Commit 4afe260b authored Mar 17, 2015 by Federico Sauter Committed by Steve French May 20, 2015

CIFS: Fix race condition on RFC1002_NEGATIVE_SESSION_RESPONSE

This patch fixes a race condition that occurs when connecting
to a NT 3.51 host without specifying a NetBIOS name.
In that case a RFC1002_NEGATIVE_SESSION_RESPONSE is received
and the SMB negotiation is reattempted, but under some conditions
it leads SendReceive() to hang forever while waiting for srv_mutex.
This, in turn, sets the calling process to an uninterruptible sleep
state and makes it unkillable.

The solution is to unlock the srv_mutex acquired in the demux
thread *before* going to sleep (after the reconnect error) and
before reattempting the connection.

parent b2910307

fs/cifs/connect.c

+2 −1

Original line number	Diff line number	Diff line
		@@ -386,6 +386,7 @@ cifs_reconnect(struct TCP_Server_Info *server)
		rc = generic_ip_connect(server);
		if (rc) {
		cifs_dbg(FYI, "reconnect error %d\n", rc);
		mutex_unlock(&server->srv_mutex);
		msleep(3000);
		} else {
		atomic_inc(&tcpSesReconnectCount);
		@@ -393,8 +394,8 @@ cifs_reconnect(struct TCP_Server_Info *server)
		if (server->tcpStatus != CifsExiting)
		server->tcpStatus = CifsNeedNegotiate;
		spin_unlock(&GlobalMid_Lock);
		}
		mutex_unlock(&server->srv_mutex);
		}
		} while (server->tcpStatus == CifsNeedReconnect);

		return rc;