1. 05 9月, 2017 1 次提交
  2. 09 7月, 2017 2 次提交
  3. 13 5月, 2017 1 次提交
  4. 03 5月, 2017 4 次提交
    • R
      CIFS: fix oplock break deadlocks · 3998e6b8
      Rabin Vincent 提交于
      When the final cifsFileInfo_put() is called from cifsiod and an oplock
      break work is queued, lockdep complains loudly:
      
       =============================================
       [ INFO: possible recursive locking detected ]
       4.11.0+ #21 Not tainted
       ---------------------------------------------
       kworker/0:2/78 is trying to acquire lock:
        ("cifsiod"){++++.+}, at: flush_work+0x215/0x350
      
       but task is already holding lock:
        ("cifsiod"){++++.+}, at: process_one_work+0x255/0x8e0
      
       other info that might help us debug this:
        Possible unsafe locking scenario:
      
              CPU0
              ----
         lock("cifsiod");
         lock("cifsiod");
      
        *** DEADLOCK ***
      
        May be due to missing lock nesting notation
      
       2 locks held by kworker/0:2/78:
        #0:  ("cifsiod"){++++.+}, at: process_one_work+0x255/0x8e0
        #1:  ((&wdata->work)){+.+...}, at: process_one_work+0x255/0x8e0
      
       stack backtrace:
       CPU: 0 PID: 78 Comm: kworker/0:2 Not tainted 4.11.0+ #21
       Workqueue: cifsiod cifs_writev_complete
       Call Trace:
        dump_stack+0x85/0xc2
        __lock_acquire+0x17dd/0x2260
        ? match_held_lock+0x20/0x2b0
        ? trace_hardirqs_off_caller+0x86/0x130
        ? mark_lock+0xa6/0x920
        lock_acquire+0xcc/0x260
        ? lock_acquire+0xcc/0x260
        ? flush_work+0x215/0x350
        flush_work+0x236/0x350
        ? flush_work+0x215/0x350
        ? destroy_worker+0x170/0x170
        __cancel_work_timer+0x17d/0x210
        ? ___preempt_schedule+0x16/0x18
        cancel_work_sync+0x10/0x20
        cifsFileInfo_put+0x338/0x7f0
        cifs_writedata_release+0x2a/0x40
        ? cifs_writedata_release+0x2a/0x40
        cifs_writev_complete+0x29d/0x850
        ? preempt_count_sub+0x18/0xd0
        process_one_work+0x304/0x8e0
        worker_thread+0x9b/0x6a0
        kthread+0x1b2/0x200
        ? process_one_work+0x8e0/0x8e0
        ? kthread_create_on_node+0x40/0x40
        ret_from_fork+0x31/0x40
      
      This is a real warning.  Since the oplock is queued on the same
      workqueue this can deadlock if there is only one worker thread active
      for the workqueue (which will be the case during memory pressure when
      the rescuer thread is handling it).
      
      Furthermore, there is at least one other kind of hang possible due to
      the oplock break handling if there is only worker.  (This can be
      reproduced without introducing memory pressure by having passing 1 for
      the max_active parameter of cifsiod.) cifs_oplock_break() can wait
      indefintely in the filemap_fdatawait() while the cifs_writev_complete()
      work is blocked:
      
       sysrq: SysRq : Show Blocked State
         task                        PC stack   pid father
       kworker/0:1     D    0    16      2 0x00000000
       Workqueue: cifsiod cifs_oplock_break
       Call Trace:
        __schedule+0x562/0xf40
        ? mark_held_locks+0x4a/0xb0
        schedule+0x57/0xe0
        io_schedule+0x21/0x50
        wait_on_page_bit+0x143/0x190
        ? add_to_page_cache_lru+0x150/0x150
        __filemap_fdatawait_range+0x134/0x190
        ? do_writepages+0x51/0x70
        filemap_fdatawait_range+0x14/0x30
        filemap_fdatawait+0x3b/0x40
        cifs_oplock_break+0x651/0x710
        ? preempt_count_sub+0x18/0xd0
        process_one_work+0x304/0x8e0
        worker_thread+0x9b/0x6a0
        kthread+0x1b2/0x200
        ? process_one_work+0x8e0/0x8e0
        ? kthread_create_on_node+0x40/0x40
        ret_from_fork+0x31/0x40
       dd              D    0   683    171 0x00000000
       Call Trace:
        __schedule+0x562/0xf40
        ? mark_held_locks+0x29/0xb0
        schedule+0x57/0xe0
        io_schedule+0x21/0x50
        wait_on_page_bit+0x143/0x190
        ? add_to_page_cache_lru+0x150/0x150
        __filemap_fdatawait_range+0x134/0x190
        ? do_writepages+0x51/0x70
        filemap_fdatawait_range+0x14/0x30
        filemap_fdatawait+0x3b/0x40
        filemap_write_and_wait+0x4e/0x70
        cifs_flush+0x6a/0xb0
        filp_close+0x52/0xa0
        __close_fd+0xdc/0x150
        SyS_close+0x33/0x60
        entry_SYSCALL_64_fastpath+0x1f/0xbe
      
       Showing all locks held in the system:
       2 locks held by kworker/0:1/16:
        #0:  ("cifsiod"){.+.+.+}, at: process_one_work+0x255/0x8e0
        #1:  ((&cfile->oplock_break)){+.+.+.}, at: process_one_work+0x255/0x8e0
      
       Showing busy workqueues and worker pools:
       workqueue cifsiod: flags=0xc
         pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/1
           in-flight: 16:cifs_oplock_break
           delayed: cifs_writev_complete, cifs_echo_request
       pool 0: cpus=0 node=0 flags=0x0 nice=0 hung=0s workers=3 idle: 750 3
      
      Fix these problems by creating a a new workqueue (with a rescuer) for
      the oplock break work.
      Signed-off-by: NRabin Vincent <rabinv@axis.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      CC: Stable <stable@vger.kernel.org>
      3998e6b8
    • P
      CIFS: Add asynchronous write support through kernel AIO · c610c4b6
      Pavel Shilovsky 提交于
      This patch adds support to process write calls passed by io_submit()
      asynchronously. It based on the previously introduced async context
      that allows to process i/o responses in a separate thread and
      return the caller immediately for asynchronous calls.
      
      This improves writing performance of single threaded applications
      with increasing of i/o queue depth size.
      Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      c610c4b6
    • P
      CIFS: Add asynchronous read support through kernel AIO · 6685c5e2
      Pavel Shilovsky 提交于
      This patch adds support to process read calls passed by io_submit()
      asynchronously. It based on the previously introduced async context
      that allows to process i/o responses in a separate thread and
      return the caller immediately for asynchronous calls.
      
      This improves reading performance of single threaded applications
      with increasing of i/o queue depth size.
      Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      6685c5e2
    • P
      CIFS: Add asynchronous context to support kernel AIO · ccf7f408
      Pavel Shilovsky 提交于
      Currently the code doesn't recognize asynchronous calls passed
      by io_submit() and processes all calls synchronously. This is not
      what kernel AIO expects. This patch introduces a new async context
      that keeps track of all issued i/o requests and moves a response
      collecting procedure to a separate thread. This allows to return
      to a caller immediately for async calls and call iocb->ki_complete()
      once all requests are completed. For sync calls the current thread
      simply waits until all requests are completed.
      Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      ccf7f408
  5. 11 4月, 2017 1 次提交
  6. 07 4月, 2017 3 次提交
    • S
      Introduce cifs_copy_file_range() · 620d8745
      Sachin Prabhu 提交于
      The earlier changes to copy range for cifs unintentionally disabled the more
      common form of server side copy.
      
      The patch introduces the file_operations helper cifs_copy_file_range()
      which is used by the syscall copy_file_range. The new file operations
      helper allows us to perform server side copies for SMB2.0 and 2.1
      servers as well as SMB 3.0+ servers which do not support the ioctl
      FSCTL_DUPLICATE_EXTENTS_TO_FILE.
      
      The new helper uses the ioctl FSCTL_SRV_COPYCHUNK_WRITE to perform
      server side copies. The helper is called by vfs_copy_file_range() only
      once an attempt to clone the file using the ioctl
      FSCTL_DUPLICATE_EXTENTS_TO_FILE has failed.
      Signed-off-by: NSachin Prabhu <sprabhu@redhat.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      CC: Stable  <stable@vger.kernel.org>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      620d8745
    • S
      SMB3: Rename clone_range to copychunk_range · 312bbc59
      Sachin Prabhu 提交于
      Server side copy is one of the most important mechanisms smb2/smb3
      supports and it was unintentionally disabled for most use cases.
      
      Renaming calls to reflect the underlying smb2 ioctl called. This is
      similar to the name duplicate_extents used for a similar ioctl which is
      also used to duplicate files by reusing fs blocks. The name change is to
      avoid confusion.
      Signed-off-by: NSachin Prabhu <sprabhu@redhat.com>
      CC: Stable <stable@vger.kernel.org>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      312bbc59
    • S
      Handle mismatched open calls · 38bd4906
      Sachin Prabhu 提交于
      A signal can interrupt a SendReceive call which result in incoming
      responses to the call being ignored. This is a problem for calls such as
      open which results in the successful response being ignored. This
      results in an open file resource on the server.
      
      The patch looks into responses which were cancelled after being sent and
      in case of successful open closes the open fids.
      
      For this patch, the check is only done in SendReceive2()
      
      RH-bz: 1403319
      Signed-off-by: NSachin Prabhu <sprabhu@redhat.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      Cc: Stable <stable@vger.kernel.org>
      38bd4906
  7. 03 3月, 2017 1 次提交
  8. 02 3月, 2017 1 次提交
  9. 02 2月, 2017 8 次提交
  10. 15 12月, 2016 1 次提交
    • G
      Fix default behaviour for empty domains and add domainauto option · 39566443
      Germano Percossi 提交于
      With commit 2b149f11 many things have been fixed/introduced.
      However, the default behaviour for RawNTLMSSP authentication
      seems to be wrong in case the domain is not passed on the command line.
      
      The main points (see below) of the patch are:
       - It alignes behaviour with Windows clients
       - It fixes backward compatibility
       - It fixes UPN
      
      I compared this behavour with the one from a Windows 10 command line
      client. When no domains are specified on the command line, I traced
      the packets and observed that the client does send an empty
      domain to the server.
      In the linux kernel case, the empty domain is replaced by the
      primary domain communicated by the SMB server.
      This means that, if the credentials are valid against the local server
      but that server is part of a domain, then the kernel module will
      ask to authenticate against that domain and we will get LOGON failure.
      
      I compared the packet trace from the smbclient when no domain is passed
      and, in that case, a default domain from the client smb.conf is taken.
      Apparently, connection succeeds anyway, because when the domain passed
      is not valid (in my case WORKGROUP), then the local one is tried and
      authentication succeeds. I tried with any kind of invalid domain and
      the result was always a connection.
      
      So, trying to interpret what to do and picking a valid domain if none
      is passed, seems the wrong thing to do.
      To this end, a new option "domainauto" has been added in case the
      user wants a mechanism for guessing.
      
      Without this patch, backward compatibility also is broken.
      With kernel 3.10, the default auth mechanism was NTLM.
      One of our testing servers accepted NTLM and, because no
      domains are passed, authentication was local.
      
      Moving to RawNTLMSSP forced us to change our command line
      to add a fake domain to pass to prevent this mechanism to kick in.
      
      For the same reasons, UPN is broken because the domain is specified
      in the username.
      The SMB server will work out the domain from the UPN and authenticate
      against the right server.
      Without the patch, though, given the domain is empty, it gets replaced
      with another domain that could be the wrong one for the authentication.
      Signed-off-by: NGermano Percossi <germano.percossi@citrix.com>
      Acked-by: NPavel Shilovsky <pshilov@microsoft.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      39566443
  11. 06 12月, 2016 2 次提交
    • P
      CIFS: Fix a possible double locking of mutex during reconnect · 96a988ff
      Pavel Shilovsky 提交于
      With the current code it is possible to lock a mutex twice when
      a subsequent reconnects are triggered. On the 1st reconnect we
      reconnect sessions and tcons and then persistent file handles.
      If the 2nd reconnect happens during the reconnecting of persistent
      file handles then the following sequence of calls is observed:
      
      cifs_reopen_file -> SMB2_open -> small_smb2_init -> smb2_reconnect
      -> cifs_reopen_persistent_file_handles -> cifs_reopen_file (again!).
      
      So, we are trying to acquire the same cfile->fh_mutex twice which
      is wrong. Fix this by moving reconnecting of persistent handles to
      the delayed work (smb2_reconnect_server) and submitting this work
      every time we reconnect tcon in SMB2 commands handling codepath.
      
      This can also lead to corruption of a temporary file list in
      cifs_reopen_persistent_file_handles() because we can recursively
      call this function twice.
      
      Cc: Stable <stable@vger.kernel.org> # v4.9+
      Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
      96a988ff
    • P
      CIFS: Fix a possible memory corruption during reconnect · 53e0e11e
      Pavel Shilovsky 提交于
      We can not unlock/lock cifs_tcp_ses_lock while walking through ses
      and tcon lists because it can corrupt list iterator pointers and
      a tcon structure can be released if we don't hold an extra reference.
      Fix it by moving a reconnect process to a separate delayed work
      and acquiring a reference to every tcon that needs to be reconnected.
      Also do not send an echo request on newly established connections.
      
      CC: Stable <stable@vger.kernel.org>
      Signed-off-by: NPavel Shilovsky <pshilov@microsoft.com>
      53e0e11e
  12. 01 12月, 2016 1 次提交
    • S
      SMB3: parsing for new snapshot timestamp mount parm · 8b217fe7
      Steve French 提交于
      New mount option "snapshot=<time>" to allow mounting an earlier
      version of the remote volume (if such a snapshot exists on
      the server).
      
      Note that eventually specifying a snapshot time of 1 will allow
      the user to mount the oldest snapshot. A subsequent patch
      add the processing for that and another for actually specifying
      the "time warp" create context on SMB2/SMB3 open.
      
      Check to make sure SMB2 negotiated, and ensure that
      we use a different tcon if mount same share twice
      but with different snaphshot times
      Signed-off-by: NSteve French <smfrench@gmail.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      8b217fe7
  13. 15 10月, 2016 1 次提交
  14. 14 10月, 2016 2 次提交
  15. 13 10月, 2016 2 次提交
  16. 24 6月, 2016 1 次提交
  17. 05 4月, 2016 1 次提交
  18. 29 3月, 2016 1 次提交
  19. 18 3月, 2016 1 次提交
    • K
      lib: update single-char callers of strtobool() · 1404297e
      Kees Cook 提交于
      Some callers of strtobool() were passing a pointer to unterminated
      strings.  In preparation of adding multi-character processing to
      kstrtobool(), update the callers to not pass single-character pointers,
      and switch to using the new kstrtobool_from_user() helper where
      possible.
      Signed-off-by: NKees Cook <keescook@chromium.org>
      Cc: Amitkumar Karwar <akarwar@marvell.com>
      Cc: Nishant Sarmukadam <nishants@marvell.com>
      Cc: Kalle Valo <kvalo@codeaurora.org>
      Cc: Steve French <sfrench@samba.org>
      Cc: Andy Shevchenko <andy.shevchenko@gmail.com>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
      Cc: Joe Perches <joe@perches.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
      Cc: Michael Ellerman <mpe@ellerman.id.au>
      Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      1404297e
  20. 15 1月, 2016 2 次提交
  21. 04 11月, 2015 1 次提交
  22. 03 11月, 2015 2 次提交