1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23#include <linux/fs.h>
24#include <linux/list.h>
25#include <linux/gfp.h>
26#include <linux/wait.h>
27#include <linux/net.h>
28#include <linux/delay.h>
29#include <linux/freezer.h>
30#include <linux/tcp.h>
31#include <linux/bvec.h>
32#include <linux/highmem.h>
33#include <linux/uaccess.h>
34#include <asm/processor.h>
35#include <linux/mempool.h>
36#include "cifspdu.h"
37#include "cifsglob.h"
38#include "cifsproto.h"
39#include "cifs_debug.h"
40
41void
42cifs_wake_up_task(struct mid_q_entry *mid)
43{
44 wake_up_process(mid->callback_data);
45}
46
47struct mid_q_entry *
48AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
49{
50 struct mid_q_entry *temp;
51
52 if (server == NULL) {
53 cifs_dbg(VFS, "Null TCP session in AllocMidQEntry\n");
54 return NULL;
55 }
56
57 temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS);
58 memset(temp, 0, sizeof(struct mid_q_entry));
59 temp->mid = get_mid(smb_buffer);
60 temp->pid = current->pid;
61 temp->command = cpu_to_le16(smb_buffer->Command);
62 cifs_dbg(FYI, "For smb_command %d\n", smb_buffer->Command);
63
64
65 temp->when_alloc = jiffies;
66 temp->server = server;
67
68
69
70
71
72 temp->callback = cifs_wake_up_task;
73 temp->callback_data = current;
74
75 atomic_inc(&midCount);
76 temp->mid_state = MID_REQUEST_ALLOCATED;
77 return temp;
78}
79
80void
81DeleteMidQEntry(struct mid_q_entry *midEntry)
82{
83#ifdef CONFIG_CIFS_STATS2
84 __le16 command = midEntry->server->vals->lock_cmd;
85 unsigned long now;
86#endif
87 midEntry->mid_state = MID_FREE;
88 atomic_dec(&midCount);
89 if (midEntry->large_buf)
90 cifs_buf_release(midEntry->resp_buf);
91 else
92 cifs_small_buf_release(midEntry->resp_buf);
93#ifdef CONFIG_CIFS_STATS2
94 now = jiffies;
95
96
97 if (time_after(now, midEntry->when_alloc + HZ)) {
98 if ((cifsFYI & CIFS_TIMER) && (midEntry->command != command)) {
99 pr_debug(" CIFS slow rsp: cmd %d mid %llu",
100 midEntry->command, midEntry->mid);
101 pr_info(" A: 0x%lx S: 0x%lx R: 0x%lx\n",
102 now - midEntry->when_alloc,
103 now - midEntry->when_sent,
104 now - midEntry->when_received);
105 }
106 }
107#endif
108 mempool_free(midEntry, cifs_mid_poolp);
109}
110
111void
112cifs_delete_mid(struct mid_q_entry *mid)
113{
114 spin_lock(&GlobalMid_Lock);
115 list_del(&mid->qhead);
116 spin_unlock(&GlobalMid_Lock);
117
118 DeleteMidQEntry(mid);
119}
120
121
122
123
124
125
126
127
128
129
130static int
131smb_send_kvec(struct TCP_Server_Info *server, struct msghdr *smb_msg,
132 size_t *sent)
133{
134 int rc = 0;
135 int retries = 0;
136 struct socket *ssocket = server->ssocket;
137
138 *sent = 0;
139
140 smb_msg->msg_name = (struct sockaddr *) &server->dstaddr;
141 smb_msg->msg_namelen = sizeof(struct sockaddr);
142 smb_msg->msg_control = NULL;
143 smb_msg->msg_controllen = 0;
144 if (server->noblocksnd)
145 smb_msg->msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
146 else
147 smb_msg->msg_flags = MSG_NOSIGNAL;
148
149 while (msg_data_left(smb_msg)) {
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168 rc = sock_sendmsg(ssocket, smb_msg);
169 if (rc == -EAGAIN) {
170 retries++;
171 if (retries >= 14 ||
172 (!server->noblocksnd && (retries > 2))) {
173 cifs_dbg(VFS, "sends on sock %p stuck for 15 seconds\n",
174 ssocket);
175 return -EAGAIN;
176 }
177 msleep(1 << retries);
178 continue;
179 }
180
181 if (rc < 0)
182 return rc;
183
184 if (rc == 0) {
185
186
187 cifs_dbg(VFS, "tcp sent no data\n");
188 msleep(500);
189 continue;
190 }
191
192
193 *sent += rc;
194 retries = 0;
195 }
196 return 0;
197}
198
199static unsigned long
200rqst_len(struct smb_rqst *rqst)
201{
202 unsigned int i;
203 struct kvec *iov = rqst->rq_iov;
204 unsigned long buflen = 0;
205
206
207 for (i = 0; i < rqst->rq_nvec; i++)
208 buflen += iov[i].iov_len;
209
210
211 if (rqst->rq_npages) {
212 buflen += rqst->rq_pagesz * (rqst->rq_npages - 1);
213 buflen += rqst->rq_tailsz;
214 }
215
216 return buflen;
217}
218
219static int
220__smb_send_rqst(struct TCP_Server_Info *server, struct smb_rqst *rqst)
221{
222 int rc;
223 struct kvec *iov = rqst->rq_iov;
224 int n_vec = rqst->rq_nvec;
225 unsigned int smb_buf_length = get_rfc1002_length(iov[0].iov_base);
226 unsigned long send_length;
227 unsigned int i;
228 size_t total_len = 0, sent, size;
229 struct socket *ssocket = server->ssocket;
230 struct msghdr smb_msg;
231 int val = 1;
232
233 if (ssocket == NULL)
234 return -ENOTSOCK;
235
236
237 send_length = rqst_len(rqst);
238 if (send_length != smb_buf_length + 4) {
239 WARN(1, "Send length mismatch(send_length=%lu smb_buf_length=%u)\n",
240 send_length, smb_buf_length);
241 return -EIO;
242 }
243
244 if (n_vec < 2)
245 return -EIO;
246
247 cifs_dbg(FYI, "Sending smb: smb_len=%u\n", smb_buf_length);
248 dump_smb(iov[0].iov_base, iov[0].iov_len);
249 dump_smb(iov[1].iov_base, iov[1].iov_len);
250
251
252 kernel_setsockopt(ssocket, SOL_TCP, TCP_CORK,
253 (char *)&val, sizeof(val));
254
255 size = 0;
256 for (i = 0; i < n_vec; i++)
257 size += iov[i].iov_len;
258
259 iov_iter_kvec(&smb_msg.msg_iter, WRITE | ITER_KVEC, iov, n_vec, size);
260
261 rc = smb_send_kvec(server, &smb_msg, &sent);
262 if (rc < 0)
263 goto uncork;
264
265 total_len += sent;
266
267
268 for (i = 0; i < rqst->rq_npages; i++) {
269 size_t len = i == rqst->rq_npages - 1
270 ? rqst->rq_tailsz
271 : rqst->rq_pagesz;
272 struct bio_vec bvec = {
273 .bv_page = rqst->rq_pages[i],
274 .bv_len = len
275 };
276 iov_iter_bvec(&smb_msg.msg_iter, WRITE | ITER_BVEC,
277 &bvec, 1, len);
278 rc = smb_send_kvec(server, &smb_msg, &sent);
279 if (rc < 0)
280 break;
281
282 total_len += sent;
283 }
284
285uncork:
286
287 val = 0;
288 kernel_setsockopt(ssocket, SOL_TCP, TCP_CORK,
289 (char *)&val, sizeof(val));
290
291 if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
292 cifs_dbg(FYI, "partial send (wanted=%u sent=%zu): terminating session\n",
293 smb_buf_length + 4, total_len);
294
295
296
297
298
299 server->tcpStatus = CifsNeedReconnect;
300 }
301
302 if (rc < 0 && rc != -EINTR)
303 cifs_dbg(VFS, "Error %d sending data on socket to server\n",
304 rc);
305 else
306 rc = 0;
307
308 return rc;
309}
310
311static int
312smb_send_rqst(struct TCP_Server_Info *server, struct smb_rqst *rqst, int flags)
313{
314 struct smb_rqst cur_rqst;
315 int rc;
316
317 if (!(flags & CIFS_TRANSFORM_REQ))
318 return __smb_send_rqst(server, rqst);
319
320 if (!server->ops->init_transform_rq ||
321 !server->ops->free_transform_rq) {
322 cifs_dbg(VFS, "Encryption requested but transform callbacks are missed\n");
323 return -EIO;
324 }
325
326 rc = server->ops->init_transform_rq(server, &cur_rqst, rqst);
327 if (rc)
328 return rc;
329
330 rc = __smb_send_rqst(server, &cur_rqst);
331 server->ops->free_transform_rq(&cur_rqst);
332 return rc;
333}
334
335int
336smb_send(struct TCP_Server_Info *server, struct smb_hdr *smb_buffer,
337 unsigned int smb_buf_length)
338{
339 struct kvec iov[2];
340 struct smb_rqst rqst = { .rq_iov = iov,
341 .rq_nvec = 2 };
342
343 iov[0].iov_base = smb_buffer;
344 iov[0].iov_len = 4;
345 iov[1].iov_base = (char *)smb_buffer + 4;
346 iov[1].iov_len = smb_buf_length;
347
348 return __smb_send_rqst(server, &rqst);
349}
350
351static int
352wait_for_free_credits(struct TCP_Server_Info *server, const int timeout,
353 int *credits)
354{
355 int rc;
356
357 spin_lock(&server->req_lock);
358 if (timeout == CIFS_ASYNC_OP) {
359
360 server->in_flight++;
361 *credits -= 1;
362 spin_unlock(&server->req_lock);
363 return 0;
364 }
365
366 while (1) {
367 if (*credits <= 0) {
368 spin_unlock(&server->req_lock);
369 cifs_num_waiters_inc(server);
370 rc = wait_event_killable(server->request_q,
371 has_credits(server, credits));
372 cifs_num_waiters_dec(server);
373 if (rc)
374 return rc;
375 spin_lock(&server->req_lock);
376 } else {
377 if (server->tcpStatus == CifsExiting) {
378 spin_unlock(&server->req_lock);
379 return -ENOENT;
380 }
381
382
383
384
385
386
387
388 if (timeout != CIFS_BLOCKING_OP) {
389 *credits -= 1;
390 server->in_flight++;
391 }
392 spin_unlock(&server->req_lock);
393 break;
394 }
395 }
396 return 0;
397}
398
399static int
400wait_for_free_request(struct TCP_Server_Info *server, const int timeout,
401 const int optype)
402{
403 int *val;
404
405 val = server->ops->get_credits_field(server, optype);
406
407 if (*val <= 0 && optype == CIFS_ECHO_OP)
408 return -EAGAIN;
409 return wait_for_free_credits(server, timeout, val);
410}
411
412int
413cifs_wait_mtu_credits(struct TCP_Server_Info *server, unsigned int size,
414 unsigned int *num, unsigned int *credits)
415{
416 *num = size;
417 *credits = 0;
418 return 0;
419}
420
421static int allocate_mid(struct cifs_ses *ses, struct smb_hdr *in_buf,
422 struct mid_q_entry **ppmidQ)
423{
424 if (ses->server->tcpStatus == CifsExiting) {
425 return -ENOENT;
426 }
427
428 if (ses->server->tcpStatus == CifsNeedReconnect) {
429 cifs_dbg(FYI, "tcp session dead - return to caller to retry\n");
430 return -EAGAIN;
431 }
432
433 if (ses->status == CifsNew) {
434 if ((in_buf->Command != SMB_COM_SESSION_SETUP_ANDX) &&
435 (in_buf->Command != SMB_COM_NEGOTIATE))
436 return -EAGAIN;
437
438 }
439
440 if (ses->status == CifsExiting) {
441
442 if (in_buf->Command != SMB_COM_LOGOFF_ANDX)
443 return -EAGAIN;
444
445 }
446
447 *ppmidQ = AllocMidQEntry(in_buf, ses->server);
448 if (*ppmidQ == NULL)
449 return -ENOMEM;
450 spin_lock(&GlobalMid_Lock);
451 list_add_tail(&(*ppmidQ)->qhead, &ses->server->pending_mid_q);
452 spin_unlock(&GlobalMid_Lock);
453 return 0;
454}
455
456static int
457wait_for_response(struct TCP_Server_Info *server, struct mid_q_entry *midQ)
458{
459 int error;
460
461 error = wait_event_freezekillable_unsafe(server->response_q,
462 midQ->mid_state != MID_REQUEST_SUBMITTED);
463 if (error < 0)
464 return -ERESTARTSYS;
465
466 return 0;
467}
468
469struct mid_q_entry *
470cifs_setup_async_request(struct TCP_Server_Info *server, struct smb_rqst *rqst)
471{
472 int rc;
473 struct smb_hdr *hdr = (struct smb_hdr *)rqst->rq_iov[0].iov_base;
474 struct mid_q_entry *mid;
475
476 if (rqst->rq_iov[0].iov_len != 4 ||
477 rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
478 return ERR_PTR(-EIO);
479
480
481 if (server->sign)
482 hdr->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
483
484 mid = AllocMidQEntry(hdr, server);
485 if (mid == NULL)
486 return ERR_PTR(-ENOMEM);
487
488 rc = cifs_sign_rqst(rqst, server, &mid->sequence_number);
489 if (rc) {
490 DeleteMidQEntry(mid);
491 return ERR_PTR(rc);
492 }
493
494 return mid;
495}
496
497
498
499
500
501int
502cifs_call_async(struct TCP_Server_Info *server, struct smb_rqst *rqst,
503 mid_receive_t *receive, mid_callback_t *callback,
504 mid_handle_t *handle, void *cbdata, const int flags)
505{
506 int rc, timeout, optype;
507 struct mid_q_entry *mid;
508 unsigned int credits = 0;
509
510 timeout = flags & CIFS_TIMEOUT_MASK;
511 optype = flags & CIFS_OP_MASK;
512
513 if ((flags & CIFS_HAS_CREDITS) == 0) {
514 rc = wait_for_free_request(server, timeout, optype);
515 if (rc)
516 return rc;
517 credits = 1;
518 }
519
520 mutex_lock(&server->srv_mutex);
521 mid = server->ops->setup_async_request(server, rqst);
522 if (IS_ERR(mid)) {
523 mutex_unlock(&server->srv_mutex);
524 add_credits_and_wake_if(server, credits, optype);
525 return PTR_ERR(mid);
526 }
527
528 mid->receive = receive;
529 mid->callback = callback;
530 mid->callback_data = cbdata;
531 mid->handle = handle;
532 mid->mid_state = MID_REQUEST_SUBMITTED;
533
534
535 spin_lock(&GlobalMid_Lock);
536 list_add_tail(&mid->qhead, &server->pending_mid_q);
537 spin_unlock(&GlobalMid_Lock);
538
539
540
541
542
543 cifs_save_when_sent(mid);
544 cifs_in_send_inc(server);
545 rc = smb_send_rqst(server, rqst, flags);
546 cifs_in_send_dec(server);
547
548 if (rc < 0) {
549 server->sequence_number -= 2;
550 cifs_delete_mid(mid);
551 }
552
553 mutex_unlock(&server->srv_mutex);
554
555 if (rc == 0)
556 return 0;
557
558 add_credits_and_wake_if(server, credits, optype);
559 return rc;
560}
561
562
563
564
565
566
567
568
569
570
571int
572SendReceiveNoRsp(const unsigned int xid, struct cifs_ses *ses,
573 char *in_buf, int flags)
574{
575 int rc;
576 struct kvec iov[1];
577 struct kvec rsp_iov;
578 int resp_buf_type;
579
580 iov[0].iov_base = in_buf;
581 iov[0].iov_len = get_rfc1002_length(in_buf) + 4;
582 flags |= CIFS_NO_RESP;
583 rc = SendReceive2(xid, ses, iov, 1, &resp_buf_type, flags, &rsp_iov);
584 cifs_dbg(NOISY, "SendRcvNoRsp flags %d rc %d\n", flags, rc);
585
586 return rc;
587}
588
589static int
590cifs_sync_mid_result(struct mid_q_entry *mid, struct TCP_Server_Info *server)
591{
592 int rc = 0;
593
594 cifs_dbg(FYI, "%s: cmd=%d mid=%llu state=%d\n",
595 __func__, le16_to_cpu(mid->command), mid->mid, mid->mid_state);
596
597 spin_lock(&GlobalMid_Lock);
598 switch (mid->mid_state) {
599 case MID_RESPONSE_RECEIVED:
600 spin_unlock(&GlobalMid_Lock);
601 return rc;
602 case MID_RETRY_NEEDED:
603 rc = -EAGAIN;
604 break;
605 case MID_RESPONSE_MALFORMED:
606 rc = -EIO;
607 break;
608 case MID_SHUTDOWN:
609 rc = -EHOSTDOWN;
610 break;
611 default:
612 list_del_init(&mid->qhead);
613 cifs_dbg(VFS, "%s: invalid mid state mid=%llu state=%d\n",
614 __func__, mid->mid, mid->mid_state);
615 rc = -EIO;
616 }
617 spin_unlock(&GlobalMid_Lock);
618
619 DeleteMidQEntry(mid);
620 return rc;
621}
622
623static inline int
624send_cancel(struct TCP_Server_Info *server, struct smb_rqst *rqst,
625 struct mid_q_entry *mid)
626{
627 return server->ops->send_cancel ?
628 server->ops->send_cancel(server, rqst, mid) : 0;
629}
630
631int
632cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
633 bool log_error)
634{
635 unsigned int len = get_rfc1002_length(mid->resp_buf) + 4;
636
637 dump_smb(mid->resp_buf, min_t(u32, 92, len));
638
639
640 if (server->sign) {
641 struct kvec iov[2];
642 int rc = 0;
643 struct smb_rqst rqst = { .rq_iov = iov,
644 .rq_nvec = 2 };
645
646 iov[0].iov_base = mid->resp_buf;
647 iov[0].iov_len = 4;
648 iov[1].iov_base = (char *)mid->resp_buf + 4;
649 iov[1].iov_len = len - 4;
650
651 rc = cifs_verify_signature(&rqst, server,
652 mid->sequence_number);
653 if (rc)
654 cifs_dbg(VFS, "SMB signature verification returned error = %d\n",
655 rc);
656 }
657
658
659 return map_smb_to_linux_error(mid->resp_buf, log_error);
660}
661
662struct mid_q_entry *
663cifs_setup_request(struct cifs_ses *ses, struct smb_rqst *rqst)
664{
665 int rc;
666 struct smb_hdr *hdr = (struct smb_hdr *)rqst->rq_iov[0].iov_base;
667 struct mid_q_entry *mid;
668
669 if (rqst->rq_iov[0].iov_len != 4 ||
670 rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
671 return ERR_PTR(-EIO);
672
673 rc = allocate_mid(ses, hdr, &mid);
674 if (rc)
675 return ERR_PTR(rc);
676 rc = cifs_sign_rqst(rqst, ses->server, &mid->sequence_number);
677 if (rc) {
678 cifs_delete_mid(mid);
679 return ERR_PTR(rc);
680 }
681 return mid;
682}
683
684int
685cifs_send_recv(const unsigned int xid, struct cifs_ses *ses,
686 struct smb_rqst *rqst, int *resp_buf_type, const int flags,
687 struct kvec *resp_iov)
688{
689 int rc = 0;
690 int timeout, optype;
691 struct mid_q_entry *midQ;
692 unsigned int credits = 1;
693 char *buf;
694
695 timeout = flags & CIFS_TIMEOUT_MASK;
696 optype = flags & CIFS_OP_MASK;
697
698 *resp_buf_type = CIFS_NO_BUFFER;
699
700 if ((ses == NULL) || (ses->server == NULL)) {
701 cifs_dbg(VFS, "Null session\n");
702 return -EIO;
703 }
704
705 if (ses->server->tcpStatus == CifsExiting)
706 return -ENOENT;
707
708
709
710
711
712
713
714 rc = wait_for_free_request(ses->server, timeout, optype);
715 if (rc)
716 return rc;
717
718
719
720
721
722
723
724 mutex_lock(&ses->server->srv_mutex);
725
726 midQ = ses->server->ops->setup_request(ses, rqst);
727 if (IS_ERR(midQ)) {
728 mutex_unlock(&ses->server->srv_mutex);
729
730 add_credits(ses->server, 1, optype);
731 return PTR_ERR(midQ);
732 }
733
734 midQ->mid_state = MID_REQUEST_SUBMITTED;
735 cifs_in_send_inc(ses->server);
736 rc = smb_send_rqst(ses->server, rqst, flags);
737 cifs_in_send_dec(ses->server);
738 cifs_save_when_sent(midQ);
739
740 if (rc < 0)
741 ses->server->sequence_number -= 2;
742 mutex_unlock(&ses->server->srv_mutex);
743
744 if (rc < 0)
745 goto out;
746
747 if (timeout == CIFS_ASYNC_OP)
748 goto out;
749
750 rc = wait_for_response(ses->server, midQ);
751 if (rc != 0) {
752 cifs_dbg(FYI, "Cancelling wait for mid %llu\n", midQ->mid);
753 send_cancel(ses->server, rqst, midQ);
754 spin_lock(&GlobalMid_Lock);
755 if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
756 midQ->mid_flags |= MID_WAIT_CANCELLED;
757 midQ->callback = DeleteMidQEntry;
758 spin_unlock(&GlobalMid_Lock);
759 add_credits(ses->server, 1, optype);
760 return rc;
761 }
762 spin_unlock(&GlobalMid_Lock);
763 }
764
765 rc = cifs_sync_mid_result(midQ, ses->server);
766 if (rc != 0) {
767 add_credits(ses->server, 1, optype);
768 return rc;
769 }
770
771 if (!midQ->resp_buf || midQ->mid_state != MID_RESPONSE_RECEIVED) {
772 rc = -EIO;
773 cifs_dbg(FYI, "Bad MID state?\n");
774 goto out;
775 }
776
777 buf = (char *)midQ->resp_buf;
778 resp_iov->iov_base = buf;
779 resp_iov->iov_len = get_rfc1002_length(buf) + 4;
780 if (midQ->large_buf)
781 *resp_buf_type = CIFS_LARGE_BUFFER;
782 else
783 *resp_buf_type = CIFS_SMALL_BUFFER;
784
785 credits = ses->server->ops->get_credits(midQ);
786
787 rc = ses->server->ops->check_receive(midQ, ses->server,
788 flags & CIFS_LOG_ERROR);
789
790
791 if ((flags & CIFS_NO_RESP) == 0)
792 midQ->resp_buf = NULL;
793out:
794 cifs_delete_mid(midQ);
795 add_credits(ses->server, credits, optype);
796
797 return rc;
798}
799
800int
801SendReceive2(const unsigned int xid, struct cifs_ses *ses,
802 struct kvec *iov, int n_vec, int *resp_buf_type ,
803 const int flags, struct kvec *resp_iov)
804{
805 struct smb_rqst rqst;
806 struct kvec *new_iov;
807 int rc;
808
809 new_iov = kmalloc(sizeof(struct kvec) * (n_vec + 1), GFP_KERNEL);
810 if (!new_iov)
811 return -ENOMEM;
812
813
814 memcpy(new_iov + 1, iov, (sizeof(struct kvec) * n_vec));
815
816 new_iov[0].iov_base = new_iov[1].iov_base;
817 new_iov[0].iov_len = 4;
818 new_iov[1].iov_base += 4;
819 new_iov[1].iov_len -= 4;
820
821 memset(&rqst, 0, sizeof(struct smb_rqst));
822 rqst.rq_iov = new_iov;
823 rqst.rq_nvec = n_vec + 1;
824
825 rc = cifs_send_recv(xid, ses, &rqst, resp_buf_type, flags, resp_iov);
826 kfree(new_iov);
827 return rc;
828}
829
830int
831SendReceive(const unsigned int xid, struct cifs_ses *ses,
832 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
833 int *pbytes_returned, const int timeout)
834{
835 int rc = 0;
836 struct mid_q_entry *midQ;
837 unsigned int len = be32_to_cpu(in_buf->smb_buf_length);
838 struct kvec iov = { .iov_base = in_buf, .iov_len = len };
839 struct smb_rqst rqst = { .rq_iov = &iov, .rq_nvec = 1 };
840
841 if (ses == NULL) {
842 cifs_dbg(VFS, "Null smb session\n");
843 return -EIO;
844 }
845 if (ses->server == NULL) {
846 cifs_dbg(VFS, "Null tcp session\n");
847 return -EIO;
848 }
849
850 if (ses->server->tcpStatus == CifsExiting)
851 return -ENOENT;
852
853
854
855
856
857 if (len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
858 cifs_dbg(VFS, "Illegal length, greater than maximum frame, %d\n",
859 len);
860 return -EIO;
861 }
862
863 rc = wait_for_free_request(ses->server, timeout, 0);
864 if (rc)
865 return rc;
866
867
868
869
870
871 mutex_lock(&ses->server->srv_mutex);
872
873 rc = allocate_mid(ses, in_buf, &midQ);
874 if (rc) {
875 mutex_unlock(&ses->server->srv_mutex);
876
877 add_credits(ses->server, 1, 0);
878 return rc;
879 }
880
881 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
882 if (rc) {
883 mutex_unlock(&ses->server->srv_mutex);
884 goto out;
885 }
886
887 midQ->mid_state = MID_REQUEST_SUBMITTED;
888
889 cifs_in_send_inc(ses->server);
890 rc = smb_send(ses->server, in_buf, len);
891 cifs_in_send_dec(ses->server);
892 cifs_save_when_sent(midQ);
893
894 if (rc < 0)
895 ses->server->sequence_number -= 2;
896
897 mutex_unlock(&ses->server->srv_mutex);
898
899 if (rc < 0)
900 goto out;
901
902 if (timeout == CIFS_ASYNC_OP)
903 goto out;
904
905 rc = wait_for_response(ses->server, midQ);
906 if (rc != 0) {
907 send_cancel(ses->server, &rqst, midQ);
908 spin_lock(&GlobalMid_Lock);
909 if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
910
911 midQ->callback = DeleteMidQEntry;
912 spin_unlock(&GlobalMid_Lock);
913 add_credits(ses->server, 1, 0);
914 return rc;
915 }
916 spin_unlock(&GlobalMid_Lock);
917 }
918
919 rc = cifs_sync_mid_result(midQ, ses->server);
920 if (rc != 0) {
921 add_credits(ses->server, 1, 0);
922 return rc;
923 }
924
925 if (!midQ->resp_buf || !out_buf ||
926 midQ->mid_state != MID_RESPONSE_RECEIVED) {
927 rc = -EIO;
928 cifs_dbg(VFS, "Bad MID state?\n");
929 goto out;
930 }
931
932 *pbytes_returned = get_rfc1002_length(midQ->resp_buf);
933 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
934 rc = cifs_check_receive(midQ, ses->server, 0);
935out:
936 cifs_delete_mid(midQ);
937 add_credits(ses->server, 1, 0);
938
939 return rc;
940}
941
942
943
944
945static int
946send_lock_cancel(const unsigned int xid, struct cifs_tcon *tcon,
947 struct smb_hdr *in_buf,
948 struct smb_hdr *out_buf)
949{
950 int bytes_returned;
951 struct cifs_ses *ses = tcon->ses;
952 LOCK_REQ *pSMB = (LOCK_REQ *)in_buf;
953
954
955
956
957
958
959 pSMB->LockType = LOCKING_ANDX_CANCEL_LOCK|LOCKING_ANDX_LARGE_FILES;
960 pSMB->Timeout = 0;
961 pSMB->hdr.Mid = get_next_mid(ses->server);
962
963 return SendReceive(xid, ses, in_buf, out_buf,
964 &bytes_returned, 0);
965}
966
967int
968SendReceiveBlockingLock(const unsigned int xid, struct cifs_tcon *tcon,
969 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
970 int *pbytes_returned)
971{
972 int rc = 0;
973 int rstart = 0;
974 struct mid_q_entry *midQ;
975 struct cifs_ses *ses;
976 unsigned int len = be32_to_cpu(in_buf->smb_buf_length);
977 struct kvec iov = { .iov_base = in_buf, .iov_len = len };
978 struct smb_rqst rqst = { .rq_iov = &iov, .rq_nvec = 1 };
979
980 if (tcon == NULL || tcon->ses == NULL) {
981 cifs_dbg(VFS, "Null smb session\n");
982 return -EIO;
983 }
984 ses = tcon->ses;
985
986 if (ses->server == NULL) {
987 cifs_dbg(VFS, "Null tcp session\n");
988 return -EIO;
989 }
990
991 if (ses->server->tcpStatus == CifsExiting)
992 return -ENOENT;
993
994
995
996
997
998 if (len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
999 cifs_dbg(VFS, "Illegal length, greater than maximum frame, %d\n",
1000 len);
1001 return -EIO;
1002 }
1003
1004 rc = wait_for_free_request(ses->server, CIFS_BLOCKING_OP, 0);
1005 if (rc)
1006 return rc;
1007
1008
1009
1010
1011
1012 mutex_lock(&ses->server->srv_mutex);
1013
1014 rc = allocate_mid(ses, in_buf, &midQ);
1015 if (rc) {
1016 mutex_unlock(&ses->server->srv_mutex);
1017 return rc;
1018 }
1019
1020 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
1021 if (rc) {
1022 cifs_delete_mid(midQ);
1023 mutex_unlock(&ses->server->srv_mutex);
1024 return rc;
1025 }
1026
1027 midQ->mid_state = MID_REQUEST_SUBMITTED;
1028 cifs_in_send_inc(ses->server);
1029 rc = smb_send(ses->server, in_buf, len);
1030 cifs_in_send_dec(ses->server);
1031 cifs_save_when_sent(midQ);
1032
1033 if (rc < 0)
1034 ses->server->sequence_number -= 2;
1035
1036 mutex_unlock(&ses->server->srv_mutex);
1037
1038 if (rc < 0) {
1039 cifs_delete_mid(midQ);
1040 return rc;
1041 }
1042
1043
1044 rc = wait_event_interruptible(ses->server->response_q,
1045 (!(midQ->mid_state == MID_REQUEST_SUBMITTED)) ||
1046 ((ses->server->tcpStatus != CifsGood) &&
1047 (ses->server->tcpStatus != CifsNew)));
1048
1049
1050 if ((rc == -ERESTARTSYS) &&
1051 (midQ->mid_state == MID_REQUEST_SUBMITTED) &&
1052 ((ses->server->tcpStatus == CifsGood) ||
1053 (ses->server->tcpStatus == CifsNew))) {
1054
1055 if (in_buf->Command == SMB_COM_TRANSACTION2) {
1056
1057
1058 rc = send_cancel(ses->server, &rqst, midQ);
1059 if (rc) {
1060 cifs_delete_mid(midQ);
1061 return rc;
1062 }
1063 } else {
1064
1065
1066
1067 rc = send_lock_cancel(xid, tcon, in_buf, out_buf);
1068
1069
1070
1071 if (rc && rc != -ENOLCK) {
1072 cifs_delete_mid(midQ);
1073 return rc;
1074 }
1075 }
1076
1077 rc = wait_for_response(ses->server, midQ);
1078 if (rc) {
1079 send_cancel(ses->server, &rqst, midQ);
1080 spin_lock(&GlobalMid_Lock);
1081 if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
1082
1083 midQ->callback = DeleteMidQEntry;
1084 spin_unlock(&GlobalMid_Lock);
1085 return rc;
1086 }
1087 spin_unlock(&GlobalMid_Lock);
1088 }
1089
1090
1091 rstart = 1;
1092 }
1093
1094 rc = cifs_sync_mid_result(midQ, ses->server);
1095 if (rc != 0)
1096 return rc;
1097
1098
1099 if (out_buf == NULL || midQ->mid_state != MID_RESPONSE_RECEIVED) {
1100 rc = -EIO;
1101 cifs_dbg(VFS, "Bad MID state?\n");
1102 goto out;
1103 }
1104
1105 *pbytes_returned = get_rfc1002_length(midQ->resp_buf);
1106 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
1107 rc = cifs_check_receive(midQ, ses->server, 0);
1108out:
1109 cifs_delete_mid(midQ);
1110 if (rstart && rc == -EACCES)
1111 return -ERESTARTSYS;
1112 return rc;
1113}
1114