|
@@ -704,6 +704,61 @@ static void clean_demultiplex_info(struct TCP_Server_Info *server)
|
|
|
GFP_KERNEL);
|
|
GFP_KERNEL);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+static int
|
|
|
|
|
+standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
|
|
|
|
|
+{
|
|
|
|
|
+ int length;
|
|
|
|
|
+ char *buf = server->smallbuf;
|
|
|
|
|
+ struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
|
|
|
|
|
+ unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
|
|
|
|
|
+
|
|
|
|
|
+ /* make sure this will fit in a large buffer */
|
|
|
|
|
+ if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
|
|
|
|
|
+ cERROR(1, "SMB response too long (%u bytes)",
|
|
|
|
|
+ pdu_length);
|
|
|
|
|
+ cifs_reconnect(server);
|
|
|
|
|
+ wake_up(&server->response_q);
|
|
|
|
|
+ return -EAGAIN;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ /* switch to large buffer if too big for a small one */
|
|
|
|
|
+ if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
|
|
|
|
|
+ server->large_buf = true;
|
|
|
|
|
+ memcpy(server->bigbuf, server->smallbuf, server->total_read);
|
|
|
|
|
+ buf = server->bigbuf;
|
|
|
|
|
+ smb_buffer = (struct smb_hdr *)buf;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ /* now read the rest */
|
|
|
|
|
+ length = read_from_socket(server,
|
|
|
|
|
+ buf + sizeof(struct smb_hdr) - 1,
|
|
|
|
|
+ pdu_length - sizeof(struct smb_hdr) + 1 + 4);
|
|
|
|
|
+ if (length < 0)
|
|
|
|
|
+ return length;
|
|
|
|
|
+ server->total_read += length;
|
|
|
|
|
+
|
|
|
|
|
+ dump_smb(smb_buffer, server->total_read);
|
|
|
|
|
+
|
|
|
|
|
+ /*
|
|
|
|
|
+ * We know that we received enough to get to the MID as we
|
|
|
|
|
+ * checked the pdu_length earlier. Now check to see
|
|
|
|
|
+ * if the rest of the header is OK. We borrow the length
|
|
|
|
|
+ * var for the rest of the loop to avoid a new stack var.
|
|
|
|
|
+ *
|
|
|
|
|
+ * 48 bytes is enough to display the header and a little bit
|
|
|
|
|
+ * into the payload for debugging purposes.
|
|
|
|
|
+ */
|
|
|
|
|
+ length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
|
|
|
|
|
+ if (length != 0)
|
|
|
|
|
+ cifs_dump_mem("Bad SMB: ", buf,
|
|
|
|
|
+ min_t(unsigned int, server->total_read, 48));
|
|
|
|
|
+
|
|
|
|
|
+ if (mid)
|
|
|
|
|
+ handle_mid(mid, server, smb_buffer, length);
|
|
|
|
|
+
|
|
|
|
|
+ return length;
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
static int
|
|
static int
|
|
|
cifs_demultiplex_thread(void *p)
|
|
cifs_demultiplex_thread(void *p)
|
|
|
{
|
|
{
|
|
@@ -769,57 +824,19 @@ cifs_demultiplex_thread(void *p)
|
|
|
|
|
|
|
|
mid_entry = find_mid(server, smb_buffer);
|
|
mid_entry = find_mid(server, smb_buffer);
|
|
|
|
|
|
|
|
- if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
|
|
|
|
|
- cERROR(1, "SMB response too long (%u bytes)",
|
|
|
|
|
- pdu_length);
|
|
|
|
|
- cifs_reconnect(server);
|
|
|
|
|
- wake_up(&server->response_q);
|
|
|
|
|
|
|
+ length = standard_receive3(server, mid_entry);
|
|
|
|
|
+ if (length < 0)
|
|
|
continue;
|
|
continue;
|
|
|
- }
|
|
|
|
|
|
|
|
|
|
- /* else length ok */
|
|
|
|
|
- if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
|
|
|
|
|
- server->large_buf = true;
|
|
|
|
|
- memcpy(server->bigbuf, server->smallbuf,
|
|
|
|
|
- server->total_read);
|
|
|
|
|
- smb_buffer = (struct smb_hdr *)server->bigbuf;
|
|
|
|
|
|
|
+ if (server->large_buf) {
|
|
|
buf = server->bigbuf;
|
|
buf = server->bigbuf;
|
|
|
|
|
+ smb_buffer = (struct smb_hdr *)buf;
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- /* now read the rest */
|
|
|
|
|
- length = read_from_socket(server,
|
|
|
|
|
- buf + sizeof(struct smb_hdr) - 1,
|
|
|
|
|
- pdu_length - sizeof(struct smb_hdr) + 1 + 4);
|
|
|
|
|
- if (length < 0)
|
|
|
|
|
- continue;
|
|
|
|
|
- server->total_read += length;
|
|
|
|
|
-
|
|
|
|
|
- dump_smb(smb_buffer, server->total_read);
|
|
|
|
|
-
|
|
|
|
|
- /*
|
|
|
|
|
- * We know that we received enough to get to the MID as we
|
|
|
|
|
- * checked the pdu_length earlier. Now check to see
|
|
|
|
|
- * if the rest of the header is OK. We borrow the length
|
|
|
|
|
- * var for the rest of the loop to avoid a new stack var.
|
|
|
|
|
- *
|
|
|
|
|
- * 48 bytes is enough to display the header and a little bit
|
|
|
|
|
- * into the payload for debugging purposes.
|
|
|
|
|
- */
|
|
|
|
|
- length = checkSMB(smb_buffer, smb_buffer->Mid,
|
|
|
|
|
- server->total_read);
|
|
|
|
|
- if (length != 0)
|
|
|
|
|
- cifs_dump_mem("Bad SMB: ", buf,
|
|
|
|
|
- min_t(unsigned int, server->total_read, 48));
|
|
|
|
|
-
|
|
|
|
|
server->lstrp = jiffies;
|
|
server->lstrp = jiffies;
|
|
|
-
|
|
|
|
|
if (mid_entry != NULL) {
|
|
if (mid_entry != NULL) {
|
|
|
- handle_mid(mid_entry, server, smb_buffer, length);
|
|
|
|
|
if (!mid_entry->multiRsp || mid_entry->multiEnd)
|
|
if (!mid_entry->multiRsp || mid_entry->multiEnd)
|
|
|
mid_entry->callback(mid_entry);
|
|
mid_entry->callback(mid_entry);
|
|
|
- } else if (length != 0) {
|
|
|
|
|
- /* response sanity checks failed */
|
|
|
|
|
- continue;
|
|
|
|
|
} else if (!is_valid_oplock_break(smb_buffer, server)) {
|
|
} else if (!is_valid_oplock_break(smb_buffer, server)) {
|
|
|
cERROR(1, "No task to wake, unknown frame received! "
|
|
cERROR(1, "No task to wake, unknown frame received! "
|
|
|
"NumMids %d", atomic_read(&midCount));
|
|
"NumMids %d", atomic_read(&midCount));
|
Jeff Layton