504 rc = -EAGAIN;
505 cFYI(1, "marking request for retry");
506 } else {
507 rc = -EIO;
508 }
509 }
510 spin_unlock(&GlobalMid_Lock);
511 DeleteMidQEntry(midQ);
512 /* Update # of requests on wire to server */
513 atomic_dec(&ses->server->inFlight); 587 atomic_dec(&ses->server->inFlight);
514 wake_up(&ses->server->request_q); 588 wake_up(&ses->server->request_q);
515 return rc; 589 return rc;
516 } 590 }
517 591
518 spin_unlock(&GlobalMid_Lock);
519 receive_len = midQ->resp_buf->smb_buf_length; 592 receive_len = midQ->resp_buf->smb_buf_length;
520 593
521 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) { 594 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
@@ -559,19 +632,18 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
559 if (receive_len >= sizeof(struct smb_hdr) - 4 632 if (receive_len >= sizeof(struct smb_hdr) - 4
560 /* do not count RFC1001 header */ + 633 /* do not count RFC1001 header */ +
561 (2 * midQ->resp_buf->WordCount) + 2 /* bcc */ ) 634 (2 * midQ->resp_buf->WordCount) + 2 /* bcc */ )
562 BCC(midQ->resp_buf) = 635 put_bcc(get_bcc_le(midQ->resp_buf), midQ->resp_buf);
563 le16_to_cpu(BCC_LE(midQ->resp_buf));
564 if ((flags & CIFS_NO_RESP) == 0) 636 if ((flags & CIFS_NO_RESP) == 0)
565 midQ->resp_buf = NULL; /* mark it so buf will 637 midQ->resp_buf = NULL; /* mark it so buf will
566 not be freed by 638 not be freed by
567 DeleteMidQEntry */ 639 delete_mid */
568 } else { 640 } else {
569 rc = -EIO; 641 rc = -EIO;
570 cFYI(1, "Bad MID state?"); 642 cFYI(1, "Bad MID state?");
571 } 643 }
572 644
573out: 645out:
574 DeleteMidQEntry(midQ); 646 delete_mid(midQ);
575 atomic_dec(&ses->server->inFlight); 647 atomic_dec(&ses->server->inFlight);
576 wake_up(&ses->server->request_q); 648 wake_up(&ses->server->request_q);
577 649
@@ -585,7 +657,6 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
585{ 657{
586 int rc = 0; 658 int rc = 0;
587 unsigned int receive_len; 659 unsigned int receive_len;
588 unsigned long timeout;
589 struct mid_q_entry *midQ; 660 struct mid_q_entry *midQ;
590 661
591 if (ses == NULL) { 662 if (ses == NULL) {
@@ -610,7 +681,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
610 return -EIO; 681 return -EIO;
611 } 682 }
612 683
613 rc = wait_for_free_request(ses, long_op); 684 rc = wait_for_free_request(ses->server, long_op);
614 if (rc) 685 if (rc)
615 return rc; 686 return rc;
616 687
@@ -649,64 +720,20 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
649 if (rc < 0) 720 if (rc < 0)
650 goto out; 721 goto out;
651 722
652 if (long_op == CIFS_STD_OP) 723 if (long_op == CIFS_ASYNC_OP)
653 timeout = 15 * HZ;
654 /* wait for 15 seconds or until woken up due to response arriving or
655 due to last connection to this server being unmounted */
656 else if (long_op == CIFS_ASYNC_OP)
657 goto out; 724 goto out;
658 else if (long_op == CIFS_VLONG_OP) /* writes past EOF can be slow */
659 timeout = 180 * HZ;
660 else if (long_op == CIFS_LONG_OP)
661 timeout = 45 * HZ; /* should be greater than
662 servers oplock break timeout (about 43 seconds) */
663 else if (long_op == CIFS_BLOCKING_OP)
664 timeout = 0x7FFFFFFF; /* large but no so large as to wrap */
665 else {
666 cERROR(1, "unknown timeout flag %d", long_op);
667 rc = -EIO;
668 goto out;
669 }
670 725
671 if (signal_pending(current)) { 726 rc = wait_for_response(ses->server, midQ);
672 /* if signal pending do not hold up user for full smb timeout 727 if (rc != 0)
673 but we still give response a chance to complete */ 728 goto out;
674 timeout = 2 * HZ;
675 }
676
677 /* No user interrupts in wait - wreaks havoc with performance */
678 wait_for_response(ses, midQ, timeout, 10 * HZ);
679
680 spin_lock(&GlobalMid_Lock);
681 if (midQ->resp_buf == NULL) {
682 cERROR(1, "No response for cmd %d mid %d",
683 midQ->command, midQ->mid);
684 if (midQ->midState == MID_REQUEST_SUBMITTED) {
685 if (ses->server->tcpStatus == CifsExiting)
686 rc = -EHOSTDOWN;
687 else {
688 ses->server->tcpStatus = CifsNeedReconnect;
689 midQ->midState = MID_RETRY_NEEDED;
690 }
691 }
692 729
693 if (rc != -EHOSTDOWN) { 730 rc = sync_mid_result(midQ, ses->server);
694 if (midQ->midState == MID_RETRY_NEEDED) { 731 if (rc != 0) {
695 rc = -EAGAIN;
696 cFYI(1, "marking request for retry");
697 } else {
698 rc = -EIO;
699 }
700 }
701 spin_unlock(&GlobalMid_Lock);
702 DeleteMidQEntry(midQ);
703 /* Update # of requests on wire to server */
704 atomic_dec(&ses->server->inFlight); 732 atomic_dec(&ses->server->inFlight);
705 wake_up(&ses->server->request_q); 733 wake_up(&ses->server->request_q);
706 return rc; 734 return rc;
707 } 735 }
708 736
709 spin_unlock(&GlobalMid_Lock);
710 receive_len = midQ->resp_buf->smb_buf_length; 737 receive_len = midQ->resp_buf->smb_buf_length;
711 738
712 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) { 739 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
@@ -748,43 +775,20 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
748 if (receive_len >= sizeof(struct smb_hdr) - 4 775 if (receive_len >= sizeof(struct smb_hdr) - 4
749 /* do not count RFC1001 header */ + 776 /* do not count RFC1001 header */ +
750 (2 * out_buf->WordCount) + 2 /* bcc */ ) 777 (2 * out_buf->WordCount) + 2 /* bcc */ )
751 BCC(out_buf) = le16_to_cpu(BCC_LE(out_buf)); 778 put_bcc(get_bcc_le(midQ->resp_buf), midQ->resp_buf);
752 } else { 779 } else {
753 rc = -EIO; 780 rc = -EIO;
754 cERROR(1, "Bad MID state?"); 781 cERROR(1, "Bad MID state?");
755 } 782 }
756 783
757out: 784out:
758 DeleteMidQEntry(midQ); 785 delete_mid(midQ);
759 atomic_dec(&ses->server->inFlight); 786 atomic_dec(&ses->server->inFlight);
760 wake_up(&ses->server->request_q); 787 wake_up(&ses->server->request_q);
761 788
762 return rc; 789 return rc;
763} 790}
764 791
765/* Send an NT_CANCEL SMB to cause the POSIX blocking lock to return. */
766
767static int
768send_nt_cancel(struct cifsTconInfo *tcon, struct smb_hdr *in_buf,
769 struct mid_q_entry *midQ)
770{
771 int rc = 0;
772 struct cifsSesInfo *ses = tcon->ses;
773 __u16 mid = in_buf->Mid;
774
775 header_assemble(in_buf, SMB_COM_NT_CANCEL, tcon, 0);
776 in_buf->Mid = mid;
777 mutex_lock(&ses->server->srv_mutex);
778 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
779 if (rc) {
780 mutex_unlock(&ses->server->srv_mutex);
781 return rc;
782 }
783 rc = smb_send(ses->server, in_buf, in_buf->smb_buf_length);
784 mutex_unlock(&ses->server->srv_mutex);
785 return rc;
786}
787
788/* We send a LOCKINGX_CANCEL_LOCK to cause the Windows 792/* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
789 blocking lock to return. */ 793 blocking lock to return. */
790 794
@@ -807,7 +811,7 @@ send_lock_cancel(const unsigned int xid, struct cifsTconInfo *tcon,
807 pSMB->hdr.Mid = GetNextMid(ses->server); 811 pSMB->hdr.Mid = GetNextMid(ses->server);
808 812
809 return SendReceive(xid, ses, in_buf, out_buf, 813 return SendReceive(xid, ses, in_buf, out_buf,
810 &bytes_returned, CIFS_STD_OP); 814 &bytes_returned, 0);
811} 815}
812 816
813int 817int
@@ -845,7 +849,7 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
845 return -EIO; 849 return -EIO;
846 } 850 }
847 851
848 rc = wait_for_free_request(ses, CIFS_BLOCKING_OP); 852 rc = wait_for_free_request(ses->server, CIFS_BLOCKING_OP);
849 if (rc) 853 if (rc)
850 return rc; 854 return rc;
851 855
@@ -863,7 +867,7 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
863 867
864 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number); 868 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
865 if (rc) { 869 if (rc) {
866 DeleteMidQEntry(midQ); 870 delete_mid(midQ);
867 mutex_unlock(&ses->server->srv_mutex); 871 mutex_unlock(&ses->server->srv_mutex);
868 return rc; 872 return rc;
869 } 873 }
@@ -880,7 +884,7 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
880 mutex_unlock(&ses->server->srv_mutex); 884 mutex_unlock(&ses->server->srv_mutex);
881 885
882 if (rc < 0) { 886 if (rc < 0) {
883 DeleteMidQEntry(midQ); 887 delete_mid(midQ);
884 return rc; 888 return rc;
885 } 889 }
886 890
@@ -899,10 +903,9 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
899 if (in_buf->Command == SMB_COM_TRANSACTION2) { 903 if (in_buf->Command == SMB_COM_TRANSACTION2) {
900 /* POSIX lock. We send a NT_CANCEL SMB to cause the 904 /* POSIX lock. We send a NT_CANCEL SMB to cause the
901 blocking lock to return. */ 905 blocking lock to return. */
902 906 rc = send_nt_cancel(ses->server, in_buf, midQ);
903 rc = send_nt_cancel(tcon, in_buf, midQ);
904 if (rc) { 907 if (rc) {
905 DeleteMidQEntry(midQ); 908 delete_mid(midQ);
906 return rc; 909 return rc;
907 } 910 }
908 } else { 911 } else {
@@ -914,47 +917,22 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
914 /* If we get -ENOLCK back the lock may have 917 /* If we get -ENOLCK back the lock may have
915 already been removed. Don't exit in this case. */ 918 already been removed. Don't exit in this case. */
916 if (rc && rc != -ENOLCK) { 919 if (rc && rc != -ENOLCK) {
917 DeleteMidQEntry(midQ); 920 delete_mid(midQ);
918 return rc; 921 return rc;
919 } 922 }
920 } 923 }
921 924
922 /* Wait 5 seconds for the response. */ 925 if (wait_for_response(ses->server, midQ) == 0) {
923 if (wait_for_response(ses, midQ, 5 * HZ, 5 * HZ) == 0) {
924 /* We got the response - restart system call. */ 926 /* We got the response - restart system call. */
925 rstart = 1; 927 rstart = 1;
926 } 928 }
927 } 929 }
928 930
929 spin_lock(&GlobalMid_Lock); 931 rc = sync_mid_result(midQ, ses->server);
930 if (midQ->resp_buf) { 932 if (rc != 0)
931 spin_unlock(&GlobalMid_Lock);
932 receive_len = midQ->resp_buf->smb_buf_length;
933 } else {
934 cERROR(1, "No response for cmd %d mid %d",
935 midQ->command, midQ->mid);
936 if (midQ->midState == MID_REQUEST_SUBMITTED) {
937 if (ses->server->tcpStatus == CifsExiting)
938 rc = -EHOSTDOWN;
939 else {
940 ses->server->tcpStatus = CifsNeedReconnect;
941 midQ->midState = MID_RETRY_NEEDED;
942 }
943 }
944
945 if (rc != -EHOSTDOWN) {
946 if (midQ->midState == MID_RETRY_NEEDED) {
947 rc = -EAGAIN;
948 cFYI(1, "marking request for retry");
949 } else {
950 rc = -EIO;
951 }
952 }
953 spin_unlock(&GlobalMid_Lock);
954 DeleteMidQEntry(midQ);
955 return rc; 933 return rc;
956 }
957 934
935 receive_len = midQ->resp_buf->smb_buf_length;
958 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) { 936 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
959 cERROR(1, "Frame too large received. Length: %d Xid: %d", 937 cERROR(1, "Frame too large received. Length: %d Xid: %d",
960 receive_len, xid); 938 receive_len, xid);
@@ -998,10 +976,10 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
998 if (receive_len >= sizeof(struct smb_hdr) - 4 976 if (receive_len >= sizeof(struct smb_hdr) - 4
999 /* do not count RFC1001 header */ + 977 /* do not count RFC1001 header */ +
1000 (2 * out_buf->WordCount) + 2 /* bcc */ ) 978 (2 * out_buf->WordCount) + 2 /* bcc */ )
1001 BCC(out_buf) = le16_to_cpu(BCC_LE(out_buf)); 979 put_bcc(get_bcc_le(out_buf), out_buf);
1002 980
1003out: 981out:
1004 DeleteMidQEntry(midQ); 982 delete_mid(midQ);
1005 if (rstart && rc == -EACCES) 983 if (rstart && rc == -EACCES)
1006 return -ERESTARTSYS; 984 return -ERESTARTSYS;
1007 return rc; 985 return rc;
diff --git a/fs/dcache.c b/fs/dcache.c
index 9f493ee4dcba..2a6bd9a4ae97 100644
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -176,6 +176,7 @@ static void d_free(struct dentry *dentry)
176 176
177/** 177/**
178 * dentry_rcuwalk_barrier - invalidate in-progress rcu-walk lookups 178 * dentry_rcuwalk_barrier - invalidate in-progress rcu-walk lookups
179 * @dentry: the target dentry
179 * After this call, in-progress rcu-walk path lookup will fail. This 180 * After this call, in-progress rcu-walk path lookup will fail. This
180 * should be called after unhashing, and after changing d_inode (if 181 * should be called after unhashing, and after changing d_inode (if
181 * the dentry has not already been unhashed). 182 * the dentry has not already been unhashed).
@@ -281,6 +282,7 @@ static void dentry_lru_move_tail(struct dentry *dentry)
281/** 282/**
282 * d_kill - kill dentry and return parent 283 * d_kill - kill dentry and return parent
283 * @dentry: dentry to kill 284 * @dentry: dentry to kill
285 * @parent: parent dentry
284 * 286 *
285 * The dentry must already be unhashed and removed from the LRU. 287 * The dentry must already be unhashed and removed from the LRU.
286 * 288 *
@@ -1973,7 +1975,7 @@ out:
1973/** 1975/**
1974 * d_validate - verify dentry provided from insecure source (deprecated) 1976 * d_validate - verify dentry provided from insecure source (deprecated)
1975 * @dentry: The dentry alleged to be valid child of @dparent 1977 * @dentry: The dentry alleged to be valid child of @dparent
1976 * @parent: The parent dentry (known to be valid) 1978 * @dparent: The parent dentry (known to be valid)
1977 * 1979 *
1978 * An insecure source has sent us a dentry, here we verify it and dget() it. 1980 * An insecure source has sent us a dentry, here we verify it and dget() it.
1979 * This is used by ncpfs in its readdir implementation. 1981 * This is used by ncpfs in its readdir implementation.
diff --git a/fs/direct-io.c b/fs/direct-io.c
index 85882f6ba5f7..b044705eedd4 100644
--- a/fs/direct-io.c
+++ b/fs/direct-io.c
@@ -325,12 +325,16 @@ void dio_end_io(struct bio *bio, int error)
325} 325}
326EXPORT_SYMBOL_GPL(dio_end_io); 326EXPORT_SYMBOL_GPL(dio_end_io);
327 327
328static int 328static void
329dio_bio_alloc(struct dio *dio, struct block_device *bdev, 329dio_bio_alloc(struct dio *dio, struct block_device *bdev,
330 sector_t first_sector, int nr_vecs) 330 sector_t first_sector, int nr_vecs)
331{ 331{
332 struct bio *bio; 332 struct bio *bio;
333 333
334 /*
335 * bio_alloc() is guaranteed to return a bio when called with
336 * __GFP_WAIT and we request a valid number of vectors.
337 */
334 bio = bio_alloc(GFP_KERNEL, nr_vecs); 338 bio = bio_alloc(GFP_KERNEL, nr_vecs);
335 339
336 bio->bi_bdev = bdev; 340 bio->bi_bdev = bdev;
@@ -342,7 +346,6 @@ dio_bio_alloc(struct dio *dio, struct block_device *bdev,
342 346
343 dio->bio = bio; 347 dio->bio = bio;
344 dio->logical_offset_in_bio = dio->cur_page_fs_offset; 348 dio->logical_offset_in_bio = dio->cur_page_fs_offset;
345 return 0;
346} 349}
347 350
348/* 351/*
@@ -583,8 +586,9 @@ static int dio_new_bio(struct dio *dio, sector_t start_sector)
583 goto out; 586 goto out;
584 sector = start_sector << (dio->blkbits - 9); 587 sector = start_sector << (dio->blkbits - 9);
585 nr_pages = min(dio->pages_in_io, bio_get_nr_vecs(dio->map_bh.b_bdev)); 588 nr_pages = min(dio->pages_in_io, bio_get_nr_vecs(dio->map_bh.b_bdev));
589 nr_pages = min(nr_pages, BIO_MAX_PAGES);
586 BUG_ON(nr_pages <= 0); 590 BUG_ON(nr_pages <= 0);
587 ret = dio_bio_alloc(dio, dio->map_bh.b_bdev, sector, nr_pages); 591 dio_bio_alloc(dio, dio->map_bh.b_bdev, sector, nr_pages);
588 dio->boundary = 0; 592 dio->boundary = 0;
589out: 593out:
590 return ret; 594 return ret;
diff --git a/fs/ext3/super.c b/fs/ext3/super.c
index 7aa767d4f06f..85c8cc8f2473 100644
--- a/fs/ext3/super.c
+++ b/fs/ext3/super.c
@@ -754,7 +754,7 @@ static int ext3_release_dquot(struct dquot *dquot);
754static int ext3_mark_dquot_dirty(struct dquot *dquot); 754static int ext3_mark_dquot_dirty(struct dquot *dquot);
755static int ext3_write_info(struct super_block *sb, int type); 755static int ext3_write_info(struct super_block *sb, int type);
756static int ext3_quota_on(struct super_block *sb, int type, int format_id, 756static int ext3_quota_on(struct super_block *sb, int type, int format_id,
757 char *path); 757 struct path *path);
758static int ext3_quota_on_mount(struct super_block *sb, int type); 758static int ext3_quota_on_mount(struct super_block *sb, int type);
759static ssize_t ext3_quota_read(struct super_block *sb, int type, char *data, 759static ssize_t ext3_quota_read(struct super_block *sb, int type, char *data,
760 size_t len, loff_t off); 760 size_t len, loff_t off);
@@ -2877,27 +2877,20 @@ static int ext3_quota_on_mount(struct super_block *sb, int type)
2877 * Standard function to be called on quota_on 2877 * Standard function to be called on quota_on
2878 */ 2878 */
2879static int ext3_quota_on(struct super_block *sb, int type, int format_id, 2879static int ext3_quota_on(struct super_block *sb, int type, int format_id,
2880 char *name) 2880 struct path *path)
2881{ 2881{
2882 int err; 2882 int err;
2883 struct path path;
2884 2883
2885 if (!test_opt(sb, QUOTA)) 2884 if (!test_opt(sb, QUOTA))
2886 return -EINVAL; 2885 return -EINVAL;
2887 2886
2888 err = kern_path(name, LOOKUP_FOLLOW, &path);
2889 if (err)
2890 return err;
2891
2892 /* Quotafile not on the same filesystem? */ 2887 /* Quotafile not on the same filesystem? */
2893 if (path.mnt->mnt_sb != sb) { 2888 if (path->mnt->mnt_sb != sb)
2894 path_put(&path);
2895 return -EXDEV; 2889 return -EXDEV;
2896 }
2897 /* Journaling quota? */ 2890 /* Journaling quota? */
2898 if (EXT3_SB(sb)->s_qf_names[type]) { 2891 if (EXT3_SB(sb)->s_qf_names[type]) {
2899 /* Quotafile not of fs root? */ 2892 /* Quotafile not of fs root? */
2900 if (path.dentry->d_parent != sb->s_root) 2893 if (path->dentry->d_parent != sb->s_root)
2901 ext3_msg(sb, KERN_WARNING, 2894 ext3_msg(sb, KERN_WARNING,
2902 "warning: Quota file not on filesystem root. " 2895 "warning: Quota file not on filesystem root. "
2903 "Journaled quota will not work."); 2896 "Journaled quota will not work.");
@@ -2907,7 +2900,7 @@ static int ext3_quota_on(struct super_block *sb, int type, int format_id,
2907 * When we journal data on quota file, we have to flush journal to see 2900 * When we journal data on quota file, we have to flush journal to see
2908 * all updates to the file when we bypass pagecache... 2901 * all updates to the file when we bypass pagecache...
2909 */ 2902 */
2910 if (ext3_should_journal_data(path.dentry->d_inode)) { 2903 if (ext3_should_journal_data(path->dentry->d_inode)) {
2911 /* 2904 /*
2912 * We don't need to lock updates but journal_flush() could 2905 * We don't need to lock updates but journal_flush() could
2913 * otherwise be livelocked... 2906 * otherwise be livelocked...
@@ -2915,15 +2908,11 @@ static int ext3_quota_on(struct super_block *sb, int type, int format_id,
2915 journal_lock_updates(EXT3_SB(sb)->s_journal); 2908 journal_lock_updates(EXT3_SB(sb)->s_journal);
2916 err = journal_flush(EXT3_SB(sb)->s_journal); 2909 err = journal_flush(EXT3_SB(sb)->s_journal);
2917 journal_unlock_updates(EXT3_SB(sb)->s_journal); 2910 journal_unlock_updates(EXT3_SB(sb)->s_journal);
2918 if (err) { 2911 if (err)
2919 path_put(&path);
2920 return err; 2912 return err;
2921 }
2922 } 2913 }
2923 2914
2924 err = dquot_quota_on_path(sb, type, format_id, &path); 2915 return dquot_quota_on(sb, type, format_id, path);
2925 path_put(&path);
2926 return err;
2927} 2916}
2928 2917
2929/* Read data from quotafile - avoid pagecache and such because we cannot afford 2918/* Read data from quotafile - avoid pagecache and such because we cannot afford
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index cb10a06775e4..48ce561fafac 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1161,7 +1161,7 @@ static int ext4_release_dquot(struct dquot *dquot);
1161static int ext4_mark_dquot_dirty(struct dquot *dquot); 1161static int ext4_mark_dquot_dirty(struct dquot *dquot);
1162static int ext4_write_info(struct super_block *sb, int type); 1162static int ext4_write_info(struct super_block *sb, int type);
1163static int ext4_quota_on(struct super_block *sb, int type, int format_id, 1163static int ext4_quota_on(struct super_block *sb, int type, int format_id,
1164 char *path); 1164 struct path *path);
1165static int ext4_quota_off(struct super_block *sb, int type); 1165static int ext4_quota_off(struct super_block *sb, int type);
1166static int ext4_quota_on_mount(struct super_block *sb, int type); 1166static int ext4_quota_on_mount(struct super_block *sb, int type);
1167static ssize_t ext4_quota_read(struct super_block *sb, int type, char *data, 1167static ssize_t ext4_quota_read(struct super_block *sb, int type, char *data,
@@ -4558,27 +4558,20 @@ static int ext4_quota_on_mount(struct super_block *sb, int type)
4558 * Standard function to be called on quota_on 4558 * Standard function to be called on quota_on
4559 */ 4559 */
4560static int ext4_quota_on(struct super_block *sb, int type, int format_id, 4560static int ext4_quota_on(struct super_block *sb, int type, int format_id,
4561 char *name) 4561 struct path *path)
4562{ 4562{
4563 int err; 4563 int err;
4564 struct path path;
4565 4564
4566 if (!test_opt(sb, QUOTA)) 4565 if (!test_opt(sb, QUOTA))
4567 return -EINVAL; 4566 return -EINVAL;
4568 4567
4569 err = kern_path(name, LOOKUP_FOLLOW, &path);
4570 if (err)
4571 return err;
4572
4573 /* Quotafile not on the same filesystem? */ 4568 /* Quotafile not on the same filesystem? */
4574 if (path.mnt->mnt_sb != sb) { 4569 if (path->mnt->mnt_sb != sb)
4575 path_put(&path);
4576 return -EXDEV; 4570 return -EXDEV;
4577 }
4578 /* Journaling quota? */ 4571 /* Journaling quota? */
4579 if (EXT4_SB(sb)->s_qf_names[type]) { 4572 if (EXT4_SB(sb)->s_qf_names[type]) {
4580 /* Quotafile not in fs root? */ 4573 /* Quotafile not in fs root? */
4581 if (path.dentry->d_parent != sb->s_root) 4574 if (path->dentry->d_parent != sb->s_root)
4582 ext4_msg(sb, KERN_WARNING, 4575 ext4_msg(sb, KERN_WARNING,
4583 "Quota file not on filesystem root. " 4576 "Quota file not on filesystem root. "
4584 "Journaled quota will not work"); 4577 "Journaled quota will not work");
@@ -4589,7 +4582,7 @@ static int ext4_quota_on(struct super_block *sb, int type, int format_id,
4589 * all updates to the file when we bypass pagecache... 4582 * all updates to the file when we bypass pagecache...
4590 */ 4583 */
4591 if (EXT4_SB(sb)->s_journal && 4584 if (EXT4_SB(sb)->s_journal &&
4592 ext4_should_journal_data(path.dentry->d_inode)) { 4585 ext4_should_journal_data(path->dentry->d_inode)) {
4593 /* 4586 /*
4594 * We don't need to lock updates but journal_flush() could 4587 * We don't need to lock updates but journal_flush() could
4595 * otherwise be livelocked... 4588 * otherwise be livelocked...
@@ -4597,15 +4590,11 @@ static int ext4_quota_on(struct super_block *sb, int type, int format_id,
4597 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 4590 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
4598 err = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 4591 err = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
4599 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 4592 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
4600 if (err) { 4593 if (err)
4601 path_put(&path);
4602 return err; 4594 return err;
4603 }
4604 } 4595 }
4605 4596
4606 err = dquot_quota_on_path(sb, type, format_id, &path); 4597 return dquot_quota_on(sb, type, format_id, path);
4607 path_put(&path);
4608 return err;
4609} 4598}
4610 4599
4611static int ext4_quota_off(struct super_block *sb, int type) 4600static int ext4_quota_off(struct super_block *sb, int type)
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c
index 2232b3c780bd..7aa7d4f8984a 100644
--- a/fs/gfs2/inode.c
+++ b/fs/gfs2/inode.c
@@ -74,16 +74,14 @@ static struct inode *gfs2_iget(struct super_block *sb, u64 no_addr)
74} 74}
75 75
76/** 76/**
77 * GFS2 lookup code fills in vfs inode contents based on info obtained 77 * gfs2_set_iop - Sets inode operations
78 * from directory entry inside gfs2_inode_lookup(). This has caused issues 78 * @inode: The inode with correct i_mode filled in
79 * with NFS code path since its get_dentry routine doesn't have the relevant
80 * directory entry when gfs2_inode_lookup() is invoked. Part of the code
81 * segment inside gfs2_inode_lookup code needs to get moved around.
82 * 79 *
83 * Clears I_NEW as well. 80 * GFS2 lookup code fills in vfs inode contents based on info obtained
84 **/ 81 * from directory entry inside gfs2_inode_lookup().
82 */
85 83
86void gfs2_set_iop(struct inode *inode) 84static void gfs2_set_iop(struct inode *inode)
87{ 85{
88 struct gfs2_sbd *sdp = GFS2_SB(inode); 86 struct gfs2_sbd *sdp = GFS2_SB(inode);
89 umode_t mode = inode->i_mode; 87 umode_t mode = inode->i_mode;
@@ -106,8 +104,6 @@ void gfs2_set_iop(struct inode *inode)
106 inode->i_op = &gfs2_file_iops; 104 inode->i_op = &gfs2_file_iops;
107 init_special_inode(inode, inode->i_mode, inode->i_rdev); 105 init_special_inode(inode, inode->i_mode, inode->i_rdev);
108 } 106 }
109
110 unlock_new_inode(inode);
111} 107}
112 108
113/** 109/**
@@ -119,10 +115,8 @@ void gfs2_set_iop(struct inode *inode)
119 * Returns: A VFS inode, or an error 115 * Returns: A VFS inode, or an error
120 */ 116 */
121 117
122struct inode *gfs2_inode_lookup(struct super_block *sb, 118struct inode *gfs2_inode_lookup(struct super_block *sb, unsigned int type,
123 unsigned int type, 119 u64 no_addr, u64 no_formal_ino)
124 u64 no_addr,
125 u64 no_formal_ino)
126{ 120{
127 struct inode *inode; 121 struct inode *inode;
128 struct gfs2_inode *ip; 122 struct gfs2_inode *ip;
@@ -152,51 +146,37 @@ struct inode *gfs2_inode_lookup(struct super_block *sb,
152 error = gfs2_glock_nq_init(io_gl, LM_ST_SHARED, GL_EXACT, &ip->i_iopen_gh); 146 error = gfs2_glock_nq_init(io_gl, LM_ST_SHARED, GL_EXACT, &ip->i_iopen_gh);
153 if (unlikely(error)) 147 if (unlikely(error))
154 goto fail_iopen; 148 goto fail_iopen;
155 ip->i_iopen_gh.gh_gl->gl_object = ip;
156 149
150 ip->i_iopen_gh.gh_gl->gl_object = ip;
157 gfs2_glock_put(io_gl); 151 gfs2_glock_put(io_gl);
158 io_gl = NULL; 152 io_gl = NULL;
159 153
160 if ((type == DT_UNKNOWN) && (no_formal_ino == 0))
161 goto gfs2_nfsbypass;
162
163 inode->i_mode = DT2IF(type);
164
165 /*
166 * We must read the inode in order to work out its type in
167 * this case. Note that this doesn't happen often as we normally
168 * know the type beforehand. This code path only occurs during
169 * unlinked inode recovery (where it is safe to do this glock,
170 * which is not true in the general case).
171 */
172 if (type == DT_UNKNOWN) { 154 if (type == DT_UNKNOWN) {
173 struct gfs2_holder gh; 155 /* Inode glock must be locked already */
174 error = gfs2_glock_nq_init(ip->i_gl, LM_ST_EXCLUSIVE, 0, &gh); 156 error = gfs2_inode_refresh(GFS2_I(inode));
175 if (unlikely(error)) 157 if (error)
176 goto fail_glock; 158 goto fail_refresh;
177 /* Inode is now uptodate */ 159 } else {
178 gfs2_glock_dq_uninit(&gh); 160 inode->i_mode = DT2IF(type);
179 } 161 }
180 162
181 gfs2_set_iop(inode); 163 gfs2_set_iop(inode);
164 unlock_new_inode(inode);
182 } 165 }
183 166
184gfs2_nfsbypass:
185 return inode; 167 return inode;
186fail_glock: 168
187 gfs2_glock_dq(&ip->i_iopen_gh); 169fail_refresh:
170 ip->i_iopen_gh.gh_gl->gl_object = NULL;
171 gfs2_glock_dq_uninit(&ip->i_iopen_gh);
188fail_iopen: 172fail_iopen:
189 if (io_gl) 173 if (io_gl)
190 gfs2_glock_put(io_gl); 174 gfs2_glock_put(io_gl);
191fail_put: 175fail_put:
192 if (inode->i_state & I_NEW) 176 ip->i_gl->gl_object = NULL;
193 ip->i_gl->gl_object = NULL;
194 gfs2_glock_put(ip->i_gl); 177 gfs2_glock_put(ip->i_gl);
195fail: 178fail:
196 if (inode->i_state & I_NEW) 179 iget_failed(inode);
197 iget_failed(inode);
198 else
199 iput(inode);
200 return ERR_PTR(error); 180 return ERR_PTR(error);
201} 181}
202 182
@@ -221,14 +201,6 @@ struct inode *gfs2_lookup_by_inum(struct gfs2_sbd *sdp, u64 no_addr,
221 if (IS_ERR(inode)) 201 if (IS_ERR(inode))
222 goto fail; 202 goto fail;
223 203
224 error = gfs2_inode_refresh(GFS2_I(inode));
225 if (error)
226 goto fail_iput;
227
228 /* Pick up the works we bypass in gfs2_inode_lookup */
229 if (inode->i_state & I_NEW)
230 gfs2_set_iop(inode);
231
232 /* Two extra checks for NFS only */ 204 /* Two extra checks for NFS only */
233 if (no_formal_ino) { 205 if (no_formal_ino) {
234 error = -ESTALE; 206 error = -ESTALE;
diff --git a/fs/gfs2/inode.h b/fs/gfs2/inode.h
index 732a183efdb3..3e00a66e7cbd 100644
--- a/fs/gfs2/inode.h
+++ b/fs/gfs2/inode.h
@@ -96,7 +96,6 @@ err:
96 return -EIO; 96 return -EIO;
97} 97}
98 98
99extern void gfs2_set_iop(struct inode *inode);
100extern struct inode *gfs2_inode_lookup(struct super_block *sb, unsigned type, 99extern struct inode *gfs2_inode_lookup(struct super_block *sb, unsigned type,
101 u64 no_addr, u64 no_formal_ino); 100 u64 no_addr, u64 no_formal_ino);
102extern struct inode *gfs2_lookup_by_inum(struct gfs2_sbd *sdp, u64 no_addr, 101extern struct inode *gfs2_lookup_by_inum(struct gfs2_sbd *sdp, u64 no_addr,
diff --git a/fs/gfs2/super.c b/fs/gfs2/super.c
index 16c2ecac7eb7..ec73ed70bae1 100644
--- a/fs/gfs2/super.c
+++ b/fs/gfs2/super.c
@@ -1336,6 +1336,7 @@ static void gfs2_evict_inode(struct inode *inode)
1336 if (error) 1336 if (error)
1337 goto out_truncate; 1337 goto out_truncate;
1338 1338
1339 ip->i_iopen_gh.gh_flags |= GL_NOCACHE;
1339 gfs2_glock_dq_wait(&ip->i_iopen_gh); 1340 gfs2_glock_dq_wait(&ip->i_iopen_gh);
1340 gfs2_holder_reinit(LM_ST_EXCLUSIVE, LM_FLAG_TRY_1CB | GL_NOCACHE, &ip->i_iopen_gh); 1341 gfs2_holder_reinit(LM_ST_EXCLUSIVE, LM_FLAG_TRY_1CB | GL_NOCACHE, &ip->i_iopen_gh);
1341 error = gfs2_glock_nq(&ip->i_iopen_gh); 1342 error = gfs2_glock_nq(&ip->i_iopen_gh);
diff --git a/fs/lockd/host.c b/fs/lockd/host.c
index 5f1bcb2f06f3..b7c99bfb3da6 100644
--- a/fs/lockd/host.c
+++ b/fs/lockd/host.c
@@ -520,7 +520,7 @@ static struct nlm_host *next_host_state(struct hlist_head *cache,
520 struct nsm_handle *nsm, 520 struct nsm_handle *nsm,
521 const struct nlm_reboot *info) 521 const struct nlm_reboot *info)
522{ 522{
523 struct nlm_host *host = NULL; 523 struct nlm_host *host;
524 struct hlist_head *chain; 524 struct hlist_head *chain;
525 struct hlist_node *pos; 525 struct hlist_node *pos;
526 526
@@ -532,12 +532,13 @@ static struct nlm_host *next_host_state(struct hlist_head *cache,
532 host->h_state++; 532 host->h_state++;
533 533
534 nlm_get_host(host); 534 nlm_get_host(host);
535 goto out; 535 mutex_unlock(&nlm_host_mutex);
536 return host;
536 } 537 }
537 } 538 }
538out: 539
539 mutex_unlock(&nlm_host_mutex); 540 mutex_unlock(&nlm_host_mutex);
540 return host; 541 return NULL;
541} 542}
542 543
543/** 544/**
diff --git a/fs/nfs/callback.c b/fs/nfs/callback.c
index 199016528fcb..e3d294269058 100644
--- a/fs/nfs/callback.c
+++ b/fs/nfs/callback.c
@@ -135,33 +135,6 @@ out_err:
135 135
136#if defined(CONFIG_NFS_V4_1) 136#if defined(CONFIG_NFS_V4_1)
137/* 137/*
138 * * CB_SEQUENCE operations will fail until the callback sessionid is set.
139 * */
140int nfs4_set_callback_sessionid(struct nfs_client *clp)
141{
142 struct svc_serv *serv = clp->cl_rpcclient->cl_xprt->bc_serv;
143 struct nfs4_sessionid *bc_sid;
144
145 if (!serv->sv_bc_xprt)
146 return -EINVAL;
147
148 /* on success freed in xprt_free */
149 bc_sid = kmalloc(sizeof(struct nfs4_sessionid), GFP_KERNEL);
150 if (!bc_sid)
151 return -ENOMEM;
152 memcpy(bc_sid->data, &clp->cl_session->sess_id.data,
153 NFS4_MAX_SESSIONID_LEN);
154 spin_lock_bh(&serv->sv_cb_lock);
155 serv->sv_bc_xprt->xpt_bc_sid = bc_sid;
156 spin_unlock_bh(&serv->sv_cb_lock);
157 dprintk("%s set xpt_bc_sid=%u:%u:%u:%u for sv_bc_xprt %p\n", __func__,
158 ((u32 *)bc_sid->data)[0], ((u32 *)bc_sid->data)[1],
159 ((u32 *)bc_sid->data)[2], ((u32 *)bc_sid->data)[3],
160 serv->sv_bc_xprt);
161 return 0;
162}
163
164/*
165 * The callback service for NFSv4.1 callbacks 138 * The callback service for NFSv4.1 callbacks
166 */ 139 */
167static int 140static int
@@ -266,10 +239,6 @@ static inline void nfs_callback_bc_serv(u32 minorversion, struct rpc_xprt *xprt,
266 struct nfs_callback_data *cb_info) 239 struct nfs_callback_data *cb_info)
267{ 240{
268} 241}
269int nfs4_set_callback_sessionid(struct nfs_client *clp)
270{
271 return 0;
272}
273#endif /* CONFIG_NFS_V4_1 */ 242#endif /* CONFIG_NFS_V4_1 */
274 243
275/* 244/*
@@ -359,78 +328,58 @@ void nfs_callback_down(int minorversion)
359 mutex_unlock(&nfs_callback_mutex); 328 mutex_unlock(&nfs_callback_mutex);
360} 329}
361 330
362static int check_gss_callback_principal(struct nfs_client *clp, 331/* Boolean check of RPC_AUTH_GSS principal */
363 struct svc_rqst *rqstp) 332int
333check_gss_callback_principal(struct nfs_client *clp, struct svc_rqst *rqstp)
364{ 334{
365 struct rpc_clnt *r = clp->cl_rpcclient; 335 struct rpc_clnt *r = clp->cl_rpcclient;
366 char *p = svc_gss_principal(rqstp); 336 char *p = svc_gss_principal(rqstp);
367 337
338 if (rqstp->rq_authop->flavour != RPC_AUTH_GSS)
339 return 1;
340
368 /* No RPC_AUTH_GSS on NFSv4.1 back channel yet */ 341 /* No RPC_AUTH_GSS on NFSv4.1 back channel yet */
369 if (clp->cl_minorversion != 0) 342 if (clp->cl_minorversion != 0)
370 return SVC_DROP; 343 return 0;
371 /* 344 /*
372 * It might just be a normal user principal, in which case 345 * It might just be a normal user principal, in which case
373 * userspace won't bother to tell us the name at all. 346 * userspace won't bother to tell us the name at all.
374 */ 347 */
375 if (p == NULL) 348 if (p == NULL)
376 return SVC_DENIED; 349 return 0;
377 350
378 /* Expect a GSS_C_NT_HOSTBASED_NAME like "nfs@serverhostname" */ 351 /* Expect a GSS_C_NT_HOSTBASED_NAME like "nfs@serverhostname" */
379 352
380 if (memcmp(p, "nfs@", 4) != 0) 353 if (memcmp(p, "nfs@", 4) != 0)
381 return SVC_DENIED; 354 return 0;
382 p += 4; 355 p += 4;
383 if (strcmp(p, r->cl_server) != 0) 356 if (strcmp(p, r->cl_server) != 0)
384 return SVC_DENIED; 357 return 0;
385 return SVC_OK; 358 return 1;
386} 359}
387 360
388/* pg_authenticate method helper */ 361/*
389static struct nfs_client *nfs_cb_find_client(struct svc_rqst *rqstp) 362 * pg_authenticate method for nfsv4 callback threads.
390{ 363 *
391 struct nfs4_sessionid *sessionid = bc_xprt_sid(rqstp); 364 * The authflavor has been negotiated, so an incorrect flavor is a server
392 int is_cb_compound = rqstp->rq_proc == CB_COMPOUND ? 1 : 0; 365 * bug. Drop packets with incorrect authflavor.
393 366 *
394 dprintk("--> %s rq_proc %d\n", __func__, rqstp->rq_proc); 367 * All other checking done after NFS decoding where the nfs_client can be
395 if (svc_is_backchannel(rqstp)) 368 * found in nfs4_callback_compound
396 /* Sessionid (usually) set after CB_NULL ping */ 369 */
397 return nfs4_find_client_sessionid(svc_addr(rqstp), sessionid,
398 is_cb_compound);
399 else
400 /* No callback identifier in pg_authenticate */
401 return nfs4_find_client_no_ident(svc_addr(rqstp));
402}
403
404/* pg_authenticate method for nfsv4 callback threads. */
405static int nfs_callback_authenticate(struct svc_rqst *rqstp) 370static int nfs_callback_authenticate(struct svc_rqst *rqstp)
406{ 371{
407 struct nfs_client *clp;
408 RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]);
409 int ret = SVC_OK;
410
411 /* Don't talk to strangers */
412 clp = nfs_cb_find_client(rqstp);
413 if (clp == NULL)
414 return SVC_DROP;
415
416 dprintk("%s: %s NFSv4 callback!\n", __func__,
417 svc_print_addr(rqstp, buf, sizeof(buf)));
418
419 switch (rqstp->rq_authop->flavour) { 372 switch (rqstp->rq_authop->flavour) {
420 case RPC_AUTH_NULL: 373 case RPC_AUTH_NULL:
421 if (rqstp->rq_proc != CB_NULL) 374 if (rqstp->rq_proc != CB_NULL)
422 ret = SVC_DENIED; 375 return SVC_DROP;
423 break; 376 break;
424 case RPC_AUTH_UNIX: 377 case RPC_AUTH_GSS:
425 break; 378 /* No RPC_AUTH_GSS support yet in NFSv4.1 */
426 case RPC_AUTH_GSS: 379 if (svc_is_backchannel(rqstp))
427 ret = check_gss_callback_principal(clp, rqstp); 380 return SVC_DROP;
428 break;
429 default:
430 ret = SVC_DENIED;
431 } 381 }
432 nfs_put_client(clp); 382 return SVC_OK;
433 return ret;
434} 383}
435 384
436/* 385/*
diff --git a/fs/nfs/callback.h b/fs/nfs/callback.h
index d3b44f9bd747..46d93ce7311b 100644
--- a/fs/nfs/callback.h
+++ b/fs/nfs/callback.h
@@ -7,6 +7,7 @@
7 */ 7 */
8#ifndef __LINUX_FS_NFS_CALLBACK_H 8#ifndef __LINUX_FS_NFS_CALLBACK_H
9#define __LINUX_FS_NFS_CALLBACK_H 9#define __LINUX_FS_NFS_CALLBACK_H
10#include <linux/sunrpc/svc.h>
10 11
11#define NFS4_CALLBACK 0x40000000 12#define NFS4_CALLBACK 0x40000000
12#define NFS4_CALLBACK_XDRSIZE 2048 13#define NFS4_CALLBACK_XDRSIZE 2048
@@ -37,7 +38,6 @@ enum nfs4_callback_opnum {
37struct cb_process_state { 38struct cb_process_state {
38 __be32 drc_status; 39 __be32 drc_status;
39 struct nfs_client *clp; 40 struct nfs_client *clp;
40 struct nfs4_sessionid *svc_sid; /* v4.1 callback service sessionid */
41}; 41};
42 42
43struct cb_compound_hdr_arg { 43struct cb_compound_hdr_arg {
@@ -168,7 +168,7 @@ extern unsigned nfs4_callback_layoutrecall(
168extern void nfs4_check_drain_bc_complete(struct nfs4_session *ses); 168extern void nfs4_check_drain_bc_complete(struct nfs4_session *ses);
169extern void nfs4_cb_take_slot(struct nfs_client *clp); 169extern void nfs4_cb_take_slot(struct nfs_client *clp);
170#endif /* CONFIG_NFS_V4_1 */ 170#endif /* CONFIG_NFS_V4_1 */
171 171extern int check_gss_callback_principal(struct nfs_client *, struct svc_rqst *);
172extern __be32 nfs4_callback_getattr(struct cb_getattrargs *args, 172extern __be32 nfs4_callback_getattr(struct cb_getattrargs *args,
173 struct cb_getattrres *res, 173 struct cb_getattrres *res,
174 struct cb_process_state *cps); 174 struct cb_process_state *cps);
diff --git a/fs/nfs/callback_proc.c b/fs/nfs/callback_proc.c
index 4bb91cb2620d..89587573fe50 100644
--- a/fs/nfs/callback_proc.c
+++ b/fs/nfs/callback_proc.c
@@ -373,17 +373,11 @@ __be32 nfs4_callback_sequence(struct cb_sequenceargs *args,
373{ 373{
374 struct nfs_client *clp; 374 struct nfs_client *clp;
375 int i; 375 int i;
376 __be32 status; 376 __be32 status = htonl(NFS4ERR_BADSESSION);
377 377
378 cps->clp = NULL; 378 cps->clp = NULL;
379 379
380 status = htonl(NFS4ERR_BADSESSION); 380 clp = nfs4_find_client_sessionid(args->csa_addr, &args->csa_sessionid);
381 /* Incoming session must match the callback session */
382 if (memcmp(&args->csa_sessionid, cps->svc_sid, NFS4_MAX_SESSIONID_LEN))
383 goto out;
384
385 clp = nfs4_find_client_sessionid(args->csa_addr,
386 &args->csa_sessionid, 1);
387 if (clp == NULL) 381 if (clp == NULL)
388 goto out; 382 goto out;
389 383
@@ -414,9 +408,9 @@ __be32 nfs4_callback_sequence(struct cb_sequenceargs *args,
414 res->csr_highestslotid = NFS41_BC_MAX_CALLBACKS - 1; 408 res->csr_highestslotid = NFS41_BC_MAX_CALLBACKS - 1;
415 res->csr_target_highestslotid = NFS41_BC_MAX_CALLBACKS - 1; 409 res->csr_target_highestslotid = NFS41_BC_MAX_CALLBACKS - 1;
416 nfs4_cb_take_slot(clp); 410 nfs4_cb_take_slot(clp);
417 cps->clp = clp; /* put in nfs4_callback_compound */
418 411
419out: 412out:
413 cps->clp = clp; /* put in nfs4_callback_compound */
420 for (i = 0; i < args->csa_nrclists; i++) 414 for (i = 0; i < args->csa_nrclists; i++)
421 kfree(args->csa_rclists[i].rcl_refcalls); 415 kfree(args->csa_rclists[i].rcl_refcalls);
422 kfree(args->csa_rclists); 416 kfree(args->csa_rclists);
diff --git a/fs/nfs/callback_xdr.c b/fs/nfs/callback_xdr.c
index 23112c263f81..14e0f9371d14 100644
--- a/fs/nfs/callback_xdr.c
+++ b/fs/nfs/callback_xdr.c
@@ -794,10 +794,9 @@ static __be32 nfs4_callback_compound(struct svc_rqst *rqstp, void *argp, void *r
794 794
795 if (hdr_arg.minorversion == 0) { 795 if (hdr_arg.minorversion == 0) {
796 cps.clp = nfs4_find_client_ident(hdr_arg.cb_ident); 796 cps.clp = nfs4_find_client_ident(hdr_arg.cb_ident);
797 if (!cps.clp) 797 if (!cps.clp || !check_gss_callback_principal(cps.clp, rqstp))
798 return rpc_drop_reply; 798 return rpc_drop_reply;
799 } else 799 }
800 cps.svc_sid = bc_xprt_sid(rqstp);
801 800
802 hdr_res.taglen = hdr_arg.taglen; 801 hdr_res.taglen = hdr_arg.taglen;
803 hdr_res.tag = hdr_arg.tag; 802 hdr_res.tag = hdr_arg.tag;
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index 192f2f860265..bd3ca32879e7 100644
--- a/fs/nfs/client.c
+++ b/fs/nfs/client.c
@@ -1206,16 +1206,11 @@ nfs4_find_client_ident(int cb_ident)
1206 * For CB_COMPOUND calls, find a client by IP address, protocol version, 1206 * For CB_COMPOUND calls, find a client by IP address, protocol version,
1207 * minorversion, and sessionID 1207 * minorversion, and sessionID
1208 * 1208 *
1209 * CREATE_SESSION triggers a CB_NULL ping from servers. The callback service
1210 * sessionid can only be set after the CREATE_SESSION return, so a CB_NULL
1211 * can arrive before the callback sessionid is set. For CB_NULL calls,
1212 * find a client by IP address protocol version, and minorversion.
1213 *
1214 * Returns NULL if no such client 1209 * Returns NULL if no such client
1215 */ 1210 */
1216struct nfs_client * 1211struct nfs_client *
1217nfs4_find_client_sessionid(const struct sockaddr *addr, 1212nfs4_find_client_sessionid(const struct sockaddr *addr,
1218 struct nfs4_sessionid *sid, int is_cb_compound) 1213 struct nfs4_sessionid *sid)
1219{ 1214{
1220 struct nfs_client *clp; 1215 struct nfs_client *clp;
1221 1216
@@ -1227,9 +1222,9 @@ nfs4_find_client_sessionid(const struct sockaddr *addr,
1227 if (!nfs4_has_session(clp)) 1222 if (!nfs4_has_session(clp))
1228 continue; 1223 continue;
1229 1224
1230 /* Match sessionid unless cb_null call*/ 1225 /* Match sessionid*/
1231 if (is_cb_compound && (memcmp(clp->cl_session->sess_id.data, 1226 if (memcmp(clp->cl_session->sess_id.data,
1232 sid->data, NFS4_MAX_SESSIONID_LEN) != 0)) 1227 sid->data, NFS4_MAX_SESSIONID_LEN) != 0)
1233 continue; 1228 continue;
1234 1229
1235 atomic_inc(&clp->cl_count); 1230 atomic_inc(&clp->cl_count);
@@ -1244,7 +1239,7 @@ nfs4_find_client_sessionid(const struct sockaddr *addr,
1244 1239
1245struct nfs_client * 1240struct nfs_client *
1246nfs4_find_client_sessionid(const struct sockaddr *addr, 1241nfs4_find_client_sessionid(const struct sockaddr *addr,
1247 struct nfs4_sessionid *sid, int is_cb_compound) 1242 struct nfs4_sessionid *sid)
1248{ 1243{
1249 return NULL; 1244 return NULL;
1250} 1245}
diff --git a/fs/nfs/delegation.c b/fs/nfs/delegation.c
index 364e4328f392..bbbc6bf5cb2e 100644
--- a/fs/nfs/delegation.c
+++ b/fs/nfs/delegation.c
@@ -23,8 +23,6 @@
23 23
24static void nfs_do_free_delegation(struct nfs_delegation *delegation) 24static void nfs_do_free_delegation(struct nfs_delegation *delegation)
25{ 25{
26 if (delegation->cred)
27 put_rpccred(delegation->cred);
28 kfree(delegation); 26 kfree(delegation);
29} 27}
30 28
@@ -37,6 +35,10 @@ static void nfs_free_delegation_callback(struct rcu_head *head)
37 35
38static void nfs_free_delegation(struct nfs_delegation *delegation) 36static void nfs_free_delegation(struct nfs_delegation *delegation)
39{ 37{
38 if (delegation->cred) {
39 put_rpccred(delegation->cred);
40 delegation->cred = NULL;
41 }
40 call_rcu(&delegation->rcu, nfs_free_delegation_callback); 42 call_rcu(&delegation->rcu, nfs_free_delegation_callback);
41} 43}
42 44
diff --git a/fs/nfs/direct.c b/fs/nfs/direct.c
index e6ace0d93c71..9943a75bb6d1 100644
--- a/fs/nfs/direct.c
+++ b/fs/nfs/direct.c
@@ -407,15 +407,18 @@ static ssize_t nfs_direct_read_schedule_iovec(struct nfs_direct_req *dreq,
407 pos += vec->iov_len; 407 pos += vec->iov_len;
408 } 408 }
409 409
410 /*
411 * If no bytes were started, return the error, and let the
412 * generic layer handle the completion.
413 */
414 if (requested_bytes == 0) {
415 nfs_direct_req_release(dreq);
416 return result < 0 ? result : -EIO;
417 }
418
410 if (put_dreq(dreq)) 419 if (put_dreq(dreq))
411 nfs_direct_complete(dreq); 420 nfs_direct_complete(dreq);
412 421 return 0;
413 if (requested_bytes != 0)
414 return 0;
415
416 if (result < 0)
417 return result;
418 return -EIO;
419} 422}
420 423
421static ssize_t nfs_direct_read(struct kiocb *iocb, const struct iovec *iov, 424static ssize_t nfs_direct_read(struct kiocb *iocb, const struct iovec *iov,
@@ -841,15 +844,18 @@ static ssize_t nfs_direct_write_schedule_iovec(struct nfs_direct_req *dreq,
841 pos += vec->iov_len; 844 pos += vec->iov_len;
842 } 845 }
843 846
847 /*
848 * If no bytes were started, return the error, and let the
849 * generic layer handle the completion.
850 */
851 if (requested_bytes == 0) {
852 nfs_direct_req_release(dreq);
853 return result < 0 ? result : -EIO;
854 }
855
844 if (put_dreq(dreq)) 856 if (put_dreq(dreq))
845 nfs_direct_write_complete(dreq, dreq->inode); 857 nfs_direct_write_complete(dreq, dreq->inode);
846 858 return 0;
847 if (requested_bytes != 0)
848 return 0;
849
850 if (result < 0)
851 return result;
852 return -EIO;
853} 859}
854 860
855static ssize_t nfs_direct_write(struct kiocb *iocb, const struct iovec *iov, 861static ssize_t nfs_direct_write(struct kiocb *iocb, const struct iovec *iov,
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c
index d8512423ba72..1cc600e77bb4 100644
--- a/fs/nfs/inode.c
+++ b/fs/nfs/inode.c
@@ -881,9 +881,10 @@ out:
881 return ret; 881 return ret;
882} 882}
883 883
884static void nfs_wcc_update_inode(struct inode *inode, struct nfs_fattr *fattr) 884static unsigned long nfs_wcc_update_inode(struct inode *inode, struct nfs_fattr *fattr)
885{ 885{
886 struct nfs_inode *nfsi = NFS_I(inode); 886 struct nfs_inode *nfsi = NFS_I(inode);
887 unsigned long ret = 0;
887 888
888 if ((fattr->valid & NFS_ATTR_FATTR_PRECHANGE) 889 if ((fattr->valid & NFS_ATTR_FATTR_PRECHANGE)
889 && (fattr->valid & NFS_ATTR_FATTR_CHANGE) 890 && (fattr->valid & NFS_ATTR_FATTR_CHANGE)
@@ -891,25 +892,32 @@ static void nfs_wcc_update_inode(struct inode *inode, struct nfs_fattr *fattr)
891 nfsi->change_attr = fattr->change_attr; 892 nfsi->change_attr = fattr->change_attr;
892 if (S_ISDIR(inode->i_mode)) 893 if (S_ISDIR(inode->i_mode))
893 nfsi->cache_validity |= NFS_INO_INVALID_DATA; 894 nfsi->cache_validity |= NFS_INO_INVALID_DATA;
895 ret |= NFS_INO_INVALID_ATTR;
894 } 896 }
895 /* If we have atomic WCC data, we may update some attributes */ 897 /* If we have atomic WCC data, we may update some attributes */
896 if ((fattr->valid & NFS_ATTR_FATTR_PRECTIME) 898 if ((fattr->valid & NFS_ATTR_FATTR_PRECTIME)
897 && (fattr->valid & NFS_ATTR_FATTR_CTIME) 899 && (fattr->valid & NFS_ATTR_FATTR_CTIME)
898 && timespec_equal(&inode->i_ctime, &fattr->pre_ctime)) 900 && timespec_equal(&inode->i_ctime, &fattr->pre_ctime)) {
899 memcpy(&inode->i_ctime, &fattr->ctime, sizeof(inode->i_ctime)); 901 memcpy(&inode->i_ctime, &fattr->ctime, sizeof(inode->i_ctime));
902 ret |= NFS_INO_INVALID_ATTR;
903 }
900 904
901 if ((fattr->valid & NFS_ATTR_FATTR_PREMTIME) 905 if ((fattr->valid & NFS_ATTR_FATTR_PREMTIME)
902 && (fattr->valid & NFS_ATTR_FATTR_MTIME) 906 && (fattr->valid & NFS_ATTR_FATTR_MTIME)
903 && timespec_equal(&inode->i_mtime, &fattr->pre_mtime)) { 907 && timespec_equal(&inode->i_mtime, &fattr->pre_mtime)) {
904 memcpy(&inode->i_mtime, &fattr->mtime, sizeof(inode->i_mtime)); 908 memcpy(&inode->i_mtime, &fattr->mtime, sizeof(inode->i_mtime));
905 if (S_ISDIR(inode->i_mode)) 909 if (S_ISDIR(inode->i_mode))
906 nfsi->cache_validity |= NFS_INO_INVALID_DATA; 910 nfsi->cache_validity |= NFS_INO_INVALID_DATA;
911 ret |= NFS_INO_INVALID_ATTR;
907 } 912 }
908 if ((fattr->valid & NFS_ATTR_FATTR_PRESIZE) 913 if ((fattr->valid & NFS_ATTR_FATTR_PRESIZE)
909 && (fattr->valid & NFS_ATTR_FATTR_SIZE) 914 && (fattr->valid & NFS_ATTR_FATTR_SIZE)
910 && i_size_read(inode) == nfs_size_to_loff_t(fattr->pre_size) 915 && i_size_read(inode) == nfs_size_to_loff_t(fattr->pre_size)
911 && nfsi->npages == 0) 916 && nfsi->npages == 0) {
912 i_size_write(inode, nfs_size_to_loff_t(fattr->size)); 917 i_size_write(inode, nfs_size_to_loff_t(fattr->size));
918 ret |= NFS_INO_INVALID_ATTR;
919 }
920 return ret;
913} 921}
914 922
915/** 923/**
@@ -1223,7 +1231,7 @@ static int nfs_update_inode(struct inode *inode, struct nfs_fattr *fattr)
1223 | NFS_INO_REVAL_PAGECACHE); 1231 | NFS_INO_REVAL_PAGECACHE);
1224 1232
1225 /* Do atomic weak cache consistency updates */ 1233 /* Do atomic weak cache consistency updates */
1226 nfs_wcc_update_inode(inode, fattr); 1234 invalid |= nfs_wcc_update_inode(inode, fattr);
1227 1235
1228 /* More cache consistency checks */ 1236 /* More cache consistency checks */
1229 if (fattr->valid & NFS_ATTR_FATTR_CHANGE) { 1237 if (fattr->valid & NFS_ATTR_FATTR_CHANGE) {
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 4644f04b4b46..cf9fdbdabc67 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -133,8 +133,7 @@ extern void nfs_put_client(struct nfs_client *);
133extern struct nfs_client *nfs4_find_client_no_ident(const struct sockaddr *); 133extern struct nfs_client *nfs4_find_client_no_ident(const struct sockaddr *);
134extern struct nfs_client *nfs4_find_client_ident(int); 134extern struct nfs_client *nfs4_find_client_ident(int);
135extern struct nfs_client * 135extern struct nfs_client *
136nfs4_find_client_sessionid(const struct sockaddr *, struct nfs4_sessionid *, 136nfs4_find_client_sessionid(const struct sockaddr *, struct nfs4_sessionid *);
137 int);
138extern struct nfs_server *nfs_create_server( 137extern struct nfs_server *nfs_create_server(
139 const struct nfs_parsed_mount_data *, 138 const struct nfs_parsed_mount_data *,
140 struct nfs_fh *); 139 struct nfs_fh *);
diff --git a/fs/nfs/nfs3acl.c b/fs/nfs/nfs3acl.c
index 9f88c5f4c7e2..274342771655 100644
--- a/fs/nfs/nfs3acl.c
+++ b/fs/nfs/nfs3acl.c
@@ -311,8 +311,8 @@ static int nfs3_proc_setacls(struct inode *inode, struct posix_acl *acl,
311 if (!nfs_server_capable(inode, NFS_CAP_ACLS)) 311 if (!nfs_server_capable(inode, NFS_CAP_ACLS))
312 goto out; 312 goto out;
313 313
314 /* We are doing this here, because XDR marshalling can only 314 /* We are doing this here because XDR marshalling does not
315 return -ENOMEM. */ 315 * return any results, it BUGs. */
316 status = -ENOSPC; 316 status = -ENOSPC;
317 if (acl != NULL && acl->a_count > NFS_ACL_MAX_ENTRIES) 317 if (acl != NULL && acl->a_count > NFS_ACL_MAX_ENTRIES)
318 goto out; 318 goto out;
diff --git a/fs/nfs/nfs3xdr.c b/fs/nfs/nfs3xdr.c
index 01c5e8b1941d..183c6b123d0f 100644
--- a/fs/nfs/nfs3xdr.c
+++ b/fs/nfs/nfs3xdr.c
@@ -1328,10 +1328,13 @@ static void nfs3_xdr_enc_setacl3args(struct rpc_rqst *req,
1328 1328
1329 encode_nfs_fh3(xdr, NFS_FH(args->inode)); 1329 encode_nfs_fh3(xdr, NFS_FH(args->inode));
1330 encode_uint32(xdr, args->mask); 1330 encode_uint32(xdr, args->mask);
1331
1332 base = req->rq_slen;
1331 if (args->npages != 0) 1333 if (args->npages != 0)
1332 xdr_write_pages(xdr, args->pages, 0, args->len); 1334 xdr_write_pages(xdr, args->pages, 0, args->len);
1335 else
1336 xdr_reserve_space(xdr, NFS_ACL_INLINE_BUFSIZE);
1333 1337
1334 base = req->rq_slen;
1335 error = nfsacl_encode(xdr->buf, base, args->inode, 1338 error = nfsacl_encode(xdr->buf, base, args->inode,
1336 (args->mask & NFS_ACL) ? 1339 (args->mask & NFS_ACL) ?
1337 args->acl_access : NULL, 1, 0); 1340 args->acl_access : NULL, 1, 0);
diff --git a/fs/nfs/nfs4filelayoutdev.c b/fs/nfs/nfs4filelayoutdev.c
index 51fe64ace55a..f5c9b125e8cc 100644
--- a/fs/nfs/nfs4filelayoutdev.c
+++ b/fs/nfs/nfs4filelayoutdev.c
@@ -214,7 +214,7 @@ decode_and_add_ds(__be32 **pp, struct inode *inode)
214 214
215 /* ipv6 length plus port is legal */ 215 /* ipv6 length plus port is legal */
216 if (rlen > INET6_ADDRSTRLEN + 8) { 216 if (rlen > INET6_ADDRSTRLEN + 8) {
217 dprintk("%s Invalid address, length %d\n", __func__, 217 dprintk("%s: Invalid address, length %d\n", __func__,
218 rlen); 218 rlen);
219 goto out_err; 219 goto out_err;
220 } 220 }
@@ -225,6 +225,11 @@ decode_and_add_ds(__be32 **pp, struct inode *inode)
225 /* replace the port dots with dashes for the in4_pton() delimiter*/ 225 /* replace the port dots with dashes for the in4_pton() delimiter*/
226 for (i = 0; i < 2; i++) { 226 for (i = 0; i < 2; i++) {
227 char *res = strrchr(buf, '.'); 227 char *res = strrchr(buf, '.');
228 if (!res) {
229 dprintk("%s: Failed finding expected dots in port\n",
230 __func__);
231 goto out_free;
232 }
228 *res = '-'; 233 *res = '-';
229 } 234 }
230 235
@@ -240,7 +245,7 @@ decode_and_add_ds(__be32 **pp, struct inode *inode)
240 port = htons((tmp[0] << 8) | (tmp[1])); 245 port = htons((tmp[0] << 8) | (tmp[1]));
241 246
242 ds = nfs4_pnfs_ds_add(inode, ip_addr, port); 247 ds = nfs4_pnfs_ds_add(inode, ip_addr, port);
243 dprintk("%s Decoded address and port %s\n", __func__, buf); 248 dprintk("%s: Decoded address and port %s\n", __func__, buf);
244out_free: 249out_free:
245 kfree(buf); 250 kfree(buf);
246out_err: 251out_err:
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 9d992b0346e3..78936a8f40ab 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -50,6 +50,7 @@
50#include <linux/module.h> 50#include <linux/module.h>
51#include <linux/sunrpc/bc_xprt.h> 51#include <linux/sunrpc/bc_xprt.h>
52#include <linux/xattr.h> 52#include <linux/xattr.h>
53#include <linux/utsname.h>
53 54
54#include "nfs4_fs.h" 55#include "nfs4_fs.h"
55#include "delegation.h" 56#include "delegation.h"
@@ -4572,27 +4573,16 @@ int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred)
4572 *p = htonl((u32)clp->cl_boot_time.tv_nsec); 4573 *p = htonl((u32)clp->cl_boot_time.tv_nsec);
4573 args.verifier = &verifier; 4574 args.verifier = &verifier;
4574 4575
4575 while (1) { 4576 args.id_len = scnprintf(args.id, sizeof(args.id),
4576 args.id_len = scnprintf(args.id, sizeof(args.id), 4577 "%s/%s.%s/%u",
4577 "%s/%s %u", 4578 clp->cl_ipaddr,
4578 clp->cl_ipaddr, 4579 init_utsname()->nodename,
4579 rpc_peeraddr2str(clp->cl_rpcclient, 4580 init_utsname()->domainname,
4580 RPC_DISPLAY_ADDR), 4581 clp->cl_rpcclient->cl_auth->au_flavor);
4581 clp->cl_id_uniquifier);
4582
4583 status = rpc_call_sync(clp->cl_rpcclient, &msg, 0);
4584
4585 if (status != -NFS4ERR_CLID_INUSE)
4586 break;
4587
4588 if (signalled())
4589 break;
4590
4591 if (++clp->cl_id_uniquifier == 0)
4592 break;
4593 }
4594 4582
4595 status = nfs4_check_cl_exchange_flags(clp->cl_exchange_flags); 4583 status = rpc_call_sync(clp->cl_rpcclient, &msg, 0);
4584 if (!status)
4585 status = nfs4_check_cl_exchange_flags(clp->cl_exchange_flags);
4596 dprintk("<-- %s status= %d\n", __func__, status); 4586 dprintk("<-- %s status= %d\n", __func__, status);
4597 return status; 4587 return status;
4598} 4588}
diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c
index 2336d532cf66..e6742b57a04c 100644
--- a/fs/nfs/nfs4state.c
+++ b/fs/nfs/nfs4state.c
@@ -232,12 +232,6 @@ int nfs41_init_clientid(struct nfs_client *clp, struct rpc_cred *cred)
232 status = nfs4_proc_create_session(clp); 232 status = nfs4_proc_create_session(clp);
233 if (status != 0) 233 if (status != 0)
234 goto out; 234 goto out;
235 status = nfs4_set_callback_sessionid(clp);
236 if (status != 0) {
237 printk(KERN_WARNING "Sessionid not set. No callback service\n");
238 nfs_callback_down(1);
239 status = 0;
240 }
241 nfs41_setup_state_renewal(clp); 235 nfs41_setup_state_renewal(clp);
242 nfs_mark_client_ready(clp, NFS_CS_READY); 236 nfs_mark_client_ready(clp, NFS_CS_READY);
243out: 237out:
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index 2ab8e5cb8f59..4e2c168b6ee9 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -6086,11 +6086,11 @@ int nfs4_decode_dirent(struct xdr_stream *xdr, struct nfs_entry *entry,
6086 __be32 *p = xdr_inline_decode(xdr, 4); 6086 __be32 *p = xdr_inline_decode(xdr, 4);
6087 if (unlikely(!p)) 6087 if (unlikely(!p))
6088 goto out_overflow; 6088 goto out_overflow;
6089 if (!ntohl(*p++)) { 6089 if (*p == xdr_zero) {
6090 p = xdr_inline_decode(xdr, 4); 6090 p = xdr_inline_decode(xdr, 4);
6091 if (unlikely(!p)) 6091 if (unlikely(!p))
6092 goto out_overflow; 6092 goto out_overflow;
6093 if (!ntohl(*p++)) 6093 if (*p == xdr_zero)
6094 return -EAGAIN; 6094 return -EAGAIN;
6095 entry->eof = 1; 6095 entry->eof = 1;
6096 return -EBADCOOKIE; 6096 return -EBADCOOKIE;
@@ -6101,7 +6101,7 @@ int nfs4_decode_dirent(struct xdr_stream *xdr, struct nfs_entry *entry,
6101 goto out_overflow; 6101 goto out_overflow;
6102 entry->prev_cookie = entry->cookie; 6102 entry->prev_cookie = entry->cookie;
6103 p = xdr_decode_hyper(p, &entry->cookie); 6103 p = xdr_decode_hyper(p, &entry->cookie);
6104 entry->len = ntohl(*p++); 6104 entry->len = be32_to_cpup(p);
6105 6105
6106 p = xdr_inline_decode(xdr, entry->len); 6106 p = xdr_inline_decode(xdr, entry->len);
6107 if (unlikely(!p)) 6107 if (unlikely(!p))
@@ -6132,9 +6132,6 @@ int nfs4_decode_dirent(struct xdr_stream *xdr, struct nfs_entry *entry,
6132 if (entry->fattr->valid & NFS_ATTR_FATTR_TYPE) 6132 if (entry->fattr->valid & NFS_ATTR_FATTR_TYPE)
6133 entry->d_type = nfs_umode_to_dtype(entry->fattr->mode); 6133 entry->d_type = nfs_umode_to_dtype(entry->fattr->mode);
6134 6134
6135 if (verify_attr_len(xdr, p, len) < 0)
6136 goto out_overflow;
6137
6138 return 0; 6135 return 0;
6139 6136
6140out_overflow: 6137out_overflow:
diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c
index bc4089769735..1b1bc1a0fb0a 100644
--- a/fs/nfs/pnfs.c
+++ b/fs/nfs/pnfs.c
@@ -951,7 +951,7 @@ pnfs_put_deviceid_cache(struct nfs_client *clp)
951{ 951{
952 struct pnfs_deviceid_cache *local = clp->cl_devid_cache; 952 struct pnfs_deviceid_cache *local = clp->cl_devid_cache;
953 953
954 dprintk("--> %s cl_devid_cache %p\n", __func__, clp->cl_devid_cache); 954 dprintk("--> %s ({%d})\n", __func__, atomic_read(&local->dc_ref));
955 if (atomic_dec_and_lock(&local->dc_ref, &clp->cl_lock)) { 955 if (atomic_dec_and_lock(&local->dc_ref, &clp->cl_lock)) {
956 int i; 956 int i;
957 /* Verify cache is empty */ 957 /* Verify cache is empty */
diff --git a/fs/nfs/write.c b/fs/nfs/write.c
index 10d648ea128b..c8278f4046cb 100644
--- a/fs/nfs/write.c
+++ b/fs/nfs/write.c
@@ -932,7 +932,7 @@ out_bad:
932 while (!list_empty(&list)) { 932 while (!list_empty(&list)) {
933 data = list_entry(list.next, struct nfs_write_data, pages); 933 data = list_entry(list.next, struct nfs_write_data, pages);
934 list_del(&data->pages); 934 list_del(&data->pages);
935 nfs_writedata_release(data); 935 nfs_writedata_free(data);
936 } 936 }
937 nfs_redirty_request(req); 937 nfs_redirty_request(req);
938 return -ENOMEM; 938 return -ENOMEM;
diff --git a/fs/nfs_common/nfsacl.c b/fs/nfs_common/nfsacl.c
index fc1c52571c03..84c27d69d421 100644
--- a/fs/nfs_common/nfsacl.c
+++ b/fs/nfs_common/nfsacl.c
@@ -42,6 +42,11 @@ struct nfsacl_encode_desc {
42 gid_t gid; 42 gid_t gid;
43}; 43};
44 44
45struct nfsacl_simple_acl {
46 struct posix_acl acl;
47 struct posix_acl_entry ace[4];
48};
49
45static int 50static int
46xdr_nfsace_encode(struct xdr_array2_desc *desc, void *elem) 51xdr_nfsace_encode(struct xdr_array2_desc *desc, void *elem)
47{ 52{
@@ -72,9 +77,20 @@ xdr_nfsace_encode(struct xdr_array2_desc *desc, void *elem)
72 return 0; 77 return 0;
73} 78}
74 79
75unsigned int 80/**
76nfsacl_encode(struct xdr_buf *buf, unsigned int base, struct inode *inode, 81 * nfsacl_encode - Encode an NFSv3 ACL
77 struct posix_acl *acl, int encode_entries, int typeflag) 82 *
83 * @buf: destination xdr_buf to contain XDR encoded ACL
84 * @base: byte offset in xdr_buf where XDR'd ACL begins
85 * @inode: inode of file whose ACL this is
86 * @acl: posix_acl to encode
87 * @encode_entries: whether to encode ACEs as well
88 * @typeflag: ACL type: NFS_ACL_DEFAULT or zero
89 *
90 * Returns size of encoded ACL in bytes or a negative errno value.
91 */
92int nfsacl_encode(struct xdr_buf *buf, unsigned int base, struct inode *inode,
93 struct posix_acl *acl, int encode_entries, int typeflag)
78{ 94{
79 int entries = (acl && acl->a_count) ? max_t(int, acl->a_count, 4) : 0; 95 int entries = (acl && acl->a_count) ? max_t(int, acl->a_count, 4) : 0;
80 struct nfsacl_encode_desc nfsacl_desc = { 96 struct nfsacl_encode_desc nfsacl_desc = {
@@ -88,17 +104,22 @@ nfsacl_encode(struct xdr_buf *buf, unsigned int base, struct inode *inode,
88 .uid = inode->i_uid, 104 .uid = inode->i_uid,
89 .gid = inode->i_gid, 105 .gid = inode->i_gid,
90 }; 106 };
107 struct nfsacl_simple_acl aclbuf;
91 int err; 108 int err;
92 struct posix_acl *acl2 = NULL;
93 109
94 if (entries > NFS_ACL_MAX_ENTRIES || 110 if (entries > NFS_ACL_MAX_ENTRIES ||
95 xdr_encode_word(buf, base, entries)) 111 xdr_encode_word(buf, base, entries))
96 return -EINVAL; 112 return -EINVAL;
97 if (encode_entries && acl && acl->a_count == 3) { 113 if (encode_entries && acl && acl->a_count == 3) {
98 /* Fake up an ACL_MASK entry. */ 114 struct posix_acl *acl2 = &aclbuf.acl;
99 acl2 = posix_acl_alloc(4, GFP_KERNEL); 115
100 if (!acl2) 116 /* Avoid the use of posix_acl_alloc(). nfsacl_encode() is
101 return -ENOMEM; 117 * invoked in contexts where a memory allocation failure is
118 * fatal. Fortunately this fake ACL is small enough to
119 * construct on the stack. */
120 memset(acl2, 0, sizeof(acl2));
121 posix_acl_init(acl2, 4);
122
102 /* Insert entries in canonical order: other orders seem 123 /* Insert entries in canonical order: other orders seem
103 to confuse Solaris VxFS. */ 124 to confuse Solaris VxFS. */
104 acl2->a_entries[0] = acl->a_entries[0]; /* ACL_USER_OBJ */ 125 acl2->a_entries[0] = acl->a_entries[0]; /* ACL_USER_OBJ */
@@ -109,8 +130,6 @@ nfsacl_encode(struct xdr_buf *buf, unsigned int base, struct inode *inode,
109 nfsacl_desc.acl = acl2; 130 nfsacl_desc.acl = acl2;
110 } 131 }
111 err = xdr_encode_array2(buf, base + 4, &nfsacl_desc.desc); 132 err = xdr_encode_array2(buf, base + 4, &nfsacl_desc.desc);
112 if (acl2)
113 posix_acl_release(acl2);
114 if (!err) 133 if (!err)
115 err = 8 + nfsacl_desc.desc.elem_size * 134 err = 8 + nfsacl_desc.desc.elem_size *
116 nfsacl_desc.desc.array_len; 135 nfsacl_desc.desc.array_len;
@@ -224,9 +243,18 @@ posix_acl_from_nfsacl(struct posix_acl *acl)
224 return 0; 243 return 0;
225} 244}
226 245
227unsigned int 246/**
228nfsacl_decode(struct xdr_buf *buf, unsigned int base, unsigned int *aclcnt, 247 * nfsacl_decode - Decode an NFSv3 ACL
229 struct posix_acl **pacl) 248 *
249 * @buf: xdr_buf containing XDR'd ACL data to decode
250 * @base: byte offset in xdr_buf where XDR'd ACL begins
251 * @aclcnt: count of ACEs in decoded posix_acl
252 * @pacl: buffer in which to place decoded posix_acl
253 *
254 * Returns the length of the decoded ACL in bytes, or a negative errno value.
255 */
256int nfsacl_decode(struct xdr_buf *buf, unsigned int base, unsigned int *aclcnt,
257 struct posix_acl **pacl)
230{ 258{
231 struct nfsacl_decode_desc nfsacl_desc = { 259 struct nfsacl_decode_desc nfsacl_desc = {
232 .desc = { 260 .desc = {
diff --git a/fs/nilfs2/super.c b/fs/nilfs2/super.c
index 0994f6a76c07..58fd707174e1 100644
--- a/fs/nilfs2/super.c
+++ b/fs/nilfs2/super.c
@@ -704,7 +704,8 @@ skip_mount_setup:
704 sbp[0]->s_state = 704 sbp[0]->s_state =
705 cpu_to_le16(le16_to_cpu(sbp[0]->s_state) & ~NILFS_VALID_FS); 705 cpu_to_le16(le16_to_cpu(sbp[0]->s_state) & ~NILFS_VALID_FS);
706 /* synchronize sbp[1] with sbp[0] */ 706 /* synchronize sbp[1] with sbp[0] */
707 memcpy(sbp[1], sbp[0], nilfs->ns_sbsize); 707 if (sbp[1])
708 memcpy(sbp[1], sbp[0], nilfs->ns_sbsize);
708 return nilfs_commit_super(sbi, NILFS_SB_COMMIT_ALL); 709 return nilfs_commit_super(sbi, NILFS_SB_COMMIT_ALL);
709} 710}
710 711
diff --git a/fs/ntfs/mft.c b/fs/ntfs/mft.c
index b572b6727181..326e7475a22a 100644
--- a/fs/ntfs/mft.c
+++ b/fs/ntfs/mft.c
@@ -1,7 +1,7 @@
1/** 1/**
2 * mft.c - NTFS kernel mft record operations. Part of the Linux-NTFS project. 2 * mft.c - NTFS kernel mft record operations. Part of the Linux-NTFS project.
3 * 3 *
4 * Copyright (c) 2001-2006 Anton Altaparmakov 4 * Copyright (c) 2001-2011 Anton Altaparmakov and Tuxera Inc.
5 * Copyright (c) 2002 Richard Russon 5 * Copyright (c) 2002 Richard Russon
6 * 6 *
7 * This program/include file is free software; you can redistribute it and/or 7 * This program/include file is free software; you can redistribute it and/or
@@ -2576,6 +2576,8 @@ mft_rec_already_initialized:
2576 flush_dcache_page(page); 2576 flush_dcache_page(page);
2577 SetPageUptodate(page); 2577 SetPageUptodate(page);
2578 if (base_ni) { 2578 if (base_ni) {
2579 MFT_RECORD *m_tmp;
2580
2579 /* 2581 /*
2580 * Setup the base mft record in the extent mft record. This 2582 * Setup the base mft record in the extent mft record. This
2581 * completes initialization of the allocated extent mft record 2583 * completes initialization of the allocated extent mft record
@@ -2588,11 +2590,11 @@ mft_rec_already_initialized:
2588 * attach it to the base inode @base_ni and map, pin, and lock 2590 * attach it to the base inode @base_ni and map, pin, and lock
2589 * its, i.e. the allocated, mft record. 2591 * its, i.e. the allocated, mft record.
2590 */ 2592 */
2591 m = map_extent_mft_record(base_ni, bit, &ni); 2593 m_tmp = map_extent_mft_record(base_ni, bit, &ni);
2592 if (IS_ERR(m)) { 2594 if (IS_ERR(m_tmp)) {
2593 ntfs_error(vol->sb, "Failed to map allocated extent " 2595 ntfs_error(vol->sb, "Failed to map allocated extent "
2594 "mft record 0x%llx.", (long long)bit); 2596 "mft record 0x%llx.", (long long)bit);
2595 err = PTR_ERR(m); 2597 err = PTR_ERR(m_tmp);
2596 /* Set the mft record itself not in use. */ 2598 /* Set the mft record itself not in use. */
2597 m->flags &= cpu_to_le16( 2599 m->flags &= cpu_to_le16(
2598 ~le16_to_cpu(MFT_RECORD_IN_USE)); 2600 ~le16_to_cpu(MFT_RECORD_IN_USE));
@@ -2603,6 +2605,7 @@ mft_rec_already_initialized:
2603 ntfs_unmap_page(page); 2605 ntfs_unmap_page(page);
2604 goto undo_mftbmp_alloc; 2606 goto undo_mftbmp_alloc;
2605 } 2607 }
2608 BUG_ON(m != m_tmp);
2606 /* 2609 /*
2607 * Make sure the allocated mft record is written out to disk. 2610 * Make sure the allocated mft record is written out to disk.
2608 * No need to set the inode dirty because the caller is going 2611 * No need to set the inode dirty because the caller is going
diff --git a/fs/ocfs2/super.c b/fs/ocfs2/super.c
index 06d1f749ca89..38f986d2447e 100644
--- a/fs/ocfs2/super.c
+++ b/fs/ocfs2/super.c
@@ -993,8 +993,7 @@ static void ocfs2_disable_quotas(struct ocfs2_super *osb)
993} 993}
994 994
995/* Handle quota on quotactl */ 995/* Handle quota on quotactl */
996static int ocfs2_quota_on(struct super_block *sb, int type, int format_id, 996static int ocfs2_quota_on(struct super_block *sb, int type, int format_id)
997 char *path)
998{ 997{
999 unsigned int feature[MAXQUOTAS] = { OCFS2_FEATURE_RO_COMPAT_USRQUOTA, 998 unsigned int feature[MAXQUOTAS] = { OCFS2_FEATURE_RO_COMPAT_USRQUOTA,
1000 OCFS2_FEATURE_RO_COMPAT_GRPQUOTA}; 999 OCFS2_FEATURE_RO_COMPAT_GRPQUOTA};
@@ -1013,7 +1012,7 @@ static int ocfs2_quota_off(struct super_block *sb, int type)
1013} 1012}
1014 1013
1015static const struct quotactl_ops ocfs2_quotactl_ops = { 1014static const struct quotactl_ops ocfs2_quotactl_ops = {
1016 .quota_on = ocfs2_quota_on, 1015 .quota_on_meta = ocfs2_quota_on,
1017 .quota_off = ocfs2_quota_off, 1016 .quota_off = ocfs2_quota_off,
1018 .quota_sync = dquot_quota_sync, 1017 .quota_sync = dquot_quota_sync,
1019 .get_info = dquot_get_dqinfo, 1018 .get_info = dquot_get_dqinfo,
diff --git a/fs/pipe.c b/fs/pipe.c
index 89e9e19b1b2e..da42f7db50de 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -441,7 +441,7 @@ redo:
441 break; 441 break;
442 } 442 }
443 if (do_wakeup) { 443 if (do_wakeup) {
444 wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT); 444 wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT | POLLWRNORM);
445 kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); 445 kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT);
446 } 446 }
447 pipe_wait(pipe); 447 pipe_wait(pipe);
@@ -450,7 +450,7 @@ redo:
450 450
451 /* Signal writers asynchronously that there is more room. */ 451 /* Signal writers asynchronously that there is more room. */
452 if (do_wakeup) { 452 if (do_wakeup) {
453 wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT); 453 wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT | POLLWRNORM);
454 kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); 454 kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT);
455 } 455 }
456 if (ret > 0) 456 if (ret > 0)
@@ -612,7 +612,7 @@ redo2:
612 break; 612 break;
613 } 613 }
614 if (do_wakeup) { 614 if (do_wakeup) {
615 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN); 615 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLRDNORM);
616 kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); 616 kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN);
617 do_wakeup = 0; 617 do_wakeup = 0;
618 } 618 }
@@ -623,7 +623,7 @@ redo2:
623out: 623out:
624 mutex_unlock(&inode->i_mutex); 624 mutex_unlock(&inode->i_mutex);
625 if (do_wakeup) { 625 if (do_wakeup) {
626 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN); 626 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLRDNORM);
627 kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); 627 kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN);
628 } 628 }
629 if (ret > 0) 629 if (ret > 0)
@@ -715,7 +715,7 @@ pipe_release(struct inode *inode, int decr, int decw)
715 if (!pipe->readers && !pipe->writers) { 715 if (!pipe->readers && !pipe->writers) {
716 free_pipe_info(inode); 716 free_pipe_info(inode);
717 } else { 717 } else {
718 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT); 718 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM | POLLERR | POLLHUP);
719 kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); 719 kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN);
720 kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); 720 kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT);
721 } 721 }
diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 39df95a0ec25..b1cf6bf4b41d 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -22,6 +22,7 @@
22 22
23#include <linux/errno.h> 23#include <linux/errno.h>
24 24
25EXPORT_SYMBOL(posix_acl_init);
25EXPORT_SYMBOL(posix_acl_alloc); 26EXPORT_SYMBOL(posix_acl_alloc);
26EXPORT_SYMBOL(posix_acl_clone); 27EXPORT_SYMBOL(posix_acl_clone);
27EXPORT_SYMBOL(posix_acl_valid); 28EXPORT_SYMBOL(posix_acl_valid);
@@ -32,6 +33,16 @@ EXPORT_SYMBOL(posix_acl_chmod_masq);
32EXPORT_SYMBOL(posix_acl_permission); 33EXPORT_SYMBOL(posix_acl_permission);
33 34
34/* 35/*
36 * Init a fresh posix_acl
37 */
38void
39posix_acl_init(struct posix_acl *acl, int count)
40{
41 atomic_set(&acl->a_refcount, 1);
42 acl->a_count = count;
43}
44
45/*
35 * Allocate a new ACL with the specified number of entries. 46 * Allocate a new ACL with the specified number of entries.
36 */ 47 */
37struct posix_acl * 48struct posix_acl *
@@ -40,10 +51,8 @@ posix_acl_alloc(int count, gfp_t flags)
40 const size_t size = sizeof(struct posix_acl) + 51 const size_t size = sizeof(struct posix_acl) +
41 count * sizeof(struct posix_acl_entry); 52 count * sizeof(struct posix_acl_entry);
42 struct posix_acl *acl = kmalloc(size, flags); 53 struct posix_acl *acl = kmalloc(size, flags);
43 if (acl) { 54 if (acl)
44 atomic_set(&acl->a_refcount, 1); 55 posix_acl_init(acl, count);
45 acl->a_count = count;
46 }
47 return acl; 56 return acl;
48} 57}
49 58
diff --git a/fs/proc/Kconfig b/fs/proc/Kconfig
index 6a0068841d96..15af6222f8a4 100644
--- a/fs/proc/Kconfig
+++ b/fs/proc/Kconfig
@@ -1,5 +1,5 @@
1config PROC_FS 1config PROC_FS
2 bool "/proc file system support" if EMBEDDED 2 bool "/proc file system support" if EXPERT
3 default y 3 default y
4 help 4 help
5 This is a virtual file system providing information about the status 5 This is a virtual file system providing information about the status
@@ -40,7 +40,7 @@ config PROC_VMCORE
40 Exports the dump image of crashed kernel in ELF format. 40 Exports the dump image of crashed kernel in ELF format.
41 41
42config PROC_SYSCTL 42config PROC_SYSCTL
43 bool "Sysctl support (/proc/sys)" if EMBEDDED 43 bool "Sysctl support (/proc/sys)" if EXPERT
44 depends on PROC_FS 44 depends on PROC_FS
45 select SYSCTL 45 select SYSCTL
46 default y 46 default y
@@ -61,7 +61,7 @@ config PROC_SYSCTL
61config PROC_PAGE_MONITOR 61config PROC_PAGE_MONITOR
62 default y 62 default y
63 depends on PROC_FS && MMU 63 depends on PROC_FS && MMU
64 bool "Enable /proc page monitoring" if EMBEDDED 64 bool "Enable /proc page monitoring" if EXPERT
65 help 65 help
66 Various /proc files exist to monitor process memory utilization: 66 Various /proc files exist to monitor process memory utilization:
67 /proc/pid/smaps, /proc/pid/clear_refs, /proc/pid/pagemap, 67 /proc/pid/smaps, /proc/pid/clear_refs, /proc/pid/pagemap,
diff --git a/fs/proc/consoles.c b/fs/proc/consoles.c
index eafc22ab1fdd..b701eaa482bf 100644
--- a/fs/proc/consoles.c
+++ b/fs/proc/consoles.c
@@ -67,7 +67,7 @@ static void *c_start(struct seq_file *m, loff_t *pos)
67 struct console *con; 67 struct console *con;
68 loff_t off = 0; 68 loff_t off = 0;
69 69
70 acquire_console_sem(); 70 console_lock();
71 for_each_console(con) 71 for_each_console(con)
72 if (off++ == *pos) 72 if (off++ == *pos)
73 break; 73 break;
@@ -84,7 +84,7 @@ static void *c_next(struct seq_file *m, void *v, loff_t *pos)
84 84
85static void c_stop(struct seq_file *m, void *v) 85static void c_stop(struct seq_file *m, void *v)
86{ 86{
87 release_console_sem(); 87 console_unlock();
88} 88}
89 89
90static const struct seq_operations consoles_op = { 90static const struct seq_operations consoles_op = {
diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c
index 84becd3e4772..a2a622e079f0 100644
--- a/fs/quota/dquot.c
+++ b/fs/quota/dquot.c
@@ -2189,8 +2189,8 @@ int dquot_resume(struct super_block *sb, int type)
2189} 2189}
2190EXPORT_SYMBOL(dquot_resume); 2190EXPORT_SYMBOL(dquot_resume);
2191 2191
2192int dquot_quota_on_path(struct super_block *sb, int type, int format_id, 2192int dquot_quota_on(struct super_block *sb, int type, int format_id,
2193 struct path *path) 2193 struct path *path)
2194{ 2194{
2195 int error = security_quota_on(path->dentry); 2195 int error = security_quota_on(path->dentry);
2196 if (error) 2196 if (error)
@@ -2204,20 +2204,6 @@ int dquot_quota_on_path(struct super_block *sb, int type, int format_id,
2204 DQUOT_LIMITS_ENABLED); 2204 DQUOT_LIMITS_ENABLED);
2205 return error; 2205 return error;
2206} 2206}
2207EXPORT_SYMBOL(dquot_quota_on_path);
2208
2209int dquot_quota_on(struct super_block *sb, int type, int format_id, char *name)
2210{
2211 struct path path;
2212 int error;
2213
2214 error = kern_path(name, LOOKUP_FOLLOW, &path);
2215 if (!error) {
2216 error = dquot_quota_on_path(sb, type, format_id, &path);
2217 path_put(&path);
2218 }
2219 return error;
2220}
2221EXPORT_SYMBOL(dquot_quota_on); 2207EXPORT_SYMBOL(dquot_quota_on);
2222 2208
2223/* 2209/*
diff --git a/fs/quota/quota.c b/fs/quota/quota.c
index b299961e1edb..b34bdb25490c 100644
--- a/fs/quota/quota.c
+++ b/fs/quota/quota.c
@@ -64,18 +64,15 @@ static int quota_sync_all(int type)
64} 64}
65 65
66static int quota_quotaon(struct super_block *sb, int type, int cmd, qid_t id, 66static int quota_quotaon(struct super_block *sb, int type, int cmd, qid_t id,
67 void __user *addr) 67 struct path *path)
68{ 68{
69 char *pathname; 69 if (!sb->s_qcop->quota_on && !sb->s_qcop->quota_on_meta)
70 int ret = -ENOSYS; 70 return -ENOSYS;
71 71 if (sb->s_qcop->quota_on_meta)
72 pathname = getname(addr); 72 return sb->s_qcop->quota_on_meta(sb, type, id);
73 if (IS_ERR(pathname)) 73 if (IS_ERR(path))
74 return PTR_ERR(pathname); 74 return PTR_ERR(path);
75 if (sb->s_qcop->quota_on) 75 return sb->s_qcop->quota_on(sb, type, id, path);
76 ret = sb->s_qcop->quota_on(sb, type, id, pathname);
77 putname(pathname);
78 return ret;
79} 76}
80 77
81static int quota_getfmt(struct super_block *sb, int type, void __user *addr) 78static int quota_getfmt(struct super_block *sb, int type, void __user *addr)
@@ -241,7 +238,7 @@ static int quota_getxquota(struct super_block *sb, int type, qid_t id,
241 238
242/* Copy parameters and call proper function */ 239/* Copy parameters and call proper function */
243static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, 240static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id,
244 void __user *addr) 241 void __user *addr, struct path *path)
245{ 242{
246 int ret; 243 int ret;
247 244
@@ -256,7 +253,7 @@ static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id,
256 253
257 switch (cmd) { 254 switch (cmd) {
258 case Q_QUOTAON: 255 case Q_QUOTAON:
259 return quota_quotaon(sb, type, cmd, id, addr); 256 return quota_quotaon(sb, type, cmd, id, path);
260 case Q_QUOTAOFF: 257 case Q_QUOTAOFF:
261 if (!sb->s_qcop->quota_off) 258 if (!sb->s_qcop->quota_off)
262 return -ENOSYS; 259 return -ENOSYS;
@@ -335,6 +332,7 @@ SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special,
335{ 332{
336 uint cmds, type; 333 uint cmds, type;
337 struct super_block *sb = NULL; 334 struct super_block *sb = NULL;
335 struct path path, *pathp = NULL;
338 int ret; 336 int ret;
339 337
340 cmds = cmd >> SUBCMDSHIFT; 338 cmds = cmd >> SUBCMDSHIFT;
@@ -351,12 +349,27 @@ SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special,
351 return -ENODEV; 349 return -ENODEV;
352 } 350 }
353 351
352 /*
353 * Path for quotaon has to be resolved before grabbing superblock
354 * because that gets s_umount sem which is also possibly needed by path
355 * resolution (think about autofs) and thus deadlocks could arise.
356 */
357 if (cmds == Q_QUOTAON) {
358 ret = user_path_at(AT_FDCWD, addr, LOOKUP_FOLLOW, &path);
359 if (ret)
360 pathp = ERR_PTR(ret);
361 else
362 pathp = &path;
363 }
364
354 sb = quotactl_block(special); 365 sb = quotactl_block(special);
355 if (IS_ERR(sb)) 366 if (IS_ERR(sb))
356 return PTR_ERR(sb); 367 return PTR_ERR(sb);
357 368
358 ret = do_quotactl(sb, type, cmds, id, addr); 369 ret = do_quotactl(sb, type, cmds, id, addr, pathp);
359 370
360 drop_super(sb); 371 drop_super(sb);
372 if (pathp && !IS_ERR(pathp))
373 path_put(pathp);
361 return ret; 374 return ret;
362} 375}
diff --git a/fs/reiserfs/super.c b/fs/reiserfs/super.c
index 2575682a9ead..0aab04f46827 100644
--- a/fs/reiserfs/super.c
+++ b/fs/reiserfs/super.c
@@ -632,7 +632,7 @@ static int reiserfs_acquire_dquot(struct dquot *);
632static int reiserfs_release_dquot(struct dquot *); 632static int reiserfs_release_dquot(struct dquot *);
633static int reiserfs_mark_dquot_dirty(struct dquot *); 633static int reiserfs_mark_dquot_dirty(struct dquot *);
634static int reiserfs_write_info(struct super_block *, int); 634static int reiserfs_write_info(struct super_block *, int);
635static int reiserfs_quota_on(struct super_block *, int, int, char *); 635static int reiserfs_quota_on(struct super_block *, int, int, struct path *);
636 636
637static const struct dquot_operations reiserfs_quota_operations = { 637static const struct dquot_operations reiserfs_quota_operations = {
638 .write_dquot = reiserfs_write_dquot, 638 .write_dquot = reiserfs_write_dquot,
@@ -2048,25 +2048,21 @@ static int reiserfs_quota_on_mount(struct super_block *sb, int type)
2048 * Standard function to be called on quota_on 2048 * Standard function to be called on quota_on
2049 */ 2049 */
2050static int reiserfs_quota_on(struct super_block *sb, int type, int format_id, 2050static int reiserfs_quota_on(struct super_block *sb, int type, int format_id,
2051 char *name) 2051 struct path *path)
2052{ 2052{
2053 int err; 2053 int err;
2054 struct path path;
2055 struct inode *inode; 2054 struct inode *inode;
2056 struct reiserfs_transaction_handle th; 2055 struct reiserfs_transaction_handle th;
2057 2056
2058 if (!(REISERFS_SB(sb)->s_mount_opt & (1 << REISERFS_QUOTA))) 2057 if (!(REISERFS_SB(sb)->s_mount_opt & (1 << REISERFS_QUOTA)))
2059 return -EINVAL; 2058 return -EINVAL;
2060 2059
2061 err = kern_path(name, LOOKUP_FOLLOW, &path);
2062 if (err)
2063 return err;
2064 /* Quotafile not on the same filesystem? */ 2060 /* Quotafile not on the same filesystem? */
2065 if (path.mnt->mnt_sb != sb) { 2061 if (path->mnt->mnt_sb != sb) {
2066 err = -EXDEV; 2062 err = -EXDEV;
2067 goto out; 2063 goto out;
2068 } 2064 }
2069 inode = path.dentry->d_inode; 2065 inode = path->dentry->d_inode;
2070 /* We must not pack tails for quota files on reiserfs for quota IO to work */ 2066 /* We must not pack tails for quota files on reiserfs for quota IO to work */
2071 if (!(REISERFS_I(inode)->i_flags & i_nopack_mask)) { 2067 if (!(REISERFS_I(inode)->i_flags & i_nopack_mask)) {
2072 err = reiserfs_unpack(inode, NULL); 2068 err = reiserfs_unpack(inode, NULL);
@@ -2082,7 +2078,7 @@ static int reiserfs_quota_on(struct super_block *sb, int type, int format_id,
2082 /* Journaling quota? */ 2078 /* Journaling quota? */
2083 if (REISERFS_SB(sb)->s_qf_names[type]) { 2079 if (REISERFS_SB(sb)->s_qf_names[type]) {
2084 /* Quotafile not of fs root? */ 2080 /* Quotafile not of fs root? */
2085 if (path.dentry->d_parent != sb->s_root) 2081 if (path->dentry->d_parent != sb->s_root)
2086 reiserfs_warning(sb, "super-6521", 2082 reiserfs_warning(sb, "super-6521",
2087 "Quota file not on filesystem root. " 2083 "Quota file not on filesystem root. "
2088 "Journalled quota will not work."); 2084 "Journalled quota will not work.");
@@ -2101,9 +2097,8 @@ static int reiserfs_quota_on(struct super_block *sb, int type, int format_id,
2101 if (err) 2097 if (err)
2102 goto out; 2098 goto out;
2103 } 2099 }
2104 err = dquot_quota_on_path(sb, type, format_id, &path); 2100 err = dquot_quota_on(sb, type, format_id, path);
2105out: 2101out:
2106 path_put(&path);
2107 return err; 2102 return err;
2108} 2103}
2109 2104
diff --git a/fs/squashfs/block.c b/fs/squashfs/block.c
index 2fb2882f0fa7..8ab48bc2fa7d 100644
--- a/fs/squashfs/block.c
+++ b/fs/squashfs/block.c
@@ -63,6 +63,14 @@ static struct buffer_head *get_block_length(struct super_block *sb,
63 *length = (unsigned char) bh->b_data[*offset] | 63 *length = (unsigned char) bh->b_data[*offset] |
64 (unsigned char) bh->b_data[*offset + 1] << 8; 64 (unsigned char) bh->b_data[*offset + 1] << 8;
65 *offset += 2; 65 *offset += 2;
66
67 if (*offset == msblk->devblksize) {
68 put_bh(bh);
69 bh = sb_bread(sb, ++(*cur_index));
70 if (bh == NULL)
71 return NULL;
72 *offset = 0;
73 }
66 } 74 }
67 75
68 return bh; 76 return bh;
diff --git a/fs/squashfs/xz_wrapper.c b/fs/squashfs/xz_wrapper.c
index 856756ca5ee4..c4eb40018256 100644
--- a/fs/squashfs/xz_wrapper.c
+++ b/fs/squashfs/xz_wrapper.c
@@ -95,12 +95,6 @@ static int squashfs_xz_uncompress(struct squashfs_sb_info *msblk, void **buffer,
95 if (!buffer_uptodate(bh[k])) 95 if (!buffer_uptodate(bh[k]))
96 goto release_mutex; 96 goto release_mutex;
97 97
98 if (avail == 0) {
99 offset = 0;
100 put_bh(bh[k++]);
101 continue;
102 }
103
104 stream->buf.in = bh[k]->b_data + offset; 98 stream->buf.in = bh[k]->b_data + offset;
105 stream->buf.in_size = avail; 99 stream->buf.in_size = avail;
106 stream->buf.in_pos = 0; 100 stream->buf.in_pos = 0;
diff --git a/fs/squashfs/zlib_wrapper.c b/fs/squashfs/zlib_wrapper.c
index 818a5e063faf..4661ae2b1cec 100644
--- a/fs/squashfs/zlib_wrapper.c
+++ b/fs/squashfs/zlib_wrapper.c
@@ -82,12 +82,6 @@ static int zlib_uncompress(struct squashfs_sb_info *msblk, void **buffer,
82 if (!buffer_uptodate(bh[k])) 82 if (!buffer_uptodate(bh[k]))
83 goto release_mutex; 83 goto release_mutex;
84 84
85 if (avail == 0) {
86 offset = 0;
87 put_bh(bh[k++]);
88 continue;
89 }
90
91 stream->next_in = bh[k]->b_data + offset; 85 stream->next_in = bh[k]->b_data + offset;
92 stream->avail_in = avail; 86 stream->avail_in = avail;
93 offset = 0; 87 offset = 0;
diff --git a/fs/sysfs/Kconfig b/fs/sysfs/Kconfig
index f4b67588b9d6..8c41feacbac5 100644
--- a/fs/sysfs/Kconfig
+++ b/fs/sysfs/Kconfig
@@ -1,5 +1,5 @@
1config SYSFS 1config SYSFS
2 bool "sysfs file system support" if EMBEDDED 2 bool "sysfs file system support" if EXPERT
3 default y 3 default y
4 help 4 help
5 The sysfs filesystem is a virtual filesystem that the kernel uses to 5 The sysfs filesystem is a virtual filesystem that the kernel uses to
diff --git a/fs/xfs/linux-2.6/xfs_ioctl.c b/fs/xfs/linux-2.6/xfs_ioctl.c
index b06ede1d0bed..f5e2a19e0f8e 100644
--- a/fs/xfs/linux-2.6/xfs_ioctl.c
+++ b/fs/xfs/linux-2.6/xfs_ioctl.c
@@ -985,10 +985,22 @@ xfs_ioctl_setattr(
985 985
986 /* 986 /*
987 * Extent size must be a multiple of the appropriate block 987 * Extent size must be a multiple of the appropriate block
988 * size, if set at all. 988 * size, if set at all. It must also be smaller than the
989 * maximum extent size supported by the filesystem.
990 *
991 * Also, for non-realtime files, limit the extent size hint to
992 * half the size of the AGs in the filesystem so alignment
993 * doesn't result in extents larger than an AG.
989 */ 994 */
990 if (fa->fsx_extsize != 0) { 995 if (fa->fsx_extsize != 0) {
991 xfs_extlen_t size; 996 xfs_extlen_t size;
997 xfs_fsblock_t extsize_fsb;
998
999 extsize_fsb = XFS_B_TO_FSB(mp, fa->fsx_extsize);
1000 if (extsize_fsb > MAXEXTLEN) {
1001 code = XFS_ERROR(EINVAL);
1002 goto error_return;
1003 }
992 1004
993 if (XFS_IS_REALTIME_INODE(ip) || 1005 if (XFS_IS_REALTIME_INODE(ip) ||
994 ((mask & FSX_XFLAGS) && 1006 ((mask & FSX_XFLAGS) &&
@@ -997,6 +1009,10 @@ xfs_ioctl_setattr(
997 mp->m_sb.sb_blocklog; 1009 mp->m_sb.sb_blocklog;
998 } else { 1010 } else {
999 size = mp->m_sb.sb_blocksize; 1011 size = mp->m_sb.sb_blocksize;
1012 if (extsize_fsb > mp->m_sb.sb_agblocks / 2) {
1013 code = XFS_ERROR(EINVAL);
1014 goto error_return;
1015 }
1000 } 1016 }
1001 1017
1002 if (fa->fsx_extsize % size) { 1018 if (fa->fsx_extsize % size) {
diff --git a/fs/xfs/quota/xfs_qm.c b/fs/xfs/quota/xfs_qm.c
index f8e854b4fde8..206a2815ced6 100644
--- a/fs/xfs/quota/xfs_qm.c
+++ b/fs/xfs/quota/xfs_qm.c
@@ -1863,12 +1863,14 @@ xfs_qm_dqreclaim_one(void)
1863 xfs_dquot_t *dqpout; 1863 xfs_dquot_t *dqpout;
1864 xfs_dquot_t *dqp; 1864 xfs_dquot_t *dqp;
1865 int restarts; 1865 int restarts;
1866 int startagain;
1866 1867
1867 restarts = 0; 1868 restarts = 0;
1868 dqpout = NULL; 1869 dqpout = NULL;
1869 1870
1870 /* lockorder: hashchainlock, freelistlock, mplistlock, dqlock, dqflock */ 1871 /* lockorder: hashchainlock, freelistlock, mplistlock, dqlock, dqflock */
1871startagain: 1872again:
1873 startagain = 0;
1872 mutex_lock(&xfs_Gqm->qm_dqfrlist_lock); 1874 mutex_lock(&xfs_Gqm->qm_dqfrlist_lock);
1873 1875
1874 list_for_each_entry(dqp, &xfs_Gqm->qm_dqfrlist, q_freelist) { 1876 list_for_each_entry(dqp, &xfs_Gqm->qm_dqfrlist, q_freelist) {
@@ -1885,13 +1887,10 @@ startagain:
1885 ASSERT(! (dqp->dq_flags & XFS_DQ_INACTIVE)); 1887 ASSERT(! (dqp->dq_flags & XFS_DQ_INACTIVE));
1886 1888
1887 trace_xfs_dqreclaim_want(dqp); 1889 trace_xfs_dqreclaim_want(dqp);
1888
1889 xfs_dqunlock(dqp);
1890 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1891 if (++restarts >= XFS_QM_RECLAIM_MAX_RESTARTS)
1892 return NULL;
1893 XQM_STATS_INC(xqmstats.xs_qm_dqwants); 1890 XQM_STATS_INC(xqmstats.xs_qm_dqwants);
1894 goto startagain; 1891 restarts++;
1892 startagain = 1;
1893 goto dqunlock;
1895 } 1894 }
1896 1895
1897 /* 1896 /*
@@ -1906,23 +1905,20 @@ startagain:
1906 ASSERT(list_empty(&dqp->q_mplist)); 1905 ASSERT(list_empty(&dqp->q_mplist));
1907 list_del_init(&dqp->q_freelist); 1906 list_del_init(&dqp->q_freelist);
1908 xfs_Gqm->qm_dqfrlist_cnt--; 1907 xfs_Gqm->qm_dqfrlist_cnt--;
1909 xfs_dqunlock(dqp);
1910 dqpout = dqp; 1908 dqpout = dqp;
1911 XQM_STATS_INC(xqmstats.xs_qm_dqinact_reclaims); 1909 XQM_STATS_INC(xqmstats.xs_qm_dqinact_reclaims);
1912 break; 1910 goto dqunlock;
1913 } 1911 }
1914 1912
1915 ASSERT(dqp->q_hash); 1913 ASSERT(dqp->q_hash);
1916 ASSERT(!list_empty(&dqp->q_mplist)); 1914 ASSERT(!list_empty(&dqp->q_mplist));
1917 1915
1918 /* 1916 /*
1919 * Try to grab the flush lock. If this dquot is in the process of 1917 * Try to grab the flush lock. If this dquot is in the process
1920 * getting flushed to disk, we don't want to reclaim it. 1918 * of getting flushed to disk, we don't want to reclaim it.
1921 */ 1919 */
1922 if (!xfs_dqflock_nowait(dqp)) { 1920 if (!xfs_dqflock_nowait(dqp))
1923 xfs_dqunlock(dqp); 1921 goto dqunlock;
1924 continue;
1925 }
1926 1922
1927 /* 1923 /*
1928 * We have the flush lock so we know that this is not in the 1924 * We have the flush lock so we know that this is not in the
@@ -1944,8 +1940,7 @@ startagain:
1944 xfs_fs_cmn_err(CE_WARN, mp, 1940 xfs_fs_cmn_err(CE_WARN, mp,
1945 "xfs_qm_dqreclaim: dquot %p flush failed", dqp); 1941 "xfs_qm_dqreclaim: dquot %p flush failed", dqp);
1946 } 1942 }
1947 xfs_dqunlock(dqp); /* dqflush unlocks dqflock */ 1943 goto dqunlock;
1948 continue;
1949 } 1944 }
1950 1945
1951 /* 1946 /*
@@ -1967,13 +1962,8 @@ startagain:
1967 */ 1962 */
1968 if (!mutex_trylock(&mp->m_quotainfo->qi_dqlist_lock)) { 1963 if (!mutex_trylock(&mp->m_quotainfo->qi_dqlist_lock)) {
1969 restarts++; 1964 restarts++;
1970 mutex_unlock(&dqp->q_hash->qh_lock); 1965 startagain = 1;
1971 xfs_dqfunlock(dqp); 1966 goto qhunlock;
1972 xfs_dqunlock(dqp);
1973 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1974 if (restarts++ >= XFS_QM_RECLAIM_MAX_RESTARTS)
1975 return NULL;
1976 goto startagain;
1977 } 1967 }
1978 1968
1979 ASSERT(dqp->q_nrefs == 0); 1969 ASSERT(dqp->q_nrefs == 0);
@@ -1986,14 +1976,20 @@ startagain:
1986 xfs_Gqm->qm_dqfrlist_cnt--; 1976 xfs_Gqm->qm_dqfrlist_cnt--;
1987 dqpout = dqp; 1977 dqpout = dqp;
1988 mutex_unlock(&mp->m_quotainfo->qi_dqlist_lock); 1978 mutex_unlock(&mp->m_quotainfo->qi_dqlist_lock);
1979qhunlock:
1989 mutex_unlock(&dqp->q_hash->qh_lock); 1980 mutex_unlock(&dqp->q_hash->qh_lock);
1990dqfunlock: 1981dqfunlock:
1991 xfs_dqfunlock(dqp); 1982 xfs_dqfunlock(dqp);
1983dqunlock:
1992 xfs_dqunlock(dqp); 1984 xfs_dqunlock(dqp);
1993 if (dqpout) 1985 if (dqpout)
1994 break; 1986 break;
1995 if (restarts >= XFS_QM_RECLAIM_MAX_RESTARTS) 1987 if (restarts >= XFS_QM_RECLAIM_MAX_RESTARTS)
1996 return NULL; 1988 break;
1989 if (startagain) {
1990 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1991 goto again;
1992 }
1997 } 1993 }
1998 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock); 1994 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1999 return dqpout; 1995 return dqpout;
diff --git a/fs/xfs/xfs_alloc.h b/fs/xfs/xfs_alloc.h
index 0ab56b32c7eb..d0b3bc72005b 100644
--- a/fs/xfs/xfs_alloc.h
+++ b/fs/xfs/xfs_alloc.h
@@ -75,6 +75,22 @@ typedef unsigned int xfs_alloctype_t;
75#define XFS_ALLOC_SET_ASIDE(mp) (4 + ((mp)->m_sb.sb_agcount * 4)) 75#define XFS_ALLOC_SET_ASIDE(mp) (4 + ((mp)->m_sb.sb_agcount * 4))
76 76
77/* 77/*
78 * When deciding how much space to allocate out of an AG, we limit the
79 * allocation maximum size to the size the AG. However, we cannot use all the
80 * blocks in the AG - some are permanently used by metadata. These
81 * blocks are generally:
82 * - the AG superblock, AGF, AGI and AGFL
83 * - the AGF (bno and cnt) and AGI btree root blocks
84 * - 4 blocks on the AGFL according to XFS_ALLOC_SET_ASIDE() limits
85 *
86 * The AG headers are sector sized, so the amount of space they take up is
87 * dependent on filesystem geometry. The others are all single blocks.
88 */
89#define XFS_ALLOC_AG_MAX_USABLE(mp) \
90 ((mp)->m_sb.sb_agblocks - XFS_BB_TO_FSB(mp, XFS_FSS_TO_BB(mp, 4)) - 7)
91
92
93/*
78 * Argument structure for xfs_alloc routines. 94 * Argument structure for xfs_alloc routines.
79 * This is turned into a structure to avoid having 20 arguments passed 95 * This is turned into a structure to avoid having 20 arguments passed
80 * down several levels of the stack. 96 * down several levels of the stack.
diff --git a/fs/xfs/xfs_bmap.c b/fs/xfs/xfs_bmap.c
index 4111cd3966c7..dc3afd7739ff 100644
--- a/fs/xfs/xfs_bmap.c
+++ b/fs/xfs/xfs_bmap.c
@@ -1038,17 +1038,34 @@ xfs_bmap_add_extent_delay_real(
1038 * Filling in the middle part of a previous delayed allocation. 1038 * Filling in the middle part of a previous delayed allocation.
1039 * Contiguity is impossible here. 1039 * Contiguity is impossible here.
1040 * This case is avoided almost all the time. 1040 * This case is avoided almost all the time.
1041 *
1042 * We start with a delayed allocation:
1043 *
1044 * +ddddddddddddddddddddddddddddddddddddddddddddddddddddddd+
1045 * PREV @ idx
1046 *
1047 * and we are allocating:
1048 * +rrrrrrrrrrrrrrrrr+
1049 * new
1050 *
1051 * and we set it up for insertion as:
1052 * +ddddddddddddddddddd+rrrrrrrrrrrrrrrrr+ddddddddddddddddd+
1053 * new
1054 * PREV @ idx LEFT RIGHT
1055 * inserted at idx + 1
1041 */ 1056 */
1042 temp = new->br_startoff - PREV.br_startoff; 1057 temp = new->br_startoff - PREV.br_startoff;
1043 trace_xfs_bmap_pre_update(ip, idx, 0, _THIS_IP_);
1044 xfs_bmbt_set_blockcount(ep, temp);
1045 r[0] = *new;
1046 r[1].br_state = PREV.br_state;
1047 r[1].br_startblock = 0;
1048 r[1].br_startoff = new_endoff;
1049 temp2 = PREV.br_startoff + PREV.br_blockcount - new_endoff; 1058 temp2 = PREV.br_startoff + PREV.br_blockcount - new_endoff;
1050 r[1].br_blockcount = temp2; 1059 trace_xfs_bmap_pre_update(ip, idx, 0, _THIS_IP_);
1051 xfs_iext_insert(ip, idx + 1, 2, &r[0], state); 1060 xfs_bmbt_set_blockcount(ep, temp); /* truncate PREV */
1061 LEFT = *new;
1062 RIGHT.br_state = PREV.br_state;
1063 RIGHT.br_startblock = nullstartblock(
1064 (int)xfs_bmap_worst_indlen(ip, temp2));
1065 RIGHT.br_startoff = new_endoff;
1066 RIGHT.br_blockcount = temp2;
1067 /* insert LEFT (r[0]) and RIGHT (r[1]) at the same time */
1068 xfs_iext_insert(ip, idx + 1, 2, &LEFT, state);
1052 ip->i_df.if_lastex = idx + 1; 1069 ip->i_df.if_lastex = idx + 1;
1053 ip->i_d.di_nextents++; 1070 ip->i_d.di_nextents++;
1054 if (cur == NULL) 1071 if (cur == NULL)
@@ -2430,7 +2447,7 @@ xfs_bmap_btalloc_nullfb(
2430 startag = ag = 0; 2447 startag = ag = 0;
2431 2448
2432 pag = xfs_perag_get(mp, ag); 2449 pag = xfs_perag_get(mp, ag);
2433 while (*blen < ap->alen) { 2450 while (*blen < args->maxlen) {
2434 if (!pag->pagf_init) { 2451 if (!pag->pagf_init) {
2435 error = xfs_alloc_pagf_init(mp, args->tp, ag, 2452 error = xfs_alloc_pagf_init(mp, args->tp, ag,
2436 XFS_ALLOC_FLAG_TRYLOCK); 2453 XFS_ALLOC_FLAG_TRYLOCK);
@@ -2452,7 +2469,7 @@ xfs_bmap_btalloc_nullfb(
2452 notinit = 1; 2469 notinit = 1;
2453 2470
2454 if (xfs_inode_is_filestream(ap->ip)) { 2471 if (xfs_inode_is_filestream(ap->ip)) {
2455 if (*blen >= ap->alen) 2472 if (*blen >= args->maxlen)
2456 break; 2473 break;
2457 2474
2458 if (ap->userdata) { 2475 if (ap->userdata) {
@@ -2498,14 +2515,14 @@ xfs_bmap_btalloc_nullfb(
2498 * If the best seen length is less than the request 2515 * If the best seen length is less than the request
2499 * length, use the best as the minimum. 2516 * length, use the best as the minimum.
2500 */ 2517 */
2501 else if (*blen < ap->alen) 2518 else if (*blen < args->maxlen)
2502 args->minlen = *blen; 2519 args->minlen = *blen;
2503 /* 2520 /*
2504 * Otherwise we've seen an extent as big as alen, 2521 * Otherwise we've seen an extent as big as maxlen,
2505 * use that as the minimum. 2522 * use that as the minimum.
2506 */ 2523 */
2507 else 2524 else
2508 args->minlen = ap->alen; 2525 args->minlen = args->maxlen;
2509 2526
2510 /* 2527 /*
2511 * set the failure fallback case to look in the selected 2528 * set the failure fallback case to look in the selected
@@ -2573,7 +2590,9 @@ xfs_bmap_btalloc(
2573 args.tp = ap->tp; 2590 args.tp = ap->tp;
2574 args.mp = mp; 2591 args.mp = mp;
2575 args.fsbno = ap->rval; 2592 args.fsbno = ap->rval;
2576 args.maxlen = MIN(ap->alen, mp->m_sb.sb_agblocks); 2593
2594 /* Trim the allocation back to the maximum an AG can fit. */
2595 args.maxlen = MIN(ap->alen, XFS_ALLOC_AG_MAX_USABLE(mp));
2577 args.firstblock = ap->firstblock; 2596 args.firstblock = ap->firstblock;
2578 blen = 0; 2597 blen = 0;
2579 if (nullfb) { 2598 if (nullfb) {
@@ -2621,7 +2640,7 @@ xfs_bmap_btalloc(
2621 /* 2640 /*
2622 * Adjust for alignment 2641 * Adjust for alignment
2623 */ 2642 */
2624 if (blen > args.alignment && blen <= ap->alen) 2643 if (blen > args.alignment && blen <= args.maxlen)
2625 args.minlen = blen - args.alignment; 2644 args.minlen = blen - args.alignment;
2626 args.minalignslop = 0; 2645 args.minalignslop = 0;
2627 } else { 2646 } else {
@@ -2640,7 +2659,7 @@ xfs_bmap_btalloc(
2640 * of minlen+alignment+slop doesn't go up 2659 * of minlen+alignment+slop doesn't go up
2641 * between the calls. 2660 * between the calls.
2642 */ 2661 */
2643 if (blen > mp->m_dalign && blen <= ap->alen) 2662 if (blen > mp->m_dalign && blen <= args.maxlen)
2644 nextminlen = blen - mp->m_dalign; 2663 nextminlen = blen - mp->m_dalign;
2645 else 2664 else
2646 nextminlen = args.minlen; 2665 nextminlen = args.minlen;
@@ -4485,6 +4504,16 @@ xfs_bmapi(
4485 /* Figure out the extent size, adjust alen */ 4504 /* Figure out the extent size, adjust alen */
4486 extsz = xfs_get_extsz_hint(ip); 4505 extsz = xfs_get_extsz_hint(ip);
4487 if (extsz) { 4506 if (extsz) {
4507 /*
4508 * make sure we don't exceed a single
4509 * extent length when we align the
4510 * extent by reducing length we are
4511 * going to allocate by the maximum
4512 * amount extent size aligment may
4513 * require.
4514 */
4515 alen = XFS_FILBLKS_MIN(len,
4516 MAXEXTLEN - (2 * extsz - 1));
4488 error = xfs_bmap_extsize_align(mp, 4517 error = xfs_bmap_extsize_align(mp,
4489 &got, &prev, extsz, 4518 &got, &prev, extsz,
4490 rt, eof, 4519 rt, eof,
diff --git a/fs/xfs/xfs_buf_item.c b/fs/xfs/xfs_buf_item.c
index 98c6f73b6752..6f8c21ce0d6d 100644
--- a/fs/xfs/xfs_buf_item.c
+++ b/fs/xfs/xfs_buf_item.c
@@ -427,13 +427,15 @@ xfs_buf_item_unpin(
427 427
428 if (remove) { 428 if (remove) {
429 /* 429 /*
430 * We have to remove the log item from the transaction 430 * If we are in a transaction context, we have to
431 * as we are about to release our reference to the 431 * remove the log item from the transaction as we are
432 * buffer. If we don't, the unlock that occurs later 432 * about to release our reference to the buffer. If we
433 * in xfs_trans_uncommit() will ry to reference the 433 * don't, the unlock that occurs later in
434 * xfs_trans_uncommit() will try to reference the
434 * buffer which we no longer have a hold on. 435 * buffer which we no longer have a hold on.
435 */ 436 */
436 xfs_trans_del_item(lip); 437 if (lip->li_desc)
438 xfs_trans_del_item(lip);
437 439
438 /* 440 /*
439 * Since the transaction no longer refers to the buffer, 441 * Since the transaction no longer refers to the buffer,
diff --git a/fs/xfs/xfs_extfree_item.c b/fs/xfs/xfs_extfree_item.c
index 75f2ef60e579..d22e62623437 100644
--- a/fs/xfs/xfs_extfree_item.c
+++ b/fs/xfs/xfs_extfree_item.c
@@ -138,7 +138,8 @@ xfs_efi_item_unpin(
138 138
139 if (remove) { 139 if (remove) {
140 ASSERT(!(lip->li_flags & XFS_LI_IN_AIL)); 140 ASSERT(!(lip->li_flags & XFS_LI_IN_AIL));
141 xfs_trans_del_item(lip); 141 if (lip->li_desc)
142 xfs_trans_del_item(lip);
142 xfs_efi_item_free(efip); 143 xfs_efi_item_free(efip);
143 return; 144 return;
144 } 145 }
diff --git a/fs/xfs/xfs_iomap.c b/fs/xfs/xfs_iomap.c
index 55582bd66659..8a0f044750c3 100644
--- a/fs/xfs/xfs_iomap.c
+++ b/fs/xfs/xfs_iomap.c
@@ -337,7 +337,12 @@ xfs_iomap_prealloc_size(
337 int shift = 0; 337 int shift = 0;
338 int64_t freesp; 338 int64_t freesp;
339 339
340 alloc_blocks = XFS_B_TO_FSB(mp, ip->i_size); 340 /*
341 * rounddown_pow_of_two() returns an undefined result
342 * if we pass in alloc_blocks = 0. Hence the "+ 1" to
343 * ensure we always pass in a non-zero value.
344 */
345 alloc_blocks = XFS_B_TO_FSB(mp, ip->i_size) + 1;
341 alloc_blocks = XFS_FILEOFF_MIN(MAXEXTLEN, 346 alloc_blocks = XFS_FILEOFF_MIN(MAXEXTLEN,
342 rounddown_pow_of_two(alloc_blocks)); 347 rounddown_pow_of_two(alloc_blocks));
343 348
diff --git a/fs/xfs/xfs_log.h b/fs/xfs/xfs_log.h
index 916eb7db14d9..3bd3291ef8d2 100644
--- a/fs/xfs/xfs_log.h
+++ b/fs/xfs/xfs_log.h
@@ -191,7 +191,7 @@ void xfs_log_ticket_put(struct xlog_ticket *ticket);
191 191
192xlog_tid_t xfs_log_get_trans_ident(struct xfs_trans *tp); 192xlog_tid_t xfs_log_get_trans_ident(struct xfs_trans *tp);
193 193
194int xfs_log_commit_cil(struct xfs_mount *mp, struct xfs_trans *tp, 194void xfs_log_commit_cil(struct xfs_mount *mp, struct xfs_trans *tp,
195 struct xfs_log_vec *log_vector, 195 struct xfs_log_vec *log_vector,
196 xfs_lsn_t *commit_lsn, int flags); 196 xfs_lsn_t *commit_lsn, int flags);
197bool xfs_log_item_in_current_chkpt(struct xfs_log_item *lip); 197bool xfs_log_item_in_current_chkpt(struct xfs_log_item *lip);
diff --git a/fs/xfs/xfs_log_cil.c b/fs/xfs/xfs_log_cil.c
index 9dc8125d04e5..9ca59be08977 100644
--- a/fs/xfs/xfs_log_cil.c
+++ b/fs/xfs/xfs_log_cil.c
@@ -543,7 +543,7 @@ xlog_cil_push(
543 543
544 error = xlog_write(log, &lvhdr, tic, &ctx->start_lsn, NULL, 0); 544 error = xlog_write(log, &lvhdr, tic, &ctx->start_lsn, NULL, 0);
545 if (error) 545 if (error)
546 goto out_abort; 546 goto out_abort_free_ticket;
547 547
548 /* 548 /*
549 * now that we've written the checkpoint into the log, strictly 549 * now that we've written the checkpoint into the log, strictly
@@ -569,8 +569,9 @@ restart:
569 } 569 }
570 spin_unlock(&cil->xc_cil_lock); 570 spin_unlock(&cil->xc_cil_lock);
571 571
572 /* xfs_log_done always frees the ticket on error. */
572 commit_lsn = xfs_log_done(log->l_mp, tic, &commit_iclog, 0); 573 commit_lsn = xfs_log_done(log->l_mp, tic, &commit_iclog, 0);
573 if (error || commit_lsn == -1) 574 if (commit_lsn == -1)
574 goto out_abort; 575 goto out_abort;
575 576
576 /* attach all the transactions w/ busy extents to iclog */ 577 /* attach all the transactions w/ busy extents to iclog */
@@ -600,6 +601,8 @@ out_free_ticket:
600 kmem_free(new_ctx); 601 kmem_free(new_ctx);
601 return 0; 602 return 0;
602 603
604out_abort_free_ticket:
605 xfs_log_ticket_put(tic);
603out_abort: 606out_abort:
604 xlog_cil_committed(ctx, XFS_LI_ABORTED); 607 xlog_cil_committed(ctx, XFS_LI_ABORTED);
605 return XFS_ERROR(EIO); 608 return XFS_ERROR(EIO);
@@ -622,7 +625,7 @@ out_abort:
622 * background commit, returns without it held once background commits are 625 * background commit, returns without it held once background commits are
623 * allowed again. 626 * allowed again.
624 */ 627 */
625int 628void
626xfs_log_commit_cil( 629xfs_log_commit_cil(
627 struct xfs_mount *mp, 630 struct xfs_mount *mp,
628 struct xfs_trans *tp, 631 struct xfs_trans *tp,
@@ -637,11 +640,6 @@ xfs_log_commit_cil(
637 if (flags & XFS_TRANS_RELEASE_LOG_RES) 640 if (flags & XFS_TRANS_RELEASE_LOG_RES)
638 log_flags = XFS_LOG_REL_PERM_RESERV; 641 log_flags = XFS_LOG_REL_PERM_RESERV;
639 642
640 if (XLOG_FORCED_SHUTDOWN(log)) {
641 xlog_cil_free_logvec(log_vector);
642 return XFS_ERROR(EIO);
643 }
644
645 /* 643 /*
646 * do all the hard work of formatting items (including memory 644 * do all the hard work of formatting items (including memory
647 * allocation) outside the CIL context lock. This prevents stalling CIL 645 * allocation) outside the CIL context lock. This prevents stalling CIL
@@ -701,7 +699,6 @@ xfs_log_commit_cil(
701 */ 699 */
702 if (push) 700 if (push)
703 xlog_cil_push(log, 0); 701 xlog_cil_push(log, 0);
704 return 0;
705} 702}
706 703
707/* 704/*
diff --git a/fs/xfs/xfs_trans.c b/fs/xfs/xfs_trans.c
index 33dbc4e0ad62..76922793f64f 100644
--- a/fs/xfs/xfs_trans.c
+++ b/fs/xfs/xfs_trans.c
@@ -1446,6 +1446,14 @@ xfs_log_item_batch_insert(
1446 * Bulk operation version of xfs_trans_committed that takes a log vector of 1446 * Bulk operation version of xfs_trans_committed that takes a log vector of
1447 * items to insert into the AIL. This uses bulk AIL insertion techniques to 1447 * items to insert into the AIL. This uses bulk AIL insertion techniques to
1448 * minimise lock traffic. 1448 * minimise lock traffic.
1449 *
1450 * If we are called with the aborted flag set, it is because a log write during
1451 * a CIL checkpoint commit has failed. In this case, all the items in the
1452 * checkpoint have already gone through IOP_COMMITED and IOP_UNLOCK, which
1453 * means that checkpoint commit abort handling is treated exactly the same
1454 * as an iclog write error even though we haven't started any IO yet. Hence in
1455 * this case all we need to do is IOP_COMMITTED processing, followed by an
1456 * IOP_UNPIN(aborted) call.
1449 */ 1457 */
1450void 1458void
1451xfs_trans_committed_bulk( 1459xfs_trans_committed_bulk(
@@ -1472,6 +1480,16 @@ xfs_trans_committed_bulk(
1472 if (XFS_LSN_CMP(item_lsn, (xfs_lsn_t)-1) == 0) 1480 if (XFS_LSN_CMP(item_lsn, (xfs_lsn_t)-1) == 0)
1473 continue; 1481 continue;
1474 1482
1483 /*
1484 * if we are aborting the operation, no point in inserting the
1485 * object into the AIL as we are in a shutdown situation.
1486 */
1487 if (aborted) {
1488 ASSERT(XFS_FORCED_SHUTDOWN(ailp->xa_mount));
1489 IOP_UNPIN(lip, 1);
1490 continue;
1491 }
1492
1475 if (item_lsn != commit_lsn) { 1493 if (item_lsn != commit_lsn) {
1476 1494
1477 /* 1495 /*
@@ -1503,20 +1521,24 @@ xfs_trans_committed_bulk(
1503} 1521}
1504 1522
1505/* 1523/*
1506 * Called from the trans_commit code when we notice that 1524 * Called from the trans_commit code when we notice that the filesystem is in
1507 * the filesystem is in the middle of a forced shutdown. 1525 * the middle of a forced shutdown.
1526 *
1527 * When we are called here, we have already pinned all the items in the
1528 * transaction. However, neither IOP_COMMITTING or IOP_UNLOCK has been called
1529 * so we can simply walk the items in the transaction, unpin them with an abort
1530 * flag and then free the items. Note that unpinning the items can result in
1531 * them being freed immediately, so we need to use a safe list traversal method
1532 * here.
1508 */ 1533 */
1509STATIC void 1534STATIC void
1510xfs_trans_uncommit( 1535xfs_trans_uncommit(
1511 struct xfs_trans *tp, 1536 struct xfs_trans *tp,
1512 uint flags) 1537 uint flags)
1513{ 1538{
1514 struct xfs_log_item_desc *lidp; 1539 struct xfs_log_item_desc *lidp, *n;
1515 1540
1516 list_for_each_entry(lidp, &tp->t_items, lid_trans) { 1541 list_for_each_entry_safe(lidp, n, &tp->t_items, lid_trans) {
1517 /*
1518 * Unpin all but those that aren't dirty.
1519 */
1520 if (lidp->lid_flags & XFS_LID_DIRTY) 1542 if (lidp->lid_flags & XFS_LID_DIRTY)
1521 IOP_UNPIN(lidp->lid_item, 1); 1543 IOP_UNPIN(lidp->lid_item, 1);
1522 } 1544 }
@@ -1733,7 +1755,6 @@ xfs_trans_commit_cil(
1733 int flags) 1755 int flags)
1734{ 1756{
1735 struct xfs_log_vec *log_vector; 1757 struct xfs_log_vec *log_vector;
1736 int error;
1737 1758
1738 /* 1759 /*
1739 * Get each log item to allocate a vector structure for 1760 * Get each log item to allocate a vector structure for
@@ -1744,9 +1765,7 @@ xfs_trans_commit_cil(
1744 if (!log_vector) 1765 if (!log_vector)
1745 return ENOMEM; 1766 return ENOMEM;
1746 1767
1747 error = xfs_log_commit_cil(mp, tp, log_vector, commit_lsn, flags); 1768 xfs_log_commit_cil(mp, tp, log_vector, commit_lsn, flags);
1748 if (error)
1749 return error;
1750 1769
1751 current_restore_flags_nested(&tp->t_pflags, PF_FSTRANS); 1770 current_restore_flags_nested(&tp->t_pflags, PF_FSTRANS);
1752 xfs_trans_free(tp); 1771 xfs_trans_free(tp);
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-05 05:08:26 -0400