1. 21 10月, 2020 1 次提交
  2. 03 8月, 2020 4 次提交
  3. 13 6月, 2020 1 次提交
  4. 12 6月, 2020 1 次提交
  5. 05 6月, 2020 2 次提交
    • A
      cifs: multichannel: try to rebind when reconnecting a channel · 2f589679
      Aurelien Aptel 提交于
      first steps in trying to make channels properly reconnect.
      
      * add cifs_ses_find_chan() function to find the enclosing cifs_chan
        struct it belongs to
      * while we have the session lock and are redoing negprot and
        sess.setup in smb2_reconnect() redo the binding of channels.
      Signed-off-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      2f589679
    • A
      cifs: multichannel: move channel selection above transport layer · 352d96f3
      Aurelien Aptel 提交于
      Move the channel (TCP_Server_Info*) selection from the tranport
      layer to higher in the call stack so that:
      
      - credit handling is done with the server that will actually be used
        to send.
        * ->wait_mtu_credit
        * ->set_credits / set_credits
        * ->add_credits / add_credits
        * add_credits_and_wake_if
      
      - potential reconnection (smb2_reconnect) done when initializing a
        request is checked and done with the server that will actually be
        used to send.
      
      To do this:
      
      - remove the cifs_pick_channel() call out of compound_send_recv()
      
      - select channel and pass it down by adding a cifs_pick_channel(ses)
        call in:
        - smb311_posix_mkdir
        - SMB2_open
        - SMB2_ioctl
        - __SMB2_close
        - query_info
        - SMB2_change_notify
        - SMB2_flush
        - smb2_async_readv  (if none provided in context param)
        - SMB2_read         (if none provided in context param)
        - smb2_async_writev (if none provided in context param)
        - SMB2_write        (if none provided in context param)
        - SMB2_query_directory
        - send_set_info
        - SMB2_oplock_break
        - SMB311_posix_qfs_info
        - SMB2_QFS_info
        - SMB2_QFS_attr
        - smb2_lockv
        - SMB2_lease_break
          - smb2_compound_op
        - smb2_set_ea
        - smb2_ioctl_query_info
        - smb2_query_dir_first
        - smb2_query_info_comound
        - smb2_query_symlink
        - cifs_writepages
        - cifs_write_from_iter
        - cifs_send_async_read
        - cifs_read
        - cifs_readpages
      
      - add TCP_Server_Info *server param argument to:
        - cifs_send_recv
        - compound_send_recv
        - SMB2_open_init
        - SMB2_query_info_init
        - SMB2_set_info_init
        - SMB2_close_init
        - SMB2_ioctl_init
        - smb2_iotcl_req_init
        - SMB2_query_directory_init
        - SMB2_notify_init
        - SMB2_flush_init
        - build_qfs_info_req
        - smb2_hdr_assemble
        - smb2_reconnect
        - fill_small_buf
        - smb2_plain_req_init
        - __smb2_plain_req_init
      
      The read/write codepath is different than the rest as it is using
      pages, io iterators and async calls. To deal with those we add a
      server pointer in the cifs_writedata/cifs_readdata/cifs_io_parms
      context struct and set it in:
      
      - cifs_writepages      (wdata)
      - cifs_write_from_iter (wdata)
      - cifs_readpages       (rdata)
      - cifs_send_async_read (rdata)
      
      The [rw]data->server pointer is eventually copied to
      cifs_io_parms->server to pass it down to SMB2_read/SMB2_write.
      If SMB2_read/SMB2_write is called from a different place that doesn't
      set the server field it will pick a channel.
      
      Some places do not pick a channel and just use ses->server or
      cifs_ses_server(ses). All cifs_ses_server(ses) calls are in codepaths
      involving negprot/sess.setup.
      
      - SMB2_negotiate         (binding channel)
      - SMB2_sess_alloc_buffer (binding channel)
      - SMB2_echo              (uses provided one)
      - SMB2_logoff            (uses master)
      - SMB2_tdis              (uses master)
      
      (list not exhaustive)
      Signed-off-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      352d96f3
  6. 02 6月, 2020 1 次提交
  7. 01 6月, 2020 2 次提交
    • J
      cifs: Standardize logging output · a0a3036b
      Joe Perches 提交于
      Use pr_fmt to standardize all logging for fs/cifs.
      
      Some logging output had no CIFS: specific prefix.
      
      Now all output has one of three prefixes:
      
      o CIFS:
      o CIFS: VFS:
      o Root-CIFS:
      
      Miscellanea:
      
      o Convert printks to pr_<level>
      o Neaten macro definitions
      o Remove embedded CIFS: prefixes from formats
      o Convert "illegal" to "invalid"
      o Coalesce formats
      o Add missing '\n' format terminations
      o Consolidate multiple cifs_dbg continuations into single calls
      o More consistent use of upper case first word output logging
      o Multiline statement argument alignment and wrapping
      Signed-off-by: NJoe Perches <joe@perches.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      a0a3036b
    • P
      cifs: handle hostnames that resolve to same ip in failover · e4af35fa
      Paulo Alcantara 提交于
      In order to support reconnect to hostnames that resolve to same ip
      address, besides relying on the currently set hostname to match DFS
      targets, attempt to resolve the targets and then match their addresses
      with the reconnected server ip address.
      
      For instance, if we have two hostnames "FOO" and "BAR", and both
      resolve to the same ip address, we would be able to handle failover in
      DFS paths like
      
          \\FOO\dfs\link1 -> [ \BAZ\share2 (*), \BAR\share1 ]
          \\FOO\dfs\link2 -> [ \BAZ\share2 (*), \FOO\share1 ]
      
      so when "BAZ" is no longer accessible, link1 and link2 would get
      reconnected despite having different target hostnames.
      Signed-off-by: NPaulo Alcantara (SUSE) <pc@cjr.nz>
      Reviewed-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      e4af35fa
  8. 23 3月, 2020 1 次提交
  9. 25 2月, 2020 1 次提交
    • A
      cifs: fix rename() by ensuring source handle opened with DELETE bit · 86f740f2
      Aurelien Aptel 提交于
      To rename a file in SMB2 we open it with the DELETE access and do a
      special SetInfo on it. If the handle is missing the DELETE bit the
      server will fail the SetInfo with STATUS_ACCESS_DENIED.
      
      We currently try to reuse any existing opened handle we have with
      cifs_get_writable_path(). That function looks for handles with WRITE
      access but doesn't check for DELETE, making rename() fail if it finds
      a handle to reuse. Simple reproducer below.
      
      To select handles with the DELETE bit, this patch adds a flag argument
      to cifs_get_writable_path() and find_writable_file() and the existing
      'bool fsuid_only' argument is converted to a flag.
      
      The cifsFileInfo struct only stores the UNIX open mode but not the
      original SMB access flags. Since the DELETE bit is not mapped in that
      mode, this patch stores the access mask in cifs_fid on file open,
      which is accessible from cifsFileInfo.
      
      Simple reproducer:
      
      	#include <stdio.h>
      	#include <stdlib.h>
      	#include <sys/types.h>
      	#include <sys/stat.h>
      	#include <fcntl.h>
      	#include <unistd.h>
      	#define E(s) perror(s), exit(1)
      
      	int main(int argc, char *argv[])
      	{
      		int fd, ret;
      		if (argc != 3) {
      			fprintf(stderr, "Usage: %s A B\n"
      			"create&open A in write mode, "
      			"rename A to B, close A\n", argv[0]);
      			return 0;
      		}
      
      		fd = openat(AT_FDCWD, argv[1], O_WRONLY|O_CREAT|O_SYNC, 0666);
      		if (fd == -1) E("openat()");
      
      		ret = rename(argv[1], argv[2]);
      		if (ret) E("rename()");
      
      		ret = close(fd);
      		if (ret) E("close()");
      
      		return ret;
      	}
      
      $ gcc -o bugrename bugrename.c
      $ ./bugrename /mnt/a /mnt/b
      rename(): Permission denied
      
      Fixes: 8de9e86c ("cifs: create a helper to find a writeable handle by path name")
      CC: Stable <stable@vger.kernel.org>
      Signed-off-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      Reviewed-by: NPaulo Alcantara (SUSE) <pc@cjr.nz>
      86f740f2
  10. 05 2月, 2020 1 次提交
  11. 04 2月, 2020 1 次提交
  12. 27 1月, 2020 2 次提交
  13. 07 12月, 2019 1 次提交
  14. 25 11月, 2019 2 次提交
    • A
      cifs: try opening channels after mounting · d70e9fa5
      Aurelien Aptel 提交于
      After doing mount() successfully we call cifs_try_adding_channels()
      which will open as many channels as it can.
      
      Channels are closed when the master session is closed.
      
      The master connection becomes the first channel.
      
      ,-------------> global cifs_tcp_ses_list <-------------------------.
      |                                                                  |
      '- TCP_Server_Info  <-->  TCP_Server_Info  <-->  TCP_Server_Info <-'
            (master con)           (chan#1 con)         (chan#2 con)
            |      ^                    ^                    ^
            v      '--------------------|--------------------'
         cifs_ses                       |
         - chan_count = 3               |
         - chans[] ---------------------'
         - smb3signingkey[]
            (master signing key)
      
      Note how channel connections don't have sessions. That's because
      cifs_ses can only be part of one linked list (list_head are internal
      to the elements).
      
      For signing keys, each channel has its own signing key which must be
      used only after the channel has been bound. While it's binding it must
      use the master session signing key.
      
      For encryption keys, since channel connections do not have sessions
      attached we must now find matching session by looping over all sessions
      in smb2_get_enc_key().
      
      Each channel is opened like a regular server connection but at the
      session setup request step it must set the
      SMB2_SESSION_REQ_FLAG_BINDING flag and use the session id to bind to.
      
      Finally, while sending in compound_send_recv() for requests that
      aren't negprot, ses-setup or binding related, use a channel by cycling
      through the available ones (round-robin).
      Signed-off-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      d70e9fa5
    • A
      cifs: add server param · f780bd3f
      Aurelien Aptel 提交于
      As we get down to the transport layer, plenty of functions are passed
      the session pointer and assume the transport to use is ses->server.
      
      Instead we modify those functions to pass (ses, server) so that we
      can decouple the session from the server.
      Signed-off-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      f780bd3f
  15. 25 10月, 2019 1 次提交
    • D
      cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs · d46b0da7
      Dave Wysochanski 提交于
      There's a deadlock that is possible and can easily be seen with
      a test where multiple readers open/read/close of the same file
      and a disruption occurs causing reconnect.  The deadlock is due
      a reader thread inside cifs_strict_readv calling down_read and
      obtaining lock_sem, and then after reconnect inside
      cifs_reopen_file calling down_read a second time.  If in
      between the two down_read calls, a down_write comes from
      another process, deadlock occurs.
      
              CPU0                    CPU1
              ----                    ----
      cifs_strict_readv()
       down_read(&cifsi->lock_sem);
                                     _cifsFileInfo_put
                                        OR
                                     cifs_new_fileinfo
                                      down_write(&cifsi->lock_sem);
      cifs_reopen_file()
       down_read(&cifsi->lock_sem);
      
      Fix the above by changing all down_write(lock_sem) calls to
      down_write_trylock(lock_sem)/msleep() loop, which in turn
      makes the second down_read call benign since it will never
      block behind the writer while holding lock_sem.
      Signed-off-by: NDave Wysochanski <dwysocha@redhat.com>
      Suggested-by: NRonnie Sahlberg <lsahlber@redhat.com>
      Reviewed--by: NRonnie Sahlberg <lsahlber@redhat.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      d46b0da7
  16. 26 9月, 2019 1 次提交
  17. 17 9月, 2019 3 次提交
  18. 28 8月, 2019 1 次提交
  19. 08 5月, 2019 1 次提交
  20. 06 3月, 2019 3 次提交
  21. 29 12月, 2018 3 次提交
    • P
      cifs: Add support for failover in smb2_reconnect() · a3a53b76
      Paulo Alcantara 提交于
      After a successful failover in cifs_reconnect(), the smb2_reconnect()
      function will make sure to reconnect every tcon to new target server.
      
      For SMB2+.
      Signed-off-by: NPaulo Alcantara <palcantara@suse.de>
      Signed-off-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      a3a53b76
    • P
      cifs: Make use of DFS cache to get new DFS referrals · 1c780228
      Paulo Alcantara 提交于
      This patch will make use of DFS cache routines where appropriate and
      do not always request a new referral from server.
      Signed-off-by: NPaulo Alcantara <palcantara@suse.de>
      Reviewed-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      1c780228
    • P
      cifs: Add DFS cache routines · 54be1f6c
      Paulo Alcantara 提交于
      * Add new dfs_cache.[ch] files
      
      * Add new /proc/fs/cifs/dfscache file
        - dump current cache when read
        - clear current cache when writing "0" to it
      
      * Add delayed_work to periodically refresh cache entries
      
      The new interface will be used for caching DFS referrals, as well as
      supporting client target failover.
      
      The DFS cache is a hashtable that maps UNC paths to cache entries.
      
      A cache entry contains:
      - the UNC path it is mapped on
      - how much the the UNC path the entry consumes
      - flags
      - a Time-To-Live after which the entry expires
      - a list of possible targets (linked lists of UNC paths)
      - a "hint target" pointing the last known working target or the first
        target if none were tried. This hint lets cifs.ko remember and try
        working targets first.
      
      * Looking for an entry in the cache is done with dfs_cache_find()
        - if no valid entries are found, a DFS query is made, stored in the
          cache and returned
        - the full target list can be copied and returned to avoid race
          conditions and looped on with the help with the
          dfs_cache_tgt_iterator
      
      * Updating the target hint to the next target is done with
        dfs_cache_update_tgthint()
      
      These functions have a dfs_cache_noreq_XXX() version that doesn't
      fetches referrals if no entries are found. These versions don't
      require the tcp/ses/tcon/cifs_sb parameters as a result.
      
      Expired entries cannot be used and since they have a pretty short TTL
      [1] in order for them to be useful for failover the DFS cache adds a
      delayed work called periodically to keep them fresh.
      
      Since we might not have available connections to issue the referral
      request when refreshing we need to store volume_info structs with
      credentials and other needed info to be able to connect to the right
      server.
      
      1: Windows defaults: 5mn for domain-based referrals, 30mn for regular
      links
      Signed-off-by: NPaulo Alcantara <palcantara@suse.de>
      Signed-off-by: NAurelien Aptel <aaptel@suse.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      54be1f6c
  22. 24 12月, 2018 1 次提交
  23. 24 10月, 2018 1 次提交
  24. 08 8月, 2018 2 次提交
  25. 06 7月, 2018 1 次提交
    • L
      cifs: Fix use after free of a mid_q_entry · 696e420b
      Lars Persson 提交于
      With protocol version 2.0 mounts we have seen crashes with corrupt mid
      entries. Either the server->pending_mid_q list becomes corrupt with a
      cyclic reference in one element or a mid object fetched by the
      demultiplexer thread becomes overwritten during use.
      
      Code review identified a race between the demultiplexer thread and the
      request issuing thread. The demultiplexer thread seems to be written
      with the assumption that it is the sole user of the mid object until
      it calls the mid callback which either wakes the issuer task or
      deletes the mid.
      
      This assumption is not true because the issuer task can be woken up
      earlier by a signal. If the demultiplexer thread has proceeded as far
      as setting the mid_state to MID_RESPONSE_RECEIVED then the issuer
      thread will happily end up calling cifs_delete_mid while the
      demultiplexer thread still is using the mid object.
      
      Inserting a delay in the cifs demultiplexer thread widens the race
      window and makes reproduction of the race very easy:
      
      		if (server->large_buf)
      			buf = server->bigbuf;
      
      +		usleep_range(500, 4000);
      
      		server->lstrp = jiffies;
      
      To resolve this I think the proper solution involves putting a
      reference count on the mid object. This patch makes sure that the
      demultiplexer thread holds a reference until it has finished
      processing the transaction.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NLars Persson <larper@axis.com>
      Acked-by: NPaulo Alcantara <palcantara@suse.de>
      Reviewed-by: NRonnie Sahlberg <lsahlber@redhat.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      Signed-off-by: NSteve French <stfrench@microsoft.com>
      696e420b
  26. 15 6月, 2018 1 次提交