1. 24 7月, 2008 1 次提交
    • J
      lockdep: annotate cifs in-kernel sockets · 09e50d55
      Jeff Layton 提交于
      Put CIFS sockets in their own class to avoid some lockdep warnings. CIFS
      sockets are not exposed to user-space, and so are not subject to the
      same deadlock scenarios.
      
      A similar change was made a couple of years ago for RPC sockets in commit
      ed07536e.
      
      This patch should prevent lockdep false-positives like this one:
      
      =======================================================
      [ INFO: possible circular locking dependency detected ]
      2.6.18-98.el5.jtltest.38.bz456320.1debug #1
      -------------------------------------------------------
      test5/2483 is trying to acquire lock:
       (sk_lock-AF_INET){--..}, at: [<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
      
      but task is already holding lock:
       (&inode->i_alloc_sem){--..}, at: [<ffffffff8002e454>] notify_change+0xf5/0x2e0
      
      which lock already depends on the new lock.
      
      the existing dependency chain (in reverse order) is:
      
      -> #3 (&inode->i_alloc_sem){--..}:
             [<ffffffff800a817c>] __lock_acquire+0x9a9/0xadf
             [<ffffffff800a8a72>] lock_acquire+0x55/0x70
             [<ffffffff8002e454>] notify_change+0xf5/0x2e0
             [<ffffffff800a4e36>] down_write+0x3c/0x68
             [<ffffffff8002e454>] notify_change+0xf5/0x2e0
             [<ffffffff800e358d>] do_truncate+0x50/0x6b
             [<ffffffff8005197c>] get_write_access+0x40/0x46
             [<ffffffff80012cf1>] may_open+0x1d3/0x22e
             [<ffffffff8001bc81>] open_namei+0x2c6/0x6dd
             [<ffffffff800289c6>] do_filp_open+0x1c/0x38
             [<ffffffff800683ef>] _spin_unlock+0x17/0x20
             [<ffffffff800167a7>] get_unused_fd+0xf9/0x107
             [<ffffffff8001a704>] do_sys_open+0x44/0xbe
             [<ffffffff80060116>] system_call+0x7e/0x83
             [<ffffffffffffffff>] 0xffffffffffffffff
      
      -> #2 (&sysfs_inode_imutex_key){--..}:
             [<ffffffff800a817c>] __lock_acquire+0x9a9/0xadf
             [<ffffffff8010f6df>] create_dir+0x26/0x1d7
             [<ffffffff800a8a72>] lock_acquire+0x55/0x70
             [<ffffffff8010f6df>] create_dir+0x26/0x1d7
             [<ffffffff800671c0>] mutex_lock_nested+0x104/0x29c
             [<ffffffff800a819d>] __lock_acquire+0x9ca/0xadf
             [<ffffffff8010f6df>] create_dir+0x26/0x1d7
             [<ffffffff8010fc67>] sysfs_create_dir+0x58/0x76
             [<ffffffff8015144c>] kobject_add+0xdb/0x198
             [<ffffffff801be765>] class_device_add+0xb2/0x465
             [<ffffffff8005a6ff>] kobject_get+0x12/0x17
             [<ffffffff80225265>] register_netdevice+0x270/0x33e
             [<ffffffff8022538c>] register_netdev+0x59/0x67
             [<ffffffff80464d40>] net_olddevs_init+0xb/0xac
             [<ffffffff80448a79>] init+0x1f9/0x2fc
             [<ffffffff80068885>] _spin_unlock_irq+0x24/0x27
             [<ffffffff80067f86>] trace_hardirqs_on_thunk+0x35/0x37
             [<ffffffff80061079>] child_rip+0xa/0x11
             [<ffffffff80068885>] _spin_unlock_irq+0x24/0x27
             [<ffffffff800606a8>] restore_args+0x0/0x30
             [<ffffffff80179a59>] acpi_ds_init_one_object+0x0/0x80
             [<ffffffff80448880>] init+0x0/0x2fc
             [<ffffffff8006106f>] child_rip+0x0/0x11
             [<ffffffffffffffff>] 0xffffffffffffffff
      
      -> #1 (rtnl_mutex){--..}:
             [<ffffffff800a817c>] __lock_acquire+0x9a9/0xadf
             [<ffffffff8025acf8>] ip_mc_leave_group+0x23/0xb7
             [<ffffffff800a8a72>] lock_acquire+0x55/0x70
             [<ffffffff8025acf8>] ip_mc_leave_group+0x23/0xb7
             [<ffffffff800671c0>] mutex_lock_nested+0x104/0x29c
             [<ffffffff8025acf8>] ip_mc_leave_group+0x23/0xb7
             [<ffffffff802451b0>] do_ip_setsockopt+0x6d1/0x9bf
             [<ffffffff800a575e>] lock_release_holdtime+0x27/0x48
             [<ffffffff800a575e>] lock_release_holdtime+0x27/0x48
             [<ffffffff8006a85e>] do_page_fault+0x503/0x835
             [<ffffffff8012cbf6>] socket_has_perm+0x5b/0x68
             [<ffffffff80245556>] ip_setsockopt+0x22/0x78
             [<ffffffff8021c973>] sys_setsockopt+0x91/0xb7
             [<ffffffff800602a6>] tracesys+0xd5/0xdf
             [<ffffffffffffffff>] 0xffffffffffffffff
      
      -> #0 (sk_lock-AF_INET){--..}:
             [<ffffffff800a5037>] print_stack_trace+0x59/0x68
             [<ffffffff800a8092>] __lock_acquire+0x8bf/0xadf
             [<ffffffff800a8a72>] lock_acquire+0x55/0x70
             [<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
             [<ffffffff80035466>] lock_sock+0xd4/0xe4
             [<ffffffff80096e91>] _local_bh_enable+0xcb/0xe0
             [<ffffffff800606a8>] restore_args+0x0/0x30
             [<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
             [<ffffffff80057540>] sock_sendmsg+0xf3/0x110
             [<ffffffff800a2bb6>] autoremove_wake_function+0x0/0x2e
             [<ffffffff800a10e4>] kernel_text_address+0x1a/0x26
             [<ffffffff8006f4e2>] dump_trace+0x211/0x23a
             [<ffffffff800a6d3d>] find_usage_backwards+0x5f/0x88
             [<ffffffff8840221a>] MD5Final+0xaf/0xc2 [cifs]
             [<ffffffff884032ec>] cifs_calculate_signature+0x55/0x69 [cifs]
             [<ffffffff8021d891>] kernel_sendmsg+0x35/0x47
             [<ffffffff883ff38e>] smb_send+0xa3/0x151 [cifs]
             [<ffffffff883ff5de>] SendReceive+0x1a2/0x448 [cifs]
             [<ffffffff800a812f>] __lock_acquire+0x95c/0xadf
             [<ffffffff883e758a>] CIFSSMBSetEOF+0x20d/0x25b [cifs]
             [<ffffffff883fa430>] cifs_set_file_size+0x110/0x3b7 [cifs]
             [<ffffffff883faa89>] cifs_setattr+0x3b2/0x6f6 [cifs]
             [<ffffffff8002e454>] notify_change+0xf5/0x2e0
             [<ffffffff8002e4a4>] notify_change+0x145/0x2e0
             [<ffffffff800e358d>] do_truncate+0x50/0x6b
             [<ffffffff8005197c>] get_write_access+0x40/0x46
             [<ffffffff80012cf1>] may_open+0x1d3/0x22e
             [<ffffffff8001bc81>] open_namei+0x2c6/0x6dd
             [<ffffffff800289c6>] do_filp_open+0x1c/0x38
             [<ffffffff800683ef>] _spin_unlock+0x17/0x20
             [<ffffffff800167a7>] get_unused_fd+0xf9/0x107
             [<ffffffff8001a704>] do_sys_open+0x44/0xbe
             [<ffffffff800602a6>] tracesys+0xd5/0xdf
             [<ffffffffffffffff>] 0xffffffffffffffff
      
      other info that might help us debug this:
      
      2 locks held by test5/2483:
       #0:  (&inode->i_mutex){--..}, at: [<ffffffff800e3582>] do_truncate+0x45/0x6b
       #1:  (&inode->i_alloc_sem){--..}, at: [<ffffffff8002e454>] notify_change+0xf5/0x2e0
      
      stack backtrace:
      
      Call Trace:
       [<ffffffff800a6a7b>] print_circular_bug_tail+0x65/0x6e
       [<ffffffff800a5037>] print_stack_trace+0x59/0x68
       [<ffffffff800a8092>] __lock_acquire+0x8bf/0xadf
       [<ffffffff800a8a72>] lock_acquire+0x55/0x70
       [<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
       [<ffffffff80035466>] lock_sock+0xd4/0xe4
       [<ffffffff80096e91>] _local_bh_enable+0xcb/0xe0
       [<ffffffff800606a8>] restore_args+0x0/0x30
       [<ffffffff800270d2>] tcp_sendmsg+0x1c/0xb2f
       [<ffffffff80057540>] sock_sendmsg+0xf3/0x110
       [<ffffffff800a2bb6>] autoremove_wake_function+0x0/0x2e
       [<ffffffff800a10e4>] kernel_text_address+0x1a/0x26
       [<ffffffff8006f4e2>] dump_trace+0x211/0x23a
       [<ffffffff800a6d3d>] find_usage_backwards+0x5f/0x88
       [<ffffffff8840221a>] :cifs:MD5Final+0xaf/0xc2
       [<ffffffff884032ec>] :cifs:cifs_calculate_signature+0x55/0x69
       [<ffffffff8021d891>] kernel_sendmsg+0x35/0x47
       [<ffffffff883ff38e>] :cifs:smb_send+0xa3/0x151
       [<ffffffff883ff5de>] :cifs:SendReceive+0x1a2/0x448
       [<ffffffff800a812f>] __lock_acquire+0x95c/0xadf
       [<ffffffff883e758a>] :cifs:CIFSSMBSetEOF+0x20d/0x25b
       [<ffffffff883fa430>] :cifs:cifs_set_file_size+0x110/0x3b7
       [<ffffffff883faa89>] :cifs:cifs_setattr+0x3b2/0x6f6
       [<ffffffff8002e454>] notify_change+0xf5/0x2e0
       [<ffffffff8002e4a4>] notify_change+0x145/0x2e0
       [<ffffffff800e358d>] do_truncate+0x50/0x6b
       [<ffffffff8005197c>] get_write_access+0x40/0x46
       [<ffffffff80012cf1>] may_open+0x1d3/0x22e
       [<ffffffff8001bc81>] open_namei+0x2c6/0x6dd
       [<ffffffff800289c6>] do_filp_open+0x1c/0x38
       [<ffffffff800683ef>] _spin_unlock+0x17/0x20
       [<ffffffff800167a7>] get_unused_fd+0xf9/0x107
       [<ffffffff8001a704>] do_sys_open+0x44/0xbe
       [<ffffffff800602a6>] tracesys+0xd5/0xdf
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Acked-by: NPeter Zijlstra <a.p.zijlstra@chello.nl>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      09e50d55
  2. 11 6月, 2008 1 次提交
  3. 24 5月, 2008 1 次提交
  4. 16 5月, 2008 1 次提交
  5. 15 5月, 2008 2 次提交
  6. 13 5月, 2008 2 次提交
    • S
      [CIFS] cleanup old checkpatch warnings · 582d21e5
      Steve French 提交于
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      582d21e5
    • J
      [CIFS] CIFS currently allows for permissions to be changed on files, even · d0a9c078
      Jeff Layton 提交于
      when unix extensions and cifsacl support are disabled. These
      permissions changes are "ephemeral" however. They are lost whenever
      a share is mounted and unmounted, or when memory pressure forces
      the inode out of the cache.
      
      Because of this, we'd like to introduce a behavior change to make
      CIFS behave more like local DOS/Windows filesystems. When unix
      extensions and cifsacl support aren't enabled, then don't silently
      ignore changes to permission bits that can't be reflected on the
      server.
      
      Still, there may be people relying on the current behavior for
      certain applications. This patch adds a new "dynperm" (and a
      corresponding "nodynperm") mount option that will be intended
      to make the client fall back to legacy behavior when setting
      these modes.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      d0a9c078
  7. 12 5月, 2008 3 次提交
    • S
      [CIFS] don't allow demultiplex thread to exit until kthread_stop is called · e691b9d1
      Steve French 提交于
      cifs_demultiplex_thread can exit under several conditions:
      
      1) if it's signaled
      2) if there's a problem with session setup
      3) if kthread_stop is called on it
      
      The first two are problems. If kthread_stop is called on the thread,
      there is no guarantee that it will still be up. We need to have the
      thread stay up until kthread_stop is called on it.
      
      One option would be to not even try to tear things down until after
      kthread_stop is called. However, in the case where there is a problem
      setting up the session, there's no real reason to try continuing the
      loop.
      
      This patch allows the thread to clean up and prepare for exit under all
      three conditions, but it has the thread go to sleep until kthread_stop
      is called. This allows us to simplify the shutdown code somewhat since
      we can be reasonably sure that the thread won't exit after being
      signaled but before kthread_stop is called.
      
      It also removes the places where the thread itself set the tsk variable
      since it appeared that it could have a potential race where the thread
      might never be shut down.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Acked-by: NChristoph Hellwig <hch@infradead.org>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      e691b9d1
    • J
      [CIFS] add local struct inode pointer to cifs_setattr · 02eadeff
      Jeff Layton 提交于
      Clean up cifs_setattr a bit by adding a local inode pointer, and
      changing all of the direntry->d_inode references to it. This also adds a
      bit of micro-optimization. d_inode shouldn't change over the life of
      this function, so we only need to dereference it once.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      02eadeff
    • C
      [CIFS] cifs_find_tcp_session cleanup · 1b20d672
      Cyrill Gorcunov 提交于
      This patch cleans up cifs_find_tcp_session so it become
      less indented. Also the error of skipping IPv6 matched
      addresses fixed.
      Signed-off-by: NCyrill Gorcunov <gorcunov@gmail.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      1b20d672
  8. 09 5月, 2008 1 次提交
  9. 07 5月, 2008 2 次提交
  10. 29 4月, 2008 1 次提交
  11. 16 4月, 2008 1 次提交
  12. 16 2月, 2008 2 次提交
  13. 14 2月, 2008 1 次提交
    • S
      [CIFS] fixup prefixpaths which contain multiple path components · 03a143c9
      Steve French 提交于
      Currently, when we get a prefixpath as part of mount, the kernel only
      changes the first character to be a '/' or '\' depending on whether
      posix extensions are enabled. This is problematic as it expects
      mount.cifs to pass in the correct delimiter in the rest of the
      prefixpath. But, mount.cifs may not know *what* the correct delimiter
      is. It's a chicken and egg problem.
      
      Note that mount.cifs should not do conversion of the
      prefixpath - if we want posix behavior then '\' is legal in a path
      (and we have had bugs in the distant path to prove to me that
      customers sometimes have apps that require '\').  The kernel code
      assumes that the path passed in is posix (and current code will handle
      the first path component fine but was broken for Windows mounts
      for "deep" prefixpaths unless the user specified a prefixpath with '\'
      deep in it.   So e.g. with current kernel code:
      
      1) mount to //server/share/dir1 will work to all server types
      2) mount to //server/share/dir1/subdir1 will work to Samba
      3) mount to //server/share/dir1\\subdir1 will work to Windows
      
      But case two would fail to Windows without the fix.
      With the kernel cifs module fix case two now works.
      
      First analyzed by Jeff Layton and Simo Sorce
      
      CC: Jeff Layton <jlayton@redhat.com>
      CC: Simo Sorce <simo@samba.org>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      03a143c9
  14. 13 2月, 2008 1 次提交
  15. 25 1月, 2008 1 次提交
  16. 04 1月, 2008 1 次提交
  17. 31 12月, 2007 1 次提交
    • J
      [CIFS] redo existing session setup if needed in cifs_mount · 1d9a8852
      Jeff Layton 提交于
      When cifs_mount finds an existing SMB session that it can use for a new
      mount, it does not check to see whether that session is in need of being
      reconnected. An easy way to reproduce:
      
      1) mount //server/share1
      2) watch /proc/fs/cifs/DebugData for the share to go DISCONNECTED
      3) mount //server/share2 with same creds as in step 1.
      
      The second mount will fail because CIFSTCon returned -EAGAIN. If you do
      an operation in share1 and then reattempt the mount it will work (since
      the session is reestablished).
      
      The following patch fixes this by having cifs_mount check the status
      of the session when it picks an existing session and calling
      cifs_setup_session on it again if it's in need of reconnection.
      
      Thanks to Wojciech Pilorz for the initial bug report.
      Signed-off-by: NJeff Layton <jlayton@tupile.poochiereds.net>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      1d9a8852
  18. 20 11月, 2007 1 次提交
  19. 17 11月, 2007 3 次提交
  20. 14 11月, 2007 1 次提交
    • S
      [CIFS] Fix buffer overflow if server sends corrupt response to small · 133672ef
      Steve French 提交于
      request
      
      In SendReceive() function in transport.c - it memcpy's
      message payload into a buffer passed via out_buf param. The function
      assumes that all buffers are of size (CIFSMaxBufSize +
      MAX_CIFS_HDR_SIZE) , unfortunately it is also called with smaller
      (MAX_CIFS_SMALL_BUFFER_SIZE) buffers.  There are eight callers
      (SMB worker functions) which are primarily affected by this change:
      
      TreeDisconnect, uLogoff, Close, findClose, SetFileSize, SetFileTimes,
      Lock and PosixLock
      
      CC: Dave Kleikamp <shaggy@austin.ibm.com>
      CC: Przemyslaw Wegrzyn <czajnik@czajsoft.pl>
      Acked-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      133672ef
  21. 13 11月, 2007 1 次提交
  22. 10 11月, 2007 1 次提交
    • J
      [CIFS] fix oops on second mount to same server when null auth is used · 9b8f5f57
      Jeff Layton 提交于
      When a share is mounted using no username, cifs_mount sets
      volume_info.username as a NULL pointer, and the sesInfo userName as an
      empty string. The volume_info.username is passed to a couple of other
      functions to see if there is an existing unc or tcp connection that can
      be used. These functions assume that the username will be a valid
      string that can be passed to strncmp. If the pointer is NULL, then the
      kernel will oops if there's an existing session to which the string
      can be compared.
      
      This patch changes cifs_mount to set volume_info.username to an empty
      string in this situation, which prevents the oops and should make it
      so that the comparison to other null auth sessions match.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      9b8f5f57
  23. 02 11月, 2007 1 次提交
  24. 20 10月, 2007 1 次提交
  25. 18 10月, 2007 1 次提交
    • S
      [CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_thread · c18c732e
      Steve French 提交于
      When kernel_recvmsg returns -EAGAIN or -ERESTARTSYS, then
      cifs_demultiplex_thread sleeps for a bit and then tries the read again.
      When it does this, it's not zeroing out the length and that throws off
      the value of total_read. Fix it to zero out the length.
      
      Can cause memory corruption:
      If kernel_recvmsg returns an error and total_read is a large enough
      value, then we'll end up going through the loop again. total_read will
      be a bogus value, as will (pdu_length-total_read). When this happens we
      end up calling kernel_recvmsg with a bogus value (possibly larger than
      the current iov_len).
      
      At that point, memcpy_toiovec can overrun iov. It will start walking
      up the stack, casting other things that are there to struct iovecs
      (since it assumes that it's been passed an array of them). Any pointer
      on the stack at an address above the kvec is a candidate for corruption
      here.
      
      Many thanks to Ulrich Obergfell for pointing this out.
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      c18c732e
  26. 17 10月, 2007 1 次提交
  27. 05 10月, 2007 1 次提交
    • S
      [CIFS] Fix cifsd so shuts down when signing fails during mount · a013689d
      Steve French 提交于
      Fixes two problems:
      1) we dropped down to negotiating lanman if we did not recognize the
      mechanism (krb5 e.g.)
      2) we did not stop cifsd (thus will fail when doing rmod cifs with
      slab free errors) when we fail tcon but have a bad session (which is
      the case in which signing is required but we don't allow signing on
      the client)
      
      It also turns on extended security flag in the header when passing
      "sec=krb5" on mount command (although kerberos support is not done of
      course)
      Acked-by: NJeff Layton <jlayton@redhat.com>
      CC: Shaggy <shaggy@us.ibm.com>
      Signed-off-by: NSteve French <sfrench@us.ibm.com>
      a013689d
  28. 04 10月, 2007 1 次提交
  29. 29 9月, 2007 1 次提交
  30. 25 9月, 2007 1 次提交
  31. 20 9月, 2007 2 次提交