Age | Commit message (Collapse) | Author |
|
CIFS in some heavy stress conditions cifs could get EAGAIN
repeatedly in smb_send2 which led to repeated retries and eventually
failure of large writes which could lead to data corruption.
There are three changes that were suggested by various network
developers:
1) convert cifs from non-blocking to blocking tcp sendmsg
(we left in the retry on failure)
2) change cifs to not set sendbuf and rcvbuf size for the socket
(let tcp autotune the buffer sizes since that works much better
in the TCP stack now)
3) if we have a partial frame sent in smb_send2, mark the tcp
session as invalid (close the socket and reconnect) so we do
not corrupt the remaining part of the SMB with the beginning
of the next SMB.
This does not appear to hurt performance measurably and has
been run in various scenarios, but it definately removes
a corruption that we were seeing in some high stress
test cases.
Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
cifs: handle the TCP_Server_Info->tsk field more carefully
We currently handle the TCP_Server_Info->tsk field without any locking,
but with some half-measures to try and prevent races. These aren't
really sufficient though. When taking down cifsd, use xchg() to swap
the contents of the tsk field with NULL so we don't end up trying
to send it more than one signal. Also, don't allow cifsd to exit until
the signal is received if we expect one.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
fcntl(F_SETLEASE) currently is not exported by cifs (nor by local file
systems) so cifs grants leases based on how other local processes have
opened the file not by whether the file is cacheable (oplocked). This
adds the check to make sure that the file is cacheable on the client
before checking whether we can grant the lease locally
(generic_setlease). It also adds a mount option for cifs (locallease)
if the user wants to override this and try to grant leases even
if the server did not grant oplock.
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
When cifs_demultiplex_thread was converted to a kthread based kernel
thread, great pains were taken to make it so that kthread_stop would be
used to bring it down. This just added unnecessary complexity since we
needed to use a signal anyway to break out of kernel_recvmsg.
Also, cifs_demultiplex_thread does a bit of cleanup as it's exiting, and
we need to be certain that this gets done. It's possible for a kthread
to exit before its main function is ever run if kthread_stop is called
soon after its creation. While I'm not sure that this is a real problem
with cifsd now, it could be at some point in the future if cifs_mount is
ever changed to bring down the thread quickly.
The upshot here is that using kthread_stop to bring down the thread just
adds extra complexity with no real benefit. This patch changes the code
to use the original method to bring down the thread, but still leaves it
so that the thread is actually started with kthread_run.
This seems to fix the deadlock caused by the reproducer in this bug
report:
https://bugzilla.samba.org/show_bug.cgi?id=5720
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Older samba server (eg. 3.0.24 from Debian etch) don't work correctly,
if DFS paths are used. Such server claim that they support DFS, but fail
to process some requests with DFS paths. Starting with Linux 2.6.26,
the cifs clients starts sending DFS paths in such situations, rendering
it unuseable with older samba servers.
The nodfs mount options forces a share to be used with non DFS paths,
even if the server claims, that it supports it.
Signed-off-by: Martin Koegler <mkoegler@auto.tuwien.ac.at>
Acked-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Igor Mammedov <niallain@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
cifs_setup_session references pSesInfo->server several times. That
pointer shouldn't change during the life of the function so grab it
once and store it in a local var. This makes the code look a little
cleaner too.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Remove some long lines
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
The global tcpSesAllocCount variable is an atomic already and doesn't
really need the extra locking around it. Remove the locking and just use
the atomic_inc_return and atomic_dec_return functions to make sure we
access it correctly.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
fs/cifs/cifssmb.c:3917:13: warning: incorrect type in assignment (different base types)
fs/cifs/cifssmb.c:3917:13: expected bool [unsigned] [usertype] is_unicode
fs/cifs/cifssmb.c:3917:13: got restricted __le16
The comment explains why __force is used here.
fs/cifs/connect.c:458:16: warning: cast to restricted __be32
fs/cifs/connect.c:458:16: warning: cast to restricted __be32
fs/cifs/connect.c:458:16: warning: cast to restricted __be32
fs/cifs/connect.c:458:16: warning: cast to restricted __be32
fs/cifs/connect.c:458:16: warning: cast to restricted __be32
fs/cifs/connect.c:458:16: warning: cast to restricted __be32
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Put CIFS sockets in their own class to avoid some lockdep warnings. CIFS
sockets are not exposed to user-space, and so are not subject to the
same deadlock scenarios.
A similar change was made a couple of years ago for RPC sockets in commit
ed07536ed6731775219c1df7fa26a7588753e693.
This patch should prevent lockdep false-positives like this one:
=======================================================
[ INFO: possible circular locking dependency detected ]
2.6.18-98.el5.jtltest.38.bz456320.1debug #1
-------------------------------------------------------
test5/2483 is trying to acquire lock:
(sk_lock-AF_INET){--..}, at: [<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
but task is already holding lock:
(&inode->i_alloc_sem){--..}, at: [<ffffffff8002e454>] notify_change+0xf5/0x2e0
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #3 (&inode->i_alloc_sem){--..}:
[<ffffffff800a817c>] __lock_acquire+0x9a9/0xadf
[<ffffffff800a8a72>] lock_acquire+0x55/0x70
[<ffffffff8002e454>] notify_change+0xf5/0x2e0
[<ffffffff800a4e36>] down_write+0x3c/0x68
[<ffffffff8002e454>] notify_change+0xf5/0x2e0
[<ffffffff800e358d>] do_truncate+0x50/0x6b
[<ffffffff8005197c>] get_write_access+0x40/0x46
[<ffffffff80012cf1>] may_open+0x1d3/0x22e
[<ffffffff8001bc81>] open_namei+0x2c6/0x6dd
[<ffffffff800289c6>] do_filp_open+0x1c/0x38
[<ffffffff800683ef>] _spin_unlock+0x17/0x20
[<ffffffff800167a7>] get_unused_fd+0xf9/0x107
[<ffffffff8001a704>] do_sys_open+0x44/0xbe
[<ffffffff80060116>] system_call+0x7e/0x83
[<ffffffffffffffff>] 0xffffffffffffffff
-> #2 (&sysfs_inode_imutex_key){--..}:
[<ffffffff800a817c>] __lock_acquire+0x9a9/0xadf
[<ffffffff8010f6df>] create_dir+0x26/0x1d7
[<ffffffff800a8a72>] lock_acquire+0x55/0x70
[<ffffffff8010f6df>] create_dir+0x26/0x1d7
[<ffffffff800671c0>] mutex_lock_nested+0x104/0x29c
[<ffffffff800a819d>] __lock_acquire+0x9ca/0xadf
[<ffffffff8010f6df>] create_dir+0x26/0x1d7
[<ffffffff8010fc67>] sysfs_create_dir+0x58/0x76
[<ffffffff8015144c>] kobject_add+0xdb/0x198
[<ffffffff801be765>] class_device_add+0xb2/0x465
[<ffffffff8005a6ff>] kobject_get+0x12/0x17
[<ffffffff80225265>] register_netdevice+0x270/0x33e
[<ffffffff8022538c>] register_netdev+0x59/0x67
[<ffffffff80464d40>] net_olddevs_init+0xb/0xac
[<ffffffff80448a79>] init+0x1f9/0x2fc
[<ffffffff80068885>] _spin_unlock_irq+0x24/0x27
[<ffffffff80067f86>] trace_hardirqs_on_thunk+0x35/0x37
[<ffffffff80061079>] child_rip+0xa/0x11
[<ffffffff80068885>] _spin_unlock_irq+0x24/0x27
[<ffffffff800606a8>] restore_args+0x0/0x30
[<ffffffff80179a59>] acpi_ds_init_one_object+0x0/0x80
[<ffffffff80448880>] init+0x0/0x2fc
[<ffffffff8006106f>] child_rip+0x0/0x11
[<ffffffffffffffff>] 0xffffffffffffffff
-> #1 (rtnl_mutex){--..}:
[<ffffffff800a817c>] __lock_acquire+0x9a9/0xadf
[<ffffffff8025acf8>] ip_mc_leave_group+0x23/0xb7
[<ffffffff800a8a72>] lock_acquire+0x55/0x70
[<ffffffff8025acf8>] ip_mc_leave_group+0x23/0xb7
[<ffffffff800671c0>] mutex_lock_nested+0x104/0x29c
[<ffffffff8025acf8>] ip_mc_leave_group+0x23/0xb7
[<ffffffff802451b0>] do_ip_setsockopt+0x6d1/0x9bf
[<ffffffff800a575e>] lock_release_holdtime+0x27/0x48
[<ffffffff800a575e>] lock_release_holdtime+0x27/0x48
[<ffffffff8006a85e>] do_page_fault+0x503/0x835
[<ffffffff8012cbf6>] socket_has_perm+0x5b/0x68
[<ffffffff80245556>] ip_setsockopt+0x22/0x78
[<ffffffff8021c973>] sys_setsockopt+0x91/0xb7
[<ffffffff800602a6>] tracesys+0xd5/0xdf
[<ffffffffffffffff>] 0xffffffffffffffff
-> #0 (sk_lock-AF_INET){--..}:
[<ffffffff800a5037>] print_stack_trace+0x59/0x68
[<ffffffff800a8092>] __lock_acquire+0x8bf/0xadf
[<ffffffff800a8a72>] lock_acquire+0x55/0x70
[<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
[<ffffffff80035466>] lock_sock+0xd4/0xe4
[<ffffffff80096e91>] _local_bh_enable+0xcb/0xe0
[<ffffffff800606a8>] restore_args+0x0/0x30
[<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
[<ffffffff80057540>] sock_sendmsg+0xf3/0x110
[<ffffffff800a2bb6>] autoremove_wake_function+0x0/0x2e
[<ffffffff800a10e4>] kernel_text_address+0x1a/0x26
[<ffffffff8006f4e2>] dump_trace+0x211/0x23a
[<ffffffff800a6d3d>] find_usage_backwards+0x5f/0x88
[<ffffffff8840221a>] MD5Final+0xaf/0xc2 [cifs]
[<ffffffff884032ec>] cifs_calculate_signature+0x55/0x69 [cifs]
[<ffffffff8021d891>] kernel_sendmsg+0x35/0x47
[<ffffffff883ff38e>] smb_send+0xa3/0x151 [cifs]
[<ffffffff883ff5de>] SendReceive+0x1a2/0x448 [cifs]
[<ffffffff800a812f>] __lock_acquire+0x95c/0xadf
[<ffffffff883e758a>] CIFSSMBSetEOF+0x20d/0x25b [cifs]
[<ffffffff883fa430>] cifs_set_file_size+0x110/0x3b7 [cifs]
[<ffffffff883faa89>] cifs_setattr+0x3b2/0x6f6 [cifs]
[<ffffffff8002e454>] notify_change+0xf5/0x2e0
[<ffffffff8002e4a4>] notify_change+0x145/0x2e0
[<ffffffff800e358d>] do_truncate+0x50/0x6b
[<ffffffff8005197c>] get_write_access+0x40/0x46
[<ffffffff80012cf1>] may_open+0x1d3/0x22e
[<ffffffff8001bc81>] open_namei+0x2c6/0x6dd
[<ffffffff800289c6>] do_filp_open+0x1c/0x38
[<ffffffff800683ef>] _spin_unlock+0x17/0x20
[<ffffffff800167a7>] get_unused_fd+0xf9/0x107
[<ffffffff8001a704>] do_sys_open+0x44/0xbe
[<ffffffff800602a6>] tracesys+0xd5/0xdf
[<ffffffffffffffff>] 0xffffffffffffffff
other info that might help us debug this:
2 locks held by test5/2483:
#0: (&inode->i_mutex){--..}, at: [<ffffffff800e3582>] do_truncate+0x45/0x6b
#1: (&inode->i_alloc_sem){--..}, at: [<ffffffff8002e454>] notify_change+0xf5/0x2e0
stack backtrace:
Call Trace:
[<ffffffff800a6a7b>] print_circular_bug_tail+0x65/0x6e
[<ffffffff800a5037>] print_stack_trace+0x59/0x68
[<ffffffff800a8092>] __lock_acquire+0x8bf/0xadf
[<ffffffff800a8a72>] lock_acquire+0x55/0x70
[<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
[<ffffffff80035466>] lock_sock+0xd4/0xe4
[<ffffffff80096e91>] _local_bh_enable+0xcb/0xe0
[<ffffffff800606a8>] restore_args+0x0/0x30
[<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
[<ffffffff80057540>] sock_sendmsg+0xf3/0x110
[<ffffffff800a2bb6>] autoremove_wake_function+0x0/0x2e
[<ffffffff800a10e4>] kernel_text_address+0x1a/0x26
[<ffffffff8006f4e2>] dump_trace+0x211/0x23a
[<ffffffff800a6d3d>] find_usage_backwards+0x5f/0x88
[<ffffffff8840221a>] :cifs:MD5Final+0xaf/0xc2
[<ffffffff884032ec>] :cifs:cifs_calculate_signature+0x55/0x69
[<ffffffff8021d891>] kernel_sendmsg+0x35/0x47
[<ffffffff883ff38e>] :cifs:smb_send+0xa3/0x151
[<ffffffff883ff5de>] :cifs:SendReceive+0x1a2/0x448
[<ffffffff800a812f>] __lock_acquire+0x95c/0xadf
[<ffffffff883e758a>] :cifs:CIFSSMBSetEOF+0x20d/0x25b
[<ffffffff883fa430>] :cifs:cifs_set_file_size+0x110/0x3b7
[<ffffffff883faa89>] :cifs:cifs_setattr+0x3b2/0x6f6
[<ffffffff8002e454>] notify_change+0xf5/0x2e0
[<ffffffff8002e4a4>] notify_change+0x145/0x2e0
[<ffffffff800e358d>] do_truncate+0x50/0x6b
[<ffffffff8005197c>] get_write_access+0x40/0x46
[<ffffffff80012cf1>] may_open+0x1d3/0x22e
[<ffffffff8001bc81>] open_namei+0x2c6/0x6dd
[<ffffffff800289c6>] do_filp_open+0x1c/0x38
[<ffffffff800683ef>] _spin_unlock+0x17/0x20
[<ffffffff800167a7>] get_unused_fd+0xf9/0x107
[<ffffffff8001a704>] do_sys_open+0x44/0xbe
[<ffffffff800602a6>] tracesys+0xd5/0xdf
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Samba now supports transport encryption on particular exports
(mounted tree ids can be encrypted for servers which support the
unix extensions). This adds parsing support to cifs mount
option parsing for this.
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Fixup GetDFSRefer to prepare for cleanup of SMB response processing
Fix build warning in link.c
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Some versions of Samba (3.2-pre e.g.) are stricter about checking to make sure that
paths in DFS name spaces are sent in the form \\server\share\dir\subdir ...
instead of \dir\subdir
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
when unix extensions and cifsacl support are disabled. These
permissions changes are "ephemeral" however. They are lost whenever
a share is mounted and unmounted, or when memory pressure forces
the inode out of the cache.
Because of this, we'd like to introduce a behavior change to make
CIFS behave more like local DOS/Windows filesystems. When unix
extensions and cifsacl support aren't enabled, then don't silently
ignore changes to permission bits that can't be reflected on the
server.
Still, there may be people relying on the current behavior for
certain applications. This patch adds a new "dynperm" (and a
corresponding "nodynperm") mount option that will be intended
to make the client fall back to legacy behavior when setting
these modes.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
cifs_demultiplex_thread can exit under several conditions:
1) if it's signaled
2) if there's a problem with session setup
3) if kthread_stop is called on it
The first two are problems. If kthread_stop is called on the thread,
there is no guarantee that it will still be up. We need to have the
thread stay up until kthread_stop is called on it.
One option would be to not even try to tear things down until after
kthread_stop is called. However, in the case where there is a problem
setting up the session, there's no real reason to try continuing the
loop.
This patch allows the thread to clean up and prepare for exit under all
three conditions, but it has the thread go to sleep until kthread_stop
is called. This allows us to simplify the shutdown code somewhat since
we can be reasonably sure that the thread won't exit after being
signaled but before kthread_stop is called.
It also removes the places where the thread itself set the tsk variable
since it appeared that it could have a potential race where the thread
might never be shut down.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Christoph Hellwig <hch@infradead.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Clean up cifs_setattr a bit by adding a local inode pointer, and
changing all of the direntry->d_inode references to it. This also adds a
bit of micro-optimization. d_inode shouldn't change over the life of
this function, so we only need to dereference it once.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
This patch cleans up cifs_find_tcp_session so it become
less indented. Also the error of skipping IPv6 matched
addresses fixed.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Igor Mammedov <niallain@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Was a holdover from the old kernel_thread based cifsd
code. We needed to know that the thread had set the task variable
before proceeding. Now that kthread_run returns the new task, this
doesn't appear to be needed anymore.
As best I can tell, this sleep was intended to try to prevent
cifs_umount from freeing the cifsSesInfo struct before cifsd had
exited. Now that cifsd is using the kthread API, we know that
when kthread_stop returns that cifsd has exited, so I don't
think this is needed any longer.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Christop Hellwig <hch@infradead.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
If a tcon is being freed in call tconInfoFree, clean up any entries that may
exist in global oplock queue as the tcon structure hanging off of those entries
will be invalid and can cause oops while accesing any elements in the
tcon structure.
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Jeff Layton that we were converting \ to / in the posix path case which is
not always right (depends on what the old delim was).
CC: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Also add warning if posix path setting changes on reconnect
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Currently, when we get a prefixpath as part of mount, the kernel only
changes the first character to be a '/' or '\' depending on whether
posix extensions are enabled. This is problematic as it expects
mount.cifs to pass in the correct delimiter in the rest of the
prefixpath. But, mount.cifs may not know *what* the correct delimiter
is. It's a chicken and egg problem.
Note that mount.cifs should not do conversion of the
prefixpath - if we want posix behavior then '\' is legal in a path
(and we have had bugs in the distant path to prove to me that
customers sometimes have apps that require '\'). The kernel code
assumes that the path passed in is posix (and current code will handle
the first path component fine but was broken for Windows mounts
for "deep" prefixpaths unless the user specified a prefixpath with '\'
deep in it. So e.g. with current kernel code:
1) mount to //server/share/dir1 will work to all server types
2) mount to //server/share/dir1/subdir1 will work to Samba
3) mount to //server/share/dir1\\subdir1 will work to Windows
But case two would fail to Windows without the fix.
With the kernel cifs module fix case two now works.
First analyzed by Jeff Layton and Simo Sorce
CC: Jeff Layton <jlayton@redhat.com>
CC: Simo Sorce <simo@samba.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Christoph had noticed too many ifdefs in the CIFS code making it
hard to read. This patch removes about a quarter of them from
the C files in cifs by improving a few key ifdefs in the .h files.
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Also includes a few minor changes suggested by Christoph
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
When cifs_mount finds an existing SMB session that it can use for a new
mount, it does not check to see whether that session is in need of being
reconnected. An easy way to reproduce:
1) mount //server/share1
2) watch /proc/fs/cifs/DebugData for the share to go DISCONNECTED
3) mount //server/share2 with same creds as in step 1.
The second mount will fail because CIFSTCon returned -EAGAIN. If you do
an operation in share1 and then reattempt the mount it will work (since
the session is reestablished).
The following patch fixes this by having cifs_mount check the status
of the session when it picks an existing session and calling
cifs_setup_session on it again if it's in need of reconnection.
Thanks to Wojciech Pilorz for the initial bug report.
Signed-off-by: Jeff Layton <jlayton@tupile.poochiereds.net>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
When retrying kernel_recvmsg() because of a short read, check returned
length against the remaining length, not against total length. This
avoids unneeded session reconnects which would otherwise occur when
kernel_recvmsg() finally returns zero when asked to read zero bytes.
Signed-off-by: Petr Tesarik <ptesarik@suse.cz>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
...and populate it with the hostname portion of the UNC string.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Move all of the kfree's sprinkled in the middle of the function to the
end, and have the code set rc and just goto there on error. Also zero
out the password string before freeing it. Looks like this should also
fix a potential memory leak of the prepath string if an error occurs
near the end of the function.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
request
In SendReceive() function in transport.c - it memcpy's
message payload into a buffer passed via out_buf param. The function
assumes that all buffers are of size (CIFSMaxBufSize +
MAX_CIFS_HDR_SIZE) , unfortunately it is also called with smaller
(MAX_CIFS_SMALL_BUFFER_SIZE) buffers. There are eight callers
(SMB worker functions) which are primarily affected by this change:
TreeDisconnect, uLogoff, Close, findClose, SetFileSize, SetFileTimes,
Lock and PosixLock
CC: Dave Kleikamp <shaggy@austin.ibm.com>
CC: Przemyslaw Wegrzyn <czajnik@czajsoft.pl>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
...and fix a couple of bugs in the NBD, CIFS and OCFS2 socket handlers.
Looking at the sock->op->shutdown() handlers, it looks as if all of them
take a SHUT_RD/SHUT_WR/SHUT_RDWR argument instead of the
RCV_SHUTDOWN/SEND_SHUTDOWN arguments.
Add a helper, and then define the SHUT_* enum to ensure that kernel users
of shutdown() don't get confused.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Acked-by: Mark Fasheh <mark.fasheh@oracle.com>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
When a share is mounted using no username, cifs_mount sets
volume_info.username as a NULL pointer, and the sesInfo userName as an
empty string. The volume_info.username is passed to a couple of other
functions to see if there is an existing unc or tcp connection that can
be used. These functions assume that the username will be a valid
string that can be passed to strncmp. If the pointer is NULL, then the
kernel will oops if there's an existing session to which the string
can be compared.
This patch changes cifs_mount to set volume_info.username to an empty
string in this situation, which prevents the oops and should make it
so that the comparison to other null auth sessions match.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Also clean up ACL code
Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: (51 commits)
[CIFS] log better errors on failed mounts
[CIFS] Return better error when server requires signing but client forbids
[CIFS] fix typo
[CIFS] acl support part 4
[CIFS] Fix minor problems noticed by scan
[CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_thread
[CIFS] build break
[CIFS] endian fixes
[CIFS] endian fixes in new acl code
[CIFS] Fix some endianness problems in new acl code
[CIFS] missing #endif from a previous patch
[CIFS] formatting fixes
[CIFS] Break up unicode_sessetup string functions
[CIFS] parse server_GUID in SPNEGO negProt response
[CIFS]
[CIFS] Fix endian conversion problem in posix mkdir
[CIFS] fix build break when lanman not enabled
[CIFS] remove two sparse warnings
[CIFS] remove compile warnings when debug disabled
[CIFS] CIFS ACL support part 3
...
|
|
The task_struct->pid member is going to be deprecated, so start
using the helpers (task_pid_nr/task_pid_vnr/task_pid_nr_ns) in
the kernel.
The first thing to start with is the pid, printed to dmesg - in
this case we may safely use task_pid_nr(). Besides, printks produce
more (much more) than a half of all the explicit pid usage.
[akpm@linux-foundation.org: git-drm went and changed lots of stuff]
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Dave Airlie <airlied@linux.ie>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
cifs_demultiplex_thread
When kernel_recvmsg returns -EAGAIN or -ERESTARTSYS, then
cifs_demultiplex_thread sleeps for a bit and then tries the read again.
When it does this, it's not zeroing out the length and that throws off
the value of total_read. Fix it to zero out the length.
Can cause memory corruption:
If kernel_recvmsg returns an error and total_read is a large enough
value, then we'll end up going through the loop again. total_read will
be a bogus value, as will (pdu_length-total_read). When this happens we
end up calling kernel_recvmsg with a bogus value (possibly larger than
the current iov_len).
At that point, memcpy_toiovec can overrun iov. It will start walking
up the stack, casting other things that are there to struct iovecs
(since it assumes that it's been passed an array of them). Any pointer
on the stack at an address above the kvec is a candidate for corruption
here.
Many thanks to Ulrich Obergfell for pointing this out.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Fixes two problems:
1) we dropped down to negotiating lanman if we did not recognize the
mechanism (krb5 e.g.)
2) we did not stop cifsd (thus will fail when doing rmod cifs with
slab free errors) when we fail tcon but have a bad session (which is
the case in which signing is required but we don't allow signing on
the client)
It also turns on extended security flag in the header when passing
"sec=krb5" on mount command (although kerberos support is not done of
course)
Acked-by: Jeff Layton <jlayton@redhat.com>
CC: Shaggy <shaggy@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
This patch does kmalloc + memset conversion to kzalloc and removes some
redundant argument checks.
Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
This allows cifs to mount to ipc shares (IPC$)
which will allow user space applications to
layer over authenticated cifs connections
(useful for Wine and others that would want
to put DCE/RPC over CIFS or run CIFS named
pipes)
Acked-by: Rob Shearman <rob@codeweavers.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Add code to be able to dump CIFS ACL information
when Query Posix ACL with cifsacl mount parm enabled.
Signed-off-by: Shirish Pargoankar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
|
Signed-off-by: Steve French <sfrench@us.ibm.com>
|