4 * Copyright (C) International Business Machines Corp., 2002,2008
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * Jeremy Allison (jra@samba.org) 2006.
8 * This library is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Lesser General Public License as published
10 * by the Free Software Foundation; either version 2.1 of the License, or
11 * (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
16 * the GNU Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this library; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/net.h>
27 #include <linux/delay.h>
28 #include <asm/uaccess.h>
29 #include <asm/processor.h>
30 #include <linux/mempool.h>
33 #include "cifsproto.h"
34 #include "cifs_debug.h"
36 extern mempool_t *cifs_mid_poolp;
37 extern struct kmem_cache *cifs_oplock_cachep;
39 static struct mid_q_entry *
40 AllocMidQEntry(const struct smb_hdr *smb_buffer, struct cifsSesInfo *ses)
42 struct mid_q_entry *temp;
45 cERROR(1, ("Null session passed in to AllocMidQEntry"));
48 if (ses->server == NULL) {
49 cERROR(1, ("Null TCP session in AllocMidQEntry"));
53 temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS);
57 memset(temp, 0, sizeof(struct mid_q_entry));
58 temp->mid = smb_buffer->Mid; /* always LE */
59 temp->pid = current->pid;
60 temp->command = smb_buffer->Command;
61 cFYI(1, ("For smb_command %d", temp->command));
62 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
63 /* when mid allocated can be before when sent */
64 temp->when_alloc = jiffies;
69 spin_lock(&GlobalMid_Lock);
70 list_add_tail(&temp->qhead, &ses->server->pending_mid_q);
71 atomic_inc(&midCount);
72 temp->midState = MID_REQUEST_ALLOCATED;
73 spin_unlock(&GlobalMid_Lock);
78 DeleteMidQEntry(struct mid_q_entry *midEntry)
80 #ifdef CONFIG_CIFS_STATS2
83 spin_lock(&GlobalMid_Lock);
84 midEntry->midState = MID_FREE;
85 list_del(&midEntry->qhead);
86 atomic_dec(&midCount);
87 spin_unlock(&GlobalMid_Lock);
88 if (midEntry->largeBuf)
89 cifs_buf_release(midEntry->resp_buf);
91 cifs_small_buf_release(midEntry->resp_buf);
92 #ifdef CONFIG_CIFS_STATS2
94 /* commands taking longer than one second are indications that
95 something is wrong, unless it is quite a slow link or server */
96 if ((now - midEntry->when_alloc) > HZ) {
97 if ((cifsFYI & CIFS_TIMER) &&
98 (midEntry->command != SMB_COM_LOCKING_ANDX)) {
99 printk(KERN_DEBUG " CIFS slow rsp: cmd %d mid %d",
100 midEntry->command, midEntry->mid);
101 printk(" A: 0x%lx S: 0x%lx R: 0x%lx\n",
102 now - midEntry->when_alloc,
103 now - midEntry->when_sent,
104 now - midEntry->when_received);
108 mempool_free(midEntry, cifs_mid_poolp);
111 struct oplock_q_entry *
112 AllocOplockQEntry(struct inode *pinode, __u16 fid, struct cifsTconInfo *tcon)
114 struct oplock_q_entry *temp;
115 if ((pinode == NULL) || (tcon == NULL)) {
116 cERROR(1, ("Null parms passed to AllocOplockQEntry"));
119 temp = (struct oplock_q_entry *) kmem_cache_alloc(cifs_oplock_cachep,
124 temp->pinode = pinode;
127 spin_lock(&GlobalMid_Lock);
128 list_add_tail(&temp->qhead, &GlobalOplock_Q);
129 spin_unlock(&GlobalMid_Lock);
135 void DeleteOplockQEntry(struct oplock_q_entry *oplockEntry)
137 spin_lock(&GlobalMid_Lock);
138 /* should we check if list empty first? */
139 list_del(&oplockEntry->qhead);
140 spin_unlock(&GlobalMid_Lock);
141 kmem_cache_free(cifs_oplock_cachep, oplockEntry);
145 void DeleteTconOplockQEntries(struct cifsTconInfo *tcon)
147 struct oplock_q_entry *temp;
152 spin_lock(&GlobalMid_Lock);
153 list_for_each_entry(temp, &GlobalOplock_Q, qhead) {
154 if ((temp->tcon) && (temp->tcon == tcon)) {
155 list_del(&temp->qhead);
156 kmem_cache_free(cifs_oplock_cachep, temp);
159 spin_unlock(&GlobalMid_Lock);
163 smb_send(struct socket *ssocket, struct smb_hdr *smb_buffer,
164 unsigned int smb_buf_length, struct sockaddr *sin, bool noblocksnd)
168 struct msghdr smb_msg;
170 unsigned len = smb_buf_length + 4;
173 return -ENOTSOCK; /* BB eventually add reconnect code here */
174 iov.iov_base = smb_buffer;
177 smb_msg.msg_name = sin;
178 smb_msg.msg_namelen = sizeof(struct sockaddr);
179 smb_msg.msg_control = NULL;
180 smb_msg.msg_controllen = 0;
182 smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
184 smb_msg.msg_flags = MSG_NOSIGNAL;
186 /* smb header is converted in header_assemble. bcc and rest of SMB word
187 area, and byte area if necessary, is converted to littleendian in
188 cifssmb.c and RFC1001 len is converted to bigendian in smb_send
189 Flags2 is converted in SendReceive */
191 smb_buffer->smb_buf_length = cpu_to_be32(smb_buffer->smb_buf_length);
192 cFYI(1, ("Sending smb of length %d", smb_buf_length));
193 dump_smb(smb_buffer, len);
196 rc = kernel_sendmsg(ssocket, &smb_msg, &iov, 1, len);
197 if ((rc == -ENOSPC) || (rc == -EAGAIN)) {
199 /* smaller timeout here than send2 since smaller size */
200 /* Although it may not be required, this also is smaller
204 ("sends on sock %p stuck for 7 seconds",
215 i = 0; /* reset i after each successful send */
222 cERROR(1, ("Error %d sending data on socket to server", rc));
227 /* Don't want to modify the buffer as a
228 side effect of this call. */
229 smb_buffer->smb_buf_length = smb_buf_length;
235 smb_send2(struct TCP_Server_Info *server, struct kvec *iov, int n_vec,
236 struct sockaddr *sin, bool noblocksnd)
240 struct msghdr smb_msg;
241 struct smb_hdr *smb_buffer = iov[0].iov_base;
242 unsigned int len = iov[0].iov_len;
243 unsigned int total_len;
245 unsigned int smb_buf_length = smb_buffer->smb_buf_length;
246 struct socket *ssocket = server->ssocket;
249 return -ENOTSOCK; /* BB eventually add reconnect code here */
251 smb_msg.msg_name = sin;
252 smb_msg.msg_namelen = sizeof(struct sockaddr);
253 smb_msg.msg_control = NULL;
254 smb_msg.msg_controllen = 0;
256 smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
258 smb_msg.msg_flags = MSG_NOSIGNAL;
260 /* smb header is converted in header_assemble. bcc and rest of SMB word
261 area, and byte area if necessary, is converted to littleendian in
262 cifssmb.c and RFC1001 len is converted to bigendian in smb_send
263 Flags2 is converted in SendReceive */
267 for (i = 0; i < n_vec; i++)
268 total_len += iov[i].iov_len;
270 smb_buffer->smb_buf_length = cpu_to_be32(smb_buffer->smb_buf_length);
271 cFYI(1, ("Sending smb: total_len %d", total_len));
272 dump_smb(smb_buffer, len);
276 rc = kernel_sendmsg(ssocket, &smb_msg, &iov[first_vec],
277 n_vec - first_vec, total_len);
278 if ((rc == -ENOSPC) || (rc == -EAGAIN)) {
282 ("sends on sock %p stuck for 15 seconds",
293 if (rc >= total_len) {
294 WARN_ON(rc > total_len);
298 /* should never happen, letting socket clear before
299 retrying is our only obvious option here */
300 cERROR(1, ("tcp sent no data"));
305 /* the line below resets i */
306 for (i = first_vec; i < n_vec; i++) {
307 if (iov[i].iov_len) {
308 if (rc > iov[i].iov_len) {
309 rc -= iov[i].iov_len;
312 iov[i].iov_base += rc;
313 iov[i].iov_len -= rc;
319 i = 0; /* in case we get ENOSPC on the next send */
322 if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
323 cFYI(1, ("partial send (%d remaining), terminating session",
325 /* If we have only sent part of an SMB then the next SMB
326 could be taken as the remainder of this one. We need
327 to kill the socket so the server throws away the partial
329 server->tcpStatus = CifsNeedReconnect;
333 cERROR(1, ("Error %d sending data on socket to server", rc));
337 /* Don't want to modify the buffer as a
338 side effect of this call. */
339 smb_buffer->smb_buf_length = smb_buf_length;
344 static int wait_for_free_request(struct cifsSesInfo *ses, const int long_op)
346 if (long_op == CIFS_ASYNC_OP) {
347 /* oplock breaks must not be held up */
348 atomic_inc(&ses->server->inFlight);
350 spin_lock(&GlobalMid_Lock);
352 if (atomic_read(&ses->server->inFlight) >=
354 spin_unlock(&GlobalMid_Lock);
355 #ifdef CONFIG_CIFS_STATS2
356 atomic_inc(&ses->server->num_waiters);
358 wait_event(ses->server->request_q,
359 atomic_read(&ses->server->inFlight)
361 #ifdef CONFIG_CIFS_STATS2
362 atomic_dec(&ses->server->num_waiters);
364 spin_lock(&GlobalMid_Lock);
366 if (ses->server->tcpStatus == CifsExiting) {
367 spin_unlock(&GlobalMid_Lock);
371 /* can not count locking commands against total
372 as they are allowed to block on server */
374 /* update # of requests on the wire to server */
375 if (long_op != CIFS_BLOCKING_OP)
376 atomic_inc(&ses->server->inFlight);
377 spin_unlock(&GlobalMid_Lock);
385 static int allocate_mid(struct cifsSesInfo *ses, struct smb_hdr *in_buf,
386 struct mid_q_entry **ppmidQ)
388 if (ses->server->tcpStatus == CifsExiting) {
390 } else if (ses->server->tcpStatus == CifsNeedReconnect) {
391 cFYI(1, ("tcp session dead - return to caller to retry"));
393 } else if (ses->status != CifsGood) {
394 /* check if SMB session is bad because we are setting it up */
395 if ((in_buf->Command != SMB_COM_SESSION_SETUP_ANDX) &&
396 (in_buf->Command != SMB_COM_NEGOTIATE))
398 /* else ok - we are setting up session */
400 *ppmidQ = AllocMidQEntry(in_buf, ses);
406 static int wait_for_response(struct cifsSesInfo *ses,
407 struct mid_q_entry *midQ,
408 unsigned long timeout,
409 unsigned long time_to_wait)
411 unsigned long curr_timeout;
414 curr_timeout = timeout + jiffies;
415 wait_event(ses->server->response_q,
416 (!(midQ->midState == MID_REQUEST_SUBMITTED)) ||
417 time_after(jiffies, curr_timeout) ||
418 ((ses->server->tcpStatus != CifsGood) &&
419 (ses->server->tcpStatus != CifsNew)));
421 if (time_after(jiffies, curr_timeout) &&
422 (midQ->midState == MID_REQUEST_SUBMITTED) &&
423 ((ses->server->tcpStatus == CifsGood) ||
424 (ses->server->tcpStatus == CifsNew))) {
428 /* We timed out. Is the server still
430 spin_lock(&GlobalMid_Lock);
431 lrt = ses->server->lstrp;
432 spin_unlock(&GlobalMid_Lock);
434 /* Calculate time_to_wait past last receive time.
435 Although we prefer not to time out if the
436 server is still responding - we will time
437 out if the server takes more than 15 (or 45
438 or 180) seconds to respond to this request
439 and has not responded to any request from
440 other threads on the client within 10 seconds */
442 if (time_after(jiffies, lrt)) {
443 /* No replies for time_to_wait. */
444 cERROR(1, ("server not responding"));
456 * Send an SMB Request. No response info (other than return code)
457 * needs to be parsed.
459 * flags indicate the type of request buffer and how long to wait
460 * and whether to log NT STATUS code (error) before mapping it to POSIX error
464 SendReceiveNoRsp(const unsigned int xid, struct cifsSesInfo *ses,
465 struct smb_hdr *in_buf, int flags)
471 iov[0].iov_base = (char *)in_buf;
472 iov[0].iov_len = in_buf->smb_buf_length + 4;
473 flags |= CIFS_NO_RESP;
474 rc = SendReceive2(xid, ses, iov, 1, &resp_buf_type, flags);
475 cFYI(DBG2, ("SendRcvNoRsp flags %d rc %d", flags, rc));
481 SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
482 struct kvec *iov, int n_vec, int *pRespBufType /* ret */,
487 unsigned int receive_len;
488 unsigned long timeout;
489 struct mid_q_entry *midQ;
490 struct smb_hdr *in_buf = iov[0].iov_base;
492 long_op = flags & CIFS_TIMEOUT_MASK;
494 *pRespBufType = CIFS_NO_BUFFER; /* no response buf yet */
496 if ((ses == NULL) || (ses->server == NULL)) {
497 cifs_small_buf_release(in_buf);
498 cERROR(1, ("Null session"));
502 if (ses->server->tcpStatus == CifsExiting) {
503 cifs_small_buf_release(in_buf);
507 /* Ensure that we do not send more than 50 overlapping requests
508 to the same server. We may make this configurable later or
511 rc = wait_for_free_request(ses, long_op);
513 cifs_small_buf_release(in_buf);
517 /* make sure that we sign in the same order that we send on this socket
518 and avoid races inside tcp sendmsg code that could cause corruption
521 down(&ses->server->tcpSem);
523 rc = allocate_mid(ses, in_buf, &midQ);
525 up(&ses->server->tcpSem);
526 cifs_small_buf_release(in_buf);
527 /* Update # of requests on wire to server */
528 atomic_dec(&ses->server->inFlight);
529 wake_up(&ses->server->request_q);
532 rc = cifs_sign_smb2(iov, n_vec, ses->server, &midQ->sequence_number);
534 midQ->midState = MID_REQUEST_SUBMITTED;
535 #ifdef CONFIG_CIFS_STATS2
536 atomic_inc(&ses->server->inSend);
538 rc = smb_send2(ses->server, iov, n_vec,
539 (struct sockaddr *) &(ses->server->addr.sockAddr),
540 ses->server->noblocksnd);
541 #ifdef CONFIG_CIFS_STATS2
542 atomic_dec(&ses->server->inSend);
543 midQ->when_sent = jiffies;
546 up(&ses->server->tcpSem);
547 cifs_small_buf_release(in_buf);
552 if (long_op == CIFS_STD_OP)
554 else if (long_op == CIFS_VLONG_OP) /* e.g. slow writes past EOF */
556 else if (long_op == CIFS_LONG_OP)
557 timeout = 45 * HZ; /* should be greater than
558 servers oplock break timeout (about 43 seconds) */
559 else if (long_op == CIFS_ASYNC_OP)
561 else if (long_op == CIFS_BLOCKING_OP)
562 timeout = 0x7FFFFFFF; /* large, but not so large as to wrap */
564 cERROR(1, ("unknown timeout flag %d", long_op));
569 /* wait for 15 seconds or until woken up due to response arriving or
570 due to last connection to this server being unmounted */
571 if (signal_pending(current)) {
572 /* if signal pending do not hold up user for full smb timeout
573 but we still give response a chance to complete */
577 /* No user interrupts in wait - wreaks havoc with performance */
578 wait_for_response(ses, midQ, timeout, 10 * HZ);
580 spin_lock(&GlobalMid_Lock);
581 if (midQ->resp_buf) {
582 spin_unlock(&GlobalMid_Lock);
583 receive_len = midQ->resp_buf->smb_buf_length;
585 cERROR(1, ("No response to cmd %d mid %d",
586 midQ->command, midQ->mid));
587 if (midQ->midState == MID_REQUEST_SUBMITTED) {
588 if (ses->server->tcpStatus == CifsExiting)
591 ses->server->tcpStatus = CifsNeedReconnect;
592 midQ->midState = MID_RETRY_NEEDED;
596 if (rc != -EHOSTDOWN) {
597 if (midQ->midState == MID_RETRY_NEEDED) {
599 cFYI(1, ("marking request for retry"));
604 spin_unlock(&GlobalMid_Lock);
605 DeleteMidQEntry(midQ);
606 /* Update # of requests on wire to server */
607 atomic_dec(&ses->server->inFlight);
608 wake_up(&ses->server->request_q);
612 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
613 cERROR(1, ("Frame too large received. Length: %d Xid: %d",
616 } else { /* rcvd frame is ok */
617 if (midQ->resp_buf &&
618 (midQ->midState == MID_RESPONSE_RECEIVED)) {
620 iov[0].iov_base = (char *)midQ->resp_buf;
622 *pRespBufType = CIFS_LARGE_BUFFER;
624 *pRespBufType = CIFS_SMALL_BUFFER;
625 iov[0].iov_len = receive_len + 4;
627 dump_smb(midQ->resp_buf, 80);
628 /* convert the length into a more usable form */
629 if ((receive_len > 24) &&
630 (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
631 SECMODE_SIGN_ENABLED))) {
632 rc = cifs_verify_signature(midQ->resp_buf,
633 &ses->server->mac_signing_key,
634 midQ->sequence_number+1);
636 cERROR(1, ("Unexpected SMB signature"));
637 /* BB FIXME add code to kill session */
641 /* BB special case reconnect tid and uid here? */
642 rc = map_smb_to_linux_error(midQ->resp_buf,
643 flags & CIFS_LOG_ERROR);
645 /* convert ByteCount if necessary */
646 if (receive_len >= sizeof(struct smb_hdr) - 4
647 /* do not count RFC1001 header */ +
648 (2 * midQ->resp_buf->WordCount) + 2 /* bcc */ )
649 BCC(midQ->resp_buf) =
650 le16_to_cpu(BCC_LE(midQ->resp_buf));
651 if ((flags & CIFS_NO_RESP) == 0)
652 midQ->resp_buf = NULL; /* mark it so buf will
657 cFYI(1, ("Bad MID state?"));
662 DeleteMidQEntry(midQ);
663 atomic_dec(&ses->server->inFlight);
664 wake_up(&ses->server->request_q);
670 SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
671 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
672 int *pbytes_returned, const int long_op)
675 unsigned int receive_len;
676 unsigned long timeout;
677 struct mid_q_entry *midQ;
680 cERROR(1, ("Null smb session"));
683 if (ses->server == NULL) {
684 cERROR(1, ("Null tcp session"));
688 if (ses->server->tcpStatus == CifsExiting)
691 /* Ensure that we do not send more than 50 overlapping requests
692 to the same server. We may make this configurable later or
695 rc = wait_for_free_request(ses, long_op);
699 /* make sure that we sign in the same order that we send on this socket
700 and avoid races inside tcp sendmsg code that could cause corruption
703 down(&ses->server->tcpSem);
705 rc = allocate_mid(ses, in_buf, &midQ);
707 up(&ses->server->tcpSem);
708 /* Update # of requests on wire to server */
709 atomic_dec(&ses->server->inFlight);
710 wake_up(&ses->server->request_q);
714 if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
715 cERROR(1, ("Illegal length, greater than maximum frame, %d",
716 in_buf->smb_buf_length));
717 DeleteMidQEntry(midQ);
718 up(&ses->server->tcpSem);
719 /* Update # of requests on wire to server */
720 atomic_dec(&ses->server->inFlight);
721 wake_up(&ses->server->request_q);
725 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
727 midQ->midState = MID_REQUEST_SUBMITTED;
728 #ifdef CONFIG_CIFS_STATS2
729 atomic_inc(&ses->server->inSend);
731 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
732 (struct sockaddr *) &(ses->server->addr.sockAddr),
733 ses->server->noblocksnd);
734 #ifdef CONFIG_CIFS_STATS2
735 atomic_dec(&ses->server->inSend);
736 midQ->when_sent = jiffies;
738 up(&ses->server->tcpSem);
743 if (long_op == CIFS_STD_OP)
745 /* wait for 15 seconds or until woken up due to response arriving or
746 due to last connection to this server being unmounted */
747 else if (long_op == CIFS_ASYNC_OP)
749 else if (long_op == CIFS_VLONG_OP) /* writes past EOF can be slow */
751 else if (long_op == CIFS_LONG_OP)
752 timeout = 45 * HZ; /* should be greater than
753 servers oplock break timeout (about 43 seconds) */
754 else if (long_op == CIFS_BLOCKING_OP)
755 timeout = 0x7FFFFFFF; /* large but no so large as to wrap */
757 cERROR(1, ("unknown timeout flag %d", long_op));
762 if (signal_pending(current)) {
763 /* if signal pending do not hold up user for full smb timeout
764 but we still give response a chance to complete */
768 /* No user interrupts in wait - wreaks havoc with performance */
769 wait_for_response(ses, midQ, timeout, 10 * HZ);
771 spin_lock(&GlobalMid_Lock);
772 if (midQ->resp_buf) {
773 spin_unlock(&GlobalMid_Lock);
774 receive_len = midQ->resp_buf->smb_buf_length;
776 cERROR(1, ("No response for cmd %d mid %d",
777 midQ->command, midQ->mid));
778 if (midQ->midState == MID_REQUEST_SUBMITTED) {
779 if (ses->server->tcpStatus == CifsExiting)
782 ses->server->tcpStatus = CifsNeedReconnect;
783 midQ->midState = MID_RETRY_NEEDED;
787 if (rc != -EHOSTDOWN) {
788 if (midQ->midState == MID_RETRY_NEEDED) {
790 cFYI(1, ("marking request for retry"));
795 spin_unlock(&GlobalMid_Lock);
796 DeleteMidQEntry(midQ);
797 /* Update # of requests on wire to server */
798 atomic_dec(&ses->server->inFlight);
799 wake_up(&ses->server->request_q);
803 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
804 cERROR(1, ("Frame too large received. Length: %d Xid: %d",
807 } else { /* rcvd frame is ok */
809 if (midQ->resp_buf && out_buf
810 && (midQ->midState == MID_RESPONSE_RECEIVED)) {
811 out_buf->smb_buf_length = receive_len;
812 memcpy((char *)out_buf + 4,
813 (char *)midQ->resp_buf + 4,
816 dump_smb(out_buf, 92);
817 /* convert the length into a more usable form */
818 if ((receive_len > 24) &&
819 (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
820 SECMODE_SIGN_ENABLED))) {
821 rc = cifs_verify_signature(out_buf,
822 &ses->server->mac_signing_key,
823 midQ->sequence_number+1);
825 cERROR(1, ("Unexpected SMB signature"));
826 /* BB FIXME add code to kill session */
830 *pbytes_returned = out_buf->smb_buf_length;
832 /* BB special case reconnect tid and uid here? */
833 rc = map_smb_to_linux_error(out_buf, 0 /* no log */ );
835 /* convert ByteCount if necessary */
836 if (receive_len >= sizeof(struct smb_hdr) - 4
837 /* do not count RFC1001 header */ +
838 (2 * out_buf->WordCount) + 2 /* bcc */ )
839 BCC(out_buf) = le16_to_cpu(BCC_LE(out_buf));
842 cERROR(1, ("Bad MID state?"));
847 DeleteMidQEntry(midQ);
848 atomic_dec(&ses->server->inFlight);
849 wake_up(&ses->server->request_q);
854 /* Send an NT_CANCEL SMB to cause the POSIX blocking lock to return. */
857 send_nt_cancel(struct cifsTconInfo *tcon, struct smb_hdr *in_buf,
858 struct mid_q_entry *midQ)
861 struct cifsSesInfo *ses = tcon->ses;
862 __u16 mid = in_buf->Mid;
864 header_assemble(in_buf, SMB_COM_NT_CANCEL, tcon, 0);
866 down(&ses->server->tcpSem);
867 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
869 up(&ses->server->tcpSem);
872 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
873 (struct sockaddr *) &(ses->server->addr.sockAddr),
874 ses->server->noblocksnd);
875 up(&ses->server->tcpSem);
879 /* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
880 blocking lock to return. */
883 send_lock_cancel(const unsigned int xid, struct cifsTconInfo *tcon,
884 struct smb_hdr *in_buf,
885 struct smb_hdr *out_buf)
888 struct cifsSesInfo *ses = tcon->ses;
889 LOCK_REQ *pSMB = (LOCK_REQ *)in_buf;
891 /* We just modify the current in_buf to change
892 the type of lock from LOCKING_ANDX_SHARED_LOCK
893 or LOCKING_ANDX_EXCLUSIVE_LOCK to
894 LOCKING_ANDX_CANCEL_LOCK. */
896 pSMB->LockType = LOCKING_ANDX_CANCEL_LOCK|LOCKING_ANDX_LARGE_FILES;
898 pSMB->hdr.Mid = GetNextMid(ses->server);
900 return SendReceive(xid, ses, in_buf, out_buf,
901 &bytes_returned, CIFS_STD_OP);
905 SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
906 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
907 int *pbytes_returned)
911 unsigned int receive_len;
912 struct mid_q_entry *midQ;
913 struct cifsSesInfo *ses;
915 if (tcon == NULL || tcon->ses == NULL) {
916 cERROR(1, ("Null smb session"));
921 if (ses->server == NULL) {
922 cERROR(1, ("Null tcp session"));
926 if (ses->server->tcpStatus == CifsExiting)
929 /* Ensure that we do not send more than 50 overlapping requests
930 to the same server. We may make this configurable later or
933 rc = wait_for_free_request(ses, CIFS_BLOCKING_OP);
937 /* make sure that we sign in the same order that we send on this socket
938 and avoid races inside tcp sendmsg code that could cause corruption
941 down(&ses->server->tcpSem);
943 rc = allocate_mid(ses, in_buf, &midQ);
945 up(&ses->server->tcpSem);
949 if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
950 up(&ses->server->tcpSem);
951 cERROR(1, ("Illegal length, greater than maximum frame, %d",
952 in_buf->smb_buf_length));
953 DeleteMidQEntry(midQ);
957 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
959 midQ->midState = MID_REQUEST_SUBMITTED;
960 #ifdef CONFIG_CIFS_STATS2
961 atomic_inc(&ses->server->inSend);
963 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
964 (struct sockaddr *) &(ses->server->addr.sockAddr),
965 ses->server->noblocksnd);
966 #ifdef CONFIG_CIFS_STATS2
967 atomic_dec(&ses->server->inSend);
968 midQ->when_sent = jiffies;
970 up(&ses->server->tcpSem);
973 DeleteMidQEntry(midQ);
977 /* Wait for a reply - allow signals to interrupt. */
978 rc = wait_event_interruptible(ses->server->response_q,
979 (!(midQ->midState == MID_REQUEST_SUBMITTED)) ||
980 ((ses->server->tcpStatus != CifsGood) &&
981 (ses->server->tcpStatus != CifsNew)));
983 /* Were we interrupted by a signal ? */
984 if ((rc == -ERESTARTSYS) &&
985 (midQ->midState == MID_REQUEST_SUBMITTED) &&
986 ((ses->server->tcpStatus == CifsGood) ||
987 (ses->server->tcpStatus == CifsNew))) {
989 if (in_buf->Command == SMB_COM_TRANSACTION2) {
990 /* POSIX lock. We send a NT_CANCEL SMB to cause the
991 blocking lock to return. */
993 rc = send_nt_cancel(tcon, in_buf, midQ);
995 DeleteMidQEntry(midQ);
999 /* Windows lock. We send a LOCKINGX_CANCEL_LOCK
1000 to cause the blocking lock to return. */
1002 rc = send_lock_cancel(xid, tcon, in_buf, out_buf);
1004 /* If we get -ENOLCK back the lock may have
1005 already been removed. Don't exit in this case. */
1006 if (rc && rc != -ENOLCK) {
1007 DeleteMidQEntry(midQ);
1012 /* Wait 5 seconds for the response. */
1013 if (wait_for_response(ses, midQ, 5 * HZ, 5 * HZ) == 0) {
1014 /* We got the response - restart system call. */
1019 spin_lock(&GlobalMid_Lock);
1020 if (midQ->resp_buf) {
1021 spin_unlock(&GlobalMid_Lock);
1022 receive_len = midQ->resp_buf->smb_buf_length;
1024 cERROR(1, ("No response for cmd %d mid %d",
1025 midQ->command, midQ->mid));
1026 if (midQ->midState == MID_REQUEST_SUBMITTED) {
1027 if (ses->server->tcpStatus == CifsExiting)
1030 ses->server->tcpStatus = CifsNeedReconnect;
1031 midQ->midState = MID_RETRY_NEEDED;
1035 if (rc != -EHOSTDOWN) {
1036 if (midQ->midState == MID_RETRY_NEEDED) {
1038 cFYI(1, ("marking request for retry"));
1043 spin_unlock(&GlobalMid_Lock);
1044 DeleteMidQEntry(midQ);
1048 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
1049 cERROR(1, ("Frame too large received. Length: %d Xid: %d",
1052 } else { /* rcvd frame is ok */
1054 if (midQ->resp_buf && out_buf
1055 && (midQ->midState == MID_RESPONSE_RECEIVED)) {
1056 out_buf->smb_buf_length = receive_len;
1057 memcpy((char *)out_buf + 4,
1058 (char *)midQ->resp_buf + 4,
1061 dump_smb(out_buf, 92);
1062 /* convert the length into a more usable form */
1063 if ((receive_len > 24) &&
1064 (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
1065 SECMODE_SIGN_ENABLED))) {
1066 rc = cifs_verify_signature(out_buf,
1067 &ses->server->mac_signing_key,
1068 midQ->sequence_number+1);
1070 cERROR(1, ("Unexpected SMB signature"));
1071 /* BB FIXME add code to kill session */
1075 *pbytes_returned = out_buf->smb_buf_length;
1077 /* BB special case reconnect tid and uid here? */
1078 rc = map_smb_to_linux_error(out_buf, 0 /* no log */ );
1080 /* convert ByteCount if necessary */
1081 if (receive_len >= sizeof(struct smb_hdr) - 4
1082 /* do not count RFC1001 header */ +
1083 (2 * out_buf->WordCount) + 2 /* bcc */ )
1084 BCC(out_buf) = le16_to_cpu(BCC_LE(out_buf));
1087 cERROR(1, ("Bad MID state?"));
1090 DeleteMidQEntry(midQ);
1091 if (rstart && rc == -EACCES)
1092 return -ERESTARTSYS;