Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5b716ac7 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'for-next' of git://git.samba.org/sfrench/cifs-2.6

Pull CIFS fixes from Steve French.

* 'for-next' of git://git.samba.org/sfrench/cifs-2.6:
  CIFS: Fix cifs_do_create error hadnling
  cifs: print error code if smb signature verification fails
  CIFS: Fix log messages in packet checking for SMB2
  CIFS: Protect i_nlink from being negative
parents 0b1a34c9 ea7b4887
Loading
Loading
Loading
Loading
+8 −3
Original line number Diff line number Diff line
@@ -1576,9 +1576,14 @@ cifs_readv_callback(struct mid_q_entry *mid)
		/* result already set, check signature */
		if (server->sec_mode &
		    (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
			if (cifs_verify_signature(rdata->iov, rdata->nr_iov,
					  server, mid->sequence_number + 1))
				cERROR(1, "Unexpected SMB signature");
			int rc = 0;

			rc = cifs_verify_signature(rdata->iov, rdata->nr_iov,
						   server,
						   mid->sequence_number + 1);
			if (rc)
				cERROR(1, "SMB signature verification returned "
				       "error = %d", rc);
		}
		/* FIXME: should this be counted toward the initiating task? */
		task_io_account_read(rdata->bytes);
+1 −8
Original line number Diff line number Diff line
@@ -356,19 +356,12 @@ cifs_create_get_file_info:
cifs_create_set_dentry:
	if (rc != 0) {
		cFYI(1, "Create worked, get_inode_info failed rc = %d", rc);
		CIFSSMBClose(xid, tcon, *fileHandle);
		goto out;
	}
	d_drop(direntry);
	d_add(direntry, newinode);

	/* ENOENT for create?  How weird... */
	rc = -ENOENT;
	if (!newinode) {
		CIFSSMBClose(xid, tcon, *fileHandle);
		goto out;
	}
	rc = 0;

out:
	kfree(buf);
	kfree(full_path);
+16 −8
Original line number Diff line number Diff line
@@ -124,10 +124,10 @@ cifs_fattr_to_inode(struct inode *inode, struct cifs_fattr *fattr)
{
	struct cifsInodeInfo *cifs_i = CIFS_I(inode);
	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
	unsigned long oldtime = cifs_i->time;

	cifs_revalidate_cache(inode, fattr);

	spin_lock(&inode->i_lock);
	inode->i_atime = fattr->cf_atime;
	inode->i_mtime = fattr->cf_mtime;
	inode->i_ctime = fattr->cf_ctime;
@@ -148,9 +148,6 @@ cifs_fattr_to_inode(struct inode *inode, struct cifs_fattr *fattr)
	else
		cifs_i->time = jiffies;

	cFYI(1, "inode 0x%p old_time=%ld new_time=%ld", inode,
		 oldtime, cifs_i->time);

	cifs_i->delete_pending = fattr->cf_flags & CIFS_FATTR_DELETE_PENDING;

	cifs_i->server_eof = fattr->cf_eof;
@@ -158,7 +155,6 @@ cifs_fattr_to_inode(struct inode *inode, struct cifs_fattr *fattr)
	 * Can't safely change the file size here if the client is writing to
	 * it due to potential races.
	 */
	spin_lock(&inode->i_lock);
	if (is_size_safe_to_change(cifs_i, fattr->cf_eof)) {
		i_size_write(inode, fattr->cf_eof);

@@ -859,12 +855,14 @@ struct inode *cifs_root_iget(struct super_block *sb)

	if (rc && tcon->ipc) {
		cFYI(1, "ipc connection - fake read inode");
		spin_lock(&inode->i_lock);
		inode->i_mode |= S_IFDIR;
		set_nlink(inode, 2);
		inode->i_op = &cifs_ipc_inode_ops;
		inode->i_fop = &simple_dir_operations;
		inode->i_uid = cifs_sb->mnt_uid;
		inode->i_gid = cifs_sb->mnt_gid;
		spin_unlock(&inode->i_lock);
	} else if (rc) {
		iget_failed(inode);
		inode = ERR_PTR(rc);
@@ -1110,6 +1108,15 @@ undo_setattr:
	goto out_close;
}

/* copied from fs/nfs/dir.c with small changes */
static void
cifs_drop_nlink(struct inode *inode)
{
	spin_lock(&inode->i_lock);
	if (inode->i_nlink > 0)
		drop_nlink(inode);
	spin_unlock(&inode->i_lock);
}

/*
 * If dentry->d_inode is null (usually meaning the cached dentry
@@ -1166,13 +1173,13 @@ retry_std_delete:
psx_del_no_retry:
	if (!rc) {
		if (inode)
			drop_nlink(inode);
			cifs_drop_nlink(inode);
	} else if (rc == -ENOENT) {
		d_drop(dentry);
	} else if (rc == -ETXTBSY) {
		rc = cifs_rename_pending_delete(full_path, dentry, xid);
		if (rc == 0)
			drop_nlink(inode);
			cifs_drop_nlink(inode);
	} else if ((rc == -EACCES) && (dosattr == 0) && inode) {
		attrs = kzalloc(sizeof(*attrs), GFP_KERNEL);
		if (attrs == NULL) {
@@ -1241,9 +1248,10 @@ cifs_mkdir_qinfo(struct inode *inode, struct dentry *dentry, umode_t mode,
	 * setting nlink not necessary except in cases where we failed to get it
	 * from the server or was set bogus
	 */
	spin_lock(&dentry->d_inode->i_lock);
	if ((dentry->d_inode) && (dentry->d_inode->i_nlink < 2))
		set_nlink(dentry->d_inode, 2);

	spin_unlock(&dentry->d_inode->i_lock);
	mode &= ~current_umask();
	/* must turn on setgid bit if parent dir has it */
	if (inode->i_mode & S_ISGID)
+2 −0
Original line number Diff line number Diff line
@@ -433,7 +433,9 @@ cifs_hardlink(struct dentry *old_file, struct inode *inode,
	if (old_file->d_inode) {
		cifsInode = CIFS_I(old_file->d_inode);
		if (rc == 0) {
			spin_lock(&old_file->d_inode->i_lock);
			inc_nlink(old_file->d_inode);
			spin_unlock(&old_file->d_inode->i_lock);
/* BB should we make this contingent on superblock flag NOATIME? */
/*			old_file->d_inode->i_ctime = CURRENT_TIME;*/
			/* parent dir timestamps will update from srv
+9 −7
Original line number Diff line number Diff line
@@ -52,7 +52,8 @@ check_smb2_hdr(struct smb2_hdr *hdr, __u64 mid)
			cERROR(1, "Bad protocol string signature header %x",
				  *(unsigned int *) hdr->ProtocolId);
		if (mid != hdr->MessageId)
			cERROR(1, "Mids do not match");
			cERROR(1, "Mids do not match: %llu and %llu", mid,
				  hdr->MessageId);
	}
	cERROR(1, "Bad SMB detected. The Mid=%llu", hdr->MessageId);
	return 1;
@@ -107,7 +108,7 @@ smb2_check_message(char *buf, unsigned int length)
	 * ie Validate the wct via smb2_struct_sizes table above
	 */

	if (length < 2 + sizeof(struct smb2_hdr)) {
	if (length < sizeof(struct smb2_pdu)) {
		if ((length >= sizeof(struct smb2_hdr)) && (hdr->Status != 0)) {
			pdu->StructureSize2 = 0;
			/*
@@ -121,15 +122,15 @@ smb2_check_message(char *buf, unsigned int length)
		return 1;
	}
	if (len > CIFSMaxBufSize + MAX_SMB2_HDR_SIZE - 4) {
		cERROR(1, "SMB length greater than maximum, mid=%lld", mid);
		cERROR(1, "SMB length greater than maximum, mid=%llu", mid);
		return 1;
	}

	if (check_smb2_hdr(hdr, mid))
		return 1;

	if (hdr->StructureSize != SMB2_HEADER_SIZE) {
		cERROR(1, "Illegal structure size %d",
	if (hdr->StructureSize != SMB2_HEADER_STRUCTURE_SIZE) {
		cERROR(1, "Illegal structure size %u",
			  le16_to_cpu(hdr->StructureSize));
		return 1;
	}
@@ -161,8 +162,9 @@ smb2_check_message(char *buf, unsigned int length)
	if (4 + len != clc_len) {
		cFYI(1, "Calculated size %u length %u mismatch mid %llu",
			clc_len, 4 + len, mid);
		if (clc_len == 4 + len + 1) /* BB FIXME (fix samba) */
			return 0; /* BB workaround Samba 3 bug SessSetup rsp */
		/* server can return one byte more */
		if (clc_len == 4 + len + 1)
			return 0;
		return 1;
	}
	return 0;
Loading