2021-06-18 13:31:49 +08:00
|
|
|
// SPDX-License-Identifier: LGPL-2.1
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
*
|
2008-02-08 07:25:02 +08:00
|
|
|
* Copyright (C) International Business Machines Corp., 2002,2008
|
2005-04-17 06:20:36 +08:00
|
|
|
* Author(s): Steve French (sfrench@us.ibm.com)
|
2006-07-16 12:32:51 +08:00
|
|
|
* Jeremy Allison (jra@samba.org) 2006.
|
2007-07-07 06:44:50 +08:00
|
|
|
*
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/fs.h>
|
|
|
|
#include <linux/list.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 16:04:11 +08:00
|
|
|
#include <linux/gfp.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include <linux/wait.h>
|
|
|
|
#include <linux/net.h>
|
|
|
|
#include <linux/delay.h>
|
2011-10-20 03:30:40 +08:00
|
|
|
#include <linux/freezer.h>
|
2012-09-19 07:20:35 +08:00
|
|
|
#include <linux/tcp.h>
|
2016-11-01 21:40:13 +08:00
|
|
|
#include <linux/bvec.h>
|
2012-09-19 07:20:35 +08:00
|
|
|
#include <linux/highmem.h>
|
2016-12-25 03:46:01 +08:00
|
|
|
#include <linux/uaccess.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include <asm/processor.h>
|
|
|
|
#include <linux/mempool.h>
|
2019-05-13 09:24:17 +08:00
|
|
|
#include <linux/sched/signal.h>
|
2022-08-02 00:17:46 +08:00
|
|
|
#include <linux/task_io_accounting_ops.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include "cifspdu.h"
|
|
|
|
#include "cifsglob.h"
|
|
|
|
#include "cifsproto.h"
|
|
|
|
#include "cifs_debug.h"
|
2018-02-17 02:19:29 +08:00
|
|
|
#include "smb2proto.h"
|
2017-11-23 08:38:43 +08:00
|
|
|
#include "smbdirect.h"
|
2007-07-13 08:33:32 +08:00
|
|
|
|
2017-11-21 12:08:07 +08:00
|
|
|
/* Max number of iovectors we can use off the stack when sending requests. */
|
|
|
|
#define CIFS_MAX_IOV_SIZE 8
|
|
|
|
|
2011-12-27 02:53:34 +08:00
|
|
|
void
|
|
|
|
cifs_wake_up_task(struct mid_q_entry *mid)
|
2011-01-11 20:24:21 +08:00
|
|
|
{
|
|
|
|
wake_up_process(mid->callback_data);
|
|
|
|
}
|
|
|
|
|
2022-08-06 00:15:44 +08:00
|
|
|
static struct mid_q_entry *
|
2022-08-05 22:47:38 +08:00
|
|
|
alloc_mid(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
|
|
|
struct mid_q_entry *temp;
|
|
|
|
|
2008-12-01 20:09:34 +08:00
|
|
|
if (server == NULL) {
|
2022-08-05 22:47:38 +08:00
|
|
|
cifs_dbg(VFS, "%s: null TCP session\n", __func__);
|
2005-04-17 06:20:36 +08:00
|
|
|
return NULL;
|
|
|
|
}
|
2007-07-13 08:33:32 +08:00
|
|
|
|
2008-09-15 18:22:54 +08:00
|
|
|
temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS);
|
2017-04-10 10:08:53 +08:00
|
|
|
memset(temp, 0, sizeof(struct mid_q_entry));
|
2018-06-25 20:05:25 +08:00
|
|
|
kref_init(&temp->refcount);
|
2017-04-10 10:08:53 +08:00
|
|
|
temp->mid = get_mid(smb_buffer);
|
|
|
|
temp->pid = current->pid;
|
|
|
|
temp->command = cpu_to_le16(smb_buffer->Command);
|
|
|
|
cifs_dbg(FYI, "For smb_command %d\n", smb_buffer->Command);
|
2005-10-12 10:58:06 +08:00
|
|
|
/* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
|
2017-04-10 10:08:53 +08:00
|
|
|
/* when mid allocated can be before when sent */
|
|
|
|
temp->when_alloc = jiffies;
|
|
|
|
temp->server = server;
|
2011-01-11 20:24:21 +08:00
|
|
|
|
2017-04-10 10:08:53 +08:00
|
|
|
/*
|
|
|
|
* The default is for the mid to be synchronous, so the
|
|
|
|
* default callback just wakes up the current task.
|
|
|
|
*/
|
CIFS: Fix task struct use-after-free on reconnect
The task which created the MID may be gone by the time cifsd attempts to
call the callbacks on MIDs from cifs_reconnect().
This leads to a use-after-free of the task struct in cifs_wake_up_task:
==================================================================
BUG: KASAN: use-after-free in __lock_acquire+0x31a0/0x3270
Read of size 8 at addr ffff8880103e3a68 by task cifsd/630
CPU: 0 PID: 630 Comm: cifsd Not tainted 5.5.0-rc6+ #119
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
Call Trace:
dump_stack+0x8e/0xcb
print_address_description.constprop.5+0x1d3/0x3c0
? __lock_acquire+0x31a0/0x3270
__kasan_report+0x152/0x1aa
? __lock_acquire+0x31a0/0x3270
? __lock_acquire+0x31a0/0x3270
kasan_report+0xe/0x20
__lock_acquire+0x31a0/0x3270
? __wake_up_common+0x1dc/0x630
? _raw_spin_unlock_irqrestore+0x4c/0x60
? mark_held_locks+0xf0/0xf0
? _raw_spin_unlock_irqrestore+0x39/0x60
? __wake_up_common_lock+0xd5/0x130
? __wake_up_common+0x630/0x630
lock_acquire+0x13f/0x330
? try_to_wake_up+0xa3/0x19e0
_raw_spin_lock_irqsave+0x38/0x50
? try_to_wake_up+0xa3/0x19e0
try_to_wake_up+0xa3/0x19e0
? cifs_compound_callback+0x178/0x210
? set_cpus_allowed_ptr+0x10/0x10
cifs_reconnect+0xa1c/0x15d0
? generic_ip_connect+0x1860/0x1860
? rwlock_bug.part.0+0x90/0x90
cifs_readv_from_socket+0x479/0x690
cifs_read_from_socket+0x9d/0xe0
? cifs_readv_from_socket+0x690/0x690
? mempool_resize+0x690/0x690
? rwlock_bug.part.0+0x90/0x90
? memset+0x1f/0x40
? allocate_buffers+0xff/0x340
cifs_demultiplex_thread+0x388/0x2a50
? cifs_handle_standard+0x610/0x610
? rcu_read_lock_held_common+0x120/0x120
? mark_lock+0x11b/0xc00
? __lock_acquire+0x14ed/0x3270
? __kthread_parkme+0x78/0x100
? lockdep_hardirqs_on+0x3e8/0x560
? lock_downgrade+0x6a0/0x6a0
? lockdep_hardirqs_on+0x3e8/0x560
? _raw_spin_unlock_irqrestore+0x39/0x60
? cifs_handle_standard+0x610/0x610
kthread+0x2bb/0x3a0
? kthread_create_worker_on_cpu+0xc0/0xc0
ret_from_fork+0x3a/0x50
Allocated by task 649:
save_stack+0x19/0x70
__kasan_kmalloc.constprop.5+0xa6/0xf0
kmem_cache_alloc+0x107/0x320
copy_process+0x17bc/0x5370
_do_fork+0x103/0xbf0
__x64_sys_clone+0x168/0x1e0
do_syscall_64+0x9b/0xec0
entry_SYSCALL_64_after_hwframe+0x49/0xbe
Freed by task 0:
save_stack+0x19/0x70
__kasan_slab_free+0x11d/0x160
kmem_cache_free+0xb5/0x3d0
rcu_core+0x52f/0x1230
__do_softirq+0x24d/0x962
The buggy address belongs to the object at ffff8880103e32c0
which belongs to the cache task_struct of size 6016
The buggy address is located 1960 bytes inside of
6016-byte region [ffff8880103e32c0, ffff8880103e4a40)
The buggy address belongs to the page:
page:ffffea000040f800 refcount:1 mapcount:0 mapping:ffff8880108da5c0
index:0xffff8880103e4c00 compound_mapcount: 0
raw: 4000000000010200 ffffea00001f2208 ffffea00001e3408 ffff8880108da5c0
raw: ffff8880103e4c00 0000000000050003 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffff8880103e3900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff8880103e3980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff8880103e3a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^
ffff8880103e3a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff8880103e3b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
This can be reliably reproduced by adding the below delay to
cifs_reconnect(), running find(1) on the mount, restarting the samba
server while find is running, and killing find during the delay:
spin_unlock(&GlobalMid_Lock);
mutex_unlock(&server->srv_mutex);
+ msleep(10000);
+
cifs_dbg(FYI, "%s: issuing mid callbacks\n", __func__);
list_for_each_safe(tmp, tmp2, &retry_list) {
mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
Fix this by holding a reference to the task struct until the MID is
freed.
Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2020-01-24 00:09:06 +08:00
|
|
|
get_task_struct(current);
|
|
|
|
temp->creator = current;
|
2017-04-10 10:08:53 +08:00
|
|
|
temp->callback = cifs_wake_up_task;
|
|
|
|
temp->callback_data = current;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2022-07-16 12:45:45 +08:00
|
|
|
atomic_inc(&mid_count);
|
2012-03-24 02:28:03 +08:00
|
|
|
temp->mid_state = MID_REQUEST_ALLOCATED;
|
2005-04-17 06:20:36 +08:00
|
|
|
return temp;
|
|
|
|
}
|
|
|
|
|
2022-08-05 22:47:38 +08:00
|
|
|
static void __release_mid(struct kref *refcount)
|
2018-06-25 20:05:25 +08:00
|
|
|
{
|
2019-10-22 23:41:42 +08:00
|
|
|
struct mid_q_entry *midEntry =
|
|
|
|
container_of(refcount, struct mid_q_entry, refcount);
|
2005-10-12 10:58:06 +08:00
|
|
|
#ifdef CONFIG_CIFS_STATS2
|
2011-12-27 02:53:34 +08:00
|
|
|
__le16 command = midEntry->server->vals->lock_cmd;
|
2019-03-27 02:53:21 +08:00
|
|
|
__u16 smb_cmd = le16_to_cpu(midEntry->command);
|
2005-10-12 10:58:06 +08:00
|
|
|
unsigned long now;
|
2019-03-27 02:53:21 +08:00
|
|
|
unsigned long roundtrip_time;
|
2005-10-12 10:58:06 +08:00
|
|
|
#endif
|
2019-11-22 03:35:14 +08:00
|
|
|
struct TCP_Server_Info *server = midEntry->server;
|
|
|
|
|
|
|
|
if (midEntry->resp_buf && (midEntry->mid_flags & MID_WAIT_CANCELLED) &&
|
|
|
|
midEntry->mid_state == MID_RESPONSE_RECEIVED &&
|
|
|
|
server->ops->handle_cancelled_mid)
|
2021-03-08 23:00:50 +08:00
|
|
|
server->ops->handle_cancelled_mid(midEntry, server);
|
2019-11-22 03:35:14 +08:00
|
|
|
|
2012-03-24 02:28:03 +08:00
|
|
|
midEntry->mid_state = MID_FREE;
|
2022-07-16 12:45:45 +08:00
|
|
|
atomic_dec(&mid_count);
|
2012-03-24 02:28:03 +08:00
|
|
|
if (midEntry->large_buf)
|
2005-04-29 13:41:07 +08:00
|
|
|
cifs_buf_release(midEntry->resp_buf);
|
|
|
|
else
|
|
|
|
cifs_small_buf_release(midEntry->resp_buf);
|
2005-10-12 10:58:06 +08:00
|
|
|
#ifdef CONFIG_CIFS_STATS2
|
|
|
|
now = jiffies;
|
2019-03-27 02:53:21 +08:00
|
|
|
if (now < midEntry->when_alloc)
|
2020-04-15 13:42:53 +08:00
|
|
|
cifs_server_dbg(VFS, "Invalid mid allocation time\n");
|
2019-03-27 02:53:21 +08:00
|
|
|
roundtrip_time = now - midEntry->when_alloc;
|
|
|
|
|
|
|
|
if (smb_cmd < NUMBER_OF_SMB2_COMMANDS) {
|
|
|
|
if (atomic_read(&server->num_cmds[smb_cmd]) == 0) {
|
|
|
|
server->slowest_cmd[smb_cmd] = roundtrip_time;
|
|
|
|
server->fastest_cmd[smb_cmd] = roundtrip_time;
|
|
|
|
} else {
|
|
|
|
if (server->slowest_cmd[smb_cmd] < roundtrip_time)
|
|
|
|
server->slowest_cmd[smb_cmd] = roundtrip_time;
|
|
|
|
else if (server->fastest_cmd[smb_cmd] > roundtrip_time)
|
|
|
|
server->fastest_cmd[smb_cmd] = roundtrip_time;
|
|
|
|
}
|
|
|
|
cifs_stats_inc(&server->num_cmds[smb_cmd]);
|
|
|
|
server->time_per_cmd[smb_cmd] += roundtrip_time;
|
|
|
|
}
|
2018-09-19 03:05:18 +08:00
|
|
|
/*
|
|
|
|
* commands taking longer than one second (default) can be indications
|
|
|
|
* that something is wrong, unless it is quite a slow link or a very
|
|
|
|
* busy server. Note that this calc is unlikely or impossible to wrap
|
|
|
|
* as long as slow_rsp_threshold is not set way above recommended max
|
|
|
|
* value (32767 ie 9 hours) and is generally harmless even if wrong
|
|
|
|
* since only affects debug counters - so leaving the calc as simple
|
|
|
|
* comparison rather than doing multiple conversions and overflow
|
|
|
|
* checks
|
|
|
|
*/
|
|
|
|
if ((slow_rsp_threshold != 0) &&
|
|
|
|
time_after(now, midEntry->when_alloc + (slow_rsp_threshold * HZ)) &&
|
2018-08-02 05:38:07 +08:00
|
|
|
(midEntry->command != command)) {
|
2018-11-14 15:37:39 +08:00
|
|
|
/*
|
|
|
|
* smb2slowcmd[NUMBER_OF_SMB2_COMMANDS] counts by command
|
|
|
|
* NB: le16_to_cpu returns unsigned so can not be negative below
|
|
|
|
*/
|
2019-03-27 02:53:21 +08:00
|
|
|
if (smb_cmd < NUMBER_OF_SMB2_COMMANDS)
|
|
|
|
cifs_stats_inc(&server->smb2slowcmd[smb_cmd]);
|
2018-08-04 18:24:34 +08:00
|
|
|
|
2019-03-27 02:53:21 +08:00
|
|
|
trace_smb3_slow_rsp(smb_cmd, midEntry->mid, midEntry->pid,
|
2018-08-02 05:38:07 +08:00
|
|
|
midEntry->when_sent, midEntry->when_received);
|
|
|
|
if (cifsFYI & CIFS_TIMER) {
|
2020-04-15 13:42:53 +08:00
|
|
|
pr_debug("slow rsp: cmd %d mid %llu",
|
|
|
|
midEntry->command, midEntry->mid);
|
|
|
|
cifs_info("A: 0x%lx S: 0x%lx R: 0x%lx\n",
|
|
|
|
now - midEntry->when_alloc,
|
|
|
|
now - midEntry->when_sent,
|
|
|
|
now - midEntry->when_received);
|
2005-10-12 10:58:06 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
CIFS: Fix task struct use-after-free on reconnect
The task which created the MID may be gone by the time cifsd attempts to
call the callbacks on MIDs from cifs_reconnect().
This leads to a use-after-free of the task struct in cifs_wake_up_task:
==================================================================
BUG: KASAN: use-after-free in __lock_acquire+0x31a0/0x3270
Read of size 8 at addr ffff8880103e3a68 by task cifsd/630
CPU: 0 PID: 630 Comm: cifsd Not tainted 5.5.0-rc6+ #119
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
Call Trace:
dump_stack+0x8e/0xcb
print_address_description.constprop.5+0x1d3/0x3c0
? __lock_acquire+0x31a0/0x3270
__kasan_report+0x152/0x1aa
? __lock_acquire+0x31a0/0x3270
? __lock_acquire+0x31a0/0x3270
kasan_report+0xe/0x20
__lock_acquire+0x31a0/0x3270
? __wake_up_common+0x1dc/0x630
? _raw_spin_unlock_irqrestore+0x4c/0x60
? mark_held_locks+0xf0/0xf0
? _raw_spin_unlock_irqrestore+0x39/0x60
? __wake_up_common_lock+0xd5/0x130
? __wake_up_common+0x630/0x630
lock_acquire+0x13f/0x330
? try_to_wake_up+0xa3/0x19e0
_raw_spin_lock_irqsave+0x38/0x50
? try_to_wake_up+0xa3/0x19e0
try_to_wake_up+0xa3/0x19e0
? cifs_compound_callback+0x178/0x210
? set_cpus_allowed_ptr+0x10/0x10
cifs_reconnect+0xa1c/0x15d0
? generic_ip_connect+0x1860/0x1860
? rwlock_bug.part.0+0x90/0x90
cifs_readv_from_socket+0x479/0x690
cifs_read_from_socket+0x9d/0xe0
? cifs_readv_from_socket+0x690/0x690
? mempool_resize+0x690/0x690
? rwlock_bug.part.0+0x90/0x90
? memset+0x1f/0x40
? allocate_buffers+0xff/0x340
cifs_demultiplex_thread+0x388/0x2a50
? cifs_handle_standard+0x610/0x610
? rcu_read_lock_held_common+0x120/0x120
? mark_lock+0x11b/0xc00
? __lock_acquire+0x14ed/0x3270
? __kthread_parkme+0x78/0x100
? lockdep_hardirqs_on+0x3e8/0x560
? lock_downgrade+0x6a0/0x6a0
? lockdep_hardirqs_on+0x3e8/0x560
? _raw_spin_unlock_irqrestore+0x39/0x60
? cifs_handle_standard+0x610/0x610
kthread+0x2bb/0x3a0
? kthread_create_worker_on_cpu+0xc0/0xc0
ret_from_fork+0x3a/0x50
Allocated by task 649:
save_stack+0x19/0x70
__kasan_kmalloc.constprop.5+0xa6/0xf0
kmem_cache_alloc+0x107/0x320
copy_process+0x17bc/0x5370
_do_fork+0x103/0xbf0
__x64_sys_clone+0x168/0x1e0
do_syscall_64+0x9b/0xec0
entry_SYSCALL_64_after_hwframe+0x49/0xbe
Freed by task 0:
save_stack+0x19/0x70
__kasan_slab_free+0x11d/0x160
kmem_cache_free+0xb5/0x3d0
rcu_core+0x52f/0x1230
__do_softirq+0x24d/0x962
The buggy address belongs to the object at ffff8880103e32c0
which belongs to the cache task_struct of size 6016
The buggy address is located 1960 bytes inside of
6016-byte region [ffff8880103e32c0, ffff8880103e4a40)
The buggy address belongs to the page:
page:ffffea000040f800 refcount:1 mapcount:0 mapping:ffff8880108da5c0
index:0xffff8880103e4c00 compound_mapcount: 0
raw: 4000000000010200 ffffea00001f2208 ffffea00001e3408 ffff8880108da5c0
raw: ffff8880103e4c00 0000000000050003 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffff8880103e3900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff8880103e3980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff8880103e3a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^
ffff8880103e3a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff8880103e3b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
This can be reliably reproduced by adding the below delay to
cifs_reconnect(), running find(1) on the mount, restarting the samba
server while find is running, and killing find during the delay:
spin_unlock(&GlobalMid_Lock);
mutex_unlock(&server->srv_mutex);
+ msleep(10000);
+
cifs_dbg(FYI, "%s: issuing mid callbacks\n", __func__);
list_for_each_safe(tmp, tmp2, &retry_list) {
mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
Fix this by holding a reference to the task struct until the MID is
freed.
Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2020-01-24 00:09:06 +08:00
|
|
|
put_task_struct(midEntry->creator);
|
2019-10-22 23:41:42 +08:00
|
|
|
|
|
|
|
mempool_free(midEntry, cifs_mid_poolp);
|
|
|
|
}
|
|
|
|
|
2022-08-05 22:47:38 +08:00
|
|
|
void release_mid(struct mid_q_entry *mid)
|
2019-10-22 23:41:42 +08:00
|
|
|
{
|
2022-08-05 22:47:38 +08:00
|
|
|
struct TCP_Server_Info *server = mid->server;
|
2022-07-28 03:49:56 +08:00
|
|
|
|
|
|
|
spin_lock(&server->mid_lock);
|
2022-08-05 22:47:38 +08:00
|
|
|
kref_put(&mid->refcount, __release_mid);
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2019-10-22 23:41:42 +08:00
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:30 +08:00
|
|
|
void
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(struct mid_q_entry *mid)
|
2011-01-11 20:24:02 +08:00
|
|
|
{
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&mid->server->mid_lock);
|
2019-10-22 23:41:42 +08:00
|
|
|
if (!(mid->mid_flags & MID_DELETED)) {
|
|
|
|
list_del_init(&mid->qhead);
|
|
|
|
mid->mid_flags |= MID_DELETED;
|
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&mid->server->mid_lock);
|
2011-01-11 20:24:02 +08:00
|
|
|
|
2022-08-05 22:47:38 +08:00
|
|
|
release_mid(mid);
|
2011-01-11 20:24:02 +08:00
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:34 +08:00
|
|
|
/*
|
|
|
|
* smb_send_kvec - send an array of kvecs to the server
|
|
|
|
* @server: Server to send the data to
|
2015-11-13 15:36:04 +08:00
|
|
|
* @smb_msg: Message to send
|
2012-09-19 07:20:34 +08:00
|
|
|
* @sent: amount of data sent on socket is stored here
|
|
|
|
*
|
|
|
|
* Our basic "send data to server" function. Should be called with srv_mutex
|
|
|
|
* held. The caller is responsible for handling the results.
|
|
|
|
*/
|
2005-06-14 02:24:43 +08:00
|
|
|
static int
|
2015-11-13 15:36:04 +08:00
|
|
|
smb_send_kvec(struct TCP_Server_Info *server, struct msghdr *smb_msg,
|
|
|
|
size_t *sent)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
|
|
|
int rc = 0;
|
2015-11-13 15:36:04 +08:00
|
|
|
int retries = 0;
|
2008-10-29 08:47:57 +08:00
|
|
|
struct socket *ssocket = server->ssocket;
|
2007-07-13 08:33:32 +08:00
|
|
|
|
2012-09-19 07:20:34 +08:00
|
|
|
*sent = 0;
|
|
|
|
|
2008-12-31 01:39:16 +08:00
|
|
|
if (server->noblocksnd)
|
2015-11-13 15:36:04 +08:00
|
|
|
smb_msg->msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
|
2008-10-29 08:47:57 +08:00
|
|
|
else
|
2015-11-13 15:36:04 +08:00
|
|
|
smb_msg->msg_flags = MSG_NOSIGNAL;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2015-11-13 15:36:04 +08:00
|
|
|
while (msg_data_left(smb_msg)) {
|
2012-09-19 07:20:34 +08:00
|
|
|
/*
|
|
|
|
* If blocking send, we try 3 times, since each can block
|
|
|
|
* for 5 seconds. For nonblocking we have to try more
|
|
|
|
* but wait increasing amounts of time allowing time for
|
|
|
|
* socket to clear. The overall time we wait in either
|
|
|
|
* case to send on the socket is about 15 seconds.
|
|
|
|
* Similarly we wait for 15 seconds for a response from
|
|
|
|
* the server in SendReceive[2] for the server to send
|
|
|
|
* a response back for most types of requests (except
|
|
|
|
* SMB Write past end of file which can be slow, and
|
|
|
|
* blocking lock operations). NFS waits slightly longer
|
|
|
|
* than CIFS, but this can make it take longer for
|
|
|
|
* nonresponsive servers to be detected and 15 seconds
|
|
|
|
* is more than enough time for modern networks to
|
|
|
|
* send a packet. In most cases if we fail to send
|
|
|
|
* after the retries we will kill the socket and
|
|
|
|
* reconnect which may clear the network problem.
|
|
|
|
*/
|
2015-11-13 15:36:04 +08:00
|
|
|
rc = sock_sendmsg(ssocket, smb_msg);
|
2013-03-22 20:36:45 +08:00
|
|
|
if (rc == -EAGAIN) {
|
2015-11-13 15:36:04 +08:00
|
|
|
retries++;
|
|
|
|
if (retries >= 14 ||
|
|
|
|
(!server->noblocksnd && (retries > 2))) {
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "sends on sock %p stuck for 15 seconds\n",
|
2013-05-05 11:12:25 +08:00
|
|
|
ssocket);
|
2015-11-13 15:36:04 +08:00
|
|
|
return -EAGAIN;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2015-11-13 15:36:04 +08:00
|
|
|
msleep(1 << retries);
|
2005-04-17 06:20:36 +08:00
|
|
|
continue;
|
|
|
|
}
|
2012-09-19 07:20:34 +08:00
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
if (rc < 0)
|
2015-11-13 15:36:04 +08:00
|
|
|
return rc;
|
2012-09-19 07:20:34 +08:00
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
if (rc == 0) {
|
2005-10-04 04:37:24 +08:00
|
|
|
/* should never happen, letting socket clear before
|
|
|
|
retrying is our only obvious option here */
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "tcp sent no data\n");
|
2005-10-04 04:37:24 +08:00
|
|
|
msleep(500);
|
|
|
|
continue;
|
2005-06-14 02:24:43 +08:00
|
|
|
}
|
2012-09-19 07:20:34 +08:00
|
|
|
|
2015-11-13 15:36:04 +08:00
|
|
|
/* send was at least partially successful */
|
|
|
|
*sent += rc;
|
|
|
|
retries = 0; /* in case we get ENOSPC on the next send */
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2015-11-13 15:36:04 +08:00
|
|
|
return 0;
|
2012-09-19 07:20:35 +08:00
|
|
|
}
|
|
|
|
|
2018-06-15 21:22:44 +08:00
|
|
|
unsigned long
|
2018-06-28 08:47:14 +08:00
|
|
|
smb_rqst_len(struct TCP_Server_Info *server, struct smb_rqst *rqst)
|
2014-02-14 20:21:00 +08:00
|
|
|
{
|
|
|
|
unsigned int i;
|
2018-06-15 21:22:44 +08:00
|
|
|
struct kvec *iov;
|
|
|
|
int nvec;
|
2014-02-14 20:21:00 +08:00
|
|
|
unsigned long buflen = 0;
|
|
|
|
|
2022-08-23 20:52:02 +08:00
|
|
|
if (!is_smb1(server) && rqst->rq_nvec >= 2 &&
|
2022-08-23 20:52:00 +08:00
|
|
|
rqst->rq_iov[0].iov_len == 4) {
|
2018-06-15 21:22:44 +08:00
|
|
|
iov = &rqst->rq_iov[1];
|
|
|
|
nvec = rqst->rq_nvec - 1;
|
|
|
|
} else {
|
|
|
|
iov = rqst->rq_iov;
|
|
|
|
nvec = rqst->rq_nvec;
|
|
|
|
}
|
|
|
|
|
2014-02-14 20:21:00 +08:00
|
|
|
/* total up iov array first */
|
2018-06-15 21:22:44 +08:00
|
|
|
for (i = 0; i < nvec; i++)
|
2014-02-14 20:21:00 +08:00
|
|
|
buflen += iov[i].iov_len;
|
|
|
|
|
cifs: Change the I/O paths to use an iterator rather than a page list
Currently, the cifs I/O paths hand lists of pages from the VM interface
routines at the top all the way through the intervening layers to the
socket interface at the bottom.
This is a problem, however, for interfacing with netfslib which passes an
iterator through to the ->issue_read() method (and will pass an iterator
through to the ->issue_write() method in future). Netfslib takes over
bounce buffering for direct I/O, async I/O and encrypted content, so cifs
doesn't need to do that. Netfslib also converts IOVEC-type iterators into
BVEC-type iterators if necessary.
Further, cifs needs foliating - and folios may come in a variety of sizes,
so a page list pointing to an array of heterogeneous pages may cause
problems in places such as where crypto is done.
Change the cifs I/O paths to hand iov_iter iterators all the way through
instead.
Notes:
(1) Some old routines are #if'd out to be removed in a follow up patch so
as to avoid confusing diff, thereby making the diff output easier to
follow. I've removed functions that don't overlap with anything
added.
(2) struct smb_rqst loses rq_pages, rq_offset, rq_npages, rq_pagesz and
rq_tailsz which describe the pages forming the buffer; instead there's
an rq_iter describing the source buffer and an rq_buffer which is used
to hold the buffer for encryption.
(3) struct cifs_readdata and cifs_writedata are similarly modified to
smb_rqst. The ->read_into_pages() and ->copy_into_pages() are then
replaced with passing the iterator directly to the socket.
The iterators are stored in these structs so that they are persistent
and don't get deallocated when the function returns (unlike if they
were stack variables).
(4) Buffered writeback is overhauled, borrowing the code from the afs
filesystem to gather up contiguous runs of folios. The XARRAY-type
iterator is then used to refer directly to the pagecache and can be
passed to the socket to transmit data directly from there.
This includes:
cifs_extend_writeback()
cifs_write_back_from_locked_folio()
cifs_writepages_region()
cifs_writepages()
(5) Pages are converted to folios.
(6) Direct I/O uses netfs_extract_user_iter() to create a BVEC-type
iterator from an IOBUF/UBUF-type source iterator.
(7) smb2_get_aead_req() uses netfs_extract_iter_to_sg() to extract page
fragments from the iterator into the scatterlists that the crypto
layer prefers.
(8) smb2_init_transform_rq() attached pages to smb_rqst::rq_buffer, an
xarray, to use as a bounce buffer for encryption. An XARRAY-type
iterator can then be used to pass the bounce buffer to lower layers.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Shyam Prasad N <nspmangalore@gmail.com>
cc: Rohith Surabattula <rohiths.msft@gmail.com>
cc: Paulo Alcantara <pc@cjr.nz>
cc: Jeff Layton <jlayton@kernel.org>
cc: linux-cifs@vger.kernel.org
Link: https://lore.kernel.org/r/164311907995.2806745.400147335497304099.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/164928620163.457102.11602306234438271112.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165211420279.3154751.15923591172438186144.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165348880385.2106726.3220789453472800240.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165364827111.3334034.934805882842932881.stgit@warthog.procyon.org.uk/ # v3
Link: https://lore.kernel.org/r/166126396180.708021.271013668175370826.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/166697259595.61150.5982032408321852414.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/166732031756.3186319.12528413619888902872.stgit@warthog.procyon.org.uk/ # rfc
Signed-off-by: Steve French <stfrench@microsoft.com>
2022-01-25 05:13:24 +08:00
|
|
|
buflen += iov_iter_count(&rqst->rq_iter);
|
2014-02-14 20:21:00 +08:00
|
|
|
return buflen;
|
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:34 +08:00
|
|
|
static int
|
2018-06-12 06:01:00 +08:00
|
|
|
__smb_send_rqst(struct TCP_Server_Info *server, int num_rqst,
|
|
|
|
struct smb_rqst *rqst)
|
2012-09-19 07:20:34 +08:00
|
|
|
{
|
2018-06-12 06:01:00 +08:00
|
|
|
int rc = 0;
|
|
|
|
struct kvec *iov;
|
|
|
|
int n_vec;
|
|
|
|
unsigned int send_length = 0;
|
|
|
|
unsigned int i, j;
|
2019-03-06 07:51:57 +08:00
|
|
|
sigset_t mask, oldmask;
|
2015-11-13 15:36:04 +08:00
|
|
|
size_t total_len = 0, sent, size;
|
2012-09-19 07:20:35 +08:00
|
|
|
struct socket *ssocket = server->ssocket;
|
2022-09-14 11:25:47 +08:00
|
|
|
struct msghdr smb_msg = {};
|
2018-06-12 06:00:58 +08:00
|
|
|
__be32 rfc1002_marker;
|
|
|
|
|
2019-10-17 04:51:56 +08:00
|
|
|
if (cifs_rdma_enabled(server)) {
|
|
|
|
/* return -EAGAIN when connecting or reconnecting */
|
|
|
|
rc = -EAGAIN;
|
|
|
|
if (server->smbd_conn)
|
|
|
|
rc = smbd_send(server, num_rqst, rqst);
|
2017-11-23 08:38:43 +08:00
|
|
|
goto smbd_done;
|
|
|
|
}
|
2019-03-06 07:51:56 +08:00
|
|
|
|
2012-12-27 20:28:55 +08:00
|
|
|
if (ssocket == NULL)
|
2019-03-06 07:51:56 +08:00
|
|
|
return -EAGAIN;
|
2012-12-27 20:28:55 +08:00
|
|
|
|
2021-01-21 06:22:48 +08:00
|
|
|
if (fatal_signal_pending(current)) {
|
2020-11-29 02:57:06 +08:00
|
|
|
cifs_dbg(FYI, "signal pending before send request\n");
|
|
|
|
return -ERESTARTSYS;
|
2019-03-06 07:51:57 +08:00
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:35 +08:00
|
|
|
/* cork the socket */
|
2020-05-28 13:12:18 +08:00
|
|
|
tcp_sock_set_cork(ssocket->sk, true);
|
2012-09-19 07:20:35 +08:00
|
|
|
|
2018-06-12 06:01:00 +08:00
|
|
|
for (j = 0; j < num_rqst; j++)
|
2018-06-28 08:47:14 +08:00
|
|
|
send_length += smb_rqst_len(server, &rqst[j]);
|
2018-06-12 06:01:00 +08:00
|
|
|
rfc1002_marker = cpu_to_be32(send_length);
|
|
|
|
|
2019-03-06 07:51:57 +08:00
|
|
|
/*
|
|
|
|
* We should not allow signals to interrupt the network send because
|
|
|
|
* any partial send will cause session reconnects thus increasing
|
|
|
|
* latency of system calls and overload a server with unnecessary
|
|
|
|
* requests.
|
|
|
|
*/
|
|
|
|
|
|
|
|
sigfillset(&mask);
|
|
|
|
sigprocmask(SIG_BLOCK, &mask, &oldmask);
|
|
|
|
|
2018-06-12 06:00:58 +08:00
|
|
|
/* Generate a rfc1002 marker for SMB2+ */
|
2022-08-23 20:52:02 +08:00
|
|
|
if (!is_smb1(server)) {
|
2018-06-12 06:00:58 +08:00
|
|
|
struct kvec hiov = {
|
|
|
|
.iov_base = &rfc1002_marker,
|
|
|
|
.iov_len = 4
|
|
|
|
};
|
2022-09-16 08:25:47 +08:00
|
|
|
iov_iter_kvec(&smb_msg.msg_iter, ITER_SOURCE, &hiov, 1, 4);
|
2018-06-12 06:00:58 +08:00
|
|
|
rc = smb_send_kvec(server, &smb_msg, &sent);
|
|
|
|
if (rc < 0)
|
2019-03-06 07:51:57 +08:00
|
|
|
goto unmask;
|
2018-06-12 06:00:58 +08:00
|
|
|
|
|
|
|
total_len += sent;
|
|
|
|
send_length += 4;
|
|
|
|
}
|
|
|
|
|
2018-06-15 04:34:08 +08:00
|
|
|
cifs_dbg(FYI, "Sending smb: smb_len=%u\n", send_length);
|
|
|
|
|
2018-06-12 06:01:00 +08:00
|
|
|
for (j = 0; j < num_rqst; j++) {
|
|
|
|
iov = rqst[j].rq_iov;
|
|
|
|
n_vec = rqst[j].rq_nvec;
|
2015-11-13 15:36:04 +08:00
|
|
|
|
2018-06-12 06:01:00 +08:00
|
|
|
size = 0;
|
2018-06-15 04:34:08 +08:00
|
|
|
for (i = 0; i < n_vec; i++) {
|
|
|
|
dump_smb(iov[i].iov_base, iov[i].iov_len);
|
2018-06-12 06:01:00 +08:00
|
|
|
size += iov[i].iov_len;
|
2018-06-15 04:34:08 +08:00
|
|
|
}
|
2012-09-19 07:20:35 +08:00
|
|
|
|
2022-09-16 08:25:47 +08:00
|
|
|
iov_iter_kvec(&smb_msg.msg_iter, ITER_SOURCE, iov, n_vec, size);
|
2012-09-19 07:20:35 +08:00
|
|
|
|
2015-11-13 15:36:04 +08:00
|
|
|
rc = smb_send_kvec(server, &smb_msg, &sent);
|
2012-09-19 07:20:35 +08:00
|
|
|
if (rc < 0)
|
2019-03-06 07:51:57 +08:00
|
|
|
goto unmask;
|
2012-09-19 07:20:35 +08:00
|
|
|
|
|
|
|
total_len += sent;
|
2018-06-12 06:01:00 +08:00
|
|
|
|
cifs: Change the I/O paths to use an iterator rather than a page list
Currently, the cifs I/O paths hand lists of pages from the VM interface
routines at the top all the way through the intervening layers to the
socket interface at the bottom.
This is a problem, however, for interfacing with netfslib which passes an
iterator through to the ->issue_read() method (and will pass an iterator
through to the ->issue_write() method in future). Netfslib takes over
bounce buffering for direct I/O, async I/O and encrypted content, so cifs
doesn't need to do that. Netfslib also converts IOVEC-type iterators into
BVEC-type iterators if necessary.
Further, cifs needs foliating - and folios may come in a variety of sizes,
so a page list pointing to an array of heterogeneous pages may cause
problems in places such as where crypto is done.
Change the cifs I/O paths to hand iov_iter iterators all the way through
instead.
Notes:
(1) Some old routines are #if'd out to be removed in a follow up patch so
as to avoid confusing diff, thereby making the diff output easier to
follow. I've removed functions that don't overlap with anything
added.
(2) struct smb_rqst loses rq_pages, rq_offset, rq_npages, rq_pagesz and
rq_tailsz which describe the pages forming the buffer; instead there's
an rq_iter describing the source buffer and an rq_buffer which is used
to hold the buffer for encryption.
(3) struct cifs_readdata and cifs_writedata are similarly modified to
smb_rqst. The ->read_into_pages() and ->copy_into_pages() are then
replaced with passing the iterator directly to the socket.
The iterators are stored in these structs so that they are persistent
and don't get deallocated when the function returns (unlike if they
were stack variables).
(4) Buffered writeback is overhauled, borrowing the code from the afs
filesystem to gather up contiguous runs of folios. The XARRAY-type
iterator is then used to refer directly to the pagecache and can be
passed to the socket to transmit data directly from there.
This includes:
cifs_extend_writeback()
cifs_write_back_from_locked_folio()
cifs_writepages_region()
cifs_writepages()
(5) Pages are converted to folios.
(6) Direct I/O uses netfs_extract_user_iter() to create a BVEC-type
iterator from an IOBUF/UBUF-type source iterator.
(7) smb2_get_aead_req() uses netfs_extract_iter_to_sg() to extract page
fragments from the iterator into the scatterlists that the crypto
layer prefers.
(8) smb2_init_transform_rq() attached pages to smb_rqst::rq_buffer, an
xarray, to use as a bounce buffer for encryption. An XARRAY-type
iterator can then be used to pass the bounce buffer to lower layers.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Shyam Prasad N <nspmangalore@gmail.com>
cc: Rohith Surabattula <rohiths.msft@gmail.com>
cc: Paulo Alcantara <pc@cjr.nz>
cc: Jeff Layton <jlayton@kernel.org>
cc: linux-cifs@vger.kernel.org
Link: https://lore.kernel.org/r/164311907995.2806745.400147335497304099.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/164928620163.457102.11602306234438271112.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165211420279.3154751.15923591172438186144.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165348880385.2106726.3220789453472800240.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165364827111.3334034.934805882842932881.stgit@warthog.procyon.org.uk/ # v3
Link: https://lore.kernel.org/r/166126396180.708021.271013668175370826.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/166697259595.61150.5982032408321852414.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/166732031756.3186319.12528413619888902872.stgit@warthog.procyon.org.uk/ # rfc
Signed-off-by: Steve French <stfrench@microsoft.com>
2022-01-25 05:13:24 +08:00
|
|
|
if (iov_iter_count(&rqst[j].rq_iter) > 0) {
|
|
|
|
smb_msg.msg_iter = rqst[j].rq_iter;
|
2018-06-12 06:01:00 +08:00
|
|
|
rc = smb_send_kvec(server, &smb_msg, &sent);
|
|
|
|
if (rc < 0)
|
|
|
|
break;
|
|
|
|
total_len += sent;
|
|
|
|
}
|
cifs: Change the I/O paths to use an iterator rather than a page list
Currently, the cifs I/O paths hand lists of pages from the VM interface
routines at the top all the way through the intervening layers to the
socket interface at the bottom.
This is a problem, however, for interfacing with netfslib which passes an
iterator through to the ->issue_read() method (and will pass an iterator
through to the ->issue_write() method in future). Netfslib takes over
bounce buffering for direct I/O, async I/O and encrypted content, so cifs
doesn't need to do that. Netfslib also converts IOVEC-type iterators into
BVEC-type iterators if necessary.
Further, cifs needs foliating - and folios may come in a variety of sizes,
so a page list pointing to an array of heterogeneous pages may cause
problems in places such as where crypto is done.
Change the cifs I/O paths to hand iov_iter iterators all the way through
instead.
Notes:
(1) Some old routines are #if'd out to be removed in a follow up patch so
as to avoid confusing diff, thereby making the diff output easier to
follow. I've removed functions that don't overlap with anything
added.
(2) struct smb_rqst loses rq_pages, rq_offset, rq_npages, rq_pagesz and
rq_tailsz which describe the pages forming the buffer; instead there's
an rq_iter describing the source buffer and an rq_buffer which is used
to hold the buffer for encryption.
(3) struct cifs_readdata and cifs_writedata are similarly modified to
smb_rqst. The ->read_into_pages() and ->copy_into_pages() are then
replaced with passing the iterator directly to the socket.
The iterators are stored in these structs so that they are persistent
and don't get deallocated when the function returns (unlike if they
were stack variables).
(4) Buffered writeback is overhauled, borrowing the code from the afs
filesystem to gather up contiguous runs of folios. The XARRAY-type
iterator is then used to refer directly to the pagecache and can be
passed to the socket to transmit data directly from there.
This includes:
cifs_extend_writeback()
cifs_write_back_from_locked_folio()
cifs_writepages_region()
cifs_writepages()
(5) Pages are converted to folios.
(6) Direct I/O uses netfs_extract_user_iter() to create a BVEC-type
iterator from an IOBUF/UBUF-type source iterator.
(7) smb2_get_aead_req() uses netfs_extract_iter_to_sg() to extract page
fragments from the iterator into the scatterlists that the crypto
layer prefers.
(8) smb2_init_transform_rq() attached pages to smb_rqst::rq_buffer, an
xarray, to use as a bounce buffer for encryption. An XARRAY-type
iterator can then be used to pass the bounce buffer to lower layers.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Shyam Prasad N <nspmangalore@gmail.com>
cc: Rohith Surabattula <rohiths.msft@gmail.com>
cc: Paulo Alcantara <pc@cjr.nz>
cc: Jeff Layton <jlayton@kernel.org>
cc: linux-cifs@vger.kernel.org
Link: https://lore.kernel.org/r/164311907995.2806745.400147335497304099.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/164928620163.457102.11602306234438271112.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165211420279.3154751.15923591172438186144.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165348880385.2106726.3220789453472800240.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165364827111.3334034.934805882842932881.stgit@warthog.procyon.org.uk/ # v3
Link: https://lore.kernel.org/r/166126396180.708021.271013668175370826.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/166697259595.61150.5982032408321852414.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/166732031756.3186319.12528413619888902872.stgit@warthog.procyon.org.uk/ # rfc
Signed-off-by: Steve French <stfrench@microsoft.com>
2022-01-25 05:13:24 +08:00
|
|
|
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2019-03-06 07:51:57 +08:00
|
|
|
unmask:
|
|
|
|
sigprocmask(SIG_SETMASK, &oldmask, NULL);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If signal is pending but we have already sent the whole packet to
|
|
|
|
* the server we need to return success status to allow a corresponding
|
|
|
|
* mid entry to be kept in the pending requests queue thus allowing
|
|
|
|
* to handle responses from the server by the client.
|
|
|
|
*
|
|
|
|
* If only part of the packet has been sent there is no need to hide
|
|
|
|
* interrupt because the session will be reconnected anyway, so there
|
|
|
|
* won't be any response from the server to handle.
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (signal_pending(current) && (total_len != send_length)) {
|
|
|
|
cifs_dbg(FYI, "signal is pending after attempt to send\n");
|
2021-01-21 06:22:48 +08:00
|
|
|
rc = -ERESTARTSYS;
|
2019-03-06 07:51:57 +08:00
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:35 +08:00
|
|
|
/* uncork it */
|
2020-05-28 13:12:18 +08:00
|
|
|
tcp_sock_set_cork(ssocket->sk, false);
|
2012-09-19 07:20:35 +08:00
|
|
|
|
2018-06-12 06:00:58 +08:00
|
|
|
if ((total_len > 0) && (total_len != send_length)) {
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(FYI, "partial send (wanted=%u sent=%zu): terminating session\n",
|
2018-06-12 06:00:58 +08:00
|
|
|
send_length, total_len);
|
2012-09-19 07:20:34 +08:00
|
|
|
/*
|
|
|
|
* If we have only sent part of an SMB then the next SMB could
|
|
|
|
* be taken as the remainder of this one. We need to kill the
|
|
|
|
* socket so the server throws away the partial SMB
|
|
|
|
*/
|
2022-02-15 21:55:40 +08:00
|
|
|
cifs_signal_cifsd_for_reconnect(server, false);
|
2018-07-31 08:23:09 +08:00
|
|
|
trace_smb3_partial_send_reconnect(server->CurrentMid,
|
2021-02-04 15:20:46 +08:00
|
|
|
server->conn_id, server->hostname);
|
2008-10-29 08:47:57 +08:00
|
|
|
}
|
2017-11-23 08:38:43 +08:00
|
|
|
smbd_done:
|
2011-01-29 04:05:43 +08:00
|
|
|
if (rc < 0 && rc != -EINTR)
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "Error %d sending data on socket to server\n",
|
2013-05-05 11:12:25 +08:00
|
|
|
rc);
|
2019-01-11 03:27:28 +08:00
|
|
|
else if (rc > 0)
|
2005-04-17 06:20:36 +08:00
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:34 +08:00
|
|
|
static int
|
2018-08-01 07:26:12 +08:00
|
|
|
smb_send_rqst(struct TCP_Server_Info *server, int num_rqst,
|
|
|
|
struct smb_rqst *rqst, int flags)
|
2012-09-19 07:20:34 +08:00
|
|
|
{
|
2018-08-01 07:26:11 +08:00
|
|
|
struct kvec iov;
|
2020-03-27 13:09:20 +08:00
|
|
|
struct smb2_transform_hdr *tr_hdr;
|
2018-08-01 07:26:11 +08:00
|
|
|
struct smb_rqst cur_rqst[MAX_COMPOUND];
|
2016-11-01 04:49:30 +08:00
|
|
|
int rc;
|
|
|
|
|
|
|
|
if (!(flags & CIFS_TRANSFORM_REQ))
|
2018-08-01 07:26:12 +08:00
|
|
|
return __smb_send_rqst(server, num_rqst, rqst);
|
|
|
|
|
|
|
|
if (num_rqst > MAX_COMPOUND - 1)
|
|
|
|
return -ENOMEM;
|
2016-11-01 04:49:30 +08:00
|
|
|
|
2018-08-01 07:26:11 +08:00
|
|
|
if (!server->ops->init_transform_rq) {
|
2020-04-15 13:42:53 +08:00
|
|
|
cifs_server_dbg(VFS, "Encryption requested but transform callback is missing\n");
|
2016-11-01 04:49:30 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
2012-09-19 07:20:34 +08:00
|
|
|
|
2022-04-18 18:26:26 +08:00
|
|
|
tr_hdr = kzalloc(sizeof(*tr_hdr), GFP_NOFS);
|
2020-03-27 13:09:20 +08:00
|
|
|
if (!tr_hdr)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
memset(&cur_rqst[0], 0, sizeof(cur_rqst));
|
|
|
|
memset(&iov, 0, sizeof(iov));
|
|
|
|
|
|
|
|
iov.iov_base = tr_hdr;
|
|
|
|
iov.iov_len = sizeof(*tr_hdr);
|
|
|
|
cur_rqst[0].rq_iov = &iov;
|
|
|
|
cur_rqst[0].rq_nvec = 1;
|
|
|
|
|
2018-08-01 07:26:12 +08:00
|
|
|
rc = server->ops->init_transform_rq(server, num_rqst + 1,
|
|
|
|
&cur_rqst[0], rqst);
|
2016-11-01 04:49:30 +08:00
|
|
|
if (rc)
|
2020-03-27 13:09:20 +08:00
|
|
|
goto out;
|
2016-11-01 04:49:30 +08:00
|
|
|
|
2018-08-01 07:26:12 +08:00
|
|
|
rc = __smb_send_rqst(server, num_rqst + 1, &cur_rqst[0]);
|
|
|
|
smb3_free_compound_rqst(num_rqst, &cur_rqst[1]);
|
2020-03-27 13:09:20 +08:00
|
|
|
out:
|
|
|
|
kfree(tr_hdr);
|
2016-11-01 04:49:30 +08:00
|
|
|
return rc;
|
2012-09-19 07:20:34 +08:00
|
|
|
}
|
|
|
|
|
2008-12-31 01:39:16 +08:00
|
|
|
int
|
|
|
|
smb_send(struct TCP_Server_Info *server, struct smb_hdr *smb_buffer,
|
|
|
|
unsigned int smb_buf_length)
|
|
|
|
{
|
2016-11-24 07:14:57 +08:00
|
|
|
struct kvec iov[2];
|
2016-11-01 04:49:30 +08:00
|
|
|
struct smb_rqst rqst = { .rq_iov = iov,
|
|
|
|
.rq_nvec = 2 };
|
2008-12-31 01:39:16 +08:00
|
|
|
|
2016-11-24 07:14:57 +08:00
|
|
|
iov[0].iov_base = smb_buffer;
|
|
|
|
iov[0].iov_len = 4;
|
|
|
|
iov[1].iov_base = (char *)smb_buffer + 4;
|
|
|
|
iov[1].iov_len = smb_buf_length;
|
2008-12-31 01:39:16 +08:00
|
|
|
|
2018-06-12 06:01:00 +08:00
|
|
|
return __smb_send_rqst(server, 1, &rqst);
|
2008-12-31 01:39:16 +08:00
|
|
|
}
|
|
|
|
|
2012-02-17 22:09:12 +08:00
|
|
|
static int
|
2019-03-08 10:58:20 +08:00
|
|
|
wait_for_free_credits(struct TCP_Server_Info *server, const int num_credits,
|
2019-03-08 10:58:22 +08:00
|
|
|
const int timeout, const int flags,
|
|
|
|
unsigned int *instance)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2020-07-02 08:55:41 +08:00
|
|
|
long rc;
|
2019-03-08 10:58:19 +08:00
|
|
|
int *credits;
|
|
|
|
int optype;
|
2019-03-08 10:58:22 +08:00
|
|
|
long int t;
|
2021-02-04 15:20:46 +08:00
|
|
|
int scredits, in_flight;
|
2019-03-08 10:58:22 +08:00
|
|
|
|
|
|
|
if (timeout < 0)
|
|
|
|
t = MAX_JIFFY_OFFSET;
|
|
|
|
else
|
|
|
|
t = msecs_to_jiffies(timeout);
|
2019-03-08 10:58:19 +08:00
|
|
|
|
|
|
|
optype = flags & CIFS_OP_MASK;
|
2012-02-22 00:56:08 +08:00
|
|
|
|
2019-01-17 03:22:29 +08:00
|
|
|
*instance = 0;
|
|
|
|
|
2019-03-08 10:58:19 +08:00
|
|
|
credits = server->ops->get_credits_field(server, optype);
|
|
|
|
/* Since an echo is already inflight, no need to wait to send another */
|
|
|
|
if (*credits <= 0 && optype == CIFS_ECHO_OP)
|
|
|
|
return -EAGAIN;
|
|
|
|
|
2012-02-17 22:09:12 +08:00
|
|
|
spin_lock(&server->req_lock);
|
2019-05-06 08:00:02 +08:00
|
|
|
if ((flags & CIFS_TIMEOUT_MASK) == CIFS_NON_BLOCKING) {
|
2005-04-17 06:20:36 +08:00
|
|
|
/* oplock breaks must not be held up */
|
2012-02-17 22:09:12 +08:00
|
|
|
server->in_flight++;
|
2019-09-10 11:57:11 +08:00
|
|
|
if (server->in_flight > server->max_in_flight)
|
|
|
|
server->max_in_flight = server->in_flight;
|
2012-03-15 18:22:27 +08:00
|
|
|
*credits -= 1;
|
2019-01-17 03:22:29 +08:00
|
|
|
*instance = server->reconnect_instance;
|
2021-02-04 15:20:46 +08:00
|
|
|
scredits = *credits;
|
|
|
|
in_flight = server->in_flight;
|
2012-02-17 22:09:12 +08:00
|
|
|
spin_unlock(&server->req_lock);
|
2021-02-04 15:20:46 +08:00
|
|
|
|
2022-03-17 22:28:34 +08:00
|
|
|
trace_smb3_nblk_credits(server->CurrentMid,
|
2021-02-04 15:20:46 +08:00
|
|
|
server->conn_id, server->hostname, scredits, -1, in_flight);
|
|
|
|
cifs_dbg(FYI, "%s: remove %u credits total=%d\n",
|
|
|
|
__func__, 1, scredits);
|
|
|
|
|
2008-12-09 04:59:39 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
while (1) {
|
2019-03-08 10:58:20 +08:00
|
|
|
if (*credits < num_credits) {
|
2021-02-04 15:20:46 +08:00
|
|
|
scredits = *credits;
|
2012-02-17 22:09:12 +08:00
|
|
|
spin_unlock(&server->req_lock);
|
2021-02-04 15:20:46 +08:00
|
|
|
|
2011-08-10 02:44:44 +08:00
|
|
|
cifs_num_waiters_inc(server);
|
2019-03-08 10:58:22 +08:00
|
|
|
rc = wait_event_killable_timeout(server->request_q,
|
|
|
|
has_credits(server, credits, num_credits), t);
|
2011-08-10 02:44:44 +08:00
|
|
|
cifs_num_waiters_dec(server);
|
2019-03-08 10:58:22 +08:00
|
|
|
if (!rc) {
|
2021-02-04 15:20:46 +08:00
|
|
|
spin_lock(&server->req_lock);
|
|
|
|
scredits = *credits;
|
|
|
|
in_flight = server->in_flight;
|
|
|
|
spin_unlock(&server->req_lock);
|
|
|
|
|
2019-03-10 10:29:55 +08:00
|
|
|
trace_smb3_credit_timeout(server->CurrentMid,
|
2021-02-04 15:20:46 +08:00
|
|
|
server->conn_id, server->hostname, scredits,
|
|
|
|
num_credits, in_flight);
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "wait timed out after %d ms\n",
|
2021-02-04 15:20:46 +08:00
|
|
|
timeout);
|
2021-02-04 14:58:38 +08:00
|
|
|
return -EBUSY;
|
2019-03-08 10:58:22 +08:00
|
|
|
}
|
|
|
|
if (rc == -ERESTARTSYS)
|
|
|
|
return -ERESTARTSYS;
|
2012-02-17 22:09:12 +08:00
|
|
|
spin_lock(&server->req_lock);
|
2008-12-09 04:59:39 +08:00
|
|
|
} else {
|
2021-07-20 01:05:53 +08:00
|
|
|
spin_unlock(&server->req_lock);
|
|
|
|
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->srv_lock);
|
2011-01-11 20:24:01 +08:00
|
|
|
if (server->tcpStatus == CifsExiting) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2008-12-09 04:59:39 +08:00
|
|
|
return -ENOENT;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2008-12-09 04:59:39 +08:00
|
|
|
|
2019-03-08 10:58:21 +08:00
|
|
|
/*
|
|
|
|
* For normal commands, reserve the last MAX_COMPOUND
|
|
|
|
* credits to compound requests.
|
|
|
|
* Otherwise these compounds could be permanently
|
|
|
|
* starved for credits by single-credit requests.
|
|
|
|
*
|
|
|
|
* To prevent spinning CPU, block this thread until
|
|
|
|
* there are >MAX_COMPOUND credits available.
|
|
|
|
* But only do this is we already have a lot of
|
|
|
|
* credits in flight to avoid triggering this check
|
|
|
|
* for servers that are slow to hand out credits on
|
|
|
|
* new sessions.
|
|
|
|
*/
|
2021-07-20 01:05:53 +08:00
|
|
|
spin_lock(&server->req_lock);
|
2019-03-08 10:58:21 +08:00
|
|
|
if (!optype && num_credits == 1 &&
|
|
|
|
server->in_flight > 2 * MAX_COMPOUND &&
|
|
|
|
*credits <= MAX_COMPOUND) {
|
|
|
|
spin_unlock(&server->req_lock);
|
2021-02-04 15:20:46 +08:00
|
|
|
|
2019-03-08 10:58:21 +08:00
|
|
|
cifs_num_waiters_inc(server);
|
2019-03-08 10:58:22 +08:00
|
|
|
rc = wait_event_killable_timeout(
|
|
|
|
server->request_q,
|
2019-03-08 10:58:21 +08:00
|
|
|
has_credits(server, credits,
|
2019-03-08 10:58:22 +08:00
|
|
|
MAX_COMPOUND + 1),
|
|
|
|
t);
|
2019-03-08 10:58:21 +08:00
|
|
|
cifs_num_waiters_dec(server);
|
2019-03-08 10:58:22 +08:00
|
|
|
if (!rc) {
|
2021-02-04 15:20:46 +08:00
|
|
|
spin_lock(&server->req_lock);
|
|
|
|
scredits = *credits;
|
|
|
|
in_flight = server->in_flight;
|
|
|
|
spin_unlock(&server->req_lock);
|
|
|
|
|
2019-03-10 10:29:55 +08:00
|
|
|
trace_smb3_credit_timeout(
|
2021-02-04 15:20:46 +08:00
|
|
|
server->CurrentMid,
|
|
|
|
server->conn_id, server->hostname,
|
|
|
|
scredits, num_credits, in_flight);
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "wait timed out after %d ms\n",
|
2021-02-04 15:20:46 +08:00
|
|
|
timeout);
|
2021-02-04 14:58:38 +08:00
|
|
|
return -EBUSY;
|
2019-03-08 10:58:22 +08:00
|
|
|
}
|
|
|
|
if (rc == -ERESTARTSYS)
|
|
|
|
return -ERESTARTSYS;
|
2019-03-08 10:58:21 +08:00
|
|
|
spin_lock(&server->req_lock);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2012-02-06 19:59:18 +08:00
|
|
|
/*
|
|
|
|
* Can not count locking commands against total
|
|
|
|
* as they are allowed to block on server.
|
|
|
|
*/
|
2008-12-09 04:59:39 +08:00
|
|
|
|
|
|
|
/* update # of requests on the wire to server */
|
2019-03-08 10:58:19 +08:00
|
|
|
if ((flags & CIFS_TIMEOUT_MASK) != CIFS_BLOCKING_OP) {
|
2019-03-08 10:58:20 +08:00
|
|
|
*credits -= num_credits;
|
|
|
|
server->in_flight += num_credits;
|
2019-09-10 11:57:11 +08:00
|
|
|
if (server->in_flight > server->max_in_flight)
|
|
|
|
server->max_in_flight = server->in_flight;
|
2019-01-17 03:22:29 +08:00
|
|
|
*instance = server->reconnect_instance;
|
2012-02-06 19:59:18 +08:00
|
|
|
}
|
2021-02-04 15:20:46 +08:00
|
|
|
scredits = *credits;
|
|
|
|
in_flight = server->in_flight;
|
2012-02-17 22:09:12 +08:00
|
|
|
spin_unlock(&server->req_lock);
|
2020-11-13 00:56:49 +08:00
|
|
|
|
2022-03-17 22:28:34 +08:00
|
|
|
trace_smb3_waitff_credits(server->CurrentMid,
|
2021-02-04 15:20:46 +08:00
|
|
|
server->conn_id, server->hostname, scredits,
|
|
|
|
-(num_credits), in_flight);
|
2020-11-13 00:56:49 +08:00
|
|
|
cifs_dbg(FYI, "%s: remove %u credits total=%d\n",
|
|
|
|
__func__, num_credits, scredits);
|
2008-12-09 04:59:39 +08:00
|
|
|
break;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
}
|
2006-08-03 05:56:33 +08:00
|
|
|
return 0;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-15 18:22:27 +08:00
|
|
|
static int
|
2019-03-08 10:58:18 +08:00
|
|
|
wait_for_free_request(struct TCP_Server_Info *server, const int flags,
|
|
|
|
unsigned int *instance)
|
2012-03-15 18:22:27 +08:00
|
|
|
{
|
2019-03-08 10:58:22 +08:00
|
|
|
return wait_for_free_credits(server, 1, -1, flags,
|
|
|
|
instance);
|
2012-03-15 18:22:27 +08:00
|
|
|
}
|
|
|
|
|
2019-03-11 10:18:58 +08:00
|
|
|
static int
|
|
|
|
wait_for_compound_request(struct TCP_Server_Info *server, int num,
|
|
|
|
const int flags, unsigned int *instance)
|
|
|
|
{
|
|
|
|
int *credits;
|
2021-02-04 15:20:46 +08:00
|
|
|
int scredits, in_flight;
|
2019-03-11 10:18:58 +08:00
|
|
|
|
|
|
|
credits = server->ops->get_credits_field(server, flags & CIFS_OP_MASK);
|
|
|
|
|
|
|
|
spin_lock(&server->req_lock);
|
2020-11-13 00:56:49 +08:00
|
|
|
scredits = *credits;
|
2021-02-04 15:20:46 +08:00
|
|
|
in_flight = server->in_flight;
|
2020-11-13 00:56:49 +08:00
|
|
|
|
2019-03-11 10:18:58 +08:00
|
|
|
if (*credits < num) {
|
|
|
|
/*
|
2021-02-03 12:34:32 +08:00
|
|
|
* If the server is tight on resources or just gives us less
|
|
|
|
* credits for other reasons (e.g. requests are coming out of
|
|
|
|
* order and the server delays granting more credits until it
|
|
|
|
* processes a missing mid) and we exhausted most available
|
|
|
|
* credits there may be situations when we try to send
|
|
|
|
* a compound request but we don't have enough credits. At this
|
|
|
|
* point the client needs to decide if it should wait for
|
|
|
|
* additional credits or fail the request. If at least one
|
|
|
|
* request is in flight there is a high probability that the
|
|
|
|
* server will return enough credits to satisfy this compound
|
|
|
|
* request.
|
|
|
|
*
|
|
|
|
* Return immediately if no requests in flight since we will be
|
|
|
|
* stuck on waiting for credits.
|
2019-03-11 10:18:58 +08:00
|
|
|
*/
|
2021-02-03 12:34:32 +08:00
|
|
|
if (server->in_flight == 0) {
|
2019-03-11 10:18:58 +08:00
|
|
|
spin_unlock(&server->req_lock);
|
2020-11-13 00:56:49 +08:00
|
|
|
trace_smb3_insufficient_credits(server->CurrentMid,
|
2021-02-04 15:20:46 +08:00
|
|
|
server->conn_id, server->hostname, scredits,
|
|
|
|
num, in_flight);
|
2020-11-13 00:56:49 +08:00
|
|
|
cifs_dbg(FYI, "%s: %d requests in flight, needed %d total=%d\n",
|
2021-02-04 15:20:46 +08:00
|
|
|
__func__, in_flight, num, scredits);
|
2021-02-04 14:58:38 +08:00
|
|
|
return -EDEADLK;
|
2019-03-11 10:18:58 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
spin_unlock(&server->req_lock);
|
|
|
|
|
|
|
|
return wait_for_free_credits(server, num, 60000, flags,
|
|
|
|
instance);
|
|
|
|
}
|
|
|
|
|
2014-06-05 23:03:27 +08:00
|
|
|
int
|
|
|
|
cifs_wait_mtu_credits(struct TCP_Server_Info *server, unsigned int size,
|
2019-01-17 03:12:41 +08:00
|
|
|
unsigned int *num, struct cifs_credits *credits)
|
2014-06-05 23:03:27 +08:00
|
|
|
{
|
|
|
|
*num = size;
|
2019-01-17 03:12:41 +08:00
|
|
|
credits->value = 0;
|
|
|
|
credits->instance = server->reconnect_instance;
|
2014-06-05 23:03:27 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2011-05-27 12:34:02 +08:00
|
|
|
static int allocate_mid(struct cifs_ses *ses, struct smb_hdr *in_buf,
|
2006-08-03 05:56:33 +08:00
|
|
|
struct mid_q_entry **ppmidQ)
|
|
|
|
{
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&ses->ses_lock);
|
2022-04-07 21:15:49 +08:00
|
|
|
if (ses->ses_status == SES_NEW) {
|
2007-07-07 06:44:50 +08:00
|
|
|
if ((in_buf->Command != SMB_COM_SESSION_SETUP_ANDX) &&
|
2021-07-20 01:05:53 +08:00
|
|
|
(in_buf->Command != SMB_COM_NEGOTIATE)) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->ses_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
return -EAGAIN;
|
2021-07-20 01:05:53 +08:00
|
|
|
}
|
2008-02-08 07:25:02 +08:00
|
|
|
/* else ok - we are setting up session */
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2013-10-12 23:06:03 +08:00
|
|
|
|
2022-04-07 21:15:49 +08:00
|
|
|
if (ses->ses_status == SES_EXITING) {
|
2013-10-12 23:06:03 +08:00
|
|
|
/* check if SMB session is bad because we are setting it up */
|
2021-07-20 01:05:53 +08:00
|
|
|
if (in_buf->Command != SMB_COM_LOGOFF_ANDX) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->ses_lock);
|
2013-10-12 23:06:03 +08:00
|
|
|
return -EAGAIN;
|
2021-07-20 01:05:53 +08:00
|
|
|
}
|
2013-10-12 23:06:03 +08:00
|
|
|
/* else ok - we are shutting down session */
|
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->ses_lock);
|
2013-10-12 23:06:03 +08:00
|
|
|
|
2022-08-05 22:47:38 +08:00
|
|
|
*ppmidQ = alloc_mid(in_buf, ses->server);
|
2007-08-31 06:09:15 +08:00
|
|
|
if (*ppmidQ == NULL)
|
2006-08-03 05:56:33 +08:00
|
|
|
return -ENOMEM;
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&ses->server->mid_lock);
|
2011-01-11 20:24:02 +08:00
|
|
|
list_add_tail(&(*ppmidQ)->qhead, &ses->server->pending_mid_q);
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->server->mid_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2011-01-11 20:24:02 +08:00
|
|
|
static int
|
|
|
|
wait_for_response(struct TCP_Server_Info *server, struct mid_q_entry *midQ)
|
2006-08-03 05:56:33 +08:00
|
|
|
{
|
2011-01-11 20:24:02 +08:00
|
|
|
int error;
|
2006-08-03 05:56:33 +08:00
|
|
|
|
freezer,sched: Rewrite core freezer logic
Rewrite the core freezer to behave better wrt thawing and be simpler
in general.
By replacing PF_FROZEN with TASK_FROZEN, a special block state, it is
ensured frozen tasks stay frozen until thawed and don't randomly wake
up early, as is currently possible.
As such, it does away with PF_FROZEN and PF_FREEZER_SKIP, freeing up
two PF_flags (yay!).
Specifically; the current scheme works a little like:
freezer_do_not_count();
schedule();
freezer_count();
And either the task is blocked, or it lands in try_to_freezer()
through freezer_count(). Now, when it is blocked, the freezer
considers it frozen and continues.
However, on thawing, once pm_freezing is cleared, freezer_count()
stops working, and any random/spurious wakeup will let a task run
before its time.
That is, thawing tries to thaw things in explicit order; kernel
threads and workqueues before doing bringing SMP back before userspace
etc.. However due to the above mentioned races it is entirely possible
for userspace tasks to thaw (by accident) before SMP is back.
This can be a fatal problem in asymmetric ISA architectures (eg ARMv9)
where the userspace task requires a special CPU to run.
As said; replace this with a special task state TASK_FROZEN and add
the following state transitions:
TASK_FREEZABLE -> TASK_FROZEN
__TASK_STOPPED -> TASK_FROZEN
__TASK_TRACED -> TASK_FROZEN
The new TASK_FREEZABLE can be set on any state part of TASK_NORMAL
(IOW. TASK_INTERRUPTIBLE and TASK_UNINTERRUPTIBLE) -- any such state
is already required to deal with spurious wakeups and the freezer
causes one such when thawing the task (since the original state is
lost).
The special __TASK_{STOPPED,TRACED} states *can* be restored since
their canonical state is in ->jobctl.
With this, frozen tasks need an explicit TASK_FROZEN wakeup and are
free of undue (early / spurious) wakeups.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Link: https://lore.kernel.org/r/20220822114649.055452969@infradead.org
2022-08-22 19:18:22 +08:00
|
|
|
error = wait_event_state(server->response_q,
|
|
|
|
midQ->mid_state != MID_REQUEST_SUBMITTED,
|
|
|
|
(TASK_KILLABLE|TASK_FREEZABLE_UNSAFE));
|
2011-01-11 20:24:02 +08:00
|
|
|
if (error < 0)
|
|
|
|
return -ERESTARTSYS;
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2011-01-11 20:24:02 +08:00
|
|
|
return 0;
|
2006-08-03 05:56:33 +08:00
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:35 +08:00
|
|
|
struct mid_q_entry *
|
|
|
|
cifs_setup_async_request(struct TCP_Server_Info *server, struct smb_rqst *rqst)
|
2012-03-24 02:28:02 +08:00
|
|
|
{
|
|
|
|
int rc;
|
2012-09-19 07:20:35 +08:00
|
|
|
struct smb_hdr *hdr = (struct smb_hdr *)rqst->rq_iov[0].iov_base;
|
2012-03-24 02:28:02 +08:00
|
|
|
struct mid_q_entry *mid;
|
|
|
|
|
2016-11-24 07:14:57 +08:00
|
|
|
if (rqst->rq_iov[0].iov_len != 4 ||
|
|
|
|
rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
|
|
|
|
return ERR_PTR(-EIO);
|
|
|
|
|
2012-03-24 02:28:02 +08:00
|
|
|
/* enable signing if server requires it */
|
2013-05-26 19:01:00 +08:00
|
|
|
if (server->sign)
|
2012-03-24 02:28:02 +08:00
|
|
|
hdr->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
|
|
|
|
|
2022-08-05 22:47:38 +08:00
|
|
|
mid = alloc_mid(hdr, server);
|
2012-03-24 02:28:02 +08:00
|
|
|
if (mid == NULL)
|
2012-09-19 07:20:35 +08:00
|
|
|
return ERR_PTR(-ENOMEM);
|
2012-03-24 02:28:02 +08:00
|
|
|
|
2012-09-19 07:20:35 +08:00
|
|
|
rc = cifs_sign_rqst(rqst, server, &mid->sequence_number);
|
2012-07-11 19:28:05 +08:00
|
|
|
if (rc) {
|
2022-08-05 22:47:38 +08:00
|
|
|
release_mid(mid);
|
2012-09-19 07:20:35 +08:00
|
|
|
return ERR_PTR(rc);
|
2012-07-11 19:28:05 +08:00
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:35 +08:00
|
|
|
return mid;
|
2012-03-24 02:28:02 +08:00
|
|
|
}
|
2007-11-14 06:41:37 +08:00
|
|
|
|
2011-01-11 20:24:21 +08:00
|
|
|
/*
|
|
|
|
* Send a SMB request and set the callback function in the mid to handle
|
|
|
|
* the result. Caller is responsible for dealing with timeouts.
|
|
|
|
*/
|
|
|
|
int
|
2012-09-19 07:20:35 +08:00
|
|
|
cifs_call_async(struct TCP_Server_Info *server, struct smb_rqst *rqst,
|
2016-11-17 06:06:17 +08:00
|
|
|
mid_receive_t *receive, mid_callback_t *callback,
|
2019-01-16 07:52:29 +08:00
|
|
|
mid_handle_t *handle, void *cbdata, const int flags,
|
|
|
|
const struct cifs_credits *exist_credits)
|
2011-01-11 20:24:21 +08:00
|
|
|
{
|
2019-03-08 10:58:18 +08:00
|
|
|
int rc;
|
2011-01-11 20:24:21 +08:00
|
|
|
struct mid_q_entry *mid;
|
2019-01-17 03:12:41 +08:00
|
|
|
struct cifs_credits credits = { .value = 0, .instance = 0 };
|
2019-01-17 03:22:29 +08:00
|
|
|
unsigned int instance;
|
2019-03-08 10:58:18 +08:00
|
|
|
int optype;
|
2011-01-11 20:24:21 +08:00
|
|
|
|
2012-05-23 20:14:34 +08:00
|
|
|
optype = flags & CIFS_OP_MASK;
|
|
|
|
|
2014-06-05 23:03:27 +08:00
|
|
|
if ((flags & CIFS_HAS_CREDITS) == 0) {
|
2019-03-08 10:58:18 +08:00
|
|
|
rc = wait_for_free_request(server, flags, &instance);
|
2014-06-05 23:03:27 +08:00
|
|
|
if (rc)
|
|
|
|
return rc;
|
2019-01-17 03:12:41 +08:00
|
|
|
credits.value = 1;
|
2019-01-17 03:22:29 +08:00
|
|
|
credits.instance = instance;
|
2019-01-16 07:52:29 +08:00
|
|
|
} else
|
|
|
|
instance = exist_credits->instance;
|
2011-01-11 20:24:21 +08:00
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_lock(server);
|
2019-01-16 07:52:29 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We can't use credits obtained from the previous session to send this
|
|
|
|
* request. Check if there were reconnects after we obtained credits and
|
|
|
|
* return -EAGAIN in such cases to let callers handle it.
|
|
|
|
*/
|
|
|
|
if (instance != server->reconnect_instance) {
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2019-01-16 07:52:29 +08:00
|
|
|
add_credits_and_wake_if(server, &credits, optype);
|
|
|
|
return -EAGAIN;
|
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:35 +08:00
|
|
|
mid = server->ops->setup_async_request(server, rqst);
|
|
|
|
if (IS_ERR(mid)) {
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2019-01-17 03:12:41 +08:00
|
|
|
add_credits_and_wake_if(server, &credits, optype);
|
2012-09-19 07:20:35 +08:00
|
|
|
return PTR_ERR(mid);
|
2011-01-11 20:24:21 +08:00
|
|
|
}
|
|
|
|
|
2011-10-20 03:29:49 +08:00
|
|
|
mid->receive = receive;
|
2011-01-11 20:24:21 +08:00
|
|
|
mid->callback = callback;
|
|
|
|
mid->callback_data = cbdata;
|
2016-11-17 06:06:17 +08:00
|
|
|
mid->handle = handle;
|
2012-03-24 02:28:03 +08:00
|
|
|
mid->mid_state = MID_REQUEST_SUBMITTED;
|
2011-08-10 02:44:44 +08:00
|
|
|
|
2012-07-11 19:28:05 +08:00
|
|
|
/* put it on the pending_mid_q */
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->mid_lock);
|
2012-07-11 19:28:05 +08:00
|
|
|
list_add_tail(&mid->qhead, &server->pending_mid_q);
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2012-07-11 19:28:05 +08:00
|
|
|
|
2017-06-29 06:55:55 +08:00
|
|
|
/*
|
|
|
|
* Need to store the time in mid before calling I/O. For call_async,
|
|
|
|
* I/O response may come back and free the mid entry on another thread.
|
|
|
|
*/
|
|
|
|
cifs_save_when_sent(mid);
|
2011-08-10 02:44:44 +08:00
|
|
|
cifs_in_send_inc(server);
|
2018-08-01 07:26:12 +08:00
|
|
|
rc = smb_send_rqst(server, 1, rqst, flags);
|
2011-08-10 02:44:44 +08:00
|
|
|
cifs_in_send_dec(server);
|
2013-04-03 22:27:36 +08:00
|
|
|
|
2015-12-23 14:32:41 +08:00
|
|
|
if (rc < 0) {
|
2019-03-05 06:02:50 +08:00
|
|
|
revert_current_mid(server, mid->credits);
|
2013-04-03 22:27:36 +08:00
|
|
|
server->sequence_number -= 2;
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(mid);
|
2015-12-23 14:32:41 +08:00
|
|
|
}
|
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2011-08-10 02:44:44 +08:00
|
|
|
|
2012-07-11 19:28:05 +08:00
|
|
|
if (rc == 0)
|
|
|
|
return 0;
|
2011-01-11 20:24:21 +08:00
|
|
|
|
2019-01-17 03:12:41 +08:00
|
|
|
add_credits_and_wake_if(server, &credits, optype);
|
2011-01-11 20:24:21 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2007-11-14 06:41:37 +08:00
|
|
|
/*
|
|
|
|
*
|
|
|
|
* Send an SMB Request. No response info (other than return code)
|
|
|
|
* needs to be parsed.
|
|
|
|
*
|
|
|
|
* flags indicate the type of request buffer and how long to wait
|
|
|
|
* and whether to log NT STATUS code (error) before mapping it to POSIX error
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
int
|
2011-05-27 12:34:02 +08:00
|
|
|
SendReceiveNoRsp(const unsigned int xid, struct cifs_ses *ses,
|
2012-03-24 02:28:02 +08:00
|
|
|
char *in_buf, int flags)
|
2007-11-14 06:41:37 +08:00
|
|
|
{
|
|
|
|
int rc;
|
|
|
|
struct kvec iov[1];
|
2016-10-26 02:38:47 +08:00
|
|
|
struct kvec rsp_iov;
|
2007-11-14 06:41:37 +08:00
|
|
|
int resp_buf_type;
|
|
|
|
|
2012-03-24 02:28:02 +08:00
|
|
|
iov[0].iov_base = in_buf;
|
|
|
|
iov[0].iov_len = get_rfc1002_length(in_buf) + 4;
|
2019-05-06 08:00:02 +08:00
|
|
|
flags |= CIFS_NO_RSP_BUF;
|
2016-10-26 02:38:47 +08:00
|
|
|
rc = SendReceive2(xid, ses, iov, 1, &resp_buf_type, flags, &rsp_iov);
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(NOISY, "SendRcvNoRsp flags %d rc %d\n", flags, rc);
|
2008-02-13 04:32:36 +08:00
|
|
|
|
2007-11-14 06:41:37 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2011-01-11 20:24:02 +08:00
|
|
|
static int
|
2011-05-22 19:09:13 +08:00
|
|
|
cifs_sync_mid_result(struct mid_q_entry *mid, struct TCP_Server_Info *server)
|
2011-01-11 20:24:02 +08:00
|
|
|
{
|
|
|
|
int rc = 0;
|
|
|
|
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(FYI, "%s: cmd=%d mid=%llu state=%d\n",
|
|
|
|
__func__, le16_to_cpu(mid->command), mid->mid, mid->mid_state);
|
2011-01-11 20:24:02 +08:00
|
|
|
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->mid_lock);
|
2012-03-24 02:28:03 +08:00
|
|
|
switch (mid->mid_state) {
|
2011-01-11 20:24:02 +08:00
|
|
|
case MID_RESPONSE_RECEIVED:
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2011-01-11 20:24:02 +08:00
|
|
|
return rc;
|
2011-01-11 20:24:02 +08:00
|
|
|
case MID_RETRY_NEEDED:
|
|
|
|
rc = -EAGAIN;
|
|
|
|
break;
|
2011-02-10 21:03:50 +08:00
|
|
|
case MID_RESPONSE_MALFORMED:
|
|
|
|
rc = -EIO;
|
|
|
|
break;
|
2011-05-22 19:09:13 +08:00
|
|
|
case MID_SHUTDOWN:
|
|
|
|
rc = -EHOSTDOWN;
|
|
|
|
break;
|
2011-01-11 20:24:02 +08:00
|
|
|
default:
|
2019-10-22 23:41:42 +08:00
|
|
|
if (!(mid->mid_flags & MID_DELETED)) {
|
|
|
|
list_del_init(&mid->qhead);
|
|
|
|
mid->mid_flags |= MID_DELETED;
|
|
|
|
}
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "%s: invalid mid state mid=%llu state=%d\n",
|
2013-05-05 11:12:25 +08:00
|
|
|
__func__, mid->mid, mid->mid_state);
|
2011-01-11 20:24:02 +08:00
|
|
|
rc = -EIO;
|
2011-01-11 20:24:02 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2011-01-11 20:24:02 +08:00
|
|
|
|
2022-08-05 22:47:38 +08:00
|
|
|
release_mid(mid);
|
2011-01-11 20:24:02 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2012-05-16 00:21:10 +08:00
|
|
|
static inline int
|
2016-11-24 07:08:14 +08:00
|
|
|
send_cancel(struct TCP_Server_Info *server, struct smb_rqst *rqst,
|
|
|
|
struct mid_q_entry *mid)
|
2011-01-11 20:24:24 +08:00
|
|
|
{
|
2012-05-16 00:21:10 +08:00
|
|
|
return server->ops->send_cancel ?
|
2016-11-24 07:08:14 +08:00
|
|
|
server->ops->send_cancel(server, rqst, mid) : 0;
|
2011-01-11 20:24:24 +08:00
|
|
|
}
|
|
|
|
|
2011-05-20 04:22:52 +08:00
|
|
|
int
|
|
|
|
cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
|
|
|
|
bool log_error)
|
|
|
|
{
|
2012-03-24 02:28:02 +08:00
|
|
|
unsigned int len = get_rfc1002_length(mid->resp_buf) + 4;
|
2011-10-11 18:41:32 +08:00
|
|
|
|
|
|
|
dump_smb(mid->resp_buf, min_t(u32, 92, len));
|
2011-05-20 04:22:52 +08:00
|
|
|
|
|
|
|
/* convert the length into a more usable form */
|
2013-05-26 19:01:00 +08:00
|
|
|
if (server->sign) {
|
2016-11-24 07:14:57 +08:00
|
|
|
struct kvec iov[2];
|
2012-08-03 22:42:45 +08:00
|
|
|
int rc = 0;
|
2016-11-24 07:14:57 +08:00
|
|
|
struct smb_rqst rqst = { .rq_iov = iov,
|
|
|
|
.rq_nvec = 2 };
|
2011-10-11 18:41:32 +08:00
|
|
|
|
2016-11-24 07:14:57 +08:00
|
|
|
iov[0].iov_base = mid->resp_buf;
|
|
|
|
iov[0].iov_len = 4;
|
|
|
|
iov[1].iov_base = (char *)mid->resp_buf + 4;
|
|
|
|
iov[1].iov_len = len - 4;
|
2011-05-20 04:22:52 +08:00
|
|
|
/* FIXME: add code to kill session */
|
2012-09-19 07:20:34 +08:00
|
|
|
rc = cifs_verify_signature(&rqst, server,
|
2013-04-03 23:55:03 +08:00
|
|
|
mid->sequence_number);
|
2012-08-03 22:42:45 +08:00
|
|
|
if (rc)
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "SMB signature verification returned error = %d\n",
|
2013-05-05 11:12:25 +08:00
|
|
|
rc);
|
2011-05-20 04:22:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/* BB special case reconnect tid and uid here? */
|
2020-07-03 17:29:32 +08:00
|
|
|
return map_and_check_smb_error(mid, log_error);
|
2011-05-20 04:22:52 +08:00
|
|
|
}
|
|
|
|
|
2012-09-19 07:20:35 +08:00
|
|
|
struct mid_q_entry *
|
2019-09-20 12:08:34 +08:00
|
|
|
cifs_setup_request(struct cifs_ses *ses, struct TCP_Server_Info *ignored,
|
|
|
|
struct smb_rqst *rqst)
|
2012-03-24 02:28:02 +08:00
|
|
|
{
|
|
|
|
int rc;
|
2012-09-19 07:20:35 +08:00
|
|
|
struct smb_hdr *hdr = (struct smb_hdr *)rqst->rq_iov[0].iov_base;
|
2012-03-24 02:28:02 +08:00
|
|
|
struct mid_q_entry *mid;
|
|
|
|
|
2016-11-24 07:14:57 +08:00
|
|
|
if (rqst->rq_iov[0].iov_len != 4 ||
|
|
|
|
rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
|
|
|
|
return ERR_PTR(-EIO);
|
|
|
|
|
2012-03-24 02:28:02 +08:00
|
|
|
rc = allocate_mid(ses, hdr, &mid);
|
|
|
|
if (rc)
|
2012-09-19 07:20:35 +08:00
|
|
|
return ERR_PTR(rc);
|
|
|
|
rc = cifs_sign_rqst(rqst, ses->server, &mid->sequence_number);
|
|
|
|
if (rc) {
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(mid);
|
2012-09-19 07:20:35 +08:00
|
|
|
return ERR_PTR(rc);
|
|
|
|
}
|
|
|
|
return mid;
|
2012-03-24 02:28:02 +08:00
|
|
|
}
|
|
|
|
|
2018-08-30 08:13:00 +08:00
|
|
|
static void
|
2019-01-04 07:53:10 +08:00
|
|
|
cifs_compound_callback(struct mid_q_entry *mid)
|
2019-01-04 08:45:27 +08:00
|
|
|
{
|
|
|
|
struct TCP_Server_Info *server = mid->server;
|
2019-01-17 03:22:29 +08:00
|
|
|
struct cifs_credits credits;
|
|
|
|
|
|
|
|
credits.value = server->ops->get_credits(mid);
|
|
|
|
credits.instance = server->reconnect_instance;
|
2019-01-04 08:45:27 +08:00
|
|
|
|
2019-01-17 03:22:29 +08:00
|
|
|
add_credits(server, &credits, mid->optype);
|
2019-01-04 08:45:27 +08:00
|
|
|
}
|
|
|
|
|
2019-01-04 07:53:10 +08:00
|
|
|
static void
|
|
|
|
cifs_compound_last_callback(struct mid_q_entry *mid)
|
|
|
|
{
|
|
|
|
cifs_compound_callback(mid);
|
|
|
|
cifs_wake_up_task(mid);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
cifs_cancelled_callback(struct mid_q_entry *mid)
|
|
|
|
{
|
|
|
|
cifs_compound_callback(mid);
|
2022-08-05 22:47:38 +08:00
|
|
|
release_mid(mid);
|
2019-01-04 07:53:10 +08:00
|
|
|
}
|
|
|
|
|
2020-04-22 21:58:57 +08:00
|
|
|
/*
|
|
|
|
* Return a channel (master if none) of @ses that can be used to send
|
|
|
|
* regular requests.
|
|
|
|
*
|
|
|
|
* If we are currently binding a new channel (negprot/sess.setup),
|
|
|
|
* return the new incomplete channel.
|
|
|
|
*/
|
|
|
|
struct TCP_Server_Info *cifs_pick_channel(struct cifs_ses *ses)
|
|
|
|
{
|
|
|
|
uint index = 0;
|
2022-12-19 13:40:44 +08:00
|
|
|
unsigned int min_in_flight = UINT_MAX, max_in_flight = 0;
|
|
|
|
struct TCP_Server_Info *server = NULL;
|
|
|
|
int i;
|
2020-04-22 21:58:57 +08:00
|
|
|
|
|
|
|
if (!ses)
|
|
|
|
return NULL;
|
|
|
|
|
2021-11-19 22:16:57 +08:00
|
|
|
spin_lock(&ses->chan_lock);
|
2022-12-19 13:40:44 +08:00
|
|
|
for (i = 0; i < ses->chan_count; i++) {
|
|
|
|
server = ses->chans[i].server;
|
|
|
|
if (!server)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* strictly speaking, we should pick up req_lock to read
|
|
|
|
* server->in_flight. But it shouldn't matter much here if we
|
|
|
|
* race while reading this data. The worst that can happen is
|
|
|
|
* that we could use a channel that's not least loaded. Avoiding
|
|
|
|
* taking the lock could help reduce wait time, which is
|
|
|
|
* important for this function
|
|
|
|
*/
|
|
|
|
if (server->in_flight < min_in_flight) {
|
|
|
|
min_in_flight = server->in_flight;
|
|
|
|
index = i;
|
|
|
|
}
|
|
|
|
if (server->in_flight > max_in_flight)
|
|
|
|
max_in_flight = server->in_flight;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* if all channels are equally loaded, fall back to round-robin */
|
|
|
|
if (min_in_flight == max_in_flight) {
|
|
|
|
index = (uint)atomic_inc_return(&ses->chan_seq);
|
|
|
|
index %= ses->chan_count;
|
|
|
|
}
|
2021-11-19 22:16:57 +08:00
|
|
|
spin_unlock(&ses->chan_lock);
|
2021-07-19 21:54:16 +08:00
|
|
|
|
|
|
|
return ses->chans[index].server;
|
2020-04-22 21:58:57 +08:00
|
|
|
}
|
|
|
|
|
2016-11-24 07:31:54 +08:00
|
|
|
int
|
2018-08-01 07:26:13 +08:00
|
|
|
compound_send_recv(const unsigned int xid, struct cifs_ses *ses,
|
2020-06-01 01:38:22 +08:00
|
|
|
struct TCP_Server_Info *server,
|
2018-08-01 07:26:13 +08:00
|
|
|
const int flags, const int num_rqst, struct smb_rqst *rqst,
|
|
|
|
int *resp_buf_type, struct kvec *resp_iov)
|
2006-08-03 05:56:33 +08:00
|
|
|
{
|
2019-03-08 10:58:18 +08:00
|
|
|
int i, j, optype, rc = 0;
|
2018-08-01 07:26:13 +08:00
|
|
|
struct mid_q_entry *midQ[MAX_COMPOUND];
|
2018-12-23 04:40:05 +08:00
|
|
|
bool cancelled_mid[MAX_COMPOUND] = {false};
|
2019-01-17 03:22:29 +08:00
|
|
|
struct cifs_credits credits[MAX_COMPOUND] = {
|
|
|
|
{ .value = 0, .instance = 0 }
|
|
|
|
};
|
|
|
|
unsigned int instance;
|
2016-11-24 07:14:57 +08:00
|
|
|
char *buf;
|
2007-07-13 08:33:32 +08:00
|
|
|
|
2012-05-23 20:14:34 +08:00
|
|
|
optype = flags & CIFS_OP_MASK;
|
2007-11-14 06:41:37 +08:00
|
|
|
|
2018-08-01 07:26:13 +08:00
|
|
|
for (i = 0; i < num_rqst; i++)
|
|
|
|
resp_buf_type[i] = CIFS_NO_BUFFER; /* no response buf yet */
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2020-06-01 01:38:22 +08:00
|
|
|
if (!ses || !ses->server || !server) {
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(VFS, "Null session\n");
|
2006-08-03 05:56:33 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->srv_lock);
|
2021-07-20 01:05:53 +08:00
|
|
|
if (server->tcpStatus == CifsExiting) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
return -ENOENT;
|
2021-07-20 01:05:53 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2012-03-24 02:28:02 +08:00
|
|
|
/*
|
2019-03-11 10:18:58 +08:00
|
|
|
* Wait for all the requests to become available.
|
2019-01-31 08:58:09 +08:00
|
|
|
* This approach still leaves the possibility to be stuck waiting for
|
|
|
|
* credits if the server doesn't grant credits to the outstanding
|
2019-03-11 10:18:58 +08:00
|
|
|
* requests and if the client is completely idle, not generating any
|
|
|
|
* other requests.
|
|
|
|
* This can be handled by the eventual session reconnect.
|
2012-03-24 02:28:02 +08:00
|
|
|
*/
|
2019-06-25 02:00:12 +08:00
|
|
|
rc = wait_for_compound_request(server, num_rqst, flags,
|
2019-03-11 10:18:58 +08:00
|
|
|
&instance);
|
|
|
|
if (rc)
|
|
|
|
return rc;
|
2019-01-16 08:07:52 +08:00
|
|
|
|
2019-03-11 10:18:58 +08:00
|
|
|
for (i = 0; i < num_rqst; i++) {
|
|
|
|
credits[i].value = 1;
|
|
|
|
credits[i].instance = instance;
|
2018-12-23 04:40:05 +08:00
|
|
|
}
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2012-03-24 02:28:02 +08:00
|
|
|
/*
|
|
|
|
* Make sure that we sign in the same order that we send on this socket
|
|
|
|
* and avoid races inside tcp sendmsg code that could cause corruption
|
|
|
|
* of smb data.
|
|
|
|
*/
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_lock(server);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2019-01-16 08:07:52 +08:00
|
|
|
/*
|
|
|
|
* All the parts of the compound chain belong obtained credits from the
|
2019-03-11 10:18:58 +08:00
|
|
|
* same session. We can not use credits obtained from the previous
|
2019-01-16 08:07:52 +08:00
|
|
|
* session to send this request. Check if there were reconnects after
|
|
|
|
* we obtained credits and return -EAGAIN in such cases to let callers
|
|
|
|
* handle it.
|
|
|
|
*/
|
2019-06-25 02:00:12 +08:00
|
|
|
if (instance != server->reconnect_instance) {
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2019-01-16 08:07:52 +08:00
|
|
|
for (j = 0; j < num_rqst; j++)
|
2019-06-25 02:00:12 +08:00
|
|
|
add_credits(server, &credits[j], optype);
|
2019-01-16 08:07:52 +08:00
|
|
|
return -EAGAIN;
|
|
|
|
}
|
|
|
|
|
2018-08-01 07:26:13 +08:00
|
|
|
for (i = 0; i < num_rqst; i++) {
|
2019-09-20 12:08:34 +08:00
|
|
|
midQ[i] = server->ops->setup_request(ses, server, &rqst[i]);
|
2018-08-01 07:26:13 +08:00
|
|
|
if (IS_ERR(midQ[i])) {
|
2019-06-25 02:00:12 +08:00
|
|
|
revert_current_mid(server, i);
|
2018-08-01 07:26:13 +08:00
|
|
|
for (j = 0; j < i; j++)
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ[j]);
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2018-12-23 04:40:05 +08:00
|
|
|
|
2018-08-01 07:26:13 +08:00
|
|
|
/* Update # of requests on wire to server */
|
2018-12-23 04:40:05 +08:00
|
|
|
for (j = 0; j < num_rqst; j++)
|
2019-06-25 02:00:12 +08:00
|
|
|
add_credits(server, &credits[j], optype);
|
2018-08-01 07:26:13 +08:00
|
|
|
return PTR_ERR(midQ[i]);
|
|
|
|
}
|
|
|
|
|
|
|
|
midQ[i]->mid_state = MID_REQUEST_SUBMITTED;
|
2019-01-04 08:45:27 +08:00
|
|
|
midQ[i]->optype = optype;
|
2018-08-30 08:13:00 +08:00
|
|
|
/*
|
2019-01-04 07:53:10 +08:00
|
|
|
* Invoke callback for every part of the compound chain
|
|
|
|
* to calculate credits properly. Wake up this thread only when
|
|
|
|
* the last element is received.
|
2018-08-30 08:13:00 +08:00
|
|
|
*/
|
|
|
|
if (i < num_rqst - 1)
|
2019-01-04 07:53:10 +08:00
|
|
|
midQ[i]->callback = cifs_compound_callback;
|
|
|
|
else
|
|
|
|
midQ[i]->callback = cifs_compound_last_callback;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2019-06-25 02:00:12 +08:00
|
|
|
cifs_in_send_inc(server);
|
|
|
|
rc = smb_send_rqst(server, num_rqst, rqst, flags);
|
|
|
|
cifs_in_send_dec(server);
|
2018-08-01 07:26:13 +08:00
|
|
|
|
|
|
|
for (i = 0; i < num_rqst; i++)
|
|
|
|
cifs_save_when_sent(midQ[i]);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2019-03-05 06:02:50 +08:00
|
|
|
if (rc < 0) {
|
2019-06-25 02:00:12 +08:00
|
|
|
revert_current_mid(server, num_rqst);
|
|
|
|
server->sequence_number -= 2;
|
2019-03-05 06:02:50 +08:00
|
|
|
}
|
2018-08-01 07:26:13 +08:00
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2019-05-01 10:03:41 +08:00
|
|
|
/*
|
|
|
|
* If sending failed for some reason or it is an oplock break that we
|
|
|
|
* will not receive a response to - return credits back
|
|
|
|
*/
|
|
|
|
if (rc < 0 || (flags & CIFS_NO_SRV_RSP)) {
|
2019-01-04 07:53:10 +08:00
|
|
|
for (i = 0; i < num_rqst; i++)
|
2019-06-25 02:00:12 +08:00
|
|
|
add_credits(server, &credits[i], optype);
|
2018-10-10 13:29:06 +08:00
|
|
|
goto out;
|
2019-01-04 07:53:10 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* At this point the request is passed to the network stack - we assume
|
|
|
|
* that any credits taken from the server structure on the client have
|
|
|
|
* been spent and we can't return them back. Once we receive responses
|
|
|
|
* we will collect credits granted by the server in the mid callbacks
|
|
|
|
* and add those credits to the server structure.
|
|
|
|
*/
|
2018-08-01 07:26:13 +08:00
|
|
|
|
2018-10-10 13:29:06 +08:00
|
|
|
/*
|
|
|
|
* Compounding is never used during session establish.
|
|
|
|
*/
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&ses->ses_lock);
|
2022-04-07 21:15:49 +08:00
|
|
|
if ((ses->ses_status == SES_NEW) || (optype & CIFS_NEG_OP) || (optype & CIFS_SESS_OP)) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->ses_lock);
|
2021-07-20 01:05:53 +08:00
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_lock(server);
|
2021-07-19 21:54:16 +08:00
|
|
|
smb311_update_preauth_hash(ses, server, rqst[0].rq_iov, rqst[0].rq_nvec);
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2021-07-20 01:05:53 +08:00
|
|
|
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&ses->ses_lock);
|
2021-03-10 20:20:40 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->ses_lock);
|
2018-08-01 07:26:13 +08:00
|
|
|
|
2018-10-10 13:29:06 +08:00
|
|
|
for (i = 0; i < num_rqst; i++) {
|
2019-06-25 02:00:12 +08:00
|
|
|
rc = wait_for_response(server, midQ[i]);
|
2019-01-04 08:45:27 +08:00
|
|
|
if (rc != 0)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (rc != 0) {
|
|
|
|
for (; i < num_rqst; i++) {
|
2021-03-08 23:00:48 +08:00
|
|
|
cifs_server_dbg(FYI, "Cancelling wait for mid %llu cmd: %d\n",
|
2018-10-24 10:04:57 +08:00
|
|
|
midQ[i]->mid, le16_to_cpu(midQ[i]->command));
|
2019-06-25 02:00:12 +08:00
|
|
|
send_cancel(server, &rqst[i], midQ[i]);
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->mid_lock);
|
2019-11-22 03:35:14 +08:00
|
|
|
midQ[i]->mid_flags |= MID_WAIT_CANCELLED;
|
2018-08-01 07:26:13 +08:00
|
|
|
if (midQ[i]->mid_state == MID_REQUEST_SUBMITTED) {
|
2019-01-04 08:45:27 +08:00
|
|
|
midQ[i]->callback = cifs_cancelled_callback;
|
2018-12-23 04:40:05 +08:00
|
|
|
cancelled_mid[i] = true;
|
2019-01-17 03:22:29 +08:00
|
|
|
credits[i].value = 0;
|
2018-08-01 07:26:13 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2018-08-01 07:26:13 +08:00
|
|
|
}
|
2018-10-10 13:29:06 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < num_rqst; i++) {
|
|
|
|
if (rc < 0)
|
|
|
|
goto out;
|
2018-08-01 07:26:13 +08:00
|
|
|
|
2019-06-25 02:00:12 +08:00
|
|
|
rc = cifs_sync_mid_result(midQ[i], server);
|
2018-08-01 07:26:13 +08:00
|
|
|
if (rc != 0) {
|
2018-12-23 04:40:05 +08:00
|
|
|
/* mark this mid as cancelled to not free it below */
|
|
|
|
cancelled_mid[i] = true;
|
|
|
|
goto out;
|
2011-01-28 20:08:28 +08:00
|
|
|
}
|
2008-12-12 01:26:54 +08:00
|
|
|
|
2018-08-01 07:26:13 +08:00
|
|
|
if (!midQ[i]->resp_buf ||
|
|
|
|
midQ[i]->mid_state != MID_RESPONSE_RECEIVED) {
|
|
|
|
rc = -EIO;
|
|
|
|
cifs_dbg(FYI, "Bad MID state?\n");
|
|
|
|
goto out;
|
|
|
|
}
|
2012-05-23 20:14:34 +08:00
|
|
|
|
2018-08-01 07:26:13 +08:00
|
|
|
buf = (char *)midQ[i]->resp_buf;
|
|
|
|
resp_iov[i].iov_base = buf;
|
|
|
|
resp_iov[i].iov_len = midQ[i]->resp_buf_size +
|
2022-08-23 20:52:00 +08:00
|
|
|
HEADER_PREAMBLE_SIZE(server);
|
2018-08-01 07:26:13 +08:00
|
|
|
|
|
|
|
if (midQ[i]->large_buf)
|
|
|
|
resp_buf_type[i] = CIFS_LARGE_BUFFER;
|
|
|
|
else
|
|
|
|
resp_buf_type[i] = CIFS_SMALL_BUFFER;
|
|
|
|
|
2019-06-25 02:00:12 +08:00
|
|
|
rc = server->ops->check_receive(midQ[i], server,
|
2018-08-01 07:26:13 +08:00
|
|
|
flags & CIFS_LOG_ERROR);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2022-08-05 22:47:38 +08:00
|
|
|
/* mark it so buf will not be freed by delete_mid */
|
2019-05-06 08:00:02 +08:00
|
|
|
if ((flags & CIFS_NO_RSP_BUF) == 0)
|
2018-08-01 07:26:13 +08:00
|
|
|
midQ[i]->resp_buf = NULL;
|
2018-10-10 13:29:06 +08:00
|
|
|
|
2018-08-01 07:26:13 +08:00
|
|
|
}
|
2018-10-10 13:29:06 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Compounding is never used during session establish.
|
|
|
|
*/
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&ses->ses_lock);
|
2022-04-07 21:15:49 +08:00
|
|
|
if ((ses->ses_status == SES_NEW) || (optype & CIFS_NEG_OP) || (optype & CIFS_SESS_OP)) {
|
2018-10-10 13:29:06 +08:00
|
|
|
struct kvec iov = {
|
|
|
|
.iov_base = resp_iov[0].iov_base,
|
|
|
|
.iov_len = resp_iov[0].iov_len
|
|
|
|
};
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->ses_lock);
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_lock(server);
|
2021-07-19 21:54:16 +08:00
|
|
|
smb311_update_preauth_hash(ses, server, &iov, 1);
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&ses->ses_lock);
|
2018-10-10 13:29:06 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&ses->ses_lock);
|
2018-10-10 13:29:06 +08:00
|
|
|
|
2006-08-03 05:56:33 +08:00
|
|
|
out:
|
2018-08-30 08:13:00 +08:00
|
|
|
/*
|
|
|
|
* This will dequeue all mids. After this it is important that the
|
|
|
|
* demultiplex_thread will not process any of these mids any futher.
|
|
|
|
* This is prevented above by using a noop callback that will not
|
|
|
|
* wake this thread except for the very last PDU.
|
|
|
|
*/
|
2018-12-23 04:40:05 +08:00
|
|
|
for (i = 0; i < num_rqst; i++) {
|
|
|
|
if (!cancelled_mid[i])
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ[i]);
|
2018-12-23 04:40:05 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2005-06-14 02:24:43 +08:00
|
|
|
return rc;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2018-08-01 07:26:13 +08:00
|
|
|
int
|
|
|
|
cifs_send_recv(const unsigned int xid, struct cifs_ses *ses,
|
2020-06-01 01:38:22 +08:00
|
|
|
struct TCP_Server_Info *server,
|
2018-08-01 07:26:13 +08:00
|
|
|
struct smb_rqst *rqst, int *resp_buf_type, const int flags,
|
|
|
|
struct kvec *resp_iov)
|
|
|
|
{
|
2020-06-01 01:38:22 +08:00
|
|
|
return compound_send_recv(xid, ses, server, flags, 1,
|
|
|
|
rqst, resp_buf_type, resp_iov);
|
2018-08-01 07:26:13 +08:00
|
|
|
}
|
|
|
|
|
2016-11-24 07:14:57 +08:00
|
|
|
int
|
|
|
|
SendReceive2(const unsigned int xid, struct cifs_ses *ses,
|
|
|
|
struct kvec *iov, int n_vec, int *resp_buf_type /* ret */,
|
|
|
|
const int flags, struct kvec *resp_iov)
|
|
|
|
{
|
|
|
|
struct smb_rqst rqst;
|
2017-11-21 12:08:07 +08:00
|
|
|
struct kvec s_iov[CIFS_MAX_IOV_SIZE], *new_iov;
|
2016-11-24 07:14:57 +08:00
|
|
|
int rc;
|
|
|
|
|
2017-11-21 12:08:07 +08:00
|
|
|
if (n_vec + 1 > CIFS_MAX_IOV_SIZE) {
|
treewide: kmalloc() -> kmalloc_array()
The kmalloc() function has a 2-factor argument form, kmalloc_array(). This
patch replaces cases of:
kmalloc(a * b, gfp)
with:
kmalloc_array(a * b, gfp)
as well as handling cases of:
kmalloc(a * b * c, gfp)
with:
kmalloc(array3_size(a, b, c), gfp)
as it's slightly less ugly than:
kmalloc_array(array_size(a, b), c, gfp)
This does, however, attempt to ignore constant size factors like:
kmalloc(4 * 1024, gfp)
though any constants defined via macros get caught up in the conversion.
Any factors with a sizeof() of "unsigned char", "char", and "u8" were
dropped, since they're redundant.
The tools/ directory was manually excluded, since it has its own
implementation of kmalloc().
The Coccinelle script used for this was:
// Fix redundant parens around sizeof().
@@
type TYPE;
expression THING, E;
@@
(
kmalloc(
- (sizeof(TYPE)) * E
+ sizeof(TYPE) * E
, ...)
|
kmalloc(
- (sizeof(THING)) * E
+ sizeof(THING) * E
, ...)
)
// Drop single-byte sizes and redundant parens.
@@
expression COUNT;
typedef u8;
typedef __u8;
@@
(
kmalloc(
- sizeof(u8) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(__u8) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(char) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(unsigned char) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(u8) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(__u8) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(char) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(unsigned char) * COUNT
+ COUNT
, ...)
)
// 2-factor product with sizeof(type/expression) and identifier or constant.
@@
type TYPE;
expression THING;
identifier COUNT_ID;
constant COUNT_CONST;
@@
(
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (COUNT_ID)
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * COUNT_ID
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (COUNT_CONST)
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * COUNT_CONST
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (COUNT_ID)
+ COUNT_ID, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * COUNT_ID
+ COUNT_ID, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (COUNT_CONST)
+ COUNT_CONST, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * COUNT_CONST
+ COUNT_CONST, sizeof(THING)
, ...)
)
// 2-factor product, only identifiers.
@@
identifier SIZE, COUNT;
@@
- kmalloc
+ kmalloc_array
(
- SIZE * COUNT
+ COUNT, SIZE
, ...)
// 3-factor product with 1 sizeof(type) or sizeof(expression), with
// redundant parens removed.
@@
expression THING;
identifier STRIDE, COUNT;
type TYPE;
@@
(
kmalloc(
- sizeof(TYPE) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(THING) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
)
// 3-factor product with 2 sizeof(variable), with redundant parens removed.
@@
expression THING1, THING2;
identifier COUNT;
type TYPE1, TYPE2;
@@
(
kmalloc(
- sizeof(TYPE1) * sizeof(TYPE2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kmalloc(
- sizeof(THING1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(THING1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
)
// 3-factor product, only identifiers, with redundant parens removed.
@@
identifier STRIDE, SIZE, COUNT;
@@
(
kmalloc(
- (COUNT) * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
)
// Any remaining multi-factor products, first at least 3-factor products,
// when they're not all constants...
@@
expression E1, E2, E3;
constant C1, C2, C3;
@@
(
kmalloc(C1 * C2 * C3, ...)
|
kmalloc(
- (E1) * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- (E1) * (E2) * E3
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- (E1) * (E2) * (E3)
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- E1 * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
)
// And then all remaining 2 factors products when they're not all constants,
// keeping sizeof() as the second factor argument.
@@
expression THING, E1, E2;
type TYPE;
constant C1, C2, C3;
@@
(
kmalloc(sizeof(THING) * C2, ...)
|
kmalloc(sizeof(TYPE) * C2, ...)
|
kmalloc(C1 * C2 * C3, ...)
|
kmalloc(C1 * C2, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (E2)
+ E2, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * E2
+ E2, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (E2)
+ E2, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * E2
+ E2, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- (E1) * E2
+ E1, E2
, ...)
|
- kmalloc
+ kmalloc_array
(
- (E1) * (E2)
+ E1, E2
, ...)
|
- kmalloc
+ kmalloc_array
(
- E1 * E2
+ E1, E2
, ...)
)
Signed-off-by: Kees Cook <keescook@chromium.org>
2018-06-13 04:55:00 +08:00
|
|
|
new_iov = kmalloc_array(n_vec + 1, sizeof(struct kvec),
|
|
|
|
GFP_KERNEL);
|
2018-04-22 23:24:19 +08:00
|
|
|
if (!new_iov) {
|
|
|
|
/* otherwise cifs_send_recv below sets resp_buf_type */
|
|
|
|
*resp_buf_type = CIFS_NO_BUFFER;
|
2017-11-21 12:08:07 +08:00
|
|
|
return -ENOMEM;
|
2018-04-22 23:24:19 +08:00
|
|
|
}
|
2017-11-21 12:08:07 +08:00
|
|
|
} else
|
|
|
|
new_iov = s_iov;
|
2016-11-24 07:14:57 +08:00
|
|
|
|
|
|
|
/* 1st iov is a RFC1001 length followed by the rest of the packet */
|
|
|
|
memcpy(new_iov + 1, iov, (sizeof(struct kvec) * n_vec));
|
|
|
|
|
|
|
|
new_iov[0].iov_base = new_iov[1].iov_base;
|
|
|
|
new_iov[0].iov_len = 4;
|
|
|
|
new_iov[1].iov_base += 4;
|
|
|
|
new_iov[1].iov_len -= 4;
|
|
|
|
|
|
|
|
memset(&rqst, 0, sizeof(struct smb_rqst));
|
|
|
|
rqst.rq_iov = new_iov;
|
|
|
|
rqst.rq_nvec = n_vec + 1;
|
|
|
|
|
2020-06-01 01:38:22 +08:00
|
|
|
rc = cifs_send_recv(xid, ses, ses->server,
|
|
|
|
&rqst, resp_buf_type, flags, resp_iov);
|
2017-11-21 12:08:07 +08:00
|
|
|
if (n_vec + 1 > CIFS_MAX_IOV_SIZE)
|
|
|
|
kfree(new_iov);
|
2016-11-24 07:14:57 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
int
|
2011-05-27 12:34:02 +08:00
|
|
|
SendReceive(const unsigned int xid, struct cifs_ses *ses,
|
2005-04-17 06:20:36 +08:00
|
|
|
struct smb_hdr *in_buf, struct smb_hdr *out_buf,
|
2019-03-08 10:58:18 +08:00
|
|
|
int *pbytes_returned, const int flags)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
|
|
|
int rc = 0;
|
|
|
|
struct mid_q_entry *midQ;
|
2016-11-24 07:08:14 +08:00
|
|
|
unsigned int len = be32_to_cpu(in_buf->smb_buf_length);
|
|
|
|
struct kvec iov = { .iov_base = in_buf, .iov_len = len };
|
|
|
|
struct smb_rqst rqst = { .rq_iov = &iov, .rq_nvec = 1 };
|
2019-01-17 03:22:29 +08:00
|
|
|
struct cifs_credits credits = { .value = 1, .instance = 0 };
|
2019-09-02 23:10:59 +08:00
|
|
|
struct TCP_Server_Info *server;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
if (ses == NULL) {
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(VFS, "Null smb session\n");
|
2005-04-17 06:20:36 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
2019-09-02 23:10:59 +08:00
|
|
|
server = ses->server;
|
2019-08-28 15:15:35 +08:00
|
|
|
if (server == NULL) {
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(VFS, "Null tcp session\n");
|
2005-04-17 06:20:36 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->srv_lock);
|
2021-07-20 01:05:53 +08:00
|
|
|
if (server->tcpStatus == CifsExiting) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2005-04-29 13:41:11 +08:00
|
|
|
return -ENOENT;
|
2021-07-20 01:05:53 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2005-04-29 13:41:11 +08:00
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
/* Ensure that we do not send more than 50 overlapping requests
|
2005-04-17 06:20:36 +08:00
|
|
|
to the same server. We may make this configurable later or
|
|
|
|
use ses->maxReq */
|
|
|
|
|
2016-11-24 07:08:14 +08:00
|
|
|
if (len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
|
2020-04-15 13:42:53 +08:00
|
|
|
cifs_server_dbg(VFS, "Invalid length, greater than maximum frame, %d\n",
|
|
|
|
len);
|
2008-12-09 04:50:24 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = wait_for_free_request(server, flags, &credits.instance);
|
2006-08-03 05:56:33 +08:00
|
|
|
if (rc)
|
|
|
|
return rc;
|
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
/* make sure that we sign in the same order that we send on this socket
|
2005-04-17 06:20:36 +08:00
|
|
|
and avoid races inside tcp sendmsg code that could cause corruption
|
|
|
|
of smb data */
|
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_lock(server);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2006-08-03 05:56:33 +08:00
|
|
|
rc = allocate_mid(ses, in_buf, &midQ);
|
|
|
|
if (rc) {
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2006-08-03 05:56:33 +08:00
|
|
|
/* Update # of requests on wire to server */
|
2019-08-28 15:15:35 +08:00
|
|
|
add_credits(server, &credits, 0);
|
2006-08-03 05:56:33 +08:00
|
|
|
return rc;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = cifs_sign_smb(in_buf, server, &midQ->sequence_number);
|
2008-12-06 23:00:53 +08:00
|
|
|
if (rc) {
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2008-12-06 23:00:53 +08:00
|
|
|
goto out;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-24 02:28:03 +08:00
|
|
|
midQ->mid_state = MID_REQUEST_SUBMITTED;
|
2011-08-10 02:44:44 +08:00
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_in_send_inc(server);
|
|
|
|
rc = smb_send(server, in_buf, len);
|
|
|
|
cifs_in_send_dec(server);
|
2011-08-10 02:44:44 +08:00
|
|
|
cifs_save_when_sent(midQ);
|
2013-04-03 22:27:36 +08:00
|
|
|
|
|
|
|
if (rc < 0)
|
2019-08-28 15:15:35 +08:00
|
|
|
server->sequence_number -= 2;
|
2013-04-03 22:27:36 +08:00
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
if (rc < 0)
|
2006-08-03 05:56:33 +08:00
|
|
|
goto out;
|
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = wait_for_response(server, midQ);
|
2011-01-28 20:08:28 +08:00
|
|
|
if (rc != 0) {
|
2019-08-28 15:15:35 +08:00
|
|
|
send_cancel(server, &rqst, midQ);
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->mid_lock);
|
2012-03-24 02:28:03 +08:00
|
|
|
if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
|
2011-01-28 20:08:28 +08:00
|
|
|
/* no longer considered to be "in-flight" */
|
2022-08-05 22:47:38 +08:00
|
|
|
midQ->callback = release_mid;
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2019-08-28 15:15:35 +08:00
|
|
|
add_credits(server, &credits, 0);
|
2011-01-28 20:08:28 +08:00
|
|
|
return rc;
|
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2011-01-28 20:08:28 +08:00
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = cifs_sync_mid_result(midQ, server);
|
2011-01-11 20:24:02 +08:00
|
|
|
if (rc != 0) {
|
2019-08-28 15:15:35 +08:00
|
|
|
add_credits(server, &credits, 0);
|
2005-04-17 06:20:36 +08:00
|
|
|
return rc;
|
|
|
|
}
|
2007-07-13 08:33:32 +08:00
|
|
|
|
2011-05-20 04:22:52 +08:00
|
|
|
if (!midQ->resp_buf || !out_buf ||
|
2012-03-24 02:28:03 +08:00
|
|
|
midQ->mid_state != MID_RESPONSE_RECEIVED) {
|
2008-12-12 01:26:54 +08:00
|
|
|
rc = -EIO;
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_server_dbg(VFS, "Bad MID state?\n");
|
2011-05-20 04:22:52 +08:00
|
|
|
goto out;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2012-03-24 02:28:02 +08:00
|
|
|
*pbytes_returned = get_rfc1002_length(midQ->resp_buf);
|
2011-05-20 04:22:52 +08:00
|
|
|
memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = cifs_check_receive(midQ, server, 0);
|
2006-08-03 05:56:33 +08:00
|
|
|
out:
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ);
|
2019-08-28 15:15:35 +08:00
|
|
|
add_credits(server, &credits, 0);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2006-08-03 05:56:33 +08:00
|
|
|
return rc;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2006-08-03 05:56:33 +08:00
|
|
|
/* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
|
|
|
|
blocking lock to return. */
|
|
|
|
|
|
|
|
static int
|
2011-05-27 12:34:02 +08:00
|
|
|
send_lock_cancel(const unsigned int xid, struct cifs_tcon *tcon,
|
2006-08-03 05:56:33 +08:00
|
|
|
struct smb_hdr *in_buf,
|
|
|
|
struct smb_hdr *out_buf)
|
|
|
|
{
|
|
|
|
int bytes_returned;
|
2011-05-27 12:34:02 +08:00
|
|
|
struct cifs_ses *ses = tcon->ses;
|
2006-08-03 05:56:33 +08:00
|
|
|
LOCK_REQ *pSMB = (LOCK_REQ *)in_buf;
|
|
|
|
|
|
|
|
/* We just modify the current in_buf to change
|
|
|
|
the type of lock from LOCKING_ANDX_SHARED_LOCK
|
|
|
|
or LOCKING_ANDX_EXCLUSIVE_LOCK to
|
|
|
|
LOCKING_ANDX_CANCEL_LOCK. */
|
|
|
|
|
|
|
|
pSMB->LockType = LOCKING_ANDX_CANCEL_LOCK|LOCKING_ANDX_LARGE_FILES;
|
|
|
|
pSMB->Timeout = 0;
|
2012-05-23 18:01:59 +08:00
|
|
|
pSMB->hdr.Mid = get_next_mid(ses->server);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
|
|
|
return SendReceive(xid, ses, in_buf, out_buf,
|
2011-01-11 20:24:23 +08:00
|
|
|
&bytes_returned, 0);
|
2006-08-03 05:56:33 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2011-05-27 12:34:02 +08:00
|
|
|
SendReceiveBlockingLock(const unsigned int xid, struct cifs_tcon *tcon,
|
2006-08-03 05:56:33 +08:00
|
|
|
struct smb_hdr *in_buf, struct smb_hdr *out_buf,
|
|
|
|
int *pbytes_returned)
|
|
|
|
{
|
|
|
|
int rc = 0;
|
|
|
|
int rstart = 0;
|
|
|
|
struct mid_q_entry *midQ;
|
2011-05-27 12:34:02 +08:00
|
|
|
struct cifs_ses *ses;
|
2016-11-24 07:08:14 +08:00
|
|
|
unsigned int len = be32_to_cpu(in_buf->smb_buf_length);
|
|
|
|
struct kvec iov = { .iov_base = in_buf, .iov_len = len };
|
|
|
|
struct smb_rqst rqst = { .rq_iov = &iov, .rq_nvec = 1 };
|
2019-01-17 03:22:29 +08:00
|
|
|
unsigned int instance;
|
2019-08-28 15:15:35 +08:00
|
|
|
struct TCP_Server_Info *server;
|
2006-08-03 05:56:33 +08:00
|
|
|
|
|
|
|
if (tcon == NULL || tcon->ses == NULL) {
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(VFS, "Null smb session\n");
|
2006-08-03 05:56:33 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
ses = tcon->ses;
|
2019-08-28 15:15:35 +08:00
|
|
|
server = ses->server;
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
if (server == NULL) {
|
2013-05-05 11:12:25 +08:00
|
|
|
cifs_dbg(VFS, "Null tcp session\n");
|
2006-08-03 05:56:33 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->srv_lock);
|
2021-07-20 01:05:53 +08:00
|
|
|
if (server->tcpStatus == CifsExiting) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
return -ENOENT;
|
2021-07-20 01:05:53 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
/* Ensure that we do not send more than 50 overlapping requests
|
2006-08-03 05:56:33 +08:00
|
|
|
to the same server. We may make this configurable later or
|
|
|
|
use ses->maxReq */
|
|
|
|
|
2016-11-24 07:08:14 +08:00
|
|
|
if (len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
|
2020-04-15 13:42:53 +08:00
|
|
|
cifs_tcon_dbg(VFS, "Invalid length, greater than maximum frame, %d\n",
|
|
|
|
len);
|
2008-12-09 04:50:24 +08:00
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = wait_for_free_request(server, CIFS_BLOCKING_OP, &instance);
|
2006-08-03 05:56:33 +08:00
|
|
|
if (rc)
|
|
|
|
return rc;
|
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
/* make sure that we sign in the same order that we send on this socket
|
2006-08-03 05:56:33 +08:00
|
|
|
and avoid races inside tcp sendmsg code that could cause corruption
|
|
|
|
of smb data */
|
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_lock(server);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
|
|
|
rc = allocate_mid(ses, in_buf, &midQ);
|
|
|
|
if (rc) {
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2006-08-03 05:56:33 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = cifs_sign_smb(in_buf, server, &midQ->sequence_number);
|
2008-12-06 23:00:53 +08:00
|
|
|
if (rc) {
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ);
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2008-12-06 23:00:53 +08:00
|
|
|
return rc;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-24 02:28:03 +08:00
|
|
|
midQ->mid_state = MID_REQUEST_SUBMITTED;
|
2019-08-28 15:15:35 +08:00
|
|
|
cifs_in_send_inc(server);
|
|
|
|
rc = smb_send(server, in_buf, len);
|
|
|
|
cifs_in_send_dec(server);
|
2011-08-10 02:44:44 +08:00
|
|
|
cifs_save_when_sent(midQ);
|
2013-04-03 22:27:36 +08:00
|
|
|
|
|
|
|
if (rc < 0)
|
2019-08-28 15:15:35 +08:00
|
|
|
server->sequence_number -= 2;
|
2013-04-03 22:27:36 +08:00
|
|
|
|
2022-06-01 13:03:18 +08:00
|
|
|
cifs_server_unlock(server);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2007-07-07 06:44:50 +08:00
|
|
|
if (rc < 0) {
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ);
|
2006-08-03 05:56:33 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Wait for a reply - allow signals to interrupt. */
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = wait_event_interruptible(server->response_q,
|
2012-03-24 02:28:03 +08:00
|
|
|
(!(midQ->mid_state == MID_REQUEST_SUBMITTED)) ||
|
2019-08-28 15:15:35 +08:00
|
|
|
((server->tcpStatus != CifsGood) &&
|
|
|
|
(server->tcpStatus != CifsNew)));
|
2006-08-03 05:56:33 +08:00
|
|
|
|
|
|
|
/* Were we interrupted by a signal ? */
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
if ((rc == -ERESTARTSYS) &&
|
2012-03-24 02:28:03 +08:00
|
|
|
(midQ->mid_state == MID_REQUEST_SUBMITTED) &&
|
2019-08-28 15:15:35 +08:00
|
|
|
((server->tcpStatus == CifsGood) ||
|
|
|
|
(server->tcpStatus == CifsNew))) {
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
|
|
|
if (in_buf->Command == SMB_COM_TRANSACTION2) {
|
|
|
|
/* POSIX lock. We send a NT_CANCEL SMB to cause the
|
|
|
|
blocking lock to return. */
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = send_cancel(server, &rqst, midQ);
|
2006-08-03 05:56:33 +08:00
|
|
|
if (rc) {
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ);
|
2006-08-03 05:56:33 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/* Windows lock. We send a LOCKINGX_CANCEL_LOCK
|
|
|
|
to cause the blocking lock to return. */
|
|
|
|
|
|
|
|
rc = send_lock_cancel(xid, tcon, in_buf, out_buf);
|
|
|
|
|
|
|
|
/* If we get -ENOLCK back the lock may have
|
|
|
|
already been removed. Don't exit in this case. */
|
|
|
|
if (rc && rc != -ENOLCK) {
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ);
|
2006-08-03 05:56:33 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = wait_for_response(server, midQ);
|
2011-01-28 20:08:28 +08:00
|
|
|
if (rc) {
|
2019-08-28 15:15:35 +08:00
|
|
|
send_cancel(server, &rqst, midQ);
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->mid_lock);
|
2012-03-24 02:28:03 +08:00
|
|
|
if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
|
2011-01-28 20:08:28 +08:00
|
|
|
/* no longer considered to be "in-flight" */
|
2022-08-05 22:47:38 +08:00
|
|
|
midQ->callback = release_mid;
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2011-01-28 20:08:28 +08:00
|
|
|
return rc;
|
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->mid_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
}
|
2011-01-28 20:08:28 +08:00
|
|
|
|
|
|
|
/* We got the response - restart system call. */
|
|
|
|
rstart = 1;
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_lock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
}
|
2022-07-28 03:49:56 +08:00
|
|
|
spin_unlock(&server->srv_lock);
|
2006-08-03 05:56:33 +08:00
|
|
|
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = cifs_sync_mid_result(midQ, server);
|
2011-01-11 20:24:02 +08:00
|
|
|
if (rc != 0)
|
2006-08-03 05:56:33 +08:00
|
|
|
return rc;
|
2007-07-13 08:33:32 +08:00
|
|
|
|
2008-12-06 23:38:19 +08:00
|
|
|
/* rcvd frame is ok */
|
2012-03-24 02:28:03 +08:00
|
|
|
if (out_buf == NULL || midQ->mid_state != MID_RESPONSE_RECEIVED) {
|
2008-12-06 23:39:31 +08:00
|
|
|
rc = -EIO;
|
2019-09-04 10:32:41 +08:00
|
|
|
cifs_tcon_dbg(VFS, "Bad MID state?\n");
|
2008-12-06 23:39:31 +08:00
|
|
|
goto out;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-03-24 02:28:02 +08:00
|
|
|
*pbytes_returned = get_rfc1002_length(midQ->resp_buf);
|
2011-05-20 04:22:52 +08:00
|
|
|
memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
|
2019-08-28 15:15:35 +08:00
|
|
|
rc = cifs_check_receive(midQ, server, 0);
|
2008-12-06 23:38:19 +08:00
|
|
|
out:
|
2022-08-05 22:47:38 +08:00
|
|
|
delete_mid(midQ);
|
2006-08-03 05:56:33 +08:00
|
|
|
if (rstart && rc == -EACCES)
|
|
|
|
return -ERESTARTSYS;
|
2005-04-17 06:20:36 +08:00
|
|
|
return rc;
|
|
|
|
}
|
2022-08-02 00:17:46 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Discard any remaining data in the current SMB. To do this, we borrow the
|
|
|
|
* current bigbuf.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
cifs_discard_remaining_data(struct TCP_Server_Info *server)
|
|
|
|
{
|
|
|
|
unsigned int rfclen = server->pdu_size;
|
cifs: Change the I/O paths to use an iterator rather than a page list
Currently, the cifs I/O paths hand lists of pages from the VM interface
routines at the top all the way through the intervening layers to the
socket interface at the bottom.
This is a problem, however, for interfacing with netfslib which passes an
iterator through to the ->issue_read() method (and will pass an iterator
through to the ->issue_write() method in future). Netfslib takes over
bounce buffering for direct I/O, async I/O and encrypted content, so cifs
doesn't need to do that. Netfslib also converts IOVEC-type iterators into
BVEC-type iterators if necessary.
Further, cifs needs foliating - and folios may come in a variety of sizes,
so a page list pointing to an array of heterogeneous pages may cause
problems in places such as where crypto is done.
Change the cifs I/O paths to hand iov_iter iterators all the way through
instead.
Notes:
(1) Some old routines are #if'd out to be removed in a follow up patch so
as to avoid confusing diff, thereby making the diff output easier to
follow. I've removed functions that don't overlap with anything
added.
(2) struct smb_rqst loses rq_pages, rq_offset, rq_npages, rq_pagesz and
rq_tailsz which describe the pages forming the buffer; instead there's
an rq_iter describing the source buffer and an rq_buffer which is used
to hold the buffer for encryption.
(3) struct cifs_readdata and cifs_writedata are similarly modified to
smb_rqst. The ->read_into_pages() and ->copy_into_pages() are then
replaced with passing the iterator directly to the socket.
The iterators are stored in these structs so that they are persistent
and don't get deallocated when the function returns (unlike if they
were stack variables).
(4) Buffered writeback is overhauled, borrowing the code from the afs
filesystem to gather up contiguous runs of folios. The XARRAY-type
iterator is then used to refer directly to the pagecache and can be
passed to the socket to transmit data directly from there.
This includes:
cifs_extend_writeback()
cifs_write_back_from_locked_folio()
cifs_writepages_region()
cifs_writepages()
(5) Pages are converted to folios.
(6) Direct I/O uses netfs_extract_user_iter() to create a BVEC-type
iterator from an IOBUF/UBUF-type source iterator.
(7) smb2_get_aead_req() uses netfs_extract_iter_to_sg() to extract page
fragments from the iterator into the scatterlists that the crypto
layer prefers.
(8) smb2_init_transform_rq() attached pages to smb_rqst::rq_buffer, an
xarray, to use as a bounce buffer for encryption. An XARRAY-type
iterator can then be used to pass the bounce buffer to lower layers.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Shyam Prasad N <nspmangalore@gmail.com>
cc: Rohith Surabattula <rohiths.msft@gmail.com>
cc: Paulo Alcantara <pc@cjr.nz>
cc: Jeff Layton <jlayton@kernel.org>
cc: linux-cifs@vger.kernel.org
Link: https://lore.kernel.org/r/164311907995.2806745.400147335497304099.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/164928620163.457102.11602306234438271112.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165211420279.3154751.15923591172438186144.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165348880385.2106726.3220789453472800240.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165364827111.3334034.934805882842932881.stgit@warthog.procyon.org.uk/ # v3
Link: https://lore.kernel.org/r/166126396180.708021.271013668175370826.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/166697259595.61150.5982032408321852414.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/166732031756.3186319.12528413619888902872.stgit@warthog.procyon.org.uk/ # rfc
Signed-off-by: Steve French <stfrench@microsoft.com>
2022-01-25 05:13:24 +08:00
|
|
|
size_t remaining = rfclen + HEADER_PREAMBLE_SIZE(server) -
|
2022-08-02 00:17:46 +08:00
|
|
|
server->total_read;
|
|
|
|
|
|
|
|
while (remaining > 0) {
|
cifs: Change the I/O paths to use an iterator rather than a page list
Currently, the cifs I/O paths hand lists of pages from the VM interface
routines at the top all the way through the intervening layers to the
socket interface at the bottom.
This is a problem, however, for interfacing with netfslib which passes an
iterator through to the ->issue_read() method (and will pass an iterator
through to the ->issue_write() method in future). Netfslib takes over
bounce buffering for direct I/O, async I/O and encrypted content, so cifs
doesn't need to do that. Netfslib also converts IOVEC-type iterators into
BVEC-type iterators if necessary.
Further, cifs needs foliating - and folios may come in a variety of sizes,
so a page list pointing to an array of heterogeneous pages may cause
problems in places such as where crypto is done.
Change the cifs I/O paths to hand iov_iter iterators all the way through
instead.
Notes:
(1) Some old routines are #if'd out to be removed in a follow up patch so
as to avoid confusing diff, thereby making the diff output easier to
follow. I've removed functions that don't overlap with anything
added.
(2) struct smb_rqst loses rq_pages, rq_offset, rq_npages, rq_pagesz and
rq_tailsz which describe the pages forming the buffer; instead there's
an rq_iter describing the source buffer and an rq_buffer which is used
to hold the buffer for encryption.
(3) struct cifs_readdata and cifs_writedata are similarly modified to
smb_rqst. The ->read_into_pages() and ->copy_into_pages() are then
replaced with passing the iterator directly to the socket.
The iterators are stored in these structs so that they are persistent
and don't get deallocated when the function returns (unlike if they
were stack variables).
(4) Buffered writeback is overhauled, borrowing the code from the afs
filesystem to gather up contiguous runs of folios. The XARRAY-type
iterator is then used to refer directly to the pagecache and can be
passed to the socket to transmit data directly from there.
This includes:
cifs_extend_writeback()
cifs_write_back_from_locked_folio()
cifs_writepages_region()
cifs_writepages()
(5) Pages are converted to folios.
(6) Direct I/O uses netfs_extract_user_iter() to create a BVEC-type
iterator from an IOBUF/UBUF-type source iterator.
(7) smb2_get_aead_req() uses netfs_extract_iter_to_sg() to extract page
fragments from the iterator into the scatterlists that the crypto
layer prefers.
(8) smb2_init_transform_rq() attached pages to smb_rqst::rq_buffer, an
xarray, to use as a bounce buffer for encryption. An XARRAY-type
iterator can then be used to pass the bounce buffer to lower layers.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Shyam Prasad N <nspmangalore@gmail.com>
cc: Rohith Surabattula <rohiths.msft@gmail.com>
cc: Paulo Alcantara <pc@cjr.nz>
cc: Jeff Layton <jlayton@kernel.org>
cc: linux-cifs@vger.kernel.org
Link: https://lore.kernel.org/r/164311907995.2806745.400147335497304099.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/164928620163.457102.11602306234438271112.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165211420279.3154751.15923591172438186144.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165348880385.2106726.3220789453472800240.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165364827111.3334034.934805882842932881.stgit@warthog.procyon.org.uk/ # v3
Link: https://lore.kernel.org/r/166126396180.708021.271013668175370826.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/166697259595.61150.5982032408321852414.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/166732031756.3186319.12528413619888902872.stgit@warthog.procyon.org.uk/ # rfc
Signed-off-by: Steve French <stfrench@microsoft.com>
2022-01-25 05:13:24 +08:00
|
|
|
ssize_t length;
|
2022-08-02 00:17:46 +08:00
|
|
|
|
|
|
|
length = cifs_discard_from_socket(server,
|
|
|
|
min_t(size_t, remaining,
|
|
|
|
CIFSMaxBufSize + MAX_HEADER_SIZE(server)));
|
|
|
|
if (length < 0)
|
|
|
|
return length;
|
|
|
|
server->total_read += length;
|
|
|
|
remaining -= length;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
__cifs_readv_discard(struct TCP_Server_Info *server, struct mid_q_entry *mid,
|
|
|
|
bool malformed)
|
|
|
|
{
|
|
|
|
int length;
|
|
|
|
|
|
|
|
length = cifs_discard_remaining_data(server);
|
|
|
|
dequeue_mid(mid, malformed);
|
|
|
|
mid->resp_buf = server->smallbuf;
|
|
|
|
server->smallbuf = NULL;
|
|
|
|
return length;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
cifs_readv_discard(struct TCP_Server_Info *server, struct mid_q_entry *mid)
|
|
|
|
{
|
|
|
|
struct cifs_readdata *rdata = mid->callback_data;
|
|
|
|
|
|
|
|
return __cifs_readv_discard(server, mid, rdata->result);
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
cifs_readv_receive(struct TCP_Server_Info *server, struct mid_q_entry *mid)
|
|
|
|
{
|
|
|
|
int length, len;
|
|
|
|
unsigned int data_offset, data_len;
|
|
|
|
struct cifs_readdata *rdata = mid->callback_data;
|
|
|
|
char *buf = server->smallbuf;
|
2022-08-23 20:52:00 +08:00
|
|
|
unsigned int buflen = server->pdu_size + HEADER_PREAMBLE_SIZE(server);
|
2022-08-02 00:17:46 +08:00
|
|
|
bool use_rdma_mr = false;
|
|
|
|
|
|
|
|
cifs_dbg(FYI, "%s: mid=%llu offset=%llu bytes=%u\n",
|
|
|
|
__func__, mid->mid, rdata->offset, rdata->bytes);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* read the rest of READ_RSP header (sans Data array), or whatever we
|
|
|
|
* can if there's not enough data. At this point, we've read down to
|
|
|
|
* the Mid.
|
|
|
|
*/
|
|
|
|
len = min_t(unsigned int, buflen, server->vals->read_rsp_size) -
|
|
|
|
HEADER_SIZE(server) + 1;
|
|
|
|
|
|
|
|
length = cifs_read_from_socket(server,
|
|
|
|
buf + HEADER_SIZE(server) - 1, len);
|
|
|
|
if (length < 0)
|
|
|
|
return length;
|
|
|
|
server->total_read += length;
|
|
|
|
|
|
|
|
if (server->ops->is_session_expired &&
|
|
|
|
server->ops->is_session_expired(buf)) {
|
|
|
|
cifs_reconnect(server, true);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (server->ops->is_status_pending &&
|
|
|
|
server->ops->is_status_pending(buf, server)) {
|
|
|
|
cifs_discard_remaining_data(server);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* set up first two iov for signature check and to get credits */
|
|
|
|
rdata->iov[0].iov_base = buf;
|
2022-08-23 20:52:00 +08:00
|
|
|
rdata->iov[0].iov_len = HEADER_PREAMBLE_SIZE(server);
|
|
|
|
rdata->iov[1].iov_base = buf + HEADER_PREAMBLE_SIZE(server);
|
2022-08-02 00:17:46 +08:00
|
|
|
rdata->iov[1].iov_len =
|
2022-08-23 20:52:00 +08:00
|
|
|
server->total_read - HEADER_PREAMBLE_SIZE(server);
|
2022-08-02 00:17:46 +08:00
|
|
|
cifs_dbg(FYI, "0: iov_base=%p iov_len=%zu\n",
|
|
|
|
rdata->iov[0].iov_base, rdata->iov[0].iov_len);
|
|
|
|
cifs_dbg(FYI, "1: iov_base=%p iov_len=%zu\n",
|
|
|
|
rdata->iov[1].iov_base, rdata->iov[1].iov_len);
|
|
|
|
|
|
|
|
/* Was the SMB read successful? */
|
|
|
|
rdata->result = server->ops->map_error(buf, false);
|
|
|
|
if (rdata->result != 0) {
|
|
|
|
cifs_dbg(FYI, "%s: server returned error %d\n",
|
|
|
|
__func__, rdata->result);
|
|
|
|
/* normal error on read response */
|
|
|
|
return __cifs_readv_discard(server, mid, false);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Is there enough to get to the rest of the READ_RSP header? */
|
|
|
|
if (server->total_read < server->vals->read_rsp_size) {
|
|
|
|
cifs_dbg(FYI, "%s: server returned short header. got=%u expected=%zu\n",
|
|
|
|
__func__, server->total_read,
|
|
|
|
server->vals->read_rsp_size);
|
|
|
|
rdata->result = -EIO;
|
|
|
|
return cifs_readv_discard(server, mid);
|
|
|
|
}
|
|
|
|
|
|
|
|
data_offset = server->ops->read_data_offset(buf) +
|
2022-08-23 20:52:00 +08:00
|
|
|
HEADER_PREAMBLE_SIZE(server);
|
2022-08-02 00:17:46 +08:00
|
|
|
if (data_offset < server->total_read) {
|
|
|
|
/*
|
|
|
|
* win2k8 sometimes sends an offset of 0 when the read
|
|
|
|
* is beyond the EOF. Treat it as if the data starts just after
|
|
|
|
* the header.
|
|
|
|
*/
|
|
|
|
cifs_dbg(FYI, "%s: data offset (%u) inside read response header\n",
|
|
|
|
__func__, data_offset);
|
|
|
|
data_offset = server->total_read;
|
|
|
|
} else if (data_offset > MAX_CIFS_SMALL_BUFFER_SIZE) {
|
|
|
|
/* data_offset is beyond the end of smallbuf */
|
|
|
|
cifs_dbg(FYI, "%s: data offset (%u) beyond end of smallbuf\n",
|
|
|
|
__func__, data_offset);
|
|
|
|
rdata->result = -EIO;
|
|
|
|
return cifs_readv_discard(server, mid);
|
|
|
|
}
|
|
|
|
|
|
|
|
cifs_dbg(FYI, "%s: total_read=%u data_offset=%u\n",
|
|
|
|
__func__, server->total_read, data_offset);
|
|
|
|
|
|
|
|
len = data_offset - server->total_read;
|
|
|
|
if (len > 0) {
|
|
|
|
/* read any junk before data into the rest of smallbuf */
|
|
|
|
length = cifs_read_from_socket(server,
|
|
|
|
buf + server->total_read, len);
|
|
|
|
if (length < 0)
|
|
|
|
return length;
|
|
|
|
server->total_read += length;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* how much data is in the response? */
|
|
|
|
#ifdef CONFIG_CIFS_SMB_DIRECT
|
|
|
|
use_rdma_mr = rdata->mr;
|
|
|
|
#endif
|
|
|
|
data_len = server->ops->read_data_length(buf, use_rdma_mr);
|
|
|
|
if (!use_rdma_mr && (data_offset + data_len > buflen)) {
|
|
|
|
/* data_len is corrupt -- discard frame */
|
|
|
|
rdata->result = -EIO;
|
|
|
|
return cifs_readv_discard(server, mid);
|
|
|
|
}
|
|
|
|
|
cifs: Change the I/O paths to use an iterator rather than a page list
Currently, the cifs I/O paths hand lists of pages from the VM interface
routines at the top all the way through the intervening layers to the
socket interface at the bottom.
This is a problem, however, for interfacing with netfslib which passes an
iterator through to the ->issue_read() method (and will pass an iterator
through to the ->issue_write() method in future). Netfslib takes over
bounce buffering for direct I/O, async I/O and encrypted content, so cifs
doesn't need to do that. Netfslib also converts IOVEC-type iterators into
BVEC-type iterators if necessary.
Further, cifs needs foliating - and folios may come in a variety of sizes,
so a page list pointing to an array of heterogeneous pages may cause
problems in places such as where crypto is done.
Change the cifs I/O paths to hand iov_iter iterators all the way through
instead.
Notes:
(1) Some old routines are #if'd out to be removed in a follow up patch so
as to avoid confusing diff, thereby making the diff output easier to
follow. I've removed functions that don't overlap with anything
added.
(2) struct smb_rqst loses rq_pages, rq_offset, rq_npages, rq_pagesz and
rq_tailsz which describe the pages forming the buffer; instead there's
an rq_iter describing the source buffer and an rq_buffer which is used
to hold the buffer for encryption.
(3) struct cifs_readdata and cifs_writedata are similarly modified to
smb_rqst. The ->read_into_pages() and ->copy_into_pages() are then
replaced with passing the iterator directly to the socket.
The iterators are stored in these structs so that they are persistent
and don't get deallocated when the function returns (unlike if they
were stack variables).
(4) Buffered writeback is overhauled, borrowing the code from the afs
filesystem to gather up contiguous runs of folios. The XARRAY-type
iterator is then used to refer directly to the pagecache and can be
passed to the socket to transmit data directly from there.
This includes:
cifs_extend_writeback()
cifs_write_back_from_locked_folio()
cifs_writepages_region()
cifs_writepages()
(5) Pages are converted to folios.
(6) Direct I/O uses netfs_extract_user_iter() to create a BVEC-type
iterator from an IOBUF/UBUF-type source iterator.
(7) smb2_get_aead_req() uses netfs_extract_iter_to_sg() to extract page
fragments from the iterator into the scatterlists that the crypto
layer prefers.
(8) smb2_init_transform_rq() attached pages to smb_rqst::rq_buffer, an
xarray, to use as a bounce buffer for encryption. An XARRAY-type
iterator can then be used to pass the bounce buffer to lower layers.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Shyam Prasad N <nspmangalore@gmail.com>
cc: Rohith Surabattula <rohiths.msft@gmail.com>
cc: Paulo Alcantara <pc@cjr.nz>
cc: Jeff Layton <jlayton@kernel.org>
cc: linux-cifs@vger.kernel.org
Link: https://lore.kernel.org/r/164311907995.2806745.400147335497304099.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/164928620163.457102.11602306234438271112.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165211420279.3154751.15923591172438186144.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165348880385.2106726.3220789453472800240.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/165364827111.3334034.934805882842932881.stgit@warthog.procyon.org.uk/ # v3
Link: https://lore.kernel.org/r/166126396180.708021.271013668175370826.stgit@warthog.procyon.org.uk/ # v1
Link: https://lore.kernel.org/r/166697259595.61150.5982032408321852414.stgit@warthog.procyon.org.uk/ # rfc
Link: https://lore.kernel.org/r/166732031756.3186319.12528413619888902872.stgit@warthog.procyon.org.uk/ # rfc
Signed-off-by: Steve French <stfrench@microsoft.com>
2022-01-25 05:13:24 +08:00
|
|
|
#ifdef CONFIG_CIFS_SMB_DIRECT
|
|
|
|
if (rdata->mr)
|
|
|
|
length = data_len; /* An RDMA read is already done. */
|
|
|
|
else
|
|
|
|
#endif
|
|
|
|
length = cifs_read_iter_from_socket(server, &rdata->iter,
|
|
|
|
data_len);
|
|
|
|
if (length > 0)
|
|
|
|
rdata->got_bytes += length;
|
2022-08-02 00:17:46 +08:00
|
|
|
server->total_read += length;
|
|
|
|
|
|
|
|
cifs_dbg(FYI, "total_read=%u buflen=%u remaining=%u\n",
|
|
|
|
server->total_read, buflen, data_len);
|
|
|
|
|
|
|
|
/* discard anything left over */
|
|
|
|
if (server->total_read < buflen)
|
|
|
|
return cifs_readv_discard(server, mid);
|
|
|
|
|
|
|
|
dequeue_mid(mid, false);
|
|
|
|
mid->resp_buf = server->smallbuf;
|
|
|
|
server->smallbuf = NULL;
|
|
|
|
return length;
|
|
|
|
}
|