1. 09 1月, 2008 1 次提交
  2. 04 1月, 2008 1 次提交
  3. 31 12月, 2007 7 次提交
  4. 06 12月, 2007 1 次提交
  5. 25 11月, 2007 1 次提交
  6. 21 11月, 2007 1 次提交
    • J
      [CIFS] Fix potential data corruption when writing out cached dirty pages · cea21805
      Jeff Layton 提交于
      Fix RedHat bug 329431
      
      The idea here is separate "conscious" from "unconscious" flushes.
      Conscious flushes are those due to a fsync() or close(). Unconscious
      ones are flushes that occur as a side effect of some other operation or
      due to memory pressure.
      
      Currently, when an error occurs during an unconscious flush (ENOSPC or
      EIO), we toss out the page and don't preserve that error to report to
      the user when a conscious flush occurs. If after the unconscious flush,
      there are no more dirty pages for the inode, the conscious flush will
      simply return success even though there were previous errors when writing
      out pages. This can lead to data corruption.
      
      The easiest way to reproduce this is to mount up a CIFS share that's
      very close to being full or where the user is very close to quota. mv
      a file to the share that's slightly larger than the quota allows. The
      writes will all succeed (since they go to pagecache). The mv will do a
      setattr to set the new file's attributes. This calls
      filemap_write_and_wait,
      which will return an error since all of the pages can't be written out.
      Then later, when the flush and release ops occur, there are no more
      dirty pages in pagecache for the file and those operations return 0. mv
      then assumes that the file was written out correctly and deletes the
      original.
      
      CIFS already has a write_behind_rc variable where it stores the results
      from earlier flushes, but that value is only reported in cifs_close.
      Since the VFS ignores the return value from the release operation, this
      isn't helpful. We should be reporting this error during the flush
      operation.
      
      This patch does the following:
      
      1) changes cifs_fsync to use filemap_write_and_wait and cifs_flush and also
      sync to check its return code. If it returns successful, they then check
      the value of write_behind_rc to see if an earlier flush had reported any
      errors. If so, they return that error and clear write_behind_rc.
      
      2) sets write_behind_rc in a few other places where pages are written
      out as a side effect of other operations and the code waits on them.
      
      3) changes cifs_setattr to only call filemap_write_and_wait for
      ATTR_SIZE changes.
      
      4) makes cifs_writepages accurately distinguish between EIO and ENOSPC
      errors when writing out pages.
      
      Some simple testing indicates that the patch works as expected and that
      it fixes the reproduceable known problem.
      Acked-by: NDave Kleikamp <shaggy@austin.rr.com>
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      cea21805
  7. 20 11月, 2007 1 次提交
  8. 17 11月, 2007 7 次提交
  9. 14 11月, 2007 1 次提交
    • S
      [CIFS] Fix buffer overflow if server sends corrupt response to small · 133672ef
      Steve French 提交于
      request
      
      In SendReceive() function in transport.c - it memcpy's
      message payload into a buffer passed via out_buf param. The function
      assumes that all buffers are of size (CIFSMaxBufSize +
      MAX_CIFS_HDR_SIZE) , unfortunately it is also called with smaller
      (MAX_CIFS_SMALL_BUFFER_SIZE) buffers.  There are eight callers
      (SMB worker functions) which are primarily affected by this change:
      
      TreeDisconnect, uLogoff, Close, findClose, SetFileSize, SetFileTimes,
      Lock and PosixLock
      
      CC: Dave Kleikamp <shaggy@austin.ibm.com>
      CC: Przemyslaw Wegrzyn <czajnik@czajsoft.pl>
      Acked-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      133672ef
  10. 13 11月, 2007 1 次提交
  11. 10 11月, 2007 1 次提交
    • J
      [CIFS] fix oops on second mount to same server when null auth is used · 9b8f5f57
      Jeff Layton 提交于
      When a share is mounted using no username, cifs_mount sets
      volume_info.username as a NULL pointer, and the sesInfo userName as an
      empty string. The volume_info.username is passed to a couple of other
      functions to see if there is an existing unc or tcp connection that can
      be used. These functions assume that the username will be a valid
      string that can be passed to strncmp. If the pointer is NULL, then the
      kernel will oops if there's an existing session to which the string
      can be compared.
      
      This patch changes cifs_mount to set volume_info.username to an empty
      string in this situation, which prevents the oops and should make it
      so that the comparison to other null auth sessions match.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      9b8f5f57
  12. 09 11月, 2007 4 次提交
  13. 06 11月, 2007 1 次提交
  14. 05 11月, 2007 1 次提交
  15. 03 11月, 2007 4 次提交
  16. 02 11月, 2007 1 次提交
  17. 01 11月, 2007 1 次提交
    • S
      [CIFS] when mount helper missing fix slash wrong direction in share · 1fb64bfc
      Steve French 提交于
      Kernel bugzilla bug #9228
      
      If mount helper (mount.cifs) missing, mounts with form like
      //10.11.12.13/c$ would not work (only mounts with slash e.g.
      //10.11.12.13\\c$ would work) due to problem with slash supposed
      to be converted to backslash by the mount helper (which is not
      there).
      
      If we fail on converting an IPv4 address in in4_pton then
      try to canonicalize the first slash (ie between sharename
      and host ip address) if necessary.  If we have to retry
      to check for IPv6 address the slash is already converted
      if necessary.
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      1fb64bfc
  18. 31 10月, 2007 1 次提交
  19. 30 10月, 2007 1 次提交
  20. 27 10月, 2007 1 次提交
  21. 26 10月, 2007 2 次提交