Kernel
Threads by month
- ----- 2025 -----
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- 1 participants
- 17951 discussions
[PATCH openEuler-1.0-LTS 1/4] rds: rds_rm_zerocopy_callback() use list_first_entry()
by Yongqiang Liu 06 Mar '23
by Yongqiang Liu 06 Mar '23
06 Mar '23
From: Pietro Borrello <borrello(a)diag.uniroma1.it>
stable inclusion
from stable-v4.19.273
commit 909d5eef5ce792bb76d7b5a9b7a6852b813d8cac
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6I7UF
CVE: CVE-2023-1078
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
-------------------------------------------------
[ Upstream commit f753a68980cf4b59a80fe677619da2b1804f526d ]
rds_rm_zerocopy_callback() uses list_entry() on the head of a list
causing a type confusion.
Use list_first_entry() to actually access the first element of the
rs_zcookie_queue list.
Fixes: 9426bbc6de99 ("rds: use list structure to track information for zerocopy completion notification")
Reviewed-by: Willem de Bruijn <willemb(a)google.com>
Signed-off-by: Pietro Borrello <borrello(a)diag.uniroma1.it>
Link: https://lore.kernel.org/r/20230202-rds-zerocopy-v3-1-83b0df974f9a@diag.unir…
Signed-off-by: Paolo Abeni <pabeni(a)redhat.com>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Lu Wei <luwei32(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/rds/message.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/net/rds/message.c b/net/rds/message.c
index 4b00b1152a5f..309b54cc62ae 100644
--- a/net/rds/message.c
+++ b/net/rds/message.c
@@ -104,9 +104,9 @@ static void rds_rm_zerocopy_callback(struct rds_sock *rs,
spin_lock_irqsave(&q->lock, flags);
head = &q->zcookie_head;
if (!list_empty(head)) {
- info = list_entry(head, struct rds_msg_zcopy_info,
- rs_zcookie_next);
- if (info && rds_zcookie_add(info, cookie)) {
+ info = list_first_entry(head, struct rds_msg_zcopy_info,
+ rs_zcookie_next);
+ if (rds_zcookie_add(info, cookie)) {
spin_unlock_irqrestore(&q->lock, flags);
kfree(rds_info_from_znotifier(znotif));
/* caller invokes rds_wake_sk_sleep() */
--
2.25.1
1
3
04 Mar '23
v7:
- change there is a container(PNP0A06) has a memory device
(PNP0C80) before create device attributes under container
subsys
v6:
- get container device form container_subsys
v5:
- check the container have PNP0C80 before create
attribute files
v4:
- prettify the code
v3:
- prettify the code
- add a hisi_internal.h to hold common code
v2:
- remove the !adev judge in patch 9, as it will always be
true.
patch 1-3: Add support for iterate through the
child devices in the acpi device.
patch 4-9: Add support for hbm memory device and
hbm cache support
Rafael J. Wysocki (3):
ACPI: bus: Introduce acpi_dev_for_each_child()
ACPI: bus: Avoid non-ACPI device objects in walks over children
ACPI: bus: Export acpi_dev_for_each_child() to modules
Zhang Zekun (5):
ACPI: OSL: Export the symbol of acpi_hotplug_schedule
soc: hisilicon: hisi_hbmdev: Add power domain control methods
ACPI: memhotplug: export the state of each hotplug device
soc: hisilicon: hisi_hbmdev: Provide extra memory topology information
soc: hbmcache: Add support for online and offline the hbm cache
drivers/acpi/acpi_memhotplug.c | 6 +
drivers/acpi/bus.c | 27 +++
drivers/acpi/internal.h | 1 -
drivers/acpi/osl.c | 1 +
drivers/base/container.c | 1 +
drivers/soc/Kconfig | 1 +
drivers/soc/Makefile | 1 +
drivers/soc/hisilicon/Kconfig | 33 +++
drivers/soc/hisilicon/Makefile | 4 +
drivers/soc/hisilicon/hisi_hbmcache.c | 147 +++++++++++++
drivers/soc/hisilicon/hisi_hbmdev.c | 301 ++++++++++++++++++++++++++
drivers/soc/hisilicon/hisi_internal.h | 31 +++
include/acpi/acpi_bus.h | 2 +
include/linux/acpi.h | 1 +
include/linux/memory_hotplug.h | 2 +
15 files changed, 558 insertions(+), 1 deletion(-)
create mode 100644 drivers/soc/hisilicon/Kconfig
create mode 100644 drivers/soc/hisilicon/Makefile
create mode 100644 drivers/soc/hisilicon/hisi_hbmcache.c
create mode 100644 drivers/soc/hisilicon/hisi_hbmdev.c
create mode 100644 drivers/soc/hisilicon/hisi_internal.h
--
2.17.1
1
8
v2:
- remove patch "mm/sharepool: Add mg_sp_alloc_nodemask"
Chen Jun (3):
mm/sharepool: Fix a double free problem caused by init_local_group
mm/sharepool: extract group_add_task
mm/sharepool: use delete_spg_node to replace some repetitive code
Guo Mengqi (1):
mm: sharepool: add static modifier to find_spg_node_by_spg()
Wang Wensheng (8):
mm/sharepool: Fix NULL pointer dereference in mg_sp_group_del_task
mm/sharepool: Reorganize create_spg()
mm/sharepool: Simplify sp_make_share_k2u()
mm/sharepool: Rename sp_group operations
mm/sharepool: Simplify sp_unshare_uva()
mm/sharepool: Fix null-pointer-deference in sp_free_area
mm/sharepool: Modify error message in mg_sp_group_del_task
mm/sharepool: Fix double delete list in sp_group_exit
Xu Qiang (17):
mm/sharepool: Refactoring proc file interface similar code
mm/sharepool: Add helper for master_list
mm/sharepool: Delete unused spg_id and hugepage_failures.
mm/sharepool: Delete unused mm in sp_proc_stat.
mm/sharepool: Move spa_num field to sp_group.
mm/sharepool: Rename sp_spg_stat to sp_meminfo.
mm/sharepool: Split meminfo_update into meminfo_inc_usage and
meminfo_dec_usage.
mm/sharepool: split meminfo_update_k2u into meminfo_inc_k2u and
meminfo_dec_k2u.
mm/sharepool: Delete redundant tgid in sp_proc_stat.
mm/sharepool: Move comm from sp_proc_stat to sp_group_master.
mm/sharepool: replace sp_proc_stat with sp_meminfo.
mm/sharepool: Delete unused tgid and spg_id in spg_proc_stat.
mm/sharepool: Replace spg_proc_stat with sp_meminfo.
mm/sharepool: Add meminfo_alloc_sum_byKB and meminfo_alloc_sum.
mm/sharepool: Add meminfo_k2u_size.
mm/sharepool: Delete unused kthread_stat.
mm/sharepool: Delete redundant size and alloc_size in sp_meminfo.
Zhang Zekun (6):
perf: hisi: Add configs for PMU isolation
driver: Add CONFIG_ACPI_APEI_GHES_TS_CORE for code isolation
ACPI / APEI: Add config to isolate Notify all ras err
vmalloc: Add config for Extend for hugepages mapping
iommu/arm-smmu-v3: Add config to Add support for suspend and resume
hugetlbfs: Add config to isolate the code of share_pool
Zhou Guanghui (2):
mm/sharepool: Don't display sharepool statistics in the container
mm: sharepool: Charge Buddy hugepage to memcg
arch/arm64/Kconfig | 2 +-
arch/arm64/configs/openeuler_defconfig | 6 +
drivers/acpi/apei/Kconfig | 14 +
drivers/acpi/apei/ghes.c | 10 +-
drivers/iommu/Kconfig | 7 +
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 9 +-
drivers/perf/hisilicon/Kconfig | 19 +
drivers/perf/hisilicon/Makefile | 6 +-
fs/hugetlbfs/inode.c | 21 +-
include/acpi/ghes.h | 2 +
include/linux/cper.h | 3 +
include/linux/mm.h | 2 +
include/linux/vmalloc.h | 7 +
mm/Kconfig | 6 +
mm/hugetlb.c | 2 +
mm/share_pool.c | 1027 ++++++++-----------
mm/share_pool_internal.h | 22 +
mm/vmalloc.c | 16 +
18 files changed, 569 insertions(+), 612 deletions(-)
create mode 100644 mm/share_pool_internal.h
--
2.17.1
1
37
Re: [PATCH v5 OLK-5.10 5/8] soc: hisilicon: hisi_hbmdev: Add power domain control methods
by zhangzekun (A) 03 Mar '23
by zhangzekun (A) 03 Mar '23
03 Mar '23
在 2023/3/3 14:19, Kefeng Wang 写道:
>
>
> On 2023/3/3 11:49, Zhang Zekun wrote:
>> Offering: HULK
>> hulk inclusion
>> category: feature
>> bugzilla: https://gitee.com/openeuler/kernel/issues/I67QNJ
>> CVE: NA
>>
>> ------------------------------------------------------------------
>>
>> Platform devices which supports power control are often required to be
>> power off/on together with the devices in the same power domain.
>> However,
>> there isn't a generic driver that support the power control logic of
>> these devices.
>>
>> ACPI container seems to be a good place to hold these control logic. Add
>> platform devices in the same power domain in a ACPI container, we can
>> easily get the locality information about these devices and can moniter
>> the power of these devices in the same power domain together.
>>
>> This patch provide three userspace control interface to control the
>> power
>> of devices together in the container:
>> - state: Echo online to state to power up the devices in the
>> container and
>> then online these devices which will be triggered by BIOS. Echo
>> offline
>> to the state to offline and eject the child devices in the container
>> which are ejectable.
>> - pxms: show the pxms of devices which are present in the container.
>>
>> In our scenario, we need to control the power of HBM memory devices
>> which
>> can be power consuming and will only be used in some specialized
>> scenarios,
>> such as HPC. HBM memory devices in a socket are in the same power
>> domain,
>> and should be power off/on together. We have come up with an idea
>> that put
>> these power control logic in a specialized driver, but ACPI container
>> seems
>> to be a more generic place to hold these control logic.
>>
>> Signed-off-by: Zhang Zekun <zhangzekun11(a)huawei.com>
>> ---
>> v6:
>> - get container dev form container_subsys
>>
>> v5:
>> - check containers have PNP0C80 before create attibute
>> files
>>
>> v4:
>> - prettify the code
>>
>> v3:
>> - move the common code to hisi_internal.h
>>
>> drivers/base/container.c | 1 +
>> drivers/soc/Kconfig | 1 +
>> drivers/soc/Makefile | 1 +
>> drivers/soc/hisilicon/Kconfig | 19 +++
>> drivers/soc/hisilicon/Makefile | 3 +
>> drivers/soc/hisilicon/hisi_hbmdev.c | 196 ++++++++++++++++++++++++++
>> drivers/soc/hisilicon/hisi_internal.h | 31 ++++
>> 7 files changed, 252 insertions(+)
>> create mode 100644 drivers/soc/hisilicon/Kconfig
>> create mode 100644 drivers/soc/hisilicon/Makefile
>> create mode 100644 drivers/soc/hisilicon/hisi_hbmdev.c
>> create mode 100644 drivers/soc/hisilicon/hisi_internal.h
>>
>> diff --git a/drivers/base/container.c b/drivers/base/container.c
>> index 1ba42d2d3532..12e572d0c69b 100644
>> --- a/drivers/base/container.c
>> +++ b/drivers/base/container.c
>> @@ -30,6 +30,7 @@ struct bus_type container_subsys = {
>> .online = trivial_online,
>> .offline = container_offline,
>> };
>> +EXPORT_SYMBOL_GPL(container_subsys);
>> void __init container_dev_init(void)
>> {
>> diff --git a/drivers/soc/Kconfig b/drivers/soc/Kconfig
>> index 425ab6f7e375..f7c59b063321 100644
>> --- a/drivers/soc/Kconfig
>> +++ b/drivers/soc/Kconfig
>> @@ -23,5 +23,6 @@ source "drivers/soc/versatile/Kconfig"
>> source "drivers/soc/xilinx/Kconfig"
>> source "drivers/soc/zte/Kconfig"
>> source "drivers/soc/kendryte/Kconfig"
>> +source "drivers/soc/hisilicon/Kconfig"
>> endmenu
>> diff --git a/drivers/soc/Makefile b/drivers/soc/Makefile
>> index 36452bed86ef..68f186e00e44 100644
>> --- a/drivers/soc/Makefile
>> +++ b/drivers/soc/Makefile
>> @@ -29,3 +29,4 @@ obj-$(CONFIG_PLAT_VERSATILE) += versatile/
>> obj-y += xilinx/
>> obj-$(CONFIG_ARCH_ZX) += zte/
>> obj-$(CONFIG_SOC_KENDRYTE) += kendryte/
>> +obj-y += hisilicon/
>> diff --git a/drivers/soc/hisilicon/Kconfig
>> b/drivers/soc/hisilicon/Kconfig
>> new file mode 100644
>> index 000000000000..497787af004e
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/Kconfig
>> @@ -0,0 +1,19 @@
>> +# SPDX-License-Identifier: GPL-2.0
>> +#
>> +# Hisilicon SoC drivers
>> +#
>> +menu "Hisilicon SoC driver support"
>> +
>> +config HISI_HBMDEV
>> + tristate "add extra support for hbm memory device"
>> + depends on ACPI_HOTPLUG_MEMORY
>> + select ACPI_CONTAINER
>> + help
>> + This driver add extra supports for memory devices. The driver
>> + provides methods for userpace to control the power of memory
>> + devices in a container.
>> +
>> + To compile this driver as a module, choose M here:
>> + the module will be called hisi_hbmdev.
>> +
>> +endmenu
>> diff --git a/drivers/soc/hisilicon/Makefile
>> b/drivers/soc/hisilicon/Makefile
>> new file mode 100644
>> index 000000000000..22e87acb1ab3
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/Makefile
>> @@ -0,0 +1,3 @@
>> +# SPDX-License-Identifier: GPL-2.0
>> +
>> +obj-$(CONFIG_HISI_HBMDEV) += hisi_hbmdev.o
>> diff --git a/drivers/soc/hisilicon/hisi_hbmdev.c
>> b/drivers/soc/hisilicon/hisi_hbmdev.c
>> new file mode 100644
>> index 000000000000..8485efc00684
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/hisi_hbmdev.c
>> @@ -0,0 +1,196 @@
>> +// SPDX-License-Identifier: GPL-2.0
>> +/*
>> + * Copyright (C) Huawei Technologies Co., Ltd. 2023. All rights
>> reserved.
>> + */
>> +
>> +#include <linux/kobject.h>
>> +#include <linux/module.h>
>> +#include <linux/nodemask.h>
>> +#include <linux/acpi.h>
>> +#include <linux/container.h>
>> +
>> +#include "hisi_internal.h"
>> +
>> +#define ACPI_MEMORY_DEVICE_HID "PNP0C80"
>> +#define ACPI_GENERIC_CONTAINER_DEVICE_HID "PNP0A06"
>> +
>> +struct memory_dev {
>> + struct kobject *memdev_kobj;
>> +};
>> +
>> +static struct memory_dev *mdev;
>> +
>> +static int hbmdev_find(struct acpi_device *adev, void *arg)
>> +{
>> + const char *hid = acpi_device_hid(adev);
>> + bool *found = arg;
>> +
>> + if (!strcmp(hid, ACPI_MEMORY_DEVICE_HID)) {
>> + *found = true;
>> + return -1;
>> + }
>> +
>> + return 0;
>> +}
>> +
>> +static bool has_hbmdev(struct device *dev)
>> +{
>> + struct acpi_device *adev = ACPI_COMPANION(dev);
>> + const char *hid = acpi_device_hid(adev);
>> + bool found = false;
>> +
>> + if (strcmp(hid, ACPI_GENERIC_CONTAINER_DEVICE_HID))
>> + return found;
>> +
>> + acpi_dev_for_each_child(adev, hbmdev_find, &found);
>> +
>> + return found;
>> +}
>> +
>> +static int get_pxm(struct acpi_device *acpi_device, void *arg)
>> +{
>> + acpi_handle handle = acpi_device->handle;
>> + nodemask_t *mask = arg;
>> + unsigned long long sta;
>> + acpi_status status;
>> + int nid;
>> +
>> + status = acpi_evaluate_integer(handle, "_STA", NULL, &sta);
>> + if (ACPI_SUCCESS(status) && (sta & ACPI_STA_DEVICE_ENABLED)) {
>> + nid = acpi_get_node(handle);
>> + if (nid >= 0)
>> + node_set(nid, *mask);
>> + }
>> +
>> + return 0;
>> +}
>> +
>> +static ssize_t pxms_show(struct device *dev,
>> + struct device_attribute *attr,
>> + char *buf)
>> +{
>> + struct acpi_device *adev = ACPI_COMPANION(dev);
>> + nodemask_t mask;
>> +
>> + nodes_clear(mask);
>> + acpi_dev_for_each_child(adev, get_pxm, &mask);
>> +
>> + return sysfs_emit(buf, "%*pbl\n",
>> + nodemask_pr_args(&mask));
>> +}
>> +static DEVICE_ATTR_RO(pxms);
>> +
>> +static int memdev_power_on(struct acpi_device *adev)
>> +{
>> + acpi_handle handle = adev->handle;
>> + acpi_status status;
>> +
>> + status = acpi_evaluate_object(handle, "_ON", NULL, NULL);
>> + if (ACPI_FAILURE(status)) {
>> + acpi_handle_warn(handle, "Power on failed (0x%x)\n", status);
>> + return -ENODEV;
>> + }
>> +
>> + return 0;
>> +}
>> +
>> +static int eject_device(struct acpi_device *acpi_device, void
>> *not_used)
>> +{
>> + acpi_object_type unused;
>> + acpi_status status;
>> +
>> + status = acpi_get_type(acpi_device->handle, &unused);
>> + if (ACPI_FAILURE(status) || !acpi_device->flags.ejectable)
>> + return -ENODEV;
>> +
>> + get_device(&acpi_device->dev);
>> + status = acpi_hotplug_schedule(acpi_device,
>> ACPI_OST_EC_OSPM_EJECT);
>> + if (ACPI_SUCCESS(status))
>> + return 0;
>> +
>> + put_device(&acpi_device->dev);
>> + acpi_evaluate_ost(acpi_device->handle, ACPI_OST_EC_OSPM_EJECT,
>> + ACPI_OST_SC_NON_SPECIFIC_FAILURE, NULL);
>> +
>> + return status == AE_NO_MEMORY ? -ENOMEM : -EAGAIN;
>> +}
>> +
>> +static int memdev_power_off(struct acpi_device *adev)
>> +{
>> + return acpi_dev_for_each_child(adev, eject_device, NULL);
>> +}
>> +
>> +static ssize_t state_store(struct device *dev, struct
>> device_attribute *attr,
>> + const char *buf, size_t count)
>> +{
>> + struct acpi_device *adev = ACPI_COMPANION(dev);
>> + const int type = online_type_from_str(buf);
>> + int ret = -EINVAL;
>> +
>> + switch (type) {
>> + case STATE_ONLINE:
>> + ret = memdev_power_on(adev);
>> + break;
>> + case STATE_OFFLINE:
>> + ret = memdev_power_off(adev);
>> + break;
>> + default:
>> + break;
>> + }
>> +
>> + if (ret)
>> + return ret;
>> +
>> + return count;
>> +}
>> +static DEVICE_ATTR_WO(state);
>> +
>> +static int container_add(struct device *dev, void *data)
>> +{
>> + if (!has_hbmdev(dev))
>> + return 0;
>> +
>> + device_create_file(dev, &dev_attr_state);
>> + device_create_file(dev, &dev_attr_pxms);
>> +
>> + return 0;
>> +}
>> +
>> +static int container_remove(struct device *dev, void *data)
>> +{
>> + if (!has_hbmdev(dev))
>> + return 0;
>> +
>> + device_remove_file(dev, &dev_attr_state);
>> + device_remove_file(dev, &dev_attr_pxms);
>> +
>> + return 0;
>> +}
>> +
>> +static int __init mdev_init(void)
>> +{
>> + mdev = kzalloc(sizeof(struct memory_dev), GFP_KERNEL);
>> + if (!mdev)
>> + return -ENOMEM;
>> +
>> + mdev->memdev_kobj = kobject_create_and_add("hbm_memory",
>> kernel_kobj);
>> + if (!mdev->memdev_kobj) {
>> + kfree(mdev);
>> + return -ENOMEM;
>> + }
>> +
>> + bus_for_each_dev(&container_subsys, NULL, NULL, container_add);
>> + return 0;
>> +}
>
> 这个还是没有解决是否加载的问题;
> 1) 通过遍历,你已经拿到了所有的container device,
> 后面移除的时候就不需要再次遍历了;这里可以搞个链表;
> 2)另外判断是否有hbm,搞个全局变量,如果有了,才继续执行后面的初始化,否则就直接返回了;
>
按照这个思路这里可以改成这样:
module_init
1. 首先判断所有容器中是否有hbm device, 构建链表
2. 如果链表不为空
那么执行模块的初始化,创建hbm_memory目录
如果链表为空
直接返回,释放链表
module_exit
释放链表中的资源,释放链表
>> +module_init(mdev_init);
>> +
>> +static void __exit mdev_exit(void)
>> +{
>> + bus_for_each_dev(&container_subsys, NULL, NULL, container_remove);
>> + kobject_put(mdev->memdev_kobj);
>> + kfree(mdev);
>> +}
>> +module_exit(mdev_exit);
>> +
>> +MODULE_LICENSE("GPL v2");
>> +MODULE_AUTHOR("Zhang Zekun <zhangzekun11(a)huawei.com>");
>> diff --git a/drivers/soc/hisilicon/hisi_internal.h
>> b/drivers/soc/hisilicon/hisi_internal.h
>> new file mode 100644
>> index 000000000000..5345174f6b84
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/hisi_internal.h
>> @@ -0,0 +1,31 @@
>> +/* SPDX-License-Identifier: GPL-2.0 */
>> +/*
>> + * Copyright (C) Huawei Technologies Co., Ltd. 2023. All rights
>> reserved.
>> + */
>> +
>> +#ifndef _HISI_INTERNAL_H
>> +#define _HISI_INTERNAL_H
>> +
>> +enum {
>> + STATE_ONLINE,
>> + STATE_OFFLINE,
>> +};
>> +
>> +static const char *const online_type_to_str[] = {
>> + [STATE_ONLINE] = "online",
>> + [STATE_OFFLINE] = "offline",
>> +};
>> +
>> +static inline int online_type_from_str(const char *str)
>> +{
>> + int i;
>> +
>> + for (i = 0; i < ARRAY_SIZE(online_type_to_str); i++) {
>> + if (sysfs_streq(str, online_type_to_str[i]))
>> + return i;
>> + }
>> +
>> + return -EINVAL;
>> +}
>> +
>> +#endif
1
0
03 Mar '23
v6:
- get container device form container_subsys
v5:
- check the container have PNP0C80 before create
attribute files
v4:
- prettify the code
v3:
- prettify the code
- add a hisi_internal.h to hold common code
v2:
- remove the !adev judge in patch 9, as it will always be
true.
patch 1-3: Add support for iterate through the
child devices in the acpi device.
patch 4-9: Add support for hbm memory device and
hbm cache support
Rafael J. Wysocki (3):
ACPI: bus: Introduce acpi_dev_for_each_child()
ACPI: bus: Avoid non-ACPI device objects in walks over children
ACPI: bus: Export acpi_dev_for_each_child() to modules
Zhang Zekun (5):
ACPI: OSL: Export the symbol of acpi_hotplug_schedule
soc: hisilicon: hisi_hbmdev: Add power domain control methods
ACPI: memhotplug: export the state of each hotplug device
soc: hisilicon: hisi_hbmdev: Provide extra memory topology information
ACPI: hbmcache: Add support for online and offline the hbm cache
drivers/acpi/acpi_memhotplug.c | 6 +
drivers/acpi/bus.c | 27 +++
drivers/acpi/internal.h | 1 -
drivers/acpi/osl.c | 1 +
drivers/base/container.c | 1 +
drivers/soc/Kconfig | 1 +
drivers/soc/Makefile | 1 +
drivers/soc/hisilicon/Kconfig | 33 ++++
drivers/soc/hisilicon/Makefile | 4 +
drivers/soc/hisilicon/hisi_hbmcache.c | 147 +++++++++++++++
drivers/soc/hisilicon/hisi_hbmdev.c | 257 ++++++++++++++++++++++++++
drivers/soc/hisilicon/hisi_internal.h | 31 ++++
include/acpi/acpi_bus.h | 2 +
include/linux/acpi.h | 1 +
include/linux/memory_hotplug.h | 2 +
15 files changed, 514 insertions(+), 1 deletion(-)
create mode 100644 drivers/soc/hisilicon/Kconfig
create mode 100644 drivers/soc/hisilicon/Makefile
create mode 100644 drivers/soc/hisilicon/hisi_hbmcache.c
create mode 100644 drivers/soc/hisilicon/hisi_hbmdev.c
create mode 100644 drivers/soc/hisilicon/hisi_internal.h
--
2.17.1
1
8
02 Mar '23
v5:
- check the container have PNP0C80 before create
attribute files
v4:
- prettify the code
v3:
- prettify the code
- add a hisi_internal.h to hold common code
v2:
- remove the !adev judge in patch 9, as it will always be
true.
patch 1-3: Add support for iterate through the
child devices in the acpi device.
patch 4-9: Add support for hbm memory device and
hbm cache support
Rafael J. Wysocki (3):
ACPI: bus: Introduce acpi_dev_for_each_child()
ACPI: bus: Avoid non-ACPI device objects in walks over children
ACPI: bus: Export acpi_dev_for_each_child() to modules
Zhang Zekun (6):
ACPI: container: export the container list in the system
ACPI: OSL: Export the symbol of acpi_hotplug_schedule
soc: hisilicon: hisi_hbmdev: Add power domain control methods
ACPI: memhotplug: export the state of each hotplug device
soc: hisilicon: hisi_hbmdev: Provide extra memory topology information
ACPI: hbmcache: Add support for online and offline the hbm cache
drivers/acpi/acpi_memhotplug.c | 6 +
drivers/acpi/bus.c | 27 +++
drivers/acpi/container.c | 51 ++++++
drivers/acpi/internal.h | 1 -
drivers/acpi/osl.c | 1 +
drivers/soc/Kconfig | 1 +
drivers/soc/Makefile | 1 +
drivers/soc/hisilicon/Kconfig | 33 ++++
drivers/soc/hisilicon/Makefile | 4 +
drivers/soc/hisilicon/hisi_hbmcache.c | 147 ++++++++++++++++
drivers/soc/hisilicon/hisi_hbmdev.c | 245 ++++++++++++++++++++++++++
drivers/soc/hisilicon/hisi_internal.h | 33 ++++
include/acpi/acpi_bus.h | 2 +
include/linux/acpi.h | 1 +
include/linux/container.h | 8 +
include/linux/memory_hotplug.h | 2 +
16 files changed, 562 insertions(+), 1 deletion(-)
create mode 100644 drivers/soc/hisilicon/Kconfig
create mode 100644 drivers/soc/hisilicon/Makefile
create mode 100644 drivers/soc/hisilicon/hisi_hbmcache.c
create mode 100644 drivers/soc/hisilicon/hisi_hbmdev.c
create mode 100644 drivers/soc/hisilicon/hisi_internal.h
--
2.17.1
1
9
v4:
- prettify the code
v3:
- prettify the code
- add a hisi_internal.h to hold common code
v2:
- remove the !adev judge in patch 9, as it will always be
true.
patch 1-3: Add support for iterate through the
child devices in the acpi device.
patch 4-9: Add support for hbm memory device and
hbm cache support
Rafael J. Wysocki (3):
ACPI: bus: Introduce acpi_dev_for_each_child()
ACPI: bus: Avoid non-ACPI device objects in walks over children
ACPI: bus: Export acpi_dev_for_each_child() to modules
Zhang Zekun (6):
ACPI: container: export the container list in the system
ACPI: OSL: Export the symbol of acpi_hotplug_schedule
soc: hisilicon: hisi_hbmdev: Add power domain control methods
ACPI: memhotplug: export the state of each hotplug device
soc: hisilicon: hisi_hbmdev: Provide extra memory topology information
ACPI: hbmcache: Add support for online and offline the hbm cache
drivers/acpi/acpi_memhotplug.c | 6 +
drivers/acpi/bus.c | 27 ++++
drivers/acpi/container.c | 51 ++++++
drivers/acpi/internal.h | 1 -
drivers/acpi/osl.c | 1 +
drivers/soc/Kconfig | 1 +
drivers/soc/Makefile | 1 +
drivers/soc/hisilicon/Kconfig | 33 ++++
drivers/soc/hisilicon/Makefile | 4 +
drivers/soc/hisilicon/hisi_hbmcache.c | 147 +++++++++++++++++
drivers/soc/hisilicon/hisi_hbmdev.c | 218 ++++++++++++++++++++++++++
drivers/soc/hisilicon/hisi_internal.h | 31 ++++
include/acpi/acpi_bus.h | 2 +
include/linux/acpi.h | 1 +
include/linux/container.h | 8 +
include/linux/memory_hotplug.h | 2 +
16 files changed, 533 insertions(+), 1 deletion(-)
create mode 100644 drivers/soc/hisilicon/Kconfig
create mode 100644 drivers/soc/hisilicon/Makefile
create mode 100644 drivers/soc/hisilicon/hisi_hbmcache.c
create mode 100644 drivers/soc/hisilicon/hisi_hbmdev.c
create mode 100644 drivers/soc/hisilicon/hisi_internal.h
--
2.17.1
1
9
Re: [PATCH v3 OLK-5.10 6/9] soc: hisilicon: hisi_hbmdev: Add power domain control methods
by zhangzekun (A) 02 Mar '23
by zhangzekun (A) 02 Mar '23
02 Mar '23
在 2023/3/2 15:12, Kefeng Wang 写道:
>
>
> On 2023/3/2 14:51, Zhang Zekun wrote:
>> Offering: HULK
>> hulk inclusion
>> category: feature
>> bugzilla: https://gitee.com/openeuler/kernel/issues/I67QNJ
>> CVE: NA
>>
>> ------------------------------------------------------------------
>>
>> Platform devices which supports power control are often required to be
>> power off/on together with the devices in the same power domain.
>> However,
>> there isn't a generic driver that support the power control logic of
>> these devices.
>>
>> ACPI container seems to be a good place to hold these control logic. Add
>> platform devices in the same power domain in a ACPI container, we can
>> easily get the locality information about these devices and can moniter
>> the power of these devices in the same power domain together.
>>
>> This patch provide three userspace control interface to control the
>> power
>> of devices together in the container:
>> - state: Echo online to state to power up the devices in the
>> container and
>> then online these devices which will be triggered by BIOS. Echo
>> offline
>> to the state to offline and eject the child devices in the container
>> which are ejectable.
>> - pxms: show the pxms of devices which are present in the container.
>>
>> In our scenario, we need to control the power of HBM memory devices
>> which
>> can be power consuming and will only be used in some specialized
>> scenarios,
>> such as HPC. HBM memory devices in a socket are in the same power
>> domain,
>> and should be power off/on together. We have come up with an idea
>> that put
>> these power control logic in a specialized driver, but ACPI container
>> seems
>> to be a more generic place to hold these control logic.
>>
>> Signed-off-by: Zhang Zekun <zhangzekun11(a)huawei.com>
>> ---
>> v3:
>> - move the common code to hisi_internal.h
>>
>> drivers/soc/Kconfig | 1 +
>> drivers/soc/Makefile | 1 +
>> drivers/soc/hisilicon/Kconfig | 19 +++
>> drivers/soc/hisilicon/Makefile | 3 +
>> drivers/soc/hisilicon/hisi_hbmdev.c | 166 ++++++++++++++++++++++++++
>> drivers/soc/hisilicon/hisi_internal.h | 31 +++++
>> 6 files changed, 221 insertions(+)
>> create mode 100644 drivers/soc/hisilicon/Kconfig
>> create mode 100644 drivers/soc/hisilicon/Makefile
>> create mode 100644 drivers/soc/hisilicon/hisi_hbmdev.c
>> create mode 100644 drivers/soc/hisilicon/hisi_internal.h
>>
>> diff --git a/drivers/soc/Kconfig b/drivers/soc/Kconfig
>> index 425ab6f7e375..f7c59b063321 100644
>> --- a/drivers/soc/Kconfig
>> +++ b/drivers/soc/Kconfig
>> @@ -23,5 +23,6 @@ source "drivers/soc/versatile/Kconfig"
>> source "drivers/soc/xilinx/Kconfig"
>> source "drivers/soc/zte/Kconfig"
>> source "drivers/soc/kendryte/Kconfig"
>> +source "drivers/soc/hisilicon/Kconfig"
>> endmenu
>> diff --git a/drivers/soc/Makefile b/drivers/soc/Makefile
>> index 36452bed86ef..68f186e00e44 100644
>> --- a/drivers/soc/Makefile
>> +++ b/drivers/soc/Makefile
>> @@ -29,3 +29,4 @@ obj-$(CONFIG_PLAT_VERSATILE) += versatile/
>> obj-y += xilinx/
>> obj-$(CONFIG_ARCH_ZX) += zte/
>> obj-$(CONFIG_SOC_KENDRYTE) += kendryte/
>> +obj-y += hisilicon/
>> diff --git a/drivers/soc/hisilicon/Kconfig
>> b/drivers/soc/hisilicon/Kconfig
>> new file mode 100644
>> index 000000000000..497787af004e
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/Kconfig
>> @@ -0,0 +1,19 @@
>> +# SPDX-License-Identifier: GPL-2.0
>> +#
>> +# Hisilicon SoC drivers
>> +#
>> +menu "Hisilicon SoC driver support"
>> +
>> +config HISI_HBMDEV
>> + tristate "add extra support for hbm memory device"
>> + depends on ACPI_HOTPLUG_MEMORY
>> + select ACPI_CONTAINER
>> + help
>> + This driver add extra supports for memory devices. The driver
>> + provides methods for userpace to control the power of memory
>> + devices in a container.
>> +
>> + To compile this driver as a module, choose M here:
>> + the module will be called hisi_hbmdev.
>> +
>> +endmenu
>> diff --git a/drivers/soc/hisilicon/Makefile
>> b/drivers/soc/hisilicon/Makefile
>> new file mode 100644
>> index 000000000000..22e87acb1ab3
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/Makefile
>> @@ -0,0 +1,3 @@
>> +# SPDX-License-Identifier: GPL-2.0
>> +
>> +obj-$(CONFIG_HISI_HBMDEV) += hisi_hbmdev.o
>> diff --git a/drivers/soc/hisilicon/hisi_hbmdev.c
>> b/drivers/soc/hisilicon/hisi_hbmdev.c
>> new file mode 100644
>> index 000000000000..82943cd35fa2
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/hisi_hbmdev.c
>> @@ -0,0 +1,166 @@
>> +// SPDX-License-Identifier: GPL-2.0
>> +/*
>> + * Copyright (C) Huawei Technologies Co., Ltd. 2023. All rights
>> reserved.
>> + */
>> +
>> +#include <linux/kobject.h>
>> +#include <linux/module.h>
>> +#include <linux/nodemask.h>
>> +#include <linux/acpi.h>
>> +#include <linux/container.h>
>> +
>> +#include "hisi_internal.h"
>> +
>> +struct memory_dev {
>> + struct kobject *memdev_kobj;
>> +};
>> +
>> +static struct memory_dev *mdev;
>> +
>> +static int get_pxm(struct acpi_device *acpi_device, void *arg)
>> +{
>> + int nid;
>> + unsigned long long sta;
>> + acpi_handle handle;
>> + nodemask_t *mask;
>> + acpi_status status;
>> +
>> + mask = arg;
>> + handle = acpi_device->handle;
>
> 按照倒金字塔,
> acpi_handle handle = acpi_device->handle;
> nodemask_t *mask = arg;
> unsigned long long sta;
> acpi_status status;
> int nid;
>> +
>> + status = acpi_evaluate_integer(handle, "_STA", NULL, &sta);
>> + if (ACPI_SUCCESS(status) && (sta & ACPI_STA_DEVICE_ENABLED)) {
>> + nid = acpi_get_node(handle);
>> + if (nid >= 0)
>> + node_set(nid, *mask);
>> + }
>> +
>> + return 0;
>> +}
>> +
>> +static ssize_t pxms_show(struct device *dev,
>> + struct device_attribute *attr,
>> + char *buf)
>> +{
>> + nodemask_t mask;
>> + struct acpi_device *adev;
>> +
>> + adev = to_acpi_device(dev);
> 同上
>
>> + nodes_clear(mask);
>> + acpi_dev_for_each_child(adev, get_pxm, &mask);
>> +
>> + return sysfs_emit(buf, "%*pbl\n",
>> + nodemask_pr_args(&mask));
>> +}
>> +static DEVICE_ATTR_RO(pxms);
>> +
>> +static int memdev_power_on(struct acpi_device *adev)
>> +{
>> + acpi_status status;
>> + acpi_handle handle;
>> +
>> + handle = adev->handle;
> ...
>> + status = acpi_evaluate_object(handle, "_ON", NULL, NULL);
>> + if (ACPI_FAILURE(status)) {
>> + acpi_handle_warn(handle, "Power on failed (0x%x)\n", status);
>> + return -ENODEV;
>> + }
>> +
>> + return 0;
>> +}
>> +
>> +static int eject_device(struct acpi_device *acpi_device, void
>> *not_used)
>> +{
>> + acpi_object_type unused;
>> + acpi_status status;
>> +
>> + status = acpi_get_type(acpi_device->handle, &unused);
>> + if (ACPI_FAILURE(status) || !acpi_device->flags.ejectable)
>> + return -ENODEV;
>> +
>> + get_device(&acpi_device->dev);
>> + status = acpi_hotplug_schedule(acpi_device,
>> ACPI_OST_EC_OSPM_EJECT);
>> + if (ACPI_SUCCESS(status))
>> + return 0;
>> +
>> + put_device(&acpi_device->dev);
>> + acpi_evaluate_ost(acpi_device->handle, ACPI_OST_EC_OSPM_EJECT,
>> + ACPI_OST_SC_NON_SPECIFIC_FAILURE, NULL);
>> +
>> + return status == AE_NO_MEMORY ? -ENOMEM : -EAGAIN;
>> +}
>> +
>> +static int memdev_power_off(struct acpi_device *adev)
>> +{
>> + return acpi_dev_for_each_child(adev, eject_device, NULL);
>> +}
>> +
>> +static ssize_t state_store(struct device *d, struct device_attribute
>> *attr,
>> + const char *buf, size_t count)
>> +{
>> + int ret;
>> + struct acpi_device *adev;
>> + const int online_type = online_type_from_str(buf);
>> +
>> + if (online_type < 0)
>> + return -EINVAL;
>> +
>> + adev = to_acpi_device(d);
>
>
> const int online_type = online_type_from_str(buf);
> struct acpi_device *adev = to_acpi_device(d);
> int ret;
> ...
>
>
>> + switch (online_type) {
>> + case STATE_ONLINE:
>> + ret = memdev_power_on(adev);
>> + if (!ret)
>> + return count;
>> + break;
>> + case STATE_OFFLINE:
>> + ret = memdev_power_off(adev);
>> + if (!ret)
>> + return count;
>> + break;
>> + default:
>> + return -EINVAL;
>> + }
> 这个有点奇怪,hbm cache和mem的热插拔的函数不能搞成类似的逻辑吗
这里改成这样吧
{
struct acpi_device *adev = to_acpi_device(d);
const int type = online_type_from_str(buf);
int ret = -EINVAL;
switch (type) {
case STATE_ONLINE:
ret = memdev_power_on(adev);
break;
case STATE_OFFLINE:
ret = memdev_power_off(adev);
break;
default:
break;
}
if (ret)
return ret;
return count;
}
>> +
>> + return ret;
>> +}
>> +static DEVICE_ATTR_WO(state);
>> +
>> +static int __init mdev_init(void)
>> +{
>> + struct cdev_node *cnode;
>> +
>> + mdev = kzalloc(sizeof(struct memory_dev), GFP_KERNEL);
>> + if (!mdev)
>> + return -ENOMEM;
>> +
>> + mdev->memdev_kobj = kobject_create_and_add("hbm_memory",
>> kernel_kobj);
>> + if (!mdev->memdev_kobj) {
>> + kfree(mdev);
>> + return -ENOMEM;
>> + }
>> +
>> + list_for_each_entry(cnode, &cdev_list->clist, clist) {
>> + device_create_file(cnode->dev, &dev_attr_state);
>> + device_create_file(cnode->dev, &dev_attr_pxms);
>> + }
>> +
>> + return 0;
>> +}
>> +module_init(mdev_init);
>> +
>> +static void __exit mdev_exit(void)
>> +{
>> + struct cdev_node *cnode;
>> +
>> + list_for_each_entry(cnode, &cdev_list->clist, clist) {
>> + device_remove_file(cnode->dev, &dev_attr_state);
>> + device_remove_file(cnode->dev, &dev_attr_pxms);
>> + }
>> +
>> + kobject_put(mdev->memdev_kobj);
>> + kfree(mdev);
>> +}
>> +module_exit(mdev_exit);
>> +
>> +MODULE_LICENSE("GPL v2");
>> +MODULE_AUTHOR("Zhang Zekun <zhangzekun11(a)huawei.com>");
>> diff --git a/drivers/soc/hisilicon/hisi_internal.h
>> b/drivers/soc/hisilicon/hisi_internal.h
>> new file mode 100644
>> index 000000000000..f14596f58a05
>> --- /dev/null
>> +++ b/drivers/soc/hisilicon/hisi_internal.h
>> @@ -0,0 +1,31 @@
>> +/* SPDX-License-Identifier: GPL-2.0 */
>> +/*
>> + * Copyright (C) Huawei Technologies Co., Ltd. 2023. All rights
>> reserved.
>> + */
>> +
>> +#ifndef _HISI_INTERNAL_H
>> +#define _HISI_INTERNAL_H
>> +
>> +enum {
>> + STATE_ONLINE,
>> + STATE_OFFLINE,
>> +};
>> +
>> +static const char *const online_type_to_str[] = {
>> + [STATE_ONLINE] = "online",
>> + [STATE_OFFLINE] = "offline",
>> +};
>> +
>> +static int online_type_from_str(const char *str)
> 不需要inline吗
>> +{
>> + int i;
>> +
>> + for (i = 0; i < ARRAY_SIZE(online_type_to_str); i++) {
>> + if (sysfs_streq(str, online_type_to_str[i]))
>> + return i;
>> + }
>> +
>> + return -EINVAL;
>> +}
>> +
>> +#endif
1
0
v3:
- prettify the code
- add a hisi_internal.h to hold common code
v2:
- remove the !adev judge in patch 9, as it will always be
true.
patch 1-3: Add support for iterate through the
child devices in the acpi device.
patch 4-9: Add support for hbm memory device and
hbm cache support
Rafael J. Wysocki (3):
ACPI: bus: Introduce acpi_dev_for_each_child()
ACPI: bus: Avoid non-ACPI device objects in walks over children
ACPI: bus: Export acpi_dev_for_each_child() to modules
Zhang Zekun (6):
ACPI: container: export the container list in the system
ACPI: OSL: Export the symbol of acpi_hotplug_schedule
soc: hisilicon: hisi_hbmdev: Add power domain control methods
ACPI: memhotplug: export the state of each hotplug device
soc: hisilicon: hisi_hbmdev: Provide extra memory topology information
ACPI: hbmcache: Add support for online and offline the hbm cache
drivers/acpi/acpi_memhotplug.c | 6 +
drivers/acpi/bus.c | 27 +++
drivers/acpi/container.c | 51 ++++++
drivers/acpi/internal.h | 1 -
drivers/acpi/osl.c | 1 +
drivers/soc/Kconfig | 1 +
drivers/soc/Makefile | 1 +
drivers/soc/hisilicon/Kconfig | 33 ++++
drivers/soc/hisilicon/Makefile | 4 +
drivers/soc/hisilicon/hisi_hbmcache.c | 147 +++++++++++++++++
drivers/soc/hisilicon/hisi_hbmdev.c | 229 ++++++++++++++++++++++++++
drivers/soc/hisilicon/hisi_internal.h | 31 ++++
include/acpi/acpi_bus.h | 2 +
include/linux/acpi.h | 1 +
include/linux/container.h | 8 +
include/linux/memory_hotplug.h | 2 +
16 files changed, 544 insertions(+), 1 deletion(-)
create mode 100644 drivers/soc/hisilicon/Kconfig
create mode 100644 drivers/soc/hisilicon/Makefile
create mode 100644 drivers/soc/hisilicon/hisi_hbmcache.c
create mode 100644 drivers/soc/hisilicon/hisi_hbmdev.c
create mode 100644 drivers/soc/hisilicon/hisi_internal.h
--
2.17.1
1
9
02 Mar '23
hulk inclusion
category: bugfix
bugzilla: 188150, https://gitee.com/openeuler/kernel/issues/I643OL
----------------------------------------
This reverts commit 7f10ea522db56188ae46c5bbee7052a2b2797515.
This commit has a soft lock problem:
watchdog: BUG: soft lockup - CPU#22 stuck for 67s! [iscsid:16369]
Call Trace:
scsi_remove_target+0x548/0x7b0
? sdev_store_delete+0x90/0x90
? __mutex_lock_slowpath+0x10/0x10
? device_remove_class_symlinks+0x1b0/0x1b0
__iscsi_unbind_session+0x16b/0x250 [scsi_transport_iscsi]
iscsi_remove_session+0x1d3/0x2f0 [scsi_transport_iscsi]
iscsi_session_remove+0x5c/0x80 [libiscsi]
iscsi_sw_tcp_session_destroy+0xd3/0x160 [iscsi_tcp]
iscsi_if_rx+0x2369/0x5060 [scsi_transport_iscsi]
The reason is that if other threads hold the reference count of the
kobject while waiting for the device to be released, it will keep
waiting in a loop.
Fixes: 7f10ea522db5 ("scsi: fix iscsi rescan fails to create block")
Signed-off-by: Zhong Jinghua <zhongjinghua(a)huawei.com>
---
drivers/scsi/scsi_sysfs.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c
index 4468b92bf83b..6433476d3e67 100644
--- a/drivers/scsi/scsi_sysfs.c
+++ b/drivers/scsi/scsi_sysfs.c
@@ -1507,13 +1507,6 @@ void scsi_remove_device(struct scsi_device *sdev)
}
EXPORT_SYMBOL(scsi_remove_device);
-static int scsi_device_try_get(struct scsi_device *sdev)
-{
- if (!kobject_get_unless_zero(&sdev->sdev_gendev.kobj))
- return -ENXIO;
- return 0;
-}
-
static void __scsi_remove_target(struct scsi_target *starget)
{
struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
@@ -1532,7 +1525,9 @@ static void __scsi_remove_target(struct scsi_target *starget)
if (sdev->channel != starget->channel ||
sdev->id != starget->id)
continue;
- if (scsi_device_try_get(sdev))
+ if (sdev->sdev_state == SDEV_DEL ||
+ sdev->sdev_state == SDEV_CANCEL ||
+ !get_device(&sdev->sdev_gendev))
continue;
spin_unlock_irqrestore(shost->host_lock, flags);
scsi_remove_device(sdev);
--
2.31.1
1
0
From: Juan Zhou <zhoujuan51(a)h-partners.com>
1.Support hns HW stats
2.Add dfx cnt stats
Chengchang Tang (2):
RDMA/hns: Support hns HW stats
RDMA/hns: Add dfx cnt stats
drivers/infiniband/hw/hns/hns_roce_ah.c | 8 +-
drivers/infiniband/hw/hns/hns_roce_cmd.c | 17 ++-
drivers/infiniband/hw/hns/hns_roce_cq.c | 17 ++-
drivers/infiniband/hw/hns/hns_roce_device.h | 50 +++++++
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 59 ++++++++
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 1 +
drivers/infiniband/hw/hns/hns_roce_main.c | 146 +++++++++++++++++++-
drivers/infiniband/hw/hns/hns_roce_mr.c | 22 ++-
drivers/infiniband/hw/hns/hns_roce_pd.c | 10 +-
drivers/infiniband/hw/hns/hns_roce_qp.c | 16 ++-
drivers/infiniband/hw/hns/hns_roce_srq.c | 7 +-
11 files changed, 320 insertions(+), 33 deletions(-)
--
2.30.0
1
2
[PATCH openEuler-1.0-LTS 1/2] scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
by Yongqiang Liu 28 Feb '23
by Yongqiang Liu 28 Feb '23
28 Feb '23
From: Mike Christie <michael.christie(a)oracle.com>
mainline inclusion
from mainline-v6.2-rc6~31
commit 6f1d64b13097e85abda0f91b5638000afc5f9a06
category: bugfix
bugzilla: 188443, https://gitee.com/openeuler/kernel/issues/I6I8YD
CVE: NA
----------------------------------------
Bug report and analysis from Ding Hui.
During iSCSI session logout, if another task accesses the shost ipaddress
attr, we can get a KASAN UAF report like this:
[ 276.942144] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x78/0xe0
[ 276.942535] Write of size 4 at addr ffff8881053b45b8 by task cat/4088
[ 276.943511] CPU: 2 PID: 4088 Comm: cat Tainted: G E 6.1.0-rc8+ #3
[ 276.943997] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020
[ 276.944470] Call Trace:
[ 276.944943] <TASK>
[ 276.945397] dump_stack_lvl+0x34/0x48
[ 276.945887] print_address_description.constprop.0+0x86/0x1e7
[ 276.946421] print_report+0x36/0x4f
[ 276.947358] kasan_report+0xad/0x130
[ 276.948234] kasan_check_range+0x35/0x1c0
[ 276.948674] _raw_spin_lock_bh+0x78/0xe0
[ 276.949989] iscsi_sw_tcp_host_get_param+0xad/0x2e0 [iscsi_tcp]
[ 276.951765] show_host_param_ISCSI_HOST_PARAM_IPADDRESS+0xe9/0x130 [scsi_transport_iscsi]
[ 276.952185] dev_attr_show+0x3f/0x80
[ 276.953005] sysfs_kf_seq_show+0x1fb/0x3e0
[ 276.953401] seq_read_iter+0x402/0x1020
[ 276.954260] vfs_read+0x532/0x7b0
[ 276.955113] ksys_read+0xed/0x1c0
[ 276.955952] do_syscall_64+0x38/0x90
[ 276.956347] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 276.956769] RIP: 0033:0x7f5d3a679222
[ 276.957161] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 32 c0 0b 00 e8 a5 fe 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24
[ 276.958009] RSP: 002b:00007ffc864d16a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 276.958431] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5d3a679222
[ 276.958857] RDX: 0000000000020000 RSI: 00007f5d3a4fe000 RDI: 0000000000000003
[ 276.959281] RBP: 00007f5d3a4fe000 R08: 00000000ffffffff R09: 0000000000000000
[ 276.959682] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000020000
[ 276.960126] R13: 0000000000000003 R14: 0000000000000000 R15: 0000557a26dada58
[ 276.960536] </TASK>
[ 276.961357] Allocated by task 2209:
[ 276.961756] kasan_save_stack+0x1e/0x40
[ 276.962170] kasan_set_track+0x21/0x30
[ 276.962557] __kasan_kmalloc+0x7e/0x90
[ 276.962923] __kmalloc+0x5b/0x140
[ 276.963308] iscsi_alloc_session+0x28/0x840 [scsi_transport_iscsi]
[ 276.963712] iscsi_session_setup+0xda/0xba0 [libiscsi]
[ 276.964078] iscsi_sw_tcp_session_create+0x1fd/0x330 [iscsi_tcp]
[ 276.964431] iscsi_if_create_session.isra.0+0x50/0x260 [scsi_transport_iscsi]
[ 276.964793] iscsi_if_recv_msg+0xc5a/0x2660 [scsi_transport_iscsi]
[ 276.965153] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]
[ 276.965546] netlink_unicast+0x4d5/0x7b0
[ 276.965905] netlink_sendmsg+0x78d/0xc30
[ 276.966236] sock_sendmsg+0xe5/0x120
[ 276.966576] ____sys_sendmsg+0x5fe/0x860
[ 276.966923] ___sys_sendmsg+0xe0/0x170
[ 276.967300] __sys_sendmsg+0xc8/0x170
[ 276.967666] do_syscall_64+0x38/0x90
[ 276.968028] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 276.968773] Freed by task 2209:
[ 276.969111] kasan_save_stack+0x1e/0x40
[ 276.969449] kasan_set_track+0x21/0x30
[ 276.969789] kasan_save_free_info+0x2a/0x50
[ 276.970146] __kasan_slab_free+0x106/0x190
[ 276.970470] __kmem_cache_free+0x133/0x270
[ 276.970816] device_release+0x98/0x210
[ 276.971145] kobject_cleanup+0x101/0x360
[ 276.971462] iscsi_session_teardown+0x3fb/0x530 [libiscsi]
[ 276.971775] iscsi_sw_tcp_session_destroy+0xd8/0x130 [iscsi_tcp]
[ 276.972143] iscsi_if_recv_msg+0x1bf1/0x2660 [scsi_transport_iscsi]
[ 276.972485] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]
[ 276.972808] netlink_unicast+0x4d5/0x7b0
[ 276.973201] netlink_sendmsg+0x78d/0xc30
[ 276.973544] sock_sendmsg+0xe5/0x120
[ 276.973864] ____sys_sendmsg+0x5fe/0x860
[ 276.974248] ___sys_sendmsg+0xe0/0x170
[ 276.974583] __sys_sendmsg+0xc8/0x170
[ 276.974891] do_syscall_64+0x38/0x90
[ 276.975216] entry_SYSCALL_64_after_hwframe+0x63/0xcd
We can easily reproduce by two tasks:
1. while :; do iscsiadm -m node --login; iscsiadm -m node --logout; done
2. while :; do cat \
/sys/devices/platform/host*/iscsi_host/host*/ipaddress; done
iscsid | cat
--------------------------------+---------------------------------------
|- iscsi_sw_tcp_session_destroy |
|- iscsi_session_teardown |
|- device_release |
|- iscsi_session_release ||- dev_attr_show
|- kfree | |- show_host_param_
| ISCSI_HOST_PARAM_IPADDRESS
| |- iscsi_sw_tcp_host_get_param
| |- r/w tcp_sw_host->session (UAF)
|- iscsi_host_remove |
|- iscsi_host_free |
Fix the above bug by splitting the session removal into 2 parts:
1. removal from iSCSI class which includes sysfs and removal from host
tracking.
2. freeing of session.
During iscsi_tcp host and session removal we can remove the session from
sysfs then remove the host from sysfs. At this point we know userspace is
not accessing the kernel via sysfs so we can free the session and host.
Link: https://lore.kernel.org/r/20230117193937.21244-2-michael.christie@oracle.com
Signed-off-by: Mike Christie <michael.christie(a)oracle.com>
Reviewed-by: Lee Duncan <lduncan(a)suse.com>
Acked-by: Ding Hui <dinghui(a)sangfor.com.cn>
Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com>
Signed-off-by: Wenchao Hao <haowenchao2(a)huawei.com>
Signed-off-by: Zhong Jinghua <zhongjinghua(a)huawei.com>
Reviewed-by: Hou Tao <houtao1(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/scsi/iscsi_tcp.c | 11 +++++++++--
drivers/scsi/libiscsi.c | 39 +++++++++++++++++++++++++++++++--------
include/scsi/libiscsi.h | 2 ++
3 files changed, 42 insertions(+), 10 deletions(-)
diff --git a/drivers/scsi/iscsi_tcp.c b/drivers/scsi/iscsi_tcp.c
index 241b1a310519..a5259fd39d6d 100644
--- a/drivers/scsi/iscsi_tcp.c
+++ b/drivers/scsi/iscsi_tcp.c
@@ -910,10 +910,17 @@ static void iscsi_sw_tcp_session_destroy(struct iscsi_cls_session *cls_session)
if (WARN_ON_ONCE(session->leadconn))
return;
+ iscsi_session_remove(cls_session);
+ /*
+ * Our get_host_param needs to access the session, so remove the
+ * host from sysfs before freeing the session to make sure userspace
+ * is no longer accessing the callout.
+ */
+ iscsi_host_remove(shost);
+
iscsi_tcp_r2tpool_free(cls_session->dd_data);
- iscsi_session_teardown(cls_session);
- iscsi_host_remove(shost);
+ iscsi_session_free(cls_session);
iscsi_host_free(shost);
}
diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c
index 9f625a4d53c0..72463874d7b4 100644
--- a/drivers/scsi/libiscsi.c
+++ b/drivers/scsi/libiscsi.c
@@ -3018,20 +3018,34 @@ iscsi_session_setup(struct iscsi_transport *iscsit, struct Scsi_Host *shost,
}
EXPORT_SYMBOL_GPL(iscsi_session_setup);
+/*
+ * issi_session_remove - Remove session from iSCSI class.
+ */
+void iscsi_session_remove(struct iscsi_cls_session *cls_session)
+{
+ struct iscsi_session *session = cls_session->dd_data;
+ struct Scsi_Host *shost = session->host;
+
+ iscsi_remove_session(cls_session);
+ /*
+ * host removal only has to wait for its children to be removed from
+ * sysfs, and iscsi_tcp needs to do iscsi_host_remove before freeing
+ * the session, so drop the session count here.
+ */
+ iscsi_host_dec_session_cnt(shost);
+}
+EXPORT_SYMBOL_GPL(iscsi_session_remove);
+
/**
- * iscsi_session_teardown - destroy session, host, and cls_session
+ * iscsi_session_free - Free iscsi session and it's resources
* @cls_session: iscsi session
*/
-void iscsi_session_teardown(struct iscsi_cls_session *cls_session)
+void iscsi_session_free(struct iscsi_cls_session *cls_session)
{
struct iscsi_session *session = cls_session->dd_data;
struct module *owner = cls_session->transport->owner;
- struct Scsi_Host *shost = session->host;
iscsi_pool_free(&session->cmdpool);
-
- iscsi_remove_session(cls_session);
-
kfree(session->password);
kfree(session->password_in);
kfree(session->username);
@@ -3047,10 +3061,19 @@ void iscsi_session_teardown(struct iscsi_cls_session *cls_session)
kfree(session->discovery_parent_type);
iscsi_free_session(cls_session);
-
- iscsi_host_dec_session_cnt(shost);
module_put(owner);
}
+EXPORT_SYMBOL_GPL(iscsi_session_free);
+
+/**
+ * iscsi_session_teardown - destroy session and cls_session
+ * @cls_session: iscsi session
+ */
+void iscsi_session_teardown(struct iscsi_cls_session *cls_session)
+{
+ iscsi_session_remove(cls_session);
+ iscsi_session_free(cls_session);
+}
EXPORT_SYMBOL_GPL(iscsi_session_teardown);
/**
diff --git a/include/scsi/libiscsi.h b/include/scsi/libiscsi.h
index 254e72b46d10..2a8d1de70290 100644
--- a/include/scsi/libiscsi.h
+++ b/include/scsi/libiscsi.h
@@ -425,6 +425,8 @@ extern int iscsi_host_get_max_scsi_cmds(struct Scsi_Host *shost,
extern struct iscsi_cls_session *
iscsi_session_setup(struct iscsi_transport *, struct Scsi_Host *shost,
uint16_t, int, int, uint32_t, unsigned int);
+void iscsi_session_remove(struct iscsi_cls_session *cls_session);
+void iscsi_session_free(struct iscsi_cls_session *cls_session);
extern void iscsi_session_teardown(struct iscsi_cls_session *);
extern void iscsi_session_recovery_timedout(struct iscsi_cls_session *);
extern int iscsi_set_param(struct iscsi_cls_conn *cls_conn,
--
2.25.1
1
1
[PATCH openEuler-1.0-LTS] pciehp: fix the problem that the slot is powered on again after being powered off
by jiazhenyuan@uniontech.com 28 Feb '23
by jiazhenyuan@uniontech.com 28 Feb '23
28 Feb '23
From: jiazhenyuan <jiazhenyuan(a)uniontech.com>
mainline inclusion
from mainline-4.19-lts
commit 32a8cef274feacd00b748a4f13b84d60aa6d82ff
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6ICDL
CVE: NA
----------------------------------------
The DISABLE_SLOT event is lost when the slot is powered off.
Signed-off-by: jiazhenyuan <jiazhenyuan(a)uniontech.com>
---
drivers/pci/hotplug/pciehp_ctrl.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/pci/hotplug/pciehp_ctrl.c b/drivers/pci/hotplug/pciehp_ctrl.c
index 2d549c97ac42..dd67dc540279 100644
--- a/drivers/pci/hotplug/pciehp_ctrl.c
+++ b/drivers/pci/hotplug/pciehp_ctrl.c
@@ -463,6 +463,7 @@ int pciehp_sysfs_disable_slot(struct slot *p_slot)
mutex_unlock(&p_slot->lock);
pci_config_pm_runtime_get(pdev);
down_read(&ctrl->reset_lock);
+ atomic_or(DISABLE_SLOT, &ctrl->pending_events);
pciehp_handle_disable_request(p_slot);
up_read(&ctrl->reset_lock);
pci_config_pm_runtime_put(pdev);
--
2.27.0
1
0
[PATCH openEuler-1.0-LTS] net: mpls: fix stale pointer if allocation fails during device rename
by Yongqiang Liu 28 Feb '23
by Yongqiang Liu 28 Feb '23
28 Feb '23
From: Jakub Kicinski <kuba(a)kernel.org>
stable inclusion
from stable-v4.19.273
commit aa07c86e43ed8780d610ecfb2ce13da326729201
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6HZHU
CVE: CVE-2023-26545
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit fda6c89fe3d9aca073495a664e1d5aea28cd4377 upstream.
lianhui reports that when MPLS fails to register the sysctl table
under new location (during device rename) the old pointers won't
get overwritten and may be freed again (double free).
Handle this gracefully. The best option would be unregistering
the MPLS from the device completely on failure, but unfortunately
mpls_ifdown() can fail. So failing fully is also unreliable.
Another option is to register the new table first then only
remove old one if the new one succeeds. That requires more
code, changes order of notifications and two tables may be
visible at the same time.
sysctl point is not used in the rest of the code - set to NULL
on failures and skip unregister if already NULL.
Reported-by: lianhui tang <bluetlh(a)gmail.com>
Fixes: 0fae3bf018d9 ("mpls: handle device renames for per-device sysctls")
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/mpls/af_mpls.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c
index 7623d9aec636..c7fd387baa61 100644
--- a/net/mpls/af_mpls.c
+++ b/net/mpls/af_mpls.c
@@ -1375,6 +1375,7 @@ static int mpls_dev_sysctl_register(struct net_device *dev,
free:
kfree(table);
out:
+ mdev->sysctl = NULL;
return -ENOBUFS;
}
@@ -1384,6 +1385,9 @@ static void mpls_dev_sysctl_unregister(struct net_device *dev,
struct net *net = dev_net(dev);
struct ctl_table *table;
+ if (!mdev->sysctl)
+ return;
+
table = mdev->sysctl->ctl_table_arg;
unregister_net_sysctl_table(mdev->sysctl);
kfree(table);
--
2.25.1
1
0
[PATCH openEuler-5.10-LTS-SP1] net: mpls: fix stale pointer if allocation fails during device rename
by Jialin Zhang 28 Feb '23
by Jialin Zhang 28 Feb '23
28 Feb '23
From: Jakub Kicinski <kuba(a)kernel.org>
stable inclusion
from stable-v5.10.169
commit 7ff0fdba82298d1f456c685e24930da89703c0fb
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6HZHU
CVE: CVE-2023-26545
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit fda6c89fe3d9aca073495a664e1d5aea28cd4377 upstream.
lianhui reports that when MPLS fails to register the sysctl table
under new location (during device rename) the old pointers won't
get overwritten and may be freed again (double free).
Handle this gracefully. The best option would be unregistering
the MPLS from the device completely on failure, but unfortunately
mpls_ifdown() can fail. So failing fully is also unreliable.
Another option is to register the new table first then only
remove old one if the new one succeeds. That requires more
code, changes order of notifications and two tables may be
visible at the same time.
sysctl point is not used in the rest of the code - set to NULL
on failures and skip unregister if already NULL.
Reported-by: lianhui tang <bluetlh(a)gmail.com>
Fixes: 0fae3bf018d9 ("mpls: handle device renames for per-device sysctls")
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
net/mpls/af_mpls.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c
index 72398149e4d4..1dcbdab9319b 100644
--- a/net/mpls/af_mpls.c
+++ b/net/mpls/af_mpls.c
@@ -1427,6 +1427,7 @@ static int mpls_dev_sysctl_register(struct net_device *dev,
free:
kfree(table);
out:
+ mdev->sysctl = NULL;
return -ENOBUFS;
}
@@ -1436,6 +1437,9 @@ static void mpls_dev_sysctl_unregister(struct net_device *dev,
struct net *net = dev_net(dev);
struct ctl_table *table;
+ if (!mdev->sysctl)
+ return;
+
table = mdev->sysctl->ctl_table_arg;
unregister_net_sysctl_table(mdev->sysctl);
kfree(table);
--
2.25.1
1
0
[PATCH openEuler-5.10-LTS 01/50] Revert "[Huawei] io_uring:drop identity before creating a private one"
by Jialin Zhang 28 Feb '23
by Jialin Zhang 28 Feb '23
28 Feb '23
From: Li Lingfeng <lilingfeng3(a)huawei.com>
Offering: HULK
hulk inclusion
category: feature
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6BTWC
-------------------------------
This reverts commit ab45921343c63dc9d461740e23003098697e0333.
We need to apply patch 788d0824269bef (io_uring: import 5.15-stable
io_uring) to move io_uring to separate directory and solve
the problem of CVE-2023-0240.
This patch fix a uaf problem of io_identity, and it can be reverted
since io_identity is removed in patch 788d0824269bef.
Signed-off-by: Li Lingfeng <lilingfeng3(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
fs/io_uring.c | 42 ------------------------------------------
1 file changed, 42 deletions(-)
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 4ace89ae4832..2397c2a1d919 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -1364,47 +1364,6 @@ static bool io_identity_cow(struct io_kiocb *req)
return true;
}
-static void io_drop_identity(struct io_kiocb *req)
-{
- struct io_identity *id = req->work.identity;
-
- if (req->work.flags & IO_WQ_WORK_MM) {
- mmdrop(id->mm);
- req->work.flags &= ~IO_WQ_WORK_MM;
- }
-#ifdef CONFIG_BLK_CGROUP
- if (req->work.flags & IO_WQ_WORK_BLKCG) {
- css_put(id->blkcg_css);
- req->work.flags &= ~IO_WQ_WORK_BLKCG;
- }
-#endif
- if (req->work.flags & IO_WQ_WORK_CREDS) {
- put_cred(id->creds);
- req->work.flags &= ~IO_WQ_WORK_CREDS;
- }
- if (req->work.flags & IO_WQ_WORK_FILES) {
- put_files_struct(req->work.identity->files);
- put_nsproxy(req->work.identity->nsproxy);
- req->work.flags &= ~IO_WQ_WORK_FILES;
- }
- if (req->work.flags & IO_WQ_WORK_CANCEL)
- req->work.flags &= ~IO_WQ_WORK_CANCEL;
- if (req->work.flags & IO_WQ_WORK_FS) {
- struct fs_struct *fs = id->fs;
-
- spin_lock(&id->fs->lock);
- if (--fs->users)
- fs = NULL;
- spin_unlock(&id->fs->lock);
-
- if (fs)
- free_fs_struct(fs);
- req->work.flags &= ~IO_WQ_WORK_FS;
- }
- if (req->work.flags & IO_WQ_WORK_FSIZE)
- req->work.flags &= ~IO_WQ_WORK_FSIZE;
-}
-
static bool io_grab_identity(struct io_kiocb *req)
{
const struct io_op_def *def = &io_op_defs[req->opcode];
@@ -1510,7 +1469,6 @@ static void io_prep_async_work(struct io_kiocb *req)
if (io_grab_identity(req))
return;
- io_drop_identity(req);
if (!io_identity_cow(req))
return;
--
2.25.1
1
49
[PATCH openEuler-5.10-LTS-SP1 01/52] Revert "[Huawei] io_uring:drop identity before creating a private one"
by Jialin Zhang 28 Feb '23
by Jialin Zhang 28 Feb '23
28 Feb '23
From: Li Lingfeng <lilingfeng3(a)huawei.com>
Offering: HULK
hulk inclusion
category: feature
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6BTWC
-------------------------------
This reverts commit 6d9aaec1edb197ca7e05873c1930c418b7ecaa1e.
We need to apply patch 788d0824269bef (io_uring: import 5.15-stable
io_uring) to move io_uring to separate directory and solve
the problem of CVE-2023-0240.
This patch fix a uaf problem of io_identity, and it can be reverted
since io_identity is removed in patch 788d0824269bef.
Signed-off-by: Li Lingfeng <lilingfeng3(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
fs/io_uring.c | 42 ------------------------------------------
1 file changed, 42 deletions(-)
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 21adb7ff7b2e..adb8fcef738a 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -1364,47 +1364,6 @@ static bool io_identity_cow(struct io_kiocb *req)
return true;
}
-static void io_drop_identity(struct io_kiocb *req)
-{
- struct io_identity *id = req->work.identity;
-
- if (req->work.flags & IO_WQ_WORK_MM) {
- mmdrop(id->mm);
- req->work.flags &= ~IO_WQ_WORK_MM;
- }
-#ifdef CONFIG_BLK_CGROUP
- if (req->work.flags & IO_WQ_WORK_BLKCG) {
- css_put(id->blkcg_css);
- req->work.flags &= ~IO_WQ_WORK_BLKCG;
- }
-#endif
- if (req->work.flags & IO_WQ_WORK_CREDS) {
- put_cred(id->creds);
- req->work.flags &= ~IO_WQ_WORK_CREDS;
- }
- if (req->work.flags & IO_WQ_WORK_FILES) {
- put_files_struct(req->work.identity->files);
- put_nsproxy(req->work.identity->nsproxy);
- req->work.flags &= ~IO_WQ_WORK_FILES;
- }
- if (req->work.flags & IO_WQ_WORK_CANCEL)
- req->work.flags &= ~IO_WQ_WORK_CANCEL;
- if (req->work.flags & IO_WQ_WORK_FS) {
- struct fs_struct *fs = id->fs;
-
- spin_lock(&id->fs->lock);
- if (--fs->users)
- fs = NULL;
- spin_unlock(&id->fs->lock);
-
- if (fs)
- free_fs_struct(fs);
- req->work.flags &= ~IO_WQ_WORK_FS;
- }
- if (req->work.flags & IO_WQ_WORK_FSIZE)
- req->work.flags &= ~IO_WQ_WORK_FSIZE;
-}
-
static bool io_grab_identity(struct io_kiocb *req)
{
const struct io_op_def *def = &io_op_defs[req->opcode];
@@ -1510,7 +1469,6 @@ static void io_prep_async_work(struct io_kiocb *req)
if (io_grab_identity(req))
return;
- io_drop_identity(req);
if (!io_identity_cow(req))
return;
--
2.25.1
1
51
[PATCH openEuler-1.0-LTS 1/3] selinux: further adjust init order for file_alloc_security hook
by Yongqiang Liu 27 Feb '23
by Yongqiang Liu 27 Feb '23
27 Feb '23
From: "GONG, Ruiqi" <gongruiqi1(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6DRJ1
CVE: NA
----------------------------------------
After backporting commit cfff75d8973a ("selinux: reorder hooks to make
runtime disable less broken") to the 4.19 kernel of openEuler-1.0-LTS,
another kernel panic was triggered by running the POC of the
aforementioned commit:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
PGD 800000001840b067 P4D 800000001840b067 PUD 1840c067 PMD 0
Oops: 0002 [#1] SMP PTI
CPU: 7 PID: 273 Comm: exe Tainted: G OE 4.19.90+ #6
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014
RIP: 0010:selinux_file_open+0x49/0xf0
Code: 00 00 00 65 48 8b 04 25 28 00 00 00 48 89 44 24 20 31 c0 4c 89 e7 e8 a6 ec ff ff 49 8b 44 24 38 48 c7 c7 e0 a5 13 97 8b 40 1c <89> 45 08 e8 6f 80 ff ff ba 02 00 00 00 89 45 0c 8b 43 44 8b 73 40
RSP: 0018:ffffbb7300867ba0 EFLAGS: 00010246
RAX: 0000000000000003 RBX: ffff9dc301961400 RCX: 00000000000081ed
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffff9713a5e0
RBP: 0000000000000000 R08: 0000000000000001 R09: ffff9dc301fedcb0
R10: 0000000000000007 R11: 7fffffffffffffff R12: ffff9dc30204fd70
R13: 0000000000000000 R14: ffff9dc301961410 R15: ffffbb7300867c70
FS: 0000000000d258c0(0000) GS:ffff9dc33e9c0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000008 CR3: 00000000022bc000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
? generic_permission+0x10a/0x190
security_file_open+0x26/0x90
do_dentry_open+0xd9/0x380
do_last+0x197/0x8d0
path_openat+0x89/0x280
do_filp_open+0x91/0x100
do_open_execat+0x79/0x180
__do_execve_file.isra.0+0x6dd/0x8b0
__x64_sys_execve+0x35/0x40
do_syscall_64+0x63/0x250
? async_page_fault+0x8/0x30
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x49a5db
Code: 41 89 01 eb da 66 2e 0f 1f 84 00 00 00 00 00 f7 d8 64 41 89 01 eb d6 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 3b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe7b1cebd8 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 0000000000d27ee0 RCX: 000000000049a5db
RDX: 0000000000d27f08 RSI: 0000000000d27ee0 RDI: 0000000000d27f48
RBP: 0000000000d27f48 R08: fefefefefefefeff R09: fefefeff666d686f
R10: 0000000000d25b90 R11: 0000000000000246 R12: 0000000000d27f08
R13: 0000000000655894 R14: 0000000000d27f08 R15: 0000000000d26ed0
Modules linked in: e1000(OE)
CR2: 0000000000000008
---[ end trace e4eb884974c22e2d ]---
RIP: 0010:selinux_file_open+0x49/0xf0
Code: 00 00 00 65 48 8b 04 25 28 00 00 00 48 89 44 24 20 31 c0 4c 89 e7 e8 a6 ec ff ff 49 8b 44 24 38 48 c7 c7 e0 a5 13 97 8b 40 1c <89> 45 08 e8 6f 80 ff ff ba 02 00 00 00 89 45 0c 8b 43 44 8b 73 40
RSP: 0018:ffffbb7300867ba0 EFLAGS: 00010246
RAX: 0000000000000003 RBX: ffff9dc301961400 RCX: 00000000000081ed
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffff9713a5e0
RBP: 0000000000000000 R08: 0000000000000001 R09: ffff9dc301fedcb0
R10: 0000000000000007 R11: 7fffffffffffffff R12: ffff9dc30204fd70
R13: 0000000000000000 R14: ffff9dc301961410 R15: ffffbb7300867c70
FS: 0000000000d258c0(0000) GS:ffff9dc33e9c0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000008 CR3: 00000000022bc000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Kernel panic - not syncing: Fatal exception
Kernel Offset: 0x14400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
---[ end Kernel panic - not syncing: Fatal exception ]---
The problem was caused by selinux_file_open() accessing a file's fsec
being NULL, which indicated that the file_alloc_security hook should be
deleted later (at least after the file_open hook) when disabling SELinux
at runtime. Here I put it into the "allocating" part.
Signed-off-by: GONG, Ruiqi <gongruiqi1(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
security/selinux/hooks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index cd26c1199353..85ac12d6b2f4 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -7040,7 +7040,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(inode_copy_up_xattr, selinux_inode_copy_up_xattr),
LSM_HOOK_INIT(file_permission, selinux_file_permission),
- LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security),
LSM_HOOK_INIT(file_free_security, selinux_file_free_security),
LSM_HOOK_INIT(file_ioctl, selinux_file_ioctl),
LSM_HOOK_INIT(mmap_file, selinux_mmap_file),
@@ -7207,6 +7206,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security),
LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security),
LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security),
+ LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security),
LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank),
LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security),
LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx),
--
2.25.1
1
2
[PATCH openEuler-1.0-LTS 1/1] nbd: fix assignment error for first_minor in nbd_dev_add
by Yongqiang Liu 25 Feb '23
by Yongqiang Liu 25 Feb '23
25 Feb '23
From: Zhong Jinghua <zhongjinghua(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 188413, https://gitee.com/openeuler/kernel/issues/I6GWYG
CVE: NA
----------------------------------------
A panic error is like below:
nbd_genl_connect
nbd_dev_add
first_minor = index << part_shift; // index =-1
...
__device_add_disk
blk_alloc_devt
*devt = MKDEV(disk->major, disk->first_minor + part->partno);
// part->partno = 0, first_minor = 11...110000 major is covered
There, index < 0 will reassign an index, but here disk->first_minor is
assigned -1 << part_shift.
This causes to the creation of the device with the same major and minor
device numbers each time the incoming index<0, and this will lead to
creation of kobject failed:
Warning: kobject_add_internal failed for 4095:1048544 with -EEXIST, don't
try to register things with the same name in the same directory.
Fix it by moving the first_minor assignment down to after getting the new
index.
Fixes: 01f7594e62e9 ("nbd: Fix use-after-free in blk_mq_free_rqs")
Signed-off-by: Zhong Jinghua <zhongjinghua(a)huawei.com>
Reviewed-by: Yu Kuai <yukuai3(a)huawei.com>
Reviewed-by: Hou Tao <houtao1(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/block/nbd.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
index 8dbbd676d275..551b2f7da8ef 100644
--- a/drivers/block/nbd.c
+++ b/drivers/block/nbd.c
@@ -1706,7 +1706,6 @@ static int nbd_dev_add(int index)
struct gendisk *disk;
struct request_queue *q;
int err = -ENOMEM;
- int first_minor = index << part_shift;
nbd = kzalloc(sizeof(struct nbd_device), GFP_KERNEL);
if (!nbd)
@@ -1770,7 +1769,7 @@ static int nbd_dev_add(int index)
refcount_set(&nbd->refs, 1);
INIT_LIST_HEAD(&nbd->list);
disk->major = NBD_MAJOR;
- disk->first_minor = first_minor;
+ disk->first_minor = index << part_shift;
disk->fops = &nbd_fops;
disk->private_data = nbd;
sprintf(disk->disk_name, "nbd%d", index);
--
2.25.1
2
1
1
0
1
0
*** BLURB HERE ***
Andy Shevchenko (1):
ipmi: use %*ph to print small buffer
Dan Carpenter (1):
evm: Fix a small race in init_desc()
Eric Biggers (1):
crypto: rsa-pkcs1pad - fix buffer overread in
pkcs1pad_verify_complete()
Greg Kroah-Hartman (1):
iommu: Properly export iommu_group_get_for_dev()
Herbert Xu (2):
crypto: algif_skcipher - EBUSY on aio should be an error
crypto: algif_skcipher - Use chunksize instead of blocksize
Lubomir Rintel (1):
component: do not dereference opaque pointer in debugfs
Nishka Dasgupta (2):
of: unittest: Add of_node_put() before return
of: resolver: Add of_node_put() before return and break
Ondrej Mosnacek (1):
selinux: reorder hooks to make runtime disable less broken
Roberto Sassu (1):
evm: Check also if *tfm is an error pointer in init_desc()
Will Deacon (2):
drivers/iommu: Export core IOMMU API symbols to permit modular drivers
drivers/iommu: Allow IOMMU bus ops to be unregistered
crypto/algif_skcipher.c | 4 +-
crypto/rsa-pkcs1pad.c | 2 +
drivers/base/component.c | 8 +--
drivers/char/ipmi/ipmi_msghandler.c | 27 ++-------
drivers/iommu/iommu-sysfs.c | 5 ++
drivers/iommu/iommu.c | 12 ++++
drivers/of/resolver.c | 12 +++-
drivers/of/unittest.c | 4 +-
security/integrity/evm/evm_crypto.c | 45 +++++++-------
security/selinux/hooks.c | 93 ++++++++++++++++++++---------
10 files changed, 129 insertions(+), 83 deletions(-)
--
2.25.1
1
13
1
0
当前例会议题:
议题一:进展update(10min) -- 张伽琳 & 郑增凯
议题二:openeuler 实时内核(PREEMPT_RT)规划讨论 --丁翔
欢迎大家继续申报~
-----原始约会-----
发件人: openEuler conference <public(a)openeuler.org>
发送时间: 2023年2月21日 10:06
收件人: dev@openeuler.org,kernel-discuss@openeuler.org,kernel@openeuler.org
主题: openEuler Kernel SIG双周例会
时间: 2023年2月24日星期五 14:00-15:30(UTC+08:00) 北京,重庆,香港特别行政区,乌鲁木齐。
地点:
您好!
Kernel SIG 邀请您参加 2023-02-24 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG双周例会
会议内容:
欢迎您参加Kernel SIG双周例会,当前议题:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以直接回复邮件,或录入会议看板)
会议链接:https://us06web.zoom.us/j/82111503728?pwd=TWRGa2REc0V2ZmlGZ2ZreUF1OXA3dz09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2023-02-24 14:00,
The subject of the conference is openEuler Kernel SIG双周例会,
Summary:
欢迎您参加Kernel SIG双周例会,当前议题:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以直接回复邮件,或录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/82111503728?pwd=TWRGa2REc0V2ZmlGZ2ZreUF1OXA3dz09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
[PATCH openEuler-1.0-LTS] dhugetlb: isolate hwpoison hugepage when release
by Yongqiang Liu 23 Feb '23
by Yongqiang Liu 23 Feb '23
23 Feb '23
From: Liu Shixin <liushixin2(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 46904, https://gitee.com/openeuler/kernel/issues/I6GSKP
CVE: NA
--------------------------------
For a hwpoison hugetlb page, the page will be freed firstly. If succeed, it
will be dissolved and released to buddy system, then isolate the hwpoison page.
For a hwpoison hugepage belong to dynamic hugetlb, we isolate the hugepage
without dissolve it. Add a check in free_huge_page_to_dhugetlb_pool() to
isolate the hwpoison hugepage directly. And keep HUGETLB_PAGE_DTOR after free
to ensure the PageHuge() check return true in dissolve_free_huge_page().
Fixes: 0f0535e57da("dhugetlb: skip dissolve hugepage belonging to dynamic hugetlb")
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
mm/hugetlb.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index ed89df6fc5de..9f974270c84d 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -1348,8 +1348,9 @@ static void free_huge_page_to_dhugetlb_pool(struct page *page,
}
spin_lock(&hpool->lock);
+ if (PageHWPoison(page))
+ goto out;
ClearPagePool(page);
- set_compound_page_dtor(page, NULL_COMPOUND_DTOR);
if (!hstate_is_gigantic(h)) {
list_add(&page->lru, &hpool->dhugetlb_2M_freelists);
hpool->free_reserved_2M++;
@@ -1375,6 +1376,7 @@ static void free_huge_page_to_dhugetlb_pool(struct page *page,
trace_dhugetlb_alloc_free(hpool, page, hpool->free_reserved_1G,
DHUGETLB_FREE_1G);
}
+out:
spin_unlock(&hpool->lock);
dhugetlb_pool_put(hpool);
}
--
2.25.1
1
0
[PATCH openEuler-5.10-LTS-SP1 01/29] media: vivid: fix compose size exceed boundary
by Jialin Zhang 22 Feb '23
by Jialin Zhang 22 Feb '23
22 Feb '23
From: Liu Shixin <liushixin2(a)huawei.com>
stable inclusion
from stable-v5.10.163
commit f9d19f3a044ca651b0be52a4bf951ffe74259b9f
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6CIF8
CVE: CVE-2023-0615
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit 94a7ad9283464b75b12516c5512541d467cefcf8 ]
syzkaller found a bug:
BUG: unable to handle page fault for address: ffffc9000a3b1000
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 100000067 P4D 100000067 PUD 10015f067 PMD 1121ca067 PTE 0
Oops: 0002 [#1] PREEMPT SMP
CPU: 0 PID: 23489 Comm: vivid-000-vid-c Not tainted 6.1.0-rc1+ #512
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:memcpy_erms+0x6/0x10
[...]
Call Trace:
<TASK>
? tpg_fill_plane_buffer+0x856/0x15b0
vivid_fillbuff+0x8ac/0x1110
vivid_thread_vid_cap_tick+0x361/0xc90
vivid_thread_vid_cap+0x21a/0x3a0
kthread+0x143/0x180
ret_from_fork+0x1f/0x30
</TASK>
This is because we forget to check boundary after adjust compose->height
int V4L2_SEL_TGT_CROP case. Add v4l2_rect_map_inside() to fix this problem
for this case.
Fixes: ef834f7836ec ("[media] vivid: add the video capture and output parts")
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Wang Hai <wanghai38(a)huawei.com>
Signed-off-by: Longlong Xia <xialonglong1(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/test-drivers/vivid/vivid-vid-cap.c b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
index eadf28ab1e39..eeb0aeb62f79 100644
--- a/drivers/media/test-drivers/vivid/vivid-vid-cap.c
+++ b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
@@ -953,6 +953,7 @@ int vivid_vid_cap_s_selection(struct file *file, void *fh, struct v4l2_selection
if (dev->has_compose_cap) {
v4l2_rect_set_min_size(compose, &min_rect);
v4l2_rect_set_max_size(compose, &max_rect);
+ v4l2_rect_map_inside(compose, &fmt);
}
dev->fmt_cap_rect = fmt;
tpg_s_buf_height(&dev->tpg, fmt.height);
--
2.25.1
1
28
[PATCH openEuler-5.10-LTS 01/18] media: vivid: fix compose size exceed boundary
by Jialin Zhang 22 Feb '23
by Jialin Zhang 22 Feb '23
22 Feb '23
From: Liu Shixin <liushixin2(a)huawei.com>
stable inclusion
from stable-v5.10.163
commit f9d19f3a044ca651b0be52a4bf951ffe74259b9f
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6CIF8
CVE: CVE-2023-0615
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit 94a7ad9283464b75b12516c5512541d467cefcf8 ]
syzkaller found a bug:
BUG: unable to handle page fault for address: ffffc9000a3b1000
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 100000067 P4D 100000067 PUD 10015f067 PMD 1121ca067 PTE 0
Oops: 0002 [#1] PREEMPT SMP
CPU: 0 PID: 23489 Comm: vivid-000-vid-c Not tainted 6.1.0-rc1+ #512
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:memcpy_erms+0x6/0x10
[...]
Call Trace:
<TASK>
? tpg_fill_plane_buffer+0x856/0x15b0
vivid_fillbuff+0x8ac/0x1110
vivid_thread_vid_cap_tick+0x361/0xc90
vivid_thread_vid_cap+0x21a/0x3a0
kthread+0x143/0x180
ret_from_fork+0x1f/0x30
</TASK>
This is because we forget to check boundary after adjust compose->height
int V4L2_SEL_TGT_CROP case. Add v4l2_rect_map_inside() to fix this problem
for this case.
Fixes: ef834f7836ec ("[media] vivid: add the video capture and output parts")
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Wang Hai <wanghai38(a)huawei.com>
Signed-off-by: Longlong Xia <xialonglong1(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/test-drivers/vivid/vivid-vid-cap.c b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
index eadf28ab1e39..eeb0aeb62f79 100644
--- a/drivers/media/test-drivers/vivid/vivid-vid-cap.c
+++ b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
@@ -953,6 +953,7 @@ int vivid_vid_cap_s_selection(struct file *file, void *fh, struct v4l2_selection
if (dev->has_compose_cap) {
v4l2_rect_set_min_size(compose, &min_rect);
v4l2_rect_set_max_size(compose, &max_rect);
+ v4l2_rect_map_inside(compose, &fmt);
}
dev->fmt_cap_rect = fmt;
tpg_s_buf_height(&dev->tpg, fmt.height);
--
2.25.1
1
17
[PATCH openEuler-5.10-LTS 01/18] media: vivid: fix compose size exceed boundary
by Jialin Zhang 22 Feb '23
by Jialin Zhang 22 Feb '23
22 Feb '23
From: Liu Shixin <liushixin2(a)huawei.com>
stable inclusion
from stable-v5.10.163
commit f9d19f3a044ca651b0be52a4bf951ffe74259b9f
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6CIF8
CVE: CVE-2023-0615
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit 94a7ad9283464b75b12516c5512541d467cefcf8 ]
syzkaller found a bug:
BUG: unable to handle page fault for address: ffffc9000a3b1000
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 100000067 P4D 100000067 PUD 10015f067 PMD 1121ca067 PTE 0
Oops: 0002 [#1] PREEMPT SMP
CPU: 0 PID: 23489 Comm: vivid-000-vid-c Not tainted 6.1.0-rc1+ #512
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:memcpy_erms+0x6/0x10
[...]
Call Trace:
<TASK>
? tpg_fill_plane_buffer+0x856/0x15b0
vivid_fillbuff+0x8ac/0x1110
vivid_thread_vid_cap_tick+0x361/0xc90
vivid_thread_vid_cap+0x21a/0x3a0
kthread+0x143/0x180
ret_from_fork+0x1f/0x30
</TASK>
This is because we forget to check boundary after adjust compose->height
int V4L2_SEL_TGT_CROP case. Add v4l2_rect_map_inside() to fix this problem
for this case.
Fixes: ef834f7836ec ("[media] vivid: add the video capture and output parts")
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Wang Hai <wanghai38(a)huawei.com>
Signed-off-by: Longlong Xia <xialonglong1(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/test-drivers/vivid/vivid-vid-cap.c b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
index eadf28ab1e39..eeb0aeb62f79 100644
--- a/drivers/media/test-drivers/vivid/vivid-vid-cap.c
+++ b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
@@ -953,6 +953,7 @@ int vivid_vid_cap_s_selection(struct file *file, void *fh, struct v4l2_selection
if (dev->has_compose_cap) {
v4l2_rect_set_min_size(compose, &min_rect);
v4l2_rect_set_max_size(compose, &max_rect);
+ v4l2_rect_map_inside(compose, &fmt);
}
dev->fmt_cap_rect = fmt;
tpg_s_buf_height(&dev->tpg, fmt.height);
--
2.25.1
1
17
[PATCH openEuler-5.10-LTS-SP1 01/29] media: vivid: fix compose size exceed boundary
by Jialin Zhang 22 Feb '23
by Jialin Zhang 22 Feb '23
22 Feb '23
From: Liu Shixin <liushixin2(a)huawei.com>
stable inclusion
from stable-v5.10.163
commit f9d19f3a044ca651b0be52a4bf951ffe74259b9f
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6CIF8
CVE: CVE-2023-0615
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit 94a7ad9283464b75b12516c5512541d467cefcf8 ]
syzkaller found a bug:
BUG: unable to handle page fault for address: ffffc9000a3b1000
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 100000067 P4D 100000067 PUD 10015f067 PMD 1121ca067 PTE 0
Oops: 0002 [#1] PREEMPT SMP
CPU: 0 PID: 23489 Comm: vivid-000-vid-c Not tainted 6.1.0-rc1+ #512
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:memcpy_erms+0x6/0x10
[...]
Call Trace:
<TASK>
? tpg_fill_plane_buffer+0x856/0x15b0
vivid_fillbuff+0x8ac/0x1110
vivid_thread_vid_cap_tick+0x361/0xc90
vivid_thread_vid_cap+0x21a/0x3a0
kthread+0x143/0x180
ret_from_fork+0x1f/0x30
</TASK>
This is because we forget to check boundary after adjust compose->height
int V4L2_SEL_TGT_CROP case. Add v4l2_rect_map_inside() to fix this problem
for this case.
Fixes: ef834f7836ec ("[media] vivid: add the video capture and output parts")
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Wang Hai <wanghai38(a)huawei.com>
Signed-off-by: Longlong Xia <xialonglong1(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
drivers/media/test-drivers/vivid/vivid-vid-cap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/test-drivers/vivid/vivid-vid-cap.c b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
index eadf28ab1e39..eeb0aeb62f79 100644
--- a/drivers/media/test-drivers/vivid/vivid-vid-cap.c
+++ b/drivers/media/test-drivers/vivid/vivid-vid-cap.c
@@ -953,6 +953,7 @@ int vivid_vid_cap_s_selection(struct file *file, void *fh, struct v4l2_selection
if (dev->has_compose_cap) {
v4l2_rect_set_min_size(compose, &min_rect);
v4l2_rect_set_max_size(compose, &max_rect);
+ v4l2_rect_map_inside(compose, &fmt);
}
dev->fmt_cap_rect = fmt;
tpg_s_buf_height(&dev->tpg, fmt.height);
--
2.25.1
1
28
[PATCH openEuler-1.0-LTS] mm/sharepool: Fix null-pointer-deference in sp_free_area
by Yongqiang Liu 22 Feb '23
by Yongqiang Liu 22 Feb '23
22 Feb '23
From: Wang Wensheng <wangwensheng4(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6G76L
CVE: NA
----------------------------------------------
When a process is deleted from a group, the process does not apply for
memory from the shared group. Otherwise, the UAF problem occurs. We checked
this, but it didn't do a good job of preventing sp_alloc and del_task
concurrency. The process applies for memory after passing the check, which
violates our requirements and causes problems. The solution is to place the
checked code in the critical area to ensure that no memory can be allocated
after the check is passed.
[ T7596] Unable to handle kernel NULL pointer dereference at virtual
address 0000000000000098
[ T7596] Mem abort info:
[ T7596] ESR = 0x96000004
[ T7596] EC = 0x25: DABT (current EL), IL = 32 bits
[ T7596] SET = 0, FnV = 0
[ T7596] EA = 0, S1PTW = 0
[ T7596] Data abort info:
[ T7596] ISV = 0, ISS = 0x00000004
[ T7596] CM = 0, WnR = 0
[ T7596] user pgtable: 4k pages, 48-bit VAs, pgdp=00000001040a3000
[ T7596] [0000000000000098] pgd=0000000000000000, p4d=0000000000000000
[ T7596] Internal error: Oops: 96000004 [#1] SMP
[ T7596] Modules linked in: sharepool_dev(OE) [last unloaded: demo]
[ T7596] CPU: 1 PID: 7596 Comm: test_sp_group_d Tainted: G OE 5.10.0+ #8
[ T7596] Hardware name: linux,dummy-virt (DT)
[ T7596] pstate: 20000005 (nzCv daif -PAN -UAO -TCO BTYPE=--)
[ T7596] pc : sp_free_area+0x34/0x120
[ T7596] lr : sp_free_area+0x30/0x120
[ T7596] sp : ffff80001c6a3b20
[ T7596] x29: ffff80001c6a3b20 x28: 0000000000000009
[ T7596] x27: 0000000000000000 x26: ffff800011c49d20
[ T7596] x25: ffff0000c227f6c0 x24: 0000000000000008
[ T7596] x23: ffff0000c0cf0ce8 x22: 0000000000000001
[ T7596] x21: ffff0000c4082b30 x20: 0000000000000000
[ T7596] x19: ffff0000c4082b00 x18: 0000000000000000
[ T7596] x17: 0000000000000000 x16: 0000000000000000
[ T7596] x15: 0000000000000000 x14: 0000000000000000
[ T7596] x13: 0000000000000000 x12: ffff0005fffe12c0
[ T7596] x11: 0000000000000008 x10: ffff0005fffe12c0
[ T7596] x9 : ffff8000103eb690 x8 : 0000000000000001
[ T7596] x7 : 0000000000210d00 x6 : 0000000000000000
[ T7596] x5 : ffff8000123edea0 x4 : 0000000000000030
[ T7596] x3 : ffffeff000000000 x2 : 0000eff000000000
[ T7596] x1 : 0000e80000000000 x0 : 0000000000000000
[ T7596] Call trace:
[ T7596] sp_free_area+0x34/0x120
[ T7596] __sp_area_drop_locked+0x3c/0x60
[ T7596] sp_area_drop+0x80/0xbc
[ T7596] remove_vma+0x54/0x70
[ T7596] exit_mmap+0x114/0x1d0
[ T7596] mmput+0x90/0x1ec
[ T7596] exit_mm+0x1d0/0x2f0
[ T7596] do_exit+0x180/0x400
[ T7596] do_group_exit+0x40/0x114
[ T7596] get_signal+0x1e8/0x720
[ T7596] do_signal+0x11c/0x1e4
[ T7596] do_notify_resume+0x15c/0x250
[ T7596] work_pending+0xc/0x6d8
[ T7596] Code: f9400001 f9402c00 97fff0e5 aa0003f4 (f9404c00)
[ T7596] ---[ end trace 3c8368d77e758ebd ]---
Signed-off-by: Wang Wensheng <wangwensheng4(a)huawei.com>
Reviewed-by: Weilong Chen <chenweilong(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
mm/share_pool.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/mm/share_pool.c b/mm/share_pool.c
index 5d8344fe805a..a136c70b7588 100644
--- a/mm/share_pool.c
+++ b/mm/share_pool.c
@@ -1712,14 +1712,6 @@ int mg_sp_group_del_task(int pid, int spg_id)
ret = -EINVAL;
goto out;
}
-
- if (!list_empty(&spg->spa_list)) {
- up_write(&sp_group_sem);
- pr_err_ratelimited("spa is not empty");
- ret = -EINVAL;
- goto out;
- }
-
ret = get_task(pid, &tsk);
if (ret) {
up_write(&sp_group_sem);
@@ -1743,6 +1735,15 @@ int mg_sp_group_del_task(int pid, int spg_id)
}
down_write(&spg->rw_lock);
+
+ if (!list_empty(&spg->spa_list)) {
+ up_write(&spg->rw_lock);
+ up_write(&sp_group_sem);
+ pr_err_ratelimited("spa is not empty");
+ ret = -EINVAL;
+ goto out_put_mm;
+ }
+
if (list_is_singular(&spg->procs))
is_alive = spg->is_alive = false;
spg->proc_num--;
--
2.25.1
1
0
您好!
Kernel SIG 邀请您参加 2023-02-24 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG双周例会
会议内容:
欢迎您参加Kernel SIG双周例会,当前议题:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以直接回复邮件,或录入会议看板)
会议链接:https://us06web.zoom.us/j/82111503728?pwd=TWRGa2REc0V2ZmlGZ2ZreUF1OXA3dz09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2023-02-24 14:00,
The subject of the conference is openEuler Kernel SIG双周例会,
Summary:
欢迎您参加Kernel SIG双周例会,当前议题:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以直接回复邮件,或录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/82111503728?pwd=TWRGa2REc0V2ZmlGZ2ZreUF1OXA3dz09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
您好!
sig-Intel-Arch SIG 邀请您参加 2023-02-21 10:00 召开的Zoom会议
会议主题:Intel Arch SIG 例会
会议内容:
1. Intel几个复杂特性的支持计划
2. QEMU和kernel选型对未来lntel平台支持
和release安排讨论
3. openEuler在SPR上的用户诉求和反馈
会议链接:https://us06web.zoom.us/j/87058792984?pwd=UFlzSzA4OHNyMEIvRkpCdWFwdEdRQT09
会议纪要:https://etherpad.openeuler.org/p/sig-Intel-Arch-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler sig-Intel-Arch SIG invites you to attend the Zoom conference will be held at 2023-02-21 10:00,
The subject of the conference is Intel Arch SIG 例会,
Summary:
1. Intel几个复杂特性的支持计划
2. QEMU和kernel选型对未来lntel平台支持
和release安排讨论
3. openEuler在SPR上的用户诉求和反馈
You can join the meeting at https://us06web.zoom.us/j/87058792984?pwd=UFlzSzA4OHNyMEIvRkpCdWFwdEdRQT09.
Add topics at https://etherpad.openeuler.org/p/sig-Intel-Arch-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
kernel-leave(a)openeuler.org
Best Regards
嵌入式软件开发部 杨国锋
珠海一微半导体股份有限公司 / Amicro Semiconductor Co., Ltd.
横琴总部中心:珠海市横琴新区ICC横琴国际商务中心2座27楼
香洲研发中心:香洲区红山路26号阳光大厦13楼
深圳办公中心:深圳市南山区国家工程实验室大楼A座1102室
电话:0756-2666456
邮编:519000
Phone:18814181955
E-Mail:guofeng.yang(a)amicro.com.cn
This email may contain confidential and/or privileged information from Amicro,and is intended solely for the attention and use of the person(s) named above. If you are not the intended recipient (or have received this email in error), please notify the sender immediately and destroy this email. Any unauthorized copying, disclosure or distribution of the material in this email is strictly forbidden. The content provided in this email can not be guaranteed and assured to be accurate, appropriate for all, and complete by Amicro, and Amicro can not be held responsible forany error or negligence derived therefrom.
(此电子邮件包含来自一微半导体的信息,而且是机密的或者专用的信息。这些信息是供所有以上列出的个人或者团体使用的。如果您不是此邮件的预期收件人,请勿阅读、复制、转发或存储此邮件。如果已误收此邮件,请通知发件人。本公司不担保本电子邮件中信息的准确性、适当性或完整性,并且对此产生的任何错误或疏忽不承担任何责任.)
1
0
[PATCH openEuler-1.0-LTS 1/5] mm/memcg_memfs_info: fix potential oom_lock recursion deadlock
by Yongqiang Liu 16 Feb '23
by Yongqiang Liu 16 Feb '23
16 Feb '23
From: Liu Shixin <liushixin2(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6AXGS
CVE: NA
--------------------------------
syzbot is reporting GFP_KERNEL allocation with oom_lock held when
reporting memcg OOM [1]. If this allocation triggers the global OOM
situation then the system can livelock because the GFP_KERNEL
allocation with oom_lock held cannot trigger the global OOM killer
because __alloc_pages_may_oom() fails to hold oom_lock.
The problem mentioned above has been fixed by patch[2]. The is the same
problem in memcg_memfs_info feature too. Refer to the patch[2], fix it by
removing the allocation from mem_cgroup_print_memfs_info() completely,
and pass static buffer when calling from memcg OOM path.
Link: https://syzkaller.appspot.com/bug?extid=2d2aeadc6ce1e1f11d45 [1]
Link: https://lkml.kernel.org/r/86afb39f-8c65-bec2-6cfc-c5e3cd600c0b@I-love.SAKUR… [2]
Fixes: 6b1d4d3a3713 ("mm/memcg_memfs_info: show files that having pages charged in mem_cgroup")
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/linux/memcg_memfs_info.h | 4 +++-
mm/memcg_memfs_info.c | 20 ++++++++++----------
mm/memcontrol.c | 3 ++-
3 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/include/linux/memcg_memfs_info.h b/include/linux/memcg_memfs_info.h
index 658a91e22bd7..b5e3709baa9e 100644
--- a/include/linux/memcg_memfs_info.h
+++ b/include/linux/memcg_memfs_info.h
@@ -6,11 +6,13 @@
#include <linux/seq_file.h>
#ifdef CONFIG_MEMCG_MEMFS_INFO
-void mem_cgroup_print_memfs_info(struct mem_cgroup *memcg, struct seq_file *m);
+void mem_cgroup_print_memfs_info(struct mem_cgroup *memcg, char *pathbuf,
+ struct seq_file *m);
int mem_cgroup_memfs_files_show(struct seq_file *m, void *v);
void mem_cgroup_memfs_info_init(void);
#else
static inline void mem_cgroup_print_memfs_info(struct mem_cgroup *memcg,
+ char *pathbuf,
struct seq_file *m)
{
}
diff --git a/mm/memcg_memfs_info.c b/mm/memcg_memfs_info.c
index 346175026cae..632e03da673b 100644
--- a/mm/memcg_memfs_info.c
+++ b/mm/memcg_memfs_info.c
@@ -162,7 +162,8 @@ static void memfs_show_files_in_mem_cgroup(struct super_block *sb, void *data)
mntput(pfc->vfsmnt);
}
-void mem_cgroup_print_memfs_info(struct mem_cgroup *memcg, struct seq_file *m)
+void mem_cgroup_print_memfs_info(struct mem_cgroup *memcg, char *pathbuf,
+ struct seq_file *m)
{
struct print_files_control pfc = {
.memcg = memcg,
@@ -170,17 +171,11 @@ void mem_cgroup_print_memfs_info(struct mem_cgroup *memcg, struct seq_file *m)
.max_print_files = memfs_max_print_files,
.size_threshold = memfs_size_threshold,
};
- char *pathbuf;
int i;
if (!memfs_enable || !memcg)
return;
- pathbuf = kmalloc(PATH_MAX, GFP_KERNEL);
- if (!pathbuf) {
- SEQ_printf(m, "Show memfs failed due to OOM\n");
- return;
- }
pfc.pathbuf = pathbuf;
pfc.pathbuf_size = PATH_MAX;
@@ -197,15 +192,20 @@ void mem_cgroup_print_memfs_info(struct mem_cgroup *memcg, struct seq_file *m)
SEQ_printf(m, "total files: %lu, total memory-size: %lukB\n",
pfc.total_print_files, pfc.total_files_size >> 10);
}
-
- kfree(pfc.pathbuf);
}
int mem_cgroup_memfs_files_show(struct seq_file *m, void *v)
{
struct mem_cgroup *memcg = mem_cgroup_from_css(seq_css(m));
+ char *pathbuf;
- mem_cgroup_print_memfs_info(memcg, m);
+ pathbuf = kmalloc(PATH_MAX, GFP_KERNEL);
+ if (!pathbuf) {
+ SEQ_printf(m, "Show memfs abort: failed to allocate memory\n");
+ return 0;
+ }
+ mem_cgroup_print_memfs_info(memcg, pathbuf, m);
+ kfree(pathbuf);
return 0;
}
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index bdc90e6fc082..fd40fef49e45 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -1490,6 +1490,7 @@ void mem_cgroup_print_oom_meminfo(struct mem_cgroup *memcg)
{
struct mem_cgroup *iter;
unsigned int i;
+ static char pathbuf[PATH_MAX];
pr_info("memory: usage %llukB, limit %llukB, failcnt %lu\n",
K((u64)page_counter_read(&memcg->memory)),
@@ -1522,7 +1523,7 @@ void mem_cgroup_print_oom_meminfo(struct mem_cgroup *memcg)
pr_cont("\n");
}
- mem_cgroup_print_memfs_info(memcg, NULL);
+ mem_cgroup_print_memfs_info(memcg, pathbuf, NULL);
}
/*
--
2.25.1
1
4
[PATCH openEuler-5.10-LTS-SP1 001/263] KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs
by Jialin Zhang 15 Feb '23
by Jialin Zhang 15 Feb '23
15 Feb '23
From: Nicholas Piggin <npiggin(a)gmail.com>
stable inclusion
from stable-v5.10.145
commit 6bae47548188ae957578e6d92d4b8753dec435e4
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6D0VF
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit 112665286d08c87e66d699e7cba43c1497ad165f ]
Interrupts that occur in kernel mode expect that context tracking
is set to kernel. Enabling local irqs before context tracking
switches from guest to host means interrupts can come in and trigger
warnings about wrong context, and possibly worse.
Signed-off-by: Nicholas Piggin <npiggin(a)gmail.com>
Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au>
Link: https://lore.kernel.org/r/20210130130852.2952424-3-npiggin@gmail.com
Stable-dep-of: 235cee162459 ("KVM: PPC: Tick accounting should defer vtime accounting 'til after IRQ handling")
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
Reviewed-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
arch/powerpc/kvm/book3s_hv.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
index 38b7a3491aac..d6c4e27f7ed9 100644
--- a/arch/powerpc/kvm/book3s_hv.c
+++ b/arch/powerpc/kvm/book3s_hv.c
@@ -3399,8 +3399,9 @@ static noinline void kvmppc_run_core(struct kvmppc_vcore *vc)
kvmppc_set_host_core(pcpu);
+ guest_exit_irqoff();
+
local_irq_enable();
- guest_exit();
/* Let secondaries go back to the offline loop */
for (i = 0; i < controlled_threads; ++i) {
@@ -4235,8 +4236,9 @@ int kvmhv_run_single_vcpu(struct kvm_vcpu *vcpu, u64 time_limit,
kvmppc_set_host_core(pcpu);
+ guest_exit_irqoff();
+
local_irq_enable();
- guest_exit();
cpumask_clear_cpu(pcpu, &kvm->arch.cpu_in_guest);
--
2.25.1
1
262
[PATCH openEuler-1.0-LTS 1/2] net: bridge: mcast: add and enforce startup query interval minimum
by Yongqiang Liu 15 Feb '23
by Yongqiang Liu 15 Feb '23
15 Feb '23
From: Nikolay Aleksandrov <nikolay(a)nvidia.com>
mainline inclusion
from mainline-v5.16-rc8
commit f83a112bd91a494cdee671aec74e777470fb4a07
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6DKZJ
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
As reported[1] if startup query interval is set too low in combination with
large number of startup queries and we have multiple bridges or even a
single bridge with multiple querier vlans configured we can crash the
machine. Add a 1 second minimum which must be enforced by overwriting the
value if set lower (i.e. without returning an error) to avoid breaking
user-space. If that happens a log message is emitted to let the admin know
that the startup interval has been set to the minimum. It doesn't make
sense to make the startup interval lower than the normal query interval
so use the same value of 1 second. The issue has been present since these
intervals could be user-controlled.
[1] https://lore.kernel.org/netdev/e8b9ce41-57b9-b6e2-a46a-ff9c791cf0ba@gmail.c…
Fixes: d902eee43f19 ("bridge: Add multicast count/interval sysfs entries")
Reported-by: Eric Dumazet <eric.dumazet(a)gmail.com>
Signed-off-by: Nikolay Aleksandrov <nikolay(a)nvidia.com>
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Conflicts:
net/bridge/br_multicast.c
net/bridge/br_netlink.c
net/bridge/br_private.h
net/bridge/br_sysfs_br.c
Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/bridge/br_multicast.c | 16 ++++++++++++++++
net/bridge/br_netlink.c | 2 +-
net/bridge/br_private.h | 5 +++++
net/bridge/br_sysfs_br.c | 2 +-
4 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c
index 3504c3acd38f..ed67a43efdef 100644
--- a/net/bridge/br_multicast.c
+++ b/net/bridge/br_multicast.c
@@ -2351,6 +2351,22 @@ int br_multicast_set_mld_version(struct net_bridge *br, unsigned long val)
}
#endif
+void br_multicast_set_startup_query_intvl(struct net_bridge *br,
+ unsigned long val)
+{
+ unsigned long intvl_jiffies = clock_t_to_jiffies(val);
+
+ if (intvl_jiffies < BR_MULTICAST_STARTUP_QUERY_INTVL_MIN) {
+ br_info(br,
+ "trying to set multicast startup query interval below minimum, setting to %lu (%ums)\n",
+ jiffies_to_clock_t(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN),
+ jiffies_to_msecs(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN));
+ intvl_jiffies = BR_MULTICAST_STARTUP_QUERY_INTVL_MIN;
+ }
+
+ br->multicast_startup_query_interval = intvl_jiffies;
+}
+
/**
* br_multicast_list_adjacent - Returns snooped multicast addresses
* @dev: The bridge port adjacent to which to retrieve addresses
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
index c00cb376263a..b3bcfb77077a 100644
--- a/net/bridge/br_netlink.c
+++ b/net/bridge/br_netlink.c
@@ -1237,7 +1237,7 @@ static int br_changelink(struct net_device *brdev, struct nlattr *tb[],
if (data[IFLA_BR_MCAST_STARTUP_QUERY_INTVL]) {
u64 val = nla_get_u64(data[IFLA_BR_MCAST_STARTUP_QUERY_INTVL]);
- br->multicast_startup_query_interval = clock_t_to_jiffies(val);
+ br_multicast_set_startup_query_intvl(br, val);
}
if (data[IFLA_BR_MCAST_STATS_ENABLED]) {
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
index 23fed55942fa..877fbc65a2fe 100644
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -31,6 +31,9 @@
#define BR_PORT_BITS 10
#define BR_MAX_PORTS (1<<BR_PORT_BITS)
+#define BR_MULTICAST_QUERY_INTVL_MIN msecs_to_jiffies(1000)
+#define BR_MULTICAST_STARTUP_QUERY_INTVL_MIN BR_MULTICAST_QUERY_INTVL_MIN
+
#define BR_VERSION "2.3"
/* Control of forwarding link local multicast */
@@ -1200,4 +1203,6 @@ void br_do_proxy_suppress_arp(struct sk_buff *skb, struct net_bridge *br,
void br_do_suppress_nd(struct sk_buff *skb, struct net_bridge *br,
u16 vid, struct net_bridge_port *p, struct nd_msg *msg);
struct nd_msg *br_is_nd_neigh_msg(struct sk_buff *skb, struct nd_msg *m);
+void br_multicast_set_startup_query_intvl(struct net_bridge *br,
+ unsigned long val);
#endif
diff --git a/net/bridge/br_sysfs_br.c b/net/bridge/br_sysfs_br.c
index 0318a69888d4..bfbffc5088ac 100644
--- a/net/bridge/br_sysfs_br.c
+++ b/net/bridge/br_sysfs_br.c
@@ -618,7 +618,7 @@ static ssize_t multicast_startup_query_interval_show(
static int set_startup_query_interval(struct net_bridge *br, unsigned long val)
{
- br->multicast_startup_query_interval = clock_t_to_jiffies(val);
+ br_multicast_set_startup_query_intvl(br, val);
return 0;
}
--
2.25.1
1
1
[PATCH openEuler-5.10-LTS 1/6] cifs: sanitize multiple delimiters in prepath
by Jialin Zhang 14 Feb '23
by Jialin Zhang 14 Feb '23
14 Feb '23
From: Thiago Rafael Becker <trbecker(a)gmail.com>
mainline inclusion
from mainline-v5.16-rc6
commit a31080899d5fdafcccf7f39dd214a814a2c82626
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6D6RL
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
mount.cifs can pass a device with multiple delimiters in it. This will
cause rename(2) to fail with ENOENT.
V2:
- Make sanitize_path more readable.
- Fix multiple delimiters between UNC and prepath.
- Avoid a memory leak if a bad user starts putting a lot of delimiters
in the path on purpose.
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=2031200
Fixes: 24e0a1eff9e2 ("cifs: switch to new mount api")
Cc: stable(a)vger.kernel.org # 5.11+
Acked-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Thiago Rafael Becker <trbecker(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
conflicts:
fs/cifs/fs_context.c
Signed-off-by: ZhaoLong Wang <wangzhaolong1(a)huawei.com>
Reviewed-by: Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
fs/cifs/connect.c | 38 +++++++++++++++++++++++++++++++++++++-
1 file changed, 37 insertions(+), 1 deletion(-)
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 7f5d173760cf..0a2eced46e35 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1316,6 +1316,42 @@ static int get_option_gid(substring_t args[], kgid_t *result)
return 0;
}
+/*
+ * Remove duplicate path delimiters. Windows is supposed to do that
+ * but there are some bugs that prevent rename from working if there are
+ * multiple delimiters.
+ *
+ * Returns a sanitized duplicate of @path. The caller is responsible for
+ * cleaning up the original.
+ */
+#define IS_DELIM(c) ((c) == '/' || (c) == '\\')
+static char *sanitize_path(char *path)
+{
+ char *cursor1 = path, *cursor2 = path;
+
+ /* skip all prepended delimiters */
+ while (IS_DELIM(*cursor1))
+ cursor1++;
+
+ /* copy the first letter */
+ *cursor2 = *cursor1;
+
+ /* copy the remainder... */
+ while (*(cursor1++)) {
+ /* ... skipping all duplicated delimiters */
+ if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
+ continue;
+ *(++cursor2) = *cursor1;
+ }
+
+ /* if the last character is a delimiter, skip it */
+ if (IS_DELIM(*(cursor2 - 1)))
+ cursor2--;
+
+ *(cursor2) = '\0';
+ return kstrdup(path, GFP_KERNEL);
+}
+
/*
* Parse a devname into substrings and populate the vol->UNC and vol->prepath
* fields with the result. Returns 0 on success and an error otherwise.
@@ -1364,7 +1400,7 @@ cifs_parse_devname(const char *devname, struct smb_vol *vol)
if (!*pos)
return 0;
- vol->prepath = kstrdup(pos, GFP_KERNEL);
+ vol->prepath = sanitize_path(pos);
if (!vol->prepath)
return -ENOMEM;
--
2.25.1
1
5
[PATCH openEuler-5.10-LTS-SP1 1/8] bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
by Jialin Zhang 14 Feb '23
by Jialin Zhang 14 Feb '23
14 Feb '23
From: Wang Yufen <wangyufen(a)huawei.com>
mainline inclusion
from mainline-v6.0-rc1
commit d8616ee2affcff37c5d315310da557a694a3303d
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6BRTY
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
During TCP sockmap redirect pressure test, the following warning is triggered:
WARNING: CPU: 3 PID: 2145 at net/core/stream.c:205 sk_stream_kill_queues+0xbc/0xd0
CPU: 3 PID: 2145 Comm: iperf Kdump: loaded Tainted: G W 5.10.0+ #9
Call Trace:
inet_csk_destroy_sock+0x55/0x110
inet_csk_listen_stop+0xbb/0x380
tcp_close+0x41b/0x480
inet_release+0x42/0x80
__sock_release+0x3d/0xa0
sock_close+0x11/0x20
__fput+0x9d/0x240
task_work_run+0x62/0x90
exit_to_user_mode_prepare+0x110/0x120
syscall_exit_to_user_mode+0x27/0x190
entry_SYSCALL_64_after_hwframe+0x44/0xa9
The reason we observed is that:
When the listener is closing, a connection may have completed the three-way
handshake but not accepted, and the client has sent some packets. The child
sks in accept queue release by inet_child_forget()->inet_csk_destroy_sock(),
but psocks of child sks have not released.
To fix, add sock_map_destroy to release psocks.
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
Signed-off-by: Daniel Borkmann <daniel(a)iogearbox.net>
Signed-off-by: Andrii Nakryiko <andrii(a)kernel.org>
Acked-by: Jakub Sitnicki <jakub(a)cloudflare.com>
Acked-by: John Fastabend <john.fastabend(a)gmail.com>
Link: https://lore.kernel.org/bpf/20220524075311.649153-1-wangyufen@huawei.com
Signed-off-by: Liu Jian <liujian56(a)huawei.com>
Conflicts:
include/linux/bpf.h
Reviewed-by: Wang Yufen <wangyufen(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
include/linux/bpf.h | 1 +
include/linux/skmsg.h | 1 +
net/core/skmsg.c | 1 +
net/core/sock_map.c | 23 +++++++++++++++++++++++
net/ipv4/tcp_bpf.c | 1 +
5 files changed, 27 insertions(+)
diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 8d95f4c66275..79fb7c1be8fd 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -1845,6 +1845,7 @@ static inline bool bpf_map_is_dev_bound(struct bpf_map *map)
struct bpf_map *bpf_map_offload_map_alloc(union bpf_attr *attr);
void bpf_map_offload_map_free(struct bpf_map *map);
+void sock_map_destroy(struct sock *sk);
#else
static inline int bpf_prog_offload_init(struct bpf_prog *prog,
union bpf_attr *attr)
diff --git a/include/linux/skmsg.h b/include/linux/skmsg.h
index 1899a1c8421c..a83885c5bb86 100644
--- a/include/linux/skmsg.h
+++ b/include/linux/skmsg.h
@@ -105,6 +105,7 @@ struct sk_psock {
spinlock_t link_lock;
refcount_t refcnt;
void (*saved_unhash)(struct sock *sk);
+ void (*saved_destroy)(struct sock *sk);
void (*saved_close)(struct sock *sk, long timeout);
void (*saved_write_space)(struct sock *sk);
struct proto *sk_proto;
diff --git a/net/core/skmsg.c b/net/core/skmsg.c
index 622d93d56953..925863fab5bd 100644
--- a/net/core/skmsg.c
+++ b/net/core/skmsg.c
@@ -616,6 +616,7 @@ struct sk_psock *sk_psock_init(struct sock *sk, int node)
psock->eval = __SK_NONE;
psock->sk_proto = prot;
psock->saved_unhash = prot->unhash;
+ psock->saved_destroy = prot->destroy;
psock->saved_close = prot->close;
psock->saved_write_space = sk->sk_write_space;
diff --git a/net/core/sock_map.c b/net/core/sock_map.c
index 28e518da4bcb..85df06298c98 100644
--- a/net/core/sock_map.c
+++ b/net/core/sock_map.c
@@ -1560,6 +1560,29 @@ void sock_map_unhash(struct sock *sk)
saved_unhash(sk);
}
+void sock_map_destroy(struct sock *sk)
+{
+ void (*saved_destroy)(struct sock *sk);
+ struct sk_psock *psock;
+
+ rcu_read_lock();
+ psock = sk_psock_get(sk);
+ if (unlikely(!psock)) {
+ rcu_read_unlock();
+ if (sk->sk_prot->destroy)
+ sk->sk_prot->destroy(sk);
+ return;
+ }
+
+ saved_destroy = psock->saved_destroy;
+ sock_map_remove_links(sk, psock);
+ rcu_read_unlock();
+ sk_psock_stop(psock, true);
+ sk_psock_put(sk, psock);
+ saved_destroy(sk);
+}
+EXPORT_SYMBOL_GPL(sock_map_destroy);
+
void sock_map_close(struct sock *sk, long timeout)
{
void (*saved_close)(struct sock *sk, long timeout);
diff --git a/net/ipv4/tcp_bpf.c b/net/ipv4/tcp_bpf.c
index afeaf35194de..1a8f129fb309 100644
--- a/net/ipv4/tcp_bpf.c
+++ b/net/ipv4/tcp_bpf.c
@@ -577,6 +577,7 @@ static void tcp_bpf_rebuild_protos(struct proto prot[TCP_BPF_NUM_CFGS],
struct proto *base)
{
prot[TCP_BPF_BASE] = *base;
+ prot[TCP_BPF_BASE].destroy = sock_map_destroy;
prot[TCP_BPF_BASE].close = sock_map_close;
prot[TCP_BPF_BASE].recvmsg = tcp_bpf_recvmsg;
prot[TCP_BPF_BASE].stream_memory_read = tcp_bpf_stream_read;
--
2.25.1
1
7
14 Feb '23
From: Rodrigo Branco <bsdaemon(a)google.com>
stable inclusion
from stable-v4.19.270
commit 940ede60d74d2fc7291b96cb38072d705333c8e0
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6CU98
CVE: CVE-2023-0045
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=…
--------------------------------
commit a664ec9158eeddd75121d39c9a0758016097fa96 upstream.
We missed the window between the TIF flag update and the next reschedule.
Signed-off-by: Rodrigo Branco <bsdaemon(a)google.com>
Reviewed-by: Borislav Petkov (AMD) <bp(a)alien8.de>
Signed-off-by: Ingo Molnar <mingo(a)kernel.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Yuyao Lin <linyuyao1(a)huawei.com>
Reviewed-by: Wei Li <liwei391(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
arch/x86/kernel/cpu/bugs.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 3ba948bbd77d..d4d114d62e2e 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1547,6 +1547,8 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl)
if (ctrl == PR_SPEC_FORCE_DISABLE)
task_set_spec_ib_force_disable(task);
task_update_spec_tif(task);
+ if (task == current)
+ indirect_branch_prediction_barrier();
break;
default:
return -ERANGE;
--
2.25.1
1
1
driver inclusion
category:feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I6DRLU
CVE: NA
When using the old PCI_FUNC method to obtain the vf id, if the number
of vf big than 8, the obtained id number will be wrong, and the new
method needs to be used to correct it.
Signed-off-by: Longfang Liu <liulongfang(a)huawei.com>
Signed-off-by: JiangShui Yang <yangjiangshui(a)h-partners.com>
---
.../hisilicon/migration/acc_vf_migration.c | 17 ++++++++++--
.../hisilicon/migration/acc_vf_migration.h | 26 +++++++++++++++++++
2 files changed, 41 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/hisilicon/migration/acc_vf_migration.c b/drivers/crypto/hisilicon/migration/acc_vf_migration.c
index 920f19916fea..7c5fc4eb02ac 100644
--- a/drivers/crypto/hisilicon/migration/acc_vf_migration.c
+++ b/drivers/crypto/hisilicon/migration/acc_vf_migration.c
@@ -1610,6 +1610,19 @@ static int acc_vf_dev_init(struct pci_dev *pdev, struct hisi_qm *pf_qm,
return -ENOMEM;
}
+static int hisi_acc_get_vf_id(struct pci_dev *dev)
+{
+ struct pci_dev *pf;
+
+ if (!dev->is_virtfn)
+ return -EINVAL;
+
+ pf = pci_physfn(dev);
+ return (((dev->bus->number << 8) + dev->devfn) -
+ ((pf->bus->number << 8) + pf->devfn + pf->sriov->offset)) /
+ pf->sriov->stride;
+}
+
static void *acc_vf_probe(struct pci_dev *pdev)
{
struct acc_vf_migration *acc_vf_dev;
@@ -1635,7 +1648,7 @@ static void *acc_vf_probe(struct pci_dev *pdev)
return ERR_PTR(-EINVAL);
}
- vf_id = PCI_FUNC(vf_dev->devfn);
+ vf_id = hisi_acc_get_vf_id(vf_dev);
if (vf_id < 0) {
dev_info(&pdev->dev, "vf device: %s, vf id: %d\n",
pf_qm->dev_name, vf_id);
@@ -1652,7 +1665,7 @@ static void *acc_vf_probe(struct pci_dev *pdev)
return ERR_PTR(-ENOMEM);
}
- acc_vf_dev->vf_id = vf_id;
+ acc_vf_dev->vf_id = vf_id + 1;
acc_vf_dev->vf_vendor = pdev->vendor;
acc_vf_dev->vf_device = pdev->device;
acc_vf_dev->pf_dev = pf_dev;
diff --git a/drivers/crypto/hisilicon/migration/acc_vf_migration.h b/drivers/crypto/hisilicon/migration/acc_vf_migration.h
index 2f459eecb8f0..8b38b9943d35 100644
--- a/drivers/crypto/hisilicon/migration/acc_vf_migration.h
+++ b/drivers/crypto/hisilicon/migration/acc_vf_migration.h
@@ -215,6 +215,32 @@ struct acc_vf_region_ops {
struct vfio_info_cap *caps);
};
+/* Single Root I/O Virtualization */
+struct pci_sriov {
+ int pos; /* Capability position */
+ int nres; /* Number of resources */
+ u32 cap; /* SR-IOV Capabilities */
+ u16 ctrl; /* SR-IOV Control */
+ u16 total_VFs; /* Total VFs associated with the PF */
+ u16 initial_VFs; /* Initial VFs associated with the PF */
+ u16 num_VFs; /* Number of VFs available */
+ u16 offset; /* First VF Routing ID offset */
+ u16 stride; /* Following VF stride */
+ u16 vf_device; /* VF device ID */
+ u32 pgsz; /* Page size for BAR alignment */
+ u8 link; /* Function Dependency Link */
+ u8 max_VF_buses; /* Max buses consumed by VFs */
+ u16 driver_max_VFs; /* Max num VFs driver supports */
+ struct pci_dev *dev; /* Lowest numbered PF */
+ struct pci_dev *self; /* This PF */
+ u32 class; /* VF device */
+ u8 hdr_type; /* VF header type */
+ u16 subsystem_vendor; /* VF subsystem vendor */
+ u16 subsystem_device; /* VF subsystem device */
+ resource_size_t barsz[PCI_SRIOV_NUM_BARS]; /* VF BAR size */
+ bool drivers_autoprobe; /* Auto probing of VFs by driver */
+};
+
struct acc_vf_region {
u32 type;
u32 subtype;
--
2.33.0
1
0
您好!
sig-Intel-Arch SIG 邀请您参加 2023-02-21 10:00 召开的Zoom会议
会议主题:Intel Arch SIG 例会
会议内容:
1. Intel几个复杂特性的支持计划
2. QEMU和kernel选型对未来lntel平台支持
和release安排讨论
3. openEuler在SPR上的用户诉求和反馈
会议链接:https://us06web.zoom.us/j/87058792984?pwd=UFlzSzA4OHNyMEIvRkpCdWFwdEdRQT09
会议纪要:https://etherpad.openeuler.org/p/sig-Intel-Arch-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler sig-Intel-Arch SIG invites you to attend the Zoom conference will be held at 2023-02-21 10:00,
The subject of the conference is Intel Arch SIG 例会,
Summary:
1. Intel几个复杂特性的支持计划
2. QEMU和kernel选型对未来lntel平台支持
和release安排讨论
3. openEuler在SPR上的用户诉求和反馈
You can join the meeting at https://us06web.zoom.us/j/87058792984?pwd=UFlzSzA4OHNyMEIvRkpCdWFwdEdRQT09.
Add topics at https://etherpad.openeuler.org/p/sig-Intel-Arch-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
Sorry! The Zoom meeting will be held at 2023-02-20 10:00 scheduled by openEuler sig-Intel-Arch SIG has been cancelled.
1
0
您好!
sig-Intel-Arch SIG 邀请您参加 2023-02-20 10:00 召开的Zoom会议
会议主题:Intel Arch SIG 例会
会议内容:
1. Intel几个复杂特性的支持计划
2. QEMU和kernel选型对未来lntel平台支持
和release安排讨论
3. openEuler在SPR上的用户诉求和反馈
会议链接:https://us06web.zoom.us/j/87427026722?pwd=eE9lQXBNck9KS0kzek9Da2VYV2VRdz09
会议纪要:https://etherpad.openeuler.org/p/sig-Intel-Arch-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler sig-Intel-Arch SIG invites you to attend the Zoom conference will be held at 2023-02-20 10:00,
The subject of the conference is Intel Arch SIG 例会,
Summary:
1. Intel几个复杂特性的支持计划
2. QEMU和kernel选型对未来lntel平台支持
和release安排讨论
3. openEuler在SPR上的用户诉求和反馈
You can join the meeting at https://us06web.zoom.us/j/87427026722?pwd=eE9lQXBNck9KS0kzek9Da2VYV2VRdz09.
Add topics at https://etherpad.openeuler.org/p/sig-Intel-Arch-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
[PATCH openEuler-1.0-LTS] media: vivid: fix compose size exceed boundary
by Yongqiang Liu 13 Feb '23
by Yongqiang Liu 13 Feb '23
13 Feb '23
From: Liu Shixin <liushixin2(a)huawei.com>
stable inclusion
from stable-v4.19.270
commit 9c7fba9503b826f0c061d136f8f0c9f953ed18b9
category: bugfix
bugzilla: https://gitee.com/src-openeuler/risc-v-kernel/issues/I6CIGU
CVE: CVE-2023-0615
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit 94a7ad9283464b75b12516c5512541d467cefcf8 ]
syzkaller found a bug:
BUG: unable to handle page fault for address: ffffc9000a3b1000
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 100000067 P4D 100000067 PUD 10015f067 PMD 1121ca067 PTE 0
Oops: 0002 [#1] PREEMPT SMP
CPU: 0 PID: 23489 Comm: vivid-000-vid-c Not tainted 6.1.0-rc1+ #512
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:memcpy_erms+0x6/0x10
[...]
Call Trace:
<TASK>
? tpg_fill_plane_buffer+0x856/0x15b0
vivid_fillbuff+0x8ac/0x1110
vivid_thread_vid_cap_tick+0x361/0xc90
vivid_thread_vid_cap+0x21a/0x3a0
kthread+0x143/0x180
ret_from_fork+0x1f/0x30
</TASK>
This is because we forget to check boundary after adjust compose->height
int V4L2_SEL_TGT_CROP case. Add v4l2_rect_map_inside() to fix this problem
for this case.
Fixes: ef834f7836ec ("[media] vivid: add the video capture and output parts")
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Longlong Xia <xialonglong1(a)huawei.com>
Reviewed-by: Nanyong Sun <sunnanyong(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/media/platform/vivid/vivid-vid-cap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/platform/vivid/vivid-vid-cap.c b/drivers/media/platform/vivid/vivid-vid-cap.c
index c58ae489f39c..9eaac497ec34 100644
--- a/drivers/media/platform/vivid/vivid-vid-cap.c
+++ b/drivers/media/platform/vivid/vivid-vid-cap.c
@@ -915,6 +915,7 @@ int vivid_vid_cap_s_selection(struct file *file, void *fh, struct v4l2_selection
if (dev->has_compose_cap) {
v4l2_rect_set_min_size(compose, &min_rect);
v4l2_rect_set_max_size(compose, &max_rect);
+ v4l2_rect_map_inside(compose, &fmt);
}
dev->fmt_cap_rect = fmt;
tpg_s_buf_height(&dev->tpg, fmt.height);
--
2.25.1
1
0
[PATCH openEuler-5.10-LTS-SP1 01/87] NFSD: Fix verifier returned in stable WRITEs
by Jialin Zhang 13 Feb '23
by Jialin Zhang 13 Feb '23
13 Feb '23
From: Chuck Lever <chuck.lever(a)oracle.com>
stable inclusion
from stable-v5.10.143
commit d3d885507b52b28f54770a42d650251876d433a3
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6D0U6
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit f11ad7aa653130b71e2e89bed207f387718216d5 upstream.
RFC 8881 explains the purpose of the write verifier this way:
> The final portion of the result is the field writeverf. This field
> is the write verifier and is a cookie that the client can use to
> determine whether a server has changed instance state (e.g., server
> restart) between a call to WRITE and a subsequent call to either
> WRITE or COMMIT.
But then it says:
> This cookie MUST be unchanged during a single instance of the
> NFSv4.1 server and MUST be unique between instances of the NFSv4.1
> server. If the cookie changes, then the client MUST assume that
> any data written with an UNSTABLE4 value for committed and an old
> writeverf in the reply has been lost and will need to be
> recovered.
RFC 1813 has similar language for NFSv3. NFSv2 does not have a write
verifier since it doesn't implement the COMMIT procedure.
Since commit 19e0663ff9bc ("nfsd: Ensure sampling of the write
verifier is atomic with the write"), the Linux NFS server has
returned a boot-time-based verifier for UNSTABLE WRITEs, but a zero
verifier for FILE_SYNC and DATA_SYNC WRITEs. FILE_SYNC and DATA_SYNC
WRITEs are not followed up with a COMMIT, so there's no need for
clients to compare verifiers for stable writes.
However, by returning a different verifier for stable and unstable
writes, the above commit puts the Linux NFS server a step farther
out of compliance with the first MUST above. At least one NFS client
(FreeBSD) noticed the difference, making this a potential
regression.
[Removed down_write to fix the conflict in the cherry-pick. The
down_write functionality was no longer needed there. Upstream commit
555dbf1a9aac6d3150c8b52fa35f768a692f4eeb titled nfsd: Replace use of
rwsem with errseq_t removed those and replace it with new functionality
that was more scalable. This commit is already backported onto 5.10 and
so removing down_write ensures consistency with that change. Tested by
compiling and booting successfully. - kochera]
Reported-by: Rick Macklem <rmacklem(a)uoguelph.ca>
Link: https://lore.kernel.org/linux-nfs/YQXPR0101MB096857EEACF04A6DF1FC6D9BDD749@…
Fixes: 19e0663ff9bc ("nfsd: Ensure sampling of the write verifier is atomic with the write")
Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com>
Signed-off-by: Michael Kochera <kochera(a)google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
Reviewed-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
fs/nfsd/vfs.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index c852bb5ff212..a4ae1fcd2ab1 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -1014,6 +1014,10 @@ nfsd_vfs_write(struct svc_rqst *rqstp, struct svc_fh *fhp, struct nfsd_file *nf,
iov_iter_kvec(&iter, WRITE, vec, vlen, *cnt);
since = READ_ONCE(file->f_wb_err);
if (flags & RWF_SYNC) {
+ if (verf)
+ nfsd_copy_boot_verifier(verf,
+ net_generic(SVC_NET(rqstp),
+ nfsd_net_id));
host_err = vfs_iter_write(file, &iter, &pos, flags);
if (host_err < 0)
nfsd_reset_boot_verifier(net_generic(SVC_NET(rqstp),
--
2.25.1
1
86
您好!
Kernel SIG 邀请您参加 2023-02-10 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG双周例会
会议内容:
欢迎您参加年后第一次Kernel SIG 双周例会:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以直接回复邮件,或录入会议看板)
会议链接:https://us06web.zoom.us/j/89146789515?pwd=NVN5RmdCSFh2Y1g4SXUwK2NCRnFEZz09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2023-02-10 14:00,
The subject of the conference is openEuler Kernel SIG双周例会,
Summary:
欢迎您参加年后第一次Kernel SIG 双周例会:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以直接回复邮件,或录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/89146789515?pwd=NVN5RmdCSFh2Y1g4SXUwK2NCRnFEZz09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
4
3
[PATCH openEuler-5.10-LTS 1/5] crypto: hisilicon/qm - add functions for releasing resources
by Zheng Zengkai 09 Feb '23
by Zheng Zengkai 09 Feb '23
09 Feb '23
From: Weili Qian <qianweili(a)huawei.com>
mainline inclusion
from mainline-v6.0-rc1
commit bf081d6fa8e9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I6DRLU
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
----------------------------------------------------------------------
The resources allocated by hisi_qm_memory_init() are released by
hisi_qm_uninit(). Add hisi_qm_memory_uninit() to release resources,
no functional change.
conficts:
drivers/crypto/hisilicon/qm.c
Signed-off-by: Weili Qian <qianweili(a)huawei.com>
Signed-off-by: JiangShui Yang <yangjiangshui(a)h-partners.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
---
drivers/crypto/hisilicon/qm.c | 30 +++++++++++++++++-------------
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c
index 57de083e8967..ef09e45bdc3e 100644
--- a/drivers/crypto/hisilicon/qm.c
+++ b/drivers/crypto/hisilicon/qm.c
@@ -3480,6 +3480,21 @@ static void hisi_qm_pci_uninit(struct hisi_qm *qm)
pci_disable_device(pdev);
}
+static void hisi_qm_memory_uninit(struct hisi_qm *qm)
+{
+ struct device *dev = &qm->pdev->dev;
+
+ hisi_qp_memory_uninit(qm, qm->qp_num);
+ if (qm->qdma.va) {
+ hisi_qm_cache_wb(qm);
+ dma_free_coherent(dev, qm->qdma.size,
+ qm->qdma.va, qm->qdma.dma);
+ }
+
+ idr_destroy(&qm->qp_idr);
+ kfree(qm->factor);
+}
+
/**
* hisi_qm_uninit() - Uninitialize qm.
* @qm: The qm needed uninit.
@@ -3488,26 +3503,15 @@ static void hisi_qm_pci_uninit(struct hisi_qm *qm)
*/
void hisi_qm_uninit(struct hisi_qm *qm)
{
- struct pci_dev *pdev = qm->pdev;
- struct device *dev = &pdev->dev;
-
qm_cmd_uninit(qm);
- kfree(qm->factor);
- down_write(&qm->qps_lock);
+ down_write(&qm->qps_lock);
if (!qm_avail_state(qm, QM_CLOSE)) {
up_write(&qm->qps_lock);
return;
}
- hisi_qp_memory_uninit(qm, qm->qp_num);
- idr_destroy(&qm->qp_idr);
-
- if (qm->qdma.va) {
- hisi_qm_cache_wb(qm);
- dma_free_coherent(dev, qm->qdma.size,
- qm->qdma.va, qm->qdma.dma);
- }
+ hisi_qm_memory_uninit(qm);
up_write(&qm->qps_lock);
hisi_qm_set_state(qm, VF_NOT_READY);
--
2.20.1
1
4
Chen Zhongjin (1):
perf: Fix possible memleak in pmu_dev_alloc()
Christian Brauner (1):
pnode: terminate at peers of source
Chuck Lever (1):
SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
Dan Carpenter (2):
bonding: uninitialized variable in bond_miimon_inspect()
ipmi: fix use after free in _ipmi_destroy_user()
Enzo Matsumiya (1):
cifs: do not include page data when checking signature
Eric Dumazet (1):
net: stream: purge sk_error_queue in sk_stream_kill_queues()
Greg Kroah-Hartman (1):
prlimit: do_prlimit needs to have a speculation check
Huaxin Lu (1):
ima: Fix a potential NULL pointer access in
ima_restore_measurement_list
Isaac J. Manjarres (1):
driver core: Fix bus_type.match() error handling in __driver_attach()
Jakub Kicinski (2):
bpf: pull before calling skb_postpull_rcsum()
net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
Jan Kara (2):
mbcache: automatically delete entries from cache on freeing
ext4: fix deadlock due to mbcache entry corruption
Jann Horn (2):
mm/khugepaged: fix GUP-fast interaction by sending IPI
mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
Jiamei Xie (1):
serial: amba-pl011: avoid SBSA UART accessing DMACR register
Jiang Li (1):
md/raid1: stop mdx_raid1 thread when raid1 array run failed
Li Zetao (1):
ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
Mark Rutland (1):
arm64: cmpxchg_double*: hazard against entire exchange variable
Michael S. Tsirkin (1):
PCI: Fix pci_device_is_present() for VFs by checking PF
Mikulas Patocka (1):
md: fix a crash in mempool_free
Paolo Abeni (1):
net/ulp: prevent ULP without clone op from entering the LISTEN status
Rafael J. Wysocki (1):
ACPICA: Fix error code path in acpi_ds_call_control_method()
Sascha Hauer (1):
PCI/sysfs: Fix double free in error path
Schspa Shi (1):
mrp: introduce active flags to prevent UAF when applicant uninit
Stanislav Fomichev (1):
bpf: make sure skb->len != 0 when redirecting to a tunneling device
Stephen Boyd (1):
pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
Subash Abhinov Kasiviswanathan (1):
skbuff: Account for tail adjustment during pull operations
Ulf Hansson (1):
cpuidle: dt: Return the correct numbers of parsed idle states
Volker Lendecke (1):
cifs: Fix uninitialized memory read for smb311 posix symlink create
Wang ShaoBo (1):
SUNRPC: Fix missing release socket in rpc_sockname()
Wang Weiyang (1):
device_cgroup: Roll back to original exceptions after copy failure
Wang Yufen (2):
pstore/ram: Fix error return code in ramoops_probe()
binfmt: Fix error return code in load_elf_fdpic_binary()
Xiu Jianfeng (1):
ima: Fix misuse of dereference of pointer in
template_desc_init_fields()
Yang Jihong (1):
blktrace: Fix output non-blktrace event when blk_classic option
enabled
Yang Shi (1):
mm: gup: fix the fast GUP race against THP collapse
Yang Yingliang (2):
class: fix possible memory leak in __class_register()
chardev: fix error handling in cdev_device_add()
Ye Bin (1):
blk-mq: fix possible memleak when register 'hctx' failed
Yuan Can (1):
perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init()
Zhang Tianci (1):
ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
Zhang Yiqun (1):
crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
Zhang Yuchen (2):
ipmi: fix memleak when unload ipmi driver
ipmi: fix long wait in unload when IPMI disconnect
ZhangPeng (1):
pinctrl: pinconf-generic: add missing of_node_put()
delisun (1):
serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
minoura makoto (1):
SUNRPC: ensure the matching upcall is in-flight upon downcall
arch/arm64/include/asm/atomic_ll_sc.h | 2 +-
arch/arm64/include/asm/atomic_lse.h | 2 +-
block/blk-mq-sysfs.c | 11 ++-
crypto/tcrypt.c | 9 --
drivers/acpi/acpica/dsmethod.c | 10 ++-
drivers/acpi/acpica/utcopy.c | 7 --
drivers/base/class.c | 5 ++
drivers/base/dd.c | 8 +-
drivers/char/ipmi/ipmi_msghandler.c | 12 ++-
drivers/char/ipmi/ipmi_si_intf.c | 27 ++++--
drivers/cpuidle/dt_idle_states.c | 2 +-
drivers/md/md.c | 9 +-
drivers/md/raid1.c | 1 +
drivers/net/bonding/bond_main.c | 2 +-
drivers/pci/pci-sysfs.c | 13 ++-
drivers/pci/pci.c | 2 +
drivers/perf/arm_dsu_pmu.c | 6 +-
drivers/pinctrl/pinconf-generic.c | 4 +-
drivers/tty/serial/amba-pl011.c | 14 ++-
fs/binfmt_elf_fdpic.c | 5 +-
fs/char_dev.c | 2 +-
fs/cifs/link.c | 1 +
fs/cifs/smb2pdu.c | 15 ++--
fs/ext4/xattr.c | 4 +-
fs/mbcache.c | 118 ++++++++++----------------
fs/overlayfs/dir.c | 46 ++++++----
fs/pnode.c | 2 +-
fs/pstore/ram.c | 2 +
fs/pstore/ram_core.c | 6 +-
include/asm-generic/tlb.h | 6 ++
include/linux/mbcache.h | 33 ++++---
include/linux/sunrpc/rpc_pipe_fs.h | 5 ++
include/net/mrp.h | 1 +
kernel/events/core.c | 8 +-
kernel/sys.c | 2 +
kernel/trace/blktrace.c | 3 +-
mm/gup.c | 34 ++++++--
mm/khugepaged.c | 34 ++++++--
mm/memory.c | 1 +
mm/mmu_gather.c | 5 ++
net/802/mrp.c | 18 ++--
net/core/filter.c | 11 ++-
net/core/skbuff.c | 3 +
net/core/stream.c | 7 +-
net/ipv4/inet_connection_sock.c | 16 +++-
net/sunrpc/auth_gss/auth_gss.c | 19 ++++-
net/sunrpc/auth_gss/svcauth_gss.c | 4 +-
net/sunrpc/clnt.c | 2 +-
security/device_cgroup.c | 33 ++++++-
security/integrity/ima/ima_template.c | 9 +-
50 files changed, 406 insertions(+), 195 deletions(-)
--
2.25.1
1
49
Ard Biesheuvel (1):
crypto: tcrypt - avoid signed overflow in byte count
Guenter Roeck (1):
lib/list_debug.c: Detect uninitialized lists
Guoqing Jiang (1):
md: protect md_unregister_thread from reentrancy
Konstantin Khlebnikov (1):
sched/rt: Optimize checking group RT scheduler constraints
Sean Christopherson (1):
hugetlbfs: fix off-by-one error in hugetlb_vmdelete_list()
crypto/tcrypt.c | 20 ++++++++++----------
drivers/md/md.c | 15 ++++++++++-----
fs/hugetlbfs/inode.c | 7 ++++---
kernel/sched/rt.c | 24 +++++++++++-------------
lib/list_debug.c | 12 ++++++++++--
5 files changed, 45 insertions(+), 33 deletions(-)
--
2.25.1
1
5
[PATCH openEuler-1.0-LTS] mm: sharepool: fix hugepage_rsvd count increase error
by Yongqiang Liu 09 Feb '23
by Yongqiang Liu 09 Feb '23
09 Feb '23
From: Guo Mengqi <guomengqi3(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I5RO2H
CVE: NA
--------------------------------
When nr_hugepages is configured, sharepool allocates hugepages first
from hugetlb pool, then from buddy system if the pool had been used up.
Current page release function treat the buddy system hugepages as
hugetlb pages, which caused HugePages_Rsvd to increase improperly.
Add a check in page release function:
if the page is temporary, do not call hugetlb_unreserve_pages.
Signed-off-by: Guo Mengqi <guomengqi3(a)huawei.com>
Reviewed-by: Weilong Chen <chenweilong(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
fs/hugetlbfs/inode.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c
index f29d6d2fb052..d70c8aaf5acc 100644
--- a/fs/hugetlbfs/inode.c
+++ b/fs/hugetlbfs/inode.c
@@ -448,6 +448,14 @@ hugetlb_vmdelete_list(struct rb_root_cached *root, pgoff_t start, pgoff_t end)
}
}
+static inline bool PageHugeTemporary(struct page *page)
+{
+ if (!PageHuge(page))
+ return false;
+
+ return (unsigned long)page[2].mapping == -1U;
+}
+
/*
* remove_inode_hugepages handles two distinct cases: truncation and hole
* punch. There are subtle differences in operation for each case.
@@ -532,11 +540,17 @@ static void remove_inode_hugepages(struct inode *inode, loff_t lstart,
*/
VM_BUG_ON(PagePrivate(page));
remove_huge_page(page);
- freed++;
- if (!truncate_op) {
- if (unlikely(hugetlb_unreserve_pages(inode,
+ /*
+ * if the page is from buddy system, do not add to freed.
+ * because freed is used for hugetlbfs reservation accounting.
+ */
+ if (!PageHugeTemporary(page)) {
+ freed++;
+ if (!truncate_op) {
+ if (unlikely(hugetlb_unreserve_pages(inode,
index, index + 1, 1)))
hugetlb_fix_reserve_counts(inode);
+ }
}
unlock_page(page);
--
2.25.1
1
0
[PATCH openEuler-5.10-LTS 1/5] crypto: hisilicon/qm - add functions for releasing resources
by Zheng Zengkai 09 Feb '23
by Zheng Zengkai 09 Feb '23
09 Feb '23
From: Weili Qian <qianweili(a)huawei.com>
mainline inclusion
from mainline-v6.0-rc1
commit bf081d6fa8e9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I6DRLU
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
----------------------------------------------------------------------
The resources allocated by hisi_qm_memory_init() are released by
hisi_qm_uninit(). Add hisi_qm_memory_uninit() to release resources,
no functional change.
conficts:
drivers/crypto/hisilicon/qm.c
Signed-off-by: Weili Qian <qianweili(a)huawei.com>
Signed-off-by: JiangShui Yang <yangjiangshui(a)h-partners.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
---
drivers/crypto/hisilicon/qm.c | 30 +++++++++++++++++-------------
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c
index 57de083e8967..ef09e45bdc3e 100644
--- a/drivers/crypto/hisilicon/qm.c
+++ b/drivers/crypto/hisilicon/qm.c
@@ -3480,6 +3480,21 @@ static void hisi_qm_pci_uninit(struct hisi_qm *qm)
pci_disable_device(pdev);
}
+static void hisi_qm_memory_uninit(struct hisi_qm *qm)
+{
+ struct device *dev = &qm->pdev->dev;
+
+ hisi_qp_memory_uninit(qm, qm->qp_num);
+ if (qm->qdma.va) {
+ hisi_qm_cache_wb(qm);
+ dma_free_coherent(dev, qm->qdma.size,
+ qm->qdma.va, qm->qdma.dma);
+ }
+
+ idr_destroy(&qm->qp_idr);
+ kfree(qm->factor);
+}
+
/**
* hisi_qm_uninit() - Uninitialize qm.
* @qm: The qm needed uninit.
@@ -3488,26 +3503,15 @@ static void hisi_qm_pci_uninit(struct hisi_qm *qm)
*/
void hisi_qm_uninit(struct hisi_qm *qm)
{
- struct pci_dev *pdev = qm->pdev;
- struct device *dev = &pdev->dev;
-
qm_cmd_uninit(qm);
- kfree(qm->factor);
- down_write(&qm->qps_lock);
+ down_write(&qm->qps_lock);
if (!qm_avail_state(qm, QM_CLOSE)) {
up_write(&qm->qps_lock);
return;
}
- hisi_qp_memory_uninit(qm, qm->qp_num);
- idr_destroy(&qm->qp_idr);
-
- if (qm->qdma.va) {
- hisi_qm_cache_wb(qm);
- dma_free_coherent(dev, qm->qdma.size,
- qm->qdma.va, qm->qdma.dma);
- }
+ hisi_qm_memory_uninit(qm);
up_write(&qm->qps_lock);
hisi_qm_set_state(qm, VF_NOT_READY);
--
2.20.1
1
4
[PATCH openEuler-1.0-LTS 1/3] irqchip/gic-v3-its: introduce CONFIG_GENERIC_PENDING_IRQ
by Yongqiang Liu 09 Feb '23
by Yongqiang Liu 09 Feb '23
09 Feb '23
From: Yipeng Zou <zouyipeng(a)huawei.com>
hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I6BO2R
CVE: NA
--------------------------------
Now, There is some issues about LPI migration on ARM SMP platform.
For example, NIC device generates MSI and sends LPI to CPU0 via ITS,
meanwhile irqbalance running on CPU1 set irq affinty of NIC to CPU1,
the next interrupt will be sent to CPU2, due to the state of irq is
still in progress, kernel does not end up performing irq handler on
CPU2, which results in some userland service timeouts, the sequence
of events is shown as follows:
NIC CPU0 CPU1
Generate IRQ#1 READ_IAR
Lock irq_desc
Set IRQD_IN_PROGRESS
Unlock irq_desc
Lock irq_desc
Change LPI Affinity
Unlock irq_desc
Call irq_handler
Generate IRQ#2
READ_IAR
Lock irq_desc
Check IRQD_IN_PROGRESS
Unlock irq_desc
Return from interrupt#2
Lock irq_desc
Clear IRQD_IN_PROGRESS
Unlock irq_desc
return from interrupt#1
For this scenario, We can enable CONFIG_GENERIC_PENDING_IRQ to avoid this.
The CONFIG_GENERIC_PENDING_IRQ will delay all action that modify LPI
affinity until the next interrupt eoi handler.
Signed-off-by: Yipeng Zou <zouyipeng(a)huawei.com>
Reviewed-by: Liao Chang <liaochang1(a)huawei.com>
Reviewed-by: Zhang Jianhua <chris.zjh(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/irqchip/irq-gic-v3-its.c | 8 +++++++-
kernel/irq/Kconfig | 4 +++-
kernel/irq/migration.c | 2 ++
3 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c
index 15a0292e8e61..7a0adf67761e 100644
--- a/drivers/irqchip/irq-gic-v3-its.c
+++ b/drivers/irqchip/irq-gic-v3-its.c
@@ -1162,6 +1162,12 @@ static void its_unmask_irq(struct irq_data *d)
lpi_update_config(d, 0, LPI_PROP_ENABLED);
}
+static void its_irq_chip_eoi(struct irq_data *d)
+{
+ irq_move_irq(d);
+ irq_chip_eoi_parent(d);
+}
+
static int its_set_affinity(struct irq_data *d, const struct cpumask *mask_val,
bool force)
{
@@ -1485,7 +1491,7 @@ static struct irq_chip its_irq_chip = {
.name = "ITS",
.irq_mask = its_mask_irq,
.irq_unmask = its_unmask_irq,
- .irq_eoi = irq_chip_eoi_parent,
+ .irq_eoi = its_irq_chip_eoi,
.irq_set_affinity = its_set_affinity,
.irq_compose_msi_msg = its_irq_compose_msi_msg,
.irq_set_irqchip_state = its_irq_set_irqchip_state,
diff --git a/kernel/irq/Kconfig b/kernel/irq/Kconfig
index 14a85d0161ea..eebbced84e44 100644
--- a/kernel/irq/Kconfig
+++ b/kernel/irq/Kconfig
@@ -32,7 +32,9 @@ config GENERIC_IRQ_LEGACY_ALLOC_HWIRQ
# Support for delayed migration from interrupt context
config GENERIC_PENDING_IRQ
- bool
+ bool "Support for delayed migration from interrupt context"
+ depends on SMP
+ default n
# Support for generic irq migrating off cpu before the cpu is offline.
config GENERIC_IRQ_MIGRATION
diff --git a/kernel/irq/migration.c b/kernel/irq/migration.c
index def48589ea48..bcb61ee69c20 100644
--- a/kernel/irq/migration.c
+++ b/kernel/irq/migration.c
@@ -117,3 +117,5 @@ void __irq_move_irq(struct irq_data *idata)
if (!masked)
idata->chip->irq_unmask(idata);
}
+
+void __weak irq_force_complete_move(struct irq_desc *desc) { }
--
2.25.1
1
2
[PATCH openEuler-1.0-LTS 1/3] jbd2: Fix data missing when reusing bh which is ready to be checkpointed
by Yongqiang Liu 09 Feb '23
by Yongqiang Liu 09 Feb '23
09 Feb '23
From: Zhihao Cheng <chengzhihao1(a)huawei.com>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6C5HV
CVE: NA
Reference: https://lore.kernel.org/lkml/20230110015327.1181863-1-chengzhihao1@huawei.c…
--------------------------------
Following process will make data lost and could lead to a filesystem
corrupted problem:
1. jh(bh) is inserted into T1->t_checkpoint_list, bh is dirty, and
jh->b_transaction = NULL
2. T1 is added into journal->j_checkpoint_transactions.
3. Get bh prepare to write while doing checkpoing:
PA PB
do_get_write_access jbd2_log_do_checkpoint
spin_lock(&jh->b_state_lock)
if (buffer_dirty(bh))
clear_buffer_dirty(bh) // clear buffer dirty
set_buffer_jbddirty(bh)
transaction =
journal->j_checkpoint_transactions
jh = transaction->t_checkpoint_list
if (!buffer_dirty(bh))
__jbd2_journal_remove_checkpoint(jh)
// bh won't be flushed
jbd2_cleanup_journal_tail
__jbd2_journal_file_buffer(jh, transaction, BJ_Reserved)
4. Aborting journal/Power-cut before writing latest bh on journal area.
In this way we get a corrupted filesystem with bh's data lost.
Fix it by moving the clearing of buffer_dirty bit just before the call
to __jbd2_journal_file_buffer(), both bit clearing and jh->b_transaction
assignment are under journal->j_list_lock locked, so that
jbd2_log_do_checkpoint() will wait until jh's new transaction fininshed
even bh is currently not dirty. And journal_shrink_one_cp_list() won't
remove jh from checkpoint list if the buffer head is reused in
do_get_write_access().
Fetch a reproducer in [Link].
Link: https://bugzilla.kernel.org/show_bug.cgi?id=216898
Cc: <stable(a)kernel.org>
Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com>
Signed-off-by: zhanchengbin <zhanchengbin1(a)huawei.com>
Suggested-by: Jan Kara <jack(a)suse.cz>
Conflicts:
fs/jbd2/transaction.c
[ 464170647b5648bb8("jbd2: Make state lock a spinlock") is not
applied. ]
Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com>
Reviewed-by: Yang Erkun <yangerkun(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
fs/jbd2/transaction.c | 50 +++++++++++++++++++++++++------------------
1 file changed, 29 insertions(+), 21 deletions(-)
diff --git a/fs/jbd2/transaction.c b/fs/jbd2/transaction.c
index 3b31bd1f7b77..149190c2ac89 100644
--- a/fs/jbd2/transaction.c
+++ b/fs/jbd2/transaction.c
@@ -935,36 +935,28 @@ do_get_write_access(handle_t *handle, struct journal_head *jh,
* ie. locked but not dirty) or tune2fs (which may actually have
* the buffer dirtied, ugh.) */
- if (buffer_dirty(bh)) {
+ if (buffer_dirty(bh) && jh->b_transaction) {
+ warn_dirty_buffer(bh);
/*
- * First question: is this buffer already part of the current
- * transaction or the existing committing transaction?
- */
- if (jh->b_transaction) {
- J_ASSERT_JH(jh,
- jh->b_transaction == transaction ||
- jh->b_transaction ==
- journal->j_committing_transaction);
- if (jh->b_next_transaction)
- J_ASSERT_JH(jh, jh->b_next_transaction ==
- transaction);
- warn_dirty_buffer(bh);
- }
- /*
- * In any case we need to clean the dirty flag and we must
- * do it under the buffer lock to be sure we don't race
- * with running write-out.
+ * We need to clean the dirty flag and we must do it under the
+ * buffer lock to be sure we don't race with running write-out.
*/
JBUFFER_TRACE(jh, "Journalling dirty buffer");
clear_buffer_dirty(bh);
+ /*
+ * The buffer is going to be added to BJ_Reserved list now and
+ * nothing guarantees jbd2_journal_dirty_metadata() will be
+ * ever called for it. So we need to set jbddirty bit here to
+ * make sure the buffer is dirtied and written out when the
+ * journaling machinery is done with it.
+ */
set_buffer_jbddirty(bh);
}
- unlock_buffer(bh);
-
error = -EROFS;
if (is_handle_aborted(handle)) {
jbd_unlock_bh_state(bh);
+ unlock_buffer(bh);
goto out;
}
error = 0;
@@ -974,8 +966,10 @@ do_get_write_access(handle_t *handle, struct journal_head *jh,
* b_next_transaction points to it
*/
if (jh->b_transaction == transaction ||
- jh->b_next_transaction == transaction)
+ jh->b_next_transaction == transaction) {
+ unlock_buffer(bh);
goto done;
+ }
/*
* this is the first time this transaction is touching this buffer,
@@ -999,10 +993,24 @@ do_get_write_access(handle_t *handle, struct journal_head *jh,
*/
smp_wmb();
spin_lock(&journal->j_list_lock);
+ if (test_clear_buffer_dirty(bh)) {
+ /*
+ * Execute buffer dirty clearing and jh->b_transaction
+ * assignment under journal->j_list_lock locked to
+ * prevent bh being removed from checkpoint list if
+ * the buffer is in an intermediate state (not dirty
+ * and jh->b_transaction is NULL).
+ */
+ JBUFFER_TRACE(jh, "Journalling dirty buffer");
+ set_buffer_jbddirty(bh);
+ }
__jbd2_journal_file_buffer(jh, transaction, BJ_Reserved);
spin_unlock(&journal->j_list_lock);
+ unlock_buffer(bh);
goto done;
}
+ unlock_buffer(bh);
+
/*
* If there is already a copy-out version of this buffer, then we don't
* need to make another one
--
2.25.1
1
2
[PATCH openEuler-1.0-LTS] x86/unwind: Fix orc entry for paravirt {save,restore}_fl
by Yongqiang Liu 08 Feb '23
by Yongqiang Liu 08 Feb '23
08 Feb '23
From: Chen Zhongjin <chenzhongjin(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 187818, https://gitee.com/openeuler/kernel/issues/I6DK3O
CVE: NA
--------------------------------
When CONFIG_PARAVIRT is enabled, the code of {save,restore}_fl is
defined as:
ff 14 25 00 00 00 00 callq *0x0
which will be patched to call the xen paravirt function, or native
implementation, in 'paravirt_patch_64.c':
pushfq; popq %rax // for native_save_fl
pushq %rdi; popfq // for native_restore_fl
The orc metadata is generated with insn 'callq', so it can become
inconsistent with the real insn 'push;pop'.
This makes stacktrace on the 'pop' insn fail and incorrect stacktrace
result can be returned.
To prevent reliable stacktrace broken, check the insns when unwind
pt_regs stack frame:
When there are 'push;pop' combination and both insns don't change orc
entry, it means the stack state is inconsistent with orc on pop.
Add one slot to sp_offset for on original orc entry to get the correct
orc entry.
Signed-off-by: Chen Zhongjin <chenzhongjin(a)huawei.com>
Reviewed-by: Xu Kuohai <xukuohai(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
arch/x86/kernel/unwind_orc.c | 43 ++++++++++++++++++++++++++++++++++++
1 file changed, 43 insertions(+)
diff --git a/arch/x86/kernel/unwind_orc.c b/arch/x86/kernel/unwind_orc.c
index 0402bc0b5851..ec4a14e4f639 100644
--- a/arch/x86/kernel/unwind_orc.c
+++ b/arch/x86/kernel/unwind_orc.c
@@ -138,6 +138,34 @@ static struct orc_entry null_orc_entry = {
.type = ORC_TYPE_CALL
};
+#ifdef CONFIG_PARAVIRT
+static bool check_paravirt(struct unwind_state *state, struct orc_entry *orc)
+{
+ u8 *ip = (u8 *)state->ip;
+
+ /*
+ * In paravirt_patch_64.c, patched paravirt opcode should be:
+ * pushfq; popq %rax // 0x9c 0x58
+ * pushq %rdi; popfq // 0x57 0x9d
+ *
+ * Error unwinding only happens when:
+ * 1. In irq or preempt context.
+ * 2. Current insn is popq, and it doesn't change orc.
+ * 3. Last insn doesn't change orc, checking it first to
+ * promise ip - 1 is valid.
+ * 4. Last byte fits pushf.
+ */
+ if (state->regs && orc->type == ORC_TYPE_CALL &&
+ (ip[0] == 0x58 || ip[0] == 0x9d) &&
+ orc == orc_find((unsigned long)(ip + 1)) &&
+ orc == orc_find((unsigned long)(ip - 1)) &&
+ (ip[-1] == 0x9c || ip[-1] == 0x57))
+ return true;
+
+ return false;
+}
+#endif
+
static struct orc_entry *orc_find(unsigned long ip)
{
static struct orc_entry *orc;
@@ -415,6 +443,9 @@ bool unwind_next_frame(struct unwind_state *state)
enum stack_type prev_type = state->stack_info.type;
struct orc_entry *orc;
bool indirect = false;
+#ifdef CONFIG_PARAVIRT
+ struct orc_entry para_orc;
+#endif
if (unwind_done(state))
return false;
@@ -436,6 +467,18 @@ bool unwind_next_frame(struct unwind_state *state)
if (!orc)
goto err;
+#ifdef CONFIG_PARAVIRT
+ /*
+ * When hitting paravirt POP insn, the orc entry should add
+ * one slot for PUSH insn.
+ */
+ if (!state->error && check_paravirt(state, orc)) {
+ para_orc = *orc;
+ para_orc.sp_offset += sizeof(long);
+ orc = ¶_orc;
+ }
+#endif
+
/* End-of-stack check for kernel threads: */
if (orc->sp_reg == ORC_REG_UNDEFINED) {
if (!orc->end)
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS 1/2] drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
by Yongqiang Liu 07 Feb '23
by Yongqiang Liu 07 Feb '23
07 Feb '23
From: Zheng Wang <zyytlz.wz(a)163.com>
mainline inclusion
from mainline-v6.2-rc3
commit 4a61648af68f5ba4884f0e3b494ee1cabc4b6620
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5XXFF
CVE: CVE-2022-3707
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
If intel_gvt_dma_map_guest_page failed, it will call
ppgtt_invalidate_spt, which will finally free the spt.
But the caller function ppgtt_populate_spt_by_guest_entry
does not notice that, it will free spt again in its error
path.
Fix this by canceling the mapping of DMA address and freeing sub_spt.
Besides, leave the handle of spt destroy to caller function instead
of callee function when error occurs.
Fixes: b901b252b6cf ("drm/i915/gvt: Add 2M huge gtt support")
Signed-off-by: Zheng Wang <zyytlz.wz(a)163.com>
Reviewed-by: Zhenyu Wang <zhenyuw(a)linux.intel.com>
Signed-off-by: Zhenyu Wang <zhenyuw(a)linux.intel.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20221229165641.1192455-1-zyytl…
conflicts:
drivers/gpu/drm/i915/gvt/gtt.c
Signed-off-by: Wang ShaoBo <bobo.shaobowang(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Wei Li <liwei391(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/gpu/drm/i915/gvt/gtt.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/drivers/gpu/drm/i915/gvt/gtt.c b/drivers/gpu/drm/i915/gvt/gtt.c
index 40b32b4d1d98..afbc648befec 100644
--- a/drivers/gpu/drm/i915/gvt/gtt.c
+++ b/drivers/gpu/drm/i915/gvt/gtt.c
@@ -1155,10 +1155,8 @@ static int split_2MB_gtt_entry(struct intel_vgpu *vgpu,
for_each_shadow_entry(sub_spt, &sub_se, sub_index) {
ret = intel_gvt_hypervisor_dma_map_guest_page(vgpu,
start_gfn + sub_index, PAGE_SIZE, &dma_addr);
- if (ret) {
- ppgtt_invalidate_spt(spt);
- return ret;
- }
+ if (ret)
+ goto err;
sub_se.val64 = se->val64;
/* Copy the PAT field from PDE. */
@@ -1177,6 +1175,17 @@ static int split_2MB_gtt_entry(struct intel_vgpu *vgpu,
ops->set_pfn(se, sub_spt->shadow_page.mfn);
ppgtt_set_shadow_entry(spt, se, index);
return 0;
+err:
+ /* Cancel the existing addess mappings of DMA addr. */
+ for_each_present_shadow_entry(sub_spt, &sub_se, sub_index) {
+ gvt_vdbg_mm("invalidate 4K entry\n");
+ ppgtt_invalidate_pte(sub_spt, &sub_se);
+ }
+ /* Release the new allocated spt. */
+ trace_spt_change(sub_spt->vgpu->id, "release", sub_spt,
+ sub_spt->guest_page.gfn, sub_spt->shadow_page.type);
+ ppgtt_free_spt(sub_spt);
+ return ret;
}
static int split_64KB_gtt_entry(struct intel_vgpu *vgpu,
--
2.25.1
1
1
07 Feb '23
From: Dave Chinner <dchinner(a)redhat.com>
mainline inclusion
from mainline-v5.19-rc1
commit c230a4a85bcdbfc1a7415deec6caf04e8fca1301
category: bugfix
bugzilla: 187372, https://gitee.com/openeuler/kernel/issues/I5K0OM
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
Ever since we added shadown format buffers to the log items, log
items need to handle the item being released with shadow buffers
attached. Due to the fact this requirement was added at the same
time we added new rmap/reflink intents, we missed the cleanup of
those items.
In theory, this means shadow buffers can be leaked in a very small
window when a shutdown is initiated. Testing with KASAN shows this
leak does not happen in practice - we haven't identified a single
leak in several years of shutdown testing since ~v4.8 kernels.
However, the intent whiteout cleanup mechanism results in every
cancelled intent in exactly the same state as this tiny race window
creates and so if intents down clean up shadow buffers on final
release we will leak the shadow buffer for just about every intent
we create.
Hence we start with this patch to close this condition off and
ensure that when whiteouts start to be used we don't leak lots of
memory.
Signed-off-by: Dave Chinner <dchinner(a)redhat.com>
Reviewed-by: Darrick J. Wong <djwong(a)kernel.org>
Reviewed-by: Allison Henderson <allison.henderson(a)oracle.com>
Signed-off-by: Dave Chinner <david(a)fromorbit.com>
conflicts:
fs/xfs/xfs_bmap_item.c
fs/xfs/xfs_icreate_item.c
fs/xfs/xfs_refcount_item.c
fs/xfs/xfs_rmap_item.c
Signed-off-by: Li Nan <linan122(a)huawei.com>
Reviewed-by: Yang Erkun <yangerkun(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
fs/xfs/xfs_bmap_item.c | 2 ++
fs/xfs/xfs_icreate_item.c | 1 +
fs/xfs/xfs_refcount_item.c | 2 ++
fs/xfs/xfs_rmap_item.c | 2 ++
4 files changed, 7 insertions(+)
diff --git a/fs/xfs/xfs_bmap_item.c b/fs/xfs/xfs_bmap_item.c
index 44ec0f2d5253..e6de8081451f 100644
--- a/fs/xfs/xfs_bmap_item.c
+++ b/fs/xfs/xfs_bmap_item.c
@@ -40,6 +40,7 @@ STATIC void
xfs_bui_item_free(
struct xfs_bui_log_item *buip)
{
+ kmem_free(buip->bui_item.li_lv_shadow);
kmem_cache_free(xfs_bui_zone, buip);
}
@@ -199,6 +200,7 @@ xfs_bud_item_release(
struct xfs_bud_log_item *budp = BUD_ITEM(lip);
xfs_bui_release(budp->bud_buip);
+ kmem_free(budp->bud_item.li_lv_shadow);
kmem_cache_free(xfs_bud_zone, budp);
}
diff --git a/fs/xfs/xfs_icreate_item.c b/fs/xfs/xfs_icreate_item.c
index 9b3994b9c716..aa8c7c261d24 100644
--- a/fs/xfs/xfs_icreate_item.c
+++ b/fs/xfs/xfs_icreate_item.c
@@ -63,6 +63,7 @@ STATIC void
xfs_icreate_item_release(
struct xfs_log_item *lip)
{
+ kmem_free(ICR_ITEM(lip)->ic_item.li_lv_shadow);
kmem_cache_free(xfs_icreate_zone, ICR_ITEM(lip));
}
diff --git a/fs/xfs/xfs_refcount_item.c b/fs/xfs/xfs_refcount_item.c
index 0dee316283a9..9f4ff45c7a93 100644
--- a/fs/xfs/xfs_refcount_item.c
+++ b/fs/xfs/xfs_refcount_item.c
@@ -35,6 +35,7 @@ STATIC void
xfs_cui_item_free(
struct xfs_cui_log_item *cuip)
{
+ kmem_free(cuip->cui_item.li_lv_shadow);
if (cuip->cui_format.cui_nextents > XFS_CUI_MAX_FAST_EXTENTS)
kmem_free(cuip);
else
@@ -204,6 +205,7 @@ xfs_cud_item_release(
struct xfs_cud_log_item *cudp = CUD_ITEM(lip);
xfs_cui_release(cudp->cud_cuip);
+ kmem_free(cudp->cud_item.li_lv_shadow);
kmem_cache_free(xfs_cud_zone, cudp);
}
diff --git a/fs/xfs/xfs_rmap_item.c b/fs/xfs/xfs_rmap_item.c
index 20905953fe76..b5447ac7cb9b 100644
--- a/fs/xfs/xfs_rmap_item.c
+++ b/fs/xfs/xfs_rmap_item.c
@@ -35,6 +35,7 @@ STATIC void
xfs_rui_item_free(
struct xfs_rui_log_item *ruip)
{
+ kmem_free(ruip->rui_item.li_lv_shadow);
if (ruip->rui_format.rui_nextents > XFS_RUI_MAX_FAST_EXTENTS)
kmem_free(ruip);
else
@@ -227,6 +228,7 @@ xfs_rud_item_release(
struct xfs_rud_log_item *rudp = RUD_ITEM(lip);
xfs_rui_release(rudp->rud_ruip);
+ kmem_free(rudp->rud_item.li_lv_shadow);
kmem_cache_free(xfs_rud_zone, rudp);
}
--
2.25.1
1
9
07 Feb '23
From: Dave Chinner <dchinner(a)redhat.com>
mainline inclusion
from mainline-v5.19-rc1
commit c230a4a85bcdbfc1a7415deec6caf04e8fca1301
category: bugfix
bugzilla: 187372, https://gitee.com/openeuler/kernel/issues/I5K0OM
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
Ever since we added shadown format buffers to the log items, log
items need to handle the item being released with shadow buffers
attached. Due to the fact this requirement was added at the same
time we added new rmap/reflink intents, we missed the cleanup of
those items.
In theory, this means shadow buffers can be leaked in a very small
window when a shutdown is initiated. Testing with KASAN shows this
leak does not happen in practice - we haven't identified a single
leak in several years of shutdown testing since ~v4.8 kernels.
However, the intent whiteout cleanup mechanism results in every
cancelled intent in exactly the same state as this tiny race window
creates and so if intents down clean up shadow buffers on final
release we will leak the shadow buffer for just about every intent
we create.
Hence we start with this patch to close this condition off and
ensure that when whiteouts start to be used we don't leak lots of
memory.
Signed-off-by: Dave Chinner <dchinner(a)redhat.com>
Reviewed-by: Darrick J. Wong <djwong(a)kernel.org>
Reviewed-by: Allison Henderson <allison.henderson(a)oracle.com>
Signed-off-by: Dave Chinner <david(a)fromorbit.com>
conflicts:
fs/xfs/xfs_bmap_item.c
fs/xfs/xfs_icreate_item.c
fs/xfs/xfs_refcount_item.c
fs/xfs/xfs_rmap_item.c
Signed-off-by: Li Nan <linan122(a)huawei.com>
Reviewed-by: Yang Erkun <yangerkun(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
fs/xfs/xfs_bmap_item.c | 2 ++
fs/xfs/xfs_icreate_item.c | 1 +
fs/xfs/xfs_refcount_item.c | 2 ++
fs/xfs/xfs_rmap_item.c | 2 ++
4 files changed, 7 insertions(+)
diff --git a/fs/xfs/xfs_bmap_item.c b/fs/xfs/xfs_bmap_item.c
index 44ec0f2d5253..e6de8081451f 100644
--- a/fs/xfs/xfs_bmap_item.c
+++ b/fs/xfs/xfs_bmap_item.c
@@ -40,6 +40,7 @@ STATIC void
xfs_bui_item_free(
struct xfs_bui_log_item *buip)
{
+ kmem_free(buip->bui_item.li_lv_shadow);
kmem_cache_free(xfs_bui_zone, buip);
}
@@ -199,6 +200,7 @@ xfs_bud_item_release(
struct xfs_bud_log_item *budp = BUD_ITEM(lip);
xfs_bui_release(budp->bud_buip);
+ kmem_free(budp->bud_item.li_lv_shadow);
kmem_cache_free(xfs_bud_zone, budp);
}
diff --git a/fs/xfs/xfs_icreate_item.c b/fs/xfs/xfs_icreate_item.c
index 9b3994b9c716..aa8c7c261d24 100644
--- a/fs/xfs/xfs_icreate_item.c
+++ b/fs/xfs/xfs_icreate_item.c
@@ -63,6 +63,7 @@ STATIC void
xfs_icreate_item_release(
struct xfs_log_item *lip)
{
+ kmem_free(ICR_ITEM(lip)->ic_item.li_lv_shadow);
kmem_cache_free(xfs_icreate_zone, ICR_ITEM(lip));
}
diff --git a/fs/xfs/xfs_refcount_item.c b/fs/xfs/xfs_refcount_item.c
index 0dee316283a9..9f4ff45c7a93 100644
--- a/fs/xfs/xfs_refcount_item.c
+++ b/fs/xfs/xfs_refcount_item.c
@@ -35,6 +35,7 @@ STATIC void
xfs_cui_item_free(
struct xfs_cui_log_item *cuip)
{
+ kmem_free(cuip->cui_item.li_lv_shadow);
if (cuip->cui_format.cui_nextents > XFS_CUI_MAX_FAST_EXTENTS)
kmem_free(cuip);
else
@@ -204,6 +205,7 @@ xfs_cud_item_release(
struct xfs_cud_log_item *cudp = CUD_ITEM(lip);
xfs_cui_release(cudp->cud_cuip);
+ kmem_free(cudp->cud_item.li_lv_shadow);
kmem_cache_free(xfs_cud_zone, cudp);
}
diff --git a/fs/xfs/xfs_rmap_item.c b/fs/xfs/xfs_rmap_item.c
index 20905953fe76..b5447ac7cb9b 100644
--- a/fs/xfs/xfs_rmap_item.c
+++ b/fs/xfs/xfs_rmap_item.c
@@ -35,6 +35,7 @@ STATIC void
xfs_rui_item_free(
struct xfs_rui_log_item *ruip)
{
+ kmem_free(ruip->rui_item.li_lv_shadow);
if (ruip->rui_format.rui_nextents > XFS_RUI_MAX_FAST_EXTENTS)
kmem_free(ruip);
else
@@ -227,6 +228,7 @@ xfs_rud_item_release(
struct xfs_rud_log_item *rudp = RUD_ITEM(lip);
xfs_rui_release(rudp->rud_ruip);
+ kmem_free(rudp->rud_item.li_lv_shadow);
kmem_cache_free(xfs_rud_zone, rudp);
}
--
2.25.1
1
19
[PATCH openEuler-5.10-LTS-SP1 01/74] drm/msm/dsi: fix the inconsistent indenting
by Jialin Zhang 07 Feb '23
by Jialin Zhang 07 Feb '23
07 Feb '23
From: sunliming <sunliming(a)kylinos.cn>
stable inclusion
from stable-v5.10.142
commit 631fbefd877721d15c4f525cc71e851e0e588c8e
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6CSFH
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit 2f25a1fb4ec516c5ad67afd754334b491b9f09a5 ]
Fix the inconsistent indenting in function msm_dsi_dphy_timing_calc_v3().
Fix the following smatch warnings:
drivers/gpu/drm/msm/dsi/phy/dsi_phy.c:350 msm_dsi_dphy_timing_calc_v3() warn: inconsistent indenting
Fixes: f1fa7ff44056 ("drm/msm/dsi: implement auto PHY timing calculator for 10nm PHY")
Reported-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: sunliming <sunliming(a)kylinos.cn>
Reviewed-by: Abhinav Kumar <quic_abhinavk(a)quicinc.com>
Patchwork: https://patchwork.freedesktop.org/patch/494662/
Link: https://lore.kernel.org/r/20220719015622.646718-1-sunliming@kylinos.cn
Signed-off-by: Abhinav Kumar <quic_abhinavk(a)quicinc.com>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
Reviewed-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c b/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c
index e07986ab52c2..2e0be85ec394 100644
--- a/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c
+++ b/drivers/gpu/drm/msm/dsi/phy/dsi_phy.c
@@ -345,7 +345,7 @@ int msm_dsi_dphy_timing_calc_v3(struct msm_dsi_dphy_timing *timing,
} else {
timing->shared_timings.clk_pre =
linear_inter(tmax, tmin, pcnt2, 0, false);
- timing->shared_timings.clk_pre_inc_by_2 = 0;
+ timing->shared_timings.clk_pre_inc_by_2 = 0;
}
timing->ta_go = 3;
--
2.25.1
1
73
[PATCH openEuler-1.0-LTS 1/2] block: don't allow a disk link holder to itself
by Yongqiang Liu 07 Feb '23
by Yongqiang Liu 07 Feb '23
07 Feb '23
From: Yu Kuai <yukuai3(a)huawei.com>
mainline inclusion
from mainline-v6.2-rc1
commit 077a4033541fc96fb0a955985aab7d1f353da831
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6B4N7
CVE: NA
--------------------------------
After creating a dm device, then user can reload such dm with itself,
and dead loop will be triggered because dm keep looking up to itself.
Test procedures:
1) dmsetup create test --table "xxx sda", assume dm-0 is created
2) dmsetup suspend test
3) dmsetup reload test --table "xxx dm-0"
4) dmsetup resume test
Test result:
BUG: TASK stack guard page was hit at 00000000736a261f (stack is 000000008d12c88d..00000000c8dd82d5)
stack guard page: 0000 [#1] PREEMPT SMP
CPU: 29 PID: 946 Comm: systemd-udevd Not tainted 6.1.0-rc3-next-20221101-00006-g17640ca3b0ee #1295
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014
RIP: 0010:dm_prepare_ioctl+0xf/0x1e0
Code: da 48 83 05 4a 7c 99 0b 01 41 89 c4 eb cd e8 b8 1f 40 00 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 57 48 83 05 a1 5a 99 0b 01 <41> 56 49 89 d6 41 55 4c 8d af 90 02 00 00 9
RSP: 0018:ffffc90002090000 EFLAGS: 00010206
RAX: ffff8881049d6800 RBX: ffff88817e589000 RCX: 0000000000000000
RDX: ffffc90002090010 RSI: ffffc9000209001c RDI: ffff88817e589000
RBP: 00000000484a101d R08: 0000000000000000 R09: 0000000000000007
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000005331
R13: 0000000000005331 R14: 0000000000000000 R15: 0000000000000000
FS: 00007fddf9609200(0000) GS:ffff889fbfd40000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9000208fff8 CR3: 0000000179043000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
dm_blk_ioctl+0x50/0x1c0
? dm_prepare_ioctl+0xe0/0x1e0
dm_blk_ioctl+0x88/0x1c0
dm_blk_ioctl+0x88/0x1c0
......(a lot of same lines)
dm_blk_ioctl+0x88/0x1c0
dm_blk_ioctl+0x88/0x1c0
blkdev_ioctl+0x184/0x3e0
__x64_sys_ioctl+0xa3/0x110
do_syscall_64+0x35/0x80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fddf7306577
Code: b3 66 90 48 8b 05 11 89 2c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 88 8
RSP: 002b:00007ffd0b2ec318 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00005634ef478320 RCX: 00007fddf7306577
RDX: 0000000000000000 RSI: 0000000000005331 RDI: 0000000000000007
RBP: 0000000000000007 R08: 00005634ef4843e0 R09: 0000000000000080
R10: 00007fddf75cfb38 R11: 0000000000000246 R12: 00000000030d4000
R13: 0000000000000000 R14: 0000000000000000 R15: 00005634ef48b800
</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:dm_prepare_ioctl+0xf/0x1e0
Code: da 48 83 05 4a 7c 99 0b 01 41 89 c4 eb cd e8 b8 1f 40 00 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 57 48 83 05 a1 5a 99 0b 01 <41> 56 49 89 d6 41 55 4c 8d af 90 02 00 00 9
RSP: 0018:ffffc90002090000 EFLAGS: 00010206
RAX: ffff8881049d6800 RBX: ffff88817e589000 RCX: 0000000000000000
RDX: ffffc90002090010 RSI: ffffc9000209001c RDI: ffff88817e589000
RBP: 00000000484a101d R08: 0000000000000000 R09: 0000000000000007
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000005331
R13: 0000000000005331 R14: 0000000000000000 R15: 0000000000000000
FS: 00007fddf9609200(0000) GS:ffff889fbfd40000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9000208fff8 CR3: 0000000179043000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Kernel panic - not syncing: Fatal exception in interrupt
Kernel Offset: disabled
---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
Fix the problem by forbidding a disk to create link to itself.
Signed-off-by: Yu Kuai <yukuai3(a)huawei.com>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Link: https://lore.kernel.org/r/20221115141054.1051801-11-yukuai1@huaweicloud.com
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
Signed-off-by: Li Lingfeng <lilingfeng3(a)huawei.com>
Reviewed-by: Yang Erkun <yangerkun(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
fs/block_dev.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/block_dev.c b/fs/block_dev.c
index 2680092c022d..6ba91b97753f 100644
--- a/fs/block_dev.c
+++ b/fs/block_dev.c
@@ -1305,6 +1305,8 @@ int bd_link_disk_holder(struct block_device *bdev, struct gendisk *disk)
struct bd_holder_disk *holder;
int ret = 0;
+ if (bdev->bd_disk == disk)
+ return -EINVAL;
/*
* bdev could be deleted beneath us which would implicitly destroy
* the holder directory. Hold on to it.
--
2.25.1
1
1
[PATCH openEuler-1.0-LTS 1/3] ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
by Yongqiang Liu 06 Feb '23
by Yongqiang Liu 06 Feb '23
06 Feb '23
From: Herbert Xu <herbert(a)gondor.apana.org.au>
stable inclusion
from stable-v4.19.270
commit f487d636e49bc1fdfbd8105bc1ab159164e2d8bd
category: bugfix
bugzilla: 188291, https://gitee.com/src-openeuler/kernel/issues/I6B1V2
CVE: CVE-2023-0394
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=…
--------------------------------
commit cb3e9864cdbe35ff6378966660edbcbac955fe17 upstream.
The total cork length created by ip6_append_data includes extension
headers, so we must exclude them when comparing them against the
IPV6_CHECKSUM offset which does not include extension headers.
Reported-by: Kyle Zeng <zengyhkyle(a)gmail.com>
Fixes: 357b40a18b04 ("[IPV6]: IPV6_CHECKSUM socket option can corrupt kernel memory")
Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Lu Wei <luwei32(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/ipv6/raw.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index 412d4f60a408..8ce6414edd88 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -543,6 +543,7 @@ static int rawv6_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
static int rawv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
struct raw6_sock *rp)
{
+ struct ipv6_txoptions *opt;
struct sk_buff *skb;
int err = 0;
int offset;
@@ -560,6 +561,9 @@ static int rawv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
offset = rp->offset;
total_len = inet_sk(sk)->cork.base.length;
+ opt = inet6_sk(sk)->cork.opt;
+ total_len -= opt ? opt->opt_flen : 0;
+
if (offset >= total_len - 1) {
err = -EINVAL;
ip6_flush_pending_frames(sk);
--
2.25.1
1
2
[openEuler-5.10 1/4] SUNRPC: Clean up the handling of page padding in rpc_prepare_reply_pages()
by Zheng Zengkai 06 Feb '23
by Zheng Zengkai 06 Feb '23
06 Feb '23
From: Trond Myklebust <trond.myklebust(a)hammerspace.com>
mainline inclusion
from mainline-v5.11-rc1
commit 9ed5af268e88f6e5b65376be98d652b37cb20d7b
bugzilla: https://gitee.com/openeuler/kernel/issues/I6D0MJ
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
rpc_prepare_reply_pages() currently expects the 'hdrsize' argument to
contain the length of the data that we expect to want placed in the head
kvec plus a count of 1 word of padding that is placed after the page data.
This is very confusing when trying to read the code, and sometimes leads
to callers adding an arbitrary value of '1' just in order to satisfy the
requirement (whether or not the page data actually needs such padding).
This patch aims to clarify the code by changing the 'hdrsize' argument
to remove that 1 word of padding. This means we need to subtract the
padding from all the existing callers.
Fixes: 02ef04e432ba ("NFS: Account for XDR pad of buf->pages")
Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
fs/nfs/nfs2xdr.c | 19 ++++++++++---------
fs/nfs/nfs3xdr.c | 29 ++++++++++++++++-------------
fs/nfs/nfs4xdr.c | 36 +++++++++++++++++++-----------------
net/sunrpc/clnt.c | 5 +----
net/sunrpc/xdr.c | 3 ---
5 files changed, 46 insertions(+), 46 deletions(-)
diff --git a/fs/nfs/nfs2xdr.c b/fs/nfs/nfs2xdr.c
index 5e6453e9b307..3d5ba43f44bb 100644
--- a/fs/nfs/nfs2xdr.c
+++ b/fs/nfs/nfs2xdr.c
@@ -34,6 +34,7 @@
* Declare the space requirements for NFS arguments and replies as
* number of 32bit-words
*/
+#define NFS_pagepad_sz (1) /* Page padding */
#define NFS_fhandle_sz (8)
#define NFS_sattr_sz (8)
#define NFS_filename_sz (1+(NFS2_MAXNAMLEN>>2))
@@ -56,11 +57,11 @@
#define NFS_attrstat_sz (1+NFS_fattr_sz)
#define NFS_diropres_sz (1+NFS_fhandle_sz+NFS_fattr_sz)
-#define NFS_readlinkres_sz (2+1)
-#define NFS_readres_sz (1+NFS_fattr_sz+1+1)
+#define NFS_readlinkres_sz (2+NFS_pagepad_sz)
+#define NFS_readres_sz (1+NFS_fattr_sz+1+NFS_pagepad_sz)
#define NFS_writeres_sz (NFS_attrstat_sz)
#define NFS_stat_sz (1)
-#define NFS_readdirres_sz (1+1)
+#define NFS_readdirres_sz (1+NFS_pagepad_sz)
#define NFS_statfsres_sz (1+NFS_info_sz)
static int nfs_stat_to_errno(enum nfs_stat);
@@ -592,8 +593,8 @@ static void nfs2_xdr_enc_readlinkargs(struct rpc_rqst *req,
const struct nfs_readlinkargs *args = data;
encode_fhandle(xdr, args->fh);
- rpc_prepare_reply_pages(req, args->pages, args->pgbase,
- args->pglen, NFS_readlinkres_sz);
+ rpc_prepare_reply_pages(req, args->pages, args->pgbase, args->pglen,
+ NFS_readlinkres_sz - NFS_pagepad_sz);
}
/*
@@ -628,8 +629,8 @@ static void nfs2_xdr_enc_readargs(struct rpc_rqst *req,
const struct nfs_pgio_args *args = data;
encode_readargs(xdr, args);
- rpc_prepare_reply_pages(req, args->pages, args->pgbase,
- args->count, NFS_readres_sz);
+ rpc_prepare_reply_pages(req, args->pages, args->pgbase, args->count,
+ NFS_readres_sz - NFS_pagepad_sz);
req->rq_rcv_buf.flags |= XDRBUF_READ;
}
@@ -786,8 +787,8 @@ static void nfs2_xdr_enc_readdirargs(struct rpc_rqst *req,
const struct nfs_readdirargs *args = data;
encode_readdirargs(xdr, args);
- rpc_prepare_reply_pages(req, args->pages, 0,
- args->count, NFS_readdirres_sz);
+ rpc_prepare_reply_pages(req, args->pages, 0, args->count,
+ NFS_readdirres_sz - NFS_pagepad_sz);
}
/*
diff --git a/fs/nfs/nfs3xdr.c b/fs/nfs/nfs3xdr.c
index b5a9379b1450..2c0cad7c51d6 100644
--- a/fs/nfs/nfs3xdr.c
+++ b/fs/nfs/nfs3xdr.c
@@ -33,6 +33,7 @@
* Declare the space requirements for NFS arguments and replies as
* number of 32bit-words
*/
+#define NFS3_pagepad_sz (1) /* Page padding */
#define NFS3_fhandle_sz (1+16)
#define NFS3_fh_sz (NFS3_fhandle_sz) /* shorthand */
#define NFS3_post_op_fh_sz (1+NFS3_fh_sz)
@@ -70,13 +71,13 @@
#define NFS3_removeres_sz (NFS3_setattrres_sz)
#define NFS3_lookupres_sz (1+NFS3_fh_sz+(2 * NFS3_post_op_attr_sz))
#define NFS3_accessres_sz (1+NFS3_post_op_attr_sz+1)
-#define NFS3_readlinkres_sz (1+NFS3_post_op_attr_sz+1+1)
-#define NFS3_readres_sz (1+NFS3_post_op_attr_sz+3+1)
+#define NFS3_readlinkres_sz (1+NFS3_post_op_attr_sz+1+NFS3_pagepad_sz)
+#define NFS3_readres_sz (1+NFS3_post_op_attr_sz+3+NFS3_pagepad_sz)
#define NFS3_writeres_sz (1+NFS3_wcc_data_sz+4)
#define NFS3_createres_sz (1+NFS3_post_op_fh_sz+NFS3_post_op_attr_sz+NFS3_wcc_data_sz)
#define NFS3_renameres_sz (1+(2 * NFS3_wcc_data_sz))
#define NFS3_linkres_sz (1+NFS3_post_op_attr_sz+NFS3_wcc_data_sz)
-#define NFS3_readdirres_sz (1+NFS3_post_op_attr_sz+2+1)
+#define NFS3_readdirres_sz (1+NFS3_post_op_attr_sz+2+NFS3_pagepad_sz)
#define NFS3_fsstatres_sz (1+NFS3_post_op_attr_sz+13)
#define NFS3_fsinfores_sz (1+NFS3_post_op_attr_sz+12)
#define NFS3_pathconfres_sz (1+NFS3_post_op_attr_sz+6)
@@ -86,7 +87,8 @@
#define ACL3_setaclargs_sz (NFS3_fh_sz+1+ \
XDR_QUADLEN(NFS_ACL_INLINE_BUFSIZE))
#define ACL3_getaclres_sz (1+NFS3_post_op_attr_sz+1+ \
- XDR_QUADLEN(NFS_ACL_INLINE_BUFSIZE)+1)
+ XDR_QUADLEN(NFS_ACL_INLINE_BUFSIZE)+\
+ NFS3_pagepad_sz)
#define ACL3_setaclres_sz (1+NFS3_post_op_attr_sz)
static int nfs3_stat_to_errno(enum nfs_stat);
@@ -910,8 +912,8 @@ static void nfs3_xdr_enc_readlink3args(struct rpc_rqst *req,
const struct nfs3_readlinkargs *args = data;
encode_nfs_fh3(xdr, args->fh);
- rpc_prepare_reply_pages(req, args->pages, args->pgbase,
- args->pglen, NFS3_readlinkres_sz);
+ rpc_prepare_reply_pages(req, args->pages, args->pgbase, args->pglen,
+ NFS3_readlinkres_sz - NFS3_pagepad_sz);
}
/*
@@ -940,7 +942,8 @@ static void nfs3_xdr_enc_read3args(struct rpc_rqst *req,
const void *data)
{
const struct nfs_pgio_args *args = data;
- unsigned int replen = args->replen ? args->replen : NFS3_readres_sz;
+ unsigned int replen = args->replen ? args->replen :
+ NFS3_readres_sz - NFS3_pagepad_sz;
encode_read3args(xdr, args);
rpc_prepare_reply_pages(req, args->pages, args->pgbase,
@@ -1240,8 +1243,8 @@ static void nfs3_xdr_enc_readdir3args(struct rpc_rqst *req,
const struct nfs3_readdirargs *args = data;
encode_readdir3args(xdr, args);
- rpc_prepare_reply_pages(req, args->pages, 0,
- args->count, NFS3_readdirres_sz);
+ rpc_prepare_reply_pages(req, args->pages, 0, args->count,
+ NFS3_readdirres_sz - NFS3_pagepad_sz);
}
/*
@@ -1282,8 +1285,8 @@ static void nfs3_xdr_enc_readdirplus3args(struct rpc_rqst *req,
const struct nfs3_readdirargs *args = data;
encode_readdirplus3args(xdr, args);
- rpc_prepare_reply_pages(req, args->pages, 0,
- args->count, NFS3_readdirres_sz);
+ rpc_prepare_reply_pages(req, args->pages, 0, args->count,
+ NFS3_readdirres_sz - NFS3_pagepad_sz);
}
/*
@@ -1329,7 +1332,7 @@ static void nfs3_xdr_enc_getacl3args(struct rpc_rqst *req,
if (args->mask & (NFS_ACL | NFS_DFACL)) {
rpc_prepare_reply_pages(req, args->pages, 0,
NFSACL_MAXPAGES << PAGE_SHIFT,
- ACL3_getaclres_sz);
+ ACL3_getaclres_sz - NFS3_pagepad_sz);
req->rq_rcv_buf.flags |= XDRBUF_SPARSE_PAGES;
}
}
@@ -1649,7 +1652,7 @@ static int nfs3_xdr_dec_read3res(struct rpc_rqst *req, struct xdr_stream *xdr,
result->op_status = status;
if (status != NFS3_OK)
goto out_status;
- result->replen = 4 + ((xdr_stream_pos(xdr) - pos) >> 2);
+ result->replen = 3 + ((xdr_stream_pos(xdr) - pos) >> 2);
error = decode_read3resok(xdr, result);
out:
return error;
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index e2f0e3446e22..f64b28d5bc22 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -84,6 +84,7 @@ static int decode_layoutget(struct xdr_stream *xdr, struct rpc_rqst *req,
/* lock,open owner id:
* we currently use size 2 (u64) out of (NFS4_OPAQUE_LIMIT >> 2)
*/
+#define pagepad_maxsz (1)
#define open_owner_id_maxsz (1 + 2 + 1 + 1 + 2)
#define lock_owner_id_maxsz (1 + 1 + 4)
#define decode_lockowner_maxsz (1 + XDR_QUADLEN(IDMAP_NAMESZ))
@@ -215,14 +216,14 @@ static int decode_layoutget(struct xdr_stream *xdr, struct rpc_rqst *req,
nfs4_fattr_bitmap_maxsz)
#define encode_read_maxsz (op_encode_hdr_maxsz + \
encode_stateid_maxsz + 3)
-#define decode_read_maxsz (op_decode_hdr_maxsz + 2 + 1)
+#define decode_read_maxsz (op_decode_hdr_maxsz + 2 + pagepad_maxsz)
#define encode_readdir_maxsz (op_encode_hdr_maxsz + \
2 + encode_verifier_maxsz + 5 + \
nfs4_label_maxsz)
#define decode_readdir_maxsz (op_decode_hdr_maxsz + \
- decode_verifier_maxsz + 1)
+ decode_verifier_maxsz + pagepad_maxsz)
#define encode_readlink_maxsz (op_encode_hdr_maxsz)
-#define decode_readlink_maxsz (op_decode_hdr_maxsz + 1 + 1)
+#define decode_readlink_maxsz (op_decode_hdr_maxsz + 1 + pagepad_maxsz)
#define encode_write_maxsz (op_encode_hdr_maxsz + \
encode_stateid_maxsz + 4)
#define decode_write_maxsz (op_decode_hdr_maxsz + \
@@ -284,14 +285,14 @@ static int decode_layoutget(struct xdr_stream *xdr, struct rpc_rqst *req,
#define decode_delegreturn_maxsz (op_decode_hdr_maxsz)
#define encode_getacl_maxsz (encode_getattr_maxsz)
#define decode_getacl_maxsz (op_decode_hdr_maxsz + \
- nfs4_fattr_bitmap_maxsz + 1 + 1)
+ nfs4_fattr_bitmap_maxsz + 1 + pagepad_maxsz)
#define encode_setacl_maxsz (op_encode_hdr_maxsz + \
encode_stateid_maxsz + 3)
#define decode_setacl_maxsz (decode_setattr_maxsz)
#define encode_fs_locations_maxsz \
(encode_getattr_maxsz)
#define decode_fs_locations_maxsz \
- (1)
+ (pagepad_maxsz)
#define encode_secinfo_maxsz (op_encode_hdr_maxsz + nfs4_name_maxsz)
#define decode_secinfo_maxsz (op_decode_hdr_maxsz + 1 + ((NFS_MAX_SECFLAVORS * (16 + GSS_OID_MAX_LEN)) / 4))
@@ -393,12 +394,13 @@ static int decode_layoutget(struct xdr_stream *xdr, struct rpc_rqst *req,
/* devaddr4 payload is read into page */ \
1 /* notification bitmap length */ + \
1 /* notification bitmap, word 0 */ + \
- 1 /* possible XDR padding */)
+ pagepad_maxsz /* possible XDR padding */)
#define encode_layoutget_maxsz (op_encode_hdr_maxsz + 10 + \
encode_stateid_maxsz)
#define decode_layoutget_maxsz (op_decode_hdr_maxsz + 8 + \
decode_stateid_maxsz + \
- XDR_QUADLEN(PNFS_LAYOUT_MAXSIZE) + 1)
+ XDR_QUADLEN(PNFS_LAYOUT_MAXSIZE) + \
+ pagepad_maxsz)
#define encode_layoutcommit_maxsz (op_encode_hdr_maxsz + \
2 /* offset */ + \
2 /* length */ + \
@@ -2342,7 +2344,7 @@ static void nfs4_xdr_enc_open(struct rpc_rqst *req, struct xdr_stream *xdr,
encode_layoutget(xdr, args->lg_args, &hdr);
rpc_prepare_reply_pages(req, args->lg_args->layout.pages, 0,
args->lg_args->layout.pglen,
- hdr.replen);
+ hdr.replen - pagepad_maxsz);
}
encode_nops(&hdr);
}
@@ -2388,7 +2390,7 @@ static void nfs4_xdr_enc_open_noattr(struct rpc_rqst *req,
encode_layoutget(xdr, args->lg_args, &hdr);
rpc_prepare_reply_pages(req, args->lg_args->layout.pages, 0,
args->lg_args->layout.pglen,
- hdr.replen);
+ hdr.replen - pagepad_maxsz);
}
encode_nops(&hdr);
}
@@ -2499,7 +2501,7 @@ static void nfs4_xdr_enc_readlink(struct rpc_rqst *req, struct xdr_stream *xdr,
encode_readlink(xdr, args, req, &hdr);
rpc_prepare_reply_pages(req, args->pages, args->pgbase,
- args->pglen, hdr.replen);
+ args->pglen, hdr.replen - pagepad_maxsz);
encode_nops(&hdr);
}
@@ -2520,7 +2522,7 @@ static void nfs4_xdr_enc_readdir(struct rpc_rqst *req, struct xdr_stream *xdr,
encode_readdir(xdr, args, req, &hdr);
rpc_prepare_reply_pages(req, args->pages, args->pgbase,
- args->count, hdr.replen);
+ args->count, hdr.replen - pagepad_maxsz);
encode_nops(&hdr);
}
@@ -2541,7 +2543,7 @@ static void nfs4_xdr_enc_read(struct rpc_rqst *req, struct xdr_stream *xdr,
encode_read(xdr, args, &hdr);
rpc_prepare_reply_pages(req, args->pages, args->pgbase,
- args->count, hdr.replen);
+ args->count, hdr.replen - pagepad_maxsz);
req->rq_rcv_buf.flags |= XDRBUF_READ;
encode_nops(&hdr);
}
@@ -2588,7 +2590,7 @@ static void nfs4_xdr_enc_getacl(struct rpc_rqst *req, struct xdr_stream *xdr,
ARRAY_SIZE(nfs4_acl_bitmap), &hdr);
rpc_prepare_reply_pages(req, args->acl_pages, 0,
- args->acl_len, replen + 1);
+ args->acl_len, replen);
encode_nops(&hdr);
}
@@ -2810,7 +2812,7 @@ static void nfs4_xdr_enc_fs_locations(struct rpc_rqst *req,
}
rpc_prepare_reply_pages(req, (struct page **)&args->page, 0,
- PAGE_SIZE, replen + 1);
+ PAGE_SIZE, replen);
encode_nops(&hdr);
}
@@ -3014,14 +3016,14 @@ static void nfs4_xdr_enc_getdeviceinfo(struct rpc_rqst *req,
encode_compound_hdr(xdr, req, &hdr);
encode_sequence(xdr, &args->seq_args, &hdr);
- replen = hdr.replen + op_decode_hdr_maxsz;
+ replen = hdr.replen + op_decode_hdr_maxsz + 2;
encode_getdeviceinfo(xdr, args, &hdr);
/* set up reply kvec. device_addr4 opaque data is read into the
* pages */
rpc_prepare_reply_pages(req, args->pdev->pages, args->pdev->pgbase,
- args->pdev->pglen, replen + 2 + 1);
+ args->pdev->pglen, replen);
encode_nops(&hdr);
}
@@ -3043,7 +3045,7 @@ static void nfs4_xdr_enc_layoutget(struct rpc_rqst *req,
encode_layoutget(xdr, args, &hdr);
rpc_prepare_reply_pages(req, args->layout.pages, 0,
- args->layout.pglen, hdr.replen);
+ args->layout.pglen, hdr.replen - pagepad_maxsz);
encode_nops(&hdr);
}
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
index 78c6648af782..88a4dff14666 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -1251,10 +1251,7 @@ void rpc_prepare_reply_pages(struct rpc_rqst *req, struct page **pages,
unsigned int base, unsigned int len,
unsigned int hdrsize)
{
- /* Subtract one to force an extra word of buffer space for the
- * payload's XDR pad to fall into the rcv_buf's tail iovec.
- */
- hdrsize += RPC_REPHDRSIZE + req->rq_cred->cr_auth->au_ralign - 1;
+ hdrsize += RPC_REPHDRSIZE + req->rq_cred->cr_auth->au_ralign;
xdr_inline_pages(&req->rq_rcv_buf, hdrsize << 2, pages, base, len);
trace_rpc_xdr_reply_pages(req->rq_task, &req->rq_rcv_buf);
diff --git a/net/sunrpc/xdr.c b/net/sunrpc/xdr.c
index d84bb5037bb5..b1684b19b6d5 100644
--- a/net/sunrpc/xdr.c
+++ b/net/sunrpc/xdr.c
@@ -193,9 +193,6 @@ xdr_inline_pages(struct xdr_buf *xdr, unsigned int offset,
tail->iov_base = buf + offset;
tail->iov_len = buflen - offset;
- if ((xdr->page_len & 3) == 0)
- tail->iov_len -= sizeof(__be32);
-
xdr->buflen += len;
}
EXPORT_SYMBOL_GPL(xdr_inline_pages);
--
2.20.1
1
3
06 Feb '23
driver inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I6BSMN
-----------------------------------------------------------------------
For ROH distributed scenario, EID is allocated by DHCP mode.
Driver needs to convert the origin MAC address to EID format,
and updates the destination MAC, chaddr and client id(if exists)
when transmit DHCP packets. Meantime, the chaddr field should
follow the source mac address, in order to make the dhcp
server reply to the right client. For the payload of
dhcp packet changed, so the checksum of L4 should be
calculated too.
Signed-off-by: Jian Shen <shenjian15(a)huawei.com>
Signed-off-by: Ke Chen <chenke54(a)huawei.com>
---
.../net/ethernet/hisilicon/hns3/hns3_enet.c | 172 +++++++++++++++++-
.../net/ethernet/hisilicon/hns3/hns3_enet.h | 50 +++++
.../hisilicon/hns3/hns3pf/hclge_main.c | 9 +
3 files changed, 226 insertions(+), 5 deletions(-)
diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3_enet.c b/drivers/net/ethernet/hisilicon/hns3/hns3_enet.c
index cf79cd69c766..460f9d217a18 100644
--- a/drivers/net/ethernet/hisilicon/hns3/hns3_enet.c
+++ b/drivers/net/ethernet/hisilicon/hns3/hns3_enet.c
@@ -1165,6 +1165,142 @@ static void hns3_tx_spare_reclaim_cb(struct hns3_enet_ring *ring,
}
}
+static struct hns3_dhcp_packet *hns3_get_dhcp_packet(struct sk_buff *skb,
+ int *dhcp_len)
+{
+ struct hns3_dhcp_packet *dhcp;
+ union l4_hdr_info l4;
+ int l4_payload_len;
+
+ l4.hdr = skb_transport_header(skb);
+ if (l4.udp->dest != htons(HNS3_DHCP_CLIENT_PORT) ||
+ l4.udp->source != htons(HNS3_DHCP_SERVER_PORT))
+ return NULL;
+
+ dhcp = (struct hns3_dhcp_packet *)(l4.hdr + sizeof(struct udphdr));
+ l4_payload_len = ntohs(l4.udp->len) - sizeof(struct udphdr);
+ if (l4_payload_len < offsetof(struct hns3_dhcp_packet, options) ||
+ dhcp->hlen != ETH_ALEN ||
+ dhcp->cookie != htonl(HNS3_DHCP_MAGIC))
+ return NULL;
+
+ *dhcp_len = l4_payload_len;
+ return dhcp;
+}
+
+static u8 *hns3_dhcp_option_scan(struct hns3_dhcp_packet *packet,
+ struct hns3_dhcp_opt_state *opt_state)
+{
+ int opt_len;
+ u8 *cur_opt;
+
+ /* option bytes: [code][len][data0~data[len-1]] */
+ while (opt_state->rem > 0) {
+ switch (opt_state->opt_ptr[DHCP_OPT_CODE]) {
+ /* option padding and end have no len and data byte. */
+ case DHCP_OPT_PADDING:
+ opt_state->rem--;
+ opt_state->opt_ptr++;
+ break;
+ case DHCP_OPT_END:
+ if (DHCP_OVERLOAD_USE_FILE(opt_state->overload_flag)) {
+ opt_state->overload_flag |=
+ DHCP_OVERLOAD_FILE_USED;
+ opt_state->opt_ptr = packet->file;
+ opt_state->rem = sizeof(packet->file);
+ break;
+ }
+ if (DHCP_OVERLOAD_USE_SNAME(opt_state->overload_flag)) {
+ opt_state->overload_flag |=
+ DHCP_OVERLOAD_SNAME_USED;
+ opt_state->opt_ptr = packet->sname;
+ opt_state->rem = sizeof(packet->sname);
+ break;
+ }
+ return NULL;
+ default:
+ if (opt_state->rem <= DHCP_OPT_LEN)
+ return NULL;
+ /* opt_len includes code, len and data bytes */
+ opt_len = opt_state->opt_ptr[DHCP_OPT_LEN] +
+ DHCP_OPT_DATA;
+ cur_opt = opt_state->opt_ptr;
+ if (opt_state->rem < opt_len)
+ return NULL;
+
+ opt_state->opt_ptr += opt_len;
+ opt_state->rem -= opt_len;
+ if (cur_opt[DHCP_OPT_CODE] == DHCP_OPT_OVERLOAD) {
+ opt_state->overload_flag |=
+ cur_opt[DHCP_OPT_DATA];
+ break;
+ }
+ return cur_opt;
+ }
+ }
+
+ return NULL;
+}
+
+static void hns3_dhcp_update_option61(struct hns3_nic_priv *priv,
+ struct hns3_dhcp_packet *packet,
+ int dhcp_len)
+{
+ struct hns3_dhcp_opt_state opt_state;
+ u8 *cur_opt;
+
+ opt_state.opt_ptr = packet->options;
+ opt_state.rem = dhcp_len - offsetof(struct hns3_dhcp_packet, options);
+ opt_state.overload_flag = 0;
+
+ cur_opt = hns3_dhcp_option_scan(packet, &opt_state);
+ while (cur_opt) {
+ if (cur_opt[DHCP_OPT_CODE] != DHCP_OPT_CLIENT_ID) {
+ cur_opt = hns3_dhcp_option_scan(packet, &opt_state);
+ continue;
+ }
+ if (cur_opt[DHCP_OPT_LEN] > ETH_ALEN)
+ ether_addr_copy(&cur_opt[DHCP_CLIENT_ID_MAC_OFT],
+ priv->roh_perm_mac);
+ break;
+ }
+}
+
+static void hns3_dhcp_cal_l4_csum(struct sk_buff *skb)
+{
+ union l3_hdr_info l3;
+ union l4_hdr_info l4;
+ __wsum csum = 0;
+ int offset;
+
+ if (skb->ip_summed == CHECKSUM_PARTIAL)
+ return;
+
+ l3.hdr = skb_network_header(skb);
+ l4.hdr = skb_transport_header(skb);
+ offset = skb_transport_offset(skb);
+ l4.udp->check = 0;
+ csum = csum_partial(l4.udp, ntohs(l4.udp->len), 0);
+ l4.udp->check = csum_tcpudp_magic(l3.v4->saddr, l3.v4->daddr,
+ skb->len - offset, IPPROTO_UDP, csum);
+}
+
+static void hns3_dhcp_packet_convert(struct hns3_nic_priv *priv,
+ struct sk_buff *skb,
+ struct hns3_dhcp_packet *dhcp,
+ int dhcp_len)
+{
+ struct ethhdr *l2hdr = eth_hdr(skb);
+
+ if (!dhcp)
+ return;
+
+ ether_addr_copy(dhcp->chaddr, l2hdr->h_source);
+ hns3_dhcp_update_option61(priv, dhcp, dhcp_len);
+ /* for l4 payload changed, need to re-calculate the csum */
+ hns3_dhcp_cal_l4_csum(skb);
+}
+
static int hns3_set_tso(struct sk_buff *skb, u32 *paylen_fdop_ol4cs,
u16 *mss, u32 *type_cs_vlan_tso, u32 *send_bytes)
{
@@ -1716,7 +1852,20 @@ static int hns3_handle_csum_partial(struct hns3_enet_ring *ring,
return 0;
}
-static int hns3_fill_skb_desc(struct hns3_enet_ring *ring,
+static bool hns3_roh_check_udpv4(struct sk_buff *skb)
+{
+ union l3_hdr_info l3;
+
+ l3.hdr = skb_network_header(skb);
+ if (skb->protocol != htons(ETH_P_IP) ||
+ l3.v4->version != IP_VERSION_IPV4)
+ return false;
+
+ return l3.v4->protocol == IPPROTO_UDP;
+}
+
+static int hns3_fill_skb_desc(struct hns3_nic_priv *priv,
+ struct hns3_enet_ring *ring,
struct sk_buff *skb, struct hns3_desc *desc,
struct hns3_desc_cb *desc_cb)
{
@@ -1741,6 +1890,14 @@ static int hns3_fill_skb_desc(struct hns3_enet_ring *ring,
hnae3_set_field(param.paylen_fdop_ol4cs, HNS3_TXD_FD_OP_M,
HNS3_TXD_FD_OP_S, fd_op);
+ if (hns3_roh_check_udpv4(skb)) {
+ struct hns3_dhcp_packet *dhcp;
+ int dhcp_len;
+
+ dhcp = hns3_get_dhcp_packet(skb, &dhcp_len);
+ hns3_dhcp_packet_convert(priv, skb, dhcp, dhcp_len);
+ }
+
/* Set txbd */
desc->tx.ol_type_vlan_len_msec =
cpu_to_le32(param.ol_type_vlan_len_msec);
@@ -2338,15 +2495,16 @@ static int hns3_handle_desc_filling(struct hns3_enet_ring *ring,
return hns3_fill_skb_to_desc(ring, skb, DESC_TYPE_SKB);
}
-static int hns3_handle_skb_desc(struct hns3_enet_ring *ring,
+static int hns3_handle_skb_desc(struct hns3_nic_priv *priv,
+ struct hns3_enet_ring *ring,
struct sk_buff *skb,
struct hns3_desc_cb *desc_cb,
int next_to_use_head)
{
int ret;
- ret = hns3_fill_skb_desc(ring, skb, &ring->desc[ring->next_to_use],
- desc_cb);
+ ret = hns3_fill_skb_desc(priv, ring, skb,
+ &ring->desc[ring->next_to_use], desc_cb);
if (unlikely(ret < 0))
goto fill_err;
@@ -2395,7 +2553,7 @@ netdev_tx_t hns3_nic_net_xmit(struct sk_buff *skb, struct net_device *netdev)
goto out_err_tx_ok;
}
- ret = hns3_handle_skb_desc(ring, skb, desc_cb, ring->next_to_use);
+ ret = hns3_handle_skb_desc(priv, ring, skb, desc_cb, ring->next_to_use);
if (unlikely(ret <= 0))
goto out_err_tx_ok;
@@ -5226,6 +5384,9 @@ static int hns3_init_mac_addr(struct net_device *netdev)
return 0;
}
+ if (is_zero_ether_addr(priv->roh_perm_mac))
+ ether_addr_copy(priv->roh_perm_mac, netdev->dev_addr);
+
if (h->ae_algo->ops->set_mac_addr)
ret = h->ae_algo->ops->set_mac_addr(h, netdev->dev_addr, true);
@@ -5377,6 +5538,7 @@ static int hns3_client_init(struct hnae3_handle *handle)
priv->tx_timeout_count = 0;
priv->max_non_tso_bd_num = ae_dev->dev_specs.max_non_tso_bd_num;
set_bit(HNS3_NIC_STATE_DOWN, &priv->state);
+ eth_zero_addr(priv->roh_perm_mac);
handle->msg_enable = netif_msg_init(debug, DEFAULT_MSG_LEVEL);
diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3_enet.h b/drivers/net/ethernet/hisilicon/hns3/hns3_enet.h
index ccfd38b0028e..85c352fff83b 100644
--- a/drivers/net/ethernet/hisilicon/hns3/hns3_enet.h
+++ b/drivers/net/ethernet/hisilicon/hns3/hns3_enet.h
@@ -604,6 +604,56 @@ struct hns3_nic_priv {
struct hns3_enet_coalesce rx_coal;
u32 tx_copybreak;
u32 rx_copybreak;
+ u8 roh_perm_mac[ETH_ALEN];
+};
+
+#define HNS3_DHCP_SERVER_PORT 68
+#define HNS3_DHCP_CLIENT_PORT 67
+#define HNS3_DHCP_MAGIC 0x63825363
+#define DHCP_OPT_CODE 0
+#define DHCP_OPT_LEN 1
+#define DHCP_OPT_DATA 2
+#define DHCP_CLIENT_ID_LEN 7
+#define DHCP_CLIENT_ID_MAC_OFT 3
+#define DHCP_OVERLOAD_FILE 0x1
+#define DHCP_OVERLOAD_SNAME 0x2
+#define DHCP_OVERLOAD_FILE_USED 0x101
+#define DHCP_OVERLOAD_SNAME_USED 0x202
+#define DHCP_OVERLOAD_USE_FILE(x) \
+ (((x) & DHCP_OVERLOAD_FILE_USED) == DHCP_OVERLOAD_FILE)
+#define DHCP_OVERLOAD_USE_SNAME(x) \
+ (((x) & DHCP_OVERLOAD_SNAME_USED) == DHCP_OVERLOAD_SNAME)
+
+enum DHCP_OPTION_CODES {
+ DHCP_OPT_PADDING = 0,
+ DHCP_OPT_OVERLOAD = 52,
+ DHCP_OPT_CLIENT_ID = 61,
+ DHCP_OPT_END = 255
+};
+
+struct hns3_dhcp_packet {
+ u8 op;
+ u8 htype;
+ u8 hlen;
+ u8 hops;
+ u32 xid;
+ u16 secs;
+ u16 flags;
+ u32 ciaddr;
+ u32 yiaddr;
+ u32 siaddr_nip;
+ u32 gateway_nip;
+ u8 chaddr[16]; /* link-layer client hardware address (MAC) */
+ u8 sname[64];
+ u8 file[128];
+ u32 cookie; /* DHCP magic bytes: 0x63825363 */
+ u8 options[312];
+};
+
+struct hns3_dhcp_opt_state {
+ u8 *opt_ptr; /* refer to current option item */
+ int rem; /* remain bytes in options */
+ u32 overload_flag; /* whether use file and sname field as options */
};
union l3_hdr_info {
diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c
index eea17548416b..5c8a821aa61a 100644
--- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c
+++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c
@@ -2866,12 +2866,21 @@ static void hclge_get_fec(struct hnae3_handle *handle, u8 *fec_ability,
if (fec_mode)
*fec_mode = mac->fec_mode;
}
+
+static void hclge_roh_convert_mac_addr(struct hclge_dev *hdev)
+{
+#define HCLGE_ROH_EID_MASK_BYTE 3
+
+ memset(hdev->hw.mac.mac_addr, 0, HCLGE_ROH_EID_MASK_BYTE);
+}
+
static int hclge_mac_init(struct hclge_dev *hdev)
{
struct hclge_mac *mac = &hdev->hw.mac;
int ret;
hclge_mac_type_init(hdev);
+ hclge_roh_convert_mac_addr(hdev);
hdev->support_sfp_query = true;
hdev->hw.mac.duplex = HCLGE_MAC_FULL;
--
2.30.0
1
0
06 Feb '23
From: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
stable inclusion
from stable-v5.10.142
commit d71a1c9fce184718d1b3a51a9e8a6e31cbbb45ce
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6D0ZE
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
-------------------------------------------------
commit 278d3ba61563ceed3cb248383ced19e14ec7bc1f upstream.
On 32bit-UP u64_stats_fetch_begin() disables only preemption. If the
reader is in preemptible context and the writer side
(u64_stats_update_begin*()) runs in an interrupt context (IRQ or
softirq) then the writer can update the stats during the read operation.
This update remains undetected.
Use u64_stats_fetch_begin_irq() to ensure the stats fetch on 32bit-UP
are not interrupted by a writer. 32bit-SMP remains unaffected by this
change.
Cc: "David S. Miller" <davem(a)davemloft.net>
Cc: Catherine Sullivan <csully(a)google.com>
Cc: David Awogbemila <awogbemila(a)google.com>
Cc: Dimitris Michailidis <dmichail(a)fungible.com>
Cc: Eric Dumazet <edumazet(a)google.com>
Cc: Hans Ulli Kroll <ulli.kroll(a)googlemail.com>
Cc: Jakub Kicinski <kuba(a)kernel.org>
Cc: Jeroen de Borst <jeroendb(a)google.com>
Cc: Johannes Berg <johannes(a)sipsolutions.net>
Cc: Linus Walleij <linus.walleij(a)linaro.org>
Cc: Paolo Abeni <pabeni(a)redhat.com>
Cc: Simon Horman <simon.horman(a)corigine.com>
Cc: linux-arm-kernel(a)lists.infradead.org
Cc: linux-wireless(a)vger.kernel.org
Cc: netdev(a)vger.kernel.org
Cc: oss-drivers(a)corigine.com
Cc: stable(a)vger.kernel.org
Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
Reviewed-by: Simon Horman <simon.horman(a)corigine.com>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
(cherry picked from commit d71a1c9fce184718d1b3a51a9e8a6e31cbbb45ce)
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
Conflicts:
drivers/net/ethernet/huawei/hinic/hinic_rx.c
drivers/net/ethernet/huawei/hinic/hinic_tx.c
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
drivers/net/ethernet/cortina/gemini.c | 24 +++++++++++-----------
drivers/net/ethernet/google/gve/gve_ethtool.c | 16 +++++++--------
drivers/net/ethernet/google/gve/gve_main.c | 12 +++++------
drivers/net/ethernet/huawei/hinic/hinic_rx.c | 4 ++--
drivers/net/ethernet/huawei/hinic/hinic_tx.c | 4 ++--
.../net/ethernet/netronome/nfp/nfp_net_common.c | 8 ++++----
.../net/ethernet/netronome/nfp/nfp_net_ethtool.c | 8 ++++----
drivers/net/netdevsim/netdev.c | 4 ++--
net/mac80211/sta_info.c | 8 ++++----
net/mpls/af_mpls.c | 4 ++--
10 files changed, 46 insertions(+), 46 deletions(-)
diff --git a/drivers/net/ethernet/cortina/gemini.c b/drivers/net/ethernet/cortina/gemini.c
index 3685878..b22ea40 100644
--- a/drivers/net/ethernet/cortina/gemini.c
+++ b/drivers/net/ethernet/cortina/gemini.c
@@ -1920,7 +1920,7 @@ static void gmac_get_stats64(struct net_device *netdev,
/* Racing with RX NAPI */
do {
- start = u64_stats_fetch_begin(&port->rx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->rx_stats_syncp);
stats->rx_packets = port->stats.rx_packets;
stats->rx_bytes = port->stats.rx_bytes;
@@ -1932,11 +1932,11 @@ static void gmac_get_stats64(struct net_device *netdev,
stats->rx_crc_errors = port->stats.rx_crc_errors;
stats->rx_frame_errors = port->stats.rx_frame_errors;
- } while (u64_stats_fetch_retry(&port->rx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->rx_stats_syncp, start));
/* Racing with MIB and TX completion interrupts */
do {
- start = u64_stats_fetch_begin(&port->ir_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->ir_stats_syncp);
stats->tx_errors = port->stats.tx_errors;
stats->tx_packets = port->stats.tx_packets;
@@ -1946,15 +1946,15 @@ static void gmac_get_stats64(struct net_device *netdev,
stats->rx_missed_errors = port->stats.rx_missed_errors;
stats->rx_fifo_errors = port->stats.rx_fifo_errors;
- } while (u64_stats_fetch_retry(&port->ir_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->ir_stats_syncp, start));
/* Racing with hard_start_xmit */
do {
- start = u64_stats_fetch_begin(&port->tx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->tx_stats_syncp);
stats->tx_dropped = port->stats.tx_dropped;
- } while (u64_stats_fetch_retry(&port->tx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->tx_stats_syncp, start));
stats->rx_dropped += stats->rx_missed_errors;
}
@@ -2032,18 +2032,18 @@ static void gmac_get_ethtool_stats(struct net_device *netdev,
/* Racing with MIB interrupt */
do {
p = values;
- start = u64_stats_fetch_begin(&port->ir_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->ir_stats_syncp);
for (i = 0; i < RX_STATS_NUM; i++)
*p++ = port->hw_stats[i];
- } while (u64_stats_fetch_retry(&port->ir_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->ir_stats_syncp, start));
values = p;
/* Racing with RX NAPI */
do {
p = values;
- start = u64_stats_fetch_begin(&port->rx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->rx_stats_syncp);
for (i = 0; i < RX_STATUS_NUM; i++)
*p++ = port->rx_stats[i];
@@ -2051,13 +2051,13 @@ static void gmac_get_ethtool_stats(struct net_device *netdev,
*p++ = port->rx_csum_stats[i];
*p++ = port->rx_napi_exits;
- } while (u64_stats_fetch_retry(&port->rx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->rx_stats_syncp, start));
values = p;
/* Racing with TX start_xmit */
do {
p = values;
- start = u64_stats_fetch_begin(&port->tx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->tx_stats_syncp);
for (i = 0; i < TX_MAX_FRAGS; i++) {
*values++ = port->tx_frag_stats[i];
@@ -2066,7 +2066,7 @@ static void gmac_get_ethtool_stats(struct net_device *netdev,
*values++ = port->tx_frags_linearized;
*values++ = port->tx_hw_csummed;
- } while (u64_stats_fetch_retry(&port->tx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->tx_stats_syncp, start));
}
static int gmac_get_ksettings(struct net_device *netdev,
diff --git a/drivers/net/ethernet/google/gve/gve_ethtool.c b/drivers/net/ethernet/google/gve/gve_ethtool.c
index 66f9b37..80a8c0c 100644
--- a/drivers/net/ethernet/google/gve/gve_ethtool.c
+++ b/drivers/net/ethernet/google/gve/gve_ethtool.c
@@ -172,14 +172,14 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
struct gve_rx_ring *rx = &priv->rx[ring];
start =
- u64_stats_fetch_begin(&priv->rx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->rx[ring].statss);
tmp_rx_pkts = rx->rpackets;
tmp_rx_bytes = rx->rbytes;
tmp_rx_skb_alloc_fail = rx->rx_skb_alloc_fail;
tmp_rx_buf_alloc_fail = rx->rx_buf_alloc_fail;
tmp_rx_desc_err_dropped_pkt =
rx->rx_desc_err_dropped_pkt;
- } while (u64_stats_fetch_retry(&priv->rx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->rx[ring].statss,
start));
rx_pkts += tmp_rx_pkts;
rx_bytes += tmp_rx_bytes;
@@ -193,10 +193,10 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
if (priv->tx) {
do {
start =
- u64_stats_fetch_begin(&priv->tx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->tx[ring].statss);
tmp_tx_pkts = priv->tx[ring].pkt_done;
tmp_tx_bytes = priv->tx[ring].bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->tx[ring].statss,
start));
tx_pkts += tmp_tx_pkts;
tx_bytes += tmp_tx_bytes;
@@ -254,13 +254,13 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
data[i++] = rx->cnt;
do {
start =
- u64_stats_fetch_begin(&priv->rx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->rx[ring].statss);
tmp_rx_bytes = rx->rbytes;
tmp_rx_skb_alloc_fail = rx->rx_skb_alloc_fail;
tmp_rx_buf_alloc_fail = rx->rx_buf_alloc_fail;
tmp_rx_desc_err_dropped_pkt =
rx->rx_desc_err_dropped_pkt;
- } while (u64_stats_fetch_retry(&priv->rx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->rx[ring].statss,
start));
data[i++] = tmp_rx_bytes;
/* rx dropped packets */
@@ -313,9 +313,9 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
data[i++] = tx->done;
do {
start =
- u64_stats_fetch_begin(&priv->tx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->tx[ring].statss);
tmp_tx_bytes = tx->bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->tx[ring].statss,
start));
data[i++] = tmp_tx_bytes;
data[i++] = tx->wake_queue;
diff --git a/drivers/net/ethernet/google/gve/gve_main.c b/drivers/net/ethernet/google/gve/gve_main.c
index 6cb75bb..f0c1e6c8 100644
--- a/drivers/net/ethernet/google/gve/gve_main.c
+++ b/drivers/net/ethernet/google/gve/gve_main.c
@@ -40,10 +40,10 @@ static void gve_get_stats(struct net_device *dev, struct rtnl_link_stats64 *s)
for (ring = 0; ring < priv->rx_cfg.num_queues; ring++) {
do {
start =
- u64_stats_fetch_begin(&priv->rx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->rx[ring].statss);
packets = priv->rx[ring].rpackets;
bytes = priv->rx[ring].rbytes;
- } while (u64_stats_fetch_retry(&priv->rx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->rx[ring].statss,
start));
s->rx_packets += packets;
s->rx_bytes += bytes;
@@ -53,10 +53,10 @@ static void gve_get_stats(struct net_device *dev, struct rtnl_link_stats64 *s)
for (ring = 0; ring < priv->tx_cfg.num_queues; ring++) {
do {
start =
- u64_stats_fetch_begin(&priv->tx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->tx[ring].statss);
packets = priv->tx[ring].pkt_done;
bytes = priv->tx[ring].bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->tx[ring].statss,
start));
s->tx_packets += packets;
s->tx_bytes += bytes;
@@ -1041,9 +1041,9 @@ void gve_handle_report_stats(struct gve_priv *priv)
if (priv->tx) {
for (idx = 0; idx < priv->tx_cfg.num_queues; idx++) {
do {
- start = u64_stats_fetch_begin(&priv->tx[idx].statss);
+ start = u64_stats_fetch_begin_irq(&priv->tx[idx].statss);
tx_bytes = priv->tx[idx].bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[idx].statss, start));
+ } while (u64_stats_fetch_retry_irq(&priv->tx[idx].statss, start));
stats[stats_idx++] = (struct stats) {
.stat_name = cpu_to_be32(TX_WAKE_CNT),
.value = cpu_to_be64(priv->tx[idx].wake_queue),
diff --git a/drivers/net/ethernet/huawei/hinic/hinic_rx.c b/drivers/net/ethernet/huawei/hinic/hinic_rx.c
index 57d5d79..1b57b67 100644
--- a/drivers/net/ethernet/huawei/hinic/hinic_rx.c
+++ b/drivers/net/ethernet/huawei/hinic/hinic_rx.c
@@ -375,7 +375,7 @@ void hinic_rxq_get_stats(struct hinic_rxq *rxq,
u64_stats_update_begin(&stats->syncp);
do {
- start = u64_stats_fetch_begin(&rxq_stats->syncp);
+ start = u64_stats_fetch_begin_irq(&rxq_stats->syncp);
stats->bytes = rxq_stats->bytes;
stats->packets = rxq_stats->packets;
stats->errors = rxq_stats->csum_errors +
@@ -384,7 +384,7 @@ void hinic_rxq_get_stats(struct hinic_rxq *rxq,
stats->other_errors = rxq_stats->other_errors;
stats->dropped = rxq_stats->dropped;
stats->rx_buf_empty = rxq_stats->rx_buf_empty;
- } while (u64_stats_fetch_retry(&rxq_stats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&rxq_stats->syncp, start));
u64_stats_update_end(&stats->syncp);
}
diff --git a/drivers/net/ethernet/huawei/hinic/hinic_tx.c b/drivers/net/ethernet/huawei/hinic/hinic_tx.c
index 75fa344..ff37b6f 100644
--- a/drivers/net/ethernet/huawei/hinic/hinic_tx.c
+++ b/drivers/net/ethernet/huawei/hinic/hinic_tx.c
@@ -61,7 +61,7 @@ void hinic_txq_get_stats(struct hinic_txq *txq,
u64_stats_update_begin(&stats->syncp);
do {
- start = u64_stats_fetch_begin(&txq_stats->syncp);
+ start = u64_stats_fetch_begin_irq(&txq_stats->syncp);
stats->bytes = txq_stats->bytes;
stats->packets = txq_stats->packets;
stats->busy = txq_stats->busy;
@@ -69,7 +69,7 @@ void hinic_txq_get_stats(struct hinic_txq *txq,
stats->dropped = txq_stats->dropped;
stats->big_frags_pkts = txq_stats->big_frags_pkts;
stats->big_udp_pkts = txq_stats->big_udp_pkts;
- } while (u64_stats_fetch_retry(&txq_stats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&txq_stats->syncp, start));
u64_stats_update_end(&stats->syncp);
}
diff --git a/drivers/net/ethernet/netronome/nfp/nfp_net_common.c b/drivers/net/ethernet/netronome/nfp/nfp_net_common.c
index dfc1f32..5ab230aa 100644
--- a/drivers/net/ethernet/netronome/nfp/nfp_net_common.c
+++ b/drivers/net/ethernet/netronome/nfp/nfp_net_common.c
@@ -3373,21 +3373,21 @@ static void nfp_net_stat64(struct net_device *netdev,
unsigned int start;
do {
- start = u64_stats_fetch_begin(&r_vec->rx_sync);
+ start = u64_stats_fetch_begin_irq(&r_vec->rx_sync);
data[0] = r_vec->rx_pkts;
data[1] = r_vec->rx_bytes;
data[2] = r_vec->rx_drops;
- } while (u64_stats_fetch_retry(&r_vec->rx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&r_vec->rx_sync, start));
stats->rx_packets += data[0];
stats->rx_bytes += data[1];
stats->rx_dropped += data[2];
do {
- start = u64_stats_fetch_begin(&r_vec->tx_sync);
+ start = u64_stats_fetch_begin_irq(&r_vec->tx_sync);
data[0] = r_vec->tx_pkts;
data[1] = r_vec->tx_bytes;
data[2] = r_vec->tx_errors;
- } while (u64_stats_fetch_retry(&r_vec->tx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&r_vec->tx_sync, start));
stats->tx_packets += data[0];
stats->tx_bytes += data[1];
stats->tx_errors += data[2];
diff --git a/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c b/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c
index bfcd90f..d4136d3 100644
--- a/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c
+++ b/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c
@@ -498,7 +498,7 @@ static u64 *nfp_vnic_get_sw_stats(struct net_device *netdev, u64 *data)
unsigned int start;
do {
- start = u64_stats_fetch_begin(&nn->r_vecs[i].rx_sync);
+ start = u64_stats_fetch_begin_irq(&nn->r_vecs[i].rx_sync);
data[0] = nn->r_vecs[i].rx_pkts;
tmp[0] = nn->r_vecs[i].hw_csum_rx_ok;
tmp[1] = nn->r_vecs[i].hw_csum_rx_inner_ok;
@@ -506,10 +506,10 @@ static u64 *nfp_vnic_get_sw_stats(struct net_device *netdev, u64 *data)
tmp[3] = nn->r_vecs[i].hw_csum_rx_error;
tmp[4] = nn->r_vecs[i].rx_replace_buf_alloc_fail;
tmp[5] = nn->r_vecs[i].hw_tls_rx;
- } while (u64_stats_fetch_retry(&nn->r_vecs[i].rx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&nn->r_vecs[i].rx_sync, start));
do {
- start = u64_stats_fetch_begin(&nn->r_vecs[i].tx_sync);
+ start = u64_stats_fetch_begin_irq(&nn->r_vecs[i].tx_sync);
data[1] = nn->r_vecs[i].tx_pkts;
data[2] = nn->r_vecs[i].tx_busy;
tmp[6] = nn->r_vecs[i].hw_csum_tx;
@@ -519,7 +519,7 @@ static u64 *nfp_vnic_get_sw_stats(struct net_device *netdev, u64 *data)
tmp[10] = nn->r_vecs[i].hw_tls_tx;
tmp[11] = nn->r_vecs[i].tls_tx_fallback;
tmp[12] = nn->r_vecs[i].tls_tx_no_fallback;
- } while (u64_stats_fetch_retry(&nn->r_vecs[i].tx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&nn->r_vecs[i].tx_sync, start));
data += NN_RVEC_PER_Q_STATS;
diff --git a/drivers/net/netdevsim/netdev.c b/drivers/net/netdevsim/netdev.c
index ad6dbf01..4fb0638 100644
--- a/drivers/net/netdevsim/netdev.c
+++ b/drivers/net/netdevsim/netdev.c
@@ -67,10 +67,10 @@ static int nsim_change_mtu(struct net_device *dev, int new_mtu)
unsigned int start;
do {
- start = u64_stats_fetch_begin(&ns->syncp);
+ start = u64_stats_fetch_begin_irq(&ns->syncp);
stats->tx_bytes = ns->tx_bytes;
stats->tx_packets = ns->tx_packets;
- } while (u64_stats_fetch_retry(&ns->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&ns->syncp, start));
}
static int
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 461c037..cee39ae 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -2175,9 +2175,9 @@ static inline u64 sta_get_tidstats_msdu(struct ieee80211_sta_rx_stats *rxstats,
u64 value;
do {
- start = u64_stats_fetch_begin(&rxstats->syncp);
+ start = u64_stats_fetch_begin_irq(&rxstats->syncp);
value = rxstats->msdu[tid];
- } while (u64_stats_fetch_retry(&rxstats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&rxstats->syncp, start));
return value;
}
@@ -2241,9 +2241,9 @@ static inline u64 sta_get_stats_bytes(struct ieee80211_sta_rx_stats *rxstats)
u64 value;
do {
- start = u64_stats_fetch_begin(&rxstats->syncp);
+ start = u64_stats_fetch_begin_irq(&rxstats->syncp);
value = rxstats->bytes;
- } while (u64_stats_fetch_retry(&rxstats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&rxstats->syncp, start));
return value;
}
diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c
index 9c047c1..7239814 100644
--- a/net/mpls/af_mpls.c
+++ b/net/mpls/af_mpls.c
@@ -1078,9 +1078,9 @@ static void mpls_get_stats(struct mpls_dev *mdev,
p = per_cpu_ptr(mdev->stats, i);
do {
- start = u64_stats_fetch_begin(&p->syncp);
+ start = u64_stats_fetch_begin_irq(&p->syncp);
local = p->stats;
- } while (u64_stats_fetch_retry(&p->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&p->syncp, start));
stats->rx_packets += local.rx_packets;
stats->rx_bytes += local.rx_bytes;
--
1.8.3.1
1
2
[PATCH openEuler-1.0-LTS 1/3] mm: hwpoison: refactor refcount check handling
by Yongqiang Liu 04 Feb '23
by Yongqiang Liu 04 Feb '23
04 Feb '23
From: Yang Shi <shy828301(a)gmail.com>
stable inclusion
from stable-v5.15.86
commit a62b1bc603a1ded739e7cf543da29a3eb93cc534
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6AR36
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit dd0f230a0a80ff396c7ce587f16429f2a8131344 upstream.
Memory failure will report failure if the page still has extra pinned
refcount other than from hwpoison after the handler is done. Actually
the check is not necessary for all handlers, so move the check into
specific handlers. This would make the following keeping shmem page in
page cache patch easier.
There may be expected extra pin for some cases, for example, when the
page is dirty and in swapcache.
Link: https://lkml.kernel.org/r/20211020210755.23964-5-shy828301@gmail.com
Signed-off-by: Yang Shi <shy828301(a)gmail.com>
Signed-off-by: Naoya Horiguchi <naoya.horiguchi(a)nec.com>
Suggested-by: Naoya Horiguchi <naoya.horiguchi(a)nec.com>
Cc: Hugh Dickins <hughd(a)google.com>
Cc: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com>
Cc: Matthew Wilcox <willy(a)infradead.org>
Cc: Oscar Salvador <osalvador(a)suse.de>
Cc: Peter Xu <peterx(a)redhat.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Naoya Horiguchi <naoya.horiguchi(a)linux.dev>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Ze Zuo <zuoze1(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
mm/memory-failure.c | 93 +++++++++++++++++++++++++++++++--------------
1 file changed, 64 insertions(+), 29 deletions(-)
diff --git a/mm/memory-failure.c b/mm/memory-failure.c
index 9a816fdf812d..b653637d5a00 100644
--- a/mm/memory-failure.c
+++ b/mm/memory-failure.c
@@ -655,12 +655,44 @@ static int truncate_error_page(struct page *p, unsigned long pfn,
return ret;
}
+struct page_state {
+ unsigned long mask;
+ unsigned long res;
+ enum mf_action_page_type type;
+
+ /* Callback ->action() has to unlock the relevant page inside it. */
+ int (*action)(struct page_state *ps, struct page *p);
+};
+
+/*
+ * Return true if page is still referenced by others, otherwise return
+ * false.
+ *
+ * The extra_pins is true when one extra refcount is expected.
+ */
+static bool has_extra_refcount(struct page_state *ps, struct page *p,
+ bool extra_pins)
+{
+ int count = page_count(p) - 1;
+
+ if (extra_pins)
+ count -= 1;
+
+ if (count > 0) {
+ pr_err("Memory failure: %#lx: %s still referenced by %d users\n",
+ page_to_pfn(p), action_page_types[ps->type], count);
+ return true;
+ }
+
+ return false;
+}
+
/*
* Error hit kernel page.
* Do nothing, try to be lucky and not touch this instead. For a few cases we
* could be more sophisticated.
*/
-static int me_kernel(struct page *p, unsigned long pfn)
+static int me_kernel(struct page_state *ps, struct page *p)
{
unlock_page(p);
return MF_IGNORED;
@@ -669,9 +701,9 @@ static int me_kernel(struct page *p, unsigned long pfn)
/*
* Page in unknown state. Do nothing.
*/
-static int me_unknown(struct page *p, unsigned long pfn)
+static int me_unknown(struct page_state *ps, struct page *p)
{
- pr_err("Memory failure: %#lx: Unknown page state\n", pfn);
+ pr_err("Memory failure: %#lx: Unknown page state\n", page_to_pfn(p));
unlock_page(p);
return MF_FAILED;
}
@@ -679,7 +711,7 @@ static int me_unknown(struct page *p, unsigned long pfn)
/*
* Clean (or cleaned) page cache page.
*/
-static int me_pagecache_clean(struct page *p, unsigned long pfn)
+static int me_pagecache_clean(struct page_state *ps, struct page *p)
{
int ret;
struct address_space *mapping;
@@ -716,9 +748,13 @@ static int me_pagecache_clean(struct page *p, unsigned long pfn)
*
* Open: to take i_mutex or not for this? Right now we don't.
*/
- ret = truncate_error_page(p, pfn, mapping);
+ ret = truncate_error_page(p, page_to_pfn(p), mapping);
out:
unlock_page(p);
+
+ if (has_extra_refcount(ps, p, false))
+ ret = MF_FAILED;
+
return ret;
}
@@ -727,7 +763,7 @@ static int me_pagecache_clean(struct page *p, unsigned long pfn)
* Issues: when the error hit a hole page the error is not properly
* propagated.
*/
-static int me_pagecache_dirty(struct page *p, unsigned long pfn)
+static int me_pagecache_dirty(struct page_state *ps, struct page *p)
{
struct address_space *mapping = page_mapping(p);
@@ -771,7 +807,7 @@ static int me_pagecache_dirty(struct page *p, unsigned long pfn)
mapping_set_error(mapping, -EIO);
}
- return me_pagecache_clean(p, pfn);
+ return me_pagecache_clean(ps, p);
}
/*
@@ -793,9 +829,10 @@ static int me_pagecache_dirty(struct page *p, unsigned long pfn)
* Clean swap cache pages can be directly isolated. A later page fault will
* bring in the known good data from disk.
*/
-static int me_swapcache_dirty(struct page *p, unsigned long pfn)
+static int me_swapcache_dirty(struct page_state *ps, struct page *p)
{
int ret;
+ bool extra_pins = false;
ClearPageDirty(p);
/* Trigger EIO in shmem: */
@@ -803,10 +840,17 @@ static int me_swapcache_dirty(struct page *p, unsigned long pfn)
ret = delete_from_lru_cache(p) ? MF_FAILED : MF_DELAYED;
unlock_page(p);
+
+ if (ret == MF_DELAYED)
+ extra_pins = true;
+
+ if (has_extra_refcount(ps, p, extra_pins))
+ ret = MF_FAILED;
+
return ret;
}
-static int me_swapcache_clean(struct page *p, unsigned long pfn)
+static int me_swapcache_clean(struct page_state *ps, struct page *p)
{
int ret;
@@ -814,6 +858,10 @@ static int me_swapcache_clean(struct page *p, unsigned long pfn)
ret = delete_from_lru_cache(p) ? MF_FAILED : MF_RECOVERED;
unlock_page(p);
+
+ if (has_extra_refcount(ps, p, false))
+ ret = MF_FAILED;
+
return ret;
}
@@ -823,7 +871,7 @@ static int me_swapcache_clean(struct page *p, unsigned long pfn)
* - Error on hugepage is contained in hugepage unit (not in raw page unit.)
* To narrow down kill region to one page, we need to break up pmd.
*/
-static int me_huge_page(struct page *p, unsigned long pfn)
+static int me_huge_page(struct page_state *ps, struct page *p)
{
int res;
struct page *hpage = compound_head(p);
@@ -834,7 +882,7 @@ static int me_huge_page(struct page *p, unsigned long pfn)
mapping = page_mapping(hpage);
if (mapping) {
- res = truncate_error_page(hpage, pfn, mapping);
+ res = truncate_error_page(hpage, page_to_pfn(p), mapping);
unlock_page(hpage);
} else {
res = MF_FAILED;
@@ -852,6 +900,9 @@ static int me_huge_page(struct page *p, unsigned long pfn)
}
}
+ if (has_extra_refcount(ps, p, false))
+ res = MF_FAILED;
+
return res;
}
@@ -878,14 +929,7 @@ static int me_huge_page(struct page *p, unsigned long pfn)
#define slab (1UL << PG_slab)
#define reserved (1UL << PG_reserved)
-static struct page_state {
- unsigned long mask;
- unsigned long res;
- enum mf_action_page_type type;
-
- /* Callback ->action() has to unlock the relevant page inside it. */
- int (*action)(struct page *p, unsigned long pfn);
-} error_states[] = {
+static struct page_state error_states[] = {
{ reserved, reserved, MF_MSG_KERNEL, me_kernel },
/*
* free pages are specially detected outside this table:
@@ -946,19 +990,10 @@ static int page_action(struct page_state *ps, struct page *p,
unsigned long pfn)
{
int result;
- int count;
/* page p should be unlocked after returning from ps->action(). */
- result = ps->action(p, pfn);
+ result = ps->action(ps, p);
- count = page_count(p) - 1;
- if (ps->action == me_swapcache_dirty && result == MF_DELAYED)
- count--;
- if (count > 0) {
- pr_err("Memory failure: %#lx: %s still referenced by %d users\n",
- pfn, action_page_types[ps->type], count);
- result = MF_FAILED;
- }
action_result(pfn, ps->type, result);
/* Could do more checks here if page looks ok */
--
2.25.1
1
2
[PATCH openEuler-1.0-LTS 1/6] dhugetlb: backport dynamic hugetlb feature
by Yongqiang Liu 04 Feb '23
by Yongqiang Liu 04 Feb '23
04 Feb '23
From: Liu Shixin <liushixin2(a)hauwei.com>
hulk inclusion
category: feature
bugzilla: 46904, https://gitee.com/openeuler/kernel/issues/I6BDME
CVE: NA
--------------------------------
This feature has already beed supported on x86_64 and this is the origin
description:
Dynamic hugetlb which is based on Hugetlb, supports to be splited
dynamically in a specified cgroup. We add a hugetlb_pool in a
mem_cgroup to manage dynamic hugetlb for corresponding cgroup.
After dynamic hugepages are allocated for a cgroup, these hugepages
can be used as 1G/2M/4K pages by split/merge opreation.
It is now supported on arm64. This feature will be limited to depends on
ARM64_4K_PAGES and not support cont-bits hugepage. We merge the previous
patches into one patch which is patch[1]. While merge the code ,we found
some code can be isolated by config DYNAMIC_HUGETLB, so we add patch[2] to
re-isolated them. In patch[3], we restrict the feature on mentioned limit.
The patch[4] add skip of dissolve hugepage which may conflict with memory
hotplug and memory failure. The patch[5] set DYNAMIC_HUGETLB to y in
hulk_defconfig to enable by default.
This patch includes all previous patches and the patches list is recorded
in bugzilla.
Signed-off-by: Liu Shixin <liushixin2(a)hauwei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
fs/Kconfig | 9 +
fs/hugetlbfs/inode.c | 4 +
include/linux/gfp.h | 4 +-
include/linux/hugetlb.h | 97 +++
include/linux/memcontrol.h | 15 +
include/linux/page-flags.h | 3 +
include/trace/events/dhugetlb.h | 123 ++++
include/trace/events/mmflags.h | 1 +
kernel/cgroup/cgroup.c | 6 +
mm/huge_memory.c | 16 +-
mm/hugetlb.c | 1188 ++++++++++++++++++++++++++++++-
mm/internal.h | 1 +
mm/memcontrol.c | 391 ++++++++++
mm/page_alloc.c | 33 +-
14 files changed, 1862 insertions(+), 29 deletions(-)
create mode 100644 include/trace/events/dhugetlb.h
diff --git a/fs/Kconfig b/fs/Kconfig
index 5921bfbebee4..e8800d8a73b3 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -211,6 +211,15 @@ config TMPFS_INODE64
If unsure, say N.
+config DYNAMIC_HUGETLB
+ bool "Dynamic HugeTLB"
+ depends on HUGETLB_PAGE
+ depends on MEMCG
+ depends on CGROUP_HUGETLB
+ help
+ Dynamic hugepage are used in memcg and can be splited into small pages
+ automatically. The tasks in the memcg prefer to alloc dynamic hugepage.
+
config HUGETLBFS
bool "HugeTLB file system support"
depends on X86 || IA64 || SPARC64 || (S390 && 64BIT) || \
diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c
index 005e05c442c5..30a29936372c 100644
--- a/fs/hugetlbfs/inode.c
+++ b/fs/hugetlbfs/inode.c
@@ -1164,6 +1164,8 @@ static struct inode *hugetlbfs_alloc_inode(struct super_block *sb)
* private inode. This simplifies hugetlbfs_destroy_inode.
*/
mpol_shared_policy_init(&p->policy, NULL);
+ /* Initialize hpool here in case of a quick call to destroy */
+ p->hpool = get_dhugetlb_pool_from_task(current);
return &p->vfs_inode;
}
@@ -1178,6 +1180,8 @@ static void hugetlbfs_destroy_inode(struct inode *inode)
{
hugetlbfs_inc_free_inodes(HUGETLBFS_SB(inode->i_sb));
mpol_free_shared_policy(&HUGETLBFS_I(inode)->policy);
+ dhugetlb_pool_put(HUGETLBFS_I(inode)->hpool);
+ HUGETLBFS_I(inode)->hpool = NULL;
call_rcu(&inode->i_rcu, hugetlbfs_i_callback);
}
diff --git a/include/linux/gfp.h b/include/linux/gfp.h
index 152cb9bdf436..74b0375d7d2b 100644
--- a/include/linux/gfp.h
+++ b/include/linux/gfp.h
@@ -501,7 +501,9 @@ static inline void arch_alloc_page(struct page *page, int order) { }
struct page *
__alloc_pages_nodemask(gfp_t gfp_mask, unsigned int order, int preferred_nid,
nodemask_t *nodemask);
-
+void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags,
+ unsigned int alloc_flags);
+bool free_pages_prepare(struct page *page, unsigned int order, bool check_free);
static inline struct page *
__alloc_pages(gfp_t gfp_mask, unsigned int order, int preferred_nid)
{
diff --git a/include/linux/hugetlb.h b/include/linux/hugetlb.h
index 2d2b06b36bd0..3a82ea9283ec 100644
--- a/include/linux/hugetlb.h
+++ b/include/linux/hugetlb.h
@@ -289,6 +289,7 @@ struct hugetlbfs_inode_info {
struct shared_policy policy;
struct inode vfs_inode;
unsigned int seals;
+ struct dhugetlb_pool *hpool;
};
static inline struct hugetlbfs_inode_info *HUGETLBFS_I(struct inode *inode)
@@ -655,6 +656,102 @@ static inline void set_huge_swap_pte_at(struct mm_struct *mm, unsigned long addr
#endif /* CONFIG_HUGETLB_PAGE */
+#ifdef CONFIG_DYNAMIC_HUGETLB
+/* The number of small_page_pool for a dhugetlb_pool */
+#define NR_SMPOOL num_possible_cpus()
+/* The max page number in a small_page_pool */
+#define MAX_SMPOOL_PAGE 1024
+/* number to move between list */
+#define BATCH_SMPOOL_PAGE (MAX_SMPOOL_PAGE >> 2)
+/* We don't need to try 5 times, or we can't migrate the pages. */
+#define HPOOL_RECLAIM_RETRIES 5
+
+extern struct static_key_false dhugetlb_enabled_key;
+#define dhugetlb_enabled (static_branch_unlikely(&dhugetlb_enabled_key))
+
+#define DEFAULT_PAGESIZE 4096
+extern rwlock_t dhugetlb_pagelist_rwlock;
+struct dhugetlb_pagelist {
+ unsigned long count;
+ struct dhugetlb_pool *hpool[0];
+};
+extern struct dhugetlb_pagelist *dhugetlb_pagelist_t;
+
+struct split_pages {
+ struct list_head list;
+ unsigned long start_pfn;
+ unsigned long free_pages;
+};
+
+struct small_page_pool {
+ spinlock_t lock;
+ unsigned long free_pages;
+ long used_pages;
+ struct list_head head_page;
+};
+
+struct dhugetlb_pool {
+ int nid;
+ spinlock_t lock;
+ spinlock_t reserved_lock;
+ atomic_t refcnt;
+
+ struct mem_cgroup *attach_memcg;
+
+ struct list_head dhugetlb_1G_freelists;
+ struct list_head dhugetlb_2M_freelists;
+ struct list_head dhugetlb_4K_freelists;
+
+ struct list_head split_1G_freelists;
+ struct list_head split_2M_freelists;
+
+ unsigned long total_nr_pages;
+
+ unsigned long total_reserved_1G;
+ unsigned long free_reserved_1G;
+ unsigned long mmap_reserved_1G;
+ unsigned long used_1G;
+ unsigned long free_unreserved_1G;
+ unsigned long nr_split_1G;
+
+ unsigned long total_reserved_2M;
+ unsigned long free_reserved_2M;
+ unsigned long mmap_reserved_2M;
+ unsigned long used_2M;
+ unsigned long free_unreserved_2M;
+ unsigned long nr_split_2M;
+
+ unsigned long free_pages;
+ struct small_page_pool smpool[0];
+};
+
+bool dhugetlb_pool_get(struct dhugetlb_pool *hpool);
+void dhugetlb_pool_put(struct dhugetlb_pool *hpool);
+struct dhugetlb_pool *hpool_alloc(unsigned long nid);
+int alloc_hugepage_from_hugetlb(struct dhugetlb_pool *hpool,
+ unsigned long nid, unsigned long size);
+bool free_dhugetlb_pool(struct dhugetlb_pool *hpool);
+int update_dhugetlb_pagelist(unsigned long idx, struct dhugetlb_pool *hpool);
+struct dhugetlb_pool *get_dhugetlb_pool_from_dhugetlb_pagelist(
+ struct page *page);
+struct dhugetlb_pool *get_dhugetlb_pool_from_task(struct task_struct *tsk);
+bool move_pages_from_hpool_to_smpool(struct dhugetlb_pool *hpool,
+ struct small_page_pool *smpool);
+void move_pages_from_smpool_to_hpool(struct dhugetlb_pool *hpool,
+ struct small_page_pool *smpool);
+void dhugetlb_reserve_hugepages(struct dhugetlb_pool *hpool,
+ unsigned long count, bool gigantic);
+#else
+#define dhugetlb_enabled 0
+struct dhugetlb_pool {};
+static inline struct dhugetlb_pool *get_dhugetlb_pool_from_task(
+ struct task_struct *tsk)
+{
+ return NULL;
+}
+static inline void dhugetlb_pool_put(struct dhugetlb_pool *hpool) { return; }
+#endif /* CONFIG_DYNAMIC_HUGETLB */
+
static inline spinlock_t *huge_pte_lock(struct hstate *h,
struct mm_struct *mm, pte_t *pte)
{
diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h
index 4517d132d1e2..22f40d5e0e8b 100644
--- a/include/linux/memcontrol.h
+++ b/include/linux/memcontrol.h
@@ -326,6 +326,7 @@ struct mem_cgroup {
};
struct mem_cgroup_extension {
+ struct dhugetlb_pool *hpool;
#ifdef CONFIG_MEMCG_QOS
/* Currently support 0 and -1.
* in the future it can expand to other value.
@@ -1406,4 +1407,18 @@ static inline void memcg_put_cache_ids(void)
#endif /* CONFIG_MEMCG_KMEM */
+#ifdef CONFIG_DYNAMIC_HUGETLB
+struct dhugetlb_pool *get_dhugetlb_pool_from_memcg(struct mem_cgroup *memcg);
+struct page *alloc_page_from_dhugetlb_pool(gfp_t gfp_mask);
+void free_page_to_dhugetlb_pool(struct page *page);
+int dhugetlb_pool_force_empty(struct mem_cgroup *memcg);
+bool dhugetlb_pool_is_free(struct cgroup_subsys_state *css);
+#else
+static inline struct page *alloc_page_from_dhugetlb_pool(gfp_t gfp_mask)
+{
+ return NULL;
+}
+static inline void free_page_to_dhugetlb_pool(struct page *page) {}
+#endif
+
#endif /* _LINUX_MEMCONTROL_H */
diff --git a/include/linux/page-flags.h b/include/linux/page-flags.h
index 0c5d1c4c71e6..fd6cd68e00a2 100644
--- a/include/linux/page-flags.h
+++ b/include/linux/page-flags.h
@@ -102,6 +102,7 @@ enum pageflags {
PG_idle,
#endif
PG_percpu_ref,
+ PG_pool,
__NR_PAGEFLAGS,
/* Filesystems */
@@ -284,6 +285,7 @@ PAGEFLAG(Active, active, PF_HEAD) __CLEARPAGEFLAG(Active, active, PF_HEAD)
__PAGEFLAG(Slab, slab, PF_NO_TAIL)
__PAGEFLAG(SlobFree, slob_free, PF_NO_TAIL)
PAGEFLAG(Checked, checked, PF_NO_COMPOUND) /* Used by some filesystems */
+PAGEFLAG(Pool, pool, PF_NO_TAIL)
/* Xen */
PAGEFLAG(Pinned, pinned, PF_NO_COMPOUND)
@@ -770,6 +772,7 @@ static inline void ClearPageSlabPfmemalloc(struct page *page)
1UL << PG_private | 1UL << PG_private_2 | \
1UL << PG_writeback | 1UL << PG_reserved | \
1UL << PG_slab | 1UL << PG_active | \
+ 1UL << PG_pool | \
1UL << PG_unevictable | __PG_MLOCKED)
/*
diff --git a/include/trace/events/dhugetlb.h b/include/trace/events/dhugetlb.h
new file mode 100644
index 000000000000..20b3a54589d1
--- /dev/null
+++ b/include/trace/events/dhugetlb.h
@@ -0,0 +1,123 @@
+#undef TRACE_SYSTEM
+#define TRACE_SYSTEM dhugetlb
+
+#if !defined(_TRACE_DHUGETLB_H) || defined(TRACE_HEADER_MULTI_READ)
+#define _TRACE_DHUGETLB_H
+
+#include <linux/tracepoint.h>
+#include <trace/events/mmflags.h>
+
+#define DHUGETLB_SPLIT_1G 0x01u
+#define DHUGETLB_SPLIT_2M 0x02u
+#define DHUGETLB_MERGE_4K 0x04u
+#define DHUGETLB_MIGRATE_4K 0x08u
+#define DHUGETLB_RESV_1G 0x10u
+#define DHUGETLB_UNRESV_1G 0x20u
+#define DHUGETLB_RESV_2M 0x40u
+#define DHUGETLB_UNRESV_2M 0x80u
+#define DHUGETLB_ALLOC_1G 0x100u
+#define DHUGETLB_FREE_1G 0x200u
+#define DHUGETLB_ALLOC_2M 0x400u
+#define DHUGETLB_FREE_2M 0x800u
+
+#define __def_action_names \
+ {(unsigned long)DHUGETLB_SPLIT_1G, "split_1G_to_2M"}, \
+ {(unsigned long)DHUGETLB_SPLIT_2M, "split_2M_to_4K"}, \
+ {(unsigned long)DHUGETLB_MERGE_4K, "merge_4K_to_2M"}, \
+ {(unsigned long)DHUGETLB_MIGRATE_4K, "migrate_4K_to_2M"}, \
+ {(unsigned long)DHUGETLB_RESV_1G, "resv_1G_page"}, \
+ {(unsigned long)DHUGETLB_UNRESV_1G, "unresv_1G_page"}, \
+ {(unsigned long)DHUGETLB_RESV_2M, "resv_2M_page"}, \
+ {(unsigned long)DHUGETLB_UNRESV_2M, "unresv_2M_page"}, \
+ {(unsigned long)DHUGETLB_ALLOC_1G, "alloc_1G_page"}, \
+ {(unsigned long)DHUGETLB_FREE_1G, "free_1G_page"}, \
+ {(unsigned long)DHUGETLB_ALLOC_2M, "alloc_2M_page"}, \
+ {(unsigned long)DHUGETLB_FREE_2M, "free_2M_page"}
+
+#define show_action(action) \
+ (action) ? __print_flags(action, "", \
+ __def_action_names \
+ ) : "none"
+
+TRACE_EVENT(dhugetlb_split_merge,
+
+ TP_PROTO(const void *hpool, struct page *page, unsigned long action),
+
+ TP_ARGS(hpool, page, action),
+
+ TP_STRUCT__entry(
+ __field( const void *, hpool )
+ __field( unsigned long, pfn )
+ __field( unsigned long, action )
+ ),
+
+ TP_fast_assign(
+ __entry->hpool = hpool;
+ __entry->pfn = page ? page_to_pfn(page) : -1UL;
+ __entry->action = action;
+ ),
+
+ TP_printk("hpool=%p page=%p pfn=%lu action=%s",
+ __entry->hpool,
+ __entry->pfn != -1UL ? pfn_to_page(__entry->pfn) : NULL,
+ __entry->pfn != -1UL ? __entry->pfn : 0,
+ show_action(__entry->action))
+);
+
+TRACE_EVENT(dhugetlb_acct_memory,
+
+ TP_PROTO(const void *hpool, unsigned long count, unsigned long action),
+
+ TP_ARGS(hpool, count, action),
+
+ TP_STRUCT__entry(
+ __field( const void *, hpool )
+ __field( unsigned long, count )
+ __field( unsigned long, action )
+ ),
+
+ TP_fast_assign(
+ __entry->hpool = hpool;
+ __entry->count = count;
+ __entry->action = action;
+ ),
+
+ TP_printk("hpool=%p action=%s, mmap_count=%lu",
+ __entry->hpool,
+ show_action(__entry->action),
+ __entry->count)
+);
+
+TRACE_EVENT(dhugetlb_alloc_free,
+
+ TP_PROTO(const void *hpool, struct page *page, unsigned long count,
+ unsigned long action),
+
+ TP_ARGS(hpool, page, count, action),
+
+ TP_STRUCT__entry(
+ __field( const void *, hpool )
+ __field( unsigned long, pfn )
+ __field( unsigned long, count )
+ __field( unsigned long, action )
+ ),
+
+ TP_fast_assign(
+ __entry->hpool = hpool;
+ __entry->pfn = page ? page_to_pfn(page) : -1UL;
+ __entry->count = count;
+ __entry->action = action;
+ ),
+
+ TP_printk("hpool=%p page=%p pfn=%lu action=%s free_count=%lu",
+ __entry->hpool,
+ __entry->pfn != -1UL ? pfn_to_page(__entry->pfn) : NULL,
+ __entry->pfn != -1UL ? __entry->pfn : 0,
+ show_action(__entry->action),
+ __entry->count)
+);
+
+#endif /* _TRACE_DHUGETLB_H */
+
+/* This part must be outside protection */
+#include <trace/define_trace.h>
diff --git a/include/trace/events/mmflags.h b/include/trace/events/mmflags.h
index b817bf1885a0..4d06b47129f3 100644
--- a/include/trace/events/mmflags.h
+++ b/include/trace/events/mmflags.h
@@ -81,6 +81,7 @@
#define __def_pageflag_names \
{1UL << PG_locked, "locked" }, \
+ {1UL << PG_pool, "pool" }, \
{1UL << PG_waiters, "waiters" }, \
{1UL << PG_error, "error" }, \
{1UL << PG_referenced, "referenced" }, \
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 7456882e1a0f..b01490b71f32 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -65,6 +65,7 @@
/* let's not notify more than 100 times per second */
#define CGROUP_FILE_NOTIFY_MIN_INTV DIV_ROUND_UP(HZ, 100)
+bool dhugetlb_pool_is_free(struct cgroup_subsys_state *css);
/*
* cgroup_mutex is the master lock. Any modification to cgroup or its
* hierarchy must be performed while holding it.
@@ -5280,6 +5281,11 @@ static int cgroup_destroy_locked(struct cgroup *cgrp)
if (css_has_online_children(&cgrp->self))
return -EBUSY;
+#ifdef CONFIG_MEMCG
+ /* If we use dynamic hugetlb, make sure dhugtlb_pool is free */
+ if (!dhugetlb_pool_is_free(cgrp->subsys[memory_cgrp_id]))
+ return -EBUSY;
+#endif
/*
* Mark @cgrp and the associated csets dead. The former prevents
* further task migration and child creation by disabling
diff --git a/mm/huge_memory.c b/mm/huge_memory.c
index f8319265c1cf..484ffdbf5f45 100644
--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -396,6 +396,20 @@ static int __init hugepage_init(void)
return -EINVAL;
}
+ /*
+ * When we alloc some pages(order = 0), system may help us to alloc
+ * a page(order > 0) due to transparent hugepage. This result
+ * dynamic hugetlb to be skipped. Actually, using dynamic hugetlb
+ * means we have already optimized the program, so we should not
+ * use transparent hugepage in addition.
+ * (May result negative optimization)
+ */
+ if (dhugetlb_enabled) {
+ transparent_hugepage_flags = 0;
+ pr_info("transparent hugepage is disabled due to confilct with dynamic hugetlb\n");
+ return -EINVAL;
+ }
+
/*
* hugepages can't be allocated by the buddy allocator
*/
@@ -2946,9 +2960,9 @@ static unsigned long deferred_split_count(struct shrinker *shrink,
{
struct pglist_data *pgdata = NODE_DATA(sc->nid);
unsigned long *split_queue_len = &pgdata->split_queue_len;
+#ifdef CONFIG_MEMCG
struct mem_cgroup_extension *memcg_ext;
-#ifdef CONFIG_MEMCG
if (sc->memcg) {
memcg_ext = container_of(sc->memcg, struct mem_cgroup_extension, memcg);
split_queue_len = &memcg_ext->split_queue_len;
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index 495d8b5b38fc..4c8c91acd6d5 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -27,6 +27,12 @@
#include <linux/jhash.h>
#include <linux/mman.h>
#include <linux/share_pool.h>
+#include <linux/kthread.h>
+#include <linux/cpuhotplug.h>
+#include <linux/freezer.h>
+#include <linux/delay.h>
+#include <linux/migrate.h>
+#include <linux/mm_inline.h>
#include <asm/page.h>
#include <asm/pgtable.h>
@@ -39,8 +45,14 @@
#include <linux/userfaultfd_k.h>
#include <linux/page_owner.h>
#include <linux/share_pool.h>
+#include <linux/memblock.h>
#include "internal.h"
+#if (defined CONFIG_DYNAMIC_HUGETLB) && (!defined __GENKSYMS__)
+#define CREATE_TRACE_POINTS
+#include <trace/events/dhugetlb.h>
+#endif
+
int hugetlb_max_hstate __read_mostly;
unsigned int default_hstate_idx;
struct hstate hstates[HUGE_MAX_HSTATE];
@@ -89,7 +101,8 @@ static inline void ClearPageHugeFreed(struct page *head)
}
/* Forward declaration */
-static int hugetlb_acct_memory(struct hstate *h, long delta);
+static int hugetlb_acct_memory(struct hstate *h, long delta,
+ struct dhugetlb_pool *hpool);
static inline void unlock_or_release_subpool(struct hugepage_subpool *spool)
{
@@ -103,7 +116,7 @@ static inline void unlock_or_release_subpool(struct hugepage_subpool *spool)
if (free) {
if (spool->min_hpages != -1)
hugetlb_acct_memory(spool->hstate,
- -spool->min_hpages);
+ -spool->min_hpages, NULL);
kfree(spool);
}
}
@@ -123,7 +136,7 @@ struct hugepage_subpool *hugepage_new_subpool(struct hstate *h, long max_hpages,
spool->hstate = h;
spool->min_hpages = min_hpages;
- if (min_hpages != -1 && hugetlb_acct_memory(h, min_hpages)) {
+ if (min_hpages != -1 && hugetlb_acct_memory(h, min_hpages, NULL)) {
kfree(spool);
return NULL;
}
@@ -149,13 +162,17 @@ void hugepage_put_subpool(struct hugepage_subpool *spool)
* a subpool minimum size must be manitained.
*/
static long hugepage_subpool_get_pages(struct hugepage_subpool *spool,
- long delta)
+ long delta, struct dhugetlb_pool *hpool)
{
long ret = delta;
if (!spool)
return ret;
+ /* Skip subpool when hugetlb file belongs to a hugetlb_pool */
+ if (dhugetlb_enabled && hpool)
+ return ret;
+
spin_lock(&spool->lock);
if (spool->max_hpages != -1) { /* maximum size accounting */
@@ -194,13 +211,17 @@ static long hugepage_subpool_get_pages(struct hugepage_subpool *spool,
* in the case where a subpool minimum size must be maintained.
*/
static long hugepage_subpool_put_pages(struct hugepage_subpool *spool,
- long delta)
+ long delta, struct dhugetlb_pool *hpool)
{
long ret = delta;
if (!spool)
return delta;
+ /* Skip subpool when hugetlb file belongs to a hugetlb_pool */
+ if (dhugetlb_enabled && hpool)
+ return ret;
+
spin_lock(&spool->lock);
if (spool->max_hpages != -1) /* maximum size accounting */
@@ -594,12 +615,13 @@ void hugetlb_fix_reserve_counts(struct inode *inode)
struct hugepage_subpool *spool = subpool_inode(inode);
long rsv_adjust;
bool reserved = false;
+ struct dhugetlb_pool *hpool = HUGETLBFS_I(inode)->hpool;
- rsv_adjust = hugepage_subpool_get_pages(spool, 1);
+ rsv_adjust = hugepage_subpool_get_pages(spool, 1, hpool);
if (rsv_adjust > 0) {
struct hstate *h = hstate_inode(inode);
- if (!hugetlb_acct_memory(h, 1))
+ if (!hugetlb_acct_memory(h, 1, hpool))
reserved = true;
} else if (!rsv_adjust) {
reserved = true;
@@ -1300,6 +1322,56 @@ static inline void ClearPageHugeTemporary(struct page *page)
page[2].mapping = NULL;
}
+#ifdef CONFIG_DYNAMIC_HUGETLB
+static void free_huge_page_to_dhugetlb_pool(struct page *page,
+ bool restore_reserve)
+{
+ struct hstate *h = page_hstate(page);
+ struct dhugetlb_pool *hpool;
+
+ hpool = get_dhugetlb_pool_from_dhugetlb_pagelist(page);
+ if (unlikely(!hpool)) {
+ pr_err("dhugetlb: free error: get hpool failed\n");
+ return;
+ }
+
+ spin_lock(&hpool->lock);
+ ClearPagePool(page);
+ set_compound_page_dtor(page, NULL_COMPOUND_DTOR);
+ if (!hstate_is_gigantic(h)) {
+ list_add(&page->lru, &hpool->dhugetlb_2M_freelists);
+ hpool->free_reserved_2M++;
+ hpool->used_2M--;
+ if (restore_reserve) {
+ hpool->mmap_reserved_2M++;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_2M,
+ DHUGETLB_RESV_2M);
+ }
+ trace_dhugetlb_alloc_free(hpool, page, hpool->free_reserved_2M,
+ DHUGETLB_FREE_2M);
+ } else {
+ list_add(&page->lru, &hpool->dhugetlb_1G_freelists);
+ hpool->free_reserved_1G++;
+ hpool->used_1G--;
+ if (restore_reserve) {
+ hpool->mmap_reserved_1G++;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_1G,
+ DHUGETLB_RESV_1G);
+ }
+ trace_dhugetlb_alloc_free(hpool, page, hpool->free_reserved_1G,
+ DHUGETLB_FREE_1G);
+ }
+ spin_unlock(&hpool->lock);
+ dhugetlb_pool_put(hpool);
+}
+#else
+void free_huge_page_to_dhugetlb_pool(struct page *page, bool restore_reserve)
+{
+}
+#endif
+
void free_huge_page(struct page *page)
{
/*
@@ -1320,6 +1392,17 @@ void free_huge_page(struct page *page)
restore_reserve = PagePrivate(page);
ClearPagePrivate(page);
+ if (dhugetlb_enabled && PagePool(page)) {
+ spin_lock(&hugetlb_lock);
+ clear_page_huge_active(page);
+ list_del(&page->lru);
+ hugetlb_cgroup_uncharge_page(hstate_index(h),
+ pages_per_huge_page(h), page);
+ spin_unlock(&hugetlb_lock);
+ free_huge_page_to_dhugetlb_pool(page, restore_reserve);
+ return;
+ }
+
/*
* If PagePrivate() was set on page, page allocation consumed a
* reservation. If the page was associated with a subpool, there
@@ -1335,7 +1418,7 @@ void free_huge_page(struct page *page)
* after page is free. Therefore, force restore_reserve
* operation.
*/
- if (hugepage_subpool_put_pages(spool, 1) == 0)
+ if (hugepage_subpool_put_pages(spool, 1, NULL) == 0)
restore_reserve = true;
}
@@ -2211,6 +2294,81 @@ static void restore_reserve_on_error(struct hstate *h,
}
}
+#ifdef CONFIG_DYNAMIC_HUGETLB
+static struct page *__alloc_huge_page_from_dhugetlb_pool(
+ struct dhugetlb_pool *hpool, int idx, bool need_unreserved)
+{
+ unsigned long flags;
+ struct page *page = NULL;
+
+ spin_lock_irqsave(&hpool->lock, flags);
+ if (hstate_is_gigantic(&hstates[idx]) && hpool->free_reserved_1G) {
+ page = list_entry(hpool->dhugetlb_1G_freelists.next,
+ struct page, lru);
+ list_del(&page->lru);
+ hpool->free_reserved_1G--;
+ hpool->used_1G++;
+ if (need_unreserved) {
+ SetPagePrivate(page);
+ hpool->mmap_reserved_1G--;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_1G,
+ DHUGETLB_UNRESV_1G);
+ }
+ trace_dhugetlb_alloc_free(hpool, page, hpool->free_reserved_1G,
+ DHUGETLB_ALLOC_1G);
+ } else if (!hstate_is_gigantic(&hstates[idx]) &&
+ hpool->free_reserved_2M) {
+ page = list_entry(hpool->dhugetlb_2M_freelists.next,
+ struct page, lru);
+ list_del(&page->lru);
+ hpool->free_reserved_2M--;
+ hpool->used_2M++;
+ if (need_unreserved) {
+ SetPagePrivate(page);
+ hpool->mmap_reserved_2M--;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_2M,
+ DHUGETLB_UNRESV_2M);
+ }
+ trace_dhugetlb_alloc_free(hpool, page, hpool->free_reserved_2M,
+ DHUGETLB_ALLOC_2M);
+ }
+ if (page) {
+ INIT_LIST_HEAD(&page->lru);
+ set_compound_page_dtor(page, HUGETLB_PAGE_DTOR);
+ set_page_refcounted(page);
+ SetPagePool(page);
+ }
+ spin_unlock_irqrestore(&hpool->lock, flags);
+
+ return page;
+}
+
+static struct page *alloc_huge_page_from_dhugetlb_pool(
+ struct vm_area_struct *vma, int idx, int avoid_reserve,
+ long gbl_chg, struct dhugetlb_pool *hpool)
+{
+ struct page *page;
+ bool need_unreserved = false;
+
+ if (!avoid_reserve && vma_has_reserves(vma, gbl_chg))
+ need_unreserved = true;
+
+ page = __alloc_huge_page_from_dhugetlb_pool(hpool, idx,
+ need_unreserved);
+
+ return page;
+}
+#else
+static inline struct page *alloc_huge_page_from_dhugetlb_pool(
+ struct vm_area_struct *vma, int idx, int avoid_reserve,
+ long gbl_chg, struct dhugetlb_pool *hpool)
+{
+ return NULL;
+}
+#endif
+
struct page *alloc_huge_page(struct vm_area_struct *vma,
unsigned long addr, int avoid_reserve)
{
@@ -2221,6 +2379,8 @@ struct page *alloc_huge_page(struct vm_area_struct *vma,
long gbl_chg;
int ret, idx;
struct hugetlb_cgroup *h_cg;
+ struct dhugetlb_pool *hpool =
+ HUGETLBFS_I(file_inode(vma->vm_file))->hpool;
idx = hstate_index(h);
/*
@@ -2240,7 +2400,7 @@ struct page *alloc_huge_page(struct vm_area_struct *vma,
* checked against any subpool limit.
*/
if (map_chg || avoid_reserve) {
- gbl_chg = hugepage_subpool_get_pages(spool, 1);
+ gbl_chg = hugepage_subpool_get_pages(spool, 1, hpool);
if (gbl_chg < 0) {
vma_end_reservation(h, vma, addr);
return ERR_PTR(-ENOSPC);
@@ -2262,6 +2422,26 @@ struct page *alloc_huge_page(struct vm_area_struct *vma,
if (ret)
goto out_subpool_put;
+ if (dhugetlb_enabled && hpool) {
+ page = alloc_huge_page_from_dhugetlb_pool(vma, idx,
+ avoid_reserve,
+ gbl_chg, hpool);
+ if (page) {
+ /*
+ * Use hugetlb_lock to manage the account of
+ * hugetlb cgroup.
+ */
+ spin_lock(&hugetlb_lock);
+ list_add(&page->lru, &h->hugepage_activelist);
+ hugetlb_cgroup_commit_charge(idx,
+ pages_per_huge_page(hstate_vma(vma)),
+ h_cg, page);
+ spin_unlock(&hugetlb_lock);
+ goto out;
+ }
+ goto out_uncharge_cgroup;
+ }
+
spin_lock(&hugetlb_lock);
/*
* glb_chg is passed to indicate whether or not a page must be taken
@@ -2284,7 +2464,7 @@ struct page *alloc_huge_page(struct vm_area_struct *vma,
}
hugetlb_cgroup_commit_charge(idx, pages_per_huge_page(h), h_cg, page);
spin_unlock(&hugetlb_lock);
-
+out:
set_page_private(page, (unsigned long)spool);
map_commit = vma_commit_reservation(h, vma, addr);
@@ -2300,8 +2480,8 @@ struct page *alloc_huge_page(struct vm_area_struct *vma,
*/
long rsv_adjust;
- rsv_adjust = hugepage_subpool_put_pages(spool, 1);
- hugetlb_acct_memory(h, -rsv_adjust);
+ rsv_adjust = hugepage_subpool_put_pages(spool, 1, hpool);
+ hugetlb_acct_memory(h, -rsv_adjust, hpool);
}
return page;
@@ -2309,7 +2489,7 @@ struct page *alloc_huge_page(struct vm_area_struct *vma,
hugetlb_cgroup_uncharge_cgroup(idx, pages_per_huge_page(h), h_cg);
out_subpool_put:
if (map_chg || avoid_reserve)
- hugepage_subpool_put_pages(spool, 1);
+ hugepage_subpool_put_pages(spool, 1, hpool);
vma_end_reservation(h, vma, addr);
return ERR_PTR(-ENOSPC);
}
@@ -3098,6 +3278,932 @@ static void hugetlb_register_all_nodes(void) { }
#endif
+#ifdef CONFIG_DYNAMIC_HUGETLB
+static bool enable_dhugetlb;
+DEFINE_STATIC_KEY_FALSE(dhugetlb_enabled_key);
+DEFINE_RWLOCK(dhugetlb_pagelist_rwlock);
+struct dhugetlb_pagelist *dhugetlb_pagelist_t;
+
+bool dhugetlb_pool_get(struct dhugetlb_pool *hpool)
+{
+ if (!hpool)
+ return false;
+
+ return atomic_inc_not_zero(&hpool->refcnt);
+}
+
+void dhugetlb_pool_put(struct dhugetlb_pool *hpool)
+{
+ if (!dhugetlb_enabled || !hpool)
+ return;
+
+ if (atomic_dec_and_test(&hpool->refcnt)) {
+ css_put(&hpool->attach_memcg->css);
+ kfree(hpool);
+ }
+}
+
+struct dhugetlb_pool *hpool_alloc(unsigned long nid)
+{
+ int i;
+ struct dhugetlb_pool *hpool;
+
+ hpool = kzalloc(sizeof(struct dhugetlb_pool) +
+ NR_SMPOOL * sizeof(struct small_page_pool), GFP_KERNEL);
+ if (!hpool)
+ return NULL;
+
+ spin_lock_init(&hpool->lock);
+ spin_lock_init(&hpool->reserved_lock);
+ hpool->nid = nid;
+ atomic_set(&hpool->refcnt, 1);
+ INIT_LIST_HEAD(&hpool->dhugetlb_1G_freelists);
+ INIT_LIST_HEAD(&hpool->dhugetlb_2M_freelists);
+ INIT_LIST_HEAD(&hpool->dhugetlb_4K_freelists);
+ INIT_LIST_HEAD(&hpool->split_1G_freelists);
+ INIT_LIST_HEAD(&hpool->split_2M_freelists);
+
+ for (i = 0; i < NR_SMPOOL; i++) {
+ spin_lock_init(&hpool->smpool[i].lock);
+ INIT_LIST_HEAD(&hpool->smpool[i].head_page);
+ }
+
+ return hpool;
+}
+
+int alloc_hugepage_from_hugetlb(struct dhugetlb_pool *hpool,
+ unsigned long nid, unsigned long size)
+{
+ int ret;
+ struct page *page, *next;
+ unsigned long idx;
+ unsigned long i = 0;
+ struct hstate *h = size_to_hstate(PUD_SIZE);
+
+ if (!h)
+ return -ENOMEM;
+
+ spin_lock(&hpool->lock);
+ spin_lock(&hugetlb_lock);
+ if (h->free_huge_pages_node[nid] < size) {
+ ret = -ENOMEM;
+ goto out_unlock;
+ }
+
+ list_for_each_entry_safe(page, next, &h->hugepage_freelists[nid], lru) {
+ idx = page_to_pfn(page) >> (PUD_SHIFT - PAGE_SHIFT);
+ ret = update_dhugetlb_pagelist(idx, hpool);
+ if (ret)
+ continue;
+ ClearPageHugeFreed(page);
+ list_move_tail(&page->lru, &hpool->dhugetlb_1G_freelists);
+ h->free_huge_pages--;
+ h->free_huge_pages_node[nid]--;
+ hpool->total_nr_pages++;
+ hpool->free_unreserved_1G++;
+ if (++i == size)
+ break;
+ }
+ ret = 0;
+out_unlock:
+ spin_unlock(&hugetlb_lock);
+ spin_unlock(&hpool->lock);
+ return ret;
+}
+
+/*
+ * When we assign a hugepage to dhugetlb_pool, we need to record it in
+ * dhugetlb_pagelist_t. In this situation, we just need read_lock because
+ * there is not conflit when write to dhugetlb_pagelist_t->hpool.
+ *
+ * If page's pfn is greater than dhugetlb_pagelist_t->count (which may
+ * occurs due to memory hotplug), we need to realloc enough memory so that
+ * pfn = dhugetlb_pagelist_t->count - 1 and then record it.
+ * In this situation, we need write_lock because while we are reallocating,
+ * the read request should wait.
+ */
+int update_dhugetlb_pagelist(unsigned long idx, struct dhugetlb_pool *hpool)
+{
+ read_lock(&dhugetlb_pagelist_rwlock);
+ if (idx >= dhugetlb_pagelist_t->count) {
+ unsigned long size;
+ struct dhugetlb_pagelist *tmp;
+
+ read_unlock(&dhugetlb_pagelist_rwlock);
+ write_lock(&dhugetlb_pagelist_rwlock);
+
+ size = sizeof(struct dhugetlb_pagelist) +
+ (idx + 1) * sizeof(struct dhugetlb_pool *);
+ tmp = krealloc(dhugetlb_pagelist_t, size, GFP_ATOMIC);
+ if (!tmp) {
+ write_unlock(&dhugetlb_pagelist_rwlock);
+ return -ENOMEM;
+ }
+ tmp->count = idx + 1;
+ dhugetlb_pagelist_t = tmp;
+
+ write_unlock(&dhugetlb_pagelist_rwlock);
+ read_lock(&dhugetlb_pagelist_rwlock);
+ }
+ dhugetlb_pagelist_t->hpool[idx] = hpool;
+ read_unlock(&dhugetlb_pagelist_rwlock);
+ return 0;
+}
+
+struct dhugetlb_pool *get_dhugetlb_pool_from_dhugetlb_pagelist(
+ struct page *page)
+{
+ struct dhugetlb_pool *hpool = NULL;
+ unsigned long idx = page_to_pfn(page) >> (PUD_SHIFT - PAGE_SHIFT);
+
+ read_lock(&dhugetlb_pagelist_rwlock);
+ if (idx < dhugetlb_pagelist_t->count)
+ hpool = dhugetlb_pagelist_t->hpool[idx];
+ read_unlock(&dhugetlb_pagelist_rwlock);
+ if (dhugetlb_pool_get(hpool))
+ return hpool;
+ return NULL;
+}
+
+struct dhugetlb_pool *get_dhugetlb_pool_from_task(struct task_struct *tsk)
+{
+ struct mem_cgroup *memcg;
+ struct dhugetlb_pool *hpool;
+
+ if (!dhugetlb_enabled)
+ return NULL;
+
+ rcu_read_lock();
+ memcg = mem_cgroup_from_task(tsk);
+ rcu_read_unlock();
+
+ hpool = get_dhugetlb_pool_from_memcg(memcg);
+
+ return hpool;
+}
+
+static void add_new_huge_page_to_pool(struct dhugetlb_pool *hpool,
+ struct page *page, bool gigantic)
+{
+ lockdep_assert_held(&hpool->lock);
+ VM_BUG_ON_PAGE(page_mapcount(page), page);
+ INIT_LIST_HEAD(&page->lru);
+
+ if (gigantic) {
+ prep_compound_gigantic_page(page, PUD_SHIFT - PAGE_SHIFT);
+ list_add_tail(&page->lru, &hpool->dhugetlb_1G_freelists);
+ hpool->free_unreserved_1G++;
+ } else {
+ prep_new_page(page, PMD_SHIFT - PAGE_SHIFT, __GFP_COMP, 0);
+ set_page_count(page, 0);
+ list_add_tail(&page->lru, &hpool->dhugetlb_2M_freelists);
+ hpool->free_unreserved_2M++;
+ }
+ set_page_private(page, 0);
+ page->mapping = NULL;
+ set_compound_page_dtor(page, HUGETLB_PAGE_DTOR);
+ set_hugetlb_cgroup(page, NULL);
+}
+
+static void free_dhugetlb_pcpool(struct dhugetlb_pool *hpool)
+{
+ int i;
+ struct small_page_pool *smpool;
+
+ for (i = 0; i < NR_SMPOOL; i++) {
+ smpool = &hpool->smpool[i];
+ list_splice(&smpool->head_page, &hpool->dhugetlb_4K_freelists);
+ smpool->free_pages = 0;
+ smpool->used_pages = 0;
+ INIT_LIST_HEAD(&smpool->head_page);
+ }
+}
+
+static void __free_dhugetlb_small_page(struct dhugetlb_pool *hpool)
+{
+ struct page *page, *next;
+ struct split_pages *split_huge, *split_next;
+
+ if (list_empty(&hpool->dhugetlb_4K_freelists))
+ return;
+
+ list_for_each_entry_safe(page, next,
+ &hpool->dhugetlb_4K_freelists, lru) {
+ list_del(&page->lru);
+ add_new_huge_page_to_pool(hpool, page, false);
+ }
+
+ list_for_each_entry_safe(split_huge, split_next,
+ &hpool->split_2M_freelists, list) {
+ list_del(&split_huge->list);
+ kfree(split_huge);
+ hpool->nr_split_2M--;
+ }
+
+ hpool->free_pages = 0;
+ INIT_LIST_HEAD(&hpool->dhugetlb_4K_freelists);
+}
+
+static void free_dhugetlb_small_page(struct dhugetlb_pool *hpool)
+{
+ struct page *page, *next;
+ unsigned long nr_pages = 1 << (PMD_SHIFT - PAGE_SHIFT);
+
+ lockdep_assert_held(&hpool->lock);
+ if (list_empty(&hpool->dhugetlb_4K_freelists))
+ return;
+
+ list_for_each_entry_safe(page, next,
+ &hpool->dhugetlb_4K_freelists, lru) {
+ if (page_to_pfn(page) % nr_pages != 0)
+ list_del(&page->lru);
+ }
+
+ __free_dhugetlb_small_page(hpool);
+}
+
+static void __free_dhugetlb_huge_page(struct dhugetlb_pool *hpool)
+{
+ struct page *page, *next;
+ struct split_pages *split_giga, *split_next;
+
+ if (list_empty(&hpool->dhugetlb_2M_freelists))
+ return;
+
+ list_for_each_entry_safe(page, next,
+ &hpool->dhugetlb_2M_freelists, lru) {
+ list_del(&page->lru);
+ add_new_huge_page_to_pool(hpool, page, true);
+ }
+ list_for_each_entry_safe(split_giga, split_next,
+ &hpool->split_1G_freelists, list) {
+ list_del(&split_giga->list);
+ kfree(split_giga);
+ hpool->nr_split_1G--;
+ }
+
+ hpool->total_reserved_2M = 0;
+ hpool->free_reserved_2M = 0;
+ hpool->free_unreserved_2M = 0;
+ INIT_LIST_HEAD(&hpool->dhugetlb_2M_freelists);
+}
+
+static void free_dhugetlb_huge_page(struct dhugetlb_pool *hpool)
+{
+ struct page *page, *next;
+ unsigned long nr_pages = 1 << (PUD_SHIFT - PAGE_SHIFT);
+ unsigned long block_size = 1 << (PMD_SHIFT - PAGE_SHIFT);
+ int i;
+
+ lockdep_assert_held(&hpool->lock);
+ if (list_empty(&hpool->dhugetlb_2M_freelists))
+ return;
+
+ list_for_each_entry_safe(page, next,
+ &hpool->dhugetlb_2M_freelists, lru) {
+ set_compound_page_dtor(page, NULL_COMPOUND_DTOR);
+ atomic_set(compound_mapcount_ptr(page), 0);
+ for (i = 1; i < block_size; i++)
+ clear_compound_head(&page[i]);
+ set_compound_order(page, 0);
+ __ClearPageHead(page);
+ if (page_to_pfn(page) % nr_pages != 0)
+ list_del(&page->lru);
+ }
+ __free_dhugetlb_huge_page(hpool);
+}
+
+static int try_migrate_page(struct page *page, unsigned long nid)
+{
+ unsigned long pfn = page_to_pfn(page);
+ int ret = 0;
+
+ LIST_HEAD(source);
+
+ if (!pfn_valid(pfn))
+ return 0;
+ BUG_ON(PageHuge(page) || PageTransHuge(page));
+ /*
+ * HWPoison pages have elevated reference counts so the migration
+ * would fail on them. It also doesn't make any sense to migrate them
+ * in the first place. Still try to unmap such a page in case it is
+ * still mapped(e.g. current hwpoison implementation doesn't unmap
+ * KSM pages but keep the unmap as the catch all safety net).
+ */
+ if (PageHWPoison(page)) {
+ if (WARN_ON(PageLRU(page)))
+ isolate_lru_page(page);
+ if (page_mapped(page))
+ try_to_unmap(page,
+ TTU_IGNORE_MLOCK | TTU_IGNORE_ACCESS);
+ return 0;
+ }
+
+ if (!get_page_unless_zero(page))
+ return 0;
+ /*
+ * We can skip free pages. And we can deal with pages on
+ * LRU and non-lru movable pages.
+ */
+ if (PageLRU(page))
+ ret = isolate_lru_page(page);
+ else
+ ret = isolate_movable_page(page, ISOLATE_UNEVICTABLE);
+ put_page(page);
+ if (ret) {
+ if (page_count(page))
+ ret = -EBUSY;
+ return ret;
+ }
+ list_add_tail(&page->lru, &source);
+ if (!__PageMovable(page))
+ inc_node_page_state(page,
+ NR_ISOLATED_ANON + page_is_file_cache(page));
+
+ ret = migrate_pages(&source, alloc_new_node_page, NULL, nid,
+ MIGRATE_SYNC_LIGHT, MR_COMPACTION);
+ if (ret)
+ putback_movable_pages(&source);
+ return ret;
+}
+
+static void try_migrate_pages(struct dhugetlb_pool *hpool)
+{
+ int i, j;
+ unsigned long nr_free_pages;
+ struct split_pages *split_giga, *next;
+ unsigned int nr_pages = 1 << (PMD_SHIFT - PAGE_SHIFT);
+ struct page *page;
+ int sleep_interval = 100; /* wait for the migration */
+
+ spin_unlock(&hpool->lock);
+ for (i = NR_SMPOOL - 1; i >= 0; i--)
+ spin_unlock(&hpool->smpool[i].lock);
+
+ msleep(sleep_interval);
+ dhugetlb_pool_force_empty(hpool->attach_memcg);
+
+ spin_lock(&hpool->lock);
+ nr_free_pages = hpool->free_pages;
+ spin_unlock(&hpool->lock);
+ for (i = 0; i < NR_SMPOOL; i++) {
+ spin_lock(&hpool->smpool[i].lock);
+ nr_free_pages += hpool->smpool[i].free_pages;
+ spin_unlock(&hpool->smpool[i].lock);
+ }
+
+ if (nr_free_pages >> HUGETLB_PAGE_ORDER < hpool->nr_split_2M) {
+ list_for_each_entry_safe(split_giga, next,
+ &hpool->split_1G_freelists, list) {
+ for (i = 0; i < nr_pages; i++) {
+ if (PageCompound(pfn_to_page(
+ split_giga->start_pfn + i * nr_pages)))
+ continue;
+ page = pfn_to_page(split_giga->start_pfn +
+ i * nr_pages);
+ for (j = 0; j < nr_pages; j++) {
+ if (PagePool(page + j))
+ try_migrate_page(page + j,
+ hpool->nid);
+ }
+ }
+ }
+ }
+
+ for (i = 0; i < NR_SMPOOL; i++)
+ spin_lock(&hpool->smpool[i].lock);
+ spin_lock(&hpool->lock);
+}
+
+/*
+ * If there are some pages are still in use. We will try to reclaim/migrate it.
+ * After trying at most HPOOL_RECLAIM_RETRIES times, we may success.
+ * Or we will print the failed information and return false.
+ */
+static bool free_dhugetlb_pages(struct dhugetlb_pool *hpool)
+{
+ int i;
+ long used_pages;
+ int try_count = 0;
+
+retry:
+ used_pages = 0;
+ for (i = 0; i < NR_SMPOOL; i++)
+ used_pages += hpool->smpool[i].used_pages;
+
+ if (try_count < HPOOL_RECLAIM_RETRIES &&
+ (used_pages || hpool->used_2M || hpool->used_1G)) {
+ try_migrate_pages(hpool);
+ try_count++;
+ goto retry;
+ }
+
+ if (used_pages)
+ pr_err("dhugetlb: some 4K pages not free, memcg: %s delete failed!\n",
+ hpool->attach_memcg->css.cgroup->kn->name);
+ else if (hpool->used_2M)
+ pr_err("dhugetlb: some 2M pages not free, memcg: %s delete failed!\n",
+ hpool->attach_memcg->css.cgroup->kn->name);
+ else if (hpool->used_1G)
+ pr_err("dhugetlb: some 1G pages not free, memcg: %s delete failed!\n",
+ hpool->attach_memcg->css.cgroup->kn->name);
+ else {
+ free_dhugetlb_pcpool(hpool);
+ free_dhugetlb_small_page(hpool);
+ free_dhugetlb_huge_page(hpool);
+ return true;
+ }
+ return false;
+}
+
+static void free_back_hugetlb(struct dhugetlb_pool *hpool)
+{
+ int nid;
+ unsigned int nr_pages;
+ unsigned long pfn, idx;
+ struct page *page, *page_next, *p;
+ struct hstate *h = size_to_hstate(PUD_SIZE);
+
+ if (!h)
+ return;
+
+ spin_lock(&hugetlb_lock);
+ list_for_each_entry_safe(page, page_next,
+ &hpool->dhugetlb_1G_freelists, lru) {
+ nr_pages = 1 << huge_page_order(h);
+ pfn = page_to_pfn(page);
+ for (; nr_pages--; pfn++) {
+ p = pfn_to_page(pfn);
+ p->mapping = NULL;
+ }
+ SetPageHugeFreed(page);
+ set_compound_page_dtor(page, HUGETLB_PAGE_DTOR);
+ nid = page_to_nid(page);
+ BUG_ON(nid >= MAX_NUMNODES);
+ list_move(&page->lru, &h->hugepage_freelists[nid]);
+ h->free_huge_pages_node[nid]++;
+ read_lock(&dhugetlb_pagelist_rwlock);
+ idx = page_to_pfn(page) >> (PUD_SHIFT - PAGE_SHIFT);
+ if (idx < dhugetlb_pagelist_t->count)
+ dhugetlb_pagelist_t->hpool[idx] = NULL;
+ read_unlock(&dhugetlb_pagelist_rwlock);
+ }
+ h->free_huge_pages += hpool->total_nr_pages;
+ hpool->total_nr_pages = 0;
+ hpool->free_unreserved_1G = 0;
+ hpool->free_reserved_1G = 0;
+ hpool->total_reserved_1G = 0;
+ INIT_LIST_HEAD(&hpool->dhugetlb_1G_freelists);
+ spin_unlock(&hugetlb_lock);
+}
+
+bool free_dhugetlb_pool(struct dhugetlb_pool *hpool)
+{
+ int i;
+ bool ret = false;
+
+ for (i = 0; i < NR_SMPOOL; i++)
+ spin_lock(&hpool->smpool[i].lock);
+ spin_lock(&hpool->lock);
+
+ ret = free_dhugetlb_pages(hpool);
+ if (!ret)
+ goto out_unlock;
+
+ free_back_hugetlb(hpool);
+
+out_unlock:
+ spin_unlock(&hpool->lock);
+ for (i = NR_SMPOOL - 1; i >= 0; i--)
+ spin_unlock(&hpool->smpool[i].lock);
+
+ if (ret)
+ dhugetlb_pool_put(hpool);
+ return ret;
+}
+
+static void __split_free_huge_page(struct dhugetlb_pool *hpool,
+ struct page *page)
+{
+ int i;
+ int order_h = PUD_SHIFT - PAGE_SHIFT;
+ int order_m = PMD_SHIFT - PAGE_SHIFT;
+ int blocks = 1 << (order_h - order_m);
+ struct page *p = page + 1;
+
+ lockdep_assert_held(&hpool->lock);
+ set_compound_page_dtor(page, NULL_COMPOUND_DTOR);
+ atomic_set(compound_mapcount_ptr(page), 0);
+ for (i = 1; i < (1 << order_h); i++, p = mem_map_next(p, page, i))
+ clear_compound_head(p);
+
+ set_compound_order(page, 0);
+ __ClearPageHead(page);
+
+ /* make it be 2M huge pages and put it to huge pool */
+ for (i = 0; i < blocks; i++, page += (1 << order_m))
+ add_new_huge_page_to_pool(hpool, page, false);
+}
+
+static void __split_free_small_page(struct dhugetlb_pool *hpool,
+ struct page *page)
+{
+ int i;
+ int nr_pages = 1 << (PMD_SHIFT - PAGE_SHIFT);
+
+ lockdep_assert_held(&hpool->lock);
+ set_compound_page_dtor(page, NULL_COMPOUND_DTOR);
+ set_compound_order(page, 0);
+ for (i = 0; i < nr_pages; i++) {
+ if (i != 0) {
+ page[i].mapping = NULL;
+ clear_compound_head(&page[i]);
+ } else
+ __ClearPageHead(page);
+
+ /*
+ * If a hugepage is mapped in private mode, the PG_uptodate bit
+ * will not be cleared when the hugepage freed. Clear the
+ * hugepage using free_pages_prepare() here.
+ */
+ free_pages_prepare(&page[i], 0, false);
+ hpool->free_pages++;
+ list_add_tail(&page[i].lru, &hpool->dhugetlb_4K_freelists);
+ }
+}
+
+static bool split_free_huge_page(struct dhugetlb_pool *hpool)
+{
+ struct page *page;
+ struct split_pages *split_page;
+
+ lockdep_assert_held(&hpool->lock);
+
+ if (!hpool->free_unreserved_1G)
+ return false;
+
+ split_page = kzalloc(sizeof(struct split_pages), GFP_ATOMIC);
+ if (!split_page)
+ return false;
+
+ page = list_entry(hpool->dhugetlb_1G_freelists.next, struct page, lru);
+ list_del(&page->lru);
+ hpool->free_unreserved_1G--;
+
+ split_page->start_pfn = page_to_pfn(page);
+ list_add(&split_page->list, &hpool->split_1G_freelists);
+ hpool->nr_split_1G++;
+
+ trace_dhugetlb_split_merge(hpool, page, DHUGETLB_SPLIT_1G);
+
+ __split_free_huge_page(hpool, page);
+ return true;
+}
+
+static bool split_free_small_page(struct dhugetlb_pool *hpool)
+{
+ struct page *page;
+ struct split_pages *split_page;
+
+ lockdep_assert_held(&hpool->lock);
+
+ if (!hpool->free_unreserved_2M && !split_free_huge_page(hpool))
+ return false;
+
+ split_page = kzalloc(sizeof(struct split_pages), GFP_ATOMIC);
+ if (!split_page)
+ return false;
+
+ page = list_entry(hpool->dhugetlb_2M_freelists.next, struct page, lru);
+ list_del(&page->lru);
+ hpool->free_unreserved_2M--;
+
+ split_page->start_pfn = page_to_pfn(page);
+ list_add(&split_page->list, &hpool->split_2M_freelists);
+ hpool->nr_split_2M++;
+
+ trace_dhugetlb_split_merge(hpool, page, DHUGETLB_SPLIT_2M);
+
+ __split_free_small_page(hpool, page);
+ return true;
+}
+
+bool move_pages_from_hpool_to_smpool(struct dhugetlb_pool *hpool,
+ struct small_page_pool *smpool)
+{
+ int i = 0;
+ struct page *page, *next;
+
+ if (!hpool->free_pages && !split_free_small_page(hpool))
+ return false;
+
+ list_for_each_entry_safe(page, next,
+ &hpool->dhugetlb_4K_freelists, lru) {
+ list_del(&page->lru);
+ hpool->free_pages--;
+ list_add_tail(&page->lru, &smpool->head_page);
+ smpool->free_pages++;
+ if (++i == BATCH_SMPOOL_PAGE)
+ break;
+ }
+ return true;
+}
+
+void move_pages_from_smpool_to_hpool(struct dhugetlb_pool *hpool,
+ struct small_page_pool *smpool)
+{
+ int i = 0;
+ struct page *page, *next;
+
+ list_for_each_entry_safe(page, next, &smpool->head_page, lru) {
+ list_del(&page->lru);
+ smpool->free_pages--;
+ list_add(&page->lru, &hpool->dhugetlb_4K_freelists);
+ hpool->free_pages++;
+ if (++i == BATCH_SMPOOL_PAGE)
+ break;
+ }
+}
+
+static unsigned long list_len(struct list_head *head)
+{
+ unsigned long len = 0;
+ struct page *page;
+
+ list_for_each_entry(page, head, lru)
+ len++;
+
+ return len;
+}
+
+static void hugetlb_migrate_pages(struct dhugetlb_pool *hpool,
+ unsigned long count)
+{
+ int i, try;
+ struct page *page;
+ struct split_pages *split_huge, *split_next;
+ unsigned long nr_pages = 1 << (PMD_SHIFT - PAGE_SHIFT);
+ LIST_HEAD(wait_page_list);
+
+ list_for_each_entry_safe(split_huge, split_next,
+ &hpool->split_2M_freelists, list) {
+ /*
+ * Isolate free page first because we dont want them to be
+ * allocated.
+ */
+ for (i = 0; i < nr_pages; i++) {
+ page = pfn_to_page(split_huge->start_pfn + i);
+ if (!PagePool(page))
+ list_move(&page->lru, &wait_page_list);
+ }
+
+ for (try = 0; try < HPOOL_RECLAIM_RETRIES; try++) {
+ /*
+ * Unlock and try migration, after migration we need
+ * to lock back.
+ */
+ for (i = 0; i < NR_SMPOOL; i++)
+ hpool->smpool[i].free_pages =
+ list_len(&hpool->smpool[i].head_page);
+ hpool->free_pages =
+ list_len(&hpool->dhugetlb_4K_freelists);
+ spin_unlock(&hpool->lock);
+ for (i = NR_SMPOOL - 1; i >= 0; i--)
+ spin_unlock(&hpool->smpool[i].lock);
+
+ for (i = 0; i < nr_pages; i++) {
+ page = pfn_to_page(split_huge->start_pfn + i);
+ if (PagePool(page))
+ try_migrate_page(page, hpool->nid);
+ }
+ for (i = 0; i < NR_SMPOOL; i++)
+ spin_lock(&hpool->smpool[i].lock);
+ spin_lock(&hpool->lock);
+
+ /*
+ * Isolate free page. If all page in the split_huge
+ * is free, return it.
+ */
+ split_huge->free_pages = 0;
+ for (i = 0; i < nr_pages; i++) {
+ page = pfn_to_page(split_huge->start_pfn + i);
+ if (!PagePool(page)) {
+ list_move(&page->lru, &wait_page_list);
+ split_huge->free_pages++;
+ }
+ }
+ if (split_huge->free_pages == nr_pages)
+ break;
+ }
+ if (split_huge->free_pages == nr_pages) {
+ for (i = 0; i < nr_pages; i++) {
+ page = pfn_to_page(split_huge->start_pfn + i);
+ list_del(&page->lru);
+ }
+ INIT_LIST_HEAD(&wait_page_list);
+ page = pfn_to_page(split_huge->start_pfn);
+ add_new_huge_page_to_pool(hpool, page, false);
+ list_del(&split_huge->list);
+ kfree(split_huge);
+ hpool->nr_split_2M--;
+
+ trace_dhugetlb_split_merge(hpool, page,
+ DHUGETLB_MIGRATE_4K);
+
+ if (--count == 0)
+ return;
+ } else {
+ /* Failed, put back the isolate pages */
+ list_splice(&wait_page_list,
+ &hpool->dhugetlb_4K_freelists);
+ INIT_LIST_HEAD(&wait_page_list);
+ }
+ }
+}
+
+static unsigned long merge_free_split_huge(struct dhugetlb_pool *hpool,
+ unsigned long count)
+{
+ int i;
+ struct page *page;
+ struct split_pages *split_huge, *split_next;
+ unsigned long nr_pages = 1 << (PMD_SHIFT - PAGE_SHIFT);
+
+ list_for_each_entry_safe(split_huge, split_next,
+ &hpool->split_2M_freelists, list) {
+ split_huge->free_pages = 0;
+ for (i = 0; i < nr_pages; i++) {
+ page = pfn_to_page(split_huge->start_pfn + i);
+ if (!PagePool(page))
+ split_huge->free_pages++;
+ }
+ if (split_huge->free_pages == nr_pages) {
+ for (i = 0; i < nr_pages; i++) {
+ page = pfn_to_page(split_huge->start_pfn + i);
+ list_del(&page->lru);
+ }
+ page = pfn_to_page(split_huge->start_pfn);
+ add_new_huge_page_to_pool(hpool, page, false);
+ list_del(&split_huge->list);
+ kfree(split_huge);
+ hpool->nr_split_2M--;
+
+ trace_dhugetlb_split_merge(hpool, page,
+ DHUGETLB_MERGE_4K);
+
+ if (--count == 0)
+ return 0;
+ }
+ }
+ return count;
+}
+
+static void merge_free_small_page(struct dhugetlb_pool *hpool,
+ unsigned long count)
+{
+ int i;
+ unsigned long need_migrate;
+
+ if (!hpool->nr_split_2M)
+ return;
+
+ need_migrate = merge_free_split_huge(hpool, count);
+ if (need_migrate)
+ hugetlb_migrate_pages(hpool, need_migrate);
+
+ for (i = 0; i < NR_SMPOOL; i++)
+ hpool->smpool[i].free_pages =
+ list_len(&hpool->smpool[i].head_page);
+ hpool->free_pages = list_len(&hpool->dhugetlb_4K_freelists);
+}
+
+static void dhugetlb_collect_2M_pages(struct dhugetlb_pool *hpool,
+ unsigned long count)
+{
+ int i;
+
+ while (hpool->free_unreserved_1G &&
+ count > hpool->free_unreserved_2M)
+ split_free_huge_page(hpool);
+
+ /*
+ * If we try to merge 4K pages to 2M, we need to unlock hpool->lock
+ * first, and then try to lock every lock in order to avoid deadlock.
+ */
+ if (count > hpool->free_unreserved_2M) {
+ spin_unlock(&hpool->lock);
+ for (i = 0; i < NR_SMPOOL; i++)
+ spin_lock(&hpool->smpool[i].lock);
+ spin_lock(&hpool->lock);
+ merge_free_small_page(hpool, count - hpool->free_unreserved_2M);
+ for (i = NR_SMPOOL - 1; i >= 0; i--)
+ spin_unlock(&hpool->smpool[i].lock);
+ }
+}
+
+/*
+ * Parameter gigantic: true means reserve 1G pages and false means reserve
+ * 2M pages. When we want to reserve 2M pages more than
+ * hpool->free_unreserved_2M, we have to try split/merge. Still, we can't
+ * guarantee success.
+ */
+void dhugetlb_reserve_hugepages(struct dhugetlb_pool *hpool,
+ unsigned long count, bool gigantic)
+{
+ unsigned long delta;
+
+ spin_lock(&hpool->lock);
+ if (gigantic) {
+ if (count > hpool->total_reserved_1G) {
+ delta = min(count - hpool->total_reserved_1G,
+ hpool->free_unreserved_1G);
+ hpool->total_reserved_1G += delta;
+ hpool->free_reserved_1G += delta;
+ hpool->free_unreserved_1G -= delta;
+ } else {
+ delta = min(hpool->total_reserved_1G - count,
+ hpool->free_reserved_1G -
+ hpool->mmap_reserved_1G);
+ hpool->total_reserved_1G -= delta;
+ hpool->free_reserved_1G -= delta;
+ hpool->free_unreserved_1G += delta;
+ }
+ } else {
+ if (count > hpool->total_reserved_2M) {
+ delta = count - hpool->total_reserved_2M;
+ if (delta > hpool->free_unreserved_2M)
+ dhugetlb_collect_2M_pages(hpool, delta);
+ delta = min(count - hpool->total_reserved_2M,
+ hpool->free_unreserved_2M);
+ hpool->total_reserved_2M += delta;
+ hpool->free_reserved_2M += delta;
+ hpool->free_unreserved_2M -= delta;
+ } else {
+ delta = min(hpool->total_reserved_2M - count,
+ hpool->free_reserved_2M -
+ hpool->mmap_reserved_2M);
+ hpool->total_reserved_2M -= delta;
+ hpool->free_reserved_2M -= delta;
+ hpool->free_unreserved_2M += delta;
+ }
+ }
+ spin_unlock(&hpool->lock);
+}
+
+static int dhugetlb_acct_memory(struct hstate *h, long delta,
+ struct dhugetlb_pool *hpool)
+{
+ int ret = -ENOMEM;
+
+ if (delta == 0)
+ return 0;
+
+ spin_lock(&hpool->lock);
+ if (hstate_is_gigantic(h)) {
+ if (delta > 0 && delta <= hpool->free_reserved_1G -
+ hpool->mmap_reserved_1G) {
+ hpool->mmap_reserved_1G += delta;
+ ret = 0;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_1G,
+ DHUGETLB_RESV_1G);
+ } else if (delta < 0) {
+ hpool->mmap_reserved_1G -= (unsigned long)(-delta);
+ WARN_ON(hpool->mmap_reserved_1G < 0);
+ ret = 0;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_1G,
+ DHUGETLB_UNRESV_1G);
+ }
+ } else {
+ if (delta > 0 && delta <= hpool->free_reserved_2M -
+ hpool->mmap_reserved_2M) {
+ hpool->mmap_reserved_2M += delta;
+ ret = 0;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_2M,
+ DHUGETLB_RESV_2M);
+ } else if (delta < 0) {
+ hpool->mmap_reserved_2M -= (unsigned long)(-delta);
+ WARN_ON(hpool->mmap_reserved_2M < 0);
+ ret = 0;
+ trace_dhugetlb_acct_memory(hpool,
+ hpool->mmap_reserved_2M,
+ DHUGETLB_UNRESV_2M);
+ }
+ }
+ spin_unlock(&hpool->lock);
+
+ return ret;
+}
+#else
+static int dhugetlb_acct_memory(struct hstate *h, long delta,
+ struct dhugetlb_pool *hpool)
+{
+ return 0;
+}
+#endif /* CONFIG_DYNAMIC_HUGETLB */
+
static int __init hugetlb_init(void)
{
int i;
@@ -3134,6 +4240,23 @@ static int __init hugetlb_init(void)
hugetlb_register_all_nodes();
hugetlb_cgroup_file_init();
+#ifdef CONFIG_DYNAMIC_HUGETLB
+ if (enable_dhugetlb) {
+ unsigned long count = max(max_pfn >> (PUD_SHIFT - PAGE_SHIFT),
+ (unsigned long)DEFAULT_PAGESIZE);
+ unsigned long size = sizeof(struct dhugetlb_pagelist) +
+ count * sizeof(struct dhugetlb_pool *);
+ dhugetlb_pagelist_t = kzalloc(size, GFP_KERNEL);
+ if (dhugetlb_pagelist_t) {
+ dhugetlb_pagelist_t->count = count;
+ static_branch_enable(&dhugetlb_enabled_key);
+ pr_info("Dynamic 1G hugepage enabled\n");
+ } else
+ pr_info("Dynamic 1G hugepage disabled due to out of memory, need %lu\n",
+ size);
+ }
+#endif
+
#ifdef CONFIG_SMP
num_fault_mutexes = roundup_pow_of_two(8 * num_possible_cpus());
#else
@@ -3270,6 +4393,16 @@ static int __init hugetlb_nrpages_setup(char *s)
}
__setup("hugepages=", hugetlb_nrpages_setup);
+#ifdef CONFIG_DYNAMIC_HUGETLB
+static int __init dhugetlb_setup(char *s)
+{
+ if (!strcmp(s, "on"))
+ enable_dhugetlb = true;
+ return 1;
+}
+__setup("dynamic_1G_hugepage=", dhugetlb_setup);
+#endif
+
static int __init hugetlb_default_setup(char *s)
{
default_hstate_size = memparse(s, &s);
@@ -3471,10 +4604,14 @@ unsigned long hugetlb_total_pages(void)
return nr_total_pages;
}
-static int hugetlb_acct_memory(struct hstate *h, long delta)
+static int hugetlb_acct_memory(struct hstate *h, long delta,
+ struct dhugetlb_pool *hpool)
{
int ret = -ENOMEM;
+ if (dhugetlb_enabled && hpool)
+ return dhugetlb_acct_memory(h, delta, hpool);
+
spin_lock(&hugetlb_lock);
/*
* When cpuset is configured, it breaks the strict hugetlb page
@@ -3535,6 +4672,8 @@ static void hugetlb_vm_op_close(struct vm_area_struct *vma)
struct hugepage_subpool *spool = subpool_vma(vma);
unsigned long reserve, start, end;
long gbl_reserve;
+ struct dhugetlb_pool *hpool =
+ HUGETLBFS_I(file_inode(vma->vm_file))->hpool;
if (!resv || !is_vma_resv_set(vma, HPAGE_RESV_OWNER))
return;
@@ -3551,8 +4690,8 @@ static void hugetlb_vm_op_close(struct vm_area_struct *vma)
* Decrement reserve counts. The global reserve count may be
* adjusted if the subpool has a minimum size.
*/
- gbl_reserve = hugepage_subpool_put_pages(spool, reserve);
- hugetlb_acct_memory(h, -gbl_reserve);
+ gbl_reserve = hugepage_subpool_put_pages(spool, reserve, hpool);
+ hugetlb_acct_memory(h, -gbl_reserve, hpool);
}
}
@@ -4934,6 +6073,7 @@ int hugetlb_reserve_pages(struct inode *inode,
struct hugepage_subpool *spool = subpool_inode(inode);
struct resv_map *resv_map;
long gbl_reserve;
+ struct dhugetlb_pool *hpool = HUGETLBFS_I(inode)->hpool;
/* This should never happen */
if (from > to) {
@@ -4986,7 +6126,7 @@ int hugetlb_reserve_pages(struct inode *inode,
* the subpool has a minimum size, there may be some global
* reservations already in place (gbl_reserve).
*/
- gbl_reserve = hugepage_subpool_get_pages(spool, chg);
+ gbl_reserve = hugepage_subpool_get_pages(spool, chg, hpool);
if (gbl_reserve < 0) {
ret = -ENOSPC;
goto out_err;
@@ -4996,10 +6136,10 @@ int hugetlb_reserve_pages(struct inode *inode,
* Check enough hugepages are available for the reservation.
* Hand the pages back to the subpool if there are not
*/
- ret = hugetlb_acct_memory(h, gbl_reserve);
+ ret = hugetlb_acct_memory(h, gbl_reserve, hpool);
if (ret < 0) {
/* put back original number of pages, chg */
- (void)hugepage_subpool_put_pages(spool, chg);
+ (void)hugepage_subpool_put_pages(spool, chg, hpool);
goto out_err;
}
@@ -5028,8 +6168,9 @@ int hugetlb_reserve_pages(struct inode *inode,
long rsv_adjust;
rsv_adjust = hugepage_subpool_put_pages(spool,
- chg - add);
- hugetlb_acct_memory(h, -rsv_adjust);
+ chg - add,
+ hpool);
+ hugetlb_acct_memory(h, -rsv_adjust, hpool);
}
}
return 0;
@@ -5051,6 +6192,7 @@ long hugetlb_unreserve_pages(struct inode *inode, long start, long end,
long chg = 0;
struct hugepage_subpool *spool = subpool_inode(inode);
long gbl_reserve;
+ struct dhugetlb_pool *hpool = HUGETLBFS_I(inode)->hpool;
/*
* Since this routine can be called in the evict inode path for all
@@ -5075,8 +6217,8 @@ long hugetlb_unreserve_pages(struct inode *inode, long start, long end,
* If the subpool has a minimum size, the number of global
* reservations to be released may be adjusted.
*/
- gbl_reserve = hugepage_subpool_put_pages(spool, (chg - freed));
- hugetlb_acct_memory(h, -gbl_reserve);
+ gbl_reserve = hugepage_subpool_put_pages(spool, (chg - freed), hpool);
+ hugetlb_acct_memory(h, -gbl_reserve, hpool);
return 0;
}
diff --git a/mm/internal.h b/mm/internal.h
index 1b861446c751..deffd247b010 100644
--- a/mm/internal.h
+++ b/mm/internal.h
@@ -182,6 +182,7 @@ extern void __putback_isolated_page(struct page *page, unsigned int order,
int mt);
extern void __free_pages_core(struct page *page, unsigned int order);
extern void prep_compound_page(struct page *page, unsigned int order);
+extern int check_new_page(struct page *page);
extern void post_alloc_hook(struct page *page, unsigned int order,
gfp_t gfp_flags);
extern int user_min_free_kbytes;
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 63b91a030b02..bdc90e6fc082 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -997,6 +997,41 @@ static __always_inline struct mem_cgroup *get_mem_cgroup_from_current(void)
return get_mem_cgroup_from_mm(current->mm);
}
+#ifdef CONFIG_DYNAMIC_HUGETLB
+void free_page_to_dhugetlb_pool(struct page *page)
+{
+ struct dhugetlb_pool *hpool;
+ struct small_page_pool *smpool;
+ unsigned long flags;
+
+ hpool = get_dhugetlb_pool_from_dhugetlb_pagelist(page);
+ if (unlikely(!hpool)) {
+ pr_err("dhugetlb: free error: get hpool failed\n");
+ return;
+ }
+
+ smpool = &hpool->smpool[smp_processor_id()];
+ spin_lock_irqsave(&smpool->lock, flags);
+
+ ClearPagePool(page);
+ if (!free_pages_prepare(page, 0, false)) {
+ SetPagePool(page);
+ goto out;
+ }
+ list_add(&page->lru, &smpool->head_page);
+ smpool->free_pages++;
+ smpool->used_pages--;
+ if (smpool->free_pages > MAX_SMPOOL_PAGE) {
+ spin_lock(&hpool->lock);
+ move_pages_from_smpool_to_hpool(hpool, smpool);
+ spin_unlock(&hpool->lock);
+ }
+out:
+ spin_unlock_irqrestore(&smpool->lock, flags);
+ dhugetlb_pool_put(hpool);
+}
+#endif /* CONFIG_DYNAMIC_HUGETLB */
+
/**
* mem_cgroup_iter - iterate over memory cgroup hierarchy
* @root: hierarchy root
@@ -3118,6 +3153,31 @@ static int mem_cgroup_force_empty(struct mem_cgroup *memcg)
return 0;
}
+#ifdef CONFIG_DYNAMIC_HUGETLB
+int dhugetlb_pool_force_empty(struct mem_cgroup *memcg)
+{
+ lru_add_drain_all();
+
+ drain_all_stock(memcg);
+
+ while (page_counter_read(&memcg->memory)) {
+ int progress;
+
+ if (signal_pending(current))
+ return -EINTR;
+
+ progress = try_to_free_mem_cgroup_pages(memcg, 1,
+ GFP_HIGHUSER_MOVABLE,
+ false);
+
+ if (!progress) {
+ congestion_wait(BLK_RW_ASYNC, HZ/10);
+ break;
+ }
+ }
+ return 0;
+}
+#endif
static ssize_t mem_cgroup_force_empty_write(struct kernfs_open_file *of,
char *buf, size_t nbytes,
@@ -4652,6 +4712,305 @@ static ssize_t memcg_write_event_control(struct kernfs_open_file *of,
return ret;
}
+#ifdef CONFIG_DYNAMIC_HUGETLB
+struct dhugetlb_pool *get_dhugetlb_pool_from_memcg(struct mem_cgroup *memcg)
+{
+ struct mem_cgroup_extension *memcg_ext;
+
+ if (!memcg)
+ return NULL;
+
+ memcg_ext = container_of(memcg, struct mem_cgroup_extension, memcg);
+ if (dhugetlb_pool_get(memcg_ext->hpool))
+ return memcg_ext->hpool;
+ return NULL;
+}
+
+static void set_dhugetlb_pool_to_memcg(struct mem_cgroup *memcg,
+ struct dhugetlb_pool *hpool)
+{
+ struct mem_cgroup_extension *memcg_ext;
+
+ memcg_ext = container_of(memcg, struct mem_cgroup_extension, memcg);
+
+ memcg_ext->hpool = hpool;
+}
+
+static bool should_allocate_from_dhugetlb_pool(gfp_t gfp_mask)
+{
+ gfp_t gfp = gfp_mask & GFP_HIGHUSER_MOVABLE;
+
+ if (current->flags & PF_KTHREAD)
+ return false;
+
+ /*
+ * The cgroup only charges anonymous and file pages from usespage.
+ * some filesystem maybe has masked out the __GFP_IO | __GFP_FS
+ * to avoid recursive memory request. eg: loop device, xfs.
+ */
+ if ((gfp | __GFP_IO | __GFP_FS) != GFP_HIGHUSER_MOVABLE)
+ return false;
+
+ return true;
+}
+
+static struct page *__alloc_page_from_dhugetlb_pool(void)
+{
+ bool ret;
+ struct dhugetlb_pool *hpool;
+ struct small_page_pool *smpool;
+ struct page *page = NULL;
+ unsigned long flags;
+
+ hpool = get_dhugetlb_pool_from_task(current);
+ if (unlikely(!hpool))
+ goto out;
+
+ smpool = &hpool->smpool[smp_processor_id()];
+ spin_lock_irqsave(&smpool->lock, flags);
+
+ if (smpool->free_pages == 0) {
+ spin_lock(&hpool->lock);
+ ret = move_pages_from_hpool_to_smpool(hpool, smpool);
+ spin_unlock(&hpool->lock);
+ if (!ret)
+ goto unlock;
+ }
+
+ page = list_entry(smpool->head_page.next, struct page, lru);
+ list_del(&page->lru);
+ smpool->free_pages--;
+ smpool->used_pages++;
+ check_new_page(page);
+ SetPagePool(page);
+unlock:
+ spin_unlock_irqrestore(&smpool->lock, flags);
+out:
+ dhugetlb_pool_put(hpool);
+ return page;
+}
+
+struct page *alloc_page_from_dhugetlb_pool(gfp_t gfp_mask)
+{
+ struct page *page = NULL;
+
+ if (should_allocate_from_dhugetlb_pool(gfp_mask))
+ page = __alloc_page_from_dhugetlb_pool();
+
+ return page;
+}
+
+static void assign_new_dhugetlb_pool(struct mem_cgroup *memcg,
+ unsigned long nid)
+{
+ struct dhugetlb_pool *hpool;
+
+ hpool = hpool_alloc(nid);
+ if (!hpool)
+ return;
+
+ hpool->attach_memcg = memcg;
+ css_get(&memcg->css);
+ set_dhugetlb_pool_to_memcg(memcg, hpool);
+}
+
+static int update_dhugetlb_pool(struct mem_cgroup *memcg,
+ unsigned long nid, unsigned long size)
+{
+ int ret;
+ struct dhugetlb_pool *hpool = get_dhugetlb_pool_from_memcg(memcg);
+
+ if (!hpool) {
+ if (memcg_has_children(memcg))
+ return -EINVAL;
+ assign_new_dhugetlb_pool(memcg, nid);
+ hpool = get_dhugetlb_pool_from_memcg(memcg);
+ }
+ if (!hpool)
+ return -ENOMEM;
+ if (hpool->attach_memcg != memcg || hpool->nid != nid) {
+ dhugetlb_pool_put(hpool);
+ return -EINVAL;
+ }
+
+ ret = alloc_hugepage_from_hugetlb(hpool, nid, size);
+
+ dhugetlb_pool_put(hpool);
+ return ret;
+}
+
+/*
+ * Test whether an process can allocate specified memory size.
+ *
+ * Input must be in format '<nid> <size>'.
+ * size is regarded as how many it does 1G huge page.
+ */
+static ssize_t memcg_write_dhugetlb(struct kernfs_open_file *of,
+ char *buf, size_t nbytes, loff_t off)
+{
+ int ret;
+ unsigned long nid, size;
+ char *endp;
+ struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
+
+ if (!dhugetlb_enabled)
+ return -EINVAL;
+
+ buf = strstrip(buf);
+ nid = memparse(buf, &endp);
+ if (*endp != ' ' || nid >= MAX_NUMNODES)
+ return -EINVAL;
+
+ buf = endp + 1;
+ size = memparse(buf, &endp);
+ if (*endp != '\0' || size == 0)
+ return -EINVAL;
+
+ ret = update_dhugetlb_pool(memcg, nid, size);
+
+ return ret ?: nbytes;
+}
+
+static int memcg_read_dhugetlb(struct seq_file *m, void *v)
+{
+ int i;
+ unsigned long free_pages;
+ long used_pages = 0;
+ struct mem_cgroup *memcg = mem_cgroup_from_css(seq_css(m));
+ struct dhugetlb_pool *hpool = get_dhugetlb_pool_from_memcg(memcg);
+
+ if (!dhugetlb_enabled)
+ return 0;
+ if (!hpool) {
+ seq_printf(m, "Curent hierarchial have not memory pool.\n");
+ return 0;
+ }
+
+ for (i = 0; i < NR_SMPOOL; i++)
+ spin_lock(&hpool->smpool[i].lock);
+ spin_lock(&hpool->lock);
+
+ free_pages = hpool->free_pages;
+ for (i = 0; i < NR_SMPOOL; i++) {
+ free_pages += hpool->smpool[i].free_pages;
+ used_pages += hpool->smpool[i].used_pages;
+ }
+
+ seq_printf(m, "dhugetlb_total_pages %ld\n"
+ "1G_total_reserved_pages %ld\n"
+ "1G_free_reserved_pages %ld\n"
+ "1G_mmap_reserved_pages %ld\n"
+ "1G_used_pages %ld\n"
+ "1G_free_unreserved_pages %ld\n"
+ "2M_total_reserved_pages %ld\n"
+ "2M_free_reserved_pages %ld\n"
+ "2M_mmap_reserved_pages %ld\n"
+ "2M_used_pages %ld\n"
+ "2M_free_unreserved_pages %ld\n"
+ "4K_free_pages %ld\n"
+ "4K_used_pages %ld\n",
+ hpool->total_nr_pages,
+ hpool->total_reserved_1G,
+ hpool->free_reserved_1G,
+ hpool->mmap_reserved_1G,
+ hpool->used_1G,
+ hpool->free_unreserved_1G,
+ hpool->total_reserved_2M,
+ hpool->free_reserved_2M,
+ hpool->mmap_reserved_2M,
+ hpool->used_2M,
+ hpool->free_unreserved_2M,
+ free_pages,
+ used_pages);
+
+ spin_unlock(&hpool->lock);
+ for (i = NR_SMPOOL - 1; i >= 0; i--)
+ spin_unlock(&hpool->smpool[i].lock);
+ dhugetlb_pool_put(hpool);
+ return 0;
+}
+
+static int update_reserve_pages(struct kernfs_open_file *of,
+ char *buf, bool gigantic)
+{
+ unsigned long size;
+ char *endp;
+ struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
+ struct dhugetlb_pool *hpool;
+
+ if (!dhugetlb_enabled)
+ return -EINVAL;
+
+ buf = strstrip(buf);
+ size = memparse(buf, &endp);
+ if (*endp != '\0')
+ return -EINVAL;
+
+ hpool = get_dhugetlb_pool_from_memcg(memcg);
+ if (!hpool)
+ return -EINVAL;
+ spin_lock(&hpool->reserved_lock);
+ dhugetlb_reserve_hugepages(hpool, size, gigantic);
+ spin_unlock(&hpool->reserved_lock);
+ dhugetlb_pool_put(hpool);
+ return 0;
+}
+
+static ssize_t dhugetlb_1G_reserve_write(struct kernfs_open_file *of,
+ char *buf, size_t nbytes, loff_t off)
+{
+ return update_reserve_pages(of, buf, true) ?: nbytes;
+}
+
+static ssize_t dhugetlb_2M_reserve_write(struct kernfs_open_file *of,
+ char *buf, size_t nbytes, loff_t off)
+{
+ return update_reserve_pages(of, buf, false) ?: nbytes;
+}
+
+static void dhugetlb_pool_inherits(struct mem_cgroup *memcg,
+ struct mem_cgroup *parent)
+{
+ struct dhugetlb_pool *hpool;
+
+ hpool = get_dhugetlb_pool_from_memcg(parent);
+ if (!hpool)
+ return;
+
+ set_dhugetlb_pool_to_memcg(memcg, hpool);
+ dhugetlb_pool_put(hpool);
+}
+
+static bool dhugetlb_pool_free(struct mem_cgroup *memcg)
+{
+ bool ret = true;
+ struct dhugetlb_pool *hpool;
+
+ hpool = get_dhugetlb_pool_from_memcg(memcg);
+ if (hpool && hpool->attach_memcg == memcg)
+ ret = free_dhugetlb_pool(hpool);
+ dhugetlb_pool_put(hpool);
+ return ret;
+}
+
+bool dhugetlb_pool_is_free(struct cgroup_subsys_state *css)
+{
+ if (dhugetlb_enabled)
+ return dhugetlb_pool_free(mem_cgroup_from_css(css));
+ return true;
+}
+#else
+static void dhugetlb_pool_inherits(struct mem_cgroup *memcg,
+ struct mem_cgroup *parent)
+{
+}
+
+bool dhugetlb_pool_is_free(struct cgroup_subsys_state *css)
+{
+ return true;
+}
+#endif /* CONFIG_DYNAMIC_HUGETLB */
+
static struct cftype mem_cgroup_legacy_files[] = {
{
.name = "usage_in_bytes",
@@ -4700,6 +5059,27 @@ static struct cftype mem_cgroup_legacy_files[] = {
.write = memcg_write_event_control,
.flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE,
},
+#ifdef CONFIG_DYNAMIC_HUGETLB
+ {
+ .name = "dhugetlb.nr_pages",
+ .write = memcg_write_dhugetlb,
+ .seq_show = memcg_read_dhugetlb,
+ .flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE |
+ CFTYPE_NOT_ON_ROOT,
+ },
+ {
+ .name = "dhugetlb.1G.reserved_pages",
+ .write = dhugetlb_1G_reserve_write,
+ .flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE |
+ CFTYPE_NOT_ON_ROOT,
+ },
+ {
+ .name = "dhugetlb.2M.reserved_pages",
+ .write = dhugetlb_2M_reserve_write,
+ .flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE |
+ CFTYPE_NOT_ON_ROOT,
+ },
+#endif
{
.name = "swappiness",
.read_u64 = mem_cgroup_swappiness_read,
@@ -5063,6 +5443,9 @@ mem_cgroup_css_alloc(struct cgroup_subsys_state *parent_css)
return &memcg->css;
}
+ if (dhugetlb_enabled)
+ dhugetlb_pool_inherits(memcg, parent);
+
error = memcg_online_kmem(memcg);
if (error)
goto fail;
@@ -5681,6 +6064,14 @@ static int mem_cgroup_can_attach(struct cgroup_taskset *tset)
if (!p)
return 0;
+ if (dhugetlb_enabled) {
+ struct dhugetlb_pool *hpool = get_dhugetlb_pool_from_task(p);
+
+ if (hpool) {
+ dhugetlb_pool_put(hpool);
+ return -EPERM;
+ }
+ }
/*
* We are now commited to this value whatever it is. Changes in this
* tunable will only affect upcoming migrations, not the current one.
diff --git a/mm/page_alloc.c b/mm/page_alloc.c
index a6a2f254f61f..e722d73a3724 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -1052,7 +1052,7 @@ static int free_tail_pages_check(struct page *head_page, struct page *page)
return ret;
}
-static __always_inline bool free_pages_prepare(struct page *page,
+__always_inline bool free_pages_prepare(struct page *page,
unsigned int order, bool check_free)
{
int bad = 0;
@@ -2012,7 +2012,7 @@ static void check_new_page_bad(struct page *page)
/*
* This page is about to be returned from the page allocator
*/
-static inline int check_new_page(struct page *page)
+inline int check_new_page(struct page *page)
{
if (likely(page_expected_state(page,
PAGE_FLAGS_CHECK_AT_PREP|__PG_HWPOISON)))
@@ -2075,8 +2075,8 @@ inline void post_alloc_hook(struct page *page, unsigned int order,
set_page_owner(page, order, gfp_flags);
}
-static void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags,
- unsigned int alloc_flags)
+void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags,
+ unsigned int alloc_flags)
{
int i;
@@ -2955,6 +2955,12 @@ void free_unref_page(struct page *page)
unsigned long flags;
unsigned long pfn = page_to_pfn(page);
+ /* Free dynamic hugetlb page */
+ if (dhugetlb_enabled && PagePool(page)) {
+ free_page_to_dhugetlb_pool(page);
+ return;
+ }
+
if (!free_unref_page_prepare(page, pfn))
return;
@@ -2972,6 +2978,16 @@ void free_unref_page_list(struct list_head *list)
unsigned long flags, pfn;
int batch_count = 0;
+ /* Free dynamic hugetlb pages */
+ if (dhugetlb_enabled) {
+ list_for_each_entry_safe(page, next, list, lru) {
+ if (PagePool(page)) {
+ list_del(&page->lru);
+ free_page_to_dhugetlb_pool(page);
+ }
+ }
+ }
+
/* Prepare pages for freeing */
list_for_each_entry_safe(page, next, list, lru) {
pfn = page_to_pfn(page);
@@ -4785,6 +4801,15 @@ __alloc_pages_nodemask(gfp_t gfp_mask, unsigned int order, int preferred_nid,
finalise_ac(gfp_mask, &ac);
+ /* Dynamic hugetlb allocation attemp */
+ if (dhugetlb_enabled && likely(order == 0)) {
+ page = alloc_page_from_dhugetlb_pool(gfp_mask);
+ if (page) {
+ prep_new_page(page, order, gfp_mask, alloc_flags);
+ goto out;
+ }
+ }
+
/* First allocation attempt */
page = get_page_from_freelist(alloc_mask, order, alloc_flags, &ac);
if (likely(page))
--
2.25.1
1
5
03 Feb '23
From: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
stable inclusion
from stable-v5.10.142
commit d71a1c9fce184718d1b3a51a9e8a6e31cbbb45ce
category: bugfix
bugzilla: 188217
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
-------------------------------------------------
commit 278d3ba61563ceed3cb248383ced19e14ec7bc1f upstream.
On 32bit-UP u64_stats_fetch_begin() disables only preemption. If the
reader is in preemptible context and the writer side
(u64_stats_update_begin*()) runs in an interrupt context (IRQ or
softirq) then the writer can update the stats during the read operation.
This update remains undetected.
Use u64_stats_fetch_begin_irq() to ensure the stats fetch on 32bit-UP
are not interrupted by a writer. 32bit-SMP remains unaffected by this
change.
Cc: "David S. Miller" <davem(a)davemloft.net>
Cc: Catherine Sullivan <csully(a)google.com>
Cc: David Awogbemila <awogbemila(a)google.com>
Cc: Dimitris Michailidis <dmichail(a)fungible.com>
Cc: Eric Dumazet <edumazet(a)google.com>
Cc: Hans Ulli Kroll <ulli.kroll(a)googlemail.com>
Cc: Jakub Kicinski <kuba(a)kernel.org>
Cc: Jeroen de Borst <jeroendb(a)google.com>
Cc: Johannes Berg <johannes(a)sipsolutions.net>
Cc: Linus Walleij <linus.walleij(a)linaro.org>
Cc: Paolo Abeni <pabeni(a)redhat.com>
Cc: Simon Horman <simon.horman(a)corigine.com>
Cc: linux-arm-kernel(a)lists.infradead.org
Cc: linux-wireless(a)vger.kernel.org
Cc: netdev(a)vger.kernel.org
Cc: oss-drivers(a)corigine.com
Cc: stable(a)vger.kernel.org
Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
Reviewed-by: Simon Horman <simon.horman(a)corigine.com>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
(cherry picked from commit d71a1c9fce184718d1b3a51a9e8a6e31cbbb45ce)
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
Conflicts:
drivers/net/ethernet/huawei/hinic/hinic_rx.c
drivers/net/ethernet/huawei/hinic/hinic_tx.c
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
drivers/net/ethernet/cortina/gemini.c | 24 +++++++++++-----------
drivers/net/ethernet/google/gve/gve_ethtool.c | 16 +++++++--------
drivers/net/ethernet/google/gve/gve_main.c | 12 +++++------
drivers/net/ethernet/huawei/hinic/hinic_rx.c | 4 ++--
drivers/net/ethernet/huawei/hinic/hinic_tx.c | 4 ++--
.../net/ethernet/netronome/nfp/nfp_net_common.c | 8 ++++----
.../net/ethernet/netronome/nfp/nfp_net_ethtool.c | 8 ++++----
drivers/net/netdevsim/netdev.c | 4 ++--
net/mac80211/sta_info.c | 8 ++++----
net/mpls/af_mpls.c | 4 ++--
10 files changed, 46 insertions(+), 46 deletions(-)
diff --git a/drivers/net/ethernet/cortina/gemini.c b/drivers/net/ethernet/cortina/gemini.c
index 3685878..b22ea40 100644
--- a/drivers/net/ethernet/cortina/gemini.c
+++ b/drivers/net/ethernet/cortina/gemini.c
@@ -1920,7 +1920,7 @@ static void gmac_get_stats64(struct net_device *netdev,
/* Racing with RX NAPI */
do {
- start = u64_stats_fetch_begin(&port->rx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->rx_stats_syncp);
stats->rx_packets = port->stats.rx_packets;
stats->rx_bytes = port->stats.rx_bytes;
@@ -1932,11 +1932,11 @@ static void gmac_get_stats64(struct net_device *netdev,
stats->rx_crc_errors = port->stats.rx_crc_errors;
stats->rx_frame_errors = port->stats.rx_frame_errors;
- } while (u64_stats_fetch_retry(&port->rx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->rx_stats_syncp, start));
/* Racing with MIB and TX completion interrupts */
do {
- start = u64_stats_fetch_begin(&port->ir_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->ir_stats_syncp);
stats->tx_errors = port->stats.tx_errors;
stats->tx_packets = port->stats.tx_packets;
@@ -1946,15 +1946,15 @@ static void gmac_get_stats64(struct net_device *netdev,
stats->rx_missed_errors = port->stats.rx_missed_errors;
stats->rx_fifo_errors = port->stats.rx_fifo_errors;
- } while (u64_stats_fetch_retry(&port->ir_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->ir_stats_syncp, start));
/* Racing with hard_start_xmit */
do {
- start = u64_stats_fetch_begin(&port->tx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->tx_stats_syncp);
stats->tx_dropped = port->stats.tx_dropped;
- } while (u64_stats_fetch_retry(&port->tx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->tx_stats_syncp, start));
stats->rx_dropped += stats->rx_missed_errors;
}
@@ -2032,18 +2032,18 @@ static void gmac_get_ethtool_stats(struct net_device *netdev,
/* Racing with MIB interrupt */
do {
p = values;
- start = u64_stats_fetch_begin(&port->ir_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->ir_stats_syncp);
for (i = 0; i < RX_STATS_NUM; i++)
*p++ = port->hw_stats[i];
- } while (u64_stats_fetch_retry(&port->ir_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->ir_stats_syncp, start));
values = p;
/* Racing with RX NAPI */
do {
p = values;
- start = u64_stats_fetch_begin(&port->rx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->rx_stats_syncp);
for (i = 0; i < RX_STATUS_NUM; i++)
*p++ = port->rx_stats[i];
@@ -2051,13 +2051,13 @@ static void gmac_get_ethtool_stats(struct net_device *netdev,
*p++ = port->rx_csum_stats[i];
*p++ = port->rx_napi_exits;
- } while (u64_stats_fetch_retry(&port->rx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->rx_stats_syncp, start));
values = p;
/* Racing with TX start_xmit */
do {
p = values;
- start = u64_stats_fetch_begin(&port->tx_stats_syncp);
+ start = u64_stats_fetch_begin_irq(&port->tx_stats_syncp);
for (i = 0; i < TX_MAX_FRAGS; i++) {
*values++ = port->tx_frag_stats[i];
@@ -2066,7 +2066,7 @@ static void gmac_get_ethtool_stats(struct net_device *netdev,
*values++ = port->tx_frags_linearized;
*values++ = port->tx_hw_csummed;
- } while (u64_stats_fetch_retry(&port->tx_stats_syncp, start));
+ } while (u64_stats_fetch_retry_irq(&port->tx_stats_syncp, start));
}
static int gmac_get_ksettings(struct net_device *netdev,
diff --git a/drivers/net/ethernet/google/gve/gve_ethtool.c b/drivers/net/ethernet/google/gve/gve_ethtool.c
index 66f9b37..80a8c0c 100644
--- a/drivers/net/ethernet/google/gve/gve_ethtool.c
+++ b/drivers/net/ethernet/google/gve/gve_ethtool.c
@@ -172,14 +172,14 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
struct gve_rx_ring *rx = &priv->rx[ring];
start =
- u64_stats_fetch_begin(&priv->rx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->rx[ring].statss);
tmp_rx_pkts = rx->rpackets;
tmp_rx_bytes = rx->rbytes;
tmp_rx_skb_alloc_fail = rx->rx_skb_alloc_fail;
tmp_rx_buf_alloc_fail = rx->rx_buf_alloc_fail;
tmp_rx_desc_err_dropped_pkt =
rx->rx_desc_err_dropped_pkt;
- } while (u64_stats_fetch_retry(&priv->rx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->rx[ring].statss,
start));
rx_pkts += tmp_rx_pkts;
rx_bytes += tmp_rx_bytes;
@@ -193,10 +193,10 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
if (priv->tx) {
do {
start =
- u64_stats_fetch_begin(&priv->tx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->tx[ring].statss);
tmp_tx_pkts = priv->tx[ring].pkt_done;
tmp_tx_bytes = priv->tx[ring].bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->tx[ring].statss,
start));
tx_pkts += tmp_tx_pkts;
tx_bytes += tmp_tx_bytes;
@@ -254,13 +254,13 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
data[i++] = rx->cnt;
do {
start =
- u64_stats_fetch_begin(&priv->rx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->rx[ring].statss);
tmp_rx_bytes = rx->rbytes;
tmp_rx_skb_alloc_fail = rx->rx_skb_alloc_fail;
tmp_rx_buf_alloc_fail = rx->rx_buf_alloc_fail;
tmp_rx_desc_err_dropped_pkt =
rx->rx_desc_err_dropped_pkt;
- } while (u64_stats_fetch_retry(&priv->rx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->rx[ring].statss,
start));
data[i++] = tmp_rx_bytes;
/* rx dropped packets */
@@ -313,9 +313,9 @@ static int gve_get_sset_count(struct net_device *netdev, int sset)
data[i++] = tx->done;
do {
start =
- u64_stats_fetch_begin(&priv->tx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->tx[ring].statss);
tmp_tx_bytes = tx->bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->tx[ring].statss,
start));
data[i++] = tmp_tx_bytes;
data[i++] = tx->wake_queue;
diff --git a/drivers/net/ethernet/google/gve/gve_main.c b/drivers/net/ethernet/google/gve/gve_main.c
index 6cb75bb..f0c1e6c8 100644
--- a/drivers/net/ethernet/google/gve/gve_main.c
+++ b/drivers/net/ethernet/google/gve/gve_main.c
@@ -40,10 +40,10 @@ static void gve_get_stats(struct net_device *dev, struct rtnl_link_stats64 *s)
for (ring = 0; ring < priv->rx_cfg.num_queues; ring++) {
do {
start =
- u64_stats_fetch_begin(&priv->rx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->rx[ring].statss);
packets = priv->rx[ring].rpackets;
bytes = priv->rx[ring].rbytes;
- } while (u64_stats_fetch_retry(&priv->rx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->rx[ring].statss,
start));
s->rx_packets += packets;
s->rx_bytes += bytes;
@@ -53,10 +53,10 @@ static void gve_get_stats(struct net_device *dev, struct rtnl_link_stats64 *s)
for (ring = 0; ring < priv->tx_cfg.num_queues; ring++) {
do {
start =
- u64_stats_fetch_begin(&priv->tx[ring].statss);
+ u64_stats_fetch_begin_irq(&priv->tx[ring].statss);
packets = priv->tx[ring].pkt_done;
bytes = priv->tx[ring].bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[ring].statss,
+ } while (u64_stats_fetch_retry_irq(&priv->tx[ring].statss,
start));
s->tx_packets += packets;
s->tx_bytes += bytes;
@@ -1041,9 +1041,9 @@ void gve_handle_report_stats(struct gve_priv *priv)
if (priv->tx) {
for (idx = 0; idx < priv->tx_cfg.num_queues; idx++) {
do {
- start = u64_stats_fetch_begin(&priv->tx[idx].statss);
+ start = u64_stats_fetch_begin_irq(&priv->tx[idx].statss);
tx_bytes = priv->tx[idx].bytes_done;
- } while (u64_stats_fetch_retry(&priv->tx[idx].statss, start));
+ } while (u64_stats_fetch_retry_irq(&priv->tx[idx].statss, start));
stats[stats_idx++] = (struct stats) {
.stat_name = cpu_to_be32(TX_WAKE_CNT),
.value = cpu_to_be64(priv->tx[idx].wake_queue),
diff --git a/drivers/net/ethernet/huawei/hinic/hinic_rx.c b/drivers/net/ethernet/huawei/hinic/hinic_rx.c
index 57d5d79..1b57b67 100644
--- a/drivers/net/ethernet/huawei/hinic/hinic_rx.c
+++ b/drivers/net/ethernet/huawei/hinic/hinic_rx.c
@@ -375,7 +375,7 @@ void hinic_rxq_get_stats(struct hinic_rxq *rxq,
u64_stats_update_begin(&stats->syncp);
do {
- start = u64_stats_fetch_begin(&rxq_stats->syncp);
+ start = u64_stats_fetch_begin_irq(&rxq_stats->syncp);
stats->bytes = rxq_stats->bytes;
stats->packets = rxq_stats->packets;
stats->errors = rxq_stats->csum_errors +
@@ -384,7 +384,7 @@ void hinic_rxq_get_stats(struct hinic_rxq *rxq,
stats->other_errors = rxq_stats->other_errors;
stats->dropped = rxq_stats->dropped;
stats->rx_buf_empty = rxq_stats->rx_buf_empty;
- } while (u64_stats_fetch_retry(&rxq_stats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&rxq_stats->syncp, start));
u64_stats_update_end(&stats->syncp);
}
diff --git a/drivers/net/ethernet/huawei/hinic/hinic_tx.c b/drivers/net/ethernet/huawei/hinic/hinic_tx.c
index 75fa344..ff37b6f 100644
--- a/drivers/net/ethernet/huawei/hinic/hinic_tx.c
+++ b/drivers/net/ethernet/huawei/hinic/hinic_tx.c
@@ -61,7 +61,7 @@ void hinic_txq_get_stats(struct hinic_txq *txq,
u64_stats_update_begin(&stats->syncp);
do {
- start = u64_stats_fetch_begin(&txq_stats->syncp);
+ start = u64_stats_fetch_begin_irq(&txq_stats->syncp);
stats->bytes = txq_stats->bytes;
stats->packets = txq_stats->packets;
stats->busy = txq_stats->busy;
@@ -69,7 +69,7 @@ void hinic_txq_get_stats(struct hinic_txq *txq,
stats->dropped = txq_stats->dropped;
stats->big_frags_pkts = txq_stats->big_frags_pkts;
stats->big_udp_pkts = txq_stats->big_udp_pkts;
- } while (u64_stats_fetch_retry(&txq_stats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&txq_stats->syncp, start));
u64_stats_update_end(&stats->syncp);
}
diff --git a/drivers/net/ethernet/netronome/nfp/nfp_net_common.c b/drivers/net/ethernet/netronome/nfp/nfp_net_common.c
index dfc1f32..5ab230aa 100644
--- a/drivers/net/ethernet/netronome/nfp/nfp_net_common.c
+++ b/drivers/net/ethernet/netronome/nfp/nfp_net_common.c
@@ -3373,21 +3373,21 @@ static void nfp_net_stat64(struct net_device *netdev,
unsigned int start;
do {
- start = u64_stats_fetch_begin(&r_vec->rx_sync);
+ start = u64_stats_fetch_begin_irq(&r_vec->rx_sync);
data[0] = r_vec->rx_pkts;
data[1] = r_vec->rx_bytes;
data[2] = r_vec->rx_drops;
- } while (u64_stats_fetch_retry(&r_vec->rx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&r_vec->rx_sync, start));
stats->rx_packets += data[0];
stats->rx_bytes += data[1];
stats->rx_dropped += data[2];
do {
- start = u64_stats_fetch_begin(&r_vec->tx_sync);
+ start = u64_stats_fetch_begin_irq(&r_vec->tx_sync);
data[0] = r_vec->tx_pkts;
data[1] = r_vec->tx_bytes;
data[2] = r_vec->tx_errors;
- } while (u64_stats_fetch_retry(&r_vec->tx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&r_vec->tx_sync, start));
stats->tx_packets += data[0];
stats->tx_bytes += data[1];
stats->tx_errors += data[2];
diff --git a/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c b/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c
index bfcd90f..d4136d3 100644
--- a/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c
+++ b/drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c
@@ -498,7 +498,7 @@ static u64 *nfp_vnic_get_sw_stats(struct net_device *netdev, u64 *data)
unsigned int start;
do {
- start = u64_stats_fetch_begin(&nn->r_vecs[i].rx_sync);
+ start = u64_stats_fetch_begin_irq(&nn->r_vecs[i].rx_sync);
data[0] = nn->r_vecs[i].rx_pkts;
tmp[0] = nn->r_vecs[i].hw_csum_rx_ok;
tmp[1] = nn->r_vecs[i].hw_csum_rx_inner_ok;
@@ -506,10 +506,10 @@ static u64 *nfp_vnic_get_sw_stats(struct net_device *netdev, u64 *data)
tmp[3] = nn->r_vecs[i].hw_csum_rx_error;
tmp[4] = nn->r_vecs[i].rx_replace_buf_alloc_fail;
tmp[5] = nn->r_vecs[i].hw_tls_rx;
- } while (u64_stats_fetch_retry(&nn->r_vecs[i].rx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&nn->r_vecs[i].rx_sync, start));
do {
- start = u64_stats_fetch_begin(&nn->r_vecs[i].tx_sync);
+ start = u64_stats_fetch_begin_irq(&nn->r_vecs[i].tx_sync);
data[1] = nn->r_vecs[i].tx_pkts;
data[2] = nn->r_vecs[i].tx_busy;
tmp[6] = nn->r_vecs[i].hw_csum_tx;
@@ -519,7 +519,7 @@ static u64 *nfp_vnic_get_sw_stats(struct net_device *netdev, u64 *data)
tmp[10] = nn->r_vecs[i].hw_tls_tx;
tmp[11] = nn->r_vecs[i].tls_tx_fallback;
tmp[12] = nn->r_vecs[i].tls_tx_no_fallback;
- } while (u64_stats_fetch_retry(&nn->r_vecs[i].tx_sync, start));
+ } while (u64_stats_fetch_retry_irq(&nn->r_vecs[i].tx_sync, start));
data += NN_RVEC_PER_Q_STATS;
diff --git a/drivers/net/netdevsim/netdev.c b/drivers/net/netdevsim/netdev.c
index ad6dbf01..4fb0638 100644
--- a/drivers/net/netdevsim/netdev.c
+++ b/drivers/net/netdevsim/netdev.c
@@ -67,10 +67,10 @@ static int nsim_change_mtu(struct net_device *dev, int new_mtu)
unsigned int start;
do {
- start = u64_stats_fetch_begin(&ns->syncp);
+ start = u64_stats_fetch_begin_irq(&ns->syncp);
stats->tx_bytes = ns->tx_bytes;
stats->tx_packets = ns->tx_packets;
- } while (u64_stats_fetch_retry(&ns->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&ns->syncp, start));
}
static int
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 461c037..cee39ae 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -2175,9 +2175,9 @@ static inline u64 sta_get_tidstats_msdu(struct ieee80211_sta_rx_stats *rxstats,
u64 value;
do {
- start = u64_stats_fetch_begin(&rxstats->syncp);
+ start = u64_stats_fetch_begin_irq(&rxstats->syncp);
value = rxstats->msdu[tid];
- } while (u64_stats_fetch_retry(&rxstats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&rxstats->syncp, start));
return value;
}
@@ -2241,9 +2241,9 @@ static inline u64 sta_get_stats_bytes(struct ieee80211_sta_rx_stats *rxstats)
u64 value;
do {
- start = u64_stats_fetch_begin(&rxstats->syncp);
+ start = u64_stats_fetch_begin_irq(&rxstats->syncp);
value = rxstats->bytes;
- } while (u64_stats_fetch_retry(&rxstats->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&rxstats->syncp, start));
return value;
}
diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c
index 9c047c1..7239814 100644
--- a/net/mpls/af_mpls.c
+++ b/net/mpls/af_mpls.c
@@ -1078,9 +1078,9 @@ static void mpls_get_stats(struct mpls_dev *mdev,
p = per_cpu_ptr(mdev->stats, i);
do {
- start = u64_stats_fetch_begin(&p->syncp);
+ start = u64_stats_fetch_begin_irq(&p->syncp);
local = p->stats;
- } while (u64_stats_fetch_retry(&p->syncp, start));
+ } while (u64_stats_fetch_retry_irq(&p->syncp, start));
stats->rx_packets += local.rx_packets;
stats->rx_bytes += local.rx_bytes;
--
1.8.3.1
1
2
From: Matthias May <matthias.may(a)westermo.com>
stable inclusion
from stable-v5.10.138
commit 38b83883ce4e4efe8ff0a727192219cac2668d42
category: bugfix
bugzilla: 188217
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
-------------------------------------------------
commit ca2bb69514a8bc7f83914122f0d596371352416c upstream.
According to Guillaume Nault RT_TOS should never be used for IPv6.
Quote:
RT_TOS() is an old macro used to interprete IPv4 TOS as described in
the obsolete RFC 1349. It's conceptually wrong to use it even in IPv4
code, although, given the current state of the code, most of the
existing calls have no consequence.
But using RT_TOS() in IPv6 code is always a bug: IPv6 never had a "TOS"
field to be interpreted the RFC 1349 way. There's no historical
compatibility to worry about.
Fixes: 3a56f86f1be6 ("geneve: handle ipv6 priority like ipv4 tos")
Acked-by: Guillaume Nault <gnault(a)redhat.com>
Signed-off-by: Matthias May <matthias.may(a)westermo.com>
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
(cherry picked from commit 38b83883ce4e4efe8ff0a727192219cac2668d42)
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
drivers/net/geneve.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
index 5ddb2db..ba9947d 100644
--- a/drivers/net/geneve.c
+++ b/drivers/net/geneve.c
@@ -850,8 +850,7 @@ static struct dst_entry *geneve_get_v6_dst(struct sk_buff *skb,
use_cache = false;
}
- fl6->flowlabel = ip6_make_flowinfo(RT_TOS(prio),
- info->key.label);
+ fl6->flowlabel = ip6_make_flowinfo(prio, info->key.label);
dst_cache = (struct dst_cache *)&info->dst_cache;
if (use_cache) {
dst = dst_cache_get_ip6(dst_cache, &fl6->saddr);
--
1.8.3.1
2
7
01 Feb '23
CONFIG_EFI_ZBOOT is introduced to openEuler 22.03 LTS SP1 by this
commit for loongarch and enabled by default:
e46780727555("efi/libstub: implement generic EFI zboot").
However, if is enabled, the compiled version cannot be booted on
openEuler 22.03 LTS. So, disable it on this version.
Signed-off-by: Xie XiuQi <xiexiuqi(a)huawei.com>
---
arch/arm64/configs/openeuler_defconfig | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig
index fbb71f7520a8..63f2adbbc778 100644
--- a/arch/arm64/configs/openeuler_defconfig
+++ b/arch/arm64/configs/openeuler_defconfig
@@ -15,18 +15,6 @@ CONFIG_INIT_ENV_ARG_LIMIT=32
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_BUILD_SALT=""
-CONFIG_HAVE_KERNEL_GZIP=y
-CONFIG_HAVE_KERNEL_LZMA=y
-CONFIG_HAVE_KERNEL_XZ=y
-CONFIG_HAVE_KERNEL_LZO=y
-CONFIG_HAVE_KERNEL_LZ4=y
-CONFIG_HAVE_KERNEL_ZSTD=y
-CONFIG_KERNEL_GZIP=y
-# CONFIG_KERNEL_LZMA is not set
-# CONFIG_KERNEL_XZ is not set
-# CONFIG_KERNEL_LZO is not set
-# CONFIG_KERNEL_LZ4 is not set
-# CONFIG_KERNEL_ZSTD is not set
CONFIG_DEFAULT_INIT=""
CONFIG_DEFAULT_HOSTNAME="(none)"
CONFIG_SYSVIPC=y
@@ -2008,7 +1996,7 @@ CONFIG_EFI_SOFT_RESERVE=y
CONFIG_EFI_PARAMS_FROM_FDT=y
CONFIG_EFI_RUNTIME_WRAPPERS=y
CONFIG_EFI_GENERIC_STUB=y
-CONFIG_EFI_ZBOOT=y
+# CONFIG_EFI_ZBOOT is not set
CONFIG_EFI_ARMSTUB_DTB_LOADER=y
CONFIG_EFI_GENERIC_STUB_INITRD_CMDLINE_LOADER=y
# CONFIG_EFI_BOOTLOADER_CONTROL is not set
--
2.33.0
1
0
[PATCH openEuler-5.10] Add relationship graph of openEuler kernel branches
by Zheng Zengkai 01 Feb '23
by Zheng Zengkai 01 Feb '23
01 Feb '23
openEuler inclusion
category: doc
bugzilla: https://gitee.com/openeuler/kernel/issues/I6CAZ5
-----------------------------
Newcomers may get confused about the relationship of openEuler kernel
branches, so add relationship graph of openEuler kernel branches to
README in openEuler kernel master branch.
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
README_openEuler | 45 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 45 insertions(+)
create mode 100644 README_openEuler
diff --git a/README_openEuler b/README_openEuler
new file mode 100644
index 000000000000..7ec06f5b2538
--- /dev/null
+++ b/README_openEuler
@@ -0,0 +1,45 @@
+README for openEuler kernel branches
+
+Relationship of openEuler kernel 4.19 branches:
+
+------------------------------------------------------------------> Linux 4.19.y
+ |
+ | tag: v4.19.13
+ |
+ -----------------------------------------------------------> openEuler-1.0-LTS
+
+Relationship of openEuler kernel 5.10 branches:
+
+------------------------------------------------------------------> Linux 5.10.y
+ |
+ | tag: v5.10
+ |
+ --------------------------------------------------------------------> OLK-5.10
+ | | | | |
+ | tag: 5.10.0-4.0.0 |
+ | | | | |
+ ------^-----^-----^-----^--------------> openEuler-21.03(Innovative version)
+ | | | |
+ | tag: 5.10.0-5.0.0
+ | | | |
+ ------^-----^-----^--------------> openEuler-21.09(Innovative version)
+ | | |
+ | tag: 5.10.0-60.0.0
+ | | |
+ ------^-----^------------------------------> openEuler-22.03-LTS
+ | |
+ | tag: 5.10.0-106.0.0
+ | |
+ ------^--------------> openEuler-22.09(Innovative version)
+ |
+ | tag: 5.10.0-136.0.0
+ |
+ ---------------------------> openEuler-22.03-LTS-SP1
+
+Relationship of openEuler kernel 6.x branches:
+
+-------------------------------------------------------------------> Linux 6.1.y
+ |
+ | tag: v6.1
+ |
+ -----------------------------------------------> devel-6.1(Innovative version)
--
2.20.1
1
0
[PATCH openEuler-5.10-LTS-SP1 01/25] x86/nospec: Unwreck the RSB stuffing
by Jialin Zhang 31 Jan '23
by Jialin Zhang 31 Jan '23
31 Jan '23
From: Peter Zijlstra <peterz(a)infradead.org>
stable inclusion
from stable-v5.10.141
commit adee8f3082b01e5dab620d651e3ec75f57c0c855
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I685FC
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit 4e3aa9238277597c6c7624f302d81a7b568b6f2d upstream.
Commit 2b1299322016 ("x86/speculation: Add RSB VM Exit protections")
made a right mess of the RSB stuffing, rewrite the whole thing to not
suck.
Thanks to Andrew for the enlightening comment about Post-Barrier RSB
things so we can make this code less magical.
Cc: stable(a)vger.kernel.org
Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org>
Link: https://lkml.kernel.org/r/YvuNdDWoUZSBjYcm@worktop.programming.kicks-ass.net
[bwh: Backported to 5.10: adjust context]
Signed-off-by: Ben Hutchings <benh(a)debian.org>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
Reviewed-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
arch/x86/include/asm/nospec-branch.h | 80 ++++++++++++++--------------
1 file changed, 39 insertions(+), 41 deletions(-)
diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index a406ca726f46..e847b4afe7ac 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -35,33 +35,44 @@
#define RSB_CLEAR_LOOPS 32 /* To forcibly overwrite all entries */
/*
+ * Common helper for __FILL_RETURN_BUFFER and __FILL_ONE_RETURN.
+ */
+#define __FILL_RETURN_SLOT \
+ ANNOTATE_INTRA_FUNCTION_CALL; \
+ call 772f; \
+ int3; \
+772:
+
+/*
+ * Stuff the entire RSB.
+ *
* Google experimented with loop-unrolling and this turned out to be
* the optimal version — two calls, each with their own speculation
* trap should their return address end up getting used, in a loop.
*/
-#define __FILL_RETURN_BUFFER(reg, nr, sp) \
- mov $(nr/2), reg; \
-771: \
- ANNOTATE_INTRA_FUNCTION_CALL; \
- call 772f; \
-773: /* speculation trap */ \
- UNWIND_HINT_EMPTY; \
- pause; \
- lfence; \
- jmp 773b; \
-772: \
- ANNOTATE_INTRA_FUNCTION_CALL; \
- call 774f; \
-775: /* speculation trap */ \
- UNWIND_HINT_EMPTY; \
- pause; \
- lfence; \
- jmp 775b; \
-774: \
- add $(BITS_PER_LONG/8) * 2, sp; \
- dec reg; \
- jnz 771b; \
- /* barrier for jnz misprediction */ \
+#define __FILL_RETURN_BUFFER(reg, nr) \
+ mov $(nr/2), reg; \
+771: \
+ __FILL_RETURN_SLOT \
+ __FILL_RETURN_SLOT \
+ add $(BITS_PER_LONG/8) * 2, %_ASM_SP; \
+ dec reg; \
+ jnz 771b; \
+ /* barrier for jnz misprediction */ \
+ lfence;
+
+/*
+ * Stuff a single RSB slot.
+ *
+ * To mitigate Post-Barrier RSB speculation, one CALL instruction must be
+ * forced to retire before letting a RET instruction execute.
+ *
+ * On PBRSB-vulnerable CPUs, it is not safe for a RET to be executed
+ * before this point.
+ */
+#define __FILL_ONE_RETURN \
+ __FILL_RETURN_SLOT \
+ add $(BITS_PER_LONG/8), %_ASM_SP; \
lfence;
#ifdef __ASSEMBLY__
@@ -120,28 +131,15 @@
#endif
.endm
-.macro ISSUE_UNBALANCED_RET_GUARD
- ANNOTATE_INTRA_FUNCTION_CALL
- call .Lunbalanced_ret_guard_\@
- int3
-.Lunbalanced_ret_guard_\@:
- add $(BITS_PER_LONG/8), %_ASM_SP
- lfence
-.endm
-
/*
* A simpler FILL_RETURN_BUFFER macro. Don't make people use the CPP
* monstrosity above, manually.
*/
-.macro FILL_RETURN_BUFFER reg:req nr:req ftr:req ftr2
-.ifb \ftr2
- ALTERNATIVE "jmp .Lskip_rsb_\@", "", \ftr
-.else
- ALTERNATIVE_2 "jmp .Lskip_rsb_\@", "", \ftr, "jmp .Lunbalanced_\@", \ftr2
-.endif
- __FILL_RETURN_BUFFER(\reg,\nr,%_ASM_SP)
-.Lunbalanced_\@:
- ISSUE_UNBALANCED_RET_GUARD
+.macro FILL_RETURN_BUFFER reg:req nr:req ftr:req ftr2=ALT_NOT(X86_FEATURE_ALWAYS)
+ ALTERNATIVE_2 "jmp .Lskip_rsb_\@", \
+ __stringify(__FILL_RETURN_BUFFER(\reg,\nr)), \ftr, \
+ __stringify(__FILL_ONE_RETURN), \ftr2
+
.Lskip_rsb_\@:
.endm
--
2.25.1
1
24
[PATCH openEuler-5.10-LTS 01/11] rndis_wlan: Prevent buffer overflow in rndis_query_oid
by Jialin Zhang 31 Jan '23
by Jialin Zhang 31 Jan '23
31 Jan '23
From: Szymon Heidrich <szymon.heidrich(a)gmail.com>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AQJP
CVE: CVE-2023-23559
Reference: https://patchwork.kernel.org/project/linux-wireless/patch/20230111175031.70…
-------------------------------
Since resplen and respoffs are signed integers sufficiently
large values of unsigned int len and offset members of RNDIS
response will result in negative values of prior variables.
This may be utilized to bypass implemented security checks
to either extract memory contents by manipulating offset or
overflow the data buffer via memcpy by manipulating both
offset and len.
Additionally assure that sum of resplen and respoffs does not
overflow so buffer boundaries are kept.
Fixes: 80f8c5b434f9 ("rndis_wlan: copy only useful data from rndis_command respond")
Signed-off-by: Szymon Heidrich <szymon.heidrich(a)gmail.com>
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
Reviewed-by: Wei Yongjun <weiyongjun1(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
drivers/net/wireless/rndis_wlan.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index 75b5d545b49e..dc076d844868 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -694,8 +694,8 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
struct rndis_query *get;
struct rndis_query_c *get_c;
} u;
- int ret, buflen;
- int resplen, respoffs, copylen;
+ int ret;
+ size_t buflen, resplen, respoffs, copylen;
buflen = *len + sizeof(*u.get);
if (buflen < CONTROL_BUFFER_SIZE)
@@ -730,22 +730,15 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
if (respoffs > buflen) {
/* Device returned data offset outside buffer, error. */
- netdev_dbg(dev->net, "%s(%s): received invalid "
- "data offset: %d > %d\n", __func__,
- oid_to_string(oid), respoffs, buflen);
+ netdev_dbg(dev->net,
+ "%s(%s): received invalid data offset: %zu > %zu\n",
+ __func__, oid_to_string(oid), respoffs, buflen);
ret = -EINVAL;
goto exit_unlock;
}
- if ((resplen + respoffs) > buflen) {
- /* Device would have returned more data if buffer would
- * have been big enough. Copy just the bits that we got.
- */
- copylen = buflen - respoffs;
- } else {
- copylen = resplen;
- }
+ copylen = min(resplen, buflen - respoffs);
if (copylen > *len)
copylen = *len;
--
2.25.1
1
10
[PATCH openEuler-5.10-LTS-SP1 01/11] mm/vmpressure: fix data-race with memcg->socket_pressure
by Jialin Zhang 31 Jan '23
by Jialin Zhang 31 Jan '23
31 Jan '23
From: Yuanzheng Song <songyuanzheng(a)huawei.com>
mainline inclusion
from mainline-v5.16-rc1
commit 7e6ec49c18988f1b8dab0677271dafde5f8d9a43
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6AW65
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
When reading memcg->socket_pressure in mem_cgroup_under_socket_pressure()
and writing memcg->socket_pressure in vmpressure() at the same time, the
following data-race occurs:
BUG: KCSAN: data-race in __sk_mem_reduce_allocated / vmpressure
write to 0xffff8881286f4938 of 8 bytes by task 24550 on cpu 3:
vmpressure+0x218/0x230 mm/vmpressure.c:307
shrink_node_memcgs+0x2b9/0x410 mm/vmscan.c:2658
shrink_node+0x9d2/0x11d0 mm/vmscan.c:2769
shrink_zones+0x29f/0x470 mm/vmscan.c:2972
do_try_to_free_pages+0x193/0x6e0 mm/vmscan.c:3027
try_to_free_mem_cgroup_pages+0x1c0/0x3f0 mm/vmscan.c:3345
reclaim_high mm/memcontrol.c:2440 [inline]
mem_cgroup_handle_over_high+0x18b/0x4d0 mm/memcontrol.c:2624
tracehook_notify_resume include/linux/tracehook.h:197 [inline]
exit_to_user_mode_loop kernel/entry/common.c:164 [inline]
exit_to_user_mode_prepare+0x110/0x170 kernel/entry/common.c:191
syscall_exit_to_user_mode+0x16/0x30 kernel/entry/common.c:266
ret_from_fork+0x15/0x30 arch/x86/entry/entry_64.S:289
read to 0xffff8881286f4938 of 8 bytes by interrupt on cpu 1:
mem_cgroup_under_socket_pressure include/linux/memcontrol.h:1483 [inline]
sk_under_memory_pressure include/net/sock.h:1314 [inline]
__sk_mem_reduce_allocated+0x1d2/0x270 net/core/sock.c:2696
__sk_mem_reclaim+0x44/0x50 net/core/sock.c:2711
sk_mem_reclaim include/net/sock.h:1490 [inline]
......
net_rx_action+0x17a/0x480 net/core/dev.c:6864
__do_softirq+0x12c/0x2af kernel/softirq.c:298
run_ksoftirqd+0x13/0x20 kernel/softirq.c:653
smpboot_thread_fn+0x33f/0x510 kernel/smpboot.c:165
kthread+0x1fc/0x220 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Fix it by using READ_ONCE() and WRITE_ONCE() to read and write
memcg->socket_pressure.
Link: https://lkml.kernel.org/r/20211025082843.671690-1-songyuanzheng@huawei.com
Signed-off-by: Yuanzheng Song <songyuanzheng(a)huawei.com>
Reviewed-by: Muchun Song <songmuchun(a)bytedance.com>
Cc: Shakeel Butt <shakeelb(a)google.com>
Cc: Roman Gushchin <guro(a)fb.com>
Cc: Johannes Weiner <hannes(a)cmpxchg.org>
Cc: Michal Hocko <mhocko(a)suse.com>
Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org>
Cc: Alex Shi <alexs(a)kernel.org>
Cc: Wei Yang <richard.weiyang(a)gmail.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org>
Signed-off-by: Cai Xinchen <caixinchen1(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
include/linux/memcontrol.h | 2 +-
mm/vmpressure.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h
index abb2476bd282..89e4f01c5710 100644
--- a/include/linux/memcontrol.h
+++ b/include/linux/memcontrol.h
@@ -1921,7 +1921,7 @@ static inline bool mem_cgroup_under_socket_pressure(struct mem_cgroup *memcg)
if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && memcg->tcpmem_pressure)
return true;
do {
- if (time_before(jiffies, memcg->socket_pressure))
+ if (time_before(jiffies, READ_ONCE(memcg->socket_pressure)))
return true;
} while ((memcg = parent_mem_cgroup(memcg)));
return false;
diff --git a/mm/vmpressure.c b/mm/vmpressure.c
index d69019fc3789..c6a7eca666f6 100644
--- a/mm/vmpressure.c
+++ b/mm/vmpressure.c
@@ -304,7 +304,7 @@ void vmpressure(gfp_t gfp, struct mem_cgroup *memcg, bool tree,
* asserted for a second in which subsequent
* pressure events can occur.
*/
- memcg->socket_pressure = jiffies + HZ;
+ WRITE_ONCE(memcg->socket_pressure, jiffies + HZ);
}
}
}
--
2.25.1
1
10
30 Jan '23
From: Neel Natu <neelnatu(a)google.com>
mainline inclusion
from mainline-v6.1-rc1
commit 9847f21225c4eb0b843cb2b72ed83b32edb1e6f2
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6AXHU
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/…
-----------------------------------------
An argument list like "arg=val arg2 \"" can trigger a page fault if the
page pointed by 'args[0xffffffff]' is not mapped and potential memory
corruption otherwise (unlikely but possible if the bogus address is mapped
and contents happen to match the ascii value of the quote character).
The fix is to ensure that we load 'args[i-1]' only when (i > 0).
Prior to this commit the following command would trigger an
unhandled page fault in the kernel:
root@(none):/linus/fs/fat# insmod ./fat.ko "foo=bar \""
[ 33.870507] BUG: unable to handle page fault for address: ffff888204252608
[ 33.872180] #PF: supervisor read access in kernel mode
[ 33.873414] #PF: error_code(0x0000) - not-present page
[ 33.874650] PGD 4401067 P4D 4401067 PUD 0
[ 33.875321] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC PTI
[ 33.876113] CPU: 16 PID: 399 Comm: insmod Not tainted 5.19.0-dbg-DEV #4
[ 33.877193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 33.878739] RIP: 0010:next_arg+0xd1/0x110
[ 33.879399] Code: 22 75 1d 41 c6 04 01 00 41 80 f8 22 74 18 eb 35 4c 89 0e 45 31 d2 4c 89 cf 48 c7 02 00 00 00 00 41 80 f8 22 75 1f 41 8d 42 ff <41> 80 3c 01 22 75 14 41 c6 04 01 00 eb 0d 48 c7 02 00 00 00 00 41
[ 33.882338] RSP: 0018:ffffc90001253d08 EFLAGS: 00010246
[ 33.883174] RAX: 00000000ffffffff RBX: ffff888104252608 RCX: 0fc317bba1c1dd00
[ 33.884311] RDX: ffffc90001253d40 RSI: ffffc90001253d48 RDI: ffff888104252609
[ 33.885450] RBP: ffffc90001253d10 R08: 0000000000000022 R09: ffff888104252609
[ 33.886595] R10: 0000000000000000 R11: ffffffff82c7ff20 R12: 0000000000000282
[ 33.887748] R13: 00000000ffff8000 R14: 0000000000000000 R15: 0000000000007fff
[ 33.888887] FS: 00007f04ec7432c0(0000) GS:ffff88813d300000(0000) knlGS:0000000000000000
[ 33.890183] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.891111] CR2: ffff888204252608 CR3: 0000000100f36005 CR4: 0000000000170ee0
[ 33.892241] Call Trace:
[ 33.892641] <TASK>
[ 33.892989] parse_args+0x8f/0x220
[ 33.893538] load_module+0x138b/0x15a0
[ 33.894149] ? prepare_coming_module+0x50/0x50
[ 33.894879] ? kernel_read_file_from_fd+0x5f/0x90
[ 33.895639] __se_sys_finit_module+0xce/0x130
[ 33.896342] __x64_sys_finit_module+0x1d/0x20
[ 33.897042] do_syscall_64+0x44/0xa0
[ 33.897622] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 33.898434] RIP: 0033:0x7f04ec85ef79
[ 33.899009] Code: 48 8d 3d da db 0d 00 0f 05 eb a5 66 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c7 9e 0d 00 f7 d8 64 89 01 48
[ 33.901912] RSP: 002b:00007fffae81bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 33.903081] RAX: ffffffffffffffda RBX: 0000559c5f1d2640 RCX: 00007f04ec85ef79
[ 33.904191] RDX: 0000000000000000 RSI: 0000559c5f1d12a0 RDI: 0000000000000003
[ 33.905304] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 33.906421] R10: 0000000000000003 R11: 0000000000000246 R12: 0000559c5f1d12a0
[ 33.907526] R13: 0000000000000000 R14: 0000559c5f1d25f0 R15: 0000559c5f1d12a0
[ 33.908631] </TASK>
[ 33.908986] Modules linked in: fat(+) [last unloaded: fat]
[ 33.909843] CR2: ffff888204252608
[ 33.910375] ---[ end trace 0000000000000000 ]---
[ 33.911172] RIP: 0010:next_arg+0xd1/0x110
[ 33.911796] Code: 22 75 1d 41 c6 04 01 00 41 80 f8 22 74 18 eb 35 4c 89 0e 45 31 d2 4c 89 cf 48 c7 02 00 00 00 00 41 80 f8 22 75 1f 41 8d 42 ff <41> 80 3c 01 22 75 14 41 c6 04 01 00 eb 0d 48 c7 02 00 00 00 00 41
[ 33.914643] RSP: 0018:ffffc90001253d08 EFLAGS: 00010246
[ 33.915446] RAX: 00000000ffffffff RBX: ffff888104252608 RCX: 0fc317bba1c1dd00
[ 33.916544] RDX: ffffc90001253d40 RSI: ffffc90001253d48 RDI: ffff888104252609
[ 33.917636] RBP: ffffc90001253d10 R08: 0000000000000022 R09: ffff888104252609
[ 33.918727] R10: 0000000000000000 R11: ffffffff82c7ff20 R12: 0000000000000282
[ 33.919821] R13: 00000000ffff8000 R14: 0000000000000000 R15: 0000000000007fff
[ 33.920908] FS: 00007f04ec7432c0(0000) GS:ffff88813d300000(0000) knlGS:0000000000000000
[ 33.922125] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.923017] CR2: ffff888204252608 CR3: 0000000100f36005 CR4: 0000000000170ee0
[ 33.924098] Kernel panic - not syncing: Fatal exception
[ 33.925776] Kernel Offset: disabled
[ 33.926347] Rebooting in 10 seconds..
Link: https://lkml.kernel.org/r/20220728232434.1666488-1-neelnatu@google.com
Signed-off-by: Neel Natu <neelnatu(a)google.com>
Reviewed-by: Eric Dumazet <edumazet(a)google.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
Signed-off-by: Zhang Zekun <zhangzekun11(a)huawei.com>
Reviewed-by: Weilong Chen <chenweilong(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
lib/cmdline.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/cmdline.c b/lib/cmdline.c
index 171c19b6888e..f32d76261cc1 100644
--- a/lib/cmdline.c
+++ b/lib/cmdline.c
@@ -233,7 +233,7 @@ char *next_arg(char *args, char **param, char **val)
args[i-1] = '\0';
}
}
- if (quoted && args[i-1] == '"')
+ if (quoted && i > 0 && args[i-1] == '"')
args[i-1] = '\0';
if (args[i]) {
--
2.25.1
1
2
[PATCH openEuler-1.0-LTS 1/3] net: sched: atm: dont intepret cls results when asked to drop
by Yongqiang Liu 30 Jan '23
by Yongqiang Liu 30 Jan '23
30 Jan '23
From: Jamal Hadi Salim <jhs(a)mojatatu.com>
stable inclusion
from stable-v4.19.269
commit 5374c455ebe6102e3d5f1842c6d8ff72b3ca659f
category: bugfix
bugzilla: 188250, https://gitee.com/src-openeuler/kernel/issues/I6AQG9
CVE: CVE-2023-23455
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
[ Upstream commit a2965c7be0522eaa18808684b7b82b248515511b ]
If asked to drop a packet via TC_ACT_SHOT it is unsafe to assume
res.class contains a valid pointer
Fixes: b0188d4dbe5f ("[NET_SCHED]: sch_atm: Lindent")
Signed-off-by: Jamal Hadi Salim <jhs(a)mojatatu.com>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/sched/sch_atm.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/net/sched/sch_atm.c b/net/sched/sch_atm.c
index 91bd5c839303..a3084a12239e 100644
--- a/net/sched/sch_atm.c
+++ b/net/sched/sch_atm.c
@@ -394,10 +394,13 @@ static int atm_tc_enqueue(struct sk_buff *skb, struct Qdisc *sch,
result = tcf_classify(skb, fl, &res, true);
if (result < 0)
continue;
+ if (result == TC_ACT_SHOT)
+ goto done;
+
flow = (struct atm_flow_data *)res.class;
if (!flow)
flow = lookup_flow(sch, res.classid);
- goto done;
+ goto drop;
}
}
flow = NULL;
--
2.25.1
1
2
[PATCH openEuler-1.0-LTS 1/2] net: sched: cbq: dont intepret cls results when asked to drop
by Yongqiang Liu 29 Jan '23
by Yongqiang Liu 29 Jan '23
29 Jan '23
From: Jamal Hadi Salim <jhs(a)mojatatu.com>
mainline inclusion
from mainline-v6.2-rc3
commit caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AQIL
CVE: CVE-2023-23454
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
If asked to drop a packet via TC_ACT_SHOT it is unsafe to assume that
res.class contains a valid pointer
Sample splat reported by Kyle Zeng
[ 5.405624] 0: reclassify loop, rule prio 0, protocol 800
[ 5.406326] ==================================================================
[ 5.407240] BUG: KASAN: slab-out-of-bounds in cbq_enqueue+0x54b/0xea0
[ 5.407987] Read of size 1 at addr ffff88800e3122aa by task poc/299
[ 5.408731]
[ 5.408897] CPU: 0 PID: 299 Comm: poc Not tainted 5.10.155+ #15
[ 5.409516] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.15.0-1 04/01/2014
[ 5.410439] Call Trace:
[ 5.410764] dump_stack+0x87/0xcd
[ 5.411153] print_address_description+0x7a/0x6b0
[ 5.411687] ? vprintk_func+0xb9/0xc0
[ 5.411905] ? printk+0x76/0x96
[ 5.412110] ? cbq_enqueue+0x54b/0xea0
[ 5.412323] kasan_report+0x17d/0x220
[ 5.412591] ? cbq_enqueue+0x54b/0xea0
[ 5.412803] __asan_report_load1_noabort+0x10/0x20
[ 5.413119] cbq_enqueue+0x54b/0xea0
[ 5.413400] ? __kasan_check_write+0x10/0x20
[ 5.413679] __dev_queue_xmit+0x9c0/0x1db0
[ 5.413922] dev_queue_xmit+0xc/0x10
[ 5.414136] ip_finish_output2+0x8bc/0xcd0
[ 5.414436] __ip_finish_output+0x472/0x7a0
[ 5.414692] ip_finish_output+0x5c/0x190
[ 5.414940] ip_output+0x2d8/0x3c0
[ 5.415150] ? ip_mc_finish_output+0x320/0x320
[ 5.415429] __ip_queue_xmit+0x753/0x1760
[ 5.415664] ip_queue_xmit+0x47/0x60
[ 5.415874] __tcp_transmit_skb+0x1ef9/0x34c0
[ 5.416129] tcp_connect+0x1f5e/0x4cb0
[ 5.416347] tcp_v4_connect+0xc8d/0x18c0
[ 5.416577] __inet_stream_connect+0x1ae/0xb40
[ 5.416836] ? local_bh_enable+0x11/0x20
[ 5.417066] ? lock_sock_nested+0x175/0x1d0
[ 5.417309] inet_stream_connect+0x5d/0x90
[ 5.417548] ? __inet_stream_connect+0xb40/0xb40
[ 5.417817] __sys_connect+0x260/0x2b0
[ 5.418037] __x64_sys_connect+0x76/0x80
[ 5.418267] do_syscall_64+0x31/0x50
[ 5.418477] entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 5.418770] RIP: 0033:0x473bb7
[ 5.418952] Code: 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00
00 00 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2a 00 00
00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 18 89 54 24 0c 48 89 34
24 89
[ 5.420046] RSP: 002b:00007fffd20eb0f8 EFLAGS: 00000246 ORIG_RAX:
000000000000002a
[ 5.420472] RAX: ffffffffffffffda RBX: 00007fffd20eb578 RCX: 0000000000473bb7
[ 5.420872] RDX: 0000000000000010 RSI: 00007fffd20eb110 RDI: 0000000000000007
[ 5.421271] RBP: 00007fffd20eb150 R08: 0000000000000001 R09: 0000000000000004
[ 5.421671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 5.422071] R13: 00007fffd20eb568 R14: 00000000004fc740 R15: 0000000000000002
[ 5.422471]
[ 5.422562] Allocated by task 299:
[ 5.422782] __kasan_kmalloc+0x12d/0x160
[ 5.423007] kasan_kmalloc+0x5/0x10
[ 5.423208] kmem_cache_alloc_trace+0x201/0x2e0
[ 5.423492] tcf_proto_create+0x65/0x290
[ 5.423721] tc_new_tfilter+0x137e/0x1830
[ 5.423957] rtnetlink_rcv_msg+0x730/0x9f0
[ 5.424197] netlink_rcv_skb+0x166/0x300
[ 5.424428] rtnetlink_rcv+0x11/0x20
[ 5.424639] netlink_unicast+0x673/0x860
[ 5.424870] netlink_sendmsg+0x6af/0x9f0
[ 5.425100] __sys_sendto+0x58d/0x5a0
[ 5.425315] __x64_sys_sendto+0xda/0xf0
[ 5.425539] do_syscall_64+0x31/0x50
[ 5.425764] entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 5.426065]
[ 5.426157] The buggy address belongs to the object at ffff88800e312200
[ 5.426157] which belongs to the cache kmalloc-128 of size 128
[ 5.426955] The buggy address is located 42 bytes to the right of
[ 5.426955] 128-byte region [ffff88800e312200, ffff88800e312280)
[ 5.427688] The buggy address belongs to the page:
[ 5.427992] page:000000009875fabc refcount:1 mapcount:0
mapping:0000000000000000 index:0x0 pfn:0xe312
[ 5.428562] flags: 0x100000000000200(slab)
[ 5.428812] raw: 0100000000000200 dead000000000100 dead000000000122
ffff888007843680
[ 5.429325] raw: 0000000000000000 0000000000100010 00000001ffffffff
ffff88800e312401
[ 5.429875] page dumped because: kasan: bad access detected
[ 5.430214] page->mem_cgroup:ffff88800e312401
[ 5.430471]
[ 5.430564] Memory state around the buggy address:
[ 5.430846] ffff88800e312180: fc fc fc fc fc fc fc fc fc fc fc fc
fc fc fc fc
[ 5.431267] ffff88800e312200: 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 fc
[ 5.431705] >ffff88800e312280: fc fc fc fc fc fc fc fc fc fc fc fc
fc fc fc fc
[ 5.432123] ^
[ 5.432391] ffff88800e312300: 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 fc
[ 5.432810] ffff88800e312380: fc fc fc fc fc fc fc fc fc fc fc fc
fc fc fc fc
[ 5.433229] ==================================================================
[ 5.433648] Disabling lock debugging due to kernel taint
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Reported-by: Kyle Zeng <zengyhkyle(a)gmail.com>
Signed-off-by: Jamal Hadi Salim <jhs(a)mojatatu.com>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Conflicts:
net/sched/sch_cbq.c
Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/sched/sch_cbq.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c
index bc62e1b24653..dd8e83aac042 100644
--- a/net/sched/sch_cbq.c
+++ b/net/sched/sch_cbq.c
@@ -236,6 +236,8 @@ cbq_classify(struct sk_buff *skb, struct Qdisc *sch, int *qerr)
result = tcf_classify(skb, fl, &res, true);
if (!fl || result < 0)
goto fallback;
+ if (result == TC_ACT_SHOT)
+ return NULL;
cl = (void *)res.class;
if (!cl) {
@@ -256,8 +258,6 @@ cbq_classify(struct sk_buff *skb, struct Qdisc *sch, int *qerr)
case TC_ACT_TRAP:
*qerr = NET_XMIT_SUCCESS | __NET_XMIT_STOLEN;
/* fall through */
- case TC_ACT_SHOT:
- return NULL;
case TC_ACT_RECLASSIFY:
return cbq_reclassify(skb, cl);
}
--
2.25.1
1
1
18 Jan '23
From: Huajingjing <huajingjing1(a)huawei.com>
driver inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I67J42
CVE: NA
-------------------------------------------------
The BMA software is a system management software offered by Huawei.
It supports the status monitoring, performance monitoring and
event monitoring of various components, including server CPUs,
memory hard disks, NICs, IB cards, PCIe cards,
RAID controller cards and optical modules.
In this version, the system resets due to the BMA spin lock
when the memory usage is too high, the vulnerability has been rectified.
Signed-off-by: Hua Jingjing <huajingjingjing1(a)huawei.com>
Reviewed-by: Chen Jiesong <chenjiesong(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
.../ethernet/huawei/bma/cdev_drv/bma_cdev.c | 2 +-
.../huawei/bma/edma_drv/bma_devintf.c | 110 +++++++++++-------
.../ethernet/huawei/bma/edma_drv/bma_pci.h | 2 +-
.../huawei/bma/kbox_drv/kbox_include.h | 2 +-
.../ethernet/huawei/bma/kbox_drv/kbox_panic.c | 4 +-
.../huawei/bma/kbox_drv/kbox_printk.c | 4 +-
.../huawei/bma/kbox_drv/kbox_ram_op.c | 2 +-
.../ethernet/huawei/bma/veth_drv/veth_hb.c | 7 +-
.../ethernet/huawei/bma/veth_drv/veth_hb.h | 2 +-
9 files changed, 81 insertions(+), 54 deletions(-)
diff --git a/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c b/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c
index 0348a83005d6..9468a5a0c768 100644
--- a/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c
+++ b/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c
@@ -28,7 +28,7 @@
#ifdef DRV_VERSION
#define CDEV_VERSION MICRO_TO_STR(DRV_VERSION)
#else
-#define CDEV_VERSION "0.3.4"
+#define CDEV_VERSION "0.3.5"
#endif
#define CDEV_DEFAULT_NUM 4
diff --git a/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c b/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c
index 7817f58f8635..556130ab8a65 100644
--- a/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c
+++ b/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c
@@ -419,8 +419,10 @@ EXPORT_SYMBOL(bma_intf_int_to_bmc);
int bma_intf_is_link_ok(void)
{
- return (g_bma_dev->edma_host.statistics.remote_status ==
- REGISTERED) ? 1 : 0;
+ if ((&g_bma_dev->edma_host != NULL) &&
+ (g_bma_dev->edma_host.statistics.remote_status == REGISTERED))
+ return 1;
+ return 0;
}
EXPORT_SYMBOL(bma_intf_is_link_ok);
@@ -460,14 +462,10 @@ int bma_cdev_recv_msg(void *handle, char __user *data, size_t count)
}
EXPORT_SYMBOL_GPL(bma_cdev_recv_msg);
-int bma_cdev_add_msg(void *handle, const char __user *msg, size_t msg_len)
+static int check_cdev_add_msg_param(struct bma_priv_data_s *handle,
+const char __user *msg, size_t msg_len)
{
struct bma_priv_data_s *priv = NULL;
- struct edma_msg_hdr_s *hdr = NULL;
- unsigned long flags = 0;
- int total_len = 0;
- int ret = 0;
- struct edma_host_s *phost = &g_bma_dev->edma_host;
if (!handle || !msg || msg_len == 0) {
BMA_LOG(DLOG_DEBUG, "input NULL point!\n");
@@ -479,54 +477,80 @@ int bma_cdev_add_msg(void *handle, const char __user *msg, size_t msg_len)
return -EINVAL;
}
- priv = (struct bma_priv_data_s *)handle;
+ priv = handle;
if (priv->user.type >= TYPE_MAX) {
BMA_LOG(DLOG_DEBUG, "error type = %d\n", priv->user.type);
return -EFAULT;
}
- total_len = SIZE_OF_MSG_HDR + msg_len;
+
+ return 0;
+}
+
+static void edma_msg_hdr_init(struct edma_msg_hdr_s *hdr,
+ struct bma_priv_data_s *private_data,
+ char *msg_buf, size_t msg_len)
+{
+ hdr->type = private_data->user.type;
+ hdr->sub_type = private_data->user.sub_type;
+ hdr->user_id = private_data->user.user_id;
+ hdr->datalen = msg_len;
+ BMA_LOG(DLOG_DEBUG, "msg_len is %ld\n", msg_len);
+
+ memcpy(hdr->data, msg_buf, msg_len);
+}
+
+int bma_cdev_add_msg(void *handle, const char __user *msg, size_t msg_len)
+{
+ struct bma_priv_data_s *priv = NULL;
+ struct edma_msg_hdr_s *hdr = NULL;
+ unsigned long flags = 0;
+ unsigned int total_len = 0;
+ int ret = 0;
+ struct edma_host_s *phost = &g_bma_dev->edma_host;
+ char *msg_buf = NULL;
+
+ ret = check_cdev_add_msg_param(handle, msg, msg_len);
+ if (ret != 0)
+ return ret;
+
+ priv = (struct bma_priv_data_s *)handle;
+
+ total_len = (unsigned int)(SIZE_OF_MSG_HDR + msg_len);
+ if (phost->msg_send_write + total_len > HOST_MAX_SEND_MBX_LEN - SIZE_OF_MBX_HDR) {
+ BMA_LOG(DLOG_DEBUG, "msg lost,msg_send_write: %u,msg_len:%u,max_len: %d\n",
+ phost->msg_send_write, total_len, HOST_MAX_SEND_MBX_LEN);
+ return -ENOSPC;
+ }
+
+ msg_buf = (char *)kmalloc(msg_len, GFP_KERNEL);
+ if (!msg_buf) {
+ BMA_LOG(DLOG_ERROR, "malloc msg_buf failed\n");
+ return -ENOMEM;
+ }
+
+ if (copy_from_user(msg_buf, msg, msg_len)) {
+ BMA_LOG(DLOG_ERROR, "copy_from_user error\n");
+ kfree(msg_buf);
+ return -EFAULT;
+ }
spin_lock_irqsave(&phost->send_msg_lock, flags);
- if (phost->msg_send_write + total_len <=
- HOST_MAX_SEND_MBX_LEN - SIZE_OF_MBX_HDR) {
- hdr = (struct edma_msg_hdr_s *)(phost->msg_send_buf +
- phost->msg_send_write);
- hdr->type = priv->user.type;
- hdr->sub_type = priv->user.sub_type;
- hdr->user_id = priv->user.user_id;
- hdr->datalen = msg_len;
- BMA_LOG(DLOG_DEBUG, "msg_len is %ld\n", msg_len);
-
- if (copy_from_user(hdr->data, msg, msg_len)) {
- BMA_LOG(DLOG_ERROR, "copy_from_user error\n");
- ret = -EFAULT;
- goto end;
- }
+ hdr = (struct edma_msg_hdr_s *)(phost->msg_send_buf + phost->msg_send_write);
+ edma_msg_hdr_init(hdr, priv, msg_buf, msg_len);
- phost->msg_send_write += total_len;
- phost->statistics.send_bytes += total_len;
- phost->statistics.send_pkgs++;
+ phost->msg_send_write += total_len;
+ phost->statistics.send_bytes += total_len;
+ phost->statistics.send_pkgs++;
#ifdef EDMA_TIMER
- (void)mod_timer(&phost->timer, jiffies_64);
+ (void)mod_timer(&phost->timer, jiffies_64);
#endif
- BMA_LOG(DLOG_DEBUG, "msg_send_write = %d\n",
- phost->msg_send_write);
-
- ret = msg_len;
- goto end;
- } else {
- BMA_LOG(DLOG_DEBUG,
- "msg lost,msg_send_write: %d,msg_len:%d,max_len: %d\n",
- phost->msg_send_write, total_len,
- HOST_MAX_SEND_MBX_LEN);
- ret = -ENOSPC;
- goto end;
- }
+ BMA_LOG(DLOG_DEBUG, "msg_send_write = %d\n", phost->msg_send_write);
-end:
+ ret = msg_len;
spin_unlock_irqrestore(&g_bma_dev->edma_host.send_msg_lock, flags);
+ kfree(msg_buf);
return ret;
}
EXPORT_SYMBOL_GPL(bma_cdev_add_msg);
diff --git a/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h b/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h
index 2851e583666a..b6a0d11704a2 100644
--- a/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h
+++ b/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h
@@ -71,7 +71,7 @@ struct bma_pci_dev_s {
#ifdef DRV_VERSION
#define BMA_VERSION MICRO_TO_STR(DRV_VERSION)
#else
-#define BMA_VERSION "0.3.4"
+#define BMA_VERSION "0.3.5"
#endif
#ifdef CONFIG_ARM64
diff --git a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h
index ffadf3727734..b027306e52c1 100644
--- a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h
+++ b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h
@@ -23,7 +23,7 @@
#ifdef DRV_VERSION
#define KBOX_VERSION MICRO_TO_STR(DRV_VERSION)
#else
-#define KBOX_VERSION "0.3.4"
+#define KBOX_VERSION "0.3.5"
#endif
#define UNUSED(x) (x = x)
diff --git a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_panic.c b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_panic.c
index 0c17cd2bae49..2b142ae9bff6 100644
--- a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_panic.c
+++ b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_panic.c
@@ -135,7 +135,7 @@ int kbox_panic_init(void)
int ret = KBOX_TRUE;
g_panic_info_buf = kmalloc(SLOT_LENGTH, GFP_KERNEL);
- if (IS_ERR(g_panic_info_buf) || !g_panic_info_buf) {
+ if (!g_panic_info_buf) {
KBOX_MSG("kmalloc g_panic_info_buf fail!\n");
ret = -ENOMEM;
goto fail;
@@ -144,7 +144,7 @@ int kbox_panic_init(void)
memset(g_panic_info_buf, 0, SLOT_LENGTH);
g_panic_info_buf_tmp = kmalloc(SLOT_LENGTH, GFP_KERNEL);
- if (IS_ERR(g_panic_info_buf_tmp) || !g_panic_info_buf_tmp) {
+ if (!g_panic_info_buf_tmp) {
KBOX_MSG("kmalloc g_panic_info_buf_tmp fail!\n");
ret = -ENOMEM;
goto fail;
diff --git a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_printk.c b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_printk.c
index 3b04ba206108..630a1e16ea24 100644
--- a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_printk.c
+++ b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_printk.c
@@ -304,7 +304,7 @@ int kbox_printk_init(int kbox_proc_exist)
g_printk_info_buf = kmalloc(SECTION_PRINTK_LEN,
GFP_KERNEL);
- if (IS_ERR(g_printk_info_buf) || !g_printk_info_buf) {
+ if (!g_printk_info_buf) {
KBOX_MSG("kmalloc g_printk_info_buf fail!\n");
ret = -ENOMEM;
goto fail;
@@ -314,7 +314,7 @@ int kbox_printk_init(int kbox_proc_exist)
g_printk_info_buf_tmp = kmalloc(SECTION_PRINTK_LEN,
GFP_KERNEL);
- if (IS_ERR(g_printk_info_buf_tmp) || !g_printk_info_buf_tmp) {
+ if (!g_printk_info_buf_tmp) {
KBOX_MSG("kmalloc g_printk_info_buf_tmp fail!\n");
ret = -ENOMEM;
goto fail;
diff --git a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_ram_op.c b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_ram_op.c
index 49690bab1cef..9f6dfe55e3fb 100644
--- a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_ram_op.c
+++ b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_ram_op.c
@@ -432,7 +432,7 @@ int kbox_write_op(long long offset, unsigned int count,
return KBOX_FALSE;
temp_buf_char = kmalloc(TEMP_BUF_DATA_SIZE, GFP_KERNEL);
- if (!temp_buf_char || IS_ERR(temp_buf_char)) {
+ if (!temp_buf_char) {
KBOX_MSG("kmalloc temp_buf_char fail!\n");
up(&user_sem);
return -ENOMEM;
diff --git a/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.c b/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.c
index 9681ce3bfc7b..e226582693b6 100644
--- a/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.c
+++ b/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.c
@@ -638,6 +638,7 @@ s32 veth_refill_rxskb(struct bspveth_rxtx_q *prx_queue, int queue)
next_to_fill = (next_to_fill + 1) & BSPVETH_POINT_MASK;
}
+ mb();/* memory barriers. */
prx_queue->next_to_fill = next_to_fill;
tail = prx_queue->tail;
@@ -672,6 +673,7 @@ s32 bspveth_setup_rx_skb(struct bspveth_device *pvethdev,
if (!idx) /* Can't alloc even one packets */
return -EFAULT;
+ mb();/* memory barriers. */
prx_queue->next_to_fill = idx;
VETH_LOG(DLOG_DEBUG, "prx_queue->next_to_fill=%d\n",
@@ -886,8 +888,6 @@ s32 bspveth_setup_all_rx_resources(struct bspveth_device *pvethdev)
err = bspveth_setup_rx_resources(pvethdev,
pvethdev->prx_queue[qid]);
if (err) {
- kfree(pvethdev->prx_queue[qid]);
- pvethdev->prx_queue[qid] = NULL;
VETH_LOG(DLOG_ERROR,
"Allocation for Rx Queue %u failed\n", qid);
@@ -1328,6 +1328,7 @@ s32 veth_send_one_pkt(struct sk_buff *skb, int queue)
pbd_v->off = off;
pbd_v->len = skb->len;
+ mb();/* memory barriers. */
head = (head + 1) & BSPVETH_POINT_MASK;
ptx_queue->head = head;
@@ -1424,6 +1425,7 @@ s32 veth_free_txskb(struct bspveth_rxtx_q *ptx_queue, int queue)
next_to_free = (next_to_free + 1) & BSPVETH_POINT_MASK;
}
+ mb(); /* memory barriers. */
ptx_queue->next_to_free = next_to_free;
tail = ptx_queue->tail;
@@ -1522,6 +1524,7 @@ s32 veth_recv_pkt(struct bspveth_rxtx_q *prx_queue, int queue)
}
}
+ mb();/* memory barriers. */
prx_queue->tail = tail;
head = prx_queue->head;
diff --git a/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h b/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h
index 9a4d699e6421..503636549320 100644
--- a/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h
+++ b/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h
@@ -31,7 +31,7 @@ extern "C" {
#ifdef DRV_VERSION
#define VETH_VERSION MICRO_TO_STR(DRV_VERSION)
#else
-#define VETH_VERSION "0.3.4"
+#define VETH_VERSION "0.3.5"
#endif
#define MODULE_NAME "veth"
--
2.25.1
1
1
[PATCH V2 RESEND openEuler-22.03-LTS] selftests/rseq: check if libc rseq support is registered
by 任敏敏(联通集团联通数字科技有 限公司本部) 18 Jan '23
by 任敏敏(联通集团联通数字科技有 限公司本部) 18 Jan '23
18 Jan '23
From: Michael Jeanson <mjeanson(a)efficios.com>
mainline inclusion
from mainline-v6.0-rc1
commit d1a997ba4c1bf65497d956aea90de42a6398f73a
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I69PT8
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit d1a997ba4c1bf65497d956aea90de42a6398f73a upstream.
When checking for libc rseq support in the library constructor, don't
only depend on the symbols presence, check that the registration was
completed.
This targets a scenario where the libc has rseq support but it is not
wired for the current architecture in 'bits/rseq.h', we want to fallback
to our internal registration mechanism.
Signed-off-by: Michael Jeanson <mjeanson(a)efficios.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org>
Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com>
Link: https://lore.kernel.org/r/20220614154830.1367382-4-mjeanson@efficios.com
Signed-off-by: rminmin <renmm6(a)chinaunicom.cn>
---
tools/testing/selftests/rseq/rseq.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/rseq/rseq.c b/tools/testing/selftests/rseq/rseq.c
index 986b9458efb2..4177f9507bbe 100644
--- a/tools/testing/selftests/rseq/rseq.c
+++ b/tools/testing/selftests/rseq/rseq.c
@@ -111,7 +111,8 @@ void rseq_init(void)
libc_rseq_offset_p = dlsym(RTLD_NEXT, "__rseq_offset");
libc_rseq_size_p = dlsym(RTLD_NEXT, "__rseq_size");
libc_rseq_flags_p = dlsym(RTLD_NEXT, "__rseq_flags");
- if (libc_rseq_size_p && libc_rseq_offset_p && libc_rseq_flags_p) {
+ if (libc_rseq_size_p && libc_rseq_offset_p && libc_rseq_flags_p &&
+ *libc_rseq_size_p != 0) {
/* rseq registration owned by glibc */
rseq_offset = *libc_rseq_offset_p;
rseq_size = *libc_rseq_size_p;
--
2.33.0
Èç¹ûÄúŽíÎóœÓÊÕÁËžÃÓÊŒþ£¬ÇëÍš¹ýµç×ÓÓÊŒþÁ¢ŒŽÍšÖªÎÒÃÇ¡£Çë»ØžŽÓÊŒþµœ hqs-spmc@chinaunicom.cn£¬ŒŽ¿ÉÒÔÍ˶©ŽËÓÊŒþ¡£ÎÒÃÇœ«Á¢ŒŽœ«ÄúµÄÐÅÏ¢ŽÓÎÒÃǵķ¢ËÍÄ¿ÂŒÖÐÉŸ³ý¡£ If you have received this email in error please notify us immediately by e-mail. Please reply to hqs-spmc(a)chinaunicom.cn ,you can unsubscribe from this mail. We will immediately remove your information from send catalogue of our.
1
0
[PATCH openEuler-5.10-LTS-SP1 01/14] tracing/osnoise: Properly unhook events if start_per_cpu_kthreads() fails
by Jialin Zhang 18 Jan '23
by Jialin Zhang 18 Jan '23
18 Jan '23
From: Nikita Yushchenko <nikita.yushchenko(a)virtuozzo.com>
mainline inclusion
from mainline-v5.17-rc1
commit 0878355b51f5f26632e652c848a8e174bb02d22d
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I699A9
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
If start_per_cpu_kthreads() called from osnoise_workload_start() returns
error, event hooks are left in broken state: unhook_irq_events() called
but unhook_thread_events() and unhook_softirq_events() not called, and
trace_osnoise_callback_enabled flag not cleared.
On the next tracer enable, hooks get not installed due to
trace_osnoise_callback_enabled flag.
And on the further tracer disable an attempt to remove non-installed
hooks happened, hitting a WARN_ON_ONCE() in tracepoint_remove_func().
Fix the error path by adding the missing part of cleanup.
While at this, introduce osnoise_unhook_events() to avoid code
duplication between this error path and normal tracer disable.
Link: https://lkml.kernel.org/r/20220109153459.3701773-1-nikita.yushchenko@virtuo…
Cc: stable(a)vger.kernel.org
Fixes: bce29ac9ce0b ("trace: Add osnoise tracer")
Acked-by: Daniel Bristot de Oliveira <bristot(a)kernel.org>
Signed-off-by: Nikita Yushchenko <nikita.yushchenko(a)virtuozzo.com>
Signed-off-by: Steven Rostedt <rostedt(a)goodmis.org>
Signed-off-by: Zheng Yejian <zhengyejian1(a)huawei.com>
Reviewed-by: Xu Kuohai <xukuohai(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
kernel/trace/trace_osnoise.c | 20 ++++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/kernel/trace/trace_osnoise.c b/kernel/trace/trace_osnoise.c
index cfb80feb291e..3f806a3be8b2 100644
--- a/kernel/trace/trace_osnoise.c
+++ b/kernel/trace/trace_osnoise.c
@@ -2103,6 +2103,13 @@ static int osnoise_hook_events(void)
return -EINVAL;
}
+static void osnoise_unhook_events(void)
+{
+ unhook_thread_events();
+ unhook_softirq_events();
+ unhook_irq_events();
+}
+
/*
* osnoise_workload_start - start the workload and hook to events
*/
@@ -2135,7 +2142,14 @@ static int osnoise_workload_start(void)
retval = start_per_cpu_kthreads();
if (retval) {
- unhook_irq_events();
+ trace_osnoise_callback_enabled = false;
+ /*
+ * Make sure that ftrace_nmi_enter/exit() see
+ * trace_osnoise_callback_enabled as false before continuing.
+ */
+ barrier();
+
+ osnoise_unhook_events();
return retval;
}
@@ -2166,9 +2180,7 @@ static void osnoise_workload_stop(void)
stop_per_cpu_kthreads();
- unhook_irq_events();
- unhook_softirq_events();
- unhook_thread_events();
+ osnoise_unhook_events();
}
static void osnoise_tracer_start(struct trace_array *tr)
--
2.25.1
1
13
18 Jan '23
From: Hugh Dickins <hughd(a)google.com>
mainline inclusion
from mainline-v5.18-rc1
commit 56a8c8eb1eaf21261be8cdc4e3715239ac087342
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6113U
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
Mikulas asked in "Do we still need commit a0ee5ec520ed ('tmpfs: allocate
on read when stacked')?" in [1]
Lukas noticed this unusual behavior of loop device backed by tmpfs in [2].
Normally, shmem_file_read_iter() copies the ZERO_PAGE when reading
holes; but if it looks like it might be a read for "a stacking
filesystem", it allocates actual pages to the page cache, and even marks
them as dirty. And reads from the loop device do satisfy the test that
is used.
This oddity was added for an old version of unionfs, to help to limit
its usage to the limited size of the tmpfs mount involved; but about the
same time as the tmpfs mod went in (2.6.25), unionfs was reworked to
proceed differently; and the mod kept just in case others needed it.
Do we still need it? I cannot answer with more certainty than "Probably
not". It's nasty enough that we really should try to delete it; but if
a regression is reported somewhere, then we might have to revert later.
It's not quite as simple as just removing the test (as Mikulas did):
xfstests generic/013 hung because splice from tmpfs failed on page not
up-to-date and page mapping unset. That can be fixed just by marking
the ZERO_PAGE as Uptodate, which of course it is: do so in
pagecache_init() - it might be useful to others than tmpfs.
My intention, though, was to stop using the ZERO_PAGE here altogether:
surely iov_iter_zero() is better for this case? Sadly not: it relies on
clear_user(), and the x86 clear_user() is slower than its copy_user() [3].
But while we are still using the ZERO_PAGE, let's stop dirtying its
struct page cacheline with unnecessary get_page() and put_page().
Link: https://lore.kernel.org/linux-mm/alpine.LRH.2.02.2007210510230.6959@file01.… [1]
Link: https://lore.kernel.org/linux-mm/20211126075100.gd64odg2bcptiqeb@work/ [2]
Link: https://lore.kernel.org/lkml/2f5ca5e4-e250-a41c-11fb-a7f4ebc7e1c9@google.co… [3]
Link: https://lkml.kernel.org/r/90bc5e69-9984-b5fa-a685-be55f2b64b@google.com
Signed-off-by: Hugh Dickins <hughd(a)google.com>
Reported-by: Mikulas Patocka <mpatocka(a)redhat.com>
Reported-by: Lukas Czerner <lczerner(a)redhat.com>
Acked-by: Darrick J. Wong <djwong(a)kernel.org>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Cc: Zdenek Kabelac <zkabelac(a)redhat.com>
Cc: "Darrick J. Wong" <djwong(a)kernel.org>
Cc: Miklos Szeredi <miklos(a)szeredi.hu>
Cc: Borislav Petkov <bp(a)suse.de>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org>
Signed-off-by: Ma Wupeng <mawupeng1(a)huawei.com>
Reviewed-by: tong tiangen <tongtiangen(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
mm/filemap.c | 6 ++++++
mm/shmem.c | 20 ++++++--------------
2 files changed, 12 insertions(+), 14 deletions(-)
diff --git a/mm/filemap.c b/mm/filemap.c
index 98b448d9873f..a44baa79c1e7 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -996,6 +996,12 @@ void __init pagecache_init(void)
init_waitqueue_head(&page_wait_table[i]);
page_writeback_init();
+
+ /*
+ * tmpfs uses the ZERO_PAGE for reading holes: it is up-to-date,
+ * and splice's page_cache_pipe_buf_confirm() needs to see that.
+ */
+ SetPageUptodate(ZERO_PAGE(0));
}
/*
diff --git a/mm/shmem.c b/mm/shmem.c
index ad2d68150ed2..c5028634afee 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -2573,19 +2573,10 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
struct address_space *mapping = inode->i_mapping;
pgoff_t index;
unsigned long offset;
- enum sgp_type sgp = SGP_READ;
int error = 0;
ssize_t retval = 0;
loff_t *ppos = &iocb->ki_pos;
- /*
- * Might this read be for a stacking filesystem? Then when reading
- * holes of a sparse file, we actually need to allocate those pages,
- * and even mark them dirty, so it cannot exceed the max_blocks limit.
- */
- if (!iter_is_iovec(to))
- sgp = SGP_CACHE;
-
index = *ppos >> PAGE_SHIFT;
offset = *ppos & ~PAGE_MASK;
@@ -2594,6 +2585,7 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
pgoff_t end_index;
unsigned long nr, ret;
loff_t i_size = i_size_read(inode);
+ bool got_page;
end_index = i_size >> PAGE_SHIFT;
if (index > end_index)
@@ -2604,15 +2596,13 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
break;
}
- error = shmem_getpage(inode, index, &page, sgp);
+ error = shmem_getpage(inode, index, &page, SGP_READ);
if (error) {
if (error == -EINVAL)
error = 0;
break;
}
if (page) {
- if (sgp == SGP_CACHE)
- set_page_dirty(page);
unlock_page(page);
}
@@ -2646,9 +2636,10 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
*/
if (!offset)
mark_page_accessed(page);
+ got_page = true;
} else {
page = ZERO_PAGE(0);
- get_page(page);
+ got_page = false;
}
/*
@@ -2661,7 +2652,8 @@ static ssize_t shmem_file_read_iter(struct kiocb *iocb, struct iov_iter *to)
index += offset >> PAGE_SHIFT;
offset &= ~PAGE_MASK;
- put_page(page);
+ if (got_page)
+ put_page(page);
if (!iov_iter_count(to))
break;
if (ret < nr) {
--
2.25.1
1
20
[PATCH openEuler-1.0-LTS] USB: Fix kABI for usb_device->reset_in_progress
by Yongqiang Liu 18 Jan '23
by Yongqiang Liu 18 Jan '23
18 Jan '23
From: Yuyao Lin <linyuyao1(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla:https://gitee.com/src-openeuler/kernel/issues/I675RE
CVE: CVE-2022-4662
--------------------------------
Fix kABI by using __GENKSYMS__ for usb_device->reset_in_progress.
Signed-off-by: Yuyao Lin <linyuyao1(a)huawei.com>
Reviewed-by: zhangjialin <zhangjialin11(a)huawei.com>
Reviewed-by: Wei Li <liwei391(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/linux/usb.h | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/include/linux/usb.h b/include/linux/usb.h
index 317eedae1c10..9c10a16c3abe 100644
--- a/include/linux/usb.h
+++ b/include/linux/usb.h
@@ -665,7 +665,6 @@ struct usb_device {
unsigned can_submit:1;
unsigned persist_enabled:1;
- unsigned reset_in_progress:1;
unsigned have_langid:1;
unsigned authorized:1;
unsigned authenticated:1;
@@ -677,6 +676,11 @@ struct usb_device {
unsigned usb2_hw_lpm_allowed:1;
unsigned usb3_lpm_u1_enabled:1;
unsigned usb3_lpm_u2_enabled:1;
+
+#ifndef __GENKSYMS__
+ unsigned reset_in_progress:1;
+#endif
+
int string_langid;
/* static strings from the device */
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS] USB: Fix kABI for usb_device->reset_in_progress
by Yongqiang Liu 18 Jan '23
by Yongqiang Liu 18 Jan '23
18 Jan '23
From: Yuyao Lin <linyuyao1(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla:https://gitee.com/src-openeuler/kernel/issues/I675RE
CVE: CVE-2022-4662
--------------------------------
Fix kABI by using __GENKSYMS__ for usb_device->reset_in_progress.
Signed-off-by: Yuyao Lin <linyuyao1(a)huawei.com>
Reviewed-by: zhangjialin 00591957 <zhangjialin11(a)huawei.com>
Reviewed-by: Wei Li <liwei391(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/linux/usb.h | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/include/linux/usb.h b/include/linux/usb.h
index 317eedae1c10..9c10a16c3abe 100644
--- a/include/linux/usb.h
+++ b/include/linux/usb.h
@@ -665,7 +665,6 @@ struct usb_device {
unsigned can_submit:1;
unsigned persist_enabled:1;
- unsigned reset_in_progress:1;
unsigned have_langid:1;
unsigned authorized:1;
unsigned authenticated:1;
@@ -677,6 +676,11 @@ struct usb_device {
unsigned usb2_hw_lpm_allowed:1;
unsigned usb3_lpm_u1_enabled:1;
unsigned usb3_lpm_u2_enabled:1;
+
+#ifndef __GENKSYMS__
+ unsigned reset_in_progress:1;
+#endif
+
int string_langid;
/* static strings from the device */
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS] rndis_wlan: Prevent buffer overflow in rndis_query_oid
by Yongqiang Liu 18 Jan '23
by Yongqiang Liu 18 Jan '23
18 Jan '23
From: Szymon Heidrich <szymon.heidrich(a)gmail.com>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AQJP
CVE: CVE-2023-23559
Reference: https://patchwork.kernel.org/project/linux-wireless/patch/20230111175031.70…
-------------------------------
Since resplen and respoffs are signed integers sufficiently
large values of unsigned int len and offset members of RNDIS
response will result in negative values of prior variables.
This may be utilized to bypass implemented security checks
to either extract memory contents by manipulating offset or
overflow the data buffer via memcpy by manipulating both
offset and len.
Additionally assure that sum of resplen and respoffs does not
overflow so buffer boundaries are kept.
Fixes: 80f8c5b434f9 ("rndis_wlan: copy only useful data from rndis_command respond")
Signed-off-by: Szymon Heidrich <szymon.heidrich(a)gmail.com>
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/net/wireless/rndis_wlan.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index 51e4e92d95a0..0bbeb61ec3a3 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -712,8 +712,8 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
struct rndis_query *get;
struct rndis_query_c *get_c;
} u;
- int ret, buflen;
- int resplen, respoffs, copylen;
+ int ret;
+ size_t buflen, resplen, respoffs, copylen;
buflen = *len + sizeof(*u.get);
if (buflen < CONTROL_BUFFER_SIZE)
@@ -748,22 +748,15 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
if (respoffs > buflen) {
/* Device returned data offset outside buffer, error. */
- netdev_dbg(dev->net, "%s(%s): received invalid "
- "data offset: %d > %d\n", __func__,
- oid_to_string(oid), respoffs, buflen);
+ netdev_dbg(dev->net,
+ "%s(%s): received invalid data offset: %zu > %zu\n",
+ __func__, oid_to_string(oid), respoffs, buflen);
ret = -EINVAL;
goto exit_unlock;
}
- if ((resplen + respoffs) > buflen) {
- /* Device would have returned more data if buffer would
- * have been big enough. Copy just the bits that we got.
- */
- copylen = buflen - respoffs;
- } else {
- copylen = resplen;
- }
+ copylen = min(resplen, buflen - respoffs);
if (copylen > *len)
copylen = *len;
--
2.25.1
1
0
[openEuler-22.03-LTS] rndis_wlan: Prevent buffer overflow in rndis_query_oid
by Wang Yufen 17 Jan '23
by Wang Yufen 17 Jan '23
17 Jan '23
From: Szymon Heidrich <szymon.heidrich(a)gmail.com>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AQJP
CVE: CVE-2023-23559
Reference: https://patchwork.kernel.org/project/linux-wireless/patch/20230111175031.70…
-------------------------------
Since resplen and respoffs are signed integers sufficiently
large values of unsigned int len and offset members of RNDIS
response will result in negative values of prior variables.
This may be utilized to bypass implemented security checks
to either extract memory contents by manipulating offset or
overflow the data buffer via memcpy by manipulating both
offset and len.
Additionally assure that sum of resplen and respoffs does not
overflow so buffer boundaries are kept.
Fixes: 80f8c5b434f9 ("rndis_wlan: copy only useful data from rndis_command respond")
Signed-off-by: Szymon Heidrich <szymon.heidrich(a)gmail.com>
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
drivers/net/wireless/rndis_wlan.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index 75b5d54..dc076d8 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -694,8 +694,8 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
struct rndis_query *get;
struct rndis_query_c *get_c;
} u;
- int ret, buflen;
- int resplen, respoffs, copylen;
+ int ret;
+ size_t buflen, resplen, respoffs, copylen;
buflen = *len + sizeof(*u.get);
if (buflen < CONTROL_BUFFER_SIZE)
@@ -730,22 +730,15 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
if (respoffs > buflen) {
/* Device returned data offset outside buffer, error. */
- netdev_dbg(dev->net, "%s(%s): received invalid "
- "data offset: %d > %d\n", __func__,
- oid_to_string(oid), respoffs, buflen);
+ netdev_dbg(dev->net,
+ "%s(%s): received invalid data offset: %zu > %zu\n",
+ __func__, oid_to_string(oid), respoffs, buflen);
ret = -EINVAL;
goto exit_unlock;
}
- if ((resplen + respoffs) > buflen) {
- /* Device would have returned more data if buffer would
- * have been big enough. Copy just the bits that we got.
- */
- copylen = buflen - respoffs;
- } else {
- copylen = resplen;
- }
+ copylen = min(resplen, buflen - respoffs);
if (copylen > *len)
copylen = *len;
--
1.8.3.1
1
0
17 Jan '23
From: Szymon Heidrich <szymon.heidrich(a)gmail.com>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AQJP
CVE: CVE-2023-23559
Reference: https://patchwork.kernel.org/project/linux-wireless/patch/20230111175031.70…
-------------------------------
Since resplen and respoffs are signed integers sufficiently
large values of unsigned int len and offset members of RNDIS
response will result in negative values of prior variables.
This may be utilized to bypass implemented security checks
to either extract memory contents by manipulating offset or
overflow the data buffer via memcpy by manipulating both
offset and len.
Additionally assure that sum of resplen and respoffs does not
overflow so buffer boundaries are kept.
Fixes: 80f8c5b434f9 ("rndis_wlan: copy only useful data from rndis_command respond")
Signed-off-by: Szymon Heidrich <szymon.heidrich(a)gmail.com>
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
drivers/net/wireless/rndis_wlan.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index 75b5d54..dc076d8 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -694,8 +694,8 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
struct rndis_query *get;
struct rndis_query_c *get_c;
} u;
- int ret, buflen;
- int resplen, respoffs, copylen;
+ int ret;
+ size_t buflen, resplen, respoffs, copylen;
buflen = *len + sizeof(*u.get);
if (buflen < CONTROL_BUFFER_SIZE)
@@ -730,22 +730,15 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
if (respoffs > buflen) {
/* Device returned data offset outside buffer, error. */
- netdev_dbg(dev->net, "%s(%s): received invalid "
- "data offset: %d > %d\n", __func__,
- oid_to_string(oid), respoffs, buflen);
+ netdev_dbg(dev->net,
+ "%s(%s): received invalid data offset: %zu > %zu\n",
+ __func__, oid_to_string(oid), respoffs, buflen);
ret = -EINVAL;
goto exit_unlock;
}
- if ((resplen + respoffs) > buflen) {
- /* Device would have returned more data if buffer would
- * have been big enough. Copy just the bits that we got.
- */
- copylen = buflen - respoffs;
- } else {
- copylen = resplen;
- }
+ copylen = min(resplen, buflen - respoffs);
if (copylen > *len)
copylen = *len;
--
1.8.3.1
1
0
17 Jan '23
From: Szymon Heidrich <szymon.heidrich(a)gmail.com>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AQJP
CVE: CVE-2023-23559
Reference: https://patchwork.kernel.org/project/linux-wireless/patch/20230111175031.70…
-------------------------------
Since resplen and respoffs are signed integers sufficiently
large values of unsigned int len and offset members of RNDIS
response will result in negative values of prior variables.
This may be utilized to bypass implemented security checks
to either extract memory contents by manipulating offset or
overflow the data buffer via memcpy by manipulating both
offset and len.
Additionally assure that sum of resplen and respoffs does not
overflow so buffer boundaries are kept.
Fixes: 80f8c5b434f9 ("rndis_wlan: copy only useful data from rndis_command respond")
Signed-off-by: Szymon Heidrich <szymon.heidrich(a)gmail.com>
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
drivers/net/wireless/rndis_wlan.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index 51e4e92..0bbeb61 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -712,8 +712,8 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
struct rndis_query *get;
struct rndis_query_c *get_c;
} u;
- int ret, buflen;
- int resplen, respoffs, copylen;
+ int ret;
+ size_t buflen, resplen, respoffs, copylen;
buflen = *len + sizeof(*u.get);
if (buflen < CONTROL_BUFFER_SIZE)
@@ -748,22 +748,15 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
if (respoffs > buflen) {
/* Device returned data offset outside buffer, error. */
- netdev_dbg(dev->net, "%s(%s): received invalid "
- "data offset: %d > %d\n", __func__,
- oid_to_string(oid), respoffs, buflen);
+ netdev_dbg(dev->net,
+ "%s(%s): received invalid data offset: %zu > %zu\n",
+ __func__, oid_to_string(oid), respoffs, buflen);
ret = -EINVAL;
goto exit_unlock;
}
- if ((resplen + respoffs) > buflen) {
- /* Device would have returned more data if buffer would
- * have been big enough. Copy just the bits that we got.
- */
- copylen = buflen - respoffs;
- } else {
- copylen = resplen;
- }
+ copylen = min(resplen, buflen - respoffs);
if (copylen > *len)
copylen = *len;
--
1.8.3.1
1
0
From: Szymon Heidrich <szymon.heidrich(a)gmail.com>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AQJP
CVE: CVE-2023-23559
Reference: https://patchwork.kernel.org/project/linux-wireless/patch/20230111175031.70…
-------------------------------
Since resplen and respoffs are signed integers sufficiently
large values of unsigned int len and offset members of RNDIS
response will result in negative values of prior variables.
This may be utilized to bypass implemented security checks
to either extract memory contents by manipulating offset or
overflow the data buffer via memcpy by manipulating both
offset and len.
Additionally assure that sum of resplen and respoffs does not
overflow so buffer boundaries are kept.
Fixes: 80f8c5b434f9 ("rndis_wlan: copy only useful data from rndis_command respond")
Signed-off-by: Szymon Heidrich <szymon.heidrich(a)gmail.com>
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
drivers/net/wireless/rndis_wlan.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index 51e4e92..0bbeb61 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -712,8 +712,8 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
struct rndis_query *get;
struct rndis_query_c *get_c;
} u;
- int ret, buflen;
- int resplen, respoffs, copylen;
+ int ret;
+ size_t buflen, resplen, respoffs, copylen;
buflen = *len + sizeof(*u.get);
if (buflen < CONTROL_BUFFER_SIZE)
@@ -748,22 +748,15 @@ static int rndis_query_oid(struct usbnet *dev, u32 oid, void *data, int *len)
if (respoffs > buflen) {
/* Device returned data offset outside buffer, error. */
- netdev_dbg(dev->net, "%s(%s): received invalid "
- "data offset: %d > %d\n", __func__,
- oid_to_string(oid), respoffs, buflen);
+ netdev_dbg(dev->net,
+ "%s(%s): received invalid data offset: %zu > %zu\n",
+ __func__, oid_to_string(oid), respoffs, buflen);
ret = -EINVAL;
goto exit_unlock;
}
- if ((resplen + respoffs) > buflen) {
- /* Device would have returned more data if buffer would
- * have been big enough. Copy just the bits that we got.
- */
- copylen = buflen - respoffs;
- } else {
- copylen = resplen;
- }
+ copylen = min(resplen, buflen - respoffs);
if (copylen > *len)
copylen = *len;
--
1.8.3.1
1
0
16 Jan '23
Tong Tiangen (2):
arm64: fix return value type of memcpy_mcs()
kasan: add kasan support for memcpy_mcs()
arch/arm64/include/asm/string.h | 4 ++--
mm/kasan/common.c | 12 ++++++++++++
2 files changed, 14 insertions(+), 2 deletions(-)
--
2.25.1
1
2
Tong Tiangen (2):
arm64: fix return value type of memcpy_mcs()
kasan: add kasan support for memcpy_mcs()
arch/arm64/include/asm/string.h | 4 ++--
mm/kasan/common.c | 12 ++++++++++++
2 files changed, 14 insertions(+), 2 deletions(-)
--
2.25.1
1
2
[PATCH openEuler-22.03-LTS] selftests/rseq: check if libc rseq support is registered
by MinMin Ren 12 Jan '23
by MinMin Ren 12 Jan '23
12 Jan '23
From: Michael Jeanson <mjeanson(a)efficios.com>
mainline inclusion
from mainline-v6.0-rc1
commit d1a997ba4c1bf65497d956aea90de42a6398f73a
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I69PT8
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit d1a997ba4c1bf65497d956aea90de42a6398f73a upstream.
When checking for libc rseq support in the library constructor, don't
only depend on the symbols presence, check that the registration was
completed.
This targets a scenario where the libc has rseq support but it is not
wired for the current architecture in 'bits/rseq.h', we want to fallback
to our internal registration mechanism.
Signed-off-by: Michael Jeanson <mjeanson(a)efficios.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org>
Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com>
Link: https://lore.kernel.org/r/20220614154830.1367382-4-mjeanson@efficios.com
Signed-off-by: rminmin <rmm0811(a)gmail.com>
---
tools/testing/selftests/rseq/rseq.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/rseq/rseq.c b/tools/testing/selftests/rseq/rseq.c
index 986b9458efb2..4177f9507bbe 100644
--- a/tools/testing/selftests/rseq/rseq.c
+++ b/tools/testing/selftests/rseq/rseq.c
@@ -111,7 +111,8 @@ void rseq_init(void)
libc_rseq_offset_p = dlsym(RTLD_NEXT, "__rseq_offset");
libc_rseq_size_p = dlsym(RTLD_NEXT, "__rseq_size");
libc_rseq_flags_p = dlsym(RTLD_NEXT, "__rseq_flags");
- if (libc_rseq_size_p && libc_rseq_offset_p && libc_rseq_flags_p) {
+ if (libc_rseq_size_p && libc_rseq_offset_p && libc_rseq_flags_p &&
+ *libc_rseq_size_p != 0) {
/* rseq registration owned by glibc */
rseq_offset = *libc_rseq_offset_p;
rseq_size = *libc_rseq_size_p;
--
2.33.0
1
0
[PATCH openEuler-1.0-LTS 1/6] crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()
by Yongqiang Liu 11 Jan '23
by Yongqiang Liu 11 Jan '23
11 Jan '23
From: Ard Biesheuvel <ardb(a)kernel.org>
stable inclusion
from stable-v4.19.164
commit 85637bc064f4fd5539d4173798d8cb55dde7fc0a
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65ZD2
CVE: NA
--------------------------------
commit 17858b140bf49961b71d4e73f1c3ea9bc8e7dda0 upstream.
ecdh_set_secret() casts a void* pointer to a const u64* in order to
feed it into ecc_is_key_valid(). This is not generally permitted by
the C standard, and leads to actual misalignment faults on ARMv6
cores. In some cases, these are fixed up in software, but this still
leads to performance hits that are entirely avoidable.
So let's copy the key into the ctx buffer first, which we will do
anyway in the common case, and which guarantees correct alignment.
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org>
Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: GUO Zihua <guozihua(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
crypto/ecdh.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/crypto/ecdh.c b/crypto/ecdh.c
index bf6300175b9c..a6e1a5d43fa7 100644
--- a/crypto/ecdh.c
+++ b/crypto/ecdh.c
@@ -57,12 +57,13 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf,
return ecc_gen_privkey(ctx->curve_id, ctx->ndigits,
ctx->private_key);
- if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits,
- (const u64 *)params.key, params.key_size) < 0)
- return -EINVAL;
-
memcpy(ctx->private_key, params.key, params.key_size);
+ if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits,
+ ctx->private_key, params.key_size) < 0) {
+ memzero_explicit(ctx->private_key, params.key_size);
+ return -EINVAL;
+ }
return 0;
}
--
2.25.1
1
5
[PATCH openEuler-1.0-LTS 01/13] audit: fix undefined behavior in bit shift for AUDIT_BIT
by Yongqiang Liu 11 Jan '23
by Yongqiang Liu 11 Jan '23
11 Jan '23
From: Gaosheng Cui <cuigaosheng1(a)huawei.com>
stable inclusion
from stable-v4.19.268
commit bbd0427fc0241bccb2c56235cbaad9fd63cd615b
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I69KBO
CVE: NA
--------------------------------
[ Upstream commit 986d93f55bdeab1cac858d1e47b41fac10b2d7f6 ]
Shifting signed 32-bit value by 31 bits is undefined, so changing
significant bit to unsigned. The UBSAN warning calltrace like below:
UBSAN: shift-out-of-bounds in kernel/auditfilter.c:179:23
left shift of 1 by 31 places cannot be represented in type 'int'
Call Trace:
<TASK>
dump_stack_lvl+0x7d/0xa5
dump_stack+0x15/0x1b
ubsan_epilogue+0xe/0x4e
__ubsan_handle_shift_out_of_bounds+0x1e7/0x20c
audit_register_class+0x9d/0x137
audit_classes_init+0x4d/0xb8
do_one_initcall+0x76/0x430
kernel_init_freeable+0x3b3/0x422
kernel_init+0x24/0x1e0
ret_from_fork+0x1f/0x30
</TASK>
Signed-off-by: Gaosheng Cui <cuigaosheng1(a)huawei.com>
[PM: remove bad 'Fixes' tag as issue predates git, added in v2.6.6-rc1]
Signed-off-by: Paul Moore <paul(a)paul-moore.com>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/uapi/linux/audit.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 818ae690ab79..b163911b1d39 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -177,7 +177,7 @@
#define AUDIT_MAX_KEY_LEN 256
#define AUDIT_BITMASK_SIZE 64
#define AUDIT_WORD(nr) ((__u32)((nr)/32))
-#define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32))
+#define AUDIT_BIT(nr) (1U << ((nr) - AUDIT_WORD(nr)*32))
#define AUDIT_SYSCALL_CLASSES 16
#define AUDIT_CLASS_DIR_WRITE 0
--
2.25.1
1
12
[PATCH openEuler-1.0-LTS 1/2] USB: core: Prevent nested device-reset calls
by Yongqiang Liu 11 Jan '23
by Yongqiang Liu 11 Jan '23
11 Jan '23
From: Alan Stern <stern(a)rowland.harvard.edu>
stable inclusion
from stable-v4.19.258
commit cc9a12e12808af178c600cc485338bac2e37d2a8
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I675RE
CVE: CVE-2022-4662
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit 9c6d778800b921bde3bff3cff5003d1650f942d1 upstream.
Automatic kernel fuzzing revealed a recursive locking violation in
usb-storage:
============================================
WARNING: possible recursive locking detected
5.18.0 #3 Not tainted
--------------------------------------------
kworker/1:3/1205 is trying to acquire lock:
ffff888018638db8 (&us_interface_key[i]){+.+.}-{3:3}, at:
usb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230
but task is already holding lock:
ffff888018638db8 (&us_interface_key[i]){+.+.}-{3:3}, at:
usb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230
...
stack backtrace:
CPU: 1 PID: 1205 Comm: kworker/1:3 Not tainted 5.18.0 #3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.13.0-1ubuntu1.1 04/01/2014
Workqueue: usb_hub_wq hub_event
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
print_deadlock_bug kernel/locking/lockdep.c:2988 [inline]
check_deadlock kernel/locking/lockdep.c:3031 [inline]
validate_chain kernel/locking/lockdep.c:3816 [inline]
__lock_acquire.cold+0x152/0x3ca kernel/locking/lockdep.c:5053
lock_acquire kernel/locking/lockdep.c:5665 [inline]
lock_acquire+0x1ab/0x520 kernel/locking/lockdep.c:5630
__mutex_lock_common kernel/locking/mutex.c:603 [inline]
__mutex_lock+0x14f/0x1610 kernel/locking/mutex.c:747
usb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230
usb_reset_device+0x37d/0x9a0 drivers/usb/core/hub.c:6109
r871xu_dev_remove+0x21a/0x270 drivers/staging/rtl8712/usb_intf.c:622
usb_unbind_interface+0x1bd/0x890 drivers/usb/core/driver.c:458
device_remove drivers/base/dd.c:545 [inline]
device_remove+0x11f/0x170 drivers/base/dd.c:537
__device_release_driver drivers/base/dd.c:1222 [inline]
device_release_driver_internal+0x1a7/0x2f0 drivers/base/dd.c:1248
usb_driver_release_interface+0x102/0x180 drivers/usb/core/driver.c:627
usb_forced_unbind_intf+0x4d/0xa0 drivers/usb/core/driver.c:1118
usb_reset_device+0x39b/0x9a0 drivers/usb/core/hub.c:6114
This turned out not to be an error in usb-storage but rather a nested
device reset attempt. That is, as the rtl8712 driver was being
unbound from a composite device in preparation for an unrelated USB
reset (that driver does not have pre_reset or post_reset callbacks),
its ->remove routine called usb_reset_device() -- thus nesting one
reset call within another.
Performing a reset as part of disconnect processing is a questionable
practice at best. However, the bug report points out that the USB
core does not have any protection against nested resets. Adding a
reset_in_progress flag and testing it will prevent such errors in the
future.
Link: https://lore.kernel.org/all/CAB7eexKUpvX-JNiLzhXBDWgfg2T9e9_0Tw4HQ6keN==voR…
Cc: stable(a)vger.kernel.org
Reported-and-tested-by: Rondreis <linhaoguo86(a)gmail.com>
Signed-off-by: Alan Stern <stern(a)rowland.harvard.edu>
Link: https://lore.kernel.org/r/YwkflDxvg0KWqyZK@rowland.harvard.edu
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Yuyao Lin <linyuyao1(a)huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/usb/core/hub.c | 10 ++++++++++
include/linux/usb.h | 2 ++
2 files changed, 12 insertions(+)
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
index adc8e3a0138f..b983a333ca32 100644
--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
@@ -5747,6 +5747,11 @@ static int usb_reset_and_verify_device(struct usb_device *udev)
* the reset is over (using their post_reset method).
*
* Return: The same as for usb_reset_and_verify_device().
+ * However, if a reset is already in progress (for instance, if a
+ * driver doesn't have pre_ or post_reset() callbacks, and while
+ * being unbound or re-bound during the ongoing reset its disconnect()
+ * or probe() routine tries to perform a second, nested reset), the
+ * routine returns -EINPROGRESS.
*
* Note:
* The caller must own the device lock. For example, it's safe to use
@@ -5780,6 +5785,10 @@ int usb_reset_device(struct usb_device *udev)
return -EISDIR;
}
+ if (udev->reset_in_progress)
+ return -EINPROGRESS;
+ udev->reset_in_progress = 1;
+
port_dev = hub->ports[udev->portnum - 1];
/*
@@ -5844,6 +5853,7 @@ int usb_reset_device(struct usb_device *udev)
usb_autosuspend_device(udev);
memalloc_noio_restore(noio_flag);
+ udev->reset_in_progress = 0;
return ret;
}
EXPORT_SYMBOL_GPL(usb_reset_device);
diff --git a/include/linux/usb.h b/include/linux/usb.h
index 3e1e31f73d0e..317eedae1c10 100644
--- a/include/linux/usb.h
+++ b/include/linux/usb.h
@@ -580,6 +580,7 @@ struct usb3_lpm_parameters {
* @level: number of USB hub ancestors
* @can_submit: URBs may be submitted
* @persist_enabled: USB_PERSIST enabled for this device
+ * @reset_in_progress: the device is being reset
* @have_langid: whether string_langid is valid
* @authorized: policy has said we can use it;
* (user space) policy determines if we authorize this device to be
@@ -664,6 +665,7 @@ struct usb_device {
unsigned can_submit:1;
unsigned persist_enabled:1;
+ unsigned reset_in_progress:1;
unsigned have_langid:1;
unsigned authorized:1;
unsigned authenticated:1;
--
2.25.1
1
1
[PATCH openEuler-1.0-LTS 1/8] mm/hwpoison: do not lock page again when me_huge_page() successfully recovers
by Yongqiang Liu 11 Jan '23
by Yongqiang Liu 11 Jan '23
11 Jan '23
From: Naoya Horiguchi <naoya.horiguchi(a)nec.com>
mainline inclusion
from mainline-v5.13
commit ea6d0630100b285f059d0a8d8e86f38a46407536
category: bugfix
bugzilla: 188222, https://gitee.com/openeuler/kernel/issues/I69SHF
CVE: NA
--------------------------------
Currently me_huge_page() temporary unlocks page to perform some actions
then locks it again later. My testcase (which calls hard-offline on
some tail page in a hugetlb, then accesses the address of the hugetlb
range) showed that page allocation code detects this page lock on buddy
page and printed out "BUG: Bad page state" message.
check_new_page_bad() does not consider a page with __PG_HWPOISON as bad
page, so this flag works as kind of filter, but this filtering doesn't
work in this case because the "bad page" is not the actual hwpoisoned
page. So stop locking page again. Actions to be taken depend on the
page type of the error, so page unlocking should be done in ->action()
callbacks. So let's make it assumed and change all existing callbacks
that way.
Link: https://lkml.kernel.org/r/20210609072029.74645-1-nao.horiguchi@gmail.com
Fixes: commit 78bb920344b8 ("mm: hwpoison: dissolve in-use hugepage in unrecoverable memory error")
Signed-off-by: Naoya Horiguchi <naoya.horiguchi(a)nec.com>
Cc: Oscar Salvador <osalvador(a)suse.de>
Cc: Michal Hocko <mhocko(a)suse.com>
Cc: Tony Luck <tony.luck(a)intel.com>
Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)linux.vnet.ibm.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org>
Signed-off-by: Ma Wupeng <mawupeng1(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
mm/memory-failure.c | 44 ++++++++++++++++++++++++++++++--------------
1 file changed, 30 insertions(+), 14 deletions(-)
diff --git a/mm/memory-failure.c b/mm/memory-failure.c
index 55c175f57223..9a816fdf812d 100644
--- a/mm/memory-failure.c
+++ b/mm/memory-failure.c
@@ -662,6 +662,7 @@ static int truncate_error_page(struct page *p, unsigned long pfn,
*/
static int me_kernel(struct page *p, unsigned long pfn)
{
+ unlock_page(p);
return MF_IGNORED;
}
@@ -671,6 +672,7 @@ static int me_kernel(struct page *p, unsigned long pfn)
static int me_unknown(struct page *p, unsigned long pfn)
{
pr_err("Memory failure: %#lx: Unknown page state\n", pfn);
+ unlock_page(p);
return MF_FAILED;
}
@@ -679,6 +681,7 @@ static int me_unknown(struct page *p, unsigned long pfn)
*/
static int me_pagecache_clean(struct page *p, unsigned long pfn)
{
+ int ret;
struct address_space *mapping;
delete_from_lru_cache(p);
@@ -687,8 +690,10 @@ static int me_pagecache_clean(struct page *p, unsigned long pfn)
* For anonymous pages we're done the only reference left
* should be the one m_f() holds.
*/
- if (PageAnon(p))
- return MF_RECOVERED;
+ if (PageAnon(p)) {
+ ret = MF_RECOVERED;
+ goto out;
+ }
/*
* Now truncate the page in the page cache. This is really
@@ -702,7 +707,8 @@ static int me_pagecache_clean(struct page *p, unsigned long pfn)
/*
* Page has been teared down in the meanwhile
*/
- return MF_FAILED;
+ ret = MF_FAILED;
+ goto out;
}
/*
@@ -710,7 +716,10 @@ static int me_pagecache_clean(struct page *p, unsigned long pfn)
*
* Open: to take i_mutex or not for this? Right now we don't.
*/
- return truncate_error_page(p, pfn, mapping);
+ ret = truncate_error_page(p, pfn, mapping);
+out:
+ unlock_page(p);
+ return ret;
}
/*
@@ -786,24 +795,26 @@ static int me_pagecache_dirty(struct page *p, unsigned long pfn)
*/
static int me_swapcache_dirty(struct page *p, unsigned long pfn)
{
+ int ret;
+
ClearPageDirty(p);
/* Trigger EIO in shmem: */
ClearPageUptodate(p);
- if (!delete_from_lru_cache(p))
- return MF_DELAYED;
- else
- return MF_FAILED;
+ ret = delete_from_lru_cache(p) ? MF_FAILED : MF_DELAYED;
+ unlock_page(p);
+ return ret;
}
static int me_swapcache_clean(struct page *p, unsigned long pfn)
{
+ int ret;
+
delete_from_swap_cache(p);
- if (!delete_from_lru_cache(p))
- return MF_RECOVERED;
- else
- return MF_FAILED;
+ ret = delete_from_lru_cache(p) ? MF_FAILED : MF_RECOVERED;
+ unlock_page(p);
+ return ret;
}
/*
@@ -824,6 +835,7 @@ static int me_huge_page(struct page *p, unsigned long pfn)
mapping = page_mapping(hpage);
if (mapping) {
res = truncate_error_page(hpage, pfn, mapping);
+ unlock_page(hpage);
} else {
res = MF_FAILED;
unlock_page(hpage);
@@ -838,7 +850,6 @@ static int me_huge_page(struct page *p, unsigned long pfn)
page_ref_inc(p);
res = MF_RECOVERED;
}
- lock_page(hpage);
}
return res;
@@ -871,6 +882,8 @@ static struct page_state {
unsigned long mask;
unsigned long res;
enum mf_action_page_type type;
+
+ /* Callback ->action() has to unlock the relevant page inside it. */
int (*action)(struct page *p, unsigned long pfn);
} error_states[] = {
{ reserved, reserved, MF_MSG_KERNEL, me_kernel },
@@ -935,6 +948,7 @@ static int page_action(struct page_state *ps, struct page *p,
int result;
int count;
+ /* page p should be unlocked after returning from ps->action(). */
result = ps->action(p, pfn);
count = page_count(p) - 1;
@@ -1235,7 +1249,7 @@ static int memory_failure_hugetlb(unsigned long pfn, int flags)
goto out;
}
- res = identify_page_state(pfn, p, page_flags);
+ return identify_page_state(pfn, p, page_flags);
out:
unlock_page(head);
return res;
@@ -1533,6 +1547,8 @@ int memory_failure(unsigned long pfn, int flags)
identify_page_state:
res = identify_page_state(pfn, p, page_flags);
+ mutex_unlock(&mf_mutex);
+ return res;
unlock_page:
unlock_page(p);
unlock_mutex:
--
2.25.1
1
7
您好!
Kernel SIG 邀请您参加 2023-01-13 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG双周例会
会议内容:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
会议链接:https://us06web.zoom.us/j/82433422280?pwd=S2FtQmg2cTVJdUpZeExoOGNyRzlUQT09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2023-01-13 14:00,
The subject of the conference is openEuler Kernel SIG双周例会,
Summary:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/82433422280?pwd=S2FtQmg2cTVJdUpZeExoOGNyRzlUQT09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
[PATCH openEuler-5.10-LTS 1/5] USB: core: Prevent nested device-reset calls
by Jialin Zhang 11 Jan '23
by Jialin Zhang 11 Jan '23
11 Jan '23
From: Alan Stern <stern(a)rowland.harvard.edu>
mainline inclusion
from mainline-v6.0-rc4
commit 9c6d778800b921bde3bff3cff5003d1650f942d1
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I675RE
CVE: CVE-2022-4662
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
Automatic kernel fuzzing revealed a recursive locking violation in
usb-storage:
============================================
WARNING: possible recursive locking detected
5.18.0 #3 Not tainted
--------------------------------------------
kworker/1:3/1205 is trying to acquire lock:
ffff888018638db8 (&us_interface_key[i]){+.+.}-{3:3}, at:
usb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230
but task is already holding lock:
ffff888018638db8 (&us_interface_key[i]){+.+.}-{3:3}, at:
usb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230
...
stack backtrace:
CPU: 1 PID: 1205 Comm: kworker/1:3 Not tainted 5.18.0 #3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.13.0-1ubuntu1.1 04/01/2014
Workqueue: usb_hub_wq hub_event
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
print_deadlock_bug kernel/locking/lockdep.c:2988 [inline]
check_deadlock kernel/locking/lockdep.c:3031 [inline]
validate_chain kernel/locking/lockdep.c:3816 [inline]
__lock_acquire.cold+0x152/0x3ca kernel/locking/lockdep.c:5053
lock_acquire kernel/locking/lockdep.c:5665 [inline]
lock_acquire+0x1ab/0x520 kernel/locking/lockdep.c:5630
__mutex_lock_common kernel/locking/mutex.c:603 [inline]
__mutex_lock+0x14f/0x1610 kernel/locking/mutex.c:747
usb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230
usb_reset_device+0x37d/0x9a0 drivers/usb/core/hub.c:6109
r871xu_dev_remove+0x21a/0x270 drivers/staging/rtl8712/usb_intf.c:622
usb_unbind_interface+0x1bd/0x890 drivers/usb/core/driver.c:458
device_remove drivers/base/dd.c:545 [inline]
device_remove+0x11f/0x170 drivers/base/dd.c:537
__device_release_driver drivers/base/dd.c:1222 [inline]
device_release_driver_internal+0x1a7/0x2f0 drivers/base/dd.c:1248
usb_driver_release_interface+0x102/0x180 drivers/usb/core/driver.c:627
usb_forced_unbind_intf+0x4d/0xa0 drivers/usb/core/driver.c:1118
usb_reset_device+0x39b/0x9a0 drivers/usb/core/hub.c:6114
This turned out not to be an error in usb-storage but rather a nested
device reset attempt. That is, as the rtl8712 driver was being
unbound from a composite device in preparation for an unrelated USB
reset (that driver does not have pre_reset or post_reset callbacks),
its ->remove routine called usb_reset_device() -- thus nesting one
reset call within another.
Performing a reset as part of disconnect processing is a questionable
practice at best. However, the bug report points out that the USB
core does not have any protection against nested resets. Adding a
reset_in_progress flag and testing it will prevent such errors in the
future.
Link: https://lore.kernel.org/all/CAB7eexKUpvX-JNiLzhXBDWgfg2T9e9_0Tw4HQ6keN==voR…
Cc: stable(a)vger.kernel.org
Reported-and-tested-by: Rondreis <linhaoguo86(a)gmail.com>
Signed-off-by: Alan Stern <stern(a)rowland.harvard.edu>
Link: https://lore.kernel.org/r/YwkflDxvg0KWqyZK@rowland.harvard.edu
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Yuyao Lin <linyuyao1(a)huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
---
drivers/usb/core/hub.c | 10 ++++++++++
include/linux/usb.h | 2 ++
2 files changed, 12 insertions(+)
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
index 18ee3914b468..53b3d77fba6a 100644
--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
@@ -5967,6 +5967,11 @@ static int usb_reset_and_verify_device(struct usb_device *udev)
* the reset is over (using their post_reset method).
*
* Return: The same as for usb_reset_and_verify_device().
+ * However, if a reset is already in progress (for instance, if a
+ * driver doesn't have pre_ or post_reset() callbacks, and while
+ * being unbound or re-bound during the ongoing reset its disconnect()
+ * or probe() routine tries to perform a second, nested reset), the
+ * routine returns -EINPROGRESS.
*
* Note:
* The caller must own the device lock. For example, it's safe to use
@@ -6000,6 +6005,10 @@ int usb_reset_device(struct usb_device *udev)
return -EISDIR;
}
+ if (udev->reset_in_progress)
+ return -EINPROGRESS;
+ udev->reset_in_progress = 1;
+
port_dev = hub->ports[udev->portnum - 1];
/*
@@ -6064,6 +6073,7 @@ int usb_reset_device(struct usb_device *udev)
usb_autosuspend_device(udev);
memalloc_noio_restore(noio_flag);
+ udev->reset_in_progress = 0;
return ret;
}
EXPORT_SYMBOL_GPL(usb_reset_device);
diff --git a/include/linux/usb.h b/include/linux/usb.h
index d6a41841b93e..a093667991bb 100644
--- a/include/linux/usb.h
+++ b/include/linux/usb.h
@@ -580,6 +580,7 @@ struct usb3_lpm_parameters {
* @devaddr: device address, XHCI: assigned by HW, others: same as devnum
* @can_submit: URBs may be submitted
* @persist_enabled: USB_PERSIST enabled for this device
+ * @reset_in_progress: the device is being reset
* @have_langid: whether string_langid is valid
* @authorized: policy has said we can use it;
* (user space) policy determines if we authorize this device to be
@@ -665,6 +666,7 @@ struct usb_device {
unsigned can_submit:1;
unsigned persist_enabled:1;
+ unsigned reset_in_progress:1;
unsigned have_langid:1;
unsigned authorized:1;
unsigned authenticated:1;
--
2.25.1
1
4
[PATCH openEuler-1.0-LTS] arm64: Kconfig: default unset ARCH_LLC_128_LINE_SIZE
by Laibin Qiu 11 Jan '23
by Laibin Qiu 11 Jan '23
11 Jan '23
From: Wang ShaoBo <bobo.shaobowang(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I47W8L
CVE: NA
---------------------------
This patch default set CONFIG_ARCH_LLC_128_LINE_SIZE=n.
Signed-off-by: Wang ShaoBo <bobo.shaobowang(a)huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com>
Signed-off-by: Laibin Qiu <qiulaibin(a)huawei.com>
---
arch/arm64/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 927d6666770e..003e333ad864 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -928,7 +928,7 @@ config ARCH_HAS_CACHE_LINE_SIZE
config ARCH_LLC_128_LINE_SIZE
bool "Force 128 bytes alignment for fitting LLC cacheline"
depends on ARM64
- default y
+ default n
help
As specific machine's LLC cacheline size may be up to
128 bytes, gaining performance improvement from fitting
--
2.25.1
1
0
10 Jan '23
From: Zhou Guanghui <zhouguanghui1(a)huawei.com>
ascend inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I67NC1
CVE: NA
------------------------------------------
Add header file will generates kabi change problem. Clean up by
__GENKSYMS__.
Signed-off-by: Zhou Guanghui <zhouguanghui1(a)huawei.com>
Reviewed-by: Weilong Chen <chenweilong(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/linux/share_pool.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/include/linux/share_pool.h b/include/linux/share_pool.h
index 2ebfb3d5be13..974082a6747e 100644
--- a/include/linux/share_pool.h
+++ b/include/linux/share_pool.h
@@ -8,8 +8,11 @@
#include <linux/printk.h>
#include <linux/hashtable.h>
#include <linux/numa.h>
+
+#if defined(CONFIG_ASCEND_SHARE_POOL) && !defined(__GENKSYMS__)
#include <linux/hugetlb.h>
#include <linux/memcontrol.h>
+#endif
#define SP_HUGEPAGE (1 << 0)
#define SP_HUGEPAGE_ONLY (1 << 1)
--
2.25.1
1
0
10 Jan '23
From: Tony Lu <tonylu(a)linux.alibaba.com>
anolis inclusion
from devel-5.10-v5.10.134-12
commit b90e28f7170e1ae40c572f9f80a50bbdc8f8b99f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I697AN
CVE: NA
Reference: https://gitee.com/anolis/cloud-kernel/commit/b90e28f7170e1ae40c572f9f80a50b…
---------------------------
OpenAnolis Bug Tracker:0000282
This is achieved by broadcasting ARP or ND packets to all of its slave
devices on transmit side. The switch will take further actions based on
proper configuration.
A new sysctl knob "net.bonding.broadcast_arp_or_nd" is introduced which
controls the behaviour of broadcasting.
Signed-off-by: Tony Lu <tonylu(a)linux.alibaba.com>
Acked-by: Dust Li <dust.li(a)linux.alibaba.com>
Signed-off-by: Qiao Ma <mqaio(a)linux.alibaba.com>
Reviewed-by: Shile Zhang <shile.zhang(a)linux.alibaba.com>
Acked-by: Dust Li <dust.li(a)linux.alibaba.com>
Signed-off-by: Wang Yufen <wangyufen(a)huawei.com>
---
Documentation/networking/ip-sysctl.rst | 11 ++++++++++
drivers/net/bonding/Makefile | 2 +-
drivers/net/bonding/bond_main.c | 40 ++++++++++++++++++++++++++++++++++
drivers/net/bonding/bond_sysctl.c | 32 +++++++++++++++++++++++++++
include/net/bonding.h | 4 ++++
5 files changed, 88 insertions(+), 1 deletion(-)
create mode 100644 drivers/net/bonding/bond_sysctl.c
diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
index 4822a05..4953fa9 100644
--- a/Documentation/networking/ip-sysctl.rst
+++ b/Documentation/networking/ip-sysctl.rst
@@ -2656,3 +2656,14 @@ max_dgram_qlen - INTEGER
Default: 10
+
+``/proc/sys/net/bonding/*``
+========================
+
+broadcast_arp_or_nd - INTEGER
+ Control broadcasting ARP or ND messages to all slaves
+
+ 0: Not broadcasting
+ 1: Broadcasting
+
+ Default: 0
diff --git a/drivers/net/bonding/Makefile b/drivers/net/bonding/Makefile
index 30e8ae3..9dd55d9 100644
--- a/drivers/net/bonding/Makefile
+++ b/drivers/net/bonding/Makefile
@@ -5,7 +5,7 @@
obj-$(CONFIG_BONDING) += bonding.o
-bonding-objs := bond_main.o bond_3ad.o bond_alb.o bond_sysfs.o bond_sysfs_slave.o bond_debugfs.o bond_netlink.o bond_options.o
+bonding-objs := bond_main.o bond_3ad.o bond_alb.o bond_sysfs.o bond_sysfs_slave.o bond_debugfs.o bond_netlink.o bond_options.o bond_sysctl.o
proc-$(CONFIG_PROC_FS) += bond_procfs.o
bonding-objs += $(proc-y)
diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c
index d382790..4d534d5 100644
--- a/drivers/net/bonding/bond_main.c
+++ b/drivers/net/bonding/bond_main.c
@@ -4532,6 +4532,39 @@ int bond_update_slave_arr(struct bonding *bond, struct slave *skipslave)
return ret;
}
+/* Check whether the skb is arp or nd msg */
+static inline bool skb_is_arp_or_nd(struct sk_buff *skb)
+{
+ switch (ntohs(skb->protocol)) {
+ case ETH_P_ARP:
+ return true;
+ case ETH_P_IPV6:
+ if (pskb_may_pull(skb, sizeof(struct ipv6hdr) +
+ sizeof(struct nd_msg))) {
+ struct ipv6hdr *hdr = ipv6_hdr(skb);
+ u8 nexthdr = hdr->nexthdr;
+ struct icmp6hdr *icmp6;
+
+ if (nexthdr == IPPROTO_ICMPV6) {
+ icmp6 = icmp6_hdr(skb);
+
+ if ((icmp6->icmp6_type ==
+ NDISC_NEIGHBOUR_SOLICITATION ||
+ icmp6->icmp6_type ==
+ NDISC_NEIGHBOUR_ADVERTISEMENT) &&
+ icmp6->icmp6_code == 0) {
+ return true;
+ }
+ }
+ }
+ }
+
+ return false;
+}
+
+static netdev_tx_t bond_xmit_broadcast(struct sk_buff *skb,
+ struct net_device *bond_dev);
+
static struct slave *bond_xmit_3ad_xor_slave_get(struct bonding *bond,
struct sk_buff *skb,
struct bond_up_slave *slaves)
@@ -4560,6 +4593,10 @@ static netdev_tx_t bond_3ad_xor_xmit(struct sk_buff *skb,
struct bond_up_slave *slaves;
struct slave *slave;
+ /* Broadcast to all slaves. */
+ if (sysctl_bond_broadcast_arp_or_nd && skb_is_arp_or_nd(skb))
+ return bond_xmit_broadcast(skb, dev);
+
slaves = rcu_dereference(bond->usable_slaves);
slave = bond_xmit_3ad_xor_slave_get(bond, skb, slaves);
if (likely(slave))
@@ -5476,6 +5513,7 @@ static int __init bonding_init(void)
goto err_link;
bond_create_debugfs();
+ bond_create_sysctl();
for (i = 0; i < max_bonds; i++) {
res = bond_create(&init_net, NULL);
@@ -5492,6 +5530,7 @@ static int __init bonding_init(void)
return res;
err:
bond_destroy_debugfs();
+ bond_destroy_sysctl();
bond_netlink_fini();
err_link:
unregister_pernet_subsys(&bond_net_ops);
@@ -5504,6 +5543,7 @@ static void __exit bonding_exit(void)
unregister_netdevice_notifier(&bond_netdev_notifier);
bond_destroy_debugfs();
+ bond_destroy_sysctl();
bond_netlink_fini();
unregister_pernet_subsys(&bond_net_ops);
diff --git a/drivers/net/bonding/bond_sysctl.c b/drivers/net/bonding/bond_sysctl.c
new file mode 100644
index 00000000..17404d3
--- /dev/null
+++ b/drivers/net/bonding/bond_sysctl.c
@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: GPL-2.0
+#include <net/net_namespace.h>
+#include <linux/sysctl.h>
+#include <net/bonding.h>
+
+int sysctl_bond_broadcast_arp_or_nd __read_mostly;
+EXPORT_SYMBOL(sysctl_bond_broadcast_arp_or_nd);
+
+struct ctl_table_header *bond_broadcast_arp_or_nd_table_header;
+
+static struct ctl_table bond_broadcast_arp_or_nd_table[] = {
+ {
+ .procname = "broadcast_arp_or_nd",
+ .data = &sysctl_bond_broadcast_arp_or_nd,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = proc_dointvec,
+ },
+ {}
+};
+
+void bond_create_sysctl(void)
+{
+ bond_broadcast_arp_or_nd_table_header =
+ register_net_sysctl(&init_net, "net/bonding",
+ bond_broadcast_arp_or_nd_table);
+}
+
+void bond_destroy_sysctl(void)
+{
+ unregister_net_sysctl_table(bond_broadcast_arp_or_nd_table_header);
+}
diff --git a/include/net/bonding.h b/include/net/bonding.h
index 67d6760..6ea7a29 100644
--- a/include/net/bonding.h
+++ b/include/net/bonding.h
@@ -114,6 +114,8 @@ static inline int is_netpoll_tx_blocked(struct net_device *dev)
#define is_netpoll_tx_blocked(dev) (0)
#endif
+extern int sysctl_bond_broadcast_arp_or_nd;
+
struct bond_params {
int mode;
int xmit_policy;
@@ -659,6 +661,8 @@ struct bond_vlan_tag *bond_verify_device_path(struct net_device *start_dev,
int bond_update_slave_arr(struct bonding *bond, struct slave *skipslave);
void bond_slave_arr_work_rearm(struct bonding *bond, unsigned long delay);
void bond_work_init_all(struct bonding *bond);
+void bond_create_sysctl(void);
+void bond_destroy_sysctl(void);
#ifdef CONFIG_PROC_FS
void bond_create_proc_entry(struct bonding *bond);
--
1.8.3.1
1
0
[PATCH openEuler-1.0-LTS 1/4] kobject: Fix slab-out-of-bounds in fill_kobj_path()
by Yongqiang Liu 10 Jan '23
by Yongqiang Liu 10 Jan '23
10 Jan '23
From: Xia Fukun <xiafukun(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I697JG
CVE: NA
--------------------------------
In kobject_get_path(), if kobj->name is changed between calls
get_kobj_path_length() and fill_kobj_path() and the length becomes
longer, then fill_kobj_path() will have an out-of-bounds bug.
The actual current problem occurs when the ixgbe probe.
In ixgbe_mii_bus_init(), if the length of netdev->dev.kobj.name
length becomes longer, out-of-bounds will occur.
cpu0 cpu1
ixgbe_probe
register_netdev(netdev)
netdev_register_kobject
device_add
kobject_uevent // Sending ADD events
systemd-udevd // rename netdev
dev_change_name
device_rename
kobject_rename
ixgbe_mii_bus_init |
mdiobus_register |
__mdiobus_register |
device_register |
device_add |
kobject_uevent |
kobject_get_path |
len = get_kobj_path_length // old name |
path = kzalloc(len, gfp_mask); |
kobj->name = name;
/* name length becomes
* longer
*/
fill_kobj_path /* kobj path length is
* longer than path,
* resulting in out of
* bounds when filling path
*/
This is the kasan report:
==================================================================
BUG: KASAN: slab-out-of-bounds in fill_kobj_path+0x50/0xc0
Write of size 7 at addr ff1100090573d1fd by task kworker/28:1/673
Workqueue: events work_for_cpu_fn
Call Trace:
<TASK>
dump_stack_lvl+0x34/0x48
print_address_description.constprop.0+0x86/0x1e7
print_report+0x36/0x4f
kasan_report+0xad/0x130
kasan_check_range+0x35/0x1c0
memcpy+0x39/0x60
fill_kobj_path+0x50/0xc0
kobject_get_path+0x5a/0xc0
kobject_uevent_env+0x140/0x460
device_add+0x5c7/0x910
__mdiobus_register+0x14e/0x490
ixgbe_probe.cold+0x441/0x574 [ixgbe]
local_pci_probe+0x78/0xc0
work_for_cpu_fn+0x26/0x40
process_one_work+0x3b6/0x6a0
worker_thread+0x368/0x520
kthread+0x165/0x1a0
ret_from_fork+0x1f/0x30
This reproducer triggers that bug:
while:
do
rmmod ixgbe
sleep 0.5
modprobe ixgbe
sleep 0.5
When calling fill_kobj_path() to fill path, if the name length of
kobj becomes longer, return failure and retry. This fixes the problem.
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Wang Hai <wanghai38(a)huawei.com>
Signed-off-by: Xia Fukun <xiafukun(a)huawei.com>
Reviewed-by: songping yu <yusongping(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
lib/kobject.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/lib/kobject.c b/lib/kobject.c
index c82b88b2e860..d724a5dbcf9b 100644
--- a/lib/kobject.c
+++ b/lib/kobject.c
@@ -135,7 +135,7 @@ static int get_kobj_path_length(struct kobject *kobj)
return length;
}
-static void fill_kobj_path(struct kobject *kobj, char *path, int length)
+static int fill_kobj_path(struct kobject *kobj, char *path, int length)
{
struct kobject *parent;
@@ -144,12 +144,16 @@ static void fill_kobj_path(struct kobject *kobj, char *path, int length)
int cur = strlen(kobject_name(parent));
/* back up enough to print this name with '/' */
length -= cur;
+ if (length <= 0)
+ return -EINVAL;
memcpy(path + length, kobject_name(parent), cur);
*(path + --length) = '/';
}
pr_debug("kobject: '%s' (%p): %s: path = '%s'\n", kobject_name(kobj),
kobj, __func__, path);
+
+ return 0;
}
/**
@@ -165,13 +169,17 @@ char *kobject_get_path(struct kobject *kobj, gfp_t gfp_mask)
char *path;
int len;
+retry:
len = get_kobj_path_length(kobj);
if (len == 0)
return NULL;
path = kzalloc(len, gfp_mask);
if (!path)
return NULL;
- fill_kobj_path(kobj, path, len);
+ if (fill_kobj_path(kobj, path, len)) {
+ kfree(path);
+ goto retry;
+ }
return path;
}
--
2.25.1
1
3
[PATCH openEuler-1.0-LTS] timekeeping: Avoiding false sharing in field access of tk_core
by Laibin Qiu 10 Jan '23
by Laibin Qiu 10 Jan '23
10 Jan '23
From: Wang ShaoBo <bobo.shaobowang(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I47W8L
CVE: NA
---------------------------
We detect a performance deterioration when using Unixbench, we use the dichotomy to
locate the patch 7e66740ad725 ("MPAM / ACPI: Refactoring MPAM init process and set
MPAM ACPI as entrance"), In comparing two commit df5defd901ff ("KVM: X86: MMU: Use
the correct inherited permissions to get shadow page") and ac4dbb7554ef ("ACPI 6.x:
Add definitions for MPAM table") we get following testing result:
CMD: ./Run -c xx context1
RESULT:
+-------------UnixBench context1-----------+
+---------+--------------+-----------------+
+ + ac4dbb7554ef + df5defd901ff +
+---------+--------------+---------+-------+
+ Cores + Score + Score +
+---------+--------------+-----------------+
+ 1 + 522.8 + 535.7 +
+---------+--------------+-----------------+
+ 24 + 11231.5 + 12111.2 +
+---------+--------------+-----------------+
+ 48 + 8535.1 + 8745.1 +
+---------+--------------+-----------------+
+ 72 + 10821.9 + 10343.8 +
+---------+--------------+-----------------+
+ 96 + 15238.5 + 42947.8 +
+---------+--------------+-----------------+
We found a irrefutable difference in latency sampling when using the perf tool:
HEAD:ac4dbb7554ef HEAD:df5defd901ff
45.18% [kernel] [k] ktime_get_coarse_real_ts64 -> 1.78% [kernel] [k] ktime_get_coarse_real_ts64
...
65.87 │ dmb ishld //smp_rmb()
Through ftrace we get the calltrace and and detected the number of visits of
ktime_get_coarse_real_ts64, which frequently visits tk_core->seq and
tk_core->timekeeper->tkr_mono:
- 48.86% [kernel] [k] ktime_get_coarse_real_ts64
- 5.76% ktime_get_coarse_real_ts64 #about 111437657 times per 10 seconds
- 14.70% __audit_syscall_entry
syscall_trace_enter
el0_svc_common
el0_svc_handler
+ el0_svc
- 2.85% current_time
So this may be performance degradation caused by interference when happened different
fields access, We compare .bss and .data section of this two version:
HEAD:ac4dbb7554ef
`->
ffff00000962e680 l O .bss 0000000000000110 tk_core
ffff000009355680 l O .data 0000000000000078 tk_fast_mono
ffff0000093557a0 l O .data 0000000000000090 dummy_clock
ffff000009355700 l O .data 0000000000000078 tk_fast_raw
ffff000009355778 l O .data 0000000000000028 timekeeping_syscore_ops
ffff00000962e640 l O .bss 0000000000000008 cycles_at_suspend
HEAD:df5defd901ff
`->
ffff00000957dbc0 l O .bss 0000000000000110 tk_core
ffff0000092b4e80 l O .data 0000000000000078 tk_fast_mono
ffff0000092b4fa0 l O .data 0000000000000090 dummy_clock
ffff0000092b4f00 l O .data 0000000000000078 tk_fast_raw
ffff0000092b4f78 l O .data 0000000000000028 timekeeping_syscore_ops
ffff00000957db80 l O .bss 0000000000000008 cycles_at_suspend
By comparing this two version tk_core's address: ffff00000962e680 is 128Byte aligned
but latter df5defd901ff is 64Byte aligned, the memory storage layout of tk_core has
undergone subtle changes:
HEAD:ac4dbb7554ef
`-> |<--------formmer 64Bytes---------->|<------------latter 64Byte------------->|
0xffff00000957dbc0_>|<-seq 8Bytes->|<-tkr_mono 56Bytes->|<-thr_raw 56Bytes->|<-xtime_sec 8Bytes->|
0xffff00000957dc00_>...
HEAD:df5defd901ff
`-> |<------formmer 64Bytes---->|<------------latter 64Byte-------->|
0xffff00000962e680_>|<-Other variables 64Bytes->|<-seq 8Bytes->|<-tkr_mono 56Bytes->|
0xffff00000962e6c0_>..
We testified thr_raw,xtime_sec fields interfere strongly with seq,tkr_mono field because of
frequent load/store operation, this will cause as known false sharing.
We add a 64Bytes padding field in tk_core for reservation of any after usefull usage and
keep tk_core 128Byte aligned, this can avoid changes in the way tk_core's layout is stored,
In this solution, layout of tk_core always like this:
crash> struct -o tk_core_t
struct tk_core_t {
[0] u64 padding[8];
[64] seqcount_t seq;
[72] struct timekeeper timekeeper;
}
SIZE: 336
crash> struct -o timekeeper
struct timekeeper {
[0] struct tk_read_base tkr_mono;
[56] struct tk_read_base tkr_raw;
[112] u64 xtime_sec;
[120] unsigned long ktime_sec;
...
}
SIZE: 264
After appling our own solution:
+---------+--------------+
+ + Our solution +
+---------+--------------+
+ Cores + Score +
+---------+--------------+
+ 1 + 548.9 +
+---------+--------------+
+ 24 + 11018.3 +
+---------+--------------+
+ 48 + 8938.2 +
+---------+--------------+
+ 72 + 14610.7 +
+---------+--------------+
+ 96 + 40811.7 +
+---------+--------------+
Signed-off-by: Wang ShaoBo <bobo.shaobowang(a)huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com>
Signed-off-by: Laibin Qiu <qiulaibin(a)huawei.com>
---
arch/arm64/Kconfig | 9 +++++++++
arch/arm64/include/asm/cache.h | 6 ++++++
kernel/time/timekeeping.c | 7 +++++++
3 files changed, 22 insertions(+)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 0ad6ce436355..927d6666770e 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -925,6 +925,15 @@ config ARCH_WANT_HUGE_PMD_SHARE
config ARCH_HAS_CACHE_LINE_SIZE
def_bool y
+config ARCH_LLC_128_LINE_SIZE
+ bool "Force 128 bytes alignment for fitting LLC cacheline"
+ depends on ARM64
+ default y
+ help
+ As specific machine's LLC cacheline size may be up to
+ 128 bytes, gaining performance improvement from fitting
+ 128 Bytes LLC cache aligned.
+
config SECCOMP
bool "Enable seccomp to safely compute untrusted bytecode"
---help---
diff --git a/arch/arm64/include/asm/cache.h b/arch/arm64/include/asm/cache.h
index d1c46d75885f..ccb013f822ba 100644
--- a/arch/arm64/include/asm/cache.h
+++ b/arch/arm64/include/asm/cache.h
@@ -40,6 +40,12 @@
#define L1_CACHE_SHIFT (6)
#define L1_CACHE_BYTES (1 << L1_CACHE_SHIFT)
+#ifdef CONFIG_ARCH_LLC_128_LINE_SIZE
+#ifndef ____cacheline_aligned_128
+#define ____cacheline_aligned_128 __attribute__((__aligned__(128)))
+#endif
+#endif
+
#define CLIDR_LOUU_SHIFT 27
#define CLIDR_LOC_SHIFT 24
diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
index f246818e35db..0ebfe476b6b4 100644
--- a/kernel/time/timekeeping.c
+++ b/kernel/time/timekeeping.c
@@ -48,9 +48,16 @@ enum timekeeping_adv_mode {
* cache line.
*/
static struct {
+#ifdef CONFIG_ARCH_LLC_128_LINE_SIZE
+ u64 padding[8];
+#endif
seqcount_t seq;
struct timekeeper timekeeper;
+#ifdef CONFIG_ARCH_LLC_128_LINE_SIZE
+} tk_core ____cacheline_aligned_128 = {
+#else
} tk_core ____cacheline_aligned = {
+#endif
.seq = SEQCNT_ZERO(tk_core.seq),
};
--
2.25.1
1
0
[PATCH openEuler-5.10-LTS 1/9] xfs: get rid of assert from xfs_btree_islastblock
by Zheng Zengkai 06 Jan '23
by Zheng Zengkai 06 Jan '23
06 Jan '23
From: Guo Xuenan <guoxuenan(a)huawei.com>
mainline inclusion
from mainline-v6.1-rc4
commit 8c25febf23963431686f04874b96321288504127
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I4KIAO
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
xfs_btree_check_block contains debugging knobs. With XFS_DEBUG setting up,
turn on the debugging knob can trigger the assert of xfs_btree_islastblock,
test script as follows:
while true
do
mount $disk $mountpoint
fsstress -d $testdir -l 0 -n 10000 -p 4 >/dev/null
echo 1 > /sys/fs/xfs/sda/errortag/btree_chk_sblk
sleep 10
umount $mountpoint
done
Kick off fsstress and only *then* turn on the debugging knob. If it
happens that the knob gets turned on after the cntbt lookup succeeds
but before the call to xfs_btree_islastblock, then we *can* end up in
the situation where a previously checked btree block suddenly starts
returning EFSCORRUPTED from xfs_btree_check_block. Kaboom.
Darrick give a very detailed explanation as follows:
Looking back at commit 27d9ee577dcce, I think the point of all this was
to make sure that the cursor has actually performed a lookup, and that
the btree block at whatever level we're asking about is ok.
If the caller hasn't ever done a lookup, the bc_levels array will be
empty, so cur->bc_levels[level].bp pointer will be NULL. The call to
xfs_btree_get_block will crash anyway, so the "ASSERT(block);" part is
pointless.
If the caller did a lookup but the lookup failed due to block
corruption, the corresponding cur->bc_levels[level].bp pointer will also
be NULL, and we'll still crash. The "ASSERT(xfs_btree_check_block);"
logic is also unnecessary.
If the cursor level points to an inode root, the block buffer will be
incore, so it had better always be consistent.
If the caller ignores a failed lookup after a successful one and calls
this function, the cursor state is garbage and the assert wouldn't have
tripped anyway. So get rid of the assert.
Fixes: 27d9ee577dcc ("xfs: actually check xfs_btree_check_block return in xfs_btree_islastblock")
Signed-off-by: Guo Xuenan <guoxuenan(a)huawei.com>
Reviewed-by: Darrick J. Wong <djwong(a)kernel.org>
Signed-off-by: Darrick J. Wong <djwong(a)kernel.org>
Signed-off-by: Guo Xuenan <guoxuenan(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
fs/xfs/libxfs/xfs_btree.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/fs/xfs/libxfs/xfs_btree.h b/fs/xfs/libxfs/xfs_btree.h
index 10e50cbacacf..ba11d2a4b686 100644
--- a/fs/xfs/libxfs/xfs_btree.h
+++ b/fs/xfs/libxfs/xfs_btree.h
@@ -523,7 +523,6 @@ xfs_btree_islastblock(
struct xfs_buf *bp;
block = xfs_btree_get_block(cur, level, &bp);
- ASSERT(block && xfs_btree_check_block(cur, block, level, bp) == 0);
if (cur->bc_flags & XFS_BTREE_LONG_PTRS)
return block->bb_u.l.bb_rightsib == cpu_to_be64(NULLFSBLOCK);
--
2.20.1
1
8
[PATCH openEuler-1.0-LTS] tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line
by Yongqiang Liu 05 Jan '23
by Yongqiang Liu 05 Jan '23
05 Jan '23
From: Yang Jihong <yangjihong1(a)huawei.com>
mainline inclusion
from mainline-v6.2-rc1
commit c1ac03af6ed45d05786c219d102f37eb44880f28
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I69283
CVE: NA
--------------------------------
print_trace_line may overflow seq_file buffer. If the event is not
consumed, the while loop keeps peeking this event, causing a infinite loop.
Link: https://lkml.kernel.org/r/20221129113009.182425-1-yangjihong1@huawei.com
Cc: Masami Hiramatsu <mhiramat(a)kernel.org>
Cc: stable(a)vger.kernel.org
Fixes: 088b1e427dbba ("ftrace: pipe fixes")
Signed-off-by: Yang Jihong <yangjihong1(a)huawei.com>
Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org>
Signed-off-by: Yang Jihong <yangjihong1(a)huawei.com>
Reviewed-by: Zheng Yejian <zhengyejian1(a)huawei.com>
Reviewed-by: Ye Weihua <yeweihua4(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
kernel/trace/trace.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index feed30698280..9daaee7a9dd2 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -5771,7 +5771,20 @@ tracing_read_pipe(struct file *filp, char __user *ubuf,
ret = print_trace_line(iter);
if (ret == TRACE_TYPE_PARTIAL_LINE) {
- /* don't print partial lines */
+ /*
+ * If one print_trace_line() fills entire trace_seq in one shot,
+ * trace_seq_to_user() will returns -EBUSY because save_len == 0,
+ * In this case, we need to consume it, otherwise, loop will peek
+ * this event next time, resulting in an infinite loop.
+ */
+ if (save_len == 0) {
+ iter->seq.full = 0;
+ trace_seq_puts(&iter->seq, "[LINE TOO BIG]\n");
+ trace_consume(iter);
+ break;
+ }
+
+ /* In other cases, don't print partial lines */
iter->seq.seq.len = save_len;
break;
}
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS 1/2] misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os
by Yongqiang Liu 05 Jan '23
by Yongqiang Liu 05 Jan '23
05 Jan '23
From: Zheng Wang <zyytlz.wz(a)163.com>
mainline inclusion
from mainline-v6.2-rc1
commit 643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5UBUF
CVE: CVE-2022-3424
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?i…
--------------------------------
In some bad situation, the gts may be freed gru_check_chiplet_assignment.
The call chain can be gru_unload_context->gru_free_gru_context->gts_drop
and kfree finally. However, the caller didn't know if the gts is freed
or not and use it afterwards. This will trigger a Use after Free bug.
Fix it by introducing a return value to see if it's in error path or not.
Free the gts in caller if gru_check_chiplet_assignment check failed.
Fixes: 55484c45dbec ("gru: allow users to specify gru chiplet 2")
Signed-off-by: Zheng Wang <zyytlz.wz(a)163.com>
Acked-by: Dimitri Sivanich <sivanich(a)hpe.com>
Link: https://lore.kernel.org/r/20221110035033.19498-1-zyytlz.wz@163.com
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Zheng Yejian <zhengyejian1(a)huawei.com>
Reviewed-by: Kuohai Xu <xukuohai(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/misc/sgi-gru/grufault.c | 13 +++++++++++--
drivers/misc/sgi-gru/grumain.c | 22 ++++++++++++++++++----
drivers/misc/sgi-gru/grutables.h | 2 +-
3 files changed, 30 insertions(+), 7 deletions(-)
diff --git a/drivers/misc/sgi-gru/grufault.c b/drivers/misc/sgi-gru/grufault.c
index 93be82fc338a..16df731e63c5 100644
--- a/drivers/misc/sgi-gru/grufault.c
+++ b/drivers/misc/sgi-gru/grufault.c
@@ -661,6 +661,7 @@ int gru_handle_user_call_os(unsigned long cb)
if ((cb & (GRU_HANDLE_STRIDE - 1)) || ucbnum >= GRU_NUM_CB)
return -EINVAL;
+again:
gts = gru_find_lock_gts(cb);
if (!gts)
return -EINVAL;
@@ -669,7 +670,11 @@ int gru_handle_user_call_os(unsigned long cb)
if (ucbnum >= gts->ts_cbr_au_count * GRU_CBR_AU_SIZE)
goto exit;
- gru_check_context_placement(gts);
+ if (gru_check_context_placement(gts)) {
+ gru_unlock_gts(gts);
+ gru_unload_context(gts, 1);
+ goto again;
+ }
/*
* CCH may contain stale data if ts_force_cch_reload is set.
@@ -887,7 +892,11 @@ int gru_set_context_option(unsigned long arg)
} else {
gts->ts_user_blade_id = req.val1;
gts->ts_user_chiplet_id = req.val0;
- gru_check_context_placement(gts);
+ if (gru_check_context_placement(gts)) {
+ gru_unlock_gts(gts);
+ gru_unload_context(gts, 1);
+ return ret;
+ }
}
break;
case sco_gseg_owner:
diff --git a/drivers/misc/sgi-gru/grumain.c b/drivers/misc/sgi-gru/grumain.c
index ab174f28e3be..8c3e0317c115 100644
--- a/drivers/misc/sgi-gru/grumain.c
+++ b/drivers/misc/sgi-gru/grumain.c
@@ -729,9 +729,10 @@ static int gru_check_chiplet_assignment(struct gru_state *gru,
* chiplet. Misassignment can occur if the process migrates to a different
* blade or if the user changes the selected blade/chiplet.
*/
-void gru_check_context_placement(struct gru_thread_state *gts)
+int gru_check_context_placement(struct gru_thread_state *gts)
{
struct gru_state *gru;
+ int ret = 0;
/*
* If the current task is the context owner, verify that the
@@ -739,15 +740,23 @@ void gru_check_context_placement(struct gru_thread_state *gts)
* references. Pthread apps use non-owner references to the CBRs.
*/
gru = gts->ts_gru;
+ /*
+ * If gru or gts->ts_tgid_owner isn't initialized properly, return
+ * success to indicate that the caller does not need to unload the
+ * gru context.The caller is responsible for their inspection and
+ * reinitialization if needed.
+ */
if (!gru || gts->ts_tgid_owner != current->tgid)
- return;
+ return ret;
if (!gru_check_chiplet_assignment(gru, gts)) {
STAT(check_context_unload);
- gru_unload_context(gts, 1);
+ ret = -EINVAL;
} else if (gru_retarget_intr(gts)) {
STAT(check_context_retarget_intr);
}
+
+ return ret;
}
@@ -947,7 +956,12 @@ vm_fault_t gru_fault(struct vm_fault *vmf)
mutex_lock(>s->ts_ctxlock);
preempt_disable();
- gru_check_context_placement(gts);
+ if (gru_check_context_placement(gts)) {
+ preempt_enable();
+ mutex_unlock(>s->ts_ctxlock);
+ gru_unload_context(gts, 1);
+ return VM_FAULT_NOPAGE;
+ }
if (!gts->ts_gru) {
STAT(load_user_context);
diff --git a/drivers/misc/sgi-gru/grutables.h b/drivers/misc/sgi-gru/grutables.h
index 3e041b6f7a68..2becf4c3f7ca 100644
--- a/drivers/misc/sgi-gru/grutables.h
+++ b/drivers/misc/sgi-gru/grutables.h
@@ -652,7 +652,7 @@ extern int gru_user_flush_tlb(unsigned long arg);
extern int gru_user_unload_context(unsigned long arg);
extern int gru_get_exception_detail(unsigned long arg);
extern int gru_set_context_option(unsigned long address);
-extern void gru_check_context_placement(struct gru_thread_state *gts);
+extern int gru_check_context_placement(struct gru_thread_state *gts);
extern int gru_cpu_fault_map_id(void);
extern struct vm_area_struct *gru_find_vma(unsigned long vaddr);
extern void gru_flush_all_tlb(struct gru_state *gru);
--
2.25.1
1
1
hulk inclusion
bugzilla: https://gitee.com/openeuler/kernel/issues/I68D0O
This defconfig is based on openEuler-22.03-LTS-SP1:
cp /boot/config-5.10.0-136.12.0.86.oe2203sp1.x86_64 arch/x86/configs/openeuler_defconfig
make update_oedefconfig
Signed-off-by: Xie XiuQi <xiexiuqi(a)huawei.com>
---
arch/x86/configs/openeuler_defconfig | 8938 ++++++++++++++++++++++++++
1 file changed, 8938 insertions(+)
create mode 100644 arch/x86/configs/openeuler_defconfig
diff --git a/arch/x86/configs/openeuler_defconfig b/arch/x86/configs/openeuler_defconfig
new file mode 100644
index 000000000000..8a824f33bc5b
--- /dev/null
+++ b/arch/x86/configs/openeuler_defconfig
@@ -0,0 +1,8938 @@
+#
+# Automatically generated file; DO NOT EDIT.
+# Linux/x86 6.1.0 Kernel Configuration
+#
+CONFIG_IRQ_WORK=y
+CONFIG_BUILDTIME_TABLE_SORT=y
+CONFIG_THREAD_INFO_IN_TASK=y
+
+#
+# General setup
+#
+CONFIG_INIT_ENV_ARG_LIMIT=32
+# CONFIG_COMPILE_TEST is not set
+# CONFIG_WERROR is not set
+CONFIG_LOCALVERSION=""
+# CONFIG_LOCALVERSION_AUTO is not set
+CONFIG_BUILD_SALT=""
+CONFIG_HAVE_KERNEL_GZIP=y
+CONFIG_HAVE_KERNEL_BZIP2=y
+CONFIG_HAVE_KERNEL_LZMA=y
+CONFIG_HAVE_KERNEL_XZ=y
+CONFIG_HAVE_KERNEL_LZO=y
+CONFIG_HAVE_KERNEL_LZ4=y
+CONFIG_HAVE_KERNEL_ZSTD=y
+CONFIG_KERNEL_GZIP=y
+# CONFIG_KERNEL_BZIP2 is not set
+# CONFIG_KERNEL_LZMA is not set
+# CONFIG_KERNEL_XZ is not set
+# CONFIG_KERNEL_LZO is not set
+# CONFIG_KERNEL_LZ4 is not set
+# CONFIG_KERNEL_ZSTD is not set
+CONFIG_DEFAULT_INIT=""
+CONFIG_DEFAULT_HOSTNAME="(none)"
+CONFIG_SYSVIPC=y
+CONFIG_SYSVIPC_SYSCTL=y
+CONFIG_SYSVIPC_COMPAT=y
+CONFIG_POSIX_MQUEUE=y
+CONFIG_POSIX_MQUEUE_SYSCTL=y
+# CONFIG_WATCH_QUEUE is not set
+CONFIG_CROSS_MEMORY_ATTACH=y
+# CONFIG_USELIB is not set
+CONFIG_AUDIT=y
+CONFIG_HAVE_ARCH_AUDITSYSCALL=y
+CONFIG_AUDITSYSCALL=y
+
+#
+# IRQ subsystem
+#
+CONFIG_GENERIC_IRQ_PROBE=y
+CONFIG_GENERIC_IRQ_SHOW=y
+CONFIG_GENERIC_IRQ_EFFECTIVE_AFF_MASK=y
+CONFIG_GENERIC_PENDING_IRQ=y
+CONFIG_GENERIC_IRQ_MIGRATION=y
+CONFIG_GENERIC_IRQ_INJECTION=y
+CONFIG_HARDIRQS_SW_RESEND=y
+CONFIG_IRQ_DOMAIN=y
+CONFIG_IRQ_DOMAIN_HIERARCHY=y
+CONFIG_GENERIC_MSI_IRQ=y
+CONFIG_GENERIC_MSI_IRQ_DOMAIN=y
+CONFIG_IRQ_MSI_IOMMU=y
+CONFIG_GENERIC_IRQ_MATRIX_ALLOCATOR=y
+CONFIG_GENERIC_IRQ_RESERVATION_MODE=y
+CONFIG_IRQ_FORCED_THREADING=y
+CONFIG_SPARSE_IRQ=y
+# CONFIG_GENERIC_IRQ_DEBUGFS is not set
+# end of IRQ subsystem
+
+CONFIG_CLOCKSOURCE_WATCHDOG=y
+CONFIG_ARCH_CLOCKSOURCE_INIT=y
+CONFIG_CLOCKSOURCE_VALIDATE_LAST_CYCLE=y
+CONFIG_GENERIC_TIME_VSYSCALL=y
+CONFIG_GENERIC_CLOCKEVENTS=y
+CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
+CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
+CONFIG_GENERIC_CMOS_UPDATE=y
+CONFIG_HAVE_POSIX_CPU_TIMERS_TASK_WORK=y
+CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y
+CONFIG_CONTEXT_TRACKING=y
+CONFIG_CONTEXT_TRACKING_IDLE=y
+
+#
+# Timers subsystem
+#
+CONFIG_TICK_ONESHOT=y
+CONFIG_NO_HZ_COMMON=y
+# CONFIG_HZ_PERIODIC is not set
+# CONFIG_NO_HZ_IDLE is not set
+CONFIG_NO_HZ_FULL=y
+CONFIG_CONTEXT_TRACKING_USER=y
+# CONFIG_CONTEXT_TRACKING_USER_FORCE is not set
+CONFIG_NO_HZ=y
+CONFIG_HIGH_RES_TIMERS=y
+CONFIG_CLOCKSOURCE_WATCHDOG_MAX_SKEW_US=100
+# end of Timers subsystem
+
+CONFIG_BPF=y
+CONFIG_HAVE_EBPF_JIT=y
+CONFIG_ARCH_WANT_DEFAULT_BPF_JIT=y
+
+#
+# BPF subsystem
+#
+CONFIG_BPF_SYSCALL=y
+CONFIG_BPF_JIT=y
+CONFIG_BPF_JIT_ALWAYS_ON=y
+CONFIG_BPF_JIT_DEFAULT_ON=y
+# CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set
+# CONFIG_BPF_PRELOAD is not set
+# CONFIG_BPF_LSM is not set
+# end of BPF subsystem
+
+CONFIG_PREEMPT_BUILD=y
+CONFIG_PREEMPT_NONE=y
+# CONFIG_PREEMPT_VOLUNTARY is not set
+# CONFIG_PREEMPT is not set
+CONFIG_PREEMPT_COUNT=y
+CONFIG_PREEMPTION=y
+CONFIG_PREEMPT_DYNAMIC=y
+# CONFIG_SCHED_CORE is not set
+
+#
+# CPU/Task time and stats accounting
+#
+CONFIG_VIRT_CPU_ACCOUNTING=y
+CONFIG_VIRT_CPU_ACCOUNTING_GEN=y
+CONFIG_IRQ_TIME_ACCOUNTING=y
+CONFIG_HAVE_SCHED_AVG_IRQ=y
+CONFIG_BSD_PROCESS_ACCT=y
+CONFIG_BSD_PROCESS_ACCT_V3=y
+CONFIG_TASKSTATS=y
+CONFIG_TASK_DELAY_ACCT=y
+CONFIG_TASK_XACCT=y
+CONFIG_TASK_IO_ACCOUNTING=y
+CONFIG_PSI=y
+CONFIG_PSI_DEFAULT_DISABLED=y
+# end of CPU/Task time and stats accounting
+
+CONFIG_CPU_ISOLATION=y
+
+#
+# RCU Subsystem
+#
+CONFIG_TREE_RCU=y
+CONFIG_PREEMPT_RCU=y
+# CONFIG_RCU_EXPERT is not set
+CONFIG_SRCU=y
+CONFIG_TREE_SRCU=y
+CONFIG_TASKS_RCU_GENERIC=y
+CONFIG_TASKS_RCU=y
+CONFIG_TASKS_RUDE_RCU=y
+CONFIG_TASKS_TRACE_RCU=y
+CONFIG_RCU_STALL_COMMON=y
+CONFIG_RCU_NEED_SEGCBLIST=y
+CONFIG_RCU_NOCB_CPU=y
+# CONFIG_RCU_NOCB_CPU_DEFAULT_ALL is not set
+# end of RCU Subsystem
+
+CONFIG_IKCONFIG=y
+CONFIG_IKCONFIG_PROC=y
+# CONFIG_IKHEADERS is not set
+CONFIG_LOG_BUF_SHIFT=20
+CONFIG_LOG_CPU_MAX_BUF_SHIFT=12
+CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13
+# CONFIG_PRINTK_INDEX is not set
+CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
+
+#
+# Scheduler features
+#
+# CONFIG_UCLAMP_TASK is not set
+# end of Scheduler features
+
+CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
+CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
+CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
+CONFIG_GCC12_NO_ARRAY_BOUNDS=y
+CONFIG_ARCH_SUPPORTS_INT128=y
+CONFIG_NUMA_BALANCING=y
+CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
+CONFIG_CGROUPS=y
+CONFIG_PAGE_COUNTER=y
+# CONFIG_CGROUP_FAVOR_DYNMODS is not set
+CONFIG_MEMCG=y
+CONFIG_MEMCG_KMEM=y
+CONFIG_BLK_CGROUP=y
+CONFIG_CGROUP_WRITEBACK=y
+CONFIG_CGROUP_SCHED=y
+CONFIG_FAIR_GROUP_SCHED=y
+CONFIG_CFS_BANDWIDTH=y
+CONFIG_RT_GROUP_SCHED=y
+CONFIG_CGROUP_PIDS=y
+CONFIG_CGROUP_RDMA=y
+CONFIG_CGROUP_FREEZER=y
+CONFIG_CGROUP_HUGETLB=y
+CONFIG_CPUSETS=y
+CONFIG_PROC_PID_CPUSET=y
+CONFIG_CGROUP_DEVICE=y
+CONFIG_CGROUP_CPUACCT=y
+CONFIG_CGROUP_PERF=y
+CONFIG_CGROUP_BPF=y
+# CONFIG_CGROUP_MISC is not set
+# CONFIG_CGROUP_DEBUG is not set
+CONFIG_SOCK_CGROUP_DATA=y
+CONFIG_NAMESPACES=y
+CONFIG_UTS_NS=y
+CONFIG_TIME_NS=y
+CONFIG_IPC_NS=y
+CONFIG_USER_NS=y
+CONFIG_PID_NS=y
+CONFIG_NET_NS=y
+CONFIG_CHECKPOINT_RESTORE=y
+CONFIG_SCHED_AUTOGROUP=y
+# CONFIG_SYSFS_DEPRECATED is not set
+CONFIG_RELAY=y
+CONFIG_BLK_DEV_INITRD=y
+CONFIG_INITRAMFS_SOURCE=""
+CONFIG_RD_GZIP=y
+CONFIG_RD_BZIP2=y
+CONFIG_RD_LZMA=y
+CONFIG_RD_XZ=y
+CONFIG_RD_LZO=y
+CONFIG_RD_LZ4=y
+CONFIG_RD_ZSTD=y
+CONFIG_BOOT_CONFIG=y
+# CONFIG_BOOT_CONFIG_EMBED is not set
+CONFIG_INITRAMFS_PRESERVE_MTIME=y
+CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
+# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
+CONFIG_LD_ORPHAN_WARN=y
+CONFIG_SYSCTL=y
+CONFIG_HAVE_UID16=y
+CONFIG_SYSCTL_EXCEPTION_TRACE=y
+CONFIG_HAVE_PCSPKR_PLATFORM=y
+# CONFIG_EXPERT is not set
+CONFIG_UID16=y
+CONFIG_MULTIUSER=y
+CONFIG_SGETMASK_SYSCALL=y
+CONFIG_SYSFS_SYSCALL=y
+CONFIG_FHANDLE=y
+CONFIG_POSIX_TIMERS=y
+CONFIG_PRINTK=y
+CONFIG_BUG=y
+CONFIG_ELF_CORE=y
+CONFIG_PCSPKR_PLATFORM=y
+CONFIG_BASE_FULL=y
+CONFIG_FUTEX=y
+CONFIG_FUTEX_PI=y
+CONFIG_EPOLL=y
+CONFIG_SIGNALFD=y
+CONFIG_TIMERFD=y
+CONFIG_EVENTFD=y
+CONFIG_SHMEM=y
+CONFIG_AIO=y
+CONFIG_IO_URING=y
+CONFIG_ADVISE_SYSCALLS=y
+CONFIG_MEMBARRIER=y
+CONFIG_KALLSYMS=y
+CONFIG_KALLSYMS_ALL=y
+CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y
+CONFIG_KALLSYMS_BASE_RELATIVE=y
+CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y
+CONFIG_KCMP=y
+CONFIG_RSEQ=y
+# CONFIG_EMBEDDED is not set
+CONFIG_HAVE_PERF_EVENTS=y
+CONFIG_GUEST_PERF_EVENTS=y
+
+#
+# Kernel Performance Events And Counters
+#
+CONFIG_PERF_EVENTS=y
+# CONFIG_DEBUG_PERF_USE_VMALLOC is not set
+# end of Kernel Performance Events And Counters
+
+CONFIG_SYSTEM_DATA_VERIFICATION=y
+CONFIG_PROFILING=y
+CONFIG_TRACEPOINTS=y
+# end of General setup
+
+CONFIG_64BIT=y
+CONFIG_X86_64=y
+CONFIG_X86=y
+CONFIG_INSTRUCTION_DECODER=y
+CONFIG_OUTPUT_FORMAT="elf64-x86-64"
+CONFIG_LOCKDEP_SUPPORT=y
+CONFIG_STACKTRACE_SUPPORT=y
+CONFIG_MMU=y
+CONFIG_ARCH_MMAP_RND_BITS_MIN=28
+CONFIG_ARCH_MMAP_RND_BITS_MAX=32
+CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8
+CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16
+CONFIG_GENERIC_ISA_DMA=y
+CONFIG_GENERIC_BUG=y
+CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y
+CONFIG_ARCH_MAY_HAVE_PC_FDC=y
+CONFIG_GENERIC_CALIBRATE_DELAY=y
+CONFIG_ARCH_HAS_CPU_RELAX=y
+CONFIG_ARCH_HIBERNATION_POSSIBLE=y
+CONFIG_ARCH_NR_GPIO=1024
+CONFIG_ARCH_SUSPEND_POSSIBLE=y
+CONFIG_AUDIT_ARCH=y
+CONFIG_HAVE_INTEL_TXT=y
+CONFIG_X86_64_SMP=y
+CONFIG_ARCH_SUPPORTS_UPROBES=y
+CONFIG_FIX_EARLYCON_MEM=y
+CONFIG_DYNAMIC_PHYSICAL_MASK=y
+CONFIG_PGTABLE_LEVELS=5
+
+#
+# Processor type and features
+#
+CONFIG_SMP=y
+CONFIG_X86_FEATURE_NAMES=y
+CONFIG_X86_X2APIC=y
+CONFIG_X86_MPPARSE=y
+# CONFIG_GOLDFISH is not set
+CONFIG_X86_CPU_RESCTRL=y
+CONFIG_X86_EXTENDED_PLATFORM=y
+# CONFIG_X86_NUMACHIP is not set
+# CONFIG_X86_VSMP is not set
+CONFIG_X86_UV=y
+# CONFIG_X86_GOLDFISH is not set
+# CONFIG_X86_INTEL_MID is not set
+CONFIG_X86_INTEL_LPSS=y
+CONFIG_X86_AMD_PLATFORM_DEVICE=y
+CONFIG_IOSF_MBI=y
+# CONFIG_IOSF_MBI_DEBUG is not set
+CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y
+CONFIG_SCHED_OMIT_FRAME_POINTER=y
+CONFIG_HYPERVISOR_GUEST=y
+CONFIG_PARAVIRT=y
+# CONFIG_PARAVIRT_DEBUG is not set
+CONFIG_PARAVIRT_SPINLOCKS=y
+CONFIG_X86_HV_CALLBACK_VECTOR=y
+CONFIG_XEN=y
+# CONFIG_XEN_PV is not set
+CONFIG_XEN_PVHVM=y
+CONFIG_XEN_PVHVM_SMP=y
+CONFIG_XEN_PVHVM_GUEST=y
+CONFIG_XEN_SAVE_RESTORE=y
+# CONFIG_XEN_DEBUG_FS is not set
+# CONFIG_XEN_PVH is not set
+CONFIG_KVM_GUEST=y
+CONFIG_ARCH_CPUIDLE_HALTPOLL=y
+# CONFIG_PVH is not set
+CONFIG_PARAVIRT_TIME_ACCOUNTING=y
+CONFIG_PARAVIRT_CLOCK=y
+# CONFIG_JAILHOUSE_GUEST is not set
+# CONFIG_ACRN_GUEST is not set
+# CONFIG_INTEL_TDX_GUEST is not set
+# CONFIG_MK8 is not set
+# CONFIG_MPSC is not set
+# CONFIG_MCORE2 is not set
+# CONFIG_MATOM is not set
+CONFIG_GENERIC_CPU=y
+CONFIG_X86_INTERNODE_CACHE_SHIFT=6
+CONFIG_X86_L1_CACHE_SHIFT=6
+CONFIG_X86_TSC=y
+CONFIG_X86_CMPXCHG64=y
+CONFIG_X86_CMOV=y
+CONFIG_X86_MINIMUM_CPU_FAMILY=64
+CONFIG_X86_DEBUGCTLMSR=y
+CONFIG_IA32_FEAT_CTL=y
+CONFIG_X86_VMX_FEATURE_NAMES=y
+CONFIG_CPU_SUP_INTEL=y
+CONFIG_CPU_SUP_AMD=y
+CONFIG_CPU_SUP_HYGON=y
+CONFIG_CPU_SUP_CENTAUR=y
+CONFIG_CPU_SUP_ZHAOXIN=y
+CONFIG_HPET_TIMER=y
+CONFIG_HPET_EMULATE_RTC=y
+CONFIG_DMI=y
+# CONFIG_GART_IOMMU is not set
+CONFIG_BOOT_VESA_SUPPORT=y
+CONFIG_MAXSMP=y
+CONFIG_NR_CPUS_RANGE_BEGIN=8192
+CONFIG_NR_CPUS_RANGE_END=8192
+CONFIG_NR_CPUS_DEFAULT=8192
+CONFIG_NR_CPUS=8192
+CONFIG_SCHED_CLUSTER=y
+CONFIG_SCHED_SMT=y
+CONFIG_SCHED_MC=y
+CONFIG_SCHED_MC_PRIO=y
+CONFIG_X86_LOCAL_APIC=y
+CONFIG_X86_IO_APIC=y
+CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y
+CONFIG_X86_MCE=y
+CONFIG_X86_MCELOG_LEGACY=y
+CONFIG_X86_MCE_INTEL=y
+CONFIG_X86_MCE_AMD=y
+CONFIG_X86_MCE_THRESHOLD=y
+CONFIG_X86_MCE_INJECT=m
+
+#
+# Performance monitoring
+#
+CONFIG_PERF_EVENTS_INTEL_UNCORE=m
+CONFIG_PERF_EVENTS_INTEL_RAPL=m
+CONFIG_PERF_EVENTS_INTEL_CSTATE=m
+CONFIG_PERF_EVENTS_AMD_POWER=m
+CONFIG_PERF_EVENTS_AMD_UNCORE=y
+CONFIG_PERF_EVENTS_AMD_BRS=y
+# end of Performance monitoring
+
+CONFIG_X86_16BIT=y
+CONFIG_X86_ESPFIX64=y
+CONFIG_X86_VSYSCALL_EMULATION=y
+CONFIG_X86_IOPL_IOPERM=y
+CONFIG_MICROCODE=y
+CONFIG_MICROCODE_INTEL=y
+CONFIG_MICROCODE_AMD=y
+# CONFIG_MICROCODE_LATE_LOADING is not set
+CONFIG_X86_MSR=y
+CONFIG_X86_CPUID=y
+CONFIG_X86_5LEVEL=y
+CONFIG_X86_DIRECT_GBPAGES=y
+# CONFIG_X86_CPA_STATISTICS is not set
+CONFIG_X86_MEM_ENCRYPT=y
+CONFIG_AMD_MEM_ENCRYPT=y
+# CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT is not set
+CONFIG_NUMA=y
+CONFIG_AMD_NUMA=y
+CONFIG_X86_64_ACPI_NUMA=y
+CONFIG_NUMA_EMU=y
+CONFIG_NODES_SHIFT=10
+CONFIG_ARCH_SPARSEMEM_ENABLE=y
+CONFIG_ARCH_SPARSEMEM_DEFAULT=y
+# CONFIG_ARCH_MEMORY_PROBE is not set
+CONFIG_ARCH_PROC_KCORE_TEXT=y
+CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
+CONFIG_X86_PMEM_LEGACY_DEVICE=y
+CONFIG_X86_PMEM_LEGACY=m
+CONFIG_X86_CHECK_BIOS_CORRUPTION=y
+# CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK is not set
+CONFIG_MTRR=y
+CONFIG_MTRR_SANITIZER=y
+CONFIG_MTRR_SANITIZER_ENABLE_DEFAULT=1
+CONFIG_MTRR_SANITIZER_SPARE_REG_NR_DEFAULT=1
+CONFIG_X86_PAT=y
+CONFIG_ARCH_USES_PG_UNCACHED=y
+CONFIG_X86_UMIP=y
+# CONFIG_X86_KERNEL_IBT is not set
+CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS=y
+CONFIG_X86_INTEL_TSX_MODE_OFF=y
+# CONFIG_X86_INTEL_TSX_MODE_ON is not set
+# CONFIG_X86_INTEL_TSX_MODE_AUTO is not set
+CONFIG_X86_SGX=y
+CONFIG_EFI=y
+CONFIG_EFI_STUB=y
+CONFIG_EFI_MIXED=y
+# CONFIG_HZ_100 is not set
+# CONFIG_HZ_250 is not set
+# CONFIG_HZ_300 is not set
+CONFIG_HZ_1000=y
+CONFIG_HZ=1000
+CONFIG_SCHED_HRTICK=y
+CONFIG_KEXEC=y
+CONFIG_KEXEC_FILE=y
+CONFIG_ARCH_HAS_KEXEC_PURGATORY=y
+CONFIG_KEXEC_SIG=y
+CONFIG_KEXEC_SIG_FORCE=y
+CONFIG_KEXEC_BZIMAGE_VERIFY_SIG=y
+CONFIG_CRASH_DUMP=y
+CONFIG_KEXEC_JUMP=y
+CONFIG_PHYSICAL_START=0x1000000
+CONFIG_RELOCATABLE=y
+CONFIG_RANDOMIZE_BASE=y
+CONFIG_X86_NEED_RELOCS=y
+CONFIG_PHYSICAL_ALIGN=0x200000
+CONFIG_DYNAMIC_MEMORY_LAYOUT=y
+CONFIG_RANDOMIZE_MEMORY=y
+CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0xa
+CONFIG_HOTPLUG_CPU=y
+# CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set
+# CONFIG_DEBUG_HOTPLUG_CPU0 is not set
+# CONFIG_COMPAT_VDSO is not set
+CONFIG_LEGACY_VSYSCALL_XONLY=y
+# CONFIG_LEGACY_VSYSCALL_NONE is not set
+# CONFIG_CMDLINE_BOOL is not set
+CONFIG_MODIFY_LDT_SYSCALL=y
+# CONFIG_STRICT_SIGALTSTACK_SIZE is not set
+CONFIG_HAVE_LIVEPATCH=y
+CONFIG_LIVEPATCH=y
+# end of Processor type and features
+
+CONFIG_SPECULATION_MITIGATIONS=y
+CONFIG_PAGE_TABLE_ISOLATION=y
+CONFIG_RETPOLINE=y
+CONFIG_RETHUNK=y
+CONFIG_CPU_UNRET_ENTRY=y
+CONFIG_CPU_IBPB_ENTRY=y
+CONFIG_CPU_IBRS_ENTRY=y
+CONFIG_ARCH_HAS_ADD_PAGES=y
+CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
+
+#
+# Power management and ACPI options
+#
+CONFIG_ARCH_HIBERNATION_HEADER=y
+CONFIG_SUSPEND=y
+CONFIG_SUSPEND_FREEZER=y
+CONFIG_HIBERNATE_CALLBACKS=y
+CONFIG_HIBERNATION=y
+CONFIG_HIBERNATION_SNAPSHOT_DEV=y
+CONFIG_PM_STD_PARTITION=""
+CONFIG_PM_SLEEP=y
+CONFIG_PM_SLEEP_SMP=y
+# CONFIG_PM_AUTOSLEEP is not set
+# CONFIG_PM_USERSPACE_AUTOSLEEP is not set
+# CONFIG_PM_WAKELOCKS is not set
+CONFIG_PM=y
+CONFIG_PM_DEBUG=y
+# CONFIG_PM_ADVANCED_DEBUG is not set
+# CONFIG_PM_TEST_SUSPEND is not set
+CONFIG_PM_SLEEP_DEBUG=y
+# CONFIG_PM_TRACE_RTC is not set
+CONFIG_PM_CLK=y
+CONFIG_PM_GENERIC_DOMAINS=y
+# CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set
+CONFIG_PM_GENERIC_DOMAINS_SLEEP=y
+# CONFIG_ENERGY_MODEL is not set
+CONFIG_ARCH_SUPPORTS_ACPI=y
+CONFIG_ACPI=y
+CONFIG_ACPI_LEGACY_TABLES_LOOKUP=y
+CONFIG_ARCH_MIGHT_HAVE_ACPI_PDC=y
+CONFIG_ACPI_SYSTEM_POWER_STATES_SUPPORT=y
+# CONFIG_ACPI_DEBUGGER is not set
+CONFIG_ACPI_SPCR_TABLE=y
+# CONFIG_ACPI_FPDT is not set
+CONFIG_ACPI_LPIT=y
+CONFIG_ACPI_SLEEP=y
+CONFIG_ACPI_REV_OVERRIDE_POSSIBLE=y
+CONFIG_ACPI_EC_DEBUGFS=m
+CONFIG_ACPI_AC=y
+CONFIG_ACPI_BATTERY=y
+CONFIG_ACPI_BUTTON=y
+CONFIG_ACPI_VIDEO=m
+CONFIG_ACPI_FAN=y
+CONFIG_ACPI_TAD=m
+CONFIG_ACPI_DOCK=y
+CONFIG_ACPI_CPU_FREQ_PSS=y
+CONFIG_ACPI_PROCESSOR_CSTATE=y
+CONFIG_ACPI_PROCESSOR_IDLE=y
+CONFIG_ACPI_CPPC_LIB=y
+CONFIG_ACPI_PROCESSOR=y
+CONFIG_ACPI_IPMI=m
+CONFIG_ACPI_HOTPLUG_CPU=y
+CONFIG_ACPI_PROCESSOR_AGGREGATOR=m
+CONFIG_ACPI_THERMAL=y
+CONFIG_ACPI_PLATFORM_PROFILE=m
+CONFIG_ARCH_HAS_ACPI_TABLE_UPGRADE=y
+CONFIG_ACPI_TABLE_UPGRADE=y
+# CONFIG_ACPI_DEBUG is not set
+CONFIG_ACPI_PCI_SLOT=y
+CONFIG_ACPI_CONTAINER=y
+CONFIG_ACPI_HOTPLUG_MEMORY=y
+CONFIG_ACPI_HOTPLUG_IOAPIC=y
+CONFIG_ACPI_SBS=m
+CONFIG_ACPI_HED=y
+# CONFIG_ACPI_CUSTOM_METHOD is not set
+CONFIG_ACPI_BGRT=y
+CONFIG_ACPI_NFIT=m
+# CONFIG_NFIT_SECURITY_DEBUG is not set
+CONFIG_ACPI_NUMA=y
+CONFIG_ACPI_HMAT=y
+CONFIG_HAVE_ACPI_APEI=y
+CONFIG_HAVE_ACPI_APEI_NMI=y
+CONFIG_ACPI_APEI=y
+CONFIG_ACPI_APEI_GHES=y
+CONFIG_ACPI_APEI_PCIEAER=y
+CONFIG_ACPI_APEI_MEMORY_FAILURE=y
+CONFIG_ACPI_APEI_EINJ=m
+# CONFIG_ACPI_APEI_ERST_DEBUG is not set
+CONFIG_ACPI_DPTF=y
+CONFIG_DPTF_POWER=m
+# CONFIG_DPTF_PCH_FIVR is not set
+CONFIG_ACPI_WATCHDOG=y
+CONFIG_ACPI_EXTLOG=m
+CONFIG_ACPI_ADXL=y
+# CONFIG_ACPI_CONFIGFS is not set
+# CONFIG_ACPI_PFRUT is not set
+CONFIG_ACPI_PCC=y
+CONFIG_PMIC_OPREGION=y
+CONFIG_ACPI_PRMT=y
+CONFIG_X86_PM_TIMER=y
+
+#
+# CPU Frequency scaling
+#
+CONFIG_CPU_FREQ=y
+CONFIG_CPU_FREQ_GOV_ATTR_SET=y
+CONFIG_CPU_FREQ_GOV_COMMON=y
+CONFIG_CPU_FREQ_STAT=y
+CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
+# CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE is not set
+# CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE is not set
+# CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL is not set
+CONFIG_CPU_FREQ_GOV_PERFORMANCE=y
+CONFIG_CPU_FREQ_GOV_POWERSAVE=y
+CONFIG_CPU_FREQ_GOV_USERSPACE=y
+CONFIG_CPU_FREQ_GOV_ONDEMAND=y
+CONFIG_CPU_FREQ_GOV_CONSERVATIVE=y
+CONFIG_CPU_FREQ_GOV_SCHEDUTIL=y
+
+#
+# CPU frequency scaling drivers
+#
+CONFIG_X86_INTEL_PSTATE=y
+# CONFIG_X86_PCC_CPUFREQ is not set
+# CONFIG_X86_AMD_PSTATE is not set
+# CONFIG_X86_AMD_PSTATE_UT is not set
+CONFIG_X86_ACPI_CPUFREQ=m
+CONFIG_X86_ACPI_CPUFREQ_CPB=y
+CONFIG_X86_POWERNOW_K8=m
+CONFIG_X86_AMD_FREQ_SENSITIVITY=m
+# CONFIG_X86_SPEEDSTEP_CENTRINO is not set
+CONFIG_X86_P4_CLOCKMOD=m
+
+#
+# shared options
+#
+CONFIG_X86_SPEEDSTEP_LIB=m
+# end of CPU Frequency scaling
+
+#
+# CPU Idle
+#
+CONFIG_CPU_IDLE=y
+# CONFIG_CPU_IDLE_GOV_LADDER is not set
+CONFIG_CPU_IDLE_GOV_MENU=y
+CONFIG_CPU_IDLE_GOV_TEO=y
+CONFIG_CPU_IDLE_GOV_HALTPOLL=y
+CONFIG_HALTPOLL_CPUIDLE=y
+# end of CPU Idle
+
+CONFIG_INTEL_IDLE=y
+# end of Power management and ACPI options
+
+#
+# Bus options (PCI etc.)
+#
+CONFIG_PCI_DIRECT=y
+CONFIG_PCI_MMCONFIG=y
+CONFIG_PCI_XEN=y
+CONFIG_MMCONF_FAM10H=y
+CONFIG_ISA_DMA_API=y
+CONFIG_AMD_NB=y
+# end of Bus options (PCI etc.)
+
+#
+# Binary Emulations
+#
+CONFIG_IA32_EMULATION=y
+# CONFIG_X86_X32_ABI is not set
+CONFIG_COMPAT_32=y
+CONFIG_COMPAT=y
+CONFIG_COMPAT_FOR_U64_ALIGNMENT=y
+# end of Binary Emulations
+
+CONFIG_HAVE_KVM=y
+CONFIG_HAVE_KVM_PFNCACHE=y
+CONFIG_HAVE_KVM_IRQCHIP=y
+CONFIG_HAVE_KVM_IRQFD=y
+CONFIG_HAVE_KVM_IRQ_ROUTING=y
+CONFIG_HAVE_KVM_DIRTY_RING=y
+CONFIG_HAVE_KVM_DIRTY_RING_TSO=y
+CONFIG_HAVE_KVM_DIRTY_RING_ACQ_REL=y
+CONFIG_HAVE_KVM_EVENTFD=y
+CONFIG_KVM_MMIO=y
+CONFIG_KVM_ASYNC_PF=y
+CONFIG_HAVE_KVM_MSI=y
+CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT=y
+CONFIG_KVM_VFIO=y
+CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT=y
+CONFIG_KVM_COMPAT=y
+CONFIG_HAVE_KVM_IRQ_BYPASS=y
+CONFIG_HAVE_KVM_NO_POLL=y
+CONFIG_KVM_XFER_TO_GUEST_WORK=y
+CONFIG_HAVE_KVM_PM_NOTIFIER=y
+CONFIG_VIRTUALIZATION=y
+CONFIG_KVM=m
+CONFIG_KVM_INTEL=m
+CONFIG_X86_SGX_KVM=y
+CONFIG_KVM_AMD=m
+CONFIG_KVM_AMD_SEV=y
+# CONFIG_KVM_XEN is not set
+CONFIG_KVM_EXTERNAL_WRITE_TRACKING=y
+CONFIG_AS_AVX512=y
+CONFIG_AS_SHA1_NI=y
+CONFIG_AS_SHA256_NI=y
+CONFIG_AS_TPAUSE=y
+
+#
+# General architecture-dependent options
+#
+CONFIG_CRASH_CORE=y
+CONFIG_KEXEC_CORE=y
+CONFIG_HAVE_IMA_KEXEC=y
+CONFIG_HOTPLUG_SMT=y
+CONFIG_GENERIC_ENTRY=y
+CONFIG_KPROBES=y
+CONFIG_JUMP_LABEL=y
+# CONFIG_STATIC_KEYS_SELFTEST is not set
+# CONFIG_STATIC_CALL_SELFTEST is not set
+CONFIG_OPTPROBES=y
+CONFIG_KPROBES_ON_FTRACE=y
+CONFIG_UPROBES=y
+CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
+CONFIG_ARCH_USE_BUILTIN_BSWAP=y
+CONFIG_KRETPROBES=y
+CONFIG_KRETPROBE_ON_RETHOOK=y
+CONFIG_USER_RETURN_NOTIFIER=y
+CONFIG_HAVE_IOREMAP_PROT=y
+CONFIG_HAVE_KPROBES=y
+CONFIG_HAVE_KRETPROBES=y
+CONFIG_HAVE_OPTPROBES=y
+CONFIG_HAVE_KPROBES_ON_FTRACE=y
+CONFIG_ARCH_CORRECT_STACKTRACE_ON_KRETPROBE=y
+CONFIG_HAVE_FUNCTION_ERROR_INJECTION=y
+CONFIG_HAVE_NMI=y
+CONFIG_TRACE_IRQFLAGS_SUPPORT=y
+CONFIG_TRACE_IRQFLAGS_NMI_SUPPORT=y
+CONFIG_HAVE_ARCH_TRACEHOOK=y
+CONFIG_HAVE_DMA_CONTIGUOUS=y
+CONFIG_GENERIC_SMP_IDLE_THREAD=y
+CONFIG_ARCH_HAS_FORTIFY_SOURCE=y
+CONFIG_ARCH_HAS_SET_MEMORY=y
+CONFIG_ARCH_HAS_SET_DIRECT_MAP=y
+CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y
+CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y
+CONFIG_ARCH_WANTS_NO_INSTR=y
+CONFIG_HAVE_ASM_MODVERSIONS=y
+CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
+CONFIG_HAVE_RSEQ=y
+CONFIG_HAVE_RUST=y
+CONFIG_HAVE_FUNCTION_ARG_ACCESS_API=y
+CONFIG_HAVE_HW_BREAKPOINT=y
+CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y
+CONFIG_HAVE_USER_RETURN_NOTIFIER=y
+CONFIG_HAVE_PERF_EVENTS_NMI=y
+CONFIG_HAVE_HARDLOCKUP_DETECTOR_PERF=y
+CONFIG_HAVE_PERF_REGS=y
+CONFIG_HAVE_PERF_USER_STACK_DUMP=y
+CONFIG_HAVE_ARCH_JUMP_LABEL=y
+CONFIG_HAVE_ARCH_JUMP_LABEL_RELATIVE=y
+CONFIG_MMU_GATHER_TABLE_FREE=y
+CONFIG_MMU_GATHER_RCU_TABLE_FREE=y
+CONFIG_MMU_GATHER_MERGE_VMAS=y
+CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
+CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
+CONFIG_HAVE_CMPXCHG_LOCAL=y
+CONFIG_HAVE_CMPXCHG_DOUBLE=y
+CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION=y
+CONFIG_ARCH_WANT_OLD_COMPAT_IPC=y
+CONFIG_HAVE_ARCH_SECCOMP=y
+CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
+CONFIG_SECCOMP=y
+CONFIG_SECCOMP_FILTER=y
+# CONFIG_SECCOMP_CACHE_DEBUG is not set
+CONFIG_HAVE_ARCH_STACKLEAK=y
+CONFIG_HAVE_STACKPROTECTOR=y
+CONFIG_STACKPROTECTOR=y
+CONFIG_STACKPROTECTOR_STRONG=y
+CONFIG_ARCH_SUPPORTS_LTO_CLANG=y
+CONFIG_ARCH_SUPPORTS_LTO_CLANG_THIN=y
+CONFIG_LTO_NONE=y
+CONFIG_ARCH_SUPPORTS_CFI_CLANG=y
+CONFIG_HAVE_ARCH_WITHIN_STACK_FRAMES=y
+CONFIG_HAVE_CONTEXT_TRACKING_USER=y
+CONFIG_HAVE_CONTEXT_TRACKING_USER_OFFSTACK=y
+CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
+CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
+CONFIG_HAVE_MOVE_PUD=y
+CONFIG_HAVE_MOVE_PMD=y
+CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y
+CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD=y
+CONFIG_HAVE_ARCH_HUGE_VMAP=y
+CONFIG_HAVE_ARCH_HUGE_VMALLOC=y
+CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
+CONFIG_HAVE_ARCH_SOFT_DIRTY=y
+CONFIG_HAVE_MOD_ARCH_SPECIFIC=y
+CONFIG_MODULES_USE_ELF_RELA=y
+CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
+CONFIG_HAVE_SOFTIRQ_ON_OWN_STACK=y
+CONFIG_SOFTIRQ_ON_OWN_STACK=y
+CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
+CONFIG_HAVE_ARCH_MMAP_RND_BITS=y
+CONFIG_HAVE_EXIT_THREAD=y
+CONFIG_ARCH_MMAP_RND_BITS=28
+CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y
+CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8
+CONFIG_HAVE_ARCH_COMPAT_MMAP_BASES=y
+CONFIG_PAGE_SIZE_LESS_THAN_64KB=y
+CONFIG_PAGE_SIZE_LESS_THAN_256KB=y
+CONFIG_HAVE_OBJTOOL=y
+CONFIG_HAVE_JUMP_LABEL_HACK=y
+CONFIG_HAVE_NOINSTR_HACK=y
+CONFIG_HAVE_NOINSTR_VALIDATION=y
+CONFIG_HAVE_UACCESS_VALIDATION=y
+CONFIG_HAVE_STACK_VALIDATION=y
+CONFIG_HAVE_RELIABLE_STACKTRACE=y
+CONFIG_OLD_SIGSUSPEND3=y
+CONFIG_COMPAT_OLD_SIGACTION=y
+CONFIG_COMPAT_32BIT_TIME=y
+CONFIG_HAVE_ARCH_VMAP_STACK=y
+CONFIG_VMAP_STACK=y
+CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y
+CONFIG_RANDOMIZE_KSTACK_OFFSET=y
+# CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT is not set
+CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y
+CONFIG_STRICT_KERNEL_RWX=y
+CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y
+CONFIG_STRICT_MODULE_RWX=y
+CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y
+CONFIG_ARCH_USE_MEMREMAP_PROT=y
+# CONFIG_LOCK_EVENT_COUNTS is not set
+CONFIG_ARCH_HAS_MEM_ENCRYPT=y
+CONFIG_ARCH_HAS_CC_PLATFORM=y
+CONFIG_HAVE_STATIC_CALL=y
+CONFIG_HAVE_STATIC_CALL_INLINE=y
+CONFIG_HAVE_PREEMPT_DYNAMIC=y
+CONFIG_HAVE_PREEMPT_DYNAMIC_CALL=y
+CONFIG_ARCH_WANT_LD_ORPHAN_WARN=y
+CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
+CONFIG_ARCH_SUPPORTS_PAGE_TABLE_CHECK=y
+CONFIG_ARCH_HAS_ELFCORE_COMPAT=y
+CONFIG_ARCH_HAS_PARANOID_L1D_FLUSH=y
+CONFIG_DYNAMIC_SIGFRAME=y
+CONFIG_HAVE_ARCH_NODE_DEV_GROUP=y
+CONFIG_ARCH_HAS_NONLEAF_PMD_YOUNG=y
+
+#
+# GCOV-based kernel profiling
+#
+# CONFIG_GCOV_KERNEL is not set
+CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
+# end of GCOV-based kernel profiling
+
+CONFIG_HAVE_GCC_PLUGINS=y
+# end of General architecture-dependent options
+
+CONFIG_RT_MUTEXES=y
+CONFIG_BASE_SMALL=0
+CONFIG_MODULE_SIG_FORMAT=y
+CONFIG_MODULES=y
+CONFIG_MODULE_FORCE_LOAD=y
+CONFIG_MODULE_UNLOAD=y
+# CONFIG_MODULE_FORCE_UNLOAD is not set
+# CONFIG_MODULE_UNLOAD_TAINT_TRACKING is not set
+CONFIG_MODVERSIONS=y
+CONFIG_ASM_MODVERSIONS=y
+CONFIG_MODULE_SRCVERSION_ALL=y
+CONFIG_MODULE_SIG=y
+# CONFIG_MODULE_SIG_FORCE is not set
+CONFIG_MODULE_SIG_ALL=y
+# CONFIG_MODULE_SIG_SHA1 is not set
+# CONFIG_MODULE_SIG_SHA224 is not set
+CONFIG_MODULE_SIG_SHA256=y
+# CONFIG_MODULE_SIG_SHA384 is not set
+# CONFIG_MODULE_SIG_SHA512 is not set
+CONFIG_MODULE_SIG_HASH="sha256"
+CONFIG_MODULE_COMPRESS_NONE=y
+# CONFIG_MODULE_COMPRESS_GZIP is not set
+# CONFIG_MODULE_COMPRESS_XZ is not set
+# CONFIG_MODULE_COMPRESS_ZSTD is not set
+# CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set
+CONFIG_MODPROBE_PATH="/sbin/modprobe"
+CONFIG_MODULES_TREE_LOOKUP=y
+CONFIG_BLOCK=y
+CONFIG_BLOCK_LEGACY_AUTOLOAD=y
+CONFIG_BLK_CGROUP_RWSTAT=y
+CONFIG_BLK_DEV_BSG_COMMON=y
+CONFIG_BLK_ICQ=y
+CONFIG_BLK_DEV_BSGLIB=y
+CONFIG_BLK_DEV_INTEGRITY=y
+CONFIG_BLK_DEV_INTEGRITY_T10=m
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_DEV_THROTTLING=y
+# CONFIG_BLK_DEV_THROTTLING_LOW is not set
+CONFIG_BLK_WBT=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_CGROUP_IOLATENCY is not set
+# CONFIG_BLK_CGROUP_FC_APPID is not set
+# CONFIG_BLK_CGROUP_IOCOST is not set
+# CONFIG_BLK_CGROUP_IOPRIO is not set
+CONFIG_BLK_DEBUG_FS=y
+CONFIG_BLK_DEBUG_FS_ZONED=y
+# CONFIG_BLK_SED_OPAL is not set
+# CONFIG_BLK_INLINE_ENCRYPTION is not set
+
+#
+# Partition Types
+#
+CONFIG_PARTITION_ADVANCED=y
+# CONFIG_ACORN_PARTITION is not set
+# CONFIG_AIX_PARTITION is not set
+CONFIG_OSF_PARTITION=y
+CONFIG_AMIGA_PARTITION=y
+# CONFIG_ATARI_PARTITION is not set
+CONFIG_MAC_PARTITION=y
+CONFIG_MSDOS_PARTITION=y
+CONFIG_BSD_DISKLABEL=y
+CONFIG_MINIX_SUBPARTITION=y
+CONFIG_SOLARIS_X86_PARTITION=y
+CONFIG_UNIXWARE_DISKLABEL=y
+# CONFIG_LDM_PARTITION is not set
+CONFIG_SGI_PARTITION=y
+# CONFIG_ULTRIX_PARTITION is not set
+CONFIG_SUN_PARTITION=y
+CONFIG_KARMA_PARTITION=y
+CONFIG_EFI_PARTITION=y
+# CONFIG_SYSV68_PARTITION is not set
+# CONFIG_CMDLINE_PARTITION is not set
+# end of Partition Types
+
+CONFIG_BLOCK_COMPAT=y
+CONFIG_BLK_MQ_PCI=y
+CONFIG_BLK_MQ_VIRTIO=y
+CONFIG_BLK_MQ_RDMA=y
+CONFIG_BLK_PM=y
+CONFIG_BLOCK_HOLDER_DEPRECATED=y
+CONFIG_BLK_MQ_STACKING=y
+
+#
+# IO Schedulers
+#
+CONFIG_MQ_IOSCHED_DEADLINE=y
+CONFIG_MQ_IOSCHED_KYBER=y
+CONFIG_IOSCHED_BFQ=y
+CONFIG_BFQ_GROUP_IOSCHED=y
+# CONFIG_BFQ_CGROUP_DEBUG is not set
+# end of IO Schedulers
+
+CONFIG_PREEMPT_NOTIFIERS=y
+CONFIG_PADATA=y
+CONFIG_ASN1=y
+CONFIG_UNINLINE_SPIN_UNLOCK=y
+CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y
+CONFIG_MUTEX_SPIN_ON_OWNER=y
+CONFIG_RWSEM_SPIN_ON_OWNER=y
+CONFIG_LOCK_SPIN_ON_OWNER=y
+CONFIG_ARCH_USE_QUEUED_SPINLOCKS=y
+CONFIG_QUEUED_SPINLOCKS=y
+CONFIG_ARCH_USE_QUEUED_RWLOCKS=y
+CONFIG_QUEUED_RWLOCKS=y
+CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE=y
+CONFIG_ARCH_HAS_SYNC_CORE_BEFORE_USERMODE=y
+CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y
+CONFIG_FREEZER=y
+
+#
+# Executable file formats
+#
+CONFIG_BINFMT_ELF=y
+CONFIG_COMPAT_BINFMT_ELF=y
+CONFIG_ELFCORE=y
+CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y
+CONFIG_BINFMT_SCRIPT=y
+CONFIG_BINFMT_MISC=m
+CONFIG_COREDUMP=y
+# end of Executable file formats
+
+#
+# Memory Management options
+#
+CONFIG_ZPOOL=y
+CONFIG_SWAP=y
+CONFIG_ZSWAP=y
+# CONFIG_ZSWAP_DEFAULT_ON is not set
+# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_DEFLATE is not set
+CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y
+# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_842 is not set
+# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZ4 is not set
+# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZ4HC is not set
+# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_ZSTD is not set
+CONFIG_ZSWAP_COMPRESSOR_DEFAULT="lzo"
+CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y
+# CONFIG_ZSWAP_ZPOOL_DEFAULT_Z3FOLD is not set
+# CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set
+CONFIG_ZSWAP_ZPOOL_DEFAULT="zbud"
+CONFIG_ZBUD=y
+# CONFIG_Z3FOLD is not set
+CONFIG_ZSMALLOC=y
+CONFIG_ZSMALLOC_STAT=y
+
+#
+# SLAB allocator options
+#
+# CONFIG_SLAB is not set
+CONFIG_SLUB=y
+CONFIG_SLAB_MERGE_DEFAULT=y
+CONFIG_SLAB_FREELIST_RANDOM=y
+# CONFIG_SLAB_FREELIST_HARDENED is not set
+# CONFIG_SLUB_STATS is not set
+CONFIG_SLUB_CPU_PARTIAL=y
+# end of SLAB allocator options
+
+CONFIG_SHUFFLE_PAGE_ALLOCATOR=y
+# CONFIG_COMPAT_BRK is not set
+CONFIG_SPARSEMEM=y
+CONFIG_SPARSEMEM_EXTREME=y
+CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
+CONFIG_SPARSEMEM_VMEMMAP=y
+CONFIG_HAVE_FAST_GUP=y
+CONFIG_NUMA_KEEP_MEMINFO=y
+CONFIG_MEMORY_ISOLATION=y
+CONFIG_EXCLUSIVE_SYSTEM_RAM=y
+CONFIG_HAVE_BOOTMEM_INFO_NODE=y
+CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
+CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y
+CONFIG_MEMORY_HOTPLUG=y
+CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE=y
+CONFIG_MEMORY_HOTREMOVE=y
+CONFIG_MHP_MEMMAP_ON_MEMORY=y
+CONFIG_SPLIT_PTLOCK_CPUS=4
+CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
+CONFIG_MEMORY_BALLOON=y
+CONFIG_BALLOON_COMPACTION=y
+CONFIG_COMPACTION=y
+CONFIG_COMPACT_UNEVICTABLE_DEFAULT=1
+CONFIG_PAGE_REPORTING=y
+CONFIG_MIGRATION=y
+CONFIG_DEVICE_MIGRATION=y
+CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y
+CONFIG_ARCH_ENABLE_THP_MIGRATION=y
+CONFIG_CONTIG_ALLOC=y
+CONFIG_PHYS_ADDR_T_64BIT=y
+CONFIG_MMU_NOTIFIER=y
+CONFIG_KSM=y
+CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
+CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y
+CONFIG_MEMORY_FAILURE=y
+CONFIG_HWPOISON_INJECT=m
+CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
+CONFIG_ARCH_WANTS_THP_SWAP=y
+CONFIG_TRANSPARENT_HUGEPAGE=y
+CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=y
+# CONFIG_TRANSPARENT_HUGEPAGE_MADVISE is not set
+CONFIG_THP_SWAP=y
+# CONFIG_READ_ONLY_THP_FOR_FS is not set
+CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
+CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
+CONFIG_USE_PERCPU_NUMA_NODE_ID=y
+CONFIG_HAVE_SETUP_PER_CPU_AREA=y
+CONFIG_FRONTSWAP=y
+# CONFIG_CMA is not set
+CONFIG_MEM_SOFT_DIRTY=y
+CONFIG_GENERIC_EARLY_IOREMAP=y
+CONFIG_DEFERRED_STRUCT_PAGE_INIT=y
+CONFIG_PAGE_IDLE_FLAG=y
+CONFIG_IDLE_PAGE_TRACKING=y
+CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
+CONFIG_ARCH_HAS_CURRENT_STACK_POINTER=y
+CONFIG_ARCH_HAS_PTE_DEVMAP=y
+CONFIG_ZONE_DMA=y
+CONFIG_ZONE_DMA32=y
+CONFIG_ZONE_DEVICE=y
+CONFIG_HMM_MIRROR=y
+CONFIG_GET_FREE_REGION=y
+CONFIG_DEVICE_PRIVATE=y
+CONFIG_VMAP_PFN=y
+CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y
+CONFIG_ARCH_HAS_PKEYS=y
+CONFIG_VM_EVENT_COUNTERS=y
+# CONFIG_PERCPU_STATS is not set
+# CONFIG_GUP_TEST is not set
+CONFIG_ARCH_HAS_PTE_SPECIAL=y
+CONFIG_MAPPING_DIRTY_HELPERS=y
+CONFIG_SECRETMEM=y
+# CONFIG_ANON_VMA_NAME is not set
+CONFIG_USERFAULTFD=y
+CONFIG_HAVE_ARCH_USERFAULTFD_WP=y
+CONFIG_HAVE_ARCH_USERFAULTFD_MINOR=y
+CONFIG_PTE_MARKER=y
+CONFIG_PTE_MARKER_UFFD_WP=y
+# CONFIG_LRU_GEN is not set
+
+#
+# Data Access Monitoring
+#
+# CONFIG_DAMON is not set
+# end of Data Access Monitoring
+# end of Memory Management options
+
+CONFIG_NET=y
+CONFIG_NET_INGRESS=y
+CONFIG_NET_EGRESS=y
+CONFIG_NET_REDIRECT=y
+CONFIG_SKB_EXTENSIONS=y
+
+#
+# Networking options
+#
+CONFIG_PACKET=y
+CONFIG_PACKET_DIAG=m
+CONFIG_UNIX=y
+CONFIG_UNIX_SCM=y
+CONFIG_AF_UNIX_OOB=y
+CONFIG_UNIX_DIAG=m
+CONFIG_TLS=m
+CONFIG_TLS_DEVICE=y
+# CONFIG_TLS_TOE is not set
+CONFIG_XFRM=y
+CONFIG_XFRM_OFFLOAD=y
+CONFIG_XFRM_ALGO=y
+CONFIG_XFRM_USER=y
+# CONFIG_XFRM_USER_COMPAT is not set
+CONFIG_XFRM_INTERFACE=m
+CONFIG_XFRM_SUB_POLICY=y
+CONFIG_XFRM_MIGRATE=y
+CONFIG_XFRM_STATISTICS=y
+CONFIG_XFRM_AH=m
+CONFIG_XFRM_ESP=m
+CONFIG_XFRM_IPCOMP=m
+CONFIG_NET_KEY=m
+CONFIG_NET_KEY_MIGRATE=y
+# CONFIG_SMC is not set
+CONFIG_XDP_SOCKETS=y
+# CONFIG_XDP_SOCKETS_DIAG is not set
+CONFIG_INET=y
+CONFIG_IP_MULTICAST=y
+CONFIG_IP_ADVANCED_ROUTER=y
+CONFIG_IP_FIB_TRIE_STATS=y
+CONFIG_IP_MULTIPLE_TABLES=y
+CONFIG_IP_ROUTE_MULTIPATH=y
+CONFIG_IP_ROUTE_VERBOSE=y
+CONFIG_IP_ROUTE_CLASSID=y
+# CONFIG_IP_PNP is not set
+CONFIG_NET_IPIP=m
+CONFIG_NET_IPGRE_DEMUX=m
+CONFIG_NET_IP_TUNNEL=m
+CONFIG_NET_IPGRE=m
+CONFIG_NET_IPGRE_BROADCAST=y
+CONFIG_IP_MROUTE_COMMON=y
+CONFIG_IP_MROUTE=y
+CONFIG_IP_MROUTE_MULTIPLE_TABLES=y
+CONFIG_IP_PIMSM_V1=y
+CONFIG_IP_PIMSM_V2=y
+CONFIG_SYN_COOKIES=y
+CONFIG_NET_IPVTI=m
+CONFIG_NET_UDP_TUNNEL=m
+# CONFIG_NET_FOU is not set
+# CONFIG_NET_FOU_IP_TUNNELS is not set
+CONFIG_INET_AH=m
+CONFIG_INET_ESP=m
+CONFIG_INET_ESP_OFFLOAD=m
+# CONFIG_INET_ESPINTCP is not set
+CONFIG_INET_IPCOMP=m
+CONFIG_INET_TABLE_PERTURB_ORDER=16
+CONFIG_INET_XFRM_TUNNEL=m
+CONFIG_INET_TUNNEL=m
+CONFIG_INET_DIAG=m
+CONFIG_INET_TCP_DIAG=m
+CONFIG_INET_UDP_DIAG=m
+CONFIG_INET_RAW_DIAG=m
+# CONFIG_INET_DIAG_DESTROY is not set
+CONFIG_TCP_CONG_ADVANCED=y
+CONFIG_TCP_CONG_BIC=m
+CONFIG_TCP_CONG_CUBIC=y
+CONFIG_TCP_CONG_WESTWOOD=m
+CONFIG_TCP_CONG_HTCP=m
+CONFIG_TCP_CONG_HSTCP=m
+CONFIG_TCP_CONG_HYBLA=m
+CONFIG_TCP_CONG_VEGAS=m
+CONFIG_TCP_CONG_NV=m
+CONFIG_TCP_CONG_SCALABLE=m
+CONFIG_TCP_CONG_LP=m
+CONFIG_TCP_CONG_VENO=m
+CONFIG_TCP_CONG_YEAH=m
+CONFIG_TCP_CONG_ILLINOIS=m
+CONFIG_TCP_CONG_DCTCP=m
+# CONFIG_TCP_CONG_CDG is not set
+CONFIG_TCP_CONG_BBR=m
+CONFIG_DEFAULT_CUBIC=y
+# CONFIG_DEFAULT_RENO is not set
+CONFIG_DEFAULT_TCP_CONG="cubic"
+CONFIG_TCP_MD5SIG=y
+CONFIG_IPV6=y
+CONFIG_IPV6_ROUTER_PREF=y
+CONFIG_IPV6_ROUTE_INFO=y
+CONFIG_IPV6_OPTIMISTIC_DAD=y
+CONFIG_INET6_AH=m
+CONFIG_INET6_ESP=m
+CONFIG_INET6_ESP_OFFLOAD=m
+# CONFIG_INET6_ESPINTCP is not set
+CONFIG_INET6_IPCOMP=m
+CONFIG_IPV6_MIP6=m
+# CONFIG_IPV6_ILA is not set
+CONFIG_INET6_XFRM_TUNNEL=m
+CONFIG_INET6_TUNNEL=m
+CONFIG_IPV6_VTI=m
+CONFIG_IPV6_SIT=m
+CONFIG_IPV6_SIT_6RD=y
+CONFIG_IPV6_NDISC_NODETYPE=y
+CONFIG_IPV6_TUNNEL=m
+CONFIG_IPV6_GRE=m
+CONFIG_IPV6_MULTIPLE_TABLES=y
+# CONFIG_IPV6_SUBTREES is not set
+CONFIG_IPV6_MROUTE=y
+CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y
+CONFIG_IPV6_PIMSM_V2=y
+# CONFIG_IPV6_SEG6_LWTUNNEL is not set
+# CONFIG_IPV6_SEG6_HMAC is not set
+# CONFIG_IPV6_RPL_LWTUNNEL is not set
+# CONFIG_IPV6_IOAM6_LWTUNNEL is not set
+CONFIG_NETLABEL=y
+# CONFIG_MPTCP is not set
+CONFIG_NETWORK_SECMARK=y
+CONFIG_NET_PTP_CLASSIFY=y
+CONFIG_NETWORK_PHY_TIMESTAMPING=y
+CONFIG_NETFILTER=y
+CONFIG_NETFILTER_ADVANCED=y
+CONFIG_BRIDGE_NETFILTER=m
+
+#
+# Core Netfilter Configuration
+#
+CONFIG_NETFILTER_INGRESS=y
+CONFIG_NETFILTER_EGRESS=y
+CONFIG_NETFILTER_SKIP_EGRESS=y
+CONFIG_NETFILTER_NETLINK=m
+CONFIG_NETFILTER_FAMILY_BRIDGE=y
+CONFIG_NETFILTER_FAMILY_ARP=y
+# CONFIG_NETFILTER_NETLINK_HOOK is not set
+# CONFIG_NETFILTER_NETLINK_ACCT is not set
+CONFIG_NETFILTER_NETLINK_QUEUE=m
+CONFIG_NETFILTER_NETLINK_LOG=m
+CONFIG_NETFILTER_NETLINK_OSF=m
+CONFIG_NF_CONNTRACK=m
+CONFIG_NF_LOG_SYSLOG=m
+CONFIG_NETFILTER_CONNCOUNT=m
+CONFIG_NF_CONNTRACK_MARK=y
+CONFIG_NF_CONNTRACK_SECMARK=y
+CONFIG_NF_CONNTRACK_ZONES=y
+CONFIG_NF_CONNTRACK_PROCFS=y
+CONFIG_NF_CONNTRACK_EVENTS=y
+CONFIG_NF_CONNTRACK_TIMEOUT=y
+CONFIG_NF_CONNTRACK_TIMESTAMP=y
+CONFIG_NF_CONNTRACK_LABELS=y
+CONFIG_NF_CT_PROTO_DCCP=y
+CONFIG_NF_CT_PROTO_GRE=y
+CONFIG_NF_CT_PROTO_SCTP=y
+CONFIG_NF_CT_PROTO_UDPLITE=y
+CONFIG_NF_CONNTRACK_AMANDA=m
+CONFIG_NF_CONNTRACK_FTP=m
+CONFIG_NF_CONNTRACK_H323=m
+CONFIG_NF_CONNTRACK_IRC=m
+CONFIG_NF_CONNTRACK_BROADCAST=m
+CONFIG_NF_CONNTRACK_NETBIOS_NS=m
+CONFIG_NF_CONNTRACK_SNMP=m
+CONFIG_NF_CONNTRACK_PPTP=m
+CONFIG_NF_CONNTRACK_SANE=m
+CONFIG_NF_CONNTRACK_SIP=m
+CONFIG_NF_CONNTRACK_TFTP=m
+CONFIG_NF_CT_NETLINK=m
+CONFIG_NF_CT_NETLINK_TIMEOUT=m
+CONFIG_NF_CT_NETLINK_HELPER=m
+CONFIG_NETFILTER_NETLINK_GLUE_CT=y
+CONFIG_NF_NAT=m
+CONFIG_NF_NAT_AMANDA=m
+CONFIG_NF_NAT_FTP=m
+CONFIG_NF_NAT_IRC=m
+CONFIG_NF_NAT_SIP=m
+CONFIG_NF_NAT_TFTP=m
+CONFIG_NF_NAT_REDIRECT=y
+CONFIG_NF_NAT_MASQUERADE=y
+CONFIG_NETFILTER_SYNPROXY=m
+CONFIG_NF_TABLES=m
+CONFIG_NF_TABLES_INET=y
+CONFIG_NF_TABLES_NETDEV=y
+CONFIG_NFT_NUMGEN=m
+CONFIG_NFT_CT=m
+CONFIG_NFT_CONNLIMIT=m
+CONFIG_NFT_LOG=m
+CONFIG_NFT_LIMIT=m
+CONFIG_NFT_MASQ=m
+CONFIG_NFT_REDIR=m
+CONFIG_NFT_NAT=m
+# CONFIG_NFT_TUNNEL is not set
+CONFIG_NFT_OBJREF=m
+CONFIG_NFT_QUEUE=m
+CONFIG_NFT_QUOTA=m
+CONFIG_NFT_REJECT=m
+CONFIG_NFT_REJECT_INET=m
+CONFIG_NFT_COMPAT=m
+CONFIG_NFT_HASH=m
+CONFIG_NFT_FIB=m
+CONFIG_NFT_FIB_INET=m
+# CONFIG_NFT_XFRM is not set
+# CONFIG_NFT_SOCKET is not set
+# CONFIG_NFT_OSF is not set
+# CONFIG_NFT_TPROXY is not set
+# CONFIG_NFT_SYNPROXY is not set
+CONFIG_NF_DUP_NETDEV=m
+CONFIG_NFT_DUP_NETDEV=m
+CONFIG_NFT_FWD_NETDEV=m
+CONFIG_NFT_FIB_NETDEV=m
+# CONFIG_NFT_REJECT_NETDEV is not set
+# CONFIG_NF_FLOW_TABLE is not set
+CONFIG_NETFILTER_XTABLES=y
+CONFIG_NETFILTER_XTABLES_COMPAT=y
+
+#
+# Xtables combined modules
+#
+CONFIG_NETFILTER_XT_MARK=m
+CONFIG_NETFILTER_XT_CONNMARK=m
+CONFIG_NETFILTER_XT_SET=m
+
+#
+# Xtables targets
+#
+CONFIG_NETFILTER_XT_TARGET_AUDIT=m
+CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m
+CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
+CONFIG_NETFILTER_XT_TARGET_CONNMARK=m
+CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m
+CONFIG_NETFILTER_XT_TARGET_CT=m
+CONFIG_NETFILTER_XT_TARGET_DSCP=m
+CONFIG_NETFILTER_XT_TARGET_HL=m
+CONFIG_NETFILTER_XT_TARGET_HMARK=m
+CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m
+# CONFIG_NETFILTER_XT_TARGET_LED is not set
+CONFIG_NETFILTER_XT_TARGET_LOG=m
+CONFIG_NETFILTER_XT_TARGET_MARK=m
+CONFIG_NETFILTER_XT_NAT=m
+CONFIG_NETFILTER_XT_TARGET_NETMAP=m
+CONFIG_NETFILTER_XT_TARGET_NFLOG=m
+CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
+CONFIG_NETFILTER_XT_TARGET_NOTRACK=m
+CONFIG_NETFILTER_XT_TARGET_RATEEST=m
+CONFIG_NETFILTER_XT_TARGET_REDIRECT=m
+CONFIG_NETFILTER_XT_TARGET_MASQUERADE=m
+CONFIG_NETFILTER_XT_TARGET_TEE=m
+CONFIG_NETFILTER_XT_TARGET_TPROXY=m
+CONFIG_NETFILTER_XT_TARGET_TRACE=m
+CONFIG_NETFILTER_XT_TARGET_SECMARK=m
+CONFIG_NETFILTER_XT_TARGET_TCPMSS=m
+CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m
+
+#
+# Xtables matches
+#
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
+CONFIG_NETFILTER_XT_MATCH_BPF=m
+CONFIG_NETFILTER_XT_MATCH_CGROUP=m
+CONFIG_NETFILTER_XT_MATCH_CLUSTER=m
+CONFIG_NETFILTER_XT_MATCH_COMMENT=m
+CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m
+CONFIG_NETFILTER_XT_MATCH_CONNLABEL=m
+CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m
+CONFIG_NETFILTER_XT_MATCH_CONNMARK=m
+CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
+CONFIG_NETFILTER_XT_MATCH_CPU=m
+CONFIG_NETFILTER_XT_MATCH_DCCP=m
+CONFIG_NETFILTER_XT_MATCH_DEVGROUP=m
+CONFIG_NETFILTER_XT_MATCH_DSCP=m
+CONFIG_NETFILTER_XT_MATCH_ECN=m
+CONFIG_NETFILTER_XT_MATCH_ESP=m
+CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m
+CONFIG_NETFILTER_XT_MATCH_HELPER=m
+CONFIG_NETFILTER_XT_MATCH_HL=m
+# CONFIG_NETFILTER_XT_MATCH_IPCOMP is not set
+CONFIG_NETFILTER_XT_MATCH_IPRANGE=m
+CONFIG_NETFILTER_XT_MATCH_IPVS=m
+# CONFIG_NETFILTER_XT_MATCH_L2TP is not set
+CONFIG_NETFILTER_XT_MATCH_LENGTH=m
+CONFIG_NETFILTER_XT_MATCH_LIMIT=m
+CONFIG_NETFILTER_XT_MATCH_MAC=m
+CONFIG_NETFILTER_XT_MATCH_MARK=m
+CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
+# CONFIG_NETFILTER_XT_MATCH_NFACCT is not set
+CONFIG_NETFILTER_XT_MATCH_OSF=m
+CONFIG_NETFILTER_XT_MATCH_OWNER=m
+CONFIG_NETFILTER_XT_MATCH_POLICY=m
+CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m
+CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
+CONFIG_NETFILTER_XT_MATCH_QUOTA=m
+CONFIG_NETFILTER_XT_MATCH_RATEEST=m
+CONFIG_NETFILTER_XT_MATCH_REALM=m
+CONFIG_NETFILTER_XT_MATCH_RECENT=m
+CONFIG_NETFILTER_XT_MATCH_SCTP=m
+CONFIG_NETFILTER_XT_MATCH_SOCKET=m
+CONFIG_NETFILTER_XT_MATCH_STATE=m
+CONFIG_NETFILTER_XT_MATCH_STATISTIC=m
+CONFIG_NETFILTER_XT_MATCH_STRING=m
+CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
+# CONFIG_NETFILTER_XT_MATCH_TIME is not set
+# CONFIG_NETFILTER_XT_MATCH_U32 is not set
+# end of Core Netfilter Configuration
+
+CONFIG_IP_SET=m
+CONFIG_IP_SET_MAX=256
+CONFIG_IP_SET_BITMAP_IP=m
+CONFIG_IP_SET_BITMAP_IPMAC=m
+CONFIG_IP_SET_BITMAP_PORT=m
+CONFIG_IP_SET_HASH_IP=m
+CONFIG_IP_SET_HASH_IPMARK=m
+CONFIG_IP_SET_HASH_IPPORT=m
+CONFIG_IP_SET_HASH_IPPORTIP=m
+CONFIG_IP_SET_HASH_IPPORTNET=m
+CONFIG_IP_SET_HASH_IPMAC=m
+CONFIG_IP_SET_HASH_MAC=m
+CONFIG_IP_SET_HASH_NETPORTNET=m
+CONFIG_IP_SET_HASH_NET=m
+CONFIG_IP_SET_HASH_NETNET=m
+CONFIG_IP_SET_HASH_NETPORT=m
+CONFIG_IP_SET_HASH_NETIFACE=m
+CONFIG_IP_SET_LIST_SET=m
+CONFIG_IP_VS=m
+CONFIG_IP_VS_IPV6=y
+# CONFIG_IP_VS_DEBUG is not set
+CONFIG_IP_VS_TAB_BITS=12
+
+#
+# IPVS transport protocol load balancing support
+#
+CONFIG_IP_VS_PROTO_TCP=y
+CONFIG_IP_VS_PROTO_UDP=y
+CONFIG_IP_VS_PROTO_AH_ESP=y
+CONFIG_IP_VS_PROTO_ESP=y
+CONFIG_IP_VS_PROTO_AH=y
+CONFIG_IP_VS_PROTO_SCTP=y
+
+#
+# IPVS scheduler
+#
+CONFIG_IP_VS_RR=m
+CONFIG_IP_VS_WRR=m
+CONFIG_IP_VS_LC=m
+CONFIG_IP_VS_WLC=m
+CONFIG_IP_VS_FO=m
+CONFIG_IP_VS_OVF=m
+CONFIG_IP_VS_LBLC=m
+CONFIG_IP_VS_LBLCR=m
+CONFIG_IP_VS_DH=m
+CONFIG_IP_VS_SH=m
+# CONFIG_IP_VS_MH is not set
+CONFIG_IP_VS_SED=m
+CONFIG_IP_VS_NQ=m
+# CONFIG_IP_VS_TWOS is not set
+
+#
+# IPVS SH scheduler
+#
+CONFIG_IP_VS_SH_TAB_BITS=8
+
+#
+# IPVS MH scheduler
+#
+CONFIG_IP_VS_MH_TAB_INDEX=12
+
+#
+# IPVS application helper
+#
+CONFIG_IP_VS_FTP=m
+CONFIG_IP_VS_NFCT=y
+CONFIG_IP_VS_PE_SIP=m
+
+#
+# IP: Netfilter Configuration
+#
+CONFIG_NF_DEFRAG_IPV4=m
+CONFIG_NF_SOCKET_IPV4=m
+CONFIG_NF_TPROXY_IPV4=m
+CONFIG_NF_TABLES_IPV4=y
+CONFIG_NFT_REJECT_IPV4=m
+CONFIG_NFT_DUP_IPV4=m
+CONFIG_NFT_FIB_IPV4=m
+CONFIG_NF_TABLES_ARP=y
+CONFIG_NF_DUP_IPV4=m
+CONFIG_NF_LOG_ARP=m
+CONFIG_NF_LOG_IPV4=m
+CONFIG_NF_REJECT_IPV4=m
+CONFIG_NF_NAT_SNMP_BASIC=m
+CONFIG_NF_NAT_PPTP=m
+CONFIG_NF_NAT_H323=m
+CONFIG_IP_NF_IPTABLES=m
+CONFIG_IP_NF_MATCH_AH=m
+CONFIG_IP_NF_MATCH_ECN=m
+CONFIG_IP_NF_MATCH_RPFILTER=m
+CONFIG_IP_NF_MATCH_TTL=m
+CONFIG_IP_NF_FILTER=m
+CONFIG_IP_NF_TARGET_REJECT=m
+CONFIG_IP_NF_TARGET_SYNPROXY=m
+CONFIG_IP_NF_NAT=m
+CONFIG_IP_NF_TARGET_MASQUERADE=m
+CONFIG_IP_NF_TARGET_NETMAP=m
+CONFIG_IP_NF_TARGET_REDIRECT=m
+CONFIG_IP_NF_MANGLE=m
+# CONFIG_IP_NF_TARGET_CLUSTERIP is not set
+CONFIG_IP_NF_TARGET_ECN=m
+CONFIG_IP_NF_TARGET_TTL=m
+CONFIG_IP_NF_RAW=m
+CONFIG_IP_NF_SECURITY=m
+CONFIG_IP_NF_ARPTABLES=m
+CONFIG_IP_NF_ARPFILTER=m
+CONFIG_IP_NF_ARP_MANGLE=m
+# end of IP: Netfilter Configuration
+
+#
+# IPv6: Netfilter Configuration
+#
+CONFIG_NF_SOCKET_IPV6=m
+CONFIG_NF_TPROXY_IPV6=m
+CONFIG_NF_TABLES_IPV6=y
+CONFIG_NFT_REJECT_IPV6=m
+CONFIG_NFT_DUP_IPV6=m
+CONFIG_NFT_FIB_IPV6=m
+CONFIG_NF_DUP_IPV6=m
+CONFIG_NF_REJECT_IPV6=m
+CONFIG_NF_LOG_IPV6=m
+CONFIG_IP6_NF_IPTABLES=m
+CONFIG_IP6_NF_MATCH_AH=m
+CONFIG_IP6_NF_MATCH_EUI64=m
+CONFIG_IP6_NF_MATCH_FRAG=m
+CONFIG_IP6_NF_MATCH_OPTS=m
+CONFIG_IP6_NF_MATCH_HL=m
+CONFIG_IP6_NF_MATCH_IPV6HEADER=m
+CONFIG_IP6_NF_MATCH_MH=m
+CONFIG_IP6_NF_MATCH_RPFILTER=m
+CONFIG_IP6_NF_MATCH_RT=m
+# CONFIG_IP6_NF_MATCH_SRH is not set
+# CONFIG_IP6_NF_TARGET_HL is not set
+CONFIG_IP6_NF_FILTER=m
+CONFIG_IP6_NF_TARGET_REJECT=m
+CONFIG_IP6_NF_TARGET_SYNPROXY=m
+CONFIG_IP6_NF_MANGLE=m
+CONFIG_IP6_NF_RAW=m
+CONFIG_IP6_NF_SECURITY=m
+CONFIG_IP6_NF_NAT=m
+CONFIG_IP6_NF_TARGET_MASQUERADE=m
+CONFIG_IP6_NF_TARGET_NPT=m
+# end of IPv6: Netfilter Configuration
+
+CONFIG_NF_DEFRAG_IPV6=m
+CONFIG_NF_TABLES_BRIDGE=m
+# CONFIG_NFT_BRIDGE_META is not set
+CONFIG_NFT_BRIDGE_REJECT=m
+# CONFIG_NF_CONNTRACK_BRIDGE is not set
+CONFIG_BRIDGE_NF_EBTABLES=m
+CONFIG_BRIDGE_EBT_BROUTE=m
+CONFIG_BRIDGE_EBT_T_FILTER=m
+CONFIG_BRIDGE_EBT_T_NAT=m
+CONFIG_BRIDGE_EBT_802_3=m
+CONFIG_BRIDGE_EBT_AMONG=m
+CONFIG_BRIDGE_EBT_ARP=m
+CONFIG_BRIDGE_EBT_IP=m
+CONFIG_BRIDGE_EBT_IP6=m
+CONFIG_BRIDGE_EBT_LIMIT=m
+CONFIG_BRIDGE_EBT_MARK=m
+CONFIG_BRIDGE_EBT_PKTTYPE=m
+CONFIG_BRIDGE_EBT_STP=m
+CONFIG_BRIDGE_EBT_VLAN=m
+CONFIG_BRIDGE_EBT_ARPREPLY=m
+CONFIG_BRIDGE_EBT_DNAT=m
+CONFIG_BRIDGE_EBT_MARK_T=m
+CONFIG_BRIDGE_EBT_REDIRECT=m
+CONFIG_BRIDGE_EBT_SNAT=m
+CONFIG_BRIDGE_EBT_LOG=m
+CONFIG_BRIDGE_EBT_NFLOG=m
+# CONFIG_BPFILTER is not set
+# CONFIG_IP_DCCP is not set
+CONFIG_IP_SCTP=m
+# CONFIG_SCTP_DBG_OBJCNT is not set
+# CONFIG_SCTP_DEFAULT_COOKIE_HMAC_MD5 is not set
+CONFIG_SCTP_DEFAULT_COOKIE_HMAC_SHA1=y
+# CONFIG_SCTP_DEFAULT_COOKIE_HMAC_NONE is not set
+CONFIG_SCTP_COOKIE_HMAC_MD5=y
+CONFIG_SCTP_COOKIE_HMAC_SHA1=y
+CONFIG_INET_SCTP_DIAG=m
+# CONFIG_RDS is not set
+CONFIG_TIPC=m
+CONFIG_TIPC_MEDIA_IB=y
+CONFIG_TIPC_MEDIA_UDP=y
+CONFIG_TIPC_CRYPTO=y
+CONFIG_TIPC_DIAG=m
+CONFIG_ATM=m
+CONFIG_ATM_CLIP=m
+# CONFIG_ATM_CLIP_NO_ICMP is not set
+CONFIG_ATM_LANE=m
+# CONFIG_ATM_MPOA is not set
+CONFIG_ATM_BR2684=m
+# CONFIG_ATM_BR2684_IPFILTER is not set
+CONFIG_L2TP=m
+CONFIG_L2TP_DEBUGFS=m
+CONFIG_L2TP_V3=y
+CONFIG_L2TP_IP=m
+CONFIG_L2TP_ETH=m
+CONFIG_STP=m
+CONFIG_GARP=m
+CONFIG_MRP=m
+CONFIG_BRIDGE=m
+CONFIG_BRIDGE_IGMP_SNOOPING=y
+CONFIG_BRIDGE_VLAN_FILTERING=y
+# CONFIG_BRIDGE_MRP is not set
+# CONFIG_BRIDGE_CFM is not set
+# CONFIG_NET_DSA is not set
+CONFIG_VLAN_8021Q=m
+CONFIG_VLAN_8021Q_GVRP=y
+CONFIG_VLAN_8021Q_MVRP=y
+CONFIG_LLC=m
+# CONFIG_LLC2 is not set
+# CONFIG_ATALK is not set
+# CONFIG_X25 is not set
+# CONFIG_LAPB is not set
+# CONFIG_PHONET is not set
+CONFIG_6LOWPAN=m
+# CONFIG_6LOWPAN_DEBUGFS is not set
+# CONFIG_6LOWPAN_NHC is not set
+CONFIG_IEEE802154=m
+# CONFIG_IEEE802154_NL802154_EXPERIMENTAL is not set
+CONFIG_IEEE802154_SOCKET=m
+CONFIG_IEEE802154_6LOWPAN=m
+CONFIG_MAC802154=m
+CONFIG_NET_SCHED=y
+
+#
+# Queueing/Scheduling
+#
+CONFIG_NET_SCH_CBQ=m
+CONFIG_NET_SCH_HTB=m
+CONFIG_NET_SCH_HFSC=m
+CONFIG_NET_SCH_ATM=m
+CONFIG_NET_SCH_PRIO=m
+CONFIG_NET_SCH_MULTIQ=m
+CONFIG_NET_SCH_RED=m
+CONFIG_NET_SCH_SFB=m
+CONFIG_NET_SCH_SFQ=m
+CONFIG_NET_SCH_TEQL=m
+CONFIG_NET_SCH_TBF=m
+# CONFIG_NET_SCH_CBS is not set
+# CONFIG_NET_SCH_ETF is not set
+# CONFIG_NET_SCH_TAPRIO is not set
+CONFIG_NET_SCH_GRED=m
+CONFIG_NET_SCH_DSMARK=m
+CONFIG_NET_SCH_NETEM=m
+CONFIG_NET_SCH_DRR=m
+CONFIG_NET_SCH_MQPRIO=m
+# CONFIG_NET_SCH_SKBPRIO is not set
+CONFIG_NET_SCH_CHOKE=m
+CONFIG_NET_SCH_QFQ=m
+CONFIG_NET_SCH_CODEL=m
+CONFIG_NET_SCH_FQ_CODEL=y
+# CONFIG_NET_SCH_CAKE is not set
+CONFIG_NET_SCH_FQ=m
+CONFIG_NET_SCH_HHF=m
+CONFIG_NET_SCH_PIE=m
+# CONFIG_NET_SCH_FQ_PIE is not set
+CONFIG_NET_SCH_INGRESS=m
+CONFIG_NET_SCH_PLUG=m
+# CONFIG_NET_SCH_ETS is not set
+CONFIG_NET_SCH_DEFAULT=y
+# CONFIG_DEFAULT_FQ is not set
+# CONFIG_DEFAULT_CODEL is not set
+CONFIG_DEFAULT_FQ_CODEL=y
+# CONFIG_DEFAULT_SFQ is not set
+# CONFIG_DEFAULT_PFIFO_FAST is not set
+CONFIG_DEFAULT_NET_SCH="fq_codel"
+
+#
+# Classification
+#
+CONFIG_NET_CLS=y
+CONFIG_NET_CLS_BASIC=m
+CONFIG_NET_CLS_TCINDEX=m
+CONFIG_NET_CLS_ROUTE4=m
+CONFIG_NET_CLS_FW=m
+CONFIG_NET_CLS_U32=m
+CONFIG_CLS_U32_PERF=y
+CONFIG_CLS_U32_MARK=y
+CONFIG_NET_CLS_RSVP=m
+CONFIG_NET_CLS_RSVP6=m
+CONFIG_NET_CLS_FLOW=m
+CONFIG_NET_CLS_CGROUP=y
+CONFIG_NET_CLS_BPF=m
+CONFIG_NET_CLS_FLOWER=m
+CONFIG_NET_CLS_MATCHALL=m
+CONFIG_NET_EMATCH=y
+CONFIG_NET_EMATCH_STACK=32
+CONFIG_NET_EMATCH_CMP=m
+CONFIG_NET_EMATCH_NBYTE=m
+CONFIG_NET_EMATCH_U32=m
+CONFIG_NET_EMATCH_META=m
+CONFIG_NET_EMATCH_TEXT=m
+# CONFIG_NET_EMATCH_CANID is not set
+CONFIG_NET_EMATCH_IPSET=m
+# CONFIG_NET_EMATCH_IPT is not set
+CONFIG_NET_CLS_ACT=y
+CONFIG_NET_ACT_POLICE=m
+CONFIG_NET_ACT_GACT=m
+CONFIG_GACT_PROB=y
+CONFIG_NET_ACT_MIRRED=m
+CONFIG_NET_ACT_SAMPLE=m
+# CONFIG_NET_ACT_IPT is not set
+CONFIG_NET_ACT_NAT=m
+CONFIG_NET_ACT_PEDIT=m
+CONFIG_NET_ACT_SIMP=m
+CONFIG_NET_ACT_SKBEDIT=m
+CONFIG_NET_ACT_CSUM=m
+# CONFIG_NET_ACT_MPLS is not set
+CONFIG_NET_ACT_VLAN=m
+CONFIG_NET_ACT_BPF=m
+# CONFIG_NET_ACT_CONNMARK is not set
+# CONFIG_NET_ACT_CTINFO is not set
+CONFIG_NET_ACT_SKBMOD=m
+# CONFIG_NET_ACT_IFE is not set
+CONFIG_NET_ACT_TUNNEL_KEY=m
+# CONFIG_NET_ACT_GATE is not set
+# CONFIG_NET_TC_SKB_EXT is not set
+CONFIG_NET_SCH_FIFO=y
+CONFIG_DCB=y
+CONFIG_DNS_RESOLVER=m
+# CONFIG_BATMAN_ADV is not set
+CONFIG_OPENVSWITCH=m
+CONFIG_OPENVSWITCH_GRE=m
+CONFIG_OPENVSWITCH_VXLAN=m
+CONFIG_OPENVSWITCH_GENEVE=m
+CONFIG_VSOCKETS=m
+CONFIG_VSOCKETS_DIAG=m
+CONFIG_VSOCKETS_LOOPBACK=m
+CONFIG_VMWARE_VMCI_VSOCKETS=m
+CONFIG_VIRTIO_VSOCKETS=m
+CONFIG_VIRTIO_VSOCKETS_COMMON=m
+CONFIG_HYPERV_VSOCKETS=m
+CONFIG_NETLINK_DIAG=m
+CONFIG_MPLS=y
+CONFIG_NET_MPLS_GSO=y
+CONFIG_MPLS_ROUTING=m
+CONFIG_MPLS_IPTUNNEL=m
+CONFIG_NET_NSH=y
+# CONFIG_HSR is not set
+CONFIG_NET_SWITCHDEV=y
+CONFIG_NET_L3_MASTER_DEV=y
+# CONFIG_QRTR is not set
+# CONFIG_NET_NCSI is not set
+CONFIG_PCPU_DEV_REFCNT=y
+CONFIG_RPS=y
+CONFIG_RFS_ACCEL=y
+CONFIG_SOCK_RX_QUEUE_MAPPING=y
+CONFIG_XPS=y
+CONFIG_CGROUP_NET_PRIO=y
+CONFIG_CGROUP_NET_CLASSID=y
+CONFIG_NET_RX_BUSY_POLL=y
+CONFIG_BQL=y
+CONFIG_BPF_STREAM_PARSER=y
+CONFIG_NET_FLOW_LIMIT=y
+
+#
+# Network testing
+#
+CONFIG_NET_PKTGEN=m
+CONFIG_NET_DROP_MONITOR=y
+# end of Network testing
+# end of Networking options
+
+# CONFIG_HAMRADIO is not set
+CONFIG_CAN=m
+CONFIG_CAN_RAW=m
+CONFIG_CAN_BCM=m
+CONFIG_CAN_GW=m
+# CONFIG_CAN_J1939 is not set
+# CONFIG_CAN_ISOTP is not set
+CONFIG_BT=m
+CONFIG_BT_BREDR=y
+CONFIG_BT_RFCOMM=m
+CONFIG_BT_RFCOMM_TTY=y
+CONFIG_BT_BNEP=m
+CONFIG_BT_BNEP_MC_FILTER=y
+CONFIG_BT_BNEP_PROTO_FILTER=y
+CONFIG_BT_CMTP=m
+CONFIG_BT_HIDP=m
+CONFIG_BT_HS=y
+CONFIG_BT_LE=y
+# CONFIG_BT_6LOWPAN is not set
+# CONFIG_BT_LEDS is not set
+# CONFIG_BT_MSFTEXT is not set
+# CONFIG_BT_AOSPEXT is not set
+CONFIG_BT_DEBUGFS=y
+# CONFIG_BT_SELFTEST is not set
+
+#
+# Bluetooth device drivers
+#
+CONFIG_BT_INTEL=m
+CONFIG_BT_BCM=m
+CONFIG_BT_RTL=m
+CONFIG_BT_HCIBTUSB=m
+CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
+CONFIG_BT_HCIBTUSB_BCM=y
+# CONFIG_BT_HCIBTUSB_MTK is not set
+CONFIG_BT_HCIBTUSB_RTL=y
+CONFIG_BT_HCIBTSDIO=m
+CONFIG_BT_HCIUART=m
+CONFIG_BT_HCIUART_H4=y
+CONFIG_BT_HCIUART_BCSP=y
+CONFIG_BT_HCIUART_ATH3K=y
+# CONFIG_BT_HCIUART_INTEL is not set
+# CONFIG_BT_HCIUART_AG6XX is not set
+CONFIG_BT_HCIBCM203X=m
+CONFIG_BT_HCIBPA10X=m
+CONFIG_BT_HCIBFUSB=m
+CONFIG_BT_HCIVHCI=m
+CONFIG_BT_MRVL=m
+CONFIG_BT_MRVL_SDIO=m
+CONFIG_BT_ATH3K=m
+# CONFIG_BT_MTKSDIO is not set
+# CONFIG_BT_VIRTIO is not set
+# end of Bluetooth device drivers
+
+# CONFIG_AF_RXRPC is not set
+# CONFIG_AF_KCM is not set
+CONFIG_STREAM_PARSER=y
+# CONFIG_MCTP is not set
+CONFIG_FIB_RULES=y
+CONFIG_WIRELESS=y
+CONFIG_CFG80211=m
+# CONFIG_NL80211_TESTMODE is not set
+# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set
+CONFIG_CFG80211_REQUIRE_SIGNED_REGDB=y
+CONFIG_CFG80211_USE_KERNEL_REGDB_KEYS=y
+CONFIG_CFG80211_DEFAULT_PS=y
+# CONFIG_CFG80211_DEBUGFS is not set
+CONFIG_CFG80211_CRDA_SUPPORT=y
+# CONFIG_CFG80211_WEXT is not set
+CONFIG_MAC80211=m
+CONFIG_MAC80211_HAS_RC=y
+CONFIG_MAC80211_RC_MINSTREL=y
+CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y
+CONFIG_MAC80211_RC_DEFAULT="minstrel_ht"
+# CONFIG_MAC80211_MESH is not set
+CONFIG_MAC80211_LEDS=y
+CONFIG_MAC80211_DEBUGFS=y
+# CONFIG_MAC80211_MESSAGE_TRACING is not set
+# CONFIG_MAC80211_DEBUG_MENU is not set
+CONFIG_MAC80211_STA_HASH_MAX_SIZE=0
+CONFIG_RFKILL=m
+CONFIG_RFKILL_LEDS=y
+CONFIG_RFKILL_INPUT=y
+# CONFIG_RFKILL_GPIO is not set
+# CONFIG_NET_9P is not set
+# CONFIG_CAIF is not set
+CONFIG_CEPH_LIB=m
+# CONFIG_CEPH_LIB_PRETTYDEBUG is not set
+CONFIG_CEPH_LIB_USE_DNS_RESOLVER=y
+# CONFIG_NFC is not set
+CONFIG_PSAMPLE=m
+# CONFIG_NET_IFE is not set
+CONFIG_LWTUNNEL=y
+CONFIG_LWTUNNEL_BPF=y
+CONFIG_DST_CACHE=y
+CONFIG_GRO_CELLS=y
+CONFIG_SOCK_VALIDATE_XMIT=y
+CONFIG_NET_SELFTESTS=y
+CONFIG_NET_SOCK_MSG=y
+CONFIG_NET_DEVLINK=y
+CONFIG_PAGE_POOL=y
+# CONFIG_PAGE_POOL_STATS is not set
+CONFIG_FAILOVER=m
+CONFIG_ETHTOOL_NETLINK=y
+
+#
+# Device Drivers
+#
+CONFIG_HAVE_EISA=y
+# CONFIG_EISA is not set
+CONFIG_HAVE_PCI=y
+CONFIG_PCI=y
+CONFIG_PCI_DOMAINS=y
+CONFIG_PCIEPORTBUS=y
+CONFIG_HOTPLUG_PCI_PCIE=y
+CONFIG_PCIEAER=y
+CONFIG_PCIEAER_INJECT=m
+CONFIG_PCIE_ECRC=y
+CONFIG_PCIEASPM=y
+CONFIG_PCIEASPM_DEFAULT=y
+# CONFIG_PCIEASPM_POWERSAVE is not set
+# CONFIG_PCIEASPM_POWER_SUPERSAVE is not set
+# CONFIG_PCIEASPM_PERFORMANCE is not set
+CONFIG_PCIE_PME=y
+CONFIG_PCIE_DPC=y
+# CONFIG_PCIE_PTM is not set
+# CONFIG_PCIE_EDR is not set
+CONFIG_PCI_MSI=y
+CONFIG_PCI_MSI_IRQ_DOMAIN=y
+CONFIG_PCI_QUIRKS=y
+# CONFIG_PCI_DEBUG is not set
+# CONFIG_PCI_REALLOC_ENABLE_AUTO is not set
+CONFIG_PCI_STUB=y
+CONFIG_PCI_PF_STUB=m
+CONFIG_PCI_ATS=y
+CONFIG_PCI_LOCKLESS_CONFIG=y
+CONFIG_PCI_IOV=y
+CONFIG_PCI_PRI=y
+CONFIG_PCI_PASID=y
+# CONFIG_PCI_P2PDMA is not set
+CONFIG_PCI_LABEL=y
+CONFIG_PCI_HYPERV=m
+CONFIG_VGA_ARB=y
+CONFIG_VGA_ARB_MAX_GPUS=64
+CONFIG_HOTPLUG_PCI=y
+CONFIG_HOTPLUG_PCI_ACPI=y
+CONFIG_HOTPLUG_PCI_ACPI_IBM=m
+# CONFIG_HOTPLUG_PCI_CPCI is not set
+CONFIG_HOTPLUG_PCI_SHPC=y
+
+#
+# PCI controller drivers
+#
+CONFIG_VMD=y
+CONFIG_PCI_HYPERV_INTERFACE=m
+
+#
+# DesignWare PCI Core Support
+#
+# CONFIG_PCIE_DW_PLAT_HOST is not set
+# CONFIG_PCI_MESON is not set
+# end of DesignWare PCI Core Support
+
+#
+# Mobiveil PCIe Core Support
+#
+# end of Mobiveil PCIe Core Support
+
+#
+# Cadence PCIe controllers support
+#
+# end of Cadence PCIe controllers support
+# end of PCI controller drivers
+
+#
+# PCI Endpoint
+#
+# CONFIG_PCI_ENDPOINT is not set
+# end of PCI Endpoint
+
+#
+# PCI switch controller drivers
+#
+# CONFIG_PCI_SW_SWITCHTEC is not set
+# end of PCI switch controller drivers
+
+# CONFIG_CXL_BUS is not set
+CONFIG_PCCARD=y
+# CONFIG_PCMCIA is not set
+CONFIG_CARDBUS=y
+
+#
+# PC-card bridges
+#
+CONFIG_YENTA=m
+CONFIG_YENTA_O2=y
+CONFIG_YENTA_RICOH=y
+CONFIG_YENTA_TI=y
+CONFIG_YENTA_ENE_TUNE=y
+CONFIG_YENTA_TOSHIBA=y
+# CONFIG_RAPIDIO is not set
+
+#
+# Generic Driver Options
+#
+CONFIG_AUXILIARY_BUS=y
+# CONFIG_UEVENT_HELPER is not set
+CONFIG_DEVTMPFS=y
+CONFIG_DEVTMPFS_MOUNT=y
+# CONFIG_DEVTMPFS_SAFE is not set
+CONFIG_STANDALONE=y
+CONFIG_PREVENT_FIRMWARE_BUILD=y
+
+#
+# Firmware loader
+#
+CONFIG_FW_LOADER=y
+CONFIG_EXTRA_FIRMWARE=""
+# CONFIG_FW_LOADER_USER_HELPER is not set
+# CONFIG_FW_LOADER_COMPRESS is not set
+CONFIG_FW_CACHE=y
+# CONFIG_FW_UPLOAD is not set
+# end of Firmware loader
+
+CONFIG_WANT_DEV_COREDUMP=y
+CONFIG_ALLOW_DEV_COREDUMP=y
+CONFIG_DEV_COREDUMP=y
+# CONFIG_DEBUG_DRIVER is not set
+# CONFIG_DEBUG_DEVRES is not set
+# CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set
+CONFIG_HMEM_REPORTING=y
+# CONFIG_TEST_ASYNC_DRIVER_PROBE is not set
+CONFIG_SYS_HYPERVISOR=y
+CONFIG_GENERIC_CPU_AUTOPROBE=y
+CONFIG_GENERIC_CPU_VULNERABILITIES=y
+CONFIG_REGMAP=y
+CONFIG_REGMAP_I2C=m
+CONFIG_REGMAP_SPI=m
+CONFIG_DMA_SHARED_BUFFER=y
+# CONFIG_DMA_FENCE_TRACE is not set
+# end of Generic Driver Options
+
+#
+# Bus devices
+#
+# CONFIG_MHI_BUS is not set
+# CONFIG_MHI_BUS_EP is not set
+# end of Bus devices
+
+CONFIG_CONNECTOR=y
+CONFIG_PROC_EVENTS=y
+
+#
+# Firmware Drivers
+#
+
+#
+# ARM System Control and Management Interface Protocol
+#
+# end of ARM System Control and Management Interface Protocol
+
+CONFIG_EDD=m
+# CONFIG_EDD_OFF is not set
+CONFIG_FIRMWARE_MEMMAP=y
+CONFIG_DMIID=y
+CONFIG_DMI_SYSFS=y
+CONFIG_DMI_SCAN_MACHINE_NON_EFI_FALLBACK=y
+CONFIG_ISCSI_IBFT_FIND=y
+CONFIG_ISCSI_IBFT=m
+CONFIG_FW_CFG_SYSFS=y
+# CONFIG_FW_CFG_SYSFS_CMDLINE is not set
+CONFIG_SYSFB=y
+# CONFIG_SYSFB_SIMPLEFB is not set
+# CONFIG_GOOGLE_FIRMWARE is not set
+
+#
+# EFI (Extensible Firmware Interface) Support
+#
+CONFIG_EFI_ESRT=y
+CONFIG_EFI_VARS_PSTORE=y
+CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE=y
+CONFIG_EFI_RUNTIME_MAP=y
+# CONFIG_EFI_FAKE_MEMMAP is not set
+CONFIG_EFI_SOFT_RESERVE=y
+CONFIG_EFI_DXE_MEM_ATTRIBUTES=y
+CONFIG_EFI_RUNTIME_WRAPPERS=y
+CONFIG_EFI_GENERIC_STUB_INITRD_CMDLINE_LOADER=y
+# CONFIG_EFI_BOOTLOADER_CONTROL is not set
+# CONFIG_EFI_CAPSULE_LOADER is not set
+# CONFIG_EFI_TEST is not set
+CONFIG_EFI_DEV_PATH_PARSER=y
+CONFIG_APPLE_PROPERTIES=y
+# CONFIG_RESET_ATTACK_MITIGATION is not set
+# CONFIG_EFI_RCI2_TABLE is not set
+# CONFIG_EFI_DISABLE_PCI_DMA is not set
+CONFIG_EFI_EARLYCON=y
+CONFIG_EFI_CUSTOM_SSDT_OVERLAYS=y
+# CONFIG_EFI_DISABLE_RUNTIME is not set
+# CONFIG_EFI_COCO_SECRET is not set
+# end of EFI (Extensible Firmware Interface) Support
+
+CONFIG_UEFI_CPER=y
+CONFIG_UEFI_CPER_X86=y
+
+#
+# Tegra firmware driver
+#
+# end of Tegra firmware driver
+# end of Firmware Drivers
+
+# CONFIG_GNSS is not set
+CONFIG_MTD=m
+# CONFIG_MTD_TESTS is not set
+
+#
+# Partition parsers
+#
+# CONFIG_MTD_AR7_PARTS is not set
+# CONFIG_MTD_CMDLINE_PARTS is not set
+# CONFIG_MTD_REDBOOT_PARTS is not set
+# end of Partition parsers
+
+#
+# User Modules And Translation Layers
+#
+CONFIG_MTD_BLKDEVS=m
+CONFIG_MTD_BLOCK=m
+# CONFIG_MTD_BLOCK_RO is not set
+
+#
+# Note that in some cases UBI block is preferred. See MTD_UBI_BLOCK.
+#
+# CONFIG_FTL is not set
+# CONFIG_NFTL is not set
+# CONFIG_INFTL is not set
+# CONFIG_RFD_FTL is not set
+# CONFIG_SSFDC is not set
+# CONFIG_SM_FTL is not set
+# CONFIG_MTD_OOPS is not set
+# CONFIG_MTD_SWAP is not set
+# CONFIG_MTD_PARTITIONED_MASTER is not set
+
+#
+# RAM/ROM/Flash chip drivers
+#
+# CONFIG_MTD_CFI is not set
+# CONFIG_MTD_JEDECPROBE is not set
+CONFIG_MTD_MAP_BANK_WIDTH_1=y
+CONFIG_MTD_MAP_BANK_WIDTH_2=y
+CONFIG_MTD_MAP_BANK_WIDTH_4=y
+CONFIG_MTD_CFI_I1=y
+CONFIG_MTD_CFI_I2=y
+# CONFIG_MTD_RAM is not set
+# CONFIG_MTD_ROM is not set
+# CONFIG_MTD_ABSENT is not set
+# end of RAM/ROM/Flash chip drivers
+
+#
+# Mapping drivers for chip access
+#
+# CONFIG_MTD_COMPLEX_MAPPINGS is not set
+# CONFIG_MTD_INTEL_VR_NOR is not set
+# CONFIG_MTD_PLATRAM is not set
+# end of Mapping drivers for chip access
+
+#
+# Self-contained MTD device drivers
+#
+# CONFIG_MTD_PMC551 is not set
+# CONFIG_MTD_DATAFLASH is not set
+# CONFIG_MTD_MCHP23K256 is not set
+# CONFIG_MTD_MCHP48L640 is not set
+# CONFIG_MTD_SST25L is not set
+# CONFIG_MTD_SLRAM is not set
+# CONFIG_MTD_PHRAM is not set
+# CONFIG_MTD_MTDRAM is not set
+CONFIG_MTD_BLOCK2MTD=m
+
+#
+# Disk-On-Chip Device Drivers
+#
+# CONFIG_MTD_DOCG3 is not set
+# end of Self-contained MTD device drivers
+
+#
+# NAND
+#
+# CONFIG_MTD_ONENAND is not set
+# CONFIG_MTD_RAW_NAND is not set
+# CONFIG_MTD_SPI_NAND is not set
+
+#
+# ECC engine support
+#
+# CONFIG_MTD_NAND_ECC_SW_HAMMING is not set
+# CONFIG_MTD_NAND_ECC_SW_BCH is not set
+# CONFIG_MTD_NAND_ECC_MXIC is not set
+# end of ECC engine support
+# end of NAND
+
+#
+# LPDDR & LPDDR2 PCM memory drivers
+#
+# CONFIG_MTD_LPDDR is not set
+# end of LPDDR & LPDDR2 PCM memory drivers
+
+CONFIG_MTD_SPI_NOR=m
+CONFIG_MTD_SPI_NOR_USE_4K_SECTORS=y
+# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set
+CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y
+# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set
+CONFIG_MTD_UBI=m
+CONFIG_MTD_UBI_WL_THRESHOLD=4096
+CONFIG_MTD_UBI_BEB_LIMIT=20
+# CONFIG_MTD_UBI_FASTMAP is not set
+CONFIG_MTD_UBI_GLUEBI=m
+# CONFIG_MTD_UBI_BLOCK is not set
+# CONFIG_MTD_HYPERBUS is not set
+# CONFIG_OF is not set
+CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
+CONFIG_PARPORT=m
+CONFIG_PARPORT_PC=m
+CONFIG_PARPORT_SERIAL=m
+# CONFIG_PARPORT_PC_FIFO is not set
+# CONFIG_PARPORT_PC_SUPERIO is not set
+# CONFIG_PARPORT_AX88796 is not set
+CONFIG_PARPORT_1284=y
+CONFIG_PARPORT_NOT_PC=y
+CONFIG_PNP=y
+# CONFIG_PNP_DEBUG_MESSAGES is not set
+
+#
+# Protocols
+#
+CONFIG_PNPACPI=y
+CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_NULL_BLK=m
+# CONFIG_BLK_DEV_FD is not set
+CONFIG_CDROM=m
+# CONFIG_PARIDE is not set
+# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set
+CONFIG_ZRAM=m
+CONFIG_ZRAM_DEF_COMP_LZORLE=y
+# CONFIG_ZRAM_DEF_COMP_ZSTD is not set
+# CONFIG_ZRAM_DEF_COMP_LZO is not set
+CONFIG_ZRAM_DEF_COMP="lzo-rle"
+CONFIG_ZRAM_WRITEBACK=y
+# CONFIG_ZRAM_MEMORY_TRACKING is not set
+CONFIG_BLK_DEV_LOOP=m
+CONFIG_BLK_DEV_LOOP_MIN_COUNT=0
+# CONFIG_BLK_DEV_DRBD is not set
+CONFIG_BLK_DEV_NBD=m
+CONFIG_BLK_DEV_RAM=m
+CONFIG_BLK_DEV_RAM_COUNT=16
+CONFIG_BLK_DEV_RAM_SIZE=16384
+CONFIG_CDROM_PKTCDVD=m
+CONFIG_CDROM_PKTCDVD_BUFFERS=8
+# CONFIG_CDROM_PKTCDVD_WCACHE is not set
+# CONFIG_ATA_OVER_ETH is not set
+CONFIG_XEN_BLKDEV_FRONTEND=m
+CONFIG_VIRTIO_BLK=m
+CONFIG_BLK_DEV_RBD=m
+# CONFIG_BLK_DEV_UBLK is not set
+
+#
+# NVME Support
+#
+CONFIG_NVME_CORE=m
+CONFIG_BLK_DEV_NVME=m
+CONFIG_NVME_MULTIPATH=y
+# CONFIG_NVME_VERBOSE_ERRORS is not set
+# CONFIG_NVME_HWMON is not set
+CONFIG_NVME_FABRICS=m
+CONFIG_NVME_RDMA=m
+CONFIG_NVME_FC=m
+CONFIG_NVME_TCP=m
+# CONFIG_NVME_AUTH is not set
+CONFIG_NVME_TARGET=m
+# CONFIG_NVME_TARGET_PASSTHRU is not set
+CONFIG_NVME_TARGET_LOOP=m
+CONFIG_NVME_TARGET_RDMA=m
+CONFIG_NVME_TARGET_FC=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_TCP=m
+# CONFIG_NVME_TARGET_AUTH is not set
+# end of NVME Support
+
+#
+# Misc devices
+#
+CONFIG_SENSORS_LIS3LV02D=m
+# CONFIG_AD525X_DPOT is not set
+# CONFIG_DUMMY_IRQ is not set
+# CONFIG_IBM_ASM is not set
+# CONFIG_PHANTOM is not set
+CONFIG_TIFM_CORE=m
+CONFIG_TIFM_7XX1=m
+# CONFIG_ICS932S401 is not set
+CONFIG_ENCLOSURE_SERVICES=m
+CONFIG_SGI_XP=m
+CONFIG_HP_ILO=m
+CONFIG_SGI_GRU=m
+# CONFIG_SGI_GRU_DEBUG is not set
+CONFIG_APDS9802ALS=m
+CONFIG_ISL29003=m
+CONFIG_ISL29020=m
+CONFIG_SENSORS_TSL2550=m
+CONFIG_SENSORS_BH1770=m
+CONFIG_SENSORS_APDS990X=m
+# CONFIG_HMC6352 is not set
+# CONFIG_DS1682 is not set
+CONFIG_VMWARE_BALLOON=m
+# CONFIG_LATTICE_ECP3_CONFIG is not set
+# CONFIG_SRAM is not set
+# CONFIG_DW_XDATA_PCIE is not set
+# CONFIG_PCI_ENDPOINT_TEST is not set
+# CONFIG_XILINX_SDFEC is not set
+CONFIG_MISC_RTSX=m
+# CONFIG_C2PORT is not set
+
+#
+# EEPROM support
+#
+# CONFIG_EEPROM_AT24 is not set
+# CONFIG_EEPROM_AT25 is not set
+CONFIG_EEPROM_LEGACY=m
+CONFIG_EEPROM_MAX6875=m
+CONFIG_EEPROM_93CX6=m
+# CONFIG_EEPROM_93XX46 is not set
+# CONFIG_EEPROM_IDT_89HPESX is not set
+# CONFIG_EEPROM_EE1004 is not set
+# end of EEPROM support
+
+CONFIG_CB710_CORE=m
+# CONFIG_CB710_DEBUG is not set
+CONFIG_CB710_DEBUG_ASSUMPTIONS=y
+
+#
+# Texas Instruments shared transport line discipline
+#
+# CONFIG_TI_ST is not set
+# end of Texas Instruments shared transport line discipline
+
+CONFIG_SENSORS_LIS3_I2C=m
+CONFIG_ALTERA_STAPL=m
+CONFIG_INTEL_MEI=m
+CONFIG_INTEL_MEI_ME=m
+# CONFIG_INTEL_MEI_TXE is not set
+# CONFIG_INTEL_MEI_GSC is not set
+# CONFIG_INTEL_MEI_HDCP is not set
+# CONFIG_INTEL_MEI_PXP is not set
+CONFIG_VMWARE_VMCI=m
+# CONFIG_GENWQE is not set
+# CONFIG_ECHO is not set
+# CONFIG_BCM_VK is not set
+# CONFIG_MISC_ALCOR_PCI is not set
+CONFIG_MISC_RTSX_PCI=m
+CONFIG_MISC_RTSX_USB=m
+# CONFIG_HABANA_AI is not set
+CONFIG_UACCE=m
+CONFIG_PVPANIC=y
+# CONFIG_PVPANIC_MMIO is not set
+# CONFIG_PVPANIC_PCI is not set
+# CONFIG_GP_PCI1XXXX is not set
+# end of Misc devices
+
+#
+# SCSI device support
+#
+CONFIG_SCSI_MOD=y
+CONFIG_RAID_ATTRS=m
+CONFIG_SCSI_COMMON=y
+CONFIG_SCSI=y
+CONFIG_SCSI_DMA=y
+CONFIG_SCSI_NETLINK=y
+CONFIG_SCSI_PROC_FS=y
+
+#
+# SCSI support type (disk, tape, CD-ROM)
+#
+CONFIG_BLK_DEV_SD=m
+CONFIG_CHR_DEV_ST=m
+CONFIG_BLK_DEV_SR=m
+CONFIG_CHR_DEV_SG=m
+CONFIG_BLK_DEV_BSG=y
+CONFIG_CHR_DEV_SCH=m
+CONFIG_SCSI_ENCLOSURE=m
+CONFIG_SCSI_CONSTANTS=y
+CONFIG_SCSI_LOGGING=y
+CONFIG_SCSI_SCAN_ASYNC=y
+
+#
+# SCSI Transports
+#
+CONFIG_SCSI_SPI_ATTRS=m
+CONFIG_SCSI_FC_ATTRS=m
+CONFIG_SCSI_ISCSI_ATTRS=m
+CONFIG_SCSI_SAS_ATTRS=m
+CONFIG_SCSI_SAS_LIBSAS=m
+CONFIG_SCSI_SAS_ATA=y
+CONFIG_SCSI_SAS_HOST_SMP=y
+CONFIG_SCSI_SRP_ATTRS=m
+# end of SCSI Transports
+
+CONFIG_SCSI_LOWLEVEL=y
+CONFIG_ISCSI_TCP=m
+CONFIG_ISCSI_BOOT_SYSFS=m
+# CONFIG_SCSI_CXGB3_ISCSI is not set
+CONFIG_SCSI_CXGB4_ISCSI=m
+CONFIG_SCSI_BNX2_ISCSI=m
+CONFIG_SCSI_BNX2X_FCOE=m
+CONFIG_BE2ISCSI=m
+# CONFIG_BLK_DEV_3W_XXXX_RAID is not set
+CONFIG_SCSI_HPSA=m
+# CONFIG_SCSI_3W_9XXX is not set
+# CONFIG_SCSI_3W_SAS is not set
+# CONFIG_SCSI_ACARD is not set
+CONFIG_SCSI_AACRAID=m
+# CONFIG_SCSI_AIC7XXX is not set
+# CONFIG_SCSI_AIC79XX is not set
+# CONFIG_SCSI_AIC94XX is not set
+# CONFIG_SCSI_MVSAS is not set
+# CONFIG_SCSI_MVUMI is not set
+# CONFIG_SCSI_ADVANSYS is not set
+# CONFIG_SCSI_ARCMSR is not set
+# CONFIG_SCSI_ESAS2R is not set
+# CONFIG_MEGARAID_NEWGEN is not set
+# CONFIG_MEGARAID_LEGACY is not set
+CONFIG_MEGARAID_SAS=m
+CONFIG_SCSI_MPT3SAS=m
+CONFIG_SCSI_MPT2SAS_MAX_SGE=128
+CONFIG_SCSI_MPT3SAS_MAX_SGE=128
+CONFIG_SCSI_MPT2SAS=m
+# CONFIG_SCSI_MPI3MR is not set
+CONFIG_SCSI_SMARTPQI=m
+# CONFIG_SCSI_HPTIOP is not set
+# CONFIG_SCSI_BUSLOGIC is not set
+# CONFIG_SCSI_MYRB is not set
+# CONFIG_SCSI_MYRS is not set
+CONFIG_VMWARE_PVSCSI=m
+# CONFIG_XEN_SCSI_FRONTEND is not set
+CONFIG_HYPERV_STORAGE=m
+CONFIG_LIBFC=m
+CONFIG_LIBFCOE=m
+CONFIG_FCOE=m
+CONFIG_FCOE_FNIC=m
+# CONFIG_SCSI_SNIC is not set
+# CONFIG_SCSI_DMX3191D is not set
+# CONFIG_SCSI_FDOMAIN_PCI is not set
+# CONFIG_SCSI_ISCI is not set
+# CONFIG_SCSI_IPS is not set
+# CONFIG_SCSI_INITIO is not set
+# CONFIG_SCSI_INIA100 is not set
+# CONFIG_SCSI_PPA is not set
+# CONFIG_SCSI_IMM is not set
+# CONFIG_SCSI_STEX is not set
+# CONFIG_SCSI_SYM53C8XX_2 is not set
+# CONFIG_SCSI_IPR is not set
+# CONFIG_SCSI_QLOGIC_1280 is not set
+CONFIG_SCSI_QLA_FC=m
+# CONFIG_TCM_QLA2XXX is not set
+CONFIG_SCSI_QLA_ISCSI=m
+CONFIG_QEDI=m
+CONFIG_QEDF=m
+CONFIG_SCSI_LPFC=m
+# CONFIG_SCSI_LPFC_DEBUG_FS is not set
+# CONFIG_SCSI_EFCT is not set
+# CONFIG_SCSI_DC395x is not set
+# CONFIG_SCSI_AM53C974 is not set
+# CONFIG_SCSI_WD719X is not set
+CONFIG_SCSI_DEBUG=m
+# CONFIG_SCSI_PMCRAID is not set
+# CONFIG_SCSI_PM8001 is not set
+# CONFIG_SCSI_BFA_FC is not set
+CONFIG_SCSI_VIRTIO=m
+CONFIG_SCSI_CHELSIO_FCOE=m
+CONFIG_SCSI_DH=y
+CONFIG_SCSI_DH_RDAC=y
+CONFIG_SCSI_DH_HP_SW=y
+CONFIG_SCSI_DH_EMC=y
+CONFIG_SCSI_DH_ALUA=y
+# end of SCSI device support
+
+CONFIG_ATA=m
+CONFIG_SATA_HOST=y
+CONFIG_PATA_TIMINGS=y
+CONFIG_ATA_VERBOSE_ERROR=y
+CONFIG_ATA_FORCE=y
+CONFIG_ATA_ACPI=y
+# CONFIG_SATA_ZPODD is not set
+CONFIG_SATA_PMP=y
+
+#
+# Controllers with non-SFF native interface
+#
+CONFIG_SATA_AHCI=m
+CONFIG_SATA_MOBILE_LPM_POLICY=0
+CONFIG_SATA_AHCI_PLATFORM=m
+# CONFIG_AHCI_DWC is not set
+# CONFIG_SATA_INIC162X is not set
+# CONFIG_SATA_ACARD_AHCI is not set
+# CONFIG_SATA_SIL24 is not set
+CONFIG_ATA_SFF=y
+
+#
+# SFF controllers with custom DMA interface
+#
+# CONFIG_PDC_ADMA is not set
+# CONFIG_SATA_QSTOR is not set
+# CONFIG_SATA_SX4 is not set
+CONFIG_ATA_BMDMA=y
+
+#
+# SATA SFF controllers with BMDMA
+#
+CONFIG_ATA_PIIX=m
+# CONFIG_SATA_DWC is not set
+# CONFIG_SATA_MV is not set
+# CONFIG_SATA_NV is not set
+# CONFIG_SATA_PROMISE is not set
+# CONFIG_SATA_SIL is not set
+# CONFIG_SATA_SIS is not set
+# CONFIG_SATA_SVW is not set
+# CONFIG_SATA_ULI is not set
+# CONFIG_SATA_VIA is not set
+# CONFIG_SATA_VITESSE is not set
+
+#
+# PATA SFF controllers with BMDMA
+#
+# CONFIG_PATA_ALI is not set
+# CONFIG_PATA_AMD is not set
+# CONFIG_PATA_ARTOP is not set
+# CONFIG_PATA_ATIIXP is not set
+# CONFIG_PATA_ATP867X is not set
+# CONFIG_PATA_CMD64X is not set
+# CONFIG_PATA_CYPRESS is not set
+# CONFIG_PATA_EFAR is not set
+# CONFIG_PATA_HPT366 is not set
+# CONFIG_PATA_HPT37X is not set
+# CONFIG_PATA_HPT3X2N is not set
+# CONFIG_PATA_HPT3X3 is not set
+# CONFIG_PATA_IT8213 is not set
+# CONFIG_PATA_IT821X is not set
+# CONFIG_PATA_JMICRON is not set
+# CONFIG_PATA_MARVELL is not set
+# CONFIG_PATA_NETCELL is not set
+# CONFIG_PATA_NINJA32 is not set
+# CONFIG_PATA_NS87415 is not set
+# CONFIG_PATA_OLDPIIX is not set
+# CONFIG_PATA_OPTIDMA is not set
+# CONFIG_PATA_PDC2027X is not set
+# CONFIG_PATA_PDC_OLD is not set
+# CONFIG_PATA_RADISYS is not set
+# CONFIG_PATA_RDC is not set
+# CONFIG_PATA_SCH is not set
+# CONFIG_PATA_SERVERWORKS is not set
+# CONFIG_PATA_SIL680 is not set
+# CONFIG_PATA_SIS is not set
+# CONFIG_PATA_TOSHIBA is not set
+# CONFIG_PATA_TRIFLEX is not set
+# CONFIG_PATA_VIA is not set
+# CONFIG_PATA_WINBOND is not set
+
+#
+# PIO-only SFF controllers
+#
+# CONFIG_PATA_CMD640_PCI is not set
+# CONFIG_PATA_MPIIX is not set
+# CONFIG_PATA_NS87410 is not set
+# CONFIG_PATA_OPTI is not set
+# CONFIG_PATA_RZ1000 is not set
+
+#
+# Generic fallback / legacy drivers
+#
+# CONFIG_PATA_ACPI is not set
+CONFIG_ATA_GENERIC=m
+# CONFIG_PATA_LEGACY is not set
+CONFIG_MD=y
+CONFIG_BLK_DEV_MD=y
+CONFIG_MD_AUTODETECT=y
+CONFIG_MD_LINEAR=m
+CONFIG_MD_RAID0=m
+CONFIG_MD_RAID1=m
+CONFIG_MD_RAID10=m
+CONFIG_MD_RAID456=m
+# CONFIG_MD_MULTIPATH is not set
+CONFIG_MD_FAULTY=m
+# CONFIG_MD_CLUSTER is not set
+# CONFIG_BCACHE is not set
+CONFIG_BLK_DEV_DM_BUILTIN=y
+CONFIG_BLK_DEV_DM=m
+CONFIG_DM_DEBUG=y
+CONFIG_DM_BUFIO=m
+# CONFIG_DM_DEBUG_BLOCK_MANAGER_LOCKING is not set
+CONFIG_DM_BIO_PRISON=m
+CONFIG_DM_PERSISTENT_DATA=m
+# CONFIG_DM_UNSTRIPED is not set
+CONFIG_DM_CRYPT=m
+CONFIG_DM_SNAPSHOT=m
+CONFIG_DM_THIN_PROVISIONING=m
+CONFIG_DM_CACHE=m
+CONFIG_DM_CACHE_SMQ=m
+CONFIG_DM_WRITECACHE=m
+# CONFIG_DM_EBS is not set
+CONFIG_DM_ERA=m
+# CONFIG_DM_CLONE is not set
+CONFIG_DM_MIRROR=m
+CONFIG_DM_LOG_USERSPACE=m
+CONFIG_DM_RAID=m
+CONFIG_DM_ZERO=m
+CONFIG_DM_MULTIPATH=m
+CONFIG_DM_MULTIPATH_QL=m
+CONFIG_DM_MULTIPATH_ST=m
+# CONFIG_DM_MULTIPATH_HST is not set
+# CONFIG_DM_MULTIPATH_IOA is not set
+CONFIG_DM_DELAY=m
+# CONFIG_DM_DUST is not set
+CONFIG_DM_UEVENT=y
+CONFIG_DM_FLAKEY=m
+CONFIG_DM_VERITY=m
+# CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG is not set
+# CONFIG_DM_VERITY_FEC is not set
+CONFIG_DM_SWITCH=m
+CONFIG_DM_LOG_WRITES=m
+CONFIG_DM_INTEGRITY=m
+# CONFIG_DM_ZONED is not set
+CONFIG_DM_AUDIT=y
+CONFIG_TARGET_CORE=m
+CONFIG_TCM_IBLOCK=m
+CONFIG_TCM_FILEIO=m
+CONFIG_TCM_PSCSI=m
+CONFIG_TCM_USER2=m
+CONFIG_LOOPBACK_TARGET=m
+# CONFIG_TCM_FC is not set
+CONFIG_ISCSI_TARGET=m
+CONFIG_ISCSI_TARGET_CXGB4=m
+# CONFIG_SBP_TARGET is not set
+CONFIG_FUSION=y
+CONFIG_FUSION_SPI=m
+# CONFIG_FUSION_FC is not set
+CONFIG_FUSION_SAS=m
+CONFIG_FUSION_MAX_SGE=128
+CONFIG_FUSION_CTL=m
+CONFIG_FUSION_LOGGING=y
+
+#
+# IEEE 1394 (FireWire) support
+#
+CONFIG_FIREWIRE=m
+CONFIG_FIREWIRE_OHCI=m
+CONFIG_FIREWIRE_SBP2=m
+CONFIG_FIREWIRE_NET=m
+# CONFIG_FIREWIRE_NOSY is not set
+# end of IEEE 1394 (FireWire) support
+
+CONFIG_MACINTOSH_DRIVERS=y
+CONFIG_MAC_EMUMOUSEBTN=y
+CONFIG_NETDEVICES=y
+CONFIG_MII=m
+CONFIG_NET_CORE=y
+CONFIG_BONDING=m
+CONFIG_DUMMY=m
+# CONFIG_WIREGUARD is not set
+# CONFIG_EQUALIZER is not set
+CONFIG_NET_FC=y
+CONFIG_IFB=m
+CONFIG_NET_TEAM=m
+CONFIG_NET_TEAM_MODE_BROADCAST=m
+CONFIG_NET_TEAM_MODE_ROUNDROBIN=m
+CONFIG_NET_TEAM_MODE_RANDOM=m
+CONFIG_NET_TEAM_MODE_ACTIVEBACKUP=m
+CONFIG_NET_TEAM_MODE_LOADBALANCE=m
+CONFIG_MACVLAN=m
+CONFIG_MACVTAP=m
+CONFIG_IPVLAN_L3S=y
+CONFIG_IPVLAN=m
+CONFIG_IPVTAP=m
+CONFIG_VXLAN=m
+CONFIG_GENEVE=m
+# CONFIG_BAREUDP is not set
+# CONFIG_GTP is not set
+# CONFIG_AMT is not set
+CONFIG_MACSEC=m
+CONFIG_NETCONSOLE=m
+CONFIG_NETCONSOLE_DYNAMIC=y
+CONFIG_NETPOLL=y
+CONFIG_NET_POLL_CONTROLLER=y
+CONFIG_NTB_NETDEV=m
+CONFIG_TUN=m
+CONFIG_TAP=m
+# CONFIG_TUN_VNET_CROSS_LE is not set
+CONFIG_VETH=m
+CONFIG_VIRTIO_NET=m
+CONFIG_NLMON=m
+CONFIG_NET_VRF=m
+CONFIG_VSOCKMON=m
+# CONFIG_ARCNET is not set
+# CONFIG_ATM_DRIVERS is not set
+CONFIG_ETHERNET=y
+CONFIG_MDIO=m
+# CONFIG_NET_VENDOR_3COM is not set
+# CONFIG_NET_VENDOR_ADAPTEC is not set
+# CONFIG_NET_VENDOR_AGERE is not set
+# CONFIG_NET_VENDOR_ALACRITECH is not set
+# CONFIG_NET_VENDOR_ALTEON is not set
+# CONFIG_ALTERA_TSE is not set
+CONFIG_NET_VENDOR_AMAZON=y
+CONFIG_ENA_ETHERNET=m
+CONFIG_NET_VENDOR_AMD=y
+# CONFIG_AMD8111_ETH is not set
+# CONFIG_PCNET32 is not set
+CONFIG_AMD_XGBE=m
+# CONFIG_AMD_XGBE_DCB is not set
+CONFIG_AMD_XGBE_HAVE_ECC=y
+CONFIG_NET_VENDOR_AQUANTIA=y
+CONFIG_AQTION=m
+# CONFIG_NET_VENDOR_ARC is not set
+CONFIG_NET_VENDOR_ASIX=y
+# CONFIG_SPI_AX88796C is not set
+CONFIG_NET_VENDOR_ATHEROS=y
+CONFIG_ATL2=m
+CONFIG_ATL1=m
+CONFIG_ATL1E=m
+CONFIG_ATL1C=m
+CONFIG_ALX=m
+# CONFIG_CX_ECAT is not set
+CONFIG_NET_VENDOR_BROADCOM=y
+# CONFIG_B44 is not set
+# CONFIG_BCMGENET is not set
+CONFIG_BNX2=m
+CONFIG_CNIC=m
+CONFIG_TIGON3=m
+CONFIG_TIGON3_HWMON=y
+CONFIG_BNX2X=m
+CONFIG_BNX2X_SRIOV=y
+# CONFIG_SYSTEMPORT is not set
+CONFIG_BNXT=m
+CONFIG_BNXT_SRIOV=y
+CONFIG_BNXT_FLOWER_OFFLOAD=y
+CONFIG_BNXT_DCB=y
+CONFIG_BNXT_HWMON=y
+CONFIG_NET_VENDOR_CADENCE=y
+# CONFIG_MACB is not set
+CONFIG_NET_VENDOR_CAVIUM=y
+# CONFIG_THUNDER_NIC_PF is not set
+# CONFIG_THUNDER_NIC_VF is not set
+# CONFIG_THUNDER_NIC_BGX is not set
+# CONFIG_THUNDER_NIC_RGX is not set
+CONFIG_CAVIUM_PTP=y
+CONFIG_LIQUIDIO=m
+CONFIG_LIQUIDIO_VF=m
+CONFIG_NET_VENDOR_CHELSIO=y
+# CONFIG_CHELSIO_T1 is not set
+# CONFIG_CHELSIO_T3 is not set
+CONFIG_CHELSIO_T4=m
+# CONFIG_CHELSIO_T4_DCB is not set
+CONFIG_CHELSIO_T4VF=m
+CONFIG_CHELSIO_LIB=m
+CONFIG_CHELSIO_INLINE_CRYPTO=y
+CONFIG_CHELSIO_IPSEC_INLINE=m
+# CONFIG_CHELSIO_TLS_DEVICE is not set
+CONFIG_NET_VENDOR_CISCO=y
+CONFIG_ENIC=m
+# CONFIG_NET_VENDOR_CORTINA is not set
+CONFIG_NET_VENDOR_DAVICOM=y
+# CONFIG_DM9051 is not set
+CONFIG_DNET=m
+CONFIG_NET_VENDOR_DEC=y
+# CONFIG_NET_TULIP is not set
+CONFIG_NET_VENDOR_DLINK=y
+CONFIG_DL2K=m
+# CONFIG_SUNDANCE is not set
+CONFIG_NET_VENDOR_EMULEX=y
+CONFIG_BE2NET=m
+CONFIG_BE2NET_HWMON=y
+# CONFIG_BE2NET_BE2 is not set
+# CONFIG_BE2NET_BE3 is not set
+CONFIG_BE2NET_LANCER=y
+CONFIG_BE2NET_SKYHAWK=y
+CONFIG_NET_VENDOR_ENGLEDER=y
+# CONFIG_TSNEP is not set
+# CONFIG_NET_VENDOR_EZCHIP is not set
+CONFIG_NET_VENDOR_FUNGIBLE=y
+# CONFIG_FUN_ETH is not set
+CONFIG_NET_VENDOR_GOOGLE=y
+# CONFIG_GVE is not set
+CONFIG_NET_VENDOR_HUAWEI=y
+CONFIG_HINIC=m
+# CONFIG_NET_VENDOR_I825XX is not set
+CONFIG_NET_VENDOR_INTEL=y
+# CONFIG_E100 is not set
+CONFIG_E1000=m
+CONFIG_E1000E=m
+CONFIG_E1000E_HWTS=y
+CONFIG_IGB=m
+CONFIG_IGB_HWMON=y
+CONFIG_IGB_DCA=y
+CONFIG_IGBVF=m
+# CONFIG_IXGB is not set
+CONFIG_IXGBE=m
+CONFIG_IXGBE_HWMON=y
+CONFIG_IXGBE_DCA=y
+CONFIG_IXGBE_DCB=y
+CONFIG_IXGBE_IPSEC=y
+CONFIG_IXGBEVF=m
+CONFIG_IXGBEVF_IPSEC=y
+CONFIG_I40E=m
+CONFIG_I40E_DCB=y
+CONFIG_IAVF=m
+CONFIG_I40EVF=m
+CONFIG_ICE=m
+CONFIG_ICE_SWITCHDEV=y
+CONFIG_ICE_HWTS=y
+CONFIG_FM10K=m
+# CONFIG_IGC is not set
+CONFIG_NET_VENDOR_WANGXUN=y
+CONFIG_NGBE=m
+CONFIG_TXGBE=m
+# CONFIG_JME is not set
+CONFIG_NET_VENDOR_ADI=y
+# CONFIG_ADIN1110 is not set
+CONFIG_NET_VENDOR_LITEX=y
+# CONFIG_NET_VENDOR_MARVELL is not set
+CONFIG_NET_VENDOR_MELLANOX=y
+CONFIG_MLX4_EN=m
+CONFIG_MLX4_EN_DCB=y
+CONFIG_MLX4_CORE=m
+CONFIG_MLX4_DEBUG=y
+# CONFIG_MLX4_CORE_GEN2 is not set
+CONFIG_MLX5_CORE=m
+CONFIG_MLX5_FPGA=y
+CONFIG_MLX5_CORE_EN=y
+CONFIG_MLX5_EN_ARFS=y
+CONFIG_MLX5_EN_RXNFC=y
+CONFIG_MLX5_MPFS=y
+CONFIG_MLX5_ESWITCH=y
+CONFIG_MLX5_BRIDGE=y
+CONFIG_MLX5_CLS_ACT=y
+CONFIG_MLX5_TC_SAMPLE=y
+CONFIG_MLX5_CORE_EN_DCB=y
+CONFIG_MLX5_CORE_IPOIB=y
+# CONFIG_MLX5_EN_MACSEC is not set
+# CONFIG_MLX5_EN_IPSEC is not set
+# CONFIG_MLX5_EN_TLS is not set
+CONFIG_MLX5_SW_STEERING=y
+# CONFIG_MLX5_SF is not set
+CONFIG_MLXSW_CORE=m
+CONFIG_MLXSW_CORE_HWMON=y
+CONFIG_MLXSW_CORE_THERMAL=y
+CONFIG_MLXSW_PCI=m
+CONFIG_MLXSW_I2C=m
+CONFIG_MLXSW_SPECTRUM=m
+CONFIG_MLXSW_SPECTRUM_DCB=y
+CONFIG_MLXSW_MINIMAL=m
+CONFIG_MLXFW=m
+# CONFIG_NET_VENDOR_MICREL is not set
+# CONFIG_NET_VENDOR_MICROCHIP is not set
+# CONFIG_NET_VENDOR_MICROSEMI is not set
+CONFIG_NET_VENDOR_MICROSOFT=y
+# CONFIG_MICROSOFT_MANA is not set
+CONFIG_NET_VENDOR_MYRI=y
+CONFIG_MYRI10GE=m
+CONFIG_MYRI10GE_DCA=y
+# CONFIG_FEALNX is not set
+# CONFIG_NET_VENDOR_NI is not set
+# CONFIG_NET_VENDOR_NATSEMI is not set
+CONFIG_NET_VENDOR_NETERION=y
+# CONFIG_S2IO is not set
+CONFIG_NET_VENDOR_NETRONOME=y
+CONFIG_NFP=m
+CONFIG_NFP_APP_FLOWER=y
+CONFIG_NFP_APP_ABM_NIC=y
+# CONFIG_NFP_DEBUG is not set
+# CONFIG_NET_VENDOR_NVIDIA is not set
+CONFIG_NET_VENDOR_OKI=y
+CONFIG_ETHOC=m
+CONFIG_NET_VENDOR_PACKET_ENGINES=y
+# CONFIG_HAMACHI is not set
+# CONFIG_YELLOWFIN is not set
+CONFIG_NET_VENDOR_PENSANDO=y
+# CONFIG_IONIC is not set
+CONFIG_NET_VENDOR_QLOGIC=y
+CONFIG_QLA3XXX=m
+# CONFIG_QLCNIC is not set
+CONFIG_NETXEN_NIC=m
+CONFIG_QED=m
+CONFIG_QED_LL2=y
+CONFIG_QED_SRIOV=y
+CONFIG_QEDE=m
+CONFIG_QED_RDMA=y
+CONFIG_QED_ISCSI=y
+CONFIG_QED_FCOE=y
+CONFIG_QED_OOO=y
+CONFIG_NET_VENDOR_BROCADE=y
+# CONFIG_BNA is not set
+# CONFIG_NET_VENDOR_QUALCOMM is not set
+# CONFIG_NET_VENDOR_RDC is not set
+CONFIG_NET_VENDOR_REALTEK=y
+# CONFIG_ATP is not set
+CONFIG_8139CP=m
+CONFIG_8139TOO=m
+# CONFIG_8139TOO_PIO is not set
+# CONFIG_8139TOO_TUNE_TWISTER is not set
+CONFIG_8139TOO_8129=y
+# CONFIG_8139_OLD_RX_RESET is not set
+CONFIG_R8169=m
+# CONFIG_NET_VENDOR_RENESAS is not set
+CONFIG_NET_VENDOR_ROCKER=y
+CONFIG_ROCKER=m
+# CONFIG_NET_VENDOR_SAMSUNG is not set
+# CONFIG_NET_VENDOR_SEEQ is not set
+# CONFIG_NET_VENDOR_SILAN is not set
+# CONFIG_NET_VENDOR_SIS is not set
+CONFIG_NET_VENDOR_SOLARFLARE=y
+CONFIG_SFC=m
+CONFIG_SFC_MTD=y
+CONFIG_SFC_MCDI_MON=y
+CONFIG_SFC_SRIOV=y
+CONFIG_SFC_MCDI_LOGGING=y
+# CONFIG_SFC_FALCON is not set
+# CONFIG_SFC_SIENA is not set
+# CONFIG_NET_VENDOR_SMSC is not set
+# CONFIG_NET_VENDOR_SOCIONEXT is not set
+# CONFIG_NET_VENDOR_STMICRO is not set
+# CONFIG_NET_VENDOR_SUN is not set
+# CONFIG_NET_VENDOR_SYNOPSYS is not set
+# CONFIG_NET_VENDOR_TEHUTI is not set
+# CONFIG_NET_VENDOR_TI is not set
+CONFIG_NET_VENDOR_VERTEXCOM=y
+# CONFIG_MSE102X is not set
+# CONFIG_NET_VENDOR_VIA is not set
+# CONFIG_NET_VENDOR_WIZNET is not set
+# CONFIG_NET_VENDOR_XILINX is not set
+# CONFIG_FDDI is not set
+# CONFIG_HIPPI is not set
+# CONFIG_NET_SB1000 is not set
+CONFIG_PHYLINK=m
+CONFIG_PHYLIB=y
+CONFIG_SWPHY=y
+CONFIG_LED_TRIGGER_PHY=y
+CONFIG_FIXED_PHY=y
+# CONFIG_SFP is not set
+
+#
+# MII PHY device drivers
+#
+CONFIG_AMD_PHY=m
+# CONFIG_ADIN_PHY is not set
+# CONFIG_ADIN1100_PHY is not set
+CONFIG_AQUANTIA_PHY=m
+CONFIG_AX88796B_PHY=m
+CONFIG_BROADCOM_PHY=m
+# CONFIG_BCM54140_PHY is not set
+CONFIG_BCM7XXX_PHY=m
+# CONFIG_BCM84881_PHY is not set
+CONFIG_BCM87XX_PHY=m
+CONFIG_BCM_NET_PHYLIB=m
+CONFIG_BCM_NET_PHYPTP=m
+CONFIG_CICADA_PHY=m
+CONFIG_CORTINA_PHY=m
+CONFIG_DAVICOM_PHY=m
+CONFIG_ICPLUS_PHY=m
+CONFIG_LXT_PHY=m
+CONFIG_INTEL_XWAY_PHY=m
+CONFIG_LSI_ET1011C_PHY=m
+CONFIG_MARVELL_PHY=m
+CONFIG_MARVELL_10G_PHY=m
+# CONFIG_MARVELL_88X2222_PHY is not set
+# CONFIG_MAXLINEAR_GPHY is not set
+# CONFIG_MEDIATEK_GE_PHY is not set
+CONFIG_MICREL_PHY=m
+CONFIG_MICROCHIP_PHY=m
+CONFIG_MICROCHIP_T1_PHY=m
+CONFIG_MICROSEMI_PHY=m
+# CONFIG_MOTORCOMM_PHY is not set
+CONFIG_NATIONAL_PHY=m
+# CONFIG_NXP_C45_TJA11XX_PHY is not set
+# CONFIG_NXP_TJA11XX_PHY is not set
+CONFIG_QSEMI_PHY=m
+CONFIG_REALTEK_PHY=m
+CONFIG_RENESAS_PHY=m
+CONFIG_ROCKCHIP_PHY=m
+CONFIG_SMSC_PHY=m
+CONFIG_STE10XP=m
+CONFIG_TERANETICS_PHY=m
+CONFIG_DP83822_PHY=m
+CONFIG_DP83TC811_PHY=m
+CONFIG_DP83848_PHY=m
+CONFIG_DP83867_PHY=m
+# CONFIG_DP83869_PHY is not set
+# CONFIG_DP83TD510_PHY is not set
+CONFIG_VITESSE_PHY=m
+CONFIG_XILINX_GMII2RGMII=m
+CONFIG_MICREL_KS8995MA=m
+# CONFIG_PSE_CONTROLLER is not set
+CONFIG_CAN_DEV=m
+CONFIG_CAN_VCAN=m
+# CONFIG_CAN_VXCAN is not set
+CONFIG_CAN_NETLINK=y
+CONFIG_CAN_CALC_BITTIMING=y
+# CONFIG_CAN_CAN327 is not set
+# CONFIG_CAN_KVASER_PCIEFD is not set
+CONFIG_CAN_SLCAN=m
+CONFIG_CAN_C_CAN=m
+CONFIG_CAN_C_CAN_PLATFORM=m
+CONFIG_CAN_C_CAN_PCI=m
+CONFIG_CAN_CC770=m
+# CONFIG_CAN_CC770_ISA is not set
+CONFIG_CAN_CC770_PLATFORM=m
+# CONFIG_CAN_CTUCANFD_PCI is not set
+# CONFIG_CAN_IFI_CANFD is not set
+# CONFIG_CAN_M_CAN is not set
+# CONFIG_CAN_PEAK_PCIEFD is not set
+CONFIG_CAN_SJA1000=m
+CONFIG_CAN_EMS_PCI=m
+# CONFIG_CAN_F81601 is not set
+CONFIG_CAN_KVASER_PCI=m
+CONFIG_CAN_PEAK_PCI=m
+CONFIG_CAN_PEAK_PCIEC=y
+CONFIG_CAN_PLX_PCI=m
+# CONFIG_CAN_SJA1000_ISA is not set
+CONFIG_CAN_SJA1000_PLATFORM=m
+CONFIG_CAN_SOFTING=m
+
+#
+# CAN SPI interfaces
+#
+# CONFIG_CAN_HI311X is not set
+# CONFIG_CAN_MCP251X is not set
+# CONFIG_CAN_MCP251XFD is not set
+# end of CAN SPI interfaces
+
+#
+# CAN USB interfaces
+#
+CONFIG_CAN_8DEV_USB=m
+CONFIG_CAN_EMS_USB=m
+# CONFIG_CAN_ESD_USB is not set
+# CONFIG_CAN_ETAS_ES58X is not set
+# CONFIG_CAN_GS_USB is not set
+CONFIG_CAN_KVASER_USB=m
+# CONFIG_CAN_MCBA_USB is not set
+CONFIG_CAN_PEAK_USB=m
+# CONFIG_CAN_UCAN is not set
+# end of CAN USB interfaces
+
+# CONFIG_CAN_DEBUG_DEVICES is not set
+CONFIG_MDIO_DEVICE=y
+CONFIG_MDIO_BUS=y
+CONFIG_FWNODE_MDIO=y
+CONFIG_ACPI_MDIO=y
+CONFIG_MDIO_DEVRES=y
+CONFIG_MDIO_BITBANG=m
+# CONFIG_MDIO_BCM_UNIMAC is not set
+CONFIG_MDIO_CAVIUM=m
+# CONFIG_MDIO_GPIO is not set
+# CONFIG_MDIO_MVUSB is not set
+CONFIG_MDIO_THUNDER=m
+
+#
+# MDIO Multiplexers
+#
+
+#
+# PCS device drivers
+#
+# end of PCS device drivers
+
+# CONFIG_PLIP is not set
+CONFIG_PPP=m
+CONFIG_PPP_BSDCOMP=m
+CONFIG_PPP_DEFLATE=m
+CONFIG_PPP_FILTER=y
+CONFIG_PPP_MPPE=m
+CONFIG_PPP_MULTILINK=y
+CONFIG_PPPOATM=m
+CONFIG_PPPOE=m
+CONFIG_PPTP=m
+CONFIG_PPPOL2TP=m
+CONFIG_PPP_ASYNC=m
+CONFIG_PPP_SYNC_TTY=m
+CONFIG_SLIP=m
+CONFIG_SLHC=m
+CONFIG_SLIP_COMPRESSED=y
+CONFIG_SLIP_SMART=y
+# CONFIG_SLIP_MODE_SLIP6 is not set
+CONFIG_USB_NET_DRIVERS=y
+CONFIG_USB_CATC=m
+CONFIG_USB_KAWETH=m
+CONFIG_USB_PEGASUS=m
+CONFIG_USB_RTL8150=m
+CONFIG_USB_RTL8152=m
+CONFIG_USB_LAN78XX=m
+CONFIG_USB_USBNET=m
+CONFIG_USB_NET_AX8817X=m
+CONFIG_USB_NET_AX88179_178A=m
+CONFIG_USB_NET_CDCETHER=m
+CONFIG_USB_NET_CDC_EEM=m
+CONFIG_USB_NET_CDC_NCM=m
+CONFIG_USB_NET_HUAWEI_CDC_NCM=m
+CONFIG_USB_NET_CDC_MBIM=m
+CONFIG_USB_NET_DM9601=m
+# CONFIG_USB_NET_SR9700 is not set
+# CONFIG_USB_NET_SR9800 is not set
+CONFIG_USB_NET_SMSC75XX=m
+CONFIG_USB_NET_SMSC95XX=m
+CONFIG_USB_NET_GL620A=m
+CONFIG_USB_NET_NET1080=m
+CONFIG_USB_NET_PLUSB=m
+CONFIG_USB_NET_MCS7830=m
+CONFIG_USB_NET_RNDIS_HOST=m
+CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
+CONFIG_USB_NET_CDC_SUBSET=m
+CONFIG_USB_ALI_M5632=y
+CONFIG_USB_AN2720=y
+CONFIG_USB_BELKIN=y
+CONFIG_USB_ARMLINUX=y
+CONFIG_USB_EPSON2888=y
+CONFIG_USB_KC2190=y
+CONFIG_USB_NET_ZAURUS=m
+CONFIG_USB_NET_CX82310_ETH=m
+CONFIG_USB_NET_KALMIA=m
+CONFIG_USB_NET_QMI_WWAN=m
+CONFIG_USB_HSO=m
+CONFIG_USB_NET_INT51X1=m
+CONFIG_USB_IPHETH=m
+CONFIG_USB_SIERRA_NET=m
+CONFIG_USB_VL600=m
+CONFIG_USB_NET_CH9200=m
+# CONFIG_USB_NET_AQC111 is not set
+CONFIG_USB_RTL8153_ECM=m
+CONFIG_WLAN=y
+# CONFIG_WLAN_VENDOR_ADMTEK is not set
+CONFIG_ATH_COMMON=m
+CONFIG_WLAN_VENDOR_ATH=y
+# CONFIG_ATH_DEBUG is not set
+# CONFIG_ATH5K is not set
+# CONFIG_ATH5K_PCI is not set
+CONFIG_ATH9K_HW=m
+CONFIG_ATH9K_COMMON=m
+CONFIG_ATH9K_COMMON_DEBUG=y
+CONFIG_ATH9K_BTCOEX_SUPPORT=y
+CONFIG_ATH9K=m
+CONFIG_ATH9K_PCI=y
+CONFIG_ATH9K_AHB=y
+CONFIG_ATH9K_DEBUGFS=y
+# CONFIG_ATH9K_STATION_STATISTICS is not set
+# CONFIG_ATH9K_DYNACK is not set
+CONFIG_ATH9K_WOW=y
+CONFIG_ATH9K_RFKILL=y
+# CONFIG_ATH9K_CHANNEL_CONTEXT is not set
+CONFIG_ATH9K_PCOEM=y
+# CONFIG_ATH9K_PCI_NO_EEPROM is not set
+CONFIG_ATH9K_HTC=m
+# CONFIG_ATH9K_HTC_DEBUGFS is not set
+# CONFIG_ATH9K_HWRNG is not set
+# CONFIG_ATH9K_COMMON_SPECTRAL is not set
+# CONFIG_CARL9170 is not set
+# CONFIG_ATH6KL is not set
+# CONFIG_AR5523 is not set
+# CONFIG_WIL6210 is not set
+CONFIG_ATH10K=m
+CONFIG_ATH10K_CE=y
+CONFIG_ATH10K_PCI=m
+# CONFIG_ATH10K_SDIO is not set
+# CONFIG_ATH10K_USB is not set
+# CONFIG_ATH10K_DEBUG is not set
+CONFIG_ATH10K_DEBUGFS=y
+# CONFIG_ATH10K_SPECTRAL is not set
+# CONFIG_ATH10K_TRACING is not set
+# CONFIG_WCN36XX is not set
+# CONFIG_ATH11K is not set
+# CONFIG_WLAN_VENDOR_ATMEL is not set
+CONFIG_WLAN_VENDOR_BROADCOM=y
+# CONFIG_B43 is not set
+# CONFIG_B43LEGACY is not set
+CONFIG_BRCMUTIL=m
+CONFIG_BRCMSMAC=m
+CONFIG_BRCMSMAC_LEDS=y
+CONFIG_BRCMFMAC=m
+CONFIG_BRCMFMAC_PROTO_BCDC=y
+CONFIG_BRCMFMAC_PROTO_MSGBUF=y
+CONFIG_BRCMFMAC_SDIO=y
+CONFIG_BRCMFMAC_USB=y
+CONFIG_BRCMFMAC_PCIE=y
+# CONFIG_BRCM_TRACING is not set
+# CONFIG_BRCMDBG is not set
+# CONFIG_WLAN_VENDOR_CISCO is not set
+CONFIG_WLAN_VENDOR_INTEL=y
+# CONFIG_IPW2100 is not set
+# CONFIG_IPW2200 is not set
+# CONFIG_IWL4965 is not set
+# CONFIG_IWL3945 is not set
+CONFIG_IWLWIFI=m
+CONFIG_IWLWIFI_LEDS=y
+CONFIG_IWLDVM=m
+CONFIG_IWLMVM=m
+CONFIG_IWLWIFI_OPMODE_MODULAR=y
+
+#
+# Debugging Options
+#
+# CONFIG_IWLWIFI_DEBUG is not set
+CONFIG_IWLWIFI_DEBUGFS=y
+# CONFIG_IWLWIFI_DEVICE_TRACING is not set
+# end of Debugging Options
+
+# CONFIG_WLAN_VENDOR_INTERSIL is not set
+CONFIG_WLAN_VENDOR_MARVELL=y
+# CONFIG_LIBERTAS is not set
+# CONFIG_LIBERTAS_THINFIRM is not set
+CONFIG_MWIFIEX=m
+CONFIG_MWIFIEX_SDIO=m
+CONFIG_MWIFIEX_PCIE=m
+CONFIG_MWIFIEX_USB=m
+# CONFIG_MWL8K is not set
+CONFIG_WLAN_VENDOR_MEDIATEK=y
+CONFIG_MT7601U=m
+CONFIG_MT76_CORE=m
+CONFIG_MT76_LEDS=y
+CONFIG_MT76_USB=m
+CONFIG_MT76x02_LIB=m
+CONFIG_MT76x02_USB=m
+CONFIG_MT76x0_COMMON=m
+CONFIG_MT76x0U=m
+# CONFIG_MT76x0E is not set
+CONFIG_MT76x2_COMMON=m
+# CONFIG_MT76x2E is not set
+CONFIG_MT76x2U=m
+# CONFIG_MT7603E is not set
+# CONFIG_MT7615E is not set
+# CONFIG_MT7663U is not set
+# CONFIG_MT7663S is not set
+# CONFIG_MT7915E is not set
+# CONFIG_MT7921E is not set
+# CONFIG_MT7921S is not set
+# CONFIG_MT7921U is not set
+CONFIG_WLAN_VENDOR_MICROCHIP=y
+# CONFIG_WILC1000_SDIO is not set
+# CONFIG_WILC1000_SPI is not set
+CONFIG_WLAN_VENDOR_PURELIFI=y
+# CONFIG_PLFXLC is not set
+CONFIG_WLAN_VENDOR_RALINK=y
+CONFIG_RT2X00=m
+# CONFIG_RT2400PCI is not set
+# CONFIG_RT2500PCI is not set
+# CONFIG_RT61PCI is not set
+CONFIG_RT2800PCI=m
+CONFIG_RT2800PCI_RT33XX=y
+CONFIG_RT2800PCI_RT35XX=y
+CONFIG_RT2800PCI_RT53XX=y
+CONFIG_RT2800PCI_RT3290=y
+# CONFIG_RT2500USB is not set
+# CONFIG_RT73USB is not set
+CONFIG_RT2800USB=m
+CONFIG_RT2800USB_RT33XX=y
+CONFIG_RT2800USB_RT35XX=y
+CONFIG_RT2800USB_RT3573=y
+CONFIG_RT2800USB_RT53XX=y
+CONFIG_RT2800USB_RT55XX=y
+CONFIG_RT2800USB_UNKNOWN=y
+CONFIG_RT2800_LIB=m
+CONFIG_RT2800_LIB_MMIO=m
+CONFIG_RT2X00_LIB_MMIO=m
+CONFIG_RT2X00_LIB_PCI=m
+CONFIG_RT2X00_LIB_USB=m
+CONFIG_RT2X00_LIB=m
+CONFIG_RT2X00_LIB_FIRMWARE=y
+CONFIG_RT2X00_LIB_CRYPTO=y
+CONFIG_RT2X00_LIB_LEDS=y
+CONFIG_RT2X00_LIB_DEBUGFS=y
+# CONFIG_RT2X00_DEBUG is not set
+CONFIG_WLAN_VENDOR_REALTEK=y
+# CONFIG_RTL8180 is not set
+# CONFIG_RTL8187 is not set
+CONFIG_RTL_CARDS=m
+CONFIG_RTL8192CE=m
+CONFIG_RTL8192SE=m
+CONFIG_RTL8192DE=m
+CONFIG_RTL8723AE=m
+CONFIG_RTL8723BE=m
+CONFIG_RTL8188EE=m
+CONFIG_RTL8192EE=m
+CONFIG_RTL8821AE=m
+CONFIG_RTL8192CU=m
+CONFIG_RTLWIFI=m
+CONFIG_RTLWIFI_PCI=m
+CONFIG_RTLWIFI_USB=m
+# CONFIG_RTLWIFI_DEBUG is not set
+CONFIG_RTL8192C_COMMON=m
+CONFIG_RTL8723_COMMON=m
+CONFIG_RTLBTCOEXIST=m
+CONFIG_RTL8XXXU=m
+# CONFIG_RTL8XXXU_UNTESTED is not set
+# CONFIG_RTW88 is not set
+# CONFIG_RTW89 is not set
+# CONFIG_WLAN_VENDOR_RSI is not set
+CONFIG_WLAN_VENDOR_SILABS=y
+# CONFIG_WFX is not set
+# CONFIG_WLAN_VENDOR_ST is not set
+# CONFIG_WLAN_VENDOR_TI is not set
+# CONFIG_WLAN_VENDOR_ZYDAS is not set
+CONFIG_WLAN_VENDOR_QUANTENNA=y
+# CONFIG_QTNFMAC_PCIE is not set
+CONFIG_MAC80211_HWSIM=m
+# CONFIG_USB_NET_RNDIS_WLAN is not set
+# CONFIG_VIRT_WIFI is not set
+CONFIG_WAN=y
+CONFIG_HDLC=m
+CONFIG_HDLC_RAW=m
+# CONFIG_HDLC_RAW_ETH is not set
+CONFIG_HDLC_CISCO=m
+CONFIG_HDLC_FR=m
+CONFIG_HDLC_PPP=m
+
+#
+# X.25/LAPB support is disabled
+#
+# CONFIG_PCI200SYN is not set
+# CONFIG_WANXL is not set
+# CONFIG_PC300TOO is not set
+# CONFIG_FARSYNC is not set
+CONFIG_IEEE802154_DRIVERS=m
+CONFIG_IEEE802154_FAKELB=m
+# CONFIG_IEEE802154_AT86RF230 is not set
+# CONFIG_IEEE802154_MRF24J40 is not set
+# CONFIG_IEEE802154_CC2520 is not set
+# CONFIG_IEEE802154_ATUSB is not set
+# CONFIG_IEEE802154_ADF7242 is not set
+# CONFIG_IEEE802154_CA8210 is not set
+# CONFIG_IEEE802154_MCR20A is not set
+# CONFIG_IEEE802154_HWSIM is not set
+
+#
+# Wireless WAN
+#
+# CONFIG_WWAN is not set
+# end of Wireless WAN
+
+CONFIG_XEN_NETDEV_FRONTEND=m
+CONFIG_VMXNET3=m
+CONFIG_FUJITSU_ES=m
+CONFIG_USB4_NET=m
+CONFIG_HYPERV_NET=m
+CONFIG_NETDEVSIM=m
+CONFIG_NET_FAILOVER=m
+CONFIG_ISDN=y
+CONFIG_ISDN_CAPI=y
+CONFIG_CAPI_TRACE=y
+CONFIG_ISDN_CAPI_MIDDLEWARE=y
+CONFIG_MISDN=m
+CONFIG_MISDN_DSP=m
+CONFIG_MISDN_L1OIP=m
+
+#
+# mISDN hardware drivers
+#
+CONFIG_MISDN_HFCPCI=m
+CONFIG_MISDN_HFCMULTI=m
+CONFIG_MISDN_HFCUSB=m
+CONFIG_MISDN_AVMFRITZ=m
+CONFIG_MISDN_SPEEDFAX=m
+CONFIG_MISDN_INFINEON=m
+CONFIG_MISDN_W6692=m
+CONFIG_MISDN_NETJET=m
+CONFIG_MISDN_HDLC=m
+CONFIG_MISDN_IPAC=m
+CONFIG_MISDN_ISAR=m
+
+#
+# Input device support
+#
+CONFIG_INPUT=y
+CONFIG_INPUT_LEDS=y
+CONFIG_INPUT_FF_MEMLESS=m
+CONFIG_INPUT_SPARSEKMAP=m
+# CONFIG_INPUT_MATRIXKMAP is not set
+CONFIG_INPUT_VIVALDIFMAP=y
+
+#
+# Userland interfaces
+#
+CONFIG_INPUT_MOUSEDEV=y
+# CONFIG_INPUT_MOUSEDEV_PSAUX is not set
+CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
+CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
+CONFIG_INPUT_JOYDEV=m
+CONFIG_INPUT_EVDEV=y
+# CONFIG_INPUT_EVBUG is not set
+
+#
+# Input Device Drivers
+#
+CONFIG_INPUT_KEYBOARD=y
+# CONFIG_KEYBOARD_ADC is not set
+# CONFIG_KEYBOARD_ADP5588 is not set
+# CONFIG_KEYBOARD_ADP5589 is not set
+# CONFIG_KEYBOARD_APPLESPI is not set
+CONFIG_KEYBOARD_ATKBD=y
+# CONFIG_KEYBOARD_QT1050 is not set
+# CONFIG_KEYBOARD_QT1070 is not set
+# CONFIG_KEYBOARD_QT2160 is not set
+# CONFIG_KEYBOARD_DLINK_DIR685 is not set
+# CONFIG_KEYBOARD_LKKBD is not set
+# CONFIG_KEYBOARD_GPIO is not set
+# CONFIG_KEYBOARD_GPIO_POLLED is not set
+# CONFIG_KEYBOARD_TCA6416 is not set
+# CONFIG_KEYBOARD_TCA8418 is not set
+# CONFIG_KEYBOARD_MATRIX is not set
+# CONFIG_KEYBOARD_LM8323 is not set
+# CONFIG_KEYBOARD_LM8333 is not set
+# CONFIG_KEYBOARD_MAX7359 is not set
+# CONFIG_KEYBOARD_MCS is not set
+# CONFIG_KEYBOARD_MPR121 is not set
+# CONFIG_KEYBOARD_NEWTON is not set
+# CONFIG_KEYBOARD_OPENCORES is not set
+# CONFIG_KEYBOARD_SAMSUNG is not set
+# CONFIG_KEYBOARD_STOWAWAY is not set
+# CONFIG_KEYBOARD_SUNKBD is not set
+# CONFIG_KEYBOARD_TM2_TOUCHKEY is not set
+# CONFIG_KEYBOARD_XTKBD is not set
+# CONFIG_KEYBOARD_CYPRESS_SF is not set
+CONFIG_INPUT_MOUSE=y
+CONFIG_MOUSE_PS2=y
+CONFIG_MOUSE_PS2_ALPS=y
+CONFIG_MOUSE_PS2_BYD=y
+CONFIG_MOUSE_PS2_LOGIPS2PP=y
+CONFIG_MOUSE_PS2_SYNAPTICS=y
+CONFIG_MOUSE_PS2_SYNAPTICS_SMBUS=y
+CONFIG_MOUSE_PS2_CYPRESS=y
+CONFIG_MOUSE_PS2_LIFEBOOK=y
+CONFIG_MOUSE_PS2_TRACKPOINT=y
+CONFIG_MOUSE_PS2_ELANTECH=y
+CONFIG_MOUSE_PS2_ELANTECH_SMBUS=y
+CONFIG_MOUSE_PS2_SENTELIC=y
+# CONFIG_MOUSE_PS2_TOUCHKIT is not set
+CONFIG_MOUSE_PS2_FOCALTECH=y
+CONFIG_MOUSE_PS2_VMMOUSE=y
+CONFIG_MOUSE_PS2_SMBUS=y
+CONFIG_MOUSE_SERIAL=m
+CONFIG_MOUSE_APPLETOUCH=m
+CONFIG_MOUSE_BCM5974=m
+CONFIG_MOUSE_CYAPA=m
+CONFIG_MOUSE_ELAN_I2C=m
+CONFIG_MOUSE_ELAN_I2C_I2C=y
+CONFIG_MOUSE_ELAN_I2C_SMBUS=y
+CONFIG_MOUSE_VSXXXAA=m
+# CONFIG_MOUSE_GPIO is not set
+CONFIG_MOUSE_SYNAPTICS_I2C=m
+CONFIG_MOUSE_SYNAPTICS_USB=m
+# CONFIG_INPUT_JOYSTICK is not set
+CONFIG_INPUT_TABLET=y
+CONFIG_TABLET_USB_ACECAD=m
+CONFIG_TABLET_USB_AIPTEK=m
+# CONFIG_TABLET_USB_HANWANG is not set
+CONFIG_TABLET_USB_KBTAB=m
+# CONFIG_TABLET_USB_PEGASUS is not set
+CONFIG_TABLET_SERIAL_WACOM4=m
+CONFIG_INPUT_TOUCHSCREEN=y
+# CONFIG_TOUCHSCREEN_ADS7846 is not set
+# CONFIG_TOUCHSCREEN_AD7877 is not set
+# CONFIG_TOUCHSCREEN_AD7879 is not set
+# CONFIG_TOUCHSCREEN_ADC is not set
+# CONFIG_TOUCHSCREEN_ATMEL_MXT is not set
+# CONFIG_TOUCHSCREEN_AUO_PIXCIR is not set
+# CONFIG_TOUCHSCREEN_BU21013 is not set
+# CONFIG_TOUCHSCREEN_BU21029 is not set
+# CONFIG_TOUCHSCREEN_CHIPONE_ICN8505 is not set
+# CONFIG_TOUCHSCREEN_CY8CTMA140 is not set
+# CONFIG_TOUCHSCREEN_CY8CTMG110 is not set
+# CONFIG_TOUCHSCREEN_CYTTSP_CORE is not set
+# CONFIG_TOUCHSCREEN_CYTTSP4_CORE is not set
+# CONFIG_TOUCHSCREEN_DYNAPRO is not set
+# CONFIG_TOUCHSCREEN_HAMPSHIRE is not set
+# CONFIG_TOUCHSCREEN_EETI is not set
+# CONFIG_TOUCHSCREEN_EGALAX_SERIAL is not set
+# CONFIG_TOUCHSCREEN_EXC3000 is not set
+# CONFIG_TOUCHSCREEN_FUJITSU is not set
+# CONFIG_TOUCHSCREEN_GOODIX is not set
+# CONFIG_TOUCHSCREEN_HIDEEP is not set
+# CONFIG_TOUCHSCREEN_HYCON_HY46XX is not set
+# CONFIG_TOUCHSCREEN_ILI210X is not set
+# CONFIG_TOUCHSCREEN_ILITEK is not set
+# CONFIG_TOUCHSCREEN_S6SY761 is not set
+# CONFIG_TOUCHSCREEN_GUNZE is not set
+# CONFIG_TOUCHSCREEN_EKTF2127 is not set
+# CONFIG_TOUCHSCREEN_ELAN is not set
+CONFIG_TOUCHSCREEN_ELO=m
+CONFIG_TOUCHSCREEN_WACOM_W8001=m
+CONFIG_TOUCHSCREEN_WACOM_I2C=m
+# CONFIG_TOUCHSCREEN_MAX11801 is not set
+# CONFIG_TOUCHSCREEN_MCS5000 is not set
+# CONFIG_TOUCHSCREEN_MMS114 is not set
+# CONFIG_TOUCHSCREEN_MELFAS_MIP4 is not set
+# CONFIG_TOUCHSCREEN_MSG2638 is not set
+# CONFIG_TOUCHSCREEN_MTOUCH is not set
+# CONFIG_TOUCHSCREEN_IMAGIS is not set
+# CONFIG_TOUCHSCREEN_INEXIO is not set
+# CONFIG_TOUCHSCREEN_MK712 is not set
+# CONFIG_TOUCHSCREEN_PENMOUNT is not set
+# CONFIG_TOUCHSCREEN_EDT_FT5X06 is not set
+# CONFIG_TOUCHSCREEN_TOUCHRIGHT is not set
+# CONFIG_TOUCHSCREEN_TOUCHWIN is not set
+# CONFIG_TOUCHSCREEN_PIXCIR is not set
+# CONFIG_TOUCHSCREEN_WDT87XX_I2C is not set
+# CONFIG_TOUCHSCREEN_WM97XX is not set
+# CONFIG_TOUCHSCREEN_USB_COMPOSITE is not set
+# CONFIG_TOUCHSCREEN_TOUCHIT213 is not set
+# CONFIG_TOUCHSCREEN_TSC_SERIO is not set
+# CONFIG_TOUCHSCREEN_TSC2004 is not set
+# CONFIG_TOUCHSCREEN_TSC2005 is not set
+# CONFIG_TOUCHSCREEN_TSC2007 is not set
+# CONFIG_TOUCHSCREEN_RM_TS is not set
+# CONFIG_TOUCHSCREEN_SILEAD is not set
+# CONFIG_TOUCHSCREEN_SIS_I2C is not set
+# CONFIG_TOUCHSCREEN_ST1232 is not set
+# CONFIG_TOUCHSCREEN_STMFTS is not set
+# CONFIG_TOUCHSCREEN_SUR40 is not set
+# CONFIG_TOUCHSCREEN_SURFACE3_SPI is not set
+# CONFIG_TOUCHSCREEN_SX8654 is not set
+# CONFIG_TOUCHSCREEN_TPS6507X is not set
+# CONFIG_TOUCHSCREEN_ZET6223 is not set
+# CONFIG_TOUCHSCREEN_ZFORCE is not set
+# CONFIG_TOUCHSCREEN_COLIBRI_VF50 is not set
+# CONFIG_TOUCHSCREEN_ROHM_BU21023 is not set
+# CONFIG_TOUCHSCREEN_IQS5XX is not set
+# CONFIG_TOUCHSCREEN_ZINITIX is not set
+CONFIG_INPUT_MISC=y
+# CONFIG_INPUT_AD714X is not set
+# CONFIG_INPUT_BMA150 is not set
+# CONFIG_INPUT_E3X0_BUTTON is not set
+CONFIG_INPUT_PCSPKR=m
+# CONFIG_INPUT_MMA8450 is not set
+CONFIG_INPUT_APANEL=m
+# CONFIG_INPUT_GPIO_BEEPER is not set
+# CONFIG_INPUT_GPIO_DECODER is not set
+# CONFIG_INPUT_GPIO_VIBRA is not set
+CONFIG_INPUT_ATLAS_BTNS=m
+CONFIG_INPUT_ATI_REMOTE2=m
+CONFIG_INPUT_KEYSPAN_REMOTE=m
+# CONFIG_INPUT_KXTJ9 is not set
+CONFIG_INPUT_POWERMATE=m
+CONFIG_INPUT_YEALINK=m
+CONFIG_INPUT_CM109=m
+CONFIG_INPUT_UINPUT=m
+# CONFIG_INPUT_PCF8574 is not set
+# CONFIG_INPUT_PWM_BEEPER is not set
+# CONFIG_INPUT_PWM_VIBRA is not set
+CONFIG_INPUT_GPIO_ROTARY_ENCODER=m
+# CONFIG_INPUT_DA7280_HAPTICS is not set
+# CONFIG_INPUT_ADXL34X is not set
+# CONFIG_INPUT_IMS_PCU is not set
+# CONFIG_INPUT_IQS269A is not set
+# CONFIG_INPUT_IQS626A is not set
+# CONFIG_INPUT_IQS7222 is not set
+# CONFIG_INPUT_CMA3000 is not set
+CONFIG_INPUT_XEN_KBDDEV_FRONTEND=m
+# CONFIG_INPUT_IDEAPAD_SLIDEBAR is not set
+# CONFIG_INPUT_DRV260X_HAPTICS is not set
+# CONFIG_INPUT_DRV2665_HAPTICS is not set
+# CONFIG_INPUT_DRV2667_HAPTICS is not set
+CONFIG_RMI4_CORE=m
+CONFIG_RMI4_I2C=m
+CONFIG_RMI4_SPI=m
+CONFIG_RMI4_SMB=m
+CONFIG_RMI4_F03=y
+CONFIG_RMI4_F03_SERIO=m
+CONFIG_RMI4_2D_SENSOR=y
+CONFIG_RMI4_F11=y
+CONFIG_RMI4_F12=y
+CONFIG_RMI4_F30=y
+CONFIG_RMI4_F34=y
+# CONFIG_RMI4_F3A is not set
+# CONFIG_RMI4_F54 is not set
+CONFIG_RMI4_F55=y
+
+#
+# Hardware I/O ports
+#
+CONFIG_SERIO=y
+CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
+CONFIG_SERIO_I8042=y
+CONFIG_SERIO_SERPORT=y
+# CONFIG_SERIO_CT82C710 is not set
+# CONFIG_SERIO_PARKBD is not set
+# CONFIG_SERIO_PCIPS2 is not set
+CONFIG_SERIO_LIBPS2=y
+CONFIG_SERIO_RAW=m
+CONFIG_SERIO_ALTERA_PS2=m
+# CONFIG_SERIO_PS2MULT is not set
+CONFIG_SERIO_ARC_PS2=m
+CONFIG_HYPERV_KEYBOARD=m
+# CONFIG_SERIO_GPIO_PS2 is not set
+# CONFIG_USERIO is not set
+# CONFIG_GAMEPORT is not set
+# end of Hardware I/O ports
+# end of Input device support
+
+#
+# Character devices
+#
+CONFIG_TTY=y
+CONFIG_VT=y
+CONFIG_CONSOLE_TRANSLATIONS=y
+CONFIG_VT_CONSOLE=y
+CONFIG_VT_CONSOLE_SLEEP=y
+CONFIG_HW_CONSOLE=y
+CONFIG_VT_HW_CONSOLE_BINDING=y
+CONFIG_UNIX98_PTYS=y
+# CONFIG_LEGACY_PTYS is not set
+CONFIG_LDISC_AUTOLOAD=y
+
+#
+# Serial drivers
+#
+CONFIG_SERIAL_EARLYCON=y
+CONFIG_SERIAL_8250=y
+# CONFIG_SERIAL_8250_DEPRECATED_OPTIONS is not set
+CONFIG_SERIAL_8250_PNP=y
+# CONFIG_SERIAL_8250_16550A_VARIANTS is not set
+# CONFIG_SERIAL_8250_FINTEK is not set
+CONFIG_SERIAL_8250_CONSOLE=y
+CONFIG_SERIAL_8250_DMA=y
+CONFIG_SERIAL_8250_PCI=y
+CONFIG_SERIAL_8250_EXAR=y
+CONFIG_SERIAL_8250_NR_UARTS=32
+CONFIG_SERIAL_8250_RUNTIME_UARTS=4
+CONFIG_SERIAL_8250_EXTENDED=y
+CONFIG_SERIAL_8250_MANY_PORTS=y
+CONFIG_SERIAL_8250_SHARE_IRQ=y
+# CONFIG_SERIAL_8250_DETECT_IRQ is not set
+CONFIG_SERIAL_8250_RSA=y
+CONFIG_SERIAL_8250_DWLIB=y
+CONFIG_SERIAL_8250_DW=y
+# CONFIG_SERIAL_8250_RT288X is not set
+CONFIG_SERIAL_8250_LPSS=y
+CONFIG_SERIAL_8250_MID=y
+CONFIG_SERIAL_8250_PERICOM=y
+
+#
+# Non-8250 serial port support
+#
+# CONFIG_SERIAL_KGDB_NMI is not set
+# CONFIG_SERIAL_MAX3100 is not set
+# CONFIG_SERIAL_MAX310X is not set
+# CONFIG_SERIAL_UARTLITE is not set
+CONFIG_SERIAL_CORE=y
+CONFIG_SERIAL_CORE_CONSOLE=y
+CONFIG_CONSOLE_POLL=y
+CONFIG_SERIAL_JSM=m
+# CONFIG_SERIAL_LANTIQ is not set
+# CONFIG_SERIAL_SCCNXP is not set
+# CONFIG_SERIAL_SC16IS7XX is not set
+# CONFIG_SERIAL_ALTERA_JTAGUART is not set
+# CONFIG_SERIAL_ALTERA_UART is not set
+CONFIG_SERIAL_ARC=m
+CONFIG_SERIAL_ARC_NR_PORTS=1
+# CONFIG_SERIAL_RP2 is not set
+# CONFIG_SERIAL_FSL_LPUART is not set
+# CONFIG_SERIAL_FSL_LINFLEXUART is not set
+# CONFIG_SERIAL_SPRD is not set
+# end of Serial drivers
+
+CONFIG_SERIAL_MCTRL_GPIO=y
+CONFIG_SERIAL_NONSTANDARD=y
+# CONFIG_MOXA_INTELLIO is not set
+# CONFIG_MOXA_SMARTIO is not set
+CONFIG_SYNCLINK_GT=m
+CONFIG_N_HDLC=m
+CONFIG_N_GSM=m
+CONFIG_NOZOMI=m
+# CONFIG_NULL_TTY is not set
+CONFIG_HVC_DRIVER=y
+CONFIG_HVC_IRQ=y
+CONFIG_HVC_XEN=y
+CONFIG_HVC_XEN_FRONTEND=y
+# CONFIG_SERIAL_DEV_BUS is not set
+CONFIG_PRINTER=m
+# CONFIG_LP_CONSOLE is not set
+CONFIG_PPDEV=m
+CONFIG_VIRTIO_CONSOLE=m
+CONFIG_IPMI_HANDLER=m
+CONFIG_IPMI_DMI_DECODE=y
+CONFIG_IPMI_PLAT_DATA=y
+CONFIG_IPMI_PANIC_EVENT=y
+CONFIG_IPMI_PANIC_STRING=y
+CONFIG_IPMI_DEVICE_INTERFACE=m
+CONFIG_IPMI_SI=m
+CONFIG_IPMI_SSIF=m
+CONFIG_IPMI_WATCHDOG=m
+CONFIG_IPMI_POWEROFF=m
+CONFIG_HW_RANDOM=y
+CONFIG_HW_RANDOM_TIMERIOMEM=m
+CONFIG_HW_RANDOM_INTEL=m
+CONFIG_HW_RANDOM_AMD=m
+# CONFIG_HW_RANDOM_BA431 is not set
+CONFIG_HW_RANDOM_VIA=m
+CONFIG_HW_RANDOM_VIRTIO=y
+# CONFIG_HW_RANDOM_XIPHERA is not set
+# CONFIG_APPLICOM is not set
+# CONFIG_MWAVE is not set
+CONFIG_DEVMEM=y
+CONFIG_NVRAM=y
+CONFIG_DEVPORT=y
+CONFIG_HPET=y
+CONFIG_HPET_MMAP=y
+# CONFIG_HPET_MMAP_DEFAULT is not set
+CONFIG_HANGCHECK_TIMER=m
+CONFIG_UV_MMTIMER=m
+CONFIG_TCG_TPM=y
+CONFIG_HW_RANDOM_TPM=y
+CONFIG_TCG_TIS_CORE=y
+CONFIG_TCG_TIS=y
+CONFIG_TCG_TIS_SPI=m
+# CONFIG_TCG_TIS_SPI_CR50 is not set
+# CONFIG_TCG_TIS_I2C is not set
+# CONFIG_TCG_TIS_I2C_CR50 is not set
+CONFIG_TCG_TIS_I2C_ATMEL=m
+CONFIG_TCG_TIS_I2C_INFINEON=m
+CONFIG_TCG_TIS_I2C_NUVOTON=m
+CONFIG_TCG_NSC=m
+CONFIG_TCG_ATMEL=m
+CONFIG_TCG_INFINEON=m
+# CONFIG_TCG_XEN is not set
+CONFIG_TCG_CRB=y
+# CONFIG_TCG_VTPM_PROXY is not set
+CONFIG_TCG_TIS_ST33ZP24=m
+CONFIG_TCG_TIS_ST33ZP24_I2C=m
+CONFIG_TCG_TIS_ST33ZP24_SPI=m
+CONFIG_TELCLOCK=m
+# CONFIG_XILLYBUS is not set
+# CONFIG_XILLYUSB is not set
+# CONFIG_RANDOM_TRUST_CPU is not set
+# CONFIG_RANDOM_TRUST_BOOTLOADER is not set
+# end of Character devices
+
+#
+# I2C support
+#
+CONFIG_I2C=y
+CONFIG_ACPI_I2C_OPREGION=y
+CONFIG_I2C_BOARDINFO=y
+CONFIG_I2C_COMPAT=y
+CONFIG_I2C_CHARDEV=m
+CONFIG_I2C_MUX=m
+
+#
+# Multiplexer I2C Chip support
+#
+# CONFIG_I2C_MUX_GPIO is not set
+# CONFIG_I2C_MUX_LTC4306 is not set
+# CONFIG_I2C_MUX_PCA9541 is not set
+# CONFIG_I2C_MUX_PCA954x is not set
+# CONFIG_I2C_MUX_REG is not set
+CONFIG_I2C_MUX_MLXCPLD=m
+# end of Multiplexer I2C Chip support
+
+CONFIG_I2C_HELPER_AUTO=y
+CONFIG_I2C_SMBUS=m
+CONFIG_I2C_ALGOBIT=m
+CONFIG_I2C_ALGOPCA=m
+
+#
+# I2C Hardware Bus support
+#
+
+#
+# PC SMBus host controller drivers
+#
+# CONFIG_I2C_ALI1535 is not set
+# CONFIG_I2C_ALI1563 is not set
+# CONFIG_I2C_ALI15X3 is not set
+CONFIG_I2C_AMD756=m
+CONFIG_I2C_AMD756_S4882=m
+CONFIG_I2C_AMD8111=m
+# CONFIG_I2C_AMD_MP2 is not set
+CONFIG_I2C_I801=m
+CONFIG_I2C_ISCH=m
+CONFIG_I2C_ISMT=m
+CONFIG_I2C_PIIX4=m
+CONFIG_I2C_NFORCE2=m
+CONFIG_I2C_NFORCE2_S4985=m
+# CONFIG_I2C_NVIDIA_GPU is not set
+# CONFIG_I2C_SIS5595 is not set
+# CONFIG_I2C_SIS630 is not set
+CONFIG_I2C_SIS96X=m
+CONFIG_I2C_VIA=m
+CONFIG_I2C_VIAPRO=m
+
+#
+# ACPI drivers
+#
+CONFIG_I2C_SCMI=m
+
+#
+# I2C system bus drivers (mostly embedded / system-on-chip)
+#
+# CONFIG_I2C_CBUS_GPIO is not set
+CONFIG_I2C_DESIGNWARE_CORE=m
+# CONFIG_I2C_DESIGNWARE_SLAVE is not set
+CONFIG_I2C_DESIGNWARE_PLATFORM=m
+# CONFIG_I2C_DESIGNWARE_AMDPSP is not set
+CONFIG_I2C_DESIGNWARE_BAYTRAIL=y
+# CONFIG_I2C_DESIGNWARE_PCI is not set
+# CONFIG_I2C_EMEV2 is not set
+# CONFIG_I2C_GPIO is not set
+# CONFIG_I2C_OCORES is not set
+CONFIG_I2C_PCA_PLATFORM=m
+CONFIG_I2C_SIMTEC=m
+# CONFIG_I2C_XILINX is not set
+
+#
+# External I2C/SMBus adapter drivers
+#
+CONFIG_I2C_DIOLAN_U2C=m
+# CONFIG_I2C_CP2615 is not set
+CONFIG_I2C_PARPORT=m
+# CONFIG_I2C_PCI1XXXX is not set
+# CONFIG_I2C_ROBOTFUZZ_OSIF is not set
+# CONFIG_I2C_TAOS_EVM is not set
+CONFIG_I2C_TINY_USB=m
+CONFIG_I2C_VIPERBOARD=m
+
+#
+# Other I2C/SMBus bus drivers
+#
+CONFIG_I2C_MLXCPLD=m
+# CONFIG_I2C_VIRTIO is not set
+# end of I2C Hardware Bus support
+
+CONFIG_I2C_STUB=m
+# CONFIG_I2C_SLAVE is not set
+# CONFIG_I2C_DEBUG_CORE is not set
+# CONFIG_I2C_DEBUG_ALGO is not set
+# CONFIG_I2C_DEBUG_BUS is not set
+# end of I2C support
+
+# CONFIG_I3C is not set
+CONFIG_SPI=y
+# CONFIG_SPI_DEBUG is not set
+CONFIG_SPI_MASTER=y
+CONFIG_SPI_MEM=y
+
+#
+# SPI Master Controller Drivers
+#
+# CONFIG_SPI_ALTERA is not set
+# CONFIG_SPI_AXI_SPI_ENGINE is not set
+# CONFIG_SPI_BITBANG is not set
+# CONFIG_SPI_BUTTERFLY is not set
+# CONFIG_SPI_CADENCE is not set
+# CONFIG_SPI_DESIGNWARE is not set
+# CONFIG_SPI_NXP_FLEXSPI is not set
+# CONFIG_SPI_GPIO is not set
+# CONFIG_SPI_INTEL_PCI is not set
+# CONFIG_SPI_INTEL_PLATFORM is not set
+# CONFIG_SPI_LM70_LLP is not set
+# CONFIG_SPI_MICROCHIP_CORE is not set
+# CONFIG_SPI_MICROCHIP_CORE_QSPI is not set
+# CONFIG_SPI_LANTIQ_SSC is not set
+# CONFIG_SPI_OC_TINY is not set
+# CONFIG_SPI_PXA2XX is not set
+# CONFIG_SPI_ROCKCHIP is not set
+# CONFIG_SPI_SC18IS602 is not set
+# CONFIG_SPI_SIFIVE is not set
+# CONFIG_SPI_MXIC is not set
+# CONFIG_SPI_XCOMM is not set
+# CONFIG_SPI_XILINX is not set
+# CONFIG_SPI_ZYNQMP_GQSPI is not set
+# CONFIG_SPI_AMD is not set
+
+#
+# SPI Multiplexer support
+#
+# CONFIG_SPI_MUX is not set
+
+#
+# SPI Protocol Masters
+#
+# CONFIG_SPI_SPIDEV is not set
+# CONFIG_SPI_LOOPBACK_TEST is not set
+# CONFIG_SPI_TLE62X0 is not set
+# CONFIG_SPI_SLAVE is not set
+CONFIG_SPI_DYNAMIC=y
+# CONFIG_SPMI is not set
+# CONFIG_HSI is not set
+CONFIG_PPS=y
+# CONFIG_PPS_DEBUG is not set
+
+#
+# PPS clients support
+#
+# CONFIG_PPS_CLIENT_KTIMER is not set
+CONFIG_PPS_CLIENT_LDISC=m
+CONFIG_PPS_CLIENT_PARPORT=m
+CONFIG_PPS_CLIENT_GPIO=m
+
+#
+# PPS generators support
+#
+
+#
+# PTP clock support
+#
+CONFIG_PTP_1588_CLOCK=y
+CONFIG_PTP_1588_CLOCK_OPTIONAL=y
+CONFIG_DP83640_PHY=m
+# CONFIG_PTP_1588_CLOCK_INES is not set
+CONFIG_PTP_1588_CLOCK_KVM=m
+# CONFIG_PTP_1588_CLOCK_IDT82P33 is not set
+# CONFIG_PTP_1588_CLOCK_IDTCM is not set
+# CONFIG_PTP_1588_CLOCK_VMW is not set
+# CONFIG_PTP_1588_CLOCK_OCP is not set
+# end of PTP clock support
+
+CONFIG_PINCTRL=y
+CONFIG_PINMUX=y
+CONFIG_PINCONF=y
+CONFIG_GENERIC_PINCONF=y
+# CONFIG_DEBUG_PINCTRL is not set
+# CONFIG_PINCTRL_AMD is not set
+# CONFIG_PINCTRL_CY8C95X0 is not set
+# CONFIG_PINCTRL_MCP23S08 is not set
+# CONFIG_PINCTRL_SX150X is not set
+
+#
+# Intel pinctrl drivers
+#
+CONFIG_PINCTRL_BAYTRAIL=y
+# CONFIG_PINCTRL_CHERRYVIEW is not set
+# CONFIG_PINCTRL_LYNXPOINT is not set
+CONFIG_PINCTRL_INTEL=y
+# CONFIG_PINCTRL_ALDERLAKE is not set
+CONFIG_PINCTRL_BROXTON=m
+CONFIG_PINCTRL_CANNONLAKE=m
+CONFIG_PINCTRL_CEDARFORK=m
+CONFIG_PINCTRL_DENVERTON=m
+# CONFIG_PINCTRL_ELKHARTLAKE is not set
+CONFIG_PINCTRL_EMMITSBURG=m
+CONFIG_PINCTRL_GEMINILAKE=m
+CONFIG_PINCTRL_ICELAKE=m
+# CONFIG_PINCTRL_JASPERLAKE is not set
+# CONFIG_PINCTRL_LAKEFIELD is not set
+CONFIG_PINCTRL_LEWISBURG=m
+# CONFIG_PINCTRL_METEORLAKE is not set
+CONFIG_PINCTRL_SUNRISEPOINT=m
+# CONFIG_PINCTRL_TIGERLAKE is not set
+# end of Intel pinctrl drivers
+
+#
+# Renesas pinctrl drivers
+#
+# end of Renesas pinctrl drivers
+
+CONFIG_GPIOLIB=y
+CONFIG_GPIOLIB_FASTPATH_LIMIT=512
+CONFIG_GPIO_ACPI=y
+CONFIG_GPIOLIB_IRQCHIP=y
+# CONFIG_DEBUG_GPIO is not set
+CONFIG_GPIO_CDEV=y
+CONFIG_GPIO_CDEV_V1=y
+CONFIG_GPIO_GENERIC=m
+
+#
+# Memory mapped GPIO drivers
+#
+CONFIG_GPIO_AMDPT=m
+# CONFIG_GPIO_DWAPB is not set
+# CONFIG_GPIO_EXAR is not set
+# CONFIG_GPIO_GENERIC_PLATFORM is not set
+CONFIG_GPIO_ICH=m
+# CONFIG_GPIO_MB86S7X is not set
+# CONFIG_GPIO_VX855 is not set
+# CONFIG_GPIO_AMD_FCH is not set
+# end of Memory mapped GPIO drivers
+
+#
+# Port-mapped I/O GPIO drivers
+#
+# CONFIG_GPIO_F7188X is not set
+# CONFIG_GPIO_IT87 is not set
+# CONFIG_GPIO_SCH is not set
+# CONFIG_GPIO_SCH311X is not set
+# CONFIG_GPIO_WINBOND is not set
+# CONFIG_GPIO_WS16C48 is not set
+# end of Port-mapped I/O GPIO drivers
+
+#
+# I2C GPIO expanders
+#
+# CONFIG_GPIO_MAX7300 is not set
+# CONFIG_GPIO_MAX732X is not set
+# CONFIG_GPIO_PCA953X is not set
+# CONFIG_GPIO_PCA9570 is not set
+# CONFIG_GPIO_PCF857X is not set
+# CONFIG_GPIO_TPIC2810 is not set
+# end of I2C GPIO expanders
+
+#
+# MFD GPIO expanders
+#
+# end of MFD GPIO expanders
+
+#
+# PCI GPIO expanders
+#
+# CONFIG_GPIO_AMD8111 is not set
+# CONFIG_GPIO_ML_IOH is not set
+# CONFIG_GPIO_PCI_IDIO_16 is not set
+# CONFIG_GPIO_PCIE_IDIO_24 is not set
+# CONFIG_GPIO_RDC321X is not set
+# end of PCI GPIO expanders
+
+#
+# SPI GPIO expanders
+#
+# CONFIG_GPIO_MAX3191X is not set
+# CONFIG_GPIO_MAX7301 is not set
+# CONFIG_GPIO_MC33880 is not set
+# CONFIG_GPIO_PISOSR is not set
+# CONFIG_GPIO_XRA1403 is not set
+# end of SPI GPIO expanders
+
+#
+# USB GPIO expanders
+#
+CONFIG_GPIO_VIPERBOARD=m
+# end of USB GPIO expanders
+
+#
+# Virtual GPIO drivers
+#
+# CONFIG_GPIO_AGGREGATOR is not set
+# CONFIG_GPIO_MOCKUP is not set
+# CONFIG_GPIO_VIRTIO is not set
+# CONFIG_GPIO_SIM is not set
+# end of Virtual GPIO drivers
+
+# CONFIG_W1 is not set
+CONFIG_POWER_RESET=y
+# CONFIG_POWER_RESET_RESTART is not set
+CONFIG_POWER_SUPPLY=y
+# CONFIG_POWER_SUPPLY_DEBUG is not set
+CONFIG_POWER_SUPPLY_HWMON=y
+# CONFIG_PDA_POWER is not set
+# CONFIG_GENERIC_ADC_BATTERY is not set
+# CONFIG_IP5XXX_POWER is not set
+# CONFIG_TEST_POWER is not set
+# CONFIG_CHARGER_ADP5061 is not set
+# CONFIG_BATTERY_CW2015 is not set
+# CONFIG_BATTERY_DS2780 is not set
+# CONFIG_BATTERY_DS2781 is not set
+# CONFIG_BATTERY_DS2782 is not set
+# CONFIG_BATTERY_SAMSUNG_SDI is not set
+# CONFIG_BATTERY_SBS is not set
+# CONFIG_CHARGER_SBS is not set
+# CONFIG_MANAGER_SBS is not set
+# CONFIG_BATTERY_BQ27XXX is not set
+# CONFIG_BATTERY_MAX17040 is not set
+# CONFIG_BATTERY_MAX17042 is not set
+# CONFIG_CHARGER_MAX8903 is not set
+# CONFIG_CHARGER_LP8727 is not set
+# CONFIG_CHARGER_GPIO is not set
+# CONFIG_CHARGER_LT3651 is not set
+# CONFIG_CHARGER_LTC4162L is not set
+# CONFIG_CHARGER_MAX77976 is not set
+# CONFIG_CHARGER_BQ2415X is not set
+# CONFIG_CHARGER_BQ24257 is not set
+# CONFIG_CHARGER_BQ24735 is not set
+# CONFIG_CHARGER_BQ2515X is not set
+# CONFIG_CHARGER_BQ25890 is not set
+# CONFIG_CHARGER_BQ25980 is not set
+# CONFIG_CHARGER_BQ256XX is not set
+# CONFIG_BATTERY_GAUGE_LTC2941 is not set
+# CONFIG_BATTERY_GOLDFISH is not set
+# CONFIG_BATTERY_RT5033 is not set
+# CONFIG_CHARGER_RT9455 is not set
+# CONFIG_CHARGER_BD99954 is not set
+# CONFIG_BATTERY_UG3105 is not set
+CONFIG_HWMON=y
+CONFIG_HWMON_VID=m
+# CONFIG_HWMON_DEBUG_CHIP is not set
+
+#
+# Native drivers
+#
+CONFIG_SENSORS_ABITUGURU=m
+CONFIG_SENSORS_ABITUGURU3=m
+# CONFIG_SENSORS_AD7314 is not set
+CONFIG_SENSORS_AD7414=m
+CONFIG_SENSORS_AD7418=m
+CONFIG_SENSORS_ADM1025=m
+CONFIG_SENSORS_ADM1026=m
+CONFIG_SENSORS_ADM1029=m
+CONFIG_SENSORS_ADM1031=m
+# CONFIG_SENSORS_ADM1177 is not set
+CONFIG_SENSORS_ADM9240=m
+CONFIG_SENSORS_ADT7X10=m
+# CONFIG_SENSORS_ADT7310 is not set
+CONFIG_SENSORS_ADT7410=m
+CONFIG_SENSORS_ADT7411=m
+CONFIG_SENSORS_ADT7462=m
+CONFIG_SENSORS_ADT7470=m
+CONFIG_SENSORS_ADT7475=m
+# CONFIG_SENSORS_AHT10 is not set
+# CONFIG_SENSORS_AQUACOMPUTER_D5NEXT is not set
+# CONFIG_SENSORS_AS370 is not set
+CONFIG_SENSORS_ASC7621=m
+# CONFIG_SENSORS_AXI_FAN_CONTROL is not set
+CONFIG_SENSORS_K8TEMP=m
+CONFIG_SENSORS_K10TEMP=m
+CONFIG_SENSORS_FAM15H_POWER=m
+CONFIG_SENSORS_APPLESMC=m
+CONFIG_SENSORS_ASB100=m
+CONFIG_SENSORS_ATXP1=m
+# CONFIG_SENSORS_CORSAIR_CPRO is not set
+# CONFIG_SENSORS_CORSAIR_PSU is not set
+# CONFIG_SENSORS_DRIVETEMP is not set
+CONFIG_SENSORS_DS620=m
+CONFIG_SENSORS_DS1621=m
+CONFIG_SENSORS_DELL_SMM=m
+# CONFIG_I8K is not set
+CONFIG_SENSORS_I5K_AMB=m
+CONFIG_SENSORS_F71805F=m
+CONFIG_SENSORS_F71882FG=m
+CONFIG_SENSORS_F75375S=m
+CONFIG_SENSORS_FSCHMD=m
+# CONFIG_SENSORS_FTSTEUTATES is not set
+CONFIG_SENSORS_GL518SM=m
+CONFIG_SENSORS_GL520SM=m
+CONFIG_SENSORS_G760A=m
+# CONFIG_SENSORS_G762 is not set
+# CONFIG_SENSORS_HIH6130 is not set
+CONFIG_SENSORS_IBMAEM=m
+CONFIG_SENSORS_IBMPEX=m
+# CONFIG_SENSORS_IIO_HWMON is not set
+CONFIG_SENSORS_I5500=m
+CONFIG_SENSORS_CORETEMP=m
+CONFIG_SENSORS_IT87=m
+CONFIG_SENSORS_JC42=m
+# CONFIG_SENSORS_POWR1220 is not set
+CONFIG_SENSORS_LINEAGE=m
+# CONFIG_SENSORS_LTC2945 is not set
+# CONFIG_SENSORS_LTC2947_I2C is not set
+# CONFIG_SENSORS_LTC2947_SPI is not set
+# CONFIG_SENSORS_LTC2990 is not set
+# CONFIG_SENSORS_LTC2992 is not set
+CONFIG_SENSORS_LTC4151=m
+CONFIG_SENSORS_LTC4215=m
+# CONFIG_SENSORS_LTC4222 is not set
+CONFIG_SENSORS_LTC4245=m
+# CONFIG_SENSORS_LTC4260 is not set
+CONFIG_SENSORS_LTC4261=m
+# CONFIG_SENSORS_MAX1111 is not set
+# CONFIG_SENSORS_MAX127 is not set
+CONFIG_SENSORS_MAX16065=m
+CONFIG_SENSORS_MAX1619=m
+CONFIG_SENSORS_MAX1668=m
+CONFIG_SENSORS_MAX197=m
+# CONFIG_SENSORS_MAX31722 is not set
+# CONFIG_SENSORS_MAX31730 is not set
+# CONFIG_SENSORS_MAX31760 is not set
+# CONFIG_SENSORS_MAX6620 is not set
+# CONFIG_SENSORS_MAX6621 is not set
+CONFIG_SENSORS_MAX6639=m
+CONFIG_SENSORS_MAX6650=m
+CONFIG_SENSORS_MAX6697=m
+# CONFIG_SENSORS_MAX31790 is not set
+CONFIG_SENSORS_MCP3021=m
+# CONFIG_SENSORS_MLXREG_FAN is not set
+# CONFIG_SENSORS_TC654 is not set
+# CONFIG_SENSORS_TPS23861 is not set
+# CONFIG_SENSORS_MR75203 is not set
+# CONFIG_SENSORS_ADCXX is not set
+CONFIG_SENSORS_LM63=m
+# CONFIG_SENSORS_LM70 is not set
+CONFIG_SENSORS_LM73=m
+CONFIG_SENSORS_LM75=m
+CONFIG_SENSORS_LM77=m
+CONFIG_SENSORS_LM78=m
+CONFIG_SENSORS_LM80=m
+CONFIG_SENSORS_LM83=m
+CONFIG_SENSORS_LM85=m
+CONFIG_SENSORS_LM87=m
+CONFIG_SENSORS_LM90=m
+CONFIG_SENSORS_LM92=m
+CONFIG_SENSORS_LM93=m
+CONFIG_SENSORS_LM95234=m
+CONFIG_SENSORS_LM95241=m
+CONFIG_SENSORS_LM95245=m
+CONFIG_SENSORS_PC87360=m
+CONFIG_SENSORS_PC87427=m
+CONFIG_SENSORS_NTC_THERMISTOR=m
+# CONFIG_SENSORS_NCT6683 is not set
+CONFIG_SENSORS_NCT6775_CORE=m
+CONFIG_SENSORS_NCT6775=m
+# CONFIG_SENSORS_NCT6775_I2C is not set
+# CONFIG_SENSORS_NCT7802 is not set
+# CONFIG_SENSORS_NCT7904 is not set
+# CONFIG_SENSORS_NPCM7XX is not set
+# CONFIG_SENSORS_NZXT_KRAKEN2 is not set
+# CONFIG_SENSORS_NZXT_SMART2 is not set
+CONFIG_SENSORS_PCF8591=m
+CONFIG_PMBUS=m
+CONFIG_SENSORS_PMBUS=m
+# CONFIG_SENSORS_ADM1266 is not set
+CONFIG_SENSORS_ADM1275=m
+# CONFIG_SENSORS_BEL_PFE is not set
+# CONFIG_SENSORS_BPA_RS600 is not set
+# CONFIG_SENSORS_DELTA_AHE50DC_FAN is not set
+# CONFIG_SENSORS_FSP_3Y is not set
+# CONFIG_SENSORS_IBM_CFFPS is not set
+# CONFIG_SENSORS_DPS920AB is not set
+# CONFIG_SENSORS_INSPUR_IPSPS is not set
+# CONFIG_SENSORS_IR35221 is not set
+# CONFIG_SENSORS_IR36021 is not set
+# CONFIG_SENSORS_IR38064 is not set
+# CONFIG_SENSORS_IRPS5401 is not set
+# CONFIG_SENSORS_ISL68137 is not set
+CONFIG_SENSORS_LM25066=m
+# CONFIG_SENSORS_LT7182S is not set
+CONFIG_SENSORS_LTC2978=m
+# CONFIG_SENSORS_LTC3815 is not set
+# CONFIG_SENSORS_MAX15301 is not set
+CONFIG_SENSORS_MAX16064=m
+# CONFIG_SENSORS_MAX16601 is not set
+# CONFIG_SENSORS_MAX20730 is not set
+# CONFIG_SENSORS_MAX20751 is not set
+# CONFIG_SENSORS_MAX31785 is not set
+CONFIG_SENSORS_MAX34440=m
+CONFIG_SENSORS_MAX8688=m
+# CONFIG_SENSORS_MP2888 is not set
+# CONFIG_SENSORS_MP2975 is not set
+# CONFIG_SENSORS_MP5023 is not set
+# CONFIG_SENSORS_PIM4328 is not set
+# CONFIG_SENSORS_PLI1209BC is not set
+# CONFIG_SENSORS_PM6764TR is not set
+# CONFIG_SENSORS_PXE1610 is not set
+# CONFIG_SENSORS_Q54SJ108A2 is not set
+# CONFIG_SENSORS_STPDDC60 is not set
+# CONFIG_SENSORS_TPS40422 is not set
+# CONFIG_SENSORS_TPS53679 is not set
+# CONFIG_SENSORS_TPS546D24 is not set
+CONFIG_SENSORS_UCD9000=m
+CONFIG_SENSORS_UCD9200=m
+# CONFIG_SENSORS_XDPE152 is not set
+# CONFIG_SENSORS_XDPE122 is not set
+CONFIG_SENSORS_ZL6100=m
+# CONFIG_SENSORS_SBTSI is not set
+# CONFIG_SENSORS_SBRMI is not set
+CONFIG_SENSORS_SHT15=m
+CONFIG_SENSORS_SHT21=m
+# CONFIG_SENSORS_SHT3x is not set
+# CONFIG_SENSORS_SHT4x is not set
+# CONFIG_SENSORS_SHTC1 is not set
+CONFIG_SENSORS_SIS5595=m
+CONFIG_SENSORS_DME1737=m
+CONFIG_SENSORS_EMC1403=m
+# CONFIG_SENSORS_EMC2103 is not set
+# CONFIG_SENSORS_EMC2305 is not set
+CONFIG_SENSORS_EMC6W201=m
+CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_SMSC47M192=m
+CONFIG_SENSORS_SMSC47B397=m
+CONFIG_SENSORS_SCH56XX_COMMON=m
+CONFIG_SENSORS_SCH5627=m
+CONFIG_SENSORS_SCH5636=m
+# CONFIG_SENSORS_STTS751 is not set
+# CONFIG_SENSORS_SMM665 is not set
+# CONFIG_SENSORS_ADC128D818 is not set
+CONFIG_SENSORS_ADS7828=m
+# CONFIG_SENSORS_ADS7871 is not set
+CONFIG_SENSORS_AMC6821=m
+CONFIG_SENSORS_INA209=m
+CONFIG_SENSORS_INA2XX=m
+# CONFIG_SENSORS_INA238 is not set
+# CONFIG_SENSORS_INA3221 is not set
+# CONFIG_SENSORS_TC74 is not set
+CONFIG_SENSORS_THMC50=m
+CONFIG_SENSORS_TMP102=m
+# CONFIG_SENSORS_TMP103 is not set
+# CONFIG_SENSORS_TMP108 is not set
+CONFIG_SENSORS_TMP401=m
+CONFIG_SENSORS_TMP421=m
+# CONFIG_SENSORS_TMP464 is not set
+# CONFIG_SENSORS_TMP513 is not set
+CONFIG_SENSORS_VIA_CPUTEMP=m
+CONFIG_SENSORS_VIA686A=m
+CONFIG_SENSORS_VT1211=m
+CONFIG_SENSORS_VT8231=m
+# CONFIG_SENSORS_W83773G is not set
+CONFIG_SENSORS_W83781D=m
+CONFIG_SENSORS_W83791D=m
+CONFIG_SENSORS_W83792D=m
+CONFIG_SENSORS_W83793=m
+CONFIG_SENSORS_W83795=m
+# CONFIG_SENSORS_W83795_FANCTRL is not set
+CONFIG_SENSORS_W83L785TS=m
+CONFIG_SENSORS_W83L786NG=m
+CONFIG_SENSORS_W83627HF=m
+CONFIG_SENSORS_W83627EHF=m
+# CONFIG_SENSORS_XGENE is not set
+
+#
+# ACPI drivers
+#
+CONFIG_SENSORS_ACPI_POWER=m
+CONFIG_SENSORS_ATK0110=m
+# CONFIG_SENSORS_ASUS_WMI is not set
+# CONFIG_SENSORS_ASUS_EC is not set
+CONFIG_THERMAL=y
+CONFIG_THERMAL_NETLINK=y
+# CONFIG_THERMAL_STATISTICS is not set
+CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0
+CONFIG_THERMAL_HWMON=y
+CONFIG_THERMAL_WRITABLE_TRIPS=y
+CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
+# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
+# CONFIG_THERMAL_DEFAULT_GOV_USER_SPACE is not set
+CONFIG_THERMAL_GOV_FAIR_SHARE=y
+CONFIG_THERMAL_GOV_STEP_WISE=y
+CONFIG_THERMAL_GOV_BANG_BANG=y
+CONFIG_THERMAL_GOV_USER_SPACE=y
+CONFIG_THERMAL_EMULATION=y
+
+#
+# Intel thermal drivers
+#
+CONFIG_INTEL_POWERCLAMP=m
+CONFIG_X86_THERMAL_VECTOR=y
+CONFIG_X86_PKG_TEMP_THERMAL=m
+CONFIG_INTEL_SOC_DTS_IOSF_CORE=m
+# CONFIG_INTEL_SOC_DTS_THERMAL is not set
+
+#
+# ACPI INT340X thermal drivers
+#
+CONFIG_INT340X_THERMAL=m
+CONFIG_ACPI_THERMAL_REL=m
+# CONFIG_INT3406_THERMAL is not set
+CONFIG_PROC_THERMAL_MMIO_RAPL=m
+# end of ACPI INT340X thermal drivers
+
+CONFIG_INTEL_PCH_THERMAL=m
+# CONFIG_INTEL_TCC_COOLING is not set
+# CONFIG_INTEL_MENLOW is not set
+CONFIG_INTEL_HFI_THERMAL=y
+# end of Intel thermal drivers
+
+# CONFIG_GENERIC_ADC_THERMAL is not set
+CONFIG_WATCHDOG=y
+CONFIG_WATCHDOG_CORE=y
+# CONFIG_WATCHDOG_NOWAYOUT is not set
+CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED=y
+CONFIG_WATCHDOG_OPEN_TIMEOUT=0
+CONFIG_WATCHDOG_SYSFS=y
+# CONFIG_WATCHDOG_HRTIMER_PRETIMEOUT is not set
+
+#
+# Watchdog Pretimeout Governors
+#
+# CONFIG_WATCHDOG_PRETIMEOUT_GOV is not set
+
+#
+# Watchdog Device Drivers
+#
+CONFIG_SOFT_WATCHDOG=m
+CONFIG_WDAT_WDT=m
+# CONFIG_XILINX_WATCHDOG is not set
+# CONFIG_ZIIRAVE_WATCHDOG is not set
+# CONFIG_MLX_WDT is not set
+# CONFIG_CADENCE_WATCHDOG is not set
+# CONFIG_DW_WATCHDOG is not set
+# CONFIG_MAX63XX_WATCHDOG is not set
+# CONFIG_ACQUIRE_WDT is not set
+# CONFIG_ADVANTECH_WDT is not set
+CONFIG_ALIM1535_WDT=m
+CONFIG_ALIM7101_WDT=m
+# CONFIG_EBC_C384_WDT is not set
+# CONFIG_EXAR_WDT is not set
+CONFIG_F71808E_WDT=m
+CONFIG_SP5100_TCO=m
+CONFIG_SBC_FITPC2_WATCHDOG=m
+# CONFIG_EUROTECH_WDT is not set
+CONFIG_IB700_WDT=m
+CONFIG_IBMASR=m
+# CONFIG_WAFER_WDT is not set
+CONFIG_I6300ESB_WDT=m
+CONFIG_IE6XX_WDT=m
+CONFIG_ITCO_WDT=m
+CONFIG_ITCO_VENDOR_SUPPORT=y
+CONFIG_IT8712F_WDT=m
+CONFIG_IT87_WDT=m
+CONFIG_HP_WATCHDOG=m
+CONFIG_HPWDT_NMI_DECODING=y
+# CONFIG_SC1200_WDT is not set
+# CONFIG_PC87413_WDT is not set
+CONFIG_NV_TCO=m
+# CONFIG_60XX_WDT is not set
+# CONFIG_CPU5_WDT is not set
+CONFIG_SMSC_SCH311X_WDT=m
+# CONFIG_SMSC37B787_WDT is not set
+# CONFIG_TQMX86_WDT is not set
+CONFIG_VIA_WDT=m
+CONFIG_W83627HF_WDT=m
+CONFIG_W83877F_WDT=m
+CONFIG_W83977F_WDT=m
+CONFIG_MACHZ_WDT=m
+# CONFIG_SBC_EPX_C3_WATCHDOG is not set
+CONFIG_INTEL_MEI_WDT=m
+# CONFIG_NI903X_WDT is not set
+# CONFIG_NIC7018_WDT is not set
+# CONFIG_MEN_A21_WDT is not set
+CONFIG_XEN_WDT=m
+
+#
+# PCI-based Watchdog Cards
+#
+CONFIG_PCIPCWATCHDOG=m
+CONFIG_WDTPCI=m
+
+#
+# USB-based Watchdog Cards
+#
+CONFIG_USBPCWATCHDOG=m
+CONFIG_SSB_POSSIBLE=y
+# CONFIG_SSB is not set
+CONFIG_BCMA_POSSIBLE=y
+CONFIG_BCMA=m
+CONFIG_BCMA_HOST_PCI_POSSIBLE=y
+CONFIG_BCMA_HOST_PCI=y
+# CONFIG_BCMA_HOST_SOC is not set
+CONFIG_BCMA_DRIVER_PCI=y
+CONFIG_BCMA_DRIVER_GMAC_CMN=y
+CONFIG_BCMA_DRIVER_GPIO=y
+# CONFIG_BCMA_DEBUG is not set
+
+#
+# Multifunction device drivers
+#
+CONFIG_MFD_CORE=y
+# CONFIG_MFD_AS3711 is not set
+# CONFIG_PMIC_ADP5520 is not set
+# CONFIG_MFD_AAT2870_CORE is not set
+# CONFIG_MFD_BCM590XX is not set
+# CONFIG_MFD_BD9571MWV is not set
+# CONFIG_MFD_AXP20X_I2C is not set
+# CONFIG_MFD_MADERA is not set
+# CONFIG_PMIC_DA903X is not set
+# CONFIG_MFD_DA9052_SPI is not set
+# CONFIG_MFD_DA9052_I2C is not set
+# CONFIG_MFD_DA9055 is not set
+# CONFIG_MFD_DA9062 is not set
+# CONFIG_MFD_DA9063 is not set
+# CONFIG_MFD_DA9150 is not set
+# CONFIG_MFD_DLN2 is not set
+# CONFIG_MFD_MC13XXX_SPI is not set
+# CONFIG_MFD_MC13XXX_I2C is not set
+# CONFIG_MFD_MP2629 is not set
+# CONFIG_HTC_PASIC3 is not set
+# CONFIG_HTC_I2CPLD is not set
+# CONFIG_MFD_INTEL_QUARK_I2C_GPIO is not set
+CONFIG_LPC_ICH=m
+CONFIG_LPC_SCH=m
+CONFIG_MFD_INTEL_LPSS=y
+CONFIG_MFD_INTEL_LPSS_ACPI=y
+CONFIG_MFD_INTEL_LPSS_PCI=y
+# CONFIG_MFD_INTEL_PMC_BXT is not set
+# CONFIG_MFD_IQS62X is not set
+# CONFIG_MFD_JANZ_CMODIO is not set
+# CONFIG_MFD_KEMPLD is not set
+# CONFIG_MFD_88PM800 is not set
+# CONFIG_MFD_88PM805 is not set
+# CONFIG_MFD_88PM860X is not set
+# CONFIG_MFD_MAX14577 is not set
+# CONFIG_MFD_MAX77693 is not set
+# CONFIG_MFD_MAX77843 is not set
+# CONFIG_MFD_MAX8907 is not set
+# CONFIG_MFD_MAX8925 is not set
+# CONFIG_MFD_MAX8997 is not set
+# CONFIG_MFD_MAX8998 is not set
+# CONFIG_MFD_MT6360 is not set
+# CONFIG_MFD_MT6370 is not set
+# CONFIG_MFD_MT6397 is not set
+# CONFIG_MFD_MENF21BMC is not set
+# CONFIG_MFD_OCELOT is not set
+# CONFIG_EZX_PCAP is not set
+CONFIG_MFD_VIPERBOARD=m
+# CONFIG_MFD_RETU is not set
+# CONFIG_MFD_PCF50633 is not set
+# CONFIG_UCB1400_CORE is not set
+# CONFIG_MFD_SY7636A is not set
+# CONFIG_MFD_RDC321X is not set
+# CONFIG_MFD_RT4831 is not set
+# CONFIG_MFD_RT5033 is not set
+# CONFIG_MFD_RT5120 is not set
+# CONFIG_MFD_RC5T583 is not set
+# CONFIG_MFD_SI476X_CORE is not set
+CONFIG_MFD_SM501=m
+CONFIG_MFD_SM501_GPIO=y
+# CONFIG_MFD_SKY81452 is not set
+# CONFIG_MFD_SYSCON is not set
+# CONFIG_MFD_TI_AM335X_TSCADC is not set
+# CONFIG_MFD_LP3943 is not set
+# CONFIG_MFD_LP8788 is not set
+# CONFIG_MFD_TI_LMU is not set
+# CONFIG_MFD_PALMAS is not set
+# CONFIG_TPS6105X is not set
+# CONFIG_TPS65010 is not set
+# CONFIG_TPS6507X is not set
+# CONFIG_MFD_TPS65086 is not set
+# CONFIG_MFD_TPS65090 is not set
+# CONFIG_MFD_TI_LP873X is not set
+# CONFIG_MFD_TPS6586X is not set
+# CONFIG_MFD_TPS65910 is not set
+# CONFIG_MFD_TPS65912_I2C is not set
+# CONFIG_MFD_TPS65912_SPI is not set
+# CONFIG_TWL4030_CORE is not set
+# CONFIG_TWL6040_CORE is not set
+# CONFIG_MFD_WL1273_CORE is not set
+# CONFIG_MFD_LM3533 is not set
+# CONFIG_MFD_TQMX86 is not set
+CONFIG_MFD_VX855=m
+# CONFIG_MFD_ARIZONA_I2C is not set
+# CONFIG_MFD_ARIZONA_SPI is not set
+# CONFIG_MFD_WM8400 is not set
+# CONFIG_MFD_WM831X_I2C is not set
+# CONFIG_MFD_WM831X_SPI is not set
+# CONFIG_MFD_WM8350_I2C is not set
+# CONFIG_MFD_WM8994 is not set
+# CONFIG_MFD_ATC260X_I2C is not set
+# CONFIG_MFD_INTEL_M10_BMC is not set
+# end of Multifunction device drivers
+
+# CONFIG_REGULATOR is not set
+CONFIG_RC_CORE=m
+CONFIG_LIRC=y
+CONFIG_RC_MAP=m
+CONFIG_RC_DECODERS=y
+CONFIG_IR_IMON_DECODER=m
+CONFIG_IR_JVC_DECODER=m
+CONFIG_IR_MCE_KBD_DECODER=m
+CONFIG_IR_NEC_DECODER=m
+CONFIG_IR_RC5_DECODER=m
+CONFIG_IR_RC6_DECODER=m
+# CONFIG_IR_RCMM_DECODER is not set
+CONFIG_IR_SANYO_DECODER=m
+# CONFIG_IR_SHARP_DECODER is not set
+CONFIG_IR_SONY_DECODER=m
+# CONFIG_IR_XMP_DECODER is not set
+CONFIG_RC_DEVICES=y
+CONFIG_IR_ENE=m
+CONFIG_IR_FINTEK=m
+# CONFIG_IR_IGORPLUGUSB is not set
+CONFIG_IR_IGUANA=m
+CONFIG_IR_IMON=m
+CONFIG_IR_IMON_RAW=m
+CONFIG_IR_ITE_CIR=m
+CONFIG_IR_MCEUSB=m
+CONFIG_IR_NUVOTON=m
+CONFIG_IR_REDRAT3=m
+CONFIG_IR_SERIAL=m
+CONFIG_IR_SERIAL_TRANSMITTER=y
+CONFIG_IR_STREAMZAP=m
+# CONFIG_IR_TOY is not set
+CONFIG_IR_TTUSBIR=m
+CONFIG_IR_WINBOND_CIR=m
+CONFIG_RC_ATI_REMOTE=m
+# CONFIG_RC_LOOPBACK is not set
+# CONFIG_RC_XBOX_DVD is not set
+CONFIG_CEC_CORE=m
+
+#
+# CEC support
+#
+# CONFIG_MEDIA_CEC_RC is not set
+CONFIG_MEDIA_CEC_SUPPORT=y
+# CONFIG_CEC_CH7322 is not set
+# CONFIG_CEC_GPIO is not set
+# CONFIG_CEC_SECO is not set
+CONFIG_USB_PULSE8_CEC=m
+CONFIG_USB_RAINSHADOW_CEC=m
+# end of CEC support
+
+CONFIG_MEDIA_SUPPORT=m
+CONFIG_MEDIA_SUPPORT_FILTER=y
+CONFIG_MEDIA_SUBDRV_AUTOSELECT=y
+
+#
+# Media device types
+#
+CONFIG_MEDIA_CAMERA_SUPPORT=y
+CONFIG_MEDIA_ANALOG_TV_SUPPORT=y
+CONFIG_MEDIA_DIGITAL_TV_SUPPORT=y
+CONFIG_MEDIA_RADIO_SUPPORT=y
+# CONFIG_MEDIA_SDR_SUPPORT is not set
+CONFIG_MEDIA_PLATFORM_SUPPORT=y
+# CONFIG_MEDIA_TEST_SUPPORT is not set
+# end of Media device types
+
+CONFIG_VIDEO_DEV=m
+CONFIG_MEDIA_CONTROLLER=y
+CONFIG_DVB_CORE=m
+
+#
+# Video4Linux options
+#
+CONFIG_VIDEO_V4L2_I2C=y
+# CONFIG_VIDEO_ADV_DEBUG is not set
+# CONFIG_VIDEO_FIXED_MINOR_RANGES is not set
+CONFIG_VIDEO_TUNER=m
+CONFIG_V4L2_ASYNC=m
+CONFIG_VIDEOBUF_GEN=m
+CONFIG_VIDEOBUF_DMA_SG=m
+CONFIG_VIDEOBUF_VMALLOC=m
+# end of Video4Linux options
+
+#
+# Media controller options
+#
+CONFIG_MEDIA_CONTROLLER_DVB=y
+# end of Media controller options
+
+#
+# Digital TV options
+#
+# CONFIG_DVB_MMAP is not set
+CONFIG_DVB_NET=y
+CONFIG_DVB_MAX_ADAPTERS=8
+CONFIG_DVB_DYNAMIC_MINORS=y
+# CONFIG_DVB_DEMUX_SECTION_LOSS_LOG is not set
+# CONFIG_DVB_ULE_DEBUG is not set
+# end of Digital TV options
+
+#
+# Media drivers
+#
+
+#
+# Drivers filtered as selected at 'Filter media drivers'
+#
+
+#
+# Media drivers
+#
+CONFIG_MEDIA_USB_SUPPORT=y
+
+#
+# Webcam devices
+#
+CONFIG_USB_GSPCA=m
+CONFIG_USB_GSPCA_BENQ=m
+CONFIG_USB_GSPCA_CONEX=m
+CONFIG_USB_GSPCA_CPIA1=m
+# CONFIG_USB_GSPCA_DTCS033 is not set
+CONFIG_USB_GSPCA_ETOMS=m
+CONFIG_USB_GSPCA_FINEPIX=m
+CONFIG_USB_GSPCA_JEILINJ=m
+CONFIG_USB_GSPCA_JL2005BCD=m
+# CONFIG_USB_GSPCA_KINECT is not set
+CONFIG_USB_GSPCA_KONICA=m
+CONFIG_USB_GSPCA_MARS=m
+CONFIG_USB_GSPCA_MR97310A=m
+CONFIG_USB_GSPCA_NW80X=m
+CONFIG_USB_GSPCA_OV519=m
+CONFIG_USB_GSPCA_OV534=m
+CONFIG_USB_GSPCA_OV534_9=m
+CONFIG_USB_GSPCA_PAC207=m
+CONFIG_USB_GSPCA_PAC7302=m
+CONFIG_USB_GSPCA_PAC7311=m
+CONFIG_USB_GSPCA_SE401=m
+CONFIG_USB_GSPCA_SN9C2028=m
+CONFIG_USB_GSPCA_SN9C20X=m
+CONFIG_USB_GSPCA_SONIXB=m
+CONFIG_USB_GSPCA_SONIXJ=m
+CONFIG_USB_GSPCA_SPCA1528=m
+CONFIG_USB_GSPCA_SPCA500=m
+CONFIG_USB_GSPCA_SPCA501=m
+CONFIG_USB_GSPCA_SPCA505=m
+CONFIG_USB_GSPCA_SPCA506=m
+CONFIG_USB_GSPCA_SPCA508=m
+CONFIG_USB_GSPCA_SPCA561=m
+CONFIG_USB_GSPCA_SQ905=m
+CONFIG_USB_GSPCA_SQ905C=m
+CONFIG_USB_GSPCA_SQ930X=m
+CONFIG_USB_GSPCA_STK014=m
+# CONFIG_USB_GSPCA_STK1135 is not set
+CONFIG_USB_GSPCA_STV0680=m
+CONFIG_USB_GSPCA_SUNPLUS=m
+CONFIG_USB_GSPCA_T613=m
+CONFIG_USB_GSPCA_TOPRO=m
+# CONFIG_USB_GSPCA_TOUPTEK is not set
+CONFIG_USB_GSPCA_TV8532=m
+CONFIG_USB_GSPCA_VC032X=m
+CONFIG_USB_GSPCA_VICAM=m
+CONFIG_USB_GSPCA_XIRLINK_CIT=m
+CONFIG_USB_GSPCA_ZC3XX=m
+CONFIG_USB_GL860=m
+CONFIG_USB_M5602=m
+CONFIG_USB_STV06XX=m
+CONFIG_USB_PWC=m
+# CONFIG_USB_PWC_DEBUG is not set
+CONFIG_USB_PWC_INPUT_EVDEV=y
+CONFIG_USB_S2255=m
+# CONFIG_VIDEO_USBTV is not set
+CONFIG_USB_VIDEO_CLASS=m
+CONFIG_USB_VIDEO_CLASS_INPUT_EVDEV=y
+
+#
+# Analog TV USB devices
+#
+# CONFIG_VIDEO_GO7007 is not set
+CONFIG_VIDEO_HDPVR=m
+CONFIG_VIDEO_PVRUSB2=m
+CONFIG_VIDEO_PVRUSB2_SYSFS=y
+CONFIG_VIDEO_PVRUSB2_DVB=y
+# CONFIG_VIDEO_PVRUSB2_DEBUGIFC is not set
+# CONFIG_VIDEO_STK1160_COMMON is not set
+
+#
+# Analog/digital TV USB devices
+#
+CONFIG_VIDEO_AU0828=m
+CONFIG_VIDEO_AU0828_V4L2=y
+# CONFIG_VIDEO_AU0828_RC is not set
+CONFIG_VIDEO_CX231XX=m
+CONFIG_VIDEO_CX231XX_RC=y
+CONFIG_VIDEO_CX231XX_ALSA=m
+CONFIG_VIDEO_CX231XX_DVB=m
+
+#
+# Digital TV USB devices
+#
+# CONFIG_DVB_AS102 is not set
+CONFIG_DVB_B2C2_FLEXCOP_USB=m
+# CONFIG_DVB_B2C2_FLEXCOP_USB_DEBUG is not set
+CONFIG_DVB_USB_V2=m
+CONFIG_DVB_USB_AF9015=m
+CONFIG_DVB_USB_AF9035=m
+CONFIG_DVB_USB_ANYSEE=m
+CONFIG_DVB_USB_AU6610=m
+CONFIG_DVB_USB_AZ6007=m
+CONFIG_DVB_USB_CE6230=m
+# CONFIG_DVB_USB_DVBSKY is not set
+CONFIG_DVB_USB_EC168=m
+CONFIG_DVB_USB_GL861=m
+CONFIG_DVB_USB_LME2510=m
+CONFIG_DVB_USB_MXL111SF=m
+CONFIG_DVB_USB_RTL28XXU=m
+# CONFIG_DVB_USB_ZD1301 is not set
+CONFIG_DVB_USB=m
+# CONFIG_DVB_USB_DEBUG is not set
+CONFIG_DVB_USB_A800=m
+CONFIG_DVB_USB_AF9005=m
+CONFIG_DVB_USB_AF9005_REMOTE=m
+CONFIG_DVB_USB_AZ6027=m
+CONFIG_DVB_USB_CINERGY_T2=m
+CONFIG_DVB_USB_CXUSB=m
+# CONFIG_DVB_USB_CXUSB_ANALOG is not set
+CONFIG_DVB_USB_DIB0700=m
+CONFIG_DVB_USB_DIB3000MC=m
+CONFIG_DVB_USB_DIBUSB_MB=m
+# CONFIG_DVB_USB_DIBUSB_MB_FAULTY is not set
+CONFIG_DVB_USB_DIBUSB_MC=m
+CONFIG_DVB_USB_DIGITV=m
+CONFIG_DVB_USB_DTT200U=m
+CONFIG_DVB_USB_DTV5100=m
+CONFIG_DVB_USB_DW2102=m
+CONFIG_DVB_USB_GP8PSK=m
+CONFIG_DVB_USB_M920X=m
+CONFIG_DVB_USB_NOVA_T_USB2=m
+CONFIG_DVB_USB_OPERA1=m
+CONFIG_DVB_USB_PCTV452E=m
+CONFIG_DVB_USB_TECHNISAT_USB2=m
+CONFIG_DVB_USB_TTUSB2=m
+CONFIG_DVB_USB_UMT_010=m
+CONFIG_DVB_USB_VP702X=m
+CONFIG_DVB_USB_VP7045=m
+CONFIG_SMS_USB_DRV=m
+CONFIG_DVB_TTUSB_BUDGET=m
+CONFIG_DVB_TTUSB_DEC=m
+
+#
+# Webcam, TV (analog/digital) USB devices
+#
+CONFIG_VIDEO_EM28XX=m
+# CONFIG_VIDEO_EM28XX_V4L2 is not set
+CONFIG_VIDEO_EM28XX_ALSA=m
+CONFIG_VIDEO_EM28XX_DVB=m
+CONFIG_VIDEO_EM28XX_RC=m
+CONFIG_MEDIA_PCI_SUPPORT=y
+
+#
+# Media capture support
+#
+# CONFIG_VIDEO_SOLO6X10 is not set
+# CONFIG_VIDEO_TW5864 is not set
+# CONFIG_VIDEO_TW68 is not set
+# CONFIG_VIDEO_TW686X is not set
+# CONFIG_VIDEO_ZORAN is not set
+
+#
+# Media capture/analog TV support
+#
+# CONFIG_VIDEO_DT3155 is not set
+CONFIG_VIDEO_IVTV=m
+# CONFIG_VIDEO_IVTV_ALSA is not set
+CONFIG_VIDEO_FB_IVTV=m
+# CONFIG_VIDEO_FB_IVTV_FORCE_PAT is not set
+
+#
+# Media capture/analog/hybrid TV support
+#
+CONFIG_VIDEO_BT848=m
+CONFIG_DVB_BT8XX=m
+CONFIG_VIDEO_CX18=m
+# CONFIG_VIDEO_CX18_ALSA is not set
+CONFIG_VIDEO_CX23885=m
+CONFIG_MEDIA_ALTERA_CI=m
+# CONFIG_VIDEO_CX25821 is not set
+CONFIG_VIDEO_CX88=m
+CONFIG_VIDEO_CX88_ALSA=m
+CONFIG_VIDEO_CX88_BLACKBIRD=m
+CONFIG_VIDEO_CX88_DVB=m
+# CONFIG_VIDEO_CX88_ENABLE_VP3054 is not set
+CONFIG_VIDEO_CX88_MPEG=m
+CONFIG_VIDEO_SAA7134=m
+CONFIG_VIDEO_SAA7134_ALSA=m
+CONFIG_VIDEO_SAA7134_RC=y
+CONFIG_VIDEO_SAA7134_DVB=m
+CONFIG_VIDEO_SAA7164=m
+
+#
+# Media digital TV PCI Adapters
+#
+CONFIG_DVB_B2C2_FLEXCOP_PCI=m
+# CONFIG_DVB_B2C2_FLEXCOP_PCI_DEBUG is not set
+CONFIG_DVB_DDBRIDGE=m
+# CONFIG_DVB_DDBRIDGE_MSIENABLE is not set
+CONFIG_DVB_DM1105=m
+CONFIG_MANTIS_CORE=m
+CONFIG_DVB_MANTIS=m
+CONFIG_DVB_HOPPER=m
+# CONFIG_DVB_NETUP_UNIDVB is not set
+CONFIG_DVB_NGENE=m
+CONFIG_DVB_PLUTO2=m
+CONFIG_DVB_PT1=m
+# CONFIG_DVB_PT3 is not set
+# CONFIG_DVB_SMIPCIE is not set
+# CONFIG_VIDEO_IPU3_CIO2 is not set
+CONFIG_RADIO_ADAPTERS=m
+# CONFIG_RADIO_MAXIRADIO is not set
+# CONFIG_RADIO_SAA7706H is not set
+# CONFIG_RADIO_SHARK is not set
+# CONFIG_RADIO_SHARK2 is not set
+# CONFIG_RADIO_SI4713 is not set
+CONFIG_RADIO_TEA575X=m
+# CONFIG_RADIO_TEA5764 is not set
+# CONFIG_RADIO_TEF6862 is not set
+# CONFIG_RADIO_WL1273 is not set
+# CONFIG_USB_DSBR is not set
+# CONFIG_USB_KEENE is not set
+# CONFIG_USB_MA901 is not set
+# CONFIG_USB_MR800 is not set
+# CONFIG_USB_RAREMONO is not set
+# CONFIG_RADIO_SI470X is not set
+CONFIG_MEDIA_PLATFORM_DRIVERS=y
+# CONFIG_V4L_PLATFORM_DRIVERS is not set
+# CONFIG_DVB_PLATFORM_DRIVERS is not set
+# CONFIG_V4L_MEM2MEM_DRIVERS is not set
+
+#
+# Allegro DVT media platform drivers
+#
+
+#
+# Amlogic media platform drivers
+#
+
+#
+# Amphion drivers
+#
+
+#
+# Aspeed media platform drivers
+#
+
+#
+# Atmel media platform drivers
+#
+
+#
+# Cadence media platform drivers
+#
+# CONFIG_VIDEO_CADENCE_CSI2RX is not set
+# CONFIG_VIDEO_CADENCE_CSI2TX is not set
+
+#
+# Chips&Media media platform drivers
+#
+
+#
+# Intel media platform drivers
+#
+
+#
+# Marvell media platform drivers
+#
+
+#
+# Mediatek media platform drivers
+#
+
+#
+# NVidia media platform drivers
+#
+
+#
+# NXP media platform drivers
+#
+
+#
+# Qualcomm media platform drivers
+#
+
+#
+# Renesas media platform drivers
+#
+
+#
+# Rockchip media platform drivers
+#
+
+#
+# Samsung media platform drivers
+#
+
+#
+# STMicroelectronics media platform drivers
+#
+
+#
+# Sunxi media platform drivers
+#
+
+#
+# Texas Instruments drivers
+#
+
+#
+# Verisilicon media platform drivers
+#
+
+#
+# VIA media platform drivers
+#
+
+#
+# Xilinx media platform drivers
+#
+
+#
+# MMC/SDIO DVB adapters
+#
+CONFIG_SMS_SDIO_DRV=m
+
+#
+# FireWire (IEEE 1394) Adapters
+#
+CONFIG_DVB_FIREDTV=m
+CONFIG_DVB_FIREDTV_INPUT=y
+CONFIG_MEDIA_COMMON_OPTIONS=y
+
+#
+# common driver options
+#
+CONFIG_CYPRESS_FIRMWARE=m
+CONFIG_TTPCI_EEPROM=m
+CONFIG_VIDEO_CX2341X=m
+CONFIG_VIDEO_TVEEPROM=m
+CONFIG_DVB_B2C2_FLEXCOP=m
+CONFIG_SMS_SIANO_MDTV=m
+CONFIG_SMS_SIANO_RC=y
+# CONFIG_SMS_SIANO_DEBUGFS is not set
+CONFIG_VIDEOBUF2_CORE=m
+CONFIG_VIDEOBUF2_V4L2=m
+CONFIG_VIDEOBUF2_MEMOPS=m
+CONFIG_VIDEOBUF2_VMALLOC=m
+CONFIG_VIDEOBUF2_DMA_SG=m
+CONFIG_VIDEOBUF2_DVB=m
+# end of Media drivers
+
+CONFIG_MEDIA_HIDE_ANCILLARY_SUBDRV=y
+
+#
+# Media ancillary drivers
+#
+CONFIG_MEDIA_ATTACH=y
+
+#
+# IR I2C driver auto-selected by 'Autoselect ancillary drivers'
+#
+CONFIG_VIDEO_IR_I2C=m
+
+#
+# Camera sensor devices
+#
+# CONFIG_VIDEO_AR0521 is not set
+# CONFIG_VIDEO_HI556 is not set
+# CONFIG_VIDEO_HI846 is not set
+# CONFIG_VIDEO_HI847 is not set
+# CONFIG_VIDEO_IMX208 is not set
+# CONFIG_VIDEO_IMX214 is not set
+# CONFIG_VIDEO_IMX219 is not set
+# CONFIG_VIDEO_IMX258 is not set
+# CONFIG_VIDEO_IMX274 is not set
+# CONFIG_VIDEO_IMX290 is not set
+# CONFIG_VIDEO_IMX319 is not set
+# CONFIG_VIDEO_IMX355 is not set
+# CONFIG_VIDEO_MT9M001 is not set
+# CONFIG_VIDEO_MT9M032 is not set
+# CONFIG_VIDEO_MT9M111 is not set
+# CONFIG_VIDEO_MT9P031 is not set
+# CONFIG_VIDEO_MT9T001 is not set
+# CONFIG_VIDEO_MT9T112 is not set
+# CONFIG_VIDEO_MT9V011 is not set
+# CONFIG_VIDEO_MT9V032 is not set
+# CONFIG_VIDEO_MT9V111 is not set
+# CONFIG_VIDEO_NOON010PC30 is not set
+# CONFIG_VIDEO_OG01A1B is not set
+# CONFIG_VIDEO_OV02A10 is not set
+# CONFIG_VIDEO_OV08D10 is not set
+# CONFIG_VIDEO_OV13858 is not set
+# CONFIG_VIDEO_OV13B10 is not set
+# CONFIG_VIDEO_OV2640 is not set
+# CONFIG_VIDEO_OV2659 is not set
+# CONFIG_VIDEO_OV2680 is not set
+# CONFIG_VIDEO_OV2685 is not set
+# CONFIG_VIDEO_OV2740 is not set
+# CONFIG_VIDEO_OV5647 is not set
+# CONFIG_VIDEO_OV5648 is not set
+# CONFIG_VIDEO_OV5670 is not set
+# CONFIG_VIDEO_OV5675 is not set
+# CONFIG_VIDEO_OV5693 is not set
+# CONFIG_VIDEO_OV5695 is not set
+# CONFIG_VIDEO_OV6650 is not set
+# CONFIG_VIDEO_OV7251 is not set
+# CONFIG_VIDEO_OV7640 is not set
+# CONFIG_VIDEO_OV7670 is not set
+# CONFIG_VIDEO_OV772X is not set
+# CONFIG_VIDEO_OV7740 is not set
+# CONFIG_VIDEO_OV8856 is not set
+# CONFIG_VIDEO_OV8865 is not set
+# CONFIG_VIDEO_OV9640 is not set
+# CONFIG_VIDEO_OV9650 is not set
+# CONFIG_VIDEO_OV9734 is not set
+# CONFIG_VIDEO_RDACM20 is not set
+# CONFIG_VIDEO_RDACM21 is not set
+# CONFIG_VIDEO_RJ54N1 is not set
+# CONFIG_VIDEO_S5C73M3 is not set
+# CONFIG_VIDEO_S5K4ECGX is not set
+# CONFIG_VIDEO_S5K5BAF is not set
+# CONFIG_VIDEO_S5K6A3 is not set
+# CONFIG_VIDEO_S5K6AA is not set
+# CONFIG_VIDEO_SR030PC30 is not set
+# CONFIG_VIDEO_VS6624 is not set
+# CONFIG_VIDEO_CCS is not set
+# CONFIG_VIDEO_ET8EK8 is not set
+# CONFIG_VIDEO_M5MOLS is not set
+# end of Camera sensor devices
+
+#
+# Lens drivers
+#
+# CONFIG_VIDEO_AD5820 is not set
+# CONFIG_VIDEO_AK7375 is not set
+# CONFIG_VIDEO_DW9714 is not set
+# CONFIG_VIDEO_DW9768 is not set
+# CONFIG_VIDEO_DW9807_VCM is not set
+# end of Lens drivers
+
+#
+# Flash devices
+#
+# CONFIG_VIDEO_ADP1653 is not set
+# CONFIG_VIDEO_LM3560 is not set
+# CONFIG_VIDEO_LM3646 is not set
+# end of Flash devices
+
+#
+# audio, video and radio I2C drivers auto-selected by 'Autoselect ancillary drivers'
+#
+CONFIG_VIDEO_CS3308=m
+CONFIG_VIDEO_CS5345=m
+CONFIG_VIDEO_CS53L32A=m
+CONFIG_VIDEO_MSP3400=m
+CONFIG_VIDEO_TDA7432=m
+CONFIG_VIDEO_TVAUDIO=m
+CONFIG_VIDEO_VP27SMPX=m
+CONFIG_VIDEO_WM8739=m
+CONFIG_VIDEO_WM8775=m
+CONFIG_VIDEO_SAA6588=m
+CONFIG_VIDEO_SAA711X=m
+
+#
+# Video and audio decoders
+#
+CONFIG_VIDEO_SAA717X=m
+CONFIG_VIDEO_CX25840=m
+CONFIG_VIDEO_SAA7127=m
+CONFIG_VIDEO_UPD64031A=m
+CONFIG_VIDEO_UPD64083=m
+CONFIG_VIDEO_SAA6752HS=m
+CONFIG_VIDEO_M52790=m
+
+#
+# SPI I2C drivers auto-selected by 'Autoselect ancillary drivers'
+#
+
+#
+# Media SPI Adapters
+#
+# CONFIG_CXD2880_SPI_DRV is not set
+# CONFIG_VIDEO_GS1662 is not set
+# end of Media SPI Adapters
+
+CONFIG_MEDIA_TUNER=m
+
+#
+# Tuner drivers auto-selected by 'Autoselect ancillary drivers'
+#
+CONFIG_MEDIA_TUNER_E4000=m
+CONFIG_MEDIA_TUNER_FC0011=m
+CONFIG_MEDIA_TUNER_FC0012=m
+CONFIG_MEDIA_TUNER_FC0013=m
+CONFIG_MEDIA_TUNER_FC2580=m
+CONFIG_MEDIA_TUNER_IT913X=m
+CONFIG_MEDIA_TUNER_M88RS6000T=m
+CONFIG_MEDIA_TUNER_MAX2165=m
+CONFIG_MEDIA_TUNER_MC44S803=m
+CONFIG_MEDIA_TUNER_MT2060=m
+CONFIG_MEDIA_TUNER_MT2063=m
+CONFIG_MEDIA_TUNER_MT20XX=m
+CONFIG_MEDIA_TUNER_MT2131=m
+CONFIG_MEDIA_TUNER_MT2266=m
+CONFIG_MEDIA_TUNER_MXL5005S=m
+CONFIG_MEDIA_TUNER_MXL5007T=m
+CONFIG_MEDIA_TUNER_QM1D1B0004=m
+CONFIG_MEDIA_TUNER_QM1D1C0042=m
+CONFIG_MEDIA_TUNER_QT1010=m
+CONFIG_MEDIA_TUNER_R820T=m
+CONFIG_MEDIA_TUNER_SI2157=m
+CONFIG_MEDIA_TUNER_SIMPLE=m
+CONFIG_MEDIA_TUNER_TDA18212=m
+CONFIG_MEDIA_TUNER_TDA18218=m
+CONFIG_MEDIA_TUNER_TDA18250=m
+CONFIG_MEDIA_TUNER_TDA18271=m
+CONFIG_MEDIA_TUNER_TDA827X=m
+CONFIG_MEDIA_TUNER_TDA8290=m
+CONFIG_MEDIA_TUNER_TDA9887=m
+CONFIG_MEDIA_TUNER_TEA5761=m
+CONFIG_MEDIA_TUNER_TEA5767=m
+CONFIG_MEDIA_TUNER_TUA9001=m
+CONFIG_MEDIA_TUNER_XC2028=m
+CONFIG_MEDIA_TUNER_XC4000=m
+CONFIG_MEDIA_TUNER_XC5000=m
+
+#
+# DVB Frontend drivers auto-selected by 'Autoselect ancillary drivers'
+#
+
+#
+# Multistandard (satellite) frontends
+#
+CONFIG_DVB_M88DS3103=m
+CONFIG_DVB_MXL5XX=m
+CONFIG_DVB_STB0899=m
+CONFIG_DVB_STB6100=m
+CONFIG_DVB_STV090x=m
+CONFIG_DVB_STV0910=m
+CONFIG_DVB_STV6110x=m
+CONFIG_DVB_STV6111=m
+
+#
+# Multistandard (cable + terrestrial) frontends
+#
+CONFIG_DVB_DRXK=m
+CONFIG_DVB_MN88472=m
+CONFIG_DVB_MN88473=m
+CONFIG_DVB_SI2165=m
+CONFIG_DVB_TDA18271C2DD=m
+
+#
+# DVB-S (satellite) frontends
+#
+CONFIG_DVB_CX24110=m
+CONFIG_DVB_CX24116=m
+CONFIG_DVB_CX24117=m
+CONFIG_DVB_CX24120=m
+CONFIG_DVB_CX24123=m
+CONFIG_DVB_DS3000=m
+CONFIG_DVB_MB86A16=m
+CONFIG_DVB_MT312=m
+CONFIG_DVB_S5H1420=m
+CONFIG_DVB_SI21XX=m
+CONFIG_DVB_STB6000=m
+CONFIG_DVB_STV0288=m
+CONFIG_DVB_STV0299=m
+CONFIG_DVB_STV0900=m
+CONFIG_DVB_STV6110=m
+CONFIG_DVB_TDA10071=m
+CONFIG_DVB_TDA10086=m
+CONFIG_DVB_TDA8083=m
+CONFIG_DVB_TDA826X=m
+CONFIG_DVB_TS2020=m
+CONFIG_DVB_TUNER_CX24113=m
+CONFIG_DVB_TUNER_ITD1000=m
+CONFIG_DVB_ZL10036=m
+CONFIG_DVB_ZL10039=m
+
+#
+# DVB-T (terrestrial) frontends
+#
+CONFIG_DVB_AF9013=m
+CONFIG_DVB_CX22700=m
+CONFIG_DVB_CX22702=m
+CONFIG_DVB_CXD2820R=m
+CONFIG_DVB_CXD2841ER=m
+CONFIG_DVB_DIB3000MB=m
+CONFIG_DVB_DIB3000MC=m
+CONFIG_DVB_DIB7000M=m
+CONFIG_DVB_DIB7000P=m
+CONFIG_DVB_DRXD=m
+CONFIG_DVB_EC100=m
+CONFIG_DVB_GP8PSK_FE=m
+CONFIG_DVB_MT352=m
+CONFIG_DVB_NXT6000=m
+CONFIG_DVB_RTL2830=m
+CONFIG_DVB_RTL2832=m
+CONFIG_DVB_SI2168=m
+CONFIG_DVB_SP887X=m
+CONFIG_DVB_STV0367=m
+CONFIG_DVB_TDA10048=m
+CONFIG_DVB_TDA1004X=m
+CONFIG_DVB_ZL10353=m
+
+#
+# DVB-C (cable) frontends
+#
+CONFIG_DVB_STV0297=m
+CONFIG_DVB_TDA10021=m
+CONFIG_DVB_TDA10023=m
+CONFIG_DVB_VES1820=m
+
+#
+# ATSC (North American/Korean Terrestrial/Cable DTV) frontends
+#
+CONFIG_DVB_AU8522=m
+CONFIG_DVB_AU8522_DTV=m
+CONFIG_DVB_AU8522_V4L=m
+CONFIG_DVB_BCM3510=m
+CONFIG_DVB_LG2160=m
+CONFIG_DVB_LGDT3305=m
+CONFIG_DVB_LGDT3306A=m
+CONFIG_DVB_LGDT330X=m
+CONFIG_DVB_MXL692=m
+CONFIG_DVB_NXT200X=m
+CONFIG_DVB_OR51132=m
+CONFIG_DVB_OR51211=m
+CONFIG_DVB_S5H1409=m
+CONFIG_DVB_S5H1411=m
+
+#
+# ISDB-T (terrestrial) frontends
+#
+CONFIG_DVB_DIB8000=m
+CONFIG_DVB_MB86A20S=m
+CONFIG_DVB_S921=m
+
+#
+# ISDB-S (satellite) & ISDB-T (terrestrial) frontends
+#
+CONFIG_DVB_TC90522=m
+
+#
+# Digital terrestrial only tuners/PLL
+#
+CONFIG_DVB_PLL=m
+CONFIG_DVB_TUNER_DIB0070=m
+CONFIG_DVB_TUNER_DIB0090=m
+
+#
+# SEC control devices for DVB-S
+#
+CONFIG_DVB_A8293=m
+CONFIG_DVB_AF9033=m
+CONFIG_DVB_ATBM8830=m
+CONFIG_DVB_ISL6405=m
+CONFIG_DVB_ISL6421=m
+CONFIG_DVB_ISL6423=m
+CONFIG_DVB_IX2505V=m
+CONFIG_DVB_LGS8GXX=m
+CONFIG_DVB_LNBH25=m
+CONFIG_DVB_LNBP21=m
+CONFIG_DVB_LNBP22=m
+CONFIG_DVB_M88RS2000=m
+CONFIG_DVB_TDA665x=m
+CONFIG_DVB_DRX39XYJ=m
+
+#
+# Common Interface (EN50221) controller drivers
+#
+CONFIG_DVB_CXD2099=m
+# end of Media ancillary drivers
+
+#
+# Graphics support
+#
+CONFIG_APERTURE_HELPERS=y
+# CONFIG_AGP is not set
+CONFIG_INTEL_GTT=m
+CONFIG_VGA_SWITCHEROO=y
+CONFIG_DRM=m
+CONFIG_DRM_MIPI_DSI=y
+CONFIG_DRM_USE_DYNAMIC_DEBUG=y
+CONFIG_DRM_KMS_HELPER=m
+CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_FBDEV_OVERALLOC=100
+CONFIG_DRM_LOAD_EDID_FIRMWARE=y
+CONFIG_DRM_DISPLAY_HELPER=m
+CONFIG_DRM_DISPLAY_DP_HELPER=y
+CONFIG_DRM_DISPLAY_HDCP_HELPER=y
+CONFIG_DRM_DISPLAY_HDMI_HELPER=y
+CONFIG_DRM_DP_AUX_CHARDEV=y
+CONFIG_DRM_DP_CEC=y
+CONFIG_DRM_TTM=m
+CONFIG_DRM_BUDDY=m
+CONFIG_DRM_VRAM_HELPER=m
+CONFIG_DRM_TTM_HELPER=m
+CONFIG_DRM_GEM_SHMEM_HELPER=m
+CONFIG_DRM_SCHED=m
+
+#
+# I2C encoder or helper chips
+#
+CONFIG_DRM_I2C_CH7006=m
+CONFIG_DRM_I2C_SIL164=m
+# CONFIG_DRM_I2C_NXP_TDA998X is not set
+# CONFIG_DRM_I2C_NXP_TDA9950 is not set
+# end of I2C encoder or helper chips
+
+#
+# ARM devices
+#
+# end of ARM devices
+
+CONFIG_DRM_RADEON=m
+CONFIG_DRM_RADEON_USERPTR=y
+CONFIG_DRM_AMDGPU=m
+# CONFIG_DRM_AMDGPU_SI is not set
+# CONFIG_DRM_AMDGPU_CIK is not set
+# CONFIG_DRM_AMDGPU_USERPTR is not set
+
+#
+# ACP (Audio CoProcessor) Configuration
+#
+CONFIG_DRM_AMD_ACP=y
+# end of ACP (Audio CoProcessor) Configuration
+
+#
+# Display Engine Configuration
+#
+CONFIG_DRM_AMD_DC=y
+CONFIG_DRM_AMD_DC_DCN=y
+# CONFIG_DRM_AMD_DC_HDCP is not set
+# CONFIG_DEBUG_KERNEL_DC is not set
+# CONFIG_DRM_AMD_SECURE_DISPLAY is not set
+# end of Display Engine Configuration
+
+# CONFIG_HSA_AMD is not set
+CONFIG_DRM_NOUVEAU=m
+# CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT is not set
+CONFIG_NOUVEAU_DEBUG=5
+CONFIG_NOUVEAU_DEBUG_DEFAULT=3
+# CONFIG_NOUVEAU_DEBUG_MMU is not set
+# CONFIG_NOUVEAU_DEBUG_PUSH is not set
+CONFIG_DRM_NOUVEAU_BACKLIGHT=y
+CONFIG_DRM_I915=m
+CONFIG_DRM_I915_FORCE_PROBE=""
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_USERPTR=y
+CONFIG_DRM_I915_GVT=y
+CONFIG_DRM_I915_GVT_KVMGT=m
+CONFIG_DRM_I915_REQUEST_TIMEOUT=20000
+CONFIG_DRM_I915_FENCE_TIMEOUT=10000
+CONFIG_DRM_I915_USERFAULT_AUTOSUSPEND=250
+CONFIG_DRM_I915_HEARTBEAT_INTERVAL=2500
+CONFIG_DRM_I915_PREEMPT_TIMEOUT=640
+CONFIG_DRM_I915_MAX_REQUEST_BUSYWAIT=8000
+CONFIG_DRM_I915_STOP_TIMEOUT=100
+CONFIG_DRM_I915_TIMESLICE_DURATION=1
+# CONFIG_DRM_VGEM is not set
+CONFIG_DRM_VKMS=m
+CONFIG_DRM_VMWGFX=m
+CONFIG_DRM_VMWGFX_FBCON=y
+# CONFIG_DRM_VMWGFX_MKSSTATS is not set
+CONFIG_DRM_GMA500=m
+CONFIG_DRM_UDL=m
+CONFIG_DRM_AST=m
+CONFIG_DRM_MGAG200=m
+CONFIG_DRM_QXL=m
+CONFIG_DRM_VIRTIO_GPU=m
+CONFIG_DRM_PANEL=y
+
+#
+# Display Panels
+#
+# CONFIG_DRM_PANEL_RASPBERRYPI_TOUCHSCREEN is not set
+# CONFIG_DRM_PANEL_WIDECHIPS_WS2401 is not set
+# end of Display Panels
+
+CONFIG_DRM_BRIDGE=y
+CONFIG_DRM_PANEL_BRIDGE=y
+
+#
+# Display Interface Bridges
+#
+# CONFIG_DRM_ANALOGIX_ANX78XX is not set
+# end of Display Interface Bridges
+
+# CONFIG_DRM_ETNAVIV is not set
+CONFIG_DRM_BOCHS=m
+CONFIG_DRM_CIRRUS_QEMU=m
+# CONFIG_DRM_GM12U320 is not set
+# CONFIG_DRM_PANEL_MIPI_DBI is not set
+# CONFIG_DRM_SIMPLEDRM is not set
+# CONFIG_TINYDRM_HX8357D is not set
+# CONFIG_TINYDRM_ILI9163 is not set
+# CONFIG_TINYDRM_ILI9225 is not set
+# CONFIG_TINYDRM_ILI9341 is not set
+# CONFIG_TINYDRM_ILI9486 is not set
+# CONFIG_TINYDRM_MI0283QT is not set
+# CONFIG_TINYDRM_REPAPER is not set
+# CONFIG_TINYDRM_ST7586 is not set
+# CONFIG_TINYDRM_ST7735R is not set
+# CONFIG_DRM_XEN_FRONTEND is not set
+# CONFIG_DRM_VBOXVIDEO is not set
+# CONFIG_DRM_GUD is not set
+# CONFIG_DRM_SSD130X is not set
+# CONFIG_DRM_HYPERV is not set
+# CONFIG_DRM_LEGACY is not set
+CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y
+CONFIG_DRM_NOMODESET=y
+CONFIG_DRM_PRIVACY_SCREEN=y
+
+#
+# Frame buffer Devices
+#
+CONFIG_FB_CMDLINE=y
+CONFIG_FB_NOTIFY=y
+CONFIG_FB=y
+# CONFIG_FIRMWARE_EDID is not set
+CONFIG_FB_CFB_FILLRECT=y
+CONFIG_FB_CFB_COPYAREA=y
+CONFIG_FB_CFB_IMAGEBLIT=y
+CONFIG_FB_SYS_FILLRECT=m
+CONFIG_FB_SYS_COPYAREA=m
+CONFIG_FB_SYS_IMAGEBLIT=m
+# CONFIG_FB_FOREIGN_ENDIAN is not set
+CONFIG_FB_SYS_FOPS=m
+CONFIG_FB_DEFERRED_IO=y
+# CONFIG_FB_MODE_HELPERS is not set
+CONFIG_FB_TILEBLITTING=y
+
+#
+# Frame buffer hardware drivers
+#
+# CONFIG_FB_CIRRUS is not set
+# CONFIG_FB_PM2 is not set
+# CONFIG_FB_CYBER2000 is not set
+# CONFIG_FB_ARC is not set
+# CONFIG_FB_ASILIANT is not set
+# CONFIG_FB_IMSTT is not set
+# CONFIG_FB_VGA16 is not set
+# CONFIG_FB_UVESA is not set
+CONFIG_FB_VESA=y
+CONFIG_FB_EFI=y
+# CONFIG_FB_N411 is not set
+# CONFIG_FB_HGA is not set
+# CONFIG_FB_OPENCORES is not set
+# CONFIG_FB_S1D13XXX is not set
+# CONFIG_FB_NVIDIA is not set
+# CONFIG_FB_RIVA is not set
+# CONFIG_FB_I740 is not set
+# CONFIG_FB_LE80578 is not set
+# CONFIG_FB_MATROX is not set
+# CONFIG_FB_RADEON is not set
+# CONFIG_FB_ATY128 is not set
+# CONFIG_FB_ATY is not set
+# CONFIG_FB_S3 is not set
+# CONFIG_FB_SAVAGE is not set
+# CONFIG_FB_SIS is not set
+# CONFIG_FB_VIA is not set
+# CONFIG_FB_NEOMAGIC is not set
+# CONFIG_FB_KYRO is not set
+# CONFIG_FB_3DFX is not set
+# CONFIG_FB_VOODOO1 is not set
+# CONFIG_FB_VT8623 is not set
+# CONFIG_FB_TRIDENT is not set
+# CONFIG_FB_ARK is not set
+# CONFIG_FB_PM3 is not set
+# CONFIG_FB_CARMINE is not set
+# CONFIG_FB_SM501 is not set
+# CONFIG_FB_SMSCUFX is not set
+# CONFIG_FB_UDL is not set
+# CONFIG_FB_IBM_GXT4500 is not set
+# CONFIG_FB_VIRTUAL is not set
+# CONFIG_XEN_FBDEV_FRONTEND is not set
+# CONFIG_FB_METRONOME is not set
+# CONFIG_FB_MB862XX is not set
+CONFIG_FB_HYPERV=m
+# CONFIG_FB_SIMPLE is not set
+# CONFIG_FB_SSD1307 is not set
+# CONFIG_FB_SM712 is not set
+# end of Frame buffer Devices
+
+#
+# Backlight & LCD device support
+#
+CONFIG_LCD_CLASS_DEVICE=m
+# CONFIG_LCD_L4F00242T03 is not set
+# CONFIG_LCD_LMS283GF05 is not set
+# CONFIG_LCD_LTV350QV is not set
+# CONFIG_LCD_ILI922X is not set
+# CONFIG_LCD_ILI9320 is not set
+# CONFIG_LCD_TDO24M is not set
+# CONFIG_LCD_VGG2432A4 is not set
+CONFIG_LCD_PLATFORM=m
+# CONFIG_LCD_AMS369FG06 is not set
+# CONFIG_LCD_LMS501KF03 is not set
+# CONFIG_LCD_HX8357 is not set
+# CONFIG_LCD_OTM3225A is not set
+CONFIG_BACKLIGHT_CLASS_DEVICE=y
+# CONFIG_BACKLIGHT_KTD253 is not set
+# CONFIG_BACKLIGHT_PWM is not set
+CONFIG_BACKLIGHT_APPLE=m
+# CONFIG_BACKLIGHT_QCOM_WLED is not set
+# CONFIG_BACKLIGHT_SAHARA is not set
+# CONFIG_BACKLIGHT_ADP8860 is not set
+# CONFIG_BACKLIGHT_ADP8870 is not set
+# CONFIG_BACKLIGHT_LM3630A is not set
+# CONFIG_BACKLIGHT_LM3639 is not set
+CONFIG_BACKLIGHT_LP855X=m
+# CONFIG_BACKLIGHT_GPIO is not set
+# CONFIG_BACKLIGHT_LV5207LP is not set
+# CONFIG_BACKLIGHT_BD6107 is not set
+# CONFIG_BACKLIGHT_ARCXCNN is not set
+# end of Backlight & LCD device support
+
+CONFIG_HDMI=y
+
+#
+# Console display driver support
+#
+CONFIG_VGA_CONSOLE=y
+CONFIG_DUMMY_CONSOLE=y
+CONFIG_DUMMY_CONSOLE_COLUMNS=80
+CONFIG_DUMMY_CONSOLE_ROWS=25
+CONFIG_FRAMEBUFFER_CONSOLE=y
+# CONFIG_FRAMEBUFFER_CONSOLE_LEGACY_ACCELERATION is not set
+CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y
+CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y
+# CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER is not set
+# end of Console display driver support
+
+CONFIG_LOGO=y
+# CONFIG_LOGO_LINUX_MONO is not set
+# CONFIG_LOGO_LINUX_VGA16 is not set
+CONFIG_LOGO_LINUX_CLUT224=y
+# end of Graphics support
+
+CONFIG_SOUND=m
+CONFIG_SOUND_OSS_CORE=y
+CONFIG_SOUND_OSS_CORE_PRECLAIM=y
+CONFIG_SND=m
+CONFIG_SND_TIMER=m
+CONFIG_SND_PCM=m
+CONFIG_SND_PCM_ELD=y
+CONFIG_SND_HWDEP=m
+CONFIG_SND_SEQ_DEVICE=m
+CONFIG_SND_RAWMIDI=m
+CONFIG_SND_COMPRESS_OFFLOAD=m
+CONFIG_SND_JACK=y
+CONFIG_SND_JACK_INPUT_DEV=y
+CONFIG_SND_OSSEMUL=y
+# CONFIG_SND_MIXER_OSS is not set
+# CONFIG_SND_PCM_OSS is not set
+CONFIG_SND_PCM_TIMER=y
+CONFIG_SND_HRTIMER=m
+CONFIG_SND_DYNAMIC_MINORS=y
+CONFIG_SND_MAX_CARDS=32
+# CONFIG_SND_SUPPORT_OLD_API is not set
+CONFIG_SND_PROC_FS=y
+CONFIG_SND_VERBOSE_PROCFS=y
+# CONFIG_SND_VERBOSE_PRINTK is not set
+CONFIG_SND_CTL_FAST_LOOKUP=y
+# CONFIG_SND_DEBUG is not set
+# CONFIG_SND_CTL_INPUT_VALIDATION is not set
+CONFIG_SND_VMASTER=y
+CONFIG_SND_DMA_SGBUF=y
+CONFIG_SND_CTL_LED=m
+CONFIG_SND_SEQUENCER=m
+CONFIG_SND_SEQ_DUMMY=m
+CONFIG_SND_SEQUENCER_OSS=m
+CONFIG_SND_SEQ_HRTIMER_DEFAULT=y
+CONFIG_SND_SEQ_MIDI_EVENT=m
+CONFIG_SND_SEQ_MIDI=m
+CONFIG_SND_SEQ_MIDI_EMUL=m
+CONFIG_SND_SEQ_VIRMIDI=m
+CONFIG_SND_MPU401_UART=m
+CONFIG_SND_OPL3_LIB=m
+CONFIG_SND_OPL3_LIB_SEQ=m
+CONFIG_SND_VX_LIB=m
+CONFIG_SND_AC97_CODEC=m
+CONFIG_SND_DRIVERS=y
+CONFIG_SND_PCSP=m
+CONFIG_SND_DUMMY=m
+CONFIG_SND_ALOOP=m
+CONFIG_SND_VIRMIDI=m
+CONFIG_SND_MTPAV=m
+# CONFIG_SND_MTS64 is not set
+# CONFIG_SND_SERIAL_U16550 is not set
+CONFIG_SND_MPU401=m
+# CONFIG_SND_PORTMAN2X4 is not set
+CONFIG_SND_AC97_POWER_SAVE=y
+CONFIG_SND_AC97_POWER_SAVE_DEFAULT=5
+CONFIG_SND_PCI=y
+CONFIG_SND_AD1889=m
+# CONFIG_SND_ALS300 is not set
+# CONFIG_SND_ALS4000 is not set
+CONFIG_SND_ALI5451=m
+CONFIG_SND_ASIHPI=m
+CONFIG_SND_ATIIXP=m
+CONFIG_SND_ATIIXP_MODEM=m
+CONFIG_SND_AU8810=m
+CONFIG_SND_AU8820=m
+CONFIG_SND_AU8830=m
+# CONFIG_SND_AW2 is not set
+# CONFIG_SND_AZT3328 is not set
+CONFIG_SND_BT87X=m
+# CONFIG_SND_BT87X_OVERCLOCK is not set
+CONFIG_SND_CA0106=m
+CONFIG_SND_CMIPCI=m
+CONFIG_SND_OXYGEN_LIB=m
+CONFIG_SND_OXYGEN=m
+# CONFIG_SND_CS4281 is not set
+CONFIG_SND_CS46XX=m
+CONFIG_SND_CS46XX_NEW_DSP=y
+CONFIG_SND_CTXFI=m
+CONFIG_SND_DARLA20=m
+CONFIG_SND_GINA20=m
+CONFIG_SND_LAYLA20=m
+CONFIG_SND_DARLA24=m
+CONFIG_SND_GINA24=m
+CONFIG_SND_LAYLA24=m
+CONFIG_SND_MONA=m
+CONFIG_SND_MIA=m
+CONFIG_SND_ECHO3G=m
+CONFIG_SND_INDIGO=m
+CONFIG_SND_INDIGOIO=m
+CONFIG_SND_INDIGODJ=m
+CONFIG_SND_INDIGOIOX=m
+CONFIG_SND_INDIGODJX=m
+CONFIG_SND_EMU10K1=m
+CONFIG_SND_EMU10K1_SEQ=m
+CONFIG_SND_EMU10K1X=m
+CONFIG_SND_ENS1370=m
+CONFIG_SND_ENS1371=m
+# CONFIG_SND_ES1938 is not set
+CONFIG_SND_ES1968=m
+CONFIG_SND_ES1968_INPUT=y
+CONFIG_SND_ES1968_RADIO=y
+# CONFIG_SND_FM801 is not set
+CONFIG_SND_HDSP=m
+CONFIG_SND_HDSPM=m
+CONFIG_SND_ICE1712=m
+CONFIG_SND_ICE1724=m
+CONFIG_SND_INTEL8X0=m
+CONFIG_SND_INTEL8X0M=m
+CONFIG_SND_KORG1212=m
+CONFIG_SND_LOLA=m
+CONFIG_SND_LX6464ES=m
+CONFIG_SND_MAESTRO3=m
+CONFIG_SND_MAESTRO3_INPUT=y
+CONFIG_SND_MIXART=m
+# CONFIG_SND_NM256 is not set
+CONFIG_SND_PCXHR=m
+# CONFIG_SND_RIPTIDE is not set
+CONFIG_SND_RME32=m
+CONFIG_SND_RME96=m
+CONFIG_SND_RME9652=m
+# CONFIG_SND_SONICVIBES is not set
+CONFIG_SND_TRIDENT=m
+CONFIG_SND_VIA82XX=m
+CONFIG_SND_VIA82XX_MODEM=m
+CONFIG_SND_VIRTUOSO=m
+CONFIG_SND_VX222=m
+# CONFIG_SND_YMFPCI is not set
+
+#
+# HD-Audio
+#
+CONFIG_SND_HDA=m
+CONFIG_SND_HDA_GENERIC_LEDS=y
+CONFIG_SND_HDA_INTEL=m
+CONFIG_SND_HDA_HWDEP=y
+CONFIG_SND_HDA_RECONFIG=y
+CONFIG_SND_HDA_INPUT_BEEP=y
+CONFIG_SND_HDA_INPUT_BEEP_MODE=0
+CONFIG_SND_HDA_PATCH_LOADER=y
+# CONFIG_SND_HDA_SCODEC_CS35L41_I2C is not set
+# CONFIG_SND_HDA_SCODEC_CS35L41_SPI is not set
+CONFIG_SND_HDA_CODEC_REALTEK=m
+CONFIG_SND_HDA_CODEC_ANALOG=m
+CONFIG_SND_HDA_CODEC_SIGMATEL=m
+CONFIG_SND_HDA_CODEC_VIA=m
+CONFIG_SND_HDA_CODEC_HDMI=m
+CONFIG_SND_HDA_CODEC_CIRRUS=m
+# CONFIG_SND_HDA_CODEC_CS8409 is not set
+CONFIG_SND_HDA_CODEC_CONEXANT=m
+CONFIG_SND_HDA_CODEC_CA0110=m
+CONFIG_SND_HDA_CODEC_CA0132=m
+CONFIG_SND_HDA_CODEC_CA0132_DSP=y
+CONFIG_SND_HDA_CODEC_CMEDIA=m
+CONFIG_SND_HDA_CODEC_SI3054=m
+CONFIG_SND_HDA_GENERIC=m
+CONFIG_SND_HDA_POWER_SAVE_DEFAULT=0
+# CONFIG_SND_HDA_INTEL_HDMI_SILENT_STREAM is not set
+# end of HD-Audio
+
+CONFIG_SND_HDA_CORE=m
+CONFIG_SND_HDA_DSP_LOADER=y
+CONFIG_SND_HDA_COMPONENT=y
+CONFIG_SND_HDA_I915=y
+CONFIG_SND_HDA_EXT_CORE=m
+CONFIG_SND_HDA_PREALLOC_SIZE=0
+CONFIG_SND_INTEL_NHLT=y
+CONFIG_SND_INTEL_DSP_CONFIG=m
+CONFIG_SND_INTEL_SOUNDWIRE_ACPI=m
+# CONFIG_SND_SPI is not set
+CONFIG_SND_USB=y
+CONFIG_SND_USB_AUDIO=m
+CONFIG_SND_USB_AUDIO_USE_MEDIA_CONTROLLER=y
+CONFIG_SND_USB_UA101=m
+CONFIG_SND_USB_USX2Y=m
+CONFIG_SND_USB_CAIAQ=m
+CONFIG_SND_USB_CAIAQ_INPUT=y
+CONFIG_SND_USB_US122L=m
+CONFIG_SND_USB_6FIRE=m
+CONFIG_SND_USB_HIFACE=m
+CONFIG_SND_BCD2000=m
+CONFIG_SND_USB_LINE6=m
+CONFIG_SND_USB_POD=m
+CONFIG_SND_USB_PODHD=m
+CONFIG_SND_USB_TONEPORT=m
+CONFIG_SND_USB_VARIAX=m
+CONFIG_SND_FIREWIRE=y
+CONFIG_SND_FIREWIRE_LIB=m
+CONFIG_SND_DICE=m
+CONFIG_SND_OXFW=m
+CONFIG_SND_ISIGHT=m
+CONFIG_SND_FIREWORKS=m
+CONFIG_SND_BEBOB=m
+CONFIG_SND_FIREWIRE_DIGI00X=m
+CONFIG_SND_FIREWIRE_TASCAM=m
+CONFIG_SND_FIREWIRE_MOTU=m
+CONFIG_SND_FIREFACE=m
+CONFIG_SND_SOC=m
+CONFIG_SND_SOC_COMPRESS=y
+CONFIG_SND_SOC_TOPOLOGY=y
+CONFIG_SND_SOC_ACPI=m
+# CONFIG_SND_SOC_ADI is not set
+# CONFIG_SND_SOC_AMD_ACP is not set
+# CONFIG_SND_SOC_AMD_ACP3x is not set
+# CONFIG_SND_SOC_AMD_RENOIR is not set
+# CONFIG_SND_SOC_AMD_ACP5x is not set
+# CONFIG_SND_SOC_AMD_ACP6x is not set
+# CONFIG_SND_AMD_ACP_CONFIG is not set
+# CONFIG_SND_SOC_AMD_ACP_COMMON is not set
+# CONFIG_SND_SOC_AMD_RPL_ACP6x is not set
+# CONFIG_SND_SOC_AMD_PS is not set
+# CONFIG_SND_ATMEL_SOC is not set
+# CONFIG_SND_BCM63XX_I2S_WHISTLER is not set
+# CONFIG_SND_DESIGNWARE_I2S is not set
+
+#
+# SoC Audio for Freescale CPUs
+#
+
+#
+# Common SoC Audio options for Freescale CPUs:
+#
+# CONFIG_SND_SOC_FSL_ASRC is not set
+# CONFIG_SND_SOC_FSL_SAI is not set
+# CONFIG_SND_SOC_FSL_AUDMIX is not set
+# CONFIG_SND_SOC_FSL_SSI is not set
+# CONFIG_SND_SOC_FSL_SPDIF is not set
+# CONFIG_SND_SOC_FSL_ESAI is not set
+# CONFIG_SND_SOC_FSL_MICFIL is not set
+# CONFIG_SND_SOC_FSL_XCVR is not set
+# CONFIG_SND_SOC_IMX_AUDMUX is not set
+# end of SoC Audio for Freescale CPUs
+
+# CONFIG_SND_I2S_HI6210_I2S is not set
+# CONFIG_SND_SOC_IMG is not set
+CONFIG_SND_SOC_INTEL_SST_TOPLEVEL=y
+CONFIG_SND_SOC_INTEL_SST=m
+# CONFIG_SND_SOC_INTEL_CATPT is not set
+CONFIG_SND_SST_ATOM_HIFI2_PLATFORM=m
+# CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_PCI is not set
+CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_ACPI=m
+CONFIG_SND_SOC_INTEL_SKYLAKE=m
+CONFIG_SND_SOC_INTEL_SKL=m
+CONFIG_SND_SOC_INTEL_APL=m
+CONFIG_SND_SOC_INTEL_KBL=m
+CONFIG_SND_SOC_INTEL_GLK=m
+CONFIG_SND_SOC_INTEL_CNL=m
+CONFIG_SND_SOC_INTEL_CFL=m
+# CONFIG_SND_SOC_INTEL_CML_H is not set
+# CONFIG_SND_SOC_INTEL_CML_LP is not set
+CONFIG_SND_SOC_INTEL_SKYLAKE_FAMILY=m
+CONFIG_SND_SOC_INTEL_SKYLAKE_SSP_CLK=m
+# CONFIG_SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC is not set
+CONFIG_SND_SOC_INTEL_SKYLAKE_COMMON=m
+CONFIG_SND_SOC_ACPI_INTEL_MATCH=m
+# CONFIG_SND_SOC_INTEL_AVS is not set
+CONFIG_SND_SOC_INTEL_MACH=y
+# CONFIG_SND_SOC_INTEL_USER_FRIENDLY_LONG_NAMES is not set
+CONFIG_SND_SOC_INTEL_HDA_DSP_COMMON=m
+CONFIG_SND_SOC_INTEL_BYTCR_RT5640_MACH=m
+CONFIG_SND_SOC_INTEL_BYTCR_RT5651_MACH=m
+CONFIG_SND_SOC_INTEL_CHT_BSW_RT5672_MACH=m
+CONFIG_SND_SOC_INTEL_CHT_BSW_RT5645_MACH=m
+CONFIG_SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH=m
+CONFIG_SND_SOC_INTEL_CHT_BSW_NAU8824_MACH=m
+# CONFIG_SND_SOC_INTEL_BYT_CHT_CX2072X_MACH is not set
+CONFIG_SND_SOC_INTEL_BYT_CHT_DA7213_MACH=m
+CONFIG_SND_SOC_INTEL_BYT_CHT_ES8316_MACH=m
+CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=m
+CONFIG_SND_SOC_INTEL_SKL_RT286_MACH=m
+CONFIG_SND_SOC_INTEL_SKL_NAU88L25_SSM4567_MACH=m
+CONFIG_SND_SOC_INTEL_SKL_NAU88L25_MAX98357A_MACH=m
+CONFIG_SND_SOC_INTEL_DA7219_MAX98357A_GENERIC=m
+CONFIG_SND_SOC_INTEL_BXT_DA7219_MAX98357A_COMMON=m
+CONFIG_SND_SOC_INTEL_BXT_DA7219_MAX98357A_MACH=m
+CONFIG_SND_SOC_INTEL_BXT_RT298_MACH=m
+CONFIG_SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH=m
+CONFIG_SND_SOC_INTEL_KBL_RT5663_RT5514_MAX98927_MACH=m
+CONFIG_SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH=m
+# CONFIG_SND_SOC_INTEL_KBL_DA7219_MAX98927_MACH is not set
+# CONFIG_SND_SOC_INTEL_KBL_RT5660_MACH is not set
+# CONFIG_SND_SOC_MTK_BTCVSD is not set
+# CONFIG_SND_SOC_SOF_TOPLEVEL is not set
+
+#
+# STMicroelectronics STM32 SOC audio support
+#
+# end of STMicroelectronics STM32 SOC audio support
+
+# CONFIG_SND_SOC_XILINX_I2S is not set
+# CONFIG_SND_SOC_XILINX_AUDIO_FORMATTER is not set
+# CONFIG_SND_SOC_XILINX_SPDIF is not set
+# CONFIG_SND_SOC_XTFPGA_I2S is not set
+CONFIG_SND_SOC_I2C_AND_SPI=m
+
+#
+# CODEC drivers
+#
+# CONFIG_SND_SOC_AC97_CODEC is not set
+# CONFIG_SND_SOC_ADAU1372_I2C is not set
+# CONFIG_SND_SOC_ADAU1372_SPI is not set
+# CONFIG_SND_SOC_ADAU1701 is not set
+# CONFIG_SND_SOC_ADAU1761_I2C is not set
+# CONFIG_SND_SOC_ADAU1761_SPI is not set
+# CONFIG_SND_SOC_ADAU7002 is not set
+# CONFIG_SND_SOC_ADAU7118_HW is not set
+# CONFIG_SND_SOC_ADAU7118_I2C is not set
+# CONFIG_SND_SOC_AK4104 is not set
+# CONFIG_SND_SOC_AK4118 is not set
+# CONFIG_SND_SOC_AK4375 is not set
+# CONFIG_SND_SOC_AK4458 is not set
+# CONFIG_SND_SOC_AK4554 is not set
+# CONFIG_SND_SOC_AK4613 is not set
+# CONFIG_SND_SOC_AK4642 is not set
+# CONFIG_SND_SOC_AK5386 is not set
+# CONFIG_SND_SOC_AK5558 is not set
+# CONFIG_SND_SOC_ALC5623 is not set
+# CONFIG_SND_SOC_AW8738 is not set
+# CONFIG_SND_SOC_BD28623 is not set
+# CONFIG_SND_SOC_BT_SCO is not set
+# CONFIG_SND_SOC_CS35L32 is not set
+# CONFIG_SND_SOC_CS35L33 is not set
+# CONFIG_SND_SOC_CS35L34 is not set
+# CONFIG_SND_SOC_CS35L35 is not set
+# CONFIG_SND_SOC_CS35L36 is not set
+# CONFIG_SND_SOC_CS35L41_SPI is not set
+# CONFIG_SND_SOC_CS35L41_I2C is not set
+# CONFIG_SND_SOC_CS35L45_SPI is not set
+# CONFIG_SND_SOC_CS35L45_I2C is not set
+# CONFIG_SND_SOC_CS42L42 is not set
+# CONFIG_SND_SOC_CS42L51_I2C is not set
+# CONFIG_SND_SOC_CS42L52 is not set
+# CONFIG_SND_SOC_CS42L56 is not set
+# CONFIG_SND_SOC_CS42L73 is not set
+# CONFIG_SND_SOC_CS42L83 is not set
+# CONFIG_SND_SOC_CS4234 is not set
+# CONFIG_SND_SOC_CS4265 is not set
+# CONFIG_SND_SOC_CS4270 is not set
+# CONFIG_SND_SOC_CS4271_I2C is not set
+# CONFIG_SND_SOC_CS4271_SPI is not set
+# CONFIG_SND_SOC_CS42XX8_I2C is not set
+# CONFIG_SND_SOC_CS43130 is not set
+# CONFIG_SND_SOC_CS4341 is not set
+# CONFIG_SND_SOC_CS4349 is not set
+# CONFIG_SND_SOC_CS53L30 is not set
+# CONFIG_SND_SOC_CX2072X is not set
+CONFIG_SND_SOC_DA7213=m
+CONFIG_SND_SOC_DA7219=m
+CONFIG_SND_SOC_DMIC=m
+# CONFIG_SND_SOC_ES7134 is not set
+# CONFIG_SND_SOC_ES7241 is not set
+CONFIG_SND_SOC_ES8316=m
+# CONFIG_SND_SOC_ES8326 is not set
+# CONFIG_SND_SOC_ES8328_I2C is not set
+# CONFIG_SND_SOC_ES8328_SPI is not set
+# CONFIG_SND_SOC_GTM601 is not set
+CONFIG_SND_SOC_HDAC_HDMI=m
+# CONFIG_SND_SOC_HDA is not set
+# CONFIG_SND_SOC_ICS43432 is not set
+# CONFIG_SND_SOC_INNO_RK3036 is not set
+# CONFIG_SND_SOC_MAX98088 is not set
+CONFIG_SND_SOC_MAX98090=m
+CONFIG_SND_SOC_MAX98357A=m
+# CONFIG_SND_SOC_MAX98504 is not set
+# CONFIG_SND_SOC_MAX9867 is not set
+CONFIG_SND_SOC_MAX98927=m
+# CONFIG_SND_SOC_MAX98520 is not set
+# CONFIG_SND_SOC_MAX98373_I2C is not set
+CONFIG_SND_SOC_MAX98390=m
+# CONFIG_SND_SOC_MAX98396 is not set
+# CONFIG_SND_SOC_MAX9860 is not set
+# CONFIG_SND_SOC_MSM8916_WCD_DIGITAL is not set
+# CONFIG_SND_SOC_PCM1681 is not set
+# CONFIG_SND_SOC_PCM1789_I2C is not set
+# CONFIG_SND_SOC_PCM179X_I2C is not set
+# CONFIG_SND_SOC_PCM179X_SPI is not set
+# CONFIG_SND_SOC_PCM186X_I2C is not set
+# CONFIG_SND_SOC_PCM186X_SPI is not set
+# CONFIG_SND_SOC_PCM3060_I2C is not set
+# CONFIG_SND_SOC_PCM3060_SPI is not set
+# CONFIG_SND_SOC_PCM3168A_I2C is not set
+# CONFIG_SND_SOC_PCM3168A_SPI is not set
+# CONFIG_SND_SOC_PCM5102A is not set
+# CONFIG_SND_SOC_PCM512x_I2C is not set
+# CONFIG_SND_SOC_PCM512x_SPI is not set
+# CONFIG_SND_SOC_RK3328 is not set
+CONFIG_SND_SOC_RL6231=m
+CONFIG_SND_SOC_RL6347A=m
+CONFIG_SND_SOC_RT286=m
+CONFIG_SND_SOC_RT298=m
+CONFIG_SND_SOC_RT5514=m
+CONFIG_SND_SOC_RT5514_SPI=m
+# CONFIG_SND_SOC_RT5616 is not set
+# CONFIG_SND_SOC_RT5631 is not set
+CONFIG_SND_SOC_RT5640=m
+CONFIG_SND_SOC_RT5645=m
+CONFIG_SND_SOC_RT5651=m
+# CONFIG_SND_SOC_RT5659 is not set
+CONFIG_SND_SOC_RT5663=m
+CONFIG_SND_SOC_RT5670=m
+# CONFIG_SND_SOC_RT9120 is not set
+# CONFIG_SND_SOC_SGTL5000 is not set
+# CONFIG_SND_SOC_SIMPLE_AMPLIFIER is not set
+# CONFIG_SND_SOC_SIMPLE_MUX is not set
+# CONFIG_SND_SOC_SPDIF is not set
+# CONFIG_SND_SOC_SRC4XXX_I2C is not set
+# CONFIG_SND_SOC_SSM2305 is not set
+# CONFIG_SND_SOC_SSM2518 is not set
+# CONFIG_SND_SOC_SSM2602_SPI is not set
+# CONFIG_SND_SOC_SSM2602_I2C is not set
+CONFIG_SND_SOC_SSM4567=m
+# CONFIG_SND_SOC_STA32X is not set
+# CONFIG_SND_SOC_STA350 is not set
+# CONFIG_SND_SOC_STI_SAS is not set
+# CONFIG_SND_SOC_TAS2552 is not set
+# CONFIG_SND_SOC_TAS2562 is not set
+# CONFIG_SND_SOC_TAS2764 is not set
+# CONFIG_SND_SOC_TAS2770 is not set
+# CONFIG_SND_SOC_TAS2780 is not set
+# CONFIG_SND_SOC_TAS5086 is not set
+# CONFIG_SND_SOC_TAS571X is not set
+# CONFIG_SND_SOC_TAS5720 is not set
+# CONFIG_SND_SOC_TAS5805M is not set
+# CONFIG_SND_SOC_TAS6424 is not set
+# CONFIG_SND_SOC_TDA7419 is not set
+# CONFIG_SND_SOC_TFA9879 is not set
+# CONFIG_SND_SOC_TFA989X is not set
+# CONFIG_SND_SOC_TLV320ADC3XXX is not set
+# CONFIG_SND_SOC_TLV320AIC23_I2C is not set
+# CONFIG_SND_SOC_TLV320AIC23_SPI is not set
+# CONFIG_SND_SOC_TLV320AIC31XX is not set
+# CONFIG_SND_SOC_TLV320AIC32X4_I2C is not set
+# CONFIG_SND_SOC_TLV320AIC32X4_SPI is not set
+# CONFIG_SND_SOC_TLV320AIC3X_I2C is not set
+# CONFIG_SND_SOC_TLV320AIC3X_SPI is not set
+# CONFIG_SND_SOC_TLV320ADCX140 is not set
+CONFIG_SND_SOC_TS3A227E=m
+# CONFIG_SND_SOC_TSCS42XX is not set
+# CONFIG_SND_SOC_TSCS454 is not set
+# CONFIG_SND_SOC_UDA1334 is not set
+# CONFIG_SND_SOC_WM8510 is not set
+# CONFIG_SND_SOC_WM8523 is not set
+# CONFIG_SND_SOC_WM8524 is not set
+# CONFIG_SND_SOC_WM8580 is not set
+# CONFIG_SND_SOC_WM8711 is not set
+# CONFIG_SND_SOC_WM8728 is not set
+# CONFIG_SND_SOC_WM8731_I2C is not set
+# CONFIG_SND_SOC_WM8731_SPI is not set
+# CONFIG_SND_SOC_WM8737 is not set
+# CONFIG_SND_SOC_WM8741 is not set
+# CONFIG_SND_SOC_WM8750 is not set
+# CONFIG_SND_SOC_WM8753 is not set
+# CONFIG_SND_SOC_WM8770 is not set
+# CONFIG_SND_SOC_WM8776 is not set
+# CONFIG_SND_SOC_WM8782 is not set
+# CONFIG_SND_SOC_WM8804_I2C is not set
+# CONFIG_SND_SOC_WM8804_SPI is not set
+# CONFIG_SND_SOC_WM8903 is not set
+# CONFIG_SND_SOC_WM8904 is not set
+# CONFIG_SND_SOC_WM8940 is not set
+# CONFIG_SND_SOC_WM8960 is not set
+# CONFIG_SND_SOC_WM8962 is not set
+# CONFIG_SND_SOC_WM8974 is not set
+# CONFIG_SND_SOC_WM8978 is not set
+# CONFIG_SND_SOC_WM8985 is not set
+# CONFIG_SND_SOC_ZL38060 is not set
+# CONFIG_SND_SOC_MAX9759 is not set
+# CONFIG_SND_SOC_MT6351 is not set
+# CONFIG_SND_SOC_MT6358 is not set
+# CONFIG_SND_SOC_MT6660 is not set
+# CONFIG_SND_SOC_NAU8315 is not set
+# CONFIG_SND_SOC_NAU8540 is not set
+# CONFIG_SND_SOC_NAU8810 is not set
+# CONFIG_SND_SOC_NAU8821 is not set
+# CONFIG_SND_SOC_NAU8822 is not set
+CONFIG_SND_SOC_NAU8824=m
+CONFIG_SND_SOC_NAU8825=m
+# CONFIG_SND_SOC_TPA6130A2 is not set
+# CONFIG_SND_SOC_LPASS_WSA_MACRO is not set
+# CONFIG_SND_SOC_LPASS_VA_MACRO is not set
+# CONFIG_SND_SOC_LPASS_RX_MACRO is not set
+# CONFIG_SND_SOC_LPASS_TX_MACRO is not set
+# end of CODEC drivers
+
+# CONFIG_SND_SIMPLE_CARD is not set
+CONFIG_SND_X86=y
+CONFIG_HDMI_LPE_AUDIO=m
+CONFIG_SND_SYNTH_EMUX=m
+CONFIG_SND_XEN_FRONTEND=m
+# CONFIG_SND_VIRTIO is not set
+CONFIG_AC97_BUS=m
+
+#
+# HID support
+#
+CONFIG_HID=y
+CONFIG_HID_BATTERY_STRENGTH=y
+CONFIG_HIDRAW=y
+CONFIG_UHID=m
+CONFIG_HID_GENERIC=y
+
+#
+# Special HID drivers
+#
+CONFIG_HID_A4TECH=m
+# CONFIG_HID_ACCUTOUCH is not set
+CONFIG_HID_ACRUX=m
+# CONFIG_HID_ACRUX_FF is not set
+CONFIG_HID_APPLE=m
+CONFIG_HID_APPLEIR=m
+CONFIG_HID_ASUS=m
+CONFIG_HID_AUREAL=m
+CONFIG_HID_BELKIN=m
+CONFIG_HID_BETOP_FF=m
+# CONFIG_HID_BIGBEN_FF is not set
+CONFIG_HID_CHERRY=m
+CONFIG_HID_CHICONY=m
+CONFIG_HID_CORSAIR=m
+# CONFIG_HID_COUGAR is not set
+# CONFIG_HID_MACALLY is not set
+CONFIG_HID_PRODIKEYS=m
+CONFIG_HID_CMEDIA=m
+# CONFIG_HID_CP2112 is not set
+# CONFIG_HID_CREATIVE_SB0540 is not set
+CONFIG_HID_CYPRESS=m
+CONFIG_HID_DRAGONRISE=m
+# CONFIG_DRAGONRISE_FF is not set
+# CONFIG_HID_EMS_FF is not set
+CONFIG_HID_ELAN=m
+CONFIG_HID_ELECOM=m
+CONFIG_HID_ELO=m
+CONFIG_HID_EZKEY=m
+# CONFIG_HID_FT260 is not set
+CONFIG_HID_GEMBIRD=m
+CONFIG_HID_GFRM=m
+# CONFIG_HID_GLORIOUS is not set
+CONFIG_HID_HOLTEK=m
+# CONFIG_HOLTEK_FF is not set
+# CONFIG_HID_VIVALDI is not set
+CONFIG_HID_GT683R=m
+CONFIG_HID_KEYTOUCH=m
+CONFIG_HID_KYE=m
+CONFIG_HID_UCLOGIC=m
+CONFIG_HID_WALTOP=m
+# CONFIG_HID_VIEWSONIC is not set
+# CONFIG_HID_VRC2 is not set
+# CONFIG_HID_XIAOMI is not set
+CONFIG_HID_GYRATION=m
+CONFIG_HID_ICADE=m
+CONFIG_HID_ITE=m
+CONFIG_HID_JABRA=m
+CONFIG_HID_TWINHAN=m
+CONFIG_HID_KENSINGTON=m
+CONFIG_HID_LCPOWER=m
+CONFIG_HID_LED=m
+CONFIG_HID_LENOVO=m
+# CONFIG_HID_LETSKETCH is not set
+CONFIG_HID_LOGITECH=m
+CONFIG_HID_LOGITECH_DJ=m
+CONFIG_HID_LOGITECH_HIDPP=m
+# CONFIG_LOGITECH_FF is not set
+# CONFIG_LOGIRUMBLEPAD2_FF is not set
+# CONFIG_LOGIG940_FF is not set
+# CONFIG_LOGIWHEELS_FF is not set
+CONFIG_HID_MAGICMOUSE=y
+# CONFIG_HID_MALTRON is not set
+# CONFIG_HID_MAYFLASH is not set
+# CONFIG_HID_MEGAWORLD_FF is not set
+# CONFIG_HID_REDRAGON is not set
+CONFIG_HID_MICROSOFT=m
+CONFIG_HID_MONTEREY=m
+CONFIG_HID_MULTITOUCH=m
+# CONFIG_HID_NINTENDO is not set
+CONFIG_HID_NTI=m
+CONFIG_HID_NTRIG=y
+CONFIG_HID_ORTEK=m
+CONFIG_HID_PANTHERLORD=m
+# CONFIG_PANTHERLORD_FF is not set
+CONFIG_HID_PENMOUNT=m
+CONFIG_HID_PETALYNX=m
+CONFIG_HID_PICOLCD=m
+CONFIG_HID_PICOLCD_FB=y
+CONFIG_HID_PICOLCD_BACKLIGHT=y
+CONFIG_HID_PICOLCD_LCD=y
+CONFIG_HID_PICOLCD_LEDS=y
+CONFIG_HID_PICOLCD_CIR=y
+CONFIG_HID_PLANTRONICS=m
+# CONFIG_HID_PXRC is not set
+# CONFIG_HID_RAZER is not set
+CONFIG_HID_PRIMAX=m
+# CONFIG_HID_RETRODE is not set
+CONFIG_HID_ROCCAT=m
+CONFIG_HID_SAITEK=m
+CONFIG_HID_SAMSUNG=m
+# CONFIG_HID_SEMITEK is not set
+# CONFIG_HID_SIGMAMICRO is not set
+CONFIG_HID_SONY=m
+CONFIG_SONY_FF=y
+CONFIG_HID_SPEEDLINK=m
+# CONFIG_HID_STEAM is not set
+CONFIG_HID_STEELSERIES=m
+CONFIG_HID_SUNPLUS=m
+CONFIG_HID_RMI=m
+CONFIG_HID_GREENASIA=m
+# CONFIG_GREENASIA_FF is not set
+CONFIG_HID_HYPERV_MOUSE=m
+CONFIG_HID_SMARTJOYPLUS=m
+# CONFIG_SMARTJOYPLUS_FF is not set
+CONFIG_HID_TIVO=m
+CONFIG_HID_TOPSEED=m
+# CONFIG_HID_TOPRE is not set
+CONFIG_HID_THINGM=m
+CONFIG_HID_THRUSTMASTER=m
+# CONFIG_THRUSTMASTER_FF is not set
+# CONFIG_HID_UDRAW_PS3 is not set
+# CONFIG_HID_U2FZERO is not set
+CONFIG_HID_WACOM=m
+CONFIG_HID_WIIMOTE=m
+CONFIG_HID_XINMO=m
+CONFIG_HID_ZEROPLUS=m
+# CONFIG_ZEROPLUS_FF is not set
+CONFIG_HID_ZYDACRON=m
+CONFIG_HID_SENSOR_HUB=y
+CONFIG_HID_SENSOR_CUSTOM_SENSOR=m
+CONFIG_HID_ALPS=m
+# CONFIG_HID_MCP2221 is not set
+# end of Special HID drivers
+
+#
+# USB HID support
+#
+CONFIG_USB_HID=y
+CONFIG_HID_PID=y
+CONFIG_USB_HIDDEV=y
+# end of USB HID support
+
+#
+# I2C HID support
+#
+# CONFIG_I2C_HID_ACPI is not set
+# end of I2C HID support
+
+#
+# Intel ISH HID support
+#
+CONFIG_INTEL_ISH_HID=m
+# CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER is not set
+# end of Intel ISH HID support
+
+#
+# AMD SFH HID Support
+#
+# CONFIG_AMD_SFH_HID is not set
+# end of AMD SFH HID Support
+# end of HID support
+
+CONFIG_USB_OHCI_LITTLE_ENDIAN=y
+CONFIG_USB_SUPPORT=y
+CONFIG_USB_COMMON=y
+CONFIG_USB_LED_TRIG=y
+# CONFIG_USB_ULPI_BUS is not set
+# CONFIG_USB_CONN_GPIO is not set
+CONFIG_USB_ARCH_HAS_HCD=y
+CONFIG_USB=y
+CONFIG_USB_PCI=y
+CONFIG_USB_ANNOUNCE_NEW_DEVICES=y
+
+#
+# Miscellaneous USB options
+#
+CONFIG_USB_DEFAULT_PERSIST=y
+# CONFIG_USB_FEW_INIT_RETRIES is not set
+# CONFIG_USB_DYNAMIC_MINORS is not set
+# CONFIG_USB_OTG is not set
+# CONFIG_USB_OTG_PRODUCTLIST is not set
+CONFIG_USB_LEDS_TRIGGER_USBPORT=m
+CONFIG_USB_AUTOSUSPEND_DELAY=2
+CONFIG_USB_MON=y
+
+#
+# USB Host Controller Drivers
+#
+# CONFIG_USB_C67X00_HCD is not set
+CONFIG_USB_XHCI_HCD=y
+CONFIG_USB_XHCI_DBGCAP=y
+CONFIG_USB_XHCI_PCI=y
+# CONFIG_USB_XHCI_PCI_RENESAS is not set
+CONFIG_USB_XHCI_PLATFORM=m
+CONFIG_USB_EHCI_HCD=y
+CONFIG_USB_EHCI_ROOT_HUB_TT=y
+CONFIG_USB_EHCI_TT_NEWSCHED=y
+CONFIG_USB_EHCI_PCI=y
+# CONFIG_USB_EHCI_FSL is not set
+# CONFIG_USB_EHCI_HCD_PLATFORM is not set
+# CONFIG_USB_OXU210HP_HCD is not set
+# CONFIG_USB_ISP116X_HCD is not set
+# CONFIG_USB_FOTG210_HCD is not set
+# CONFIG_USB_MAX3421_HCD is not set
+CONFIG_USB_OHCI_HCD=y
+CONFIG_USB_OHCI_HCD_PCI=y
+# CONFIG_USB_OHCI_HCD_PLATFORM is not set
+CONFIG_USB_UHCI_HCD=y
+# CONFIG_USB_U132_HCD is not set
+# CONFIG_USB_SL811_HCD is not set
+# CONFIG_USB_R8A66597_HCD is not set
+# CONFIG_USB_HCD_BCMA is not set
+# CONFIG_USB_HCD_TEST_MODE is not set
+# CONFIG_USB_XEN_HCD is not set
+
+#
+# USB Device Class drivers
+#
+CONFIG_USB_ACM=m
+CONFIG_USB_PRINTER=m
+CONFIG_USB_WDM=m
+CONFIG_USB_TMC=m
+
+#
+# NOTE: USB_STORAGE depends on SCSI but BLK_DEV_SD may
+#
+
+#
+# also be needed; see USB_STORAGE Help for more info
+#
+CONFIG_USB_STORAGE=m
+# CONFIG_USB_STORAGE_DEBUG is not set
+CONFIG_USB_STORAGE_REALTEK=m
+CONFIG_REALTEK_AUTOPM=y
+CONFIG_USB_STORAGE_DATAFAB=m
+CONFIG_USB_STORAGE_FREECOM=m
+CONFIG_USB_STORAGE_ISD200=m
+CONFIG_USB_STORAGE_USBAT=m
+CONFIG_USB_STORAGE_SDDR09=m
+CONFIG_USB_STORAGE_SDDR55=m
+CONFIG_USB_STORAGE_JUMPSHOT=m
+CONFIG_USB_STORAGE_ALAUDA=m
+CONFIG_USB_STORAGE_ONETOUCH=m
+CONFIG_USB_STORAGE_KARMA=m
+CONFIG_USB_STORAGE_CYPRESS_ATACB=m
+CONFIG_USB_STORAGE_ENE_UB6250=m
+CONFIG_USB_UAS=m
+
+#
+# USB Imaging devices
+#
+CONFIG_USB_MDC800=m
+CONFIG_USB_MICROTEK=m
+# CONFIG_USBIP_CORE is not set
+# CONFIG_USB_CDNS_SUPPORT is not set
+# CONFIG_USB_MUSB_HDRC is not set
+# CONFIG_USB_DWC3 is not set
+# CONFIG_USB_DWC2 is not set
+# CONFIG_USB_CHIPIDEA is not set
+# CONFIG_USB_ISP1760 is not set
+
+#
+# USB port drivers
+#
+CONFIG_USB_USS720=m
+CONFIG_USB_SERIAL=m
+CONFIG_USB_SERIAL_GENERIC=y
+# CONFIG_USB_SERIAL_SIMPLE is not set
+CONFIG_USB_SERIAL_AIRCABLE=m
+CONFIG_USB_SERIAL_ARK3116=m
+CONFIG_USB_SERIAL_BELKIN=m
+CONFIG_USB_SERIAL_CH341=m
+CONFIG_USB_SERIAL_WHITEHEAT=m
+CONFIG_USB_SERIAL_DIGI_ACCELEPORT=m
+CONFIG_USB_SERIAL_CP210X=m
+CONFIG_USB_SERIAL_CYPRESS_M8=m
+CONFIG_USB_SERIAL_EMPEG=m
+CONFIG_USB_SERIAL_FTDI_SIO=m
+CONFIG_USB_SERIAL_VISOR=m
+CONFIG_USB_SERIAL_IPAQ=m
+CONFIG_USB_SERIAL_IR=m
+CONFIG_USB_SERIAL_EDGEPORT=m
+CONFIG_USB_SERIAL_EDGEPORT_TI=m
+# CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
+CONFIG_USB_SERIAL_GARMIN=m
+CONFIG_USB_SERIAL_IPW=m
+CONFIG_USB_SERIAL_IUU=m
+CONFIG_USB_SERIAL_KEYSPAN_PDA=m
+CONFIG_USB_SERIAL_KEYSPAN=m
+CONFIG_USB_SERIAL_KLSI=m
+CONFIG_USB_SERIAL_KOBIL_SCT=m
+CONFIG_USB_SERIAL_MCT_U232=m
+# CONFIG_USB_SERIAL_METRO is not set
+CONFIG_USB_SERIAL_MOS7720=m
+CONFIG_USB_SERIAL_MOS7715_PARPORT=y
+CONFIG_USB_SERIAL_MOS7840=m
+CONFIG_USB_SERIAL_MXUPORT=m
+CONFIG_USB_SERIAL_NAVMAN=m
+CONFIG_USB_SERIAL_PL2303=m
+CONFIG_USB_SERIAL_OTI6858=m
+CONFIG_USB_SERIAL_QCAUX=m
+CONFIG_USB_SERIAL_QUALCOMM=m
+CONFIG_USB_SERIAL_SPCP8X5=m
+CONFIG_USB_SERIAL_SAFE=m
+CONFIG_USB_SERIAL_SAFE_PADDED=y
+CONFIG_USB_SERIAL_SIERRAWIRELESS=m
+CONFIG_USB_SERIAL_SYMBOL=m
+CONFIG_USB_SERIAL_TI=m
+CONFIG_USB_SERIAL_CYBERJACK=m
+CONFIG_USB_SERIAL_WWAN=m
+CONFIG_USB_SERIAL_OPTION=m
+CONFIG_USB_SERIAL_OMNINET=m
+CONFIG_USB_SERIAL_OPTICON=m
+CONFIG_USB_SERIAL_XSENS_MT=m
+# CONFIG_USB_SERIAL_WISHBONE is not set
+CONFIG_USB_SERIAL_SSU100=m
+CONFIG_USB_SERIAL_QT2=m
+CONFIG_USB_SERIAL_UPD78F0730=m
+# CONFIG_USB_SERIAL_XR is not set
+CONFIG_USB_SERIAL_DEBUG=m
+
+#
+# USB Miscellaneous drivers
+#
+CONFIG_USB_EMI62=m
+CONFIG_USB_EMI26=m
+CONFIG_USB_ADUTUX=m
+CONFIG_USB_SEVSEG=m
+CONFIG_USB_LEGOTOWER=m
+CONFIG_USB_LCD=m
+# CONFIG_USB_CYPRESS_CY7C63 is not set
+# CONFIG_USB_CYTHERM is not set
+CONFIG_USB_IDMOUSE=m
+CONFIG_USB_FTDI_ELAN=m
+CONFIG_USB_APPLEDISPLAY=m
+# CONFIG_APPLE_MFI_FASTCHARGE is not set
+CONFIG_USB_SISUSBVGA=m
+CONFIG_USB_LD=m
+# CONFIG_USB_TRANCEVIBRATOR is not set
+CONFIG_USB_IOWARRIOR=m
+# CONFIG_USB_TEST is not set
+# CONFIG_USB_EHSET_TEST_FIXTURE is not set
+CONFIG_USB_ISIGHTFW=m
+# CONFIG_USB_YUREX is not set
+CONFIG_USB_EZUSB_FX2=m
+# CONFIG_USB_HUB_USB251XB is not set
+CONFIG_USB_HSIC_USB3503=m
+# CONFIG_USB_HSIC_USB4604 is not set
+# CONFIG_USB_LINK_LAYER_TEST is not set
+# CONFIG_USB_CHAOSKEY is not set
+CONFIG_USB_ATM=m
+CONFIG_USB_SPEEDTOUCH=m
+CONFIG_USB_CXACRU=m
+CONFIG_USB_UEAGLEATM=m
+CONFIG_USB_XUSBATM=m
+
+#
+# USB Physical Layer drivers
+#
+# CONFIG_NOP_USB_XCEIV is not set
+# CONFIG_USB_GPIO_VBUS is not set
+# CONFIG_USB_ISP1301 is not set
+# end of USB Physical Layer drivers
+
+# CONFIG_USB_GADGET is not set
+CONFIG_TYPEC=m
+CONFIG_TYPEC_TCPM=m
+CONFIG_TYPEC_TCPCI=m
+CONFIG_TYPEC_RT1711H=m
+# CONFIG_TYPEC_TCPCI_MAXIM is not set
+CONFIG_TYPEC_FUSB302=m
+CONFIG_TYPEC_UCSI=m
+# CONFIG_UCSI_CCG is not set
+CONFIG_UCSI_ACPI=m
+# CONFIG_UCSI_STM32G0 is not set
+CONFIG_TYPEC_TPS6598X=m
+# CONFIG_TYPEC_ANX7411 is not set
+# CONFIG_TYPEC_RT1719 is not set
+# CONFIG_TYPEC_HD3SS3220 is not set
+# CONFIG_TYPEC_STUSB160X is not set
+# CONFIG_TYPEC_WUSB3801 is not set
+
+#
+# USB Type-C Multiplexer/DeMultiplexer Switch support
+#
+# CONFIG_TYPEC_MUX_FSA4480 is not set
+CONFIG_TYPEC_MUX_PI3USB30532=m
+# end of USB Type-C Multiplexer/DeMultiplexer Switch support
+
+#
+# USB Type-C Alternate Mode drivers
+#
+CONFIG_TYPEC_DP_ALTMODE=m
+# CONFIG_TYPEC_NVIDIA_ALTMODE is not set
+# end of USB Type-C Alternate Mode drivers
+
+CONFIG_USB_ROLE_SWITCH=y
+CONFIG_USB_ROLES_INTEL_XHCI=y
+CONFIG_MMC=m
+CONFIG_MMC_BLOCK=m
+CONFIG_MMC_BLOCK_MINORS=8
+CONFIG_SDIO_UART=m
+# CONFIG_MMC_TEST is not set
+
+#
+# MMC/SD/SDIO Host Controller Drivers
+#
+# CONFIG_MMC_DEBUG is not set
+CONFIG_MMC_SDHCI=m
+CONFIG_MMC_SDHCI_IO_ACCESSORS=y
+CONFIG_MMC_SDHCI_PCI=m
+CONFIG_MMC_RICOH_MMC=y
+CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_PLTFM=m
+# CONFIG_MMC_SDHCI_F_SDH30 is not set
+# CONFIG_MMC_WBSD is not set
+CONFIG_MMC_TIFM_SD=m
+# CONFIG_MMC_SPI is not set
+CONFIG_MMC_CB710=m
+CONFIG_MMC_VIA_SDMMC=m
+CONFIG_MMC_VUB300=m
+CONFIG_MMC_USHC=m
+# CONFIG_MMC_USDHI6ROL0 is not set
+CONFIG_MMC_REALTEK_PCI=m
+CONFIG_MMC_REALTEK_USB=m
+CONFIG_MMC_CQHCI=m
+# CONFIG_MMC_HSQ is not set
+# CONFIG_MMC_TOSHIBA_PCI is not set
+# CONFIG_MMC_MTK is not set
+CONFIG_MMC_SDHCI_XENON=m
+# CONFIG_SCSI_UFSHCD is not set
+CONFIG_MEMSTICK=m
+# CONFIG_MEMSTICK_DEBUG is not set
+
+#
+# MemoryStick drivers
+#
+# CONFIG_MEMSTICK_UNSAFE_RESUME is not set
+CONFIG_MSPRO_BLOCK=m
+# CONFIG_MS_BLOCK is not set
+
+#
+# MemoryStick Host Controller Drivers
+#
+CONFIG_MEMSTICK_TIFM_MS=m
+CONFIG_MEMSTICK_JMICRON_38X=m
+CONFIG_MEMSTICK_R592=m
+CONFIG_MEMSTICK_REALTEK_PCI=m
+CONFIG_MEMSTICK_REALTEK_USB=m
+CONFIG_NEW_LEDS=y
+CONFIG_LEDS_CLASS=y
+# CONFIG_LEDS_CLASS_FLASH is not set
+# CONFIG_LEDS_CLASS_MULTICOLOR is not set
+# CONFIG_LEDS_BRIGHTNESS_HW_CHANGED is not set
+
+#
+# LED drivers
+#
+# CONFIG_LEDS_APU is not set
+CONFIG_LEDS_LM3530=m
+# CONFIG_LEDS_LM3532 is not set
+# CONFIG_LEDS_LM3642 is not set
+# CONFIG_LEDS_PCA9532 is not set
+# CONFIG_LEDS_GPIO is not set
+CONFIG_LEDS_LP3944=m
+# CONFIG_LEDS_LP3952 is not set
+# CONFIG_LEDS_LP50XX is not set
+# CONFIG_LEDS_PCA955X is not set
+# CONFIG_LEDS_PCA963X is not set
+# CONFIG_LEDS_DAC124S085 is not set
+# CONFIG_LEDS_PWM is not set
+# CONFIG_LEDS_BD2802 is not set
+CONFIG_LEDS_INTEL_SS4200=m
+# CONFIG_LEDS_LT3593 is not set
+# CONFIG_LEDS_TCA6507 is not set
+# CONFIG_LEDS_TLC591XX is not set
+# CONFIG_LEDS_LM355x is not set
+# CONFIG_LEDS_IS31FL319X is not set
+
+#
+# LED driver for blink(1) USB RGB LED is under Special HID drivers (HID_THINGM)
+#
+CONFIG_LEDS_BLINKM=m
+CONFIG_LEDS_MLXCPLD=m
+# CONFIG_LEDS_MLXREG is not set
+# CONFIG_LEDS_USER is not set
+# CONFIG_LEDS_NIC78BX is not set
+# CONFIG_LEDS_TI_LMU_COMMON is not set
+
+#
+# Flash and Torch LED drivers
+#
+
+#
+# RGB LED drivers
+#
+
+#
+# LED Triggers
+#
+CONFIG_LEDS_TRIGGERS=y
+CONFIG_LEDS_TRIGGER_TIMER=m
+CONFIG_LEDS_TRIGGER_ONESHOT=m
+CONFIG_LEDS_TRIGGER_DISK=y
+# CONFIG_LEDS_TRIGGER_MTD is not set
+CONFIG_LEDS_TRIGGER_HEARTBEAT=m
+CONFIG_LEDS_TRIGGER_BACKLIGHT=m
+# CONFIG_LEDS_TRIGGER_CPU is not set
+# CONFIG_LEDS_TRIGGER_ACTIVITY is not set
+CONFIG_LEDS_TRIGGER_GPIO=m
+CONFIG_LEDS_TRIGGER_DEFAULT_ON=m
+
+#
+# iptables trigger is under Netfilter config (LED target)
+#
+CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_TRIGGER_CAMERA=m
+# CONFIG_LEDS_TRIGGER_PANIC is not set
+# CONFIG_LEDS_TRIGGER_NETDEV is not set
+# CONFIG_LEDS_TRIGGER_PATTERN is not set
+CONFIG_LEDS_TRIGGER_AUDIO=m
+# CONFIG_LEDS_TRIGGER_TTY is not set
+
+#
+# Simple LED drivers
+#
+# CONFIG_ACCESSIBILITY is not set
+CONFIG_INFINIBAND=m
+CONFIG_INFINIBAND_USER_MAD=m
+CONFIG_INFINIBAND_USER_ACCESS=m
+CONFIG_INFINIBAND_USER_MEM=y
+CONFIG_INFINIBAND_ON_DEMAND_PAGING=y
+CONFIG_INFINIBAND_ADDR_TRANS=y
+CONFIG_INFINIBAND_ADDR_TRANS_CONFIGFS=y
+CONFIG_INFINIBAND_VIRT_DMA=y
+CONFIG_INFINIBAND_BNXT_RE=m
+CONFIG_INFINIBAND_CXGB4=m
+# CONFIG_INFINIBAND_EFA is not set
+# CONFIG_INFINIBAND_ERDMA is not set
+CONFIG_INFINIBAND_HFI1=m
+# CONFIG_HFI1_DEBUG_SDMA_ORDER is not set
+# CONFIG_SDMA_VERBOSITY is not set
+# CONFIG_INFINIBAND_IRDMA is not set
+CONFIG_MLX4_INFINIBAND=m
+CONFIG_MLX5_INFINIBAND=m
+# CONFIG_INFINIBAND_MTHCA is not set
+# CONFIG_INFINIBAND_OCRDMA is not set
+CONFIG_INFINIBAND_QEDR=m
+# CONFIG_INFINIBAND_QIB is not set
+CONFIG_INFINIBAND_USNIC=m
+CONFIG_INFINIBAND_VMWARE_PVRDMA=m
+CONFIG_INFINIBAND_RDMAVT=m
+CONFIG_RDMA_RXE=m
+# CONFIG_RDMA_SIW is not set
+CONFIG_INFINIBAND_IPOIB=m
+CONFIG_INFINIBAND_IPOIB_CM=y
+CONFIG_INFINIBAND_IPOIB_DEBUG=y
+# CONFIG_INFINIBAND_IPOIB_DEBUG_DATA is not set
+CONFIG_INFINIBAND_SRP=m
+CONFIG_INFINIBAND_SRPT=m
+CONFIG_INFINIBAND_ISER=m
+CONFIG_INFINIBAND_ISERT=m
+# CONFIG_INFINIBAND_RTRS_CLIENT is not set
+# CONFIG_INFINIBAND_RTRS_SERVER is not set
+CONFIG_INFINIBAND_OPA_VNIC=m
+CONFIG_EDAC_ATOMIC_SCRUB=y
+CONFIG_EDAC_SUPPORT=y
+CONFIG_EDAC=y
+CONFIG_EDAC_LEGACY_SYSFS=y
+# CONFIG_EDAC_DEBUG is not set
+CONFIG_EDAC_DECODE_MCE=m
+CONFIG_EDAC_GHES=y
+CONFIG_EDAC_AMD64=m
+CONFIG_EDAC_E752X=m
+CONFIG_EDAC_I82975X=m
+CONFIG_EDAC_I3000=m
+CONFIG_EDAC_I3200=m
+CONFIG_EDAC_IE31200=m
+CONFIG_EDAC_X38=m
+CONFIG_EDAC_I5400=m
+CONFIG_EDAC_I7CORE=m
+CONFIG_EDAC_I5000=m
+CONFIG_EDAC_I5100=m
+CONFIG_EDAC_I7300=m
+CONFIG_EDAC_SBRIDGE=m
+CONFIG_EDAC_SKX=m
+CONFIG_EDAC_I10NM=m
+CONFIG_EDAC_PND2=m
+# CONFIG_EDAC_IGEN6 is not set
+CONFIG_RTC_LIB=y
+CONFIG_RTC_MC146818_LIB=y
+CONFIG_RTC_CLASS=y
+CONFIG_RTC_HCTOSYS=y
+CONFIG_RTC_HCTOSYS_DEVICE="rtc0"
+# CONFIG_RTC_SYSTOHC is not set
+# CONFIG_RTC_DEBUG is not set
+CONFIG_RTC_NVMEM=y
+
+#
+# RTC interfaces
+#
+CONFIG_RTC_INTF_SYSFS=y
+CONFIG_RTC_INTF_PROC=y
+CONFIG_RTC_INTF_DEV=y
+# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set
+# CONFIG_RTC_DRV_TEST is not set
+
+#
+# I2C RTC drivers
+#
+# CONFIG_RTC_DRV_ABB5ZES3 is not set
+# CONFIG_RTC_DRV_ABEOZ9 is not set
+# CONFIG_RTC_DRV_ABX80X is not set
+CONFIG_RTC_DRV_DS1307=m
+# CONFIG_RTC_DRV_DS1307_CENTURY is not set
+CONFIG_RTC_DRV_DS1374=m
+# CONFIG_RTC_DRV_DS1374_WDT is not set
+CONFIG_RTC_DRV_DS1672=m
+CONFIG_RTC_DRV_MAX6900=m
+CONFIG_RTC_DRV_RS5C372=m
+CONFIG_RTC_DRV_ISL1208=m
+CONFIG_RTC_DRV_ISL12022=m
+CONFIG_RTC_DRV_X1205=m
+CONFIG_RTC_DRV_PCF8523=m
+# CONFIG_RTC_DRV_PCF85063 is not set
+# CONFIG_RTC_DRV_PCF85363 is not set
+CONFIG_RTC_DRV_PCF8563=m
+CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_M41T80=m
+CONFIG_RTC_DRV_M41T80_WDT=y
+CONFIG_RTC_DRV_BQ32K=m
+# CONFIG_RTC_DRV_S35390A is not set
+CONFIG_RTC_DRV_FM3130=m
+# CONFIG_RTC_DRV_RX8010 is not set
+CONFIG_RTC_DRV_RX8581=m
+CONFIG_RTC_DRV_RX8025=m
+CONFIG_RTC_DRV_EM3027=m
+# CONFIG_RTC_DRV_RV3028 is not set
+# CONFIG_RTC_DRV_RV3032 is not set
+CONFIG_RTC_DRV_RV8803=m
+# CONFIG_RTC_DRV_SD3078 is not set
+
+#
+# SPI RTC drivers
+#
+# CONFIG_RTC_DRV_M41T93 is not set
+# CONFIG_RTC_DRV_M41T94 is not set
+# CONFIG_RTC_DRV_DS1302 is not set
+# CONFIG_RTC_DRV_DS1305 is not set
+# CONFIG_RTC_DRV_DS1343 is not set
+# CONFIG_RTC_DRV_DS1347 is not set
+# CONFIG_RTC_DRV_DS1390 is not set
+# CONFIG_RTC_DRV_MAX6916 is not set
+# CONFIG_RTC_DRV_R9701 is not set
+CONFIG_RTC_DRV_RX4581=m
+# CONFIG_RTC_DRV_RS5C348 is not set
+# CONFIG_RTC_DRV_MAX6902 is not set
+# CONFIG_RTC_DRV_PCF2123 is not set
+# CONFIG_RTC_DRV_MCP795 is not set
+CONFIG_RTC_I2C_AND_SPI=y
+
+#
+# SPI and I2C RTC drivers
+#
+CONFIG_RTC_DRV_DS3232=m
+CONFIG_RTC_DRV_DS3232_HWMON=y
+# CONFIG_RTC_DRV_PCF2127 is not set
+CONFIG_RTC_DRV_RV3029C2=m
+# CONFIG_RTC_DRV_RV3029_HWMON is not set
+# CONFIG_RTC_DRV_RX6110 is not set
+
+#
+# Platform RTC drivers
+#
+CONFIG_RTC_DRV_CMOS=y
+CONFIG_RTC_DRV_DS1286=m
+CONFIG_RTC_DRV_DS1511=m
+CONFIG_RTC_DRV_DS1553=m
+# CONFIG_RTC_DRV_DS1685_FAMILY is not set
+CONFIG_RTC_DRV_DS1742=m
+CONFIG_RTC_DRV_DS2404=m
+CONFIG_RTC_DRV_STK17TA8=m
+# CONFIG_RTC_DRV_M48T86 is not set
+CONFIG_RTC_DRV_M48T35=m
+CONFIG_RTC_DRV_M48T59=m
+CONFIG_RTC_DRV_MSM6242=m
+CONFIG_RTC_DRV_BQ4802=m
+CONFIG_RTC_DRV_RP5C01=m
+CONFIG_RTC_DRV_V3020=m
+
+#
+# on-CPU RTC drivers
+#
+# CONFIG_RTC_DRV_FTRTC010 is not set
+
+#
+# HID Sensor RTC drivers
+#
+# CONFIG_RTC_DRV_HID_SENSOR_TIME is not set
+# CONFIG_RTC_DRV_GOLDFISH is not set
+CONFIG_DMADEVICES=y
+# CONFIG_DMADEVICES_DEBUG is not set
+
+#
+# DMA Devices
+#
+CONFIG_DMA_ENGINE=y
+CONFIG_DMA_VIRTUAL_CHANNELS=y
+CONFIG_DMA_ACPI=y
+# CONFIG_ALTERA_MSGDMA is not set
+CONFIG_INTEL_IDMA64=m
+CONFIG_INTEL_IDXD_BUS=m
+CONFIG_INTEL_IDXD=m
+# CONFIG_INTEL_IDXD_COMPAT is not set
+CONFIG_INTEL_IDXD_SVM=y
+CONFIG_INTEL_IDXD_PERFMON=y
+CONFIG_INTEL_IOATDMA=m
+# CONFIG_PLX_DMA is not set
+# CONFIG_AMD_PTDMA is not set
+# CONFIG_QCOM_HIDMA_MGMT is not set
+# CONFIG_QCOM_HIDMA is not set
+CONFIG_DW_DMAC_CORE=y
+CONFIG_DW_DMAC=m
+CONFIG_DW_DMAC_PCI=y
+# CONFIG_DW_EDMA is not set
+# CONFIG_DW_EDMA_PCIE is not set
+CONFIG_HSU_DMA=y
+# CONFIG_SF_PDMA is not set
+# CONFIG_INTEL_LDMA is not set
+
+#
+# DMA Clients
+#
+CONFIG_ASYNC_TX_DMA=y
+CONFIG_DMATEST=m
+CONFIG_DMA_ENGINE_RAID=y
+
+#
+# DMABUF options
+#
+CONFIG_SYNC_FILE=y
+# CONFIG_SW_SYNC is not set
+# CONFIG_UDMABUF is not set
+# CONFIG_DMABUF_MOVE_NOTIFY is not set
+# CONFIG_DMABUF_DEBUG is not set
+# CONFIG_DMABUF_SELFTESTS is not set
+# CONFIG_DMABUF_HEAPS is not set
+# CONFIG_DMABUF_SYSFS_STATS is not set
+# end of DMABUF options
+
+CONFIG_DCA=m
+# CONFIG_AUXDISPLAY is not set
+# CONFIG_PANEL is not set
+CONFIG_UIO=m
+CONFIG_UIO_CIF=m
+CONFIG_UIO_PDRV_GENIRQ=m
+# CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_AEC=m
+CONFIG_UIO_SERCOS3=m
+CONFIG_UIO_PCI_GENERIC=m
+# CONFIG_UIO_NETX is not set
+# CONFIG_UIO_PRUSS is not set
+# CONFIG_UIO_MF624 is not set
+CONFIG_UIO_HV_GENERIC=m
+CONFIG_VFIO=m
+CONFIG_VFIO_IOMMU_TYPE1=m
+CONFIG_VFIO_VIRQFD=m
+CONFIG_VFIO_NOIOMMU=y
+CONFIG_VFIO_PCI_CORE=m
+CONFIG_VFIO_PCI_MMAP=y
+CONFIG_VFIO_PCI_INTX=y
+CONFIG_VFIO_PCI=m
+# CONFIG_VFIO_PCI_VGA is not set
+# CONFIG_VFIO_PCI_IGD is not set
+# CONFIG_MLX5_VFIO_PCI is not set
+CONFIG_VFIO_MDEV=m
+CONFIG_IRQ_BYPASS_MANAGER=m
+# CONFIG_VIRT_DRIVERS is not set
+CONFIG_VIRTIO_ANCHOR=y
+CONFIG_VIRTIO=y
+CONFIG_VIRTIO_PCI_LIB=y
+CONFIG_VIRTIO_PCI_LIB_LEGACY=y
+CONFIG_VIRTIO_MENU=y
+CONFIG_VIRTIO_PCI=y
+CONFIG_VIRTIO_PCI_LEGACY=y
+# CONFIG_VIRTIO_PMEM is not set
+CONFIG_VIRTIO_BALLOON=m
+CONFIG_VIRTIO_MEM=m
+CONFIG_VIRTIO_INPUT=m
+# CONFIG_VIRTIO_MMIO is not set
+CONFIG_VIRTIO_DMA_SHARED_BUFFER=m
+# CONFIG_VDPA is not set
+CONFIG_VHOST_IOTLB=m
+CONFIG_VHOST=m
+CONFIG_VHOST_MENU=y
+CONFIG_VHOST_NET=m
+# CONFIG_VHOST_SCSI is not set
+CONFIG_VHOST_VSOCK=m
+# CONFIG_VHOST_CROSS_ENDIAN_LEGACY is not set
+
+#
+# Microsoft Hyper-V guest support
+#
+CONFIG_HYPERV=m
+CONFIG_HYPERV_TIMER=y
+CONFIG_HYPERV_UTILS=m
+CONFIG_HYPERV_BALLOON=m
+# end of Microsoft Hyper-V guest support
+
+#
+# Xen driver support
+#
+CONFIG_XEN_BALLOON=y
+# CONFIG_XEN_BALLOON_MEMORY_HOTPLUG is not set
+CONFIG_XEN_SCRUB_PAGES_DEFAULT=y
+CONFIG_XEN_DEV_EVTCHN=m
+# CONFIG_XEN_BACKEND is not set
+CONFIG_XENFS=m
+CONFIG_XEN_COMPAT_XENFS=y
+CONFIG_XEN_SYS_HYPERVISOR=y
+CONFIG_XEN_XENBUS_FRONTEND=y
+# CONFIG_XEN_GNTDEV is not set
+# CONFIG_XEN_GRANT_DEV_ALLOC is not set
+# CONFIG_XEN_GRANT_DMA_ALLOC is not set
+# CONFIG_XEN_PVCALLS_FRONTEND is not set
+CONFIG_XEN_PRIVCMD=m
+CONFIG_XEN_EFI=y
+CONFIG_XEN_AUTO_XLATE=y
+CONFIG_XEN_ACPI=y
+CONFIG_XEN_FRONT_PGDIR_SHBUF=m
+# CONFIG_XEN_UNPOPULATED_ALLOC is not set
+# CONFIG_XEN_VIRTIO is not set
+# end of Xen driver support
+
+# CONFIG_GREYBUS is not set
+# CONFIG_COMEDI is not set
+# CONFIG_STAGING is not set
+# CONFIG_CHROME_PLATFORMS is not set
+CONFIG_MELLANOX_PLATFORM=y
+CONFIG_MLXREG_HOTPLUG=m
+# CONFIG_MLXREG_IO is not set
+# CONFIG_MLXREG_LC is not set
+# CONFIG_NVSW_SN2201 is not set
+CONFIG_SURFACE_PLATFORMS=y
+# CONFIG_SURFACE3_WMI is not set
+# CONFIG_SURFACE_3_POWER_OPREGION is not set
+# CONFIG_SURFACE_GPE is not set
+# CONFIG_SURFACE_HOTPLUG is not set
+# CONFIG_SURFACE_PRO3_BUTTON is not set
+CONFIG_X86_PLATFORM_DEVICES=y
+CONFIG_ACPI_WMI=m
+CONFIG_WMI_BMOF=m
+# CONFIG_HUAWEI_WMI is not set
+# CONFIG_UV_SYSFS is not set
+CONFIG_MXM_WMI=m
+# CONFIG_PEAQ_WMI is not set
+# CONFIG_NVIDIA_WMI_EC_BACKLIGHT is not set
+# CONFIG_XIAOMI_WMI is not set
+# CONFIG_GIGABYTE_WMI is not set
+# CONFIG_YOGABOOK_WMI is not set
+CONFIG_ACERHDF=m
+# CONFIG_ACER_WIRELESS is not set
+CONFIG_ACER_WMI=m
+# CONFIG_AMD_PMF is not set
+# CONFIG_AMD_PMC is not set
+CONFIG_AMD_HSMP=m
+# CONFIG_ADV_SWBUTTON is not set
+CONFIG_APPLE_GMUX=m
+CONFIG_ASUS_LAPTOP=m
+# CONFIG_ASUS_WIRELESS is not set
+CONFIG_ASUS_WMI=m
+CONFIG_ASUS_NB_WMI=m
+# CONFIG_ASUS_TF103C_DOCK is not set
+# CONFIG_MERAKI_MX100 is not set
+CONFIG_EEEPC_LAPTOP=m
+CONFIG_EEEPC_WMI=m
+# CONFIG_X86_PLATFORM_DRIVERS_DELL is not set
+CONFIG_AMILO_RFKILL=m
+CONFIG_FUJITSU_LAPTOP=m
+CONFIG_FUJITSU_TABLET=m
+# CONFIG_GPD_POCKET_FAN is not set
+CONFIG_HP_ACCEL=m
+# CONFIG_WIRELESS_HOTKEY is not set
+CONFIG_HP_WMI=m
+# CONFIG_IBM_RTL is not set
+CONFIG_IDEAPAD_LAPTOP=m
+CONFIG_SENSORS_HDAPS=m
+CONFIG_THINKPAD_ACPI=m
+CONFIG_THINKPAD_ACPI_ALSA_SUPPORT=y
+# CONFIG_THINKPAD_ACPI_DEBUGFACILITIES is not set
+# CONFIG_THINKPAD_ACPI_DEBUG is not set
+# CONFIG_THINKPAD_ACPI_UNSAFE_LEDS is not set
+CONFIG_THINKPAD_ACPI_VIDEO=y
+CONFIG_THINKPAD_ACPI_HOTKEY_POLL=y
+# CONFIG_THINKPAD_LMI is not set
+# CONFIG_INTEL_ATOMISP2_PM is not set
+# CONFIG_INTEL_SAR_INT1092 is not set
+CONFIG_INTEL_PMC_CORE=m
+
+#
+# Intel Speed Select Technology interface support
+#
+CONFIG_INTEL_SPEED_SELECT_INTERFACE=m
+# end of Intel Speed Select Technology interface support
+
+CONFIG_INTEL_WMI=y
+# CONFIG_INTEL_WMI_SBL_FW_UPDATE is not set
+CONFIG_INTEL_WMI_THUNDERBOLT=m
+
+#
+# Intel Uncore Frequency Control
+#
+# CONFIG_INTEL_UNCORE_FREQ_CONTROL is not set
+# end of Intel Uncore Frequency Control
+
+CONFIG_INTEL_HID_EVENT=m
+CONFIG_INTEL_VBTN=m
+# CONFIG_INTEL_INT0002_VGPIO is not set
+CONFIG_INTEL_OAKTRAIL=m
+# CONFIG_INTEL_ISHTP_ECLITE is not set
+# CONFIG_INTEL_PUNIT_IPC is not set
+CONFIG_INTEL_RST=m
+# CONFIG_INTEL_SMARTCONNECT is not set
+CONFIG_INTEL_TURBO_MAX_3=y
+# CONFIG_INTEL_VSEC is not set
+CONFIG_MSI_LAPTOP=m
+CONFIG_MSI_WMI=m
+# CONFIG_PCENGINES_APU2 is not set
+# CONFIG_BARCO_P50_GPIO is not set
+CONFIG_SAMSUNG_LAPTOP=m
+CONFIG_SAMSUNG_Q10=m
+# CONFIG_ACPI_TOSHIBA is not set
+CONFIG_TOSHIBA_BT_RFKILL=m
+# CONFIG_TOSHIBA_HAPS is not set
+# CONFIG_TOSHIBA_WMI is not set
+CONFIG_ACPI_CMPC=m
+CONFIG_COMPAL_LAPTOP=m
+# CONFIG_LG_LAPTOP is not set
+CONFIG_PANASONIC_LAPTOP=m
+CONFIG_SONY_LAPTOP=m
+CONFIG_SONYPI_COMPAT=y
+# CONFIG_SYSTEM76_ACPI is not set
+CONFIG_TOPSTAR_LAPTOP=m
+# CONFIG_SERIAL_MULTI_INSTANTIATE is not set
+CONFIG_MLX_PLATFORM=m
+CONFIG_INTEL_IPS=m
+# CONFIG_INTEL_SCU_PCI is not set
+# CONFIG_INTEL_SCU_PLATFORM is not set
+# CONFIG_SIEMENS_SIMATIC_IPC is not set
+# CONFIG_WINMATE_FM07_KEYS is not set
+CONFIG_P2SB=y
+CONFIG_HAVE_CLK=y
+CONFIG_HAVE_CLK_PREPARE=y
+CONFIG_COMMON_CLK=y
+# CONFIG_LMK04832 is not set
+# CONFIG_COMMON_CLK_MAX9485 is not set
+# CONFIG_COMMON_CLK_SI5341 is not set
+# CONFIG_COMMON_CLK_SI5351 is not set
+# CONFIG_COMMON_CLK_SI544 is not set
+# CONFIG_COMMON_CLK_CDCE706 is not set
+# CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_PWM is not set
+# CONFIG_XILINX_VCU is not set
+CONFIG_HWSPINLOCK=y
+
+#
+# Clock Source drivers
+#
+CONFIG_CLKEVT_I8253=y
+CONFIG_I8253_LOCK=y
+CONFIG_CLKBLD_I8253=y
+# end of Clock Source drivers
+
+CONFIG_MAILBOX=y
+CONFIG_PCC=y
+# CONFIG_ALTERA_MBOX is not set
+CONFIG_IOMMU_IOVA=y
+CONFIG_IOASID=y
+CONFIG_IOMMU_API=y
+CONFIG_IOMMU_SUPPORT=y
+
+#
+# Generic IOMMU Pagetable Support
+#
+CONFIG_IOMMU_IO_PGTABLE=y
+# end of Generic IOMMU Pagetable Support
+
+# CONFIG_IOMMU_DEBUGFS is not set
+# CONFIG_IOMMU_DEFAULT_DMA_STRICT is not set
+# CONFIG_IOMMU_DEFAULT_DMA_LAZY is not set
+CONFIG_IOMMU_DEFAULT_PASSTHROUGH=y
+CONFIG_IOMMU_DMA=y
+CONFIG_IOMMU_SVA=y
+CONFIG_AMD_IOMMU=y
+CONFIG_AMD_IOMMU_V2=m
+CONFIG_DMAR_TABLE=y
+CONFIG_INTEL_IOMMU=y
+CONFIG_INTEL_IOMMU_SVM=y
+# CONFIG_INTEL_IOMMU_DEFAULT_ON is not set
+CONFIG_INTEL_IOMMU_FLOPPY_WA=y
+# CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON is not set
+CONFIG_IRQ_REMAP=y
+CONFIG_HYPERV_IOMMU=y
+# CONFIG_VIRTIO_IOMMU is not set
+
+#
+# Remoteproc drivers
+#
+# CONFIG_REMOTEPROC is not set
+# end of Remoteproc drivers
+
+#
+# Rpmsg drivers
+#
+# CONFIG_RPMSG_QCOM_GLINK_RPM is not set
+# CONFIG_RPMSG_VIRTIO is not set
+# end of Rpmsg drivers
+
+# CONFIG_SOUNDWIRE is not set
+
+#
+# SOC (System On Chip) specific Drivers
+#
+
+#
+# Amlogic SoC drivers
+#
+# end of Amlogic SoC drivers
+
+#
+# Broadcom SoC drivers
+#
+# end of Broadcom SoC drivers
+
+#
+# NXP/Freescale QorIQ SoC drivers
+#
+# end of NXP/Freescale QorIQ SoC drivers
+
+#
+# fujitsu SoC drivers
+#
+# end of fujitsu SoC drivers
+
+#
+# i.MX SoC drivers
+#
+# end of i.MX SoC drivers
+
+#
+# Enable LiteX SoC Builder specific drivers
+#
+# end of Enable LiteX SoC Builder specific drivers
+
+#
+# Qualcomm SoC drivers
+#
+# end of Qualcomm SoC drivers
+
+# CONFIG_SOC_TI is not set
+
+#
+# Xilinx SoC drivers
+#
+# end of Xilinx SoC drivers
+# end of SOC (System On Chip) specific Drivers
+
+# CONFIG_PM_DEVFREQ is not set
+# CONFIG_EXTCON is not set
+# CONFIG_MEMORY is not set
+CONFIG_IIO=m
+CONFIG_IIO_BUFFER=y
+# CONFIG_IIO_BUFFER_CB is not set
+# CONFIG_IIO_BUFFER_DMA is not set
+# CONFIG_IIO_BUFFER_DMAENGINE is not set
+# CONFIG_IIO_BUFFER_HW_CONSUMER is not set
+CONFIG_IIO_KFIFO_BUF=m
+CONFIG_IIO_TRIGGERED_BUFFER=m
+# CONFIG_IIO_CONFIGFS is not set
+CONFIG_IIO_TRIGGER=y
+CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+# CONFIG_IIO_SW_DEVICE is not set
+# CONFIG_IIO_SW_TRIGGER is not set
+# CONFIG_IIO_TRIGGERED_EVENT is not set
+
+#
+# Accelerometers
+#
+# CONFIG_ADIS16201 is not set
+# CONFIG_ADIS16209 is not set
+# CONFIG_ADXL313_I2C is not set
+# CONFIG_ADXL313_SPI is not set
+# CONFIG_ADXL345_I2C is not set
+# CONFIG_ADXL345_SPI is not set
+# CONFIG_ADXL355_I2C is not set
+# CONFIG_ADXL355_SPI is not set
+# CONFIG_ADXL367_SPI is not set
+# CONFIG_ADXL367_I2C is not set
+# CONFIG_ADXL372_SPI is not set
+# CONFIG_ADXL372_I2C is not set
+# CONFIG_BMA180 is not set
+# CONFIG_BMA220 is not set
+# CONFIG_BMA400 is not set
+# CONFIG_BMC150_ACCEL is not set
+# CONFIG_BMI088_ACCEL is not set
+# CONFIG_DA280 is not set
+# CONFIG_DA311 is not set
+# CONFIG_DMARD06 is not set
+# CONFIG_DMARD09 is not set
+# CONFIG_DMARD10 is not set
+# CONFIG_FXLS8962AF_I2C is not set
+# CONFIG_FXLS8962AF_SPI is not set
+CONFIG_HID_SENSOR_ACCEL_3D=m
+# CONFIG_IIO_ST_ACCEL_3AXIS is not set
+# CONFIG_KXSD9 is not set
+# CONFIG_KXCJK1013 is not set
+# CONFIG_MC3230 is not set
+# CONFIG_MMA7455_I2C is not set
+# CONFIG_MMA7455_SPI is not set
+# CONFIG_MMA7660 is not set
+# CONFIG_MMA8452 is not set
+# CONFIG_MMA9551 is not set
+# CONFIG_MMA9553 is not set
+# CONFIG_MSA311 is not set
+# CONFIG_MXC4005 is not set
+# CONFIG_MXC6255 is not set
+# CONFIG_SCA3000 is not set
+# CONFIG_SCA3300 is not set
+# CONFIG_STK8312 is not set
+# CONFIG_STK8BA50 is not set
+# end of Accelerometers
+
+#
+# Analog to digital converters
+#
+# CONFIG_AD7091R5 is not set
+# CONFIG_AD7124 is not set
+# CONFIG_AD7192 is not set
+# CONFIG_AD7266 is not set
+# CONFIG_AD7280 is not set
+# CONFIG_AD7291 is not set
+# CONFIG_AD7292 is not set
+# CONFIG_AD7298 is not set
+# CONFIG_AD7476 is not set
+# CONFIG_AD7606_IFACE_PARALLEL is not set
+# CONFIG_AD7606_IFACE_SPI is not set
+# CONFIG_AD7766 is not set
+# CONFIG_AD7768_1 is not set
+# CONFIG_AD7780 is not set
+# CONFIG_AD7791 is not set
+# CONFIG_AD7793 is not set
+# CONFIG_AD7887 is not set
+# CONFIG_AD7923 is not set
+# CONFIG_AD7949 is not set
+# CONFIG_AD799X is not set
+# CONFIG_ENVELOPE_DETECTOR is not set
+# CONFIG_HI8435 is not set
+# CONFIG_HX711 is not set
+# CONFIG_INA2XX_ADC is not set
+# CONFIG_LTC2471 is not set
+# CONFIG_LTC2485 is not set
+# CONFIG_LTC2496 is not set
+# CONFIG_LTC2497 is not set
+# CONFIG_MAX1027 is not set
+# CONFIG_MAX11100 is not set
+# CONFIG_MAX1118 is not set
+# CONFIG_MAX11205 is not set
+# CONFIG_MAX1241 is not set
+# CONFIG_MAX1363 is not set
+# CONFIG_MAX9611 is not set
+# CONFIG_MCP320X is not set
+# CONFIG_MCP3422 is not set
+# CONFIG_MCP3911 is not set
+# CONFIG_NAU7802 is not set
+# CONFIG_RICHTEK_RTQ6056 is not set
+# CONFIG_SD_ADC_MODULATOR is not set
+# CONFIG_TI_ADC081C is not set
+# CONFIG_TI_ADC0832 is not set
+# CONFIG_TI_ADC084S021 is not set
+# CONFIG_TI_ADC12138 is not set
+# CONFIG_TI_ADC108S102 is not set
+# CONFIG_TI_ADC128S052 is not set
+# CONFIG_TI_ADC161S626 is not set
+# CONFIG_TI_ADS1015 is not set
+# CONFIG_TI_ADS7950 is not set
+# CONFIG_TI_ADS8344 is not set
+# CONFIG_TI_ADS8688 is not set
+# CONFIG_TI_ADS124S08 is not set
+# CONFIG_TI_ADS131E08 is not set
+# CONFIG_TI_TLC4541 is not set
+# CONFIG_TI_TSC2046 is not set
+# CONFIG_VF610_ADC is not set
+# CONFIG_VIPERBOARD_ADC is not set
+# CONFIG_XILINX_XADC is not set
+# end of Analog to digital converters
+
+#
+# Analog to digital and digital to analog converters
+#
+# CONFIG_AD74413R is not set
+# end of Analog to digital and digital to analog converters
+
+#
+# Analog Front Ends
+#
+# CONFIG_IIO_RESCALE is not set
+# end of Analog Front Ends
+
+#
+# Amplifiers
+#
+# CONFIG_AD8366 is not set
+# CONFIG_ADA4250 is not set
+# CONFIG_HMC425 is not set
+# end of Amplifiers
+
+#
+# Capacitance to digital converters
+#
+# CONFIG_AD7150 is not set
+# CONFIG_AD7746 is not set
+# end of Capacitance to digital converters
+
+#
+# Chemical Sensors
+#
+# CONFIG_ATLAS_PH_SENSOR is not set
+# CONFIG_ATLAS_EZO_SENSOR is not set
+# CONFIG_BME680 is not set
+# CONFIG_CCS811 is not set
+# CONFIG_IAQCORE is not set
+# CONFIG_SCD30_CORE is not set
+# CONFIG_SCD4X is not set
+# CONFIG_SENSIRION_SGP30 is not set
+# CONFIG_SENSIRION_SGP40 is not set
+# CONFIG_SPS30_I2C is not set
+# CONFIG_SENSEAIR_SUNRISE_CO2 is not set
+# CONFIG_VZ89X is not set
+# end of Chemical Sensors
+
+#
+# Hid Sensor IIO Common
+#
+CONFIG_HID_SENSOR_IIO_COMMON=m
+CONFIG_HID_SENSOR_IIO_TRIGGER=m
+# end of Hid Sensor IIO Common
+
+#
+# IIO SCMI Sensors
+#
+# end of IIO SCMI Sensors
+
+#
+# SSP Sensor Common
+#
+# CONFIG_IIO_SSP_SENSORHUB is not set
+# end of SSP Sensor Common
+
+#
+# Digital to analog converters
+#
+# CONFIG_AD3552R is not set
+# CONFIG_AD5064 is not set
+# CONFIG_AD5360 is not set
+# CONFIG_AD5380 is not set
+# CONFIG_AD5421 is not set
+# CONFIG_AD5446 is not set
+# CONFIG_AD5449 is not set
+# CONFIG_AD5592R is not set
+# CONFIG_AD5593R is not set
+# CONFIG_AD5504 is not set
+# CONFIG_AD5624R_SPI is not set
+# CONFIG_LTC2688 is not set
+# CONFIG_AD5686_SPI is not set
+# CONFIG_AD5696_I2C is not set
+# CONFIG_AD5755 is not set
+# CONFIG_AD5758 is not set
+# CONFIG_AD5761 is not set
+# CONFIG_AD5764 is not set
+# CONFIG_AD5766 is not set
+# CONFIG_AD5770R is not set
+# CONFIG_AD5791 is not set
+# CONFIG_AD7293 is not set
+# CONFIG_AD7303 is not set
+# CONFIG_AD8801 is not set
+# CONFIG_DPOT_DAC is not set
+# CONFIG_DS4424 is not set
+# CONFIG_LTC1660 is not set
+# CONFIG_LTC2632 is not set
+# CONFIG_M62332 is not set
+# CONFIG_MAX517 is not set
+# CONFIG_MAX5821 is not set
+# CONFIG_MCP4725 is not set
+# CONFIG_MCP4922 is not set
+# CONFIG_TI_DAC082S085 is not set
+# CONFIG_TI_DAC5571 is not set
+# CONFIG_TI_DAC7311 is not set
+# CONFIG_TI_DAC7612 is not set
+# CONFIG_VF610_DAC is not set
+# end of Digital to analog converters
+
+#
+# IIO dummy driver
+#
+# end of IIO dummy driver
+
+#
+# Filters
+#
+# CONFIG_ADMV8818 is not set
+# end of Filters
+
+#
+# Frequency Synthesizers DDS/PLL
+#
+
+#
+# Clock Generator/Distribution
+#
+# CONFIG_AD9523 is not set
+# end of Clock Generator/Distribution
+
+#
+# Phase-Locked Loop (PLL) frequency synthesizers
+#
+# CONFIG_ADF4350 is not set
+# CONFIG_ADF4371 is not set
+# CONFIG_ADMV1013 is not set
+# CONFIG_ADMV1014 is not set
+# CONFIG_ADMV4420 is not set
+# CONFIG_ADRF6780 is not set
+# end of Phase-Locked Loop (PLL) frequency synthesizers
+# end of Frequency Synthesizers DDS/PLL
+
+#
+# Digital gyroscope sensors
+#
+# CONFIG_ADIS16080 is not set
+# CONFIG_ADIS16130 is not set
+# CONFIG_ADIS16136 is not set
+# CONFIG_ADIS16260 is not set
+# CONFIG_ADXRS290 is not set
+# CONFIG_ADXRS450 is not set
+# CONFIG_BMG160 is not set
+# CONFIG_FXAS21002C is not set
+CONFIG_HID_SENSOR_GYRO_3D=m
+# CONFIG_MPU3050_I2C is not set
+# CONFIG_IIO_ST_GYRO_3AXIS is not set
+# CONFIG_ITG3200 is not set
+# end of Digital gyroscope sensors
+
+#
+# Health Sensors
+#
+
+#
+# Heart Rate Monitors
+#
+# CONFIG_AFE4403 is not set
+# CONFIG_AFE4404 is not set
+# CONFIG_MAX30100 is not set
+# CONFIG_MAX30102 is not set
+# end of Heart Rate Monitors
+# end of Health Sensors
+
+#
+# Humidity sensors
+#
+# CONFIG_AM2315 is not set
+# CONFIG_DHT11 is not set
+# CONFIG_HDC100X is not set
+# CONFIG_HDC2010 is not set
+CONFIG_HID_SENSOR_HUMIDITY=m
+# CONFIG_HTS221 is not set
+# CONFIG_HTU21 is not set
+# CONFIG_SI7005 is not set
+# CONFIG_SI7020 is not set
+# end of Humidity sensors
+
+#
+# Inertial measurement units
+#
+# CONFIG_ADIS16400 is not set
+# CONFIG_ADIS16460 is not set
+# CONFIG_ADIS16475 is not set
+# CONFIG_ADIS16480 is not set
+# CONFIG_BMI160_I2C is not set
+# CONFIG_BMI160_SPI is not set
+# CONFIG_BOSCH_BNO055_I2C is not set
+# CONFIG_FXOS8700_I2C is not set
+# CONFIG_FXOS8700_SPI is not set
+# CONFIG_KMX61 is not set
+# CONFIG_INV_ICM42600_I2C is not set
+# CONFIG_INV_ICM42600_SPI is not set
+# CONFIG_INV_MPU6050_I2C is not set
+# CONFIG_INV_MPU6050_SPI is not set
+# CONFIG_IIO_ST_LSM6DSX is not set
+# CONFIG_IIO_ST_LSM9DS0 is not set
+# end of Inertial measurement units
+
+#
+# Light sensors
+#
+# CONFIG_ACPI_ALS is not set
+# CONFIG_ADJD_S311 is not set
+# CONFIG_ADUX1020 is not set
+# CONFIG_AL3010 is not set
+# CONFIG_AL3320A is not set
+# CONFIG_APDS9300 is not set
+# CONFIG_APDS9960 is not set
+# CONFIG_AS73211 is not set
+# CONFIG_BH1750 is not set
+# CONFIG_BH1780 is not set
+# CONFIG_CM32181 is not set
+# CONFIG_CM3232 is not set
+# CONFIG_CM3323 is not set
+# CONFIG_CM3605 is not set
+# CONFIG_CM36651 is not set
+# CONFIG_GP2AP002 is not set
+# CONFIG_GP2AP020A00F is not set
+# CONFIG_SENSORS_ISL29018 is not set
+# CONFIG_SENSORS_ISL29028 is not set
+# CONFIG_ISL29125 is not set
+CONFIG_HID_SENSOR_ALS=m
+CONFIG_HID_SENSOR_PROX=m
+# CONFIG_JSA1212 is not set
+# CONFIG_RPR0521 is not set
+# CONFIG_LTR501 is not set
+# CONFIG_LTRF216A is not set
+# CONFIG_LV0104CS is not set
+# CONFIG_MAX44000 is not set
+# CONFIG_MAX44009 is not set
+# CONFIG_NOA1305 is not set
+# CONFIG_OPT3001 is not set
+# CONFIG_PA12203001 is not set
+# CONFIG_SI1133 is not set
+# CONFIG_SI1145 is not set
+# CONFIG_STK3310 is not set
+# CONFIG_ST_UVIS25 is not set
+# CONFIG_TCS3414 is not set
+# CONFIG_TCS3472 is not set
+# CONFIG_SENSORS_TSL2563 is not set
+# CONFIG_TSL2583 is not set
+# CONFIG_TSL2591 is not set
+# CONFIG_TSL2772 is not set
+# CONFIG_TSL4531 is not set
+# CONFIG_US5182D is not set
+# CONFIG_VCNL4000 is not set
+# CONFIG_VCNL4035 is not set
+# CONFIG_VEML6030 is not set
+# CONFIG_VEML6070 is not set
+# CONFIG_VL6180 is not set
+# CONFIG_ZOPT2201 is not set
+# end of Light sensors
+
+#
+# Magnetometer sensors
+#
+# CONFIG_AK8974 is not set
+# CONFIG_AK8975 is not set
+# CONFIG_AK09911 is not set
+# CONFIG_BMC150_MAGN_I2C is not set
+# CONFIG_BMC150_MAGN_SPI is not set
+# CONFIG_MAG3110 is not set
+CONFIG_HID_SENSOR_MAGNETOMETER_3D=m
+# CONFIG_MMC35240 is not set
+# CONFIG_IIO_ST_MAGN_3AXIS is not set
+# CONFIG_SENSORS_HMC5843_I2C is not set
+# CONFIG_SENSORS_HMC5843_SPI is not set
+# CONFIG_SENSORS_RM3100_I2C is not set
+# CONFIG_SENSORS_RM3100_SPI is not set
+# CONFIG_YAMAHA_YAS530 is not set
+# end of Magnetometer sensors
+
+#
+# Multiplexers
+#
+# CONFIG_IIO_MUX is not set
+# end of Multiplexers
+
+#
+# Inclinometer sensors
+#
+CONFIG_HID_SENSOR_INCLINOMETER_3D=m
+CONFIG_HID_SENSOR_DEVICE_ROTATION=m
+# end of Inclinometer sensors
+
+#
+# Triggers - standalone
+#
+# CONFIG_IIO_INTERRUPT_TRIGGER is not set
+# CONFIG_IIO_SYSFS_TRIGGER is not set
+# end of Triggers - standalone
+
+#
+# Linear and angular position sensors
+#
+# CONFIG_HID_SENSOR_CUSTOM_INTEL_HINGE is not set
+# end of Linear and angular position sensors
+
+#
+# Digital potentiometers
+#
+# CONFIG_AD5110 is not set
+# CONFIG_AD5272 is not set
+# CONFIG_DS1803 is not set
+# CONFIG_MAX5432 is not set
+# CONFIG_MAX5481 is not set
+# CONFIG_MAX5487 is not set
+# CONFIG_MCP4018 is not set
+# CONFIG_MCP4131 is not set
+# CONFIG_MCP4531 is not set
+# CONFIG_MCP41010 is not set
+# CONFIG_TPL0102 is not set
+# end of Digital potentiometers
+
+#
+# Digital potentiostats
+#
+# CONFIG_LMP91000 is not set
+# end of Digital potentiostats
+
+#
+# Pressure sensors
+#
+# CONFIG_ABP060MG is not set
+# CONFIG_BMP280 is not set
+# CONFIG_DLHL60D is not set
+# CONFIG_DPS310 is not set
+CONFIG_HID_SENSOR_PRESS=m
+# CONFIG_HP03 is not set
+# CONFIG_ICP10100 is not set
+# CONFIG_MPL115_I2C is not set
+# CONFIG_MPL115_SPI is not set
+# CONFIG_MPL3115 is not set
+# CONFIG_MS5611 is not set
+# CONFIG_MS5637 is not set
+# CONFIG_IIO_ST_PRESS is not set
+# CONFIG_T5403 is not set
+# CONFIG_HP206C is not set
+# CONFIG_ZPA2326 is not set
+# end of Pressure sensors
+
+#
+# Lightning sensors
+#
+# CONFIG_AS3935 is not set
+# end of Lightning sensors
+
+#
+# Proximity and distance sensors
+#
+# CONFIG_ISL29501 is not set
+# CONFIG_LIDAR_LITE_V2 is not set
+# CONFIG_MB1232 is not set
+# CONFIG_PING is not set
+# CONFIG_RFD77402 is not set
+# CONFIG_SRF04 is not set
+# CONFIG_SX9310 is not set
+# CONFIG_SX9324 is not set
+# CONFIG_SX9360 is not set
+# CONFIG_SX9500 is not set
+# CONFIG_SRF08 is not set
+# CONFIG_VCNL3020 is not set
+# CONFIG_VL53L0X_I2C is not set
+# end of Proximity and distance sensors
+
+#
+# Resolver to digital converters
+#
+# CONFIG_AD2S90 is not set
+# CONFIG_AD2S1200 is not set
+# end of Resolver to digital converters
+
+#
+# Temperature sensors
+#
+# CONFIG_LTC2983 is not set
+# CONFIG_MAXIM_THERMOCOUPLE is not set
+CONFIG_HID_SENSOR_TEMP=m
+# CONFIG_MLX90614 is not set
+# CONFIG_MLX90632 is not set
+# CONFIG_TMP006 is not set
+# CONFIG_TMP007 is not set
+# CONFIG_TMP117 is not set
+# CONFIG_TSYS01 is not set
+# CONFIG_TSYS02D is not set
+# CONFIG_MAX31856 is not set
+# CONFIG_MAX31865 is not set
+# end of Temperature sensors
+
+CONFIG_NTB=m
+# CONFIG_NTB_MSI is not set
+# CONFIG_NTB_AMD is not set
+# CONFIG_NTB_IDT is not set
+CONFIG_NTB_INTEL=m
+# CONFIG_NTB_EPF is not set
+# CONFIG_NTB_SWITCHTEC is not set
+CONFIG_NTB_PINGPONG=m
+CONFIG_NTB_TOOL=m
+CONFIG_NTB_PERF=m
+CONFIG_NTB_TRANSPORT=m
+CONFIG_PWM=y
+CONFIG_PWM_SYSFS=y
+# CONFIG_PWM_DEBUG is not set
+# CONFIG_PWM_CLK is not set
+# CONFIG_PWM_DWC is not set
+CONFIG_PWM_LPSS=m
+CONFIG_PWM_LPSS_PCI=m
+CONFIG_PWM_LPSS_PLATFORM=m
+# CONFIG_PWM_PCA9685 is not set
+
+#
+# IRQ chip support
+#
+# end of IRQ chip support
+
+# CONFIG_IPACK_BUS is not set
+# CONFIG_RESET_CONTROLLER is not set
+
+#
+# PHY Subsystem
+#
+# CONFIG_GENERIC_PHY is not set
+# CONFIG_USB_LGM_PHY is not set
+# CONFIG_PHY_CAN_TRANSCEIVER is not set
+
+#
+# PHY drivers for Broadcom platforms
+#
+# CONFIG_BCM_KONA_USB2_PHY is not set
+# end of PHY drivers for Broadcom platforms
+
+# CONFIG_PHY_PXA_28NM_HSIC is not set
+# CONFIG_PHY_PXA_28NM_USB2 is not set
+# CONFIG_PHY_CPCAP_USB is not set
+# CONFIG_PHY_INTEL_LGM_EMMC is not set
+# end of PHY Subsystem
+
+CONFIG_POWERCAP=y
+CONFIG_INTEL_RAPL_CORE=m
+CONFIG_INTEL_RAPL=m
+# CONFIG_IDLE_INJECT is not set
+# CONFIG_MCB is not set
+
+#
+# Performance monitor support
+#
+# end of Performance monitor support
+
+CONFIG_RAS=y
+# CONFIG_RAS_CEC is not set
+CONFIG_USB4=m
+# CONFIG_USB4_DEBUGFS_WRITE is not set
+# CONFIG_USB4_DMA_TEST is not set
+
+#
+# Android
+#
+# CONFIG_ANDROID_BINDER_IPC is not set
+# end of Android
+
+CONFIG_LIBNVDIMM=m
+CONFIG_BLK_DEV_PMEM=m
+CONFIG_ND_CLAIM=y
+CONFIG_ND_BTT=m
+CONFIG_BTT=y
+CONFIG_ND_PFN=m
+CONFIG_NVDIMM_PFN=y
+CONFIG_NVDIMM_DAX=y
+CONFIG_NVDIMM_KEYS=y
+CONFIG_DAX=y
+CONFIG_DEV_DAX=m
+CONFIG_DEV_DAX_PMEM=m
+CONFIG_DEV_DAX_HMEM=m
+CONFIG_DEV_DAX_HMEM_DEVICES=y
+CONFIG_DEV_DAX_KMEM=m
+CONFIG_NVMEM=y
+CONFIG_NVMEM_SYSFS=y
+# CONFIG_NVMEM_RMEM is not set
+
+#
+# HW tracing support
+#
+# CONFIG_STM is not set
+CONFIG_INTEL_TH=m
+CONFIG_INTEL_TH_PCI=m
+CONFIG_INTEL_TH_ACPI=m
+CONFIG_INTEL_TH_GTH=m
+CONFIG_INTEL_TH_MSU=m
+CONFIG_INTEL_TH_PTI=m
+# CONFIG_INTEL_TH_DEBUG is not set
+# end of HW tracing support
+
+# CONFIG_FPGA is not set
+# CONFIG_TEE is not set
+# CONFIG_SIOX is not set
+# CONFIG_SLIMBUS is not set
+# CONFIG_INTERCONNECT is not set
+# CONFIG_COUNTER is not set
+# CONFIG_MOST is not set
+# CONFIG_PECI is not set
+# CONFIG_HTE is not set
+# end of Device Drivers
+
+#
+# File systems
+#
+CONFIG_DCACHE_WORD_ACCESS=y
+# CONFIG_VALIDATE_FS_PARSER is not set
+CONFIG_FS_IOMAP=y
+# CONFIG_EXT2_FS is not set
+CONFIG_EXT3_FS=m
+# CONFIG_EXT3_FS_POSIX_ACL is not set
+# CONFIG_EXT3_FS_SECURITY is not set
+CONFIG_EXT4_FS=m
+CONFIG_EXT4_USE_FOR_EXT2=y
+CONFIG_EXT4_FS_POSIX_ACL=y
+CONFIG_EXT4_FS_SECURITY=y
+# CONFIG_EXT4_DEBUG is not set
+CONFIG_JBD2=m
+# CONFIG_JBD2_DEBUG is not set
+CONFIG_FS_MBCACHE=m
+# CONFIG_REISERFS_FS is not set
+# CONFIG_JFS_FS is not set
+CONFIG_XFS_FS=m
+CONFIG_XFS_SUPPORT_V4=y
+CONFIG_XFS_QUOTA=y
+CONFIG_XFS_POSIX_ACL=y
+# CONFIG_XFS_RT is not set
+# CONFIG_XFS_ONLINE_SCRUB is not set
+# CONFIG_XFS_WARN is not set
+# CONFIG_XFS_DEBUG is not set
+CONFIG_GFS2_FS=m
+CONFIG_GFS2_FS_LOCKING_DLM=y
+# CONFIG_OCFS2_FS is not set
+CONFIG_BTRFS_FS=m
+CONFIG_BTRFS_FS_POSIX_ACL=y
+# CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set
+# CONFIG_BTRFS_FS_RUN_SANITY_TESTS is not set
+# CONFIG_BTRFS_DEBUG is not set
+# CONFIG_BTRFS_ASSERT is not set
+# CONFIG_BTRFS_FS_REF_VERIFY is not set
+# CONFIG_NILFS2_FS is not set
+# CONFIG_F2FS_FS is not set
+# CONFIG_ZONEFS_FS is not set
+CONFIG_FS_DAX=y
+CONFIG_FS_DAX_PMD=y
+CONFIG_FS_POSIX_ACL=y
+CONFIG_EXPORTFS=y
+CONFIG_EXPORTFS_BLOCK_OPS=y
+CONFIG_FILE_LOCKING=y
+# CONFIG_FS_ENCRYPTION is not set
+# CONFIG_FS_VERITY is not set
+CONFIG_FSNOTIFY=y
+CONFIG_DNOTIFY=y
+CONFIG_INOTIFY_USER=y
+CONFIG_FANOTIFY=y
+CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y
+CONFIG_QUOTA=y
+CONFIG_QUOTA_NETLINK_INTERFACE=y
+CONFIG_PRINT_QUOTA_WARNING=y
+# CONFIG_QUOTA_DEBUG is not set
+CONFIG_QUOTA_TREE=y
+# CONFIG_QFMT_V1 is not set
+CONFIG_QFMT_V2=y
+CONFIG_QUOTACTL=y
+CONFIG_AUTOFS4_FS=y
+CONFIG_AUTOFS_FS=y
+CONFIG_FUSE_FS=m
+CONFIG_CUSE=m
+CONFIG_VIRTIO_FS=m
+CONFIG_FUSE_DAX=y
+CONFIG_OVERLAY_FS=m
+# CONFIG_OVERLAY_FS_REDIRECT_DIR is not set
+# CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW is not set
+# CONFIG_OVERLAY_FS_INDEX is not set
+# CONFIG_OVERLAY_FS_XINO_AUTO is not set
+# CONFIG_OVERLAY_FS_METACOPY is not set
+
+#
+# Caches
+#
+CONFIG_NETFS_SUPPORT=m
+CONFIG_NETFS_STATS=y
+CONFIG_FSCACHE=m
+CONFIG_FSCACHE_STATS=y
+# CONFIG_FSCACHE_DEBUG is not set
+CONFIG_CACHEFILES=m
+# CONFIG_CACHEFILES_DEBUG is not set
+# CONFIG_CACHEFILES_ERROR_INJECTION is not set
+# CONFIG_CACHEFILES_ONDEMAND is not set
+# end of Caches
+
+#
+# CD-ROM/DVD Filesystems
+#
+CONFIG_ISO9660_FS=m
+CONFIG_JOLIET=y
+CONFIG_ZISOFS=y
+CONFIG_UDF_FS=m
+# end of CD-ROM/DVD Filesystems
+
+#
+# DOS/FAT/EXFAT/NT Filesystems
+#
+CONFIG_FAT_FS=m
+CONFIG_MSDOS_FS=m
+CONFIG_VFAT_FS=m
+CONFIG_FAT_DEFAULT_CODEPAGE=437
+CONFIG_FAT_DEFAULT_IOCHARSET="ascii"
+# CONFIG_FAT_DEFAULT_UTF8 is not set
+CONFIG_EXFAT_FS=m
+CONFIG_EXFAT_DEFAULT_IOCHARSET="utf8"
+CONFIG_NTFS_FS=m
+# CONFIG_NTFS_DEBUG is not set
+# CONFIG_NTFS_RW is not set
+CONFIG_NTFS3_FS=m
+# CONFIG_NTFS3_64BIT_CLUSTER is not set
+CONFIG_NTFS3_LZX_XPRESS=y
+CONFIG_NTFS3_FS_POSIX_ACL=y
+# end of DOS/FAT/EXFAT/NT Filesystems
+
+#
+# Pseudo filesystems
+#
+CONFIG_PROC_FS=y
+CONFIG_PROC_KCORE=y
+CONFIG_PROC_VMCORE=y
+CONFIG_PROC_VMCORE_DEVICE_DUMP=y
+CONFIG_PROC_SYSCTL=y
+CONFIG_PROC_PAGE_MONITOR=y
+CONFIG_PROC_CHILDREN=y
+CONFIG_PROC_PID_ARCH_STATUS=y
+CONFIG_PROC_CPU_RESCTRL=y
+CONFIG_KERNFS=y
+CONFIG_SYSFS=y
+CONFIG_TMPFS=y
+CONFIG_TMPFS_POSIX_ACL=y
+CONFIG_TMPFS_XATTR=y
+# CONFIG_TMPFS_INODE64 is not set
+CONFIG_HUGETLBFS=y
+CONFIG_HUGETLB_PAGE=y
+CONFIG_ARCH_WANT_HUGETLB_PAGE_OPTIMIZE_VMEMMAP=y
+CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP=y
+# CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP_DEFAULT_ON is not set
+CONFIG_MEMFD_CREATE=y
+CONFIG_ARCH_HAS_GIGANTIC_PAGE=y
+CONFIG_CONFIGFS_FS=y
+CONFIG_EFIVAR_FS=y
+# end of Pseudo filesystems
+
+CONFIG_MISC_FILESYSTEMS=y
+# CONFIG_ORANGEFS_FS is not set
+# CONFIG_ADFS_FS is not set
+# CONFIG_AFFS_FS is not set
+# CONFIG_ECRYPT_FS is not set
+# CONFIG_HFS_FS is not set
+# CONFIG_HFSPLUS_FS is not set
+# CONFIG_BEFS_FS is not set
+# CONFIG_BFS_FS is not set
+# CONFIG_EFS_FS is not set
+# CONFIG_JFFS2_FS is not set
+# CONFIG_UBIFS_FS is not set
+CONFIG_CRAMFS=m
+CONFIG_CRAMFS_BLOCKDEV=y
+# CONFIG_CRAMFS_MTD is not set
+CONFIG_SQUASHFS=m
+# CONFIG_SQUASHFS_FILE_CACHE is not set
+CONFIG_SQUASHFS_FILE_DIRECT=y
+# CONFIG_SQUASHFS_DECOMP_SINGLE is not set
+# CONFIG_SQUASHFS_DECOMP_MULTI is not set
+CONFIG_SQUASHFS_DECOMP_MULTI_PERCPU=y
+CONFIG_SQUASHFS_XATTR=y
+CONFIG_SQUASHFS_ZLIB=y
+# CONFIG_SQUASHFS_LZ4 is not set
+CONFIG_SQUASHFS_LZO=y
+CONFIG_SQUASHFS_XZ=y
+# CONFIG_SQUASHFS_ZSTD is not set
+# CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set
+# CONFIG_SQUASHFS_EMBEDDED is not set
+CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3
+# CONFIG_VXFS_FS is not set
+# CONFIG_MINIX_FS is not set
+# CONFIG_OMFS_FS is not set
+# CONFIG_HPFS_FS is not set
+# CONFIG_QNX4FS_FS is not set
+# CONFIG_QNX6FS_FS is not set
+# CONFIG_ROMFS_FS is not set
+CONFIG_PSTORE=y
+CONFIG_PSTORE_DEFAULT_KMSG_BYTES=10240
+CONFIG_PSTORE_DEFLATE_COMPRESS=y
+# CONFIG_PSTORE_LZO_COMPRESS is not set
+# CONFIG_PSTORE_LZ4_COMPRESS is not set
+# CONFIG_PSTORE_LZ4HC_COMPRESS is not set
+# CONFIG_PSTORE_842_COMPRESS is not set
+# CONFIG_PSTORE_ZSTD_COMPRESS is not set
+CONFIG_PSTORE_COMPRESS=y
+CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=y
+CONFIG_PSTORE_COMPRESS_DEFAULT="deflate"
+# CONFIG_PSTORE_CONSOLE is not set
+# CONFIG_PSTORE_PMSG is not set
+# CONFIG_PSTORE_FTRACE is not set
+CONFIG_PSTORE_RAM=m
+# CONFIG_PSTORE_BLK is not set
+# CONFIG_SYSV_FS is not set
+# CONFIG_UFS_FS is not set
+# CONFIG_EROFS_FS is not set
+CONFIG_NETWORK_FILESYSTEMS=y
+CONFIG_NFS_FS=m
+# CONFIG_NFS_V2 is not set
+CONFIG_NFS_V3=m
+CONFIG_NFS_V3_ACL=y
+CONFIG_NFS_V4=m
+# CONFIG_NFS_SWAP is not set
+CONFIG_NFS_V4_1=y
+CONFIG_NFS_V4_2=y
+CONFIG_PNFS_FILE_LAYOUT=m
+CONFIG_PNFS_BLOCK=m
+CONFIG_PNFS_FLEXFILE_LAYOUT=m
+CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org"
+# CONFIG_NFS_V4_1_MIGRATION is not set
+CONFIG_NFS_V4_SECURITY_LABEL=y
+CONFIG_NFS_FSCACHE=y
+# CONFIG_NFS_USE_LEGACY_DNS is not set
+CONFIG_NFS_USE_KERNEL_DNS=y
+CONFIG_NFS_DEBUG=y
+# CONFIG_NFS_DISABLE_UDP_SUPPORT is not set
+# CONFIG_NFS_V4_2_READ_PLUS is not set
+CONFIG_NFSD=m
+CONFIG_NFSD_V2_ACL=y
+CONFIG_NFSD_V3_ACL=y
+CONFIG_NFSD_V4=y
+CONFIG_NFSD_PNFS=y
+CONFIG_NFSD_BLOCKLAYOUT=y
+CONFIG_NFSD_SCSILAYOUT=y
+CONFIG_NFSD_FLEXFILELAYOUT=y
+CONFIG_NFSD_V4_2_INTER_SSC=y
+CONFIG_NFSD_V4_SECURITY_LABEL=y
+CONFIG_GRACE_PERIOD=m
+CONFIG_LOCKD=m
+CONFIG_LOCKD_V4=y
+CONFIG_NFS_ACL_SUPPORT=m
+CONFIG_NFS_COMMON=y
+CONFIG_NFS_V4_2_SSC_HELPER=y
+CONFIG_SUNRPC=m
+CONFIG_SUNRPC_GSS=m
+CONFIG_SUNRPC_BACKCHANNEL=y
+CONFIG_RPCSEC_GSS_KRB5=m
+# CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES is not set
+CONFIG_SUNRPC_DEBUG=y
+CONFIG_SUNRPC_XPRT_RDMA=m
+CONFIG_CEPH_FS=m
+# CONFIG_CEPH_FSCACHE is not set
+CONFIG_CEPH_FS_POSIX_ACL=y
+# CONFIG_CEPH_FS_SECURITY_LABEL is not set
+CONFIG_CIFS=m
+# CONFIG_CIFS_STATS2 is not set
+CONFIG_CIFS_ALLOW_INSECURE_LEGACY=y
+CONFIG_CIFS_UPCALL=y
+CONFIG_CIFS_XATTR=y
+CONFIG_CIFS_POSIX=y
+CONFIG_CIFS_DEBUG=y
+# CONFIG_CIFS_DEBUG2 is not set
+# CONFIG_CIFS_DEBUG_DUMP_KEYS is not set
+CONFIG_CIFS_DFS_UPCALL=y
+# CONFIG_CIFS_SWN_UPCALL is not set
+# CONFIG_CIFS_SMB_DIRECT is not set
+# CONFIG_CIFS_FSCACHE is not set
+# CONFIG_SMB_SERVER is not set
+CONFIG_SMBFS_COMMON=m
+# CONFIG_CODA_FS is not set
+# CONFIG_AFS_FS is not set
+CONFIG_NLS=y
+CONFIG_NLS_DEFAULT="utf8"
+CONFIG_NLS_CODEPAGE_437=y
+CONFIG_NLS_CODEPAGE_737=m
+CONFIG_NLS_CODEPAGE_775=m
+CONFIG_NLS_CODEPAGE_850=m
+CONFIG_NLS_CODEPAGE_852=m
+CONFIG_NLS_CODEPAGE_855=m
+CONFIG_NLS_CODEPAGE_857=m
+CONFIG_NLS_CODEPAGE_860=m
+CONFIG_NLS_CODEPAGE_861=m
+CONFIG_NLS_CODEPAGE_862=m
+CONFIG_NLS_CODEPAGE_863=m
+CONFIG_NLS_CODEPAGE_864=m
+CONFIG_NLS_CODEPAGE_865=m
+CONFIG_NLS_CODEPAGE_866=m
+CONFIG_NLS_CODEPAGE_869=m
+CONFIG_NLS_CODEPAGE_936=m
+CONFIG_NLS_CODEPAGE_950=m
+CONFIG_NLS_CODEPAGE_932=m
+CONFIG_NLS_CODEPAGE_949=m
+CONFIG_NLS_CODEPAGE_874=m
+CONFIG_NLS_ISO8859_8=m
+CONFIG_NLS_CODEPAGE_1250=m
+CONFIG_NLS_CODEPAGE_1251=m
+CONFIG_NLS_ASCII=y
+CONFIG_NLS_ISO8859_1=m
+CONFIG_NLS_ISO8859_2=m
+CONFIG_NLS_ISO8859_3=m
+CONFIG_NLS_ISO8859_4=m
+CONFIG_NLS_ISO8859_5=m
+CONFIG_NLS_ISO8859_6=m
+CONFIG_NLS_ISO8859_7=m
+CONFIG_NLS_ISO8859_9=m
+CONFIG_NLS_ISO8859_13=m
+CONFIG_NLS_ISO8859_14=m
+CONFIG_NLS_ISO8859_15=m
+CONFIG_NLS_KOI8_R=m
+CONFIG_NLS_KOI8_U=m
+CONFIG_NLS_MAC_ROMAN=m
+CONFIG_NLS_MAC_CELTIC=m
+CONFIG_NLS_MAC_CENTEURO=m
+CONFIG_NLS_MAC_CROATIAN=m
+CONFIG_NLS_MAC_CYRILLIC=m
+CONFIG_NLS_MAC_GAELIC=m
+CONFIG_NLS_MAC_GREEK=m
+CONFIG_NLS_MAC_ICELAND=m
+CONFIG_NLS_MAC_INUIT=m
+CONFIG_NLS_MAC_ROMANIAN=m
+CONFIG_NLS_MAC_TURKISH=m
+CONFIG_NLS_UTF8=m
+CONFIG_DLM=m
+# CONFIG_DLM_DEPRECATED_API is not set
+CONFIG_DLM_DEBUG=y
+# CONFIG_UNICODE is not set
+CONFIG_IO_WQ=y
+# end of File systems
+
+#
+# Security options
+#
+CONFIG_KEYS=y
+# CONFIG_KEYS_REQUEST_CACHE is not set
+CONFIG_PERSISTENT_KEYRINGS=y
+CONFIG_TRUSTED_KEYS=y
+CONFIG_TRUSTED_KEYS_TPM=y
+CONFIG_ENCRYPTED_KEYS=y
+# CONFIG_USER_DECRYPTED_DATA is not set
+# CONFIG_KEY_DH_OPERATIONS is not set
+# CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_SECURITY=y
+CONFIG_SECURITY_WRITABLE_HOOKS=y
+CONFIG_SECURITYFS=y
+CONFIG_SECURITY_NETWORK=y
+CONFIG_SECURITY_INFINIBAND=y
+CONFIG_SECURITY_NETWORK_XFRM=y
+CONFIG_SECURITY_PATH=y
+CONFIG_INTEL_TXT=y
+CONFIG_LSM_MMAP_MIN_ADDR=65535
+CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
+CONFIG_HARDENED_USERCOPY=y
+CONFIG_FORTIFY_SOURCE=y
+# CONFIG_STATIC_USERMODEHELPER is not set
+CONFIG_SECURITY_SELINUX=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM=y
+CONFIG_SECURITY_SELINUX_DISABLE=y
+CONFIG_SECURITY_SELINUX_DEVELOP=y
+CONFIG_SECURITY_SELINUX_AVC_STATS=y
+CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
+CONFIG_SECURITY_SELINUX_SIDTAB_HASH_BITS=9
+CONFIG_SECURITY_SELINUX_SID2STR_CACHE_SIZE=256
+# CONFIG_SECURITY_SMACK is not set
+# CONFIG_SECURITY_TOMOYO is not set
+CONFIG_SECURITY_APPARMOR=y
+# CONFIG_SECURITY_APPARMOR_DEBUG is not set
+CONFIG_SECURITY_APPARMOR_INTROSPECT_POLICY=y
+CONFIG_SECURITY_APPARMOR_HASH=y
+CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
+CONFIG_SECURITY_APPARMOR_EXPORT_BINARY=y
+CONFIG_SECURITY_APPARMOR_PARANOID_LOAD=y
+# CONFIG_SECURITY_LOADPIN is not set
+CONFIG_SECURITY_YAMA=y
+# CONFIG_SECURITY_SAFESETID is not set
+CONFIG_SECURITY_LOCKDOWN_LSM=y
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_SECURITY_LANDLOCK is not set
+CONFIG_INTEGRITY=y
+CONFIG_INTEGRITY_SIGNATURE=y
+CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y
+CONFIG_INTEGRITY_TRUSTED_KEYRING=y
+CONFIG_INTEGRITY_PLATFORM_KEYRING=y
+# CONFIG_INTEGRITY_MACHINE_KEYRING is not set
+CONFIG_LOAD_UEFI_KEYS=y
+CONFIG_INTEGRITY_AUDIT=y
+CONFIG_IMA=y
+# CONFIG_IMA_KEXEC is not set
+CONFIG_IMA_MEASURE_PCR_IDX=10
+CONFIG_IMA_LSM_RULES=y
+CONFIG_IMA_NG_TEMPLATE=y
+# CONFIG_IMA_SIG_TEMPLATE is not set
+CONFIG_IMA_DEFAULT_TEMPLATE="ima-ng"
+# CONFIG_IMA_DEFAULT_HASH_SHA1 is not set
+CONFIG_IMA_DEFAULT_HASH_SHA256=y
+# CONFIG_IMA_DEFAULT_HASH_SHA512 is not set
+# CONFIG_IMA_DEFAULT_HASH_SM3 is not set
+CONFIG_IMA_DEFAULT_HASH="sha256"
+# CONFIG_IMA_WRITE_POLICY is not set
+CONFIG_IMA_READ_POLICY=y
+CONFIG_IMA_APPRAISE=y
+# CONFIG_IMA_ARCH_POLICY is not set
+# CONFIG_IMA_APPRAISE_BUILD_POLICY is not set
+CONFIG_IMA_APPRAISE_BOOTPARAM=y
+# CONFIG_IMA_APPRAISE_MODSIG is not set
+CONFIG_IMA_TRUSTED_KEYRING=y
+# CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY is not set
+# CONFIG_IMA_BLACKLIST_KEYRING is not set
+CONFIG_IMA_LOAD_X509=y
+CONFIG_IMA_X509_PATH="/etc/keys/x509_ima.der"
+# CONFIG_IMA_APPRAISE_SIGNED_INIT is not set
+CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y
+CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS=y
+# CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set
+# CONFIG_IMA_DISABLE_HTABLE is not set
+CONFIG_EVM=y
+CONFIG_EVM_ATTR_FSUUID=y
+# CONFIG_EVM_ADD_XATTRS is not set
+CONFIG_EVM_LOAD_X509=y
+CONFIG_EVM_X509_PATH="/etc/keys/x509_evm.der"
+CONFIG_DEFAULT_SECURITY_SELINUX=y
+# CONFIG_DEFAULT_SECURITY_APPARMOR is not set
+# CONFIG_DEFAULT_SECURITY_DAC is not set
+CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor,bpf"
+
+#
+# Kernel hardening options
+#
+
+#
+# Memory initialization
+#
+CONFIG_INIT_STACK_NONE=y
+# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
+# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
+# end of Memory initialization
+
+CONFIG_RANDSTRUCT_NONE=y
+# end of Kernel hardening options
+# end of Security options
+
+CONFIG_XOR_BLOCKS=m
+CONFIG_ASYNC_CORE=m
+CONFIG_ASYNC_MEMCPY=m
+CONFIG_ASYNC_XOR=m
+CONFIG_ASYNC_PQ=m
+CONFIG_ASYNC_RAID6_RECOV=m
+CONFIG_CRYPTO=y
+
+#
+# Crypto core or helper
+#
+CONFIG_CRYPTO_FIPS=y
+CONFIG_CRYPTO_FIPS_NAME="Linux Kernel Cryptographic API"
+# CONFIG_CRYPTO_FIPS_CUSTOM_VERSION is not set
+CONFIG_CRYPTO_ALGAPI=y
+CONFIG_CRYPTO_ALGAPI2=y
+CONFIG_CRYPTO_AEAD=y
+CONFIG_CRYPTO_AEAD2=y
+CONFIG_CRYPTO_SKCIPHER=y
+CONFIG_CRYPTO_SKCIPHER2=y
+CONFIG_CRYPTO_HASH=y
+CONFIG_CRYPTO_HASH2=y
+CONFIG_CRYPTO_RNG=y
+CONFIG_CRYPTO_RNG2=y
+CONFIG_CRYPTO_RNG_DEFAULT=y
+CONFIG_CRYPTO_AKCIPHER2=y
+CONFIG_CRYPTO_AKCIPHER=y
+CONFIG_CRYPTO_KPP2=y
+CONFIG_CRYPTO_KPP=m
+CONFIG_CRYPTO_ACOMP2=y
+CONFIG_CRYPTO_MANAGER=y
+CONFIG_CRYPTO_MANAGER2=y
+CONFIG_CRYPTO_USER=m
+# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
+# CONFIG_CRYPTO_MANAGER_EXTRA_TESTS is not set
+CONFIG_CRYPTO_GF128MUL=y
+CONFIG_CRYPTO_NULL=y
+CONFIG_CRYPTO_NULL2=y
+CONFIG_CRYPTO_PCRYPT=m
+CONFIG_CRYPTO_CRYPTD=y
+CONFIG_CRYPTO_AUTHENC=m
+CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_SIMD=y
+# end of Crypto core or helper
+
+#
+# Public-key cryptography
+#
+CONFIG_CRYPTO_RSA=y
+CONFIG_CRYPTO_DH=m
+# CONFIG_CRYPTO_DH_RFC7919_GROUPS is not set
+CONFIG_CRYPTO_ECC=m
+CONFIG_CRYPTO_ECDH=m
+# CONFIG_CRYPTO_ECDSA is not set
+# CONFIG_CRYPTO_ECRDSA is not set
+CONFIG_CRYPTO_SM2=y
+# CONFIG_CRYPTO_CURVE25519 is not set
+# end of Public-key cryptography
+
+#
+# Block ciphers
+#
+CONFIG_CRYPTO_AES=y
+# CONFIG_CRYPTO_AES_TI is not set
+CONFIG_CRYPTO_ANUBIS=m
+# CONFIG_CRYPTO_ARIA is not set
+CONFIG_CRYPTO_BLOWFISH=m
+CONFIG_CRYPTO_BLOWFISH_COMMON=m
+CONFIG_CRYPTO_CAMELLIA=m
+CONFIG_CRYPTO_CAST_COMMON=m
+CONFIG_CRYPTO_CAST5=m
+CONFIG_CRYPTO_CAST6=m
+CONFIG_CRYPTO_DES=m
+CONFIG_CRYPTO_FCRYPT=m
+CONFIG_CRYPTO_KHAZAD=m
+CONFIG_CRYPTO_SEED=m
+CONFIG_CRYPTO_SERPENT=m
+CONFIG_CRYPTO_SM4=m
+CONFIG_CRYPTO_SM4_GENERIC=m
+CONFIG_CRYPTO_TEA=m
+CONFIG_CRYPTO_TWOFISH=m
+CONFIG_CRYPTO_TWOFISH_COMMON=m
+# end of Block ciphers
+
+#
+# Length-preserving ciphers and modes
+#
+# CONFIG_CRYPTO_ADIANTUM is not set
+CONFIG_CRYPTO_ARC4=m
+CONFIG_CRYPTO_CHACHA20=m
+CONFIG_CRYPTO_CBC=y
+CONFIG_CRYPTO_CFB=y
+CONFIG_CRYPTO_CTR=y
+CONFIG_CRYPTO_CTS=m
+CONFIG_CRYPTO_ECB=y
+# CONFIG_CRYPTO_HCTR2 is not set
+# CONFIG_CRYPTO_KEYWRAP is not set
+CONFIG_CRYPTO_LRW=m
+# CONFIG_CRYPTO_OFB is not set
+CONFIG_CRYPTO_PCBC=m
+CONFIG_CRYPTO_XTS=m
+# end of Length-preserving ciphers and modes
+
+#
+# AEAD (authenticated encryption with associated data) ciphers
+#
+# CONFIG_CRYPTO_AEGIS128 is not set
+CONFIG_CRYPTO_CHACHA20POLY1305=m
+CONFIG_CRYPTO_CCM=m
+CONFIG_CRYPTO_GCM=y
+CONFIG_CRYPTO_SEQIV=y
+CONFIG_CRYPTO_ECHAINIV=m
+CONFIG_CRYPTO_ESSIV=m
+# end of AEAD (authenticated encryption with associated data) ciphers
+
+#
+# Hashes, digests, and MACs
+#
+CONFIG_CRYPTO_BLAKE2B=y
+CONFIG_CRYPTO_CMAC=m
+CONFIG_CRYPTO_GHASH=y
+CONFIG_CRYPTO_HMAC=y
+CONFIG_CRYPTO_MD4=m
+CONFIG_CRYPTO_MD5=y
+CONFIG_CRYPTO_MICHAEL_MIC=m
+CONFIG_CRYPTO_POLY1305=m
+CONFIG_CRYPTO_RMD160=m
+CONFIG_CRYPTO_SHA1=y
+CONFIG_CRYPTO_SHA256=y
+CONFIG_CRYPTO_SHA512=y
+CONFIG_CRYPTO_SHA3=m
+CONFIG_CRYPTO_SM3=y
+CONFIG_CRYPTO_SM3_GENERIC=y
+# CONFIG_CRYPTO_STREEBOG is not set
+CONFIG_CRYPTO_VMAC=m
+CONFIG_CRYPTO_WP512=m
+CONFIG_CRYPTO_XCBC=m
+CONFIG_CRYPTO_XXHASH=y
+# end of Hashes, digests, and MACs
+
+#
+# CRCs (cyclic redundancy checks)
+#
+CONFIG_CRYPTO_CRC32C=y
+CONFIG_CRYPTO_CRC32=m
+CONFIG_CRYPTO_CRCT10DIF=y
+CONFIG_CRYPTO_CRC64_ROCKSOFT=m
+# end of CRCs (cyclic redundancy checks)
+
+#
+# Compression
+#
+CONFIG_CRYPTO_DEFLATE=y
+CONFIG_CRYPTO_LZO=y
+# CONFIG_CRYPTO_842 is not set
+# CONFIG_CRYPTO_LZ4 is not set
+# CONFIG_CRYPTO_LZ4HC is not set
+CONFIG_CRYPTO_ZSTD=y
+# end of Compression
+
+#
+# Random number generation
+#
+CONFIG_CRYPTO_ANSI_CPRNG=m
+CONFIG_CRYPTO_DRBG_MENU=y
+CONFIG_CRYPTO_DRBG_HMAC=y
+CONFIG_CRYPTO_DRBG_HASH=y
+CONFIG_CRYPTO_DRBG_CTR=y
+CONFIG_CRYPTO_DRBG=y
+CONFIG_CRYPTO_JITTERENTROPY=y
+# end of Random number generation
+
+#
+# Userspace interface
+#
+CONFIG_CRYPTO_USER_API=y
+CONFIG_CRYPTO_USER_API_HASH=y
+CONFIG_CRYPTO_USER_API_SKCIPHER=y
+CONFIG_CRYPTO_USER_API_RNG=y
+# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
+CONFIG_CRYPTO_USER_API_AEAD=y
+CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y
+# CONFIG_CRYPTO_STATS is not set
+# end of Userspace interface
+
+CONFIG_CRYPTO_HASH_INFO=y
+
+#
+# Accelerated Cryptographic Algorithms for CPU (x86)
+#
+# CONFIG_CRYPTO_CURVE25519_X86 is not set
+CONFIG_CRYPTO_AES_NI_INTEL=y
+CONFIG_CRYPTO_BLOWFISH_X86_64=m
+CONFIG_CRYPTO_CAMELLIA_X86_64=m
+CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64=m
+CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64=m
+CONFIG_CRYPTO_CAST5_AVX_X86_64=m
+CONFIG_CRYPTO_CAST6_AVX_X86_64=m
+CONFIG_CRYPTO_DES3_EDE_X86_64=m
+CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m
+CONFIG_CRYPTO_SERPENT_AVX_X86_64=m
+CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m
+CONFIG_CRYPTO_SM4_AESNI_AVX_X86_64=m
+CONFIG_CRYPTO_SM4_AESNI_AVX2_X86_64=m
+CONFIG_CRYPTO_TWOFISH_X86_64=m
+CONFIG_CRYPTO_TWOFISH_X86_64_3WAY=m
+CONFIG_CRYPTO_TWOFISH_AVX_X86_64=m
+# CONFIG_CRYPTO_ARIA_AESNI_AVX_X86_64 is not set
+CONFIG_CRYPTO_CHACHA20_X86_64=m
+# CONFIG_CRYPTO_AEGIS128_AESNI_SSE2 is not set
+# CONFIG_CRYPTO_NHPOLY1305_SSE2 is not set
+# CONFIG_CRYPTO_NHPOLY1305_AVX2 is not set
+# CONFIG_CRYPTO_BLAKE2S_X86 is not set
+# CONFIG_CRYPTO_POLYVAL_CLMUL_NI is not set
+CONFIG_CRYPTO_POLY1305_X86_64=m
+CONFIG_CRYPTO_SHA1_SSSE3=y
+CONFIG_CRYPTO_SHA256_SSSE3=y
+CONFIG_CRYPTO_SHA512_SSSE3=m
+CONFIG_CRYPTO_SM3_AVX_X86_64=m
+CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m
+CONFIG_CRYPTO_CRC32C_INTEL=m
+CONFIG_CRYPTO_CRC32_PCLMUL=m
+CONFIG_CRYPTO_CRCT10DIF_PCLMUL=m
+# end of Accelerated Cryptographic Algorithms for CPU (x86)
+
+CONFIG_CRYPTO_HW=y
+CONFIG_CRYPTO_DEV_PADLOCK=m
+CONFIG_CRYPTO_DEV_PADLOCK_AES=m
+CONFIG_CRYPTO_DEV_PADLOCK_SHA=m
+# CONFIG_CRYPTO_DEV_ATMEL_ECC is not set
+# CONFIG_CRYPTO_DEV_ATMEL_SHA204A is not set
+CONFIG_CRYPTO_DEV_CCP=y
+CONFIG_CRYPTO_DEV_CCP_DD=m
+CONFIG_CRYPTO_DEV_SP_CCP=y
+CONFIG_CRYPTO_DEV_CCP_CRYPTO=m
+CONFIG_CRYPTO_DEV_SP_PSP=y
+# CONFIG_CRYPTO_DEV_CCP_DEBUGFS is not set
+CONFIG_CRYPTO_DEV_QAT=m
+CONFIG_CRYPTO_DEV_QAT_DH895xCC=m
+CONFIG_CRYPTO_DEV_QAT_C3XXX=m
+CONFIG_CRYPTO_DEV_QAT_C62X=m
+# CONFIG_CRYPTO_DEV_QAT_4XXX is not set
+CONFIG_CRYPTO_DEV_QAT_DH895xCCVF=m
+CONFIG_CRYPTO_DEV_QAT_C3XXXVF=m
+CONFIG_CRYPTO_DEV_QAT_C62XVF=m
+CONFIG_CRYPTO_DEV_NITROX=m
+CONFIG_CRYPTO_DEV_NITROX_CNN55XX=m
+CONFIG_CRYPTO_DEV_CHELSIO=m
+# CONFIG_CRYPTO_DEV_VIRTIO is not set
+# CONFIG_CRYPTO_DEV_SAFEXCEL is not set
+# CONFIG_CRYPTO_DEV_AMLOGIC_GXL is not set
+CONFIG_ASYMMETRIC_KEY_TYPE=y
+CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
+CONFIG_X509_CERTIFICATE_PARSER=y
+# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set
+CONFIG_PKCS7_MESSAGE_PARSER=y
+# CONFIG_PKCS7_TEST_KEY is not set
+CONFIG_SIGNED_PE_FILE_VERIFICATION=y
+# CONFIG_FIPS_SIGNATURE_SELFTEST is not set
+
+#
+# Certificates for signature checking
+#
+CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
+CONFIG_MODULE_SIG_KEY_TYPE_RSA=y
+# CONFIG_MODULE_SIG_KEY_TYPE_ECDSA is not set
+CONFIG_SYSTEM_TRUSTED_KEYRING=y
+CONFIG_SYSTEM_TRUSTED_KEYS=""
+# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
+CONFIG_SECONDARY_TRUSTED_KEYRING=y
+CONFIG_SYSTEM_BLACKLIST_KEYRING=y
+CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
+CONFIG_SYSTEM_REVOCATION_LIST=y
+CONFIG_SYSTEM_REVOCATION_KEYS=""
+# CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE is not set
+# end of Certificates for signature checking
+
+CONFIG_BINARY_PRINTF=y
+
+#
+# Library routines
+#
+CONFIG_RAID6_PQ=m
+CONFIG_RAID6_PQ_BENCHMARK=y
+# CONFIG_PACKING is not set
+CONFIG_BITREVERSE=y
+CONFIG_GENERIC_STRNCPY_FROM_USER=y
+CONFIG_GENERIC_STRNLEN_USER=y
+CONFIG_GENERIC_NET_UTILS=y
+CONFIG_CORDIC=m
+# CONFIG_PRIME_NUMBERS is not set
+CONFIG_RATIONAL=y
+CONFIG_GENERIC_PCI_IOMAP=y
+CONFIG_GENERIC_IOMAP=y
+CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
+CONFIG_ARCH_HAS_FAST_MULTIPLIER=y
+CONFIG_ARCH_USE_SYM_ANNOTATIONS=y
+
+#
+# Crypto library routines
+#
+CONFIG_CRYPTO_LIB_UTILS=y
+CONFIG_CRYPTO_LIB_AES=y
+CONFIG_CRYPTO_LIB_ARC4=m
+CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC=y
+CONFIG_CRYPTO_ARCH_HAVE_LIB_CHACHA=m
+CONFIG_CRYPTO_LIB_CHACHA_GENERIC=m
+# CONFIG_CRYPTO_LIB_CHACHA is not set
+# CONFIG_CRYPTO_LIB_CURVE25519 is not set
+CONFIG_CRYPTO_LIB_DES=m
+CONFIG_CRYPTO_LIB_POLY1305_RSIZE=11
+CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305=m
+CONFIG_CRYPTO_LIB_POLY1305_GENERIC=m
+# CONFIG_CRYPTO_LIB_POLY1305 is not set
+# CONFIG_CRYPTO_LIB_CHACHA20POLY1305 is not set
+CONFIG_CRYPTO_LIB_SHA1=y
+CONFIG_CRYPTO_LIB_SHA256=y
+# end of Crypto library routines
+
+CONFIG_CRC_CCITT=y
+CONFIG_CRC16=y
+CONFIG_CRC_T10DIF=y
+CONFIG_CRC64_ROCKSOFT=m
+CONFIG_CRC_ITU_T=m
+CONFIG_CRC32=y
+# CONFIG_CRC32_SELFTEST is not set
+CONFIG_CRC32_SLICEBY8=y
+# CONFIG_CRC32_SLICEBY4 is not set
+# CONFIG_CRC32_SARWATE is not set
+# CONFIG_CRC32_BIT is not set
+CONFIG_CRC64=m
+# CONFIG_CRC4 is not set
+CONFIG_CRC7=m
+CONFIG_LIBCRC32C=m
+CONFIG_CRC8=m
+CONFIG_XXHASH=y
+# CONFIG_RANDOM32_SELFTEST is not set
+CONFIG_ZLIB_INFLATE=y
+CONFIG_ZLIB_DEFLATE=y
+CONFIG_LZO_COMPRESS=y
+CONFIG_LZO_DECOMPRESS=y
+CONFIG_LZ4_DECOMPRESS=y
+CONFIG_ZSTD_COMMON=y
+CONFIG_ZSTD_COMPRESS=y
+CONFIG_ZSTD_DECOMPRESS=y
+CONFIG_XZ_DEC=y
+CONFIG_XZ_DEC_X86=y
+CONFIG_XZ_DEC_POWERPC=y
+CONFIG_XZ_DEC_IA64=y
+CONFIG_XZ_DEC_ARM=y
+CONFIG_XZ_DEC_ARMTHUMB=y
+CONFIG_XZ_DEC_SPARC=y
+# CONFIG_XZ_DEC_MICROLZMA is not set
+CONFIG_XZ_DEC_BCJ=y
+# CONFIG_XZ_DEC_TEST is not set
+CONFIG_DECOMPRESS_GZIP=y
+CONFIG_DECOMPRESS_BZIP2=y
+CONFIG_DECOMPRESS_LZMA=y
+CONFIG_DECOMPRESS_XZ=y
+CONFIG_DECOMPRESS_LZO=y
+CONFIG_DECOMPRESS_LZ4=y
+CONFIG_DECOMPRESS_ZSTD=y
+CONFIG_GENERIC_ALLOCATOR=y
+CONFIG_REED_SOLOMON=m
+CONFIG_REED_SOLOMON_ENC8=y
+CONFIG_REED_SOLOMON_DEC8=y
+CONFIG_TEXTSEARCH=y
+CONFIG_TEXTSEARCH_KMP=m
+CONFIG_TEXTSEARCH_BM=m
+CONFIG_TEXTSEARCH_FSM=m
+CONFIG_BTREE=y
+CONFIG_INTERVAL_TREE=y
+CONFIG_XARRAY_MULTI=y
+CONFIG_ASSOCIATIVE_ARRAY=y
+CONFIG_HAS_IOMEM=y
+CONFIG_HAS_IOPORT_MAP=y
+CONFIG_HAS_DMA=y
+CONFIG_DMA_OPS=y
+CONFIG_NEED_SG_DMA_LENGTH=y
+CONFIG_NEED_DMA_MAP_STATE=y
+CONFIG_ARCH_DMA_ADDR_T_64BIT=y
+CONFIG_ARCH_HAS_FORCE_DMA_UNENCRYPTED=y
+CONFIG_SWIOTLB=y
+CONFIG_DMA_COHERENT_POOL=y
+# CONFIG_DMA_API_DEBUG is not set
+# CONFIG_DMA_MAP_BENCHMARK is not set
+CONFIG_SGL_ALLOC=y
+CONFIG_CHECK_SIGNATURE=y
+CONFIG_CPUMASK_OFFSTACK=y
+# CONFIG_FORCE_NR_CPUS is not set
+CONFIG_CPU_RMAP=y
+CONFIG_DQL=y
+CONFIG_GLOB=y
+# CONFIG_GLOB_SELFTEST is not set
+CONFIG_NLATTR=y
+CONFIG_CLZ_TAB=y
+CONFIG_IRQ_POLL=y
+CONFIG_MPILIB=y
+CONFIG_SIGNATURE=y
+CONFIG_DIMLIB=y
+CONFIG_OID_REGISTRY=y
+CONFIG_UCS2_STRING=y
+CONFIG_HAVE_GENERIC_VDSO=y
+CONFIG_GENERIC_GETTIMEOFDAY=y
+CONFIG_GENERIC_VDSO_TIME_NS=y
+CONFIG_FONT_SUPPORT=y
+# CONFIG_FONTS is not set
+CONFIG_FONT_8x8=y
+CONFIG_FONT_8x16=y
+CONFIG_SG_POOL=y
+CONFIG_ARCH_HAS_PMEM_API=y
+CONFIG_MEMREGION=y
+CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE=y
+CONFIG_ARCH_HAS_COPY_MC=y
+CONFIG_ARCH_STACKWALK=y
+CONFIG_STACKDEPOT=y
+CONFIG_SBITMAP=y
+CONFIG_PARMAN=m
+CONFIG_OBJAGG=m
+# end of Library routines
+
+CONFIG_PLDMFW=y
+CONFIG_ASN1_ENCODER=y
+
+#
+# Kernel hacking
+#
+
+#
+# printk and dmesg options
+#
+CONFIG_PRINTK_TIME=y
+CONFIG_PRINTK_CALLER=y
+# CONFIG_STACKTRACE_BUILD_ID is not set
+CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7
+CONFIG_CONSOLE_LOGLEVEL_QUIET=4
+CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4
+CONFIG_BOOT_PRINTK_DELAY=y
+CONFIG_DYNAMIC_DEBUG=y
+CONFIG_DYNAMIC_DEBUG_CORE=y
+CONFIG_SYMBOLIC_ERRNAME=y
+CONFIG_DEBUG_BUGVERBOSE=y
+# end of printk and dmesg options
+
+CONFIG_DEBUG_KERNEL=y
+CONFIG_DEBUG_MISC=y
+
+#
+# Compile-time checks and compiler options
+#
+CONFIG_DEBUG_INFO=y
+# CONFIG_DEBUG_INFO_NONE is not set
+# CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT is not set
+CONFIG_DEBUG_INFO_DWARF4=y
+# CONFIG_DEBUG_INFO_DWARF5 is not set
+# CONFIG_DEBUG_INFO_REDUCED is not set
+# CONFIG_DEBUG_INFO_COMPRESSED is not set
+# CONFIG_DEBUG_INFO_SPLIT is not set
+CONFIG_DEBUG_INFO_BTF=y
+# CONFIG_GDB_SCRIPTS is not set
+CONFIG_FRAME_WARN=2048
+CONFIG_STRIP_ASM_SYMS=y
+# CONFIG_READABLE_ASM is not set
+# CONFIG_HEADERS_INSTALL is not set
+CONFIG_DEBUG_SECTION_MISMATCH=y
+CONFIG_SECTION_MISMATCH_WARN_ONLY=y
+CONFIG_OBJTOOL=y
+# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
+# end of Compile-time checks and compiler options
+
+#
+# Generic Kernel Debugging Instruments
+#
+CONFIG_MAGIC_SYSRQ=y
+CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1
+CONFIG_MAGIC_SYSRQ_SERIAL=y
+CONFIG_MAGIC_SYSRQ_SERIAL_SEQUENCE=""
+CONFIG_DEBUG_FS=y
+CONFIG_DEBUG_FS_ALLOW_ALL=y
+# CONFIG_DEBUG_FS_DISALLOW_MOUNT is not set
+# CONFIG_DEBUG_FS_ALLOW_NONE is not set
+CONFIG_HAVE_ARCH_KGDB=y
+CONFIG_KGDB=y
+CONFIG_KGDB_HONOUR_BLOCKLIST=y
+CONFIG_KGDB_SERIAL_CONSOLE=y
+CONFIG_KGDB_TESTS=y
+# CONFIG_KGDB_TESTS_ON_BOOT is not set
+CONFIG_KGDB_LOW_LEVEL_TRAP=y
+CONFIG_KGDB_KDB=y
+CONFIG_KDB_DEFAULT_ENABLE=0x0
+CONFIG_KDB_KEYBOARD=y
+CONFIG_KDB_CONTINUE_CATASTROPHIC=0
+CONFIG_ARCH_HAS_EARLY_DEBUG=y
+CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y
+# CONFIG_UBSAN is not set
+CONFIG_HAVE_ARCH_KCSAN=y
+# end of Generic Kernel Debugging Instruments
+
+#
+# Networking Debugging
+#
+# CONFIG_NET_DEV_REFCNT_TRACKER is not set
+# CONFIG_NET_NS_REFCNT_TRACKER is not set
+# CONFIG_DEBUG_NET is not set
+# end of Networking Debugging
+
+#
+# Memory Debugging
+#
+# CONFIG_PAGE_EXTENSION is not set
+# CONFIG_DEBUG_PAGEALLOC is not set
+CONFIG_SLUB_DEBUG=y
+# CONFIG_SLUB_DEBUG_ON is not set
+# CONFIG_PAGE_OWNER is not set
+# CONFIG_PAGE_TABLE_CHECK is not set
+# CONFIG_PAGE_POISONING is not set
+# CONFIG_DEBUG_PAGE_REF is not set
+# CONFIG_DEBUG_RODATA_TEST is not set
+CONFIG_ARCH_HAS_DEBUG_WX=y
+# CONFIG_DEBUG_WX is not set
+CONFIG_GENERIC_PTDUMP=y
+# CONFIG_PTDUMP_DEBUGFS is not set
+# CONFIG_DEBUG_OBJECTS is not set
+# CONFIG_SHRINKER_DEBUG is not set
+CONFIG_HAVE_DEBUG_KMEMLEAK=y
+# CONFIG_DEBUG_KMEMLEAK is not set
+# CONFIG_DEBUG_STACK_USAGE is not set
+# CONFIG_SCHED_STACK_END_CHECK is not set
+CONFIG_ARCH_HAS_DEBUG_VM_PGTABLE=y
+# CONFIG_DEBUG_VM is not set
+# CONFIG_DEBUG_VM_PGTABLE is not set
+CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y
+# CONFIG_DEBUG_VIRTUAL is not set
+CONFIG_DEBUG_MEMORY_INIT=y
+# CONFIG_DEBUG_PER_CPU_MAPS is not set
+CONFIG_HAVE_ARCH_KASAN=y
+CONFIG_HAVE_ARCH_KASAN_VMALLOC=y
+# CONFIG_KASAN is not set
+CONFIG_HAVE_ARCH_KFENCE=y
+# CONFIG_KFENCE is not set
+CONFIG_HAVE_ARCH_KMSAN=y
+# end of Memory Debugging
+
+CONFIG_DEBUG_SHIRQ=y
+
+#
+# Debug Oops, Lockups and Hangs
+#
+CONFIG_PANIC_ON_OOPS=y
+CONFIG_PANIC_ON_OOPS_VALUE=1
+CONFIG_PANIC_TIMEOUT=0
+CONFIG_LOCKUP_DETECTOR=y
+CONFIG_SOFTLOCKUP_DETECTOR=y
+# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set
+CONFIG_HARDLOCKUP_DETECTOR_PERF=y
+CONFIG_HARDLOCKUP_CHECK_TIMESTAMP=y
+CONFIG_HARDLOCKUP_DETECTOR=y
+CONFIG_BOOTPARAM_HARDLOCKUP_PANIC=y
+CONFIG_DETECT_HUNG_TASK=y
+CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120
+# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
+# CONFIG_WQ_WATCHDOG is not set
+# CONFIG_TEST_LOCKUP is not set
+# end of Debug Oops, Lockups and Hangs
+
+#
+# Scheduler Debugging
+#
+CONFIG_SCHED_DEBUG=y
+CONFIG_SCHED_INFO=y
+CONFIG_SCHEDSTATS=y
+# end of Scheduler Debugging
+
+# CONFIG_DEBUG_TIMEKEEPING is not set
+CONFIG_DEBUG_PREEMPT=y
+
+#
+# Lock Debugging (spinlocks, mutexes, etc...)
+#
+CONFIG_LOCK_DEBUGGING_SUPPORT=y
+# CONFIG_PROVE_LOCKING is not set
+# CONFIG_LOCK_STAT is not set
+# CONFIG_DEBUG_RT_MUTEXES is not set
+# CONFIG_DEBUG_SPINLOCK is not set
+# CONFIG_DEBUG_MUTEXES is not set
+# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
+# CONFIG_DEBUG_RWSEMS is not set
+# CONFIG_DEBUG_LOCK_ALLOC is not set
+# CONFIG_DEBUG_ATOMIC_SLEEP is not set
+# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
+# CONFIG_LOCK_TORTURE_TEST is not set
+# CONFIG_WW_MUTEX_SELFTEST is not set
+# CONFIG_SCF_TORTURE_TEST is not set
+# CONFIG_CSD_LOCK_WAIT_DEBUG is not set
+# end of Lock Debugging (spinlocks, mutexes, etc...)
+
+# CONFIG_DEBUG_IRQFLAGS is not set
+CONFIG_STACKTRACE=y
+# CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set
+# CONFIG_DEBUG_KOBJECT is not set
+
+#
+# Debug kernel data structures
+#
+CONFIG_DEBUG_LIST=y
+# CONFIG_DEBUG_PLIST is not set
+# CONFIG_DEBUG_SG is not set
+# CONFIG_DEBUG_NOTIFIERS is not set
+# CONFIG_BUG_ON_DATA_CORRUPTION is not set
+# CONFIG_DEBUG_MAPLE_TREE is not set
+# end of Debug kernel data structures
+
+# CONFIG_DEBUG_CREDENTIALS is not set
+
+#
+# RCU Debugging
+#
+# CONFIG_RCU_SCALE_TEST is not set
+# CONFIG_RCU_TORTURE_TEST is not set
+# CONFIG_RCU_REF_SCALE_TEST is not set
+CONFIG_RCU_CPU_STALL_TIMEOUT=60
+CONFIG_RCU_EXP_CPU_STALL_TIMEOUT=0
+# CONFIG_RCU_TRACE is not set
+# CONFIG_RCU_EQS_DEBUG is not set
+# end of RCU Debugging
+
+# CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set
+# CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set
+# CONFIG_LATENCYTOP is not set
+CONFIG_USER_STACKTRACE_SUPPORT=y
+CONFIG_NOP_TRACER=y
+CONFIG_HAVE_RETHOOK=y
+CONFIG_RETHOOK=y
+CONFIG_HAVE_FUNCTION_TRACER=y
+CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
+CONFIG_HAVE_DYNAMIC_FTRACE=y
+CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y
+CONFIG_HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
+CONFIG_HAVE_DYNAMIC_FTRACE_WITH_ARGS=y
+CONFIG_HAVE_DYNAMIC_FTRACE_NO_PATCHABLE=y
+CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
+CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
+CONFIG_HAVE_FENTRY=y
+CONFIG_HAVE_OBJTOOL_MCOUNT=y
+CONFIG_HAVE_C_RECORDMCOUNT=y
+CONFIG_HAVE_BUILDTIME_MCOUNT_SORT=y
+CONFIG_BUILDTIME_MCOUNT_SORT=y
+CONFIG_TRACER_MAX_TRACE=y
+CONFIG_TRACE_CLOCK=y
+CONFIG_RING_BUFFER=y
+CONFIG_EVENT_TRACING=y
+CONFIG_CONTEXT_SWITCH_TRACER=y
+CONFIG_TRACING=y
+CONFIG_GENERIC_TRACER=y
+CONFIG_TRACING_SUPPORT=y
+CONFIG_FTRACE=y
+CONFIG_BOOTTIME_TRACING=y
+CONFIG_FUNCTION_TRACER=y
+CONFIG_FUNCTION_GRAPH_TRACER=y
+CONFIG_DYNAMIC_FTRACE=y
+CONFIG_DYNAMIC_FTRACE_WITH_REGS=y
+CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
+CONFIG_DYNAMIC_FTRACE_WITH_ARGS=y
+# CONFIG_FPROBE is not set
+CONFIG_FUNCTION_PROFILER=y
+CONFIG_STACK_TRACER=y
+# CONFIG_IRQSOFF_TRACER is not set
+# CONFIG_PREEMPT_TRACER is not set
+CONFIG_SCHED_TRACER=y
+CONFIG_HWLAT_TRACER=y
+CONFIG_OSNOISE_TRACER=y
+CONFIG_TIMERLAT_TRACER=y
+# CONFIG_MMIOTRACE is not set
+CONFIG_FTRACE_SYSCALLS=y
+CONFIG_TRACER_SNAPSHOT=y
+# CONFIG_TRACER_SNAPSHOT_PER_CPU_SWAP is not set
+CONFIG_BRANCH_PROFILE_NONE=y
+# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
+CONFIG_BLK_DEV_IO_TRACE=y
+CONFIG_KPROBE_EVENTS=y
+# CONFIG_KPROBE_EVENTS_ON_NOTRACE is not set
+CONFIG_UPROBE_EVENTS=y
+CONFIG_BPF_EVENTS=y
+CONFIG_DYNAMIC_EVENTS=y
+CONFIG_PROBE_EVENTS=y
+# CONFIG_BPF_KPROBE_OVERRIDE is not set
+CONFIG_FTRACE_MCOUNT_RECORD=y
+CONFIG_FTRACE_MCOUNT_USE_CC=y
+CONFIG_TRACING_MAP=y
+CONFIG_SYNTH_EVENTS=y
+CONFIG_HIST_TRIGGERS=y
+# CONFIG_TRACE_EVENT_INJECT is not set
+# CONFIG_TRACEPOINT_BENCHMARK is not set
+CONFIG_RING_BUFFER_BENCHMARK=m
+# CONFIG_TRACE_EVAL_MAP_FILE is not set
+# CONFIG_FTRACE_RECORD_RECURSION is not set
+# CONFIG_FTRACE_STARTUP_TEST is not set
+# CONFIG_FTRACE_SORT_STARTUP_TEST is not set
+# CONFIG_RING_BUFFER_STARTUP_TEST is not set
+# CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
+# CONFIG_PREEMPTIRQ_DELAY_TEST is not set
+# CONFIG_SYNTH_EVENT_GEN_TEST is not set
+# CONFIG_KPROBE_EVENT_GEN_TEST is not set
+# CONFIG_HIST_TRIGGERS_DEBUG is not set
+# CONFIG_RV is not set
+CONFIG_PROVIDE_OHCI1394_DMA_INIT=y
+# CONFIG_SAMPLES is not set
+CONFIG_HAVE_SAMPLE_FTRACE_DIRECT=y
+CONFIG_HAVE_SAMPLE_FTRACE_DIRECT_MULTI=y
+CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
+CONFIG_STRICT_DEVMEM=y
+# CONFIG_IO_STRICT_DEVMEM is not set
+
+#
+# x86 Debugging
+#
+CONFIG_EARLY_PRINTK_USB=y
+# CONFIG_X86_VERBOSE_BOOTUP is not set
+CONFIG_EARLY_PRINTK=y
+CONFIG_EARLY_PRINTK_DBGP=y
+CONFIG_EARLY_PRINTK_USB_XDBC=y
+# CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_DEBUG_TLBFLUSH is not set
+CONFIG_HAVE_MMIOTRACE_SUPPORT=y
+CONFIG_X86_DECODER_SELFTEST=y
+CONFIG_IO_DELAY_0X80=y
+# CONFIG_IO_DELAY_0XED is not set
+# CONFIG_IO_DELAY_UDELAY is not set
+# CONFIG_IO_DELAY_NONE is not set
+CONFIG_DEBUG_BOOT_PARAMS=y
+# CONFIG_CPA_DEBUG is not set
+# CONFIG_DEBUG_ENTRY is not set
+# CONFIG_DEBUG_NMI_SELFTEST is not set
+# CONFIG_X86_DEBUG_FPU is not set
+# CONFIG_PUNIT_ATOM_DEBUG is not set
+CONFIG_UNWINDER_ORC=y
+# CONFIG_UNWINDER_FRAME_POINTER is not set
+# end of x86 Debugging
+
+#
+# Kernel Testing and Coverage
+#
+# CONFIG_KUNIT is not set
+# CONFIG_NOTIFIER_ERROR_INJECTION is not set
+CONFIG_FUNCTION_ERROR_INJECTION=y
+# CONFIG_FAULT_INJECTION is not set
+CONFIG_ARCH_HAS_KCOV=y
+# CONFIG_KCOV is not set
+# CONFIG_RUNTIME_TESTING_MENU is not set
+CONFIG_ARCH_USE_MEMTEST=y
+# CONFIG_MEMTEST is not set
+# CONFIG_HYPERV_TESTING is not set
+# end of Kernel Testing and Coverage
+
+#
+# Rust hacking
+#
+# end of Rust hacking
+# end of Kernel hacking
--
2.20.1
1
0
Prepare initial configs for devel-6.1 branch.
Liu Chao (1):
kconfig: Add script to update openeuler_defconfig
Xie XiuQi (2):
config: add initial openeuler_defconfig for arm64
config: add initial openeuler_defconfig for x86_64
arch/arm64/configs/openeuler_defconfig | 7732 ++++++++++++++++++++
arch/x86/configs/openeuler_defconfig | 8938 ++++++++++++++++++++++++
scripts/kconfig/Makefile | 10 +
scripts/kconfig/makeconfig.sh | 24 +
4 files changed, 16704 insertions(+)
create mode 100644 arch/arm64/configs/openeuler_defconfig
create mode 100644 arch/x86/configs/openeuler_defconfig
create mode 100644 scripts/kconfig/makeconfig.sh
--
2.20.1
1
3
[PATCH openEuler-5.10 01/45] block: fix crash on cmpxchg for request_wrapper
by Zheng Zengkai 04 Jan '23
by Zheng Zengkai 04 Jan '23
04 Jan '23
From: Yu Kuai <yukuai3(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65K8D
CVE: NA
--------------------------------
Now that address of request_wrapper is caculated by address of request
plus cmd_size, if cmd_size is not aligned to 8 bytes, request_wrapper
will end up not aligned to 8 bytes as well, which will crash in arm64
because assembly instruction casal requires that operand address is
aligned to 8 bytes:
Internal error: Oops: 96000021 [#1] SMP
pc : blk_account_io_latency+0x54/0x134
Call trace:
blk_account_io_latency+0x54/0x134
blk_account_io_done+0x3c/0x4c
__blk_mq_end_request+0x78/0x134
scsi_end_request+0xcc/0x1f0
scsi_io_completion+0x88/0x240
scsi_finish_command+0x104/0x140
scsi_softirq_done+0x90/0x180
blk_mq_complete_request+0x5c/0x70
scsi_mq_done+0x4c/0x100
Fix the problem by declaring request_wrapper as aligned to cachline, and
placing it before request.
Fixes: 82327165da5c ("blk-mq: don't access request_wrapper if request is not allocated from block layer")
Signed-off-by: Yu Kuai <yukuai3(a)huawei.com>
Reviewed-by: Hou Tao <houtao1(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
block/blk-flush.c | 8 +++++---
block/blk-mq.c | 2 +-
block/blk-mq.h | 9 +++------
3 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/block/blk-flush.c b/block/blk-flush.c
index 65753f781c20..093c581a2651 100644
--- a/block/blk-flush.c
+++ b/block/blk-flush.c
@@ -470,6 +470,7 @@ struct blk_flush_queue *blk_alloc_flush_queue(int node, int cmd_size,
gfp_t flags)
{
struct blk_flush_queue *fq;
+ struct request_wrapper *wrapper;
int rq_sz = sizeof(struct request) + sizeof(struct request_wrapper);
fq = kzalloc_node(sizeof(*fq), flags, node);
@@ -479,10 +480,11 @@ struct blk_flush_queue *blk_alloc_flush_queue(int node, int cmd_size,
spin_lock_init(&fq->mq_flush_lock);
rq_sz = round_up(rq_sz + cmd_size, cache_line_size());
- fq->flush_rq = kzalloc_node(rq_sz, flags, node);
- if (!fq->flush_rq)
+ wrapper = kzalloc_node(rq_sz, flags, node);
+ if (!wrapper)
goto fail_rq;
+ fq->flush_rq = (struct request *)(wrapper + 1);
INIT_LIST_HEAD(&fq->flush_queue[0]);
INIT_LIST_HEAD(&fq->flush_queue[1]);
INIT_LIST_HEAD(&fq->flush_data_in_flight);
@@ -501,7 +503,7 @@ void blk_free_flush_queue(struct blk_flush_queue *fq)
if (!fq)
return;
- kfree(fq->flush_rq);
+ kfree(request_to_wrapper(fq->flush_rq));
kfree(fq);
}
diff --git a/block/blk-mq.c b/block/blk-mq.c
index 1c4a4e197e65..ffabe9c3de31 100644
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -2642,7 +2642,7 @@ static int blk_mq_alloc_rqs(struct blk_mq_tag_set *set,
to_do = min(entries_per_page, depth - i);
left -= to_do * rq_size;
for (j = 0; j < to_do; j++) {
- struct request *rq = p;
+ struct request *rq = p + sizeof(struct request_wrapper);
tags->static_rqs[i] = rq;
if (blk_mq_init_request(set, rq, hctx_idx, node)) {
diff --git a/block/blk-mq.h b/block/blk-mq.h
index 6254abe9c112..dcb2077e4db6 100644
--- a/block/blk-mq.h
+++ b/block/blk-mq.h
@@ -40,14 +40,11 @@ struct blk_mq_ctx {
struct request_wrapper {
/* Time that I/O was counted in part_get_stat_info(). */
u64 stat_time_ns;
-};
+} ____cacheline_aligned_in_smp;
-static inline struct request_wrapper *request_to_wrapper(struct request *rq)
+static inline struct request_wrapper *request_to_wrapper(void *rq)
{
- unsigned long addr = (unsigned long)rq;
-
- addr += sizeof(*rq) + rq->q->tag_set->cmd_size;
- return (struct request_wrapper *)addr;
+ return rq - sizeof(struct request_wrapper);
}
void blk_mq_exit_queue(struct request_queue *q);
--
2.20.1
1
44
[PATCH openEuler-5.10 01/31] drm/amdkfd: Check for null pointer after calling kmemdup
by Zheng Zengkai 04 Jan '23
by Zheng Zengkai 04 Jan '23
04 Jan '23
From: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
stable inclusion
from stable-v6.0.14
commit abfaf0eee97925905e742aa3b0b72e04a918fa9e
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6694U
CVE: CVE-2022-3108
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
As the possible failure of the allocation, kmemdup() may return NULL
pointer.
Therefore, it should be better to check the 'props2' in order to prevent
the dereference of NULL pointer.
Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs")
Signed-off-by: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
Reviewed-by: Felix Kuehling <Felix.Kuehling(a)amd.com>
Signed-off-by: Felix Kuehling <Felix.Kuehling(a)amd.com>
Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com>
Signed-off-by: Ren Zhijie <renzhijie2(a)huawei.com>
Reviewed-by: songping yu <yusongping(a)huawei.com>
Reviewed-by: Chen Hui <judy.chenhui(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
index 86b4dadf772e..02e3c650ed1c 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
@@ -408,6 +408,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink,
return -ENODEV;
/* same everything but the other direction */
props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL);
+ if (!props2)
+ return -ENOMEM;
+
props2->node_from = id_to;
props2->node_to = id_from;
props2->kobj = NULL;
--
2.20.1
1
30
[PATCH openEuler-5.10-LTS 01/30] Bluetooth: L2CAP: Fix build errors in some archs
by Zheng Zengkai 04 Jan '23
by Zheng Zengkai 04 Jan '23
04 Jan '23
From: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
stable inclusion
from stable-v5.10.141
commit 38267d266336a7fb9eae9be23567a44776c6e4ca
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I64WCC
CVE: CVE-2022-20566
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
-------------------------------
commit b840304fb46cdf7012722f456bce06f151b3e81b upstream.
This attempts to fix the follow errors:
In function 'memcmp',
inlined from 'bacmp' at ./include/net/bluetooth/bluetooth.h:347:9,
inlined from 'l2cap_global_chan_by_psm' at
net/bluetooth/l2cap_core.c:2003:15:
./include/linux/fortify-string.h:44:33: error: '__builtin_memcmp'
specified bound 6 exceeds source size 0 [-Werror=stringop-overread]
44 | #define __underlying_memcmp __builtin_memcmp
| ^
./include/linux/fortify-string.h:420:16: note: in expansion of macro
'__underlying_memcmp'
420 | return __underlying_memcmp(p, q, size);
| ^~~~~~~~~~~~~~~~~~~
In function 'memcmp',
inlined from 'bacmp' at ./include/net/bluetooth/bluetooth.h:347:9,
inlined from 'l2cap_global_chan_by_psm' at
net/bluetooth/l2cap_core.c:2004:15:
./include/linux/fortify-string.h:44:33: error: '__builtin_memcmp'
specified bound 6 exceeds source size 0 [-Werror=stringop-overread]
44 | #define __underlying_memcmp __builtin_memcmp
| ^
./include/linux/fortify-string.h:420:16: note: in expansion of macro
'__underlying_memcmp'
420 | return __underlying_memcmp(p, q, size);
| ^~~~~~~~~~~~~~~~~~~
Fixes: 332f1795ca20 ("Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Cc: Sudip Mukherjee <sudipm.mukherjee(a)gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Lu Jialin <lujialin4(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
net/bluetooth/l2cap_core.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 70bfd9e8913e..f78ad8f536f7 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1988,11 +1988,11 @@ static struct l2cap_chan *l2cap_global_chan_by_psm(int state, __le16 psm,
src_match = !bacmp(&c->src, src);
dst_match = !bacmp(&c->dst, dst);
if (src_match && dst_match) {
- c = l2cap_chan_hold_unless_zero(c);
- if (c) {
- read_unlock(&chan_list_lock);
- return c;
- }
+ if (!l2cap_chan_hold_unless_zero(c))
+ continue;
+
+ read_unlock(&chan_list_lock);
+ return c;
}
/* Closest match */
--
2.20.1
1
29
30 Dec '22
From: Zhou Guanghui <zhouguanghui1(a)huawei.com>
ascend inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I67NC1
CVE: NA
------------------------------------------
Charge Buddy hugepage to memcg when kmemcg is disabled. If kmemcg
is enabled, we can alse use kmemcg to charge buddy hugepages.
Signed-off-by: Zhou Guanghui <zhouguanghui1(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/linux/share_pool.h | 30 ++++++++++++++++++++++++++++++
mm/hugetlb.c | 3 +++
mm/share_pool.c | 28 +++++++++++++++++++++++-----
3 files changed, 56 insertions(+), 5 deletions(-)
diff --git a/include/linux/share_pool.h b/include/linux/share_pool.h
index c58f0dce0b20..2ebfb3d5be13 100644
--- a/include/linux/share_pool.h
+++ b/include/linux/share_pool.h
@@ -8,6 +8,8 @@
#include <linux/printk.h>
#include <linux/hashtable.h>
#include <linux/numa.h>
+#include <linux/hugetlb.h>
+#include <linux/memcontrol.h>
#define SP_HUGEPAGE (1 << 0)
#define SP_HUGEPAGE_ONLY (1 << 1)
@@ -411,6 +413,26 @@ extern bool sp_check_mmap_addr(unsigned long addr, unsigned long flags);
extern int sp_id_of_current(void);
extern int mg_sp_id_of_current(void);
+
+static inline void sp_kmemcg_uncharge_hpage(struct page *page)
+{
+ if (!sp_is_enabled())
+ return;
+
+ if (memcg_kmem_enabled() && PageKmemcg(page)) {
+ int order = huge_page_order(page_hstate(page));
+
+ __memcg_kmem_uncharge(page, order);
+ }
+}
+
+static inline void sp_memcg_uncharge_hpage(struct page *page)
+{
+ if (!sp_is_enabled())
+ return;
+
+ mem_cgroup_uncharge(page);
+}
#else
static inline int mg_sp_group_add_task(int pid, unsigned long prot, int spg_id)
@@ -684,6 +706,14 @@ static inline int mg_sp_id_of_current(void)
return -EPERM;
}
+static inline void sp_kmemcg_uncharge_hpage(struct page *page)
+{
+}
+
+static inline void sp_memcg_uncharge_hpage(struct page *page)
+{
+}
+
#endif
#endif /* LINUX_SHARE_POOL_H */
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index fb1f90eed7fc..495d8b5b38fc 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -38,6 +38,7 @@
#include <linux/node.h>
#include <linux/userfaultfd_k.h>
#include <linux/page_owner.h>
+#include <linux/share_pool.h>
#include "internal.h"
int hugetlb_max_hstate __read_mostly;
@@ -1311,6 +1312,7 @@ void free_huge_page(struct page *page)
(struct hugepage_subpool *)page_private(page);
bool restore_reserve;
+ sp_kmemcg_uncharge_hpage(page);
set_page_private(page, 0);
page->mapping = NULL;
VM_BUG_ON_PAGE(page_count(page), page);
@@ -1345,6 +1347,7 @@ void free_huge_page(struct page *page)
h->resv_huge_pages++;
if (PageHugeTemporary(page)) {
+ sp_memcg_uncharge_hpage(page);
list_del(&page->lru);
ClearPageHugeTemporary(page);
update_and_free_page(h, page);
diff --git a/mm/share_pool.c b/mm/share_pool.c
index d2591c73a503..5d8344fe805a 100644
--- a/mm/share_pool.c
+++ b/mm/share_pool.c
@@ -4555,6 +4555,8 @@ vm_fault_t sharepool_no_page(struct mm_struct *mm,
int err;
int node_id;
struct sp_area *spa;
+ bool charge_hpage = false;
+ struct mem_cgroup *memcg;
spa = vma->vm_private_data;
if (!spa) {
@@ -4572,10 +4574,11 @@ vm_fault_t sharepool_no_page(struct mm_struct *mm,
page = alloc_huge_page(vma, haddr, 0);
if (IS_ERR(page)) {
- page = alloc_huge_page_node(hstate_file(vma->vm_file),
- node_id);
+ page = hugetlb_alloc_hugepage(node_id, HUGETLB_ALLOC_BUDDY);
if (!page)
page = ERR_PTR(-ENOMEM);
+ else if (!PageKmemcg(page))
+ charge_hpage = true;
}
if (IS_ERR(page)) {
ptl = huge_pte_lock(h, mm, ptep);
@@ -4588,12 +4591,24 @@ vm_fault_t sharepool_no_page(struct mm_struct *mm,
ret = vmf_error(PTR_ERR(page));
goto out;
}
+
+ if (charge_hpage &&
+ mem_cgroup_try_charge_delay(page, vma->vm_mm, GFP_KERNEL, &memcg, true)) {
+ put_page(page);
+ ret = vmf_error(-ENOMEM);
+ goto out;
+ }
+
__SetPageUptodate(page);
new_page = true;
/* sharepool pages are all shared */
err = huge_add_to_page_cache(page, mapping, idx);
if (err) {
+ if (charge_hpage) {
+ mem_cgroup_cancel_charge(page, memcg, true);
+ charge_hpage = false;
+ }
put_page(page);
if (err == -EEXIST)
goto retry;
@@ -4601,7 +4616,6 @@ vm_fault_t sharepool_no_page(struct mm_struct *mm,
}
}
-
ptl = huge_pte_lock(h, mm, ptep);
size = i_size_read(mapping->host) >> huge_page_shift(h);
if (idx >= size)
@@ -4618,11 +4632,13 @@ vm_fault_t sharepool_no_page(struct mm_struct *mm,
hugetlb_count_add(pages_per_huge_page(h), mm);
+ if (charge_hpage)
+ mem_cgroup_commit_charge(page, memcg, false, true);
+
spin_unlock(ptl);
- if (new_page) {
+ if (new_page)
SetPagePrivate(&page[1]);
- }
unlock_page(page);
out:
@@ -4631,6 +4647,8 @@ vm_fault_t sharepool_no_page(struct mm_struct *mm,
backout:
spin_unlock(ptl);
unlock_page(page);
+ if (charge_hpage)
+ mem_cgroup_cancel_charge(page, memcg, true);
put_page(page);
goto out;
}
--
2.25.1
1
0
您好!
Kernel SIG 邀请您参加 2022-12-30 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG双周例会
会议内容:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
会议链接:https://us06web.zoom.us/j/84061666239?pwd=ZGNrZUo0RW5DWWhOQTRaVW53Y0gyUT09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2022-12-30 14:00,
The subject of the conference is openEuler Kernel SIG双周例会,
Summary:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/84061666239?pwd=ZGNrZUo0RW5DWWhOQTRaVW53Y0gyUT09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
2
1
30 Dec '22
3SNIC inclusion
category: features
bugzilla: https://gitee.com/openeuler/kernel/issues/I64M90
CVE: NA
v1->v2:
1. Update openEuler/MAINTAINERS
This commit is to suppport 3SNIC 3S5XX RAID/HBA controllers.
RAID controllers support RAID 0/1/5/6/10/50/60 modes;
HBA controlllers support RAID 0/1/10 modes.
RAID/HBA support SAS/SATA HDD/SSD.
Signed-off-by: liangry <liangry1(a)3snic.com>
Reviewed-by: Jiang Yu<yujiang(a)3snic.com>
Reviewed-by: Steven Song <steven.song(a)3snic.com>
---
Documentation/scsi/sssraid.rst | 83 +
MAINTAINERS | 7 +
arch/arm64/configs/openeuler_defconfig | 1 +
arch/x86/configs/openeuler_defconfig | 1 +
drivers/scsi/Kconfig | 1 +
drivers/scsi/Makefile | 1 +
drivers/scsi/sssraid/Kconfig | 14 +
drivers/scsi/sssraid/Makefile | 7 +
drivers/scsi/sssraid/sssraid.h | 971 ++++++++++
drivers/scsi/sssraid/sssraid_debug.h | 34 +
drivers/scsi/sssraid/sssraid_fw.c | 1724 +++++++++++++++++
drivers/scsi/sssraid/sssraid_os.c | 2337 ++++++++++++++++++++++++
openEuler/MAINTAINERS | 6 +
13 files changed, 5187 insertions(+)
create mode 100644 Documentation/scsi/sssraid.rst
create mode 100644 drivers/scsi/sssraid/Kconfig
create mode 100644 drivers/scsi/sssraid/Makefile
create mode 100644 drivers/scsi/sssraid/sssraid.h
create mode 100644 drivers/scsi/sssraid/sssraid_debug.h
create mode 100644 drivers/scsi/sssraid/sssraid_fw.c
create mode 100644 drivers/scsi/sssraid/sssraid_os.c
diff --git a/Documentation/scsi/sssraid.rst b/Documentation/scsi/sssraid.rst
new file mode 100644
index 000000000000..d56e5f7c478c
--- /dev/null
+++ b/Documentation/scsi/sssraid.rst
@@ -0,0 +1,83 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+==============================================
+SSSRAID - 3SNIC SCSI RAID Controller driver
+==============================================
+
+This file describes the SSSRAID SCSI driver for 3SNIC
+(http://www.3snic.com) RAID controllers. The SSSRAID
+driver is the first generation RAID driver for 3SNIC Corp.
+
+For 3SNIC SSSRAID controller support, enable the SSSRAID driver
+when configuring the kernel.
+
+SSSRAID specific entries in /sys
+=================================
+
+SSSRAID host attributes
+------------------------
+ - /sys/class/scsi_host/host*/csts_pp
+ - /sys/class/scsi_host/host*/csts_shst
+ - /sys/class/scsi_host/host*/csts_cfs
+ - /sys/class/scsi_host/host*/csts_rdy
+ - /sys/class/scsi_host/host*/fw_version
+
+ The host csts_pp attribute is a read only attribute. This attribute
+ indicates whether the controller is processing commands. If this attribute
+ is set to ‘1’, then the controller is processing commands normally. If
+ this attribute is cleared to ‘0’, then the controller has temporarily stopped
+ processing commands in order to handle an event (e.g., firmware activation).
+
+ The host csts_shst attribute is a read only attribute. This attribute
+ indicates status of shutdown processing.The shutdown status values are defined
+ as:
+ ====== ==============================
+ Value Definition
+ ====== ==============================
+ 00b Normal operation
+ 01b Shutdown processing occurring
+ 10b Shutdown processing complete
+ 11b Reserved
+ ====== ==============================
+ The host csts_cfs attribute is a read only attribute. This attribute is set to
+ ’1’ when a fatal controller error occurred that could not be communicated in the
+ appropriate Completion Queue. This bit is cleared to ‘0’ when a fatal controller
+ error has not occurred.
+
+ The host csts_rdy attribute is a read only attribute. This attribute is set to
+ ‘1’ when the controller is ready to process submission queue entries.
+
+ The fw_version attribute is read-only and will return the driver version and the
+ controller firmware version.
+
+SSSRAID scsi device attributes
+------------------------------
+ - /sys/class/scsi_device/X\:X\:X\:X/device/raid_level
+ - /sys/class/scsi_device/X\:X\:X\:X/device/raid_state
+ - /sys/class/scsi_device/X\:X\:X\:X/device/raid_resync
+
+ The device raid_level attribute is a read only attribute. This attribute indicates
+ RAID level of scsi device(will dispaly "NA" if scsi device is not virtual disk type).
+
+ The device raid_state attribute is read-only and indicates RAID status of scsi
+ device(will dispaly "NA" if scsi device is not virtual disk type).
+
+ The device raid_resync attribute is read-only and indicates RAID rebuild processing
+ of scsi device(will dispaly "NA" if scsi device is not virtual disk type).
+
+Supported devices
+=================
+
+ =================== ======= =======================================
+ PCI ID (pci.ids) OEM Product
+ =================== ======= =======================================
+ 1F3F:2100 3SNIC 3S510(HBA:8Ports,1G DDR)
+ 1F3F:2100 3SNIC 3S520(HBA:16Ports,1G DDR)
+ 1F3F:2100 3SNIC 3S530(HBA:32Ports,1G DDR)
+ 1F3F:2100 3SNIC 3S540(HBA:40Ports,1G DDR)
+ 1F3F:2200 3SNIC 3S580(RAID:16Ports,2G cache)
+ 1F3F:2200 3SNIC 3S585(RAID:16Ports,4G cache)
+ 1F3F:2200 3SNIC 3S590(RAID:32Ports,4G cache)
+ 1F3F:2200 3SNIC 3S5A0(RAID:40Ports,2G cache)
+ 1F3F:2200 3SNIC 3S5A5(RAID:40Ports,4G cache)
+ =================== ======= =======================================
diff --git a/MAINTAINERS b/MAINTAINERS
index 9ae209633628..e6470640f764 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -16669,6 +16669,13 @@ M: Jan-Benedict Glaw <jbglaw(a)lug-owl.de>
S: Maintained
F: arch/alpha/kernel/srm_env.c
+SSSRAID SCSI/Raid DRIVERS
+M: Steven Song <steven.song(a)3snic.com>
+L: linux-scsi(a)vger.kernel.org
+S: Maintained
+F: Documentation/scsi/sssraid.rst
+F: drivers/scsi/sssraid/
+
ST LSM6DSx IMU IIO DRIVER
M: Lorenzo Bianconi <lorenzo.bianconi83(a)gmail.com>
L: linux-iio(a)vger.kernel.org
diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig
index 30384eacad4f..dc4ba0d2b694 100644
--- a/arch/arm64/configs/openeuler_defconfig
+++ b/arch/arm64/configs/openeuler_defconfig
@@ -2394,6 +2394,7 @@ CONFIG_SCSI_HISI_SAS_DEBUGFS_DEFAULT_ENABLE=y
# CONFIG_MEGARAID_NEWGEN is not set
# CONFIG_MEGARAID_LEGACY is not set
CONFIG_MEGARAID_SAS=m
+CONFIG_SCSI_3SNIC_SSSRAID=m
CONFIG_SCSI_MPT3SAS=m
CONFIG_SCSI_MPT2SAS_MAX_SGE=128
CONFIG_SCSI_MPT3SAS_MAX_SGE=128
diff --git a/arch/x86/configs/openeuler_defconfig b/arch/x86/configs/openeuler_defconfig
index 5ada612f1d75..df16f123515b 100644
--- a/arch/x86/configs/openeuler_defconfig
+++ b/arch/x86/configs/openeuler_defconfig
@@ -2355,6 +2355,7 @@ CONFIG_SCSI_AACRAID=m
# CONFIG_MEGARAID_LEGACY is not set
CONFIG_MEGARAID_SAS=m
CONFIG_SCSI_MPT3SAS=m
+CONFIG_SCSI_3SNIC_SSSRAID=m
CONFIG_SCSI_MPT2SAS_MAX_SGE=128
CONFIG_SCSI_MPT3SAS_MAX_SGE=128
CONFIG_SCSI_MPT2SAS=m
diff --git a/drivers/scsi/Kconfig b/drivers/scsi/Kconfig
index 0fbe4edeccd0..7339d6179e5a 100644
--- a/drivers/scsi/Kconfig
+++ b/drivers/scsi/Kconfig
@@ -481,6 +481,7 @@ config SCSI_ARCMSR
source "drivers/scsi/esas2r/Kconfig"
source "drivers/scsi/megaraid/Kconfig.megaraid"
+source "drivers/scsi/sssraid/Kconfig"
source "drivers/scsi/mpt3sas/Kconfig"
source "drivers/scsi/smartpqi/Kconfig"
source "drivers/scsi/ufs/Kconfig"
diff --git a/drivers/scsi/Makefile b/drivers/scsi/Makefile
index 78a3c832394c..01bb908fb832 100644
--- a/drivers/scsi/Makefile
+++ b/drivers/scsi/Makefile
@@ -92,6 +92,7 @@ obj-$(CONFIG_SCSI_CHELSIO_FCOE) += csiostor/
obj-$(CONFIG_SCSI_DMX3191D) += dmx3191d.o
obj-$(CONFIG_SCSI_HPSA) += hpsa.o
obj-$(CONFIG_SCSI_SMARTPQI) += smartpqi/
+obj-$(CONFIG_SCSI_3SNIC_SSSRAID) += sssraid/
obj-$(CONFIG_SCSI_SYM53C8XX_2) += sym53c8xx_2/
obj-$(CONFIG_SCSI_ZALON) += zalon7xx.o
obj-$(CONFIG_SCSI_DC395x) += dc395x.o
diff --git a/drivers/scsi/sssraid/Kconfig b/drivers/scsi/sssraid/Kconfig
new file mode 100644
index 000000000000..769f68732bf3
--- /dev/null
+++ b/drivers/scsi/sssraid/Kconfig
@@ -0,0 +1,14 @@
+#
+# Kernel configuration file for the 3SNIC
+#
+
+config SCSI_3SNIC_SSSRAID
+ tristate "3SNIC sssraid Adapter"
+ depends on PCI && SCSI
+ select BLK_DEV_BSGLIB
+ depends on ARM64 || X86_64
+ help
+ This driver supports 3SNIC 3S5xx serial RAID controller, which has
+ PCI Express Gen4 interface with host and supports SAS/SATA HDD/SSD.
+ To compile this driver as a module, choose M here: the module will
+ be called sssraid.
diff --git a/drivers/scsi/sssraid/Makefile b/drivers/scsi/sssraid/Makefile
new file mode 100644
index 000000000000..c80605866b42
--- /dev/null
+++ b/drivers/scsi/sssraid/Makefile
@@ -0,0 +1,7 @@
+#
+# Makefile for the 3SNIC sssraid drivers.
+#
+
+obj-$(CONFIG_SCSI_3SNIC_SSSRAID) += sssraid.o
+
+sssraid-objs := sssraid_os.o sssraid_fw.o
diff --git a/drivers/scsi/sssraid/sssraid.h b/drivers/scsi/sssraid/sssraid.h
new file mode 100644
index 000000000000..bae668ef9c98
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid.h
@@ -0,0 +1,971 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#ifndef __SSSRAID_H_
+#define __SSSRAID_H_
+
+#define SSSRAID_DRIVER_VERSION "1.0.0.0"
+#define SSSRAID_DRIVER_RELDATE "12-December-2022"
+
+#define SSSRAID_DRIVER_NAME "sssraid"
+
+#define SSSRAID_NAME_LENGTH 32
+
+/*
+ * SSSRAID Vendor ID and Device IDs
+ */
+#define PCI_VENDOR_ID_3SNIC_LOGIC 0x1F3F
+
+#define SSSRAID_SERVER_DEVICE_HBA_DID 0x2100
+#define SSSRAID_SERVER_DEVICE_RAID_DID 0x2200
+
+#define SSSRAID_CAP_MQES(cap) ((cap) & 0xffff)
+#define SSSRAID_CAP_STRIDE(cap) (((cap) >> 32) & 0xf)
+#define SSSRAID_CAP_MPSMIN(cap) (((cap) >> 48) & 0xf)
+#define SSSRAID_CAP_MPSMAX(cap) (((cap) >> 52) & 0xf)
+#define SSSRAID_CAP_TIMEOUT(cap) (((cap) >> 24) & 0xff)
+#define SSSRAID_CAP_DMAMASK(cap) (((cap) >> 37) & 0xff)
+
+#define SSSRAID_DEFAULT_MAX_CHANNEL 4
+#define SSSRAID_DEFAULT_MAX_ID 240
+#define SSSRAID_DEFAULT_MAX_LUN_PER_HOST 8
+#define MAX_SECTORS 2048
+
+/*
+ * Time define
+ */
+#define SSSRAID_WATCHDOG_INTERVAL 1000 /* in milli seconds */
+#define SSSRAID_PORTENABLE_TIMEOUT 300
+
+/*
+ * SSSRAID queue and entry size for Admin and I/O type
+ */
+#define IO_SQE_SIZE sizeof(struct sssraid_ioq_command)
+#define ADMIN_SQE_SIZE sizeof(struct sssraid_admin_command)
+#define SQE_SIZE(qid) (((qid) > 0) ? IO_SQE_SIZE : ADMIN_SQE_SIZE)
+#define CQ_SIZE(depth) ((depth) * sizeof(struct sssraid_completion))
+#define SQ_SIZE(qid, depth) ((depth) * SQE_SIZE(qid))
+
+#define SENSE_SIZE(depth) ((depth) * SCSI_SENSE_BUFFERSIZE)
+
+#define SSSRAID_AQ_DEPTH 128
+#define SSSRAID_NR_AEN_COMMANDS 16
+#define SSSRAID_AQ_BLK_MQ_DEPTH (SSSRAID_AQ_DEPTH - SSSRAID_NR_AEN_COMMANDS)
+#define SSSRAID_AQ_MQ_TAG_DEPTH (SSSRAID_AQ_BLK_MQ_DEPTH - 1)
+
+#define SSSRAID_ADMIN_QUEUE_NUM 1
+#define SSSRAID_PTCMDS_PERQ 1
+#define SSSRAID_IO_BLK_MQ_DEPTH (hdev->scsi_qd)
+#define SSSRAID_NR_IOQ_PTCMDS (SSSRAID_PTCMDS_PERQ * hdev->shost->nr_hw_queues)
+
+#define FUA_MASK 0x08
+#define SSSRAID_MINORS BIT(MINORBITS)
+#define SSSRAID_RW_FUA BIT(14)
+
+#define COMMAND_IS_WRITE(cmd) ((cmd)->common.opcode & 1)
+
+#define SSSRAID_IO_IOSQES 7
+#define SSSRAID_IO_IOCQES 4
+#define PRP_ENTRY_SIZE 8
+
+#define SMALL_POOL_SIZE 256
+#define MAX_SMALL_POOL_NUM 16
+#define MAX_CMD_PER_DEV 64
+#define MAX_CDB_LEN 16
+
+#define SSSRAID_UP_TO_MULTY4(x) (((x) + 4) & (~0x03))
+
+#define CQE_STATUS_SUCCESS (0x0)
+
+#define IO_6_DEFAULT_TX_LEN 256
+
+#define SGES_PER_PAGE (PAGE_SIZE / sizeof(struct sssraid_sgl_desc))
+
+#define SSSRAID_CAP_TIMEOUT_UNIT_MS (HZ / 2)
+
+extern u32 admin_tmout;
+#define ADMIN_TIMEOUT (admin_tmout * HZ)
+
+#define SSSRAID_WAIT_ABNL_CMD_TIMEOUT 6
+
+#define SSSRAID_DMA_MSK_BIT_MAX 64
+
+enum {
+ SSSRAID_SGL_FMT_DATA_DESC = 0x00,
+ SSSRAID_SGL_FMT_SEG_DESC = 0x02,
+ SSSRAID_SGL_FMT_LAST_SEG_DESC = 0x03,
+ SSSRAID_KEY_SGL_FMT_DATA_DESC = 0x04,
+ SSSRAID_TRANSPORT_SGL_DATA_DESC = 0x05
+};
+
+
+enum {
+ SSSRAID_REQ_CANCELLED = (1 << 0),
+ SSSRAID_REQ_USERCMD = (1 << 1),
+};
+
+enum {
+ SSSRAID_SC_SUCCESS = 0x0,
+ SSSRAID_SC_INVALID_OPCODE = 0x1,
+ SSSRAID_SC_INVALID_FIELD = 0x2,
+
+ SSSRAID_SC_ABORT_LIMIT = 0x103,
+ SSSRAID_SC_ABORT_MISSING = 0x104,
+ SSSRAID_SC_ASYNC_LIMIT = 0x105,
+
+ SSSRAID_SC_DNR = 0x4000,
+};
+
+enum {
+ SSSRAID_REG_CAP = 0x0000,
+ SSSRAID_REG_CC = 0x0014,
+ SSSRAID_REG_CSTS = 0x001c,
+ SSSRAID_REG_AQA = 0x0024,
+ SSSRAID_REG_ASQ = 0x0028,
+ SSSRAID_REG_ACQ = 0x0030,
+ SSSRAID_REG_DBS = 0x1000,
+};
+
+enum {
+ SSSRAID_CC_ENABLE = 1 << 0,
+ SSSRAID_CC_CSS_NVM = 0 << 4,
+ SSSRAID_CC_MPS_SHIFT = 7,
+ SSSRAID_CC_AMS_SHIFT = 11,
+ SSSRAID_CC_SHN_SHIFT = 14,
+ SSSRAID_CC_IOSQES_SHIFT = 16,
+ SSSRAID_CC_IOCQES_SHIFT = 20,
+ SSSRAID_CC_AMS_RR = 0 << SSSRAID_CC_AMS_SHIFT,
+ SSSRAID_CC_SHN_NONE = 0 << SSSRAID_CC_SHN_SHIFT,
+ SSSRAID_CC_IOSQES = SSSRAID_IO_IOSQES << SSSRAID_CC_IOSQES_SHIFT,
+ SSSRAID_CC_IOCQES = SSSRAID_IO_IOCQES << SSSRAID_CC_IOCQES_SHIFT,
+ SSSRAID_CC_SHN_NORMAL = 1 << SSSRAID_CC_SHN_SHIFT,
+ SSSRAID_CC_SHN_MASK = 3 << SSSRAID_CC_SHN_SHIFT,
+ SSSRAID_CSTS_CFS_SHIFT = 1,
+ SSSRAID_CSTS_SHST_SHIFT = 2,
+ SSSRAID_CSTS_PP_SHIFT = 5,
+ SSSRAID_CSTS_RDY = 1 << 0,
+ SSSRAID_CSTS_SHST_CMPLT = 2 << 2,
+ SSSRAID_CSTS_SHST_MASK = 3 << 2,
+ SSSRAID_CSTS_CFS_MASK = 1 << SSSRAID_CSTS_CFS_SHIFT,
+ SSSRAID_CSTS_PP_MASK = 1 << SSSRAID_CSTS_PP_SHIFT,
+};
+
+enum {
+ SSSRAID_ADMIN_DELETE_SQ = 0x00,
+ SSSRAID_ADMIN_CREATE_SQ = 0x01,
+ SSSRAID_ADMIN_DELETE_CQ = 0x04,
+ SSSRAID_ADMIN_CREATE_CQ = 0x05,
+ SSSRAID_ADMIN_ABORT_CMD = 0x08,
+ SSSRAID_ADMIN_SET_FEATURES = 0x09,
+ SSSRAID_ADMIN_ASYNC_EVENT = 0x0c,
+ SSSRAID_ADMIN_GET_INFO = 0xc6,
+ SSSRAID_ADMIN_RESET = 0xc8,
+};
+
+enum {
+ SSSRAID_GET_INFO_CTRL = 0,
+ SSSRAID_GET_INFO_DEV_LIST = 1,
+};
+
+enum sssraid_scsi_rst_type {
+ SSSRAID_RESET_TARGET = 0,
+ SSSRAID_RESET_BUS = 1,
+};
+
+enum {
+ SSSRAID_AEN_ERROR = 0,
+ SSSRAID_AEN_NOTICE = 2,
+ SSSRAID_AEN_VS = 7,
+};
+
+enum {
+ SSSRAID_AEN_DEV_CHANGED = 0x00,
+ SSSRAID_AEN_FW_ACT_START = 0x01,
+ SSSRAID_AEN_HOST_PROBING = 0x10,
+};
+
+enum {
+ SSSRAID_AEN_TIMESYN = 0x00,
+ SSSRAID_AEN_FW_ACT_FINISH = 0x02,
+ SSSRAID_AEN_EVENT_MIN = 0x80,
+ SSSRAID_AEN_EVENT_MAX = 0xff,
+};
+
+enum {
+ SSSRAID_CMD_WRITE = 0x01,
+ SSSRAID_CMD_READ = 0x02,
+
+ SSSRAID_CMD_NONIO_NONE = 0x80,
+ SSSRAID_CMD_NONIO_TODEV = 0x81,
+ SSSRAID_CMD_NONIO_FROMDEV = 0x82,
+};
+
+enum {
+ SSSRAID_QUEUE_PHYS_CONTIG = (1 << 0),
+ SSSRAID_CQ_IRQ_ENABLED = (1 << 1),
+
+ SSSRAID_FEAT_NUM_QUEUES = 0x07,
+ SSSRAID_FEAT_ASYNC_EVENT = 0x0b,
+ SSSRAID_FEAT_TIMESTAMP = 0x0e,
+};
+
+enum sssraid_state {
+ SSSRAID_NEW,
+ SSSRAID_LIVE,
+ SSSRAID_RESETTING,
+ SSSRAID_DELETING,
+ SSSRAID_DEAD,
+};
+
+enum {
+ SSSRAID_CARD_HBA,
+ SSSRAID_CARD_RAID,
+};
+
+enum sssraid_cmd_type {
+ SSSRAID_CMD_ADM,
+ SSSRAID_CMD_IOPT,
+};
+
+/*
+ * SSSRAID completion queue entry struct
+ */
+struct sssraid_completion {
+ __le32 result;
+ union {
+ struct {
+ __u8 sense_len;
+ __u8 resv[3];
+ };
+ __le32 result1;
+ };
+ __le16 sq_head;
+ __le16 sq_id;
+ __le16 cmd_id;
+ __le16 status;
+};
+
+/*
+ * SSSRAID firmware controller properties
+ */
+struct sssraid_ctrl_info {
+ __le32 nd;
+ __le16 max_cmds;
+ __le16 max_channel;
+ __le32 max_tgt_id;
+ __le16 max_lun;
+ __le16 max_num_sge;
+ __le16 lun_num_in_boot;
+ __u8 mdts;
+ __u8 acl;
+ __u8 aerl;
+ __u8 card_type;
+ __u16 rsvd;
+ __le32 rtd3e;
+ __u8 sn[32];
+ __u8 fr[16];
+ __u8 rsvd1[4020];
+};
+
+struct sssraid_intr_info {
+ struct sssraid_dev *hdev;
+ u16 msix_index;
+ struct sssraid_cqueue *cqinfo;
+ char name[SSSRAID_NAME_LENGTH];
+};
+
+struct sssraid_fwevt {
+ struct list_head list;
+ struct work_struct work;
+ struct sssraid_dev *hdev;
+ u16 event_id;
+ bool send_ack;
+ bool process_evt;
+ u32 evt_ctx;
+ struct kref ref_count;
+ char event_data[0] __aligned(4);
+};
+
+/*
+ * SSSRAID private device struct definition
+ */
+struct sssraid_dev {
+ struct pci_dev *pdev;
+ struct Scsi_Host *shost;
+ struct sssraid_squeue *sqinfo;
+ struct sssraid_cqueue *cqinfo;
+ struct dma_pool *prp_page_pool;
+ struct dma_pool *prp_small_pool[MAX_SMALL_POOL_NUM];
+ void __iomem *bar;
+
+ u32 init_done_queue_cnt;
+ u32 ioq_depth;
+ u32 db_stride;
+ u32 __iomem *dbs;
+ struct rw_semaphore devices_rwsem;
+ int numa_node;
+ u32 page_size;
+ u32 ctrl_config;
+ u64 cap;
+ u32 instance;
+ u32 scsi_qd;
+ struct sssraid_ctrl_info *ctrl_info;
+ struct sssraid_dev_info *devices;
+
+ int logging_level;
+
+ char name[SSSRAID_NAME_LENGTH];
+ int cpu_count;
+ /*
+ * before_affinity_msix_cnt is
+ * min("FW support IO Queue count", num_online_cpus)+1
+ */
+ u16 before_affinity_msix_cnt;
+
+ struct sssraid_cmd *adm_cmds;
+ struct list_head adm_cmd_list;
+ spinlock_t adm_cmd_lock;
+
+ struct sssraid_cmd *ioq_ptcmds;
+ struct list_head ioq_pt_list;
+ spinlock_t ioq_pt_lock;
+
+ int reset_flag;
+
+ enum sssraid_state state;
+ spinlock_t state_lock;
+
+ struct request_queue *bsg_queue;
+
+ u8 intr_enabled;
+
+ struct sssraid_intr_info *intr_info;
+ u32 intr_info_count;
+
+ char watchdog_work_q_name[20];
+ struct workqueue_struct *watchdog_work_q;
+ struct delayed_work watchdog_work;
+ spinlock_t watchdog_lock;
+
+ char fwevt_worker_name[SSSRAID_NAME_LENGTH];
+ struct workqueue_struct *fwevt_worker_thread;
+ spinlock_t fwevt_lock;
+ struct list_head fwevt_list;
+
+ struct sssraid_fwevt *current_event;
+};
+
+/*
+ * SSSRAID scatter list descriptor
+ */
+struct sssraid_sgl_desc {
+ __le64 addr;
+ __le32 length;
+ __u8 rsvd[3];
+ __u8 type;
+};
+
+union sssraid_data_ptr {
+ struct {
+ __le64 prp1;
+ __le64 prp2;
+ };
+ struct sssraid_sgl_desc sgl;
+};
+
+/*
+ * SSSRAID general admin class command format struct
+ */
+struct sssraid_admin_common_command {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le32 cdw2[4];
+ union sssraid_data_ptr dptr;
+ __le32 cdw10;
+ __le32 cdw11;
+ __le32 cdw12;
+ __le32 cdw13;
+ __le32 cdw14;
+ __le32 cdw15;
+};
+
+struct sssraid_features {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u64 rsvd2[2];
+ union sssraid_data_ptr dptr;
+ __le32 fid;
+ __le32 dword11;
+ __le32 dword12;
+ __le32 dword13;
+ __le32 dword14;
+ __le32 dword15;
+};
+
+/*
+ * SSSRAID create completion queue command struct
+ */
+struct sssraid_create_cq {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __u32 rsvd1[5];
+ __le64 prp1;
+ __u64 rsvd8;
+ __le16 cqid;
+ __le16 qsize;
+ __le16 cq_flags;
+ __le16 irq_vector;
+ __u32 rsvd12[4];
+};
+
+/*
+ * SSSRAID create submission queue command struct
+ */
+struct sssraid_create_sq {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __u32 rsvd1[5];
+ __le64 prp1;
+ __u64 rsvd8;
+ __le16 sqid;
+ __le16 qsize;
+ __le16 sq_flags;
+ __le16 cqid;
+ __u32 rsvd12[4];
+};
+
+/*
+ * SSSRAID delete submission queue command struct
+ */
+struct sssraid_delete_queue {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __u32 rsvd1[9];
+ __le16 qid;
+ __u16 rsvd10;
+ __u32 rsvd11[5];
+};
+
+/*
+ * SSSRAID access to information command struct
+ */
+struct sssraid_get_info {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u32 rsvd2[4];
+ union sssraid_data_ptr dptr;
+ __u8 type;
+ __u8 rsvd10[3];
+ __le32 cdw11;
+ __u32 rsvd12[4];
+};
+
+/*
+ * User command struct
+ */
+struct sssraid_usr_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ union {
+ struct {
+ __le16 subopcode;
+ __le16 rsvd1;
+ } info_0;
+ __le32 cdw2;
+ };
+ union {
+ struct {
+ __le16 data_len;
+ __le16 param_len;
+ } info_1;
+ __le32 cdw3;
+ };
+ __u64 metadata;
+ union sssraid_data_ptr dptr;
+ __le32 cdw10;
+ __le32 cdw11;
+ __le32 cdw12;
+ __le32 cdw13;
+ __le32 cdw14;
+ __le32 cdw15;
+};
+
+enum {
+ SSSRAID_CMD_FLAG_SGL_METABUF = (1 << 6),
+ SSSRAID_CMD_FLAG_SGL_METASEG = (1 << 7),
+ SSSRAID_CMD_FLAG_SGL_ALL = SSSRAID_CMD_FLAG_SGL_METABUF | SSSRAID_CMD_FLAG_SGL_METASEG,
+};
+
+enum sssraid_cmd_state {
+ SSSRAID_CMD_IDLE = 0,
+ SSSRAID_CMD_IN_FLIGHT = 1,
+ SSSRAID_CMD_COMPLETE = 2,
+ SSSRAID_CMD_TIMEOUT = 3,
+ SSSRAID_CMD_TMO_COMPLETE = 4,
+};
+
+/*
+ * SSSRAID abort command struct
+ */
+struct sssraid_abort_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u64 rsvd2[4];
+ __le16 sqid;
+ __le16 cid;
+ __u32 rsvd11[5];
+};
+
+/*
+ * SSSRAID reset command struct
+ */
+struct sssraid_reset_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u64 rsvd2[4];
+ __u8 type;
+ __u8 rsvd10[3];
+ __u32 rsvd11[5];
+};
+
+/*
+ * SSSRAID admin class command set struct
+ */
+struct sssraid_admin_command {
+ union {
+ struct sssraid_admin_common_command common;
+ struct sssraid_features features;
+ struct sssraid_create_cq create_cq;
+ struct sssraid_create_sq create_sq;
+ struct sssraid_delete_queue delete_queue;
+ struct sssraid_get_info get_info;
+ struct sssraid_abort_cmd abort;
+ struct sssraid_reset_cmd reset;
+ struct sssraid_usr_cmd usr_cmd;
+ };
+};
+
+/*
+ * SSSRAID general IO class command format struct
+ */
+struct sssraid_ioq_common_command {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le16 sense_len;
+ __u8 cdb_len;
+ __u8 rsvd2;
+ __le32 cdw3[3];
+ union sssraid_data_ptr dptr;
+ __le32 cdw10[6];
+ __u8 cdb[32];
+ __le64 sense_addr;
+ __le32 cdw26[6];
+};
+
+/*
+ * SSSRAID read or write command struct
+ */
+struct sssraid_rw_command {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le16 sense_len;
+ __u8 cdb_len;
+ __u8 rsvd2;
+ __u32 rsvd3[3];
+ union sssraid_data_ptr dptr;
+ __le64 slba;
+ __le16 nlb;
+ __le16 control;
+ __u32 rsvd13[3];
+ __u8 cdb[32];
+ __le64 sense_addr;
+ __u32 rsvd26[6];
+};
+
+struct sssraid_scsi_nonio {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le16 sense_len;
+ __u8 cdb_length;
+ __u8 rsvd2;
+ __u32 rsvd3[3];
+ union sssraid_data_ptr dptr;
+ __u32 rsvd10[5];
+ __le32 buffer_len;
+ __u8 cdb[32];
+ __le64 sense_addr;
+ __u32 rsvd26[6];
+};
+
+/*
+ * SSSRAID IO class command struct
+ */
+struct sssraid_ioq_command {
+ union {
+ struct sssraid_ioq_common_command common;
+ struct sssraid_rw_command rw;
+ struct sssraid_scsi_nonio scsi_nonio;
+ };
+};
+
+/*
+ * SSSRAID passthru command struct
+ */
+struct sssraid_passthru_common_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __u16 rsvd0;
+ __u32 nsid;
+ union {
+ struct {
+ __u16 subopcode;
+ __u16 rsvd1;
+ } info_0;
+ __u32 cdw2;
+ };
+ union {
+ struct {
+ __u16 data_len;
+ __u16 param_len;
+ } info_1;
+ __u32 cdw3;
+ };
+ __u64 metadata;
+
+ __u64 addr;
+ __u64 prp2;
+
+ __u32 cdw10;
+ __u32 cdw11;
+ __u32 cdw12;
+ __u32 cdw13;
+ __u32 cdw14;
+ __u32 cdw15;
+ __u32 timeout_ms;
+ __u32 result0;
+ __u32 result1;
+};
+
+struct sssraid_ioq_passthru_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __u16 rsvd0;
+ __u32 nsid;
+ union {
+ struct {
+ __u16 res_sense_len;
+ __u8 cdb_len;
+ __u8 rsvd0;
+ } info_0;
+ __u32 cdw2;
+ };
+ union {
+ struct {
+ __u16 subopcode;
+ __u16 rsvd1;
+ } info_1;
+ __u32 cdw3;
+ };
+ union {
+ struct {
+ __u16 rsvd;
+ __u16 param_len;
+ } info_2;
+ __u32 cdw4;
+ };
+ __u32 cdw5;
+ __u64 addr;
+ __u64 prp2;
+ union {
+ struct {
+ __u16 eid;
+ __u16 sid;
+ } info_3;
+ __u32 cdw10;
+ };
+ union {
+ struct {
+ __u16 did;
+ __u8 did_flag;
+ __u8 rsvd2;
+ } info_4;
+ __u32 cdw11;
+ };
+ __u32 cdw12;
+ __u32 cdw13;
+ __u32 cdw14;
+ __u32 data_len;
+ __u32 cdw16;
+ __u32 cdw17;
+ __u32 cdw18;
+ __u32 cdw19;
+ __u32 cdw20;
+ __u32 cdw21;
+ __u32 cdw22;
+ __u32 cdw23;
+ __u64 sense_addr;
+ __u32 cdw26[4];
+ __u32 timeout_ms;
+ __u32 result0;
+ __u32 result1;
+};
+
+struct sssraid_bsg_request {
+ u32 msgcode;
+ u32 control;
+ union {
+ struct sssraid_passthru_common_cmd admcmd;
+ struct sssraid_ioq_passthru_cmd ioqcmd;
+ };
+};
+
+enum {
+ SSSRAID_BSG_ADM,
+ SSSRAID_BSG_IOQ,
+};
+
+/*
+ * define the transfer command struct
+ */
+struct sssraid_cmd {
+ u16 qid;
+ u16 cid;
+ u32 result0;
+ u32 result1;
+ u16 status;
+ void *priv;
+ enum sssraid_cmd_state state;
+ struct completion cmd_done;
+ struct list_head list;
+};
+
+/*
+ * define the SSSRAID physical queue struct
+ */
+struct sssraid_squeue {
+ struct sssraid_dev *hdev;
+ spinlock_t sq_lock; /* spinlock for lock handling */
+
+ void *sq_cmds;
+
+ dma_addr_t sq_dma_addr;
+ u32 __iomem *q_db;
+ u8 cq_phase;
+ u8 sqes;
+ u16 qidx;
+ u16 sq_tail;
+ u16 last_cq_head;
+ u16 q_depth;
+ void *sense;
+ dma_addr_t sense_dma_addr;
+ struct dma_pool *prp_small_pool;
+};
+
+struct sssraid_cqueue {
+ struct sssraid_dev *hdev;
+
+ spinlock_t cq_lock ____cacheline_aligned_in_smp; /* spinlock for lock handling */
+
+ struct sssraid_completion *cqes;
+
+ dma_addr_t cq_dma_addr;
+ u8 cq_phase;
+ u16 cq_head;
+ u16 last_cq_head;
+};
+
+/*
+ * define the SSSRAID IO queue descriptor struct
+ */
+struct sssraid_iod {
+ struct sssraid_squeue *sqinfo;
+ enum sssraid_cmd_state state;
+ int npages;
+ u32 nsge;
+ u32 length;
+ bool use_sgl;
+ dma_addr_t first_dma;
+ void *sense;
+ dma_addr_t sense_dma;
+ struct scatterlist *sg;
+ void *list[0];
+};
+
+/*
+ * define the SSSRAID scsi device attribution and information
+ */
+#define SSSRAID_DEV_INFO_ATTR_BOOT(attr) ((attr) & 0x01)
+#define SSSRAID_DEV_INFO_ATTR_VD(attr) (((attr) & 0x02) == 0x0)
+#define SSSRAID_DEV_INFO_ATTR_PT(attr) (((attr) & 0x22) == 0x02)
+#define SSSRAID_DEV_INFO_ATTR_RAWDISK(attr) ((attr) & 0x20)
+#define SSSRAID_DEV_DISK_TYPE(attr) ((attr) & 0x1e)
+
+#define SSSRAID_DEV_INFO_FLAG_VALID(flag) ((flag) & 0x01)
+#define SSSRAID_DEV_INFO_FLAG_CHANGE(flag) ((flag) & 0x02)
+
+/*
+ * define the SSSRAID scsi device identifier
+ */
+enum {
+ SSSRAID_SAS_HDD_VD = 0x04,
+ SSSRAID_SATA_HDD_VD = 0x08,
+ SSSRAID_SAS_SSD_VD = 0x0c,
+ SSSRAID_SATA_SSD_VD = 0x10,
+ SSSRAID_NVME_SSD_VD = 0x14,
+ SSSRAID_SAS_HDD_PD = 0x06,
+ SSSRAID_SATA_HDD_PD = 0x0a,
+ SSSRAID_SAS_SSD_PD = 0x0e,
+ SSSRAID_SATA_SSD_PD = 0x12,
+ SSSRAID_NVME_SSD_PD = 0x16,
+};
+
+/*
+ * define the SSSRAID scsi device queue depth
+ */
+#define SSSRAID_HDD_PD_QD 64
+#define SSSRAID_HDD_VD_QD 256
+#define SSSRAID_SSD_PD_QD 64
+#define SSSRAID_SSD_VD_QD 256
+
+#define BGTASK_TYPE_REBUILD 4
+#define USR_CMD_READ 0xc2
+#define USR_CMD_RDLEN 0x1000
+#define USR_CMD_VDINFO 0x704
+#define USR_CMD_BGTASK 0x504
+#define VDINFO_PARAM_LEN 0x04
+
+/*
+ * SSSRAID virtual device information struct
+ */
+struct sssraid_vd_info {
+ __u8 name[32];
+ __le16 id;
+ __u8 rg_id;
+ __u8 rg_level;
+ __u8 sg_num;
+ __u8 sg_disk_num;
+ __u8 vd_status;
+ __u8 vd_type;
+ __u8 rsvd1[4056];
+};
+
+#define MAX_REALTIME_BGTASK_NUM 32
+
+struct bgtask_info {
+ __u8 type;
+ __u8 progress;
+ __u8 rate;
+ __u8 rsvd0;
+ __le16 vd_id;
+ __le16 time_left;
+ __u8 rsvd1[4];
+};
+
+struct sssraid_bgtask {
+ __u8 sw;
+ __u8 task_num;
+ __u8 rsvd[6];
+ struct bgtask_info bgtask[MAX_REALTIME_BGTASK_NUM];
+};
+
+/*
+ * SSSRAID scsi device information struct
+ */
+struct sssraid_dev_info {
+ __le32 hdid;
+ __le16 target;
+ __u8 channel;
+ __u8 lun;
+ __u8 attr;
+ __u8 flag;
+ __le16 max_io_kb;
+};
+
+#define IOQ_PT_DATA_LEN 4096
+#define MAX_DEV_ENTRY_PER_PAGE_4K 340
+struct sssraid_dev_list {
+ __le32 dev_num;
+ __u32 rsvd0[3];
+ struct sssraid_dev_info devices[MAX_DEV_ENTRY_PER_PAGE_4K];
+};
+
+/*
+ * SSSRAID scsi device host data struct
+ */
+struct sssraid_sdev_hostdata {
+ u32 hdid;
+ u16 max_io_kb;
+ u8 attr;
+ u8 flag;
+ u8 rg_id;
+ u8 rsvd[3];
+};
+
+extern unsigned char small_pool_num;
+extern u32 io_queue_depth;
+irqreturn_t sssraid_isr_poll(int irq, void *privdata);
+bool sssraid_poll_cq(struct sssraid_dev *hdev, u16 qidx, int cid);
+void sssraid_submit_cmd(struct sssraid_squeue *sqinfo, const void *cmd);
+int sssraid_get_dev_list(struct sssraid_dev *hdev, struct sssraid_dev_info *devices);
+int sssraid_submit_admin_sync_cmd(struct sssraid_dev *hdev, struct sssraid_admin_command *cmd,
+ u32 *result0, u32 *result1, u32 timeout);
+int sssraid_send_abort_cmd(struct sssraid_dev *hdev, u32 hdid, u16 qidx, u16 cid);
+int sssraid_send_reset_cmd(struct sssraid_dev *hdev, u8 type, u32 hdid);
+void sssraid_adm_timeout(struct sssraid_dev *hdev, struct sssraid_cmd *cmd);
+int sssraid_init_ioc(struct sssraid_dev *hdev, u8 re_init);
+void sssraid_cleanup_ioc(struct sssraid_dev *hdev, u8 re_init);
+int sssraid_soft_reset_handler(struct sssraid_dev *hdev);
+void sssraid_free_iod_res(struct sssraid_dev *hdev, struct sssraid_iod *iod);
+bool sssraid_change_host_state(struct sssraid_dev *hdev, enum sssraid_state newstate);
+int sssraid_configure_timestamp(struct sssraid_dev *hdev);
+int sssraid_init_ctrl_info(struct sssraid_dev *hdev);
+struct sssraid_cmd *sssraid_get_cmd(struct sssraid_dev *hdev, enum sssraid_cmd_type type);
+void sssraid_put_cmd(struct sssraid_dev *hdev, struct sssraid_cmd *cmd,
+ enum sssraid_cmd_type type);
+int sssraid_send_event_ack(struct sssraid_dev *hdev, u8 event,
+ u32 event_ctx, u16 cid);
+struct sssraid_fwevt *sssraid_alloc_fwevt(int len);
+void sssraid_fwevt_add_to_list(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt);
+void sssraid_cleanup_fwevt_list(struct sssraid_dev *hdev);
+void sssraid_ioc_enable_intr(struct sssraid_dev *hdev);
+void sssraid_ioc_disable_intr(struct sssraid_dev *hdev);
+void sssraid_cleanup_resources(struct sssraid_dev *hdev);
+void sssraid_complete_cqes(struct sssraid_dev *hdev, u16 qidx, u16 start, u16 end);
+int sssraid_io_map_data(struct sssraid_dev *hdev, struct sssraid_iod *iod,
+ struct scsi_cmnd *scmd, struct sssraid_ioq_command *ioq_cmd);
+void sssraid_map_status(struct sssraid_iod *iod, struct scsi_cmnd *scmd,
+ struct sssraid_completion *cqe);
+void sssraid_scan_disk(struct sssraid_dev *hdev);
+void sssraid_complete_aen(struct sssraid_dev *hdev, struct sssraid_completion *cqe);
+void sssraid_back_all_io(struct sssraid_dev *hdev);
+
+static inline void **sssraid_iod_list(struct sssraid_iod *iod)
+{
+ return iod->list;
+}
+
+#end
diff --git a/drivers/scsi/sssraid/sssraid_debug.h b/drivers/scsi/sssraid/sssraid_debug.h
new file mode 100644
index 000000000000..d48c57e275f7
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid_debug.h
@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#ifndef SSSRAID_DEBUG_H_INCLUDED
+#define SSSRAID_DEBUG_H_INCLUDED
+
+/*
+ * debug levels
+ */
+#define SSSRAID_DEBUG 0x00000001
+
+/*
+ * debug macros
+ */
+
+#define ioc_err(ioc, fmt, ...) \
+ pr_err("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+#define ioc_notice(ioc, fmt, ...) \
+ pr_notice("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+#define ioc_warn(ioc, fmt, ...) \
+ pr_warn("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+#define ioc_info(ioc, fmt, ...) \
+ pr_info("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+
+
+#define dbgprint(IOC, FMT, ...) \
+ do { \
+ if (unlikely(IOC->logging_level & SSSRAID_DEBUG)) \
+ pr_info("%s: " FMT, (IOC)->name, ##__VA_ARGS__); \
+ } while (0)
+
+#endif /* SSSRAID_DEBUG_H_INCLUDED */
diff --git a/drivers/scsi/sssraid/sssraid_fw.c b/drivers/scsi/sssraid/sssraid_fw.c
new file mode 100644
index 000000000000..54287cf70558
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid_fw.c
@@ -0,0 +1,1724 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#include <linux/version.h>
+#include <linux/pci.h>
+#include <linux/aer.h>
+#include <linux/module.h>
+#include <linux/ioport.h>
+#include <linux/device.h>
+#include <linux/delay.h>
+#include <linux/interrupt.h>
+#include <linux/cdev.h>
+#include <linux/sysfs.h>
+#include <linux/gfp.h>
+#include <linux/types.h>
+#include <linux/ratelimit.h>
+#include <linux/debugfs.h>
+#include <linux/blkdev.h>
+#include <linux/bsg-lib.h>
+#include <linux/sort.h>
+
+#include <scsi/scsi.h>
+#include <scsi/scsi_cmnd.h>
+#include <scsi/scsi_device.h>
+#include <scsi/scsi_host.h>
+#include <scsi/scsi_transport.h>
+#include <scsi/scsi_dbg.h>
+
+#include <linux/unaligned/be_byteshift.h>
+#include <linux/unaligned/le_byteshift.h>
+#include <linux/once.h>
+#include <linux/sched/signal.h>
+#include <linux/io-64-nonatomic-lo-hi.h>
+
+#include "sssraid.h"
+#include "sssraid_debug.h"
+
+static int sssraid_wait_ready(struct sssraid_dev *hdev, u64 cap, bool enabled)
+{
+ unsigned long timeout =
+ ((SSSRAID_CAP_TIMEOUT(cap) + 1) * SSSRAID_CAP_TIMEOUT_UNIT_MS) + jiffies;
+ u32 bit = enabled ? SSSRAID_CSTS_RDY : 0;
+
+ while ((readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_RDY) != bit) {
+ usleep_range(1000, 2000);
+ if (fatal_signal_pending(current))
+ return -EINTR;
+
+ if (time_after(jiffies, timeout)) {
+ ioc_err(hdev, "Device not ready; aborting %s\n",
+ enabled ? "initialisation" : "reset");
+ return -ENODEV;
+ }
+ }
+ return 0;
+}
+
+static int sssraid_enable_ctrl(struct sssraid_dev *hdev)
+{
+ u64 cap = hdev->cap;
+ u32 dev_page_min = SSSRAID_CAP_MPSMIN(cap) + 12;
+ u32 page_shift = PAGE_SHIFT;
+
+ if (page_shift < dev_page_min) {
+ ioc_err(hdev, "Minimum device page size[%u], too large for host[%u]\n",
+ 1U << dev_page_min, 1U << page_shift);
+ return -ENODEV;
+ }
+
+ page_shift = min_t(unsigned int, SSSRAID_CAP_MPSMAX(cap) + 12, PAGE_SHIFT);
+ hdev->page_size = 1U << page_shift;
+
+ hdev->ctrl_config = SSSRAID_CC_CSS_NVM;
+ hdev->ctrl_config |= (page_shift - 12) << SSSRAID_CC_MPS_SHIFT;
+ hdev->ctrl_config |= SSSRAID_CC_AMS_RR | SSSRAID_CC_SHN_NONE;
+ hdev->ctrl_config |= SSSRAID_CC_IOSQES | SSSRAID_CC_IOCQES;
+ hdev->ctrl_config |= SSSRAID_CC_ENABLE;
+ writel(hdev->ctrl_config, hdev->bar + SSSRAID_REG_CC);
+
+ return sssraid_wait_ready(hdev, cap, true);
+}
+
+static int sssraid_disable_ctrl(struct sssraid_dev *hdev)
+{
+ hdev->ctrl_config &= ~SSSRAID_CC_SHN_MASK;
+ hdev->ctrl_config &= ~SSSRAID_CC_ENABLE;
+ writel(hdev->ctrl_config, hdev->bar + SSSRAID_REG_CC);
+
+ return sssraid_wait_ready(hdev, hdev->cap, false);
+}
+
+static int sssraid_shutdown_ctrl(struct sssraid_dev *hdev)
+{
+ unsigned long timeout = le32_to_cpu(hdev->ctrl_info->rtd3e) / 1000000 * HZ + jiffies;
+
+ hdev->ctrl_config &= ~SSSRAID_CC_SHN_MASK;
+ hdev->ctrl_config |= SSSRAID_CC_SHN_NORMAL;
+ writel(hdev->ctrl_config, hdev->bar + SSSRAID_REG_CC);
+
+ while ((readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_SHST_MASK) !=
+ SSSRAID_CSTS_SHST_CMPLT) {
+ msleep(100);
+ if (fatal_signal_pending(current))
+ return -EINTR;
+ if (time_after(jiffies, timeout)) {
+ ioc_err(hdev, "Device shutdown incomplete; abort shutdown\n");
+ return -ENODEV;
+ }
+ }
+ return 0;
+}
+
+static int sssraid_remap_bar(struct sssraid_dev *hdev, u32 size)
+{
+ struct pci_dev *pdev = hdev->pdev;
+
+ if (size > pci_resource_len(pdev, 0)) {
+ ioc_err(hdev, "Input size[%u] exceed bar0 length[%llu]\n",
+ size, pci_resource_len(pdev, 0));
+ return -ENODEV;
+ }
+
+ if (hdev->bar)
+ iounmap(hdev->bar);
+
+ hdev->bar = ioremap(pci_resource_start(pdev, 0), size);
+ if (!hdev->bar) {
+ ioc_err(hdev, "ioremap for bar0 failed\n");
+ return -ENODEV;
+ }
+ hdev->dbs = hdev->bar + SSSRAID_REG_DBS;
+
+ return 0;
+}
+
+static int sssraid_create_dma_pools(struct sssraid_dev *hdev)
+{
+ int i;
+ char poolname[20] = { 0 };
+
+ hdev->prp_page_pool = dma_pool_create("prp list page", &hdev->pdev->dev,
+ PAGE_SIZE, PAGE_SIZE, 0);
+
+ if (!hdev->prp_page_pool) {
+ ioc_err(hdev, "create prp_page_pool failed\n");
+ return -ENOMEM;
+ }
+
+ for (i = 0; i < small_pool_num; i++) {
+ sprintf(poolname, "prp_list_256_%d", i);
+ hdev->prp_small_pool[i] = dma_pool_create(poolname, &hdev->pdev->dev,
+ SMALL_POOL_SIZE,
+ SMALL_POOL_SIZE, 0);
+
+ if (!hdev->prp_small_pool[i]) {
+ ioc_err(hdev, "create prp_small_pool %d failed\n", i);
+ goto destroy_prp_small_pool;
+ }
+ }
+
+ return 0;
+
+destroy_prp_small_pool:
+ while (i > 0)
+ dma_pool_destroy(hdev->prp_small_pool[--i]);
+ dma_pool_destroy(hdev->prp_page_pool);
+
+ return -ENOMEM;
+}
+
+static void sssraid_destroy_dma_pools(struct sssraid_dev *hdev)
+{
+ int i;
+
+ for (i = 0; i < small_pool_num; i++)
+ dma_pool_destroy(hdev->prp_small_pool[i]);
+ dma_pool_destroy(hdev->prp_page_pool);
+}
+
+static int sssraid_alloc_resources(struct sssraid_dev *hdev)
+{
+ int retval, nqueue;
+
+ hdev->ctrl_info = kzalloc_node(sizeof(*hdev->ctrl_info), GFP_KERNEL, hdev->numa_node);
+ if (!hdev->ctrl_info)
+ return -ENOMEM;
+
+ retval = sssraid_create_dma_pools(hdev);
+ if (retval)
+ goto free_ctrl_info;
+ /* not num_online_cpus */
+ nqueue = num_possible_cpus() + 1;
+ hdev->cqinfo = kcalloc_node(nqueue, sizeof(struct sssraid_cqueue),
+ GFP_KERNEL, hdev->numa_node);
+ if (!hdev->cqinfo) {
+ retval = -ENOMEM;
+ goto destroy_dma_pools;
+ }
+
+ hdev->sqinfo = kcalloc_node(nqueue, sizeof(struct sssraid_squeue),
+ GFP_KERNEL, hdev->numa_node);
+ if (!hdev->sqinfo) {
+ retval = -ENOMEM;
+ goto free_cqueues;
+ }
+
+ /* sssraid_alloc_admin_cmds moved to sssraid_init_ioc */
+
+ ioc_info(hdev, "queues num: %d\n", nqueue);
+
+ return 0;
+
+free_cqueues:
+ kfree(hdev->cqinfo);
+destroy_dma_pools:
+ sssraid_destroy_dma_pools(hdev);
+free_ctrl_info:
+ kfree(hdev->ctrl_info);
+
+ return retval;
+}
+
+void sssraid_ioc_enable_intr(struct sssraid_dev *hdev)
+{
+ hdev->intr_enabled = 1;
+}
+
+void sssraid_ioc_disable_intr(struct sssraid_dev *hdev)
+{
+ u16 i, max_vectors;
+
+ hdev->intr_enabled = 0;
+ max_vectors = hdev->intr_info_count;
+
+ for (i = 0; i < max_vectors; i++)
+ synchronize_irq(pci_irq_vector(hdev->pdev, i));
+}
+
+static int sssraid_setup_resources(struct sssraid_dev *hdev)
+{
+ struct pci_dev *pdev = hdev->pdev;
+ int retval = 0;
+ u64 maskbit = SSSRAID_DMA_MSK_BIT_MAX;
+
+ if (pci_enable_device_mem(pdev)) {
+ ioc_err(hdev, "pci_enable_device_mem: failed\n");
+ retval = -ENODEV;
+ goto out_failed;
+ }
+
+ retval = pci_request_mem_regions(pdev, SSSRAID_DRIVER_NAME);
+ if (retval) {
+ ioc_err(hdev, "fail to request memory regions\n");
+ retval = -ENODEV;
+ goto out_failed;
+ }
+
+ /* get cap value at first, so keep
+ * sssraid_remap_bar(hdev, SSSRAID_REG_DBS + 4096)
+ * ioremap(pci_resource_start(..)) still in sssraid_remap_bar
+ */
+ retval = sssraid_remap_bar(hdev, SSSRAID_REG_DBS + 4096);
+ if (retval) {
+ retval = -ENODEV;
+ goto out_failed;
+ }
+
+ pci_set_master(pdev);
+
+ if (readl(hdev->bar + SSSRAID_REG_CSTS) == U32_MAX) {
+ retval = -ENODEV;
+ ioc_err(hdev, "Read csts register failed\n");
+ goto out_failed;
+ }
+
+ hdev->cap = lo_hi_readq(hdev->bar + SSSRAID_REG_CAP);
+ hdev->ioq_depth = min_t(u32, SSSRAID_CAP_MQES(hdev->cap) + 1, io_queue_depth);
+ hdev->scsi_qd = hdev->ioq_depth - SSSRAID_PTCMDS_PERQ;
+ hdev->db_stride = 1 << SSSRAID_CAP_STRIDE(hdev->cap);
+
+ maskbit = SSSRAID_CAP_DMAMASK(hdev->cap);
+ if (maskbit < 32 || maskbit > SSSRAID_DMA_MSK_BIT_MAX) {
+ ioc_err(hdev, "err, dma mask invalid[%llu], set to default\n", maskbit);
+ maskbit = SSSRAID_DMA_MSK_BIT_MAX;
+ }
+
+ if (dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(maskbit))) {
+ if (dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(32))) {
+ ioc_err(hdev, "set dma mask[32] and coherent failed\n");
+ retval = -ENODEV;
+ goto out_failed;
+ }
+ ioc_info(hdev, "set dma mask[32] success\n");
+ } else {
+ ioc_info(hdev, "set dma mask[%llu] success\n", maskbit);
+ }
+
+ /* pci_alloc_irq_vectors(pdev, 1, 1, PCI_IRQ_ALL_TYPES) moved to setup_isr */
+
+ pci_set_drvdata(pdev, hdev->shost);
+
+ pci_enable_pcie_error_reporting(pdev);
+ pci_save_state(pdev);
+
+ sssraid_ioc_disable_intr(hdev);
+
+ return retval;
+
+out_failed:
+ sssraid_cleanup_resources(hdev);
+ return retval;
+}
+
+static int sssraid_alloc_admin_cmds(struct sssraid_dev *hdev)
+{
+ u16 i;
+
+ INIT_LIST_HEAD(&hdev->adm_cmd_list);
+ spin_lock_init(&hdev->adm_cmd_lock);
+
+ hdev->adm_cmds = kcalloc_node(SSSRAID_AQ_BLK_MQ_DEPTH, sizeof(struct sssraid_cmd),
+ GFP_KERNEL, hdev->numa_node);
+
+ if (!hdev->adm_cmds) {
+ ioc_err(hdev, "Alloc admin cmds failed\n");
+ return -ENOMEM;
+ }
+
+ for (i = 0; i < SSSRAID_AQ_BLK_MQ_DEPTH; i++) {
+ hdev->adm_cmds[i].qid = 0;
+ hdev->adm_cmds[i].cid = i;
+ list_add_tail(&(hdev->adm_cmds[i].list), &hdev->adm_cmd_list);
+ }
+
+ ioc_info(hdev, "Alloc admin cmds success, num[%d]\n", SSSRAID_AQ_BLK_MQ_DEPTH);
+
+ return 0;
+}
+
+static int sssraid_alloc_qpair(struct sssraid_dev *hdev, u16 qidx, u16 depth)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+ int retval = 0;
+
+ if (hdev->init_done_queue_cnt > qidx) {
+ ioc_info(hdev, "warn: queue[%d] is exist\n", qidx);
+ return 0;
+ }
+
+ cqinfo->cqes = dma_alloc_coherent(&hdev->pdev->dev, CQ_SIZE(depth),
+ &cqinfo->cq_dma_addr, GFP_KERNEL | __GFP_ZERO);
+ if (!cqinfo->cqes)
+ return -ENOMEM;
+
+ sqinfo->sq_cmds = dma_alloc_coherent(&hdev->pdev->dev, SQ_SIZE(qidx, depth),
+ &sqinfo->sq_dma_addr, GFP_KERNEL);
+ if (!sqinfo->sq_cmds) {
+ retval = -ENOMEM;
+ goto free_cqes;
+ }
+
+ /* alloc sense buffer */
+ sqinfo->sense = dma_alloc_coherent(&hdev->pdev->dev, SENSE_SIZE(depth),
+ &sqinfo->sense_dma_addr, GFP_KERNEL | __GFP_ZERO);
+ if (!sqinfo->sense) {
+ retval = -ENOMEM;
+ goto free_sq_cmds;
+ }
+
+ spin_lock_init(&sqinfo->sq_lock);
+ spin_lock_init(&cqinfo->cq_lock);
+ cqinfo->hdev = hdev;
+ sqinfo->hdev = hdev;
+ sqinfo->q_depth = depth;
+ sqinfo->qidx = qidx;
+ /* cq_vector replaced by msix_index */
+
+ /*
+ * online_queues: completely initialized queue count: sssraid_init_queue
+ * queue_count: allocated but not completely initialized queue count: sssraid_alloc_queue
+ * online_queues/queue_count replaced by init_done_queue_cnt.
+ */
+ hdev->init_done_queue_cnt++;
+
+ return 0;
+
+free_sq_cmds:
+ dma_free_coherent(&hdev->pdev->dev, SQ_SIZE(qidx, depth), (void *)sqinfo->sq_cmds,
+ sqinfo->sq_dma_addr);
+free_cqes:
+ dma_free_coherent(&hdev->pdev->dev, CQ_SIZE(depth), (void *)cqinfo->cqes,
+ cqinfo->cq_dma_addr);
+ return retval;
+}
+
+static void sssraid_init_queue(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ memset((void *)cqinfo->cqes, 0, CQ_SIZE(sqinfo->q_depth));
+
+ sqinfo->sq_tail = 0;
+ cqinfo->cq_head = 0;
+ cqinfo->cq_phase = 1;
+ sqinfo->q_db = &hdev->dbs[qidx * 2 * hdev->db_stride];
+ sqinfo->prp_small_pool = hdev->prp_small_pool[qidx % small_pool_num];
+}
+
+static int sssraid_setup_admin_qpair(struct sssraid_dev *hdev)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[0];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[0];
+ u32 aqa;
+ int retval;
+
+ ioc_info(hdev, "start disable ctrl\n");
+
+ retval = sssraid_disable_ctrl(hdev);
+ if (retval)
+ return retval;
+
+ /* this func don't alloc admin queue */
+
+ aqa = sqinfo->q_depth - 1;
+ aqa |= aqa << 16;
+ writel(aqa, hdev->bar + SSSRAID_REG_AQA);
+ lo_hi_writeq(sqinfo->sq_dma_addr, hdev->bar + SSSRAID_REG_ASQ);
+ lo_hi_writeq(cqinfo->cq_dma_addr, hdev->bar + SSSRAID_REG_ACQ);
+
+ ioc_info(hdev, "start enable ctrl\n");
+
+ retval = sssraid_enable_ctrl(hdev);
+ if (retval) {
+ retval = -ENODEV;
+ return retval;
+ }
+
+ /* interrupt registry not here */
+ /* cq_vector replaced by msix_index */
+
+ sssraid_init_queue(hdev, 0);
+
+ ioc_info(hdev, "success, queuecount:[%d], pagesize[%d]\n",
+ hdev->init_done_queue_cnt, hdev->page_size);
+
+ return 0;
+}
+
+static void sssraid_cleanup_isr(struct sssraid_dev *hdev)
+{
+ u16 i;
+
+ sssraid_ioc_disable_intr(hdev);
+
+ if (!hdev->intr_info)
+ return;
+
+ for (i = 0; i < hdev->intr_info_count; i++)
+ free_irq(pci_irq_vector(hdev->pdev, i),
+ (hdev->intr_info + i));
+
+ kfree(hdev->intr_info);
+ hdev->intr_info = NULL;
+ hdev->intr_info_count = 0;
+ pci_free_irq_vectors(hdev->pdev);
+}
+
+static void sssraid_complete_adminq_cmnd(struct sssraid_dev *hdev, u16 qidx,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_cmd *adm_cmd;
+
+ adm_cmd = hdev->adm_cmds + le16_to_cpu(cqe->cmd_id);
+ if (unlikely(adm_cmd->state == SSSRAID_CMD_IDLE)) {
+ ioc_warn(hdev, "Invalid id %d completed on queue %d\n",
+ le16_to_cpu(cqe->cmd_id), le16_to_cpu(cqe->sq_id));
+ return;
+ }
+
+ adm_cmd->status = le16_to_cpu(cqe->status) >> 1;
+ adm_cmd->result0 = le32_to_cpu(cqe->result);
+ adm_cmd->result1 = le32_to_cpu(cqe->result1);
+
+ complete(&adm_cmd->cmd_done);
+}
+
+static inline bool sssraid_cqe_pending(struct sssraid_cqueue *cqinfo)
+{
+ return (le16_to_cpu(cqinfo->cqes[cqinfo->cq_head].status) & 1) ==
+ cqinfo->cq_phase;
+}
+
+static inline void sssraid_update_cq_head(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ if (++cqinfo->cq_head == sqinfo->q_depth) {
+ cqinfo->cq_head = 0;
+ cqinfo->cq_phase = !cqinfo->cq_phase;
+ }
+}
+
+static inline bool sssraid_process_cq(struct sssraid_dev *hdev, u16 qidx, u16 *start,
+ u16 *end, int tag)
+{
+ bool found = false;
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ *start = cqinfo->cq_head;
+ while (!found && sssraid_cqe_pending(cqinfo)) {
+ if (le16_to_cpu(cqinfo->cqes[cqinfo->cq_head].cmd_id) == tag)
+ found = true;
+ sssraid_update_cq_head(hdev, qidx);
+ }
+ *end = cqinfo->cq_head;
+
+ if (*start != *end)
+ writel(cqinfo->cq_head, sqinfo->q_db + sqinfo->hdev->db_stride);
+
+ return found;
+}
+
+static irqreturn_t sssraid_isr(int irq, void *privdata)
+{
+ struct sssraid_intr_info *intr_info = privdata;
+ struct sssraid_dev *hdev = intr_info->hdev;
+ irqreturn_t ret = IRQ_NONE;
+ struct sssraid_cqueue *cqinfo;
+ u16 midx, start, end;
+
+ if (!intr_info)
+ return IRQ_NONE;
+
+ if (!hdev->intr_enabled)
+ return IRQ_NONE;
+
+ midx = intr_info->msix_index;
+ cqinfo = &hdev->cqinfo[midx];
+
+ spin_lock(&cqinfo->cq_lock);
+ if (cqinfo->cq_head != cqinfo->last_cq_head)
+ ret = IRQ_HANDLED;
+
+ sssraid_process_cq(hdev, midx, &start, &end, -1);
+ cqinfo->last_cq_head = cqinfo->cq_head;
+ spin_unlock(&cqinfo->cq_lock);
+
+ if (start != end) {
+ sssraid_complete_cqes(hdev, midx, start, end);
+ ret = IRQ_HANDLED;
+ }
+ return ret;
+}
+
+irqreturn_t sssraid_isr_poll(int irq, void *privdata)
+{
+ return IRQ_NONE;
+}
+
+bool sssraid_poll_cq(struct sssraid_dev *hdev, u16 qidx, int cid)
+{
+ u16 start, end;
+ bool found;
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+
+ if (!sssraid_cqe_pending(cqinfo))
+ return 0;
+
+ spin_lock_irq(&cqinfo->cq_lock);
+ found = sssraid_process_cq(hdev, qidx, &start, &end, cid);
+ spin_unlock_irq(&cqinfo->cq_lock);
+
+ sssraid_complete_cqes(hdev, qidx, start, end);
+ return found;
+}
+
+static inline int sssraid_request_irq(struct sssraid_dev *hdev, u16 index)
+{
+ struct pci_dev *pdev = hdev->pdev;
+ struct sssraid_intr_info *intr_info = hdev->intr_info + index;
+ int retval = 0;
+
+ intr_info->hdev = hdev;
+ intr_info->msix_index = index;
+ intr_info->cqinfo = NULL;
+
+ snprintf(intr_info->name, SSSRAID_NAME_LENGTH, "%s%d-msix%d",
+ SSSRAID_DRIVER_NAME, hdev->instance, index);
+
+ retval = request_threaded_irq(pci_irq_vector(pdev, index), sssraid_isr,
+ sssraid_isr_poll, IRQF_SHARED, intr_info->name, intr_info);
+
+ if (retval) {
+ ioc_err(hdev, "%s: Unable to allocate interrupt %d!\n",
+ intr_info->name, pci_irq_vector(pdev, index));
+ return retval;
+ }
+
+ return retval;
+}
+
+static int sssraid_setup_isr(struct sssraid_dev *hdev, u8 setup_one)
+{
+ unsigned int irq_flags = PCI_IRQ_MSIX;
+ u16 max_vectors = 0, i;
+ int retval = 0;
+
+ struct irq_affinity desc = { .pre_vectors = 1};
+
+ sssraid_cleanup_isr(hdev);
+
+ if (setup_one)
+ max_vectors = 1;
+ else {
+ max_vectors = hdev->before_affinity_msix_cnt;
+
+ ioc_info(hdev, "MSI-x vectors requested: %d\n", max_vectors);
+ }
+
+ irq_flags |= PCI_IRQ_AFFINITY | PCI_IRQ_ALL_TYPES;
+
+ i = pci_alloc_irq_vectors_affinity(hdev->pdev,
+ 1, max_vectors, irq_flags, &desc);
+
+ if (i <= 0) {
+ ioc_err(hdev, "Cannot alloc irq vectors\n");
+ goto out_failed;
+ }
+ if (i != max_vectors) {
+ ioc_info(hdev,
+ "allocated vectors (%d) are less than configured (%d)\n",
+ i, max_vectors);
+
+ max_vectors = i;
+ }
+
+ hdev->intr_info = kzalloc(sizeof(struct sssraid_intr_info) * max_vectors,
+ GFP_KERNEL);
+ if (!hdev->intr_info) {
+ retval = -1;
+ pci_free_irq_vectors(hdev->pdev);
+ goto out_failed;
+ }
+
+ for (i = 0; i < max_vectors; i++) {
+ retval = sssraid_request_irq(hdev, i);
+ if (retval) {
+ hdev->intr_info_count = i; /* =i is for offload interrupt loop counter */
+ goto out_failed;
+ }
+ }
+
+ /* intr_info_count replace max_qid */
+ hdev->intr_info_count = max_vectors;
+ sssraid_ioc_enable_intr(hdev);
+ return retval;
+out_failed:
+ sssraid_cleanup_isr(hdev);
+
+ return retval;
+}
+
+static bool sssraid_adm_need_reset(struct sssraid_admin_command *cmd)
+{
+ switch (cmd->common.opcode) {
+ case SSSRAID_ADMIN_DELETE_SQ:
+ case SSSRAID_ADMIN_CREATE_SQ:
+ case SSSRAID_ADMIN_DELETE_CQ:
+ case SSSRAID_ADMIN_CREATE_CQ:
+ case SSSRAID_ADMIN_SET_FEATURES:
+ return false;
+ default:
+ return true;
+ }
+}
+
+void sssraid_submit_cmd(struct sssraid_squeue *sqinfo, const void *cmd)
+{
+ u32 sqes = SQE_SIZE(sqinfo->qidx);
+ unsigned long flags;
+ struct sssraid_admin_common_command *acd = (struct sssraid_admin_common_command *)cmd;
+
+ spin_lock_irqsave(&sqinfo->sq_lock, flags);
+ memcpy((sqinfo->sq_cmds + sqes * sqinfo->sq_tail), cmd, sqes);
+ if (++sqinfo->sq_tail == sqinfo->q_depth)
+ sqinfo->sq_tail = 0;
+
+ writel(sqinfo->sq_tail, sqinfo->q_db);
+ spin_unlock_irqrestore(&sqinfo->sq_lock, flags);
+
+ dbgprint(sqinfo->hdev, "cid[%d] qidx[%d], opcode[0x%x], flags[0x%x], hdid[%u]\n",
+ le16_to_cpu(acd->command_id), sqinfo->qidx, acd->opcode, acd->flags,
+ le32_to_cpu(acd->hdid));
+}
+
+int sssraid_submit_admin_sync_cmd(struct sssraid_dev *hdev, struct sssraid_admin_command *cmd,
+ u32 *result0, u32 *result1, u32 timeout)
+{
+ struct sssraid_cmd *adm_cmd = sssraid_get_cmd(hdev, SSSRAID_CMD_ADM);
+
+ if (!adm_cmd) {
+ ioc_err(hdev, "err, get admin cmd failed\n");
+ return -EFAULT;
+ }
+
+ timeout = timeout ? timeout : ADMIN_TIMEOUT;
+
+ /*
+ * watch dog not as optimized as
+ * init_completion/complete
+ */
+ init_completion(&adm_cmd->cmd_done);
+
+ cmd->common.command_id = cpu_to_le16(adm_cmd->cid);
+ sssraid_submit_cmd(&hdev->sqinfo[0], cmd);
+
+ if (!wait_for_completion_timeout(&adm_cmd->cmd_done, timeout)) {
+ ioc_err(hdev, "cid[%d] qidx[%d] timeout, opcode[0x%x] subopcode[0x%x]\n",
+ adm_cmd->cid, adm_cmd->qid, cmd->usr_cmd.opcode,
+ cmd->usr_cmd.info_0.subopcode);
+
+ /* reset controller if admin timeout */
+ if (sssraid_adm_need_reset(cmd))
+ sssraid_adm_timeout(hdev, adm_cmd);
+
+ sssraid_put_cmd(hdev, adm_cmd, SSSRAID_CMD_ADM);
+ return -ETIME;
+ }
+
+ if (result0)
+ *result0 = adm_cmd->result0;
+ if (result1)
+ *result1 = adm_cmd->result1;
+
+ sssraid_put_cmd(hdev, adm_cmd, SSSRAID_CMD_ADM);
+
+ return adm_cmd->status;
+}
+
+static int sssraid_get_ctrl_info(struct sssraid_dev *hdev, struct sssraid_ctrl_info *ctrl_info)
+{
+ struct sssraid_admin_command admin_cmd;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+ int retval;
+
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.get_info.opcode = SSSRAID_ADMIN_GET_INFO;
+ admin_cmd.get_info.type = SSSRAID_GET_INFO_CTRL;
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ retval = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+ if (!retval)
+ memcpy(ctrl_info, data_ptr, sizeof(struct sssraid_ctrl_info));
+
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, data_ptr, data_dma);
+
+ return retval;
+}
+
+int sssraid_init_ctrl_info(struct sssraid_dev *hdev)
+{
+ int retval;
+
+ hdev->ctrl_info->nd = cpu_to_le32(240);
+ hdev->ctrl_info->mdts = 8;
+ hdev->ctrl_info->max_cmds = cpu_to_le16(4096);
+ hdev->ctrl_info->max_num_sge = cpu_to_le16(128);
+ hdev->ctrl_info->max_channel = cpu_to_le16(4);
+ hdev->ctrl_info->max_tgt_id = cpu_to_le32(3239);
+ hdev->ctrl_info->max_lun = cpu_to_le16(2);
+
+ retval = sssraid_get_ctrl_info(hdev, hdev->ctrl_info);
+ if (retval)
+ ioc_err(hdev, "init controller info failed: %d\n", retval);
+
+ ioc_info(hdev, "nd = %d\n", le32_to_cpu(hdev->ctrl_info->nd));
+ ioc_info(hdev, "max_cmd = %d\n", le16_to_cpu(hdev->ctrl_info->max_cmds));
+ ioc_info(hdev, "max_channel = %d\n", le16_to_cpu(hdev->ctrl_info->max_channel));
+ ioc_info(hdev, "max_tgt_id = %d\n", le32_to_cpu(hdev->ctrl_info->max_tgt_id));
+ ioc_info(hdev, "max_lun = %d\n", le16_to_cpu(hdev->ctrl_info->max_lun));
+ ioc_info(hdev, "max_num_sge = %d\n", le16_to_cpu(hdev->ctrl_info->max_num_sge));
+ ioc_info(hdev, "lun_num_boot = %d\n", le16_to_cpu(hdev->ctrl_info->lun_num_in_boot));
+ ioc_info(hdev, "mdts = %d\n", hdev->ctrl_info->mdts);
+ ioc_info(hdev, "acl = %d\n", hdev->ctrl_info->acl);
+ ioc_info(hdev, "aer1 = %d\n", hdev->ctrl_info->aerl);
+ ioc_info(hdev, "card_type = %d\n", hdev->ctrl_info->card_type);
+ ioc_info(hdev, "rtd3e = %d\n", le32_to_cpu(hdev->ctrl_info->rtd3e));
+ ioc_info(hdev, "sn = %s\n", hdev->ctrl_info->sn);
+ ioc_info(hdev, "fr = %s\n", hdev->ctrl_info->fr);
+
+ if (!hdev->ctrl_info->aerl)
+ hdev->ctrl_info->aerl = 1;
+ if (hdev->ctrl_info->aerl > SSSRAID_NR_AEN_COMMANDS)
+ hdev->ctrl_info->aerl = SSSRAID_NR_AEN_COMMANDS;
+
+ return 0;
+}
+
+static int sssraid_set_features(struct sssraid_dev *hdev, u32 fid, u32 dword11, void *buffer,
+ size_t buflen, u32 *result)
+{
+ struct sssraid_admin_command admin_cmd;
+ int ret;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+
+ if (buffer && buflen) {
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, buflen, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memcpy(data_ptr, buffer, buflen);
+ }
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.features.opcode = SSSRAID_ADMIN_SET_FEATURES;
+ admin_cmd.features.fid = cpu_to_le32(fid);
+ admin_cmd.features.dword11 = cpu_to_le32(dword11);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, result, NULL, 0);
+
+ if (data_ptr)
+ dma_free_coherent(&hdev->pdev->dev, buflen, data_ptr, data_dma);
+
+ return ret;
+}
+
+static int sssraid_set_queue_cnt(struct sssraid_dev *hdev, u32 *cnt)
+{
+ u32 q_cnt = (*cnt - 1) | ((*cnt - 1) << 16);
+ u32 nr_ioqs, result;
+ int status;
+
+ status = sssraid_set_features(hdev, SSSRAID_FEAT_NUM_QUEUES, q_cnt, NULL, 0, &result);
+ if (status) {
+ ioc_err(hdev, "Set queue count failed, status: %d\n",
+ status);
+ return -EIO;
+ }
+
+ nr_ioqs = min(result & 0xffff, result >> 16) + 1;
+ *cnt = min(*cnt, nr_ioqs);
+ if (*cnt == 0) {
+ ioc_err(hdev, "Illegal queue count: zero\n");
+ return -EIO;
+ }
+ return 0;
+}
+
+static int sssraid_create_cq(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+ struct sssraid_admin_command admin_cmd;
+ int flags = SSSRAID_QUEUE_PHYS_CONTIG | SSSRAID_CQ_IRQ_ENABLED;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.create_cq.opcode = SSSRAID_ADMIN_CREATE_CQ;
+ admin_cmd.create_cq.prp1 = cpu_to_le64(cqinfo->cq_dma_addr);
+ admin_cmd.create_cq.cqid = cpu_to_le16(qidx);
+ admin_cmd.create_cq.qsize = cpu_to_le16(sqinfo->q_depth - 1);
+ admin_cmd.create_cq.cq_flags = cpu_to_le16(flags);
+ admin_cmd.create_cq.irq_vector = cpu_to_le16(qidx);
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+static int sssraid_create_io_cq(struct sssraid_dev *hdev, u16 qidx)
+{
+ int retval;
+ struct sssraid_cqueue *cqinfo = hdev->cqinfo + qidx;
+ u16 midx = qidx;
+
+ retval = sssraid_create_cq(hdev, qidx);
+ if (retval)
+ return retval;
+
+ /*
+ * cqinfo initialization at sssraid_init_queue
+ */
+ hdev->intr_info[midx].cqinfo = cqinfo;
+
+ return retval;
+}
+
+static int sssraid_create_sq(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+ struct sssraid_admin_command admin_cmd;
+ int flags = SSSRAID_QUEUE_PHYS_CONTIG;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.create_sq.opcode = SSSRAID_ADMIN_CREATE_SQ;
+ admin_cmd.create_sq.prp1 = cpu_to_le64(sqinfo->sq_dma_addr);
+ admin_cmd.create_sq.sqid = cpu_to_le16(qidx);
+ admin_cmd.create_sq.qsize = cpu_to_le16(sqinfo->q_depth - 1);
+ admin_cmd.create_sq.sq_flags = cpu_to_le16(flags);
+ admin_cmd.create_sq.cqid = cpu_to_le16(qidx);
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+static int sssraid_create_io_sq(struct sssraid_dev *hdev, u16 qidx)
+{
+ return sssraid_create_sq(hdev, qidx);
+}
+
+int sssraid_get_dev_list(struct sssraid_dev *hdev, struct sssraid_dev_info *devices)
+{
+ u32 nd = le32_to_cpu(hdev->ctrl_info->nd);
+ struct sssraid_admin_command admin_cmd;
+ struct sssraid_dev_list *list_buf;
+ dma_addr_t data_dma = 0;
+ u32 i, idx, hdid, ndev;
+ int ret = 0;
+
+ list_buf = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!list_buf)
+ return -ENOMEM;
+
+ for (idx = 0; idx < nd;) {
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.get_info.opcode = SSSRAID_ADMIN_GET_INFO;
+ admin_cmd.get_info.type = SSSRAID_GET_INFO_DEV_LIST;
+ admin_cmd.get_info.cdw11 = cpu_to_le32(idx);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+
+ if (ret) {
+ ioc_err(hdev, "Get device list failed, nd: %u, idx: %u, ret: %d\n",
+ nd, idx, ret);
+ goto out;
+ }
+ ndev = le32_to_cpu(list_buf->dev_num);
+
+ ioc_info(hdev, "ndev numbers: %u\n", ndev);
+
+ for (i = 0; i < ndev; i++) {
+ hdid = le32_to_cpu(list_buf->devices[i].hdid);
+ ioc_info(hdev, "list_buf->devices[%d], hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ i, hdid, le16_to_cpu(list_buf->devices[i].target),
+ list_buf->devices[i].channel,
+ list_buf->devices[i].lun,
+ list_buf->devices[i].attr);
+ if (hdid > nd || hdid == 0) {
+ ioc_err(hdev, "err, hdid[%d] invalid\n", hdid);
+ continue;
+ }
+ memcpy(&devices[hdid - 1], &list_buf->devices[i],
+ sizeof(struct sssraid_dev_info));
+ }
+ idx += ndev;
+
+ if (ndev < MAX_DEV_ENTRY_PER_PAGE_4K)
+ break;
+ }
+
+out:
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, list_buf, data_dma);
+ return ret;
+}
+
+/* send abort command by admin queue temporary */
+int sssraid_send_abort_cmd(struct sssraid_dev *hdev, u32 hdid, u16 qidx, u16 cid)
+{
+ struct sssraid_admin_command admin_cmd;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.abort.opcode = SSSRAID_ADMIN_ABORT_CMD;
+ admin_cmd.abort.hdid = cpu_to_le32(hdid);
+ admin_cmd.abort.sqid = cpu_to_le16(qidx);
+ admin_cmd.abort.cid = cpu_to_le16(cid);
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+/* send reset command by admin quueue temporary */
+int sssraid_send_reset_cmd(struct sssraid_dev *hdev, u8 type, u32 hdid)
+{
+ struct sssraid_admin_command admin_cmd;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.reset.opcode = SSSRAID_ADMIN_RESET;
+ admin_cmd.reset.hdid = cpu_to_le32(hdid);
+ admin_cmd.reset.type = type;
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+static int sssraid_delete_queue(struct sssraid_dev *hdev, u8 op, u16 qidx)
+{
+ struct sssraid_admin_command admin_cmd;
+ int retval;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.delete_queue.opcode = op;
+ admin_cmd.delete_queue.qid = cpu_to_le16(qidx);
+
+ retval = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+
+ if (retval)
+ ioc_err(hdev, "Delete %s:[%d] failed\n",
+ (op == SSSRAID_ADMIN_DELETE_CQ) ? "cq" : "sq", qidx);
+
+ return retval;
+}
+
+static int sssraid_delete_cq(struct sssraid_dev *hdev, u16 qidx)
+{
+ return sssraid_delete_queue(hdev, SSSRAID_ADMIN_DELETE_CQ, qidx);
+}
+
+void sssraid_adm_timeout(struct sssraid_dev *hdev, struct sssraid_cmd *cmd)
+{
+ /* command may be returned because controller reset */
+ if (READ_ONCE(cmd->state) == SSSRAID_CMD_COMPLETE)
+ return;
+
+ if (!sssraid_change_host_state(hdev, SSSRAID_RESETTING)) {
+ ioc_info(hdev, "can't change to reset state\n");
+ return;
+ }
+ sssraid_soft_reset_handler(hdev);
+}
+
+static int sssraid_create_io_qpair(struct sssraid_dev *hdev, u16 qidx)
+{
+ int retval;
+
+ retval = sssraid_create_io_cq(hdev, qidx);
+ if (retval)
+ return retval;
+
+ retval = sssraid_create_io_sq(hdev, qidx);
+ if (retval)
+ goto delete_cq;
+
+ /* intr_info.msix_index substitute cq_vector */
+
+ /* io interrupt registry:
+ * not here, put above
+ */
+
+ sssraid_init_queue(hdev, qidx);
+
+ return 0;
+
+delete_cq:
+ sssraid_delete_cq(hdev, qidx);
+
+ return retval;
+}
+
+static int sssraid_setup_io_qpair(struct sssraid_dev *hdev)
+{
+ u32 i, num_queues;
+ int retval = 0;
+
+ num_queues = min(hdev->intr_info_count, hdev->init_done_queue_cnt - 1);
+ for (i = 1; i <= num_queues; i++) {
+ retval = sssraid_create_io_qpair(hdev, i);
+ if (retval) {
+ ioc_err(hdev, "Create queue[%d] failed\n", i);
+ break;
+ }
+ }
+
+ ioc_info(hdev, "init_done_queue_cnt[%d], intr_info_count[%d] num_queues[%d]",
+ hdev->init_done_queue_cnt, /*hdev->online_queues,*/
+ hdev->intr_info_count, num_queues);
+
+ return retval >= 0 ? 0 : retval;
+}
+
+static int sssraid_alloc_ioq_ptcmds(struct sssraid_dev *hdev)
+{
+ int i;
+ int ptnum = SSSRAID_NR_IOQ_PTCMDS;
+
+ INIT_LIST_HEAD(&hdev->ioq_pt_list);
+ spin_lock_init(&hdev->ioq_pt_lock);
+
+ hdev->ioq_ptcmds = kcalloc_node(ptnum, sizeof(struct sssraid_cmd),
+ GFP_KERNEL, hdev->numa_node);
+
+ if (!hdev->ioq_ptcmds) {
+ ioc_err(hdev, "Alloc ioq_ptcmds failed\n");
+ return -ENOMEM;
+ }
+
+ for (i = 0; i < ptnum; i++) {
+ hdev->ioq_ptcmds[i].qid = i / SSSRAID_PTCMDS_PERQ + 1;
+ hdev->ioq_ptcmds[i].cid = i % SSSRAID_PTCMDS_PERQ + SSSRAID_IO_BLK_MQ_DEPTH;
+ list_add_tail(&(hdev->ioq_ptcmds[i].list), &hdev->ioq_pt_list);
+ }
+
+ ioc_info(hdev, "Alloc ioq_ptcmds success, ptnum[%d]\n", ptnum);
+
+ return 0;
+}
+
+int sssraid_send_event_ack(struct sssraid_dev *hdev, u8 event,
+ u32 event_ctx, u16 cid)
+{
+ /* event,event_ctx no use at this time */
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[0];
+ struct sssraid_admin_command admin_cmd;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.common.opcode = SSSRAID_ADMIN_ASYNC_EVENT;
+ admin_cmd.common.command_id = cpu_to_le16(cid);
+
+ sssraid_submit_cmd(sqinfo, &admin_cmd);
+ ioc_info(hdev, "send aen, cid[%d]\n", cid);
+
+ return 0;
+}
+
+static void sssraid_handle_aen_notice(struct sssraid_dev *hdev, u32 result)
+{
+ switch ((result & 0xff00) >> 8) {
+ case SSSRAID_AEN_DEV_CHANGED:
+ sssraid_scan_disk(hdev);
+ break;
+ case SSSRAID_AEN_FW_ACT_START:
+ ioc_info(hdev, "fw activation starting\n");
+ break;
+ case SSSRAID_AEN_HOST_PROBING:
+ break;
+ default:
+ ioc_warn(hdev, "async event result %08x\n", result);
+ }
+}
+
+static void sssraid_handle_aen_vs(struct sssraid_dev *hdev, u32 result, u32 result1)
+{
+ switch ((result & 0xff00) >> 8) {
+ case SSSRAID_AEN_TIMESYN:
+ sssraid_configure_timestamp(hdev);
+ break;
+ case SSSRAID_AEN_FW_ACT_FINISH:
+ ioc_info(hdev, "fw activation finish\n");
+ if (sssraid_init_ctrl_info(hdev))
+ ioc_err(hdev, "get ctrl info failed after fw act\n");
+ break;
+ case SSSRAID_AEN_EVENT_MIN ... SSSRAID_AEN_EVENT_MAX:
+ ioc_info(hdev, "rcv card event[%d], param1[0x%x] param2[0x%x]\n",
+ (result & 0xff00) >> 8, result, result1);
+ break;
+ default:
+ ioc_warn(hdev, "async event result: 0x%x\n", result);
+ }
+}
+
+static inline void sssraid_send_all_aen(struct sssraid_dev *hdev)
+{
+ u16 i;
+
+ for (i = 0; i < hdev->ctrl_info->aerl; i++)
+ sssraid_send_event_ack(hdev, 0, 0, i + SSSRAID_AQ_BLK_MQ_DEPTH);
+}
+
+static int sssraid_dev_list_init(struct sssraid_dev *hdev)
+{
+ u32 nd = le32_to_cpu(hdev->ctrl_info->nd);
+
+ hdev->devices = kzalloc_node(nd * sizeof(struct sssraid_dev_info),
+ GFP_KERNEL, hdev->numa_node);
+ if (!hdev->devices)
+ return -ENOMEM;
+
+ return 0;
+}
+
+int sssraid_configure_timestamp(struct sssraid_dev *hdev)
+{
+ __le64 ts;
+ int retval;
+
+ ts = cpu_to_le64(ktime_to_ms(ktime_get_real()));
+ retval = sssraid_set_features(hdev, SSSRAID_FEAT_TIMESTAMP, 0, &ts, sizeof(ts), NULL);
+
+ if (retval)
+ ioc_err(hdev, "set timestamp failed: %d\n", retval);
+ return retval;
+}
+
+int sssraid_init_ioc(struct sssraid_dev *hdev, u8 re_init)
+{
+ int retval = 0;
+ int i;
+ u32 nr_ioqs, bar_size;
+
+ if (!re_init) {
+ hdev->cpu_count = num_online_cpus();
+
+ retval = sssraid_alloc_resources(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc resources:error %d\n",
+ retval);
+ goto out_nocleanup;
+ }
+ }
+
+ /* reset need re-setup */
+ retval = sssraid_setup_resources(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup resources:error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ if (!re_init) {
+ retval = sssraid_alloc_admin_cmds(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc admin cmds:error %d\n",
+ retval);
+ goto out_failed;
+ }
+ /* put here:
+ * alloc admin queue
+ */
+ retval = sssraid_alloc_qpair(hdev, 0, SSSRAID_AQ_DEPTH);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc admin queue:error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+
+ retval = sssraid_setup_admin_qpair(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup admin queue:error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ /* 1. unregister all interrupt
+ * 2. admin interrupt registry
+ */
+ retval = sssraid_setup_isr(hdev, 1);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup ISR error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ retval = sssraid_init_ctrl_info(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to get ctrl info error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ nr_ioqs = hdev->cpu_count;
+ retval = sssraid_set_queue_cnt(hdev, &nr_ioqs);
+ if (retval) {
+ ioc_err(hdev, "Failed to set queue cnt error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ hdev->before_affinity_msix_cnt = nr_ioqs + 1;
+
+ /* 1. unregister all interrupt
+ * 2. admin interrupt re-registry
+ * 3. io interrupt registry
+ */
+ retval = sssraid_setup_isr(hdev, 0);
+ if (retval) {
+ ioc_err(hdev, "Failed to re-setup ISR, error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ /* remap */
+ bar_size = SSSRAID_REG_DBS + ((nr_ioqs + 1) * 8 * hdev->db_stride);
+ retval = sssraid_remap_bar(hdev, bar_size);
+ if (retval) {
+ ioc_err(hdev, "Failed to re-map bar, error %d\n",
+ retval);
+ goto out_failed;
+ }
+ hdev->sqinfo[0].q_db = hdev->dbs;
+
+ /* num_vecs no sense, abandon */
+
+ if (!re_init) {
+ for (i = hdev->init_done_queue_cnt; i <= hdev->intr_info_count; i++) {
+ retval = sssraid_alloc_qpair(hdev, i, hdev->ioq_depth);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc io queue:error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+ ioc_info(hdev, "intr_info_count: %d, init_done_queue_cnt: %d, ioq_depth: %d\n",
+ hdev->intr_info_count, hdev->init_done_queue_cnt, hdev->ioq_depth);
+ }
+
+ retval = sssraid_setup_io_qpair(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup io qpair, error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ if (!re_init) {
+ retval = sssraid_alloc_ioq_ptcmds(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc ioq ptcmds, error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+
+ sssraid_send_all_aen(hdev);
+
+ if (!re_init) {
+ retval = sssraid_dev_list_init(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to init device list, error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ retval = sssraid_configure_timestamp(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to configure timestamp, error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+
+ return retval;
+
+out_failed:
+ sssraid_cleanup_ioc(hdev, re_init);
+out_nocleanup:
+ return retval;
+}
+
+void sssraid_cleanup_resources(struct sssraid_dev *hdev)
+{
+ struct pci_dev *pdev = hdev->pdev;
+
+ sssraid_cleanup_isr(hdev);
+
+ if (hdev->bar) {
+ iounmap(hdev->bar);
+ hdev->bar = NULL;
+ }
+
+ if (pci_is_enabled(pdev)) {
+ pci_disable_pcie_error_reporting(pdev);
+ pci_release_mem_regions(pdev);
+ pci_disable_device(pdev);
+ }
+}
+
+static void sssraid_free_ioq_ptcmds(struct sssraid_dev *hdev)
+{
+ kfree(hdev->ioq_ptcmds);
+ hdev->ioq_ptcmds = NULL;
+
+ INIT_LIST_HEAD(&hdev->ioq_pt_list);
+}
+
+static void sssraid_delete_io_queues(struct sssraid_dev *hdev)
+{
+ u16 queues = hdev->init_done_queue_cnt - 1;
+ u8 opcode = SSSRAID_ADMIN_DELETE_SQ;
+ u16 i, pass;
+
+ if (!pci_device_is_present(hdev->pdev)) {
+ ioc_err(hdev, "pci_device is not present, skip disable io queues\n");
+ return;
+ }
+
+ if (hdev->init_done_queue_cnt < 2) {
+ ioc_err(hdev, "err, io queue has been delete\n");
+ return;
+ }
+
+ for (pass = 0; pass < 2; pass++) {
+ for (i = queues; i > 0; i--)
+ if (sssraid_delete_queue(hdev, opcode, i))
+ break;
+
+ opcode = SSSRAID_ADMIN_DELETE_CQ;
+ }
+}
+
+void sssraid_complete_aen(struct sssraid_dev *hdev, struct sssraid_completion *cqe)
+{
+ u32 result = le32_to_cpu(cqe->result);
+
+ ioc_info(hdev, "rcv aen, cid[%d], status[0x%x], result[0x%x]\n",
+ le16_to_cpu(cqe->cmd_id), le16_to_cpu(cqe->status) >> 1, result);
+
+ /*
+ * The response to event moved from this func.
+ * sssraid_send_aen changed to name sssraid_send_event_ack
+ */
+
+ if ((le16_to_cpu(cqe->status) >> 1) != SSSRAID_SC_SUCCESS)
+ return;
+ switch (result & 0x7) {
+ case SSSRAID_AEN_NOTICE:
+ sssraid_handle_aen_notice(hdev, result);
+ break;
+ case SSSRAID_AEN_VS:
+ sssraid_handle_aen_vs(hdev, result, le32_to_cpu(cqe->result1));
+ break;
+ default:
+ ioc_warn(hdev, "Unsupported async event type: %u\n",
+ result & 0x7);
+ break;
+ }
+}
+
+void sssraid_free_iod_res(struct sssraid_dev *hdev, struct sssraid_iod *iod)
+{
+ const int last_prp = hdev->page_size / sizeof(__le64) - 1;
+ dma_addr_t dma_addr, next_dma_addr;
+ struct sssraid_sgl_desc *sg_list;
+ __le64 *prp_list;
+ void *addr;
+ int i;
+
+ dma_addr = iod->first_dma;
+ if (iod->npages == 0)
+ dma_pool_free(iod->sqinfo->prp_small_pool, sssraid_iod_list(iod)[0], dma_addr);
+
+ for (i = 0; i < iod->npages; i++) {
+ addr = sssraid_iod_list(iod)[i];
+
+ if (iod->use_sgl) {
+ sg_list = addr;
+ next_dma_addr =
+ le64_to_cpu((sg_list[SGES_PER_PAGE - 1]).addr);
+ } else {
+ prp_list = addr;
+ next_dma_addr = le64_to_cpu(prp_list[last_prp]);
+ }
+
+ dma_pool_free(hdev->prp_page_pool, addr, dma_addr);
+ dma_addr = next_dma_addr;
+ }
+
+ iod->sense = NULL;
+ iod->npages = -1;
+}
+
+static void sssraid_complete_ioq_sync_cmnd(struct sssraid_dev *hdev, u16 qidx,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_cmd *ptcmd;
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ ptcmd = hdev->ioq_ptcmds + (sqinfo->qidx - 1) * SSSRAID_PTCMDS_PERQ +
+ le16_to_cpu(cqe->cmd_id) - SSSRAID_IO_BLK_MQ_DEPTH;
+
+ ptcmd->status = le16_to_cpu(cqe->status) >> 1;
+ ptcmd->result0 = le32_to_cpu(cqe->result);
+ ptcmd->result1 = le32_to_cpu(cqe->result1);
+
+ complete(&ptcmd->cmd_done);
+}
+
+static void sssraid_complete_ioq_cmnd(struct sssraid_dev *hdev, u16 qidx,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ struct blk_mq_tags *tags;
+ struct scsi_cmnd *scmd;
+ struct sssraid_iod *iod;
+ struct request *req;
+ unsigned long elapsed;
+
+ tags = hdev->shost->tag_set.tags[sqinfo->qidx - 1];
+
+ req = blk_mq_tag_to_rq(tags, le16_to_cpu(cqe->cmd_id));
+ if (unlikely(!req || !blk_mq_request_started(req))) {
+ ioc_warn(hdev, "Invalid id %d completed on queue %d\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx);
+ return;
+ }
+
+ scmd = blk_mq_rq_to_pdu(req);
+ iod = scsi_cmd_priv(scmd);
+
+ elapsed = jiffies - scmd->jiffies_at_alloc;
+ dbgprint(hdev, "cid[%d] qidx[%d] finish IO cost %3ld.%3ld seconds\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx, elapsed / HZ, elapsed % HZ);
+
+ if (cmpxchg(&iod->state, SSSRAID_CMD_IN_FLIGHT, SSSRAID_CMD_COMPLETE) !=
+ SSSRAID_CMD_IN_FLIGHT) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] enters abnormal handler, cost %3ld.%3ld seconds\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx, elapsed / HZ, elapsed % HZ);
+ WRITE_ONCE(iod->state, SSSRAID_CMD_TMO_COMPLETE);
+
+ if (iod->nsge) {
+ iod->nsge = 0;
+ scsi_dma_unmap(scmd);
+ }
+ sssraid_free_iod_res(hdev, iod);
+
+ return;
+ }
+
+ sssraid_map_status(iod, scmd, cqe);
+ if (iod->nsge) {
+ iod->nsge = 0;
+ scsi_dma_unmap(scmd);
+ }
+ sssraid_free_iod_res(hdev, iod);
+ scmd->scsi_done(scmd);
+}
+
+static void sssraid_process_admin_cq(struct sssraid_dev *hdev,
+ struct sssraid_squeue *sqinfo,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_fwevt *fwevt = NULL;
+ u16 cid = le16_to_cpu(cqe->cmd_id), sz;
+
+ if (likely(cid < SSSRAID_AQ_BLK_MQ_DEPTH))
+ sssraid_complete_adminq_cmnd(hdev, sqinfo->qidx, cqe);
+ else {
+ sz = sizeof(*cqe);
+ fwevt = sssraid_alloc_fwevt(sz);
+ if (!fwevt) {
+ ioc_info(hdev, "%s :failure at %s:%d/%s()!\n",
+ __func__, __FILE__, __LINE__, __func__);
+ return;
+ }
+
+ memcpy(fwevt->event_data, cqe, sz);
+ fwevt->hdev = hdev;
+ fwevt->event_id = 0; /* evt_type:0 */
+ fwevt->send_ack = 1; /* ack_req:1 */
+ fwevt->process_evt = 1; /* process_evt_bh:1 */
+ fwevt->evt_ctx = 0; /* 0 */
+ sssraid_fwevt_add_to_list(hdev, fwevt);
+ }
+}
+
+static void sssraid_process_io_cq(struct sssraid_dev *hdev,
+ struct sssraid_squeue *sqinfo,
+ struct sssraid_completion *cqe)
+{
+ u16 cid = le16_to_cpu(cqe->cmd_id);
+
+ if (likely(cid < SSSRAID_IO_BLK_MQ_DEPTH))
+ sssraid_complete_ioq_cmnd(hdev, sqinfo->qidx, cqe);
+ else /* io sync handle */
+ sssraid_complete_ioq_sync_cmnd(hdev, sqinfo->qidx, cqe);
+}
+
+static inline void sssraid_handle_cqe(struct sssraid_dev *hdev, u16 mdix, u16 didx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[mdix];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[mdix];
+
+ struct sssraid_completion *cqe = &cqinfo->cqes[didx];
+ u16 cid = le16_to_cpu(cqe->cmd_id);
+
+ if (unlikely(cid >= sqinfo->q_depth)) {
+ ioc_err(hdev, "Invalid command id[%d] completed on queue %d\n",
+ cid, cqe->sq_id);
+ return;
+ }
+
+ dbgprint(hdev, "cid[%d] mdix[%d], result[0x%x], sq_id[%d], status[0x%x]\n",
+ cid, sqinfo->qidx, le32_to_cpu(cqe->result),
+ le16_to_cpu(cqe->sq_id), le16_to_cpu(cqe->status));
+
+ if (!mdix) /* admin */
+ sssraid_process_admin_cq(hdev, sqinfo, cqe);
+ else /* io */
+ sssraid_process_io_cq(hdev, sqinfo, cqe);
+}
+
+void sssraid_complete_cqes(struct sssraid_dev *hdev, u16 midx, u16 start, u16 end)
+{
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[midx];
+
+ while (start != end) {
+ sssraid_handle_cqe(hdev, midx, start);
+ if (++start == sqinfo->q_depth)
+ start = 0;
+ }
+}
+
+static void sssraid_disable_admin_queue(struct sssraid_dev *hdev, bool shutdown)
+{
+ struct sssraid_cqueue *adm_cqinfo = &hdev->cqinfo[0];
+ u16 start, end;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ if (shutdown)
+ sssraid_shutdown_ctrl(hdev);
+ else
+ sssraid_disable_ctrl(hdev);
+ }
+
+ if (hdev->init_done_queue_cnt == 0) {
+ ioc_err(hdev, "err, admin queue has been delete\n");
+ return;
+ }
+
+ spin_lock_irq(&adm_cqinfo->cq_lock);
+ sssraid_process_cq(hdev, 0, &start, &end, -1);
+ spin_unlock_irq(&adm_cqinfo->cq_lock);
+ sssraid_complete_cqes(hdev, 0, start, end);
+}
+
+static void sssraid_free_all_queues(struct sssraid_dev *hdev)
+{
+ int i;
+ struct sssraid_cqueue *cqinfo;
+ struct sssraid_squeue *sqinfo;
+
+ for (i = 0; i < hdev->init_done_queue_cnt; i++) {
+ cqinfo = &hdev->cqinfo[i];
+ sqinfo = &hdev->sqinfo[i];
+ dma_free_coherent(&hdev->pdev->dev, CQ_SIZE(sqinfo->q_depth),
+ (void *)cqinfo->cqes, cqinfo->cq_dma_addr);
+ dma_free_coherent(&hdev->pdev->dev, SQ_SIZE(sqinfo->qidx, sqinfo->q_depth),
+ sqinfo->sq_cmds, sqinfo->sq_dma_addr);
+ dma_free_coherent(&hdev->pdev->dev, SENSE_SIZE(sqinfo->q_depth),
+ sqinfo->sense, sqinfo->sense_dma_addr);
+ }
+
+ hdev->init_done_queue_cnt = 0;
+}
+
+static void sssraid_free_admin_cmds(struct sssraid_dev *hdev)
+{
+ kfree(hdev->adm_cmds);
+ hdev->adm_cmds = NULL;
+ INIT_LIST_HEAD(&hdev->adm_cmd_list);
+}
+
+static void sssraid_free_resources(struct sssraid_dev *hdev)
+{
+ sssraid_free_admin_cmds(hdev);
+ kfree(hdev->sqinfo);
+ kfree(hdev->cqinfo);
+ sssraid_destroy_dma_pools(hdev);
+ kfree(hdev->ctrl_info);
+}
+
+void sssraid_cleanup_ioc(struct sssraid_dev *hdev, u8 re_init)
+{
+ if (!re_init)
+ sssraid_free_ioq_ptcmds(hdev);
+
+ sssraid_delete_io_queues(hdev);
+ sssraid_disable_admin_queue(hdev, !re_init);
+
+ if (!re_init)
+ sssraid_free_all_queues(hdev);
+
+ sssraid_ioc_disable_intr(hdev);
+ sssraid_cleanup_resources(hdev);
+
+ if (!re_init)
+ sssraid_free_resources(hdev);
+
+}
+
+int sssraid_soft_reset_handler(struct sssraid_dev *hdev)
+{
+ int retval = 0;
+
+ if (hdev->state != SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host is not reset state\n");
+ return retval;
+ }
+
+ ioc_info(hdev, "enter host reset\n");
+
+ sssraid_ioc_disable_intr(hdev);
+ sssraid_cleanup_fwevt_list(hdev);
+
+ /* realize above here:
+ * sssraid_dev_disable -> sssraid_back_all_io
+ */
+ sssraid_back_all_io(hdev);
+ /*
+ * realize sssraid_dev_disable,
+ * i.e. sssraid_cleanup_ioc(1)
+ */
+ if (hdev->ctrl_config & SSSRAID_CC_ENABLE) {
+ ioc_info(hdev, "start dev_disable\n");
+ sssraid_cleanup_ioc(hdev, 1);
+ }
+
+ retval = sssraid_init_ioc(hdev, 1);
+ if (retval) {
+ ioc_err(hdev, "init ioc fail.\n");
+ return retval;
+ }
+
+ sssraid_change_host_state(hdev, SSSRAID_LIVE);
+
+ return retval;
+}
diff --git a/drivers/scsi/sssraid/sssraid_os.c b/drivers/scsi/sssraid/sssraid_os.c
new file mode 100644
index 000000000000..16d2b94d78f3
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid_os.c
@@ -0,0 +1,2337 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#include <linux/version.h>
+#include <linux/pci.h>
+#include <linux/aer.h>
+#include <linux/module.h>
+#include <linux/ioport.h>
+#include <linux/device.h>
+#include <linux/delay.h>
+#include <linux/interrupt.h>
+#include <linux/cdev.h>
+#include <linux/sysfs.h>
+#include <linux/gfp.h>
+#include <linux/types.h>
+#include <linux/ratelimit.h>
+#include <linux/debugfs.h>
+#include <linux/blkdev.h>
+#include <linux/bsg-lib.h>
+#include <linux/sort.h>
+
+#include <scsi/scsi.h>
+#include <scsi/scsi_cmnd.h>
+#include <scsi/scsi_device.h>
+#include <scsi/scsi_host.h>
+#include <scsi/scsi_transport.h>
+#include <scsi/scsi_dbg.h>
+
+#include <linux/unaligned/be_byteshift.h>
+#include <linux/unaligned/le_byteshift.h>
+#include <linux/once.h>
+#include <linux/sched/signal.h>
+#include <linux/io-64-nonatomic-lo-hi.h>
+
+#include "sssraid.h"
+#include "sssraid_debug.h"
+
+u32 admin_tmout = 60;
+module_param(admin_tmout, uint, 0644);
+MODULE_PARM_DESC(admin_tmout, "admin commands timeout (seconds)");
+
+static u32 scmd_tmout_rawdisk = 180;
+module_param(scmd_tmout_rawdisk, uint, 0644);
+MODULE_PARM_DESC(scmd_tmout_rawdisk, "scsi commands timeout for rawdisk(seconds)");
+
+static u32 scmd_tmout_vd = 180;
+module_param(scmd_tmout_vd, uint, 0644);
+MODULE_PARM_DESC(scmd_tmout_vd, "scsi commands timeout for vd(seconds)");
+
+static int ioq_depth_set(const char *val, const struct kernel_param *kp);
+static const struct kernel_param_ops ioq_depth_ops = {
+ .set = ioq_depth_set,
+ .get = param_get_uint,
+};
+
+u32 io_queue_depth = 1024;
+module_param_cb(io_queue_depth, &ioq_depth_ops, &io_queue_depth, 0644);
+MODULE_PARM_DESC(io_queue_depth, "set io queue depth, should >= 2");
+
+static int logging_level_set(const char *val, const struct kernel_param *kp)
+{
+ u8 n = 0;
+ int ret;
+
+ ret = kstrtou8(val, 10, &n);
+ if (ret != 0)
+ return -EINVAL;
+
+ return param_set_byte(val, kp);
+}
+
+static const struct kernel_param_ops logging_level_ops = {
+ .set = logging_level_set,
+ .get = param_get_byte,
+};
+
+static unsigned char logging_level;
+module_param_cb(logging_level, &logging_level_ops, &logging_level, 0644);
+MODULE_PARM_DESC(logging_level, "set log level, default zero for switch off");
+
+static int small_pool_num_set(const char *val, const struct kernel_param *kp)
+{
+ u8 n = 0;
+ int ret;
+
+ ret = kstrtou8(val, 10, &n);
+ if (ret != 0)
+ return -EINVAL;
+ if (n > MAX_SMALL_POOL_NUM)
+ n = MAX_SMALL_POOL_NUM;
+ if (n < 1)
+ n = 1;
+ *((u8 *)kp->arg) = n;
+
+ return 0;
+}
+
+static const struct kernel_param_ops small_pool_num_ops = {
+ .set = small_pool_num_set,
+ .get = param_get_byte,
+};
+
+/* Small pools are used to save PRP for small IOs.It was
+ * found that the spinlock of a single pool conflicts a
+ * lot with multiple CPUs.So multiple pools are introduced
+ * to reduce the conflictions.
+ */
+unsigned char small_pool_num = 4;
+module_param_cb(small_pool_num, &small_pool_num_ops, &small_pool_num, 0644);
+MODULE_PARM_DESC(small_pool_num, "set prp small pool num, default 4, MAX 16");
+
+//static struct class *sssraid_class;
+
+enum FW_STAT_CODE {
+ FW_STAT_OK = 0,
+ FW_STAT_NEED_CHECK,
+ FW_STAT_ERROR,
+ FW_STAT_EP_PCIE_ERROR,
+ FW_STAT_NAC_DMA_ERROR,
+ FW_STAT_ABORTED,
+ FW_STAT_NEED_RETRY
+};
+
+static const char * const raid_levels[] = {"0", "1", "5", "6", "10", "50", "60", "NA"};
+
+static const char * const raid_states[] = {
+ "NA", "NORMAL", "FAULT", "DEGRADE", "NOT_FORMATTED", "FORMATTING", "SANITIZING",
+ "INITIALIZING", "INITIALIZE_FAIL", "DELETING", "DELETE_FAIL", "WRITE_PROTECT"
+};
+
+static int ioq_depth_set(const char *val, const struct kernel_param *kp)
+{
+ int n = 0;
+ int ret;
+
+ ret = kstrtoint(val, 10, &n);
+ if (ret != 0 || n < 2)
+ return -EINVAL;
+
+ return param_set_int(val, kp);
+}
+
+/*
+ * common
+ */
+static struct class *sssraid_class;
+
+struct sssraid_fwevt *sssraid_alloc_fwevt(int len)
+{
+ struct sssraid_fwevt *fwevt;
+
+ fwevt = kzalloc(sizeof(*fwevt) + len, GFP_ATOMIC);
+ if (!fwevt)
+ return NULL;
+
+ kref_init(&fwevt->ref_count);
+ return fwevt;
+
+}
+
+static void sssraid_fwevt_free(struct kref *r)
+{
+ kfree(container_of(r, struct sssraid_fwevt, ref_count));
+}
+
+static void sssraid_fwevt_get(struct sssraid_fwevt *fwevt)
+{
+ kref_get(&fwevt->ref_count);
+}
+
+static void sssraid_fwevt_put(struct sssraid_fwevt *fwevt)
+{
+ kref_put(&fwevt->ref_count, sssraid_fwevt_free);
+}
+
+static void sssraid_fwevt_del_from_list(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt)
+{
+ unsigned long flags;
+
+ spin_lock_irqsave(&hdev->fwevt_lock, flags);
+ if (!list_empty(&fwevt->list)) {
+ list_del_init(&fwevt->list);
+ /*
+ * Put fwevt reference count after
+ * removing it from fwevt_list
+ */
+ sssraid_fwevt_put(fwevt);
+ }
+ spin_unlock_irqrestore(&hdev->fwevt_lock, flags);
+}
+
+static void sssraid_fwevt_bh(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt)
+{
+ struct sssraid_completion *cqe;
+
+ hdev->current_event = fwevt;
+ sssraid_fwevt_del_from_list(hdev, fwevt);
+
+ cqe = (struct sssraid_completion *)fwevt->event_data;
+
+ if (!fwevt->process_evt)
+ goto evt_ack;
+
+ sssraid_complete_aen(hdev, cqe);
+
+evt_ack:
+ /* event response put here: event has been handled. */
+ sssraid_send_event_ack(hdev, fwevt->event_id,
+ fwevt->evt_ctx, le16_to_cpu(cqe->cmd_id));
+ sssraid_fwevt_put(fwevt);
+ hdev->current_event = NULL;
+}
+
+static void sssraid_fwevt_worker(struct work_struct *work)
+{
+ struct sssraid_fwevt *fwevt = container_of(work, struct sssraid_fwevt,
+ work);
+ sssraid_fwevt_bh(fwevt->hdev, fwevt);
+ /*
+ * Put fwevt reference count after
+ * dequeuing it from worker queue
+ */
+ sssraid_fwevt_put(fwevt);
+}
+
+void sssraid_fwevt_add_to_list(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt)
+{
+ unsigned long flags;
+
+ if (!hdev->fwevt_worker_thread)
+ return;
+
+ spin_lock_irqsave(&hdev->fwevt_lock, flags);
+ /* get fwevt reference count while adding it to fwevt_list */
+ sssraid_fwevt_get(fwevt);
+ INIT_LIST_HEAD(&fwevt->list);
+ list_add_tail(&fwevt->list, &hdev->fwevt_list);
+ INIT_WORK(&fwevt->work, sssraid_fwevt_worker);
+ /* get fwevt reference count while enqueueing it to worker queue */
+ sssraid_fwevt_get(fwevt);
+ queue_work(hdev->fwevt_worker_thread, &fwevt->work);
+ spin_unlock_irqrestore(&hdev->fwevt_lock, flags);
+}
+
+static struct sssraid_fwevt *sssraid_dequeue_fwevt(
+ struct sssraid_dev *hdev)
+{
+ unsigned long flags;
+ struct sssraid_fwevt *fwevt = NULL;
+
+ spin_lock_irqsave(&hdev->fwevt_lock, flags);
+ if (!list_empty(&hdev->fwevt_list)) {
+ fwevt = list_first_entry(&hdev->fwevt_list,
+ struct sssraid_fwevt, list);
+ list_del_init(&fwevt->list);
+ /*
+ * Put fwevt reference count after
+ * removing it from fwevt_list
+ */
+ sssraid_fwevt_put(fwevt);
+ }
+ spin_unlock_irqrestore(&hdev->fwevt_lock, flags);
+
+ return fwevt;
+}
+
+void sssraid_cleanup_fwevt_list(struct sssraid_dev *hdev)
+{
+ struct sssraid_fwevt *fwevt = NULL;
+
+ if ((list_empty(&hdev->fwevt_list) && !hdev->current_event) ||
+ !hdev->fwevt_worker_thread)
+ return;
+
+ while ((fwevt = sssraid_dequeue_fwevt(hdev)) ||
+ (fwevt = hdev->current_event)) {
+ /*
+ * Wait on the fwevt to complete. If this returns 1, then
+ * the event was never executed, and we need a put for the
+ * reference the work had on the fwevt.
+ *
+ * If it did execute, we wait for it to finish, and the put will
+ * happen from sssraid_process_fwevt()
+ */
+ if (cancel_work_sync(&fwevt->work)) {
+ /*
+ * Put fwevt reference count after
+ * dequeuing it from worker queue
+ */
+ sssraid_fwevt_put(fwevt);
+ /*
+ * Put fwevt reference count to neutralize
+ * kref_init increment
+ */
+ sssraid_fwevt_put(fwevt);
+ }
+ }
+}
+
+/*
+ * common 1
+ */
+static int sssraid_npages_prp(struct sssraid_dev *hdev)
+{
+ u32 size = 1U << ((hdev->ctrl_info->mdts) * 1U) << 12;
+ u32 nprps = DIV_ROUND_UP(size + hdev->page_size, hdev->page_size);
+
+ return DIV_ROUND_UP(PRP_ENTRY_SIZE * nprps, hdev->page_size - PRP_ENTRY_SIZE);
+}
+
+static int sssraid_npages_sgl(struct sssraid_dev *hdev)
+{
+ u32 nsge = le16_to_cpu(hdev->ctrl_info->max_num_sge);
+
+ return DIV_ROUND_UP(nsge * sizeof(struct sssraid_sgl_desc), hdev->page_size);
+}
+
+static u32 sssraid_cmd_size(struct sssraid_dev *hdev)
+{
+ u32 alloc_size = sizeof(__le64 *) * max(sssraid_npages_prp(hdev), sssraid_npages_sgl(hdev));
+
+ ioc_info(hdev, "iod size: %lu, alloc_size: %u\n",
+ sizeof(struct sssraid_iod), alloc_size);
+
+ return sizeof(struct sssraid_iod) + alloc_size;
+}
+
+static int sssraid_setup_prps(struct sssraid_dev *hdev, struct sssraid_iod *iod)
+{
+ struct scatterlist *sg = iod->sg;
+ u64 dma_addr = sg_dma_address(sg);
+ int dma_len = sg_dma_len(sg);
+ __le64 *prp_list, *old_prp_list;
+ int page_size = hdev->page_size;
+ int offset = dma_addr & (page_size - 1);
+ void **list = sssraid_iod_list(iod);
+ int length = iod->length;
+ struct dma_pool *pool;
+ dma_addr_t prp_dma;
+ int nprps, i;
+
+ length -= (page_size - offset);
+ if (length <= 0) {
+ iod->first_dma = 0;
+ return 0;
+ }
+
+ dma_len -= (page_size - offset);
+ if (dma_len) {
+ dma_addr += (page_size - offset);
+ } else {
+ sg = sg_next(sg);
+ dma_addr = sg_dma_address(sg);
+ dma_len = sg_dma_len(sg);
+ }
+
+ if (length <= page_size) {
+ iod->first_dma = dma_addr;
+ return 0;
+ }
+
+ nprps = DIV_ROUND_UP(length, page_size);
+ if (nprps <= (SMALL_POOL_SIZE / PRP_ENTRY_SIZE)) {
+ pool = iod->sqinfo->prp_small_pool;
+ iod->npages = 0;
+ } else {
+ pool = hdev->prp_page_pool;
+ iod->npages = 1;
+ }
+
+ prp_list = dma_pool_alloc(pool, GFP_ATOMIC, &prp_dma);
+ if (!prp_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate first prp_list memory failed\n");
+ iod->first_dma = dma_addr;
+ iod->npages = -1;
+ return -ENOMEM;
+ }
+ list[0] = prp_list;
+ iod->first_dma = prp_dma;
+ i = 0;
+ for (;;) {
+ if (i == page_size / PRP_ENTRY_SIZE) {
+ old_prp_list = prp_list;
+
+ prp_list = dma_pool_alloc(pool, GFP_ATOMIC, &prp_dma);
+ if (!prp_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate %dth prp_list memory failed\n",
+ iod->npages + 1);
+ return -ENOMEM;
+ }
+ list[iod->npages++] = prp_list;
+ prp_list[0] = old_prp_list[i - 1];
+ old_prp_list[i - 1] = cpu_to_le64(prp_dma);
+ i = 1;
+ }
+ prp_list[i++] = cpu_to_le64(dma_addr);
+ dma_len -= page_size;
+ dma_addr += page_size;
+ length -= page_size;
+ if (length <= 0)
+ break;
+ if (dma_len > 0)
+ continue;
+ if (unlikely(dma_len < 0))
+ goto bad_sgl;
+ sg = sg_next(sg);
+ dma_addr = sg_dma_address(sg);
+ dma_len = sg_dma_len(sg);
+ }
+
+ return 0;
+
+bad_sgl:
+ ioc_err(hdev, "Setup prps, invalid SGL for payload: %d nents: %d\n",
+ iod->length, iod->nsge);
+ return -EIO;
+}
+
+static inline bool sssraid_is_rw_scmd(struct scsi_cmnd *scmd)
+{
+ switch (scmd->cmnd[0]) {
+ case READ_6:
+ case READ_10:
+ case READ_12:
+ case READ_16:
+ case WRITE_6:
+ case WRITE_10:
+ case WRITE_12:
+ case WRITE_16:
+ return true;
+ default:
+ return false;
+ }
+}
+
+static bool sssraid_is_prp(struct sssraid_dev *hdev, struct scsi_cmnd *scmd, u32 nsge)
+{
+ struct scatterlist *sg = scsi_sglist(scmd);
+ u32 page_mask = hdev->page_size - 1;
+ bool is_prp = true;
+ int i = 0;
+
+ scsi_for_each_sg(scmd, sg, nsge, i) {
+ if (i != 0 && i != nsge - 1) {
+ if ((sg_dma_len(sg) & page_mask) ||
+ (sg_dma_address(sg) & page_mask)) {
+ is_prp = false;
+ break;
+ }
+ }
+
+ if (nsge > 1 && i == 0) {
+ if ((sg_dma_address(sg) + sg_dma_len(sg)) & page_mask) {
+ is_prp = false;
+ break;
+ }
+ }
+
+ if (nsge > 1 && i == (nsge - 1)) {
+ if (sg_dma_address(sg) & page_mask) {
+ is_prp = false;
+ break;
+ }
+ }
+ }
+
+ return is_prp;
+}
+
+static void sssraid_sgl_set_data(struct sssraid_sgl_desc *sge, struct scatterlist *sg)
+{
+ sge->addr = cpu_to_le64(sg_dma_address(sg));
+ sge->length = cpu_to_le32(sg_dma_len(sg));
+ sge->type = SSSRAID_SGL_FMT_DATA_DESC << 4;
+}
+
+static void sssraid_sgl_set_seg(struct sssraid_sgl_desc *sge, dma_addr_t dma_addr, int entries)
+{
+ sge->addr = cpu_to_le64(dma_addr);
+ if (entries <= SGES_PER_PAGE) {
+ sge->length = cpu_to_le32(entries * sizeof(*sge));
+ sge->type = SSSRAID_SGL_FMT_LAST_SEG_DESC << 4;
+ } else {
+ sge->length = cpu_to_le32(PAGE_SIZE);
+ sge->type = SSSRAID_SGL_FMT_SEG_DESC << 4;
+ }
+}
+
+
+static int sssraid_setup_ioq_cmd_sgl(struct sssraid_dev *hdev,
+ struct scsi_cmnd *scmd, struct sssraid_ioq_command *ioq_cmd,
+ struct sssraid_iod *iod)
+{
+ struct sssraid_sgl_desc *sg_list, *link, *old_sg_list;
+ struct scatterlist *sg = scsi_sglist(scmd);
+ void **list = sssraid_iod_list(iod);
+ struct dma_pool *pool;
+ int nsge = iod->nsge;
+ dma_addr_t sgl_dma;
+ int i = 0;
+
+ ioq_cmd->common.flags |= SSSRAID_CMD_FLAG_SGL_METABUF;
+
+ if (nsge == 1) {
+ sssraid_sgl_set_data(&ioq_cmd->common.dptr.sgl, sg);
+ return 0;
+ }
+
+ if (nsge <= (SMALL_POOL_SIZE / sizeof(struct sssraid_sgl_desc))) {
+ pool = iod->sqinfo->prp_small_pool;
+ iod->npages = 0;
+ } else {
+ pool = hdev->prp_page_pool;
+ iod->npages = 1;
+ }
+
+ sg_list = dma_pool_alloc(pool, GFP_ATOMIC, &sgl_dma);
+ if (!sg_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate first sgl_list failed\n");
+ iod->npages = -1;
+ return -ENOMEM;
+ }
+
+ list[0] = sg_list;
+ iod->first_dma = sgl_dma;
+ sssraid_sgl_set_seg(&ioq_cmd->common.dptr.sgl, sgl_dma, nsge);
+ do {
+ if (i == SGES_PER_PAGE) {
+ old_sg_list = sg_list;
+ link = &old_sg_list[SGES_PER_PAGE - 1];
+
+ sg_list = dma_pool_alloc(pool, GFP_ATOMIC, &sgl_dma);
+ if (!sg_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate %dth sgl_list failed\n",
+ iod->npages + 1);
+ return -ENOMEM;
+ }
+ list[iod->npages++] = sg_list;
+
+ i = 0;
+ memcpy(&sg_list[i++], link, sizeof(*link));
+ sssraid_sgl_set_seg(link, sgl_dma, nsge);
+ }
+
+ sssraid_sgl_set_data(&sg_list[i++], sg);
+ sg = sg_next(sg);
+ } while (--nsge > 0);
+
+ return 0;
+}
+
+static void sssraid_shost_init(struct sssraid_dev *hdev)
+{
+ struct pci_dev *pdev = hdev->pdev;
+ u8 domain, bus;
+ u32 dev_func;
+
+ domain = pci_domain_nr(pdev->bus);
+ bus = pdev->bus->number;
+ dev_func = pdev->devfn;
+
+ hdev->shost->nr_hw_queues = hdev->init_done_queue_cnt - 1;
+ hdev->shost->can_queue = (hdev->ioq_depth - SSSRAID_PTCMDS_PERQ);
+
+ hdev->shost->sg_tablesize = le16_to_cpu(hdev->ctrl_info->max_num_sge);
+ /* 512B per sector */
+ hdev->shost->max_sectors = (1U << ((hdev->ctrl_info->mdts) * 1U) << 12) / 512;
+ hdev->shost->cmd_per_lun = MAX_CMD_PER_DEV;
+ hdev->shost->max_channel = le16_to_cpu(hdev->ctrl_info->max_channel) - 1;
+ hdev->shost->max_id = le32_to_cpu(hdev->ctrl_info->max_tgt_id);
+ hdev->shost->max_lun = le16_to_cpu(hdev->ctrl_info->max_lun);
+
+ hdev->shost->this_id = -1;
+ hdev->shost->unique_id = (domain << 16) | (bus << 8) | dev_func;
+ hdev->shost->max_cmd_len = MAX_CDB_LEN;
+ hdev->shost->hostt->cmd_size = sssraid_cmd_size(hdev);
+}
+
+static inline void sssraid_get_tag_from_scmd(struct scsi_cmnd *scmd, u16 *qidx, u16 *cid)
+{
+ u32 tag = blk_mq_unique_tag(scmd->request);
+
+ *qidx = blk_mq_unique_tag_to_hwq(tag) + 1;
+ *cid = blk_mq_unique_tag_to_tag(tag);
+}
+
+static inline uint32_t get_unaligned_be24(const uint8_t *const p)
+{
+ return get_unaligned_be32(p - 1) & 0xffffffU;
+}
+
+static int sssraid_setup_rw_cmd(struct sssraid_dev *hdev,
+ struct sssraid_rw_command *rw,
+ struct scsi_cmnd *scmd)
+{
+ u32 start_lba_lo, start_lba_hi;
+ u32 datalength = 0;
+ u16 control = 0;
+
+ start_lba_lo = 0;
+ start_lba_hi = 0;
+
+ if (scmd->sc_data_direction == DMA_TO_DEVICE) {
+ rw->opcode = SSSRAID_CMD_WRITE;
+ } else if (scmd->sc_data_direction == DMA_FROM_DEVICE) {
+ rw->opcode = SSSRAID_CMD_READ;
+ } else {
+ ioc_err(hdev, "Invalid RW_IO for unsupported data direction: %d\n",
+ scmd->sc_data_direction);
+ WARN_ON(1);
+ return -EINVAL;
+ }
+
+ /* 6-byte READ(0x08) or WRITE(0x0A) cdb */
+ if (scmd->cmd_len == 6) {
+ datalength = (u32)(scmd->cmnd[4] == 0 ?
+ IO_6_DEFAULT_TX_LEN : scmd->cmnd[4]);
+ start_lba_lo = (u32)get_unaligned_be24(&scmd->cmnd[1]);
+
+ start_lba_lo &= 0x1FFFFF;
+ }
+
+ /* 10-byte READ(0x28) or WRITE(0x2A) cdb */
+ else if (scmd->cmd_len == 10) {
+ datalength = (u32)get_unaligned_be16(&scmd->cmnd[7]);
+ start_lba_lo = get_unaligned_be32(&scmd->cmnd[2]);
+
+ if (scmd->cmnd[1] & FUA_MASK)
+ control |= SSSRAID_RW_FUA;
+ }
+
+ /* 12-byte READ(0xA8) or WRITE(0xAA) cdb */
+ else if (scmd->cmd_len == 12) {
+ datalength = get_unaligned_be32(&scmd->cmnd[6]);
+ start_lba_lo = get_unaligned_be32(&scmd->cmnd[2]);
+
+ if (scmd->cmnd[1] & FUA_MASK)
+ control |= SSSRAID_RW_FUA;
+ }
+ /* 16-byte READ(0x88) or WRITE(0x8A) cdb */
+ else if (scmd->cmd_len == 16) {
+ datalength = get_unaligned_be32(&scmd->cmnd[10]);
+ start_lba_lo = get_unaligned_be32(&scmd->cmnd[6]);
+ start_lba_hi = get_unaligned_be32(&scmd->cmnd[2]);
+
+ if (scmd->cmnd[1] & FUA_MASK)
+ control |= SSSRAID_RW_FUA;
+ }
+
+ if (unlikely(datalength > U16_MAX || datalength == 0)) {
+ ioc_err(hdev, "Invalid IO for illegal transfer data length: %u\n", datalength);
+ WARN_ON(1);
+ return -EINVAL;
+ }
+
+ rw->slba = cpu_to_le64(((u64)start_lba_hi << 32) | start_lba_lo);
+ /* 0base for nlb */
+ rw->nlb = cpu_to_le16((u16)(datalength - 1));
+ rw->control = cpu_to_le16(control);
+
+ return 0;
+}
+
+static int sssraid_setup_nonio_cmd(struct sssraid_dev *hdev,
+ struct sssraid_scsi_nonio *scsi_nonio, struct scsi_cmnd *scmd)
+{
+ scsi_nonio->buffer_len = cpu_to_le32(scsi_bufflen(scmd));
+
+ switch (scmd->sc_data_direction) {
+ case DMA_NONE:
+ scsi_nonio->opcode = SSSRAID_CMD_NONIO_NONE;
+ break;
+ case DMA_TO_DEVICE:
+ scsi_nonio->opcode = SSSRAID_CMD_NONIO_TODEV;
+ break;
+ case DMA_FROM_DEVICE:
+ scsi_nonio->opcode = SSSRAID_CMD_NONIO_FROMDEV;
+ break;
+ default:
+ ioc_err(hdev, "Invalid NON_IO for unsupported data direction: %d\n",
+ scmd->sc_data_direction);
+ WARN_ON(1);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
+static int sssraid_setup_ioq_cmd(struct sssraid_dev *hdev,
+ struct sssraid_ioq_command *ioq_cmd, struct scsi_cmnd *scmd)
+{
+ memcpy(ioq_cmd->common.cdb, scmd->cmnd, scmd->cmd_len);
+ ioq_cmd->common.cdb_len = scmd->cmd_len;
+
+ if (sssraid_is_rw_scmd(scmd))
+ return sssraid_setup_rw_cmd(hdev, &ioq_cmd->rw, scmd);
+ else
+ return sssraid_setup_nonio_cmd(hdev, &ioq_cmd->scsi_nonio, scmd);
+}
+
+static inline void sssraid_init_iod(struct sssraid_iod *iod)
+{
+ iod->nsge = 0;
+ iod->npages = -1;
+ iod->use_sgl = false;
+ WRITE_ONCE(iod->state, SSSRAID_CMD_IDLE);
+}
+
+int sssraid_io_map_data(struct sssraid_dev *hdev, struct sssraid_iod *iod,
+ struct scsi_cmnd *scmd, struct sssraid_ioq_command *ioq_cmd)
+{
+ int retval;
+
+ retval = scsi_dma_map(scmd);
+ if (unlikely(retval < 0))
+ return retval;
+ iod->nsge = retval;
+ /* No data to DMA, it may be scsi no-rw command */
+ if (unlikely(iod->nsge == 0))
+ return 0;
+
+ iod->length = scsi_bufflen(scmd);
+ iod->sg = scsi_sglist(scmd);
+ iod->use_sgl = !sssraid_is_prp(hdev, scmd, iod->nsge);
+
+ if (iod->use_sgl) {
+ retval = sssraid_setup_ioq_cmd_sgl(hdev, scmd, ioq_cmd, iod);
+ } else {
+ retval = sssraid_setup_prps(hdev, iod);
+ ioq_cmd->common.dptr.prp1 =
+ cpu_to_le64(sg_dma_address(iod->sg));
+ ioq_cmd->common.dptr.prp2 = cpu_to_le64(iod->first_dma);
+ }
+
+ if (retval)
+ scsi_dma_unmap(scmd);
+
+ return retval;
+}
+
+void sssraid_map_status(struct sssraid_iod *iod, struct scsi_cmnd *scmd,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_dev *hdev = iod->sqinfo->hdev;
+
+ scsi_set_resid(scmd, 0);
+
+ switch ((le16_to_cpu(cqe->status) >> 1) & 0x7f) {
+ case FW_STAT_OK:
+ set_host_byte(scmd, DID_OK);
+ break;
+ case FW_STAT_NEED_CHECK:
+ set_host_byte(scmd, DID_OK);
+ scmd->result |= le16_to_cpu(cqe->status) >> 8;
+ if (scmd->result & SAM_STAT_CHECK_CONDITION) {
+ memset(scmd->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
+ memcpy(scmd->sense_buffer, iod->sense, SCSI_SENSE_BUFFERSIZE);
+ scmd->result = (scmd->result & 0x00ffffff) | (DRIVER_SENSE << 24);
+ }
+ break;
+ case FW_STAT_ABORTED:
+ set_host_byte(scmd, DID_ABORT);
+ break;
+ case FW_STAT_NEED_RETRY:
+ set_host_byte(scmd, DID_REQUEUE);
+ break;
+ default:
+ set_host_byte(scmd, DID_BAD_TARGET);
+ ioc_warn(hdev, "cid[%d] qid[%d] bad status[0x%x]\n",
+ le16_to_cpu(cqe->cmd_id), le16_to_cpu(cqe->sq_id),
+ le16_to_cpu(cqe->status));
+ break;
+ }
+}
+
+
+struct sssraid_cmd *sssraid_get_cmd(struct sssraid_dev *hdev, enum sssraid_cmd_type type)
+{
+ struct sssraid_cmd *cmd = NULL;
+ unsigned long flags;
+ struct list_head *head = &hdev->adm_cmd_list;
+ spinlock_t *slock = &hdev->adm_cmd_lock;
+
+ if (type == SSSRAID_CMD_IOPT) {
+ head = &hdev->ioq_pt_list;
+ slock = &hdev->ioq_pt_lock;
+ }
+
+ spin_lock_irqsave(slock, flags);
+ if (list_empty(head)) {
+ spin_unlock_irqrestore(slock, flags);
+ ioc_err(hdev, "err, cmd[%d] list empty\n", type);
+ return NULL;
+ }
+ cmd = list_entry(head->next, struct sssraid_cmd, list);
+ list_del_init(&cmd->list);
+ spin_unlock_irqrestore(slock, flags);
+
+ WRITE_ONCE(cmd->state, SSSRAID_CMD_IN_FLIGHT);
+
+ return cmd;
+}
+
+static int sssraid_add_device(struct sssraid_dev *hdev, struct sssraid_dev_info *device)
+{
+ struct Scsi_Host *shost = hdev->shost;
+ struct scsi_device *sdev;
+
+ ioc_info(hdev, "add device, hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ le32_to_cpu(device->hdid), le16_to_cpu(device->target),
+ device->channel, device->lun, device->attr);
+
+ sdev = scsi_device_lookup(shost, device->channel, le16_to_cpu(device->target), 0);
+ if (sdev) {
+ ioc_warn(hdev, "Device is already exist, channel: %d, target_id: %d, lun: %d\n",
+ device->channel, le16_to_cpu(device->target), 0);
+ scsi_device_put(sdev);
+ return -EEXIST;
+ }
+ scsi_add_device(shost, device->channel, le16_to_cpu(device->target), 0);
+ return 0;
+}
+
+static int sssraid_rescan_device(struct sssraid_dev *hdev, struct sssraid_dev_info *device)
+{
+ struct Scsi_Host *shost = hdev->shost;
+ struct scsi_device *sdev;
+
+ ioc_info(hdev, "rescan device, hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ le32_to_cpu(device->hdid), le16_to_cpu(device->target),
+ device->channel, device->lun, device->attr);
+
+ sdev = scsi_device_lookup(shost, device->channel, le16_to_cpu(device->target), 0);
+ if (!sdev) {
+ ioc_warn(hdev, "device is not exit rescan it, channel: %d, target_id: %d, lun: %d\n",
+ device->channel, le16_to_cpu(device->target), 0);
+ return -ENODEV;
+ }
+
+ scsi_rescan_device(&sdev->sdev_gendev);
+ scsi_device_put(sdev);
+ return 0;
+}
+
+static int sssraid_remove_device(struct sssraid_dev *hdev, struct sssraid_dev_info *org_device)
+{
+ struct Scsi_Host *shost = hdev->shost;
+ struct scsi_device *sdev;
+
+ ioc_info(hdev, "remove device, hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ le32_to_cpu(org_device->hdid), le16_to_cpu(org_device->target),
+ org_device->channel, org_device->lun, org_device->attr);
+
+ sdev = scsi_device_lookup(shost, org_device->channel, le16_to_cpu(org_device->target), 0);
+ if (!sdev) {
+ ioc_warn(hdev, "device is not exit remove it, channel: %d, target_id: %d, lun: %d\n",
+ org_device->channel, le16_to_cpu(org_device->target), 0);
+ return -ENODEV;
+ }
+
+ scsi_remove_device(sdev);
+ scsi_device_put(sdev);
+ return 0;
+}
+
+static int luntarget_cmp_func(const void *l, const void *r)
+{
+ const struct sssraid_dev_info *ln = l;
+ const struct sssraid_dev_info *rn = r;
+ int l_attr = SSSRAID_DEV_INFO_ATTR_BOOT(ln->attr);
+ int r_attr = SSSRAID_DEV_INFO_ATTR_BOOT(rn->attr);
+
+ /* boot first */
+ if (l_attr != r_attr)
+ return (r_attr - l_attr);
+
+ if (ln->channel == rn->channel)
+ return le16_to_cpu(ln->target) - le16_to_cpu(rn->target);
+
+ return ln->channel - rn->channel;
+}
+
+void sssraid_scan_disk(struct sssraid_dev *hdev)
+{
+ struct sssraid_dev_info *devices, *org_devices;
+ struct sssraid_dev_info *sortdevice;
+ u32 nd = le32_to_cpu(hdev->ctrl_info->nd);
+ u8 flag, org_flag;
+ int i, ret;
+ int count = 0;
+
+ devices = kcalloc(nd, sizeof(struct sssraid_dev_info), GFP_KERNEL);
+ if (!devices)
+ return;
+
+ sortdevice = kcalloc(nd, sizeof(struct sssraid_dev_info), GFP_KERNEL);
+ if (!sortdevice)
+ goto free_list;
+
+ ret = sssraid_get_dev_list(hdev, devices);
+ if (ret)
+ goto free_all;
+ org_devices = hdev->devices;
+ for (i = 0; i < nd; i++) {
+ org_flag = org_devices[i].flag;
+ flag = devices[i].flag;
+
+ dbgprint(hdev, "i: %d, org_flag: 0x%x, flag: 0x%x\n", i, org_flag, flag);
+
+ if (SSSRAID_DEV_INFO_FLAG_VALID(flag)) {
+ if (!SSSRAID_DEV_INFO_FLAG_VALID(org_flag)) {
+ down_write(&hdev->devices_rwsem);
+ memcpy(&org_devices[i], &devices[i],
+ sizeof(struct sssraid_dev_info));
+ memcpy(&sortdevice[count++], &devices[i],
+ sizeof(struct sssraid_dev_info));
+ up_write(&hdev->devices_rwsem);
+ } else if (SSSRAID_DEV_INFO_FLAG_CHANGE(flag)) {
+ sssraid_rescan_device(hdev, &devices[i]);
+ }
+ } else {
+ if (SSSRAID_DEV_INFO_FLAG_VALID(org_flag)) {
+ down_write(&hdev->devices_rwsem);
+ org_devices[i].flag &= 0xfe;
+ up_write(&hdev->devices_rwsem);
+ sssraid_remove_device(hdev, &org_devices[i]);
+ }
+ }
+ }
+
+ ioc_info(hdev, "scan work add device count = %d\n", count);
+
+ sort(sortdevice, count, sizeof(sortdevice[0]), luntarget_cmp_func, NULL);
+
+ for (i = 0; i < count; i++)
+ sssraid_add_device(hdev, &sortdevice[i]);
+
+free_all:
+ kfree(sortdevice);
+free_list:
+ kfree(devices);
+}
+
+static int sssraid_wait_abnl_cmd_done(struct sssraid_iod *iod)
+{
+ u16 times = 0;
+
+ do {
+ if (READ_ONCE(iod->state) == SSSRAID_CMD_TMO_COMPLETE)
+ break;
+ msleep(500);
+ times++;
+ } while (times <= SSSRAID_WAIT_ABNL_CMD_TIMEOUT);
+
+ /* wait command completion timeout after abort/reset success */
+ if (times >= SSSRAID_WAIT_ABNL_CMD_TIMEOUT)
+ return -ETIMEDOUT;
+
+ return 0;
+}
+
+static bool sssraid_check_scmd_completed(struct scsi_cmnd *scmd)
+{
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_squeue *sqinfo;
+ u16 hwq, cid;
+
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+ sqinfo = &hdev->sqinfo[hwq];
+ if (READ_ONCE(iod->state) == SSSRAID_CMD_COMPLETE || sssraid_poll_cq(hdev, hwq, cid)) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] has been completed\n",
+ cid, sqinfo->qidx);
+ return true;
+ }
+ return false;
+}
+
+static int sssraid_scsi_reset(struct scsi_cmnd *scmd, enum sssraid_scsi_rst_type rst)
+{
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_sdev_hostdata *hostdata;
+ u16 hwq, cid;
+ int ret;
+
+ scsi_print_command(scmd);
+
+ if (hdev->state != SSSRAID_LIVE || !sssraid_wait_abnl_cmd_done(iod) ||
+ sssraid_check_scmd_completed(scmd))
+ return SUCCESS;
+
+ hostdata = scmd->device->hostdata;
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] timeout, %s reset\n", cid, hwq,
+ rst ? "bus" : "target");
+ ret = sssraid_send_reset_cmd(hdev, rst, hostdata->hdid);
+ if (ret == 0) {
+ ret = sssraid_wait_abnl_cmd_done(iod);
+ if (ret) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] %s reset failed, not found\n",
+ cid, hwq, rst ? "bus" : "target");
+ return FAILED;
+ }
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] %s reset success\n", cid, hwq,
+ rst ? "bus" : "target");
+ return SUCCESS;
+ }
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] ret[%d] %s reset failed\n", cid, hwq, ret,
+ rst ? "bus" : "target");
+ return FAILED;
+}
+
+bool sssraid_change_host_state(struct sssraid_dev *hdev, enum sssraid_state newstate)
+{
+ unsigned long flags;
+ enum sssraid_state oldstate;
+ bool change = false;
+
+ spin_lock_irqsave(&hdev->state_lock, flags);
+
+ oldstate = hdev->state;
+ switch (newstate) {
+ case SSSRAID_LIVE:
+ switch (oldstate) {
+ case SSSRAID_NEW:
+ case SSSRAID_RESETTING:
+ change = true;
+ break;
+ default:
+ break;
+ }
+ break;
+ case SSSRAID_RESETTING:
+ switch (oldstate) {
+ case SSSRAID_LIVE:
+ change = true;
+ break;
+ default:
+ break;
+ }
+ break;
+ case SSSRAID_DELETING:
+ if (oldstate != SSSRAID_DELETING)
+ change = true;
+ break;
+ case SSSRAID_DEAD:
+ switch (oldstate) {
+ case SSSRAID_NEW:
+ case SSSRAID_LIVE:
+ case SSSRAID_RESETTING:
+ change = true;
+ break;
+ default:
+ break;
+ }
+ break;
+ default:
+ break;
+ }
+ if (change)
+ hdev->state = newstate;
+ spin_unlock_irqrestore(&hdev->state_lock, flags);
+
+ ioc_info(hdev, "[%d]->[%d], change[%d]\n", oldstate, newstate, change);
+
+ return change;
+}
+
+static int sssraid_get_qd_by_disk(u8 attr)
+{
+ switch (SSSRAID_DEV_DISK_TYPE(attr)) {
+ case SSSRAID_SAS_HDD_VD:
+ case SSSRAID_SATA_HDD_VD:
+ return SSSRAID_HDD_VD_QD;
+ case SSSRAID_SAS_SSD_VD:
+ case SSSRAID_SATA_SSD_VD:
+ case SSSRAID_NVME_SSD_VD:
+ return SSSRAID_SSD_VD_QD;
+ case SSSRAID_SAS_HDD_PD:
+ case SSSRAID_SATA_HDD_PD:
+ return SSSRAID_HDD_PD_QD;
+ case SSSRAID_SAS_SSD_PD:
+ case SSSRAID_SATA_SSD_PD:
+ case SSSRAID_NVME_SSD_PD:
+ return SSSRAID_SSD_PD_QD;
+ default:
+ return MAX_CMD_PER_DEV;
+ }
+}
+
+static int sssraid_match_dev(struct sssraid_dev *hdev, u16 idx, struct scsi_device *sdev)
+{
+ if (SSSRAID_DEV_INFO_FLAG_VALID(hdev->devices[idx].flag)) {
+ if (sdev->channel == hdev->devices[idx].channel &&
+ sdev->id == le16_to_cpu(hdev->devices[idx].target) &&
+ sdev->lun < hdev->devices[idx].lun) {
+ ioc_info(hdev, "Match device success, channel:target:lun[%d:%d:%d]\n",
+ hdev->devices[idx].channel,
+ hdev->devices[idx].target,
+ hdev->devices[idx].lun);
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+static int sssraid_bsg_map_data(struct sssraid_dev *hdev, struct bsg_job *job,
+ struct sssraid_admin_command *cmd)
+{
+ struct request *rq = blk_mq_rq_from_pdu(job);
+ struct sssraid_iod *iod = job->dd_data;
+ enum dma_data_direction dma_dir = rq_data_dir(rq) ? DMA_TO_DEVICE : DMA_FROM_DEVICE;
+ int ret = 0;
+
+ iod->sg = job->request_payload.sg_list;
+ iod->nsge = job->request_payload.sg_cnt;
+ iod->length = job->request_payload.payload_len;
+ iod->use_sgl = false;
+ iod->npages = -1;
+
+ if (!iod->nsge)
+ goto out;
+
+ ret = dma_map_sg_attrs(&hdev->pdev->dev, iod->sg, iod->nsge, dma_dir, DMA_ATTR_NO_WARN);
+ if (!ret)
+ goto out;
+
+ ret = sssraid_setup_prps(hdev, iod);
+ if (ret)
+ goto unmap;
+
+ cmd->common.dptr.prp1 = cpu_to_le64(sg_dma_address(iod->sg));
+ cmd->common.dptr.prp2 = cpu_to_le64(iod->first_dma);
+
+ return 0;
+
+unmap:
+ dma_unmap_sg(&hdev->pdev->dev, iod->sg, iod->nsge, dma_dir);
+out:
+ return ret;
+}
+
+static void sssraid_bsg_unmap_data(struct sssraid_dev *hdev, struct bsg_job *job)
+{
+ struct request *rq = blk_mq_rq_from_pdu(job);
+ struct sssraid_iod *iod = job->dd_data;
+ enum dma_data_direction dma_dir = rq_data_dir(rq) ? DMA_TO_DEVICE : DMA_FROM_DEVICE;
+
+ if (iod->nsge)
+ dma_unmap_sg(&hdev->pdev->dev, iod->sg, iod->nsge, dma_dir);
+
+ sssraid_free_iod_res(hdev, iod);
+}
+
+void sssraid_put_cmd(struct sssraid_dev *hdev, struct sssraid_cmd *cmd,
+ enum sssraid_cmd_type type)
+{
+ unsigned long flags;
+ struct list_head *head = &hdev->adm_cmd_list;
+ spinlock_t *slock = &hdev->adm_cmd_lock;
+
+ if (type == SSSRAID_CMD_IOPT) {
+ head = &hdev->ioq_pt_list;
+ slock = &hdev->ioq_pt_lock;
+ }
+
+ spin_lock_irqsave(slock, flags);
+ WRITE_ONCE(cmd->state, SSSRAID_CMD_IDLE);
+ list_add_tail(&cmd->list, head);
+ spin_unlock_irqrestore(slock, flags);
+}
+
+static int sssraid_user_admin_cmd(struct sssraid_dev *hdev, struct bsg_job *job)
+{
+ struct sssraid_bsg_request *bsg_req = job->request;
+ struct sssraid_passthru_common_cmd *cmd = &(bsg_req->admcmd);
+ struct sssraid_admin_command admin_cmd;
+ u32 timeout = msecs_to_jiffies(cmd->timeout_ms);
+ u32 result[2] = {0};
+ int status;
+
+ if (hdev->state >= SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host state:[%d] is not right\n",
+ hdev->state);
+ return -EBUSY;
+ }
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.common.opcode = cmd->opcode;
+ admin_cmd.common.flags = cmd->flags;
+ admin_cmd.common.hdid = cpu_to_le32(cmd->nsid);
+ admin_cmd.common.cdw2[0] = cpu_to_le32(cmd->cdw2);
+ admin_cmd.common.cdw2[1] = cpu_to_le32(cmd->cdw3);
+ admin_cmd.common.cdw10 = cpu_to_le32(cmd->cdw10);
+ admin_cmd.common.cdw11 = cpu_to_le32(cmd->cdw11);
+ admin_cmd.common.cdw12 = cpu_to_le32(cmd->cdw12);
+ admin_cmd.common.cdw13 = cpu_to_le32(cmd->cdw13);
+ admin_cmd.common.cdw14 = cpu_to_le32(cmd->cdw14);
+ admin_cmd.common.cdw15 = cpu_to_le32(cmd->cdw15);
+
+ status = sssraid_bsg_map_data(hdev, job, &admin_cmd);
+ if (status) {
+ ioc_err(hdev, "err, map data failed\n");
+ return status;
+ }
+
+ status = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, &result[0], &result[1], timeout);
+ if (status >= 0) {
+ job->reply_len = sizeof(result);
+ memcpy(job->reply, result, sizeof(result));
+ }
+
+ if (status)
+ ioc_info(hdev, "opcode[0x%x] subopcode[0x%x], status[0x%x] result0[0x%x] result1[0x%x]\n",
+ cmd->opcode, cmd->info_0.subopcode, status, result[0], result[1]);
+
+ sssraid_bsg_unmap_data(hdev, job);
+
+ return status;
+}
+
+static int sssraid_submit_ioq_sync_cmd(struct sssraid_dev *hdev, struct sssraid_ioq_command *cmd,
+ u32 *result, u32 *reslen, u32 timeout)
+{
+ int ret;
+ dma_addr_t sense_dma;
+ struct sssraid_squeue *sqinfo;
+ void *sense_addr = NULL;
+ struct sssraid_cmd *pt_cmd = sssraid_get_cmd(hdev, SSSRAID_CMD_IOPT);
+
+ if (!pt_cmd) {
+ ioc_err(hdev, "err, get sqinfo cmd failed\n");
+ return -EFAULT;
+ }
+
+ timeout = timeout ? timeout : ADMIN_TIMEOUT;
+
+ init_completion(&pt_cmd->cmd_done);
+
+ sqinfo = &hdev->sqinfo[pt_cmd->qid];
+ ret = pt_cmd->cid * SCSI_SENSE_BUFFERSIZE;
+ sense_addr = sqinfo->sense + ret;
+ sense_dma = sqinfo->sense_dma_addr + ret;
+
+ cmd->common.sense_addr = cpu_to_le64(sense_dma);
+ cmd->common.sense_len = cpu_to_le16(SCSI_SENSE_BUFFERSIZE);
+ cmd->common.command_id = cpu_to_le16(pt_cmd->cid);
+
+ sssraid_submit_cmd(sqinfo, cmd);
+
+ if (!wait_for_completion_timeout(&pt_cmd->cmd_done, timeout)) {
+ ioc_err(hdev, "cid[%d] qid[%d] timeout, opcode[0x%x] subopcode[0x%x]\n",
+ pt_cmd->cid, pt_cmd->qid, cmd->common.opcode,
+ (le32_to_cpu(cmd->common.cdw3[0]) & 0xffff));
+
+ /* reset controller if admin timeout */
+ sssraid_adm_timeout(hdev, pt_cmd);
+
+ sssraid_put_cmd(hdev, pt_cmd, SSSRAID_CMD_IOPT);
+ return -ETIME;
+ }
+
+ if (result && reslen) {
+ if ((pt_cmd->status & 0x17f) == 0x101) {
+ memcpy(result, sense_addr, SCSI_SENSE_BUFFERSIZE);
+ *reslen = SCSI_SENSE_BUFFERSIZE;
+ }
+ }
+
+ sssraid_put_cmd(hdev, pt_cmd, SSSRAID_CMD_IOPT);
+
+ return pt_cmd->status;
+}
+
+static int sssraid_user_ioq_cmd(struct sssraid_dev *hdev, struct bsg_job *job)
+{
+ struct sssraid_bsg_request *bsg_req = (struct sssraid_bsg_request *)(job->request);
+ struct sssraid_ioq_passthru_cmd *cmd = &(bsg_req->ioqcmd);
+ struct sssraid_ioq_command ioq_cmd;
+ int status = 0;
+ u32 timeout = msecs_to_jiffies(cmd->timeout_ms);
+
+ if (cmd->data_len > IOQ_PT_DATA_LEN) {
+ ioc_err(hdev, "data len bigger than 4k\n");
+ return -EFAULT;
+ }
+
+ if (hdev->state != SSSRAID_LIVE) {
+ ioc_err(hdev, "err, host state:[%d] is not live\n",
+ hdev->state);
+ return -EBUSY;
+ }
+
+ ioc_info(hdev, "opcode[0x%x] subopcode[0x%x] init, datalen[%d]\n",
+ cmd->opcode, cmd->info_1.subopcode, cmd->data_len);
+
+ memset(&ioq_cmd, 0, sizeof(ioq_cmd));
+ ioq_cmd.common.opcode = cmd->opcode;
+ ioq_cmd.common.flags = cmd->flags;
+ ioq_cmd.common.hdid = cpu_to_le32(cmd->nsid);
+ ioq_cmd.common.sense_len = cpu_to_le16(cmd->info_0.res_sense_len);
+ ioq_cmd.common.cdb_len = cmd->info_0.cdb_len;
+ ioq_cmd.common.rsvd2 = cmd->info_0.rsvd0;
+ ioq_cmd.common.cdw3[0] = cpu_to_le32(cmd->cdw3);
+ ioq_cmd.common.cdw3[1] = cpu_to_le32(cmd->cdw4);
+ ioq_cmd.common.cdw3[2] = cpu_to_le32(cmd->cdw5);
+
+ ioq_cmd.common.cdw10[0] = cpu_to_le32(cmd->cdw10);
+ ioq_cmd.common.cdw10[1] = cpu_to_le32(cmd->cdw11);
+ ioq_cmd.common.cdw10[2] = cpu_to_le32(cmd->cdw12);
+ ioq_cmd.common.cdw10[3] = cpu_to_le32(cmd->cdw13);
+ ioq_cmd.common.cdw10[4] = cpu_to_le32(cmd->cdw14);
+ ioq_cmd.common.cdw10[5] = cpu_to_le32(cmd->data_len);
+
+ memcpy(ioq_cmd.common.cdb, &cmd->cdw16, cmd->info_0.cdb_len);
+
+ ioq_cmd.common.cdw26[0] = cpu_to_le32(cmd->cdw26[0]);
+ ioq_cmd.common.cdw26[1] = cpu_to_le32(cmd->cdw26[1]);
+ ioq_cmd.common.cdw26[2] = cpu_to_le32(cmd->cdw26[2]);
+ ioq_cmd.common.cdw26[3] = cpu_to_le32(cmd->cdw26[3]);
+
+ status = sssraid_bsg_map_data(hdev, job, (struct sssraid_admin_command *)&ioq_cmd);
+ if (status) {
+ ioc_err(hdev, "err, map data failed\n");
+ return status;
+ }
+
+ status = sssraid_submit_ioq_sync_cmd(hdev, &ioq_cmd, job->reply, &job->reply_len, timeout);
+ if (status)
+ ioc_info(hdev, "opcode[0x%x] subopcode[0x%x], status[0x%x], reply_len[%d]\n",
+ cmd->opcode, cmd->info_1.subopcode, status, job->reply_len);
+
+ sssraid_bsg_unmap_data(hdev, job);
+
+ return status;
+}
+
+
+/* bsg dispatch user command */
+static int sssraid_bsg_host_dispatch(struct bsg_job *job)
+{
+ struct Scsi_Host *shost = dev_to_shost(job->dev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ struct request *rq = blk_mq_rq_from_pdu(job);
+ struct sssraid_bsg_request *bsg_req = job->request;
+ int ret = -ENOMSG;
+
+ job->reply_len = 0;
+
+ if (bsg_req == NULL || job->request_len != sizeof(struct sssraid_bsg_request)) {
+ bsg_job_done(job, ret, 0);
+ return 0;
+ }
+ dbgprint(hdev, "bsg msgcode[%d] msglen[%d] timeout[%d];"
+ "reqnsge[%d], reqlen[%d]\n",
+ bsg_req->msgcode, job->request_len, rq->timeout,
+ job->request_payload.sg_cnt, job->request_payload.payload_len);
+
+ switch (bsg_req->msgcode) {
+ case SSSRAID_BSG_ADM:
+ ret = sssraid_user_admin_cmd(hdev, job);
+ break;
+ case SSSRAID_BSG_IOQ:
+ ret = sssraid_user_ioq_cmd(hdev, job);
+ break;
+ default:
+ ioc_info(hdev, "unsupport msgcode[%d]\n", bsg_req->msgcode);
+ break;
+ }
+
+ if (ret > 0)
+ ret = ret | (ret << 8);
+
+ bsg_job_done(job, ret, 0);
+ return 0;
+}
+
+static inline void sssraid_remove_bsg(struct sssraid_dev *hdev)
+{
+ if (hdev->bsg_queue) {
+ bsg_unregister_queue(hdev->bsg_queue);
+ blk_cleanup_queue(hdev->bsg_queue);
+ }
+}
+
+static void sssraid_back_fault_cqe(struct sssraid_squeue *sqinfo, struct sssraid_completion *cqe)
+{
+ struct sssraid_dev *hdev = sqinfo->hdev;
+ struct blk_mq_tags *tags;
+ struct scsi_cmnd *scmd;
+ struct sssraid_iod *iod;
+ struct request *req;
+
+ tags = hdev->shost->tag_set.tags[sqinfo->qidx - 1];
+ req = blk_mq_tag_to_rq(tags, le16_to_cpu(cqe->cmd_id));
+ if (unlikely(!req || !blk_mq_request_started(req)))
+ return;
+
+ scmd = blk_mq_rq_to_pdu(req);
+ iod = scsi_cmd_priv(scmd);
+
+ if (READ_ONCE(iod->state) != SSSRAID_CMD_IN_FLIGHT &&
+ READ_ONCE(iod->state) != SSSRAID_CMD_TIMEOUT)
+ return;
+
+ WRITE_ONCE(iod->state, SSSRAID_CMD_TMO_COMPLETE);
+ set_host_byte(scmd, DID_NO_CONNECT);
+ if (iod->nsge)
+ scsi_dma_unmap(scmd);
+ sssraid_free_iod_res(hdev, iod);
+ scmd->scsi_done(scmd);
+ ioc_warn(hdev, "Back fault CQE, cid[%d] qidx[%d]\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx);
+}
+
+void sssraid_back_all_io(struct sssraid_dev *hdev)
+{
+ int i, j;
+ struct sssraid_squeue *sqinfo;
+ struct sssraid_completion cqe = { 0 };
+
+ scsi_block_requests(hdev->shost);
+
+ for (i = 1; i <= hdev->shost->nr_hw_queues; i++) {
+ sqinfo = &hdev->sqinfo[i];
+ for (j = 0; j < hdev->scsi_qd; j++) {
+ cqe.cmd_id = cpu_to_le16(j);
+ sssraid_back_fault_cqe(sqinfo, &cqe);
+ }
+ }
+
+ scsi_unblock_requests(hdev->shost);
+
+ j = SSSRAID_AQ_BLK_MQ_DEPTH;
+ for (i = 0; i < j; i++) {
+ if (READ_ONCE(hdev->adm_cmds[i].state) == SSSRAID_CMD_IN_FLIGHT) {
+ ioc_info(hdev, "Back adm, cid[%d]\n", i);
+ hdev->adm_cmds[i].status = 0xFFFF;
+ WRITE_ONCE(hdev->adm_cmds[i].state, SSSRAID_CMD_COMPLETE);
+ complete(&(hdev->adm_cmds[i].cmd_done));
+ }
+ }
+
+ j = SSSRAID_NR_IOQ_PTCMDS;
+ for (i = 0; i < j; i++) {
+ if (READ_ONCE(hdev->ioq_ptcmds[i].state) == SSSRAID_CMD_IN_FLIGHT) {
+ hdev->ioq_ptcmds[i].status = 0xFFFF;
+ WRITE_ONCE(hdev->ioq_ptcmds[i].state, SSSRAID_CMD_COMPLETE);
+ complete(&(hdev->ioq_ptcmds[i].cmd_done));
+ }
+ }
+}
+
+/**
+ * static struct scsi_host_template sssraid_driver_template
+ */
+static int sssraid_scan_finished(struct Scsi_Host *shost,
+ unsigned long time)
+{
+ struct sssraid_dev *hdev = shost_priv(shost);
+
+ sssraid_scan_disk(hdev);
+
+ return 1;
+}
+
+/* eh_target_reset_handler call back */
+static int sssraid_eh_target_reset(struct scsi_cmnd *scmd)
+{
+ return sssraid_scsi_reset(scmd, SSSRAID_RESET_TARGET);
+}
+
+/* eh_bus_reset_handler call back */
+static int sssraid_bus_reset_handler(struct scsi_cmnd *scmd)
+{
+ return sssraid_scsi_reset(scmd, SSSRAID_RESET_BUS);
+}
+
+/* eh_host_reset_handler call back */
+static int sssraid_eh_host_reset(struct scsi_cmnd *scmd)
+{
+ u16 hwq, cid;
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+
+ scsi_print_command(scmd);
+ if (hdev->state != SSSRAID_LIVE || sssraid_check_scmd_completed(scmd))
+ return SUCCESS;
+
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+ ioc_warn(hdev, "cid[%d] qidx[%d] host reset\n", cid, hwq);
+
+ /* It's useless:
+ * old code sssraid_reset_work_sync
+ * queue_work(reset_work) at first,
+ * then flush_work to synchronize.
+ */
+ if (!sssraid_change_host_state(hdev, SSSRAID_RESETTING)) {
+ ioc_info(hdev, "can't change to reset state\n");
+ return FAILED;
+ }
+ if (sssraid_soft_reset_handler(hdev)) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] host reset failed\n", cid, hwq);
+ return FAILED;
+ }
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] host reset success\n", cid, hwq);
+
+ return SUCCESS;
+}
+
+/* host_reset call back */
+static int sssraid_sysfs_host_reset(struct Scsi_Host *shost, int reset_type)
+{
+ int ret;
+ struct sssraid_dev *hdev = shost_priv(shost);
+
+ ioc_info(hdev, "start sysfs host reset cmd\n");
+ if (!sssraid_change_host_state(hdev, SSSRAID_RESETTING)) {
+ ioc_info(hdev, "can't change to reset state\n");
+ return -EBUSY;
+ }
+ ret = sssraid_soft_reset_handler(hdev);
+ ioc_info(hdev, "stop sysfs host reset cmd[%d]\n", ret);
+
+ return ret;
+}
+
+/* queuecommand call back */
+static int sssraid_qcmd(struct Scsi_Host *shost,
+ struct scsi_cmnd *scmd)
+{
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ struct scsi_device *sdev = scmd->device;
+ struct sssraid_sdev_hostdata *hostdata = sdev->hostdata;
+ u16 hwq, cid;
+ struct sssraid_squeue *sq;
+ struct sssraid_ioq_command ioq_cmd;
+ int retval;
+
+ if (unlikely(hdev->state == SSSRAID_RESETTING))
+ return SCSI_MLQUEUE_HOST_BUSY;
+
+ if (unlikely(hdev->state != SSSRAID_LIVE)) {
+ set_host_byte(scmd, DID_NO_CONNECT);
+ scmd->scsi_done(scmd);
+ return 0;
+ }
+
+ if (unlikely(hdev->logging_level & SSSRAID_DEBUG))
+ scsi_print_command(scmd);
+
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+ hostdata = sdev->hostdata;
+ sq = &hdev->sqinfo[hwq];
+
+ memset(&ioq_cmd, 0, sizeof(ioq_cmd));
+ ioq_cmd.rw.hdid = cpu_to_le32(hostdata->hdid);
+ ioq_cmd.rw.command_id = cpu_to_le16(cid);
+
+ retval = sssraid_setup_ioq_cmd(hdev, &ioq_cmd, scmd);
+ if (unlikely(retval)) {
+ set_host_byte(scmd, DID_ERROR);
+ scmd->scsi_done(scmd);
+ return 0;
+ }
+
+ iod->sense = sq->sense + retval;
+ iod->sense_dma = sq->sense_dma_addr + retval;
+ ioq_cmd.common.sense_addr = cpu_to_le64(iod->sense_dma);
+ ioq_cmd.common.sense_len = cpu_to_le16(SCSI_SENSE_BUFFERSIZE);
+
+ sssraid_init_iod(iod);
+
+ iod->sqinfo = sq;
+ sssraid_io_map_data(hdev, iod, scmd, &ioq_cmd);
+ if (unlikely(retval)) {
+ ioc_err(hdev, "sssraid_io_map_data Err.\n");
+ set_host_byte(scmd, DID_ERROR);
+ scmd->scsi_done(scmd);
+ retval = 0;
+ goto deinit_iod;
+ }
+
+ WRITE_ONCE(iod->state, SSSRAID_CMD_IN_FLIGHT);
+ sssraid_submit_cmd(sq, &ioq_cmd);
+
+ return 0;
+
+deinit_iod:
+ sssraid_free_iod_res(hdev, iod);
+ return retval;
+}
+
+/* change_queue_depth call back:
+ * keep as old
+ */
+
+/* slave_configure call back */
+static int sssraid_slave_configure(struct scsi_device *sdev)
+{
+ int qd = MAX_CMD_PER_DEV;
+ unsigned int timeout = scmd_tmout_rawdisk * HZ;
+ struct sssraid_dev *hdev = shost_priv(sdev->host);
+ struct sssraid_sdev_hostdata *hostdata = sdev->hostdata;
+ u32 max_sec = sdev->host->max_sectors;
+
+ if (hostdata) {
+ if (SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ timeout = scmd_tmout_vd * HZ;
+ else if (SSSRAID_DEV_INFO_ATTR_RAWDISK(hostdata->attr))
+ timeout = scmd_tmout_rawdisk * HZ;
+ max_sec = hostdata->max_io_kb << 1;
+ qd = sssraid_get_qd_by_disk(hostdata->attr);
+ } else {
+ ioc_err(hdev, "err, sdev->hostdata is null\n");
+ }
+
+ blk_queue_rq_timeout(sdev->request_queue, timeout);
+ sdev->eh_timeout = timeout;
+ scsi_change_queue_depth(sdev, qd);
+
+ if ((max_sec == 0) || (max_sec > sdev->host->max_sectors))
+ max_sec = sdev->host->max_sectors;
+
+ blk_queue_max_hw_sectors(sdev->request_queue, max_sec);
+
+ ioc_info(hdev, "sdev->channel:id:lun[%d:%d:%lld], scmd_timeout[%d]s, maxsec[%d]\n",
+ sdev->channel, sdev->id, sdev->lun, timeout / HZ, max_sec);
+
+ return 0;
+}
+
+/* slave_alloc call back */
+static int sssraid_slave_alloc(struct scsi_device *sdev)
+{
+ struct sssraid_sdev_hostdata *hostdata;
+ struct sssraid_dev *hdev;
+ u16 idx;
+
+ hdev = shost_priv(sdev->host);
+ hostdata = kzalloc(sizeof(*hostdata), GFP_KERNEL);
+ if (!hostdata) {
+ ioc_err(hdev, "Alloc scsi host data memory failed\n");
+ return -ENOMEM;
+ }
+
+ down_read(&hdev->devices_rwsem);
+ for (idx = 0; idx < le32_to_cpu(hdev->ctrl_info->nd); idx++) {
+ if (sssraid_match_dev(hdev, idx, sdev))
+ goto scan_host;
+ }
+ up_read(&hdev->devices_rwsem);
+
+ kfree(hostdata);
+ return -ENXIO;
+
+scan_host:
+ hostdata->hdid = le32_to_cpu(hdev->devices[idx].hdid);
+ hostdata->max_io_kb = le16_to_cpu(hdev->devices[idx].max_io_kb);
+ hostdata->attr = hdev->devices[idx].attr;
+ hostdata->flag = hdev->devices[idx].flag;
+ hostdata->rg_id = 0xff;
+ sdev->hostdata = hostdata;
+ up_read(&hdev->devices_rwsem);
+ return 0;
+}
+
+/* slave_destroy call back */
+static void sssraid_slave_destroy(struct scsi_device *sdev)
+{
+ kfree(sdev->hostdata);
+ sdev->hostdata = NULL;
+}
+
+/* eh_timed_out call back */
+static enum blk_eh_timer_return sssraid_scmd_timeout(struct scsi_cmnd *scmd)
+{
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ unsigned int timeout = scmd->device->request_queue->rq_timeout;
+
+ if (sssraid_check_scmd_completed(scmd))
+ goto out;
+
+ if (time_after(jiffies, scmd->jiffies_at_alloc + timeout)) {
+ if (cmpxchg(&iod->state, SSSRAID_CMD_IN_FLIGHT, SSSRAID_CMD_TIMEOUT) ==
+ SSSRAID_CMD_IN_FLIGHT) {
+ return BLK_EH_DONE;
+ }
+ }
+out:
+ return BLK_EH_RESET_TIMER;
+}
+
+/* eh_abort_handler call back */
+static int sssraid_abort_handler(struct scsi_cmnd *scmd)
+{
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_sdev_hostdata *hostdata;
+ u16 hwq, cid;
+ int ret;
+
+ scsi_print_command(scmd);
+
+ if (hdev->state != SSSRAID_LIVE || !sssraid_wait_abnl_cmd_done(iod) ||
+ sssraid_check_scmd_completed(scmd))
+ return SUCCESS;
+
+ hostdata = scmd->device->hostdata;
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] timeout, aborting\n", cid, hwq);
+ ret = sssraid_send_abort_cmd(hdev, hostdata->hdid, hwq, cid);
+ if (ret != -ETIME) {
+ ret = sssraid_wait_abnl_cmd_done(iod);
+ if (ret) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] abort failed, not found\n", cid, hwq);
+ return FAILED;
+ }
+ ioc_warn(hdev, "cid[%d] qidx[%d] abort succ\n", cid, hwq);
+ return SUCCESS;
+ }
+ ioc_warn(hdev, "cid[%d] qidx[%d] abort failed, timeout\n", cid, hwq);
+ return FAILED;
+}
+
+static ssize_t csts_pp_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_PP_MASK);
+ ret >>= SSSRAID_CSTS_PP_SHIFT;
+ }
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t csts_shst_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_SHST_MASK);
+ ret >>= SSSRAID_CSTS_SHST_SHIFT;
+ }
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t csts_cfs_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_CFS_MASK);
+ ret >>= SSSRAID_CSTS_CFS_SHIFT;
+ }
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t csts_rdy_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev))
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_RDY);
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t fw_version_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+
+ return snprintf(buf, PAGE_SIZE, "%s\n", hdev->ctrl_info->fr);
+}
+
+static DEVICE_ATTR_RO(csts_pp);
+static DEVICE_ATTR_RO(csts_shst);
+static DEVICE_ATTR_RO(csts_cfs);
+static DEVICE_ATTR_RO(csts_rdy);
+static DEVICE_ATTR_RO(fw_version);
+
+static struct device_attribute *sssraid_host_attrs[] = {
+ &dev_attr_csts_pp,
+ &dev_attr_csts_shst,
+ &dev_attr_csts_cfs,
+ &dev_attr_csts_rdy,
+ &dev_attr_fw_version,
+ NULL,
+};
+
+static int sssraid_get_vd_info(struct sssraid_dev *hdev, struct sssraid_vd_info *vd_info, u16 vid)
+{
+ struct sssraid_admin_command admin_cmd;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+ int ret;
+
+ if (hdev->state >= SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host state[%d] is not right\n", hdev->state);
+ return -EBUSY;
+ }
+
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.usr_cmd.opcode = USR_CMD_READ;
+ admin_cmd.usr_cmd.info_0.subopcode = cpu_to_le16(USR_CMD_VDINFO);
+ admin_cmd.usr_cmd.info_1.data_len = cpu_to_le16(USR_CMD_RDLEN);
+ admin_cmd.usr_cmd.info_1.param_len = cpu_to_le16(VDINFO_PARAM_LEN);
+ admin_cmd.usr_cmd.cdw10 = cpu_to_le32(vid);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+ if (!ret)
+ memcpy(vd_info, data_ptr, sizeof(struct sssraid_vd_info));
+
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, data_ptr, data_dma);
+
+ return ret;
+}
+
+static int sssraid_get_bgtask(struct sssraid_dev *hdev, struct sssraid_bgtask *bgtask)
+{
+ struct sssraid_admin_command admin_cmd;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+ int ret;
+
+ if (hdev->state >= SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host state[%d] is not right\n", hdev->state);
+ return -EBUSY;
+ }
+
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.usr_cmd.opcode = USR_CMD_READ;
+ admin_cmd.usr_cmd.info_0.subopcode = cpu_to_le16(USR_CMD_BGTASK);
+ admin_cmd.usr_cmd.info_1.data_len = cpu_to_le16(USR_CMD_RDLEN);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+ if (!ret)
+ memcpy(bgtask, data_ptr, sizeof(struct sssraid_bgtask));
+
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, data_ptr, data_dma);
+
+ return ret;
+}
+
+static ssize_t raid_level_show(struct device *dev, struct device_attribute *attr, char *buf)
+{
+ struct scsi_device *sdev;
+ struct sssraid_dev *hdev;
+ struct sssraid_vd_info *vd_info;
+ struct sssraid_sdev_hostdata *hostdata;
+ int ret;
+
+ sdev = to_scsi_device(dev);
+ hdev = shost_priv(sdev->host);
+ hostdata = sdev->hostdata;
+
+ vd_info = kmalloc(sizeof(*vd_info), GFP_KERNEL);
+ if (!vd_info || !SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ return snprintf(buf, PAGE_SIZE, "NA\n");
+
+ ret = sssraid_get_vd_info(hdev, vd_info, sdev->id);
+ if (ret)
+ vd_info->rg_level = ARRAY_SIZE(raid_levels) - 1;
+
+ ret = (vd_info->rg_level < ARRAY_SIZE(raid_levels)) ?
+ vd_info->rg_level : (ARRAY_SIZE(raid_levels) - 1);
+
+ kfree(vd_info);
+
+ return snprintf(buf, PAGE_SIZE, "RAID-%s\n", raid_levels[ret]);
+}
+
+static ssize_t raid_state_show(struct device *dev, struct device_attribute *attr, char *buf)
+{
+ struct scsi_device *sdev;
+ struct sssraid_dev *hdev;
+ struct sssraid_vd_info *vd_info;
+ struct sssraid_sdev_hostdata *hostdata;
+ int ret;
+
+ sdev = to_scsi_device(dev);
+ hdev = shost_priv(sdev->host);
+ hostdata = sdev->hostdata;
+
+ vd_info = kmalloc(sizeof(*vd_info), GFP_KERNEL);
+ if (!vd_info || !SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ return snprintf(buf, PAGE_SIZE, "NA\n");
+
+ ret = sssraid_get_vd_info(hdev, vd_info, sdev->id);
+ if (ret) {
+ vd_info->vd_status = 0;
+ vd_info->rg_id = 0xff;
+ }
+
+ ret = (vd_info->vd_status < ARRAY_SIZE(raid_states)) ? vd_info->vd_status : 0;
+
+ kfree(vd_info);
+
+ return snprintf(buf, PAGE_SIZE, "%s\n", raid_states[ret]);
+}
+
+static ssize_t raid_resync_show(struct device *dev, struct device_attribute *attr, char *buf)
+{
+ struct scsi_device *sdev;
+ struct sssraid_dev *hdev;
+ struct sssraid_vd_info *vd_info;
+ struct sssraid_bgtask *bgtask;
+ struct sssraid_sdev_hostdata *hostdata;
+ u8 rg_id, i, progress = 0;
+ int ret;
+
+ sdev = to_scsi_device(dev);
+ hdev = shost_priv(sdev->host);
+ hostdata = sdev->hostdata;
+
+ vd_info = kmalloc(sizeof(*vd_info), GFP_KERNEL);
+ if (!vd_info || !SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ return snprintf(buf, PAGE_SIZE, "NA\n");
+
+ ret = sssraid_get_vd_info(hdev, vd_info, sdev->id);
+ if (ret)
+ goto out;
+
+ rg_id = vd_info->rg_id;
+
+ bgtask = (struct sssraid_bgtask *)vd_info;
+ ret = sssraid_get_bgtask(hdev, bgtask);
+ if (ret)
+ goto out;
+ for (i = 0; i < bgtask->task_num; i++) {
+ if ((bgtask->bgtask[i].type == BGTASK_TYPE_REBUILD) &&
+ (le16_to_cpu(bgtask->bgtask[i].vd_id) == rg_id))
+ progress = bgtask->bgtask[i].progress;
+ }
+
+out:
+ kfree(vd_info);
+ return snprintf(buf, PAGE_SIZE, "%d\n", progress);
+}
+
+static DEVICE_ATTR_RO(raid_level);
+static DEVICE_ATTR_RO(raid_state);
+static DEVICE_ATTR_RO(raid_resync);
+
+static struct device_attribute *sssraid_dev_attrs[] = {
+ &dev_attr_raid_level,
+ &dev_attr_raid_state,
+ &dev_attr_raid_resync,
+ NULL,
+};
+
+static struct scsi_host_template sssraid_driver_template = {
+ .module = THIS_MODULE,
+ .name = "3SNIC Logic sssraid driver",
+ .proc_name = "sssraid",
+ .queuecommand = sssraid_qcmd,
+ .slave_alloc = sssraid_slave_alloc,
+ .slave_destroy = sssraid_slave_destroy,
+ .slave_configure = sssraid_slave_configure,
+ .scan_finished = sssraid_scan_finished,
+ .eh_timed_out = sssraid_scmd_timeout,
+ .eh_abort_handler = sssraid_abort_handler,
+ .eh_target_reset_handler = sssraid_eh_target_reset,
+ .eh_bus_reset_handler = sssraid_bus_reset_handler,
+ .eh_host_reset_handler = sssraid_eh_host_reset,
+ .change_queue_depth = scsi_change_queue_depth,
+ .host_tagset = 0,
+ .this_id = -1,
+ .unchecked_isa_dma = 0,
+ .shost_attrs = sssraid_host_attrs,
+ .sdev_attrs = sssraid_dev_attrs,
+ .host_reset = sssraid_sysfs_host_reset,
+};
+
+/**
+ * sssraid_probe - PCI probe callback
+ * @pdev: PCI device instance
+ * @id: PCI device ID details
+ *
+ * controller initialization routine.
+ * Allocate per adapter instance through shost_priv and
+ * initialize controller specific data structures, initializae
+ * the controller hardware, add shost to the SCSI subsystem.
+ *
+ * Return: 0 on success, non-zero on failure.
+ */
+
+static int
+sssraid_probe(struct pci_dev *pdev, const struct pci_device_id *id)
+{
+ struct sssraid_dev *hdev;
+ struct Scsi_Host *shost;
+ int node;
+ char bsg_name[15];
+ int retval = 0;
+
+ node = dev_to_node(&pdev->dev);
+ if (node == NUMA_NO_NODE) {
+ node = first_memory_node;
+ set_dev_node(&pdev->dev, node);
+ }
+
+ shost = scsi_host_alloc(&sssraid_driver_template, sizeof(*hdev));
+ if (!shost) {
+ retval = -ENODEV;
+ ioc_err(hdev, "Failed to allocate scsi host\n");
+ goto shost_failed;
+ }
+
+ hdev = shost_priv(shost);
+ hdev->numa_node = node;
+ hdev->instance = shost->host_no; /* for device instance */
+ sprintf(hdev->name, "%s%d", SSSRAID_DRIVER_NAME, hdev->instance);
+
+ init_rwsem(&hdev->devices_rwsem);
+ spin_lock_init(&hdev->state_lock);
+
+ spin_lock_init(&hdev->fwevt_lock);
+ spin_lock_init(&hdev->watchdog_lock);
+
+ INIT_LIST_HEAD(&hdev->fwevt_list);
+
+// logging_level = 1; //garden test
+ hdev->logging_level = logging_level; /* according to log_debug_switch*/
+
+ snprintf(hdev->fwevt_worker_name, sizeof(hdev->fwevt_worker_name),
+ "%s%d_fwevt_wrkr", SSSRAID_DRIVER_NAME, hdev->instance);
+ hdev->fwevt_worker_thread = alloc_ordered_workqueue(
+ hdev->fwevt_worker_name, WQ_MEM_RECLAIM);
+ if (!hdev->fwevt_worker_thread) {
+ ioc_err(hdev, "failure at %s:%d/%s()!\n",
+ __FILE__, __LINE__, __func__);
+ retval = -ENODEV;
+ goto out_fwevtthread_failed;
+ }
+
+ hdev->shost = shost;
+ hdev->pdev = pdev;
+
+ if (sssraid_init_ioc(hdev, 0)) {
+ ioc_err(hdev, "failure at %s:%d/%s()!\n",
+ __FILE__, __LINE__, __func__);
+ retval = -ENODEV;
+ goto out_iocinit_failed;
+ }
+
+ sssraid_shost_init(hdev);
+
+ retval = scsi_add_host(shost, &pdev->dev);
+ if (retval) {
+ ioc_err(hdev, "failure at %s:%d/%s()!\n",
+ __FILE__, __LINE__, __func__);
+ goto addhost_failed;
+ }
+
+ snprintf(bsg_name, sizeof(bsg_name), "%s%d", SSSRAID_DRIVER_NAME, shost->host_no);
+ hdev->bsg_queue = bsg_setup_queue(&shost->shost_gendev, bsg_name,
+ sssraid_bsg_host_dispatch, NULL, sssraid_cmd_size(hdev));
+ if (IS_ERR(hdev->bsg_queue)) {
+ ioc_err(hdev, "err, setup bsg failed\n");
+ hdev->bsg_queue = NULL;
+ goto bsg_setup_failed;
+ }
+
+ sssraid_change_host_state(hdev, SSSRAID_LIVE);
+
+ scsi_scan_host(shost);
+ return retval;
+
+bsg_setup_failed:
+ scsi_remove_host(shost);
+addhost_failed:
+ sssraid_cleanup_ioc(hdev, 0);
+out_iocinit_failed:
+ destroy_workqueue(hdev->fwevt_worker_thread);
+out_fwevtthread_failed:
+ scsi_host_put(shost);
+shost_failed:
+ return retval;
+}
+
+static void sssraid_remove(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return;
+
+ ioc_info(hdev, "enter sssraid remove\n");
+
+ hdev = shost_priv(shost);
+
+ sssraid_change_host_state(hdev, SSSRAID_DELETING);
+
+ if (!pci_device_is_present(pdev))
+ sssraid_back_all_io(hdev);
+
+ sssraid_cleanup_fwevt_list(hdev);
+ destroy_workqueue(hdev->fwevt_worker_thread);
+
+ sssraid_remove_bsg(hdev);
+ scsi_remove_host(shost);
+ sssraid_cleanup_ioc(hdev, 0);
+
+ scsi_host_put(shost);
+}
+
+static void sssraid_shutdown(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return;
+
+ hdev = shost_priv(shost);
+
+ sssraid_cleanup_fwevt_list(hdev);
+ destroy_workqueue(hdev->fwevt_worker_thread);
+ sssraid_cleanup_ioc(hdev, 0);
+}
+
+#ifdef CONFIG_PM
+static int sssraid_suspend(struct pci_dev *pdev, pm_message_t state)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+ pci_power_t device_state;
+
+ if (!shost)
+ return 0;
+
+ hdev = shost_priv(shost);
+
+ while (hdev->state == SSSRAID_RESETTING)
+ ssleep(1);
+ sssraid_cleanup_fwevt_list(hdev);
+ scsi_block_requests(shost);
+ sssraid_cleanup_ioc(hdev, 1);
+
+ device_state = pci_choose_state(pdev, state);
+ pci_save_state(pdev);
+ pci_set_power_state(pdev, device_state);
+
+ return 0;
+}
+
+static int sssraid_resume(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+ pci_power_t device_state = pdev->current_state;
+
+ if (!shost)
+ return 0;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "pdev=0x%p, slot=%s, previous operating state [D%d]\n",
+ pdev, pci_name(pdev), device_state);
+ pci_set_power_state(pdev, PCI_D0);
+ pci_enable_wake(pdev, PCI_D0, 0);
+ pci_restore_state(pdev);
+ hdev->pdev = pdev;
+ hdev->cpu_count = num_online_cpus();
+
+ /* sssraid_setup_resources in sssraid_init_ioc */
+ sssraid_init_ioc(hdev, 1);
+ scsi_unblock_requests(shost);
+
+ return 0;
+}
+#endif
+
+static pci_ers_result_t sssraid_pci_error_detected(struct pci_dev *pdev,
+ pci_channel_state_t state)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return PCI_ERS_RESULT_NONE;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "enter pci error detect, state:%d\n", state);
+
+ switch (state) {
+ case pci_channel_io_normal:
+ ioc_warn(hdev, "channel is normal, do nothing\n");
+
+ return PCI_ERS_RESULT_CAN_RECOVER;
+ case pci_channel_io_frozen:
+ ioc_warn(hdev, "channel io frozen, need reset controller\n");
+
+ scsi_block_requests(hdev->shost);
+
+ sssraid_change_host_state(hdev, SSSRAID_RESETTING);
+
+ return PCI_ERS_RESULT_NEED_RESET;
+ case pci_channel_io_perm_failure:
+ ioc_warn(hdev, "channel io failure, request disconnect\n");
+
+ return PCI_ERS_RESULT_DISCONNECT;
+ }
+
+ return PCI_ERS_RESULT_NEED_RESET;
+}
+
+static pci_ers_result_t sssraid_pci_slot_reset(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return PCI_ERS_RESULT_NONE;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "restart after slot reset\n");
+
+ pci_restore_state(pdev);
+
+ sssraid_soft_reset_handler(hdev);
+
+ scsi_unblock_requests(hdev->shost);
+
+ return PCI_ERS_RESULT_RECOVERED;
+}
+
+static void sssraid_reset_done(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "enter sssraid reset done\n");
+}
+
+static struct pci_error_handlers sssraid_err_handler = {
+ .error_detected = sssraid_pci_error_detected,
+ .slot_reset = sssraid_pci_slot_reset,
+ .reset_done = sssraid_reset_done,
+};
+
+static const struct pci_device_id sssraid_pci_id_table[] = {
+ { PCI_DEVICE(PCI_VENDOR_ID_3SNIC_LOGIC, SSSRAID_SERVER_DEVICE_HBA_DID) },
+ { PCI_DEVICE(PCI_VENDOR_ID_3SNIC_LOGIC, SSSRAID_SERVER_DEVICE_RAID_DID) },
+ { 0, }
+};
+MODULE_DEVICE_TABLE(pci, sssraid_pci_id_table);
+
+static struct pci_driver sssraid_pci_driver = {
+ .name = SSSRAID_DRIVER_NAME,
+ .id_table = sssraid_pci_id_table,
+ .probe = sssraid_probe,
+ .remove = sssraid_remove,
+ .shutdown = sssraid_shutdown,
+#ifdef CONFIG_PM
+ .suspend = sssraid_suspend,
+ .resume = sssraid_resume,
+#endif
+ .err_handler = &sssraid_err_handler,
+};
+
+static int __init sssraid_init(void)
+{
+ int ret_val;
+
+ pr_info("Loading %s version %s\n", SSSRAID_DRIVER_NAME,
+ SSSRAID_DRIVER_VERSION);
+
+ sssraid_class = class_create(THIS_MODULE, "sssraid");
+ if (IS_ERR(sssraid_class)) {
+ ret_val = PTR_ERR(sssraid_class);
+ return ret_val;
+ }
+
+ ret_val = pci_register_driver(&sssraid_pci_driver);
+
+ return ret_val;
+}
+
+static void __exit sssraid_exit(void)
+{
+ pr_info("Unloading %s version %s\n", SSSRAID_DRIVER_NAME,
+ SSSRAID_DRIVER_VERSION);
+
+ class_destroy(sssraid_class);
+ pci_unregister_driver(&sssraid_pci_driver);
+}
+
+MODULE_AUTHOR("liangry1(a)3snic.com");
+MODULE_DESCRIPTION("3SNIC Information Technology SSSRAID Driver");
+MODULE_LICENSE("GPL");
+MODULE_VERSION(SSSRAID_DRIVER_VERSION);
+module_init(sssraid_init);
+module_exit(sssraid_exit);
diff --git a/openEuler/MAINTAINERS b/openEuler/MAINTAINERS
index 35b5a8f81fed..fc8b6e06fc04 100644
--- a/openEuler/MAINTAINERS
+++ b/openEuler/MAINTAINERS
@@ -76,6 +76,12 @@ F: include/linux/wait.h
F: include/uapi/linux/sched.h
F: kernel/sched/
+SSSRAID SCSI/Raid DRIVERS
+M: Steven Song <steven.song(a)3snic.com>
+S: Maintained
+F: Documentation/scsi/sssraid.rst
+F: drivers/scsi/sssraid/
+
THE REST
M: xiexiuqi(a)huawei.com
M: zhengzengkai(a)huawei.com
--
2.25.1
1
0
3SNIC inclusion
category: features
bugzilla: https://gitee.com/openeuler/kernel/issues/I64M90
CVE: NA
This commit is to suppport 3SNIC 3S5XX RAID/HBA controllers.
RAID controllers support RAID 0/1/5/6/10/50/60 modes;
HBA controlllers support RAID 0/1/10 modes.
RAID/HBA support SAS/SATA HDD/SSD.
Signed-off-by: liangry <liangry1(a)3snic.com>
Reviewed-by: Jiang Yu<yujiang(a)3snic.com>
Reviewed-by: Steven Song <steven.song(a)3snic.com>
---
Documentation/scsi/sssraid.rst | 83 +
MAINTAINERS | 7 +
arch/arm64/configs/openeuler_defconfig | 1 +
arch/x86/configs/openeuler_defconfig | 1 +
drivers/scsi/Kconfig | 1 +
drivers/scsi/Makefile | 1 +
drivers/scsi/sssraid/Kconfig | 14 +
drivers/scsi/sssraid/Makefile | 7 +
drivers/scsi/sssraid/sssraid.h | 971 ++++++++++
drivers/scsi/sssraid/sssraid_debug.h | 34 +
drivers/scsi/sssraid/sssraid_fw.c | 1724 +++++++++++++++++
drivers/scsi/sssraid/sssraid_os.c | 2337 ++++++++++++++++++++++++
12 files changed, 5181 insertions(+)
create mode 100644 Documentation/scsi/sssraid.rst
create mode 100644 drivers/scsi/sssraid/Kconfig
create mode 100644 drivers/scsi/sssraid/Makefile
create mode 100644 drivers/scsi/sssraid/sssraid.h
create mode 100644 drivers/scsi/sssraid/sssraid_debug.h
create mode 100644 drivers/scsi/sssraid/sssraid_fw.c
create mode 100644 drivers/scsi/sssraid/sssraid_os.c
diff --git a/Documentation/scsi/sssraid.rst b/Documentation/scsi/sssraid.rst
new file mode 100644
index 000000000000..d56e5f7c478c
--- /dev/null
+++ b/Documentation/scsi/sssraid.rst
@@ -0,0 +1,83 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+==============================================
+SSSRAID - 3SNIC SCSI RAID Controller driver
+==============================================
+
+This file describes the SSSRAID SCSI driver for 3SNIC
+(http://www.3snic.com) RAID controllers. The SSSRAID
+driver is the first generation RAID driver for 3SNIC Corp.
+
+For 3SNIC SSSRAID controller support, enable the SSSRAID driver
+when configuring the kernel.
+
+SSSRAID specific entries in /sys
+=================================
+
+SSSRAID host attributes
+------------------------
+ - /sys/class/scsi_host/host*/csts_pp
+ - /sys/class/scsi_host/host*/csts_shst
+ - /sys/class/scsi_host/host*/csts_cfs
+ - /sys/class/scsi_host/host*/csts_rdy
+ - /sys/class/scsi_host/host*/fw_version
+
+ The host csts_pp attribute is a read only attribute. This attribute
+ indicates whether the controller is processing commands. If this attribute
+ is set to ‘1’, then the controller is processing commands normally. If
+ this attribute is cleared to ‘0’, then the controller has temporarily stopped
+ processing commands in order to handle an event (e.g., firmware activation).
+
+ The host csts_shst attribute is a read only attribute. This attribute
+ indicates status of shutdown processing.The shutdown status values are defined
+ as:
+ ====== ==============================
+ Value Definition
+ ====== ==============================
+ 00b Normal operation
+ 01b Shutdown processing occurring
+ 10b Shutdown processing complete
+ 11b Reserved
+ ====== ==============================
+ The host csts_cfs attribute is a read only attribute. This attribute is set to
+ ’1’ when a fatal controller error occurred that could not be communicated in the
+ appropriate Completion Queue. This bit is cleared to ‘0’ when a fatal controller
+ error has not occurred.
+
+ The host csts_rdy attribute is a read only attribute. This attribute is set to
+ ‘1’ when the controller is ready to process submission queue entries.
+
+ The fw_version attribute is read-only and will return the driver version and the
+ controller firmware version.
+
+SSSRAID scsi device attributes
+------------------------------
+ - /sys/class/scsi_device/X\:X\:X\:X/device/raid_level
+ - /sys/class/scsi_device/X\:X\:X\:X/device/raid_state
+ - /sys/class/scsi_device/X\:X\:X\:X/device/raid_resync
+
+ The device raid_level attribute is a read only attribute. This attribute indicates
+ RAID level of scsi device(will dispaly "NA" if scsi device is not virtual disk type).
+
+ The device raid_state attribute is read-only and indicates RAID status of scsi
+ device(will dispaly "NA" if scsi device is not virtual disk type).
+
+ The device raid_resync attribute is read-only and indicates RAID rebuild processing
+ of scsi device(will dispaly "NA" if scsi device is not virtual disk type).
+
+Supported devices
+=================
+
+ =================== ======= =======================================
+ PCI ID (pci.ids) OEM Product
+ =================== ======= =======================================
+ 1F3F:2100 3SNIC 3S510(HBA:8Ports,1G DDR)
+ 1F3F:2100 3SNIC 3S520(HBA:16Ports,1G DDR)
+ 1F3F:2100 3SNIC 3S530(HBA:32Ports,1G DDR)
+ 1F3F:2100 3SNIC 3S540(HBA:40Ports,1G DDR)
+ 1F3F:2200 3SNIC 3S580(RAID:16Ports,2G cache)
+ 1F3F:2200 3SNIC 3S585(RAID:16Ports,4G cache)
+ 1F3F:2200 3SNIC 3S590(RAID:32Ports,4G cache)
+ 1F3F:2200 3SNIC 3S5A0(RAID:40Ports,2G cache)
+ 1F3F:2200 3SNIC 3S5A5(RAID:40Ports,4G cache)
+ =================== ======= =======================================
diff --git a/MAINTAINERS b/MAINTAINERS
index 9ae209633628..e6470640f764 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -16669,6 +16669,13 @@ M: Jan-Benedict Glaw <jbglaw(a)lug-owl.de>
S: Maintained
F: arch/alpha/kernel/srm_env.c
+SSSRAID SCSI/Raid DRIVERS
+M: Steven Song <steven.song(a)3snic.com>
+L: linux-scsi(a)vger.kernel.org
+S: Maintained
+F: Documentation/scsi/sssraid.rst
+F: drivers/scsi/sssraid/
+
ST LSM6DSx IMU IIO DRIVER
M: Lorenzo Bianconi <lorenzo.bianconi83(a)gmail.com>
L: linux-iio(a)vger.kernel.org
diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig
index 30384eacad4f..dc4ba0d2b694 100644
--- a/arch/arm64/configs/openeuler_defconfig
+++ b/arch/arm64/configs/openeuler_defconfig
@@ -2394,6 +2394,7 @@ CONFIG_SCSI_HISI_SAS_DEBUGFS_DEFAULT_ENABLE=y
# CONFIG_MEGARAID_NEWGEN is not set
# CONFIG_MEGARAID_LEGACY is not set
CONFIG_MEGARAID_SAS=m
+CONFIG_SCSI_3SNIC_SSSRAID=m
CONFIG_SCSI_MPT3SAS=m
CONFIG_SCSI_MPT2SAS_MAX_SGE=128
CONFIG_SCSI_MPT3SAS_MAX_SGE=128
diff --git a/arch/x86/configs/openeuler_defconfig b/arch/x86/configs/openeuler_defconfig
index 5ada612f1d75..df16f123515b 100644
--- a/arch/x86/configs/openeuler_defconfig
+++ b/arch/x86/configs/openeuler_defconfig
@@ -2355,6 +2355,7 @@ CONFIG_SCSI_AACRAID=m
# CONFIG_MEGARAID_LEGACY is not set
CONFIG_MEGARAID_SAS=m
CONFIG_SCSI_MPT3SAS=m
+CONFIG_SCSI_3SNIC_SSSRAID=m
CONFIG_SCSI_MPT2SAS_MAX_SGE=128
CONFIG_SCSI_MPT3SAS_MAX_SGE=128
CONFIG_SCSI_MPT2SAS=m
diff --git a/drivers/scsi/Kconfig b/drivers/scsi/Kconfig
index 0fbe4edeccd0..7339d6179e5a 100644
--- a/drivers/scsi/Kconfig
+++ b/drivers/scsi/Kconfig
@@ -481,6 +481,7 @@ config SCSI_ARCMSR
source "drivers/scsi/esas2r/Kconfig"
source "drivers/scsi/megaraid/Kconfig.megaraid"
+source "drivers/scsi/sssraid/Kconfig"
source "drivers/scsi/mpt3sas/Kconfig"
source "drivers/scsi/smartpqi/Kconfig"
source "drivers/scsi/ufs/Kconfig"
diff --git a/drivers/scsi/Makefile b/drivers/scsi/Makefile
index 78a3c832394c..01bb908fb832 100644
--- a/drivers/scsi/Makefile
+++ b/drivers/scsi/Makefile
@@ -92,6 +92,7 @@ obj-$(CONFIG_SCSI_CHELSIO_FCOE) += csiostor/
obj-$(CONFIG_SCSI_DMX3191D) += dmx3191d.o
obj-$(CONFIG_SCSI_HPSA) += hpsa.o
obj-$(CONFIG_SCSI_SMARTPQI) += smartpqi/
+obj-$(CONFIG_SCSI_3SNIC_SSSRAID) += sssraid/
obj-$(CONFIG_SCSI_SYM53C8XX_2) += sym53c8xx_2/
obj-$(CONFIG_SCSI_ZALON) += zalon7xx.o
obj-$(CONFIG_SCSI_DC395x) += dc395x.o
diff --git a/drivers/scsi/sssraid/Kconfig b/drivers/scsi/sssraid/Kconfig
new file mode 100644
index 000000000000..769f68732bf3
--- /dev/null
+++ b/drivers/scsi/sssraid/Kconfig
@@ -0,0 +1,14 @@
+#
+# Kernel configuration file for the 3SNIC
+#
+
+config SCSI_3SNIC_SSSRAID
+ tristate "3SNIC sssraid Adapter"
+ depends on PCI && SCSI
+ select BLK_DEV_BSGLIB
+ depends on ARM64 || X86_64
+ help
+ This driver supports 3SNIC 3S5xx serial RAID controller, which has
+ PCI Express Gen4 interface with host and supports SAS/SATA HDD/SSD.
+ To compile this driver as a module, choose M here: the module will
+ be called sssraid.
diff --git a/drivers/scsi/sssraid/Makefile b/drivers/scsi/sssraid/Makefile
new file mode 100644
index 000000000000..c80605866b42
--- /dev/null
+++ b/drivers/scsi/sssraid/Makefile
@@ -0,0 +1,7 @@
+#
+# Makefile for the 3SNIC sssraid drivers.
+#
+
+obj-$(CONFIG_SCSI_3SNIC_SSSRAID) += sssraid.o
+
+sssraid-objs := sssraid_os.o sssraid_fw.o
diff --git a/drivers/scsi/sssraid/sssraid.h b/drivers/scsi/sssraid/sssraid.h
new file mode 100644
index 000000000000..bae668ef9c98
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid.h
@@ -0,0 +1,971 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#ifndef __SSSRAID_H_
+#define __SSSRAID_H_
+
+#define SSSRAID_DRIVER_VERSION "1.0.0.0"
+#define SSSRAID_DRIVER_RELDATE "12-December-2022"
+
+#define SSSRAID_DRIVER_NAME "sssraid"
+
+#define SSSRAID_NAME_LENGTH 32
+
+/*
+ * SSSRAID Vendor ID and Device IDs
+ */
+#define PCI_VENDOR_ID_3SNIC_LOGIC 0x1F3F
+
+#define SSSRAID_SERVER_DEVICE_HBA_DID 0x2100
+#define SSSRAID_SERVER_DEVICE_RAID_DID 0x2200
+
+#define SSSRAID_CAP_MQES(cap) ((cap) & 0xffff)
+#define SSSRAID_CAP_STRIDE(cap) (((cap) >> 32) & 0xf)
+#define SSSRAID_CAP_MPSMIN(cap) (((cap) >> 48) & 0xf)
+#define SSSRAID_CAP_MPSMAX(cap) (((cap) >> 52) & 0xf)
+#define SSSRAID_CAP_TIMEOUT(cap) (((cap) >> 24) & 0xff)
+#define SSSRAID_CAP_DMAMASK(cap) (((cap) >> 37) & 0xff)
+
+#define SSSRAID_DEFAULT_MAX_CHANNEL 4
+#define SSSRAID_DEFAULT_MAX_ID 240
+#define SSSRAID_DEFAULT_MAX_LUN_PER_HOST 8
+#define MAX_SECTORS 2048
+
+/*
+ * Time define
+ */
+#define SSSRAID_WATCHDOG_INTERVAL 1000 /* in milli seconds */
+#define SSSRAID_PORTENABLE_TIMEOUT 300
+
+/*
+ * SSSRAID queue and entry size for Admin and I/O type
+ */
+#define IO_SQE_SIZE sizeof(struct sssraid_ioq_command)
+#define ADMIN_SQE_SIZE sizeof(struct sssraid_admin_command)
+#define SQE_SIZE(qid) (((qid) > 0) ? IO_SQE_SIZE : ADMIN_SQE_SIZE)
+#define CQ_SIZE(depth) ((depth) * sizeof(struct sssraid_completion))
+#define SQ_SIZE(qid, depth) ((depth) * SQE_SIZE(qid))
+
+#define SENSE_SIZE(depth) ((depth) * SCSI_SENSE_BUFFERSIZE)
+
+#define SSSRAID_AQ_DEPTH 128
+#define SSSRAID_NR_AEN_COMMANDS 16
+#define SSSRAID_AQ_BLK_MQ_DEPTH (SSSRAID_AQ_DEPTH - SSSRAID_NR_AEN_COMMANDS)
+#define SSSRAID_AQ_MQ_TAG_DEPTH (SSSRAID_AQ_BLK_MQ_DEPTH - 1)
+
+#define SSSRAID_ADMIN_QUEUE_NUM 1
+#define SSSRAID_PTCMDS_PERQ 1
+#define SSSRAID_IO_BLK_MQ_DEPTH (hdev->scsi_qd)
+#define SSSRAID_NR_IOQ_PTCMDS (SSSRAID_PTCMDS_PERQ * hdev->shost->nr_hw_queues)
+
+#define FUA_MASK 0x08
+#define SSSRAID_MINORS BIT(MINORBITS)
+#define SSSRAID_RW_FUA BIT(14)
+
+#define COMMAND_IS_WRITE(cmd) ((cmd)->common.opcode & 1)
+
+#define SSSRAID_IO_IOSQES 7
+#define SSSRAID_IO_IOCQES 4
+#define PRP_ENTRY_SIZE 8
+
+#define SMALL_POOL_SIZE 256
+#define MAX_SMALL_POOL_NUM 16
+#define MAX_CMD_PER_DEV 64
+#define MAX_CDB_LEN 16
+
+#define SSSRAID_UP_TO_MULTY4(x) (((x) + 4) & (~0x03))
+
+#define CQE_STATUS_SUCCESS (0x0)
+
+#define IO_6_DEFAULT_TX_LEN 256
+
+#define SGES_PER_PAGE (PAGE_SIZE / sizeof(struct sssraid_sgl_desc))
+
+#define SSSRAID_CAP_TIMEOUT_UNIT_MS (HZ / 2)
+
+extern u32 admin_tmout;
+#define ADMIN_TIMEOUT (admin_tmout * HZ)
+
+#define SSSRAID_WAIT_ABNL_CMD_TIMEOUT 6
+
+#define SSSRAID_DMA_MSK_BIT_MAX 64
+
+enum {
+ SSSRAID_SGL_FMT_DATA_DESC = 0x00,
+ SSSRAID_SGL_FMT_SEG_DESC = 0x02,
+ SSSRAID_SGL_FMT_LAST_SEG_DESC = 0x03,
+ SSSRAID_KEY_SGL_FMT_DATA_DESC = 0x04,
+ SSSRAID_TRANSPORT_SGL_DATA_DESC = 0x05
+};
+
+
+enum {
+ SSSRAID_REQ_CANCELLED = (1 << 0),
+ SSSRAID_REQ_USERCMD = (1 << 1),
+};
+
+enum {
+ SSSRAID_SC_SUCCESS = 0x0,
+ SSSRAID_SC_INVALID_OPCODE = 0x1,
+ SSSRAID_SC_INVALID_FIELD = 0x2,
+
+ SSSRAID_SC_ABORT_LIMIT = 0x103,
+ SSSRAID_SC_ABORT_MISSING = 0x104,
+ SSSRAID_SC_ASYNC_LIMIT = 0x105,
+
+ SSSRAID_SC_DNR = 0x4000,
+};
+
+enum {
+ SSSRAID_REG_CAP = 0x0000,
+ SSSRAID_REG_CC = 0x0014,
+ SSSRAID_REG_CSTS = 0x001c,
+ SSSRAID_REG_AQA = 0x0024,
+ SSSRAID_REG_ASQ = 0x0028,
+ SSSRAID_REG_ACQ = 0x0030,
+ SSSRAID_REG_DBS = 0x1000,
+};
+
+enum {
+ SSSRAID_CC_ENABLE = 1 << 0,
+ SSSRAID_CC_CSS_NVM = 0 << 4,
+ SSSRAID_CC_MPS_SHIFT = 7,
+ SSSRAID_CC_AMS_SHIFT = 11,
+ SSSRAID_CC_SHN_SHIFT = 14,
+ SSSRAID_CC_IOSQES_SHIFT = 16,
+ SSSRAID_CC_IOCQES_SHIFT = 20,
+ SSSRAID_CC_AMS_RR = 0 << SSSRAID_CC_AMS_SHIFT,
+ SSSRAID_CC_SHN_NONE = 0 << SSSRAID_CC_SHN_SHIFT,
+ SSSRAID_CC_IOSQES = SSSRAID_IO_IOSQES << SSSRAID_CC_IOSQES_SHIFT,
+ SSSRAID_CC_IOCQES = SSSRAID_IO_IOCQES << SSSRAID_CC_IOCQES_SHIFT,
+ SSSRAID_CC_SHN_NORMAL = 1 << SSSRAID_CC_SHN_SHIFT,
+ SSSRAID_CC_SHN_MASK = 3 << SSSRAID_CC_SHN_SHIFT,
+ SSSRAID_CSTS_CFS_SHIFT = 1,
+ SSSRAID_CSTS_SHST_SHIFT = 2,
+ SSSRAID_CSTS_PP_SHIFT = 5,
+ SSSRAID_CSTS_RDY = 1 << 0,
+ SSSRAID_CSTS_SHST_CMPLT = 2 << 2,
+ SSSRAID_CSTS_SHST_MASK = 3 << 2,
+ SSSRAID_CSTS_CFS_MASK = 1 << SSSRAID_CSTS_CFS_SHIFT,
+ SSSRAID_CSTS_PP_MASK = 1 << SSSRAID_CSTS_PP_SHIFT,
+};
+
+enum {
+ SSSRAID_ADMIN_DELETE_SQ = 0x00,
+ SSSRAID_ADMIN_CREATE_SQ = 0x01,
+ SSSRAID_ADMIN_DELETE_CQ = 0x04,
+ SSSRAID_ADMIN_CREATE_CQ = 0x05,
+ SSSRAID_ADMIN_ABORT_CMD = 0x08,
+ SSSRAID_ADMIN_SET_FEATURES = 0x09,
+ SSSRAID_ADMIN_ASYNC_EVENT = 0x0c,
+ SSSRAID_ADMIN_GET_INFO = 0xc6,
+ SSSRAID_ADMIN_RESET = 0xc8,
+};
+
+enum {
+ SSSRAID_GET_INFO_CTRL = 0,
+ SSSRAID_GET_INFO_DEV_LIST = 1,
+};
+
+enum sssraid_scsi_rst_type {
+ SSSRAID_RESET_TARGET = 0,
+ SSSRAID_RESET_BUS = 1,
+};
+
+enum {
+ SSSRAID_AEN_ERROR = 0,
+ SSSRAID_AEN_NOTICE = 2,
+ SSSRAID_AEN_VS = 7,
+};
+
+enum {
+ SSSRAID_AEN_DEV_CHANGED = 0x00,
+ SSSRAID_AEN_FW_ACT_START = 0x01,
+ SSSRAID_AEN_HOST_PROBING = 0x10,
+};
+
+enum {
+ SSSRAID_AEN_TIMESYN = 0x00,
+ SSSRAID_AEN_FW_ACT_FINISH = 0x02,
+ SSSRAID_AEN_EVENT_MIN = 0x80,
+ SSSRAID_AEN_EVENT_MAX = 0xff,
+};
+
+enum {
+ SSSRAID_CMD_WRITE = 0x01,
+ SSSRAID_CMD_READ = 0x02,
+
+ SSSRAID_CMD_NONIO_NONE = 0x80,
+ SSSRAID_CMD_NONIO_TODEV = 0x81,
+ SSSRAID_CMD_NONIO_FROMDEV = 0x82,
+};
+
+enum {
+ SSSRAID_QUEUE_PHYS_CONTIG = (1 << 0),
+ SSSRAID_CQ_IRQ_ENABLED = (1 << 1),
+
+ SSSRAID_FEAT_NUM_QUEUES = 0x07,
+ SSSRAID_FEAT_ASYNC_EVENT = 0x0b,
+ SSSRAID_FEAT_TIMESTAMP = 0x0e,
+};
+
+enum sssraid_state {
+ SSSRAID_NEW,
+ SSSRAID_LIVE,
+ SSSRAID_RESETTING,
+ SSSRAID_DELETING,
+ SSSRAID_DEAD,
+};
+
+enum {
+ SSSRAID_CARD_HBA,
+ SSSRAID_CARD_RAID,
+};
+
+enum sssraid_cmd_type {
+ SSSRAID_CMD_ADM,
+ SSSRAID_CMD_IOPT,
+};
+
+/*
+ * SSSRAID completion queue entry struct
+ */
+struct sssraid_completion {
+ __le32 result;
+ union {
+ struct {
+ __u8 sense_len;
+ __u8 resv[3];
+ };
+ __le32 result1;
+ };
+ __le16 sq_head;
+ __le16 sq_id;
+ __le16 cmd_id;
+ __le16 status;
+};
+
+/*
+ * SSSRAID firmware controller properties
+ */
+struct sssraid_ctrl_info {
+ __le32 nd;
+ __le16 max_cmds;
+ __le16 max_channel;
+ __le32 max_tgt_id;
+ __le16 max_lun;
+ __le16 max_num_sge;
+ __le16 lun_num_in_boot;
+ __u8 mdts;
+ __u8 acl;
+ __u8 aerl;
+ __u8 card_type;
+ __u16 rsvd;
+ __le32 rtd3e;
+ __u8 sn[32];
+ __u8 fr[16];
+ __u8 rsvd1[4020];
+};
+
+struct sssraid_intr_info {
+ struct sssraid_dev *hdev;
+ u16 msix_index;
+ struct sssraid_cqueue *cqinfo;
+ char name[SSSRAID_NAME_LENGTH];
+};
+
+struct sssraid_fwevt {
+ struct list_head list;
+ struct work_struct work;
+ struct sssraid_dev *hdev;
+ u16 event_id;
+ bool send_ack;
+ bool process_evt;
+ u32 evt_ctx;
+ struct kref ref_count;
+ char event_data[0] __aligned(4);
+};
+
+/*
+ * SSSRAID private device struct definition
+ */
+struct sssraid_dev {
+ struct pci_dev *pdev;
+ struct Scsi_Host *shost;
+ struct sssraid_squeue *sqinfo;
+ struct sssraid_cqueue *cqinfo;
+ struct dma_pool *prp_page_pool;
+ struct dma_pool *prp_small_pool[MAX_SMALL_POOL_NUM];
+ void __iomem *bar;
+
+ u32 init_done_queue_cnt;
+ u32 ioq_depth;
+ u32 db_stride;
+ u32 __iomem *dbs;
+ struct rw_semaphore devices_rwsem;
+ int numa_node;
+ u32 page_size;
+ u32 ctrl_config;
+ u64 cap;
+ u32 instance;
+ u32 scsi_qd;
+ struct sssraid_ctrl_info *ctrl_info;
+ struct sssraid_dev_info *devices;
+
+ int logging_level;
+
+ char name[SSSRAID_NAME_LENGTH];
+ int cpu_count;
+ /*
+ * before_affinity_msix_cnt is
+ * min("FW support IO Queue count", num_online_cpus)+1
+ */
+ u16 before_affinity_msix_cnt;
+
+ struct sssraid_cmd *adm_cmds;
+ struct list_head adm_cmd_list;
+ spinlock_t adm_cmd_lock;
+
+ struct sssraid_cmd *ioq_ptcmds;
+ struct list_head ioq_pt_list;
+ spinlock_t ioq_pt_lock;
+
+ int reset_flag;
+
+ enum sssraid_state state;
+ spinlock_t state_lock;
+
+ struct request_queue *bsg_queue;
+
+ u8 intr_enabled;
+
+ struct sssraid_intr_info *intr_info;
+ u32 intr_info_count;
+
+ char watchdog_work_q_name[20];
+ struct workqueue_struct *watchdog_work_q;
+ struct delayed_work watchdog_work;
+ spinlock_t watchdog_lock;
+
+ char fwevt_worker_name[SSSRAID_NAME_LENGTH];
+ struct workqueue_struct *fwevt_worker_thread;
+ spinlock_t fwevt_lock;
+ struct list_head fwevt_list;
+
+ struct sssraid_fwevt *current_event;
+};
+
+/*
+ * SSSRAID scatter list descriptor
+ */
+struct sssraid_sgl_desc {
+ __le64 addr;
+ __le32 length;
+ __u8 rsvd[3];
+ __u8 type;
+};
+
+union sssraid_data_ptr {
+ struct {
+ __le64 prp1;
+ __le64 prp2;
+ };
+ struct sssraid_sgl_desc sgl;
+};
+
+/*
+ * SSSRAID general admin class command format struct
+ */
+struct sssraid_admin_common_command {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le32 cdw2[4];
+ union sssraid_data_ptr dptr;
+ __le32 cdw10;
+ __le32 cdw11;
+ __le32 cdw12;
+ __le32 cdw13;
+ __le32 cdw14;
+ __le32 cdw15;
+};
+
+struct sssraid_features {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u64 rsvd2[2];
+ union sssraid_data_ptr dptr;
+ __le32 fid;
+ __le32 dword11;
+ __le32 dword12;
+ __le32 dword13;
+ __le32 dword14;
+ __le32 dword15;
+};
+
+/*
+ * SSSRAID create completion queue command struct
+ */
+struct sssraid_create_cq {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __u32 rsvd1[5];
+ __le64 prp1;
+ __u64 rsvd8;
+ __le16 cqid;
+ __le16 qsize;
+ __le16 cq_flags;
+ __le16 irq_vector;
+ __u32 rsvd12[4];
+};
+
+/*
+ * SSSRAID create submission queue command struct
+ */
+struct sssraid_create_sq {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __u32 rsvd1[5];
+ __le64 prp1;
+ __u64 rsvd8;
+ __le16 sqid;
+ __le16 qsize;
+ __le16 sq_flags;
+ __le16 cqid;
+ __u32 rsvd12[4];
+};
+
+/*
+ * SSSRAID delete submission queue command struct
+ */
+struct sssraid_delete_queue {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __u32 rsvd1[9];
+ __le16 qid;
+ __u16 rsvd10;
+ __u32 rsvd11[5];
+};
+
+/*
+ * SSSRAID access to information command struct
+ */
+struct sssraid_get_info {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u32 rsvd2[4];
+ union sssraid_data_ptr dptr;
+ __u8 type;
+ __u8 rsvd10[3];
+ __le32 cdw11;
+ __u32 rsvd12[4];
+};
+
+/*
+ * User command struct
+ */
+struct sssraid_usr_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ union {
+ struct {
+ __le16 subopcode;
+ __le16 rsvd1;
+ } info_0;
+ __le32 cdw2;
+ };
+ union {
+ struct {
+ __le16 data_len;
+ __le16 param_len;
+ } info_1;
+ __le32 cdw3;
+ };
+ __u64 metadata;
+ union sssraid_data_ptr dptr;
+ __le32 cdw10;
+ __le32 cdw11;
+ __le32 cdw12;
+ __le32 cdw13;
+ __le32 cdw14;
+ __le32 cdw15;
+};
+
+enum {
+ SSSRAID_CMD_FLAG_SGL_METABUF = (1 << 6),
+ SSSRAID_CMD_FLAG_SGL_METASEG = (1 << 7),
+ SSSRAID_CMD_FLAG_SGL_ALL = SSSRAID_CMD_FLAG_SGL_METABUF | SSSRAID_CMD_FLAG_SGL_METASEG,
+};
+
+enum sssraid_cmd_state {
+ SSSRAID_CMD_IDLE = 0,
+ SSSRAID_CMD_IN_FLIGHT = 1,
+ SSSRAID_CMD_COMPLETE = 2,
+ SSSRAID_CMD_TIMEOUT = 3,
+ SSSRAID_CMD_TMO_COMPLETE = 4,
+};
+
+/*
+ * SSSRAID abort command struct
+ */
+struct sssraid_abort_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u64 rsvd2[4];
+ __le16 sqid;
+ __le16 cid;
+ __u32 rsvd11[5];
+};
+
+/*
+ * SSSRAID reset command struct
+ */
+struct sssraid_reset_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __u64 rsvd2[4];
+ __u8 type;
+ __u8 rsvd10[3];
+ __u32 rsvd11[5];
+};
+
+/*
+ * SSSRAID admin class command set struct
+ */
+struct sssraid_admin_command {
+ union {
+ struct sssraid_admin_common_command common;
+ struct sssraid_features features;
+ struct sssraid_create_cq create_cq;
+ struct sssraid_create_sq create_sq;
+ struct sssraid_delete_queue delete_queue;
+ struct sssraid_get_info get_info;
+ struct sssraid_abort_cmd abort;
+ struct sssraid_reset_cmd reset;
+ struct sssraid_usr_cmd usr_cmd;
+ };
+};
+
+/*
+ * SSSRAID general IO class command format struct
+ */
+struct sssraid_ioq_common_command {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le16 sense_len;
+ __u8 cdb_len;
+ __u8 rsvd2;
+ __le32 cdw3[3];
+ union sssraid_data_ptr dptr;
+ __le32 cdw10[6];
+ __u8 cdb[32];
+ __le64 sense_addr;
+ __le32 cdw26[6];
+};
+
+/*
+ * SSSRAID read or write command struct
+ */
+struct sssraid_rw_command {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le16 sense_len;
+ __u8 cdb_len;
+ __u8 rsvd2;
+ __u32 rsvd3[3];
+ union sssraid_data_ptr dptr;
+ __le64 slba;
+ __le16 nlb;
+ __le16 control;
+ __u32 rsvd13[3];
+ __u8 cdb[32];
+ __le64 sense_addr;
+ __u32 rsvd26[6];
+};
+
+struct sssraid_scsi_nonio {
+ __u8 opcode;
+ __u8 flags;
+ __le16 command_id;
+ __le32 hdid;
+ __le16 sense_len;
+ __u8 cdb_length;
+ __u8 rsvd2;
+ __u32 rsvd3[3];
+ union sssraid_data_ptr dptr;
+ __u32 rsvd10[5];
+ __le32 buffer_len;
+ __u8 cdb[32];
+ __le64 sense_addr;
+ __u32 rsvd26[6];
+};
+
+/*
+ * SSSRAID IO class command struct
+ */
+struct sssraid_ioq_command {
+ union {
+ struct sssraid_ioq_common_command common;
+ struct sssraid_rw_command rw;
+ struct sssraid_scsi_nonio scsi_nonio;
+ };
+};
+
+/*
+ * SSSRAID passthru command struct
+ */
+struct sssraid_passthru_common_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __u16 rsvd0;
+ __u32 nsid;
+ union {
+ struct {
+ __u16 subopcode;
+ __u16 rsvd1;
+ } info_0;
+ __u32 cdw2;
+ };
+ union {
+ struct {
+ __u16 data_len;
+ __u16 param_len;
+ } info_1;
+ __u32 cdw3;
+ };
+ __u64 metadata;
+
+ __u64 addr;
+ __u64 prp2;
+
+ __u32 cdw10;
+ __u32 cdw11;
+ __u32 cdw12;
+ __u32 cdw13;
+ __u32 cdw14;
+ __u32 cdw15;
+ __u32 timeout_ms;
+ __u32 result0;
+ __u32 result1;
+};
+
+struct sssraid_ioq_passthru_cmd {
+ __u8 opcode;
+ __u8 flags;
+ __u16 rsvd0;
+ __u32 nsid;
+ union {
+ struct {
+ __u16 res_sense_len;
+ __u8 cdb_len;
+ __u8 rsvd0;
+ } info_0;
+ __u32 cdw2;
+ };
+ union {
+ struct {
+ __u16 subopcode;
+ __u16 rsvd1;
+ } info_1;
+ __u32 cdw3;
+ };
+ union {
+ struct {
+ __u16 rsvd;
+ __u16 param_len;
+ } info_2;
+ __u32 cdw4;
+ };
+ __u32 cdw5;
+ __u64 addr;
+ __u64 prp2;
+ union {
+ struct {
+ __u16 eid;
+ __u16 sid;
+ } info_3;
+ __u32 cdw10;
+ };
+ union {
+ struct {
+ __u16 did;
+ __u8 did_flag;
+ __u8 rsvd2;
+ } info_4;
+ __u32 cdw11;
+ };
+ __u32 cdw12;
+ __u32 cdw13;
+ __u32 cdw14;
+ __u32 data_len;
+ __u32 cdw16;
+ __u32 cdw17;
+ __u32 cdw18;
+ __u32 cdw19;
+ __u32 cdw20;
+ __u32 cdw21;
+ __u32 cdw22;
+ __u32 cdw23;
+ __u64 sense_addr;
+ __u32 cdw26[4];
+ __u32 timeout_ms;
+ __u32 result0;
+ __u32 result1;
+};
+
+struct sssraid_bsg_request {
+ u32 msgcode;
+ u32 control;
+ union {
+ struct sssraid_passthru_common_cmd admcmd;
+ struct sssraid_ioq_passthru_cmd ioqcmd;
+ };
+};
+
+enum {
+ SSSRAID_BSG_ADM,
+ SSSRAID_BSG_IOQ,
+};
+
+/*
+ * define the transfer command struct
+ */
+struct sssraid_cmd {
+ u16 qid;
+ u16 cid;
+ u32 result0;
+ u32 result1;
+ u16 status;
+ void *priv;
+ enum sssraid_cmd_state state;
+ struct completion cmd_done;
+ struct list_head list;
+};
+
+/*
+ * define the SSSRAID physical queue struct
+ */
+struct sssraid_squeue {
+ struct sssraid_dev *hdev;
+ spinlock_t sq_lock; /* spinlock for lock handling */
+
+ void *sq_cmds;
+
+ dma_addr_t sq_dma_addr;
+ u32 __iomem *q_db;
+ u8 cq_phase;
+ u8 sqes;
+ u16 qidx;
+ u16 sq_tail;
+ u16 last_cq_head;
+ u16 q_depth;
+ void *sense;
+ dma_addr_t sense_dma_addr;
+ struct dma_pool *prp_small_pool;
+};
+
+struct sssraid_cqueue {
+ struct sssraid_dev *hdev;
+
+ spinlock_t cq_lock ____cacheline_aligned_in_smp; /* spinlock for lock handling */
+
+ struct sssraid_completion *cqes;
+
+ dma_addr_t cq_dma_addr;
+ u8 cq_phase;
+ u16 cq_head;
+ u16 last_cq_head;
+};
+
+/*
+ * define the SSSRAID IO queue descriptor struct
+ */
+struct sssraid_iod {
+ struct sssraid_squeue *sqinfo;
+ enum sssraid_cmd_state state;
+ int npages;
+ u32 nsge;
+ u32 length;
+ bool use_sgl;
+ dma_addr_t first_dma;
+ void *sense;
+ dma_addr_t sense_dma;
+ struct scatterlist *sg;
+ void *list[0];
+};
+
+/*
+ * define the SSSRAID scsi device attribution and information
+ */
+#define SSSRAID_DEV_INFO_ATTR_BOOT(attr) ((attr) & 0x01)
+#define SSSRAID_DEV_INFO_ATTR_VD(attr) (((attr) & 0x02) == 0x0)
+#define SSSRAID_DEV_INFO_ATTR_PT(attr) (((attr) & 0x22) == 0x02)
+#define SSSRAID_DEV_INFO_ATTR_RAWDISK(attr) ((attr) & 0x20)
+#define SSSRAID_DEV_DISK_TYPE(attr) ((attr) & 0x1e)
+
+#define SSSRAID_DEV_INFO_FLAG_VALID(flag) ((flag) & 0x01)
+#define SSSRAID_DEV_INFO_FLAG_CHANGE(flag) ((flag) & 0x02)
+
+/*
+ * define the SSSRAID scsi device identifier
+ */
+enum {
+ SSSRAID_SAS_HDD_VD = 0x04,
+ SSSRAID_SATA_HDD_VD = 0x08,
+ SSSRAID_SAS_SSD_VD = 0x0c,
+ SSSRAID_SATA_SSD_VD = 0x10,
+ SSSRAID_NVME_SSD_VD = 0x14,
+ SSSRAID_SAS_HDD_PD = 0x06,
+ SSSRAID_SATA_HDD_PD = 0x0a,
+ SSSRAID_SAS_SSD_PD = 0x0e,
+ SSSRAID_SATA_SSD_PD = 0x12,
+ SSSRAID_NVME_SSD_PD = 0x16,
+};
+
+/*
+ * define the SSSRAID scsi device queue depth
+ */
+#define SSSRAID_HDD_PD_QD 64
+#define SSSRAID_HDD_VD_QD 256
+#define SSSRAID_SSD_PD_QD 64
+#define SSSRAID_SSD_VD_QD 256
+
+#define BGTASK_TYPE_REBUILD 4
+#define USR_CMD_READ 0xc2
+#define USR_CMD_RDLEN 0x1000
+#define USR_CMD_VDINFO 0x704
+#define USR_CMD_BGTASK 0x504
+#define VDINFO_PARAM_LEN 0x04
+
+/*
+ * SSSRAID virtual device information struct
+ */
+struct sssraid_vd_info {
+ __u8 name[32];
+ __le16 id;
+ __u8 rg_id;
+ __u8 rg_level;
+ __u8 sg_num;
+ __u8 sg_disk_num;
+ __u8 vd_status;
+ __u8 vd_type;
+ __u8 rsvd1[4056];
+};
+
+#define MAX_REALTIME_BGTASK_NUM 32
+
+struct bgtask_info {
+ __u8 type;
+ __u8 progress;
+ __u8 rate;
+ __u8 rsvd0;
+ __le16 vd_id;
+ __le16 time_left;
+ __u8 rsvd1[4];
+};
+
+struct sssraid_bgtask {
+ __u8 sw;
+ __u8 task_num;
+ __u8 rsvd[6];
+ struct bgtask_info bgtask[MAX_REALTIME_BGTASK_NUM];
+};
+
+/*
+ * SSSRAID scsi device information struct
+ */
+struct sssraid_dev_info {
+ __le32 hdid;
+ __le16 target;
+ __u8 channel;
+ __u8 lun;
+ __u8 attr;
+ __u8 flag;
+ __le16 max_io_kb;
+};
+
+#define IOQ_PT_DATA_LEN 4096
+#define MAX_DEV_ENTRY_PER_PAGE_4K 340
+struct sssraid_dev_list {
+ __le32 dev_num;
+ __u32 rsvd0[3];
+ struct sssraid_dev_info devices[MAX_DEV_ENTRY_PER_PAGE_4K];
+};
+
+/*
+ * SSSRAID scsi device host data struct
+ */
+struct sssraid_sdev_hostdata {
+ u32 hdid;
+ u16 max_io_kb;
+ u8 attr;
+ u8 flag;
+ u8 rg_id;
+ u8 rsvd[3];
+};
+
+extern unsigned char small_pool_num;
+extern u32 io_queue_depth;
+irqreturn_t sssraid_isr_poll(int irq, void *privdata);
+bool sssraid_poll_cq(struct sssraid_dev *hdev, u16 qidx, int cid);
+void sssraid_submit_cmd(struct sssraid_squeue *sqinfo, const void *cmd);
+int sssraid_get_dev_list(struct sssraid_dev *hdev, struct sssraid_dev_info *devices);
+int sssraid_submit_admin_sync_cmd(struct sssraid_dev *hdev, struct sssraid_admin_command *cmd,
+ u32 *result0, u32 *result1, u32 timeout);
+int sssraid_send_abort_cmd(struct sssraid_dev *hdev, u32 hdid, u16 qidx, u16 cid);
+int sssraid_send_reset_cmd(struct sssraid_dev *hdev, u8 type, u32 hdid);
+void sssraid_adm_timeout(struct sssraid_dev *hdev, struct sssraid_cmd *cmd);
+int sssraid_init_ioc(struct sssraid_dev *hdev, u8 re_init);
+void sssraid_cleanup_ioc(struct sssraid_dev *hdev, u8 re_init);
+int sssraid_soft_reset_handler(struct sssraid_dev *hdev);
+void sssraid_free_iod_res(struct sssraid_dev *hdev, struct sssraid_iod *iod);
+bool sssraid_change_host_state(struct sssraid_dev *hdev, enum sssraid_state newstate);
+int sssraid_configure_timestamp(struct sssraid_dev *hdev);
+int sssraid_init_ctrl_info(struct sssraid_dev *hdev);
+struct sssraid_cmd *sssraid_get_cmd(struct sssraid_dev *hdev, enum sssraid_cmd_type type);
+void sssraid_put_cmd(struct sssraid_dev *hdev, struct sssraid_cmd *cmd,
+ enum sssraid_cmd_type type);
+int sssraid_send_event_ack(struct sssraid_dev *hdev, u8 event,
+ u32 event_ctx, u16 cid);
+struct sssraid_fwevt *sssraid_alloc_fwevt(int len);
+void sssraid_fwevt_add_to_list(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt);
+void sssraid_cleanup_fwevt_list(struct sssraid_dev *hdev);
+void sssraid_ioc_enable_intr(struct sssraid_dev *hdev);
+void sssraid_ioc_disable_intr(struct sssraid_dev *hdev);
+void sssraid_cleanup_resources(struct sssraid_dev *hdev);
+void sssraid_complete_cqes(struct sssraid_dev *hdev, u16 qidx, u16 start, u16 end);
+int sssraid_io_map_data(struct sssraid_dev *hdev, struct sssraid_iod *iod,
+ struct scsi_cmnd *scmd, struct sssraid_ioq_command *ioq_cmd);
+void sssraid_map_status(struct sssraid_iod *iod, struct scsi_cmnd *scmd,
+ struct sssraid_completion *cqe);
+void sssraid_scan_disk(struct sssraid_dev *hdev);
+void sssraid_complete_aen(struct sssraid_dev *hdev, struct sssraid_completion *cqe);
+void sssraid_back_all_io(struct sssraid_dev *hdev);
+
+static inline void **sssraid_iod_list(struct sssraid_iod *iod)
+{
+ return iod->list;
+}
+
+#end
diff --git a/drivers/scsi/sssraid/sssraid_debug.h b/drivers/scsi/sssraid/sssraid_debug.h
new file mode 100644
index 000000000000..d48c57e275f7
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid_debug.h
@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#ifndef SSSRAID_DEBUG_H_INCLUDED
+#define SSSRAID_DEBUG_H_INCLUDED
+
+/*
+ * debug levels
+ */
+#define SSSRAID_DEBUG 0x00000001
+
+/*
+ * debug macros
+ */
+
+#define ioc_err(ioc, fmt, ...) \
+ pr_err("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+#define ioc_notice(ioc, fmt, ...) \
+ pr_notice("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+#define ioc_warn(ioc, fmt, ...) \
+ pr_warn("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+#define ioc_info(ioc, fmt, ...) \
+ pr_info("%s: " fmt, (ioc)->name, ##__VA_ARGS__)
+
+
+#define dbgprint(IOC, FMT, ...) \
+ do { \
+ if (unlikely(IOC->logging_level & SSSRAID_DEBUG)) \
+ pr_info("%s: " FMT, (IOC)->name, ##__VA_ARGS__); \
+ } while (0)
+
+#endif /* SSSRAID_DEBUG_H_INCLUDED */
diff --git a/drivers/scsi/sssraid/sssraid_fw.c b/drivers/scsi/sssraid/sssraid_fw.c
new file mode 100644
index 000000000000..54287cf70558
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid_fw.c
@@ -0,0 +1,1724 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#include <linux/version.h>
+#include <linux/pci.h>
+#include <linux/aer.h>
+#include <linux/module.h>
+#include <linux/ioport.h>
+#include <linux/device.h>
+#include <linux/delay.h>
+#include <linux/interrupt.h>
+#include <linux/cdev.h>
+#include <linux/sysfs.h>
+#include <linux/gfp.h>
+#include <linux/types.h>
+#include <linux/ratelimit.h>
+#include <linux/debugfs.h>
+#include <linux/blkdev.h>
+#include <linux/bsg-lib.h>
+#include <linux/sort.h>
+
+#include <scsi/scsi.h>
+#include <scsi/scsi_cmnd.h>
+#include <scsi/scsi_device.h>
+#include <scsi/scsi_host.h>
+#include <scsi/scsi_transport.h>
+#include <scsi/scsi_dbg.h>
+
+#include <linux/unaligned/be_byteshift.h>
+#include <linux/unaligned/le_byteshift.h>
+#include <linux/once.h>
+#include <linux/sched/signal.h>
+#include <linux/io-64-nonatomic-lo-hi.h>
+
+#include "sssraid.h"
+#include "sssraid_debug.h"
+
+static int sssraid_wait_ready(struct sssraid_dev *hdev, u64 cap, bool enabled)
+{
+ unsigned long timeout =
+ ((SSSRAID_CAP_TIMEOUT(cap) + 1) * SSSRAID_CAP_TIMEOUT_UNIT_MS) + jiffies;
+ u32 bit = enabled ? SSSRAID_CSTS_RDY : 0;
+
+ while ((readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_RDY) != bit) {
+ usleep_range(1000, 2000);
+ if (fatal_signal_pending(current))
+ return -EINTR;
+
+ if (time_after(jiffies, timeout)) {
+ ioc_err(hdev, "Device not ready; aborting %s\n",
+ enabled ? "initialisation" : "reset");
+ return -ENODEV;
+ }
+ }
+ return 0;
+}
+
+static int sssraid_enable_ctrl(struct sssraid_dev *hdev)
+{
+ u64 cap = hdev->cap;
+ u32 dev_page_min = SSSRAID_CAP_MPSMIN(cap) + 12;
+ u32 page_shift = PAGE_SHIFT;
+
+ if (page_shift < dev_page_min) {
+ ioc_err(hdev, "Minimum device page size[%u], too large for host[%u]\n",
+ 1U << dev_page_min, 1U << page_shift);
+ return -ENODEV;
+ }
+
+ page_shift = min_t(unsigned int, SSSRAID_CAP_MPSMAX(cap) + 12, PAGE_SHIFT);
+ hdev->page_size = 1U << page_shift;
+
+ hdev->ctrl_config = SSSRAID_CC_CSS_NVM;
+ hdev->ctrl_config |= (page_shift - 12) << SSSRAID_CC_MPS_SHIFT;
+ hdev->ctrl_config |= SSSRAID_CC_AMS_RR | SSSRAID_CC_SHN_NONE;
+ hdev->ctrl_config |= SSSRAID_CC_IOSQES | SSSRAID_CC_IOCQES;
+ hdev->ctrl_config |= SSSRAID_CC_ENABLE;
+ writel(hdev->ctrl_config, hdev->bar + SSSRAID_REG_CC);
+
+ return sssraid_wait_ready(hdev, cap, true);
+}
+
+static int sssraid_disable_ctrl(struct sssraid_dev *hdev)
+{
+ hdev->ctrl_config &= ~SSSRAID_CC_SHN_MASK;
+ hdev->ctrl_config &= ~SSSRAID_CC_ENABLE;
+ writel(hdev->ctrl_config, hdev->bar + SSSRAID_REG_CC);
+
+ return sssraid_wait_ready(hdev, hdev->cap, false);
+}
+
+static int sssraid_shutdown_ctrl(struct sssraid_dev *hdev)
+{
+ unsigned long timeout = le32_to_cpu(hdev->ctrl_info->rtd3e) / 1000000 * HZ + jiffies;
+
+ hdev->ctrl_config &= ~SSSRAID_CC_SHN_MASK;
+ hdev->ctrl_config |= SSSRAID_CC_SHN_NORMAL;
+ writel(hdev->ctrl_config, hdev->bar + SSSRAID_REG_CC);
+
+ while ((readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_SHST_MASK) !=
+ SSSRAID_CSTS_SHST_CMPLT) {
+ msleep(100);
+ if (fatal_signal_pending(current))
+ return -EINTR;
+ if (time_after(jiffies, timeout)) {
+ ioc_err(hdev, "Device shutdown incomplete; abort shutdown\n");
+ return -ENODEV;
+ }
+ }
+ return 0;
+}
+
+static int sssraid_remap_bar(struct sssraid_dev *hdev, u32 size)
+{
+ struct pci_dev *pdev = hdev->pdev;
+
+ if (size > pci_resource_len(pdev, 0)) {
+ ioc_err(hdev, "Input size[%u] exceed bar0 length[%llu]\n",
+ size, pci_resource_len(pdev, 0));
+ return -ENODEV;
+ }
+
+ if (hdev->bar)
+ iounmap(hdev->bar);
+
+ hdev->bar = ioremap(pci_resource_start(pdev, 0), size);
+ if (!hdev->bar) {
+ ioc_err(hdev, "ioremap for bar0 failed\n");
+ return -ENODEV;
+ }
+ hdev->dbs = hdev->bar + SSSRAID_REG_DBS;
+
+ return 0;
+}
+
+static int sssraid_create_dma_pools(struct sssraid_dev *hdev)
+{
+ int i;
+ char poolname[20] = { 0 };
+
+ hdev->prp_page_pool = dma_pool_create("prp list page", &hdev->pdev->dev,
+ PAGE_SIZE, PAGE_SIZE, 0);
+
+ if (!hdev->prp_page_pool) {
+ ioc_err(hdev, "create prp_page_pool failed\n");
+ return -ENOMEM;
+ }
+
+ for (i = 0; i < small_pool_num; i++) {
+ sprintf(poolname, "prp_list_256_%d", i);
+ hdev->prp_small_pool[i] = dma_pool_create(poolname, &hdev->pdev->dev,
+ SMALL_POOL_SIZE,
+ SMALL_POOL_SIZE, 0);
+
+ if (!hdev->prp_small_pool[i]) {
+ ioc_err(hdev, "create prp_small_pool %d failed\n", i);
+ goto destroy_prp_small_pool;
+ }
+ }
+
+ return 0;
+
+destroy_prp_small_pool:
+ while (i > 0)
+ dma_pool_destroy(hdev->prp_small_pool[--i]);
+ dma_pool_destroy(hdev->prp_page_pool);
+
+ return -ENOMEM;
+}
+
+static void sssraid_destroy_dma_pools(struct sssraid_dev *hdev)
+{
+ int i;
+
+ for (i = 0; i < small_pool_num; i++)
+ dma_pool_destroy(hdev->prp_small_pool[i]);
+ dma_pool_destroy(hdev->prp_page_pool);
+}
+
+static int sssraid_alloc_resources(struct sssraid_dev *hdev)
+{
+ int retval, nqueue;
+
+ hdev->ctrl_info = kzalloc_node(sizeof(*hdev->ctrl_info), GFP_KERNEL, hdev->numa_node);
+ if (!hdev->ctrl_info)
+ return -ENOMEM;
+
+ retval = sssraid_create_dma_pools(hdev);
+ if (retval)
+ goto free_ctrl_info;
+ /* not num_online_cpus */
+ nqueue = num_possible_cpus() + 1;
+ hdev->cqinfo = kcalloc_node(nqueue, sizeof(struct sssraid_cqueue),
+ GFP_KERNEL, hdev->numa_node);
+ if (!hdev->cqinfo) {
+ retval = -ENOMEM;
+ goto destroy_dma_pools;
+ }
+
+ hdev->sqinfo = kcalloc_node(nqueue, sizeof(struct sssraid_squeue),
+ GFP_KERNEL, hdev->numa_node);
+ if (!hdev->sqinfo) {
+ retval = -ENOMEM;
+ goto free_cqueues;
+ }
+
+ /* sssraid_alloc_admin_cmds moved to sssraid_init_ioc */
+
+ ioc_info(hdev, "queues num: %d\n", nqueue);
+
+ return 0;
+
+free_cqueues:
+ kfree(hdev->cqinfo);
+destroy_dma_pools:
+ sssraid_destroy_dma_pools(hdev);
+free_ctrl_info:
+ kfree(hdev->ctrl_info);
+
+ return retval;
+}
+
+void sssraid_ioc_enable_intr(struct sssraid_dev *hdev)
+{
+ hdev->intr_enabled = 1;
+}
+
+void sssraid_ioc_disable_intr(struct sssraid_dev *hdev)
+{
+ u16 i, max_vectors;
+
+ hdev->intr_enabled = 0;
+ max_vectors = hdev->intr_info_count;
+
+ for (i = 0; i < max_vectors; i++)
+ synchronize_irq(pci_irq_vector(hdev->pdev, i));
+}
+
+static int sssraid_setup_resources(struct sssraid_dev *hdev)
+{
+ struct pci_dev *pdev = hdev->pdev;
+ int retval = 0;
+ u64 maskbit = SSSRAID_DMA_MSK_BIT_MAX;
+
+ if (pci_enable_device_mem(pdev)) {
+ ioc_err(hdev, "pci_enable_device_mem: failed\n");
+ retval = -ENODEV;
+ goto out_failed;
+ }
+
+ retval = pci_request_mem_regions(pdev, SSSRAID_DRIVER_NAME);
+ if (retval) {
+ ioc_err(hdev, "fail to request memory regions\n");
+ retval = -ENODEV;
+ goto out_failed;
+ }
+
+ /* get cap value at first, so keep
+ * sssraid_remap_bar(hdev, SSSRAID_REG_DBS + 4096)
+ * ioremap(pci_resource_start(..)) still in sssraid_remap_bar
+ */
+ retval = sssraid_remap_bar(hdev, SSSRAID_REG_DBS + 4096);
+ if (retval) {
+ retval = -ENODEV;
+ goto out_failed;
+ }
+
+ pci_set_master(pdev);
+
+ if (readl(hdev->bar + SSSRAID_REG_CSTS) == U32_MAX) {
+ retval = -ENODEV;
+ ioc_err(hdev, "Read csts register failed\n");
+ goto out_failed;
+ }
+
+ hdev->cap = lo_hi_readq(hdev->bar + SSSRAID_REG_CAP);
+ hdev->ioq_depth = min_t(u32, SSSRAID_CAP_MQES(hdev->cap) + 1, io_queue_depth);
+ hdev->scsi_qd = hdev->ioq_depth - SSSRAID_PTCMDS_PERQ;
+ hdev->db_stride = 1 << SSSRAID_CAP_STRIDE(hdev->cap);
+
+ maskbit = SSSRAID_CAP_DMAMASK(hdev->cap);
+ if (maskbit < 32 || maskbit > SSSRAID_DMA_MSK_BIT_MAX) {
+ ioc_err(hdev, "err, dma mask invalid[%llu], set to default\n", maskbit);
+ maskbit = SSSRAID_DMA_MSK_BIT_MAX;
+ }
+
+ if (dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(maskbit))) {
+ if (dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(32))) {
+ ioc_err(hdev, "set dma mask[32] and coherent failed\n");
+ retval = -ENODEV;
+ goto out_failed;
+ }
+ ioc_info(hdev, "set dma mask[32] success\n");
+ } else {
+ ioc_info(hdev, "set dma mask[%llu] success\n", maskbit);
+ }
+
+ /* pci_alloc_irq_vectors(pdev, 1, 1, PCI_IRQ_ALL_TYPES) moved to setup_isr */
+
+ pci_set_drvdata(pdev, hdev->shost);
+
+ pci_enable_pcie_error_reporting(pdev);
+ pci_save_state(pdev);
+
+ sssraid_ioc_disable_intr(hdev);
+
+ return retval;
+
+out_failed:
+ sssraid_cleanup_resources(hdev);
+ return retval;
+}
+
+static int sssraid_alloc_admin_cmds(struct sssraid_dev *hdev)
+{
+ u16 i;
+
+ INIT_LIST_HEAD(&hdev->adm_cmd_list);
+ spin_lock_init(&hdev->adm_cmd_lock);
+
+ hdev->adm_cmds = kcalloc_node(SSSRAID_AQ_BLK_MQ_DEPTH, sizeof(struct sssraid_cmd),
+ GFP_KERNEL, hdev->numa_node);
+
+ if (!hdev->adm_cmds) {
+ ioc_err(hdev, "Alloc admin cmds failed\n");
+ return -ENOMEM;
+ }
+
+ for (i = 0; i < SSSRAID_AQ_BLK_MQ_DEPTH; i++) {
+ hdev->adm_cmds[i].qid = 0;
+ hdev->adm_cmds[i].cid = i;
+ list_add_tail(&(hdev->adm_cmds[i].list), &hdev->adm_cmd_list);
+ }
+
+ ioc_info(hdev, "Alloc admin cmds success, num[%d]\n", SSSRAID_AQ_BLK_MQ_DEPTH);
+
+ return 0;
+}
+
+static int sssraid_alloc_qpair(struct sssraid_dev *hdev, u16 qidx, u16 depth)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+ int retval = 0;
+
+ if (hdev->init_done_queue_cnt > qidx) {
+ ioc_info(hdev, "warn: queue[%d] is exist\n", qidx);
+ return 0;
+ }
+
+ cqinfo->cqes = dma_alloc_coherent(&hdev->pdev->dev, CQ_SIZE(depth),
+ &cqinfo->cq_dma_addr, GFP_KERNEL | __GFP_ZERO);
+ if (!cqinfo->cqes)
+ return -ENOMEM;
+
+ sqinfo->sq_cmds = dma_alloc_coherent(&hdev->pdev->dev, SQ_SIZE(qidx, depth),
+ &sqinfo->sq_dma_addr, GFP_KERNEL);
+ if (!sqinfo->sq_cmds) {
+ retval = -ENOMEM;
+ goto free_cqes;
+ }
+
+ /* alloc sense buffer */
+ sqinfo->sense = dma_alloc_coherent(&hdev->pdev->dev, SENSE_SIZE(depth),
+ &sqinfo->sense_dma_addr, GFP_KERNEL | __GFP_ZERO);
+ if (!sqinfo->sense) {
+ retval = -ENOMEM;
+ goto free_sq_cmds;
+ }
+
+ spin_lock_init(&sqinfo->sq_lock);
+ spin_lock_init(&cqinfo->cq_lock);
+ cqinfo->hdev = hdev;
+ sqinfo->hdev = hdev;
+ sqinfo->q_depth = depth;
+ sqinfo->qidx = qidx;
+ /* cq_vector replaced by msix_index */
+
+ /*
+ * online_queues: completely initialized queue count: sssraid_init_queue
+ * queue_count: allocated but not completely initialized queue count: sssraid_alloc_queue
+ * online_queues/queue_count replaced by init_done_queue_cnt.
+ */
+ hdev->init_done_queue_cnt++;
+
+ return 0;
+
+free_sq_cmds:
+ dma_free_coherent(&hdev->pdev->dev, SQ_SIZE(qidx, depth), (void *)sqinfo->sq_cmds,
+ sqinfo->sq_dma_addr);
+free_cqes:
+ dma_free_coherent(&hdev->pdev->dev, CQ_SIZE(depth), (void *)cqinfo->cqes,
+ cqinfo->cq_dma_addr);
+ return retval;
+}
+
+static void sssraid_init_queue(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ memset((void *)cqinfo->cqes, 0, CQ_SIZE(sqinfo->q_depth));
+
+ sqinfo->sq_tail = 0;
+ cqinfo->cq_head = 0;
+ cqinfo->cq_phase = 1;
+ sqinfo->q_db = &hdev->dbs[qidx * 2 * hdev->db_stride];
+ sqinfo->prp_small_pool = hdev->prp_small_pool[qidx % small_pool_num];
+}
+
+static int sssraid_setup_admin_qpair(struct sssraid_dev *hdev)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[0];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[0];
+ u32 aqa;
+ int retval;
+
+ ioc_info(hdev, "start disable ctrl\n");
+
+ retval = sssraid_disable_ctrl(hdev);
+ if (retval)
+ return retval;
+
+ /* this func don't alloc admin queue */
+
+ aqa = sqinfo->q_depth - 1;
+ aqa |= aqa << 16;
+ writel(aqa, hdev->bar + SSSRAID_REG_AQA);
+ lo_hi_writeq(sqinfo->sq_dma_addr, hdev->bar + SSSRAID_REG_ASQ);
+ lo_hi_writeq(cqinfo->cq_dma_addr, hdev->bar + SSSRAID_REG_ACQ);
+
+ ioc_info(hdev, "start enable ctrl\n");
+
+ retval = sssraid_enable_ctrl(hdev);
+ if (retval) {
+ retval = -ENODEV;
+ return retval;
+ }
+
+ /* interrupt registry not here */
+ /* cq_vector replaced by msix_index */
+
+ sssraid_init_queue(hdev, 0);
+
+ ioc_info(hdev, "success, queuecount:[%d], pagesize[%d]\n",
+ hdev->init_done_queue_cnt, hdev->page_size);
+
+ return 0;
+}
+
+static void sssraid_cleanup_isr(struct sssraid_dev *hdev)
+{
+ u16 i;
+
+ sssraid_ioc_disable_intr(hdev);
+
+ if (!hdev->intr_info)
+ return;
+
+ for (i = 0; i < hdev->intr_info_count; i++)
+ free_irq(pci_irq_vector(hdev->pdev, i),
+ (hdev->intr_info + i));
+
+ kfree(hdev->intr_info);
+ hdev->intr_info = NULL;
+ hdev->intr_info_count = 0;
+ pci_free_irq_vectors(hdev->pdev);
+}
+
+static void sssraid_complete_adminq_cmnd(struct sssraid_dev *hdev, u16 qidx,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_cmd *adm_cmd;
+
+ adm_cmd = hdev->adm_cmds + le16_to_cpu(cqe->cmd_id);
+ if (unlikely(adm_cmd->state == SSSRAID_CMD_IDLE)) {
+ ioc_warn(hdev, "Invalid id %d completed on queue %d\n",
+ le16_to_cpu(cqe->cmd_id), le16_to_cpu(cqe->sq_id));
+ return;
+ }
+
+ adm_cmd->status = le16_to_cpu(cqe->status) >> 1;
+ adm_cmd->result0 = le32_to_cpu(cqe->result);
+ adm_cmd->result1 = le32_to_cpu(cqe->result1);
+
+ complete(&adm_cmd->cmd_done);
+}
+
+static inline bool sssraid_cqe_pending(struct sssraid_cqueue *cqinfo)
+{
+ return (le16_to_cpu(cqinfo->cqes[cqinfo->cq_head].status) & 1) ==
+ cqinfo->cq_phase;
+}
+
+static inline void sssraid_update_cq_head(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ if (++cqinfo->cq_head == sqinfo->q_depth) {
+ cqinfo->cq_head = 0;
+ cqinfo->cq_phase = !cqinfo->cq_phase;
+ }
+}
+
+static inline bool sssraid_process_cq(struct sssraid_dev *hdev, u16 qidx, u16 *start,
+ u16 *end, int tag)
+{
+ bool found = false;
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ *start = cqinfo->cq_head;
+ while (!found && sssraid_cqe_pending(cqinfo)) {
+ if (le16_to_cpu(cqinfo->cqes[cqinfo->cq_head].cmd_id) == tag)
+ found = true;
+ sssraid_update_cq_head(hdev, qidx);
+ }
+ *end = cqinfo->cq_head;
+
+ if (*start != *end)
+ writel(cqinfo->cq_head, sqinfo->q_db + sqinfo->hdev->db_stride);
+
+ return found;
+}
+
+static irqreturn_t sssraid_isr(int irq, void *privdata)
+{
+ struct sssraid_intr_info *intr_info = privdata;
+ struct sssraid_dev *hdev = intr_info->hdev;
+ irqreturn_t ret = IRQ_NONE;
+ struct sssraid_cqueue *cqinfo;
+ u16 midx, start, end;
+
+ if (!intr_info)
+ return IRQ_NONE;
+
+ if (!hdev->intr_enabled)
+ return IRQ_NONE;
+
+ midx = intr_info->msix_index;
+ cqinfo = &hdev->cqinfo[midx];
+
+ spin_lock(&cqinfo->cq_lock);
+ if (cqinfo->cq_head != cqinfo->last_cq_head)
+ ret = IRQ_HANDLED;
+
+ sssraid_process_cq(hdev, midx, &start, &end, -1);
+ cqinfo->last_cq_head = cqinfo->cq_head;
+ spin_unlock(&cqinfo->cq_lock);
+
+ if (start != end) {
+ sssraid_complete_cqes(hdev, midx, start, end);
+ ret = IRQ_HANDLED;
+ }
+ return ret;
+}
+
+irqreturn_t sssraid_isr_poll(int irq, void *privdata)
+{
+ return IRQ_NONE;
+}
+
+bool sssraid_poll_cq(struct sssraid_dev *hdev, u16 qidx, int cid)
+{
+ u16 start, end;
+ bool found;
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+
+ if (!sssraid_cqe_pending(cqinfo))
+ return 0;
+
+ spin_lock_irq(&cqinfo->cq_lock);
+ found = sssraid_process_cq(hdev, qidx, &start, &end, cid);
+ spin_unlock_irq(&cqinfo->cq_lock);
+
+ sssraid_complete_cqes(hdev, qidx, start, end);
+ return found;
+}
+
+static inline int sssraid_request_irq(struct sssraid_dev *hdev, u16 index)
+{
+ struct pci_dev *pdev = hdev->pdev;
+ struct sssraid_intr_info *intr_info = hdev->intr_info + index;
+ int retval = 0;
+
+ intr_info->hdev = hdev;
+ intr_info->msix_index = index;
+ intr_info->cqinfo = NULL;
+
+ snprintf(intr_info->name, SSSRAID_NAME_LENGTH, "%s%d-msix%d",
+ SSSRAID_DRIVER_NAME, hdev->instance, index);
+
+ retval = request_threaded_irq(pci_irq_vector(pdev, index), sssraid_isr,
+ sssraid_isr_poll, IRQF_SHARED, intr_info->name, intr_info);
+
+ if (retval) {
+ ioc_err(hdev, "%s: Unable to allocate interrupt %d!\n",
+ intr_info->name, pci_irq_vector(pdev, index));
+ return retval;
+ }
+
+ return retval;
+}
+
+static int sssraid_setup_isr(struct sssraid_dev *hdev, u8 setup_one)
+{
+ unsigned int irq_flags = PCI_IRQ_MSIX;
+ u16 max_vectors = 0, i;
+ int retval = 0;
+
+ struct irq_affinity desc = { .pre_vectors = 1};
+
+ sssraid_cleanup_isr(hdev);
+
+ if (setup_one)
+ max_vectors = 1;
+ else {
+ max_vectors = hdev->before_affinity_msix_cnt;
+
+ ioc_info(hdev, "MSI-x vectors requested: %d\n", max_vectors);
+ }
+
+ irq_flags |= PCI_IRQ_AFFINITY | PCI_IRQ_ALL_TYPES;
+
+ i = pci_alloc_irq_vectors_affinity(hdev->pdev,
+ 1, max_vectors, irq_flags, &desc);
+
+ if (i <= 0) {
+ ioc_err(hdev, "Cannot alloc irq vectors\n");
+ goto out_failed;
+ }
+ if (i != max_vectors) {
+ ioc_info(hdev,
+ "allocated vectors (%d) are less than configured (%d)\n",
+ i, max_vectors);
+
+ max_vectors = i;
+ }
+
+ hdev->intr_info = kzalloc(sizeof(struct sssraid_intr_info) * max_vectors,
+ GFP_KERNEL);
+ if (!hdev->intr_info) {
+ retval = -1;
+ pci_free_irq_vectors(hdev->pdev);
+ goto out_failed;
+ }
+
+ for (i = 0; i < max_vectors; i++) {
+ retval = sssraid_request_irq(hdev, i);
+ if (retval) {
+ hdev->intr_info_count = i; /* =i is for offload interrupt loop counter */
+ goto out_failed;
+ }
+ }
+
+ /* intr_info_count replace max_qid */
+ hdev->intr_info_count = max_vectors;
+ sssraid_ioc_enable_intr(hdev);
+ return retval;
+out_failed:
+ sssraid_cleanup_isr(hdev);
+
+ return retval;
+}
+
+static bool sssraid_adm_need_reset(struct sssraid_admin_command *cmd)
+{
+ switch (cmd->common.opcode) {
+ case SSSRAID_ADMIN_DELETE_SQ:
+ case SSSRAID_ADMIN_CREATE_SQ:
+ case SSSRAID_ADMIN_DELETE_CQ:
+ case SSSRAID_ADMIN_CREATE_CQ:
+ case SSSRAID_ADMIN_SET_FEATURES:
+ return false;
+ default:
+ return true;
+ }
+}
+
+void sssraid_submit_cmd(struct sssraid_squeue *sqinfo, const void *cmd)
+{
+ u32 sqes = SQE_SIZE(sqinfo->qidx);
+ unsigned long flags;
+ struct sssraid_admin_common_command *acd = (struct sssraid_admin_common_command *)cmd;
+
+ spin_lock_irqsave(&sqinfo->sq_lock, flags);
+ memcpy((sqinfo->sq_cmds + sqes * sqinfo->sq_tail), cmd, sqes);
+ if (++sqinfo->sq_tail == sqinfo->q_depth)
+ sqinfo->sq_tail = 0;
+
+ writel(sqinfo->sq_tail, sqinfo->q_db);
+ spin_unlock_irqrestore(&sqinfo->sq_lock, flags);
+
+ dbgprint(sqinfo->hdev, "cid[%d] qidx[%d], opcode[0x%x], flags[0x%x], hdid[%u]\n",
+ le16_to_cpu(acd->command_id), sqinfo->qidx, acd->opcode, acd->flags,
+ le32_to_cpu(acd->hdid));
+}
+
+int sssraid_submit_admin_sync_cmd(struct sssraid_dev *hdev, struct sssraid_admin_command *cmd,
+ u32 *result0, u32 *result1, u32 timeout)
+{
+ struct sssraid_cmd *adm_cmd = sssraid_get_cmd(hdev, SSSRAID_CMD_ADM);
+
+ if (!adm_cmd) {
+ ioc_err(hdev, "err, get admin cmd failed\n");
+ return -EFAULT;
+ }
+
+ timeout = timeout ? timeout : ADMIN_TIMEOUT;
+
+ /*
+ * watch dog not as optimized as
+ * init_completion/complete
+ */
+ init_completion(&adm_cmd->cmd_done);
+
+ cmd->common.command_id = cpu_to_le16(adm_cmd->cid);
+ sssraid_submit_cmd(&hdev->sqinfo[0], cmd);
+
+ if (!wait_for_completion_timeout(&adm_cmd->cmd_done, timeout)) {
+ ioc_err(hdev, "cid[%d] qidx[%d] timeout, opcode[0x%x] subopcode[0x%x]\n",
+ adm_cmd->cid, adm_cmd->qid, cmd->usr_cmd.opcode,
+ cmd->usr_cmd.info_0.subopcode);
+
+ /* reset controller if admin timeout */
+ if (sssraid_adm_need_reset(cmd))
+ sssraid_adm_timeout(hdev, adm_cmd);
+
+ sssraid_put_cmd(hdev, adm_cmd, SSSRAID_CMD_ADM);
+ return -ETIME;
+ }
+
+ if (result0)
+ *result0 = adm_cmd->result0;
+ if (result1)
+ *result1 = adm_cmd->result1;
+
+ sssraid_put_cmd(hdev, adm_cmd, SSSRAID_CMD_ADM);
+
+ return adm_cmd->status;
+}
+
+static int sssraid_get_ctrl_info(struct sssraid_dev *hdev, struct sssraid_ctrl_info *ctrl_info)
+{
+ struct sssraid_admin_command admin_cmd;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+ int retval;
+
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.get_info.opcode = SSSRAID_ADMIN_GET_INFO;
+ admin_cmd.get_info.type = SSSRAID_GET_INFO_CTRL;
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ retval = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+ if (!retval)
+ memcpy(ctrl_info, data_ptr, sizeof(struct sssraid_ctrl_info));
+
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, data_ptr, data_dma);
+
+ return retval;
+}
+
+int sssraid_init_ctrl_info(struct sssraid_dev *hdev)
+{
+ int retval;
+
+ hdev->ctrl_info->nd = cpu_to_le32(240);
+ hdev->ctrl_info->mdts = 8;
+ hdev->ctrl_info->max_cmds = cpu_to_le16(4096);
+ hdev->ctrl_info->max_num_sge = cpu_to_le16(128);
+ hdev->ctrl_info->max_channel = cpu_to_le16(4);
+ hdev->ctrl_info->max_tgt_id = cpu_to_le32(3239);
+ hdev->ctrl_info->max_lun = cpu_to_le16(2);
+
+ retval = sssraid_get_ctrl_info(hdev, hdev->ctrl_info);
+ if (retval)
+ ioc_err(hdev, "init controller info failed: %d\n", retval);
+
+ ioc_info(hdev, "nd = %d\n", le32_to_cpu(hdev->ctrl_info->nd));
+ ioc_info(hdev, "max_cmd = %d\n", le16_to_cpu(hdev->ctrl_info->max_cmds));
+ ioc_info(hdev, "max_channel = %d\n", le16_to_cpu(hdev->ctrl_info->max_channel));
+ ioc_info(hdev, "max_tgt_id = %d\n", le32_to_cpu(hdev->ctrl_info->max_tgt_id));
+ ioc_info(hdev, "max_lun = %d\n", le16_to_cpu(hdev->ctrl_info->max_lun));
+ ioc_info(hdev, "max_num_sge = %d\n", le16_to_cpu(hdev->ctrl_info->max_num_sge));
+ ioc_info(hdev, "lun_num_boot = %d\n", le16_to_cpu(hdev->ctrl_info->lun_num_in_boot));
+ ioc_info(hdev, "mdts = %d\n", hdev->ctrl_info->mdts);
+ ioc_info(hdev, "acl = %d\n", hdev->ctrl_info->acl);
+ ioc_info(hdev, "aer1 = %d\n", hdev->ctrl_info->aerl);
+ ioc_info(hdev, "card_type = %d\n", hdev->ctrl_info->card_type);
+ ioc_info(hdev, "rtd3e = %d\n", le32_to_cpu(hdev->ctrl_info->rtd3e));
+ ioc_info(hdev, "sn = %s\n", hdev->ctrl_info->sn);
+ ioc_info(hdev, "fr = %s\n", hdev->ctrl_info->fr);
+
+ if (!hdev->ctrl_info->aerl)
+ hdev->ctrl_info->aerl = 1;
+ if (hdev->ctrl_info->aerl > SSSRAID_NR_AEN_COMMANDS)
+ hdev->ctrl_info->aerl = SSSRAID_NR_AEN_COMMANDS;
+
+ return 0;
+}
+
+static int sssraid_set_features(struct sssraid_dev *hdev, u32 fid, u32 dword11, void *buffer,
+ size_t buflen, u32 *result)
+{
+ struct sssraid_admin_command admin_cmd;
+ int ret;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+
+ if (buffer && buflen) {
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, buflen, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memcpy(data_ptr, buffer, buflen);
+ }
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.features.opcode = SSSRAID_ADMIN_SET_FEATURES;
+ admin_cmd.features.fid = cpu_to_le32(fid);
+ admin_cmd.features.dword11 = cpu_to_le32(dword11);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, result, NULL, 0);
+
+ if (data_ptr)
+ dma_free_coherent(&hdev->pdev->dev, buflen, data_ptr, data_dma);
+
+ return ret;
+}
+
+static int sssraid_set_queue_cnt(struct sssraid_dev *hdev, u32 *cnt)
+{
+ u32 q_cnt = (*cnt - 1) | ((*cnt - 1) << 16);
+ u32 nr_ioqs, result;
+ int status;
+
+ status = sssraid_set_features(hdev, SSSRAID_FEAT_NUM_QUEUES, q_cnt, NULL, 0, &result);
+ if (status) {
+ ioc_err(hdev, "Set queue count failed, status: %d\n",
+ status);
+ return -EIO;
+ }
+
+ nr_ioqs = min(result & 0xffff, result >> 16) + 1;
+ *cnt = min(*cnt, nr_ioqs);
+ if (*cnt == 0) {
+ ioc_err(hdev, "Illegal queue count: zero\n");
+ return -EIO;
+ }
+ return 0;
+}
+
+static int sssraid_create_cq(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[qidx];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+ struct sssraid_admin_command admin_cmd;
+ int flags = SSSRAID_QUEUE_PHYS_CONTIG | SSSRAID_CQ_IRQ_ENABLED;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.create_cq.opcode = SSSRAID_ADMIN_CREATE_CQ;
+ admin_cmd.create_cq.prp1 = cpu_to_le64(cqinfo->cq_dma_addr);
+ admin_cmd.create_cq.cqid = cpu_to_le16(qidx);
+ admin_cmd.create_cq.qsize = cpu_to_le16(sqinfo->q_depth - 1);
+ admin_cmd.create_cq.cq_flags = cpu_to_le16(flags);
+ admin_cmd.create_cq.irq_vector = cpu_to_le16(qidx);
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+static int sssraid_create_io_cq(struct sssraid_dev *hdev, u16 qidx)
+{
+ int retval;
+ struct sssraid_cqueue *cqinfo = hdev->cqinfo + qidx;
+ u16 midx = qidx;
+
+ retval = sssraid_create_cq(hdev, qidx);
+ if (retval)
+ return retval;
+
+ /*
+ * cqinfo initialization at sssraid_init_queue
+ */
+ hdev->intr_info[midx].cqinfo = cqinfo;
+
+ return retval;
+}
+
+static int sssraid_create_sq(struct sssraid_dev *hdev, u16 qidx)
+{
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+ struct sssraid_admin_command admin_cmd;
+ int flags = SSSRAID_QUEUE_PHYS_CONTIG;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.create_sq.opcode = SSSRAID_ADMIN_CREATE_SQ;
+ admin_cmd.create_sq.prp1 = cpu_to_le64(sqinfo->sq_dma_addr);
+ admin_cmd.create_sq.sqid = cpu_to_le16(qidx);
+ admin_cmd.create_sq.qsize = cpu_to_le16(sqinfo->q_depth - 1);
+ admin_cmd.create_sq.sq_flags = cpu_to_le16(flags);
+ admin_cmd.create_sq.cqid = cpu_to_le16(qidx);
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+static int sssraid_create_io_sq(struct sssraid_dev *hdev, u16 qidx)
+{
+ return sssraid_create_sq(hdev, qidx);
+}
+
+int sssraid_get_dev_list(struct sssraid_dev *hdev, struct sssraid_dev_info *devices)
+{
+ u32 nd = le32_to_cpu(hdev->ctrl_info->nd);
+ struct sssraid_admin_command admin_cmd;
+ struct sssraid_dev_list *list_buf;
+ dma_addr_t data_dma = 0;
+ u32 i, idx, hdid, ndev;
+ int ret = 0;
+
+ list_buf = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!list_buf)
+ return -ENOMEM;
+
+ for (idx = 0; idx < nd;) {
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.get_info.opcode = SSSRAID_ADMIN_GET_INFO;
+ admin_cmd.get_info.type = SSSRAID_GET_INFO_DEV_LIST;
+ admin_cmd.get_info.cdw11 = cpu_to_le32(idx);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+
+ if (ret) {
+ ioc_err(hdev, "Get device list failed, nd: %u, idx: %u, ret: %d\n",
+ nd, idx, ret);
+ goto out;
+ }
+ ndev = le32_to_cpu(list_buf->dev_num);
+
+ ioc_info(hdev, "ndev numbers: %u\n", ndev);
+
+ for (i = 0; i < ndev; i++) {
+ hdid = le32_to_cpu(list_buf->devices[i].hdid);
+ ioc_info(hdev, "list_buf->devices[%d], hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ i, hdid, le16_to_cpu(list_buf->devices[i].target),
+ list_buf->devices[i].channel,
+ list_buf->devices[i].lun,
+ list_buf->devices[i].attr);
+ if (hdid > nd || hdid == 0) {
+ ioc_err(hdev, "err, hdid[%d] invalid\n", hdid);
+ continue;
+ }
+ memcpy(&devices[hdid - 1], &list_buf->devices[i],
+ sizeof(struct sssraid_dev_info));
+ }
+ idx += ndev;
+
+ if (ndev < MAX_DEV_ENTRY_PER_PAGE_4K)
+ break;
+ }
+
+out:
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, list_buf, data_dma);
+ return ret;
+}
+
+/* send abort command by admin queue temporary */
+int sssraid_send_abort_cmd(struct sssraid_dev *hdev, u32 hdid, u16 qidx, u16 cid)
+{
+ struct sssraid_admin_command admin_cmd;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.abort.opcode = SSSRAID_ADMIN_ABORT_CMD;
+ admin_cmd.abort.hdid = cpu_to_le32(hdid);
+ admin_cmd.abort.sqid = cpu_to_le16(qidx);
+ admin_cmd.abort.cid = cpu_to_le16(cid);
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+/* send reset command by admin quueue temporary */
+int sssraid_send_reset_cmd(struct sssraid_dev *hdev, u8 type, u32 hdid)
+{
+ struct sssraid_admin_command admin_cmd;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.reset.opcode = SSSRAID_ADMIN_RESET;
+ admin_cmd.reset.hdid = cpu_to_le32(hdid);
+ admin_cmd.reset.type = type;
+
+ return sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+}
+
+static int sssraid_delete_queue(struct sssraid_dev *hdev, u8 op, u16 qidx)
+{
+ struct sssraid_admin_command admin_cmd;
+ int retval;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.delete_queue.opcode = op;
+ admin_cmd.delete_queue.qid = cpu_to_le16(qidx);
+
+ retval = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+
+ if (retval)
+ ioc_err(hdev, "Delete %s:[%d] failed\n",
+ (op == SSSRAID_ADMIN_DELETE_CQ) ? "cq" : "sq", qidx);
+
+ return retval;
+}
+
+static int sssraid_delete_cq(struct sssraid_dev *hdev, u16 qidx)
+{
+ return sssraid_delete_queue(hdev, SSSRAID_ADMIN_DELETE_CQ, qidx);
+}
+
+void sssraid_adm_timeout(struct sssraid_dev *hdev, struct sssraid_cmd *cmd)
+{
+ /* command may be returned because controller reset */
+ if (READ_ONCE(cmd->state) == SSSRAID_CMD_COMPLETE)
+ return;
+
+ if (!sssraid_change_host_state(hdev, SSSRAID_RESETTING)) {
+ ioc_info(hdev, "can't change to reset state\n");
+ return;
+ }
+ sssraid_soft_reset_handler(hdev);
+}
+
+static int sssraid_create_io_qpair(struct sssraid_dev *hdev, u16 qidx)
+{
+ int retval;
+
+ retval = sssraid_create_io_cq(hdev, qidx);
+ if (retval)
+ return retval;
+
+ retval = sssraid_create_io_sq(hdev, qidx);
+ if (retval)
+ goto delete_cq;
+
+ /* intr_info.msix_index substitute cq_vector */
+
+ /* io interrupt registry:
+ * not here, put above
+ */
+
+ sssraid_init_queue(hdev, qidx);
+
+ return 0;
+
+delete_cq:
+ sssraid_delete_cq(hdev, qidx);
+
+ return retval;
+}
+
+static int sssraid_setup_io_qpair(struct sssraid_dev *hdev)
+{
+ u32 i, num_queues;
+ int retval = 0;
+
+ num_queues = min(hdev->intr_info_count, hdev->init_done_queue_cnt - 1);
+ for (i = 1; i <= num_queues; i++) {
+ retval = sssraid_create_io_qpair(hdev, i);
+ if (retval) {
+ ioc_err(hdev, "Create queue[%d] failed\n", i);
+ break;
+ }
+ }
+
+ ioc_info(hdev, "init_done_queue_cnt[%d], intr_info_count[%d] num_queues[%d]",
+ hdev->init_done_queue_cnt, /*hdev->online_queues,*/
+ hdev->intr_info_count, num_queues);
+
+ return retval >= 0 ? 0 : retval;
+}
+
+static int sssraid_alloc_ioq_ptcmds(struct sssraid_dev *hdev)
+{
+ int i;
+ int ptnum = SSSRAID_NR_IOQ_PTCMDS;
+
+ INIT_LIST_HEAD(&hdev->ioq_pt_list);
+ spin_lock_init(&hdev->ioq_pt_lock);
+
+ hdev->ioq_ptcmds = kcalloc_node(ptnum, sizeof(struct sssraid_cmd),
+ GFP_KERNEL, hdev->numa_node);
+
+ if (!hdev->ioq_ptcmds) {
+ ioc_err(hdev, "Alloc ioq_ptcmds failed\n");
+ return -ENOMEM;
+ }
+
+ for (i = 0; i < ptnum; i++) {
+ hdev->ioq_ptcmds[i].qid = i / SSSRAID_PTCMDS_PERQ + 1;
+ hdev->ioq_ptcmds[i].cid = i % SSSRAID_PTCMDS_PERQ + SSSRAID_IO_BLK_MQ_DEPTH;
+ list_add_tail(&(hdev->ioq_ptcmds[i].list), &hdev->ioq_pt_list);
+ }
+
+ ioc_info(hdev, "Alloc ioq_ptcmds success, ptnum[%d]\n", ptnum);
+
+ return 0;
+}
+
+int sssraid_send_event_ack(struct sssraid_dev *hdev, u8 event,
+ u32 event_ctx, u16 cid)
+{
+ /* event,event_ctx no use at this time */
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[0];
+ struct sssraid_admin_command admin_cmd;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.common.opcode = SSSRAID_ADMIN_ASYNC_EVENT;
+ admin_cmd.common.command_id = cpu_to_le16(cid);
+
+ sssraid_submit_cmd(sqinfo, &admin_cmd);
+ ioc_info(hdev, "send aen, cid[%d]\n", cid);
+
+ return 0;
+}
+
+static void sssraid_handle_aen_notice(struct sssraid_dev *hdev, u32 result)
+{
+ switch ((result & 0xff00) >> 8) {
+ case SSSRAID_AEN_DEV_CHANGED:
+ sssraid_scan_disk(hdev);
+ break;
+ case SSSRAID_AEN_FW_ACT_START:
+ ioc_info(hdev, "fw activation starting\n");
+ break;
+ case SSSRAID_AEN_HOST_PROBING:
+ break;
+ default:
+ ioc_warn(hdev, "async event result %08x\n", result);
+ }
+}
+
+static void sssraid_handle_aen_vs(struct sssraid_dev *hdev, u32 result, u32 result1)
+{
+ switch ((result & 0xff00) >> 8) {
+ case SSSRAID_AEN_TIMESYN:
+ sssraid_configure_timestamp(hdev);
+ break;
+ case SSSRAID_AEN_FW_ACT_FINISH:
+ ioc_info(hdev, "fw activation finish\n");
+ if (sssraid_init_ctrl_info(hdev))
+ ioc_err(hdev, "get ctrl info failed after fw act\n");
+ break;
+ case SSSRAID_AEN_EVENT_MIN ... SSSRAID_AEN_EVENT_MAX:
+ ioc_info(hdev, "rcv card event[%d], param1[0x%x] param2[0x%x]\n",
+ (result & 0xff00) >> 8, result, result1);
+ break;
+ default:
+ ioc_warn(hdev, "async event result: 0x%x\n", result);
+ }
+}
+
+static inline void sssraid_send_all_aen(struct sssraid_dev *hdev)
+{
+ u16 i;
+
+ for (i = 0; i < hdev->ctrl_info->aerl; i++)
+ sssraid_send_event_ack(hdev, 0, 0, i + SSSRAID_AQ_BLK_MQ_DEPTH);
+}
+
+static int sssraid_dev_list_init(struct sssraid_dev *hdev)
+{
+ u32 nd = le32_to_cpu(hdev->ctrl_info->nd);
+
+ hdev->devices = kzalloc_node(nd * sizeof(struct sssraid_dev_info),
+ GFP_KERNEL, hdev->numa_node);
+ if (!hdev->devices)
+ return -ENOMEM;
+
+ return 0;
+}
+
+int sssraid_configure_timestamp(struct sssraid_dev *hdev)
+{
+ __le64 ts;
+ int retval;
+
+ ts = cpu_to_le64(ktime_to_ms(ktime_get_real()));
+ retval = sssraid_set_features(hdev, SSSRAID_FEAT_TIMESTAMP, 0, &ts, sizeof(ts), NULL);
+
+ if (retval)
+ ioc_err(hdev, "set timestamp failed: %d\n", retval);
+ return retval;
+}
+
+int sssraid_init_ioc(struct sssraid_dev *hdev, u8 re_init)
+{
+ int retval = 0;
+ int i;
+ u32 nr_ioqs, bar_size;
+
+ if (!re_init) {
+ hdev->cpu_count = num_online_cpus();
+
+ retval = sssraid_alloc_resources(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc resources:error %d\n",
+ retval);
+ goto out_nocleanup;
+ }
+ }
+
+ /* reset need re-setup */
+ retval = sssraid_setup_resources(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup resources:error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ if (!re_init) {
+ retval = sssraid_alloc_admin_cmds(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc admin cmds:error %d\n",
+ retval);
+ goto out_failed;
+ }
+ /* put here:
+ * alloc admin queue
+ */
+ retval = sssraid_alloc_qpair(hdev, 0, SSSRAID_AQ_DEPTH);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc admin queue:error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+
+ retval = sssraid_setup_admin_qpair(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup admin queue:error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ /* 1. unregister all interrupt
+ * 2. admin interrupt registry
+ */
+ retval = sssraid_setup_isr(hdev, 1);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup ISR error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ retval = sssraid_init_ctrl_info(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to get ctrl info error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ nr_ioqs = hdev->cpu_count;
+ retval = sssraid_set_queue_cnt(hdev, &nr_ioqs);
+ if (retval) {
+ ioc_err(hdev, "Failed to set queue cnt error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ hdev->before_affinity_msix_cnt = nr_ioqs + 1;
+
+ /* 1. unregister all interrupt
+ * 2. admin interrupt re-registry
+ * 3. io interrupt registry
+ */
+ retval = sssraid_setup_isr(hdev, 0);
+ if (retval) {
+ ioc_err(hdev, "Failed to re-setup ISR, error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ /* remap */
+ bar_size = SSSRAID_REG_DBS + ((nr_ioqs + 1) * 8 * hdev->db_stride);
+ retval = sssraid_remap_bar(hdev, bar_size);
+ if (retval) {
+ ioc_err(hdev, "Failed to re-map bar, error %d\n",
+ retval);
+ goto out_failed;
+ }
+ hdev->sqinfo[0].q_db = hdev->dbs;
+
+ /* num_vecs no sense, abandon */
+
+ if (!re_init) {
+ for (i = hdev->init_done_queue_cnt; i <= hdev->intr_info_count; i++) {
+ retval = sssraid_alloc_qpair(hdev, i, hdev->ioq_depth);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc io queue:error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+ ioc_info(hdev, "intr_info_count: %d, init_done_queue_cnt: %d, ioq_depth: %d\n",
+ hdev->intr_info_count, hdev->init_done_queue_cnt, hdev->ioq_depth);
+ }
+
+ retval = sssraid_setup_io_qpair(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to setup io qpair, error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ if (!re_init) {
+ retval = sssraid_alloc_ioq_ptcmds(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to alloc ioq ptcmds, error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+
+ sssraid_send_all_aen(hdev);
+
+ if (!re_init) {
+ retval = sssraid_dev_list_init(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to init device list, error %d\n",
+ retval);
+ goto out_failed;
+ }
+
+ retval = sssraid_configure_timestamp(hdev);
+ if (retval) {
+ ioc_err(hdev, "Failed to configure timestamp, error %d\n",
+ retval);
+ goto out_failed;
+ }
+ }
+
+ return retval;
+
+out_failed:
+ sssraid_cleanup_ioc(hdev, re_init);
+out_nocleanup:
+ return retval;
+}
+
+void sssraid_cleanup_resources(struct sssraid_dev *hdev)
+{
+ struct pci_dev *pdev = hdev->pdev;
+
+ sssraid_cleanup_isr(hdev);
+
+ if (hdev->bar) {
+ iounmap(hdev->bar);
+ hdev->bar = NULL;
+ }
+
+ if (pci_is_enabled(pdev)) {
+ pci_disable_pcie_error_reporting(pdev);
+ pci_release_mem_regions(pdev);
+ pci_disable_device(pdev);
+ }
+}
+
+static void sssraid_free_ioq_ptcmds(struct sssraid_dev *hdev)
+{
+ kfree(hdev->ioq_ptcmds);
+ hdev->ioq_ptcmds = NULL;
+
+ INIT_LIST_HEAD(&hdev->ioq_pt_list);
+}
+
+static void sssraid_delete_io_queues(struct sssraid_dev *hdev)
+{
+ u16 queues = hdev->init_done_queue_cnt - 1;
+ u8 opcode = SSSRAID_ADMIN_DELETE_SQ;
+ u16 i, pass;
+
+ if (!pci_device_is_present(hdev->pdev)) {
+ ioc_err(hdev, "pci_device is not present, skip disable io queues\n");
+ return;
+ }
+
+ if (hdev->init_done_queue_cnt < 2) {
+ ioc_err(hdev, "err, io queue has been delete\n");
+ return;
+ }
+
+ for (pass = 0; pass < 2; pass++) {
+ for (i = queues; i > 0; i--)
+ if (sssraid_delete_queue(hdev, opcode, i))
+ break;
+
+ opcode = SSSRAID_ADMIN_DELETE_CQ;
+ }
+}
+
+void sssraid_complete_aen(struct sssraid_dev *hdev, struct sssraid_completion *cqe)
+{
+ u32 result = le32_to_cpu(cqe->result);
+
+ ioc_info(hdev, "rcv aen, cid[%d], status[0x%x], result[0x%x]\n",
+ le16_to_cpu(cqe->cmd_id), le16_to_cpu(cqe->status) >> 1, result);
+
+ /*
+ * The response to event moved from this func.
+ * sssraid_send_aen changed to name sssraid_send_event_ack
+ */
+
+ if ((le16_to_cpu(cqe->status) >> 1) != SSSRAID_SC_SUCCESS)
+ return;
+ switch (result & 0x7) {
+ case SSSRAID_AEN_NOTICE:
+ sssraid_handle_aen_notice(hdev, result);
+ break;
+ case SSSRAID_AEN_VS:
+ sssraid_handle_aen_vs(hdev, result, le32_to_cpu(cqe->result1));
+ break;
+ default:
+ ioc_warn(hdev, "Unsupported async event type: %u\n",
+ result & 0x7);
+ break;
+ }
+}
+
+void sssraid_free_iod_res(struct sssraid_dev *hdev, struct sssraid_iod *iod)
+{
+ const int last_prp = hdev->page_size / sizeof(__le64) - 1;
+ dma_addr_t dma_addr, next_dma_addr;
+ struct sssraid_sgl_desc *sg_list;
+ __le64 *prp_list;
+ void *addr;
+ int i;
+
+ dma_addr = iod->first_dma;
+ if (iod->npages == 0)
+ dma_pool_free(iod->sqinfo->prp_small_pool, sssraid_iod_list(iod)[0], dma_addr);
+
+ for (i = 0; i < iod->npages; i++) {
+ addr = sssraid_iod_list(iod)[i];
+
+ if (iod->use_sgl) {
+ sg_list = addr;
+ next_dma_addr =
+ le64_to_cpu((sg_list[SGES_PER_PAGE - 1]).addr);
+ } else {
+ prp_list = addr;
+ next_dma_addr = le64_to_cpu(prp_list[last_prp]);
+ }
+
+ dma_pool_free(hdev->prp_page_pool, addr, dma_addr);
+ dma_addr = next_dma_addr;
+ }
+
+ iod->sense = NULL;
+ iod->npages = -1;
+}
+
+static void sssraid_complete_ioq_sync_cmnd(struct sssraid_dev *hdev, u16 qidx,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_cmd *ptcmd;
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ ptcmd = hdev->ioq_ptcmds + (sqinfo->qidx - 1) * SSSRAID_PTCMDS_PERQ +
+ le16_to_cpu(cqe->cmd_id) - SSSRAID_IO_BLK_MQ_DEPTH;
+
+ ptcmd->status = le16_to_cpu(cqe->status) >> 1;
+ ptcmd->result0 = le32_to_cpu(cqe->result);
+ ptcmd->result1 = le32_to_cpu(cqe->result1);
+
+ complete(&ptcmd->cmd_done);
+}
+
+static void sssraid_complete_ioq_cmnd(struct sssraid_dev *hdev, u16 qidx,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[qidx];
+
+ struct blk_mq_tags *tags;
+ struct scsi_cmnd *scmd;
+ struct sssraid_iod *iod;
+ struct request *req;
+ unsigned long elapsed;
+
+ tags = hdev->shost->tag_set.tags[sqinfo->qidx - 1];
+
+ req = blk_mq_tag_to_rq(tags, le16_to_cpu(cqe->cmd_id));
+ if (unlikely(!req || !blk_mq_request_started(req))) {
+ ioc_warn(hdev, "Invalid id %d completed on queue %d\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx);
+ return;
+ }
+
+ scmd = blk_mq_rq_to_pdu(req);
+ iod = scsi_cmd_priv(scmd);
+
+ elapsed = jiffies - scmd->jiffies_at_alloc;
+ dbgprint(hdev, "cid[%d] qidx[%d] finish IO cost %3ld.%3ld seconds\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx, elapsed / HZ, elapsed % HZ);
+
+ if (cmpxchg(&iod->state, SSSRAID_CMD_IN_FLIGHT, SSSRAID_CMD_COMPLETE) !=
+ SSSRAID_CMD_IN_FLIGHT) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] enters abnormal handler, cost %3ld.%3ld seconds\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx, elapsed / HZ, elapsed % HZ);
+ WRITE_ONCE(iod->state, SSSRAID_CMD_TMO_COMPLETE);
+
+ if (iod->nsge) {
+ iod->nsge = 0;
+ scsi_dma_unmap(scmd);
+ }
+ sssraid_free_iod_res(hdev, iod);
+
+ return;
+ }
+
+ sssraid_map_status(iod, scmd, cqe);
+ if (iod->nsge) {
+ iod->nsge = 0;
+ scsi_dma_unmap(scmd);
+ }
+ sssraid_free_iod_res(hdev, iod);
+ scmd->scsi_done(scmd);
+}
+
+static void sssraid_process_admin_cq(struct sssraid_dev *hdev,
+ struct sssraid_squeue *sqinfo,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_fwevt *fwevt = NULL;
+ u16 cid = le16_to_cpu(cqe->cmd_id), sz;
+
+ if (likely(cid < SSSRAID_AQ_BLK_MQ_DEPTH))
+ sssraid_complete_adminq_cmnd(hdev, sqinfo->qidx, cqe);
+ else {
+ sz = sizeof(*cqe);
+ fwevt = sssraid_alloc_fwevt(sz);
+ if (!fwevt) {
+ ioc_info(hdev, "%s :failure at %s:%d/%s()!\n",
+ __func__, __FILE__, __LINE__, __func__);
+ return;
+ }
+
+ memcpy(fwevt->event_data, cqe, sz);
+ fwevt->hdev = hdev;
+ fwevt->event_id = 0; /* evt_type:0 */
+ fwevt->send_ack = 1; /* ack_req:1 */
+ fwevt->process_evt = 1; /* process_evt_bh:1 */
+ fwevt->evt_ctx = 0; /* 0 */
+ sssraid_fwevt_add_to_list(hdev, fwevt);
+ }
+}
+
+static void sssraid_process_io_cq(struct sssraid_dev *hdev,
+ struct sssraid_squeue *sqinfo,
+ struct sssraid_completion *cqe)
+{
+ u16 cid = le16_to_cpu(cqe->cmd_id);
+
+ if (likely(cid < SSSRAID_IO_BLK_MQ_DEPTH))
+ sssraid_complete_ioq_cmnd(hdev, sqinfo->qidx, cqe);
+ else /* io sync handle */
+ sssraid_complete_ioq_sync_cmnd(hdev, sqinfo->qidx, cqe);
+}
+
+static inline void sssraid_handle_cqe(struct sssraid_dev *hdev, u16 mdix, u16 didx)
+{
+ struct sssraid_cqueue *cqinfo = &hdev->cqinfo[mdix];
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[mdix];
+
+ struct sssraid_completion *cqe = &cqinfo->cqes[didx];
+ u16 cid = le16_to_cpu(cqe->cmd_id);
+
+ if (unlikely(cid >= sqinfo->q_depth)) {
+ ioc_err(hdev, "Invalid command id[%d] completed on queue %d\n",
+ cid, cqe->sq_id);
+ return;
+ }
+
+ dbgprint(hdev, "cid[%d] mdix[%d], result[0x%x], sq_id[%d], status[0x%x]\n",
+ cid, sqinfo->qidx, le32_to_cpu(cqe->result),
+ le16_to_cpu(cqe->sq_id), le16_to_cpu(cqe->status));
+
+ if (!mdix) /* admin */
+ sssraid_process_admin_cq(hdev, sqinfo, cqe);
+ else /* io */
+ sssraid_process_io_cq(hdev, sqinfo, cqe);
+}
+
+void sssraid_complete_cqes(struct sssraid_dev *hdev, u16 midx, u16 start, u16 end)
+{
+ struct sssraid_squeue *sqinfo = &hdev->sqinfo[midx];
+
+ while (start != end) {
+ sssraid_handle_cqe(hdev, midx, start);
+ if (++start == sqinfo->q_depth)
+ start = 0;
+ }
+}
+
+static void sssraid_disable_admin_queue(struct sssraid_dev *hdev, bool shutdown)
+{
+ struct sssraid_cqueue *adm_cqinfo = &hdev->cqinfo[0];
+ u16 start, end;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ if (shutdown)
+ sssraid_shutdown_ctrl(hdev);
+ else
+ sssraid_disable_ctrl(hdev);
+ }
+
+ if (hdev->init_done_queue_cnt == 0) {
+ ioc_err(hdev, "err, admin queue has been delete\n");
+ return;
+ }
+
+ spin_lock_irq(&adm_cqinfo->cq_lock);
+ sssraid_process_cq(hdev, 0, &start, &end, -1);
+ spin_unlock_irq(&adm_cqinfo->cq_lock);
+ sssraid_complete_cqes(hdev, 0, start, end);
+}
+
+static void sssraid_free_all_queues(struct sssraid_dev *hdev)
+{
+ int i;
+ struct sssraid_cqueue *cqinfo;
+ struct sssraid_squeue *sqinfo;
+
+ for (i = 0; i < hdev->init_done_queue_cnt; i++) {
+ cqinfo = &hdev->cqinfo[i];
+ sqinfo = &hdev->sqinfo[i];
+ dma_free_coherent(&hdev->pdev->dev, CQ_SIZE(sqinfo->q_depth),
+ (void *)cqinfo->cqes, cqinfo->cq_dma_addr);
+ dma_free_coherent(&hdev->pdev->dev, SQ_SIZE(sqinfo->qidx, sqinfo->q_depth),
+ sqinfo->sq_cmds, sqinfo->sq_dma_addr);
+ dma_free_coherent(&hdev->pdev->dev, SENSE_SIZE(sqinfo->q_depth),
+ sqinfo->sense, sqinfo->sense_dma_addr);
+ }
+
+ hdev->init_done_queue_cnt = 0;
+}
+
+static void sssraid_free_admin_cmds(struct sssraid_dev *hdev)
+{
+ kfree(hdev->adm_cmds);
+ hdev->adm_cmds = NULL;
+ INIT_LIST_HEAD(&hdev->adm_cmd_list);
+}
+
+static void sssraid_free_resources(struct sssraid_dev *hdev)
+{
+ sssraid_free_admin_cmds(hdev);
+ kfree(hdev->sqinfo);
+ kfree(hdev->cqinfo);
+ sssraid_destroy_dma_pools(hdev);
+ kfree(hdev->ctrl_info);
+}
+
+void sssraid_cleanup_ioc(struct sssraid_dev *hdev, u8 re_init)
+{
+ if (!re_init)
+ sssraid_free_ioq_ptcmds(hdev);
+
+ sssraid_delete_io_queues(hdev);
+ sssraid_disable_admin_queue(hdev, !re_init);
+
+ if (!re_init)
+ sssraid_free_all_queues(hdev);
+
+ sssraid_ioc_disable_intr(hdev);
+ sssraid_cleanup_resources(hdev);
+
+ if (!re_init)
+ sssraid_free_resources(hdev);
+
+}
+
+int sssraid_soft_reset_handler(struct sssraid_dev *hdev)
+{
+ int retval = 0;
+
+ if (hdev->state != SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host is not reset state\n");
+ return retval;
+ }
+
+ ioc_info(hdev, "enter host reset\n");
+
+ sssraid_ioc_disable_intr(hdev);
+ sssraid_cleanup_fwevt_list(hdev);
+
+ /* realize above here:
+ * sssraid_dev_disable -> sssraid_back_all_io
+ */
+ sssraid_back_all_io(hdev);
+ /*
+ * realize sssraid_dev_disable,
+ * i.e. sssraid_cleanup_ioc(1)
+ */
+ if (hdev->ctrl_config & SSSRAID_CC_ENABLE) {
+ ioc_info(hdev, "start dev_disable\n");
+ sssraid_cleanup_ioc(hdev, 1);
+ }
+
+ retval = sssraid_init_ioc(hdev, 1);
+ if (retval) {
+ ioc_err(hdev, "init ioc fail.\n");
+ return retval;
+ }
+
+ sssraid_change_host_state(hdev, SSSRAID_LIVE);
+
+ return retval;
+}
diff --git a/drivers/scsi/sssraid/sssraid_os.c b/drivers/scsi/sssraid/sssraid_os.c
new file mode 100644
index 000000000000..16d2b94d78f3
--- /dev/null
+++ b/drivers/scsi/sssraid/sssraid_os.c
@@ -0,0 +1,2337 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright(c) 2022 3SNIC Information Technology, Ltd */
+
+/* 3SNIC RAID SSSXXX Series Linux Driver */
+
+#include <linux/version.h>
+#include <linux/pci.h>
+#include <linux/aer.h>
+#include <linux/module.h>
+#include <linux/ioport.h>
+#include <linux/device.h>
+#include <linux/delay.h>
+#include <linux/interrupt.h>
+#include <linux/cdev.h>
+#include <linux/sysfs.h>
+#include <linux/gfp.h>
+#include <linux/types.h>
+#include <linux/ratelimit.h>
+#include <linux/debugfs.h>
+#include <linux/blkdev.h>
+#include <linux/bsg-lib.h>
+#include <linux/sort.h>
+
+#include <scsi/scsi.h>
+#include <scsi/scsi_cmnd.h>
+#include <scsi/scsi_device.h>
+#include <scsi/scsi_host.h>
+#include <scsi/scsi_transport.h>
+#include <scsi/scsi_dbg.h>
+
+#include <linux/unaligned/be_byteshift.h>
+#include <linux/unaligned/le_byteshift.h>
+#include <linux/once.h>
+#include <linux/sched/signal.h>
+#include <linux/io-64-nonatomic-lo-hi.h>
+
+#include "sssraid.h"
+#include "sssraid_debug.h"
+
+u32 admin_tmout = 60;
+module_param(admin_tmout, uint, 0644);
+MODULE_PARM_DESC(admin_tmout, "admin commands timeout (seconds)");
+
+static u32 scmd_tmout_rawdisk = 180;
+module_param(scmd_tmout_rawdisk, uint, 0644);
+MODULE_PARM_DESC(scmd_tmout_rawdisk, "scsi commands timeout for rawdisk(seconds)");
+
+static u32 scmd_tmout_vd = 180;
+module_param(scmd_tmout_vd, uint, 0644);
+MODULE_PARM_DESC(scmd_tmout_vd, "scsi commands timeout for vd(seconds)");
+
+static int ioq_depth_set(const char *val, const struct kernel_param *kp);
+static const struct kernel_param_ops ioq_depth_ops = {
+ .set = ioq_depth_set,
+ .get = param_get_uint,
+};
+
+u32 io_queue_depth = 1024;
+module_param_cb(io_queue_depth, &ioq_depth_ops, &io_queue_depth, 0644);
+MODULE_PARM_DESC(io_queue_depth, "set io queue depth, should >= 2");
+
+static int logging_level_set(const char *val, const struct kernel_param *kp)
+{
+ u8 n = 0;
+ int ret;
+
+ ret = kstrtou8(val, 10, &n);
+ if (ret != 0)
+ return -EINVAL;
+
+ return param_set_byte(val, kp);
+}
+
+static const struct kernel_param_ops logging_level_ops = {
+ .set = logging_level_set,
+ .get = param_get_byte,
+};
+
+static unsigned char logging_level;
+module_param_cb(logging_level, &logging_level_ops, &logging_level, 0644);
+MODULE_PARM_DESC(logging_level, "set log level, default zero for switch off");
+
+static int small_pool_num_set(const char *val, const struct kernel_param *kp)
+{
+ u8 n = 0;
+ int ret;
+
+ ret = kstrtou8(val, 10, &n);
+ if (ret != 0)
+ return -EINVAL;
+ if (n > MAX_SMALL_POOL_NUM)
+ n = MAX_SMALL_POOL_NUM;
+ if (n < 1)
+ n = 1;
+ *((u8 *)kp->arg) = n;
+
+ return 0;
+}
+
+static const struct kernel_param_ops small_pool_num_ops = {
+ .set = small_pool_num_set,
+ .get = param_get_byte,
+};
+
+/* Small pools are used to save PRP for small IOs.It was
+ * found that the spinlock of a single pool conflicts a
+ * lot with multiple CPUs.So multiple pools are introduced
+ * to reduce the conflictions.
+ */
+unsigned char small_pool_num = 4;
+module_param_cb(small_pool_num, &small_pool_num_ops, &small_pool_num, 0644);
+MODULE_PARM_DESC(small_pool_num, "set prp small pool num, default 4, MAX 16");
+
+//static struct class *sssraid_class;
+
+enum FW_STAT_CODE {
+ FW_STAT_OK = 0,
+ FW_STAT_NEED_CHECK,
+ FW_STAT_ERROR,
+ FW_STAT_EP_PCIE_ERROR,
+ FW_STAT_NAC_DMA_ERROR,
+ FW_STAT_ABORTED,
+ FW_STAT_NEED_RETRY
+};
+
+static const char * const raid_levels[] = {"0", "1", "5", "6", "10", "50", "60", "NA"};
+
+static const char * const raid_states[] = {
+ "NA", "NORMAL", "FAULT", "DEGRADE", "NOT_FORMATTED", "FORMATTING", "SANITIZING",
+ "INITIALIZING", "INITIALIZE_FAIL", "DELETING", "DELETE_FAIL", "WRITE_PROTECT"
+};
+
+static int ioq_depth_set(const char *val, const struct kernel_param *kp)
+{
+ int n = 0;
+ int ret;
+
+ ret = kstrtoint(val, 10, &n);
+ if (ret != 0 || n < 2)
+ return -EINVAL;
+
+ return param_set_int(val, kp);
+}
+
+/*
+ * common
+ */
+static struct class *sssraid_class;
+
+struct sssraid_fwevt *sssraid_alloc_fwevt(int len)
+{
+ struct sssraid_fwevt *fwevt;
+
+ fwevt = kzalloc(sizeof(*fwevt) + len, GFP_ATOMIC);
+ if (!fwevt)
+ return NULL;
+
+ kref_init(&fwevt->ref_count);
+ return fwevt;
+
+}
+
+static void sssraid_fwevt_free(struct kref *r)
+{
+ kfree(container_of(r, struct sssraid_fwevt, ref_count));
+}
+
+static void sssraid_fwevt_get(struct sssraid_fwevt *fwevt)
+{
+ kref_get(&fwevt->ref_count);
+}
+
+static void sssraid_fwevt_put(struct sssraid_fwevt *fwevt)
+{
+ kref_put(&fwevt->ref_count, sssraid_fwevt_free);
+}
+
+static void sssraid_fwevt_del_from_list(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt)
+{
+ unsigned long flags;
+
+ spin_lock_irqsave(&hdev->fwevt_lock, flags);
+ if (!list_empty(&fwevt->list)) {
+ list_del_init(&fwevt->list);
+ /*
+ * Put fwevt reference count after
+ * removing it from fwevt_list
+ */
+ sssraid_fwevt_put(fwevt);
+ }
+ spin_unlock_irqrestore(&hdev->fwevt_lock, flags);
+}
+
+static void sssraid_fwevt_bh(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt)
+{
+ struct sssraid_completion *cqe;
+
+ hdev->current_event = fwevt;
+ sssraid_fwevt_del_from_list(hdev, fwevt);
+
+ cqe = (struct sssraid_completion *)fwevt->event_data;
+
+ if (!fwevt->process_evt)
+ goto evt_ack;
+
+ sssraid_complete_aen(hdev, cqe);
+
+evt_ack:
+ /* event response put here: event has been handled. */
+ sssraid_send_event_ack(hdev, fwevt->event_id,
+ fwevt->evt_ctx, le16_to_cpu(cqe->cmd_id));
+ sssraid_fwevt_put(fwevt);
+ hdev->current_event = NULL;
+}
+
+static void sssraid_fwevt_worker(struct work_struct *work)
+{
+ struct sssraid_fwevt *fwevt = container_of(work, struct sssraid_fwevt,
+ work);
+ sssraid_fwevt_bh(fwevt->hdev, fwevt);
+ /*
+ * Put fwevt reference count after
+ * dequeuing it from worker queue
+ */
+ sssraid_fwevt_put(fwevt);
+}
+
+void sssraid_fwevt_add_to_list(struct sssraid_dev *hdev,
+ struct sssraid_fwevt *fwevt)
+{
+ unsigned long flags;
+
+ if (!hdev->fwevt_worker_thread)
+ return;
+
+ spin_lock_irqsave(&hdev->fwevt_lock, flags);
+ /* get fwevt reference count while adding it to fwevt_list */
+ sssraid_fwevt_get(fwevt);
+ INIT_LIST_HEAD(&fwevt->list);
+ list_add_tail(&fwevt->list, &hdev->fwevt_list);
+ INIT_WORK(&fwevt->work, sssraid_fwevt_worker);
+ /* get fwevt reference count while enqueueing it to worker queue */
+ sssraid_fwevt_get(fwevt);
+ queue_work(hdev->fwevt_worker_thread, &fwevt->work);
+ spin_unlock_irqrestore(&hdev->fwevt_lock, flags);
+}
+
+static struct sssraid_fwevt *sssraid_dequeue_fwevt(
+ struct sssraid_dev *hdev)
+{
+ unsigned long flags;
+ struct sssraid_fwevt *fwevt = NULL;
+
+ spin_lock_irqsave(&hdev->fwevt_lock, flags);
+ if (!list_empty(&hdev->fwevt_list)) {
+ fwevt = list_first_entry(&hdev->fwevt_list,
+ struct sssraid_fwevt, list);
+ list_del_init(&fwevt->list);
+ /*
+ * Put fwevt reference count after
+ * removing it from fwevt_list
+ */
+ sssraid_fwevt_put(fwevt);
+ }
+ spin_unlock_irqrestore(&hdev->fwevt_lock, flags);
+
+ return fwevt;
+}
+
+void sssraid_cleanup_fwevt_list(struct sssraid_dev *hdev)
+{
+ struct sssraid_fwevt *fwevt = NULL;
+
+ if ((list_empty(&hdev->fwevt_list) && !hdev->current_event) ||
+ !hdev->fwevt_worker_thread)
+ return;
+
+ while ((fwevt = sssraid_dequeue_fwevt(hdev)) ||
+ (fwevt = hdev->current_event)) {
+ /*
+ * Wait on the fwevt to complete. If this returns 1, then
+ * the event was never executed, and we need a put for the
+ * reference the work had on the fwevt.
+ *
+ * If it did execute, we wait for it to finish, and the put will
+ * happen from sssraid_process_fwevt()
+ */
+ if (cancel_work_sync(&fwevt->work)) {
+ /*
+ * Put fwevt reference count after
+ * dequeuing it from worker queue
+ */
+ sssraid_fwevt_put(fwevt);
+ /*
+ * Put fwevt reference count to neutralize
+ * kref_init increment
+ */
+ sssraid_fwevt_put(fwevt);
+ }
+ }
+}
+
+/*
+ * common 1
+ */
+static int sssraid_npages_prp(struct sssraid_dev *hdev)
+{
+ u32 size = 1U << ((hdev->ctrl_info->mdts) * 1U) << 12;
+ u32 nprps = DIV_ROUND_UP(size + hdev->page_size, hdev->page_size);
+
+ return DIV_ROUND_UP(PRP_ENTRY_SIZE * nprps, hdev->page_size - PRP_ENTRY_SIZE);
+}
+
+static int sssraid_npages_sgl(struct sssraid_dev *hdev)
+{
+ u32 nsge = le16_to_cpu(hdev->ctrl_info->max_num_sge);
+
+ return DIV_ROUND_UP(nsge * sizeof(struct sssraid_sgl_desc), hdev->page_size);
+}
+
+static u32 sssraid_cmd_size(struct sssraid_dev *hdev)
+{
+ u32 alloc_size = sizeof(__le64 *) * max(sssraid_npages_prp(hdev), sssraid_npages_sgl(hdev));
+
+ ioc_info(hdev, "iod size: %lu, alloc_size: %u\n",
+ sizeof(struct sssraid_iod), alloc_size);
+
+ return sizeof(struct sssraid_iod) + alloc_size;
+}
+
+static int sssraid_setup_prps(struct sssraid_dev *hdev, struct sssraid_iod *iod)
+{
+ struct scatterlist *sg = iod->sg;
+ u64 dma_addr = sg_dma_address(sg);
+ int dma_len = sg_dma_len(sg);
+ __le64 *prp_list, *old_prp_list;
+ int page_size = hdev->page_size;
+ int offset = dma_addr & (page_size - 1);
+ void **list = sssraid_iod_list(iod);
+ int length = iod->length;
+ struct dma_pool *pool;
+ dma_addr_t prp_dma;
+ int nprps, i;
+
+ length -= (page_size - offset);
+ if (length <= 0) {
+ iod->first_dma = 0;
+ return 0;
+ }
+
+ dma_len -= (page_size - offset);
+ if (dma_len) {
+ dma_addr += (page_size - offset);
+ } else {
+ sg = sg_next(sg);
+ dma_addr = sg_dma_address(sg);
+ dma_len = sg_dma_len(sg);
+ }
+
+ if (length <= page_size) {
+ iod->first_dma = dma_addr;
+ return 0;
+ }
+
+ nprps = DIV_ROUND_UP(length, page_size);
+ if (nprps <= (SMALL_POOL_SIZE / PRP_ENTRY_SIZE)) {
+ pool = iod->sqinfo->prp_small_pool;
+ iod->npages = 0;
+ } else {
+ pool = hdev->prp_page_pool;
+ iod->npages = 1;
+ }
+
+ prp_list = dma_pool_alloc(pool, GFP_ATOMIC, &prp_dma);
+ if (!prp_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate first prp_list memory failed\n");
+ iod->first_dma = dma_addr;
+ iod->npages = -1;
+ return -ENOMEM;
+ }
+ list[0] = prp_list;
+ iod->first_dma = prp_dma;
+ i = 0;
+ for (;;) {
+ if (i == page_size / PRP_ENTRY_SIZE) {
+ old_prp_list = prp_list;
+
+ prp_list = dma_pool_alloc(pool, GFP_ATOMIC, &prp_dma);
+ if (!prp_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate %dth prp_list memory failed\n",
+ iod->npages + 1);
+ return -ENOMEM;
+ }
+ list[iod->npages++] = prp_list;
+ prp_list[0] = old_prp_list[i - 1];
+ old_prp_list[i - 1] = cpu_to_le64(prp_dma);
+ i = 1;
+ }
+ prp_list[i++] = cpu_to_le64(dma_addr);
+ dma_len -= page_size;
+ dma_addr += page_size;
+ length -= page_size;
+ if (length <= 0)
+ break;
+ if (dma_len > 0)
+ continue;
+ if (unlikely(dma_len < 0))
+ goto bad_sgl;
+ sg = sg_next(sg);
+ dma_addr = sg_dma_address(sg);
+ dma_len = sg_dma_len(sg);
+ }
+
+ return 0;
+
+bad_sgl:
+ ioc_err(hdev, "Setup prps, invalid SGL for payload: %d nents: %d\n",
+ iod->length, iod->nsge);
+ return -EIO;
+}
+
+static inline bool sssraid_is_rw_scmd(struct scsi_cmnd *scmd)
+{
+ switch (scmd->cmnd[0]) {
+ case READ_6:
+ case READ_10:
+ case READ_12:
+ case READ_16:
+ case WRITE_6:
+ case WRITE_10:
+ case WRITE_12:
+ case WRITE_16:
+ return true;
+ default:
+ return false;
+ }
+}
+
+static bool sssraid_is_prp(struct sssraid_dev *hdev, struct scsi_cmnd *scmd, u32 nsge)
+{
+ struct scatterlist *sg = scsi_sglist(scmd);
+ u32 page_mask = hdev->page_size - 1;
+ bool is_prp = true;
+ int i = 0;
+
+ scsi_for_each_sg(scmd, sg, nsge, i) {
+ if (i != 0 && i != nsge - 1) {
+ if ((sg_dma_len(sg) & page_mask) ||
+ (sg_dma_address(sg) & page_mask)) {
+ is_prp = false;
+ break;
+ }
+ }
+
+ if (nsge > 1 && i == 0) {
+ if ((sg_dma_address(sg) + sg_dma_len(sg)) & page_mask) {
+ is_prp = false;
+ break;
+ }
+ }
+
+ if (nsge > 1 && i == (nsge - 1)) {
+ if (sg_dma_address(sg) & page_mask) {
+ is_prp = false;
+ break;
+ }
+ }
+ }
+
+ return is_prp;
+}
+
+static void sssraid_sgl_set_data(struct sssraid_sgl_desc *sge, struct scatterlist *sg)
+{
+ sge->addr = cpu_to_le64(sg_dma_address(sg));
+ sge->length = cpu_to_le32(sg_dma_len(sg));
+ sge->type = SSSRAID_SGL_FMT_DATA_DESC << 4;
+}
+
+static void sssraid_sgl_set_seg(struct sssraid_sgl_desc *sge, dma_addr_t dma_addr, int entries)
+{
+ sge->addr = cpu_to_le64(dma_addr);
+ if (entries <= SGES_PER_PAGE) {
+ sge->length = cpu_to_le32(entries * sizeof(*sge));
+ sge->type = SSSRAID_SGL_FMT_LAST_SEG_DESC << 4;
+ } else {
+ sge->length = cpu_to_le32(PAGE_SIZE);
+ sge->type = SSSRAID_SGL_FMT_SEG_DESC << 4;
+ }
+}
+
+
+static int sssraid_setup_ioq_cmd_sgl(struct sssraid_dev *hdev,
+ struct scsi_cmnd *scmd, struct sssraid_ioq_command *ioq_cmd,
+ struct sssraid_iod *iod)
+{
+ struct sssraid_sgl_desc *sg_list, *link, *old_sg_list;
+ struct scatterlist *sg = scsi_sglist(scmd);
+ void **list = sssraid_iod_list(iod);
+ struct dma_pool *pool;
+ int nsge = iod->nsge;
+ dma_addr_t sgl_dma;
+ int i = 0;
+
+ ioq_cmd->common.flags |= SSSRAID_CMD_FLAG_SGL_METABUF;
+
+ if (nsge == 1) {
+ sssraid_sgl_set_data(&ioq_cmd->common.dptr.sgl, sg);
+ return 0;
+ }
+
+ if (nsge <= (SMALL_POOL_SIZE / sizeof(struct sssraid_sgl_desc))) {
+ pool = iod->sqinfo->prp_small_pool;
+ iod->npages = 0;
+ } else {
+ pool = hdev->prp_page_pool;
+ iod->npages = 1;
+ }
+
+ sg_list = dma_pool_alloc(pool, GFP_ATOMIC, &sgl_dma);
+ if (!sg_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate first sgl_list failed\n");
+ iod->npages = -1;
+ return -ENOMEM;
+ }
+
+ list[0] = sg_list;
+ iod->first_dma = sgl_dma;
+ sssraid_sgl_set_seg(&ioq_cmd->common.dptr.sgl, sgl_dma, nsge);
+ do {
+ if (i == SGES_PER_PAGE) {
+ old_sg_list = sg_list;
+ link = &old_sg_list[SGES_PER_PAGE - 1];
+
+ sg_list = dma_pool_alloc(pool, GFP_ATOMIC, &sgl_dma);
+ if (!sg_list) {
+ dev_err_ratelimited(&hdev->pdev->dev, "Allocate %dth sgl_list failed\n",
+ iod->npages + 1);
+ return -ENOMEM;
+ }
+ list[iod->npages++] = sg_list;
+
+ i = 0;
+ memcpy(&sg_list[i++], link, sizeof(*link));
+ sssraid_sgl_set_seg(link, sgl_dma, nsge);
+ }
+
+ sssraid_sgl_set_data(&sg_list[i++], sg);
+ sg = sg_next(sg);
+ } while (--nsge > 0);
+
+ return 0;
+}
+
+static void sssraid_shost_init(struct sssraid_dev *hdev)
+{
+ struct pci_dev *pdev = hdev->pdev;
+ u8 domain, bus;
+ u32 dev_func;
+
+ domain = pci_domain_nr(pdev->bus);
+ bus = pdev->bus->number;
+ dev_func = pdev->devfn;
+
+ hdev->shost->nr_hw_queues = hdev->init_done_queue_cnt - 1;
+ hdev->shost->can_queue = (hdev->ioq_depth - SSSRAID_PTCMDS_PERQ);
+
+ hdev->shost->sg_tablesize = le16_to_cpu(hdev->ctrl_info->max_num_sge);
+ /* 512B per sector */
+ hdev->shost->max_sectors = (1U << ((hdev->ctrl_info->mdts) * 1U) << 12) / 512;
+ hdev->shost->cmd_per_lun = MAX_CMD_PER_DEV;
+ hdev->shost->max_channel = le16_to_cpu(hdev->ctrl_info->max_channel) - 1;
+ hdev->shost->max_id = le32_to_cpu(hdev->ctrl_info->max_tgt_id);
+ hdev->shost->max_lun = le16_to_cpu(hdev->ctrl_info->max_lun);
+
+ hdev->shost->this_id = -1;
+ hdev->shost->unique_id = (domain << 16) | (bus << 8) | dev_func;
+ hdev->shost->max_cmd_len = MAX_CDB_LEN;
+ hdev->shost->hostt->cmd_size = sssraid_cmd_size(hdev);
+}
+
+static inline void sssraid_get_tag_from_scmd(struct scsi_cmnd *scmd, u16 *qidx, u16 *cid)
+{
+ u32 tag = blk_mq_unique_tag(scmd->request);
+
+ *qidx = blk_mq_unique_tag_to_hwq(tag) + 1;
+ *cid = blk_mq_unique_tag_to_tag(tag);
+}
+
+static inline uint32_t get_unaligned_be24(const uint8_t *const p)
+{
+ return get_unaligned_be32(p - 1) & 0xffffffU;
+}
+
+static int sssraid_setup_rw_cmd(struct sssraid_dev *hdev,
+ struct sssraid_rw_command *rw,
+ struct scsi_cmnd *scmd)
+{
+ u32 start_lba_lo, start_lba_hi;
+ u32 datalength = 0;
+ u16 control = 0;
+
+ start_lba_lo = 0;
+ start_lba_hi = 0;
+
+ if (scmd->sc_data_direction == DMA_TO_DEVICE) {
+ rw->opcode = SSSRAID_CMD_WRITE;
+ } else if (scmd->sc_data_direction == DMA_FROM_DEVICE) {
+ rw->opcode = SSSRAID_CMD_READ;
+ } else {
+ ioc_err(hdev, "Invalid RW_IO for unsupported data direction: %d\n",
+ scmd->sc_data_direction);
+ WARN_ON(1);
+ return -EINVAL;
+ }
+
+ /* 6-byte READ(0x08) or WRITE(0x0A) cdb */
+ if (scmd->cmd_len == 6) {
+ datalength = (u32)(scmd->cmnd[4] == 0 ?
+ IO_6_DEFAULT_TX_LEN : scmd->cmnd[4]);
+ start_lba_lo = (u32)get_unaligned_be24(&scmd->cmnd[1]);
+
+ start_lba_lo &= 0x1FFFFF;
+ }
+
+ /* 10-byte READ(0x28) or WRITE(0x2A) cdb */
+ else if (scmd->cmd_len == 10) {
+ datalength = (u32)get_unaligned_be16(&scmd->cmnd[7]);
+ start_lba_lo = get_unaligned_be32(&scmd->cmnd[2]);
+
+ if (scmd->cmnd[1] & FUA_MASK)
+ control |= SSSRAID_RW_FUA;
+ }
+
+ /* 12-byte READ(0xA8) or WRITE(0xAA) cdb */
+ else if (scmd->cmd_len == 12) {
+ datalength = get_unaligned_be32(&scmd->cmnd[6]);
+ start_lba_lo = get_unaligned_be32(&scmd->cmnd[2]);
+
+ if (scmd->cmnd[1] & FUA_MASK)
+ control |= SSSRAID_RW_FUA;
+ }
+ /* 16-byte READ(0x88) or WRITE(0x8A) cdb */
+ else if (scmd->cmd_len == 16) {
+ datalength = get_unaligned_be32(&scmd->cmnd[10]);
+ start_lba_lo = get_unaligned_be32(&scmd->cmnd[6]);
+ start_lba_hi = get_unaligned_be32(&scmd->cmnd[2]);
+
+ if (scmd->cmnd[1] & FUA_MASK)
+ control |= SSSRAID_RW_FUA;
+ }
+
+ if (unlikely(datalength > U16_MAX || datalength == 0)) {
+ ioc_err(hdev, "Invalid IO for illegal transfer data length: %u\n", datalength);
+ WARN_ON(1);
+ return -EINVAL;
+ }
+
+ rw->slba = cpu_to_le64(((u64)start_lba_hi << 32) | start_lba_lo);
+ /* 0base for nlb */
+ rw->nlb = cpu_to_le16((u16)(datalength - 1));
+ rw->control = cpu_to_le16(control);
+
+ return 0;
+}
+
+static int sssraid_setup_nonio_cmd(struct sssraid_dev *hdev,
+ struct sssraid_scsi_nonio *scsi_nonio, struct scsi_cmnd *scmd)
+{
+ scsi_nonio->buffer_len = cpu_to_le32(scsi_bufflen(scmd));
+
+ switch (scmd->sc_data_direction) {
+ case DMA_NONE:
+ scsi_nonio->opcode = SSSRAID_CMD_NONIO_NONE;
+ break;
+ case DMA_TO_DEVICE:
+ scsi_nonio->opcode = SSSRAID_CMD_NONIO_TODEV;
+ break;
+ case DMA_FROM_DEVICE:
+ scsi_nonio->opcode = SSSRAID_CMD_NONIO_FROMDEV;
+ break;
+ default:
+ ioc_err(hdev, "Invalid NON_IO for unsupported data direction: %d\n",
+ scmd->sc_data_direction);
+ WARN_ON(1);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
+static int sssraid_setup_ioq_cmd(struct sssraid_dev *hdev,
+ struct sssraid_ioq_command *ioq_cmd, struct scsi_cmnd *scmd)
+{
+ memcpy(ioq_cmd->common.cdb, scmd->cmnd, scmd->cmd_len);
+ ioq_cmd->common.cdb_len = scmd->cmd_len;
+
+ if (sssraid_is_rw_scmd(scmd))
+ return sssraid_setup_rw_cmd(hdev, &ioq_cmd->rw, scmd);
+ else
+ return sssraid_setup_nonio_cmd(hdev, &ioq_cmd->scsi_nonio, scmd);
+}
+
+static inline void sssraid_init_iod(struct sssraid_iod *iod)
+{
+ iod->nsge = 0;
+ iod->npages = -1;
+ iod->use_sgl = false;
+ WRITE_ONCE(iod->state, SSSRAID_CMD_IDLE);
+}
+
+int sssraid_io_map_data(struct sssraid_dev *hdev, struct sssraid_iod *iod,
+ struct scsi_cmnd *scmd, struct sssraid_ioq_command *ioq_cmd)
+{
+ int retval;
+
+ retval = scsi_dma_map(scmd);
+ if (unlikely(retval < 0))
+ return retval;
+ iod->nsge = retval;
+ /* No data to DMA, it may be scsi no-rw command */
+ if (unlikely(iod->nsge == 0))
+ return 0;
+
+ iod->length = scsi_bufflen(scmd);
+ iod->sg = scsi_sglist(scmd);
+ iod->use_sgl = !sssraid_is_prp(hdev, scmd, iod->nsge);
+
+ if (iod->use_sgl) {
+ retval = sssraid_setup_ioq_cmd_sgl(hdev, scmd, ioq_cmd, iod);
+ } else {
+ retval = sssraid_setup_prps(hdev, iod);
+ ioq_cmd->common.dptr.prp1 =
+ cpu_to_le64(sg_dma_address(iod->sg));
+ ioq_cmd->common.dptr.prp2 = cpu_to_le64(iod->first_dma);
+ }
+
+ if (retval)
+ scsi_dma_unmap(scmd);
+
+ return retval;
+}
+
+void sssraid_map_status(struct sssraid_iod *iod, struct scsi_cmnd *scmd,
+ struct sssraid_completion *cqe)
+{
+ struct sssraid_dev *hdev = iod->sqinfo->hdev;
+
+ scsi_set_resid(scmd, 0);
+
+ switch ((le16_to_cpu(cqe->status) >> 1) & 0x7f) {
+ case FW_STAT_OK:
+ set_host_byte(scmd, DID_OK);
+ break;
+ case FW_STAT_NEED_CHECK:
+ set_host_byte(scmd, DID_OK);
+ scmd->result |= le16_to_cpu(cqe->status) >> 8;
+ if (scmd->result & SAM_STAT_CHECK_CONDITION) {
+ memset(scmd->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
+ memcpy(scmd->sense_buffer, iod->sense, SCSI_SENSE_BUFFERSIZE);
+ scmd->result = (scmd->result & 0x00ffffff) | (DRIVER_SENSE << 24);
+ }
+ break;
+ case FW_STAT_ABORTED:
+ set_host_byte(scmd, DID_ABORT);
+ break;
+ case FW_STAT_NEED_RETRY:
+ set_host_byte(scmd, DID_REQUEUE);
+ break;
+ default:
+ set_host_byte(scmd, DID_BAD_TARGET);
+ ioc_warn(hdev, "cid[%d] qid[%d] bad status[0x%x]\n",
+ le16_to_cpu(cqe->cmd_id), le16_to_cpu(cqe->sq_id),
+ le16_to_cpu(cqe->status));
+ break;
+ }
+}
+
+
+struct sssraid_cmd *sssraid_get_cmd(struct sssraid_dev *hdev, enum sssraid_cmd_type type)
+{
+ struct sssraid_cmd *cmd = NULL;
+ unsigned long flags;
+ struct list_head *head = &hdev->adm_cmd_list;
+ spinlock_t *slock = &hdev->adm_cmd_lock;
+
+ if (type == SSSRAID_CMD_IOPT) {
+ head = &hdev->ioq_pt_list;
+ slock = &hdev->ioq_pt_lock;
+ }
+
+ spin_lock_irqsave(slock, flags);
+ if (list_empty(head)) {
+ spin_unlock_irqrestore(slock, flags);
+ ioc_err(hdev, "err, cmd[%d] list empty\n", type);
+ return NULL;
+ }
+ cmd = list_entry(head->next, struct sssraid_cmd, list);
+ list_del_init(&cmd->list);
+ spin_unlock_irqrestore(slock, flags);
+
+ WRITE_ONCE(cmd->state, SSSRAID_CMD_IN_FLIGHT);
+
+ return cmd;
+}
+
+static int sssraid_add_device(struct sssraid_dev *hdev, struct sssraid_dev_info *device)
+{
+ struct Scsi_Host *shost = hdev->shost;
+ struct scsi_device *sdev;
+
+ ioc_info(hdev, "add device, hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ le32_to_cpu(device->hdid), le16_to_cpu(device->target),
+ device->channel, device->lun, device->attr);
+
+ sdev = scsi_device_lookup(shost, device->channel, le16_to_cpu(device->target), 0);
+ if (sdev) {
+ ioc_warn(hdev, "Device is already exist, channel: %d, target_id: %d, lun: %d\n",
+ device->channel, le16_to_cpu(device->target), 0);
+ scsi_device_put(sdev);
+ return -EEXIST;
+ }
+ scsi_add_device(shost, device->channel, le16_to_cpu(device->target), 0);
+ return 0;
+}
+
+static int sssraid_rescan_device(struct sssraid_dev *hdev, struct sssraid_dev_info *device)
+{
+ struct Scsi_Host *shost = hdev->shost;
+ struct scsi_device *sdev;
+
+ ioc_info(hdev, "rescan device, hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ le32_to_cpu(device->hdid), le16_to_cpu(device->target),
+ device->channel, device->lun, device->attr);
+
+ sdev = scsi_device_lookup(shost, device->channel, le16_to_cpu(device->target), 0);
+ if (!sdev) {
+ ioc_warn(hdev, "device is not exit rescan it, channel: %d, target_id: %d, lun: %d\n",
+ device->channel, le16_to_cpu(device->target), 0);
+ return -ENODEV;
+ }
+
+ scsi_rescan_device(&sdev->sdev_gendev);
+ scsi_device_put(sdev);
+ return 0;
+}
+
+static int sssraid_remove_device(struct sssraid_dev *hdev, struct sssraid_dev_info *org_device)
+{
+ struct Scsi_Host *shost = hdev->shost;
+ struct scsi_device *sdev;
+
+ ioc_info(hdev, "remove device, hdid: %u target: %d, channel: %d, lun: %d, attr[0x%x]\n",
+ le32_to_cpu(org_device->hdid), le16_to_cpu(org_device->target),
+ org_device->channel, org_device->lun, org_device->attr);
+
+ sdev = scsi_device_lookup(shost, org_device->channel, le16_to_cpu(org_device->target), 0);
+ if (!sdev) {
+ ioc_warn(hdev, "device is not exit remove it, channel: %d, target_id: %d, lun: %d\n",
+ org_device->channel, le16_to_cpu(org_device->target), 0);
+ return -ENODEV;
+ }
+
+ scsi_remove_device(sdev);
+ scsi_device_put(sdev);
+ return 0;
+}
+
+static int luntarget_cmp_func(const void *l, const void *r)
+{
+ const struct sssraid_dev_info *ln = l;
+ const struct sssraid_dev_info *rn = r;
+ int l_attr = SSSRAID_DEV_INFO_ATTR_BOOT(ln->attr);
+ int r_attr = SSSRAID_DEV_INFO_ATTR_BOOT(rn->attr);
+
+ /* boot first */
+ if (l_attr != r_attr)
+ return (r_attr - l_attr);
+
+ if (ln->channel == rn->channel)
+ return le16_to_cpu(ln->target) - le16_to_cpu(rn->target);
+
+ return ln->channel - rn->channel;
+}
+
+void sssraid_scan_disk(struct sssraid_dev *hdev)
+{
+ struct sssraid_dev_info *devices, *org_devices;
+ struct sssraid_dev_info *sortdevice;
+ u32 nd = le32_to_cpu(hdev->ctrl_info->nd);
+ u8 flag, org_flag;
+ int i, ret;
+ int count = 0;
+
+ devices = kcalloc(nd, sizeof(struct sssraid_dev_info), GFP_KERNEL);
+ if (!devices)
+ return;
+
+ sortdevice = kcalloc(nd, sizeof(struct sssraid_dev_info), GFP_KERNEL);
+ if (!sortdevice)
+ goto free_list;
+
+ ret = sssraid_get_dev_list(hdev, devices);
+ if (ret)
+ goto free_all;
+ org_devices = hdev->devices;
+ for (i = 0; i < nd; i++) {
+ org_flag = org_devices[i].flag;
+ flag = devices[i].flag;
+
+ dbgprint(hdev, "i: %d, org_flag: 0x%x, flag: 0x%x\n", i, org_flag, flag);
+
+ if (SSSRAID_DEV_INFO_FLAG_VALID(flag)) {
+ if (!SSSRAID_DEV_INFO_FLAG_VALID(org_flag)) {
+ down_write(&hdev->devices_rwsem);
+ memcpy(&org_devices[i], &devices[i],
+ sizeof(struct sssraid_dev_info));
+ memcpy(&sortdevice[count++], &devices[i],
+ sizeof(struct sssraid_dev_info));
+ up_write(&hdev->devices_rwsem);
+ } else if (SSSRAID_DEV_INFO_FLAG_CHANGE(flag)) {
+ sssraid_rescan_device(hdev, &devices[i]);
+ }
+ } else {
+ if (SSSRAID_DEV_INFO_FLAG_VALID(org_flag)) {
+ down_write(&hdev->devices_rwsem);
+ org_devices[i].flag &= 0xfe;
+ up_write(&hdev->devices_rwsem);
+ sssraid_remove_device(hdev, &org_devices[i]);
+ }
+ }
+ }
+
+ ioc_info(hdev, "scan work add device count = %d\n", count);
+
+ sort(sortdevice, count, sizeof(sortdevice[0]), luntarget_cmp_func, NULL);
+
+ for (i = 0; i < count; i++)
+ sssraid_add_device(hdev, &sortdevice[i]);
+
+free_all:
+ kfree(sortdevice);
+free_list:
+ kfree(devices);
+}
+
+static int sssraid_wait_abnl_cmd_done(struct sssraid_iod *iod)
+{
+ u16 times = 0;
+
+ do {
+ if (READ_ONCE(iod->state) == SSSRAID_CMD_TMO_COMPLETE)
+ break;
+ msleep(500);
+ times++;
+ } while (times <= SSSRAID_WAIT_ABNL_CMD_TIMEOUT);
+
+ /* wait command completion timeout after abort/reset success */
+ if (times >= SSSRAID_WAIT_ABNL_CMD_TIMEOUT)
+ return -ETIMEDOUT;
+
+ return 0;
+}
+
+static bool sssraid_check_scmd_completed(struct scsi_cmnd *scmd)
+{
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_squeue *sqinfo;
+ u16 hwq, cid;
+
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+ sqinfo = &hdev->sqinfo[hwq];
+ if (READ_ONCE(iod->state) == SSSRAID_CMD_COMPLETE || sssraid_poll_cq(hdev, hwq, cid)) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] has been completed\n",
+ cid, sqinfo->qidx);
+ return true;
+ }
+ return false;
+}
+
+static int sssraid_scsi_reset(struct scsi_cmnd *scmd, enum sssraid_scsi_rst_type rst)
+{
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_sdev_hostdata *hostdata;
+ u16 hwq, cid;
+ int ret;
+
+ scsi_print_command(scmd);
+
+ if (hdev->state != SSSRAID_LIVE || !sssraid_wait_abnl_cmd_done(iod) ||
+ sssraid_check_scmd_completed(scmd))
+ return SUCCESS;
+
+ hostdata = scmd->device->hostdata;
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] timeout, %s reset\n", cid, hwq,
+ rst ? "bus" : "target");
+ ret = sssraid_send_reset_cmd(hdev, rst, hostdata->hdid);
+ if (ret == 0) {
+ ret = sssraid_wait_abnl_cmd_done(iod);
+ if (ret) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] %s reset failed, not found\n",
+ cid, hwq, rst ? "bus" : "target");
+ return FAILED;
+ }
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] %s reset success\n", cid, hwq,
+ rst ? "bus" : "target");
+ return SUCCESS;
+ }
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] ret[%d] %s reset failed\n", cid, hwq, ret,
+ rst ? "bus" : "target");
+ return FAILED;
+}
+
+bool sssraid_change_host_state(struct sssraid_dev *hdev, enum sssraid_state newstate)
+{
+ unsigned long flags;
+ enum sssraid_state oldstate;
+ bool change = false;
+
+ spin_lock_irqsave(&hdev->state_lock, flags);
+
+ oldstate = hdev->state;
+ switch (newstate) {
+ case SSSRAID_LIVE:
+ switch (oldstate) {
+ case SSSRAID_NEW:
+ case SSSRAID_RESETTING:
+ change = true;
+ break;
+ default:
+ break;
+ }
+ break;
+ case SSSRAID_RESETTING:
+ switch (oldstate) {
+ case SSSRAID_LIVE:
+ change = true;
+ break;
+ default:
+ break;
+ }
+ break;
+ case SSSRAID_DELETING:
+ if (oldstate != SSSRAID_DELETING)
+ change = true;
+ break;
+ case SSSRAID_DEAD:
+ switch (oldstate) {
+ case SSSRAID_NEW:
+ case SSSRAID_LIVE:
+ case SSSRAID_RESETTING:
+ change = true;
+ break;
+ default:
+ break;
+ }
+ break;
+ default:
+ break;
+ }
+ if (change)
+ hdev->state = newstate;
+ spin_unlock_irqrestore(&hdev->state_lock, flags);
+
+ ioc_info(hdev, "[%d]->[%d], change[%d]\n", oldstate, newstate, change);
+
+ return change;
+}
+
+static int sssraid_get_qd_by_disk(u8 attr)
+{
+ switch (SSSRAID_DEV_DISK_TYPE(attr)) {
+ case SSSRAID_SAS_HDD_VD:
+ case SSSRAID_SATA_HDD_VD:
+ return SSSRAID_HDD_VD_QD;
+ case SSSRAID_SAS_SSD_VD:
+ case SSSRAID_SATA_SSD_VD:
+ case SSSRAID_NVME_SSD_VD:
+ return SSSRAID_SSD_VD_QD;
+ case SSSRAID_SAS_HDD_PD:
+ case SSSRAID_SATA_HDD_PD:
+ return SSSRAID_HDD_PD_QD;
+ case SSSRAID_SAS_SSD_PD:
+ case SSSRAID_SATA_SSD_PD:
+ case SSSRAID_NVME_SSD_PD:
+ return SSSRAID_SSD_PD_QD;
+ default:
+ return MAX_CMD_PER_DEV;
+ }
+}
+
+static int sssraid_match_dev(struct sssraid_dev *hdev, u16 idx, struct scsi_device *sdev)
+{
+ if (SSSRAID_DEV_INFO_FLAG_VALID(hdev->devices[idx].flag)) {
+ if (sdev->channel == hdev->devices[idx].channel &&
+ sdev->id == le16_to_cpu(hdev->devices[idx].target) &&
+ sdev->lun < hdev->devices[idx].lun) {
+ ioc_info(hdev, "Match device success, channel:target:lun[%d:%d:%d]\n",
+ hdev->devices[idx].channel,
+ hdev->devices[idx].target,
+ hdev->devices[idx].lun);
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+static int sssraid_bsg_map_data(struct sssraid_dev *hdev, struct bsg_job *job,
+ struct sssraid_admin_command *cmd)
+{
+ struct request *rq = blk_mq_rq_from_pdu(job);
+ struct sssraid_iod *iod = job->dd_data;
+ enum dma_data_direction dma_dir = rq_data_dir(rq) ? DMA_TO_DEVICE : DMA_FROM_DEVICE;
+ int ret = 0;
+
+ iod->sg = job->request_payload.sg_list;
+ iod->nsge = job->request_payload.sg_cnt;
+ iod->length = job->request_payload.payload_len;
+ iod->use_sgl = false;
+ iod->npages = -1;
+
+ if (!iod->nsge)
+ goto out;
+
+ ret = dma_map_sg_attrs(&hdev->pdev->dev, iod->sg, iod->nsge, dma_dir, DMA_ATTR_NO_WARN);
+ if (!ret)
+ goto out;
+
+ ret = sssraid_setup_prps(hdev, iod);
+ if (ret)
+ goto unmap;
+
+ cmd->common.dptr.prp1 = cpu_to_le64(sg_dma_address(iod->sg));
+ cmd->common.dptr.prp2 = cpu_to_le64(iod->first_dma);
+
+ return 0;
+
+unmap:
+ dma_unmap_sg(&hdev->pdev->dev, iod->sg, iod->nsge, dma_dir);
+out:
+ return ret;
+}
+
+static void sssraid_bsg_unmap_data(struct sssraid_dev *hdev, struct bsg_job *job)
+{
+ struct request *rq = blk_mq_rq_from_pdu(job);
+ struct sssraid_iod *iod = job->dd_data;
+ enum dma_data_direction dma_dir = rq_data_dir(rq) ? DMA_TO_DEVICE : DMA_FROM_DEVICE;
+
+ if (iod->nsge)
+ dma_unmap_sg(&hdev->pdev->dev, iod->sg, iod->nsge, dma_dir);
+
+ sssraid_free_iod_res(hdev, iod);
+}
+
+void sssraid_put_cmd(struct sssraid_dev *hdev, struct sssraid_cmd *cmd,
+ enum sssraid_cmd_type type)
+{
+ unsigned long flags;
+ struct list_head *head = &hdev->adm_cmd_list;
+ spinlock_t *slock = &hdev->adm_cmd_lock;
+
+ if (type == SSSRAID_CMD_IOPT) {
+ head = &hdev->ioq_pt_list;
+ slock = &hdev->ioq_pt_lock;
+ }
+
+ spin_lock_irqsave(slock, flags);
+ WRITE_ONCE(cmd->state, SSSRAID_CMD_IDLE);
+ list_add_tail(&cmd->list, head);
+ spin_unlock_irqrestore(slock, flags);
+}
+
+static int sssraid_user_admin_cmd(struct sssraid_dev *hdev, struct bsg_job *job)
+{
+ struct sssraid_bsg_request *bsg_req = job->request;
+ struct sssraid_passthru_common_cmd *cmd = &(bsg_req->admcmd);
+ struct sssraid_admin_command admin_cmd;
+ u32 timeout = msecs_to_jiffies(cmd->timeout_ms);
+ u32 result[2] = {0};
+ int status;
+
+ if (hdev->state >= SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host state:[%d] is not right\n",
+ hdev->state);
+ return -EBUSY;
+ }
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.common.opcode = cmd->opcode;
+ admin_cmd.common.flags = cmd->flags;
+ admin_cmd.common.hdid = cpu_to_le32(cmd->nsid);
+ admin_cmd.common.cdw2[0] = cpu_to_le32(cmd->cdw2);
+ admin_cmd.common.cdw2[1] = cpu_to_le32(cmd->cdw3);
+ admin_cmd.common.cdw10 = cpu_to_le32(cmd->cdw10);
+ admin_cmd.common.cdw11 = cpu_to_le32(cmd->cdw11);
+ admin_cmd.common.cdw12 = cpu_to_le32(cmd->cdw12);
+ admin_cmd.common.cdw13 = cpu_to_le32(cmd->cdw13);
+ admin_cmd.common.cdw14 = cpu_to_le32(cmd->cdw14);
+ admin_cmd.common.cdw15 = cpu_to_le32(cmd->cdw15);
+
+ status = sssraid_bsg_map_data(hdev, job, &admin_cmd);
+ if (status) {
+ ioc_err(hdev, "err, map data failed\n");
+ return status;
+ }
+
+ status = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, &result[0], &result[1], timeout);
+ if (status >= 0) {
+ job->reply_len = sizeof(result);
+ memcpy(job->reply, result, sizeof(result));
+ }
+
+ if (status)
+ ioc_info(hdev, "opcode[0x%x] subopcode[0x%x], status[0x%x] result0[0x%x] result1[0x%x]\n",
+ cmd->opcode, cmd->info_0.subopcode, status, result[0], result[1]);
+
+ sssraid_bsg_unmap_data(hdev, job);
+
+ return status;
+}
+
+static int sssraid_submit_ioq_sync_cmd(struct sssraid_dev *hdev, struct sssraid_ioq_command *cmd,
+ u32 *result, u32 *reslen, u32 timeout)
+{
+ int ret;
+ dma_addr_t sense_dma;
+ struct sssraid_squeue *sqinfo;
+ void *sense_addr = NULL;
+ struct sssraid_cmd *pt_cmd = sssraid_get_cmd(hdev, SSSRAID_CMD_IOPT);
+
+ if (!pt_cmd) {
+ ioc_err(hdev, "err, get sqinfo cmd failed\n");
+ return -EFAULT;
+ }
+
+ timeout = timeout ? timeout : ADMIN_TIMEOUT;
+
+ init_completion(&pt_cmd->cmd_done);
+
+ sqinfo = &hdev->sqinfo[pt_cmd->qid];
+ ret = pt_cmd->cid * SCSI_SENSE_BUFFERSIZE;
+ sense_addr = sqinfo->sense + ret;
+ sense_dma = sqinfo->sense_dma_addr + ret;
+
+ cmd->common.sense_addr = cpu_to_le64(sense_dma);
+ cmd->common.sense_len = cpu_to_le16(SCSI_SENSE_BUFFERSIZE);
+ cmd->common.command_id = cpu_to_le16(pt_cmd->cid);
+
+ sssraid_submit_cmd(sqinfo, cmd);
+
+ if (!wait_for_completion_timeout(&pt_cmd->cmd_done, timeout)) {
+ ioc_err(hdev, "cid[%d] qid[%d] timeout, opcode[0x%x] subopcode[0x%x]\n",
+ pt_cmd->cid, pt_cmd->qid, cmd->common.opcode,
+ (le32_to_cpu(cmd->common.cdw3[0]) & 0xffff));
+
+ /* reset controller if admin timeout */
+ sssraid_adm_timeout(hdev, pt_cmd);
+
+ sssraid_put_cmd(hdev, pt_cmd, SSSRAID_CMD_IOPT);
+ return -ETIME;
+ }
+
+ if (result && reslen) {
+ if ((pt_cmd->status & 0x17f) == 0x101) {
+ memcpy(result, sense_addr, SCSI_SENSE_BUFFERSIZE);
+ *reslen = SCSI_SENSE_BUFFERSIZE;
+ }
+ }
+
+ sssraid_put_cmd(hdev, pt_cmd, SSSRAID_CMD_IOPT);
+
+ return pt_cmd->status;
+}
+
+static int sssraid_user_ioq_cmd(struct sssraid_dev *hdev, struct bsg_job *job)
+{
+ struct sssraid_bsg_request *bsg_req = (struct sssraid_bsg_request *)(job->request);
+ struct sssraid_ioq_passthru_cmd *cmd = &(bsg_req->ioqcmd);
+ struct sssraid_ioq_command ioq_cmd;
+ int status = 0;
+ u32 timeout = msecs_to_jiffies(cmd->timeout_ms);
+
+ if (cmd->data_len > IOQ_PT_DATA_LEN) {
+ ioc_err(hdev, "data len bigger than 4k\n");
+ return -EFAULT;
+ }
+
+ if (hdev->state != SSSRAID_LIVE) {
+ ioc_err(hdev, "err, host state:[%d] is not live\n",
+ hdev->state);
+ return -EBUSY;
+ }
+
+ ioc_info(hdev, "opcode[0x%x] subopcode[0x%x] init, datalen[%d]\n",
+ cmd->opcode, cmd->info_1.subopcode, cmd->data_len);
+
+ memset(&ioq_cmd, 0, sizeof(ioq_cmd));
+ ioq_cmd.common.opcode = cmd->opcode;
+ ioq_cmd.common.flags = cmd->flags;
+ ioq_cmd.common.hdid = cpu_to_le32(cmd->nsid);
+ ioq_cmd.common.sense_len = cpu_to_le16(cmd->info_0.res_sense_len);
+ ioq_cmd.common.cdb_len = cmd->info_0.cdb_len;
+ ioq_cmd.common.rsvd2 = cmd->info_0.rsvd0;
+ ioq_cmd.common.cdw3[0] = cpu_to_le32(cmd->cdw3);
+ ioq_cmd.common.cdw3[1] = cpu_to_le32(cmd->cdw4);
+ ioq_cmd.common.cdw3[2] = cpu_to_le32(cmd->cdw5);
+
+ ioq_cmd.common.cdw10[0] = cpu_to_le32(cmd->cdw10);
+ ioq_cmd.common.cdw10[1] = cpu_to_le32(cmd->cdw11);
+ ioq_cmd.common.cdw10[2] = cpu_to_le32(cmd->cdw12);
+ ioq_cmd.common.cdw10[3] = cpu_to_le32(cmd->cdw13);
+ ioq_cmd.common.cdw10[4] = cpu_to_le32(cmd->cdw14);
+ ioq_cmd.common.cdw10[5] = cpu_to_le32(cmd->data_len);
+
+ memcpy(ioq_cmd.common.cdb, &cmd->cdw16, cmd->info_0.cdb_len);
+
+ ioq_cmd.common.cdw26[0] = cpu_to_le32(cmd->cdw26[0]);
+ ioq_cmd.common.cdw26[1] = cpu_to_le32(cmd->cdw26[1]);
+ ioq_cmd.common.cdw26[2] = cpu_to_le32(cmd->cdw26[2]);
+ ioq_cmd.common.cdw26[3] = cpu_to_le32(cmd->cdw26[3]);
+
+ status = sssraid_bsg_map_data(hdev, job, (struct sssraid_admin_command *)&ioq_cmd);
+ if (status) {
+ ioc_err(hdev, "err, map data failed\n");
+ return status;
+ }
+
+ status = sssraid_submit_ioq_sync_cmd(hdev, &ioq_cmd, job->reply, &job->reply_len, timeout);
+ if (status)
+ ioc_info(hdev, "opcode[0x%x] subopcode[0x%x], status[0x%x], reply_len[%d]\n",
+ cmd->opcode, cmd->info_1.subopcode, status, job->reply_len);
+
+ sssraid_bsg_unmap_data(hdev, job);
+
+ return status;
+}
+
+
+/* bsg dispatch user command */
+static int sssraid_bsg_host_dispatch(struct bsg_job *job)
+{
+ struct Scsi_Host *shost = dev_to_shost(job->dev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ struct request *rq = blk_mq_rq_from_pdu(job);
+ struct sssraid_bsg_request *bsg_req = job->request;
+ int ret = -ENOMSG;
+
+ job->reply_len = 0;
+
+ if (bsg_req == NULL || job->request_len != sizeof(struct sssraid_bsg_request)) {
+ bsg_job_done(job, ret, 0);
+ return 0;
+ }
+ dbgprint(hdev, "bsg msgcode[%d] msglen[%d] timeout[%d];"
+ "reqnsge[%d], reqlen[%d]\n",
+ bsg_req->msgcode, job->request_len, rq->timeout,
+ job->request_payload.sg_cnt, job->request_payload.payload_len);
+
+ switch (bsg_req->msgcode) {
+ case SSSRAID_BSG_ADM:
+ ret = sssraid_user_admin_cmd(hdev, job);
+ break;
+ case SSSRAID_BSG_IOQ:
+ ret = sssraid_user_ioq_cmd(hdev, job);
+ break;
+ default:
+ ioc_info(hdev, "unsupport msgcode[%d]\n", bsg_req->msgcode);
+ break;
+ }
+
+ if (ret > 0)
+ ret = ret | (ret << 8);
+
+ bsg_job_done(job, ret, 0);
+ return 0;
+}
+
+static inline void sssraid_remove_bsg(struct sssraid_dev *hdev)
+{
+ if (hdev->bsg_queue) {
+ bsg_unregister_queue(hdev->bsg_queue);
+ blk_cleanup_queue(hdev->bsg_queue);
+ }
+}
+
+static void sssraid_back_fault_cqe(struct sssraid_squeue *sqinfo, struct sssraid_completion *cqe)
+{
+ struct sssraid_dev *hdev = sqinfo->hdev;
+ struct blk_mq_tags *tags;
+ struct scsi_cmnd *scmd;
+ struct sssraid_iod *iod;
+ struct request *req;
+
+ tags = hdev->shost->tag_set.tags[sqinfo->qidx - 1];
+ req = blk_mq_tag_to_rq(tags, le16_to_cpu(cqe->cmd_id));
+ if (unlikely(!req || !blk_mq_request_started(req)))
+ return;
+
+ scmd = blk_mq_rq_to_pdu(req);
+ iod = scsi_cmd_priv(scmd);
+
+ if (READ_ONCE(iod->state) != SSSRAID_CMD_IN_FLIGHT &&
+ READ_ONCE(iod->state) != SSSRAID_CMD_TIMEOUT)
+ return;
+
+ WRITE_ONCE(iod->state, SSSRAID_CMD_TMO_COMPLETE);
+ set_host_byte(scmd, DID_NO_CONNECT);
+ if (iod->nsge)
+ scsi_dma_unmap(scmd);
+ sssraid_free_iod_res(hdev, iod);
+ scmd->scsi_done(scmd);
+ ioc_warn(hdev, "Back fault CQE, cid[%d] qidx[%d]\n",
+ le16_to_cpu(cqe->cmd_id), sqinfo->qidx);
+}
+
+void sssraid_back_all_io(struct sssraid_dev *hdev)
+{
+ int i, j;
+ struct sssraid_squeue *sqinfo;
+ struct sssraid_completion cqe = { 0 };
+
+ scsi_block_requests(hdev->shost);
+
+ for (i = 1; i <= hdev->shost->nr_hw_queues; i++) {
+ sqinfo = &hdev->sqinfo[i];
+ for (j = 0; j < hdev->scsi_qd; j++) {
+ cqe.cmd_id = cpu_to_le16(j);
+ sssraid_back_fault_cqe(sqinfo, &cqe);
+ }
+ }
+
+ scsi_unblock_requests(hdev->shost);
+
+ j = SSSRAID_AQ_BLK_MQ_DEPTH;
+ for (i = 0; i < j; i++) {
+ if (READ_ONCE(hdev->adm_cmds[i].state) == SSSRAID_CMD_IN_FLIGHT) {
+ ioc_info(hdev, "Back adm, cid[%d]\n", i);
+ hdev->adm_cmds[i].status = 0xFFFF;
+ WRITE_ONCE(hdev->adm_cmds[i].state, SSSRAID_CMD_COMPLETE);
+ complete(&(hdev->adm_cmds[i].cmd_done));
+ }
+ }
+
+ j = SSSRAID_NR_IOQ_PTCMDS;
+ for (i = 0; i < j; i++) {
+ if (READ_ONCE(hdev->ioq_ptcmds[i].state) == SSSRAID_CMD_IN_FLIGHT) {
+ hdev->ioq_ptcmds[i].status = 0xFFFF;
+ WRITE_ONCE(hdev->ioq_ptcmds[i].state, SSSRAID_CMD_COMPLETE);
+ complete(&(hdev->ioq_ptcmds[i].cmd_done));
+ }
+ }
+}
+
+/**
+ * static struct scsi_host_template sssraid_driver_template
+ */
+static int sssraid_scan_finished(struct Scsi_Host *shost,
+ unsigned long time)
+{
+ struct sssraid_dev *hdev = shost_priv(shost);
+
+ sssraid_scan_disk(hdev);
+
+ return 1;
+}
+
+/* eh_target_reset_handler call back */
+static int sssraid_eh_target_reset(struct scsi_cmnd *scmd)
+{
+ return sssraid_scsi_reset(scmd, SSSRAID_RESET_TARGET);
+}
+
+/* eh_bus_reset_handler call back */
+static int sssraid_bus_reset_handler(struct scsi_cmnd *scmd)
+{
+ return sssraid_scsi_reset(scmd, SSSRAID_RESET_BUS);
+}
+
+/* eh_host_reset_handler call back */
+static int sssraid_eh_host_reset(struct scsi_cmnd *scmd)
+{
+ u16 hwq, cid;
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+
+ scsi_print_command(scmd);
+ if (hdev->state != SSSRAID_LIVE || sssraid_check_scmd_completed(scmd))
+ return SUCCESS;
+
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+ ioc_warn(hdev, "cid[%d] qidx[%d] host reset\n", cid, hwq);
+
+ /* It's useless:
+ * old code sssraid_reset_work_sync
+ * queue_work(reset_work) at first,
+ * then flush_work to synchronize.
+ */
+ if (!sssraid_change_host_state(hdev, SSSRAID_RESETTING)) {
+ ioc_info(hdev, "can't change to reset state\n");
+ return FAILED;
+ }
+ if (sssraid_soft_reset_handler(hdev)) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] host reset failed\n", cid, hwq);
+ return FAILED;
+ }
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] host reset success\n", cid, hwq);
+
+ return SUCCESS;
+}
+
+/* host_reset call back */
+static int sssraid_sysfs_host_reset(struct Scsi_Host *shost, int reset_type)
+{
+ int ret;
+ struct sssraid_dev *hdev = shost_priv(shost);
+
+ ioc_info(hdev, "start sysfs host reset cmd\n");
+ if (!sssraid_change_host_state(hdev, SSSRAID_RESETTING)) {
+ ioc_info(hdev, "can't change to reset state\n");
+ return -EBUSY;
+ }
+ ret = sssraid_soft_reset_handler(hdev);
+ ioc_info(hdev, "stop sysfs host reset cmd[%d]\n", ret);
+
+ return ret;
+}
+
+/* queuecommand call back */
+static int sssraid_qcmd(struct Scsi_Host *shost,
+ struct scsi_cmnd *scmd)
+{
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ struct scsi_device *sdev = scmd->device;
+ struct sssraid_sdev_hostdata *hostdata = sdev->hostdata;
+ u16 hwq, cid;
+ struct sssraid_squeue *sq;
+ struct sssraid_ioq_command ioq_cmd;
+ int retval;
+
+ if (unlikely(hdev->state == SSSRAID_RESETTING))
+ return SCSI_MLQUEUE_HOST_BUSY;
+
+ if (unlikely(hdev->state != SSSRAID_LIVE)) {
+ set_host_byte(scmd, DID_NO_CONNECT);
+ scmd->scsi_done(scmd);
+ return 0;
+ }
+
+ if (unlikely(hdev->logging_level & SSSRAID_DEBUG))
+ scsi_print_command(scmd);
+
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+ hostdata = sdev->hostdata;
+ sq = &hdev->sqinfo[hwq];
+
+ memset(&ioq_cmd, 0, sizeof(ioq_cmd));
+ ioq_cmd.rw.hdid = cpu_to_le32(hostdata->hdid);
+ ioq_cmd.rw.command_id = cpu_to_le16(cid);
+
+ retval = sssraid_setup_ioq_cmd(hdev, &ioq_cmd, scmd);
+ if (unlikely(retval)) {
+ set_host_byte(scmd, DID_ERROR);
+ scmd->scsi_done(scmd);
+ return 0;
+ }
+
+ iod->sense = sq->sense + retval;
+ iod->sense_dma = sq->sense_dma_addr + retval;
+ ioq_cmd.common.sense_addr = cpu_to_le64(iod->sense_dma);
+ ioq_cmd.common.sense_len = cpu_to_le16(SCSI_SENSE_BUFFERSIZE);
+
+ sssraid_init_iod(iod);
+
+ iod->sqinfo = sq;
+ sssraid_io_map_data(hdev, iod, scmd, &ioq_cmd);
+ if (unlikely(retval)) {
+ ioc_err(hdev, "sssraid_io_map_data Err.\n");
+ set_host_byte(scmd, DID_ERROR);
+ scmd->scsi_done(scmd);
+ retval = 0;
+ goto deinit_iod;
+ }
+
+ WRITE_ONCE(iod->state, SSSRAID_CMD_IN_FLIGHT);
+ sssraid_submit_cmd(sq, &ioq_cmd);
+
+ return 0;
+
+deinit_iod:
+ sssraid_free_iod_res(hdev, iod);
+ return retval;
+}
+
+/* change_queue_depth call back:
+ * keep as old
+ */
+
+/* slave_configure call back */
+static int sssraid_slave_configure(struct scsi_device *sdev)
+{
+ int qd = MAX_CMD_PER_DEV;
+ unsigned int timeout = scmd_tmout_rawdisk * HZ;
+ struct sssraid_dev *hdev = shost_priv(sdev->host);
+ struct sssraid_sdev_hostdata *hostdata = sdev->hostdata;
+ u32 max_sec = sdev->host->max_sectors;
+
+ if (hostdata) {
+ if (SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ timeout = scmd_tmout_vd * HZ;
+ else if (SSSRAID_DEV_INFO_ATTR_RAWDISK(hostdata->attr))
+ timeout = scmd_tmout_rawdisk * HZ;
+ max_sec = hostdata->max_io_kb << 1;
+ qd = sssraid_get_qd_by_disk(hostdata->attr);
+ } else {
+ ioc_err(hdev, "err, sdev->hostdata is null\n");
+ }
+
+ blk_queue_rq_timeout(sdev->request_queue, timeout);
+ sdev->eh_timeout = timeout;
+ scsi_change_queue_depth(sdev, qd);
+
+ if ((max_sec == 0) || (max_sec > sdev->host->max_sectors))
+ max_sec = sdev->host->max_sectors;
+
+ blk_queue_max_hw_sectors(sdev->request_queue, max_sec);
+
+ ioc_info(hdev, "sdev->channel:id:lun[%d:%d:%lld], scmd_timeout[%d]s, maxsec[%d]\n",
+ sdev->channel, sdev->id, sdev->lun, timeout / HZ, max_sec);
+
+ return 0;
+}
+
+/* slave_alloc call back */
+static int sssraid_slave_alloc(struct scsi_device *sdev)
+{
+ struct sssraid_sdev_hostdata *hostdata;
+ struct sssraid_dev *hdev;
+ u16 idx;
+
+ hdev = shost_priv(sdev->host);
+ hostdata = kzalloc(sizeof(*hostdata), GFP_KERNEL);
+ if (!hostdata) {
+ ioc_err(hdev, "Alloc scsi host data memory failed\n");
+ return -ENOMEM;
+ }
+
+ down_read(&hdev->devices_rwsem);
+ for (idx = 0; idx < le32_to_cpu(hdev->ctrl_info->nd); idx++) {
+ if (sssraid_match_dev(hdev, idx, sdev))
+ goto scan_host;
+ }
+ up_read(&hdev->devices_rwsem);
+
+ kfree(hostdata);
+ return -ENXIO;
+
+scan_host:
+ hostdata->hdid = le32_to_cpu(hdev->devices[idx].hdid);
+ hostdata->max_io_kb = le16_to_cpu(hdev->devices[idx].max_io_kb);
+ hostdata->attr = hdev->devices[idx].attr;
+ hostdata->flag = hdev->devices[idx].flag;
+ hostdata->rg_id = 0xff;
+ sdev->hostdata = hostdata;
+ up_read(&hdev->devices_rwsem);
+ return 0;
+}
+
+/* slave_destroy call back */
+static void sssraid_slave_destroy(struct scsi_device *sdev)
+{
+ kfree(sdev->hostdata);
+ sdev->hostdata = NULL;
+}
+
+/* eh_timed_out call back */
+static enum blk_eh_timer_return sssraid_scmd_timeout(struct scsi_cmnd *scmd)
+{
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ unsigned int timeout = scmd->device->request_queue->rq_timeout;
+
+ if (sssraid_check_scmd_completed(scmd))
+ goto out;
+
+ if (time_after(jiffies, scmd->jiffies_at_alloc + timeout)) {
+ if (cmpxchg(&iod->state, SSSRAID_CMD_IN_FLIGHT, SSSRAID_CMD_TIMEOUT) ==
+ SSSRAID_CMD_IN_FLIGHT) {
+ return BLK_EH_DONE;
+ }
+ }
+out:
+ return BLK_EH_RESET_TIMER;
+}
+
+/* eh_abort_handler call back */
+static int sssraid_abort_handler(struct scsi_cmnd *scmd)
+{
+ struct sssraid_dev *hdev = shost_priv(scmd->device->host);
+ struct sssraid_iod *iod = scsi_cmd_priv(scmd);
+ struct sssraid_sdev_hostdata *hostdata;
+ u16 hwq, cid;
+ int ret;
+
+ scsi_print_command(scmd);
+
+ if (hdev->state != SSSRAID_LIVE || !sssraid_wait_abnl_cmd_done(iod) ||
+ sssraid_check_scmd_completed(scmd))
+ return SUCCESS;
+
+ hostdata = scmd->device->hostdata;
+ sssraid_get_tag_from_scmd(scmd, &hwq, &cid);
+
+ ioc_warn(hdev, "cid[%d] qidx[%d] timeout, aborting\n", cid, hwq);
+ ret = sssraid_send_abort_cmd(hdev, hostdata->hdid, hwq, cid);
+ if (ret != -ETIME) {
+ ret = sssraid_wait_abnl_cmd_done(iod);
+ if (ret) {
+ ioc_warn(hdev, "cid[%d] qidx[%d] abort failed, not found\n", cid, hwq);
+ return FAILED;
+ }
+ ioc_warn(hdev, "cid[%d] qidx[%d] abort succ\n", cid, hwq);
+ return SUCCESS;
+ }
+ ioc_warn(hdev, "cid[%d] qidx[%d] abort failed, timeout\n", cid, hwq);
+ return FAILED;
+}
+
+static ssize_t csts_pp_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_PP_MASK);
+ ret >>= SSSRAID_CSTS_PP_SHIFT;
+ }
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t csts_shst_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_SHST_MASK);
+ ret >>= SSSRAID_CSTS_SHST_SHIFT;
+ }
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t csts_cfs_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev)) {
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_CFS_MASK);
+ ret >>= SSSRAID_CSTS_CFS_SHIFT;
+ }
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t csts_rdy_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+ int ret = -1;
+
+ if (pci_device_is_present(hdev->pdev))
+ ret = (readl(hdev->bar + SSSRAID_REG_CSTS) & SSSRAID_CSTS_RDY);
+
+ return snprintf(buf, PAGE_SIZE, "%d\n", ret);
+}
+
+static ssize_t fw_version_show(struct device *cdev, struct device_attribute *attr, char *buf)
+{
+ struct Scsi_Host *shost = class_to_shost(cdev);
+ struct sssraid_dev *hdev = shost_priv(shost);
+
+ return snprintf(buf, PAGE_SIZE, "%s\n", hdev->ctrl_info->fr);
+}
+
+static DEVICE_ATTR_RO(csts_pp);
+static DEVICE_ATTR_RO(csts_shst);
+static DEVICE_ATTR_RO(csts_cfs);
+static DEVICE_ATTR_RO(csts_rdy);
+static DEVICE_ATTR_RO(fw_version);
+
+static struct device_attribute *sssraid_host_attrs[] = {
+ &dev_attr_csts_pp,
+ &dev_attr_csts_shst,
+ &dev_attr_csts_cfs,
+ &dev_attr_csts_rdy,
+ &dev_attr_fw_version,
+ NULL,
+};
+
+static int sssraid_get_vd_info(struct sssraid_dev *hdev, struct sssraid_vd_info *vd_info, u16 vid)
+{
+ struct sssraid_admin_command admin_cmd;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+ int ret;
+
+ if (hdev->state >= SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host state[%d] is not right\n", hdev->state);
+ return -EBUSY;
+ }
+
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.usr_cmd.opcode = USR_CMD_READ;
+ admin_cmd.usr_cmd.info_0.subopcode = cpu_to_le16(USR_CMD_VDINFO);
+ admin_cmd.usr_cmd.info_1.data_len = cpu_to_le16(USR_CMD_RDLEN);
+ admin_cmd.usr_cmd.info_1.param_len = cpu_to_le16(VDINFO_PARAM_LEN);
+ admin_cmd.usr_cmd.cdw10 = cpu_to_le32(vid);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+ if (!ret)
+ memcpy(vd_info, data_ptr, sizeof(struct sssraid_vd_info));
+
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, data_ptr, data_dma);
+
+ return ret;
+}
+
+static int sssraid_get_bgtask(struct sssraid_dev *hdev, struct sssraid_bgtask *bgtask)
+{
+ struct sssraid_admin_command admin_cmd;
+ u8 *data_ptr = NULL;
+ dma_addr_t data_dma = 0;
+ int ret;
+
+ if (hdev->state >= SSSRAID_RESETTING) {
+ ioc_err(hdev, "err, host state[%d] is not right\n", hdev->state);
+ return -EBUSY;
+ }
+
+ data_ptr = dma_alloc_coherent(&hdev->pdev->dev, PAGE_SIZE, &data_dma, GFP_KERNEL);
+ if (!data_ptr)
+ return -ENOMEM;
+
+ memset(&admin_cmd, 0, sizeof(admin_cmd));
+ admin_cmd.usr_cmd.opcode = USR_CMD_READ;
+ admin_cmd.usr_cmd.info_0.subopcode = cpu_to_le16(USR_CMD_BGTASK);
+ admin_cmd.usr_cmd.info_1.data_len = cpu_to_le16(USR_CMD_RDLEN);
+ admin_cmd.common.dptr.prp1 = cpu_to_le64(data_dma);
+
+ ret = sssraid_submit_admin_sync_cmd(hdev, &admin_cmd, NULL, NULL, 0);
+ if (!ret)
+ memcpy(bgtask, data_ptr, sizeof(struct sssraid_bgtask));
+
+ dma_free_coherent(&hdev->pdev->dev, PAGE_SIZE, data_ptr, data_dma);
+
+ return ret;
+}
+
+static ssize_t raid_level_show(struct device *dev, struct device_attribute *attr, char *buf)
+{
+ struct scsi_device *sdev;
+ struct sssraid_dev *hdev;
+ struct sssraid_vd_info *vd_info;
+ struct sssraid_sdev_hostdata *hostdata;
+ int ret;
+
+ sdev = to_scsi_device(dev);
+ hdev = shost_priv(sdev->host);
+ hostdata = sdev->hostdata;
+
+ vd_info = kmalloc(sizeof(*vd_info), GFP_KERNEL);
+ if (!vd_info || !SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ return snprintf(buf, PAGE_SIZE, "NA\n");
+
+ ret = sssraid_get_vd_info(hdev, vd_info, sdev->id);
+ if (ret)
+ vd_info->rg_level = ARRAY_SIZE(raid_levels) - 1;
+
+ ret = (vd_info->rg_level < ARRAY_SIZE(raid_levels)) ?
+ vd_info->rg_level : (ARRAY_SIZE(raid_levels) - 1);
+
+ kfree(vd_info);
+
+ return snprintf(buf, PAGE_SIZE, "RAID-%s\n", raid_levels[ret]);
+}
+
+static ssize_t raid_state_show(struct device *dev, struct device_attribute *attr, char *buf)
+{
+ struct scsi_device *sdev;
+ struct sssraid_dev *hdev;
+ struct sssraid_vd_info *vd_info;
+ struct sssraid_sdev_hostdata *hostdata;
+ int ret;
+
+ sdev = to_scsi_device(dev);
+ hdev = shost_priv(sdev->host);
+ hostdata = sdev->hostdata;
+
+ vd_info = kmalloc(sizeof(*vd_info), GFP_KERNEL);
+ if (!vd_info || !SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ return snprintf(buf, PAGE_SIZE, "NA\n");
+
+ ret = sssraid_get_vd_info(hdev, vd_info, sdev->id);
+ if (ret) {
+ vd_info->vd_status = 0;
+ vd_info->rg_id = 0xff;
+ }
+
+ ret = (vd_info->vd_status < ARRAY_SIZE(raid_states)) ? vd_info->vd_status : 0;
+
+ kfree(vd_info);
+
+ return snprintf(buf, PAGE_SIZE, "%s\n", raid_states[ret]);
+}
+
+static ssize_t raid_resync_show(struct device *dev, struct device_attribute *attr, char *buf)
+{
+ struct scsi_device *sdev;
+ struct sssraid_dev *hdev;
+ struct sssraid_vd_info *vd_info;
+ struct sssraid_bgtask *bgtask;
+ struct sssraid_sdev_hostdata *hostdata;
+ u8 rg_id, i, progress = 0;
+ int ret;
+
+ sdev = to_scsi_device(dev);
+ hdev = shost_priv(sdev->host);
+ hostdata = sdev->hostdata;
+
+ vd_info = kmalloc(sizeof(*vd_info), GFP_KERNEL);
+ if (!vd_info || !SSSRAID_DEV_INFO_ATTR_VD(hostdata->attr))
+ return snprintf(buf, PAGE_SIZE, "NA\n");
+
+ ret = sssraid_get_vd_info(hdev, vd_info, sdev->id);
+ if (ret)
+ goto out;
+
+ rg_id = vd_info->rg_id;
+
+ bgtask = (struct sssraid_bgtask *)vd_info;
+ ret = sssraid_get_bgtask(hdev, bgtask);
+ if (ret)
+ goto out;
+ for (i = 0; i < bgtask->task_num; i++) {
+ if ((bgtask->bgtask[i].type == BGTASK_TYPE_REBUILD) &&
+ (le16_to_cpu(bgtask->bgtask[i].vd_id) == rg_id))
+ progress = bgtask->bgtask[i].progress;
+ }
+
+out:
+ kfree(vd_info);
+ return snprintf(buf, PAGE_SIZE, "%d\n", progress);
+}
+
+static DEVICE_ATTR_RO(raid_level);
+static DEVICE_ATTR_RO(raid_state);
+static DEVICE_ATTR_RO(raid_resync);
+
+static struct device_attribute *sssraid_dev_attrs[] = {
+ &dev_attr_raid_level,
+ &dev_attr_raid_state,
+ &dev_attr_raid_resync,
+ NULL,
+};
+
+static struct scsi_host_template sssraid_driver_template = {
+ .module = THIS_MODULE,
+ .name = "3SNIC Logic sssraid driver",
+ .proc_name = "sssraid",
+ .queuecommand = sssraid_qcmd,
+ .slave_alloc = sssraid_slave_alloc,
+ .slave_destroy = sssraid_slave_destroy,
+ .slave_configure = sssraid_slave_configure,
+ .scan_finished = sssraid_scan_finished,
+ .eh_timed_out = sssraid_scmd_timeout,
+ .eh_abort_handler = sssraid_abort_handler,
+ .eh_target_reset_handler = sssraid_eh_target_reset,
+ .eh_bus_reset_handler = sssraid_bus_reset_handler,
+ .eh_host_reset_handler = sssraid_eh_host_reset,
+ .change_queue_depth = scsi_change_queue_depth,
+ .host_tagset = 0,
+ .this_id = -1,
+ .unchecked_isa_dma = 0,
+ .shost_attrs = sssraid_host_attrs,
+ .sdev_attrs = sssraid_dev_attrs,
+ .host_reset = sssraid_sysfs_host_reset,
+};
+
+/**
+ * sssraid_probe - PCI probe callback
+ * @pdev: PCI device instance
+ * @id: PCI device ID details
+ *
+ * controller initialization routine.
+ * Allocate per adapter instance through shost_priv and
+ * initialize controller specific data structures, initializae
+ * the controller hardware, add shost to the SCSI subsystem.
+ *
+ * Return: 0 on success, non-zero on failure.
+ */
+
+static int
+sssraid_probe(struct pci_dev *pdev, const struct pci_device_id *id)
+{
+ struct sssraid_dev *hdev;
+ struct Scsi_Host *shost;
+ int node;
+ char bsg_name[15];
+ int retval = 0;
+
+ node = dev_to_node(&pdev->dev);
+ if (node == NUMA_NO_NODE) {
+ node = first_memory_node;
+ set_dev_node(&pdev->dev, node);
+ }
+
+ shost = scsi_host_alloc(&sssraid_driver_template, sizeof(*hdev));
+ if (!shost) {
+ retval = -ENODEV;
+ ioc_err(hdev, "Failed to allocate scsi host\n");
+ goto shost_failed;
+ }
+
+ hdev = shost_priv(shost);
+ hdev->numa_node = node;
+ hdev->instance = shost->host_no; /* for device instance */
+ sprintf(hdev->name, "%s%d", SSSRAID_DRIVER_NAME, hdev->instance);
+
+ init_rwsem(&hdev->devices_rwsem);
+ spin_lock_init(&hdev->state_lock);
+
+ spin_lock_init(&hdev->fwevt_lock);
+ spin_lock_init(&hdev->watchdog_lock);
+
+ INIT_LIST_HEAD(&hdev->fwevt_list);
+
+// logging_level = 1; //garden test
+ hdev->logging_level = logging_level; /* according to log_debug_switch*/
+
+ snprintf(hdev->fwevt_worker_name, sizeof(hdev->fwevt_worker_name),
+ "%s%d_fwevt_wrkr", SSSRAID_DRIVER_NAME, hdev->instance);
+ hdev->fwevt_worker_thread = alloc_ordered_workqueue(
+ hdev->fwevt_worker_name, WQ_MEM_RECLAIM);
+ if (!hdev->fwevt_worker_thread) {
+ ioc_err(hdev, "failure at %s:%d/%s()!\n",
+ __FILE__, __LINE__, __func__);
+ retval = -ENODEV;
+ goto out_fwevtthread_failed;
+ }
+
+ hdev->shost = shost;
+ hdev->pdev = pdev;
+
+ if (sssraid_init_ioc(hdev, 0)) {
+ ioc_err(hdev, "failure at %s:%d/%s()!\n",
+ __FILE__, __LINE__, __func__);
+ retval = -ENODEV;
+ goto out_iocinit_failed;
+ }
+
+ sssraid_shost_init(hdev);
+
+ retval = scsi_add_host(shost, &pdev->dev);
+ if (retval) {
+ ioc_err(hdev, "failure at %s:%d/%s()!\n",
+ __FILE__, __LINE__, __func__);
+ goto addhost_failed;
+ }
+
+ snprintf(bsg_name, sizeof(bsg_name), "%s%d", SSSRAID_DRIVER_NAME, shost->host_no);
+ hdev->bsg_queue = bsg_setup_queue(&shost->shost_gendev, bsg_name,
+ sssraid_bsg_host_dispatch, NULL, sssraid_cmd_size(hdev));
+ if (IS_ERR(hdev->bsg_queue)) {
+ ioc_err(hdev, "err, setup bsg failed\n");
+ hdev->bsg_queue = NULL;
+ goto bsg_setup_failed;
+ }
+
+ sssraid_change_host_state(hdev, SSSRAID_LIVE);
+
+ scsi_scan_host(shost);
+ return retval;
+
+bsg_setup_failed:
+ scsi_remove_host(shost);
+addhost_failed:
+ sssraid_cleanup_ioc(hdev, 0);
+out_iocinit_failed:
+ destroy_workqueue(hdev->fwevt_worker_thread);
+out_fwevtthread_failed:
+ scsi_host_put(shost);
+shost_failed:
+ return retval;
+}
+
+static void sssraid_remove(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return;
+
+ ioc_info(hdev, "enter sssraid remove\n");
+
+ hdev = shost_priv(shost);
+
+ sssraid_change_host_state(hdev, SSSRAID_DELETING);
+
+ if (!pci_device_is_present(pdev))
+ sssraid_back_all_io(hdev);
+
+ sssraid_cleanup_fwevt_list(hdev);
+ destroy_workqueue(hdev->fwevt_worker_thread);
+
+ sssraid_remove_bsg(hdev);
+ scsi_remove_host(shost);
+ sssraid_cleanup_ioc(hdev, 0);
+
+ scsi_host_put(shost);
+}
+
+static void sssraid_shutdown(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return;
+
+ hdev = shost_priv(shost);
+
+ sssraid_cleanup_fwevt_list(hdev);
+ destroy_workqueue(hdev->fwevt_worker_thread);
+ sssraid_cleanup_ioc(hdev, 0);
+}
+
+#ifdef CONFIG_PM
+static int sssraid_suspend(struct pci_dev *pdev, pm_message_t state)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+ pci_power_t device_state;
+
+ if (!shost)
+ return 0;
+
+ hdev = shost_priv(shost);
+
+ while (hdev->state == SSSRAID_RESETTING)
+ ssleep(1);
+ sssraid_cleanup_fwevt_list(hdev);
+ scsi_block_requests(shost);
+ sssraid_cleanup_ioc(hdev, 1);
+
+ device_state = pci_choose_state(pdev, state);
+ pci_save_state(pdev);
+ pci_set_power_state(pdev, device_state);
+
+ return 0;
+}
+
+static int sssraid_resume(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+ pci_power_t device_state = pdev->current_state;
+
+ if (!shost)
+ return 0;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "pdev=0x%p, slot=%s, previous operating state [D%d]\n",
+ pdev, pci_name(pdev), device_state);
+ pci_set_power_state(pdev, PCI_D0);
+ pci_enable_wake(pdev, PCI_D0, 0);
+ pci_restore_state(pdev);
+ hdev->pdev = pdev;
+ hdev->cpu_count = num_online_cpus();
+
+ /* sssraid_setup_resources in sssraid_init_ioc */
+ sssraid_init_ioc(hdev, 1);
+ scsi_unblock_requests(shost);
+
+ return 0;
+}
+#endif
+
+static pci_ers_result_t sssraid_pci_error_detected(struct pci_dev *pdev,
+ pci_channel_state_t state)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return PCI_ERS_RESULT_NONE;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "enter pci error detect, state:%d\n", state);
+
+ switch (state) {
+ case pci_channel_io_normal:
+ ioc_warn(hdev, "channel is normal, do nothing\n");
+
+ return PCI_ERS_RESULT_CAN_RECOVER;
+ case pci_channel_io_frozen:
+ ioc_warn(hdev, "channel io frozen, need reset controller\n");
+
+ scsi_block_requests(hdev->shost);
+
+ sssraid_change_host_state(hdev, SSSRAID_RESETTING);
+
+ return PCI_ERS_RESULT_NEED_RESET;
+ case pci_channel_io_perm_failure:
+ ioc_warn(hdev, "channel io failure, request disconnect\n");
+
+ return PCI_ERS_RESULT_DISCONNECT;
+ }
+
+ return PCI_ERS_RESULT_NEED_RESET;
+}
+
+static pci_ers_result_t sssraid_pci_slot_reset(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return PCI_ERS_RESULT_NONE;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "restart after slot reset\n");
+
+ pci_restore_state(pdev);
+
+ sssraid_soft_reset_handler(hdev);
+
+ scsi_unblock_requests(hdev->shost);
+
+ return PCI_ERS_RESULT_RECOVERED;
+}
+
+static void sssraid_reset_done(struct pci_dev *pdev)
+{
+ struct Scsi_Host *shost = pci_get_drvdata(pdev);
+ struct sssraid_dev *hdev;
+
+ if (!shost)
+ return;
+
+ hdev = shost_priv(shost);
+
+ ioc_info(hdev, "enter sssraid reset done\n");
+}
+
+static struct pci_error_handlers sssraid_err_handler = {
+ .error_detected = sssraid_pci_error_detected,
+ .slot_reset = sssraid_pci_slot_reset,
+ .reset_done = sssraid_reset_done,
+};
+
+static const struct pci_device_id sssraid_pci_id_table[] = {
+ { PCI_DEVICE(PCI_VENDOR_ID_3SNIC_LOGIC, SSSRAID_SERVER_DEVICE_HBA_DID) },
+ { PCI_DEVICE(PCI_VENDOR_ID_3SNIC_LOGIC, SSSRAID_SERVER_DEVICE_RAID_DID) },
+ { 0, }
+};
+MODULE_DEVICE_TABLE(pci, sssraid_pci_id_table);
+
+static struct pci_driver sssraid_pci_driver = {
+ .name = SSSRAID_DRIVER_NAME,
+ .id_table = sssraid_pci_id_table,
+ .probe = sssraid_probe,
+ .remove = sssraid_remove,
+ .shutdown = sssraid_shutdown,
+#ifdef CONFIG_PM
+ .suspend = sssraid_suspend,
+ .resume = sssraid_resume,
+#endif
+ .err_handler = &sssraid_err_handler,
+};
+
+static int __init sssraid_init(void)
+{
+ int ret_val;
+
+ pr_info("Loading %s version %s\n", SSSRAID_DRIVER_NAME,
+ SSSRAID_DRIVER_VERSION);
+
+ sssraid_class = class_create(THIS_MODULE, "sssraid");
+ if (IS_ERR(sssraid_class)) {
+ ret_val = PTR_ERR(sssraid_class);
+ return ret_val;
+ }
+
+ ret_val = pci_register_driver(&sssraid_pci_driver);
+
+ return ret_val;
+}
+
+static void __exit sssraid_exit(void)
+{
+ pr_info("Unloading %s version %s\n", SSSRAID_DRIVER_NAME,
+ SSSRAID_DRIVER_VERSION);
+
+ class_destroy(sssraid_class);
+ pci_unregister_driver(&sssraid_pci_driver);
+}
+
+MODULE_AUTHOR("liangry1(a)3snic.com");
+MODULE_DESCRIPTION("3SNIC Information Technology SSSRAID Driver");
+MODULE_LICENSE("GPL");
+MODULE_VERSION(SSSRAID_DRIVER_VERSION);
+module_init(sssraid_init);
+module_exit(sssraid_exit);
--
2.25.1
2
1
[PATCH openEuler-5.10-LTS] wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
by Zheng Zengkai 28 Dec '22
by Zheng Zengkai 28 Dec '22
28 Dec '22
From: Phil Turnbull <philipturnbull(a)github.com>
stable inclusion
from stable-v5.10.157
commit 5a068535c0073c8402aa0755e8ef259fb98a33c5
category: bugfix
bugzilla: 188173 https://gitee.com/src-openeuler/kernel/issues/I66M3J
CVE: CVE-2022-47521
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit f9b62f9843c7b0afdaecabbcebf1dbba18599408 upstream.
Validate that the IEEE80211_P2P_ATTR_CHANNEL_LIST attribute contains
enough space for a 'struct wilc_attr_oper_ch'. If the attribute is too
small then it can trigger an out-of-bounds write later in the function.
'struct wilc_attr_oper_ch' is variable sized so also check 'attr_len'
does not extend beyond the end of 'buf'.
Signed-off-by: Phil Turnbull <philipturnbull(a)github.com>
Tested-by: Ajay Kathat <ajay.kathat(a)microchip.com>
Acked-by: Ajay Kathat <ajay.kathat(a)microchip.com>
Signed-off-by: Kalle Valo <kvalo(a)kernel.org>
Link: https://lore.kernel.org/r/20221123153543.8568-4-philipturnbull@github.com
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Liu Jian <liujian56(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
---
drivers/net/wireless/microchip/wilc1000/cfg80211.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/wireless/microchip/wilc1000/cfg80211.c b/drivers/net/wireless/microchip/wilc1000/cfg80211.c
index 64e01b84d98d..dd26f2086180 100644
--- a/drivers/net/wireless/microchip/wilc1000/cfg80211.c
+++ b/drivers/net/wireless/microchip/wilc1000/cfg80211.c
@@ -947,7 +947,8 @@ static inline void wilc_wfi_cfg_parse_ch_attr(u8 *buf, u32 len, u8 sta_ch)
if (index + sizeof(*e) + attr_size > len)
return;
- if (e->attr_type == IEEE80211_P2P_ATTR_CHANNEL_LIST)
+ if (e->attr_type == IEEE80211_P2P_ATTR_CHANNEL_LIST &&
+ attr_size >= (sizeof(struct wilc_attr_ch_list) - sizeof(*e)))
ch_list_idx = index;
else if (e->attr_type == IEEE80211_P2P_ATTR_OPER_CHANNEL &&
attr_size == (sizeof(struct wilc_attr_oper_ch) - sizeof(*e)))
--
2.20.1
1
0
[PATCH openEuler-5.10-LTS 1/6] drm/amdkfd: Check for null pointer after calling kmemdup
by Zheng Zengkai 28 Dec '22
by Zheng Zengkai 28 Dec '22
28 Dec '22
From: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
stable inclusion
from stable-v6.0.14
commit abfaf0eee97925905e742aa3b0b72e04a918fa9e
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6694U
CVE: CVE-2022-3108
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
As the possible failure of the allocation, kmemdup() may return NULL
pointer.
Therefore, it should be better to check the 'props2' in order to prevent
the dereference of NULL pointer.
Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs")
Signed-off-by: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
Reviewed-by: Felix Kuehling <Felix.Kuehling(a)amd.com>
Signed-off-by: Felix Kuehling <Felix.Kuehling(a)amd.com>
Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com>
Signed-off-by: Ren Zhijie <renzhijie2(a)huawei.com>
Reviewed-by: songping yu <yusongping(a)huawei.com>
Reviewed-by: Chen Hui <judy.chenhui(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
index 86b4dadf772e..02e3c650ed1c 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
@@ -408,6 +408,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink,
return -ENODEV;
/* same everything but the other direction */
props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL);
+ if (!props2)
+ return -ENOMEM;
+
props2->node_from = id_to;
props2->node_to = id_from;
props2->kobj = NULL;
--
2.20.1
1
5
[PATCH openEuler-1.0-LTS] dm thin: Use last transaction's pmd->root when commit failed
by Yongqiang Liu 27 Dec '22
by Yongqiang Liu 27 Dec '22
27 Dec '22
From: Zhihao Cheng <chengzhihao1(a)huawei.com>
mainline inclusion
from mainline-v6.2-rc1
commit 7991dbff6849f67e823b7cc0c15e5a90b0549b9f
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65M32
CVE: NA
--------------------------------
Recently we found a softlock up problem in dm thin pool btree lookup
code due to corrupted metadata:
Kernel panic - not syncing: softlockup: hung tasks
CPU: 7 PID: 2669225 Comm: kworker/u16:3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)
Workqueue: dm-thin do_worker [dm_thin_pool]
Call Trace:
<IRQ>
dump_stack+0x9c/0xd3
panic+0x35d/0x6b9
watchdog_timer_fn.cold+0x16/0x25
__run_hrtimer+0xa2/0x2d0
</IRQ>
RIP: 0010:__relink_lru+0x102/0x220 [dm_bufio]
__bufio_new+0x11f/0x4f0 [dm_bufio]
new_read+0xa3/0x1e0 [dm_bufio]
dm_bm_read_lock+0x33/0xd0 [dm_persistent_data]
ro_step+0x63/0x100 [dm_persistent_data]
btree_lookup_raw.constprop.0+0x44/0x220 [dm_persistent_data]
dm_btree_lookup+0x16f/0x210 [dm_persistent_data]
dm_thin_find_block+0x12c/0x210 [dm_thin_pool]
__process_bio_read_only+0xc5/0x400 [dm_thin_pool]
process_thin_deferred_bios+0x1a4/0x4a0 [dm_thin_pool]
process_one_work+0x3c5/0x730
Following process may generate a broken btree mixed with fresh and
stale btree nodes, which could get dm thin trapped in an infinite loop
while looking up data block:
Transaction 1: pmd->root = A, A->B->C // One path in btree
pmd->root = X, X->Y->Z // Copy-up
Transaction 2: X,Z is updated on disk, Y write failed.
// Commit failed, dm thin becomes read-only.
process_bio_read_only
dm_thin_find_block
__find_block
dm_btree_lookup(pmd->root)
The pmd->root points to a broken btree, Y may contain stale node
pointing to any block, for example X, which gets dm thin trapped into
a dead loop while looking up Z.
Fix this by setting pmd->root in __open_metadata(), so that dm thin
will use the last transaction's pmd->root if commit failed.
Fetch a reproducer in [Link].
Linke: https://bugzilla.kernel.org/show_bug.cgi?id=216790
Cc: stable(a)vger.kernel.org
Fixes: 991d9fa02da0 ("dm: add thin provisioning target")
Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com>
Acked-by: Joe Thornber <ejt(a)redhat.com>
Signed-off-by: Mike Snitzer <snitzer(a)kernel.org>
Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/md/dm-thin-metadata.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/drivers/md/dm-thin-metadata.c b/drivers/md/dm-thin-metadata.c
index 80c4f27e99f9..26f04b84e8a2 100644
--- a/drivers/md/dm-thin-metadata.c
+++ b/drivers/md/dm-thin-metadata.c
@@ -660,6 +660,15 @@ static int __open_metadata(struct dm_pool_metadata *pmd)
goto bad_cleanup_data_sm;
}
+ /*
+ * For pool metadata opening process, root setting is redundant
+ * because it will be set again in __begin_transaction(). But dm
+ * pool aborting process really needs to get last transaction's
+ * root to avoid accessing broken btree.
+ */
+ pmd->root = le64_to_cpu(disk_super->data_mapping_root);
+ pmd->details_root = le64_to_cpu(disk_super->device_details_root);
+
__setup_btree_details(pmd);
dm_bm_unlock(sblock);
--
2.25.1
1
0
[PATCH openEuler-5.10] timekeeping: Adding a padding before timekeeper in tk_core
by Zheng Zengkai 26 Dec '22
by Zheng Zengkai 26 Dec '22
26 Dec '22
From: Jialin Zhang <zhangjialin11(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I47W8L
CVE: NA
---------------------------
Adding a padding before timekeeper in tk_core can futhor fix
the false sharing problem discovered by commit 605276666775
("timekeeping: Avoiding false sharing in field access of tk_core")
context1 of unixbench is tested on Huawei Kunpeng920.
before this patch
0 CPUs in system; running 96 parallel copies of tests
Pipe-based Context Switching 17213571.7 lps (10.0 s, 1 samples)
System Benchmarks Partial Index BASELINE RESULT INDEX
Pipe-based Context Switching 4000.0 17213571.7 43033.9
========
System Benchmarks Index Score (Partial Only) 43033.9
after this patch
0 CPUs in system; running 96 parallel copies of tests
Pipe-based Context Switching 20321268.3 lps (10.0 s, 1 samples)
System Benchmarks Partial Index BASELINE RESULT INDEX
Pipe-based Context Switching 4000.0 20321268.3 50803.2
========
System Benchmarks Index Score (Partial Only) 50803.2
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
Reviewed-by: Xie XiuQi <xiexiuqi(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
kernel/time/timekeeping.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
index e3142bf7648e..c8d9b89a7571 100644
--- a/kernel/time/timekeeping.c
+++ b/kernel/time/timekeeping.c
@@ -52,6 +52,9 @@ static struct {
u64 padding[8];
#endif
seqcount_raw_spinlock_t seq;
+#ifdef CONFIG_ARCH_LLC_128_LINE_SIZE
+ u64 padding2[2];
+#endif
struct timekeeper timekeeper;
#ifdef CONFIG_ARCH_LLC_128_LINE_SIZE
} tk_core ____cacheline_aligned_128 = {
--
2.20.1
1
0
[PATCH openEuler-5.10] timekeeping: Adding a padding before timekeeper in tk_core
by Zheng Zengkai 26 Dec '22
by Zheng Zengkai 26 Dec '22
26 Dec '22
From: Jialin Zhang <zhangjialin11(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I47W8L
CVE: NA
---------------------------
Adding a padding before timekeeper in tk_core can futhor fix
the false sharing problem discovered by commit 605276666775
("timekeeping: Avoiding false sharing in field access of tk_core")
context1 of unixbench is tested on Huawei Kunpeng920.
before this patch
0 CPUs in system; running 96 parallel copies of tests
Pipe-based Context Switching 17213571.7 lps (10.0 s, 1 samples)
System Benchmarks Partial Index BASELINE RESULT INDEX
Pipe-based Context Switching 4000.0 17213571.7 43033.9
========
System Benchmarks Index Score (Partial Only) 43033.9
after this patch
0 CPUs in system; running 96 parallel copies of tests
Pipe-based Context Switching 20321268.3 lps (10.0 s, 1 samples)
System Benchmarks Partial Index BASELINE RESULT INDEX
Pipe-based Context Switching 4000.0 20321268.3 50803.2
========
System Benchmarks Index Score (Partial Only) 50803.2
Signed-off-by: Jialin Zhang <zhangjialin11(a)huawei.com>
Reviewed-by: Xie XiuQi <xiexiuqi(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
kernel/time/timekeeping.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
index e3142bf7648e..c8d9b89a7571 100644
--- a/kernel/time/timekeeping.c
+++ b/kernel/time/timekeeping.c
@@ -52,6 +52,9 @@ static struct {
u64 padding[8];
#endif
seqcount_raw_spinlock_t seq;
+#ifdef CONFIG_ARCH_LLC_128_LINE_SIZE
+ u64 padding2[2];
+#endif
struct timekeeper timekeeper;
#ifdef CONFIG_ARCH_LLC_128_LINE_SIZE
} tk_core ____cacheline_aligned_128 = {
--
2.20.1
1
0
[PATCH openEuler-1.0-LTS 1/2] power: supply: wm8350-power: Add missing free in free_charger_irq
by Yongqiang Liu 24 Dec '22
by Yongqiang Liu 24 Dec '22
24 Dec '22
From: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
stable inclusion
from stable-v4.19.269
commit 60dd1082322966f192f42fe2a6605dfa08eef41f
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6694F
CVE: CVE-2022-3111
--------------------------------
[ Upstream commit 6dee930f6f6776d1e5a7edf542c6863b47d9f078 ]
In free_charger_irq(), there is no free for 'WM8350_IRQ_CHG_FAST_RDY'.
Therefore, it should be better to add it in order to avoid the memory leak.
Fixes: 14431aa0c5a4 ("power_supply: Add support for WM8350 PMU")
Signed-off-by: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
Acked-by: Charles Keepax <ckeepax(a)opensource.cirrus.com>
Signed-off-by: Sebastian Reichel <sebastian.reichel(a)collabora.com>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Chen jun <chenjun102(a)huawei.com>
Reviewed-by: chenweilong <chenweilong(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/power/supply/wm8350_power.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/power/supply/wm8350_power.c b/drivers/power/supply/wm8350_power.c
index 15c0ca15e2aa..034ddfe3b62c 100644
--- a/drivers/power/supply/wm8350_power.c
+++ b/drivers/power/supply/wm8350_power.c
@@ -459,6 +459,7 @@ static void free_charger_irq(struct wm8350 *wm8350)
wm8350_free_irq(wm8350, WM8350_IRQ_CHG_TO, wm8350);
wm8350_free_irq(wm8350, WM8350_IRQ_CHG_END, wm8350);
wm8350_free_irq(wm8350, WM8350_IRQ_CHG_START, wm8350);
+ wm8350_free_irq(wm8350, WM8350_IRQ_CHG_FAST_RDY, wm8350);
wm8350_free_irq(wm8350, WM8350_IRQ_CHG_VBATT_LT_3P9, wm8350);
wm8350_free_irq(wm8350, WM8350_IRQ_CHG_VBATT_LT_3P1, wm8350);
wm8350_free_irq(wm8350, WM8350_IRQ_CHG_VBATT_LT_2P85, wm8350);
--
2.25.1
1
1
[PATCH openEuler-1.0-LTS] media: dvb-core: Fix UAF due to refcount races at releasing
by Yongqiang Liu 24 Dec '22
by Yongqiang Liu 24 Dec '22
24 Dec '22
From: Takashi Iwai <tiwai(a)suse.de>
stable inclusion
from stable-v6.1.1
commit fd3d91ab1c6ab0628fe642dd570b56302c30a792
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5SDE4
CVE: CVE-2022-41218
--------------------------------
The dvb-core tries to sync the releases of opened files at
dvb_dmxdev_release() with two refcounts: dvbdev->users and
dvr_dvbdev->users. A problem is present in those two syncs: when yet
another dvb_demux_open() is called during those sync waits,
dvb_demux_open() continues to process even if the device is being
closed. This includes the increment of the former refcount, resulting
in the leftover refcount after the sync of the latter refcount at
dvb_dmxdev_release(). It ends up with use-after-free, since the
function believes that all usages were gone and releases the
resources.
This patch addresses the problem by adding the check of dmxdev->exit
flag at dvb_demux_open(), just like dvb_dvr_open() already does. With
the exit flag check, the second call of dvb_demux_open() fails, hence
the further corruption can be avoided.
Also for avoiding the races of the dmxdev->exit flag reference, this
patch serializes the dmxdev->exit set up and the sync waits with the
dmxdev->mutex lock at dvb_dmxdev_release(). Without the mutex lock,
dvb_demux_open() (or dvb_dvr_open()) may run concurrently with
dvb_dmxdev_release(), which allows to skip the exit flag check and
continue the open process that is being closed.
CVE-2022-41218 is assigned to those bugs above.
Reported-by: Hyunwoo Kim <imv4bel(a)gmail.com>
Cc: <stable(a)vger.kernel.org>
Link: https://lore.kernel.org/20220908132754.30532-1-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai(a)suse.de>
Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl>
Signed-off-by: Ren Zhijie <renzhijie2(a)huawei.com>
Reviewed-by: songping yu <yusongping(a)huawei.com>
Reviewed-by: Zhang Qiao <zhangqiao22(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/media/dvb-core/dmxdev.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/drivers/media/dvb-core/dmxdev.c b/drivers/media/dvb-core/dmxdev.c
index d548f98c7a67..6f0121aa546e 100644
--- a/drivers/media/dvb-core/dmxdev.c
+++ b/drivers/media/dvb-core/dmxdev.c
@@ -800,6 +800,11 @@ static int dvb_demux_open(struct inode *inode, struct file *file)
if (mutex_lock_interruptible(&dmxdev->mutex))
return -ERESTARTSYS;
+ if (dmxdev->exit) {
+ mutex_unlock(&dmxdev->mutex);
+ return -ENODEV;
+ }
+
for (i = 0; i < dmxdev->filternum; i++)
if (dmxdev->filter[i].state == DMXDEV_STATE_FREE)
break;
@@ -1445,7 +1450,10 @@ EXPORT_SYMBOL(dvb_dmxdev_init);
void dvb_dmxdev_release(struct dmxdev *dmxdev)
{
+ mutex_lock(&dmxdev->mutex);
dmxdev->exit = 1;
+ mutex_unlock(&dmxdev->mutex);
+
if (dmxdev->dvbdev->users > 1) {
wait_event(dmxdev->dvbdev->wait_queue,
dmxdev->dvbdev->users == 1);
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS] sched: Reinit task's vruntime if a task sleep over 200 days
by Yongqiang Liu 24 Dec '22
by Yongqiang Liu 24 Dec '22
24 Dec '22
From: Zhang Qiao <zhangqiao22(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I67BL1
CVE: NA
-------------------------------
If a task sleep for long time, it maybe cause a s64 overflow
issue at max_vruntime() and the task will be set an incorrect
vruntime, lead to the task be starve.
For fix it, we set the task's vruntime as cfs_rq->min_vruntime
when wakeup.
Signed-off-by: Zhang Qiao <zhangqiao22(a)huawei.com>
Reviewed-by: Chen Hui <judy.chenhui(a)huawei.com>
Reviewed-by: songping yu <yusongping(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
kernel/sched/fair.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index 0dba06ce0677..ad6a7923c9ed 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -3949,10 +3949,14 @@ static void check_spread(struct cfs_rq *cfs_rq, struct sched_entity *se)
#endif
}
+/* The threshold when the wakee's vruntime should be set cfs_rq->min_vruntime, default: 200 days */
+#define WAKEUP_REINIT_THRESHOLD_NS (200 * 24 * 3600 * NSEC_PER_SEC)
+
static void
place_entity(struct cfs_rq *cfs_rq, struct sched_entity *se, int initial)
{
u64 vruntime = cfs_rq->min_vruntime;
+ struct rq *rq = rq_of(cfs_rq);
/*
* The 'current' period is already promised to the current tasks,
@@ -3977,8 +3981,11 @@ place_entity(struct cfs_rq *cfs_rq, struct sched_entity *se, int initial)
vruntime -= thresh;
}
+ if (unlikely(!initial && (s64)(rq_clock_task(rq) - se->exec_start) > WAKEUP_REINIT_THRESHOLD_NS))
+ se->vruntime = vruntime;
+ else
/* ensure we never gain time by being placed backwards. */
- se->vruntime = max_vruntime(se->vruntime, vruntime);
+ se->vruntime = max_vruntime(se->vruntime, vruntime);
}
static void check_enqueue_throttle(struct cfs_rq *cfs_rq);
--
2.25.1
1
0
[PATCH OLK-5.10 1/2] Revert "scsi: iscsi: fix kabi broken in struct iscsi_transport"
by Yongqiang Liu 23 Dec '22
by Yongqiang Liu 23 Dec '22
23 Dec '22
From: Li Nan <linan122(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 188176, https://gitee.com/openeuler/kernel/issues/I67294
CVE: NA
--------------------------------
This reverts commit 230035efb98b6edc066f3671e092a25013a131a2.
Drivers use tgt_dscvr will compile failed because API has changed.
Signed-off-by: Li Nan <linan122(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
---
drivers/infiniband/ulp/iser/iscsi_iser.c | 9 ++-----
drivers/scsi/be2iscsi/be_main.c | 9 ++-----
drivers/scsi/bnx2i/bnx2i_iscsi.c | 9 ++-----
drivers/scsi/cxgbi/cxgb3i/cxgb3i.c | 9 ++-----
drivers/scsi/cxgbi/cxgb4i/cxgb4i.c | 9 ++-----
drivers/scsi/qedi/qedi_iscsi.c | 8 ++----
drivers/scsi/qla4xxx/ql4_os.c | 8 ++----
drivers/scsi/scsi_transport_iscsi.c | 31 ++++++------------------
include/scsi/iscsi_if.h | 1 -
include/scsi/scsi_transport_iscsi.h | 17 +------------
10 files changed, 23 insertions(+), 87 deletions(-)
diff --git a/drivers/infiniband/ulp/iser/iscsi_iser.c b/drivers/infiniband/ulp/iser/iscsi_iser.c
index 4884b122e413..a16e066989fa 100644
--- a/drivers/infiniband/ulp/iser/iscsi_iser.c
+++ b/drivers/infiniband/ulp/iser/iscsi_iser.c
@@ -979,22 +979,17 @@ static struct scsi_host_template iscsi_iser_sht = {
.track_queue_depth = 1,
};
-static struct iscsi_transport_expand iscsi_iser_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport iscsi_iser_transport = {
.owner = THIS_MODULE,
.name = "iser",
- .caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_TEXT_NEGO
- | CAP_OPS_EXPAND,
+ .caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_TEXT_NEGO,
/* session management */
.create_session = iscsi_iser_session_create,
.destroy_session = iscsi_iser_session_destroy,
/* connection management */
.create_conn = iscsi_iser_conn_create,
.bind_conn = iscsi_iser_conn_bind,
- .ops_expand = &iscsi_iser_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_conn_teardown,
.attr_is_visible = iser_attr_is_visible,
.set_param = iscsi_iser_set_param,
diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c
index 06f697bfc49f..b977e039bb78 100644
--- a/drivers/scsi/be2iscsi/be_main.c
+++ b/drivers/scsi/be2iscsi/be_main.c
@@ -5801,21 +5801,16 @@ static struct pci_error_handlers beiscsi_eeh_handlers = {
.resume = beiscsi_eeh_resume,
};
-struct iscsi_transport_expand beiscsi_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
struct iscsi_transport beiscsi_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRV_NAME,
.caps = CAP_RECOVERY_L0 | CAP_HDRDGST | CAP_TEXT_NEGO |
- CAP_MULTI_R2T | CAP_DATADGST | CAP_DATA_PATH_OFFLOAD |
- CAP_OPS_EXPAND,
+ CAP_MULTI_R2T | CAP_DATADGST | CAP_DATA_PATH_OFFLOAD,
.create_session = beiscsi_session_create,
.destroy_session = beiscsi_session_destroy,
.create_conn = beiscsi_conn_create,
.bind_conn = beiscsi_conn_bind,
- .ops_expand = &beiscsi_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_conn_teardown,
.attr_is_visible = beiscsi_attr_is_visible,
.set_iface_param = beiscsi_iface_set_param,
diff --git a/drivers/scsi/bnx2i/bnx2i_iscsi.c b/drivers/scsi/bnx2i/bnx2i_iscsi.c
index e13c77a76150..8cf2f9a7cfdc 100644
--- a/drivers/scsi/bnx2i/bnx2i_iscsi.c
+++ b/drivers/scsi/bnx2i/bnx2i_iscsi.c
@@ -2274,23 +2274,18 @@ static struct scsi_host_template bnx2i_host_template = {
.track_queue_depth = 1,
};
-
-static struct iscsi_transport_expand bnx2i_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
struct iscsi_transport bnx2i_iscsi_transport = {
.owner = THIS_MODULE,
.name = "bnx2i",
.caps = CAP_RECOVERY_L0 | CAP_HDRDGST |
CAP_MULTI_R2T | CAP_DATADGST |
CAP_DATA_PATH_OFFLOAD |
- CAP_TEXT_NEGO | CAP_OPS_EXPAND,
+ CAP_TEXT_NEGO,
.create_session = bnx2i_session_create,
.destroy_session = bnx2i_session_destroy,
.create_conn = bnx2i_conn_create,
.bind_conn = bnx2i_conn_bind,
- .ops_expand = &bnx2i_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = bnx2i_conn_destroy,
.attr_is_visible = bnx2i_attr_is_visible,
.set_param = iscsi_set_param,
diff --git a/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c b/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c
index 65eb6230d390..edcd3fab6973 100644
--- a/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c
+++ b/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c
@@ -100,18 +100,13 @@ static struct scsi_host_template cxgb3i_host_template = {
.track_queue_depth = 1,
};
-static struct iscsi_transport_expand cxgb3i_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport cxgb3i_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRV_MODULE_NAME,
/* owner and name should be set already */
.caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_HDRDGST
| CAP_DATADGST | CAP_DIGEST_OFFLOAD |
- CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO |
- CAP_OPS_EXPAND,
+ CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO,
.attr_is_visible = cxgbi_attr_is_visible,
.get_host_param = cxgbi_get_host_param,
.set_host_param = cxgbi_set_host_param,
@@ -122,7 +117,7 @@ static struct iscsi_transport cxgb3i_iscsi_transport = {
/* connection management */
.create_conn = cxgbi_create_conn,
.bind_conn = cxgbi_bind_conn,
- .ops_expand = &cxgb3i_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_tcp_conn_teardown,
.start_conn = iscsi_conn_start,
.stop_conn = iscsi_conn_stop,
diff --git a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
index 88f96964c356..efb3e2b3398e 100644
--- a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
+++ b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
@@ -118,17 +118,12 @@ static struct scsi_host_template cxgb4i_host_template = {
.track_queue_depth = 1,
};
-static struct iscsi_transport_expand cxgb4i_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport cxgb4i_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRV_MODULE_NAME,
.caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_HDRDGST |
CAP_DATADGST | CAP_DIGEST_OFFLOAD |
- CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO |
- CAP_OPS_EXPAND,
+ CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO,
.attr_is_visible = cxgbi_attr_is_visible,
.get_host_param = cxgbi_get_host_param,
.set_host_param = cxgbi_set_host_param,
@@ -139,7 +134,7 @@ static struct iscsi_transport cxgb4i_iscsi_transport = {
/* connection management */
.create_conn = cxgbi_create_conn,
.bind_conn = cxgbi_bind_conn,
- .ops_expand = &cxgb4i_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_tcp_conn_teardown,
.start_conn = iscsi_conn_start,
.stop_conn = iscsi_conn_stop,
diff --git a/drivers/scsi/qedi/qedi_iscsi.c b/drivers/scsi/qedi/qedi_iscsi.c
index 8003b3519b95..3bcadb3dd40d 100644
--- a/drivers/scsi/qedi/qedi_iscsi.c
+++ b/drivers/scsi/qedi/qedi_iscsi.c
@@ -1429,20 +1429,16 @@ static void qedi_cleanup_task(struct iscsi_task *task)
cmd->scsi_cmd = NULL;
}
-static struct iscsi_transport_expand qedi_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
struct iscsi_transport qedi_iscsi_transport = {
.owner = THIS_MODULE,
.name = QEDI_MODULE_NAME,
.caps = CAP_RECOVERY_L0 | CAP_HDRDGST | CAP_MULTI_R2T | CAP_DATADGST |
- CAP_DATA_PATH_OFFLOAD | CAP_TEXT_NEGO | CAP_OPS_EXPAND,
+ CAP_DATA_PATH_OFFLOAD | CAP_TEXT_NEGO,
.create_session = qedi_session_create,
.destroy_session = qedi_session_destroy,
.create_conn = qedi_conn_create,
.bind_conn = qedi_conn_bind,
- .ops_expand = &qedi_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.start_conn = qedi_conn_start,
.stop_conn = iscsi_conn_stop,
.destroy_conn = qedi_conn_destroy,
diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c
index 377d83762099..8d82d2a83059 100644
--- a/drivers/scsi/qla4xxx/ql4_os.c
+++ b/drivers/scsi/qla4xxx/ql4_os.c
@@ -246,24 +246,20 @@ static struct scsi_host_template qla4xxx_driver_template = {
.vendor_id = SCSI_NL_VID_TYPE_PCI | PCI_VENDOR_ID_QLOGIC,
};
-static struct iscsi_transport_expand qla4xxx_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport qla4xxx_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRIVER_NAME,
.caps = CAP_TEXT_NEGO |
CAP_DATA_PATH_OFFLOAD | CAP_HDRDGST |
CAP_DATADGST | CAP_LOGIN_OFFLOAD |
- CAP_MULTI_R2T | CAP_OPS_EXPAND,
+ CAP_MULTI_R2T,
.attr_is_visible = qla4_attr_is_visible,
.create_session = qla4xxx_session_create,
.destroy_session = qla4xxx_session_destroy,
.start_conn = qla4xxx_conn_start,
.create_conn = qla4xxx_conn_create,
.bind_conn = qla4xxx_conn_bind,
- .ops_expand = &qla4xxx_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.stop_conn = iscsi_conn_stop,
.destroy_conn = qla4xxx_conn_destroy,
.set_param = iscsi_set_param,
diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c
index a213362524c9..517a3c4d879b 100644
--- a/drivers/scsi/scsi_transport_iscsi.c
+++ b/drivers/scsi/scsi_transport_iscsi.c
@@ -2257,11 +2257,7 @@ static void iscsi_ep_disconnect(struct iscsi_cls_conn *conn, bool is_active)
ep = conn->ep;
conn->ep = NULL;
- if (session->transport->caps & CAP_OPS_EXPAND &&
- session->transport->ops_expand &&
- session->transport->ops_expand->unbind_conn)
- session->transport->ops_expand->unbind_conn(conn, is_active);
-
+ session->transport->unbind_conn(conn, is_active);
session->transport->ep_disconnect(ep);
ISCSI_DBG_TRANS_CONN(conn, "disconnect ep done.\n");
}
@@ -3228,19 +3224,10 @@ iscsi_tgt_dscvr(struct iscsi_transport *transport,
struct Scsi_Host *shost;
struct sockaddr *dst_addr;
int err;
- int (*tgt_dscvr)(struct Scsi_Host *shost, enum iscsi_tgt_dscvr type,
- uint32_t enable, struct sockaddr *dst_addr);
- if (transport->caps & CAP_OPS_EXPAND) {
- if (!transport->ops_expand || !transport->ops_expand->tgt_dscvr)
- return -EINVAL;
- tgt_dscvr = transport->ops_expand->tgt_dscvr;
- } else {
- if (!transport->ops_expand)
- return -EINVAL;
- tgt_dscvr = (int (*)(struct Scsi_Host *, enum iscsi_tgt_dscvr, uint32_t,
- struct sockaddr *))(transport->ops_expand);
- }
+ if (!transport->tgt_dscvr)
+ return -EINVAL;
+
shost = scsi_host_lookup(ev->u.tgt_dscvr.host_no);
if (!shost) {
printk(KERN_ERR "target discovery could not find host no %u\n",
@@ -3250,8 +3237,8 @@ iscsi_tgt_dscvr(struct iscsi_transport *transport,
dst_addr = (struct sockaddr *)((char*)ev + sizeof(*ev));
- err = tgt_dscvr(shost, ev->u.tgt_dscvr.type,
- ev->u.tgt_dscvr.enable, dst_addr);
+ err = transport->tgt_dscvr(shost, ev->u.tgt_dscvr.type,
+ ev->u.tgt_dscvr.enable, dst_addr);
scsi_host_put(shost);
return err;
}
@@ -4904,10 +4891,8 @@ iscsi_register_transport(struct iscsi_transport *tt)
int err;
BUG_ON(!tt);
- if (tt->caps & CAP_OPS_EXPAND) {
- BUG_ON(!tt->ops_expand);
- WARN_ON(tt->ep_disconnect && !tt->ops_expand->unbind_conn);
- }
+ WARN_ON(tt->ep_disconnect && !tt->unbind_conn);
+
priv = iscsi_if_transport_lookup(tt);
if (priv)
return NULL;
diff --git a/include/scsi/iscsi_if.h b/include/scsi/iscsi_if.h
index 5679b9fb2b1e..5225a23f2d0e 100644
--- a/include/scsi/iscsi_if.h
+++ b/include/scsi/iscsi_if.h
@@ -761,7 +761,6 @@ enum iscsi_ping_status_code {
and verification */
#define CAP_LOGIN_OFFLOAD 0x4000 /* offload session login */
-#define CAP_OPS_EXPAND 0x8000 /* oiscsi_transport->ops_expand flag */
/*
* These flags describes reason of stop_conn() call
*/
diff --git a/include/scsi/scsi_transport_iscsi.h b/include/scsi/scsi_transport_iscsi.h
index 1f7574d89822..b7fd8b738aa8 100644
--- a/include/scsi/scsi_transport_iscsi.h
+++ b/include/scsi/scsi_transport_iscsi.h
@@ -29,15 +29,6 @@ struct bsg_job;
struct iscsi_bus_flash_session;
struct iscsi_bus_flash_conn;
-/*
- * The expansion of iscsi_transport to fix kabi while adding members.
- */
-struct iscsi_transport_expand {
- int (*tgt_dscvr)(struct Scsi_Host *shost, enum iscsi_tgt_dscvr type,
- uint32_t enable, struct sockaddr *dst_addr);
- void (*unbind_conn)(struct iscsi_cls_conn *conn, bool is_active);
-};
-
/**
* struct iscsi_transport - iSCSI Transport template
*
@@ -91,6 +82,7 @@ struct iscsi_transport {
void (*destroy_session) (struct iscsi_cls_session *session);
struct iscsi_cls_conn *(*create_conn) (struct iscsi_cls_session *sess,
uint32_t cid);
+ void (*unbind_conn) (struct iscsi_cls_conn *conn, bool is_active);
int (*bind_conn) (struct iscsi_cls_session *session,
struct iscsi_cls_conn *cls_conn,
uint64_t transport_eph, int is_leading);
@@ -132,15 +124,8 @@ struct iscsi_transport {
int non_blocking);
int (*ep_poll) (struct iscsi_endpoint *ep, int timeout_ms);
void (*ep_disconnect) (struct iscsi_endpoint *ep);
-#ifdef __GENKSYMS__
int (*tgt_dscvr) (struct Scsi_Host *shost, enum iscsi_tgt_dscvr type,
uint32_t enable, struct sockaddr *dst_addr);
-#else
- /*
- * onece ops_expand is used, caps must be set to CAP_OPS_EXPAND
- */
- struct iscsi_transport_expand *ops_expand;
-#endif
int (*set_path) (struct Scsi_Host *shost, struct iscsi_path *params);
int (*set_iface_param) (struct Scsi_Host *shost, void *data,
uint32_t len);
--
2.27.0
1
1
[PATCH openEuler-5.10 1/2] Revert "scsi: iscsi: fix kabi broken in struct iscsi_transport"
by Zheng Zengkai 22 Dec '22
by Zheng Zengkai 22 Dec '22
22 Dec '22
From: Li Nan <linan122(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 188176, https://gitee.com/openeuler/kernel/issues/I67294
CVE: NA
--------------------------------
This reverts commit 230035efb98b6edc066f3671e092a25013a131a2.
Drivers use tgt_dscvr will compile failed because API has changed.
Signed-off-by: Li Nan <linan122(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/infiniband/ulp/iser/iscsi_iser.c | 9 ++-----
drivers/scsi/be2iscsi/be_main.c | 9 ++-----
drivers/scsi/bnx2i/bnx2i_iscsi.c | 9 ++-----
drivers/scsi/cxgbi/cxgb3i/cxgb3i.c | 9 ++-----
drivers/scsi/cxgbi/cxgb4i/cxgb4i.c | 9 ++-----
drivers/scsi/qedi/qedi_iscsi.c | 8 ++----
drivers/scsi/qla4xxx/ql4_os.c | 8 ++----
drivers/scsi/scsi_transport_iscsi.c | 31 ++++++------------------
include/scsi/iscsi_if.h | 1 -
include/scsi/scsi_transport_iscsi.h | 17 +------------
10 files changed, 23 insertions(+), 87 deletions(-)
diff --git a/drivers/infiniband/ulp/iser/iscsi_iser.c b/drivers/infiniband/ulp/iser/iscsi_iser.c
index 4884b122e413..a16e066989fa 100644
--- a/drivers/infiniband/ulp/iser/iscsi_iser.c
+++ b/drivers/infiniband/ulp/iser/iscsi_iser.c
@@ -979,22 +979,17 @@ static struct scsi_host_template iscsi_iser_sht = {
.track_queue_depth = 1,
};
-static struct iscsi_transport_expand iscsi_iser_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport iscsi_iser_transport = {
.owner = THIS_MODULE,
.name = "iser",
- .caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_TEXT_NEGO
- | CAP_OPS_EXPAND,
+ .caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_TEXT_NEGO,
/* session management */
.create_session = iscsi_iser_session_create,
.destroy_session = iscsi_iser_session_destroy,
/* connection management */
.create_conn = iscsi_iser_conn_create,
.bind_conn = iscsi_iser_conn_bind,
- .ops_expand = &iscsi_iser_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_conn_teardown,
.attr_is_visible = iser_attr_is_visible,
.set_param = iscsi_iser_set_param,
diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c
index 06f697bfc49f..b977e039bb78 100644
--- a/drivers/scsi/be2iscsi/be_main.c
+++ b/drivers/scsi/be2iscsi/be_main.c
@@ -5801,21 +5801,16 @@ static struct pci_error_handlers beiscsi_eeh_handlers = {
.resume = beiscsi_eeh_resume,
};
-struct iscsi_transport_expand beiscsi_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
struct iscsi_transport beiscsi_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRV_NAME,
.caps = CAP_RECOVERY_L0 | CAP_HDRDGST | CAP_TEXT_NEGO |
- CAP_MULTI_R2T | CAP_DATADGST | CAP_DATA_PATH_OFFLOAD |
- CAP_OPS_EXPAND,
+ CAP_MULTI_R2T | CAP_DATADGST | CAP_DATA_PATH_OFFLOAD,
.create_session = beiscsi_session_create,
.destroy_session = beiscsi_session_destroy,
.create_conn = beiscsi_conn_create,
.bind_conn = beiscsi_conn_bind,
- .ops_expand = &beiscsi_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_conn_teardown,
.attr_is_visible = beiscsi_attr_is_visible,
.set_iface_param = beiscsi_iface_set_param,
diff --git a/drivers/scsi/bnx2i/bnx2i_iscsi.c b/drivers/scsi/bnx2i/bnx2i_iscsi.c
index e13c77a76150..8cf2f9a7cfdc 100644
--- a/drivers/scsi/bnx2i/bnx2i_iscsi.c
+++ b/drivers/scsi/bnx2i/bnx2i_iscsi.c
@@ -2274,23 +2274,18 @@ static struct scsi_host_template bnx2i_host_template = {
.track_queue_depth = 1,
};
-
-static struct iscsi_transport_expand bnx2i_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
struct iscsi_transport bnx2i_iscsi_transport = {
.owner = THIS_MODULE,
.name = "bnx2i",
.caps = CAP_RECOVERY_L0 | CAP_HDRDGST |
CAP_MULTI_R2T | CAP_DATADGST |
CAP_DATA_PATH_OFFLOAD |
- CAP_TEXT_NEGO | CAP_OPS_EXPAND,
+ CAP_TEXT_NEGO,
.create_session = bnx2i_session_create,
.destroy_session = bnx2i_session_destroy,
.create_conn = bnx2i_conn_create,
.bind_conn = bnx2i_conn_bind,
- .ops_expand = &bnx2i_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = bnx2i_conn_destroy,
.attr_is_visible = bnx2i_attr_is_visible,
.set_param = iscsi_set_param,
diff --git a/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c b/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c
index 65eb6230d390..edcd3fab6973 100644
--- a/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c
+++ b/drivers/scsi/cxgbi/cxgb3i/cxgb3i.c
@@ -100,18 +100,13 @@ static struct scsi_host_template cxgb3i_host_template = {
.track_queue_depth = 1,
};
-static struct iscsi_transport_expand cxgb3i_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport cxgb3i_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRV_MODULE_NAME,
/* owner and name should be set already */
.caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_HDRDGST
| CAP_DATADGST | CAP_DIGEST_OFFLOAD |
- CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO |
- CAP_OPS_EXPAND,
+ CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO,
.attr_is_visible = cxgbi_attr_is_visible,
.get_host_param = cxgbi_get_host_param,
.set_host_param = cxgbi_set_host_param,
@@ -122,7 +117,7 @@ static struct iscsi_transport cxgb3i_iscsi_transport = {
/* connection management */
.create_conn = cxgbi_create_conn,
.bind_conn = cxgbi_bind_conn,
- .ops_expand = &cxgb3i_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_tcp_conn_teardown,
.start_conn = iscsi_conn_start,
.stop_conn = iscsi_conn_stop,
diff --git a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
index 88f96964c356..efb3e2b3398e 100644
--- a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
+++ b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
@@ -118,17 +118,12 @@ static struct scsi_host_template cxgb4i_host_template = {
.track_queue_depth = 1,
};
-static struct iscsi_transport_expand cxgb4i_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport cxgb4i_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRV_MODULE_NAME,
.caps = CAP_RECOVERY_L0 | CAP_MULTI_R2T | CAP_HDRDGST |
CAP_DATADGST | CAP_DIGEST_OFFLOAD |
- CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO |
- CAP_OPS_EXPAND,
+ CAP_PADDING_OFFLOAD | CAP_TEXT_NEGO,
.attr_is_visible = cxgbi_attr_is_visible,
.get_host_param = cxgbi_get_host_param,
.set_host_param = cxgbi_set_host_param,
@@ -139,7 +134,7 @@ static struct iscsi_transport cxgb4i_iscsi_transport = {
/* connection management */
.create_conn = cxgbi_create_conn,
.bind_conn = cxgbi_bind_conn,
- .ops_expand = &cxgb4i_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.destroy_conn = iscsi_tcp_conn_teardown,
.start_conn = iscsi_conn_start,
.stop_conn = iscsi_conn_stop,
diff --git a/drivers/scsi/qedi/qedi_iscsi.c b/drivers/scsi/qedi/qedi_iscsi.c
index 8003b3519b95..3bcadb3dd40d 100644
--- a/drivers/scsi/qedi/qedi_iscsi.c
+++ b/drivers/scsi/qedi/qedi_iscsi.c
@@ -1429,20 +1429,16 @@ static void qedi_cleanup_task(struct iscsi_task *task)
cmd->scsi_cmd = NULL;
}
-static struct iscsi_transport_expand qedi_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
struct iscsi_transport qedi_iscsi_transport = {
.owner = THIS_MODULE,
.name = QEDI_MODULE_NAME,
.caps = CAP_RECOVERY_L0 | CAP_HDRDGST | CAP_MULTI_R2T | CAP_DATADGST |
- CAP_DATA_PATH_OFFLOAD | CAP_TEXT_NEGO | CAP_OPS_EXPAND,
+ CAP_DATA_PATH_OFFLOAD | CAP_TEXT_NEGO,
.create_session = qedi_session_create,
.destroy_session = qedi_session_destroy,
.create_conn = qedi_conn_create,
.bind_conn = qedi_conn_bind,
- .ops_expand = &qedi_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.start_conn = qedi_conn_start,
.stop_conn = iscsi_conn_stop,
.destroy_conn = qedi_conn_destroy,
diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c
index 377d83762099..8d82d2a83059 100644
--- a/drivers/scsi/qla4xxx/ql4_os.c
+++ b/drivers/scsi/qla4xxx/ql4_os.c
@@ -246,24 +246,20 @@ static struct scsi_host_template qla4xxx_driver_template = {
.vendor_id = SCSI_NL_VID_TYPE_PCI | PCI_VENDOR_ID_QLOGIC,
};
-static struct iscsi_transport_expand qla4xxx_iscsi_expand = {
- .unbind_conn = iscsi_conn_unbind,
-};
-
static struct iscsi_transport qla4xxx_iscsi_transport = {
.owner = THIS_MODULE,
.name = DRIVER_NAME,
.caps = CAP_TEXT_NEGO |
CAP_DATA_PATH_OFFLOAD | CAP_HDRDGST |
CAP_DATADGST | CAP_LOGIN_OFFLOAD |
- CAP_MULTI_R2T | CAP_OPS_EXPAND,
+ CAP_MULTI_R2T,
.attr_is_visible = qla4_attr_is_visible,
.create_session = qla4xxx_session_create,
.destroy_session = qla4xxx_session_destroy,
.start_conn = qla4xxx_conn_start,
.create_conn = qla4xxx_conn_create,
.bind_conn = qla4xxx_conn_bind,
- .ops_expand = &qla4xxx_iscsi_expand,
+ .unbind_conn = iscsi_conn_unbind,
.stop_conn = iscsi_conn_stop,
.destroy_conn = qla4xxx_conn_destroy,
.set_param = iscsi_set_param,
diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c
index a213362524c9..517a3c4d879b 100644
--- a/drivers/scsi/scsi_transport_iscsi.c
+++ b/drivers/scsi/scsi_transport_iscsi.c
@@ -2257,11 +2257,7 @@ static void iscsi_ep_disconnect(struct iscsi_cls_conn *conn, bool is_active)
ep = conn->ep;
conn->ep = NULL;
- if (session->transport->caps & CAP_OPS_EXPAND &&
- session->transport->ops_expand &&
- session->transport->ops_expand->unbind_conn)
- session->transport->ops_expand->unbind_conn(conn, is_active);
-
+ session->transport->unbind_conn(conn, is_active);
session->transport->ep_disconnect(ep);
ISCSI_DBG_TRANS_CONN(conn, "disconnect ep done.\n");
}
@@ -3228,19 +3224,10 @@ iscsi_tgt_dscvr(struct iscsi_transport *transport,
struct Scsi_Host *shost;
struct sockaddr *dst_addr;
int err;
- int (*tgt_dscvr)(struct Scsi_Host *shost, enum iscsi_tgt_dscvr type,
- uint32_t enable, struct sockaddr *dst_addr);
- if (transport->caps & CAP_OPS_EXPAND) {
- if (!transport->ops_expand || !transport->ops_expand->tgt_dscvr)
- return -EINVAL;
- tgt_dscvr = transport->ops_expand->tgt_dscvr;
- } else {
- if (!transport->ops_expand)
- return -EINVAL;
- tgt_dscvr = (int (*)(struct Scsi_Host *, enum iscsi_tgt_dscvr, uint32_t,
- struct sockaddr *))(transport->ops_expand);
- }
+ if (!transport->tgt_dscvr)
+ return -EINVAL;
+
shost = scsi_host_lookup(ev->u.tgt_dscvr.host_no);
if (!shost) {
printk(KERN_ERR "target discovery could not find host no %u\n",
@@ -3250,8 +3237,8 @@ iscsi_tgt_dscvr(struct iscsi_transport *transport,
dst_addr = (struct sockaddr *)((char*)ev + sizeof(*ev));
- err = tgt_dscvr(shost, ev->u.tgt_dscvr.type,
- ev->u.tgt_dscvr.enable, dst_addr);
+ err = transport->tgt_dscvr(shost, ev->u.tgt_dscvr.type,
+ ev->u.tgt_dscvr.enable, dst_addr);
scsi_host_put(shost);
return err;
}
@@ -4904,10 +4891,8 @@ iscsi_register_transport(struct iscsi_transport *tt)
int err;
BUG_ON(!tt);
- if (tt->caps & CAP_OPS_EXPAND) {
- BUG_ON(!tt->ops_expand);
- WARN_ON(tt->ep_disconnect && !tt->ops_expand->unbind_conn);
- }
+ WARN_ON(tt->ep_disconnect && !tt->unbind_conn);
+
priv = iscsi_if_transport_lookup(tt);
if (priv)
return NULL;
diff --git a/include/scsi/iscsi_if.h b/include/scsi/iscsi_if.h
index 5679b9fb2b1e..5225a23f2d0e 100644
--- a/include/scsi/iscsi_if.h
+++ b/include/scsi/iscsi_if.h
@@ -761,7 +761,6 @@ enum iscsi_ping_status_code {
and verification */
#define CAP_LOGIN_OFFLOAD 0x4000 /* offload session login */
-#define CAP_OPS_EXPAND 0x8000 /* oiscsi_transport->ops_expand flag */
/*
* These flags describes reason of stop_conn() call
*/
diff --git a/include/scsi/scsi_transport_iscsi.h b/include/scsi/scsi_transport_iscsi.h
index 1f7574d89822..b7fd8b738aa8 100644
--- a/include/scsi/scsi_transport_iscsi.h
+++ b/include/scsi/scsi_transport_iscsi.h
@@ -29,15 +29,6 @@ struct bsg_job;
struct iscsi_bus_flash_session;
struct iscsi_bus_flash_conn;
-/*
- * The expansion of iscsi_transport to fix kabi while adding members.
- */
-struct iscsi_transport_expand {
- int (*tgt_dscvr)(struct Scsi_Host *shost, enum iscsi_tgt_dscvr type,
- uint32_t enable, struct sockaddr *dst_addr);
- void (*unbind_conn)(struct iscsi_cls_conn *conn, bool is_active);
-};
-
/**
* struct iscsi_transport - iSCSI Transport template
*
@@ -91,6 +82,7 @@ struct iscsi_transport {
void (*destroy_session) (struct iscsi_cls_session *session);
struct iscsi_cls_conn *(*create_conn) (struct iscsi_cls_session *sess,
uint32_t cid);
+ void (*unbind_conn) (struct iscsi_cls_conn *conn, bool is_active);
int (*bind_conn) (struct iscsi_cls_session *session,
struct iscsi_cls_conn *cls_conn,
uint64_t transport_eph, int is_leading);
@@ -132,15 +124,8 @@ struct iscsi_transport {
int non_blocking);
int (*ep_poll) (struct iscsi_endpoint *ep, int timeout_ms);
void (*ep_disconnect) (struct iscsi_endpoint *ep);
-#ifdef __GENKSYMS__
int (*tgt_dscvr) (struct Scsi_Host *shost, enum iscsi_tgt_dscvr type,
uint32_t enable, struct sockaddr *dst_addr);
-#else
- /*
- * onece ops_expand is used, caps must be set to CAP_OPS_EXPAND
- */
- struct iscsi_transport_expand *ops_expand;
-#endif
int (*set_path) (struct Scsi_Host *shost, struct iscsi_path *params);
int (*set_iface_param) (struct Scsi_Host *shost, void *data,
uint32_t len);
--
2.20.1
1
1
[PATCH openEuler-1.0-LTS] drm/amdkfd: Check for null pointer after calling kmemdup
by Yongqiang Liu 22 Dec '22
by Yongqiang Liu 22 Dec '22
22 Dec '22
From: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
stable inclusion
from stable-v6.0.14
commit abfaf0eee97925905e742aa3b0b72e04a918fa9e
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6694U
CVE: CVE-2022-3108
--------------------------------
As the possible failure of the allocation, kmemdup() may return NULL
pointer.
Therefore, it should be better to check the 'props2' in order to prevent
the dereference of NULL pointer.
Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs")
Signed-off-by: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
Reviewed-by: Felix Kuehling <Felix.Kuehling(a)amd.com>
Signed-off-by: Felix Kuehling <Felix.Kuehling(a)amd.com>
Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com>
Signed-off-by: Ren Zhijie <renzhijie2(a)huawei.com>
Reviewed-by: songping yu <yusongping(a)huawei.com>
Reviewed-by: Chen Hui <judy.chenhui(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
index ee4996029a86..e84285130bde 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
@@ -397,6 +397,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink,
return -ENODEV;
/* same everything but the other direction */
props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL);
+ if (!props2)
+ return -ENOMEM;
+
props2->node_from = id_to;
props2->node_to = id_from;
props2->kobj = NULL;
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS 1/4] Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
by Yongqiang Liu 19 Dec '22
by Yongqiang Liu 19 Dec '22
19 Dec '22
From: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
stable inclusion
from stable-v4.19.255
commit d0be8347c623e0ac4202a1d4e0373882821f56b0
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I64WCC
CVE: CVE-2022-20566
--------------------------------
commit d0be8347c623e0ac4202a1d4e0373882821f56b0 upstream.
This fixes the following trace which is caused by hci_rx_work starting up
*after* the final channel reference has been put() during sock_close() but
*before* the references to the channel have been destroyed, so instead
the code now rely on kref_get_unless_zero/l2cap_chan_hold_unless_zero to
prevent referencing a channel that is about to be destroyed.
refcount_t: increment on 0; use-after-free.
BUG: KASAN: use-after-free in refcount_dec_and_test+0x20/0xd0
Read of size 4 at addr ffffffc114f5bf18 by task kworker/u17:14/705
CPU: 4 PID: 705 Comm: kworker/u17:14 Tainted: G S W
4.14.234-00003-g1fb6d0bd49a4-dirty #28
Hardware name: Qualcomm Technologies, Inc. SM8150 V2 PM8150
Google Inc. MSM sm8150 Flame DVT (DT)
Workqueue: hci0 hci_rx_work
Call trace:
dump_backtrace+0x0/0x378
show_stack+0x20/0x2c
dump_stack+0x124/0x148
print_address_description+0x80/0x2e8
__kasan_report+0x168/0x188
kasan_report+0x10/0x18
__asan_load4+0x84/0x8c
refcount_dec_and_test+0x20/0xd0
l2cap_chan_put+0x48/0x12c
l2cap_recv_frame+0x4770/0x6550
l2cap_recv_acldata+0x44c/0x7a4
hci_acldata_packet+0x100/0x188
hci_rx_work+0x178/0x23c
process_one_work+0x35c/0x95c
worker_thread+0x4cc/0x960
kthread+0x1a8/0x1c4
ret_from_fork+0x10/0x18
Cc: stable(a)kernel.org
Reported-by: Lee Jones <lee.jones(a)linaro.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Tested-by: Lee Jones <lee.jones(a)linaro.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Lu Jialin <lujialin4(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/net/bluetooth/l2cap.h | 1 +
net/bluetooth/l2cap_core.c | 61 +++++++++++++++++++++++++++--------
2 files changed, 49 insertions(+), 13 deletions(-)
diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h
index 21dbd38f724d..da0ef935c5a9 100644
--- a/include/net/bluetooth/l2cap.h
+++ b/include/net/bluetooth/l2cap.h
@@ -798,6 +798,7 @@ enum {
};
void l2cap_chan_hold(struct l2cap_chan *c);
+struct l2cap_chan *l2cap_chan_hold_unless_zero(struct l2cap_chan *c);
void l2cap_chan_put(struct l2cap_chan *c);
static inline void l2cap_chan_lock(struct l2cap_chan *chan)
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 3b02e881cec1..7c2bb0571573 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -113,7 +113,8 @@ static struct l2cap_chan *__l2cap_get_chan_by_scid(struct l2cap_conn *conn,
}
/* Find channel with given SCID.
- * Returns locked channel. */
+ * Returns a reference locked channel.
+ */
static struct l2cap_chan *l2cap_get_chan_by_scid(struct l2cap_conn *conn,
u16 cid)
{
@@ -121,15 +122,19 @@ static struct l2cap_chan *l2cap_get_chan_by_scid(struct l2cap_conn *conn,
mutex_lock(&conn->chan_lock);
c = __l2cap_get_chan_by_scid(conn, cid);
- if (c)
- l2cap_chan_lock(c);
+ if (c) {
+ /* Only lock if chan reference is not 0 */
+ c = l2cap_chan_hold_unless_zero(c);
+ if (c)
+ l2cap_chan_lock(c);
+ }
mutex_unlock(&conn->chan_lock);
return c;
}
/* Find channel with given DCID.
- * Returns locked channel.
+ * Returns a reference locked channel.
*/
static struct l2cap_chan *l2cap_get_chan_by_dcid(struct l2cap_conn *conn,
u16 cid)
@@ -138,8 +143,12 @@ static struct l2cap_chan *l2cap_get_chan_by_dcid(struct l2cap_conn *conn,
mutex_lock(&conn->chan_lock);
c = __l2cap_get_chan_by_dcid(conn, cid);
- if (c)
- l2cap_chan_lock(c);
+ if (c) {
+ /* Only lock if chan reference is not 0 */
+ c = l2cap_chan_hold_unless_zero(c);
+ if (c)
+ l2cap_chan_lock(c);
+ }
mutex_unlock(&conn->chan_lock);
return c;
@@ -164,8 +173,12 @@ static struct l2cap_chan *l2cap_get_chan_by_ident(struct l2cap_conn *conn,
mutex_lock(&conn->chan_lock);
c = __l2cap_get_chan_by_ident(conn, ident);
- if (c)
- l2cap_chan_lock(c);
+ if (c) {
+ /* Only lock if chan reference is not 0 */
+ c = l2cap_chan_hold_unless_zero(c);
+ if (c)
+ l2cap_chan_lock(c);
+ }
mutex_unlock(&conn->chan_lock);
return c;
@@ -486,6 +499,16 @@ void l2cap_chan_hold(struct l2cap_chan *c)
kref_get(&c->kref);
}
+struct l2cap_chan *l2cap_chan_hold_unless_zero(struct l2cap_chan *c)
+{
+ BT_DBG("chan %p orig refcnt %u", c, kref_read(&c->kref));
+
+ if (!kref_get_unless_zero(&c->kref))
+ return NULL;
+
+ return c;
+}
+
void l2cap_chan_put(struct l2cap_chan *c)
{
BT_DBG("chan %p orig refcnt %d", c, kref_read(&c->kref));
@@ -1796,7 +1819,10 @@ static struct l2cap_chan *l2cap_global_chan_by_psm(int state, __le16 psm,
src_match = !bacmp(&c->src, src);
dst_match = !bacmp(&c->dst, dst);
if (src_match && dst_match) {
- l2cap_chan_hold(c);
+ c = l2cap_chan_hold_unless_zero(c);
+ if (!c)
+ continue;
+
read_unlock(&chan_list_lock);
return c;
}
@@ -1811,7 +1837,7 @@ static struct l2cap_chan *l2cap_global_chan_by_psm(int state, __le16 psm,
}
if (c1)
- l2cap_chan_hold(c1);
+ c1 = l2cap_chan_hold_unless_zero(c1);
read_unlock(&chan_list_lock);
@@ -4198,6 +4224,7 @@ static inline int l2cap_config_req(struct l2cap_conn *conn,
unlock:
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
return err;
}
@@ -4310,6 +4337,7 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn,
done:
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
return err;
}
@@ -5037,6 +5065,7 @@ static inline int l2cap_move_channel_req(struct l2cap_conn *conn,
l2cap_send_move_chan_rsp(chan, result);
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
return 0;
}
@@ -5129,6 +5158,7 @@ static void l2cap_move_continue(struct l2cap_conn *conn, u16 icid, u16 result)
}
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
}
static void l2cap_move_fail(struct l2cap_conn *conn, u8 ident, u16 icid,
@@ -5158,6 +5188,7 @@ static void l2cap_move_fail(struct l2cap_conn *conn, u8 ident, u16 icid,
l2cap_send_move_chan_cfm(chan, L2CAP_MC_UNCONFIRMED);
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
}
static int l2cap_move_channel_rsp(struct l2cap_conn *conn,
@@ -5221,6 +5252,7 @@ static int l2cap_move_channel_confirm(struct l2cap_conn *conn,
l2cap_send_move_chan_cfm_rsp(conn, cmd->ident, icid);
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
return 0;
}
@@ -5256,6 +5288,7 @@ static inline int l2cap_move_channel_confirm_rsp(struct l2cap_conn *conn,
}
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
return 0;
}
@@ -5641,12 +5674,11 @@ static inline int l2cap_le_credits(struct l2cap_conn *conn,
if (credits > max_credits) {
BT_ERR("LE credits overflow");
l2cap_send_disconn_req(chan, ECONNRESET);
- l2cap_chan_unlock(chan);
/* Return 0 so that we don't trigger an unnecessary
* command reject packet.
*/
- return 0;
+ goto unlock;
}
chan->tx_credits += credits;
@@ -5657,7 +5689,9 @@ static inline int l2cap_le_credits(struct l2cap_conn *conn,
if (chan->tx_credits)
chan->ops->resume(chan);
+unlock:
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
return 0;
}
@@ -6989,6 +7023,7 @@ static void l2cap_data_channel(struct l2cap_conn *conn, u16 cid,
done:
l2cap_chan_unlock(chan);
+ l2cap_chan_put(chan);
}
static void l2cap_conless_channel(struct l2cap_conn *conn, __le16 psm,
@@ -7393,7 +7428,7 @@ static struct l2cap_chan *l2cap_global_fixed_chan(struct l2cap_chan *c,
if (src_type != c->src_type)
continue;
- l2cap_chan_hold(c);
+ c = l2cap_chan_hold_unless_zero(c);
read_unlock(&chan_list_lock);
return c;
}
--
2.25.1
1
3
[PATCH openEuler-5.10] cpuidle: add cpuidle-haltpoll driver module parameter
by Zheng Zengkai 19 Dec '22
by Zheng Zengkai 19 Dec '22
19 Dec '22
From: Xiangyou Xie <xiexiangyou(a)huawei.com>
hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I6404X?from=project-issue
CVE: NA
---------------------------
To ensure energy efficiency, haltpoll is disabled by default.
But In some performance scenarios, you can enable haltpoll using
the following methods:
echo Y > /sys/module/cpuidle_haltpoll/parameters/force
Signed-off-by: Xiangyou Xie <xiexiangyou(a)huawei.com>
Reviewed-by: Keqian Zhu <zhukeqian1(a)huawei.com>
Reviewed-by: Qingqing Li <liqingqing3(a)huawei.com>
Reviewed-by: chenhui <judy.chenhui(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/cpuidle/cpuidle-haltpoll.c | 97 +++++++++++++++++++++++-----
drivers/cpuidle/governors/haltpoll.c | 4 +-
2 files changed, 82 insertions(+), 19 deletions(-)
diff --git a/drivers/cpuidle/cpuidle-haltpoll.c b/drivers/cpuidle/cpuidle-haltpoll.c
index e22f7867609b..902af11bd0e0 100644
--- a/drivers/cpuidle/cpuidle-haltpoll.c
+++ b/drivers/cpuidle/cpuidle-haltpoll.c
@@ -18,9 +18,17 @@
#include <linux/kvm_para.h>
#include <linux/cpuidle_haltpoll.h>
-static bool force __read_mostly;
-module_param(force, bool, 0444);
-MODULE_PARM_DESC(force, "Load unconditionally");
+static bool force;
+MODULE_PARM_DESC(force, "bool, enable haltpoll driver");
+static int enable_haltpoll_driver(const char *val, const struct kernel_param *kp);
+static int register_haltpoll_driver(void);
+static void unregister_haltpoll_driver(void);
+
+static const struct kernel_param_ops enable_haltpoll_ops = {
+ .set = enable_haltpoll_driver,
+ .get = param_get_bool,
+};
+module_param_cb(force, &enable_haltpoll_ops, &force, 0644);
static struct cpuidle_device __percpu *haltpoll_cpuidle_devices;
static enum cpuhp_state haltpoll_hp_state;
@@ -36,6 +44,42 @@ static int default_enter_idle(struct cpuidle_device *dev,
return index;
}
+
+static int enable_haltpoll_driver(const char *val, const struct kernel_param *kp)
+{
+#ifdef CONFIG_ARM64
+ int ret;
+ bool do_enable;
+
+ if (!val)
+ return 0;
+
+ ret = strtobool(val, &do_enable);
+
+ if (ret || force == do_enable)
+ return ret;
+
+ if (do_enable) {
+ ret = register_haltpoll_driver();
+
+ if (!ret) {
+ pr_info("Enable haltpoll driver.\n");
+ force = 1;
+ } else {
+ pr_err("Fail to enable haltpoll driver.\n");
+ }
+ } else {
+ unregister_haltpoll_driver();
+ force = 0;
+ pr_info("Unregister haltpoll driver.\n");
+ }
+
+ return ret;
+#else
+ return -1;
+#endif
+}
+
static struct cpuidle_driver haltpoll_driver = {
.name = "haltpoll",
.governor = "haltpoll",
@@ -84,22 +128,18 @@ static int haltpoll_cpu_offline(unsigned int cpu)
return 0;
}
-static void haltpoll_uninit(void)
-{
- if (haltpoll_hp_state)
- cpuhp_remove_state(haltpoll_hp_state);
- cpuidle_unregister_driver(&haltpoll_driver);
-
- free_percpu(haltpoll_cpuidle_devices);
- haltpoll_cpuidle_devices = NULL;
-}
static bool haltpoll_want(void)
{
return kvm_para_has_hint(KVM_HINTS_REALTIME);
}
-static int __init haltpoll_init(void)
+static void haltpoll_uninit(void)
+{
+ unregister_haltpoll_driver();
+}
+
+static int register_haltpoll_driver(void)
{
int ret;
struct cpuidle_driver *drv = &haltpoll_driver;
@@ -112,9 +152,6 @@ static int __init haltpoll_init(void)
cpuidle_poll_state_init(drv);
- if (!force && (!kvm_para_available() || !haltpoll_want()))
- return -ENODEV;
-
ret = cpuidle_register_driver(drv);
if (ret < 0)
return ret;
@@ -137,9 +174,35 @@ static int __init haltpoll_init(void)
return ret;
}
+static void unregister_haltpoll_driver(void)
+{
+ if (haltpoll_hp_state)
+ cpuhp_remove_state(haltpoll_hp_state);
+ cpuidle_unregister_driver(&haltpoll_driver);
+
+ free_percpu(haltpoll_cpuidle_devices);
+ haltpoll_cpuidle_devices = NULL;
+
+}
+
+static int __init haltpoll_init(void)
+{
+ int ret = 0;
+#ifdef CONFIG_X86
+ /* Do not load haltpoll if idle= is passed */
+ if (boot_option_idle_override != IDLE_NO_OVERRIDE)
+ return -ENODEV;
+#endif
+ if (force || (haltpoll_want() && kvm_para_available()))
+ ret = register_haltpoll_driver();
+
+ return ret;
+}
+
static void __exit haltpoll_exit(void)
{
- haltpoll_uninit();
+ if (haltpoll_cpuidle_devices)
+ haltpoll_uninit();
}
module_init(haltpoll_init);
diff --git a/drivers/cpuidle/governors/haltpoll.c b/drivers/cpuidle/governors/haltpoll.c
index 4e814683509e..415004793bf1 100644
--- a/drivers/cpuidle/governors/haltpoll.c
+++ b/drivers/cpuidle/governors/haltpoll.c
@@ -39,7 +39,7 @@ module_param(guest_halt_poll_grow_start, uint, 0644);
static bool guest_halt_poll_allow_shrink __read_mostly = true;
module_param(guest_halt_poll_allow_shrink, bool, 0644);
-static bool enable __read_mostly;
+static bool enable __read_mostly = true;
module_param(enable, bool, 0444);
MODULE_PARM_DESC(enable, "Load unconditionally");
@@ -144,7 +144,7 @@ static struct cpuidle_governor haltpoll_governor = {
static int __init init_haltpoll(void)
{
- if (kvm_para_available() || enable)
+ if (enable)
return cpuidle_register_governor(&haltpoll_governor);
return 0;
--
2.20.1
1
0
[PATCH openEuler-5.10 1/2] block: fix crash on cmpxchg for request_wrapper
by Zheng Zengkai 19 Dec '22
by Zheng Zengkai 19 Dec '22
19 Dec '22
From: Yu Kuai <yukuai3(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65K8D
CVE: NA
--------------------------------
Now that address of request_wrapper is caculated by address of request
plus cmd_size, if cmd_size is not aligned to 8 bytes, request_wrapper
will end up not aligned to 8 bytes as well, which will crash in arm64
because assembly instruction casal requires that operand address is
aligned to 8 bytes:
Internal error: Oops: 96000021 [#1] SMP
pc : blk_account_io_latency+0x54/0x134
Call trace:
blk_account_io_latency+0x54/0x134
blk_account_io_done+0x3c/0x4c
__blk_mq_end_request+0x78/0x134
scsi_end_request+0xcc/0x1f0
scsi_io_completion+0x88/0x240
scsi_finish_command+0x104/0x140
scsi_softirq_done+0x90/0x180
blk_mq_complete_request+0x5c/0x70
scsi_mq_done+0x4c/0x100
Fix the problem by declaring request_wrapper as aligned to cachline, and
placing it before request.
Fixes: 82327165da5c ("blk-mq: don't access request_wrapper if request is not allocated from block layer")
Signed-off-by: Yu Kuai <yukuai3(a)huawei.com>
Reviewed-by: Hou Tao <houtao1(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
block/blk-flush.c | 8 +++++---
block/blk-mq.c | 2 +-
block/blk-mq.h | 9 +++------
3 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/block/blk-flush.c b/block/blk-flush.c
index 65753f781c20..093c581a2651 100644
--- a/block/blk-flush.c
+++ b/block/blk-flush.c
@@ -470,6 +470,7 @@ struct blk_flush_queue *blk_alloc_flush_queue(int node, int cmd_size,
gfp_t flags)
{
struct blk_flush_queue *fq;
+ struct request_wrapper *wrapper;
int rq_sz = sizeof(struct request) + sizeof(struct request_wrapper);
fq = kzalloc_node(sizeof(*fq), flags, node);
@@ -479,10 +480,11 @@ struct blk_flush_queue *blk_alloc_flush_queue(int node, int cmd_size,
spin_lock_init(&fq->mq_flush_lock);
rq_sz = round_up(rq_sz + cmd_size, cache_line_size());
- fq->flush_rq = kzalloc_node(rq_sz, flags, node);
- if (!fq->flush_rq)
+ wrapper = kzalloc_node(rq_sz, flags, node);
+ if (!wrapper)
goto fail_rq;
+ fq->flush_rq = (struct request *)(wrapper + 1);
INIT_LIST_HEAD(&fq->flush_queue[0]);
INIT_LIST_HEAD(&fq->flush_queue[1]);
INIT_LIST_HEAD(&fq->flush_data_in_flight);
@@ -501,7 +503,7 @@ void blk_free_flush_queue(struct blk_flush_queue *fq)
if (!fq)
return;
- kfree(fq->flush_rq);
+ kfree(request_to_wrapper(fq->flush_rq));
kfree(fq);
}
diff --git a/block/blk-mq.c b/block/blk-mq.c
index 1c4a4e197e65..ffabe9c3de31 100644
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -2642,7 +2642,7 @@ static int blk_mq_alloc_rqs(struct blk_mq_tag_set *set,
to_do = min(entries_per_page, depth - i);
left -= to_do * rq_size;
for (j = 0; j < to_do; j++) {
- struct request *rq = p;
+ struct request *rq = p + sizeof(struct request_wrapper);
tags->static_rqs[i] = rq;
if (blk_mq_init_request(set, rq, hctx_idx, node)) {
diff --git a/block/blk-mq.h b/block/blk-mq.h
index 6254abe9c112..dcb2077e4db6 100644
--- a/block/blk-mq.h
+++ b/block/blk-mq.h
@@ -40,14 +40,11 @@ struct blk_mq_ctx {
struct request_wrapper {
/* Time that I/O was counted in part_get_stat_info(). */
u64 stat_time_ns;
-};
+} ____cacheline_aligned_in_smp;
-static inline struct request_wrapper *request_to_wrapper(struct request *rq)
+static inline struct request_wrapper *request_to_wrapper(void *rq)
{
- unsigned long addr = (unsigned long)rq;
-
- addr += sizeof(*rq) + rq->q->tag_set->cmd_size;
- return (struct request_wrapper *)addr;
+ return rq - sizeof(struct request_wrapper);
}
void blk_mq_exit_queue(struct request_queue *q);
--
2.20.1
1
1
[PATCH openEuler-5.10 1/7] Bluetooth: L2CAP: Fix build errors in some archs
by Zheng Zengkai 19 Dec '22
by Zheng Zengkai 19 Dec '22
19 Dec '22
From: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
stable inclusion
from stable-v5.10.141
commit 38267d266336a7fb9eae9be23567a44776c6e4ca
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I64WCC
CVE: CVE-2022-20566
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
-------------------------------
commit b840304fb46cdf7012722f456bce06f151b3e81b upstream.
This attempts to fix the follow errors:
In function 'memcmp',
inlined from 'bacmp' at ./include/net/bluetooth/bluetooth.h:347:9,
inlined from 'l2cap_global_chan_by_psm' at
net/bluetooth/l2cap_core.c:2003:15:
./include/linux/fortify-string.h:44:33: error: '__builtin_memcmp'
specified bound 6 exceeds source size 0 [-Werror=stringop-overread]
44 | #define __underlying_memcmp __builtin_memcmp
| ^
./include/linux/fortify-string.h:420:16: note: in expansion of macro
'__underlying_memcmp'
420 | return __underlying_memcmp(p, q, size);
| ^~~~~~~~~~~~~~~~~~~
In function 'memcmp',
inlined from 'bacmp' at ./include/net/bluetooth/bluetooth.h:347:9,
inlined from 'l2cap_global_chan_by_psm' at
net/bluetooth/l2cap_core.c:2004:15:
./include/linux/fortify-string.h:44:33: error: '__builtin_memcmp'
specified bound 6 exceeds source size 0 [-Werror=stringop-overread]
44 | #define __underlying_memcmp __builtin_memcmp
| ^
./include/linux/fortify-string.h:420:16: note: in expansion of macro
'__underlying_memcmp'
420 | return __underlying_memcmp(p, q, size);
| ^~~~~~~~~~~~~~~~~~~
Fixes: 332f1795ca20 ("Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Cc: Sudip Mukherjee <sudipm.mukherjee(a)gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Lu Jialin <lujialin4(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
net/bluetooth/l2cap_core.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 70bfd9e8913e..f78ad8f536f7 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1988,11 +1988,11 @@ static struct l2cap_chan *l2cap_global_chan_by_psm(int state, __le16 psm,
src_match = !bacmp(&c->src, src);
dst_match = !bacmp(&c->dst, dst);
if (src_match && dst_match) {
- c = l2cap_chan_hold_unless_zero(c);
- if (c) {
- read_unlock(&chan_list_lock);
- return c;
- }
+ if (!l2cap_chan_hold_unless_zero(c))
+ continue;
+
+ read_unlock(&chan_list_lock);
+ return c;
}
/* Closest match */
--
2.20.1
1
6
19 Dec '22
From: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
mainline inclusion
from mainline-v5.17
commit 886e44c9298a6b428ae046e2fa092ca52e822e6a
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6694H
CVE: CVE-2022-3107
--------------------------------
As the potential failure of the kvmalloc_array(),
it should be better to check and restore the 'data'
if fails in order to avoid the dereference of the
NULL pointer.
Fixes: 6ae746711263 ("hv_netvsc: Add per-cpu ethtool stats for netvsc")
Signed-off-by: Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
Link: https://lore.kernel.org/r/20220314020125.2365084-1-jiasheng@iscas.ac.cn
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Signed-off-by: Baisong Zhong <zhongbaisong(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/net/hyperv/netvsc_drv.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c
index 1f9f7fcdb0eb..0de42e8ec2bb 100644
--- a/drivers/net/hyperv/netvsc_drv.c
+++ b/drivers/net/hyperv/netvsc_drv.c
@@ -1453,6 +1453,9 @@ static void netvsc_get_ethtool_stats(struct net_device *dev,
pcpu_sum = kvmalloc_array(num_possible_cpus(),
sizeof(struct netvsc_ethtool_pcpu_stats),
GFP_KERNEL);
+ if (!pcpu_sum)
+ return;
+
netvsc_get_pcpu_stats(dev, pcpu_sum);
for_each_present_cpu(cpu) {
struct netvsc_ethtool_pcpu_stats *this_sum = &pcpu_sum[cpu];
--
2.25.1
1
0
[PATCH openEuler-5.10 01/10] sched/qos: Don't unthrottle cfs_rq when cfs_rq is throttled by qos
by Zheng Zengkai 16 Dec '22
by Zheng Zengkai 16 Dec '22
16 Dec '22
From: Zhang Qiao <zhangqiao22(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I64OUS
CVE: NA
-------------------------------
When a cfs_rq throttled by qos, mark cfs_rq->throttled as 1,
and cfs bw will unthrottled this cfs_rq by mistake, it cause
a list_del_valid warning.
So add macro QOS_THROTTLED(=2), when a cfs_rq is throttled by
qos, we mark the cfs_rq->throttled as QOS_THROTTLED, will check
the value of cfs_rq->throttled before unthrottle a cfs_rq.
Signed-off-by: Zhang Qiao <zhangqiao22(a)huawei.com>
Reviewed-by: Chen Hui <judy.chenhui(a)huawei.com>
Reviewed-by: zheng zucheng <zhengzucheng(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
kernel/sched/fair.c | 102 +++++++++++++++++++++++++++++---------------
1 file changed, 68 insertions(+), 34 deletions(-)
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index 654e964b5c31..d3c4b945c019 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -124,6 +124,13 @@ int __weak arch_asym_cpu_priority(int cpu)
#endif
#ifdef CONFIG_QOS_SCHED
+
+/*
+ * To distinguish cfs bw, use QOS_THROTTLED mark cfs_rq->throttled
+ * when qos throttled(and cfs bw throttle mark cfs_rq->throttled as 1).
+ */
+#define QOS_THROTTLED 2
+
static DEFINE_PER_CPU_SHARED_ALIGNED(struct list_head, qos_throttled_cfs_rq);
static DEFINE_PER_CPU_SHARED_ALIGNED(struct hrtimer, qos_overload_timer);
static DEFINE_PER_CPU(int, qos_cpu_overload);
@@ -4932,6 +4939,14 @@ void unthrottle_cfs_rq(struct cfs_rq *cfs_rq)
se = cfs_rq->tg->se[cpu_of(rq)];
+#ifdef CONFIG_QOS_SCHED
+ /*
+ * if this cfs_rq throttled by qos, not need unthrottle it.
+ */
+ if (cfs_rq->throttled == QOS_THROTTLED)
+ return;
+#endif
+
cfs_rq->throttled = 0;
update_rq_clock(rq);
@@ -7278,26 +7293,6 @@ static inline bool is_offline_task(struct task_struct *p)
static void start_qos_hrtimer(int cpu);
-static int qos_tg_unthrottle_up(struct task_group *tg, void *data)
-{
- struct rq *rq = data;
- struct cfs_rq *cfs_rq = tg->cfs_rq[cpu_of(rq)];
-
- cfs_rq->throttle_count--;
-
- return 0;
-}
-
-static int qos_tg_throttle_down(struct task_group *tg, void *data)
-{
- struct rq *rq = data;
- struct cfs_rq *cfs_rq = tg->cfs_rq[cpu_of(rq)];
-
- cfs_rq->throttle_count++;
-
- return 0;
-}
-
static void throttle_qos_cfs_rq(struct cfs_rq *cfs_rq)
{
struct rq *rq = rq_of(cfs_rq);
@@ -7309,7 +7304,7 @@ static void throttle_qos_cfs_rq(struct cfs_rq *cfs_rq)
/* freeze hierarchy runnable averages while throttled */
rcu_read_lock();
- walk_tg_tree_from(cfs_rq->tg, qos_tg_throttle_down, tg_nop, (void *)rq);
+ walk_tg_tree_from(cfs_rq->tg, tg_throttle_down, tg_nop, (void *)rq);
rcu_read_unlock();
task_delta = cfs_rq->h_nr_running;
@@ -7320,8 +7315,13 @@ static void throttle_qos_cfs_rq(struct cfs_rq *cfs_rq)
if (!se->on_rq)
break;
- if (dequeue)
+ if (dequeue) {
dequeue_entity(qcfs_rq, se, DEQUEUE_SLEEP);
+ } else {
+ update_load_avg(qcfs_rq, se, 0);
+ se_update_runnable(se);
+ }
+
qcfs_rq->h_nr_running -= task_delta;
qcfs_rq->idle_h_nr_running -= idle_task_delta;
@@ -7339,7 +7339,7 @@ static void throttle_qos_cfs_rq(struct cfs_rq *cfs_rq)
if (list_empty(&per_cpu(qos_throttled_cfs_rq, cpu_of(rq))))
start_qos_hrtimer(cpu_of(rq));
- cfs_rq->throttled = 1;
+ cfs_rq->throttled = QOS_THROTTLED;
list_add(&cfs_rq->qos_throttled_list,
&per_cpu(qos_throttled_cfs_rq, cpu_of(rq)));
@@ -7349,12 +7349,14 @@ static void unthrottle_qos_cfs_rq(struct cfs_rq *cfs_rq)
{
struct rq *rq = rq_of(cfs_rq);
struct sched_entity *se;
- int enqueue = 1;
unsigned int prev_nr = cfs_rq->h_nr_running;
long task_delta, idle_task_delta;
se = cfs_rq->tg->se[cpu_of(rq)];
+ if (cfs_rq->throttled != QOS_THROTTLED)
+ return;
+
cfs_rq->throttled = 0;
update_rq_clock(rq);
@@ -7362,7 +7364,7 @@ static void unthrottle_qos_cfs_rq(struct cfs_rq *cfs_rq)
/* update hierarchical throttle state */
rcu_read_lock();
- walk_tg_tree_from(cfs_rq->tg, tg_nop, qos_tg_unthrottle_up, (void *)rq);
+ walk_tg_tree_from(cfs_rq->tg, tg_nop, tg_unthrottle_up, (void *)rq);
rcu_read_unlock();
if (!cfs_rq->load.weight)
@@ -7372,26 +7374,58 @@ static void unthrottle_qos_cfs_rq(struct cfs_rq *cfs_rq)
idle_task_delta = cfs_rq->idle_h_nr_running;
for_each_sched_entity(se) {
if (se->on_rq)
- enqueue = 0;
+ break;
cfs_rq = cfs_rq_of(se);
- if (enqueue)
- enqueue_entity(cfs_rq, se, ENQUEUE_WAKEUP);
+ enqueue_entity(cfs_rq, se, ENQUEUE_WAKEUP);
+
cfs_rq->h_nr_running += task_delta;
cfs_rq->idle_h_nr_running += idle_task_delta;
if (cfs_rq_throttled(cfs_rq))
- break;
+ goto unthrottle_throttle;
}
- assert_list_leaf_cfs_rq(rq);
+ for_each_sched_entity(se) {
+ cfs_rq = cfs_rq_of(se);
- if (!se) {
- add_nr_running(rq, task_delta);
- if (prev_nr < 2 && prev_nr + task_delta >= 2)
- overload_set(rq);
+ update_load_avg(cfs_rq, se, UPDATE_TG);
+ se_update_runnable(se);
+
+ cfs_rq->h_nr_running += task_delta;
+ cfs_rq->idle_h_nr_running += idle_task_delta;
+
+ /* end evaluation on encountering a throttled cfs_rq */
+ if (cfs_rq_throttled(cfs_rq))
+ goto unthrottle_throttle;
+
+ /*
+ * One parent has been throttled and cfs_rq removed from the
+ * list. Add it back to not break the leaf list.
+ */
+ if (throttled_hierarchy(cfs_rq))
+ list_add_leaf_cfs_rq(cfs_rq);
+ }
+
+ add_nr_running(rq, task_delta);
+ if (prev_nr < 2 && prev_nr + task_delta >= 2)
+ overload_set(rq);
+
+unthrottle_throttle:
+ /*
+ * The cfs_rq_throttled() breaks in the above iteration can result in
+ * incomplete leaf list maintenance, resulting in triggering the
+ * assertion below.
+ */
+ for_each_sched_entity(se) {
+ cfs_rq = cfs_rq_of(se);
+
+ if (list_add_leaf_cfs_rq(cfs_rq))
+ break;
}
+ assert_list_leaf_cfs_rq(rq);
+
/* Determine whether we need to wake up potentially idle CPU: */
if (rq->curr == rq->idle && rq->cfs.nr_running)
resched_curr(rq);
--
2.20.1
1
9
[PATCH openEuler-5.10-LTS 1/7] efi/libstub: Fix build error in efi-stub.c for riscv
by Zheng Zengkai 16 Dec '22
by Zheng Zengkai 16 Dec '22
16 Dec '22
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I66G0M
-----------------------------------------------
Commit 36a1a8916de5 ("efi/loongarch: Add efistub booting support")
introduced the following macro definition for riscv in file
drivers/firmware/efi/libstub/efi-stub.c
# define EFI_RT_VIRTUAL_LIMIT DEFAULT_MAP_WINDOW_64
# define EFI_RT_VIRTUAL_LIMIT TASK_SIZE_MIN
# define EFI_RT_VIRTUAL_LIMIT TASK_SIZE
but related patches have not been merged for riscv, like
e8a62cc26ddf ("riscv: Implement sv48 support"),
01abdfeac81b ("riscv: compat: Support TASK_SIZE for compat mode"),
Causing build error in riscv:
build failed: riscv, allmodconfig
<line too long ...>
n this function); did you mean ‘TASK_SIZE_MAX’?
# define EFI_RT_VIRTUAL_LIMIT TASK_SIZE_MIN
^
drivers/firmware/efi/libstub/efi-stub.c:289:31: note: in expansion of macro ‘EFI_RT_VIRTUAL_LIMIT’
static const u64 headroom = EFI_RT_VIRTUAL_LIMIT -
^~~~~~~~~~~~~~~~~~~~
drivers/firmware/efi/libstub/efi-stub.c:44:32: note: each undeclared identifier is reported only once for each function it appears in
# define EFI_RT_VIRTUAL_LIMIT TASK_SIZE_MIN
^
drivers/firmware/efi/libstub/efi-stub.c:289:31: note: in expansion of macro ‘EFI_RT_VIRTUAL_LIMIT’
static const u64 headroom = EFI_RT_VIRTUAL_LIMIT -
^~~~~~~~~~~~~~~~~~~~
make[4]: *** [drivers/firmware/efi/libstub/efi-stub.o] Error 1
make[3]: *** [drivers/firmware/efi/libstub] Error 2
make[2]: *** [drivers/firmware/efi] Error 2
make[1]: *** [drivers/firmware] Error 2
make[1]: *** Waiting for unfinished jobs....
make: *** [drivers] Error 2
Fix it by removing the CONFIG_RISCV condition for EFI_RT_VIRTUAL_LIMIT definition.
Fixes: 36a1a8916de5 ("efi/loongarch: Add efistub booting support")
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
Reviewed-by: Wei Li <liwei391(a)huawei.com>
---
drivers/firmware/efi/libstub/efi-stub.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/firmware/efi/libstub/efi-stub.c b/drivers/firmware/efi/libstub/efi-stub.c
index 8e0f64b3db69..96129f0fc60e 100644
--- a/drivers/firmware/efi/libstub/efi-stub.c
+++ b/drivers/firmware/efi/libstub/efi-stub.c
@@ -40,7 +40,7 @@
#ifdef CONFIG_ARM64
# define EFI_RT_VIRTUAL_LIMIT DEFAULT_MAP_WINDOW_64
-#elif defined(CONFIG_RISCV) || defined(CONFIG_LOONGARCH)
+#elif defined(CONFIG_LOONGARCH)
# define EFI_RT_VIRTUAL_LIMIT TASK_SIZE_MIN
#else
# define EFI_RT_VIRTUAL_LIMIT TASK_SIZE
--
2.20.1
1
6
[PATCH openEuler-1.0-LTS 1/3] xen/netback: Ensure protocol headers don't fall in the non-linear area
by Yongqiang Liu 16 Dec '22
by Yongqiang Liu 16 Dec '22
16 Dec '22
From: Ross Lagerwall <ross.lagerwall(a)citrix.com>
mainline inclusion
from mainline-v6.1
commit ad7f402ae4f466647c3a669b8a6f3e5d4271c84a
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I651EB
CVE: CVE-2022-3643
--------------------------------
In some cases, the frontend may send a packet where the protocol headers
are spread across multiple slots. This would result in netback creating
an skb where the protocol headers spill over into the non-linear area.
Some drivers and NICs don't handle this properly resulting in an
interface reset or worse.
This issue was introduced by the removal of an unconditional skb pull in
the tx path to improve performance. Fix this without reintroducing the
pull by setting up grant copy ops for as many slots as needed to reach
the XEN_NETBACK_TX_COPY_LEN size. Adjust the rest of the code to handle
multiple copy operations per skb.
This is XSA-423 / CVE-2022-3643.
Fixes: 7e5d7753956b ("xen-netback: remove unconditional __pskb_pull_tail() in guest Tx path")
Signed-off-by: Ross Lagerwall <ross.lagerwall(a)citrix.com>
Reviewed-by: Paul Durrant <paul(a)xen.org>
Signed-off-by: Juergen Gross <jgross(a)suse.com>
Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/net/xen-netback/netback.c | 223 ++++++++++++++++--------------
1 file changed, 123 insertions(+), 100 deletions(-)
diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c
index 41bdfb684d46..1036d903038c 100644
--- a/drivers/net/xen-netback/netback.c
+++ b/drivers/net/xen-netback/netback.c
@@ -323,10 +323,13 @@ static int xenvif_count_requests(struct xenvif_queue *queue,
struct xenvif_tx_cb {
- u16 pending_idx;
+ u16 copy_pending_idx[XEN_NETBK_LEGACY_SLOTS_MAX + 1];
+ u8 copy_count;
};
#define XENVIF_TX_CB(skb) ((struct xenvif_tx_cb *)(skb)->cb)
+#define copy_pending_idx(skb, i) (XENVIF_TX_CB(skb)->copy_pending_idx[i])
+#define copy_count(skb) (XENVIF_TX_CB(skb)->copy_count)
static inline void xenvif_tx_create_map_op(struct xenvif_queue *queue,
u16 pending_idx,
@@ -361,31 +364,93 @@ static inline struct sk_buff *xenvif_alloc_skb(unsigned int size)
return skb;
}
-static struct gnttab_map_grant_ref *xenvif_get_requests(struct xenvif_queue *queue,
- struct sk_buff *skb,
- struct xen_netif_tx_request *txp,
- struct gnttab_map_grant_ref *gop,
- unsigned int frag_overflow,
- struct sk_buff *nskb)
+static void xenvif_get_requests(struct xenvif_queue *queue,
+ struct sk_buff *skb,
+ struct xen_netif_tx_request *first,
+ struct xen_netif_tx_request *txfrags,
+ unsigned *copy_ops,
+ unsigned *map_ops,
+ unsigned int frag_overflow,
+ struct sk_buff *nskb,
+ unsigned int extra_count,
+ unsigned int data_len)
{
struct skb_shared_info *shinfo = skb_shinfo(skb);
skb_frag_t *frags = shinfo->frags;
- u16 pending_idx = XENVIF_TX_CB(skb)->pending_idx;
- int start;
+ u16 pending_idx;
pending_ring_idx_t index;
unsigned int nr_slots;
+ struct gnttab_copy *cop = queue->tx_copy_ops + *copy_ops;
+ struct gnttab_map_grant_ref *gop = queue->tx_map_ops + *map_ops;
+ struct xen_netif_tx_request *txp = first;
+
+ nr_slots = shinfo->nr_frags + 1;
+
+ copy_count(skb) = 0;
+
+ /* Create copy ops for exactly data_len bytes into the skb head. */
+ __skb_put(skb, data_len);
+ while (data_len > 0) {
+ int amount = data_len > txp->size ? txp->size : data_len;
+
+ cop->source.u.ref = txp->gref;
+ cop->source.domid = queue->vif->domid;
+ cop->source.offset = txp->offset;
+
+ cop->dest.domid = DOMID_SELF;
+ cop->dest.offset = (offset_in_page(skb->data +
+ skb_headlen(skb) -
+ data_len)) & ~XEN_PAGE_MASK;
+ cop->dest.u.gmfn = virt_to_gfn(skb->data + skb_headlen(skb)
+ - data_len);
+
+ cop->len = amount;
+ cop->flags = GNTCOPY_source_gref;
- nr_slots = shinfo->nr_frags;
+ index = pending_index(queue->pending_cons);
+ pending_idx = queue->pending_ring[index];
+ callback_param(queue, pending_idx).ctx = NULL;
+ copy_pending_idx(skb, copy_count(skb)) = pending_idx;
+ copy_count(skb)++;
+
+ cop++;
+ data_len -= amount;
- /* Skip first skb fragment if it is on same page as header fragment. */
- start = (frag_get_pending_idx(&shinfo->frags[0]) == pending_idx);
+ if (amount == txp->size) {
+ /* The copy op covered the full tx_request */
+
+ memcpy(&queue->pending_tx_info[pending_idx].req,
+ txp, sizeof(*txp));
+ queue->pending_tx_info[pending_idx].extra_count =
+ (txp == first) ? extra_count : 0;
+
+ if (txp == first)
+ txp = txfrags;
+ else
+ txp++;
+ queue->pending_cons++;
+ nr_slots--;
+ } else {
+ /* The copy op partially covered the tx_request.
+ * The remainder will be mapped.
+ */
+ txp->offset += amount;
+ txp->size -= amount;
+ }
+ }
- for (shinfo->nr_frags = start; shinfo->nr_frags < nr_slots;
- shinfo->nr_frags++, txp++, gop++) {
+ for (shinfo->nr_frags = 0; shinfo->nr_frags < nr_slots;
+ shinfo->nr_frags++, gop++) {
index = pending_index(queue->pending_cons++);
pending_idx = queue->pending_ring[index];
- xenvif_tx_create_map_op(queue, pending_idx, txp, 0, gop);
+ xenvif_tx_create_map_op(queue, pending_idx, txp,
+ txp == first ? extra_count : 0, gop);
frag_set_pending_idx(&frags[shinfo->nr_frags], pending_idx);
+
+ if (txp == first)
+ txp = txfrags;
+ else
+ txp++;
}
if (frag_overflow) {
@@ -406,7 +471,8 @@ static struct gnttab_map_grant_ref *xenvif_get_requests(struct xenvif_queue *que
skb_shinfo(skb)->frag_list = nskb;
}
- return gop;
+ (*copy_ops) = cop - queue->tx_copy_ops;
+ (*map_ops) = gop - queue->tx_map_ops;
}
static inline void xenvif_grant_handle_set(struct xenvif_queue *queue,
@@ -442,7 +508,7 @@ static int xenvif_tx_check_gop(struct xenvif_queue *queue,
struct gnttab_copy **gopp_copy)
{
struct gnttab_map_grant_ref *gop_map = *gopp_map;
- u16 pending_idx = XENVIF_TX_CB(skb)->pending_idx;
+ u16 pending_idx;
/* This always points to the shinfo of the skb being checked, which
* could be either the first or the one on the frag_list
*/
@@ -453,24 +519,37 @@ static int xenvif_tx_check_gop(struct xenvif_queue *queue,
struct skb_shared_info *first_shinfo = NULL;
int nr_frags = shinfo->nr_frags;
const bool sharedslot = nr_frags &&
- frag_get_pending_idx(&shinfo->frags[0]) == pending_idx;
+ frag_get_pending_idx(&shinfo->frags[0]) ==
+ copy_pending_idx(skb, copy_count(skb) - 1);
int i, err;
- /* Check status of header. */
- err = (*gopp_copy)->status;
- if (unlikely(err)) {
- if (net_ratelimit())
- netdev_dbg(queue->vif->dev,
- "Grant copy of header failed! status: %d pending_idx: %u ref: %u\n",
- (*gopp_copy)->status,
- pending_idx,
- (*gopp_copy)->source.u.ref);
- /* The first frag might still have this slot mapped */
- if (!sharedslot)
- xenvif_idx_release(queue, pending_idx,
- XEN_NETIF_RSP_ERROR);
+ for (i = 0; i < copy_count(skb); i++) {
+ int newerr;
+
+ /* Check status of header. */
+ pending_idx = copy_pending_idx(skb, i);
+
+ newerr = (*gopp_copy)->status;
+ if (likely(!newerr)) {
+ /* The first frag might still have this slot mapped */
+ if (i < copy_count(skb) - 1 || !sharedslot)
+ xenvif_idx_release(queue, pending_idx,
+ XEN_NETIF_RSP_OKAY);
+ } else {
+ err = newerr;
+ if (net_ratelimit())
+ netdev_dbg(queue->vif->dev,
+ "Grant copy of header failed! status: %d pending_idx: %u ref: %u\n",
+ (*gopp_copy)->status,
+ pending_idx,
+ (*gopp_copy)->source.u.ref);
+ /* The first frag might still have this slot mapped */
+ if (i < copy_count(skb) - 1 || !sharedslot)
+ xenvif_idx_release(queue, pending_idx,
+ XEN_NETIF_RSP_ERROR);
+ }
+ (*gopp_copy)++;
}
- (*gopp_copy)++;
check_frags:
for (i = 0; i < nr_frags; i++, gop_map++) {
@@ -517,14 +596,6 @@ static int xenvif_tx_check_gop(struct xenvif_queue *queue,
if (err)
continue;
- /* First error: if the header haven't shared a slot with the
- * first frag, release it as well.
- */
- if (!sharedslot)
- xenvif_idx_release(queue,
- XENVIF_TX_CB(skb)->pending_idx,
- XEN_NETIF_RSP_OKAY);
-
/* Invalidate preceding fragments of this skb. */
for (j = 0; j < i; j++) {
pending_idx = frag_get_pending_idx(&shinfo->frags[j]);
@@ -794,7 +865,6 @@ static void xenvif_tx_build_gops(struct xenvif_queue *queue,
unsigned *copy_ops,
unsigned *map_ops)
{
- struct gnttab_map_grant_ref *gop = queue->tx_map_ops;
struct sk_buff *skb, *nskb;
int ret;
unsigned int frag_overflow;
@@ -876,8 +946,12 @@ static void xenvif_tx_build_gops(struct xenvif_queue *queue,
continue;
}
+ data_len = (txreq.size > XEN_NETBACK_TX_COPY_LEN) ?
+ XEN_NETBACK_TX_COPY_LEN : txreq.size;
+
ret = xenvif_count_requests(queue, &txreq, extra_count,
txfrags, work_to_do);
+
if (unlikely(ret < 0))
break;
@@ -903,9 +977,8 @@ static void xenvif_tx_build_gops(struct xenvif_queue *queue,
index = pending_index(queue->pending_cons);
pending_idx = queue->pending_ring[index];
- data_len = (txreq.size > XEN_NETBACK_TX_COPY_LEN &&
- ret < XEN_NETBK_LEGACY_SLOTS_MAX) ?
- XEN_NETBACK_TX_COPY_LEN : txreq.size;
+ if (ret >= XEN_NETBK_LEGACY_SLOTS_MAX - 1 && data_len < txreq.size)
+ data_len = txreq.size;
skb = xenvif_alloc_skb(data_len);
if (unlikely(skb == NULL)) {
@@ -916,8 +989,6 @@ static void xenvif_tx_build_gops(struct xenvif_queue *queue,
}
skb_shinfo(skb)->nr_frags = ret;
- if (data_len < txreq.size)
- skb_shinfo(skb)->nr_frags++;
/* At this point shinfo->nr_frags is in fact the number of
* slots, which can be as large as XEN_NETBK_LEGACY_SLOTS_MAX.
*/
@@ -979,54 +1050,19 @@ static void xenvif_tx_build_gops(struct xenvif_queue *queue,
type);
}
- XENVIF_TX_CB(skb)->pending_idx = pending_idx;
-
- __skb_put(skb, data_len);
- queue->tx_copy_ops[*copy_ops].source.u.ref = txreq.gref;
- queue->tx_copy_ops[*copy_ops].source.domid = queue->vif->domid;
- queue->tx_copy_ops[*copy_ops].source.offset = txreq.offset;
-
- queue->tx_copy_ops[*copy_ops].dest.u.gmfn =
- virt_to_gfn(skb->data);
- queue->tx_copy_ops[*copy_ops].dest.domid = DOMID_SELF;
- queue->tx_copy_ops[*copy_ops].dest.offset =
- offset_in_page(skb->data) & ~XEN_PAGE_MASK;
-
- queue->tx_copy_ops[*copy_ops].len = data_len;
- queue->tx_copy_ops[*copy_ops].flags = GNTCOPY_source_gref;
-
- (*copy_ops)++;
-
- if (data_len < txreq.size) {
- frag_set_pending_idx(&skb_shinfo(skb)->frags[0],
- pending_idx);
- xenvif_tx_create_map_op(queue, pending_idx, &txreq,
- extra_count, gop);
- gop++;
- } else {
- frag_set_pending_idx(&skb_shinfo(skb)->frags[0],
- INVALID_PENDING_IDX);
- memcpy(&queue->pending_tx_info[pending_idx].req,
- &txreq, sizeof(txreq));
- queue->pending_tx_info[pending_idx].extra_count =
- extra_count;
- }
-
- queue->pending_cons++;
-
- gop = xenvif_get_requests(queue, skb, txfrags, gop,
- frag_overflow, nskb);
+ xenvif_get_requests(queue, skb, &txreq, txfrags, copy_ops,
+ map_ops, frag_overflow, nskb, extra_count,
+ data_len);
__skb_queue_tail(&queue->tx_queue, skb);
queue->tx.req_cons = idx;
- if (((gop-queue->tx_map_ops) >= ARRAY_SIZE(queue->tx_map_ops)) ||
+ if ((*map_ops >= ARRAY_SIZE(queue->tx_map_ops)) ||
(*copy_ops >= ARRAY_SIZE(queue->tx_copy_ops)))
break;
}
- (*map_ops) = gop - queue->tx_map_ops;
return;
}
@@ -1105,9 +1141,8 @@ static int xenvif_tx_submit(struct xenvif_queue *queue)
while ((skb = __skb_dequeue(&queue->tx_queue)) != NULL) {
struct xen_netif_tx_request *txp;
u16 pending_idx;
- unsigned data_len;
- pending_idx = XENVIF_TX_CB(skb)->pending_idx;
+ pending_idx = copy_pending_idx(skb, 0);
txp = &queue->pending_tx_info[pending_idx].req;
/* Check the remap error code. */
@@ -1126,18 +1161,6 @@ static int xenvif_tx_submit(struct xenvif_queue *queue)
continue;
}
- data_len = skb->len;
- callback_param(queue, pending_idx).ctx = NULL;
- if (data_len < txp->size) {
- /* Append the packet payload as a fragment. */
- txp->offset += data_len;
- txp->size -= data_len;
- } else {
- /* Schedule a response immediately. */
- xenvif_idx_release(queue, pending_idx,
- XEN_NETIF_RSP_OKAY);
- }
-
if (txp->flags & XEN_NETTXF_csum_blank)
skb->ip_summed = CHECKSUM_PARTIAL;
else if (txp->flags & XEN_NETTXF_data_validated)
@@ -1314,7 +1337,7 @@ static inline void xenvif_tx_dealloc_action(struct xenvif_queue *queue)
/* Called after netfront has transmitted */
int xenvif_tx_action(struct xenvif_queue *queue, int budget)
{
- unsigned nr_mops, nr_cops = 0;
+ unsigned nr_mops = 0, nr_cops = 0;
int work_done, ret;
if (unlikely(!tx_work_todo(queue)))
--
2.25.1
1
2
[PATCH openEuler-1.0-LTS] arm64: fix a concurrency issue in emulation_proc_handler()
by Yongqiang Liu 16 Dec '22
by Yongqiang Liu 16 Dec '22
16 Dec '22
From: ruanjinjie <ruanjinjie(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65T0J
CVE: NA
-------------------------------
In emulation_proc_handler(), read and write operations are performed on
insn->current_mode. In the concurrency scenario, mutex only protects
writing insn->current_mode, and not protects the read. Suppose there are
two concurrent tasks, task1 updates insn->current_mode to INSN_EMULATE
in the critical section, the prev_mode of task2 is still the old data
INSN_UNDEF of insn->current_mode. As a result, two tasks call
update_insn_emulation_mode twice with prev_mode = INSN_UNDEF and
current_mode = INSN_EMULATE, then call register_emulation_hooks twice,
resulting in a list_add double problem.
Call trace:
__list_add_valid+0xd8/0xe4
register_undef_hook+0x94/0x13c
update_insn_emulation_mode+0xd0/0x12c
emulation_proc_handler+0xd8/0xf4
proc_sys_call_handler+0x140/0x250
proc_sys_write+0x1c/0x2c
new_sync_write+0xec/0x18c
vfs_write+0x214/0x2ac
ksys_write+0x70/0xfc
__arm64_sys_write+0x24/0x30
el0_svc_common.constprop.0+0x7c/0x1bc
do_el0_svc+0x2c/0x94
el0_svc+0x20/0x30
el0_sync_handler+0xb0/0xb4
el0_sync+0x160/0x180
Fixes: 08f3f0b2fe7e ("arm64: fix oops in concurrently setting insn_emulation sysctls")
Signed-off-by: ruanjinjie <ruanjinjie(a)huawei.com>
Reviewed-by: Zhang Jianhua <chris.zjh(a)huawei.com>
Reviewed-by: Liao Chang <liaochang1(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
arch/arm64/kernel/armv8_deprecated.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/kernel/armv8_deprecated.c b/arch/arm64/kernel/armv8_deprecated.c
index 88d3454f2848..07a0095956f1 100644
--- a/arch/arm64/kernel/armv8_deprecated.c
+++ b/arch/arm64/kernel/armv8_deprecated.c
@@ -211,10 +211,12 @@ static int emulation_proc_handler(struct ctl_table *table, int write,
loff_t *ppos)
{
int ret = 0;
- struct insn_emulation *insn = container_of(table->data, struct insn_emulation, current_mode);
- enum insn_emulation_mode prev_mode = insn->current_mode;
+ struct insn_emulation *insn;
+ enum insn_emulation_mode prev_mode;
mutex_lock(&insn_emulation_mutex);
+ insn = container_of(table->data, struct insn_emulation, current_mode);
+ prev_mode = insn->current_mode;
ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
if (ret || !write || prev_mode == insn->current_mode)
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS 1/2] sched/qos: Don't unthrottle cfs_rq when cfs_rq is throttled by qos
by Yongqiang Liu 16 Dec '22
by Yongqiang Liu 16 Dec '22
16 Dec '22
From: Zhang Qiao <zhangqiao22(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I64OUS
CVE: NA
-------------------------------
When a cfs_rq throttled by qos, mark cfs_rq->throttled as 1,
and cfs bw will unthrottled this cfs_rq by mistake, it cause
a list_del_valid warning.
So add macro QOS_THROTTLED(=2), when a cfs_rq is throttled by
qos, we mark the cfs_rq->throttled as QOS_THROTTLED, will check
the value of cfs_rq->throttled before unthrottle a cfs_rq.
Signed-off-by: Zhang Qiao <zhangqiao22(a)huawei.com>
Reviewed-by: Chen Hui <judy.chenhui(a)huawei.com>
Reviewed-by: zheng zucheng <zhengzucheng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
kernel/sched/fair.c | 59 ++++++++++++++++++++++++++-------------------
1 file changed, 34 insertions(+), 25 deletions(-)
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index a34ca843bf0a..0dba06ce0677 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -103,6 +103,13 @@ int __weak arch_asym_cpu_priority(int cpu)
#endif
#ifdef CONFIG_QOS_SCHED
+
+/*
+ * To distinguish cfs bw, use QOS_THROTTLED mark cfs_rq->throttled
+ * when qos throttled(and cfs bw throttle mark cfs_rq->throttled as 1).
+ */
+#define QOS_THROTTLED 2
+
static DEFINE_PER_CPU_SHARED_ALIGNED(struct list_head, qos_throttled_cfs_rq);
static DEFINE_PER_CPU_SHARED_ALIGNED(struct hrtimer, qos_overload_timer);
static DEFINE_PER_CPU(int, qos_cpu_overload);
@@ -4649,6 +4656,14 @@ void unthrottle_cfs_rq(struct cfs_rq *cfs_rq)
se = cfs_rq->tg->se[cpu_of(rq)];
+#ifdef CONFIG_QOS_SCHED
+ /*
+ * if this cfs_rq throttled by qos, not need unthrottle it.
+ */
+ if (cfs_rq->throttled == QOS_THROTTLED)
+ return;
+#endif
+
cfs_rq->throttled = 0;
update_rq_clock(rq);
@@ -7066,37 +7081,18 @@ static void check_preempt_wakeup(struct rq *rq, struct task_struct *p, int wake_
#ifdef CONFIG_QOS_SCHED
static void start_qos_hrtimer(int cpu);
-static int qos_tg_unthrottle_up(struct task_group *tg, void *data)
-{
- struct rq *rq = data;
- struct cfs_rq *cfs_rq = tg->cfs_rq[cpu_of(rq)];
-
- cfs_rq->throttle_count--;
-
- return 0;
-}
-
-static int qos_tg_throttle_down(struct task_group *tg, void *data)
-{
- struct rq *rq = data;
- struct cfs_rq *cfs_rq = tg->cfs_rq[cpu_of(rq)];
-
- cfs_rq->throttle_count++;
-
- return 0;
-}
-
static void throttle_qos_cfs_rq(struct cfs_rq *cfs_rq)
{
struct rq *rq = rq_of(cfs_rq);
struct sched_entity *se;
long task_delta, idle_task_delta, dequeue = 1;
+ unsigned int prev_nr = rq->cfs.h_nr_running;
se = cfs_rq->tg->se[cpu_of(rq_of(cfs_rq))];
/* freeze hierarchy runnable averages while throttled */
rcu_read_lock();
- walk_tg_tree_from(cfs_rq->tg, qos_tg_throttle_down, tg_nop, (void *)rq);
+ walk_tg_tree_from(cfs_rq->tg, tg_throttle_down, tg_nop, (void *)rq);
rcu_read_unlock();
task_delta = cfs_rq->h_nr_running;
@@ -7118,12 +7114,14 @@ static void throttle_qos_cfs_rq(struct cfs_rq *cfs_rq)
if (!se) {
sub_nr_running(rq, task_delta);
+ if (prev_nr >= 2 && prev_nr - task_delta < 2)
+ overload_clear(rq);
}
if (list_empty(&per_cpu(qos_throttled_cfs_rq, cpu_of(rq))))
start_qos_hrtimer(cpu_of(rq));
- cfs_rq->throttled = 1;
+ cfs_rq->throttled = QOS_THROTTLED;
list_add(&cfs_rq->qos_throttled_list,
&per_cpu(qos_throttled_cfs_rq, cpu_of(rq)));
@@ -7135,8 +7133,11 @@ static void unthrottle_qos_cfs_rq(struct cfs_rq *cfs_rq)
struct sched_entity *se;
int enqueue = 1;
long task_delta, idle_task_delta;
+ unsigned int prev_nr = rq->cfs.h_nr_running;
se = cfs_rq->tg->se[cpu_of(rq)];
+ if (cfs_rq->throttled != QOS_THROTTLED)
+ return;
cfs_rq->throttled = 0;
@@ -7145,7 +7146,7 @@ static void unthrottle_qos_cfs_rq(struct cfs_rq *cfs_rq)
/* update hierarchical throttle state */
rcu_read_lock();
- walk_tg_tree_from(cfs_rq->tg, tg_nop, qos_tg_unthrottle_up, (void *)rq);
+ walk_tg_tree_from(cfs_rq->tg, tg_nop, tg_unthrottle_up, (void *)rq);
rcu_read_unlock();
if (!cfs_rq->load.weight)
@@ -7167,12 +7168,20 @@ static void unthrottle_qos_cfs_rq(struct cfs_rq *cfs_rq)
break;
}
- assert_list_leaf_cfs_rq(rq);
-
if (!se) {
add_nr_running(rq, task_delta);
+ if (prev_nr < 2 && prev_nr + task_delta >= 2)
+ overload_set(rq);
+ }
+
+ for_each_sched_entity(se) {
+ cfs_rq = cfs_rq_of(se);
+
+ list_add_leaf_cfs_rq(cfs_rq);
}
+ assert_list_leaf_cfs_rq(rq);
+
/* Determine whether we need to wake up potentially idle CPU: */
if (rq->curr == rq->idle && rq->cfs.nr_running)
resched_curr(rq);
--
2.25.1
1
1
[PATCH openEuler-5.10 1/3] RDMA/hns: Kernel notify usr space to stop ring db
by Zheng Zengkai 15 Dec '22
by Zheng Zengkai 15 Dec '22
15 Dec '22
From: Guofeng Yue <yueguofeng(a)hisilicon.com>
driver inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65TUL
---------------------------------------------------------------
In the reset scenario, if the kernel receives the reset signal,
it needs to notify the user space to stop ring doorbell.
Signed-off-by: Yixing Liu <liuyixing1(a)huawei.com>
Signed-off-by: Guofeng Yue <yueguofeng(a)hisilicon.com>
Reviewed-by: Yangyang Li <liyangyang20(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/infiniband/hw/hns/hns_roce_device.h | 5 ++
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 55 ++++++++++++++++++++-
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 4 ++
drivers/infiniband/hw/hns/hns_roce_main.c | 47 +++++++++++++++++-
include/uapi/rdma/hns-abi.h | 1 +
5 files changed, 109 insertions(+), 3 deletions(-)
diff --git a/drivers/infiniband/hw/hns/hns_roce_device.h b/drivers/infiniband/hw/hns/hns_roce_device.h
index 5b5f6c5920f1..69a14b1ca99c 100644
--- a/drivers/infiniband/hw/hns/hns_roce_device.h
+++ b/drivers/infiniband/hw/hns/hns_roce_device.h
@@ -59,6 +59,7 @@
#define HNS_ROCE_CEQ 0
#define HNS_ROCE_AEQ 1
+#define HNS_ROCE_IS_RESETTING 1
#define HNS_ROCE_CEQE_SIZE 0x4
#define HNS_ROCE_AEQE_SIZE 0x10
@@ -206,6 +207,7 @@ enum hns_roce_mmap_type {
HNS_ROCE_MMAP_TYPE_DB = 1,
HNS_ROCE_MMAP_TYPE_DWQE,
HNS_ROCE_MMAP_TYPE_DCA,
+ HNS_ROCE_MMAP_TYPE_RESET,
};
struct hns_user_mmap_entry {
@@ -248,6 +250,7 @@ struct hns_roce_ucontext {
struct list_head page_list;
struct mutex page_mutex;
struct hns_user_mmap_entry *db_mmap_entry;
+ struct hns_user_mmap_entry *reset_mmap_entry;
u32 config;
struct hns_roce_dca_ctx dca_ctx;
void *dca_dbgfs;
@@ -1027,6 +1030,8 @@ struct hns_roce_dev {
int loop_idc;
u32 sdb_offset;
u32 odb_offset;
+ struct page *reset_page; /* store reset state */
+ void *reset_kaddr; /* addr of reset page */
const struct hns_roce_hw *hw;
void *priv;
struct workqueue_struct *irq_workq;
diff --git a/drivers/infiniband/hw/hns/hns_roce_hw_v2.c b/drivers/infiniband/hw/hns/hns_roce_hw_v2.c
index 5c58fb2070c4..ecd38c2a7baa 100644
--- a/drivers/infiniband/hw/hns/hns_roce_hw_v2.c
+++ b/drivers/infiniband/hw/hns/hns_roce_hw_v2.c
@@ -2812,6 +2812,31 @@ static void free_dip_list(struct hns_roce_dev *hr_dev)
spin_unlock_irqrestore(&hr_dev->dip_list_lock, flags);
}
+static int hns_roce_v2_get_reset_page(struct hns_roce_dev *hr_dev)
+{
+ hr_dev->reset_page = alloc_page(GFP_KERNEL | __GFP_ZERO);
+ if (!hr_dev->reset_page)
+ return -ENOMEM;
+
+ hr_dev->reset_kaddr = vmap(&hr_dev->reset_page, 1, VM_MAP, PAGE_KERNEL);
+ if (!hr_dev->reset_kaddr)
+ goto err_with_vmap;
+
+ return 0;
+
+err_with_vmap:
+ put_page(hr_dev->reset_page);
+ return -ENOMEM;
+}
+
+static void hns_roce_v2_put_reset_page(struct hns_roce_dev *hr_dev)
+{
+ vunmap(hr_dev->reset_kaddr);
+ hr_dev->reset_kaddr = NULL;
+ put_page(hr_dev->reset_page);
+ hr_dev->reset_page = NULL;
+}
+
static struct ib_pd *free_mr_init_pd(struct hns_roce_dev *hr_dev)
{
struct hns_roce_v2_priv *priv = hr_dev->priv;
@@ -3168,16 +3193,23 @@ static int hns_roce_v2_init(struct hns_roce_dev *hr_dev)
{
int ret;
+ ret = hns_roce_v2_get_reset_page(hr_dev);
+ if (ret) {
+ dev_err(hr_dev->dev,
+ "reset state init failed, ret = %d.\n", ret);
+ return ret;
+ }
+
/* The hns ROCEE requires the extdb info to be cleared before using */
ret = hns_roce_clear_extdb_list_info(hr_dev);
if (ret)
- return ret;
+ goto err_clear_extdb_failed;
hns_roce_set_mac_type(hr_dev);
ret = get_hem_table(hr_dev);
if (ret)
- return ret;
+ goto err_clear_extdb_failed;
if (hr_dev->is_vf)
return 0;
@@ -3192,6 +3224,8 @@ static int hns_roce_v2_init(struct hns_roce_dev *hr_dev)
err_llm_init_failed:
put_hem_table(hr_dev);
+err_clear_extdb_failed:
+ hns_roce_v2_put_reset_page(hr_dev);
return ret;
}
@@ -3203,6 +3237,8 @@ static void hns_roce_v2_exit(struct hns_roce_dev *hr_dev)
if (!hr_dev->is_vf)
hns_roce_free_link_table(hr_dev);
+ hns_roce_v2_put_reset_page(hr_dev);
+
if (hr_dev->pci_dev->revision == PCI_REVISION_ID_HIP09)
free_dip_list(hr_dev);
}
@@ -7282,6 +7318,18 @@ void hns_roce_hw_v2_uninit_instance(struct hnae3_handle *handle, bool reset)
handle->rinfo.instance_state = HNS_ROCE_STATE_NON_INIT;
}
+
+static void hns_roce_v2_reset_notify_user(struct hns_roce_dev *hr_dev)
+{
+ struct hns_roce_v2_reset_state *state;
+
+ state = (struct hns_roce_v2_reset_state *)hr_dev->reset_kaddr;
+
+ state->reset_state = HNS_ROCE_IS_RESETTING;
+ /* Ensure reset state was flushed in memory */
+ wmb();
+}
+
static int hns_roce_hw_v2_reset_notify_down(struct hnae3_handle *handle)
{
struct hns_roce_dev *hr_dev;
@@ -7300,6 +7348,9 @@ static int hns_roce_hw_v2_reset_notify_down(struct hnae3_handle *handle)
hr_dev->active = false;
hr_dev->dis_db = true;
+
+ hns_roce_v2_reset_notify_user(hr_dev);
+
hr_dev->state = HNS_ROCE_DEVICE_STATE_RST_DOWN;
return 0;
diff --git a/drivers/infiniband/hw/hns/hns_roce_hw_v2.h b/drivers/infiniband/hw/hns/hns_roce_hw_v2.h
index 28381993278f..7751b3de2ff0 100644
--- a/drivers/infiniband/hw/hns/hns_roce_hw_v2.h
+++ b/drivers/infiniband/hw/hns/hns_roce_hw_v2.h
@@ -1340,6 +1340,10 @@ struct hns_roce_link_table {
#define HNS_ROCE_EXT_LLM_ENTRY(addr, id) (((id) << (64 - 12)) | ((addr) >> 12))
#define HNS_ROCE_EXT_LLM_MIN_PAGES(que_num) ((que_num) * 4 + 2)
+struct hns_roce_v2_reset_state {
+ u32 reset_state; /* stored to use in user space */
+};
+
struct hns_roce_v2_free_mr {
struct hns_roce_qp *rsv_qp[HNS_ROCE_FREE_MR_USED_QP_NUM];
struct hns_roce_cq *rsv_cq;
diff --git a/drivers/infiniband/hw/hns/hns_roce_main.c b/drivers/infiniband/hw/hns/hns_roce_main.c
index f8fc6c905e39..9daf9b7f0976 100644
--- a/drivers/infiniband/hw/hns/hns_roce_main.c
+++ b/drivers/infiniband/hw/hns/hns_roce_main.c
@@ -367,6 +367,7 @@ hns_roce_user_mmap_entry_insert(struct ib_ucontext *ucontext, u64 address,
break;
case HNS_ROCE_MMAP_TYPE_DWQE:
case HNS_ROCE_MMAP_TYPE_DCA:
+ case HNS_ROCE_MMAP_TYPE_RESET:
ret = rdma_user_mmap_entry_insert_range(
ucontext, &entry->rdma_entry, length, 1,
U32_MAX);
@@ -408,6 +409,26 @@ static int hns_roce_alloc_uar_entry(struct ib_ucontext *uctx)
return 0;
}
+static void hns_roce_dealloc_reset_entry(struct hns_roce_ucontext *context)
+{
+ if (context->reset_mmap_entry)
+ rdma_user_mmap_entry_remove(&context->reset_mmap_entry->rdma_entry);
+}
+
+static int hns_roce_alloc_reset_entry(struct ib_ucontext *uctx)
+{
+ struct hns_roce_ucontext *context = to_hr_ucontext(uctx);
+ struct hns_roce_dev *hr_dev = to_hr_dev(uctx->device);
+
+ context->reset_mmap_entry = hns_roce_user_mmap_entry_insert(uctx,
+ (u64)hr_dev->reset_kaddr, PAGE_SIZE, HNS_ROCE_MMAP_TYPE_RESET);
+
+ if (!context->reset_mmap_entry)
+ return -ENOMEM;
+
+ return 0;
+}
+
static void ucontext_set_resp(struct ib_ucontext *uctx,
struct hns_roce_ib_alloc_ucontext_resp *resp)
{
@@ -425,6 +446,11 @@ static void ucontext_set_resp(struct ib_ucontext *uctx,
rdma_entry = &context->dca_ctx.dca_mmap_entry->rdma_entry;
resp->dca_mmap_key = rdma_user_mmap_get_offset(rdma_entry);
}
+
+ if (context->reset_mmap_entry) {
+ rdma_entry = &context->reset_mmap_entry->rdma_entry;
+ resp->reset_mmap_key = rdma_user_mmap_get_offset(rdma_entry);
+ }
}
static u32 get_udca_max_qps(struct hns_roce_dev *hr_dev,
@@ -503,6 +529,10 @@ static int hns_roce_alloc_ucontext(struct ib_ucontext *uctx,
hns_roce_register_udca(hr_dev, get_udca_max_qps(hr_dev, &ucmd),
context);
+ ret = hns_roce_alloc_reset_entry(uctx);
+ if (ret)
+ goto error_fail_reset_entry;
+
ucontext_set_resp(uctx, &resp);
ret = ib_copy_to_udata(udata, &resp, min(udata->outlen, sizeof(resp)));
if (ret)
@@ -518,7 +548,9 @@ static int hns_roce_alloc_ucontext(struct ib_ucontext *uctx,
error_fail_copy_to_udata:
hns_roce_unregister_udca(hr_dev, context);
+ hns_roce_dealloc_reset_entry(context);
+error_fail_reset_entry:
hns_roce_dealloc_uar_entry(context);
error_fail_uar_entry:
@@ -542,6 +574,7 @@ static void hns_roce_dealloc_ucontext(struct ib_ucontext *ibcontext)
hns_roce_unregister_udca(hr_dev, context);
hns_roce_dealloc_uar_entry(context);
+ hns_roce_dealloc_reset_entry(context);
ida_free(&hr_dev->uar_ida.ida, (int)context->uar.logic_idx);
}
@@ -578,6 +611,7 @@ static int mmap_dca(struct ib_ucontext *context, struct vm_area_struct *vma)
static int hns_roce_mmap(struct ib_ucontext *uctx, struct vm_area_struct *vma)
{
+ struct hns_roce_dev *hr_dev = to_hr_dev(uctx->device);
struct rdma_user_mmap_entry *rdma_entry;
struct hns_user_mmap_entry *entry;
phys_addr_t pfn;
@@ -599,8 +633,19 @@ static int hns_roce_mmap(struct ib_ucontext *uctx, struct vm_area_struct *vma)
case HNS_ROCE_MMAP_TYPE_DCA:
ret = mmap_dca(uctx, vma);
goto out;
+ case HNS_ROCE_MMAP_TYPE_RESET:
+ if (vma->vm_flags & (VM_WRITE | VM_EXEC)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ ret = remap_pfn_range(vma, vma->vm_start,
+ page_to_pfn(hr_dev->reset_page),
+ PAGE_SIZE, vma->vm_page_prot);
+ goto out;
default:
- return -EINVAL;
+ ret = -EINVAL;
+ goto out;
}
ret = rdma_user_mmap_io(uctx, vma, pfn, rdma_entry->npages * PAGE_SIZE,
diff --git a/include/uapi/rdma/hns-abi.h b/include/uapi/rdma/hns-abi.h
index 69508419d3a0..5988a6288d14 100644
--- a/include/uapi/rdma/hns-abi.h
+++ b/include/uapi/rdma/hns-abi.h
@@ -127,6 +127,7 @@ struct hns_roce_ib_alloc_ucontext_resp {
__u32 dca_qps;
__u32 dca_mmap_size;
__aligned_u64 dca_mmap_key;
+ __aligned_u64 reset_mmap_key;
};
enum hns_roce_uctx_comp_mask {
--
2.20.1
1
2
[PATCH openEuler-5.10 1/5] arm64: fix a concurrency issue in emulation_proc_handler()
by Zheng Zengkai 13 Dec '22
by Zheng Zengkai 13 Dec '22
13 Dec '22
From: ruanjinjie <ruanjinjie(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I65RG3?from=project-issue
CVE: NA
-------------------------------
In emulation_proc_handler(), read and write operations are performed on
insn->current_mode. In the concurrency scenario, mutex only protects
writing insn->current_mode, and not protects the read. Suppose there are
two concurrent tasks, task1 updates insn->current_mode to INSN_EMULATE
in the critical section, the prev_mode of task2 is still the old data
INSN_UNDEF of insn->current_mode. As a result, two tasks call
update_insn_emulation_mode twice with prev_mode = INSN_UNDEF and
current_mode = INSN_EMULATE, then call register_emulation_hooks twice,
resulting in a list_add double problem.
Call trace:
__list_add_valid+0xd8/0xe4
register_undef_hook+0x94/0x13c
update_insn_emulation_mode+0xd0/0x12c
emulation_proc_handler+0xd8/0xf4
proc_sys_call_handler+0x140/0x250
proc_sys_write+0x1c/0x2c
new_sync_write+0xec/0x18c
vfs_write+0x214/0x2ac
ksys_write+0x70/0xfc
__arm64_sys_write+0x24/0x30
el0_svc_common.constprop.0+0x7c/0x1bc
do_el0_svc+0x2c/0x94
el0_svc+0x20/0x30
el0_sync_handler+0xb0/0xb4
el0_sync+0x160/0x180
Fixes: fcddf02ab0da ("arm64: fix oops in concurrently setting insn_emulation sysctls")
Signed-off-by: ruanjinjie <ruanjinjie(a)huawei.com>
Reviewed-by: Liao Chang <liaochang1(a)huawei.com>
Reviewed-by: Zhang Jianhua <chris.zjh(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
arch/arm64/kernel/armv8_deprecated.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/kernel/armv8_deprecated.c b/arch/arm64/kernel/armv8_deprecated.c
index 4a0ba2800e45..ab955c249f37 100644
--- a/arch/arm64/kernel/armv8_deprecated.c
+++ b/arch/arm64/kernel/armv8_deprecated.c
@@ -208,10 +208,12 @@ static int emulation_proc_handler(struct ctl_table *table, int write,
loff_t *ppos)
{
int ret = 0;
- struct insn_emulation *insn = container_of(table->data, struct insn_emulation, current_mode);
- enum insn_emulation_mode prev_mode = insn->current_mode;
+ struct insn_emulation *insn;
+ enum insn_emulation_mode prev_mode;
mutex_lock(&insn_emulation_mutex);
+ insn = container_of(table->data, struct insn_emulation, current_mode);
+ prev_mode = insn->current_mode;
ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
if (ret || !write || prev_mode == insn->current_mode)
--
2.20.1
1
4
[PATCH openEuler-5.10-LTS 01/23] mm/dynamic_hugetlb: fix compound_nr incorrect
by Zheng Zengkai 13 Dec '22
by Zheng Zengkai 13 Dec '22
13 Dec '22
From: Liu Shixin <liushixin2(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I641XX
CVE: NA
--------------------------------
Patch 1378a5ee451a ("mm: store compound_nr as well as compound_order") add
a new member compound_nr in struct page, and use this new member insteal
of compound_order in hugetlb_cgroup_move_parent() to compute the nr_pages.
In free_hugepage_to_hugetlb(), we reset page->mapping to NULL for each
subpage. Since page->mapping and page->compound_nr is union, we reset
page->compound_nr too unexpectly. This will finally result the nr_pages
incorrect in hugetlb_cgroup_move_parent() and can't release hugetlb_cgroup.
Fix this problem by reset page->compound_nr using set_compound_order().
Signed-off-by: Liu Shixin <liushixin2(a)huawei.com>
Reviewed-by: Nanyong Sun <sunnanyong(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
mm/dynamic_hugetlb.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/dynamic_hugetlb.c b/mm/dynamic_hugetlb.c
index eb9b528b73de..8a985d816c07 100644
--- a/mm/dynamic_hugetlb.c
+++ b/mm/dynamic_hugetlb.c
@@ -799,7 +799,8 @@ static int free_hugepage_to_hugetlb(struct dhugetlb_pool *hpool)
p->mapping = NULL;
}
set_compound_page_dtor(page, HUGETLB_PAGE_DTOR);
-
+ /* compound_nr and mapping are union in page, reset it. */
+ set_compound_order(page, PUD_SHIFT - PAGE_SHIFT);
nid = page_to_nid(page);
SetHPageFreed(page);
list_move(&page->lru, &h->hugepage_freelists[nid]);
--
2.20.1
1
22
您好!
Kernel SIG 邀请您参加 2022-12-16 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG双周例会
会议内容:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
会议链接:https://us06web.zoom.us/j/83523573625?pwd=Z0QvZU5la2I5emh5NzRlemkwT1krZz09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2022-12-16 14:00,
The subject of the conference is openEuler Kernel SIG双周例会,
Summary:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/83523573625?pwd=Z0QvZU5la2I5emh5NzRlemkwT1krZz09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
[PATCH openEuler-5.10-LTS 001/141] Revert "block/wbt: fix negative inflight counter when remove scsi device"
by Zheng Zengkai 13 Dec '22
by Zheng Zengkai 13 Dec '22
13 Dec '22
From: Li Nan <linan122(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 187584, https://gitee.com/openeuler/kernel/issues/I5QW2R
CVE: NA
--------------------------------
This reverts commit 36f5d7662495aa5ad4ec197443e69e01384eda3c.
There are two wbt_enable_default() in bfq_exit_queue(). Although it will
not lead to no fault, revert one.
Signed-off-by: Li Nan <linan122(a)huawei.com>
Reviewed-by: Jason Yan <yanaijie(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
block/bfq-iosched.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c
index 4bfea5e5354e..1aec01c0a707 100644
--- a/block/bfq-iosched.c
+++ b/block/bfq-iosched.c
@@ -6418,8 +6418,6 @@ static void bfq_exit_queue(struct elevator_queue *e)
spin_unlock_irq(&bfqd->lock);
#endif
- wbt_enable_default(bfqd->queue);
-
kfree(bfqd);
/* Re-enable throttling in case elevator disabled it */
--
2.20.1
3
142
[PATCH openEuler-1.0-LTS 1/3] USB: add usb_control_msg_send() and usb_control_msg_recv()
by Yongqiang Liu 13 Dec '22
by Yongqiang Liu 13 Dec '22
13 Dec '22
From: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
mainline inclusion
from mainline-v5.10-rc1
commit 719b8f2850d3d9b863cc5e4f08e9ef0206e45b26
category: bugfix
bugzilla: 188090, https://gitee.com/src-openeuler/kernel/issues/I6068W
CVE: CVE-2022-3903
--------------------------------
New core functions to make sending/receiving USB control messages easier
and saner.
In discussions, it turns out that the large majority of users of
usb_control_msg() do so in potentially incorrect ways. The most common
issue is where a "short" message is received, yet never detected
properly due to "incorrect" error handling.
Handle all of this in the USB core with two new functions to try to make
working with USB control messages simpler.
No more need for dynamic data, messages can be on the stack, and only
"complete" send/receive will work without causing an error.
Link: https://lore.kernel.org/r/20200914153756.3412156-3-gregkh@linuxfoundation.o…
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
The parts related to usb_control_msg_send() and usb_control_msg_recv()
in commit USB: correct API of usb_control_msg_send/recv are added to
solve CVE. Commit USB: core: drop pipe-type check from new
control-message helpers is also added.
Signed-off-by: Zhang Peng <zhangpeng362(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/usb/core/message.c | 134 +++++++++++++++++++++++++++++++++++++
include/linux/usb.h | 8 +++
2 files changed, 142 insertions(+)
diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c
index fcf84bfc08e3..0be20b17e754 100644
--- a/drivers/usb/core/message.c
+++ b/drivers/usb/core/message.c
@@ -161,6 +161,140 @@ int usb_control_msg(struct usb_device *dev, unsigned int pipe, __u8 request,
}
EXPORT_SYMBOL_GPL(usb_control_msg);
+/**
+ * usb_control_msg_send - Builds a control "send" message, sends it off and waits for completion
+ * @dev: pointer to the usb device to send the message to
+ * @endpoint: endpoint to send the message to
+ * @request: USB message request value
+ * @requesttype: USB message request type value
+ * @value: USB message value
+ * @index: USB message index value
+ * @driver_data: pointer to the data to send
+ * @size: length in bytes of the data to send
+ * @timeout: time in msecs to wait for the message to complete before timing
+ * out (if 0 the wait is forever)
+ * @memflags: the flags for memory allocation for buffers
+ *
+ * Context: !in_interrupt ()
+ *
+ * This function sends a control message to a specified endpoint that is not
+ * expected to fill in a response (i.e. a "send message") and waits for the
+ * message to complete, or timeout.
+ *
+ * Do not use this function from within an interrupt context. If you need
+ * an asynchronous message, or need to send a message from within interrupt
+ * context, use usb_submit_urb(). If a thread in your driver uses this call,
+ * make sure your disconnect() method can wait for it to complete. Since you
+ * don't have a handle on the URB used, you can't cancel the request.
+ *
+ * The data pointer can be made to a reference on the stack, or anywhere else,
+ * as it will not be modified at all. This does not have the restriction that
+ * usb_control_msg() has where the data pointer must be to dynamically allocated
+ * memory (i.e. memory that can be successfully DMAed to a device).
+ *
+ * Return: If successful, 0 is returned, Otherwise, a negative error number.
+ */
+int usb_control_msg_send(struct usb_device *dev, __u8 endpoint, __u8 request,
+ __u8 requesttype, __u16 value, __u16 index,
+ const void *driver_data, __u16 size, int timeout,
+ gfp_t memflags)
+{
+ unsigned int pipe = usb_sndctrlpipe(dev, endpoint);
+ int ret;
+ u8 *data = NULL;
+
+ if (size) {
+ data = kmemdup(driver_data, size, memflags);
+ if (!data)
+ return -ENOMEM;
+ }
+
+ ret = usb_control_msg(dev, pipe, request, requesttype, value, index,
+ data, size, timeout);
+ kfree(data);
+
+ if (ret < 0)
+ return ret;
+ if (ret == size)
+ return 0;
+ return -EINVAL;
+}
+EXPORT_SYMBOL_GPL(usb_control_msg_send);
+
+/**
+ * usb_control_msg_recv - Builds a control "receive" message, sends it off and waits for completion
+ * @dev: pointer to the usb device to send the message to
+ * @endpoint: endpoint to send the message to
+ * @request: USB message request value
+ * @requesttype: USB message request type value
+ * @value: USB message value
+ * @index: USB message index value
+ * @driver_data: pointer to the data to be filled in by the message
+ * @size: length in bytes of the data to be received
+ * @timeout: time in msecs to wait for the message to complete before timing
+ * out (if 0 the wait is forever)
+ * @memflags: the flags for memory allocation for buffers
+ *
+ * Context: !in_interrupt ()
+ *
+ * This function sends a control message to a specified endpoint that is
+ * expected to fill in a response (i.e. a "receive message") and waits for the
+ * message to complete, or timeout.
+ *
+ * Do not use this function from within an interrupt context. If you need
+ * an asynchronous message, or need to send a message from within interrupt
+ * context, use usb_submit_urb(). If a thread in your driver uses this call,
+ * make sure your disconnect() method can wait for it to complete. Since you
+ * don't have a handle on the URB used, you can't cancel the request.
+ *
+ * The data pointer can be made to a reference on the stack, or anywhere else
+ * that can be successfully written to. This function does not have the
+ * restriction that usb_control_msg() has where the data pointer must be to
+ * dynamically allocated memory (i.e. memory that can be successfully DMAed to a
+ * device).
+ *
+ * The "whole" message must be properly received from the device in order for
+ * this function to be successful. If a device returns less than the expected
+ * amount of data, then the function will fail. Do not use this for messages
+ * where a variable amount of data might be returned.
+ *
+ * Return: If successful, 0 is returned, Otherwise, a negative error number.
+ */
+int usb_control_msg_recv(struct usb_device *dev, __u8 endpoint, __u8 request,
+ __u8 requesttype, __u16 value, __u16 index,
+ void *driver_data, __u16 size, int timeout,
+ gfp_t memflags)
+{
+ unsigned int pipe = usb_rcvctrlpipe(dev, endpoint);
+ int ret;
+ u8 *data;
+
+ if (!size || !driver_data)
+ return -EINVAL;
+
+ data = kmalloc(size, memflags);
+ if (!data)
+ return -ENOMEM;
+
+ ret = usb_control_msg(dev, pipe, request, requesttype, value, index,
+ data, size, timeout);
+
+ if (ret < 0)
+ goto exit;
+
+ if (ret == size) {
+ memcpy(driver_data, data, size);
+ ret = 0;
+ } else {
+ ret = -EINVAL;
+ }
+
+exit:
+ kfree(data);
+ return ret;
+}
+EXPORT_SYMBOL_GPL(usb_control_msg_recv);
+
/**
* usb_interrupt_msg - Builds an interrupt urb, sends it off and waits for completion
* @usb_dev: pointer to the usb device to send the message to
diff --git a/include/linux/usb.h b/include/linux/usb.h
index ff010d1fd1c7..3e1e31f73d0e 100644
--- a/include/linux/usb.h
+++ b/include/linux/usb.h
@@ -1783,6 +1783,14 @@ extern int usb_bulk_msg(struct usb_device *usb_dev, unsigned int pipe,
int timeout);
/* wrappers around usb_control_msg() for the most common standard requests */
+int usb_control_msg_send(struct usb_device *dev, __u8 endpoint, __u8 request,
+ __u8 requesttype, __u16 value, __u16 index,
+ const void *data, __u16 size, int timeout,
+ gfp_t memflags);
+int usb_control_msg_recv(struct usb_device *dev, __u8 endpoint, __u8 request,
+ __u8 requesttype, __u16 value, __u16 index,
+ void *data, __u16 size, int timeout,
+ gfp_t memflags);
extern int usb_get_descriptor(struct usb_device *dev, unsigned char desctype,
unsigned char descindex, void *buf, int size);
extern int usb_get_status(struct usb_device *dev,
--
2.25.1
1
2
Hi All,
最近我发现openEuler-22.03-LTS分支加入了大量新特性的补丁, 比如ksmbd,
coresight和LoongArch.
这是否意味着除了fix相关的补丁,openEuler LTS版本是可以加入新特性补丁?
Thanks,
Guoqing
3
4
[PATCH openEuler-5.10 1/7] ide-cd: don't clear rq_flags after blk_get_request
by Zheng Zengkai 12 Dec '22
by Zheng Zengkai 12 Dec '22
12 Dec '22
From: Yu Kuai <yukuai3(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65K8D
CVE: NA
--------------------------------
Prepare to add a flag while initializing request, there are no
functional changes.
Signed-off-by: Yu Kuai <yukuai3(a)huawei.com>
Reviewed-by: Hou Tao <houtao1(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/ide/ide-cd_ioctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/ide/ide-cd_ioctl.c b/drivers/ide/ide-cd_ioctl.c
index 46f2df288c6a..932c4be4c88c 100644
--- a/drivers/ide/ide-cd_ioctl.c
+++ b/drivers/ide/ide-cd_ioctl.c
@@ -298,7 +298,7 @@ int ide_cdrom_reset(struct cdrom_device_info *cdi)
rq = blk_get_request(drive->queue, REQ_OP_DRV_IN, 0);
ide_req(rq)->type = ATA_PRIV_MISC;
- rq->rq_flags = RQF_QUIET;
+ rq->rq_flags |= RQF_QUIET;
blk_execute_rq(drive->queue, cd->disk, rq, 0);
ret = scsi_req(rq)->result ? -EIO : 0;
blk_put_request(rq);
--
2.20.1
1
6
[PATCH openEuler-5.10] iommu: Fix error handling in probe_acpi_namespace_devices()
by Zheng Zengkai 12 Dec '22
by Zheng Zengkai 12 Dec '22
12 Dec '22
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I65QZY
--------------------------------
Fix smatch error in probe_acpi_namespace_devices().
In probe_acpi_namespace_devices(), if device_to_iommu() returns NULL,
unlock operation is needed before return.
Fixes: d660222861c4 ("iommu/vt-d:Add support for detecting ACPI device, in RMRR")
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com>
Reviewed-by: Hanjun Guo <guohanjun(a)huawei.com>
---
drivers/iommu/intel/iommu.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index 9e14cf9d875f..a1e56413600a 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -4995,8 +4995,10 @@ static int __init probe_acpi_namespace_devices(void)
}
iommu = device_to_iommu(dev, &bus, &devfn);
- if (!iommu)
- return -ENODEV;
+ if (!iommu) {
+ ret = -ENODEV;
+ goto unlock;
+ }
info = dmar_search_domain_by_dev_info(iommu->segment, bus, devfn);
if (!info) {
pn->dev->bus->iommu_ops = &intel_iommu_ops;
@@ -5011,8 +5013,10 @@ static int __init probe_acpi_namespace_devices(void)
}
if (!pn_dev) {
iommu = device_to_iommu(dev, &bus, &devfn);
- if (!iommu)
- return -ENODEV;
+ if (!iommu) {
+ ret = -ENODEV;
+ goto unlock;
+ }
info = dmar_search_domain_by_dev_info(iommu->segment, bus, devfn);
if (!info) {
dev->bus->iommu_ops = &intel_iommu_ops;
--
2.20.1
1
0
Signed-off-by: Wang ShaoBo <bobo.shaobowang(a)huawei.com>
---
include/linux/list.h | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/include/linux/list.h b/include/linux/list.h
index a18c87b63376..b858dc1ce663 100644
--- a/include/linux/list.h
+++ b/include/linux/list.h
@@ -7,6 +7,7 @@
#include <linux/poison.h>
#include <linux/const.h>
#include <linux/kernel.h>
+#include <asm/bug.h>
/*
* Simple doubly linked list implementation.
@@ -71,6 +72,17 @@ static inline void __list_add(struct list_head *new,
new->next = next;
new->prev = prev;
WRITE_ONCE(prev->next, new);
+
+ WARN_ON(next->prev != new);
+ WARN_ON(new->next != next);
+ WARN_ON(new->prev != prev);
+ WARN_ON(prev->next != new);
+ wmb();
+ mb();
+ WARN_ON(next->prev != new);
+ WARN_ON(new->next != next);
+ WARN_ON(new->prev != prev);
+ WARN_ON(prev->next != new);
}
/**
@@ -111,6 +123,13 @@ static inline void __list_del(struct list_head * prev, struct list_head * next)
{
next->prev = prev;
WRITE_ONCE(prev->next, next);
+
+ WARN_ON(next->prev != prev);
+ WARN_ON(prev->next != next);
+ wmb();
+ mb();
+ WARN_ON(next->prev != prev);
+ WARN_ON(prev->next != next);
}
/*
--
2.25.1
1
0
add debug info
Wang ShaoBo (1):
waitqueue: add info for debugging
Yu Liao (1):
timer: add info for debugging
include/linux/dwait.h | 6 +++++
kernel/sched/wait.c | 39 +++++++++++++++++++++++++++++
kernel/time/timer.c | 8 ++++++
lib/list_debug.c | 57 +++++++++++++++++++++++++++++++++++++++----
4 files changed, 105 insertions(+), 5 deletions(-)
create mode 100644 include/linux/dwait.h
--
2.25.1
1
2
【知会】https://gitee.com/openeuler/kernel 仓 openEuler-22.03-LTS-SP1分支已从主干OLK-5.10分支拉取
by Zhengzengkai 08 Dec '22
by Zhengzengkai 08 Dec '22
08 Dec '22
Hi All,
https://gitee.com/openeuler/kernel 仓 openEuler-22.03-LTS-SP1分支已从主干OLK-5.10分支拉取,
后续合入openEuler-22.03-LTS-SP1分支的补丁,目标分支请提到openEuler-22.03-LTS-SP1分支,
如需同步主干,请在PR中评论/sync OLK-5.10 或 另提到OLK-5.10分支。
谢谢!
1
0
[PATCH openEuler-5.10 01/37] sched: Fix null-ptr-deref in free_fair_sched_group
by Zheng Zengkai 08 Dec '22
by Zheng Zengkai 08 Dec '22
08 Dec '22
From: Hui Tang <tanghui20(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 187419, https://gitee.com/openeuler/kernel/issues/I612FD
-------------------------------
do_el0_svc+0x50/0x11c arch/arm64/kernel/syscall.c:217
el0_svc+0x20/0x30 arch/arm64/kernel/entry-common.c:353
el0_sync_handler+0xe4/0x1e0 arch/arm64/kernel/entry-common.c:369
el0_sync+0x148/0x180 arch/arm64/kernel/entry.S:683
==================================================================
BUG: KASAN: null-ptr-deref in rq_of kernel/sched/sched.h:1118 [inline]
BUG: KASAN: null-ptr-deref in unthrottle_qos_sched_group kernel/sched/fair.c:7619 [inline]
BUG: KASAN: null-ptr-deref in free_fair_sched_group+0x124/0x320 kernel/sched/fair.c:12131
Read of size 8 at addr 0000000000000130 by task syz-executor100/223
CPU: 3 PID: 223 Comm: syz-executor100 Not tainted 5.10.0 #6
Hardware name: linux,dummy-virt (DT)
Call trace:
dump_backtrace+0x0/0x40c arch/arm64/kernel/stacktrace.c:132
show_stack+0x30/0x40 arch/arm64/kernel/stacktrace.c:196
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1b4/0x248 lib/dump_stack.c:118
__kasan_report mm/kasan/report.c:551 [inline]
kasan_report+0x18c/0x210 mm/kasan/report.c:564
check_memory_region_inline mm/kasan/generic.c:187 [inline]
__asan_load8+0x98/0xc0 mm/kasan/generic.c:253
rq_of kernel/sched/sched.h:1118 [inline]
unthrottle_qos_sched_group kernel/sched/fair.c:7619 [inline]
free_fair_sched_group+0x124/0x320 kernel/sched/fair.c:12131
sched_free_group kernel/sched/core.c:7767 [inline]
sched_create_group+0x48/0xc0 kernel/sched/core.c:7798
cpu_cgroup_css_alloc+0x18/0x40 kernel/sched/core.c:7930
css_create+0x7c/0x4a0 kernel/cgroup/cgroup.c:5328
cgroup_apply_control_enable+0x288/0x340 kernel/cgroup/cgroup.c:3135
cgroup_apply_control kernel/cgroup/cgroup.c:3217 [inline]
cgroup_subtree_control_write+0x668/0x8b0 kernel/cgroup/cgroup.c:3375
cgroup_file_write+0x1a8/0x37c kernel/cgroup/cgroup.c:3909
kernfs_fop_write_iter+0x220/0x2f4 fs/kernfs/file.c:296
call_write_iter include/linux/fs.h:1960 [inline]
new_sync_write+0x260/0x370 fs/read_write.c:515
vfs_write+0x3dc/0x4ac fs/read_write.c:602
ksys_write+0xfc/0x200 fs/read_write.c:655
__do_sys_write fs/read_write.c:667 [inline]
__se_sys_write fs/read_write.c:664 [inline]
__arm64_sys_write+0x50/0x60 fs/read_write.c:664
__invoke_syscall arch/arm64/kernel/syscall.c:36 [inline]
invoke_syscall arch/arm64/kernel/syscall.c:48 [inline]
el0_svc_common.constprop.0+0xf4/0x414 arch/arm64/kernel/syscall.c:155
do_el0_svc+0x50/0x11c arch/arm64/kernel/syscall.c:217
el0_svc+0x20/0x30 arch/arm64/kernel/entry-common.c:353
el0_sync_handler+0xe4/0x1e0 arch/arm64/kernel/entry-common.c:369
el0_sync+0x148/0x180 arch/arm64/kernel/entry.S:683
So add check for tg->cfs_rq[i] before unthrottle_qos_sched_group() called.
Signed-off-by: Hui Tang <tanghui20(a)huawei.com>
Signed-off-by: Zheng Zucheng <zhengzucheng(a)huawei.com>
Reviewed-by: Zhang Qiao <zhangqiao22(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
kernel/sched/fair.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
index 7fa2eecac1f4..654e964b5c31 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
@@ -12157,7 +12157,7 @@ void free_fair_sched_group(struct task_group *tg)
for_each_possible_cpu(i) {
#ifdef CONFIG_QOS_SCHED
- if (tg->cfs_rq)
+ if (tg->cfs_rq && tg->cfs_rq[i])
unthrottle_qos_sched_group(tg->cfs_rq[i]);
#endif
if (tg->cfs_rq)
--
2.20.1
1
36
[PATCH openEuler-1.0-LTS] mm/sharepool: Fix a double free problem caused by init_local_group
by Yongqiang Liu 08 Dec '22
by Yongqiang Liu 08 Dec '22
08 Dec '22
From: Chen Jun <chenjun102(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I64Y5Y
CVE: NA
-------------------------------
If local_group_add_task fails in init_local_group. ida free the
same id twice.
init_local_group
local_group_add_task // failed
goto free_spg
free_spg:
free_sp_group_locked
free_sp_group_id // free spg->id
free_spg_id:
free_new_spg_id // double free spg->id
To fix it, return before calling free_new_spg_id.
Signed-off-by: Chen Jun <chenjun102(a)huawei.com>
Signed-off-by: Guo Mengqi <guomengqi3(a)huawei.com>
Reviewed-by: chenweilong <chenweilong(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
mm/share_pool.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/mm/share_pool.c b/mm/share_pool.c
index 41ed3a3b8682..d2591c73a503 100644
--- a/mm/share_pool.c
+++ b/mm/share_pool.c
@@ -301,8 +301,8 @@ static int init_local_group(struct mm_struct *mm)
spg = create_spg(spg_id, 0);
if (IS_ERR(spg)) {
- ret = PTR_ERR(spg);
- goto free_spg_id;
+ free_new_spg_id(true, spg_id);
+ return PTR_ERR(spg);
}
master->local = spg;
@@ -322,11 +322,9 @@ static int init_local_group(struct mm_struct *mm)
return 0;
free_spg:
+ /* spg_id is freed in free_sp_group_locked */
free_sp_group_locked(spg);
master->local = NULL;
-free_spg_id:
- free_new_spg_id(true, spg_id);
-
return ret;
}
--
2.25.1
1
0
Alexander Potapenko (2):
mm: fs: initialize fsdata passed to write_begin/write_end interface
ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to
network
Arnd Bergmann (1):
security: commoncap: fix -Wstringop-overread warning
Baisong Zhong (1):
bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
Chen Zhongjin (1):
net, neigh: Fix null-ptr-deref in neigh_table_clear()
Christian A. Ehrhardt (1):
kernfs: fix use-after-free in __kernfs_remove
Chuang Wang (1):
net: macvlan: fix memory leaks of macvlan_common_newlink
Daniil Tatianin (1):
ring_buffer: Do not deactivate non-existant pages
Eric Dumazet (1):
macvlan: enforce a consistent minimal mtu
Gaosheng Cui (1):
capabilities: fix potential memleak on error path from
vfs_getxattr_alloc()
Ilpo Järvinen (2):
serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
serial: 8250: Flush DMA Rx on RLSI
Jiri Benc (1):
net: gso: fix panic on frag_list with mixed head alloc types
Kuniyuki Iwashima (1):
tcp/udp: Make early_demux back namespacified.
Li Qiang (1):
kprobe: reverse kp->flags when arm_kprobe failed
Neal Cardwell (1):
tcp: fix indefinite deferral of RTO with SACK reneging
Rik van Riel (1):
mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
Seth Jenkins (1):
mm: /proc/pid/smaps_rollup: fix no vma's null-deref
Wang Wensheng (1):
ftrace: Optimize the allocation for mcount entries
Xia Fukun (2):
ida: don't use BUG_ON() for debugging
signal handling: don't use BUG_ON() for debugging
Xiu Jianfeng (1):
ftrace: Fix null pointer dereference in ftrace_add_mod()
Zhang Xiaoxu (1):
nfs4: Fix kmemleak when allocate slot failed
Zhengchao Shao (2):
net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
ipv6: fix WARNING in ip6_route_net_exit_late()
drivers/net/macvlan.c | 6 ++-
drivers/tty/serial/8250/8250_port.c | 7 +++-
fs/buffer.c | 4 +-
fs/kernfs/dir.c | 5 ++-
fs/namei.c | 2 +-
fs/nfs/nfs4client.c | 1 +
fs/proc/task_mmu.c | 2 +-
include/net/protocol.h | 4 --
include/net/tcp.h | 2 +
include/net/udp.h | 1 +
kernel/kprobes.c | 5 ++-
kernel/signal.c | 8 ++--
kernel/trace/ftrace.c | 3 +-
kernel/trace/ring_buffer.c | 4 +-
lib/idr.c | 4 +-
mm/filemap.c | 2 +-
mm/hugetlb.c | 2 +-
net/bpf/test_run.c | 1 +
net/core/neighbour.c | 2 +-
net/core/net_namespace.c | 7 ++++
net/core/skbuff.c | 36 +++++++++---------
net/ipv4/af_inet.c | 14 +------
net/ipv4/ip_input.c | 32 ++++++++++------
net/ipv4/sysctl_net_ipv4.c | 59 +----------------------------
net/ipv4/tcp_input.c | 3 +-
net/ipv6/addrlabel.c | 1 +
net/ipv6/ip6_input.c | 23 +++++++----
net/ipv6/route.c | 14 +++++--
net/ipv6/tcp_ipv6.c | 9 +----
net/ipv6/udp.c | 9 +----
security/commoncap.c | 6 ++-
31 files changed, 127 insertions(+), 151 deletions(-)
--
2.25.1
1
25
From: Sungwoo Kim <iam(a)sung-woo.kim>
maillist inclusion
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I63D3E
CVE: CVE-2022-45934
--------------------------------
By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases
multiple times and eventually it will wrap around the maximum number
(i.e., 255).
This patch prevents this by adding a boundary check with
L2CAP_MAX_CONF_RSP
Btmon log:
Bluetooth monitor ver 5.64
= Note: Linux version 6.1.0-rc2 (x86_64) 0.264594
= Note: Bluetooth subsystem version 2.22 0.264636
@ MGMT Open: btmon (privileged) version 1.22 {0x0001} 0.272191
= New Index: 00:00:00:00:00:00 (Primary,Virtual,hci0) [hci0] 13.877604
@ RAW Open: 9496 (privileged) version 2.22 {0x0002} 13.890741
= Open Index: 00:00:00:00:00:00 [hci0] 13.900426
(...)
> ACL Data RX: Handle 200 flags 0x00 dlen 1033 #32 [hci0] 14.273106
invalid packet size (12 != 1033)
08 00 01 00 02 01 04 00 01 10 ff ff ............
> ACL Data RX: Handle 200 flags 0x00 dlen 1547 #33 [hci0] 14.273561
invalid packet size (14 != 1547)
0a 00 01 00 04 01 06 00 40 00 00 00 00 00 ........@.....
> ACL Data RX: Handle 200 flags 0x00 dlen 2061 #34 [hci0] 14.274390
invalid packet size (16 != 2061)
0c 00 01 00 04 01 08 00 40 00 00 00 00 00 00 04 ........@.......
> ACL Data RX: Handle 200 flags 0x00 dlen 2061 #35 [hci0] 14.274932
invalid packet size (16 != 2061)
0c 00 01 00 04 01 08 00 40 00 00 00 07 00 03 00 ........@.......
= bluetoothd: Bluetooth daemon 5.43 14.401828
> ACL Data RX: Handle 200 flags 0x00 dlen 1033 #36 [hci0] 14.275753
invalid packet size (12 != 1033)
08 00 01 00 04 01 04 00 40 00 00 00 ........@...
Signed-off-by: Sungwoo Kim <iam(a)sung-woo.kim>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Signed-off-by: Baisong Zhong <zhongbaisong(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/bluetooth/l2cap_core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 863ce43fa175..3b02e881cec1 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -4151,7 +4151,8 @@ static inline int l2cap_config_req(struct l2cap_conn *conn,
chan->ident = cmd->ident;
l2cap_send_cmd(conn, cmd->ident, L2CAP_CONF_RSP, len, rsp);
- chan->num_conf_rsp++;
+ if (chan->num_conf_rsp < L2CAP_CONF_MAX_CONF_RSP)
+ chan->num_conf_rsp++;
/* Reset config buffer. */
chan->conf_len = 0;
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS 1/2] l2tp: Serialize access to sk_user_data with sk_callback_lock
by Yongqiang Liu 05 Dec '22
by Yongqiang Liu 05 Dec '22
05 Dec '22
From: Jakub Sitnicki <jakub(a)cloudflare.com>
mainline inclusion
from mainline-v6.1-rc6
commit b68777d54fac21fc833ec26ea1a2a84f975ab035
category: bugfix
bugzilla: 188056, https://gitee.com/src-openeuler/kernel/issues/I62RNU
CVE: CVE-2022-4129
--------------------------------
sk->sk_user_data has multiple users, which are not compatible with each
other. Writers must synchronize by grabbing the sk->sk_callback_lock.
l2tp currently fails to grab the lock when modifying the underlying tunnel
socket fields. Fix it by adding appropriate locking.
We err on the side of safety and grab the sk_callback_lock also inside the
sk_destruct callback overridden by l2tp, even though there should be no
refs allowing access to the sock at the time when sk_destruct gets called.
v4:
- serialize write to sk_user_data in l2tp sk_destruct
v3:
- switch from sock lock to sk_callback_lock
- document write-protection for sk_user_data
v2:
- update Fixes to point to origin of the bug
- use real names in Reported/Tested-by tags
Cc: Tom Parkin <tparkin(a)katalix.com>
Fixes: 3557baabf280 ("[L2TP]: PPP over L2TP driver core")
Reported-by: Haowei Yan <g1042620637(a)gmail.com>
Signed-off-by: Jakub Sitnicki <jakub(a)cloudflare.com>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
conflict:
net/l2tp/l2tp_core.c
Signed-off-by: Lu Wei <luwei32(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
include/net/sock.h | 2 +-
net/l2tp/l2tp_core.c | 19 +++++++++++++------
2 files changed, 14 insertions(+), 7 deletions(-)
diff --git a/include/net/sock.h b/include/net/sock.h
index 273f8226dbff..adfb0219fc29 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -304,7 +304,7 @@ struct sock_common {
* @sk_tskey: counter to disambiguate concurrent tstamp requests
* @sk_zckey: counter to order MSG_ZEROCOPY notifications
* @sk_socket: Identd and reporting IO signals
- * @sk_user_data: RPC layer private data
+ * @sk_user_data: RPC layer private data. Write-protected by @sk_callback_lock.
* @sk_frag: cached page frag
* @sk_peek_off: current peek_offset value
* @sk_send_head: front of stuff to transmit
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 9abdc0a04d99..a88e1fd1cfea 100644
--- a/net/l2tp/l2tp_core.c
+++ b/net/l2tp/l2tp_core.c
@@ -1172,8 +1172,10 @@ static void l2tp_tunnel_destruct(struct sock *sk)
}
/* Remove hooks into tunnel socket */
+ write_lock_bh(&sk->sk_callback_lock);
sk->sk_destruct = tunnel->old_sk_destruct;
sk->sk_user_data = NULL;
+ write_unlock_bh(&sk->sk_callback_lock);
/* Call the original destructor */
if (sk->sk_destruct)
@@ -1492,12 +1494,15 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
sock = sockfd_lookup(tunnel->fd, &ret);
if (!sock)
goto err;
-
- ret = l2tp_validate_socket(sock->sk, net, tunnel->encap);
- if (ret < 0)
- goto err_sock;
}
+ sk = sock->sk;
+ write_lock(&sk->sk_callback_lock);
+
+ ret = l2tp_validate_socket(sk, net, tunnel->encap);
+ if (ret < 0)
+ goto err_sock;
+
tunnel->l2tp_net = net;
pn = l2tp_pernet(net);
@@ -1513,7 +1518,6 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
list_add_rcu(&tunnel->list, &pn->l2tp_tunnel_list);
spin_unlock_bh(&pn->l2tp_tunnel_list_lock);
- sk = sock->sk;
sock_hold(sk);
tunnel->sock = sk;
@@ -1527,7 +1531,7 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
setup_udp_tunnel_sock(net, sock, &udp_cfg);
} else {
- sk->sk_user_data = tunnel;
+ rcu_assign_sk_user_data(sk, tunnel);
}
tunnel->old_sk_destruct = sk->sk_destruct;
@@ -1539,6 +1543,7 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
if (tunnel->fd >= 0)
sockfd_put(sock);
+ write_unlock(&sk->sk_callback_lock);
return 0;
err_sock:
@@ -1546,6 +1551,8 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
sock_release(sock);
else
sockfd_put(sock);
+
+ write_unlock(&sk->sk_callback_lock);
err:
return ret;
}
--
2.25.1
1
1
Backport 5.10.139 LTS patches from upstream.
git cherry-pick v5.10.138..v5.10.139~1 -s
Total patches: 1
Ondrej Mosnacek (1):
kbuild: dummy-tools: avoid tmpdir leak in dummy gcc
scripts/dummy-tools/dummy-plugin-dir/include/plugin-version.h | 0
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 scripts/dummy-tools/dummy-plugin-dir/include/plugin-version.h
--
2.20.1
1
1
02 Dec '22
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I63SDZ
CVE: NA
-------------------------------
In Ascend featue, when we make CONFIG_ARM_AMMU_V3 be M, and when we build
arm-smmu-v3.ko, it will miss symbols for acpi_dev_prop_read_single. So use
acpi_dev_get_property to replace the old interface
Signed-off-by: Zhang Jian <zhangjian210(a)huawei.com>
---
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
index 9ac1601c82ea..05be3a76e10f 100644
--- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
+++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
@@ -3061,6 +3061,7 @@ static struct iommu_device *arm_smmu_probe_device(struct device *dev)
struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
#ifdef CONFIG_ASCEND_FEATURES
u32 sid;
+ const union acpi_object *obj = NULL;
#endif
if (!fwspec || fwspec->ops != &arm_smmu_ops)
@@ -3109,8 +3110,9 @@ static struct iommu_device *arm_smmu_probe_device(struct device *dev)
master->stall_enabled = true;
#ifdef CONFIG_ASCEND_FEATURES
- if (!acpi_dev_prop_read_single(ACPI_COMPANION(dev),
- "streamid", DEV_PROP_U32, &sid)) {
+ if (!acpi_dev_get_property(ACPI_COMPANION(dev),
+ "streamid", ACPI_TYPE_INTEGER, &obj) && obj) {
+ sid = obj->integer.value;
if (iommu_fwspec_add_ids(dev, &sid, 1))
dev_info(dev, "failed to add ids\n");
master->stall_enabled = true;
--
2.17.1
1
0
Backport 5.10.140 LTS patches from upstream.
git cherry-pick v5.10.139..v5.10.140~1 -s
Already merged(-9):
6a564bad3a64 xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list()
1b9b4139d794 xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP*
37837bc3ef31 xfs: return errors in xfs_fs_sync_fs
70d560e2fb5e xfs: only bother with sync_filesystem during readonly remount
c5c4d4c9806d af_key: Do not call xfrm_probe_algs in parallel
c08a104a8bce netfilter: nf_tables: disallow binding to already bound chain
e3e0d117294d x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
3ddbd0907f6d blk-mq: fix io hung due to missing commit_rqs
e89798071784 bpf: Don't use tnum_range on array range checking for poke
descriptors
Context conflict:
4379a10c1db7 xfrm: clone missing x->lastused in xfrm_do_migrate
6301a73bd83d netfilter: nf_tables: disallow jump to implicit chain from set
element
Skipped(-1):
2761612bcde9 xfrm: policy: fix metadata dst->dev xmit null pointer dereference
due to 5b7f84b1f9f4 ("xfrm: Add possibility to set the default to block if we
have no policy") skipped
Total patches: 86 - 9 - 1 = 76
Alex Elder (1):
net: ipa: don't assume SMEM is page-aligned
Anand Jain (2):
btrfs: replace: drop assert for suspended replace
btrfs: add info when mount fails due to stale replace target
Antony Antony (1):
xfrm: clone missing x->lastused in xfrm_do_migrate
Basavaraj Natikar (1):
pinctrl: amd: Don't save/restore interrupt status and wake status bits
Bernard Pidoux (1):
rose: check NULL rose_loopback_neigh->loopback
Brian Foster (1):
s390: fix double free of GS and RI CBs on fork() failure
Christoph Hellwig (1):
fs: remove __sync_filesystem
Colin Ian King (1):
netfilter: nftables: remove redundant assignment of variable err
Darrick J. Wong (1):
vfs: make sync_filesystem return errors from ->sync_fs
David Hildenbrand (1):
mm/hugetlb: fix hugetlb not supporting softdirty tracking
David Howells (1):
rxrpc: Fix locking in rxrpc's sendmsg
Duoming Zhou (1):
nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout
Eric Dumazet (1):
tcp: tweak len/truesize ratio for coalesce candidates
Filipe Manana (1):
btrfs: fix silent failure when deleting root reference
Florian Westphal (1):
netfilter: ebtables: reject blobs that don't provide all entry points
Gaosheng Cui (1):
audit: fix potential double free on error path from
fsnotify_add_inode_mark
Goldwyn Rodrigues (1):
btrfs: check if root is readonly while setting security xattr
Guoqing Jiang (2):
Revert "md-raid: destroy the bitmap after destroying the thread"
md: call __md_stop_writes in md_stop
Helge Deller (1):
parisc: Fix exception handler for fldw and fstw instructions
Hui Su (1):
kernel/sched: Remove dl_boosted flag comment
Jacob Keller (1):
ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
James Clark (1):
perf python: Fix build when PYTHON_CONFIG is user supplied
Jeremy Sowden (1):
netfilter: bitwise: improve error goto labels
Jonathan Toppins (1):
bonding: 802.3ad: fix no transmission of LACPDUs
Juergen Gross (1):
xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
Kan Liang (1):
perf/x86/lbr: Enable the branch type for the Arch LBR by default
Kiwoong Kim (1):
scsi: ufs: core: Enable link lost interrupt
Kuniyuki Iwashima (15):
net: Fix data-races around sysctl_[rw]mem(_offset)?.
net: Fix data-races around sysctl_[rw]mem_(max|default).
net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
net: Fix data-races around netdev_max_backlog.
net: Fix data-races around netdev_tstamp_prequeue.
ratelimit: Fix data-races in ___ratelimit().
net: Fix data-races around sysctl_optmem_max.
net: Fix a data-race around sysctl_tstamp_allow_data.
net: Fix a data-race around sysctl_net_busy_poll.
net: Fix a data-race around sysctl_net_busy_read.
net: Fix a data-race around netdev_budget.
net: Fix a data-race around netdev_budget_usecs.
net: Fix data-races around sysctl_fb_tunnels_only_for_init_net.
net: Fix data-races around sysctl_devconf_inherit_init_net.
net: Fix a data-race around sysctl_somaxconn.
Maciej Fijalkowski (2):
ice: xsk: Force rings to be sized to power of 2
ice: xsk: prohibit usage of non-balanced queue id
Maciej Żenczykowski (1):
net: ipvtap - add __init/__exit annotations to module init/exit funcs
Martin KaFai Lau (1):
bpf: Folding omem_charge() into sk_storage_charge()
Miaohe Lin (1):
mm/huge_memory.c: use helper function migration_entry_to_page()
Olga Kornievskaia (1):
NFSv4.2 fix problems with __nfs42_ssc_open
Pablo Neira Ayuso (9):
netfilter: nft_payload: report ERANGE for too long offset and length
netfilter: nft_payload: do not truncate csum_offset and csum_type
netfilter: nf_tables: do not leave chain stats enabled on error
netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
netfilter: nft_tunnel: restrict it to netdev family
netfilter: nf_tables: consolidate rule verdict trace call
netfilter: nft_cmp: optimize comparison for 16-bytes
netfilter: nf_tables: upfront validation of data via nft_data_init()
netfilter: nf_tables: disallow jump to implicit chain from set element
Pawan Gupta (1):
x86/bugs: Add "unknown" reporting for MMIO Stale Data
Peter Xu (1):
mm/smaps: don't access young/dirty bit if pte unpresent
Quanyang Wang (1):
asm-generic: sections: refactor memory_intersects
Randy Dunlap (1):
kernel/sys_ni: add compat entry for fadvise64_64
Riwen Lu (1):
ACPI: processor: Remove freq Qos request for all CPUs
Salvatore Bonaccorso (1):
Documentation/ABI: Mention retbleed vulnerability info file for sysfs
Saurabh Sengar (1):
scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
Sergei Antonov (1):
net: moxa: get rid of asymmetry in DMA mapping/unmapping
Shannon Nelson (1):
ionic: fix up issues with handling EAGAIN on FW cmds
Siddh Raman Pant (1):
loop: Check for overflow while configuring loop
Stephane Eranian (1):
perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
Trond Myklebust (2):
NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open()
SUNRPC: RPC level errors should set task->tk_rpc_status
Vikas Gupta (1):
bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
Vlad Buslov (1):
net/mlx5e: Properly disable vlan strip on non-UL reps
Xin Xiong (1):
xfrm: fix refcount leak in __xfrm_policy_check()
Zenghui Yu (1):
arm64: Fix match_list for erratum 1286807 on Arm Cortex-A76
.../ABI/testing/sysfs-devices-system-cpu | 1 +
.../hw-vuln/processor_mmio_stale_data.rst | 14 ++
Documentation/admin-guide/sysctl/net.rst | 2 +-
arch/arm64/kernel/cpu_errata.c | 2 +
arch/parisc/kernel/unaligned.c | 2 +-
arch/s390/kernel/process.c | 22 ++-
arch/x86/events/intel/lbr.c | 8 +
arch/x86/events/intel/uncore_snb.c | 18 ++-
arch/x86/include/asm/cpufeatures.h | 5 +-
arch/x86/kernel/cpu/bugs.c | 14 +-
arch/x86/kernel/cpu/common.c | 42 ++++--
drivers/acpi/processor_thermal.c | 2 +-
drivers/block/loop.c | 5 +
drivers/md/md.c | 3 +-
drivers/net/bonding/bond_3ad.c | 38 ++---
.../net/ethernet/broadcom/bnxt/bnxt_sriov.c | 2 +-
drivers/net/ethernet/intel/ice/ice_xsk.c | 14 ++
drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c | 59 ++++++--
.../net/ethernet/mellanox/mlx5/core/en_rep.c | 2 +
drivers/net/ethernet/moxa/moxart_ether.c | 11 +-
.../net/ethernet/pensando/ionic/ionic_main.c | 4 +-
drivers/net/ipa/ipa_mem.c | 2 +-
drivers/net/ipvlan/ipvtap.c | 4 +-
drivers/nfc/pn533/uart.c | 1 +
drivers/pinctrl/pinctrl-amd.c | 11 +-
drivers/scsi/storvsc_drv.c | 2 +-
drivers/scsi/ufs/ufshci.h | 6 +-
drivers/xen/privcmd.c | 21 +--
fs/btrfs/dev-replace.c | 5 +-
fs/btrfs/root-tree.c | 5 +-
fs/btrfs/xattr.c | 3 +
fs/nfs/nfs4file.c | 16 +-
fs/proc/task_mmu.c | 7 +-
fs/sync.c | 48 +++---
include/asm-generic/sections.h | 7 +-
include/linux/netdevice.h | 20 ++-
include/linux/netfilter_bridge/ebtables.h | 4 -
include/linux/sched.h | 4 -
include/net/busy_poll.h | 2 +-
include/net/netfilter/nf_tables.h | 9 +-
include/net/netfilter/nf_tables_core.h | 9 ++
include/net/sock.h | 8 +-
kernel/audit_fsnotify.c | 1 +
kernel/sys_ni.c | 1 +
lib/ratelimit.c | 12 +-
mm/huge_memory.c | 4 +-
mm/mmap.c | 8 +-
net/bridge/netfilter/ebtable_broute.c | 8 -
net/bridge/netfilter/ebtable_filter.c | 8 -
net/bridge/netfilter/ebtable_nat.c | 8 -
net/bridge/netfilter/ebtables.c | 8 +-
net/core/bpf_sk_storage.c | 24 ++-
net/core/dev.c | 18 +--
net/core/filter.c | 13 +-
net/core/gro_cells.c | 2 +-
net/core/skbuff.c | 2 +-
net/core/sock.c | 18 ++-
net/core/sysctl_net_core.c | 15 +-
net/decnet/af_decnet.c | 4 +-
net/ipv4/devinet.c | 16 +-
net/ipv4/ip_output.c | 2 +-
net/ipv4/ip_sockglue.c | 6 +-
net/ipv4/tcp.c | 6 +-
net/ipv4/tcp_input.c | 51 +++++--
net/ipv4/tcp_output.c | 4 +-
net/ipv6/addrconf.c | 5 +-
net/ipv6/ipv6_sockglue.c | 4 +-
net/mptcp/protocol.c | 6 +-
net/netfilter/ipvs/ip_vs_sync.c | 4 +-
net/netfilter/nf_tables_api.c | 88 ++++++-----
net/netfilter/nf_tables_core.c | 55 ++++++-
net/netfilter/nft_bitwise.c | 67 +++++----
net/netfilter/nft_cmp.c | 142 +++++++++++++++---
net/netfilter/nft_immediate.c | 22 ++-
net/netfilter/nft_osf.c | 18 ++-
net/netfilter/nft_payload.c | 29 +++-
net/netfilter/nft_range.c | 27 ++--
net/netfilter/nft_tunnel.c | 1 +
net/rose/rose_loopback.c | 3 +-
net/rxrpc/call_object.c | 4 +-
net/rxrpc/sendmsg.c | 92 +++++++-----
net/sched/sch_generic.c | 2 +-
net/socket.c | 2 +-
net/sunrpc/clnt.c | 2 +-
net/tipc/socket.c | 2 +-
net/xfrm/espintcp.c | 2 +-
net/xfrm/xfrm_input.c | 2 +-
net/xfrm/xfrm_policy.c | 1 +
net/xfrm/xfrm_state.c | 1 +
tools/perf/Makefile.config | 2 +-
90 files changed, 834 insertions(+), 452 deletions(-)
--
2.20.1
1
76
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I63SDZ
CVE: NA
-------------------------------
Bugfix for when we make CONFIG_ARM_AMMU_V3 be M, and when we build
arm-smmu-v3.ko, it will miss symbols for acpi_dev_prop_read_single.
Signed-off-by: Zhang Jian <zhangjian210(a)huawei.com>
---
drivers/acpi/property.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/acpi/property.c b/drivers/acpi/property.c
index 80e92c298055..34c8f649dabf 100644
--- a/drivers/acpi/property.c
+++ b/drivers/acpi/property.c
@@ -860,6 +860,7 @@ int acpi_dev_prop_read_single(struct acpi_device *adev, const char *propname,
return ret;
return 0;
}
+EXPORT_SYMBOL_GPL(acpi_dev_prop_read_single);
static int acpi_copy_property_array_u8(const union acpi_object *items, u8 *val,
size_t nval)
--
2.17.1
1
0
From: Zhou Guanghui <zhouguanghui1(a)huawei.com>
In a system(Huawei Ascend ARM64 SoC) using HBM, a multi-bit ECC error
occurs, and the BIOS will mark the corresponding area (for example, 2 MB)
as unusable. When the system restarts next time, these areas are not
reported or reported as EFI_UNUSABLE_MEMORY. Both cases lead to an
increase in the number of memblocks, whereas EFI_UNUSABLE_MEMORY leads to
a larger number of memblocks.
For example, if the EFI_UNUSABLE_MEMORY type is reported:
...
memory[0x92] [0x0000200834a00000-0x0000200835bfffff], 0x0000000001200000 bytes on node 7 flags: 0x0
memory[0x93] [0x0000200835c00000-0x0000200835dfffff], 0x0000000000200000 bytes on node 7 flags: 0x4
memory[0x94] [0x0000200835e00000-0x00002008367fffff], 0x0000000000a00000 bytes on node 7 flags: 0x0
memory[0x95] [0x0000200836800000-0x00002008369fffff], 0x0000000000200000 bytes on node 7 flags: 0x4
memory[0x96] [0x0000200836a00000-0x0000200837bfffff], 0x0000000001200000 bytes on node 7 flags: 0x0
memory[0x97] [0x0000200837c00000-0x0000200837dfffff], 0x0000000000200000 bytes on node 7 flags: 0x4
memory[0x98] [0x0000200837e00000-0x000020087fffffff], 0x0000000048200000 bytes on node 7 flags: 0x0
memory[0x99] [0x0000200880000000-0x0000200bcfffffff], 0x0000000350000000 bytes on node 6 flags: 0x0
memory[0x9a] [0x0000200bd0000000-0x0000200bd01fffff], 0x0000000000200000 bytes on node 6 flags: 0x4
memory[0x9b] [0x0000200bd0200000-0x0000200bd07fffff], 0x0000000000600000 bytes on node 6 flags: 0x0
memory[0x9c] [0x0000200bd0800000-0x0000200bd09fffff], 0x0000000000200000 bytes on node 6 flags: 0x4
memory[0x9d] [0x0000200bd0a00000-0x0000200fcfffffff], 0x00000003ff600000 bytes on node 6 flags: 0x0
memory[0x9e] [0x0000200fd0000000-0x0000200fd01fffff], 0x0000000000200000 bytes on node 6 flags: 0x4
memory[0x9f] [0x0000200fd0200000-0x0000200fffffffff], 0x000000002fe00000 bytes on node 6 flags: 0x0
...
The EFI memory map is parsed to construct the memblock arrays before the
memblock arrays can be resized. As the result, memory regions beyond
INIT_MEMBLOCK_REGIONS are lost.
Add a new macro INIT_MEMBLOCK_MEMORY_REGIONS to replace
INIT_MEMBLOCK_REGTIONS to define the size of the static memblock.memory
array.
Allow overriding memblock.memory array size with architecture defined
INIT_MEMBLOCK_MEMORY_REGIONS and make arm64 to set
INIT_MEMBLOCK_MEMORY_REGIONS to 1024 when CONFIG_EFI is enabled.
Link: https://lkml.kernel.org/r/20220615102742.96450-1-zhouguanghui1@huawei.com
Signed-off-by: Zhou Guanghui <zhouguanghui1(a)huawei.com>
Acked-by: Mike Rapoport <rppt(a)linux.ibm.com>
Tested-by: Darren Hart <darren(a)os.amperecomputing.com>
Acked-by: Will Deacon <will(a)kernel.org> [arm64]
Reviewed-by: Anshuman Khandual <anshuman.khandual(a)arm.com>
Cc: Xu Qiang <xuqiang36(a)huawei.com>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/arm64/include/asm/memory.h | 9 +++++++++
mm/memblock.c | 14 +++++++++-----
2 files changed, 18 insertions(+), 5 deletions(-)
diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h
index 0af70d9abede..ce8614fa376a 100644
--- a/arch/arm64/include/asm/memory.h
+++ b/arch/arm64/include/asm/memory.h
@@ -364,6 +364,15 @@ void dump_mem_limit(void);
# define INIT_MEMBLOCK_RESERVED_REGIONS (INIT_MEMBLOCK_REGIONS + NR_CPUS + 1)
#endif
+/*
+ * memory regions which marked with flag MEMBLOCK_NOMAP(for example, the memory
+ * of the EFI_UNUSABLE_MEMORY type) may divide a continuous memory block into
+ * multiple parts. As a result, the number of memory regions is large.
+ */
+#ifdef CONFIG_EFI
+#define INIT_MEMBLOCK_MEMORY_REGIONS (INIT_MEMBLOCK_REGIONS * 8)
+#endif
+
#include <asm-generic/memory_model.h>
#endif /* __ASM_MEMORY_H */
diff --git a/mm/memblock.c b/mm/memblock.c
index 749abd2685c4..b7ebf4b7e9d9 100644
--- a/mm/memblock.c
+++ b/mm/memblock.c
@@ -29,6 +29,10 @@
# define INIT_MEMBLOCK_RESERVED_REGIONS INIT_MEMBLOCK_REGIONS
#endif
+#ifndef INIT_MEMBLOCK_MEMORY_REGIONS
+#define INIT_MEMBLOCK_MEMORY_REGIONS INIT_MEMBLOCK_REGIONS
+#endif
+
/**
* DOC: memblock overview
*
@@ -55,9 +59,9 @@
* the allocator metadata. The "memory" and "reserved" types are nicely
* wrapped with struct memblock. This structure is statically
* initialized at build time. The region arrays are initially sized to
- * %INIT_MEMBLOCK_REGIONS for "memory" and %INIT_MEMBLOCK_RESERVED_REGIONS
- * for "reserved". The region array for "physmem" is initially sized to
- * %INIT_PHYSMEM_REGIONS.
+ * %INIT_MEMBLOCK_MEMORY_REGIONS for "memory" and
+ * %INIT_MEMBLOCK_RESERVED_REGIONS for "reserved". The region array
+ * for "physmem" is initially sized to %INIT_PHYSMEM_REGIONS.
* The memblock_allow_resize() enables automatic resizing of the region
* arrays during addition of new regions. This feature should be used
* with care so that memory allocated for the region array will not
@@ -102,7 +106,7 @@ unsigned long min_low_pfn;
unsigned long max_pfn;
unsigned long long max_possible_pfn;
-static struct memblock_region memblock_memory_init_regions[INIT_MEMBLOCK_REGIONS] __initdata_memblock;
+static struct memblock_region memblock_memory_init_regions[INIT_MEMBLOCK_MEMORY_REGIONS] __initdata_memblock;
static struct memblock_region memblock_reserved_init_regions[INIT_MEMBLOCK_RESERVED_REGIONS] __initdata_memblock;
#ifdef CONFIG_HAVE_MEMBLOCK_PHYS_MAP
static struct memblock_region memblock_physmem_init_regions[INIT_PHYSMEM_REGIONS];
@@ -111,7 +115,7 @@ static struct memblock_region memblock_physmem_init_regions[INIT_PHYSMEM_REGIONS
struct memblock memblock __initdata_memblock = {
.memory.regions = memblock_memory_init_regions,
.memory.cnt = 1, /* empty dummy entry */
- .memory.max = INIT_MEMBLOCK_REGIONS,
+ .memory.max = INIT_MEMBLOCK_MEMORY_REGIONS,
.memory.name = "memory",
.reserved.regions = memblock_reserved_init_regions,
--
2.17.1
1
0
Perf tool add Hip09 json support.
Change log:
Fix the Refs tag.
Jin Yao (2):
perf tools: Fix pattern matching for same substring in different PMU
type
perf pmu: Save pmu name
John Garry (27):
perf jevents: Add support for an extra directory level
perf jevents: Add support for system events tables
perf pmu: Add pmu_id()
perf pmu: Add pmu_add_sys_aliases()
perf evlist: Change evlist__splice_list_tail() ordering
perf metricgroup: Fix metrics using aliases covering multiple PMUs
perf metricgroup: Split up metricgroup__print()
perf metricgroup: Support printing metric groups for system PMUs
perf metricgroup: Support adding metrics for system PMUs
perf pmu: Fix alias matching
perf jevents: Add test for arch std events
perf jevents: Make build dependency on test JSONs
perf test: Factor out pmu-events event comparison
perf jevents: Relocate test events to cpu folder
perf test: Declare pmu-events test events separately
perf test: Factor out pmu-events alias comparison
perf test: Test pmu-events core aliases separately
perf pmu: Check .is_uncore field in pmu_add_cpu_aliases_map()
perf test: Re-add pmu-event uncore PMU alias test
perf test: Add more pmu-events uncore aliases
perf pmu: Make pmu_add_sys_aliases() public
perf jevents: Print SoC name per system event table
perf test: Add pmu-events sys event support
perf parse-events: Set numeric term config
perf jevents: Support ConfigCode
perf test: Verify more event members in pmu-events test
perf vendor events arm64: Revise hip08 uncore events
Junhao He (1):
perf test: Add pmu-events test for aliases of hip09 ddrc pmu
Qi Liu (6):
perf pmu: Add alias match method to fit pmu_name of HiSilicon DDRC
perf jevents: Add support for HiSilicon L3C PMU aliasing
perf jevents: Add support for HiSilicon DDRC PMU aliasing
perf jevents: Add support for HiSilicon HHA PMU aliasing
perf jevents: Add support for HiSilicon SLLC PMU aliasing
perf jevents: Add support for HiSilicon PA PMU aliasing
tools/perf/pmu-events/Build | 5 +-
.../arm64/hisilicon/hip08/uncore-ddrc.json | 32 +-
.../arm64/hisilicon/hip08/uncore-hha.json | 120 ++-
.../arm64/hisilicon/hip08/uncore-l3c.json | 52 +-
.../hisilicon/hip09/sys/uncore-ddrc.json | 117 +++
.../arm64/hisilicon/hip09/sys/uncore-hha.json | 102 +++
.../arm64/hisilicon/hip09/sys/uncore-l3c.json | 125 +++
.../arm64/hisilicon/hip09/sys/uncore-pa.json | 86 ++
.../hisilicon/hip09/sys/uncore-sllc.json | 134 ++++
.../pmu-events/arch/test/arch-std-events.json | 8 +
.../{test_cpu => test_soc/cpu}/branch.json | 0
.../arch/test/test_soc/cpu/cache.json | 5 +
.../{test_cpu => test_soc/cpu}/other.json | 0
.../{test_cpu => test_soc/cpu}/uncore.json | 21 +
.../arch/test/test_soc/sys/uncore.json | 17 +
tools/perf/pmu-events/jevents.c | 118 ++-
tools/perf/pmu-events/pmu-events.h | 7 +
tools/perf/tests/parse-events.c | 8 +-
tools/perf/tests/pmu-events.c | 747 +++++++++++++-----
tools/perf/util/evlist.c | 19 +-
tools/perf/util/metricgroup.c | 255 ++++--
tools/perf/util/parse-events.c | 2 +-
tools/perf/util/parse-events.y | 2 +-
tools/perf/util/pmu.c | 158 +++-
tools/perf/util/pmu.h | 7 +
25 files changed, 1806 insertions(+), 341 deletions(-)
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-ddrc.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-hha.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-l3c.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-pa.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-sllc.json
create mode 100644 tools/perf/pmu-events/arch/test/arch-std-events.json
rename tools/perf/pmu-events/arch/test/{test_cpu => test_soc/cpu}/branch.json (100%)
create mode 100644 tools/perf/pmu-events/arch/test/test_soc/cpu/cache.json
rename tools/perf/pmu-events/arch/test/{test_cpu => test_soc/cpu}/other.json (100%)
rename tools/perf/pmu-events/arch/test/{test_cpu => test_soc/cpu}/uncore.json (52%)
create mode 100644 tools/perf/pmu-events/arch/test/test_soc/sys/uncore.json
--
2.33.0
1
36
[PATCH openEuler-5.10 001/102] crypto: hisilicon/qm - fix the qos value initialization
by Zheng Zengkai 30 Nov '22
by Zheng Zengkai 30 Nov '22
30 Nov '22
From: Kai Ye <yekai13(a)huawei.com>
mainline inclusion
from v6.1-rc4
commit f5b657e5dbf830cfcb19b588b784b8190a5164a0
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I5ZHPY
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
----------------------------------------------------------------------
The default qos value is not initialized when sriov is repeatedly enabled
and disabled. So add the vf qos value initialized in the sriov enable
process.
Signed-off-by: Kai Ye <yekai13(a)huawei.com>
Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au>
Signed-off-by: Jiangshui Yang <yangjiangshui(a)h-partners.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/crypto/hisilicon/qm.c | 22 +++++++++++++++-------
1 file changed, 15 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c
index af86579bee35..9e6f5004bdaf 100644
--- a/drivers/crypto/hisilicon/qm.c
+++ b/drivers/crypto/hisilicon/qm.c
@@ -4805,6 +4805,14 @@ void hisi_qm_debug_regs_clear(struct hisi_qm *qm)
}
EXPORT_SYMBOL_GPL(hisi_qm_debug_regs_clear);
+static void hisi_qm_init_vf_qos(struct hisi_qm *qm, int total_func)
+{
+ int i;
+
+ for (i = 1; i <= total_func; i++)
+ qm->factor[i].func_qos = QM_QOS_MAX_VAL;
+}
+
/**
* hisi_qm_sriov_enable() - enable virtual functions
* @pdev: the PCIe device
@@ -4838,6 +4846,10 @@ int hisi_qm_sriov_enable(struct pci_dev *pdev, int max_vfs)
}
num_vfs = max_vfs;
+
+ if (test_bit(QM_SUPPORT_FUNC_QOS, &qm->caps))
+ hisi_qm_init_vf_qos(qm, num_vfs);
+
ret = qm_vf_q_assign(qm, num_vfs);
if (ret) {
pci_err(pdev, "Can't assign queues for VF!\n");
@@ -4873,7 +4885,6 @@ EXPORT_SYMBOL_GPL(hisi_qm_sriov_enable);
int hisi_qm_sriov_disable(struct pci_dev *pdev, bool is_frozen)
{
struct hisi_qm *qm = pci_get_drvdata(pdev);
- int total_vfs = pci_sriov_get_totalvfs(qm->pdev);
int ret;
if (pci_vfs_assigned(pdev)) {
@@ -4888,9 +4899,6 @@ int hisi_qm_sriov_disable(struct pci_dev *pdev, bool is_frozen)
}
pci_disable_sriov(pdev);
- /* clear vf function shaper configure array */
- if (test_bit(QM_SUPPORT_FUNC_QOS, &qm->caps))
- memset(qm->factor + 1, 0, sizeof(struct qm_shaper_factor) * total_vfs);
ret = qm_clear_vft_config(qm);
if (ret)
@@ -6303,7 +6311,7 @@ static int hisi_qp_alloc_memory(struct hisi_qm *qm)
static int hisi_qm_memory_init(struct hisi_qm *qm)
{
struct device *dev = &qm->pdev->dev;
- int ret, total_func, i;
+ int ret, total_func;
size_t off = 0;
if (test_bit(QM_SUPPORT_FUNC_QOS, &qm->caps)) {
@@ -6312,8 +6320,8 @@ static int hisi_qm_memory_init(struct hisi_qm *qm)
if (!qm->factor)
return -ENOMEM;
- for (i = 0; i < total_func; i++)
- qm->factor[i].func_qos = QM_QOS_MAX_VAL;
+ /* Only the PF value needs to be initialized */
+ qm->factor[0].func_qos = QM_QOS_MAX_VAL;
}
#define QM_INIT_BUF(qm, type, num) do { \
--
2.20.1
1
101
Perf tool add Hip09 json support.
Jin Yao (2):
perf tools: Fix pattern matching for same substring in different PMU
type
perf pmu: Save pmu name
John Garry (27):
perf jevents: Add support for an extra directory level
perf jevents: Add support for system events tables
perf pmu: Add pmu_id()
perf pmu: Add pmu_add_sys_aliases()
perf evlist: Change evlist__splice_list_tail() ordering
perf metricgroup: Fix metrics using aliases covering multiple PMUs
perf metricgroup: Split up metricgroup__print()
perf metricgroup: Support printing metric groups for system PMUs
perf metricgroup: Support adding metrics for system PMUs
perf pmu: Fix alias matching
perf jevents: Add test for arch std events
perf jevents: Make build dependency on test JSONs
perf test: Factor out pmu-events event comparison
perf jevents: Relocate test events to cpu folder
perf test: Declare pmu-events test events separately
perf test: Factor out pmu-events alias comparison
perf test: Test pmu-events core aliases separately
perf pmu: Check .is_uncore field in pmu_add_cpu_aliases_map()
perf test: Re-add pmu-event uncore PMU alias test
perf test: Add more pmu-events uncore aliases
perf pmu: Make pmu_add_sys_aliases() public
perf jevents: Print SoC name per system event table
perf test: Add pmu-events sys event support
perf parse-events: Set numeric term config
perf jevents: Support ConfigCode
perf test: Verify more event members in pmu-events test
perf vendor events arm64: Revise hip08 uncore events
Junhao He (1):
perf test: Add pmu-events test for aliases of hip09 ddrc pmu
Qi Liu (6):
{topost} perf pmu: Add alias match method to fit pmu_name of HiSilicon
DDRC
{topost} perf jevents: Add support for HiSilicon L3C PMU aliasing
{topost} perf jevents: Add support for HiSilicon DDRC PMU aliasing
{topost} perf jevents: Add support for HiSilicon HHA PMU aliasing
{topost} perf jevents: Add support for HiSilicon SLLC PMU aliasing
{topost} perf jevents: Add support for HiSilicon PA PMU aliasing
tools/perf/pmu-events/Build | 5 +-
.../arm64/hisilicon/hip08/uncore-ddrc.json | 32 +-
.../arm64/hisilicon/hip08/uncore-hha.json | 120 ++-
.../arm64/hisilicon/hip08/uncore-l3c.json | 52 +-
.../hisilicon/hip09/sys/uncore-ddrc.json | 117 +++
.../arm64/hisilicon/hip09/sys/uncore-hha.json | 102 +++
.../arm64/hisilicon/hip09/sys/uncore-l3c.json | 125 +++
.../arm64/hisilicon/hip09/sys/uncore-pa.json | 86 ++
.../hisilicon/hip09/sys/uncore-sllc.json | 134 ++++
.../pmu-events/arch/test/arch-std-events.json | 8 +
.../{test_cpu => test_soc/cpu}/branch.json | 0
.../arch/test/test_soc/cpu/cache.json | 5 +
.../{test_cpu => test_soc/cpu}/other.json | 0
.../{test_cpu => test_soc/cpu}/uncore.json | 21 +
.../arch/test/test_soc/sys/uncore.json | 17 +
tools/perf/pmu-events/jevents.c | 118 ++-
tools/perf/pmu-events/pmu-events.h | 7 +
tools/perf/tests/parse-events.c | 8 +-
tools/perf/tests/pmu-events.c | 747 +++++++++++++-----
tools/perf/util/evlist.c | 19 +-
tools/perf/util/metricgroup.c | 255 ++++--
tools/perf/util/parse-events.c | 2 +-
tools/perf/util/parse-events.y | 2 +-
tools/perf/util/pmu.c | 158 +++-
tools/perf/util/pmu.h | 7 +
25 files changed, 1806 insertions(+), 341 deletions(-)
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-ddrc.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-hha.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-l3c.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-pa.json
create mode 100644 tools/perf/pmu-events/arch/arm64/hisilicon/hip09/sys/uncore-sllc.json
create mode 100644 tools/perf/pmu-events/arch/test/arch-std-events.json
rename tools/perf/pmu-events/arch/test/{test_cpu => test_soc/cpu}/branch.json (100%)
create mode 100644 tools/perf/pmu-events/arch/test/test_soc/cpu/cache.json
rename tools/perf/pmu-events/arch/test/{test_cpu => test_soc/cpu}/other.json (100%)
rename tools/perf/pmu-events/arch/test/{test_cpu => test_soc/cpu}/uncore.json (52%)
create mode 100644 tools/perf/pmu-events/arch/test/test_soc/sys/uncore.json
--
2.33.0
3
40
[PATCH OLK-5.10 1/7] memcontrol: Add oom recover for kmemcg when release buddy hugepage
by Zhang Jian 29 Nov '22
by Zhang Jian 29 Nov '22
29 Nov '22
From: Jian Zhang <zhangjian210(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I63SDZ
-------------------------------
In Ascend, we use tmp hugepage and disable OOM-killer, when we cause a OOM,
and after some time, the memory is enough for process, the process will not
return to run normal. In this case, we must use oom recover to let the
process run.
Signed-off-by: Jian Zhang <zhangjian210(a)huawei.com>
---
mm/memcontrol.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index a3617f0a0fd1..b2c4bc4bb591 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -3116,12 +3116,23 @@ void __memcg_kmem_uncharge_page(struct page *page, int order)
{
struct obj_cgroup *objcg;
unsigned int nr_pages = 1 << order;
+#ifdef CONFIG_ASCEND_FEATURES
+ struct mem_cgroup *memcg;
+#endif
if (!PageMemcgKmem(page))
return;
objcg = __page_objcg(page);
obj_cgroup_uncharge_pages(objcg, nr_pages);
+
+#ifdef CONFIG_ASCEND_FEATURES
+ memcg = get_mem_cgroup_from_objcg(objcg);
+ if (!mem_cgroup_is_root(memcg))
+ memcg_oom_recover(memcg);
+ css_put(&memcg->css);
+#endif
+
page->memcg_data = 0;
obj_cgroup_put(objcg);
}
--
2.17.1
1
6
[PATCH openEuler-1.0-LTS] drivers: net: slip: fix NPD bug in sl_tx_timeout()
by Yongqiang Liu 29 Nov '22
by Yongqiang Liu 29 Nov '22
29 Nov '22
From: Duoming Zhou <duoming(a)zju.edu.cn>
stable inclusion
from stable-4.19.239
commit 753b9d220a7d36dac70e7c6d05492d10d6f9dd36
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I62KQZ
CVE: CVE-2022-41858
--------------------------------
[ Upstream commit ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 ]
When a slip driver is detaching, the slip_close() will act to
cleanup necessary resources and sl->tty is set to NULL in
slip_close(). Meanwhile, the packet we transmit is blocked,
sl_tx_timeout() will be called. Although slip_close() and
sl_tx_timeout() use sl->lock to synchronize, we don`t judge
whether sl->tty equals to NULL in sl_tx_timeout() and the
null pointer dereference bug will happen.
(Thread 1) | (Thread 2)
| slip_close()
| spin_lock_bh(&sl->lock)
| ...
... | sl->tty = NULL //(1)
sl_tx_timeout() | spin_unlock_bh(&sl->lock)
spin_lock(&sl->lock); |
... | ...
tty_chars_in_buffer(sl->tty)|
if (tty->ops->..) //(2) |
... | synchronize_rcu()
We set NULL to sl->tty in position (1) and dereference sl->tty
in position (2).
This patch adds check in sl_tx_timeout(). If sl->tty equals to
NULL, sl_tx_timeout() will goto out.
Signed-off-by: Duoming Zhou <duoming(a)zju.edu.cn>
Reviewed-by: Jiri Slaby <jirislaby(a)kernel.org>
Link: https://lore.kernel.org/r/20220405132206.55291-1-duoming@zju.edu.cn
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
Signed-off-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/net/slip/slip.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/slip/slip.c b/drivers/net/slip/slip.c
index 93f303ec17e2..a959e01610b1 100644
--- a/drivers/net/slip/slip.c
+++ b/drivers/net/slip/slip.c
@@ -471,7 +471,7 @@ static void sl_tx_timeout(struct net_device *dev)
spin_lock(&sl->lock);
if (netif_queue_stopped(dev)) {
- if (!netif_running(dev))
+ if (!netif_running(dev) || !sl->tty)
goto out;
/* May be we must check transmitter timeout here ?
--
2.25.1
1
0
29 Nov '22
openEuler inclusion
category: doc
bugzilla: https://gitee.com/openeuler/kernel/issues/I63OX8
Add the Maintainer & Committers list for the openEuler/kernel repository
by referring to the MAINTAINERS file of the upstream community.
It is convenient to obtain the list of Maintainers & Committers of the
openEuler/kernel based on the submitted PR or patches.
Only the of the scheduling subsystem is added to openEuler/MAINTAINERS.
This is used as a reference for other modules and subsystems.
Example:
$./scripts/get_maintainer.pl -no-l --no-rolestats
--maintainer-path=openEuler/MAINTAINERS --no-tree --no-fixes
--no-git-blame-signatures --no-git-fallback
0001-sched-fair-Fix-fault-in-reweight_entity.patch
Signed-off-by: Xie XiuQi <xiexiuqi(a)huawei.com>
---
openEuler/MAINTAINERS | 85 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 85 insertions(+)
create mode 100644 openEuler/MAINTAINERS
diff --git a/openEuler/MAINTAINERS b/openEuler/MAINTAINERS
new file mode 100644
index 000000000000..151c64ec85bd
--- /dev/null
+++ b/openEuler/MAINTAINERS
@@ -0,0 +1,85 @@
+List of maintainers/committers
+====================================================
+
+Descriptions of section entries and preferred order
+---------------------------------------------------
+
+ M: *Mail* patches to: FullName <address@domain>
+ R: Designated *Reviewer*: FullName <address@domain>
+ These reviewers should be CCed on patches.
+ L: *Mailing list* that is relevant to this area
+ S: *Status*, one of the following:
+ Supported: Someone is actually paid to look after this.
+ Maintained: Someone actually looks after it.
+ Odd Fixes: It has a maintainer but they don't have time to do
+ much other than throw the odd patch in. See below..
+ Orphan: No current maintainer [but maybe you could take the
+ role as you write your new code].
+ Obsolete: Old code. Something tagged obsolete generally means
+ it has been replaced by a better system and you
+ should be using that.
+ W: *Web-page* with status/info
+ Q: *Patchwork* web based patch tracking system site
+ B: URI for where to file *bugs*. A web-page with detailed bug
+ filing info, a direct bug tracker link, or a mailto: URI.
+ C: URI for *chat* protocol, server and channel where developers
+ usually hang out, for example irc://server/channel.
+ P: Subsystem Profile document for more details submitting
+ patches to the given subsystem. This is either an in-tree file,
+ or a URI. See Documentation/maintainer/maintainer-entry-profile.rst
+ for details.
+ T: *SCM* tree type and location.
+ Type is one of: git, hg, quilt, stgit, topgit
+ F: *Files* and directories wildcard patterns.
+ A trailing slash includes all files and subdirectory files.
+ F: drivers/net/ all files in and below drivers/net
+ F: drivers/net/* all files in drivers/net, but not below
+ F: */net/* all files in "any top level directory"/net
+ One pattern per line. Multiple F: lines acceptable.
+ X: *Excluded* files and directories that are NOT maintained, same
+ rules as F:. Files exclusions are tested before file matches.
+ Can be useful for excluding a specific subdirectory, for instance:
+ F: net/
+ X: net/ipv6/
+ matches all files in and below net excluding net/ipv6/
+ N: Files and directories *Regex* patterns.
+ N: [^a-z]tegra all files whose path contains tegra
+ (not including files like integrator)
+ One pattern per line. Multiple N: lines acceptable.
+ scripts/get_maintainer.pl has different behavior for files that
+ match F: pattern and matches of N: patterns. By default,
+ get_maintainer will not look at git log history when an F: pattern
+ match occurs. When an N: match occurs, git log history is used
+ to also notify the people that have git commit signatures.
+ K: *Content regex* (perl extended) pattern match in a patch or file.
+ For instance:
+ K: of_get_profile
+ matches patches or files that contain "of_get_profile"
+ K: \b(printk|pr_(info|err))\b
+ matches patches or files that contain one or more of the words
+ printk, pr_info or pr_err
+ One regex pattern per line. Multiple K: lines acceptable.
+
+Maintainers List
+----------------
+
+.. note:: When reading this list, please look for the most precise areas
+ first. When adding to this list, please keep the entries in
+ alphabetical order.
+
+SCHEDULER
+M: zhengzucheng(a)huawei.com
+S: Maintained
+F: include/linux/preempt.h
+F: include/linux/sched.h
+F: include/linux/wait.h
+F: include/uapi/linux/sched.h
+F: kernel/sched/
+
+THE REST
+M: xiexiuqi(a)huawei.com
+M: zhengzengkai(a)huawei.com
+L: kernel(a)openeuler.org
+S: Buried alive in reporters
+F: *
+F: */
--
2.20.1
1
0
29 Nov '22
From: Dan Carpenter <dan.carpenter(a)oracle.com>
stable inclusion
from stable-v5.10.142
commit 19e3f69d19801940abc2ac37c169882769ed9770
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I62AX2
CVE: CVE-2022-4095
--------------------------------
_Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl()
functions don't do anything except free the "pcmd" pointer. It
results in a use after free. Delete them.
Fixes: 2865d42c78a9 ("staging: r8712u: Add the new driver to the mainline kernel")
Cc: stable <stable(a)kernel.org>
Reported-by: Zheng Wang <hackerzheng666(a)gmail.com>
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Link: https://lore.kernel.org/r/Yw4ASqkYcUhUfoY2@kili
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Guan Jing <guanjing6(a)huawei.com>
Reviewed-by: Zhang Qiao <zhangqiao22(a)huawei.com>
Reviewed-by: Chen Hui <judy.chenhui(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/staging/rtl8712/rtl8712_cmd.c | 36 ---------------------------
1 file changed, 36 deletions(-)
diff --git a/drivers/staging/rtl8712/rtl8712_cmd.c b/drivers/staging/rtl8712/rtl8712_cmd.c
index 63bc811681d9..fb092d4ec521 100644
--- a/drivers/staging/rtl8712/rtl8712_cmd.c
+++ b/drivers/staging/rtl8712/rtl8712_cmd.c
@@ -129,34 +129,6 @@ static void r871x_internal_cmd_hdl(struct _adapter *padapter, u8 *pbuf)
kfree(pdrvcmd->pbuf);
}
-static u8 read_macreg_hdl(struct _adapter *padapter, u8 *pbuf)
-{
- void (*pcmd_callback)(struct _adapter *dev, struct cmd_obj *pcmd);
- struct cmd_obj *pcmd = (struct cmd_obj *)pbuf;
-
- /* invoke cmd->callback function */
- pcmd_callback = cmd_callback[pcmd->cmdcode].callback;
- if (!pcmd_callback)
- r8712_free_cmd_obj(pcmd);
- else
- pcmd_callback(padapter, pcmd);
- return H2C_SUCCESS;
-}
-
-static u8 write_macreg_hdl(struct _adapter *padapter, u8 *pbuf)
-{
- void (*pcmd_callback)(struct _adapter *dev, struct cmd_obj *pcmd);
- struct cmd_obj *pcmd = (struct cmd_obj *)pbuf;
-
- /* invoke cmd->callback function */
- pcmd_callback = cmd_callback[pcmd->cmdcode].callback;
- if (!pcmd_callback)
- r8712_free_cmd_obj(pcmd);
- else
- pcmd_callback(padapter, pcmd);
- return H2C_SUCCESS;
-}
-
static u8 read_bbreg_hdl(struct _adapter *padapter, u8 *pbuf)
{
struct cmd_obj *pcmd = (struct cmd_obj *)pbuf;
@@ -225,14 +197,6 @@ static struct cmd_obj *cmd_hdl_filter(struct _adapter *padapter,
pcmd_r = NULL;
switch (pcmd->cmdcode) {
- case GEN_CMD_CODE(_Read_MACREG):
- read_macreg_hdl(padapter, (u8 *)pcmd);
- pcmd_r = pcmd;
- break;
- case GEN_CMD_CODE(_Write_MACREG):
- write_macreg_hdl(padapter, (u8 *)pcmd);
- pcmd_r = pcmd;
- break;
case GEN_CMD_CODE(_Read_BBREG):
read_bbreg_hdl(padapter, (u8 *)pcmd);
break;
--
2.25.1
1
0
您好!
Kernel SIG 邀请您参加 2022-12-02 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG双周例会
会议内容:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
会议链接:https://us06web.zoom.us/j/88119872664?pwd=V1V3eFBJeVBPZ25RbExvWGthZXJWUT09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2022-12-02 14:00,
The subject of the conference is openEuler Kernel SIG双周例会,
Summary:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题(新增议题可以回复邮件反馈,或者录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/88119872664?pwd=V1V3eFBJeVBPZ25RbExvWGthZXJWUT09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
发件人: Zhengzengkai
发送时间: 2022年11月28日 10:39
收件人: kernel <kernel(a)openeuler.org>
抄送: Xiexiuqi <xiexiuqi(a)huawei.com>; liwei (GF) <liwei391(a)huawei.com>
主题: cgroupv1使能cgroup writeback.pptx
1
0
1
0
[PATCH openEuler-1.0-LTS] x86/tsc: use topology_max_packages() in tsc watchdog check
by Yongqiang Liu 27 Nov '22
by Yongqiang Liu 27 Nov '22
27 Nov '22
From: Feng Tang <feng.tang(a)intel.com>
hulk inclusion
category: bugfix
bugzilla: 187942, https://gitee.com/openeuler/kernel/issues/I5U037
CVE: NA
-------------------------------
Commit b50db7095fe0 ("x86/tsc: Disable clocksource watchdog for TSC
on qualified platorms") was introduced to solve problem that
sometimes TSC clocksource is wrongly judged as unstable by watchdog
like 'jiffies', HPET, etc.
In it, the hardware socket number is a key factor for judging
whether to disable the watchdog for TSC, and 'nr_online_nodes' was
chosen as an estimation due to it is needed in early boot phase
before registering 'tsc-early' clocksource, where all none-boot
CPUs are not brought up yet.
In recent patch review, Dave Hansen pointed out there are many
cases that 'nr_online_nodes' could have issue, like:
* numa emulation (numa=fake=4 etc.)
* numa=off
* platforms with CPU+DRAM nodes, CPU-less HBM nodes, CPU-less
persistent memory nodes.
Peter Zijlstra suggested to use logical package ids, but it is
only usable after smp_init() and all CPUs are initialized.
One solution is to skip the watchdog for 'tsc-early' clocksource,
and move the check after smp_init(), while before 'tsc'
clocksoure is registered, where topology_max_packages() could
be used as a much more accurate socket number.
Signed-off-by: Feng Tang <feng.tang(a)intel.com>
Conflict:
arch/x86/kernel/tsc.c
Signed-off-by: Yu Liao <liaoyu15(a)huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
arch/x86/kernel/tsc.c | 20 +++++++++++++++-----
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c
index b1ae78bdba50..a7f447c30089 100644
--- a/arch/x86/kernel/tsc.c
+++ b/arch/x86/kernel/tsc.c
@@ -1095,8 +1095,7 @@ static struct clocksource clocksource_tsc_early = {
.rating = 299,
.read = read_tsc,
.mask = CLOCKSOURCE_MASK(64),
- .flags = CLOCK_SOURCE_IS_CONTINUOUS |
- CLOCK_SOURCE_MUST_VERIFY,
+ .flags = CLOCK_SOURCE_IS_CONTINUOUS,
.archdata = { .vclock_mode = VCLOCK_TSC },
.resume = tsc_resume,
.mark_unstable = tsc_cs_mark_unstable,
@@ -1353,6 +1352,20 @@ static int __init init_tsc_clocksource(void)
if (boot_cpu_has(X86_FEATURE_NONSTOP_TSC_S3))
clocksource_tsc.flags |= CLOCK_SOURCE_SUSPEND_NONSTOP;
+ /*
+ * Disable the clocksource watchdog when the system has:
+ * - TSC running at constant frequency
+ * - TSC which does not stop in C-States
+ * - the TSC_ADJUST register which allows to detect even minimal
+ * modifications
+ * - not more than four sockets.
+ */
+ if (boot_cpu_has(X86_FEATURE_CONSTANT_TSC) &&
+ boot_cpu_has(X86_FEATURE_NONSTOP_TSC) &&
+ boot_cpu_has(X86_FEATURE_TSC_ADJUST) &&
+ topology_max_packages() <= 4)
+ clocksource_tsc.flags &= ~CLOCK_SOURCE_MUST_VERIFY;
+
/*
* When TSC frequency is known (retrieved via MSR or CPUID), we skip
* the refined calibration and directly register it as a clocksource.
@@ -1483,9 +1496,6 @@ void __init tsc_init(void)
return;
}
- if (tsc_clocksource_reliable)
- clocksource_tsc_early.flags &= ~CLOCK_SOURCE_MUST_VERIFY;
-
clocksource_register_khz(&clocksource_tsc_early, tsc_khz);
detect_art();
}
--
2.25.1
1
0
26 Nov '22
Backport 5.10.138 LTS patches from upstream.
git cherry-pick v5.10.137..v5.10.138~1 -s
Already merged(-5):
0e28678a770d devlink: Fix use-after-free after a failed reload
38ddccbda5e8 vsock: Fix memory leak in vsock_connect()
a0ae122e9aec atm: idt77252: fix use-after-free bugs caused by tst_timer
a220ff343396 can: j1939: j1939_session_destroy(): fix memory leak of skbs
3527e3cbb84d bpf: Fix KASAN use-after-free Read in compute_effective_progs
Context conflict:
63671b2bdf5f watchdog: export lockup_detector_reconfigure
Defered for performance degradation(-1):
823280a8fba3 locking/atomic: Make test_and_*_bit() ordered on failure
Total patches: 157 - 5 - 1 = 151
Aaron Lu (1):
x86/mm: Use proper mask when setting PUD mapping
Al Viro (6):
nios2: page fault et.al. are *not* restartable syscalls...
nios2: don't leave NULLs in sys_call_table[]
nios2: traced syscall does need to check the syscall number
nios2: fix syscall restart checks
nios2: restarts apply only to the first sigframe we build...
nios2: add force_successful_syscall_return()
Alan Brady (1):
i40e: Fix to stop tx_timeout recovery if GLOBR fails
Amadeusz Sławiński (1):
ALSA: info: Fix llseek return value when using callback
Amelie Delaunay (1):
usb: dwc2: gadget: remove D+ pull-up while no vbus with
usb-role-switch
Andrew Donnellan (1):
gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a
file
Andy Shevchenko (1):
pinctrl: intel: Check against matching data instead of ACPI companion
Arun Ramadoss (1):
net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
Bard Liao (1):
ASoC: SOF: intel: move sof_intel_dsp_desc() forward
Bob Pearson (1):
RDMA/rxe: Limit the number of calls to each tasklet
Celeste Liu (1):
riscv: mmap with PROT_WRITE but no PROT_READ is invalid
Chao Yu (2):
f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
f2fs: fix to do sanity check on segment type in build_sit_entries()
Chen Lin (1):
dpaa2-eth: trace the allocated address instead of page struct
Chia-Lin Kao (AceLan) (1):
net: atlantic: fix aq_vec index out of range error
Christoffer Sandberg (1):
ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
Christophe JAILLET (6):
mmc: pxamci: Fix another error handling path in pxamci_probe()
mmc: pxamci: Fix an error handling path in pxamci_probe()
mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
perf probe: Fix an error handling path in 'parse_perf_probe_command()'
stmmac: intel: Add a missing clk_disable_unprepare() call in
intel_eth_pci_remove()
cxl: Fix a memory leak in an error handling path
Christophe Leroy (1):
powerpc/32: Don't always pass -mcpu=powerpc to the compiler
Csókás Bence (1):
fec: Fix timer capture timing in `fec_ptp_enable_pps()`
Damien Le Moal (1):
ata: libata-eh: Add missing command name
Dan Aloni (1):
sunrpc: fix expiry of auth creds
Dan Carpenter (3):
NTB: ntb_tool: uninitialized heap data in tool_fn_write()
xen/xenbus: fix return type in xenbus_file_read()
netfilter: nftables: fix a warning message in
nf_tables_commit_audit_collect()
Dmitry Baryshkov (1):
dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
Dongliang Mu (1):
netfilter: nf_tables: fix audit memory leak in nf_tables_commit
Fedor Pchelkin (1):
can: j1939: j1939_sk_queue_activate_next_locked(): replace
WARN_ON_ONCE with netdev_warn_once()
Filipe Manana (1):
btrfs: fix lost error handling when looking up extended ref on log
replay
Florian Westphal (1):
plip: avoid rcu debug splat
Frank Li (1):
usb: cdns3 fix use-after-free at workaround 2
Frieder Schrempf (1):
regulator: pca9450: Remove restrictions for regulator-name
Grzegorz Siwik (1):
ice: Ignore EEXIST when setting promisc mode
Guenter Roeck (1):
lib/list_debug.c: Detect uninitialized lists
Helge Deller (1):
modules: Ensure natural alignment for .altinstructions and __bug_table
sections
Hou Tao (5):
bpf: Acquire map uref in .init_seq_private for array map iterator
bpf: Acquire map uref in .init_seq_private for hash map iterator
bpf: Acquire map uref in .init_seq_private for sock local storage map
iterator
bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator
bpf: Check the validity of max_rdwr_access for sock local storage map
iterator
Huacai Chen (1):
PCI/ACPI: Guard ARM64-specific mcfg_quirks
Jakub Kicinski (1):
net: genl: fix error path memory leak in policy dumping
James Smart (1):
scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed
user input
Jason A. Donenfeld (1):
um: add "noreboot" command line option for PANIC_TIMEOUT=-1 setups
Jean-Philippe Brucker (1):
uacce: Handle parent device removal or parent driver module rmmod
Jeff Layton (1):
ceph: don't leak snap_rwsem in handle_cap_grant
Jens Wiklander (1):
tee: fix memory leak in tee_shm_register()
Jianhua Lu (1):
pinctrl: qcom: sm8250: Fix PDC map
John Johansen (5):
apparmor: fix quiet_denied for file rules
apparmor: fix absroot causing audited secids to begin with =
apparmor: Fix failed mount permission check error message
apparmor: fix setting unconfined mode on a loaded profile
apparmor: fix overlapping attachment computation
Jozef Martiniak (1):
gadgetfs: ep_io - wait until IRQ finishes
Keith Busch (1):
PCI/ERR: Retain status from error notification
Kiselev, Oleg (1):
ext4: avoid resizing to a partial cluster size
Krzysztof Kozlowski (1):
dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
Laurent Dufour (1):
watchdog: export lockup_detector_reconfigure
Liang He (5):
drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()
usb: host: ohci-ppc-of: Fix refcount leak bug
usb: renesas: Fix refcount leak bug
tty: serial: Fix refcount leak bug in ucc_uart.c
mips: cavium-octeon: Fix missing of_node_put() in
octeon2_usb_clocks_start
Liao Chang (1):
csky/kprobe: reclaim insn_slot on kprobe unregistration
Lin Ma (1):
igb: Add lock to avoid data race
Logan Gunthorpe (1):
md: Notify sysfs sync_completed in md_reap_sync_thread()
Luís Henriques (1):
ceph: use correct index when encoding client supported features
Marc Kleine-Budde (1):
can: ems_usb: fix clang's -Wunaligned-access warning
Martin Povišer (4):
ASoC: tas2770: Set correct FSYNC polarity
ASoC: tas2770: Allow mono streams
ASoC: tas2770: Drop conflicting set_bias_level power setting
ASoC: tas2770: Fix handling of mute/unmute
Masahiro Yamada (1):
kbuild: fix the modules order between drivers and libs
Matthew Wilcox (Oracle) (1):
qrtr: Convert qrtr_ports from IDR to XArray
Matthias May (3):
geneve: do not use RT_TOS for IPv6 flowlabel
ipv6: do not use RT_TOS for IPv6 flowlabel
geneve: fix TOS inheriting for ipv4
Miaoqian Lin (1):
pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
Michael Ellerman (1):
powerpc/pci: Fix get_phb_number() locking
Michael Grzeschik (1):
usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
uvcg_info
Mikulas Patocka (1):
rds: add missing barrier to release_refill
Nathan Chancellor (1):
MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0
Neil Armstrong (1):
spi: meson-spicc: add local pow2 clock ops to preserve rate between
messages
Nikita Travkin (1):
pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
Ondrej Mosnacek (1):
kbuild: dummy-tools: avoid tmpdir leak in dummy gcc
Pablo Neira Ayuso (5):
netfilter: nf_tables: really skip inactive sets when allocating name
netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on
NFT_SET_OBJECT flag
netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is
specified
netfilter: nftables: add helper function to set the base sequence
number
netfilter: add helper function to set up the nfnetlink header and use
it
Pascal Terjan (1):
vboxguest: Do not use devm for irq
Pavan Chebbi (1):
PCI: Add ACS quirk for Broadcom BCM5750x NICs
Peilin Ye (1):
vsock: Set socket state back to SS_UNCONNECTED in
vsock_connect_timeout()
Przemyslaw Patynowski (1):
iavf: Fix adminq error handling
Qifu Zhang (1):
Documentation: ACPI: EINJ: Fix obsolete example
Richard Guy Briggs (1):
audit: log nftables configuration change events once per table
Robert Marko (1):
clk: qcom: ipq8074: dont disable gcc_sleep_clk_src
Roberto Sassu (1):
tools build: Switch to new openssl API for test-libcrypto
Rustam Subkhankulov (1):
net: dsa: sja1105: fix buffer overflow in
sja1105_setup_devlink_regions()
Sagi Grimberg (1):
nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
teardown
Sai Prakash Ranjan (2):
irqchip/tegra: Fix overflow implicit truncation warnings
drm/meson: Fix overflow implicit truncation warnings
Sakari Ailus (1):
ACPI: property: Return type of acpi_add_nondev_subnodes() should be
bool
Samuel Holland (2):
pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
drm/sun4i: dsi: Prevent underflow when computing packet sizes
Sandor Bodo-Merle (1):
net: bgmac: Fix a BUG triggered by wrong bytes_compl
Schspa Shi (1):
vfio: Clear the caps->buf to NULL after free
Sebastian Würl (1):
can: mcp251x: Fix race condition on receive interrupt
Sergei Antonov (2):
net: dsa: mv88e6060: prevent crash on an unused port
net: moxa: pass pdev instead of ndev to DMA functions
Sergey Senozhatsky (1):
zram: do not lookup algorithm in backends table
Steve French (1):
smb3: check xattr value length earlier
Steven Rostedt (Google) (3):
tracing: Have filter accept "common_cpu" to be consistent
selftests/kprobe: Do not test for GRP/ without event failures
tracing/probes: Have kprobes and uprobes use $COMM too
Takashi Iwai (4):
ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
ALSA: core: Add async signal helpers
ALSA: timer: Use deferred fasync helper
ALSA: control: Use deferred fasync helper
Tom Rix (1):
apparmor: fix aa_label_asxprint return check
Tony Lindgren (1):
clk: ti: Stop using legacy clkctrl names for omap4 and 5
Trond Myklebust (5):
NFSv4.1: Don't decrease the value of seq_nr_highest_sent
NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
NFSv4: Fix races in the legacy idmapper upcall
NFSv4/pnfs: Fix a use-after-free bug in open
SUNRPC: Reinitialise the backchannel request buffers before reuse
Tzung-Bi Shih (1):
platform/chrome: cros_ec_proto: don't show MKBP version if unsupported
Uwe Kleine-König (2):
i2c: imx: Make sure to unregister adapter on remove()
dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync()
failed
Vladimir Oltean (1):
net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet counters
Vladimir Zapolskiy (1):
clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description
Wentao_Liang (1):
drivers:md:fix a potential use-after-free bug
Xianting Tian (1):
RISC-V: Add fast call path of crash_kexec()
Xin Xiong (1):
apparmor: fix reference count leak in aa_pivotroot()
Xiu Jianfeng (1):
apparmor: Fix memleak in aa_simple_write_to_buffer()
Xuan Zhuo (1):
virtio_net: fix memory leak inside XPD_TX with mergeable
Ye Bin (1):
ext4: avoid remove directory when directory is corrupted
Yu Xiao (1):
nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
Yuanzheng Song (1):
tools/vm/slabinfo: use alphabetic order when two values are equal
Zhang Xianwei (1):
NFSv4.1: RECLAIM_COMPLETE must handle EACCES
Zheyu Ma (1):
video: fbdev: i740fb: Check the argument of i740_calc_vclk()
Zhouyi Zhou (1):
powerpc/64: Init jump labels before parse_early_param()
.../devicetree/bindings/arm/qcom.yaml | 2 +-
.../bindings/clock/qcom,gcc-msm8996.yaml | 16 +
.../regulator/nxp,pca9450-regulator.yaml | 11 -
.../firmware-guide/acpi/apei/einj.rst | 2 +-
Makefile | 6 +-
arch/csky/kernel/probes/kprobes.c | 4 +
arch/mips/cavium-octeon/octeon-platform.c | 3 +-
arch/mips/mm/tlbex.c | 4 +-
arch/nios2/include/asm/entry.h | 3 +-
arch/nios2/include/asm/ptrace.h | 2 +
arch/nios2/kernel/entry.S | 22 +-
arch/nios2/kernel/signal.c | 3 +-
arch/nios2/kernel/syscall_table.c | 1 +
arch/powerpc/Makefile | 26 +-
arch/powerpc/kernel/pci-common.c | 16 +-
arch/powerpc/kernel/prom.c | 7 +
arch/powerpc/platforms/Kconfig.cputype | 21 +-
arch/riscv/kernel/sys_riscv.c | 5 +-
arch/riscv/kernel/traps.c | 4 +
arch/um/os-Linux/skas/process.c | 17 +-
arch/x86/mm/init_64.c | 2 +-
drivers/acpi/pci_mcfg.c | 3 +
drivers/acpi/property.c | 8 +-
drivers/ata/libata-eh.c | 1 +
drivers/block/zram/zcomp.c | 11 +-
drivers/clk/qcom/clk-alpha-pll.c | 2 +-
drivers/clk/qcom/gcc-ipq8074.c | 1 +
drivers/clk/ti/clk-44xx.c | 210 +++++------
drivers/clk/ti/clk-54xx.c | 160 ++++-----
drivers/clk/ti/clkctrl.c | 4 -
drivers/dma/sprd-dma.c | 5 +-
drivers/gpu/drm/meson/meson_drv.c | 5 +-
drivers/gpu/drm/meson/meson_viu.c | 22 +-
drivers/gpu/drm/sun4i/sun6i_mipi_dsi.c | 10 +-
drivers/i2c/busses/i2c-imx.c | 20 +-
drivers/infiniband/sw/rxe/rxe_param.h | 6 +
drivers/infiniband/sw/rxe/rxe_task.c | 16 +-
drivers/irqchip/irq-tegra.c | 10 +-
drivers/md/md.c | 1 +
drivers/md/raid5.c | 2 +-
drivers/misc/cxl/irq.c | 1 +
drivers/misc/uacce/uacce.c | 133 ++++---
drivers/mmc/host/meson-gx-mmc.c | 6 +-
drivers/mmc/host/pxamci.c | 4 +-
drivers/net/can/spi/mcp251x.c | 18 +-
drivers/net/can/usb/ems_usb.c | 2 +-
drivers/net/dsa/microchip/ksz9477.c | 3 +
drivers/net/dsa/mv88e6060.c | 3 +
drivers/net/dsa/ocelot/felix_vsc9959.c | 3 +-
drivers/net/dsa/sja1105/sja1105_devlink.c | 2 +-
.../net/ethernet/aquantia/atlantic/aq_nic.c | 21 +-
drivers/net/ethernet/broadcom/bgmac.c | 2 +-
.../net/ethernet/freescale/dpaa2/dpaa2-eth.c | 4 +-
drivers/net/ethernet/freescale/fec_ptp.c | 6 +-
drivers/net/ethernet/intel/i40e/i40e_main.c | 4 +-
drivers/net/ethernet/intel/iavf/iavf_adminq.c | 15 +-
drivers/net/ethernet/intel/ice/ice_switch.c | 2 +-
drivers/net/ethernet/intel/igb/igb.h | 2 +
drivers/net/ethernet/intel/igb/igb_main.c | 12 +-
drivers/net/ethernet/moxa/moxart_ether.c | 20 +-
.../ethernet/netronome/nfp/nfp_net_ethtool.c | 2 +
.../net/ethernet/stmicro/stmmac/dwmac-intel.c | 1 +
drivers/net/geneve.c | 15 +-
drivers/net/plip/plip.c | 2 +-
drivers/net/virtio_net.c | 5 +-
drivers/ntb/test/ntb_tool.c | 8 +-
drivers/nvme/target/tcp.c | 3 +-
drivers/pci/pcie/err.c | 3 +-
drivers/pci/quirks.c | 3 +
drivers/pinctrl/intel/pinctrl-intel.c | 14 +-
drivers/pinctrl/nomadik/pinctrl-nomadik.c | 4 +-
drivers/pinctrl/qcom/pinctrl-msm8916.c | 4 +-
drivers/pinctrl/qcom/pinctrl-sm8250.c | 2 +-
drivers/pinctrl/sunxi/pinctrl-sun50i-h6-r.c | 1 +
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 7 +-
drivers/platform/chrome/cros_ec_proto.c | 8 +-
drivers/scsi/lpfc/lpfc_debugfs.c | 20 +-
drivers/spi/spi-meson-spicc.c | 129 +++++--
drivers/tee/tee_core.c | 3 +
drivers/tee/tee_shm.c | 3 -
drivers/tty/serial/ucc_uart.c | 2 +
drivers/usb/cdns3/gadget.c | 2 +-
drivers/usb/dwc2/gadget.c | 3 +-
drivers/usb/gadget/function/uvc_video.c | 2 +-
drivers/usb/gadget/legacy/inode.c | 1 +
drivers/usb/host/ohci-ppc-of.c | 1 +
drivers/usb/renesas_usbhs/rza.c | 4 +
drivers/vfio/vfio.c | 1 +
drivers/video/fbdev/i740fb.c | 9 +-
drivers/virt/vboxguest/vboxguest_linux.c | 9 +-
drivers/xen/xenbus/xenbus_dev_frontend.c | 4 +-
fs/btrfs/tree-log.c | 4 +-
fs/ceph/caps.c | 27 +-
fs/ceph/mds_client.c | 7 +-
fs/ceph/mds_client.h | 6 -
fs/cifs/smb2ops.c | 5 +-
fs/ext4/namei.c | 7 +-
fs/ext4/resize.c | 10 +
fs/f2fs/node.c | 6 +-
fs/f2fs/segment.c | 13 +
fs/nfs/nfs4idmap.c | 46 +--
fs/nfs/nfs4proc.c | 20 +-
include/linux/netfilter/nfnetlink.h | 27 ++
include/linux/nmi.h | 2 +
include/linux/uacce.h | 6 +-
include/sound/control.h | 2 +-
include/sound/core.h | 8 +
kernel/bpf/arraymap.c | 6 +
kernel/bpf/hashtab.c | 2 +
kernel/trace/trace_events.c | 1 +
kernel/trace/trace_probe.c | 5 +-
kernel/watchdog.c | 21 +-
lib/list_debug.c | 12 +-
net/can/j1939/socket.c | 5 +-
net/core/bpf_sk_storage.c | 12 +-
net/core/sock_map.c | 20 +-
net/ipv6/ip6_output.c | 3 +-
net/netfilter/ipset/ip_set_core.c | 17 +-
net/netfilter/nf_conntrack_netlink.c | 77 ++---
net/netfilter/nf_tables_api.c | 325 +++++++++---------
net/netfilter/nf_tables_trace.c | 9 +-
net/netfilter/nfnetlink_acct.c | 11 +-
net/netfilter/nfnetlink_cthelper.c | 11 +-
net/netfilter/nfnetlink_cttimeout.c | 22 +-
net/netfilter/nfnetlink_log.c | 11 +-
net/netfilter/nfnetlink_queue.c | 12 +-
net/netfilter/nft_compat.c | 11 +-
net/netlink/genetlink.c | 6 +-
net/netlink/policy.c | 14 +-
net/qrtr/qrtr.c | 42 +--
net/rds/ib_recv.c | 1 +
net/sunrpc/auth.c | 2 +-
net/sunrpc/backchannel_rqst.c | 14 +
net/vmw_vsock/af_vsock.c | 1 +
scripts/Makefile.gcc-plugins | 2 +-
scripts/dummy-tools/gcc | 8 +-
scripts/module.lds.S | 2 +
security/apparmor/apparmorfs.c | 2 +-
security/apparmor/audit.c | 2 +-
security/apparmor/domain.c | 2 +-
security/apparmor/include/lib.h | 5 +
security/apparmor/include/policy.h | 2 +-
security/apparmor/label.c | 13 +-
security/apparmor/mount.c | 8 +-
security/apparmor/policy_unpack.c | 12 +-
sound/core/control.c | 7 +-
sound/core/info.c | 6 +-
sound/core/misc.c | 94 +++++
sound/core/timer.c | 11 +-
sound/pci/hda/patch_realtek.c | 1 +
sound/soc/codecs/tas2770.c | 98 +++---
sound/soc/codecs/tas2770.h | 5 +
sound/soc/sof/intel/hda.c | 22 +-
sound/usb/card.c | 8 +
sound/usb/mixer_maps.c | 34 +-
tools/build/feature/test-libcrypto.c | 15 +-
tools/perf/util/probe-event.c | 6 +-
.../test.d/kprobe/kprobe_syntax_errors.tc | 1 -
tools/vm/slabinfo.c | 32 +-
159 files changed, 1459 insertions(+), 1020 deletions(-)
--
2.20.1
1
151
[PATCH openEuler-1.0-LTS 1/2] ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
by Yongqiang Liu 26 Nov '22
by Yongqiang Liu 26 Nov '22
26 Nov '22
From: Luís Henriques <lhenriques(a)suse.de>
mainline inclusion
from mainline-v6.0-rc7
commit 29a5b8a137ac8eb410cc823653a29ac0e7b7e1b0
category: bugfix
bugzilla: 187444, https://gitee.com/openeuler/kernel/issues/I6261Z
CVE: NA
--------------------------------
When walking through an inode extents, the ext4_ext_binsearch_idx() function
assumes that the extent header has been previously validated. However, there
are no checks that verify that the number of entries (eh->eh_entries) is
non-zero when depth is > 0. And this will lead to problems because the
EXT_FIRST_INDEX() and EXT_LAST_INDEX() will return garbage and result in this:
[ 135.245946] ------------[ cut here ]------------
[ 135.247579] kernel BUG at fs/ext4/extents.c:2258!
[ 135.249045] invalid opcode: 0000 [#1] PREEMPT SMP
[ 135.250320] CPU: 2 PID: 238 Comm: tmp118 Not tainted 5.19.0-rc8+ #4
[ 135.252067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b-rebuilt.opensuse.org 04/01/2014
[ 135.255065] RIP: 0010:ext4_ext_map_blocks+0xc20/0xcb0
[ 135.256475] Code:
[ 135.261433] RSP: 0018:ffffc900005939f8 EFLAGS: 00010246
[ 135.262847] RAX: 0000000000000024 RBX: ffffc90000593b70 RCX: 0000000000000023
[ 135.264765] RDX: ffff8880038e5f10 RSI: 0000000000000003 RDI: ffff8880046e922c
[ 135.266670] RBP: ffff8880046e9348 R08: 0000000000000001 R09: ffff888002ca580c
[ 135.268576] R10: 0000000000002602 R11: 0000000000000000 R12: 0000000000000024
[ 135.270477] R13: 0000000000000000 R14: 0000000000000024 R15: 0000000000000000
[ 135.272394] FS: 00007fdabdc56740(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000
[ 135.274510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 135.276075] CR2: 00007ffc26bd4f00 CR3: 0000000006261004 CR4: 0000000000170ea0
[ 135.277952] Call Trace:
[ 135.278635] <TASK>
[ 135.279247] ? preempt_count_add+0x6d/0xa0
[ 135.280358] ? percpu_counter_add_batch+0x55/0xb0
[ 135.281612] ? _raw_read_unlock+0x18/0x30
[ 135.282704] ext4_map_blocks+0x294/0x5a0
[ 135.283745] ? xa_load+0x6f/0xa0
[ 135.284562] ext4_mpage_readpages+0x3d6/0x770
[ 135.285646] read_pages+0x67/0x1d0
[ 135.286492] ? folio_add_lru+0x51/0x80
[ 135.287441] page_cache_ra_unbounded+0x124/0x170
[ 135.288510] filemap_get_pages+0x23d/0x5a0
[ 135.289457] ? path_openat+0xa72/0xdd0
[ 135.290332] filemap_read+0xbf/0x300
[ 135.291158] ? _raw_spin_lock_irqsave+0x17/0x40
[ 135.292192] new_sync_read+0x103/0x170
[ 135.293014] vfs_read+0x15d/0x180
[ 135.293745] ksys_read+0xa1/0xe0
[ 135.294461] do_syscall_64+0x3c/0x80
[ 135.295284] entry_SYSCALL_64_after_hwframe+0x46/0xb0
This patch simply adds an extra check in __ext4_ext_check(), verifying that
eh_entries is not 0 when eh_depth is > 0.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=215941
Link: https://bugzilla.kernel.org/show_bug.cgi?id=216283
Cc: Baokun Li <libaokun1(a)huawei.com>
Cc: stable(a)kernel.org
Signed-off-by: Luís Henriques <lhenriques(a)suse.de>
Reviewed-by: Jan Kara <jack(a)suse.cz>
Reviewed-by: Baokun Li <libaokun1(a)huawei.com>
Link: https://lore.kernel.org/r/20220822094235.2690-1-lhenriques@suse.de
Signed-off-by: Theodore Ts'o <tytso(a)mit.edu>
Signed-off-by: Baokun Li <libaokun1(a)huawei.com>
Reviewed-by: Zhang Yi <yi.zhang(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
fs/ext4/extents.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 578769f10906..6edab0ef28fd 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -508,6 +508,10 @@ static int __ext4_ext_check(const char *function, unsigned int line,
error_msg = "invalid eh_entries";
goto corrupted;
}
+ if (unlikely((eh->eh_entries == 0) && (depth > 0))) {
+ error_msg = "eh_entries is 0 but eh_depth is > 0";
+ goto corrupted;
+ }
if (!ext4_valid_extent_entries(inode, eh, lblk, &pblk, depth)) {
error_msg = "invalid extent entries";
goto corrupted;
--
2.25.1
1
1
[PATCH openEuler-5.10-LTS 1/2] Bluetooth: L2CAP: Fix attempting to access uninitialized memory
by Zheng Zengkai 23 Nov '22
by Zheng Zengkai 23 Nov '22
23 Nov '22
From: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
stable inclusion
from stable-v5.10.154
commit 26ca2ac091b49281d73df86111d16e5a76e43bd7
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5ZNRS
CVE: CVE-2022-42895
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit b1a2cd50c0357f243b7435a732b4e62ba3157a2e upstream.
On l2cap_parse_conf_req the variable efs is only initialized if
remote_efs has been set.
CVE: CVE-2022-42895
CC: stable(a)vger.kernel.org
Reported-by: Tamás Koczka <poprdi(a)google.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Reviewed-by: Tedd Ho-Jeong An <tedd.an(a)intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Baisong Zhong <zhongbaisong(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
---
net/bluetooth/l2cap_core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 584a9deb8c80..d35b168e7793 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -3758,7 +3758,8 @@ static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data, size_t data
l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
sizeof(rfc), (unsigned long) &rfc, endptr - ptr);
- if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) {
+ if (remote_efs &&
+ test_bit(FLAG_EFS_ENABLE, &chan->flags)) {
chan->remote_id = efs.id;
chan->remote_stype = efs.stype;
chan->remote_msdu = le16_to_cpu(efs.msdu);
--
2.20.1
1
1
[PATCH OLK-5.10 v4] mm: Fix kabi change caused by saved_auxv[] in mm_struct for x86_64
by Zheng Zengkai 23 Nov '22
by Zheng Zengkai 23 Nov '22
23 Nov '22
openeuler inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I5RQLJ
CVE: NA
Intel-SIG: mm: Fix kabi change caused by saved_auxv[] in mm_struct for x86_64.
--------------------------------
Use the KABI_DEPRECATE and KABI_USE macro to fix kabi change caused
by commit 1c33bb050750 ("x86/elf: Support a new ELF aux vector AT_MINSIGSTKSZ").
The extended saved_auxv[] causes the kabi breakage, move the saved_auxv[]
to the end of struct mm_struct.
To avoid introducing too many size increase of mm_struct, use a pointer
to indirectly reference the relocated saved_auxv[], then adapt the code
where mm->saved_auxv is used.
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
Signed-off-by: Lin Wang <lin.x.wang(a)intel.com>
Signed-off-by: Aichun Shi <aichun.shi(a)intel.com>
---
arch/x86/include/uapi/asm/auxvec.h | 2 ++
fs/binfmt_elf.c | 12 ++++----
fs/binfmt_elf_fdpic.c | 2 +-
fs/proc/base.c | 6 ++--
include/linux/mm_types.h | 30 ++++++++++++++++++++
kernel/fork.c | 44 ++++++++++++++++++++++++++----
kernel/sys.c | 10 +++----
7 files changed, 86 insertions(+), 20 deletions(-)
diff --git a/arch/x86/include/uapi/asm/auxvec.h b/arch/x86/include/uapi/asm/auxvec.h
index 6beb55bbefa4..6be5f6584119 100644
--- a/arch/x86/include/uapi/asm/auxvec.h
+++ b/arch/x86/include/uapi/asm/auxvec.h
@@ -13,8 +13,10 @@
/* entries in ARCH_DLINFO: */
#if defined(CONFIG_IA32_EMULATION) || !defined(CONFIG_X86_64)
# define AT_VECTOR_SIZE_ARCH 3
+# define ORIG_AT_VECTOR_SIZE_ARCH 2
#else /* else it's non-compat x86-64 */
# define AT_VECTOR_SIZE_ARCH 2
+# define ORIG_AT_VECTOR_SIZE_ARCH 1
#endif
#endif /* _ASM_X86_AUXVEC_H */
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index ed507d27034b..8e56bb649f0e 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -236,7 +236,7 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
return -EFAULT;
/* Create the ELF interpreter info */
- elf_info = (elf_addr_t *)mm->saved_auxv;
+ elf_info = (elf_addr_t *)MM_SAVED_AUXV(mm);
/* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
#define NEW_AUX_ENT(id, val) \
do { \
@@ -285,13 +285,13 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
}
#undef NEW_AUX_ENT
/* AT_NULL is zero; clear the rest too */
- memset(elf_info, 0, (char *)mm->saved_auxv +
- sizeof(mm->saved_auxv) - (char *)elf_info);
+ memset(elf_info, 0, (char *)MM_SAVED_AUXV(mm) +
+ sizeof(MM_SAVED_AUXV(mm)) - (char *)elf_info);
/* And advance past the AT_NULL entry. */
elf_info += 2;
- ei_index = elf_info - (elf_addr_t *)mm->saved_auxv;
+ ei_index = elf_info - (elf_addr_t *)MM_SAVED_AUXV(mm);
sp = STACK_ADD(p, ei_index);
items = (argc + 1) + (envc + 1) + 1;
@@ -352,7 +352,7 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
mm->env_end = p;
/* Put the elf_info on the stack in the right place. */
- if (copy_to_user(sp, mm->saved_auxv, ei_index * sizeof(elf_addr_t)))
+ if (copy_to_user(sp, MM_SAVED_AUXV(mm), ei_index * sizeof(elf_addr_t)))
return -EFAULT;
return 0;
}
@@ -1586,7 +1586,7 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
{
- elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
+ elf_addr_t *auxv = (elf_addr_t *) MM_SAVED_AUXV(mm);
int i = 0;
do
i += 2;
diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
index be4062b8ba75..06d45339676f 100644
--- a/fs/binfmt_elf_fdpic.c
+++ b/fs/binfmt_elf_fdpic.c
@@ -1550,7 +1550,7 @@ static int elf_fdpic_core_dump(struct coredump_params *cprm)
fill_note(&psinfo_note, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
thread_status_size += notesize(&psinfo_note);
- auxv = (elf_addr_t *) current->mm->saved_auxv;
+ auxv = (elf_addr_t *) current->MM_SAVED_AUXV(mm);
i = 0;
do
i += 2;
diff --git a/fs/proc/base.c b/fs/proc/base.c
index cc1fdff2e136..fe2633176ed5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1038,9 +1038,9 @@ static ssize_t auxv_read(struct file *file, char __user *buf,
return 0;
do {
nwords += 2;
- } while (mm->saved_auxv[nwords - 2] != 0); /* AT_NULL */
- return simple_read_from_buffer(buf, count, ppos, mm->saved_auxv,
- nwords * sizeof(mm->saved_auxv[0]));
+ } while (MM_SAVED_AUXV(mm)[nwords - 2] != 0); /* AT_NULL */
+ return simple_read_from_buffer(buf, count, ppos, MM_SAVED_AUXV(mm),
+ nwords * sizeof(MM_SAVED_AUXV(mm)[0]));
}
static const struct file_operations proc_auxv_operations = {
diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h
index 15ff1e20f5ca..ba69c5ecd4ce 100644
--- a/include/linux/mm_types.h
+++ b/include/linux/mm_types.h
@@ -24,6 +24,21 @@
#endif
#define AT_VECTOR_SIZE (2*(AT_VECTOR_SIZE_ARCH + AT_VECTOR_SIZE_BASE + 1))
+#define _MM_STRUCT_SIZE (sizeof(struct mm_struct) + cpumask_size())
+
+#if defined(CONFIG_X86_64)
+ #define ORIG_AT_VECTOR_SIZE (2*(ORIG_AT_VECTOR_SIZE_ARCH + AT_VECTOR_SIZE_BASE + 1))
+ #define MM_SAVED_AUXV(mm) mm->mm_extend->saved_auxv
+ #define MM_STRUCT_SIZE (_MM_STRUCT_SIZE + sizeof(struct mm_struct_extend))
+ #define OFFSET_OF_MM_SAVED_AUXV (_MM_STRUCT_SIZE + offsetof(struct mm_struct_extend, saved_auxv))
+ #define SIZE_OF_MM_SAVED_AUXV sizeof_field(struct mm_struct_extend, saved_auxv)
+#else
+ #define MM_SAVED_AUXV(mm) mm->saved_auxv
+ #define MM_STRUCT_SIZE _MM_STRUCT_SIZE
+ #define OFFSET_OF_MM_SAVED_AUXV offsetof(struct mm_struct, saved_auxv)
+ #define SIZE_OF_MM_SAVED_AUXV sizeof_field(struct mm_struct, saved_auxv)
+#endif
+
#define INIT_PASID 0
struct address_space;
@@ -394,6 +409,13 @@ struct core_state {
};
struct kioctx_table;
+
+#if defined(CONFIG_X86_64)
+struct mm_struct_extend {
+ unsigned long saved_auxv[AT_VECTOR_SIZE]; /* for /proc/PID/auxv */
+};
+#endif
+
struct mm_struct {
struct {
struct vm_area_struct *mmap; /* list of VMAs */
@@ -508,7 +530,11 @@ struct mm_struct {
unsigned long start_brk, brk, start_stack;
unsigned long arg_start, arg_end, env_start, env_end;
+#if defined(CONFIG_X86_64)
+ KABI_DEPRECATE(unsigned long, saved_auxv[ORIG_AT_VECTOR_SIZE])
+#else
unsigned long saved_auxv[AT_VECTOR_SIZE]; /* for /proc/PID/auxv */
+#endif
/*
* Special counters, in some configurations protected by the
@@ -592,7 +618,11 @@ struct mm_struct {
#endif
} __randomize_layout;
+#if defined(CONFIG_X86_64)
+ KABI_USE(1, struct mm_struct_extend *mm_extend)
+#else
KABI_RESERVE(1)
+#endif
KABI_RESERVE(2)
KABI_RESERVE(3)
KABI_RESERVE(4)
diff --git a/kernel/fork.c b/kernel/fork.c
index 8a40bfda35e1..c2f13f635135 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1088,6 +1088,21 @@ static struct mm_struct *mm_init(struct mm_struct *mm, struct task_struct *p,
return NULL;
}
+static inline void mm_struct_clear(struct mm_struct *mm)
+{
+ memset(mm, 0, sizeof(*mm));
+
+#if (defined(CONFIG_X86_64))
+ /*
+ * init the mm_struct_extend extra area at the bottom of
+ * the allocated mm struct and reset mm->mm_extend accordingly.
+ */
+ memset((void *)((unsigned long) mm + _MM_STRUCT_SIZE),
+ 0, sizeof(struct mm_struct_extend));
+ mm->mm_extend = (struct mm_struct_extend *)((unsigned long) mm + _MM_STRUCT_SIZE);
+#endif
+}
+
/*
* Allocate and initialize an mm_struct.
*/
@@ -1099,7 +1114,8 @@ struct mm_struct *mm_alloc(void)
if (!mm)
return NULL;
- memset(mm, 0, sizeof(*mm));
+ mm_struct_clear(mm);
+
return mm_init(mm, current, current_user_ns());
}
@@ -1382,6 +1398,24 @@ void exec_mm_release(struct task_struct *tsk, struct mm_struct *mm)
mm_release(tsk, mm);
}
+static inline void mm_struct_copy(struct mm_struct *mm, struct mm_struct *oldmm)
+{
+ memcpy(mm, oldmm, sizeof(*mm));
+
+#if defined(CONFIG_X86_64)
+ /*
+ * copy the mm_struct_extend extra area at the bottom of
+ * the oldmm slab object over to the newly allocated mm struct,
+ * and reset mm->mm_extend accordingly.
+ */
+ memcpy((void *)((unsigned long) mm + _MM_STRUCT_SIZE),
+ (void *)((unsigned long) oldmm + _MM_STRUCT_SIZE),
+ sizeof(struct mm_struct_extend));
+
+ mm->mm_extend = (struct mm_struct_extend *)((unsigned long) mm + _MM_STRUCT_SIZE);
+#endif
+}
+
/**
* dup_mm() - duplicates an existing mm structure
* @tsk: the task_struct with which the new mm will be associated.
@@ -1402,7 +1436,7 @@ static struct mm_struct *dup_mm(struct task_struct *tsk,
if (!mm)
goto fail_nomem;
- memcpy(mm, oldmm, sizeof(*mm));
+ mm_struct_copy(mm, oldmm);
if (!mm_init(mm, tsk, mm->user_ns))
goto fail_nomem;
@@ -2872,13 +2906,13 @@ void __init proc_caches_init(void)
* dynamically sized based on the maximum CPU number this system
* can have, taking hotplug into account (nr_cpu_ids).
*/
- mm_size = sizeof(struct mm_struct) + cpumask_size();
+ mm_size = MM_STRUCT_SIZE;
mm_cachep = kmem_cache_create_usercopy("mm_struct",
mm_size, ARCH_MIN_MMSTRUCT_ALIGN,
SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_ACCOUNT,
- offsetof(struct mm_struct, saved_auxv),
- sizeof_field(struct mm_struct, saved_auxv),
+ OFFSET_OF_MM_SAVED_AUXV,
+ SIZE_OF_MM_SAVED_AUXV,
NULL);
vm_area_cachep = KMEM_CACHE(vm_area_struct, SLAB_PANIC|SLAB_ACCOUNT);
mmap_init();
diff --git a/kernel/sys.c b/kernel/sys.c
index c8a31e1037be..10c5a6d2acdc 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1962,7 +1962,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
struct mm_struct *mm = current->mm;
int error;
- BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
+ BUILD_BUG_ON(sizeof(user_auxv) != sizeof(MM_SAVED_AUXV(mm)));
BUILD_BUG_ON(sizeof(struct prctl_mm_map) > 256);
if (opt == PR_SET_MM_MAP_SIZE)
@@ -1984,7 +1984,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
* Someone is trying to cheat the auxv vector.
*/
if (!prctl_map.auxv ||
- prctl_map.auxv_size > sizeof(mm->saved_auxv))
+ prctl_map.auxv_size > sizeof(MM_SAVED_AUXV(mm)))
return -EINVAL;
memset(user_auxv, 0, sizeof(user_auxv));
@@ -2056,7 +2056,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
* more complex.
*/
if (prctl_map.auxv_size)
- memcpy(mm->saved_auxv, user_auxv, sizeof(user_auxv));
+ memcpy(MM_SAVED_AUXV(mm), user_auxv, sizeof(user_auxv));
mmap_read_unlock(mm);
return 0;
@@ -2084,10 +2084,10 @@ static int prctl_set_auxv(struct mm_struct *mm, unsigned long addr,
user_auxv[AT_VECTOR_SIZE - 2] = 0;
user_auxv[AT_VECTOR_SIZE - 1] = 0;
- BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
+ BUILD_BUG_ON(sizeof(user_auxv) != sizeof(MM_SAVED_AUXV(mm)));
task_lock(current);
- memcpy(mm->saved_auxv, user_auxv, len);
+ memcpy(MM_SAVED_AUXV(mm), user_auxv, len);
task_unlock(current);
return 0;
--
2.20.1
1
0
[PATCH openEuler-5.10 01/81] Revert "block/wbt: fix negative inflight counter when remove scsi device"
by Zheng Zengkai 21 Nov '22
by Zheng Zengkai 21 Nov '22
21 Nov '22
From: Li Nan <linan122(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: 187584, https://gitee.com/openeuler/kernel/issues/I5QW2R
CVE: NA
--------------------------------
This reverts commit 37838982c0e97898780682980aaf10755625630e.
There are two wbt_enable_default() in bfq_exit_queue(). Although it will
not lead to no fault, revert one.
Signed-off-by: Li Nan <linan122(a)huawei.com>
Reviewed-by: Jason Yan <yanaijie(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
block/bfq-iosched.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c
index 4bfea5e5354e..1aec01c0a707 100644
--- a/block/bfq-iosched.c
+++ b/block/bfq-iosched.c
@@ -6418,8 +6418,6 @@ static void bfq_exit_queue(struct elevator_queue *e)
spin_unlock_irq(&bfqd->lock);
#endif
- wbt_enable_default(bfqd->queue);
-
kfree(bfqd);
/* Re-enable throttling in case elevator disabled it */
--
2.20.1
1
80
Backport 5.10.138 LTS patches from upstream.
git cherry-pick v5.10.137..v5.10.138~1 -s
Already merged(-6):
0e28678a770d devlink: Fix use-after-free after a failed reload
38ddccbda5e8 vsock: Fix memory leak in vsock_connect()
a0ae122e9aec atm: idt77252: fix use-after-free bugs caused by tst_timer
a220ff343396 can: j1939: j1939_session_destroy(): fix memory leak of skbs
3527e3cbb84d bpf: Fix KASAN use-after-free Read in compute_effective_progs
1daa7629d2a2 PCI/ERR: Retain status from error notification
Context conflict:
63671b2bdf5f watchdog: export lockup_detector_reconfigure
Defered for performance degradation(-1):
823280a8fba3 locking/atomic: Make test_and_*_bit() ordered on failure
Total patches: 157 - 6 - 1 = 150
Aaron Lu (1):
x86/mm: Use proper mask when setting PUD mapping
Al Viro (6):
nios2: page fault et.al. are *not* restartable syscalls...
nios2: don't leave NULLs in sys_call_table[]
nios2: traced syscall does need to check the syscall number
nios2: fix syscall restart checks
nios2: restarts apply only to the first sigframe we build...
nios2: add force_successful_syscall_return()
Alan Brady (1):
i40e: Fix to stop tx_timeout recovery if GLOBR fails
Amadeusz Sławiński (1):
ALSA: info: Fix llseek return value when using callback
Amelie Delaunay (1):
usb: dwc2: gadget: remove D+ pull-up while no vbus with
usb-role-switch
Andrew Donnellan (1):
gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a
file
Andy Shevchenko (1):
pinctrl: intel: Check against matching data instead of ACPI companion
Arun Ramadoss (1):
net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
Bard Liao (1):
ASoC: SOF: intel: move sof_intel_dsp_desc() forward
Bob Pearson (1):
RDMA/rxe: Limit the number of calls to each tasklet
Celeste Liu (1):
riscv: mmap with PROT_WRITE but no PROT_READ is invalid
Chao Yu (2):
f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
f2fs: fix to do sanity check on segment type in build_sit_entries()
Chen Lin (1):
dpaa2-eth: trace the allocated address instead of page struct
Chia-Lin Kao (AceLan) (1):
net: atlantic: fix aq_vec index out of range error
Christoffer Sandberg (1):
ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
Christophe JAILLET (6):
mmc: pxamci: Fix another error handling path in pxamci_probe()
mmc: pxamci: Fix an error handling path in pxamci_probe()
mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
perf probe: Fix an error handling path in 'parse_perf_probe_command()'
stmmac: intel: Add a missing clk_disable_unprepare() call in
intel_eth_pci_remove()
cxl: Fix a memory leak in an error handling path
Christophe Leroy (1):
powerpc/32: Don't always pass -mcpu=powerpc to the compiler
Csókás Bence (1):
fec: Fix timer capture timing in `fec_ptp_enable_pps()`
Damien Le Moal (1):
ata: libata-eh: Add missing command name
Dan Aloni (1):
sunrpc: fix expiry of auth creds
Dan Carpenter (3):
NTB: ntb_tool: uninitialized heap data in tool_fn_write()
xen/xenbus: fix return type in xenbus_file_read()
netfilter: nftables: fix a warning message in
nf_tables_commit_audit_collect()
Dmitry Baryshkov (1):
dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
Dongliang Mu (1):
netfilter: nf_tables: fix audit memory leak in nf_tables_commit
Fedor Pchelkin (1):
can: j1939: j1939_sk_queue_activate_next_locked(): replace
WARN_ON_ONCE with netdev_warn_once()
Filipe Manana (1):
btrfs: fix lost error handling when looking up extended ref on log
replay
Florian Westphal (1):
plip: avoid rcu debug splat
Frank Li (1):
usb: cdns3 fix use-after-free at workaround 2
Frieder Schrempf (1):
regulator: pca9450: Remove restrictions for regulator-name
Grzegorz Siwik (1):
ice: Ignore EEXIST when setting promisc mode
Guenter Roeck (1):
lib/list_debug.c: Detect uninitialized lists
Helge Deller (1):
modules: Ensure natural alignment for .altinstructions and __bug_table
sections
Hou Tao (5):
bpf: Acquire map uref in .init_seq_private for array map iterator
bpf: Acquire map uref in .init_seq_private for hash map iterator
bpf: Acquire map uref in .init_seq_private for sock local storage map
iterator
bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator
bpf: Check the validity of max_rdwr_access for sock local storage map
iterator
Huacai Chen (1):
PCI/ACPI: Guard ARM64-specific mcfg_quirks
Jakub Kicinski (1):
net: genl: fix error path memory leak in policy dumping
James Smart (1):
scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed
user input
Jason A. Donenfeld (1):
um: add "noreboot" command line option for PANIC_TIMEOUT=-1 setups
Jean-Philippe Brucker (1):
uacce: Handle parent device removal or parent driver module rmmod
Jeff Layton (1):
ceph: don't leak snap_rwsem in handle_cap_grant
Jens Wiklander (1):
tee: fix memory leak in tee_shm_register()
Jianhua Lu (1):
pinctrl: qcom: sm8250: Fix PDC map
John Johansen (5):
apparmor: fix quiet_denied for file rules
apparmor: fix absroot causing audited secids to begin with =
apparmor: Fix failed mount permission check error message
apparmor: fix setting unconfined mode on a loaded profile
apparmor: fix overlapping attachment computation
Jozef Martiniak (1):
gadgetfs: ep_io - wait until IRQ finishes
Kiselev, Oleg (1):
ext4: avoid resizing to a partial cluster size
Krzysztof Kozlowski (1):
dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
Laurent Dufour (1):
watchdog: export lockup_detector_reconfigure
Liang He (5):
drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()
usb: host: ohci-ppc-of: Fix refcount leak bug
usb: renesas: Fix refcount leak bug
tty: serial: Fix refcount leak bug in ucc_uart.c
mips: cavium-octeon: Fix missing of_node_put() in
octeon2_usb_clocks_start
Liao Chang (1):
csky/kprobe: reclaim insn_slot on kprobe unregistration
Lin Ma (1):
igb: Add lock to avoid data race
Logan Gunthorpe (1):
md: Notify sysfs sync_completed in md_reap_sync_thread()
Luís Henriques (1):
ceph: use correct index when encoding client supported features
Marc Kleine-Budde (1):
can: ems_usb: fix clang's -Wunaligned-access warning
Martin Povišer (4):
ASoC: tas2770: Set correct FSYNC polarity
ASoC: tas2770: Allow mono streams
ASoC: tas2770: Drop conflicting set_bias_level power setting
ASoC: tas2770: Fix handling of mute/unmute
Masahiro Yamada (1):
kbuild: fix the modules order between drivers and libs
Matthew Wilcox (Oracle) (1):
qrtr: Convert qrtr_ports from IDR to XArray
Matthias May (3):
geneve: do not use RT_TOS for IPv6 flowlabel
ipv6: do not use RT_TOS for IPv6 flowlabel
geneve: fix TOS inheriting for ipv4
Miaoqian Lin (1):
pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
Michael Ellerman (1):
powerpc/pci: Fix get_phb_number() locking
Michael Grzeschik (1):
usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
uvcg_info
Mikulas Patocka (1):
rds: add missing barrier to release_refill
Nathan Chancellor (1):
MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0
Neil Armstrong (1):
spi: meson-spicc: add local pow2 clock ops to preserve rate between
messages
Nikita Travkin (1):
pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
Ondrej Mosnacek (1):
kbuild: dummy-tools: avoid tmpdir leak in dummy gcc
Pablo Neira Ayuso (5):
netfilter: nf_tables: really skip inactive sets when allocating name
netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on
NFT_SET_OBJECT flag
netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is
specified
netfilter: nftables: add helper function to set the base sequence
number
netfilter: add helper function to set up the nfnetlink header and use
it
Pascal Terjan (1):
vboxguest: Do not use devm for irq
Pavan Chebbi (1):
PCI: Add ACS quirk for Broadcom BCM5750x NICs
Peilin Ye (1):
vsock: Set socket state back to SS_UNCONNECTED in
vsock_connect_timeout()
Przemyslaw Patynowski (1):
iavf: Fix adminq error handling
Qifu Zhang (1):
Documentation: ACPI: EINJ: Fix obsolete example
Richard Guy Briggs (1):
audit: log nftables configuration change events once per table
Robert Marko (1):
clk: qcom: ipq8074: dont disable gcc_sleep_clk_src
Roberto Sassu (1):
tools build: Switch to new openssl API for test-libcrypto
Rustam Subkhankulov (1):
net: dsa: sja1105: fix buffer overflow in
sja1105_setup_devlink_regions()
Sagi Grimberg (1):
nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
teardown
Sai Prakash Ranjan (2):
irqchip/tegra: Fix overflow implicit truncation warnings
drm/meson: Fix overflow implicit truncation warnings
Sakari Ailus (1):
ACPI: property: Return type of acpi_add_nondev_subnodes() should be
bool
Samuel Holland (2):
pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
drm/sun4i: dsi: Prevent underflow when computing packet sizes
Sandor Bodo-Merle (1):
net: bgmac: Fix a BUG triggered by wrong bytes_compl
Schspa Shi (1):
vfio: Clear the caps->buf to NULL after free
Sebastian Würl (1):
can: mcp251x: Fix race condition on receive interrupt
Sergei Antonov (2):
net: dsa: mv88e6060: prevent crash on an unused port
net: moxa: pass pdev instead of ndev to DMA functions
Sergey Senozhatsky (1):
zram: do not lookup algorithm in backends table
Steve French (1):
smb3: check xattr value length earlier
Steven Rostedt (Google) (3):
tracing: Have filter accept "common_cpu" to be consistent
selftests/kprobe: Do not test for GRP/ without event failures
tracing/probes: Have kprobes and uprobes use $COMM too
Takashi Iwai (4):
ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
ALSA: core: Add async signal helpers
ALSA: timer: Use deferred fasync helper
ALSA: control: Use deferred fasync helper
Tom Rix (1):
apparmor: fix aa_label_asxprint return check
Tony Lindgren (1):
clk: ti: Stop using legacy clkctrl names for omap4 and 5
Trond Myklebust (5):
NFSv4.1: Don't decrease the value of seq_nr_highest_sent
NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
NFSv4: Fix races in the legacy idmapper upcall
NFSv4/pnfs: Fix a use-after-free bug in open
SUNRPC: Reinitialise the backchannel request buffers before reuse
Tzung-Bi Shih (1):
platform/chrome: cros_ec_proto: don't show MKBP version if unsupported
Uwe Kleine-König (2):
i2c: imx: Make sure to unregister adapter on remove()
dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync()
failed
Vladimir Oltean (1):
net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet counters
Vladimir Zapolskiy (1):
clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description
Wentao_Liang (1):
drivers:md:fix a potential use-after-free bug
Xianting Tian (1):
RISC-V: Add fast call path of crash_kexec()
Xin Xiong (1):
apparmor: fix reference count leak in aa_pivotroot()
Xiu Jianfeng (1):
apparmor: Fix memleak in aa_simple_write_to_buffer()
Xuan Zhuo (1):
virtio_net: fix memory leak inside XPD_TX with mergeable
Ye Bin (1):
ext4: avoid remove directory when directory is corrupted
Yu Xiao (1):
nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
Yuanzheng Song (1):
tools/vm/slabinfo: use alphabetic order when two values are equal
Zhang Xianwei (1):
NFSv4.1: RECLAIM_COMPLETE must handle EACCES
Zheyu Ma (1):
video: fbdev: i740fb: Check the argument of i740_calc_vclk()
Zhouyi Zhou (1):
powerpc/64: Init jump labels before parse_early_param()
.../devicetree/bindings/arm/qcom.yaml | 2 +-
.../bindings/clock/qcom,gcc-msm8996.yaml | 16 +
.../regulator/nxp,pca9450-regulator.yaml | 11 -
.../firmware-guide/acpi/apei/einj.rst | 2 +-
Makefile | 6 +-
arch/csky/kernel/probes/kprobes.c | 4 +
arch/mips/cavium-octeon/octeon-platform.c | 3 +-
arch/mips/mm/tlbex.c | 4 +-
arch/nios2/include/asm/entry.h | 3 +-
arch/nios2/include/asm/ptrace.h | 2 +
arch/nios2/kernel/entry.S | 22 +-
arch/nios2/kernel/signal.c | 3 +-
arch/nios2/kernel/syscall_table.c | 1 +
arch/powerpc/Makefile | 26 +-
arch/powerpc/kernel/pci-common.c | 16 +-
arch/powerpc/kernel/prom.c | 7 +
arch/powerpc/platforms/Kconfig.cputype | 21 +-
arch/riscv/kernel/sys_riscv.c | 5 +-
arch/riscv/kernel/traps.c | 4 +
arch/um/os-Linux/skas/process.c | 17 +-
arch/x86/mm/init_64.c | 2 +-
drivers/acpi/pci_mcfg.c | 3 +
drivers/acpi/property.c | 8 +-
drivers/ata/libata-eh.c | 1 +
drivers/block/zram/zcomp.c | 11 +-
drivers/clk/qcom/clk-alpha-pll.c | 2 +-
drivers/clk/qcom/gcc-ipq8074.c | 1 +
drivers/clk/ti/clk-44xx.c | 210 +++++------
drivers/clk/ti/clk-54xx.c | 160 ++++-----
drivers/clk/ti/clkctrl.c | 4 -
drivers/dma/sprd-dma.c | 5 +-
drivers/gpu/drm/meson/meson_drv.c | 5 +-
drivers/gpu/drm/meson/meson_viu.c | 22 +-
drivers/gpu/drm/sun4i/sun6i_mipi_dsi.c | 10 +-
drivers/i2c/busses/i2c-imx.c | 20 +-
drivers/infiniband/sw/rxe/rxe_param.h | 6 +
drivers/infiniband/sw/rxe/rxe_task.c | 16 +-
drivers/irqchip/irq-tegra.c | 10 +-
drivers/md/md.c | 1 +
drivers/md/raid5.c | 2 +-
drivers/misc/cxl/irq.c | 1 +
drivers/misc/uacce/uacce.c | 133 ++++---
drivers/mmc/host/meson-gx-mmc.c | 6 +-
drivers/mmc/host/pxamci.c | 4 +-
drivers/net/can/spi/mcp251x.c | 18 +-
drivers/net/can/usb/ems_usb.c | 2 +-
drivers/net/dsa/microchip/ksz9477.c | 3 +
drivers/net/dsa/mv88e6060.c | 3 +
drivers/net/dsa/ocelot/felix_vsc9959.c | 3 +-
drivers/net/dsa/sja1105/sja1105_devlink.c | 2 +-
.../net/ethernet/aquantia/atlantic/aq_nic.c | 21 +-
drivers/net/ethernet/broadcom/bgmac.c | 2 +-
.../net/ethernet/freescale/dpaa2/dpaa2-eth.c | 4 +-
drivers/net/ethernet/freescale/fec_ptp.c | 6 +-
drivers/net/ethernet/intel/i40e/i40e_main.c | 4 +-
drivers/net/ethernet/intel/iavf/iavf_adminq.c | 15 +-
drivers/net/ethernet/intel/ice/ice_switch.c | 2 +-
drivers/net/ethernet/intel/igb/igb.h | 2 +
drivers/net/ethernet/intel/igb/igb_main.c | 12 +-
drivers/net/ethernet/moxa/moxart_ether.c | 20 +-
.../ethernet/netronome/nfp/nfp_net_ethtool.c | 2 +
.../net/ethernet/stmicro/stmmac/dwmac-intel.c | 1 +
drivers/net/geneve.c | 15 +-
drivers/net/plip/plip.c | 2 +-
drivers/net/virtio_net.c | 5 +-
drivers/ntb/test/ntb_tool.c | 8 +-
drivers/nvme/target/tcp.c | 3 +-
drivers/pci/quirks.c | 3 +
drivers/pinctrl/intel/pinctrl-intel.c | 14 +-
drivers/pinctrl/nomadik/pinctrl-nomadik.c | 4 +-
drivers/pinctrl/qcom/pinctrl-msm8916.c | 4 +-
drivers/pinctrl/qcom/pinctrl-sm8250.c | 2 +-
drivers/pinctrl/sunxi/pinctrl-sun50i-h6-r.c | 1 +
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 7 +-
drivers/platform/chrome/cros_ec_proto.c | 8 +-
drivers/scsi/lpfc/lpfc_debugfs.c | 20 +-
drivers/spi/spi-meson-spicc.c | 129 +++++--
drivers/tee/tee_core.c | 3 +
drivers/tee/tee_shm.c | 3 -
drivers/tty/serial/ucc_uart.c | 2 +
drivers/usb/cdns3/gadget.c | 2 +-
drivers/usb/dwc2/gadget.c | 3 +-
drivers/usb/gadget/function/uvc_video.c | 2 +-
drivers/usb/gadget/legacy/inode.c | 1 +
drivers/usb/host/ohci-ppc-of.c | 1 +
drivers/usb/renesas_usbhs/rza.c | 4 +
drivers/vfio/vfio.c | 1 +
drivers/video/fbdev/i740fb.c | 9 +-
drivers/virt/vboxguest/vboxguest_linux.c | 9 +-
drivers/xen/xenbus/xenbus_dev_frontend.c | 4 +-
fs/btrfs/tree-log.c | 4 +-
fs/ceph/caps.c | 27 +-
fs/ceph/mds_client.c | 7 +-
fs/ceph/mds_client.h | 6 -
fs/cifs/smb2ops.c | 5 +-
fs/ext4/namei.c | 7 +-
fs/ext4/resize.c | 10 +
fs/f2fs/node.c | 6 +-
fs/f2fs/segment.c | 13 +
fs/nfs/nfs4idmap.c | 46 +--
fs/nfs/nfs4proc.c | 20 +-
include/linux/netfilter/nfnetlink.h | 27 ++
include/linux/nmi.h | 2 +
include/linux/uacce.h | 6 +-
include/sound/control.h | 2 +-
include/sound/core.h | 8 +
kernel/bpf/arraymap.c | 6 +
kernel/bpf/hashtab.c | 2 +
kernel/trace/trace_events.c | 1 +
kernel/trace/trace_probe.c | 5 +-
kernel/watchdog.c | 21 +-
lib/list_debug.c | 12 +-
net/can/j1939/socket.c | 5 +-
net/core/bpf_sk_storage.c | 12 +-
net/core/sock_map.c | 20 +-
net/ipv6/ip6_output.c | 3 +-
net/netfilter/ipset/ip_set_core.c | 17 +-
net/netfilter/nf_conntrack_netlink.c | 77 ++---
net/netfilter/nf_tables_api.c | 325 +++++++++---------
net/netfilter/nf_tables_trace.c | 9 +-
net/netfilter/nfnetlink_acct.c | 11 +-
net/netfilter/nfnetlink_cthelper.c | 11 +-
net/netfilter/nfnetlink_cttimeout.c | 22 +-
net/netfilter/nfnetlink_log.c | 11 +-
net/netfilter/nfnetlink_queue.c | 12 +-
net/netfilter/nft_compat.c | 11 +-
net/netlink/genetlink.c | 6 +-
net/netlink/policy.c | 14 +-
net/qrtr/qrtr.c | 42 +--
net/rds/ib_recv.c | 1 +
net/sunrpc/auth.c | 2 +-
net/sunrpc/backchannel_rqst.c | 14 +
net/vmw_vsock/af_vsock.c | 1 +
scripts/Makefile.gcc-plugins | 2 +-
scripts/dummy-tools/gcc | 8 +-
scripts/module.lds.S | 2 +
security/apparmor/apparmorfs.c | 2 +-
security/apparmor/audit.c | 2 +-
security/apparmor/domain.c | 2 +-
security/apparmor/include/lib.h | 5 +
security/apparmor/include/policy.h | 2 +-
security/apparmor/label.c | 13 +-
security/apparmor/mount.c | 8 +-
security/apparmor/policy_unpack.c | 12 +-
sound/core/control.c | 7 +-
sound/core/info.c | 6 +-
sound/core/misc.c | 94 +++++
sound/core/timer.c | 11 +-
sound/pci/hda/patch_realtek.c | 1 +
sound/soc/codecs/tas2770.c | 98 +++---
sound/soc/codecs/tas2770.h | 5 +
sound/soc/sof/intel/hda.c | 22 +-
sound/usb/card.c | 8 +
sound/usb/mixer_maps.c | 34 +-
tools/build/feature/test-libcrypto.c | 15 +-
tools/perf/util/probe-event.c | 6 +-
.../test.d/kprobe/kprobe_syntax_errors.tc | 1 -
tools/vm/slabinfo.c | 32 +-
158 files changed, 1458 insertions(+), 1018 deletions(-)
--
2.20.1
1
150
From: Wang Wensheng <wangwensheng4(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I61RA3
CVE: NA
-------------------------------
The following two ioctl commands are not in used at all. Delete those
implementation.
SVM_IOCTL_SET_RC
SVM_IOCTL_REMAP_PROC
Signed-off-by: Wang Wensheng <wangwensheng4(a)huawei.com>
Reviewed-by: chenweilong <chenweilong(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
drivers/char/svm.c | 196 ++-------------------------------------------
1 file changed, 5 insertions(+), 191 deletions(-)
diff --git a/drivers/char/svm.c b/drivers/char/svm.c
index 6b44026252e4..4cd04ca378ff 100644
--- a/drivers/char/svm.c
+++ b/drivers/char/svm.c
@@ -1484,186 +1484,6 @@ int svm_get_pasid(pid_t vpid, int dev_id __maybe_unused)
}
EXPORT_SYMBOL_GPL(svm_get_pasid);
-static int svm_set_rc(unsigned long __user *arg)
-{
- unsigned long addr, size, rc;
- unsigned long end, page_size, offset;
- pte_t *pte = NULL;
- struct mm_struct *mm = current->mm;
-
- if (acpi_disabled)
- return -EPERM;
-
- if (arg == NULL)
- return -EINVAL;
-
- if (get_user(addr, arg))
- return -EFAULT;
-
- if (get_user(size, arg + 1))
- return -EFAULT;
-
- if (get_user(rc, arg + 2))
- return -EFAULT;
-
- end = addr + size;
- if (addr >= end)
- return -EINVAL;
-
- down_read(&mm->mmap_sem);
- while (addr < end) {
- pte = svm_walk_pt(addr, &page_size, &offset);
- if (!pte) {
- up_read(&mm->mmap_sem);
- return -ESRCH;
- }
- pte->pte |= (rc & (u64)0x0f) << 59;
- addr += page_size - offset;
- }
- up_read(&mm->mmap_sem);
-
- return 0;
-}
-
-static long svm_remap_get_phys(struct mm_struct *mm, struct vm_area_struct *vma,
- unsigned long addr, unsigned long *phys,
- unsigned long *page_size, unsigned long *offset)
-{
- long err = -EINVAL;
- pgd_t *pgd = NULL;
- pud_t *pud = NULL;
- pte_t *pte = NULL;
-
- if (mm == NULL || vma == NULL || phys == NULL ||
- page_size == NULL || offset == NULL)
- return err;
-
- pgd = pgd_offset(mm, addr);
- if (pgd_none(*pgd))
- return err;
-
- pud = pud_offset(pgd, addr);
- if (pud_none(*pud))
- return err;
-
- pte = svm_get_pte(vma, pud, addr, page_size, offset);
- if (pte && pte_present(*pte)) {
- *phys = PFN_PHYS(pte_pfn(*pte));
- return 0;
- }
-
- return err;
-}
-
-static long svm_remap_proc(unsigned long __user *arg)
-{
- long ret = -EINVAL;
- struct svm_proc_mem pmem;
- struct task_struct *ptask = NULL;
- struct mm_struct *pmm = NULL, *mm = current->mm;
- struct vm_area_struct *pvma = NULL, *vma = NULL;
- unsigned long end, vaddr, phys, buf, offset, pagesize;
-
- if (!acpi_disabled)
- return -EPERM;
-
- if (arg == NULL) {
- pr_err("arg is invalid.\n");
- return ret;
- }
-
- ret = copy_from_user(&pmem, (void __user *)arg, sizeof(pmem));
- if (ret) {
- pr_err("failed to copy args from user space.\n");
- return -EFAULT;
- }
-
- if (pmem.buf & (PAGE_SIZE - 1)) {
- pr_err("address is not aligned with page size, addr:%pK.\n",
- (void *)pmem.buf);
- return -EINVAL;
- }
-
- if (pmem.pid) {
- ptask = find_get_task_by_vpid(pmem.pid);
- if (!ptask) {
- pr_err("No task for this pid\n");
- return -EINVAL;
- }
- } else {
- rcu_read_lock();
- ptask = current;
- get_task_struct(ptask);
- rcu_read_unlock();
- }
-
- pmm = ptask->mm;
-
- down_read(&mm->mmap_sem);
- down_read(&pmm->mmap_sem);
-
- pvma = find_vma(pmm, pmem.vaddr);
- if (pvma == NULL) {
- ret = -ESRCH;
- goto err;
- }
-
- vma = find_vma(mm, pmem.buf);
- if (vma == NULL) {
- ret = -ESRCH;
- goto err;
- }
-
- if (pmem.len > SVM_REMAP_MEM_LEN_MAX) {
- ret = -EINVAL;
- pr_err("too large length of memory.\n");
- goto err;
- }
- vaddr = pmem.vaddr;
- end = vaddr + pmem.len;
- buf = pmem.buf;
- vma->vm_flags |= VM_SHARED;
- if (end > pvma->vm_end || end < vaddr) {
- ret = -EINVAL;
- pr_err("memory length is out of range, vaddr:%pK, len:%u.\n",
- (void *)vaddr, pmem.len);
- goto err;
- }
-
- do {
- ret = svm_remap_get_phys(pmm, pvma, vaddr,
- &phys, &pagesize, &offset);
- if (ret) {
- ret = -EINVAL;
- goto err;
- }
-
- vaddr += pagesize - offset;
-
- do {
- if (remap_pfn_range(vma, buf, phys >> PAGE_SHIFT,
- PAGE_SIZE,
- __pgprot(vma->vm_page_prot.pgprot |
- PTE_DIRTY))) {
-
- ret = -ESRCH;
- goto err;
- }
-
- offset += PAGE_SIZE;
- buf += PAGE_SIZE;
- phys += PAGE_SIZE;
- } while (offset < pagesize);
-
- } while (vaddr < end);
-
-err:
- up_read(&pmm->mmap_sem);
- up_read(&mm->mmap_sem);
- put_task_struct(ptask);
- return ret;
-}
-
static int svm_proc_load_flag(int __user *arg)
{
static atomic_t l2buf_load_flag = ATOMIC_INIT(0);
@@ -1897,18 +1717,12 @@ static long svm_ioctl(struct file *file, unsigned int cmd,
case SVM_IOCTL_GET_PHYS:
err = svm_get_phys((unsigned long __user *)arg);
break;
- case SVM_IOCTL_SET_RC:
- err = svm_set_rc((unsigned long __user *)arg);
- break;
case SVM_IOCTL_PIN_MEMORY:
err = svm_pin_memory((unsigned long __user *)arg);
break;
case SVM_IOCTL_UNPIN_MEMORY:
err = svm_unpin_memory((unsigned long __user *)arg);
break;
- case SVM_IOCTL_REMAP_PROC:
- err = svm_remap_proc((unsigned long __user *)arg);
- break;
case SVM_IOCTL_LOAD_FLAG:
err = svm_proc_load_flag((int __user *)arg);
break;
@@ -1922,12 +1736,12 @@ static long svm_ioctl(struct file *file, unsigned int cmd,
err = svm_sp_free_mem((unsigned long __user *)arg);
break;
default:
- err = -EINVAL;
- }
+ err = -EINVAL;
+ }
- if (err)
- dev_err(sdev->dev, "%s: %s failed err = %d\n", __func__,
- svm_cmd_to_string(cmd), err);
+ if (err)
+ dev_err(sdev->dev, "%s: %s failed err = %d\n", __func__,
+ svm_cmd_to_string(cmd), err);
return err;
}
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS] Revert "posix-cpu-timers: Make timespec to nsec conversion safe"
by Yongqiang Liu 19 Nov '22
by Yongqiang Liu 19 Nov '22
19 Nov '22
From: Yuyao Lin <linyuyao1(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I61XP8
CVE: NA
--------------------------------
This reverts commit 098b0e01a91c42aaaf0425605cd126b03fcb0bcf.
Function timespec64_to_ns() Add the upper and lower limits check in
commit c0b527413194 ("time: Prevent undefined behaviour in timespec64_to_ns()"),
timespec64_to_ktime() only check the upper limits, so revert this
patch can fix overflow.
Signed-off-by: Yuyao Lin <linyuyao1(a)huawei.com>
Reviewed-by: Wei Li <liwei391(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
kernel/time/posix-cpu-timers.c | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/kernel/time/posix-cpu-timers.c b/kernel/time/posix-cpu-timers.c
index bfaa44a80c03..5ea7ccfb62b8 100644
--- a/kernel/time/posix-cpu-timers.c
+++ b/kernel/time/posix-cpu-timers.c
@@ -584,11 +584,7 @@ static int posix_cpu_timer_set(struct k_itimer *timer, int timer_flags,
if (WARN_ON_ONCE(!p))
return -EINVAL;
- /*
- * Use the to_ktime conversion because that clamps the maximum
- * value to KTIME_MAX and avoid multiplication overflows.
- */
- new_expires = ktime_to_ns(timespec64_to_ktime(new->it_value));
+ new_expires = timespec64_to_ns(&new->it_value);
/*
* Protect against sighand release/switch in exit/exec and p->cpu_timers
--
2.25.1
1
0
19 Nov '22
From: Yuyao Lin <linyuyao1(a)huawei.com>
Offering: HULK
hulk inclusion
category: bugfix
bugzilla: 186339
--------------------------------
This reverts commit 098b0e01a91c42aaaf0425605cd126b03fcb0bcf.
Function timespec64_to_ns() Add the upper and lower limits check in
commit c0b527413194 ("time: Prevent undefined behaviour in timespec64_to_ns()"),
timespec64_to_ktime() only check the upper limits, so revert this
patch can fix overflow.
Signed-off-by: Yuyao Lin <linyuyao1(a)huawei.com>
Reviewed-by: Wei Li <liwei391(a)huawei.com>
Signed-off-by: Laibin Qiu <qiulaibin(a)huawei.com>
---
kernel/time/posix-cpu-timers.c | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/kernel/time/posix-cpu-timers.c b/kernel/time/posix-cpu-timers.c
index bfaa44a80c03..5ea7ccfb62b8 100644
--- a/kernel/time/posix-cpu-timers.c
+++ b/kernel/time/posix-cpu-timers.c
@@ -584,11 +584,7 @@ static int posix_cpu_timer_set(struct k_itimer *timer, int timer_flags,
if (WARN_ON_ONCE(!p))
return -EINVAL;
- /*
- * Use the to_ktime conversion because that clamps the maximum
- * value to KTIME_MAX and avoid multiplication overflows.
- */
- new_expires = ktime_to_ns(timespec64_to_ktime(new->it_value));
+ new_expires = timespec64_to_ns(&new->it_value);
/*
* Protect against sighand release/switch in exit/exec and p->cpu_timers
--
2.25.1
1
0
[PATCH openEuler-1.0-LTS 1/3] Bluetooth: L2CAP: Fix attempting to access uninitialized memory
by Yongqiang Liu 19 Nov '22
by Yongqiang Liu 19 Nov '22
19 Nov '22
From: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
stable inclusion
from stable-v4.19.265
commit 36919a82f335784d86b4def308739559bb47943d
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5ZNRS
CVE: CVE-2022-42895
--------------------------------
commit b1a2cd50c0357f243b7435a732b4e62ba3157a2e upstream.
On l2cap_parse_conf_req the variable efs is only initialized if
remote_efs has been set.
CVE: CVE-2022-42895
CC: stable(a)vger.kernel.org
Reported-by: Tamás Koczka <poprdi(a)google.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com>
Reviewed-by: Tedd Ho-Jeong An <tedd.an(a)intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Baisong Zhong <zhongbaisong(a)huawei.com>
Reviewed-by: Liu Jian <liujian56(a)huawei.com>
Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
net/bluetooth/l2cap_core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 436a92e3bf20..b6c57a48870a 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -3517,7 +3517,8 @@ static int l2cap_parse_conf_req(struct l2cap_chan *chan, void *data, size_t data
l2cap_add_conf_opt(&ptr, L2CAP_CONF_RFC,
sizeof(rfc), (unsigned long) &rfc, endptr - ptr);
- if (test_bit(FLAG_EFS_ENABLE, &chan->flags)) {
+ if (remote_efs &&
+ test_bit(FLAG_EFS_ENABLE, &chan->flags)) {
chan->remote_id = efs.id;
chan->remote_stype = efs.stype;
chan->remote_msdu = le16_to_cpu(efs.msdu);
--
2.25.1
1
2
1
0
From: Wang Wensheng <wangwensheng4(a)huawei.com>
Offering: HULK
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I61RA3
-------------------------------
The following three ioctl command are not in used at all. Delete those
implementation.
SVM_IOCTL_SET_RC
SVM_IOCTL_REMAP_PROC
Signed-off-by: Wang Wensheng <wangwensheng4(a)huawei.com>
---
drivers/char/svm.c | 192 +--------------------------------------------
1 file changed, 2 insertions(+), 190 deletions(-)
diff --git a/drivers/char/svm.c b/drivers/char/svm.c
index 3b591f197af6..6945e93354b4 100644
--- a/drivers/char/svm.c
+++ b/drivers/char/svm.c
@@ -1085,188 +1085,6 @@ static int svm_open(struct inode *inode, struct file *file)
return 0;
}
-static int svm_set_rc(unsigned long __user *arg)
-{
- unsigned long addr, size, rc;
- unsigned long end, page_size, offset;
- pte_t *pte = NULL;
- struct mm_struct *mm = current->mm;
-
- if (acpi_disabled)
- return -EPERM;
-
- if (arg == NULL)
- return -EINVAL;
-
- if (get_user(addr, arg))
- return -EFAULT;
-
- if (get_user(size, arg + 1))
- return -EFAULT;
-
- if (get_user(rc, arg + 2))
- return -EFAULT;
-
- end = addr + size;
- if (addr >= end)
- return -EINVAL;
-
- down_read(&mm->mmap_lock);
- while (addr < end) {
- pte = svm_walk_pt(addr, &page_size, &offset);
- if (!pte) {
- up_read(&mm->mmap_lock);
- return -ESRCH;
- }
- pte->pte |= (rc & (u64)0x0f) << 59;
- addr += page_size - offset;
- }
- up_read(&mm->mmap_lock);
-
- return 0;
-}
-
-static long svm_remap_get_phys(struct mm_struct *mm, struct vm_area_struct *vma,
- unsigned long addr, unsigned long *phys,
- unsigned long *page_size, unsigned long *offset)
-{
- long err = -EINVAL;
- pgd_t *pgd = NULL;
- p4d_t *p4d = NULL;
- pud_t *pud = NULL;
- pte_t *pte = NULL;
-
- if (mm == NULL || vma == NULL || phys == NULL ||
- page_size == NULL || offset == NULL)
- return err;
-
- pgd = pgd_offset(mm, addr);
- if (pgd_none(*pgd))
- return err;
-
- p4d = p4d_offset(pgd, addr);
- if (p4d_none(*p4d))
- return err;
-
- pud = pud_offset(p4d, addr);
- if (pud_none(*pud))
- return err;
-
- pte = svm_get_pte(vma, pud, addr, page_size, offset);
- if (pte && pte_present(*pte)) {
- *phys = PFN_PHYS(pte_pfn(*pte));
- return 0;
- }
-
- return err;
-}
-
-static long svm_remap_proc(unsigned long __user *arg)
-{
- long ret = -EINVAL;
- struct svm_proc_mem pmem;
- struct task_struct *ptask = NULL;
- struct mm_struct *pmm = NULL, *mm = current->mm;
- struct vm_area_struct *pvma = NULL, *vma = NULL;
- unsigned long end, vaddr, phys, buf, offset, pagesize;
-
- if (!acpi_disabled)
- return -EPERM;
-
- if (arg == NULL) {
- pr_err("arg is invalid.\n");
- return ret;
- }
-
- ret = copy_from_user(&pmem, (void __user *)arg, sizeof(pmem));
- if (ret) {
- pr_err("failed to copy args from user space.\n");
- return -EFAULT;
- }
-
- if (pmem.buf & (PAGE_SIZE - 1)) {
- pr_err("address is not aligned with page size, addr:%pK.\n",
- (void *)pmem.buf);
- return -EINVAL;
- }
-
- if (pmem.pid) {
- ptask = find_get_task_by_vpid(pmem.pid);
- if (!ptask) {
- pr_err("No task for this pid\n");
- return -EINVAL;
- }
- } else {
- ptask = current;
- }
-
- pmm = ptask->mm;
-
- down_read(&mm->mmap_lock);
- down_read(&pmm->mmap_lock);
-
- pvma = find_vma(pmm, pmem.vaddr);
- if (pvma == NULL) {
- ret = -ESRCH;
- goto err;
- }
-
- vma = find_vma(mm, pmem.buf);
- if (vma == NULL) {
- ret = -ESRCH;
- goto err;
- }
-
- if (pmem.len > SVM_REMAP_MEM_LEN_MAX) {
- ret = -EINVAL;
- pr_err("too large length of memory.\n");
- goto err;
- }
- vaddr = pmem.vaddr;
- end = vaddr + pmem.len;
- buf = pmem.buf;
- vma->vm_flags |= VM_SHARED;
- if (end > pvma->vm_end || end < vaddr) {
- ret = -EINVAL;
- pr_err("memory length is out of range, vaddr:%pK, len:%u.\n",
- (void *)vaddr, pmem.len);
- goto err;
- }
-
- do {
- ret = svm_remap_get_phys(pmm, pvma, vaddr,
- &phys, &pagesize, &offset);
- if (ret) {
- ret = -EINVAL;
- goto err;
- }
-
- vaddr += pagesize - offset;
-
- do {
- if (remap_pfn_range(vma, buf, phys >> PAGE_SHIFT,
- PAGE_SIZE,
- __pgprot(vma->vm_page_prot.pgprot |
- PTE_DIRTY))) {
-
- ret = -ESRCH;
- goto err;
- }
-
- offset += PAGE_SIZE;
- buf += PAGE_SIZE;
- phys += PAGE_SIZE;
- } while (offset < pagesize);
-
- } while (vaddr < end);
-
-err:
- up_read(&pmm->mmap_lock);
- up_read(&mm->mmap_lock);
- put_task_struct(ptask);
- return ret;
-}
-
static int svm_proc_load_flag(int __user *arg)
{
static atomic_t l2buf_load_flag = ATOMIC_INIT(0);
@@ -1432,18 +1250,12 @@ static long svm_ioctl(struct file *file, unsigned int cmd,
case SVM_IOCTL_GET_PHYS:
err = svm_get_phys((unsigned long __user *)arg);
break;
- case SVM_IOCTL_SET_RC:
- err = svm_set_rc((unsigned long __user *)arg);
- break;
case SVM_IOCTL_PIN_MEMORY:
err = svm_pin_memory((unsigned long __user *)arg);
break;
case SVM_IOCTL_UNPIN_MEMORY:
err = svm_unpin_memory((unsigned long __user *)arg);
break;
- case SVM_IOCTL_REMAP_PROC:
- err = svm_remap_proc((unsigned long __user *)arg);
- break;
case SVM_IOCTL_LOAD_FLAG:
err = svm_proc_load_flag((int __user *)arg);
break;
@@ -1451,8 +1263,8 @@ static long svm_ioctl(struct file *file, unsigned int cmd,
err = svm_release_phys32((unsigned long __user *)arg);
break;
default:
- err = -EINVAL;
- }
+ err = -EINVAL;
+ }
if (err)
dev_err(sdev->dev, "%s: %s failed err = %d\n", __func__,
--
2.17.1
1
0
Backport 5.10.137 LTS patches from upstream.
git cherry-pick v5.10.136..v5.10.137~1 -s
Already merged(-36):
f5f3e54f8116 mm: Add kvrealloc()
e32bb2428104 xfs: only set IOMAP_F_SHARED when providing a srcmap to a write
0a69f1f84207 xfs: fix I_DONTCACHE
2613baa3ab21 mm/mremap: hold the rmap lock in write mode when moving page table
entries.
1a4b18b1ff11 netfilter: nf_tables: do not allow SET_ID to refer to another table
9e7dcb88ec8e netfilter: nf_tables: do not allow CHAIN_ID to refer to another
table
0cc5c6b7567d netfilter: nf_tables: do not allow RULE_ID to refer to another
chain
353b4673d01c arm64: fix oops in concurrently setting insn_emulation sysctls
d0412d8f693e net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
eccd7c3e2596 ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
1f697d795290 crypto: hisilicon/sec - fixes some coding style
16e18a8ac7c9 crypto: hisilicon/sec - don't sleep when in softirq
0ecc91cf9645 RDMA/hns: Fix incorrect clearing of interrupt status register
914bf4aa2d5b jbd2: fix outstanding credits assert in
jbd2_journal_commit_transaction()
a6d7f224730e ext4: recover csum seed of tmp_inode after migrating to extents
f7161d0da975 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when
journal aborted
541840859ace posix-cpu-timers: Cleanup CPU timers before freeing them during
exec
dce8d7427c6a PCI/AER: Write AER Capability only when we control it
78d431e8a56c PCI/ERR: Bind RCEC devices to the Root Port driver
de4534ac28c4 PCI/ERR: Rename reset_link() to reset_subordinates()
f236fa38508b PCI/ERR: Simplify by using pci_upstream_bridge()
2e3458b995aa PCI/ERR: Simplify by computing pci_pcie_type() once
078d79fad521 PCI/ERR: Use "bridge" for clarity in pcie_do_recovery()
7730ba6151b7 PCI/ERR: Avoid negated conditional for clarity
bb6990fd3729 PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery()
d83d886e69bd PCI/ERR: Recover from RCEC AER errors
5e2cf705155a dm thin: fix use-after-free crash in
dm_sm_register_threshold_callback
441726394efa KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh
1571c4613059 ext4: check if directory block is within i_size
2da44a2927a7 ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
69d1a36eb4b2 ext4: make sure ext4_append() always allocates new block
bb8592efcf8e ext4: fix use-after-free in ext4_xattr_set_entry
603fb7bd744a ext4: correct max_inline_xattr_value_size computing
d0b495aa2692 ext4: correct the misjudgment in ext4_iget_extra_inode
7018f03d97da net_sched: cls_route: remove from list when handle is 0
a93f33aeef4e driver core: fix potential deadlock in __driver_attach
Rejected due to openEuler hinic driver maintenance policy(-3):
8369a39b529d hinic: Use the bitmap API when applicable
e286a882f227 net: hinic: fix bug that ethtool get wrong stats
e74f3097a9c7 net: hinic: avoid kernel hung in hinic_get_stats64()
Total patches: 540 -36 -3 = 501
Aaron Lewis (1):
kvm: x86/pmu: Fix the compare function used by the pmu event filter
Adrian Hunter (1):
perf tools: Fix dso_id inode generation comparison
Ahmed Zaki (1):
mac80211: fix a memory leak where sta_info is not freed
Al Viro (1):
__follow_mount_rcu(): verify that mount_lock remains unchanged
Alex Deucher (1):
drm/radeon: fix incorrrect SPDX-License-Identifiers
Alexander Gordeev (2):
s390/dump: fix old lowcore virtual vs physical address confusion
s390/zcore: fix race when reading from hardware system area
Alexander Lobakin (3):
ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr()
x86/olpc: fix 'logical not is only applied to the left hand side'
iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
Alexander Shishkin (4):
intel_th: msu: Fix vmalloced buffers
intel_th: pci: Add Meteor Lake-P support
intel_th: pci: Add Raptor Lake-S PCH support
intel_th: pci: Add Raptor Lake-S CPU support
Alexander Stein (6):
ARM: dts: imx6ul: add missing properties for sram
ARM: dts: imx6ul: change operating-points to uint32-matrix
ARM: dts: imx6ul: fix keypad compatible
ARM: dts: imx6ul: fix csi node compatible
ARM: dts: imx6ul: fix lcdif node compatible
ARM: dts: imx6ul: fix qspi node compatible
Alexandru Elisei (1):
arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1
Alexei Starovoitov (1):
bpf: Fix subprog names in stack traces.
Alexey Khoroshilov (1):
crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs()
Alexey Kodanev (2):
drm/radeon: fix potential buffer overflow in
ni_set_mc_special_registers()
wifi: iwlegacy: 4965: fix potential off-by-one overflow in
il4965_rs_fill_link_cmd()
Allen Ballway (1):
ALSA: hda/cirrus - support for iMac 12,1 model
Amit Kumar Mahapatra (1):
mtd: rawnand: arasan: Update NAND bus clock instead of system clock
Ammar Faizi (1):
wifi: wil6210: debugfs: fix uninitialized variable use in
`wil_write_file_wmi()`
Andrea Righi (1):
x86/entry: Build thunk_$(BITS) only if CONFIG_PREEMPTION=y
Andrei Vagin (1):
selftests: kvm: set rax before vmcall
Andrey Strachuk (1):
usb: cdns3: change place of 'priv_ep' assignment in
cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()
Andy Shevchenko (2):
serial: 8250_pci: Refactor the loop in pci_ite887x_init()
serial: 8250_pci: Replace dev_*() by pci_*() macros
AngeloGioacchino Del Regno (2):
media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment
rpmsg: mtk_rpmsg: Fix circular locking dependency
Anquan Wu (1):
libbpf: Fix the name of a reused map
Anshuman Khandual (1):
drivers/perf: arm_spe: Fix consistency of SYS_PMSCR_EL1.CX
Ansuel Smith (1):
clk: qcom: clk-krait: unlock spin after mux completion
Antonio Borneo (2):
genirq: Don't return error on missing optional irq_request_resources()
drm: adv7511: override i2c address of cec before accessing it
Arnaldo Carvalho de Melo (1):
genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined
HAVE_LIBCRYPTO
Artem Borisov (1):
HID: alps: Declare U1_UNICORN_LEGACY support
Arun Easi (3):
scsi: qla2xxx: Fix discovery issues in FC-AL topology
scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
Athira Rajeev (1):
powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for
PMI check in power_pmu_disable
Austin Kim (1):
dmaengine: sf-pdma: apply proper spinlock flags in
sf_pdma_prep_dma_memcpy()
Bart Van Assche (4):
blktrace: Trace remapped requests correctly
RDMA/srpt: Duplicate port name members
RDMA/srpt: Introduce a reference count in struct srpt_device
RDMA/srpt: Fix a use-after-free
Bartosz Golaszewski (2):
lib: bitmap: order includes alphabetically
lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
Bean Huo (1):
nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
Bedant Patnaik (1):
ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
Benjamin Segall (1):
epoll: autoremove wakers even more aggressively
Biju Das (1):
spi: spi-rspi: Fix PIO fallback on RZ platforms
Bikash Hazarika (2):
scsi: qla2xxx: Fix incorrect display of max frame size
scsi: qla2xxx: Zero undefined mailbox IN registers
Bo-Chen Chen (1):
drm/mediatek: dpi: Remove output format of YUV
Brian Norris (1):
drm/rockchip: vop: Don't crash for invalid duplicate_state()
Byungki Lee (1):
f2fs: write checkpoint during FG_GC
Chao Liu (1):
f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same
time
Chao Yu (1):
f2fs: don't set GC_FAILURE_PIN for background GC
Chen Zhongjin (2):
profiling: fix shift too large makes kernel panic
kprobes: Forbid probing on trampoline and BPF code areas
Cheng Xu (1):
RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
Christian Lamparter (1):
ARM: dts: BCM5301X: Add DT for Meraki MR26
Christian Loehle (1):
mmc: block: Add single read for 4k sector cards
Christian Marangi (1):
PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
Christoph Hellwig (1):
block: remove the request_queue to argument request based tracepoints
Christophe JAILLET (8):
drm/rockchip: Fix an error handling path rockchip_dp_probe()
wifi: p54: Fix an error handling path in p54spi_probe()
mtd: rawnand: meson: Fix a potential double free issue
misc: rtsx: Fix an error handling path in rtsx_pci_probe()
intel_th: Fix a resource leak in an error handling path
memstick/ms_block: Fix some incorrect memory allocation
memstick/ms_block: Fix a memory leak
ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp()
Christophe Leroy (2):
powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E
powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32
Christopher Obbard (1):
um: random: Don't initialise hwrng struct with zero
Chuansheng Liu (1):
drm/i915/dg1: Update DMC_DEBUG3 register
Claudio Imbrenda (1):
KVM: s390: pv: leak the topmost page table when destroy fails
Claudiu Beznea (1):
ASoC: mchp-spdifrx: disable end of block interrupt on failures
Corentin Labbe (1):
crypto: sun8i-ss - do not allocate memory when handling hash requests
Dan Carpenter (8):
wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
crypto: sun8i-ss - fix error codes in allocate_flows()
wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
selftests/bpf: fix a test for snprintf() overflow
eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write()
platform/olpc: Fix uninitialized data in debugfs write
null_blk: fix ida error handling in null_add_dev()
kfifo: fix kfifo_to_user() return type
Dan Williams (1):
ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
Daniel Starke (8):
tty: n_gsm: fix user open not possible at responder until initiator
open
tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
tty: n_gsm: fix non flow control frames during mux flow off
tty: n_gsm: fix packet re-transmission without open control channel
tty: n_gsm: fix race condition in gsmld_write()
tty: n_gsm: fix wrong T1 retry count handling
tty: n_gsm: fix DM command
tty: n_gsm: fix missing corner cases in gsmld_poll()
Dave Stevenson (8):
drm/vc4: plane: Fix margin calculations for the right/bottom edges
drm/vc4: dsi: Correct DSI divider calculations
drm/vc4: dsi: Correct pixel order for DSI0
drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
drm/vc4: dsi: Fix dsi0 interrupt support
drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
iteration
drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
component
David Collins (1):
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
David Howells (1):
vfs: Check the truncate maximum size in inode_newsize_ok()
Dietmar Eggemann (1):
sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
Dimitri John Ledkov (1):
riscv: set default pm_power_off to NULL
Dmitry Osipenko (1):
drm/gem: Properly annotate WW context on drm_gem_lock_reservations()
error
Dom Cobley (3):
drm/vc4: plane: Remove subpixel positioning check
drm/vc4: hdmi: Remove firmware logic for MAI threshold setting
drm/vc4: hdmi: Avoid full hdmi audio fifo writes
Duoming Zhou (3):
mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release
mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
staging: rtl8192u: Fix sleep in atomic context bug in
dm_fsync_timer_callback
Elia Devito (1):
HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
Eric Dumazet (5):
inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
net: rose: fix netdev reference changes
tcp: fix over estimation in sk_forced_mem_schedule()
Eric Farman (1):
vfio/ccw: Do not change FSM state in subchannel event
Eric Whitney (1):
ext4: fix extent status tree race in writeback error recovery path
Eugen Hristev (1):
mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R
Florian Fainelli (1):
tools/thermal: Fix possible path truncations
Florian Westphal (1):
netfilter: nf_tables: fix null deref due to zeroed list head
Francis Laniel (1):
arm64: Do not forget syscall when starting a new thread.
Gal Pressman (1):
net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
cipher/version
Gao Xiang (1):
erofs: avoid consecutive detection for Highmem memory
Geert Uytterhoeven (3):
arm64: dts: renesas: beacon: Fix regulator node names
soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values
arm64: dts: renesas: Fix thermal-sensors on single-zone sensors
Gioh Kim (1):
RDMA/rtrs: Define MIN_CHUNK_SIZE
Greg Kroah-Hartman (1):
Revert "mwifiex: fix sleep in atomic context bugs caused by
dev_coredumpv"
Guilherme G. Piccoli (1):
ACPI: processor/idle: Annotate more functions to live in cpuidle
section
Guillaume Ranquet (1):
drm/mediatek: dpi: Only enable dpi after the bridge is enabled
Guo Mengqi (1):
spi: synquacer: Add missing clk_disable_unprepare()
Hangyu Hua (3):
drm: bridge: sii8620: fix possible off-by-one
wifi: libertas: Fix possible refcount leak in if_usb_probe()
dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
Hans de Goede (2):
ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI
quirks
ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
Harshit Mogalapalli (2):
HID: cp2112: prevent a buffer overflow in cp2112_xfer()
HID: mcp2221: prevent a buffer overflow in mcp_smbus_write()
Helge Deller (4):
fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
fbcon: Fix accelerated fbdev scrolling while logo is still shown
parisc: Fix device names in /proc/iomem
parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat
mode
Huacai Chen (2):
MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
Ian Rogers (1):
perf symbol: Fail to read phdr workaround
Ilpo Järvinen (1):
serial: 8250_dw: Store LSR into lsr_saved_flags in
dw8250_tx_wait_empty()
Ivan Hasenkampf (1):
ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
Jack Wang (2):
RDMA/rtrs: Avoid Wtautological-constant-out-of-range-compare
RDMA/rtrs-srv: Fix modinfo output for stringify
Jagath Jog J (2):
iio: accel: bma400: Fix the scale min and max macro values
iio: accel: bma400: Reordering of header files
Jakub Kicinski (1):
netdevsim: Avoid allocation warnings triggered from user space
Jamal Hadi Salim (1):
net_sched: cls_route: disallow handle of 0
Jan Kara (1):
ext2: Add more validity checks for inode counts
Jason A. Donenfeld (4):
fs: check FMODE_LSEEK to control internal pipe splicing
wireguard: ratelimiter: use hrtimer in selftest
wireguard: allowedips: don't corrupt stack when detecting overflow
timekeeping: contribute wall clock to rng on time change
Jason Gunthorpe (4):
vfio: Remove extra put/gets around vfio_device->group
vfio: Simplify the lifetime logic for vfio_device
vfio: Split creation of a vfio_device into init and register ops
vfio/mdev: Make to_mdev_device() into a static inline
Javier Martinez Canillas (1):
drm/st7735r: Fix module autoloading for Okaya RH128128T
Jens Wiklander (1):
tee: add overflow check in register_shm_helper()
Jeongik Cha (1):
wifi: mac80211_hwsim: fix race condition in pending packet
Jernej Skrabec (1):
media: cedrus: hevc: Add check for invalid timestamp
Jiachen Zhang (1):
ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
Jian Shen (2):
test_bpf: fix incorrect netdev features
net: ionic: fix error check for vlan flags in ionic_set_nic_features()
Jian Zhang (1):
drm/exynos/exynos7_drm_decon: free resources when clk_set_parent()
failed.
Jianglei Nie (2):
RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
Jiasheng Jiang (4):
drm: bridge: adv7511: Add check for mipi_dsi_driver_register
Bluetooth: hci_intel: Add check for platform_driver_register
intel_th: msu-sink: Potential dereference of null pointer
ASoC: codecs: da7210: add check for i2c_add_driver
Jim Mattson (2):
KVM: x86/pmu: Use binary search to check filtered events
KVM: x86/pmu: Use different raw event masks for AMD and Intel
Jitao Shi (2):
drm/mediatek: Separate poweron/poweroff from enable/disable and define
new funcs
drm/mediatek: Keep dsi as LP00 before dcs cmds transfer
Joe Lawrence (1):
selftests/livepatch: better synchronize test_klp_callbacks_busy
Johan Hovold (4):
x86/pmem: Fix platform-device leak in error path
ath11k: fix netdev open race
usb: dwc3: qcom: fix missing optional irq warnings
USB: serial: fix tty-port initialized comments
Johannes Berg (3):
wifi: mac80211_hwsim: add back erroneously removed cast
wifi: mac80211_hwsim: use 32-bit skb cookie
um: Allow PM with suspend-to-idle
Jonas Dreßler (1):
mwifiex: Ignore BTCOEX events from the 88W8897 firmware
Jose Alonso (1):
Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
Jose Ignacio Tornos Martinez (1):
wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
Josef Bacik (1):
btrfs: reset block group chunk force if we have to wait
Josh Poimboeuf (1):
scripts/faddr2line: Fix vmlinux detection on arm64
Julien STEPHAN (1):
drm/mediatek: Allow commands to be sent during video mode
Juri Lelli (1):
wait: Fix __wait_event_hrtimeout for RT/DL tasks
Kai Ye (1):
crypto: hisilicon/sec - fix auth key size error
Keith Busch (1):
block: fix infinite loop for invalid zone append
Kim Phillips (1):
x86/bugs: Enable STIBP for IBPB mitigated RETBleed
Konrad Dybcio (1):
soc: qcom: Make QCOM_RPMPD depend on PM
Krzysztof Kozlowski (6):
ARM: dts: ast2500-evb: fix board compatible
ARM: dts: ast2600-evb: fix board compatible
ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg
ARM: dts: qcom: pm8841: add required thermal-sensor-cells
ath10k: do not enforce interrupt trigger type
ASoC: samsung: h1940_uda1380: include proepr GPIO consumer header
Kunihiko Hayashi (2):
ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC
arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC
Kuniyuki Iwashima (1):
tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
Lars-Peter Clausen (1):
i2c: cadence: Support PEC for SMBus block read
Leo Li (1):
drm/amdgpu: Check BO's requested pinning domains against its
preferred_domains
Lev Kujawski (1):
KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
Liang He (14):
ARM: OMAP2+: display: Fix refcount leak bug
ARM: shmobile: rcar-gen2: Increase refcount for new reference
soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
regulator: of: Fix refcount leak bug in
of_get_regulation_constraints()
mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
i2c: mux-gpmux: Add of_node_put() when breaking out of loop
usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
mmc: cavium-octeon: Add of_node_put() when breaking out of loop
mmc: cavium-thunderx: Add of_node_put() when breaking out of loop
ASoC: qcom: Fix missing of_node_put() in
asoc_qcom_lpass_cpu_platform_probe()
iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of
loop
ASoC: audio-graph-card: Add of_node_put() in fail path
video: fbdev: amba-clcd: Fix refcount leak bugs
Like Xu (2):
KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support
global_ctrl
Linus Walleij (2):
Input: atmel_mxt_ts - fix up inverted RESET handler
hwmon: (drivetemp) Add module alias
Linyu Yuan (1):
usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
Lorenzo Bianconi (1):
mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
Luiz Augusto von Dentz (1):
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
Lukas Wunner (3):
usbnet: Fix linkwatch use-after-free on disconnect
usbnet: smsc95xx: Don't clear read-only PHY interrupt
usbnet: smsc95xx: Avoid link settings race on interrupt reception
Lv Ruyi (1):
firmware: tegra: Fix error check return value of debugfs_create_file()
Lyude Paul (2):
drm/nouveau: Don't pm_runtime_put_sync(), only
pm_runtime_put_autosuspend()
drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from
pm_runtime
Maciej Fijalkowski (1):
selftests/xsk: Destroy BPF resources only when ctx refcount drops to 0
Maciej S. Szmigiero (1):
KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
Maciej W. Rozycki (4):
serial: 8250: Export ICR access helpers for internal use
serial: 8250: Dissociate 4MHz Titan ports from Oxford ports
serial: 8250: Correct the clock for OxSemi PCIe devices
serial: 8250: Fold EndRun device support into OxSemi Tornado code
Mahesh Rajashekhara (1):
scsi: smartpqi: Fix DMA direction for RAID requests
Manikanta Pubbisetty (1):
ath11k: Fix incorrect debug_mask mappings
Manyi Li (1):
ACPI: PM: save NVS memory for Lenovo G40-45
Maor Gottlieb (1):
RDMA/mlx5: Add missing check for return value in get namespace flow
Marcel Ziswiler (1):
ARM: dts: imx7d-colibri-emmc: add cpu1 supply
Marco Pagani (1):
fpga: altera-pr-ip: fix unsigned comparison with less than zero
Marek Vasut (3):
drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into
dedicated function
drm/bridge: tc358767: Make sure Refclk clock are enabled
drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in dedicated
function
Markus Mayer (1):
thermal/tools/tmon: Include pthread and time headers in tmon.h
Mateusz Kwiatkowski (1):
drm/vc4: hdmi: Fix timings for interlaced modes
Max Filippov (1):
xtensa: iss/network: provide release() callback
Maxim Mikityanskiy (1):
net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
Maxime Ripard (5):
drm/vc4: drv: Remove the DSI pointer in vc4_drv
drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array
drm/vc4: dsi: Introduce a variant structure
drm/vc4: hdmi: Don't access the connector state in reset if kmalloc
fails
drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling
Maximilian Heyne (1):
xen-blkback: Apply 'feature_persistent' parameter when connect
Meng Tang (2):
ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
ALSA: hda/realtek: Add quirk for another Asus K42JZ model
Miaohe Lin (1):
mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
Miaoqian Lin (27):
meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
ARM: bcm: Fix refcount leak in bcm_kona_smc_init
ARM: OMAP2+: Fix refcount leak in omapdss_init_of
ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
cpufreq: zynq: Fix refcount leak in zynq_get_revision
soc: qcom: ocmem: Fix refcount leak in of_get_ocmem
soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register
drm/mcde: Fix refcount leak in mcde_dsi_bind
media: tw686x: Fix memory leak in tw686x_video_init
mtd: maps: Fix refcount leak in of_flash_probe_versatile
mtd: maps: Fix refcount leak in ap_flash_init
PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()
mtd: partitions: Fix refcount leak in parse_redboot_of
usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe
ASoC: samsung: Fix error handling in aries_audio_probe
ASoC: mediatek: mt8173: Fix refcount leak in
mt8173_rt5650_rt5676_dev_probe
ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe
ASoC: mediatek: mt8173-rt5650: Fix refcount leak in
mt8173_rt5650_dev_probe
remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init
rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
mfd: max77620: Fix refcount leak in max77620_initialise_fps
powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
powerpc/xive: Fix refcount leak in xive_get_max_prio
powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
Michael Ellerman (3):
powerpc/powernv: Avoid crashing if rng is NULL
powerpc/64s: Disable stack variable initialisation for prom_init
powerpc/pci: Fix PHB numbering when using opal-phbid
Michael Grzeschik (2):
usb: dwc3: gadget: refactor dwc3_repare_one_trb
usb: dwc3: gadget: fix high speed multiplier setting
Michael Walle (1):
soc: fsl: guts: machine variable might be unset
Michal Suchanek (1):
kexec, KEYS, s390: Make use of built-in and secondary keyring for
signature verification
Mike Manning (1):
net: allow unbound socket for packets in VRF when tcp_l3mdev_accept
set
Mike Snitzer (1):
dm: return early from dm_pr_call() if DM device is suspended
Miklos Szeredi (1):
fuse: limit nsec
Mikulas Patocka (6):
add barriers to buffer_uptodate and set_buffer_uptodate
md-raid: destroy the bitmap after destroying the thread
md-raid10: fix KASAN warning
dm writecache: set a default MAX_WRITEBACK_JOBS
dm raid: fix address sanitizer warning in raid_resume
dm raid: fix address sanitizer warning in raid_status
Ming Lei (1):
blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
Ming Qian (1):
media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set
Miquel Raynal (6):
mtd: rawnand: Add a helper to clarify the interface configuration
mtd: rawnand: arasan: Check the proposed data interface is supported
mtd: rawnand: Add NV-DDR timings
mtd: rawnand: arasan: Fix a macro parameter
mtd: rawnand: arasan: Support NV-DDR interface
mtd: rawnand: arasan: Prevent an unsupported configuration
Mohamed Khalfella (1):
PCI/AER: Iterate over error counters instead of error strings
Narendra Hadke (1):
serial: mvebu-uart: uart2 error bits clearing
Nathan Chancellor (2):
hexagon: select ARCH_WANT_LD_ORPHAN_WARN
usb: cdns3: Don't use priv_dev uninitialized in
cdns3_gadget_ep_enable()
Nick Desaulniers (2):
Makefile: link with -z noexecstack --no-warn-rwx-segments
x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments
Nick Hainke (1):
arm64: dts: mt7622: fix BPI-R64 WPS button
Nico Boehr (1):
KVM: s390: pv: don't present the ecall interrupt twice
Nicolas Saenz Julienne (1):
nohz/full, sched/rt: Fix missed tick-reenabling bug in
dequeue_task_rt()
Niels Dossche (1):
media: hdpvr: fix error value returns in hdpvr_read
Nilesh Javali (1):
scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
Olga Kitaina (1):
mtd: rawnand: arasan: Fix clock rate in NV-DDR
Pali Rohár (4):
PCI: Add defines for normal and subtractive PCI bridges
powerpc/fsl-pci: Fix Class Code of PCIe Root Port
crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain'
and alias
Peng Fan (1):
interconnect: imx: fix max_node_id
Peter Zijlstra (1):
locking/lockdep: Fix lockdep_init_map_*() confusion
Phil Elwell (1):
drm/vc4: hdmi: Disable audio if dmas property is present but empty
Pierre-Louis Bossart (1):
soundwire: bus_type: fix remove and shutdown support
Ping Cheng (2):
HID: wacom: Only report rotation for art pen
HID: wacom: Don't register pad_input for touch switch
Prabhakar Kushwaha (1):
RDMA/qedr: Improve error logs for rdma_alloc_tid error return
Przemyslaw Patynowski (1):
iavf: Fix max_rate limiting
Qian Cai (1):
crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE
Qu Wenruo (3):
btrfs: reject log replay if there is unsupported RO compat flag
btrfs: only write the sectors in the vertical stripe which has data
stripes
btrfs: raid56: don't trust any cached sector in
__raid56_parity_recover()
Quentin Perret (1):
KVM: arm64: Don't return from void function
Quinn Tran (2):
scsi: qla2xxx: Turn off multi-queue for 8G adapters
scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
Rafael J. Wysocki (2):
thermal: sysfs: Fix cooling_device_stats_setup() error code path
ACPI: CPPC: Do not prevent CPPC from working in the future
Ralph Siemsen (1):
clk: renesas: r9a06g032: Fix UART clkgrp bitsel
Randy Dunlap (1):
usb: gadget: udc: amd5536 depends on HAS_DMA
Rex-BC Chen (1):
clk: mediatek: reset: Fix written reset bit offset
Rob Clark (1):
drm/msm/mdp5: Fix global state lock backoff
Robert Marko (5):
arm64: dts: qcom: ipq8074: fix NAND node name
clk: qcom: ipq8074: fix NSS core PLL-s
clk: qcom: ipq8074: SW workaround for UBI32 PLL lock
clk: qcom: ipq8074: fix NSS port frequency tables
clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
Rohith Kollalsi (1):
usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup
Russell King (Oracle) (1):
ARM: findbit: fix overflowing offset
Rustam Subkhankulov (2):
wifi: p54: add missing parentheses in p54_flush()
video: fbdev: sis: fix typos in SiS_GetModeID()
Sam Protsenko (1):
iommu/exynos: Handle failed IOMMU device registration properly
Samuel Holland (3):
irqchip/mips-gic: Only register IPI domain when SMP is enabled
genirq: GENERIC_IRQ_IPI depends on SMP
arm64: dts: allwinner: a64: orangepi-win: Fix LED node name
Sean Christopherson (15):
KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case
KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case
KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks
KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical
#GP
KVM: x86: Tag kvm_mmu_x86_module_init() with __init
KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4()
KVM: SVM: Drop VMXE check from svm_set_cr4()
KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops hook
KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4
KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no
vPMU
KVM: Add infrastructure and macro to mark VM as bugged
SeongJae Park (2):
xen-blkback: fix persistent grants negotiation
xen-blkfront: Apply 'feature_persistent' parameter when connect
Serge Semin (4):
dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction
semantics
PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()
PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists
Sergey Shtylyov (1):
usb: host: xhci: use snprintf() in xhci_decode_trb()
Shengjiu Wang (1):
ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format
Shunsuke Mie (1):
PCI: endpoint: Don't stop controller when unbinding endpoint function
Sibi Sankar (1):
remoteproc: sysmon: Wait for SSCTL service to come up
Siddh Raman Pant (1):
x86/numa: Use cpumask_available instead of hardcoded NULL check
Sireesh Kodali (1):
remoteproc: qcom: wcnss: Fix handling of IRQs
Srinivas Kandagatla (2):
ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV
ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV
Stefan Roese (1):
PCI/portdrv: Don't disable AER reporting in
get_port_device_capability()
Steffen Maier (1):
scsi: zfcp: Fix missing auto port scan and thus missing target ports
Stephan Gerhold (1):
regulator: qcom_smd: Fix pm8916_pldo range
Stephen Boyd (1):
platform/chrome: cros_ec: Always expose last resume result
Steven Rostedt (Google) (2):
ftrace/x86: Add back ftrace_expected assignment
tracing: Use a struct alignof to determine trace event field alignment
Sudeep Holla (1):
firmware: arm_scpi: Ensure scpi_info is not assigned if the probe
fails
Sumit Garg (1):
arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment
Suzuki K Poulose (1):
coresight: Clear the connection field properly
Tadeusz Struk (1):
sched/fair: Fix fault in reweight_entity
Tali Perry (2):
i2c: npcm: Remove own slave addresses 2:10
i2c: npcm: Correct slave role behavior
Tamás Szűcs (1):
arm64: tegra: Fix SDMMC1 CD on P2888
Tang Bin (3):
usb: gadget: tegra-xudc: Fix error check in
tegra_xudc_powerdomain_init()
usb: xhci: tegra: Fix error check
opp: Fix error check in dev_pm_opp_attach_genpd()
Tetsuo Handa (4):
tty: vt: initialize unicode screen buffer
lockdep: Allow tuning tracing capacity constants.
PM: hibernate: defer device probing when resuming from hibernation
lib/smp_processor_id: fix imbalanced instrumentation_end() call
Theodore Ts'o (1):
ext4: update s_overhead_clusters in the superblock during an on-line
resize
Thinh Nguyen (1):
usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
Thomas Gleixner (1):
netfilter: xtables: Bring SPDX identifier back
Tianchen Ding (1):
sched: Fix the check of nr_running at queue wakelist
Tianjia Zhang (1):
KEYS: asymmetric: enforce SM2 signature use pkey algo
Tim Crawford (1):
ALSA: hda/realtek: Add quirk for Clevo NV45PZ
Timur Tabi (1):
drm/nouveau: fix another off-by-one in nvbios_addr
Tom Lendacky (1):
crypto: ccp - During shutdown, check SEV data pointer before using
Tom Rix (2):
ASoC: samsung: change gpiod_speaker_power and rx1950_audio from global
to static variables
drm/vc4: change vc4_dma_range_matches from a global to static
Tony Battersby (1):
scsi: sg: Allow waiting for commands to complete on removed device
Trond Myklebust (1):
Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
Tyler Hicks (1):
net/9p: Initialize the iounit field during fid creation
Uwe Kleine-König (6):
pwm: sifive: Don't check the return code of pwmchip_remove()
pwm: sifive: Simplify offset calculation for PWMCMP registers
pwm: sifive: Ensure the clk is enabled exactly once per running PWM
pwm: sifive: Shut down hardware only after pwmchip_remove() completed
mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error
path
mfd: t7l66xb: Drop platform disable callback
Viacheslav Mitrofanov (1):
dmaengine: sf-pdma: Add multithread support for a DMA channel
Vidya Sagar (2):
PCI: tegra194: Fix Root Port interrupt handling
PCI: tegra194: Fix link up retry sequence
Vincent Mailhol (10):
can: pch_can: do not report txerr and rxerr during bus-off
can: rcar_can: do not report txerr and rxerr during bus-off
can: sja1000: do not report txerr and rxerr during bus-off
can: hi311x: do not report txerr and rxerr during bus-off
can: sun4i_can: do not report txerr and rxerr during bus-off
can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
can: usb_8dev: do not report txerr and rxerr during bus-off
can: error: specify the values of data[5..7] of CAN error frames
can: pch_can: pch_can_error(): initialize errc before using it
Vitaly Kuznetsov (2):
KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq
KVM: x86: Avoid theoretical NULL pointer dereference in
kvm_irq_delivery_to_apic_fast()
Vladimir Zapolskiy (1):
clk: qcom: camcc-sdm845: Fix topology around titan_top power domain
Waiman Long (1):
sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
Weitao Wang (1):
USB: HCD: Fix URB giveback issue in tasklet function
William Dean (3):
parisc: Check the return value of ioremap() in lba_driver_probe()
irqchip/mips-gic: Check the return value of ioremap() in gic_of_init()
watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in
armada_37xx_wdt_probe()
Wolfram Sang (2):
selftests: timers: valid-adjtimex: build fix for newer toolchains
selftests: timers: clocksource-switch: fix passing errors from child
Wyes Karny (1):
x86: Handle idle=nomwait cmdline properly for x86_idle
Xiaomeng Tong (2):
media: [PATCH] pci: atomisp_cmd: fix three missing checks on list
iterator
virtio-gpu: fix a missing check to avoid NULL dereference
Xie Shaowen (1):
Input: gscps2 - check return value of ioremap() in gscps2_probe()
Xie Yongji (1):
fuse: Remove the control interface for virtio-fs
Xinlei Lee (2):
drm/mediatek: Modify dsi funcs to atomic operations
drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff
function
Xiu Jianfeng (1):
selinux: Add boundary check in put_entry()
Xu Wang (1):
i2c: Fix a potential use after free
Yang Xu (1):
fs: Add missing umask strip in vfs_tmpfile
Yang Yingliang (2):
bus: hisi_lpc: fix missing platform_device_put() in
hisi_lpc_acpi_probe()
xtensa: iss: fix handling error cases in iss_net_configure()
Yangtao Li (1):
pwm: lpc18xx-sct: Convert to devm_platform_ioremap_resource()
Ye Bin (1):
ext4: fix warning in ext4_iomap_begin as race between bmap and write
YiFei Zhu (1):
selftests/seccomp: Fix compile warning when CC=clang
Yonglong Li (1):
tcp: make retransmitted SKB fit into the send window
Yunhao Tian (1):
drm/mipi-dbi: align max_chunk to 2 in spi_transfer
Zhengchao Shao (2):
crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in
softirq
crypto: hisilicon/hpre - don't use GFP_KERNEL to alloc mem during
softirq
Zhenguo Zhao (1):
tty: n_gsm: Delete gsmtty open SABM frame when config requester
Zheyu Ma (7):
ALSA: bcd2000: Fix a UAF bug on the error path of probing
iio: light: isl29028: Fix the warning in isl29028_remove()
media: tw686x: Register the irq at the end of probe
video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
video: fbdev: vt8623fb: Check the size of screen before memset_io()
video: fbdev: arkfb: Check the size of screen before memset_io()
video: fbdev: s3fb: Check the size of screen before memset_io()
Zhu Yanjun (1):
RDMA/rxe: Fix error unwind in rxe_create_qp()
Zoltan Tamas Vajda (1):
HID: hid-input: add Surface Go battery quirk
huhai (1):
ACPI: LPSS: Fix missing check in register_device_clock()
.../ABI/testing/sysfs-driver-xen-blkback | 2 +-
.../ABI/testing/sysfs-driver-xen-blkfront | 2 +-
.../admin-guide/kernel-parameters.txt | 29 +-
Documentation/admin-guide/pm/cpuidle.rst | 15 +-
Documentation/driver-api/vfio.rst | 31 +-
Makefile | 3 +
arch/arm/boot/dts/Makefile | 1 +
arch/arm/boot/dts/aspeed-ast2500-evb.dts | 2 +-
arch/arm/boot/dts/aspeed-ast2600-evb.dts | 2 +-
arch/arm/boot/dts/bcm53015-meraki-mr26.dts | 166 ++++++++++
arch/arm/boot/dts/imx53-ppd.dts | 2 +-
arch/arm/boot/dts/imx6dl-colibri-eval-v3.dts | 2 +-
arch/arm/boot/dts/imx6q-apalis-eval.dts | 2 +-
arch/arm/boot/dts/imx6q-apalis-ixora-v1.1.dts | 2 +-
arch/arm/boot/dts/imx6q-apalis-ixora.dts | 2 +-
arch/arm/boot/dts/imx6ul.dtsi | 33 +-
arch/arm/boot/dts/imx7-colibri-aster.dtsi | 2 +-
arch/arm/boot/dts/imx7-colibri-eval-v3.dtsi | 2 +-
arch/arm/boot/dts/imx7d-colibri-emmc.dtsi | 4 +
.../boot/dts/motorola-mapphone-common.dtsi | 2 +-
arch/arm/boot/dts/qcom-mdm9615.dtsi | 1 +
arch/arm/boot/dts/qcom-pm8841.dtsi | 1 +
arch/arm/boot/dts/s5pv210-aries.dtsi | 2 +-
.../boot/dts/tegra20-acer-a500-picasso.dts | 2 +-
arch/arm/boot/dts/uniphier-pxs2.dtsi | 8 +-
arch/arm/lib/findbit.S | 16 +-
arch/arm/mach-bcm/bcm_kona_smc.c | 1 +
arch/arm/mach-omap2/display.c | 3 +
arch/arm/mach-omap2/prm3xxx.c | 1 +
.../mach-shmobile/regulator-quirk-rcar-gen2.c | 5 +-
arch/arm/mach-zynq/common.c | 1 +
.../dts/allwinner/sun50i-a64-orangepi-win.dts | 2 +-
.../dts/mediatek/mt7622-bananapi-bpi-r64.dts | 2 +-
.../arm64/boot/dts/nvidia/tegra194-p2888.dtsi | 2 +-
arch/arm64/boot/dts/qcom/ipq8074.dtsi | 2 +-
arch/arm64/boot/dts/qcom/qcs404.dtsi | 4 +-
.../dts/renesas/beacon-renesom-baseboard.dtsi | 6 +-
arch/arm64/boot/dts/renesas/r8a774c0.dtsi | 2 +-
arch/arm64/boot/dts/renesas/r8a77990.dtsi | 2 +-
.../boot/dts/socionext/uniphier-pxs3.dtsi | 8 +-
arch/arm64/crypto/Kconfig | 1 +
arch/arm64/include/asm/processor.h | 3 +-
arch/arm64/kernel/cpufeature.c | 2 +-
arch/arm64/kvm/hyp/nvhe/switch.c | 2 +-
arch/arm64/kvm/hyp/vhe/switch.c | 2 +-
arch/hexagon/Kconfig | 1 +
arch/ia64/include/asm/processor.h | 2 +-
arch/mips/kernel/proc.c | 2 +-
arch/parisc/kernel/drivers.c | 9 +-
arch/parisc/kernel/syscalls/syscall.tbl | 2 +-
arch/powerpc/kernel/Makefile | 1 +
arch/powerpc/kernel/pci-common.c | 29 +-
arch/powerpc/mm/ptdump/shared.c | 6 +-
arch/powerpc/perf/core-book3s.c | 35 +-
arch/powerpc/platforms/Kconfig.cputype | 4 +-
arch/powerpc/platforms/cell/axon_msi.c | 1 +
arch/powerpc/platforms/cell/spufs/inode.c | 1 +
arch/powerpc/platforms/powernv/rng.c | 2 +
arch/powerpc/sysdev/fsl_pci.c | 8 +
arch/powerpc/sysdev/fsl_pci.h | 1 +
arch/powerpc/sysdev/xive/spapr.c | 1 +
arch/riscv/kernel/reset.c | 12 +-
arch/s390/include/asm/gmap.h | 2 +
arch/s390/kernel/asm-offsets.c | 2 +
arch/s390/kernel/crash_dump.c | 2 +-
arch/s390/kernel/machine_kexec_file.c | 18 +-
arch/s390/kernel/os_info.c | 3 +-
arch/s390/kvm/intercept.c | 15 +
arch/s390/kvm/pv.c | 9 +-
arch/s390/kvm/sigp.c | 4 +-
arch/s390/mm/gmap.c | 86 +++++
arch/um/Kconfig | 5 +
arch/um/drivers/random.c | 2 +-
arch/um/include/shared/kern_util.h | 2 +
arch/um/include/shared/os.h | 1 +
arch/um/kernel/um_arch.c | 25 ++
arch/um/os-Linux/signal.c | 14 +-
arch/x86/boot/Makefile | 2 +-
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/entry/Makefile | 3 +-
arch/x86/entry/thunk_32.S | 2 -
arch/x86/entry/thunk_64.S | 4 -
arch/x86/entry/vdso/Makefile | 2 +-
arch/x86/include/asm/kvm_host.h | 7 +-
arch/x86/kernel/cpu/bugs.c | 10 +-
arch/x86/kernel/ftrace.c | 1 +
arch/x86/kernel/process.c | 9 +-
arch/x86/kvm/emulate.c | 23 +-
arch/x86/kvm/hyperv.c | 3 +
arch/x86/kvm/lapic.c | 4 +
arch/x86/kvm/mmu/mmu.c | 2 +-
arch/x86/kvm/pmu.c | 36 +-
arch/x86/kvm/svm/pmu.c | 1 +
arch/x86/kvm/svm/svm.c | 14 +-
arch/x86/kvm/svm/svm.h | 2 +-
arch/x86/kvm/vmx/nested.c | 99 +++---
arch/x86/kvm/vmx/pmu_intel.c | 12 +-
arch/x86/kvm/vmx/vmx.c | 35 +-
arch/x86/kvm/vmx/vmx.h | 2 +-
arch/x86/kvm/x86.c | 17 +-
arch/x86/mm/numa.c | 4 +-
arch/x86/platform/olpc/olpc-xo1-sci.c | 2 +-
arch/x86/um/Makefile | 3 +-
arch/xtensa/platforms/iss/network.c | 42 ++-
block/bio.c | 3 -
block/blk-merge.c | 2 +-
block/blk-mq-debugfs.c | 3 +
block/blk-mq-sched.c | 2 +-
block/blk-mq.c | 8 +-
crypto/asymmetric_keys/public_key.c | 7 +-
drivers/acpi/acpi_lpss.c | 3 +
drivers/acpi/apei/einj.c | 2 +
drivers/acpi/cppc_acpi.c | 54 ++-
drivers/acpi/ec.c | 82 +----
drivers/acpi/processor_idle.c | 6 +-
drivers/acpi/sleep.c | 8 +
drivers/block/null_blk_main.c | 14 +-
drivers/block/xen-blkback/xenbus.c | 20 +-
drivers/block/xen-blkfront.c | 4 +-
drivers/bluetooth/hci_intel.c | 6 +-
drivers/bus/hisi_lpc.c | 10 +-
drivers/clk/mediatek/reset.c | 4 +-
drivers/clk/qcom/camcc-sdm845.c | 4 +
drivers/clk/qcom/clk-krait.c | 7 +-
drivers/clk/qcom/gcc-ipq8074.c | 60 +++-
drivers/clk/renesas/r9a06g032-clocks.c | 8 +-
.../allwinner/sun8i-ss/sun8i-ss-cipher.c | 1 +
.../crypto/allwinner/sun8i-ss/sun8i-ss-core.c | 22 +-
.../crypto/allwinner/sun8i-ss/sun8i-ss-hash.c | 15 +-
drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h | 4 +
drivers/crypto/ccp/sev-dev.c | 2 +-
drivers/crypto/hisilicon/hpre/hpre_crypto.c | 2 +-
drivers/crypto/hisilicon/sec/sec_algs.c | 14 +-
drivers/crypto/hisilicon/sec/sec_drv.h | 2 +-
drivers/crypto/hisilicon/sec2/sec_crypto.c | 6 +-
drivers/crypto/hisilicon/sec2/sec_crypto.h | 1 +
drivers/crypto/inside-secure/safexcel.c | 2 +
drivers/dma/dw-edma/dw-edma-core.c | 2 +-
drivers/dma/sf-pdma/sf-pdma.c | 49 ++-
drivers/firmware/arm_scpi.c | 61 ++--
drivers/firmware/tegra/bpmp-debugfs.c | 10 +-
drivers/fpga/altera-pr-ip-core.c | 2 +-
drivers/gpio/gpiolib-of.c | 4 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 4 +
drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 24 +-
drivers/gpu/drm/bridge/sil-sii8620.c | 4 +-
drivers/gpu/drm/bridge/tc358767.c | 62 +++-
drivers/gpu/drm/drm_gem.c | 4 +-
drivers/gpu/drm/drm_mipi_dbi.c | 7 +
drivers/gpu/drm/exynos/exynos7_drm_decon.c | 17 +-
.../drm/i915/display/intel_display_debugfs.c | 4 +-
drivers/gpu/drm/i915/i915_reg.h | 3 +-
drivers/gpu/drm/mcde/mcde_dsi.c | 1 +
drivers/gpu/drm/mediatek/mtk_dpi.c | 33 +-
drivers/gpu/drm/mediatek/mtk_dsi.c | 126 ++++---
drivers/gpu/drm/msm/disp/mdp5/mdp5_pipe.c | 3 +-
drivers/gpu/drm/nouveau/nouveau_display.c | 4 +-
drivers/gpu/drm/nouveau/nouveau_fbcon.c | 2 +-
.../gpu/drm/nouveau/nvkm/subdev/bios/base.c | 2 +-
drivers/gpu/drm/radeon/.gitignore | 2 +-
drivers/gpu/drm/radeon/Kconfig | 2 +-
drivers/gpu/drm/radeon/Makefile | 2 +-
drivers/gpu/drm/radeon/ni_dpm.c | 6 +-
.../gpu/drm/rockchip/analogix_dp-rockchip.c | 10 +-
drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 3 +
drivers/gpu/drm/tiny/st7735r.c | 1 +
drivers/gpu/drm/vc4/vc4_crtc.c | 10 +-
drivers/gpu/drm/vc4/vc4_drv.c | 19 ++
drivers/gpu/drm/vc4/vc4_drv.h | 1 -
drivers/gpu/drm/vc4/vc4_dsi.c | 208 ++++++++----
drivers/gpu/drm/vc4/vc4_hdmi.c | 50 ++-
drivers/gpu/drm/vc4/vc4_plane.c | 30 +-
drivers/gpu/drm/virtio/virtgpu_ioctl.c | 6 +-
drivers/hid/hid-alps.c | 2 +
drivers/hid/hid-cp2112.c | 5 +
drivers/hid/hid-ids.h | 2 +
drivers/hid/hid-input.c | 4 +
drivers/hid/hid-mcp2221.c | 3 +
drivers/hid/wacom_sys.c | 2 +-
drivers/hid/wacom_wac.c | 72 ++--
drivers/hwmon/drivetemp.c | 1 +
drivers/hwtracing/coresight/coresight-core.c | 1 +
drivers/hwtracing/intel_th/msu-sink.c | 3 +
drivers/hwtracing/intel_th/msu.c | 14 +-
drivers/hwtracing/intel_th/pci.c | 25 +-
drivers/i2c/busses/i2c-cadence.c | 10 +-
drivers/i2c/busses/i2c-npcm7xx.c | 50 ++-
drivers/i2c/i2c-core-base.c | 3 +-
drivers/i2c/muxes/i2c-mux-gpmux.c | 1 +
drivers/iio/accel/bma400.h | 23 +-
drivers/iio/accel/bma400_core.c | 4 +-
drivers/iio/light/isl29028.c | 2 +-
drivers/infiniband/hw/hfi1/file_ops.c | 4 +-
drivers/infiniband/hw/mlx5/fs.c | 6 +-
drivers/infiniband/hw/qedr/verbs.c | 26 +-
drivers/infiniband/sw/rxe/rxe_qp.c | 12 +-
drivers/infiniband/sw/siw/siw_cm.c | 7 +-
drivers/infiniband/ulp/rtrs/rtrs-clt.c | 5 -
drivers/infiniband/ulp/rtrs/rtrs-pri.h | 22 +-
drivers/infiniband/ulp/rtrs/rtrs-srv.c | 4 +-
drivers/infiniband/ulp/srpt/ib_srpt.c | 148 ++++++---
drivers/infiniband/ulp/srpt/ib_srpt.h | 18 +-
drivers/input/serio/gscps2.c | 4 +
drivers/input/touchscreen/atmel_mxt_ts.c | 6 +-
drivers/interconnect/imx/imx.c | 8 +-
drivers/iommu/arm/arm-smmu/qcom_iommu.c | 7 +-
drivers/iommu/exynos-iommu.c | 6 +-
drivers/iommu/intel/dmar.c | 2 +-
drivers/irqchip/Kconfig | 5 +-
drivers/irqchip/irq-mips-gic.c | 84 +++--
drivers/md/dm-raid.c | 4 +-
drivers/md/dm-rq.c | 2 +-
drivers/md/dm-writecache.c | 2 +-
drivers/md/dm.c | 5 +
drivers/md/md.c | 2 +-
drivers/md/raid10.c | 5 +-
drivers/media/pci/tw686x/tw686x-core.c | 18 +-
drivers/media/pci/tw686x/tw686x-video.c | 4 +-
drivers/media/platform/mtk-mdp/mtk_mdp_ipi.h | 2 +
drivers/media/usb/hdpvr/hdpvr-video.c | 2 +-
drivers/media/v4l2-core/v4l2-mem2mem.c | 2 +-
drivers/memstick/core/ms_block.c | 11 +-
drivers/mfd/max77620.c | 2 +
drivers/mfd/t7l66xb.c | 6 +-
drivers/misc/cardreader/rtsx_pcr.c | 6 +-
drivers/misc/eeprom/idt_89hpesx.c | 8 +-
drivers/mmc/core/block.c | 28 +-
drivers/mmc/host/cavium-octeon.c | 1 +
drivers/mmc/host/cavium-thunderx.c | 4 +-
drivers/mmc/host/sdhci-of-at91.c | 9 +-
drivers/mmc/host/sdhci-of-esdhc.c | 1 +
drivers/mtd/devices/st_spi_fsm.c | 8 +-
drivers/mtd/maps/physmap-versatile.c | 2 +
drivers/mtd/nand/raw/arasan-nand-controller.c | 57 +++-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/meson_nand.c | 1 -
drivers/mtd/nand/raw/nand_timings.c | 255 +++++++++++++++
drivers/mtd/parsers/redboot.c | 1 +
drivers/mtd/sm_ftl.c | 2 +-
drivers/net/can/pch_can.c | 8 +-
drivers/net/can/rcar/rcar_can.c | 8 +-
drivers/net/can/sja1000/sja1000.c | 7 +-
drivers/net/can/spi/hi311x.c | 5 +-
drivers/net/can/sun4i_can.c | 9 +-
.../net/can/usb/kvaser_usb/kvaser_usb_hydra.c | 12 +-
.../net/can/usb/kvaser_usb/kvaser_usb_leaf.c | 6 +-
drivers/net/can/usb/usb_8dev.c | 7 +-
drivers/net/ethernet/intel/iavf/iavf.h | 1 +
drivers/net/ethernet/intel/iavf/iavf_main.c | 25 +-
drivers/net/ethernet/mellanox/mlx5/core/en.h | 2 +-
.../mellanox/mlx5/core/en_accel/ktls.c | 2 +-
.../net/ethernet/pensando/ionic/ionic_lif.c | 2 +-
drivers/net/netdevsim/bpf.c | 8 +-
drivers/net/usb/ax88179_178a.c | 20 +-
drivers/net/usb/smsc95xx.c | 20 +-
drivers/net/usb/usbnet.c | 8 +-
drivers/net/wireguard/allowedips.c | 9 +-
drivers/net/wireguard/selftest/allowedips.c | 6 +-
drivers/net/wireguard/selftest/ratelimiter.c | 25 +-
drivers/net/wireless/ath/ath10k/snoc.c | 5 +-
drivers/net/wireless/ath/ath11k/core.c | 16 +-
drivers/net/wireless/ath/ath11k/debug.h | 4 +-
drivers/net/wireless/ath/wil6210/debugfs.c | 18 +-
drivers/net/wireless/intel/iwlegacy/4965-rs.c | 5 +-
drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 1 +
drivers/net/wireless/intersil/p54/main.c | 2 +-
drivers/net/wireless/intersil/p54/p54spi.c | 3 +-
drivers/net/wireless/mac80211_hwsim.c | 14 +-
.../net/wireless/marvell/libertas/if_usb.c | 1 +
drivers/net/wireless/marvell/mwifiex/main.h | 2 +
drivers/net/wireless/marvell/mwifiex/pcie.c | 3 +
.../net/wireless/marvell/mwifiex/sta_event.c | 3 +
drivers/net/wireless/mediatek/mt76/mac80211.c | 1 +
.../wireless/mediatek/mt76/mt76x02_usb_mcu.c | 2 +-
drivers/net/wireless/realtek/rtlwifi/debug.c | 8 +-
drivers/nvdimm/pmem_legacy_device.c | 7 +-
drivers/nvme/host/trace.h | 2 +-
drivers/opp/core.c | 4 +-
drivers/parisc/lba_pci.c | 6 +-
.../pci/controller/dwc/pcie-designware-ep.c | 18 +-
drivers/pci/controller/dwc/pcie-designware.c | 30 +-
drivers/pci/controller/dwc/pcie-qcom.c | 10 +-
drivers/pci/controller/dwc/pcie-tegra194.c | 49 ++-
drivers/pci/endpoint/functions/pci-epf-test.c | 1 -
drivers/pci/pcie/aer.c | 7 +-
drivers/pci/pcie/portdrv_core.c | 9 +-
drivers/perf/arm_spe_pmu.c | 22 +-
drivers/platform/chrome/cros_ec.c | 8 +-
drivers/platform/olpc/olpc-ec.c | 2 +-
drivers/pwm/pwm-lpc18xx-sct.c | 4 +-
drivers/pwm/pwm-sifive.c | 65 ++--
drivers/regulator/of_regulator.c | 6 +-
drivers/regulator/qcom_smd-regulator.c | 4 +-
drivers/remoteproc/qcom_sysmon.c | 10 +
drivers/remoteproc/qcom_wcnss.c | 10 +-
drivers/remoteproc/ti_k3_r5_remoteproc.c | 2 +
drivers/rpmsg/mtk_rpmsg.c | 2 +
drivers/rpmsg/qcom_smd.c | 1 +
drivers/s390/char/zcore.c | 11 +-
drivers/s390/cio/vfio_ccw_drv.c | 14 +-
drivers/s390/scsi/zfcp_fc.c | 29 +-
drivers/s390/scsi/zfcp_fc.h | 6 +-
drivers/s390/scsi/zfcp_fsf.c | 7 +-
drivers/scsi/qla2xxx/qla_def.h | 5 +-
drivers/scsi/qla2xxx/qla_gbl.h | 3 +-
drivers/scsi/qla2xxx/qla_gs.c | 11 +-
drivers/scsi/qla2xxx/qla_init.c | 48 ++-
drivers/scsi/qla2xxx/qla_isr.c | 20 +-
drivers/scsi/qla2xxx/qla_mbx.c | 19 +-
drivers/scsi/qla2xxx/qla_nvme.c | 5 -
drivers/scsi/sg.c | 53 +--
drivers/scsi/smartpqi/smartpqi_init.c | 4 +-
drivers/soc/amlogic/meson-mx-socinfo.c | 1 +
drivers/soc/amlogic/meson-secure-pwrc.c | 4 +-
drivers/soc/fsl/guts.c | 2 +-
drivers/soc/qcom/Kconfig | 1 +
drivers/soc/qcom/ocmem.c | 3 +
drivers/soc/qcom/qcom_aoss.c | 4 +-
drivers/soc/renesas/r8a779a0-sysc.c | 10 +-
drivers/soundwire/bus_type.c | 8 +-
drivers/spi/spi-rspi.c | 4 +
drivers/spi/spi-synquacer.c | 1 +
.../staging/media/atomisp/pci/atomisp_cmd.c | 57 ++--
.../staging/media/sunxi/cedrus/cedrus_h265.c | 3 +
drivers/staging/rtl8192u/r8192U.h | 2 +-
drivers/staging/rtl8192u/r8192U_dm.c | 38 +--
drivers/staging/rtl8192u/r8192U_dm.h | 2 +-
drivers/tee/tee_shm.c | 3 +
drivers/thermal/thermal_sysfs.c | 10 +-
drivers/tty/n_gsm.c | 199 ++++++++---
drivers/tty/serial/8250/8250.h | 22 ++
drivers/tty/serial/8250/8250_dw.c | 3 +
drivers/tty/serial/8250/8250_pci.c | 308 +++++++++---------
drivers/tty/serial/8250/8250_port.c | 21 --
drivers/tty/serial/mvebu-uart.c | 11 +
drivers/tty/vt/vt.c | 2 +-
drivers/usb/cdns3/gadget.c | 11 +-
drivers/usb/core/hcd.c | 26 +-
drivers/usb/dwc3/core.c | 9 +-
drivers/usb/dwc3/dwc3-qcom.c | 4 +-
drivers/usb/dwc3/gadget.c | 92 +++---
drivers/usb/gadget/udc/Kconfig | 2 +-
drivers/usb/gadget/udc/aspeed-vhub/hub.c | 4 +-
drivers/usb/gadget/udc/tegra-xudc.c | 8 +-
drivers/usb/host/ehci-ppc-of.c | 1 +
drivers/usb/host/ohci-nxp.c | 1 +
drivers/usb/host/xhci-tegra.c | 8 +-
drivers/usb/host/xhci.h | 2 +-
drivers/usb/serial/sierra.c | 3 +-
drivers/usb/serial/usb-serial.c | 2 +-
drivers/usb/serial/usb_wwan.c | 3 +-
drivers/usb/typec/ucsi/ucsi.c | 4 +
drivers/vfio/mdev/mdev_private.h | 5 +-
drivers/vfio/vfio.c | 207 +++++-------
drivers/video/fbdev/amba-clcd.c | 24 +-
drivers/video/fbdev/arkfb.c | 9 +-
drivers/video/fbdev/core/fbcon.c | 12 +-
drivers/video/fbdev/s3fb.c | 2 +
drivers/video/fbdev/sis/init.c | 4 +-
drivers/video/fbdev/vt8623fb.c | 2 +
drivers/watchdog/armada_37xx_wdt.c | 2 +
fs/attr.c | 2 +
fs/btrfs/block-group.c | 1 +
fs/btrfs/disk-io.c | 14 +
fs/btrfs/raid56.c | 74 ++++-
fs/erofs/decompressor.c | 16 +-
fs/eventpoll.c | 22 ++
fs/ext2/super.c | 12 +-
fs/ext4/inode.c | 19 +-
fs/ext4/resize.c | 1 +
fs/f2fs/file.c | 9 +-
fs/f2fs/gc.c | 41 ++-
fs/fuse/control.c | 4 +-
fs/fuse/inode.c | 6 +
fs/namei.c | 4 +
fs/nfs/nfs3client.c | 1 -
fs/overlayfs/export.c | 2 +-
fs/splice.c | 10 +-
include/acpi/cppc_acpi.h | 2 +-
include/linux/bitmap.h | 12 +-
include/linux/blktrace_api.h | 5 +-
include/linux/buffer_head.h | 25 +-
include/linux/kfifo.h | 2 +-
include/linux/kvm_host.h | 28 +-
include/linux/lockdep.h | 30 +-
include/linux/mfd/t7l66xb.h | 1 -
include/linux/mtd/rawnand.h | 123 ++++++-
include/linux/pci_ids.h | 2 +
include/linux/sched.h | 2 +-
include/linux/tpm_eventlog.h | 2 +-
include/linux/usb/hcd.h | 1 +
include/linux/vfio.h | 16 +
include/linux/wait.h | 9 +-
include/net/inet6_hashtables.h | 27 +-
include/net/inet_hashtables.h | 44 +--
include/net/inet_sock.h | 18 +-
include/net/sock.h | 3 -
include/trace/events/block.h | 30 +-
include/trace/events/spmi.h | 12 +-
include/trace/trace_events.h | 8 +-
include/uapi/linux/can/error.h | 5 +-
include/uapi/linux/netfilter/xt_IDLETIMER.h | 17 +-
kernel/bpf/verifier.c | 4 +-
kernel/cgroup/cpuset.c | 2 +-
kernel/irq/Kconfig | 1 +
kernel/irq/chip.c | 3 +-
kernel/kprobes.c | 3 +-
kernel/locking/lockdep.c | 9 +-
kernel/locking/lockdep_internals.h | 8 +-
kernel/power/user.c | 13 +-
kernel/profile.c | 7 +
kernel/sched/core.c | 34 +-
kernel/sched/deadline.c | 52 +--
kernel/sched/rt.c | 15 +-
kernel/sched/sched.h | 3 +-
kernel/time/hrtimer.c | 1 +
kernel/time/timekeeping.c | 7 +-
kernel/trace/blktrace.c | 46 +--
lib/Kconfig.debug | 40 +++
lib/bitmap.c | 42 ++-
lib/livepatch/test_klp_callbacks_busy.c | 8 +
lib/smp_processor_id.c | 2 +-
lib/test_bpf.c | 4 +-
mm/mmap.c | 1 -
net/9p/client.c | 5 +-
net/bluetooth/l2cap_core.c | 13 +-
net/dccp/proto.c | 10 +-
net/ipv4/inet_hashtables.c | 17 +-
net/ipv4/tcp_output.c | 30 +-
net/ipv4/udp.c | 3 +-
net/ipv6/inet6_hashtables.c | 6 +-
net/ipv6/udp.c | 2 +-
net/mac80211/sta_info.c | 6 +-
net/netfilter/nf_tables_api.c | 1 +
net/rose/af_rose.c | 11 +-
net/rose/rose_route.c | 2 +
net/sched/cls_route.c | 10 +
scripts/faddr2line | 4 +-
security/selinux/ss/policydb.h | 2 +
sound/pci/hda/patch_cirrus.c | 1 +
sound/pci/hda/patch_conexant.c | 11 +-
sound/pci/hda/patch_realtek.c | 15 +
sound/soc/atmel/mchp-spdifrx.c | 9 +-
sound/soc/codecs/cros_ec_codec.c | 1 +
sound/soc/codecs/da7210.c | 2 +
sound/soc/codecs/msm8916-wcd-digital.c | 46 +--
sound/soc/codecs/wcd9335.c | 81 ++---
sound/soc/fsl/fsl_easrc.c | 9 +-
sound/soc/fsl/fsl_easrc.h | 2 +-
sound/soc/generic/audio-graph-card.c | 4 +-
sound/soc/mediatek/mt6797/mt6797-mt6351.c | 6 +-
.../mediatek/mt8173/mt8173-rt5650-rt5676.c | 10 +-
sound/soc/mediatek/mt8173/mt8173-rt5650.c | 9 +-
sound/soc/qcom/lpass-cpu.c | 1 +
sound/soc/qcom/qdsp6/q6adm.c | 2 +-
sound/soc/samsung/aries_wm8994.c | 6 +-
sound/soc/samsung/h1940_uda1380.c | 2 +-
sound/soc/samsung/rx1950_uda1380.c | 4 +-
sound/usb/bcd2000/bcd2000.c | 3 +-
tools/lib/bpf/libbpf.c | 9 +-
tools/lib/bpf/xsk.c | 9 +-
tools/perf/util/dsos.c | 15 +-
tools/perf/util/genelf.c | 6 +-
tools/perf/util/symbol-elf.c | 27 +-
tools/testing/selftests/bpf/prog_tests/btf.c | 2 +-
.../selftests/kvm/lib/x86_64/processor.c | 2 +-
tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +-
.../selftests/timers/clocksource-switch.c | 6 +-
.../testing/selftests/timers/valid-adjtimex.c | 2 +-
tools/thermal/tmon/sysfs.c | 24 +-
tools/thermal/tmon/tmon.h | 3 +
virt/kvm/kvm_main.c | 26 +-
472 files changed, 4378 insertions(+), 2282 deletions(-)
create mode 100644 arch/arm/boot/dts/bcm53015-meraki-mr26.dts
--
2.20.1
1
501
Backport 5.10.137 LTS patches from upstream.
git cherry-pick v5.10.136..v5.10.137~1 -s
Already merged(-41):
f5f3e54f8116 mm: Add kvrealloc()
e32bb2428104 xfs: only set IOMAP_F_SHARED when providing a srcmap to a write
0a69f1f84207 xfs: fix I_DONTCACHE
2613baa3ab21 mm/mremap: hold the rmap lock in write mode when moving page table
entries.
1a4b18b1ff11 netfilter: nf_tables: do not allow SET_ID to refer to another table
9e7dcb88ec8e netfilter: nf_tables: do not allow CHAIN_ID to refer to another
table
0cc5c6b7567d netfilter: nf_tables: do not allow RULE_ID to refer to another
chain
353b4673d01c arm64: fix oops in concurrently setting insn_emulation sysctls
d0412d8f693e net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
eccd7c3e2596 ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
1f697d795290 crypto: hisilicon/sec - fixes some coding style
16e18a8ac7c9 crypto: hisilicon/sec - don't sleep when in softirq
0ecc91cf9645 RDMA/hns: Fix incorrect clearing of interrupt status register
914bf4aa2d5b jbd2: fix outstanding credits assert in
jbd2_journal_commit_transaction()
a6d7f224730e ext4: recover csum seed of tmp_inode after migrating to extents
f7161d0da975 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when
journal aborted
541840859ace posix-cpu-timers: Cleanup CPU timers before freeing them during
exec
dce8d7427c6a PCI/AER: Write AER Capability only when we control it
78d431e8a56c PCI/ERR: Bind RCEC devices to the Root Port driver
de4534ac28c4 PCI/ERR: Rename reset_link() to reset_subordinates()
f236fa38508b PCI/ERR: Simplify by using pci_upstream_bridge()
2e3458b995aa PCI/ERR: Simplify by computing pci_pcie_type() once
078d79fad521 PCI/ERR: Use "bridge" for clarity in pcie_do_recovery()
7730ba6151b7 PCI/ERR: Avoid negated conditional for clarity
bb6990fd3729 PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery()
d83d886e69bd PCI/ERR: Recover from RCEC AER errors
5e2cf705155a dm thin: fix use-after-free crash in
dm_sm_register_threshold_callback
441726394efa KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh
1571c4613059 ext4: check if directory block is within i_size
2da44a2927a7 ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
69d1a36eb4b2 ext4: make sure ext4_append() always allocates new block
bb8592efcf8e ext4: fix use-after-free in ext4_xattr_set_entry
603fb7bd744a ext4: correct max_inline_xattr_value_size computing
d0b495aa2692 ext4: correct the misjudgment in ext4_iget_extra_inode
7018f03d97da net_sched: cls_route: remove from list when handle is 0
a93f33aeef4e driver core: fix potential deadlock in __driver_attach
fb086aea3910 x86: Handle idle=nomwait cmdline properly for x86_idle
71042279b161 ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
1008c6d98b6d crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in
softirq
cb6277507998 crypto: hisilicon/hpre - don't use GFP_KERNEL to alloc mem during
softirq
c206177ca8a9 crypto: hisilicon/sec - fix auth key size error
Rejected due to openEuler hinic driver maintenance policy(-3):
8369a39b529d hinic: Use the bitmap API when applicable
e286a882f227 net: hinic: fix bug that ethtool get wrong stats
e74f3097a9c7 net: hinic: avoid kernel hung in hinic_get_stats64()
Total patches: 540 -41 -3 = 496
Aaron Lewis (1):
kvm: x86/pmu: Fix the compare function used by the pmu event filter
Adrian Hunter (1):
perf tools: Fix dso_id inode generation comparison
Ahmed Zaki (1):
mac80211: fix a memory leak where sta_info is not freed
Al Viro (1):
__follow_mount_rcu(): verify that mount_lock remains unchanged
Alex Deucher (1):
drm/radeon: fix incorrrect SPDX-License-Identifiers
Alexander Gordeev (2):
s390/dump: fix old lowcore virtual vs physical address confusion
s390/zcore: fix race when reading from hardware system area
Alexander Lobakin (3):
ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr()
x86/olpc: fix 'logical not is only applied to the left hand side'
iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
Alexander Shishkin (4):
intel_th: msu: Fix vmalloced buffers
intel_th: pci: Add Meteor Lake-P support
intel_th: pci: Add Raptor Lake-S PCH support
intel_th: pci: Add Raptor Lake-S CPU support
Alexander Stein (6):
ARM: dts: imx6ul: add missing properties for sram
ARM: dts: imx6ul: change operating-points to uint32-matrix
ARM: dts: imx6ul: fix keypad compatible
ARM: dts: imx6ul: fix csi node compatible
ARM: dts: imx6ul: fix lcdif node compatible
ARM: dts: imx6ul: fix qspi node compatible
Alexandru Elisei (1):
arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1
Alexei Starovoitov (1):
bpf: Fix subprog names in stack traces.
Alexey Khoroshilov (1):
crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs()
Alexey Kodanev (2):
drm/radeon: fix potential buffer overflow in
ni_set_mc_special_registers()
wifi: iwlegacy: 4965: fix potential off-by-one overflow in
il4965_rs_fill_link_cmd()
Allen Ballway (1):
ALSA: hda/cirrus - support for iMac 12,1 model
Amit Kumar Mahapatra (1):
mtd: rawnand: arasan: Update NAND bus clock instead of system clock
Ammar Faizi (1):
wifi: wil6210: debugfs: fix uninitialized variable use in
`wil_write_file_wmi()`
Andrea Righi (1):
x86/entry: Build thunk_$(BITS) only if CONFIG_PREEMPTION=y
Andrei Vagin (1):
selftests: kvm: set rax before vmcall
Andrey Strachuk (1):
usb: cdns3: change place of 'priv_ep' assignment in
cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()
Andy Shevchenko (2):
serial: 8250_pci: Refactor the loop in pci_ite887x_init()
serial: 8250_pci: Replace dev_*() by pci_*() macros
AngeloGioacchino Del Regno (2):
media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment
rpmsg: mtk_rpmsg: Fix circular locking dependency
Anquan Wu (1):
libbpf: Fix the name of a reused map
Anshuman Khandual (1):
drivers/perf: arm_spe: Fix consistency of SYS_PMSCR_EL1.CX
Ansuel Smith (1):
clk: qcom: clk-krait: unlock spin after mux completion
Antonio Borneo (2):
genirq: Don't return error on missing optional irq_request_resources()
drm: adv7511: override i2c address of cec before accessing it
Arnaldo Carvalho de Melo (1):
genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined
HAVE_LIBCRYPTO
Artem Borisov (1):
HID: alps: Declare U1_UNICORN_LEGACY support
Arun Easi (3):
scsi: qla2xxx: Fix discovery issues in FC-AL topology
scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
Athira Rajeev (1):
powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for
PMI check in power_pmu_disable
Austin Kim (1):
dmaengine: sf-pdma: apply proper spinlock flags in
sf_pdma_prep_dma_memcpy()
Bart Van Assche (4):
blktrace: Trace remapped requests correctly
RDMA/srpt: Duplicate port name members
RDMA/srpt: Introduce a reference count in struct srpt_device
RDMA/srpt: Fix a use-after-free
Bartosz Golaszewski (2):
lib: bitmap: order includes alphabetically
lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
Bean Huo (1):
nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
Bedant Patnaik (1):
ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
Benjamin Segall (1):
epoll: autoremove wakers even more aggressively
Biju Das (1):
spi: spi-rspi: Fix PIO fallback on RZ platforms
Bikash Hazarika (2):
scsi: qla2xxx: Fix incorrect display of max frame size
scsi: qla2xxx: Zero undefined mailbox IN registers
Bo-Chen Chen (1):
drm/mediatek: dpi: Remove output format of YUV
Brian Norris (1):
drm/rockchip: vop: Don't crash for invalid duplicate_state()
Byungki Lee (1):
f2fs: write checkpoint during FG_GC
Chao Liu (1):
f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same
time
Chao Yu (1):
f2fs: don't set GC_FAILURE_PIN for background GC
Chen Zhongjin (2):
profiling: fix shift too large makes kernel panic
kprobes: Forbid probing on trampoline and BPF code areas
Cheng Xu (1):
RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
Christian Lamparter (1):
ARM: dts: BCM5301X: Add DT for Meraki MR26
Christian Loehle (1):
mmc: block: Add single read for 4k sector cards
Christian Marangi (1):
PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
Christoph Hellwig (1):
block: remove the request_queue to argument request based tracepoints
Christophe JAILLET (8):
drm/rockchip: Fix an error handling path rockchip_dp_probe()
wifi: p54: Fix an error handling path in p54spi_probe()
mtd: rawnand: meson: Fix a potential double free issue
misc: rtsx: Fix an error handling path in rtsx_pci_probe()
intel_th: Fix a resource leak in an error handling path
memstick/ms_block: Fix some incorrect memory allocation
memstick/ms_block: Fix a memory leak
ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp()
Christophe Leroy (2):
powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E
powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32
Christopher Obbard (1):
um: random: Don't initialise hwrng struct with zero
Chuansheng Liu (1):
drm/i915/dg1: Update DMC_DEBUG3 register
Claudio Imbrenda (1):
KVM: s390: pv: leak the topmost page table when destroy fails
Claudiu Beznea (1):
ASoC: mchp-spdifrx: disable end of block interrupt on failures
Corentin Labbe (1):
crypto: sun8i-ss - do not allocate memory when handling hash requests
Dan Carpenter (8):
wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
crypto: sun8i-ss - fix error codes in allocate_flows()
wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
selftests/bpf: fix a test for snprintf() overflow
eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write()
platform/olpc: Fix uninitialized data in debugfs write
null_blk: fix ida error handling in null_add_dev()
kfifo: fix kfifo_to_user() return type
Daniel Starke (8):
tty: n_gsm: fix user open not possible at responder until initiator
open
tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
tty: n_gsm: fix non flow control frames during mux flow off
tty: n_gsm: fix packet re-transmission without open control channel
tty: n_gsm: fix race condition in gsmld_write()
tty: n_gsm: fix wrong T1 retry count handling
tty: n_gsm: fix DM command
tty: n_gsm: fix missing corner cases in gsmld_poll()
Dave Stevenson (8):
drm/vc4: plane: Fix margin calculations for the right/bottom edges
drm/vc4: dsi: Correct DSI divider calculations
drm/vc4: dsi: Correct pixel order for DSI0
drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
drm/vc4: dsi: Fix dsi0 interrupt support
drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
iteration
drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
component
David Collins (1):
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
David Howells (1):
vfs: Check the truncate maximum size in inode_newsize_ok()
Dietmar Eggemann (1):
sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
Dimitri John Ledkov (1):
riscv: set default pm_power_off to NULL
Dmitry Osipenko (1):
drm/gem: Properly annotate WW context on drm_gem_lock_reservations()
error
Dom Cobley (3):
drm/vc4: plane: Remove subpixel positioning check
drm/vc4: hdmi: Remove firmware logic for MAI threshold setting
drm/vc4: hdmi: Avoid full hdmi audio fifo writes
Duoming Zhou (3):
mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release
mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
staging: rtl8192u: Fix sleep in atomic context bug in
dm_fsync_timer_callback
Elia Devito (1):
HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
Eric Dumazet (5):
inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
net: rose: fix netdev reference changes
tcp: fix over estimation in sk_forced_mem_schedule()
Eric Farman (1):
vfio/ccw: Do not change FSM state in subchannel event
Eric Whitney (1):
ext4: fix extent status tree race in writeback error recovery path
Eugen Hristev (1):
mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R
Florian Fainelli (1):
tools/thermal: Fix possible path truncations
Florian Westphal (1):
netfilter: nf_tables: fix null deref due to zeroed list head
Francis Laniel (1):
arm64: Do not forget syscall when starting a new thread.
Gal Pressman (1):
net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
cipher/version
Gao Xiang (1):
erofs: avoid consecutive detection for Highmem memory
Geert Uytterhoeven (3):
arm64: dts: renesas: beacon: Fix regulator node names
soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values
arm64: dts: renesas: Fix thermal-sensors on single-zone sensors
Gioh Kim (1):
RDMA/rtrs: Define MIN_CHUNK_SIZE
Greg Kroah-Hartman (1):
Revert "mwifiex: fix sleep in atomic context bugs caused by
dev_coredumpv"
Guilherme G. Piccoli (1):
ACPI: processor/idle: Annotate more functions to live in cpuidle
section
Guillaume Ranquet (1):
drm/mediatek: dpi: Only enable dpi after the bridge is enabled
Guo Mengqi (1):
spi: synquacer: Add missing clk_disable_unprepare()
Hangyu Hua (3):
drm: bridge: sii8620: fix possible off-by-one
wifi: libertas: Fix possible refcount leak in if_usb_probe()
dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
Hans de Goede (2):
ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI
quirks
ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
Harshit Mogalapalli (2):
HID: cp2112: prevent a buffer overflow in cp2112_xfer()
HID: mcp2221: prevent a buffer overflow in mcp_smbus_write()
Helge Deller (4):
fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
fbcon: Fix accelerated fbdev scrolling while logo is still shown
parisc: Fix device names in /proc/iomem
parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat
mode
Huacai Chen (2):
MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
Ian Rogers (1):
perf symbol: Fail to read phdr workaround
Ilpo Järvinen (1):
serial: 8250_dw: Store LSR into lsr_saved_flags in
dw8250_tx_wait_empty()
Ivan Hasenkampf (1):
ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
Jack Wang (2):
RDMA/rtrs: Avoid Wtautological-constant-out-of-range-compare
RDMA/rtrs-srv: Fix modinfo output for stringify
Jagath Jog J (2):
iio: accel: bma400: Fix the scale min and max macro values
iio: accel: bma400: Reordering of header files
Jakub Kicinski (1):
netdevsim: Avoid allocation warnings triggered from user space
Jamal Hadi Salim (1):
net_sched: cls_route: disallow handle of 0
Jan Kara (1):
ext2: Add more validity checks for inode counts
Jason A. Donenfeld (4):
fs: check FMODE_LSEEK to control internal pipe splicing
wireguard: ratelimiter: use hrtimer in selftest
wireguard: allowedips: don't corrupt stack when detecting overflow
timekeeping: contribute wall clock to rng on time change
Jason Gunthorpe (4):
vfio: Remove extra put/gets around vfio_device->group
vfio: Simplify the lifetime logic for vfio_device
vfio: Split creation of a vfio_device into init and register ops
vfio/mdev: Make to_mdev_device() into a static inline
Javier Martinez Canillas (1):
drm/st7735r: Fix module autoloading for Okaya RH128128T
Jens Wiklander (1):
tee: add overflow check in register_shm_helper()
Jeongik Cha (1):
wifi: mac80211_hwsim: fix race condition in pending packet
Jernej Skrabec (1):
media: cedrus: hevc: Add check for invalid timestamp
Jiachen Zhang (1):
ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
Jian Shen (2):
test_bpf: fix incorrect netdev features
net: ionic: fix error check for vlan flags in ionic_set_nic_features()
Jian Zhang (1):
drm/exynos/exynos7_drm_decon: free resources when clk_set_parent()
failed.
Jianglei Nie (2):
RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
Jiasheng Jiang (4):
drm: bridge: adv7511: Add check for mipi_dsi_driver_register
Bluetooth: hci_intel: Add check for platform_driver_register
intel_th: msu-sink: Potential dereference of null pointer
ASoC: codecs: da7210: add check for i2c_add_driver
Jim Mattson (2):
KVM: x86/pmu: Use binary search to check filtered events
KVM: x86/pmu: Use different raw event masks for AMD and Intel
Jitao Shi (2):
drm/mediatek: Separate poweron/poweroff from enable/disable and define
new funcs
drm/mediatek: Keep dsi as LP00 before dcs cmds transfer
Joe Lawrence (1):
selftests/livepatch: better synchronize test_klp_callbacks_busy
Johan Hovold (4):
x86/pmem: Fix platform-device leak in error path
ath11k: fix netdev open race
usb: dwc3: qcom: fix missing optional irq warnings
USB: serial: fix tty-port initialized comments
Johannes Berg (3):
wifi: mac80211_hwsim: add back erroneously removed cast
wifi: mac80211_hwsim: use 32-bit skb cookie
um: Allow PM with suspend-to-idle
Jonas Dreßler (1):
mwifiex: Ignore BTCOEX events from the 88W8897 firmware
Jose Alonso (1):
Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
Jose Ignacio Tornos Martinez (1):
wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
Josef Bacik (1):
btrfs: reset block group chunk force if we have to wait
Josh Poimboeuf (1):
scripts/faddr2line: Fix vmlinux detection on arm64
Julien STEPHAN (1):
drm/mediatek: Allow commands to be sent during video mode
Juri Lelli (1):
wait: Fix __wait_event_hrtimeout for RT/DL tasks
Keith Busch (1):
block: fix infinite loop for invalid zone append
Kim Phillips (1):
x86/bugs: Enable STIBP for IBPB mitigated RETBleed
Konrad Dybcio (1):
soc: qcom: Make QCOM_RPMPD depend on PM
Krzysztof Kozlowski (6):
ARM: dts: ast2500-evb: fix board compatible
ARM: dts: ast2600-evb: fix board compatible
ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg
ARM: dts: qcom: pm8841: add required thermal-sensor-cells
ath10k: do not enforce interrupt trigger type
ASoC: samsung: h1940_uda1380: include proepr GPIO consumer header
Kunihiko Hayashi (2):
ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC
arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC
Kuniyuki Iwashima (1):
tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
Lars-Peter Clausen (1):
i2c: cadence: Support PEC for SMBus block read
Leo Li (1):
drm/amdgpu: Check BO's requested pinning domains against its
preferred_domains
Lev Kujawski (1):
KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
Liang He (14):
ARM: OMAP2+: display: Fix refcount leak bug
ARM: shmobile: rcar-gen2: Increase refcount for new reference
soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
regulator: of: Fix refcount leak bug in
of_get_regulation_constraints()
mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
i2c: mux-gpmux: Add of_node_put() when breaking out of loop
usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
mmc: cavium-octeon: Add of_node_put() when breaking out of loop
mmc: cavium-thunderx: Add of_node_put() when breaking out of loop
ASoC: qcom: Fix missing of_node_put() in
asoc_qcom_lpass_cpu_platform_probe()
iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of
loop
ASoC: audio-graph-card: Add of_node_put() in fail path
video: fbdev: amba-clcd: Fix refcount leak bugs
Like Xu (2):
KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support
global_ctrl
Linus Walleij (2):
Input: atmel_mxt_ts - fix up inverted RESET handler
hwmon: (drivetemp) Add module alias
Linyu Yuan (1):
usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
Lorenzo Bianconi (1):
mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
Luiz Augusto von Dentz (1):
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
Lukas Wunner (3):
usbnet: Fix linkwatch use-after-free on disconnect
usbnet: smsc95xx: Don't clear read-only PHY interrupt
usbnet: smsc95xx: Avoid link settings race on interrupt reception
Lv Ruyi (1):
firmware: tegra: Fix error check return value of debugfs_create_file()
Lyude Paul (2):
drm/nouveau: Don't pm_runtime_put_sync(), only
pm_runtime_put_autosuspend()
drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from
pm_runtime
Maciej Fijalkowski (1):
selftests/xsk: Destroy BPF resources only when ctx refcount drops to 0
Maciej S. Szmigiero (1):
KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
Maciej W. Rozycki (4):
serial: 8250: Export ICR access helpers for internal use
serial: 8250: Dissociate 4MHz Titan ports from Oxford ports
serial: 8250: Correct the clock for OxSemi PCIe devices
serial: 8250: Fold EndRun device support into OxSemi Tornado code
Mahesh Rajashekhara (1):
scsi: smartpqi: Fix DMA direction for RAID requests
Manikanta Pubbisetty (1):
ath11k: Fix incorrect debug_mask mappings
Manyi Li (1):
ACPI: PM: save NVS memory for Lenovo G40-45
Maor Gottlieb (1):
RDMA/mlx5: Add missing check for return value in get namespace flow
Marcel Ziswiler (1):
ARM: dts: imx7d-colibri-emmc: add cpu1 supply
Marco Pagani (1):
fpga: altera-pr-ip: fix unsigned comparison with less than zero
Marek Vasut (3):
drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into
dedicated function
drm/bridge: tc358767: Make sure Refclk clock are enabled
drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in dedicated
function
Markus Mayer (1):
thermal/tools/tmon: Include pthread and time headers in tmon.h
Mateusz Kwiatkowski (1):
drm/vc4: hdmi: Fix timings for interlaced modes
Max Filippov (1):
xtensa: iss/network: provide release() callback
Maxim Mikityanskiy (1):
net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
Maxime Ripard (5):
drm/vc4: drv: Remove the DSI pointer in vc4_drv
drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array
drm/vc4: dsi: Introduce a variant structure
drm/vc4: hdmi: Don't access the connector state in reset if kmalloc
fails
drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling
Maximilian Heyne (1):
xen-blkback: Apply 'feature_persistent' parameter when connect
Meng Tang (2):
ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
ALSA: hda/realtek: Add quirk for another Asus K42JZ model
Miaohe Lin (1):
mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
Miaoqian Lin (27):
meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
ARM: bcm: Fix refcount leak in bcm_kona_smc_init
ARM: OMAP2+: Fix refcount leak in omapdss_init_of
ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
cpufreq: zynq: Fix refcount leak in zynq_get_revision
soc: qcom: ocmem: Fix refcount leak in of_get_ocmem
soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register
drm/mcde: Fix refcount leak in mcde_dsi_bind
media: tw686x: Fix memory leak in tw686x_video_init
mtd: maps: Fix refcount leak in of_flash_probe_versatile
mtd: maps: Fix refcount leak in ap_flash_init
PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()
mtd: partitions: Fix refcount leak in parse_redboot_of
usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe
ASoC: samsung: Fix error handling in aries_audio_probe
ASoC: mediatek: mt8173: Fix refcount leak in
mt8173_rt5650_rt5676_dev_probe
ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe
ASoC: mediatek: mt8173-rt5650: Fix refcount leak in
mt8173_rt5650_dev_probe
remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init
rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
mfd: max77620: Fix refcount leak in max77620_initialise_fps
powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
powerpc/xive: Fix refcount leak in xive_get_max_prio
powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
Michael Ellerman (3):
powerpc/powernv: Avoid crashing if rng is NULL
powerpc/64s: Disable stack variable initialisation for prom_init
powerpc/pci: Fix PHB numbering when using opal-phbid
Michael Grzeschik (2):
usb: dwc3: gadget: refactor dwc3_repare_one_trb
usb: dwc3: gadget: fix high speed multiplier setting
Michael Walle (1):
soc: fsl: guts: machine variable might be unset
Michal Suchanek (1):
kexec, KEYS, s390: Make use of built-in and secondary keyring for
signature verification
Mike Manning (1):
net: allow unbound socket for packets in VRF when tcp_l3mdev_accept
set
Mike Snitzer (1):
dm: return early from dm_pr_call() if DM device is suspended
Miklos Szeredi (1):
fuse: limit nsec
Mikulas Patocka (6):
add barriers to buffer_uptodate and set_buffer_uptodate
md-raid: destroy the bitmap after destroying the thread
md-raid10: fix KASAN warning
dm writecache: set a default MAX_WRITEBACK_JOBS
dm raid: fix address sanitizer warning in raid_resume
dm raid: fix address sanitizer warning in raid_status
Ming Lei (1):
blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
Ming Qian (1):
media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set
Miquel Raynal (6):
mtd: rawnand: Add a helper to clarify the interface configuration
mtd: rawnand: arasan: Check the proposed data interface is supported
mtd: rawnand: Add NV-DDR timings
mtd: rawnand: arasan: Fix a macro parameter
mtd: rawnand: arasan: Support NV-DDR interface
mtd: rawnand: arasan: Prevent an unsupported configuration
Mohamed Khalfella (1):
PCI/AER: Iterate over error counters instead of error strings
Narendra Hadke (1):
serial: mvebu-uart: uart2 error bits clearing
Nathan Chancellor (2):
hexagon: select ARCH_WANT_LD_ORPHAN_WARN
usb: cdns3: Don't use priv_dev uninitialized in
cdns3_gadget_ep_enable()
Nick Desaulniers (2):
Makefile: link with -z noexecstack --no-warn-rwx-segments
x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments
Nick Hainke (1):
arm64: dts: mt7622: fix BPI-R64 WPS button
Nico Boehr (1):
KVM: s390: pv: don't present the ecall interrupt twice
Nicolas Saenz Julienne (1):
nohz/full, sched/rt: Fix missed tick-reenabling bug in
dequeue_task_rt()
Niels Dossche (1):
media: hdpvr: fix error value returns in hdpvr_read
Nilesh Javali (1):
scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
Olga Kitaina (1):
mtd: rawnand: arasan: Fix clock rate in NV-DDR
Pali Rohár (4):
PCI: Add defines for normal and subtractive PCI bridges
powerpc/fsl-pci: Fix Class Code of PCIe Root Port
crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain'
and alias
Peng Fan (1):
interconnect: imx: fix max_node_id
Peter Zijlstra (1):
locking/lockdep: Fix lockdep_init_map_*() confusion
Phil Elwell (1):
drm/vc4: hdmi: Disable audio if dmas property is present but empty
Pierre-Louis Bossart (1):
soundwire: bus_type: fix remove and shutdown support
Ping Cheng (2):
HID: wacom: Only report rotation for art pen
HID: wacom: Don't register pad_input for touch switch
Prabhakar Kushwaha (1):
RDMA/qedr: Improve error logs for rdma_alloc_tid error return
Przemyslaw Patynowski (1):
iavf: Fix max_rate limiting
Qian Cai (1):
crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE
Qu Wenruo (3):
btrfs: reject log replay if there is unsupported RO compat flag
btrfs: only write the sectors in the vertical stripe which has data
stripes
btrfs: raid56: don't trust any cached sector in
__raid56_parity_recover()
Quentin Perret (1):
KVM: arm64: Don't return from void function
Quinn Tran (2):
scsi: qla2xxx: Turn off multi-queue for 8G adapters
scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
Rafael J. Wysocki (2):
thermal: sysfs: Fix cooling_device_stats_setup() error code path
ACPI: CPPC: Do not prevent CPPC from working in the future
Ralph Siemsen (1):
clk: renesas: r9a06g032: Fix UART clkgrp bitsel
Randy Dunlap (1):
usb: gadget: udc: amd5536 depends on HAS_DMA
Rex-BC Chen (1):
clk: mediatek: reset: Fix written reset bit offset
Rob Clark (1):
drm/msm/mdp5: Fix global state lock backoff
Robert Marko (5):
arm64: dts: qcom: ipq8074: fix NAND node name
clk: qcom: ipq8074: fix NSS core PLL-s
clk: qcom: ipq8074: SW workaround for UBI32 PLL lock
clk: qcom: ipq8074: fix NSS port frequency tables
clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
Rohith Kollalsi (1):
usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup
Russell King (Oracle) (1):
ARM: findbit: fix overflowing offset
Rustam Subkhankulov (2):
wifi: p54: add missing parentheses in p54_flush()
video: fbdev: sis: fix typos in SiS_GetModeID()
Sam Protsenko (1):
iommu/exynos: Handle failed IOMMU device registration properly
Samuel Holland (3):
irqchip/mips-gic: Only register IPI domain when SMP is enabled
genirq: GENERIC_IRQ_IPI depends on SMP
arm64: dts: allwinner: a64: orangepi-win: Fix LED node name
Sean Christopherson (15):
KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case
KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case
KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks
KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical
#GP
KVM: x86: Tag kvm_mmu_x86_module_init() with __init
KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4()
KVM: SVM: Drop VMXE check from svm_set_cr4()
KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops hook
KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4
KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no
vPMU
KVM: Add infrastructure and macro to mark VM as bugged
SeongJae Park (2):
xen-blkback: fix persistent grants negotiation
xen-blkfront: Apply 'feature_persistent' parameter when connect
Serge Semin (4):
dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction
semantics
PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()
PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists
Sergey Shtylyov (1):
usb: host: xhci: use snprintf() in xhci_decode_trb()
Shengjiu Wang (1):
ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format
Shunsuke Mie (1):
PCI: endpoint: Don't stop controller when unbinding endpoint function
Sibi Sankar (1):
remoteproc: sysmon: Wait for SSCTL service to come up
Siddh Raman Pant (1):
x86/numa: Use cpumask_available instead of hardcoded NULL check
Sireesh Kodali (1):
remoteproc: qcom: wcnss: Fix handling of IRQs
Srinivas Kandagatla (2):
ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV
ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV
Stefan Roese (1):
PCI/portdrv: Don't disable AER reporting in
get_port_device_capability()
Steffen Maier (1):
scsi: zfcp: Fix missing auto port scan and thus missing target ports
Stephan Gerhold (1):
regulator: qcom_smd: Fix pm8916_pldo range
Stephen Boyd (1):
platform/chrome: cros_ec: Always expose last resume result
Steven Rostedt (Google) (2):
ftrace/x86: Add back ftrace_expected assignment
tracing: Use a struct alignof to determine trace event field alignment
Sudeep Holla (1):
firmware: arm_scpi: Ensure scpi_info is not assigned if the probe
fails
Sumit Garg (1):
arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment
Suzuki K Poulose (1):
coresight: Clear the connection field properly
Tadeusz Struk (1):
sched/fair: Fix fault in reweight_entity
Tali Perry (2):
i2c: npcm: Remove own slave addresses 2:10
i2c: npcm: Correct slave role behavior
Tamás Szűcs (1):
arm64: tegra: Fix SDMMC1 CD on P2888
Tang Bin (3):
usb: gadget: tegra-xudc: Fix error check in
tegra_xudc_powerdomain_init()
usb: xhci: tegra: Fix error check
opp: Fix error check in dev_pm_opp_attach_genpd()
Tetsuo Handa (4):
tty: vt: initialize unicode screen buffer
lockdep: Allow tuning tracing capacity constants.
PM: hibernate: defer device probing when resuming from hibernation
lib/smp_processor_id: fix imbalanced instrumentation_end() call
Theodore Ts'o (1):
ext4: update s_overhead_clusters in the superblock during an on-line
resize
Thinh Nguyen (1):
usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
Thomas Gleixner (1):
netfilter: xtables: Bring SPDX identifier back
Tianchen Ding (1):
sched: Fix the check of nr_running at queue wakelist
Tianjia Zhang (1):
KEYS: asymmetric: enforce SM2 signature use pkey algo
Tim Crawford (1):
ALSA: hda/realtek: Add quirk for Clevo NV45PZ
Timur Tabi (1):
drm/nouveau: fix another off-by-one in nvbios_addr
Tom Lendacky (1):
crypto: ccp - During shutdown, check SEV data pointer before using
Tom Rix (2):
ASoC: samsung: change gpiod_speaker_power and rx1950_audio from global
to static variables
drm/vc4: change vc4_dma_range_matches from a global to static
Tony Battersby (1):
scsi: sg: Allow waiting for commands to complete on removed device
Trond Myklebust (1):
Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
Tyler Hicks (1):
net/9p: Initialize the iounit field during fid creation
Uwe Kleine-König (6):
pwm: sifive: Don't check the return code of pwmchip_remove()
pwm: sifive: Simplify offset calculation for PWMCMP registers
pwm: sifive: Ensure the clk is enabled exactly once per running PWM
pwm: sifive: Shut down hardware only after pwmchip_remove() completed
mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error
path
mfd: t7l66xb: Drop platform disable callback
Viacheslav Mitrofanov (1):
dmaengine: sf-pdma: Add multithread support for a DMA channel
Vidya Sagar (2):
PCI: tegra194: Fix Root Port interrupt handling
PCI: tegra194: Fix link up retry sequence
Vincent Mailhol (10):
can: pch_can: do not report txerr and rxerr during bus-off
can: rcar_can: do not report txerr and rxerr during bus-off
can: sja1000: do not report txerr and rxerr during bus-off
can: hi311x: do not report txerr and rxerr during bus-off
can: sun4i_can: do not report txerr and rxerr during bus-off
can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
can: usb_8dev: do not report txerr and rxerr during bus-off
can: error: specify the values of data[5..7] of CAN error frames
can: pch_can: pch_can_error(): initialize errc before using it
Vitaly Kuznetsov (2):
KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq
KVM: x86: Avoid theoretical NULL pointer dereference in
kvm_irq_delivery_to_apic_fast()
Vladimir Zapolskiy (1):
clk: qcom: camcc-sdm845: Fix topology around titan_top power domain
Waiman Long (1):
sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
Weitao Wang (1):
USB: HCD: Fix URB giveback issue in tasklet function
William Dean (3):
parisc: Check the return value of ioremap() in lba_driver_probe()
irqchip/mips-gic: Check the return value of ioremap() in gic_of_init()
watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in
armada_37xx_wdt_probe()
Wolfram Sang (2):
selftests: timers: valid-adjtimex: build fix for newer toolchains
selftests: timers: clocksource-switch: fix passing errors from child
Xiaomeng Tong (2):
media: [PATCH] pci: atomisp_cmd: fix three missing checks on list
iterator
virtio-gpu: fix a missing check to avoid NULL dereference
Xie Shaowen (1):
Input: gscps2 - check return value of ioremap() in gscps2_probe()
Xie Yongji (1):
fuse: Remove the control interface for virtio-fs
Xinlei Lee (2):
drm/mediatek: Modify dsi funcs to atomic operations
drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff
function
Xiu Jianfeng (1):
selinux: Add boundary check in put_entry()
Xu Wang (1):
i2c: Fix a potential use after free
Yang Xu (1):
fs: Add missing umask strip in vfs_tmpfile
Yang Yingliang (2):
bus: hisi_lpc: fix missing platform_device_put() in
hisi_lpc_acpi_probe()
xtensa: iss: fix handling error cases in iss_net_configure()
Yangtao Li (1):
pwm: lpc18xx-sct: Convert to devm_platform_ioremap_resource()
Ye Bin (1):
ext4: fix warning in ext4_iomap_begin as race between bmap and write
YiFei Zhu (1):
selftests/seccomp: Fix compile warning when CC=clang
Yonglong Li (1):
tcp: make retransmitted SKB fit into the send window
Yunhao Tian (1):
drm/mipi-dbi: align max_chunk to 2 in spi_transfer
Zhenguo Zhao (1):
tty: n_gsm: Delete gsmtty open SABM frame when config requester
Zheyu Ma (7):
ALSA: bcd2000: Fix a UAF bug on the error path of probing
iio: light: isl29028: Fix the warning in isl29028_remove()
media: tw686x: Register the irq at the end of probe
video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
video: fbdev: vt8623fb: Check the size of screen before memset_io()
video: fbdev: arkfb: Check the size of screen before memset_io()
video: fbdev: s3fb: Check the size of screen before memset_io()
Zhu Yanjun (1):
RDMA/rxe: Fix error unwind in rxe_create_qp()
Zoltan Tamas Vajda (1):
HID: hid-input: add Surface Go battery quirk
huhai (1):
ACPI: LPSS: Fix missing check in register_device_clock()
.../ABI/testing/sysfs-driver-xen-blkback | 2 +-
.../ABI/testing/sysfs-driver-xen-blkfront | 2 +-
.../admin-guide/kernel-parameters.txt | 29 +-
Documentation/driver-api/vfio.rst | 31 +-
Makefile | 3 +
arch/arm/boot/dts/Makefile | 1 +
arch/arm/boot/dts/aspeed-ast2500-evb.dts | 2 +-
arch/arm/boot/dts/aspeed-ast2600-evb.dts | 2 +-
arch/arm/boot/dts/bcm53015-meraki-mr26.dts | 166 ++++++++++
arch/arm/boot/dts/imx53-ppd.dts | 2 +-
arch/arm/boot/dts/imx6dl-colibri-eval-v3.dts | 2 +-
arch/arm/boot/dts/imx6q-apalis-eval.dts | 2 +-
arch/arm/boot/dts/imx6q-apalis-ixora-v1.1.dts | 2 +-
arch/arm/boot/dts/imx6q-apalis-ixora.dts | 2 +-
arch/arm/boot/dts/imx6ul.dtsi | 33 +-
arch/arm/boot/dts/imx7-colibri-aster.dtsi | 2 +-
arch/arm/boot/dts/imx7-colibri-eval-v3.dtsi | 2 +-
arch/arm/boot/dts/imx7d-colibri-emmc.dtsi | 4 +
.../boot/dts/motorola-mapphone-common.dtsi | 2 +-
arch/arm/boot/dts/qcom-mdm9615.dtsi | 1 +
arch/arm/boot/dts/qcom-pm8841.dtsi | 1 +
arch/arm/boot/dts/s5pv210-aries.dtsi | 2 +-
.../boot/dts/tegra20-acer-a500-picasso.dts | 2 +-
arch/arm/boot/dts/uniphier-pxs2.dtsi | 8 +-
arch/arm/lib/findbit.S | 16 +-
arch/arm/mach-bcm/bcm_kona_smc.c | 1 +
arch/arm/mach-omap2/display.c | 3 +
arch/arm/mach-omap2/prm3xxx.c | 1 +
.../mach-shmobile/regulator-quirk-rcar-gen2.c | 5 +-
arch/arm/mach-zynq/common.c | 1 +
.../dts/allwinner/sun50i-a64-orangepi-win.dts | 2 +-
.../dts/mediatek/mt7622-bananapi-bpi-r64.dts | 2 +-
.../arm64/boot/dts/nvidia/tegra194-p2888.dtsi | 2 +-
arch/arm64/boot/dts/qcom/ipq8074.dtsi | 2 +-
arch/arm64/boot/dts/qcom/qcs404.dtsi | 4 +-
.../dts/renesas/beacon-renesom-baseboard.dtsi | 6 +-
arch/arm64/boot/dts/renesas/r8a774c0.dtsi | 2 +-
arch/arm64/boot/dts/renesas/r8a77990.dtsi | 2 +-
.../boot/dts/socionext/uniphier-pxs3.dtsi | 8 +-
arch/arm64/crypto/Kconfig | 1 +
arch/arm64/include/asm/processor.h | 3 +-
arch/arm64/kernel/cpufeature.c | 2 +-
arch/arm64/kvm/hyp/nvhe/switch.c | 2 +-
arch/arm64/kvm/hyp/vhe/switch.c | 2 +-
arch/hexagon/Kconfig | 1 +
arch/ia64/include/asm/processor.h | 2 +-
arch/mips/kernel/proc.c | 2 +-
arch/parisc/kernel/drivers.c | 9 +-
arch/parisc/kernel/syscalls/syscall.tbl | 2 +-
arch/powerpc/kernel/Makefile | 1 +
arch/powerpc/kernel/pci-common.c | 29 +-
arch/powerpc/mm/ptdump/shared.c | 6 +-
arch/powerpc/perf/core-book3s.c | 35 +-
arch/powerpc/platforms/Kconfig.cputype | 4 +-
arch/powerpc/platforms/cell/axon_msi.c | 1 +
arch/powerpc/platforms/cell/spufs/inode.c | 1 +
arch/powerpc/platforms/powernv/rng.c | 2 +
arch/powerpc/sysdev/fsl_pci.c | 8 +
arch/powerpc/sysdev/fsl_pci.h | 1 +
arch/powerpc/sysdev/xive/spapr.c | 1 +
arch/riscv/kernel/reset.c | 12 +-
arch/s390/include/asm/gmap.h | 2 +
arch/s390/kernel/asm-offsets.c | 2 +
arch/s390/kernel/crash_dump.c | 2 +-
arch/s390/kernel/machine_kexec_file.c | 18 +-
arch/s390/kernel/os_info.c | 3 +-
arch/s390/kvm/intercept.c | 15 +
arch/s390/kvm/pv.c | 9 +-
arch/s390/kvm/sigp.c | 4 +-
arch/s390/mm/gmap.c | 86 +++++
arch/um/Kconfig | 5 +
arch/um/drivers/random.c | 2 +-
arch/um/include/shared/kern_util.h | 2 +
arch/um/include/shared/os.h | 1 +
arch/um/kernel/um_arch.c | 25 ++
arch/um/os-Linux/signal.c | 14 +-
arch/x86/boot/Makefile | 2 +-
arch/x86/boot/compressed/Makefile | 2 +
arch/x86/entry/Makefile | 3 +-
arch/x86/entry/thunk_32.S | 2 -
arch/x86/entry/thunk_64.S | 4 -
arch/x86/entry/vdso/Makefile | 2 +-
arch/x86/include/asm/kvm_host.h | 7 +-
arch/x86/kernel/cpu/bugs.c | 10 +-
arch/x86/kernel/ftrace.c | 1 +
arch/x86/kvm/emulate.c | 23 +-
arch/x86/kvm/hyperv.c | 3 +
arch/x86/kvm/lapic.c | 4 +
arch/x86/kvm/mmu/mmu.c | 2 +-
arch/x86/kvm/pmu.c | 36 +-
arch/x86/kvm/svm/pmu.c | 1 +
arch/x86/kvm/svm/svm.c | 14 +-
arch/x86/kvm/svm/svm.h | 2 +-
arch/x86/kvm/vmx/nested.c | 99 +++---
arch/x86/kvm/vmx/pmu_intel.c | 12 +-
arch/x86/kvm/vmx/vmx.c | 35 +-
arch/x86/kvm/vmx/vmx.h | 2 +-
arch/x86/kvm/x86.c | 17 +-
arch/x86/mm/numa.c | 4 +-
arch/x86/platform/olpc/olpc-xo1-sci.c | 2 +-
arch/x86/um/Makefile | 3 +-
arch/xtensa/platforms/iss/network.c | 42 ++-
block/bio.c | 3 -
block/blk-merge.c | 2 +-
block/blk-mq-debugfs.c | 3 +
block/blk-mq-sched.c | 2 +-
block/blk-mq.c | 8 +-
crypto/asymmetric_keys/public_key.c | 7 +-
drivers/acpi/acpi_lpss.c | 3 +
drivers/acpi/cppc_acpi.c | 54 ++-
drivers/acpi/ec.c | 82 +----
drivers/acpi/processor_idle.c | 6 +-
drivers/acpi/sleep.c | 8 +
drivers/block/null_blk_main.c | 14 +-
drivers/block/xen-blkback/xenbus.c | 20 +-
drivers/block/xen-blkfront.c | 4 +-
drivers/bluetooth/hci_intel.c | 6 +-
drivers/bus/hisi_lpc.c | 10 +-
drivers/clk/mediatek/reset.c | 4 +-
drivers/clk/qcom/camcc-sdm845.c | 4 +
drivers/clk/qcom/clk-krait.c | 7 +-
drivers/clk/qcom/gcc-ipq8074.c | 60 +++-
drivers/clk/renesas/r9a06g032-clocks.c | 8 +-
.../allwinner/sun8i-ss/sun8i-ss-cipher.c | 1 +
.../crypto/allwinner/sun8i-ss/sun8i-ss-core.c | 22 +-
.../crypto/allwinner/sun8i-ss/sun8i-ss-hash.c | 15 +-
drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h | 4 +
drivers/crypto/ccp/sev-dev.c | 2 +-
drivers/crypto/inside-secure/safexcel.c | 2 +
drivers/dma/dw-edma/dw-edma-core.c | 2 +-
drivers/dma/sf-pdma/sf-pdma.c | 49 ++-
drivers/firmware/arm_scpi.c | 61 ++--
drivers/firmware/tegra/bpmp-debugfs.c | 10 +-
drivers/fpga/altera-pr-ip-core.c | 2 +-
drivers/gpio/gpiolib-of.c | 4 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 4 +
drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 24 +-
drivers/gpu/drm/bridge/sil-sii8620.c | 4 +-
drivers/gpu/drm/bridge/tc358767.c | 62 +++-
drivers/gpu/drm/drm_gem.c | 4 +-
drivers/gpu/drm/drm_mipi_dbi.c | 7 +
drivers/gpu/drm/exynos/exynos7_drm_decon.c | 17 +-
.../drm/i915/display/intel_display_debugfs.c | 4 +-
drivers/gpu/drm/i915/i915_reg.h | 3 +-
drivers/gpu/drm/mcde/mcde_dsi.c | 1 +
drivers/gpu/drm/mediatek/mtk_dpi.c | 33 +-
drivers/gpu/drm/mediatek/mtk_dsi.c | 126 ++++---
drivers/gpu/drm/msm/disp/mdp5/mdp5_pipe.c | 3 +-
drivers/gpu/drm/nouveau/nouveau_display.c | 4 +-
drivers/gpu/drm/nouveau/nouveau_fbcon.c | 2 +-
.../gpu/drm/nouveau/nvkm/subdev/bios/base.c | 2 +-
drivers/gpu/drm/radeon/.gitignore | 2 +-
drivers/gpu/drm/radeon/Kconfig | 2 +-
drivers/gpu/drm/radeon/Makefile | 2 +-
drivers/gpu/drm/radeon/ni_dpm.c | 6 +-
.../gpu/drm/rockchip/analogix_dp-rockchip.c | 10 +-
drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 3 +
drivers/gpu/drm/tiny/st7735r.c | 1 +
drivers/gpu/drm/vc4/vc4_crtc.c | 10 +-
drivers/gpu/drm/vc4/vc4_drv.c | 19 ++
drivers/gpu/drm/vc4/vc4_drv.h | 1 -
drivers/gpu/drm/vc4/vc4_dsi.c | 208 ++++++++----
drivers/gpu/drm/vc4/vc4_hdmi.c | 50 ++-
drivers/gpu/drm/vc4/vc4_plane.c | 30 +-
drivers/gpu/drm/virtio/virtgpu_ioctl.c | 6 +-
drivers/hid/hid-alps.c | 2 +
drivers/hid/hid-cp2112.c | 5 +
drivers/hid/hid-ids.h | 2 +
drivers/hid/hid-input.c | 4 +
drivers/hid/hid-mcp2221.c | 3 +
drivers/hid/wacom_sys.c | 2 +-
drivers/hid/wacom_wac.c | 72 ++--
drivers/hwmon/drivetemp.c | 1 +
drivers/hwtracing/coresight/coresight-core.c | 1 +
drivers/hwtracing/intel_th/msu-sink.c | 3 +
drivers/hwtracing/intel_th/msu.c | 14 +-
drivers/hwtracing/intel_th/pci.c | 25 +-
drivers/i2c/busses/i2c-cadence.c | 10 +-
drivers/i2c/busses/i2c-npcm7xx.c | 50 ++-
drivers/i2c/i2c-core-base.c | 3 +-
drivers/i2c/muxes/i2c-mux-gpmux.c | 1 +
drivers/iio/accel/bma400.h | 23 +-
drivers/iio/accel/bma400_core.c | 4 +-
drivers/iio/light/isl29028.c | 2 +-
drivers/infiniband/hw/hfi1/file_ops.c | 4 +-
drivers/infiniband/hw/mlx5/fs.c | 6 +-
drivers/infiniband/hw/qedr/verbs.c | 26 +-
drivers/infiniband/sw/rxe/rxe_qp.c | 12 +-
drivers/infiniband/sw/siw/siw_cm.c | 7 +-
drivers/infiniband/ulp/rtrs/rtrs-clt.c | 5 -
drivers/infiniband/ulp/rtrs/rtrs-pri.h | 22 +-
drivers/infiniband/ulp/rtrs/rtrs-srv.c | 4 +-
drivers/infiniband/ulp/srpt/ib_srpt.c | 148 ++++++---
drivers/infiniband/ulp/srpt/ib_srpt.h | 18 +-
drivers/input/serio/gscps2.c | 4 +
drivers/input/touchscreen/atmel_mxt_ts.c | 6 +-
drivers/interconnect/imx/imx.c | 8 +-
drivers/iommu/arm/arm-smmu/qcom_iommu.c | 7 +-
drivers/iommu/exynos-iommu.c | 6 +-
drivers/iommu/intel/dmar.c | 2 +-
drivers/irqchip/Kconfig | 5 +-
drivers/irqchip/irq-mips-gic.c | 84 +++--
drivers/md/dm-raid.c | 4 +-
drivers/md/dm-rq.c | 2 +-
drivers/md/dm-writecache.c | 2 +-
drivers/md/dm.c | 5 +
drivers/md/md.c | 2 +-
drivers/md/raid10.c | 5 +-
drivers/media/pci/tw686x/tw686x-core.c | 18 +-
drivers/media/pci/tw686x/tw686x-video.c | 4 +-
drivers/media/platform/mtk-mdp/mtk_mdp_ipi.h | 2 +
drivers/media/usb/hdpvr/hdpvr-video.c | 2 +-
drivers/media/v4l2-core/v4l2-mem2mem.c | 2 +-
drivers/memstick/core/ms_block.c | 11 +-
drivers/mfd/max77620.c | 2 +
drivers/mfd/t7l66xb.c | 6 +-
drivers/misc/cardreader/rtsx_pcr.c | 6 +-
drivers/misc/eeprom/idt_89hpesx.c | 8 +-
drivers/mmc/core/block.c | 28 +-
drivers/mmc/host/cavium-octeon.c | 1 +
drivers/mmc/host/cavium-thunderx.c | 4 +-
drivers/mmc/host/sdhci-of-at91.c | 9 +-
drivers/mmc/host/sdhci-of-esdhc.c | 1 +
drivers/mtd/devices/st_spi_fsm.c | 8 +-
drivers/mtd/maps/physmap-versatile.c | 2 +
drivers/mtd/nand/raw/arasan-nand-controller.c | 57 +++-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/meson_nand.c | 1 -
drivers/mtd/nand/raw/nand_timings.c | 255 +++++++++++++++
drivers/mtd/parsers/redboot.c | 1 +
drivers/mtd/sm_ftl.c | 2 +-
drivers/net/can/pch_can.c | 8 +-
drivers/net/can/rcar/rcar_can.c | 8 +-
drivers/net/can/sja1000/sja1000.c | 7 +-
drivers/net/can/spi/hi311x.c | 5 +-
drivers/net/can/sun4i_can.c | 9 +-
.../net/can/usb/kvaser_usb/kvaser_usb_hydra.c | 12 +-
.../net/can/usb/kvaser_usb/kvaser_usb_leaf.c | 6 +-
drivers/net/can/usb/usb_8dev.c | 7 +-
drivers/net/ethernet/intel/iavf/iavf.h | 1 +
drivers/net/ethernet/intel/iavf/iavf_main.c | 25 +-
drivers/net/ethernet/mellanox/mlx5/core/en.h | 2 +-
.../mellanox/mlx5/core/en_accel/ktls.c | 2 +-
.../net/ethernet/pensando/ionic/ionic_lif.c | 2 +-
drivers/net/netdevsim/bpf.c | 8 +-
drivers/net/usb/ax88179_178a.c | 20 +-
drivers/net/usb/smsc95xx.c | 20 +-
drivers/net/usb/usbnet.c | 8 +-
drivers/net/wireguard/allowedips.c | 9 +-
drivers/net/wireguard/selftest/allowedips.c | 6 +-
drivers/net/wireguard/selftest/ratelimiter.c | 25 +-
drivers/net/wireless/ath/ath10k/snoc.c | 5 +-
drivers/net/wireless/ath/ath11k/core.c | 16 +-
drivers/net/wireless/ath/ath11k/debug.h | 4 +-
drivers/net/wireless/ath/wil6210/debugfs.c | 18 +-
drivers/net/wireless/intel/iwlegacy/4965-rs.c | 5 +-
drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 1 +
drivers/net/wireless/intersil/p54/main.c | 2 +-
drivers/net/wireless/intersil/p54/p54spi.c | 3 +-
drivers/net/wireless/mac80211_hwsim.c | 14 +-
.../net/wireless/marvell/libertas/if_usb.c | 1 +
drivers/net/wireless/marvell/mwifiex/main.h | 2 +
drivers/net/wireless/marvell/mwifiex/pcie.c | 3 +
.../net/wireless/marvell/mwifiex/sta_event.c | 3 +
drivers/net/wireless/mediatek/mt76/mac80211.c | 1 +
.../wireless/mediatek/mt76/mt76x02_usb_mcu.c | 2 +-
drivers/net/wireless/realtek/rtlwifi/debug.c | 8 +-
drivers/nvdimm/pmem_legacy_device.c | 7 +-
drivers/nvme/host/trace.h | 2 +-
drivers/opp/core.c | 4 +-
drivers/parisc/lba_pci.c | 6 +-
.../pci/controller/dwc/pcie-designware-ep.c | 18 +-
drivers/pci/controller/dwc/pcie-designware.c | 30 +-
drivers/pci/controller/dwc/pcie-qcom.c | 10 +-
drivers/pci/controller/dwc/pcie-tegra194.c | 49 ++-
drivers/pci/endpoint/functions/pci-epf-test.c | 1 -
drivers/pci/pcie/aer.c | 7 +-
drivers/pci/pcie/portdrv_core.c | 9 +-
drivers/perf/arm_spe_pmu.c | 22 +-
drivers/platform/chrome/cros_ec.c | 8 +-
drivers/platform/olpc/olpc-ec.c | 2 +-
drivers/pwm/pwm-lpc18xx-sct.c | 4 +-
drivers/pwm/pwm-sifive.c | 65 ++--
drivers/regulator/of_regulator.c | 6 +-
drivers/regulator/qcom_smd-regulator.c | 4 +-
drivers/remoteproc/qcom_sysmon.c | 10 +
drivers/remoteproc/qcom_wcnss.c | 10 +-
drivers/remoteproc/ti_k3_r5_remoteproc.c | 2 +
drivers/rpmsg/mtk_rpmsg.c | 2 +
drivers/rpmsg/qcom_smd.c | 1 +
drivers/s390/char/zcore.c | 11 +-
drivers/s390/cio/vfio_ccw_drv.c | 14 +-
drivers/s390/scsi/zfcp_fc.c | 29 +-
drivers/s390/scsi/zfcp_fc.h | 6 +-
drivers/s390/scsi/zfcp_fsf.c | 7 +-
drivers/scsi/qla2xxx/qla_def.h | 5 +-
drivers/scsi/qla2xxx/qla_gbl.h | 3 +-
drivers/scsi/qla2xxx/qla_gs.c | 11 +-
drivers/scsi/qla2xxx/qla_init.c | 48 ++-
drivers/scsi/qla2xxx/qla_isr.c | 20 +-
drivers/scsi/qla2xxx/qla_mbx.c | 19 +-
drivers/scsi/qla2xxx/qla_nvme.c | 5 -
drivers/scsi/sg.c | 53 +--
drivers/scsi/smartpqi/smartpqi_init.c | 4 +-
drivers/soc/amlogic/meson-mx-socinfo.c | 1 +
drivers/soc/amlogic/meson-secure-pwrc.c | 4 +-
drivers/soc/fsl/guts.c | 2 +-
drivers/soc/qcom/Kconfig | 1 +
drivers/soc/qcom/ocmem.c | 3 +
drivers/soc/qcom/qcom_aoss.c | 4 +-
drivers/soc/renesas/r8a779a0-sysc.c | 10 +-
drivers/soundwire/bus_type.c | 8 +-
drivers/spi/spi-rspi.c | 4 +
drivers/spi/spi-synquacer.c | 1 +
.../staging/media/atomisp/pci/atomisp_cmd.c | 57 ++--
.../staging/media/sunxi/cedrus/cedrus_h265.c | 3 +
drivers/staging/rtl8192u/r8192U.h | 2 +-
drivers/staging/rtl8192u/r8192U_dm.c | 38 +--
drivers/staging/rtl8192u/r8192U_dm.h | 2 +-
drivers/tee/tee_shm.c | 3 +
drivers/thermal/thermal_sysfs.c | 10 +-
drivers/tty/n_gsm.c | 199 ++++++++---
drivers/tty/serial/8250/8250.h | 22 ++
drivers/tty/serial/8250/8250_dw.c | 3 +
drivers/tty/serial/8250/8250_pci.c | 308 +++++++++---------
drivers/tty/serial/8250/8250_port.c | 21 --
drivers/tty/serial/mvebu-uart.c | 11 +
drivers/tty/vt/vt.c | 2 +-
drivers/usb/cdns3/gadget.c | 11 +-
drivers/usb/core/hcd.c | 26 +-
drivers/usb/dwc3/core.c | 9 +-
drivers/usb/dwc3/dwc3-qcom.c | 4 +-
drivers/usb/dwc3/gadget.c | 92 +++---
drivers/usb/gadget/udc/Kconfig | 2 +-
drivers/usb/gadget/udc/aspeed-vhub/hub.c | 4 +-
drivers/usb/gadget/udc/tegra-xudc.c | 8 +-
drivers/usb/host/ehci-ppc-of.c | 1 +
drivers/usb/host/ohci-nxp.c | 1 +
drivers/usb/host/xhci-tegra.c | 8 +-
drivers/usb/host/xhci.h | 2 +-
drivers/usb/serial/sierra.c | 3 +-
drivers/usb/serial/usb-serial.c | 2 +-
drivers/usb/serial/usb_wwan.c | 3 +-
drivers/usb/typec/ucsi/ucsi.c | 4 +
drivers/vfio/mdev/mdev_private.h | 5 +-
drivers/vfio/vfio.c | 207 +++++-------
drivers/video/fbdev/amba-clcd.c | 24 +-
drivers/video/fbdev/arkfb.c | 9 +-
drivers/video/fbdev/core/fbcon.c | 12 +-
drivers/video/fbdev/s3fb.c | 2 +
drivers/video/fbdev/sis/init.c | 4 +-
drivers/video/fbdev/vt8623fb.c | 2 +
drivers/watchdog/armada_37xx_wdt.c | 2 +
fs/attr.c | 2 +
fs/btrfs/block-group.c | 1 +
fs/btrfs/disk-io.c | 14 +
fs/btrfs/raid56.c | 74 ++++-
fs/erofs/decompressor.c | 16 +-
fs/eventpoll.c | 22 ++
fs/ext2/super.c | 12 +-
fs/ext4/inode.c | 19 +-
fs/ext4/resize.c | 1 +
fs/f2fs/file.c | 9 +-
fs/f2fs/gc.c | 41 ++-
fs/fuse/control.c | 4 +-
fs/fuse/inode.c | 6 +
fs/namei.c | 4 +
fs/nfs/nfs3client.c | 1 -
fs/overlayfs/export.c | 2 +-
fs/splice.c | 10 +-
include/acpi/cppc_acpi.h | 2 +-
include/linux/bitmap.h | 12 +-
include/linux/blktrace_api.h | 5 +-
include/linux/buffer_head.h | 25 +-
include/linux/kfifo.h | 2 +-
include/linux/kvm_host.h | 28 +-
include/linux/lockdep.h | 30 +-
include/linux/mfd/t7l66xb.h | 1 -
include/linux/mtd/rawnand.h | 123 ++++++-
include/linux/pci_ids.h | 2 +
include/linux/sched.h | 2 +-
include/linux/tpm_eventlog.h | 2 +-
include/linux/usb/hcd.h | 1 +
include/linux/vfio.h | 16 +
include/linux/wait.h | 9 +-
include/net/inet6_hashtables.h | 27 +-
include/net/inet_hashtables.h | 44 +--
include/net/inet_sock.h | 18 +-
include/net/sock.h | 3 -
include/trace/events/block.h | 30 +-
include/trace/events/spmi.h | 12 +-
include/trace/trace_events.h | 8 +-
include/uapi/linux/can/error.h | 5 +-
include/uapi/linux/netfilter/xt_IDLETIMER.h | 17 +-
kernel/bpf/verifier.c | 4 +-
kernel/cgroup/cpuset.c | 2 +-
kernel/irq/Kconfig | 1 +
kernel/irq/chip.c | 3 +-
kernel/kprobes.c | 3 +-
kernel/locking/lockdep.c | 9 +-
kernel/locking/lockdep_internals.h | 8 +-
kernel/power/user.c | 13 +-
kernel/profile.c | 7 +
kernel/sched/core.c | 34 +-
kernel/sched/deadline.c | 52 +--
kernel/sched/rt.c | 15 +-
kernel/sched/sched.h | 3 +-
kernel/time/hrtimer.c | 1 +
kernel/time/timekeeping.c | 7 +-
kernel/trace/blktrace.c | 46 +--
lib/Kconfig.debug | 40 +++
lib/bitmap.c | 42 ++-
lib/livepatch/test_klp_callbacks_busy.c | 8 +
lib/smp_processor_id.c | 2 +-
lib/test_bpf.c | 4 +-
mm/mmap.c | 1 -
net/9p/client.c | 5 +-
net/bluetooth/l2cap_core.c | 13 +-
net/dccp/proto.c | 10 +-
net/ipv4/inet_hashtables.c | 17 +-
net/ipv4/tcp_output.c | 30 +-
net/ipv4/udp.c | 3 +-
net/ipv6/inet6_hashtables.c | 6 +-
net/ipv6/udp.c | 2 +-
net/mac80211/sta_info.c | 6 +-
net/netfilter/nf_tables_api.c | 1 +
net/rose/af_rose.c | 11 +-
net/rose/rose_route.c | 2 +
net/sched/cls_route.c | 10 +
scripts/faddr2line | 4 +-
security/selinux/ss/policydb.h | 2 +
sound/pci/hda/patch_cirrus.c | 1 +
sound/pci/hda/patch_conexant.c | 11 +-
sound/pci/hda/patch_realtek.c | 15 +
sound/soc/atmel/mchp-spdifrx.c | 9 +-
sound/soc/codecs/cros_ec_codec.c | 1 +
sound/soc/codecs/da7210.c | 2 +
sound/soc/codecs/msm8916-wcd-digital.c | 46 +--
sound/soc/codecs/wcd9335.c | 81 ++---
sound/soc/fsl/fsl_easrc.c | 9 +-
sound/soc/fsl/fsl_easrc.h | 2 +-
sound/soc/generic/audio-graph-card.c | 4 +-
sound/soc/mediatek/mt6797/mt6797-mt6351.c | 6 +-
.../mediatek/mt8173/mt8173-rt5650-rt5676.c | 10 +-
sound/soc/mediatek/mt8173/mt8173-rt5650.c | 9 +-
sound/soc/qcom/lpass-cpu.c | 1 +
sound/soc/qcom/qdsp6/q6adm.c | 2 +-
sound/soc/samsung/aries_wm8994.c | 6 +-
sound/soc/samsung/h1940_uda1380.c | 2 +-
sound/soc/samsung/rx1950_uda1380.c | 4 +-
sound/usb/bcd2000/bcd2000.c | 3 +-
tools/lib/bpf/libbpf.c | 9 +-
tools/lib/bpf/xsk.c | 9 +-
tools/perf/util/dsos.c | 15 +-
tools/perf/util/genelf.c | 6 +-
tools/perf/util/symbol-elf.c | 27 +-
tools/testing/selftests/bpf/prog_tests/btf.c | 2 +-
.../selftests/kvm/lib/x86_64/processor.c | 2 +-
tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +-
.../selftests/timers/clocksource-switch.c | 6 +-
.../testing/selftests/timers/valid-adjtimex.c | 2 +-
tools/thermal/tmon/sysfs.c | 24 +-
tools/thermal/tmon/tmon.h | 3 +
virt/kvm/kvm_main.c | 26 +-
464 files changed, 4348 insertions(+), 2261 deletions(-)
create mode 100644 arch/arm/boot/dts/bcm53015-meraki-mr26.dts
--
2.20.1
1
496
With the increase of memory capacity and density, the probability of
memory error increases. The increasing size and density of server RAM
in the data center and cloud have shown increased uncorrectable memory
errors.
Currently, the kernel has a mechanism to recover from hardware memory
errors. This patchset provides an new recovery mechanism.
For arm64, the hardware memory error handling is do_sea() which divided
into two cases:
1. The user state consumed the memory errors, the solution is kill the
user process and isolate the error page.
2. The kernel state consumed the memory errors, the solution is panic.
For case 2, Undifferentiated panic maybe not the optimal choice, it can be
handled better, in some scenarios, we can avoid panic, such as uaccess, if the
uaccess fails due to memory error, only the user process will be affected,
kill the user process and isolate the user page with hardware memory errors
is a better choice.
v1 -> v2:
Integrated bugfix patchs into the fixed patch.
Tong Tiangen (11):
Revert "arm64: ras: copy_from_user scenario support uce kernel
recovery"
Revert "arm64: config: enable CONFIG_ARM64_UCE_KERNEL_RECOVERY"
uaccess: add generic fallback version of copy_mc_to_user()
arm64: extable: add new extable type "__mc_ex_table"
arm64: add support for machine check error safe
arm64: copy_form/to_user support machine check safe
arm64: get/put_user support machine check safe
arm64: add cow to machine check safe
arm64: introduce copy_mc_to_kernel() implementation
arm64: add dump_user_range() to machine check safe
arm64: add machine check safe sysctl interface
Documentation/admin-guide/sysctl/kernel.rst | 38 ++--
arch/arm64/Kconfig | 14 +-
arch/arm64/configs/openeuler_defconfig | 1 -
arch/arm64/include/asm/asm-uaccess.h | 5 +
arch/arm64/include/asm/assembler.h | 26 ++-
arch/arm64/include/asm/exception.h | 13 --
arch/arm64/include/asm/extable.h | 1 +
arch/arm64/include/asm/mte.h | 4 +
arch/arm64/include/asm/page.h | 10 +
arch/arm64/include/asm/processor.h | 2 +
arch/arm64/include/asm/string.h | 5 +
arch/arm64/include/asm/uaccess.h | 70 +++++--
arch/arm64/lib/Makefile | 10 +-
arch/arm64/lib/copy_from_user.S | 19 +-
arch/arm64/lib/copy_page_mc.S | 80 ++++++++
arch/arm64/lib/copy_to_user.S | 10 +-
arch/arm64/lib/memcpy_mc.S | 73 ++++++++
arch/arm64/lib/mte.S | 19 ++
arch/arm64/mm/Makefile | 2 -
arch/arm64/mm/copypage.c | 37 +++-
arch/arm64/mm/extable.c | 12 ++
arch/arm64/mm/fault.c | 36 +++-
arch/arm64/mm/uce_kernel_recovery.c | 198 --------------------
arch/powerpc/include/asm/uaccess.h | 1 +
arch/x86/include/asm/uaccess.h | 1 +
fs/coredump.c | 2 +
include/asm-generic/vmlinux.lds.h | 19 +-
include/linux/extable.h | 23 +++
include/linux/highmem.h | 8 +
include/linux/module.h | 11 ++
include/linux/sched.h | 1 +
include/linux/uaccess.h | 9 +
kernel/extable.c | 29 +++
kernel/module.c | 38 ++++
kernel/sysctl.c | 11 ++
lib/iov_iter.c | 12 +-
mm/memory.c | 2 +-
scripts/sorttable.h | 27 +++
38 files changed, 583 insertions(+), 296 deletions(-)
create mode 100644 arch/arm64/lib/copy_page_mc.S
create mode 100644 arch/arm64/lib/memcpy_mc.S
delete mode 100644 arch/arm64/mm/uce_kernel_recovery.c
--
2.25.1
1
11
Offering: HULK
hulk inclusion
category: feature
bugzilla: 187731
---------------------------
Since iocost can only be used in cgroup v2, add it to v1 now.
Signed-off-by: Li Nan <linan122(a)huawei.com>
---
block/blk-iocost.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/block/blk-iocost.c b/block/blk-iocost.c
index 08e4ba856e3b..64119eaf29da 100644
--- a/block/blk-iocost.c
+++ b/block/blk-iocost.c
@@ -3396,6 +3396,28 @@ static ssize_t ioc_cost_model_write(struct kernfs_open_file *of, char *input,
return ret;
}
+static struct cftype ioc_legacy_files[] = {
+ {
+ .name = "cost.weight",
+ .flags = CFTYPE_NOT_ON_ROOT,
+ .seq_show = ioc_weight_show,
+ .write = ioc_weight_write,
+ },
+ {
+ .name = "cost.qos",
+ .flags = CFTYPE_ONLY_ON_ROOT,
+ .seq_show = ioc_qos_show,
+ .write = ioc_qos_write,
+ },
+ {
+ .name = "cost.model",
+ .flags = CFTYPE_ONLY_ON_ROOT,
+ .seq_show = ioc_cost_model_show,
+ .write = ioc_cost_model_write,
+ },
+ {}
+};
+
static struct cftype ioc_files[] = {
{
.name = "weight",
@@ -3420,6 +3442,7 @@ static struct cftype ioc_files[] = {
static struct blkcg_policy blkcg_policy_iocost = {
.dfl_cftypes = ioc_files,
+ .legacy_cftypes = ioc_legacy_files,
.cpd_alloc_fn = ioc_cpd_alloc,
.cpd_free_fn = ioc_cpd_free,
.pd_alloc_fn = ioc_pd_alloc,
--
2.31.1
1
0
答复: [PATCH openEuler-22.03-LTS 2/2] block: Fix kabi broken in blk-merge.h and blk-cgroup.h
by linan (AK) 17 Nov '22
by linan (AK) 17 Nov '22
17 Nov '22
-----邮件原件-----
发件人: linan (AK) <linan122(a)huawei.com>
发送时间: 2022年11月17日 21:42
收件人: Zhengzengkai <zhengzengkai(a)huawei.com>; Xiexiuqi <xiexiuqi(a)huawei.com>; pmail_patchwork <patchwork(a)huawei.com>
抄送: linan (AK) <linan122(a)huawei.com>; zhangyi (F) <yi.zhang(a)huawei.com>; houtao (A) <houtao1(a)huawei.com>; yukuai (C) <yukuai3(a)huawei.com>; chenxiaosong (A) <chenxiaosong2(a)huawei.com>; chengzhihao <chengzhihao1(a)huawei.com>; libaokun (C) <libaokun1(a)huawei.com>; luomeng <luomeng12(a)huawei.com>; yanaijie <yanaijie(a)huawei.com>; yangerkun <yangerkun(a)huawei.com>; yebin (H) <yebin10(a)huawei.com>; yuyufen <yuyufen(a)huawei.com>; zhangxiaoxu (A) <zhangxiaoxu5(a)huawei.com>; Zhengbin (OSKernel) <zhengbin13(a)huawei.com>; koulihong <koulihong(a)huawei.com>; qiulaibin <qiulaibin(a)huawei.com>
主题: [PATCH openEuler-22.03-LTS 2/2] block: Fix kabi broken in blk-merge.h and blk-cgroup.h
hulk inclusion
category: bugfix
bugzilla: 187443, https://gitee.com/openeuler/kernel/issues/I5Z7O2
CVE: NA
--------------------------------
Include additional files and add new function will cause kabi broken. So move changes to blk-mq.h. bio_issue_as_root_blkg() is needed by blk_cgroup_mergeable(), move it together. It is used by iocost, too, so add blk-mq.h to blk-iocost.c.
Signed-off-by: Li Nan <linan122(a)huawei.com>
Reviewed-by: Jason Yan <yanaijie(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
block/blk-iocost.c | 1 +
block/blk-merge.c | 1 -
block/blk-mq.h | 34 ++++++++++++++++++++++++++++++++++
include/linux/blk-cgroup.h | 33 ---------------------------------
4 files changed, 35 insertions(+), 34 deletions(-)
diff --git a/block/blk-iocost.c b/block/blk-iocost.c index 08e4ba856e3b..462dbb766ed1 100644
--- a/block/blk-iocost.c
+++ b/block/blk-iocost.c
@@ -184,6 +184,7 @@
#include "blk-rq-qos.h"
#include "blk-stat.h"
#include "blk-wbt.h"
+#include "blk-mq.h"
#ifdef CONFIG_TRACEPOINTS
diff --git a/block/blk-merge.c b/block/blk-merge.c index f3fca8bb326d..1ed1b5146db2 100644
--- a/block/blk-merge.c
+++ b/block/blk-merge.c
@@ -7,7 +7,6 @@
#include <linux/bio.h>
#include <linux/blkdev.h>
#include <linux/scatterlist.h>
-#include <linux/blk-cgroup.h>
#include <trace/events/block.h>
diff --git a/block/blk-mq.h b/block/blk-mq.h index 5572277cf9a3..1c86f7d56e72 100644
--- a/block/blk-mq.h
+++ b/block/blk-mq.h
@@ -338,5 +338,39 @@ static inline bool hctx_may_queue(struct blk_mq_hw_ctx *hctx,
return __blk_mq_active_requests(hctx) < depth; }
+/**
+ * bio_issue_as_root_blkg - see if this bio needs to be issued as root
+blkg
+ * @return: true if this bio needs to be submitted with the root blkg context.
+ *
+ * In order to avoid priority inversions we sometimes need to issue a
+bio as if
+ * it were attached to the root blkg, and then backcharge to the actual
+owning
+ * blkg. The idea is we do bio_blkcg() to look up the actual context
+for the
+ * bio and attach the appropriate blkg to the bio. Then we call this
+helper and
+ * if it is true run with the root blkg for that queue and then do any
+ * backcharging to the originating cgroup once the io is complete.
+ */
+static inline bool bio_issue_as_root_blkg(struct bio *bio) {
+ return (bio->bi_opf & (REQ_META | REQ_SWAP)) != 0; }
+
+#ifdef CONFIG_BLK_CGROUP
+/**
+ * blk_cgroup_mergeable - Determine whether to allow or disallow merges
+ * @rq: request to merge into
+ * @bio: bio to merge
+ *
+ * @bio and @rq should belong to the same cgroup and their
+issue_as_root should
+ * match. The latter is necessary as we don't want to throttle e.g. a
+metadata
+ * update because it happens to be next to a regular IO.
+ */
+static inline bool blk_cgroup_mergeable(struct request *rq, struct bio
+*bio) {
+ return rq->bio->bi_blkg == bio->bi_blkg &&
+ bio_issue_as_root_blkg(rq->bio) == bio_issue_as_root_blkg(bio); }
+#else /* CONFIG_BLK_CGROUP */
+static inline bool blk_cgroup_mergeable(struct request *rq, struct bio *bio) { return true; }
+#endif /* CONFIG_BLK_CGROUP */
#endif
diff --git a/include/linux/blk-cgroup.h b/include/linux/blk-cgroup.h index dac9804907df..994ff06de40f 100644
--- a/include/linux/blk-cgroup.h
+++ b/include/linux/blk-cgroup.h
@@ -25,7 +25,6 @@
#include <linux/atomic.h>
#include <linux/kthread.h>
#include <linux/fs.h>
-#include <linux/blk-mq.h>
/* percpu_counter batch for blkg_[rw]stats, per-cpu drift doesn't matter */
#define BLKG_STAT_CPU_BATCH (INT_MAX / 2)
@@ -297,22 +296,6 @@ static inline bool blk_cgroup_congested(void)
return ret;
}
-/**
- * bio_issue_as_root_blkg - see if this bio needs to be issued as root blkg
- * @return: true if this bio needs to be submitted with the root blkg context.
- *
- * In order to avoid priority inversions we sometimes need to issue a bio as if
- * it were attached to the root blkg, and then backcharge to the actual owning
- * blkg. The idea is we do bio_blkcg() to look up the actual context for the
- * bio and attach the appropriate blkg to the bio. Then we call this helper and
- * if it is true run with the root blkg for that queue and then do any
- * backcharging to the originating cgroup once the io is complete.
- */
-static inline bool bio_issue_as_root_blkg(struct bio *bio) -{
- return (bio->bi_opf & (REQ_META | REQ_SWAP)) != 0;
-}
-
/**
* blkcg_parent - get the parent of a blkcg
* @blkcg: blkcg of interest
@@ -611,21 +594,6 @@ static inline void blkcg_clear_delay(struct blkcg_gq *blkg)
atomic_dec(&blkg->blkcg->css.cgroup->congestion_count);
}
-/**
- * blk_cgroup_mergeable - Determine whether to allow or disallow merges
- * @rq: request to merge into
- * @bio: bio to merge
- *
- * @bio and @rq should belong to the same cgroup and their issue_as_root should
- * match. The latter is necessary as we don't want to throttle e.g. a metadata
- * update because it happens to be next to a regular IO.
- */
-static inline bool blk_cgroup_mergeable(struct request *rq, struct bio *bio) -{
- return rq->bio->bi_blkg == bio->bi_blkg &&
- bio_issue_as_root_blkg(rq->bio) == bio_issue_as_root_blkg(bio);
-}
-
void blk_cgroup_bio_start(struct bio *bio); void blkcg_add_delay(struct blkcg_gq *blkg, u64 now, u64 delta); void blkcg_schedule_throttle(struct request_queue *q, bool use_memdelay); @@ -681,7 +649,6 @@ static inline void blkg_put(struct blkcg_gq *blkg) { } static inline bool blkcg_punt_bio_submit(struct bio *bio) { return false; } static inline void blkcg_bio_issue_init(struct bio *bio) { } static inline void blk_cgroup_bio_start(struct bio *bio) { } -static inline bool blk_cgroup_mergeable(struct request *rq, struct bio *bio) { return true; }
#define blk_queue_for_each_rl(rl, q) \
for ((rl) = &(q)->root_rl; (rl); (rl) = NULL)
--
2.31.1
1
0
[PATCH OLK-5.10] mm: Fix kabi change caused by saved_auxv[] in mm_struct for x86_64
by Zheng Zengkai 17 Nov '22
by Zheng Zengkai 17 Nov '22
17 Nov '22
openeuler inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I5RQLJ
CVE: NA
Intel-SIG: mm: Fix kabi change caused by saved_auxv[] in mm_struct for x86_64.
--------------------------------
Use the KABI_DEPRECATE and KABI_USE macro to fix kabi change caused by
commit 1c33bb050750 ("x86/elf: Support a new ELF aux vector AT_MINSIGSTKSZ").
The extended saved_auxv[] causes the kabi breakage, move the saved_auxv[]
to the end of struct mm_struct.
To avoid introducing too many size increase of mm_struct, use a pointer to
indirectly reference the relocated saved_auxv[], then adapt the code where
mm->saved_auxv is used.
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
Signed-off-by: Lin Wang <lin.x.wang(a)intel.com>
Signed-off-by: Aichun Shi <aichun.shi(a)intel.com>
---
arch/x86/include/uapi/asm/auxvec.h | 2 ++
fs/binfmt_elf.c | 12 ++++++------
fs/proc/base.c | 6 +++---
include/linux/mm_types.h | 16 ++++++++++++++--
kernel/fork.c | 29 ++++++++++++++++++++++++++---
kernel/sys.c | 10 +++++-----
6 files changed, 56 insertions(+), 19 deletions(-)
diff --git a/arch/x86/include/uapi/asm/auxvec.h b/arch/x86/include/uapi/asm/auxvec.h
index 6beb55bbefa4..6be5f6584119 100644
--- a/arch/x86/include/uapi/asm/auxvec.h
+++ b/arch/x86/include/uapi/asm/auxvec.h
@@ -13,8 +13,10 @@
/* entries in ARCH_DLINFO: */
#if defined(CONFIG_IA32_EMULATION) || !defined(CONFIG_X86_64)
# define AT_VECTOR_SIZE_ARCH 3
+# define ORIG_AT_VECTOR_SIZE_ARCH 2
#else /* else it's non-compat x86-64 */
# define AT_VECTOR_SIZE_ARCH 2
+# define ORIG_AT_VECTOR_SIZE_ARCH 1
#endif
#endif /* _ASM_X86_AUXVEC_H */
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index ed507d27034b..1813c6fc8487 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -236,7 +236,7 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
return -EFAULT;
/* Create the ELF interpreter info */
- elf_info = (elf_addr_t *)mm->saved_auxv;
+ elf_info = (elf_addr_t *)mm->mm_extend->saved_auxv;
/* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
#define NEW_AUX_ENT(id, val) \
do { \
@@ -285,13 +285,13 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
}
#undef NEW_AUX_ENT
/* AT_NULL is zero; clear the rest too */
- memset(elf_info, 0, (char *)mm->saved_auxv +
- sizeof(mm->saved_auxv) - (char *)elf_info);
+ memset(elf_info, 0, (char *)mm->mm_extend->saved_auxv +
+ sizeof(mm->mm_extend->saved_auxv) - (char *)elf_info);
/* And advance past the AT_NULL entry. */
elf_info += 2;
- ei_index = elf_info - (elf_addr_t *)mm->saved_auxv;
+ ei_index = elf_info - (elf_addr_t *)mm->mm_extend->saved_auxv;
sp = STACK_ADD(p, ei_index);
items = (argc + 1) + (envc + 1) + 1;
@@ -352,7 +352,7 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
mm->env_end = p;
/* Put the elf_info on the stack in the right place. */
- if (copy_to_user(sp, mm->saved_auxv, ei_index * sizeof(elf_addr_t)))
+ if (copy_to_user(sp, mm->mm_extend->saved_auxv, ei_index * sizeof(elf_addr_t)))
return -EFAULT;
return 0;
}
@@ -1586,7 +1586,7 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
{
- elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
+ elf_addr_t *auxv = (elf_addr_t *) mm->mm_extend->saved_auxv;
int i = 0;
do
i += 2;
diff --git a/fs/proc/base.c b/fs/proc/base.c
index cc1fdff2e136..83f04d728172 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1038,9 +1038,9 @@ static ssize_t auxv_read(struct file *file, char __user *buf,
return 0;
do {
nwords += 2;
- } while (mm->saved_auxv[nwords - 2] != 0); /* AT_NULL */
- return simple_read_from_buffer(buf, count, ppos, mm->saved_auxv,
- nwords * sizeof(mm->saved_auxv[0]));
+ } while (mm->mm_extend->saved_auxv[nwords - 2] != 0); /* AT_NULL */
+ return simple_read_from_buffer(buf, count, ppos, mm->mm_extend->saved_auxv,
+ nwords * sizeof(mm->mm_extend->saved_auxv[0]));
}
static const struct file_operations proc_auxv_operations = {
diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h
index 15ff1e20f5ca..64d1c1f62968 100644
--- a/include/linux/mm_types.h
+++ b/include/linux/mm_types.h
@@ -24,6 +24,13 @@
#endif
#define AT_VECTOR_SIZE (2*(AT_VECTOR_SIZE_ARCH + AT_VECTOR_SIZE_BASE + 1))
+
+#ifndef ORIG_AT_VECTOR_SIZE_ARCH
+#define ORIG_AT_VECTOR_SIZE_ARCH AT_VECTOR_SIZE_ARCH
+#endif
+/* To pass the check of check-kabi, define the macro instead of number "46". */
+#define ORIG_AT_VECTOR_SIZE (2*(ORIG_AT_VECTOR_SIZE_ARCH + AT_VECTOR_SIZE_BASE + 1))
+
#define INIT_PASID 0
struct address_space;
@@ -394,6 +401,11 @@ struct core_state {
};
struct kioctx_table;
+
+struct mm_struct_extend {
+ unsigned long saved_auxv[AT_VECTOR_SIZE]; /* for /proc/PID/auxv */
+};
+
struct mm_struct {
struct {
struct vm_area_struct *mmap; /* list of VMAs */
@@ -508,7 +520,7 @@ struct mm_struct {
unsigned long start_brk, brk, start_stack;
unsigned long arg_start, arg_end, env_start, env_end;
- unsigned long saved_auxv[AT_VECTOR_SIZE]; /* for /proc/PID/auxv */
+ KABI_DEPRECATE(unsigned long, saved_auxv[ORIG_AT_VECTOR_SIZE])
/*
* Special counters, in some configurations protected by the
@@ -592,7 +604,7 @@ struct mm_struct {
#endif
} __randomize_layout;
- KABI_RESERVE(1)
+ KABI_USE(1, struct mm_struct_extend *mm_extend)
KABI_RESERVE(2)
KABI_RESERVE(3)
KABI_RESERVE(4)
diff --git a/kernel/fork.c b/kernel/fork.c
index 8a2e827815b6..c46fef2b1d1d 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1076,12 +1076,17 @@ static struct mm_struct *mm_init(struct mm_struct *mm, struct task_struct *p,
struct mm_struct *mm_alloc(void)
{
struct mm_struct *mm;
+ off_t mm_extend_offset = sizeof(struct mm_struct) + cpumask_size();
mm = allocate_mm();
if (!mm)
return NULL;
memset(mm, 0, sizeof(*mm));
+ memset((void *)((unsigned long) mm + mm_extend_offset),
+ 0, sizeof(struct mm_struct_extend));
+ mm->mm_extend = (struct mm_struct_extend *)((unsigned long) mm + mm_extend_offset);
+
return mm_init(mm, current, current_user_ns());
}
@@ -1367,6 +1372,22 @@ void exec_mm_release(struct task_struct *tsk, struct mm_struct *mm)
mm_release(tsk, mm);
}
+/*
+ * dup_mm_extend() copies the mm_struct_extend extra area at the bottom of
+ * the oldmm slab object over to the newly allocated mm struct,
+ * and resets mm->mm_extend accordingly.
+ */
+void dup_mm_extend(struct mm_struct *mm, struct mm_struct *oldmm)
+{
+ off_t mm_extend_offset = sizeof(struct mm_struct) + cpumask_size();
+
+ memcpy((void *)((unsigned long) mm + mm_extend_offset),
+ (void *)((unsigned long) oldmm + mm_extend_offset),
+ sizeof(struct mm_struct_extend));
+
+ mm->mm_extend = (struct mm_struct_extend *)((unsigned long) mm + mm_extend_offset);
+}
+
/**
* dup_mm() - duplicates an existing mm structure
* @tsk: the task_struct with which the new mm will be associated.
@@ -1388,6 +1409,7 @@ static struct mm_struct *dup_mm(struct task_struct *tsk,
goto fail_nomem;
memcpy(mm, oldmm, sizeof(*mm));
+ dup_mm_extend(mm, oldmm);
if (!mm_init(mm, tsk, mm->user_ns))
goto fail_nomem;
@@ -2857,13 +2879,14 @@ void __init proc_caches_init(void)
* dynamically sized based on the maximum CPU number this system
* can have, taking hotplug into account (nr_cpu_ids).
*/
- mm_size = sizeof(struct mm_struct) + cpumask_size();
+ mm_size = sizeof(struct mm_struct) + cpumask_size() + sizeof(struct mm_struct_extend);
mm_cachep = kmem_cache_create_usercopy("mm_struct",
mm_size, ARCH_MIN_MMSTRUCT_ALIGN,
SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_ACCOUNT,
- offsetof(struct mm_struct, saved_auxv),
- sizeof_field(struct mm_struct, saved_auxv),
+ sizeof(struct mm_struct) + cpumask_size() +
+ offsetof(struct mm_struct_extend, saved_auxv),
+ sizeof_field(struct mm_struct_extend, saved_auxv),
NULL);
vm_area_cachep = KMEM_CACHE(vm_area_struct, SLAB_PANIC|SLAB_ACCOUNT);
mmap_init();
diff --git a/kernel/sys.c b/kernel/sys.c
index c8a31e1037be..72c093d798c7 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1962,7 +1962,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
struct mm_struct *mm = current->mm;
int error;
- BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
+ BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->mm_extend->saved_auxv));
BUILD_BUG_ON(sizeof(struct prctl_mm_map) > 256);
if (opt == PR_SET_MM_MAP_SIZE)
@@ -1984,7 +1984,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
* Someone is trying to cheat the auxv vector.
*/
if (!prctl_map.auxv ||
- prctl_map.auxv_size > sizeof(mm->saved_auxv))
+ prctl_map.auxv_size > sizeof(mm->mm_extend->saved_auxv))
return -EINVAL;
memset(user_auxv, 0, sizeof(user_auxv));
@@ -2056,7 +2056,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
* more complex.
*/
if (prctl_map.auxv_size)
- memcpy(mm->saved_auxv, user_auxv, sizeof(user_auxv));
+ memcpy(mm->mm_extend->saved_auxv, user_auxv, sizeof(user_auxv));
mmap_read_unlock(mm);
return 0;
@@ -2084,10 +2084,10 @@ static int prctl_set_auxv(struct mm_struct *mm, unsigned long addr,
user_auxv[AT_VECTOR_SIZE - 2] = 0;
user_auxv[AT_VECTOR_SIZE - 1] = 0;
- BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->saved_auxv));
+ BUILD_BUG_ON(sizeof(user_auxv) != sizeof(mm->mm_extend->saved_auxv));
task_lock(current);
- memcpy(mm->saved_auxv, user_auxv, len);
+ memcpy(mm->mm_extend->saved_auxv, user_auxv, len);
task_unlock(current);
return 0;
--
2.20.1
1
0
你好,我是超聚变的文白林,是否可以在周例会上介绍一下可编程调度框架的方案和开发指南,谢谢!
1
0
16 Nov '22
*** BLURB HERE ***
Christian Brauner (2):
ksmbd: ensure error is surfaced in set_file_basic_info()
ksmbd: remove setattr preparations in set_file_basic_info()
Christophe JAILLET (2):
ksmbd: Remove redundant 'flush_workqueue()' calls
ksmbd: Fix an error handling path in 'smb2_sess_setup()'
Colin Ian King (4):
cifsd: Fix a handful of spelling mistakes
cifsd: remove redundant assignment to variable err
ksmbd: fix kfree of uninitialized pointer oid
ksmbd: Fix read on the uninitialized pointer sess
Dan Carpenter (10):
cifsd: fix a precedence bug in parse_dacl()
cifsd: fix a IS_ERR() vs NULL bug
cifsd: Fix a use after free on error path
cifsd: Fix an error code in smb2_read()
cifsd: fix error handling in ksmbd_server_init()
ksmbd: delete some stray tabs
ksmbd: use kasprintf() in ksmbd_vfs_xattr_stream_name()
ksmbd: fix an oops in error handling in smb2_open()
ksmbd: missing check for NULL in convert_to_nt_pathname()
ksmbd: uninitialized variable in create_socket()
David Howells (1):
vfs: Check the truncate maximum size in inode_newsize_ok()
Enzo Matsumiya (1):
ksmbd: fix documentation for 2 functions
Gibeom Kim (1):
cifsd: remove stale prototype and variables
Hyunchul Lee (45):
cifsd: fix incorrect comments
cifsd: remove calling d_path in error paths
cifsd: handle unhashed dentry in ksmbd_vfs_mkdir
cifsd: use file_inode() instead of d_inode()
cifsd: remove useless error handling in ksmbd_vfs_read
cifsd: re-implement ksmbd_vfs_kern_path
cifsd: fix reference count decrement of unclaimed file in
__ksmbd_lookup_fd
cifsd: decoding gss token using lib/asn1_decoder.c
cifsd: lookup a file with LOOKUP_FOLLOW only if 'follow symlinks =
yes'
cifsd: enclose macro variables in parenthesis
cifsd: make alignment match open parenthesis
cifsd: append ksmbd prefix into names for asn1 decoder
ksmbd: factor out a ksmbd_vfs_lock_parent helper
ksmbd: set MAY_* flags together with open flags
ksmbd: remove macros in transport_ipc.c
ksmbd: replace BUFFER_NR_PAGES with inline function
ksmbd: replace KSMBD_ALIGN with kernel ALIGN macro
ksmbd: replace PAYLOAD_HEAD with inline function
ksmbd: remove getting worker state macros
ksmbd: remove and replace macros with inline functions in smb_common.h
ksmbd: replace struct dentry with struct path in some function's
arguments
ksmbd: fix the running request count decrement
ksmbd: free ksmbd_lock when file is closed
ksmbd: uninterruptible wait for a file being unlocked
ksmbd: make smb2_find_context_vals return NULL if not found
ksmbd: handle error cases first in smb2_create_sd_buffers
ksmbd: set RDMA capability for FSCTL_QUERY_NETWORK_INTERFACE_INFO
ksmbd: fix an error message in ksmbd_conn_trasnport_init
ksmbd: fix -Wstringop-truncation warnings
ksmbd: smbd: fix kernel oops during server shutdown
ksmbd: smbd: fix dma mapping error in smb_direct_post_send_data
ksmbd: prevent out of share access
ksmbd: use LOOKUP_BENEATH to prevent the out of share access
ksmbd: add buffer validation for SMB2_CREATE_CONTEXT
ksmbd: improve credits management
ksmbd: add buffer validation for smb direct
ksmbd: validate OutputBufferLength of QUERY_DIR, QUERY_INFO, IOCTL
requests
ksmbd: register ksmbd ib client with ib_register_client()
ksmbd: smbd: call rdma_accept() under CM handler
ksmbd: smbd: create MR pool
ksmbd: smbd: change the default maximum read/write, receive size
ksmbd: smbd: fix missing client's memory region invalidation
ksmbd: smbd: validate buffer descriptor structures
ksmbd: smbd: fix connection dropped issue
ksmbd: prevent out of bound read for SMB2_TREE_CONNNECT
Jason A. Donenfeld (1):
ksmbd: use vfs_llseek instead of dereferencing NULL
Jason Yan (1):
ksmbd: adapt vfs api to 5.10
Marcos Del Sol Vives (1):
ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
Marios Makassikis (17):
cifsd: Remove smb2_put_name()
cifsd: Fix potential null-ptr-deref in smb2_open()
cifsd: Update access check in
set_file_allocation_info/set_end_of_file_info
cifsd: Remove is_attributes_write_allowed() wrapper
cifsd: Call smb2_set_err_rsp() in smb2_read/smb2_write error path
cifsd: Handle ksmbd_session_rpc_open() failure in create_smb2_pipe()
cifsd: Update out_buf_len in smb2_populate_readdir_entry()
cifsd: Fix potential null-ptr-deref in destroy_previous_session()
cifsd: Do not use 0 or 0xFFFFFFFF for TreeID
ksmbd: Relax credit_charge check in smb2_validate_credit_charge()
ksmbd: Fix potential memory leak in tcp_destroy_socket()
ksmbd: Return STATUS_OBJECT_PATH_NOT_FOUND if smb2_creat() returns
ENOENT
ksmbd: Fix multi-protocol negotiation
ksmbd: add buffer validation in session setup
ksmbd: Fix buffer length check in fsctl_validate_negotiate_info()
ksmbd: Remove unused parameter from smb2_get_name()
ksmbd: Remove unused fields from ksmbd_file struct definition
Mauro Carvalho Chehab (1):
doc: cifsd: change the reference to configuration.txt
Mickaël Salaün (1):
ksmbd: Fix user namespace mapping
Mike Galbraith (1):
ksmbd: transport_rdma: Don't include rwlock.h directly
Muhammad Usama Anjum (2):
cifsd: fix memory leak when loop ends
cifsd: use kfree to free memory allocated by kmalloc or kzalloc
Namjae Jeon (194):
cifsd: add server handler for central processing and tranport layers
cifsd: add server-side procedures for SMB3
cifsd: add file operations
cifsd: fix static checker warning from smb_direct_post_send_data()
cifsd: fix static checker warning from smb_check_perm_dacl()
cifsd: fix warning: variable 'total_ace_size' and 'posix_ccontext' set
but not used
cifsd: Pass string length parameter to match_pattern()
cifsd: remove unneeded macros
cifsd: fix wrong use of rw semaphore in __session_create()
cifsd: use kmalloc() for small allocations
cifsd: add the check to work file lock and rename behaviors like
Windows unless POSIX extensions are negotiated
cifsd: fix error return code in ksmbd_vfs_remove_file()
cifsd: clean-up codes using chechpatch.pl --strict
cifsd: merge time_wrappers.h into smb_common.h
cifsd: fix wrong prototype in comment
cifsd: remove smack inherit leftovers
cifsd: use xarray instead of linked list for tree connect list
cifsd: remove wrappers of kvmalloc/kvfree
cifsd: prevent a integer overflow in wm_alloc()
cifsd: declare ida statically
cifsd: add the check if parent is stable by unexpected rename
cifsd: get parent dentry from child in ksmbd_vfs_remove_file()
cifsd: remove unused smberr.h
cifsd: remove unused nterr.c file
cifsd: move nt time functions to misc.c
cifsd: use d_inode()
cifsd: remove the dead code of unimplemented durable handle
cifsd: add support for AES256 encryption
cifsd: fix invalid memory access in smb2_write()
cifsd: fix WARNING: Possible unnecessary 'out of memory' message
cifsd: fix WARNING: Too many leading tabs
cifsd: fix xfstests generic/504 test failure
cifsd: add support for FSCTL_DUPLICATE_EXTENTS_TO_FILE
cifsd: add goto fail in asn1_oid_decode()
cifsd: use memcmp instead of for loop check in oid_eq()
cifsd: add goto fail in neg_token_init_mech_type()
cifsd: move fips_enabled check before the str_to_key()
cifsd: just return smbhash() instead of using rc return value
cifsd: move ret check before the out label
cifsd: simplify error handling in ksmbd_auth_ntlm()
cifsd: remove unneeded type casting
cifsd: set error return value for memcmp() difference
cifsd: return zero in always success case
cifsd: never return 1 on failure
cifsd: add the check if nvec is zero
cifsd: len can never be negative in ksmbd_init_sg()
cifsd: remove unneeded initialization of rc variable in
ksmbd_crypt_message()
cifsd: fix wrong return value in ksmbd_crypt_message()
cifsd: change success handling to failure handling
cifsd: add default case in switch statment in alloc_shash_desc()
cifsd: call kzalloc() directly instead of wrapper
cifsd: simplify error handling in ksmbd_gen_preauth_integrity_hash()
cifsd: return -ENOMEM about error from ksmbd_crypto_ctx_find_xxx calls
cifsd: alignment match open parenthesis
cifsd: add the check to prevent potential overflow with
smb_strtoUTF16() and UNICODE_LEN()
cifsd: braces {} should be used on all arms of this statement
cifsd: spaces preferred around that '/'
cifsd: don't use multiple blank lines
cifsd: No space is necessary after a cast
cifsd: Blank lines aren't necessary after an open brace '{'
cifsd: Alignment should match open parenthesis
cifsd: remove unnecessary parentheses around
cifsd: Prefer kernel type 'u16' over 'uint16_t'
cifsd: fix Control flow issues in ksmbd_build_ntlmssp_challenge_blob()
cifsd: fix potential read overflow in ksmbd_vfs_stream_read()
cifsd: fix additional warnings from checkpatch.pl --strict
cifsd: fix list_add double add BUG_ON trap in setup_async_work()
cifsd: set epoch in smb2_lease_break response
ksmbd: add support for SMB3 multichannel
ksmbd: remove cache read/trans buffer support
ksmbd: initialize variables on the declaration
ksmbd: remove ksmbd_vfs_copy_file_range
ksmbd: use list_for_each_entry instead of list_for_each
ksmbd: use goto instead of duplicating the resoure cleanup in
ksmbd_open_fd
ksmbd: fix overly long line
ksmbd: remove unneeded FIXME comment
ksmbd: remove ____ksmbd_align in ksmbd_server.h
ksmbd: replace KSMBD_SHARE_CONFIG_PATH with inline function
ksmbd: remove ksmbd_err/info
ksmbd: opencode to avoid trivial wrappers
ksmbd: factor out a ksmbd_validate_entry_in_use helper from
__ksmbd_vfs_rename
ksmbd: opencode posix acl functions instead of wrappers
ksmbd: change stream type macro to enumeration
ksmbd: use f_bsize instead of q->limits.logical_block_size
ksmbd: remove unneeded NULL check in the list iterator
ksmbd: use f_bsize in FS_SECTOR_SIZE_INFORMATION
cifsd: fix WARNING: Title overline too short
cifsd: update cifsd.rst document
cifsd: fix build warnings from cifsd.rst
cifsd: add ksmbd/nfsd interoperability to feature table
cifsd: fix WARNING: document isn't included in any toctree
cifsd: add index.rst in cifs documentation
ksmbd: move fs/cifsd to fs/ksmbd
ksmbd: replace SMB_DIRECT_TRANS macro with inline function
ksmbd: replace request and respone buffer macro with inline functions
ksmbd: allow PROTECTED_DACL_SECINFO and UNPROTECTED_DACL_SECINFO
addition information in smb2 set info security
ksmbd: fix dentry racy with rename()
ksmbd: opencode to remove FP_INODE macro
ksmbd: use ksmbd_vfs_lock_parent to get stable parent dentry
ksmbd: opencode to remove ATTR_FP macro
ksmbd: remove SMB1 oplock level macros
ksmbd: change ACE types to enumeration
ksmbd: change sid types to enumeration
ksmbd: change server state type macro to enumeration
ksmbd: change server config string index to enumeration
ksmbd: reorder and document on-disk and netlink structures in headers
ksmbd: fix kernel oops in ksmbd_rpc_ioctl/rap()
ksmbd: remove unneeded NULL check in for_each_netdev
ksmbd: fix read on the uninitialized send_ctx
ksmbd: fix memory leak smb2_populate_readdir_entry()
ksmbd: fix memory leak in smb_inherit_dacl()
ksmbd: change data type of volatile/persistent id to u64
ksmbd: remove unneeded check_context_err
ksmbd: fix memory leak in ksmbd_vfs_get_sd_xattr()
ksmbd: fix unused err value in smb2_lock
ksmbd: fix typo in comment
ksmbd: fix wrong compression context size
ksmbd: fix wrong error status return on session setup
ksmbd: set STATUS_INVALID_PARAMETER error status if credit charge is
invalid
ksmbd: move credit charge verification over smb2 request size
verification
ksmbd: fix typo of MS-SMBD
ksmbd: add negotiate context verification
ksmbd: add support for negotiating signing algorithm
ksmbd: don't set RSS capable in FSCTL_QUERY_NETWORK_INTERFACE_INFO
ksmbd: use channel signingkey for binding SMB2 session setup
ksmbd: fix missing error code in smb2_lock
ksmbd: add ipv6_addr_v4mapped check to know if connection from client
is ipv4
ksmbd: change int data type to boolean
ksmbd: update the comment for smb2_get_ksmbd_tcon()
ksmbd: use proper errno instead of -1 in smb2_get_ksmbd_tcon()
ksmbd: don't set FILE DELETE and FILE_DELETE_CHILD in access mask by
default
ksmbd: fix permission check issue on chown and chmod
ksmbd: fix __write_overflow warning in ndr_read_string
ksmbd: remove unused ksmbd_file_table_flush function
ksmbd: fix read of uninitialized variable ret in set_file_basic_info
ksmbd: add validation for FILE_FULL_EA_INFORMATION of smb2_get_info
ksmbd: add default data stream name in FILE_STREAM_INFORMATION
ksmbd: check protocol id in ksmbd_verify_smb_message()
ksmbd: remove follow symlinks support
ksmbd: fix invalid request buffer access in compound
ksmbd: remove NTLMv1 authentication
ksmbd: use correct basic info level in set_file_basic_info()
ksmbd: add request buffer validation in smb2_set_info
ksmbd: add validation in smb2 negotiate
ksmbd: fix transform header validation
ksmbd: add the check to vaildate if stream protocol length exceeds
maximum value
ksmbd: check strictly data area in ksmbd_smb2_check_message()
ksmbd: remove the leftover of smb2.0 dialect support
ksmbd: use buf_data_size instead of recalculation in
smb3_decrypt_req()
ksmbd: fix version mismatch with out of tree
ksmbd: fix oops from fuse driver
ksmbd: add validation in smb2_ioctl
ksmbd: fix potencial 32bit overflow from data area check in smb2_write
ksmbd: validate compound response buffer
ksmbd: limit read/write/trans buffer size not to exceed 8MB
ksmbd: throttle session setup failures to avoid dictionary attacks
ksmbd: don't need 8byte alignment for request length in
ksmbd_check_message
ksmbd: remove smb2_buf_length in smb2_hdr
ksmbd: remove smb2_buf_length in smb2_transform_hdr
ksmbd: change LeaseKey data type to u8 array
ksmbd: downgrade addition info error msg to debug in
smb2_get_info_sec()
ksmbd: contain default data stream even if xattr is empty
ksmbd: fix memleak in get_file_stream_info()
ksmbd: remove select FS_POSIX_ACL in Kconfig
ksmbd: fix uninitialized symbol 'pntsd_size'
ksmbd: set RSS capable in FSCTL_QUERY_NETWORK_INTERFACE_INFO
ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO
ksmbd: fix multi session connection failure
ksmbd: set 445 port to smbdirect port by default
ksmbd: fix guest connection failure with nautilus
ksmbd: fix SMB 3.11 posix extension mount failure
ksmbd: fix same UniqueId for dot and dotdot entries
ksmbd: don't align last entry offset in smb2 query directory
ksmbd: reduce smb direct max read/write size
ksmbd: add channel rwlock
ksmbd: handle smb2 query dir request for OutputBufferLength that is
too small
ksmbd: fix incorrect handling of iterate_dir
ksmbd: use wait_event instead of schedule_timeout()
ksmbd: replace sessions list in connection with xarray
ksmbd: fix kernel oops from idr_remove()
ksmbd: remove unused ksmbd_share_configs_cleanup function
ksmbd: fix racy issue while destroying session on multichannel
ksmbd: fix memory leak in smb2_handle_negotiate
ksmbd: fix use-after-free bug in smb2_tree_disconect
ksmbd: return STATUS_BAD_NETWORK_NAME error status if share is not
configured
ksmbd: fix endless loop when encryption for response fails
ksmbd: fix encryption failure issue for session logoff response
ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob
cifsd: add Kconfig and Makefile
ksmbd: set unique value to volume serial field in
FS_VOLUME_INFORMATION
ksmbd: add support for smb2 max credit parameter
ksmbd: move credit charge deduction under processing request
ksmbd: limits exceeding the maximum allowable outstanding requests
ksmbd: add reserved room in ipc request/response
Per Forlin (1):
ksmbd: Reduce error log 'speed is unknown' to debug
Ralph Boehme (4):
ksmbd: validate credit charge after validating SMB2 PDU body size
ksmbd: use ksmbd_req_buf_next() in ksmbd_verify_smb_message()
ksmbd: use ksmbd_req_buf_next() in ksmbd_smb2_check_message()
ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon()
Ronnie Sahlberg (1):
ksmbd: remove RFC1002 check in smb2 request
Sebastian Gottschall (1):
cifsd: Fix regression in smb2_get_info
Sergey Senozhatsky (1):
cifsd: remove unneeded FIXME comments
Stephen Rothwell (1):
cifsd: uniquify extract_sharename()
Steve French (1):
ksmbd: log that server is experimental at module load
Tian Tao (1):
cifsd: remove unused including <linux/version.h>
Wan Jiabing (1):
cifsd: remove duplicated argument
Xin Xiong (1):
ksmbd: fix reference count leak in smb_check_perm_dacl()
Yang Li (3):
ksmbd: Fix buffer_check_err() kernel-doc comment
ksmbd: Fix smb2_set_info_file() kernel-doc comment
ksmbd: Fix smb2_get_name() kernel-doc comment
Yang Yingliang (3):
cifsd: fix memleak in ksmbd_vfs_stream_write()
cifsd: fix memleak in ksmbd_vfs_stream_read()
cifsd: check return value of ksmbd_vfs_getcasexattr() correctly
Yufan Chen (1):
ksmbd: add smb-direct shutdown
Zhang Xiaoxu (1):
ksmbd: Fix wrong return value and message length check in smb2_ioctl()
kernel test robot (2):
cifsd: fix memdup.cocci warnings
cifsd: fix boolreturn.cocci warnings
Documentation/filesystems/cifs/index.rst | 10 +
Documentation/filesystems/cifs/ksmbd.rst | 164 +
Documentation/filesystems/index.rst | 2 +-
fs/Kconfig | 1 +
fs/Makefile | 1 +
fs/attr.c | 2 +
fs/ksmbd/Kconfig | 68 +
fs/ksmbd/Makefile | 20 +
fs/ksmbd/asn1.c | 343 +
fs/ksmbd/asn1.h | 21 +
fs/ksmbd/auth.c | 1174 +++
fs/ksmbd/auth.h | 71 +
fs/ksmbd/connection.c | 425 ++
fs/ksmbd/connection.h | 203 +
fs/ksmbd/crypto_ctx.c | 266 +
fs/ksmbd/crypto_ctx.h | 66 +
fs/ksmbd/glob.h | 49 +
fs/ksmbd/ksmbd_netlink.h | 407 +
fs/ksmbd/ksmbd_spnego_negtokeninit.asn1 | 31 +
fs/ksmbd/ksmbd_spnego_negtokentarg.asn1 | 19 +
fs/ksmbd/ksmbd_work.c | 79 +
fs/ksmbd/ksmbd_work.h | 117 +
fs/ksmbd/mgmt/ksmbd_ida.c | 46 +
fs/ksmbd/mgmt/ksmbd_ida.h | 34 +
fs/ksmbd/mgmt/share_config.c | 224 +
fs/ksmbd/mgmt/share_config.h | 79 +
fs/ksmbd/mgmt/tree_connect.c | 122 +
fs/ksmbd/mgmt/tree_connect.h | 58 +
fs/ksmbd/mgmt/user_config.c | 79 +
fs/ksmbd/mgmt/user_config.h | 68 +
fs/ksmbd/mgmt/user_session.c | 380 +
fs/ksmbd/mgmt/user_session.h | 104 +
fs/ksmbd/misc.c | 331 +
fs/ksmbd/misc.h | 35 +
fs/ksmbd/ndr.c | 343 +
fs/ksmbd/ndr.h | 22 +
fs/ksmbd/nterr.h | 543 ++
fs/ksmbd/ntlmssp.h | 169 +
fs/ksmbd/oplock.c | 1733 +++++
fs/ksmbd/oplock.h | 129 +
fs/ksmbd/server.c | 640 ++
fs/ksmbd/server.h | 70 +
fs/ksmbd/smb2misc.c | 447 ++
fs/ksmbd/smb2ops.c | 315 +
fs/ksmbd/smb2pdu.c | 8611 ++++++++++++++++++++++
fs/ksmbd/smb2pdu.h | 1708 +++++
fs/ksmbd/smb_common.c | 684 ++
fs/ksmbd/smb_common.h | 529 ++
fs/ksmbd/smbacl.c | 1366 ++++
fs/ksmbd/smbacl.h | 212 +
fs/ksmbd/smbfsctl.h | 91 +
fs/ksmbd/smbstatus.h | 1822 +++++
fs/ksmbd/transport_ipc.c | 877 +++
fs/ksmbd/transport_ipc.h | 47 +
fs/ksmbd/transport_rdma.c | 2219 ++++++
fs/ksmbd/transport_rdma.h | 61 +
fs/ksmbd/transport_tcp.c | 619 ++
fs/ksmbd/transport_tcp.h | 13 +
fs/ksmbd/unicode.c | 384 +
fs/ksmbd/unicode.h | 357 +
fs/ksmbd/uniupr.h | 268 +
fs/ksmbd/vfs.c | 1841 +++++
fs/ksmbd/vfs.h | 184 +
fs/ksmbd/vfs_cache.c | 708 ++
fs/ksmbd/vfs_cache.h | 167 +
fs/ksmbd/xattr.h | 122 +
66 files changed, 32399 insertions(+), 1 deletion(-)
create mode 100644 Documentation/filesystems/cifs/index.rst
create mode 100644 Documentation/filesystems/cifs/ksmbd.rst
create mode 100644 fs/ksmbd/Kconfig
create mode 100644 fs/ksmbd/Makefile
create mode 100644 fs/ksmbd/asn1.c
create mode 100644 fs/ksmbd/asn1.h
create mode 100644 fs/ksmbd/auth.c
create mode 100644 fs/ksmbd/auth.h
create mode 100644 fs/ksmbd/connection.c
create mode 100644 fs/ksmbd/connection.h
create mode 100644 fs/ksmbd/crypto_ctx.c
create mode 100644 fs/ksmbd/crypto_ctx.h
create mode 100644 fs/ksmbd/glob.h
create mode 100644 fs/ksmbd/ksmbd_netlink.h
create mode 100644 fs/ksmbd/ksmbd_spnego_negtokeninit.asn1
create mode 100644 fs/ksmbd/ksmbd_spnego_negtokentarg.asn1
create mode 100644 fs/ksmbd/ksmbd_work.c
create mode 100644 fs/ksmbd/ksmbd_work.h
create mode 100644 fs/ksmbd/mgmt/ksmbd_ida.c
create mode 100644 fs/ksmbd/mgmt/ksmbd_ida.h
create mode 100644 fs/ksmbd/mgmt/share_config.c
create mode 100644 fs/ksmbd/mgmt/share_config.h
create mode 100644 fs/ksmbd/mgmt/tree_connect.c
create mode 100644 fs/ksmbd/mgmt/tree_connect.h
create mode 100644 fs/ksmbd/mgmt/user_config.c
create mode 100644 fs/ksmbd/mgmt/user_config.h
create mode 100644 fs/ksmbd/mgmt/user_session.c
create mode 100644 fs/ksmbd/mgmt/user_session.h
create mode 100644 fs/ksmbd/misc.c
create mode 100644 fs/ksmbd/misc.h
create mode 100644 fs/ksmbd/ndr.c
create mode 100644 fs/ksmbd/ndr.h
create mode 100644 fs/ksmbd/nterr.h
create mode 100644 fs/ksmbd/ntlmssp.h
create mode 100644 fs/ksmbd/oplock.c
create mode 100644 fs/ksmbd/oplock.h
create mode 100644 fs/ksmbd/server.c
create mode 100644 fs/ksmbd/server.h
create mode 100644 fs/ksmbd/smb2misc.c
create mode 100644 fs/ksmbd/smb2ops.c
create mode 100644 fs/ksmbd/smb2pdu.c
create mode 100644 fs/ksmbd/smb2pdu.h
create mode 100644 fs/ksmbd/smb_common.c
create mode 100644 fs/ksmbd/smb_common.h
create mode 100644 fs/ksmbd/smbacl.c
create mode 100644 fs/ksmbd/smbacl.h
create mode 100644 fs/ksmbd/smbfsctl.h
create mode 100644 fs/ksmbd/smbstatus.h
create mode 100644 fs/ksmbd/transport_ipc.c
create mode 100644 fs/ksmbd/transport_ipc.h
create mode 100644 fs/ksmbd/transport_rdma.c
create mode 100644 fs/ksmbd/transport_rdma.h
create mode 100644 fs/ksmbd/transport_tcp.c
create mode 100644 fs/ksmbd/transport_tcp.h
create mode 100644 fs/ksmbd/unicode.c
create mode 100644 fs/ksmbd/unicode.h
create mode 100644 fs/ksmbd/uniupr.h
create mode 100644 fs/ksmbd/vfs.c
create mode 100644 fs/ksmbd/vfs.h
create mode 100644 fs/ksmbd/vfs_cache.c
create mode 100644 fs/ksmbd/vfs_cache.h
create mode 100644 fs/ksmbd/xattr.h
--
2.31.1
1
308
Patch 发送到蓝云
1
0
[PATCH openEuler-5.10 01/60] stack: Optionally randomize kernel stack offset each syscall
by Zheng Zengkai 15 Nov '22
by Zheng Zengkai 15 Nov '22
15 Nov '22
From: Kees Cook <keescook(a)chromium.org>
mainline inclusion
from mainline-v5.13-rc1
commit 39218ff4c625dbf2e68224024fe0acaa60bcd51a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I5YQ6Z
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
This provides the ability for architectures to enable kernel stack base
address offset randomization. This feature is controlled by the boot
param "randomize_kstack_offset=on/off", with its default value set by
CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT.
This feature is based on the original idea from the last public release
of PaX's RANDKSTACK feature: https://pax.grsecurity.net/docs/randkstack.txt
All the credit for the original idea goes to the PaX team. Note that
the design and implementation of this upstream randomize_kstack_offset
feature differs greatly from the RANDKSTACK feature (see below).
Reasoning for the feature:
This feature aims to make harder the various stack-based attacks that
rely on deterministic stack structure. We have had many such attacks in
past (just to name few):
https://jon.oberheide.org/files/infiltrate12-thestackisback.pdf
https://jon.oberheide.org/files/stackjacking-infiltrate11.pdf
https://googleprojectzero.blogspot.com/2016/06/exploiting-recursion-in-linu…
As Linux kernel stack protections have been constantly improving
(vmap-based stack allocation with guard pages, removal of thread_info,
STACKLEAK), attackers have had to find new ways for their exploits
to work. They have done so, continuing to rely on the kernel's stack
determinism, in situations where VMAP_STACK and THREAD_INFO_IN_TASK_STRUCT
were not relevant. For example, the following recent attacks would have
been hampered if the stack offset was non-deterministic between syscalls:
https://repositorio-aberto.up.pt/bitstream/10216/125357/2/374717.pdf
(page 70: targeting the pt_regs copy with linear stack overflow)
https://a13xp0p0v.github.io/2020/02/15/CVE-2019-18683.html
(leaked stack address from one syscall as a target during next syscall)
The main idea is that since the stack offset is randomized on each system
call, it is harder for an attack to reliably land in any particular place
on the thread stack, even with address exposures, as the stack base will
change on the next syscall. Also, since randomization is performed after
placing pt_regs, the ptrace-based approach[1] to discover the randomized
offset during a long-running syscall should not be possible.
Design description:
During most of the kernel's execution, it runs on the "thread stack",
which is pretty deterministic in its structure: it is fixed in size,
and on every entry from userspace to kernel on a syscall the thread
stack starts construction from an address fetched from the per-cpu
cpu_current_top_of_stack variable. The first element to be pushed to the
thread stack is the pt_regs struct that stores all required CPU registers
and syscall parameters. Finally the specific syscall function is called,
with the stack being used as the kernel executes the resulting request.
The goal of randomize_kstack_offset feature is to add a random offset
after the pt_regs has been pushed to the stack and before the rest of the
thread stack is used during the syscall processing, and to change it every
time a process issues a syscall. The source of randomness is currently
architecture-defined (but x86 is using the low byte of rdtsc()). Future
improvements for different entropy sources is possible, but out of scope
for this patch. Further more, to add more unpredictability, new offsets
are chosen at the end of syscalls (the timing of which should be less
easy to measure from userspace than at syscall entry time), and stored
in a per-CPU variable, so that the life of the value does not stay
explicitly tied to a single task.
As suggested by Andy Lutomirski, the offset is added using alloca()
and an empty asm() statement with an output constraint, since it avoids
changes to assembly syscall entry code, to the unwinder, and provides
correct stack alignment as defined by the compiler.
In order to make this available by default with zero performance impact
for those that don't want it, it is boot-time selectable with static
branches. This way, if the overhead is not wanted, it can just be
left turned off with no performance impact.
The generated assembly for x86_64 with GCC looks like this:
...
ffffffff81003977: 65 8b 05 02 ea 00 7f mov %gs:0x7f00ea02(%rip),%eax
# 12380 <kstack_offset>
ffffffff8100397e: 25 ff 03 00 00 and $0x3ff,%eax
ffffffff81003983: 48 83 c0 0f add $0xf,%rax
ffffffff81003987: 25 f8 07 00 00 and $0x7f8,%eax
ffffffff8100398c: 48 29 c4 sub %rax,%rsp
ffffffff8100398f: 48 8d 44 24 0f lea 0xf(%rsp),%rax
ffffffff81003994: 48 83 e0 f0 and $0xfffffffffffffff0,%rax
...
As a result of the above stack alignment, this patch introduces about
5 bits of randomness after pt_regs is spilled to the thread stack on
x86_64, and 6 bits on x86_32 (since its has 1 fewer bit required for
stack alignment). The amount of entropy could be adjusted based on how
much of the stack space we wish to trade for security.
My measure of syscall performance overhead (on x86_64):
lmbench: /usr/lib/lmbench/bin/x86_64-linux-gnu/lat_syscall -N 10000 null
randomize_kstack_offset=y Simple syscall: 0.7082 microseconds
randomize_kstack_offset=n Simple syscall: 0.7016 microseconds
So, roughly 0.9% overhead growth for a no-op syscall, which is very
manageable. And for people that don't want this, it's off by default.
There are two gotchas with using the alloca() trick. First,
compilers that have Stack Clash protection (-fstack-clash-protection)
enabled by default (e.g. Ubuntu[3]) add pagesize stack probes to
any dynamic stack allocations. While the randomization offset is
always less than a page, the resulting assembly would still contain
(unreachable!) probing routines, bloating the resulting assembly. To
avoid this, -fno-stack-clash-protection is unconditionally added to
the kernel Makefile since this is the only dynamic stack allocation in
the kernel (now that VLAs have been removed) and it is provably safe
from Stack Clash style attacks.
The second gotcha with alloca() is a negative interaction with
-fstack-protector*, in that it sees the alloca() as an array allocation,
which triggers the unconditional addition of the stack canary function
pre/post-amble which slows down syscalls regardless of the static
branch. In order to avoid adding this unneeded check and its associated
performance impact, architectures need to carefully remove uses of
-fstack-protector-strong (or -fstack-protector) in the compilation units
that use the add_random_kstack() macro and to audit the resulting stack
mitigation coverage (to make sure no desired coverage disappears). No
change is visible for this on x86 because the stack protector is already
unconditionally disabled for the compilation unit, but the change is
required on arm64. There is, unfortunately, no attribute that can be
used to disable stack protector for specific functions.
Comparison to PaX RANDKSTACK feature:
The RANDKSTACK feature randomizes the location of the stack start
(cpu_current_top_of_stack), i.e. including the location of pt_regs
structure itself on the stack. Initially this patch followed the same
approach, but during the recent discussions[2], it has been determined
to be of a little value since, if ptrace functionality is available for
an attacker, they can use PTRACE_PEEKUSR/PTRACE_POKEUSR to read/write
different offsets in the pt_regs struct, observe the cache behavior of
the pt_regs accesses, and figure out the random stack offset. Another
difference is that the random offset is stored in a per-cpu variable,
rather than having it be per-thread. As a result, these implementations
differ a fair bit in their implementation details and results, though
obviously the intent is similar.
[1] https://lore.kernel.org/kernel-hardening/2236FBA76BA1254E88B949DDB74E612BA4…
[2] https://lore.kernel.org/kernel-hardening/20190329081358.30497-1-elena.reshe…
[3] https://lists.ubuntu.com/archives/ubuntu-devel/2019-June/040741.html
Co-developed-by: Elena Reshetova <elena.reshetova(a)intel.com>
Signed-off-by: Elena Reshetova <elena.reshetova(a)intel.com>
Signed-off-by: Kees Cook <keescook(a)chromium.org>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de>
Link: https://lore.kernel.org/r/20210401232347.2791257-4-keescook@chromium.org
conflict:
Documentation/admin-guide/kernel-parameters.txt
arch/Kconfig
Signed-off-by: Yi Yang <yiyang13(a)huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng(a)huawei.com>
Reviewed-by: GONG Ruiqi <gongruiqi1(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
.../admin-guide/kernel-parameters.txt | 11 ++++
Makefile | 4 ++
arch/Kconfig | 23 ++++++++
include/linux/randomize_kstack.h | 54 +++++++++++++++++++
init/main.c | 23 ++++++++
5 files changed, 115 insertions(+)
create mode 100644 include/linux/randomize_kstack.h
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 0ec4c66752af..dca5a96e49b2 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -4258,6 +4258,17 @@
fully seed the kernel's CRNG. Default is controlled
by CONFIG_RANDOM_TRUST_BOOTLOADER.
+ randomize_kstack_offset=
+ [KNL] Enable or disable kernel stack offset
+ randomization, which provides roughly 5 bits of
+ entropy, frustrating memory corruption attacks
+ that depend on stack address determinism or
+ cross-syscall address exposures. This is only
+ available on architectures that have defined
+ CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET.
+ Format: <bool> (1/Y/y=enable, 0/N/n=disable)
+ Default is CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT.
+
ras=option[,option,...] [KNL] RAS-specific options
cec_disable [X86]
diff --git a/Makefile b/Makefile
index 6fa75aa5836d..df7e3d33a9e1 100644
--- a/Makefile
+++ b/Makefile
@@ -825,6 +825,10 @@ KBUILD_CFLAGS += -ftrivial-auto-var-init=zero
KBUILD_CFLAGS += -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
endif
+# While VLAs have been removed, GCC produces unreachable stack probes
+# for the randomize_kstack_offset feature. Disable it for all compilers.
+KBUILD_CFLAGS += $(call cc-option, -fno-stack-clash-protection)
+
DEBUG_CFLAGS :=
# Workaround for GCC versions < 5.0
diff --git a/arch/Kconfig b/arch/Kconfig
index 7800502d9b6e..97fc1bdcdc8d 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -989,6 +989,29 @@ config VMAP_STACK
virtual mappings with real shadow memory, and KASAN_VMALLOC must
be enabled.
+config HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET
+ def_bool n
+ help
+ An arch should select this symbol if it can support kernel stack
+ offset randomization with calls to add_random_kstack_offset()
+ during syscall entry and choose_random_kstack_offset() during
+ syscall exit. Careful removal of -fstack-protector-strong and
+ -fstack-protector should also be applied to the entry code and
+ closely examined, as the artificial stack bump looks like an array
+ to the compiler, so it will attempt to add canary checks regardless
+ of the static branch state.
+
+config RANDOMIZE_KSTACK_OFFSET_DEFAULT
+ bool "Randomize kernel stack offset on syscall entry"
+ depends on HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET
+ help
+ The kernel stack offset can be randomized (after pt_regs) by
+ roughly 5 bits of entropy, frustrating memory corruption
+ attacks that depend on stack address determinism or
+ cross-syscall address exposures. This feature is controlled
+ by kernel boot param "randomize_kstack_offset=on/off", and this
+ config chooses the default boot state.
+
config ARCH_OPTIONAL_KERNEL_RWX
def_bool n
diff --git a/include/linux/randomize_kstack.h b/include/linux/randomize_kstack.h
new file mode 100644
index 000000000000..fd80fab663a9
--- /dev/null
+++ b/include/linux/randomize_kstack.h
@@ -0,0 +1,54 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef _LINUX_RANDOMIZE_KSTACK_H
+#define _LINUX_RANDOMIZE_KSTACK_H
+
+#include <linux/kernel.h>
+#include <linux/jump_label.h>
+#include <linux/percpu-defs.h>
+
+DECLARE_STATIC_KEY_MAYBE(CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT,
+ randomize_kstack_offset);
+DECLARE_PER_CPU(u32, kstack_offset);
+
+/*
+ * Do not use this anywhere else in the kernel. This is used here because
+ * it provides an arch-agnostic way to grow the stack with correct
+ * alignment. Also, since this use is being explicitly masked to a max of
+ * 10 bits, stack-clash style attacks are unlikely. For more details see
+ * "VLAs" in Documentation/process/deprecated.rst
+ */
+void *__builtin_alloca(size_t size);
+/*
+ * Use, at most, 10 bits of entropy. We explicitly cap this to keep the
+ * "VLA" from being unbounded (see above). 10 bits leaves enough room for
+ * per-arch offset masks to reduce entropy (by removing higher bits, since
+ * high entropy may overly constrain usable stack space), and for
+ * compiler/arch-specific stack alignment to remove the lower bits.
+ */
+#define KSTACK_OFFSET_MAX(x) ((x) & 0x3FF)
+
+/*
+ * These macros must be used during syscall entry when interrupts and
+ * preempt are disabled, and after user registers have been stored to
+ * the stack.
+ */
+#define add_random_kstack_offset() do { \
+ if (static_branch_maybe(CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT, \
+ &randomize_kstack_offset)) { \
+ u32 offset = raw_cpu_read(kstack_offset); \
+ u8 *ptr = __builtin_alloca(KSTACK_OFFSET_MAX(offset)); \
+ /* Keep allocation even after "ptr" loses scope. */ \
+ asm volatile("" : "=o"(*ptr) :: "memory"); \
+ } \
+} while (0)
+
+#define choose_random_kstack_offset(rand) do { \
+ if (static_branch_maybe(CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT, \
+ &randomize_kstack_offset)) { \
+ u32 offset = raw_cpu_read(kstack_offset); \
+ offset ^= (rand); \
+ raw_cpu_write(kstack_offset, offset); \
+ } \
+} while (0)
+
+#endif
diff --git a/init/main.c b/init/main.c
index 7f4e8a8964b1..e1d179fa1f4a 100644
--- a/init/main.c
+++ b/init/main.c
@@ -846,6 +846,29 @@ static void __init mm_init(void)
pti_init();
}
+#ifdef CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET
+DEFINE_STATIC_KEY_MAYBE_RO(CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT,
+ randomize_kstack_offset);
+DEFINE_PER_CPU(u32, kstack_offset);
+
+static int __init early_randomize_kstack_offset(char *buf)
+{
+ int ret;
+ bool bool_result;
+
+ ret = kstrtobool(buf, &bool_result);
+ if (ret)
+ return ret;
+
+ if (bool_result)
+ static_branch_enable(&randomize_kstack_offset);
+ else
+ static_branch_disable(&randomize_kstack_offset);
+ return 0;
+}
+early_param("randomize_kstack_offset", early_randomize_kstack_offset);
+#endif
+
void __init __weak arch_call_rest_init(void)
{
rest_init();
--
2.20.1
1
59
[PATCH OLK-5.10 v2 001/308] cifsd: add server handler for central processing and tranport layers
by Zhong Jinghua 15 Nov '22
by Zhong Jinghua 15 Nov '22
15 Nov '22
From: Jason Yan <yanaijie(a)huawei.com>
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 0626e6641f6b467447c81dd7678a69c66f7746cf
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/0626e6641f6b
-------------------------------
This adds server handler for central processing,
transport layers(tcp, rdma, ipc) and a document describing cifsd
architecture.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Acked-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/cifsd.rst | 136 ++
fs/cifsd/connection.c | 416 +++++
fs/cifsd/connection.h | 212 +++
fs/cifsd/glob.h | 67 +
fs/cifsd/ksmbd_server.h | 285 +++
fs/cifsd/ksmbd_work.c | 93 +
fs/cifsd/ksmbd_work.h | 124 ++
fs/cifsd/server.c | 635 +++++++
fs/cifsd/server.h | 62 +
fs/cifsd/transport_ipc.c | 900 ++++++++++
fs/cifsd/transport_ipc.h | 63 +
fs/cifsd/transport_rdma.c | 2050 ++++++++++++++++++++++
fs/cifsd/transport_rdma.h | 61 +
fs/cifsd/transport_tcp.c | 624 +++++++
fs/cifsd/transport_tcp.h | 13 +
15 files changed, 5741 insertions(+)
create mode 100644 Documentation/filesystems/cifs/cifsd.rst
create mode 100644 fs/cifsd/connection.c
create mode 100644 fs/cifsd/connection.h
create mode 100644 fs/cifsd/glob.h
create mode 100644 fs/cifsd/ksmbd_server.h
create mode 100644 fs/cifsd/ksmbd_work.c
create mode 100644 fs/cifsd/ksmbd_work.h
create mode 100644 fs/cifsd/server.c
create mode 100644 fs/cifsd/server.h
create mode 100644 fs/cifsd/transport_ipc.c
create mode 100644 fs/cifsd/transport_ipc.h
create mode 100644 fs/cifsd/transport_rdma.c
create mode 100644 fs/cifsd/transport_rdma.h
create mode 100644 fs/cifsd/transport_tcp.c
create mode 100644 fs/cifsd/transport_tcp.h
diff --git a/Documentation/filesystems/cifs/cifsd.rst b/Documentation/filesystems/cifs/cifsd.rst
new file mode 100644
index 000000000000..e0c33d03f290
--- /dev/null
+++ b/Documentation/filesystems/cifs/cifsd.rst
@@ -0,0 +1,136 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+=========================
+CIFSD - SMB3 Kernel Server
+=========================
+
+CIFSD is a linux kernel server which implements SMB3 protocol in kernel space
+for sharing files over network.
+
+CIFSD architecture
+==================
+
+The subset of performance related operations belong in kernelspace and
+the other subset which belong to operations which are not really related with
+performance in userspace. So, DCE/RPC management that has historically resulted
+into number of buffer overflow issues and dangerous security bugs and user
+account management are implemented in user space as ksmbd.mountd.
+File operations that are related with performance (open/read/write/close etc.)
+in kernel space (ksmbd). This also allows for easier integration with VFS
+interface for all file operations.
+
+ksmbd (kernel daemon)
+---------------------
+
+When the server daemon is started, It starts up a forker thread
+(ksmbd/interface name) at initialization time and open a dedicated port 445
+for listening to SMB requests. Whenever new clients make request, Forker
+thread will accept the client connection and fork a new thread for dedicated
+communication channel between the client and the server. It allows for parallel
+processing of SMB requests(commands) from clients as well as allowing for new
+clients to make new connections. Each instance is named ksmbd/1~n(port number)
+to indicate connected clients. Depending on the SMB request types, each new
+thread can decide to pass through the commands to the user space (ksmbd.mountd),
+currently DCE/RPC commands are identified to be handled through the user space.
+To further utilize the linux kernel, it has been chosen to process the commands
+as workitems and to be executed in the handlers of the ksmbd-io kworker threads.
+It allows for multiplexing of the handlers as the kernel take care of initiating
+extra worker threads if the load is increased and vice versa, if the load is
+decreased it destroys the extra worker threads. So, after connection is
+established with client. Dedicated ksmbd/1..n(port number) takes complete
+ownership of receiving/parsing of SMB commands. Each received command is worked
+in parallel i.e., There can be multiple clients commands which are worked in
+parallel. After receiving each command a separated kernel workitem is prepared
+for each command which is further queued to be handled by ksmbd-io kworkers.
+So, each SMB workitem is queued to the kworkers. This allows the benefit of load
+sharing to be managed optimally by the default kernel and optimizing client
+performance by handling client commands in parallel.
+
+ksmbd.mountd (user space daemon)
+--------------------------------
+
+ksmbd.mountd is userspace process to, transfer user account and password that
+are registered using ksmbd.adduser(part of utils for user space). Further it
+allows sharing information parameters that parsed from smb.conf to ksmbd in
+kernel. For the execution part it has a daemon which is continuously running
+and connected to the kernel interface using netlink socket, it waits for the
+requests(dcerpc and share/user info). It handles RPC calls (at a minimum few
+dozen) that are most important for file server from NetShareEnum and
+NetServerGetInfo. Complete DCE/RPC response is prepared from the user space
+and passed over to the associated kernel thread for the client.
+
+Key Features
+============
+
+The supported features are:
+ * SMB3 protocols for basic file sharing
+ * Auto negotiation
+ * Compound requests
+ * Oplock/Lease
+ * Large MTU
+ * NTLM/NTLMv2
+ * HMAC-SHA256 Signing
+ * Secure negotiate
+ * Signing Update
+ * Pre-authentication integrity(SMB 3.1.1)
+ * SMB3 encryption(CCM, GCM)
+ * SMB direct(RDMA)
+ * SMB3.1.1 POSIX extension support
+ * ACLs
+ * Kerberos
+
+The features that are planned or not supported:
+ * SMB3 Multi-channel
+ * Durable handle v1,v2
+ * Persistent handles
+ * Directory lease
+ * SMB2 notify
+
+How to run
+==========
+
+1. Download ksmbd-tools and compile them.
+ - https://github.com/cifsd-team/ksmbd-tools
+
+2. Create user/password for SMB share.
+
+ # mkdir /etc/ksmbd/
+ # ksmbd.adduser -a <Enter USERNAME for SMB share access>
+
+3. Create /etc/ksmbd/smb.conf file, add SMB share in smb.conf file
+ - Refer smb.conf.example and Documentation/configuration.txt
+ in ksmbd-tools
+
+4. Insert ksmbd.ko module
+
+ # insmod ksmbd.ko
+
+5. Start ksmbd user space daemon
+ # ksmbd.mountd
+
+6. Access share from Windows or Linux using CIFS
+
+Shutdown CIFSD
+==============
+
+1. kill user and kernel space daemon
+ # sudo ksmbd.control -s
+
+How to turn debug print on
+==========================
+
+Each layer
+/sys/class/ksmbd-control/debug
+
+1. Enable all component prints
+ # sudo ksmbd.control -d "all"
+
+2. Enable one of components(smb, auth, vfs, oplock, ipc, conn, rdma)
+ # sudo ksmbd.control -d "smb"
+
+3. Show what prints are enable.
+ # cat/sys/class/ksmbd-control/debug
+ [smb] auth vfs oplock ipc conn [rdma]
+
+4. Disable prints:
+ If you try the selected component once more, It is disabled without brackets.
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
new file mode 100644
index 000000000000..d27553dee2ad
--- /dev/null
+++ b/fs/cifsd/connection.c
@@ -0,0 +1,416 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <namjae.jeon(a)protocolfreedom.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/mutex.h>
+#include <linux/freezer.h>
+#include <linux/module.h>
+
+#include "server.h"
+#include "buffer_pool.h"
+#include "smb_common.h"
+#include "mgmt/ksmbd_ida.h"
+#include "connection.h"
+#include "transport_tcp.h"
+#include "transport_rdma.h"
+
+static DEFINE_MUTEX(init_lock);
+
+static struct ksmbd_conn_ops default_conn_ops;
+
+static LIST_HEAD(conn_list);
+static DEFINE_RWLOCK(conn_list_lock);
+
+/**
+ * ksmbd_conn_free() - free resources of the connection instance
+ *
+ * @conn: connection instance to be cleand up
+ *
+ * During the thread termination, the corresponding conn instance
+ * resources(sock/memory) are released and finally the conn object is freed.
+ */
+void ksmbd_conn_free(struct ksmbd_conn *conn)
+{
+ write_lock(&conn_list_lock);
+ list_del(&conn->conns_list);
+ write_unlock(&conn_list_lock);
+
+ ksmbd_free_request(conn->request_buf);
+ ksmbd_ida_free(conn->async_ida);
+ kfree(conn->preauth_info);
+ kfree(conn);
+}
+
+/**
+ * ksmbd_conn_alloc() - initialize a new connection instance
+ *
+ * Return: ksmbd_conn struct on success, otherwise NULL
+ */
+struct ksmbd_conn *ksmbd_conn_alloc(void)
+{
+ struct ksmbd_conn *conn;
+
+ conn = kzalloc(sizeof(struct ksmbd_conn), GFP_KERNEL);
+ if (!conn)
+ return NULL;
+
+ conn->need_neg = true;
+ conn->status = KSMBD_SESS_NEW;
+ conn->local_nls = load_nls("utf8");
+ if (!conn->local_nls)
+ conn->local_nls = load_nls_default();
+ atomic_set(&conn->req_running, 0);
+ atomic_set(&conn->r_count, 0);
+ init_waitqueue_head(&conn->req_running_q);
+ INIT_LIST_HEAD(&conn->conns_list);
+ INIT_LIST_HEAD(&conn->sessions);
+ INIT_LIST_HEAD(&conn->requests);
+ INIT_LIST_HEAD(&conn->async_requests);
+ spin_lock_init(&conn->request_lock);
+ spin_lock_init(&conn->credits_lock);
+ conn->async_ida = ksmbd_ida_alloc();
+
+ write_lock(&conn_list_lock);
+ list_add(&conn->conns_list, &conn_list);
+ write_unlock(&conn_list_lock);
+ return conn;
+}
+
+bool ksmbd_conn_lookup_dialect(struct ksmbd_conn *c)
+{
+ struct ksmbd_conn *t;
+ bool ret = false;
+
+ read_lock(&conn_list_lock);
+ list_for_each_entry(t, &conn_list, conns_list) {
+ if (memcmp(t->ClientGUID, c->ClientGUID, SMB2_CLIENT_GUID_SIZE))
+ continue;
+
+ ret = true;
+ break;
+ }
+ read_unlock(&conn_list_lock);
+ return ret;
+}
+
+void ksmbd_conn_enqueue_request(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct list_head *requests_queue = NULL;
+
+ if (conn->ops->get_cmd_val(work) != SMB2_CANCEL_HE) {
+ requests_queue = &conn->requests;
+ work->syncronous = true;
+ }
+
+ if (requests_queue) {
+ atomic_inc(&conn->req_running);
+ spin_lock(&conn->request_lock);
+ list_add_tail(&work->request_entry, requests_queue);
+ spin_unlock(&conn->request_lock);
+ }
+}
+
+int ksmbd_conn_try_dequeue_request(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ int ret = 1;
+
+ if (list_empty(&work->request_entry) &&
+ list_empty(&work->async_request_entry))
+ return 0;
+
+ atomic_dec(&conn->req_running);
+ spin_lock(&conn->request_lock);
+ if (!work->multiRsp) {
+ list_del_init(&work->request_entry);
+ if (work->syncronous == false)
+ list_del_init(&work->async_request_entry);
+ ret = 0;
+ }
+ spin_unlock(&conn->request_lock);
+
+ wake_up_all(&conn->req_running_q);
+ return ret;
+}
+
+static void ksmbd_conn_lock(struct ksmbd_conn *conn)
+{
+ mutex_lock(&conn->srv_mutex);
+}
+
+static void ksmbd_conn_unlock(struct ksmbd_conn *conn)
+{
+ mutex_unlock(&conn->srv_mutex);
+}
+
+void ksmbd_conn_wait_idle(struct ksmbd_conn *conn)
+{
+ wait_event(conn->req_running_q, atomic_read(&conn->req_running) < 2);
+}
+
+int ksmbd_conn_write(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb_hdr *rsp_hdr = RESPONSE_BUF(work);
+ size_t len = 0;
+ int sent;
+ struct kvec iov[3];
+ int iov_idx = 0;
+
+ ksmbd_conn_try_dequeue_request(work);
+ if (!rsp_hdr) {
+ ksmbd_err("NULL response header\n");
+ return -EINVAL;
+ }
+
+ if (HAS_TRANSFORM_BUF(work)) {
+ iov[iov_idx] = (struct kvec) { work->tr_buf,
+ sizeof(struct smb2_transform_hdr) };
+ len += iov[iov_idx++].iov_len;
+ }
+
+ if (HAS_AUX_PAYLOAD(work)) {
+ iov[iov_idx] = (struct kvec) { rsp_hdr, RESP_HDR_SIZE(work) };
+ len += iov[iov_idx++].iov_len;
+ iov[iov_idx] = (struct kvec) { AUX_PAYLOAD(work),
+ AUX_PAYLOAD_SIZE(work) };
+ len += iov[iov_idx++].iov_len;
+ } else {
+ if (HAS_TRANSFORM_BUF(work))
+ iov[iov_idx].iov_len = RESP_HDR_SIZE(work);
+ else
+ iov[iov_idx].iov_len = get_rfc1002_len(rsp_hdr) + 4;
+ iov[iov_idx].iov_base = rsp_hdr;
+ len += iov[iov_idx++].iov_len;
+ }
+
+ ksmbd_conn_lock(conn);
+ sent = conn->transport->ops->writev(conn->transport, &iov[0],
+ iov_idx, len,
+ work->need_invalidate_rkey,
+ work->remote_key);
+ ksmbd_conn_unlock(conn);
+
+ if (sent < 0) {
+ ksmbd_err("Failed to send message: %d\n", sent);
+ return sent;
+ }
+
+ return 0;
+}
+
+int ksmbd_conn_rdma_read(struct ksmbd_conn *conn,
+ void *buf, unsigned int buflen,
+ u32 remote_key, u64 remote_offset,
+ u32 remote_len)
+{
+ int ret = -EINVAL;
+
+ if (conn->transport->ops->rdma_read)
+ ret = conn->transport->ops->rdma_read(conn->transport,
+ buf, buflen,
+ remote_key, remote_offset,
+ remote_len);
+ return ret;
+}
+
+int ksmbd_conn_rdma_write(struct ksmbd_conn *conn,
+ void *buf, unsigned int buflen,
+ u32 remote_key, u64 remote_offset,
+ u32 remote_len)
+{
+ int ret = -EINVAL;
+
+ if (conn->transport->ops->rdma_write)
+ ret = conn->transport->ops->rdma_write(conn->transport,
+ buf, buflen,
+ remote_key, remote_offset,
+ remote_len);
+ return ret;
+}
+
+bool ksmbd_conn_alive(struct ksmbd_conn *conn)
+{
+ if (!ksmbd_server_running())
+ return false;
+
+ if (conn->status == KSMBD_SESS_EXITING)
+ return false;
+
+ if (kthread_should_stop())
+ return false;
+
+ if (atomic_read(&conn->stats.open_files_count) > 0)
+ return true;
+
+ /*
+ * Stop current session if the time that get last request from client
+ * is bigger than deadtime user configured and openning file count is
+ * zero.
+ */
+ if (server_conf.deadtime > 0 &&
+ time_after(jiffies, conn->last_active + server_conf.deadtime)) {
+ ksmbd_debug(CONN, "No response from client in %lu minutes\n",
+ server_conf.deadtime / SMB_ECHO_INTERVAL);
+ return false;
+ }
+ return true;
+}
+
+/**
+ * ksmbd_conn_handler_loop() - session thread to listen on new smb requests
+ * @p: connection instance
+ *
+ * One thread each per connection
+ *
+ * Return: 0 on success
+ */
+int ksmbd_conn_handler_loop(void *p)
+{
+ struct ksmbd_conn *conn = (struct ksmbd_conn *)p;
+ struct ksmbd_transport *t = conn->transport;
+ unsigned int pdu_size;
+ char hdr_buf[4] = {0,};
+ int size;
+
+ mutex_init(&conn->srv_mutex);
+ __module_get(THIS_MODULE);
+
+ if (t->ops->prepare && t->ops->prepare(t))
+ goto out;
+
+ conn->last_active = jiffies;
+ while (ksmbd_conn_alive(conn)) {
+ if (try_to_freeze())
+ continue;
+
+ ksmbd_free_request(conn->request_buf);
+ conn->request_buf = NULL;
+
+ size = t->ops->read(t, hdr_buf, sizeof(hdr_buf));
+ if (size != sizeof(hdr_buf))
+ break;
+
+ pdu_size = get_rfc1002_len(hdr_buf);
+ ksmbd_debug(CONN, "RFC1002 header %u bytes\n", pdu_size);
+
+ /* make sure we have enough to get to SMB header end */
+ if (!ksmbd_pdu_size_has_room(pdu_size)) {
+ ksmbd_debug(CONN, "SMB request too short (%u bytes)\n",
+ pdu_size);
+ continue;
+ }
+
+ /* 4 for rfc1002 length field */
+ size = pdu_size + 4;
+ conn->request_buf = ksmbd_alloc_request(size);
+ if (!conn->request_buf)
+ continue;
+
+ memcpy(conn->request_buf, hdr_buf, sizeof(hdr_buf));
+ if (!ksmbd_smb_request(conn))
+ break;
+
+ /*
+ * We already read 4 bytes to find out PDU size, now
+ * read in PDU
+ */
+ size = t->ops->read(t, conn->request_buf + 4, pdu_size);
+ if (size < 0) {
+ ksmbd_err("sock_read failed: %d\n", size);
+ break;
+ }
+
+ if (size != pdu_size) {
+ ksmbd_err("PDU error. Read: %d, Expected: %d\n",
+ size,
+ pdu_size);
+ continue;
+ }
+
+ if (!default_conn_ops.process_fn) {
+ ksmbd_err("No connection request callback\n");
+ break;
+ }
+
+ if (default_conn_ops.process_fn(conn)) {
+ ksmbd_err("Cannot handle request\n");
+ break;
+ }
+ }
+
+out:
+ /* Wait till all reference dropped to the Server object*/
+ while (atomic_read(&conn->r_count) > 0)
+ schedule_timeout(HZ);
+
+ unload_nls(conn->local_nls);
+ if (default_conn_ops.terminate_fn)
+ default_conn_ops.terminate_fn(conn);
+ t->ops->disconnect(t);
+ module_put(THIS_MODULE);
+ return 0;
+}
+
+void ksmbd_conn_init_server_callbacks(struct ksmbd_conn_ops *ops)
+{
+ default_conn_ops.process_fn = ops->process_fn;
+ default_conn_ops.terminate_fn = ops->terminate_fn;
+}
+
+int ksmbd_conn_transport_init(void)
+{
+ int ret;
+
+ mutex_lock(&init_lock);
+ ret = ksmbd_tcp_init();
+ if (ret) {
+ pr_err("Failed to init TCP subsystem: %d\n", ret);
+ goto out;
+ }
+
+ ret = ksmbd_rdma_init();
+ if (ret) {
+ pr_err("Failed to init KSMBD subsystem: %d\n", ret);
+ goto out;
+ }
+out:
+ mutex_unlock(&init_lock);
+ return ret;
+}
+
+static void stop_sessions(void)
+{
+ struct ksmbd_conn *conn;
+
+again:
+ read_lock(&conn_list_lock);
+ list_for_each_entry(conn, &conn_list, conns_list) {
+ struct task_struct *task;
+
+ task = conn->transport->handler;
+ if (task)
+ ksmbd_debug(CONN, "Stop session handler %s/%d\n",
+ task->comm,
+ task_pid_nr(task));
+ conn->status = KSMBD_SESS_EXITING;
+ }
+ read_unlock(&conn_list_lock);
+
+ if (!list_empty(&conn_list)) {
+ schedule_timeout_interruptible(HZ/10); /* 100ms */
+ goto again;
+ }
+}
+
+void ksmbd_conn_transport_destroy(void)
+{
+ mutex_lock(&init_lock);
+ ksmbd_tcp_destroy();
+ ksmbd_rdma_destroy();
+ stop_sessions();
+ mutex_unlock(&init_lock);
+}
diff --git a/fs/cifsd/connection.h b/fs/cifsd/connection.h
new file mode 100644
index 000000000000..179fb9278999
--- /dev/null
+++ b/fs/cifsd/connection.h
@@ -0,0 +1,212 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_CONNECTION_H__
+#define __KSMBD_CONNECTION_H__
+
+#include <linux/list.h>
+#include <linux/ip.h>
+#include <net/sock.h>
+#include <net/tcp.h>
+#include <net/inet_connection_sock.h>
+#include <net/request_sock.h>
+#include <linux/kthread.h>
+#include <linux/nls.h>
+
+#include "smb_common.h"
+#include "ksmbd_work.h"
+
+#define KSMBD_SOCKET_BACKLOG 16
+
+/*
+ * WARNING
+ *
+ * This is nothing but a HACK. Session status should move to channel
+ * or to session. As of now we have 1 tcp_conn : 1 ksmbd_session, but
+ * we need to change it to 1 tcp_conn : N ksmbd_sessions.
+ */
+enum {
+ KSMBD_SESS_NEW = 0,
+ KSMBD_SESS_GOOD,
+ KSMBD_SESS_EXITING,
+ KSMBD_SESS_NEED_RECONNECT,
+ KSMBD_SESS_NEED_NEGOTIATE
+};
+
+struct ksmbd_stats {
+ atomic_t open_files_count;
+ atomic64_t request_served;
+};
+
+struct ksmbd_transport;
+
+struct ksmbd_conn {
+ struct smb_version_values *vals;
+ struct smb_version_ops *ops;
+ struct smb_version_cmds *cmds;
+ unsigned int max_cmds;
+ struct mutex srv_mutex;
+ int status;
+ unsigned int cli_cap;
+ char *request_buf;
+ struct ksmbd_transport *transport;
+ struct nls_table *local_nls;
+ struct list_head conns_list;
+ /* smb session 1 per user */
+ struct list_head sessions;
+ unsigned long last_active;
+ /* How many request are running currently */
+ atomic_t req_running;
+ /* References which are made for this Server object*/
+ atomic_t r_count;
+ unsigned short total_credits;
+ unsigned short max_credits;
+ spinlock_t credits_lock;
+ wait_queue_head_t req_running_q;
+ /* Lock to protect requests list*/
+ spinlock_t request_lock;
+ struct list_head requests;
+ struct list_head async_requests;
+ int connection_type;
+ struct ksmbd_stats stats;
+ char ClientGUID[SMB2_CLIENT_GUID_SIZE];
+ union {
+ /* pending trans request table */
+ struct trans_state *recent_trans;
+ /* Used by ntlmssp */
+ char *ntlmssp_cryptkey;
+ };
+
+ struct preauth_integrity_info *preauth_info;
+
+ bool need_neg;
+ unsigned int auth_mechs;
+ unsigned int preferred_auth_mech;
+ bool sign;
+ bool use_spnego:1;
+ __u16 cli_sec_mode;
+ __u16 srv_sec_mode;
+ /* dialect index that server chose */
+ __u16 dialect;
+
+ char *mechToken;
+
+ struct ksmbd_conn_ops *conn_ops;
+
+ /* Preauth Session Table */
+ struct list_head preauth_sess_table;
+
+ struct sockaddr_storage peer_addr;
+
+ /* Identifier for async message */
+ struct ksmbd_ida *async_ida;
+
+ __le16 cipher_type;
+ __le16 compress_algorithm;
+ bool posix_ext_supported;
+};
+
+struct ksmbd_conn_ops {
+ int (*process_fn)(struct ksmbd_conn *conn);
+ int (*terminate_fn)(struct ksmbd_conn *conn);
+};
+
+struct ksmbd_transport_ops {
+ int (*prepare)(struct ksmbd_transport *t);
+ void (*disconnect)(struct ksmbd_transport *t);
+ int (*read)(struct ksmbd_transport *t,
+ char *buf, unsigned int size);
+ int (*writev)(struct ksmbd_transport *t,
+ struct kvec *iovs, int niov, int size,
+ bool need_invalidate_rkey, unsigned int remote_key);
+ int (*rdma_read)(struct ksmbd_transport *t,
+ void *buf, unsigned int len, u32 remote_key,
+ u64 remote_offset, u32 remote_len);
+ int (*rdma_write)(struct ksmbd_transport *t,
+ void *buf, unsigned int len, u32 remote_key,
+ u64 remote_offset, u32 remote_len);
+};
+
+struct ksmbd_transport {
+ struct ksmbd_conn *conn;
+ struct ksmbd_transport_ops *ops;
+ struct task_struct *handler;
+};
+
+#define KSMBD_TCP_RECV_TIMEOUT (7 * HZ)
+#define KSMBD_TCP_SEND_TIMEOUT (5 * HZ)
+#define KSMBD_TCP_PEER_SOCKADDR(c) ((struct sockaddr *)&((c)->peer_addr))
+
+bool ksmbd_conn_alive(struct ksmbd_conn *conn);
+void ksmbd_conn_wait_idle(struct ksmbd_conn *conn);
+
+struct ksmbd_conn *ksmbd_conn_alloc(void);
+void ksmbd_conn_free(struct ksmbd_conn *conn);
+bool ksmbd_conn_lookup_dialect(struct ksmbd_conn *c);
+int ksmbd_conn_write(struct ksmbd_work *work);
+int ksmbd_conn_rdma_read(struct ksmbd_conn *conn,
+ void *buf, unsigned int buflen,
+ u32 remote_key, u64 remote_offset,
+ u32 remote_len);
+int ksmbd_conn_rdma_write(struct ksmbd_conn *conn,
+ void *buf, unsigned int buflen,
+ u32 remote_key, u64 remote_offset,
+ u32 remote_len);
+
+void ksmbd_conn_enqueue_request(struct ksmbd_work *work);
+int ksmbd_conn_try_dequeue_request(struct ksmbd_work *work);
+void ksmbd_conn_init_server_callbacks(struct ksmbd_conn_ops *ops);
+
+int ksmbd_conn_handler_loop(void *p);
+
+int ksmbd_conn_transport_init(void);
+void ksmbd_conn_transport_destroy(void);
+
+/*
+ * WARNING
+ *
+ * This is a hack. We will move status to a proper place once we land
+ * a multi-sessions support.
+ */
+static inline bool ksmbd_conn_good(struct ksmbd_work *work)
+{
+ return work->conn->status == KSMBD_SESS_GOOD;
+}
+
+static inline bool ksmbd_conn_need_negotiate(struct ksmbd_work *work)
+{
+ return work->conn->status == KSMBD_SESS_NEED_NEGOTIATE;
+}
+
+static inline bool ksmbd_conn_need_reconnect(struct ksmbd_work *work)
+{
+ return work->conn->status == KSMBD_SESS_NEED_RECONNECT;
+}
+
+static inline bool ksmbd_conn_exiting(struct ksmbd_work *work)
+{
+ return work->conn->status == KSMBD_SESS_EXITING;
+}
+
+static inline void ksmbd_conn_set_good(struct ksmbd_work *work)
+{
+ work->conn->status = KSMBD_SESS_GOOD;
+}
+
+static inline void ksmbd_conn_set_need_negotiate(struct ksmbd_work *work)
+{
+ work->conn->status = KSMBD_SESS_NEED_NEGOTIATE;
+}
+
+static inline void ksmbd_conn_set_need_reconnect(struct ksmbd_work *work)
+{
+ work->conn->status = KSMBD_SESS_NEED_RECONNECT;
+}
+
+static inline void ksmbd_conn_set_exiting(struct ksmbd_work *work)
+{
+ work->conn->status = KSMBD_SESS_EXITING;
+}
+#endif /* __CONNECTION_H__ */
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
new file mode 100644
index 000000000000..2dc3f603e837
--- /dev/null
+++ b/fs/cifsd/glob.h
@@ -0,0 +1,67 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_GLOB_H
+#define __KSMBD_GLOB_H
+
+#include <linux/ctype.h>
+#include <linux/version.h>
+
+#include "unicode.h"
+#include "vfs_cache.h"
+#include "smberr.h"
+
+#define KSMBD_VERSION "3.1.9"
+
+/* @FIXME clean up this code */
+
+extern int ksmbd_debug_types;
+extern int ksmbd_caseless_search;
+
+#define DATA_STREAM 1
+#define DIR_STREAM 2
+
+#define KSMBD_DEBUG_SMB (1 << 0)
+#define KSMBD_DEBUG_AUTH (1 << 1)
+#define KSMBD_DEBUG_VFS (1 << 2)
+#define KSMBD_DEBUG_OPLOCK (1 << 3)
+#define KSMBD_DEBUG_IPC (1 << 4)
+#define KSMBD_DEBUG_CONN (1 << 5)
+#define KSMBD_DEBUG_RDMA (1 << 6)
+#define KSMBD_DEBUG_ALL (KSMBD_DEBUG_SMB | KSMBD_DEBUG_AUTH | \
+ KSMBD_DEBUG_VFS | KSMBD_DEBUG_OPLOCK | \
+ KSMBD_DEBUG_IPC | KSMBD_DEBUG_CONN | \
+ KSMBD_DEBUG_RDMA)
+
+#ifndef ksmbd_pr_fmt
+#ifdef SUBMOD_NAME
+#define ksmbd_pr_fmt(fmt) "ksmbd: " SUBMOD_NAME ": " fmt
+#else
+#define ksmbd_pr_fmt(fmt) "ksmbd: " fmt
+#endif
+#endif
+
+#define ksmbd_debug(type, fmt, ...) \
+ do { \
+ if (ksmbd_debug_types & KSMBD_DEBUG_##type) \
+ pr_info(ksmbd_pr_fmt("%s:%d: " fmt), \
+ __func__, \
+ __LINE__, \
+ ##__VA_ARGS__); \
+ } while (0)
+
+#define ksmbd_info(fmt, ...) \
+ pr_info(ksmbd_pr_fmt(fmt), ##__VA_ARGS__)
+
+#define ksmbd_err(fmt, ...) \
+ pr_err(ksmbd_pr_fmt("%s:%d: " fmt), \
+ __func__, \
+ __LINE__, \
+ ##__VA_ARGS__)
+
+#define UNICODE_LEN(x) ((x) * 2)
+
+#endif /* __KSMBD_GLOB_H */
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
new file mode 100644
index 000000000000..01eaf9ec4fde
--- /dev/null
+++ b/fs/cifsd/ksmbd_server.h
@@ -0,0 +1,285 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ *
+ * linux-ksmbd-devel(a)lists.sourceforge.net
+ */
+
+#ifndef _LINUX_KSMBD_SERVER_H
+#define _LINUX_KSMBD_SERVER_H
+
+#include <linux/types.h>
+
+#define KSMBD_GENL_NAME "SMBD_GENL"
+#define KSMBD_GENL_VERSION 0x01
+
+#ifndef ____ksmbd_align
+#define ____ksmbd_align __aligned(4)
+#endif
+
+#define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ 48
+#define KSMBD_REQ_MAX_HASH_SZ 18
+#define KSMBD_REQ_MAX_SHARE_NAME 64
+
+struct ksmbd_heartbeat {
+ __u32 handle;
+};
+
+/*
+ * Global config flags.
+ */
+#define KSMBD_GLOBAL_FLAG_INVALID (0)
+#define KSMBD_GLOBAL_FLAG_SMB2_LEASES (1 << 0)
+#define KSMBD_GLOBAL_FLAG_CACHE_TBUF (1 << 1)
+#define KSMBD_GLOBAL_FLAG_CACHE_RBUF (1 << 2)
+#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION (1 << 3)
+#define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE (1 << 4)
+
+struct ksmbd_startup_request {
+ __u32 flags;
+ __s32 signing;
+ __s8 min_prot[16];
+ __s8 max_prot[16];
+ __s8 netbios_name[16];
+ __s8 work_group[64];
+ __s8 server_string[64];
+ __u16 tcp_port;
+ __u16 ipc_timeout;
+ __u32 deadtime;
+ __u32 file_max;
+ __u32 smb2_max_write;
+ __u32 smb2_max_read;
+ __u32 smb2_max_trans;
+ __u32 share_fake_fscaps;
+ __u32 sub_auth[3];
+ __u32 ifc_list_sz;
+ __s8 ____payload[0];
+} ____ksmbd_align;
+
+#define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload)
+
+struct ksmbd_shutdown_request {
+ __s32 reserved;
+} ____ksmbd_align;
+
+struct ksmbd_login_request {
+ __u32 handle;
+ __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
+} ____ksmbd_align;
+
+struct ksmbd_login_response {
+ __u32 handle;
+ __u32 gid;
+ __u32 uid;
+ __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
+ __u16 status;
+ __u16 hash_sz;
+ __s8 hash[KSMBD_REQ_MAX_HASH_SZ];
+} ____ksmbd_align;
+
+struct ksmbd_share_config_request {
+ __u32 handle;
+ __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME];
+} ____ksmbd_align;
+
+struct ksmbd_share_config_response {
+ __u32 handle;
+ __u32 flags;
+ __u16 create_mask;
+ __u16 directory_mask;
+ __u16 force_create_mode;
+ __u16 force_directory_mode;
+ __u16 force_uid;
+ __u16 force_gid;
+ __u32 veto_list_sz;
+ __s8 ____payload[0];
+} ____ksmbd_align;
+
+#define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
+#define KSMBD_SHARE_CONFIG_PATH(s) \
+ ({ \
+ char *p = (s)->____payload; \
+ if ((s)->veto_list_sz) \
+ p += (s)->veto_list_sz + 1; \
+ p; \
+ })
+
+struct ksmbd_tree_connect_request {
+ __u32 handle;
+ __u16 account_flags;
+ __u16 flags;
+ __u64 session_id;
+ __u64 connect_id;
+ __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
+ __s8 share[KSMBD_REQ_MAX_SHARE_NAME];
+ __s8 peer_addr[64];
+} ____ksmbd_align;
+
+struct ksmbd_tree_connect_response {
+ __u32 handle;
+ __u16 status;
+ __u16 connection_flags;
+} ____ksmbd_align;
+
+struct ksmbd_tree_disconnect_request {
+ __u64 session_id;
+ __u64 connect_id;
+} ____ksmbd_align;
+
+struct ksmbd_logout_request {
+ __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
+} ____ksmbd_align;
+
+struct ksmbd_rpc_command {
+ __u32 handle;
+ __u32 flags;
+ __u32 payload_sz;
+ __u8 payload[0];
+} ____ksmbd_align;
+
+struct ksmbd_spnego_authen_request {
+ __u32 handle;
+ __u16 spnego_blob_len;
+ __u8 spnego_blob[0];
+} ____ksmbd_align;
+
+struct ksmbd_spnego_authen_response {
+ __u32 handle;
+ struct ksmbd_login_response login_response;
+ __u16 session_key_len;
+ __u16 spnego_blob_len;
+ __u8 payload[0]; /* session key + AP_REP */
+} ____ksmbd_align;
+
+/*
+ * This also used as NETLINK attribute type value.
+ *
+ * NOTE:
+ * Response message type value should be equal to
+ * request message type value + 1.
+ */
+enum ksmbd_event {
+ KSMBD_EVENT_UNSPEC = 0,
+ KSMBD_EVENT_HEARTBEAT_REQUEST,
+
+ KSMBD_EVENT_STARTING_UP,
+ KSMBD_EVENT_SHUTTING_DOWN,
+
+ KSMBD_EVENT_LOGIN_REQUEST,
+ KSMBD_EVENT_LOGIN_RESPONSE = 5,
+
+ KSMBD_EVENT_SHARE_CONFIG_REQUEST,
+ KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
+
+ KSMBD_EVENT_TREE_CONNECT_REQUEST,
+ KSMBD_EVENT_TREE_CONNECT_RESPONSE,
+
+ KSMBD_EVENT_TREE_DISCONNECT_REQUEST = 10,
+
+ KSMBD_EVENT_LOGOUT_REQUEST,
+
+ KSMBD_EVENT_RPC_REQUEST,
+ KSMBD_EVENT_RPC_RESPONSE,
+
+ KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
+ KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE = 15,
+
+ KSMBD_EVENT_MAX
+};
+
+enum KSMBD_TREE_CONN_STATUS {
+ KSMBD_TREE_CONN_STATUS_OK = 0,
+ KSMBD_TREE_CONN_STATUS_NOMEM,
+ KSMBD_TREE_CONN_STATUS_NO_SHARE,
+ KSMBD_TREE_CONN_STATUS_NO_USER,
+ KSMBD_TREE_CONN_STATUS_INVALID_USER,
+ KSMBD_TREE_CONN_STATUS_HOST_DENIED = 5,
+ KSMBD_TREE_CONN_STATUS_CONN_EXIST,
+ KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
+ KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
+ KSMBD_TREE_CONN_STATUS_ERROR,
+};
+
+/*
+ * User config flags.
+ */
+#define KSMBD_USER_FLAG_INVALID (0)
+#define KSMBD_USER_FLAG_OK (1 << 0)
+#define KSMBD_USER_FLAG_BAD_PASSWORD (1 << 1)
+#define KSMBD_USER_FLAG_BAD_UID (1 << 2)
+#define KSMBD_USER_FLAG_BAD_USER (1 << 3)
+#define KSMBD_USER_FLAG_GUEST_ACCOUNT (1 << 4)
+
+/*
+ * Share config flags.
+ */
+#define KSMBD_SHARE_FLAG_INVALID (0)
+#define KSMBD_SHARE_FLAG_AVAILABLE (1 << 0)
+#define KSMBD_SHARE_FLAG_BROWSEABLE (1 << 1)
+#define KSMBD_SHARE_FLAG_WRITEABLE (1 << 2)
+#define KSMBD_SHARE_FLAG_READONLY (1 << 3)
+#define KSMBD_SHARE_FLAG_GUEST_OK (1 << 4)
+#define KSMBD_SHARE_FLAG_GUEST_ONLY (1 << 5)
+#define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS (1 << 6)
+#define KSMBD_SHARE_FLAG_OPLOCKS (1 << 7)
+#define KSMBD_SHARE_FLAG_PIPE (1 << 8)
+#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES (1 << 9)
+#define KSMBD_SHARE_FLAG_INHERIT_SMACK (1 << 10)
+#define KSMBD_SHARE_FLAG_INHERIT_OWNER (1 << 11)
+#define KSMBD_SHARE_FLAG_STREAMS (1 << 12)
+#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS (1 << 13)
+#define KSMBD_SHARE_FLAG_ACL_XATTR (1 << 14)
+
+/*
+ * Tree connect request flags.
+ */
+#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1 (0)
+#define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 (1 << 0)
+#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 (1 << 1)
+
+/*
+ * Tree connect flags.
+ */
+#define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT (1 << 0)
+#define KSMBD_TREE_CONN_FLAG_READ_ONLY (1 << 1)
+#define KSMBD_TREE_CONN_FLAG_WRITABLE (1 << 2)
+#define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT (1 << 3)
+
+/*
+ * RPC over IPC.
+ */
+#define KSMBD_RPC_METHOD_RETURN (1 << 0)
+#define KSMBD_RPC_SRVSVC_METHOD_INVOKE (1 << 1)
+#define KSMBD_RPC_SRVSVC_METHOD_RETURN ((1 << 1) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_WKSSVC_METHOD_INVOKE (1 << 2)
+#define KSMBD_RPC_WKSSVC_METHOD_RETURN ((1 << 2) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_IOCTL_METHOD ((1 << 3) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_OPEN_METHOD (1 << 4)
+#define KSMBD_RPC_WRITE_METHOD (1 << 5)
+#define KSMBD_RPC_READ_METHOD ((1 << 6) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_CLOSE_METHOD (1 << 7)
+#define KSMBD_RPC_RAP_METHOD ((1 << 8) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_RESTRICTED_CONTEXT (1 << 9)
+#define KSMBD_RPC_SAMR_METHOD_INVOKE (1 << 10)
+#define KSMBD_RPC_SAMR_METHOD_RETURN ((1 << 10) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_LSARPC_METHOD_INVOKE (1 << 11)
+#define KSMBD_RPC_LSARPC_METHOD_RETURN ((1 << 11) | KSMBD_RPC_METHOD_RETURN)
+
+#define KSMBD_RPC_OK 0
+#define KSMBD_RPC_EBAD_FUNC 0x00000001
+#define KSMBD_RPC_EACCESS_DENIED 0x00000005
+#define KSMBD_RPC_EBAD_FID 0x00000006
+#define KSMBD_RPC_ENOMEM 0x00000008
+#define KSMBD_RPC_EBAD_DATA 0x0000000D
+#define KSMBD_RPC_ENOTIMPLEMENTED 0x00000040
+#define KSMBD_RPC_EINVALID_PARAMETER 0x00000057
+#define KSMBD_RPC_EMORE_DATA 0x000000EA
+#define KSMBD_RPC_EINVALID_LEVEL 0x0000007C
+#define KSMBD_RPC_SOME_NOT_MAPPED 0x00000107
+
+#define KSMBD_CONFIG_OPT_DISABLED 0
+#define KSMBD_CONFIG_OPT_ENABLED 1
+#define KSMBD_CONFIG_OPT_AUTO 2
+#define KSMBD_CONFIG_OPT_MANDATORY 3
+
+#endif /* _LINUX_KSMBD_SERVER_H */
diff --git a/fs/cifsd/ksmbd_work.c b/fs/cifsd/ksmbd_work.c
new file mode 100644
index 000000000000..8cd5dff0762d
--- /dev/null
+++ b/fs/cifsd/ksmbd_work.c
@@ -0,0 +1,93 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2019 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/list.h>
+#include <linux/mm.h>
+#include <linux/slab.h>
+#include <linux/workqueue.h>
+
+#include "server.h"
+#include "connection.h"
+#include "ksmbd_work.h"
+#include "buffer_pool.h"
+#include "mgmt/ksmbd_ida.h"
+
+/* @FIXME */
+#include "ksmbd_server.h"
+
+static struct kmem_cache *work_cache;
+static struct workqueue_struct *ksmbd_wq;
+
+struct ksmbd_work *ksmbd_alloc_work_struct(void)
+{
+ struct ksmbd_work *work = kmem_cache_zalloc(work_cache, GFP_KERNEL);
+
+ if (work) {
+ work->compound_fid = KSMBD_NO_FID;
+ work->compound_pfid = KSMBD_NO_FID;
+ INIT_LIST_HEAD(&work->request_entry);
+ INIT_LIST_HEAD(&work->async_request_entry);
+ INIT_LIST_HEAD(&work->fp_entry);
+ INIT_LIST_HEAD(&work->interim_entry);
+ }
+ return work;
+}
+
+void ksmbd_free_work_struct(struct ksmbd_work *work)
+{
+ WARN_ON(work->saved_cred != NULL);
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_TBUF &&
+ work->set_trans_buf)
+ ksmbd_release_buffer(RESPONSE_BUF(work));
+ else
+ ksmbd_free_response(RESPONSE_BUF(work));
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF &&
+ work->set_read_buf)
+ ksmbd_release_buffer(AUX_PAYLOAD(work));
+ else
+ ksmbd_free_response(AUX_PAYLOAD(work));
+
+ ksmbd_free_response(TRANSFORM_BUF(work));
+ ksmbd_free_request(REQUEST_BUF(work));
+ if (work->async_id)
+ ksmbd_release_id(work->conn->async_ida, work->async_id);
+ kmem_cache_free(work_cache, work);
+}
+
+void ksmbd_work_pool_destroy(void)
+{
+ kmem_cache_destroy(work_cache);
+}
+
+int ksmbd_work_pool_init(void)
+{
+ work_cache = kmem_cache_create("ksmbd_work_cache",
+ sizeof(struct ksmbd_work), 0,
+ SLAB_HWCACHE_ALIGN, NULL);
+ if (!work_cache)
+ return -ENOMEM;
+ return 0;
+}
+
+int ksmbd_workqueue_init(void)
+{
+ ksmbd_wq = alloc_workqueue("ksmbd-io", 0, 0);
+ if (!ksmbd_wq)
+ return -ENOMEM;
+ return 0;
+}
+
+void ksmbd_workqueue_destroy(void)
+{
+ flush_workqueue(ksmbd_wq);
+ destroy_workqueue(ksmbd_wq);
+ ksmbd_wq = NULL;
+}
+
+bool ksmbd_queue_work(struct ksmbd_work *work)
+{
+ return queue_work(ksmbd_wq, &work->work);
+}
diff --git a/fs/cifsd/ksmbd_work.h b/fs/cifsd/ksmbd_work.h
new file mode 100644
index 000000000000..405434d4c8ab
--- /dev/null
+++ b/fs/cifsd/ksmbd_work.h
@@ -0,0 +1,124 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2019 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_WORK_H__
+#define __KSMBD_WORK_H__
+
+#include <linux/ctype.h>
+#include <linux/workqueue.h>
+
+struct ksmbd_conn;
+struct ksmbd_session;
+struct ksmbd_tree_connect;
+
+enum {
+ KSMBD_WORK_ACTIVE = 0,
+ KSMBD_WORK_CANCELLED,
+ KSMBD_WORK_CLOSED,
+};
+
+/* one of these for every pending CIFS request at the connection */
+struct ksmbd_work {
+ /* Server corresponding to this mid */
+ struct ksmbd_conn *conn;
+ struct ksmbd_session *sess;
+ struct ksmbd_tree_connect *tcon;
+
+ /* Pointer to received SMB header */
+ char *request_buf;
+ /* Response buffer */
+ char *response_buf;
+
+ /* Read data buffer */
+ char *aux_payload_buf;
+
+ /* Next cmd hdr in compound req buf*/
+ int next_smb2_rcv_hdr_off;
+ /* Next cmd hdr in compound rsp buf*/
+ int next_smb2_rsp_hdr_off;
+
+ /*
+ * Current Local FID assigned compound response if SMB2 CREATE
+ * command is present in compound request
+ */
+ unsigned int compound_fid;
+ unsigned int compound_pfid;
+ unsigned int compound_sid;
+
+ const struct cred *saved_cred;
+
+ /* Number of granted credits */
+ unsigned int credits_granted;
+
+ /* response smb header size */
+ unsigned int resp_hdr_sz;
+ unsigned int response_sz;
+ /* Read data count */
+ unsigned int aux_payload_sz;
+
+ void *tr_buf;
+
+ unsigned char state;
+ /* Multiple responses for one request e.g. SMB ECHO */
+ bool multiRsp:1;
+ /* No response for cancelled request */
+ bool send_no_response:1;
+ /* Request is encrypted */
+ bool encrypted:1;
+ /* Is this SYNC or ASYNC ksmbd_work */
+ bool syncronous:1;
+ bool need_invalidate_rkey:1;
+ bool set_trans_buf:1;
+ bool set_read_buf:1;
+
+ unsigned int remote_key;
+ /* cancel works */
+ int async_id;
+ void **cancel_argv;
+ void (*cancel_fn)(void **argv);
+
+ struct work_struct work;
+ /* List head at conn->requests */
+ struct list_head request_entry;
+ /* List head at conn->async_requests */
+ struct list_head async_request_entry;
+ struct list_head fp_entry;
+ struct list_head interim_entry;
+};
+
+#define WORK_CANCELLED(w) ((w)->state == KSMBD_WORK_CANCELLED)
+#define WORK_CLOSED(w) ((w)->state == KSMBD_WORK_CLOSED)
+#define WORK_ACTIVE(w) ((w)->state == KSMBD_WORK_ACTIVE)
+
+#define RESPONSE_BUF(w) ((void *)(w)->response_buf)
+#define REQUEST_BUF(w) ((void *)(w)->request_buf)
+
+#define RESPONSE_BUF_NEXT(w) \
+ ((void *)((w)->response_buf + (w)->next_smb2_rsp_hdr_off))
+#define REQUEST_BUF_NEXT(w) \
+ ((void *)((w)->request_buf + (w)->next_smb2_rcv_hdr_off))
+
+#define RESPONSE_SZ(w) ((w)->response_sz)
+
+#define INIT_AUX_PAYLOAD(w) ((w)->aux_payload_buf = NULL)
+#define HAS_AUX_PAYLOAD(w) ((w)->aux_payload_sz != 0)
+#define AUX_PAYLOAD(w) ((void *)((w)->aux_payload_buf))
+#define AUX_PAYLOAD_SIZE(w) ((w)->aux_payload_sz)
+#define RESP_HDR_SIZE(w) ((w)->resp_hdr_sz)
+
+#define HAS_TRANSFORM_BUF(w) ((w)->tr_buf != NULL)
+#define TRANSFORM_BUF(w) ((void *)((w)->tr_buf))
+
+struct ksmbd_work *ksmbd_alloc_work_struct(void);
+void ksmbd_free_work_struct(struct ksmbd_work *work);
+
+void ksmbd_work_pool_destroy(void);
+int ksmbd_work_pool_init(void);
+
+int ksmbd_workqueue_init(void);
+void ksmbd_workqueue_destroy(void);
+bool ksmbd_queue_work(struct ksmbd_work *work);
+
+#endif /* __KSMBD_WORK_H__ */
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
new file mode 100644
index 000000000000..b9e114f8a5d2
--- /dev/null
+++ b/fs/cifsd/server.c
@@ -0,0 +1,635 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include "glob.h"
+#include "oplock.h"
+#include "misc.h"
+#include <linux/sched/signal.h>
+#include <linux/workqueue.h>
+#include <linux/sysfs.h>
+#include <linux/module.h>
+#include <linux/moduleparam.h>
+
+#include "server.h"
+#include "smb_common.h"
+#include "smbstatus.h"
+#include "buffer_pool.h"
+#include "connection.h"
+#include "transport_ipc.h"
+#include "mgmt/user_session.h"
+#include "crypto_ctx.h"
+#include "auth.h"
+
+int ksmbd_debug_types;
+
+struct ksmbd_server_config server_conf;
+
+enum SERVER_CTRL_TYPE {
+ SERVER_CTRL_TYPE_INIT,
+ SERVER_CTRL_TYPE_RESET,
+};
+
+struct server_ctrl_struct {
+ int type;
+ struct work_struct ctrl_work;
+};
+
+static DEFINE_MUTEX(ctrl_lock);
+
+static int ___server_conf_set(int idx, char *val)
+{
+ if (idx >= ARRAY_SIZE(server_conf.conf))
+ return -EINVAL;
+
+ if (!val || val[0] == 0x00)
+ return -EINVAL;
+
+ kfree(server_conf.conf[idx]);
+ server_conf.conf[idx] = kstrdup(val, GFP_KERNEL);
+ if (!server_conf.conf[idx])
+ return -ENOMEM;
+ return 0;
+}
+
+int ksmbd_set_netbios_name(char *v)
+{
+ return ___server_conf_set(SERVER_CONF_NETBIOS_NAME, v);
+}
+
+int ksmbd_set_server_string(char *v)
+{
+ return ___server_conf_set(SERVER_CONF_SERVER_STRING, v);
+}
+
+int ksmbd_set_work_group(char *v)
+{
+ return ___server_conf_set(SERVER_CONF_WORK_GROUP, v);
+}
+
+char *ksmbd_netbios_name(void)
+{
+ return server_conf.conf[SERVER_CONF_NETBIOS_NAME];
+}
+
+char *ksmbd_server_string(void)
+{
+ return server_conf.conf[SERVER_CONF_SERVER_STRING];
+}
+
+char *ksmbd_work_group(void)
+{
+ return server_conf.conf[SERVER_CONF_WORK_GROUP];
+}
+
+/**
+ * check_conn_state() - check state of server thread connection
+ * @ksmbd_work: smb work containing server thread information
+ *
+ * Return: 0 on valid connection, otherwise 1 to reconnect
+ */
+static inline int check_conn_state(struct ksmbd_work *work)
+{
+ struct smb_hdr *rsp_hdr;
+
+ if (ksmbd_conn_exiting(work) || ksmbd_conn_need_reconnect(work)) {
+ rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr->Status.CifsError = STATUS_CONNECTION_DISCONNECTED;
+ return 1;
+ }
+ return 0;
+}
+
+/* @FIXME what a mess... god help. */
+
+#define TCP_HANDLER_CONTINUE 0
+#define TCP_HANDLER_ABORT 1
+
+static int __process_request(struct ksmbd_work *work,
+ struct ksmbd_conn *conn,
+ uint16_t *cmd)
+{
+ struct smb_version_cmds *cmds;
+ uint16_t command;
+ int ret;
+
+ if (check_conn_state(work))
+ return TCP_HANDLER_CONTINUE;
+
+ if (ksmbd_verify_smb_message(work))
+ return TCP_HANDLER_ABORT;
+
+ command = conn->ops->get_cmd_val(work);
+ *cmd = command;
+
+andx_again:
+ if (command >= conn->max_cmds) {
+ conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
+ return TCP_HANDLER_CONTINUE;
+ }
+
+ cmds = &conn->cmds[command];
+ if (!cmds->proc) {
+ ksmbd_debug(SMB, "*** not implemented yet cmd = %x\n", command);
+ conn->ops->set_rsp_status(work, STATUS_NOT_IMPLEMENTED);
+ return TCP_HANDLER_CONTINUE;
+ }
+
+ if (work->sess && conn->ops->is_sign_req(work, command)) {
+ ret = conn->ops->check_sign_req(work);
+ if (!ret) {
+ conn->ops->set_rsp_status(work, STATUS_ACCESS_DENIED);
+ return TCP_HANDLER_CONTINUE;
+ }
+ }
+
+ ret = cmds->proc(work);
+
+ if (ret < 0)
+ ksmbd_debug(CONN, "Failed to process %u [%d]\n", command, ret);
+ /* AndX commands - chained request can return positive values */
+ else if (ret > 0) {
+ command = ret;
+ *cmd = command;
+ goto andx_again;
+ }
+
+ if (work->send_no_response)
+ return TCP_HANDLER_ABORT;
+ return TCP_HANDLER_CONTINUE;
+}
+
+static void __handle_ksmbd_work(struct ksmbd_work *work,
+ struct ksmbd_conn *conn)
+{
+ uint16_t command = 0;
+ int rc;
+
+ if (conn->ops->allocate_rsp_buf(work))
+ return;
+
+ if (conn->ops->is_transform_hdr &&
+ conn->ops->is_transform_hdr(REQUEST_BUF(work))) {
+ rc = conn->ops->decrypt_req(work);
+ if (rc < 0) {
+ conn->ops->set_rsp_status(work, STATUS_DATA_ERROR);
+ goto send;
+ }
+
+ work->encrypted = true;
+ }
+
+ rc = conn->ops->init_rsp_hdr(work);
+ if (rc) {
+ /* either uid or tid is not correct */
+ conn->ops->set_rsp_status(work, STATUS_INVALID_HANDLE);
+ goto send;
+ }
+
+ if (conn->ops->check_user_session) {
+ rc = conn->ops->check_user_session(work);
+ if (rc < 0) {
+ command = conn->ops->get_cmd_val(work);
+ conn->ops->set_rsp_status(work,
+ STATUS_USER_SESSION_DELETED);
+ goto send;
+ } else if (rc > 0) {
+ rc = conn->ops->get_ksmbd_tcon(work);
+ if (rc < 0) {
+ conn->ops->set_rsp_status(work,
+ STATUS_NETWORK_NAME_DELETED);
+ goto send;
+ }
+ }
+ }
+
+ do {
+ rc = __process_request(work, conn, &command);
+ if (rc == TCP_HANDLER_ABORT)
+ break;
+
+ /*
+ * Call smb2_set_rsp_credits() function to set number of credits
+ * granted in hdr of smb2 response.
+ */
+ if (conn->ops->set_rsp_credits) {
+ spin_lock(&conn->credits_lock);
+ rc = conn->ops->set_rsp_credits(work);
+ spin_unlock(&conn->credits_lock);
+ if (rc < 0) {
+ conn->ops->set_rsp_status(work,
+ STATUS_INVALID_PARAMETER);
+ goto send;
+ }
+ }
+
+ if (work->sess && (work->sess->sign ||
+ smb3_11_final_sess_setup_resp(work) ||
+ conn->ops->is_sign_req(work, command)))
+ conn->ops->set_sign_rsp(work);
+ } while (is_chained_smb2_message(work));
+
+ if (work->send_no_response)
+ return;
+
+send:
+ smb3_preauth_hash_rsp(work);
+ if (work->sess && work->sess->enc && work->encrypted &&
+ conn->ops->encrypt_resp) {
+ rc = conn->ops->encrypt_resp(work);
+ if (rc < 0) {
+ conn->ops->set_rsp_status(work, STATUS_DATA_ERROR);
+ goto send;
+ }
+ }
+
+ ksmbd_conn_write(work);
+}
+
+/**
+ * handle_ksmbd_work() - process pending smb work requests
+ * @ksmbd_work: smb work containing request command buffer
+ *
+ * called by kworker threads to processing remaining smb work requests
+ */
+static void handle_ksmbd_work(struct work_struct *wk)
+{
+ struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
+ struct ksmbd_conn *conn = work->conn;
+
+ atomic64_inc(&conn->stats.request_served);
+
+ __handle_ksmbd_work(work, conn);
+
+ ksmbd_conn_try_dequeue_request(work);
+ ksmbd_free_work_struct(work);
+ atomic_dec(&conn->r_count);
+}
+
+/**
+ * queue_ksmbd_work() - queue a smb request to worker thread queue
+ * for proccessing smb command and sending response
+ * @conn: connection instance
+ *
+ * read remaining data from socket create and submit work.
+ */
+static int queue_ksmbd_work(struct ksmbd_conn *conn)
+{
+ struct ksmbd_work *work;
+
+ work = ksmbd_alloc_work_struct();
+ if (!work) {
+ ksmbd_err("allocation for work failed\n");
+ return -ENOMEM;
+ }
+
+ work->conn = conn;
+ work->request_buf = conn->request_buf;
+ conn->request_buf = NULL;
+
+ if (ksmbd_init_smb_server(work)) {
+ ksmbd_free_work_struct(work);
+ return -EINVAL;
+ }
+
+ ksmbd_conn_enqueue_request(work);
+ atomic_inc(&conn->r_count);
+ /* update activity on connection */
+ conn->last_active = jiffies;
+ INIT_WORK(&work->work, handle_ksmbd_work);
+ ksmbd_queue_work(work);
+ return 0;
+}
+
+static int ksmbd_server_process_request(struct ksmbd_conn *conn)
+{
+ return queue_ksmbd_work(conn);
+}
+
+static int ksmbd_server_terminate_conn(struct ksmbd_conn *conn)
+{
+ ksmbd_sessions_deregister(conn);
+ destroy_lease_table(conn);
+ return 0;
+}
+
+static void ksmbd_server_tcp_callbacks_init(void)
+{
+ struct ksmbd_conn_ops ops;
+
+ ops.process_fn = ksmbd_server_process_request;
+ ops.terminate_fn = ksmbd_server_terminate_conn;
+
+ ksmbd_conn_init_server_callbacks(&ops);
+}
+
+static void server_conf_free(void)
+{
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(server_conf.conf); i++) {
+ kfree(server_conf.conf[i]);
+ server_conf.conf[i] = NULL;
+ }
+}
+
+static int server_conf_init(void)
+{
+ WRITE_ONCE(server_conf.state, SERVER_STATE_STARTING_UP);
+ server_conf.enforced_signing = 0;
+ server_conf.min_protocol = ksmbd_min_protocol();
+ server_conf.max_protocol = ksmbd_max_protocol();
+ server_conf.auth_mechs = KSMBD_AUTH_NTLMSSP;
+#ifdef CONFIG_SMB_SERVER_KERBEROS5
+ server_conf.auth_mechs |= KSMBD_AUTH_KRB5 |
+ KSMBD_AUTH_MSKRB5;
+#endif
+ return 0;
+}
+
+static void server_ctrl_handle_init(struct server_ctrl_struct *ctrl)
+{
+ int ret;
+
+ ret = ksmbd_conn_transport_init();
+ if (ret) {
+ server_queue_ctrl_reset_work();
+ return;
+ }
+
+ WRITE_ONCE(server_conf.state, SERVER_STATE_RUNNING);
+}
+
+static void server_ctrl_handle_reset(struct server_ctrl_struct *ctrl)
+{
+ ksmbd_ipc_soft_reset();
+ ksmbd_conn_transport_destroy();
+ server_conf_free();
+ server_conf_init();
+ WRITE_ONCE(server_conf.state, SERVER_STATE_STARTING_UP);
+}
+
+static void server_ctrl_handle_work(struct work_struct *work)
+{
+ struct server_ctrl_struct *ctrl;
+
+ ctrl = container_of(work, struct server_ctrl_struct, ctrl_work);
+
+ mutex_lock(&ctrl_lock);
+ switch (ctrl->type) {
+ case SERVER_CTRL_TYPE_INIT:
+ server_ctrl_handle_init(ctrl);
+ break;
+ case SERVER_CTRL_TYPE_RESET:
+ server_ctrl_handle_reset(ctrl);
+ break;
+ default:
+ pr_err("Unknown server work type: %d\n", ctrl->type);
+ }
+ mutex_unlock(&ctrl_lock);
+ kfree(ctrl);
+ module_put(THIS_MODULE);
+}
+
+static int __queue_ctrl_work(int type)
+{
+ struct server_ctrl_struct *ctrl;
+
+ ctrl = kmalloc(sizeof(struct server_ctrl_struct), GFP_KERNEL);
+ if (!ctrl)
+ return -ENOMEM;
+
+ __module_get(THIS_MODULE);
+ ctrl->type = type;
+ INIT_WORK(&ctrl->ctrl_work, server_ctrl_handle_work);
+ queue_work(system_long_wq, &ctrl->ctrl_work);
+ return 0;
+}
+
+int server_queue_ctrl_init_work(void)
+{
+ return __queue_ctrl_work(SERVER_CTRL_TYPE_INIT);
+}
+
+int server_queue_ctrl_reset_work(void)
+{
+ return __queue_ctrl_work(SERVER_CTRL_TYPE_RESET);
+}
+
+static ssize_t stats_show(struct class *class,
+ struct class_attribute *attr,
+ char *buf)
+{
+ /*
+ * Inc this each time you change stats output format,
+ * so user space will know what to do.
+ */
+ static int stats_version = 2;
+ static const char * const state[] = {
+ "startup",
+ "running",
+ "reset",
+ "shutdown"
+ };
+
+ ssize_t sz = scnprintf(buf,
+ PAGE_SIZE,
+ "%d %s %d %lu\n",
+ stats_version,
+ state[server_conf.state],
+ server_conf.tcp_port,
+ server_conf.ipc_last_active / HZ);
+ return sz;
+}
+
+static ssize_t kill_server_store(struct class *class,
+ struct class_attribute *attr,
+ const char *buf,
+ size_t len)
+{
+ if (!sysfs_streq(buf, "hard"))
+ return len;
+
+ ksmbd_info("kill command received\n");
+ mutex_lock(&ctrl_lock);
+ WRITE_ONCE(server_conf.state, SERVER_STATE_RESETTING);
+ __module_get(THIS_MODULE);
+ server_ctrl_handle_reset(NULL);
+ module_put(THIS_MODULE);
+ mutex_unlock(&ctrl_lock);
+ return len;
+}
+
+static const char * const debug_type_strings[] = {"smb", "auth", "vfs",
+ "oplock", "ipc", "conn",
+ "rdma"};
+
+static ssize_t debug_show(struct class *class,
+ struct class_attribute *attr,
+ char *buf)
+{
+ ssize_t sz = 0;
+ int i, pos = 0;
+
+ for (i = 0; i < ARRAY_SIZE(debug_type_strings); i++) {
+ if ((ksmbd_debug_types >> i) & 1) {
+ pos = scnprintf(buf + sz,
+ PAGE_SIZE - sz,
+ "[%s] ",
+ debug_type_strings[i]);
+ } else {
+ pos = scnprintf(buf + sz,
+ PAGE_SIZE - sz,
+ "%s ",
+ debug_type_strings[i]);
+ }
+ sz += pos;
+
+ }
+ sz += scnprintf(buf + sz, PAGE_SIZE - sz, "\n");
+ return sz;
+}
+
+static ssize_t debug_store(struct class *class,
+ struct class_attribute *attr,
+ const char *buf,
+ size_t len)
+{
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(debug_type_strings); i++) {
+ if (sysfs_streq(buf, "all")) {
+ if (ksmbd_debug_types == KSMBD_DEBUG_ALL)
+ ksmbd_debug_types = 0;
+ else
+ ksmbd_debug_types = KSMBD_DEBUG_ALL;
+ break;
+ }
+
+ if (sysfs_streq(buf, debug_type_strings[i])) {
+ if (ksmbd_debug_types & (1 << i))
+ ksmbd_debug_types &= ~(1 << i);
+ else
+ ksmbd_debug_types |= (1 << i);
+ break;
+ }
+ }
+
+ return len;
+}
+
+static CLASS_ATTR_RO(stats);
+static CLASS_ATTR_WO(kill_server);
+static CLASS_ATTR_RW(debug);
+
+static struct attribute *ksmbd_control_class_attrs[] = {
+ &class_attr_stats.attr,
+ &class_attr_kill_server.attr,
+ &class_attr_debug.attr,
+ NULL,
+};
+ATTRIBUTE_GROUPS(ksmbd_control_class);
+
+static struct class ksmbd_control_class = {
+ .name = "ksmbd-control",
+ .owner = THIS_MODULE,
+ .class_groups = ksmbd_control_class_groups,
+};
+
+static int ksmbd_server_shutdown(void)
+{
+ WRITE_ONCE(server_conf.state, SERVER_STATE_SHUTTING_DOWN);
+
+ class_unregister(&ksmbd_control_class);
+ ksmbd_workqueue_destroy();
+ ksmbd_ipc_release();
+ ksmbd_conn_transport_destroy();
+ ksmbd_free_session_table();
+ ksmbd_crypto_destroy();
+ ksmbd_free_global_file_table();
+ destroy_lease_table(NULL);
+ ksmbd_destroy_buffer_pools();
+ server_conf_free();
+ return 0;
+}
+
+static int __init ksmbd_server_init(void)
+{
+ int ret;
+
+ ret = class_register(&ksmbd_control_class);
+ if (ret) {
+ ksmbd_err("Unable to register ksmbd-control class\n");
+ return ret;
+ }
+
+ ksmbd_server_tcp_callbacks_init();
+
+ ret = server_conf_init();
+ if (ret)
+ return ret;
+
+ ret = ksmbd_init_buffer_pools();
+ if (ret)
+ return ret;
+
+ ret = ksmbd_init_session_table();
+ if (ret)
+ goto error;
+
+ ret = ksmbd_ipc_init();
+ if (ret)
+ goto error;
+
+ ret = ksmbd_init_global_file_table();
+ if (ret)
+ goto error;
+
+ ret = ksmbd_inode_hash_init();
+ if (ret)
+ goto error;
+
+ ret = ksmbd_crypto_create();
+ if (ret)
+ goto error;
+
+ ret = ksmbd_workqueue_init();
+ if (ret)
+ goto error;
+ return 0;
+
+error:
+ ksmbd_server_shutdown();
+ return ret;
+}
+
+/**
+ * exit_smb_server() - shutdown forker thread and free memory at module exit
+ */
+static void __exit ksmbd_server_exit(void)
+{
+ ksmbd_server_shutdown();
+ ksmbd_release_inode_hash();
+}
+
+MODULE_AUTHOR("Namjae Jeon <linkinjeon(a)kernel.org>");
+MODULE_VERSION(KSMBD_VERSION);
+MODULE_DESCRIPTION("Linux kernel CIFS/SMB SERVER");
+MODULE_LICENSE("GPL");
+MODULE_SOFTDEP("pre: arc4");
+MODULE_SOFTDEP("pre: ecb");
+MODULE_SOFTDEP("pre: hmac");
+MODULE_SOFTDEP("pre: md4");
+MODULE_SOFTDEP("pre: md5");
+MODULE_SOFTDEP("pre: nls");
+MODULE_SOFTDEP("pre: aes");
+MODULE_SOFTDEP("pre: cmac");
+MODULE_SOFTDEP("pre: sha256");
+MODULE_SOFTDEP("pre: sha512");
+MODULE_SOFTDEP("pre: aead2");
+MODULE_SOFTDEP("pre: ccm");
+MODULE_SOFTDEP("pre: gcm");
+module_init(ksmbd_server_init)
+module_exit(ksmbd_server_exit)
diff --git a/fs/cifsd/server.h b/fs/cifsd/server.h
new file mode 100644
index 000000000000..7b2f6318fcff
--- /dev/null
+++ b/fs/cifsd/server.h
@@ -0,0 +1,62 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __SERVER_H__
+#define __SERVER_H__
+
+#include "smbacl.h"
+
+#define SERVER_STATE_STARTING_UP 0
+#define SERVER_STATE_RUNNING 1
+#define SERVER_STATE_RESETTING 2
+#define SERVER_STATE_SHUTTING_DOWN 3
+
+#define SERVER_CONF_NETBIOS_NAME 0
+#define SERVER_CONF_SERVER_STRING 1
+#define SERVER_CONF_WORK_GROUP 2
+
+extern int ksmbd_debugging;
+
+struct ksmbd_server_config {
+ unsigned int flags;
+ unsigned int state;
+ short signing;
+ short enforced_signing;
+ short min_protocol;
+ short max_protocol;
+ unsigned short tcp_port;
+ unsigned short ipc_timeout;
+ unsigned long ipc_last_active;
+ unsigned long deadtime;
+ unsigned int share_fake_fscaps;
+ struct smb_sid domain_sid;
+ unsigned int auth_mechs;
+
+ char *conf[SERVER_CONF_WORK_GROUP + 1];
+};
+
+extern struct ksmbd_server_config server_conf;
+
+int ksmbd_set_netbios_name(char *v);
+int ksmbd_set_server_string(char *v);
+int ksmbd_set_work_group(char *v);
+
+char *ksmbd_netbios_name(void);
+char *ksmbd_server_string(void);
+char *ksmbd_work_group(void);
+
+static inline int ksmbd_server_running(void)
+{
+ return READ_ONCE(server_conf.state) == SERVER_STATE_RUNNING;
+}
+
+static inline int ksmbd_server_configurable(void)
+{
+ return READ_ONCE(server_conf.state) < SERVER_STATE_RESETTING;
+}
+
+int server_queue_ctrl_init_work(void);
+int server_queue_ctrl_reset_work(void);
+#endif /* __SERVER_H__ */
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
new file mode 100644
index 000000000000..b91fa265f85d
--- /dev/null
+++ b/fs/cifsd/transport_ipc.c
@@ -0,0 +1,900 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/jhash.h>
+#include <linux/slab.h>
+#include <linux/rwsem.h>
+#include <linux/mutex.h>
+#include <linux/wait.h>
+#include <linux/hashtable.h>
+#include <net/net_namespace.h>
+#include <net/genetlink.h>
+#include <linux/socket.h>
+#include <linux/workqueue.h>
+
+#include "vfs_cache.h"
+#include "transport_ipc.h"
+#include "buffer_pool.h"
+#include "server.h"
+#include "smb_common.h"
+
+#include "mgmt/user_config.h"
+#include "mgmt/share_config.h"
+#include "mgmt/user_session.h"
+#include "mgmt/tree_connect.h"
+#include "mgmt/ksmbd_ida.h"
+#include "connection.h"
+#include "transport_tcp.h"
+
+/* @FIXME fix this code */
+extern int get_protocol_idx(char *str);
+
+#define IPC_WAIT_TIMEOUT (2 * HZ)
+
+#define IPC_MSG_HASH_BITS 3
+static DEFINE_HASHTABLE(ipc_msg_table, IPC_MSG_HASH_BITS);
+static DECLARE_RWSEM(ipc_msg_table_lock);
+static DEFINE_MUTEX(startup_lock);
+
+static struct ksmbd_ida *ida;
+
+static unsigned int ksmbd_tools_pid;
+
+#define KSMBD_IPC_MSG_HANDLE(m) (*(unsigned int *)m)
+
+static bool ksmbd_ipc_validate_version(struct genl_info *m)
+{
+ if (m->genlhdr->version != KSMBD_GENL_VERSION) {
+ ksmbd_err("%s. ksmbd: %d, kernel module: %d. %s.\n",
+ "Daemon and kernel module version mismatch",
+ m->genlhdr->version,
+ KSMBD_GENL_VERSION,
+ "User-space ksmbd should terminate");
+ return false;
+ }
+ return true;
+}
+
+struct ksmbd_ipc_msg {
+ unsigned int type;
+ unsigned int sz;
+ unsigned char ____payload[0];
+};
+
+#define KSMBD_IPC_MSG_PAYLOAD(m) \
+ ((void *)(((struct ksmbd_ipc_msg *)(m))->____payload))
+
+struct ipc_msg_table_entry {
+ unsigned int handle;
+ unsigned int type;
+ wait_queue_head_t wait;
+ struct hlist_node ipc_table_hlist;
+
+ void *response;
+};
+
+static struct delayed_work ipc_timer_work;
+
+static int handle_startup_event(struct sk_buff *skb, struct genl_info *info);
+static int handle_unsupported_event(struct sk_buff *skb,
+ struct genl_info *info);
+static int handle_generic_event(struct sk_buff *skb, struct genl_info *info);
+static int ksmbd_ipc_heartbeat_request(void);
+
+static const struct nla_policy ksmbd_nl_policy[KSMBD_EVENT_MAX] = {
+ [KSMBD_EVENT_UNSPEC] = {
+ .len = 0,
+ },
+ [KSMBD_EVENT_HEARTBEAT_REQUEST] = {
+ .len = sizeof(struct ksmbd_heartbeat),
+ },
+ [KSMBD_EVENT_STARTING_UP] = {
+ .len = sizeof(struct ksmbd_startup_request),
+ },
+ [KSMBD_EVENT_SHUTTING_DOWN] = {
+ .len = sizeof(struct ksmbd_shutdown_request),
+ },
+ [KSMBD_EVENT_LOGIN_REQUEST] = {
+ .len = sizeof(struct ksmbd_login_request),
+ },
+ [KSMBD_EVENT_LOGIN_RESPONSE] = {
+ .len = sizeof(struct ksmbd_login_response),
+ },
+ [KSMBD_EVENT_SHARE_CONFIG_REQUEST] = {
+ .len = sizeof(struct ksmbd_share_config_request),
+ },
+ [KSMBD_EVENT_SHARE_CONFIG_RESPONSE] = {
+ .len = sizeof(struct ksmbd_share_config_response),
+ },
+ [KSMBD_EVENT_TREE_CONNECT_REQUEST] = {
+ .len = sizeof(struct ksmbd_tree_connect_request),
+ },
+ [KSMBD_EVENT_TREE_CONNECT_RESPONSE] = {
+ .len = sizeof(struct ksmbd_tree_connect_response),
+ },
+ [KSMBD_EVENT_TREE_DISCONNECT_REQUEST] = {
+ .len = sizeof(struct ksmbd_tree_disconnect_request),
+ },
+ [KSMBD_EVENT_LOGOUT_REQUEST] = {
+ .len = sizeof(struct ksmbd_logout_request),
+ },
+ [KSMBD_EVENT_RPC_REQUEST] = {
+ },
+ [KSMBD_EVENT_RPC_RESPONSE] = {
+ },
+ [KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST] = {
+ },
+ [KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE] = {
+ },
+};
+
+static struct genl_ops ksmbd_genl_ops[] = {
+ {
+ .cmd = KSMBD_EVENT_UNSPEC,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_HEARTBEAT_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_STARTING_UP,
+ .doit = handle_startup_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_SHUTTING_DOWN,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_LOGIN_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_LOGIN_RESPONSE,
+ .doit = handle_generic_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_SHARE_CONFIG_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
+ .doit = handle_generic_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_TREE_CONNECT_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_TREE_CONNECT_RESPONSE,
+ .doit = handle_generic_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_TREE_DISCONNECT_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_LOGOUT_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_RPC_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_RPC_RESPONSE,
+ .doit = handle_generic_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
+ .doit = handle_unsupported_event,
+ },
+ {
+ .cmd = KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE,
+ .doit = handle_generic_event,
+ },
+};
+
+static struct genl_family ksmbd_genl_family = {
+ .name = KSMBD_GENL_NAME,
+ .version = KSMBD_GENL_VERSION,
+ .hdrsize = 0,
+ .maxattr = KSMBD_EVENT_MAX,
+ .netnsok = true,
+ .module = THIS_MODULE,
+ .ops = ksmbd_genl_ops,
+ .n_ops = ARRAY_SIZE(ksmbd_genl_ops),
+};
+
+static void ksmbd_nl_init_fixup(void)
+{
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(ksmbd_genl_ops); i++)
+ ksmbd_genl_ops[i].validate = GENL_DONT_VALIDATE_STRICT |
+ GENL_DONT_VALIDATE_DUMP;
+
+ ksmbd_genl_family.policy = ksmbd_nl_policy;
+}
+
+static int rpc_context_flags(struct ksmbd_session *sess)
+{
+ if (user_guest(sess->user))
+ return KSMBD_RPC_RESTRICTED_CONTEXT;
+ return 0;
+}
+
+static void ipc_update_last_active(void)
+{
+ if (server_conf.ipc_timeout)
+ server_conf.ipc_last_active = jiffies;
+}
+
+static struct ksmbd_ipc_msg *ipc_msg_alloc(size_t sz)
+{
+ struct ksmbd_ipc_msg *msg;
+ size_t msg_sz = sz + sizeof(struct ksmbd_ipc_msg);
+
+ msg = ksmbd_alloc(msg_sz);
+ if (msg)
+ msg->sz = sz;
+ return msg;
+}
+
+static void ipc_msg_free(struct ksmbd_ipc_msg *msg)
+{
+ ksmbd_free(msg);
+}
+
+static void ipc_msg_handle_free(int handle)
+{
+ if (handle >= 0)
+ ksmbd_release_id(ida, handle);
+}
+
+static int handle_response(int type, void *payload, size_t sz)
+{
+ int handle = KSMBD_IPC_MSG_HANDLE(payload);
+ struct ipc_msg_table_entry *entry;
+ int ret = 0;
+
+ ipc_update_last_active();
+ down_read(&ipc_msg_table_lock);
+ hash_for_each_possible(ipc_msg_table, entry, ipc_table_hlist, handle) {
+ if (handle != entry->handle)
+ continue;
+
+ entry->response = NULL;
+ /*
+ * Response message type value should be equal to
+ * request message type + 1.
+ */
+ if (entry->type + 1 != type) {
+ ksmbd_err("Waiting for IPC type %d, got %d. Ignore.\n",
+ entry->type + 1, type);
+ }
+
+ entry->response = ksmbd_alloc(sz);
+ if (!entry->response) {
+ ret = -ENOMEM;
+ break;
+ }
+
+ memcpy(entry->response, payload, sz);
+ wake_up_interruptible(&entry->wait);
+ ret = 0;
+ break;
+ }
+ up_read(&ipc_msg_table_lock);
+
+ return ret;
+}
+
+static int ipc_server_config_on_startup(struct ksmbd_startup_request *req)
+{
+ int ret;
+
+ ksmbd_set_fd_limit(req->file_max);
+ server_conf.flags = req->flags;
+ server_conf.signing = req->signing;
+ server_conf.tcp_port = req->tcp_port;
+ server_conf.ipc_timeout = req->ipc_timeout * HZ;
+ server_conf.deadtime = req->deadtime * SMB_ECHO_INTERVAL;
+ server_conf.share_fake_fscaps = req->share_fake_fscaps;
+ ksmbd_init_domain(req->sub_auth);
+
+ if (req->smb2_max_read)
+ init_smb2_max_read_size(req->smb2_max_read);
+ if (req->smb2_max_write)
+ init_smb2_max_write_size(req->smb2_max_write);
+ if (req->smb2_max_trans)
+ init_smb2_max_trans_size(req->smb2_max_trans);
+
+ ret = ksmbd_set_netbios_name(req->netbios_name);
+ ret |= ksmbd_set_server_string(req->server_string);
+ ret |= ksmbd_set_work_group(req->work_group);
+ ret |= ksmbd_tcp_set_interfaces(KSMBD_STARTUP_CONFIG_INTERFACES(req),
+ req->ifc_list_sz);
+ if (ret) {
+ ksmbd_err("Server configuration error: %s %s %s\n",
+ req->netbios_name,
+ req->server_string,
+ req->work_group);
+ return ret;
+ }
+
+ if (req->min_prot[0]) {
+ ret = ksmbd_lookup_protocol_idx(req->min_prot);
+ if (ret >= 0)
+ server_conf.min_protocol = ret;
+ }
+ if (req->max_prot[0]) {
+ ret = ksmbd_lookup_protocol_idx(req->max_prot);
+ if (ret >= 0)
+ server_conf.max_protocol = ret;
+ }
+
+ if (server_conf.ipc_timeout)
+ schedule_delayed_work(&ipc_timer_work, server_conf.ipc_timeout);
+ return 0;
+}
+
+static int handle_startup_event(struct sk_buff *skb, struct genl_info *info)
+{
+ int ret = 0;
+
+#ifdef CONFIG_SMB_SERVER_CHECK_CAP_NET_ADMIN
+ if (!netlink_capable(skb, CAP_NET_ADMIN))
+ return -EPERM;
+#endif
+
+ if (!ksmbd_ipc_validate_version(info))
+ return -EINVAL;
+
+ if (!info->attrs[KSMBD_EVENT_STARTING_UP])
+ return -EINVAL;
+
+ mutex_lock(&startup_lock);
+ if (!ksmbd_server_configurable()) {
+ mutex_unlock(&startup_lock);
+ ksmbd_err("Server reset is in progress, can't start daemon\n");
+ return -EINVAL;
+ }
+
+ if (ksmbd_tools_pid) {
+ if (ksmbd_ipc_heartbeat_request() == 0) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ ksmbd_err("Reconnect to a new user space daemon\n");
+ } else {
+ struct ksmbd_startup_request *req;
+
+ req = nla_data(info->attrs[info->genlhdr->cmd]);
+ ret = ipc_server_config_on_startup(req);
+ if (ret)
+ goto out;
+ server_queue_ctrl_init_work();
+ }
+
+ ksmbd_tools_pid = info->snd_portid;
+ ipc_update_last_active();
+
+out:
+ mutex_unlock(&startup_lock);
+ return ret;
+}
+
+static int handle_unsupported_event(struct sk_buff *skb,
+ struct genl_info *info)
+{
+ ksmbd_err("Unknown IPC event: %d, ignore.\n", info->genlhdr->cmd);
+ return -EINVAL;
+}
+
+static int handle_generic_event(struct sk_buff *skb, struct genl_info *info)
+{
+ void *payload;
+ int sz;
+ int type = info->genlhdr->cmd;
+
+#ifdef CONFIG_SMB_SERVER_CHECK_CAP_NET_ADMIN
+ if (!netlink_capable(skb, CAP_NET_ADMIN))
+ return -EPERM;
+#endif
+
+ if (type >= KSMBD_EVENT_MAX) {
+ WARN_ON(1);
+ return -EINVAL;
+ }
+
+ if (!ksmbd_ipc_validate_version(info))
+ return -EINVAL;
+
+ if (!info->attrs[type])
+ return -EINVAL;
+
+ payload = nla_data(info->attrs[info->genlhdr->cmd]);
+ sz = nla_len(info->attrs[info->genlhdr->cmd]);
+ return handle_response(type, payload, sz);
+}
+
+static int ipc_msg_send(struct ksmbd_ipc_msg *msg)
+{
+ struct genlmsghdr *nlh;
+ struct sk_buff *skb;
+ int ret = -EINVAL;
+
+ if (!ksmbd_tools_pid)
+ return ret;
+
+ skb = genlmsg_new(msg->sz, GFP_KERNEL);
+ if (!skb)
+ return -ENOMEM;
+
+ nlh = genlmsg_put(skb, 0, 0, &ksmbd_genl_family, 0, msg->type);
+ if (!nlh)
+ goto out;
+
+ ret = nla_put(skb, msg->type, msg->sz, KSMBD_IPC_MSG_PAYLOAD(msg));
+ if (ret) {
+ genlmsg_cancel(skb, nlh);
+ goto out;
+ }
+
+ genlmsg_end(skb, nlh);
+ ret = genlmsg_unicast(&init_net, skb, ksmbd_tools_pid);
+ if (!ret)
+ ipc_update_last_active();
+ return ret;
+
+out:
+ nlmsg_free(skb);
+ return ret;
+}
+
+static void *ipc_msg_send_request(struct ksmbd_ipc_msg *msg,
+ unsigned int handle)
+{
+ struct ipc_msg_table_entry entry;
+ int ret;
+
+ if ((int)handle < 0)
+ return NULL;
+
+ entry.type = msg->type;
+ entry.response = NULL;
+ init_waitqueue_head(&entry.wait);
+
+ down_write(&ipc_msg_table_lock);
+ entry.handle = handle;
+ hash_add(ipc_msg_table, &entry.ipc_table_hlist, entry.handle);
+ up_write(&ipc_msg_table_lock);
+
+ ret = ipc_msg_send(msg);
+ if (ret)
+ goto out;
+
+ ret = wait_event_interruptible_timeout(entry.wait,
+ entry.response != NULL,
+ IPC_WAIT_TIMEOUT);
+out:
+ down_write(&ipc_msg_table_lock);
+ hash_del(&entry.ipc_table_hlist);
+ up_write(&ipc_msg_table_lock);
+ return entry.response;
+}
+
+static int ksmbd_ipc_heartbeat_request(void)
+{
+ struct ksmbd_ipc_msg *msg;
+ int ret;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_heartbeat));
+ if (!msg)
+ return -EINVAL;
+
+ msg->type = KSMBD_EVENT_HEARTBEAT_REQUEST;
+ ret = ipc_msg_send(msg);
+ ipc_msg_free(msg);
+ return ret;
+}
+
+struct ksmbd_login_response *ksmbd_ipc_login_request(const char *account)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_login_request *req;
+ struct ksmbd_login_response *resp;
+
+ if (strlen(account) >= KSMBD_REQ_MAX_ACCOUNT_NAME_SZ)
+ return NULL;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_login_request));
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_LOGIN_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = ksmbd_acquire_id(ida);
+ strscpy(req->account, account, KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_handle_free(req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_spnego_authen_response *
+ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_spnego_authen_request *req;
+ struct ksmbd_spnego_authen_response *resp;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_spnego_authen_request) +
+ blob_len + 1);
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = ksmbd_acquire_id(ida);
+ req->spnego_blob_len = blob_len;
+ memcpy(req->spnego_blob, spnego_blob, blob_len);
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_handle_free(req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_tree_connect_response *
+ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
+ struct ksmbd_share_config *share,
+ struct ksmbd_tree_connect *tree_conn,
+ struct sockaddr *peer_addr)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_tree_connect_request *req;
+ struct ksmbd_tree_connect_response *resp;
+
+ if (strlen(user_name(sess->user)) >= KSMBD_REQ_MAX_ACCOUNT_NAME_SZ)
+ return NULL;
+
+ if (strlen(share->name) >= KSMBD_REQ_MAX_SHARE_NAME)
+ return NULL;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_tree_connect_request));
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_TREE_CONNECT_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+
+ req->handle = ksmbd_acquire_id(ida);
+ req->account_flags = sess->user->flags;
+ req->session_id = sess->id;
+ req->connect_id = tree_conn->id;
+ strscpy(req->account, user_name(sess->user), KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
+ strscpy(req->share, share->name, KSMBD_REQ_MAX_SHARE_NAME);
+ snprintf(req->peer_addr, sizeof(req->peer_addr), "%pIS", peer_addr);
+
+ if (peer_addr->sa_family == AF_INET6)
+ req->flags |= KSMBD_TREE_CONN_FLAG_REQUEST_IPV6;
+ if (test_session_flag(sess, CIFDS_SESSION_FLAG_SMB2))
+ req->flags |= KSMBD_TREE_CONN_FLAG_REQUEST_SMB2;
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_handle_free(req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
+ unsigned long long connect_id)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_tree_disconnect_request *req;
+ int ret;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_tree_disconnect_request));
+ if (!msg)
+ return -ENOMEM;
+
+ msg->type = KSMBD_EVENT_TREE_DISCONNECT_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->session_id = session_id;
+ req->connect_id = connect_id;
+
+ ret = ipc_msg_send(msg);
+ ipc_msg_free(msg);
+ return ret;
+}
+
+int ksmbd_ipc_logout_request(const char *account)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_logout_request *req;
+ int ret;
+
+ if (strlen(account) >= KSMBD_REQ_MAX_ACCOUNT_NAME_SZ)
+ return -EINVAL;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_logout_request));
+ if (!msg)
+ return -ENOMEM;
+
+ msg->type = KSMBD_EVENT_LOGOUT_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ strscpy(req->account, account, KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
+
+ ret = ipc_msg_send(msg);
+ ipc_msg_free(msg);
+ return ret;
+}
+
+struct ksmbd_share_config_response *
+ksmbd_ipc_share_config_request(const char *name)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_share_config_request *req;
+ struct ksmbd_share_config_response *resp;
+
+ if (strlen(name) >= KSMBD_REQ_MAX_SHARE_NAME)
+ return NULL;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_share_config_request));
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_SHARE_CONFIG_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = ksmbd_acquire_id(ida);
+ strscpy(req->share_name, name, KSMBD_REQ_MAX_SHARE_NAME);
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_handle_free(req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess,
+ int handle)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_rpc_command *req;
+ struct ksmbd_rpc_command *resp;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_rpc_command));
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_RPC_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = handle;
+ req->flags = ksmbd_session_rpc_method(sess, handle);
+ req->flags |= KSMBD_RPC_OPEN_METHOD;
+ req->payload_sz = 0;
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess,
+ int handle)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_rpc_command *req;
+ struct ksmbd_rpc_command *resp;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_rpc_command));
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_RPC_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = handle;
+ req->flags = ksmbd_session_rpc_method(sess, handle);
+ req->flags |= KSMBD_RPC_CLOSE_METHOD;
+ req->payload_sz = 0;
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess,
+ int handle,
+ void *payload,
+ size_t payload_sz)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_rpc_command *req;
+ struct ksmbd_rpc_command *resp;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_rpc_command) + payload_sz + 1);
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_RPC_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = handle;
+ req->flags = ksmbd_session_rpc_method(sess, handle);
+ req->flags |= rpc_context_flags(sess);
+ req->flags |= KSMBD_RPC_WRITE_METHOD;
+ req->payload_sz = payload_sz;
+ memcpy(req->payload, payload, payload_sz);
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess,
+ int handle)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_rpc_command *req;
+ struct ksmbd_rpc_command *resp;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_rpc_command));
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_RPC_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = handle;
+ req->flags = ksmbd_session_rpc_method(sess, handle);
+ req->flags |= rpc_context_flags(sess);
+ req->flags |= KSMBD_RPC_READ_METHOD;
+ req->payload_sz = 0;
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess,
+ int handle,
+ void *payload,
+ size_t payload_sz)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_rpc_command *req;
+ struct ksmbd_rpc_command *resp;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_rpc_command) + payload_sz + 1);
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_RPC_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = handle;
+ req->flags = ksmbd_session_rpc_method(sess, handle);
+ req->flags |= rpc_context_flags(sess);
+ req->flags |= KSMBD_RPC_IOCTL_METHOD;
+ req->payload_sz = payload_sz;
+ memcpy(req->payload, payload, payload_sz);
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess,
+ void *payload,
+ size_t payload_sz)
+{
+ struct ksmbd_ipc_msg *msg;
+ struct ksmbd_rpc_command *req;
+ struct ksmbd_rpc_command *resp;
+
+ msg = ipc_msg_alloc(sizeof(struct ksmbd_rpc_command) + payload_sz + 1);
+ if (!msg)
+ return NULL;
+
+ msg->type = KSMBD_EVENT_RPC_REQUEST;
+ req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req->handle = ksmbd_acquire_id(ida);
+ req->flags = rpc_context_flags(sess);
+ req->flags |= KSMBD_RPC_RAP_METHOD;
+ req->payload_sz = payload_sz;
+ memcpy(req->payload, payload, payload_sz);
+
+ resp = ipc_msg_send_request(msg, req->handle);
+ ipc_msg_handle_free(req->handle);
+ ipc_msg_free(msg);
+ return resp;
+}
+
+static int __ipc_heartbeat(void)
+{
+ unsigned long delta;
+
+ if (!ksmbd_server_running())
+ return 0;
+
+ if (time_after(jiffies, server_conf.ipc_last_active)) {
+ delta = (jiffies - server_conf.ipc_last_active);
+ } else {
+ ipc_update_last_active();
+ schedule_delayed_work(&ipc_timer_work,
+ server_conf.ipc_timeout);
+ return 0;
+ }
+
+ if (delta < server_conf.ipc_timeout) {
+ schedule_delayed_work(&ipc_timer_work,
+ server_conf.ipc_timeout - delta);
+ return 0;
+ }
+
+ if (ksmbd_ipc_heartbeat_request() == 0) {
+ schedule_delayed_work(&ipc_timer_work,
+ server_conf.ipc_timeout);
+ return 0;
+ }
+
+ mutex_lock(&startup_lock);
+ WRITE_ONCE(server_conf.state, SERVER_STATE_RESETTING);
+ server_conf.ipc_last_active = 0;
+ ksmbd_tools_pid = 0;
+ ksmbd_err("No IPC daemon response for %lus\n", delta / HZ);
+ mutex_unlock(&startup_lock);
+ return -EINVAL;
+}
+
+static void ipc_timer_heartbeat(struct work_struct *w)
+{
+ if (__ipc_heartbeat())
+ server_queue_ctrl_reset_work();
+}
+
+int ksmbd_ipc_id_alloc(void)
+{
+ return ksmbd_acquire_id(ida);
+}
+
+void ksmbd_rpc_id_free(int handle)
+{
+ ksmbd_release_id(ida, handle);
+}
+
+void ksmbd_ipc_release(void)
+{
+ cancel_delayed_work_sync(&ipc_timer_work);
+ ksmbd_ida_free(ida);
+ genl_unregister_family(&ksmbd_genl_family);
+}
+
+void ksmbd_ipc_soft_reset(void)
+{
+ mutex_lock(&startup_lock);
+ ksmbd_tools_pid = 0;
+ cancel_delayed_work_sync(&ipc_timer_work);
+ mutex_unlock(&startup_lock);
+}
+
+int ksmbd_ipc_init(void)
+{
+ int ret;
+
+ ksmbd_nl_init_fixup();
+ INIT_DELAYED_WORK(&ipc_timer_work, ipc_timer_heartbeat);
+
+ ret = genl_register_family(&ksmbd_genl_family);
+ if (ret) {
+ ksmbd_err("Failed to register KSMBD netlink interface %d\n",
+ ret);
+ return ret;
+ }
+
+ ida = ksmbd_ida_alloc();
+ if (!ida)
+ return -ENOMEM;
+ return 0;
+}
diff --git a/fs/cifsd/transport_ipc.h b/fs/cifsd/transport_ipc.h
new file mode 100644
index 000000000000..68c003027811
--- /dev/null
+++ b/fs/cifsd/transport_ipc.h
@@ -0,0 +1,63 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_TRANSPORT_IPC_H__
+#define __KSMBD_TRANSPORT_IPC_H__
+
+#include <linux/wait.h>
+#include "ksmbd_server.h" /* FIXME */
+
+#define KSMBD_IPC_MAX_PAYLOAD 4096
+
+struct ksmbd_login_response *
+ksmbd_ipc_login_request(const char *account);
+
+struct ksmbd_session;
+struct ksmbd_share_config;
+struct ksmbd_tree_connect;
+struct sockaddr;
+
+struct ksmbd_tree_connect_response *
+ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
+ struct ksmbd_share_config *share,
+ struct ksmbd_tree_connect *tree_conn,
+ struct sockaddr *peer_addr);
+
+int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
+ unsigned long long connect_id);
+int ksmbd_ipc_logout_request(const char *account);
+
+struct ksmbd_share_config_response *
+ksmbd_ipc_share_config_request(const char *name);
+
+struct ksmbd_spnego_authen_response *
+ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len);
+
+int ksmbd_ipc_id_alloc(void);
+void ksmbd_rpc_id_free(int handle);
+
+struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess,
+ int handle);
+struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess,
+ int handle);
+
+struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess,
+ int handle,
+ void *payload,
+ size_t payload_sz);
+struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess,
+ int handle);
+struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess,
+ int handle,
+ void *payload,
+ size_t payload_sz);
+struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess,
+ void *payload,
+ size_t payload_sz);
+
+void ksmbd_ipc_release(void);
+void ksmbd_ipc_soft_reset(void);
+int ksmbd_ipc_init(void);
+#endif /* __KSMBD_TRANSPORT_IPC_H__ */
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
new file mode 100644
index 000000000000..1698f7ed9c2f
--- /dev/null
+++ b/fs/cifsd/transport_rdma.c
@@ -0,0 +1,2050 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2017, Microsoft Corporation.
+ * Copyright (C) 2018, LG Electronics.
+ *
+ * Author(s): Long Li <longli(a)microsoft.com>,
+ * Hyunchul Lee <hyc.lee(a)gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
+ * the GNU General Public License for more details.
+ */
+
+#define SUBMOD_NAME "smb_direct"
+
+#include <linux/kthread.h>
+#include <linux/rwlock.h>
+#include <linux/list.h>
+#include <linux/mempool.h>
+#include <linux/highmem.h>
+#include <linux/scatterlist.h>
+#include <rdma/ib_verbs.h>
+#include <rdma/rdma_cm.h>
+#include <rdma/rw.h>
+
+#include "glob.h"
+#include "connection.h"
+#include "smb_common.h"
+#include "smbstatus.h"
+#include "buffer_pool.h"
+#include "transport_rdma.h"
+
+#define SMB_DIRECT_PORT 5445
+
+#define SMB_DIRECT_VERSION_LE cpu_to_le16(0x0100)
+
+/* SMB_DIRECT negotiation timeout in seconds */
+#define SMB_DIRECT_NEGOTIATE_TIMEOUT 120
+
+#define SMB_DIRECT_MAX_SEND_SGES 8
+#define SMB_DIRECT_MAX_RECV_SGES 1
+
+/*
+ * Default maximum number of RDMA read/write outstanding on this connection
+ * This value is possibly decreased during QP creation on hardware limit
+ */
+#define SMB_DIRECT_CM_INITIATOR_DEPTH 8
+
+/* Maximum number of retries on data transfer operations */
+#define SMB_DIRECT_CM_RETRY 6
+/* No need to retry on Receiver Not Ready since SMB_DIRECT manages credits */
+#define SMB_DIRECT_CM_RNR_RETRY 0
+
+/*
+ * User configurable initial values per SMB_DIRECT transport connection
+ * as defined in [MS-KSMBD] 3.1.1.1
+ * Those may change after a SMB_DIRECT negotiation
+ */
+/* The local peer's maximum number of credits to grant to the peer */
+static int smb_direct_receive_credit_max = 255;
+
+/* The remote peer's credit request of local peer */
+static int smb_direct_send_credit_target = 255;
+
+/* The maximum single message size can be sent to remote peer */
+static int smb_direct_max_send_size = 8192;
+
+/* The maximum fragmented upper-layer payload receive size supported */
+static int smb_direct_max_fragmented_recv_size = 1024 * 1024;
+
+/* The maximum single-message size which can be received */
+static int smb_direct_max_receive_size = 8192;
+
+static int smb_direct_max_read_write_size = 1024 * 1024;
+
+static int smb_direct_max_outstanding_rw_ops = 8;
+
+static struct smb_direct_listener {
+ struct rdma_cm_id *cm_id;
+} smb_direct_listener;
+
+
+static struct workqueue_struct *smb_direct_wq;
+
+enum smb_direct_status {
+ SMB_DIRECT_CS_NEW = 0,
+ SMB_DIRECT_CS_CONNECTED,
+ SMB_DIRECT_CS_DISCONNECTING,
+ SMB_DIRECT_CS_DISCONNECTED,
+};
+
+struct smb_direct_transport {
+ struct ksmbd_transport transport;
+
+ enum smb_direct_status status;
+ bool full_packet_received;
+ wait_queue_head_t wait_status;
+
+ struct rdma_cm_id *cm_id;
+ struct ib_cq *send_cq;
+ struct ib_cq *recv_cq;
+ struct ib_pd *pd;
+ struct ib_qp *qp;
+
+ int max_send_size;
+ int max_recv_size;
+ int max_fragmented_send_size;
+ int max_fragmented_recv_size;
+ int max_rdma_rw_size;
+
+ spinlock_t reassembly_queue_lock;
+ struct list_head reassembly_queue;
+ int reassembly_data_length;
+ int reassembly_queue_length;
+ int first_entry_offset;
+ wait_queue_head_t wait_reassembly_queue;
+
+ spinlock_t receive_credit_lock;
+ int recv_credits;
+ int count_avail_recvmsg;
+ int recv_credit_max;
+ int recv_credit_target;
+
+ spinlock_t recvmsg_queue_lock;
+ struct list_head recvmsg_queue;
+
+ spinlock_t empty_recvmsg_queue_lock;
+ struct list_head empty_recvmsg_queue;
+
+ int send_credit_target;
+ atomic_t send_credits;
+ spinlock_t lock_new_recv_credits;
+ int new_recv_credits;
+ atomic_t rw_avail_ops;
+
+ wait_queue_head_t wait_send_credits;
+ wait_queue_head_t wait_rw_avail_ops;
+
+ mempool_t *sendmsg_mempool;
+ struct kmem_cache *sendmsg_cache;
+ mempool_t *recvmsg_mempool;
+ struct kmem_cache *recvmsg_cache;
+
+ wait_queue_head_t wait_send_payload_pending;
+ atomic_t send_payload_pending;
+ wait_queue_head_t wait_send_pending;
+ atomic_t send_pending;
+
+ struct delayed_work post_recv_credits_work;
+ struct work_struct send_immediate_work;
+ struct work_struct disconnect_work;
+
+ bool negotiation_requested;
+};
+
+#define KSMBD_TRANS(t) ((struct ksmbd_transport *)&((t)->transport))
+#define SMB_DIRECT_TRANS(t) ((struct smb_direct_transport *)container_of(t, \
+ struct smb_direct_transport, transport))
+
+enum {
+ SMB_DIRECT_MSG_NEGOTIATE_REQ = 0,
+ SMB_DIRECT_MSG_DATA_TRANSFER
+};
+
+static struct ksmbd_transport_ops ksmbd_smb_direct_transport_ops;
+
+struct smb_direct_send_ctx {
+ struct list_head msg_list;
+ int wr_cnt;
+ bool need_invalidate_rkey;
+ unsigned int remote_key;
+};
+
+struct smb_direct_sendmsg {
+ struct smb_direct_transport *transport;
+ struct ib_send_wr wr;
+ struct list_head list;
+ int num_sge;
+ struct ib_sge sge[SMB_DIRECT_MAX_SEND_SGES];
+ struct ib_cqe cqe;
+ u8 packet[];
+};
+
+struct smb_direct_recvmsg {
+ struct smb_direct_transport *transport;
+ struct list_head list;
+ int type;
+ struct ib_sge sge;
+ struct ib_cqe cqe;
+ bool first_segment;
+ u8 packet[];
+};
+
+struct smb_direct_rdma_rw_msg {
+ struct smb_direct_transport *t;
+ struct ib_cqe cqe;
+ struct completion *completion;
+ struct rdma_rw_ctx rw_ctx;
+ struct sg_table sgt;
+ struct scatterlist sg_list[0];
+};
+
+#define BUFFER_NR_PAGES(buf, len) \
+ (DIV_ROUND_UP((unsigned long)(buf) + (len), PAGE_SIZE) \
+ - (unsigned long)(buf) / PAGE_SIZE)
+
+static void smb_direct_destroy_pools(struct smb_direct_transport *transport);
+static void smb_direct_post_recv_credits(struct work_struct *work);
+static int smb_direct_post_send_data(struct smb_direct_transport *t,
+ struct smb_direct_send_ctx *send_ctx,
+ struct kvec *iov, int niov, int remaining_data_length);
+
+static inline void
+*smb_direct_recvmsg_payload(struct smb_direct_recvmsg *recvmsg)
+{
+ return (void *)recvmsg->packet;
+}
+
+static inline bool is_receive_credit_post_required(int receive_credits,
+ int avail_recvmsg_count)
+{
+ return receive_credits <= (smb_direct_receive_credit_max >> 3) &&
+ avail_recvmsg_count >= (receive_credits >> 2);
+}
+
+static struct
+smb_direct_recvmsg *get_free_recvmsg(struct smb_direct_transport *t)
+{
+ struct smb_direct_recvmsg *recvmsg = NULL;
+
+ spin_lock(&t->recvmsg_queue_lock);
+ if (!list_empty(&t->recvmsg_queue)) {
+ recvmsg = list_first_entry(&t->recvmsg_queue,
+ struct smb_direct_recvmsg,
+ list);
+ list_del(&recvmsg->list);
+ }
+ spin_unlock(&t->recvmsg_queue_lock);
+ return recvmsg;
+}
+
+static void put_recvmsg(struct smb_direct_transport *t,
+ struct smb_direct_recvmsg *recvmsg)
+{
+ ib_dma_unmap_single(t->cm_id->device, recvmsg->sge.addr,
+ recvmsg->sge.length, DMA_FROM_DEVICE);
+
+ spin_lock(&t->recvmsg_queue_lock);
+ list_add(&recvmsg->list, &t->recvmsg_queue);
+ spin_unlock(&t->recvmsg_queue_lock);
+
+}
+
+static struct
+smb_direct_recvmsg *get_empty_recvmsg(struct smb_direct_transport *t)
+{
+ struct smb_direct_recvmsg *recvmsg = NULL;
+
+ spin_lock(&t->empty_recvmsg_queue_lock);
+ if (!list_empty(&t->empty_recvmsg_queue)) {
+ recvmsg = list_first_entry(
+ &t->empty_recvmsg_queue,
+ struct smb_direct_recvmsg, list);
+ list_del(&recvmsg->list);
+ }
+ spin_unlock(&t->empty_recvmsg_queue_lock);
+ return recvmsg;
+}
+
+static void put_empty_recvmsg(struct smb_direct_transport *t,
+ struct smb_direct_recvmsg *recvmsg)
+{
+ ib_dma_unmap_single(t->cm_id->device, recvmsg->sge.addr,
+ recvmsg->sge.length, DMA_FROM_DEVICE);
+
+ spin_lock(&t->empty_recvmsg_queue_lock);
+ list_add_tail(&recvmsg->list, &t->empty_recvmsg_queue);
+ spin_unlock(&t->empty_recvmsg_queue_lock);
+}
+
+static void enqueue_reassembly(struct smb_direct_transport *t,
+ struct smb_direct_recvmsg *recvmsg,
+ int data_length)
+{
+ spin_lock(&t->reassembly_queue_lock);
+ list_add_tail(&recvmsg->list, &t->reassembly_queue);
+ t->reassembly_queue_length++;
+ /*
+ * Make sure reassembly_data_length is updated after list and
+ * reassembly_queue_length are updated. On the dequeue side
+ * reassembly_data_length is checked without a lock to determine
+ * if reassembly_queue_length and list is up to date
+ */
+ virt_wmb();
+ t->reassembly_data_length += data_length;
+ spin_unlock(&t->reassembly_queue_lock);
+
+}
+
+static struct smb_direct_recvmsg *get_first_reassembly(
+ struct smb_direct_transport *t)
+{
+ if (!list_empty(&t->reassembly_queue))
+ return list_first_entry(&t->reassembly_queue,
+ struct smb_direct_recvmsg, list);
+ else
+ return NULL;
+}
+
+static void smb_direct_disconnect_rdma_work(struct work_struct *work)
+{
+ struct smb_direct_transport *t =
+ container_of(work, struct smb_direct_transport,
+ disconnect_work);
+
+ if (t->status == SMB_DIRECT_CS_CONNECTED) {
+ t->status = SMB_DIRECT_CS_DISCONNECTING;
+ rdma_disconnect(t->cm_id);
+ }
+}
+
+static void
+smb_direct_disconnect_rdma_connection(struct smb_direct_transport *t)
+{
+ queue_work(smb_direct_wq, &t->disconnect_work);
+}
+
+static void smb_direct_send_immediate_work(struct work_struct *work)
+{
+ struct smb_direct_transport *t = container_of(work,
+ struct smb_direct_transport, send_immediate_work);
+
+ if (t->status != SMB_DIRECT_CS_CONNECTED)
+ return;
+
+ smb_direct_post_send_data(t, NULL, NULL, 0, 0);
+}
+
+static struct smb_direct_transport *alloc_transport(struct rdma_cm_id *cm_id)
+{
+ struct smb_direct_transport *t;
+ struct ksmbd_conn *conn;
+
+ t = kzalloc(sizeof(*t), GFP_KERNEL);
+ if (!t)
+ return NULL;
+
+ t->cm_id = cm_id;
+ cm_id->context = t;
+
+ t->status = SMB_DIRECT_CS_NEW;
+ init_waitqueue_head(&t->wait_status);
+
+ spin_lock_init(&t->reassembly_queue_lock);
+ INIT_LIST_HEAD(&t->reassembly_queue);
+ t->reassembly_data_length = 0;
+ t->reassembly_queue_length = 0;
+ init_waitqueue_head(&t->wait_reassembly_queue);
+ init_waitqueue_head(&t->wait_send_credits);
+ init_waitqueue_head(&t->wait_rw_avail_ops);
+
+ spin_lock_init(&t->receive_credit_lock);
+ spin_lock_init(&t->recvmsg_queue_lock);
+ INIT_LIST_HEAD(&t->recvmsg_queue);
+
+ spin_lock_init(&t->empty_recvmsg_queue_lock);
+ INIT_LIST_HEAD(&t->empty_recvmsg_queue);
+
+ init_waitqueue_head(&t->wait_send_payload_pending);
+ atomic_set(&t->send_payload_pending, 0);
+ init_waitqueue_head(&t->wait_send_pending);
+ atomic_set(&t->send_pending, 0);
+
+ spin_lock_init(&t->lock_new_recv_credits);
+
+ INIT_DELAYED_WORK(&t->post_recv_credits_work,
+ smb_direct_post_recv_credits);
+ INIT_WORK(&t->send_immediate_work, smb_direct_send_immediate_work);
+ INIT_WORK(&t->disconnect_work, smb_direct_disconnect_rdma_work);
+
+ conn = ksmbd_conn_alloc();
+ if (!conn)
+ goto err;
+ conn->transport = KSMBD_TRANS(t);
+ KSMBD_TRANS(t)->conn = conn;
+ KSMBD_TRANS(t)->ops = &ksmbd_smb_direct_transport_ops;
+ return t;
+err:
+ kfree(t);
+ return NULL;
+}
+
+static void free_transport(struct smb_direct_transport *t)
+{
+ struct smb_direct_recvmsg *recvmsg;
+
+ wake_up_interruptible(&t->wait_send_credits);
+
+ ksmbd_debug(RDMA, "wait for all send posted to IB to finish\n");
+ wait_event(t->wait_send_payload_pending,
+ atomic_read(&t->send_payload_pending) == 0);
+ wait_event(t->wait_send_pending,
+ atomic_read(&t->send_pending) == 0);
+
+ cancel_work_sync(&t->disconnect_work);
+ cancel_delayed_work_sync(&t->post_recv_credits_work);
+ cancel_work_sync(&t->send_immediate_work);
+
+ if (t->qp) {
+ ib_drain_qp(t->qp);
+ ib_destroy_qp(t->qp);
+ }
+
+ ksmbd_debug(RDMA, "drain the reassembly queue\n");
+ do {
+ spin_lock(&t->reassembly_queue_lock);
+ recvmsg = get_first_reassembly(t);
+ if (recvmsg) {
+ list_del(&recvmsg->list);
+ spin_unlock(
+ &t->reassembly_queue_lock);
+ put_recvmsg(t, recvmsg);
+ } else
+ spin_unlock(&t->reassembly_queue_lock);
+ } while (recvmsg);
+ t->reassembly_data_length = 0;
+
+ if (t->send_cq)
+ ib_free_cq(t->send_cq);
+ if (t->recv_cq)
+ ib_free_cq(t->recv_cq);
+ if (t->pd)
+ ib_dealloc_pd(t->pd);
+ if (t->cm_id)
+ rdma_destroy_id(t->cm_id);
+
+ smb_direct_destroy_pools(t);
+ ksmbd_conn_free(KSMBD_TRANS(t)->conn);
+ kfree(t);
+}
+
+static struct smb_direct_sendmsg
+*smb_direct_alloc_sendmsg(struct smb_direct_transport *t)
+{
+ struct smb_direct_sendmsg *msg;
+
+ msg = mempool_alloc(t->sendmsg_mempool, GFP_KERNEL);
+ if (!msg)
+ return ERR_PTR(-ENOMEM);
+ msg->transport = t;
+ INIT_LIST_HEAD(&msg->list);
+ msg->num_sge = 0;
+ return msg;
+}
+
+static void smb_direct_free_sendmsg(struct smb_direct_transport *t,
+ struct smb_direct_sendmsg *msg)
+{
+ int i;
+
+ if (msg->num_sge > 0) {
+ ib_dma_unmap_single(t->cm_id->device,
+ msg->sge[0].addr, msg->sge[0].length,
+ DMA_TO_DEVICE);
+ for (i = 1; i < msg->num_sge; i++)
+ ib_dma_unmap_page(t->cm_id->device,
+ msg->sge[i].addr, msg->sge[i].length,
+ DMA_TO_DEVICE);
+ }
+ mempool_free(msg, t->sendmsg_mempool);
+}
+
+static int smb_direct_check_recvmsg(struct smb_direct_recvmsg *recvmsg)
+{
+ switch (recvmsg->type) {
+ case SMB_DIRECT_MSG_DATA_TRANSFER: {
+ struct smb_direct_data_transfer *req =
+ (struct smb_direct_data_transfer *) recvmsg->packet;
+ struct smb2_hdr *hdr = (struct smb2_hdr *) (recvmsg->packet
+ + le32_to_cpu(req->data_offset) - 4);
+ ksmbd_debug(RDMA,
+ "CreditGranted: %u, CreditRequested: %u, DataLength: %u, RemaingDataLength: %u, SMB: %x, Command: %u\n",
+ le16_to_cpu(req->credits_granted),
+ le16_to_cpu(req->credits_requested),
+ req->data_length, req->remaining_data_length,
+ hdr->ProtocolId, hdr->Command);
+ break;
+ }
+ case SMB_DIRECT_MSG_NEGOTIATE_REQ: {
+ struct smb_direct_negotiate_req *req =
+ (struct smb_direct_negotiate_req *)recvmsg->packet;
+ ksmbd_debug(RDMA,
+ "MinVersion: %u, MaxVersion: %u, CreditRequested: %u, MaxSendSize: %u, MaxRecvSize: %u, MaxFragmentedSize: %u\n",
+ le16_to_cpu(req->min_version),
+ le16_to_cpu(req->max_version),
+ le16_to_cpu(req->credits_requested),
+ le32_to_cpu(req->preferred_send_size),
+ le32_to_cpu(req->max_receive_size),
+ le32_to_cpu(req->max_fragmented_size));
+ if (le16_to_cpu(req->min_version) > 0x0100 ||
+ le16_to_cpu(req->max_version) < 0x0100)
+ return -EOPNOTSUPP;
+ if (le16_to_cpu(req->credits_requested) <= 0 ||
+ le32_to_cpu(req->max_receive_size) <= 128 ||
+ le32_to_cpu(req->max_fragmented_size) <=
+ 128*1024)
+ return -ECONNABORTED;
+
+ break;
+ }
+ default:
+ return -EINVAL;
+ }
+ return 0;
+}
+
+static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
+{
+ struct smb_direct_recvmsg *recvmsg;
+ struct smb_direct_transport *t;
+
+ recvmsg = container_of(wc->wr_cqe, struct smb_direct_recvmsg, cqe);
+ t = recvmsg->transport;
+
+ if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_RECV) {
+ if (wc->status != IB_WC_WR_FLUSH_ERR) {
+ ksmbd_err("Recv error. status='%s (%d)' opcode=%d\n",
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
+ smb_direct_disconnect_rdma_connection(t);
+ }
+ put_empty_recvmsg(t, recvmsg);
+ return;
+ }
+
+ ksmbd_debug(RDMA, "Recv completed. status='%s (%d)', opcode=%d\n",
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
+
+ ib_dma_sync_single_for_cpu(wc->qp->device, recvmsg->sge.addr,
+ recvmsg->sge.length, DMA_FROM_DEVICE);
+
+ switch (recvmsg->type) {
+ case SMB_DIRECT_MSG_NEGOTIATE_REQ:
+ t->negotiation_requested = true;
+ t->full_packet_received = true;
+ wake_up_interruptible(&t->wait_status);
+ break;
+ case SMB_DIRECT_MSG_DATA_TRANSFER: {
+ struct smb_direct_data_transfer *data_transfer =
+ (struct smb_direct_data_transfer *)recvmsg->packet;
+ int data_length = le32_to_cpu(data_transfer->data_length);
+ int avail_recvmsg_count, receive_credits;
+
+ if (data_length) {
+ if (t->full_packet_received)
+ recvmsg->first_segment = true;
+
+ if (le32_to_cpu(data_transfer->remaining_data_length))
+ t->full_packet_received = false;
+ else
+ t->full_packet_received = true;
+
+ enqueue_reassembly(t, recvmsg, data_length);
+ wake_up_interruptible(&t->wait_reassembly_queue);
+
+ spin_lock(&t->receive_credit_lock);
+ receive_credits = --(t->recv_credits);
+ avail_recvmsg_count = t->count_avail_recvmsg;
+ spin_unlock(&t->receive_credit_lock);
+ } else {
+ put_empty_recvmsg(t, recvmsg);
+
+ spin_lock(&t->receive_credit_lock);
+ receive_credits = --(t->recv_credits);
+ avail_recvmsg_count = ++(t->count_avail_recvmsg);
+ spin_unlock(&t->receive_credit_lock);
+ }
+
+ t->recv_credit_target =
+ le16_to_cpu(data_transfer->credits_requested);
+ atomic_add(le16_to_cpu(data_transfer->credits_granted),
+ &t->send_credits);
+
+ if (le16_to_cpu(data_transfer->flags) &
+ SMB_DIRECT_RESPONSE_REQUESTED)
+ queue_work(smb_direct_wq, &t->send_immediate_work);
+
+ if (atomic_read(&t->send_credits) > 0)
+ wake_up_interruptible(&t->wait_send_credits);
+
+ if (is_receive_credit_post_required(receive_credits,
+ avail_recvmsg_count))
+ mod_delayed_work(smb_direct_wq,
+ &t->post_recv_credits_work, 0);
+ break;
+ }
+ default:
+ break;
+ }
+}
+
+static int smb_direct_post_recv(struct smb_direct_transport *t,
+ struct smb_direct_recvmsg *recvmsg)
+{
+ struct ib_recv_wr wr;
+ int ret;
+
+ recvmsg->sge.addr = ib_dma_map_single(t->cm_id->device,
+ recvmsg->packet, t->max_recv_size,
+ DMA_FROM_DEVICE);
+ ret = ib_dma_mapping_error(t->cm_id->device, recvmsg->sge.addr);
+ if (ret)
+ return ret;
+ recvmsg->sge.length = t->max_recv_size;
+ recvmsg->sge.lkey = t->pd->local_dma_lkey;
+ recvmsg->cqe.done = recv_done;
+
+ wr.wr_cqe = &recvmsg->cqe;
+ wr.next = NULL;
+ wr.sg_list = &recvmsg->sge;
+ wr.num_sge = 1;
+
+ ret = ib_post_recv(t->qp, &wr, NULL);
+ if (ret) {
+ ksmbd_err("Can't post recv: %d\n", ret);
+ ib_dma_unmap_single(t->cm_id->device,
+ recvmsg->sge.addr, recvmsg->sge.length,
+ DMA_FROM_DEVICE);
+ smb_direct_disconnect_rdma_connection(t);
+ return ret;
+ }
+ return ret;
+}
+
+static int smb_direct_read(struct ksmbd_transport *t, char *buf,
+ unsigned int size)
+{
+ struct smb_direct_recvmsg *recvmsg;
+ struct smb_direct_data_transfer *data_transfer;
+ int to_copy, to_read, data_read, offset;
+ u32 data_length, remaining_data_length, data_offset;
+ int rc;
+ struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+
+again:
+ if (st->status != SMB_DIRECT_CS_CONNECTED) {
+ ksmbd_err("disconnected\n");
+ return -ENOTCONN;
+ }
+
+ /*
+ * No need to hold the reassembly queue lock all the time as we are
+ * the only one reading from the front of the queue. The transport
+ * may add more entries to the back of the queue at the same time
+ */
+ if (st->reassembly_data_length >= size) {
+ int queue_length;
+ int queue_removed = 0;
+
+ /*
+ * Need to make sure reassembly_data_length is read before
+ * reading reassembly_queue_length and calling
+ * get_first_reassembly. This call is lock free
+ * as we never read at the end of the queue which are being
+ * updated in SOFTIRQ as more data is received
+ */
+ virt_rmb();
+ queue_length = st->reassembly_queue_length;
+ data_read = 0;
+ to_read = size;
+ offset = st->first_entry_offset;
+ while (data_read < size) {
+ recvmsg = get_first_reassembly(st);
+ data_transfer = smb_direct_recvmsg_payload(recvmsg);
+ data_length = le32_to_cpu(data_transfer->data_length);
+ remaining_data_length =
+ le32_to_cpu(
+ data_transfer->remaining_data_length);
+ data_offset = le32_to_cpu(data_transfer->data_offset);
+
+ /*
+ * The upper layer expects RFC1002 length at the
+ * beginning of the payload. Return it to indicate
+ * the total length of the packet. This minimize the
+ * change to upper layer packet processing logic. This
+ * will be eventually remove when an intermediate
+ * transport layer is added
+ */
+ if (recvmsg->first_segment && size == 4) {
+ unsigned int rfc1002_len =
+ data_length + remaining_data_length;
+ *((__be32 *)buf) = cpu_to_be32(rfc1002_len);
+ data_read = 4;
+ recvmsg->first_segment = false;
+ ksmbd_debug(RDMA,
+ "returning rfc1002 length %d\n",
+ rfc1002_len);
+ goto read_rfc1002_done;
+ }
+
+ to_copy = min_t(int, data_length - offset, to_read);
+ memcpy(
+ buf + data_read,
+ (char *)data_transfer + data_offset + offset,
+ to_copy);
+
+ /* move on to the next buffer? */
+ if (to_copy == data_length - offset) {
+ queue_length--;
+ /*
+ * No need to lock if we are not at the
+ * end of the queue
+ */
+ if (queue_length)
+ list_del(&recvmsg->list);
+ else {
+ spin_lock_irq(
+ &st->reassembly_queue_lock);
+ list_del(&recvmsg->list);
+ spin_unlock_irq(
+ &st->reassembly_queue_lock);
+ }
+ queue_removed++;
+ put_recvmsg(st, recvmsg);
+ offset = 0;
+ } else
+ offset += to_copy;
+
+ to_read -= to_copy;
+ data_read += to_copy;
+ }
+
+ spin_lock_irq(&st->reassembly_queue_lock);
+ st->reassembly_data_length -= data_read;
+ st->reassembly_queue_length -= queue_removed;
+ spin_unlock_irq(&st->reassembly_queue_lock);
+
+ spin_lock(&st->receive_credit_lock);
+ st->count_avail_recvmsg += queue_removed;
+ if (is_receive_credit_post_required(st->recv_credits,
+ st->count_avail_recvmsg)) {
+ spin_unlock(&st->receive_credit_lock);
+ mod_delayed_work(smb_direct_wq,
+ &st->post_recv_credits_work, 0);
+ } else
+ spin_unlock(&st->receive_credit_lock);
+
+ st->first_entry_offset = offset;
+ ksmbd_debug(RDMA,
+ "returning to thread data_read=%d reassembly_data_length=%d first_entry_offset=%d\n",
+ data_read, st->reassembly_data_length,
+ st->first_entry_offset);
+read_rfc1002_done:
+ return data_read;
+ }
+
+ ksmbd_debug(RDMA, "wait_event on more data\n");
+ rc = wait_event_interruptible(
+ st->wait_reassembly_queue,
+ st->reassembly_data_length >= size ||
+ st->status != SMB_DIRECT_CS_CONNECTED);
+ if (rc)
+ return -EINTR;
+
+ goto again;
+}
+
+static void smb_direct_post_recv_credits(struct work_struct *work)
+{
+ struct smb_direct_transport *t = container_of(work,
+ struct smb_direct_transport, post_recv_credits_work.work);
+ struct smb_direct_recvmsg *recvmsg;
+ int receive_credits, credits = 0;
+ int ret;
+ int use_free = 1;
+
+ spin_lock(&t->receive_credit_lock);
+ receive_credits = t->recv_credits;
+ spin_unlock(&t->receive_credit_lock);
+
+ if (receive_credits < t->recv_credit_target) {
+ while (true) {
+ if (use_free)
+ recvmsg = get_free_recvmsg(t);
+ else
+ recvmsg = get_empty_recvmsg(t);
+ if (!recvmsg) {
+ if (use_free) {
+ use_free = 0;
+ continue;
+ } else
+ break;
+ }
+
+ recvmsg->type = SMB_DIRECT_MSG_DATA_TRANSFER;
+ recvmsg->first_segment = false;
+
+ ret = smb_direct_post_recv(t, recvmsg);
+ if (ret) {
+ ksmbd_err("Can't post recv: %d\n", ret);
+ put_recvmsg(t, recvmsg);
+ break;
+ }
+ credits++;
+ }
+ }
+
+ spin_lock(&t->receive_credit_lock);
+ t->recv_credits += credits;
+ t->count_avail_recvmsg -= credits;
+ spin_unlock(&t->receive_credit_lock);
+
+ spin_lock(&t->lock_new_recv_credits);
+ t->new_recv_credits += credits;
+ spin_unlock(&t->lock_new_recv_credits);
+
+ if (credits)
+ queue_work(smb_direct_wq, &t->send_immediate_work);
+}
+
+static void send_done(struct ib_cq *cq, struct ib_wc *wc)
+{
+ struct smb_direct_sendmsg *sendmsg, *sibling;
+ struct smb_direct_transport *t;
+ struct list_head *pos, *prev, *end;
+
+ sendmsg = container_of(wc->wr_cqe, struct smb_direct_sendmsg, cqe);
+ t = sendmsg->transport;
+
+ ksmbd_debug(RDMA, "Send completed. status='%s (%d)', opcode=%d\n",
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
+
+ if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
+ ksmbd_err("Send error. status='%s (%d)', opcode=%d\n",
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
+ smb_direct_disconnect_rdma_connection(t);
+ }
+
+ if (sendmsg->num_sge > 1) {
+ if (atomic_dec_and_test(&t->send_payload_pending))
+ wake_up(&t->wait_send_payload_pending);
+ } else {
+ if (atomic_dec_and_test(&t->send_pending))
+ wake_up(&t->wait_send_pending);
+ }
+
+ /* iterate and free the list of messages in reverse. the list's head
+ * is invalid.
+ */
+ for (pos = &sendmsg->list, prev = pos->prev, end = sendmsg->list.next;
+ prev != end; pos = prev, prev = prev->prev) {
+ sibling = container_of(pos, struct smb_direct_sendmsg, list);
+ smb_direct_free_sendmsg(t, sibling);
+ }
+
+ sibling = container_of(pos, struct smb_direct_sendmsg, list);
+ smb_direct_free_sendmsg(t, sibling);
+}
+
+static int manage_credits_prior_sending(struct smb_direct_transport *t)
+{
+ int new_credits;
+
+ spin_lock(&t->lock_new_recv_credits);
+ new_credits = t->new_recv_credits;
+ t->new_recv_credits = 0;
+ spin_unlock(&t->lock_new_recv_credits);
+
+ return new_credits;
+}
+
+static int smb_direct_post_send(struct smb_direct_transport *t,
+ struct ib_send_wr *wr)
+{
+ int ret;
+
+ if (wr->num_sge > 1)
+ atomic_inc(&t->send_payload_pending);
+ else
+ atomic_inc(&t->send_pending);
+
+ ret = ib_post_send(t->qp, wr, NULL);
+ if (ret) {
+ ksmbd_err("failed to post send: %d\n", ret);
+ if (wr->num_sge > 1) {
+ if (atomic_dec_and_test(&t->send_payload_pending))
+ wake_up(&t->wait_send_payload_pending);
+ } else {
+ if (atomic_dec_and_test(&t->send_pending))
+ wake_up(&t->wait_send_pending);
+ }
+ smb_direct_disconnect_rdma_connection(t);
+ }
+ return ret;
+}
+
+static void smb_direct_send_ctx_init(struct smb_direct_transport *t,
+ struct smb_direct_send_ctx *send_ctx,
+ bool need_invalidate_rkey, unsigned int remote_key)
+{
+ INIT_LIST_HEAD(&send_ctx->msg_list);
+ send_ctx->wr_cnt = 0;
+ send_ctx->need_invalidate_rkey = need_invalidate_rkey;
+ send_ctx->remote_key = remote_key;
+}
+
+static int smb_direct_flush_send_list(struct smb_direct_transport *t,
+ struct smb_direct_send_ctx *send_ctx, bool is_last)
+{
+ struct smb_direct_sendmsg *first, *last;
+ int ret;
+
+ if (list_empty(&send_ctx->msg_list))
+ return 0;
+
+ first = list_first_entry(&send_ctx->msg_list,
+ struct smb_direct_sendmsg,
+ list);
+ last = list_last_entry(&send_ctx->msg_list,
+ struct smb_direct_sendmsg,
+ list);
+
+ last->wr.send_flags = IB_SEND_SIGNALED;
+ last->wr.wr_cqe = &last->cqe;
+ if (is_last && send_ctx->need_invalidate_rkey) {
+ last->wr.opcode = IB_WR_SEND_WITH_INV;
+ last->wr.ex.invalidate_rkey = send_ctx->remote_key;
+ }
+
+ ret = smb_direct_post_send(t, &first->wr);
+ if (!ret) {
+ smb_direct_send_ctx_init(t, send_ctx,
+ send_ctx->need_invalidate_rkey, send_ctx->remote_key);
+ } else {
+ atomic_add(send_ctx->wr_cnt, &t->send_credits);
+ wake_up(&t->wait_send_credits);
+ list_for_each_entry_safe(first, last, &send_ctx->msg_list,
+ list) {
+ smb_direct_free_sendmsg(t, first);
+ }
+ }
+ return ret;
+}
+
+static int wait_for_credits(struct smb_direct_transport *t,
+ wait_queue_head_t *waitq, atomic_t *credits)
+{
+ int ret;
+
+ do {
+ if (atomic_dec_return(credits) >= 0)
+ return 0;
+
+ atomic_inc(credits);
+ ret = wait_event_interruptible(*waitq,
+ atomic_read(credits) > 0 ||
+ t->status != SMB_DIRECT_CS_CONNECTED);
+
+ if (t->status != SMB_DIRECT_CS_CONNECTED)
+ return -ENOTCONN;
+ else if (ret < 0)
+ return ret;
+ } while (true);
+}
+
+static int wait_for_send_credits(struct smb_direct_transport *t,
+ struct smb_direct_send_ctx *send_ctx)
+{
+ int ret;
+
+ if (send_ctx && (send_ctx->wr_cnt >= 16 ||
+ atomic_read(&t->send_credits) <= 1)) {
+ ret = smb_direct_flush_send_list(t, send_ctx, false);
+ if (ret)
+ return ret;
+ }
+
+ return wait_for_credits(t, &t->wait_send_credits, &t->send_credits);
+}
+
+static int smb_direct_create_header(struct smb_direct_transport *t,
+ int size, int remaining_data_length,
+ struct smb_direct_sendmsg **sendmsg_out)
+{
+ struct smb_direct_sendmsg *sendmsg;
+ struct smb_direct_data_transfer *packet;
+ int header_length;
+ int ret;
+
+ sendmsg = smb_direct_alloc_sendmsg(t);
+ if (!sendmsg)
+ return -ENOMEM;
+
+ /* Fill in the packet header */
+ packet = (struct smb_direct_data_transfer *)sendmsg->packet;
+ packet->credits_requested = cpu_to_le16(t->send_credit_target);
+ packet->credits_granted = cpu_to_le16(manage_credits_prior_sending(t));
+
+ packet->flags = 0;
+ packet->reserved = 0;
+ if (!size)
+ packet->data_offset = 0;
+ else
+ packet->data_offset = cpu_to_le32(24);
+ packet->data_length = cpu_to_le32(size);
+ packet->remaining_data_length = cpu_to_le32(remaining_data_length);
+ packet->padding = 0;
+
+ ksmbd_debug(RDMA,
+ "credits_requested=%d credits_granted=%d data_offset=%d data_length=%d remaining_data_length=%d\n",
+ le16_to_cpu(packet->credits_requested),
+ le16_to_cpu(packet->credits_granted),
+ le32_to_cpu(packet->data_offset),
+ le32_to_cpu(packet->data_length),
+ le32_to_cpu(packet->remaining_data_length));
+
+ /* Map the packet to DMA */
+ header_length = sizeof(struct smb_direct_data_transfer);
+ /* If this is a packet without payload, don't send padding */
+ if (!size)
+ header_length =
+ offsetof(struct smb_direct_data_transfer, padding);
+
+ sendmsg->sge[0].addr = ib_dma_map_single(t->cm_id->device,
+ (void *)packet,
+ header_length,
+ DMA_TO_DEVICE);
+ ret = ib_dma_mapping_error(t->cm_id->device, sendmsg->sge[0].addr);
+ if (ret) {
+ smb_direct_free_sendmsg(t, sendmsg);
+ return ret;
+ }
+
+ sendmsg->num_sge = 1;
+ sendmsg->sge[0].length = header_length;
+ sendmsg->sge[0].lkey = t->pd->local_dma_lkey;
+
+ *sendmsg_out = sendmsg;
+ return 0;
+}
+
+static int get_sg_list(void *buf, int size,
+ struct scatterlist *sg_list, int nentries)
+{
+ bool high = is_vmalloc_addr(buf);
+ struct page *page;
+ int offset, len;
+ int i = 0;
+
+ if (nentries < BUFFER_NR_PAGES(buf, size))
+ return -EINVAL;
+
+ offset = offset_in_page(buf);
+ buf -= offset;
+ while (size > 0) {
+ len = min_t(int, PAGE_SIZE - offset, size);
+ if (high)
+ page = vmalloc_to_page(buf);
+ else
+ page = kmap_to_page(buf);
+
+ if (!sg_list)
+ return -EINVAL;
+ sg_set_page(sg_list, page, len, offset);
+ sg_list = sg_next(sg_list);
+
+ buf += PAGE_SIZE;
+ size -= len;
+ offset = 0;
+ i++;
+ }
+ return i;
+}
+
+static int get_mapped_sg_list(struct ib_device *device, void *buf, int size,
+ struct scatterlist *sg_list, int nentries,
+ enum dma_data_direction dir)
+{
+ int npages;
+
+ npages = get_sg_list(buf, size, sg_list, nentries);
+ if (npages <= 0)
+ return -EINVAL;
+ return ib_dma_map_sg(device, sg_list, npages, dir);
+}
+
+static int post_sendmsg(struct smb_direct_transport *t,
+ struct smb_direct_send_ctx *send_ctx,
+ struct smb_direct_sendmsg *msg)
+{
+ int i;
+
+ for (i = 0; i < msg->num_sge; i++)
+ ib_dma_sync_single_for_device(t->cm_id->device,
+ msg->sge[i].addr, msg->sge[i].length,
+ DMA_TO_DEVICE);
+
+ msg->cqe.done = send_done;
+ msg->wr.opcode = IB_WR_SEND;
+ msg->wr.sg_list = &msg->sge[0];
+ msg->wr.num_sge = msg->num_sge;
+ msg->wr.next = NULL;
+
+ if (send_ctx) {
+ msg->wr.wr_cqe = NULL;
+ msg->wr.send_flags = 0;
+ if (!list_empty(&send_ctx->msg_list)) {
+ struct smb_direct_sendmsg *last;
+
+ last = list_last_entry(&send_ctx->msg_list,
+ struct smb_direct_sendmsg,
+ list);
+ last->wr.next = &msg->wr;
+ }
+ list_add_tail(&msg->list, &send_ctx->msg_list);
+ send_ctx->wr_cnt++;
+ return 0;
+ }
+
+ msg->wr.wr_cqe = &msg->cqe;
+ msg->wr.send_flags = IB_SEND_SIGNALED;
+ return smb_direct_post_send(t, &msg->wr);
+}
+
+static int smb_direct_post_send_data(struct smb_direct_transport *t,
+ struct smb_direct_send_ctx *send_ctx,
+ struct kvec *iov, int niov, int remaining_data_length)
+{
+ int i, j, ret;
+ struct smb_direct_sendmsg *msg;
+ int data_length;
+ struct scatterlist sg[SMB_DIRECT_MAX_SEND_SGES-1];
+
+ ret = wait_for_send_credits(t, send_ctx);
+ if (ret)
+ return ret;
+
+ data_length = 0;
+ for (i = 0; i < niov; i++)
+ data_length += iov[i].iov_len;
+
+ ret = smb_direct_create_header(t, data_length, remaining_data_length,
+ &msg);
+ if (ret) {
+ atomic_inc(&t->send_credits);
+ return ret;
+ }
+
+ for (i = 0; i < niov; i++) {
+ struct ib_sge *sge;
+ int sg_cnt;
+
+ sg_init_table(sg, SMB_DIRECT_MAX_SEND_SGES-1);
+ sg_cnt = get_mapped_sg_list(t->cm_id->device,
+ iov[i].iov_base, iov[i].iov_len,
+ sg, SMB_DIRECT_MAX_SEND_SGES-1, DMA_TO_DEVICE);
+ if (sg_cnt <= 0) {
+ ksmbd_err("failed to map buffer\n");
+ goto err;
+ } else if (sg_cnt + msg->num_sge > SMB_DIRECT_MAX_SEND_SGES-1) {
+ ksmbd_err("buffer not fitted into sges\n");
+ ret = -E2BIG;
+ ib_dma_unmap_sg(t->cm_id->device, sg, sg_cnt,
+ DMA_TO_DEVICE);
+ goto err;
+ }
+
+ for (j = 0; j < sg_cnt; j++) {
+ sge = &msg->sge[msg->num_sge];
+ sge->addr = sg_dma_address(&sg[j]);
+ sge->length = sg_dma_len(&sg[j]);
+ sge->lkey = t->pd->local_dma_lkey;
+ msg->num_sge++;
+ }
+ }
+
+ ret = post_sendmsg(t, send_ctx, msg);
+ if (ret)
+ goto err;
+ return 0;
+err:
+ smb_direct_free_sendmsg(t, msg);
+ atomic_inc(&t->send_credits);
+ return ret;
+}
+
+static int smb_direct_writev(struct ksmbd_transport *t,
+ struct kvec *iov, int niovs, int buflen,
+ bool need_invalidate, unsigned int remote_key)
+{
+ struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+ int remaining_data_length;
+ int start, i, j;
+ int max_iov_size = st->max_send_size -
+ sizeof(struct smb_direct_data_transfer);
+ int ret;
+ struct kvec vec;
+ struct smb_direct_send_ctx send_ctx;
+
+ if (st->status != SMB_DIRECT_CS_CONNECTED) {
+ ret = -ENOTCONN;
+ goto done;
+ }
+
+ //FIXME: skip RFC1002 header..
+ buflen -= 4;
+ iov[0].iov_base += 4;
+ iov[0].iov_len -= 4;
+
+ remaining_data_length = buflen;
+ ksmbd_debug(RDMA, "Sending smb (RDMA): smb_len=%u\n", buflen);
+
+ smb_direct_send_ctx_init(st, &send_ctx, need_invalidate, remote_key);
+ start = i = 0;
+ buflen = 0;
+ while (true) {
+ buflen += iov[i].iov_len;
+ if (buflen > max_iov_size) {
+ if (i > start) {
+ remaining_data_length -=
+ (buflen-iov[i].iov_len);
+ ret = smb_direct_post_send_data(st, &send_ctx,
+ &iov[start], i-start,
+ remaining_data_length);
+ if (ret)
+ goto done;
+ } else {
+ /* iov[start] is too big, break it */
+ int nvec = (buflen+max_iov_size-1) /
+ max_iov_size;
+
+ for (j = 0; j < nvec; j++) {
+ vec.iov_base =
+ (char *)iov[start].iov_base +
+ j*max_iov_size;
+ vec.iov_len =
+ min_t(int, max_iov_size,
+ buflen - max_iov_size*j);
+ remaining_data_length -= vec.iov_len;
+ ret = smb_direct_post_send_data(st,
+ &send_ctx, &vec, 1,
+ remaining_data_length);
+ if (ret)
+ goto done;
+ }
+ i++;
+ if (i == niovs)
+ break;
+ }
+ start = i;
+ buflen = 0;
+ } else {
+ i++;
+ if (i == niovs) {
+ /* send out all remaining vecs */
+ remaining_data_length -= buflen;
+ ret = smb_direct_post_send_data(st, &send_ctx,
+ &iov[start], i-start,
+ remaining_data_length);
+ if (ret)
+ goto done;
+ break;
+ }
+ }
+ }
+
+done:
+ ret = smb_direct_flush_send_list(st, &send_ctx, true);
+
+ /*
+ * As an optimization, we don't wait for individual I/O to finish
+ * before sending the next one.
+ * Send them all and wait for pending send count to get to 0
+ * that means all the I/Os have been out and we are good to return
+ */
+
+ wait_event(st->wait_send_payload_pending,
+ atomic_read(&st->send_payload_pending) == 0);
+ return ret;
+}
+
+static void read_write_done(struct ib_cq *cq, struct ib_wc *wc,
+ enum dma_data_direction dir)
+{
+ struct smb_direct_rdma_rw_msg *msg = container_of(wc->wr_cqe,
+ struct smb_direct_rdma_rw_msg, cqe);
+ struct smb_direct_transport *t = msg->t;
+
+ if (wc->status != IB_WC_SUCCESS) {
+ ksmbd_err("read/write error. opcode = %d, status = %s(%d)\n",
+ wc->opcode, ib_wc_status_msg(wc->status), wc->status);
+ smb_direct_disconnect_rdma_connection(t);
+ }
+
+ if (atomic_inc_return(&t->rw_avail_ops) > 0)
+ wake_up(&t->wait_rw_avail_ops);
+
+ rdma_rw_ctx_destroy(&msg->rw_ctx, t->qp, t->qp->port,
+ msg->sg_list, msg->sgt.nents, dir);
+ sg_free_table_chained(&msg->sgt, SG_CHUNK_SIZE);
+ complete(msg->completion);
+ kfree(msg);
+}
+
+static void read_done(struct ib_cq *cq, struct ib_wc *wc)
+{
+ read_write_done(cq, wc, DMA_FROM_DEVICE);
+}
+
+static void write_done(struct ib_cq *cq, struct ib_wc *wc)
+{
+ read_write_done(cq, wc, DMA_TO_DEVICE);
+}
+
+static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
+ int buf_len, u32 remote_key, u64 remote_offset, u32 remote_len,
+ bool is_read)
+{
+ struct smb_direct_rdma_rw_msg *msg;
+ int ret;
+ DECLARE_COMPLETION_ONSTACK(completion);
+ struct ib_send_wr *first_wr = NULL;
+
+ ret = wait_for_credits(t, &t->wait_rw_avail_ops, &t->rw_avail_ops);
+ if (ret < 0)
+ return ret;
+
+ /* TODO: mempool */
+ msg = kmalloc(offsetof(struct smb_direct_rdma_rw_msg, sg_list) +
+ sizeof(struct scatterlist) * SG_CHUNK_SIZE, GFP_KERNEL);
+ if (!msg) {
+ atomic_inc(&t->rw_avail_ops);
+ return -ENOMEM;
+ }
+
+ msg->sgt.sgl = &msg->sg_list[0];
+ ret = sg_alloc_table_chained(&msg->sgt,
+ BUFFER_NR_PAGES(buf, buf_len),
+ msg->sg_list, SG_CHUNK_SIZE);
+ if (ret) {
+ atomic_inc(&t->rw_avail_ops);
+ kfree(msg);
+ return -ENOMEM;
+ }
+
+ ret = get_sg_list(buf, buf_len, msg->sgt.sgl, msg->sgt.orig_nents);
+ if (ret <= 0) {
+ ksmbd_err("failed to get pages\n");
+ goto err;
+ }
+
+ ret = rdma_rw_ctx_init(&msg->rw_ctx, t->qp, t->qp->port,
+ msg->sg_list, BUFFER_NR_PAGES(buf, buf_len),
+ 0, remote_offset, remote_key,
+ is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
+ if (ret < 0) {
+ ksmbd_err("failed to init rdma_rw_ctx: %d\n", ret);
+ goto err;
+ }
+
+ msg->t = t;
+ msg->cqe.done = is_read ? read_done : write_done;
+ msg->completion = &completion;
+ first_wr = rdma_rw_ctx_wrs(&msg->rw_ctx, t->qp, t->qp->port,
+ &msg->cqe, NULL);
+
+ ret = ib_post_send(t->qp, first_wr, NULL);
+ if (ret) {
+ ksmbd_err("failed to post send wr: %d\n", ret);
+ goto err;
+ }
+
+ wait_for_completion(&completion);
+ return 0;
+
+err:
+ atomic_inc(&t->rw_avail_ops);
+ if (first_wr)
+ rdma_rw_ctx_destroy(&msg->rw_ctx, t->qp, t->qp->port,
+ msg->sg_list, msg->sgt.nents,
+ is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
+ sg_free_table_chained(&msg->sgt, SG_CHUNK_SIZE);
+ kfree(msg);
+ return ret;
+
+}
+
+static int smb_direct_rdma_write(struct ksmbd_transport *t,
+ void *buf, unsigned int buflen,
+ u32 remote_key, u64 remote_offset,
+ u32 remote_len)
+{
+ return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
+ remote_key, remote_offset,
+ remote_len, false);
+}
+
+static int smb_direct_rdma_read(struct ksmbd_transport *t,
+ void *buf, unsigned int buflen,
+ u32 remote_key, u64 remote_offset,
+ u32 remote_len)
+{
+ return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
+ remote_key, remote_offset,
+ remote_len, true);
+}
+
+static void smb_direct_disconnect(struct ksmbd_transport *t)
+{
+ struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+
+ ksmbd_debug(RDMA, "Disconnecting cm_id=%p\n", st->cm_id);
+
+ smb_direct_disconnect_rdma_connection(st);
+ wait_event_interruptible(st->wait_status,
+ st->status == SMB_DIRECT_CS_DISCONNECTED);
+ free_transport(st);
+}
+
+static int smb_direct_cm_handler(struct rdma_cm_id *cm_id,
+ struct rdma_cm_event *event)
+{
+ struct smb_direct_transport *t = cm_id->context;
+
+ ksmbd_debug(RDMA, "RDMA CM event. cm_id=%p event=%s (%d)\n",
+ cm_id, rdma_event_msg(event->event), event->event);
+
+ switch (event->event) {
+ case RDMA_CM_EVENT_ESTABLISHED: {
+ t->status = SMB_DIRECT_CS_CONNECTED;
+ wake_up_interruptible(&t->wait_status);
+ break;
+ }
+ case RDMA_CM_EVENT_DEVICE_REMOVAL:
+ case RDMA_CM_EVENT_DISCONNECTED: {
+ t->status = SMB_DIRECT_CS_DISCONNECTED;
+ wake_up_interruptible(&t->wait_status);
+ wake_up_interruptible(&t->wait_reassembly_queue);
+ wake_up(&t->wait_send_credits);
+ break;
+ }
+ case RDMA_CM_EVENT_CONNECT_ERROR: {
+ t->status = SMB_DIRECT_CS_DISCONNECTED;
+ wake_up_interruptible(&t->wait_status);
+ break;
+ }
+ default:
+ ksmbd_err("Unexpected RDMA CM event. cm_id=%p, event=%s (%d)\n",
+ cm_id, rdma_event_msg(event->event),
+ event->event);
+ break;
+ }
+ return 0;
+}
+
+static void smb_direct_qpair_handler(struct ib_event *event, void *context)
+{
+ struct smb_direct_transport *t = context;
+
+ ksmbd_debug(RDMA, "Received QP event. cm_id=%p, event=%s (%d)\n",
+ t->cm_id, ib_event_msg(event->event), event->event);
+
+ switch (event->event) {
+ case IB_EVENT_CQ_ERR:
+ case IB_EVENT_QP_FATAL:
+ smb_direct_disconnect_rdma_connection(t);
+ break;
+ default:
+ break;
+ }
+}
+
+static int smb_direct_send_negotiate_response(struct smb_direct_transport *t,
+ int failed)
+{
+ struct smb_direct_sendmsg *sendmsg;
+ struct smb_direct_negotiate_resp *resp;
+ int ret;
+
+ sendmsg = smb_direct_alloc_sendmsg(t);
+ if (IS_ERR(sendmsg))
+ return -ENOMEM;
+
+ resp = (struct smb_direct_negotiate_resp *)sendmsg->packet;
+ if (failed) {
+ memset(resp, 0, sizeof(*resp));
+ resp->min_version = cpu_to_le16(0x0100);
+ resp->max_version = cpu_to_le16(0x0100);
+ resp->status = STATUS_NOT_SUPPORTED;
+ } else {
+ resp->status = STATUS_SUCCESS;
+ resp->min_version = SMB_DIRECT_VERSION_LE;
+ resp->max_version = SMB_DIRECT_VERSION_LE;
+ resp->negotiated_version = SMB_DIRECT_VERSION_LE;
+ resp->reserved = 0;
+ resp->credits_requested =
+ cpu_to_le16(t->send_credit_target);
+ resp->credits_granted = cpu_to_le16(
+ manage_credits_prior_sending(t));
+ resp->max_readwrite_size = cpu_to_le32(t->max_rdma_rw_size);
+ resp->preferred_send_size = cpu_to_le32(t->max_send_size);
+ resp->max_receive_size = cpu_to_le32(t->max_recv_size);
+ resp->max_fragmented_size =
+ cpu_to_le32(t->max_fragmented_recv_size);
+ }
+
+ sendmsg->sge[0].addr = ib_dma_map_single(t->cm_id->device,
+ (void *)resp, sizeof(*resp), DMA_TO_DEVICE);
+ ret = ib_dma_mapping_error(t->cm_id->device,
+ sendmsg->sge[0].addr);
+ if (ret) {
+ smb_direct_free_sendmsg(t, sendmsg);
+ return ret;
+ }
+
+ sendmsg->num_sge = 1;
+ sendmsg->sge[0].length = sizeof(*resp);
+ sendmsg->sge[0].lkey = t->pd->local_dma_lkey;
+
+ ret = post_sendmsg(t, NULL, sendmsg);
+ if (ret) {
+ smb_direct_free_sendmsg(t, sendmsg);
+ return ret;
+ }
+
+ wait_event(t->wait_send_pending,
+ atomic_read(&t->send_pending) == 0);
+ return 0;
+}
+
+static int smb_direct_accept_client(struct smb_direct_transport *t)
+{
+ struct rdma_conn_param conn_param;
+ struct ib_port_immutable port_immutable;
+ u32 ird_ord_hdr[2];
+ int ret;
+
+ memset(&conn_param, 0, sizeof(conn_param));
+ conn_param.initiator_depth = min_t(u8,
+ t->cm_id->device->attrs.max_qp_rd_atom,
+ SMB_DIRECT_CM_INITIATOR_DEPTH);
+ conn_param.responder_resources = 0;
+
+ t->cm_id->device->ops.get_port_immutable(t->cm_id->device,
+ t->cm_id->port_num, &port_immutable);
+ if (port_immutable.core_cap_flags & RDMA_CORE_PORT_IWARP) {
+ ird_ord_hdr[0] = conn_param.responder_resources;
+ ird_ord_hdr[1] = 1;
+ conn_param.private_data = ird_ord_hdr;
+ conn_param.private_data_len = sizeof(ird_ord_hdr);
+ } else {
+ conn_param.private_data = NULL;
+ conn_param.private_data_len = 0;
+ }
+ conn_param.retry_count = SMB_DIRECT_CM_RETRY;
+ conn_param.rnr_retry_count = SMB_DIRECT_CM_RNR_RETRY;
+ conn_param.flow_control = 0;
+
+ ret = rdma_accept(t->cm_id, &conn_param);
+ if (ret) {
+ ksmbd_err("error at rdma_accept: %d\n", ret);
+ return ret;
+ }
+
+ wait_event_interruptible(t->wait_status,
+ t->status != SMB_DIRECT_CS_NEW);
+ if (t->status != SMB_DIRECT_CS_CONNECTED)
+ return -ENOTCONN;
+ return 0;
+}
+
+static int smb_direct_negotiate(struct smb_direct_transport *t)
+{
+ int ret;
+ struct smb_direct_recvmsg *recvmsg;
+ struct smb_direct_negotiate_req *req;
+
+ recvmsg = get_free_recvmsg(t);
+ if (!recvmsg)
+ return -ENOMEM;
+ recvmsg->type = SMB_DIRECT_MSG_NEGOTIATE_REQ;
+
+ ret = smb_direct_post_recv(t, recvmsg);
+ if (ret) {
+ ksmbd_err("Can't post recv: %d\n", ret);
+ goto out;
+ }
+
+ t->negotiation_requested = false;
+ ret = smb_direct_accept_client(t);
+ if (ret) {
+ ksmbd_err("Can't accept client\n");
+ goto out;
+ }
+
+ smb_direct_post_recv_credits(&t->post_recv_credits_work.work);
+
+ ksmbd_debug(RDMA, "Waiting for SMB_DIRECT negotiate request\n");
+ ret = wait_event_interruptible_timeout(t->wait_status,
+ t->negotiation_requested ||
+ t->status == SMB_DIRECT_CS_DISCONNECTED,
+ SMB_DIRECT_NEGOTIATE_TIMEOUT * HZ);
+ if (ret <= 0 || t->status == SMB_DIRECT_CS_DISCONNECTED) {
+ ret = ret < 0 ? ret : -ETIMEDOUT;
+ goto out;
+ }
+
+ ret = smb_direct_check_recvmsg(recvmsg);
+ if (ret == -ECONNABORTED)
+ goto out;
+
+ req = (struct smb_direct_negotiate_req *)recvmsg->packet;
+ t->max_recv_size = min_t(int, t->max_recv_size,
+ le32_to_cpu(req->preferred_send_size));
+ t->max_send_size = min_t(int, t->max_send_size,
+ le32_to_cpu(req->max_receive_size));
+ t->max_fragmented_send_size =
+ le32_to_cpu(req->max_fragmented_size);
+
+ ret = smb_direct_send_negotiate_response(t, ret);
+out:
+ if (recvmsg)
+ put_recvmsg(t, recvmsg);
+ return ret;
+}
+
+static int smb_direct_init_params(struct smb_direct_transport *t,
+ struct ib_qp_cap *cap)
+{
+ struct ib_device *device = t->cm_id->device;
+ int max_send_sges, max_pages, max_rw_wrs, max_send_wrs;
+
+ /* need 2 more sge. because a SMB_DIRECT header will be mapped,
+ * and maybe a send buffer could be not page aligned.
+ */
+ t->max_send_size = smb_direct_max_send_size;
+ max_send_sges = DIV_ROUND_UP(t->max_send_size, PAGE_SIZE) + 2;
+ if (max_send_sges > SMB_DIRECT_MAX_SEND_SGES) {
+ ksmbd_err("max_send_size %d is too large\n", t->max_send_size);
+ return -EINVAL;
+ }
+
+ /*
+ * allow smb_direct_max_outstanding_rw_ops of in-flight RDMA
+ * read/writes. HCA guarantees at least max_send_sge of sges for
+ * a RDMA read/write work request, and if memory registration is used,
+ * we need reg_mr, local_inv wrs for each read/write.
+ */
+ t->max_rdma_rw_size = smb_direct_max_read_write_size;
+ max_pages = DIV_ROUND_UP(t->max_rdma_rw_size, PAGE_SIZE) + 1;
+ max_rw_wrs = DIV_ROUND_UP(max_pages, SMB_DIRECT_MAX_SEND_SGES);
+ max_rw_wrs += rdma_rw_mr_factor(device, t->cm_id->port_num,
+ max_pages) * 2;
+ max_rw_wrs *= smb_direct_max_outstanding_rw_ops;
+
+ max_send_wrs = smb_direct_send_credit_target + max_rw_wrs;
+ if (max_send_wrs > device->attrs.max_cqe ||
+ max_send_wrs > device->attrs.max_qp_wr) {
+ ksmbd_err("consider lowering send_credit_target = %d, or max_outstanding_rw_ops = %d\n",
+ smb_direct_send_credit_target,
+ smb_direct_max_outstanding_rw_ops);
+ ksmbd_err("Possible CQE overrun, device reporting max_cqe %d max_qp_wr %d\n",
+ device->attrs.max_cqe, device->attrs.max_qp_wr);
+ return -EINVAL;
+ }
+
+ if (smb_direct_receive_credit_max > device->attrs.max_cqe ||
+ smb_direct_receive_credit_max > device->attrs.max_qp_wr) {
+ ksmbd_err("consider lowering receive_credit_max = %d\n",
+ smb_direct_receive_credit_max);
+ ksmbd_err("Possible CQE overrun, device reporting max_cpe %d max_qp_wr %d\n",
+ device->attrs.max_cqe, device->attrs.max_qp_wr);
+ return -EINVAL;
+ }
+
+ if (device->attrs.max_send_sge < SMB_DIRECT_MAX_SEND_SGES) {
+ ksmbd_err("warning: device max_send_sge = %d too small\n",
+ device->attrs.max_send_sge);
+ return -EINVAL;
+ }
+ if (device->attrs.max_recv_sge < SMB_DIRECT_MAX_RECV_SGES) {
+ ksmbd_err("warning: device max_recv_sge = %d too small\n",
+ device->attrs.max_recv_sge);
+ return -EINVAL;
+ }
+
+ t->recv_credits = 0;
+ t->count_avail_recvmsg = 0;
+
+ t->recv_credit_max = smb_direct_receive_credit_max;
+ t->recv_credit_target = 10;
+ t->new_recv_credits = 0;
+
+ t->send_credit_target = smb_direct_send_credit_target;
+ atomic_set(&t->send_credits, 0);
+ atomic_set(&t->rw_avail_ops, smb_direct_max_outstanding_rw_ops);
+
+ t->max_send_size = smb_direct_max_send_size;
+ t->max_recv_size = smb_direct_max_receive_size;
+ t->max_fragmented_recv_size = smb_direct_max_fragmented_recv_size;
+
+ cap->max_send_wr = max_send_wrs;
+ cap->max_recv_wr = t->recv_credit_max;
+ cap->max_send_sge = SMB_DIRECT_MAX_SEND_SGES;
+ cap->max_recv_sge = SMB_DIRECT_MAX_RECV_SGES;
+ cap->max_inline_data = 0;
+ cap->max_rdma_ctxs = 0;
+ return 0;
+}
+
+static void smb_direct_destroy_pools(struct smb_direct_transport *t)
+{
+ struct smb_direct_recvmsg *recvmsg;
+
+ while ((recvmsg = get_free_recvmsg(t)))
+ mempool_free(recvmsg, t->recvmsg_mempool);
+ while ((recvmsg = get_empty_recvmsg(t)))
+ mempool_free(recvmsg, t->recvmsg_mempool);
+
+ mempool_destroy(t->recvmsg_mempool);
+ t->recvmsg_mempool = NULL;
+
+ kmem_cache_destroy(t->recvmsg_cache);
+ t->recvmsg_cache = NULL;
+
+ mempool_destroy(t->sendmsg_mempool);
+ t->sendmsg_mempool = NULL;
+
+ kmem_cache_destroy(t->sendmsg_cache);
+ t->sendmsg_cache = NULL;
+}
+
+static int smb_direct_create_pools(struct smb_direct_transport *t)
+{
+ char name[80];
+ int i;
+ struct smb_direct_recvmsg *recvmsg;
+
+ snprintf(name, sizeof(name), "smb_direct_rqst_pool_%p", t);
+ t->sendmsg_cache = kmem_cache_create(name,
+ sizeof(struct smb_direct_sendmsg) +
+ sizeof(struct smb_direct_negotiate_resp),
+ 0, SLAB_HWCACHE_ALIGN, NULL);
+ if (!t->sendmsg_cache)
+ return -ENOMEM;
+
+ t->sendmsg_mempool = mempool_create(t->send_credit_target,
+ mempool_alloc_slab, mempool_free_slab,
+ t->sendmsg_cache);
+ if (!t->sendmsg_mempool)
+ goto err;
+
+ snprintf(name, sizeof(name), "smb_direct_resp_%p", t);
+ t->recvmsg_cache = kmem_cache_create(name,
+ sizeof(struct smb_direct_recvmsg) +
+ t->max_recv_size,
+ 0, SLAB_HWCACHE_ALIGN, NULL);
+ if (!t->recvmsg_cache)
+ goto err;
+
+ t->recvmsg_mempool =
+ mempool_create(t->recv_credit_max, mempool_alloc_slab,
+ mempool_free_slab, t->recvmsg_cache);
+ if (!t->recvmsg_mempool)
+ goto err;
+
+ INIT_LIST_HEAD(&t->recvmsg_queue);
+
+ for (i = 0; i < t->recv_credit_max; i++) {
+ recvmsg = mempool_alloc(t->recvmsg_mempool, GFP_KERNEL);
+ if (!recvmsg)
+ goto err;
+ recvmsg->transport = t;
+ list_add(&recvmsg->list, &t->recvmsg_queue);
+ }
+ t->count_avail_recvmsg = t->recv_credit_max;
+
+ return 0;
+err:
+ smb_direct_destroy_pools(t);
+ return -ENOMEM;
+}
+
+static int smb_direct_create_qpair(struct smb_direct_transport *t,
+ struct ib_qp_cap *cap)
+{
+ int ret;
+ struct ib_qp_init_attr qp_attr;
+
+ t->pd = ib_alloc_pd(t->cm_id->device, 0);
+ if (IS_ERR(t->pd)) {
+ ksmbd_err("Can't create RDMA PD\n");
+ ret = PTR_ERR(t->pd);
+ t->pd = NULL;
+ return ret;
+ }
+
+ t->send_cq = ib_alloc_cq(t->cm_id->device, t,
+ t->send_credit_target, 0, IB_POLL_WORKQUEUE);
+ if (IS_ERR(t->send_cq)) {
+ ksmbd_err("Can't create RDMA send CQ\n");
+ ret = PTR_ERR(t->send_cq);
+ t->send_cq = NULL;
+ goto err;
+ }
+
+ t->recv_cq = ib_alloc_cq(t->cm_id->device, t,
+ cap->max_send_wr + cap->max_rdma_ctxs,
+ 0, IB_POLL_WORKQUEUE);
+ if (IS_ERR(t->recv_cq)) {
+ ksmbd_err("Can't create RDMA recv CQ\n");
+ ret = PTR_ERR(t->recv_cq);
+ t->recv_cq = NULL;
+ goto err;
+ }
+
+ memset(&qp_attr, 0, sizeof(qp_attr));
+ qp_attr.event_handler = smb_direct_qpair_handler;
+ qp_attr.qp_context = t;
+ qp_attr.cap = *cap;
+ qp_attr.sq_sig_type = IB_SIGNAL_REQ_WR;
+ qp_attr.qp_type = IB_QPT_RC;
+ qp_attr.send_cq = t->send_cq;
+ qp_attr.recv_cq = t->recv_cq;
+ qp_attr.port_num = ~0;
+
+ ret = rdma_create_qp(t->cm_id, t->pd, &qp_attr);
+ if (ret) {
+ ksmbd_err("Can't create RDMA QP: %d\n", ret);
+ goto err;
+ }
+
+ t->qp = t->cm_id->qp;
+ t->cm_id->event_handler = smb_direct_cm_handler;
+
+ return 0;
+err:
+ if (t->qp) {
+ ib_destroy_qp(t->qp);
+ t->qp = NULL;
+ }
+ if (t->recv_cq) {
+ ib_destroy_cq(t->recv_cq);
+ t->recv_cq = NULL;
+ }
+ if (t->send_cq) {
+ ib_destroy_cq(t->send_cq);
+ t->send_cq = NULL;
+ }
+ if (t->pd) {
+ ib_dealloc_pd(t->pd);
+ t->pd = NULL;
+ }
+ return ret;
+}
+
+static int smb_direct_prepare(struct ksmbd_transport *t)
+{
+ struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+ int ret;
+ struct ib_qp_cap qp_cap;
+
+ ret = smb_direct_init_params(st, &qp_cap);
+ if (ret) {
+ ksmbd_err("Can't configure RDMA parameters\n");
+ return ret;
+ }
+
+ ret = smb_direct_create_pools(st);
+ if (ret) {
+ ksmbd_err("Can't init RDMA pool: %d\n", ret);
+ return ret;
+ }
+
+ ret = smb_direct_create_qpair(st, &qp_cap);
+ if (ret) {
+ ksmbd_err("Can't accept RDMA client: %d\n", ret);
+ return ret;
+ }
+
+ ret = smb_direct_negotiate(st);
+ if (ret) {
+ ksmbd_err("Can't negotiate: %d\n", ret);
+ return ret;
+ }
+
+ st->status = SMB_DIRECT_CS_CONNECTED;
+ return 0;
+}
+
+static bool rdma_frwr_is_supported(struct ib_device_attr *attrs)
+{
+ if (!(attrs->device_cap_flags & IB_DEVICE_MEM_MGT_EXTENSIONS))
+ return false;
+ if (attrs->max_fast_reg_page_list_len == 0)
+ return false;
+ return true;
+}
+
+static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
+{
+ struct smb_direct_transport *t;
+
+ if (!rdma_frwr_is_supported(&new_cm_id->device->attrs)) {
+ ksmbd_debug(RDMA,
+ "Fast Registration Work Requests is not supported. device capabilities=%llx\n",
+ new_cm_id->device->attrs.device_cap_flags);
+ return -EPROTONOSUPPORT;
+ }
+
+ t = alloc_transport(new_cm_id);
+ if (!t)
+ return -ENOMEM;
+
+ KSMBD_TRANS(t)->handler = kthread_run(ksmbd_conn_handler_loop,
+ KSMBD_TRANS(t)->conn, "ksmbd:r%u", SMB_DIRECT_PORT);
+ if (IS_ERR(KSMBD_TRANS(t)->handler)) {
+ int ret = PTR_ERR(KSMBD_TRANS(t)->handler);
+
+ ksmbd_err("Can't start thread\n");
+ free_transport(t);
+ return ret;
+ }
+
+ return 0;
+}
+
+static int smb_direct_listen_handler(struct rdma_cm_id *cm_id,
+ struct rdma_cm_event *event)
+{
+ switch (event->event) {
+ case RDMA_CM_EVENT_CONNECT_REQUEST: {
+ int ret = smb_direct_handle_connect_request(cm_id);
+
+ if (ret) {
+ ksmbd_err("Can't create transport: %d\n", ret);
+ return ret;
+ }
+
+ ksmbd_debug(RDMA, "Received connection request. cm_id=%p\n",
+ cm_id);
+ break;
+ }
+ default:
+ ksmbd_err("Unexpected listen event. cm_id=%p, event=%s (%d)\n",
+ cm_id,
+ rdma_event_msg(event->event), event->event);
+ break;
+ }
+ return 0;
+}
+
+static int smb_direct_listen(int port)
+{
+ int ret;
+ struct rdma_cm_id *cm_id;
+ struct sockaddr_in sin = {
+ .sin_family = AF_INET,
+ .sin_addr.s_addr = htonl(INADDR_ANY),
+ .sin_port = htons(port),
+ };
+
+ cm_id = rdma_create_id(&init_net, smb_direct_listen_handler,
+ &smb_direct_listener, RDMA_PS_TCP, IB_QPT_RC);
+ if (IS_ERR(cm_id)) {
+ ksmbd_err("Can't create cm id: %ld\n",
+ PTR_ERR(cm_id));
+ return PTR_ERR(cm_id);
+ }
+
+ ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin);
+ if (ret) {
+ ksmbd_err("Can't bind: %d\n", ret);
+ goto err;
+ }
+
+ smb_direct_listener.cm_id = cm_id;
+
+ ret = rdma_listen(cm_id, 10);
+ if (ret) {
+ ksmbd_err("Can't listen: %d\n", ret);
+ goto err;
+ }
+ return 0;
+err:
+ smb_direct_listener.cm_id = NULL;
+ rdma_destroy_id(cm_id);
+ return ret;
+}
+
+int ksmbd_rdma_init(void)
+{
+ int ret;
+
+ smb_direct_listener.cm_id = NULL;
+
+ /* When a client is running out of send credits, the credits are
+ * granted by the server's sending a packet using this queue.
+ * This avoids the situation that a clients cannot send packets
+ * for lack of credits
+ */
+ smb_direct_wq = alloc_workqueue("ksmbd-smb_direct-wq",
+ WQ_HIGHPRI|WQ_MEM_RECLAIM, 0);
+ if (!smb_direct_wq)
+ return -ENOMEM;
+
+ ret = smb_direct_listen(SMB_DIRECT_PORT);
+ if (ret) {
+ destroy_workqueue(smb_direct_wq);
+ smb_direct_wq = NULL;
+ ksmbd_err("Can't listen: %d\n", ret);
+ return ret;
+ }
+
+ ksmbd_debug(RDMA, "init RDMA listener. cm_id=%p\n",
+ smb_direct_listener.cm_id);
+ return 0;
+}
+
+int ksmbd_rdma_destroy(void)
+{
+ if (smb_direct_listener.cm_id)
+ rdma_destroy_id(smb_direct_listener.cm_id);
+ smb_direct_listener.cm_id = NULL;
+
+ if (smb_direct_wq) {
+ flush_workqueue(smb_direct_wq);
+ destroy_workqueue(smb_direct_wq);
+ smb_direct_wq = NULL;
+ }
+ return 0;
+}
+
+static struct ksmbd_transport_ops ksmbd_smb_direct_transport_ops = {
+ .prepare = smb_direct_prepare,
+ .disconnect = smb_direct_disconnect,
+ .writev = smb_direct_writev,
+ .read = smb_direct_read,
+ .rdma_read = smb_direct_rdma_read,
+ .rdma_write = smb_direct_rdma_write,
+};
diff --git a/fs/cifsd/transport_rdma.h b/fs/cifsd/transport_rdma.h
new file mode 100644
index 000000000000..da60fcec3ede
--- /dev/null
+++ b/fs/cifsd/transport_rdma.h
@@ -0,0 +1,61 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2017, Microsoft Corporation.
+ * Copyright (C) 2018, LG Electronics.
+ */
+
+#ifndef __KSMBD_TRANSPORT_RDMA_H__
+#define __KSMBD_TRANSPORT_RDMA_H__
+
+#define SMB_DIRECT_PORT 5445
+
+/* SMB DIRECT negotiation request packet [MS-KSMBD] 2.2.1 */
+struct smb_direct_negotiate_req {
+ __le16 min_version;
+ __le16 max_version;
+ __le16 reserved;
+ __le16 credits_requested;
+ __le32 preferred_send_size;
+ __le32 max_receive_size;
+ __le32 max_fragmented_size;
+} __packed;
+
+/* SMB DIRECT negotiation response packet [MS-KSMBD] 2.2.2 */
+struct smb_direct_negotiate_resp {
+ __le16 min_version;
+ __le16 max_version;
+ __le16 negotiated_version;
+ __le16 reserved;
+ __le16 credits_requested;
+ __le16 credits_granted;
+ __le32 status;
+ __le32 max_readwrite_size;
+ __le32 preferred_send_size;
+ __le32 max_receive_size;
+ __le32 max_fragmented_size;
+} __packed;
+
+#define SMB_DIRECT_RESPONSE_REQUESTED 0x0001
+
+/* SMB DIRECT data transfer packet with payload [MS-KSMBD] 2.2.3 */
+struct smb_direct_data_transfer {
+ __le16 credits_requested;
+ __le16 credits_granted;
+ __le16 flags;
+ __le16 reserved;
+ __le32 remaining_data_length;
+ __le32 data_offset;
+ __le32 data_length;
+ __le32 padding;
+ __u8 buffer[];
+} __packed;
+
+#ifdef CONFIG_SMB_SERVER_SMBDIRECT
+int ksmbd_rdma_init(void);
+int ksmbd_rdma_destroy(void);
+#else
+static inline int ksmbd_rdma_init(void) { return 0; }
+static inline int ksmbd_rdma_destroy(void) { return 0; }
+#endif
+
+#endif /* __KSMBD_TRANSPORT_RDMA_H__ */
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
new file mode 100644
index 000000000000..60ec9b2e0370
--- /dev/null
+++ b/fs/cifsd/transport_tcp.c
@@ -0,0 +1,624 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/freezer.h>
+
+#include "smb_common.h"
+#include "server.h"
+#include "auth.h"
+#include "buffer_pool.h"
+#include "connection.h"
+#include "transport_tcp.h"
+
+#define IFACE_STATE_DOWN (1 << 0)
+#define IFACE_STATE_CONFIGURED (1 << 1)
+
+struct interface {
+ struct task_struct *ksmbd_kthread;
+ struct socket *ksmbd_socket;
+ struct list_head entry;
+ char *name;
+ struct mutex sock_release_lock;
+ int state;
+};
+
+static LIST_HEAD(iface_list);
+
+static int bind_additional_ifaces;
+
+struct tcp_transport {
+ struct ksmbd_transport transport;
+ struct socket *sock;
+ struct kvec *iov;
+ unsigned int nr_iov;
+};
+
+static struct ksmbd_transport_ops ksmbd_tcp_transport_ops;
+
+static void tcp_stop_kthread(struct task_struct *kthread);
+static struct interface *alloc_iface(char *ifname);
+
+#define KSMBD_TRANS(t) (&(t)->transport)
+#define TCP_TRANS(t) ((struct tcp_transport *)container_of(t, \
+ struct tcp_transport, transport))
+
+static inline void ksmbd_tcp_nodelay(struct socket *sock)
+{
+ tcp_sock_set_nodelay(sock->sk);
+}
+
+static inline void ksmbd_tcp_reuseaddr(struct socket *sock)
+{
+ sock_set_reuseaddr(sock->sk);
+}
+
+static inline void ksmbd_tcp_rcv_timeout(struct socket *sock, s64 secs)
+{
+ lock_sock(sock->sk);
+ if (secs && secs < MAX_SCHEDULE_TIMEOUT / HZ - 1)
+ sock->sk->sk_rcvtimeo = secs * HZ;
+ else
+ sock->sk->sk_rcvtimeo = MAX_SCHEDULE_TIMEOUT;
+ release_sock(sock->sk);
+}
+
+static inline void ksmbd_tcp_snd_timeout(struct socket *sock, s64 secs)
+{
+ sock_set_sndtimeo(sock->sk, secs);
+}
+
+static struct tcp_transport *alloc_transport(struct socket *client_sk)
+{
+ struct tcp_transport *t;
+ struct ksmbd_conn *conn;
+
+ t = kzalloc(sizeof(*t), GFP_KERNEL);
+ if (!t)
+ return NULL;
+ t->sock = client_sk;
+
+ conn = ksmbd_conn_alloc();
+ if (!conn) {
+ kfree(t);
+ return NULL;
+ }
+
+ conn->transport = KSMBD_TRANS(t);
+ KSMBD_TRANS(t)->conn = conn;
+ KSMBD_TRANS(t)->ops = &ksmbd_tcp_transport_ops;
+ return t;
+}
+
+static void free_transport(struct tcp_transport *t)
+{
+ kernel_sock_shutdown(t->sock, SHUT_RDWR);
+ sock_release(t->sock);
+ t->sock = NULL;
+
+ ksmbd_conn_free(KSMBD_TRANS(t)->conn);
+ kfree(t->iov);
+ kfree(t);
+}
+
+/**
+ * kvec_array_init() - initialize a IO vector segment
+ * @new: IO vector to be initialized
+ * @iov: base IO vector
+ * @nr_segs: number of segments in base iov
+ * @bytes: total iovec length so far for read
+ *
+ * Return: Number of IO segments
+ */
+static unsigned int kvec_array_init(struct kvec *new, struct kvec *iov,
+ unsigned int nr_segs, size_t bytes)
+{
+ size_t base = 0;
+
+ while (bytes || !iov->iov_len) {
+ int copy = min(bytes, iov->iov_len);
+
+ bytes -= copy;
+ base += copy;
+ if (iov->iov_len == base) {
+ iov++;
+ nr_segs--;
+ base = 0;
+ }
+ }
+
+ memcpy(new, iov, sizeof(*iov) * nr_segs);
+ new->iov_base += base;
+ new->iov_len -= base;
+ return nr_segs;
+}
+
+/**
+ * get_conn_iovec() - get connection iovec for reading from socket
+ * @t: TCP transport instance
+ * @nr_segs: number of segments in iov
+ *
+ * Return: return existing or newly allocate iovec
+ */
+static struct kvec *get_conn_iovec(struct tcp_transport *t,
+ unsigned int nr_segs)
+{
+ struct kvec *new_iov;
+
+ if (t->iov && nr_segs <= t->nr_iov)
+ return t->iov;
+
+ /* not big enough -- allocate a new one and release the old */
+ new_iov = kmalloc_array(nr_segs, sizeof(*new_iov), GFP_KERNEL);
+ if (new_iov) {
+ kfree(t->iov);
+ t->iov = new_iov;
+ t->nr_iov = nr_segs;
+ }
+ return new_iov;
+}
+
+static unsigned short ksmbd_tcp_get_port(const struct sockaddr *sa)
+{
+ switch (sa->sa_family) {
+ case AF_INET:
+ return ntohs(((struct sockaddr_in *)sa)->sin_port);
+ case AF_INET6:
+ return ntohs(((struct sockaddr_in6 *)sa)->sin6_port);
+ }
+ return 0;
+}
+
+/**
+ * ksmbd_tcp_new_connection() - create a new tcp session on mount
+ * @sock: socket associated with new connection
+ *
+ * whenever a new connection is requested, create a conn thread
+ * (session thread) to handle new incoming smb requests from the connection
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int ksmbd_tcp_new_connection(struct socket *client_sk)
+{
+ struct sockaddr *csin;
+ int rc = 0;
+ struct tcp_transport *t;
+
+ t = alloc_transport(client_sk);
+ if (!t)
+ return -ENOMEM;
+
+ csin = KSMBD_TCP_PEER_SOCKADDR(KSMBD_TRANS(t)->conn);
+ if (kernel_getpeername(client_sk, csin) < 0) {
+ ksmbd_err("client ip resolution failed\n");
+ rc = -EINVAL;
+ goto out_error;
+ }
+
+ KSMBD_TRANS(t)->handler = kthread_run(ksmbd_conn_handler_loop,
+ KSMBD_TRANS(t)->conn,
+ "ksmbd:%u", ksmbd_tcp_get_port(csin));
+ if (IS_ERR(KSMBD_TRANS(t)->handler)) {
+ ksmbd_err("cannot start conn thread\n");
+ rc = PTR_ERR(KSMBD_TRANS(t)->handler);
+ free_transport(t);
+ }
+ return rc;
+
+out_error:
+ free_transport(t);
+ return rc;
+}
+
+/**
+ * ksmbd_kthread_fn() - listen to new SMB connections and callback server
+ * @p: arguments to forker thread
+ *
+ * Return: Returns a task_struct or ERR_PTR
+ */
+static int ksmbd_kthread_fn(void *p)
+{
+ struct socket *client_sk = NULL;
+ struct interface *iface = (struct interface *)p;
+ int ret;
+
+ while (!kthread_should_stop()) {
+ mutex_lock(&iface->sock_release_lock);
+ if (!iface->ksmbd_socket) {
+ mutex_unlock(&iface->sock_release_lock);
+ break;
+ }
+ ret = kernel_accept(iface->ksmbd_socket, &client_sk,
+ O_NONBLOCK);
+ mutex_unlock(&iface->sock_release_lock);
+ if (ret) {
+ if (ret == -EAGAIN)
+ /* check for new connections every 100 msecs */
+ schedule_timeout_interruptible(HZ / 10);
+ continue;
+ }
+
+ ksmbd_debug(CONN, "connect success: accepted new connection\n");
+ client_sk->sk->sk_rcvtimeo = KSMBD_TCP_RECV_TIMEOUT;
+ client_sk->sk->sk_sndtimeo = KSMBD_TCP_SEND_TIMEOUT;
+
+ ksmbd_tcp_new_connection(client_sk);
+ }
+
+ ksmbd_debug(CONN, "releasing socket\n");
+ return 0;
+}
+
+/**
+ * ksmbd_create_ksmbd_kthread() - start forker thread
+ *
+ * start forker thread(ksmbd/0) at module init time to listen
+ * on port 445 for new SMB connection requests. It creates per connection
+ * server threads(ksmbd/x)
+ *
+ * Return: 0 on success or error number
+ */
+static int ksmbd_tcp_run_kthread(struct interface *iface)
+{
+ int rc;
+ struct task_struct *kthread;
+
+ kthread = kthread_run(ksmbd_kthread_fn, (void *)iface,
+ "ksmbd-%s", iface->name);
+ if (IS_ERR(kthread)) {
+ rc = PTR_ERR(kthread);
+ return rc;
+ }
+ iface->ksmbd_kthread = kthread;
+
+ return 0;
+}
+
+/**
+ * ksmbd_tcp_readv() - read data from socket in given iovec
+ * @t: TCP transport instance
+ * @iov_orig: base IO vector
+ * @nr_segs: number of segments in base iov
+ * @to_read: number of bytes to read from socket
+ *
+ * Return: on success return number of bytes read from socket,
+ * otherwise return error number
+ */
+static int ksmbd_tcp_readv(struct tcp_transport *t,
+ struct kvec *iov_orig,
+ unsigned int nr_segs,
+ unsigned int to_read)
+{
+ int length = 0;
+ int total_read;
+ unsigned int segs;
+ struct msghdr ksmbd_msg;
+ struct kvec *iov;
+ struct ksmbd_conn *conn = KSMBD_TRANS(t)->conn;
+
+ iov = get_conn_iovec(t, nr_segs);
+ if (!iov)
+ return -ENOMEM;
+
+ ksmbd_msg.msg_control = NULL;
+ ksmbd_msg.msg_controllen = 0;
+
+ for (total_read = 0; to_read; total_read += length, to_read -= length) {
+ try_to_freeze();
+
+ if (!ksmbd_conn_alive(conn)) {
+ total_read = -ESHUTDOWN;
+ break;
+ }
+ segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
+
+ length = kernel_recvmsg(t->sock, &ksmbd_msg,
+ iov, segs, to_read, 0);
+
+ if (length == -EINTR) {
+ total_read = -ESHUTDOWN;
+ break;
+ } else if (conn->status == KSMBD_SESS_NEED_RECONNECT) {
+ total_read = -EAGAIN;
+ break;
+ } else if (length == -ERESTARTSYS || length == -EAGAIN) {
+ usleep_range(1000, 2000);
+ length = 0;
+ continue;
+ } else if (length <= 0) {
+ total_read = -EAGAIN;
+ break;
+ }
+ }
+ return total_read;
+}
+
+/**
+ * ksmbd_tcp_read() - read data from socket in given buffer
+ * @t: TCP transport instance
+ * @buf: buffer to store read data from socket
+ * @to_read: number of bytes to read from socket
+ *
+ * Return: on success return number of bytes read from socket,
+ * otherwise return error number
+ */
+static int ksmbd_tcp_read(struct ksmbd_transport *t,
+ char *buf,
+ unsigned int to_read)
+{
+ struct kvec iov;
+
+ iov.iov_base = buf;
+ iov.iov_len = to_read;
+
+ return ksmbd_tcp_readv(TCP_TRANS(t), &iov, 1, to_read);
+}
+
+static int ksmbd_tcp_writev(struct ksmbd_transport *t,
+ struct kvec *iov, int nvecs, int size,
+ bool need_invalidate, unsigned int remote_key)
+
+{
+ struct msghdr smb_msg = {.msg_flags = MSG_NOSIGNAL};
+
+ return kernel_sendmsg(TCP_TRANS(t)->sock, &smb_msg, iov, nvecs, size);
+}
+
+static void ksmbd_tcp_disconnect(struct ksmbd_transport *t)
+{
+ free_transport(TCP_TRANS(t));
+}
+
+static void tcp_destroy_socket(struct socket *ksmbd_socket)
+{
+ int ret;
+
+ if (!ksmbd_socket)
+ return;
+
+ /* set zero to timeout */
+ ksmbd_tcp_rcv_timeout(ksmbd_socket, 0);
+ ksmbd_tcp_snd_timeout(ksmbd_socket, 0);
+
+ ret = kernel_sock_shutdown(ksmbd_socket, SHUT_RDWR);
+ if (ret)
+ ksmbd_err("Failed to shutdown socket: %d\n", ret);
+ else
+ sock_release(ksmbd_socket);
+}
+
+/**
+ * create_socket - create socket for ksmbd/0
+ *
+ * Return: Returns a task_struct or ERR_PTR
+ */
+static int create_socket(struct interface *iface)
+{
+ int ret;
+ struct sockaddr_in6 sin6;
+ struct sockaddr_in sin;
+ struct socket *ksmbd_socket;
+ bool ipv4 = false;
+
+ ret = sock_create(PF_INET6, SOCK_STREAM, IPPROTO_TCP, &ksmbd_socket);
+ if (ret) {
+ ksmbd_err("Can't create socket for ipv6, try ipv4: %d\n", ret);
+ ret = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP,
+ &ksmbd_socket);
+ if (ret) {
+ ksmbd_err("Can't create socket for ipv4: %d\n", ret);
+ goto out_error;
+ }
+
+ sin.sin_family = PF_INET;
+ sin.sin_addr.s_addr = htonl(INADDR_ANY);
+ sin.sin_port = htons(server_conf.tcp_port);
+ ipv4 = true;
+ } else {
+ sin6.sin6_family = PF_INET6;
+ sin6.sin6_addr = in6addr_any;
+ sin6.sin6_port = htons(server_conf.tcp_port);
+ }
+
+ ksmbd_tcp_nodelay(ksmbd_socket);
+ ksmbd_tcp_reuseaddr(ksmbd_socket);
+
+ ret = sock_setsockopt(ksmbd_socket,
+ SOL_SOCKET,
+ SO_BINDTODEVICE,
+ KERNEL_SOCKPTR(iface->name),
+ strlen(iface->name));
+ if (ret != -ENODEV && ret < 0) {
+ ksmbd_err("Failed to set SO_BINDTODEVICE: %d\n", ret);
+ goto out_error;
+ }
+
+ if (ipv4)
+ ret = kernel_bind(ksmbd_socket, (struct sockaddr *)&sin,
+ sizeof(sin));
+ else
+ ret = kernel_bind(ksmbd_socket, (struct sockaddr *)&sin6,
+ sizeof(sin6));
+ if (ret) {
+ ksmbd_err("Failed to bind socket: %d\n", ret);
+ goto out_error;
+ }
+
+ ksmbd_socket->sk->sk_rcvtimeo = KSMBD_TCP_RECV_TIMEOUT;
+ ksmbd_socket->sk->sk_sndtimeo = KSMBD_TCP_SEND_TIMEOUT;
+
+ ret = kernel_listen(ksmbd_socket, KSMBD_SOCKET_BACKLOG);
+ if (ret) {
+ ksmbd_err("Port listen() error: %d\n", ret);
+ goto out_error;
+ }
+
+ iface->ksmbd_socket = ksmbd_socket;
+ ret = ksmbd_tcp_run_kthread(iface);
+ if (ret) {
+ ksmbd_err("Can't start ksmbd main kthread: %d\n", ret);
+ goto out_error;
+ }
+ iface->state = IFACE_STATE_CONFIGURED;
+
+ return 0;
+
+out_error:
+ tcp_destroy_socket(ksmbd_socket);
+ iface->ksmbd_socket = NULL;
+ return ret;
+}
+
+static int ksmbd_netdev_event(struct notifier_block *nb, unsigned long event,
+ void *ptr)
+{
+ struct net_device *netdev = netdev_notifier_info_to_dev(ptr);
+ struct interface *iface;
+ int ret, found = 0;
+
+ switch (event) {
+ case NETDEV_UP:
+ if (netdev->priv_flags & IFF_BRIDGE_PORT)
+ return NOTIFY_OK;
+
+ list_for_each_entry(iface, &iface_list, entry) {
+ if (!strcmp(iface->name, netdev->name)) {
+ found = 1;
+ if (iface->state != IFACE_STATE_DOWN)
+ break;
+ ret = create_socket(iface);
+ if (ret)
+ return NOTIFY_OK;
+ break;
+ }
+ }
+ if (!found && bind_additional_ifaces) {
+ iface = alloc_iface(kstrdup(netdev->name, GFP_KERNEL));
+ if (!iface)
+ return NOTIFY_OK;
+ ret = create_socket(iface);
+ if (ret)
+ break;
+ }
+ break;
+ case NETDEV_DOWN:
+ list_for_each_entry(iface, &iface_list, entry) {
+ if (!strcmp(iface->name, netdev->name) &&
+ iface->state == IFACE_STATE_CONFIGURED) {
+ tcp_stop_kthread(iface->ksmbd_kthread);
+ iface->ksmbd_kthread = NULL;
+ mutex_lock(&iface->sock_release_lock);
+ tcp_destroy_socket(iface->ksmbd_socket);
+ iface->ksmbd_socket = NULL;
+ mutex_unlock(&iface->sock_release_lock);
+
+ iface->state = IFACE_STATE_DOWN;
+ break;
+ }
+ }
+ break;
+ }
+
+ return NOTIFY_DONE;
+
+}
+
+static struct notifier_block ksmbd_netdev_notifier = {
+ .notifier_call = ksmbd_netdev_event,
+};
+
+int ksmbd_tcp_init(void)
+{
+ register_netdevice_notifier(&ksmbd_netdev_notifier);
+
+ return 0;
+}
+
+static void tcp_stop_kthread(struct task_struct *kthread)
+{
+ int ret;
+
+ if (!kthread)
+ return;
+
+ ret = kthread_stop(kthread);
+ if (ret)
+ ksmbd_err("failed to stop forker thread\n");
+}
+
+void ksmbd_tcp_destroy(void)
+{
+ struct interface *iface, *tmp;
+
+ unregister_netdevice_notifier(&ksmbd_netdev_notifier);
+
+ list_for_each_entry_safe(iface, tmp, &iface_list, entry) {
+ list_del(&iface->entry);
+ kfree(iface->name);
+ ksmbd_free(iface);
+ }
+}
+
+static struct interface *alloc_iface(char *ifname)
+{
+ struct interface *iface;
+
+ if (!ifname)
+ return NULL;
+
+ iface = ksmbd_alloc(sizeof(struct interface));
+ if (!iface) {
+ kfree(ifname);
+ return NULL;
+ }
+
+ iface->name = ifname;
+ iface->state = IFACE_STATE_DOWN;
+ list_add(&iface->entry, &iface_list);
+ mutex_init(&iface->sock_release_lock);
+ return iface;
+}
+
+int ksmbd_tcp_set_interfaces(char *ifc_list, int ifc_list_sz)
+{
+ int sz = 0;
+
+ if (!ifc_list_sz) {
+ struct net_device *netdev;
+
+ rtnl_lock();
+ for_each_netdev(&init_net, netdev) {
+ if (netdev->priv_flags & IFF_BRIDGE_PORT)
+ continue;
+ if (!alloc_iface(kstrdup(netdev->name, GFP_KERNEL)))
+ return -ENOMEM;
+ }
+ rtnl_unlock();
+ bind_additional_ifaces = 1;
+ return 0;
+ }
+
+ while (ifc_list_sz > 0) {
+ if (!alloc_iface(kstrdup(ifc_list, GFP_KERNEL)))
+ return -ENOMEM;
+
+ sz = strlen(ifc_list);
+ if (!sz)
+ break;
+
+ ifc_list += sz + 1;
+ ifc_list_sz -= (sz + 1);
+ }
+
+ bind_additional_ifaces = 0;
+
+ return 0;
+}
+
+static struct ksmbd_transport_ops ksmbd_tcp_transport_ops = {
+ .read = ksmbd_tcp_read,
+ .writev = ksmbd_tcp_writev,
+ .disconnect = ksmbd_tcp_disconnect,
+};
diff --git a/fs/cifsd/transport_tcp.h b/fs/cifsd/transport_tcp.h
new file mode 100644
index 000000000000..e338bebe322f
--- /dev/null
+++ b/fs/cifsd/transport_tcp.h
@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_TRANSPORT_TCP_H__
+#define __KSMBD_TRANSPORT_TCP_H__
+
+int ksmbd_tcp_set_interfaces(char *ifc_list, int ifc_list_sz);
+int ksmbd_tcp_init(void);
+void ksmbd_tcp_destroy(void);
+
+#endif /* __KSMBD_TRANSPORT_TCP_H__ */
From patchwork Mon Nov 14 12:48:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183100
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:13 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:12 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:11 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 002/308] cifsd: add server-side procedures for
SMB3
Date: Mon, 14 Nov 2022 20:48:31 +0800
Message-ID: <20221114125337.1831594-3-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
565dbde2-f44a-44bf-6d78-08dac63c40d9
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.8780854
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e2f34481b24d
-------------------------------
This adds smb3 engine, NTLM/NTLMv2/Kerberos authentication, oplock/lease
cache mechanism for cifsd.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Acked-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 702 +++
fs/cifsd/asn1.h | 29 +
fs/cifsd/auth.c | 1348 ++++++
fs/cifsd/auth.h | 90 +
fs/cifsd/crypto_ctx.c | 287 ++
fs/cifsd/crypto_ctx.h | 77 +
fs/cifsd/mgmt/ksmbd_ida.c | 69 +
fs/cifsd/mgmt/ksmbd_ida.h | 41 +
fs/cifsd/mgmt/share_config.c | 239 +
fs/cifsd/mgmt/share_config.h | 83 +
fs/cifsd/mgmt/tree_connect.c | 129 +
fs/cifsd/mgmt/tree_connect.h | 56 +
fs/cifsd/mgmt/user_config.c | 70 +
fs/cifsd/mgmt/user_config.h | 67 +
fs/cifsd/mgmt/user_session.c | 345 ++
fs/cifsd/mgmt/user_session.h | 105 +
fs/cifsd/misc.c | 293 ++
fs/cifsd/misc.h | 38 +
fs/cifsd/ndr.c | 344 ++
fs/cifsd/ndr.h | 21 +
fs/cifsd/netmisc.c | 46 +
fs/cifsd/nterr.c | 674 +++
fs/cifsd/nterr.h | 552 +++
fs/cifsd/ntlmssp.h | 169 +
fs/cifsd/oplock.c | 1693 +++++++
fs/cifsd/oplock.h | 138 +
fs/cifsd/smb2misc.c | 458 ++
fs/cifsd/smb2ops.c | 300 ++
fs/cifsd/smb2pdu.c | 8486 ++++++++++++++++++++++++++++++++++
fs/cifsd/smb2pdu.h | 1649 +++++++
fs/cifsd/smb_common.c | 668 +++
fs/cifsd/smb_common.h | 546 +++
fs/cifsd/smbacl.c | 1309 ++++++
fs/cifsd/smbacl.h | 202 +
fs/cifsd/smberr.h | 235 +
fs/cifsd/smbfsctl.h | 90 +
fs/cifsd/smbstatus.h | 1822 ++++++++
fs/cifsd/time_wrappers.h | 34 +
fs/cifsd/unicode.c | 391 ++
fs/cifsd/unicode.h | 374 ++
fs/cifsd/uniupr.h | 268 ++
41 files changed, 24537 insertions(+)
create mode 100644 fs/cifsd/asn1.c
create mode 100644 fs/cifsd/asn1.h
create mode 100644 fs/cifsd/auth.c
create mode 100644 fs/cifsd/auth.h
create mode 100644 fs/cifsd/crypto_ctx.c
create mode 100644 fs/cifsd/crypto_ctx.h
create mode 100644 fs/cifsd/mgmt/ksmbd_ida.c
create mode 100644 fs/cifsd/mgmt/ksmbd_ida.h
create mode 100644 fs/cifsd/mgmt/share_config.c
create mode 100644 fs/cifsd/mgmt/share_config.h
create mode 100644 fs/cifsd/mgmt/tree_connect.c
create mode 100644 fs/cifsd/mgmt/tree_connect.h
create mode 100644 fs/cifsd/mgmt/user_config.c
create mode 100644 fs/cifsd/mgmt/user_config.h
create mode 100644 fs/cifsd/mgmt/user_session.c
create mode 100644 fs/cifsd/mgmt/user_session.h
create mode 100644 fs/cifsd/misc.c
create mode 100644 fs/cifsd/misc.h
create mode 100644 fs/cifsd/ndr.c
create mode 100644 fs/cifsd/ndr.h
create mode 100644 fs/cifsd/netmisc.c
create mode 100644 fs/cifsd/nterr.c
create mode 100644 fs/cifsd/nterr.h
create mode 100644 fs/cifsd/ntlmssp.h
create mode 100644 fs/cifsd/oplock.c
create mode 100644 fs/cifsd/oplock.h
create mode 100644 fs/cifsd/smb2misc.c
create mode 100644 fs/cifsd/smb2ops.c
create mode 100644 fs/cifsd/smb2pdu.c
create mode 100644 fs/cifsd/smb2pdu.h
create mode 100644 fs/cifsd/smb_common.c
create mode 100644 fs/cifsd/smb_common.h
create mode 100644 fs/cifsd/smbacl.c
create mode 100644 fs/cifsd/smbacl.h
create mode 100644 fs/cifsd/smberr.h
create mode 100644 fs/cifsd/smbfsctl.h
create mode 100644 fs/cifsd/smbstatus.h
create mode 100644 fs/cifsd/time_wrappers.h
create mode 100644 fs/cifsd/unicode.c
create mode 100644 fs/cifsd/unicode.h
create mode 100644 fs/cifsd/uniupr.h
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
new file mode 100644
index 000000000000..aa702b665849
--- /dev/null
+++ b/fs/cifsd/asn1.c
@@ -0,0 +1,702 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
+ * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
+ *
+ * Copyright (c) 2000 RP Internet (www.rpi.net.au)
+ */
+
+#include <linux/module.h>
+#include <linux/types.h>
+#include <linux/kernel.h>
+#include <linux/mm.h>
+#include <linux/slab.h>
+
+#include "glob.h"
+
+#include "asn1.h"
+#include "connection.h"
+#include "auth.h"
+
+/*****************************************************************************
+ *
+ * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
+ *
+ *****************************************************************************/
+
+/* Class */
+#define ASN1_UNI 0 /* Universal */
+#define ASN1_APL 1 /* Application */
+#define ASN1_CTX 2 /* Context */
+#define ASN1_PRV 3 /* Private */
+
+/* Tag */
+#define ASN1_EOC 0 /* End Of Contents or N/A */
+#define ASN1_BOL 1 /* Boolean */
+#define ASN1_INT 2 /* Integer */
+#define ASN1_BTS 3 /* Bit String */
+#define ASN1_OTS 4 /* Octet String */
+#define ASN1_NUL 5 /* Null */
+#define ASN1_OJI 6 /* Object Identifier */
+#define ASN1_OJD 7 /* Object Description */
+#define ASN1_EXT 8 /* External */
+#define ASN1_ENUM 10 /* Enumerated */
+#define ASN1_SEQ 16 /* Sequence */
+#define ASN1_SET 17 /* Set */
+#define ASN1_NUMSTR 18 /* Numerical String */
+#define ASN1_PRNSTR 19 /* Printable String */
+#define ASN1_TEXSTR 20 /* Teletext String */
+#define ASN1_VIDSTR 21 /* Video String */
+#define ASN1_IA5STR 22 /* IA5 String */
+#define ASN1_UNITIM 23 /* Universal Time */
+#define ASN1_GENTIM 24 /* General Time */
+#define ASN1_GRASTR 25 /* Graphical String */
+#define ASN1_VISSTR 26 /* Visible String */
+#define ASN1_GENSTR 27 /* General String */
+
+/* Primitive / Constructed methods*/
+#define ASN1_PRI 0 /* Primitive */
+#define ASN1_CON 1 /* Constructed */
+
+/*
+ * Error codes.
+ */
+#define ASN1_ERR_NOERROR 0
+#define ASN1_ERR_DEC_EMPTY 2
+#define ASN1_ERR_DEC_EOC_MISMATCH 3
+#define ASN1_ERR_DEC_LENGTH_MISMATCH 4
+#define ASN1_ERR_DEC_BADVALUE 5
+
+#define SPNEGO_OID_LEN 7
+#define NTLMSSP_OID_LEN 10
+#define KRB5_OID_LEN 7
+#define KRB5U2U_OID_LEN 8
+#define MSKRB5_OID_LEN 7
+static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
+static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
+static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 };
+static unsigned long KRB5U2U_OID[8] = { 1, 2, 840, 113554, 1, 2, 2, 3 };
+static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 };
+
+static char NTLMSSP_OID_STR[NTLMSSP_OID_LEN] = { 0x2b, 0x06, 0x01, 0x04, 0x01,
+ 0x82, 0x37, 0x02, 0x02, 0x0a };
+
+/*
+ * ASN.1 context.
+ */
+struct asn1_ctx {
+ int error; /* Error condition */
+ unsigned char *pointer; /* Octet just to be decoded */
+ unsigned char *begin; /* First octet */
+ unsigned char *end; /* Octet after last octet */
+};
+
+/*
+ * Octet string (not null terminated)
+ */
+struct asn1_octstr {
+ unsigned char *data;
+ unsigned int len;
+};
+
+static void
+asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len)
+{
+ ctx->begin = buf;
+ ctx->end = buf + len;
+ ctx->pointer = buf;
+ ctx->error = ASN1_ERR_NOERROR;
+}
+
+static unsigned char
+asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
+{
+ if (ctx->pointer >= ctx->end) {
+ ctx->error = ASN1_ERR_DEC_EMPTY;
+ return 0;
+ }
+ *ch = *(ctx->pointer)++;
+ return 1;
+}
+
+static unsigned char
+asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag)
+{
+ unsigned char ch;
+
+ *tag = 0;
+
+ do {
+ if (!asn1_octet_decode(ctx, &ch))
+ return 0;
+ *tag <<= 7;
+ *tag |= ch & 0x7F;
+ } while ((ch & 0x80) == 0x80);
+ return 1;
+}
+
+static unsigned char
+asn1_id_decode(struct asn1_ctx *ctx,
+ unsigned int *cls, unsigned int *con, unsigned int *tag)
+{
+ unsigned char ch;
+
+ if (!asn1_octet_decode(ctx, &ch))
+ return 0;
+
+ *cls = (ch & 0xC0) >> 6;
+ *con = (ch & 0x20) >> 5;
+ *tag = (ch & 0x1F);
+
+ if (*tag == 0x1F) {
+ if (!asn1_tag_decode(ctx, tag))
+ return 0;
+ }
+ return 1;
+}
+
+static unsigned char
+asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len)
+{
+ unsigned char ch, cnt;
+
+ if (!asn1_octet_decode(ctx, &ch))
+ return 0;
+
+ if (ch == 0x80)
+ *def = 0;
+ else {
+ *def = 1;
+
+ if (ch < 0x80)
+ *len = ch;
+ else {
+ cnt = (unsigned char) (ch & 0x7F);
+ *len = 0;
+
+ while (cnt > 0) {
+ if (!asn1_octet_decode(ctx, &ch))
+ return 0;
+ *len <<= 8;
+ *len |= ch;
+ cnt--;
+ }
+ }
+ }
+
+ /* don't trust len bigger than ctx buffer */
+ if (*len > ctx->end - ctx->pointer)
+ return 0;
+
+ return 1;
+}
+
+static unsigned char
+asn1_header_decode(struct asn1_ctx *ctx,
+ unsigned char **eoc,
+ unsigned int *cls, unsigned int *con, unsigned int *tag)
+{
+ unsigned int def = 0;
+ unsigned int len = 0;
+
+ if (!asn1_id_decode(ctx, cls, con, tag))
+ return 0;
+
+ if (!asn1_length_decode(ctx, &def, &len))
+ return 0;
+
+ /* primitive shall be definite, indefinite shall be constructed */
+ if (*con == ASN1_PRI && !def)
+ return 0;
+
+ if (def)
+ *eoc = ctx->pointer + len;
+ else
+ *eoc = NULL;
+ return 1;
+}
+
+static unsigned char
+asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc)
+{
+ unsigned char ch;
+
+ if (!eoc) {
+ if (!asn1_octet_decode(ctx, &ch))
+ return 0;
+
+ if (ch != 0x00) {
+ ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
+ return 0;
+ }
+
+ if (!asn1_octet_decode(ctx, &ch))
+ return 0;
+
+ if (ch != 0x00) {
+ ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
+ return 0;
+ }
+ } else {
+ if (ctx->pointer != eoc) {
+ ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
+ return 0;
+ }
+ }
+ return 1;
+}
+
+static unsigned char
+asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
+{
+ unsigned char ch;
+
+ *subid = 0;
+
+ do {
+ if (!asn1_octet_decode(ctx, &ch))
+ return 0;
+
+ *subid <<= 7;
+ *subid |= ch & 0x7F;
+ } while ((ch & 0x80) == 0x80);
+ return 1;
+}
+
+static int
+asn1_oid_decode(struct asn1_ctx *ctx,
+ unsigned char *eoc, unsigned long **oid, unsigned int *len)
+{
+ unsigned long subid;
+ unsigned int size;
+ unsigned long *optr;
+
+ size = eoc - ctx->pointer + 1;
+
+ /* first subid actually encodes first two subids */
+ if (size < 2 || size > UINT_MAX/sizeof(unsigned long))
+ return 0;
+
+ *oid = kmalloc(size * sizeof(unsigned long), GFP_KERNEL);
+ if (!*oid)
+ return 0;
+
+ optr = *oid;
+
+ if (!asn1_subid_decode(ctx, &subid)) {
+ kfree(*oid);
+ *oid = NULL;
+ return 0;
+ }
+
+ if (subid < 40) {
+ optr[0] = 0;
+ optr[1] = subid;
+ } else if (subid < 80) {
+ optr[0] = 1;
+ optr[1] = subid - 40;
+ } else {
+ optr[0] = 2;
+ optr[1] = subid - 80;
+ }
+
+ *len = 2;
+ optr += 2;
+
+ while (ctx->pointer < eoc) {
+ if (++(*len) > size) {
+ ctx->error = ASN1_ERR_DEC_BADVALUE;
+ kfree(*oid);
+ *oid = NULL;
+ return 0;
+ }
+
+ if (!asn1_subid_decode(ctx, optr++)) {
+ kfree(*oid);
+ *oid = NULL;
+ return 0;
+ }
+ }
+ return 1;
+}
+
+static int
+compare_oid(unsigned long *oid1, unsigned int oid1len,
+ unsigned long *oid2, unsigned int oid2len)
+{
+ unsigned int i;
+
+ if (oid1len != oid2len)
+ return 0;
+
+ for (i = 0; i < oid1len; i++) {
+ if (oid1[i] != oid2[i])
+ return 0;
+ }
+ return 1;
+}
+
+/* BB check for endian conversion issues here */
+
+int
+ksmbd_decode_negTokenInit(unsigned char *security_blob, int length,
+ struct ksmbd_conn *conn)
+{
+ struct asn1_ctx ctx;
+ unsigned char *end;
+ unsigned char *sequence_end;
+ unsigned long *oid = NULL;
+ unsigned int cls, con, tag, oidlen, rc, mechTokenlen;
+ unsigned int mech_type;
+
+ ksmbd_debug(AUTH, "Received SecBlob: length %d\n", length);
+
+ asn1_open(&ctx, security_blob, length);
+
+ /* GSSAPI header */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit header\n");
+ return 0;
+ } else if ((cls != ASN1_APL) || (con != ASN1_CON)
+ || (tag != ASN1_EOC)) {
+ ksmbd_debug(AUTH, "cls = %d con = %d tag = %d\n", cls, con,
+ tag);
+ return 0;
+ }
+
+ /* Check for SPNEGO OID -- remember to free obj->oid */
+ rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
+ if (rc) {
+ if ((tag == ASN1_OJI) && (con == ASN1_PRI) &&
+ (cls == ASN1_UNI)) {
+ rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
+ if (rc) {
+ rc = compare_oid(oid, oidlen, SPNEGO_OID,
+ SPNEGO_OID_LEN);
+ kfree(oid);
+ }
+ } else
+ rc = 0;
+ }
+
+ /* SPNEGO OID not present or garbled -- bail out */
+ if (!rc) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit header\n");
+ return 0;
+ }
+
+ /* SPNEGO */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
+ || (tag != ASN1_EOC)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ /* negTokenInit */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
+ || (tag != ASN1_SEQ)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ /* sequence */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
+ || (tag != ASN1_EOC)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ /* sequence of */
+ if (asn1_header_decode
+ (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
+ || (tag != ASN1_SEQ)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ /* list of security mechanisms */
+ while (!asn1_eoc_decode(&ctx, sequence_end)) {
+ rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
+ if (!rc) {
+ ksmbd_debug(AUTH,
+ "Error decoding negTokenInit hdr exit2\n");
+ return 0;
+ }
+ if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
+ if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) {
+ if (compare_oid(oid, oidlen, MSKRB5_OID,
+ MSKRB5_OID_LEN))
+ mech_type = KSMBD_AUTH_MSKRB5;
+ else if (compare_oid(oid, oidlen, KRB5U2U_OID,
+ KRB5U2U_OID_LEN))
+ mech_type = KSMBD_AUTH_KRB5U2U;
+ else if (compare_oid(oid, oidlen, KRB5_OID,
+ KRB5_OID_LEN))
+ mech_type = KSMBD_AUTH_KRB5;
+ else if (compare_oid(oid, oidlen, NTLMSSP_OID,
+ NTLMSSP_OID_LEN))
+ mech_type = KSMBD_AUTH_NTLMSSP;
+ else {
+ kfree(oid);
+ continue;
+ }
+
+ conn->auth_mechs |= mech_type;
+ if (conn->preferred_auth_mech == 0)
+ conn->preferred_auth_mech = mech_type;
+ kfree(oid);
+ }
+ } else {
+ ksmbd_debug(AUTH,
+ "Should be an oid what is going on?\n");
+ }
+ }
+
+ /* sequence */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
+ || (tag != ASN1_INT)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ /* sequence of */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
+ || (tag != ASN1_OTS)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ mechTokenlen = ctx.end - ctx.pointer;
+ conn->mechToken = kmalloc(mechTokenlen + 1, GFP_KERNEL);
+ if (!conn->mechToken) {
+ ksmbd_err("memory allocation error\n");
+ return 0;
+ }
+
+ memcpy(conn->mechToken, ctx.pointer, mechTokenlen);
+ conn->mechToken[mechTokenlen] = '\0';
+
+ return 1;
+}
+
+int
+ksmbd_decode_negTokenTarg(unsigned char *security_blob, int length,
+ struct ksmbd_conn *conn)
+{
+ struct asn1_ctx ctx;
+ unsigned char *end;
+ unsigned int cls, con, tag, mechTokenlen;
+
+ ksmbd_debug(AUTH, "Received Auth SecBlob: length %d\n", length);
+
+ asn1_open(&ctx, security_blob, length);
+
+ /* GSSAPI header */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit header\n");
+ return 0;
+ } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
+ || (tag != ASN1_BOL)) {
+ ksmbd_debug(AUTH, "cls = %d con = %d tag = %d\n", cls, con,
+ tag);
+ return 0;
+ }
+
+ /* SPNEGO */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
+ || (tag != ASN1_SEQ)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ /* negTokenTarg */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
+ || (tag != ASN1_INT)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ /* negTokenTarg */
+ if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+ ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
+ return 0;
+ } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
+ || (tag != ASN1_OTS)) {
+ ksmbd_debug(AUTH,
+ "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
+ cls, con, tag, end, *end);
+ return 0;
+ }
+
+ mechTokenlen = ctx.end - ctx.pointer;
+ conn->mechToken = kmalloc(mechTokenlen + 1, GFP_KERNEL);
+ if (!conn->mechToken) {
+ ksmbd_err("memory allocation error\n");
+ return 0;
+ }
+
+ memcpy(conn->mechToken, ctx.pointer, mechTokenlen);
+ conn->mechToken[mechTokenlen] = '\0';
+
+ return 1;
+}
+
+static int compute_asn_hdr_len_bytes(int len)
+{
+ if (len > 0xFFFFFF)
+ return 4;
+ else if (len > 0xFFFF)
+ return 3;
+ else if (len > 0xFF)
+ return 2;
+ else if (len > 0x7F)
+ return 1;
+ else
+ return 0;
+}
+
+static void encode_asn_tag(char *buf,
+ unsigned int *ofs,
+ char tag,
+ char seq,
+ int length)
+{
+ int i;
+ int index = *ofs;
+ char hdr_len = compute_asn_hdr_len_bytes(length);
+ int len = length + 2 + hdr_len;
+
+ /* insert tag */
+ buf[index++] = tag;
+
+ if (!hdr_len)
+ buf[index++] = len;
+ else {
+ buf[index++] = 0x80 | hdr_len;
+ for (i = hdr_len - 1; i >= 0; i--)
+ buf[index++] = (len >> (i * 8)) & 0xFF;
+ }
+
+ /* insert seq */
+ len = len - (index - *ofs);
+ buf[index++] = seq;
+
+ if (!hdr_len)
+ buf[index++] = len;
+ else {
+ buf[index++] = 0x80 | hdr_len;
+ for (i = hdr_len - 1; i >= 0; i--)
+ buf[index++] = (len >> (i * 8)) & 0xFF;
+ }
+
+ *ofs += (index - *ofs);
+}
+
+int build_spnego_ntlmssp_neg_blob(unsigned char **pbuffer, u16 *buflen,
+ char *ntlm_blob, int ntlm_blob_len)
+{
+ char *buf;
+ unsigned int ofs = 0;
+ int neg_result_len = 4 + compute_asn_hdr_len_bytes(1) * 2 + 1;
+ int oid_len = 4 + compute_asn_hdr_len_bytes(NTLMSSP_OID_LEN) * 2 +
+ NTLMSSP_OID_LEN;
+ int ntlmssp_len = 4 + compute_asn_hdr_len_bytes(ntlm_blob_len) * 2 +
+ ntlm_blob_len;
+ int total_len = 4 + compute_asn_hdr_len_bytes(neg_result_len +
+ oid_len + ntlmssp_len) * 2 +
+ neg_result_len + oid_len + ntlmssp_len;
+
+ buf = kmalloc(total_len, GFP_KERNEL);
+ if (!buf)
+ return -ENOMEM;
+
+ /* insert main gss header */
+ encode_asn_tag(buf, &ofs, 0xa1, 0x30, neg_result_len + oid_len +
+ ntlmssp_len);
+
+ /* insert neg result */
+ encode_asn_tag(buf, &ofs, 0xa0, 0x0a, 1);
+ buf[ofs++] = 1;
+
+ /* insert oid */
+ encode_asn_tag(buf, &ofs, 0xa1, 0x06, NTLMSSP_OID_LEN);
+ memcpy(buf + ofs, NTLMSSP_OID_STR, NTLMSSP_OID_LEN);
+ ofs += NTLMSSP_OID_LEN;
+
+ /* insert response token - ntlmssp blob */
+ encode_asn_tag(buf, &ofs, 0xa2, 0x04, ntlm_blob_len);
+ memcpy(buf + ofs, ntlm_blob, ntlm_blob_len);
+ ofs += ntlm_blob_len;
+
+ *pbuffer = buf;
+ *buflen = total_len;
+ return 0;
+}
+
+int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer, u16 *buflen,
+ int neg_result)
+{
+ char *buf;
+ unsigned int ofs = 0;
+ int neg_result_len = 4 + compute_asn_hdr_len_bytes(1) * 2 + 1;
+ int total_len = 4 + compute_asn_hdr_len_bytes(neg_result_len) * 2 +
+ neg_result_len;
+
+ buf = kmalloc(total_len, GFP_KERNEL);
+ if (!buf)
+ return -ENOMEM;
+
+ /* insert main gss header */
+ encode_asn_tag(buf, &ofs, 0xa1, 0x30, neg_result_len);
+
+ /* insert neg result */
+ encode_asn_tag(buf, &ofs, 0xa0, 0x0a, 1);
+ if (neg_result)
+ buf[ofs++] = 2;
+ else
+ buf[ofs++] = 0;
+
+ *pbuffer = buf;
+ *buflen = total_len;
+ return 0;
+}
diff --git a/fs/cifsd/asn1.h b/fs/cifsd/asn1.h
new file mode 100644
index 000000000000..ff2692b502d6
--- /dev/null
+++ b/fs/cifsd/asn1.h
@@ -0,0 +1,29 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
+ * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
+ *
+ * Copyright (c) 2000 RP Internet (www.rpi.net.au)
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __ASN1_H__
+#define __ASN1_H__
+
+int ksmbd_decode_negTokenInit(unsigned char *security_blob,
+ int length,
+ struct ksmbd_conn *conn);
+
+int ksmbd_decode_negTokenTarg(unsigned char *security_blob,
+ int length,
+ struct ksmbd_conn *conn);
+
+int build_spnego_ntlmssp_neg_blob(unsigned char **pbuffer,
+ u16 *buflen,
+ char *ntlm_blob,
+ int ntlm_blob_len);
+
+int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer,
+ u16 *buflen,
+ int neg_result);
+#endif /* __ASN1_H__ */
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
new file mode 100644
index 000000000000..0a49c67a69d6
--- /dev/null
+++ b/fs/cifsd/auth.c
@@ -0,0 +1,1348 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/kernel.h>
+#include <linux/fs.h>
+#include <linux/uaccess.h>
+#include <linux/backing-dev.h>
+#include <linux/writeback.h>
+#include <linux/uio.h>
+#include <linux/xattr.h>
+#include <crypto/hash.h>
+#include <crypto/aead.h>
+#include <linux/random.h>
+#include <linux/scatterlist.h>
+
+#include "auth.h"
+#include "glob.h"
+
+#include <linux/fips.h>
+#include <crypto/des.h>
+
+#include "server.h"
+#include "smb_common.h"
+#include "connection.h"
+#include "mgmt/user_session.h"
+#include "mgmt/user_config.h"
+#include "crypto_ctx.h"
+#include "transport_ipc.h"
+#include "buffer_pool.h"
+
+/*
+ * Fixed format data defining GSS header and fixed string
+ * "not_defined_in_RFC4178@please_ignore".
+ * So sec blob data in neg phase could be generated statically.
+ */
+static char NEGOTIATE_GSS_HEADER[AUTH_GSS_LENGTH] = {
+#ifdef CONFIG_SMB_SERVER_KERBEROS5
+ 0x60, 0x5e, 0x06, 0x06, 0x2b, 0x06, 0x01, 0x05,
+ 0x05, 0x02, 0xa0, 0x54, 0x30, 0x52, 0xa0, 0x24,
+ 0x30, 0x22, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+ 0xf7, 0x12, 0x01, 0x02, 0x02, 0x06, 0x09, 0x2a,
+ 0x86, 0x48, 0x82, 0xf7, 0x12, 0x01, 0x02, 0x02,
+ 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82,
+ 0x37, 0x02, 0x02, 0x0a, 0xa3, 0x2a, 0x30, 0x28,
+ 0xa0, 0x26, 0x1b, 0x24, 0x6e, 0x6f, 0x74, 0x5f,
+ 0x64, 0x65, 0x66, 0x69, 0x6e, 0x65, 0x64, 0x5f,
+ 0x69, 0x6e, 0x5f, 0x52, 0x46, 0x43, 0x34, 0x31,
+ 0x37, 0x38, 0x40, 0x70, 0x6c, 0x65, 0x61, 0x73,
+ 0x65, 0x5f, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65
+#else
+ 0x60, 0x48, 0x06, 0x06, 0x2b, 0x06, 0x01, 0x05,
+ 0x05, 0x02, 0xa0, 0x3e, 0x30, 0x3c, 0xa0, 0x0e,
+ 0x30, 0x0c, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04,
+ 0x01, 0x82, 0x37, 0x02, 0x02, 0x0a, 0xa3, 0x2a,
+ 0x30, 0x28, 0xa0, 0x26, 0x1b, 0x24, 0x6e, 0x6f,
+ 0x74, 0x5f, 0x64, 0x65, 0x66, 0x69, 0x6e, 0x65,
+ 0x64, 0x5f, 0x69, 0x6e, 0x5f, 0x52, 0x46, 0x43,
+ 0x34, 0x31, 0x37, 0x38, 0x40, 0x70, 0x6c, 0x65,
+ 0x61, 0x73, 0x65, 0x5f, 0x69, 0x67, 0x6e, 0x6f,
+ 0x72, 0x65
+#endif
+};
+
+
+void ksmbd_copy_gss_neg_header(void *buf)
+{
+ memcpy(buf, NEGOTIATE_GSS_HEADER, AUTH_GSS_LENGTH);
+}
+
+static void
+str_to_key(unsigned char *str, unsigned char *key)
+{
+ int i;
+
+ key[0] = str[0] >> 1;
+ key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
+ key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
+ key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
+ key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
+ key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
+ key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
+ key[7] = str[6] & 0x7F;
+ for (i = 0; i < 8; i++)
+ key[i] = (key[i] << 1);
+}
+
+static int
+smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
+{
+ unsigned char key2[8];
+ struct des_ctx ctx;
+
+ str_to_key(key, key2);
+
+ if (fips_enabled) {
+ ksmbd_debug(AUTH,
+ "FIPS compliance enabled: DES not permitted\n");
+ return -ENOENT;
+ }
+
+ des_expand_key(&ctx, key2, DES_KEY_SIZE);
+ des_encrypt(&ctx, out, in);
+ memzero_explicit(&ctx, sizeof(ctx));
+ return 0;
+}
+
+static int ksmbd_enc_p24(unsigned char *p21,
+ const unsigned char *c8,
+ unsigned char *p24)
+{
+ int rc;
+
+ rc = smbhash(p24, c8, p21);
+ if (rc)
+ return rc;
+ rc = smbhash(p24 + 8, c8, p21 + 7);
+ if (rc)
+ return rc;
+ rc = smbhash(p24 + 16, c8, p21 + 14);
+ return rc;
+}
+
+/* produce a md4 message digest from data of length n bytes */
+static int ksmbd_enc_md4(unsigned char *md4_hash,
+ unsigned char *link_str,
+ int link_len)
+{
+ int rc;
+ struct ksmbd_crypto_ctx *ctx;
+
+ ctx = ksmbd_crypto_ctx_find_md4();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "Crypto md4 allocation error\n");
+ return -EINVAL;
+ }
+
+ rc = crypto_shash_init(CRYPTO_MD4(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not init md4 shash\n");
+ goto out;
+ }
+
+ rc = crypto_shash_update(CRYPTO_MD4(ctx), link_str, link_len);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not update with link_str\n");
+ goto out;
+ }
+
+ rc = crypto_shash_final(CRYPTO_MD4(ctx), md4_hash);
+ if (rc)
+ ksmbd_debug(AUTH, "Could not generate md4 hash\n");
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+static int ksmbd_enc_update_sess_key(unsigned char *md5_hash,
+ char *nonce,
+ char *server_challenge,
+ int len)
+{
+ int rc;
+ struct ksmbd_crypto_ctx *ctx;
+
+ ctx = ksmbd_crypto_ctx_find_md5();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "Crypto md5 allocation error\n");
+ return -EINVAL;
+ }
+
+ rc = crypto_shash_init(CRYPTO_MD5(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not init md5 shash\n");
+ goto out;
+ }
+
+ rc = crypto_shash_update(CRYPTO_MD5(ctx), server_challenge, len);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not update with challenge\n");
+ goto out;
+ }
+
+ rc = crypto_shash_update(CRYPTO_MD5(ctx), nonce, len);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not update with nonce\n");
+ goto out;
+ }
+
+ rc = crypto_shash_final(CRYPTO_MD5(ctx), md5_hash);
+ if (rc)
+ ksmbd_debug(AUTH, "Could not generate md5 hash\n");
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+/**
+ * ksmbd_gen_sess_key() - function to generate session key
+ * @sess: session of connection
+ * @hash: source hash value to be used for find session key
+ * @hmac: source hmac value to be used for finding session key
+ *
+ */
+static int ksmbd_gen_sess_key(struct ksmbd_session *sess,
+ char *hash,
+ char *hmac)
+{
+ struct ksmbd_crypto_ctx *ctx;
+ int rc = -EINVAL;
+
+ ctx = ksmbd_crypto_ctx_find_hmacmd5();
+ if (!ctx)
+ goto out;
+
+ rc = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
+ hash,
+ CIFS_HMAC_MD5_HASH_SIZE);
+ if (rc) {
+ ksmbd_debug(AUTH, "hmacmd5 set key fail error %d\n", rc);
+ goto out;
+ }
+
+ rc = crypto_shash_init(CRYPTO_HMACMD5(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "could not init hmacmd5 error %d\n", rc);
+ goto out;
+ }
+
+ rc = crypto_shash_update(CRYPTO_HMACMD5(ctx),
+ hmac,
+ SMB2_NTLMV2_SESSKEY_SIZE);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not update with response error %d\n",
+ rc);
+ goto out;
+ }
+
+ rc = crypto_shash_final(CRYPTO_HMACMD5(ctx), sess->sess_key);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n",
+ rc);
+ goto out;
+ }
+
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
+ char *dname)
+{
+ int ret = -EINVAL, len;
+ wchar_t *domain = NULL;
+ __le16 *uniname = NULL;
+ struct ksmbd_crypto_ctx *ctx;
+
+ ctx = ksmbd_crypto_ctx_find_hmacmd5();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "can't generate ntlmv2 hash\n");
+ goto out;
+ }
+
+ ret = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
+ user_passkey(sess->user),
+ CIFS_ENCPWD_SIZE);
+ if (ret) {
+ ksmbd_debug(AUTH, "Could not set NT Hash as a key\n");
+ goto out;
+ }
+
+ ret = crypto_shash_init(CRYPTO_HMACMD5(ctx));
+ if (ret) {
+ ksmbd_debug(AUTH, "could not init hmacmd5\n");
+ goto out;
+ }
+
+ /* convert user_name to unicode */
+ len = strlen(user_name(sess->user));
+ uniname = kzalloc(2 + UNICODE_LEN(len), GFP_KERNEL);
+ if (!uniname) {
+ ret = -ENOMEM;
+ goto out;
+ }
+
+ if (len) {
+ len = smb_strtoUTF16(uniname, user_name(sess->user), len,
+ sess->conn->local_nls);
+ UniStrupr(uniname);
+ }
+
+ ret = crypto_shash_update(CRYPTO_HMACMD5(ctx),
+ (char *)uniname,
+ UNICODE_LEN(len));
+ if (ret) {
+ ksmbd_debug(AUTH, "Could not update with user\n");
+ goto out;
+ }
+
+ /* Convert domain name or conn name to unicode and uppercase */
+ len = strlen(dname);
+ domain = kzalloc(2 + UNICODE_LEN(len), GFP_KERNEL);
+ if (!domain) {
+ ret = -ENOMEM;
+ goto out;
+ }
+
+ len = smb_strtoUTF16((__le16 *)domain, dname, len,
+ sess->conn->local_nls);
+
+ ret = crypto_shash_update(CRYPTO_HMACMD5(ctx),
+ (char *)domain,
+ UNICODE_LEN(len));
+ if (ret) {
+ ksmbd_debug(AUTH, "Could not update with domain\n");
+ goto out;
+ }
+
+ ret = crypto_shash_final(CRYPTO_HMACMD5(ctx), ntlmv2_hash);
+out:
+ if (ret)
+ ksmbd_debug(AUTH, "Could not generate md5 hash\n");
+ kfree(uniname);
+ kfree(domain);
+ ksmbd_release_crypto_ctx(ctx);
+ return ret;
+}
+
+/**
+ * ksmbd_auth_ntlm() - NTLM authentication handler
+ * @sess: session of connection
+ * @pw_buf: NTLM challenge response
+ * @passkey: user password
+ *
+ * Return: 0 on success, error number on error
+ */
+int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
+{
+ int rc;
+ unsigned char p21[21];
+ char key[CIFS_AUTH_RESP_SIZE];
+
+ memset(p21, '\0', 21);
+ memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE);
+ rc = ksmbd_enc_p24(p21, sess->ntlmssp.cryptkey, key);
+ if (rc) {
+ ksmbd_err("password processing failed\n");
+ return rc;
+ }
+
+ ksmbd_enc_md4(sess->sess_key,
+ user_passkey(sess->user),
+ CIFS_SMB1_SESSKEY_SIZE);
+ memcpy(sess->sess_key + CIFS_SMB1_SESSKEY_SIZE, key,
+ CIFS_AUTH_RESP_SIZE);
+ sess->sequence_number = 1;
+
+ if (strncmp(pw_buf, key, CIFS_AUTH_RESP_SIZE) != 0) {
+ ksmbd_debug(AUTH, "ntlmv1 authentication failed\n");
+ rc = -EINVAL;
+ } else
+ ksmbd_debug(AUTH, "ntlmv1 authentication pass\n");
+
+ return rc;
+}
+
+/**
+ * ksmbd_auth_ntlmv2() - NTLMv2 authentication handler
+ * @sess: session of connection
+ * @ntlmv2: NTLMv2 challenge response
+ * @blen: NTLMv2 blob length
+ * @domain_name: domain name
+ *
+ * Return: 0 on success, error number on error
+ */
+int ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
+ struct ntlmv2_resp *ntlmv2,
+ int blen,
+ char *domain_name)
+{
+ char ntlmv2_hash[CIFS_ENCPWD_SIZE];
+ char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE];
+ struct ksmbd_crypto_ctx *ctx;
+ char *construct = NULL;
+ int rc = -EINVAL, len;
+
+ ctx = ksmbd_crypto_ctx_find_hmacmd5();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not crypto alloc hmacmd5 rc %d\n", rc);
+ goto out;
+ }
+
+ rc = calc_ntlmv2_hash(sess, ntlmv2_hash, domain_name);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not get v2 hash rc %d\n", rc);
+ goto out;
+ }
+
+ rc = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
+ ntlmv2_hash,
+ CIFS_HMAC_MD5_HASH_SIZE);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not set NTLMV2 Hash as a key\n");
+ goto out;
+ }
+
+ rc = crypto_shash_init(CRYPTO_HMACMD5(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not init hmacmd5\n");
+ goto out;
+ }
+
+ len = CIFS_CRYPTO_KEY_SIZE + blen;
+ construct = kzalloc(len, GFP_KERNEL);
+ if (!construct) {
+ rc = -ENOMEM;
+ goto out;
+ }
+
+ memcpy(construct, sess->ntlmssp.cryptkey, CIFS_CRYPTO_KEY_SIZE);
+ memcpy(construct + CIFS_CRYPTO_KEY_SIZE,
+ (char *)(&ntlmv2->blob_signature), blen);
+
+ rc = crypto_shash_update(CRYPTO_HMACMD5(ctx), construct, len);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not update with response\n");
+ goto out;
+ }
+
+ rc = crypto_shash_final(CRYPTO_HMACMD5(ctx), ntlmv2_rsp);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not generate md5 hash\n");
+ goto out;
+ }
+
+ rc = ksmbd_gen_sess_key(sess, ntlmv2_hash, ntlmv2_rsp);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not generate sess key\n");
+ goto out;
+ }
+
+ rc = memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE);
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ kfree(construct);
+ return rc;
+}
+
+/**
+ * __ksmbd_auth_ntlmv2() - NTLM2(extended security) authentication handler
+ * @sess: session of connection
+ * @client_nonce: client nonce from LM response.
+ * @ntlm_resp: ntlm response data from client.
+ *
+ * Return: 0 on success, error number on error
+ */
+static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
+ char *client_nonce,
+ char *ntlm_resp)
+{
+ char sess_key[CIFS_SMB1_SESSKEY_SIZE] = {0};
+ int rc;
+ unsigned char p21[21];
+ char key[CIFS_AUTH_RESP_SIZE];
+
+ rc = ksmbd_enc_update_sess_key(sess_key,
+ client_nonce,
+ (char *)sess->ntlmssp.cryptkey, 8);
+ if (rc) {
+ ksmbd_err("password processing failed\n");
+ goto out;
+ }
+
+ memset(p21, '\0', 21);
+ memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE);
+ rc = ksmbd_enc_p24(p21, sess_key, key);
+ if (rc) {
+ ksmbd_err("password processing failed\n");
+ goto out;
+ }
+
+ rc = memcmp(ntlm_resp, key, CIFS_AUTH_RESP_SIZE);
+out:
+ return rc;
+}
+
+/**
+ * ksmbd_decode_ntlmssp_auth_blob() - helper function to construct
+ * authenticate blob
+ * @authblob: authenticate blob source pointer
+ * @usr: user details
+ * @sess: session of connection
+ *
+ * Return: 0 on success, error number on error
+ */
+int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
+ int blob_len,
+ struct ksmbd_session *sess)
+{
+ char *domain_name;
+ unsigned int lm_off, nt_off;
+ unsigned short nt_len;
+ int ret;
+
+ if (blob_len < sizeof(struct authenticate_message)) {
+ ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
+ blob_len);
+ return -EINVAL;
+ }
+
+ if (memcmp(authblob->Signature, "NTLMSSP", 8)) {
+ ksmbd_debug(AUTH, "blob signature incorrect %s\n",
+ authblob->Signature);
+ return -EINVAL;
+ }
+
+ lm_off = le32_to_cpu(authblob->LmChallengeResponse.BufferOffset);
+ nt_off = le32_to_cpu(authblob->NtChallengeResponse.BufferOffset);
+ nt_len = le16_to_cpu(authblob->NtChallengeResponse.Length);
+
+ /* process NTLM authentication */
+ if (nt_len == CIFS_AUTH_RESP_SIZE) {
+ if (le32_to_cpu(authblob->NegotiateFlags)
+ & NTLMSSP_NEGOTIATE_EXTENDED_SEC)
+ return __ksmbd_auth_ntlmv2(sess, (char *)authblob +
+ lm_off, (char *)authblob + nt_off);
+ else
+ return ksmbd_auth_ntlm(sess, (char *)authblob +
+ nt_off);
+ }
+
+ /* TODO : use domain name that imported from configuration file */
+ domain_name = smb_strndup_from_utf16(
+ (const char *)authblob +
+ le32_to_cpu(authblob->DomainName.BufferOffset),
+ le16_to_cpu(authblob->DomainName.Length), true,
+ sess->conn->local_nls);
+ if (IS_ERR(domain_name))
+ return PTR_ERR(domain_name);
+
+ /* process NTLMv2 authentication */
+ ksmbd_debug(AUTH, "decode_ntlmssp_authenticate_blob dname%s\n",
+ domain_name);
+ ret = ksmbd_auth_ntlmv2(sess,
+ (struct ntlmv2_resp *)((char *)authblob + nt_off),
+ nt_len - CIFS_ENCPWD_SIZE,
+ domain_name);
+ kfree(domain_name);
+ return ret;
+}
+
+/**
+ * ksmbd_decode_ntlmssp_neg_blob() - helper function to construct
+ * negotiate blob
+ * @negblob: negotiate blob source pointer
+ * @rsp: response header pointer to be updated
+ * @sess: session of connection
+ *
+ */
+int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
+ int blob_len,
+ struct ksmbd_session *sess)
+{
+ if (blob_len < sizeof(struct negotiate_message)) {
+ ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
+ blob_len);
+ return -EINVAL;
+ }
+
+ if (memcmp(negblob->Signature, "NTLMSSP", 8)) {
+ ksmbd_debug(AUTH, "blob signature incorrect %s\n",
+ negblob->Signature);
+ return -EINVAL;
+ }
+
+ sess->ntlmssp.client_flags = le32_to_cpu(negblob->NegotiateFlags);
+ return 0;
+}
+
+/**
+ * ksmbd_build_ntlmssp_challenge_blob() - helper function to construct
+ * challenge blob
+ * @chgblob: challenge blob source pointer to initialize
+ * @rsp: response header pointer to be updated
+ * @sess: session of connection
+ *
+ */
+unsigned int
+ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
+ struct ksmbd_session *sess)
+{
+ struct target_info *tinfo;
+ wchar_t *name;
+ __u8 *target_name;
+ unsigned int len, flags, blob_off, blob_len, type, target_info_len = 0;
+ int cflags = sess->ntlmssp.client_flags;
+
+ memcpy(chgblob->Signature, NTLMSSP_SIGNATURE, 8);
+ chgblob->MessageType = NtLmChallenge;
+
+ flags = NTLMSSP_NEGOTIATE_UNICODE |
+ NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_TARGET_TYPE_SERVER |
+ NTLMSSP_NEGOTIATE_TARGET_INFO;
+
+ if (cflags & NTLMSSP_NEGOTIATE_SIGN) {
+ flags |= NTLMSSP_NEGOTIATE_SIGN;
+ flags |= cflags & (NTLMSSP_NEGOTIATE_128 |
+ NTLMSSP_NEGOTIATE_56);
+ }
+
+ if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
+ flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
+
+ if (cflags & NTLMSSP_REQUEST_TARGET)
+ flags |= NTLMSSP_REQUEST_TARGET;
+
+ if (sess->conn->use_spnego &&
+ (cflags & NTLMSSP_NEGOTIATE_EXTENDED_SEC))
+ flags |= NTLMSSP_NEGOTIATE_EXTENDED_SEC;
+
+ chgblob->NegotiateFlags = cpu_to_le32(flags);
+ len = strlen(ksmbd_netbios_name());
+ name = kmalloc(2 + (len * 2), GFP_KERNEL);
+ if (!name)
+ return -ENOMEM;
+
+ len = smb_strtoUTF16((__le16 *)name, ksmbd_netbios_name(), len,
+ sess->conn->local_nls);
+ len = UNICODE_LEN(len);
+
+ blob_off = sizeof(struct challenge_message);
+ blob_len = blob_off + len;
+
+ chgblob->TargetName.Length = cpu_to_le16(len);
+ chgblob->TargetName.MaximumLength = cpu_to_le16(len);
+ chgblob->TargetName.BufferOffset = cpu_to_le32(blob_off);
+
+ /* Initialize random conn challenge */
+ get_random_bytes(sess->ntlmssp.cryptkey, sizeof(__u64));
+ memcpy(chgblob->Challenge, sess->ntlmssp.cryptkey,
+ CIFS_CRYPTO_KEY_SIZE);
+
+ /* Add Target Information to security buffer */
+ chgblob->TargetInfoArray.BufferOffset = cpu_to_le32(blob_len);
+
+ target_name = (__u8 *)chgblob + blob_off;
+ memcpy(target_name, name, len);
+ tinfo = (struct target_info *)(target_name + len);
+
+ chgblob->TargetInfoArray.Length = 0;
+ /* Add target info list for NetBIOS/DNS settings */
+ for (type = NTLMSSP_AV_NB_COMPUTER_NAME;
+ type <= NTLMSSP_AV_DNS_DOMAIN_NAME; type++) {
+ tinfo->Type = cpu_to_le16(type);
+ tinfo->Length = cpu_to_le16(len);
+ memcpy(tinfo->Content, name, len);
+ tinfo = (struct target_info *)((char *)tinfo + 4 + len);
+ target_info_len += 4 + len;
+ }
+
+ /* Add terminator subblock */
+ tinfo->Type = 0;
+ tinfo->Length = 0;
+ target_info_len += 4;
+
+ chgblob->TargetInfoArray.Length = cpu_to_le16(target_info_len);
+ chgblob->TargetInfoArray.MaximumLength = cpu_to_le16(target_info_len);
+ blob_len += target_info_len;
+ kfree(name);
+ ksmbd_debug(AUTH, "NTLMSSP SecurityBufferLength %d\n", blob_len);
+ return blob_len;
+}
+
+#ifdef CONFIG_SMB_SERVER_KERBEROS5
+int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
+ char *in_blob, int in_len,
+ char *out_blob, int *out_len)
+{
+ struct ksmbd_spnego_authen_response *resp;
+ struct ksmbd_user *user = NULL;
+ int retval;
+
+ resp = ksmbd_ipc_spnego_authen_request(in_blob, in_len);
+ if (!resp) {
+ ksmbd_debug(AUTH, "SPNEGO_AUTHEN_REQUEST failure\n");
+ return -EINVAL;
+ }
+
+ if (!(resp->login_response.status & KSMBD_USER_FLAG_OK)) {
+ ksmbd_debug(AUTH, "krb5 authentication failure\n");
+ retval = -EPERM;
+ goto out;
+ }
+
+ if (*out_len <= resp->spnego_blob_len) {
+ ksmbd_debug(AUTH, "buf len %d, but blob len %d\n",
+ *out_len, resp->spnego_blob_len);
+ retval = -EINVAL;
+ goto out;
+ }
+
+ if (resp->session_key_len > sizeof(sess->sess_key)) {
+ ksmbd_debug(AUTH, "session key is too long\n");
+ retval = -EINVAL;
+ goto out;
+ }
+
+ user = ksmbd_alloc_user(&resp->login_response);
+ if (!user) {
+ ksmbd_debug(AUTH, "login failure\n");
+ retval = -ENOMEM;
+ goto out;
+ }
+ sess->user = user;
+
+ memcpy(sess->sess_key, resp->payload, resp->session_key_len);
+ memcpy(out_blob, resp->payload + resp->session_key_len,
+ resp->spnego_blob_len);
+ *out_len = resp->spnego_blob_len;
+ retval = 0;
+out:
+ ksmbd_free(resp);
+ return retval;
+}
+#else
+int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
+ char *in_blob, int in_len,
+ char *out_blob, int *out_len)
+{
+ return -EOPNOTSUPP;
+}
+#endif
+
+/**
+ * ksmbd_sign_smb2_pdu() - function to generate packet signing
+ * @conn: connection
+ * @key: signing key
+ * @iov: buffer iov array
+ * @n_vec: number of iovecs
+ * @sig: signature value generated for client request packet
+ *
+ */
+int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn,
+ char *key,
+ struct kvec *iov,
+ int n_vec,
+ char *sig)
+{
+ struct ksmbd_crypto_ctx *ctx;
+ int rc = -EINVAL;
+ int i;
+
+ ctx = ksmbd_crypto_ctx_find_hmacsha256();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not crypto alloc hmacmd5 rc %d\n", rc);
+ goto out;
+ }
+
+ rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),
+ key,
+ SMB2_NTLMV2_SESSKEY_SIZE);
+ if (rc)
+ goto out;
+
+ rc = crypto_shash_init(CRYPTO_HMACSHA256(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "hmacsha256 init error %d\n", rc);
+ goto out;
+ }
+
+ for (i = 0; i < n_vec; i++) {
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),
+ iov[i].iov_base,
+ iov[i].iov_len);
+ if (rc) {
+ ksmbd_debug(AUTH, "hmacsha256 update error %d\n", rc);
+ goto out;
+ }
+ }
+
+ rc = crypto_shash_final(CRYPTO_HMACSHA256(ctx), sig);
+ if (rc)
+ ksmbd_debug(AUTH, "hmacsha256 generation error %d\n", rc);
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+/**
+ * ksmbd_sign_smb3_pdu() - function to generate packet signing
+ * @conn: connection
+ * @key: signing key
+ * @iov: buffer iov array
+ * @n_vec: number of iovecs
+ * @sig: signature value generated for client request packet
+ *
+ */
+int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn,
+ char *key,
+ struct kvec *iov,
+ int n_vec,
+ char *sig)
+{
+ struct ksmbd_crypto_ctx *ctx;
+ int rc = -EINVAL;
+ int i;
+
+ ctx = ksmbd_crypto_ctx_find_cmacaes();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not crypto alloc cmac rc %d\n", rc);
+ goto out;
+ }
+
+ rc = crypto_shash_setkey(CRYPTO_CMACAES_TFM(ctx),
+ key,
+ SMB2_CMACAES_SIZE);
+ if (rc)
+ goto out;
+
+ rc = crypto_shash_init(CRYPTO_CMACAES(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "cmaces init error %d\n", rc);
+ goto out;
+ }
+
+ for (i = 0; i < n_vec; i++) {
+ rc = crypto_shash_update(CRYPTO_CMACAES(ctx),
+ iov[i].iov_base,
+ iov[i].iov_len);
+ if (rc) {
+ ksmbd_debug(AUTH, "cmaces update error %d\n", rc);
+ goto out;
+ }
+ }
+
+ rc = crypto_shash_final(CRYPTO_CMACAES(ctx), sig);
+ if (rc)
+ ksmbd_debug(AUTH, "cmaces generation error %d\n", rc);
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+struct derivation {
+ struct kvec label;
+ struct kvec context;
+ bool binding;
+};
+
+static int generate_key(struct ksmbd_session *sess, struct kvec label,
+ struct kvec context, __u8 *key, unsigned int key_size)
+{
+ unsigned char zero = 0x0;
+ __u8 i[4] = {0, 0, 0, 1};
+ __u8 L[4] = {0, 0, 0, 128};
+ int rc = -EINVAL;
+ unsigned char prfhash[SMB2_HMACSHA256_SIZE];
+ unsigned char *hashptr = prfhash;
+ struct ksmbd_crypto_ctx *ctx;
+
+ memset(prfhash, 0x0, SMB2_HMACSHA256_SIZE);
+ memset(key, 0x0, key_size);
+
+ ctx = ksmbd_crypto_ctx_find_hmacsha256();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not crypto alloc hmacmd5 rc %d\n", rc);
+ goto smb3signkey_ret;
+ }
+
+ rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),
+ sess->sess_key,
+ SMB2_NTLMV2_SESSKEY_SIZE);
+ if (rc)
+ goto smb3signkey_ret;
+
+ rc = crypto_shash_init(CRYPTO_HMACSHA256(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "hmacsha256 init error %d\n", rc);
+ goto smb3signkey_ret;
+ }
+
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), i, 4);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with n\n");
+ goto smb3signkey_ret;
+ }
+
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),
+ label.iov_base,
+ label.iov_len);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with label\n");
+ goto smb3signkey_ret;
+ }
+
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), &zero, 1);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with zero\n");
+ goto smb3signkey_ret;
+ }
+
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),
+ context.iov_base,
+ context.iov_len);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with context\n");
+ goto smb3signkey_ret;
+ }
+
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L, 4);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with L\n");
+ goto smb3signkey_ret;
+ }
+
+ rc = crypto_shash_final(CRYPTO_HMACSHA256(ctx), hashptr);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n",
+ rc);
+ goto smb3signkey_ret;
+ }
+
+ memcpy(key, hashptr, key_size);
+
+smb3signkey_ret:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+static int generate_smb3signingkey(struct ksmbd_session *sess,
+ const struct derivation *signing)
+{
+ int rc;
+ struct channel *chann;
+ char *key;
+
+ chann = lookup_chann_list(sess);
+ if (!chann)
+ return 0;
+
+ if (sess->conn->dialect >= SMB30_PROT_ID && signing->binding)
+ key = chann->smb3signingkey;
+ else
+ key = sess->smb3signingkey;
+
+ rc = generate_key(sess, signing->label, signing->context, key,
+ SMB3_SIGN_KEY_SIZE);
+ if (rc)
+ return rc;
+
+ if (!(sess->conn->dialect >= SMB30_PROT_ID && signing->binding))
+ memcpy(chann->smb3signingkey, key, SMB3_SIGN_KEY_SIZE);
+
+ ksmbd_debug(AUTH, "dumping generated AES signing keys\n");
+ ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
+ ksmbd_debug(AUTH, "Session Key %*ph\n",
+ SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
+ ksmbd_debug(AUTH, "Signing Key %*ph\n",
+ SMB3_SIGN_KEY_SIZE, key);
+ return rc;
+}
+
+int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess)
+{
+ struct derivation d;
+
+ d.label.iov_base = "SMB2AESCMAC";
+ d.label.iov_len = 12;
+ d.context.iov_base = "SmbSign";
+ d.context.iov_len = 8;
+ d.binding = false;
+
+ return generate_smb3signingkey(sess, &d);
+}
+
+int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess)
+{
+ struct derivation d;
+
+ d.label.iov_base = "SMBSigningKey";
+ d.label.iov_len = 14;
+ d.context.iov_base = sess->Preauth_HashValue;
+ d.context.iov_len = 64;
+ d.binding = false;
+
+ return generate_smb3signingkey(sess, &d);
+}
+
+struct derivation_twin {
+ struct derivation encryption;
+ struct derivation decryption;
+};
+
+static int generate_smb3encryptionkey(struct ksmbd_session *sess,
+ const struct derivation_twin *ptwin)
+{
+ int rc;
+
+ rc = generate_key(sess, ptwin->encryption.label,
+ ptwin->encryption.context, sess->smb3encryptionkey,
+ SMB3_SIGN_KEY_SIZE);
+ if (rc)
+ return rc;
+
+ rc = generate_key(sess, ptwin->decryption.label,
+ ptwin->decryption.context,
+ sess->smb3decryptionkey, SMB3_SIGN_KEY_SIZE);
+ if (rc)
+ return rc;
+
+ ksmbd_debug(AUTH, "dumping generated AES encryption keys\n");
+ ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
+ ksmbd_debug(AUTH, "Session Key %*ph\n",
+ SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
+ ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
+ SMB3_SIGN_KEY_SIZE, sess->smb3encryptionkey);
+ ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
+ SMB3_SIGN_KEY_SIZE, sess->smb3decryptionkey);
+ return rc;
+}
+
+int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess)
+{
+ struct derivation_twin twin;
+ struct derivation *d;
+
+ d = &twin.encryption;
+ d->label.iov_base = "SMB2AESCCM";
+ d->label.iov_len = 11;
+ d->context.iov_base = "ServerOut";
+ d->context.iov_len = 10;
+
+ d = &twin.decryption;
+ d->label.iov_base = "SMB2AESCCM";
+ d->label.iov_len = 11;
+ d->context.iov_base = "ServerIn ";
+ d->context.iov_len = 10;
+
+ return generate_smb3encryptionkey(sess, &twin);
+}
+
+int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess)
+{
+ struct derivation_twin twin;
+ struct derivation *d;
+
+ d = &twin.encryption;
+ d->label.iov_base = "SMBS2CCipherKey";
+ d->label.iov_len = 16;
+ d->context.iov_base = sess->Preauth_HashValue;
+ d->context.iov_len = 64;
+
+ d = &twin.decryption;
+ d->label.iov_base = "SMBC2SCipherKey";
+ d->label.iov_len = 16;
+ d->context.iov_base = sess->Preauth_HashValue;
+ d->context.iov_len = 64;
+
+ return generate_smb3encryptionkey(sess, &twin);
+}
+
+int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn,
+ char *buf,
+ __u8 *pi_hash)
+{
+ int rc = -1;
+ struct smb2_hdr *rcv_hdr = (struct smb2_hdr *)buf;
+ char *all_bytes_msg = (char *)&rcv_hdr->ProtocolId;
+ int msg_size = be32_to_cpu(rcv_hdr->smb2_buf_length);
+ struct ksmbd_crypto_ctx *ctx = NULL;
+
+ if (conn->preauth_info->Preauth_HashId ==
+ SMB2_PREAUTH_INTEGRITY_SHA512) {
+ ctx = ksmbd_crypto_ctx_find_sha512();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not alloc sha512 rc %d\n", rc);
+ goto out;
+ }
+ } else
+ goto out;
+
+ rc = crypto_shash_init(CRYPTO_SHA512(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "could not init shashn");
+ goto out;
+ }
+
+ rc = crypto_shash_update(CRYPTO_SHA512(ctx), pi_hash, 64);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with n\n");
+ goto out;
+ }
+
+ rc = crypto_shash_update(CRYPTO_SHA512(ctx), all_bytes_msg, msg_size);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with n\n");
+ goto out;
+ }
+
+ rc = crypto_shash_final(CRYPTO_SHA512(ctx), pi_hash);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not generate hash err : %d\n", rc);
+ goto out;
+ }
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
+ __u8 *pi_hash)
+{
+ int rc = -1;
+ struct ksmbd_crypto_ctx *ctx = NULL;
+
+ ctx = ksmbd_crypto_ctx_find_sha256();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not alloc sha256 rc %d\n", rc);
+ goto out;
+ }
+
+ rc = crypto_shash_init(CRYPTO_SHA256(ctx));
+ if (rc) {
+ ksmbd_debug(AUTH, "could not init shashn");
+ goto out;
+ }
+
+ rc = crypto_shash_update(CRYPTO_SHA256(ctx), sd_buf, len);
+ if (rc) {
+ ksmbd_debug(AUTH, "could not update with n\n");
+ goto out;
+ }
+
+ rc = crypto_shash_final(CRYPTO_SHA256(ctx), pi_hash);
+ if (rc) {
+ ksmbd_debug(AUTH, "Could not generate hash err : %d\n", rc);
+ goto out;
+ }
+out:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
+
+static int ksmbd_get_encryption_key(struct ksmbd_conn *conn,
+ __u64 ses_id,
+ int enc,
+ u8 *key)
+{
+ struct ksmbd_session *sess;
+ u8 *ses_enc_key;
+
+ sess = ksmbd_session_lookup(conn, ses_id);
+ if (!sess)
+ return 1;
+
+ ses_enc_key = enc ? sess->smb3encryptionkey :
+ sess->smb3decryptionkey;
+ memcpy(key, ses_enc_key, SMB3_SIGN_KEY_SIZE);
+
+ return 0;
+}
+
+static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf,
+ unsigned int buflen)
+{
+ void *addr;
+
+ if (is_vmalloc_addr(buf))
+ addr = vmalloc_to_page(buf);
+ else
+ addr = virt_to_page(buf);
+ sg_set_page(sg, addr, buflen, offset_in_page(buf));
+}
+
+static struct scatterlist *ksmbd_init_sg(struct kvec *iov,
+ unsigned int nvec,
+ u8 *sign)
+{
+ struct scatterlist *sg;
+ unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
+ int i, nr_entries[3] = {0}, total_entries = 0, sg_idx = 0;
+
+ for (i = 0; i < nvec - 1; i++) {
+ unsigned long kaddr = (unsigned long)iov[i + 1].iov_base;
+
+ if (is_vmalloc_addr(iov[i + 1].iov_base)) {
+ nr_entries[i] = ((kaddr + iov[i + 1].iov_len +
+ PAGE_SIZE - 1) >> PAGE_SHIFT) -
+ (kaddr >> PAGE_SHIFT);
+ } else
+ nr_entries[i]++;
+ total_entries += nr_entries[i];
+ }
+
+ /* Add two entries for transform header and signature */
+ total_entries += 2;
+
+ sg = kmalloc_array(total_entries, sizeof(struct scatterlist), GFP_KERNEL);
+ if (!sg)
+ return NULL;
+
+ sg_init_table(sg, total_entries);
+ smb2_sg_set_buf(&sg[sg_idx++], iov[0].iov_base + 24, assoc_data_len);
+ for (i = 0; i < nvec - 1; i++) {
+ void *data = iov[i + 1].iov_base;
+ int len = iov[i + 1].iov_len;
+
+ if (is_vmalloc_addr(data)) {
+ int j, offset = offset_in_page(data);
+
+ for (j = 0; j < nr_entries[i]; j++) {
+ unsigned int bytes = PAGE_SIZE - offset;
+
+ if (len <= 0)
+ break;
+
+ if (bytes > len)
+ bytes = len;
+
+ sg_set_page(&sg[sg_idx++],
+ vmalloc_to_page(data), bytes,
+ offset_in_page(data));
+
+ data += bytes;
+ len -= bytes;
+ offset = 0;
+ }
+ } else {
+ sg_set_page(&sg[sg_idx++], virt_to_page(data), len,
+ offset_in_page(data));
+ }
+
+ }
+ smb2_sg_set_buf(&sg[sg_idx], sign, SMB2_SIGNATURE_SIZE);
+ return sg;
+}
+
+int ksmbd_crypt_message(struct ksmbd_conn *conn,
+ struct kvec *iov,
+ unsigned int nvec,
+ int enc)
+{
+ struct smb2_transform_hdr *tr_hdr =
+ (struct smb2_transform_hdr *)iov[0].iov_base;
+ unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
+ int rc = 0;
+ struct scatterlist *sg;
+ u8 sign[SMB2_SIGNATURE_SIZE] = {};
+ u8 key[SMB3_SIGN_KEY_SIZE];
+ struct aead_request *req;
+ char *iv;
+ unsigned int iv_len;
+ struct crypto_aead *tfm;
+ unsigned int crypt_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
+ struct ksmbd_crypto_ctx *ctx;
+
+ rc = ksmbd_get_encryption_key(conn,
+ le64_to_cpu(tr_hdr->SessionId),
+ enc,
+ key);
+ if (rc) {
+ ksmbd_err("Could not get %scryption key\n", enc ? "en" : "de");
+ return 0;
+ }
+
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ ctx = ksmbd_crypto_ctx_find_gcm();
+ else
+ ctx = ksmbd_crypto_ctx_find_ccm();
+ if (!ctx) {
+ ksmbd_err("crypto alloc failed\n");
+ return -EINVAL;
+ }
+
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ tfm = CRYPTO_GCM(ctx);
+ else
+ tfm = CRYPTO_CCM(ctx);
+
+ rc = crypto_aead_setkey(tfm, key, SMB3_SIGN_KEY_SIZE);
+ if (rc) {
+ ksmbd_err("Failed to set aead key %d\n", rc);
+ goto free_ctx;
+ }
+
+ rc = crypto_aead_setauthsize(tfm, SMB2_SIGNATURE_SIZE);
+ if (rc) {
+ ksmbd_err("Failed to set authsize %d\n", rc);
+ goto free_ctx;
+ }
+
+ req = aead_request_alloc(tfm, GFP_KERNEL);
+ if (!req) {
+ ksmbd_err("Failed to alloc aead request\n");
+ rc = -ENOMEM;
+ goto free_ctx;
+ }
+
+ if (!enc) {
+ memcpy(sign, &tr_hdr->Signature, SMB2_SIGNATURE_SIZE);
+ crypt_len += SMB2_SIGNATURE_SIZE;
+ }
+
+ sg = ksmbd_init_sg(iov, nvec, sign);
+ if (!sg) {
+ ksmbd_err("Failed to init sg\n");
+ rc = -ENOMEM;
+ goto free_req;
+ }
+
+ iv_len = crypto_aead_ivsize(tfm);
+ iv = kzalloc(iv_len, GFP_KERNEL);
+ if (!iv) {
+ ksmbd_err("Failed to alloc IV\n");
+ rc = -ENOMEM;
+ goto free_sg;
+ }
+
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else {
+ iv[0] = 3;
+ memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ }
+
+ aead_request_set_crypt(req, sg, sg, crypt_len, iv);
+ aead_request_set_ad(req, assoc_data_len);
+ aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
+
+ if (enc)
+ rc = crypto_aead_encrypt(req);
+ else
+ rc = crypto_aead_decrypt(req);
+ if (!rc && enc)
+ memcpy(&tr_hdr->Signature, sign, SMB2_SIGNATURE_SIZE);
+
+ kfree(iv);
+free_sg:
+ kfree(sg);
+free_req:
+ kfree(req);
+free_ctx:
+ ksmbd_release_crypto_ctx(ctx);
+ return rc;
+}
diff --git a/fs/cifsd/auth.h b/fs/cifsd/auth.h
new file mode 100644
index 000000000000..6fcfad5e7e1f
--- /dev/null
+++ b/fs/cifsd/auth.h
@@ -0,0 +1,90 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __AUTH_H__
+#define __AUTH_H__
+
+#include "ntlmssp.h"
+
+#ifdef CONFIG_SMB_SERVER_KERBEROS5
+#define AUTH_GSS_LENGTH 96
+#define AUTH_GSS_PADDING 0
+#else
+#define AUTH_GSS_LENGTH 74
+#define AUTH_GSS_PADDING 6
+#endif
+
+#define CIFS_HMAC_MD5_HASH_SIZE (16)
+#define CIFS_NTHASH_SIZE (16)
+
+/*
+ * Size of the ntlm client response
+ */
+#define CIFS_AUTH_RESP_SIZE 24
+#define CIFS_SMB1_SIGNATURE_SIZE 8
+#define CIFS_SMB1_SESSKEY_SIZE 16
+
+#define KSMBD_AUTH_NTLMSSP 0x0001
+#define KSMBD_AUTH_KRB5 0x0002
+#define KSMBD_AUTH_MSKRB5 0x0004
+#define KSMBD_AUTH_KRB5U2U 0x0008
+
+struct ksmbd_session;
+struct ksmbd_conn;
+struct kvec;
+
+int ksmbd_crypt_message(struct ksmbd_conn *conn,
+ struct kvec *iov,
+ unsigned int nvec,
+ int enc);
+
+void ksmbd_copy_gss_neg_header(void *buf);
+
+int ksmbd_auth_ntlm(struct ksmbd_session *sess,
+ char *pw_buf);
+
+int ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
+ struct ntlmv2_resp *ntlmv2,
+ int blen,
+ char *domain_name);
+
+int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
+ int blob_len,
+ struct ksmbd_session *sess);
+
+int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
+ int blob_len,
+ struct ksmbd_session *sess);
+
+unsigned int
+ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
+ struct ksmbd_session *sess);
+
+int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
+ char *in_blob, int in_len,
+ char *out_blob, int *out_len);
+
+int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn,
+ char *key,
+ struct kvec *iov,
+ int n_vec,
+ char *sig);
+int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn,
+ char *key,
+ struct kvec *iov,
+ int n_vec,
+ char *sig);
+
+int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess);
+int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess);
+int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess);
+int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess);
+
+int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn,
+ char *buf,
+ __u8 *pi_hash);
+int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
+ __u8 *pi_hash);
+#endif
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
new file mode 100644
index 000000000000..15d7e2f7c3d7
--- /dev/null
+++ b/fs/cifsd/crypto_ctx.c
@@ -0,0 +1,287 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2019 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/kernel.h>
+#include <linux/string.h>
+#include <linux/err.h>
+#include <linux/slab.h>
+#include <linux/wait.h>
+#include <linux/sched.h>
+#include <linux/version.h>
+
+#include "glob.h"
+#include "crypto_ctx.h"
+#include "buffer_pool.h"
+
+struct crypto_ctx_list {
+ spinlock_t ctx_lock;
+ int avail_ctx;
+ struct list_head idle_ctx;
+ wait_queue_head_t ctx_wait;
+};
+
+static struct crypto_ctx_list ctx_list;
+
+static inline void free_aead(struct crypto_aead *aead)
+{
+ if (aead)
+ crypto_free_aead(aead);
+}
+
+static void free_shash(struct shash_desc *shash)
+{
+ if (shash) {
+ crypto_free_shash(shash->tfm);
+ kfree(shash);
+ }
+}
+
+static struct crypto_aead *alloc_aead(int id)
+{
+ struct crypto_aead *tfm = NULL;
+
+ switch (id) {
+ case CRYPTO_AEAD_AES128_GCM:
+ tfm = crypto_alloc_aead("gcm(aes)", 0, 0);
+ break;
+ case CRYPTO_AEAD_AES128_CCM:
+ tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
+ break;
+ default:
+ ksmbd_err("Does not support encrypt ahead(id : %d)\n", id);
+ return NULL;
+ }
+
+ if (IS_ERR(tfm)) {
+ ksmbd_err("Failed to alloc encrypt aead : %ld\n", PTR_ERR(tfm));
+ return NULL;
+ }
+
+ return tfm;
+}
+
+static struct shash_desc *alloc_shash_desc(int id)
+{
+ struct crypto_shash *tfm = NULL;
+ struct shash_desc *shash;
+
+ switch (id) {
+ case CRYPTO_SHASH_HMACMD5:
+ tfm = crypto_alloc_shash("hmac(md5)", 0, 0);
+ break;
+ case CRYPTO_SHASH_HMACSHA256:
+ tfm = crypto_alloc_shash("hmac(sha256)", 0, 0);
+ break;
+ case CRYPTO_SHASH_CMACAES:
+ tfm = crypto_alloc_shash("cmac(aes)", 0, 0);
+ break;
+ case CRYPTO_SHASH_SHA256:
+ tfm = crypto_alloc_shash("sha256", 0, 0);
+ break;
+ case CRYPTO_SHASH_SHA512:
+ tfm = crypto_alloc_shash("sha512", 0, 0);
+ break;
+ case CRYPTO_SHASH_MD4:
+ tfm = crypto_alloc_shash("md4", 0, 0);
+ break;
+ case CRYPTO_SHASH_MD5:
+ tfm = crypto_alloc_shash("md5", 0, 0);
+ break;
+ }
+
+ if (IS_ERR(tfm))
+ return NULL;
+
+ shash = kzalloc(sizeof(*shash) + crypto_shash_descsize(tfm),
+ GFP_KERNEL);
+ if (!shash)
+ crypto_free_shash(tfm);
+ else
+ shash->tfm = tfm;
+ return shash;
+}
+
+static struct ksmbd_crypto_ctx *ctx_alloc(void)
+{
+ return ksmbd_alloc(sizeof(struct ksmbd_crypto_ctx));
+}
+
+static void ctx_free(struct ksmbd_crypto_ctx *ctx)
+{
+ int i;
+
+ for (i = 0; i < CRYPTO_SHASH_MAX; i++)
+ free_shash(ctx->desc[i]);
+ for (i = 0; i < CRYPTO_AEAD_MAX; i++)
+ free_aead(ctx->ccmaes[i]);
+ ksmbd_free(ctx);
+}
+
+static struct ksmbd_crypto_ctx *ksmbd_find_crypto_ctx(void)
+{
+ struct ksmbd_crypto_ctx *ctx;
+
+ while (1) {
+ spin_lock(&ctx_list.ctx_lock);
+ if (!list_empty(&ctx_list.idle_ctx)) {
+ ctx = list_entry(ctx_list.idle_ctx.next,
+ struct ksmbd_crypto_ctx,
+ list);
+ list_del(&ctx->list);
+ spin_unlock(&ctx_list.ctx_lock);
+ return ctx;
+ }
+
+ if (ctx_list.avail_ctx > num_online_cpus()) {
+ spin_unlock(&ctx_list.ctx_lock);
+ wait_event(ctx_list.ctx_wait,
+ !list_empty(&ctx_list.idle_ctx));
+ continue;
+ }
+
+ ctx_list.avail_ctx++;
+ spin_unlock(&ctx_list.ctx_lock);
+
+ ctx = ctx_alloc();
+ if (!ctx) {
+ spin_lock(&ctx_list.ctx_lock);
+ ctx_list.avail_ctx--;
+ spin_unlock(&ctx_list.ctx_lock);
+ wait_event(ctx_list.ctx_wait,
+ !list_empty(&ctx_list.idle_ctx));
+ continue;
+ }
+ break;
+ }
+ return ctx;
+}
+
+void ksmbd_release_crypto_ctx(struct ksmbd_crypto_ctx *ctx)
+{
+ if (!ctx)
+ return;
+
+ spin_lock(&ctx_list.ctx_lock);
+ if (ctx_list.avail_ctx <= num_online_cpus()) {
+ list_add(&ctx->list, &ctx_list.idle_ctx);
+ spin_unlock(&ctx_list.ctx_lock);
+ wake_up(&ctx_list.ctx_wait);
+ return;
+ }
+
+ ctx_list.avail_ctx--;
+ spin_unlock(&ctx_list.ctx_lock);
+ ctx_free(ctx);
+}
+
+static struct ksmbd_crypto_ctx *____crypto_shash_ctx_find(int id)
+{
+ struct ksmbd_crypto_ctx *ctx;
+
+ if (id >= CRYPTO_SHASH_MAX)
+ return NULL;
+
+ ctx = ksmbd_find_crypto_ctx();
+ if (ctx->desc[id])
+ return ctx;
+
+ ctx->desc[id] = alloc_shash_desc(id);
+ if (ctx->desc[id])
+ return ctx;
+ ksmbd_release_crypto_ctx(ctx);
+ return NULL;
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_hmacmd5(void)
+{
+ return ____crypto_shash_ctx_find(CRYPTO_SHASH_HMACMD5);
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_hmacsha256(void)
+{
+ return ____crypto_shash_ctx_find(CRYPTO_SHASH_HMACSHA256);
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_cmacaes(void)
+{
+ return ____crypto_shash_ctx_find(CRYPTO_SHASH_CMACAES);
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha256(void)
+{
+ return ____crypto_shash_ctx_find(CRYPTO_SHASH_SHA256);
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha512(void)
+{
+ return ____crypto_shash_ctx_find(CRYPTO_SHASH_SHA512);
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md4(void)
+{
+ return ____crypto_shash_ctx_find(CRYPTO_SHASH_MD4);
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md5(void)
+{
+ return ____crypto_shash_ctx_find(CRYPTO_SHASH_MD5);
+}
+
+static struct ksmbd_crypto_ctx *____crypto_aead_ctx_find(int id)
+{
+ struct ksmbd_crypto_ctx *ctx;
+
+ if (id >= CRYPTO_AEAD_MAX)
+ return NULL;
+
+ ctx = ksmbd_find_crypto_ctx();
+ if (ctx->ccmaes[id])
+ return ctx;
+
+ ctx->ccmaes[id] = alloc_aead(id);
+ if (ctx->ccmaes[id])
+ return ctx;
+ ksmbd_release_crypto_ctx(ctx);
+ return NULL;
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_gcm(void)
+{
+ return ____crypto_aead_ctx_find(CRYPTO_AEAD_AES128_GCM);
+}
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_ccm(void)
+{
+ return ____crypto_aead_ctx_find(CRYPTO_AEAD_AES128_CCM);
+}
+
+void ksmbd_crypto_destroy(void)
+{
+ struct ksmbd_crypto_ctx *ctx;
+
+ while (!list_empty(&ctx_list.idle_ctx)) {
+ ctx = list_entry(ctx_list.idle_ctx.next,
+ struct ksmbd_crypto_ctx,
+ list);
+ list_del(&ctx->list);
+ ctx_free(ctx);
+ }
+}
+
+int ksmbd_crypto_create(void)
+{
+ struct ksmbd_crypto_ctx *ctx;
+
+ spin_lock_init(&ctx_list.ctx_lock);
+ INIT_LIST_HEAD(&ctx_list.idle_ctx);
+ init_waitqueue_head(&ctx_list.ctx_wait);
+ ctx_list.avail_ctx = 1;
+
+ ctx = ctx_alloc();
+ if (!ctx)
+ return -ENOMEM;
+ list_add(&ctx->list, &ctx_list.idle_ctx);
+ return 0;
+}
diff --git a/fs/cifsd/crypto_ctx.h b/fs/cifsd/crypto_ctx.h
new file mode 100644
index 000000000000..64a11dfd6c83
--- /dev/null
+++ b/fs/cifsd/crypto_ctx.h
@@ -0,0 +1,77 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2019 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __CRYPTO_CTX_H__
+#define __CRYPTO_CTX_H__
+
+#include <crypto/hash.h>
+#include <crypto/aead.h>
+
+enum {
+ CRYPTO_SHASH_HMACMD5 = 0,
+ CRYPTO_SHASH_HMACSHA256,
+ CRYPTO_SHASH_CMACAES,
+ CRYPTO_SHASH_SHA256,
+ CRYPTO_SHASH_SHA512,
+ CRYPTO_SHASH_MD4,
+ CRYPTO_SHASH_MD5,
+ CRYPTO_SHASH_MAX,
+};
+
+enum {
+ CRYPTO_AEAD_AES128_GCM = 16,
+ CRYPTO_AEAD_AES128_CCM,
+ CRYPTO_AEAD_MAX,
+};
+
+enum {
+ CRYPTO_BLK_ECBDES = 32,
+ CRYPTO_BLK_MAX,
+};
+
+struct ksmbd_crypto_ctx {
+ struct list_head list;
+
+ struct shash_desc *desc[CRYPTO_SHASH_MAX];
+ struct crypto_aead *ccmaes[CRYPTO_AEAD_MAX];
+};
+
+#define CRYPTO_HMACMD5(c) ((c)->desc[CRYPTO_SHASH_HMACMD5])
+#define CRYPTO_HMACSHA256(c) ((c)->desc[CRYPTO_SHASH_HMACSHA256])
+#define CRYPTO_CMACAES(c) ((c)->desc[CRYPTO_SHASH_CMACAES])
+#define CRYPTO_SHA256(c) ((c)->desc[CRYPTO_SHASH_SHA256])
+#define CRYPTO_SHA512(c) ((c)->desc[CRYPTO_SHASH_SHA512])
+#define CRYPTO_MD4(c) ((c)->desc[CRYPTO_SHASH_MD4])
+#define CRYPTO_MD5(c) ((c)->desc[CRYPTO_SHASH_MD5])
+
+#define CRYPTO_HMACMD5_TFM(c) ((c)->desc[CRYPTO_SHASH_HMACMD5]->tfm)
+#define CRYPTO_HMACSHA256_TFM(c)\
+ ((c)->desc[CRYPTO_SHASH_HMACSHA256]->tfm)
+#define CRYPTO_CMACAES_TFM(c) ((c)->desc[CRYPTO_SHASH_CMACAES]->tfm)
+#define CRYPTO_SHA256_TFM(c) ((c)->desc[CRYPTO_SHASH_SHA256]->tfm)
+#define CRYPTO_SHA512_TFM(c) ((c)->desc[CRYPTO_SHASH_SHA512]->tfm)
+#define CRYPTO_MD4_TFM(c) ((c)->desc[CRYPTO_SHASH_MD4]->tfm)
+#define CRYPTO_MD5_TFM(c) ((c)->desc[CRYPTO_SHASH_MD5]->tfm)
+
+#define CRYPTO_GCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES128_GCM])
+#define CRYPTO_CCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES128_CCM])
+
+void ksmbd_release_crypto_ctx(struct ksmbd_crypto_ctx *ctx);
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_hmacmd5(void);
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_hmacsha256(void);
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_cmacaes(void);
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha512(void);
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha256(void);
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md4(void);
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md5(void);
+
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_gcm(void);
+struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_ccm(void);
+
+void ksmbd_crypto_destroy(void);
+int ksmbd_crypto_create(void);
+
+#endif /* __CRYPTO_CTX_H__ */
diff --git a/fs/cifsd/mgmt/ksmbd_ida.c b/fs/cifsd/mgmt/ksmbd_ida.c
new file mode 100644
index 000000000000..cbc9fd049852
--- /dev/null
+++ b/fs/cifsd/mgmt/ksmbd_ida.c
@@ -0,0 +1,69 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include "ksmbd_ida.h"
+
+struct ksmbd_ida *ksmbd_ida_alloc(void)
+{
+ struct ksmbd_ida *ida;
+
+ ida = kmalloc(sizeof(struct ksmbd_ida), GFP_KERNEL);
+ if (!ida)
+ return NULL;
+
+ ida_init(&ida->map);
+ return ida;
+}
+
+void ksmbd_ida_free(struct ksmbd_ida *ida)
+{
+ if (!ida)
+ return;
+
+ ida_destroy(&ida->map);
+ kfree(ida);
+}
+
+static inline int __acquire_id(struct ksmbd_ida *ida, int from, int to)
+{
+ return ida_simple_get(&ida->map, from, to, GFP_KERNEL);
+}
+
+int ksmbd_acquire_smb2_tid(struct ksmbd_ida *ida)
+{
+ int id;
+
+ do {
+ id = __acquire_id(ida, 0, 0);
+ } while (id == 0xFFFF);
+
+ return id;
+}
+
+int ksmbd_acquire_smb2_uid(struct ksmbd_ida *ida)
+{
+ int id;
+
+ do {
+ id = __acquire_id(ida, 1, 0);
+ } while (id == 0xFFFE);
+
+ return id;
+}
+
+int ksmbd_acquire_async_msg_id(struct ksmbd_ida *ida)
+{
+ return __acquire_id(ida, 1, 0);
+}
+
+int ksmbd_acquire_id(struct ksmbd_ida *ida)
+{
+ return __acquire_id(ida, 0, 0);
+}
+
+void ksmbd_release_id(struct ksmbd_ida *ida, int id)
+{
+ ida_simple_remove(&ida->map, id);
+}
diff --git a/fs/cifsd/mgmt/ksmbd_ida.h b/fs/cifsd/mgmt/ksmbd_ida.h
new file mode 100644
index 000000000000..b075156adf23
--- /dev/null
+++ b/fs/cifsd/mgmt/ksmbd_ida.h
@@ -0,0 +1,41 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_IDA_MANAGEMENT_H__
+#define __KSMBD_IDA_MANAGEMENT_H__
+
+#include <linux/slab.h>
+#include <linux/idr.h>
+
+struct ksmbd_ida {
+ struct ida map;
+};
+
+struct ksmbd_ida *ksmbd_ida_alloc(void);
+void ksmbd_ida_free(struct ksmbd_ida *ida);
+
+/*
+ * 2.2.1.6.7 TID Generation
+ * The value 0xFFFF MUST NOT be used as a valid TID. All other
+ * possible values for TID, including zero (0x0000), are valid.
+ * The value 0xFFFF is used to specify all TIDs or no TID,
+ * depending upon the context in which it is used.
+ */
+int ksmbd_acquire_smb2_tid(struct ksmbd_ida *ida);
+
+/*
+ * 2.2.1.6.8 UID Generation
+ * The value 0xFFFE was declared reserved in the LAN Manager 1.0
+ * documentation, so a value of 0xFFFE SHOULD NOT be used as a
+ * valid UID.<21> All other possible values for a UID, excluding
+ * zero (0x0000), are valid.
+ */
+int ksmbd_acquire_smb2_uid(struct ksmbd_ida *ida);
+int ksmbd_acquire_async_msg_id(struct ksmbd_ida *ida);
+
+int ksmbd_acquire_id(struct ksmbd_ida *ida);
+
+void ksmbd_release_id(struct ksmbd_ida *ida, int id);
+#endif /* __KSMBD_IDA_MANAGEMENT_H__ */
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
new file mode 100644
index 000000000000..0593702babfe
--- /dev/null
+++ b/fs/cifsd/mgmt/share_config.c
@@ -0,0 +1,239 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/list.h>
+#include <linux/jhash.h>
+#include <linux/slab.h>
+#include <linux/rwsem.h>
+#include <linux/parser.h>
+#include <linux/namei.h>
+#include <linux/sched.h>
+
+#include "share_config.h"
+#include "user_config.h"
+#include "user_session.h"
+#include "../buffer_pool.h"
+#include "../transport_ipc.h"
+#include "../ksmbd_server.h" /* FIXME */
+
+#define SHARE_HASH_BITS 3
+static DEFINE_HASHTABLE(shares_table, SHARE_HASH_BITS);
+static DECLARE_RWSEM(shares_table_lock);
+
+struct ksmbd_veto_pattern {
+ char *pattern;
+ struct list_head list;
+};
+
+static unsigned int share_name_hash(char *name)
+{
+ return jhash(name, strlen(name), 0);
+}
+
+static void kill_share(struct ksmbd_share_config *share)
+{
+ while (!list_empty(&share->veto_list)) {
+ struct ksmbd_veto_pattern *p;
+
+ p = list_entry(share->veto_list.next,
+ struct ksmbd_veto_pattern,
+ list);
+ list_del(&p->list);
+ kfree(p->pattern);
+ kfree(p);
+ }
+
+ if (share->path)
+ path_put(&share->vfs_path);
+ kfree(share->name);
+ kfree(share->path);
+ kfree(share);
+}
+
+void __ksmbd_share_config_put(struct ksmbd_share_config *share)
+{
+ down_write(&shares_table_lock);
+ hash_del(&share->hlist);
+ up_write(&shares_table_lock);
+
+ kill_share(share);
+}
+
+static struct ksmbd_share_config *
+__get_share_config(struct ksmbd_share_config *share)
+{
+ if (!atomic_inc_not_zero(&share->refcount))
+ return NULL;
+ return share;
+}
+
+static struct ksmbd_share_config *__share_lookup(char *name)
+{
+ struct ksmbd_share_config *share;
+ unsigned int key = share_name_hash(name);
+
+ hash_for_each_possible(shares_table, share, hlist, key) {
+ if (!strcmp(name, share->name))
+ return share;
+ }
+ return NULL;
+}
+
+static int parse_veto_list(struct ksmbd_share_config *share,
+ char *veto_list,
+ int veto_list_sz)
+{
+ int sz = 0;
+
+ if (!veto_list_sz)
+ return 0;
+
+ while (veto_list_sz > 0) {
+ struct ksmbd_veto_pattern *p;
+
+ p = ksmbd_alloc(sizeof(struct ksmbd_veto_pattern));
+ if (!p)
+ return -ENOMEM;
+
+ sz = strlen(veto_list);
+ if (!sz)
+ break;
+
+ p->pattern = kstrdup(veto_list, GFP_KERNEL);
+ if (!p->pattern) {
+ ksmbd_free(p);
+ return -ENOMEM;
+ }
+
+ list_add(&p->list, &share->veto_list);
+
+ veto_list += sz + 1;
+ veto_list_sz -= (sz + 1);
+ }
+
+ return 0;
+}
+
+static struct ksmbd_share_config *share_config_request(char *name)
+{
+ struct ksmbd_share_config_response *resp;
+ struct ksmbd_share_config *share = NULL;
+ struct ksmbd_share_config *lookup;
+ int ret;
+
+ resp = ksmbd_ipc_share_config_request(name);
+ if (!resp)
+ return NULL;
+
+ if (resp->flags == KSMBD_SHARE_FLAG_INVALID)
+ goto out;
+
+ share = ksmbd_alloc(sizeof(struct ksmbd_share_config));
+ if (!share)
+ goto out;
+
+ share->flags = resp->flags;
+ atomic_set(&share->refcount, 1);
+ INIT_LIST_HEAD(&share->veto_list);
+ share->name = kstrdup(name, GFP_KERNEL);
+
+ if (!test_share_config_flag(share, KSMBD_SHARE_FLAG_PIPE)) {
+ share->path = kstrdup(KSMBD_SHARE_CONFIG_PATH(resp),
+ GFP_KERNEL);
+ if (share->path)
+ share->path_sz = strlen(share->path);
+ share->create_mask = resp->create_mask;
+ share->directory_mask = resp->directory_mask;
+ share->force_create_mode = resp->force_create_mode;
+ share->force_directory_mode = resp->force_directory_mode;
+ share->force_uid = resp->force_uid;
+ share->force_gid = resp->force_gid;
+ ret = parse_veto_list(share,
+ KSMBD_SHARE_CONFIG_VETO_LIST(resp),
+ resp->veto_list_sz);
+ if (!ret && share->path) {
+ ret = kern_path(share->path, 0, &share->vfs_path);
+ if (ret) {
+ ksmbd_debug(SMB, "failed to access '%s'\n",
+ share->path);
+ /* Avoid put_path() */
+ kfree(share->path);
+ share->path = NULL;
+ }
+ }
+ if (ret || !share->name) {
+ kill_share(share);
+ share = NULL;
+ goto out;
+ }
+ }
+
+ down_write(&shares_table_lock);
+ lookup = __share_lookup(name);
+ if (lookup)
+ lookup = __get_share_config(lookup);
+ if (!lookup) {
+ hash_add(shares_table, &share->hlist, share_name_hash(name));
+ } else {
+ kill_share(share);
+ share = lookup;
+ }
+ up_write(&shares_table_lock);
+
+out:
+ ksmbd_free(resp);
+ return share;
+}
+
+static void strtolower(char *share_name)
+{
+ while (*share_name) {
+ *share_name = tolower(*share_name);
+ share_name++;
+ }
+}
+
+struct ksmbd_share_config *ksmbd_share_config_get(char *name)
+{
+ struct ksmbd_share_config *share;
+
+ strtolower(name);
+
+ down_read(&shares_table_lock);
+ share = __share_lookup(name);
+ if (share)
+ share = __get_share_config(share);
+ up_read(&shares_table_lock);
+
+ if (share)
+ return share;
+ return share_config_request(name);
+}
+
+bool ksmbd_share_veto_filename(struct ksmbd_share_config *share,
+ const char *filename)
+{
+ struct ksmbd_veto_pattern *p;
+
+ list_for_each_entry(p, &share->veto_list, list) {
+ if (match_wildcard(p->pattern, filename))
+ return true;
+ }
+ return false;
+}
+
+void ksmbd_share_configs_cleanup(void)
+{
+ struct ksmbd_share_config *share;
+ struct hlist_node *tmp;
+ int i;
+
+ down_write(&shares_table_lock);
+ hash_for_each_safe(shares_table, i, tmp, share, hlist) {
+ hash_del(&share->hlist);
+ kill_share(share);
+ }
+ up_write(&shares_table_lock);
+}
diff --git a/fs/cifsd/mgmt/share_config.h b/fs/cifsd/mgmt/share_config.h
new file mode 100644
index 000000000000..c47b874bd80b
--- /dev/null
+++ b/fs/cifsd/mgmt/share_config.h
@@ -0,0 +1,83 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __SHARE_CONFIG_MANAGEMENT_H__
+#define __SHARE_CONFIG_MANAGEMENT_H__
+
+#include <linux/workqueue.h>
+#include <linux/hashtable.h>
+#include <linux/path.h>
+
+#include "../glob.h" /* FIXME */
+
+struct ksmbd_share_config {
+ char *name;
+ char *path;
+
+ unsigned int path_sz;
+ unsigned int flags;
+ struct list_head veto_list;
+
+ struct path vfs_path;
+
+ atomic_t refcount;
+ struct hlist_node hlist;
+ unsigned short create_mask;
+ unsigned short directory_mask;
+ unsigned short force_create_mode;
+ unsigned short force_directory_mode;
+ unsigned short force_uid;
+ unsigned short force_gid;
+};
+
+#define KSMBD_SHARE_INVALID_UID ((__u16)-1)
+#define KSMBD_SHARE_INVALID_GID ((__u16)-1)
+
+static inline int share_config_create_mode(struct ksmbd_share_config *share,
+ umode_t posix_mode)
+{
+ if (!share->force_create_mode) {
+ if (!posix_mode)
+ return share->create_mask;
+ else
+ return posix_mode & share->create_mask;
+ }
+ return share->force_create_mode & share->create_mask;
+}
+
+static inline int share_config_directory_mode(struct ksmbd_share_config *share,
+ umode_t posix_mode)
+{
+ if (!share->force_directory_mode) {
+ if (!posix_mode)
+ return share->directory_mask;
+ else
+ return posix_mode & share->directory_mask;
+ }
+
+ return share->force_directory_mode & share->directory_mask;
+}
+
+static inline int test_share_config_flag(struct ksmbd_share_config *share,
+ int flag)
+{
+ return share->flags & flag;
+}
+
+extern void __ksmbd_share_config_put(struct ksmbd_share_config *share);
+
+static inline void ksmbd_share_config_put(struct ksmbd_share_config *share)
+{
+ if (!atomic_dec_and_test(&share->refcount))
+ return;
+ __ksmbd_share_config_put(share);
+}
+
+struct ksmbd_share_config *ksmbd_share_config_get(char *name);
+bool ksmbd_share_veto_filename(struct ksmbd_share_config *share,
+ const char *filename);
+void ksmbd_share_configs_cleanup(void);
+
+#endif /* __SHARE_CONFIG_MANAGEMENT_H__ */
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/cifsd/mgmt/tree_connect.c
new file mode 100644
index 000000000000..2be7b2e2e3cd
--- /dev/null
+++ b/fs/cifsd/mgmt/tree_connect.c
@@ -0,0 +1,129 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/list.h>
+#include <linux/slab.h>
+
+#include "../ksmbd_server.h" /* FIXME */
+#include "../buffer_pool.h"
+#include "../transport_ipc.h"
+#include "../connection.h"
+
+#include "tree_connect.h"
+#include "user_config.h"
+#include "share_config.h"
+#include "user_session.h"
+
+struct ksmbd_tree_conn_status
+ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
+{
+ struct ksmbd_tree_conn_status status = {-EINVAL, NULL};
+ struct ksmbd_tree_connect_response *resp = NULL;
+ struct ksmbd_share_config *sc;
+ struct ksmbd_tree_connect *tree_conn = NULL;
+ struct sockaddr *peer_addr;
+
+ sc = ksmbd_share_config_get(share_name);
+ if (!sc)
+ return status;
+
+ tree_conn = ksmbd_alloc(sizeof(struct ksmbd_tree_connect));
+ if (!tree_conn) {
+ status.ret = -ENOMEM;
+ goto out_error;
+ }
+
+ tree_conn->id = ksmbd_acquire_tree_conn_id(sess);
+ if (tree_conn->id < 0) {
+ status.ret = -EINVAL;
+ goto out_error;
+ }
+
+ peer_addr = KSMBD_TCP_PEER_SOCKADDR(sess->conn);
+ resp = ksmbd_ipc_tree_connect_request(sess,
+ sc,
+ tree_conn,
+ peer_addr);
+ if (!resp) {
+ status.ret = -EINVAL;
+ goto out_error;
+ }
+
+ status.ret = resp->status;
+ if (status.ret != KSMBD_TREE_CONN_STATUS_OK)
+ goto out_error;
+
+ tree_conn->flags = resp->connection_flags;
+ tree_conn->user = sess->user;
+ tree_conn->share_conf = sc;
+ status.tree_conn = tree_conn;
+
+ list_add(&tree_conn->list, &sess->tree_conn_list);
+
+ ksmbd_free(resp);
+ return status;
+
+out_error:
+ if (tree_conn)
+ ksmbd_release_tree_conn_id(sess, tree_conn->id);
+ ksmbd_share_config_put(sc);
+ ksmbd_free(tree_conn);
+ ksmbd_free(resp);
+ return status;
+}
+
+int ksmbd_tree_conn_disconnect(struct ksmbd_session *sess,
+ struct ksmbd_tree_connect *tree_conn)
+{
+ int ret;
+
+ ret = ksmbd_ipc_tree_disconnect_request(sess->id, tree_conn->id);
+ ksmbd_release_tree_conn_id(sess, tree_conn->id);
+ list_del(&tree_conn->list);
+ ksmbd_share_config_put(tree_conn->share_conf);
+ ksmbd_free(tree_conn);
+ return ret;
+}
+
+struct ksmbd_tree_connect *ksmbd_tree_conn_lookup(struct ksmbd_session *sess,
+ unsigned int id)
+{
+ struct ksmbd_tree_connect *tree_conn;
+ struct list_head *tmp;
+
+ list_for_each(tmp, &sess->tree_conn_list) {
+ tree_conn = list_entry(tmp, struct ksmbd_tree_connect, list);
+ if (tree_conn->id == id)
+ return tree_conn;
+ }
+ return NULL;
+}
+
+struct ksmbd_share_config *ksmbd_tree_conn_share(struct ksmbd_session *sess,
+ unsigned int id)
+{
+ struct ksmbd_tree_connect *tc;
+
+ tc = ksmbd_tree_conn_lookup(sess, id);
+ if (tc)
+ return tc->share_conf;
+ return NULL;
+}
+
+int ksmbd_tree_conn_session_logoff(struct ksmbd_session *sess)
+{
+ int ret = 0;
+
+ while (!list_empty(&sess->tree_conn_list)) {
+ struct ksmbd_tree_connect *tc;
+
+ tc = list_entry(sess->tree_conn_list.next,
+ struct ksmbd_tree_connect,
+ list);
+ ret |= ksmbd_tree_conn_disconnect(sess, tc);
+ }
+
+ return ret;
+}
diff --git a/fs/cifsd/mgmt/tree_connect.h b/fs/cifsd/mgmt/tree_connect.h
new file mode 100644
index 000000000000..46237cd05b9c
--- /dev/null
+++ b/fs/cifsd/mgmt/tree_connect.h
@@ -0,0 +1,56 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __TREE_CONNECT_MANAGEMENT_H__
+#define __TREE_CONNECT_MANAGEMENT_H__
+
+#include <linux/hashtable.h>
+
+#include "../ksmbd_server.h" /* FIXME */
+
+struct ksmbd_share_config;
+struct ksmbd_user;
+
+struct ksmbd_tree_connect {
+ int id;
+
+ unsigned int flags;
+ struct ksmbd_share_config *share_conf;
+ struct ksmbd_user *user;
+
+ struct list_head list;
+
+ int maximal_access;
+ bool posix_extensions;
+};
+
+struct ksmbd_tree_conn_status {
+ unsigned int ret;
+ struct ksmbd_tree_connect *tree_conn;
+};
+
+static inline int test_tree_conn_flag(struct ksmbd_tree_connect *tree_conn,
+ int flag)
+{
+ return tree_conn->flags & flag;
+}
+
+struct ksmbd_session;
+
+struct ksmbd_tree_conn_status
+ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name);
+
+int ksmbd_tree_conn_disconnect(struct ksmbd_session *sess,
+ struct ksmbd_tree_connect *tree_conn);
+
+struct ksmbd_tree_connect *ksmbd_tree_conn_lookup(struct ksmbd_session *sess,
+ unsigned int id);
+
+struct ksmbd_share_config *ksmbd_tree_conn_share(struct ksmbd_session *sess,
+ unsigned int id);
+
+int ksmbd_tree_conn_session_logoff(struct ksmbd_session *sess);
+
+#endif /* __TREE_CONNECT_MANAGEMENT_H__ */
diff --git a/fs/cifsd/mgmt/user_config.c b/fs/cifsd/mgmt/user_config.c
new file mode 100644
index 000000000000..1ab68f80f72e
--- /dev/null
+++ b/fs/cifsd/mgmt/user_config.c
@@ -0,0 +1,70 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/slab.h>
+
+#include "user_config.h"
+#include "../buffer_pool.h"
+#include "../transport_ipc.h"
+#include "../ksmbd_server.h" /* FIXME */
+
+struct ksmbd_user *ksmbd_login_user(const char *account)
+{
+ struct ksmbd_login_response *resp;
+ struct ksmbd_user *user = NULL;
+
+ resp = ksmbd_ipc_login_request(account);
+ if (!resp)
+ return NULL;
+
+ if (!(resp->status & KSMBD_USER_FLAG_OK))
+ goto out;
+
+ user = ksmbd_alloc_user(resp);
+out:
+ ksmbd_free(resp);
+ return user;
+}
+
+struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp)
+{
+ struct ksmbd_user *user = NULL;
+
+ user = ksmbd_alloc(sizeof(struct ksmbd_user));
+ if (!user)
+ return NULL;
+
+ user->name = kstrdup(resp->account, GFP_KERNEL);
+ user->flags = resp->status;
+ user->gid = resp->gid;
+ user->uid = resp->uid;
+ user->passkey_sz = resp->hash_sz;
+ user->passkey = ksmbd_alloc(resp->hash_sz);
+ if (user->passkey)
+ memcpy(user->passkey, resp->hash, resp->hash_sz);
+
+ if (!user->name || !user->passkey) {
+ kfree(user->name);
+ ksmbd_free(user->passkey);
+ ksmbd_free(user);
+ user = NULL;
+ }
+ return user;
+}
+
+void ksmbd_free_user(struct ksmbd_user *user)
+{
+ ksmbd_ipc_logout_request(user->name);
+ kfree(user->name);
+ ksmbd_free(user->passkey);
+ ksmbd_free(user);
+}
+
+int ksmbd_anonymous_user(struct ksmbd_user *user)
+{
+ if (user->name[0] == '\0')
+ return 1;
+ return 0;
+}
diff --git a/fs/cifsd/mgmt/user_config.h b/fs/cifsd/mgmt/user_config.h
new file mode 100644
index 000000000000..5cda4a5d3e2f
--- /dev/null
+++ b/fs/cifsd/mgmt/user_config.h
@@ -0,0 +1,67 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __USER_CONFIG_MANAGEMENT_H__
+#define __USER_CONFIG_MANAGEMENT_H__
+
+#include "../glob.h" /* FIXME */
+#include "../ksmbd_server.h" /* FIXME */
+
+struct ksmbd_user {
+ unsigned short flags;
+
+ unsigned int uid;
+ unsigned int gid;
+
+ char *name;
+
+ size_t passkey_sz;
+ char *passkey;
+};
+
+static inline bool user_guest(struct ksmbd_user *user)
+{
+ return user->flags & KSMBD_USER_FLAG_GUEST_ACCOUNT;
+}
+
+static inline void set_user_flag(struct ksmbd_user *user, int flag)
+{
+ user->flags |= flag;
+}
+
+static inline int test_user_flag(struct ksmbd_user *user, int flag)
+{
+ return user->flags & flag;
+}
+
+static inline void set_user_guest(struct ksmbd_user *user)
+{
+}
+
+static inline char *user_passkey(struct ksmbd_user *user)
+{
+ return user->passkey;
+}
+
+static inline char *user_name(struct ksmbd_user *user)
+{
+ return user->name;
+}
+
+static inline unsigned int user_uid(struct ksmbd_user *user)
+{
+ return user->uid;
+}
+
+static inline unsigned int user_gid(struct ksmbd_user *user)
+{
+ return user->gid;
+}
+
+struct ksmbd_user *ksmbd_login_user(const char *account);
+struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp);
+void ksmbd_free_user(struct ksmbd_user *user);
+int ksmbd_anonymous_user(struct ksmbd_user *user);
+#endif /* __USER_CONFIG_MANAGEMENT_H__ */
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
new file mode 100644
index 000000000000..d9f6dbde850a
--- /dev/null
+++ b/fs/cifsd/mgmt/user_session.c
@@ -0,0 +1,345 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/list.h>
+#include <linux/slab.h>
+#include <linux/rwsem.h>
+
+#include "ksmbd_ida.h"
+#include "user_session.h"
+#include "user_config.h"
+#include "tree_connect.h"
+#include "../transport_ipc.h"
+#include "../connection.h"
+#include "../buffer_pool.h"
+#include "../ksmbd_server.h" /* FIXME */
+#include "../vfs_cache.h"
+
+static struct ksmbd_ida *session_ida;
+
+#define SESSION_HASH_BITS 3
+static DEFINE_HASHTABLE(sessions_table, SESSION_HASH_BITS);
+static DECLARE_RWSEM(sessions_table_lock);
+
+struct ksmbd_session_rpc {
+ int id;
+ unsigned int method;
+ struct list_head list;
+};
+
+static void free_channel_list(struct ksmbd_session *sess)
+{
+ struct channel *chann;
+ struct list_head *tmp, *t;
+
+ list_for_each_safe(tmp, t, &sess->ksmbd_chann_list) {
+ chann = list_entry(tmp, struct channel, chann_list);
+ if (chann) {
+ list_del(&chann->chann_list);
+ kfree(chann);
+ }
+ }
+}
+
+static void __session_rpc_close(struct ksmbd_session *sess,
+ struct ksmbd_session_rpc *entry)
+{
+ struct ksmbd_rpc_command *resp;
+
+ resp = ksmbd_rpc_close(sess, entry->id);
+ if (!resp)
+ pr_err("Unable to close RPC pipe %d\n", entry->id);
+
+ ksmbd_free(resp);
+ ksmbd_rpc_id_free(entry->id);
+ ksmbd_free(entry);
+}
+
+static void ksmbd_session_rpc_clear_list(struct ksmbd_session *sess)
+{
+ struct ksmbd_session_rpc *entry;
+
+ while (!list_empty(&sess->rpc_handle_list)) {
+ entry = list_entry(sess->rpc_handle_list.next,
+ struct ksmbd_session_rpc,
+ list);
+
+ list_del(&entry->list);
+ __session_rpc_close(sess, entry);
+ }
+}
+
+static int __rpc_method(char *rpc_name)
+{
+ if (!strcmp(rpc_name, "\\srvsvc") || !strcmp(rpc_name, "srvsvc"))
+ return KSMBD_RPC_SRVSVC_METHOD_INVOKE;
+
+ if (!strcmp(rpc_name, "\\wkssvc") || !strcmp(rpc_name, "wkssvc"))
+ return KSMBD_RPC_WKSSVC_METHOD_INVOKE;
+
+ if (!strcmp(rpc_name, "LANMAN") || !strcmp(rpc_name, "lanman"))
+ return KSMBD_RPC_RAP_METHOD;
+
+ if (!strcmp(rpc_name, "\\samr") || !strcmp(rpc_name, "samr"))
+ return KSMBD_RPC_SAMR_METHOD_INVOKE;
+
+ if (!strcmp(rpc_name, "\\lsarpc") || !strcmp(rpc_name, "lsarpc"))
+ return KSMBD_RPC_LSARPC_METHOD_INVOKE;
+
+ ksmbd_err("Unsupported RPC: %s\n", rpc_name);
+ return 0;
+}
+
+int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name)
+{
+ struct ksmbd_session_rpc *entry;
+ struct ksmbd_rpc_command *resp;
+ int method;
+
+ method = __rpc_method(rpc_name);
+ if (!method)
+ return -EINVAL;
+
+ entry = ksmbd_alloc(sizeof(struct ksmbd_session_rpc));
+ if (!entry)
+ return -EINVAL;
+
+ list_add(&entry->list, &sess->rpc_handle_list);
+ entry->method = method;
+ entry->id = ksmbd_ipc_id_alloc();
+ if (entry->id < 0)
+ goto error;
+
+ resp = ksmbd_rpc_open(sess, entry->id);
+ if (!resp)
+ goto error;
+
+ ksmbd_free(resp);
+ return entry->id;
+error:
+ list_del(&entry->list);
+ ksmbd_free(entry);
+ return -EINVAL;
+}
+
+void ksmbd_session_rpc_close(struct ksmbd_session *sess, int id)
+{
+ struct ksmbd_session_rpc *entry;
+
+ list_for_each_entry(entry, &sess->rpc_handle_list, list) {
+ if (entry->id == id) {
+ list_del(&entry->list);
+ __session_rpc_close(sess, entry);
+ break;
+ }
+ }
+}
+
+int ksmbd_session_rpc_method(struct ksmbd_session *sess, int id)
+{
+ struct ksmbd_session_rpc *entry;
+
+ list_for_each_entry(entry, &sess->rpc_handle_list, list) {
+ if (entry->id == id)
+ return entry->method;
+ }
+ return 0;
+}
+
+void ksmbd_session_destroy(struct ksmbd_session *sess)
+{
+ if (!sess)
+ return;
+
+ if (!atomic_dec_and_test(&sess->refcnt))
+ return;
+
+ list_del(&sess->sessions_entry);
+
+ if (IS_SMB2(sess->conn)) {
+ down_write(&sessions_table_lock);
+ hash_del(&sess->hlist);
+ up_write(&sessions_table_lock);
+ }
+
+ if (sess->user)
+ ksmbd_free_user(sess->user);
+
+ ksmbd_tree_conn_session_logoff(sess);
+ ksmbd_destroy_file_table(&sess->file_table);
+ ksmbd_session_rpc_clear_list(sess);
+ free_channel_list(sess);
+ kfree(sess->Preauth_HashValue);
+ ksmbd_release_id(session_ida, sess->id);
+
+ ksmbd_ida_free(sess->tree_conn_ida);
+ ksmbd_free(sess);
+}
+
+static struct ksmbd_session *__session_lookup(unsigned long long id)
+{
+ struct ksmbd_session *sess;
+
+ hash_for_each_possible(sessions_table, sess, hlist, id) {
+ if (id == sess->id)
+ return sess;
+ }
+ return NULL;
+}
+
+void ksmbd_session_register(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess)
+{
+ sess->conn = conn;
+ list_add(&sess->sessions_entry, &conn->sessions);
+}
+
+void ksmbd_sessions_deregister(struct ksmbd_conn *conn)
+{
+ struct ksmbd_session *sess;
+
+ while (!list_empty(&conn->sessions)) {
+ sess = list_entry(conn->sessions.next,
+ struct ksmbd_session,
+ sessions_entry);
+
+ ksmbd_session_destroy(sess);
+ }
+}
+
+bool ksmbd_session_id_match(struct ksmbd_session *sess, unsigned long long id)
+{
+ return sess->id == id;
+}
+
+struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn,
+ unsigned long long id)
+{
+ struct ksmbd_session *sess = NULL;
+
+ list_for_each_entry(sess, &conn->sessions, sessions_entry) {
+ if (ksmbd_session_id_match(sess, id))
+ return sess;
+ }
+ return NULL;
+}
+
+int get_session(struct ksmbd_session *sess)
+{
+ return atomic_inc_not_zero(&sess->refcnt);
+}
+
+void put_session(struct ksmbd_session *sess)
+{
+ if (atomic_dec_and_test(&sess->refcnt))
+ ksmbd_err("get/%s seems to be mismatched.", __func__);
+}
+
+struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id)
+{
+ struct ksmbd_session *sess;
+
+ down_read(&sessions_table_lock);
+ sess = __session_lookup(id);
+ if (sess) {
+ if (!get_session(sess))
+ sess = NULL;
+ }
+ up_read(&sessions_table_lock);
+
+ return sess;
+}
+
+static int __init_smb2_session(struct ksmbd_session *sess)
+{
+ int id = ksmbd_acquire_smb2_uid(session_ida);
+
+ if (id < 0)
+ return -EINVAL;
+ sess->id = id;
+ return 0;
+}
+
+static struct ksmbd_session *__session_create(int protocol)
+{
+ struct ksmbd_session *sess;
+ int ret;
+
+ sess = ksmbd_alloc(sizeof(struct ksmbd_session));
+ if (!sess)
+ return NULL;
+
+ if (ksmbd_init_file_table(&sess->file_table))
+ goto error;
+
+ set_session_flag(sess, protocol);
+ INIT_LIST_HEAD(&sess->sessions_entry);
+ INIT_LIST_HEAD(&sess->tree_conn_list);
+ INIT_LIST_HEAD(&sess->ksmbd_chann_list);
+ INIT_LIST_HEAD(&sess->rpc_handle_list);
+ sess->sequence_number = 1;
+ atomic_set(&sess->refcnt, 1);
+
+ switch (protocol) {
+ case CIFDS_SESSION_FLAG_SMB2:
+ ret = __init_smb2_session(sess);
+ break;
+ default:
+ ret = -EINVAL;
+ break;
+ }
+
+ if (ret)
+ goto error;
+
+ sess->tree_conn_ida = ksmbd_ida_alloc();
+ if (!sess->tree_conn_ida)
+ goto error;
+
+ if (protocol == CIFDS_SESSION_FLAG_SMB2) {
+ down_read(&sessions_table_lock);
+ hash_add(sessions_table, &sess->hlist, sess->id);
+ up_read(&sessions_table_lock);
+ }
+ return sess;
+
+error:
+ ksmbd_session_destroy(sess);
+ return NULL;
+}
+
+struct ksmbd_session *ksmbd_smb2_session_create(void)
+{
+ return __session_create(CIFDS_SESSION_FLAG_SMB2);
+}
+
+int ksmbd_acquire_tree_conn_id(struct ksmbd_session *sess)
+{
+ int id = -EINVAL;
+
+ if (test_session_flag(sess, CIFDS_SESSION_FLAG_SMB2))
+ id = ksmbd_acquire_smb2_tid(sess->tree_conn_ida);
+
+ return id;
+}
+
+void ksmbd_release_tree_conn_id(struct ksmbd_session *sess, int id)
+{
+ if (id >= 0)
+ ksmbd_release_id(sess->tree_conn_ida, id);
+}
+
+int ksmbd_init_session_table(void)
+{
+ session_ida = ksmbd_ida_alloc();
+ if (!session_ida)
+ return -ENOMEM;
+ return 0;
+}
+
+void ksmbd_free_session_table(void)
+{
+ ksmbd_ida_free(session_ida);
+}
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
new file mode 100644
index 000000000000..0a6eb21647ab
--- /dev/null
+++ b/fs/cifsd/mgmt/user_session.h
@@ -0,0 +1,105 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __USER_SESSION_MANAGEMENT_H__
+#define __USER_SESSION_MANAGEMENT_H__
+
+#include <linux/hashtable.h>
+
+#include "../smb_common.h"
+#include "../ntlmssp.h"
+
+#define CIFDS_SESSION_FLAG_SMB2 (1 << 1)
+
+#define PREAUTH_HASHVALUE_SIZE 64
+
+struct ksmbd_ida;
+struct ksmbd_file_table;
+
+struct channel {
+ __u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
+ struct ksmbd_conn *conn;
+ struct list_head chann_list;
+};
+
+struct preauth_session {
+ __u8 Preauth_HashValue[PREAUTH_HASHVALUE_SIZE];
+ uint64_t sess_id;
+ struct list_head list_entry;
+};
+
+struct ksmbd_session {
+ uint64_t id;
+
+ struct ksmbd_user *user;
+ struct ksmbd_conn *conn;
+ unsigned int sequence_number;
+ unsigned int flags;
+
+ bool sign;
+ bool enc;
+ bool is_anonymous;
+
+ int state;
+ __u8 *Preauth_HashValue;
+
+ struct ntlmssp_auth ntlmssp;
+ char sess_key[CIFS_KEY_SIZE];
+
+ struct hlist_node hlist;
+ struct list_head ksmbd_chann_list;
+ struct list_head tree_conn_list;
+ struct ksmbd_ida *tree_conn_ida;
+ struct list_head rpc_handle_list;
+
+ __u8 smb3encryptionkey[SMB3_SIGN_KEY_SIZE];
+ __u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE];
+ __u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
+
+ struct list_head sessions_entry;
+ struct ksmbd_file_table file_table;
+ atomic_t refcnt;
+};
+
+static inline int test_session_flag(struct ksmbd_session *sess, int bit)
+{
+ return sess->flags & bit;
+}
+
+static inline void set_session_flag(struct ksmbd_session *sess, int bit)
+{
+ sess->flags |= bit;
+}
+
+static inline void clear_session_flag(struct ksmbd_session *sess, int bit)
+{
+ sess->flags &= ~bit;
+}
+
+struct ksmbd_session *ksmbd_smb2_session_create(void);
+
+void ksmbd_session_destroy(struct ksmbd_session *sess);
+
+bool ksmbd_session_id_match(struct ksmbd_session *sess, unsigned long long id);
+struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id);
+struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn,
+ unsigned long long id);
+void ksmbd_session_register(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess);
+void ksmbd_sessions_deregister(struct ksmbd_conn *conn);
+
+int ksmbd_acquire_tree_conn_id(struct ksmbd_session *sess);
+void ksmbd_release_tree_conn_id(struct ksmbd_session *sess, int id);
+
+int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name);
+void ksmbd_session_rpc_close(struct ksmbd_session *sess, int id);
+int ksmbd_session_rpc_method(struct ksmbd_session *sess, int id);
+int get_session(struct ksmbd_session *sess);
+void put_session(struct ksmbd_session *sess);
+
+int ksmbd_init_session_table(void);
+void ksmbd_free_session_table(void);
+
+#endif /* __USER_SESSION_MANAGEMENT_H__ */
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
new file mode 100644
index 000000000000..9e689c33f7bb
--- /dev/null
+++ b/fs/cifsd/misc.c
@@ -0,0 +1,293 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/kernel.h>
+#include <linux/version.h>
+#include <linux/xattr.h>
+#include <linux/fs.h>
+
+#include "misc.h"
+#include "smb_common.h"
+#include "connection.h"
+#include "vfs.h"
+
+#include "mgmt/share_config.h"
+
+/**
+ * match_pattern() - compare a string with a pattern which might include
+ * wildcard '*' and '?'
+ * TODO : implement consideration about DOS_DOT, DOS_QM and DOS_STAR
+ *
+ * @string: string to compare with a pattern
+ * @pattern: pattern string which might include wildcard '*' and '?'
+ *
+ * Return: 0 if pattern matched with the string, otherwise non zero value
+ */
+int match_pattern(const char *str, const char *pattern)
+{
+ const char *s = str;
+ const char *p = pattern;
+ bool star = false;
+
+ while (*s) {
+ switch (*p) {
+ case '?':
+ s++;
+ p++;
+ break;
+ case '*':
+ star = true;
+ str = s;
+ if (!*++p)
+ return true;
+ pattern = p;
+ break;
+ default:
+ if (tolower(*s) == tolower(*p)) {
+ s++;
+ p++;
+ } else {
+ if (!star)
+ return false;
+ str++;
+ s = str;
+ p = pattern;
+ }
+ break;
+ }
+ }
+
+ if (*p == '*')
+ ++p;
+ return !*p;
+}
+
+/*
+ * is_char_allowed() - check for valid character
+ * @ch: input character to be checked
+ *
+ * Return: 1 if char is allowed, otherwise 0
+ */
+static inline int is_char_allowed(char ch)
+{
+ /* check for control chars, wildcards etc. */
+ if (!(ch & 0x80) &&
+ (ch <= 0x1f ||
+ ch == '?' || ch == '"' || ch == '<' ||
+ ch == '>' || ch == '|' || ch == '*'))
+ return 0;
+
+ return 1;
+}
+
+int ksmbd_validate_filename(char *filename)
+{
+ while (*filename) {
+ char c = *filename;
+
+ filename++;
+ if (!is_char_allowed(c)) {
+ ksmbd_debug(VFS, "File name validation failed: 0x%x\n", c);
+ return -ENOENT;
+ }
+ }
+
+ return 0;
+}
+
+static int ksmbd_validate_stream_name(char *stream_name)
+{
+ while (*stream_name) {
+ char c = *stream_name;
+
+ stream_name++;
+ if (c == '/' || c == ':' || c == '\\') {
+ ksmbd_err("Stream name validation failed: %c\n", c);
+ return -ENOENT;
+ }
+ }
+
+ return 0;
+}
+
+int parse_stream_name(char *filename, char **stream_name, int *s_type)
+{
+ char *stream_type;
+ char *s_name;
+ int rc = 0;
+
+ s_name = filename;
+ filename = strsep(&s_name, ":");
+ ksmbd_debug(SMB, "filename : %s, streams : %s\n", filename, s_name);
+ if (strchr(s_name, ':')) {
+ stream_type = s_name;
+ s_name = strsep(&stream_type, ":");
+
+ rc = ksmbd_validate_stream_name(s_name);
+ if (rc < 0) {
+ rc = -ENOENT;
+ goto out;
+ }
+
+ ksmbd_debug(SMB, "stream name : %s, stream type : %s\n", s_name,
+ stream_type);
+ if (!strncasecmp("$data", stream_type, 5))
+ *s_type = DATA_STREAM;
+ else if (!strncasecmp("$index_allocation", stream_type, 17))
+ *s_type = DIR_STREAM;
+ else
+ rc = -ENOENT;
+ }
+
+ *stream_name = s_name;
+out:
+ return rc;
+}
+
+/**
+ * convert_to_nt_pathname() - extract and return windows path string
+ * whose share directory prefix was removed from file path
+ * @filename : unix filename
+ * @sharepath: share path string
+ *
+ * Return : windows path string or error
+ */
+
+char *convert_to_nt_pathname(char *filename, char *sharepath)
+{
+ char *ab_pathname;
+ int len, name_len;
+
+ name_len = strlen(filename);
+ ab_pathname = kmalloc(name_len, GFP_KERNEL);
+ if (!ab_pathname)
+ return NULL;
+
+ ab_pathname[0] = '\\';
+ ab_pathname[1] = '\0';
+
+ len = strlen(sharepath);
+ if (!strncmp(filename, sharepath, len) && name_len != len) {
+ strscpy(ab_pathname, &filename[len], name_len);
+ ksmbd_conv_path_to_windows(ab_pathname);
+ }
+
+ return ab_pathname;
+}
+
+int get_nlink(struct kstat *st)
+{
+ int nlink;
+
+ nlink = st->nlink;
+ if (S_ISDIR(st->mode))
+ nlink--;
+
+ return nlink;
+}
+
+void ksmbd_conv_path_to_unix(char *path)
+{
+ strreplace(path, '\\', '/');
+}
+
+void ksmbd_strip_last_slash(char *path)
+{
+ int len = strlen(path);
+
+ while (len && path[len - 1] == '/') {
+ path[len - 1] = '\0';
+ len--;
+ }
+}
+
+void ksmbd_conv_path_to_windows(char *path)
+{
+ strreplace(path, '/', '\\');
+}
+
+/**
+ * extract_sharename() - get share name from tree connect request
+ * @treename: buffer containing tree name and share name
+ *
+ * Return: share name on success, otherwise error
+ */
+char *extract_sharename(char *treename)
+{
+ char *name = treename;
+ char *dst;
+ char *pos = strrchr(name, '\\');
+
+ if (pos)
+ name = (pos + 1);
+
+ /* caller has to free the memory */
+ dst = kstrdup(name, GFP_KERNEL);
+ if (!dst)
+ return ERR_PTR(-ENOMEM);
+ return dst;
+}
+
+/**
+ * convert_to_unix_name() - convert windows name to unix format
+ * @path: name to be converted
+ * @tid: tree id of mathing share
+ *
+ * Return: converted name on success, otherwise NULL
+ */
+char *convert_to_unix_name(struct ksmbd_share_config *share, char *name)
+{
+ int no_slash = 0, name_len, path_len;
+ char *new_name;
+
+ if (name[0] == '/')
+ name++;
+
+ path_len = share->path_sz;
+ name_len = strlen(name);
+ new_name = kmalloc(path_len + name_len + 2, GFP_KERNEL);
+ if (!new_name)
+ return new_name;
+
+ memcpy(new_name, share->path, path_len);
+ if (new_name[path_len - 1] != '/') {
+ new_name[path_len] = '/';
+ no_slash = 1;
+ }
+
+ memcpy(new_name + path_len + no_slash, name, name_len);
+ path_len += name_len + no_slash;
+ new_name[path_len] = 0x00;
+ return new_name;
+}
+
+char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
+ const struct nls_table *local_nls,
+ int *conv_len)
+{
+ char *conv;
+ int sz = min(4 * d_info->name_len, PATH_MAX);
+
+ if (!sz)
+ return NULL;
+
+ conv = kmalloc(sz, GFP_KERNEL);
+ if (!conv)
+ return NULL;
+
+ /* XXX */
+ *conv_len = smbConvertToUTF16((__le16 *)conv,
+ d_info->name,
+ d_info->name_len,
+ local_nls,
+ 0);
+ *conv_len *= 2;
+
+ /* We allocate buffer twice bigger than needed. */
+ conv[*conv_len] = 0x00;
+ conv[*conv_len + 1] = 0x00;
+ return conv;
+}
diff --git a/fs/cifsd/misc.h b/fs/cifsd/misc.h
new file mode 100644
index 000000000000..d67843aad509
--- /dev/null
+++ b/fs/cifsd/misc.h
@@ -0,0 +1,38 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_MISC_H__
+#define __KSMBD_MISC_H__
+
+struct ksmbd_share_config;
+struct nls_table;
+struct kstat;
+struct ksmbd_file;
+
+int match_pattern(const char *str, const char *pattern);
+
+int ksmbd_validate_filename(char *filename);
+
+int parse_stream_name(char *filename, char **stream_name, int *s_type);
+
+char *convert_to_nt_pathname(char *filename, char *sharepath);
+
+int get_nlink(struct kstat *st);
+
+void ksmbd_conv_path_to_unix(char *path);
+void ksmbd_strip_last_slash(char *path);
+void ksmbd_conv_path_to_windows(char *path);
+
+char *extract_sharename(char *treename);
+
+char *convert_to_unix_name(struct ksmbd_share_config *share, char *name);
+
+#define KSMBD_DIR_INFO_ALIGNMENT 8
+
+struct ksmbd_dir_info;
+char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
+ const struct nls_table *local_nls,
+ int *conv_len);
+#endif /* __KSMBD_MISC_H__ */
diff --git a/fs/cifsd/ndr.c b/fs/cifsd/ndr.c
new file mode 100644
index 000000000000..d96dcd9e43c6
--- /dev/null
+++ b/fs/cifsd/ndr.c
@@ -0,0 +1,344 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2021 Samsung Electronics Co., Ltd.
+ * Author(s): Namjae Jeon <linkinjeon(a)kernel.org>
+ */
+
+#include <linux/fs.h>
+
+#include "glob.h"
+#include "ndr.h"
+
+#define PAYLOAD_HEAD(d) ((d)->data + (d)->offset)
+
+#define KSMBD_ALIGN_MASK(x, mask) (((x) + (mask)) & ~(mask))
+
+#define KSMBD_ALIGN(x, a) \
+ ({ \
+ typeof(x) ret = (x); \
+ if (((x) & ((typeof(x))(a) - 1)) != 0) \
+ ret = KSMBD_ALIGN_MASK(x, (typeof(x))(a) - 1); \
+ ret; \
+ })
+
+static void align_offset(struct ndr *ndr, int n)
+{
+ ndr->offset = KSMBD_ALIGN(ndr->offset, n);
+}
+
+static int try_to_realloc_ndr_blob(struct ndr *n, size_t sz)
+{
+ char *data;
+
+ data = krealloc(n->data, n->offset + sz + 1024, GFP_KERNEL);
+ if (!data)
+ return -ENOMEM;
+
+ n->data = data;
+ n->length += 1024;
+ memset(n->data + n->offset, 0, 1024);
+ return 0;
+}
+
+static void ndr_write_int16(struct ndr *n, __u16 value)
+{
+ if (n->length <= n->offset + sizeof(value))
+ try_to_realloc_ndr_blob(n, sizeof(value));
+
+ *(__le16 *)PAYLOAD_HEAD(n) = cpu_to_le16(value);
+ n->offset += sizeof(value);
+}
+
+static void ndr_write_int32(struct ndr *n, __u32 value)
+{
+ if (n->length <= n->offset + sizeof(value))
+ try_to_realloc_ndr_blob(n, sizeof(value));
+
+ *(__le32 *)PAYLOAD_HEAD(n) = cpu_to_le32(value);
+ n->offset += sizeof(value);
+}
+
+static void ndr_write_int64(struct ndr *n, __u64 value)
+{
+ if (n->length <= n->offset + sizeof(value))
+ try_to_realloc_ndr_blob(n, sizeof(value));
+
+ *(__le64 *)PAYLOAD_HEAD(n) = cpu_to_le64(value);
+ n->offset += sizeof(value);
+}
+
+static int ndr_write_bytes(struct ndr *n, void *value, size_t sz)
+{
+ if (n->length <= n->offset + sz)
+ try_to_realloc_ndr_blob(n, sz);
+
+ memcpy(PAYLOAD_HEAD(n), value, sz);
+ n->offset += sz;
+ return 0;
+}
+
+static int ndr_write_string(struct ndr *n, void *value, size_t sz)
+{
+ if (n->length <= n->offset + sz)
+ try_to_realloc_ndr_blob(n, sz);
+
+ strncpy(PAYLOAD_HEAD(n), value, sz);
+ sz++;
+ n->offset += sz;
+ align_offset(n, 2);
+ return 0;
+}
+
+static int ndr_read_string(struct ndr *n, void *value, size_t sz)
+{
+ int len = strnlen(PAYLOAD_HEAD(n), sz);
+
+ memcpy(value, PAYLOAD_HEAD(n), len);
+ len++;
+ n->offset += len;
+ align_offset(n, 2);
+ return 0;
+}
+
+static int ndr_read_bytes(struct ndr *n, void *value, size_t sz)
+{
+ memcpy(value, PAYLOAD_HEAD(n), sz);
+ n->offset += sz;
+ return 0;
+}
+
+static __u16 ndr_read_int16(struct ndr *n)
+{
+ __u16 ret;
+
+ ret = le16_to_cpu(*(__le16 *)PAYLOAD_HEAD(n));
+ n->offset += sizeof(__u16);
+ return ret;
+}
+
+static __u32 ndr_read_int32(struct ndr *n)
+{
+ __u32 ret;
+
+ ret = le32_to_cpu(*(__le32 *)PAYLOAD_HEAD(n));
+ n->offset += sizeof(__u32);
+ return ret;
+}
+
+static __u64 ndr_read_int64(struct ndr *n)
+{
+ __u64 ret;
+
+ ret = le64_to_cpu(*(__le64 *)PAYLOAD_HEAD(n));
+ n->offset += sizeof(__u64);
+ return ret;
+}
+
+int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
+{
+ char hex_attr[12] = {0};
+
+ n->offset = 0;
+ n->length = 1024;
+ n->data = kzalloc(n->length, GFP_KERNEL);
+ if (!n->data)
+ return -ENOMEM;
+
+ if (da->version == 3) {
+ snprintf(hex_attr, 10, "0x%x", da->attr);
+ ndr_write_string(n, hex_attr, strlen(hex_attr));
+ } else {
+ ndr_write_string(n, "", strlen(""));
+ }
+ ndr_write_int16(n, da->version);
+ ndr_write_int32(n, da->version);
+
+ ndr_write_int32(n, da->flags);
+ ndr_write_int32(n, da->attr);
+ if (da->version == 3) {
+ ndr_write_int32(n, da->ea_size);
+ ndr_write_int64(n, da->size);
+ ndr_write_int64(n, da->alloc_size);
+ } else
+ ndr_write_int64(n, da->itime);
+ ndr_write_int64(n, da->create_time);
+ if (da->version == 3)
+ ndr_write_int64(n, da->change_time);
+ return 0;
+}
+
+int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
+{
+ char hex_attr[12] = {0};
+ int version2;
+
+ n->offset = 0;
+ ndr_read_string(n, hex_attr, n->length - n->offset);
+ da->version = ndr_read_int16(n);
+
+ if (da->version != 3 && da->version != 4) {
+ ksmbd_err("v%d version is not supported\n", da->version);
+ return -EINVAL;
+ }
+
+ version2 = ndr_read_int32(n);
+ if (da->version != version2) {
+ ksmbd_err("ndr version mismatched(version: %d, version2: %d)\n",
+ da->version, version2);
+ return -EINVAL;
+ }
+
+ ndr_read_int32(n);
+ da->attr = ndr_read_int32(n);
+ if (da->version == 4) {
+ da->itime = ndr_read_int64(n);
+ da->create_time = ndr_read_int64(n);
+ } else {
+ ndr_read_int32(n);
+ ndr_read_int64(n);
+ ndr_read_int64(n);
+ da->create_time = ndr_read_int64(n);
+ ndr_read_int64(n);
+ }
+
+ return 0;
+}
+
+static int ndr_encode_posix_acl_entry(struct ndr *n, struct xattr_smb_acl *acl)
+{
+ int i;
+
+ ndr_write_int32(n, acl->count);
+ align_offset(n, 8);
+ ndr_write_int32(n, acl->count);
+ ndr_write_int32(n, 0);
+
+ for (i = 0; i < acl->count; i++) {
+ align_offset(n, 8);
+ ndr_write_int16(n, acl->entries[i].type);
+ ndr_write_int16(n, acl->entries[i].type);
+
+ if (acl->entries[i].type == SMB_ACL_USER) {
+ align_offset(n, 8);
+ ndr_write_int64(n, acl->entries[i].uid);
+ } else if (acl->entries[i].type == SMB_ACL_GROUP) {
+ align_offset(n, 8);
+ ndr_write_int64(n, acl->entries[i].gid);
+ }
+
+ /* push permission */
+ ndr_write_int32(n, acl->entries[i].perm);
+ }
+
+ return 0;
+}
+
+int ndr_encode_posix_acl(struct ndr *n, struct inode *inode,
+ struct xattr_smb_acl *acl, struct xattr_smb_acl *def_acl)
+{
+ int ref_id = 0x00020000;
+
+ n->offset = 0;
+ n->length = 1024;
+ n->data = kzalloc(n->length, GFP_KERNEL);
+ if (!n->data)
+ return -ENOMEM;
+
+ if (acl) {
+ /* ACL ACCESS */
+ ndr_write_int32(n, ref_id);
+ ref_id += 4;
+ } else
+ ndr_write_int32(n, 0);
+
+ if (def_acl) {
+ /* DEFAULT ACL ACCESS */
+ ndr_write_int32(n, ref_id);
+ ref_id += 4;
+ } else
+ ndr_write_int32(n, 0);
+
+ ndr_write_int64(n, from_kuid(&init_user_ns, inode->i_uid));
+ ndr_write_int64(n, from_kgid(&init_user_ns, inode->i_gid));
+ ndr_write_int32(n, inode->i_mode);
+
+ if (acl) {
+ ndr_encode_posix_acl_entry(n, acl);
+ if (def_acl)
+ ndr_encode_posix_acl_entry(n, def_acl);
+ }
+ return 0;
+}
+
+int ndr_encode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)
+{
+ int ref_id = 0x00020004;
+
+ n->offset = 0;
+ n->length = 2048;
+ n->data = kzalloc(n->length, GFP_KERNEL);
+ if (!n->data)
+ return -ENOMEM;
+
+ ndr_write_int16(n, acl->version);
+ ndr_write_int32(n, acl->version);
+ ndr_write_int16(n, 2);
+ ndr_write_int32(n, ref_id);
+
+ /* push hash type and hash 64bytes */
+ ndr_write_int16(n, acl->hash_type);
+ ndr_write_bytes(n, acl->hash, XATTR_SD_HASH_SIZE);
+ ndr_write_bytes(n, acl->desc, acl->desc_len);
+ ndr_write_int64(n, acl->current_time);
+ ndr_write_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE);
+
+ /* push ndr for security descriptor */
+ ndr_write_bytes(n, acl->sd_buf, acl->sd_size);
+
+ return 0;
+}
+
+int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)
+{
+ int version2;
+
+ n->offset = 0;
+ acl->version = ndr_read_int16(n);
+ if (acl->version != 4) {
+ ksmbd_err("v%d version is not supported\n", acl->version);
+ return -EINVAL;
+ }
+
+ version2 = ndr_read_int32(n);
+ if (acl->version != version2) {
+ ksmbd_err("ndr version mismatched(version: %d, version2: %d)\n",
+ acl->version, version2);
+ return -EINVAL;
+ }
+
+ /* Read Level */
+ ndr_read_int16(n);
+ /* Read Ref Id */
+ ndr_read_int32(n);
+ acl->hash_type = ndr_read_int16(n);
+ ndr_read_bytes(n, acl->hash, XATTR_SD_HASH_SIZE);
+
+ ndr_read_bytes(n, acl->desc, 10);
+ if (strncmp(acl->desc, "posix_acl", 9)) {
+ ksmbd_err("Invalid acl desciption : %s\n", acl->desc);
+ return -EINVAL;
+ }
+
+ /* Read Time */
+ ndr_read_int64(n);
+ /* Read Posix ACL hash */
+ ndr_read_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE);
+ acl->sd_size = n->length - n->offset;
+ acl->sd_buf = kzalloc(acl->sd_size, GFP_KERNEL);
+ if (!acl->sd_buf)
+ return -ENOMEM;
+
+ ndr_read_bytes(n, acl->sd_buf, acl->sd_size);
+
+ return 0;
+}
diff --git a/fs/cifsd/ndr.h b/fs/cifsd/ndr.h
new file mode 100644
index 000000000000..a9db968b78ac
--- /dev/null
+++ b/fs/cifsd/ndr.h
@@ -0,0 +1,21 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2020 Samsung Electronics Co., Ltd.
+ * Author(s): Namjae Jeon <linkinjeon(a)kernel.org>
+ */
+
+struct ndr {
+ char *data;
+ int offset;
+ int length;
+};
+
+#define NDR_NTSD_OFFSETOF 0xA0
+
+int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da);
+int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da);
+int ndr_encode_posix_acl(struct ndr *n, struct inode *inode,
+ struct xattr_smb_acl *acl, struct xattr_smb_acl *def_acl);
+int ndr_encode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl);
+int ndr_encode_v3_ntacl(struct ndr *n, struct xattr_ntacl *acl);
+int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl);
diff --git a/fs/cifsd/netmisc.c b/fs/cifsd/netmisc.c
new file mode 100644
index 000000000000..6f7dd78348a3
--- /dev/null
+++ b/fs/cifsd/netmisc.c
@@ -0,0 +1,46 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * fs/ksmbd/netmisc.c
+ *
+ * Copyright (c) International Business Machines Corp., 2002,2008
+ * Author(s): Steve French (sfrench(a)us.ibm.com)
+ *
+ * Error mapping routines from Samba libsmb/errormap.c
+ * Copyright (C) Andrew Tridgell 2001
+ */
+
+#include "glob.h"
+#include "smberr.h"
+#include "nterr.h"
+#include "time_wrappers.h"
+
+/*
+ * Convert the NT UTC (based 1601-01-01, in hundred nanosecond units)
+ * into Unix UTC (based 1970-01-01, in seconds).
+ */
+struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc)
+{
+ struct timespec64 ts;
+
+ /* Subtract the NTFS time offset, then convert to 1s intervals. */
+ s64 t = le64_to_cpu(ntutc) - NTFS_TIME_OFFSET;
+ u64 abs_t;
+
+ /*
+ * Unfortunately can not use normal 64 bit division on 32 bit arch, but
+ * the alternative, do_div, does not work with negative numbers so have
+ * to special case them
+ */
+ if (t < 0) {
+ abs_t = -t;
+ ts.tv_nsec = do_div(abs_t, 10000000) * 100;
+ ts.tv_nsec = -ts.tv_nsec;
+ ts.tv_sec = -abs_t;
+ } else {
+ abs_t = t;
+ ts.tv_nsec = do_div(abs_t, 10000000) * 100;
+ ts.tv_sec = abs_t;
+ }
+
+ return ts;
+}
diff --git a/fs/cifsd/nterr.c b/fs/cifsd/nterr.c
new file mode 100644
index 000000000000..358a766375b4
--- /dev/null
+++ b/fs/cifsd/nterr.c
@@ -0,0 +1,674 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Unix SMB/Netbios implementation.
+ * Version 1.9.
+ * RPC Pipe client / server routines
+ * Copyright (C) Luke Kenneth Casson Leighton 1997-2001.
+ */
+
+/* NT error codes - see nterr.h */
+#include <linux/types.h>
+#include <linux/fs.h>
+#include "nterr.h"
+
+const struct nt_err_code_struct nt_errs[] = {
+ {"NT_STATUS_OK", NT_STATUS_OK},
+ {"NT_STATUS_UNSUCCESSFUL", NT_STATUS_UNSUCCESSFUL},
+ {"NT_STATUS_NOT_IMPLEMENTED", NT_STATUS_NOT_IMPLEMENTED},
+ {"NT_STATUS_INVALID_INFO_CLASS", NT_STATUS_INVALID_INFO_CLASS},
+ {"NT_STATUS_INFO_LENGTH_MISMATCH", NT_STATUS_INFO_LENGTH_MISMATCH},
+ {"NT_STATUS_ACCESS_VIOLATION", NT_STATUS_ACCESS_VIOLATION},
+ {"NT_STATUS_BUFFER_OVERFLOW", NT_STATUS_BUFFER_OVERFLOW},
+ {"NT_STATUS_IN_PAGE_ERROR", NT_STATUS_IN_PAGE_ERROR},
+ {"NT_STATUS_PAGEFILE_QUOTA", NT_STATUS_PAGEFILE_QUOTA},
+ {"NT_STATUS_INVALID_HANDLE", NT_STATUS_INVALID_HANDLE},
+ {"NT_STATUS_BAD_INITIAL_STACK", NT_STATUS_BAD_INITIAL_STACK},
+ {"NT_STATUS_BAD_INITIAL_PC", NT_STATUS_BAD_INITIAL_PC},
+ {"NT_STATUS_INVALID_CID", NT_STATUS_INVALID_CID},
+ {"NT_STATUS_TIMER_NOT_CANCELED", NT_STATUS_TIMER_NOT_CANCELED},
+ {"NT_STATUS_INVALID_PARAMETER", NT_STATUS_INVALID_PARAMETER},
+ {"NT_STATUS_NO_SUCH_DEVICE", NT_STATUS_NO_SUCH_DEVICE},
+ {"NT_STATUS_NO_SUCH_FILE", NT_STATUS_NO_SUCH_FILE},
+ {"NT_STATUS_INVALID_DEVICE_REQUEST",
+ NT_STATUS_INVALID_DEVICE_REQUEST},
+ {"NT_STATUS_END_OF_FILE", NT_STATUS_END_OF_FILE},
+ {"NT_STATUS_WRONG_VOLUME", NT_STATUS_WRONG_VOLUME},
+ {"NT_STATUS_NO_MEDIA_IN_DEVICE", NT_STATUS_NO_MEDIA_IN_DEVICE},
+ {"NT_STATUS_UNRECOGNIZED_MEDIA", NT_STATUS_UNRECOGNIZED_MEDIA},
+ {"NT_STATUS_NONEXISTENT_SECTOR", NT_STATUS_NONEXISTENT_SECTOR},
+ {"NT_STATUS_MORE_PROCESSING_REQUIRED",
+ NT_STATUS_MORE_PROCESSING_REQUIRED},
+ {"NT_STATUS_NO_MEMORY", NT_STATUS_NO_MEMORY},
+ {"NT_STATUS_CONFLICTING_ADDRESSES",
+ NT_STATUS_CONFLICTING_ADDRESSES},
+ {"NT_STATUS_NOT_MAPPED_VIEW", NT_STATUS_NOT_MAPPED_VIEW},
+ {"NT_STATUS_UNABLE_TO_FREE_VM", NT_STATUS_UNABLE_TO_FREE_VM},
+ {"NT_STATUS_UNABLE_TO_DELETE_SECTION",
+ NT_STATUS_UNABLE_TO_DELETE_SECTION},
+ {"NT_STATUS_INVALID_SYSTEM_SERVICE",
+ NT_STATUS_INVALID_SYSTEM_SERVICE},
+ {"NT_STATUS_ILLEGAL_INSTRUCTION", NT_STATUS_ILLEGAL_INSTRUCTION},
+ {"NT_STATUS_INVALID_LOCK_SEQUENCE",
+ NT_STATUS_INVALID_LOCK_SEQUENCE},
+ {"NT_STATUS_INVALID_VIEW_SIZE", NT_STATUS_INVALID_VIEW_SIZE},
+ {"NT_STATUS_INVALID_FILE_FOR_SECTION",
+ NT_STATUS_INVALID_FILE_FOR_SECTION},
+ {"NT_STATUS_ALREADY_COMMITTED", NT_STATUS_ALREADY_COMMITTED},
+ {"NT_STATUS_ACCESS_DENIED", NT_STATUS_ACCESS_DENIED},
+ {"NT_STATUS_BUFFER_TOO_SMALL", NT_STATUS_BUFFER_TOO_SMALL},
+ {"NT_STATUS_OBJECT_TYPE_MISMATCH", NT_STATUS_OBJECT_TYPE_MISMATCH},
+ {"NT_STATUS_NONCONTINUABLE_EXCEPTION",
+ NT_STATUS_NONCONTINUABLE_EXCEPTION},
+ {"NT_STATUS_INVALID_DISPOSITION", NT_STATUS_INVALID_DISPOSITION},
+ {"NT_STATUS_UNWIND", NT_STATUS_UNWIND},
+ {"NT_STATUS_BAD_STACK", NT_STATUS_BAD_STACK},
+ {"NT_STATUS_INVALID_UNWIND_TARGET",
+ NT_STATUS_INVALID_UNWIND_TARGET},
+ {"NT_STATUS_NOT_LOCKED", NT_STATUS_NOT_LOCKED},
+ {"NT_STATUS_PARITY_ERROR", NT_STATUS_PARITY_ERROR},
+ {"NT_STATUS_UNABLE_TO_DECOMMIT_VM",
+ NT_STATUS_UNABLE_TO_DECOMMIT_VM},
+ {"NT_STATUS_NOT_COMMITTED", NT_STATUS_NOT_COMMITTED},
+ {"NT_STATUS_INVALID_PORT_ATTRIBUTES",
+ NT_STATUS_INVALID_PORT_ATTRIBUTES},
+ {"NT_STATUS_PORT_MESSAGE_TOO_LONG",
+ NT_STATUS_PORT_MESSAGE_TOO_LONG},
+ {"NT_STATUS_INVALID_PARAMETER_MIX",
+ NT_STATUS_INVALID_PARAMETER_MIX},
+ {"NT_STATUS_INVALID_QUOTA_LOWER", NT_STATUS_INVALID_QUOTA_LOWER},
+ {"NT_STATUS_DISK_CORRUPT_ERROR", NT_STATUS_DISK_CORRUPT_ERROR},
+ {"NT_STATUS_OBJECT_NAME_INVALID", NT_STATUS_OBJECT_NAME_INVALID},
+ {"NT_STATUS_OBJECT_NAME_NOT_FOUND",
+ NT_STATUS_OBJECT_NAME_NOT_FOUND},
+ {"NT_STATUS_OBJECT_NAME_COLLISION",
+ NT_STATUS_OBJECT_NAME_COLLISION},
+ {"NT_STATUS_HANDLE_NOT_WAITABLE", NT_STATUS_HANDLE_NOT_WAITABLE},
+ {"NT_STATUS_PORT_DISCONNECTED", NT_STATUS_PORT_DISCONNECTED},
+ {"NT_STATUS_DEVICE_ALREADY_ATTACHED",
+ NT_STATUS_DEVICE_ALREADY_ATTACHED},
+ {"NT_STATUS_OBJECT_PATH_INVALID", NT_STATUS_OBJECT_PATH_INVALID},
+ {"NT_STATUS_OBJECT_PATH_NOT_FOUND",
+ NT_STATUS_OBJECT_PATH_NOT_FOUND},
+ {"NT_STATUS_OBJECT_PATH_SYNTAX_BAD",
+ NT_STATUS_OBJECT_PATH_SYNTAX_BAD},
+ {"NT_STATUS_DATA_OVERRUN", NT_STATUS_DATA_OVERRUN},
+ {"NT_STATUS_DATA_LATE_ERROR", NT_STATUS_DATA_LATE_ERROR},
+ {"NT_STATUS_DATA_ERROR", NT_STATUS_DATA_ERROR},
+ {"NT_STATUS_CRC_ERROR", NT_STATUS_CRC_ERROR},
+ {"NT_STATUS_SECTION_TOO_BIG", NT_STATUS_SECTION_TOO_BIG},
+ {"NT_STATUS_PORT_CONNECTION_REFUSED",
+ NT_STATUS_PORT_CONNECTION_REFUSED},
+ {"NT_STATUS_INVALID_PORT_HANDLE", NT_STATUS_INVALID_PORT_HANDLE},
+ {"NT_STATUS_SHARING_VIOLATION", NT_STATUS_SHARING_VIOLATION},
+ {"NT_STATUS_QUOTA_EXCEEDED", NT_STATUS_QUOTA_EXCEEDED},
+ {"NT_STATUS_INVALID_PAGE_PROTECTION",
+ NT_STATUS_INVALID_PAGE_PROTECTION},
+ {"NT_STATUS_MUTANT_NOT_OWNED", NT_STATUS_MUTANT_NOT_OWNED},
+ {"NT_STATUS_SEMAPHORE_LIMIT_EXCEEDED",
+ NT_STATUS_SEMAPHORE_LIMIT_EXCEEDED},
+ {"NT_STATUS_PORT_ALREADY_SET", NT_STATUS_PORT_ALREADY_SET},
+ {"NT_STATUS_SECTION_NOT_IMAGE", NT_STATUS_SECTION_NOT_IMAGE},
+ {"NT_STATUS_SUSPEND_COUNT_EXCEEDED",
+ NT_STATUS_SUSPEND_COUNT_EXCEEDED},
+ {"NT_STATUS_THREAD_IS_TERMINATING",
+ NT_STATUS_THREAD_IS_TERMINATING},
+ {"NT_STATUS_BAD_WORKING_SET_LIMIT",
+ NT_STATUS_BAD_WORKING_SET_LIMIT},
+ {"NT_STATUS_INCOMPATIBLE_FILE_MAP",
+ NT_STATUS_INCOMPATIBLE_FILE_MAP},
+ {"NT_STATUS_SECTION_PROTECTION", NT_STATUS_SECTION_PROTECTION},
+ {"NT_STATUS_EAS_NOT_SUPPORTED", NT_STATUS_EAS_NOT_SUPPORTED},
+ {"NT_STATUS_EA_TOO_LARGE", NT_STATUS_EA_TOO_LARGE},
+ {"NT_STATUS_NONEXISTENT_EA_ENTRY", NT_STATUS_NONEXISTENT_EA_ENTRY},
+ {"NT_STATUS_NO_EAS_ON_FILE", NT_STATUS_NO_EAS_ON_FILE},
+ {"NT_STATUS_EA_CORRUPT_ERROR", NT_STATUS_EA_CORRUPT_ERROR},
+ {"NT_STATUS_FILE_LOCK_CONFLICT", NT_STATUS_FILE_LOCK_CONFLICT},
+ {"NT_STATUS_LOCK_NOT_GRANTED", NT_STATUS_LOCK_NOT_GRANTED},
+ {"NT_STATUS_DELETE_PENDING", NT_STATUS_DELETE_PENDING},
+ {"NT_STATUS_CTL_FILE_NOT_SUPPORTED",
+ NT_STATUS_CTL_FILE_NOT_SUPPORTED},
+ {"NT_STATUS_UNKNOWN_REVISION", NT_STATUS_UNKNOWN_REVISION},
+ {"NT_STATUS_REVISION_MISMATCH", NT_STATUS_REVISION_MISMATCH},
+ {"NT_STATUS_INVALID_OWNER", NT_STATUS_INVALID_OWNER},
+ {"NT_STATUS_INVALID_PRIMARY_GROUP",
+ NT_STATUS_INVALID_PRIMARY_GROUP},
+ {"NT_STATUS_NO_IMPERSONATION_TOKEN",
+ NT_STATUS_NO_IMPERSONATION_TOKEN},
+ {"NT_STATUS_CANT_DISABLE_MANDATORY",
+ NT_STATUS_CANT_DISABLE_MANDATORY},
+ {"NT_STATUS_NO_LOGON_SERVERS", NT_STATUS_NO_LOGON_SERVERS},
+ {"NT_STATUS_NO_SUCH_LOGON_SESSION",
+ NT_STATUS_NO_SUCH_LOGON_SESSION},
+ {"NT_STATUS_NO_SUCH_PRIVILEGE", NT_STATUS_NO_SUCH_PRIVILEGE},
+ {"NT_STATUS_PRIVILEGE_NOT_HELD", NT_STATUS_PRIVILEGE_NOT_HELD},
+ {"NT_STATUS_INVALID_ACCOUNT_NAME", NT_STATUS_INVALID_ACCOUNT_NAME},
+ {"NT_STATUS_USER_EXISTS", NT_STATUS_USER_EXISTS},
+ {"NT_STATUS_NO_SUCH_USER", NT_STATUS_NO_SUCH_USER},
+ {"NT_STATUS_GROUP_EXISTS", NT_STATUS_GROUP_EXISTS},
+ {"NT_STATUS_NO_SUCH_GROUP", NT_STATUS_NO_SUCH_GROUP},
+ {"NT_STATUS_MEMBER_IN_GROUP", NT_STATUS_MEMBER_IN_GROUP},
+ {"NT_STATUS_MEMBER_NOT_IN_GROUP", NT_STATUS_MEMBER_NOT_IN_GROUP},
+ {"NT_STATUS_LAST_ADMIN", NT_STATUS_LAST_ADMIN},
+ {"NT_STATUS_WRONG_PASSWORD", NT_STATUS_WRONG_PASSWORD},
+ {"NT_STATUS_ILL_FORMED_PASSWORD", NT_STATUS_ILL_FORMED_PASSWORD},
+ {"NT_STATUS_PASSWORD_RESTRICTION", NT_STATUS_PASSWORD_RESTRICTION},
+ {"NT_STATUS_LOGON_FAILURE", NT_STATUS_LOGON_FAILURE},
+ {"NT_STATUS_ACCOUNT_RESTRICTION", NT_STATUS_ACCOUNT_RESTRICTION},
+ {"NT_STATUS_INVALID_LOGON_HOURS", NT_STATUS_INVALID_LOGON_HOURS},
+ {"NT_STATUS_INVALID_WORKSTATION", NT_STATUS_INVALID_WORKSTATION},
+ {"NT_STATUS_PASSWORD_EXPIRED", NT_STATUS_PASSWORD_EXPIRED},
+ {"NT_STATUS_ACCOUNT_DISABLED", NT_STATUS_ACCOUNT_DISABLED},
+ {"NT_STATUS_NONE_MAPPED", NT_STATUS_NONE_MAPPED},
+ {"NT_STATUS_TOO_MANY_LUIDS_REQUESTED",
+ NT_STATUS_TOO_MANY_LUIDS_REQUESTED},
+ {"NT_STATUS_LUIDS_EXHAUSTED", NT_STATUS_LUIDS_EXHAUSTED},
+ {"NT_STATUS_INVALID_SUB_AUTHORITY",
+ NT_STATUS_INVALID_SUB_AUTHORITY},
+ {"NT_STATUS_INVALID_ACL", NT_STATUS_INVALID_ACL},
+ {"NT_STATUS_INVALID_SID", NT_STATUS_INVALID_SID},
+ {"NT_STATUS_INVALID_SECURITY_DESCR",
+ NT_STATUS_INVALID_SECURITY_DESCR},
+ {"NT_STATUS_PROCEDURE_NOT_FOUND", NT_STATUS_PROCEDURE_NOT_FOUND},
+ {"NT_STATUS_INVALID_IMAGE_FORMAT", NT_STATUS_INVALID_IMAGE_FORMAT},
+ {"NT_STATUS_NO_TOKEN", NT_STATUS_NO_TOKEN},
+ {"NT_STATUS_BAD_INHERITANCE_ACL", NT_STATUS_BAD_INHERITANCE_ACL},
+ {"NT_STATUS_RANGE_NOT_LOCKED", NT_STATUS_RANGE_NOT_LOCKED},
+ {"NT_STATUS_DISK_FULL", NT_STATUS_DISK_FULL},
+ {"NT_STATUS_SERVER_DISABLED", NT_STATUS_SERVER_DISABLED},
+ {"NT_STATUS_SERVER_NOT_DISABLED", NT_STATUS_SERVER_NOT_DISABLED},
+ {"NT_STATUS_TOO_MANY_GUIDS_REQUESTED",
+ NT_STATUS_TOO_MANY_GUIDS_REQUESTED},
+ {"NT_STATUS_GUIDS_EXHAUSTED", NT_STATUS_GUIDS_EXHAUSTED},
+ {"NT_STATUS_INVALID_ID_AUTHORITY", NT_STATUS_INVALID_ID_AUTHORITY},
+ {"NT_STATUS_AGENTS_EXHAUSTED", NT_STATUS_AGENTS_EXHAUSTED},
+ {"NT_STATUS_INVALID_VOLUME_LABEL", NT_STATUS_INVALID_VOLUME_LABEL},
+ {"NT_STATUS_SECTION_NOT_EXTENDED", NT_STATUS_SECTION_NOT_EXTENDED},
+ {"NT_STATUS_NOT_MAPPED_DATA", NT_STATUS_NOT_MAPPED_DATA},
+ {"NT_STATUS_RESOURCE_DATA_NOT_FOUND",
+ NT_STATUS_RESOURCE_DATA_NOT_FOUND},
+ {"NT_STATUS_RESOURCE_TYPE_NOT_FOUND",
+ NT_STATUS_RESOURCE_TYPE_NOT_FOUND},
+ {"NT_STATUS_RESOURCE_NAME_NOT_FOUND",
+ NT_STATUS_RESOURCE_NAME_NOT_FOUND},
+ {"NT_STATUS_ARRAY_BOUNDS_EXCEEDED",
+ NT_STATUS_ARRAY_BOUNDS_EXCEEDED},
+ {"NT_STATUS_FLOAT_DENORMAL_OPERAND",
+ NT_STATUS_FLOAT_DENORMAL_OPERAND},
+ {"NT_STATUS_FLOAT_DIVIDE_BY_ZERO", NT_STATUS_FLOAT_DIVIDE_BY_ZERO},
+ {"NT_STATUS_FLOAT_INEXACT_RESULT", NT_STATUS_FLOAT_INEXACT_RESULT},
+ {"NT_STATUS_FLOAT_INVALID_OPERATION",
+ NT_STATUS_FLOAT_INVALID_OPERATION},
+ {"NT_STATUS_FLOAT_OVERFLOW", NT_STATUS_FLOAT_OVERFLOW},
+ {"NT_STATUS_FLOAT_STACK_CHECK", NT_STATUS_FLOAT_STACK_CHECK},
+ {"NT_STATUS_FLOAT_UNDERFLOW", NT_STATUS_FLOAT_UNDERFLOW},
+ {"NT_STATUS_INTEGER_DIVIDE_BY_ZERO",
+ NT_STATUS_INTEGER_DIVIDE_BY_ZERO},
+ {"NT_STATUS_INTEGER_OVERFLOW", NT_STATUS_INTEGER_OVERFLOW},
+ {"NT_STATUS_PRIVILEGED_INSTRUCTION",
+ NT_STATUS_PRIVILEGED_INSTRUCTION},
+ {"NT_STATUS_TOO_MANY_PAGING_FILES",
+ NT_STATUS_TOO_MANY_PAGING_FILES},
+ {"NT_STATUS_FILE_INVALID", NT_STATUS_FILE_INVALID},
+ {"NT_STATUS_ALLOTTED_SPACE_EXCEEDED",
+ NT_STATUS_ALLOTTED_SPACE_EXCEEDED},
+ {"NT_STATUS_INSUFFICIENT_RESOURCES",
+ NT_STATUS_INSUFFICIENT_RESOURCES},
+ {"NT_STATUS_DFS_EXIT_PATH_FOUND", NT_STATUS_DFS_EXIT_PATH_FOUND},
+ {"NT_STATUS_DEVICE_DATA_ERROR", NT_STATUS_DEVICE_DATA_ERROR},
+ {"NT_STATUS_DEVICE_NOT_CONNECTED", NT_STATUS_DEVICE_NOT_CONNECTED},
+ {"NT_STATUS_DEVICE_POWER_FAILURE", NT_STATUS_DEVICE_POWER_FAILURE},
+ {"NT_STATUS_FREE_VM_NOT_AT_BASE", NT_STATUS_FREE_VM_NOT_AT_BASE},
+ {"NT_STATUS_MEMORY_NOT_ALLOCATED", NT_STATUS_MEMORY_NOT_ALLOCATED},
+ {"NT_STATUS_WORKING_SET_QUOTA", NT_STATUS_WORKING_SET_QUOTA},
+ {"NT_STATUS_MEDIA_WRITE_PROTECTED",
+ NT_STATUS_MEDIA_WRITE_PROTECTED},
+ {"NT_STATUS_DEVICE_NOT_READY", NT_STATUS_DEVICE_NOT_READY},
+ {"NT_STATUS_INVALID_GROUP_ATTRIBUTES",
+ NT_STATUS_INVALID_GROUP_ATTRIBUTES},
+ {"NT_STATUS_BAD_IMPERSONATION_LEVEL",
+ NT_STATUS_BAD_IMPERSONATION_LEVEL},
+ {"NT_STATUS_CANT_OPEN_ANONYMOUS", NT_STATUS_CANT_OPEN_ANONYMOUS},
+ {"NT_STATUS_BAD_VALIDATION_CLASS", NT_STATUS_BAD_VALIDATION_CLASS},
+ {"NT_STATUS_BAD_TOKEN_TYPE", NT_STATUS_BAD_TOKEN_TYPE},
+ {"NT_STATUS_BAD_MASTER_BOOT_RECORD",
+ NT_STATUS_BAD_MASTER_BOOT_RECORD},
+ {"NT_STATUS_INSTRUCTION_MISALIGNMENT",
+ NT_STATUS_INSTRUCTION_MISALIGNMENT},
+ {"NT_STATUS_INSTANCE_NOT_AVAILABLE",
+ NT_STATUS_INSTANCE_NOT_AVAILABLE},
+ {"NT_STATUS_PIPE_NOT_AVAILABLE", NT_STATUS_PIPE_NOT_AVAILABLE},
+ {"NT_STATUS_INVALID_PIPE_STATE", NT_STATUS_INVALID_PIPE_STATE},
+ {"NT_STATUS_PIPE_BUSY", NT_STATUS_PIPE_BUSY},
+ {"NT_STATUS_ILLEGAL_FUNCTION", NT_STATUS_ILLEGAL_FUNCTION},
+ {"NT_STATUS_PIPE_DISCONNECTED", NT_STATUS_PIPE_DISCONNECTED},
+ {"NT_STATUS_PIPE_CLOSING", NT_STATUS_PIPE_CLOSING},
+ {"NT_STATUS_PIPE_CONNECTED", NT_STATUS_PIPE_CONNECTED},
+ {"NT_STATUS_PIPE_LISTENING", NT_STATUS_PIPE_LISTENING},
+ {"NT_STATUS_INVALID_READ_MODE", NT_STATUS_INVALID_READ_MODE},
+ {"NT_STATUS_IO_TIMEOUT", NT_STATUS_IO_TIMEOUT},
+ {"NT_STATUS_FILE_FORCED_CLOSED", NT_STATUS_FILE_FORCED_CLOSED},
+ {"NT_STATUS_PROFILING_NOT_STARTED",
+ NT_STATUS_PROFILING_NOT_STARTED},
+ {"NT_STATUS_PROFILING_NOT_STOPPED",
+ NT_STATUS_PROFILING_NOT_STOPPED},
+ {"NT_STATUS_COULD_NOT_INTERPRET", NT_STATUS_COULD_NOT_INTERPRET},
+ {"NT_STATUS_FILE_IS_A_DIRECTORY", NT_STATUS_FILE_IS_A_DIRECTORY},
+ {"NT_STATUS_NOT_SUPPORTED", NT_STATUS_NOT_SUPPORTED},
+ {"NT_STATUS_REMOTE_NOT_LISTENING", NT_STATUS_REMOTE_NOT_LISTENING},
+ {"NT_STATUS_DUPLICATE_NAME", NT_STATUS_DUPLICATE_NAME},
+ {"NT_STATUS_BAD_NETWORK_PATH", NT_STATUS_BAD_NETWORK_PATH},
+ {"NT_STATUS_NETWORK_BUSY", NT_STATUS_NETWORK_BUSY},
+ {"NT_STATUS_DEVICE_DOES_NOT_EXIST",
+ NT_STATUS_DEVICE_DOES_NOT_EXIST},
+ {"NT_STATUS_TOO_MANY_COMMANDS", NT_STATUS_TOO_MANY_COMMANDS},
+ {"NT_STATUS_ADAPTER_HARDWARE_ERROR",
+ NT_STATUS_ADAPTER_HARDWARE_ERROR},
+ {"NT_STATUS_INVALID_NETWORK_RESPONSE",
+ NT_STATUS_INVALID_NETWORK_RESPONSE},
+ {"NT_STATUS_UNEXPECTED_NETWORK_ERROR",
+ NT_STATUS_UNEXPECTED_NETWORK_ERROR},
+ {"NT_STATUS_BAD_REMOTE_ADAPTER", NT_STATUS_BAD_REMOTE_ADAPTER},
+ {"NT_STATUS_PRINT_QUEUE_FULL", NT_STATUS_PRINT_QUEUE_FULL},
+ {"NT_STATUS_NO_SPOOL_SPACE", NT_STATUS_NO_SPOOL_SPACE},
+ {"NT_STATUS_PRINT_CANCELLED", NT_STATUS_PRINT_CANCELLED},
+ {"NT_STATUS_NETWORK_NAME_DELETED", NT_STATUS_NETWORK_NAME_DELETED},
+ {"NT_STATUS_NETWORK_ACCESS_DENIED",
+ NT_STATUS_NETWORK_ACCESS_DENIED},
+ {"NT_STATUS_BAD_DEVICE_TYPE", NT_STATUS_BAD_DEVICE_TYPE},
+ {"NT_STATUS_BAD_NETWORK_NAME", NT_STATUS_BAD_NETWORK_NAME},
+ {"NT_STATUS_TOO_MANY_NAMES", NT_STATUS_TOO_MANY_NAMES},
+ {"NT_STATUS_TOO_MANY_SESSIONS", NT_STATUS_TOO_MANY_SESSIONS},
+ {"NT_STATUS_SHARING_PAUSED", NT_STATUS_SHARING_PAUSED},
+ {"NT_STATUS_REQUEST_NOT_ACCEPTED", NT_STATUS_REQUEST_NOT_ACCEPTED},
+ {"NT_STATUS_REDIRECTOR_PAUSED", NT_STATUS_REDIRECTOR_PAUSED},
+ {"NT_STATUS_NET_WRITE_FAULT", NT_STATUS_NET_WRITE_FAULT},
+ {"NT_STATUS_PROFILING_AT_LIMIT", NT_STATUS_PROFILING_AT_LIMIT},
+ {"NT_STATUS_NOT_SAME_DEVICE", NT_STATUS_NOT_SAME_DEVICE},
+ {"NT_STATUS_FILE_RENAMED", NT_STATUS_FILE_RENAMED},
+ {"NT_STATUS_VIRTUAL_CIRCUIT_CLOSED",
+ NT_STATUS_VIRTUAL_CIRCUIT_CLOSED},
+ {"NT_STATUS_NO_SECURITY_ON_OBJECT",
+ NT_STATUS_NO_SECURITY_ON_OBJECT},
+ {"NT_STATUS_CANT_WAIT", NT_STATUS_CANT_WAIT},
+ {"NT_STATUS_PIPE_EMPTY", NT_STATUS_PIPE_EMPTY},
+ {"NT_STATUS_CANT_ACCESS_DOMAIN_INFO",
+ NT_STATUS_CANT_ACCESS_DOMAIN_INFO},
+ {"NT_STATUS_CANT_TERMINATE_SELF", NT_STATUS_CANT_TERMINATE_SELF},
+ {"NT_STATUS_INVALID_SERVER_STATE", NT_STATUS_INVALID_SERVER_STATE},
+ {"NT_STATUS_INVALID_DOMAIN_STATE", NT_STATUS_INVALID_DOMAIN_STATE},
+ {"NT_STATUS_INVALID_DOMAIN_ROLE", NT_STATUS_INVALID_DOMAIN_ROLE},
+ {"NT_STATUS_NO_SUCH_DOMAIN", NT_STATUS_NO_SUCH_DOMAIN},
+ {"NT_STATUS_DOMAIN_EXISTS", NT_STATUS_DOMAIN_EXISTS},
+ {"NT_STATUS_DOMAIN_LIMIT_EXCEEDED",
+ NT_STATUS_DOMAIN_LIMIT_EXCEEDED},
+ {"NT_STATUS_OPLOCK_NOT_GRANTED", NT_STATUS_OPLOCK_NOT_GRANTED},
+ {"NT_STATUS_INVALID_OPLOCK_PROTOCOL",
+ NT_STATUS_INVALID_OPLOCK_PROTOCOL},
+ {"NT_STATUS_INTERNAL_DB_CORRUPTION",
+ NT_STATUS_INTERNAL_DB_CORRUPTION},
+ {"NT_STATUS_INTERNAL_ERROR", NT_STATUS_INTERNAL_ERROR},
+ {"NT_STATUS_GENERIC_NOT_MAPPED", NT_STATUS_GENERIC_NOT_MAPPED},
+ {"NT_STATUS_BAD_DESCRIPTOR_FORMAT",
+ NT_STATUS_BAD_DESCRIPTOR_FORMAT},
+ {"NT_STATUS_INVALID_USER_BUFFER", NT_STATUS_INVALID_USER_BUFFER},
+ {"NT_STATUS_UNEXPECTED_IO_ERROR", NT_STATUS_UNEXPECTED_IO_ERROR},
+ {"NT_STATUS_UNEXPECTED_MM_CREATE_ERR",
+ NT_STATUS_UNEXPECTED_MM_CREATE_ERR},
+ {"NT_STATUS_UNEXPECTED_MM_MAP_ERROR",
+ NT_STATUS_UNEXPECTED_MM_MAP_ERROR},
+ {"NT_STATUS_UNEXPECTED_MM_EXTEND_ERR",
+ NT_STATUS_UNEXPECTED_MM_EXTEND_ERR},
+ {"NT_STATUS_NOT_LOGON_PROCESS", NT_STATUS_NOT_LOGON_PROCESS},
+ {"NT_STATUS_LOGON_SESSION_EXISTS", NT_STATUS_LOGON_SESSION_EXISTS},
+ {"NT_STATUS_INVALID_PARAMETER_1", NT_STATUS_INVALID_PARAMETER_1},
+ {"NT_STATUS_INVALID_PARAMETER_2", NT_STATUS_INVALID_PARAMETER_2},
+ {"NT_STATUS_INVALID_PARAMETER_3", NT_STATUS_INVALID_PARAMETER_3},
+ {"NT_STATUS_INVALID_PARAMETER_4", NT_STATUS_INVALID_PARAMETER_4},
+ {"NT_STATUS_INVALID_PARAMETER_5", NT_STATUS_INVALID_PARAMETER_5},
+ {"NT_STATUS_INVALID_PARAMETER_6", NT_STATUS_INVALID_PARAMETER_6},
+ {"NT_STATUS_INVALID_PARAMETER_7", NT_STATUS_INVALID_PARAMETER_7},
+ {"NT_STATUS_INVALID_PARAMETER_8", NT_STATUS_INVALID_PARAMETER_8},
+ {"NT_STATUS_INVALID_PARAMETER_9", NT_STATUS_INVALID_PARAMETER_9},
+ {"NT_STATUS_INVALID_PARAMETER_10", NT_STATUS_INVALID_PARAMETER_10},
+ {"NT_STATUS_INVALID_PARAMETER_11", NT_STATUS_INVALID_PARAMETER_11},
+ {"NT_STATUS_INVALID_PARAMETER_12", NT_STATUS_INVALID_PARAMETER_12},
+ {"NT_STATUS_REDIRECTOR_NOT_STARTED",
+ NT_STATUS_REDIRECTOR_NOT_STARTED},
+ {"NT_STATUS_REDIRECTOR_STARTED", NT_STATUS_REDIRECTOR_STARTED},
+ {"NT_STATUS_STACK_OVERFLOW", NT_STATUS_STACK_OVERFLOW},
+ {"NT_STATUS_NO_SUCH_PACKAGE", NT_STATUS_NO_SUCH_PACKAGE},
+ {"NT_STATUS_BAD_FUNCTION_TABLE", NT_STATUS_BAD_FUNCTION_TABLE},
+ {"NT_STATUS_DIRECTORY_NOT_EMPTY", NT_STATUS_DIRECTORY_NOT_EMPTY},
+ {"NT_STATUS_FILE_CORRUPT_ERROR", NT_STATUS_FILE_CORRUPT_ERROR},
+ {"NT_STATUS_NOT_A_DIRECTORY", NT_STATUS_NOT_A_DIRECTORY},
+ {"NT_STATUS_BAD_LOGON_SESSION_STATE",
+ NT_STATUS_BAD_LOGON_SESSION_STATE},
+ {"NT_STATUS_LOGON_SESSION_COLLISION",
+ NT_STATUS_LOGON_SESSION_COLLISION},
+ {"NT_STATUS_NAME_TOO_LONG", NT_STATUS_NAME_TOO_LONG},
+ {"NT_STATUS_FILES_OPEN", NT_STATUS_FILES_OPEN},
+ {"NT_STATUS_CONNECTION_IN_USE", NT_STATUS_CONNECTION_IN_USE},
+ {"NT_STATUS_MESSAGE_NOT_FOUND", NT_STATUS_MESSAGE_NOT_FOUND},
+ {"NT_STATUS_PROCESS_IS_TERMINATING",
+ NT_STATUS_PROCESS_IS_TERMINATING},
+ {"NT_STATUS_INVALID_LOGON_TYPE", NT_STATUS_INVALID_LOGON_TYPE},
+ {"NT_STATUS_NO_GUID_TRANSLATION", NT_STATUS_NO_GUID_TRANSLATION},
+ {"NT_STATUS_CANNOT_IMPERSONATE", NT_STATUS_CANNOT_IMPERSONATE},
+ {"NT_STATUS_IMAGE_ALREADY_LOADED", NT_STATUS_IMAGE_ALREADY_LOADED},
+ {"NT_STATUS_ABIOS_NOT_PRESENT", NT_STATUS_ABIOS_NOT_PRESENT},
+ {"NT_STATUS_ABIOS_LID_NOT_EXIST", NT_STATUS_ABIOS_LID_NOT_EXIST},
+ {"NT_STATUS_ABIOS_LID_ALREADY_OWNED",
+ NT_STATUS_ABIOS_LID_ALREADY_OWNED},
+ {"NT_STATUS_ABIOS_NOT_LID_OWNER", NT_STATUS_ABIOS_NOT_LID_OWNER},
+ {"NT_STATUS_ABIOS_INVALID_COMMAND",
+ NT_STATUS_ABIOS_INVALID_COMMAND},
+ {"NT_STATUS_ABIOS_INVALID_LID", NT_STATUS_ABIOS_INVALID_LID},
+ {"NT_STATUS_ABIOS_SELECTOR_NOT_AVAILABLE",
+ NT_STATUS_ABIOS_SELECTOR_NOT_AVAILABLE},
+ {"NT_STATUS_ABIOS_INVALID_SELECTOR",
+ NT_STATUS_ABIOS_INVALID_SELECTOR},
+ {"NT_STATUS_NO_LDT", NT_STATUS_NO_LDT},
+ {"NT_STATUS_INVALID_LDT_SIZE", NT_STATUS_INVALID_LDT_SIZE},
+ {"NT_STATUS_INVALID_LDT_OFFSET", NT_STATUS_INVALID_LDT_OFFSET},
+ {"NT_STATUS_INVALID_LDT_DESCRIPTOR",
+ NT_STATUS_INVALID_LDT_DESCRIPTOR},
+ {"NT_STATUS_INVALID_IMAGE_NE_FORMAT",
+ NT_STATUS_INVALID_IMAGE_NE_FORMAT},
+ {"NT_STATUS_RXACT_INVALID_STATE", NT_STATUS_RXACT_INVALID_STATE},
+ {"NT_STATUS_RXACT_COMMIT_FAILURE", NT_STATUS_RXACT_COMMIT_FAILURE},
+ {"NT_STATUS_MAPPED_FILE_SIZE_ZERO",
+ NT_STATUS_MAPPED_FILE_SIZE_ZERO},
+ {"NT_STATUS_TOO_MANY_OPENED_FILES",
+ NT_STATUS_TOO_MANY_OPENED_FILES},
+ {"NT_STATUS_CANCELLED", NT_STATUS_CANCELLED},
+ {"NT_STATUS_CANNOT_DELETE", NT_STATUS_CANNOT_DELETE},
+ {"NT_STATUS_INVALID_COMPUTER_NAME",
+ NT_STATUS_INVALID_COMPUTER_NAME},
+ {"NT_STATUS_FILE_DELETED", NT_STATUS_FILE_DELETED},
+ {"NT_STATUS_SPECIAL_ACCOUNT", NT_STATUS_SPECIAL_ACCOUNT},
+ {"NT_STATUS_SPECIAL_GROUP", NT_STATUS_SPECIAL_GROUP},
+ {"NT_STATUS_SPECIAL_USER", NT_STATUS_SPECIAL_USER},
+ {"NT_STATUS_MEMBERS_PRIMARY_GROUP",
+ NT_STATUS_MEMBERS_PRIMARY_GROUP},
+ {"NT_STATUS_FILE_CLOSED", NT_STATUS_FILE_CLOSED},
+ {"NT_STATUS_TOO_MANY_THREADS", NT_STATUS_TOO_MANY_THREADS},
+ {"NT_STATUS_THREAD_NOT_IN_PROCESS",
+ NT_STATUS_THREAD_NOT_IN_PROCESS},
+ {"NT_STATUS_TOKEN_ALREADY_IN_USE", NT_STATUS_TOKEN_ALREADY_IN_USE},
+ {"NT_STATUS_PAGEFILE_QUOTA_EXCEEDED",
+ NT_STATUS_PAGEFILE_QUOTA_EXCEEDED},
+ {"NT_STATUS_COMMITMENT_LIMIT", NT_STATUS_COMMITMENT_LIMIT},
+ {"NT_STATUS_INVALID_IMAGE_LE_FORMAT",
+ NT_STATUS_INVALID_IMAGE_LE_FORMAT},
+ {"NT_STATUS_INVALID_IMAGE_NOT_MZ", NT_STATUS_INVALID_IMAGE_NOT_MZ},
+ {"NT_STATUS_INVALID_IMAGE_PROTECT",
+ NT_STATUS_INVALID_IMAGE_PROTECT},
+ {"NT_STATUS_INVALID_IMAGE_WIN_16", NT_STATUS_INVALID_IMAGE_WIN_16},
+ {"NT_STATUS_LOGON_SERVER_CONFLICT",
+ NT_STATUS_LOGON_SERVER_CONFLICT},
+ {"NT_STATUS_TIME_DIFFERENCE_AT_DC",
+ NT_STATUS_TIME_DIFFERENCE_AT_DC},
+ {"NT_STATUS_SYNCHRONIZATION_REQUIRED",
+ NT_STATUS_SYNCHRONIZATION_REQUIRED},
+ {"NT_STATUS_DLL_NOT_FOUND", NT_STATUS_DLL_NOT_FOUND},
+ {"NT_STATUS_OPEN_FAILED", NT_STATUS_OPEN_FAILED},
+ {"NT_STATUS_IO_PRIVILEGE_FAILED", NT_STATUS_IO_PRIVILEGE_FAILED},
+ {"NT_STATUS_ORDINAL_NOT_FOUND", NT_STATUS_ORDINAL_NOT_FOUND},
+ {"NT_STATUS_ENTRYPOINT_NOT_FOUND", NT_STATUS_ENTRYPOINT_NOT_FOUND},
+ {"NT_STATUS_CONTROL_C_EXIT", NT_STATUS_CONTROL_C_EXIT},
+ {"NT_STATUS_LOCAL_DISCONNECT", NT_STATUS_LOCAL_DISCONNECT},
+ {"NT_STATUS_REMOTE_DISCONNECT", NT_STATUS_REMOTE_DISCONNECT},
+ {"NT_STATUS_REMOTE_RESOURCES", NT_STATUS_REMOTE_RESOURCES},
+ {"NT_STATUS_LINK_FAILED", NT_STATUS_LINK_FAILED},
+ {"NT_STATUS_LINK_TIMEOUT", NT_STATUS_LINK_TIMEOUT},
+ {"NT_STATUS_INVALID_CONNECTION", NT_STATUS_INVALID_CONNECTION},
+ {"NT_STATUS_INVALID_ADDRESS", NT_STATUS_INVALID_ADDRESS},
+ {"NT_STATUS_DLL_INIT_FAILED", NT_STATUS_DLL_INIT_FAILED},
+ {"NT_STATUS_MISSING_SYSTEMFILE", NT_STATUS_MISSING_SYSTEMFILE},
+ {"NT_STATUS_UNHANDLED_EXCEPTION", NT_STATUS_UNHANDLED_EXCEPTION},
+ {"NT_STATUS_APP_INIT_FAILURE", NT_STATUS_APP_INIT_FAILURE},
+ {"NT_STATUS_PAGEFILE_CREATE_FAILED",
+ NT_STATUS_PAGEFILE_CREATE_FAILED},
+ {"NT_STATUS_NO_PAGEFILE", NT_STATUS_NO_PAGEFILE},
+ {"NT_STATUS_INVALID_LEVEL", NT_STATUS_INVALID_LEVEL},
+ {"NT_STATUS_WRONG_PASSWORD_CORE", NT_STATUS_WRONG_PASSWORD_CORE},
+ {"NT_STATUS_ILLEGAL_FLOAT_CONTEXT",
+ NT_STATUS_ILLEGAL_FLOAT_CONTEXT},
+ {"NT_STATUS_PIPE_BROKEN", NT_STATUS_PIPE_BROKEN},
+ {"NT_STATUS_REGISTRY_CORRUPT", NT_STATUS_REGISTRY_CORRUPT},
+ {"NT_STATUS_REGISTRY_IO_FAILED", NT_STATUS_REGISTRY_IO_FAILED},
+ {"NT_STATUS_NO_EVENT_PAIR", NT_STATUS_NO_EVENT_PAIR},
+ {"NT_STATUS_UNRECOGNIZED_VOLUME", NT_STATUS_UNRECOGNIZED_VOLUME},
+ {"NT_STATUS_SERIAL_NO_DEVICE_INITED",
+ NT_STATUS_SERIAL_NO_DEVICE_INITED},
+ {"NT_STATUS_NO_SUCH_ALIAS", NT_STATUS_NO_SUCH_ALIAS},
+ {"NT_STATUS_MEMBER_NOT_IN_ALIAS", NT_STATUS_MEMBER_NOT_IN_ALIAS},
+ {"NT_STATUS_MEMBER_IN_ALIAS", NT_STATUS_MEMBER_IN_ALIAS},
+ {"NT_STATUS_ALIAS_EXISTS", NT_STATUS_ALIAS_EXISTS},
+ {"NT_STATUS_LOGON_NOT_GRANTED", NT_STATUS_LOGON_NOT_GRANTED},
+ {"NT_STATUS_TOO_MANY_SECRETS", NT_STATUS_TOO_MANY_SECRETS},
+ {"NT_STATUS_SECRET_TOO_LONG", NT_STATUS_SECRET_TOO_LONG},
+ {"NT_STATUS_INTERNAL_DB_ERROR", NT_STATUS_INTERNAL_DB_ERROR},
+ {"NT_STATUS_FULLSCREEN_MODE", NT_STATUS_FULLSCREEN_MODE},
+ {"NT_STATUS_TOO_MANY_CONTEXT_IDS", NT_STATUS_TOO_MANY_CONTEXT_IDS},
+ {"NT_STATUS_LOGON_TYPE_NOT_GRANTED",
+ NT_STATUS_LOGON_TYPE_NOT_GRANTED},
+ {"NT_STATUS_NOT_REGISTRY_FILE", NT_STATUS_NOT_REGISTRY_FILE},
+ {"NT_STATUS_NT_CROSS_ENCRYPTION_REQUIRED",
+ NT_STATUS_NT_CROSS_ENCRYPTION_REQUIRED},
+ {"NT_STATUS_DOMAIN_CTRLR_CONFIG_ERROR",
+ NT_STATUS_DOMAIN_CTRLR_CONFIG_ERROR},
+ {"NT_STATUS_FT_MISSING_MEMBER", NT_STATUS_FT_MISSING_MEMBER},
+ {"NT_STATUS_ILL_FORMED_SERVICE_ENTRY",
+ NT_STATUS_ILL_FORMED_SERVICE_ENTRY},
+ {"NT_STATUS_ILLEGAL_CHARACTER", NT_STATUS_ILLEGAL_CHARACTER},
+ {"NT_STATUS_UNMAPPABLE_CHARACTER", NT_STATUS_UNMAPPABLE_CHARACTER},
+ {"NT_STATUS_UNDEFINED_CHARACTER", NT_STATUS_UNDEFINED_CHARACTER},
+ {"NT_STATUS_FLOPPY_VOLUME", NT_STATUS_FLOPPY_VOLUME},
+ {"NT_STATUS_FLOPPY_ID_MARK_NOT_FOUND",
+ NT_STATUS_FLOPPY_ID_MARK_NOT_FOUND},
+ {"NT_STATUS_FLOPPY_WRONG_CYLINDER",
+ NT_STATUS_FLOPPY_WRONG_CYLINDER},
+ {"NT_STATUS_FLOPPY_UNKNOWN_ERROR", NT_STATUS_FLOPPY_UNKNOWN_ERROR},
+ {"NT_STATUS_FLOPPY_BAD_REGISTERS", NT_STATUS_FLOPPY_BAD_REGISTERS},
+ {"NT_STATUS_DISK_RECALIBRATE_FAILED",
+ NT_STATUS_DISK_RECALIBRATE_FAILED},
+ {"NT_STATUS_DISK_OPERATION_FAILED",
+ NT_STATUS_DISK_OPERATION_FAILED},
+ {"NT_STATUS_DISK_RESET_FAILED", NT_STATUS_DISK_RESET_FAILED},
+ {"NT_STATUS_SHARED_IRQ_BUSY", NT_STATUS_SHARED_IRQ_BUSY},
+ {"NT_STATUS_FT_ORPHANING", NT_STATUS_FT_ORPHANING},
+ {"NT_STATUS_PARTITION_FAILURE", NT_STATUS_PARTITION_FAILURE},
+ {"NT_STATUS_INVALID_BLOCK_LENGTH", NT_STATUS_INVALID_BLOCK_LENGTH},
+ {"NT_STATUS_DEVICE_NOT_PARTITIONED",
+ NT_STATUS_DEVICE_NOT_PARTITIONED},
+ {"NT_STATUS_UNABLE_TO_LOCK_MEDIA", NT_STATUS_UNABLE_TO_LOCK_MEDIA},
+ {"NT_STATUS_UNABLE_TO_UNLOAD_MEDIA",
+ NT_STATUS_UNABLE_TO_UNLOAD_MEDIA},
+ {"NT_STATUS_EOM_OVERFLOW", NT_STATUS_EOM_OVERFLOW},
+ {"NT_STATUS_NO_MEDIA", NT_STATUS_NO_MEDIA},
+ {"NT_STATUS_NO_SUCH_MEMBER", NT_STATUS_NO_SUCH_MEMBER},
+ {"NT_STATUS_INVALID_MEMBER", NT_STATUS_INVALID_MEMBER},
+ {"NT_STATUS_KEY_DELETED", NT_STATUS_KEY_DELETED},
+ {"NT_STATUS_NO_LOG_SPACE", NT_STATUS_NO_LOG_SPACE},
+ {"NT_STATUS_TOO_MANY_SIDS", NT_STATUS_TOO_MANY_SIDS},
+ {"NT_STATUS_LM_CROSS_ENCRYPTION_REQUIRED",
+ NT_STATUS_LM_CROSS_ENCRYPTION_REQUIRED},
+ {"NT_STATUS_KEY_HAS_CHILDREN", NT_STATUS_KEY_HAS_CHILDREN},
+ {"NT_STATUS_CHILD_MUST_BE_VOLATILE",
+ NT_STATUS_CHILD_MUST_BE_VOLATILE},
+ {"NT_STATUS_DEVICE_CONFIGURATION_ERROR",
+ NT_STATUS_DEVICE_CONFIGURATION_ERROR},
+ {"NT_STATUS_DRIVER_INTERNAL_ERROR",
+ NT_STATUS_DRIVER_INTERNAL_ERROR},
+ {"NT_STATUS_INVALID_DEVICE_STATE", NT_STATUS_INVALID_DEVICE_STATE},
+ {"NT_STATUS_IO_DEVICE_ERROR", NT_STATUS_IO_DEVICE_ERROR},
+ {"NT_STATUS_DEVICE_PROTOCOL_ERROR",
+ NT_STATUS_DEVICE_PROTOCOL_ERROR},
+ {"NT_STATUS_BACKUP_CONTROLLER", NT_STATUS_BACKUP_CONTROLLER},
+ {"NT_STATUS_LOG_FILE_FULL", NT_STATUS_LOG_FILE_FULL},
+ {"NT_STATUS_TOO_LATE", NT_STATUS_TOO_LATE},
+ {"NT_STATUS_NO_TRUST_LSA_SECRET", NT_STATUS_NO_TRUST_LSA_SECRET},
+ {"NT_STATUS_NO_TRUST_SAM_ACCOUNT", NT_STATUS_NO_TRUST_SAM_ACCOUNT},
+ {"NT_STATUS_TRUSTED_DOMAIN_FAILURE",
+ NT_STATUS_TRUSTED_DOMAIN_FAILURE},
+ {"NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE",
+ NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE},
+ {"NT_STATUS_EVENTLOG_FILE_CORRUPT",
+ NT_STATUS_EVENTLOG_FILE_CORRUPT},
+ {"NT_STATUS_EVENTLOG_CANT_START", NT_STATUS_EVENTLOG_CANT_START},
+ {"NT_STATUS_TRUST_FAILURE", NT_STATUS_TRUST_FAILURE},
+ {"NT_STATUS_MUTANT_LIMIT_EXCEEDED",
+ NT_STATUS_MUTANT_LIMIT_EXCEEDED},
+ {"NT_STATUS_NETLOGON_NOT_STARTED", NT_STATUS_NETLOGON_NOT_STARTED},
+ {"NT_STATUS_ACCOUNT_EXPIRED", NT_STATUS_ACCOUNT_EXPIRED},
+ {"NT_STATUS_POSSIBLE_DEADLOCK", NT_STATUS_POSSIBLE_DEADLOCK},
+ {"NT_STATUS_NETWORK_CREDENTIAL_CONFLICT",
+ NT_STATUS_NETWORK_CREDENTIAL_CONFLICT},
+ {"NT_STATUS_REMOTE_SESSION_LIMIT", NT_STATUS_REMOTE_SESSION_LIMIT},
+ {"NT_STATUS_EVENTLOG_FILE_CHANGED",
+ NT_STATUS_EVENTLOG_FILE_CHANGED},
+ {"NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT",
+ NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT},
+ {"NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT",
+ NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT},
+ {"NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT",
+ NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT},
+ {"NT_STATUS_DOMAIN_TRUST_INCONSISTENT",
+ NT_STATUS_DOMAIN_TRUST_INCONSISTENT},
+ {"NT_STATUS_FS_DRIVER_REQUIRED", NT_STATUS_FS_DRIVER_REQUIRED},
+ {"NT_STATUS_NO_USER_SESSION_KEY", NT_STATUS_NO_USER_SESSION_KEY},
+ {"NT_STATUS_USER_SESSION_DELETED", NT_STATUS_USER_SESSION_DELETED},
+ {"NT_STATUS_RESOURCE_LANG_NOT_FOUND",
+ NT_STATUS_RESOURCE_LANG_NOT_FOUND},
+ {"NT_STATUS_INSUFF_SERVER_RESOURCES",
+ NT_STATUS_INSUFF_SERVER_RESOURCES},
+ {"NT_STATUS_INVALID_BUFFER_SIZE", NT_STATUS_INVALID_BUFFER_SIZE},
+ {"NT_STATUS_INVALID_ADDRESS_COMPONENT",
+ NT_STATUS_INVALID_ADDRESS_COMPONENT},
+ {"NT_STATUS_INVALID_ADDRESS_WILDCARD",
+ NT_STATUS_INVALID_ADDRESS_WILDCARD},
+ {"NT_STATUS_TOO_MANY_ADDRESSES", NT_STATUS_TOO_MANY_ADDRESSES},
+ {"NT_STATUS_ADDRESS_ALREADY_EXISTS",
+ NT_STATUS_ADDRESS_ALREADY_EXISTS},
+ {"NT_STATUS_ADDRESS_CLOSED", NT_STATUS_ADDRESS_CLOSED},
+ {"NT_STATUS_CONNECTION_DISCONNECTED",
+ NT_STATUS_CONNECTION_DISCONNECTED},
+ {"NT_STATUS_CONNECTION_RESET", NT_STATUS_CONNECTION_RESET},
+ {"NT_STATUS_TOO_MANY_NODES", NT_STATUS_TOO_MANY_NODES},
+ {"NT_STATUS_TRANSACTION_ABORTED", NT_STATUS_TRANSACTION_ABORTED},
+ {"NT_STATUS_TRANSACTION_TIMED_OUT",
+ NT_STATUS_TRANSACTION_TIMED_OUT},
+ {"NT_STATUS_TRANSACTION_NO_RELEASE",
+ NT_STATUS_TRANSACTION_NO_RELEASE},
+ {"NT_STATUS_TRANSACTION_NO_MATCH", NT_STATUS_TRANSACTION_NO_MATCH},
+ {"NT_STATUS_TRANSACTION_RESPONDED",
+ NT_STATUS_TRANSACTION_RESPONDED},
+ {"NT_STATUS_TRANSACTION_INVALID_ID",
+ NT_STATUS_TRANSACTION_INVALID_ID},
+ {"NT_STATUS_TRANSACTION_INVALID_TYPE",
+ NT_STATUS_TRANSACTION_INVALID_TYPE},
+ {"NT_STATUS_NOT_SERVER_SESSION", NT_STATUS_NOT_SERVER_SESSION},
+ {"NT_STATUS_NOT_CLIENT_SESSION", NT_STATUS_NOT_CLIENT_SESSION},
+ {"NT_STATUS_CANNOT_LOAD_REGISTRY_FILE",
+ NT_STATUS_CANNOT_LOAD_REGISTRY_FILE},
+ {"NT_STATUS_DEBUG_ATTACH_FAILED", NT_STATUS_DEBUG_ATTACH_FAILED},
+ {"NT_STATUS_SYSTEM_PROCESS_TERMINATED",
+ NT_STATUS_SYSTEM_PROCESS_TERMINATED},
+ {"NT_STATUS_DATA_NOT_ACCEPTED", NT_STATUS_DATA_NOT_ACCEPTED},
+ {"NT_STATUS_NO_BROWSER_SERVERS_FOUND",
+ NT_STATUS_NO_BROWSER_SERVERS_FOUND},
+ {"NT_STATUS_VDM_HARD_ERROR", NT_STATUS_VDM_HARD_ERROR},
+ {"NT_STATUS_DRIVER_CANCEL_TIMEOUT",
+ NT_STATUS_DRIVER_CANCEL_TIMEOUT},
+ {"NT_STATUS_REPLY_MESSAGE_MISMATCH",
+ NT_STATUS_REPLY_MESSAGE_MISMATCH},
+ {"NT_STATUS_MAPPED_ALIGNMENT", NT_STATUS_MAPPED_ALIGNMENT},
+ {"NT_STATUS_IMAGE_CHECKSUM_MISMATCH",
+ NT_STATUS_IMAGE_CHECKSUM_MISMATCH},
+ {"NT_STATUS_LOST_WRITEBEHIND_DATA",
+ NT_STATUS_LOST_WRITEBEHIND_DATA},
+ {"NT_STATUS_CLIENT_SERVER_PARAMETERS_INVALID",
+ NT_STATUS_CLIENT_SERVER_PARAMETERS_INVALID},
+ {"NT_STATUS_PASSWORD_MUST_CHANGE", NT_STATUS_PASSWORD_MUST_CHANGE},
+ {"NT_STATUS_NOT_FOUND", NT_STATUS_NOT_FOUND},
+ {"NT_STATUS_NOT_TINY_STREAM", NT_STATUS_NOT_TINY_STREAM},
+ {"NT_STATUS_RECOVERY_FAILURE", NT_STATUS_RECOVERY_FAILURE},
+ {"NT_STATUS_STACK_OVERFLOW_READ", NT_STATUS_STACK_OVERFLOW_READ},
+ {"NT_STATUS_FAIL_CHECK", NT_STATUS_FAIL_CHECK},
+ {"NT_STATUS_DUPLICATE_OBJECTID", NT_STATUS_DUPLICATE_OBJECTID},
+ {"NT_STATUS_OBJECTID_EXISTS", NT_STATUS_OBJECTID_EXISTS},
+ {"NT_STATUS_CONVERT_TO_LARGE", NT_STATUS_CONVERT_TO_LARGE},
+ {"NT_STATUS_RETRY", NT_STATUS_RETRY},
+ {"NT_STATUS_FOUND_OUT_OF_SCOPE", NT_STATUS_FOUND_OUT_OF_SCOPE},
+ {"NT_STATUS_ALLOCATE_BUCKET", NT_STATUS_ALLOCATE_BUCKET},
+ {"NT_STATUS_PROPSET_NOT_FOUND", NT_STATUS_PROPSET_NOT_FOUND},
+ {"NT_STATUS_MARSHALL_OVERFLOW", NT_STATUS_MARSHALL_OVERFLOW},
+ {"NT_STATUS_INVALID_VARIANT", NT_STATUS_INVALID_VARIANT},
+ {"NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND",
+ NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND},
+ {"NT_STATUS_ACCOUNT_LOCKED_OUT", NT_STATUS_ACCOUNT_LOCKED_OUT},
+ {"NT_STATUS_HANDLE_NOT_CLOSABLE", NT_STATUS_HANDLE_NOT_CLOSABLE},
+ {"NT_STATUS_CONNECTION_REFUSED", NT_STATUS_CONNECTION_REFUSED},
+ {"NT_STATUS_GRACEFUL_DISCONNECT", NT_STATUS_GRACEFUL_DISCONNECT},
+ {"NT_STATUS_ADDRESS_ALREADY_ASSOCIATED",
+ NT_STATUS_ADDRESS_ALREADY_ASSOCIATED},
+ {"NT_STATUS_ADDRESS_NOT_ASSOCIATED",
+ NT_STATUS_ADDRESS_NOT_ASSOCIATED},
+ {"NT_STATUS_CONNECTION_INVALID", NT_STATUS_CONNECTION_INVALID},
+ {"NT_STATUS_CONNECTION_ACTIVE", NT_STATUS_CONNECTION_ACTIVE},
+ {"NT_STATUS_NETWORK_UNREACHABLE", NT_STATUS_NETWORK_UNREACHABLE},
+ {"NT_STATUS_HOST_UNREACHABLE", NT_STATUS_HOST_UNREACHABLE},
+ {"NT_STATUS_PROTOCOL_UNREACHABLE", NT_STATUS_PROTOCOL_UNREACHABLE},
+ {"NT_STATUS_PORT_UNREACHABLE", NT_STATUS_PORT_UNREACHABLE},
+ {"NT_STATUS_REQUEST_ABORTED", NT_STATUS_REQUEST_ABORTED},
+ {"NT_STATUS_CONNECTION_ABORTED", NT_STATUS_CONNECTION_ABORTED},
+ {"NT_STATUS_BAD_COMPRESSION_BUFFER",
+ NT_STATUS_BAD_COMPRESSION_BUFFER},
+ {"NT_STATUS_USER_MAPPED_FILE", NT_STATUS_USER_MAPPED_FILE},
+ {"NT_STATUS_AUDIT_FAILED", NT_STATUS_AUDIT_FAILED},
+ {"NT_STATUS_TIMER_RESOLUTION_NOT_SET",
+ NT_STATUS_TIMER_RESOLUTION_NOT_SET},
+ {"NT_STATUS_CONNECTION_COUNT_LIMIT",
+ NT_STATUS_CONNECTION_COUNT_LIMIT},
+ {"NT_STATUS_LOGIN_TIME_RESTRICTION",
+ NT_STATUS_LOGIN_TIME_RESTRICTION},
+ {"NT_STATUS_LOGIN_WKSTA_RESTRICTION",
+ NT_STATUS_LOGIN_WKSTA_RESTRICTION},
+ {"NT_STATUS_IMAGE_MP_UP_MISMATCH", NT_STATUS_IMAGE_MP_UP_MISMATCH},
+ {"NT_STATUS_INSUFFICIENT_LOGON_INFO",
+ NT_STATUS_INSUFFICIENT_LOGON_INFO},
+ {"NT_STATUS_BAD_DLL_ENTRYPOINT", NT_STATUS_BAD_DLL_ENTRYPOINT},
+ {"NT_STATUS_BAD_SERVICE_ENTRYPOINT",
+ NT_STATUS_BAD_SERVICE_ENTRYPOINT},
+ {"NT_STATUS_LPC_REPLY_LOST", NT_STATUS_LPC_REPLY_LOST},
+ {"NT_STATUS_IP_ADDRESS_CONFLICT1", NT_STATUS_IP_ADDRESS_CONFLICT1},
+ {"NT_STATUS_IP_ADDRESS_CONFLICT2", NT_STATUS_IP_ADDRESS_CONFLICT2},
+ {"NT_STATUS_REGISTRY_QUOTA_LIMIT", NT_STATUS_REGISTRY_QUOTA_LIMIT},
+ {"NT_STATUS_PATH_NOT_COVERED", NT_STATUS_PATH_NOT_COVERED},
+ {"NT_STATUS_NO_CALLBACK_ACTIVE", NT_STATUS_NO_CALLBACK_ACTIVE},
+ {"NT_STATUS_LICENSE_QUOTA_EXCEEDED",
+ NT_STATUS_LICENSE_QUOTA_EXCEEDED},
+ {"NT_STATUS_PWD_TOO_SHORT", NT_STATUS_PWD_TOO_SHORT},
+ {"NT_STATUS_PWD_TOO_RECENT", NT_STATUS_PWD_TOO_RECENT},
+ {"NT_STATUS_PWD_HISTORY_CONFLICT", NT_STATUS_PWD_HISTORY_CONFLICT},
+ {"NT_STATUS_PLUGPLAY_NO_DEVICE", NT_STATUS_PLUGPLAY_NO_DEVICE},
+ {"NT_STATUS_UNSUPPORTED_COMPRESSION",
+ NT_STATUS_UNSUPPORTED_COMPRESSION},
+ {"NT_STATUS_INVALID_HW_PROFILE", NT_STATUS_INVALID_HW_PROFILE},
+ {"NT_STATUS_INVALID_PLUGPLAY_DEVICE_PATH",
+ NT_STATUS_INVALID_PLUGPLAY_DEVICE_PATH},
+ {"NT_STATUS_DRIVER_ORDINAL_NOT_FOUND",
+ NT_STATUS_DRIVER_ORDINAL_NOT_FOUND},
+ {"NT_STATUS_DRIVER_ENTRYPOINT_NOT_FOUND",
+ NT_STATUS_DRIVER_ENTRYPOINT_NOT_FOUND},
+ {"NT_STATUS_RESOURCE_NOT_OWNED", NT_STATUS_RESOURCE_NOT_OWNED},
+ {"NT_STATUS_TOO_MANY_LINKS", NT_STATUS_TOO_MANY_LINKS},
+ {"NT_STATUS_QUOTA_LIST_INCONSISTENT",
+ NT_STATUS_QUOTA_LIST_INCONSISTENT},
+ {"NT_STATUS_FILE_IS_OFFLINE", NT_STATUS_FILE_IS_OFFLINE},
+ {"NT_STATUS_NO_MORE_ENTRIES", NT_STATUS_NO_MORE_ENTRIES},
+ {"NT_STATUS_MORE_ENTRIES", NT_STATUS_MORE_ENTRIES},
+ {"NT_STATUS_SOME_UNMAPPED", NT_STATUS_SOME_UNMAPPED},
+ {NULL, 0}
+};
diff --git a/fs/cifsd/nterr.h b/fs/cifsd/nterr.h
new file mode 100644
index 000000000000..9f5004b69d30
--- /dev/null
+++ b/fs/cifsd/nterr.h
@@ -0,0 +1,552 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Unix SMB/Netbios implementation.
+ * Version 1.9.
+ * NT error code constants
+ * Copyright (C) Andrew Tridgell 1992-2000
+ * Copyright (C) John H Terpstra 1996-2000
+ * Copyright (C) Luke Kenneth Casson Leighton 1996-2000
+ * Copyright (C) Paul Ashton 1998-2000
+ */
+
+
+
+#ifndef _NTERR_H
+#define _NTERR_H
+
+struct nt_err_code_struct {
+ char *nt_errstr;
+ __u32 nt_errcode;
+};
+
+extern const struct nt_err_code_struct nt_errs[];
+
+/* Win32 Status codes. */
+#define NT_STATUS_MORE_ENTRIES 0x0105
+#define NT_ERROR_INVALID_PARAMETER 0x0057
+#define NT_ERROR_INSUFFICIENT_BUFFER 0x007a
+#define NT_STATUS_1804 0x070c
+#define NT_STATUS_NOTIFY_ENUM_DIR 0x010c
+#define NT_STATUS_INVALID_LOCK_RANGE (0xC0000000 | 0x01a1)
+/*
+ * Win32 Error codes extracted using a loop in smbclient then printing a netmon
+ * sniff to a file.
+ */
+
+#define NT_STATUS_OK 0x0000
+#define NT_STATUS_SOME_UNMAPPED 0x0107
+#define NT_STATUS_BUFFER_OVERFLOW 0x80000005
+#define NT_STATUS_NO_MORE_ENTRIES 0x8000001a
+#define NT_STATUS_MEDIA_CHANGED 0x8000001c
+#define NT_STATUS_END_OF_MEDIA 0x8000001e
+#define NT_STATUS_MEDIA_CHECK 0x80000020
+#define NT_STATUS_NO_DATA_DETECTED 0x8000001c
+#define NT_STATUS_STOPPED_ON_SYMLINK 0x8000002d
+#define NT_STATUS_DEVICE_REQUIRES_CLEANING 0x80000288
+#define NT_STATUS_DEVICE_DOOR_OPEN 0x80000288
+#define NT_STATUS_UNSUCCESSFUL (0xC0000000 | 0x0001)
+#define NT_STATUS_NOT_IMPLEMENTED (0xC0000000 | 0x0002)
+#define NT_STATUS_INVALID_INFO_CLASS (0xC0000000 | 0x0003)
+#define NT_STATUS_INFO_LENGTH_MISMATCH (0xC0000000 | 0x0004)
+#define NT_STATUS_ACCESS_VIOLATION (0xC0000000 | 0x0005)
+#define NT_STATUS_IN_PAGE_ERROR (0xC0000000 | 0x0006)
+#define NT_STATUS_PAGEFILE_QUOTA (0xC0000000 | 0x0007)
+#define NT_STATUS_INVALID_HANDLE (0xC0000000 | 0x0008)
+#define NT_STATUS_BAD_INITIAL_STACK (0xC0000000 | 0x0009)
+#define NT_STATUS_BAD_INITIAL_PC (0xC0000000 | 0x000a)
+#define NT_STATUS_INVALID_CID (0xC0000000 | 0x000b)
+#define NT_STATUS_TIMER_NOT_CANCELED (0xC0000000 | 0x000c)
+#define NT_STATUS_INVALID_PARAMETER (0xC0000000 | 0x000d)
+#define NT_STATUS_NO_SUCH_DEVICE (0xC0000000 | 0x000e)
+#define NT_STATUS_NO_SUCH_FILE (0xC0000000 | 0x000f)
+#define NT_STATUS_INVALID_DEVICE_REQUEST (0xC0000000 | 0x0010)
+#define NT_STATUS_END_OF_FILE (0xC0000000 | 0x0011)
+#define NT_STATUS_WRONG_VOLUME (0xC0000000 | 0x0012)
+#define NT_STATUS_NO_MEDIA_IN_DEVICE (0xC0000000 | 0x0013)
+#define NT_STATUS_UNRECOGNIZED_MEDIA (0xC0000000 | 0x0014)
+#define NT_STATUS_NONEXISTENT_SECTOR (0xC0000000 | 0x0015)
+#define NT_STATUS_MORE_PROCESSING_REQUIRED (0xC0000000 | 0x0016)
+#define NT_STATUS_NO_MEMORY (0xC0000000 | 0x0017)
+#define NT_STATUS_CONFLICTING_ADDRESSES (0xC0000000 | 0x0018)
+#define NT_STATUS_NOT_MAPPED_VIEW (0xC0000000 | 0x0019)
+#define NT_STATUS_UNABLE_TO_FREE_VM (0x80000000 | 0x001a)
+#define NT_STATUS_UNABLE_TO_DELETE_SECTION (0xC0000000 | 0x001b)
+#define NT_STATUS_INVALID_SYSTEM_SERVICE (0xC0000000 | 0x001c)
+#define NT_STATUS_ILLEGAL_INSTRUCTION (0xC0000000 | 0x001d)
+#define NT_STATUS_INVALID_LOCK_SEQUENCE (0xC0000000 | 0x001e)
+#define NT_STATUS_INVALID_VIEW_SIZE (0xC0000000 | 0x001f)
+#define NT_STATUS_INVALID_FILE_FOR_SECTION (0xC0000000 | 0x0020)
+#define NT_STATUS_ALREADY_COMMITTED (0xC0000000 | 0x0021)
+#define NT_STATUS_ACCESS_DENIED (0xC0000000 | 0x0022)
+#define NT_STATUS_BUFFER_TOO_SMALL (0xC0000000 | 0x0023)
+#define NT_STATUS_OBJECT_TYPE_MISMATCH (0xC0000000 | 0x0024)
+#define NT_STATUS_NONCONTINUABLE_EXCEPTION (0xC0000000 | 0x0025)
+#define NT_STATUS_INVALID_DISPOSITION (0xC0000000 | 0x0026)
+#define NT_STATUS_UNWIND (0xC0000000 | 0x0027)
+#define NT_STATUS_BAD_STACK (0xC0000000 | 0x0028)
+#define NT_STATUS_INVALID_UNWIND_TARGET (0xC0000000 | 0x0029)
+#define NT_STATUS_NOT_LOCKED (0xC0000000 | 0x002a)
+#define NT_STATUS_PARITY_ERROR (0xC0000000 | 0x002b)
+#define NT_STATUS_UNABLE_TO_DECOMMIT_VM (0xC0000000 | 0x002c)
+#define NT_STATUS_NOT_COMMITTED (0xC0000000 | 0x002d)
+#define NT_STATUS_INVALID_PORT_ATTRIBUTES (0xC0000000 | 0x002e)
+#define NT_STATUS_PORT_MESSAGE_TOO_LONG (0xC0000000 | 0x002f)
+#define NT_STATUS_INVALID_PARAMETER_MIX (0xC0000000 | 0x0030)
+#define NT_STATUS_INVALID_QUOTA_LOWER (0xC0000000 | 0x0031)
+#define NT_STATUS_DISK_CORRUPT_ERROR (0xC0000000 | 0x0032)
+#define NT_STATUS_OBJECT_NAME_INVALID (0xC0000000 | 0x0033)
+#define NT_STATUS_OBJECT_NAME_NOT_FOUND (0xC0000000 | 0x0034)
+#define NT_STATUS_OBJECT_NAME_COLLISION (0xC0000000 | 0x0035)
+#define NT_STATUS_HANDLE_NOT_WAITABLE (0xC0000000 | 0x0036)
+#define NT_STATUS_PORT_DISCONNECTED (0xC0000000 | 0x0037)
+#define NT_STATUS_DEVICE_ALREADY_ATTACHED (0xC0000000 | 0x0038)
+#define NT_STATUS_OBJECT_PATH_INVALID (0xC0000000 | 0x0039)
+#define NT_STATUS_OBJECT_PATH_NOT_FOUND (0xC0000000 | 0x003a)
+#define NT_STATUS_OBJECT_PATH_SYNTAX_BAD (0xC0000000 | 0x003b)
+#define NT_STATUS_DATA_OVERRUN (0xC0000000 | 0x003c)
+#define NT_STATUS_DATA_LATE_ERROR (0xC0000000 | 0x003d)
+#define NT_STATUS_DATA_ERROR (0xC0000000 | 0x003e)
+#define NT_STATUS_CRC_ERROR (0xC0000000 | 0x003f)
+#define NT_STATUS_SECTION_TOO_BIG (0xC0000000 | 0x0040)
+#define NT_STATUS_PORT_CONNECTION_REFUSED (0xC0000000 | 0x0041)
+#define NT_STATUS_INVALID_PORT_HANDLE (0xC0000000 | 0x0042)
+#define NT_STATUS_SHARING_VIOLATION (0xC0000000 | 0x0043)
+#define NT_STATUS_QUOTA_EXCEEDED (0xC0000000 | 0x0044)
+#define NT_STATUS_INVALID_PAGE_PROTECTION (0xC0000000 | 0x0045)
+#define NT_STATUS_MUTANT_NOT_OWNED (0xC0000000 | 0x0046)
+#define NT_STATUS_SEMAPHORE_LIMIT_EXCEEDED (0xC0000000 | 0x0047)
+#define NT_STATUS_PORT_ALREADY_SET (0xC0000000 | 0x0048)
+#define NT_STATUS_SECTION_NOT_IMAGE (0xC0000000 | 0x0049)
+#define NT_STATUS_SUSPEND_COUNT_EXCEEDED (0xC0000000 | 0x004a)
+#define NT_STATUS_THREAD_IS_TERMINATING (0xC0000000 | 0x004b)
+#define NT_STATUS_BAD_WORKING_SET_LIMIT (0xC0000000 | 0x004c)
+#define NT_STATUS_INCOMPATIBLE_FILE_MAP (0xC0000000 | 0x004d)
+#define NT_STATUS_SECTION_PROTECTION (0xC0000000 | 0x004e)
+#define NT_STATUS_EAS_NOT_SUPPORTED (0xC0000000 | 0x004f)
+#define NT_STATUS_EA_TOO_LARGE (0xC0000000 | 0x0050)
+#define NT_STATUS_NONEXISTENT_EA_ENTRY (0xC0000000 | 0x0051)
+#define NT_STATUS_NO_EAS_ON_FILE (0xC0000000 | 0x0052)
+#define NT_STATUS_EA_CORRUPT_ERROR (0xC0000000 | 0x0053)
+#define NT_STATUS_FILE_LOCK_CONFLICT (0xC0000000 | 0x0054)
+#define NT_STATUS_LOCK_NOT_GRANTED (0xC0000000 | 0x0055)
+#define NT_STATUS_DELETE_PENDING (0xC0000000 | 0x0056)
+#define NT_STATUS_CTL_FILE_NOT_SUPPORTED (0xC0000000 | 0x0057)
+#define NT_STATUS_UNKNOWN_REVISION (0xC0000000 | 0x0058)
+#define NT_STATUS_REVISION_MISMATCH (0xC0000000 | 0x0059)
+#define NT_STATUS_INVALID_OWNER (0xC0000000 | 0x005a)
+#define NT_STATUS_INVALID_PRIMARY_GROUP (0xC0000000 | 0x005b)
+#define NT_STATUS_NO_IMPERSONATION_TOKEN (0xC0000000 | 0x005c)
+#define NT_STATUS_CANT_DISABLE_MANDATORY (0xC0000000 | 0x005d)
+#define NT_STATUS_NO_LOGON_SERVERS (0xC0000000 | 0x005e)
+#define NT_STATUS_NO_SUCH_LOGON_SESSION (0xC0000000 | 0x005f)
+#define NT_STATUS_NO_SUCH_PRIVILEGE (0xC0000000 | 0x0060)
+#define NT_STATUS_PRIVILEGE_NOT_HELD (0xC0000000 | 0x0061)
+#define NT_STATUS_INVALID_ACCOUNT_NAME (0xC0000000 | 0x0062)
+#define NT_STATUS_USER_EXISTS (0xC0000000 | 0x0063)
+#define NT_STATUS_NO_SUCH_USER (0xC0000000 | 0x0064)
+#define NT_STATUS_GROUP_EXISTS (0xC0000000 | 0x0065)
+#define NT_STATUS_NO_SUCH_GROUP (0xC0000000 | 0x0066)
+#define NT_STATUS_MEMBER_IN_GROUP (0xC0000000 | 0x0067)
+#define NT_STATUS_MEMBER_NOT_IN_GROUP (0xC0000000 | 0x0068)
+#define NT_STATUS_LAST_ADMIN (0xC0000000 | 0x0069)
+#define NT_STATUS_WRONG_PASSWORD (0xC0000000 | 0x006a)
+#define NT_STATUS_ILL_FORMED_PASSWORD (0xC0000000 | 0x006b)
+#define NT_STATUS_PASSWORD_RESTRICTION (0xC0000000 | 0x006c)
+#define NT_STATUS_LOGON_FAILURE (0xC0000000 | 0x006d)
+#define NT_STATUS_ACCOUNT_RESTRICTION (0xC0000000 | 0x006e)
+#define NT_STATUS_INVALID_LOGON_HOURS (0xC0000000 | 0x006f)
+#define NT_STATUS_INVALID_WORKSTATION (0xC0000000 | 0x0070)
+#define NT_STATUS_PASSWORD_EXPIRED (0xC0000000 | 0x0071)
+#define NT_STATUS_ACCOUNT_DISABLED (0xC0000000 | 0x0072)
+#define NT_STATUS_NONE_MAPPED (0xC0000000 | 0x0073)
+#define NT_STATUS_TOO_MANY_LUIDS_REQUESTED (0xC0000000 | 0x0074)
+#define NT_STATUS_LUIDS_EXHAUSTED (0xC0000000 | 0x0075)
+#define NT_STATUS_INVALID_SUB_AUTHORITY (0xC0000000 | 0x0076)
+#define NT_STATUS_INVALID_ACL (0xC0000000 | 0x0077)
+#define NT_STATUS_INVALID_SID (0xC0000000 | 0x0078)
+#define NT_STATUS_INVALID_SECURITY_DESCR (0xC0000000 | 0x0079)
+#define NT_STATUS_PROCEDURE_NOT_FOUND (0xC0000000 | 0x007a)
+#define NT_STATUS_INVALID_IMAGE_FORMAT (0xC0000000 | 0x007b)
+#define NT_STATUS_NO_TOKEN (0xC0000000 | 0x007c)
+#define NT_STATUS_BAD_INHERITANCE_ACL (0xC0000000 | 0x007d)
+#define NT_STATUS_RANGE_NOT_LOCKED (0xC0000000 | 0x007e)
+#define NT_STATUS_DISK_FULL (0xC0000000 | 0x007f)
+#define NT_STATUS_SERVER_DISABLED (0xC0000000 | 0x0080)
+#define NT_STATUS_SERVER_NOT_DISABLED (0xC0000000 | 0x0081)
+#define NT_STATUS_TOO_MANY_GUIDS_REQUESTED (0xC0000000 | 0x0082)
+#define NT_STATUS_GUIDS_EXHAUSTED (0xC0000000 | 0x0083)
+#define NT_STATUS_INVALID_ID_AUTHORITY (0xC0000000 | 0x0084)
+#define NT_STATUS_AGENTS_EXHAUSTED (0xC0000000 | 0x0085)
+#define NT_STATUS_INVALID_VOLUME_LABEL (0xC0000000 | 0x0086)
+#define NT_STATUS_SECTION_NOT_EXTENDED (0xC0000000 | 0x0087)
+#define NT_STATUS_NOT_MAPPED_DATA (0xC0000000 | 0x0088)
+#define NT_STATUS_RESOURCE_DATA_NOT_FOUND (0xC0000000 | 0x0089)
+#define NT_STATUS_RESOURCE_TYPE_NOT_FOUND (0xC0000000 | 0x008a)
+#define NT_STATUS_RESOURCE_NAME_NOT_FOUND (0xC0000000 | 0x008b)
+#define NT_STATUS_ARRAY_BOUNDS_EXCEEDED (0xC0000000 | 0x008c)
+#define NT_STATUS_FLOAT_DENORMAL_OPERAND (0xC0000000 | 0x008d)
+#define NT_STATUS_FLOAT_DIVIDE_BY_ZERO (0xC0000000 | 0x008e)
+#define NT_STATUS_FLOAT_INEXACT_RESULT (0xC0000000 | 0x008f)
+#define NT_STATUS_FLOAT_INVALID_OPERATION (0xC0000000 | 0x0090)
+#define NT_STATUS_FLOAT_OVERFLOW (0xC0000000 | 0x0091)
+#define NT_STATUS_FLOAT_STACK_CHECK (0xC0000000 | 0x0092)
+#define NT_STATUS_FLOAT_UNDERFLOW (0xC0000000 | 0x0093)
+#define NT_STATUS_INTEGER_DIVIDE_BY_ZERO (0xC0000000 | 0x0094)
+#define NT_STATUS_INTEGER_OVERFLOW (0xC0000000 | 0x0095)
+#define NT_STATUS_PRIVILEGED_INSTRUCTION (0xC0000000 | 0x0096)
+#define NT_STATUS_TOO_MANY_PAGING_FILES (0xC0000000 | 0x0097)
+#define NT_STATUS_FILE_INVALID (0xC0000000 | 0x0098)
+#define NT_STATUS_ALLOTTED_SPACE_EXCEEDED (0xC0000000 | 0x0099)
+#define NT_STATUS_INSUFFICIENT_RESOURCES (0xC0000000 | 0x009a)
+#define NT_STATUS_DFS_EXIT_PATH_FOUND (0xC0000000 | 0x009b)
+#define NT_STATUS_DEVICE_DATA_ERROR (0xC0000000 | 0x009c)
+#define NT_STATUS_DEVICE_NOT_CONNECTED (0xC0000000 | 0x009d)
+#define NT_STATUS_DEVICE_POWER_FAILURE (0xC0000000 | 0x009e)
+#define NT_STATUS_FREE_VM_NOT_AT_BASE (0xC0000000 | 0x009f)
+#define NT_STATUS_MEMORY_NOT_ALLOCATED (0xC0000000 | 0x00a0)
+#define NT_STATUS_WORKING_SET_QUOTA (0xC0000000 | 0x00a1)
+#define NT_STATUS_MEDIA_WRITE_PROTECTED (0xC0000000 | 0x00a2)
+#define NT_STATUS_DEVICE_NOT_READY (0xC0000000 | 0x00a3)
+#define NT_STATUS_INVALID_GROUP_ATTRIBUTES (0xC0000000 | 0x00a4)
+#define NT_STATUS_BAD_IMPERSONATION_LEVEL (0xC0000000 | 0x00a5)
+#define NT_STATUS_CANT_OPEN_ANONYMOUS (0xC0000000 | 0x00a6)
+#define NT_STATUS_BAD_VALIDATION_CLASS (0xC0000000 | 0x00a7)
+#define NT_STATUS_BAD_TOKEN_TYPE (0xC0000000 | 0x00a8)
+#define NT_STATUS_BAD_MASTER_BOOT_RECORD (0xC0000000 | 0x00a9)
+#define NT_STATUS_INSTRUCTION_MISALIGNMENT (0xC0000000 | 0x00aa)
+#define NT_STATUS_INSTANCE_NOT_AVAILABLE (0xC0000000 | 0x00ab)
+#define NT_STATUS_PIPE_NOT_AVAILABLE (0xC0000000 | 0x00ac)
+#define NT_STATUS_INVALID_PIPE_STATE (0xC0000000 | 0x00ad)
+#define NT_STATUS_PIPE_BUSY (0xC0000000 | 0x00ae)
+#define NT_STATUS_ILLEGAL_FUNCTION (0xC0000000 | 0x00af)
+#define NT_STATUS_PIPE_DISCONNECTED (0xC0000000 | 0x00b0)
+#define NT_STATUS_PIPE_CLOSING (0xC0000000 | 0x00b1)
+#define NT_STATUS_PIPE_CONNECTED (0xC0000000 | 0x00b2)
+#define NT_STATUS_PIPE_LISTENING (0xC0000000 | 0x00b3)
+#define NT_STATUS_INVALID_READ_MODE (0xC0000000 | 0x00b4)
+#define NT_STATUS_IO_TIMEOUT (0xC0000000 | 0x00b5)
+#define NT_STATUS_FILE_FORCED_CLOSED (0xC0000000 | 0x00b6)
+#define NT_STATUS_PROFILING_NOT_STARTED (0xC0000000 | 0x00b7)
+#define NT_STATUS_PROFILING_NOT_STOPPED (0xC0000000 | 0x00b8)
+#define NT_STATUS_COULD_NOT_INTERPRET (0xC0000000 | 0x00b9)
+#define NT_STATUS_FILE_IS_A_DIRECTORY (0xC0000000 | 0x00ba)
+#define NT_STATUS_NOT_SUPPORTED (0xC0000000 | 0x00bb)
+#define NT_STATUS_REMOTE_NOT_LISTENING (0xC0000000 | 0x00bc)
+#define NT_STATUS_DUPLICATE_NAME (0xC0000000 | 0x00bd)
+#define NT_STATUS_BAD_NETWORK_PATH (0xC0000000 | 0x00be)
+#define NT_STATUS_NETWORK_BUSY (0xC0000000 | 0x00bf)
+#define NT_STATUS_DEVICE_DOES_NOT_EXIST (0xC0000000 | 0x00c0)
+#define NT_STATUS_TOO_MANY_COMMANDS (0xC0000000 | 0x00c1)
+#define NT_STATUS_ADAPTER_HARDWARE_ERROR (0xC0000000 | 0x00c2)
+#define NT_STATUS_INVALID_NETWORK_RESPONSE (0xC0000000 | 0x00c3)
+#define NT_STATUS_UNEXPECTED_NETWORK_ERROR (0xC0000000 | 0x00c4)
+#define NT_STATUS_BAD_REMOTE_ADAPTER (0xC0000000 | 0x00c5)
+#define NT_STATUS_PRINT_QUEUE_FULL (0xC0000000 | 0x00c6)
+#define NT_STATUS_NO_SPOOL_SPACE (0xC0000000 | 0x00c7)
+#define NT_STATUS_PRINT_CANCELLED (0xC0000000 | 0x00c8)
+#define NT_STATUS_NETWORK_NAME_DELETED (0xC0000000 | 0x00c9)
+#define NT_STATUS_NETWORK_ACCESS_DENIED (0xC0000000 | 0x00ca)
+#define NT_STATUS_BAD_DEVICE_TYPE (0xC0000000 | 0x00cb)
+#define NT_STATUS_BAD_NETWORK_NAME (0xC0000000 | 0x00cc)
+#define NT_STATUS_TOO_MANY_NAMES (0xC0000000 | 0x00cd)
+#define NT_STATUS_TOO_MANY_SESSIONS (0xC0000000 | 0x00ce)
+#define NT_STATUS_SHARING_PAUSED (0xC0000000 | 0x00cf)
+#define NT_STATUS_REQUEST_NOT_ACCEPTED (0xC0000000 | 0x00d0)
+#define NT_STATUS_REDIRECTOR_PAUSED (0xC0000000 | 0x00d1)
+#define NT_STATUS_NET_WRITE_FAULT (0xC0000000 | 0x00d2)
+#define NT_STATUS_PROFILING_AT_LIMIT (0xC0000000 | 0x00d3)
+#define NT_STATUS_NOT_SAME_DEVICE (0xC0000000 | 0x00d4)
+#define NT_STATUS_FILE_RENAMED (0xC0000000 | 0x00d5)
+#define NT_STATUS_VIRTUAL_CIRCUIT_CLOSED (0xC0000000 | 0x00d6)
+#define NT_STATUS_NO_SECURITY_ON_OBJECT (0xC0000000 | 0x00d7)
+#define NT_STATUS_CANT_WAIT (0xC0000000 | 0x00d8)
+#define NT_STATUS_PIPE_EMPTY (0xC0000000 | 0x00d9)
+#define NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xC0000000 | 0x00da)
+#define NT_STATUS_CANT_TERMINATE_SELF (0xC0000000 | 0x00db)
+#define NT_STATUS_INVALID_SERVER_STATE (0xC0000000 | 0x00dc)
+#define NT_STATUS_INVALID_DOMAIN_STATE (0xC0000000 | 0x00dd)
+#define NT_STATUS_INVALID_DOMAIN_ROLE (0xC0000000 | 0x00de)
+#define NT_STATUS_NO_SUCH_DOMAIN (0xC0000000 | 0x00df)
+#define NT_STATUS_DOMAIN_EXISTS (0xC0000000 | 0x00e0)
+#define NT_STATUS_DOMAIN_LIMIT_EXCEEDED (0xC0000000 | 0x00e1)
+#define NT_STATUS_OPLOCK_NOT_GRANTED (0xC0000000 | 0x00e2)
+#define NT_STATUS_INVALID_OPLOCK_PROTOCOL (0xC0000000 | 0x00e3)
+#define NT_STATUS_INTERNAL_DB_CORRUPTION (0xC0000000 | 0x00e4)
+#define NT_STATUS_INTERNAL_ERROR (0xC0000000 | 0x00e5)
+#define NT_STATUS_GENERIC_NOT_MAPPED (0xC0000000 | 0x00e6)
+#define NT_STATUS_BAD_DESCRIPTOR_FORMAT (0xC0000000 | 0x00e7)
+#define NT_STATUS_INVALID_USER_BUFFER (0xC0000000 | 0x00e8)
+#define NT_STATUS_UNEXPECTED_IO_ERROR (0xC0000000 | 0x00e9)
+#define NT_STATUS_UNEXPECTED_MM_CREATE_ERR (0xC0000000 | 0x00ea)
+#define NT_STATUS_UNEXPECTED_MM_MAP_ERROR (0xC0000000 | 0x00eb)
+#define NT_STATUS_UNEXPECTED_MM_EXTEND_ERR (0xC0000000 | 0x00ec)
+#define NT_STATUS_NOT_LOGON_PROCESS (0xC0000000 | 0x00ed)
+#define NT_STATUS_LOGON_SESSION_EXISTS (0xC0000000 | 0x00ee)
+#define NT_STATUS_INVALID_PARAMETER_1 (0xC0000000 | 0x00ef)
+#define NT_STATUS_INVALID_PARAMETER_2 (0xC0000000 | 0x00f0)
+#define NT_STATUS_INVALID_PARAMETER_3 (0xC0000000 | 0x00f1)
+#define NT_STATUS_INVALID_PARAMETER_4 (0xC0000000 | 0x00f2)
+#define NT_STATUS_INVALID_PARAMETER_5 (0xC0000000 | 0x00f3)
+#define NT_STATUS_INVALID_PARAMETER_6 (0xC0000000 | 0x00f4)
+#define NT_STATUS_INVALID_PARAMETER_7 (0xC0000000 | 0x00f5)
+#define NT_STATUS_INVALID_PARAMETER_8 (0xC0000000 | 0x00f6)
+#define NT_STATUS_INVALID_PARAMETER_9 (0xC0000000 | 0x00f7)
+#define NT_STATUS_INVALID_PARAMETER_10 (0xC0000000 | 0x00f8)
+#define NT_STATUS_INVALID_PARAMETER_11 (0xC0000000 | 0x00f9)
+#define NT_STATUS_INVALID_PARAMETER_12 (0xC0000000 | 0x00fa)
+#define NT_STATUS_REDIRECTOR_NOT_STARTED (0xC0000000 | 0x00fb)
+#define NT_STATUS_REDIRECTOR_STARTED (0xC0000000 | 0x00fc)
+#define NT_STATUS_STACK_OVERFLOW (0xC0000000 | 0x00fd)
+#define NT_STATUS_NO_SUCH_PACKAGE (0xC0000000 | 0x00fe)
+#define NT_STATUS_BAD_FUNCTION_TABLE (0xC0000000 | 0x00ff)
+#define NT_STATUS_DIRECTORY_NOT_EMPTY (0xC0000000 | 0x0101)
+#define NT_STATUS_FILE_CORRUPT_ERROR (0xC0000000 | 0x0102)
+#define NT_STATUS_NOT_A_DIRECTORY (0xC0000000 | 0x0103)
+#define NT_STATUS_BAD_LOGON_SESSION_STATE (0xC0000000 | 0x0104)
+#define NT_STATUS_LOGON_SESSION_COLLISION (0xC0000000 | 0x0105)
+#define NT_STATUS_NAME_TOO_LONG (0xC0000000 | 0x0106)
+#define NT_STATUS_FILES_OPEN (0xC0000000 | 0x0107)
+#define NT_STATUS_CONNECTION_IN_USE (0xC0000000 | 0x0108)
+#define NT_STATUS_MESSAGE_NOT_FOUND (0xC0000000 | 0x0109)
+#define NT_STATUS_PROCESS_IS_TERMINATING (0xC0000000 | 0x010a)
+#define NT_STATUS_INVALID_LOGON_TYPE (0xC0000000 | 0x010b)
+#define NT_STATUS_NO_GUID_TRANSLATION (0xC0000000 | 0x010c)
+#define NT_STATUS_CANNOT_IMPERSONATE (0xC0000000 | 0x010d)
+#define NT_STATUS_IMAGE_ALREADY_LOADED (0xC0000000 | 0x010e)
+#define NT_STATUS_ABIOS_NOT_PRESENT (0xC0000000 | 0x010f)
+#define NT_STATUS_ABIOS_LID_NOT_EXIST (0xC0000000 | 0x0110)
+#define NT_STATUS_ABIOS_LID_ALREADY_OWNED (0xC0000000 | 0x0111)
+#define NT_STATUS_ABIOS_NOT_LID_OWNER (0xC0000000 | 0x0112)
+#define NT_STATUS_ABIOS_INVALID_COMMAND (0xC0000000 | 0x0113)
+#define NT_STATUS_ABIOS_INVALID_LID (0xC0000000 | 0x0114)
+#define NT_STATUS_ABIOS_SELECTOR_NOT_AVAILABLE (0xC0000000 | 0x0115)
+#define NT_STATUS_ABIOS_INVALID_SELECTOR (0xC0000000 | 0x0116)
+#define NT_STATUS_NO_LDT (0xC0000000 | 0x0117)
+#define NT_STATUS_INVALID_LDT_SIZE (0xC0000000 | 0x0118)
+#define NT_STATUS_INVALID_LDT_OFFSET (0xC0000000 | 0x0119)
+#define NT_STATUS_INVALID_LDT_DESCRIPTOR (0xC0000000 | 0x011a)
+#define NT_STATUS_INVALID_IMAGE_NE_FORMAT (0xC0000000 | 0x011b)
+#define NT_STATUS_RXACT_INVALID_STATE (0xC0000000 | 0x011c)
+#define NT_STATUS_RXACT_COMMIT_FAILURE (0xC0000000 | 0x011d)
+#define NT_STATUS_MAPPED_FILE_SIZE_ZERO (0xC0000000 | 0x011e)
+#define NT_STATUS_TOO_MANY_OPENED_FILES (0xC0000000 | 0x011f)
+#define NT_STATUS_CANCELLED (0xC0000000 | 0x0120)
+#define NT_STATUS_CANNOT_DELETE (0xC0000000 | 0x0121)
+#define NT_STATUS_INVALID_COMPUTER_NAME (0xC0000000 | 0x0122)
+#define NT_STATUS_FILE_DELETED (0xC0000000 | 0x0123)
+#define NT_STATUS_SPECIAL_ACCOUNT (0xC0000000 | 0x0124)
+#define NT_STATUS_SPECIAL_GROUP (0xC0000000 | 0x0125)
+#define NT_STATUS_SPECIAL_USER (0xC0000000 | 0x0126)
+#define NT_STATUS_MEMBERS_PRIMARY_GROUP (0xC0000000 | 0x0127)
+#define NT_STATUS_FILE_CLOSED (0xC0000000 | 0x0128)
+#define NT_STATUS_TOO_MANY_THREADS (0xC0000000 | 0x0129)
+#define NT_STATUS_THREAD_NOT_IN_PROCESS (0xC0000000 | 0x012a)
+#define NT_STATUS_TOKEN_ALREADY_IN_USE (0xC0000000 | 0x012b)
+#define NT_STATUS_PAGEFILE_QUOTA_EXCEEDED (0xC0000000 | 0x012c)
+#define NT_STATUS_COMMITMENT_LIMIT (0xC0000000 | 0x012d)
+#define NT_STATUS_INVALID_IMAGE_LE_FORMAT (0xC0000000 | 0x012e)
+#define NT_STATUS_INVALID_IMAGE_NOT_MZ (0xC0000000 | 0x012f)
+#define NT_STATUS_INVALID_IMAGE_PROTECT (0xC0000000 | 0x0130)
+#define NT_STATUS_INVALID_IMAGE_WIN_16 (0xC0000000 | 0x0131)
+#define NT_STATUS_LOGON_SERVER_CONFLICT (0xC0000000 | 0x0132)
+#define NT_STATUS_TIME_DIFFERENCE_AT_DC (0xC0000000 | 0x0133)
+#define NT_STATUS_SYNCHRONIZATION_REQUIRED (0xC0000000 | 0x0134)
+#define NT_STATUS_DLL_NOT_FOUND (0xC0000000 | 0x0135)
+#define NT_STATUS_OPEN_FAILED (0xC0000000 | 0x0136)
+#define NT_STATUS_IO_PRIVILEGE_FAILED (0xC0000000 | 0x0137)
+#define NT_STATUS_ORDINAL_NOT_FOUND (0xC0000000 | 0x0138)
+#define NT_STATUS_ENTRYPOINT_NOT_FOUND (0xC0000000 | 0x0139)
+#define NT_STATUS_CONTROL_C_EXIT (0xC0000000 | 0x013a)
+#define NT_STATUS_LOCAL_DISCONNECT (0xC0000000 | 0x013b)
+#define NT_STATUS_REMOTE_DISCONNECT (0xC0000000 | 0x013c)
+#define NT_STATUS_REMOTE_RESOURCES (0xC0000000 | 0x013d)
+#define NT_STATUS_LINK_FAILED (0xC0000000 | 0x013e)
+#define NT_STATUS_LINK_TIMEOUT (0xC0000000 | 0x013f)
+#define NT_STATUS_INVALID_CONNECTION (0xC0000000 | 0x0140)
+#define NT_STATUS_INVALID_ADDRESS (0xC0000000 | 0x0141)
+#define NT_STATUS_DLL_INIT_FAILED (0xC0000000 | 0x0142)
+#define NT_STATUS_MISSING_SYSTEMFILE (0xC0000000 | 0x0143)
+#define NT_STATUS_UNHANDLED_EXCEPTION (0xC0000000 | 0x0144)
+#define NT_STATUS_APP_INIT_FAILURE (0xC0000000 | 0x0145)
+#define NT_STATUS_PAGEFILE_CREATE_FAILED (0xC0000000 | 0x0146)
+#define NT_STATUS_NO_PAGEFILE (0xC0000000 | 0x0147)
+#define NT_STATUS_INVALID_LEVEL (0xC0000000 | 0x0148)
+#define NT_STATUS_WRONG_PASSWORD_CORE (0xC0000000 | 0x0149)
+#define NT_STATUS_ILLEGAL_FLOAT_CONTEXT (0xC0000000 | 0x014a)
+#define NT_STATUS_PIPE_BROKEN (0xC0000000 | 0x014b)
+#define NT_STATUS_REGISTRY_CORRUPT (0xC0000000 | 0x014c)
+#define NT_STATUS_REGISTRY_IO_FAILED (0xC0000000 | 0x014d)
+#define NT_STATUS_NO_EVENT_PAIR (0xC0000000 | 0x014e)
+#define NT_STATUS_UNRECOGNIZED_VOLUME (0xC0000000 | 0x014f)
+#define NT_STATUS_SERIAL_NO_DEVICE_INITED (0xC0000000 | 0x0150)
+#define NT_STATUS_NO_SUCH_ALIAS (0xC0000000 | 0x0151)
+#define NT_STATUS_MEMBER_NOT_IN_ALIAS (0xC0000000 | 0x0152)
+#define NT_STATUS_MEMBER_IN_ALIAS (0xC0000000 | 0x0153)
+#define NT_STATUS_ALIAS_EXISTS (0xC0000000 | 0x0154)
+#define NT_STATUS_LOGON_NOT_GRANTED (0xC0000000 | 0x0155)
+#define NT_STATUS_TOO_MANY_SECRETS (0xC0000000 | 0x0156)
+#define NT_STATUS_SECRET_TOO_LONG (0xC0000000 | 0x0157)
+#define NT_STATUS_INTERNAL_DB_ERROR (0xC0000000 | 0x0158)
+#define NT_STATUS_FULLSCREEN_MODE (0xC0000000 | 0x0159)
+#define NT_STATUS_TOO_MANY_CONTEXT_IDS (0xC0000000 | 0x015a)
+#define NT_STATUS_LOGON_TYPE_NOT_GRANTED (0xC0000000 | 0x015b)
+#define NT_STATUS_NOT_REGISTRY_FILE (0xC0000000 | 0x015c)
+#define NT_STATUS_NT_CROSS_ENCRYPTION_REQUIRED (0xC0000000 | 0x015d)
+#define NT_STATUS_DOMAIN_CTRLR_CONFIG_ERROR (0xC0000000 | 0x015e)
+#define NT_STATUS_FT_MISSING_MEMBER (0xC0000000 | 0x015f)
+#define NT_STATUS_ILL_FORMED_SERVICE_ENTRY (0xC0000000 | 0x0160)
+#define NT_STATUS_ILLEGAL_CHARACTER (0xC0000000 | 0x0161)
+#define NT_STATUS_UNMAPPABLE_CHARACTER (0xC0000000 | 0x0162)
+#define NT_STATUS_UNDEFINED_CHARACTER (0xC0000000 | 0x0163)
+#define NT_STATUS_FLOPPY_VOLUME (0xC0000000 | 0x0164)
+#define NT_STATUS_FLOPPY_ID_MARK_NOT_FOUND (0xC0000000 | 0x0165)
+#define NT_STATUS_FLOPPY_WRONG_CYLINDER (0xC0000000 | 0x0166)
+#define NT_STATUS_FLOPPY_UNKNOWN_ERROR (0xC0000000 | 0x0167)
+#define NT_STATUS_FLOPPY_BAD_REGISTERS (0xC0000000 | 0x0168)
+#define NT_STATUS_DISK_RECALIBRATE_FAILED (0xC0000000 | 0x0169)
+#define NT_STATUS_DISK_OPERATION_FAILED (0xC0000000 | 0x016a)
+#define NT_STATUS_DISK_RESET_FAILED (0xC0000000 | 0x016b)
+#define NT_STATUS_SHARED_IRQ_BUSY (0xC0000000 | 0x016c)
+#define NT_STATUS_FT_ORPHANING (0xC0000000 | 0x016d)
+#define NT_STATUS_PARTITION_FAILURE (0xC0000000 | 0x0172)
+#define NT_STATUS_INVALID_BLOCK_LENGTH (0xC0000000 | 0x0173)
+#define NT_STATUS_DEVICE_NOT_PARTITIONED (0xC0000000 | 0x0174)
+#define NT_STATUS_UNABLE_TO_LOCK_MEDIA (0xC0000000 | 0x0175)
+#define NT_STATUS_UNABLE_TO_UNLOAD_MEDIA (0xC0000000 | 0x0176)
+#define NT_STATUS_EOM_OVERFLOW (0xC0000000 | 0x0177)
+#define NT_STATUS_NO_MEDIA (0xC0000000 | 0x0178)
+#define NT_STATUS_NO_SUCH_MEMBER (0xC0000000 | 0x017a)
+#define NT_STATUS_INVALID_MEMBER (0xC0000000 | 0x017b)
+#define NT_STATUS_KEY_DELETED (0xC0000000 | 0x017c)
+#define NT_STATUS_NO_LOG_SPACE (0xC0000000 | 0x017d)
+#define NT_STATUS_TOO_MANY_SIDS (0xC0000000 | 0x017e)
+#define NT_STATUS_LM_CROSS_ENCRYPTION_REQUIRED (0xC0000000 | 0x017f)
+#define NT_STATUS_KEY_HAS_CHILDREN (0xC0000000 | 0x0180)
+#define NT_STATUS_CHILD_MUST_BE_VOLATILE (0xC0000000 | 0x0181)
+#define NT_STATUS_DEVICE_CONFIGURATION_ERROR (0xC0000000 | 0x0182)
+#define NT_STATUS_DRIVER_INTERNAL_ERROR (0xC0000000 | 0x0183)
+#define NT_STATUS_INVALID_DEVICE_STATE (0xC0000000 | 0x0184)
+#define NT_STATUS_IO_DEVICE_ERROR (0xC0000000 | 0x0185)
+#define NT_STATUS_DEVICE_PROTOCOL_ERROR (0xC0000000 | 0x0186)
+#define NT_STATUS_BACKUP_CONTROLLER (0xC0000000 | 0x0187)
+#define NT_STATUS_LOG_FILE_FULL (0xC0000000 | 0x0188)
+#define NT_STATUS_TOO_LATE (0xC0000000 | 0x0189)
+#define NT_STATUS_NO_TRUST_LSA_SECRET (0xC0000000 | 0x018a)
+#define NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xC0000000 | 0x018b)
+#define NT_STATUS_TRUSTED_DOMAIN_FAILURE (0xC0000000 | 0x018c)
+#define NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE (0xC0000000 | 0x018d)
+#define NT_STATUS_EVENTLOG_FILE_CORRUPT (0xC0000000 | 0x018e)
+#define NT_STATUS_EVENTLOG_CANT_START (0xC0000000 | 0x018f)
+#define NT_STATUS_TRUST_FAILURE (0xC0000000 | 0x0190)
+#define NT_STATUS_MUTANT_LIMIT_EXCEEDED (0xC0000000 | 0x0191)
+#define NT_STATUS_NETLOGON_NOT_STARTED (0xC0000000 | 0x0192)
+#define NT_STATUS_ACCOUNT_EXPIRED (0xC0000000 | 0x0193)
+#define NT_STATUS_POSSIBLE_DEADLOCK (0xC0000000 | 0x0194)
+#define NT_STATUS_NETWORK_CREDENTIAL_CONFLICT (0xC0000000 | 0x0195)
+#define NT_STATUS_REMOTE_SESSION_LIMIT (0xC0000000 | 0x0196)
+#define NT_STATUS_EVENTLOG_FILE_CHANGED (0xC0000000 | 0x0197)
+#define NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT (0xC0000000 | 0x0198)
+#define NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT (0xC0000000 | 0x0199)
+#define NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT (0xC0000000 | 0x019a)
+#define NT_STATUS_DOMAIN_TRUST_INCONSISTENT (0xC0000000 | 0x019b)
+#define NT_STATUS_FS_DRIVER_REQUIRED (0xC0000000 | 0x019c)
+#define NT_STATUS_NO_USER_SESSION_KEY (0xC0000000 | 0x0202)
+#define NT_STATUS_USER_SESSION_DELETED (0xC0000000 | 0x0203)
+#define NT_STATUS_RESOURCE_LANG_NOT_FOUND (0xC0000000 | 0x0204)
+#define NT_STATUS_INSUFF_SERVER_RESOURCES (0xC0000000 | 0x0205)
+#define NT_STATUS_INVALID_BUFFER_SIZE (0xC0000000 | 0x0206)
+#define NT_STATUS_INVALID_ADDRESS_COMPONENT (0xC0000000 | 0x0207)
+#define NT_STATUS_INVALID_ADDRESS_WILDCARD (0xC0000000 | 0x0208)
+#define NT_STATUS_TOO_MANY_ADDRESSES (0xC0000000 | 0x0209)
+#define NT_STATUS_ADDRESS_ALREADY_EXISTS (0xC0000000 | 0x020a)
+#define NT_STATUS_ADDRESS_CLOSED (0xC0000000 | 0x020b)
+#define NT_STATUS_CONNECTION_DISCONNECTED (0xC0000000 | 0x020c)
+#define NT_STATUS_CONNECTION_RESET (0xC0000000 | 0x020d)
+#define NT_STATUS_TOO_MANY_NODES (0xC0000000 | 0x020e)
+#define NT_STATUS_TRANSACTION_ABORTED (0xC0000000 | 0x020f)
+#define NT_STATUS_TRANSACTION_TIMED_OUT (0xC0000000 | 0x0210)
+#define NT_STATUS_TRANSACTION_NO_RELEASE (0xC0000000 | 0x0211)
+#define NT_STATUS_TRANSACTION_NO_MATCH (0xC0000000 | 0x0212)
+#define NT_STATUS_TRANSACTION_RESPONDED (0xC0000000 | 0x0213)
+#define NT_STATUS_TRANSACTION_INVALID_ID (0xC0000000 | 0x0214)
+#define NT_STATUS_TRANSACTION_INVALID_TYPE (0xC0000000 | 0x0215)
+#define NT_STATUS_NOT_SERVER_SESSION (0xC0000000 | 0x0216)
+#define NT_STATUS_NOT_CLIENT_SESSION (0xC0000000 | 0x0217)
+#define NT_STATUS_CANNOT_LOAD_REGISTRY_FILE (0xC0000000 | 0x0218)
+#define NT_STATUS_DEBUG_ATTACH_FAILED (0xC0000000 | 0x0219)
+#define NT_STATUS_SYSTEM_PROCESS_TERMINATED (0xC0000000 | 0x021a)
+#define NT_STATUS_DATA_NOT_ACCEPTED (0xC0000000 | 0x021b)
+#define NT_STATUS_NO_BROWSER_SERVERS_FOUND (0xC0000000 | 0x021c)
+#define NT_STATUS_VDM_HARD_ERROR (0xC0000000 | 0x021d)
+#define NT_STATUS_DRIVER_CANCEL_TIMEOUT (0xC0000000 | 0x021e)
+#define NT_STATUS_REPLY_MESSAGE_MISMATCH (0xC0000000 | 0x021f)
+#define NT_STATUS_MAPPED_ALIGNMENT (0xC0000000 | 0x0220)
+#define NT_STATUS_IMAGE_CHECKSUM_MISMATCH (0xC0000000 | 0x0221)
+#define NT_STATUS_LOST_WRITEBEHIND_DATA (0xC0000000 | 0x0222)
+#define NT_STATUS_CLIENT_SERVER_PARAMETERS_INVALID (0xC0000000 | 0x0223)
+#define NT_STATUS_PASSWORD_MUST_CHANGE (0xC0000000 | 0x0224)
+#define NT_STATUS_NOT_FOUND (0xC0000000 | 0x0225)
+#define NT_STATUS_NOT_TINY_STREAM (0xC0000000 | 0x0226)
+#define NT_STATUS_RECOVERY_FAILURE (0xC0000000 | 0x0227)
+#define NT_STATUS_STACK_OVERFLOW_READ (0xC0000000 | 0x0228)
+#define NT_STATUS_FAIL_CHECK (0xC0000000 | 0x0229)
+#define NT_STATUS_DUPLICATE_OBJECTID (0xC0000000 | 0x022a)
+#define NT_STATUS_OBJECTID_EXISTS (0xC0000000 | 0x022b)
+#define NT_STATUS_CONVERT_TO_LARGE (0xC0000000 | 0x022c)
+#define NT_STATUS_RETRY (0xC0000000 | 0x022d)
+#define NT_STATUS_FOUND_OUT_OF_SCOPE (0xC0000000 | 0x022e)
+#define NT_STATUS_ALLOCATE_BUCKET (0xC0000000 | 0x022f)
+#define NT_STATUS_PROPSET_NOT_FOUND (0xC0000000 | 0x0230)
+#define NT_STATUS_MARSHALL_OVERFLOW (0xC0000000 | 0x0231)
+#define NT_STATUS_INVALID_VARIANT (0xC0000000 | 0x0232)
+#define NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xC0000000 | 0x0233)
+#define NT_STATUS_ACCOUNT_LOCKED_OUT (0xC0000000 | 0x0234)
+#define NT_STATUS_HANDLE_NOT_CLOSABLE (0xC0000000 | 0x0235)
+#define NT_STATUS_CONNECTION_REFUSED (0xC0000000 | 0x0236)
+#define NT_STATUS_GRACEFUL_DISCONNECT (0xC0000000 | 0x0237)
+#define NT_STATUS_ADDRESS_ALREADY_ASSOCIATED (0xC0000000 | 0x0238)
+#define NT_STATUS_ADDRESS_NOT_ASSOCIATED (0xC0000000 | 0x0239)
+#define NT_STATUS_CONNECTION_INVALID (0xC0000000 | 0x023a)
+#define NT_STATUS_CONNECTION_ACTIVE (0xC0000000 | 0x023b)
+#define NT_STATUS_NETWORK_UNREACHABLE (0xC0000000 | 0x023c)
+#define NT_STATUS_HOST_UNREACHABLE (0xC0000000 | 0x023d)
+#define NT_STATUS_PROTOCOL_UNREACHABLE (0xC0000000 | 0x023e)
+#define NT_STATUS_PORT_UNREACHABLE (0xC0000000 | 0x023f)
+#define NT_STATUS_REQUEST_ABORTED (0xC0000000 | 0x0240)
+#define NT_STATUS_CONNECTION_ABORTED (0xC0000000 | 0x0241)
+#define NT_STATUS_BAD_COMPRESSION_BUFFER (0xC0000000 | 0x0242)
+#define NT_STATUS_USER_MAPPED_FILE (0xC0000000 | 0x0243)
+#define NT_STATUS_AUDIT_FAILED (0xC0000000 | 0x0244)
+#define NT_STATUS_TIMER_RESOLUTION_NOT_SET (0xC0000000 | 0x0245)
+#define NT_STATUS_CONNECTION_COUNT_LIMIT (0xC0000000 | 0x0246)
+#define NT_STATUS_LOGIN_TIME_RESTRICTION (0xC0000000 | 0x0247)
+#define NT_STATUS_LOGIN_WKSTA_RESTRICTION (0xC0000000 | 0x0248)
+#define NT_STATUS_IMAGE_MP_UP_MISMATCH (0xC0000000 | 0x0249)
+#define NT_STATUS_INSUFFICIENT_LOGON_INFO (0xC0000000 | 0x0250)
+#define NT_STATUS_BAD_DLL_ENTRYPOINT (0xC0000000 | 0x0251)
+#define NT_STATUS_BAD_SERVICE_ENTRYPOINT (0xC0000000 | 0x0252)
+#define NT_STATUS_LPC_REPLY_LOST (0xC0000000 | 0x0253)
+#define NT_STATUS_IP_ADDRESS_CONFLICT1 (0xC0000000 | 0x0254)
+#define NT_STATUS_IP_ADDRESS_CONFLICT2 (0xC0000000 | 0x0255)
+#define NT_STATUS_REGISTRY_QUOTA_LIMIT (0xC0000000 | 0x0256)
+#define NT_STATUS_PATH_NOT_COVERED (0xC0000000 | 0x0257)
+#define NT_STATUS_NO_CALLBACK_ACTIVE (0xC0000000 | 0x0258)
+#define NT_STATUS_LICENSE_QUOTA_EXCEEDED (0xC0000000 | 0x0259)
+#define NT_STATUS_PWD_TOO_SHORT (0xC0000000 | 0x025a)
+#define NT_STATUS_PWD_TOO_RECENT (0xC0000000 | 0x025b)
+#define NT_STATUS_PWD_HISTORY_CONFLICT (0xC0000000 | 0x025c)
+#define NT_STATUS_PLUGPLAY_NO_DEVICE (0xC0000000 | 0x025e)
+#define NT_STATUS_UNSUPPORTED_COMPRESSION (0xC0000000 | 0x025f)
+#define NT_STATUS_INVALID_HW_PROFILE (0xC0000000 | 0x0260)
+#define NT_STATUS_INVALID_PLUGPLAY_DEVICE_PATH (0xC0000000 | 0x0261)
+#define NT_STATUS_DRIVER_ORDINAL_NOT_FOUND (0xC0000000 | 0x0262)
+#define NT_STATUS_DRIVER_ENTRYPOINT_NOT_FOUND (0xC0000000 | 0x0263)
+#define NT_STATUS_RESOURCE_NOT_OWNED (0xC0000000 | 0x0264)
+#define NT_STATUS_TOO_MANY_LINKS (0xC0000000 | 0x0265)
+#define NT_STATUS_QUOTA_LIST_INCONSISTENT (0xC0000000 | 0x0266)
+#define NT_STATUS_FILE_IS_OFFLINE (0xC0000000 | 0x0267)
+#define NT_STATUS_NETWORK_SESSION_EXPIRED (0xC0000000 | 0x035c)
+#define NT_STATUS_NO_SUCH_JOB (0xC0000000 | 0xEDE) /* scheduler */
+#define NT_STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP (0xC0000000 | 0x5D0000)
+#define NT_STATUS_PENDING 0x00000103
+#endif /* _NTERR_H */
diff --git a/fs/cifsd/ntlmssp.h b/fs/cifsd/ntlmssp.h
new file mode 100644
index 000000000000..adaf4c0cbe8f
--- /dev/null
+++ b/fs/cifsd/ntlmssp.h
@@ -0,0 +1,169 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+/*
+ * Copyright (c) International Business Machines Corp., 2002,2007
+ * Author(s): Steve French (sfrench(a)us.ibm.com)
+ */
+
+#ifndef __KSMBD_NTLMSSP_H
+#define __KSMBD_NTLMSSP_H
+
+#define NTLMSSP_SIGNATURE "NTLMSSP"
+
+/* Security blob target info data */
+#define TGT_Name "KSMBD"
+
+/*
+ * Size of the crypto key returned on the negotiate SMB in bytes
+ */
+#define CIFS_CRYPTO_KEY_SIZE (8)
+#define CIFS_KEY_SIZE (40)
+
+/*
+ * Size of encrypted user password in bytes
+ */
+#define CIFS_ENCPWD_SIZE (16)
+#define CIFS_CPHTXT_SIZE (16)
+
+/* Message Types */
+#define NtLmNegotiate cpu_to_le32(1)
+#define NtLmChallenge cpu_to_le32(2)
+#define NtLmAuthenticate cpu_to_le32(3)
+#define UnknownMessage cpu_to_le32(8)
+
+/* Negotiate Flags */
+#define NTLMSSP_NEGOTIATE_UNICODE 0x01 /* Text strings are unicode */
+#define NTLMSSP_NEGOTIATE_OEM 0x02 /* Text strings are in OEM */
+#define NTLMSSP_REQUEST_TARGET 0x04 /* Srv returns its auth realm */
+/* define reserved9 0x08 */
+#define NTLMSSP_NEGOTIATE_SIGN 0x0010 /* Request signing capability */
+#define NTLMSSP_NEGOTIATE_SEAL 0x0020 /* Request confidentiality */
+#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
+#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080 /* Use LM session key */
+/* defined reserved 8 0x0100 */
+#define NTLMSSP_NEGOTIATE_NTLM 0x0200 /* NTLM authentication */
+#define NTLMSSP_NEGOTIATE_NT_ONLY 0x0400 /* Lanman not allowed */
+#define NTLMSSP_ANONYMOUS 0x0800
+#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000 /* reserved6 */
+#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
+#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000 /* client/server same machine */
+#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000 /* Sign. All security levels */
+#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
+#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
+#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
+#define NTLMSSP_NEGOTIATE_EXTENDED_SEC 0x80000 /* NB:not related to NTLMv2 pwd*/
+/* #define NTLMSSP_REQUEST_INIT_RESP 0x100000 */
+#define NTLMSSP_NEGOTIATE_IDENTIFY 0x100000
+#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000 /* reserved5 */
+#define NTLMSSP_REQUEST_NON_NT_KEY 0x400000
+#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000
+/* #define reserved4 0x1000000 */
+#define NTLMSSP_NEGOTIATE_VERSION 0x2000000 /* we do not set */
+/* #define reserved3 0x4000000 */
+/* #define reserved2 0x8000000 */
+/* #define reserved1 0x10000000 */
+#define NTLMSSP_NEGOTIATE_128 0x20000000
+#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
+#define NTLMSSP_NEGOTIATE_56 0x80000000
+
+/* Define AV Pair Field IDs */
+enum av_field_type {
+ NTLMSSP_AV_EOL = 0,
+ NTLMSSP_AV_NB_COMPUTER_NAME,
+ NTLMSSP_AV_NB_DOMAIN_NAME,
+ NTLMSSP_AV_DNS_COMPUTER_NAME,
+ NTLMSSP_AV_DNS_DOMAIN_NAME,
+ NTLMSSP_AV_DNS_TREE_NAME,
+ NTLMSSP_AV_FLAGS,
+ NTLMSSP_AV_TIMESTAMP,
+ NTLMSSP_AV_RESTRICTION,
+ NTLMSSP_AV_TARGET_NAME,
+ NTLMSSP_AV_CHANNEL_BINDINGS
+};
+
+/* Although typedefs are not commonly used for structure definitions */
+/* in the Linux kernel, in this particular case they are useful */
+/* to more closely match the standards document for NTLMSSP from */
+/* OpenGroup and to make the code more closely match the standard in */
+/* appearance */
+
+struct security_buffer {
+ __le16 Length;
+ __le16 MaximumLength;
+ __le32 BufferOffset; /* offset to buffer */
+} __packed;
+
+struct target_info {
+ __le16 Type;
+ __le16 Length;
+ __u8 Content[0];
+} __packed;
+
+struct negotiate_message {
+ __u8 Signature[sizeof(NTLMSSP_SIGNATURE)];
+ __le32 MessageType; /* NtLmNegotiate = 1 */
+ __le32 NegotiateFlags;
+ struct security_buffer DomainName; /* RFC 1001 style and ASCII */
+ struct security_buffer WorkstationName; /* RFC 1001 and ASCII */
+ /*
+ * struct security_buffer for version info not present since we
+ * do not set the version is present flag
+ */
+ char DomainString[0];
+ /* followed by WorkstationString */
+} __packed;
+
+struct challenge_message {
+ __u8 Signature[sizeof(NTLMSSP_SIGNATURE)];
+ __le32 MessageType; /* NtLmChallenge = 2 */
+ struct security_buffer TargetName;
+ __le32 NegotiateFlags;
+ __u8 Challenge[CIFS_CRYPTO_KEY_SIZE];
+ __u8 Reserved[8];
+ struct security_buffer TargetInfoArray;
+ /*
+ * struct security_buffer for version info not present since we
+ * do not set the version is present flag
+ */
+} __packed;
+
+struct authenticate_message {
+ __u8 Signature[sizeof(NTLMSSP_SIGNATURE)];
+ __le32 MessageType; /* NtLmsAuthenticate = 3 */
+ struct security_buffer LmChallengeResponse;
+ struct security_buffer NtChallengeResponse;
+ struct security_buffer DomainName;
+ struct security_buffer UserName;
+ struct security_buffer WorkstationName;
+ struct security_buffer SessionKey;
+ __le32 NegotiateFlags;
+ /*
+ * struct security_buffer for version info not present since we
+ * do not set the version is present flag
+ */
+ char UserString[0];
+} __packed;
+
+struct ntlmv2_resp {
+ char ntlmv2_hash[CIFS_ENCPWD_SIZE];
+ __le32 blob_signature;
+ __u32 reserved;
+ __le64 time;
+ __u64 client_chal; /* random */
+ __u32 reserved2;
+ /* array of name entries could follow ending in minimum 4 byte struct */
+} __packed;
+
+/* per smb session structure/fields */
+struct ntlmssp_auth {
+ /* whether session key is per smb session */
+ bool sesskey_per_smbsess;
+ /* sent by client in type 1 ntlmsssp exchange */
+ __u32 client_flags;
+ /* sent by server in type 2 ntlmssp exchange */
+ __u32 conn_flags;
+ /* sent to server */
+ unsigned char ciphertext[CIFS_CPHTXT_SIZE];
+ /* used by ntlmssp */
+ char cryptkey[CIFS_CRYPTO_KEY_SIZE];
+};
+#endif /* __KSMBD_NTLMSSP_H */
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
new file mode 100644
index 000000000000..6c3dbc71134e
--- /dev/null
+++ b/fs/cifsd/oplock.c
@@ -0,0 +1,1693 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/moduleparam.h>
+
+#include "glob.h"
+#include "oplock.h"
+
+#include "smb_common.h"
+#include "smbstatus.h"
+#include "buffer_pool.h"
+#include "connection.h"
+#include "mgmt/user_session.h"
+#include "mgmt/share_config.h"
+#include "mgmt/tree_connect.h"
+
+static LIST_HEAD(lease_table_list);
+static DEFINE_RWLOCK(lease_list_lock);
+
+/**
+ * get_new_opinfo() - allocate a new opinfo object for oplock info
+ * @conn: connection instance
+ * @id: fid of open file
+ * @Tid: tree id of connection
+ * @lctx: lease context information
+ *
+ * Return: allocated opinfo object on success, otherwise NULL
+ */
+static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
+ uint64_t id, __u16 Tid)
+{
+ struct ksmbd_session *sess = work->sess;
+ struct oplock_info *opinfo;
+
+ opinfo = kzalloc(sizeof(struct oplock_info), GFP_KERNEL);
+ if (!opinfo)
+ return NULL;
+
+ opinfo->sess = sess;
+ opinfo->conn = sess->conn;
+ opinfo->level = OPLOCK_NONE;
+ opinfo->op_state = OPLOCK_STATE_NONE;
+ opinfo->pending_break = 0;
+ opinfo->fid = id;
+ opinfo->Tid = Tid;
+ INIT_LIST_HEAD(&opinfo->op_entry);
+ INIT_LIST_HEAD(&opinfo->interim_list);
+ init_waitqueue_head(&opinfo->oplock_q);
+ init_waitqueue_head(&opinfo->oplock_brk);
+ atomic_set(&opinfo->refcount, 1);
+ atomic_set(&opinfo->breaking_cnt, 0);
+
+ return opinfo;
+}
+
+static void lease_add_list(struct oplock_info *opinfo)
+{
+ struct lease_table *lb = opinfo->o_lease->l_lb;
+
+ spin_lock(&lb->lb_lock);
+ list_add_rcu(&opinfo->lease_entry, &lb->lease_list);
+ spin_unlock(&lb->lb_lock);
+}
+
+static void lease_del_list(struct oplock_info *opinfo)
+{
+ struct lease_table *lb = opinfo->o_lease->l_lb;
+
+ if (!lb)
+ return;
+
+ spin_lock(&lb->lb_lock);
+ if (list_empty(&opinfo->lease_entry)) {
+ spin_unlock(&lb->lb_lock);
+ return;
+ }
+
+ list_del_init(&opinfo->lease_entry);
+ opinfo->o_lease->l_lb = NULL;
+ spin_unlock(&lb->lb_lock);
+}
+
+static void lb_add(struct lease_table *lb)
+{
+ write_lock(&lease_list_lock);
+ list_add(&lb->l_entry, &lease_table_list);
+ write_unlock(&lease_list_lock);
+}
+
+static int alloc_lease(struct oplock_info *opinfo,
+ struct lease_ctx_info *lctx)
+{
+ struct lease *lease;
+
+ lease = kmalloc(sizeof(struct lease), GFP_KERNEL);
+ if (!lease)
+ return -ENOMEM;
+
+ memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
+ lease->state = lctx->req_state;
+ lease->new_state = 0;
+ lease->flags = lctx->flags;
+ lease->duration = lctx->duration;
+ INIT_LIST_HEAD(&opinfo->lease_entry);
+ opinfo->o_lease = lease;
+
+ return 0;
+}
+
+static void free_lease(struct oplock_info *opinfo)
+{
+ struct lease *lease;
+
+ lease = opinfo->o_lease;
+ kfree(lease);
+}
+
+static void free_opinfo(struct oplock_info *opinfo)
+{
+ if (opinfo->is_lease)
+ free_lease(opinfo);
+ kfree(opinfo);
+}
+
+static inline void opinfo_free_rcu(struct rcu_head *rcu_head)
+{
+ struct oplock_info *opinfo;
+
+ opinfo = container_of(rcu_head, struct oplock_info, rcu_head);
+ free_opinfo(opinfo);
+}
+
+struct oplock_info *opinfo_get(struct ksmbd_file *fp)
+{
+ struct oplock_info *opinfo;
+
+ rcu_read_lock();
+ opinfo = rcu_dereference(fp->f_opinfo);
+ if (opinfo && !atomic_inc_not_zero(&opinfo->refcount))
+ opinfo = NULL;
+ rcu_read_unlock();
+
+ return opinfo;
+}
+
+static struct oplock_info *opinfo_get_list(struct ksmbd_inode *ci)
+{
+ struct oplock_info *opinfo;
+
+ if (list_empty(&ci->m_op_list))
+ return NULL;
+
+ rcu_read_lock();
+ opinfo = list_first_or_null_rcu(&ci->m_op_list, struct oplock_info,
+ op_entry);
+ if (opinfo && !atomic_inc_not_zero(&opinfo->refcount))
+ opinfo = NULL;
+ rcu_read_unlock();
+
+ return opinfo;
+}
+
+void opinfo_put(struct oplock_info *opinfo)
+{
+ if (!atomic_dec_and_test(&opinfo->refcount))
+ return;
+
+ call_rcu(&opinfo->rcu_head, opinfo_free_rcu);
+}
+
+static void opinfo_add(struct oplock_info *opinfo)
+{
+ struct ksmbd_inode *ci = opinfo->o_fp->f_ci;
+
+ write_lock(&ci->m_lock);
+ list_add_rcu(&opinfo->op_entry, &ci->m_op_list);
+ write_unlock(&ci->m_lock);
+}
+
+static void opinfo_del(struct oplock_info *opinfo)
+{
+ struct ksmbd_inode *ci = opinfo->o_fp->f_ci;
+
+ if (opinfo->is_lease) {
+ write_lock(&lease_list_lock);
+ lease_del_list(opinfo);
+ write_unlock(&lease_list_lock);
+ }
+ write_lock(&ci->m_lock);
+ list_del_rcu(&opinfo->op_entry);
+ write_unlock(&ci->m_lock);
+}
+
+static unsigned long opinfo_count(struct ksmbd_file *fp)
+{
+ if (ksmbd_stream_fd(fp))
+ return atomic_read(&fp->f_ci->sop_count);
+ else
+ return atomic_read(&fp->f_ci->op_count);
+}
+
+static void opinfo_count_inc(struct ksmbd_file *fp)
+{
+ if (ksmbd_stream_fd(fp))
+ return atomic_inc(&fp->f_ci->sop_count);
+ else
+ return atomic_inc(&fp->f_ci->op_count);
+}
+
+static void opinfo_count_dec(struct ksmbd_file *fp)
+{
+ if (ksmbd_stream_fd(fp))
+ return atomic_dec(&fp->f_ci->sop_count);
+ else
+ return atomic_dec(&fp->f_ci->op_count);
+}
+
+/**
+ * opinfo_write_to_read() - convert a write oplock to read oplock
+ * @opinfo: current oplock info
+ *
+ * Return: 0 on success, otherwise -EINVAL
+ */
+int opinfo_write_to_read(struct oplock_info *opinfo)
+{
+ struct lease *lease = opinfo->o_lease;
+
+ if (!((opinfo->level == SMB2_OPLOCK_LEVEL_BATCH) ||
+ (opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))) {
+ ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
+ if (opinfo->is_lease)
+ ksmbd_err("lease state(0x%x)\n", lease->state);
+ return -EINVAL;
+ }
+ opinfo->level = SMB2_OPLOCK_LEVEL_II;
+
+ if (opinfo->is_lease)
+ lease->state = lease->new_state;
+ return 0;
+}
+
+/**
+ * opinfo_read_handle_to_read() - convert a read/handle oplock to read oplock
+ * @opinfo: current oplock info
+ *
+ * Return: 0 on success, otherwise -EINVAL
+ */
+int opinfo_read_handle_to_read(struct oplock_info *opinfo)
+{
+ struct lease *lease = opinfo->o_lease;
+
+ lease->state = lease->new_state;
+ opinfo->level = SMB2_OPLOCK_LEVEL_II;
+ return 0;
+}
+
+/**
+ * opinfo_write_to_none() - convert a write oplock to none
+ * @opinfo: current oplock info
+ *
+ * Return: 0 on success, otherwise -EINVAL
+ */
+int opinfo_write_to_none(struct oplock_info *opinfo)
+{
+ struct lease *lease = opinfo->o_lease;
+
+ if (!((opinfo->level == SMB2_OPLOCK_LEVEL_BATCH) ||
+ (opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))) {
+ ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
+ if (opinfo->is_lease)
+ ksmbd_err("lease state(0x%x)\n",
+ lease->state);
+ return -EINVAL;
+ }
+ opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
+ if (opinfo->is_lease)
+ lease->state = lease->new_state;
+ return 0;
+}
+
+/**
+ * opinfo_read_to_none() - convert a write read to none
+ * @opinfo: current oplock info
+ *
+ * Return: 0 on success, otherwise -EINVAL
+ */
+int opinfo_read_to_none(struct oplock_info *opinfo)
+{
+ struct lease *lease = opinfo->o_lease;
+
+ if (opinfo->level != SMB2_OPLOCK_LEVEL_II) {
+ ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
+ if (opinfo->is_lease)
+ ksmbd_err("lease state(0x%x)\n", lease->state);
+ return -EINVAL;
+ }
+ opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
+ if (opinfo->is_lease)
+ lease->state = lease->new_state;
+ return 0;
+}
+
+/**
+ * lease_read_to_write() - upgrade lease state from read to write
+ * @opinfo: current lease info
+ *
+ * Return: 0 on success, otherwise -EINVAL
+ */
+int lease_read_to_write(struct oplock_info *opinfo)
+{
+ struct lease *lease = opinfo->o_lease;
+
+ if (!(lease->state & SMB2_LEASE_READ_CACHING_LE)) {
+ ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n",
+ lease->state);
+ return -EINVAL;
+ }
+
+ lease->new_state = SMB2_LEASE_NONE_LE;
+ lease->state |= SMB2_LEASE_WRITE_CACHING_LE;
+ if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
+ opinfo->level = SMB2_OPLOCK_LEVEL_BATCH;
+ else
+ opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
+ return 0;
+}
+
+/**
+ * lease_none_upgrade() - upgrade lease state from none
+ * @opinfo: current lease info
+ * @new_state: new lease state
+ *
+ * Return: 0 on success, otherwise -EINVAL
+ */
+static int lease_none_upgrade(struct oplock_info *opinfo,
+ __le32 new_state)
+{
+ struct lease *lease = opinfo->o_lease;
+
+ if (!(lease->state == SMB2_LEASE_NONE_LE)) {
+ ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n",
+ lease->state);
+ return -EINVAL;
+ }
+
+ lease->new_state = SMB2_LEASE_NONE_LE;
+ lease->state = new_state;
+ if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
+ if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
+ opinfo->level = SMB2_OPLOCK_LEVEL_BATCH;
+ else
+ opinfo->level = SMB2_OPLOCK_LEVEL_II;
+ else if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
+ opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
+ else if (lease->state & SMB2_LEASE_READ_CACHING_LE)
+ opinfo->level = SMB2_OPLOCK_LEVEL_II;
+
+ return 0;
+}
+
+/**
+ * close_id_del_oplock() - release oplock object at file close time
+ * @fp: ksmbd file pointer
+ */
+void close_id_del_oplock(struct ksmbd_file *fp)
+{
+ struct oplock_info *opinfo;
+
+ if (S_ISDIR(file_inode(fp->filp)->i_mode))
+ return;
+
+ opinfo = opinfo_get(fp);
+ if (!opinfo)
+ return;
+
+ opinfo_del(opinfo);
+
+ rcu_assign_pointer(fp->f_opinfo, NULL);
+ if (opinfo->op_state == OPLOCK_ACK_WAIT) {
+ opinfo->op_state = OPLOCK_CLOSING;
+ wake_up_interruptible_all(&opinfo->oplock_q);
+ if (opinfo->is_lease) {
+ atomic_set(&opinfo->breaking_cnt, 0);
+ wake_up_interruptible_all(&opinfo->oplock_brk);
+ }
+ }
+
+ opinfo_count_dec(fp);
+ atomic_dec(&opinfo->refcount);
+ opinfo_put(opinfo);
+}
+
+/**
+ * grant_write_oplock() - grant exclusive/batch oplock or write lease
+ * @opinfo_new: new oplock info object
+ * @req_oplock: request oplock
+ * @lctx: lease context information
+ *
+ * Return: 0
+ */
+static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
+ struct lease_ctx_info *lctx)
+{
+ struct lease *lease = opinfo_new->o_lease;
+
+ if (req_oplock == SMB2_OPLOCK_LEVEL_BATCH)
+ opinfo_new->level = SMB2_OPLOCK_LEVEL_BATCH;
+ else
+ opinfo_new->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
+
+ if (lctx) {
+ lease->state = lctx->req_state;
+ memcpy(lease->lease_key, lctx->lease_key,
+ SMB2_LEASE_KEY_SIZE);
+ }
+}
+
+/**
+ * grant_read_oplock() - grant level2 oplock or read lease
+ * @opinfo_new: new oplock info object
+ * @lctx: lease context information
+ *
+ * Return: 0
+ */
+static void grant_read_oplock(struct oplock_info *opinfo_new,
+ struct lease_ctx_info *lctx)
+{
+ struct lease *lease = opinfo_new->o_lease;
+
+ opinfo_new->level = SMB2_OPLOCK_LEVEL_II;
+
+ if (lctx) {
+ lease->state = SMB2_LEASE_READ_CACHING_LE;
+ if (lctx->req_state & SMB2_LEASE_HANDLE_CACHING_LE)
+ lease->state |= SMB2_LEASE_HANDLE_CACHING_LE;
+ memcpy(lease->lease_key, lctx->lease_key,
+ SMB2_LEASE_KEY_SIZE);
+ }
+}
+
+/**
+ * grant_none_oplock() - grant none oplock or none lease
+ * @opinfo_new: new oplock info object
+ * @lctx: lease context information
+ *
+ * Return: 0
+ */
+static void grant_none_oplock(struct oplock_info *opinfo_new,
+ struct lease_ctx_info *lctx)
+{
+ struct lease *lease = opinfo_new->o_lease;
+
+ opinfo_new->level = SMB2_OPLOCK_LEVEL_NONE;
+
+ if (lctx) {
+ lease->state = 0;
+ memcpy(lease->lease_key, lctx->lease_key,
+ SMB2_LEASE_KEY_SIZE);
+ }
+}
+
+/**
+ * find_opinfo() - find lease object for given client guid and lease key
+ * @head: oplock list(read,write or none) head
+ * @guid1: client guid of matching lease owner
+ * @key1: lease key of matching lease owner
+ *
+ * Return: oplock(lease) object on success, otherwise NULL
+ */
+static inline int compare_guid_key(struct oplock_info *opinfo,
+ const char *guid1, const char *key1)
+{
+ const char *guid2, *key2;
+
+ guid2 = opinfo->conn->ClientGUID;
+ key2 = opinfo->o_lease->lease_key;
+ if (!memcmp(guid1, guid2, SMB2_CLIENT_GUID_SIZE) &&
+ !memcmp(key1, key2, SMB2_LEASE_KEY_SIZE))
+ return 1;
+
+ return 0;
+}
+
+/**
+ * same_client_has_lease() - check whether current lease request is
+ * from lease owner of file
+ * @ci: master file pointer
+ * @client_guid: Client GUID
+ * @lctx: lease context information
+ *
+ * Return: oplock(lease) object on success, otherwise NULL
+ */
+static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci,
+ char *client_guid, struct lease_ctx_info *lctx)
+{
+ int ret;
+ struct lease *lease;
+ struct oplock_info *opinfo;
+ struct oplock_info *m_opinfo = NULL;
+
+ if (!lctx)
+ return NULL;
+
+ /*
+ * Compare lease key and client_guid to know request from same owner
+ * of same client
+ */
+ read_lock(&ci->m_lock);
+ list_for_each_entry(opinfo, &ci->m_op_list, op_entry) {
+ if (!opinfo->is_lease)
+ continue;
+ read_unlock(&ci->m_lock);
+ lease = opinfo->o_lease;
+
+ ret = compare_guid_key(opinfo, client_guid, lctx->lease_key);
+ if (ret) {
+ m_opinfo = opinfo;
+ /* skip upgrading lease about breaking lease */
+ if (atomic_read(&opinfo->breaking_cnt)) {
+ read_lock(&ci->m_lock);
+ continue;
+ }
+
+ /* upgrading lease */
+ if ((atomic_read(&ci->op_count) +
+ atomic_read(&ci->sop_count)) == 1) {
+ if (lease->state ==
+ (lctx->req_state & lease->state)) {
+ lease->state |= lctx->req_state;
+ if (lctx->req_state &
+ SMB2_LEASE_WRITE_CACHING_LE)
+ lease_read_to_write(opinfo);
+ }
+ } else if ((atomic_read(&ci->op_count) +
+ atomic_read(&ci->sop_count)) > 1) {
+ if (lctx->req_state ==
+ (SMB2_LEASE_READ_CACHING_LE |
+ SMB2_LEASE_HANDLE_CACHING_LE))
+ lease->state = lctx->req_state;
+ }
+
+ if (lctx->req_state && lease->state ==
+ SMB2_LEASE_NONE_LE)
+ lease_none_upgrade(opinfo, lctx->req_state);
+ }
+ read_lock(&ci->m_lock);
+ }
+ read_unlock(&ci->m_lock);
+
+ return m_opinfo;
+}
+
+static void wait_for_break_ack(struct oplock_info *opinfo)
+{
+ int rc = 0;
+
+ rc = wait_event_interruptible_timeout(opinfo->oplock_q,
+ opinfo->op_state == OPLOCK_STATE_NONE ||
+ opinfo->op_state == OPLOCK_CLOSING,
+ OPLOCK_WAIT_TIME);
+
+ /* is this a timeout ? */
+ if (!rc) {
+ if (opinfo->is_lease)
+ opinfo->o_lease->state = SMB2_LEASE_NONE_LE;
+ opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
+ opinfo->op_state = OPLOCK_STATE_NONE;
+ }
+}
+
+static void wake_up_oplock_break(struct oplock_info *opinfo)
+{
+ clear_bit_unlock(0, &opinfo->pending_break);
+ /* memory barrier is needed for wake_up_bit() */
+ smp_mb__after_atomic();
+ wake_up_bit(&opinfo->pending_break, 0);
+}
+
+static int oplock_break_pending(struct oplock_info *opinfo, int req_op_level)
+{
+ while (test_and_set_bit(0, &opinfo->pending_break)) {
+ wait_on_bit(&opinfo->pending_break, 0, TASK_UNINTERRUPTIBLE);
+
+ /* Not immediately break to none. */
+ opinfo->open_trunc = 0;
+
+ if (opinfo->op_state == OPLOCK_CLOSING)
+ return -ENOENT;
+ else if (!opinfo->is_lease && opinfo->level <= req_op_level)
+ return 1;
+ }
+
+ if (!opinfo->is_lease && opinfo->level <= req_op_level) {
+ wake_up_oplock_break(opinfo);
+ return 1;
+ }
+ return 0;
+}
+
+static inline int allocate_oplock_break_buf(struct ksmbd_work *work)
+{
+ work->response_buf = ksmbd_alloc_response(MAX_CIFS_SMALL_BUFFER_SIZE);
+ if (!work->response_buf)
+ return -ENOMEM;
+ work->response_sz = MAX_CIFS_SMALL_BUFFER_SIZE;
+ return 0;
+}
+
+/**
+ * smb2_oplock_break_noti() - send smb2 oplock break cmd from conn
+ * to client
+ * @work: smb work object
+ *
+ * There are two ways this function can be called. 1- while file open we break
+ * from exclusive/batch lock to levelII oplock and 2- while file write/truncate
+ * we break from levelII oplock no oplock.
+ * REQUEST_BUF(work) contains oplock_info.
+ */
+static void __smb2_oplock_break_noti(struct work_struct *wk)
+{
+ struct smb2_oplock_break *rsp = NULL;
+ struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
+ struct ksmbd_conn *conn = work->conn;
+ struct oplock_break_info *br_info = REQUEST_BUF(work);
+ struct smb2_hdr *rsp_hdr;
+ struct ksmbd_file *fp;
+
+ fp = ksmbd_lookup_durable_fd(br_info->fid);
+ if (!fp) {
+ atomic_dec(&conn->r_count);
+ ksmbd_free_work_struct(work);
+ return;
+ }
+
+ if (allocate_oplock_break_buf(work)) {
+ ksmbd_err("smb2_allocate_rsp_buf failed! ");
+ atomic_dec(&conn->r_count);
+ ksmbd_free_work_struct(work);
+ ksmbd_fd_put(work, fp);
+ return;
+ }
+
+ rsp_hdr = RESPONSE_BUF(work);
+ memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
+ rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+ rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
+ rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
+ rsp_hdr->CreditRequest = cpu_to_le16(0);
+ rsp_hdr->Command = SMB2_OPLOCK_BREAK;
+ rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
+ rsp_hdr->NextCommand = 0;
+ rsp_hdr->MessageId = cpu_to_le64(-1);
+ rsp_hdr->Id.SyncId.ProcessId = 0;
+ rsp_hdr->Id.SyncId.TreeId = 0;
+ rsp_hdr->SessionId = 0;
+ memset(rsp_hdr->Signature, 0, 16);
+
+
+ rsp = RESPONSE_BUF(work);
+
+ rsp->StructureSize = cpu_to_le16(24);
+ if (!br_info->open_trunc &&
+ (br_info->level == SMB2_OPLOCK_LEVEL_BATCH ||
+ br_info->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
+ rsp->OplockLevel = SMB2_OPLOCK_LEVEL_II;
+ else
+ rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE;
+ rsp->Reserved = 0;
+ rsp->Reserved2 = 0;
+ rsp->PersistentFid = cpu_to_le64(fp->persistent_id);
+ rsp->VolatileFid = cpu_to_le64(fp->volatile_id);
+
+ inc_rfc1001_len(rsp, 24);
+
+ ksmbd_debug(OPLOCK,
+ "sending oplock break v_id %llu p_id = %llu lock level = %d\n",
+ rsp->VolatileFid, rsp->PersistentFid, rsp->OplockLevel);
+
+ ksmbd_fd_put(work, fp);
+ ksmbd_conn_write(work);
+ ksmbd_free_work_struct(work);
+ atomic_dec(&conn->r_count);
+}
+
+/**
+ * smb2_oplock_break() - send smb2 exclusive/batch to level2 oplock
+ * break command from server to client
+ * @opinfo: oplock info object
+ * @ack_required if requiring ack
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_oplock_break_noti(struct oplock_info *opinfo)
+{
+ struct ksmbd_conn *conn = opinfo->conn;
+ struct oplock_break_info *br_info;
+ int ret = 0;
+ struct ksmbd_work *work = ksmbd_alloc_work_struct();
+
+ if (!work)
+ return -ENOMEM;
+
+ br_info = kmalloc(sizeof(struct oplock_break_info), GFP_KERNEL);
+ if (!br_info) {
+ ksmbd_free_work_struct(work);
+ return -ENOMEM;
+ }
+
+ br_info->level = opinfo->level;
+ br_info->fid = opinfo->fid;
+ br_info->open_trunc = opinfo->open_trunc;
+
+ work->request_buf = (char *)br_info;
+ work->conn = conn;
+ work->sess = opinfo->sess;
+
+ atomic_inc(&conn->r_count);
+ if (opinfo->op_state == OPLOCK_ACK_WAIT) {
+ INIT_WORK(&work->work, __smb2_oplock_break_noti);
+ ksmbd_queue_work(work);
+
+ wait_for_break_ack(opinfo);
+ } else {
+ __smb2_oplock_break_noti(&work->work);
+ if (opinfo->level == SMB2_OPLOCK_LEVEL_II)
+ opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
+ }
+ return ret;
+}
+
+/**
+ * __smb2_lease_break_noti() - send lease break command from server
+ * to client
+ * @work: smb work object
+ */
+static void __smb2_lease_break_noti(struct work_struct *wk)
+{
+ struct smb2_lease_break *rsp = NULL;
+ struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
+ struct lease_break_info *br_info = REQUEST_BUF(work);
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_hdr *rsp_hdr;
+
+ if (allocate_oplock_break_buf(work)) {
+ ksmbd_debug(OPLOCK, "smb2_allocate_rsp_buf failed! ");
+ ksmbd_free_work_struct(work);
+ atomic_dec(&conn->r_count);
+ return;
+ }
+
+ rsp_hdr = RESPONSE_BUF(work);
+ memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
+ rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+ rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
+ rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
+ rsp_hdr->CreditRequest = cpu_to_le16(0);
+ rsp_hdr->Command = SMB2_OPLOCK_BREAK;
+ rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
+ rsp_hdr->NextCommand = 0;
+ rsp_hdr->MessageId = cpu_to_le64(-1);
+ rsp_hdr->Id.SyncId.ProcessId = 0;
+ rsp_hdr->Id.SyncId.TreeId = 0;
+ rsp_hdr->SessionId = 0;
+ memset(rsp_hdr->Signature, 0, 16);
+
+ rsp = RESPONSE_BUF(work);
+ rsp->StructureSize = cpu_to_le16(44);
+ rsp->Reserved = 0;
+ rsp->Flags = 0;
+
+ if (br_info->curr_state & (SMB2_LEASE_WRITE_CACHING_LE |
+ SMB2_LEASE_HANDLE_CACHING_LE))
+ rsp->Flags = SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED;
+
+ memcpy(rsp->LeaseKey, br_info->lease_key, SMB2_LEASE_KEY_SIZE);
+ rsp->CurrentLeaseState = br_info->curr_state;
+ rsp->NewLeaseState = br_info->new_state;
+ rsp->BreakReason = 0;
+ rsp->AccessMaskHint = 0;
+ rsp->ShareMaskHint = 0;
+
+ inc_rfc1001_len(rsp, 44);
+
+ ksmbd_conn_write(work);
+ ksmbd_free_work_struct(work);
+ atomic_dec(&conn->r_count);
+}
+
+/**
+ * smb2_break_lease() - break lease when a new client request
+ * write lease
+ * @opinfo: conains lease state information
+ * @ack_required: if requring ack
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_lease_break_noti(struct oplock_info *opinfo)
+{
+ struct ksmbd_conn *conn = opinfo->conn;
+ struct list_head *tmp, *t;
+ struct ksmbd_work *work;
+ struct lease_break_info *br_info;
+ struct lease *lease = opinfo->o_lease;
+
+ work = ksmbd_alloc_work_struct();
+ if (!work)
+ return -ENOMEM;
+
+ br_info = kmalloc(sizeof(struct lease_break_info), GFP_KERNEL);
+ if (!br_info) {
+ ksmbd_free_work_struct(work);
+ return -ENOMEM;
+ }
+
+ br_info->curr_state = lease->state;
+ br_info->new_state = lease->new_state;
+ memcpy(br_info->lease_key, lease->lease_key, SMB2_LEASE_KEY_SIZE);
+
+ work->request_buf = (char *)br_info;
+ work->conn = conn;
+ work->sess = opinfo->sess;
+
+ atomic_inc(&conn->r_count);
+ if (opinfo->op_state == OPLOCK_ACK_WAIT) {
+ list_for_each_safe(tmp, t, &opinfo->interim_list) {
+ struct ksmbd_work *in_work;
+
+ in_work = list_entry(tmp, struct ksmbd_work,
+ interim_entry);
+ setup_async_work(in_work, NULL, NULL);
+ smb2_send_interim_resp(in_work, STATUS_PENDING);
+ list_del(&in_work->interim_entry);
+ }
+ INIT_WORK(&work->work, __smb2_lease_break_noti);
+ ksmbd_queue_work(work);
+ wait_for_break_ack(opinfo);
+ } else {
+ __smb2_lease_break_noti(&work->work);
+ if (opinfo->o_lease->new_state == SMB2_LEASE_NONE_LE) {
+ opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
+ opinfo->o_lease->state = SMB2_LEASE_NONE_LE;
+ }
+ }
+ return 0;
+}
+
+static void wait_lease_breaking(struct oplock_info *opinfo)
+{
+ if (!opinfo->is_lease)
+ return;
+
+ wake_up_interruptible_all(&opinfo->oplock_brk);
+ if (atomic_read(&opinfo->breaking_cnt)) {
+ int ret = 0;
+
+ ret = wait_event_interruptible_timeout(
+ opinfo->oplock_brk,
+ atomic_read(&opinfo->breaking_cnt) == 0,
+ HZ);
+ if (!ret)
+ atomic_set(&opinfo->breaking_cnt, 0);
+ }
+}
+
+static int oplock_break(struct oplock_info *brk_opinfo, int req_op_level)
+{
+ int err = 0;
+
+ /* Need to break exclusive/batch oplock, write lease or overwrite_if */
+ ksmbd_debug(OPLOCK,
+ "request to send oplock(level : 0x%x) break notification\n",
+ brk_opinfo->level);
+
+ if (brk_opinfo->is_lease) {
+ struct lease *lease = brk_opinfo->o_lease;
+
+ atomic_inc(&brk_opinfo->breaking_cnt);
+
+ err = oplock_break_pending(brk_opinfo, req_op_level);
+ if (err)
+ return err < 0 ? err : 0;
+
+ if (brk_opinfo->open_trunc) {
+ /*
+ * Create overwrite break trigger the lease break to
+ * none.
+ */
+ lease->new_state = SMB2_LEASE_NONE_LE;
+ } else {
+ if (lease->state & SMB2_LEASE_WRITE_CACHING_LE) {
+ if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
+ lease->new_state =
+ SMB2_LEASE_READ_CACHING_LE |
+ SMB2_LEASE_HANDLE_CACHING_LE;
+ else
+ lease->new_state =
+ SMB2_LEASE_READ_CACHING_LE;
+ } else {
+ if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
+ lease->new_state =
+ SMB2_LEASE_READ_CACHING_LE;
+ else
+ lease->new_state = SMB2_LEASE_NONE_LE;
+ }
+ }
+
+ if (lease->state & (SMB2_LEASE_WRITE_CACHING_LE |
+ SMB2_LEASE_HANDLE_CACHING_LE))
+ brk_opinfo->op_state = OPLOCK_ACK_WAIT;
+ else
+ atomic_dec(&brk_opinfo->breaking_cnt);
+ } else {
+ err = oplock_break_pending(brk_opinfo, req_op_level);
+ if (err)
+ return err < 0 ? err : 0;
+
+ if (brk_opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
+ brk_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
+ brk_opinfo->op_state = OPLOCK_ACK_WAIT;
+ }
+
+ if (brk_opinfo->is_lease)
+ err = smb2_lease_break_noti(brk_opinfo);
+ else
+ err = smb2_oplock_break_noti(brk_opinfo);
+
+ ksmbd_debug(OPLOCK, "oplock granted = %d\n", brk_opinfo->level);
+ if (brk_opinfo->op_state == OPLOCK_CLOSING)
+ err = -ENOENT;
+ wake_up_oplock_break(brk_opinfo);
+
+ wait_lease_breaking(brk_opinfo);
+
+ return err;
+}
+
+void destroy_lease_table(struct ksmbd_conn *conn)
+{
+ struct lease_table *lb, *lbtmp;
+ struct oplock_info *opinfo;
+
+ write_lock(&lease_list_lock);
+ if (list_empty(&lease_table_list)) {
+ write_unlock(&lease_list_lock);
+ return;
+ }
+
+ list_for_each_entry_safe(lb, lbtmp, &lease_table_list, l_entry) {
+ if (conn && memcmp(lb->client_guid, conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE))
+ continue;
+again:
+ rcu_read_lock();
+ list_for_each_entry_rcu(opinfo, &lb->lease_list,
+ lease_entry) {
+ rcu_read_unlock();
+ lease_del_list(opinfo);
+ goto again;
+ }
+ rcu_read_unlock();
+ list_del(&lb->l_entry);
+ kfree(lb);
+ }
+ write_unlock(&lease_list_lock);
+}
+
+int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
+ struct lease_ctx_info *lctx)
+{
+ struct oplock_info *opinfo;
+ int err = 0;
+ struct lease_table *lb;
+
+ if (!lctx)
+ return err;
+
+ read_lock(&lease_list_lock);
+ if (list_empty(&lease_table_list)) {
+ read_unlock(&lease_list_lock);
+ return 0;
+ }
+
+ list_for_each_entry(lb, &lease_table_list, l_entry) {
+ if (!memcmp(lb->client_guid, sess->conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE))
+ goto found;
+ }
+ read_unlock(&lease_list_lock);
+
+ return 0;
+
+found:
+ rcu_read_lock();
+ list_for_each_entry_rcu(opinfo, &lb->lease_list,
+ lease_entry) {
+ if (!atomic_inc_not_zero(&opinfo->refcount))
+ continue;
+ rcu_read_unlock();
+ if (opinfo->o_fp->f_ci == ci)
+ goto op_next;
+ err = compare_guid_key(opinfo,
+ sess->conn->ClientGUID,
+ lctx->lease_key);
+ if (err) {
+ err = -EINVAL;
+ ksmbd_debug(OPLOCK,
+ "found same lease key is already used in other files\n");
+ opinfo_put(opinfo);
+ goto out;
+ }
+op_next:
+ opinfo_put(opinfo);
+ rcu_read_lock();
+ }
+ rcu_read_unlock();
+
+out:
+ read_unlock(&lease_list_lock);
+ return err;
+}
+
+static void copy_lease(struct oplock_info *op1, struct oplock_info *op2)
+{
+ struct lease *lease1 = op1->o_lease;
+ struct lease *lease2 = op2->o_lease;
+
+ op2->level = op1->level;
+ lease2->state = lease1->state;
+ memcpy(lease2->lease_key, lease1->lease_key,
+ SMB2_LEASE_KEY_SIZE);
+ lease2->duration = lease1->duration;
+ lease2->flags = lease1->flags;
+}
+
+static int add_lease_global_list(struct oplock_info *opinfo)
+{
+ struct lease_table *lb;
+
+ read_lock(&lease_list_lock);
+ list_for_each_entry(lb, &lease_table_list, l_entry) {
+ if (!memcmp(lb->client_guid, opinfo->conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE)) {
+ opinfo->o_lease->l_lb = lb;
+ lease_add_list(opinfo);
+ read_unlock(&lease_list_lock);
+ return 0;
+ }
+ }
+ read_unlock(&lease_list_lock);
+
+ lb = kmalloc(sizeof(struct lease_table), GFP_KERNEL);
+ if (!lb)
+ return -ENOMEM;
+
+ memcpy(lb->client_guid, opinfo->conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE);
+ INIT_LIST_HEAD(&lb->lease_list);
+ spin_lock_init(&lb->lb_lock);
+ opinfo->o_lease->l_lb = lb;
+ lease_add_list(opinfo);
+ lb_add(lb);
+ return 0;
+}
+
+static void set_oplock_level(struct oplock_info *opinfo, int level,
+ struct lease_ctx_info *lctx)
+{
+ switch (level) {
+ case SMB2_OPLOCK_LEVEL_BATCH:
+ case SMB2_OPLOCK_LEVEL_EXCLUSIVE:
+ grant_write_oplock(opinfo,
+ level, lctx);
+ break;
+ case SMB2_OPLOCK_LEVEL_II:
+ grant_read_oplock(opinfo, lctx);
+ break;
+ default:
+ grant_none_oplock(opinfo, lctx);
+ break;
+ }
+}
+
+/**
+ * smb_grant_oplock() - handle oplock/lease request on file open
+ * @fp: ksmbd file pointer
+ * @oplock: granted oplock type
+ * @id: fid of open file
+ * @Tid: Tree id of connection
+ * @lctx: lease context information on file open
+ * @attr_only: attribute only file open type
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb_grant_oplock(struct ksmbd_work *work,
+ int req_op_level,
+ uint64_t pid,
+ struct ksmbd_file *fp,
+ __u16 tid,
+ struct lease_ctx_info *lctx,
+ int share_ret)
+{
+ struct ksmbd_session *sess = work->sess;
+ int err = 0;
+ struct oplock_info *opinfo = NULL, *prev_opinfo = NULL;
+ struct ksmbd_inode *ci = fp->f_ci;
+ bool prev_op_has_lease;
+ __le32 prev_op_state = 0;
+
+ /* not support directory lease */
+ if (S_ISDIR(file_inode(fp->filp)->i_mode)) {
+ if (lctx)
+ lctx->dlease = 1;
+ return 0;
+ }
+
+ opinfo = alloc_opinfo(work, pid, tid);
+ if (!opinfo)
+ return -ENOMEM;
+
+ if (lctx) {
+ err = alloc_lease(opinfo, lctx);
+ if (err)
+ goto err_out;
+ opinfo->is_lease = 1;
+ }
+
+ /* ci does not have any oplock */
+ if (!opinfo_count(fp))
+ goto set_lev;
+
+ /* grant none-oplock if second open is trunc */
+ if (ATTR_FP(fp)) {
+ req_op_level = SMB2_OPLOCK_LEVEL_NONE;
+ goto set_lev;
+ }
+
+ if (lctx) {
+ struct oplock_info *m_opinfo;
+
+ /* is lease already granted ? */
+ m_opinfo = same_client_has_lease(ci, sess->conn->ClientGUID,
+ lctx);
+ if (m_opinfo) {
+ copy_lease(m_opinfo, opinfo);
+ if (atomic_read(&m_opinfo->breaking_cnt))
+ opinfo->o_lease->flags =
+ SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE;
+ goto out;
+ }
+ }
+ prev_opinfo = opinfo_get_list(ci);
+ if (!prev_opinfo ||
+ (prev_opinfo->level == SMB2_OPLOCK_LEVEL_NONE && lctx))
+ goto set_lev;
+ prev_op_has_lease = prev_opinfo->is_lease;
+ if (prev_op_has_lease)
+ prev_op_state = prev_opinfo->o_lease->state;
+
+ if (share_ret < 0 &&
+ (prev_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
+ err = share_ret;
+ opinfo_put(prev_opinfo);
+ goto err_out;
+ }
+
+ if ((prev_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH) &&
+ (prev_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
+ opinfo_put(prev_opinfo);
+ goto op_break_not_needed;
+ }
+
+ list_add(&work->interim_entry, &prev_opinfo->interim_list);
+ err = oplock_break(prev_opinfo, SMB2_OPLOCK_LEVEL_II);
+ opinfo_put(prev_opinfo);
+ if (err == -ENOENT)
+ goto set_lev;
+ /* Check all oplock was freed by close */
+ else if (err < 0)
+ goto err_out;
+
+op_break_not_needed:
+ if (share_ret < 0) {
+ err = share_ret;
+ goto err_out;
+ }
+
+ if (req_op_level != SMB2_OPLOCK_LEVEL_NONE)
+ req_op_level = SMB2_OPLOCK_LEVEL_II;
+
+ /* grant fixed oplock on stacked locking between lease and oplock */
+ if (prev_op_has_lease && !lctx)
+ if (prev_op_state & SMB2_LEASE_HANDLE_CACHING_LE)
+ req_op_level = SMB2_OPLOCK_LEVEL_NONE;
+
+ if (!prev_op_has_lease && lctx) {
+ req_op_level = SMB2_OPLOCK_LEVEL_II;
+ lctx->req_state = SMB2_LEASE_READ_CACHING_LE;
+ }
+
+set_lev:
+ set_oplock_level(opinfo, req_op_level, lctx);
+
+out:
+ rcu_assign_pointer(fp->f_opinfo, opinfo);
+ opinfo->o_fp = fp;
+
+ opinfo_count_inc(fp);
+ opinfo_add(opinfo);
+ if (opinfo->is_lease) {
+ err = add_lease_global_list(opinfo);
+ if (err)
+ goto err_out;
+ }
+
+ return 0;
+err_out:
+ free_opinfo(opinfo);
+ return err;
+}
+
+/**
+ * smb_break_write_oplock() - break batch/exclusive oplock to level2
+ * @work: smb work
+ * @fp: ksmbd file pointer
+ * @openfile: open file object
+ */
+static void smb_break_all_write_oplock(struct ksmbd_work *work,
+ struct ksmbd_file *fp, int is_trunc)
+{
+ struct oplock_info *brk_opinfo;
+
+ brk_opinfo = opinfo_get_list(fp->f_ci);
+ if (!brk_opinfo)
+ return;
+ if (brk_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH &&
+ brk_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
+ opinfo_put(brk_opinfo);
+ return;
+ }
+
+ brk_opinfo->open_trunc = is_trunc;
+ list_add(&work->interim_entry, &brk_opinfo->interim_list);
+ oplock_break(brk_opinfo, SMB2_OPLOCK_LEVEL_II);
+ opinfo_put(brk_opinfo);
+}
+
+/**
+ * smb_break_all_levII_oplock() - send level2 oplock or read lease break command
+ * from server to client
+ * @conn: connection instance
+ * @fp: ksmbd file pointer
+ * @is_trunc: truncate on open
+ */
+void smb_break_all_levII_oplock(struct ksmbd_work *work,
+ struct ksmbd_file *fp, int is_trunc)
+{
+ struct oplock_info *op, *brk_op;
+ struct ksmbd_inode *ci;
+ struct ksmbd_conn *conn = work->sess->conn;
+
+ if (!test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_OPLOCKS)) {
+ return;
+ }
+
+ ci = fp->f_ci;
+ op = opinfo_get(fp);
+
+ rcu_read_lock();
+ list_for_each_entry_rcu(brk_op, &ci->m_op_list, op_entry) {
+ if (!atomic_inc_not_zero(&brk_op->refcount))
+ continue;
+ rcu_read_unlock();
+ if (brk_op->is_lease && (brk_op->o_lease->state &
+ (~(SMB2_LEASE_READ_CACHING_LE |
+ SMB2_LEASE_HANDLE_CACHING_LE)))) {
+ ksmbd_debug(OPLOCK, "unexpected lease state(0x%x)\n",
+ brk_op->o_lease->state);
+ goto next;
+ } else if (brk_op->level !=
+ SMB2_OPLOCK_LEVEL_II) {
+ ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n",
+ brk_op->level);
+ goto next;
+ }
+
+ /* Skip oplock being break to none */
+ if (brk_op->is_lease && (brk_op->o_lease->new_state ==
+ SMB2_LEASE_NONE_LE) &&
+ atomic_read(&brk_op->breaking_cnt))
+ goto next;
+
+ if (op && op->is_lease &&
+ brk_op->is_lease &&
+ !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE) &&
+ !memcmp(op->o_lease->lease_key,
+ brk_op->o_lease->lease_key,
+ SMB2_LEASE_KEY_SIZE))
+ goto next;
+ brk_op->open_trunc = is_trunc;
+ oplock_break(brk_op, SMB2_OPLOCK_LEVEL_NONE);
+next:
+ opinfo_put(brk_op);
+ rcu_read_lock();
+ }
+ rcu_read_unlock();
+
+ if (op)
+ opinfo_put(op);
+}
+
+/**
+ * smb_break_all_oplock() - break both batch/exclusive and level2 oplock
+ * @work: smb work
+ * @fp: ksmbd file pointer
+ */
+void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp)
+{
+ if (!test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_OPLOCKS))
+ return;
+
+ smb_break_all_write_oplock(work, fp, 1);
+ smb_break_all_levII_oplock(work, fp, 1);
+}
+
+/**
+ * smb2_map_lease_to_oplock() - map lease state to corresponding oplock type
+ * @lease_state: lease type
+ *
+ * Return: 0 if no mapping, otherwise corresponding oplock type
+ */
+__u8 smb2_map_lease_to_oplock(__le32 lease_state)
+{
+ if (lease_state == (SMB2_LEASE_HANDLE_CACHING_LE |
+ SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_WRITE_CACHING_LE))
+ return SMB2_OPLOCK_LEVEL_BATCH;
+ else if (lease_state != SMB2_LEASE_WRITE_CACHING_LE &&
+ lease_state & SMB2_LEASE_WRITE_CACHING_LE) {
+ if (!(lease_state & SMB2_LEASE_HANDLE_CACHING_LE))
+ return SMB2_OPLOCK_LEVEL_EXCLUSIVE;
+ } else if (lease_state & SMB2_LEASE_READ_CACHING_LE)
+ return SMB2_OPLOCK_LEVEL_II;
+ return 0;
+}
+
+/**
+ * create_lease_buf() - create lease context for open cmd response
+ * @rbuf: buffer to create lease context response
+ * @lreq: buffer to stored parsed lease state information
+ */
+void create_lease_buf(u8 *rbuf, struct lease *lease)
+{
+ struct create_lease *buf = (struct create_lease *)rbuf;
+ char *LeaseKey = (char *)&lease->lease_key;
+
+ memset(buf, 0, sizeof(struct create_lease));
+ buf->lcontext.LeaseKeyLow = *((__le64 *)LeaseKey);
+ buf->lcontext.LeaseKeyHigh = *((__le64 *)(LeaseKey + 8));
+ buf->lcontext.LeaseFlags = lease->flags;
+ buf->lcontext.LeaseState = lease->state;
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_lease, lcontext));
+ buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context));
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ (struct create_lease, Name));
+ buf->ccontext.NameLength = cpu_to_le16(4);
+ buf->Name[0] = 'R';
+ buf->Name[1] = 'q';
+ buf->Name[2] = 'L';
+ buf->Name[3] = 's';
+}
+
+/**
+ * parse_lease_state() - parse lease context containted in file open request
+ * @open_req: buffer containing smb2 file open(create) request
+ * @lreq: buffer to stored parsed lease state information
+ *
+ * Return: oplock state, -ENOENT if create lease context not found
+ */
+struct lease_ctx_info *parse_lease_state(void *open_req)
+{
+ char *data_offset;
+ struct create_context *cc;
+ unsigned int next = 0;
+ char *name;
+ bool found = false;
+ struct smb2_create_req *req = (struct smb2_create_req *)open_req;
+ struct lease_ctx_info *lreq = kzalloc(sizeof(struct lease_ctx_info),
+ GFP_KERNEL);
+ if (!lreq)
+ return NULL;
+
+ data_offset = (char *)req + 4 + le32_to_cpu(req->CreateContextsOffset);
+ cc = (struct create_context *)data_offset;
+ do {
+ cc = (struct create_context *)((char *)cc + next);
+ name = le16_to_cpu(cc->NameOffset) + (char *)cc;
+ if (le16_to_cpu(cc->NameLength) != 4 ||
+ strncmp(name, SMB2_CREATE_REQUEST_LEASE, 4)) {
+ next = le32_to_cpu(cc->Next);
+ continue;
+ }
+ found = true;
+ break;
+ } while (next != 0);
+
+ if (found) {
+ struct create_lease *lc = (struct create_lease *)cc;
+ *((__le64 *)lreq->lease_key) = lc->lcontext.LeaseKeyLow;
+ *((__le64 *)(lreq->lease_key + 8)) = lc->lcontext.LeaseKeyHigh;
+ lreq->req_state = lc->lcontext.LeaseState;
+ lreq->flags = lc->lcontext.LeaseFlags;
+ lreq->duration = lc->lcontext.LeaseDuration;
+ return lreq;
+ }
+
+ kfree(lreq);
+ return NULL;
+}
+
+/**
+ * smb2_find_context_vals() - find a particular context info in open request
+ * @open_req: buffer containing smb2 file open(create) request
+ * @str: context name to search for
+ *
+ * Return: pointer to requested context, NULL if @str context not found
+ */
+struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
+{
+ char *data_offset;
+ struct create_context *cc;
+ unsigned int next = 0;
+ char *name;
+ struct smb2_create_req *req = (struct smb2_create_req *)open_req;
+
+ data_offset = (char *)req + 4 + le32_to_cpu(req->CreateContextsOffset);
+ cc = (struct create_context *)data_offset;
+ do {
+ int val;
+
+ cc = (struct create_context *)((char *)cc + next);
+ name = le16_to_cpu(cc->NameOffset) + (char *)cc;
+ val = le16_to_cpu(cc->NameLength);
+ if (val < 4)
+ return ERR_PTR(-EINVAL);
+
+ if (memcmp(name, tag, val) == 0)
+ return cc;
+ next = le32_to_cpu(cc->Next);
+ } while (next != 0);
+
+ return ERR_PTR(-ENOENT);
+}
+
+/**
+ * create_durable_buf() - create durable handle context
+ * @cc: buffer to create durable context response
+ */
+void create_durable_rsp_buf(char *cc)
+{
+ struct create_durable_rsp *buf;
+
+ buf = (struct create_durable_rsp *)cc;
+ memset(buf, 0, sizeof(struct create_durable_rsp));
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_durable_rsp, Data));
+ buf->ccontext.DataLength = cpu_to_le32(8);
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ (struct create_durable_rsp, Name));
+ buf->ccontext.NameLength = cpu_to_le16(4);
+ /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE is "DHnQ" */
+ buf->Name[0] = 'D';
+ buf->Name[1] = 'H';
+ buf->Name[2] = 'n';
+ buf->Name[3] = 'Q';
+}
+
+/**
+ * create_durable_buf() - create durable handle v2 context
+ * @cc: buffer to create durable context response
+ */
+void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp)
+{
+ struct create_durable_v2_rsp *buf;
+
+ buf = (struct create_durable_v2_rsp *)cc;
+ memset(buf, 0, sizeof(struct create_durable_rsp));
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_durable_rsp, Data));
+ buf->ccontext.DataLength = cpu_to_le32(8);
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ (struct create_durable_rsp, Name));
+ buf->ccontext.NameLength = cpu_to_le16(4);
+ /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2 is "DH2Q" */
+ buf->Name[0] = 'D';
+ buf->Name[1] = 'H';
+ buf->Name[2] = '2';
+ buf->Name[3] = 'Q';
+
+ buf->Timeout = cpu_to_le32(fp->durable_timeout);
+ if (fp->is_persistent)
+ buf->Flags = SMB2_FLAGS_REPLAY_OPERATIONS;
+}
+
+/**
+ * create_mxac_buf() - create query maximal access context
+ * @cc: buffer to create maximal access context response
+ */
+void create_mxac_rsp_buf(char *cc, int maximal_access)
+{
+ struct create_mxac_rsp *buf;
+
+ buf = (struct create_mxac_rsp *)cc;
+ memset(buf, 0, sizeof(struct create_mxac_rsp));
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_mxac_rsp, QueryStatus));
+ buf->ccontext.DataLength = cpu_to_le32(8);
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ (struct create_mxac_rsp, Name));
+ buf->ccontext.NameLength = cpu_to_le16(4);
+ /* SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE is "MxAc" */
+ buf->Name[0] = 'M';
+ buf->Name[1] = 'x';
+ buf->Name[2] = 'A';
+ buf->Name[3] = 'c';
+
+ buf->QueryStatus = STATUS_SUCCESS;
+ buf->MaximalAccess = cpu_to_le32(maximal_access);
+}
+
+/**
+ * create_mxac_buf() - create query maximal access context
+ * @cc: buffer to create query disk on id context response
+ */
+void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id)
+{
+ struct create_disk_id_rsp *buf;
+
+ buf = (struct create_disk_id_rsp *)cc;
+ memset(buf, 0, sizeof(struct create_disk_id_rsp));
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_disk_id_rsp, DiskFileId));
+ buf->ccontext.DataLength = cpu_to_le32(32);
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ (struct create_mxac_rsp, Name));
+ buf->ccontext.NameLength = cpu_to_le16(4);
+ /* SMB2_CREATE_QUERY_ON_DISK_ID_RESPONSE is "QFid" */
+ buf->Name[0] = 'Q';
+ buf->Name[1] = 'F';
+ buf->Name[2] = 'i';
+ buf->Name[3] = 'd';
+
+ buf->DiskFileId = cpu_to_le64(file_id);
+ buf->VolumeId = cpu_to_le64(vol_id);
+}
+
+/**
+ * create_posix_buf() - create posix extension context
+ * @cc: buffer to create posix on posix response
+ */
+void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
+{
+ struct create_posix_rsp *buf;
+ struct inode *inode = FP_INODE(fp);
+
+ buf = (struct create_posix_rsp *)cc;
+ memset(buf, 0, sizeof(struct create_posix_rsp));
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_posix_rsp, nlink));
+ buf->ccontext.DataLength = cpu_to_le32(52);
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ (struct create_posix_rsp, Name));
+ buf->ccontext.NameLength = cpu_to_le16(POSIX_CTXT_DATA_LEN);
+ /* SMB2_CREATE_TAG_POSIX is "0x93AD25509CB411E7B42383DE968BCD7C" */
+ buf->Name[0] = 0x93;
+ buf->Name[1] = 0xAD;
+ buf->Name[2] = 0x25;
+ buf->Name[3] = 0x50;
+ buf->Name[4] = 0x9C;
+ buf->Name[5] = 0xB4;
+ buf->Name[6] = 0x11;
+ buf->Name[7] = 0xE7;
+ buf->Name[8] = 0xB4;
+ buf->Name[9] = 0x23;
+ buf->Name[10] = 0x83;
+ buf->Name[11] = 0xDE;
+ buf->Name[12] = 0x96;
+ buf->Name[13] = 0x8B;
+ buf->Name[14] = 0xCD;
+ buf->Name[15] = 0x7C;
+
+ buf->nlink = cpu_to_le32(inode->i_nlink);
+ buf->reparse_tag = cpu_to_le32(fp->volatile_id);
+ buf->mode = cpu_to_le32(inode->i_mode);
+ id_to_sid(from_kuid(&init_user_ns, inode->i_uid),
+ SIDNFS_USER, (struct smb_sid *)&buf->SidBuffer[0]);
+ id_to_sid(from_kgid(&init_user_ns, inode->i_gid),
+ SIDNFS_GROUP, (struct smb_sid *)&buf->SidBuffer[20]);
+}
+
+/*
+ * Find lease object(opinfo) for given lease key/fid from lease
+ * break/file close path.
+ */
+/**
+ * lookup_lease_in_table() - find a matching lease info object
+ * @conn: connection instance
+ * @lease_key: lease key to be searched for
+ *
+ * Return: opinfo if found matching opinfo, otherwise NULL
+ */
+struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
+ char *lease_key)
+{
+ struct oplock_info *opinfo = NULL, *ret_op = NULL;
+ struct lease_table *lt;
+ int ret;
+
+ read_lock(&lease_list_lock);
+ list_for_each_entry(lt, &lease_table_list, l_entry) {
+ if (!memcmp(lt->client_guid, conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE))
+ goto found;
+ }
+
+ read_unlock(&lease_list_lock);
+ return NULL;
+
+found:
+ rcu_read_lock();
+ list_for_each_entry_rcu(opinfo, <->lease_list, lease_entry) {
+ if (!atomic_inc_not_zero(&opinfo->refcount))
+ continue;
+ rcu_read_unlock();
+ if (!opinfo->op_state ||
+ opinfo->op_state == OPLOCK_CLOSING)
+ goto op_next;
+ if (!(opinfo->o_lease->state &
+ (SMB2_LEASE_HANDLE_CACHING_LE |
+ SMB2_LEASE_WRITE_CACHING_LE)))
+ goto op_next;
+ ret = compare_guid_key(opinfo, conn->ClientGUID,
+ lease_key);
+ if (ret) {
+ ksmbd_debug(OPLOCK, "found opinfo\n");
+ ret_op = opinfo;
+ goto out;
+ }
+op_next:
+ opinfo_put(opinfo);
+ rcu_read_lock();
+ }
+ rcu_read_unlock();
+
+out:
+ read_unlock(&lease_list_lock);
+ return ret_op;
+}
+
+int smb2_check_durable_oplock(struct ksmbd_file *fp,
+ struct lease_ctx_info *lctx, char *name)
+{
+ struct oplock_info *opinfo = opinfo_get(fp);
+ int ret = 0;
+
+ if (opinfo && opinfo->is_lease) {
+ if (!lctx) {
+ ksmbd_err("open does not include lease\n");
+ ret = -EBADF;
+ goto out;
+ }
+ if (memcmp(opinfo->o_lease->lease_key, lctx->lease_key,
+ SMB2_LEASE_KEY_SIZE)) {
+ ksmbd_err("invalid lease key\n");
+ ret = -EBADF;
+ goto out;
+ }
+ if (name && strcmp(fp->filename, name)) {
+ ksmbd_err("invalid name reconnect %s\n", name);
+ ret = -EINVAL;
+ goto out;
+ }
+ }
+out:
+ if (opinfo)
+ opinfo_put(opinfo);
+ return ret;
+}
diff --git a/fs/cifsd/oplock.h b/fs/cifsd/oplock.h
new file mode 100644
index 000000000000..b0e2e795f29a
--- /dev/null
+++ b/fs/cifsd/oplock.h
@@ -0,0 +1,138 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_OPLOCK_H
+#define __KSMBD_OPLOCK_H
+
+#include "smb_common.h"
+
+#define OPLOCK_WAIT_TIME (35*HZ)
+
+/* SMB Oplock levels */
+#define OPLOCK_NONE 0
+#define OPLOCK_EXCLUSIVE 1
+#define OPLOCK_BATCH 2
+#define OPLOCK_READ 3 /* level 2 oplock */
+
+/* SMB2 Oplock levels */
+#define SMB2_OPLOCK_LEVEL_NONE 0x00
+#define SMB2_OPLOCK_LEVEL_II 0x01
+#define SMB2_OPLOCK_LEVEL_EXCLUSIVE 0x08
+#define SMB2_OPLOCK_LEVEL_BATCH 0x09
+#define SMB2_OPLOCK_LEVEL_LEASE 0xFF
+
+/* Oplock states */
+#define OPLOCK_STATE_NONE 0x00
+#define OPLOCK_ACK_WAIT 0x01
+#define OPLOCK_CLOSING 0x02
+
+#define OPLOCK_WRITE_TO_READ 0x01
+#define OPLOCK_READ_HANDLE_TO_READ 0x02
+#define OPLOCK_WRITE_TO_NONE 0x04
+#define OPLOCK_READ_TO_NONE 0x08
+
+#define SMB2_LEASE_KEY_SIZE 16
+
+struct lease_ctx_info {
+ __u8 lease_key[SMB2_LEASE_KEY_SIZE];
+ __le32 req_state;
+ __le32 flags;
+ __le64 duration;
+ int dlease;
+};
+
+struct lease_table {
+ char client_guid[SMB2_CLIENT_GUID_SIZE];
+ struct list_head lease_list;
+ struct list_head l_entry;
+ spinlock_t lb_lock;
+};
+
+struct lease {
+ __u8 lease_key[SMB2_LEASE_KEY_SIZE];
+ __le32 state;
+ __le32 new_state;
+ __le32 flags;
+ __le64 duration;
+ struct lease_table *l_lb;
+};
+
+struct oplock_info {
+ struct ksmbd_conn *conn;
+ struct ksmbd_session *sess;
+ struct ksmbd_work *work;
+ struct ksmbd_file *o_fp;
+ int level;
+ int op_state;
+ unsigned long pending_break;
+ uint64_t fid;
+ atomic_t breaking_cnt;
+ atomic_t refcount;
+ __u16 Tid;
+ bool is_lease;
+ bool open_trunc; /* truncate on open */
+ struct lease *o_lease;
+ struct list_head interim_list;
+ struct list_head op_entry;
+ struct list_head lease_entry;
+ wait_queue_head_t oplock_q; /* Other server threads */
+ wait_queue_head_t oplock_brk; /* oplock breaking wait */
+ struct rcu_head rcu_head;
+};
+
+struct lease_break_info {
+ __le32 curr_state;
+ __le32 new_state;
+ char lease_key[SMB2_LEASE_KEY_SIZE];
+};
+
+struct oplock_break_info {
+ int level;
+ int open_trunc;
+ int fid;
+};
+
+extern int smb_grant_oplock(struct ksmbd_work *work, int req_op_level,
+ uint64_t pid, struct ksmbd_file *fp, __u16 tid,
+ struct lease_ctx_info *lctx, int share_ret);
+extern void smb_break_all_levII_oplock(struct ksmbd_work *work,
+ struct ksmbd_file *fp, int is_trunc);
+
+int opinfo_write_to_read(struct oplock_info *opinfo);
+int opinfo_read_handle_to_read(struct oplock_info *opinfo);
+int opinfo_write_to_none(struct oplock_info *opinfo);
+int opinfo_read_to_none(struct oplock_info *opinfo);
+void close_id_del_oplock(struct ksmbd_file *fp);
+void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp);
+struct oplock_info *opinfo_get(struct ksmbd_file *fp);
+void opinfo_put(struct oplock_info *opinfo);
+
+/* Lease related functions */
+void create_lease_buf(u8 *rbuf, struct lease *lease);
+struct lease_ctx_info *parse_lease_state(void *open_req);
+__u8 smb2_map_lease_to_oplock(__le32 lease_state);
+int lease_read_to_write(struct oplock_info *opinfo);
+
+/* Durable related functions */
+void create_durable_rsp_buf(char *cc);
+void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp);
+void create_mxac_rsp_buf(char *cc, int maximal_access);
+void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id);
+void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp);
+struct create_context *smb2_find_context_vals(void *open_req, const char *str);
+int ksmbd_durable_verify_and_del_oplock(struct ksmbd_session *curr_sess,
+ struct ksmbd_session *prev_sess,
+ int fid, struct file **filp,
+ uint64_t sess_id);
+struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
+ char *lease_key);
+int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
+ struct lease_ctx_info *lctx);
+void destroy_lease_table(struct ksmbd_conn *conn);
+int smb2_check_durable_oplock(struct ksmbd_file *fp,
+ struct lease_ctx_info *lctx, char *name);
+
+#endif /* __KSMBD_OPLOCK_H */
diff --git a/fs/cifsd/smb2misc.c b/fs/cifsd/smb2misc.c
new file mode 100644
index 000000000000..485f431c776c
--- /dev/null
+++ b/fs/cifsd/smb2misc.c
@@ -0,0 +1,458 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include "glob.h"
+#include "nterr.h"
+#include "smb2pdu.h"
+#include "smb_common.h"
+#include "smbstatus.h"
+#include "mgmt/user_session.h"
+#include "connection.h"
+
+static int check_smb2_hdr(struct smb2_hdr *hdr)
+{
+ /*
+ * Make sure that this really is an SMB, that it is a response.
+ */
+ if (hdr->Flags & SMB2_FLAGS_SERVER_TO_REDIR)
+ return 1;
+ return 0;
+}
+
+/*
+ * The following table defines the expected "StructureSize" of SMB2 requests
+ * in order by SMB2 command. This is similar to "wct" in SMB/CIFS requests.
+ *
+ * Note that commands are defined in smb2pdu.h in le16 but the array below is
+ * indexed by command in host byte order
+ */
+static const __le16 smb2_req_struct_sizes[NUMBER_OF_SMB2_COMMANDS] = {
+ /* SMB2_NEGOTIATE */ cpu_to_le16(36),
+ /* SMB2_SESSION_SETUP */ cpu_to_le16(25),
+ /* SMB2_LOGOFF */ cpu_to_le16(4),
+ /* SMB2_TREE_CONNECT */ cpu_to_le16(9),
+ /* SMB2_TREE_DISCONNECT */ cpu_to_le16(4),
+ /* SMB2_CREATE */ cpu_to_le16(57),
+ /* SMB2_CLOSE */ cpu_to_le16(24),
+ /* SMB2_FLUSH */ cpu_to_le16(24),
+ /* SMB2_READ */ cpu_to_le16(49),
+ /* SMB2_WRITE */ cpu_to_le16(49),
+ /* SMB2_LOCK */ cpu_to_le16(48),
+ /* SMB2_IOCTL */ cpu_to_le16(57),
+ /* SMB2_CANCEL */ cpu_to_le16(4),
+ /* SMB2_ECHO */ cpu_to_le16(4),
+ /* SMB2_QUERY_DIRECTORY */ cpu_to_le16(33),
+ /* SMB2_CHANGE_NOTIFY */ cpu_to_le16(32),
+ /* SMB2_QUERY_INFO */ cpu_to_le16(41),
+ /* SMB2_SET_INFO */ cpu_to_le16(33),
+ /* use 44 for lease break */
+ /* SMB2_OPLOCK_BREAK */ cpu_to_le16(36)
+};
+
+/*
+ * The size of the variable area depends on the offset and length fields
+ * located in different fields for various SMB2 requests. SMB2 requests
+ * with no variable length info, show an offset of zero for the offset field.
+ */
+static const bool has_smb2_data_area[NUMBER_OF_SMB2_COMMANDS] = {
+ /* SMB2_NEGOTIATE */ true,
+ /* SMB2_SESSION_SETUP */ true,
+ /* SMB2_LOGOFF */ false,
+ /* SMB2_TREE_CONNECT */ true,
+ /* SMB2_TREE_DISCONNECT */ false,
+ /* SMB2_CREATE */ true,
+ /* SMB2_CLOSE */ false,
+ /* SMB2_FLUSH */ false,
+ /* SMB2_READ */ true,
+ /* SMB2_WRITE */ true,
+ /* SMB2_LOCK */ true,
+ /* SMB2_IOCTL */ true,
+ /* SMB2_CANCEL */ false, /* BB CHECK this not listed in documentation */
+ /* SMB2_ECHO */ false,
+ /* SMB2_QUERY_DIRECTORY */ true,
+ /* SMB2_CHANGE_NOTIFY */ false,
+ /* SMB2_QUERY_INFO */ true,
+ /* SMB2_SET_INFO */ true,
+ /* SMB2_OPLOCK_BREAK */ false
+};
+
+/*
+ * Returns the pointer to the beginning of the data area. Length of the data
+ * area and the offset to it (from the beginning of the smb are also returned.
+ */
+static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
+{
+ *off = 0;
+ *len = 0;
+
+ /* error reqeusts do not have data area */
+ if (hdr->Status && hdr->Status != STATUS_MORE_PROCESSING_REQUIRED &&
+ (((struct smb2_err_rsp *)hdr)->StructureSize) ==
+ SMB2_ERROR_STRUCTURE_SIZE2_LE)
+ return NULL;
+
+ /*
+ * Following commands have data areas so we have to get the location
+ * of the data buffer offset and data buffer length for the particular
+ * command.
+ */
+ switch (hdr->Command) {
+ case SMB2_SESSION_SETUP:
+ *off = le16_to_cpu(
+ ((struct smb2_sess_setup_req *)hdr)->SecurityBufferOffset);
+ *len = le16_to_cpu(
+ ((struct smb2_sess_setup_req *)hdr)->SecurityBufferLength);
+ break;
+ case SMB2_TREE_CONNECT:
+ *off = le16_to_cpu(
+ ((struct smb2_tree_connect_req *)hdr)->PathOffset);
+ *len = le16_to_cpu(
+ ((struct smb2_tree_connect_req *)hdr)->PathLength);
+ break;
+ case SMB2_CREATE:
+ {
+ if (((struct smb2_create_req *)hdr)->CreateContextsLength) {
+ *off = le32_to_cpu(((struct smb2_create_req *)
+ hdr)->CreateContextsOffset);
+ *len = le32_to_cpu(((struct smb2_create_req *)
+ hdr)->CreateContextsLength);
+ break;
+ }
+
+ *off = le16_to_cpu(
+ ((struct smb2_create_req *)hdr)->NameOffset);
+ *len = le16_to_cpu(
+ ((struct smb2_create_req *)hdr)->NameLength);
+ break;
+ }
+ case SMB2_QUERY_INFO:
+ *off = le16_to_cpu(
+ ((struct smb2_query_info_req *)hdr)->InputBufferOffset);
+ *len = le32_to_cpu(
+ ((struct smb2_query_info_req *)hdr)->InputBufferLength);
+ break;
+ case SMB2_SET_INFO:
+ *off = le16_to_cpu(
+ ((struct smb2_set_info_req *)hdr)->BufferOffset);
+ *len = le32_to_cpu(
+ ((struct smb2_set_info_req *)hdr)->BufferLength);
+ break;
+ case SMB2_READ:
+ *off = le16_to_cpu(
+ ((struct smb2_read_req *)hdr)->ReadChannelInfoOffset);
+ *len = le16_to_cpu(
+ ((struct smb2_read_req *)hdr)->ReadChannelInfoLength);
+ break;
+ case SMB2_WRITE:
+ if (((struct smb2_write_req *)hdr)->DataOffset) {
+ *off = le16_to_cpu(
+ ((struct smb2_write_req *)hdr)->DataOffset);
+ *len = le32_to_cpu(
+ ((struct smb2_write_req *)hdr)->Length);
+ break;
+ }
+
+ *off = le16_to_cpu(
+ ((struct smb2_write_req *)hdr)->WriteChannelInfoOffset);
+ *len = le16_to_cpu(
+ ((struct smb2_write_req *)hdr)->WriteChannelInfoLength);
+ break;
+ case SMB2_QUERY_DIRECTORY:
+ *off = le16_to_cpu(
+ ((struct smb2_query_directory_req *)hdr)->FileNameOffset);
+ *len = le16_to_cpu(
+ ((struct smb2_query_directory_req *)hdr)->FileNameLength);
+ break;
+ case SMB2_LOCK:
+ {
+ int lock_count;
+
+ /*
+ * smb2_lock request size is 48 included single
+ * smb2_lock_element structure size.
+ */
+ lock_count = le16_to_cpu(
+ ((struct smb2_lock_req *)hdr)->LockCount) - 1;
+ if (lock_count > 0) {
+ *off = __SMB2_HEADER_STRUCTURE_SIZE + 48;
+ *len = sizeof(struct smb2_lock_element) * lock_count;
+ }
+ break;
+ }
+ case SMB2_IOCTL:
+ *off = le32_to_cpu(
+ ((struct smb2_ioctl_req *)hdr)->InputOffset);
+ *len = le32_to_cpu(((struct smb2_ioctl_req *)hdr)->InputCount);
+
+ break;
+ default:
+ ksmbd_debug(SMB, "no length check for command\n");
+ break;
+ }
+
+ /*
+ * Invalid length or offset probably means data area is invalid, but
+ * we have little choice but to ignore the data area in this case.
+ */
+ if (*off > 4096) {
+ ksmbd_debug(SMB, "offset %d too large, data area ignored\n",
+ *off);
+ *len = 0;
+ *off = 0;
+ } else if (*off < 0) {
+ ksmbd_debug(SMB,
+ "negative offset %d to data invalid ignore data area\n",
+ *off);
+ *off = 0;
+ *len = 0;
+ } else if (*len < 0) {
+ ksmbd_debug(SMB,
+ "negative data length %d invalid, data area ignored\n",
+ *len);
+ *len = 0;
+ } else if (*len > 128 * 1024) {
+ ksmbd_debug(SMB, "data area larger than 128K: %d\n", *len);
+ *len = 0;
+ }
+
+ /* return pointer to beginning of data area, ie offset from SMB start */
+ if ((*off != 0) && (*len != 0))
+ return (char *)hdr + *off;
+ else
+ return NULL;
+}
+
+/*
+ * Calculate the size of the SMB message based on the fixed header
+ * portion, the number of word parameters and the data portion of the message.
+ */
+static unsigned int smb2_calc_size(void *buf)
+{
+ struct smb2_pdu *pdu = (struct smb2_pdu *)buf;
+ struct smb2_hdr *hdr = &pdu->hdr;
+ int offset; /* the offset from the beginning of SMB to data area */
+ int data_length; /* the length of the variable length data area */
+ /* Structure Size has already been checked to make sure it is 64 */
+ int len = le16_to_cpu(hdr->StructureSize);
+
+ /*
+ * StructureSize2, ie length of fixed parameter area has already
+ * been checked to make sure it is the correct length.
+ */
+ len += le16_to_cpu(pdu->StructureSize2);
+
+ if (has_smb2_data_area[le16_to_cpu(hdr->Command)] == false)
+ goto calc_size_exit;
+
+ smb2_get_data_area_len(&offset, &data_length, hdr);
+ ksmbd_debug(SMB, "SMB2 data length %d offset %d\n", data_length,
+ offset);
+
+ if (data_length > 0) {
+ /*
+ * Check to make sure that data area begins after fixed area,
+ * Note that last byte of the fixed area is part of data area
+ * for some commands, typically those with odd StructureSize,
+ * so we must add one to the calculation.
+ */
+ if (offset + 1 < len)
+ ksmbd_debug(SMB,
+ "data area offset %d overlaps SMB2 header %d\n",
+ offset + 1, len);
+ else
+ len = offset + data_length;
+ }
+calc_size_exit:
+ ksmbd_debug(SMB, "SMB2 len %d\n", len);
+ return len;
+}
+
+static inline int smb2_query_info_req_len(struct smb2_query_info_req *h)
+{
+ return le32_to_cpu(h->InputBufferLength) +
+ le32_to_cpu(h->OutputBufferLength);
+}
+
+static inline int smb2_set_info_req_len(struct smb2_set_info_req *h)
+{
+ return le32_to_cpu(h->BufferLength);
+}
+
+static inline int smb2_read_req_len(struct smb2_read_req *h)
+{
+ return le32_to_cpu(h->Length);
+}
+
+static inline int smb2_write_req_len(struct smb2_write_req *h)
+{
+ return le32_to_cpu(h->Length);
+}
+
+static inline int smb2_query_dir_req_len(struct smb2_query_directory_req *h)
+{
+ return le32_to_cpu(h->OutputBufferLength);
+}
+
+static inline int smb2_ioctl_req_len(struct smb2_ioctl_req *h)
+{
+ return le32_to_cpu(h->InputCount) +
+ le32_to_cpu(h->OutputCount);
+}
+
+static inline int smb2_ioctl_resp_len(struct smb2_ioctl_req *h)
+{
+ return le32_to_cpu(h->MaxInputResponse) +
+ le32_to_cpu(h->MaxOutputResponse);
+}
+
+static int smb2_validate_credit_charge(struct smb2_hdr *hdr)
+{
+ int req_len = 0, expect_resp_len = 0, calc_credit_num, max_len;
+ int credit_charge = le16_to_cpu(hdr->CreditCharge);
+ void *__hdr = hdr;
+
+ switch (hdr->Command) {
+ case SMB2_QUERY_INFO:
+ req_len = smb2_query_info_req_len(__hdr);
+ break;
+ case SMB2_SET_INFO:
+ req_len = smb2_set_info_req_len(__hdr);
+ break;
+ case SMB2_READ:
+ req_len = smb2_read_req_len(__hdr);
+ break;
+ case SMB2_WRITE:
+ req_len = smb2_write_req_len(__hdr);
+ break;
+ case SMB2_QUERY_DIRECTORY:
+ req_len = smb2_query_dir_req_len(__hdr);
+ break;
+ case SMB2_IOCTL:
+ req_len = smb2_ioctl_req_len(__hdr);
+ expect_resp_len = smb2_ioctl_resp_len(__hdr);
+ break;
+ default:
+ return 0;
+ }
+
+ max_len = max(req_len, expect_resp_len);
+ calc_credit_num = DIV_ROUND_UP(max_len, SMB2_MAX_BUFFER_SIZE);
+ if (!credit_charge && max_len > SMB2_MAX_BUFFER_SIZE) {
+ ksmbd_err("credit charge is zero and payload size(%d) is bigger than 64K\n",
+ max_len);
+ return 1;
+ } else if (credit_charge < calc_credit_num) {
+ ksmbd_err("credit charge : %d, calc_credit_num : %d\n",
+ credit_charge, calc_credit_num);
+ return 1;
+ }
+
+ return 0;
+}
+
+int ksmbd_smb2_check_message(struct ksmbd_work *work)
+{
+ struct smb2_pdu *pdu = REQUEST_BUF(work);
+ struct smb2_hdr *hdr = &pdu->hdr;
+ int command;
+ __u32 clc_len; /* calculated length */
+ __u32 len = get_rfc1002_len(pdu);
+
+ if (work->next_smb2_rcv_hdr_off) {
+ pdu = REQUEST_BUF_NEXT(work);
+ hdr = &pdu->hdr;
+ }
+
+ if (le32_to_cpu(hdr->NextCommand) > 0)
+ len = le32_to_cpu(hdr->NextCommand);
+ else if (work->next_smb2_rcv_hdr_off) {
+ len -= work->next_smb2_rcv_hdr_off;
+ len = round_up(len, 8);
+ }
+
+ if (check_smb2_hdr(hdr))
+ return 1;
+
+ if (hdr->StructureSize != SMB2_HEADER_STRUCTURE_SIZE) {
+ ksmbd_debug(SMB, "Illegal structure size %u\n",
+ le16_to_cpu(hdr->StructureSize));
+ return 1;
+ }
+
+ command = le16_to_cpu(hdr->Command);
+ if (command >= NUMBER_OF_SMB2_COMMANDS) {
+ ksmbd_debug(SMB, "Illegal SMB2 command %d\n", command);
+ return 1;
+ }
+
+ if (smb2_req_struct_sizes[command] != pdu->StructureSize2) {
+ if (command != SMB2_OPLOCK_BREAK_HE && (hdr->Status == 0 ||
+ pdu->StructureSize2 != SMB2_ERROR_STRUCTURE_SIZE2_LE)) {
+ /* error packets have 9 byte structure size */
+ ksmbd_debug(SMB,
+ "Illegal request size %u for command %d\n",
+ le16_to_cpu(pdu->StructureSize2), command);
+ return 1;
+ } else if (command == SMB2_OPLOCK_BREAK_HE
+ && (hdr->Status == 0)
+ && (le16_to_cpu(pdu->StructureSize2) !=
+ OP_BREAK_STRUCT_SIZE_20)
+ && (le16_to_cpu(pdu->StructureSize2) !=
+ OP_BREAK_STRUCT_SIZE_21)) {
+ /* special case for SMB2.1 lease break message */
+ ksmbd_debug(SMB,
+ "Illegal request size %d for oplock break\n",
+ le16_to_cpu(pdu->StructureSize2));
+ return 1;
+ }
+ }
+
+ clc_len = smb2_calc_size(hdr);
+ if (len != clc_len) {
+ /* server can return one byte more due to implied bcc[0] */
+ if (clc_len == len + 1)
+ return 0;
+
+ /*
+ * Some windows servers (win2016) will pad also the final
+ * PDU in a compound to 8 bytes.
+ */
+ if (ALIGN(clc_len, 8) == len)
+ return 0;
+
+ /*
+ * windows client also pad up to 8 bytes when compounding.
+ * If pad is longer than eight bytes, log the server behavior
+ * (once), since may indicate a problem but allow it and
+ * continue since the frame is parseable.
+ */
+ if (clc_len < len) {
+ ksmbd_debug(SMB,
+ "cli req padded more than expected. Length %d not %d for cmd:%d mid:%llu\n",
+ len, clc_len, command,
+ le64_to_cpu(hdr->MessageId));
+ return 0;
+ }
+
+ if (command == SMB2_LOCK_HE && len == 88)
+ return 0;
+
+ ksmbd_debug(SMB,
+ "cli req too short, len %d not %d. cmd:%d mid:%llu\n",
+ len, clc_len, command,
+ le64_to_cpu(hdr->MessageId));
+
+ return 1;
+ }
+
+ return work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU ?
+ smb2_validate_credit_charge(hdr) : 0;
+}
+
+int smb2_negotiate_request(struct ksmbd_work *work)
+{
+ return ksmbd_smb_negotiate_common(work, SMB2_NEGOTIATE_HE);
+}
diff --git a/fs/cifsd/smb2ops.c b/fs/cifsd/smb2ops.c
new file mode 100644
index 000000000000..a47219ea3b80
--- /dev/null
+++ b/fs/cifsd/smb2ops.c
@@ -0,0 +1,300 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/slab.h>
+#include "glob.h"
+#include "smb2pdu.h"
+
+#include "auth.h"
+#include "connection.h"
+#include "smb_common.h"
+#include "server.h"
+#include "ksmbd_server.h"
+
+static struct smb_version_values smb21_server_values = {
+ .version_string = SMB21_VERSION_STRING,
+ .protocol_id = SMB21_PROT_ID,
+ .capabilities = SMB2_GLOBAL_CAP_LARGE_MTU,
+ .max_read_size = SMB21_DEFAULT_IOSIZE,
+ .max_write_size = SMB21_DEFAULT_IOSIZE,
+ .max_trans_size = SMB21_DEFAULT_IOSIZE,
+ .large_lock_type = 0,
+ .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
+ .shared_lock_type = SMB2_LOCKFLAG_SHARED,
+ .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
+ .header_size = sizeof(struct smb2_hdr),
+ .max_header_size = MAX_SMB2_HDR_SIZE,
+ .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
+ .lock_cmd = SMB2_LOCK,
+ .cap_unix = 0,
+ .cap_nt_find = SMB2_NT_FIND,
+ .cap_large_files = SMB2_LARGE_FILES,
+ .create_lease_size = sizeof(struct create_lease),
+ .create_durable_size = sizeof(struct create_durable_rsp),
+ .create_mxac_size = sizeof(struct create_mxac_rsp),
+ .create_disk_id_size = sizeof(struct create_disk_id_rsp),
+ .create_posix_size = sizeof(struct create_posix_rsp),
+};
+
+static struct smb_version_values smb30_server_values = {
+ .version_string = SMB30_VERSION_STRING,
+ .protocol_id = SMB30_PROT_ID,
+ .capabilities = SMB2_GLOBAL_CAP_LARGE_MTU,
+ .max_read_size = SMB3_DEFAULT_IOSIZE,
+ .max_write_size = SMB3_DEFAULT_IOSIZE,
+ .max_trans_size = SMB3_DEFAULT_TRANS_SIZE,
+ .large_lock_type = 0,
+ .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
+ .shared_lock_type = SMB2_LOCKFLAG_SHARED,
+ .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
+ .header_size = sizeof(struct smb2_hdr),
+ .max_header_size = MAX_SMB2_HDR_SIZE,
+ .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
+ .lock_cmd = SMB2_LOCK,
+ .cap_unix = 0,
+ .cap_nt_find = SMB2_NT_FIND,
+ .cap_large_files = SMB2_LARGE_FILES,
+ .create_lease_size = sizeof(struct create_lease),
+ .create_durable_size = sizeof(struct create_durable_rsp),
+ .create_durable_v2_size = sizeof(struct create_durable_v2_rsp),
+ .create_mxac_size = sizeof(struct create_mxac_rsp),
+ .create_disk_id_size = sizeof(struct create_disk_id_rsp),
+ .create_posix_size = sizeof(struct create_posix_rsp),
+};
+
+static struct smb_version_values smb302_server_values = {
+ .version_string = SMB302_VERSION_STRING,
+ .protocol_id = SMB302_PROT_ID,
+ .capabilities = SMB2_GLOBAL_CAP_LARGE_MTU,
+ .max_read_size = SMB3_DEFAULT_IOSIZE,
+ .max_write_size = SMB3_DEFAULT_IOSIZE,
+ .max_trans_size = SMB3_DEFAULT_TRANS_SIZE,
+ .large_lock_type = 0,
+ .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
+ .shared_lock_type = SMB2_LOCKFLAG_SHARED,
+ .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
+ .header_size = sizeof(struct smb2_hdr),
+ .max_header_size = MAX_SMB2_HDR_SIZE,
+ .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
+ .lock_cmd = SMB2_LOCK,
+ .cap_unix = 0,
+ .cap_nt_find = SMB2_NT_FIND,
+ .cap_large_files = SMB2_LARGE_FILES,
+ .create_lease_size = sizeof(struct create_lease),
+ .create_durable_size = sizeof(struct create_durable_rsp),
+ .create_durable_v2_size = sizeof(struct create_durable_v2_rsp),
+ .create_mxac_size = sizeof(struct create_mxac_rsp),
+ .create_disk_id_size = sizeof(struct create_disk_id_rsp),
+ .create_posix_size = sizeof(struct create_posix_rsp),
+};
+
+static struct smb_version_values smb311_server_values = {
+ .version_string = SMB311_VERSION_STRING,
+ .protocol_id = SMB311_PROT_ID,
+ .capabilities = SMB2_GLOBAL_CAP_LARGE_MTU,
+ .max_read_size = SMB3_DEFAULT_IOSIZE,
+ .max_write_size = SMB3_DEFAULT_IOSIZE,
+ .max_trans_size = SMB3_DEFAULT_TRANS_SIZE,
+ .large_lock_type = 0,
+ .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
+ .shared_lock_type = SMB2_LOCKFLAG_SHARED,
+ .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
+ .header_size = sizeof(struct smb2_hdr),
+ .max_header_size = MAX_SMB2_HDR_SIZE,
+ .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
+ .lock_cmd = SMB2_LOCK,
+ .cap_unix = 0,
+ .cap_nt_find = SMB2_NT_FIND,
+ .cap_large_files = SMB2_LARGE_FILES,
+ .create_lease_size = sizeof(struct create_lease),
+ .create_durable_size = sizeof(struct create_durable_rsp),
+ .create_durable_v2_size = sizeof(struct create_durable_v2_rsp),
+ .create_mxac_size = sizeof(struct create_mxac_rsp),
+ .create_disk_id_size = sizeof(struct create_disk_id_rsp),
+ .create_posix_size = sizeof(struct create_posix_rsp),
+};
+
+static struct smb_version_ops smb2_0_server_ops = {
+ .get_cmd_val = get_smb2_cmd_val,
+ .init_rsp_hdr = init_smb2_rsp_hdr,
+ .set_rsp_status = set_smb2_rsp_status,
+ .allocate_rsp_buf = smb2_allocate_rsp_buf,
+ .set_rsp_credits = smb2_set_rsp_credits,
+ .check_user_session = smb2_check_user_session,
+ .get_ksmbd_tcon = smb2_get_ksmbd_tcon,
+ .is_sign_req = smb2_is_sign_req,
+ .check_sign_req = smb2_check_sign_req,
+ .set_sign_rsp = smb2_set_sign_rsp
+};
+
+static struct smb_version_ops smb3_0_server_ops = {
+ .get_cmd_val = get_smb2_cmd_val,
+ .init_rsp_hdr = init_smb2_rsp_hdr,
+ .set_rsp_status = set_smb2_rsp_status,
+ .allocate_rsp_buf = smb2_allocate_rsp_buf,
+ .set_rsp_credits = smb2_set_rsp_credits,
+ .check_user_session = smb2_check_user_session,
+ .get_ksmbd_tcon = smb2_get_ksmbd_tcon,
+ .is_sign_req = smb2_is_sign_req,
+ .check_sign_req = smb3_check_sign_req,
+ .set_sign_rsp = smb3_set_sign_rsp,
+ .generate_signingkey = ksmbd_gen_smb30_signingkey,
+ .generate_encryptionkey = ksmbd_gen_smb30_encryptionkey,
+ .is_transform_hdr = smb3_is_transform_hdr,
+ .decrypt_req = smb3_decrypt_req,
+ .encrypt_resp = smb3_encrypt_resp
+};
+
+static struct smb_version_ops smb3_11_server_ops = {
+ .get_cmd_val = get_smb2_cmd_val,
+ .init_rsp_hdr = init_smb2_rsp_hdr,
+ .set_rsp_status = set_smb2_rsp_status,
+ .allocate_rsp_buf = smb2_allocate_rsp_buf,
+ .set_rsp_credits = smb2_set_rsp_credits,
+ .check_user_session = smb2_check_user_session,
+ .get_ksmbd_tcon = smb2_get_ksmbd_tcon,
+ .is_sign_req = smb2_is_sign_req,
+ .check_sign_req = smb3_check_sign_req,
+ .set_sign_rsp = smb3_set_sign_rsp,
+ .generate_signingkey = ksmbd_gen_smb311_signingkey,
+ .generate_encryptionkey = ksmbd_gen_smb311_encryptionkey,
+ .is_transform_hdr = smb3_is_transform_hdr,
+ .decrypt_req = smb3_decrypt_req,
+ .encrypt_resp = smb3_encrypt_resp
+};
+
+static struct smb_version_cmds smb2_0_server_cmds[NUMBER_OF_SMB2_COMMANDS] = {
+ [SMB2_NEGOTIATE_HE] = { .proc = smb2_negotiate_request, },
+ [SMB2_SESSION_SETUP_HE] = { .proc = smb2_sess_setup, },
+ [SMB2_TREE_CONNECT_HE] = { .proc = smb2_tree_connect,},
+ [SMB2_TREE_DISCONNECT_HE] = { .proc = smb2_tree_disconnect,},
+ [SMB2_LOGOFF_HE] = { .proc = smb2_session_logoff,},
+ [SMB2_CREATE_HE] = { .proc = smb2_open},
+ [SMB2_QUERY_INFO_HE] = { .proc = smb2_query_info},
+ [SMB2_QUERY_DIRECTORY_HE] = { .proc = smb2_query_dir},
+ [SMB2_CLOSE_HE] = { .proc = smb2_close},
+ [SMB2_ECHO_HE] = { .proc = smb2_echo},
+ [SMB2_SET_INFO_HE] = { .proc = smb2_set_info},
+ [SMB2_READ_HE] = { .proc = smb2_read},
+ [SMB2_WRITE_HE] = { .proc = smb2_write},
+ [SMB2_FLUSH_HE] = { .proc = smb2_flush},
+ [SMB2_CANCEL_HE] = { .proc = smb2_cancel},
+ [SMB2_LOCK_HE] = { .proc = smb2_lock},
+ [SMB2_IOCTL_HE] = { .proc = smb2_ioctl},
+ [SMB2_OPLOCK_BREAK_HE] = { .proc = smb2_oplock_break},
+ [SMB2_CHANGE_NOTIFY_HE] = { .proc = smb2_notify},
+};
+
+int init_smb2_0_server(struct ksmbd_conn *conn)
+{
+ return -EOPNOTSUPP;
+}
+
+/**
+ * init_smb2_1_server() - initialize a smb server connection with smb2.1
+ * command dispatcher
+ * @conn: connection instance
+ */
+void init_smb2_1_server(struct ksmbd_conn *conn)
+{
+ conn->vals = &smb21_server_values;
+ conn->ops = &smb2_0_server_ops;
+ conn->cmds = smb2_0_server_cmds;
+ conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
+ conn->max_credits = SMB2_MAX_CREDITS;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
+}
+
+/**
+ * init_smb3_0_server() - initialize a smb server connection with smb3.0
+ * command dispatcher
+ * @conn: connection instance
+ */
+void init_smb3_0_server(struct ksmbd_conn *conn)
+{
+ conn->vals = &smb30_server_values;
+ conn->ops = &smb3_0_server_ops;
+ conn->cmds = smb2_0_server_cmds;
+ conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
+ conn->max_credits = SMB2_MAX_CREDITS;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION &&
+ conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
+}
+
+/**
+ * init_smb3_02_server() - initialize a smb server connection with smb3.02
+ * command dispatcher
+ * @conn: connection instance
+ */
+void init_smb3_02_server(struct ksmbd_conn *conn)
+{
+ conn->vals = &smb302_server_values;
+ conn->ops = &smb3_0_server_ops;
+ conn->cmds = smb2_0_server_cmds;
+ conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
+ conn->max_credits = SMB2_MAX_CREDITS;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION &&
+ conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
+}
+
+/**
+ * init_smb3_11_server() - initialize a smb server connection with smb3.11
+ * command dispatcher
+ * @conn: connection instance
+ */
+int init_smb3_11_server(struct ksmbd_conn *conn)
+{
+ conn->vals = &smb311_server_values;
+ conn->ops = &smb3_11_server_ops;
+ conn->cmds = smb2_0_server_cmds;
+ conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
+ conn->max_credits = SMB2_MAX_CREDITS;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
+
+ if (conn->cipher_type)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
+
+ INIT_LIST_HEAD(&conn->preauth_sess_table);
+ return 0;
+}
+
+void init_smb2_max_read_size(unsigned int sz)
+{
+ smb21_server_values.max_read_size = sz;
+ smb30_server_values.max_read_size = sz;
+ smb302_server_values.max_read_size = sz;
+ smb311_server_values.max_read_size = sz;
+}
+
+void init_smb2_max_write_size(unsigned int sz)
+{
+ smb21_server_values.max_write_size = sz;
+ smb30_server_values.max_write_size = sz;
+ smb302_server_values.max_write_size = sz;
+ smb311_server_values.max_write_size = sz;
+}
+
+void init_smb2_max_trans_size(unsigned int sz)
+{
+ smb21_server_values.max_trans_size = sz;
+ smb30_server_values.max_trans_size = sz;
+ smb302_server_values.max_trans_size = sz;
+ smb311_server_values.max_trans_size = sz;
+}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
new file mode 100644
index 000000000000..b20cc07ee809
--- /dev/null
+++ b/fs/cifsd/smb2pdu.c
@@ -0,0 +1,8486 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/inetdevice.h>
+#include <net/addrconf.h>
+#include <linux/syscalls.h>
+#include <linux/namei.h>
+#include <linux/statfs.h>
+#include <linux/ethtool.h>
+
+#include "glob.h"
+#include "smb2pdu.h"
+#include "smbfsctl.h"
+#include "oplock.h"
+#include "smbacl.h"
+
+#include "auth.h"
+#include "asn1.h"
+#include "buffer_pool.h"
+#include "connection.h"
+#include "transport_ipc.h"
+#include "vfs.h"
+#include "vfs_cache.h"
+#include "misc.h"
+
+#include "time_wrappers.h"
+#include "server.h"
+#include "smb_common.h"
+#include "smbstatus.h"
+#include "ksmbd_work.h"
+#include "mgmt/user_config.h"
+#include "mgmt/share_config.h"
+#include "mgmt/tree_connect.h"
+#include "mgmt/user_session.h"
+#include "mgmt/ksmbd_ida.h"
+#include "ndr.h"
+
+static void __wbuf(struct ksmbd_work *work, void **req, void **rsp)
+{
+ if (work->next_smb2_rcv_hdr_off) {
+ *req = REQUEST_BUF_NEXT(work);
+ *rsp = RESPONSE_BUF_NEXT(work);
+ } else {
+ *req = REQUEST_BUF(work);
+ *rsp = RESPONSE_BUF(work);
+ }
+}
+
+#define WORK_BUFFERS(w, rq, rs) __wbuf((w), (void **)&(rq), (void **)&(rs))
+
+/**
+ * check_session_id() - check for valid session id in smb header
+ * @conn: connection instance
+ * @id: session id from smb header
+ *
+ * Return: 1 if valid session id, otherwise 0
+ */
+static inline int check_session_id(struct ksmbd_conn *conn, uint64_t id)
+{
+ struct ksmbd_session *sess;
+
+ if (id == 0 || id == -1)
+ return 0;
+
+ sess = ksmbd_session_lookup(conn, id);
+ if (sess)
+ return 1;
+ ksmbd_err("Invalid user session id: %llu\n", id);
+ return 0;
+}
+
+struct channel *lookup_chann_list(struct ksmbd_session *sess)
+{
+ struct channel *chann;
+ struct list_head *t;
+
+ list_for_each(t, &sess->ksmbd_chann_list) {
+ chann = list_entry(t, struct channel, chann_list);
+ if (chann && chann->conn == sess->conn)
+ return chann;
+ }
+
+ return NULL;
+}
+
+/**
+ * smb2_get_ksmbd_tcon() - get tree connection information for a tree id
+ * @sess: session containing tree list
+ * @tid: match tree connection with tree id
+ *
+ * Return: matching tree connection on success, otherwise error
+ */
+int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
+{
+ struct smb2_hdr *req_hdr = REQUEST_BUF(work);
+ int tree_id;
+
+ work->tcon = NULL;
+ if ((work->conn->ops->get_cmd_val(work) == SMB2_TREE_CONNECT_HE) ||
+ (work->conn->ops->get_cmd_val(work) == SMB2_CANCEL_HE) ||
+ (work->conn->ops->get_cmd_val(work) == SMB2_LOGOFF_HE)) {
+ ksmbd_debug(SMB, "skip to check tree connect request\n");
+ return 0;
+ }
+
+ if (list_empty(&work->sess->tree_conn_list)) {
+ ksmbd_debug(SMB, "NO tree connected\n");
+ return -1;
+ }
+
+ tree_id = le32_to_cpu(req_hdr->Id.SyncId.TreeId);
+ work->tcon = ksmbd_tree_conn_lookup(work->sess, tree_id);
+ if (!work->tcon) {
+ ksmbd_err("Invalid tid %d\n", tree_id);
+ return -1;
+ }
+
+ return 1;
+}
+
+/**
+ * smb2_set_err_rsp() - set error response code on smb response
+ * @work: smb work containing response buffer
+ */
+void smb2_set_err_rsp(struct ksmbd_work *work)
+{
+ struct smb2_err_rsp *err_rsp;
+
+ if (work->next_smb2_rcv_hdr_off)
+ err_rsp = RESPONSE_BUF_NEXT(work);
+ else
+ err_rsp = RESPONSE_BUF(work);
+
+ if (err_rsp->hdr.Status != STATUS_STOPPED_ON_SYMLINK) {
+ err_rsp->StructureSize = SMB2_ERROR_STRUCTURE_SIZE2_LE;
+ err_rsp->ErrorContextCount = 0;
+ err_rsp->Reserved = 0;
+ err_rsp->ByteCount = 0;
+ err_rsp->ErrorData[0] = 0;
+ inc_rfc1001_len(RESPONSE_BUF(work), SMB2_ERROR_STRUCTURE_SIZE2);
+ }
+}
+
+/**
+ * is_smb2_neg_cmd() - is it smb2 negotiation command
+ * @work: smb work containing smb header
+ *
+ * Return: 1 if smb2 negotiation command, otherwise 0
+ */
+int is_smb2_neg_cmd(struct ksmbd_work *work)
+{
+ struct smb2_hdr *hdr = REQUEST_BUF(work);
+
+ /* is it SMB2 header ? */
+ if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
+ return 0;
+
+ /* make sure it is request not response message */
+ if (hdr->Flags & SMB2_FLAGS_SERVER_TO_REDIR)
+ return 0;
+
+ if (hdr->Command != SMB2_NEGOTIATE)
+ return 0;
+
+ return 1;
+}
+
+/**
+ * is_smb2_rsp() - is it smb2 response
+ * @work: smb work containing smb response buffer
+ *
+ * Return: 1 if smb2 response, otherwise 0
+ */
+int is_smb2_rsp(struct ksmbd_work *work)
+{
+ struct smb2_hdr *hdr = RESPONSE_BUF(work);
+
+ /* is it SMB2 header ? */
+ if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
+ return 0;
+
+ /* make sure it is response not request message */
+ if (!(hdr->Flags & SMB2_FLAGS_SERVER_TO_REDIR))
+ return 0;
+
+ return 1;
+}
+
+/**
+ * get_smb2_cmd_val() - get smb command code from smb header
+ * @work: smb work containing smb request buffer
+ *
+ * Return: smb2 request command value
+ */
+uint16_t get_smb2_cmd_val(struct ksmbd_work *work)
+{
+ struct smb2_hdr *rcv_hdr;
+
+ if (work->next_smb2_rcv_hdr_off)
+ rcv_hdr = REQUEST_BUF_NEXT(work);
+ else
+ rcv_hdr = REQUEST_BUF(work);
+ return le16_to_cpu(rcv_hdr->Command);
+}
+
+/**
+ * set_smb2_rsp_status() - set error response code on smb2 header
+ * @work: smb work containing response buffer
+ */
+void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err)
+{
+ struct smb2_hdr *rsp_hdr;
+
+ if (work->next_smb2_rcv_hdr_off)
+ rsp_hdr = RESPONSE_BUF_NEXT(work);
+ else
+ rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr->Status = err;
+ smb2_set_err_rsp(work);
+}
+
+/**
+ * init_smb2_neg_rsp() - initialize smb2 response for negotiate command
+ * @work: smb work containing smb request buffer
+ *
+ * smb2 negotiate response is sent in reply of smb1 negotiate command for
+ * dialect auto-negotiation.
+ */
+int init_smb2_neg_rsp(struct ksmbd_work *work)
+{
+ struct smb2_hdr *rsp_hdr;
+ struct smb2_negotiate_rsp *rsp;
+ struct ksmbd_conn *conn = work->conn;
+
+ if (conn->need_neg == false)
+ return -EINVAL;
+ if (!(conn->dialect >= SMB20_PROT_ID &&
+ conn->dialect <= SMB311_PROT_ID))
+ return -EINVAL;
+
+ rsp_hdr = RESPONSE_BUF(work);
+
+ memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
+
+ rsp_hdr->smb2_buf_length =
+ cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+
+ rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
+ rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
+ rsp_hdr->CreditRequest = cpu_to_le16(2);
+ rsp_hdr->Command = SMB2_NEGOTIATE;
+ rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
+ rsp_hdr->NextCommand = 0;
+ rsp_hdr->MessageId = 0;
+ rsp_hdr->Id.SyncId.ProcessId = 0;
+ rsp_hdr->Id.SyncId.TreeId = 0;
+ rsp_hdr->SessionId = 0;
+ memset(rsp_hdr->Signature, 0, 16);
+
+ rsp = RESPONSE_BUF(work);
+
+ WARN_ON(ksmbd_conn_good(work));
+
+ rsp->StructureSize = cpu_to_le16(65);
+ ksmbd_debug(SMB, "conn->dialect 0x%x\n", conn->dialect);
+ rsp->DialectRevision = cpu_to_le16(conn->dialect);
+ /* Not setting conn guid rsp->ServerGUID, as it
+ * not used by client for identifying connection
+ */
+ rsp->Capabilities = cpu_to_le32(conn->vals->capabilities);
+ /* Default Max Message Size till SMB2.0, 64K*/
+ rsp->MaxTransactSize = cpu_to_le32(conn->vals->max_trans_size);
+ rsp->MaxReadSize = cpu_to_le32(conn->vals->max_read_size);
+ rsp->MaxWriteSize = cpu_to_le32(conn->vals->max_write_size);
+
+ rsp->SystemTime = cpu_to_le64(ksmbd_systime());
+ rsp->ServerStartTime = 0;
+
+ rsp->SecurityBufferOffset = cpu_to_le16(128);
+ rsp->SecurityBufferLength = cpu_to_le16(AUTH_GSS_LENGTH);
+ ksmbd_copy_gss_neg_header(((char *)(&rsp->hdr) +
+ sizeof(rsp->hdr.smb2_buf_length)) +
+ le16_to_cpu(rsp->SecurityBufferOffset));
+ inc_rfc1001_len(rsp, sizeof(struct smb2_negotiate_rsp) -
+ sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) +
+ AUTH_GSS_LENGTH);
+ rsp->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED_LE;
+ if (server_conf.signing == KSMBD_CONFIG_OPT_MANDATORY)
+ rsp->SecurityMode |= SMB2_NEGOTIATE_SIGNING_REQUIRED_LE;
+ conn->use_spnego = true;
+
+ ksmbd_conn_set_need_negotiate(work);
+ return 0;
+}
+
+static int smb2_consume_credit_charge(struct ksmbd_work *work,
+ unsigned short credit_charge)
+{
+ struct ksmbd_conn *conn = work->conn;
+ unsigned int rsp_credits = 1;
+
+ if (!conn->total_credits)
+ return 0;
+
+ if (credit_charge > 0)
+ rsp_credits = credit_charge;
+
+ conn->total_credits -= rsp_credits;
+ return rsp_credits;
+}
+
+/**
+ * smb2_set_rsp_credits() - set number of credits in response buffer
+ * @work: smb work containing smb response buffer
+ */
+int smb2_set_rsp_credits(struct ksmbd_work *work)
+{
+ struct smb2_hdr *req_hdr = REQUEST_BUF_NEXT(work);
+ struct smb2_hdr *hdr = RESPONSE_BUF_NEXT(work);
+ struct ksmbd_conn *conn = work->conn;
+ unsigned short credits_requested = le16_to_cpu(req_hdr->CreditRequest);
+ unsigned short credit_charge = 1, credits_granted = 0;
+ unsigned short aux_max, aux_credits, min_credits;
+ int rsp_credit_charge;
+
+ if (hdr->Command == SMB2_CANCEL)
+ goto out;
+
+ /* get default minimum credits by shifting maximum credits by 4 */
+ min_credits = conn->max_credits >> 4;
+
+ if (conn->total_credits >= conn->max_credits) {
+ ksmbd_err("Total credits overflow: %d\n", conn->total_credits);
+ conn->total_credits = min_credits;
+ }
+
+ rsp_credit_charge = smb2_consume_credit_charge(work,
+ le16_to_cpu(req_hdr->CreditCharge));
+ if (rsp_credit_charge < 0)
+ return -EINVAL;
+
+ hdr->CreditCharge = cpu_to_le16(rsp_credit_charge);
+
+ if (credits_requested > 0) {
+ aux_credits = credits_requested - 1;
+ aux_max = 32;
+ if (hdr->Command == SMB2_NEGOTIATE)
+ aux_max = 0;
+ aux_credits = (aux_credits < aux_max) ? aux_credits : aux_max;
+ credits_granted = aux_credits + credit_charge;
+
+ /* if credits granted per client is getting bigger than default
+ * minimum credits then we should wrap it up within the limits.
+ */
+ if ((conn->total_credits + credits_granted) > min_credits)
+ credits_granted = min_credits - conn->total_credits;
+ /*
+ * TODO: Need to adjuct CreditRequest value according to
+ * current cpu load
+ */
+ } else if (conn->total_credits == 0) {
+ credits_granted = 1;
+ }
+
+ conn->total_credits += credits_granted;
+ work->credits_granted += credits_granted;
+
+ if (!req_hdr->NextCommand) {
+ /* Update CreditRequest in last request */
+ hdr->CreditRequest = cpu_to_le16(work->credits_granted);
+ }
+out:
+ ksmbd_debug(SMB,
+ "credits: requested[%d] granted[%d] total_granted[%d]\n",
+ credits_requested, credits_granted,
+ conn->total_credits);
+ return 0;
+}
+
+/**
+ * init_chained_smb2_rsp() - initialize smb2 chained response
+ * @work: smb work containing smb response buffer
+ */
+static void init_chained_smb2_rsp(struct ksmbd_work *work)
+{
+ struct smb2_hdr *req = REQUEST_BUF_NEXT(work);
+ struct smb2_hdr *rsp = RESPONSE_BUF_NEXT(work);
+ struct smb2_hdr *rsp_hdr;
+ struct smb2_hdr *rcv_hdr;
+ int next_hdr_offset = 0;
+ int len, new_len;
+
+ /* Len of this response = updated RFC len - offset of previous cmd
+ * in the compound rsp
+ */
+
+ /* Storing the current local FID which may be needed by subsequent
+ * command in the compound request
+ */
+ if (req->Command == SMB2_CREATE && rsp->Status == STATUS_SUCCESS) {
+ work->compound_fid =
+ le64_to_cpu(((struct smb2_create_rsp *)rsp)->
+ VolatileFileId);
+ work->compound_pfid =
+ le64_to_cpu(((struct smb2_create_rsp *)rsp)->
+ PersistentFileId);
+ work->compound_sid = le64_to_cpu(rsp->SessionId);
+ }
+
+ len = get_rfc1002_len(RESPONSE_BUF(work)) - work->next_smb2_rsp_hdr_off;
+ next_hdr_offset = le32_to_cpu(req->NextCommand);
+
+ new_len = ALIGN(len, 8);
+ inc_rfc1001_len(RESPONSE_BUF(work), ((sizeof(struct smb2_hdr) - 4)
+ + new_len - len));
+ rsp->NextCommand = cpu_to_le32(new_len);
+
+ work->next_smb2_rcv_hdr_off += next_hdr_offset;
+ work->next_smb2_rsp_hdr_off += new_len;
+ ksmbd_debug(SMB,
+ "Compound req new_len = %d rcv off = %d rsp off = %d\n",
+ new_len, work->next_smb2_rcv_hdr_off,
+ work->next_smb2_rsp_hdr_off);
+
+ rsp_hdr = RESPONSE_BUF_NEXT(work);
+ rcv_hdr = REQUEST_BUF_NEXT(work);
+
+ if (!(rcv_hdr->Flags & SMB2_FLAGS_RELATED_OPERATIONS)) {
+ ksmbd_debug(SMB, "related flag should be set\n");
+ work->compound_fid = KSMBD_NO_FID;
+ work->compound_pfid = KSMBD_NO_FID;
+ }
+ memset((char *)rsp_hdr + 4, 0, sizeof(struct smb2_hdr) + 2);
+ rsp_hdr->ProtocolId = rcv_hdr->ProtocolId;
+ rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
+ rsp_hdr->Command = rcv_hdr->Command;
+
+ /*
+ * Message is response. We don't grant oplock yet.
+ */
+ rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR |
+ SMB2_FLAGS_RELATED_OPERATIONS);
+ rsp_hdr->NextCommand = 0;
+ rsp_hdr->MessageId = rcv_hdr->MessageId;
+ rsp_hdr->Id.SyncId.ProcessId = rcv_hdr->Id.SyncId.ProcessId;
+ rsp_hdr->Id.SyncId.TreeId = rcv_hdr->Id.SyncId.TreeId;
+ rsp_hdr->SessionId = rcv_hdr->SessionId;
+ memcpy(rsp_hdr->Signature, rcv_hdr->Signature, 16);
+}
+
+/**
+ * is_chained_smb2_message() - check for chained command
+ * @work: smb work containing smb request buffer
+ *
+ * Return: true if chained request, otherwise false
+ */
+bool is_chained_smb2_message(struct ksmbd_work *work)
+{
+ struct smb2_hdr *hdr = REQUEST_BUF(work);
+ unsigned int len;
+
+ if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
+ return false;
+
+ hdr = REQUEST_BUF_NEXT(work);
+ if (le32_to_cpu(hdr->NextCommand) > 0) {
+ ksmbd_debug(SMB, "got SMB2 chained command\n");
+ init_chained_smb2_rsp(work);
+ return true;
+ } else if (work->next_smb2_rcv_hdr_off) {
+ /*
+ * This is last request in chained command,
+ * align response to 8 byte
+ */
+ len = ALIGN(get_rfc1002_len(RESPONSE_BUF(work)), 8);
+ len = len - get_rfc1002_len(RESPONSE_BUF(work));
+ if (len) {
+ ksmbd_debug(SMB, "padding len %u\n", len);
+ inc_rfc1001_len(RESPONSE_BUF(work), len);
+ if (HAS_AUX_PAYLOAD(work))
+ work->aux_payload_sz += len;
+ }
+ }
+ return false;
+}
+
+/**
+ * init_smb2_rsp_hdr() - initialize smb2 response
+ * @work: smb work containing smb request buffer
+ *
+ * Return: 0
+ */
+int init_smb2_rsp_hdr(struct ksmbd_work *work)
+{
+ struct smb2_hdr *rsp_hdr = RESPONSE_BUF(work);
+ struct smb2_hdr *rcv_hdr = REQUEST_BUF(work);
+ struct ksmbd_conn *conn = work->conn;
+
+ memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
+ rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+ rsp_hdr->ProtocolId = rcv_hdr->ProtocolId;
+ rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
+ rsp_hdr->Command = rcv_hdr->Command;
+
+ /*
+ * Message is response. We don't grant oplock yet.
+ */
+ rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
+ rsp_hdr->NextCommand = 0;
+ rsp_hdr->MessageId = rcv_hdr->MessageId;
+ rsp_hdr->Id.SyncId.ProcessId = rcv_hdr->Id.SyncId.ProcessId;
+ rsp_hdr->Id.SyncId.TreeId = rcv_hdr->Id.SyncId.TreeId;
+ rsp_hdr->SessionId = rcv_hdr->SessionId;
+ memcpy(rsp_hdr->Signature, rcv_hdr->Signature, 16);
+
+ work->syncronous = true;
+ if (work->async_id) {
+ ksmbd_release_id(conn->async_ida, work->async_id);
+ work->async_id = 0;
+ }
+
+ return 0;
+}
+
+/**
+ * smb2_allocate_rsp_buf() - allocate smb2 response buffer
+ * @work: smb work containing smb request buffer
+ *
+ * Return: 0 on success, otherwise -ENOMEM
+ */
+int smb2_allocate_rsp_buf(struct ksmbd_work *work)
+{
+ struct smb2_hdr *hdr = REQUEST_BUF(work);
+ size_t small_sz = MAX_CIFS_SMALL_BUFFER_SIZE;
+ size_t large_sz = work->conn->vals->max_trans_size + MAX_SMB2_HDR_SIZE;
+ size_t sz = small_sz;
+ int cmd = le16_to_cpu(hdr->Command);
+
+ if (cmd == SMB2_IOCTL_HE || cmd == SMB2_QUERY_DIRECTORY_HE) {
+ sz = large_sz;
+ work->set_trans_buf = true;
+ }
+
+ if (cmd == SMB2_QUERY_INFO_HE) {
+ struct smb2_query_info_req *req;
+
+ req = REQUEST_BUF(work);
+ if (req->InfoType == SMB2_O_INFO_FILE &&
+ (req->FileInfoClass == FILE_FULL_EA_INFORMATION ||
+ req->FileInfoClass == FILE_ALL_INFORMATION)) {
+ sz = large_sz;
+ work->set_trans_buf = true;
+ }
+ }
+
+ /* allocate large response buf for chained commands */
+ if (le32_to_cpu(hdr->NextCommand) > 0)
+ sz = large_sz;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_TBUF &&
+ work->set_trans_buf)
+ work->response_buf = ksmbd_find_buffer(sz);
+ else
+ work->response_buf = ksmbd_alloc_response(sz);
+
+ if (!RESPONSE_BUF(work)) {
+ ksmbd_err("Failed to allocate %zu bytes buffer\n", sz);
+ return -ENOMEM;
+ }
+
+ work->response_sz = sz;
+ return 0;
+}
+
+/**
+ * smb2_check_user_session() - check for valid session for a user
+ * @work: smb work containing smb request buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_check_user_session(struct ksmbd_work *work)
+{
+ struct smb2_hdr *req_hdr = REQUEST_BUF(work);
+ struct ksmbd_conn *conn = work->conn;
+ unsigned int cmd = conn->ops->get_cmd_val(work);
+ unsigned long long sess_id;
+
+ work->sess = NULL;
+ /*
+ * SMB2_ECHO, SMB2_NEGOTIATE, SMB2_SESSION_SETUP command do not
+ * require a session id, so no need to validate user session's for
+ * these commands.
+ */
+ if (cmd == SMB2_ECHO_HE || cmd == SMB2_NEGOTIATE_HE ||
+ cmd == SMB2_SESSION_SETUP_HE)
+ return 0;
+
+ if (!ksmbd_conn_good(work))
+ return -EINVAL;
+
+ sess_id = le64_to_cpu(req_hdr->SessionId);
+ /* Check for validity of user session */
+ work->sess = ksmbd_session_lookup(conn, sess_id);
+ if (work->sess)
+ return 1;
+ ksmbd_debug(SMB, "Invalid user session, Uid %llu\n", sess_id);
+ return -EINVAL;
+}
+
+static void destroy_previous_session(struct ksmbd_user *user, uint64_t id)
+{
+ struct ksmbd_session *prev_sess = ksmbd_session_lookup_slowpath(id);
+ struct ksmbd_user *prev_user;
+
+ if (!prev_sess)
+ return;
+
+ prev_user = prev_sess->user;
+
+ if (strcmp(user->name, prev_user->name) ||
+ user->passkey_sz != prev_user->passkey_sz ||
+ memcmp(user->passkey, prev_user->passkey, user->passkey_sz)) {
+ put_session(prev_sess);
+ return;
+ }
+
+ put_session(prev_sess);
+ ksmbd_session_destroy(prev_sess);
+}
+
+/**
+ * smb2_get_name() - get filename string from on the wire smb format
+ * @src: source buffer
+ * @maxlen: maxlen of source string
+ * @work: smb work containing smb request buffer
+ *
+ * Return: matching converted filename on success, otherwise error ptr
+ */
+static char *
+smb2_get_name(struct ksmbd_share_config *share,
+ const char *src,
+ const int maxlen,
+ struct nls_table *local_nls)
+{
+ char *name, *unixname;
+
+ name = smb_strndup_from_utf16(src, maxlen, 1,
+ local_nls);
+ if (IS_ERR(name)) {
+ ksmbd_err("failed to get name %ld\n", PTR_ERR(name));
+ return name;
+ }
+
+ /* change it to absolute unix name */
+ ksmbd_conv_path_to_unix(name);
+ ksmbd_strip_last_slash(name);
+
+ unixname = convert_to_unix_name(share, name);
+ kfree(name);
+ if (!unixname) {
+ ksmbd_err("can not convert absolute name\n");
+ return ERR_PTR(-ENOMEM);
+ }
+
+ ksmbd_debug(SMB, "absolute name = %s\n", unixname);
+ return unixname;
+}
+
+/**
+ * smb2_put_name() - free memory allocated for filename
+ * @name: filename pointer to be freed
+ */
+static void smb2_put_name(void *name)
+{
+ if (!IS_ERR(name))
+ kfree(name);
+}
+
+int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
+{
+ struct smb2_hdr *rsp_hdr;
+ struct ksmbd_conn *conn = work->conn;
+ int id;
+
+ rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr->Flags |= SMB2_FLAGS_ASYNC_COMMAND;
+
+ id = ksmbd_acquire_async_msg_id(conn->async_ida);
+ if (id < 0) {
+ ksmbd_err("Failed to alloc async message id\n");
+ return id;
+ }
+ work->syncronous = false;
+ work->async_id = id;
+ rsp_hdr->Id.AsyncId = cpu_to_le64(id);
+
+ ksmbd_debug(SMB,
+ "Send interim Response to inform async request id : %d\n",
+ work->async_id);
+
+ work->cancel_fn = fn;
+ work->cancel_argv = arg;
+
+ spin_lock(&conn->request_lock);
+ list_add_tail(&work->async_request_entry, &conn->async_requests);
+ spin_unlock(&conn->request_lock);
+
+ return 0;
+}
+
+void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status)
+{
+ struct smb2_hdr *rsp_hdr;
+
+ rsp_hdr = RESPONSE_BUF(work);
+ smb2_set_err_rsp(work);
+ rsp_hdr->Status = status;
+
+ work->multiRsp = 1;
+ ksmbd_conn_write(work);
+ rsp_hdr->Status = 0;
+ work->multiRsp = 0;
+}
+
+static __le32 smb2_get_reparse_tag_special_file(umode_t mode)
+{
+ if (S_ISDIR(mode) || S_ISREG(mode))
+ return 0;
+
+ if (S_ISLNK(mode))
+ return IO_REPARSE_TAG_LX_SYMLINK_LE;
+ else if (S_ISFIFO(mode))
+ return IO_REPARSE_TAG_LX_FIFO_LE;
+ else if (S_ISSOCK(mode))
+ return IO_REPARSE_TAG_AF_UNIX_LE;
+ else if (S_ISCHR(mode))
+ return IO_REPARSE_TAG_LX_CHR_LE;
+ else if (S_ISBLK(mode))
+ return IO_REPARSE_TAG_LX_BLK_LE;
+
+ return 0;
+}
+
+/**
+ * smb2_get_dos_mode() - get file mode in dos format from unix mode
+ * @stat: kstat containing file mode
+ *
+ * Return: converted dos mode
+ */
+static int smb2_get_dos_mode(struct kstat *stat, int attribute)
+{
+ int attr = 0;
+
+ if (S_ISDIR(stat->mode))
+ attr = ATTR_DIRECTORY |
+ (attribute & (ATTR_HIDDEN | ATTR_SYSTEM));
+ else {
+ attr = (attribute & 0x00005137) | ATTR_ARCHIVE;
+ attr &= ~(ATTR_DIRECTORY);
+ if (S_ISREG(stat->mode) && (server_conf.share_fake_fscaps &
+ FILE_SUPPORTS_SPARSE_FILES))
+ attr |= ATTR_SPARSE;
+
+ if (smb2_get_reparse_tag_special_file(stat->mode))
+ attr |= ATTR_REPARSE;
+ }
+
+ return attr;
+}
+
+static void build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt,
+ __le16 hash_id)
+{
+ pneg_ctxt->ContextType = SMB2_PREAUTH_INTEGRITY_CAPABILITIES;
+ pneg_ctxt->DataLength = cpu_to_le16(38);
+ pneg_ctxt->HashAlgorithmCount = cpu_to_le16(1);
+ pneg_ctxt->Reserved = cpu_to_le32(0);
+ pneg_ctxt->SaltLength = cpu_to_le16(SMB311_SALT_SIZE);
+ get_random_bytes(pneg_ctxt->Salt, SMB311_SALT_SIZE);
+ pneg_ctxt->HashAlgorithms = hash_id;
+}
+
+static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt,
+ __le16 cipher_type)
+{
+ pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES;
+ pneg_ctxt->DataLength = cpu_to_le16(4);
+ pneg_ctxt->Reserved = cpu_to_le32(0);
+ pneg_ctxt->CipherCount = cpu_to_le16(1);
+ pneg_ctxt->Ciphers[0] = cipher_type;
+}
+
+static void build_compression_ctxt(struct smb2_compression_ctx *pneg_ctxt,
+ __le16 comp_algo)
+{
+ pneg_ctxt->ContextType = SMB2_COMPRESSION_CAPABILITIES;
+ pneg_ctxt->DataLength =
+ cpu_to_le16(sizeof(struct smb2_compression_ctx)
+ - sizeof(struct smb2_neg_context));
+ pneg_ctxt->Reserved = cpu_to_le32(0);
+ pneg_ctxt->CompressionAlgorithmCount = cpu_to_le16(1);
+ pneg_ctxt->Reserved1 = cpu_to_le32(0);
+ pneg_ctxt->CompressionAlgorithms[0] = comp_algo;
+}
+
+static void
+build_posix_ctxt(struct smb2_posix_neg_context *pneg_ctxt)
+{
+ pneg_ctxt->ContextType = SMB2_POSIX_EXTENSIONS_AVAILABLE;
+ pneg_ctxt->DataLength = cpu_to_le16(POSIX_CTXT_DATA_LEN);
+ /* SMB2_CREATE_TAG_POSIX is "0x93AD25509CB411E7B42383DE968BCD7C" */
+ pneg_ctxt->Name[0] = 0x93;
+ pneg_ctxt->Name[1] = 0xAD;
+ pneg_ctxt->Name[2] = 0x25;
+ pneg_ctxt->Name[3] = 0x50;
+ pneg_ctxt->Name[4] = 0x9C;
+ pneg_ctxt->Name[5] = 0xB4;
+ pneg_ctxt->Name[6] = 0x11;
+ pneg_ctxt->Name[7] = 0xE7;
+ pneg_ctxt->Name[8] = 0xB4;
+ pneg_ctxt->Name[9] = 0x23;
+ pneg_ctxt->Name[10] = 0x83;
+ pneg_ctxt->Name[11] = 0xDE;
+ pneg_ctxt->Name[12] = 0x96;
+ pneg_ctxt->Name[13] = 0x8B;
+ pneg_ctxt->Name[14] = 0xCD;
+ pneg_ctxt->Name[15] = 0x7C;
+}
+
+static void
+assemble_neg_contexts(struct ksmbd_conn *conn,
+ struct smb2_negotiate_rsp *rsp)
+{
+ /* +4 is to account for the RFC1001 len field */
+ char *pneg_ctxt = (char *)rsp +
+ le32_to_cpu(rsp->NegotiateContextOffset) + 4;
+ int neg_ctxt_cnt = 1;
+ int ctxt_size;
+
+ ksmbd_debug(SMB,
+ "assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
+ build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt,
+ conn->preauth_info->Preauth_HashId);
+ rsp->NegotiateContextCount = cpu_to_le16(neg_ctxt_cnt);
+ inc_rfc1001_len(rsp, AUTH_GSS_PADDING);
+ ctxt_size = sizeof(struct smb2_preauth_neg_context);
+ /* Round to 8 byte boundary */
+ pneg_ctxt += round_up(sizeof(struct smb2_preauth_neg_context), 8);
+
+ if (conn->cipher_type) {
+ ctxt_size = round_up(ctxt_size, 8);
+ ksmbd_debug(SMB,
+ "assemble SMB2_ENCRYPTION_CAPABILITIES context\n");
+ build_encrypt_ctxt(
+ (struct smb2_encryption_neg_context *)pneg_ctxt,
+ conn->cipher_type);
+ rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
+ ctxt_size += sizeof(struct smb2_encryption_neg_context);
+ /* Round to 8 byte boundary */
+ pneg_ctxt +=
+ round_up(sizeof(struct smb2_encryption_neg_context),
+ 8);
+ }
+
+ if (conn->compress_algorithm) {
+ ctxt_size = round_up(ctxt_size, 8);
+ ksmbd_debug(SMB,
+ "assemble SMB2_COMPRESSION_CAPABILITIES context\n");
+ /* Temporarily set to SMB3_COMPRESS_NONE */
+ build_compression_ctxt((struct smb2_compression_ctx *)pneg_ctxt,
+ conn->compress_algorithm);
+ rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
+ ctxt_size += sizeof(struct smb2_compression_ctx);
+ /* Round to 8 byte boundary */
+ pneg_ctxt += round_up(sizeof(struct smb2_compression_ctx), 8);
+ }
+
+ if (conn->posix_ext_supported) {
+ ctxt_size = round_up(ctxt_size, 8);
+ ksmbd_debug(SMB,
+ "assemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
+ build_posix_ctxt((struct smb2_posix_neg_context *)pneg_ctxt);
+ rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
+ ctxt_size += sizeof(struct smb2_posix_neg_context);
+ }
+
+ inc_rfc1001_len(rsp, ctxt_size);
+}
+
+static __le32
+decode_preauth_ctxt(struct ksmbd_conn *conn,
+ struct smb2_preauth_neg_context *pneg_ctxt)
+{
+ __le32 err = STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP;
+
+ if (pneg_ctxt->HashAlgorithms ==
+ SMB2_PREAUTH_INTEGRITY_SHA512) {
+ conn->preauth_info->Preauth_HashId =
+ SMB2_PREAUTH_INTEGRITY_SHA512;
+ err = STATUS_SUCCESS;
+ }
+
+ return err;
+}
+
+static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
+ struct smb2_encryption_neg_context *pneg_ctxt)
+{
+ int i;
+ int cph_cnt = le16_to_cpu(pneg_ctxt->CipherCount);
+
+ conn->cipher_type = 0;
+
+ if (!(server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION))
+ goto out;
+
+ for (i = 0; i < cph_cnt; i++) {
+ if (pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_GCM ||
+ pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_CCM) {
+ ksmbd_debug(SMB, "Cipher ID = 0x%x\n",
+ pneg_ctxt->Ciphers[i]);
+ conn->cipher_type = pneg_ctxt->Ciphers[i];
+ break;
+ }
+ }
+
+out:
+ /*
+ * Return encrypt context size in request.
+ * So need to plus extra number of ciphers size.
+ */
+ return sizeof(struct smb2_encryption_neg_context) +
+ ((cph_cnt - 1) * 2);
+}
+
+static int decode_compress_ctxt(struct ksmbd_conn *conn,
+ struct smb2_compression_ctx *pneg_ctxt)
+{
+ int algo_cnt = le16_to_cpu(pneg_ctxt->CompressionAlgorithmCount);
+
+ conn->compress_algorithm = SMB3_COMPRESS_NONE;
+
+ /*
+ * Return compression context size in request.
+ * So need to plus extra number of CompressionAlgorithms size.
+ */
+ return sizeof(struct smb2_encryption_neg_context) +
+ ((algo_cnt - 1) * 2);
+}
+
+static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
+ struct smb2_negotiate_req *req)
+{
+ int i = 0;
+ __le32 status = 0;
+ /* +4 is to account for the RFC1001 len field */
+ char *pneg_ctxt = (char *)req +
+ le32_to_cpu(req->NegotiateContextOffset) + 4;
+ __le16 *ContextType = (__le16 *)pneg_ctxt;
+ int neg_ctxt_cnt = le16_to_cpu(req->NegotiateContextCount);
+ int ctxt_size;
+
+ ksmbd_debug(SMB, "negotiate context count = %d\n", neg_ctxt_cnt);
+ status = STATUS_INVALID_PARAMETER;
+ while (i++ < neg_ctxt_cnt) {
+ if (*ContextType == SMB2_PREAUTH_INTEGRITY_CAPABILITIES) {
+ ksmbd_debug(SMB,
+ "deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
+ if (conn->preauth_info->Preauth_HashId)
+ break;
+
+ status = decode_preauth_ctxt(conn,
+ (struct smb2_preauth_neg_context *)pneg_ctxt);
+ pneg_ctxt += DIV_ROUND_UP(
+ sizeof(struct smb2_preauth_neg_context), 8) * 8;
+ } else if (*ContextType == SMB2_ENCRYPTION_CAPABILITIES) {
+ ksmbd_debug(SMB,
+ "deassemble SMB2_ENCRYPTION_CAPABILITIES context\n");
+ if (conn->cipher_type)
+ break;
+
+ ctxt_size = decode_encrypt_ctxt(conn,
+ (struct smb2_encryption_neg_context *)
+ pneg_ctxt);
+ pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
+ } else if (*ContextType == SMB2_COMPRESSION_CAPABILITIES) {
+ ksmbd_debug(SMB,
+ "deassemble SMB2_COMPRESSION_CAPABILITIES context\n");
+ if (conn->compress_algorithm)
+ break;
+
+ ctxt_size = decode_compress_ctxt(conn,
+ (struct smb2_compression_ctx *)
+ pneg_ctxt);
+ pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
+ } else if (*ContextType == SMB2_NETNAME_NEGOTIATE_CONTEXT_ID) {
+ ksmbd_debug(SMB,
+ "deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context\n");
+ ctxt_size = sizeof(struct smb2_netname_neg_context);
+ ctxt_size += DIV_ROUND_UP(
+ le16_to_cpu(((struct smb2_netname_neg_context *)
+ pneg_ctxt)->DataLength), 8) * 8;
+ pneg_ctxt += ctxt_size;
+ } else if (*ContextType == SMB2_POSIX_EXTENSIONS_AVAILABLE) {
+ ksmbd_debug(SMB,
+ "deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
+ conn->posix_ext_supported = true;
+ pneg_ctxt += DIV_ROUND_UP(
+ sizeof(struct smb2_posix_neg_context), 8) * 8;
+ }
+ ContextType = (__le16 *)pneg_ctxt;
+
+ if (status != STATUS_SUCCESS)
+ break;
+ }
+ return status;
+}
+
+/**
+ * smb2_handle_negotiate() - handler for smb2 negotiate command
+ * @work: smb work containing smb request buffer
+ *
+ * Return: 0
+ */
+int smb2_handle_negotiate(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_negotiate_req *req = REQUEST_BUF(work);
+ struct smb2_negotiate_rsp *rsp = RESPONSE_BUF(work);
+ int rc = 0;
+ __le32 status;
+
+ ksmbd_debug(SMB, "Received negotiate request\n");
+ conn->need_neg = false;
+ if (ksmbd_conn_good(work)) {
+ ksmbd_err("conn->tcp_status is already in CifsGood State\n");
+ work->send_no_response = 1;
+ return rc;
+ }
+
+ if (req->DialectCount == 0) {
+ ksmbd_err("malformed packet\n");
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ rc = -EINVAL;
+ goto err_out;
+ }
+
+ conn->cli_cap = le32_to_cpu(req->Capabilities);
+ switch (conn->dialect) {
+ case SMB311_PROT_ID:
+ conn->preauth_info =
+ kzalloc(sizeof(struct preauth_integrity_info),
+ GFP_KERNEL);
+ if (!conn->preauth_info) {
+ rc = -ENOMEM;
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto err_out;
+ }
+
+ status = deassemble_neg_contexts(conn, req);
+ if (status != STATUS_SUCCESS) {
+ ksmbd_err("deassemble_neg_contexts error(0x%x)\n",
+ status);
+ rsp->hdr.Status = status;
+ rc = -EINVAL;
+ goto err_out;
+ }
+
+ rc = init_smb3_11_server(conn);
+ if (rc < 0) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto err_out;
+ }
+
+ ksmbd_gen_preauth_integrity_hash(conn,
+ REQUEST_BUF(work),
+ conn->preauth_info->Preauth_HashValue);
+ rsp->NegotiateContextOffset =
+ cpu_to_le32(OFFSET_OF_NEG_CONTEXT);
+ assemble_neg_contexts(conn, rsp);
+ break;
+ case SMB302_PROT_ID:
+ init_smb3_02_server(conn);
+ break;
+ case SMB30_PROT_ID:
+ init_smb3_0_server(conn);
+ break;
+ case SMB21_PROT_ID:
+ init_smb2_1_server(conn);
+ break;
+ case SMB20_PROT_ID:
+ rc = init_smb2_0_server(conn);
+ if (rc) {
+ rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ goto err_out;
+ }
+ break;
+ case SMB2X_PROT_ID:
+ case BAD_PROT_ID:
+ default:
+ ksmbd_debug(SMB, "Server dialect :0x%x not supported\n",
+ conn->dialect);
+ rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ rc = -EINVAL;
+ goto err_out;
+ }
+ rsp->Capabilities = cpu_to_le32(conn->vals->capabilities);
+
+ /* For stats */
+ conn->connection_type = conn->dialect;
+
+ rsp->MaxTransactSize = cpu_to_le32(conn->vals->max_trans_size);
+ rsp->MaxReadSize = cpu_to_le32(conn->vals->max_read_size);
+ rsp->MaxWriteSize = cpu_to_le32(conn->vals->max_write_size);
+
+ if (conn->dialect > SMB20_PROT_ID) {
+ memcpy(conn->ClientGUID, req->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE);
+ conn->cli_sec_mode = le16_to_cpu(req->SecurityMode);
+ }
+
+ rsp->StructureSize = cpu_to_le16(65);
+ rsp->DialectRevision = cpu_to_le16(conn->dialect);
+ /* Not setting conn guid rsp->ServerGUID, as it
+ * not used by client for identifying server
+ */
+ memset(rsp->ServerGUID, 0, SMB2_CLIENT_GUID_SIZE);
+
+ rsp->SystemTime = cpu_to_le64(ksmbd_systime());
+ rsp->ServerStartTime = 0;
+ ksmbd_debug(SMB, "negotiate context offset %d, count %d\n",
+ le32_to_cpu(rsp->NegotiateContextOffset),
+ le16_to_cpu(rsp->NegotiateContextCount));
+
+ rsp->SecurityBufferOffset = cpu_to_le16(128);
+ rsp->SecurityBufferLength = cpu_to_le16(AUTH_GSS_LENGTH);
+ ksmbd_copy_gss_neg_header(((char *)(&rsp->hdr) +
+ sizeof(rsp->hdr.smb2_buf_length)) +
+ le16_to_cpu(rsp->SecurityBufferOffset));
+ inc_rfc1001_len(rsp, sizeof(struct smb2_negotiate_rsp) -
+ sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) +
+ AUTH_GSS_LENGTH);
+ rsp->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED_LE;
+ conn->use_spnego = true;
+
+ if ((server_conf.signing == KSMBD_CONFIG_OPT_AUTO ||
+ server_conf.signing == KSMBD_CONFIG_OPT_DISABLED) &&
+ req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED_LE)
+ conn->sign = true;
+ else if (server_conf.signing == KSMBD_CONFIG_OPT_MANDATORY) {
+ server_conf.enforced_signing = true;
+ rsp->SecurityMode |= SMB2_NEGOTIATE_SIGNING_REQUIRED_LE;
+ conn->sign = true;
+ }
+
+ conn->srv_sec_mode = le16_to_cpu(rsp->SecurityMode);
+ ksmbd_conn_set_need_negotiate(work);
+
+err_out:
+ if (rc < 0)
+ smb2_set_err_rsp(work);
+
+ return rc;
+}
+
+static int alloc_preauth_hash(struct ksmbd_session *sess,
+ struct ksmbd_conn *conn)
+{
+ if (sess->Preauth_HashValue)
+ return 0;
+
+ sess->Preauth_HashValue = ksmbd_alloc(PREAUTH_HASHVALUE_SIZE);
+ if (!sess->Preauth_HashValue)
+ return -ENOMEM;
+
+ memcpy(sess->Preauth_HashValue,
+ conn->preauth_info->Preauth_HashValue,
+ PREAUTH_HASHVALUE_SIZE);
+ return 0;
+}
+
+static int generate_preauth_hash(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct ksmbd_session *sess = work->sess;
+
+ if (conn->dialect != SMB311_PROT_ID)
+ return 0;
+
+ if (!sess->Preauth_HashValue) {
+ if (alloc_preauth_hash(sess, conn))
+ return -ENOMEM;
+ }
+
+ ksmbd_gen_preauth_integrity_hash(conn,
+ REQUEST_BUF(work),
+ sess->Preauth_HashValue);
+ return 0;
+}
+
+static int decode_negotiation_token(struct ksmbd_work *work,
+ struct negotiate_message *negblob)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_sess_setup_req *req;
+ int sz;
+
+ if (!conn->use_spnego)
+ return -EINVAL;
+
+ req = REQUEST_BUF(work);
+ sz = le16_to_cpu(req->SecurityBufferLength);
+
+ if (!ksmbd_decode_negTokenInit((char *)negblob, sz, conn)) {
+ if (!ksmbd_decode_negTokenTarg((char *)negblob, sz, conn)) {
+ conn->auth_mechs |= KSMBD_AUTH_NTLMSSP;
+ conn->preferred_auth_mech = KSMBD_AUTH_NTLMSSP;
+ conn->use_spnego = false;
+ }
+ }
+ return 0;
+}
+
+static int ntlm_negotiate(struct ksmbd_work *work,
+ struct negotiate_message *negblob)
+{
+ struct smb2_sess_setup_req *req = REQUEST_BUF(work);
+ struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct challenge_message *chgblob;
+ unsigned char *spnego_blob = NULL;
+ u16 spnego_blob_len;
+ char *neg_blob;
+ int sz, rc;
+
+ ksmbd_debug(SMB, "negotiate phase\n");
+ sz = le16_to_cpu(req->SecurityBufferLength);
+ rc = ksmbd_decode_ntlmssp_neg_blob(negblob, sz, work->sess);
+ if (rc)
+ return rc;
+
+ sz = le16_to_cpu(rsp->SecurityBufferOffset);
+ chgblob =
+ (struct challenge_message *)((char *)&rsp->hdr.ProtocolId + sz);
+ memset(chgblob, 0, sizeof(struct challenge_message));
+
+ if (!work->conn->use_spnego) {
+ sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->sess);
+ if (sz < 0)
+ return -ENOMEM;
+
+ rsp->SecurityBufferLength = cpu_to_le16(sz);
+ return 0;
+ }
+
+ sz = sizeof(struct challenge_message);
+ sz += (strlen(ksmbd_netbios_name()) * 2 + 1 + 4) * 6;
+
+ neg_blob = kzalloc(sz, GFP_KERNEL);
+ if (!neg_blob)
+ return -ENOMEM;
+
+ chgblob = (struct challenge_message *)neg_blob;
+ sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->sess);
+ if (sz < 0) {
+ rc = -ENOMEM;
+ goto out;
+ }
+
+ rc = build_spnego_ntlmssp_neg_blob(&spnego_blob,
+ &spnego_blob_len,
+ neg_blob,
+ sz);
+ if (rc) {
+ rc = -ENOMEM;
+ goto out;
+ }
+
+ sz = le16_to_cpu(rsp->SecurityBufferOffset);
+ memcpy((char *)&rsp->hdr.ProtocolId + sz, spnego_blob, spnego_blob_len);
+ rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len);
+
+out:
+ kfree(spnego_blob);
+ kfree(neg_blob);
+ return rc;
+}
+
+static struct authenticate_message *user_authblob(struct ksmbd_conn *conn,
+ struct smb2_sess_setup_req *req)
+{
+ int sz;
+
+ if (conn->use_spnego && conn->mechToken)
+ return (struct authenticate_message *)conn->mechToken;
+
+ sz = le16_to_cpu(req->SecurityBufferOffset);
+ return (struct authenticate_message *)((char *)&req->hdr.ProtocolId
+ + sz);
+}
+
+static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
+ struct smb2_sess_setup_req *req)
+{
+ struct authenticate_message *authblob;
+ struct ksmbd_user *user;
+ char *name;
+ int sz;
+
+ authblob = user_authblob(conn, req);
+ sz = le32_to_cpu(authblob->UserName.BufferOffset);
+ name = smb_strndup_from_utf16((const char *)authblob + sz,
+ le16_to_cpu(authblob->UserName.Length),
+ true,
+ conn->local_nls);
+ if (IS_ERR(name)) {
+ ksmbd_err("cannot allocate memory\n");
+ return NULL;
+ }
+
+ ksmbd_debug(SMB, "session setup request for user %s\n", name);
+ user = ksmbd_login_user(name);
+ kfree(name);
+ return user;
+}
+
+static int ntlm_authenticate(struct ksmbd_work *work)
+{
+ struct smb2_sess_setup_req *req = REQUEST_BUF(work);
+ struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct ksmbd_conn *conn = work->conn;
+ struct ksmbd_session *sess = work->sess;
+ struct channel *chann = NULL;
+ struct ksmbd_user *user;
+ uint64_t prev_id;
+ int sz, rc;
+
+ ksmbd_debug(SMB, "authenticate phase\n");
+ if (conn->use_spnego) {
+ unsigned char *spnego_blob;
+ u16 spnego_blob_len;
+
+ rc = build_spnego_ntlmssp_auth_blob(&spnego_blob,
+ &spnego_blob_len,
+ 0);
+ if (rc)
+ return -ENOMEM;
+
+ sz = le16_to_cpu(rsp->SecurityBufferOffset);
+ memcpy((char *)&rsp->hdr.ProtocolId + sz,
+ spnego_blob,
+ spnego_blob_len);
+ rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len);
+ kfree(spnego_blob);
+ inc_rfc1001_len(rsp, spnego_blob_len - 1);
+ }
+
+ user = session_user(conn, req);
+ if (!user) {
+ ksmbd_debug(SMB, "Unknown user name or an error\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return -EINVAL;
+ }
+
+ /* Check for previous session */
+ prev_id = le64_to_cpu(req->PreviousSessionId);
+ if (prev_id && prev_id != sess->id)
+ destroy_previous_session(user, prev_id);
+
+ if (sess->state == SMB2_SESSION_VALID) {
+ /*
+ * Reuse session if anonymous try to connect
+ * on reauthetication.
+ */
+ if (ksmbd_anonymous_user(user)) {
+ ksmbd_free_user(user);
+ return 0;
+ }
+ ksmbd_free_user(sess->user);
+ }
+
+ sess->user = user;
+ if (user_guest(sess->user)) {
+ if (conn->sign) {
+ ksmbd_debug(SMB,
+ "Guest login not allowed when signing enabled\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return -EACCES;
+ }
+
+ rsp->SessionFlags = SMB2_SESSION_FLAG_IS_GUEST_LE;
+ } else {
+ struct authenticate_message *authblob;
+
+ authblob = user_authblob(conn, req);
+ sz = le16_to_cpu(req->SecurityBufferLength);
+ rc = ksmbd_decode_ntlmssp_auth_blob(authblob, sz, sess);
+ if (rc) {
+ set_user_flag(sess->user, KSMBD_USER_FLAG_BAD_PASSWORD);
+ ksmbd_debug(SMB, "authentication failed\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return -EINVAL;
+ }
+
+ /*
+ * If session state is SMB2_SESSION_VALID, We can assume
+ * that it is reauthentication. And the user/password
+ * has been verified, so return it here.
+ */
+ if (sess->state == SMB2_SESSION_VALID)
+ return 0;
+
+ if ((conn->sign || server_conf.enforced_signing) ||
+ (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
+ sess->sign = true;
+
+ if (conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION &&
+ conn->ops->generate_encryptionkey) {
+ rc = conn->ops->generate_encryptionkey(sess);
+ if (rc) {
+ ksmbd_debug(SMB,
+ "SMB3 encryption key generation failed\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return rc;
+ }
+ sess->enc = true;
+ rsp->SessionFlags = SMB2_SESSION_FLAG_ENCRYPT_DATA_LE;
+ /*
+ * signing is disable if encryption is enable
+ * on this session
+ */
+ sess->sign = false;
+ }
+ }
+
+ if (conn->dialect >= SMB30_PROT_ID) {
+ chann = lookup_chann_list(sess);
+ if (!chann) {
+ chann = kmalloc(sizeof(struct channel), GFP_KERNEL);
+ if (!chann)
+ return -ENOMEM;
+
+ chann->conn = conn;
+ INIT_LIST_HEAD(&chann->chann_list);
+ list_add(&chann->chann_list, &sess->ksmbd_chann_list);
+ }
+ }
+
+ if (conn->ops->generate_signingkey) {
+ rc = conn->ops->generate_signingkey(sess);
+ if (rc) {
+ ksmbd_debug(SMB,
+ "SMB3 signing key generation failed\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return rc;
+ }
+ }
+
+ if (conn->dialect > SMB20_PROT_ID) {
+ if (!ksmbd_conn_lookup_dialect(conn)) {
+ ksmbd_err("fail to verify the dialect\n");
+ rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
+ return -EPERM;
+ }
+ }
+ return 0;
+}
+
+#ifdef CONFIG_SMB_SERVER_KERBEROS5
+static int krb5_authenticate(struct ksmbd_work *work)
+{
+ struct smb2_sess_setup_req *req = REQUEST_BUF(work);
+ struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct ksmbd_conn *conn = work->conn;
+ struct ksmbd_session *sess = work->sess;
+ char *in_blob, *out_blob;
+ struct channel *chann = NULL;
+ uint64_t prev_sess_id;
+ int in_len, out_len;
+ int retval;
+
+ in_blob = (char *)&req->hdr.ProtocolId +
+ le16_to_cpu(req->SecurityBufferOffset);
+ in_len = le16_to_cpu(req->SecurityBufferLength);
+ out_blob = (char *)&rsp->hdr.ProtocolId +
+ le16_to_cpu(rsp->SecurityBufferOffset);
+ out_len = work->response_sz -
+ offsetof(struct smb2_hdr, smb2_buf_length) -
+ le16_to_cpu(rsp->SecurityBufferOffset);
+
+ /* Check previous session */
+ prev_sess_id = le64_to_cpu(req->PreviousSessionId);
+ if (prev_sess_id && prev_sess_id != sess->id)
+ destroy_previous_session(sess->user, prev_sess_id);
+
+ if (sess->state == SMB2_SESSION_VALID)
+ ksmbd_free_user(sess->user);
+
+ retval = ksmbd_krb5_authenticate(sess, in_blob, in_len,
+ out_blob, &out_len);
+ if (retval) {
+ ksmbd_debug(SMB, "krb5 authentication failed\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return retval;
+ }
+ rsp->SecurityBufferLength = cpu_to_le16(out_len);
+ inc_rfc1001_len(rsp, out_len - 1);
+
+ if ((conn->sign || server_conf.enforced_signing) ||
+ (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
+ sess->sign = true;
+
+ if ((conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION) &&
+ conn->ops->generate_encryptionkey) {
+ retval = conn->ops->generate_encryptionkey(sess);
+ if (retval) {
+ ksmbd_debug(SMB,
+ "SMB3 encryption key generation failed\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return retval;
+ }
+ sess->enc = true;
+ rsp->SessionFlags = SMB2_SESSION_FLAG_ENCRYPT_DATA_LE;
+ sess->sign = false;
+ }
+
+ if (conn->dialect >= SMB30_PROT_ID) {
+ chann = lookup_chann_list(sess);
+ if (!chann) {
+ chann = kmalloc(sizeof(struct channel), GFP_KERNEL);
+ if (!chann)
+ return -ENOMEM;
+
+ chann->conn = conn;
+ INIT_LIST_HEAD(&chann->chann_list);
+ list_add(&chann->chann_list, &sess->ksmbd_chann_list);
+ }
+ }
+
+ if (conn->ops->generate_signingkey) {
+ retval = conn->ops->generate_signingkey(sess);
+ if (retval) {
+ ksmbd_debug(SMB,
+ "SMB3 signing key generation failed\n");
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+ return retval;
+ }
+ }
+
+ if (conn->dialect > SMB20_PROT_ID) {
+ if (!ksmbd_conn_lookup_dialect(conn)) {
+ ksmbd_err("fail to verify the dialect\n");
+ rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
+ return -EPERM;
+ }
+ }
+ return 0;
+}
+#else
+static int krb5_authenticate(struct ksmbd_work *work)
+{
+ return -EOPNOTSUPP;
+}
+#endif
+
+int smb2_sess_setup(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_sess_setup_req *req = REQUEST_BUF(work);
+ struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct ksmbd_session *sess;
+ struct negotiate_message *negblob;
+ int rc = 0;
+
+ ksmbd_debug(SMB, "Received request for session setup\n");
+
+ rsp->StructureSize = cpu_to_le16(9);
+ rsp->SessionFlags = 0;
+ rsp->SecurityBufferOffset = cpu_to_le16(72);
+ rsp->SecurityBufferLength = 0;
+ inc_rfc1001_len(rsp, 9);
+
+ if (!req->hdr.SessionId) {
+ sess = ksmbd_smb2_session_create();
+ if (!sess) {
+ rc = -ENOMEM;
+ goto out_err;
+ }
+ rsp->hdr.SessionId = cpu_to_le64(sess->id);
+ ksmbd_session_register(conn, sess);
+ } else {
+ sess = ksmbd_session_lookup(conn,
+ le64_to_cpu(req->hdr.SessionId));
+ if (!sess) {
+ rc = -ENOENT;
+ rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
+ goto out_err;
+ }
+ }
+ work->sess = sess;
+
+ if (sess->state == SMB2_SESSION_EXPIRED)
+ sess->state = SMB2_SESSION_IN_PROGRESS;
+
+ negblob = (struct negotiate_message *)((char *)&req->hdr.ProtocolId +
+ le16_to_cpu(req->SecurityBufferOffset));
+
+ if (decode_negotiation_token(work, negblob) == 0) {
+ if (conn->mechToken)
+ negblob = (struct negotiate_message *)conn->mechToken;
+ }
+
+ if (server_conf.auth_mechs & conn->auth_mechs) {
+ if (conn->preferred_auth_mech &
+ (KSMBD_AUTH_KRB5 | KSMBD_AUTH_MSKRB5)) {
+ rc = generate_preauth_hash(work);
+ if (rc)
+ goto out_err;
+
+ rc = krb5_authenticate(work);
+ if (rc) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out_err;
+ }
+
+ ksmbd_conn_set_good(work);
+ sess->state = SMB2_SESSION_VALID;
+ ksmbd_free(sess->Preauth_HashValue);
+ sess->Preauth_HashValue = NULL;
+ } else if (conn->preferred_auth_mech == KSMBD_AUTH_NTLMSSP) {
+ rc = generate_preauth_hash(work);
+ if (rc)
+ goto out_err;
+
+ if (negblob->MessageType == NtLmNegotiate) {
+ rc = ntlm_negotiate(work, negblob);
+ if (rc)
+ goto out_err;
+ rsp->hdr.Status =
+ STATUS_MORE_PROCESSING_REQUIRED;
+ /*
+ * Note: here total size -1 is done as an
+ * adjustment for 0 size blob
+ */
+ inc_rfc1001_len(rsp,
+ le16_to_cpu(rsp->SecurityBufferLength)
+ - 1);
+
+ } else if (negblob->MessageType == NtLmAuthenticate) {
+ rc = ntlm_authenticate(work);
+ if (rc)
+ goto out_err;
+
+ ksmbd_conn_set_good(work);
+ sess->state = SMB2_SESSION_VALID;
+ ksmbd_free(sess->Preauth_HashValue);
+ sess->Preauth_HashValue = NULL;
+ }
+ } else {
+ /* TODO: need one more negotiation */
+ ksmbd_err("Not support the preferred authentication\n");
+ rc = -EINVAL;
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ }
+ } else {
+ ksmbd_err("Not support authentication\n");
+ rc = -EINVAL;
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ }
+
+out_err:
+ if (conn->use_spnego && conn->mechToken) {
+ kfree(conn->mechToken);
+ conn->mechToken = NULL;
+ }
+
+ if (rc < 0 && sess) {
+ ksmbd_session_destroy(sess);
+ work->sess = NULL;
+ }
+
+ return rc;
+}
+
+/**
+ * smb2_tree_connect() - handler for smb2 tree connect command
+ * @work: smb work containing smb request buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_tree_connect(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_tree_connect_req *req = REQUEST_BUF(work);
+ struct smb2_tree_connect_rsp *rsp = RESPONSE_BUF(work);
+ struct ksmbd_session *sess = work->sess;
+ char *treename = NULL, *name = NULL;
+ struct ksmbd_tree_conn_status status;
+ struct ksmbd_share_config *share;
+ int rc = -EINVAL;
+
+ treename = smb_strndup_from_utf16(req->Buffer,
+ le16_to_cpu(req->PathLength), true, conn->local_nls);
+ if (IS_ERR(treename)) {
+ ksmbd_err("treename is NULL\n");
+ status.ret = KSMBD_TREE_CONN_STATUS_ERROR;
+ goto out_err1;
+ }
+
+ name = extract_sharename(treename);
+ if (IS_ERR(name)) {
+ status.ret = KSMBD_TREE_CONN_STATUS_ERROR;
+ goto out_err1;
+ }
+
+ ksmbd_debug(SMB, "tree connect request for tree %s treename %s\n",
+ name, treename);
+
+ status = ksmbd_tree_conn_connect(sess, name);
+ if (status.ret == KSMBD_TREE_CONN_STATUS_OK)
+ rsp->hdr.Id.SyncId.TreeId = cpu_to_le32(status.tree_conn->id);
+ else
+ goto out_err1;
+
+ share = status.tree_conn->share_conf;
+ if (test_share_config_flag(share, KSMBD_SHARE_FLAG_PIPE)) {
+ ksmbd_debug(SMB, "IPC share path request\n");
+ rsp->ShareType = SMB2_SHARE_TYPE_PIPE;
+ rsp->MaximalAccess = FILE_READ_DATA_LE | FILE_READ_EA_LE |
+ FILE_EXECUTE_LE | FILE_READ_ATTRIBUTES_LE |
+ FILE_DELETE_LE | FILE_READ_CONTROL_LE |
+ FILE_WRITE_DAC_LE | FILE_WRITE_OWNER_LE |
+ FILE_SYNCHRONIZE_LE;
+ } else {
+ rsp->ShareType = SMB2_SHARE_TYPE_DISK;
+ rsp->MaximalAccess = FILE_READ_DATA_LE | FILE_READ_EA_LE |
+ FILE_EXECUTE_LE | FILE_READ_ATTRIBUTES_LE;
+ if (test_tree_conn_flag(status.tree_conn,
+ KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ rsp->MaximalAccess |= FILE_WRITE_DATA_LE |
+ FILE_APPEND_DATA_LE | FILE_WRITE_EA_LE |
+ FILE_DELETE_CHILD_LE | FILE_DELETE_LE |
+ FILE_WRITE_ATTRIBUTES_LE | FILE_DELETE_LE |
+ FILE_READ_CONTROL_LE | FILE_WRITE_DAC_LE |
+ FILE_WRITE_OWNER_LE | FILE_SYNCHRONIZE_LE;
+ }
+ }
+
+ status.tree_conn->maximal_access = le32_to_cpu(rsp->MaximalAccess);
+ if (conn->posix_ext_supported)
+ status.tree_conn->posix_extensions = true;
+
+out_err1:
+ rsp->StructureSize = cpu_to_le16(16);
+ rsp->Capabilities = 0;
+ rsp->Reserved = 0;
+ /* default manual caching */
+ rsp->ShareFlags = SMB2_SHAREFLAG_MANUAL_CACHING;
+ inc_rfc1001_len(rsp, 16);
+
+ if (!IS_ERR(treename))
+ kfree(treename);
+ if (!IS_ERR(name))
+ kfree(name);
+
+ switch (status.ret) {
+ case KSMBD_TREE_CONN_STATUS_OK:
+ rsp->hdr.Status = STATUS_SUCCESS;
+ rc = 0;
+ break;
+ case KSMBD_TREE_CONN_STATUS_NO_SHARE:
+ rsp->hdr.Status = STATUS_BAD_NETWORK_PATH;
+ break;
+ case -ENOMEM:
+ case KSMBD_TREE_CONN_STATUS_NOMEM:
+ rsp->hdr.Status = STATUS_NO_MEMORY;
+ break;
+ case KSMBD_TREE_CONN_STATUS_ERROR:
+ case KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS:
+ case KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS:
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ break;
+ case -EINVAL:
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ break;
+ default:
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ }
+
+ return rc;
+}
+
+/**
+ * smb2_create_open_flags() - convert smb open flags to unix open flags
+ * @file_present: is file already present
+ * @access: file access flags
+ * @disposition: file disposition flags
+ * @work: smb work containing smb request buffer
+ *
+ * Return: file open flags
+ */
+static int smb2_create_open_flags(bool file_present, __le32 access,
+ __le32 disposition)
+{
+ int oflags = O_NONBLOCK | O_LARGEFILE;
+
+ if (access & FILE_READ_DESIRED_ACCESS_LE &&
+ access & FILE_WRITE_DESIRE_ACCESS_LE)
+ oflags |= O_RDWR;
+ else if (access & FILE_WRITE_DESIRE_ACCESS_LE)
+ oflags |= O_WRONLY;
+ else
+ oflags |= O_RDONLY;
+
+ if (access == FILE_READ_ATTRIBUTES_LE)
+ oflags |= O_PATH;
+
+ if (file_present) {
+ switch (disposition & FILE_CREATE_MASK_LE) {
+ case FILE_OPEN_LE:
+ case FILE_CREATE_LE:
+ break;
+ case FILE_SUPERSEDE_LE:
+ case FILE_OVERWRITE_LE:
+ case FILE_OVERWRITE_IF_LE:
+ oflags |= O_TRUNC;
+ break;
+ default:
+ break;
+ }
+ } else {
+ switch (disposition & FILE_CREATE_MASK_LE) {
+ case FILE_SUPERSEDE_LE:
+ case FILE_CREATE_LE:
+ case FILE_OPEN_IF_LE:
+ case FILE_OVERWRITE_IF_LE:
+ oflags |= O_CREAT;
+ break;
+ case FILE_OPEN_LE:
+ case FILE_OVERWRITE_LE:
+ oflags &= ~O_CREAT;
+ break;
+ default:
+ break;
+ }
+ }
+ return oflags;
+}
+
+/**
+ * smb2_tree_disconnect() - handler for smb tree connect request
+ * @work: smb work containing request buffer
+ *
+ * Return: 0
+ */
+int smb2_tree_disconnect(struct ksmbd_work *work)
+{
+ struct smb2_tree_disconnect_rsp *rsp = RESPONSE_BUF(work);
+ struct ksmbd_session *sess = work->sess;
+ struct ksmbd_tree_connect *tcon = work->tcon;
+
+ rsp->StructureSize = cpu_to_le16(4);
+ inc_rfc1001_len(rsp, 4);
+
+ ksmbd_debug(SMB, "request\n");
+
+ if (!tcon) {
+ struct smb2_tree_disconnect_req *req = REQUEST_BUF(work);
+
+ ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId);
+ rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED;
+ smb2_set_err_rsp(work);
+ return 0;
+ }
+
+ ksmbd_close_tree_conn_fds(work);
+ ksmbd_tree_conn_disconnect(sess, tcon);
+ return 0;
+}
+
+/**
+ * smb2_session_logoff() - handler for session log off request
+ * @work: smb work containing request buffer
+ *
+ * Return: 0
+ */
+int smb2_session_logoff(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_logoff_rsp *rsp = RESPONSE_BUF(work);
+ struct ksmbd_session *sess = work->sess;
+
+ rsp->StructureSize = cpu_to_le16(4);
+ inc_rfc1001_len(rsp, 4);
+
+ ksmbd_debug(SMB, "request\n");
+
+ /* Got a valid session, set connection state */
+ WARN_ON(sess->conn != conn);
+
+ /* setting CifsExiting here may race with start_tcp_sess */
+ ksmbd_conn_set_need_reconnect(work);
+ ksmbd_close_session_fds(work);
+ ksmbd_conn_wait_idle(conn);
+
+ if (ksmbd_tree_conn_session_logoff(sess)) {
+ struct smb2_logoff_req *req = REQUEST_BUF(work);
+
+ ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId);
+ rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED;
+ smb2_set_err_rsp(work);
+ return 0;
+ }
+
+ ksmbd_destroy_file_table(&sess->file_table);
+ sess->state = SMB2_SESSION_EXPIRED;
+
+ ksmbd_free_user(sess->user);
+ sess->user = NULL;
+
+ /* let start_tcp_sess free connection info now */
+ ksmbd_conn_set_need_negotiate(work);
+ return 0;
+}
+
+/**
+ * create_smb2_pipe() - create IPC pipe
+ * @work: smb work containing request buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+static noinline int create_smb2_pipe(struct ksmbd_work *work)
+{
+ struct smb2_create_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_create_req *req = REQUEST_BUF(work);
+ int id;
+ int err;
+ char *name;
+
+ name = smb_strndup_from_utf16(req->Buffer, le16_to_cpu(req->NameLength),
+ 1, work->conn->local_nls);
+ if (IS_ERR(name)) {
+ rsp->hdr.Status = STATUS_NO_MEMORY;
+ err = PTR_ERR(name);
+ goto out;
+ }
+
+ id = ksmbd_session_rpc_open(work->sess, name);
+ if (id < 0)
+ ksmbd_err("Unable to open RPC pipe: %d\n", id);
+
+ rsp->StructureSize = cpu_to_le16(89);
+ rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE;
+ rsp->Reserved = 0;
+ rsp->CreateAction = cpu_to_le32(FILE_OPENED);
+
+ rsp->CreationTime = cpu_to_le64(0);
+ rsp->LastAccessTime = cpu_to_le64(0);
+ rsp->ChangeTime = cpu_to_le64(0);
+ rsp->AllocationSize = cpu_to_le64(0);
+ rsp->EndofFile = cpu_to_le64(0);
+ rsp->FileAttributes = ATTR_NORMAL_LE;
+ rsp->Reserved2 = 0;
+ rsp->VolatileFileId = cpu_to_le64(id);
+ rsp->PersistentFileId = 0;
+ rsp->CreateContextsOffset = 0;
+ rsp->CreateContextsLength = 0;
+
+ inc_rfc1001_len(rsp, 88); /* StructureSize - 1*/
+ kfree(name);
+ return 0;
+
+out:
+ smb2_set_err_rsp(work);
+ return err;
+}
+
+#define DURABLE_RECONN_V2 1
+#define DURABLE_RECONN 2
+#define DURABLE_REQ_V2 3
+#define DURABLE_REQ 4
+#define APP_INSTANCE_ID 5
+
+struct durable_info {
+ struct ksmbd_file *fp;
+ int type;
+ int reconnected;
+ int persistent;
+ int timeout;
+ char *CreateGuid;
+ char *app_id;
+};
+
+static int parse_durable_handle_context(struct ksmbd_work *work,
+ struct smb2_create_req *req, struct lease_ctx_info *lc,
+ struct durable_info *d_info)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct create_context *context;
+ int i, err = 0;
+ uint64_t persistent_id = 0;
+ int req_op_level;
+ static const char * const durable_arr[] = {"DH2C", "DHnC", "DH2Q",
+ "DHnQ", SMB2_CREATE_APP_INSTANCE_ID};
+
+ req_op_level = req->RequestedOplockLevel;
+ for (i = 1; i <= 5; i++) {
+ context = smb2_find_context_vals(req, durable_arr[i - 1]);
+ if (IS_ERR(context)) {
+ err = PTR_ERR(context);
+ if (err == -EINVAL) {
+ ksmbd_err("bad name length\n");
+ goto out;
+ }
+ err = 0;
+ continue;
+ }
+
+ switch (i) {
+ case DURABLE_RECONN_V2:
+ {
+ struct create_durable_reconn_v2_req *recon_v2;
+
+ recon_v2 =
+ (struct create_durable_reconn_v2_req *)context;
+ persistent_id = le64_to_cpu(
+ recon_v2->Fid.PersistentFileId);
+ d_info->fp = ksmbd_lookup_durable_fd(persistent_id);
+ if (!d_info->fp) {
+ ksmbd_err("Failed to get Durable handle state\n");
+ err = -EBADF;
+ goto out;
+ }
+
+ if (memcmp(d_info->fp->create_guid,
+ recon_v2->CreateGuid,
+ SMB2_CREATE_GUID_SIZE)) {
+ err = -EBADF;
+ goto out;
+ }
+ d_info->type = i;
+ d_info->reconnected = 1;
+ ksmbd_debug(SMB,
+ "reconnect v2 Persistent-id from reconnect = %llu\n",
+ persistent_id);
+ break;
+ }
+ case DURABLE_RECONN:
+ {
+ struct create_durable_reconn_req *recon;
+
+ if (d_info->type == DURABLE_RECONN_V2 ||
+ d_info->type == DURABLE_REQ_V2) {
+ err = -EINVAL;
+ goto out;
+ }
+
+ recon =
+ (struct create_durable_reconn_req *)context;
+ persistent_id = le64_to_cpu(
+ recon->Data.Fid.PersistentFileId);
+ d_info->fp = ksmbd_lookup_durable_fd(persistent_id);
+ if (!d_info->fp) {
+ ksmbd_err("Failed to get Durable handle state\n");
+ err = -EBADF;
+ goto out;
+ }
+ d_info->type = i;
+ d_info->reconnected = 1;
+ ksmbd_debug(SMB,
+ "reconnect Persistent-id from reconnect = %llu\n",
+ persistent_id);
+ break;
+ }
+ case DURABLE_REQ_V2:
+ {
+ struct create_durable_req_v2 *durable_v2_blob;
+
+ if (d_info->type == DURABLE_RECONN ||
+ d_info->type == DURABLE_RECONN_V2) {
+ err = -EINVAL;
+ goto out;
+ }
+
+ durable_v2_blob =
+ (struct create_durable_req_v2 *)context;
+ ksmbd_debug(SMB, "Request for durable v2 open\n");
+ d_info->fp = ksmbd_lookup_fd_cguid(
+ durable_v2_blob->CreateGuid);
+ if (d_info->fp) {
+ if (!memcmp(conn->ClientGUID,
+ d_info->fp->client_guid,
+ SMB2_CLIENT_GUID_SIZE)) {
+ if (!(req->hdr.Flags &
+ SMB2_FLAGS_REPLAY_OPERATIONS)) {
+ err = -ENOEXEC;
+ goto out;
+ }
+
+ d_info->fp->conn = conn;
+ d_info->reconnected = 1;
+ goto out;
+ }
+ }
+ if (((lc &&
+ (lc->req_state &
+ SMB2_LEASE_HANDLE_CACHING_LE)) ||
+ (req_op_level == SMB2_OPLOCK_LEVEL_BATCH))) {
+ d_info->CreateGuid =
+ durable_v2_blob->CreateGuid;
+ d_info->persistent =
+ le32_to_cpu(durable_v2_blob->Flags);
+ d_info->timeout =
+ le32_to_cpu(durable_v2_blob->Timeout);
+ d_info->type = i;
+ }
+ break;
+ }
+ case DURABLE_REQ:
+ if (d_info->type == DURABLE_RECONN)
+ goto out;
+ if (d_info->type == DURABLE_RECONN_V2 ||
+ d_info->type == DURABLE_REQ_V2) {
+ err = -EINVAL;
+ goto out;
+ }
+
+ if (((lc &&
+ (lc->req_state &
+ SMB2_LEASE_HANDLE_CACHING_LE)) ||
+ (req_op_level == SMB2_OPLOCK_LEVEL_BATCH))) {
+ ksmbd_debug(SMB, "Request for durable open\n");
+ d_info->type = i;
+ }
+ break;
+ case APP_INSTANCE_ID:
+ {
+ struct create_app_inst_id *inst_id;
+
+ inst_id = (struct create_app_inst_id *)context;
+ ksmbd_close_fd_app_id(work, inst_id->AppInstanceId);
+ d_info->app_id = inst_id->AppInstanceId;
+ break;
+ }
+ default:
+ break;
+ }
+ }
+
+out:
+
+ return err;
+}
+
+/**
+ * smb2_set_ea() - handler for setting extended attributes using set
+ * info command
+ * @eabuf: set info command buffer
+ * @path: dentry path for get ea
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_set_ea(struct smb2_ea_info *eabuf, struct path *path)
+{
+ char *attr_name = NULL, *value;
+ int rc = 0;
+ int next = 0;
+
+ attr_name = kmalloc(XATTR_NAME_MAX + 1, GFP_KERNEL);
+ if (!attr_name)
+ return -ENOMEM;
+
+ do {
+ if (!eabuf->EaNameLength)
+ goto next;
+
+ ksmbd_debug(SMB,
+ "name : <%s>, name_len : %u, value_len : %u, next : %u\n",
+ eabuf->name, eabuf->EaNameLength,
+ le16_to_cpu(eabuf->EaValueLength),
+ le32_to_cpu(eabuf->NextEntryOffset));
+
+ if (eabuf->EaNameLength >
+ (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN)) {
+ rc = -EINVAL;
+ break;
+ }
+
+ memcpy(attr_name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN);
+ memcpy(&attr_name[XATTR_USER_PREFIX_LEN], eabuf->name,
+ eabuf->EaNameLength);
+ attr_name[XATTR_USER_PREFIX_LEN + eabuf->EaNameLength] = '\0';
+ value = (char *)&eabuf->name + eabuf->EaNameLength + 1;
+
+ if (!eabuf->EaValueLength) {
+ rc = ksmbd_vfs_casexattr_len(path->dentry,
+ attr_name,
+ XATTR_USER_PREFIX_LEN +
+ eabuf->EaNameLength);
+
+ /* delete the EA only when it exits */
+ if (rc > 0) {
+ rc = ksmbd_vfs_remove_xattr(path->dentry,
+ attr_name);
+
+ if (rc < 0) {
+ ksmbd_debug(SMB,
+ "remove xattr failed(%d)\n",
+ rc);
+ break;
+ }
+ }
+
+ /* if the EA doesn't exist, just do nothing. */
+ rc = 0;
+ } else {
+ rc = ksmbd_vfs_setxattr(path->dentry, attr_name, value,
+ le16_to_cpu(eabuf->EaValueLength), 0);
+ if (rc < 0) {
+ ksmbd_debug(SMB,
+ "ksmbd_vfs_setxattr is failed(%d)\n",
+ rc);
+ break;
+ }
+ }
+
+next:
+ next = le32_to_cpu(eabuf->NextEntryOffset);
+ eabuf = (struct smb2_ea_info *)((char *)eabuf + next);
+ } while (next != 0);
+
+ kfree(attr_name);
+ return rc;
+}
+
+static inline int check_context_err(void *ctx, char *str)
+{
+ int err;
+
+ err = PTR_ERR(ctx);
+ ksmbd_debug(SMB, "find context %s err %d\n", str, err);
+
+ if (err == -EINVAL) {
+ ksmbd_err("bad name length\n");
+ return err;
+ }
+
+ return 0;
+}
+
+static noinline int smb2_set_stream_name_xattr(struct path *path,
+ struct ksmbd_file *fp,
+ char *stream_name,
+ int s_type)
+{
+ size_t xattr_stream_size;
+ char *xattr_stream_name;
+ int rc;
+
+ rc = ksmbd_vfs_xattr_stream_name(stream_name,
+ &xattr_stream_name,
+ &xattr_stream_size,
+ s_type);
+ if (rc)
+ return rc;
+
+ fp->stream.name = xattr_stream_name;
+ fp->stream.size = xattr_stream_size;
+
+ /* Check if there is stream prefix in xattr space */
+ rc = ksmbd_vfs_casexattr_len(path->dentry,
+ xattr_stream_name,
+ xattr_stream_size);
+ if (rc >= 0)
+ return 0;
+
+ if (fp->cdoption == FILE_OPEN_LE) {
+ ksmbd_debug(SMB, "XATTR stream name lookup failed: %d\n", rc);
+ return -EBADF;
+ }
+
+ rc = ksmbd_vfs_setxattr(path->dentry, xattr_stream_name, NULL, 0, 0);
+ if (rc < 0)
+ ksmbd_err("Failed to store XATTR stream name :%d\n", rc);
+ return 0;
+}
+
+static int smb2_remove_smb_xattrs(struct dentry *dentry)
+{
+ char *name, *xattr_list = NULL;
+ ssize_t xattr_list_len;
+ int err = 0;
+
+ xattr_list_len = ksmbd_vfs_listxattr(dentry, &xattr_list);
+ if (xattr_list_len < 0) {
+ goto out;
+ } else if (!xattr_list_len) {
+ ksmbd_debug(SMB, "empty xattr in the file\n");
+ goto out;
+ }
+
+ for (name = xattr_list; name - xattr_list < xattr_list_len;
+ name += strlen(name) + 1) {
+ ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name));
+
+ if (strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) &&
+ strncmp(&name[XATTR_USER_PREFIX_LEN],
+ DOS_ATTRIBUTE_PREFIX,
+ DOS_ATTRIBUTE_PREFIX_LEN) &&
+ strncmp(&name[XATTR_USER_PREFIX_LEN],
+ STREAM_PREFIX,
+ STREAM_PREFIX_LEN))
+ continue;
+
+ err = ksmbd_vfs_remove_xattr(dentry, name);
+ if (err)
+ ksmbd_debug(SMB, "remove xattr failed : %s\n", name);
+ }
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+ return err;
+}
+
+static int smb2_create_truncate(struct path *path)
+{
+ int rc = vfs_truncate(path, 0);
+
+ if (rc) {
+ ksmbd_err("vfs_truncate failed, rc %d\n", rc);
+ return rc;
+ }
+
+ rc = smb2_remove_smb_xattrs(path->dentry);
+ if (rc == -EOPNOTSUPP)
+ rc = 0;
+ if (rc)
+ ksmbd_debug(SMB,
+ "ksmbd_truncate_stream_name_xattr failed, rc %d\n",
+ rc);
+ return rc;
+}
+
+static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon,
+ struct path *path,
+ struct ksmbd_file *fp)
+{
+ struct xattr_dos_attrib da = {0};
+ int rc;
+
+ if (!test_share_config_flag(tcon->share_conf,
+ KSMBD_SHARE_FLAG_STORE_DOS_ATTRS))
+ return;
+
+ da.version = 4;
+ da.attr = le32_to_cpu(fp->f_ci->m_fattr);
+ da.itime = da.create_time = fp->create_time;
+ da.flags = XATTR_DOSINFO_ATTRIB | XATTR_DOSINFO_CREATE_TIME |
+ XATTR_DOSINFO_ITIME;
+
+ rc = ksmbd_vfs_set_dos_attrib_xattr(path->dentry, &da);
+ if (rc)
+ ksmbd_debug(SMB, "failed to store file attribute into xattr\n");
+}
+
+static void smb2_update_xattrs(struct ksmbd_tree_connect *tcon,
+ struct path *path,
+ struct ksmbd_file *fp)
+{
+ struct xattr_dos_attrib da;
+ int rc;
+
+ fp->f_ci->m_fattr &= ~(ATTR_HIDDEN_LE | ATTR_SYSTEM_LE);
+
+ /* get FileAttributes from XATTR_NAME_DOS_ATTRIBUTE */
+ if (!test_share_config_flag(tcon->share_conf,
+ KSMBD_SHARE_FLAG_STORE_DOS_ATTRS))
+ return;
+
+ rc = ksmbd_vfs_get_dos_attrib_xattr(path->dentry, &da);
+ if (rc > 0) {
+ fp->f_ci->m_fattr = cpu_to_le32(da.attr);
+ fp->create_time = da.create_time;
+ fp->itime = da.itime;
+ }
+}
+
+static int smb2_creat(struct ksmbd_work *work,
+ struct path *path,
+ char *name,
+ int open_flags,
+ umode_t posix_mode,
+ bool is_dir)
+{
+ struct ksmbd_tree_connect *tcon = work->tcon;
+ struct ksmbd_share_config *share = tcon->share_conf;
+ umode_t mode;
+ int rc;
+
+ if (!(open_flags & O_CREAT))
+ return -EBADF;
+
+ ksmbd_debug(SMB, "file does not exist, so creating\n");
+ if (is_dir == true) {
+ ksmbd_debug(SMB, "creating directory\n");
+
+ mode = share_config_directory_mode(share, posix_mode);
+ rc = ksmbd_vfs_mkdir(work, name, mode);
+ if (rc)
+ return rc;
+ } else {
+ ksmbd_debug(SMB, "creating regular file\n");
+
+ mode = share_config_create_mode(share, posix_mode);
+ rc = ksmbd_vfs_create(work, name, mode);
+ if (rc)
+ return rc;
+ }
+
+ rc = ksmbd_vfs_kern_path(name, 0, path, 0);
+ if (rc) {
+ ksmbd_err("cannot get linux path (%s), err = %d\n",
+ name, rc);
+ return rc;
+ }
+ return 0;
+}
+
+static int smb2_create_sd_buffer(struct ksmbd_work *work,
+ struct smb2_create_req *req, struct dentry *dentry)
+{
+ struct create_context *context;
+ int rc = -ENOENT;
+
+ if (!req->CreateContextsOffset)
+ return rc;
+
+ /* Parse SD BUFFER create contexts */
+ context = smb2_find_context_vals(req, SMB2_CREATE_SD_BUFFER);
+ if (context && !IS_ERR(context)) {
+ struct create_sd_buf_req *sd_buf;
+
+ ksmbd_debug(SMB,
+ "Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
+ sd_buf = (struct create_sd_buf_req *)context;
+ rc = set_info_sec(work->conn, work->tcon, dentry, &sd_buf->ntsd,
+ le32_to_cpu(sd_buf->ccontext.DataLength), true);
+ }
+
+ return rc;
+}
+
+/**
+ * smb2_open() - handler for smb file open request
+ * @work: smb work containing request buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_open(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct ksmbd_session *sess = work->sess;
+ struct ksmbd_tree_connect *tcon = work->tcon;
+ struct smb2_create_req *req;
+ struct smb2_create_rsp *rsp, *rsp_org;
+ struct path path;
+ struct ksmbd_share_config *share = tcon->share_conf;
+ struct ksmbd_file *fp = NULL;
+ struct file *filp = NULL;
+ struct kstat stat;
+ struct create_context *context;
+ struct lease_ctx_info *lc = NULL;
+ struct create_ea_buf_req *ea_buf = NULL;
+ struct oplock_info *opinfo;
+ __le32 *next_ptr = NULL;
+ int req_op_level = 0, open_flags = 0, file_info = 0;
+ int rc = 0, len = 0;
+ int contxt_cnt = 0, query_disk_id = 0;
+ int maximal_access_ctxt = 0, posix_ctxt = 0;
+ int s_type = 0;
+ int next_off = 0;
+ char *name = NULL;
+ char *stream_name = NULL;
+ bool file_present = false, created = false, already_permitted = false;
+ struct durable_info d_info;
+ int share_ret, need_truncate = 0;
+ u64 time;
+ umode_t posix_mode = 0;
+ __le32 daccess, maximal_access = 0;
+
+ rsp_org = RESPONSE_BUF(work);
+ WORK_BUFFERS(work, req, rsp);
+
+ if (req->hdr.NextCommand && !work->next_smb2_rcv_hdr_off &&
+ (req->hdr.Flags & SMB2_FLAGS_RELATED_OPERATIONS)) {
+ ksmbd_debug(SMB, "invalid flag in chained command\n");
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ smb2_set_err_rsp(work);
+ return -EINVAL;
+ }
+
+ if (test_share_config_flag(share, KSMBD_SHARE_FLAG_PIPE)) {
+ ksmbd_debug(SMB, "IPC pipe create request\n");
+ return create_smb2_pipe(work);
+ }
+
+ if (req->NameLength) {
+ if ((req->CreateOptions & FILE_DIRECTORY_FILE_LE) &&
+ *(char *)req->Buffer == '\\') {
+ ksmbd_err("not allow directory name included leadning slash\n");
+ rc = -EINVAL;
+ goto err_out1;
+ }
+
+ name = smb2_get_name(share,
+ req->Buffer,
+ le16_to_cpu(req->NameLength),
+ work->conn->local_nls);
+ if (IS_ERR(name)) {
+ rc = PTR_ERR(name);
+ if (rc != -ENOMEM)
+ rc = -ENOENT;
+ goto err_out1;
+ }
+
+ ksmbd_debug(SMB, "converted name = %s\n", name);
+ if (strchr(name, ':')) {
+ if (!test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_STREAMS)) {
+ rc = -EBADF;
+ goto err_out1;
+ }
+ rc = parse_stream_name(name, &stream_name, &s_type);
+ if (rc < 0)
+ goto err_out1;
+ }
+
+ rc = ksmbd_validate_filename(name);
+ if (rc < 0)
+ goto err_out1;
+
+ if (ksmbd_share_veto_filename(share, name)) {
+ rc = -ENOENT;
+ ksmbd_debug(SMB, "Reject open(), vetoed file: %s\n",
+ name);
+ goto err_out1;
+ }
+ } else {
+ len = strlen(share->path);
+ ksmbd_debug(SMB, "share path len %d\n", len);
+ name = kmalloc(len + 1, GFP_KERNEL);
+ if (!name) {
+ rsp->hdr.Status = STATUS_NO_MEMORY;
+ rc = -ENOMEM;
+ goto err_out1;
+ }
+
+ memcpy(name, share->path, len);
+ *(name + len) = '\0';
+ }
+
+ req_op_level = req->RequestedOplockLevel;
+ memset(&d_info, 0, sizeof(struct durable_info));
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_DURABLE_HANDLE &&
+ req->CreateContextsOffset) {
+ lc = parse_lease_state(req);
+ rc = parse_durable_handle_context(work, req, lc, &d_info);
+ if (rc) {
+ ksmbd_err("error parsing durable handle context\n");
+ goto err_out1;
+ }
+
+ if (d_info.reconnected) {
+ fp = d_info.fp;
+ rc = smb2_check_durable_oplock(d_info.fp, lc, name);
+ if (rc)
+ goto err_out1;
+ rc = ksmbd_reopen_durable_fd(work, d_info.fp);
+ if (rc)
+ goto err_out1;
+ if (ksmbd_override_fsids(work)) {
+ rc = -ENOMEM;
+ goto err_out1;
+ }
+ file_info = FILE_OPENED;
+ fp = d_info.fp;
+ goto reconnected;
+ }
+ } else {
+ if (req_op_level == SMB2_OPLOCK_LEVEL_LEASE)
+ lc = parse_lease_state(req);
+ }
+
+ if (le32_to_cpu(req->ImpersonationLevel) >
+ le32_to_cpu(IL_DELEGATE_LE)) {
+ ksmbd_err("Invalid impersonationlevel : 0x%x\n",
+ le32_to_cpu(req->ImpersonationLevel));
+ rc = -EIO;
+ rsp->hdr.Status = STATUS_BAD_IMPERSONATION_LEVEL;
+ goto err_out1;
+ }
+
+ if (req->CreateOptions && !(req->CreateOptions & CREATE_OPTIONS_MASK)) {
+ ksmbd_err("Invalid create options : 0x%x\n",
+ le32_to_cpu(req->CreateOptions));
+ rc = -EINVAL;
+ goto err_out1;
+ } else {
+
+ if (req->CreateOptions & FILE_SEQUENTIAL_ONLY_LE &&
+ req->CreateOptions & FILE_RANDOM_ACCESS_LE)
+ req->CreateOptions = ~(FILE_SEQUENTIAL_ONLY_LE);
+
+ if (req->CreateOptions & (FILE_OPEN_BY_FILE_ID_LE |
+ CREATE_TREE_CONNECTION | FILE_RESERVE_OPFILTER_LE)) {
+ rc = -EOPNOTSUPP;
+ goto err_out1;
+ }
+
+ if (req->CreateOptions & FILE_DIRECTORY_FILE_LE) {
+ if (req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE) {
+ rc = -EINVAL;
+ goto err_out1;
+ } else if (req->CreateOptions & FILE_NO_COMPRESSION_LE)
+ req->CreateOptions = ~(FILE_NO_COMPRESSION_LE);
+ }
+ }
+
+ if (le32_to_cpu(req->CreateDisposition) >
+ le32_to_cpu(FILE_OVERWRITE_IF_LE)) {
+ ksmbd_err("Invalid create disposition : 0x%x\n",
+ le32_to_cpu(req->CreateDisposition));
+ rc = -EINVAL;
+ goto err_out1;
+ }
+
+ if (!(req->DesiredAccess & DESIRED_ACCESS_MASK)) {
+ ksmbd_err("Invalid disired access : 0x%x\n",
+ le32_to_cpu(req->DesiredAccess));
+ rc = -EACCES;
+ goto err_out1;
+ }
+
+ if (req->FileAttributes &&
+ !(req->FileAttributes & ATTR_MASK_LE)) {
+ ksmbd_err("Invalid file attribute : 0x%x\n",
+ le32_to_cpu(req->FileAttributes));
+ rc = -EINVAL;
+ goto err_out1;
+ }
+
+ if (req->CreateContextsOffset) {
+ /* Parse non-durable handle create contexts */
+ context = smb2_find_context_vals(req, SMB2_CREATE_EA_BUFFER);
+ if (IS_ERR(context)) {
+ rc = check_context_err(context, SMB2_CREATE_EA_BUFFER);
+ if (rc < 0)
+ goto err_out1;
+ } else {
+ ea_buf = (struct create_ea_buf_req *)context;
+ if (req->CreateOptions & FILE_NO_EA_KNOWLEDGE_LE) {
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ rc = -EACCES;
+ goto err_out1;
+ }
+ }
+
+ context = smb2_find_context_vals(req,
+ SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
+ if (IS_ERR(context)) {
+ rc = check_context_err(context,
+ SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
+ if (rc < 0)
+ goto err_out1;
+ } else {
+ ksmbd_debug(SMB,
+ "get query maximal access context\n");
+ maximal_access_ctxt = 1;
+ }
+
+ context = smb2_find_context_vals(req,
+ SMB2_CREATE_TIMEWARP_REQUEST);
+ if (IS_ERR(context)) {
+ rc = check_context_err(context,
+ SMB2_CREATE_TIMEWARP_REQUEST);
+ if (rc < 0)
+ goto err_out1;
+ } else {
+ ksmbd_debug(SMB, "get timewarp context\n");
+ rc = -EBADF;
+ goto err_out1;
+ }
+
+ if (tcon->posix_extensions) {
+ context = smb2_find_context_vals(req,
+ SMB2_CREATE_TAG_POSIX);
+ if (IS_ERR(context)) {
+ rc = check_context_err(context,
+ SMB2_CREATE_TAG_POSIX);
+ if (rc < 0)
+ goto err_out1;
+ } else {
+ struct create_posix *posix =
+ (struct create_posix *)context;
+ ksmbd_debug(SMB, "get posix context\n");
+
+ posix_mode = le32_to_cpu(posix->Mode);
+ posix_ctxt = 1;
+ }
+ }
+ }
+
+ if (ksmbd_override_fsids(work)) {
+ rc = -ENOMEM;
+ goto err_out1;
+ }
+
+ if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE) {
+ /*
+ * On delete request, instead of following up, need to
+ * look the current entity
+ */
+ rc = ksmbd_vfs_kern_path(name, 0, &path, 1);
+ if (!rc) {
+ /*
+ * If file exists with under flags, return access
+ * denied error.
+ */
+ if (req->CreateDisposition == FILE_OVERWRITE_IF_LE ||
+ req->CreateDisposition == FILE_OPEN_IF_LE) {
+ rc = -EACCES;
+ path_put(&path);
+ goto err_out;
+ }
+
+ if (!test_tree_conn_flag(tcon,
+ KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ ksmbd_debug(SMB,
+ "User does not have write permission\n");
+ rc = -EACCES;
+ path_put(&path);
+ goto err_out;
+ }
+ }
+ } else {
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS)) {
+ /*
+ * Use LOOKUP_FOLLOW to follow the path of
+ * symlink in path buildup
+ */
+ rc = ksmbd_vfs_kern_path(name, LOOKUP_FOLLOW, &path, 1);
+ if (rc) { /* Case for broken link ?*/
+ rc = ksmbd_vfs_kern_path(name, 0, &path, 1);
+ }
+ } else {
+ rc = ksmbd_vfs_kern_path(name, 0, &path, 1);
+ if (!rc && d_is_symlink(path.dentry)) {
+ rc = -EACCES;
+ path_put(&path);
+ goto err_out;
+ }
+ }
+ }
+
+ if (rc) {
+ if (rc == -EACCES) {
+ ksmbd_debug(SMB,
+ "User does not have right permission\n");
+ goto err_out;
+ }
+ ksmbd_debug(SMB, "can not get linux path for %s, rc = %d\n",
+ name, rc);
+ rc = 0;
+ } else {
+ file_present = true;
+ generic_fillattr(&init_user_ns, d_inode(path.dentry), &stat);
+ }
+ if (stream_name) {
+ if (req->CreateOptions & FILE_DIRECTORY_FILE_LE) {
+ if (s_type == DATA_STREAM) {
+ rc = -EIO;
+ rsp->hdr.Status = STATUS_NOT_A_DIRECTORY;
+ }
+ } else {
+ if (S_ISDIR(stat.mode) && s_type == DATA_STREAM) {
+ rc = -EIO;
+ rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY;
+ }
+ }
+
+ if (req->CreateOptions & FILE_DIRECTORY_FILE_LE &&
+ req->FileAttributes & ATTR_NORMAL_LE) {
+ rsp->hdr.Status = STATUS_NOT_A_DIRECTORY;
+ rc = -EIO;
+ }
+
+ if (rc < 0)
+ goto err_out;
+ }
+
+ if (file_present && req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE
+ && S_ISDIR(stat.mode) &&
+ !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
+ ksmbd_debug(SMB, "open() argument is a directory: %s, %x\n",
+ name, req->CreateOptions);
+ rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY;
+ rc = -EIO;
+ goto err_out;
+ }
+
+ if (file_present && (req->CreateOptions & FILE_DIRECTORY_FILE_LE) &&
+ !(req->CreateDisposition == FILE_CREATE_LE) &&
+ !S_ISDIR(stat.mode)) {
+ rsp->hdr.Status = STATUS_NOT_A_DIRECTORY;
+ rc = -EIO;
+ goto err_out;
+ }
+
+ if (!stream_name && file_present &&
+ (req->CreateDisposition == FILE_CREATE_LE)) {
+ rc = -EEXIST;
+ goto err_out;
+ }
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_DURABLE_HANDLE &&
+ file_present)
+ file_present = ksmbd_close_inode_fds(work,
+ d_inode(path.dentry));
+
+ daccess = smb_map_generic_desired_access(req->DesiredAccess);
+
+ if (file_present && !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
+ rc = smb_check_perm_dacl(conn, path.dentry, &daccess,
+ sess->user->uid);
+ if (rc)
+ goto err_out;
+ }
+
+ if (daccess & FILE_MAXIMAL_ACCESS_LE) {
+ if (!file_present) {
+ daccess = cpu_to_le32(GENERIC_ALL_FLAGS);
+ } else {
+ rc = ksmbd_vfs_query_maximal_access(path.dentry,
+ &daccess);
+ if (rc)
+ goto err_out;
+ already_permitted = true;
+ }
+ maximal_access = daccess;
+ }
+
+ open_flags = smb2_create_open_flags(file_present,
+ daccess, req->CreateDisposition);
+
+ if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ if (open_flags & O_CREAT) {
+ ksmbd_debug(SMB,
+ "User does not have write permission\n");
+ rc = -EACCES;
+ goto err_out;
+ }
+ }
+
+ /*create file if not present */
+ if (!file_present) {
+ rc = smb2_creat(work, &path, name, open_flags, posix_mode,
+ req->CreateOptions & FILE_DIRECTORY_FILE_LE);
+ if (rc)
+ goto err_out;
+
+ created = true;
+ if (ea_buf) {
+ rc = smb2_set_ea(&ea_buf->ea, &path);
+ if (rc == -EOPNOTSUPP)
+ rc = 0;
+ else if (rc)
+ goto err_out;
+ }
+ } else if (!already_permitted) {
+ bool may_delete;
+
+ may_delete = daccess & FILE_DELETE_LE ||
+ req->CreateOptions & FILE_DELETE_ON_CLOSE_LE;
+
+ /* FILE_READ_ATTRIBUTE is allowed without inode_permission,
+ * because execute(search) permission on a parent directory,
+ * is already granted.
+ */
+ if (daccess & ~(FILE_READ_ATTRIBUTES_LE |
+ FILE_READ_CONTROL_LE)) {
+ if (ksmbd_vfs_inode_permission(path.dentry,
+ open_flags & O_ACCMODE, may_delete)) {
+ rc = -EACCES;
+ goto err_out;
+ }
+ }
+ }
+
+ rc = ksmbd_query_inode_status(d_inode(path.dentry->d_parent));
+ if (rc == KSMBD_INODE_STATUS_PENDING_DELETE) {
+ rc = -EBUSY;
+ goto err_out;
+ }
+
+ rc = 0;
+ filp = dentry_open(&path, open_flags, current_cred());
+ if (IS_ERR(filp)) {
+ rc = PTR_ERR(filp);
+ ksmbd_err("dentry open for dir failed, rc %d\n", rc);
+ goto err_out;
+ }
+
+ if (file_present) {
+ if (!(open_flags & O_TRUNC))
+ file_info = FILE_OPENED;
+ else
+ file_info = FILE_OVERWRITTEN;
+
+ if ((req->CreateDisposition & FILE_CREATE_MASK_LE)
+ == FILE_SUPERSEDE_LE)
+ file_info = FILE_SUPERSEDED;
+ } else if (open_flags & O_CREAT)
+ file_info = FILE_CREATED;
+
+ ksmbd_vfs_set_fadvise(filp, req->CreateOptions);
+
+ /* Obtain Volatile-ID */
+ fp = ksmbd_open_fd(work, filp);
+ if (IS_ERR(fp)) {
+ fput(filp);
+ rc = PTR_ERR(fp);
+ fp = NULL;
+ goto err_out;
+ }
+
+ /* Get Persistent-ID */
+ ksmbd_open_durable_fd(fp);
+ if (!HAS_FILE_ID(fp->persistent_id)) {
+ rc = -ENOMEM;
+ goto err_out;
+ }
+
+ fp->filename = name;
+ fp->cdoption = req->CreateDisposition;
+ fp->daccess = daccess;
+ fp->saccess = req->ShareAccess;
+ fp->coption = req->CreateOptions;
+
+ /* Set default windows and posix acls if creating new file */
+ if (created) {
+ int posix_acl_rc;
+ struct inode *inode = path.dentry->d_inode;
+
+ posix_acl_rc = ksmbd_vfs_inherit_posix_acl(inode, path.dentry->d_parent->d_inode);
+ if (posix_acl_rc)
+ ksmbd_debug(SMB, "inherit posix acl failed : %d\n", posix_acl_rc);
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_ACL_XATTR)) {
+ rc = smb_inherit_dacl(conn, path.dentry, sess->user->uid,
+ sess->user->gid);
+ }
+
+ if (rc) {
+ rc = smb2_create_sd_buffer(work, req, path.dentry);
+ if (rc) {
+ if (posix_acl_rc)
+ ksmbd_vfs_set_init_posix_acl(inode);
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_ACL_XATTR)) {
+ struct smb_fattr fattr;
+ struct smb_ntsd *pntsd;
+ int pntsd_size, ace_num;
+
+ fattr.cf_uid = inode->i_uid;
+ fattr.cf_gid = inode->i_gid;
+ fattr.cf_mode = inode->i_mode;
+ fattr.cf_dacls = NULL;
+
+ fattr.cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
+ ace_num = fattr.cf_acls->a_count;
+ if (S_ISDIR(inode->i_mode)) {
+ fattr.cf_dacls =
+ ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
+ ace_num += fattr.cf_dacls->a_count;
+ }
+
+ pntsd = kmalloc(sizeof(struct smb_ntsd) +
+ sizeof(struct smb_sid)*3 +
+ sizeof(struct smb_acl) +
+ sizeof(struct smb_ace)*ace_num*2,
+ GFP_KERNEL);
+ if (!pntsd)
+ goto err_out;
+
+ rc = build_sec_desc(pntsd, NULL,
+ OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO,
+ &pntsd_size, &fattr);
+ posix_acl_release(fattr.cf_acls);
+ posix_acl_release(fattr.cf_dacls);
+
+ rc = ksmbd_vfs_set_sd_xattr(conn,
+ path.dentry, pntsd, pntsd_size);
+ if (rc)
+ ksmbd_err("failed to store ntacl in xattr : %d\n",
+ rc);
+ }
+ }
+ }
+ rc = 0;
+ }
+
+ if (stream_name) {
+ rc = smb2_set_stream_name_xattr(&path,
+ fp,
+ stream_name,
+ s_type);
+ if (rc)
+ goto err_out;
+ file_info = FILE_CREATED;
+ }
+
+ fp->attrib_only = !(req->DesiredAccess & ~(FILE_READ_ATTRIBUTES_LE |
+ FILE_WRITE_ATTRIBUTES_LE | FILE_SYNCHRONIZE_LE));
+ if (!S_ISDIR(file_inode(filp)->i_mode) && open_flags & O_TRUNC
+ && !fp->attrib_only && !stream_name) {
+ smb_break_all_oplock(work, fp);
+ need_truncate = 1;
+ }
+
+ /* fp should be searchable through ksmbd_inode.m_fp_list
+ * after daccess, saccess, attrib_only, and stream are
+ * initialized.
+ */
+ write_lock(&fp->f_ci->m_lock);
+ list_add(&fp->node, &fp->f_ci->m_fp_list);
+ write_unlock(&fp->f_ci->m_lock);
+
+ rc = ksmbd_vfs_getattr(&path, &stat);
+ if (rc) {
+ generic_fillattr(&init_user_ns, d_inode(path.dentry), &stat);
+ rc = 0;
+ }
+
+ /* Check delete pending among previous fp before oplock break */
+ if (ksmbd_inode_pending_delete(fp)) {
+ rc = -EBUSY;
+ goto err_out;
+ }
+
+ share_ret = ksmbd_smb_check_shared_mode(fp->filp, fp);
+ if (!test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_OPLOCKS) ||
+ (req_op_level == SMB2_OPLOCK_LEVEL_LEASE &&
+ !(conn->vals->capabilities & SMB2_GLOBAL_CAP_LEASING))) {
+ if (share_ret < 0 && !S_ISDIR(FP_INODE(fp)->i_mode)) {
+ rc = share_ret;
+ goto err_out;
+ }
+ } else {
+ if (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) {
+ req_op_level = smb2_map_lease_to_oplock(lc->req_state);
+ ksmbd_debug(SMB,
+ "lease req for(%s) req oplock state 0x%x, lease state 0x%x\n",
+ name, req_op_level, lc->req_state);
+ rc = find_same_lease_key(sess, fp->f_ci, lc);
+ if (rc)
+ goto err_out;
+ } else if (open_flags == O_RDONLY &&
+ (req_op_level == SMB2_OPLOCK_LEVEL_BATCH ||
+ req_op_level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
+ req_op_level = SMB2_OPLOCK_LEVEL_II;
+
+ rc = smb_grant_oplock(work, req_op_level,
+ fp->persistent_id, fp,
+ le32_to_cpu(req->hdr.Id.SyncId.TreeId),
+ lc, share_ret);
+ if (rc < 0)
+ goto err_out;
+ }
+
+ if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)
+ ksmbd_fd_set_delete_on_close(fp, file_info);
+
+ if (need_truncate) {
+ rc = smb2_create_truncate(&path);
+ if (rc)
+ goto err_out;
+ }
+
+ if (req->CreateContextsOffset) {
+ struct create_alloc_size_req *az_req;
+
+ az_req = (struct create_alloc_size_req *)
+ smb2_find_context_vals(req,
+ SMB2_CREATE_ALLOCATION_SIZE);
+ if (IS_ERR(az_req)) {
+ rc = check_context_err(az_req,
+ SMB2_CREATE_ALLOCATION_SIZE);
+ if (rc < 0)
+ goto err_out;
+ } else {
+ loff_t alloc_size = le64_to_cpu(az_req->AllocationSize);
+ int err;
+
+ ksmbd_debug(SMB,
+ "request smb2 create allocate size : %llu\n",
+ alloc_size);
+ err = ksmbd_vfs_alloc_size(work, fp, alloc_size);
+ if (err < 0)
+ ksmbd_debug(SMB,
+ "ksmbd_vfs_alloc_size is failed : %d\n",
+ err);
+ }
+
+ context = smb2_find_context_vals(req,
+ SMB2_CREATE_QUERY_ON_DISK_ID);
+ if (IS_ERR(context)) {
+ rc = check_context_err(context,
+ SMB2_CREATE_QUERY_ON_DISK_ID);
+ if (rc < 0)
+ goto err_out;
+ } else {
+ ksmbd_debug(SMB, "get query on disk id context\n");
+ query_disk_id = 1;
+ }
+ }
+
+ if (stat.result_mask & STATX_BTIME)
+ fp->create_time = ksmbd_UnixTimeToNT(stat.btime);
+ else
+ fp->create_time = ksmbd_UnixTimeToNT(stat.ctime);
+ if (req->FileAttributes || fp->f_ci->m_fattr == 0)
+ fp->f_ci->m_fattr = cpu_to_le32(smb2_get_dos_mode(&stat,
+ le32_to_cpu(req->FileAttributes)));
+
+ if (!created)
+ smb2_update_xattrs(tcon, &path, fp);
+ else
+ smb2_new_xattrs(tcon, &path, fp);
+
+ memcpy(fp->client_guid, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE);
+
+ if (d_info.type) {
+ if (d_info.type == DURABLE_REQ_V2 &&
+ d_info.persistent)
+ fp->is_persistent = 1;
+ else
+ fp->is_durable = 1;
+
+ if (d_info.type == DURABLE_REQ_V2) {
+ memcpy(fp->create_guid, d_info.CreateGuid,
+ SMB2_CREATE_GUID_SIZE);
+ if (d_info.timeout)
+ fp->durable_timeout = d_info.timeout;
+ else
+ fp->durable_timeout = 1600;
+ if (d_info.app_id)
+ memcpy(fp->app_instance_id,
+ d_info.app_id, 16);
+ }
+ }
+
+reconnected:
+ generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+
+ rsp->StructureSize = cpu_to_le16(89);
+ rcu_read_lock();
+ opinfo = rcu_dereference(fp->f_opinfo);
+ rsp->OplockLevel = opinfo != NULL ? opinfo->level : 0;
+ rcu_read_unlock();
+ rsp->Reserved = 0;
+ rsp->CreateAction = cpu_to_le32(file_info);
+ rsp->CreationTime = cpu_to_le64(fp->create_time);
+ time = ksmbd_UnixTimeToNT(stat.atime);
+ rsp->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.mtime);
+ rsp->LastWriteTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.ctime);
+ rsp->ChangeTime = cpu_to_le64(time);
+ rsp->AllocationSize = S_ISDIR(stat.mode) ? 0 :
+ cpu_to_le64(stat.blocks << 9);
+ rsp->EndofFile = S_ISDIR(stat.mode) ? 0 : cpu_to_le64(stat.size);
+ rsp->FileAttributes = fp->f_ci->m_fattr;
+
+ rsp->Reserved2 = 0;
+
+ rsp->PersistentFileId = cpu_to_le64(fp->persistent_id);
+ rsp->VolatileFileId = cpu_to_le64(fp->volatile_id);
+
+ rsp->CreateContextsOffset = 0;
+ rsp->CreateContextsLength = 0;
+ inc_rfc1001_len(rsp_org, 88); /* StructureSize - 1*/
+
+ /* If lease is request send lease context response */
+ if (opinfo && opinfo->is_lease) {
+ struct create_context *lease_ccontext;
+
+ ksmbd_debug(SMB, "lease granted on(%s) lease state 0x%x\n",
+ name, opinfo->o_lease->state);
+ rsp->OplockLevel = SMB2_OPLOCK_LEVEL_LEASE;
+
+ lease_ccontext = (struct create_context *)rsp->Buffer;
+ contxt_cnt++;
+ create_lease_buf(rsp->Buffer, opinfo->o_lease);
+ le32_add_cpu(&rsp->CreateContextsLength,
+ conn->vals->create_lease_size);
+ inc_rfc1001_len(rsp_org, conn->vals->create_lease_size);
+ next_ptr = &lease_ccontext->Next;
+ next_off = conn->vals->create_lease_size;
+ }
+
+ if (d_info.type == DURABLE_REQ || d_info.type == DURABLE_REQ_V2) {
+ struct create_context *durable_ccontext;
+
+ durable_ccontext = (struct create_context *)(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength));
+ contxt_cnt++;
+ if (d_info.type == DURABLE_REQ) {
+ create_durable_rsp_buf(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength));
+ le32_add_cpu(&rsp->CreateContextsLength,
+ conn->vals->create_durable_size);
+ inc_rfc1001_len(rsp_org,
+ conn->vals->create_durable_size);
+ } else {
+ create_durable_v2_rsp_buf(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength),
+ fp);
+ le32_add_cpu(&rsp->CreateContextsLength,
+ conn->vals->create_durable_v2_size);
+ inc_rfc1001_len(rsp_org,
+ conn->vals->create_durable_v2_size);
+ }
+
+ if (next_ptr)
+ *next_ptr = cpu_to_le32(next_off);
+ next_ptr = &durable_ccontext->Next;
+ next_off = conn->vals->create_durable_size;
+ }
+
+ if (maximal_access_ctxt) {
+ struct create_context *mxac_ccontext;
+
+ if (maximal_access == 0)
+ ksmbd_vfs_query_maximal_access(path.dentry,
+ &maximal_access);
+ mxac_ccontext = (struct create_context *)(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength));
+ contxt_cnt++;
+ create_mxac_rsp_buf(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength),
+ le32_to_cpu(maximal_access));
+ le32_add_cpu(&rsp->CreateContextsLength,
+ conn->vals->create_mxac_size);
+ inc_rfc1001_len(rsp_org, conn->vals->create_mxac_size);
+ if (next_ptr)
+ *next_ptr = cpu_to_le32(next_off);
+ next_ptr = &mxac_ccontext->Next;
+ next_off = conn->vals->create_mxac_size;
+ }
+
+ if (query_disk_id) {
+ struct create_context *disk_id_ccontext;
+
+ disk_id_ccontext = (struct create_context *)(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength));
+ contxt_cnt++;
+ create_disk_id_rsp_buf(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength),
+ stat.ino, tcon->id);
+ le32_add_cpu(&rsp->CreateContextsLength,
+ conn->vals->create_disk_id_size);
+ inc_rfc1001_len(rsp_org, conn->vals->create_disk_id_size);
+ if (next_ptr)
+ *next_ptr = cpu_to_le32(next_off);
+ next_ptr = &disk_id_ccontext->Next;
+ next_off = conn->vals->create_disk_id_size;
+ }
+
+ if (posix_ctxt) {
+ struct create_context *posix_ccontext;
+
+ posix_ccontext = (struct create_context *)(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength));
+ contxt_cnt++;
+ create_posix_rsp_buf(rsp->Buffer +
+ le32_to_cpu(rsp->CreateContextsLength),
+ fp);
+ le32_add_cpu(&rsp->CreateContextsLength,
+ conn->vals->create_posix_size);
+ inc_rfc1001_len(rsp_org, conn->vals->create_posix_size);
+ if (next_ptr)
+ *next_ptr = cpu_to_le32(next_off);
+ }
+
+ if (contxt_cnt > 0) {
+ rsp->CreateContextsOffset =
+ cpu_to_le32(offsetof(struct smb2_create_rsp, Buffer)
+ - 4);
+ }
+
+err_out:
+ if (file_present || created)
+ path_put(&path);
+ ksmbd_revert_fsids(work);
+err_out1:
+ if (rc) {
+ if (rc == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else if (rc == -EOPNOTSUPP)
+ rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ else if (rc == -EACCES)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ else if (rc == -ENOENT)
+ rsp->hdr.Status = STATUS_OBJECT_NAME_INVALID;
+ else if (rc == -EPERM)
+ rsp->hdr.Status = STATUS_SHARING_VIOLATION;
+ else if (rc == -EBUSY)
+ rsp->hdr.Status = STATUS_DELETE_PENDING;
+ else if (rc == -EBADF)
+ rsp->hdr.Status = STATUS_OBJECT_NAME_NOT_FOUND;
+ else if (rc == -ENOEXEC)
+ rsp->hdr.Status = STATUS_DUPLICATE_OBJECTID;
+ else if (rc == -ENXIO)
+ rsp->hdr.Status = STATUS_NO_SUCH_DEVICE;
+ else if (rc == -EEXIST)
+ rsp->hdr.Status = STATUS_OBJECT_NAME_COLLISION;
+ else if (rc == -EMFILE)
+ rsp->hdr.Status = STATUS_INSUFFICIENT_RESOURCES;
+ if (!rsp->hdr.Status)
+ rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;
+
+ if (!fp || !fp->filename)
+ kfree(name);
+ if (fp)
+ ksmbd_fd_put(work, fp);
+ smb2_set_err_rsp(work);
+ ksmbd_debug(SMB, "Error response: %x\n", rsp->hdr.Status);
+ }
+
+ kfree(lc);
+
+ return 0;
+}
+
+static int readdir_info_level_struct_sz(int info_level)
+{
+ switch (info_level) {
+ case FILE_FULL_DIRECTORY_INFORMATION:
+ return sizeof(struct file_full_directory_info);
+ case FILE_BOTH_DIRECTORY_INFORMATION:
+ return sizeof(struct file_both_directory_info);
+ case FILE_DIRECTORY_INFORMATION:
+ return sizeof(struct file_directory_info);
+ case FILE_NAMES_INFORMATION:
+ return sizeof(struct file_names_info);
+ case FILEID_FULL_DIRECTORY_INFORMATION:
+ return sizeof(struct file_id_full_dir_info);
+ case FILEID_BOTH_DIRECTORY_INFORMATION:
+ return sizeof(struct file_id_both_directory_info);
+ case SMB_FIND_FILE_POSIX_INFO:
+ return sizeof(struct smb2_posix_info);
+ default:
+ return -EOPNOTSUPP;
+ }
+}
+
+static int dentry_name(struct ksmbd_dir_info *d_info, int info_level)
+{
+ switch (info_level) {
+ case FILE_FULL_DIRECTORY_INFORMATION:
+ {
+ struct file_full_directory_info *ffdinfo;
+
+ ffdinfo = (struct file_full_directory_info *)d_info->rptr;
+ d_info->rptr += le32_to_cpu(ffdinfo->NextEntryOffset);
+ d_info->name = ffdinfo->FileName;
+ d_info->name_len = le32_to_cpu(ffdinfo->FileNameLength);
+ return 0;
+ }
+ case FILE_BOTH_DIRECTORY_INFORMATION:
+ {
+ struct file_both_directory_info *fbdinfo;
+
+ fbdinfo = (struct file_both_directory_info *)d_info->rptr;
+ d_info->rptr += le32_to_cpu(fbdinfo->NextEntryOffset);
+ d_info->name = fbdinfo->FileName;
+ d_info->name_len = le32_to_cpu(fbdinfo->FileNameLength);
+ return 0;
+ }
+ case FILE_DIRECTORY_INFORMATION:
+ {
+ struct file_directory_info *fdinfo;
+
+ fdinfo = (struct file_directory_info *)d_info->rptr;
+ d_info->rptr += le32_to_cpu(fdinfo->NextEntryOffset);
+ d_info->name = fdinfo->FileName;
+ d_info->name_len = le32_to_cpu(fdinfo->FileNameLength);
+ return 0;
+ }
+ case FILE_NAMES_INFORMATION:
+ {
+ struct file_names_info *fninfo;
+
+ fninfo = (struct file_names_info *)d_info->rptr;
+ d_info->rptr += le32_to_cpu(fninfo->NextEntryOffset);
+ d_info->name = fninfo->FileName;
+ d_info->name_len = le32_to_cpu(fninfo->FileNameLength);
+ return 0;
+ }
+ case FILEID_FULL_DIRECTORY_INFORMATION:
+ {
+ struct file_id_full_dir_info *dinfo;
+
+ dinfo = (struct file_id_full_dir_info *)d_info->rptr;
+ d_info->rptr += le32_to_cpu(dinfo->NextEntryOffset);
+ d_info->name = dinfo->FileName;
+ d_info->name_len = le32_to_cpu(dinfo->FileNameLength);
+ return 0;
+ }
+ case FILEID_BOTH_DIRECTORY_INFORMATION:
+ {
+ struct file_id_both_directory_info *fibdinfo;
+
+ fibdinfo = (struct file_id_both_directory_info *)d_info->rptr;
+ d_info->rptr += le32_to_cpu(fibdinfo->NextEntryOffset);
+ d_info->name = fibdinfo->FileName;
+ d_info->name_len = le32_to_cpu(fibdinfo->FileNameLength);
+ return 0;
+ }
+ case SMB_FIND_FILE_POSIX_INFO:
+ {
+ struct smb2_posix_info *posix_info;
+
+ posix_info = (struct smb2_posix_info *)d_info->rptr;
+ d_info->rptr += le32_to_cpu(posix_info->NextEntryOffset);
+ d_info->name = posix_info->name;
+ d_info->name_len = le32_to_cpu(posix_info->name_len);
+ return 0;
+ }
+ default:
+ return -EINVAL;
+ }
+}
+
+/**
+ * smb2_populate_readdir_entry() - encode directory entry in smb2 response
+ * buffer
+ * @conn: connection instance
+ * @info_level: smb information level
+ * @d_info: structure included variables for query dir
+ * @ksmbd_kstat: ksmbd wrapper of dirent stat information
+ *
+ * if directory has many entries, find first can't read it fully.
+ * find next might be called multiple times to read remaining dir entries
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_populate_readdir_entry(struct ksmbd_conn *conn,
+ int info_level,
+ struct ksmbd_dir_info *d_info,
+ struct ksmbd_kstat *ksmbd_kstat)
+{
+ int next_entry_offset = 0;
+ char *conv_name;
+ int conv_len;
+ void *kstat;
+ int struct_sz;
+
+ conv_name = ksmbd_convert_dir_info_name(d_info,
+ conn->local_nls,
+ &conv_len);
+ if (!conv_name)
+ return -ENOMEM;
+
+ /* Somehow the name has only terminating NULL bytes */
+ if (conv_len < 0) {
+ kfree(conv_name);
+ return -EINVAL;
+ }
+
+ struct_sz = readdir_info_level_struct_sz(info_level);
+ next_entry_offset = ALIGN(struct_sz - 1 + conv_len,
+ KSMBD_DIR_INFO_ALIGNMENT);
+
+ if (next_entry_offset > d_info->out_buf_len) {
+ d_info->out_buf_len = 0;
+ return -ENOSPC;
+ }
+
+ kstat = d_info->wptr;
+ if (info_level != FILE_NAMES_INFORMATION)
+ kstat = ksmbd_vfs_init_kstat(&d_info->wptr, ksmbd_kstat);
+
+ switch (info_level) {
+ case FILE_FULL_DIRECTORY_INFORMATION:
+ {
+ struct file_full_directory_info *ffdinfo;
+
+ ffdinfo = (struct file_full_directory_info *)kstat;
+ ffdinfo->FileNameLength = cpu_to_le32(conv_len);
+ ffdinfo->EaSize =
+ smb2_get_reparse_tag_special_file(ksmbd_kstat->kstat->mode);
+ if (ffdinfo->EaSize)
+ ffdinfo->ExtFileAttributes = ATTR_REPARSE_POINT_LE;
+ if (d_info->hide_dot_file && d_info->name[0] == '.')
+ ffdinfo->ExtFileAttributes |= ATTR_HIDDEN_LE;
+ memcpy(ffdinfo->FileName, conv_name, conv_len);
+ ffdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILE_BOTH_DIRECTORY_INFORMATION:
+ {
+ struct file_both_directory_info *fbdinfo;
+
+ fbdinfo = (struct file_both_directory_info *)kstat;
+ fbdinfo->FileNameLength = cpu_to_le32(conv_len);
+ fbdinfo->EaSize =
+ smb2_get_reparse_tag_special_file(ksmbd_kstat->kstat->mode);
+ if (fbdinfo->EaSize)
+ fbdinfo->ExtFileAttributes = ATTR_REPARSE_POINT_LE;
+ fbdinfo->ShortNameLength = 0;
+ fbdinfo->Reserved = 0;
+ if (d_info->hide_dot_file && d_info->name[0] == '.')
+ fbdinfo->ExtFileAttributes |= ATTR_HIDDEN_LE;
+ memcpy(fbdinfo->FileName, conv_name, conv_len);
+ fbdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILE_DIRECTORY_INFORMATION:
+ {
+ struct file_directory_info *fdinfo;
+
+ fdinfo = (struct file_directory_info *)kstat;
+ fdinfo->FileNameLength = cpu_to_le32(conv_len);
+ if (d_info->hide_dot_file && d_info->name[0] == '.')
+ fdinfo->ExtFileAttributes |= ATTR_HIDDEN_LE;
+ memcpy(fdinfo->FileName, conv_name, conv_len);
+ fdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILE_NAMES_INFORMATION:
+ {
+ struct file_names_info *fninfo;
+
+ fninfo = (struct file_names_info *)kstat;
+ fninfo->FileNameLength = cpu_to_le32(conv_len);
+ memcpy(fninfo->FileName, conv_name, conv_len);
+ fninfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILEID_FULL_DIRECTORY_INFORMATION:
+ {
+ struct file_id_full_dir_info *dinfo;
+
+ dinfo = (struct file_id_full_dir_info *)kstat;
+ dinfo->FileNameLength = cpu_to_le32(conv_len);
+ dinfo->EaSize =
+ smb2_get_reparse_tag_special_file(ksmbd_kstat->kstat->mode);
+ if (dinfo->EaSize)
+ dinfo->ExtFileAttributes = ATTR_REPARSE_POINT_LE;
+ dinfo->Reserved = 0;
+ dinfo->UniqueId = cpu_to_le64(ksmbd_kstat->kstat->ino);
+ if (d_info->hide_dot_file && d_info->name[0] == '.')
+ dinfo->ExtFileAttributes |= ATTR_HIDDEN_LE;
+ memcpy(dinfo->FileName, conv_name, conv_len);
+ dinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILEID_BOTH_DIRECTORY_INFORMATION:
+ {
+ struct file_id_both_directory_info *fibdinfo;
+
+ fibdinfo = (struct file_id_both_directory_info *)kstat;
+ fibdinfo->FileNameLength = cpu_to_le32(conv_len);
+ fibdinfo->EaSize =
+ smb2_get_reparse_tag_special_file(ksmbd_kstat->kstat->mode);
+ if (fibdinfo->EaSize)
+ fibdinfo->ExtFileAttributes = ATTR_REPARSE_POINT_LE;
+ fibdinfo->UniqueId = cpu_to_le64(ksmbd_kstat->kstat->ino);
+ fibdinfo->ShortNameLength = 0;
+ fibdinfo->Reserved = 0;
+ fibdinfo->Reserved2 = cpu_to_le16(0);
+ if (d_info->hide_dot_file && d_info->name[0] == '.')
+ fibdinfo->ExtFileAttributes |= ATTR_HIDDEN_LE;
+ memcpy(fibdinfo->FileName, conv_name, conv_len);
+ fibdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case SMB_FIND_FILE_POSIX_INFO:
+ {
+ struct smb2_posix_info *posix_info;
+ u64 time;
+
+ posix_info = (struct smb2_posix_info *)kstat;
+ posix_info->Ignored = 0;
+ posix_info->CreationTime = cpu_to_le64(ksmbd_kstat->create_time);
+ time = ksmbd_UnixTimeToNT(ksmbd_kstat->kstat->ctime);
+ posix_info->ChangeTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(ksmbd_kstat->kstat->atime);
+ posix_info->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(ksmbd_kstat->kstat->mtime);
+ posix_info->LastWriteTime = cpu_to_le64(time);
+ posix_info->EndOfFile = cpu_to_le64(ksmbd_kstat->kstat->size);
+ posix_info->AllocationSize = cpu_to_le64(ksmbd_kstat->kstat->blocks << 9);
+ posix_info->DeviceId = cpu_to_le32(ksmbd_kstat->kstat->rdev);
+ posix_info->HardLinks = cpu_to_le32(ksmbd_kstat->kstat->nlink);
+ posix_info->Mode = cpu_to_le32(ksmbd_kstat->kstat->mode);
+ posix_info->Inode = cpu_to_le64(ksmbd_kstat->kstat->ino);
+ posix_info->DosAttributes =
+ S_ISDIR(ksmbd_kstat->kstat->mode) ? ATTR_DIRECTORY_LE : ATTR_ARCHIVE_LE;
+ if (d_info->hide_dot_file && d_info->name[0] == '.')
+ posix_info->DosAttributes |= ATTR_HIDDEN_LE;
+ id_to_sid(from_kuid(&init_user_ns, ksmbd_kstat->kstat->uid),
+ SIDNFS_USER, (struct smb_sid *)&posix_info->SidBuffer[0]);
+ id_to_sid(from_kgid(&init_user_ns, ksmbd_kstat->kstat->gid),
+ SIDNFS_GROUP, (struct smb_sid *)&posix_info->SidBuffer[20]);
+ memcpy(posix_info->name, conv_name, conv_len);
+ posix_info->name_len = cpu_to_le32(conv_len);
+ posix_info->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+
+ } /* switch (info_level) */
+
+ d_info->last_entry_offset = d_info->data_count;
+ d_info->data_count += next_entry_offset;
+ d_info->wptr += next_entry_offset;
+ kfree(conv_name);
+
+ ksmbd_debug(SMB,
+ "info_level : %d, buf_len :%d, next_offset : %d, data_count : %d\n",
+ info_level, d_info->out_buf_len,
+ next_entry_offset, d_info->data_count);
+
+ return 0;
+}
+
+struct smb2_query_dir_private {
+ struct ksmbd_work *work;
+ char *search_pattern;
+ struct ksmbd_file *dir_fp;
+
+ struct ksmbd_dir_info *d_info;
+ int info_level;
+};
+
+static void lock_dir(struct ksmbd_file *dir_fp)
+{
+ struct dentry *dir = dir_fp->filp->f_path.dentry;
+
+ inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
+}
+
+static void unlock_dir(struct ksmbd_file *dir_fp)
+{
+ struct dentry *dir = dir_fp->filp->f_path.dentry;
+
+ inode_unlock(d_inode(dir));
+}
+
+static int process_query_dir_entries(struct smb2_query_dir_private *priv)
+{
+ struct kstat kstat;
+ struct ksmbd_kstat ksmbd_kstat;
+ int rc;
+ int i;
+
+ for (i = 0; i < priv->d_info->num_entry; i++) {
+ struct dentry *dent;
+
+ if (dentry_name(priv->d_info, priv->info_level))
+ return -EINVAL;
+
+ lock_dir(priv->dir_fp);
+ dent = lookup_one_len(priv->d_info->name,
+ priv->dir_fp->filp->f_path.dentry,
+ priv->d_info->name_len);
+ unlock_dir(priv->dir_fp);
+
+ if (IS_ERR(dent)) {
+ ksmbd_debug(SMB, "Cannot lookup `%s' [%ld]\n",
+ priv->d_info->name,
+ PTR_ERR(dent));
+ continue;
+ }
+ if (unlikely(d_is_negative(dent))) {
+ dput(dent);
+ ksmbd_debug(SMB, "Negative dentry `%s'\n",
+ priv->d_info->name);
+ continue;
+ }
+
+ ksmbd_kstat.kstat = &kstat;
+ if (priv->info_level != FILE_NAMES_INFORMATION)
+ ksmbd_vfs_fill_dentry_attrs(priv->work,
+ dent,
+ &ksmbd_kstat);
+
+ rc = smb2_populate_readdir_entry(priv->work->conn,
+ priv->info_level,
+ priv->d_info,
+ &ksmbd_kstat);
+ dput(dent);
+ if (rc)
+ return rc;
+ }
+ return 0;
+}
+
+static int reserve_populate_dentry(struct ksmbd_dir_info *d_info,
+ int info_level)
+{
+ int struct_sz;
+ int conv_len;
+ int next_entry_offset;
+
+ struct_sz = readdir_info_level_struct_sz(info_level);
+ if (struct_sz == -EOPNOTSUPP)
+ return -EOPNOTSUPP;
+
+ conv_len = (d_info->name_len + 1) * 2;
+ next_entry_offset = ALIGN(struct_sz - 1 + conv_len,
+ KSMBD_DIR_INFO_ALIGNMENT);
+
+ if (next_entry_offset > d_info->out_buf_len) {
+ d_info->out_buf_len = 0;
+ return -ENOSPC;
+ }
+
+ switch (info_level) {
+ case FILE_FULL_DIRECTORY_INFORMATION:
+ {
+ struct file_full_directory_info *ffdinfo;
+
+ ffdinfo = (struct file_full_directory_info *)d_info->wptr;
+ memcpy(ffdinfo->FileName, d_info->name, d_info->name_len);
+ ffdinfo->FileName[d_info->name_len] = 0x00;
+ ffdinfo->FileNameLength = cpu_to_le32(d_info->name_len);
+ ffdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILE_BOTH_DIRECTORY_INFORMATION:
+ {
+ struct file_both_directory_info *fbdinfo;
+
+ fbdinfo = (struct file_both_directory_info *)d_info->wptr;
+ memcpy(fbdinfo->FileName, d_info->name, d_info->name_len);
+ fbdinfo->FileName[d_info->name_len] = 0x00;
+ fbdinfo->FileNameLength = cpu_to_le32(d_info->name_len);
+ fbdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILE_DIRECTORY_INFORMATION:
+ {
+ struct file_directory_info *fdinfo;
+
+ fdinfo = (struct file_directory_info *)d_info->wptr;
+ memcpy(fdinfo->FileName, d_info->name, d_info->name_len);
+ fdinfo->FileName[d_info->name_len] = 0x00;
+ fdinfo->FileNameLength = cpu_to_le32(d_info->name_len);
+ fdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILE_NAMES_INFORMATION:
+ {
+ struct file_names_info *fninfo;
+
+ fninfo = (struct file_names_info *)d_info->wptr;
+ memcpy(fninfo->FileName, d_info->name, d_info->name_len);
+ fninfo->FileName[d_info->name_len] = 0x00;
+ fninfo->FileNameLength = cpu_to_le32(d_info->name_len);
+ fninfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILEID_FULL_DIRECTORY_INFORMATION:
+ {
+ struct file_id_full_dir_info *dinfo;
+
+ dinfo = (struct file_id_full_dir_info *)d_info->wptr;
+ memcpy(dinfo->FileName, d_info->name, d_info->name_len);
+ dinfo->FileName[d_info->name_len] = 0x00;
+ dinfo->FileNameLength = cpu_to_le32(d_info->name_len);
+ dinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case FILEID_BOTH_DIRECTORY_INFORMATION:
+ {
+ struct file_id_both_directory_info *fibdinfo;
+
+ fibdinfo = (struct file_id_both_directory_info *)d_info->wptr;
+ memcpy(fibdinfo->FileName, d_info->name, d_info->name_len);
+ fibdinfo->FileName[d_info->name_len] = 0x00;
+ fibdinfo->FileNameLength = cpu_to_le32(d_info->name_len);
+ fibdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset);
+ break;
+ }
+ case SMB_FIND_FILE_POSIX_INFO:
+ {
+ struct smb2_posix_info *posix_info;
+
+ posix_info = (struct smb2_posix_info *)d_info->wptr;
+ memcpy(posix_info->name, d_info->name, d_info->name_len);
+ posix_info->name[d_info->name_len] = 0x00;
+ posix_info->name_len = cpu_to_le32(d_info->name_len);
+ posix_info->NextEntryOffset =
+ cpu_to_le32(next_entry_offset);
+ break;
+ }
+ } /* switch (info_level) */
+
+ d_info->num_entry++;
+ d_info->out_buf_len -= next_entry_offset;
+ d_info->wptr += next_entry_offset;
+ return 0;
+}
+
+static int __query_dir(struct dir_context *ctx,
+ const char *name,
+ int namlen,
+ loff_t offset,
+ u64 ino,
+ unsigned int d_type)
+{
+ struct ksmbd_readdir_data *buf;
+ struct smb2_query_dir_private *priv;
+ struct ksmbd_dir_info *d_info;
+ int rc;
+
+ buf = container_of(ctx, struct ksmbd_readdir_data, ctx);
+ priv = buf->private;
+ d_info = priv->d_info;
+
+ /* dot and dotdot entries are already reserved */
+ if (!strcmp(".", name) || !strcmp("..", name))
+ return 0;
+ if (ksmbd_share_veto_filename(priv->work->tcon->share_conf, name))
+ return 0;
+ if (!match_pattern(name, priv->search_pattern))
+ return 0;
+
+ d_info->name = name;
+ d_info->name_len = namlen;
+ rc = reserve_populate_dentry(d_info, priv->info_level);
+ if (rc)
+ return rc;
+ if (d_info->flags & SMB2_RETURN_SINGLE_ENTRY) {
+ d_info->out_buf_len = 0;
+ return 0;
+ }
+ return 0;
+}
+
+static void restart_ctx(struct dir_context *ctx)
+{
+ ctx->pos = 0;
+}
+
+static int verify_info_level(int info_level)
+{
+ switch (info_level) {
+ case FILE_FULL_DIRECTORY_INFORMATION:
+ case FILE_BOTH_DIRECTORY_INFORMATION:
+ case FILE_DIRECTORY_INFORMATION:
+ case FILE_NAMES_INFORMATION:
+ case FILEID_FULL_DIRECTORY_INFORMATION:
+ case FILEID_BOTH_DIRECTORY_INFORMATION:
+ case SMB_FIND_FILE_POSIX_INFO:
+ break;
+ default:
+ return -EOPNOTSUPP;
+ }
+
+ return 0;
+}
+
+int smb2_query_dir(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_query_directory_req *req;
+ struct smb2_query_directory_rsp *rsp, *rsp_org;
+ struct ksmbd_share_config *share = work->tcon->share_conf;
+ struct ksmbd_file *dir_fp = NULL;
+ struct ksmbd_dir_info d_info;
+ int rc = 0;
+ char *srch_ptr = NULL;
+ unsigned char srch_flag;
+ int buffer_sz;
+ struct smb2_query_dir_private query_dir_private = {NULL, };
+
+ rsp_org = RESPONSE_BUF(work);
+ WORK_BUFFERS(work, req, rsp);
+
+ if (ksmbd_override_fsids(work)) {
+ rsp->hdr.Status = STATUS_NO_MEMORY;
+ smb2_set_err_rsp(work);
+ return -ENOMEM;
+ }
+
+ rc = verify_info_level(req->FileInformationClass);
+ if (rc) {
+ rc = -EFAULT;
+ goto err_out2;
+ }
+
+ dir_fp = ksmbd_lookup_fd_slow(work,
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
+ if (!dir_fp) {
+ rc = -EBADF;
+ goto err_out2;
+ }
+
+ if (!(dir_fp->daccess & FILE_LIST_DIRECTORY_LE) ||
+ inode_permission(&init_user_ns, file_inode(dir_fp->filp),
+ MAY_READ | MAY_EXEC)) {
+ ksmbd_err("no right to enumerate directory (%s)\n",
+ FP_FILENAME(dir_fp));
+ rc = -EACCES;
+ goto err_out2;
+ }
+
+ if (!S_ISDIR(file_inode(dir_fp->filp)->i_mode)) {
+ ksmbd_err("can't do query dir for a file\n");
+ rc = -EINVAL;
+ goto err_out2;
+ }
+
+ srch_flag = req->Flags;
+ srch_ptr = smb_strndup_from_utf16(req->Buffer,
+ le16_to_cpu(req->FileNameLength), 1,
+ conn->local_nls);
+ if (IS_ERR(srch_ptr)) {
+ ksmbd_debug(SMB, "Search Pattern not found\n");
+ rc = -EINVAL;
+ goto err_out2;
+ } else
+ ksmbd_debug(SMB, "Search pattern is %s\n", srch_ptr);
+
+ ksmbd_debug(SMB, "Directory name is %s\n", dir_fp->filename);
+
+ if (srch_flag & SMB2_REOPEN || srch_flag & SMB2_RESTART_SCANS) {
+ ksmbd_debug(SMB, "Restart directory scan\n");
+ generic_file_llseek(dir_fp->filp, 0, SEEK_SET);
+ restart_ctx(&dir_fp->readdir_data.ctx);
+ }
+
+ memset(&d_info, 0, sizeof(struct ksmbd_dir_info));
+ d_info.wptr = (char *)rsp->Buffer;
+ d_info.rptr = (char *)rsp->Buffer;
+ d_info.out_buf_len = (work->response_sz -
+ (get_rfc1002_len(rsp_org) + 4));
+ d_info.out_buf_len = min_t(int, d_info.out_buf_len,
+ le32_to_cpu(req->OutputBufferLength)) -
+ sizeof(struct smb2_query_directory_rsp);
+ d_info.flags = srch_flag;
+
+ /*
+ * reserve dot and dotdot entries in head of buffer
+ * in first response
+ */
+ rc = ksmbd_populate_dot_dotdot_entries(work, req->FileInformationClass,
+ dir_fp, &d_info, srch_ptr, smb2_populate_readdir_entry);
+ if (rc == -ENOSPC)
+ rc = 0;
+ else if (rc)
+ goto err_out;
+
+ if (test_share_config_flag(share, KSMBD_SHARE_FLAG_HIDE_DOT_FILES))
+ d_info.hide_dot_file = true;
+
+ buffer_sz = d_info.out_buf_len;
+ d_info.rptr = d_info.wptr;
+ query_dir_private.work = work;
+ query_dir_private.search_pattern = srch_ptr;
+ query_dir_private.dir_fp = dir_fp;
+ query_dir_private.d_info = &d_info;
+ query_dir_private.info_level = req->FileInformationClass;
+ dir_fp->readdir_data.private = &query_dir_private;
+ set_ctx_actor(&dir_fp->readdir_data.ctx, __query_dir);
+
+ rc = ksmbd_vfs_readdir(dir_fp->filp, &dir_fp->readdir_data);
+ if (rc == 0)
+ restart_ctx(&dir_fp->readdir_data.ctx);
+ if (rc == -ENOSPC)
+ rc = 0;
+ if (rc)
+ goto err_out;
+
+ d_info.wptr = d_info.rptr;
+ d_info.out_buf_len = buffer_sz;
+ rc = process_query_dir_entries(&query_dir_private);
+ if (rc)
+ goto err_out;
+
+ if (!d_info.data_count && d_info.out_buf_len >= 0) {
+ if (srch_flag & SMB2_RETURN_SINGLE_ENTRY && !is_asterisk(srch_ptr))
+ rsp->hdr.Status = STATUS_NO_SUCH_FILE;
+ else {
+ dir_fp->dot_dotdot[0] = dir_fp->dot_dotdot[1] = 0;
+ rsp->hdr.Status = STATUS_NO_MORE_FILES;
+ }
+ rsp->StructureSize = cpu_to_le16(9);
+ rsp->OutputBufferOffset = cpu_to_le16(0);
+ rsp->OutputBufferLength = cpu_to_le32(0);
+ rsp->Buffer[0] = 0;
+ inc_rfc1001_len(rsp_org, 9);
+ } else {
+ ((struct file_directory_info *)
+ ((char *)rsp->Buffer + d_info.last_entry_offset))
+ ->NextEntryOffset = 0;
+
+ rsp->StructureSize = cpu_to_le16(9);
+ rsp->OutputBufferOffset = cpu_to_le16(72);
+ rsp->OutputBufferLength = cpu_to_le32(d_info.data_count);
+ inc_rfc1001_len(rsp_org, 8 + d_info.data_count);
+ }
+
+ kfree(srch_ptr);
+ ksmbd_fd_put(work, dir_fp);
+ ksmbd_revert_fsids(work);
+ return 0;
+
+err_out:
+ ksmbd_err("error while processing smb2 query dir rc = %d\n", rc);
+ kfree(srch_ptr);
+
+err_out2:
+ if (rc == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else if (rc == -EACCES)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ else if (rc == -ENOENT)
+ rsp->hdr.Status = STATUS_NO_SUCH_FILE;
+ else if (rc == -EBADF)
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ else if (rc == -ENOMEM)
+ rsp->hdr.Status = STATUS_NO_MEMORY;
+ else if (rc == -EFAULT)
+ rsp->hdr.Status = STATUS_INVALID_INFO_CLASS;
+ if (!rsp->hdr.Status)
+ rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;
+
+ smb2_set_err_rsp(work);
+ ksmbd_fd_put(work, dir_fp);
+ ksmbd_revert_fsids(work);
+ return 0;
+}
+
+/**
+ * buffer_check_err() - helper function to check buffer errors
+ * @reqOutputBufferLength: max buffer length expected in command response
+ * @rsp: query info response buffer contains output buffer length
+ * @infoclass_size: query info class response buffer size
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int buffer_check_err(int reqOutputBufferLength,
+ struct smb2_query_info_rsp *rsp, int infoclass_size)
+{
+ if (reqOutputBufferLength < le32_to_cpu(rsp->OutputBufferLength)) {
+ if (reqOutputBufferLength < infoclass_size) {
+ ksmbd_err("Invalid Buffer Size Requested\n");
+ rsp->hdr.Status = STATUS_INFO_LENGTH_MISMATCH;
+ rsp->hdr.smb2_buf_length = cpu_to_be32(
+ sizeof(struct smb2_hdr) - 4);
+ return -EINVAL;
+ }
+
+ ksmbd_debug(SMB, "Buffer Overflow\n");
+ rsp->hdr.Status = STATUS_BUFFER_OVERFLOW;
+ rsp->hdr.smb2_buf_length = cpu_to_be32(
+ sizeof(struct smb2_hdr) - 4
+ + reqOutputBufferLength);
+ rsp->OutputBufferLength = cpu_to_le32(
+ reqOutputBufferLength);
+ }
+ return 0;
+}
+
+static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp)
+{
+ struct smb2_file_standard_info *sinfo;
+
+ sinfo = (struct smb2_file_standard_info *)rsp->Buffer;
+
+ sinfo->AllocationSize = cpu_to_le64(4096);
+ sinfo->EndOfFile = cpu_to_le64(0);
+ sinfo->NumberOfLinks = cpu_to_le32(1);
+ sinfo->DeletePending = 1;
+ sinfo->Directory = 0;
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_standard_info));
+ inc_rfc1001_len(rsp, sizeof(struct smb2_file_standard_info));
+}
+
+static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp,
+ uint64_t num)
+{
+ struct smb2_file_internal_info *file_info;
+
+ file_info = (struct smb2_file_internal_info *)rsp->Buffer;
+
+ /* any unique number */
+ file_info->IndexNumber = cpu_to_le64(num | (1ULL << 63));
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_internal_info));
+ inc_rfc1001_len(rsp, sizeof(struct smb2_file_internal_info));
+}
+
+/**
+ * smb2_info_file_pipe() - handler for smb2 query info on IPC pipe
+ * @work: smb work containing query info command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
+ struct smb2_query_info_req *req, struct smb2_query_info_rsp *rsp)
+{
+ uint64_t id;
+ int rc;
+
+ /*
+ * Windows can sometime send query file info request on
+ * pipe without opening it, checking error condition here
+ */
+ id = le64_to_cpu(req->VolatileFileId);
+ if (!ksmbd_session_rpc_method(sess, id))
+ return -ENOENT;
+
+ ksmbd_debug(SMB, "FileInfoClass %u, FileId 0x%llx\n",
+ req->FileInfoClass, le64_to_cpu(req->VolatileFileId));
+
+ switch (req->FileInfoClass) {
+ case FILE_STANDARD_INFORMATION:
+ get_standard_info_pipe(rsp);
+ rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
+ rsp, FILE_STANDARD_INFORMATION_SIZE);
+ break;
+ case FILE_INTERNAL_INFORMATION:
+ get_internal_info_pipe(rsp, id);
+ rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
+ rsp, FILE_INTERNAL_INFORMATION_SIZE);
+ break;
+ default:
+ ksmbd_debug(SMB, "smb2_info_file_pipe for %u not supported\n",
+ req->FileInfoClass);
+ rc = -EOPNOTSUPP;
+ }
+ return rc;
+}
+
+/**
+ * smb2_get_ea() - handler for smb2 get extended attribute command
+ * @work: smb work containing query info command buffer
+ * @path: path of file/dir to query info command
+ * @rq: get extended attribute request
+ * @resp: response buffer pointer
+ * @resp_org: base response buffer pointer in case of chained response
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_get_ea(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
+{
+ struct smb2_ea_info *eainfo, *prev_eainfo;
+ char *name, *ptr, *xattr_list = NULL, *buf;
+ int rc, name_len, value_len, xattr_list_len, idx;
+ ssize_t buf_free_len, alignment_bytes, next_offset, rsp_data_cnt = 0;
+ struct smb2_ea_info_req *ea_req = NULL;
+ struct path *path;
+
+ if (!(fp->daccess & FILE_READ_EA_LE)) {
+ ksmbd_err("Not permitted to read ext attr : 0x%x\n",
+ fp->daccess);
+ return -EACCES;
+ }
+
+ path = &fp->filp->f_path;
+ /* single EA entry is requested with given user.* name */
+ if (req->InputBufferLength)
+ ea_req = (struct smb2_ea_info_req *)req->Buffer;
+ else {
+ /* need to send all EAs, if no specific EA is requested*/
+ if (le32_to_cpu(req->Flags) & SL_RETURN_SINGLE_ENTRY)
+ ksmbd_debug(SMB,
+ "All EAs are requested but need to send single EA entry in rsp flags 0x%x\n",
+ le32_to_cpu(req->Flags));
+ }
+
+ buf_free_len = work->response_sz -
+ (get_rfc1002_len(rsp_org) + 4) -
+ sizeof(struct smb2_query_info_rsp);
+
+ if (le32_to_cpu(req->OutputBufferLength) < buf_free_len)
+ buf_free_len = le32_to_cpu(req->OutputBufferLength);
+
+ rc = ksmbd_vfs_listxattr(path->dentry, &xattr_list);
+ if (rc < 0) {
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+ goto out;
+ } else if (!rc) { /* there is no EA in the file */
+ ksmbd_debug(SMB, "no ea data in the file\n");
+ goto done;
+ }
+ xattr_list_len = rc;
+
+ ptr = (char *)rsp->Buffer;
+ eainfo = (struct smb2_ea_info *)ptr;
+ prev_eainfo = eainfo;
+ idx = 0;
+
+ while (idx < xattr_list_len) {
+ name = xattr_list + idx;
+ name_len = strlen(name);
+
+ ksmbd_debug(SMB, "%s, len %d\n", name, name_len);
+ idx += name_len + 1;
+
+ /*
+ * CIFS does not support EA other than user.* namespace,
+ * still keep the framework generic, to list other attrs
+ * in future.
+ */
+ if (strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
+ continue;
+
+ if (!strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX,
+ STREAM_PREFIX_LEN))
+ continue;
+
+ if (req->InputBufferLength &&
+ (strncmp(&name[XATTR_USER_PREFIX_LEN],
+ ea_req->name, ea_req->EaNameLength)))
+ continue;
+
+ if (!strncmp(&name[XATTR_USER_PREFIX_LEN],
+ DOS_ATTRIBUTE_PREFIX, DOS_ATTRIBUTE_PREFIX_LEN))
+ continue;
+
+ if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
+ name_len -= XATTR_USER_PREFIX_LEN;
+
+ ptr = (char *)(&eainfo->name + name_len + 1);
+ buf_free_len -= (offsetof(struct smb2_ea_info, name) +
+ name_len + 1);
+ /* bailout if xattr can't fit in buf_free_len */
+ value_len = ksmbd_vfs_getxattr(path->dentry, name, &buf);
+ if (value_len <= 0) {
+ rc = -ENOENT;
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+ goto out;
+ }
+
+ buf_free_len -= value_len;
+ if (buf_free_len < 0) {
+ ksmbd_free(buf);
+ break;
+ }
+
+ memcpy(ptr, buf, value_len);
+ ksmbd_free(buf);
+
+ ptr += value_len;
+ eainfo->Flags = 0;
+ eainfo->EaNameLength = name_len;
+
+ if (!strncmp(name, XATTR_USER_PREFIX,
+ XATTR_USER_PREFIX_LEN))
+ memcpy(eainfo->name, &name[XATTR_USER_PREFIX_LEN],
+ name_len);
+ else
+ memcpy(eainfo->name, name, name_len);
+
+ eainfo->name[name_len] = '\0';
+ eainfo->EaValueLength = cpu_to_le16(value_len);
+ next_offset = offsetof(struct smb2_ea_info, name) +
+ name_len + 1 + value_len;
+
+ /* align next xattr entry at 4 byte bundary */
+ alignment_bytes = ((next_offset + 3) & ~3) - next_offset;
+ if (alignment_bytes) {
+ memset(ptr, '\0', alignment_bytes);
+ ptr += alignment_bytes;
+ next_offset += alignment_bytes;
+ buf_free_len -= alignment_bytes;
+ }
+ eainfo->NextEntryOffset = cpu_to_le32(next_offset);
+ prev_eainfo = eainfo;
+ eainfo = (struct smb2_ea_info *)ptr;
+ rsp_data_cnt += next_offset;
+
+ if (req->InputBufferLength) {
+ ksmbd_debug(SMB, "single entry requested\n");
+ break;
+ }
+ }
+
+ /* no more ea entries */
+ prev_eainfo->NextEntryOffset = 0;
+done:
+ rc = 0;
+ if (rsp_data_cnt == 0)
+ rsp->hdr.Status = STATUS_NO_EAS_ON_FILE;
+ rsp->OutputBufferLength = cpu_to_le32(rsp_data_cnt);
+ inc_rfc1001_len(rsp_org, rsp_data_cnt);
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+ return rc;
+}
+
+static void get_file_access_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_access_info *file_info;
+
+ file_info = (struct smb2_file_access_info *)rsp->Buffer;
+ file_info->AccessFlags = fp->daccess;
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_access_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_access_info));
+}
+
+static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_all_info *basic_info;
+ struct kstat stat;
+ u64 time;
+
+ if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
+ ksmbd_err("no right to read the attributes : 0x%x\n",
+ fp->daccess);
+ return -EACCES;
+ }
+
+ basic_info = (struct smb2_file_all_info *)rsp->Buffer;
+ generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ basic_info->CreationTime = cpu_to_le64(fp->create_time);
+ time = ksmbd_UnixTimeToNT(stat.atime);
+ basic_info->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.mtime);
+ basic_info->LastWriteTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.ctime);
+ basic_info->ChangeTime = cpu_to_le64(time);
+ basic_info->Attributes = fp->f_ci->m_fattr;
+ basic_info->Pad1 = 0;
+ rsp->OutputBufferLength =
+ cpu_to_le32(offsetof(struct smb2_file_all_info,
+ AllocationSize));
+ inc_rfc1001_len(rsp_org, offsetof(struct smb2_file_all_info,
+ AllocationSize));
+ return 0;
+}
+
+static unsigned long long get_allocation_size(struct inode *inode,
+ struct kstat *stat)
+{
+ unsigned long long alloc_size = 0;
+
+ if (!S_ISDIR(stat->mode)) {
+ if ((inode->i_blocks << 9) <= stat->size)
+ alloc_size = stat->size;
+ else
+ alloc_size = inode->i_blocks << 9;
+
+ }
+
+ return alloc_size;
+}
+
+static void get_file_standard_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_standard_info *sinfo;
+ unsigned int delete_pending;
+ struct inode *inode;
+ struct kstat stat;
+
+ inode = FP_INODE(fp);
+ generic_fillattr(&init_user_ns, inode, &stat);
+
+ sinfo = (struct smb2_file_standard_info *)rsp->Buffer;
+ delete_pending = ksmbd_inode_pending_delete(fp);
+
+ sinfo->AllocationSize = cpu_to_le64(get_allocation_size(inode, &stat));
+ sinfo->EndOfFile = S_ISDIR(stat.mode) ? 0 : cpu_to_le64(stat.size);
+ sinfo->NumberOfLinks = cpu_to_le32(get_nlink(&stat) - delete_pending);
+ sinfo->DeletePending = delete_pending;
+ sinfo->Directory = S_ISDIR(stat.mode) ? 1 : 0;
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_standard_info));
+ inc_rfc1001_len(rsp_org,
+ sizeof(struct smb2_file_standard_info));
+}
+
+static void get_file_alignment_info(struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
+{
+ struct smb2_file_alignment_info *file_info;
+
+ file_info = (struct smb2_file_alignment_info *)rsp->Buffer;
+ file_info->AlignmentRequirement = 0;
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_alignment_info));
+ inc_rfc1001_len(rsp_org,
+ sizeof(struct smb2_file_alignment_info));
+}
+
+static int get_file_all_info(struct ksmbd_work *work,
+ struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_file_all_info *file_info;
+ unsigned int delete_pending;
+ struct inode *inode;
+ struct kstat stat;
+ int conv_len;
+ char *filename;
+ u64 time;
+
+ if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
+ ksmbd_debug(SMB, "no right to read the attributes : 0x%x\n",
+ fp->daccess);
+ return -EACCES;
+ }
+
+ filename = convert_to_nt_pathname(fp->filename,
+ work->tcon->share_conf->path);
+ if (!filename)
+ return -ENOMEM;
+
+ inode = FP_INODE(fp);
+ generic_fillattr(&init_user_ns, inode, &stat);
+
+ ksmbd_debug(SMB, "filename = %s\n", filename);
+ delete_pending = ksmbd_inode_pending_delete(fp);
+ file_info = (struct smb2_file_all_info *)rsp->Buffer;
+
+ file_info->CreationTime = cpu_to_le64(fp->create_time);
+ time = ksmbd_UnixTimeToNT(stat.atime);
+ file_info->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.mtime);
+ file_info->LastWriteTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.ctime);
+ file_info->ChangeTime = cpu_to_le64(time);
+ file_info->Attributes = fp->f_ci->m_fattr;
+ file_info->Pad1 = 0;
+ file_info->AllocationSize =
+ cpu_to_le64(get_allocation_size(inode, &stat));
+ file_info->EndOfFile = S_ISDIR(stat.mode) ? 0 : cpu_to_le64(stat.size);
+ file_info->NumberOfLinks =
+ cpu_to_le32(get_nlink(&stat) - delete_pending);
+ file_info->DeletePending = delete_pending;
+ file_info->Directory = S_ISDIR(stat.mode) ? 1 : 0;
+ file_info->Pad2 = 0;
+ file_info->IndexNumber = cpu_to_le64(stat.ino);
+ file_info->EASize = 0;
+ file_info->AccessFlags = fp->daccess;
+ file_info->CurrentByteOffset = cpu_to_le64(fp->filp->f_pos);
+ file_info->Mode = fp->coption;
+ file_info->AlignmentRequirement = 0;
+ conv_len = smbConvertToUTF16((__le16 *)file_info->FileName,
+ filename,
+ PATH_MAX,
+ conn->local_nls,
+ 0);
+ conv_len *= 2;
+ file_info->FileNameLength = cpu_to_le32(conv_len);
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_all_info) + conv_len - 1);
+ kfree(filename);
+ inc_rfc1001_len(rsp_org, le32_to_cpu(rsp->OutputBufferLength));
+ return 0;
+}
+
+static void get_file_alternate_info(struct ksmbd_work *work,
+ struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_file_alt_name_info *file_info;
+ int conv_len;
+ char *filename;
+
+ filename = (char *)FP_FILENAME(fp);
+ file_info = (struct smb2_file_alt_name_info *)rsp->Buffer;
+ conv_len = ksmbd_extract_shortname(conn,
+ filename,
+ file_info->FileName);
+ file_info->FileNameLength = cpu_to_le32(conv_len);
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_alt_name_info) + conv_len);
+ inc_rfc1001_len(rsp_org, le32_to_cpu(rsp->OutputBufferLength));
+}
+
+static void get_file_stream_info(struct ksmbd_work *work,
+ struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_file_stream_info *file_info;
+ char *stream_name, *xattr_list = NULL, *stream_buf;
+ struct kstat stat;
+ struct path *path = &fp->filp->f_path;
+ ssize_t xattr_list_len;
+ int nbytes = 0, streamlen, stream_name_len, next, idx = 0;
+
+ generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ file_info = (struct smb2_file_stream_info *)rsp->Buffer;
+
+ xattr_list_len = ksmbd_vfs_listxattr(path->dentry, &xattr_list);
+ if (xattr_list_len < 0) {
+ goto out;
+ } else if (!xattr_list_len) {
+ ksmbd_debug(SMB, "empty xattr in the file\n");
+ goto out;
+ }
+
+ while (idx < xattr_list_len) {
+ stream_name = xattr_list + idx;
+ streamlen = strlen(stream_name);
+ idx += streamlen + 1;
+
+ ksmbd_debug(SMB, "%s, len %d\n", stream_name, streamlen);
+
+ if (strncmp(&stream_name[XATTR_USER_PREFIX_LEN],
+ STREAM_PREFIX, STREAM_PREFIX_LEN))
+ continue;
+
+ stream_name_len = streamlen - (XATTR_USER_PREFIX_LEN +
+ STREAM_PREFIX_LEN);
+ streamlen = stream_name_len;
+
+ /* plus : size */
+ streamlen += 1;
+ stream_buf = kmalloc(streamlen + 1, GFP_KERNEL);
+ if (!stream_buf)
+ break;
+
+ streamlen = snprintf(stream_buf, streamlen + 1,
+ ":%s", &stream_name[XATTR_NAME_STREAM_LEN]);
+
+ file_info = (struct smb2_file_stream_info *)
+ &rsp->Buffer[nbytes];
+ streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
+ stream_buf,
+ streamlen,
+ conn->local_nls,
+ 0);
+ streamlen *= 2;
+ kfree(stream_buf);
+ file_info->StreamNameLength = cpu_to_le32(streamlen);
+ file_info->StreamSize = cpu_to_le64(stream_name_len);
+ file_info->StreamAllocationSize = cpu_to_le64(stream_name_len);
+
+ next = sizeof(struct smb2_file_stream_info) + streamlen;
+ nbytes += next;
+ file_info->NextEntryOffset = cpu_to_le32(next);
+ }
+
+ if (nbytes) {
+ file_info = (struct smb2_file_stream_info *)
+ &rsp->Buffer[nbytes];
+ streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
+ "::$DATA", 7, conn->local_nls, 0);
+ streamlen *= 2;
+ file_info->StreamNameLength = cpu_to_le32(streamlen);
+ file_info->StreamSize = S_ISDIR(stat.mode) ? 0 :
+ cpu_to_le64(stat.size);
+ file_info->StreamAllocationSize = S_ISDIR(stat.mode) ? 0 :
+ cpu_to_le64(stat.size);
+ nbytes += sizeof(struct smb2_file_stream_info) + streamlen;
+ }
+
+ /* last entry offset should be 0 */
+ file_info->NextEntryOffset = 0;
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+
+ rsp->OutputBufferLength = cpu_to_le32(nbytes);
+ inc_rfc1001_len(rsp_org, nbytes);
+}
+
+static void get_file_internal_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_internal_info *file_info;
+ struct kstat stat;
+
+ generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ file_info = (struct smb2_file_internal_info *)rsp->Buffer;
+ file_info->IndexNumber = cpu_to_le64(stat.ino);
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_internal_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_internal_info));
+}
+
+static int get_file_network_open_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_ntwrk_info *file_info;
+ struct inode *inode;
+ struct kstat stat;
+ u64 time;
+
+ if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
+ ksmbd_err("no right to read the attributes : 0x%x\n",
+ fp->daccess);
+ return -EACCES;
+ }
+
+ file_info = (struct smb2_file_ntwrk_info *)rsp->Buffer;
+
+ inode = FP_INODE(fp);
+ generic_fillattr(&init_user_ns, inode, &stat);
+
+ file_info->CreationTime = cpu_to_le64(fp->create_time);
+ time = ksmbd_UnixTimeToNT(stat.atime);
+ file_info->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.mtime);
+ file_info->LastWriteTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(stat.ctime);
+ file_info->ChangeTime = cpu_to_le64(time);
+ file_info->Attributes = fp->f_ci->m_fattr;
+ file_info->AllocationSize =
+ cpu_to_le64(get_allocation_size(inode, &stat));
+ file_info->EndOfFile = S_ISDIR(stat.mode) ? 0 : cpu_to_le64(stat.size);
+ file_info->Reserved = cpu_to_le32(0);
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_ntwrk_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_ntwrk_info));
+ return 0;
+}
+
+static void get_file_ea_info(struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
+{
+ struct smb2_file_ea_info *file_info;
+
+ file_info = (struct smb2_file_ea_info *)rsp->Buffer;
+ file_info->EASize = 0;
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_ea_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_ea_info));
+}
+
+static void get_file_position_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_pos_info *file_info;
+
+ file_info = (struct smb2_file_pos_info *)rsp->Buffer;
+ file_info->CurrentByteOffset = cpu_to_le64(fp->filp->f_pos);
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_pos_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_pos_info));
+}
+
+static void get_file_mode_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_mode_info *file_info;
+
+ file_info = (struct smb2_file_mode_info *)rsp->Buffer;
+ file_info->Mode = fp->coption & FILE_MODE_INFO_MASK;
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_mode_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_mode_info));
+}
+
+static void get_file_compression_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_comp_info *file_info;
+ struct kstat stat;
+
+ generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+
+ file_info = (struct smb2_file_comp_info *)rsp->Buffer;
+ file_info->CompressedFileSize = cpu_to_le64(stat.blocks << 9);
+ file_info->CompressionFormat = COMPRESSION_FORMAT_NONE;
+ file_info->CompressionUnitShift = 0;
+ file_info->ChunkShift = 0;
+ file_info->ClusterShift = 0;
+ memset(&file_info->Reserved[0], 0, 3);
+
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_comp_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_comp_info));
+}
+
+static int get_file_attribute_tag_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb2_file_attr_tag_info *file_info;
+
+ if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
+ ksmbd_err("no right to read the attributes : 0x%x\n",
+ fp->daccess);
+ return -EACCES;
+ }
+
+ file_info = (struct smb2_file_attr_tag_info *)rsp->Buffer;
+ file_info->FileAttributes = fp->f_ci->m_fattr;
+ file_info->ReparseTag = 0;
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb2_file_attr_tag_info));
+ inc_rfc1001_len(rsp_org,
+ sizeof(struct smb2_file_attr_tag_info));
+ return 0;
+}
+
+static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
+{
+ struct smb311_posix_qinfo *file_info;
+ struct inode *inode = FP_INODE(fp);
+ u64 time;
+
+ file_info = (struct smb311_posix_qinfo *)rsp->Buffer;
+ file_info->CreationTime = cpu_to_le64(fp->create_time);
+ time = ksmbd_UnixTimeToNT(inode->i_atime);
+ file_info->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(inode->i_mtime);
+ file_info->LastWriteTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(inode->i_ctime);
+ file_info->ChangeTime = cpu_to_le64(time);
+ file_info->DosAttributes = fp->f_ci->m_fattr;
+ file_info->Inode = cpu_to_le64(inode->i_ino);
+ file_info->EndOfFile = cpu_to_le64(inode->i_size);
+ file_info->AllocationSize = cpu_to_le64(inode->i_blocks << 9);
+ file_info->HardLinks = cpu_to_le32(inode->i_nlink);
+ file_info->Mode = cpu_to_le32(inode->i_mode);
+ file_info->DeviceId = cpu_to_le32(inode->i_rdev);
+ rsp->OutputBufferLength =
+ cpu_to_le32(sizeof(struct smb311_posix_qinfo));
+ inc_rfc1001_len(rsp_org,
+ sizeof(struct smb311_posix_qinfo));
+ return 0;
+}
+
+/**
+ * smb2_get_info_file() - handler for smb2 query info command
+ * @work: smb work containing query info request buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_get_info_file(struct ksmbd_work *work,
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
+{
+ struct ksmbd_file *fp;
+ int fileinfoclass = 0;
+ int rc = 0;
+ int file_infoclass_size;
+ unsigned int id = KSMBD_NO_FID, pid = KSMBD_NO_FID;
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_PIPE)) {
+ /* smb2 info file called for pipe */
+ return smb2_get_info_file_pipe(work->sess, req, rsp);
+ }
+
+ if (work->next_smb2_rcv_hdr_off) {
+ if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ work->compound_fid);
+ id = work->compound_fid;
+ pid = work->compound_pfid;
+ }
+ }
+
+ if (!HAS_FILE_ID(id)) {
+ id = le64_to_cpu(req->VolatileFileId);
+ pid = le64_to_cpu(req->PersistentFileId);
+ }
+
+ fp = ksmbd_lookup_fd_slow(work, id, pid);
+ if (!fp)
+ return -ENOENT;
+
+ fileinfoclass = req->FileInfoClass;
+
+ switch (fileinfoclass) {
+ case FILE_ACCESS_INFORMATION:
+ get_file_access_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_ACCESS_INFORMATION_SIZE;
+ break;
+
+ case FILE_BASIC_INFORMATION:
+ rc = get_file_basic_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_BASIC_INFORMATION_SIZE;
+ break;
+
+ case FILE_STANDARD_INFORMATION:
+ get_file_standard_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_STANDARD_INFORMATION_SIZE;
+ break;
+
+ case FILE_ALIGNMENT_INFORMATION:
+ get_file_alignment_info(rsp, rsp_org);
+ file_infoclass_size = FILE_ALIGNMENT_INFORMATION_SIZE;
+ break;
+
+ case FILE_ALL_INFORMATION:
+ rc = get_file_all_info(work, rsp, fp, rsp_org);
+ file_infoclass_size = FILE_ALL_INFORMATION_SIZE;
+ break;
+
+ case FILE_ALTERNATE_NAME_INFORMATION:
+ get_file_alternate_info(work, rsp, fp, rsp_org);
+ file_infoclass_size = FILE_ALTERNATE_NAME_INFORMATION_SIZE;
+ break;
+
+ case FILE_STREAM_INFORMATION:
+ get_file_stream_info(work, rsp, fp, rsp_org);
+ file_infoclass_size = FILE_STREAM_INFORMATION_SIZE;
+ break;
+
+ case FILE_INTERNAL_INFORMATION:
+ get_file_internal_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_INTERNAL_INFORMATION_SIZE;
+ break;
+
+ case FILE_NETWORK_OPEN_INFORMATION:
+ rc = get_file_network_open_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_NETWORK_OPEN_INFORMATION_SIZE;
+ break;
+
+ case FILE_EA_INFORMATION:
+ get_file_ea_info(rsp, rsp_org);
+ file_infoclass_size = FILE_EA_INFORMATION_SIZE;
+ break;
+
+ case FILE_FULL_EA_INFORMATION:
+ rc = smb2_get_ea(work, fp, req, rsp, rsp_org);
+ file_infoclass_size = FILE_FULL_EA_INFORMATION_SIZE;
+ break;
+
+ case FILE_POSITION_INFORMATION:
+ get_file_position_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_POSITION_INFORMATION_SIZE;
+ break;
+
+ case FILE_MODE_INFORMATION:
+ get_file_mode_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_MODE_INFORMATION_SIZE;
+ break;
+
+ case FILE_COMPRESSION_INFORMATION:
+ get_file_compression_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_COMPRESSION_INFORMATION_SIZE;
+ break;
+
+ case FILE_ATTRIBUTE_TAG_INFORMATION:
+ rc = get_file_attribute_tag_info(rsp, fp, rsp_org);
+ file_infoclass_size = FILE_ATTRIBUTE_TAG_INFORMATION_SIZE;
+ break;
+ case SMB_FIND_FILE_POSIX_INFO:
+ if (!work->tcon->posix_extensions) {
+ ksmbd_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
+ rc = -EOPNOTSUPP;
+ } else {
+ rc = find_file_posix_info(rsp, fp, rsp_org);
+ file_infoclass_size = sizeof(struct smb311_posix_qinfo);
+ }
+ break;
+ default:
+ ksmbd_debug(SMB, "fileinfoclass %d not supported yet\n",
+ fileinfoclass);
+ rc = -EOPNOTSUPP;
+ }
+ if (!rc)
+ rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
+ rsp,
+ file_infoclass_size);
+ ksmbd_fd_put(work, fp);
+ return rc;
+}
+
+/**
+ * smb2_get_info_filesystem() - handler for smb2 query info command
+ * @work: smb work containing query info request buffer
+ *
+ * Return: 0 on success, otherwise error
+ * TODO: need to implement STATUS_INFO_LENGTH_MISMATCH error handling
+ */
+static int smb2_get_info_filesystem(struct ksmbd_work *work,
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
+{
+ struct ksmbd_session *sess = work->sess;
+ struct ksmbd_conn *conn = sess->conn;
+ struct ksmbd_share_config *share = work->tcon->share_conf;
+ int fsinfoclass = 0;
+ struct kstatfs stfs;
+ struct path path;
+ int rc = 0, len;
+ int fs_infoclass_size = 0;
+
+ rc = ksmbd_vfs_kern_path(share->path, LOOKUP_FOLLOW, &path, 0);
+ if (rc) {
+ ksmbd_err("cannot create vfs path\n");
+ return -EIO;
+ }
+
+ rc = vfs_statfs(&path, &stfs);
+ if (rc) {
+ ksmbd_err("cannot do stat of path %s\n", share->path);
+ path_put(&path);
+ return -EIO;
+ }
+
+ fsinfoclass = req->FileInfoClass;
+
+ switch (fsinfoclass) {
+ case FS_DEVICE_INFORMATION:
+ {
+ struct filesystem_device_info *info;
+
+ info = (struct filesystem_device_info *)rsp->Buffer;
+
+ info->DeviceType = cpu_to_le32(stfs.f_type);
+ info->DeviceCharacteristics = cpu_to_le32(0x00000020);
+ rsp->OutputBufferLength = cpu_to_le32(8);
+ inc_rfc1001_len(rsp_org, 8);
+ fs_infoclass_size = FS_DEVICE_INFORMATION_SIZE;
+ break;
+ }
+ case FS_ATTRIBUTE_INFORMATION:
+ {
+ struct filesystem_attribute_info *info;
+ size_t sz;
+
+ info = (struct filesystem_attribute_info *)rsp->Buffer;
+ info->Attributes = cpu_to_le32(FILE_SUPPORTS_OBJECT_IDS |
+ FILE_PERSISTENT_ACLS |
+ FILE_UNICODE_ON_DISK |
+ FILE_CASE_PRESERVED_NAMES |
+ FILE_CASE_SENSITIVE_SEARCH);
+
+ info->Attributes |= cpu_to_le32(server_conf.share_fake_fscaps);
+
+ info->MaxPathNameComponentLength = cpu_to_le32(stfs.f_namelen);
+ len = smbConvertToUTF16((__le16 *)info->FileSystemName,
+ "NTFS", PATH_MAX, conn->local_nls, 0);
+ len = len * 2;
+ info->FileSystemNameLen = cpu_to_le32(len);
+ sz = sizeof(struct filesystem_attribute_info) - 2 + len;
+ rsp->OutputBufferLength = cpu_to_le32(sz);
+ inc_rfc1001_len(rsp_org, sz);
+ fs_infoclass_size = FS_ATTRIBUTE_INFORMATION_SIZE;
+ break;
+ }
+ case FS_VOLUME_INFORMATION:
+ {
+ struct filesystem_vol_info *info;
+ size_t sz;
+
+ info = (struct filesystem_vol_info *)(rsp->Buffer);
+ info->VolumeCreationTime = 0;
+ /* Taking dummy value of serial number*/
+ info->SerialNumber = cpu_to_le32(0xbc3ac512);
+ len = smbConvertToUTF16((__le16 *)info->VolumeLabel,
+ share->name, PATH_MAX,
+ conn->local_nls, 0);
+ len = len * 2;
+ info->VolumeLabelSize = cpu_to_le32(len);
+ info->Reserved = 0;
+ sz = sizeof(struct filesystem_vol_info) - 2 + len;
+ rsp->OutputBufferLength = cpu_to_le32(sz);
+ inc_rfc1001_len(rsp_org, sz);
+ fs_infoclass_size = FS_VOLUME_INFORMATION_SIZE;
+ break;
+ }
+ case FS_SIZE_INFORMATION:
+ {
+ struct filesystem_info *info;
+ unsigned short logical_sector_size;
+
+ info = (struct filesystem_info *)(rsp->Buffer);
+ logical_sector_size =
+ ksmbd_vfs_logical_sector_size(d_inode(path.dentry));
+
+ info->TotalAllocationUnits = cpu_to_le64(stfs.f_blocks);
+ info->FreeAllocationUnits = cpu_to_le64(stfs.f_bfree);
+ info->SectorsPerAllocationUnit = cpu_to_le32(stfs.f_bsize >> 9);
+ info->BytesPerSector = cpu_to_le32(logical_sector_size);
+ rsp->OutputBufferLength = cpu_to_le32(24);
+ inc_rfc1001_len(rsp_org, 24);
+ fs_infoclass_size = FS_SIZE_INFORMATION_SIZE;
+ break;
+ }
+ case FS_FULL_SIZE_INFORMATION:
+ {
+ struct smb2_fs_full_size_info *info;
+ unsigned short logical_sector_size;
+
+ info = (struct smb2_fs_full_size_info *)(rsp->Buffer);
+ logical_sector_size =
+ ksmbd_vfs_logical_sector_size(d_inode(path.dentry));
+
+ info->TotalAllocationUnits = cpu_to_le64(stfs.f_blocks);
+ info->CallerAvailableAllocationUnits =
+ cpu_to_le64(stfs.f_bavail);
+ info->ActualAvailableAllocationUnits =
+ cpu_to_le64(stfs.f_bfree);
+ info->SectorsPerAllocationUnit = cpu_to_le32(stfs.f_bsize >> 9);
+ info->BytesPerSector = cpu_to_le32(logical_sector_size);
+ rsp->OutputBufferLength = cpu_to_le32(32);
+ inc_rfc1001_len(rsp_org, 32);
+ fs_infoclass_size = FS_FULL_SIZE_INFORMATION_SIZE;
+ break;
+ }
+ case FS_OBJECT_ID_INFORMATION:
+ {
+ struct object_id_info *info;
+
+ info = (struct object_id_info *)(rsp->Buffer);
+
+ if (!user_guest(sess->user))
+ memcpy(info->objid, user_passkey(sess->user), 16);
+ else
+ memset(info->objid, 0, 16);
+
+ info->extended_info.magic = cpu_to_le32(EXTENDED_INFO_MAGIC);
+ info->extended_info.version = cpu_to_le32(1);
+ info->extended_info.release = cpu_to_le32(1);
+ info->extended_info.rel_date = 0;
+ memcpy(info->extended_info.version_string,
+ "1.1.0",
+ strlen("1.1.0"));
+ rsp->OutputBufferLength = cpu_to_le32(64);
+ inc_rfc1001_len(rsp_org, 64);
+ fs_infoclass_size = FS_OBJECT_ID_INFORMATION_SIZE;
+ break;
+ }
+ case FS_SECTOR_SIZE_INFORMATION:
+ {
+ struct smb3_fs_ss_info *info;
+ struct ksmbd_fs_sector_size fs_ss;
+
+ info = (struct smb3_fs_ss_info *)(rsp->Buffer);
+ ksmbd_vfs_smb2_sector_size(d_inode(path.dentry), &fs_ss);
+
+ info->LogicalBytesPerSector =
+ cpu_to_le32(fs_ss.logical_sector_size);
+ info->PhysicalBytesPerSectorForAtomicity =
+ cpu_to_le32(fs_ss.physical_sector_size);
+ info->PhysicalBytesPerSectorForPerf =
+ cpu_to_le32(fs_ss.optimal_io_size);
+ info->FSEffPhysicalBytesPerSectorForAtomicity =
+ cpu_to_le32(fs_ss.optimal_io_size);
+ info->Flags = cpu_to_le32(SSINFO_FLAGS_ALIGNED_DEVICE |
+ SSINFO_FLAGS_PARTITION_ALIGNED_ON_DEVICE);
+ info->ByteOffsetForSectorAlignment = 0;
+ info->ByteOffsetForPartitionAlignment = 0;
+ rsp->OutputBufferLength = cpu_to_le32(28);
+ inc_rfc1001_len(rsp_org, 28);
+ fs_infoclass_size = FS_SECTOR_SIZE_INFORMATION_SIZE;
+ break;
+ }
+ case FS_CONTROL_INFORMATION:
+ {
+ /*
+ * TODO : The current implementation is based on
+ * test result with win7(NTFS) server. It's need to
+ * modify this to get valid Quota values
+ * from Linux kernel
+ */
+ struct smb2_fs_control_info *info;
+
+ info = (struct smb2_fs_control_info *)(rsp->Buffer);
+ info->FreeSpaceStartFiltering = 0;
+ info->FreeSpaceThreshold = 0;
+ info->FreeSpaceStopFiltering = 0;
+ info->DefaultQuotaThreshold = cpu_to_le64(SMB2_NO_FID);
+ info->DefaultQuotaLimit = cpu_to_le64(SMB2_NO_FID);
+ info->Padding = 0;
+ rsp->OutputBufferLength = cpu_to_le32(48);
+ inc_rfc1001_len(rsp_org, 48);
+ fs_infoclass_size = FS_CONTROL_INFORMATION_SIZE;
+ break;
+ }
+ case FS_POSIX_INFORMATION:
+ {
+ struct filesystem_posix_info *info;
+ unsigned short logical_sector_size;
+
+ if (!work->tcon->posix_extensions) {
+ ksmbd_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
+ rc = -EOPNOTSUPP;
+ } else {
+ info = (struct filesystem_posix_info *)(rsp->Buffer);
+ logical_sector_size =
+ ksmbd_vfs_logical_sector_size(d_inode(path.dentry));
+ info->OptimalTransferSize = cpu_to_le32(logical_sector_size);
+ info->BlockSize = cpu_to_le32(stfs.f_bsize);
+ info->TotalBlocks = cpu_to_le64(stfs.f_blocks);
+ info->BlocksAvail = cpu_to_le64(stfs.f_bfree);
+ info->UserBlocksAvail = cpu_to_le64(stfs.f_bavail);
+ info->TotalFileNodes = cpu_to_le64(stfs.f_files);
+ info->FreeFileNodes = cpu_to_le64(stfs.f_ffree);
+ rsp->OutputBufferLength = cpu_to_le32(56);
+ inc_rfc1001_len(rsp_org, 56);
+ fs_infoclass_size = FS_POSIX_INFORMATION_SIZE;
+ }
+ break;
+ }
+ default:
+ path_put(&path);
+ return -EOPNOTSUPP;
+ }
+ rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
+ rsp,
+ fs_infoclass_size);
+ path_put(&path);
+ return rc;
+}
+
+static int smb2_get_info_sec(struct ksmbd_work *work,
+ struct smb2_query_info_req *req, struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
+{
+ struct ksmbd_file *fp;
+ struct smb_ntsd *pntsd = (struct smb_ntsd *)rsp->Buffer, *ppntsd = NULL;
+ struct smb_fattr fattr = {{0}};
+ struct inode *inode;
+ __u32 secdesclen;
+ unsigned int id = KSMBD_NO_FID, pid = KSMBD_NO_FID;
+ int addition_info = le32_to_cpu(req->AdditionalInformation);
+ int rc;
+
+ if (work->next_smb2_rcv_hdr_off) {
+ if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ work->compound_fid);
+ id = work->compound_fid;
+ pid = work->compound_pfid;
+ }
+ }
+
+ if (!HAS_FILE_ID(id)) {
+ id = le64_to_cpu(req->VolatileFileId);
+ pid = le64_to_cpu(req->PersistentFileId);
+ }
+
+ fp = ksmbd_lookup_fd_slow(work, id, pid);
+ if (!fp)
+ return -ENOENT;
+
+ inode = FP_INODE(fp);
+ fattr.cf_uid = inode->i_uid;
+ fattr.cf_gid = inode->i_gid;
+ fattr.cf_mode = inode->i_mode;
+ fattr.cf_dacls = NULL;
+
+ fattr.cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
+ if (S_ISDIR(inode->i_mode))
+ fattr.cf_dacls = ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_ACL_XATTR))
+ ksmbd_vfs_get_sd_xattr(work->conn, fp->filp->f_path.dentry, &ppntsd);
+
+ rc = build_sec_desc(pntsd, ppntsd, addition_info, &secdesclen, &fattr);
+ posix_acl_release(fattr.cf_acls);
+ posix_acl_release(fattr.cf_dacls);
+ kfree(ppntsd);
+ ksmbd_fd_put(work, fp);
+ if (rc)
+ return rc;
+
+ rsp->OutputBufferLength = cpu_to_le32(secdesclen);
+ inc_rfc1001_len(rsp_org, secdesclen);
+ return 0;
+}
+
+/**
+ * smb2_query_info() - handler for smb2 query info command
+ * @work: smb work containing query info request buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_query_info(struct ksmbd_work *work)
+{
+ struct smb2_query_info_req *req;
+ struct smb2_query_info_rsp *rsp, *rsp_org;
+ int rc = 0;
+
+ rsp_org = RESPONSE_BUF(work);
+ WORK_BUFFERS(work, req, rsp);
+
+ ksmbd_debug(SMB, "GOT query info request\n");
+
+ switch (req->InfoType) {
+ case SMB2_O_INFO_FILE:
+ ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILE\n");
+ rc = smb2_get_info_file(work, req, rsp, (void *)rsp_org);
+ break;
+ case SMB2_O_INFO_FILESYSTEM:
+ ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILESYSTEM\n");
+ rc = smb2_get_info_filesystem(work, req, rsp, (void *)rsp_org);
+ break;
+ case SMB2_O_INFO_SECURITY:
+ ksmbd_debug(SMB, "GOT SMB2_O_INFO_SECURITY\n");
+ rc = smb2_get_info_sec(work, req, rsp, (void *)rsp_org);
+ break;
+ default:
+ ksmbd_debug(SMB, "InfoType %d not supported yet\n",
+ req->InfoType);
+ rc = -EOPNOTSUPP;
+ }
+
+ if (rc < 0) {
+ if (rc == -EACCES)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ else if (rc == -ENOENT)
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ else if (rc == -EIO)
+ rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;
+ else if (rc == -EOPNOTSUPP || rsp->hdr.Status == 0)
+ rsp->hdr.Status = STATUS_INVALID_INFO_CLASS;
+ smb2_set_err_rsp(work);
+
+ ksmbd_debug(SMB, "error while processing smb2 query rc = %d\n",
+ rc);
+ return rc;
+ }
+ rsp->StructureSize = cpu_to_le16(9);
+ rsp->OutputBufferOffset = cpu_to_le16(72);
+ inc_rfc1001_len(rsp_org, 8);
+ return 0;
+}
+
+/**
+ * smb2_close_pipe() - handler for closing IPC pipe
+ * @work: smb work containing close request buffer
+ *
+ * Return: 0
+ */
+static noinline int smb2_close_pipe(struct ksmbd_work *work)
+{
+ uint64_t id;
+ struct smb2_close_req *req = REQUEST_BUF(work);
+ struct smb2_close_rsp *rsp = RESPONSE_BUF(work);
+
+ id = le64_to_cpu(req->VolatileFileId);
+ ksmbd_session_rpc_close(work->sess, id);
+
+ rsp->StructureSize = cpu_to_le16(60);
+ rsp->Flags = 0;
+ rsp->Reserved = 0;
+ rsp->CreationTime = 0;
+ rsp->LastAccessTime = 0;
+ rsp->LastWriteTime = 0;
+ rsp->ChangeTime = 0;
+ rsp->AllocationSize = 0;
+ rsp->EndOfFile = 0;
+ rsp->Attributes = 0;
+ inc_rfc1001_len(rsp, 60);
+ return 0;
+}
+
+/**
+ * smb2_close() - handler for smb2 close file command
+ * @work: smb work containing close request buffer
+ *
+ * Return: 0
+ */
+int smb2_close(struct ksmbd_work *work)
+{
+ unsigned int volatile_id = KSMBD_NO_FID;
+ uint64_t sess_id;
+ struct smb2_close_req *req;
+ struct smb2_close_rsp *rsp;
+ struct smb2_close_rsp *rsp_org;
+ struct ksmbd_conn *conn = work->conn;
+ struct ksmbd_file *fp;
+ struct inode *inode;
+ u64 time;
+ int err = 0;
+
+ rsp_org = RESPONSE_BUF(work);
+ WORK_BUFFERS(work, req, rsp);
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_PIPE)) {
+ ksmbd_debug(SMB, "IPC pipe close request\n");
+ return smb2_close_pipe(work);
+ }
+
+ sess_id = le64_to_cpu(req->hdr.SessionId);
+ if (req->hdr.Flags & SMB2_FLAGS_RELATED_OPERATIONS)
+ sess_id = work->compound_sid;
+
+ work->compound_sid = 0;
+ if (check_session_id(conn, sess_id))
+ work->compound_sid = sess_id;
+ else {
+ rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
+ if (req->hdr.Flags & SMB2_FLAGS_RELATED_OPERATIONS)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ err = -EBADF;
+ goto out;
+ }
+
+ if (work->next_smb2_rcv_hdr_off &&
+ !HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
+ if (!HAS_FILE_ID(work->compound_fid)) {
+ /* file already closed, return FILE_CLOSED */
+ ksmbd_debug(SMB, "file already closed\n");
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ err = -EBADF;
+ goto out;
+ } else {
+ ksmbd_debug(SMB, "Compound request set FID = %u:%u\n",
+ work->compound_fid,
+ work->compound_pfid);
+ volatile_id = work->compound_fid;
+
+ /* file closed, stored id is not valid anymore */
+ work->compound_fid = KSMBD_NO_FID;
+ work->compound_pfid = KSMBD_NO_FID;
+ }
+ } else {
+ volatile_id = le64_to_cpu(req->VolatileFileId);
+ }
+ ksmbd_debug(SMB, "volatile_id = %u\n", volatile_id);
+
+ rsp->StructureSize = cpu_to_le16(60);
+ rsp->Reserved = 0;
+
+ if (req->Flags == SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB) {
+ fp = ksmbd_lookup_fd_fast(work, volatile_id);
+ if (!fp) {
+ err = -ENOENT;
+ goto out;
+ }
+
+ inode = FP_INODE(fp);
+ rsp->Flags = SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB;
+ rsp->AllocationSize = S_ISDIR(inode->i_mode) ? 0 :
+ cpu_to_le64(inode->i_blocks << 9);
+ rsp->EndOfFile = cpu_to_le64(inode->i_size);
+ rsp->Attributes = fp->f_ci->m_fattr;
+ rsp->CreationTime = cpu_to_le64(fp->create_time);
+ time = ksmbd_UnixTimeToNT(inode->i_atime);
+ rsp->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(inode->i_mtime);
+ rsp->LastWriteTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(inode->i_ctime);
+ rsp->ChangeTime = cpu_to_le64(time);
+ ksmbd_fd_put(work, fp);
+ } else {
+ rsp->Flags = 0;
+ rsp->AllocationSize = 0;
+ rsp->EndOfFile = 0;
+ rsp->Attributes = 0;
+ rsp->CreationTime = 0;
+ rsp->LastAccessTime = 0;
+ rsp->LastWriteTime = 0;
+ rsp->ChangeTime = 0;
+ }
+
+ err = ksmbd_close_fd(work, volatile_id);
+out:
+ if (err) {
+ if (rsp->hdr.Status == 0)
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ smb2_set_err_rsp(work);
+ } else {
+ inc_rfc1001_len(rsp_org, 60);
+ }
+
+ return 0;
+}
+
+/**
+ * smb2_echo() - handler for smb2 echo(ping) command
+ * @work: smb work containing echo request buffer
+ *
+ * Return: 0
+ */
+int smb2_echo(struct ksmbd_work *work)
+{
+ struct smb2_echo_rsp *rsp = RESPONSE_BUF(work);
+
+ rsp->StructureSize = cpu_to_le16(4);
+ rsp->Reserved = 0;
+ inc_rfc1001_len(rsp, 4);
+ return 0;
+}
+
+/**
+ * smb2_rename() - handler for rename using smb2 setinfo command
+ * @work: smb work containing set info command buffer
+ * @filp: file pointer of source file
+ * @old_fid: file id of source file
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
+ struct smb2_file_rename_info *file_info,
+ struct nls_table *local_nls)
+{
+ struct ksmbd_share_config *share = fp->tcon->share_conf;
+ char *new_name = NULL, *abs_oldname = NULL, *old_name = NULL;
+ char *pathname = NULL;
+ struct path path;
+ bool file_present = true;
+ int rc;
+
+ ksmbd_debug(SMB, "setting FILE_RENAME_INFO\n");
+ pathname = kmalloc(PATH_MAX, GFP_KERNEL);
+ if (!pathname)
+ return -ENOMEM;
+
+ abs_oldname = d_path(&fp->filp->f_path, pathname, PATH_MAX);
+ if (IS_ERR(abs_oldname)) {
+ rc = -EINVAL;
+ goto out;
+ }
+ old_name = strrchr(abs_oldname, '/');
+ if (old_name && old_name[1] != '\0')
+ old_name++;
+ else {
+ ksmbd_debug(SMB, "can't get last component in path %s\n",
+ abs_oldname);
+ rc = -ENOENT;
+ goto out;
+ }
+
+ new_name = smb2_get_name(share,
+ file_info->FileName,
+ le32_to_cpu(file_info->FileNameLength),
+ local_nls);
+ if (IS_ERR(new_name)) {
+ rc = PTR_ERR(new_name);
+ goto out;
+ }
+
+ if (strchr(new_name, ':')) {
+ int s_type;
+ char *xattr_stream_name, *stream_name = NULL;
+ size_t xattr_stream_size;
+ int len;
+
+ rc = parse_stream_name(new_name, &stream_name, &s_type);
+ if (rc < 0)
+ goto out;
+
+ len = strlen(new_name);
+ if (new_name[len - 1] != '/') {
+ ksmbd_err("not allow base filename in rename\n");
+ rc = -ESHARE;
+ goto out;
+ }
+
+ rc = ksmbd_vfs_xattr_stream_name(stream_name,
+ &xattr_stream_name,
+ &xattr_stream_size,
+ s_type);
+ if (rc)
+ goto out;
+
+ rc = ksmbd_vfs_setxattr(fp->filp->f_path.dentry,
+ xattr_stream_name,
+ NULL, 0, 0);
+ if (rc < 0) {
+ ksmbd_err("failed to store stream name in xattr: %d\n",
+ rc);
+ rc = -EINVAL;
+ goto out;
+ }
+
+ goto out;
+ }
+
+ ksmbd_debug(SMB, "new name %s\n", new_name);
+ rc = ksmbd_vfs_kern_path(new_name, 0, &path, 1);
+ if (rc)
+ file_present = false;
+ else
+ path_put(&path);
+
+ if (ksmbd_share_veto_filename(share, new_name)) {
+ rc = -ENOENT;
+ ksmbd_debug(SMB, "Can't rename vetoed file: %s\n", new_name);
+ goto out;
+ }
+
+ if (file_info->ReplaceIfExists) {
+ if (file_present) {
+ rc = ksmbd_vfs_remove_file(work, new_name);
+ if (rc) {
+ if (rc != -ENOTEMPTY)
+ rc = -EINVAL;
+ ksmbd_debug(SMB, "cannot delete %s, rc %d\n",
+ new_name, rc);
+ goto out;
+ }
+ }
+ } else {
+ if (file_present &&
+ strncmp(old_name, path.dentry->d_name.name,
+ strlen(old_name))) {
+ rc = -EEXIST;
+ ksmbd_debug(SMB,
+ "cannot rename already existing file\n");
+ goto out;
+ }
+ }
+
+ rc = ksmbd_vfs_fp_rename(work, fp, new_name);
+out:
+ kfree(pathname);
+ if (!IS_ERR(new_name))
+ smb2_put_name(new_name);
+ return rc;
+}
+
+/**
+ * smb2_create_link() - handler for creating hardlink using smb2
+ * set info command
+ * @work: smb work containing set info command buffer
+ * @filp: file pointer of source file
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int smb2_create_link(struct ksmbd_work *work,
+ struct ksmbd_share_config *share,
+ struct smb2_file_link_info *file_info,
+ struct file *filp,
+ struct nls_table *local_nls)
+{
+ char *link_name = NULL, *target_name = NULL, *pathname = NULL;
+ struct path path;
+ bool file_present = true;
+ int rc;
+
+ ksmbd_debug(SMB, "setting FILE_LINK_INFORMATION\n");
+ pathname = kmalloc(PATH_MAX, GFP_KERNEL);
+ if (!pathname)
+ return -ENOMEM;
+
+ link_name = smb2_get_name(share,
+ file_info->FileName,
+ le32_to_cpu(file_info->FileNameLength),
+ local_nls);
+ if (IS_ERR(link_name) || S_ISDIR(file_inode(filp)->i_mode)) {
+ rc = -EINVAL;
+ goto out;
+ }
+
+ ksmbd_debug(SMB, "link name is %s\n", link_name);
+ target_name = d_path(&filp->f_path, pathname, PATH_MAX);
+ if (IS_ERR(target_name)) {
+ rc = -EINVAL;
+ goto out;
+ }
+
+ ksmbd_debug(SMB, "target name is %s\n", target_name);
+ rc = ksmbd_vfs_kern_path(link_name, 0, &path, 0);
+ if (rc)
+ file_present = false;
+ else
+ path_put(&path);
+
+ if (file_info->ReplaceIfExists) {
+ if (file_present) {
+ rc = ksmbd_vfs_remove_file(work, link_name);
+ if (rc) {
+ rc = -EINVAL;
+ ksmbd_debug(SMB, "cannot delete %s\n",
+ link_name);
+ goto out;
+ }
+ }
+ } else {
+ if (file_present) {
+ rc = -EEXIST;
+ ksmbd_debug(SMB, "link already exists\n");
+ goto out;
+ }
+ }
+
+ rc = ksmbd_vfs_link(work, target_name, link_name);
+ if (rc)
+ rc = -EINVAL;
+out:
+ if (!IS_ERR(link_name))
+ smb2_put_name(link_name);
+ kfree(pathname);
+ return rc;
+}
+
+static bool is_attributes_write_allowed(struct ksmbd_file *fp)
+{
+ return fp->daccess & FILE_WRITE_ATTRIBUTES_LE;
+}
+
+static int set_file_basic_info(struct ksmbd_file *fp,
+ char *buf,
+ struct ksmbd_share_config *share)
+{
+ struct smb2_file_all_info *file_info;
+ struct iattr attrs;
+ struct iattr temp_attrs;
+ struct file *filp;
+ struct inode *inode;
+ int rc;
+
+ if (!is_attributes_write_allowed(fp))
+ return -EACCES;
+
+ file_info = (struct smb2_file_all_info *)buf;
+ attrs.ia_valid = 0;
+ filp = fp->filp;
+ inode = file_inode(filp);
+
+ if (file_info->CreationTime)
+ fp->create_time = le64_to_cpu(file_info->CreationTime);
+
+ if (file_info->LastAccessTime) {
+ attrs.ia_atime = ksmbd_NTtimeToUnix(file_info->LastAccessTime);
+ attrs.ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET);
+ }
+
+ if (file_info->ChangeTime) {
+ temp_attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);
+ attrs.ia_ctime = temp_attrs.ia_ctime;
+ attrs.ia_valid |= ATTR_CTIME;
+ } else
+ temp_attrs.ia_ctime = inode->i_ctime;
+
+ if (file_info->LastWriteTime) {
+ attrs.ia_mtime = ksmbd_NTtimeToUnix(file_info->LastWriteTime);
+ attrs.ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET);
+ }
+
+ if (file_info->Attributes) {
+ if (!S_ISDIR(inode->i_mode) &&
+ file_info->Attributes & ATTR_DIRECTORY_LE) {
+ ksmbd_err("can't change a file to a directory\n");
+ return -EINVAL;
+ }
+
+ if (!(S_ISDIR(inode->i_mode) && file_info->Attributes == ATTR_NORMAL_LE))
+ fp->f_ci->m_fattr = file_info->Attributes |
+ (fp->f_ci->m_fattr & ATTR_DIRECTORY_LE);
+ }
+
+ if (test_share_config_flag(share, KSMBD_SHARE_FLAG_STORE_DOS_ATTRS) &&
+ (file_info->CreationTime || file_info->Attributes)) {
+ struct xattr_dos_attrib da = {0};
+
+ da.version = 4;
+ da.itime = fp->itime;
+ da.create_time = fp->create_time;
+ da.attr = le32_to_cpu(fp->f_ci->m_fattr);
+ da.flags = XATTR_DOSINFO_ATTRIB | XATTR_DOSINFO_CREATE_TIME |
+ XATTR_DOSINFO_ITIME;
+
+ rc = ksmbd_vfs_set_dos_attrib_xattr(filp->f_path.dentry, &da);
+ if (rc)
+ ksmbd_debug(SMB,
+ "failed to restore file attribute in EA\n");
+ rc = 0;
+ }
+
+ /*
+ * HACK : set ctime here to avoid ctime changed
+ * when file_info->ChangeTime is zero.
+ */
+ attrs.ia_ctime = temp_attrs.ia_ctime;
+ attrs.ia_valid |= ATTR_CTIME;
+
+ if (attrs.ia_valid) {
+ struct dentry *dentry = filp->f_path.dentry;
+ struct inode *inode = d_inode(dentry);
+
+ if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
+ return -EACCES;
+
+ rc = setattr_prepare(&init_user_ns, dentry, &attrs);
+ if (rc)
+ return -EINVAL;
+
+ inode_lock(inode);
+ setattr_copy(&init_user_ns, inode, &attrs);
+ attrs.ia_valid &= ~ATTR_CTIME;
+ rc = notify_change(&init_user_ns, dentry, &attrs, NULL);
+ inode_unlock(inode);
+ }
+ return 0;
+}
+
+static int set_file_allocation_info(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ char *buf)
+{
+ /*
+ * TODO : It's working fine only when store dos attributes
+ * is not yes. need to implement a logic which works
+ * properly with any smb.conf option
+ */
+
+ struct smb2_file_alloc_info *file_alloc_info;
+ loff_t alloc_blks;
+ struct inode *inode;
+ int rc;
+
+ if (!is_attributes_write_allowed(fp))
+ return -EACCES;
+
+ file_alloc_info = (struct smb2_file_alloc_info *)buf;
+ alloc_blks = (le64_to_cpu(file_alloc_info->AllocationSize) + 511) >> 9;
+ inode = file_inode(fp->filp);
+
+ if (alloc_blks > inode->i_blocks) {
+ rc = ksmbd_vfs_alloc_size(work, fp, alloc_blks * 512);
+ if (rc && rc != -EOPNOTSUPP) {
+ ksmbd_err("ksmbd_vfs_alloc_size is failed : %d\n", rc);
+ return rc;
+ }
+ } else if (alloc_blks < inode->i_blocks) {
+ loff_t size;
+
+ /*
+ * Allocation size could be smaller than original one
+ * which means allocated blocks in file should be
+ * deallocated. use truncate to cut out it, but inode
+ * size is also updated with truncate offset.
+ * inode size is retained by backup inode size.
+ */
+ size = i_size_read(inode);
+ rc = ksmbd_vfs_truncate(work, NULL, fp, alloc_blks * 512);
+ if (rc) {
+ ksmbd_err("truncate failed! filename : %s, err %d\n",
+ fp->filename, rc);
+ return rc;
+ }
+ if (size < alloc_blks * 512)
+ i_size_write(inode, size);
+ }
+ return 0;
+}
+
+static int set_end_of_file_info(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ char *buf)
+{
+ struct smb2_file_eof_info *file_eof_info;
+ loff_t newsize;
+ struct inode *inode;
+ int rc;
+
+ if (!is_attributes_write_allowed(fp))
+ return -EACCES;
+
+ file_eof_info = (struct smb2_file_eof_info *)buf;
+ newsize = le64_to_cpu(file_eof_info->EndOfFile);
+ inode = file_inode(fp->filp);
+
+ /*
+ * If FILE_END_OF_FILE_INFORMATION of set_info_file is called
+ * on FAT32 shared device, truncate execution time is too long
+ * and network error could cause from windows client. because
+ * truncate of some filesystem like FAT32 fill zero data in
+ * truncated range.
+ */
+ if (inode->i_sb->s_magic != MSDOS_SUPER_MAGIC) {
+ ksmbd_debug(SMB, "filename : %s truncated to newsize %lld\n",
+ fp->filename, newsize);
+ rc = ksmbd_vfs_truncate(work, NULL, fp, newsize);
+ if (rc) {
+ ksmbd_debug(SMB,
+ "truncate failed! filename : %s err %d\n",
+ fp->filename, rc);
+ if (rc != -EAGAIN)
+ rc = -EBADF;
+ return rc;
+ }
+ }
+ return 0;
+}
+
+static int set_rename_info(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ char *buf)
+{
+ struct ksmbd_file *parent_fp;
+
+ if (!(fp->daccess & FILE_DELETE_LE)) {
+ ksmbd_err("no right to delete : 0x%x\n", fp->daccess);
+ return -EACCES;
+ }
+
+ if (ksmbd_stream_fd(fp))
+ goto next;
+
+ parent_fp = ksmbd_lookup_fd_inode(PARENT_INODE(fp));
+ if (parent_fp) {
+ if (parent_fp->daccess & FILE_DELETE_LE) {
+ ksmbd_err("parent dir is opened with delete access\n");
+ return -ESHARE;
+ }
+ }
+next:
+ return smb2_rename(work, fp,
+ (struct smb2_file_rename_info *)buf,
+ work->sess->conn->local_nls);
+}
+
+static int set_file_disposition_info(struct ksmbd_file *fp,
+ char *buf)
+{
+ struct smb2_file_disposition_info *file_info;
+ struct inode *inode;
+
+ if (!(fp->daccess & FILE_DELETE_LE)) {
+ ksmbd_err("no right to delete : 0x%x\n", fp->daccess);
+ return -EACCES;
+ }
+
+ inode = file_inode(fp->filp);
+ file_info = (struct smb2_file_disposition_info *)buf;
+ if (file_info->DeletePending) {
+ if (S_ISDIR(inode->i_mode) &&
+ ksmbd_vfs_empty_dir(fp) == -ENOTEMPTY)
+ return -EBUSY;
+ ksmbd_set_inode_pending_delete(fp);
+ } else {
+ ksmbd_clear_inode_pending_delete(fp);
+ }
+ return 0;
+}
+
+static int set_file_position_info(struct ksmbd_file *fp,
+ char *buf)
+{
+ struct smb2_file_pos_info *file_info;
+ loff_t current_byte_offset;
+ unsigned short sector_size;
+ struct inode *inode;
+
+ inode = file_inode(fp->filp);
+ file_info = (struct smb2_file_pos_info *)buf;
+ current_byte_offset = le64_to_cpu(file_info->CurrentByteOffset);
+ sector_size = ksmbd_vfs_logical_sector_size(inode);
+
+ if (current_byte_offset < 0 ||
+ (fp->coption == FILE_NO_INTERMEDIATE_BUFFERING_LE &&
+ current_byte_offset & (sector_size-1))) {
+ ksmbd_err("CurrentByteOffset is not valid : %llu\n",
+ current_byte_offset);
+ return -EINVAL;
+ }
+
+ fp->filp->f_pos = current_byte_offset;
+ return 0;
+}
+
+static int set_file_mode_info(struct ksmbd_file *fp,
+ char *buf)
+{
+ struct smb2_file_mode_info *file_info;
+ __le32 mode;
+
+ file_info = (struct smb2_file_mode_info *)buf;
+ mode = file_info->Mode;
+
+ if ((mode & (~FILE_MODE_INFO_MASK)) ||
+ (mode & FILE_SYNCHRONOUS_IO_ALERT_LE &&
+ mode & FILE_SYNCHRONOUS_IO_NONALERT_LE)) {
+ ksmbd_err("Mode is not valid : 0x%x\n", le32_to_cpu(mode));
+ return -EINVAL;
+ }
+
+ /*
+ * TODO : need to implement consideration for
+ * FILE_SYNCHRONOUS_IO_ALERT and FILE_SYNCHRONOUS_IO_NONALERT
+ */
+ ksmbd_vfs_set_fadvise(fp->filp, mode);
+ fp->coption = mode;
+ return 0;
+}
+
+/**
+ * smb2_set_info_file() - handler for smb2 set info command
+ * @work: smb work containing set info command buffer
+ *
+ * Return: 0 on success, otherwise error
+ * TODO: need to implement an error handling for STATUS_INFO_LENGTH_MISMATCH
+ */
+static int smb2_set_info_file(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ int info_class,
+ char *buf,
+ struct ksmbd_share_config *share)
+{
+ switch (info_class) {
+ case FILE_BASIC_INFORMATION:
+ return set_file_basic_info(fp, buf, share);
+
+ case FILE_ALLOCATION_INFORMATION:
+ return set_file_allocation_info(work, fp, buf);
+
+ case FILE_END_OF_FILE_INFORMATION:
+ return set_end_of_file_info(work, fp, buf);
+
+ case FILE_RENAME_INFORMATION:
+ if (!test_tree_conn_flag(work->tcon,
+ KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ ksmbd_debug(SMB,
+ "User does not have write permission\n");
+ return -EACCES;
+ }
+ return set_rename_info(work, fp, buf);
+
+ case FILE_LINK_INFORMATION:
+ return smb2_create_link(work, work->tcon->share_conf,
+ (struct smb2_file_link_info *)buf, fp->filp,
+ work->sess->conn->local_nls);
+
+ case FILE_DISPOSITION_INFORMATION:
+ if (!test_tree_conn_flag(work->tcon,
+ KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ ksmbd_debug(SMB,
+ "User does not have write permission\n");
+ return -EACCES;
+ }
+ return set_file_disposition_info(fp, buf);
+
+ case FILE_FULL_EA_INFORMATION:
+ {
+ if (!(fp->daccess & FILE_WRITE_EA_LE)) {
+ ksmbd_err("Not permitted to write ext attr: 0x%x\n",
+ fp->daccess);
+ return -EACCES;
+ }
+
+ return smb2_set_ea((struct smb2_ea_info *)buf,
+ &fp->filp->f_path);
+ }
+
+ case FILE_POSITION_INFORMATION:
+ return set_file_position_info(fp, buf);
+
+ case FILE_MODE_INFORMATION:
+ return set_file_mode_info(fp, buf);
+ }
+
+ ksmbd_err("Unimplemented Fileinfoclass :%d\n", info_class);
+ return -EOPNOTSUPP;
+}
+
+static int smb2_set_info_sec(struct ksmbd_file *fp,
+ int addition_info,
+ char *buffer,
+ int buf_len)
+{
+ struct smb_ntsd *pntsd = (struct smb_ntsd *)buffer;
+
+ fp->saccess |= FILE_SHARE_DELETE_LE;
+
+ return set_info_sec(fp->conn, fp->tcon, fp->filp->f_path.dentry, pntsd,
+ buf_len, false);
+}
+
+/**
+ * smb2_set_info() - handler for smb2 set info command handler
+ * @work: smb work containing set info request buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_set_info(struct ksmbd_work *work)
+{
+ struct smb2_set_info_req *req;
+ struct smb2_set_info_rsp *rsp, *rsp_org;
+ struct ksmbd_file *fp;
+ int rc = 0;
+ unsigned int id = KSMBD_NO_FID, pid = KSMBD_NO_FID;
+
+ ksmbd_debug(SMB, "Received set info request\n");
+
+ rsp_org = RESPONSE_BUF(work);
+ if (work->next_smb2_rcv_hdr_off) {
+ req = REQUEST_BUF_NEXT(work);
+ rsp = RESPONSE_BUF_NEXT(work);
+ if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ work->compound_fid);
+ id = work->compound_fid;
+ pid = work->compound_pfid;
+ }
+ } else {
+ req = REQUEST_BUF(work);
+ rsp = RESPONSE_BUF(work);
+ }
+
+ if (!HAS_FILE_ID(id)) {
+ id = le64_to_cpu(req->VolatileFileId);
+ pid = le64_to_cpu(req->PersistentFileId);
+ }
+
+ fp = ksmbd_lookup_fd_slow(work, id, pid);
+ if (!fp) {
+ ksmbd_debug(SMB, "Invalid id for close: %u\n", id);
+ rc = -ENOENT;
+ goto err_out;
+ }
+
+ switch (req->InfoType) {
+ case SMB2_O_INFO_FILE:
+ ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILE\n");
+ rc = smb2_set_info_file(work, fp, req->FileInfoClass,
+ req->Buffer, work->tcon->share_conf);
+ break;
+ case SMB2_O_INFO_SECURITY:
+ ksmbd_debug(SMB, "GOT SMB2_O_INFO_SECURITY\n");
+ rc = smb2_set_info_sec(fp,
+ le32_to_cpu(req->AdditionalInformation), req->Buffer,
+ le32_to_cpu(req->BufferLength));
+ break;
+ default:
+ rc = -EOPNOTSUPP;
+ }
+
+ if (rc < 0)
+ goto err_out;
+
+ rsp->StructureSize = cpu_to_le16(2);
+ inc_rfc1001_len(rsp_org, 2);
+ ksmbd_fd_put(work, fp);
+ return 0;
+
+err_out:
+ if (rc == -EACCES || rc == -EPERM)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ else if (rc == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else if (rc == -ESHARE)
+ rsp->hdr.Status = STATUS_SHARING_VIOLATION;
+ else if (rc == -ENOENT)
+ rsp->hdr.Status = STATUS_OBJECT_NAME_INVALID;
+ else if (rc == -EBUSY || rc == -ENOTEMPTY)
+ rsp->hdr.Status = STATUS_DIRECTORY_NOT_EMPTY;
+ else if (rc == -EAGAIN)
+ rsp->hdr.Status = STATUS_FILE_LOCK_CONFLICT;
+ else if (rc == -EBADF)
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+ else if (rc == -EEXIST)
+ rsp->hdr.Status = STATUS_OBJECT_NAME_COLLISION;
+ else if (rsp->hdr.Status == 0 || rc == -EOPNOTSUPP)
+ rsp->hdr.Status = STATUS_INVALID_INFO_CLASS;
+ smb2_set_err_rsp(work);
+ ksmbd_fd_put(work, fp);
+ ksmbd_debug(SMB, "error while processing smb2 query rc = %d\n",
+ rc);
+ return rc;
+}
+
+/**
+ * smb2_read_pipe() - handler for smb2 read from IPC pipe
+ * @work: smb work containing read IPC pipe command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+static noinline int smb2_read_pipe(struct ksmbd_work *work)
+{
+ int nbytes = 0, err;
+ uint64_t id;
+ struct ksmbd_rpc_command *rpc_resp;
+ struct smb2_read_req *req = REQUEST_BUF(work);
+ struct smb2_read_rsp *rsp = RESPONSE_BUF(work);
+
+ id = le64_to_cpu(req->VolatileFileId);
+
+ inc_rfc1001_len(rsp, 16);
+ rpc_resp = ksmbd_rpc_read(work->sess, id);
+ if (rpc_resp) {
+ if (rpc_resp->flags != KSMBD_RPC_OK) {
+ err = -EINVAL;
+ goto out;
+ }
+
+ work->aux_payload_buf =
+ ksmbd_alloc_response(rpc_resp->payload_sz);
+ if (!work->aux_payload_buf) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ memcpy(work->aux_payload_buf, rpc_resp->payload,
+ rpc_resp->payload_sz);
+
+ nbytes = rpc_resp->payload_sz;
+ work->resp_hdr_sz = get_rfc1002_len(rsp) + 4;
+ work->aux_payload_sz = nbytes;
+ ksmbd_free(rpc_resp);
+ }
+
+ rsp->StructureSize = cpu_to_le16(17);
+ rsp->DataOffset = 80;
+ rsp->Reserved = 0;
+ rsp->DataLength = cpu_to_le32(nbytes);
+ rsp->DataRemaining = 0;
+ rsp->Reserved2 = 0;
+ inc_rfc1001_len(rsp, nbytes);
+ return 0;
+
+out:
+ rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;
+ smb2_set_err_rsp(work);
+ ksmbd_free(rpc_resp);
+ return err;
+}
+
+static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work,
+ struct smb2_read_req *req,
+ void *data_buf, size_t length)
+{
+ struct smb2_buffer_desc_v1 *desc =
+ (struct smb2_buffer_desc_v1 *)&req->Buffer[0];
+ int err;
+
+ if (work->conn->dialect == SMB30_PROT_ID
+ && req->Channel != SMB2_CHANNEL_RDMA_V1)
+ return -EINVAL;
+
+ if (req->ReadChannelInfoOffset == 0
+ || le16_to_cpu(req->ReadChannelInfoLength) < sizeof(*desc))
+ return -EINVAL;
+
+ work->need_invalidate_rkey =
+ (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
+ work->remote_key = le32_to_cpu(desc->token);
+
+ err = ksmbd_conn_rdma_write(work->conn,
+ data_buf, length,
+ le32_to_cpu(desc->token),
+ le64_to_cpu(desc->offset),
+ le32_to_cpu(desc->length));
+ if (err)
+ return err;
+
+ return length;
+}
+
+/**
+ * smb2_read() - handler for smb2 read from file
+ * @work: smb work containing read command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_read(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_read_req *req;
+ struct smb2_read_rsp *rsp, *rsp_org;
+ struct ksmbd_file *fp;
+ loff_t offset;
+ size_t length, mincount;
+ ssize_t nbytes = 0, remain_bytes = 0;
+ int err = 0;
+
+ rsp_org = RESPONSE_BUF(work);
+ WORK_BUFFERS(work, req, rsp);
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_PIPE)) {
+ ksmbd_debug(SMB, "IPC pipe read request\n");
+ return smb2_read_pipe(work);
+ }
+
+ fp = ksmbd_lookup_fd_slow(work,
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
+ if (!fp) {
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ return -ENOENT;
+ }
+
+ if (!(fp->daccess & (FILE_READ_DATA_LE | FILE_READ_ATTRIBUTES_LE))) {
+ ksmbd_err("Not permitted to read : 0x%x\n", fp->daccess);
+ err = -EACCES;
+ goto out;
+ }
+
+ offset = le64_to_cpu(req->Offset);
+ length = le32_to_cpu(req->Length);
+ mincount = le32_to_cpu(req->MinimumCount);
+
+ if (length > conn->vals->max_read_size) {
+ ksmbd_debug(SMB, "limiting read size to max size(%u)\n",
+ conn->vals->max_read_size);
+ err = -EINVAL;
+ goto out;
+ }
+
+ ksmbd_debug(SMB, "filename %s, offset %lld, len %zu\n", FP_FILENAME(fp),
+ offset, length);
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF) {
+ work->aux_payload_buf =
+ ksmbd_find_buffer(conn->vals->max_read_size);
+ work->set_read_buf = true;
+ } else {
+ work->aux_payload_buf = ksmbd_alloc_response(length);
+ }
+ if (!work->aux_payload_buf) {
+ err = nbytes;
+ goto out;
+ }
+
+ nbytes = ksmbd_vfs_read(work, fp, length, &offset);
+ if (nbytes < 0) {
+ err = nbytes;
+ goto out;
+ }
+
+ if ((nbytes == 0 && length != 0) || nbytes < mincount) {
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
+ ksmbd_release_buffer(AUX_PAYLOAD(work));
+ else
+ ksmbd_free_response(AUX_PAYLOAD(work));
+ INIT_AUX_PAYLOAD(work);
+ rsp->hdr.Status = STATUS_END_OF_FILE;
+ smb2_set_err_rsp(work);
+ ksmbd_fd_put(work, fp);
+ return 0;
+ }
+
+ ksmbd_debug(SMB, "nbytes %zu, offset %lld mincount %zu\n",
+ nbytes, offset, mincount);
+
+ if (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE ||
+ req->Channel == SMB2_CHANNEL_RDMA_V1) {
+ /* write data to the client using rdma channel */
+ remain_bytes = smb2_read_rdma_channel(work, req,
+ AUX_PAYLOAD(work), nbytes);
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
+ ksmbd_release_buffer(AUX_PAYLOAD(work));
+ else
+ ksmbd_free_response(AUX_PAYLOAD(work));
+ INIT_AUX_PAYLOAD(work);
+
+ nbytes = 0;
+ if (remain_bytes < 0) {
+ err = (int)remain_bytes;
+ goto out;
+ }
+ }
+
+ rsp->StructureSize = cpu_to_le16(17);
+ rsp->DataOffset = 80;
+ rsp->Reserved = 0;
+ rsp->DataLength = cpu_to_le32(nbytes);
+ rsp->DataRemaining = cpu_to_le32(remain_bytes);
+ rsp->Reserved2 = 0;
+ inc_rfc1001_len(rsp_org, 16);
+ work->resp_hdr_sz = get_rfc1002_len(rsp_org) + 4;
+ work->aux_payload_sz = nbytes;
+ inc_rfc1001_len(rsp_org, nbytes);
+ ksmbd_fd_put(work, fp);
+ return 0;
+
+out:
+ if (err) {
+ if (err == -EISDIR)
+ rsp->hdr.Status = STATUS_INVALID_DEVICE_REQUEST;
+ else if (err == -EAGAIN)
+ rsp->hdr.Status = STATUS_FILE_LOCK_CONFLICT;
+ else if (err == -ENOENT)
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ else if (err == -EACCES)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ else if (err == -ESHARE)
+ rsp->hdr.Status = STATUS_SHARING_VIOLATION;
+ else if (err == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+
+ smb2_set_err_rsp(work);
+ }
+ ksmbd_fd_put(work, fp);
+ return err;
+}
+
+/**
+ * smb2_write_pipe() - handler for smb2 write on IPC pipe
+ * @work: smb work containing write IPC pipe command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+static noinline int smb2_write_pipe(struct ksmbd_work *work)
+{
+ struct smb2_write_req *req = REQUEST_BUF(work);
+ struct smb2_write_rsp *rsp = RESPONSE_BUF(work);
+ struct ksmbd_rpc_command *rpc_resp;
+ uint64_t id = 0;
+ int err = 0, ret = 0;
+ char *data_buf;
+ size_t length;
+
+ length = le32_to_cpu(req->Length);
+ id = le64_to_cpu(req->VolatileFileId);
+
+ if (le16_to_cpu(req->DataOffset) ==
+ (offsetof(struct smb2_write_req, Buffer) - 4)) {
+ data_buf = (char *)&req->Buffer[0];
+ } else {
+ if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
+ (le16_to_cpu(req->DataOffset) +
+ length > get_rfc1002_len(req))) {
+ ksmbd_err("invalid write data offset %u, smb_len %u\n",
+ le16_to_cpu(req->DataOffset),
+ get_rfc1002_len(req));
+ err = -EINVAL;
+ goto out;
+ }
+
+ data_buf = (char *)(((char *)&req->hdr.ProtocolId) +
+ le16_to_cpu(req->DataOffset));
+ }
+
+ rpc_resp = ksmbd_rpc_write(work->sess, id, data_buf, length);
+ if (rpc_resp) {
+ if (rpc_resp->flags == KSMBD_RPC_ENOTIMPLEMENTED) {
+ rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ ksmbd_free(rpc_resp);
+ smb2_set_err_rsp(work);
+ return -EOPNOTSUPP;
+ }
+ if (rpc_resp->flags != KSMBD_RPC_OK) {
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+ smb2_set_err_rsp(work);
+ ksmbd_free(rpc_resp);
+ return ret;
+ }
+ ksmbd_free(rpc_resp);
+ }
+
+ rsp->StructureSize = cpu_to_le16(17);
+ rsp->DataOffset = 0;
+ rsp->Reserved = 0;
+ rsp->DataLength = cpu_to_le32(length);
+ rsp->DataRemaining = 0;
+ rsp->Reserved2 = 0;
+ inc_rfc1001_len(rsp, 16);
+ return 0;
+out:
+ if (err) {
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+ smb2_set_err_rsp(work);
+ }
+
+ return err;
+}
+
+static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
+ struct smb2_write_req *req, struct ksmbd_file *fp,
+ loff_t offset, size_t length, bool sync)
+{
+ struct smb2_buffer_desc_v1 *desc;
+ char *data_buf;
+ int ret;
+ ssize_t nbytes;
+
+ desc = (struct smb2_buffer_desc_v1 *)&req->Buffer[0];
+
+ if (work->conn->dialect == SMB30_PROT_ID &&
+ req->Channel != SMB2_CHANNEL_RDMA_V1)
+ return -EINVAL;
+
+ if (req->Length != 0 || req->DataOffset != 0)
+ return -EINVAL;
+
+ if (req->WriteChannelInfoOffset == 0
+ || le16_to_cpu(req->WriteChannelInfoLength) < sizeof(*desc))
+ return -EINVAL;
+
+ work->need_invalidate_rkey =
+ (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
+ work->remote_key = le32_to_cpu(desc->token);
+
+ data_buf = ksmbd_alloc_response(length);
+ if (!data_buf)
+ return -ENOMEM;
+
+ ret = ksmbd_conn_rdma_read(work->conn, data_buf, length,
+ le32_to_cpu(desc->token),
+ le64_to_cpu(desc->offset),
+ le32_to_cpu(desc->length));
+
+ if (ret < 0) {
+ ksmbd_free_response(data_buf);
+ return ret;
+ }
+
+ ret = ksmbd_vfs_write(work, fp, data_buf, length, &offset,
+ sync, &nbytes);
+
+ ksmbd_free_response(data_buf);
+ if (ret < 0)
+ return ret;
+
+ return nbytes;
+}
+
+/**
+ * smb2_write() - handler for smb2 write from file
+ * @work: smb work containing write command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_write(struct ksmbd_work *work)
+{
+ struct smb2_write_req *req;
+ struct smb2_write_rsp *rsp, *rsp_org;
+ struct ksmbd_file *fp = NULL;
+ loff_t offset;
+ size_t length;
+ ssize_t nbytes;
+ char *data_buf;
+ bool writethrough = false;
+ int err = 0;
+
+ rsp_org = RESPONSE_BUF(work);
+ WORK_BUFFERS(work, req, rsp);
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_PIPE)) {
+ ksmbd_debug(SMB, "IPC pipe write request\n");
+ return smb2_write_pipe(work);
+ }
+
+ if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ ksmbd_debug(SMB, "User does not have write permission\n");
+ err = -EACCES;
+ goto out;
+ }
+
+ fp = ksmbd_lookup_fd_slow(work,
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
+ if (!fp) {
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ return -ENOENT;
+ }
+
+ if (!(fp->daccess & (FILE_WRITE_DATA_LE | FILE_READ_ATTRIBUTES_LE))) {
+ ksmbd_err("Not permitted to write : 0x%x\n", fp->daccess);
+ err = -EACCES;
+ goto out;
+ }
+
+ offset = le64_to_cpu(req->Offset);
+ length = le32_to_cpu(req->Length);
+
+ if (length > work->conn->vals->max_write_size) {
+ ksmbd_debug(SMB, "limiting write size to max size(%u)\n",
+ work->conn->vals->max_write_size);
+ err = -EINVAL;
+ goto out;
+ }
+
+ if (le32_to_cpu(req->Flags) & SMB2_WRITEFLAG_WRITE_THROUGH)
+ writethrough = true;
+
+ if (req->Channel != SMB2_CHANNEL_RDMA_V1 &&
+ req->Channel != SMB2_CHANNEL_RDMA_V1_INVALIDATE) {
+
+ if (le16_to_cpu(req->DataOffset) ==
+ (offsetof(struct smb2_write_req, Buffer) - 4)) {
+ data_buf = (char *)&req->Buffer[0];
+ } else {
+ if ((le16_to_cpu(req->DataOffset) >
+ get_rfc1002_len(req)) ||
+ (le16_to_cpu(req->DataOffset) +
+ length > get_rfc1002_len(req))) {
+ ksmbd_err("invalid write data offset %u, smb_len %u\n",
+ le16_to_cpu(req->DataOffset),
+ get_rfc1002_len(req));
+ err = -EINVAL;
+ goto out;
+ }
+
+ data_buf = (char *)(((char *)&req->hdr.ProtocolId) +
+ le16_to_cpu(req->DataOffset));
+ }
+
+ ksmbd_debug(SMB, "flags %u\n", le32_to_cpu(req->Flags));
+ if (le32_to_cpu(req->Flags) & SMB2_WRITEFLAG_WRITE_THROUGH)
+ writethrough = true;
+
+ ksmbd_debug(SMB, "filename %s, offset %lld, len %zu\n",
+ FP_FILENAME(fp), offset, length);
+ err = ksmbd_vfs_write(work, fp, data_buf, length, &offset,
+ writethrough, &nbytes);
+ if (err < 0)
+ goto out;
+ } else {
+ /* read data from the client using rdma channel, and
+ * write the data.
+ */
+ nbytes = smb2_write_rdma_channel(work, req, fp, offset,
+ le32_to_cpu(req->RemainingBytes),
+ writethrough);
+ if (nbytes < 0) {
+ err = (int)nbytes;
+ goto out;
+ }
+ }
+
+ rsp->StructureSize = cpu_to_le16(17);
+ rsp->DataOffset = 0;
+ rsp->Reserved = 0;
+ rsp->DataLength = cpu_to_le32(nbytes);
+ rsp->DataRemaining = 0;
+ rsp->Reserved2 = 0;
+ inc_rfc1001_len(rsp_org, 16);
+ ksmbd_fd_put(work, fp);
+ return 0;
+
+out:
+ if (err == -EAGAIN)
+ rsp->hdr.Status = STATUS_FILE_LOCK_CONFLICT;
+ else if (err == -ENOSPC || err == -EFBIG)
+ rsp->hdr.Status = STATUS_DISK_FULL;
+ else if (err == -ENOENT)
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ else if (err == -EACCES)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ else if (err == -ESHARE)
+ rsp->hdr.Status = STATUS_SHARING_VIOLATION;
+ else if (err == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+
+ smb2_set_err_rsp(work);
+ ksmbd_fd_put(work, fp);
+ return err;
+}
+
+/**
+ * smb2_flush() - handler for smb2 flush file - fsync
+ * @work: smb work containing flush command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_flush(struct ksmbd_work *work)
+{
+ struct smb2_flush_req *req;
+ struct smb2_flush_rsp *rsp, *rsp_org;
+ int err;
+
+ rsp_org = RESPONSE_BUF(work);
+ WORK_BUFFERS(work, req, rsp);
+
+ ksmbd_debug(SMB, "SMB2_FLUSH called for fid %llu\n",
+ le64_to_cpu(req->VolatileFileId));
+
+ err = ksmbd_vfs_fsync(work,
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
+ if (err)
+ goto out;
+
+ rsp->StructureSize = cpu_to_le16(4);
+ rsp->Reserved = 0;
+ inc_rfc1001_len(rsp_org, 4);
+ return 0;
+
+out:
+ if (err) {
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+ smb2_set_err_rsp(work);
+ }
+
+ return err;
+}
+
+/**
+ * smb2_cancel() - handler for smb2 cancel command
+ * @work: smb work containing cancel command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_cancel(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_hdr *hdr = REQUEST_BUF(work);
+ struct smb2_hdr *chdr;
+ struct ksmbd_work *cancel_work = NULL;
+ struct list_head *tmp;
+ int canceled = 0;
+ struct list_head *command_list;
+
+ ksmbd_debug(SMB, "smb2 cancel called on mid %llu, async flags 0x%x\n",
+ hdr->MessageId, hdr->Flags);
+
+ if (hdr->Flags & SMB2_FLAGS_ASYNC_COMMAND) {
+ command_list = &conn->async_requests;
+
+ spin_lock(&conn->request_lock);
+ list_for_each(tmp, command_list) {
+ cancel_work = list_entry(tmp, struct ksmbd_work,
+ async_request_entry);
+ chdr = REQUEST_BUF(cancel_work);
+
+ if (cancel_work->async_id !=
+ le64_to_cpu(hdr->Id.AsyncId))
+ continue;
+
+ ksmbd_debug(SMB,
+ "smb2 with AsyncId %llu cancelled command = 0x%x\n",
+ le64_to_cpu(hdr->Id.AsyncId),
+ le16_to_cpu(chdr->Command));
+ canceled = 1;
+ break;
+ }
+ spin_unlock(&conn->request_lock);
+ } else {
+ command_list = &conn->requests;
+
+ spin_lock(&conn->request_lock);
+ list_for_each(tmp, command_list) {
+ cancel_work = list_entry(tmp, struct ksmbd_work,
+ request_entry);
+ chdr = REQUEST_BUF(cancel_work);
+
+ if (chdr->MessageId != hdr->MessageId ||
+ cancel_work == work)
+ continue;
+
+ ksmbd_debug(SMB,
+ "smb2 with mid %llu cancelled command = 0x%x\n",
+ le64_to_cpu(hdr->MessageId),
+ le16_to_cpu(chdr->Command));
+ canceled = 1;
+ break;
+ }
+ spin_unlock(&conn->request_lock);
+ }
+
+ if (canceled) {
+ cancel_work->state = KSMBD_WORK_CANCELLED;
+ if (cancel_work->cancel_fn)
+ cancel_work->cancel_fn(cancel_work->cancel_argv);
+ }
+
+ /* For SMB2_CANCEL command itself send no response*/
+ work->send_no_response = 1;
+ return 0;
+}
+
+struct file_lock *smb_flock_init(struct file *f)
+{
+ struct file_lock *fl;
+
+ fl = locks_alloc_lock();
+ if (!fl)
+ goto out;
+
+ locks_init_lock(fl);
+
+ fl->fl_owner = f;
+ fl->fl_pid = current->tgid;
+ fl->fl_file = f;
+ fl->fl_flags = FL_POSIX;
+ fl->fl_ops = NULL;
+ fl->fl_lmops = NULL;
+
+out:
+ return fl;
+}
+
+static int smb2_set_flock_flags(struct file_lock *flock, int flags)
+{
+ int cmd = -EINVAL;
+
+ /* Checking for wrong flag combination during lock request*/
+ switch (flags) {
+ case SMB2_LOCKFLAG_SHARED:
+ ksmbd_debug(SMB, "received shared request\n");
+ cmd = F_SETLKW;
+ flock->fl_type = F_RDLCK;
+ flock->fl_flags |= FL_SLEEP;
+ break;
+ case SMB2_LOCKFLAG_EXCLUSIVE:
+ ksmbd_debug(SMB, "received exclusive request\n");
+ cmd = F_SETLKW;
+ flock->fl_type = F_WRLCK;
+ flock->fl_flags |= FL_SLEEP;
+ break;
+ case SMB2_LOCKFLAG_SHARED|SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
+ ksmbd_debug(SMB,
+ "received shared & fail immediately request\n");
+ cmd = F_SETLK;
+ flock->fl_type = F_RDLCK;
+ break;
+ case SMB2_LOCKFLAG_EXCLUSIVE|SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
+ ksmbd_debug(SMB,
+ "received exclusive & fail immediately request\n");
+ cmd = F_SETLK;
+ flock->fl_type = F_WRLCK;
+ break;
+ case SMB2_LOCKFLAG_UNLOCK:
+ ksmbd_debug(SMB, "received unlock request\n");
+ flock->fl_type = F_UNLCK;
+ cmd = 0;
+ break;
+ }
+
+ return cmd;
+}
+
+static struct ksmbd_lock *smb2_lock_init(struct file_lock *flock,
+ unsigned int cmd, int flags, struct list_head *lock_list)
+{
+ struct ksmbd_lock *lock;
+
+ lock = kzalloc(sizeof(struct ksmbd_lock), GFP_KERNEL);
+ if (!lock)
+ return NULL;
+
+ lock->cmd = cmd;
+ lock->fl = flock;
+ lock->start = flock->fl_start;
+ lock->end = flock->fl_end;
+ lock->flags = flags;
+ if (lock->start == lock->end)
+ lock->zero_len = 1;
+ INIT_LIST_HEAD(&lock->llist);
+ INIT_LIST_HEAD(&lock->glist);
+ list_add_tail(&lock->llist, lock_list);
+
+ return lock;
+}
+
+static void smb2_remove_blocked_lock(void **argv)
+{
+ struct file_lock *flock = (struct file_lock *)argv[0];
+
+ ksmbd_vfs_posix_lock_unblock(flock);
+ wake_up(&flock->fl_wait);
+}
+
+static inline bool lock_defer_pending(struct file_lock *fl)
+{
+ /* check pending lock waiters */
+ return waitqueue_active(&fl->fl_wait);
+}
+
+/**
+ * smb2_lock() - handler for smb2 file lock command
+ * @work: smb work containing lock command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_lock(struct ksmbd_work *work)
+{
+ struct smb2_lock_req *req = REQUEST_BUF(work);
+ struct smb2_lock_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_lock_element *lock_ele;
+ struct ksmbd_file *fp = NULL;
+ struct file_lock *flock = NULL;
+ struct file *filp = NULL;
+ int lock_count;
+ int flags = 0;
+ int cmd = 0;
+ int err = 0, i;
+ uint64_t lock_length;
+ struct ksmbd_lock *smb_lock = NULL, *cmp_lock, *tmp;
+ int nolock = 0;
+ LIST_HEAD(lock_list);
+ LIST_HEAD(rollback_list);
+ int prior_lock = 0;
+
+ ksmbd_debug(SMB, "Received lock request\n");
+ fp = ksmbd_lookup_fd_slow(work,
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
+ if (!fp) {
+ ksmbd_debug(SMB, "Invalid file id for lock : %llu\n",
+ le64_to_cpu(req->VolatileFileId));
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ goto out2;
+ }
+
+ filp = fp->filp;
+ lock_count = le16_to_cpu(req->LockCount);
+ lock_ele = req->locks;
+
+ ksmbd_debug(SMB, "lock count is %d\n", lock_count);
+ if (!lock_count) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out2;
+ }
+
+ for (i = 0; i < lock_count; i++) {
+ flags = le32_to_cpu(lock_ele[i].Flags);
+
+ flock = smb_flock_init(filp);
+ if (!flock) {
+ rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
+
+ cmd = smb2_set_flock_flags(flock, flags);
+
+ flock->fl_start = le64_to_cpu(lock_ele[i].Offset);
+ if (flock->fl_start > OFFSET_MAX) {
+ ksmbd_err("Invalid lock range requested\n");
+ rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
+ goto out;
+ }
+
+ lock_length = le64_to_cpu(lock_ele[i].Length);
+ if (lock_length > 0) {
+ if (lock_length >
+ OFFSET_MAX - flock->fl_start) {
+ ksmbd_debug(SMB,
+ "Invalid lock range requested\n");
+ lock_length = OFFSET_MAX - flock->fl_start;
+ rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
+ goto out;
+ }
+ } else
+ lock_length = 0;
+
+ flock->fl_end = flock->fl_start + lock_length;
+
+ if (flock->fl_end < flock->fl_start) {
+ ksmbd_debug(SMB,
+ "the end offset(%llx) is smaller than the start offset(%llx)\n",
+ flock->fl_end, flock->fl_start);
+ rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
+ goto out;
+ }
+
+ /* Check conflict locks in one request */
+ list_for_each_entry(cmp_lock, &lock_list, llist) {
+ if (cmp_lock->fl->fl_start <= flock->fl_start &&
+ cmp_lock->fl->fl_end >= flock->fl_end) {
+ if (cmp_lock->fl->fl_type != F_UNLCK &&
+ flock->fl_type != F_UNLCK) {
+ ksmbd_err("conflict two locks in one request\n");
+ rsp->hdr.Status =
+ STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+ }
+ }
+
+ smb_lock = smb2_lock_init(flock, cmd, flags, &lock_list);
+ if (!smb_lock) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+ }
+
+ list_for_each_entry_safe(smb_lock, tmp, &lock_list, llist) {
+ if (smb_lock->cmd < 0) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+
+ if (!(smb_lock->flags & SMB2_LOCKFLAG_MASK)) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+
+ if ((prior_lock & (SMB2_LOCKFLAG_EXCLUSIVE |
+ SMB2_LOCKFLAG_SHARED) &&
+ smb_lock->flags & SMB2_LOCKFLAG_UNLOCK) ||
+ (prior_lock == SMB2_LOCKFLAG_UNLOCK &&
+ !(smb_lock->flags & SMB2_LOCKFLAG_UNLOCK))) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+
+ prior_lock = smb_lock->flags;
+
+ if (!(smb_lock->flags & SMB2_LOCKFLAG_UNLOCK) &&
+ !(smb_lock->flags & SMB2_LOCKFLAG_FAIL_IMMEDIATELY))
+ goto no_check_gl;
+
+ nolock = 1;
+ /* check locks in global list */
+ list_for_each_entry(cmp_lock, &global_lock_list, glist) {
+ if (file_inode(cmp_lock->fl->fl_file) !=
+ file_inode(smb_lock->fl->fl_file))
+ continue;
+
+ if (smb_lock->fl->fl_type == F_UNLCK) {
+ if (cmp_lock->fl->fl_file ==
+ smb_lock->fl->fl_file &&
+ cmp_lock->start == smb_lock->start &&
+ cmp_lock->end == smb_lock->end &&
+ !lock_defer_pending(cmp_lock->fl)) {
+ nolock = 0;
+ locks_free_lock(cmp_lock->fl);
+ list_del(&cmp_lock->glist);
+ kfree(cmp_lock);
+ break;
+ }
+ continue;
+ }
+
+ if (cmp_lock->fl->fl_file == smb_lock->fl->fl_file) {
+ if (smb_lock->flags & SMB2_LOCKFLAG_SHARED)
+ continue;
+ } else {
+ if (cmp_lock->flags & SMB2_LOCKFLAG_SHARED)
+ continue;
+ }
+
+ /* check zero byte lock range */
+ if (cmp_lock->zero_len && !smb_lock->zero_len &&
+ cmp_lock->start > smb_lock->start &&
+ cmp_lock->start < smb_lock->end) {
+ ksmbd_err("previous lock conflict with zero byte lock range\n");
+ rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
+
+ if (smb_lock->zero_len && !cmp_lock->zero_len &&
+ smb_lock->start > cmp_lock->start &&
+ smb_lock->start < cmp_lock->end) {
+ ksmbd_err("current lock conflict with zero byte lock range\n");
+ rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
+
+ if (((cmp_lock->start <= smb_lock->start &&
+ cmp_lock->end > smb_lock->start) ||
+ (cmp_lock->start < smb_lock->end &&
+ cmp_lock->end >= smb_lock->end)) &&
+ !cmp_lock->zero_len && !smb_lock->zero_len) {
+ ksmbd_err("Not allow lock operation on exclusive lock range\n");
+ rsp->hdr.Status =
+ STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
+ }
+
+ if (smb_lock->fl->fl_type == F_UNLCK && nolock) {
+ ksmbd_err("Try to unlock nolocked range\n");
+ rsp->hdr.Status = STATUS_RANGE_NOT_LOCKED;
+ goto out;
+ }
+
+no_check_gl:
+ if (smb_lock->zero_len) {
+ err = 0;
+ goto skip;
+ }
+
+ flock = smb_lock->fl;
+ list_del(&smb_lock->llist);
+retry:
+ err = ksmbd_vfs_lock(filp, smb_lock->cmd, flock);
+skip:
+ if (flags & SMB2_LOCKFLAG_UNLOCK) {
+ if (!err)
+ ksmbd_debug(SMB, "File unlocked\n");
+ else if (err == -ENOENT) {
+ rsp->hdr.Status = STATUS_NOT_LOCKED;
+ goto out;
+ }
+ locks_free_lock(flock);
+ kfree(smb_lock);
+ } else {
+ if (err == FILE_LOCK_DEFERRED) {
+ void **argv;
+
+ ksmbd_debug(SMB,
+ "would have to wait for getting lock\n");
+ list_add_tail(&smb_lock->glist,
+ &global_lock_list);
+ list_add(&smb_lock->llist, &rollback_list);
+
+ argv = kmalloc(sizeof(void *), GFP_KERNEL);
+ if (!argv) {
+ err = -ENOMEM;
+ goto out;
+ }
+ argv[0] = flock;
+
+ err = setup_async_work(work,
+ smb2_remove_blocked_lock, argv);
+ if (err) {
+ rsp->hdr.Status =
+ STATUS_INSUFFICIENT_RESOURCES;
+ goto out;
+ }
+ spin_lock(&fp->f_lock);
+ list_add(&work->fp_entry, &fp->blocked_works);
+ spin_unlock(&fp->f_lock);
+
+ smb2_send_interim_resp(work, STATUS_PENDING);
+
+ err = ksmbd_vfs_posix_lock_wait(flock);
+
+ if (!WORK_ACTIVE(work)) {
+ list_del(&smb_lock->llist);
+ list_del(&smb_lock->glist);
+ locks_free_lock(flock);
+
+ if (WORK_CANCELLED(work)) {
+ spin_lock(&fp->f_lock);
+ list_del(&work->fp_entry);
+ spin_unlock(&fp->f_lock);
+ rsp->hdr.Status =
+ STATUS_CANCELLED;
+ kfree(smb_lock);
+ smb2_send_interim_resp(work,
+ STATUS_CANCELLED);
+ work->send_no_response = 1;
+ goto out;
+ }
+ init_smb2_rsp_hdr(work);
+ smb2_set_err_rsp(work);
+ rsp->hdr.Status =
+ STATUS_RANGE_NOT_LOCKED;
+ kfree(smb_lock);
+ goto out2;
+ }
+
+ list_del(&smb_lock->llist);
+ list_del(&smb_lock->glist);
+ spin_lock(&fp->f_lock);
+ list_del(&work->fp_entry);
+ spin_unlock(&fp->f_lock);
+ goto retry;
+ } else if (!err) {
+ list_add_tail(&smb_lock->glist,
+ &global_lock_list);
+ list_add(&smb_lock->llist, &rollback_list);
+ ksmbd_debug(SMB, "successful in taking lock\n");
+ } else {
+ rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
+ }
+ }
+
+ if (atomic_read(&fp->f_ci->op_count) > 1)
+ smb_break_all_oplock(work, fp);
+
+ rsp->StructureSize = cpu_to_le16(4);
+ ksmbd_debug(SMB, "successful in taking lock\n");
+ rsp->hdr.Status = STATUS_SUCCESS;
+ rsp->Reserved = 0;
+ inc_rfc1001_len(rsp, 4);
+ ksmbd_fd_put(work, fp);
+ return err;
+
+out:
+ list_for_each_entry_safe(smb_lock, tmp, &lock_list, llist) {
+ locks_free_lock(smb_lock->fl);
+ list_del(&smb_lock->llist);
+ kfree(smb_lock);
+ }
+
+ list_for_each_entry_safe(smb_lock, tmp, &rollback_list, llist) {
+ struct file_lock *rlock = NULL;
+
+ rlock = smb_flock_init(filp);
+ rlock->fl_type = F_UNLCK;
+ rlock->fl_start = smb_lock->start;
+ rlock->fl_end = smb_lock->end;
+
+ err = ksmbd_vfs_lock(filp, 0, rlock);
+ if (err)
+ ksmbd_err("rollback unlock fail : %d\n", err);
+ list_del(&smb_lock->llist);
+ list_del(&smb_lock->glist);
+ locks_free_lock(smb_lock->fl);
+ locks_free_lock(rlock);
+ kfree(smb_lock);
+ }
+out2:
+ ksmbd_debug(SMB, "failed in taking lock(flags : %x)\n", flags);
+ smb2_set_err_rsp(work);
+ ksmbd_fd_put(work, fp);
+ return 0;
+}
+
+static int fsctl_copychunk(struct ksmbd_work *work,
+ struct smb2_ioctl_req *req,
+ struct smb2_ioctl_rsp *rsp)
+{
+ struct copychunk_ioctl_req *ci_req;
+ struct copychunk_ioctl_rsp *ci_rsp;
+ struct ksmbd_file *src_fp = NULL, *dst_fp = NULL;
+ struct srv_copychunk *chunks;
+ unsigned int i, chunk_count, chunk_count_written = 0;
+ unsigned int chunk_size_written = 0;
+ loff_t total_size_written = 0;
+ int ret, cnt_code;
+
+ cnt_code = le32_to_cpu(req->CntCode);
+ ci_req = (struct copychunk_ioctl_req *)&req->Buffer[0];
+ ci_rsp = (struct copychunk_ioctl_rsp *)&rsp->Buffer[0];
+
+ rsp->VolatileFileId = req->VolatileFileId;
+ rsp->PersistentFileId = req->PersistentFileId;
+ ci_rsp->ChunksWritten = cpu_to_le32(
+ ksmbd_server_side_copy_max_chunk_count());
+ ci_rsp->ChunkBytesWritten = cpu_to_le32(
+ ksmbd_server_side_copy_max_chunk_size());
+ ci_rsp->TotalBytesWritten = cpu_to_le32(
+ ksmbd_server_side_copy_max_total_size());
+
+ chunks = (struct srv_copychunk *)&ci_req->Chunks[0];
+ chunk_count = le32_to_cpu(ci_req->ChunkCount);
+ total_size_written = 0;
+
+ /* verify the SRV_COPYCHUNK_COPY packet */
+ if (chunk_count > ksmbd_server_side_copy_max_chunk_count() ||
+ le32_to_cpu(req->InputCount) <
+ offsetof(struct copychunk_ioctl_req, Chunks) +
+ chunk_count * sizeof(struct srv_copychunk)) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ return -EINVAL;
+ }
+
+ for (i = 0; i < chunk_count; i++) {
+ if (le32_to_cpu(chunks[i].Length) == 0 ||
+ le32_to_cpu(chunks[i].Length) >
+ ksmbd_server_side_copy_max_chunk_size())
+ break;
+ total_size_written += le32_to_cpu(chunks[i].Length);
+ }
+ if (i < chunk_count || total_size_written >
+ ksmbd_server_side_copy_max_total_size()) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ return -EINVAL;
+ }
+
+ src_fp = ksmbd_lookup_foreign_fd(work,
+ le64_to_cpu(ci_req->ResumeKey[0]));
+ dst_fp = ksmbd_lookup_fd_slow(work,
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
+
+ ret = -EINVAL;
+ if (!src_fp || src_fp->persistent_id !=
+ le64_to_cpu(ci_req->ResumeKey[1])) {
+ rsp->hdr.Status = STATUS_OBJECT_NAME_NOT_FOUND;
+ goto out;
+ }
+ if (!dst_fp) {
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ goto out;
+ }
+
+ /*
+ * FILE_READ_DATA should only be included in
+ * the FSCTL_COPYCHUNK case
+ */
+ if (cnt_code == FSCTL_COPYCHUNK && !(dst_fp->daccess &
+ (FILE_READ_DATA_LE | FILE_GENERIC_READ_LE))) {
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ goto out;
+ }
+
+ ret = ksmbd_vfs_copy_file_ranges(work, src_fp, dst_fp,
+ chunks, chunk_count,
+ &chunk_count_written, &chunk_size_written,
+ &total_size_written);
+ if (ret < 0) {
+ if (ret == -EACCES)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ if (ret == -EAGAIN)
+ rsp->hdr.Status = STATUS_FILE_LOCK_CONFLICT;
+ else if (ret == -EBADF)
+ rsp->hdr.Status = STATUS_INVALID_HANDLE;
+ else if (ret == -EFBIG || ret == -ENOSPC)
+ rsp->hdr.Status = STATUS_DISK_FULL;
+ else if (ret == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else if (ret == -EISDIR)
+ rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY;
+ else if (ret == -E2BIG)
+ rsp->hdr.Status = STATUS_INVALID_VIEW_SIZE;
+ else
+ rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;
+ }
+
+ ci_rsp->ChunksWritten = cpu_to_le32(chunk_count_written);
+ ci_rsp->ChunkBytesWritten = cpu_to_le32(chunk_size_written);
+ ci_rsp->TotalBytesWritten = cpu_to_le32(total_size_written);
+out:
+ ksmbd_fd_put(work, src_fp);
+ ksmbd_fd_put(work, dst_fp);
+ return ret;
+}
+
+static __be32 idev_ipv4_address(struct in_device *idev)
+{
+ __be32 addr = 0;
+
+ struct in_ifaddr *ifa;
+
+ rcu_read_lock();
+ in_dev_for_each_ifa_rcu(ifa, idev) {
+ if (ifa->ifa_flags & IFA_F_SECONDARY)
+ continue;
+
+ addr = ifa->ifa_address;
+ break;
+ }
+ rcu_read_unlock();
+ return addr;
+}
+
+static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
+ struct smb2_ioctl_req *req,
+ struct smb2_ioctl_rsp *rsp)
+{
+ struct network_interface_info_ioctl_rsp *nii_rsp = NULL;
+ int nbytes = 0;
+ struct net_device *netdev;
+ struct sockaddr_storage_rsp *sockaddr_storage;
+ unsigned int flags;
+ unsigned long long speed;
+
+ rtnl_lock();
+ for_each_netdev(&init_net, netdev) {
+ if (unlikely(!netdev)) {
+ rtnl_unlock();
+ return -EINVAL;
+ }
+
+ if (netdev->type == ARPHRD_LOOPBACK)
+ continue;
+
+ flags = dev_get_flags(netdev);
+ if (!(flags & IFF_RUNNING))
+ continue;
+
+ nii_rsp = (struct network_interface_info_ioctl_rsp *)
+ &rsp->Buffer[nbytes];
+ nii_rsp->IfIndex = cpu_to_le32(netdev->ifindex);
+
+ /* TODO: specify the RDMA capabilities */
+ if (netdev->num_tx_queues > 1)
+ nii_rsp->Capability = cpu_to_le32(RSS_CAPABLE);
+ else
+ nii_rsp->Capability = 0;
+
+ nii_rsp->Next = cpu_to_le32(152);
+ nii_rsp->Reserved = 0;
+
+ if (netdev->ethtool_ops->get_link_ksettings) {
+ struct ethtool_link_ksettings cmd;
+
+ netdev->ethtool_ops->get_link_ksettings(netdev, &cmd);
+ speed = cmd.base.speed;
+ } else {
+ ksmbd_err("%s %s %s\n",
+ netdev->name,
+ "speed is unknown,",
+ "defaulting to 1Gb/sec");
+ speed = SPEED_1000;
+ }
+
+ speed *= 1000000;
+ nii_rsp->LinkSpeed = cpu_to_le64(speed);
+
+ sockaddr_storage = (struct sockaddr_storage_rsp *)
+ nii_rsp->SockAddr_Storage;
+ memset(sockaddr_storage, 0, 128);
+
+ if (conn->peer_addr.ss_family == PF_INET) {
+ struct in_device *idev;
+
+ sockaddr_storage->Family = cpu_to_le16(INTERNETWORK);
+ sockaddr_storage->addr4.Port = 0;
+
+ idev = __in_dev_get_rtnl(netdev);
+ if (!idev)
+ continue;
+ sockaddr_storage->addr4.IPv4address =
+ idev_ipv4_address(idev);
+ } else {
+ struct inet6_dev *idev6;
+ struct inet6_ifaddr *ifa;
+ __u8 *ipv6_addr = sockaddr_storage->addr6.IPv6address;
+
+ sockaddr_storage->Family = cpu_to_le16(INTERNETWORKV6);
+ sockaddr_storage->addr6.Port = 0;
+ sockaddr_storage->addr6.FlowInfo = 0;
+
+ idev6 = __in6_dev_get(netdev);
+ if (!idev6)
+ continue;
+
+ list_for_each_entry(ifa, &idev6->addr_list, if_list) {
+ if (ifa->flags & (IFA_F_TENTATIVE |
+ IFA_F_DEPRECATED))
+ continue;
+ memcpy(ipv6_addr, ifa->addr.s6_addr, 16);
+ break;
+ }
+ sockaddr_storage->addr6.ScopeId = 0;
+ }
+
+ nbytes += sizeof(struct network_interface_info_ioctl_rsp);
+ }
+ rtnl_unlock();
+
+ /* zero if this is last one */
+ if (nii_rsp)
+ nii_rsp->Next = 0;
+
+ if (!nbytes) {
+ rsp->hdr.Status = STATUS_BUFFER_TOO_SMALL;
+ return -EINVAL;
+ }
+
+ rsp->PersistentFileId = cpu_to_le64(SMB2_NO_FID);
+ rsp->VolatileFileId = cpu_to_le64(SMB2_NO_FID);
+ return nbytes;
+}
+
+
+static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
+ struct validate_negotiate_info_req *neg_req,
+ struct validate_negotiate_info_rsp *neg_rsp)
+{
+ int ret = 0;
+ int dialect;
+
+ dialect = ksmbd_lookup_dialect_by_id(neg_req->Dialects,
+ neg_req->DialectCount);
+ if (dialect == BAD_PROT_ID || dialect != conn->dialect) {
+ ret = -EINVAL;
+ goto err_out;
+ }
+
+ if (strncmp(neg_req->Guid, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE)) {
+ ret = -EINVAL;
+ goto err_out;
+ }
+
+ if (le16_to_cpu(neg_req->SecurityMode) != conn->cli_sec_mode) {
+ ret = -EINVAL;
+ goto err_out;
+ }
+
+ if (le32_to_cpu(neg_req->Capabilities) != conn->cli_cap) {
+ ret = -EINVAL;
+ goto err_out;
+ }
+
+ neg_rsp->Capabilities = cpu_to_le32(conn->vals->capabilities);
+ memset(neg_rsp->Guid, 0, SMB2_CLIENT_GUID_SIZE);
+ neg_rsp->SecurityMode = cpu_to_le16(conn->srv_sec_mode);
+ neg_rsp->Dialect = cpu_to_le16(conn->dialect);
+err_out:
+ return ret;
+}
+
+static int fsctl_query_allocated_ranges(struct ksmbd_work *work, uint64_t id,
+ struct file_allocated_range_buffer *qar_req,
+ struct file_allocated_range_buffer *qar_rsp,
+ int in_count, int *out_count)
+{
+ struct ksmbd_file *fp;
+ loff_t start, length;
+ int ret = 0;
+
+ *out_count = 0;
+ if (in_count == 0)
+ return -EINVAL;
+
+ fp = ksmbd_lookup_fd_fast(work, id);
+ if (!fp)
+ return -ENOENT;
+
+ start = le64_to_cpu(qar_req->file_offset);
+ length = le64_to_cpu(qar_req->length);
+
+ ret = ksmbd_vfs_fqar_lseek(fp, start, length,
+ qar_rsp, in_count, out_count);
+ if (ret && ret != -E2BIG)
+ *out_count = 0;
+
+ ksmbd_fd_put(work, fp);
+ return ret;
+}
+
+static int fsctl_pipe_transceive(struct ksmbd_work *work, uint64_t id,
+ int out_buf_len, struct smb2_ioctl_req *req, struct smb2_ioctl_rsp *rsp)
+{
+ struct ksmbd_rpc_command *rpc_resp;
+ char *data_buf = (char *)&req->Buffer[0];
+ int nbytes = 0;
+
+ rpc_resp = ksmbd_rpc_ioctl(work->sess, id,
+ data_buf,
+ le32_to_cpu(req->InputCount));
+ if (rpc_resp) {
+ if (rpc_resp->flags == KSMBD_RPC_SOME_NOT_MAPPED) {
+ /*
+ * set STATUS_SOME_NOT_MAPPED response
+ * for unknown domain sid.
+ */
+ rsp->hdr.Status = STATUS_SOME_NOT_MAPPED;
+ } else if (rpc_resp->flags == KSMBD_RPC_ENOTIMPLEMENTED) {
+ rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ goto out;
+ } else if (rpc_resp->flags != KSMBD_RPC_OK) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+
+ nbytes = rpc_resp->payload_sz;
+ if (rpc_resp->payload_sz > out_buf_len) {
+ rsp->hdr.Status = STATUS_BUFFER_OVERFLOW;
+ nbytes = out_buf_len;
+ }
+
+ if (!rpc_resp->payload_sz) {
+ rsp->hdr.Status =
+ STATUS_UNEXPECTED_IO_ERROR;
+ goto out;
+ }
+
+ memcpy((char *)rsp->Buffer, rpc_resp->payload, nbytes);
+ }
+out:
+ ksmbd_free(rpc_resp);
+ return nbytes;
+}
+
+static inline int fsctl_set_sparse(struct ksmbd_work *work, uint64_t id,
+ struct file_sparse *sparse)
+{
+ struct ksmbd_file *fp;
+ int ret = 0;
+ __le32 old_fattr;
+
+ fp = ksmbd_lookup_fd_fast(work, id);
+ if (!fp)
+ return -ENOENT;
+
+ old_fattr = fp->f_ci->m_fattr;
+ if (sparse->SetSparse)
+ fp->f_ci->m_fattr |= ATTR_SPARSE_FILE_LE;
+ else
+ fp->f_ci->m_fattr &= ~ATTR_SPARSE_FILE_LE;
+
+ if (fp->f_ci->m_fattr != old_fattr &&
+ test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) {
+ struct xattr_dos_attrib da;
+
+ ret = ksmbd_vfs_get_dos_attrib_xattr(fp->filp->f_path.dentry, &da);
+ if (ret <= 0)
+ goto out;
+
+ da.attr = le32_to_cpu(fp->f_ci->m_fattr);
+ ret = ksmbd_vfs_set_dos_attrib_xattr(fp->filp->f_path.dentry, &da);
+ if (ret)
+ fp->f_ci->m_fattr = old_fattr;
+ }
+
+out:
+ ksmbd_fd_put(work, fp);
+ return ret;
+}
+
+static int fsctl_request_resume_key(struct ksmbd_work *work,
+ struct smb2_ioctl_req *req, struct resume_key_ioctl_rsp *key_rsp)
+{
+ struct ksmbd_file *fp;
+
+ fp = ksmbd_lookup_fd_slow(work,
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
+ if (!fp)
+ return -ENOENT;
+
+ memset(key_rsp, 0, sizeof(*key_rsp));
+ key_rsp->ResumeKey[0] = req->VolatileFileId;
+ key_rsp->ResumeKey[1] = req->PersistentFileId;
+ ksmbd_fd_put(work, fp);
+
+ return 0;
+}
+
+/**
+ * smb2_ioctl() - handler for smb2 ioctl command
+ * @work: smb work containing ioctl command buffer
+ *
+ * Return: 0 on success, otherwise error
+ */
+int smb2_ioctl(struct ksmbd_work *work)
+{
+ struct smb2_ioctl_req *req;
+ struct smb2_ioctl_rsp *rsp, *rsp_org;
+ int cnt_code, nbytes = 0;
+ int out_buf_len;
+ uint64_t id = KSMBD_NO_FID;
+ struct ksmbd_conn *conn = work->conn;
+ int ret = 0;
+
+ rsp_org = RESPONSE_BUF(work);
+ if (work->next_smb2_rcv_hdr_off) {
+ req = REQUEST_BUF_NEXT(work);
+ rsp = RESPONSE_BUF_NEXT(work);
+ if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ work->compound_fid);
+ id = work->compound_fid;
+ }
+ } else {
+ req = REQUEST_BUF(work);
+ rsp = RESPONSE_BUF(work);
+ }
+
+ if (!HAS_FILE_ID(id))
+ id = le64_to_cpu(req->VolatileFileId);
+
+ if (req->Flags != cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL)) {
+ rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ goto out;
+ }
+
+ cnt_code = le32_to_cpu(req->CntCode);
+ out_buf_len = le32_to_cpu(req->MaxOutputResponse);
+ out_buf_len = min(KSMBD_IPC_MAX_PAYLOAD, out_buf_len);
+
+ switch (cnt_code) {
+ case FSCTL_DFS_GET_REFERRALS:
+ case FSCTL_DFS_GET_REFERRALS_EX:
+ /* Not support DFS yet */
+ rsp->hdr.Status = STATUS_FS_DRIVER_REQUIRED;
+ goto out;
+ case FSCTL_CREATE_OR_GET_OBJECT_ID:
+ {
+ struct file_object_buf_type1_ioctl_rsp *obj_buf;
+
+ nbytes = sizeof(struct file_object_buf_type1_ioctl_rsp);
+ obj_buf = (struct file_object_buf_type1_ioctl_rsp *)
+ &rsp->Buffer[0];
+
+ /*
+ * TODO: This is dummy implementation to pass smbtorture
+ * Need to check correct response later
+ */
+ memset(obj_buf->ObjectId, 0x0, 16);
+ memset(obj_buf->BirthVolumeId, 0x0, 16);
+ memset(obj_buf->BirthObjectId, 0x0, 16);
+ memset(obj_buf->DomainId, 0x0, 16);
+
+ break;
+ }
+ case FSCTL_PIPE_TRANSCEIVE:
+ nbytes = fsctl_pipe_transceive(work, id, out_buf_len, req, rsp);
+ break;
+ case FSCTL_VALIDATE_NEGOTIATE_INFO:
+ if (conn->dialect < SMB30_PROT_ID) {
+ ret = -EOPNOTSUPP;
+ goto out;
+ }
+
+ ret = fsctl_validate_negotiate_info(conn,
+ (struct validate_negotiate_info_req *)&req->Buffer[0],
+ (struct validate_negotiate_info_rsp *)&rsp->Buffer[0]);
+ if (ret < 0)
+ goto out;
+
+ nbytes = sizeof(struct validate_negotiate_info_rsp);
+ rsp->PersistentFileId = cpu_to_le64(SMB2_NO_FID);
+ rsp->VolatileFileId = cpu_to_le64(SMB2_NO_FID);
+ break;
+ case FSCTL_QUERY_NETWORK_INTERFACE_INFO:
+ nbytes = fsctl_query_iface_info_ioctl(conn, req, rsp);
+ if (nbytes < 0)
+ goto out;
+ break;
+ case FSCTL_REQUEST_RESUME_KEY:
+ if (out_buf_len < sizeof(struct resume_key_ioctl_rsp)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ ret = fsctl_request_resume_key(work, req,
+ (struct resume_key_ioctl_rsp *)&rsp->Buffer[0]);
+ if (ret < 0)
+ goto out;
+ rsp->PersistentFileId = req->PersistentFileId;
+ rsp->VolatileFileId = req->VolatileFileId;
+ nbytes = sizeof(struct resume_key_ioctl_rsp);
+ break;
+ case FSCTL_COPYCHUNK:
+ case FSCTL_COPYCHUNK_WRITE:
+ if (!test_tree_conn_flag(work->tcon,
+ KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ ksmbd_debug(SMB,
+ "User does not have write permission\n");
+ ret = -EACCES;
+ goto out;
+ }
+
+ if (out_buf_len < sizeof(struct copychunk_ioctl_rsp)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ nbytes = sizeof(struct copychunk_ioctl_rsp);
+ fsctl_copychunk(work, req, rsp);
+ break;
+ case FSCTL_SET_SPARSE:
+ ret = fsctl_set_sparse(work, id,
+ (struct file_sparse *)&req->Buffer[0]);
+ if (ret < 0)
+ goto out;
+ break;
+ case FSCTL_SET_ZERO_DATA:
+ {
+ struct file_zero_data_information *zero_data;
+ struct ksmbd_file *fp;
+ loff_t off, len;
+
+ if (!test_tree_conn_flag(work->tcon,
+ KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ ksmbd_debug(SMB,
+ "User does not have write permission\n");
+ ret = -EACCES;
+ goto out;
+ }
+
+ zero_data =
+ (struct file_zero_data_information *)&req->Buffer[0];
+
+ fp = ksmbd_lookup_fd_fast(work, id);
+ if (!fp) {
+ ret = -ENOENT;
+ goto out;
+ }
+
+ off = le64_to_cpu(zero_data->FileOffset);
+ len = le64_to_cpu(zero_data->BeyondFinalZero) - off;
+
+ ret = ksmbd_vfs_zero_data(work, fp, off, len);
+ ksmbd_fd_put(work, fp);
+ if (ret < 0)
+ goto out;
+ break;
+ }
+ case FSCTL_QUERY_ALLOCATED_RANGES:
+ ret = fsctl_query_allocated_ranges(work, id,
+ (struct file_allocated_range_buffer *)&req->Buffer[0],
+ (struct file_allocated_range_buffer *)&rsp->Buffer[0],
+ out_buf_len /
+ sizeof(struct file_allocated_range_buffer), &nbytes);
+ if (ret == -E2BIG) {
+ rsp->hdr.Status = STATUS_BUFFER_OVERFLOW;
+ } else if (ret < 0) {
+ nbytes = 0;
+ goto out;
+ }
+
+ nbytes *= sizeof(struct file_allocated_range_buffer);
+ break;
+ case FSCTL_GET_REPARSE_POINT:
+ {
+ struct reparse_data_buffer *reparse_ptr;
+ struct ksmbd_file *fp;
+
+ reparse_ptr = (struct reparse_data_buffer *)&rsp->Buffer[0];
+ fp = ksmbd_lookup_fd_fast(work, id);
+ if (!fp) {
+ ksmbd_err("not found fp!!\n");
+ ret = -ENOENT;
+ goto out;
+ }
+
+ reparse_ptr->ReparseTag =
+ smb2_get_reparse_tag_special_file(FP_INODE(fp)->i_mode);
+ reparse_ptr->ReparseDataLength = 0;
+ ksmbd_fd_put(work, fp);
+ nbytes = sizeof(struct reparse_data_buffer);
+ break;
+ }
+ default:
+ ksmbd_debug(SMB, "not implemented yet ioctl command 0x%x\n",
+ cnt_code);
+ ret = -EOPNOTSUPP;
+ goto out;
+ }
+
+ rsp->CntCode = cpu_to_le32(cnt_code);
+ rsp->InputCount = cpu_to_le32(0);
+ rsp->InputOffset = cpu_to_le32(112);
+ rsp->OutputOffset = cpu_to_le32(112);
+ rsp->OutputCount = cpu_to_le32(nbytes);
+ rsp->StructureSize = cpu_to_le16(49);
+ rsp->Reserved = cpu_to_le16(0);
+ rsp->Flags = cpu_to_le32(0);
+ rsp->Reserved2 = cpu_to_le32(0);
+ inc_rfc1001_len(rsp_org, 48 + nbytes);
+
+ return 0;
+
+out:
+ if (ret == -EACCES)
+ rsp->hdr.Status = STATUS_ACCESS_DENIED;
+ else if (ret == -ENOENT)
+ rsp->hdr.Status = STATUS_OBJECT_NAME_NOT_FOUND;
+ else if (ret == -EOPNOTSUPP)
+ rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ else if (ret < 0 || rsp->hdr.Status == 0)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ smb2_set_err_rsp(work);
+ return 0;
+}
+
+/**
+ * smb20_oplock_break_ack() - handler for smb2.0 oplock break command
+ * @work: smb work containing oplock break command buffer
+ *
+ * Return: 0
+ */
+static void smb20_oplock_break_ack(struct ksmbd_work *work)
+{
+ struct smb2_oplock_break *req = REQUEST_BUF(work);
+ struct smb2_oplock_break *rsp = RESPONSE_BUF(work);
+ struct ksmbd_file *fp;
+ struct oplock_info *opinfo = NULL;
+ __le32 err = 0;
+ int ret = 0;
+ uint64_t volatile_id, persistent_id;
+ char req_oplevel = 0, rsp_oplevel = 0;
+ unsigned int oplock_change_type;
+
+ volatile_id = le64_to_cpu(req->VolatileFid);
+ persistent_id = le64_to_cpu(req->PersistentFid);
+ req_oplevel = req->OplockLevel;
+ ksmbd_debug(OPLOCK, "v_id %llu, p_id %llu request oplock level %d\n",
+ volatile_id, persistent_id, req_oplevel);
+
+ fp = ksmbd_lookup_fd_slow(work, volatile_id, persistent_id);
+ if (!fp) {
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ smb2_set_err_rsp(work);
+ return;
+ }
+
+ opinfo = opinfo_get(fp);
+ if (!opinfo) {
+ ksmbd_err("unexpected null oplock_info\n");
+ rsp->hdr.Status = STATUS_INVALID_OPLOCK_PROTOCOL;
+ smb2_set_err_rsp(work);
+ ksmbd_fd_put(work, fp);
+ return;
+ }
+
+ if (opinfo->level == SMB2_OPLOCK_LEVEL_NONE) {
+ rsp->hdr.Status = STATUS_INVALID_OPLOCK_PROTOCOL;
+ goto err_out;
+ }
+
+ if (opinfo->op_state == OPLOCK_STATE_NONE) {
+ ksmbd_debug(SMB, "unexpected oplock state 0x%x\n", opinfo->op_state);
+ rsp->hdr.Status = STATUS_UNSUCCESSFUL;
+ goto err_out;
+ }
+
+ if (((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) ||
+ (opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)) &&
+ ((req_oplevel != SMB2_OPLOCK_LEVEL_II) &&
+ (req_oplevel != SMB2_OPLOCK_LEVEL_NONE))) {
+ err = STATUS_INVALID_OPLOCK_PROTOCOL;
+ oplock_change_type = OPLOCK_WRITE_TO_NONE;
+ } else if ((opinfo->level == SMB2_OPLOCK_LEVEL_II) &&
+ (req_oplevel != SMB2_OPLOCK_LEVEL_NONE)) {
+ err = STATUS_INVALID_OPLOCK_PROTOCOL;
+ oplock_change_type = OPLOCK_READ_TO_NONE;
+ } else if ((req_oplevel == SMB2_OPLOCK_LEVEL_II) ||
+ (req_oplevel == SMB2_OPLOCK_LEVEL_NONE)) {
+ err = STATUS_INVALID_DEVICE_STATE;
+ if (((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) ||
+ (opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)) &&
+ (req_oplevel == SMB2_OPLOCK_LEVEL_II)) {
+ oplock_change_type = OPLOCK_WRITE_TO_READ;
+ } else if (((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
+ || (opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)) &&
+ (req_oplevel == SMB2_OPLOCK_LEVEL_NONE)) {
+ oplock_change_type = OPLOCK_WRITE_TO_NONE;
+ } else if ((opinfo->level == SMB2_OPLOCK_LEVEL_II) &&
+ (req_oplevel == SMB2_OPLOCK_LEVEL_NONE)) {
+ oplock_change_type = OPLOCK_READ_TO_NONE;
+ } else
+ oplock_change_type = 0;
+ } else
+ oplock_change_type = 0;
+
+ switch (oplock_change_type) {
+ case OPLOCK_WRITE_TO_READ:
+ ret = opinfo_write_to_read(opinfo);
+ rsp_oplevel = SMB2_OPLOCK_LEVEL_II;
+ break;
+ case OPLOCK_WRITE_TO_NONE:
+ ret = opinfo_write_to_none(opinfo);
+ rsp_oplevel = SMB2_OPLOCK_LEVEL_NONE;
+ break;
+ case OPLOCK_READ_TO_NONE:
+ ret = opinfo_read_to_none(opinfo);
+ rsp_oplevel = SMB2_OPLOCK_LEVEL_NONE;
+ break;
+ default:
+ ksmbd_err("unknown oplock change 0x%x -> 0x%x\n",
+ opinfo->level, rsp_oplevel);
+ }
+
+ if (ret < 0) {
+ rsp->hdr.Status = err;
+ goto err_out;
+ }
+
+ opinfo_put(opinfo);
+ ksmbd_fd_put(work, fp);
+ opinfo->op_state = OPLOCK_STATE_NONE;
+ wake_up_interruptible_all(&opinfo->oplock_q);
+
+ rsp->StructureSize = cpu_to_le16(24);
+ rsp->OplockLevel = rsp_oplevel;
+ rsp->Reserved = 0;
+ rsp->Reserved2 = 0;
+ rsp->VolatileFid = cpu_to_le64(volatile_id);
+ rsp->PersistentFid = cpu_to_le64(persistent_id);
+ inc_rfc1001_len(rsp, 24);
+ return;
+
+err_out:
+ opinfo->op_state = OPLOCK_STATE_NONE;
+ wake_up_interruptible_all(&opinfo->oplock_q);
+
+ opinfo_put(opinfo);
+ ksmbd_fd_put(work, fp);
+ smb2_set_err_rsp(work);
+}
+
+static int check_lease_state(struct lease *lease, __le32 req_state)
+{
+ if ((lease->new_state ==
+ (SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_HANDLE_CACHING_LE))
+ && !(req_state & SMB2_LEASE_WRITE_CACHING_LE)) {
+ lease->new_state = req_state;
+ return 0;
+ }
+
+ if (lease->new_state == req_state)
+ return 0;
+
+ return 1;
+}
+
+/**
+ * smb21_lease_break_ack() - handler for smb2.1 lease break command
+ * @work: smb work containing lease break command buffer
+ *
+ * Return: 0
+ */
+static void smb21_lease_break_ack(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_lease_ack *req = REQUEST_BUF(work);
+ struct smb2_lease_ack *rsp = RESPONSE_BUF(work);
+ struct oplock_info *opinfo;
+ __le32 err = 0;
+ int ret = 0;
+ unsigned int lease_change_type;
+ __le32 lease_state;
+ struct lease *lease;
+
+ ksmbd_debug(OPLOCK, "smb21 lease break, lease state(0x%x)\n",
+ le32_to_cpu(req->LeaseState));
+ opinfo = lookup_lease_in_table(conn, req->LeaseKey);
+ if (!opinfo) {
+ ksmbd_debug(OPLOCK, "file not opened\n");
+ smb2_set_err_rsp(work);
+ rsp->hdr.Status = STATUS_UNSUCCESSFUL;
+ return;
+ }
+ lease = opinfo->o_lease;
+
+ if (opinfo->op_state == OPLOCK_STATE_NONE) {
+ ksmbd_err("unexpected lease break state 0x%x\n",
+ opinfo->op_state);
+ rsp->hdr.Status = STATUS_UNSUCCESSFUL;
+ goto err_out;
+ }
+
+ if (check_lease_state(lease, req->LeaseState)) {
+ rsp->hdr.Status = STATUS_REQUEST_NOT_ACCEPTED;
+ ksmbd_debug(OPLOCK,
+ "req lease state: 0x%x, expected state: 0x%x\n",
+ req->LeaseState, lease->new_state);
+ goto err_out;
+ }
+
+ if (!atomic_read(&opinfo->breaking_cnt)) {
+ rsp->hdr.Status = STATUS_UNSUCCESSFUL;
+ goto err_out;
+ }
+
+ /* check for bad lease state */
+ if (req->LeaseState & (~(SMB2_LEASE_READ_CACHING_LE |
+ SMB2_LEASE_HANDLE_CACHING_LE))) {
+ err = STATUS_INVALID_OPLOCK_PROTOCOL;
+ if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
+ lease_change_type = OPLOCK_WRITE_TO_NONE;
+ else
+ lease_change_type = OPLOCK_READ_TO_NONE;
+ ksmbd_debug(OPLOCK, "handle bad lease state 0x%x -> 0x%x\n",
+ le32_to_cpu(lease->state),
+ le32_to_cpu(req->LeaseState));
+ } else if ((lease->state == SMB2_LEASE_READ_CACHING_LE) &&
+ (req->LeaseState != SMB2_LEASE_NONE_LE)) {
+ err = STATUS_INVALID_OPLOCK_PROTOCOL;
+ lease_change_type = OPLOCK_READ_TO_NONE;
+ ksmbd_debug(OPLOCK, "handle bad lease state 0x%x -> 0x%x\n",
+ le32_to_cpu(lease->state),
+ le32_to_cpu(req->LeaseState));
+ } else {
+ /* valid lease state changes */
+ err = STATUS_INVALID_DEVICE_STATE;
+ if (req->LeaseState == SMB2_LEASE_NONE_LE) {
+ if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
+ lease_change_type = OPLOCK_WRITE_TO_NONE;
+ else
+ lease_change_type = OPLOCK_READ_TO_NONE;
+ } else if (req->LeaseState & SMB2_LEASE_READ_CACHING_LE) {
+ if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
+ lease_change_type = OPLOCK_WRITE_TO_READ;
+ else
+ lease_change_type = OPLOCK_READ_HANDLE_TO_READ;
+ } else
+ lease_change_type = 0;
+ }
+
+ switch (lease_change_type) {
+ case OPLOCK_WRITE_TO_READ:
+ ret = opinfo_write_to_read(opinfo);
+ break;
+ case OPLOCK_READ_HANDLE_TO_READ:
+ ret = opinfo_read_handle_to_read(opinfo);
+ break;
+ case OPLOCK_WRITE_TO_NONE:
+ ret = opinfo_write_to_none(opinfo);
+ break;
+ case OPLOCK_READ_TO_NONE:
+ ret = opinfo_read_to_none(opinfo);
+ break;
+ default:
+ ksmbd_debug(OPLOCK, "unknown lease change 0x%x -> 0x%x\n",
+ le32_to_cpu(lease->state),
+ le32_to_cpu(req->LeaseState));
+ }
+
+ lease_state = lease->state;
+ opinfo->op_state = OPLOCK_STATE_NONE;
+ wake_up_interruptible_all(&opinfo->oplock_q);
+ atomic_dec(&opinfo->breaking_cnt);
+ wake_up_interruptible_all(&opinfo->oplock_brk);
+ opinfo_put(opinfo);
+
+ if (ret < 0) {
+ rsp->hdr.Status = err;
+ goto err_out;
+ }
+
+ rsp->StructureSize = cpu_to_le16(36);
+ rsp->Reserved = 0;
+ rsp->Flags = 0;
+ memcpy(rsp->LeaseKey, req->LeaseKey, 16);
+ rsp->LeaseState = lease_state;
+ rsp->LeaseDuration = 0;
+ inc_rfc1001_len(rsp, 36);
+ return;
+
+err_out:
+ opinfo->op_state = OPLOCK_STATE_NONE;
+ wake_up_interruptible_all(&opinfo->oplock_q);
+ atomic_dec(&opinfo->breaking_cnt);
+ wake_up_interruptible_all(&opinfo->oplock_brk);
+
+ opinfo_put(opinfo);
+ smb2_set_err_rsp(work);
+}
+
+/**
+ * smb2_oplock_break() - dispatcher for smb2.0 and 2.1 oplock/lease break
+ * @work: smb work containing oplock/lease break command buffer
+ *
+ * Return: 0
+ */
+int smb2_oplock_break(struct ksmbd_work *work)
+{
+ struct smb2_oplock_break *req = REQUEST_BUF(work);
+ struct smb2_oplock_break *rsp = RESPONSE_BUF(work);
+
+ switch (le16_to_cpu(req->StructureSize)) {
+ case OP_BREAK_STRUCT_SIZE_20:
+ smb20_oplock_break_ack(work);
+ break;
+ case OP_BREAK_STRUCT_SIZE_21:
+ smb21_lease_break_ack(work);
+ break;
+ default:
+ ksmbd_debug(OPLOCK, "invalid break cmd %d\n",
+ le16_to_cpu(req->StructureSize));
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ smb2_set_err_rsp(work);
+ }
+
+ return 0;
+}
+
+/**
+ * smb2_notify() - handler for smb2 notify request
+ * @ksmbd_work: smb work containing notify command buffer
+ *
+ * Return: 0
+ */
+int smb2_notify(struct ksmbd_work *work)
+{
+ struct smb2_notify_req *req;
+ struct smb2_notify_rsp *rsp;
+
+ WORK_BUFFERS(work, req, rsp);
+
+ if (work->next_smb2_rcv_hdr_off && req->hdr.NextCommand) {
+ rsp->hdr.Status = STATUS_INTERNAL_ERROR;
+ smb2_set_err_rsp(work);
+ return 0;
+ }
+
+ smb2_set_err_rsp(work);
+ rsp->hdr.Status = STATUS_NOT_IMPLEMENTED;
+ return 0;
+}
+
+/**
+ * smb2_is_sign_req() - handler for checking packet signing status
+ * @work:smb work containing notify command buffer
+ *
+ * Return: true if packed is signed, false otherwise
+ */
+bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command)
+{
+ struct smb2_hdr *rcv_hdr2 = REQUEST_BUF(work);
+
+ if ((rcv_hdr2->Flags & SMB2_FLAGS_SIGNED) &&
+ command != SMB2_NEGOTIATE_HE &&
+ command != SMB2_SESSION_SETUP_HE &&
+ command != SMB2_OPLOCK_BREAK_HE)
+ return true;
+
+ return 0;
+}
+
+/**
+ * smb2_check_sign_req() - handler for req packet sign processing
+ * @work: smb work containing notify command buffer
+ *
+ * Return: 1 on success, 0 otherwise
+ */
+int smb2_check_sign_req(struct ksmbd_work *work)
+{
+ struct smb2_hdr *hdr, *hdr_org;
+ char signature_req[SMB2_SIGNATURE_SIZE];
+ char signature[SMB2_HMACSHA256_SIZE];
+ struct kvec iov[1];
+ size_t len;
+
+ hdr_org = hdr = REQUEST_BUF(work);
+ if (work->next_smb2_rcv_hdr_off)
+ hdr = REQUEST_BUF_NEXT(work);
+
+ if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off)
+ len = be32_to_cpu(hdr_org->smb2_buf_length);
+ else if (hdr->NextCommand)
+ len = le32_to_cpu(hdr->NextCommand);
+ else
+ len = be32_to_cpu(hdr_org->smb2_buf_length) -
+ work->next_smb2_rcv_hdr_off;
+
+ memcpy(signature_req, hdr->Signature, SMB2_SIGNATURE_SIZE);
+ memset(hdr->Signature, 0, SMB2_SIGNATURE_SIZE);
+
+ iov[0].iov_base = (char *)&hdr->ProtocolId;
+ iov[0].iov_len = len;
+
+ if (ksmbd_sign_smb2_pdu(work->conn, work->sess->sess_key, iov, 1,
+ signature))
+ return 0;
+
+ if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
+ ksmbd_err("bad smb2 signature\n");
+ return 0;
+ }
+
+ return 1;
+}
+
+/**
+ * smb2_set_sign_rsp() - handler for rsp packet sign processing
+ * @work: smb work containing notify command buffer
+ *
+ */
+void smb2_set_sign_rsp(struct ksmbd_work *work)
+{
+ struct smb2_hdr *hdr, *hdr_org;
+ struct smb2_hdr *req_hdr;
+ char signature[SMB2_HMACSHA256_SIZE];
+ struct kvec iov[2];
+ size_t len;
+ int n_vec = 1;
+
+ hdr_org = hdr = RESPONSE_BUF(work);
+ if (work->next_smb2_rsp_hdr_off)
+ hdr = RESPONSE_BUF_NEXT(work);
+
+ req_hdr = REQUEST_BUF_NEXT(work);
+
+ if (!work->next_smb2_rsp_hdr_off) {
+ len = get_rfc1002_len(hdr_org);
+ if (req_hdr->NextCommand)
+ len = ALIGN(len, 8);
+ } else {
+ len = get_rfc1002_len(hdr_org) - work->next_smb2_rsp_hdr_off;
+ len = ALIGN(len, 8);
+ }
+
+ if (req_hdr->NextCommand)
+ hdr->NextCommand = cpu_to_le32(len);
+
+ hdr->Flags |= SMB2_FLAGS_SIGNED;
+ memset(hdr->Signature, 0, SMB2_SIGNATURE_SIZE);
+
+ iov[0].iov_base = (char *)&hdr->ProtocolId;
+ iov[0].iov_len = len;
+
+ if (HAS_AUX_PAYLOAD(work)) {
+ iov[0].iov_len -= AUX_PAYLOAD_SIZE(work);
+
+ iov[1].iov_base = AUX_PAYLOAD(work);
+ iov[1].iov_len = AUX_PAYLOAD_SIZE(work);
+ n_vec++;
+ }
+
+ if (!ksmbd_sign_smb2_pdu(work->conn, work->sess->sess_key, iov, n_vec,
+ signature))
+ memcpy(hdr->Signature, signature, SMB2_SIGNATURE_SIZE);
+}
+
+/**
+ * smb3_check_sign_req() - handler for req packet sign processing
+ * @work: smb work containing notify command buffer
+ *
+ * Return: 1 on success, 0 otherwise
+ */
+int smb3_check_sign_req(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn;
+ char *signing_key;
+ struct smb2_hdr *hdr, *hdr_org;
+ struct channel *chann;
+ char signature_req[SMB2_SIGNATURE_SIZE];
+ char signature[SMB2_CMACAES_SIZE];
+ struct kvec iov[1];
+ size_t len;
+
+ hdr_org = hdr = REQUEST_BUF(work);
+ if (work->next_smb2_rcv_hdr_off)
+ hdr = REQUEST_BUF_NEXT(work);
+
+ if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off)
+ len = be32_to_cpu(hdr_org->smb2_buf_length);
+ else if (hdr->NextCommand)
+ len = le32_to_cpu(hdr->NextCommand);
+ else
+ len = be32_to_cpu(hdr_org->smb2_buf_length) -
+ work->next_smb2_rcv_hdr_off;
+
+ if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
+ signing_key = work->sess->smb3signingkey;
+ conn = work->sess->conn;
+ } else {
+ chann = lookup_chann_list(work->sess);
+ if (!chann)
+ return 0;
+ signing_key = chann->smb3signingkey;
+ conn = chann->conn;
+ }
+
+ if (!signing_key) {
+ ksmbd_err("SMB3 signing key is not generated\n");
+ return 0;
+ }
+
+ memcpy(signature_req, hdr->Signature, SMB2_SIGNATURE_SIZE);
+ memset(hdr->Signature, 0, SMB2_SIGNATURE_SIZE);
+ iov[0].iov_base = (char *)&hdr->ProtocolId;
+ iov[0].iov_len = len;
+
+ if (ksmbd_sign_smb3_pdu(conn, signing_key, iov, 1, signature))
+ return 0;
+
+ if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
+ ksmbd_err("bad smb2 signature\n");
+ return 0;
+ }
+
+ return 1;
+}
+
+/**
+ * smb3_set_sign_rsp() - handler for rsp packet sign processing
+ * @work: smb work containing notify command buffer
+ *
+ */
+void smb3_set_sign_rsp(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn;
+ struct smb2_hdr *req_hdr;
+ struct smb2_hdr *hdr, *hdr_org;
+ struct channel *chann;
+ char signature[SMB2_CMACAES_SIZE];
+ struct kvec iov[2];
+ int n_vec = 1;
+ size_t len;
+ char *signing_key;
+
+ hdr_org = hdr = RESPONSE_BUF(work);
+ if (work->next_smb2_rsp_hdr_off)
+ hdr = RESPONSE_BUF_NEXT(work);
+
+ req_hdr = REQUEST_BUF_NEXT(work);
+
+ if (!work->next_smb2_rsp_hdr_off) {
+ len = get_rfc1002_len(hdr_org);
+ if (req_hdr->NextCommand)
+ len = ALIGN(len, 8);
+ } else {
+ len = get_rfc1002_len(hdr_org) - work->next_smb2_rsp_hdr_off;
+ len = ALIGN(len, 8);
+ }
+
+ if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
+ signing_key = work->sess->smb3signingkey;
+ conn = work->sess->conn;
+ } else {
+ chann = lookup_chann_list(work->sess);
+ if (!chann)
+ return;
+ signing_key = chann->smb3signingkey;
+ conn = chann->conn;
+ }
+
+ if (!signing_key)
+ return;
+
+ if (req_hdr->NextCommand)
+ hdr->NextCommand = cpu_to_le32(len);
+
+ hdr->Flags |= SMB2_FLAGS_SIGNED;
+ memset(hdr->Signature, 0, SMB2_SIGNATURE_SIZE);
+ iov[0].iov_base = (char *)&hdr->ProtocolId;
+ iov[0].iov_len = len;
+ if (HAS_AUX_PAYLOAD(work)) {
+ iov[0].iov_len -= AUX_PAYLOAD_SIZE(work);
+ iov[1].iov_base = AUX_PAYLOAD(work);
+ iov[1].iov_len = AUX_PAYLOAD_SIZE(work);
+ n_vec++;
+ }
+
+ if (!ksmbd_sign_smb3_pdu(conn, signing_key, iov, n_vec, signature))
+ memcpy(hdr->Signature, signature, SMB2_SIGNATURE_SIZE);
+}
+
+/**
+ * smb3_preauth_hash_rsp() - handler for computing preauth hash on response
+ * @work: smb work containing response buffer
+ *
+ */
+void smb3_preauth_hash_rsp(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct ksmbd_session *sess = work->sess;
+ struct smb2_hdr *req, *rsp;
+
+ if (conn->dialect != SMB311_PROT_ID)
+ return;
+
+ WORK_BUFFERS(work, req, rsp);
+
+ if (le16_to_cpu(req->Command) == SMB2_NEGOTIATE_HE)
+ ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
+ conn->preauth_info->Preauth_HashValue);
+
+ if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE &&
+ sess && sess->state == SMB2_SESSION_IN_PROGRESS) {
+ __u8 *hash_value;
+
+ hash_value = sess->Preauth_HashValue;
+ ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
+ hash_value);
+ }
+}
+
+static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr,
+ char *old_buf,
+ __le16 cipher_type)
+{
+ struct smb2_hdr *hdr = (struct smb2_hdr *)old_buf;
+ unsigned int orig_len = get_rfc1002_len(old_buf);
+
+ memset(tr_hdr, 0, sizeof(struct smb2_transform_hdr));
+ tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
+ tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
+ tr_hdr->Flags = cpu_to_le16(0x01);
+ if (cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ memcpy(&tr_hdr->SessionId, &hdr->SessionId, 8);
+ inc_rfc1001_len(tr_hdr, sizeof(struct smb2_transform_hdr) - 4);
+ inc_rfc1001_len(tr_hdr, orig_len);
+}
+
+int smb3_encrypt_resp(struct ksmbd_work *work)
+{
+ char *buf = RESPONSE_BUF(work);
+ struct smb2_transform_hdr *tr_hdr;
+ struct kvec iov[3];
+ int rc = -ENOMEM;
+ int buf_size = 0, rq_nvec = 2 + (HAS_AUX_PAYLOAD(work) ? 1 : 0);
+
+ if (ARRAY_SIZE(iov) < rq_nvec)
+ return -ENOMEM;
+
+ tr_hdr = ksmbd_alloc_response(sizeof(struct smb2_transform_hdr));
+ if (!tr_hdr)
+ return rc;
+
+ /* fill transform header */
+ fill_transform_hdr(tr_hdr, buf, work->conn->cipher_type);
+
+ iov[0].iov_base = tr_hdr;
+ iov[0].iov_len = sizeof(struct smb2_transform_hdr);
+ buf_size += iov[0].iov_len - 4;
+
+ iov[1].iov_base = buf + 4;
+ iov[1].iov_len = get_rfc1002_len(buf);
+ if (HAS_AUX_PAYLOAD(work)) {
+ iov[1].iov_len = RESP_HDR_SIZE(work) - 4;
+
+ iov[2].iov_base = AUX_PAYLOAD(work);
+ iov[2].iov_len = AUX_PAYLOAD_SIZE(work);
+ buf_size += iov[2].iov_len;
+ }
+ buf_size += iov[1].iov_len;
+ work->resp_hdr_sz = iov[1].iov_len;
+
+ rc = ksmbd_crypt_message(work->conn, iov, rq_nvec, 1);
+ if (rc)
+ return rc;
+
+ memmove(buf, iov[1].iov_base, iov[1].iov_len);
+ tr_hdr->smb2_buf_length = cpu_to_be32(buf_size);
+ work->tr_buf = tr_hdr;
+
+ return rc;
+}
+
+int smb3_is_transform_hdr(void *buf)
+{
+ struct smb2_transform_hdr *trhdr = buf;
+
+ return trhdr->ProtocolId == SMB2_TRANSFORM_PROTO_NUM;
+}
+
+int smb3_decrypt_req(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct ksmbd_session *sess;
+ char *buf = REQUEST_BUF(work);
+ struct smb2_hdr *hdr;
+ unsigned int pdu_length = get_rfc1002_len(buf);
+ struct kvec iov[2];
+ unsigned int buf_data_size = pdu_length + 4 -
+ sizeof(struct smb2_transform_hdr);
+ struct smb2_transform_hdr *tr_hdr = (struct smb2_transform_hdr *)buf;
+ unsigned int orig_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
+ int rc = 0;
+
+ sess = ksmbd_session_lookup(conn, le64_to_cpu(tr_hdr->SessionId));
+ if (!sess) {
+ ksmbd_err("invalid session id(%llx) in transform header\n",
+ le64_to_cpu(tr_hdr->SessionId));
+ return -ECONNABORTED;
+ }
+
+ if (pdu_length + 4 < sizeof(struct smb2_transform_hdr) +
+ sizeof(struct smb2_hdr)) {
+ ksmbd_err("Transform message is too small (%u)\n",
+ pdu_length);
+ return -ECONNABORTED;
+ }
+
+ if (pdu_length + 4 < orig_len + sizeof(struct smb2_transform_hdr)) {
+ ksmbd_err("Transform message is broken\n");
+ return -ECONNABORTED;
+ }
+
+ iov[0].iov_base = buf;
+ iov[0].iov_len = sizeof(struct smb2_transform_hdr);
+ iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr);
+ iov[1].iov_len = buf_data_size;
+ rc = ksmbd_crypt_message(conn, iov, 2, 0);
+ if (rc)
+ return rc;
+
+ memmove(buf + 4, iov[1].iov_base, buf_data_size);
+ hdr = (struct smb2_hdr *)buf;
+ hdr->smb2_buf_length = cpu_to_be32(buf_data_size);
+
+ return rc;
+}
+
+bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+ struct smb2_hdr *rsp = RESPONSE_BUF(work);
+
+ if (conn->dialect < SMB30_PROT_ID)
+ return false;
+
+ if (work->next_smb2_rcv_hdr_off)
+ rsp = RESPONSE_BUF_NEXT(work);
+
+ if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE &&
+ rsp->Status == STATUS_SUCCESS)
+ return true;
+ return false;
+}
diff --git a/fs/cifsd/smb2pdu.h b/fs/cifsd/smb2pdu.h
new file mode 100644
index 000000000000..deb3d7444c2a
--- /dev/null
+++ b/fs/cifsd/smb2pdu.h
@@ -0,0 +1,1649 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef _SMB2PDU_H
+#define _SMB2PDU_H
+
+#include "ntlmssp.h"
+#include "smbacl.h"
+
+/*
+ * Note that, due to trying to use names similar to the protocol specifications,
+ * there are many mixed case field names in the structures below. Although
+ * this does not match typical Linux kernel style, it is necessary to be
+ * able to match against the protocol specfication.
+ *
+ * SMB2 commands
+ * Some commands have minimal (wct=0,bcc=0), or uninteresting, responses
+ * (ie no useful data other than the SMB error code itself) and are marked such.
+ * Knowing this helps avoid response buffer allocations and copy in some cases.
+ */
+
+/* List of commands in host endian */
+#define SMB2_NEGOTIATE_HE 0x0000
+#define SMB2_SESSION_SETUP_HE 0x0001
+#define SMB2_LOGOFF_HE 0x0002 /* trivial request/resp */
+#define SMB2_TREE_CONNECT_HE 0x0003
+#define SMB2_TREE_DISCONNECT_HE 0x0004 /* trivial req/resp */
+#define SMB2_CREATE_HE 0x0005
+#define SMB2_CLOSE_HE 0x0006
+#define SMB2_FLUSH_HE 0x0007 /* trivial resp */
+#define SMB2_READ_HE 0x0008
+#define SMB2_WRITE_HE 0x0009
+#define SMB2_LOCK_HE 0x000A
+#define SMB2_IOCTL_HE 0x000B
+#define SMB2_CANCEL_HE 0x000C
+#define SMB2_ECHO_HE 0x000D
+#define SMB2_QUERY_DIRECTORY_HE 0x000E
+#define SMB2_CHANGE_NOTIFY_HE 0x000F
+#define SMB2_QUERY_INFO_HE 0x0010
+#define SMB2_SET_INFO_HE 0x0011
+#define SMB2_OPLOCK_BREAK_HE 0x0012
+
+/* The same list in little endian */
+#define SMB2_NEGOTIATE cpu_to_le16(SMB2_NEGOTIATE_HE)
+#define SMB2_SESSION_SETUP cpu_to_le16(SMB2_SESSION_SETUP_HE)
+#define SMB2_LOGOFF cpu_to_le16(SMB2_LOGOFF_HE)
+#define SMB2_TREE_CONNECT cpu_to_le16(SMB2_TREE_CONNECT_HE)
+#define SMB2_TREE_DISCONNECT cpu_to_le16(SMB2_TREE_DISCONNECT_HE)
+#define SMB2_CREATE cpu_to_le16(SMB2_CREATE_HE)
+#define SMB2_CLOSE cpu_to_le16(SMB2_CLOSE_HE)
+#define SMB2_FLUSH cpu_to_le16(SMB2_FLUSH_HE)
+#define SMB2_READ cpu_to_le16(SMB2_READ_HE)
+#define SMB2_WRITE cpu_to_le16(SMB2_WRITE_HE)
+#define SMB2_LOCK cpu_to_le16(SMB2_LOCK_HE)
+#define SMB2_IOCTL cpu_to_le16(SMB2_IOCTL_HE)
+#define SMB2_CANCEL cpu_to_le16(SMB2_CANCEL_HE)
+#define SMB2_ECHO cpu_to_le16(SMB2_ECHO_HE)
+#define SMB2_QUERY_DIRECTORY cpu_to_le16(SMB2_QUERY_DIRECTORY_HE)
+#define SMB2_CHANGE_NOTIFY cpu_to_le16(SMB2_CHANGE_NOTIFY_HE)
+#define SMB2_QUERY_INFO cpu_to_le16(SMB2_QUERY_INFO_HE)
+#define SMB2_SET_INFO cpu_to_le16(SMB2_SET_INFO_HE)
+#define SMB2_OPLOCK_BREAK cpu_to_le16(SMB2_OPLOCK_BREAK_HE)
+
+/*Create Action Flags*/
+#define FILE_SUPERSEDED 0x00000000
+#define FILE_OPENED 0x00000001
+#define FILE_CREATED 0x00000002
+#define FILE_OVERWRITTEN 0x00000003
+
+/*
+ * Size of the session key (crypto key encrypted with the password
+ */
+#define SMB2_NTLMV2_SESSKEY_SIZE 16
+#define SMB2_SIGNATURE_SIZE 16
+#define SMB2_HMACSHA256_SIZE 32
+#define SMB2_CMACAES_SIZE 16
+
+/*
+ * Size of the smb3 signing key
+ */
+#define SMB3_SIGN_KEY_SIZE 16
+
+#define CIFS_CLIENT_CHALLENGE_SIZE 8
+#define SMB_SERVER_CHALLENGE_SIZE 8
+
+/* SMB2 Max Credits */
+#define SMB2_MAX_CREDITS 8192
+
+#define SMB2_CLIENT_GUID_SIZE 16
+#define SMB2_CREATE_GUID_SIZE 16
+
+/* Maximum buffer size value we can send with 1 credit */
+#define SMB2_MAX_BUFFER_SIZE 65536
+
+#define NUMBER_OF_SMB2_COMMANDS 0x0013
+
+/* BB FIXME - analyze following length BB */
+#define MAX_SMB2_HDR_SIZE 0x78 /* 4 len + 64 hdr + (2*24 wct) + 2 bct + 2 pad */
+
+#define SMB2_PROTO_NUMBER cpu_to_le32(0x424d53fe) /* 'B''M''S' */
+#define SMB2_TRANSFORM_PROTO_NUM cpu_to_le32(0x424d53fd)
+
+#define SMB21_DEFAULT_IOSIZE (1024 * 1024)
+#define SMB3_DEFAULT_IOSIZE (4 * 1024 * 1024)
+#define SMB3_DEFAULT_TRANS_SIZE (1024 * 1024)
+
+/*
+ * SMB2 Header Definition
+ *
+ * "MBZ" : Must be Zero
+ * "BB" : BugBug, Something to check/review/analyze later
+ * "PDU" : "Protocol Data Unit" (ie a network "frame")
+ *
+ */
+
+#define __SMB2_HEADER_STRUCTURE_SIZE 64
+#define SMB2_HEADER_STRUCTURE_SIZE \
+ cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE)
+
+struct smb2_hdr {
+ __be32 smb2_buf_length; /* big endian on wire */
+ /*
+ * length is only two or three bytes - with
+ * one or two byte type preceding it that MBZ
+ */
+ __le32 ProtocolId; /* 0xFE 'S' 'M' 'B' */
+ __le16 StructureSize; /* 64 */
+ __le16 CreditCharge; /* MBZ */
+ __le32 Status; /* Error from server */
+ __le16 Command;
+ __le16 CreditRequest; /* CreditResponse */
+ __le32 Flags;
+ __le32 NextCommand;
+ __le64 MessageId;
+ union {
+ struct {
+ __le32 ProcessId;
+ __le32 TreeId;
+ } __packed SyncId;
+ __le64 AsyncId;
+ } __packed Id;
+ __le64 SessionId;
+ __u8 Signature[16];
+} __packed;
+
+struct smb2_pdu {
+ struct smb2_hdr hdr;
+ __le16 StructureSize2; /* size of wct area (varies, request specific) */
+} __packed;
+
+#define SMB3_AES128CCM_NONCE 11
+#define SMB3_AES128GCM_NONCE 12
+
+struct smb2_transform_hdr {
+ __be32 smb2_buf_length; /* big endian on wire */
+ /*
+ * length is only two or three bytes - with
+ * one or two byte type preceding it that MBZ
+ */
+ __le32 ProtocolId; /* 0xFD 'S' 'M' 'B' */
+ __u8 Signature[16];
+ __u8 Nonce[16];
+ __le32 OriginalMessageSize;
+ __u16 Reserved1;
+ __le16 Flags; /* EncryptionAlgorithm */
+ __le64 SessionId;
+} __packed;
+
+/*
+ * SMB2 flag definitions
+ */
+#define SMB2_FLAGS_SERVER_TO_REDIR cpu_to_le32(0x00000001)
+#define SMB2_FLAGS_ASYNC_COMMAND cpu_to_le32(0x00000002)
+#define SMB2_FLAGS_RELATED_OPERATIONS cpu_to_le32(0x00000004)
+#define SMB2_FLAGS_SIGNED cpu_to_le32(0x00000008)
+#define SMB2_FLAGS_DFS_OPERATIONS cpu_to_le32(0x10000000)
+#define SMB2_FLAGS_REPLAY_OPERATIONS cpu_to_le32(0x20000000)
+
+/*
+ * Definitions for SMB2 Protocol Data Units (network frames)
+ *
+ * See MS-SMB2.PDF specification for protocol details.
+ * The Naming convention is the lower case version of the SMB2
+ * command code name for the struct. Note that structures must be packed.
+ *
+ */
+
+#define SMB2_ERROR_STRUCTURE_SIZE2 9
+#define SMB2_ERROR_STRUCTURE_SIZE2_LE cpu_to_le16(SMB2_ERROR_STRUCTURE_SIZE2)
+
+struct smb2_err_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize;
+ __u8 ErrorContextCount;
+ __u8 Reserved;
+ __le32 ByteCount; /* even if zero, at least one byte follows */
+ __u8 ErrorData[1]; /* variable length */
+} __packed;
+
+struct smb2_negotiate_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 36 */
+ __le16 DialectCount;
+ __le16 SecurityMode;
+ __le16 Reserved; /* MBZ */
+ __le32 Capabilities;
+ __u8 ClientGUID[SMB2_CLIENT_GUID_SIZE];
+ /* In SMB3.02 and earlier next three were MBZ le64 ClientStartTime */
+ __le32 NegotiateContextOffset; /* SMB3.1.1 only. MBZ earlier */
+ __le16 NegotiateContextCount; /* SMB3.1.1 only. MBZ earlier */
+ __le16 Reserved2;
+ __le16 Dialects[1]; /* One dialect (vers=) at a time for now */
+} __packed;
+
+/* SecurityMode flags */
+#define SMB2_NEGOTIATE_SIGNING_ENABLED_LE cpu_to_le16(0x0001)
+#define SMB2_NEGOTIATE_SIGNING_REQUIRED 0x0002
+#define SMB2_NEGOTIATE_SIGNING_REQUIRED_LE cpu_to_le16(0x0002)
+/* Capabilities flags */
+#define SMB2_GLOBAL_CAP_DFS 0x00000001
+#define SMB2_GLOBAL_CAP_LEASING 0x00000002 /* Resp only New to SMB2.1 */
+#define SMB2_GLOBAL_CAP_LARGE_MTU 0X00000004 /* Resp only New to SMB2.1 */
+#define SMB2_GLOBAL_CAP_MULTI_CHANNEL 0x00000008 /* New to SMB3 */
+#define SMB2_GLOBAL_CAP_PERSISTENT_HANDLES 0x00000010 /* New to SMB3 */
+#define SMB2_GLOBAL_CAP_DIRECTORY_LEASING 0x00000020 /* New to SMB3 */
+#define SMB2_GLOBAL_CAP_ENCRYPTION 0x00000040 /* New to SMB3 */
+/* Internal types */
+#define SMB2_NT_FIND 0x00100000
+#define SMB2_LARGE_FILES 0x00200000
+
+#define SMB311_SALT_SIZE 32
+/* Hash Algorithm Types */
+#define SMB2_PREAUTH_INTEGRITY_SHA512 cpu_to_le16(0x0001)
+
+#define PREAUTH_HASHVALUE_SIZE 64
+
+struct preauth_integrity_info {
+ /* PreAuth integrity Hash ID */
+ __le16 Preauth_HashId;
+ /* PreAuth integrity Hash Value */
+ __u8 Preauth_HashValue[PREAUTH_HASHVALUE_SIZE];
+};
+
+/* offset is sizeof smb2_negotiate_rsp - 4 but rounded up to 8 bytes. */
+#ifdef CONFIG_SMB_SERVER_KERBEROS5
+/* sizeof(struct smb2_negotiate_rsp) - 4 =
+ * header(64) + response(64) + GSS_LENGTH(96) + GSS_PADDING(0)
+ */
+#define OFFSET_OF_NEG_CONTEXT 0xe0
+#else
+/* sizeof(struct smb2_negotiate_rsp) - 4 =
+ * header(64) + response(64) + GSS_LENGTH(74) + GSS_PADDING(6)
+ */
+#define OFFSET_OF_NEG_CONTEXT 0xd0
+#endif
+
+#define SMB2_PREAUTH_INTEGRITY_CAPABILITIES cpu_to_le16(1)
+#define SMB2_ENCRYPTION_CAPABILITIES cpu_to_le16(2)
+#define SMB2_COMPRESSION_CAPABILITIES cpu_to_le16(3)
+#define SMB2_NETNAME_NEGOTIATE_CONTEXT_ID cpu_to_le16(5)
+#define SMB2_POSIX_EXTENSIONS_AVAILABLE cpu_to_le16(0x100)
+
+struct smb2_neg_context {
+ __le16 ContextType;
+ __le16 DataLength;
+ __le32 Reserved;
+ /* Followed by array of data */
+} __packed;
+
+struct smb2_preauth_neg_context {
+ __le16 ContextType; /* 1 */
+ __le16 DataLength;
+ __le32 Reserved;
+ __le16 HashAlgorithmCount; /* 1 */
+ __le16 SaltLength;
+ __le16 HashAlgorithms; /* HashAlgorithms[0] since only one defined */
+ __u8 Salt[SMB311_SALT_SIZE];
+} __packed;
+
+/* Encryption Algorithms Ciphers */
+#define SMB2_ENCRYPTION_AES128_CCM cpu_to_le16(0x0001)
+#define SMB2_ENCRYPTION_AES128_GCM cpu_to_le16(0x0002)
+
+struct smb2_encryption_neg_context {
+ __le16 ContextType; /* 2 */
+ __le16 DataLength;
+ __le32 Reserved;
+ __le16 CipherCount; /* AES-128-GCM and AES-128-CCM */
+ __le16 Ciphers[1]; /* Ciphers[0] since only one used now */
+} __packed;
+
+#define SMB3_COMPRESS_NONE cpu_to_le16(0x0000)
+#define SMB3_COMPRESS_LZNT1 cpu_to_le16(0x0001)
+#define SMB3_COMPRESS_LZ77 cpu_to_le16(0x0002)
+#define SMB3_COMPRESS_LZ77_HUFF cpu_to_le16(0x0003)
+
+struct smb2_compression_ctx {
+ __le16 ContextType; /* 3 */
+ __le16 DataLength;
+ __le32 Reserved;
+ __le16 CompressionAlgorithmCount;
+ __u16 Padding;
+ __le32 Reserved1;
+ __le16 CompressionAlgorithms[1];
+} __packed;
+
+#define POSIX_CTXT_DATA_LEN 16
+struct smb2_posix_neg_context {
+ __le16 ContextType; /* 0x100 */
+ __le16 DataLength;
+ __le32 Reserved;
+ __u8 Name[16]; /* POSIX ctxt GUID 93AD25509CB411E7B42383DE968BCD7C */
+} __packed;
+
+struct smb2_netname_neg_context {
+ __le16 ContextType; /* 0x100 */
+ __le16 DataLength;
+ __le32 Reserved;
+ __le16 NetName[0]; /* hostname of target converted to UCS-2 */
+} __packed;
+
+struct smb2_negotiate_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 65 */
+ __le16 SecurityMode;
+ __le16 DialectRevision;
+ __le16 NegotiateContextCount; /* Prior to SMB3.1.1 was Reserved & MBZ */
+ __u8 ServerGUID[16];
+ __le32 Capabilities;
+ __le32 MaxTransactSize;
+ __le32 MaxReadSize;
+ __le32 MaxWriteSize;
+ __le64 SystemTime; /* MBZ */
+ __le64 ServerStartTime;
+ __le16 SecurityBufferOffset;
+ __le16 SecurityBufferLength;
+ __le32 NegotiateContextOffset; /* Pre:SMB3.1.1 was reserved/ignored */
+ __u8 Buffer[1]; /* variable length GSS security buffer */
+} __packed;
+
+/* Flags */
+#define SMB2_SESSION_REQ_FLAG_BINDING 0x01
+#define SMB2_SESSION_REQ_FLAG_ENCRYPT_DATA 0x04
+
+#define SMB2_SESSION_EXPIRED (0)
+#define SMB2_SESSION_IN_PROGRESS (1 << 0)
+#define SMB2_SESSION_VALID (1 << 1)
+
+/* Flags */
+#define SMB2_SESSION_REQ_FLAG_BINDING 0x01
+#define SMB2_SESSION_REQ_FLAG_ENCRYPT_DATA 0x04
+
+struct smb2_sess_setup_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 25 */
+ __u8 Flags;
+ __u8 SecurityMode;
+ __le32 Capabilities;
+ __le32 Channel;
+ __le16 SecurityBufferOffset;
+ __le16 SecurityBufferLength;
+ __le64 PreviousSessionId;
+ __u8 Buffer[1]; /* variable length GSS security buffer */
+} __packed;
+
+/* Flags/Reserved for SMB3.1.1 */
+#define SMB2_SHAREFLAG_CLUSTER_RECONNECT 0x0001
+
+/* Currently defined SessionFlags */
+#define SMB2_SESSION_FLAG_IS_GUEST_LE cpu_to_le16(0x0001)
+#define SMB2_SESSION_FLAG_IS_NULL_LE cpu_to_le16(0x0002)
+#define SMB2_SESSION_FLAG_ENCRYPT_DATA_LE cpu_to_le16(0x0004)
+struct smb2_sess_setup_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 9 */
+ __le16 SessionFlags;
+ __le16 SecurityBufferOffset;
+ __le16 SecurityBufferLength;
+ __u8 Buffer[1]; /* variable length GSS security buffer */
+} __packed;
+
+struct smb2_logoff_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 4 */
+ __le16 Reserved;
+} __packed;
+
+struct smb2_logoff_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 4 */
+ __le16 Reserved;
+} __packed;
+
+struct smb2_tree_connect_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 9 */
+ __le16 Reserved; /* Flags in SMB3.1.1 */
+ __le16 PathOffset;
+ __le16 PathLength;
+ __u8 Buffer[1]; /* variable length */
+} __packed;
+
+struct smb2_tree_connect_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 16 */
+ __u8 ShareType; /* see below */
+ __u8 Reserved;
+ __le32 ShareFlags; /* see below */
+ __le32 Capabilities; /* see below */
+ __le32 MaximalAccess;
+} __packed;
+
+/* Possible ShareType values */
+#define SMB2_SHARE_TYPE_DISK 0x01
+#define SMB2_SHARE_TYPE_PIPE 0x02
+#define SMB2_SHARE_TYPE_PRINT 0x03
+
+/*
+ * Possible ShareFlags - exactly one and only one of the first 4 caching flags
+ * must be set (any of the remaining, SHI1005, flags may be set individually
+ * or in combination.
+ */
+#define SMB2_SHAREFLAG_MANUAL_CACHING 0x00000000
+#define SMB2_SHAREFLAG_AUTO_CACHING 0x00000010
+#define SMB2_SHAREFLAG_VDO_CACHING 0x00000020
+#define SMB2_SHAREFLAG_NO_CACHING 0x00000030
+#define SHI1005_FLAGS_DFS 0x00000001
+#define SHI1005_FLAGS_DFS_ROOT 0x00000002
+#define SHI1005_FLAGS_RESTRICT_EXCLUSIVE_OPENS 0x00000100
+#define SHI1005_FLAGS_FORCE_SHARED_DELETE 0x00000200
+#define SHI1005_FLAGS_ALLOW_NAMESPACE_CACHING 0x00000400
+#define SHI1005_FLAGS_ACCESS_BASED_DIRECTORY_ENUM 0x00000800
+#define SHI1005_FLAGS_FORCE_LEVELII_OPLOCK 0x00001000
+#define SHI1005_FLAGS_ENABLE_HASH 0x00002000
+
+/* Possible share capabilities */
+#define SMB2_SHARE_CAP_DFS cpu_to_le32(0x00000008)
+
+struct smb2_tree_disconnect_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 4 */
+ __le16 Reserved;
+} __packed;
+
+struct smb2_tree_disconnect_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 4 */
+ __le16 Reserved;
+} __packed;
+
+#define ATTR_READONLY_LE cpu_to_le32(ATTR_READONLY)
+#define ATTR_HIDDEN_LE cpu_to_le32(ATTR_HIDDEN)
+#define ATTR_SYSTEM_LE cpu_to_le32(ATTR_SYSTEM)
+#define ATTR_DIRECTORY_LE cpu_to_le32(ATTR_DIRECTORY)
+#define ATTR_ARCHIVE_LE cpu_to_le32(ATTR_ARCHIVE)
+#define ATTR_NORMAL_LE cpu_to_le32(ATTR_NORMAL)
+#define ATTR_TEMPORARY_LE cpu_to_le32(ATTR_TEMPORARY)
+#define ATTR_SPARSE_FILE_LE cpu_to_le32(ATTR_SPARSE)
+#define ATTR_REPARSE_POINT_LE cpu_to_le32(ATTR_REPARSE)
+#define ATTR_COMPRESSED_LE cpu_to_le32(ATTR_COMPRESSED)
+#define ATTR_OFFLINE_LE cpu_to_le32(ATTR_OFFLINE)
+#define ATTR_NOT_CONTENT_INDEXED_LE cpu_to_le32(ATTR_NOT_CONTENT_INDEXED)
+#define ATTR_ENCRYPTED_LE cpu_to_le32(ATTR_ENCRYPTED)
+#define ATTR_INTEGRITY_STREAML_LE cpu_to_le32(0x00008000)
+#define ATTR_NO_SCRUB_DATA_LE cpu_to_le32(0x00020000)
+#define ATTR_MASK_LE cpu_to_le32(0x00007FB7)
+
+/* Oplock levels */
+#define SMB2_OPLOCK_LEVEL_NONE 0x00
+#define SMB2_OPLOCK_LEVEL_II 0x01
+#define SMB2_OPLOCK_LEVEL_EXCLUSIVE 0x08
+#define SMB2_OPLOCK_LEVEL_BATCH 0x09
+#define SMB2_OPLOCK_LEVEL_LEASE 0xFF
+/* Non-spec internal type */
+#define SMB2_OPLOCK_LEVEL_NOCHANGE 0x99
+
+/* Desired Access Flags */
+#define FILE_READ_DATA_LE cpu_to_le32(0x00000001)
+#define FILE_LIST_DIRECTORY_LE cpu_to_le32(0x00000001)
+#define FILE_WRITE_DATA_LE cpu_to_le32(0x00000002)
+#define FILE_ADD_FILE_LE cpu_to_le32(0x00000002)
+#define FILE_APPEND_DATA_LE cpu_to_le32(0x00000004)
+#define FILE_ADD_SUBDIRECTORY_LE cpu_to_le32(0x00000004)
+#define FILE_READ_EA_LE cpu_to_le32(0x00000008)
+#define FILE_WRITE_EA_LE cpu_to_le32(0x00000010)
+#define FILE_EXECUTE_LE cpu_to_le32(0x00000020)
+#define FILE_TRAVERSE_LE cpu_to_le32(0x00000020)
+#define FILE_DELETE_CHILD_LE cpu_to_le32(0x00000040)
+#define FILE_READ_ATTRIBUTES_LE cpu_to_le32(0x00000080)
+#define FILE_WRITE_ATTRIBUTES_LE cpu_to_le32(0x00000100)
+#define FILE_DELETE_LE cpu_to_le32(0x00010000)
+#define FILE_READ_CONTROL_LE cpu_to_le32(0x00020000)
+#define FILE_WRITE_DAC_LE cpu_to_le32(0x00040000)
+#define FILE_WRITE_OWNER_LE cpu_to_le32(0x00080000)
+#define FILE_SYNCHRONIZE_LE cpu_to_le32(0x00100000)
+#define FILE_ACCESS_SYSTEM_SECURITY_LE cpu_to_le32(0x01000000)
+#define FILE_MAXIMAL_ACCESS_LE cpu_to_le32(0x02000000)
+#define FILE_GENERIC_ALL_LE cpu_to_le32(0x10000000)
+#define FILE_GENERIC_EXECUTE_LE cpu_to_le32(0x20000000)
+#define FILE_GENERIC_WRITE_LE cpu_to_le32(0x40000000)
+#define FILE_GENERIC_READ_LE cpu_to_le32(0x80000000)
+#define DESIRED_ACCESS_MASK cpu_to_le32(0xF21F01FF)
+
+/* ShareAccess Flags */
+#define FILE_SHARE_READ_LE cpu_to_le32(0x00000001)
+#define FILE_SHARE_WRITE_LE cpu_to_le32(0x00000002)
+#define FILE_SHARE_DELETE_LE cpu_to_le32(0x00000004)
+#define FILE_SHARE_ALL_LE cpu_to_le32(0x00000007)
+
+/* CreateDisposition Flags */
+#define FILE_SUPERSEDE_LE cpu_to_le32(0x00000000)
+#define FILE_OPEN_LE cpu_to_le32(0x00000001)
+#define FILE_CREATE_LE cpu_to_le32(0x00000002)
+#define FILE_OPEN_IF_LE cpu_to_le32(0x00000003)
+#define FILE_OVERWRITE_LE cpu_to_le32(0x00000004)
+#define FILE_OVERWRITE_IF_LE cpu_to_le32(0x00000005)
+#define FILE_CREATE_MASK_LE cpu_to_le32(0x00000007)
+
+#define FILE_READ_DESIRED_ACCESS_LE (FILE_READ_DATA_LE | \
+ FILE_READ_EA_LE | \
+ FILE_GENERIC_READ_LE)
+#define FILE_WRITE_DESIRE_ACCESS_LE (FILE_WRITE_DATA_LE | \
+ FILE_APPEND_DATA_LE | \
+ FILE_WRITE_EA_LE | \
+ FILE_WRITE_ATTRIBUTES_LE | \
+ FILE_GENERIC_WRITE_LE)
+
+/* Impersonation Levels */
+#define IL_ANONYMOUS_LE cpu_to_le32(0x00000000)
+#define IL_IDENTIFICATION_LE cpu_to_le32(0x00000001)
+#define IL_IMPERSONATION_LE cpu_to_le32(0x00000002)
+#define IL_DELEGATE_LE cpu_to_le32(0x00000003)
+
+/* Create Context Values */
+#define SMB2_CREATE_EA_BUFFER "ExtA" /* extended attributes */
+#define SMB2_CREATE_SD_BUFFER "SecD" /* security descriptor */
+#define SMB2_CREATE_DURABLE_HANDLE_REQUEST "DHnQ"
+#define SMB2_CREATE_DURABLE_HANDLE_RECONNECT "DHnC"
+#define SMB2_CREATE_ALLOCATION_SIZE "AlSi"
+#define SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST "MxAc"
+#define SMB2_CREATE_TIMEWARP_REQUEST "TWrp"
+#define SMB2_CREATE_QUERY_ON_DISK_ID "QFid"
+#define SMB2_CREATE_REQUEST_LEASE "RqLs"
+#define SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2 "DH2Q"
+#define SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 "DH2C"
+#define SMB2_CREATE_APP_INSTANCE_ID "\x45\xBC\xA6\x6A\xEF\xA7\xF7\x4A\x90\x08\xFA\x46\x2E\x14\x4D\x74"
+ #define SMB2_CREATE_APP_INSTANCE_VERSION "\xB9\x82\xD0\xB7\x3B\x56\x07\x4F\xA0\x7B\x52\x4A\x81\x16\xA0\x10"
+#define SVHDX_OPEN_DEVICE_CONTEXT 0x83CE6F1AD851E0986E34401CC9BCFCE9
+#define SMB2_CREATE_TAG_POSIX "\x93\xAD\x25\x50\x9C\xB4\x11\xE7\xB4\x23\x83\xDE\x96\x8B\xCD\x7C"
+
+struct smb2_create_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 57 */
+ __u8 SecurityFlags;
+ __u8 RequestedOplockLevel;
+ __le32 ImpersonationLevel;
+ __le64 SmbCreateFlags;
+ __le64 Reserved;
+ __le32 DesiredAccess;
+ __le32 FileAttributes;
+ __le32 ShareAccess;
+ __le32 CreateDisposition;
+ __le32 CreateOptions;
+ __le16 NameOffset;
+ __le16 NameLength;
+ __le32 CreateContextsOffset;
+ __le32 CreateContextsLength;
+ __u8 Buffer[0];
+} __packed;
+
+struct smb2_create_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 89 */
+ __u8 OplockLevel;
+ __u8 Reserved;
+ __le32 CreateAction;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 AllocationSize;
+ __le64 EndofFile;
+ __le32 FileAttributes;
+ __le32 Reserved2;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __le32 CreateContextsOffset;
+ __le32 CreateContextsLength;
+ __u8 Buffer[1];
+} __packed;
+
+struct create_context {
+ __le32 Next;
+ __le16 NameOffset;
+ __le16 NameLength;
+ __le16 Reserved;
+ __le16 DataOffset;
+ __le32 DataLength;
+ __u8 Buffer[0];
+} __packed;
+
+struct create_durable_req_v2 {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __le32 Timeout;
+ __le32 Flags;
+ __u8 Reserved[8];
+ __u8 CreateGuid[16];
+} __packed;
+
+struct create_durable_reconn_req {
+ struct create_context ccontext;
+ __u8 Name[8];
+ union {
+ __u8 Reserved[16];
+ struct {
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ } Fid;
+ } Data;
+} __packed;
+
+struct create_durable_reconn_v2_req {
+ struct create_context ccontext;
+ __u8 Name[8];
+ struct {
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ } Fid;
+ __u8 CreateGuid[16];
+ __le32 Flags;
+} __packed;
+
+struct create_app_inst_id {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __u8 Reserved[8];
+ __u8 AppInstanceId[16];
+} __packed;
+
+struct create_app_inst_id_vers {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __u8 Reserved[2];
+ __u8 Padding[4];
+ __le64 AppInstanceVersionHigh;
+ __le64 AppInstanceVersionLow;
+} __packed;
+
+struct create_mxac_req {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __le64 Timestamp;
+} __packed;
+
+struct create_alloc_size_req {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __le64 AllocationSize;
+} __packed;
+
+struct create_posix {
+ struct create_context ccontext;
+ __u8 Name[16];
+ __le32 Mode;
+ __u32 Reserved;
+} __packed;
+
+struct create_durable_rsp {
+ struct create_context ccontext;
+ __u8 Name[8];
+ union {
+ __u8 Reserved[8];
+ __u64 data;
+ } Data;
+} __packed;
+
+struct create_durable_v2_rsp {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __le32 Timeout;
+ __le32 Flags;
+} __packed;
+
+struct create_mxac_rsp {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __le32 QueryStatus;
+ __le32 MaximalAccess;
+} __packed;
+
+struct create_disk_id_rsp {
+ struct create_context ccontext;
+ __u8 Name[8];
+ __le64 DiskFileId;
+ __le64 VolumeId;
+ __u8 Reserved[16];
+} __packed;
+
+/* equivalent of the contents of SMB3.1.1 POSIX open context response */
+struct create_posix_rsp {
+ struct create_context ccontext;
+ __u8 Name[16];
+ __le32 nlink;
+ __le32 reparse_tag;
+ __le32 mode;
+ u8 SidBuffer[40];
+} __packed;
+
+#define SMB2_LEASE_NONE_LE cpu_to_le32(0x00)
+#define SMB2_LEASE_READ_CACHING_LE cpu_to_le32(0x01)
+#define SMB2_LEASE_HANDLE_CACHING_LE cpu_to_le32(0x02)
+#define SMB2_LEASE_WRITE_CACHING_LE cpu_to_le32(0x04)
+
+#define SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE cpu_to_le32(0x02)
+
+struct lease_context {
+ __le64 LeaseKeyLow;
+ __le64 LeaseKeyHigh;
+ __le32 LeaseState;
+ __le32 LeaseFlags;
+ __le64 LeaseDuration;
+} __packed;
+
+struct create_lease {
+ struct create_context ccontext;
+ __u8 Name[8];
+ struct lease_context lcontext;
+} __packed;
+
+/* Currently defined values for close flags */
+#define SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB cpu_to_le16(0x0001)
+struct smb2_close_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 24 */
+ __le16 Flags;
+ __le32 Reserved;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+} __packed;
+
+struct smb2_close_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* 60 */
+ __le16 Flags;
+ __le32 Reserved;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 AllocationSize; /* Beginning of FILE_STANDARD_INFO equivalent */
+ __le64 EndOfFile;
+ __le32 Attributes;
+} __packed;
+
+struct smb2_flush_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 24 */
+ __le16 Reserved1;
+ __le32 Reserved2;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+} __packed;
+
+struct smb2_flush_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize;
+ __le16 Reserved;
+} __packed;
+
+struct smb2_buffer_desc_v1 {
+ __le64 offset;
+ __le32 token;
+ __le32 length;
+} __packed;
+
+#define SMB2_CHANNEL_NONE cpu_to_le32(0x00000000)
+#define SMB2_CHANNEL_RDMA_V1 cpu_to_le32(0x00000001)
+#define SMB2_CHANNEL_RDMA_V1_INVALIDATE cpu_to_le32(0x00000002)
+
+struct smb2_read_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 49 */
+ __u8 Padding; /* offset from start of SMB2 header to place read */
+ __u8 Reserved;
+ __le32 Length;
+ __le64 Offset;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __le32 MinimumCount;
+ __le32 Channel; /* Reserved MBZ */
+ __le32 RemainingBytes;
+ __le16 ReadChannelInfoOffset; /* Reserved MBZ */
+ __le16 ReadChannelInfoLength; /* Reserved MBZ */
+ __u8 Buffer[1];
+} __packed;
+
+struct smb2_read_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 17 */
+ __u8 DataOffset;
+ __u8 Reserved;
+ __le32 DataLength;
+ __le32 DataRemaining;
+ __u32 Reserved2;
+ __u8 Buffer[1];
+} __packed;
+
+/* For write request Flags field below the following flag is defined: */
+#define SMB2_WRITEFLAG_WRITE_THROUGH 0x00000001
+
+struct smb2_write_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 49 */
+ __le16 DataOffset; /* offset from start of SMB2 header to write data */
+ __le32 Length;
+ __le64 Offset;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __le32 Channel; /* Reserved MBZ */
+ __le32 RemainingBytes;
+ __le16 WriteChannelInfoOffset; /* Reserved MBZ */
+ __le16 WriteChannelInfoLength; /* Reserved MBZ */
+ __le32 Flags;
+ __u8 Buffer[1];
+} __packed;
+
+struct smb2_write_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 17 */
+ __u8 DataOffset;
+ __u8 Reserved;
+ __le32 DataLength;
+ __le32 DataRemaining;
+ __u32 Reserved2;
+ __u8 Buffer[1];
+} __packed;
+
+#define SMB2_0_IOCTL_IS_FSCTL 0x00000001
+
+struct smb2_ioctl_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 57 */
+ __le16 Reserved; /* offset from start of SMB2 header to write data */
+ __le32 CntCode;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __le32 InputOffset; /* Reserved MBZ */
+ __le32 InputCount;
+ __le32 MaxInputResponse;
+ __le32 OutputOffset;
+ __le32 OutputCount;
+ __le32 MaxOutputResponse;
+ __le32 Flags;
+ __le32 Reserved2;
+ __u8 Buffer[1];
+} __packed;
+
+struct smb2_ioctl_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 49 */
+ __le16 Reserved; /* offset from start of SMB2 header to write data */
+ __le32 CntCode;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __le32 InputOffset; /* Reserved MBZ */
+ __le32 InputCount;
+ __le32 OutputOffset;
+ __le32 OutputCount;
+ __le32 Flags;
+ __le32 Reserved2;
+ __u8 Buffer[1];
+} __packed;
+
+struct validate_negotiate_info_req {
+ __le32 Capabilities;
+ __u8 Guid[SMB2_CLIENT_GUID_SIZE];
+ __le16 SecurityMode;
+ __le16 DialectCount;
+ __le16 Dialects[1]; /* dialect (someday maybe list) client asked for */
+} __packed;
+
+struct validate_negotiate_info_rsp {
+ __le32 Capabilities;
+ __u8 Guid[SMB2_CLIENT_GUID_SIZE];
+ __le16 SecurityMode;
+ __le16 Dialect; /* Dialect in use for the connection */
+} __packed;
+
+struct smb_sockaddr_in {
+ __be16 Port;
+ __be32 IPv4address;
+ __u8 Reserved[8];
+} __packed;
+
+struct smb_sockaddr_in6 {
+ __be16 Port;
+ __be32 FlowInfo;
+ __u8 IPv6address[16];
+ __be32 ScopeId;
+} __packed;
+
+#define INTERNETWORK 0x0002
+#define INTERNETWORKV6 0x0017
+
+struct sockaddr_storage_rsp {
+ __le16 Family;
+ union {
+ struct smb_sockaddr_in addr4;
+ struct smb_sockaddr_in6 addr6;
+ };
+} __packed;
+
+#define RSS_CAPABLE 0x00000001
+#define RDMA_CAPABLE 0x00000002
+
+struct network_interface_info_ioctl_rsp {
+ __le32 Next; /* next interface. zero if this is last one */
+ __le32 IfIndex;
+ __le32 Capability; /* RSS or RDMA Capable */
+ __le32 Reserved;
+ __le64 LinkSpeed;
+ char SockAddr_Storage[128];
+} __packed;
+
+struct file_object_buf_type1_ioctl_rsp {
+ __u8 ObjectId[16];
+ __u8 BirthVolumeId[16];
+ __u8 BirthObjectId[16];
+ __u8 DomainId[16];
+} __packed;
+
+struct resume_key_ioctl_rsp {
+ __le64 ResumeKey[3];
+ __le32 ContextLength;
+ __u8 Context[4]; /* ignored, Windows sets to 4 bytes of zero */
+} __packed;
+
+struct copychunk_ioctl_req {
+ __le64 ResumeKey[3];
+ __le32 ChunkCount;
+ __le32 Reserved;
+ __u8 Chunks[1]; /* array of srv_copychunk */
+} __packed;
+
+struct srv_copychunk {
+ __le64 SourceOffset;
+ __le64 TargetOffset;
+ __le32 Length;
+ __le32 Reserved;
+} __packed;
+
+struct copychunk_ioctl_rsp {
+ __le32 ChunksWritten;
+ __le32 ChunkBytesWritten;
+ __le32 TotalBytesWritten;
+} __packed;
+
+struct file_sparse {
+ __u8 SetSparse;
+} __packed;
+
+struct file_zero_data_information {
+ __le64 FileOffset;
+ __le64 BeyondFinalZero;
+} __packed;
+
+struct file_allocated_range_buffer {
+ __le64 file_offset;
+ __le64 length;
+} __packed;
+
+struct reparse_data_buffer {
+ __le32 ReparseTag;
+ __le16 ReparseDataLength;
+ __u16 Reserved;
+ __u8 DataBuffer[]; /* Variable Length */
+} __packed;
+
+/* Completion Filter flags for Notify */
+#define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001
+#define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002
+#define FILE_NOTIFY_CHANGE_NAME 0x00000003
+#define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004
+#define FILE_NOTIFY_CHANGE_SIZE 0x00000008
+#define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010
+#define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x00000020
+#define FILE_NOTIFY_CHANGE_CREATION 0x00000040
+#define FILE_NOTIFY_CHANGE_EA 0x00000080
+#define FILE_NOTIFY_CHANGE_SECURITY 0x00000100
+#define FILE_NOTIFY_CHANGE_STREAM_NAME 0x00000200
+#define FILE_NOTIFY_CHANGE_STREAM_SIZE 0x00000400
+#define FILE_NOTIFY_CHANGE_STREAM_WRITE 0x00000800
+
+/* Flags */
+#define SMB2_WATCH_TREE 0x0001
+
+struct smb2_notify_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 32 */
+ __le16 Flags;
+ __le32 OutputBufferLength;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __u32 CompletionFileter;
+ __u32 Reserved;
+} __packed;
+
+struct smb2_notify_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 9 */
+ __le16 OutputBufferOffset;
+ __le32 OutputBufferLength;
+ __u8 Buffer[1];
+} __packed;
+
+/* SMB2 Notify Action Flags */
+#define FILE_ACTION_ADDED 0x00000001
+#define FILE_ACTION_REMOVED 0x00000002
+#define FILE_ACTION_MODIFIED 0x00000003
+#define FILE_ACTION_RENAMED_OLD_NAME 0x00000004
+#define FILE_ACTION_RENAMED_NEW_NAME 0x00000005
+#define FILE_ACTION_ADDED_STREAM 0x00000006
+#define FILE_ACTION_REMOVED_STREAM 0x00000007
+#define FILE_ACTION_MODIFIED_STREAM 0x00000008
+#define FILE_ACTION_REMOVED_BY_DELETE 0x00000009
+
+#define SMB2_LOCKFLAG_SHARED 0x0001
+#define SMB2_LOCKFLAG_EXCLUSIVE 0x0002
+#define SMB2_LOCKFLAG_UNLOCK 0x0004
+#define SMB2_LOCKFLAG_FAIL_IMMEDIATELY 0x0010
+#define SMB2_LOCKFLAG_MASK 0x0007
+
+struct smb2_lock_element {
+ __le64 Offset;
+ __le64 Length;
+ __le32 Flags;
+ __le32 Reserved;
+} __packed;
+
+struct smb2_lock_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 48 */
+ __le16 LockCount;
+ __le32 Reserved;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ /* Followed by at least one */
+ struct smb2_lock_element locks[1];
+} __packed;
+
+struct smb2_lock_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 4 */
+ __le16 Reserved;
+} __packed;
+
+struct smb2_echo_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 4 */
+ __u16 Reserved;
+} __packed;
+
+struct smb2_echo_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 4 */
+ __u16 Reserved;
+} __packed;
+
+/* search (query_directory) Flags field */
+#define SMB2_RESTART_SCANS 0x01
+#define SMB2_RETURN_SINGLE_ENTRY 0x02
+#define SMB2_INDEX_SPECIFIED 0x04
+#define SMB2_REOPEN 0x10
+
+struct smb2_query_directory_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 33 */
+ __u8 FileInformationClass;
+ __u8 Flags;
+ __le32 FileIndex;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __le16 FileNameOffset;
+ __le16 FileNameLength;
+ __le32 OutputBufferLength;
+ __u8 Buffer[1];
+} __packed;
+
+struct smb2_query_directory_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 9 */
+ __le16 OutputBufferOffset;
+ __le32 OutputBufferLength;
+ __u8 Buffer[1];
+} __packed;
+
+/* Possible InfoType values */
+#define SMB2_O_INFO_FILE 0x01
+#define SMB2_O_INFO_FILESYSTEM 0x02
+#define SMB2_O_INFO_SECURITY 0x03
+#define SMB2_O_INFO_QUOTA 0x04
+
+/* Security info type additionalinfo flags. See MS-SMB2 (2.2.37) or MS-DTYP */
+#define OWNER_SECINFO 0x00000001
+#define GROUP_SECINFO 0x00000002
+#define DACL_SECINFO 0x00000004
+#define SACL_SECINFO 0x00000008
+#define LABEL_SECINFO 0x00000010
+#define ATTRIBUTE_SECINFO 0x00000020
+#define SCOPE_SECINFO 0x00000040
+#define BACKUP_SECINFO 0x00010000
+#define UNPROTECTED_SACL_SECINFO 0x10000000
+#define UNPROTECTED_DACL_SECINFO 0x20000000
+#define PROTECTED_SACL_SECINFO 0x40000000
+#define PROTECTED_DACL_SECINFO 0x80000000
+
+struct smb2_query_info_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 41 */
+ __u8 InfoType;
+ __u8 FileInfoClass;
+ __le32 OutputBufferLength;
+ __le16 InputBufferOffset;
+ __u16 Reserved;
+ __le32 InputBufferLength;
+ __le32 AdditionalInformation;
+ __le32 Flags;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __u8 Buffer[1];
+} __packed;
+
+struct smb2_query_info_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 9 */
+ __le16 OutputBufferOffset;
+ __le32 OutputBufferLength;
+ __u8 Buffer[1];
+} __packed;
+
+struct smb2_set_info_req {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 33 */
+ __u8 InfoType;
+ __u8 FileInfoClass;
+ __le32 BufferLength;
+ __le16 BufferOffset;
+ __u16 Reserved;
+ __le32 AdditionalInformation;
+ __le64 PersistentFileId;
+ __le64 VolatileFileId;
+ __u8 Buffer[1];
+} __packed;
+
+struct smb2_set_info_rsp {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 2 */
+} __packed;
+
+
+/* FILE Info response size */
+#define FILE_DIRECTORY_INFORMATION_SIZE 1
+#define FILE_FULL_DIRECTORY_INFORMATION_SIZE 2
+#define FILE_BOTH_DIRECTORY_INFORMATION_SIZE 3
+#define FILE_BASIC_INFORMATION_SIZE 40
+#define FILE_STANDARD_INFORMATION_SIZE 24
+#define FILE_INTERNAL_INFORMATION_SIZE 8
+#define FILE_EA_INFORMATION_SIZE 4
+#define FILE_ACCESS_INFORMATION_SIZE 4
+#define FILE_NAME_INFORMATION_SIZE 9
+#define FILE_RENAME_INFORMATION_SIZE 10
+#define FILE_LINK_INFORMATION_SIZE 11
+#define FILE_NAMES_INFORMATION_SIZE 12
+#define FILE_DISPOSITION_INFORMATION_SIZE 13
+#define FILE_POSITION_INFORMATION_SIZE 14
+#define FILE_FULL_EA_INFORMATION_SIZE 15
+#define FILE_MODE_INFORMATION_SIZE 4
+#define FILE_ALIGNMENT_INFORMATION_SIZE 4
+#define FILE_ALL_INFORMATION_SIZE 104
+#define FILE_ALLOCATION_INFORMATION_SIZE 19
+#define FILE_END_OF_FILE_INFORMATION_SIZE 20
+#define FILE_ALTERNATE_NAME_INFORMATION_SIZE 8
+#define FILE_STREAM_INFORMATION_SIZE 32
+#define FILE_PIPE_INFORMATION_SIZE 23
+#define FILE_PIPE_LOCAL_INFORMATION_SIZE 24
+#define FILE_PIPE_REMOTE_INFORMATION_SIZE 25
+#define FILE_MAILSLOT_QUERY_INFORMATION_SIZE 26
+#define FILE_MAILSLOT_SET_INFORMATION_SIZE 27
+#define FILE_COMPRESSION_INFORMATION_SIZE 16
+#define FILE_OBJECT_ID_INFORMATION_SIZE 29
+/* Number 30 not defined in documents */
+#define FILE_MOVE_CLUSTER_INFORMATION_SIZE 31
+#define FILE_QUOTA_INFORMATION_SIZE 32
+#define FILE_REPARSE_POINT_INFORMATION_SIZE 33
+#define FILE_NETWORK_OPEN_INFORMATION_SIZE 56
+#define FILE_ATTRIBUTE_TAG_INFORMATION_SIZE 8
+
+
+/* FS Info response size */
+#define FS_DEVICE_INFORMATION_SIZE 8
+#define FS_ATTRIBUTE_INFORMATION_SIZE 16
+#define FS_VOLUME_INFORMATION_SIZE 24
+#define FS_SIZE_INFORMATION_SIZE 24
+#define FS_FULL_SIZE_INFORMATION_SIZE 32
+#define FS_SECTOR_SIZE_INFORMATION_SIZE 28
+#define FS_OBJECT_ID_INFORMATION_SIZE 64
+#define FS_CONTROL_INFORMATION_SIZE 48
+#define FS_POSIX_INFORMATION_SIZE 56
+
+/* FS_ATTRIBUTE_File_System_Name */
+#define FS_TYPE_SUPPORT_SIZE 44
+struct fs_type_info {
+ char *fs_name;
+ long magic_number;
+} __packed;
+
+struct smb2_oplock_break {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 24 */
+ __u8 OplockLevel;
+ __u8 Reserved;
+ __le32 Reserved2;
+ __le64 PersistentFid;
+ __le64 VolatileFid;
+} __packed;
+
+#define SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED cpu_to_le32(0x01)
+
+struct smb2_lease_break {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 44 */
+ __le16 Reserved;
+ __le32 Flags;
+ __u8 LeaseKey[16];
+ __le32 CurrentLeaseState;
+ __le32 NewLeaseState;
+ __le32 BreakReason;
+ __le32 AccessMaskHint;
+ __le32 ShareMaskHint;
+} __packed;
+
+struct smb2_lease_ack {
+ struct smb2_hdr hdr;
+ __le16 StructureSize; /* Must be 36 */
+ __le16 Reserved;
+ __le32 Flags;
+ __u8 LeaseKey[16];
+ __le32 LeaseState;
+ __le64 LeaseDuration;
+} __packed;
+
+/*
+ * PDU infolevel structure definitions
+ * BB consider moving to a different header
+ */
+
+/* File System Information Classes */
+#define FS_VOLUME_INFORMATION 1 /* Query */
+#define FS_LABEL_INFORMATION 2 /* Set */
+#define FS_SIZE_INFORMATION 3 /* Query */
+#define FS_DEVICE_INFORMATION 4 /* Query */
+#define FS_ATTRIBUTE_INFORMATION 5 /* Query */
+#define FS_CONTROL_INFORMATION 6 /* Query, Set */
+#define FS_FULL_SIZE_INFORMATION 7 /* Query */
+#define FS_OBJECT_ID_INFORMATION 8 /* Query, Set */
+#define FS_DRIVER_PATH_INFORMATION 9 /* Query */
+#define FS_SECTOR_SIZE_INFORMATION 11 /* SMB3 or later. Query */
+#define FS_POSIX_INFORMATION 100 /* SMB3.1.1 POSIX. Query */
+
+struct smb2_fs_full_size_info {
+ __le64 TotalAllocationUnits;
+ __le64 CallerAvailableAllocationUnits;
+ __le64 ActualAvailableAllocationUnits;
+ __le32 SectorsPerAllocationUnit;
+ __le32 BytesPerSector;
+} __packed;
+
+#define SSINFO_FLAGS_ALIGNED_DEVICE 0x00000001
+#define SSINFO_FLAGS_PARTITION_ALIGNED_ON_DEVICE 0x00000002
+#define SSINFO_FLAGS_NO_SEEK_PENALTY 0x00000004
+#define SSINFO_FLAGS_TRIM_ENABLED 0x00000008
+
+/* sector size info struct */
+struct smb3_fs_ss_info {
+ __le32 LogicalBytesPerSector;
+ __le32 PhysicalBytesPerSectorForAtomicity;
+ __le32 PhysicalBytesPerSectorForPerf;
+ __le32 FSEffPhysicalBytesPerSectorForAtomicity;
+ __le32 Flags;
+ __le32 ByteOffsetForSectorAlignment;
+ __le32 ByteOffsetForPartitionAlignment;
+} __packed;
+
+/* File System Control Information */
+struct smb2_fs_control_info {
+ __le64 FreeSpaceStartFiltering;
+ __le64 FreeSpaceThreshold;
+ __le64 FreeSpaceStopFiltering;
+ __le64 DefaultQuotaThreshold;
+ __le64 DefaultQuotaLimit;
+ __le32 FileSystemControlFlags;
+ __le32 Padding;
+} __packed;
+
+/* partial list of QUERY INFO levels */
+#define FILE_DIRECTORY_INFORMATION 1
+#define FILE_FULL_DIRECTORY_INFORMATION 2
+#define FILE_BOTH_DIRECTORY_INFORMATION 3
+#define FILE_BASIC_INFORMATION 4
+#define FILE_STANDARD_INFORMATION 5
+#define FILE_INTERNAL_INFORMATION 6
+#define FILE_EA_INFORMATION 7
+#define FILE_ACCESS_INFORMATION 8
+#define FILE_NAME_INFORMATION 9
+#define FILE_RENAME_INFORMATION 10
+#define FILE_LINK_INFORMATION 11
+#define FILE_NAMES_INFORMATION 12
+#define FILE_DISPOSITION_INFORMATION 13
+#define FILE_POSITION_INFORMATION 14
+#define FILE_FULL_EA_INFORMATION 15
+#define FILE_MODE_INFORMATION 16
+#define FILE_ALIGNMENT_INFORMATION 17
+#define FILE_ALL_INFORMATION 18
+#define FILE_ALLOCATION_INFORMATION 19
+#define FILE_END_OF_FILE_INFORMATION 20
+#define FILE_ALTERNATE_NAME_INFORMATION 21
+#define FILE_STREAM_INFORMATION 22
+#define FILE_PIPE_INFORMATION 23
+#define FILE_PIPE_LOCAL_INFORMATION 24
+#define FILE_PIPE_REMOTE_INFORMATION 25
+#define FILE_MAILSLOT_QUERY_INFORMATION 26
+#define FILE_MAILSLOT_SET_INFORMATION 27
+#define FILE_COMPRESSION_INFORMATION 28
+#define FILE_OBJECT_ID_INFORMATION 29
+/* Number 30 not defined in documents */
+#define FILE_MOVE_CLUSTER_INFORMATION 31
+#define FILE_QUOTA_INFORMATION 32
+#define FILE_REPARSE_POINT_INFORMATION 33
+#define FILE_NETWORK_OPEN_INFORMATION 34
+#define FILE_ATTRIBUTE_TAG_INFORMATION 35
+#define FILE_TRACKING_INFORMATION 36
+#define FILEID_BOTH_DIRECTORY_INFORMATION 37
+#define FILEID_FULL_DIRECTORY_INFORMATION 38
+#define FILE_VALID_DATA_LENGTH_INFORMATION 39
+#define FILE_SHORT_NAME_INFORMATION 40
+#define FILE_SFIO_RESERVE_INFORMATION 44
+#define FILE_SFIO_VOLUME_INFORMATION 45
+#define FILE_HARD_LINK_INFORMATION 46
+#define FILE_NORMALIZED_NAME_INFORMATION 48
+#define FILEID_GLOBAL_TX_DIRECTORY_INFORMATION 50
+#define FILE_STANDARD_LINK_INFORMATION 54
+
+#define OP_BREAK_STRUCT_SIZE_20 24
+#define OP_BREAK_STRUCT_SIZE_21 36
+
+struct smb2_file_access_info {
+ __le32 AccessFlags;
+} __packed;
+
+struct smb2_file_alignment_info {
+ __le32 AlignmentRequirement;
+} __packed;
+
+struct smb2_file_internal_info {
+ __le64 IndexNumber;
+} __packed; /* level 6 Query */
+
+struct smb2_file_rename_info { /* encoding of request for level 10 */
+ __u8 ReplaceIfExists; /* 1 = replace existing target with new */
+ /* 0 = fail if target already exists */
+ __u8 Reserved[7];
+ __u64 RootDirectory; /* MBZ for network operations (why says spec?) */
+ __le32 FileNameLength;
+ char FileName[0]; /* New name to be assigned */
+} __packed; /* level 10 Set */
+
+struct smb2_file_link_info { /* encoding of request for level 11 */
+ __u8 ReplaceIfExists; /* 1 = replace existing link with new */
+ /* 0 = fail if link already exists */
+ __u8 Reserved[7];
+ __u64 RootDirectory; /* MBZ for network operations (why says spec?) */
+ __le32 FileNameLength;
+ char FileName[0]; /* Name to be assigned to new link */
+} __packed; /* level 11 Set */
+
+/*
+ * This level 18, although with struct with same name is different from cifs
+ * level 0x107. Level 0x107 has an extra u64 between AccessFlags and
+ * CurrentByteOffset.
+ */
+struct smb2_file_all_info { /* data block encoding of response to level 18 */
+ __le64 CreationTime; /* Beginning of FILE_BASIC_INFO equivalent */
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le32 Attributes;
+ __u32 Pad1; /* End of FILE_BASIC_INFO_INFO equivalent */
+ __le64 AllocationSize; /* Beginning of FILE_STANDARD_INFO equivalent */
+ __le64 EndOfFile; /* size ie offset to first free byte in file */
+ __le32 NumberOfLinks; /* hard links */
+ __u8 DeletePending;
+ __u8 Directory;
+ __u16 Pad2; /* End of FILE_STANDARD_INFO equivalent */
+ __le64 IndexNumber;
+ __le32 EASize;
+ __le32 AccessFlags;
+ __le64 CurrentByteOffset;
+ __le32 Mode;
+ __le32 AlignmentRequirement;
+ __le32 FileNameLength;
+ char FileName[1];
+} __packed; /* level 18 Query */
+
+struct smb2_file_alt_name_info {
+ __le32 FileNameLength;
+ char FileName[0];
+} __packed;
+
+struct smb2_file_stream_info {
+ __le32 NextEntryOffset;
+ __le32 StreamNameLength;
+ __le64 StreamSize;
+ __le64 StreamAllocationSize;
+ char StreamName[0];
+} __packed;
+
+struct smb2_file_eof_info { /* encoding of request for level 10 */
+ __le64 EndOfFile; /* new end of file value */
+} __packed; /* level 20 Set */
+
+struct smb2_file_ntwrk_info {
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 AllocationSize;
+ __le64 EndOfFile;
+ __le32 Attributes;
+ __le32 Reserved;
+} __packed;
+
+struct smb2_file_standard_info {
+ __le64 AllocationSize;
+ __le64 EndOfFile;
+ __le32 NumberOfLinks; /* hard links */
+ __u8 DeletePending;
+ __u8 Directory;
+ __le16 Reserved;
+} __packed; /* level 18 Query */
+
+struct smb2_file_ea_info {
+ __le32 EASize;
+} __packed;
+
+struct smb2_file_alloc_info {
+ __le64 AllocationSize;
+} __packed;
+
+struct smb2_file_disposition_info {
+ __u8 DeletePending;
+} __packed;
+
+struct smb2_file_pos_info {
+ __le64 CurrentByteOffset;
+} __packed;
+
+#define FILE_MODE_INFO_MASK cpu_to_le32(0x0000103e)
+
+struct smb2_file_mode_info {
+ __le32 Mode;
+} __packed;
+
+#define COMPRESSION_FORMAT_NONE 0x0000
+#define COMPRESSION_FORMAT_LZNT1 0x0002
+
+struct smb2_file_comp_info {
+ __le64 CompressedFileSize;
+ __le16 CompressionFormat;
+ __u8 CompressionUnitShift;
+ __u8 ChunkShift;
+ __u8 ClusterShift;
+ __u8 Reserved[3];
+} __packed;
+
+struct smb2_file_attr_tag_info {
+ __le32 FileAttributes;
+ __le32 ReparseTag;
+} __packed;
+
+#define SL_RESTART_SCAN 0x00000001
+#define SL_RETURN_SINGLE_ENTRY 0x00000002
+#define SL_INDEX_SPECIFIED 0x00000004
+
+struct smb2_ea_info_req {
+ __le32 NextEntryOffset;
+ __u8 EaNameLength;
+ char name[1];
+} __packed; /* level 15 Query */
+
+struct smb2_ea_info {
+ __le32 NextEntryOffset;
+ __u8 Flags;
+ __u8 EaNameLength;
+ __le16 EaValueLength;
+ char name[1];
+ /* optionally followed by value */
+} __packed; /* level 15 Query */
+
+struct create_ea_buf_req {
+ struct create_context ccontext;
+ __u8 Name[8];
+ struct smb2_ea_info ea;
+} __packed;
+
+struct create_sd_buf_req {
+ struct create_context ccontext;
+ __u8 Name[8];
+ struct smb_ntsd ntsd;
+} __packed;
+
+/* Find File infolevels */
+#define SMB_FIND_FILE_POSIX_INFO 0x064
+
+/* Level 100 query info */
+struct smb311_posix_qinfo {
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 EndOfFile;
+ __le64 AllocationSize;
+ __le32 DosAttributes;
+ __le64 Inode;
+ __le32 DeviceId;
+ __le32 Zero;
+ /* beginning of POSIX Create Context Response */
+ __le32 HardLinks;
+ __le32 ReparseTag;
+ __le32 Mode;
+ u8 Sids[];
+ /*
+ * var sized owner SID
+ * var sized group SID
+ * le32 filenamelength
+ * u8 filename[]
+ */
+} __packed;
+
+struct smb2_posix_info {
+ __le32 NextEntryOffset;
+ __u32 Ignored;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 EndOfFile;
+ __le64 AllocationSize;
+ __le32 DosAttributes;
+ __le64 Inode;
+ __le32 DeviceId;
+ __le32 Zero;
+ /* beginning of POSIX Create Context Response */
+ __le32 HardLinks;
+ __le32 ReparseTag;
+ __le32 Mode;
+ u8 SidBuffer[40];
+ __le32 name_len;
+ u8 name[1];
+ /*
+ * var sized owner SID
+ * var sized group SID
+ * le32 filenamelength
+ * u8 filename[]
+ */
+} __packed;
+
+/* functions */
+
+extern int init_smb2_0_server(struct ksmbd_conn *conn);
+extern void init_smb2_1_server(struct ksmbd_conn *conn);
+extern void init_smb3_0_server(struct ksmbd_conn *conn);
+extern void init_smb3_02_server(struct ksmbd_conn *conn);
+extern int init_smb3_11_server(struct ksmbd_conn *conn);
+
+extern void init_smb2_max_read_size(unsigned int sz);
+extern void init_smb2_max_write_size(unsigned int sz);
+extern void init_smb2_max_trans_size(unsigned int sz);
+
+extern int is_smb2_neg_cmd(struct ksmbd_work *work);
+extern int is_smb2_rsp(struct ksmbd_work *work);
+
+extern uint16_t get_smb2_cmd_val(struct ksmbd_work *work);
+extern void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err);
+extern int init_smb2_rsp_hdr(struct ksmbd_work *work);
+extern int smb2_allocate_rsp_buf(struct ksmbd_work *work);
+extern bool is_chained_smb2_message(struct ksmbd_work *work);
+extern int init_smb2_neg_rsp(struct ksmbd_work *work);
+extern void smb2_set_err_rsp(struct ksmbd_work *work);
+extern int smb2_check_user_session(struct ksmbd_work *work);
+extern int smb2_get_ksmbd_tcon(struct ksmbd_work *work);
+extern bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command);
+extern int smb2_check_sign_req(struct ksmbd_work *work);
+extern void smb2_set_sign_rsp(struct ksmbd_work *work);
+extern int smb3_check_sign_req(struct ksmbd_work *work);
+extern void smb3_set_sign_rsp(struct ksmbd_work *work);
+extern int find_matching_smb2_dialect(int start_index, __le16 *cli_dialects,
+ __le16 dialects_count);
+extern struct file_lock *smb_flock_init(struct file *f);
+extern int setup_async_work(struct ksmbd_work *work, void (*fn)(void **),
+ void **arg);
+extern void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status);
+extern struct channel *lookup_chann_list(struct ksmbd_session *sess);
+extern void smb3_preauth_hash_rsp(struct ksmbd_work *work);
+extern int smb3_is_transform_hdr(void *buf);
+extern int smb3_decrypt_req(struct ksmbd_work *work);
+extern int smb3_encrypt_resp(struct ksmbd_work *work);
+extern bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work);
+extern int smb2_set_rsp_credits(struct ksmbd_work *work);
+
+/* smb2 misc functions */
+extern int ksmbd_smb2_check_message(struct ksmbd_work *work);
+
+/* smb2 command handlers */
+extern int smb2_handle_negotiate(struct ksmbd_work *work);
+extern int smb2_negotiate_request(struct ksmbd_work *work);
+extern int smb2_sess_setup(struct ksmbd_work *work);
+extern int smb2_tree_connect(struct ksmbd_work *work);
+extern int smb2_tree_disconnect(struct ksmbd_work *work);
+extern int smb2_session_logoff(struct ksmbd_work *work);
+extern int smb2_open(struct ksmbd_work *work);
+extern int smb2_query_info(struct ksmbd_work *work);
+extern int smb2_query_dir(struct ksmbd_work *work);
+extern int smb2_close(struct ksmbd_work *work);
+extern int smb2_echo(struct ksmbd_work *work);
+extern int smb2_set_info(struct ksmbd_work *work);
+extern int smb2_read(struct ksmbd_work *work);
+extern int smb2_write(struct ksmbd_work *work);
+extern int smb2_flush(struct ksmbd_work *work);
+extern int smb2_cancel(struct ksmbd_work *work);
+extern int smb2_lock(struct ksmbd_work *work);
+extern int smb2_ioctl(struct ksmbd_work *work);
+extern int smb2_oplock_break(struct ksmbd_work *work);
+extern int smb2_notify(struct ksmbd_work *ksmbd_work);
+
+#endif /* _SMB2PDU_H */
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
new file mode 100644
index 000000000000..f7560b68b820
--- /dev/null
+++ b/fs/cifsd/smb_common.c
@@ -0,0 +1,668 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ * Copyright (C) 2018 Namjae Jeon <linkinjeon(a)kernel.org>
+ */
+
+#include "smb_common.h"
+#include "server.h"
+#include "misc.h"
+#include "smbstatus.h"
+/* @FIXME */
+#include "connection.h"
+#include "ksmbd_work.h"
+#include "mgmt/user_session.h"
+#include "mgmt/user_config.h"
+#include "mgmt/tree_connect.h"
+#include "mgmt/share_config.h"
+
+/*for shortname implementation */
+static const char basechars[43] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-!@#$%";
+#define MANGLE_BASE (sizeof(basechars)/sizeof(char)-1)
+#define MAGIC_CHAR '~'
+#define PERIOD '.'
+#define mangle(V) ((char)(basechars[(V) % MANGLE_BASE]))
+#define KSMBD_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr))
+
+LIST_HEAD(global_lock_list);
+
+struct smb_protocol {
+ int index;
+ char *name;
+ char *prot;
+ __u16 prot_id;
+};
+
+static struct smb_protocol smb_protos[] = {
+ {
+ SMB21_PROT,
+ "\2SMB 2.1",
+ "SMB2_10",
+ SMB21_PROT_ID
+ },
+ {
+ SMB2X_PROT,
+ "\2SMB 2.???",
+ "SMB2_22",
+ SMB2X_PROT_ID
+ },
+ {
+ SMB30_PROT,
+ "\2SMB 3.0",
+ "SMB3_00",
+ SMB30_PROT_ID
+ },
+ {
+ SMB302_PROT,
+ "\2SMB 3.02",
+ "SMB3_02",
+ SMB302_PROT_ID
+ },
+ {
+ SMB311_PROT,
+ "\2SMB 3.1.1",
+ "SMB3_11",
+ SMB311_PROT_ID
+ },
+};
+
+unsigned int ksmbd_server_side_copy_max_chunk_count(void)
+{
+ return 256;
+}
+
+unsigned int ksmbd_server_side_copy_max_chunk_size(void)
+{
+ return (2U << 30) - 1;
+}
+
+unsigned int ksmbd_server_side_copy_max_total_size(void)
+{
+ return (2U << 30) - 1;
+}
+
+inline int ksmbd_min_protocol(void)
+{
+ return SMB2_PROT;
+}
+
+inline int ksmbd_max_protocol(void)
+{
+ return SMB311_PROT;
+}
+
+int ksmbd_lookup_protocol_idx(char *str)
+{
+ int offt = ARRAY_SIZE(smb_protos) - 1;
+ int len = strlen(str);
+
+ while (offt >= 0) {
+ if (!strncmp(str, smb_protos[offt].prot, len)) {
+ ksmbd_debug(SMB, "selected %s dialect idx = %d\n",
+ smb_protos[offt].prot, offt);
+ return smb_protos[offt].index;
+ }
+ offt--;
+ }
+ return -1;
+}
+
+/**
+ * check_message() - check for valid smb2 request header
+ * @buf: smb2 header to be checked
+ *
+ * check for valid smb signature and packet direction(request/response)
+ *
+ * Return: 0 on success, otherwise 1
+ */
+int ksmbd_verify_smb_message(struct ksmbd_work *work)
+{
+ struct smb2_hdr *smb2_hdr = REQUEST_BUF(work);
+
+ if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER)
+ return ksmbd_smb2_check_message(work);
+
+ return 0;
+}
+
+/**
+ * is_smb_request() - check for valid smb request type
+ * @conn: connection instance
+ * @type: smb request type
+ *
+ * Return: true on success, otherwise false
+ */
+bool ksmbd_smb_request(struct ksmbd_conn *conn)
+{
+ int type = *(char *)conn->request_buf;
+
+ switch (type) {
+ case RFC1002_SESSION_MESSAGE:
+ /* Regular SMB request */
+ return true;
+ case RFC1002_SESSION_KEEP_ALIVE:
+ ksmbd_debug(SMB, "RFC 1002 session keep alive\n");
+ break;
+ default:
+ ksmbd_debug(SMB, "RFC 1002 unknown request type 0x%x\n", type);
+ }
+
+ return false;
+}
+
+static bool supported_protocol(int idx)
+{
+ if (idx == SMB2X_PROT &&
+ (server_conf.min_protocol >= SMB21_PROT ||
+ server_conf.max_protocol <= SMB311_PROT))
+ return true;
+
+ return (server_conf.min_protocol <= idx &&
+ idx <= server_conf.max_protocol);
+}
+
+static char *next_dialect(char *dialect, int *next_off)
+{
+ dialect = dialect + *next_off;
+ *next_off = strlen(dialect);
+ return dialect;
+}
+
+static int ksmbd_lookup_dialect_by_name(char *cli_dialects, __le16 byte_count)
+{
+ int i, seq_num, bcount, next;
+ char *dialect;
+
+ for (i = ARRAY_SIZE(smb_protos) - 1; i >= 0; i--) {
+ seq_num = 0;
+ next = 0;
+ dialect = cli_dialects;
+ bcount = le16_to_cpu(byte_count);
+ do {
+ dialect = next_dialect(dialect, &next);
+ ksmbd_debug(SMB, "client requested dialect %s\n",
+ dialect);
+ if (!strcmp(dialect, smb_protos[i].name)) {
+ if (supported_protocol(smb_protos[i].index)) {
+ ksmbd_debug(SMB,
+ "selected %s dialect\n",
+ smb_protos[i].name);
+ if (smb_protos[i].index == SMB1_PROT)
+ return seq_num;
+ return smb_protos[i].prot_id;
+ }
+ }
+ seq_num++;
+ bcount -= (++next);
+ } while (bcount > 0);
+ }
+
+ return BAD_PROT_ID;
+}
+
+int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count)
+{
+ int i;
+ int count;
+
+ for (i = ARRAY_SIZE(smb_protos) - 1; i >= 0; i--) {
+ count = le16_to_cpu(dialects_count);
+ while (--count >= 0) {
+ ksmbd_debug(SMB, "client requested dialect 0x%x\n",
+ le16_to_cpu(cli_dialects[count]));
+ if (le16_to_cpu(cli_dialects[count]) !=
+ smb_protos[i].prot_id)
+ continue;
+
+ if (supported_protocol(smb_protos[i].index)) {
+ ksmbd_debug(SMB, "selected %s dialect\n",
+ smb_protos[i].name);
+ return smb_protos[i].prot_id;
+ }
+ }
+ }
+
+ return BAD_PROT_ID;
+}
+
+int ksmbd_negotiate_smb_dialect(void *buf)
+{
+ __le32 proto;
+
+ proto = ((struct smb2_hdr *)buf)->ProtocolId;
+ if (proto == SMB2_PROTO_NUMBER) {
+ struct smb2_negotiate_req *req;
+
+ req = (struct smb2_negotiate_req *)buf;
+ return ksmbd_lookup_dialect_by_id(req->Dialects,
+ req->DialectCount);
+ }
+
+ proto = *(__le32 *)((struct smb_hdr *)buf)->Protocol;
+ if (proto == SMB1_PROTO_NUMBER) {
+ struct smb_negotiate_req *req;
+
+ req = (struct smb_negotiate_req *)buf;
+ return ksmbd_lookup_dialect_by_name(req->DialectsArray,
+ req->ByteCount);
+ }
+
+ return BAD_PROT_ID;
+}
+
+#define SMB_COM_NEGOTIATE 0x72
+int ksmbd_init_smb_server(struct ksmbd_work *work)
+{
+ struct ksmbd_conn *conn = work->conn;
+
+ if (conn->need_neg == false)
+ return 0;
+
+ init_smb3_11_server(conn);
+
+ if (conn->ops->get_cmd_val(work) != SMB_COM_NEGOTIATE)
+ conn->need_neg = false;
+ return 0;
+}
+
+bool ksmbd_pdu_size_has_room(unsigned int pdu)
+{
+ return (pdu >= KSMBD_MIN_SUPPORTED_HEADER_SIZE - 4);
+}
+
+int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work,
+ int info_level,
+ struct ksmbd_file *dir,
+ struct ksmbd_dir_info *d_info,
+ char *search_pattern,
+ int (*fn)(struct ksmbd_conn *,
+ int,
+ struct ksmbd_dir_info *,
+ struct ksmbd_kstat *))
+{
+ int i, rc = 0;
+ struct ksmbd_conn *conn = work->conn;
+
+ for (i = 0; i < 2; i++) {
+ struct kstat kstat;
+ struct ksmbd_kstat ksmbd_kstat;
+
+ if (!dir->dot_dotdot[i]) { /* fill dot entry info */
+ if (i == 0) {
+ d_info->name = ".";
+ d_info->name_len = 1;
+ } else {
+ d_info->name = "..";
+ d_info->name_len = 2;
+ }
+
+ if (!match_pattern(d_info->name, search_pattern)) {
+ dir->dot_dotdot[i] = 1;
+ continue;
+ }
+
+ ksmbd_kstat.kstat = &kstat;
+ ksmbd_vfs_fill_dentry_attrs(work,
+ dir->filp->f_path.dentry->d_parent,
+ &ksmbd_kstat);
+ rc = fn(conn, info_level, d_info, &ksmbd_kstat);
+ if (rc)
+ break;
+ if (d_info->out_buf_len <= 0)
+ break;
+
+ dir->dot_dotdot[i] = 1;
+ if (d_info->flags & SMB2_RETURN_SINGLE_ENTRY) {
+ d_info->out_buf_len = 0;
+ break;
+ }
+ }
+ }
+
+ return rc;
+}
+
+/**
+ * ksmbd_extract_shortname() - get shortname from long filename
+ * @conn: connection instance
+ * @longname: source long filename
+ * @shortname: destination short filename
+ *
+ * Return: shortname length or 0 when source long name is '.' or '..'
+ * TODO: Though this function comforms the restriction of 8.3 Filename spec,
+ * but the result is different with Windows 7's one. need to check.
+ */
+int ksmbd_extract_shortname(struct ksmbd_conn *conn,
+ const char *longname,
+ char *shortname)
+{
+ const char *p;
+ char base[9], extension[4];
+ char out[13] = {0};
+ int baselen = 0;
+ int extlen = 0, len = 0;
+ unsigned int csum = 0;
+ const unsigned char *ptr;
+ bool dot_present = true;
+
+ p = longname;
+ if ((*p == '.') || (!(strcmp(p, "..")))) {
+ /*no mangling required */
+ return 0;
+ }
+
+ p = strrchr(longname, '.');
+ if (p == longname) { /*name starts with a dot*/
+ strscpy(extension, "___", strlen("___"));
+ } else {
+ if (p != NULL) {
+ p++;
+ while (*p && extlen < 3) {
+ if (*p != '.')
+ extension[extlen++] = toupper(*p);
+ p++;
+ }
+ extension[extlen] = '\0';
+ } else
+ dot_present = false;
+ }
+
+ p = longname;
+ if (*p == '.') {
+ p++;
+ longname++;
+ }
+ while (*p && (baselen < 5)) {
+ if (*p != '.')
+ base[baselen++] = toupper(*p);
+ p++;
+ }
+
+ base[baselen] = MAGIC_CHAR;
+ memcpy(out, base, baselen+1);
+
+ ptr = longname;
+ len = strlen(longname);
+ for (; len > 0; len--, ptr++)
+ csum += *ptr;
+
+ csum = csum % (MANGLE_BASE * MANGLE_BASE);
+ out[baselen+1] = mangle(csum/MANGLE_BASE);
+ out[baselen+2] = mangle(csum);
+ out[baselen+3] = PERIOD;
+
+ if (dot_present)
+ memcpy(&out[baselen+4], extension, 4);
+ else
+ out[baselen+4] = '\0';
+ smbConvertToUTF16((__le16 *)shortname, out, PATH_MAX,
+ conn->local_nls, 0);
+ len = strlen(out) * 2;
+ return len;
+}
+
+static int __smb2_negotiate(struct ksmbd_conn *conn)
+{
+ return (conn->dialect >= SMB20_PROT_ID &&
+ conn->dialect <= SMB311_PROT_ID);
+}
+
+static int smb_handle_negotiate(struct ksmbd_work *work)
+{
+ struct smb_negotiate_rsp *neg_rsp = RESPONSE_BUF(work);
+
+ ksmbd_debug(SMB, "Unsupported SMB protocol\n");
+ neg_rsp->hdr.Status.CifsError = STATUS_INVALID_LOGON_TYPE;
+ return -EINVAL;
+}
+
+int ksmbd_smb_negotiate_common(struct ksmbd_work *work, unsigned int command)
+{
+ struct ksmbd_conn *conn = work->conn;
+ int ret;
+
+ conn->dialect = ksmbd_negotiate_smb_dialect(REQUEST_BUF(work));
+ ksmbd_debug(SMB, "conn->dialect 0x%x\n", conn->dialect);
+
+ if (command == SMB2_NEGOTIATE_HE) {
+ struct smb2_hdr *smb2_hdr = REQUEST_BUF(work);
+
+ if (smb2_hdr->ProtocolId != SMB2_PROTO_NUMBER) {
+ ksmbd_debug(SMB, "Downgrade to SMB1 negotiation\n");
+ command = SMB_COM_NEGOTIATE;
+ }
+ }
+
+ if (command == SMB2_NEGOTIATE_HE) {
+ ret = smb2_handle_negotiate(work);
+ init_smb2_neg_rsp(work);
+ return ret;
+ }
+
+ if (command == SMB_COM_NEGOTIATE) {
+ if (__smb2_negotiate(conn)) {
+ conn->need_neg = true;
+ init_smb3_11_server(conn);
+ init_smb2_neg_rsp(work);
+ ksmbd_debug(SMB, "Upgrade to SMB2 negotiation\n");
+ return 0;
+ }
+ return smb_handle_negotiate(work);
+ }
+
+ ksmbd_err("Unknown SMB negotiation command: %u\n", command);
+ return -EINVAL;
+}
+
+enum SHARED_MODE_ERRORS {
+ SHARE_DELETE_ERROR,
+ SHARE_READ_ERROR,
+ SHARE_WRITE_ERROR,
+ FILE_READ_ERROR,
+ FILE_WRITE_ERROR,
+ FILE_DELETE_ERROR,
+};
+
+static const char * const shared_mode_errors[] = {
+ "Current access mode does not permit SHARE_DELETE",
+ "Current access mode does not permit SHARE_READ",
+ "Current access mode does not permit SHARE_WRITE",
+ "Desired access mode does not permit FILE_READ",
+ "Desired access mode does not permit FILE_WRITE",
+ "Desired access mode does not permit FILE_DELETE",
+};
+
+static void smb_shared_mode_error(int error,
+ struct ksmbd_file *prev_fp,
+ struct ksmbd_file *curr_fp)
+{
+ ksmbd_debug(SMB, "%s\n", shared_mode_errors[error]);
+ ksmbd_debug(SMB, "Current mode: 0x%x Desired mode: 0x%x\n",
+ prev_fp->saccess, curr_fp->daccess);
+}
+
+int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
+{
+ int rc = 0;
+ struct ksmbd_file *prev_fp;
+ struct list_head *cur;
+
+ /*
+ * Lookup fp in master fp list, and check desired access and
+ * shared mode between previous open and current open.
+ */
+ read_lock(&curr_fp->f_ci->m_lock);
+ list_for_each(cur, &curr_fp->f_ci->m_fp_list) {
+ prev_fp = list_entry(cur, struct ksmbd_file, node);
+ if (file_inode(filp) != FP_INODE(prev_fp))
+ continue;
+
+ if (filp == prev_fp->filp)
+ continue;
+
+ if (ksmbd_stream_fd(prev_fp) && ksmbd_stream_fd(curr_fp))
+ if (strcmp(prev_fp->stream.name, curr_fp->stream.name))
+ continue;
+
+ if (prev_fp->is_durable) {
+ prev_fp->is_durable = 0;
+ continue;
+ }
+
+ if (prev_fp->attrib_only != curr_fp->attrib_only)
+ continue;
+
+ if (!(prev_fp->saccess & FILE_SHARE_DELETE_LE) &&
+ curr_fp->daccess & FILE_DELETE_LE) {
+ smb_shared_mode_error(SHARE_DELETE_ERROR,
+ prev_fp,
+ curr_fp);
+ rc = -EPERM;
+ break;
+ }
+
+ /*
+ * Only check FILE_SHARE_DELETE if stream opened and
+ * normal file opened.
+ */
+ if (ksmbd_stream_fd(prev_fp) && !ksmbd_stream_fd(curr_fp))
+ continue;
+
+ if (!(prev_fp->saccess & FILE_SHARE_READ_LE) &&
+ curr_fp->daccess & (FILE_EXECUTE_LE |
+ FILE_READ_DATA_LE)) {
+ smb_shared_mode_error(SHARE_READ_ERROR,
+ prev_fp,
+ curr_fp);
+ rc = -EPERM;
+ break;
+ }
+
+ if (!(prev_fp->saccess & FILE_SHARE_WRITE_LE) &&
+ curr_fp->daccess & (FILE_WRITE_DATA_LE |
+ FILE_APPEND_DATA_LE)) {
+ smb_shared_mode_error(SHARE_WRITE_ERROR,
+ prev_fp,
+ curr_fp);
+ rc = -EPERM;
+ break;
+ }
+
+ if (prev_fp->daccess & (FILE_EXECUTE_LE |
+ FILE_READ_DATA_LE) &&
+ !(curr_fp->saccess & FILE_SHARE_READ_LE)) {
+ smb_shared_mode_error(FILE_READ_ERROR,
+ prev_fp,
+ curr_fp);
+ rc = -EPERM;
+ break;
+ }
+
+ if (prev_fp->daccess & (FILE_WRITE_DATA_LE |
+ FILE_APPEND_DATA_LE) &&
+ !(curr_fp->saccess & FILE_SHARE_WRITE_LE)) {
+ smb_shared_mode_error(FILE_WRITE_ERROR,
+ prev_fp,
+ curr_fp);
+ rc = -EPERM;
+ break;
+ }
+
+ if (prev_fp->daccess & FILE_DELETE_LE &&
+ !(curr_fp->saccess & FILE_SHARE_DELETE_LE)) {
+ smb_shared_mode_error(FILE_DELETE_ERROR,
+ prev_fp,
+ curr_fp);
+ rc = -EPERM;
+ break;
+ }
+ }
+ read_unlock(&curr_fp->f_ci->m_lock);
+
+ return rc;
+}
+
+bool is_asterisk(char *p)
+{
+ return p && p[0] == '*';
+}
+
+int ksmbd_override_fsids(struct ksmbd_work *work)
+{
+ struct ksmbd_session *sess = work->sess;
+ struct ksmbd_share_config *share = work->tcon->share_conf;
+ struct cred *cred;
+ struct group_info *gi;
+ unsigned int uid;
+ unsigned int gid;
+
+ uid = user_uid(sess->user);
+ gid = user_gid(sess->user);
+ if (share->force_uid != KSMBD_SHARE_INVALID_UID)
+ uid = share->force_uid;
+ if (share->force_gid != KSMBD_SHARE_INVALID_GID)
+ gid = share->force_gid;
+
+ cred = prepare_kernel_cred(NULL);
+ if (!cred)
+ return -ENOMEM;
+
+ cred->fsuid = make_kuid(current_user_ns(), uid);
+ cred->fsgid = make_kgid(current_user_ns(), gid);
+
+ gi = groups_alloc(0);
+ if (!gi) {
+ abort_creds(cred);
+ return -ENOMEM;
+ }
+ set_groups(cred, gi);
+ put_group_info(gi);
+
+ if (!uid_eq(cred->fsuid, GLOBAL_ROOT_UID))
+ cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
+
+ WARN_ON(work->saved_cred != NULL);
+ work->saved_cred = override_creds(cred);
+ if (!work->saved_cred) {
+ abort_creds(cred);
+ return -EINVAL;
+ }
+ return 0;
+}
+
+void ksmbd_revert_fsids(struct ksmbd_work *work)
+{
+ const struct cred *cred;
+
+ WARN_ON(work->saved_cred == NULL);
+
+ cred = current_cred();
+ revert_creds(work->saved_cred);
+ put_cred(cred);
+ work->saved_cred = NULL;
+}
+
+__le32 smb_map_generic_desired_access(__le32 daccess)
+{
+ if (daccess & FILE_GENERIC_READ_LE) {
+ daccess |= cpu_to_le32(GENERIC_READ_FLAGS);
+ daccess &= ~FILE_GENERIC_READ_LE;
+ }
+
+ if (daccess & FILE_GENERIC_WRITE_LE) {
+ daccess |= cpu_to_le32(GENERIC_WRITE_FLAGS);
+ daccess &= ~FILE_GENERIC_WRITE_LE;
+ }
+
+ if (daccess & FILE_GENERIC_EXECUTE_LE) {
+ daccess |= cpu_to_le32(GENERIC_EXECUTE_FLAGS);
+ daccess &= ~FILE_GENERIC_EXECUTE_LE;
+ }
+
+ if (daccess & FILE_GENERIC_ALL_LE) {
+ daccess |= cpu_to_le32(GENERIC_ALL_FLAGS);
+ daccess &= ~FILE_GENERIC_ALL_LE;
+ }
+
+ return daccess;
+}
diff --git a/fs/cifsd/smb_common.h b/fs/cifsd/smb_common.h
new file mode 100644
index 000000000000..ec954e6bc4ae
--- /dev/null
+++ b/fs/cifsd/smb_common.h
@@ -0,0 +1,546 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __SMB_COMMON_H__
+#define __SMB_COMMON_H__
+
+#include <linux/kernel.h>
+
+#include "glob.h"
+#include "nterr.h"
+#include "smb2pdu.h"
+
+/* ksmbd's Specific ERRNO */
+#define ESHARE 50000
+
+#define SMB1_PROT 0
+#define SMB2_PROT 1
+#define SMB21_PROT 2
+/* multi-protocol negotiate request */
+#define SMB2X_PROT 3
+#define SMB30_PROT 4
+#define SMB302_PROT 5
+#define SMB311_PROT 6
+#define BAD_PROT 0xFFFF
+
+#define SMB1_VERSION_STRING "1.0"
+#define SMB20_VERSION_STRING "2.0"
+#define SMB21_VERSION_STRING "2.1"
+#define SMB30_VERSION_STRING "3.0"
+#define SMB302_VERSION_STRING "3.02"
+#define SMB311_VERSION_STRING "3.1.1"
+
+/* Dialects */
+#define SMB10_PROT_ID 0x00
+#define SMB20_PROT_ID 0x0202
+#define SMB21_PROT_ID 0x0210
+/* multi-protocol negotiate request */
+#define SMB2X_PROT_ID 0x02FF
+#define SMB30_PROT_ID 0x0300
+#define SMB302_PROT_ID 0x0302
+#define SMB311_PROT_ID 0x0311
+#define BAD_PROT_ID 0xFFFF
+
+#define SMB_ECHO_INTERVAL (60*HZ)
+
+#define CIFS_DEFAULT_IOSIZE (64 * 1024)
+#define MAX_CIFS_SMALL_BUFFER_SIZE 448 /* big enough for most */
+
+extern struct list_head global_lock_list;
+
+#define IS_SMB2(x) ((x)->vals->protocol_id != SMB10_PROT_ID)
+
+#define HEADER_SIZE(conn) ((conn)->vals->header_size)
+#define HEADER_SIZE_NO_BUF_LEN(conn) ((conn)->vals->header_size - 4)
+#define MAX_HEADER_SIZE(conn) ((conn)->vals->max_header_size)
+
+/* RFC 1002 session packet types */
+#define RFC1002_SESSION_MESSAGE 0x00
+#define RFC1002_SESSION_REQUEST 0x81
+#define RFC1002_POSITIVE_SESSION_RESPONSE 0x82
+#define RFC1002_NEGATIVE_SESSION_RESPONSE 0x83
+#define RFC1002_RETARGET_SESSION_RESPONSE 0x84
+#define RFC1002_SESSION_KEEP_ALIVE 0x85
+
+/* Responses when opening a file. */
+#define F_SUPERSEDED 0
+#define F_OPENED 1
+#define F_CREATED 2
+#define F_OVERWRITTEN 3
+
+/*
+ * File Attribute flags
+ */
+#define ATTR_READONLY 0x0001
+#define ATTR_HIDDEN 0x0002
+#define ATTR_SYSTEM 0x0004
+#define ATTR_VOLUME 0x0008
+#define ATTR_DIRECTORY 0x0010
+#define ATTR_ARCHIVE 0x0020
+#define ATTR_DEVICE 0x0040
+#define ATTR_NORMAL 0x0080
+#define ATTR_TEMPORARY 0x0100
+#define ATTR_SPARSE 0x0200
+#define ATTR_REPARSE 0x0400
+#define ATTR_COMPRESSED 0x0800
+#define ATTR_OFFLINE 0x1000
+#define ATTR_NOT_CONTENT_INDEXED 0x2000
+#define ATTR_ENCRYPTED 0x4000
+#define ATTR_POSIX_SEMANTICS 0x01000000
+#define ATTR_BACKUP_SEMANTICS 0x02000000
+#define ATTR_DELETE_ON_CLOSE 0x04000000
+#define ATTR_SEQUENTIAL_SCAN 0x08000000
+#define ATTR_RANDOM_ACCESS 0x10000000
+#define ATTR_NO_BUFFERING 0x20000000
+#define ATTR_WRITE_THROUGH 0x80000000
+
+#define ATTR_READONLY_LE cpu_to_le32(ATTR_READONLY)
+#define ATTR_HIDDEN_LE cpu_to_le32(ATTR_HIDDEN)
+#define ATTR_SYSTEM_LE cpu_to_le32(ATTR_SYSTEM)
+#define ATTR_DIRECTORY_LE cpu_to_le32(ATTR_DIRECTORY)
+#define ATTR_ARCHIVE_LE cpu_to_le32(ATTR_ARCHIVE)
+#define ATTR_NORMAL_LE cpu_to_le32(ATTR_NORMAL)
+#define ATTR_TEMPORARY_LE cpu_to_le32(ATTR_TEMPORARY)
+#define ATTR_SPARSE_FILE_LE cpu_to_le32(ATTR_SPARSE)
+#define ATTR_REPARSE_POINT_LE cpu_to_le32(ATTR_REPARSE)
+#define ATTR_COMPRESSED_LE cpu_to_le32(ATTR_COMPRESSED)
+#define ATTR_OFFLINE_LE cpu_to_le32(ATTR_OFFLINE)
+#define ATTR_NOT_CONTENT_INDEXED_LE cpu_to_le32(ATTR_NOT_CONTENT_INDEXED)
+#define ATTR_ENCRYPTED_LE cpu_to_le32(ATTR_ENCRYPTED)
+#define ATTR_INTEGRITY_STREAML_LE cpu_to_le32(0x00008000)
+#define ATTR_NO_SCRUB_DATA_LE cpu_to_le32(0x00020000)
+#define ATTR_MASK_LE cpu_to_le32(0x00007FB7)
+
+/* List of FileSystemAttributes - see 2.5.1 of MS-FSCC */
+#define FILE_SUPPORTS_SPARSE_VDL 0x10000000 /* faster nonsparse extend */
+#define FILE_SUPPORTS_BLOCK_REFCOUNTING 0x08000000 /* allow ioctl dup extents */
+#define FILE_SUPPORT_INTEGRITY_STREAMS 0x04000000
+#define FILE_SUPPORTS_USN_JOURNAL 0x02000000
+#define FILE_SUPPORTS_OPEN_BY_FILE_ID 0x01000000
+#define FILE_SUPPORTS_EXTENDED_ATTRIBUTES 0x00800000
+#define FILE_SUPPORTS_HARD_LINKS 0x00400000
+#define FILE_SUPPORTS_TRANSACTIONS 0x00200000
+#define FILE_SEQUENTIAL_WRITE_ONCE 0x00100000
+#define FILE_READ_ONLY_VOLUME 0x00080000
+#define FILE_NAMED_STREAMS 0x00040000
+#define FILE_SUPPORTS_ENCRYPTION 0x00020000
+#define FILE_SUPPORTS_OBJECT_IDS 0x00010000
+#define FILE_VOLUME_IS_COMPRESSED 0x00008000
+#define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
+#define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
+#define FILE_SUPPORTS_SPARSE_FILES 0x00000040
+#define FILE_VOLUME_QUOTAS 0x00000020
+#define FILE_FILE_COMPRESSION 0x00000010
+#define FILE_PERSISTENT_ACLS 0x00000008
+#define FILE_UNICODE_ON_DISK 0x00000004
+#define FILE_CASE_PRESERVED_NAMES 0x00000002
+#define FILE_CASE_SENSITIVE_SEARCH 0x00000001
+
+#define FILE_READ_DATA 0x00000001 /* Data can be read from the file */
+#define FILE_WRITE_DATA 0x00000002 /* Data can be written to the file */
+#define FILE_APPEND_DATA 0x00000004 /* Data can be appended to the file */
+#define FILE_READ_EA 0x00000008 /* Extended attributes associated */
+/* with the file can be read */
+#define FILE_WRITE_EA 0x00000010 /* Extended attributes associated */
+/* with the file can be written */
+#define FILE_EXECUTE 0x00000020 /*Data can be read into memory from */
+/* the file using system paging I/O */
+#define FILE_DELETE_CHILD 0x00000040
+#define FILE_READ_ATTRIBUTES 0x00000080 /* Attributes associated with the */
+/* file can be read */
+#define FILE_WRITE_ATTRIBUTES 0x00000100 /* Attributes associated with the */
+/* file can be written */
+#define DELETE 0x00010000 /* The file can be deleted */
+#define READ_CONTROL 0x00020000 /* The access control list and */
+/* ownership associated with the */
+/* file can be read */
+#define WRITE_DAC 0x00040000 /* The access control list and */
+/* ownership associated with the */
+/* file can be written. */
+#define WRITE_OWNER 0x00080000 /* Ownership information associated */
+/* with the file can be written */
+#define SYNCHRONIZE 0x00100000 /* The file handle can waited on to */
+/* synchronize with the completion */
+/* of an input/output request */
+#define GENERIC_ALL 0x10000000
+#define GENERIC_EXECUTE 0x20000000
+#define GENERIC_WRITE 0x40000000
+#define GENERIC_READ 0x80000000
+/* In summary - Relevant file */
+/* access flags from CIFS are */
+/* file_read_data, file_write_data */
+/* file_execute, file_read_attributes*/
+/* write_dac, and delete. */
+
+#define FILE_READ_RIGHTS (FILE_READ_DATA | FILE_READ_EA | FILE_READ_ATTRIBUTES)
+#define FILE_WRITE_RIGHTS (FILE_WRITE_DATA | FILE_APPEND_DATA \
+ | FILE_WRITE_EA | FILE_WRITE_ATTRIBUTES)
+#define FILE_EXEC_RIGHTS (FILE_EXECUTE)
+
+#define SET_FILE_READ_RIGHTS (FILE_READ_DATA | FILE_READ_EA \
+ | FILE_READ_ATTRIBUTES \
+ | DELETE | READ_CONTROL | WRITE_DAC \
+ | WRITE_OWNER | SYNCHRONIZE)
+#define SET_FILE_WRITE_RIGHTS (FILE_WRITE_DATA | FILE_APPEND_DATA \
+ | FILE_WRITE_EA \
+ | FILE_DELETE_CHILD \
+ | FILE_WRITE_ATTRIBUTES \
+ | DELETE | READ_CONTROL | WRITE_DAC \
+ | WRITE_OWNER | SYNCHRONIZE)
+#define SET_FILE_EXEC_RIGHTS (FILE_READ_EA | FILE_WRITE_EA | FILE_EXECUTE \
+ | FILE_READ_ATTRIBUTES \
+ | FILE_WRITE_ATTRIBUTES \
+ | DELETE | READ_CONTROL | WRITE_DAC \
+ | WRITE_OWNER | SYNCHRONIZE)
+
+#define SET_MINIMUM_RIGHTS (FILE_READ_EA | FILE_READ_ATTRIBUTES \
+ | READ_CONTROL | SYNCHRONIZE)
+
+/* generic flags for file open */
+#define GENERIC_READ_FLAGS (READ_CONTROL | FILE_READ_DATA | \
+ FILE_READ_ATTRIBUTES | \
+ FILE_READ_EA | SYNCHRONIZE)
+
+#define GENERIC_WRITE_FLAGS (READ_CONTROL | FILE_WRITE_DATA | \
+ FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | \
+ FILE_APPEND_DATA | SYNCHRONIZE)
+
+#define GENERIC_EXECUTE_FLAGS (READ_CONTROL | FILE_EXECUTE | \
+ FILE_READ_ATTRIBUTES | SYNCHRONIZE)
+
+#define GENERIC_ALL_FLAGS (DELETE | READ_CONTROL | WRITE_DAC | \
+ WRITE_OWNER | SYNCHRONIZE | FILE_READ_DATA | \
+ FILE_WRITE_DATA | FILE_APPEND_DATA | \
+ FILE_READ_EA | FILE_WRITE_EA | \
+ FILE_EXECUTE | FILE_DELETE_CHILD | \
+ FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES)
+
+#define SMB1_PROTO_NUMBER cpu_to_le32(0x424d53ff)
+
+#define SMB1_CLIENT_GUID_SIZE (16)
+struct smb_hdr {
+ __be32 smb_buf_length;
+ __u8 Protocol[4];
+ __u8 Command;
+ union {
+ struct {
+ __u8 ErrorClass;
+ __u8 Reserved;
+ __le16 Error;
+ } __packed DosError;
+ __le32 CifsError;
+ } __packed Status;
+ __u8 Flags;
+ __le16 Flags2; /* note: le */
+ __le16 PidHigh;
+ union {
+ struct {
+ __le32 SequenceNumber; /* le */
+ __u32 Reserved; /* zero */
+ } __packed Sequence;
+ __u8 SecuritySignature[8]; /* le */
+ } __packed Signature;
+ __u8 pad[2];
+ __le16 Tid;
+ __le16 Pid;
+ __le16 Uid;
+ __le16 Mid;
+ __u8 WordCount;
+} __packed;
+
+struct smb_negotiate_req {
+ struct smb_hdr hdr; /* wct = 0 */
+ __le16 ByteCount;
+ unsigned char DialectsArray[1];
+} __packed;
+
+struct smb_negotiate_rsp {
+ struct smb_hdr hdr; /* wct = 17 */
+ __le16 DialectIndex; /* 0xFFFF = no dialect acceptable */
+ __u8 SecurityMode;
+ __le16 MaxMpxCount;
+ __le16 MaxNumberVcs;
+ __le32 MaxBufferSize;
+ __le32 MaxRawSize;
+ __le32 SessionKey;
+ __le32 Capabilities; /* see below */
+ __le32 SystemTimeLow;
+ __le32 SystemTimeHigh;
+ __le16 ServerTimeZone;
+ __u8 EncryptionKeyLength;
+ __le16 ByteCount;
+ union {
+ unsigned char EncryptionKey[8]; /* cap extended security off */
+ /* followed by Domain name - if extended security is off */
+ /* followed by 16 bytes of server GUID */
+ /* then security blob if cap_extended_security negotiated */
+ struct {
+ unsigned char GUID[SMB1_CLIENT_GUID_SIZE];
+ unsigned char SecurityBlob[1];
+ } __packed extended_response;
+ } __packed u;
+} __packed;
+
+struct filesystem_attribute_info {
+ __le32 Attributes;
+ __le32 MaxPathNameComponentLength;
+ __le32 FileSystemNameLen;
+ __le16 FileSystemName[1]; /* do not have to save this - get subset? */
+} __packed;
+
+struct filesystem_device_info {
+ __le32 DeviceType;
+ __le32 DeviceCharacteristics;
+} __packed; /* device info level 0x104 */
+
+struct filesystem_vol_info {
+ __le64 VolumeCreationTime;
+ __le32 SerialNumber;
+ __le32 VolumeLabelSize;
+ __le16 Reserved;
+ __le16 VolumeLabel[1];
+} __packed;
+
+struct filesystem_info {
+ __le64 TotalAllocationUnits;
+ __le64 FreeAllocationUnits;
+ __le32 SectorsPerAllocationUnit;
+ __le32 BytesPerSector;
+} __packed; /* size info, level 0x103 */
+
+#define EXTENDED_INFO_MAGIC 0x43667364 /* Cfsd */
+#define STRING_LENGTH 28
+
+struct fs_extended_info {
+ __le32 magic;
+ __le32 version;
+ __le32 release;
+ __u64 rel_date;
+ char version_string[STRING_LENGTH];
+} __packed;
+
+struct object_id_info {
+ char objid[16];
+ struct fs_extended_info extended_info;
+} __packed;
+
+struct file_directory_info {
+ __le32 NextEntryOffset;
+ __u32 FileIndex;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 EndOfFile;
+ __le64 AllocationSize;
+ __le32 ExtFileAttributes;
+ __le32 FileNameLength;
+ char FileName[1];
+} __packed; /* level 0x101 FF resp data */
+
+struct file_names_info {
+ __le32 NextEntryOffset;
+ __u32 FileIndex;
+ __le32 FileNameLength;
+ char FileName[1];
+} __packed; /* level 0xc FF resp data */
+
+struct file_full_directory_info {
+ __le32 NextEntryOffset;
+ __u32 FileIndex;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 EndOfFile;
+ __le64 AllocationSize;
+ __le32 ExtFileAttributes;
+ __le32 FileNameLength;
+ __le32 EaSize;
+ char FileName[1];
+} __packed; /* level 0x102 FF resp */
+
+struct file_both_directory_info {
+ __le32 NextEntryOffset;
+ __u32 FileIndex;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 EndOfFile;
+ __le64 AllocationSize;
+ __le32 ExtFileAttributes;
+ __le32 FileNameLength;
+ __le32 EaSize; /* length of the xattrs */
+ __u8 ShortNameLength;
+ __u8 Reserved;
+ __u8 ShortName[24];
+ char FileName[1];
+} __packed; /* level 0x104 FFrsp data */
+
+struct file_id_both_directory_info {
+ __le32 NextEntryOffset;
+ __u32 FileIndex;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 EndOfFile;
+ __le64 AllocationSize;
+ __le32 ExtFileAttributes;
+ __le32 FileNameLength;
+ __le32 EaSize; /* length of the xattrs */
+ __u8 ShortNameLength;
+ __u8 Reserved;
+ __u8 ShortName[24];
+ __le16 Reserved2;
+ __le64 UniqueId;
+ char FileName[1];
+} __packed;
+
+struct file_id_full_dir_info {
+ __le32 NextEntryOffset;
+ __u32 FileIndex;
+ __le64 CreationTime;
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le64 EndOfFile;
+ __le64 AllocationSize;
+ __le32 ExtFileAttributes;
+ __le32 FileNameLength;
+ __le32 EaSize; /* EA size */
+ __le32 Reserved;
+ __le64 UniqueId; /* inode num - le since Samba puts ino in low 32 bit*/
+ char FileName[1];
+} __packed; /* level 0x105 FF rsp data */
+
+struct smb_version_values {
+ char *version_string;
+ __u16 protocol_id;
+ __le16 lock_cmd;
+ __u32 capabilities;
+ __u32 max_read_size;
+ __u32 max_write_size;
+ __u32 max_trans_size;
+ __u32 large_lock_type;
+ __u32 exclusive_lock_type;
+ __u32 shared_lock_type;
+ __u32 unlock_lock_type;
+ size_t header_size;
+ size_t max_header_size;
+ size_t read_rsp_size;
+ unsigned int cap_unix;
+ unsigned int cap_nt_find;
+ unsigned int cap_large_files;
+ __u16 signing_enabled;
+ __u16 signing_required;
+ size_t create_lease_size;
+ size_t create_durable_size;
+ size_t create_durable_v2_size;
+ size_t create_mxac_size;
+ size_t create_disk_id_size;
+ size_t create_posix_size;
+};
+
+struct filesystem_posix_info {
+ /* For undefined recommended transfer size return -1 in that field */
+ __le32 OptimalTransferSize; /* bsize on some os, iosize on other os */
+ __le32 BlockSize;
+ /* The next three fields are in terms of the block size.
+ * (above). If block size is unknown, 4096 would be a
+ * reasonable block size for a server to report.
+ * Note that returning the blocks/blocksavail removes need
+ * to make a second call (to QFSInfo level 0x103 to get this info.
+ * UserBlockAvail is typically less than or equal to BlocksAvail,
+ * if no distinction is made return the same value in each
+ */
+ __le64 TotalBlocks;
+ __le64 BlocksAvail; /* bfree */
+ __le64 UserBlocksAvail; /* bavail */
+ /* For undefined Node fields or FSID return -1 */
+ __le64 TotalFileNodes;
+ __le64 FreeFileNodes;
+ __le64 FileSysIdentifier; /* fsid */
+ /* NB Namelen comes from FILE_SYSTEM_ATTRIBUTE_INFO call */
+ /* NB flags can come from FILE_SYSTEM_DEVICE_INFO call */
+} __packed;
+
+struct smb_version_ops {
+ uint16_t (*get_cmd_val)(struct ksmbd_work *swork);
+ int (*init_rsp_hdr)(struct ksmbd_work *swork);
+ void (*set_rsp_status)(struct ksmbd_work *swork, __le32 err);
+ int (*allocate_rsp_buf)(struct ksmbd_work *work);
+ int (*set_rsp_credits)(struct ksmbd_work *work);
+ int (*check_user_session)(struct ksmbd_work *work);
+ int (*get_ksmbd_tcon)(struct ksmbd_work *work);
+ bool (*is_sign_req)(struct ksmbd_work *work, unsigned int command);
+ int (*check_sign_req)(struct ksmbd_work *work);
+ void (*set_sign_rsp)(struct ksmbd_work *work);
+ int (*generate_signingkey)(struct ksmbd_session *sess);
+ int (*generate_encryptionkey)(struct ksmbd_session *sess);
+ int (*is_transform_hdr)(void *buf);
+ int (*decrypt_req)(struct ksmbd_work *work);
+ int (*encrypt_resp)(struct ksmbd_work *work);
+};
+
+struct smb_version_cmds {
+ int (*proc)(struct ksmbd_work *swork);
+};
+
+
+
+int ksmbd_min_protocol(void);
+int ksmbd_max_protocol(void);
+
+int ksmbd_lookup_protocol_idx(char *str);
+
+int ksmbd_verify_smb_message(struct ksmbd_work *work);
+bool ksmbd_smb_request(struct ksmbd_conn *conn);
+
+int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count);
+
+int ksmbd_negotiate_smb_dialect(void *buf);
+int ksmbd_init_smb_server(struct ksmbd_work *work);
+
+bool ksmbd_pdu_size_has_room(unsigned int pdu);
+
+struct ksmbd_kstat;
+int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work,
+ int info_level,
+ struct ksmbd_file *dir,
+ struct ksmbd_dir_info *d_info,
+ char *search_pattern,
+ int (*fn)(struct ksmbd_conn *,
+ int,
+ struct ksmbd_dir_info *,
+ struct ksmbd_kstat *));
+
+int ksmbd_extract_shortname(struct ksmbd_conn *conn,
+ const char *longname,
+ char *shortname);
+
+int ksmbd_smb_negotiate_common(struct ksmbd_work *work, unsigned int command);
+
+int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp);
+int ksmbd_override_fsids(struct ksmbd_work *work);
+void ksmbd_revert_fsids(struct ksmbd_work *work);
+
+unsigned int ksmbd_server_side_copy_max_chunk_count(void);
+unsigned int ksmbd_server_side_copy_max_chunk_size(void);
+unsigned int ksmbd_server_side_copy_max_total_size(void);
+bool is_asterisk(char *p);
+__le32 smb_map_generic_desired_access(__le32 daccess);
+
+static inline unsigned int get_rfc1002_len(void *buf)
+{
+ return be32_to_cpu(*((__be32 *)buf)) & 0xffffff;
+}
+
+static inline void inc_rfc1001_len(void *buf, int count)
+{
+ be32_add_cpu((__be32 *)buf, count);
+}
+#endif /* __SMB_COMMON_H__ */
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
new file mode 100644
index 000000000000..8d8360ca4751
--- /dev/null
+++ b/fs/cifsd/smbacl.c
@@ -0,0 +1,1309 @@
+// SPDX-License-Identifier: LGPL-2.1+
+/*
+ * Copyright (C) International Business Machines Corp., 2007,2008
+ * Author(s): Steve French (sfrench(a)us.ibm.com)
+ * Copyright (C) 2020 Samsung Electronics Co., Ltd.
+ * Author(s): Namjae Jeon <linkinjeon(a)kernel.org>
+ */
+
+#include <linux/fs.h>
+#include <linux/slab.h>
+#include <linux/string.h>
+
+#include "smbacl.h"
+#include "smb_common.h"
+#include "server.h"
+#include "misc.h"
+#include "ksmbd_server.h"
+#include "mgmt/share_config.h"
+
+static const struct smb_sid domain = {1, 4, {0, 0, 0, 0, 0, 5},
+ {cpu_to_le32(21), cpu_to_le32(1), cpu_to_le32(2), cpu_to_le32(3),
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} };
+
+/* security id for everyone/world system group */
+static const struct smb_sid creator_owner = {
+ 1, 1, {0, 0, 0, 0, 0, 3}, {0} };
+/* security id for everyone/world system group */
+static const struct smb_sid creator_group = {
+ 1, 1, {0, 0, 0, 0, 0, 3}, {cpu_to_le32(1)} };
+
+/* security id for everyone/world system group */
+static const struct smb_sid sid_everyone = {
+ 1, 1, {0, 0, 0, 0, 0, 1}, {0} };
+/* security id for Authenticated Users system group */
+static const struct smb_sid sid_authusers = {
+ 1, 1, {0, 0, 0, 0, 0, 5}, {cpu_to_le32(11)} };
+
+/* S-1-22-1 Unmapped Unix users */
+static const struct smb_sid sid_unix_users = {1, 1, {0, 0, 0, 0, 0, 22},
+ {cpu_to_le32(1), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} };
+
+/* S-1-22-2 Unmapped Unix groups */
+static const struct smb_sid sid_unix_groups = { 1, 1, {0, 0, 0, 0, 0, 22},
+ {cpu_to_le32(2), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} };
+
+/*
+ * See http://technet.microsoft.com/en-us/library/hh509017(v=ws.10).aspx
+ */
+
+/* S-1-5-88 MS NFS and Apple style UID/GID/mode */
+
+/* S-1-5-88-1 Unix uid */
+static const struct smb_sid sid_unix_NFS_users = { 1, 2, {0, 0, 0, 0, 0, 5},
+ {cpu_to_le32(88),
+ cpu_to_le32(1), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} };
+
+/* S-1-5-88-2 Unix gid */
+static const struct smb_sid sid_unix_NFS_groups = { 1, 2, {0, 0, 0, 0, 0, 5},
+ {cpu_to_le32(88),
+ cpu_to_le32(2), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} };
+
+/* S-1-5-88-3 Unix mode */
+static const struct smb_sid sid_unix_NFS_mode = { 1, 2, {0, 0, 0, 0, 0, 5},
+ {cpu_to_le32(88),
+ cpu_to_le32(3), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} };
+
+/*
+ * if the two SIDs (roughly equivalent to a UUID for a user or group) are
+ * the same returns zero, if they do not match returns non-zero.
+ */
+int
+compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid)
+{
+ int i;
+ int num_subauth, num_sat, num_saw;
+
+ if ((!ctsid) || (!cwsid))
+ return 1;
+
+ /* compare the revision */
+ if (ctsid->revision != cwsid->revision) {
+ if (ctsid->revision > cwsid->revision)
+ return 1;
+ else
+ return -1;
+ }
+
+ /* compare all of the six auth values */
+ for (i = 0; i < NUM_AUTHS; ++i) {
+ if (ctsid->authority[i] != cwsid->authority[i]) {
+ if (ctsid->authority[i] > cwsid->authority[i])
+ return 1;
+ else
+ return -1;
+ }
+ }
+
+ /* compare all of the subauth values if any */
+ num_sat = ctsid->num_subauth;
+ num_saw = cwsid->num_subauth;
+ num_subauth = num_sat < num_saw ? num_sat : num_saw;
+ if (num_subauth) {
+ for (i = 0; i < num_subauth; ++i) {
+ if (ctsid->sub_auth[i] != cwsid->sub_auth[i]) {
+ if (le32_to_cpu(ctsid->sub_auth[i]) >
+ le32_to_cpu(cwsid->sub_auth[i]))
+ return 1;
+ else
+ return -1;
+ }
+ }
+ }
+
+ return 0; /* sids compare/match */
+}
+
+static void
+smb_copy_sid(struct smb_sid *dst, const struct smb_sid *src)
+{
+ int i;
+
+ dst->revision = src->revision;
+ dst->num_subauth = min_t(u8, src->num_subauth, SID_MAX_SUB_AUTHORITIES);
+ for (i = 0; i < NUM_AUTHS; ++i)
+ dst->authority[i] = src->authority[i];
+ for (i = 0; i < dst->num_subauth; ++i)
+ dst->sub_auth[i] = src->sub_auth[i];
+}
+
+/*
+ * change posix mode to reflect permissions
+ * pmode is the existing mode (we only want to overwrite part of this
+ * bits to set can be: S_IRWXU, S_IRWXG or S_IRWXO ie 00700 or 00070 or 00007
+ */
+static umode_t access_flags_to_mode(struct smb_fattr *fattr, __le32 ace_flags,
+ int type)
+{
+ __u32 flags = le32_to_cpu(ace_flags);
+ umode_t mode = 0;
+
+ if (flags & GENERIC_ALL) {
+ mode = 0777;
+ ksmbd_debug(SMB, "all perms\n");
+ return mode;
+ }
+
+ if ((flags & GENERIC_READ) ||
+ (flags & FILE_READ_RIGHTS))
+ mode = 0444;
+ if ((flags & GENERIC_WRITE) ||
+ (flags & FILE_WRITE_RIGHTS)) {
+ mode |= 0222;
+ if (S_ISDIR(fattr->cf_mode))
+ mode |= 0111;
+ }
+ if ((flags & GENERIC_EXECUTE) ||
+ (flags & FILE_EXEC_RIGHTS))
+ mode |= 0111;
+
+ if (type == ACCESS_DENIED_ACE_TYPE ||
+ type == ACCESS_DENIED_OBJECT_ACE_TYPE)
+ mode = ~mode;
+
+ ksmbd_debug(SMB, "access flags 0x%x mode now %04o\n", flags, mode);
+
+ return mode;
+}
+
+/*
+ * Generate access flags to reflect permissions mode is the existing mode.
+ * This function is called for every ACE in the DACL whose SID matches
+ * with either owner or group or everyone.
+ */
+static void mode_to_access_flags(umode_t mode, umode_t bits_to_use,
+ __u32 *pace_flags)
+{
+ /* reset access mask */
+ *pace_flags = 0x0;
+
+ /* bits to use are either S_IRWXU or S_IRWXG or S_IRWXO */
+ mode &= bits_to_use;
+
+ /*
+ * check for R/W/X UGO since we do not know whose flags
+ * is this but we have cleared all the bits sans RWX for
+ * either user or group or other as per bits_to_use
+ */
+ if (mode & 0444)
+ *pace_flags |= SET_FILE_READ_RIGHTS;
+ if (mode & 0222)
+ *pace_flags |= FILE_WRITE_RIGHTS;
+ if (mode & 0111)
+ *pace_flags |= SET_FILE_EXEC_RIGHTS;
+
+ ksmbd_debug(SMB, "mode: %o, access flags now 0x%x\n",
+ mode, *pace_flags);
+}
+
+static __u16 fill_ace_for_sid(struct smb_ace *pntace,
+ const struct smb_sid *psid, int type, int flags,
+ umode_t mode, umode_t bits)
+{
+ int i;
+ __u16 size = 0;
+ __u32 access_req = 0;
+
+ pntace->type = type;
+ pntace->flags = flags;
+ mode_to_access_flags(mode, bits, &access_req);
+ if (!access_req)
+ access_req = SET_MINIMUM_RIGHTS;
+ pntace->access_req = cpu_to_le32(access_req);
+
+ pntace->sid.revision = psid->revision;
+ pntace->sid.num_subauth = psid->num_subauth;
+ for (i = 0; i < NUM_AUTHS; i++)
+ pntace->sid.authority[i] = psid->authority[i];
+ for (i = 0; i < psid->num_subauth; i++)
+ pntace->sid.sub_auth[i] = psid->sub_auth[i];
+
+ size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + (psid->num_subauth * 4);
+ pntace->size = cpu_to_le16(size);
+
+ return size;
+}
+
+void id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
+{
+ switch (sidtype) {
+ case SIDOWNER:
+ smb_copy_sid(ssid, &server_conf.domain_sid);
+ break;
+ case SIDUNIX_USER:
+ smb_copy_sid(ssid, &sid_unix_users);
+ break;
+ case SIDUNIX_GROUP:
+ smb_copy_sid(ssid, &sid_unix_groups);
+ break;
+ case SIDCREATOR_OWNER:
+ smb_copy_sid(ssid, &creator_owner);
+ return;
+ case SIDCREATOR_GROUP:
+ smb_copy_sid(ssid, &creator_group);
+ return;
+ case SIDNFS_USER:
+ smb_copy_sid(ssid, &sid_unix_NFS_users);
+ break;
+ case SIDNFS_GROUP:
+ smb_copy_sid(ssid, &sid_unix_NFS_groups);
+ break;
+ case SIDNFS_MODE:
+ smb_copy_sid(ssid, &sid_unix_NFS_mode);
+ break;
+ default:
+ return;
+ }
+
+ /* RID */
+ ssid->sub_auth[ssid->num_subauth] = cpu_to_le32(cid);
+ ssid->num_subauth++;
+}
+
+static int sid_to_id(struct smb_sid *psid, uint sidtype,
+ struct smb_fattr *fattr)
+{
+ int rc = -EINVAL;
+
+ /*
+ * If we have too many subauthorities, then something is really wrong.
+ * Just return an error.
+ */
+ if (unlikely(psid->num_subauth > SID_MAX_SUB_AUTHORITIES)) {
+ ksmbd_err("%s: %u subauthorities is too many!\n",
+ __func__, psid->num_subauth);
+ return -EIO;
+ }
+
+ if (sidtype == SIDOWNER) {
+ kuid_t uid;
+ uid_t id;
+
+ id = le32_to_cpu(psid->sub_auth[psid->num_subauth - 1]);
+ if (id > 0) {
+ uid = make_kuid(&init_user_ns, id);
+ if (uid_valid(uid) &&
+ kuid_has_mapping(&init_user_ns, uid)) {
+ fattr->cf_uid = uid;
+ rc = 0;
+ }
+ }
+ } else {
+ kgid_t gid;
+ gid_t id;
+
+ id = le32_to_cpu(psid->sub_auth[psid->num_subauth - 1]);
+ if (id > 0) {
+ gid = make_kgid(&init_user_ns, id);
+ if (gid_valid(gid) &&
+ kgid_has_mapping(&init_user_ns, gid)) {
+ fattr->cf_gid = gid;
+ rc = 0;
+ }
+ }
+ }
+
+ return rc;
+}
+
+void posix_state_to_acl(struct posix_acl_state *state,
+ struct posix_acl_entry *pace)
+{
+ int i;
+
+ pace->e_tag = ACL_USER_OBJ;
+ pace->e_perm = state->owner.allow;
+ for (i = 0; i < state->users->n; i++) {
+ pace++;
+ pace->e_tag = ACL_USER;
+ pace->e_uid = state->users->aces[i].uid;
+ pace->e_perm = state->users->aces[i].perms.allow;
+ }
+
+ pace++;
+ pace->e_tag = ACL_GROUP_OBJ;
+ pace->e_perm = state->group.allow;
+
+ for (i = 0; i < state->groups->n; i++) {
+ pace++;
+ pace->e_tag = ACL_GROUP;
+ pace->e_gid = state->groups->aces[i].gid;
+ pace->e_perm = state->groups->aces[i].perms.allow;
+ }
+
+ if (state->users->n || state->groups->n) {
+ pace++;
+ pace->e_tag = ACL_MASK;
+ pace->e_perm = state->mask.allow;
+ }
+
+ pace++;
+ pace->e_tag = ACL_OTHER;
+ pace->e_perm = state->other.allow;
+}
+
+int init_acl_state(struct posix_acl_state *state, int cnt)
+{
+ int alloc;
+
+ memset(state, 0, sizeof(struct posix_acl_state));
+ /*
+ * In the worst case, each individual acl could be for a distinct
+ * named user or group, but we don't know which, so we allocate
+ * enough space for either:
+ */
+ alloc = sizeof(struct posix_ace_state_array)
+ + cnt*sizeof(struct posix_user_ace_state);
+ state->users = kzalloc(alloc, GFP_KERNEL);
+ if (!state->users)
+ return -ENOMEM;
+ state->groups = kzalloc(alloc, GFP_KERNEL);
+ if (!state->groups) {
+ kfree(state->users);
+ return -ENOMEM;
+ }
+ return 0;
+}
+
+void free_acl_state(struct posix_acl_state *state)
+{
+ kfree(state->users);
+ kfree(state->groups);
+}
+
+static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
+ struct smb_sid *pownersid, struct smb_sid *pgrpsid,
+ struct smb_fattr *fattr)
+{
+ int i, ret;
+ int num_aces = 0;
+ int acl_size;
+ char *acl_base;
+ struct smb_ace **ppace;
+ struct posix_acl_entry *cf_pace, *cf_pdace;
+ struct posix_acl_state acl_state, default_acl_state;
+ umode_t mode = 0, acl_mode;
+ bool owner_found = false, group_found = false, others_found = false;
+
+ if (!pdacl)
+ return;
+
+ /* validate that we do not go past end of acl */
+ if (end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size)) {
+ ksmbd_err("ACL too small to parse DACL\n");
+ return;
+ }
+
+ ksmbd_debug(SMB, "DACL revision %d size %d num aces %d\n",
+ le16_to_cpu(pdacl->revision), le16_to_cpu(pdacl->size),
+ le32_to_cpu(pdacl->num_aces));
+
+ acl_base = (char *)pdacl;
+ acl_size = sizeof(struct smb_acl);
+
+ num_aces = le32_to_cpu(pdacl->num_aces);
+ if (num_aces <= 0)
+ return;
+
+ if (num_aces > ULONG_MAX / sizeof(struct smb_ace *))
+ return;
+
+ ppace = kmalloc_array(num_aces, sizeof(struct smb_ace *),
+ GFP_KERNEL);
+ if (!ppace)
+ return;
+
+ ret = init_acl_state(&acl_state, num_aces);
+ if (ret)
+ return;
+ ret = init_acl_state(&default_acl_state, num_aces);
+ if (ret) {
+ free_acl_state(&acl_state);
+ return;
+ }
+
+ /*
+ * reset rwx permissions for user/group/other.
+ * Also, if num_aces is 0 i.e. DACL has no ACEs,
+ * user/group/other have no permissions
+ */
+ for (i = 0; i < num_aces; ++i) {
+ ppace[i] = (struct smb_ace *) (acl_base + acl_size);
+ acl_base = (char *)ppace[i];
+ acl_size = le16_to_cpu(ppace[i]->size);
+ ppace[i]->access_req =
+ smb_map_generic_desired_access(ppace[i]->access_req);
+
+ if (!(compare_sids(&(ppace[i]->sid), &sid_unix_NFS_mode))) {
+ fattr->cf_mode =
+ le32_to_cpu(ppace[i]->sid.sub_auth[2]);
+ break;
+ } else if (!compare_sids(&(ppace[i]->sid), pownersid)) {
+ acl_mode = access_flags_to_mode(fattr,
+ ppace[i]->access_req, ppace[i]->type);
+ acl_mode &= 0700;
+
+ if (!owner_found) {
+ mode &= ~(0700);
+ mode |= acl_mode;
+ }
+ owner_found = true;
+ } else if (!compare_sids(&(ppace[i]->sid), pgrpsid) ||
+ ppace[i]->sid.sub_auth[ppace[i]->sid.num_subauth - 1] ==
+ DOMAIN_USER_RID_LE) {
+ acl_mode = access_flags_to_mode(fattr,
+ ppace[i]->access_req, ppace[i]->type);
+ acl_mode &= 0070;
+ if (!group_found) {
+ mode &= ~(0070);
+ mode |= acl_mode;
+ }
+ group_found = true;
+ } else if (!compare_sids(&(ppace[i]->sid), &sid_everyone)) {
+ acl_mode = access_flags_to_mode(fattr,
+ ppace[i]->access_req, ppace[i]->type);
+ acl_mode &= 0007;
+ if (!others_found) {
+ mode &= ~(0007);
+ mode |= acl_mode;
+ }
+ others_found = true;
+ } else if (!compare_sids(&(ppace[i]->sid), &creator_owner))
+ continue;
+ else if (!compare_sids(&(ppace[i]->sid), &creator_group))
+ continue;
+ else if (!compare_sids(&(ppace[i]->sid), &sid_authusers))
+ continue;
+ else {
+ struct smb_fattr temp_fattr;
+
+ acl_mode = access_flags_to_mode(fattr, ppace[i]->access_req,
+ ppace[i]->type);
+ temp_fattr.cf_uid = INVALID_UID;
+ ret = sid_to_id(&ppace[i]->sid, SIDOWNER, &temp_fattr);
+ if (ret || uid_eq(temp_fattr.cf_uid, INVALID_UID)) {
+ ksmbd_err("%s: Error %d mapping Owner SID to uid\n",
+ __func__, ret);
+ continue;
+ }
+
+ acl_state.owner.allow = ((acl_mode & 0700) >> 6) | 0004;
+ acl_state.users->aces[acl_state.users->n].uid =
+ temp_fattr.cf_uid;
+ acl_state.users->aces[acl_state.users->n++].perms.allow =
+ ((acl_mode & 0700) >> 6) | 0004;
+ default_acl_state.owner.allow = ((acl_mode & 0700) >> 6) | 0004;
+ default_acl_state.users->aces[default_acl_state.users->n].uid =
+ temp_fattr.cf_uid;
+ default_acl_state.users->aces[default_acl_state.users->n++].perms.allow =
+ ((acl_mode & 0700) >> 6) | 0004;
+ }
+ }
+ kfree(ppace);
+
+ if (owner_found) {
+ /* The owner must be set to at least read-only. */
+ acl_state.owner.allow = ((mode & 0700) >> 6) | 0004;
+ acl_state.users->aces[acl_state.users->n].uid = fattr->cf_uid;
+ acl_state.users->aces[acl_state.users->n++].perms.allow =
+ ((mode & 0700) >> 6) | 0004;
+ default_acl_state.owner.allow = ((mode & 0700) >> 6) | 0004;
+ default_acl_state.users->aces[default_acl_state.users->n].uid =
+ fattr->cf_uid;
+ default_acl_state.users->aces[default_acl_state.users->n++].perms.allow =
+ ((mode & 0700) >> 6) | 0004;
+ }
+
+ if (group_found) {
+ acl_state.group.allow = (mode & 0070) >> 3;
+ acl_state.groups->aces[acl_state.groups->n].gid =
+ fattr->cf_gid;
+ acl_state.groups->aces[acl_state.groups->n++].perms.allow =
+ (mode & 0070) >> 3;
+ default_acl_state.group.allow = mode & 0070 >> 3;
+ default_acl_state.groups->aces[default_acl_state.groups->n].gid =
+ fattr->cf_gid;
+ default_acl_state.groups->aces[default_acl_state.groups->n++].perms.allow =
+ (mode & 0070) >> 3;
+ }
+
+ if (others_found) {
+ fattr->cf_mode &= ~(0007);
+ fattr->cf_mode |= mode & 0007;
+
+ acl_state.other.allow = mode & 0007;
+ default_acl_state.other.allow = mode & 0007;
+ }
+
+ if (acl_state.users->n || acl_state.groups->n) {
+ acl_state.mask.allow = 0x07;
+ fattr->cf_acls = ksmbd_vfs_posix_acl_alloc(acl_state.users->n +
+ acl_state.groups->n + 4, GFP_KERNEL);
+ if (fattr->cf_acls) {
+ cf_pace = fattr->cf_acls->a_entries;
+ posix_state_to_acl(&acl_state, cf_pace);
+ }
+ }
+
+ if (default_acl_state.users->n || default_acl_state.groups->n) {
+ default_acl_state.mask.allow = 0x07;
+ fattr->cf_dacls =
+ ksmbd_vfs_posix_acl_alloc(default_acl_state.users->n +
+ default_acl_state.groups->n + 4, GFP_KERNEL);
+ if (fattr->cf_dacls) {
+ cf_pdace = fattr->cf_dacls->a_entries;
+ posix_state_to_acl(&default_acl_state, cf_pdace);
+ }
+ }
+ free_acl_state(&acl_state);
+ free_acl_state(&default_acl_state);
+}
+
+static void set_posix_acl_entries_dacl(struct smb_ace *pndace,
+ struct smb_fattr *fattr, u32 *num_aces, u16 *size, u32 nt_aces_num)
+{
+ struct posix_acl_entry *pace;
+ struct smb_sid *sid;
+ struct smb_ace *ntace;
+ int i, j;
+
+ if (!fattr->cf_acls)
+ goto posix_default_acl;
+
+ pace = fattr->cf_acls->a_entries;
+ for (i = 0; i < fattr->cf_acls->a_count; i++, pace++) {
+ int flags = 0;
+
+ sid = kmalloc(sizeof(struct smb_sid), GFP_KERNEL);
+ if (!sid)
+ break;
+
+ if (pace->e_tag == ACL_USER) {
+ uid_t uid;
+ unsigned int sid_type = SIDOWNER;
+
+ uid = from_kuid(&init_user_ns, pace->e_uid);
+ if (!uid)
+ sid_type = SIDUNIX_USER;
+ id_to_sid(uid, sid_type, sid);
+ } else if (pace->e_tag == ACL_GROUP) {
+ gid_t gid;
+
+ gid = from_kgid(&init_user_ns, pace->e_gid);
+ id_to_sid(gid, SIDUNIX_GROUP, sid);
+ } else if (pace->e_tag == ACL_OTHER && !nt_aces_num) {
+ smb_copy_sid(sid, &sid_everyone);
+ } else {
+ kfree(sid);
+ continue;
+ }
+ ntace = pndace;
+ for (j = 0; j < nt_aces_num; j++) {
+ if (ntace->sid.sub_auth[ntace->sid.num_subauth - 1] ==
+ sid->sub_auth[sid->num_subauth - 1])
+ goto pass_same_sid;
+ ntace = (struct smb_ace *)((char *)ntace +
+ le16_to_cpu(ntace->size));
+ }
+
+ if (S_ISDIR(fattr->cf_mode) && pace->e_tag == ACL_OTHER)
+ flags = 0x03;
+
+ ntace = (struct smb_ace *) ((char *)pndace + *size);
+ *size += fill_ace_for_sid(ntace, sid, ACCESS_ALLOWED, flags,
+ pace->e_perm, 0777);
+ (*num_aces)++;
+ if (pace->e_tag == ACL_USER)
+ ntace->access_req |=
+ FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
+
+ if (S_ISDIR(fattr->cf_mode) &&
+ (pace->e_tag == ACL_USER || pace->e_tag == ACL_GROUP)) {
+ ntace = (struct smb_ace *) ((char *)pndace + *size);
+ *size += fill_ace_for_sid(ntace, sid, ACCESS_ALLOWED,
+ 0x03, pace->e_perm, 0777);
+ (*num_aces)++;
+ if (pace->e_tag == ACL_USER)
+ ntace->access_req |=
+ FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
+ }
+
+pass_same_sid:
+ kfree(sid);
+ }
+
+ if (nt_aces_num)
+ return;
+
+posix_default_acl:
+ if (!fattr->cf_dacls)
+ return;
+
+ pace = fattr->cf_dacls->a_entries;
+ for (i = 0; i < fattr->cf_dacls->a_count; i++, pace++) {
+ sid = kmalloc(sizeof(struct smb_sid), GFP_KERNEL);
+ if (!sid)
+ break;
+
+ if (pace->e_tag == ACL_USER) {
+ uid_t uid;
+
+ uid = from_kuid(&init_user_ns, pace->e_uid);
+ id_to_sid(uid, SIDCREATOR_OWNER, sid);
+ } else if (pace->e_tag == ACL_GROUP) {
+ gid_t gid;
+
+ gid = from_kgid(&init_user_ns, pace->e_gid);
+ id_to_sid(gid, SIDCREATOR_GROUP, sid);
+ } else {
+ kfree(sid);
+ continue;
+ }
+
+ ntace = (struct smb_ace *) ((char *)pndace + *size);
+ *size += fill_ace_for_sid(ntace, sid, ACCESS_ALLOWED, 0x0b,
+ pace->e_perm, 0777);
+ (*num_aces)++;
+ if (pace->e_tag == ACL_USER)
+ ntace->access_req |=
+ FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
+ kfree(sid);
+ }
+}
+
+static void set_ntacl_dacl(struct smb_acl *pndacl, struct smb_acl *nt_dacl,
+ const struct smb_sid *pownersid, const struct smb_sid *pgrpsid,
+ struct smb_fattr *fattr)
+{
+ struct smb_ace *ntace, *pndace;
+ int nt_num_aces = le32_to_cpu(nt_dacl->num_aces), num_aces = 0;
+ unsigned short size = 0;
+ int i;
+
+ pndace = (struct smb_ace *)((char *)pndacl + sizeof(struct smb_acl));
+ if (nt_num_aces) {
+ ntace = (struct smb_ace *)((char *)nt_dacl + sizeof(struct smb_acl));
+ for (i = 0; i < nt_num_aces; i++) {
+ memcpy((char *)pndace + size, ntace, le16_to_cpu(ntace->size));
+ size += le16_to_cpu(ntace->size);
+ ntace = (struct smb_ace *)((char *)ntace + le16_to_cpu(ntace->size));
+ num_aces++;
+ }
+ }
+
+ set_posix_acl_entries_dacl(pndace, fattr, &num_aces, &size, nt_num_aces);
+ pndacl->num_aces = cpu_to_le32(num_aces);
+ pndacl->size = cpu_to_le16(le16_to_cpu(pndacl->size) + size);
+}
+
+static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr)
+{
+ struct smb_ace *pace, *pndace;
+ u32 num_aces = 0;
+ u16 size = 0, ace_size = 0;
+ uid_t uid;
+ const struct smb_sid *sid;
+
+ pace = pndace = (struct smb_ace *)((char *)pndacl + sizeof(struct smb_acl));
+
+ if (fattr->cf_acls) {
+ set_posix_acl_entries_dacl(pndace, fattr, &num_aces, &size, num_aces);
+ goto out;
+ }
+
+ /* owner RID */
+ uid = from_kuid(&init_user_ns, fattr->cf_uid);
+ if (uid)
+ sid = &server_conf.domain_sid;
+ else
+ sid = &sid_unix_users;
+ ace_size = fill_ace_for_sid(pace, sid, ACCESS_ALLOWED, 0,
+ fattr->cf_mode, 0700);
+ pace->sid.sub_auth[pace->sid.num_subauth++] = cpu_to_le32(uid);
+ pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
+ pace->size = cpu_to_le16(ace_size + 4);
+ size += le16_to_cpu(pace->size);
+ pace = (struct smb_ace *)((char *)pndace + size);
+
+ /* Group RID */
+ ace_size = fill_ace_for_sid(pace, &sid_unix_groups,
+ ACCESS_ALLOWED, 0, fattr->cf_mode, 0070);
+ pace->sid.sub_auth[pace->sid.num_subauth++] =
+ cpu_to_le32(from_kgid(&init_user_ns, fattr->cf_gid));
+ pace->size = cpu_to_le16(ace_size + 4);
+ size += le16_to_cpu(pace->size);
+ pace = (struct smb_ace *)((char *)pndace + size);
+ num_aces = 3;
+
+ if (S_ISDIR(fattr->cf_mode)) {
+ pace = (struct smb_ace *)((char *)pndace + size);
+
+ /* creator owner */
+ size += fill_ace_for_sid(pace, &creator_owner, ACCESS_ALLOWED,
+ 0x0b, fattr->cf_mode, 0700);
+ pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
+ pace = (struct smb_ace *)((char *)pndace + size);
+
+ /* creator group */
+ size += fill_ace_for_sid(pace, &creator_group, ACCESS_ALLOWED,
+ 0x0b, fattr->cf_mode, 0070);
+ pace = (struct smb_ace *)((char *)pndace + size);
+ num_aces = 5;
+ }
+
+ /* other */
+ size += fill_ace_for_sid(pace, &sid_everyone, ACCESS_ALLOWED, 0,
+ fattr->cf_mode, 0007);
+
+out:
+ pndacl->num_aces = cpu_to_le32(num_aces);
+ pndacl->size = cpu_to_le16(le16_to_cpu(pndacl->size) + size);
+}
+
+static int parse_sid(struct smb_sid *psid, char *end_of_acl)
+{
+ /*
+ * validate that we do not go past end of ACL - sid must be at least 8
+ * bytes long (assuming no sub-auths - e.g. the null SID
+ */
+ if (end_of_acl < (char *)psid + 8) {
+ ksmbd_err("ACL too small to parse SID %p\n", psid);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
+/* Convert CIFS ACL to POSIX form */
+int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
+ struct smb_fattr *fattr)
+{
+ int rc = 0;
+ struct smb_sid *owner_sid_ptr, *group_sid_ptr;
+ struct smb_acl *dacl_ptr; /* no need for SACL ptr */
+ char *end_of_acl = ((char *)pntsd) + acl_len;
+ __u32 dacloffset;
+ int total_ace_size = 0, pntsd_type;
+
+ if (pntsd == NULL)
+ return -EIO;
+
+ owner_sid_ptr = (struct smb_sid *)((char *)pntsd +
+ le32_to_cpu(pntsd->osidoffset));
+ group_sid_ptr = (struct smb_sid *)((char *)pntsd +
+ le32_to_cpu(pntsd->gsidoffset));
+ dacloffset = le32_to_cpu(pntsd->dacloffset);
+ dacl_ptr = (struct smb_acl *)((char *)pntsd + dacloffset);
+ ksmbd_debug(SMB,
+ "revision %d type 0x%x ooffset 0x%x goffset 0x%x sacloffset 0x%x dacloffset 0x%x\n",
+ pntsd->revision, pntsd->type, le32_to_cpu(pntsd->osidoffset),
+ le32_to_cpu(pntsd->gsidoffset),
+ le32_to_cpu(pntsd->sacloffset), dacloffset);
+
+ if (dacloffset && dacl_ptr)
+ total_ace_size =
+ le16_to_cpu(dacl_ptr->size) - sizeof(struct smb_acl);
+
+ pntsd_type = le16_to_cpu(pntsd->type);
+
+ if (!(pntsd_type & DACL_PRESENT)) {
+ ksmbd_debug(SMB, "DACL_PRESENT in DACL type is not set\n");
+ return rc;
+ }
+
+ pntsd->type = cpu_to_le16(DACL_PRESENT);
+
+ if (pntsd->osidoffset) {
+ rc = parse_sid(owner_sid_ptr, end_of_acl);
+ if (rc) {
+ ksmbd_err("%s: Error %d parsing Owner SID\n", __func__, rc);
+ return rc;
+ }
+
+ rc = sid_to_id(owner_sid_ptr, SIDOWNER, fattr);
+ if (rc) {
+ ksmbd_err("%s: Error %d mapping Owner SID to uid\n",
+ __func__, rc);
+ owner_sid_ptr = NULL;
+ }
+ }
+
+ if (pntsd->gsidoffset) {
+ rc = parse_sid(group_sid_ptr, end_of_acl);
+ if (rc) {
+ ksmbd_err("%s: Error %d mapping Owner SID to gid\n",
+ __func__, rc);
+ return rc;
+ }
+ rc = sid_to_id(group_sid_ptr, SIDUNIX_GROUP, fattr);
+ if (rc) {
+ ksmbd_err("%s: Error %d mapping Group SID to gid\n",
+ __func__, rc);
+ group_sid_ptr = NULL;
+ }
+ }
+
+ if ((pntsd_type &
+ (DACL_AUTO_INHERITED | DACL_AUTO_INHERIT_REQ)) ==
+ (DACL_AUTO_INHERITED | DACL_AUTO_INHERIT_REQ))
+ pntsd->type |= cpu_to_le16(DACL_AUTO_INHERITED);
+ if (pntsd_type & DACL_PROTECTED)
+ pntsd->type |= cpu_to_le16(DACL_PROTECTED);
+
+ if (dacloffset) {
+ parse_dacl(dacl_ptr, end_of_acl, owner_sid_ptr, group_sid_ptr,
+ fattr);
+ }
+
+ return 0;
+}
+
+/* Convert permission bits from mode to equivalent CIFS ACL */
+int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *ppntsd,
+ int addition_info, __u32 *secdesclen, struct smb_fattr *fattr)
+{
+ int rc = 0;
+ __u32 offset;
+ struct smb_sid *owner_sid_ptr, *group_sid_ptr;
+ struct smb_sid *nowner_sid_ptr, *ngroup_sid_ptr;
+ struct smb_acl *dacl_ptr = NULL; /* no need for SACL ptr */
+ uid_t uid;
+ gid_t gid;
+ unsigned int sid_type = SIDOWNER;
+
+ nowner_sid_ptr = kmalloc(sizeof(struct smb_sid), GFP_KERNEL);
+ if (!nowner_sid_ptr)
+ return -ENOMEM;
+
+ uid = from_kuid(&init_user_ns, fattr->cf_uid);
+ if (!uid)
+ sid_type = SIDUNIX_USER;
+ id_to_sid(uid, sid_type, nowner_sid_ptr);
+
+ ngroup_sid_ptr = kmalloc(sizeof(struct smb_sid), GFP_KERNEL);
+ if (!ngroup_sid_ptr) {
+ kfree(nowner_sid_ptr);
+ return -ENOMEM;
+ }
+
+ gid = from_kgid(&init_user_ns, fattr->cf_gid);
+ id_to_sid(gid, SIDUNIX_GROUP, ngroup_sid_ptr);
+
+ offset = sizeof(struct smb_ntsd);
+ pntsd->sacloffset = 0;
+ pntsd->revision = cpu_to_le16(1);
+ pntsd->type = cpu_to_le16(SELF_RELATIVE);
+ if (ppntsd)
+ pntsd->type |= ppntsd->type;
+
+ if (addition_info & OWNER_SECINFO) {
+ pntsd->osidoffset = cpu_to_le32(offset);
+ owner_sid_ptr = (struct smb_sid *)((char *)pntsd + offset);
+ smb_copy_sid(owner_sid_ptr, nowner_sid_ptr);
+ offset += 1 + 1 + 6 + (nowner_sid_ptr->num_subauth * 4);
+ }
+
+ if (addition_info & GROUP_SECINFO) {
+ pntsd->gsidoffset = cpu_to_le32(offset);
+ group_sid_ptr = (struct smb_sid *)((char *)pntsd + offset);
+ smb_copy_sid(group_sid_ptr, ngroup_sid_ptr);
+ offset += 1 + 1 + 6 + (ngroup_sid_ptr->num_subauth * 4);
+ }
+
+ if (addition_info & DACL_SECINFO) {
+ pntsd->type |= cpu_to_le16(DACL_PRESENT);
+ dacl_ptr = (struct smb_acl *)((char *)pntsd + offset);
+ dacl_ptr->revision = cpu_to_le16(2);
+ dacl_ptr->size = cpu_to_le16(sizeof(struct smb_acl));
+ dacl_ptr->num_aces = 0;
+
+ if (!ppntsd)
+ set_mode_dacl(dacl_ptr, fattr);
+ else if (!ppntsd->dacloffset)
+ goto out;
+ else {
+ struct smb_acl *ppdacl_ptr;
+
+ ppdacl_ptr = (struct smb_acl *)((char *)ppntsd +
+ le32_to_cpu(ppntsd->dacloffset));
+ set_ntacl_dacl(dacl_ptr, ppdacl_ptr, nowner_sid_ptr,
+ ngroup_sid_ptr, fattr);
+ }
+ pntsd->dacloffset = cpu_to_le32(offset);
+ offset += le16_to_cpu(dacl_ptr->size);
+ }
+
+out:
+ kfree(nowner_sid_ptr);
+ kfree(ngroup_sid_ptr);
+ *secdesclen = offset;
+ return rc;
+}
+
+static void smb_set_ace(struct smb_ace *ace, const struct smb_sid *sid, u8 type,
+ u8 flags, __le32 access_req)
+{
+ ace->type = type;
+ ace->flags = flags;
+ ace->access_req = access_req;
+ smb_copy_sid(&ace->sid, sid);
+ ace->size = cpu_to_le16(1 + 1 + 2 + 4 + 1 + 1 + 6 + (sid->num_subauth * 4));
+}
+
+int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+ unsigned int uid, unsigned int gid)
+{
+ const struct smb_sid *psid, *creator = NULL;
+ struct smb_ace *parent_aces, *aces;
+ struct smb_acl *parent_pdacl;
+ struct smb_ntsd *parent_pntsd = NULL;
+ struct smb_sid owner_sid, group_sid;
+ struct dentry *parent = dentry->d_parent;
+ int inherited_flags = 0, flags = 0, i, ace_cnt = 0, nt_size = 0;
+ int rc = -ENOENT, num_aces, dacloffset, pntsd_type, acl_len;
+ char *aces_base;
+ bool is_dir = S_ISDIR(dentry->d_inode->i_mode);
+
+ acl_len = ksmbd_vfs_get_sd_xattr(conn, parent, &parent_pntsd);
+ if (acl_len <= 0)
+ return rc;
+ dacloffset = le32_to_cpu(parent_pntsd->dacloffset);
+ if (!dacloffset)
+ goto out;
+
+ parent_pdacl = (struct smb_acl *)((char *)parent_pntsd + dacloffset);
+ num_aces = le32_to_cpu(parent_pdacl->num_aces);
+ pntsd_type = le16_to_cpu(parent_pntsd->type);
+
+ aces_base = kmalloc(sizeof(struct smb_ace) * num_aces * 2, GFP_KERNEL);
+ if (!aces_base)
+ goto out;
+
+ aces = (struct smb_ace *)aces_base;
+ parent_aces = (struct smb_ace *)((char *)parent_pdacl +
+ sizeof(struct smb_acl));
+
+ if (pntsd_type & DACL_AUTO_INHERITED)
+ inherited_flags = INHERITED_ACE;
+
+ for (i = 0; i < num_aces; i++) {
+ flags = parent_aces->flags;
+ if (!smb_inherit_flags(flags, is_dir))
+ goto pass;
+ if (is_dir) {
+ flags &= ~(INHERIT_ONLY_ACE | INHERITED_ACE);
+ if (!(flags & CONTAINER_INHERIT_ACE))
+ flags |= INHERIT_ONLY_ACE;
+ if (flags & NO_PROPAGATE_INHERIT_ACE)
+ flags = 0;
+ } else
+ flags = 0;
+
+ if (!compare_sids(&creator_owner, &parent_aces->sid)) {
+ creator = &creator_owner;
+ id_to_sid(uid, SIDOWNER, &owner_sid);
+ psid = &owner_sid;
+ } else if (!compare_sids(&creator_group, &parent_aces->sid)) {
+ creator = &creator_group;
+ id_to_sid(gid, SIDUNIX_GROUP, &group_sid);
+ psid = &group_sid;
+ } else {
+ creator = NULL;
+ psid = &parent_aces->sid;
+ }
+
+ if (is_dir && creator && flags & CONTAINER_INHERIT_ACE) {
+ smb_set_ace(aces, psid, parent_aces->type, inherited_flags,
+ parent_aces->access_req);
+ nt_size += le16_to_cpu(aces->size);
+ ace_cnt++;
+ aces = (struct smb_ace *)((char *)aces + le16_to_cpu(aces->size));
+ flags |= INHERIT_ONLY_ACE;
+ psid = creator;
+ } else if (is_dir && !(parent_aces->flags & NO_PROPAGATE_INHERIT_ACE))
+ psid = &parent_aces->sid;
+
+ smb_set_ace(aces, psid, parent_aces->type, flags | inherited_flags,
+ parent_aces->access_req);
+ nt_size += le16_to_cpu(aces->size);
+ aces = (struct smb_ace *)((char *)aces + le16_to_cpu(aces->size));
+ ace_cnt++;
+pass:
+ parent_aces =
+ (struct smb_ace *)((char *)parent_aces + le16_to_cpu(parent_aces->size));
+ }
+
+ if (nt_size > 0) {
+ struct smb_ntsd *pntsd;
+ struct smb_acl *pdacl;
+ struct smb_sid *powner_sid = NULL, *pgroup_sid = NULL;
+ int powner_sid_size = 0, pgroup_sid_size = 0, pntsd_size;
+
+ if (parent_pntsd->osidoffset) {
+ powner_sid = (struct smb_sid *)((char *)parent_pntsd +
+ le32_to_cpu(parent_pntsd->osidoffset));
+ powner_sid_size = 1 + 1 + 6 + (powner_sid->num_subauth * 4);
+ }
+ if (parent_pntsd->gsidoffset) {
+ pgroup_sid = (struct smb_sid *)((char *)parent_pntsd +
+ le32_to_cpu(parent_pntsd->gsidoffset));
+ pgroup_sid_size = 1 + 1 + 6 + (pgroup_sid->num_subauth * 4);
+ }
+
+ pntsd = kzalloc(sizeof(struct smb_ntsd) + powner_sid_size +
+ pgroup_sid_size + sizeof(struct smb_acl) +
+ nt_size, GFP_KERNEL);
+ if (!pntsd) {
+ rc = -ENOMEM;
+ goto out;
+ }
+
+ pntsd->revision = cpu_to_le16(1);
+ pntsd->type = cpu_to_le16(SELF_RELATIVE | DACL_PRESENT);
+ if (le16_to_cpu(parent_pntsd->type) & DACL_AUTO_INHERITED)
+ pntsd->type |= cpu_to_le16(DACL_AUTO_INHERITED);
+ pntsd_size = sizeof(struct smb_ntsd);
+ pntsd->osidoffset = parent_pntsd->osidoffset;
+ pntsd->gsidoffset = parent_pntsd->gsidoffset;
+ pntsd->dacloffset = parent_pntsd->dacloffset;
+
+ if (pntsd->osidoffset) {
+ struct smb_sid *owner_sid = (struct smb_sid *)((char *)pntsd +
+ le32_to_cpu(pntsd->osidoffset));
+ memcpy(owner_sid, powner_sid, powner_sid_size);
+ pntsd_size += powner_sid_size;
+ }
+
+ if (pntsd->gsidoffset) {
+ struct smb_sid *group_sid = (struct smb_sid *)((char *)pntsd +
+ le32_to_cpu(pntsd->gsidoffset));
+ memcpy(group_sid, pgroup_sid, pgroup_sid_size);
+ pntsd_size += pgroup_sid_size;
+ }
+
+ if (pntsd->dacloffset) {
+ struct smb_ace *pace;
+
+ pdacl = (struct smb_acl *)((char *)pntsd + le32_to_cpu(pntsd->dacloffset));
+ pdacl->revision = cpu_to_le16(2);
+ pdacl->size = cpu_to_le16(sizeof(struct smb_acl) + nt_size);
+ pdacl->num_aces = cpu_to_le32(ace_cnt);
+ pace = (struct smb_ace *)((char *)pdacl + sizeof(struct smb_acl));
+ memcpy(pace, aces_base, nt_size);
+ pntsd_size += sizeof(struct smb_acl) + nt_size;
+ }
+
+ ksmbd_vfs_set_sd_xattr(conn, dentry, pntsd, pntsd_size);
+ kfree(pntsd);
+ rc = 0;
+ }
+
+ kfree(aces_base);
+out:
+ return rc;
+}
+
+bool smb_inherit_flags(int flags, bool is_dir)
+{
+ if (!is_dir)
+ return (flags & OBJECT_INHERIT_ACE) != 0;
+
+ if (flags & OBJECT_INHERIT_ACE && !(flags & NO_PROPAGATE_INHERIT_ACE))
+ return true;
+
+ if (flags & CONTAINER_INHERIT_ACE)
+ return true;
+ return false;
+}
+
+int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+ __le32 *pdaccess, int uid)
+{
+ struct smb_ntsd *pntsd = NULL;
+ struct smb_acl *pdacl;
+ struct posix_acl *posix_acls;
+ int rc = 0, acl_size;
+ struct smb_sid sid;
+ int granted = le32_to_cpu(*pdaccess & ~FILE_MAXIMAL_ACCESS_LE);
+ struct smb_ace *ace;
+ int i, found = 0;
+ unsigned int access_bits = 0;
+ struct smb_ace *others_ace = NULL;
+ struct posix_acl_entry *pa_entry;
+ unsigned int sid_type = SIDOWNER;
+
+ ksmbd_debug(SMB, "check permission using windows acl\n");
+ acl_size = ksmbd_vfs_get_sd_xattr(conn, dentry, &pntsd);
+ if (acl_size <= 0 || (pntsd && !pntsd->dacloffset))
+ return 0;
+
+ pdacl = (struct smb_acl *)((char *)pntsd + le32_to_cpu(pntsd->dacloffset));
+ if (!pdacl->num_aces) {
+ if (!(le16_to_cpu(pdacl->size) - sizeof(struct smb_acl)) &&
+ *pdaccess & ~(FILE_READ_CONTROL_LE | FILE_WRITE_DAC_LE)) {
+ rc = -EACCES;
+ goto err_out;
+ }
+ kfree(pntsd);
+ return 0;
+ }
+
+ if (*pdaccess & FILE_MAXIMAL_ACCESS_LE) {
+ granted = READ_CONTROL | WRITE_DAC | FILE_READ_ATTRIBUTES |
+ DELETE;
+
+ ace = (struct smb_ace *)((char *)pdacl + sizeof(struct smb_acl));
+ for (i = 0; i < le32_to_cpu(pdacl->num_aces); i++) {
+ granted |= le32_to_cpu(ace->access_req);
+ ace = (struct smb_ace *) ((char *)ace + le16_to_cpu(ace->size));
+ }
+
+ if (!pdacl->num_aces)
+ granted = GENERIC_ALL_FLAGS;
+ }
+
+ if (!uid)
+ sid_type = SIDUNIX_USER;
+ id_to_sid(uid, sid_type, &sid);
+
+ ace = (struct smb_ace *)((char *)pdacl + sizeof(struct smb_acl));
+ for (i = 0; i < le32_to_cpu(pdacl->num_aces); i++) {
+ if (!compare_sids(&sid, &ace->sid) ||
+ !compare_sids(&sid_unix_NFS_mode, &ace->sid)) {
+ found = 1;
+ break;
+ }
+ if (!compare_sids(&sid_everyone, &ace->sid))
+ others_ace = ace;
+
+ ace = (struct smb_ace *) ((char *)ace + le16_to_cpu(ace->size));
+ }
+
+ if (*pdaccess & FILE_MAXIMAL_ACCESS_LE && found) {
+ granted = READ_CONTROL | WRITE_DAC | FILE_READ_ATTRIBUTES |
+ DELETE;
+
+ granted |= le32_to_cpu(ace->access_req);
+
+ if (!pdacl->num_aces)
+ granted = GENERIC_ALL_FLAGS;
+ }
+
+ posix_acls = ksmbd_vfs_get_acl(dentry->d_inode, ACL_TYPE_ACCESS);
+ if (posix_acls && !found) {
+ unsigned int id = -1;
+
+ pa_entry = posix_acls->a_entries;
+ for (i = 0; i < posix_acls->a_count; i++, pa_entry++) {
+ if (pa_entry->e_tag == ACL_USER)
+ id = from_kuid(&init_user_ns, pa_entry->e_uid);
+ else if (pa_entry->e_tag == ACL_GROUP)
+ id = from_kgid(&init_user_ns, pa_entry->e_gid);
+ else
+ continue;
+
+ if (id == uid) {
+ mode_to_access_flags(pa_entry->e_perm, 0777, &access_bits);
+ if (!access_bits)
+ access_bits = SET_MINIMUM_RIGHTS;
+ goto check_access_bits;
+ }
+ }
+ }
+ if (posix_acls)
+ posix_acl_release(posix_acls);
+
+ if (!found) {
+ if (others_ace)
+ ace = others_ace;
+ else {
+ ksmbd_debug(SMB, "Can't find corresponding sid\n");
+ rc = -EACCES;
+ goto err_out;
+ }
+ }
+
+ switch (ace->type) {
+ case ACCESS_ALLOWED_ACE_TYPE:
+ access_bits = le32_to_cpu(ace->access_req);
+ break;
+ case ACCESS_DENIED_ACE_TYPE:
+ case ACCESS_DENIED_CALLBACK_ACE_TYPE:
+ access_bits = le32_to_cpu(~ace->access_req);
+ break;
+ }
+
+check_access_bits:
+ if (granted & ~(access_bits | FILE_READ_ATTRIBUTES |
+ READ_CONTROL | WRITE_DAC | DELETE)) {
+ ksmbd_debug(SMB, "Access denied with winACL, granted : %x, access_req : %x\n",
+ granted, le32_to_cpu(ace->access_req));
+ rc = -EACCES;
+ goto err_out;
+ }
+
+ *pdaccess = cpu_to_le32(granted);
+err_out:
+ kfree(pntsd);
+ return rc;
+}
+
+int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
+ struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
+ bool type_check)
+{
+ int rc;
+ struct smb_fattr fattr = {{0}};
+ struct inode *inode = dentry->d_inode;
+
+ fattr.cf_uid = INVALID_UID;
+ fattr.cf_gid = INVALID_GID;
+ fattr.cf_mode = inode->i_mode;
+
+ rc = parse_sec_desc(pntsd, ntsd_len, &fattr);
+ if (rc)
+ goto out;
+
+ inode->i_mode = (inode->i_mode & ~0777) | (fattr.cf_mode & 0777);
+ if (!uid_eq(fattr.cf_uid, INVALID_UID))
+ inode->i_uid = fattr.cf_uid;
+ if (!gid_eq(fattr.cf_gid, INVALID_GID))
+ inode->i_gid = fattr.cf_gid;
+ mark_inode_dirty(inode);
+
+ ksmbd_vfs_remove_acl_xattrs(dentry);
+ /* Update posix acls */
+ if (fattr.cf_dacls) {
+ rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS,
+ fattr.cf_acls);
+ if (S_ISDIR(inode->i_mode) && fattr.cf_dacls)
+ rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT,
+ fattr.cf_dacls);
+ }
+
+ /* Check it only calling from SD BUFFER context */
+ if (type_check && !(le16_to_cpu(pntsd->type) & DACL_PRESENT))
+ goto out;
+
+ if (test_share_config_flag(tcon->share_conf,
+ KSMBD_SHARE_FLAG_ACL_XATTR)) {
+ /* Update WinACL in xattr */
+ ksmbd_vfs_remove_sd_xattrs(dentry);
+ ksmbd_vfs_set_sd_xattr(conn, dentry, pntsd, ntsd_len);
+ }
+
+out:
+ posix_acl_release(fattr.cf_acls);
+ posix_acl_release(fattr.cf_dacls);
+ mark_inode_dirty(inode);
+ return rc;
+}
+
+void ksmbd_init_domain(u32 *sub_auth)
+{
+ int i;
+
+ memcpy(&server_conf.domain_sid, &domain, sizeof(struct smb_sid));
+ for (i = 0; i < 3; ++i)
+ server_conf.domain_sid.sub_auth[i + 1] = cpu_to_le32(sub_auth[i]);
+}
diff --git a/fs/cifsd/smbacl.h b/fs/cifsd/smbacl.h
new file mode 100644
index 000000000000..9b22bff4191f
--- /dev/null
+++ b/fs/cifsd/smbacl.h
@@ -0,0 +1,202 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+/*
+ * Copyright (c) International Business Machines Corp., 2007
+ * Author(s): Steve French (sfrench(a)us.ibm.com)
+ * Modified by Namjae Jeon (linkinjeon(a)kernel.org)
+ */
+
+#ifndef _SMBACL_H
+#define _SMBACL_H
+
+#include <linux/fs.h>
+#include <linux/namei.h>
+#include <linux/posix_acl.h>
+
+#include "mgmt/tree_connect.h"
+
+#define NUM_AUTHS (6) /* number of authority fields */
+#define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */
+
+#define ACCESS_ALLOWED 0
+#define ACCESS_DENIED 1
+
+#define SIDOWNER 1
+#define SIDGROUP 2
+#define SIDCREATOR_OWNER 3
+#define SIDCREATOR_GROUP 4
+#define SIDUNIX_USER 5
+#define SIDUNIX_GROUP 6
+#define SIDNFS_USER 7
+#define SIDNFS_GROUP 8
+#define SIDNFS_MODE 9
+
+/* Revision for ACLs */
+#define SD_REVISION 1
+
+/* Control flags for Security Descriptor */
+#define OWNER_DEFAULTED 0x0001
+#define GROUP_DEFAULTED 0x0002
+#define DACL_PRESENT 0x0004
+#define DACL_DEFAULTED 0x0008
+#define SACL_PRESENT 0x0010
+#define SACL_DEFAULTED 0x0020
+#define DACL_TRUSTED 0x0040
+#define SERVER_SECURITY 0x0080
+#define DACL_AUTO_INHERIT_REQ 0x0100
+#define SACL_AUTO_INHERIT_REQ 0x0200
+#define DACL_AUTO_INHERITED 0x0400
+#define SACL_AUTO_INHERITED 0x0800
+#define DACL_PROTECTED 0x1000
+#define SACL_PROTECTED 0x2000
+#define RM_CONTROL_VALID 0x4000
+#define SELF_RELATIVE 0x8000
+
+/* ACE types - see MS-DTYP 2.4.4.1 */
+#define ACCESS_ALLOWED_ACE_TYPE 0x00
+#define ACCESS_DENIED_ACE_TYPE 0x01
+#define SYSTEM_AUDIT_ACE_TYPE 0x02
+#define SYSTEM_ALARM_ACE_TYPE 0x03
+#define ACCESS_ALLOWED_COMPOUND_ACE_TYPE 0x04
+#define ACCESS_ALLOWED_OBJECT_ACE_TYPE 0x05
+#define ACCESS_DENIED_OBJECT_ACE_TYPE 0x06
+#define SYSTEM_AUDIT_OBJECT_ACE_TYPE 0x07
+#define SYSTEM_ALARM_OBJECT_ACE_TYPE 0x08
+#define ACCESS_ALLOWED_CALLBACK_ACE_TYPE 0x09
+#define ACCESS_DENIED_CALLBACK_ACE_TYPE 0x0A
+#define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE 0x0B
+#define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE 0x0C
+#define SYSTEM_AUDIT_CALLBACK_ACE_TYPE 0x0D
+#define SYSTEM_ALARM_CALLBACK_ACE_TYPE 0x0E /* Reserved */
+#define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE 0x0F
+#define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE 0x10 /* reserved */
+#define SYSTEM_MANDATORY_LABEL_ACE_TYPE 0x11
+#define SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE 0x12
+#define SYSTEM_SCOPED_POLICY_ID_ACE_TYPE 0x13
+
+/* ACE flags */
+#define OBJECT_INHERIT_ACE 0x01
+#define CONTAINER_INHERIT_ACE 0x02
+#define NO_PROPAGATE_INHERIT_ACE 0x04
+#define INHERIT_ONLY_ACE 0x08
+#define INHERITED_ACE 0x10
+#define SUCCESSFUL_ACCESS_ACE_FLAG 0x40
+#define FAILED_ACCESS_ACE_FLAG 0x80
+
+/*
+ * Maximum size of a string representation of a SID:
+ *
+ * The fields are unsigned values in decimal. So:
+ *
+ * u8: max 3 bytes in decimal
+ * u32: max 10 bytes in decimal
+ *
+ * "S-" + 3 bytes for version field + 15 for authority field + NULL terminator
+ *
+ * For authority field, max is when all 6 values are non-zero and it must be
+ * represented in hex. So "-0x" + 12 hex digits.
+ *
+ * Add 11 bytes for each subauthority field (10 bytes each + 1 for '-')
+ */
+#define SID_STRING_BASE_SIZE (2 + 3 + 15 + 1)
+#define SID_STRING_SUBAUTH_SIZE (11) /* size of a single subauth string */
+
+#define DOMAIN_USER_RID_LE cpu_to_le32(513)
+
+struct ksmbd_conn;
+
+struct smb_ntsd {
+ __le16 revision; /* revision level */
+ __le16 type;
+ __le32 osidoffset;
+ __le32 gsidoffset;
+ __le32 sacloffset;
+ __le32 dacloffset;
+} __packed;
+
+struct smb_sid {
+ __u8 revision; /* revision level */
+ __u8 num_subauth;
+ __u8 authority[NUM_AUTHS];
+ __le32 sub_auth[SID_MAX_SUB_AUTHORITIES]; /* sub_auth[num_subauth] */
+} __packed;
+
+/* size of a struct cifs_sid, sans sub_auth array */
+#define CIFS_SID_BASE_SIZE (1 + 1 + NUM_AUTHS)
+
+struct smb_acl {
+ __le16 revision; /* revision level */
+ __le16 size;
+ __le32 num_aces;
+} __packed;
+
+struct smb_ace {
+ __u8 type;
+ __u8 flags;
+ __le16 size;
+ __le32 access_req;
+ struct smb_sid sid; /* ie UUID of user or group who gets these perms */
+} __packed;
+
+struct smb_fattr {
+ kuid_t cf_uid;
+ kgid_t cf_gid;
+ umode_t cf_mode;
+ __le32 daccess;
+ struct posix_acl *cf_acls;
+ struct posix_acl *cf_dacls;
+};
+
+struct posix_ace_state {
+ u32 allow;
+ u32 deny;
+};
+
+struct posix_user_ace_state {
+ union {
+ kuid_t uid;
+ kgid_t gid;
+ };
+ struct posix_ace_state perms;
+};
+
+struct posix_ace_state_array {
+ int n;
+ struct posix_user_ace_state aces[];
+};
+
+/*
+ * while processing the nfsv4 ace, this maintains the partial permissions
+ * calculated so far:
+ */
+
+struct posix_acl_state {
+ struct posix_ace_state owner;
+ struct posix_ace_state group;
+ struct posix_ace_state other;
+ struct posix_ace_state everyone;
+ struct posix_ace_state mask; /* deny unused in this case */
+ struct posix_ace_state_array *users;
+ struct posix_ace_state_array *groups;
+};
+
+int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
+ struct smb_fattr *fattr);
+int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *ppntsd,
+ int addition_info, __u32 *secdesclen, struct smb_fattr *fattr);
+int init_acl_state(struct posix_acl_state *state, int cnt);
+void free_acl_state(struct posix_acl_state *state);
+void posix_state_to_acl(struct posix_acl_state *state,
+ struct posix_acl_entry *pace);
+int compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid);
+bool smb_inherit_flags(int flags, bool is_dir);
+int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+ unsigned int uid, unsigned int gid);
+int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+ __le32 *pdaccess, int uid);
+int store_init_posix_acl(struct inode *inode, umode_t perm);
+int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
+ struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
+ bool type_check);
+void id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid);
+void ksmbd_init_domain(u32 *sub_auth);
+#endif /* _SMBACL_H */
diff --git a/fs/cifsd/smberr.h b/fs/cifsd/smberr.h
new file mode 100644
index 000000000000..ce842303ae1f
--- /dev/null
+++ b/fs/cifsd/smberr.h
@@ -0,0 +1,235 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+/*
+ * Copyright (c) International Business Machines Corp., 2002,2004
+ * Author(s): Steve French (sfrench(a)us.ibm.com)
+ *
+ * See Error Codes section of the SNIA CIFS Specification
+ * for more information
+ */
+#ifndef __KSMBD_SMBERR_H
+#define __KSMBD_SMBERR_H
+
+#define SUCCESS 0x00 /* The request was successful. */
+#define ERRDOS 0x01 /* Error is from the core DOS operating system set */
+#define ERRSRV 0x02 /* Error is generated by the file server daemon */
+#define ERRHRD 0x03 /* Error is a hardware error. */
+#define ERRCMD 0xFF /* Command was not in the "SMB" format. */
+
+/* The following error codes may be generated with the SUCCESS error class.*/
+
+/*#define SUCCESS 0 The request was successful. */
+
+/* The following error codes may be generated with the ERRDOS error class.*/
+
+#define ERRbadfunc 1 /*
+ * Invalid function. The server did not
+ * recognize or could not perform a
+ * system call generated by the server,
+ * e.g., set the DIRECTORY attribute on
+ * a data file, invalid seek mode.
+ */
+#define ERRbadfile 2 /*
+ * File not found. The last component
+ * of a file's pathname could not be
+ * found.
+ */
+#define ERRbadpath 3 /*
+ * Directory invalid. A directory
+ * component in a pathname could not be
+ * found.
+ */
+#define ERRnofids 4 /*
+ * Too many open files. The server has
+ * no file handles available.
+ */
+#define ERRnoaccess 5 /*
+ * Access denied, the client's context
+ * does not permit the requested
+ * function. This includes the
+ * following conditions: invalid rename
+ * command, write to Fid open for read
+ * only, read on Fid open for write
+ * only, attempt to delete a non-empty
+ * directory
+ */
+#define ERRbadfid 6 /*
+ * Invalid file handle. The file handle
+ * specified was not recognized by the
+ * server.
+ */
+#define ERRbadmcb 7 /* Memory control blocks destroyed. */
+#define ERRnomem 8 /*
+ * Insufficient server memory to
+ * perform the requested function.
+ */
+#define ERRbadmem 9 /* Invalid memory block address. */
+#define ERRbadenv 10 /* Invalid environment. */
+#define ERRbadformat 11 /* Invalid format. */
+#define ERRbadaccess 12 /* Invalid open mode. */
+#define ERRbaddata 13 /*
+ * Invalid data (generated only by
+ * IOCTL calls within the server).
+ */
+#define ERRbaddrive 15 /* Invalid drive specified. */
+#define ERRremcd 16 /*
+ * A Delete Directory request attempted
+ * to remove the server's current
+ * directory.
+ */
+#define ERRdiffdevice 17 /*
+ * Not same device (e.g., a cross
+ * volume rename was attempted
+ */
+#define ERRnofiles 18 /*
+ * A File Search command can find no
+ * more files matching the specified
+ * criteria.
+ */
+#define ERRwriteprot 19 /* media is write protected */
+#define ERRgeneral 31
+#define ERRbadshare 32 /*
+ * The sharing mode specified for an
+ * Open conflicts with existing FIDs on
+ * the file.
+ */
+#define ERRlock 33 /*
+ * A Lock request conflicted with an
+ * existing lock or specified an
+ * invalid mode, or an Unlock requested
+ * attempted to remove a lock held by
+ * another process.
+ */
+#define ERRunsup 50
+#define ERRnosuchshare 67
+#define ERRfilexists 80 /*
+ * The file named in the request
+ * already exists.
+ */
+#define ERRinvparm 87
+#define ERRdiskfull 112
+#define ERRinvname 123
+#define ERRinvlevel 124
+#define ERRdirnotempty 145
+#define ERRnotlocked 158
+#define ERRcancelviolation 173
+#define ERRnoatomiclocks 174
+#define ERRalreadyexists 183
+#define ERRbadpipe 230
+#define ERRpipebusy 231
+#define ERRpipeclosing 232
+#define ERRnotconnected 233
+#define ERRmoredata 234
+#define ERReasnotsupported 282
+#define ErrQuota 0x200 /*
+ * The operation would cause a quota
+ * limit to be exceeded.
+ */
+#define ErrNotALink 0x201 /*
+ * A link operation was performed on a
+ * pathname that was not a link.
+ */
+
+/*
+ * Below errors are used internally (do not come over the wire) for passthrough
+ * from STATUS codes to POSIX only
+ */
+#define ERRsymlink 0xFFFD
+#define ErrTooManyLinks 0xFFFE
+
+/* Following error codes may be generated with the ERRSRV error class.*/
+
+#define ERRerror 1 /*
+ * Non-specific error code. It is
+ * returned under the following
+ * conditions: resource other than disk
+ * space exhausted (e.g. TIDs), first
+ * SMB command was not negotiate,
+ * multiple negotiates attempted, and
+ * internal server error.
+ */
+#define ERRbadpw 2 /*
+ * Bad password - name/password pair in
+ * a TreeConnect or Session Setup are
+ * invalid.
+ */
+#define ERRbadtype 3 /*
+ * used for indicating DFS referral
+ * needed
+ */
+#define ERRaccess 4 /*
+ * The client does not have the
+ * necessary access rights within the
+ * specified context for requested
+ * function.
+ */
+#define ERRinvtid 5 /*
+ * The Tid specified in a command was
+ * invalid.
+ */
+#define ERRinvnetname 6 /*
+ * Invalid network name in tree
+ * connect.
+ */
+#define ERRinvdevice 7 /*
+ * Invalid device - printer request
+ * made to non-printer connection or
+ * non-printer request made to printer
+ * connection.
+ */
+#define ERRqfull 49 /*
+ * Print queue full (files) -- returned
+ * by open print file.
+ */
+#define ERRqtoobig 50 /* Print queue full -- no space. */
+#define ERRqeof 51 /* EOF on print queue dump */
+#define ERRinvpfid 52 /* Invalid print file FID. */
+#define ERRsmbcmd 64 /*
+ * The server did not recognize the
+ * command received.
+ */
+#define ERRsrverror 65 /*
+ * The server encountered an internal
+ * error, e.g., system file
+ * unavailable.
+ */
+#define ERRbadBID 66 /* (obsolete) */
+#define ERRfilespecs 67 /*
+ * The Fid and pathname parameters
+ * contained an invalid combination of
+ * values.
+ */
+#define ERRbadLink 68 /* (obsolete) */
+#define ERRbadpermits 69 /*
+ * The access permissions specified for
+ * a file or directory are not a valid
+ * combination.
+ */
+#define ERRbadPID 70
+#define ERRsetattrmode 71 /* attribute (mode) is invalid */
+#define ERRpaused 81 /* Server is paused */
+#define ERRmsgoff 82 /* reserved - messaging off */
+#define ERRnoroom 83 /* reserved - no room for message */
+#define ERRrmuns 87 /* reserved - too many remote names */
+#define ERRtimeout 88 /* operation timed out */
+#define ERRnoresource 89 /* No resources available for request */
+#define ERRtoomanyuids 90 /*
+ * Too many UIDs active on this session
+ */
+#define ERRbaduid 91 /*
+ * The UID is not known as a valid user
+ */
+#define ERRusempx 250 /* temporarily unable to use raw */
+#define ERRusestd 251 /*
+ * temporarily unable to use either raw
+ * or mpx
+ */
+#define ERR_NOTIFY_ENUM_DIR 1024
+#define ERRnoSuchUser 2238 /* user account does not exist */
+#define ERRaccountexpired 2239
+#define ERRbadclient 2240 /* can not logon from this client */
+#define ERRbadLogonTime 2241 /* logon hours do not allow this */
+#define ERRpasswordExpired 2242
+#define ERRnetlogonNotStarted 2455
+#define ERRnosupport 0xFFFF
+
+#endif /* __KSMBD_SMBERR_H */
diff --git a/fs/cifsd/smbfsctl.h b/fs/cifsd/smbfsctl.h
new file mode 100644
index 000000000000..908c4e68a479
--- /dev/null
+++ b/fs/cifsd/smbfsctl.h
@@ -0,0 +1,90 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+/*
+ * fs/cifs/smbfsctl.h: SMB, CIFS, SMB2 FSCTL definitions
+ *
+ * Copyright (c) International Business Machines Corp., 2002,2009
+ * Author(s): Steve French (sfrench(a)us.ibm.com)
+ */
+
+/* IOCTL information */
+/*
+ * List of ioctl/fsctl function codes that are or could be useful in the
+ * future to remote clients like cifs or SMB2 client. There is probably
+ * a slightly larger set of fsctls that NTFS local filesystem could handle,
+ * including the seven below that we do not have struct definitions for.
+ * Even with protocol definitions for most of these now available, we still
+ * need to do some experimentation to identify which are practical to do
+ * remotely. Some of the following, such as the encryption/compression ones
+ * could be invoked from tools via a specialized hook into the VFS rather
+ * than via the standard vfs entry points
+ */
+
+#ifndef __KSMBD_SMBFSCTL_H
+#define __KSMBD_SMBFSCTL_H
+
+#define FSCTL_DFS_GET_REFERRALS 0x00060194
+#define FSCTL_DFS_GET_REFERRALS_EX 0x000601B0
+#define FSCTL_REQUEST_OPLOCK_LEVEL_1 0x00090000
+#define FSCTL_REQUEST_OPLOCK_LEVEL_2 0x00090004
+#define FSCTL_REQUEST_BATCH_OPLOCK 0x00090008
+#define FSCTL_LOCK_VOLUME 0x00090018
+#define FSCTL_UNLOCK_VOLUME 0x0009001C
+#define FSCTL_IS_PATHNAME_VALID 0x0009002C /* BB add struct */
+#define FSCTL_GET_COMPRESSION 0x0009003C /* BB add struct */
+#define FSCTL_SET_COMPRESSION 0x0009C040 /* BB add struct */
+#define FSCTL_QUERY_FAT_BPB 0x00090058 /* BB add struct */
+/* Verify the next FSCTL number, we had it as 0x00090090 before */
+#define FSCTL_FILESYSTEM_GET_STATS 0x00090060 /* BB add struct */
+#define FSCTL_GET_NTFS_VOLUME_DATA 0x00090064 /* BB add struct */
+#define FSCTL_GET_RETRIEVAL_POINTERS 0x00090073 /* BB add struct */
+#define FSCTL_IS_VOLUME_DIRTY 0x00090078 /* BB add struct */
+#define FSCTL_ALLOW_EXTENDED_DASD_IO 0x00090083 /* BB add struct */
+#define FSCTL_REQUEST_FILTER_OPLOCK 0x0009008C
+#define FSCTL_FIND_FILES_BY_SID 0x0009008F /* BB add struct */
+#define FSCTL_SET_OBJECT_ID 0x00090098 /* BB add struct */
+#define FSCTL_GET_OBJECT_ID 0x0009009C /* BB add struct */
+#define FSCTL_DELETE_OBJECT_ID 0x000900A0 /* BB add struct */
+#define FSCTL_SET_REPARSE_POINT 0x000900A4 /* BB add struct */
+#define FSCTL_GET_REPARSE_POINT 0x000900A8 /* BB add struct */
+#define FSCTL_DELETE_REPARSE_POINT 0x000900AC /* BB add struct */
+#define FSCTL_SET_OBJECT_ID_EXTENDED 0x000900BC /* BB add struct */
+#define FSCTL_CREATE_OR_GET_OBJECT_ID 0x000900C0 /* BB add struct */
+#define FSCTL_SET_SPARSE 0x000900C4 /* BB add struct */
+#define FSCTL_SET_ZERO_DATA 0x000980C8 /* BB add struct */
+#define FSCTL_SET_ENCRYPTION 0x000900D7 /* BB add struct */
+#define FSCTL_ENCRYPTION_FSCTL_IO 0x000900DB /* BB add struct */
+#define FSCTL_WRITE_RAW_ENCRYPTED 0x000900DF /* BB add struct */
+#define FSCTL_READ_RAW_ENCRYPTED 0x000900E3 /* BB add struct */
+#define FSCTL_READ_FILE_USN_DATA 0x000900EB /* BB add struct */
+#define FSCTL_WRITE_USN_CLOSE_RECORD 0x000900EF /* BB add struct */
+#define FSCTL_SIS_COPYFILE 0x00090100 /* BB add struct */
+#define FSCTL_RECALL_FILE 0x00090117 /* BB add struct */
+#define FSCTL_QUERY_SPARING_INFO 0x00090138 /* BB add struct */
+#define FSCTL_SET_ZERO_ON_DEALLOC 0x00090194 /* BB add struct */
+#define FSCTL_SET_SHORT_NAME_BEHAVIOR 0x000901B4 /* BB add struct */
+#define FSCTL_QUERY_ALLOCATED_RANGES 0x000940CF /* BB add struct */
+#define FSCTL_SET_DEFECT_MANAGEMENT 0x00098134 /* BB add struct */
+#define FSCTL_SIS_LINK_FILES 0x0009C104
+#define FSCTL_PIPE_PEEK 0x0011400C /* BB add struct */
+#define FSCTL_PIPE_TRANSCEIVE 0x0011C017 /* BB add struct */
+/* strange that the number for this op is not sequential with previous op */
+#define FSCTL_PIPE_WAIT 0x00110018 /* BB add struct */
+#define FSCTL_REQUEST_RESUME_KEY 0x00140078
+#define FSCTL_LMR_GET_LINK_TRACK_INF 0x001400E8 /* BB add struct */
+#define FSCTL_LMR_SET_LINK_TRACK_INF 0x001400EC /* BB add struct */
+#define FSCTL_VALIDATE_NEGOTIATE_INFO 0x00140204
+#define FSCTL_QUERY_NETWORK_INTERFACE_INFO 0x001401FC
+#define FSCTL_COPYCHUNK 0x001440F2
+#define FSCTL_COPYCHUNK_WRITE 0x001480F2
+
+#define IO_REPARSE_TAG_MOUNT_POINT 0xA0000003
+#define IO_REPARSE_TAG_HSM 0xC0000004
+#define IO_REPARSE_TAG_SIS 0x80000007
+
+/* WSL reparse tags */
+#define IO_REPARSE_TAG_LX_SYMLINK_LE cpu_to_le32(0xA000001D)
+#define IO_REPARSE_TAG_AF_UNIX_LE cpu_to_le32(0x80000023)
+#define IO_REPARSE_TAG_LX_FIFO_LE cpu_to_le32(0x80000024)
+#define IO_REPARSE_TAG_LX_CHR_LE cpu_to_le32(0x80000025)
+#define IO_REPARSE_TAG_LX_BLK_LE cpu_to_le32(0x80000026)
+#endif /* __KSMBD_SMBFSCTL_H */
diff --git a/fs/cifsd/smbstatus.h b/fs/cifsd/smbstatus.h
new file mode 100644
index 000000000000..108a8b6ed24a
--- /dev/null
+++ b/fs/cifsd/smbstatus.h
@@ -0,0 +1,1822 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+/*
+ * fs/cifs/smb2status.h
+ *
+ * SMB2 Status code (network error) definitions
+ * Definitions are from MS-ERREF
+ *
+ * Copyright (c) International Business Machines Corp., 2009,2011
+ * Author(s): Steve French (sfrench(a)us.ibm.com)
+ */
+
+/*
+ * 0 1 2 3 4 5 6 7 8 9 0 A B C D E F 0 1 2 3 4 5 6 7 8 9 A B C D E F
+ * SEV C N <-------Facility--------> <------Error Status Code------>
+ *
+ * C is set if "customer defined" error, N bit is reserved and MBZ
+ */
+
+#define STATUS_SEVERITY_SUCCESS cpu_to_le32(0x0000)
+#define STATUS_SEVERITY_INFORMATIONAL cpu_to_le32(0x0001)
+#define STATUS_SEVERITY_WARNING cpu_to_le32(0x0002)
+#define STATUS_SEVERITY_ERROR cpu_to_le32(0x0003)
+
+struct ntstatus {
+ /* Facility is the high 12 bits of the following field */
+ __le32 Facility; /* low 2 bits Severity, next is Customer, then rsrvd */
+ __le32 Code;
+};
+
+#define STATUS_SUCCESS 0x00000000
+#define STATUS_WAIT_0 cpu_to_le32(0x00000000)
+#define STATUS_WAIT_1 cpu_to_le32(0x00000001)
+#define STATUS_WAIT_2 cpu_to_le32(0x00000002)
+#define STATUS_WAIT_3 cpu_to_le32(0x00000003)
+#define STATUS_WAIT_63 cpu_to_le32(0x0000003F)
+#define STATUS_ABANDONED cpu_to_le32(0x00000080)
+#define STATUS_ABANDONED_WAIT_0 cpu_to_le32(0x00000080)
+#define STATUS_ABANDONED_WAIT_63 cpu_to_le32(0x000000BF)
+#define STATUS_USER_APC cpu_to_le32(0x000000C0)
+#define STATUS_KERNEL_APC cpu_to_le32(0x00000100)
+#define STATUS_ALERTED cpu_to_le32(0x00000101)
+#define STATUS_TIMEOUT cpu_to_le32(0x00000102)
+#define STATUS_PENDING cpu_to_le32(0x00000103)
+#define STATUS_REPARSE cpu_to_le32(0x00000104)
+#define STATUS_MORE_ENTRIES cpu_to_le32(0x00000105)
+#define STATUS_NOT_ALL_ASSIGNED cpu_to_le32(0x00000106)
+#define STATUS_SOME_NOT_MAPPED cpu_to_le32(0x00000107)
+#define STATUS_OPLOCK_BREAK_IN_PROGRESS cpu_to_le32(0x00000108)
+#define STATUS_VOLUME_MOUNTED cpu_to_le32(0x00000109)
+#define STATUS_RXACT_COMMITTED cpu_to_le32(0x0000010A)
+#define STATUS_NOTIFY_CLEANUP cpu_to_le32(0x0000010B)
+#define STATUS_NOTIFY_ENUM_DIR cpu_to_le32(0x0000010C)
+#define STATUS_NO_QUOTAS_FOR_ACCOUNT cpu_to_le32(0x0000010D)
+#define STATUS_PRIMARY_TRANSPORT_CONNECT_FAILED cpu_to_le32(0x0000010E)
+#define STATUS_PAGE_FAULT_TRANSITION cpu_to_le32(0x00000110)
+#define STATUS_PAGE_FAULT_DEMAND_ZERO cpu_to_le32(0x00000111)
+#define STATUS_PAGE_FAULT_COPY_ON_WRITE cpu_to_le32(0x00000112)
+#define STATUS_PAGE_FAULT_GUARD_PAGE cpu_to_le32(0x00000113)
+#define STATUS_PAGE_FAULT_PAGING_FILE cpu_to_le32(0x00000114)
+#define STATUS_CACHE_PAGE_LOCKED cpu_to_le32(0x00000115)
+#define STATUS_CRASH_DUMP cpu_to_le32(0x00000116)
+#define STATUS_BUFFER_ALL_ZEROS cpu_to_le32(0x00000117)
+#define STATUS_REPARSE_OBJECT cpu_to_le32(0x00000118)
+#define STATUS_RESOURCE_REQUIREMENTS_CHANGED cpu_to_le32(0x00000119)
+#define STATUS_TRANSLATION_COMPLETE cpu_to_le32(0x00000120)
+#define STATUS_DS_MEMBERSHIP_EVALUATED_LOCALLY cpu_to_le32(0x00000121)
+#define STATUS_NOTHING_TO_TERMINATE cpu_to_le32(0x00000122)
+#define STATUS_PROCESS_NOT_IN_JOB cpu_to_le32(0x00000123)
+#define STATUS_PROCESS_IN_JOB cpu_to_le32(0x00000124)
+#define STATUS_VOLSNAP_HIBERNATE_READY cpu_to_le32(0x00000125)
+#define STATUS_FSFILTER_OP_COMPLETED_SUCCESSFULLY cpu_to_le32(0x00000126)
+#define STATUS_INTERRUPT_VECTOR_ALREADY_CONNECTED cpu_to_le32(0x00000127)
+#define STATUS_INTERRUPT_STILL_CONNECTED cpu_to_le32(0x00000128)
+#define STATUS_PROCESS_CLONED cpu_to_le32(0x00000129)
+#define STATUS_FILE_LOCKED_WITH_ONLY_READERS cpu_to_le32(0x0000012A)
+#define STATUS_FILE_LOCKED_WITH_WRITERS cpu_to_le32(0x0000012B)
+#define STATUS_RESOURCEMANAGER_READ_ONLY cpu_to_le32(0x00000202)
+#define STATUS_WAIT_FOR_OPLOCK cpu_to_le32(0x00000367)
+#define DBG_EXCEPTION_HANDLED cpu_to_le32(0x00010001)
+#define DBG_CONTINUE cpu_to_le32(0x00010002)
+#define STATUS_FLT_IO_COMPLETE cpu_to_le32(0x001C0001)
+#define STATUS_OBJECT_NAME_EXISTS cpu_to_le32(0x40000000)
+#define STATUS_THREAD_WAS_SUSPENDED cpu_to_le32(0x40000001)
+#define STATUS_WORKING_SET_LIMIT_RANGE cpu_to_le32(0x40000002)
+#define STATUS_IMAGE_NOT_AT_BASE cpu_to_le32(0x40000003)
+#define STATUS_RXACT_STATE_CREATED cpu_to_le32(0x40000004)
+#define STATUS_SEGMENT_NOTIFICATION cpu_to_le32(0x40000005)
+#define STATUS_LOCAL_USER_SESSION_KEY cpu_to_le32(0x40000006)
+#define STATUS_BAD_CURRENT_DIRECTORY cpu_to_le32(0x40000007)
+#define STATUS_SERIAL_MORE_WRITES cpu_to_le32(0x40000008)
+#define STATUS_REGISTRY_RECOVERED cpu_to_le32(0x40000009)
+#define STATUS_FT_READ_RECOVERY_FROM_BACKUP cpu_to_le32(0x4000000A)
+#define STATUS_FT_WRITE_RECOVERY cpu_to_le32(0x4000000B)
+#define STATUS_SERIAL_COUNTER_TIMEOUT cpu_to_le32(0x4000000C)
+#define STATUS_NULL_LM_PASSWORD cpu_to_le32(0x4000000D)
+#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH cpu_to_le32(0x4000000E)
+#define STATUS_RECEIVE_PARTIAL cpu_to_le32(0x4000000F)
+#define STATUS_RECEIVE_EXPEDITED cpu_to_le32(0x40000010)
+#define STATUS_RECEIVE_PARTIAL_EXPEDITED cpu_to_le32(0x40000011)
+#define STATUS_EVENT_DONE cpu_to_le32(0x40000012)
+#define STATUS_EVENT_PENDING cpu_to_le32(0x40000013)
+#define STATUS_CHECKING_FILE_SYSTEM cpu_to_le32(0x40000014)
+#define STATUS_FATAL_APP_EXIT cpu_to_le32(0x40000015)
+#define STATUS_PREDEFINED_HANDLE cpu_to_le32(0x40000016)
+#define STATUS_WAS_UNLOCKED cpu_to_le32(0x40000017)
+#define STATUS_SERVICE_NOTIFICATION cpu_to_le32(0x40000018)
+#define STATUS_WAS_LOCKED cpu_to_le32(0x40000019)
+#define STATUS_LOG_HARD_ERROR cpu_to_le32(0x4000001A)
+#define STATUS_ALREADY_WIN32 cpu_to_le32(0x4000001B)
+#define STATUS_WX86_UNSIMULATE cpu_to_le32(0x4000001C)
+#define STATUS_WX86_CONTINUE cpu_to_le32(0x4000001D)
+#define STATUS_WX86_SINGLE_STEP cpu_to_le32(0x4000001E)
+#define STATUS_WX86_BREAKPOINT cpu_to_le32(0x4000001F)
+#define STATUS_WX86_EXCEPTION_CONTINUE cpu_to_le32(0x40000020)
+#define STATUS_WX86_EXCEPTION_LASTCHANCE cpu_to_le32(0x40000021)
+#define STATUS_WX86_EXCEPTION_CHAIN cpu_to_le32(0x40000022)
+#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE cpu_to_le32(0x40000023)
+#define STATUS_NO_YIELD_PERFORMED cpu_to_le32(0x40000024)
+#define STATUS_TIMER_RESUME_IGNORED cpu_to_le32(0x40000025)
+#define STATUS_ARBITRATION_UNHANDLED cpu_to_le32(0x40000026)
+#define STATUS_CARDBUS_NOT_SUPPORTED cpu_to_le32(0x40000027)
+#define STATUS_WX86_CREATEWX86TIB cpu_to_le32(0x40000028)
+#define STATUS_MP_PROCESSOR_MISMATCH cpu_to_le32(0x40000029)
+#define STATUS_HIBERNATED cpu_to_le32(0x4000002A)
+#define STATUS_RESUME_HIBERNATION cpu_to_le32(0x4000002B)
+#define STATUS_FIRMWARE_UPDATED cpu_to_le32(0x4000002C)
+#define STATUS_DRIVERS_LEAKING_LOCKED_PAGES cpu_to_le32(0x4000002D)
+#define STATUS_MESSAGE_RETRIEVED cpu_to_le32(0x4000002E)
+#define STATUS_SYSTEM_POWERSTATE_TRANSITION cpu_to_le32(0x4000002F)
+#define STATUS_ALPC_CHECK_COMPLETION_LIST cpu_to_le32(0x40000030)
+#define STATUS_SYSTEM_POWERSTATE_COMPLEX_TRANSITION cpu_to_le32(0x40000031)
+#define STATUS_ACCESS_AUDIT_BY_POLICY cpu_to_le32(0x40000032)
+#define STATUS_ABANDON_HIBERFILE cpu_to_le32(0x40000033)
+#define STATUS_BIZRULES_NOT_ENABLED cpu_to_le32(0x40000034)
+#define STATUS_WAKE_SYSTEM cpu_to_le32(0x40000294)
+#define STATUS_DS_SHUTTING_DOWN cpu_to_le32(0x40000370)
+#define DBG_REPLY_LATER cpu_to_le32(0x40010001)
+#define DBG_UNABLE_TO_PROVIDE_HANDLE cpu_to_le32(0x40010002)
+#define DBG_TERMINATE_THREAD cpu_to_le32(0x40010003)
+#define DBG_TERMINATE_PROCESS cpu_to_le32(0x40010004)
+#define DBG_CONTROL_C cpu_to_le32(0x40010005)
+#define DBG_PRINTEXCEPTION_C cpu_to_le32(0x40010006)
+#define DBG_RIPEXCEPTION cpu_to_le32(0x40010007)
+#define DBG_CONTROL_BREAK cpu_to_le32(0x40010008)
+#define DBG_COMMAND_EXCEPTION cpu_to_le32(0x40010009)
+#define RPC_NT_UUID_LOCAL_ONLY cpu_to_le32(0x40020056)
+#define RPC_NT_SEND_INCOMPLETE cpu_to_le32(0x400200AF)
+#define STATUS_CTX_CDM_CONNECT cpu_to_le32(0x400A0004)
+#define STATUS_CTX_CDM_DISCONNECT cpu_to_le32(0x400A0005)
+#define STATUS_SXS_RELEASE_ACTIVATION_CONTEXT cpu_to_le32(0x4015000D)
+#define STATUS_RECOVERY_NOT_NEEDED cpu_to_le32(0x40190034)
+#define STATUS_RM_ALREADY_STARTED cpu_to_le32(0x40190035)
+#define STATUS_LOG_NO_RESTART cpu_to_le32(0x401A000C)
+#define STATUS_VIDEO_DRIVER_DEBUG_REPORT_REQUEST cpu_to_le32(0x401B00EC)
+#define STATUS_GRAPHICS_PARTIAL_DATA_POPULATED cpu_to_le32(0x401E000A)
+#define STATUS_GRAPHICS_DRIVER_MISMATCH cpu_to_le32(0x401E0117)
+#define STATUS_GRAPHICS_MODE_NOT_PINNED cpu_to_le32(0x401E0307)
+#define STATUS_GRAPHICS_NO_PREFERRED_MODE cpu_to_le32(0x401E031E)
+#define STATUS_GRAPHICS_DATASET_IS_EMPTY cpu_to_le32(0x401E034B)
+#define STATUS_GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET cpu_to_le32(0x401E034C)
+#define STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED \
+ cpu_to_le32(0x401E0351)
+#define STATUS_GRAPHICS_UNKNOWN_CHILD_STATUS cpu_to_le32(0x401E042F)
+#define STATUS_GRAPHICS_LEADLINK_START_DEFERRED cpu_to_le32(0x401E0437)
+#define STATUS_GRAPHICS_POLLING_TOO_FREQUENTLY cpu_to_le32(0x401E0439)
+#define STATUS_GRAPHICS_START_DEFERRED cpu_to_le32(0x401E043A)
+#define STATUS_NDIS_INDICATION_REQUIRED cpu_to_le32(0x40230001)
+#define STATUS_GUARD_PAGE_VIOLATION cpu_to_le32(0x80000001)
+#define STATUS_DATATYPE_MISALIGNMENT cpu_to_le32(0x80000002)
+#define STATUS_BREAKPOINT cpu_to_le32(0x80000003)
+#define STATUS_SINGLE_STEP cpu_to_le32(0x80000004)
+#define STATUS_BUFFER_OVERFLOW cpu_to_le32(0x80000005)
+#define STATUS_NO_MORE_FILES cpu_to_le32(0x80000006)
+#define STATUS_WAKE_SYSTEM_DEBUGGER cpu_to_le32(0x80000007)
+#define STATUS_HANDLES_CLOSED cpu_to_le32(0x8000000A)
+#define STATUS_NO_INHERITANCE cpu_to_le32(0x8000000B)
+#define STATUS_GUID_SUBSTITUTION_MADE cpu_to_le32(0x8000000C)
+#define STATUS_PARTIAL_COPY cpu_to_le32(0x8000000D)
+#define STATUS_DEVICE_PAPER_EMPTY cpu_to_le32(0x8000000E)
+#define STATUS_DEVICE_POWERED_OFF cpu_to_le32(0x8000000F)
+#define STATUS_DEVICE_OFF_LINE cpu_to_le32(0x80000010)
+#define STATUS_DEVICE_BUSY cpu_to_le32(0x80000011)
+#define STATUS_NO_MORE_EAS cpu_to_le32(0x80000012)
+#define STATUS_INVALID_EA_NAME cpu_to_le32(0x80000013)
+#define STATUS_EA_LIST_INCONSISTENT cpu_to_le32(0x80000014)
+#define STATUS_INVALID_EA_FLAG cpu_to_le32(0x80000015)
+#define STATUS_VERIFY_REQUIRED cpu_to_le32(0x80000016)
+#define STATUS_EXTRANEOUS_INFORMATION cpu_to_le32(0x80000017)
+#define STATUS_RXACT_COMMIT_NECESSARY cpu_to_le32(0x80000018)
+#define STATUS_NO_MORE_ENTRIES cpu_to_le32(0x8000001A)
+#define STATUS_FILEMARK_DETECTED cpu_to_le32(0x8000001B)
+#define STATUS_MEDIA_CHANGED cpu_to_le32(0x8000001C)
+#define STATUS_BUS_RESET cpu_to_le32(0x8000001D)
+#define STATUS_END_OF_MEDIA cpu_to_le32(0x8000001E)
+#define STATUS_BEGINNING_OF_MEDIA cpu_to_le32(0x8000001F)
+#define STATUS_MEDIA_CHECK cpu_to_le32(0x80000020)
+#define STATUS_SETMARK_DETECTED cpu_to_le32(0x80000021)
+#define STATUS_NO_DATA_DETECTED cpu_to_le32(0x80000022)
+#define STATUS_REDIRECTOR_HAS_OPEN_HANDLES cpu_to_le32(0x80000023)
+#define STATUS_SERVER_HAS_OPEN_HANDLES cpu_to_le32(0x80000024)
+#define STATUS_ALREADY_DISCONNECTED cpu_to_le32(0x80000025)
+#define STATUS_LONGJUMP cpu_to_le32(0x80000026)
+#define STATUS_CLEANER_CARTRIDGE_INSTALLED cpu_to_le32(0x80000027)
+#define STATUS_PLUGPLAY_QUERY_VETOED cpu_to_le32(0x80000028)
+#define STATUS_UNWIND_CONSOLIDATE cpu_to_le32(0x80000029)
+#define STATUS_REGISTRY_HIVE_RECOVERED cpu_to_le32(0x8000002A)
+#define STATUS_DLL_MIGHT_BE_INSECURE cpu_to_le32(0x8000002B)
+#define STATUS_DLL_MIGHT_BE_INCOMPATIBLE cpu_to_le32(0x8000002C)
+#define STATUS_STOPPED_ON_SYMLINK cpu_to_le32(0x8000002D)
+#define STATUS_DEVICE_REQUIRES_CLEANING cpu_to_le32(0x80000288)
+#define STATUS_DEVICE_DOOR_OPEN cpu_to_le32(0x80000289)
+#define STATUS_DATA_LOST_REPAIR cpu_to_le32(0x80000803)
+#define DBG_EXCEPTION_NOT_HANDLED cpu_to_le32(0x80010001)
+#define STATUS_CLUSTER_NODE_ALREADY_UP cpu_to_le32(0x80130001)
+#define STATUS_CLUSTER_NODE_ALREADY_DOWN cpu_to_le32(0x80130002)
+#define STATUS_CLUSTER_NETWORK_ALREADY_ONLINE cpu_to_le32(0x80130003)
+#define STATUS_CLUSTER_NETWORK_ALREADY_OFFLINE cpu_to_le32(0x80130004)
+#define STATUS_CLUSTER_NODE_ALREADY_MEMBER cpu_to_le32(0x80130005)
+#define STATUS_COULD_NOT_RESIZE_LOG cpu_to_le32(0x80190009)
+#define STATUS_NO_TXF_METADATA cpu_to_le32(0x80190029)
+#define STATUS_CANT_RECOVER_WITH_HANDLE_OPEN cpu_to_le32(0x80190031)
+#define STATUS_TXF_METADATA_ALREADY_PRESENT cpu_to_le32(0x80190041)
+#define STATUS_TRANSACTION_SCOPE_CALLBACKS_NOT_SET cpu_to_le32(0x80190042)
+#define STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD_RECOVERED \
+ cpu_to_le32(0x801B00EB)
+#define STATUS_FLT_BUFFER_TOO_SMALL cpu_to_le32(0x801C0001)
+#define STATUS_FVE_PARTIAL_METADATA cpu_to_le32(0x80210001)
+#define STATUS_UNSUCCESSFUL cpu_to_le32(0xC0000001)
+#define STATUS_NOT_IMPLEMENTED cpu_to_le32(0xC0000002)
+#define STATUS_INVALID_INFO_CLASS cpu_to_le32(0xC0000003)
+#define STATUS_INFO_LENGTH_MISMATCH cpu_to_le32(0xC0000004)
+#define STATUS_ACCESS_VIOLATION cpu_to_le32(0xC0000005)
+#define STATUS_IN_PAGE_ERROR cpu_to_le32(0xC0000006)
+#define STATUS_PAGEFILE_QUOTA cpu_to_le32(0xC0000007)
+#define STATUS_INVALID_HANDLE cpu_to_le32(0xC0000008)
+#define STATUS_BAD_INITIAL_STACK cpu_to_le32(0xC0000009)
+#define STATUS_BAD_INITIAL_PC cpu_to_le32(0xC000000A)
+#define STATUS_INVALID_CID cpu_to_le32(0xC000000B)
+#define STATUS_TIMER_NOT_CANCELED cpu_to_le32(0xC000000C)
+#define STATUS_INVALID_PARAMETER cpu_to_le32(0xC000000D)
+#define STATUS_NO_SUCH_DEVICE cpu_to_le32(0xC000000E)
+#define STATUS_NO_SUCH_FILE cpu_to_le32(0xC000000F)
+#define STATUS_INVALID_DEVICE_REQUEST cpu_to_le32(0xC0000010)
+#define STATUS_END_OF_FILE cpu_to_le32(0xC0000011)
+#define STATUS_WRONG_VOLUME cpu_to_le32(0xC0000012)
+#define STATUS_NO_MEDIA_IN_DEVICE cpu_to_le32(0xC0000013)
+#define STATUS_UNRECOGNIZED_MEDIA cpu_to_le32(0xC0000014)
+#define STATUS_NONEXISTENT_SECTOR cpu_to_le32(0xC0000015)
+#define STATUS_MORE_PROCESSING_REQUIRED cpu_to_le32(0xC0000016)
+#define STATUS_NO_MEMORY cpu_to_le32(0xC0000017)
+#define STATUS_CONFLICTING_ADDRESSES cpu_to_le32(0xC0000018)
+#define STATUS_NOT_MAPPED_VIEW cpu_to_le32(0xC0000019)
+#define STATUS_UNABLE_TO_FREE_VM cpu_to_le32(0xC000001A)
+#define STATUS_UNABLE_TO_DELETE_SECTION cpu_to_le32(0xC000001B)
+#define STATUS_INVALID_SYSTEM_SERVICE cpu_to_le32(0xC000001C)
+#define STATUS_ILLEGAL_INSTRUCTION cpu_to_le32(0xC000001D)
+#define STATUS_INVALID_LOCK_SEQUENCE cpu_to_le32(0xC000001E)
+#define STATUS_INVALID_VIEW_SIZE cpu_to_le32(0xC000001F)
+#define STATUS_INVALID_FILE_FOR_SECTION cpu_to_le32(0xC0000020)
+#define STATUS_ALREADY_COMMITTED cpu_to_le32(0xC0000021)
+#define STATUS_ACCESS_DENIED cpu_to_le32(0xC0000022)
+#define STATUS_BUFFER_TOO_SMALL cpu_to_le32(0xC0000023)
+#define STATUS_OBJECT_TYPE_MISMATCH cpu_to_le32(0xC0000024)
+#define STATUS_NONCONTINUABLE_EXCEPTION cpu_to_le32(0xC0000025)
+#define STATUS_INVALID_DISPOSITION cpu_to_le32(0xC0000026)
+#define STATUS_UNWIND cpu_to_le32(0xC0000027)
+#define STATUS_BAD_STACK cpu_to_le32(0xC0000028)
+#define STATUS_INVALID_UNWIND_TARGET cpu_to_le32(0xC0000029)
+#define STATUS_NOT_LOCKED cpu_to_le32(0xC000002A)
+#define STATUS_PARITY_ERROR cpu_to_le32(0xC000002B)
+#define STATUS_UNABLE_TO_DECOMMIT_VM cpu_to_le32(0xC000002C)
+#define STATUS_NOT_COMMITTED cpu_to_le32(0xC000002D)
+#define STATUS_INVALID_PORT_ATTRIBUTES cpu_to_le32(0xC000002E)
+#define STATUS_PORT_MESSAGE_TOO_LONG cpu_to_le32(0xC000002F)
+#define STATUS_INVALID_PARAMETER_MIX cpu_to_le32(0xC0000030)
+#define STATUS_INVALID_QUOTA_LOWER cpu_to_le32(0xC0000031)
+#define STATUS_DISK_CORRUPT_ERROR cpu_to_le32(0xC0000032)
+#define STATUS_OBJECT_NAME_INVALID cpu_to_le32(0xC0000033)
+#define STATUS_OBJECT_NAME_NOT_FOUND cpu_to_le32(0xC0000034)
+#define STATUS_OBJECT_NAME_COLLISION cpu_to_le32(0xC0000035)
+#define STATUS_PORT_DISCONNECTED cpu_to_le32(0xC0000037)
+#define STATUS_DEVICE_ALREADY_ATTACHED cpu_to_le32(0xC0000038)
+#define STATUS_OBJECT_PATH_INVALID cpu_to_le32(0xC0000039)
+#define STATUS_OBJECT_PATH_NOT_FOUND cpu_to_le32(0xC000003A)
+#define STATUS_OBJECT_PATH_SYNTAX_BAD cpu_to_le32(0xC000003B)
+#define STATUS_DATA_OVERRUN cpu_to_le32(0xC000003C)
+#define STATUS_DATA_LATE_ERROR cpu_to_le32(0xC000003D)
+#define STATUS_DATA_ERROR cpu_to_le32(0xC000003E)
+#define STATUS_CRC_ERROR cpu_to_le32(0xC000003F)
+#define STATUS_SECTION_TOO_BIG cpu_to_le32(0xC0000040)
+#define STATUS_PORT_CONNECTION_REFUSED cpu_to_le32(0xC0000041)
+#define STATUS_INVALID_PORT_HANDLE cpu_to_le32(0xC0000042)
+#define STATUS_SHARING_VIOLATION cpu_to_le32(0xC0000043)
+#define STATUS_QUOTA_EXCEEDED cpu_to_le32(0xC0000044)
+#define STATUS_INVALID_PAGE_PROTECTION cpu_to_le32(0xC0000045)
+#define STATUS_MUTANT_NOT_OWNED cpu_to_le32(0xC0000046)
+#define STATUS_SEMAPHORE_LIMIT_EXCEEDED cpu_to_le32(0xC0000047)
+#define STATUS_PORT_ALREADY_SET cpu_to_le32(0xC0000048)
+#define STATUS_SECTION_NOT_IMAGE cpu_to_le32(0xC0000049)
+#define STATUS_SUSPEND_COUNT_EXCEEDED cpu_to_le32(0xC000004A)
+#define STATUS_THREAD_IS_TERMINATING cpu_to_le32(0xC000004B)
+#define STATUS_BAD_WORKING_SET_LIMIT cpu_to_le32(0xC000004C)
+#define STATUS_INCOMPATIBLE_FILE_MAP cpu_to_le32(0xC000004D)
+#define STATUS_SECTION_PROTECTION cpu_to_le32(0xC000004E)
+#define STATUS_EAS_NOT_SUPPORTED cpu_to_le32(0xC000004F)
+#define STATUS_EA_TOO_LARGE cpu_to_le32(0xC0000050)
+#define STATUS_NONEXISTENT_EA_ENTRY cpu_to_le32(0xC0000051)
+#define STATUS_NO_EAS_ON_FILE cpu_to_le32(0xC0000052)
+#define STATUS_EA_CORRUPT_ERROR cpu_to_le32(0xC0000053)
+#define STATUS_FILE_LOCK_CONFLICT cpu_to_le32(0xC0000054)
+#define STATUS_LOCK_NOT_GRANTED cpu_to_le32(0xC0000055)
+#define STATUS_DELETE_PENDING cpu_to_le32(0xC0000056)
+#define STATUS_CTL_FILE_NOT_SUPPORTED cpu_to_le32(0xC0000057)
+#define STATUS_UNKNOWN_REVISION cpu_to_le32(0xC0000058)
+#define STATUS_REVISION_MISMATCH cpu_to_le32(0xC0000059)
+#define STATUS_INVALID_OWNER cpu_to_le32(0xC000005A)
+#define STATUS_INVALID_PRIMARY_GROUP cpu_to_le32(0xC000005B)
+#define STATUS_NO_IMPERSONATION_TOKEN cpu_to_le32(0xC000005C)
+#define STATUS_CANT_DISABLE_MANDATORY cpu_to_le32(0xC000005D)
+#define STATUS_NO_LOGON_SERVERS cpu_to_le32(0xC000005E)
+#define STATUS_NO_SUCH_LOGON_SESSION cpu_to_le32(0xC000005F)
+#define STATUS_NO_SUCH_PRIVILEGE cpu_to_le32(0xC0000060)
+#define STATUS_PRIVILEGE_NOT_HELD cpu_to_le32(0xC0000061)
+#define STATUS_INVALID_ACCOUNT_NAME cpu_to_le32(0xC0000062)
+#define STATUS_USER_EXISTS cpu_to_le32(0xC0000063)
+#define STATUS_NO_SUCH_USER cpu_to_le32(0xC0000064)
+#define STATUS_GROUP_EXISTS cpu_to_le32(0xC0000065)
+#define STATUS_NO_SUCH_GROUP cpu_to_le32(0xC0000066)
+#define STATUS_MEMBER_IN_GROUP cpu_to_le32(0xC0000067)
+#define STATUS_MEMBER_NOT_IN_GROUP cpu_to_le32(0xC0000068)
+#define STATUS_LAST_ADMIN cpu_to_le32(0xC0000069)
+#define STATUS_WRONG_PASSWORD cpu_to_le32(0xC000006A)
+#define STATUS_ILL_FORMED_PASSWORD cpu_to_le32(0xC000006B)
+#define STATUS_PASSWORD_RESTRICTION cpu_to_le32(0xC000006C)
+#define STATUS_LOGON_FAILURE cpu_to_le32(0xC000006D)
+#define STATUS_ACCOUNT_RESTRICTION cpu_to_le32(0xC000006E)
+#define STATUS_INVALID_LOGON_HOURS cpu_to_le32(0xC000006F)
+#define STATUS_INVALID_WORKSTATION cpu_to_le32(0xC0000070)
+#define STATUS_PASSWORD_EXPIRED cpu_to_le32(0xC0000071)
+#define STATUS_ACCOUNT_DISABLED cpu_to_le32(0xC0000072)
+#define STATUS_NONE_MAPPED cpu_to_le32(0xC0000073)
+#define STATUS_TOO_MANY_LUIDS_REQUESTED cpu_to_le32(0xC0000074)
+#define STATUS_LUIDS_EXHAUSTED cpu_to_le32(0xC0000075)
+#define STATUS_INVALID_SUB_AUTHORITY cpu_to_le32(0xC0000076)
+#define STATUS_INVALID_ACL cpu_to_le32(0xC0000077)
+#define STATUS_INVALID_SID cpu_to_le32(0xC0000078)
+#define STATUS_INVALID_SECURITY_DESCR cpu_to_le32(0xC0000079)
+#define STATUS_PROCEDURE_NOT_FOUND cpu_to_le32(0xC000007A)
+#define STATUS_INVALID_IMAGE_FORMAT cpu_to_le32(0xC000007B)
+#define STATUS_NO_TOKEN cpu_to_le32(0xC000007C)
+#define STATUS_BAD_INHERITANCE_ACL cpu_to_le32(0xC000007D)
+#define STATUS_RANGE_NOT_LOCKED cpu_to_le32(0xC000007E)
+#define STATUS_DISK_FULL cpu_to_le32(0xC000007F)
+#define STATUS_SERVER_DISABLED cpu_to_le32(0xC0000080)
+#define STATUS_SERVER_NOT_DISABLED cpu_to_le32(0xC0000081)
+#define STATUS_TOO_MANY_GUIDS_REQUESTED cpu_to_le32(0xC0000082)
+#define STATUS_GUIDS_EXHAUSTED cpu_to_le32(0xC0000083)
+#define STATUS_INVALID_ID_AUTHORITY cpu_to_le32(0xC0000084)
+#define STATUS_AGENTS_EXHAUSTED cpu_to_le32(0xC0000085)
+#define STATUS_INVALID_VOLUME_LABEL cpu_to_le32(0xC0000086)
+#define STATUS_SECTION_NOT_EXTENDED cpu_to_le32(0xC0000087)
+#define STATUS_NOT_MAPPED_DATA cpu_to_le32(0xC0000088)
+#define STATUS_RESOURCE_DATA_NOT_FOUND cpu_to_le32(0xC0000089)
+#define STATUS_RESOURCE_TYPE_NOT_FOUND cpu_to_le32(0xC000008A)
+#define STATUS_RESOURCE_NAME_NOT_FOUND cpu_to_le32(0xC000008B)
+#define STATUS_ARRAY_BOUNDS_EXCEEDED cpu_to_le32(0xC000008C)
+#define STATUS_FLOAT_DENORMAL_OPERAND cpu_to_le32(0xC000008D)
+#define STATUS_FLOAT_DIVIDE_BY_ZERO cpu_to_le32(0xC000008E)
+#define STATUS_FLOAT_INEXACT_RESULT cpu_to_le32(0xC000008F)
+#define STATUS_FLOAT_INVALID_OPERATION cpu_to_le32(0xC0000090)
+#define STATUS_FLOAT_OVERFLOW cpu_to_le32(0xC0000091)
+#define STATUS_FLOAT_STACK_CHECK cpu_to_le32(0xC0000092)
+#define STATUS_FLOAT_UNDERFLOW cpu_to_le32(0xC0000093)
+#define STATUS_INTEGER_DIVIDE_BY_ZERO cpu_to_le32(0xC0000094)
+#define STATUS_INTEGER_OVERFLOW cpu_to_le32(0xC0000095)
+#define STATUS_PRIVILEGED_INSTRUCTION cpu_to_le32(0xC0000096)
+#define STATUS_TOO_MANY_PAGING_FILES cpu_to_le32(0xC0000097)
+#define STATUS_FILE_INVALID cpu_to_le32(0xC0000098)
+#define STATUS_ALLOTTED_SPACE_EXCEEDED cpu_to_le32(0xC0000099)
+#define STATUS_INSUFFICIENT_RESOURCES cpu_to_le32(0xC000009A)
+#define STATUS_DFS_EXIT_PATH_FOUND cpu_to_le32(0xC000009B)
+#define STATUS_DEVICE_DATA_ERROR cpu_to_le32(0xC000009C)
+#define STATUS_DEVICE_NOT_CONNECTED cpu_to_le32(0xC000009D)
+#define STATUS_DEVICE_POWER_FAILURE cpu_to_le32(0xC000009E)
+#define STATUS_FREE_VM_NOT_AT_BASE cpu_to_le32(0xC000009F)
+#define STATUS_MEMORY_NOT_ALLOCATED cpu_to_le32(0xC00000A0)
+#define STATUS_WORKING_SET_QUOTA cpu_to_le32(0xC00000A1)
+#define STATUS_MEDIA_WRITE_PROTECTED cpu_to_le32(0xC00000A2)
+#define STATUS_DEVICE_NOT_READY cpu_to_le32(0xC00000A3)
+#define STATUS_INVALID_GROUP_ATTRIBUTES cpu_to_le32(0xC00000A4)
+#define STATUS_BAD_IMPERSONATION_LEVEL cpu_to_le32(0xC00000A5)
+#define STATUS_CANT_OPEN_ANONYMOUS cpu_to_le32(0xC00000A6)
+#define STATUS_BAD_VALIDATION_CLASS cpu_to_le32(0xC00000A7)
+#define STATUS_BAD_TOKEN_TYPE cpu_to_le32(0xC00000A8)
+#define STATUS_BAD_MASTER_BOOT_RECORD cpu_to_le32(0xC00000A9)
+#define STATUS_INSTRUCTION_MISALIGNMENT cpu_to_le32(0xC00000AA)
+#define STATUS_INSTANCE_NOT_AVAILABLE cpu_to_le32(0xC00000AB)
+#define STATUS_PIPE_NOT_AVAILABLE cpu_to_le32(0xC00000AC)
+#define STATUS_INVALID_PIPE_STATE cpu_to_le32(0xC00000AD)
+#define STATUS_PIPE_BUSY cpu_to_le32(0xC00000AE)
+#define STATUS_ILLEGAL_FUNCTION cpu_to_le32(0xC00000AF)
+#define STATUS_PIPE_DISCONNECTED cpu_to_le32(0xC00000B0)
+#define STATUS_PIPE_CLOSING cpu_to_le32(0xC00000B1)
+#define STATUS_PIPE_CONNECTED cpu_to_le32(0xC00000B2)
+#define STATUS_PIPE_LISTENING cpu_to_le32(0xC00000B3)
+#define STATUS_INVALID_READ_MODE cpu_to_le32(0xC00000B4)
+#define STATUS_IO_TIMEOUT cpu_to_le32(0xC00000B5)
+#define STATUS_FILE_FORCED_CLOSED cpu_to_le32(0xC00000B6)
+#define STATUS_PROFILING_NOT_STARTED cpu_to_le32(0xC00000B7)
+#define STATUS_PROFILING_NOT_STOPPED cpu_to_le32(0xC00000B8)
+#define STATUS_COULD_NOT_INTERPRET cpu_to_le32(0xC00000B9)
+#define STATUS_FILE_IS_A_DIRECTORY cpu_to_le32(0xC00000BA)
+#define STATUS_NOT_SUPPORTED cpu_to_le32(0xC00000BB)
+#define STATUS_REMOTE_NOT_LISTENING cpu_to_le32(0xC00000BC)
+#define STATUS_DUPLICATE_NAME cpu_to_le32(0xC00000BD)
+#define STATUS_BAD_NETWORK_PATH cpu_to_le32(0xC00000BE)
+#define STATUS_NETWORK_BUSY cpu_to_le32(0xC00000BF)
+#define STATUS_DEVICE_DOES_NOT_EXIST cpu_to_le32(0xC00000C0)
+#define STATUS_TOO_MANY_COMMANDS cpu_to_le32(0xC00000C1)
+#define STATUS_ADAPTER_HARDWARE_ERROR cpu_to_le32(0xC00000C2)
+#define STATUS_INVALID_NETWORK_RESPONSE cpu_to_le32(0xC00000C3)
+#define STATUS_UNEXPECTED_NETWORK_ERROR cpu_to_le32(0xC00000C4)
+#define STATUS_BAD_REMOTE_ADAPTER cpu_to_le32(0xC00000C5)
+#define STATUS_PRINT_QUEUE_FULL cpu_to_le32(0xC00000C6)
+#define STATUS_NO_SPOOL_SPACE cpu_to_le32(0xC00000C7)
+#define STATUS_PRINT_CANCELLED cpu_to_le32(0xC00000C8)
+#define STATUS_NETWORK_NAME_DELETED cpu_to_le32(0xC00000C9)
+#define STATUS_NETWORK_ACCESS_DENIED cpu_to_le32(0xC00000CA)
+#define STATUS_BAD_DEVICE_TYPE cpu_to_le32(0xC00000CB)
+#define STATUS_BAD_NETWORK_NAME cpu_to_le32(0xC00000CC)
+#define STATUS_TOO_MANY_NAMES cpu_to_le32(0xC00000CD)
+#define STATUS_TOO_MANY_SESSIONS cpu_to_le32(0xC00000CE)
+#define STATUS_SHARING_PAUSED cpu_to_le32(0xC00000CF)
+#define STATUS_REQUEST_NOT_ACCEPTED cpu_to_le32(0xC00000D0)
+#define STATUS_REDIRECTOR_PAUSED cpu_to_le32(0xC00000D1)
+#define STATUS_NET_WRITE_FAULT cpu_to_le32(0xC00000D2)
+#define STATUS_PROFILING_AT_LIMIT cpu_to_le32(0xC00000D3)
+#define STATUS_NOT_SAME_DEVICE cpu_to_le32(0xC00000D4)
+#define STATUS_FILE_RENAMED cpu_to_le32(0xC00000D5)
+#define STATUS_VIRTUAL_CIRCUIT_CLOSED cpu_to_le32(0xC00000D6)
+#define STATUS_NO_SECURITY_ON_OBJECT cpu_to_le32(0xC00000D7)
+#define STATUS_CANT_WAIT cpu_to_le32(0xC00000D8)
+#define STATUS_PIPE_EMPTY cpu_to_le32(0xC00000D9)
+#define STATUS_CANT_ACCESS_DOMAIN_INFO cpu_to_le32(0xC00000DA)
+#define STATUS_CANT_TERMINATE_SELF cpu_to_le32(0xC00000DB)
+#define STATUS_INVALID_SERVER_STATE cpu_to_le32(0xC00000DC)
+#define STATUS_INVALID_DOMAIN_STATE cpu_to_le32(0xC00000DD)
+#define STATUS_INVALID_DOMAIN_ROLE cpu_to_le32(0xC00000DE)
+#define STATUS_NO_SUCH_DOMAIN cpu_to_le32(0xC00000DF)
+#define STATUS_DOMAIN_EXISTS cpu_to_le32(0xC00000E0)
+#define STATUS_DOMAIN_LIMIT_EXCEEDED cpu_to_le32(0xC00000E1)
+#define STATUS_OPLOCK_NOT_GRANTED cpu_to_le32(0xC00000E2)
+#define STATUS_INVALID_OPLOCK_PROTOCOL cpu_to_le32(0xC00000E3)
+#define STATUS_INTERNAL_DB_CORRUPTION cpu_to_le32(0xC00000E4)
+#define STATUS_INTERNAL_ERROR cpu_to_le32(0xC00000E5)
+#define STATUS_GENERIC_NOT_MAPPED cpu_to_le32(0xC00000E6)
+#define STATUS_BAD_DESCRIPTOR_FORMAT cpu_to_le32(0xC00000E7)
+#define STATUS_INVALID_USER_BUFFER cpu_to_le32(0xC00000E8)
+#define STATUS_UNEXPECTED_IO_ERROR cpu_to_le32(0xC00000E9)
+#define STATUS_UNEXPECTED_MM_CREATE_ERR cpu_to_le32(0xC00000EA)
+#define STATUS_UNEXPECTED_MM_MAP_ERROR cpu_to_le32(0xC00000EB)
+#define STATUS_UNEXPECTED_MM_EXTEND_ERR cpu_to_le32(0xC00000EC)
+#define STATUS_NOT_LOGON_PROCESS cpu_to_le32(0xC00000ED)
+#define STATUS_LOGON_SESSION_EXISTS cpu_to_le32(0xC00000EE)
+#define STATUS_INVALID_PARAMETER_1 cpu_to_le32(0xC00000EF)
+#define STATUS_INVALID_PARAMETER_2 cpu_to_le32(0xC00000F0)
+#define STATUS_INVALID_PARAMETER_3 cpu_to_le32(0xC00000F1)
+#define STATUS_INVALID_PARAMETER_4 cpu_to_le32(0xC00000F2)
+#define STATUS_INVALID_PARAMETER_5 cpu_to_le32(0xC00000F3)
+#define STATUS_INVALID_PARAMETER_6 cpu_to_le32(0xC00000F4)
+#define STATUS_INVALID_PARAMETER_7 cpu_to_le32(0xC00000F5)
+#define STATUS_INVALID_PARAMETER_8 cpu_to_le32(0xC00000F6)
+#define STATUS_INVALID_PARAMETER_9 cpu_to_le32(0xC00000F7)
+#define STATUS_INVALID_PARAMETER_10 cpu_to_le32(0xC00000F8)
+#define STATUS_INVALID_PARAMETER_11 cpu_to_le32(0xC00000F9)
+#define STATUS_INVALID_PARAMETER_12 cpu_to_le32(0xC00000FA)
+#define STATUS_REDIRECTOR_NOT_STARTED cpu_to_le32(0xC00000FB)
+#define STATUS_REDIRECTOR_STARTED cpu_to_le32(0xC00000FC)
+#define STATUS_STACK_OVERFLOW cpu_to_le32(0xC00000FD)
+#define STATUS_NO_SUCH_PACKAGE cpu_to_le32(0xC00000FE)
+#define STATUS_BAD_FUNCTION_TABLE cpu_to_le32(0xC00000FF)
+#define STATUS_VARIABLE_NOT_FOUND cpu_to_le32(0xC0000100)
+#define STATUS_DIRECTORY_NOT_EMPTY cpu_to_le32(0xC0000101)
+#define STATUS_FILE_CORRUPT_ERROR cpu_to_le32(0xC0000102)
+#define STATUS_NOT_A_DIRECTORY cpu_to_le32(0xC0000103)
+#define STATUS_BAD_LOGON_SESSION_STATE cpu_to_le32(0xC0000104)
+#define STATUS_LOGON_SESSION_COLLISION cpu_to_le32(0xC0000105)
+#define STATUS_NAME_TOO_LONG cpu_to_le32(0xC0000106)
+#define STATUS_FILES_OPEN cpu_to_le32(0xC0000107)
+#define STATUS_CONNECTION_IN_USE cpu_to_le32(0xC0000108)
+#define STATUS_MESSAGE_NOT_FOUND cpu_to_le32(0xC0000109)
+#define STATUS_PROCESS_IS_TERMINATING cpu_to_le32(0xC000010A)
+#define STATUS_INVALID_LOGON_TYPE cpu_to_le32(0xC000010B)
+#define STATUS_NO_GUID_TRANSLATION cpu_to_le32(0xC000010C)
+#define STATUS_CANNOT_IMPERSONATE cpu_to_le32(0xC000010D)
+#define STATUS_IMAGE_ALREADY_LOADED cpu_to_le32(0xC000010E)
+#define STATUS_ABIOS_NOT_PRESENT cpu_to_le32(0xC000010F)
+#define STATUS_ABIOS_LID_NOT_EXIST cpu_to_le32(0xC0000110)
+#define STATUS_ABIOS_LID_ALREADY_OWNED cpu_to_le32(0xC0000111)
+#define STATUS_ABIOS_NOT_LID_OWNER cpu_to_le32(0xC0000112)
+#define STATUS_ABIOS_INVALID_COMMAND cpu_to_le32(0xC0000113)
+#define STATUS_ABIOS_INVALID_LID cpu_to_le32(0xC0000114)
+#define STATUS_ABIOS_SELECTOR_NOT_AVAILABLE cpu_to_le32(0xC0000115)
+#define STATUS_ABIOS_INVALID_SELECTOR cpu_to_le32(0xC0000116)
+#define STATUS_NO_LDT cpu_to_le32(0xC0000117)
+#define STATUS_INVALID_LDT_SIZE cpu_to_le32(0xC0000118)
+#define STATUS_INVALID_LDT_OFFSET cpu_to_le32(0xC0000119)
+#define STATUS_INVALID_LDT_DESCRIPTOR cpu_to_le32(0xC000011A)
+#define STATUS_INVALID_IMAGE_NE_FORMAT cpu_to_le32(0xC000011B)
+#define STATUS_RXACT_INVALID_STATE cpu_to_le32(0xC000011C)
+#define STATUS_RXACT_COMMIT_FAILURE cpu_to_le32(0xC000011D)
+#define STATUS_MAPPED_FILE_SIZE_ZERO cpu_to_le32(0xC000011E)
+#define STATUS_TOO_MANY_OPENED_FILES cpu_to_le32(0xC000011F)
+#define STATUS_CANCELLED cpu_to_le32(0xC0000120)
+#define STATUS_CANNOT_DELETE cpu_to_le32(0xC0000121)
+#define STATUS_INVALID_COMPUTER_NAME cpu_to_le32(0xC0000122)
+#define STATUS_FILE_DELETED cpu_to_le32(0xC0000123)
+#define STATUS_SPECIAL_ACCOUNT cpu_to_le32(0xC0000124)
+#define STATUS_SPECIAL_GROUP cpu_to_le32(0xC0000125)
+#define STATUS_SPECIAL_USER cpu_to_le32(0xC0000126)
+#define STATUS_MEMBERS_PRIMARY_GROUP cpu_to_le32(0xC0000127)
+#define STATUS_FILE_CLOSED cpu_to_le32(0xC0000128)
+#define STATUS_TOO_MANY_THREADS cpu_to_le32(0xC0000129)
+#define STATUS_THREAD_NOT_IN_PROCESS cpu_to_le32(0xC000012A)
+#define STATUS_TOKEN_ALREADY_IN_USE cpu_to_le32(0xC000012B)
+#define STATUS_PAGEFILE_QUOTA_EXCEEDED cpu_to_le32(0xC000012C)
+#define STATUS_COMMITMENT_LIMIT cpu_to_le32(0xC000012D)
+#define STATUS_INVALID_IMAGE_LE_FORMAT cpu_to_le32(0xC000012E)
+#define STATUS_INVALID_IMAGE_NOT_MZ cpu_to_le32(0xC000012F)
+#define STATUS_INVALID_IMAGE_PROTECT cpu_to_le32(0xC0000130)
+#define STATUS_INVALID_IMAGE_WIN_16 cpu_to_le32(0xC0000131)
+#define STATUS_LOGON_SERVER_CONFLICT cpu_to_le32(0xC0000132)
+#define STATUS_TIME_DIFFERENCE_AT_DC cpu_to_le32(0xC0000133)
+#define STATUS_SYNCHRONIZATION_REQUIRED cpu_to_le32(0xC0000134)
+#define STATUS_DLL_NOT_FOUND cpu_to_le32(0xC0000135)
+#define STATUS_OPEN_FAILED cpu_to_le32(0xC0000136)
+#define STATUS_IO_PRIVILEGE_FAILED cpu_to_le32(0xC0000137)
+#define STATUS_ORDINAL_NOT_FOUND cpu_to_le32(0xC0000138)
+#define STATUS_ENTRYPOINT_NOT_FOUND cpu_to_le32(0xC0000139)
+#define STATUS_CONTROL_C_EXIT cpu_to_le32(0xC000013A)
+#define STATUS_LOCAL_DISCONNECT cpu_to_le32(0xC000013B)
+#define STATUS_REMOTE_DISCONNECT cpu_to_le32(0xC000013C)
+#define STATUS_REMOTE_RESOURCES cpu_to_le32(0xC000013D)
+#define STATUS_LINK_FAILED cpu_to_le32(0xC000013E)
+#define STATUS_LINK_TIMEOUT cpu_to_le32(0xC000013F)
+#define STATUS_INVALID_CONNECTION cpu_to_le32(0xC0000140)
+#define STATUS_INVALID_ADDRESS cpu_to_le32(0xC0000141)
+#define STATUS_DLL_INIT_FAILED cpu_to_le32(0xC0000142)
+#define STATUS_MISSING_SYSTEMFILE cpu_to_le32(0xC0000143)
+#define STATUS_UNHANDLED_EXCEPTION cpu_to_le32(0xC0000144)
+#define STATUS_APP_INIT_FAILURE cpu_to_le32(0xC0000145)
+#define STATUS_PAGEFILE_CREATE_FAILED cpu_to_le32(0xC0000146)
+#define STATUS_NO_PAGEFILE cpu_to_le32(0xC0000147)
+#define STATUS_INVALID_LEVEL cpu_to_le32(0xC0000148)
+#define STATUS_WRONG_PASSWORD_CORE cpu_to_le32(0xC0000149)
+#define STATUS_ILLEGAL_FLOAT_CONTEXT cpu_to_le32(0xC000014A)
+#define STATUS_PIPE_BROKEN cpu_to_le32(0xC000014B)
+#define STATUS_REGISTRY_CORRUPT cpu_to_le32(0xC000014C)
+#define STATUS_REGISTRY_IO_FAILED cpu_to_le32(0xC000014D)
+#define STATUS_NO_EVENT_PAIR cpu_to_le32(0xC000014E)
+#define STATUS_UNRECOGNIZED_VOLUME cpu_to_le32(0xC000014F)
+#define STATUS_SERIAL_NO_DEVICE_INITED cpu_to_le32(0xC0000150)
+#define STATUS_NO_SUCH_ALIAS cpu_to_le32(0xC0000151)
+#define STATUS_MEMBER_NOT_IN_ALIAS cpu_to_le32(0xC0000152)
+#define STATUS_MEMBER_IN_ALIAS cpu_to_le32(0xC0000153)
+#define STATUS_ALIAS_EXISTS cpu_to_le32(0xC0000154)
+#define STATUS_LOGON_NOT_GRANTED cpu_to_le32(0xC0000155)
+#define STATUS_TOO_MANY_SECRETS cpu_to_le32(0xC0000156)
+#define STATUS_SECRET_TOO_LONG cpu_to_le32(0xC0000157)
+#define STATUS_INTERNAL_DB_ERROR cpu_to_le32(0xC0000158)
+#define STATUS_FULLSCREEN_MODE cpu_to_le32(0xC0000159)
+#define STATUS_TOO_MANY_CONTEXT_IDS cpu_to_le32(0xC000015A)
+#define STATUS_LOGON_TYPE_NOT_GRANTED cpu_to_le32(0xC000015B)
+#define STATUS_NOT_REGISTRY_FILE cpu_to_le32(0xC000015C)
+#define STATUS_NT_CROSS_ENCRYPTION_REQUIRED cpu_to_le32(0xC000015D)
+#define STATUS_DOMAIN_CTRLR_CONFIG_ERROR cpu_to_le32(0xC000015E)
+#define STATUS_FT_MISSING_MEMBER cpu_to_le32(0xC000015F)
+#define STATUS_ILL_FORMED_SERVICE_ENTRY cpu_to_le32(0xC0000160)
+#define STATUS_ILLEGAL_CHARACTER cpu_to_le32(0xC0000161)
+#define STATUS_UNMAPPABLE_CHARACTER cpu_to_le32(0xC0000162)
+#define STATUS_UNDEFINED_CHARACTER cpu_to_le32(0xC0000163)
+#define STATUS_FLOPPY_VOLUME cpu_to_le32(0xC0000164)
+#define STATUS_FLOPPY_ID_MARK_NOT_FOUND cpu_to_le32(0xC0000165)
+#define STATUS_FLOPPY_WRONG_CYLINDER cpu_to_le32(0xC0000166)
+#define STATUS_FLOPPY_UNKNOWN_ERROR cpu_to_le32(0xC0000167)
+#define STATUS_FLOPPY_BAD_REGISTERS cpu_to_le32(0xC0000168)
+#define STATUS_DISK_RECALIBRATE_FAILED cpu_to_le32(0xC0000169)
+#define STATUS_DISK_OPERATION_FAILED cpu_to_le32(0xC000016A)
+#define STATUS_DISK_RESET_FAILED cpu_to_le32(0xC000016B)
+#define STATUS_SHARED_IRQ_BUSY cpu_to_le32(0xC000016C)
+#define STATUS_FT_ORPHANING cpu_to_le32(0xC000016D)
+#define STATUS_BIOS_FAILED_TO_CONNECT_INTERRUPT cpu_to_le32(0xC000016E)
+#define STATUS_PARTITION_FAILURE cpu_to_le32(0xC0000172)
+#define STATUS_INVALID_BLOCK_LENGTH cpu_to_le32(0xC0000173)
+#define STATUS_DEVICE_NOT_PARTITIONED cpu_to_le32(0xC0000174)
+#define STATUS_UNABLE_TO_LOCK_MEDIA cpu_to_le32(0xC0000175)
+#define STATUS_UNABLE_TO_UNLOAD_MEDIA cpu_to_le32(0xC0000176)
+#define STATUS_EOM_OVERFLOW cpu_to_le32(0xC0000177)
+#define STATUS_NO_MEDIA cpu_to_le32(0xC0000178)
+#define STATUS_NO_SUCH_MEMBER cpu_to_le32(0xC000017A)
+#define STATUS_INVALID_MEMBER cpu_to_le32(0xC000017B)
+#define STATUS_KEY_DELETED cpu_to_le32(0xC000017C)
+#define STATUS_NO_LOG_SPACE cpu_to_le32(0xC000017D)
+#define STATUS_TOO_MANY_SIDS cpu_to_le32(0xC000017E)
+#define STATUS_LM_CROSS_ENCRYPTION_REQUIRED cpu_to_le32(0xC000017F)
+#define STATUS_KEY_HAS_CHILDREN cpu_to_le32(0xC0000180)
+#define STATUS_CHILD_MUST_BE_VOLATILE cpu_to_le32(0xC0000181)
+#define STATUS_DEVICE_CONFIGURATION_ERROR cpu_to_le32(0xC0000182)
+#define STATUS_DRIVER_INTERNAL_ERROR cpu_to_le32(0xC0000183)
+#define STATUS_INVALID_DEVICE_STATE cpu_to_le32(0xC0000184)
+#define STATUS_IO_DEVICE_ERROR cpu_to_le32(0xC0000185)
+#define STATUS_DEVICE_PROTOCOL_ERROR cpu_to_le32(0xC0000186)
+#define STATUS_BACKUP_CONTROLLER cpu_to_le32(0xC0000187)
+#define STATUS_LOG_FILE_FULL cpu_to_le32(0xC0000188)
+#define STATUS_TOO_LATE cpu_to_le32(0xC0000189)
+#define STATUS_NO_TRUST_LSA_SECRET cpu_to_le32(0xC000018A)
+#define STATUS_NO_TRUST_SAM_ACCOUNT cpu_to_le32(0xC000018B)
+#define STATUS_TRUSTED_DOMAIN_FAILURE cpu_to_le32(0xC000018C)
+#define STATUS_TRUSTED_RELATIONSHIP_FAILURE cpu_to_le32(0xC000018D)
+#define STATUS_EVENTLOG_FILE_CORRUPT cpu_to_le32(0xC000018E)
+#define STATUS_EVENTLOG_CANT_START cpu_to_le32(0xC000018F)
+#define STATUS_TRUST_FAILURE cpu_to_le32(0xC0000190)
+#define STATUS_MUTANT_LIMIT_EXCEEDED cpu_to_le32(0xC0000191)
+#define STATUS_NETLOGON_NOT_STARTED cpu_to_le32(0xC0000192)
+#define STATUS_ACCOUNT_EXPIRED cpu_to_le32(0xC0000193)
+#define STATUS_POSSIBLE_DEADLOCK cpu_to_le32(0xC0000194)
+#define STATUS_NETWORK_CREDENTIAL_CONFLICT cpu_to_le32(0xC0000195)
+#define STATUS_REMOTE_SESSION_LIMIT cpu_to_le32(0xC0000196)
+#define STATUS_EVENTLOG_FILE_CHANGED cpu_to_le32(0xC0000197)
+#define STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT cpu_to_le32(0xC0000198)
+#define STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT cpu_to_le32(0xC0000199)
+#define STATUS_NOLOGON_SERVER_TRUST_ACCOUNT cpu_to_le32(0xC000019A)
+#define STATUS_DOMAIN_TRUST_INCONSISTENT cpu_to_le32(0xC000019B)
+#define STATUS_FS_DRIVER_REQUIRED cpu_to_le32(0xC000019C)
+#define STATUS_IMAGE_ALREADY_LOADED_AS_DLL cpu_to_le32(0xC000019D)
+#define STATUS_NETWORK_OPEN_RESTRICTION cpu_to_le32(0xC0000201)
+#define STATUS_NO_USER_SESSION_KEY cpu_to_le32(0xC0000202)
+#define STATUS_USER_SESSION_DELETED cpu_to_le32(0xC0000203)
+#define STATUS_RESOURCE_LANG_NOT_FOUND cpu_to_le32(0xC0000204)
+#define STATUS_INSUFF_SERVER_RESOURCES cpu_to_le32(0xC0000205)
+#define STATUS_INVALID_BUFFER_SIZE cpu_to_le32(0xC0000206)
+#define STATUS_INVALID_ADDRESS_COMPONENT cpu_to_le32(0xC0000207)
+#define STATUS_INVALID_ADDRESS_WILDCARD cpu_to_le32(0xC0000208)
+#define STATUS_TOO_MANY_ADDRESSES cpu_to_le32(0xC0000209)
+#define STATUS_ADDRESS_ALREADY_EXISTS cpu_to_le32(0xC000020A)
+#define STATUS_ADDRESS_CLOSED cpu_to_le32(0xC000020B)
+#define STATUS_CONNECTION_DISCONNECTED cpu_to_le32(0xC000020C)
+#define STATUS_CONNECTION_RESET cpu_to_le32(0xC000020D)
+#define STATUS_TOO_MANY_NODES cpu_to_le32(0xC000020E)
+#define STATUS_TRANSACTION_ABORTED cpu_to_le32(0xC000020F)
+#define STATUS_TRANSACTION_TIMED_OUT cpu_to_le32(0xC0000210)
+#define STATUS_TRANSACTION_NO_RELEASE cpu_to_le32(0xC0000211)
+#define STATUS_TRANSACTION_NO_MATCH cpu_to_le32(0xC0000212)
+#define STATUS_TRANSACTION_RESPONDED cpu_to_le32(0xC0000213)
+#define STATUS_TRANSACTION_INVALID_ID cpu_to_le32(0xC0000214)
+#define STATUS_TRANSACTION_INVALID_TYPE cpu_to_le32(0xC0000215)
+#define STATUS_NOT_SERVER_SESSION cpu_to_le32(0xC0000216)
+#define STATUS_NOT_CLIENT_SESSION cpu_to_le32(0xC0000217)
+#define STATUS_CANNOT_LOAD_REGISTRY_FILE cpu_to_le32(0xC0000218)
+#define STATUS_DEBUG_ATTACH_FAILED cpu_to_le32(0xC0000219)
+#define STATUS_SYSTEM_PROCESS_TERMINATED cpu_to_le32(0xC000021A)
+#define STATUS_DATA_NOT_ACCEPTED cpu_to_le32(0xC000021B)
+#define STATUS_NO_BROWSER_SERVERS_FOUND cpu_to_le32(0xC000021C)
+#define STATUS_VDM_HARD_ERROR cpu_to_le32(0xC000021D)
+#define STATUS_DRIVER_CANCEL_TIMEOUT cpu_to_le32(0xC000021E)
+#define STATUS_REPLY_MESSAGE_MISMATCH cpu_to_le32(0xC000021F)
+#define STATUS_MAPPED_ALIGNMENT cpu_to_le32(0xC0000220)
+#define STATUS_IMAGE_CHECKSUM_MISMATCH cpu_to_le32(0xC0000221)
+#define STATUS_LOST_WRITEBEHIND_DATA cpu_to_le32(0xC0000222)
+#define STATUS_CLIENT_SERVER_PARAMETERS_INVALID cpu_to_le32(0xC0000223)
+#define STATUS_PASSWORD_MUST_CHANGE cpu_to_le32(0xC0000224)
+#define STATUS_NOT_FOUND cpu_to_le32(0xC0000225)
+#define STATUS_NOT_TINY_STREAM cpu_to_le32(0xC0000226)
+#define STATUS_RECOVERY_FAILURE cpu_to_le32(0xC0000227)
+#define STATUS_STACK_OVERFLOW_READ cpu_to_le32(0xC0000228)
+#define STATUS_FAIL_CHECK cpu_to_le32(0xC0000229)
+#define STATUS_DUPLICATE_OBJECTID cpu_to_le32(0xC000022A)
+#define STATUS_OBJECTID_EXISTS cpu_to_le32(0xC000022B)
+#define STATUS_CONVERT_TO_LARGE cpu_to_le32(0xC000022C)
+#define STATUS_RETRY cpu_to_le32(0xC000022D)
+#define STATUS_FOUND_OUT_OF_SCOPE cpu_to_le32(0xC000022E)
+#define STATUS_ALLOCATE_BUCKET cpu_to_le32(0xC000022F)
+#define STATUS_PROPSET_NOT_FOUND cpu_to_le32(0xC0000230)
+#define STATUS_MARSHALL_OVERFLOW cpu_to_le32(0xC0000231)
+#define STATUS_INVALID_VARIANT cpu_to_le32(0xC0000232)
+#define STATUS_DOMAIN_CONTROLLER_NOT_FOUND cpu_to_le32(0xC0000233)
+#define STATUS_ACCOUNT_LOCKED_OUT cpu_to_le32(0xC0000234)
+#define STATUS_HANDLE_NOT_CLOSABLE cpu_to_le32(0xC0000235)
+#define STATUS_CONNECTION_REFUSED cpu_to_le32(0xC0000236)
+#define STATUS_GRACEFUL_DISCONNECT cpu_to_le32(0xC0000237)
+#define STATUS_ADDRESS_ALREADY_ASSOCIATED cpu_to_le32(0xC0000238)
+#define STATUS_ADDRESS_NOT_ASSOCIATED cpu_to_le32(0xC0000239)
+#define STATUS_CONNECTION_INVALID cpu_to_le32(0xC000023A)
+#define STATUS_CONNECTION_ACTIVE cpu_to_le32(0xC000023B)
+#define STATUS_NETWORK_UNREACHABLE cpu_to_le32(0xC000023C)
+#define STATUS_HOST_UNREACHABLE cpu_to_le32(0xC000023D)
+#define STATUS_PROTOCOL_UNREACHABLE cpu_to_le32(0xC000023E)
+#define STATUS_PORT_UNREACHABLE cpu_to_le32(0xC000023F)
+#define STATUS_REQUEST_ABORTED cpu_to_le32(0xC0000240)
+#define STATUS_CONNECTION_ABORTED cpu_to_le32(0xC0000241)
+#define STATUS_BAD_COMPRESSION_BUFFER cpu_to_le32(0xC0000242)
+#define STATUS_USER_MAPPED_FILE cpu_to_le32(0xC0000243)
+#define STATUS_AUDIT_FAILED cpu_to_le32(0xC0000244)
+#define STATUS_TIMER_RESOLUTION_NOT_SET cpu_to_le32(0xC0000245)
+#define STATUS_CONNECTION_COUNT_LIMIT cpu_to_le32(0xC0000246)
+#define STATUS_LOGIN_TIME_RESTRICTION cpu_to_le32(0xC0000247)
+#define STATUS_LOGIN_WKSTA_RESTRICTION cpu_to_le32(0xC0000248)
+#define STATUS_IMAGE_MP_UP_MISMATCH cpu_to_le32(0xC0000249)
+#define STATUS_INSUFFICIENT_LOGON_INFO cpu_to_le32(0xC0000250)
+#define STATUS_BAD_DLL_ENTRYPOINT cpu_to_le32(0xC0000251)
+#define STATUS_BAD_SERVICE_ENTRYPOINT cpu_to_le32(0xC0000252)
+#define STATUS_LPC_REPLY_LOST cpu_to_le32(0xC0000253)
+#define STATUS_IP_ADDRESS_CONFLICT1 cpu_to_le32(0xC0000254)
+#define STATUS_IP_ADDRESS_CONFLICT2 cpu_to_le32(0xC0000255)
+#define STATUS_REGISTRY_QUOTA_LIMIT cpu_to_le32(0xC0000256)
+#define STATUS_PATH_NOT_COVERED cpu_to_le32(0xC0000257)
+#define STATUS_NO_CALLBACK_ACTIVE cpu_to_le32(0xC0000258)
+#define STATUS_LICENSE_QUOTA_EXCEEDED cpu_to_le32(0xC0000259)
+#define STATUS_PWD_TOO_SHORT cpu_to_le32(0xC000025A)
+#define STATUS_PWD_TOO_RECENT cpu_to_le32(0xC000025B)
+#define STATUS_PWD_HISTORY_CONFLICT cpu_to_le32(0xC000025C)
+#define STATUS_PLUGPLAY_NO_DEVICE cpu_to_le32(0xC000025E)
+#define STATUS_UNSUPPORTED_COMPRESSION cpu_to_le32(0xC000025F)
+#define STATUS_INVALID_HW_PROFILE cpu_to_le32(0xC0000260)
+#define STATUS_INVALID_PLUGPLAY_DEVICE_PATH cpu_to_le32(0xC0000261)
+#define STATUS_DRIVER_ORDINAL_NOT_FOUND cpu_to_le32(0xC0000262)
+#define STATUS_DRIVER_ENTRYPOINT_NOT_FOUND cpu_to_le32(0xC0000263)
+#define STATUS_RESOURCE_NOT_OWNED cpu_to_le32(0xC0000264)
+#define STATUS_TOO_MANY_LINKS cpu_to_le32(0xC0000265)
+#define STATUS_QUOTA_LIST_INCONSISTENT cpu_to_le32(0xC0000266)
+#define STATUS_FILE_IS_OFFLINE cpu_to_le32(0xC0000267)
+#define STATUS_EVALUATION_EXPIRATION cpu_to_le32(0xC0000268)
+#define STATUS_ILLEGAL_DLL_RELOCATION cpu_to_le32(0xC0000269)
+#define STATUS_LICENSE_VIOLATION cpu_to_le32(0xC000026A)
+#define STATUS_DLL_INIT_FAILED_LOGOFF cpu_to_le32(0xC000026B)
+#define STATUS_DRIVER_UNABLE_TO_LOAD cpu_to_le32(0xC000026C)
+#define STATUS_DFS_UNAVAILABLE cpu_to_le32(0xC000026D)
+#define STATUS_VOLUME_DISMOUNTED cpu_to_le32(0xC000026E)
+#define STATUS_WX86_INTERNAL_ERROR cpu_to_le32(0xC000026F)
+#define STATUS_WX86_FLOAT_STACK_CHECK cpu_to_le32(0xC0000270)
+#define STATUS_VALIDATE_CONTINUE cpu_to_le32(0xC0000271)
+#define STATUS_NO_MATCH cpu_to_le32(0xC0000272)
+#define STATUS_NO_MORE_MATCHES cpu_to_le32(0xC0000273)
+#define STATUS_NOT_A_REPARSE_POINT cpu_to_le32(0xC0000275)
+#define STATUS_IO_REPARSE_TAG_INVALID cpu_to_le32(0xC0000276)
+#define STATUS_IO_REPARSE_TAG_MISMATCH cpu_to_le32(0xC0000277)
+#define STATUS_IO_REPARSE_DATA_INVALID cpu_to_le32(0xC0000278)
+#define STATUS_IO_REPARSE_TAG_NOT_HANDLED cpu_to_le32(0xC0000279)
+#define STATUS_REPARSE_POINT_NOT_RESOLVED cpu_to_le32(0xC0000280)
+#define STATUS_DIRECTORY_IS_A_REPARSE_POINT cpu_to_le32(0xC0000281)
+#define STATUS_RANGE_LIST_CONFLICT cpu_to_le32(0xC0000282)
+#define STATUS_SOURCE_ELEMENT_EMPTY cpu_to_le32(0xC0000283)
+#define STATUS_DESTINATION_ELEMENT_FULL cpu_to_le32(0xC0000284)
+#define STATUS_ILLEGAL_ELEMENT_ADDRESS cpu_to_le32(0xC0000285)
+#define STATUS_MAGAZINE_NOT_PRESENT cpu_to_le32(0xC0000286)
+#define STATUS_REINITIALIZATION_NEEDED cpu_to_le32(0xC0000287)
+#define STATUS_ENCRYPTION_FAILED cpu_to_le32(0xC000028A)
+#define STATUS_DECRYPTION_FAILED cpu_to_le32(0xC000028B)
+#define STATUS_RANGE_NOT_FOUND cpu_to_le32(0xC000028C)
+#define STATUS_NO_RECOVERY_POLICY cpu_to_le32(0xC000028D)
+#define STATUS_NO_EFS cpu_to_le32(0xC000028E)
+#define STATUS_WRONG_EFS cpu_to_le32(0xC000028F)
+#define STATUS_NO_USER_KEYS cpu_to_le32(0xC0000290)
+#define STATUS_FILE_NOT_ENCRYPTED cpu_to_le32(0xC0000291)
+#define STATUS_NOT_EXPORT_FORMAT cpu_to_le32(0xC0000292)
+#define STATUS_FILE_ENCRYPTED cpu_to_le32(0xC0000293)
+#define STATUS_WMI_GUID_NOT_FOUND cpu_to_le32(0xC0000295)
+#define STATUS_WMI_INSTANCE_NOT_FOUND cpu_to_le32(0xC0000296)
+#define STATUS_WMI_ITEMID_NOT_FOUND cpu_to_le32(0xC0000297)
+#define STATUS_WMI_TRY_AGAIN cpu_to_le32(0xC0000298)
+#define STATUS_SHARED_POLICY cpu_to_le32(0xC0000299)
+#define STATUS_POLICY_OBJECT_NOT_FOUND cpu_to_le32(0xC000029A)
+#define STATUS_POLICY_ONLY_IN_DS cpu_to_le32(0xC000029B)
+#define STATUS_VOLUME_NOT_UPGRADED cpu_to_le32(0xC000029C)
+#define STATUS_REMOTE_STORAGE_NOT_ACTIVE cpu_to_le32(0xC000029D)
+#define STATUS_REMOTE_STORAGE_MEDIA_ERROR cpu_to_le32(0xC000029E)
+#define STATUS_NO_TRACKING_SERVICE cpu_to_le32(0xC000029F)
+#define STATUS_SERVER_SID_MISMATCH cpu_to_le32(0xC00002A0)
+#define STATUS_DS_NO_ATTRIBUTE_OR_VALUE cpu_to_le32(0xC00002A1)
+#define STATUS_DS_INVALID_ATTRIBUTE_SYNTAX cpu_to_le32(0xC00002A2)
+#define STATUS_DS_ATTRIBUTE_TYPE_UNDEFINED cpu_to_le32(0xC00002A3)
+#define STATUS_DS_ATTRIBUTE_OR_VALUE_EXISTS cpu_to_le32(0xC00002A4)
+#define STATUS_DS_BUSY cpu_to_le32(0xC00002A5)
+#define STATUS_DS_UNAVAILABLE cpu_to_le32(0xC00002A6)
+#define STATUS_DS_NO_RIDS_ALLOCATED cpu_to_le32(0xC00002A7)
+#define STATUS_DS_NO_MORE_RIDS cpu_to_le32(0xC00002A8)
+#define STATUS_DS_INCORRECT_ROLE_OWNER cpu_to_le32(0xC00002A9)
+#define STATUS_DS_RIDMGR_INIT_ERROR cpu_to_le32(0xC00002AA)
+#define STATUS_DS_OBJ_CLASS_VIOLATION cpu_to_le32(0xC00002AB)
+#define STATUS_DS_CANT_ON_NON_LEAF cpu_to_le32(0xC00002AC)
+#define STATUS_DS_CANT_ON_RDN cpu_to_le32(0xC00002AD)
+#define STATUS_DS_CANT_MOD_OBJ_CLASS cpu_to_le32(0xC00002AE)
+#define STATUS_DS_CROSS_DOM_MOVE_FAILED cpu_to_le32(0xC00002AF)
+#define STATUS_DS_GC_NOT_AVAILABLE cpu_to_le32(0xC00002B0)
+#define STATUS_DIRECTORY_SERVICE_REQUIRED cpu_to_le32(0xC00002B1)
+#define STATUS_REPARSE_ATTRIBUTE_CONFLICT cpu_to_le32(0xC00002B2)
+#define STATUS_CANT_ENABLE_DENY_ONLY cpu_to_le32(0xC00002B3)
+#define STATUS_FLOAT_MULTIPLE_FAULTS cpu_to_le32(0xC00002B4)
+#define STATUS_FLOAT_MULTIPLE_TRAPS cpu_to_le32(0xC00002B5)
+#define STATUS_DEVICE_REMOVED cpu_to_le32(0xC00002B6)
+#define STATUS_JOURNAL_DELETE_IN_PROGRESS cpu_to_le32(0xC00002B7)
+#define STATUS_JOURNAL_NOT_ACTIVE cpu_to_le32(0xC00002B8)
+#define STATUS_NOINTERFACE cpu_to_le32(0xC00002B9)
+#define STATUS_DS_ADMIN_LIMIT_EXCEEDED cpu_to_le32(0xC00002C1)
+#define STATUS_DRIVER_FAILED_SLEEP cpu_to_le32(0xC00002C2)
+#define STATUS_MUTUAL_AUTHENTICATION_FAILED cpu_to_le32(0xC00002C3)
+#define STATUS_CORRUPT_SYSTEM_FILE cpu_to_le32(0xC00002C4)
+#define STATUS_DATATYPE_MISALIGNMENT_ERROR cpu_to_le32(0xC00002C5)
+#define STATUS_WMI_READ_ONLY cpu_to_le32(0xC00002C6)
+#define STATUS_WMI_SET_FAILURE cpu_to_le32(0xC00002C7)
+#define STATUS_COMMITMENT_MINIMUM cpu_to_le32(0xC00002C8)
+#define STATUS_REG_NAT_CONSUMPTION cpu_to_le32(0xC00002C9)
+#define STATUS_TRANSPORT_FULL cpu_to_le32(0xC00002CA)
+#define STATUS_DS_SAM_INIT_FAILURE cpu_to_le32(0xC00002CB)
+#define STATUS_ONLY_IF_CONNECTED cpu_to_le32(0xC00002CC)
+#define STATUS_DS_SENSITIVE_GROUP_VIOLATION cpu_to_le32(0xC00002CD)
+#define STATUS_PNP_RESTART_ENUMERATION cpu_to_le32(0xC00002CE)
+#define STATUS_JOURNAL_ENTRY_DELETED cpu_to_le32(0xC00002CF)
+#define STATUS_DS_CANT_MOD_PRIMARYGROUPID cpu_to_le32(0xC00002D0)
+#define STATUS_SYSTEM_IMAGE_BAD_SIGNATURE cpu_to_le32(0xC00002D1)
+#define STATUS_PNP_REBOOT_REQUIRED cpu_to_le32(0xC00002D2)
+#define STATUS_POWER_STATE_INVALID cpu_to_le32(0xC00002D3)
+#define STATUS_DS_INVALID_GROUP_TYPE cpu_to_le32(0xC00002D4)
+#define STATUS_DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN cpu_to_le32(0xC00002D5)
+#define STATUS_DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN cpu_to_le32(0xC00002D6)
+#define STATUS_DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER cpu_to_le32(0xC00002D7)
+#define STATUS_DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER cpu_to_le32(0xC00002D8)
+#define STATUS_DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER cpu_to_le32(0xC00002D9)
+#define STATUS_DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER cpu_to_le32(0xC00002DA)
+#define STATUS_DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER \
+ cpu_to_le32(0xC00002DB)
+#define STATUS_DS_HAVE_PRIMARY_MEMBERS cpu_to_le32(0xC00002DC)
+#define STATUS_WMI_NOT_SUPPORTED cpu_to_le32(0xC00002DD)
+#define STATUS_INSUFFICIENT_POWER cpu_to_le32(0xC00002DE)
+#define STATUS_SAM_NEED_BOOTKEY_PASSWORD cpu_to_le32(0xC00002DF)
+#define STATUS_SAM_NEED_BOOTKEY_FLOPPY cpu_to_le32(0xC00002E0)
+#define STATUS_DS_CANT_START cpu_to_le32(0xC00002E1)
+#define STATUS_DS_INIT_FAILURE cpu_to_le32(0xC00002E2)
+#define STATUS_SAM_INIT_FAILURE cpu_to_le32(0xC00002E3)
+#define STATUS_DS_GC_REQUIRED cpu_to_le32(0xC00002E4)
+#define STATUS_DS_LOCAL_MEMBER_OF_LOCAL_ONLY cpu_to_le32(0xC00002E5)
+#define STATUS_DS_NO_FPO_IN_UNIVERSAL_GROUPS cpu_to_le32(0xC00002E6)
+#define STATUS_DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED cpu_to_le32(0xC00002E7)
+#define STATUS_MULTIPLE_FAULT_VIOLATION cpu_to_le32(0xC00002E8)
+#define STATUS_CURRENT_DOMAIN_NOT_ALLOWED cpu_to_le32(0xC00002E9)
+#define STATUS_CANNOT_MAKE cpu_to_le32(0xC00002EA)
+#define STATUS_SYSTEM_SHUTDOWN cpu_to_le32(0xC00002EB)
+#define STATUS_DS_INIT_FAILURE_CONSOLE cpu_to_le32(0xC00002EC)
+#define STATUS_DS_SAM_INIT_FAILURE_CONSOLE cpu_to_le32(0xC00002ED)
+#define STATUS_UNFINISHED_CONTEXT_DELETED cpu_to_le32(0xC00002EE)
+#define STATUS_NO_TGT_REPLY cpu_to_le32(0xC00002EF)
+#define STATUS_OBJECTID_NOT_FOUND cpu_to_le32(0xC00002F0)
+#define STATUS_NO_IP_ADDRESSES cpu_to_le32(0xC00002F1)
+#define STATUS_WRONG_CREDENTIAL_HANDLE cpu_to_le32(0xC00002F2)
+#define STATUS_CRYPTO_SYSTEM_INVALID cpu_to_le32(0xC00002F3)
+#define STATUS_MAX_REFERRALS_EXCEEDED cpu_to_le32(0xC00002F4)
+#define STATUS_MUST_BE_KDC cpu_to_le32(0xC00002F5)
+#define STATUS_STRONG_CRYPTO_NOT_SUPPORTED cpu_to_le32(0xC00002F6)
+#define STATUS_TOO_MANY_PRINCIPALS cpu_to_le32(0xC00002F7)
+#define STATUS_NO_PA_DATA cpu_to_le32(0xC00002F8)
+#define STATUS_PKINIT_NAME_MISMATCH cpu_to_le32(0xC00002F9)
+#define STATUS_SMARTCARD_LOGON_REQUIRED cpu_to_le32(0xC00002FA)
+#define STATUS_KDC_INVALID_REQUEST cpu_to_le32(0xC00002FB)
+#define STATUS_KDC_UNABLE_TO_REFER cpu_to_le32(0xC00002FC)
+#define STATUS_KDC_UNKNOWN_ETYPE cpu_to_le32(0xC00002FD)
+#define STATUS_SHUTDOWN_IN_PROGRESS cpu_to_le32(0xC00002FE)
+#define STATUS_SERVER_SHUTDOWN_IN_PROGRESS cpu_to_le32(0xC00002FF)
+#define STATUS_NOT_SUPPORTED_ON_SBS cpu_to_le32(0xC0000300)
+#define STATUS_WMI_GUID_DISCONNECTED cpu_to_le32(0xC0000301)
+#define STATUS_WMI_ALREADY_DISABLED cpu_to_le32(0xC0000302)
+#define STATUS_WMI_ALREADY_ENABLED cpu_to_le32(0xC0000303)
+#define STATUS_MFT_TOO_FRAGMENTED cpu_to_le32(0xC0000304)
+#define STATUS_COPY_PROTECTION_FAILURE cpu_to_le32(0xC0000305)
+#define STATUS_CSS_AUTHENTICATION_FAILURE cpu_to_le32(0xC0000306)
+#define STATUS_CSS_KEY_NOT_PRESENT cpu_to_le32(0xC0000307)
+#define STATUS_CSS_KEY_NOT_ESTABLISHED cpu_to_le32(0xC0000308)
+#define STATUS_CSS_SCRAMBLED_SECTOR cpu_to_le32(0xC0000309)
+#define STATUS_CSS_REGION_MISMATCH cpu_to_le32(0xC000030A)
+#define STATUS_CSS_RESETS_EXHAUSTED cpu_to_le32(0xC000030B)
+#define STATUS_PKINIT_FAILURE cpu_to_le32(0xC0000320)
+#define STATUS_SMARTCARD_SUBSYSTEM_FAILURE cpu_to_le32(0xC0000321)
+#define STATUS_NO_KERB_KEY cpu_to_le32(0xC0000322)
+#define STATUS_HOST_DOWN cpu_to_le32(0xC0000350)
+#define STATUS_UNSUPPORTED_PREAUTH cpu_to_le32(0xC0000351)
+#define STATUS_EFS_ALG_BLOB_TOO_BIG cpu_to_le32(0xC0000352)
+#define STATUS_PORT_NOT_SET cpu_to_le32(0xC0000353)
+#define STATUS_DEBUGGER_INACTIVE cpu_to_le32(0xC0000354)
+#define STATUS_DS_VERSION_CHECK_FAILURE cpu_to_le32(0xC0000355)
+#define STATUS_AUDITING_DISABLED cpu_to_le32(0xC0000356)
+#define STATUS_PRENT4_MACHINE_ACCOUNT cpu_to_le32(0xC0000357)
+#define STATUS_DS_AG_CANT_HAVE_UNIVERSAL_MEMBER cpu_to_le32(0xC0000358)
+#define STATUS_INVALID_IMAGE_WIN_32 cpu_to_le32(0xC0000359)
+#define STATUS_INVALID_IMAGE_WIN_64 cpu_to_le32(0xC000035A)
+#define STATUS_BAD_BINDINGS cpu_to_le32(0xC000035B)
+#define STATUS_NETWORK_SESSION_EXPIRED cpu_to_le32(0xC000035C)
+#define STATUS_APPHELP_BLOCK cpu_to_le32(0xC000035D)
+#define STATUS_ALL_SIDS_FILTERED cpu_to_le32(0xC000035E)
+#define STATUS_NOT_SAFE_MODE_DRIVER cpu_to_le32(0xC000035F)
+#define STATUS_ACCESS_DISABLED_BY_POLICY_DEFAULT cpu_to_le32(0xC0000361)
+#define STATUS_ACCESS_DISABLED_BY_POLICY_PATH cpu_to_le32(0xC0000362)
+#define STATUS_ACCESS_DISABLED_BY_POLICY_PUBLISHER cpu_to_le32(0xC0000363)
+#define STATUS_ACCESS_DISABLED_BY_POLICY_OTHER cpu_to_le32(0xC0000364)
+#define STATUS_FAILED_DRIVER_ENTRY cpu_to_le32(0xC0000365)
+#define STATUS_DEVICE_ENUMERATION_ERROR cpu_to_le32(0xC0000366)
+#define STATUS_MOUNT_POINT_NOT_RESOLVED cpu_to_le32(0xC0000368)
+#define STATUS_INVALID_DEVICE_OBJECT_PARAMETER cpu_to_le32(0xC0000369)
+#define STATUS_MCA_OCCURRED cpu_to_le32(0xC000036A)
+#define STATUS_DRIVER_BLOCKED_CRITICAL cpu_to_le32(0xC000036B)
+#define STATUS_DRIVER_BLOCKED cpu_to_le32(0xC000036C)
+#define STATUS_DRIVER_DATABASE_ERROR cpu_to_le32(0xC000036D)
+#define STATUS_SYSTEM_HIVE_TOO_LARGE cpu_to_le32(0xC000036E)
+#define STATUS_INVALID_IMPORT_OF_NON_DLL cpu_to_le32(0xC000036F)
+#define STATUS_NO_SECRETS cpu_to_le32(0xC0000371)
+#define STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY cpu_to_le32(0xC0000372)
+#define STATUS_FAILED_STACK_SWITCH cpu_to_le32(0xC0000373)
+#define STATUS_HEAP_CORRUPTION cpu_to_le32(0xC0000374)
+#define STATUS_SMARTCARD_WRONG_PIN cpu_to_le32(0xC0000380)
+#define STATUS_SMARTCARD_CARD_BLOCKED cpu_to_le32(0xC0000381)
+#define STATUS_SMARTCARD_CARD_NOT_AUTHENTICATED cpu_to_le32(0xC0000382)
+#define STATUS_SMARTCARD_NO_CARD cpu_to_le32(0xC0000383)
+#define STATUS_SMARTCARD_NO_KEY_CONTAINER cpu_to_le32(0xC0000384)
+#define STATUS_SMARTCARD_NO_CERTIFICATE cpu_to_le32(0xC0000385)
+#define STATUS_SMARTCARD_NO_KEYSET cpu_to_le32(0xC0000386)
+#define STATUS_SMARTCARD_IO_ERROR cpu_to_le32(0xC0000387)
+#define STATUS_DOWNGRADE_DETECTED cpu_to_le32(0xC0000388)
+#define STATUS_SMARTCARD_CERT_REVOKED cpu_to_le32(0xC0000389)
+#define STATUS_ISSUING_CA_UNTRUSTED cpu_to_le32(0xC000038A)
+#define STATUS_REVOCATION_OFFLINE_C cpu_to_le32(0xC000038B)
+#define STATUS_PKINIT_CLIENT_FAILURE cpu_to_le32(0xC000038C)
+#define STATUS_SMARTCARD_CERT_EXPIRED cpu_to_le32(0xC000038D)
+#define STATUS_DRIVER_FAILED_PRIOR_UNLOAD cpu_to_le32(0xC000038E)
+#define STATUS_SMARTCARD_SILENT_CONTEXT cpu_to_le32(0xC000038F)
+#define STATUS_PER_USER_TRUST_QUOTA_EXCEEDED cpu_to_le32(0xC0000401)
+#define STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED cpu_to_le32(0xC0000402)
+#define STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED cpu_to_le32(0xC0000403)
+#define STATUS_DS_NAME_NOT_UNIQUE cpu_to_le32(0xC0000404)
+#define STATUS_DS_DUPLICATE_ID_FOUND cpu_to_le32(0xC0000405)
+#define STATUS_DS_GROUP_CONVERSION_ERROR cpu_to_le32(0xC0000406)
+#define STATUS_VOLSNAP_PREPARE_HIBERNATE cpu_to_le32(0xC0000407)
+#define STATUS_USER2USER_REQUIRED cpu_to_le32(0xC0000408)
+#define STATUS_STACK_BUFFER_OVERRUN cpu_to_le32(0xC0000409)
+#define STATUS_NO_S4U_PROT_SUPPORT cpu_to_le32(0xC000040A)
+#define STATUS_CROSSREALM_DELEGATION_FAILURE cpu_to_le32(0xC000040B)
+#define STATUS_REVOCATION_OFFLINE_KDC cpu_to_le32(0xC000040C)
+#define STATUS_ISSUING_CA_UNTRUSTED_KDC cpu_to_le32(0xC000040D)
+#define STATUS_KDC_CERT_EXPIRED cpu_to_le32(0xC000040E)
+#define STATUS_KDC_CERT_REVOKED cpu_to_le32(0xC000040F)
+#define STATUS_PARAMETER_QUOTA_EXCEEDED cpu_to_le32(0xC0000410)
+#define STATUS_HIBERNATION_FAILURE cpu_to_le32(0xC0000411)
+#define STATUS_DELAY_LOAD_FAILED cpu_to_le32(0xC0000412)
+#define STATUS_AUTHENTICATION_FIREWALL_FAILED cpu_to_le32(0xC0000413)
+#define STATUS_VDM_DISALLOWED cpu_to_le32(0xC0000414)
+#define STATUS_HUNG_DISPLAY_DRIVER_THREAD cpu_to_le32(0xC0000415)
+#define STATUS_INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE \
+ cpu_to_le32(0xC0000416)
+#define STATUS_INVALID_CRUNTIME_PARAMETER cpu_to_le32(0xC0000417)
+#define STATUS_NTLM_BLOCKED cpu_to_le32(0xC0000418)
+#define STATUS_ASSERTION_FAILURE cpu_to_le32(0xC0000420)
+#define STATUS_VERIFIER_STOP cpu_to_le32(0xC0000421)
+#define STATUS_CALLBACK_POP_STACK cpu_to_le32(0xC0000423)
+#define STATUS_INCOMPATIBLE_DRIVER_BLOCKED cpu_to_le32(0xC0000424)
+#define STATUS_HIVE_UNLOADED cpu_to_le32(0xC0000425)
+#define STATUS_COMPRESSION_DISABLED cpu_to_le32(0xC0000426)
+#define STATUS_FILE_SYSTEM_LIMITATION cpu_to_le32(0xC0000427)
+#define STATUS_INVALID_IMAGE_HASH cpu_to_le32(0xC0000428)
+#define STATUS_NOT_CAPABLE cpu_to_le32(0xC0000429)
+#define STATUS_REQUEST_OUT_OF_SEQUENCE cpu_to_le32(0xC000042A)
+#define STATUS_IMPLEMENTATION_LIMIT cpu_to_le32(0xC000042B)
+#define STATUS_ELEVATION_REQUIRED cpu_to_le32(0xC000042C)
+#define STATUS_BEYOND_VDL cpu_to_le32(0xC0000432)
+#define STATUS_ENCOUNTERED_WRITE_IN_PROGRESS cpu_to_le32(0xC0000433)
+#define STATUS_PTE_CHANGED cpu_to_le32(0xC0000434)
+#define STATUS_PURGE_FAILED cpu_to_le32(0xC0000435)
+#define STATUS_CRED_REQUIRES_CONFIRMATION cpu_to_le32(0xC0000440)
+#define STATUS_CS_ENCRYPTION_INVALID_SERVER_RESPONSE cpu_to_le32(0xC0000441)
+#define STATUS_CS_ENCRYPTION_UNSUPPORTED_SERVER cpu_to_le32(0xC0000442)
+#define STATUS_CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE cpu_to_le32(0xC0000443)
+#define STATUS_CS_ENCRYPTION_NEW_ENCRYPTED_FILE cpu_to_le32(0xC0000444)
+#define STATUS_CS_ENCRYPTION_FILE_NOT_CSE cpu_to_le32(0xC0000445)
+#define STATUS_INVALID_LABEL cpu_to_le32(0xC0000446)
+#define STATUS_DRIVER_PROCESS_TERMINATED cpu_to_le32(0xC0000450)
+#define STATUS_AMBIGUOUS_SYSTEM_DEVICE cpu_to_le32(0xC0000451)
+#define STATUS_SYSTEM_DEVICE_NOT_FOUND cpu_to_le32(0xC0000452)
+#define STATUS_RESTART_BOOT_APPLICATION cpu_to_le32(0xC0000453)
+#define STATUS_INVALID_TASK_NAME cpu_to_le32(0xC0000500)
+#define STATUS_INVALID_TASK_INDEX cpu_to_le32(0xC0000501)
+#define STATUS_THREAD_ALREADY_IN_TASK cpu_to_le32(0xC0000502)
+#define STATUS_CALLBACK_BYPASS cpu_to_le32(0xC0000503)
+#define STATUS_PORT_CLOSED cpu_to_le32(0xC0000700)
+#define STATUS_MESSAGE_LOST cpu_to_le32(0xC0000701)
+#define STATUS_INVALID_MESSAGE cpu_to_le32(0xC0000702)
+#define STATUS_REQUEST_CANCELED cpu_to_le32(0xC0000703)
+#define STATUS_RECURSIVE_DISPATCH cpu_to_le32(0xC0000704)
+#define STATUS_LPC_RECEIVE_BUFFER_EXPECTED cpu_to_le32(0xC0000705)
+#define STATUS_LPC_INVALID_CONNECTION_USAGE cpu_to_le32(0xC0000706)
+#define STATUS_LPC_REQUESTS_NOT_ALLOWED cpu_to_le32(0xC0000707)
+#define STATUS_RESOURCE_IN_USE cpu_to_le32(0xC0000708)
+#define STATUS_HARDWARE_MEMORY_ERROR cpu_to_le32(0xC0000709)
+#define STATUS_THREADPOOL_HANDLE_EXCEPTION cpu_to_le32(0xC000070A)
+#define STATUS_THREADPOOL_SET_EVENT_ON_COMPLETION_FAILED cpu_to_le32(0xC000070B)
+#define STATUS_THREADPOOL_RELEASE_SEMAPHORE_ON_COMPLETION_FAILED \
+ cpu_to_le32(0xC000070C)
+#define STATUS_THREADPOOL_RELEASE_MUTEX_ON_COMPLETION_FAILED \
+ cpu_to_le32(0xC000070D)
+#define STATUS_THREADPOOL_FREE_LIBRARY_ON_COMPLETION_FAILED \
+ cpu_to_le32(0xC000070E)
+#define STATUS_THREADPOOL_RELEASED_DURING_OPERATION cpu_to_le32(0xC000070F)
+#define STATUS_CALLBACK_RETURNED_WHILE_IMPERSONATING cpu_to_le32(0xC0000710)
+#define STATUS_APC_RETURNED_WHILE_IMPERSONATING cpu_to_le32(0xC0000711)
+#define STATUS_PROCESS_IS_PROTECTED cpu_to_le32(0xC0000712)
+#define STATUS_MCA_EXCEPTION cpu_to_le32(0xC0000713)
+#define STATUS_CERTIFICATE_MAPPING_NOT_UNIQUE cpu_to_le32(0xC0000714)
+#define STATUS_SYMLINK_CLASS_DISABLED cpu_to_le32(0xC0000715)
+#define STATUS_INVALID_IDN_NORMALIZATION cpu_to_le32(0xC0000716)
+#define STATUS_NO_UNICODE_TRANSLATION cpu_to_le32(0xC0000717)
+#define STATUS_ALREADY_REGISTERED cpu_to_le32(0xC0000718)
+#define STATUS_CONTEXT_MISMATCH cpu_to_le32(0xC0000719)
+#define STATUS_PORT_ALREADY_HAS_COMPLETION_LIST cpu_to_le32(0xC000071A)
+#define STATUS_CALLBACK_RETURNED_THREAD_PRIORITY cpu_to_le32(0xC000071B)
+#define STATUS_INVALID_THREAD cpu_to_le32(0xC000071C)
+#define STATUS_CALLBACK_RETURNED_TRANSACTION cpu_to_le32(0xC000071D)
+#define STATUS_CALLBACK_RETURNED_LDR_LOCK cpu_to_le32(0xC000071E)
+#define STATUS_CALLBACK_RETURNED_LANG cpu_to_le32(0xC000071F)
+#define STATUS_CALLBACK_RETURNED_PRI_BACK cpu_to_le32(0xC0000720)
+#define STATUS_CALLBACK_RETURNED_THREAD_AFFINITY cpu_to_le32(0xC0000721)
+#define STATUS_DISK_REPAIR_DISABLED cpu_to_le32(0xC0000800)
+#define STATUS_DS_DOMAIN_RENAME_IN_PROGRESS cpu_to_le32(0xC0000801)
+#define STATUS_DISK_QUOTA_EXCEEDED cpu_to_le32(0xC0000802)
+#define STATUS_CONTENT_BLOCKED cpu_to_le32(0xC0000804)
+#define STATUS_BAD_CLUSTERS cpu_to_le32(0xC0000805)
+#define STATUS_VOLUME_DIRTY cpu_to_le32(0xC0000806)
+#define STATUS_FILE_CHECKED_OUT cpu_to_le32(0xC0000901)
+#define STATUS_CHECKOUT_REQUIRED cpu_to_le32(0xC0000902)
+#define STATUS_BAD_FILE_TYPE cpu_to_le32(0xC0000903)
+#define STATUS_FILE_TOO_LARGE cpu_to_le32(0xC0000904)
+#define STATUS_FORMS_AUTH_REQUIRED cpu_to_le32(0xC0000905)
+#define STATUS_VIRUS_INFECTED cpu_to_le32(0xC0000906)
+#define STATUS_VIRUS_DELETED cpu_to_le32(0xC0000907)
+#define STATUS_BAD_MCFG_TABLE cpu_to_le32(0xC0000908)
+#define STATUS_WOW_ASSERTION cpu_to_le32(0xC0009898)
+#define STATUS_INVALID_SIGNATURE cpu_to_le32(0xC000A000)
+#define STATUS_HMAC_NOT_SUPPORTED cpu_to_le32(0xC000A001)
+#define STATUS_IPSEC_QUEUE_OVERFLOW cpu_to_le32(0xC000A010)
+#define STATUS_ND_QUEUE_OVERFLOW cpu_to_le32(0xC000A011)
+#define STATUS_HOPLIMIT_EXCEEDED cpu_to_le32(0xC000A012)
+#define STATUS_PROTOCOL_NOT_SUPPORTED cpu_to_le32(0xC000A013)
+#define STATUS_LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED \
+ cpu_to_le32(0xC000A080)
+#define STATUS_LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR \
+ cpu_to_le32(0xC000A081)
+#define STATUS_LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR cpu_to_le32(0xC000A082)
+#define STATUS_XML_PARSE_ERROR cpu_to_le32(0xC000A083)
+#define STATUS_XMLDSIG_ERROR cpu_to_le32(0xC000A084)
+#define STATUS_WRONG_COMPARTMENT cpu_to_le32(0xC000A085)
+#define STATUS_AUTHIP_FAILURE cpu_to_le32(0xC000A086)
+#define DBG_NO_STATE_CHANGE cpu_to_le32(0xC0010001)
+#define DBG_APP_NOT_IDLE cpu_to_le32(0xC0010002)
+#define RPC_NT_INVALID_STRING_BINDING cpu_to_le32(0xC0020001)
+#define RPC_NT_WRONG_KIND_OF_BINDING cpu_to_le32(0xC0020002)
+#define RPC_NT_INVALID_BINDING cpu_to_le32(0xC0020003)
+#define RPC_NT_PROTSEQ_NOT_SUPPORTED cpu_to_le32(0xC0020004)
+#define RPC_NT_INVALID_RPC_PROTSEQ cpu_to_le32(0xC0020005)
+#define RPC_NT_INVALID_STRING_UUID cpu_to_le32(0xC0020006)
+#define RPC_NT_INVALID_ENDPOINT_FORMAT cpu_to_le32(0xC0020007)
+#define RPC_NT_INVALID_NET_ADDR cpu_to_le32(0xC0020008)
+#define RPC_NT_NO_ENDPOINT_FOUND cpu_to_le32(0xC0020009)
+#define RPC_NT_INVALID_TIMEOUT cpu_to_le32(0xC002000A)
+#define RPC_NT_OBJECT_NOT_FOUND cpu_to_le32(0xC002000B)
+#define RPC_NT_ALREADY_REGISTERED cpu_to_le32(0xC002000C)
+#define RPC_NT_TYPE_ALREADY_REGISTERED cpu_to_le32(0xC002000D)
+#define RPC_NT_ALREADY_LISTENING cpu_to_le32(0xC002000E)
+#define RPC_NT_NO_PROTSEQS_REGISTERED cpu_to_le32(0xC002000F)
+#define RPC_NT_NOT_LISTENING cpu_to_le32(0xC0020010)
+#define RPC_NT_UNKNOWN_MGR_TYPE cpu_to_le32(0xC0020011)
+#define RPC_NT_UNKNOWN_IF cpu_to_le32(0xC0020012)
+#define RPC_NT_NO_BINDINGS cpu_to_le32(0xC0020013)
+#define RPC_NT_NO_PROTSEQS cpu_to_le32(0xC0020014)
+#define RPC_NT_CANT_CREATE_ENDPOINT cpu_to_le32(0xC0020015)
+#define RPC_NT_OUT_OF_RESOURCES cpu_to_le32(0xC0020016)
+#define RPC_NT_SERVER_UNAVAILABLE cpu_to_le32(0xC0020017)
+#define RPC_NT_SERVER_TOO_BUSY cpu_to_le32(0xC0020018)
+#define RPC_NT_INVALID_NETWORK_OPTIONS cpu_to_le32(0xC0020019)
+#define RPC_NT_NO_CALL_ACTIVE cpu_to_le32(0xC002001A)
+#define RPC_NT_CALL_FAILED cpu_to_le32(0xC002001B)
+#define RPC_NT_CALL_FAILED_DNE cpu_to_le32(0xC002001C)
+#define RPC_NT_PROTOCOL_ERROR cpu_to_le32(0xC002001D)
+#define RPC_NT_UNSUPPORTED_TRANS_SYN cpu_to_le32(0xC002001F)
+#define RPC_NT_UNSUPPORTED_TYPE cpu_to_le32(0xC0020021)
+#define RPC_NT_INVALID_TAG cpu_to_le32(0xC0020022)
+#define RPC_NT_INVALID_BOUND cpu_to_le32(0xC0020023)
+#define RPC_NT_NO_ENTRY_NAME cpu_to_le32(0xC0020024)
+#define RPC_NT_INVALID_NAME_SYNTAX cpu_to_le32(0xC0020025)
+#define RPC_NT_UNSUPPORTED_NAME_SYNTAX cpu_to_le32(0xC0020026)
+#define RPC_NT_UUID_NO_ADDRESS cpu_to_le32(0xC0020028)
+#define RPC_NT_DUPLICATE_ENDPOINT cpu_to_le32(0xC0020029)
+#define RPC_NT_UNKNOWN_AUTHN_TYPE cpu_to_le32(0xC002002A)
+#define RPC_NT_MAX_CALLS_TOO_SMALL cpu_to_le32(0xC002002B)
+#define RPC_NT_STRING_TOO_LONG cpu_to_le32(0xC002002C)
+#define RPC_NT_PROTSEQ_NOT_FOUND cpu_to_le32(0xC002002D)
+#define RPC_NT_PROCNUM_OUT_OF_RANGE cpu_to_le32(0xC002002E)
+#define RPC_NT_BINDING_HAS_NO_AUTH cpu_to_le32(0xC002002F)
+#define RPC_NT_UNKNOWN_AUTHN_SERVICE cpu_to_le32(0xC0020030)
+#define RPC_NT_UNKNOWN_AUTHN_LEVEL cpu_to_le32(0xC0020031)
+#define RPC_NT_INVALID_AUTH_IDENTITY cpu_to_le32(0xC0020032)
+#define RPC_NT_UNKNOWN_AUTHZ_SERVICE cpu_to_le32(0xC0020033)
+#define EPT_NT_INVALID_ENTRY cpu_to_le32(0xC0020034)
+#define EPT_NT_CANT_PERFORM_OP cpu_to_le32(0xC0020035)
+#define EPT_NT_NOT_REGISTERED cpu_to_le32(0xC0020036)
+#define RPC_NT_NOTHING_TO_EXPORT cpu_to_le32(0xC0020037)
+#define RPC_NT_INCOMPLETE_NAME cpu_to_le32(0xC0020038)
+#define RPC_NT_INVALID_VERS_OPTION cpu_to_le32(0xC0020039)
+#define RPC_NT_NO_MORE_MEMBERS cpu_to_le32(0xC002003A)
+#define RPC_NT_NOT_ALL_OBJS_UNEXPORTED cpu_to_le32(0xC002003B)
+#define RPC_NT_INTERFACE_NOT_FOUND cpu_to_le32(0xC002003C)
+#define RPC_NT_ENTRY_ALREADY_EXISTS cpu_to_le32(0xC002003D)
+#define RPC_NT_ENTRY_NOT_FOUND cpu_to_le32(0xC002003E)
+#define RPC_NT_NAME_SERVICE_UNAVAILABLE cpu_to_le32(0xC002003F)
+#define RPC_NT_INVALID_NAF_ID cpu_to_le32(0xC0020040)
+#define RPC_NT_CANNOT_SUPPORT cpu_to_le32(0xC0020041)
+#define RPC_NT_NO_CONTEXT_AVAILABLE cpu_to_le32(0xC0020042)
+#define RPC_NT_INTERNAL_ERROR cpu_to_le32(0xC0020043)
+#define RPC_NT_ZERO_DIVIDE cpu_to_le32(0xC0020044)
+#define RPC_NT_ADDRESS_ERROR cpu_to_le32(0xC0020045)
+#define RPC_NT_FP_DIV_ZERO cpu_to_le32(0xC0020046)
+#define RPC_NT_FP_UNDERFLOW cpu_to_le32(0xC0020047)
+#define RPC_NT_FP_OVERFLOW cpu_to_le32(0xC0020048)
+#define RPC_NT_CALL_IN_PROGRESS cpu_to_le32(0xC0020049)
+#define RPC_NT_NO_MORE_BINDINGS cpu_to_le32(0xC002004A)
+#define RPC_NT_GROUP_MEMBER_NOT_FOUND cpu_to_le32(0xC002004B)
+#define EPT_NT_CANT_CREATE cpu_to_le32(0xC002004C)
+#define RPC_NT_INVALID_OBJECT cpu_to_le32(0xC002004D)
+#define RPC_NT_NO_INTERFACES cpu_to_le32(0xC002004F)
+#define RPC_NT_CALL_CANCELLED cpu_to_le32(0xC0020050)
+#define RPC_NT_BINDING_INCOMPLETE cpu_to_le32(0xC0020051)
+#define RPC_NT_COMM_FAILURE cpu_to_le32(0xC0020052)
+#define RPC_NT_UNSUPPORTED_AUTHN_LEVEL cpu_to_le32(0xC0020053)
+#define RPC_NT_NO_PRINC_NAME cpu_to_le32(0xC0020054)
+#define RPC_NT_NOT_RPC_ERROR cpu_to_le32(0xC0020055)
+#define RPC_NT_SEC_PKG_ERROR cpu_to_le32(0xC0020057)
+#define RPC_NT_NOT_CANCELLED cpu_to_le32(0xC0020058)
+#define RPC_NT_INVALID_ASYNC_HANDLE cpu_to_le32(0xC0020062)
+#define RPC_NT_INVALID_ASYNC_CALL cpu_to_le32(0xC0020063)
+#define RPC_NT_PROXY_ACCESS_DENIED cpu_to_le32(0xC0020064)
+#define RPC_NT_NO_MORE_ENTRIES cpu_to_le32(0xC0030001)
+#define RPC_NT_SS_CHAR_TRANS_OPEN_FAIL cpu_to_le32(0xC0030002)
+#define RPC_NT_SS_CHAR_TRANS_SHORT_FILE cpu_to_le32(0xC0030003)
+#define RPC_NT_SS_IN_NULL_CONTEXT cpu_to_le32(0xC0030004)
+#define RPC_NT_SS_CONTEXT_MISMATCH cpu_to_le32(0xC0030005)
+#define RPC_NT_SS_CONTEXT_DAMAGED cpu_to_le32(0xC0030006)
+#define RPC_NT_SS_HANDLES_MISMATCH cpu_to_le32(0xC0030007)
+#define RPC_NT_SS_CANNOT_GET_CALL_HANDLE cpu_to_le32(0xC0030008)
+#define RPC_NT_NULL_REF_POINTER cpu_to_le32(0xC0030009)
+#define RPC_NT_ENUM_VALUE_OUT_OF_RANGE cpu_to_le32(0xC003000A)
+#define RPC_NT_BYTE_COUNT_TOO_SMALL cpu_to_le32(0xC003000B)
+#define RPC_NT_BAD_STUB_DATA cpu_to_le32(0xC003000C)
+#define RPC_NT_INVALID_ES_ACTION cpu_to_le32(0xC0030059)
+#define RPC_NT_WRONG_ES_VERSION cpu_to_le32(0xC003005A)
+#define RPC_NT_WRONG_STUB_VERSION cpu_to_le32(0xC003005B)
+#define RPC_NT_INVALID_PIPE_OBJECT cpu_to_le32(0xC003005C)
+#define RPC_NT_INVALID_PIPE_OPERATION cpu_to_le32(0xC003005D)
+#define RPC_NT_WRONG_PIPE_VERSION cpu_to_le32(0xC003005E)
+#define RPC_NT_PIPE_CLOSED cpu_to_le32(0xC003005F)
+#define RPC_NT_PIPE_DISCIPLINE_ERROR cpu_to_le32(0xC0030060)
+#define RPC_NT_PIPE_EMPTY cpu_to_le32(0xC0030061)
+#define STATUS_PNP_BAD_MPS_TABLE cpu_to_le32(0xC0040035)
+#define STATUS_PNP_TRANSLATION_FAILED cpu_to_le32(0xC0040036)
+#define STATUS_PNP_IRQ_TRANSLATION_FAILED cpu_to_le32(0xC0040037)
+#define STATUS_PNP_INVALID_ID cpu_to_le32(0xC0040038)
+#define STATUS_IO_REISSUE_AS_CACHED cpu_to_le32(0xC0040039)
+#define STATUS_CTX_WINSTATION_NAME_INVALID cpu_to_le32(0xC00A0001)
+#define STATUS_CTX_INVALID_PD cpu_to_le32(0xC00A0002)
+#define STATUS_CTX_PD_NOT_FOUND cpu_to_le32(0xC00A0003)
+#define STATUS_CTX_CLOSE_PENDING cpu_to_le32(0xC00A0006)
+#define STATUS_CTX_NO_OUTBUF cpu_to_le32(0xC00A0007)
+#define STATUS_CTX_MODEM_INF_NOT_FOUND cpu_to_le32(0xC00A0008)
+#define STATUS_CTX_INVALID_MODEMNAME cpu_to_le32(0xC00A0009)
+#define STATUS_CTX_RESPONSE_ERROR cpu_to_le32(0xC00A000A)
+#define STATUS_CTX_MODEM_RESPONSE_TIMEOUT cpu_to_le32(0xC00A000B)
+#define STATUS_CTX_MODEM_RESPONSE_NO_CARRIER cpu_to_le32(0xC00A000C)
+#define STATUS_CTX_MODEM_RESPONSE_NO_DIALTONE cpu_to_le32(0xC00A000D)
+#define STATUS_CTX_MODEM_RESPONSE_BUSY cpu_to_le32(0xC00A000E)
+#define STATUS_CTX_MODEM_RESPONSE_VOICE cpu_to_le32(0xC00A000F)
+#define STATUS_CTX_TD_ERROR cpu_to_le32(0xC00A0010)
+#define STATUS_CTX_LICENSE_CLIENT_INVALID cpu_to_le32(0xC00A0012)
+#define STATUS_CTX_LICENSE_NOT_AVAILABLE cpu_to_le32(0xC00A0013)
+#define STATUS_CTX_LICENSE_EXPIRED cpu_to_le32(0xC00A0014)
+#define STATUS_CTX_WINSTATION_NOT_FOUND cpu_to_le32(0xC00A0015)
+#define STATUS_CTX_WINSTATION_NAME_COLLISION cpu_to_le32(0xC00A0016)
+#define STATUS_CTX_WINSTATION_BUSY cpu_to_le32(0xC00A0017)
+#define STATUS_CTX_BAD_VIDEO_MODE cpu_to_le32(0xC00A0018)
+#define STATUS_CTX_GRAPHICS_INVALID cpu_to_le32(0xC00A0022)
+#define STATUS_CTX_NOT_CONSOLE cpu_to_le32(0xC00A0024)
+#define STATUS_CTX_CLIENT_QUERY_TIMEOUT cpu_to_le32(0xC00A0026)
+#define STATUS_CTX_CONSOLE_DISCONNECT cpu_to_le32(0xC00A0027)
+#define STATUS_CTX_CONSOLE_CONNECT cpu_to_le32(0xC00A0028)
+#define STATUS_CTX_SHADOW_DENIED cpu_to_le32(0xC00A002A)
+#define STATUS_CTX_WINSTATION_ACCESS_DENIED cpu_to_le32(0xC00A002B)
+#define STATUS_CTX_INVALID_WD cpu_to_le32(0xC00A002E)
+#define STATUS_CTX_WD_NOT_FOUND cpu_to_le32(0xC00A002F)
+#define STATUS_CTX_SHADOW_INVALID cpu_to_le32(0xC00A0030)
+#define STATUS_CTX_SHADOW_DISABLED cpu_to_le32(0xC00A0031)
+#define STATUS_RDP_PROTOCOL_ERROR cpu_to_le32(0xC00A0032)
+#define STATUS_CTX_CLIENT_LICENSE_NOT_SET cpu_to_le32(0xC00A0033)
+#define STATUS_CTX_CLIENT_LICENSE_IN_USE cpu_to_le32(0xC00A0034)
+#define STATUS_CTX_SHADOW_ENDED_BY_MODE_CHANGE cpu_to_le32(0xC00A0035)
+#define STATUS_CTX_SHADOW_NOT_RUNNING cpu_to_le32(0xC00A0036)
+#define STATUS_CTX_LOGON_DISABLED cpu_to_le32(0xC00A0037)
+#define STATUS_CTX_SECURITY_LAYER_ERROR cpu_to_le32(0xC00A0038)
+#define STATUS_TS_INCOMPATIBLE_SESSIONS cpu_to_le32(0xC00A0039)
+#define STATUS_MUI_FILE_NOT_FOUND cpu_to_le32(0xC00B0001)
+#define STATUS_MUI_INVALID_FILE cpu_to_le32(0xC00B0002)
+#define STATUS_MUI_INVALID_RC_CONFIG cpu_to_le32(0xC00B0003)
+#define STATUS_MUI_INVALID_LOCALE_NAME cpu_to_le32(0xC00B0004)
+#define STATUS_MUI_INVALID_ULTIMATEFALLBACK_NAME cpu_to_le32(0xC00B0005)
+#define STATUS_MUI_FILE_NOT_LOADED cpu_to_le32(0xC00B0006)
+#define STATUS_RESOURCE_ENUM_USER_STOP cpu_to_le32(0xC00B0007)
+#define STATUS_CLUSTER_INVALID_NODE cpu_to_le32(0xC0130001)
+#define STATUS_CLUSTER_NODE_EXISTS cpu_to_le32(0xC0130002)
+#define STATUS_CLUSTER_JOIN_IN_PROGRESS cpu_to_le32(0xC0130003)
+#define STATUS_CLUSTER_NODE_NOT_FOUND cpu_to_le32(0xC0130004)
+#define STATUS_CLUSTER_LOCAL_NODE_NOT_FOUND cpu_to_le32(0xC0130005)
+#define STATUS_CLUSTER_NETWORK_EXISTS cpu_to_le32(0xC0130006)
+#define STATUS_CLUSTER_NETWORK_NOT_FOUND cpu_to_le32(0xC0130007)
+#define STATUS_CLUSTER_NETINTERFACE_EXISTS cpu_to_le32(0xC0130008)
+#define STATUS_CLUSTER_NETINTERFACE_NOT_FOUND cpu_to_le32(0xC0130009)
+#define STATUS_CLUSTER_INVALID_REQUEST cpu_to_le32(0xC013000A)
+#define STATUS_CLUSTER_INVALID_NETWORK_PROVIDER cpu_to_le32(0xC013000B)
+#define STATUS_CLUSTER_NODE_DOWN cpu_to_le32(0xC013000C)
+#define STATUS_CLUSTER_NODE_UNREACHABLE cpu_to_le32(0xC013000D)
+#define STATUS_CLUSTER_NODE_NOT_MEMBER cpu_to_le32(0xC013000E)
+#define STATUS_CLUSTER_JOIN_NOT_IN_PROGRESS cpu_to_le32(0xC013000F)
+#define STATUS_CLUSTER_INVALID_NETWORK cpu_to_le32(0xC0130010)
+#define STATUS_CLUSTER_NO_NET_ADAPTERS cpu_to_le32(0xC0130011)
+#define STATUS_CLUSTER_NODE_UP cpu_to_le32(0xC0130012)
+#define STATUS_CLUSTER_NODE_PAUSED cpu_to_le32(0xC0130013)
+#define STATUS_CLUSTER_NODE_NOT_PAUSED cpu_to_le32(0xC0130014)
+#define STATUS_CLUSTER_NO_SECURITY_CONTEXT cpu_to_le32(0xC0130015)
+#define STATUS_CLUSTER_NETWORK_NOT_INTERNAL cpu_to_le32(0xC0130016)
+#define STATUS_CLUSTER_POISONED cpu_to_le32(0xC0130017)
+#define STATUS_ACPI_INVALID_OPCODE cpu_to_le32(0xC0140001)
+#define STATUS_ACPI_STACK_OVERFLOW cpu_to_le32(0xC0140002)
+#define STATUS_ACPI_ASSERT_FAILED cpu_to_le32(0xC0140003)
+#define STATUS_ACPI_INVALID_INDEX cpu_to_le32(0xC0140004)
+#define STATUS_ACPI_INVALID_ARGUMENT cpu_to_le32(0xC0140005)
+#define STATUS_ACPI_FATAL cpu_to_le32(0xC0140006)
+#define STATUS_ACPI_INVALID_SUPERNAME cpu_to_le32(0xC0140007)
+#define STATUS_ACPI_INVALID_ARGTYPE cpu_to_le32(0xC0140008)
+#define STATUS_ACPI_INVALID_OBJTYPE cpu_to_le32(0xC0140009)
+#define STATUS_ACPI_INVALID_TARGETTYPE cpu_to_le32(0xC014000A)
+#define STATUS_ACPI_INCORRECT_ARGUMENT_COUNT cpu_to_le32(0xC014000B)
+#define STATUS_ACPI_ADDRESS_NOT_MAPPED cpu_to_le32(0xC014000C)
+#define STATUS_ACPI_INVALID_EVENTTYPE cpu_to_le32(0xC014000D)
+#define STATUS_ACPI_HANDLER_COLLISION cpu_to_le32(0xC014000E)
+#define STATUS_ACPI_INVALID_DATA cpu_to_le32(0xC014000F)
+#define STATUS_ACPI_INVALID_REGION cpu_to_le32(0xC0140010)
+#define STATUS_ACPI_INVALID_ACCESS_SIZE cpu_to_le32(0xC0140011)
+#define STATUS_ACPI_ACQUIRE_GLOBAL_LOCK cpu_to_le32(0xC0140012)
+#define STATUS_ACPI_ALREADY_INITIALIZED cpu_to_le32(0xC0140013)
+#define STATUS_ACPI_NOT_INITIALIZED cpu_to_le32(0xC0140014)
+#define STATUS_ACPI_INVALID_MUTEX_LEVEL cpu_to_le32(0xC0140015)
+#define STATUS_ACPI_MUTEX_NOT_OWNED cpu_to_le32(0xC0140016)
+#define STATUS_ACPI_MUTEX_NOT_OWNER cpu_to_le32(0xC0140017)
+#define STATUS_ACPI_RS_ACCESS cpu_to_le32(0xC0140018)
+#define STATUS_ACPI_INVALID_TABLE cpu_to_le32(0xC0140019)
+#define STATUS_ACPI_REG_HANDLER_FAILED cpu_to_le32(0xC0140020)
+#define STATUS_ACPI_POWER_REQUEST_FAILED cpu_to_le32(0xC0140021)
+#define STATUS_SXS_SECTION_NOT_FOUND cpu_to_le32(0xC0150001)
+#define STATUS_SXS_CANT_GEN_ACTCTX cpu_to_le32(0xC0150002)
+#define STATUS_SXS_INVALID_ACTCTXDATA_FORMAT cpu_to_le32(0xC0150003)
+#define STATUS_SXS_ASSEMBLY_NOT_FOUND cpu_to_le32(0xC0150004)
+#define STATUS_SXS_MANIFEST_FORMAT_ERROR cpu_to_le32(0xC0150005)
+#define STATUS_SXS_MANIFEST_PARSE_ERROR cpu_to_le32(0xC0150006)
+#define STATUS_SXS_ACTIVATION_CONTEXT_DISABLED cpu_to_le32(0xC0150007)
+#define STATUS_SXS_KEY_NOT_FOUND cpu_to_le32(0xC0150008)
+#define STATUS_SXS_VERSION_CONFLICT cpu_to_le32(0xC0150009)
+#define STATUS_SXS_WRONG_SECTION_TYPE cpu_to_le32(0xC015000A)
+#define STATUS_SXS_THREAD_QUERIES_DISABLED cpu_to_le32(0xC015000B)
+#define STATUS_SXS_ASSEMBLY_MISSING cpu_to_le32(0xC015000C)
+#define STATUS_SXS_PROCESS_DEFAULT_ALREADY_SET cpu_to_le32(0xC015000E)
+#define STATUS_SXS_EARLY_DEACTIVATION cpu_to_le32(0xC015000F)
+#define STATUS_SXS_INVALID_DEACTIVATION cpu_to_le32(0xC0150010)
+#define STATUS_SXS_MULTIPLE_DEACTIVATION cpu_to_le32(0xC0150011)
+#define STATUS_SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY \
+ cpu_to_le32(0xC0150012)
+#define STATUS_SXS_PROCESS_TERMINATION_REQUESTED cpu_to_le32(0xC0150013)
+#define STATUS_SXS_CORRUPT_ACTIVATION_STACK cpu_to_le32(0xC0150014)
+#define STATUS_SXS_CORRUPTION cpu_to_le32(0xC0150015)
+#define STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE cpu_to_le32(0xC0150016)
+#define STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME cpu_to_le32(0xC0150017)
+#define STATUS_SXS_IDENTITY_DUPLICATE_ATTRIBUTE cpu_to_le32(0xC0150018)
+#define STATUS_SXS_IDENTITY_PARSE_ERROR cpu_to_le32(0xC0150019)
+#define STATUS_SXS_COMPONENT_STORE_CORRUPT cpu_to_le32(0xC015001A)
+#define STATUS_SXS_FILE_HASH_MISMATCH cpu_to_le32(0xC015001B)
+#define STATUS_SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT \
+ cpu_to_le32(0xC015001C)
+#define STATUS_SXS_IDENTITIES_DIFFERENT cpu_to_le32(0xC015001D)
+#define STATUS_SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT cpu_to_le32(0xC015001E)
+#define STATUS_SXS_FILE_NOT_PART_OF_ASSEMBLY cpu_to_le32(0xC015001F)
+#define STATUS_ADVANCED_INSTALLER_FAILED cpu_to_le32(0xC0150020)
+#define STATUS_XML_ENCODING_MISMATCH cpu_to_le32(0xC0150021)
+#define STATUS_SXS_MANIFEST_TOO_BIG cpu_to_le32(0xC0150022)
+#define STATUS_SXS_SETTING_NOT_REGISTERED cpu_to_le32(0xC0150023)
+#define STATUS_SXS_TRANSACTION_CLOSURE_INCOMPLETE cpu_to_le32(0xC0150024)
+#define STATUS_SMI_PRIMITIVE_INSTALLER_FAILED cpu_to_le32(0xC0150025)
+#define STATUS_GENERIC_COMMAND_FAILED cpu_to_le32(0xC0150026)
+#define STATUS_SXS_FILE_HASH_MISSING cpu_to_le32(0xC0150027)
+#define STATUS_TRANSACTIONAL_CONFLICT cpu_to_le32(0xC0190001)
+#define STATUS_INVALID_TRANSACTION cpu_to_le32(0xC0190002)
+#define STATUS_TRANSACTION_NOT_ACTIVE cpu_to_le32(0xC0190003)
+#define STATUS_TM_INITIALIZATION_FAILED cpu_to_le32(0xC0190004)
+#define STATUS_RM_NOT_ACTIVE cpu_to_le32(0xC0190005)
+#define STATUS_RM_METADATA_CORRUPT cpu_to_le32(0xC0190006)
+#define STATUS_TRANSACTION_NOT_JOINED cpu_to_le32(0xC0190007)
+#define STATUS_DIRECTORY_NOT_RM cpu_to_le32(0xC0190008)
+#define STATUS_TRANSACTIONS_UNSUPPORTED_REMOTE cpu_to_le32(0xC019000A)
+#define STATUS_LOG_RESIZE_INVALID_SIZE cpu_to_le32(0xC019000B)
+#define STATUS_REMOTE_FILE_VERSION_MISMATCH cpu_to_le32(0xC019000C)
+#define STATUS_CRM_PROTOCOL_ALREADY_EXISTS cpu_to_le32(0xC019000F)
+#define STATUS_TRANSACTION_PROPAGATION_FAILED cpu_to_le32(0xC0190010)
+#define STATUS_CRM_PROTOCOL_NOT_FOUND cpu_to_le32(0xC0190011)
+#define STATUS_TRANSACTION_SUPERIOR_EXISTS cpu_to_le32(0xC0190012)
+#define STATUS_TRANSACTION_REQUEST_NOT_VALID cpu_to_le32(0xC0190013)
+#define STATUS_TRANSACTION_NOT_REQUESTED cpu_to_le32(0xC0190014)
+#define STATUS_TRANSACTION_ALREADY_ABORTED cpu_to_le32(0xC0190015)
+#define STATUS_TRANSACTION_ALREADY_COMMITTED cpu_to_le32(0xC0190016)
+#define STATUS_TRANSACTION_INVALID_MARSHALL_BUFFER cpu_to_le32(0xC0190017)
+#define STATUS_CURRENT_TRANSACTION_NOT_VALID cpu_to_le32(0xC0190018)
+#define STATUS_LOG_GROWTH_FAILED cpu_to_le32(0xC0190019)
+#define STATUS_OBJECT_NO_LONGER_EXISTS cpu_to_le32(0xC0190021)
+#define STATUS_STREAM_MINIVERSION_NOT_FOUND cpu_to_le32(0xC0190022)
+#define STATUS_STREAM_MINIVERSION_NOT_VALID cpu_to_le32(0xC0190023)
+#define STATUS_MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION \
+ cpu_to_le32(0xC0190024)
+#define STATUS_CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT cpu_to_le32(0xC0190025)
+#define STATUS_CANT_CREATE_MORE_STREAM_MINIVERSIONS cpu_to_le32(0xC0190026)
+#define STATUS_HANDLE_NO_LONGER_VALID cpu_to_le32(0xC0190028)
+#define STATUS_LOG_CORRUPTION_DETECTED cpu_to_le32(0xC0190030)
+#define STATUS_RM_DISCONNECTED cpu_to_le32(0xC0190032)
+#define STATUS_ENLISTMENT_NOT_SUPERIOR cpu_to_le32(0xC0190033)
+#define STATUS_FILE_IDENTITY_NOT_PERSISTENT cpu_to_le32(0xC0190036)
+#define STATUS_CANT_BREAK_TRANSACTIONAL_DEPENDENCY cpu_to_le32(0xC0190037)
+#define STATUS_CANT_CROSS_RM_BOUNDARY cpu_to_le32(0xC0190038)
+#define STATUS_TXF_DIR_NOT_EMPTY cpu_to_le32(0xC0190039)
+#define STATUS_INDOUBT_TRANSACTIONS_EXIST cpu_to_le32(0xC019003A)
+#define STATUS_TM_VOLATILE cpu_to_le32(0xC019003B)
+#define STATUS_ROLLBACK_TIMER_EXPIRED cpu_to_le32(0xC019003C)
+#define STATUS_TXF_ATTRIBUTE_CORRUPT cpu_to_le32(0xC019003D)
+#define STATUS_EFS_NOT_ALLOWED_IN_TRANSACTION cpu_to_le32(0xC019003E)
+#define STATUS_TRANSACTIONAL_OPEN_NOT_ALLOWED cpu_to_le32(0xC019003F)
+#define STATUS_TRANSACTED_MAPPING_UNSUPPORTED_REMOTE cpu_to_le32(0xC0190040)
+#define STATUS_TRANSACTION_REQUIRED_PROMOTION cpu_to_le32(0xC0190043)
+#define STATUS_CANNOT_EXECUTE_FILE_IN_TRANSACTION cpu_to_le32(0xC0190044)
+#define STATUS_TRANSACTIONS_NOT_FROZEN cpu_to_le32(0xC0190045)
+#define STATUS_TRANSACTION_FREEZE_IN_PROGRESS cpu_to_le32(0xC0190046)
+#define STATUS_NOT_SNAPSHOT_VOLUME cpu_to_le32(0xC0190047)
+#define STATUS_NO_SAVEPOINT_WITH_OPEN_FILES cpu_to_le32(0xC0190048)
+#define STATUS_SPARSE_NOT_ALLOWED_IN_TRANSACTION cpu_to_le32(0xC0190049)
+#define STATUS_TM_IDENTITY_MISMATCH cpu_to_le32(0xC019004A)
+#define STATUS_FLOATED_SECTION cpu_to_le32(0xC019004B)
+#define STATUS_CANNOT_ACCEPT_TRANSACTED_WORK cpu_to_le32(0xC019004C)
+#define STATUS_CANNOT_ABORT_TRANSACTIONS cpu_to_le32(0xC019004D)
+#define STATUS_TRANSACTION_NOT_FOUND cpu_to_le32(0xC019004E)
+#define STATUS_RESOURCEMANAGER_NOT_FOUND cpu_to_le32(0xC019004F)
+#define STATUS_ENLISTMENT_NOT_FOUND cpu_to_le32(0xC0190050)
+#define STATUS_TRANSACTIONMANAGER_NOT_FOUND cpu_to_le32(0xC0190051)
+#define STATUS_TRANSACTIONMANAGER_NOT_ONLINE cpu_to_le32(0xC0190052)
+#define STATUS_TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION \
+ cpu_to_le32(0xC0190053)
+#define STATUS_TRANSACTION_NOT_ROOT cpu_to_le32(0xC0190054)
+#define STATUS_TRANSACTION_OBJECT_EXPIRED cpu_to_le32(0xC0190055)
+#define STATUS_COMPRESSION_NOT_ALLOWED_IN_TRANSACTION cpu_to_le32(0xC0190056)
+#define STATUS_TRANSACTION_RESPONSE_NOT_ENLISTED cpu_to_le32(0xC0190057)
+#define STATUS_TRANSACTION_RECORD_TOO_LONG cpu_to_le32(0xC0190058)
+#define STATUS_NO_LINK_TRACKING_IN_TRANSACTION cpu_to_le32(0xC0190059)
+#define STATUS_OPERATION_NOT_SUPPORTED_IN_TRANSACTION cpu_to_le32(0xC019005A)
+#define STATUS_TRANSACTION_INTEGRITY_VIOLATED cpu_to_le32(0xC019005B)
+#define STATUS_LOG_SECTOR_INVALID cpu_to_le32(0xC01A0001)
+#define STATUS_LOG_SECTOR_PARITY_INVALID cpu_to_le32(0xC01A0002)
+#define STATUS_LOG_SECTOR_REMAPPED cpu_to_le32(0xC01A0003)
+#define STATUS_LOG_BLOCK_INCOMPLETE cpu_to_le32(0xC01A0004)
+#define STATUS_LOG_INVALID_RANGE cpu_to_le32(0xC01A0005)
+#define STATUS_LOG_BLOCKS_EXHAUSTED cpu_to_le32(0xC01A0006)
+#define STATUS_LOG_READ_CONTEXT_INVALID cpu_to_le32(0xC01A0007)
+#define STATUS_LOG_RESTART_INVALID cpu_to_le32(0xC01A0008)
+#define STATUS_LOG_BLOCK_VERSION cpu_to_le32(0xC01A0009)
+#define STATUS_LOG_BLOCK_INVALID cpu_to_le32(0xC01A000A)
+#define STATUS_LOG_READ_MODE_INVALID cpu_to_le32(0xC01A000B)
+#define STATUS_LOG_METADATA_CORRUPT cpu_to_le32(0xC01A000D)
+#define STATUS_LOG_METADATA_INVALID cpu_to_le32(0xC01A000E)
+#define STATUS_LOG_METADATA_INCONSISTENT cpu_to_le32(0xC01A000F)
+#define STATUS_LOG_RESERVATION_INVALID cpu_to_le32(0xC01A0010)
+#define STATUS_LOG_CANT_DELETE cpu_to_le32(0xC01A0011)
+#define STATUS_LOG_CONTAINER_LIMIT_EXCEEDED cpu_to_le32(0xC01A0012)
+#define STATUS_LOG_START_OF_LOG cpu_to_le32(0xC01A0013)
+#define STATUS_LOG_POLICY_ALREADY_INSTALLED cpu_to_le32(0xC01A0014)
+#define STATUS_LOG_POLICY_NOT_INSTALLED cpu_to_le32(0xC01A0015)
+#define STATUS_LOG_POLICY_INVALID cpu_to_le32(0xC01A0016)
+#define STATUS_LOG_POLICY_CONFLICT cpu_to_le32(0xC01A0017)
+#define STATUS_LOG_PINNED_ARCHIVE_TAIL cpu_to_le32(0xC01A0018)
+#define STATUS_LOG_RECORD_NONEXISTENT cpu_to_le32(0xC01A0019)
+#define STATUS_LOG_RECORDS_RESERVED_INVALID cpu_to_le32(0xC01A001A)
+#define STATUS_LOG_SPACE_RESERVED_INVALID cpu_to_le32(0xC01A001B)
+#define STATUS_LOG_TAIL_INVALID cpu_to_le32(0xC01A001C)
+#define STATUS_LOG_FULL cpu_to_le32(0xC01A001D)
+#define STATUS_LOG_MULTIPLEXED cpu_to_le32(0xC01A001E)
+#define STATUS_LOG_DEDICATED cpu_to_le32(0xC01A001F)
+#define STATUS_LOG_ARCHIVE_NOT_IN_PROGRESS cpu_to_le32(0xC01A0020)
+#define STATUS_LOG_ARCHIVE_IN_PROGRESS cpu_to_le32(0xC01A0021)
+#define STATUS_LOG_EPHEMERAL cpu_to_le32(0xC01A0022)
+#define STATUS_LOG_NOT_ENOUGH_CONTAINERS cpu_to_le32(0xC01A0023)
+#define STATUS_LOG_CLIENT_ALREADY_REGISTERED cpu_to_le32(0xC01A0024)
+#define STATUS_LOG_CLIENT_NOT_REGISTERED cpu_to_le32(0xC01A0025)
+#define STATUS_LOG_FULL_HANDLER_IN_PROGRESS cpu_to_le32(0xC01A0026)
+#define STATUS_LOG_CONTAINER_READ_FAILED cpu_to_le32(0xC01A0027)
+#define STATUS_LOG_CONTAINER_WRITE_FAILED cpu_to_le32(0xC01A0028)
+#define STATUS_LOG_CONTAINER_OPEN_FAILED cpu_to_le32(0xC01A0029)
+#define STATUS_LOG_CONTAINER_STATE_INVALID cpu_to_le32(0xC01A002A)
+#define STATUS_LOG_STATE_INVALID cpu_to_le32(0xC01A002B)
+#define STATUS_LOG_PINNED cpu_to_le32(0xC01A002C)
+#define STATUS_LOG_METADATA_FLUSH_FAILED cpu_to_le32(0xC01A002D)
+#define STATUS_LOG_INCONSISTENT_SECURITY cpu_to_le32(0xC01A002E)
+#define STATUS_LOG_APPENDED_FLUSH_FAILED cpu_to_le32(0xC01A002F)
+#define STATUS_LOG_PINNED_RESERVATION cpu_to_le32(0xC01A0030)
+#define STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD cpu_to_le32(0xC01B00EA)
+#define STATUS_FLT_NO_HANDLER_DEFINED cpu_to_le32(0xC01C0001)
+#define STATUS_FLT_CONTEXT_ALREADY_DEFINED cpu_to_le32(0xC01C0002)
+#define STATUS_FLT_INVALID_ASYNCHRONOUS_REQUEST cpu_to_le32(0xC01C0003)
+#define STATUS_FLT_DISALLOW_FAST_IO cpu_to_le32(0xC01C0004)
+#define STATUS_FLT_INVALID_NAME_REQUEST cpu_to_le32(0xC01C0005)
+#define STATUS_FLT_NOT_SAFE_TO_POST_OPERATION cpu_to_le32(0xC01C0006)
+#define STATUS_FLT_NOT_INITIALIZED cpu_to_le32(0xC01C0007)
+#define STATUS_FLT_FILTER_NOT_READY cpu_to_le32(0xC01C0008)
+#define STATUS_FLT_POST_OPERATION_CLEANUP cpu_to_le32(0xC01C0009)
+#define STATUS_FLT_INTERNAL_ERROR cpu_to_le32(0xC01C000A)
+#define STATUS_FLT_DELETING_OBJECT cpu_to_le32(0xC01C000B)
+#define STATUS_FLT_MUST_BE_NONPAGED_POOL cpu_to_le32(0xC01C000C)
+#define STATUS_FLT_DUPLICATE_ENTRY cpu_to_le32(0xC01C000D)
+#define STATUS_FLT_CBDQ_DISABLED cpu_to_le32(0xC01C000E)
+#define STATUS_FLT_DO_NOT_ATTACH cpu_to_le32(0xC01C000F)
+#define STATUS_FLT_DO_NOT_DETACH cpu_to_le32(0xC01C0010)
+#define STATUS_FLT_INSTANCE_ALTITUDE_COLLISION cpu_to_le32(0xC01C0011)
+#define STATUS_FLT_INSTANCE_NAME_COLLISION cpu_to_le32(0xC01C0012)
+#define STATUS_FLT_FILTER_NOT_FOUND cpu_to_le32(0xC01C0013)
+#define STATUS_FLT_VOLUME_NOT_FOUND cpu_to_le32(0xC01C0014)
+#define STATUS_FLT_INSTANCE_NOT_FOUND cpu_to_le32(0xC01C0015)
+#define STATUS_FLT_CONTEXT_ALLOCATION_NOT_FOUND cpu_to_le32(0xC01C0016)
+#define STATUS_FLT_INVALID_CONTEXT_REGISTRATION cpu_to_le32(0xC01C0017)
+#define STATUS_FLT_NAME_CACHE_MISS cpu_to_le32(0xC01C0018)
+#define STATUS_FLT_NO_DEVICE_OBJECT cpu_to_le32(0xC01C0019)
+#define STATUS_FLT_VOLUME_ALREADY_MOUNTED cpu_to_le32(0xC01C001A)
+#define STATUS_FLT_ALREADY_ENLISTED cpu_to_le32(0xC01C001B)
+#define STATUS_FLT_CONTEXT_ALREADY_LINKED cpu_to_le32(0xC01C001C)
+#define STATUS_FLT_NO_WAITER_FOR_REPLY cpu_to_le32(0xC01C0020)
+#define STATUS_MONITOR_NO_DESCRIPTOR cpu_to_le32(0xC01D0001)
+#define STATUS_MONITOR_UNKNOWN_DESCRIPTOR_FORMAT cpu_to_le32(0xC01D0002)
+#define STATUS_MONITOR_INVALID_DESCRIPTOR_CHECKSUM cpu_to_le32(0xC01D0003)
+#define STATUS_MONITOR_INVALID_STANDARD_TIMING_BLOCK cpu_to_le32(0xC01D0004)
+#define STATUS_MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED cpu_to_le32(0xC01D0005)
+#define STATUS_MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK \
+ cpu_to_le32(0xC01D0006)
+#define STATUS_MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK \
+ cpu_to_le32(0xC01D0007)
+#define STATUS_MONITOR_NO_MORE_DESCRIPTOR_DATA cpu_to_le32(0xC01D0008)
+#define STATUS_MONITOR_INVALID_DETAILED_TIMING_BLOCK cpu_to_le32(0xC01D0009)
+#define STATUS_GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER cpu_to_le32(0xC01E0000)
+#define STATUS_GRAPHICS_INSUFFICIENT_DMA_BUFFER cpu_to_le32(0xC01E0001)
+#define STATUS_GRAPHICS_INVALID_DISPLAY_ADAPTER cpu_to_le32(0xC01E0002)
+#define STATUS_GRAPHICS_ADAPTER_WAS_RESET cpu_to_le32(0xC01E0003)
+#define STATUS_GRAPHICS_INVALID_DRIVER_MODEL cpu_to_le32(0xC01E0004)
+#define STATUS_GRAPHICS_PRESENT_MODE_CHANGED cpu_to_le32(0xC01E0005)
+#define STATUS_GRAPHICS_PRESENT_OCCLUDED cpu_to_le32(0xC01E0006)
+#define STATUS_GRAPHICS_PRESENT_DENIED cpu_to_le32(0xC01E0007)
+#define STATUS_GRAPHICS_CANNOTCOLORCONVERT cpu_to_le32(0xC01E0008)
+#define STATUS_GRAPHICS_NO_VIDEO_MEMORY cpu_to_le32(0xC01E0100)
+#define STATUS_GRAPHICS_CANT_LOCK_MEMORY cpu_to_le32(0xC01E0101)
+#define STATUS_GRAPHICS_ALLOCATION_BUSY cpu_to_le32(0xC01E0102)
+#define STATUS_GRAPHICS_TOO_MANY_REFERENCES cpu_to_le32(0xC01E0103)
+#define STATUS_GRAPHICS_TRY_AGAIN_LATER cpu_to_le32(0xC01E0104)
+#define STATUS_GRAPHICS_TRY_AGAIN_NOW cpu_to_le32(0xC01E0105)
+#define STATUS_GRAPHICS_ALLOCATION_INVALID cpu_to_le32(0xC01E0106)
+#define STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE cpu_to_le32(0xC01E0107)
+#define STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED cpu_to_le32(0xC01E0108)
+#define STATUS_GRAPHICS_CANT_EVICT_PINNED_ALLOCATION cpu_to_le32(0xC01E0109)
+#define STATUS_GRAPHICS_INVALID_ALLOCATION_USAGE cpu_to_le32(0xC01E0110)
+#define STATUS_GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION cpu_to_le32(0xC01E0111)
+#define STATUS_GRAPHICS_ALLOCATION_CLOSED cpu_to_le32(0xC01E0112)
+#define STATUS_GRAPHICS_INVALID_ALLOCATION_INSTANCE cpu_to_le32(0xC01E0113)
+#define STATUS_GRAPHICS_INVALID_ALLOCATION_HANDLE cpu_to_le32(0xC01E0114)
+#define STATUS_GRAPHICS_WRONG_ALLOCATION_DEVICE cpu_to_le32(0xC01E0115)
+#define STATUS_GRAPHICS_ALLOCATION_CONTENT_LOST cpu_to_le32(0xC01E0116)
+#define STATUS_GRAPHICS_GPU_EXCEPTION_ON_DEVICE cpu_to_le32(0xC01E0200)
+#define STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY cpu_to_le32(0xC01E0300)
+#define STATUS_GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED cpu_to_le32(0xC01E0301)
+#define STATUS_GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED \
+ cpu_to_le32(0xC01E0302)
+#define STATUS_GRAPHICS_INVALID_VIDPN cpu_to_le32(0xC01E0303)
+#define STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE cpu_to_le32(0xC01E0304)
+#define STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET cpu_to_le32(0xC01E0305)
+#define STATUS_GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED cpu_to_le32(0xC01E0306)
+#define STATUS_GRAPHICS_INVALID_VIDPN_SOURCEMODESET cpu_to_le32(0xC01E0308)
+#define STATUS_GRAPHICS_INVALID_VIDPN_TARGETMODESET cpu_to_le32(0xC01E0309)
+#define STATUS_GRAPHICS_INVALID_FREQUENCY cpu_to_le32(0xC01E030A)
+#define STATUS_GRAPHICS_INVALID_ACTIVE_REGION cpu_to_le32(0xC01E030B)
+#define STATUS_GRAPHICS_INVALID_TOTAL_REGION cpu_to_le32(0xC01E030C)
+#define STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE \
+ cpu_to_le32(0xC01E0310)
+#define STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE \
+ cpu_to_le32(0xC01E0311)
+#define STATUS_GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET cpu_to_le32(0xC01E0312)
+#define STATUS_GRAPHICS_PATH_ALREADY_IN_TOPOLOGY cpu_to_le32(0xC01E0313)
+#define STATUS_GRAPHICS_MODE_ALREADY_IN_MODESET cpu_to_le32(0xC01E0314)
+#define STATUS_GRAPHICS_INVALID_VIDEOPRESENTSOURCESET cpu_to_le32(0xC01E0315)
+#define STATUS_GRAPHICS_INVALID_VIDEOPRESENTTARGETSET cpu_to_le32(0xC01E0316)
+#define STATUS_GRAPHICS_SOURCE_ALREADY_IN_SET cpu_to_le32(0xC01E0317)
+#define STATUS_GRAPHICS_TARGET_ALREADY_IN_SET cpu_to_le32(0xC01E0318)
+#define STATUS_GRAPHICS_INVALID_VIDPN_PRESENT_PATH cpu_to_le32(0xC01E0319)
+#define STATUS_GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY cpu_to_le32(0xC01E031A)
+#define STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET \
+ cpu_to_le32(0xC01E031B)
+#define STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE cpu_to_le32(0xC01E031C)
+#define STATUS_GRAPHICS_FREQUENCYRANGE_NOT_IN_SET cpu_to_le32(0xC01E031D)
+#define STATUS_GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET cpu_to_le32(0xC01E031F)
+#define STATUS_GRAPHICS_STALE_MODESET cpu_to_le32(0xC01E0320)
+#define STATUS_GRAPHICS_INVALID_MONITOR_SOURCEMODESET cpu_to_le32(0xC01E0321)
+#define STATUS_GRAPHICS_INVALID_MONITOR_SOURCE_MODE cpu_to_le32(0xC01E0322)
+#define STATUS_GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN cpu_to_le32(0xC01E0323)
+#define STATUS_GRAPHICS_MODE_ID_MUST_BE_UNIQUE cpu_to_le32(0xC01E0324)
+#define STATUS_GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION \
+ cpu_to_le32(0xC01E0325)
+#define STATUS_GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES \
+ cpu_to_le32(0xC01E0326)
+#define STATUS_GRAPHICS_PATH_NOT_IN_TOPOLOGY cpu_to_le32(0xC01E0327)
+#define STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE \
+ cpu_to_le32(0xC01E0328)
+#define STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET \
+ cpu_to_le32(0xC01E0329)
+#define STATUS_GRAPHICS_INVALID_MONITORDESCRIPTORSET cpu_to_le32(0xC01E032A)
+#define STATUS_GRAPHICS_INVALID_MONITORDESCRIPTOR cpu_to_le32(0xC01E032B)
+#define STATUS_GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET cpu_to_le32(0xC01E032C)
+#define STATUS_GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET cpu_to_le32(0xC01E032D)
+#define STATUS_GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE \
+ cpu_to_le32(0xC01E032E)
+#define STATUS_GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE cpu_to_le32(0xC01E032F)
+#define STATUS_GRAPHICS_RESOURCES_NOT_RELATED cpu_to_le32(0xC01E0330)
+#define STATUS_GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE cpu_to_le32(0xC01E0331)
+#define STATUS_GRAPHICS_TARGET_ID_MUST_BE_UNIQUE cpu_to_le32(0xC01E0332)
+#define STATUS_GRAPHICS_NO_AVAILABLE_VIDPN_TARGET cpu_to_le32(0xC01E0333)
+#define STATUS_GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER \
+ cpu_to_le32(0xC01E0334)
+#define STATUS_GRAPHICS_NO_VIDPNMGR cpu_to_le32(0xC01E0335)
+#define STATUS_GRAPHICS_NO_ACTIVE_VIDPN cpu_to_le32(0xC01E0336)
+#define STATUS_GRAPHICS_STALE_VIDPN_TOPOLOGY cpu_to_le32(0xC01E0337)
+#define STATUS_GRAPHICS_MONITOR_NOT_CONNECTED cpu_to_le32(0xC01E0338)
+#define STATUS_GRAPHICS_SOURCE_NOT_IN_TOPOLOGY cpu_to_le32(0xC01E0339)
+#define STATUS_GRAPHICS_INVALID_PRIMARYSURFACE_SIZE cpu_to_le32(0xC01E033A)
+#define STATUS_GRAPHICS_INVALID_VISIBLEREGION_SIZE cpu_to_le32(0xC01E033B)
+#define STATUS_GRAPHICS_INVALID_STRIDE cpu_to_le32(0xC01E033C)
+#define STATUS_GRAPHICS_INVALID_PIXELFORMAT cpu_to_le32(0xC01E033D)
+#define STATUS_GRAPHICS_INVALID_COLORBASIS cpu_to_le32(0xC01E033E)
+#define STATUS_GRAPHICS_INVALID_PIXELVALUEACCESSMODE cpu_to_le32(0xC01E033F)
+#define STATUS_GRAPHICS_TARGET_NOT_IN_TOPOLOGY cpu_to_le32(0xC01E0340)
+#define STATUS_GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT \
+ cpu_to_le32(0xC01E0341)
+#define STATUS_GRAPHICS_VIDPN_SOURCE_IN_USE cpu_to_le32(0xC01E0342)
+#define STATUS_GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN cpu_to_le32(0xC01E0343)
+#define STATUS_GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL cpu_to_le32(0xC01E0344)
+#define STATUS_GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION \
+ cpu_to_le32(0xC01E0345)
+#define STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED \
+ cpu_to_le32(0xC01E0346)
+#define STATUS_GRAPHICS_INVALID_GAMMA_RAMP cpu_to_le32(0xC01E0347)
+#define STATUS_GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED cpu_to_le32(0xC01E0348)
+#define STATUS_GRAPHICS_MULTISAMPLING_NOT_SUPPORTED cpu_to_le32(0xC01E0349)
+#define STATUS_GRAPHICS_MODE_NOT_IN_MODESET cpu_to_le32(0xC01E034A)
+#define STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON \
+ cpu_to_le32(0xC01E034D)
+#define STATUS_GRAPHICS_INVALID_PATH_CONTENT_TYPE cpu_to_le32(0xC01E034E)
+#define STATUS_GRAPHICS_INVALID_COPYPROTECTION_TYPE cpu_to_le32(0xC01E034F)
+#define STATUS_GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS \
+ cpu_to_le32(0xC01E0350)
+#define STATUS_GRAPHICS_INVALID_SCANLINE_ORDERING cpu_to_le32(0xC01E0352)
+#define STATUS_GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED cpu_to_le32(0xC01E0353)
+#define STATUS_GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS cpu_to_le32(0xC01E0354)
+#define STATUS_GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT cpu_to_le32(0xC01E0355)
+#define STATUS_GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM cpu_to_le32(0xC01E0356)
+#define STATUS_GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN \
+ cpu_to_le32(0xC01E0357)
+#define STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT \
+ cpu_to_le32(0xC01E0358)
+#define STATUS_GRAPHICS_MAX_NUM_PATHS_REACHED cpu_to_le32(0xC01E0359)
+#define STATUS_GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION \
+ cpu_to_le32(0xC01E035A)
+#define STATUS_GRAPHICS_INVALID_CLIENT_TYPE cpu_to_le32(0xC01E035B)
+#define STATUS_GRAPHICS_CLIENTVIDPN_NOT_SET cpu_to_le32(0xC01E035C)
+#define STATUS_GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED \
+ cpu_to_le32(0xC01E0400)
+#define STATUS_GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED cpu_to_le32(0xC01E0401)
+#define STATUS_GRAPHICS_NOT_A_LINKED_ADAPTER cpu_to_le32(0xC01E0430)
+#define STATUS_GRAPHICS_LEADLINK_NOT_ENUMERATED cpu_to_le32(0xC01E0431)
+#define STATUS_GRAPHICS_CHAINLINKS_NOT_ENUMERATED cpu_to_le32(0xC01E0432)
+#define STATUS_GRAPHICS_ADAPTER_CHAIN_NOT_READY cpu_to_le32(0xC01E0433)
+#define STATUS_GRAPHICS_CHAINLINKS_NOT_STARTED cpu_to_le32(0xC01E0434)
+#define STATUS_GRAPHICS_CHAINLINKS_NOT_POWERED_ON cpu_to_le32(0xC01E0435)
+#define STATUS_GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE cpu_to_le32(0xC01E0436)
+#define STATUS_GRAPHICS_NOT_POST_DEVICE_DRIVER cpu_to_le32(0xC01E0438)
+#define STATUS_GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED cpu_to_le32(0xC01E043B)
+#define STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS \
+ cpu_to_le32(0xC01E051C)
+#define STATUS_GRAPHICS_OPM_INVALID_INFORMATION_REQUEST cpu_to_le32(0xC01E051D)
+#define STATUS_GRAPHICS_OPM_DRIVER_INTERNAL_ERROR cpu_to_le32(0xC01E051E)
+#define STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS \
+ cpu_to_le32(0xC01E051F)
+#define STATUS_GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED cpu_to_le32(0xC01E0520)
+#define STATUS_GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST \
+ cpu_to_le32(0xC01E0521)
+#define STATUS_GRAPHICS_OPM_NOT_SUPPORTED cpu_to_le32(0xC01E0500)
+#define STATUS_GRAPHICS_COPP_NOT_SUPPORTED cpu_to_le32(0xC01E0501)
+#define STATUS_GRAPHICS_UAB_NOT_SUPPORTED cpu_to_le32(0xC01E0502)
+#define STATUS_GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS cpu_to_le32(0xC01E0503)
+#define STATUS_GRAPHICS_OPM_PARAMETER_ARRAY_TOO_SMALL cpu_to_le32(0xC01E0504)
+#define STATUS_GRAPHICS_OPM_NO_PROTECTED_OUTPUTS_EXIST cpu_to_le32(0xC01E0505)
+#define STATUS_GRAPHICS_PVP_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME \
+ cpu_to_le32(0xC01E0506)
+#define STATUS_GRAPHICS_PVP_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP \
+ cpu_to_le32(0xC01E0507)
+#define STATUS_GRAPHICS_PVP_MIRRORING_DEVICES_NOT_SUPPORTED \
+ cpu_to_le32(0xC01E0508)
+#define STATUS_GRAPHICS_OPM_INVALID_POINTER cpu_to_le32(0xC01E050A)
+#define STATUS_GRAPHICS_OPM_INTERNAL_ERROR cpu_to_le32(0xC01E050B)
+#define STATUS_GRAPHICS_OPM_INVALID_HANDLE cpu_to_le32(0xC01E050C)
+#define STATUS_GRAPHICS_PVP_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE \
+ cpu_to_le32(0xC01E050D)
+#define STATUS_GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH cpu_to_le32(0xC01E050E)
+#define STATUS_GRAPHICS_OPM_SPANNING_MODE_ENABLED cpu_to_le32(0xC01E050F)
+#define STATUS_GRAPHICS_OPM_THEATER_MODE_ENABLED cpu_to_le32(0xC01E0510)
+#define STATUS_GRAPHICS_PVP_HFS_FAILED cpu_to_le32(0xC01E0511)
+#define STATUS_GRAPHICS_OPM_INVALID_SRM cpu_to_le32(0xC01E0512)
+#define STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP cpu_to_le32(0xC01E0513)
+#define STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP cpu_to_le32(0xC01E0514)
+#define STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA \
+ cpu_to_le32(0xC01E0515)
+#define STATUS_GRAPHICS_OPM_HDCP_SRM_NEVER_SET cpu_to_le32(0xC01E0516)
+#define STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH cpu_to_le32(0xC01E0517)
+#define STATUS_GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE \
+ cpu_to_le32(0xC01E0518)
+#define STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_NO_LONGER_EXISTS \
+ cpu_to_le32(0xC01E051A)
+#define STATUS_GRAPHICS_OPM_SESSION_TYPE_CHANGE_IN_PROGRESS \
+ cpu_to_le32(0xC01E051B)
+#define STATUS_GRAPHICS_I2C_NOT_SUPPORTED cpu_to_le32(0xC01E0580)
+#define STATUS_GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST cpu_to_le32(0xC01E0581)
+#define STATUS_GRAPHICS_I2C_ERROR_TRANSMITTING_DATA cpu_to_le32(0xC01E0582)
+#define STATUS_GRAPHICS_I2C_ERROR_RECEIVING_DATA cpu_to_le32(0xC01E0583)
+#define STATUS_GRAPHICS_DDCCI_VCP_NOT_SUPPORTED cpu_to_le32(0xC01E0584)
+#define STATUS_GRAPHICS_DDCCI_INVALID_DATA cpu_to_le32(0xC01E0585)
+#define STATUS_GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE \
+ cpu_to_le32(0xC01E0586)
+#define STATUS_GRAPHICS_DDCCI_INVALID_CAPABILITIES_STRING \
+ cpu_to_le32(0xC01E0587)
+#define STATUS_GRAPHICS_MCA_INTERNAL_ERROR cpu_to_le32(0xC01E0588)
+#define STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND cpu_to_le32(0xC01E0589)
+#define STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH cpu_to_le32(0xC01E058A)
+#define STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM cpu_to_le32(0xC01E058B)
+#define STATUS_GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE cpu_to_le32(0xC01E058C)
+#define STATUS_GRAPHICS_MONITOR_NO_LONGER_EXISTS cpu_to_le32(0xC01E058D)
+#define STATUS_GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED cpu_to_le32(0xC01E05E0)
+#define STATUS_GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME \
+ cpu_to_le32(0xC01E05E1)
+#define STATUS_GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP \
+ cpu_to_le32(0xC01E05E2)
+#define STATUS_GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED cpu_to_le32(0xC01E05E3)
+#define STATUS_GRAPHICS_INVALID_POINTER cpu_to_le32(0xC01E05E4)
+#define STATUS_GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE \
+ cpu_to_le32(0xC01E05E5)
+#define STATUS_GRAPHICS_PARAMETER_ARRAY_TOO_SMALL cpu_to_le32(0xC01E05E6)
+#define STATUS_GRAPHICS_INTERNAL_ERROR cpu_to_le32(0xC01E05E7)
+#define STATUS_GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS cpu_to_le32(0xC01E05E8)
+#define STATUS_FVE_LOCKED_VOLUME cpu_to_le32(0xC0210000)
+#define STATUS_FVE_NOT_ENCRYPTED cpu_to_le32(0xC0210001)
+#define STATUS_FVE_BAD_INFORMATION cpu_to_le32(0xC0210002)
+#define STATUS_FVE_TOO_SMALL cpu_to_le32(0xC0210003)
+#define STATUS_FVE_FAILED_WRONG_FS cpu_to_le32(0xC0210004)
+#define STATUS_FVE_FAILED_BAD_FS cpu_to_le32(0xC0210005)
+#define STATUS_FVE_FS_NOT_EXTENDED cpu_to_le32(0xC0210006)
+#define STATUS_FVE_FS_MOUNTED cpu_to_le32(0xC0210007)
+#define STATUS_FVE_NO_LICENSE cpu_to_le32(0xC0210008)
+#define STATUS_FVE_ACTION_NOT_ALLOWED cpu_to_le32(0xC0210009)
+#define STATUS_FVE_BAD_DATA cpu_to_le32(0xC021000A)
+#define STATUS_FVE_VOLUME_NOT_BOUND cpu_to_le32(0xC021000B)
+#define STATUS_FVE_NOT_DATA_VOLUME cpu_to_le32(0xC021000C)
+#define STATUS_FVE_CONV_READ_ERROR cpu_to_le32(0xC021000D)
+#define STATUS_FVE_CONV_WRITE_ERROR cpu_to_le32(0xC021000E)
+#define STATUS_FVE_OVERLAPPED_UPDATE cpu_to_le32(0xC021000F)
+#define STATUS_FVE_FAILED_SECTOR_SIZE cpu_to_le32(0xC0210010)
+#define STATUS_FVE_FAILED_AUTHENTICATION cpu_to_le32(0xC0210011)
+#define STATUS_FVE_NOT_OS_VOLUME cpu_to_le32(0xC0210012)
+#define STATUS_FVE_KEYFILE_NOT_FOUND cpu_to_le32(0xC0210013)
+#define STATUS_FVE_KEYFILE_INVALID cpu_to_le32(0xC0210014)
+#define STATUS_FVE_KEYFILE_NO_VMK cpu_to_le32(0xC0210015)
+#define STATUS_FVE_TPM_DISABLED cpu_to_le32(0xC0210016)
+#define STATUS_FVE_TPM_SRK_AUTH_NOT_ZERO cpu_to_le32(0xC0210017)
+#define STATUS_FVE_TPM_INVALID_PCR cpu_to_le32(0xC0210018)
+#define STATUS_FVE_TPM_NO_VMK cpu_to_le32(0xC0210019)
+#define STATUS_FVE_PIN_INVALID cpu_to_le32(0xC021001A)
+#define STATUS_FVE_AUTH_INVALID_APPLICATION cpu_to_le32(0xC021001B)
+#define STATUS_FVE_AUTH_INVALID_CONFIG cpu_to_le32(0xC021001C)
+#define STATUS_FVE_DEBUGGER_ENABLED cpu_to_le32(0xC021001D)
+#define STATUS_FVE_DRY_RUN_FAILED cpu_to_le32(0xC021001E)
+#define STATUS_FVE_BAD_METADATA_POINTER cpu_to_le32(0xC021001F)
+#define STATUS_FVE_OLD_METADATA_COPY cpu_to_le32(0xC0210020)
+#define STATUS_FVE_REBOOT_REQUIRED cpu_to_le32(0xC0210021)
+#define STATUS_FVE_RAW_ACCESS cpu_to_le32(0xC0210022)
+#define STATUS_FVE_RAW_BLOCKED cpu_to_le32(0xC0210023)
+#define STATUS_FWP_CALLOUT_NOT_FOUND cpu_to_le32(0xC0220001)
+#define STATUS_FWP_CONDITION_NOT_FOUND cpu_to_le32(0xC0220002)
+#define STATUS_FWP_FILTER_NOT_FOUND cpu_to_le32(0xC0220003)
+#define STATUS_FWP_LAYER_NOT_FOUND cpu_to_le32(0xC0220004)
+#define STATUS_FWP_PROVIDER_NOT_FOUND cpu_to_le32(0xC0220005)
+#define STATUS_FWP_PROVIDER_CONTEXT_NOT_FOUND cpu_to_le32(0xC0220006)
+#define STATUS_FWP_SUBLAYER_NOT_FOUND cpu_to_le32(0xC0220007)
+#define STATUS_FWP_NOT_FOUND cpu_to_le32(0xC0220008)
+#define STATUS_FWP_ALREADY_EXISTS cpu_to_le32(0xC0220009)
+#define STATUS_FWP_IN_USE cpu_to_le32(0xC022000A)
+#define STATUS_FWP_DYNAMIC_SESSION_IN_PROGRESS cpu_to_le32(0xC022000B)
+#define STATUS_FWP_WRONG_SESSION cpu_to_le32(0xC022000C)
+#define STATUS_FWP_NO_TXN_IN_PROGRESS cpu_to_le32(0xC022000D)
+#define STATUS_FWP_TXN_IN_PROGRESS cpu_to_le32(0xC022000E)
+#define STATUS_FWP_TXN_ABORTED cpu_to_le32(0xC022000F)
+#define STATUS_FWP_SESSION_ABORTED cpu_to_le32(0xC0220010)
+#define STATUS_FWP_INCOMPATIBLE_TXN cpu_to_le32(0xC0220011)
+#define STATUS_FWP_TIMEOUT cpu_to_le32(0xC0220012)
+#define STATUS_FWP_NET_EVENTS_DISABLED cpu_to_le32(0xC0220013)
+#define STATUS_FWP_INCOMPATIBLE_LAYER cpu_to_le32(0xC0220014)
+#define STATUS_FWP_KM_CLIENTS_ONLY cpu_to_le32(0xC0220015)
+#define STATUS_FWP_LIFETIME_MISMATCH cpu_to_le32(0xC0220016)
+#define STATUS_FWP_BUILTIN_OBJECT cpu_to_le32(0xC0220017)
+#define STATUS_FWP_TOO_MANY_BOOTTIME_FILTERS cpu_to_le32(0xC0220018)
+#define STATUS_FWP_TOO_MANY_CALLOUTS cpu_to_le32(0xC0220018)
+#define STATUS_FWP_NOTIFICATION_DROPPED cpu_to_le32(0xC0220019)
+#define STATUS_FWP_TRAFFIC_MISMATCH cpu_to_le32(0xC022001A)
+#define STATUS_FWP_INCOMPATIBLE_SA_STATE cpu_to_le32(0xC022001B)
+#define STATUS_FWP_NULL_POINTER cpu_to_le32(0xC022001C)
+#define STATUS_FWP_INVALID_ENUMERATOR cpu_to_le32(0xC022001D)
+#define STATUS_FWP_INVALID_FLAGS cpu_to_le32(0xC022001E)
+#define STATUS_FWP_INVALID_NET_MASK cpu_to_le32(0xC022001F)
+#define STATUS_FWP_INVALID_RANGE cpu_to_le32(0xC0220020)
+#define STATUS_FWP_INVALID_INTERVAL cpu_to_le32(0xC0220021)
+#define STATUS_FWP_ZERO_LENGTH_ARRAY cpu_to_le32(0xC0220022)
+#define STATUS_FWP_NULL_DISPLAY_NAME cpu_to_le32(0xC0220023)
+#define STATUS_FWP_INVALID_ACTION_TYPE cpu_to_le32(0xC0220024)
+#define STATUS_FWP_INVALID_WEIGHT cpu_to_le32(0xC0220025)
+#define STATUS_FWP_MATCH_TYPE_MISMATCH cpu_to_le32(0xC0220026)
+#define STATUS_FWP_TYPE_MISMATCH cpu_to_le32(0xC0220027)
+#define STATUS_FWP_OUT_OF_BOUNDS cpu_to_le32(0xC0220028)
+#define STATUS_FWP_RESERVED cpu_to_le32(0xC0220029)
+#define STATUS_FWP_DUPLICATE_CONDITION cpu_to_le32(0xC022002A)
+#define STATUS_FWP_DUPLICATE_KEYMOD cpu_to_le32(0xC022002B)
+#define STATUS_FWP_ACTION_INCOMPATIBLE_WITH_LAYER cpu_to_le32(0xC022002C)
+#define STATUS_FWP_ACTION_INCOMPATIBLE_WITH_SUBLAYER cpu_to_le32(0xC022002D)
+#define STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_LAYER cpu_to_le32(0xC022002E)
+#define STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_CALLOUT cpu_to_le32(0xC022002F)
+#define STATUS_FWP_INCOMPATIBLE_AUTH_METHOD cpu_to_le32(0xC0220030)
+#define STATUS_FWP_INCOMPATIBLE_DH_GROUP cpu_to_le32(0xC0220031)
+#define STATUS_FWP_EM_NOT_SUPPORTED cpu_to_le32(0xC0220032)
+#define STATUS_FWP_NEVER_MATCH cpu_to_le32(0xC0220033)
+#define STATUS_FWP_PROVIDER_CONTEXT_MISMATCH cpu_to_le32(0xC0220034)
+#define STATUS_FWP_INVALID_PARAMETER cpu_to_le32(0xC0220035)
+#define STATUS_FWP_TOO_MANY_SUBLAYERS cpu_to_le32(0xC0220036)
+#define STATUS_FWP_CALLOUT_NOTIFICATION_FAILED cpu_to_le32(0xC0220037)
+#define STATUS_FWP_INCOMPATIBLE_AUTH_CONFIG cpu_to_le32(0xC0220038)
+#define STATUS_FWP_INCOMPATIBLE_CIPHER_CONFIG cpu_to_le32(0xC0220039)
+#define STATUS_FWP_TCPIP_NOT_READY cpu_to_le32(0xC0220100)
+#define STATUS_FWP_INJECT_HANDLE_CLOSING cpu_to_le32(0xC0220101)
+#define STATUS_FWP_INJECT_HANDLE_STALE cpu_to_le32(0xC0220102)
+#define STATUS_FWP_CANNOT_PEND cpu_to_le32(0xC0220103)
+#define STATUS_NDIS_CLOSING cpu_to_le32(0xC0230002)
+#define STATUS_NDIS_BAD_VERSION cpu_to_le32(0xC0230004)
+#define STATUS_NDIS_BAD_CHARACTERISTICS cpu_to_le32(0xC0230005)
+#define STATUS_NDIS_ADAPTER_NOT_FOUND cpu_to_le32(0xC0230006)
+#define STATUS_NDIS_OPEN_FAILED cpu_to_le32(0xC0230007)
+#define STATUS_NDIS_DEVICE_FAILED cpu_to_le32(0xC0230008)
+#define STATUS_NDIS_MULTICAST_FULL cpu_to_le32(0xC0230009)
+#define STATUS_NDIS_MULTICAST_EXISTS cpu_to_le32(0xC023000A)
+#define STATUS_NDIS_MULTICAST_NOT_FOUND cpu_to_le32(0xC023000B)
+#define STATUS_NDIS_REQUEST_ABORTED cpu_to_le32(0xC023000C)
+#define STATUS_NDIS_RESET_IN_PROGRESS cpu_to_le32(0xC023000D)
+#define STATUS_NDIS_INVALID_PACKET cpu_to_le32(0xC023000F)
+#define STATUS_NDIS_INVALID_DEVICE_REQUEST cpu_to_le32(0xC0230010)
+#define STATUS_NDIS_ADAPTER_NOT_READY cpu_to_le32(0xC0230011)
+#define STATUS_NDIS_INVALID_LENGTH cpu_to_le32(0xC0230014)
+#define STATUS_NDIS_INVALID_DATA cpu_to_le32(0xC0230015)
+#define STATUS_NDIS_BUFFER_TOO_SHORT cpu_to_le32(0xC0230016)
+#define STATUS_NDIS_INVALID_OID cpu_to_le32(0xC0230017)
+#define STATUS_NDIS_ADAPTER_REMOVED cpu_to_le32(0xC0230018)
+#define STATUS_NDIS_UNSUPPORTED_MEDIA cpu_to_le32(0xC0230019)
+#define STATUS_NDIS_GROUP_ADDRESS_IN_USE cpu_to_le32(0xC023001A)
+#define STATUS_NDIS_FILE_NOT_FOUND cpu_to_le32(0xC023001B)
+#define STATUS_NDIS_ERROR_READING_FILE cpu_to_le32(0xC023001C)
+#define STATUS_NDIS_ALREADY_MAPPED cpu_to_le32(0xC023001D)
+#define STATUS_NDIS_RESOURCE_CONFLICT cpu_to_le32(0xC023001E)
+#define STATUS_NDIS_MEDIA_DISCONNECTED cpu_to_le32(0xC023001F)
+#define STATUS_NDIS_INVALID_ADDRESS cpu_to_le32(0xC0230022)
+#define STATUS_NDIS_PAUSED cpu_to_le32(0xC023002A)
+#define STATUS_NDIS_INTERFACE_NOT_FOUND cpu_to_le32(0xC023002B)
+#define STATUS_NDIS_UNSUPPORTED_REVISION cpu_to_le32(0xC023002C)
+#define STATUS_NDIS_INVALID_PORT cpu_to_le32(0xC023002D)
+#define STATUS_NDIS_INVALID_PORT_STATE cpu_to_le32(0xC023002E)
+#define STATUS_NDIS_LOW_POWER_STATE cpu_to_le32(0xC023002F)
+#define STATUS_NDIS_NOT_SUPPORTED cpu_to_le32(0xC02300BB)
+#define STATUS_NDIS_DOT11_AUTO_CONFIG_ENABLED cpu_to_le32(0xC0232000)
+#define STATUS_NDIS_DOT11_MEDIA_IN_USE cpu_to_le32(0xC0232001)
+#define STATUS_NDIS_DOT11_POWER_STATE_INVALID cpu_to_le32(0xC0232002)
+#define STATUS_IPSEC_BAD_SPI cpu_to_le32(0xC0360001)
+#define STATUS_IPSEC_SA_LIFETIME_EXPIRED cpu_to_le32(0xC0360002)
+#define STATUS_IPSEC_WRONG_SA cpu_to_le32(0xC0360003)
+#define STATUS_IPSEC_REPLAY_CHECK_FAILED cpu_to_le32(0xC0360004)
+#define STATUS_IPSEC_INVALID_PACKET cpu_to_le32(0xC0360005)
+#define STATUS_IPSEC_INTEGRITY_CHECK_FAILED cpu_to_le32(0xC0360006)
+#define STATUS_IPSEC_CLEAR_TEXT_DROP cpu_to_le32(0xC0360007)
+
+#define STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP cpu_to_le32(0xC05D0000)
+#define STATUS_INVALID_LOCK_RANGE cpu_to_le32(0xC00001a1)
diff --git a/fs/cifsd/time_wrappers.h b/fs/cifsd/time_wrappers.h
new file mode 100644
index 000000000000..a702ca96947e
--- /dev/null
+++ b/fs/cifsd/time_wrappers.h
@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2019 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_TIME_WRAPPERS_H
+#define __KSMBD_TIME_WRAPPERS_H
+
+/*
+ * A bunch of ugly hacks to workaoround all the API differences
+ * between different kernel versions.
+ */
+
+#define NTFS_TIME_OFFSET ((u64)(369*365 + 89) * 24 * 3600 * 10000000)
+
+/* Convert the Unix UTC into NT UTC. */
+static inline u64 ksmbd_UnixTimeToNT(struct timespec64 t)
+{
+ /* Convert to 100ns intervals and then add the NTFS time offset. */
+ return (u64) t.tv_sec * 10000000 + t.tv_nsec / 100 + NTFS_TIME_OFFSET;
+}
+
+struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc);
+
+#define KSMBD_TIME_TO_TM time64_to_tm
+
+static inline long long ksmbd_systime(void)
+{
+ struct timespec64 ts;
+
+ ktime_get_real_ts64(&ts);
+ return ksmbd_UnixTimeToNT(ts);
+}
+#endif /* __KSMBD_TIME_WRAPPERS_H */
diff --git a/fs/cifsd/unicode.c b/fs/cifsd/unicode.c
new file mode 100644
index 000000000000..22a4d10a2000
--- /dev/null
+++ b/fs/cifsd/unicode.c
@@ -0,0 +1,391 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Some of the source code in this file came from fs/cifs/cifs_unicode.c
+ *
+ * Copyright (c) International Business Machines Corp., 2000,2009
+ * Modified by Steve French (sfrench(a)us.ibm.com)
+ * Modified by Namjae Jeon (linkinjeon(a)kernel.org)
+ */
+#include <linux/fs.h>
+#include <linux/slab.h>
+#include <asm/unaligned.h>
+#include "glob.h"
+#include "unicode.h"
+#include "uniupr.h"
+#include "smb_common.h"
+
+/*
+ * smb_utf16_bytes() - how long will a string be after conversion?
+ * @from: pointer to input string
+ * @maxbytes: don't go past this many bytes of input string
+ * @codepage: destination codepage
+ *
+ * Walk a utf16le string and return the number of bytes that the string will
+ * be after being converted to the given charset, not including any null
+ * termination required. Don't walk past maxbytes in the source buffer.
+ *
+ * Return: string length after conversion
+ */
+static int smb_utf16_bytes(const __le16 *from,
+ int maxbytes,
+ const struct nls_table *codepage)
+{
+ int i;
+ int charlen, outlen = 0;
+ int maxwords = maxbytes / 2;
+ char tmp[NLS_MAX_CHARSET_SIZE];
+ __u16 ftmp;
+
+ for (i = 0; i < maxwords; i++) {
+ ftmp = get_unaligned_le16(&from[i]);
+ if (ftmp == 0)
+ break;
+
+ charlen = codepage->uni2char(ftmp, tmp, NLS_MAX_CHARSET_SIZE);
+ if (charlen > 0)
+ outlen += charlen;
+ else
+ outlen++;
+ }
+
+ return outlen;
+}
+
+/*
+ * cifs_mapchar() - convert a host-endian char to proper char in codepage
+ * @target: where converted character should be copied
+ * @src_char: 2 byte host-endian source character
+ * @cp: codepage to which character should be converted
+ * @mapchar: should character be mapped according to mapchars mount option?
+ *
+ * This function handles the conversion of a single character. It is the
+ * responsibility of the caller to ensure that the target buffer is large
+ * enough to hold the result of the conversion (at least NLS_MAX_CHARSET_SIZE).
+ *
+ * Return: string length after conversion
+ */
+static int
+cifs_mapchar(char *target, const __u16 src_char, const struct nls_table *cp,
+ bool mapchar)
+{
+ int len = 1;
+
+ if (!mapchar)
+ goto cp_convert;
+
+ /*
+ * BB: Cannot handle remapping UNI_SLASH until all the calls to
+ * build_path_from_dentry are modified, as they use slash as
+ * separator.
+ */
+ switch (src_char) {
+ case UNI_COLON:
+ *target = ':';
+ break;
+ case UNI_ASTERISK:
+ *target = '*';
+ break;
+ case UNI_QUESTION:
+ *target = '?';
+ break;
+ case UNI_PIPE:
+ *target = '|';
+ break;
+ case UNI_GRTRTHAN:
+ *target = '>';
+ break;
+ case UNI_LESSTHAN:
+ *target = '<';
+ break;
+ default:
+ goto cp_convert;
+ }
+
+out:
+ return len;
+
+cp_convert:
+ len = cp->uni2char(src_char, target, NLS_MAX_CHARSET_SIZE);
+ if (len <= 0) {
+ *target = '?';
+ len = 1;
+ }
+
+ goto out;
+}
+
+/*
+ * is_char_allowed() - check for valid character
+ * @ch: input character to be checked
+ *
+ * Return: 1 if char is allowed, otherwise 0
+ */
+static inline int is_char_allowed(char *ch)
+{
+ /* check for control chars, wildcards etc. */
+ if (!(*ch & 0x80) &&
+ (*ch <= 0x1f ||
+ *ch == '?' || *ch == '"' || *ch == '<' ||
+ *ch == '>' || *ch == '|'))
+ return 0;
+
+ return 1;
+}
+
+/*
+ * smb_from_utf16() - convert utf16le string to local charset
+ * @to: destination buffer
+ * @from: source buffer
+ * @tolen: destination buffer size (in bytes)
+ * @fromlen: source buffer size (in bytes)
+ * @codepage: codepage to which characters should be converted
+ * @mapchar: should characters be remapped according to the mapchars option?
+ *
+ * Convert a little-endian utf16le string (as sent by the server) to a string
+ * in the provided codepage. The tolen and fromlen parameters are to ensure
+ * that the code doesn't walk off of the end of the buffer (which is always
+ * a danger if the alignment of the source buffer is off). The destination
+ * string is always properly null terminated and fits in the destination
+ * buffer. Returns the length of the destination string in bytes (including
+ * null terminator).
+ *
+ * Note that some windows versions actually send multiword UTF-16 characters
+ * instead of straight UTF16-2. The linux nls routines however aren't able to
+ * deal with those characters properly. In the event that we get some of
+ * those characters, they won't be translated properly.
+ *
+ * Return: string length after conversion
+ */
+static int smb_from_utf16(char *to,
+ const __le16 *from,
+ int tolen,
+ int fromlen,
+ const struct nls_table *codepage,
+ bool mapchar)
+{
+ int i, charlen, safelen;
+ int outlen = 0;
+ int nullsize = nls_nullsize(codepage);
+ int fromwords = fromlen / 2;
+ char tmp[NLS_MAX_CHARSET_SIZE];
+ __u16 ftmp;
+
+ /*
+ * because the chars can be of varying widths, we need to take care
+ * not to overflow the destination buffer when we get close to the
+ * end of it. Until we get to this offset, we don't need to check
+ * for overflow however.
+ */
+ safelen = tolen - (NLS_MAX_CHARSET_SIZE + nullsize);
+
+ for (i = 0; i < fromwords; i++) {
+ ftmp = get_unaligned_le16(&from[i]);
+ if (ftmp == 0)
+ break;
+
+ /*
+ * check to see if converting this character might make the
+ * conversion bleed into the null terminator
+ */
+ if (outlen >= safelen) {
+ charlen = cifs_mapchar(tmp, ftmp, codepage, mapchar);
+ if ((outlen + charlen) > (tolen - nullsize))
+ break;
+ }
+
+ /* put converted char into 'to' buffer */
+ charlen = cifs_mapchar(&to[outlen], ftmp, codepage, mapchar);
+ outlen += charlen;
+ }
+
+ /* properly null-terminate string */
+ for (i = 0; i < nullsize; i++)
+ to[outlen++] = 0;
+
+ return outlen;
+}
+
+/*
+ * smb_strtoUTF16() - Convert character string to unicode string
+ * @to: destination buffer
+ * @from: source buffer
+ * @len: destination buffer size (in bytes)
+ * @codepage: codepage to which characters should be converted
+ *
+ * Return: string length after conversion
+ */
+int
+smb_strtoUTF16(__le16 *to, const char *from, int len,
+ const struct nls_table *codepage)
+{
+ int charlen;
+ int i;
+ wchar_t wchar_to; /* needed to quiet sparse */
+
+ /* special case for utf8 to handle no plane0 chars */
+ if (!strcmp(codepage->charset, "utf8")) {
+ /*
+ * convert utf8 -> utf16, we assume we have enough space
+ * as caller should have assumed conversion does not overflow
+ * in destination len is length in wchar_t units (16bits)
+ */
+ i = utf8s_to_utf16s(from, len, UTF16_LITTLE_ENDIAN,
+ (wchar_t *) to, len);
+
+ /* if success terminate and exit */
+ if (i >= 0)
+ goto success;
+ /*
+ * if fails fall back to UCS encoding as this
+ * function should not return negative values
+ * currently can fail only if source contains
+ * invalid encoded characters
+ */
+ }
+
+ for (i = 0; len > 0 && *from; i++, from += charlen, len -= charlen) {
+ charlen = codepage->char2uni(from, len, &wchar_to);
+ if (charlen < 1) {
+ /* A question mark */
+ wchar_to = 0x003f;
+ charlen = 1;
+ }
+ put_unaligned_le16(wchar_to, &to[i]);
+ }
+
+success:
+ put_unaligned_le16(0, &to[i]);
+ return i;
+}
+
+/*
+ * smb_strndup_from_utf16() - copy a string from wire format to the local
+ * codepage
+ * @src: source string
+ * @maxlen: don't walk past this many bytes in the source string
+ * @is_unicode: is this a unicode string?
+ * @codepage: destination codepage
+ *
+ * Take a string given by the server, convert it to the local codepage and
+ * put it in a new buffer. Returns a pointer to the new string or NULL on
+ * error.
+ *
+ * Return: destination string buffer or error ptr
+ */
+char *
+smb_strndup_from_utf16(const char *src, const int maxlen,
+ const bool is_unicode, const struct nls_table *codepage)
+{
+ int len, ret;
+ char *dst;
+
+ if (is_unicode) {
+ len = smb_utf16_bytes((__le16 *) src, maxlen, codepage);
+ len += nls_nullsize(codepage);
+ dst = kmalloc(len, GFP_KERNEL);
+ if (!dst)
+ return ERR_PTR(-ENOMEM);
+ ret = smb_from_utf16(dst, (__le16 *) src, len, maxlen, codepage,
+ false);
+ if (ret < 0) {
+ kfree(dst);
+ return ERR_PTR(-EINVAL);
+ }
+ } else {
+ len = strnlen(src, maxlen);
+ len++;
+ dst = kmalloc(len, GFP_KERNEL);
+ if (!dst)
+ return ERR_PTR(-ENOMEM);
+ strscpy(dst, src, len);
+ }
+
+ return dst;
+}
+
+/*
+ * Convert 16 bit Unicode pathname to wire format from string in current code
+ * page. Conversion may involve remapping up the six characters that are
+ * only legal in POSIX-like OS (if they are present in the string). Path
+ * names are little endian 16 bit Unicode on the wire
+ */
+/*
+ * smbConvertToUTF16() - convert string from local charset to utf16
+ * @target: destination buffer
+ * @source: source buffer
+ * @srclen: source buffer size (in bytes)
+ * @cp: codepage to which characters should be converted
+ * @mapchar: should characters be remapped according to the mapchars option?
+ *
+ * Convert 16 bit Unicode pathname to wire format from string in current code
+ * page. Conversion may involve remapping up the six characters that are
+ * only legal in POSIX-like OS (if they are present in the string). Path
+ * names are little endian 16 bit Unicode on the wire
+ *
+ * Return: char length after conversion
+ */
+int
+smbConvertToUTF16(__le16 *target, const char *source, int srclen,
+ const struct nls_table *cp, int mapchars)
+{
+ int i, j, charlen;
+ char src_char;
+ __le16 dst_char;
+ wchar_t tmp;
+
+ if (!mapchars)
+ return smb_strtoUTF16(target, source, srclen, cp);
+
+ for (i = 0, j = 0; i < srclen; j++) {
+ src_char = source[i];
+ charlen = 1;
+ switch (src_char) {
+ case 0:
+ put_unaligned(0, &target[j]);
+ return j;
+ case ':':
+ dst_char = cpu_to_le16(UNI_COLON);
+ break;
+ case '*':
+ dst_char = cpu_to_le16(UNI_ASTERISK);
+ break;
+ case '?':
+ dst_char = cpu_to_le16(UNI_QUESTION);
+ break;
+ case '<':
+ dst_char = cpu_to_le16(UNI_LESSTHAN);
+ break;
+ case '>':
+ dst_char = cpu_to_le16(UNI_GRTRTHAN);
+ break;
+ case '|':
+ dst_char = cpu_to_le16(UNI_PIPE);
+ break;
+ /*
+ * FIXME: We can not handle remapping backslash (UNI_SLASH)
+ * until all the calls to build_path_from_dentry are modified,
+ * as they use backslash as separator.
+ */
+ default:
+ charlen = cp->char2uni(source + i, srclen - i, &tmp);
+ dst_char = cpu_to_le16(tmp);
+
+ /*
+ * if no match, use question mark, which at least in
+ * some cases serves as wild card
+ */
+ if (charlen < 1) {
+ dst_char = cpu_to_le16(0x003f);
+ charlen = 1;
+ }
+ }
+ /*
+ * character may take more than one byte in the source string,
+ * but will take exactly two bytes in the target string
+ */
+ i += charlen;
+ put_unaligned(dst_char, &target[j]);
+ }
+
+ return j;
+}
diff --git a/fs/cifsd/unicode.h b/fs/cifsd/unicode.h
new file mode 100644
index 000000000000..228a02c9b95d
--- /dev/null
+++ b/fs/cifsd/unicode.h
@@ -0,0 +1,374 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Some of the source code in this file came from fs/cifs/cifs_unicode.c
+ * cifs_unicode: Unicode kernel case support
+ *
+ * Function:
+ * Convert a unicode character to upper or lower case using
+ * compressed tables.
+ *
+ * Copyright (c) International Business Machines Corp., 2000,2009
+ *
+ *
+ * Notes:
+ * These APIs are based on the C library functions. The semantics
+ * should match the C functions but with expanded size operands.
+ *
+ * The upper/lower functions are based on a table created by mkupr.
+ * This is a compressed table of upper and lower case conversion.
+ *
+ */
+#ifndef _CIFS_UNICODE_H
+#define _CIFS_UNICODE_H
+
+#include <asm/byteorder.h>
+#include <linux/types.h>
+#include <linux/nls.h>
+
+#define UNIUPR_NOLOWER /* Example to not expand lower case tables */
+
+/*
+ * Windows maps these to the user defined 16 bit Unicode range since they are
+ * reserved symbols (along with \ and /), otherwise illegal to store
+ * in filenames in NTFS
+ */
+#define UNI_ASTERISK ((__u16) ('*' + 0xF000))
+#define UNI_QUESTION ((__u16) ('?' + 0xF000))
+#define UNI_COLON ((__u16) (':' + 0xF000))
+#define UNI_GRTRTHAN ((__u16) ('>' + 0xF000))
+#define UNI_LESSTHAN ((__u16) ('<' + 0xF000))
+#define UNI_PIPE ((__u16) ('|' + 0xF000))
+#define UNI_SLASH ((__u16) ('\\' + 0xF000))
+
+/* Just define what we want from uniupr.h. We don't want to define the tables
+ * in each source file.
+ */
+#ifndef UNICASERANGE_DEFINED
+struct UniCaseRange {
+ wchar_t start;
+ wchar_t end;
+ signed char *table;
+};
+#endif /* UNICASERANGE_DEFINED */
+
+#ifndef UNIUPR_NOUPPER
+extern signed char SmbUniUpperTable[512];
+extern const struct UniCaseRange SmbUniUpperRange[];
+#endif /* UNIUPR_NOUPPER */
+
+#ifndef UNIUPR_NOLOWER
+extern signed char CifsUniLowerTable[512];
+extern const struct UniCaseRange CifsUniLowerRange[];
+#endif /* UNIUPR_NOLOWER */
+
+#ifdef __KERNEL__
+int smb_strtoUTF16(__le16 *to, const char *from, int len,
+ const struct nls_table *codepage);
+char *smb_strndup_from_utf16(const char *src, const int maxlen,
+ const bool is_unicode,
+ const struct nls_table *codepage);
+extern int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
+ const struct nls_table *cp, int mapchars);
+extern char *extract_sharename(char *treename);
+#endif
+
+wchar_t cifs_toupper(wchar_t in);
+
+/*
+ * UniStrcat: Concatenate the second string to the first
+ *
+ * Returns:
+ * Address of the first string
+ */
+ static inline wchar_t *
+UniStrcat(wchar_t *ucs1, const wchar_t *ucs2)
+{
+ wchar_t *anchor = ucs1; /* save a pointer to start of ucs1 */
+
+ while (*ucs1++)
+ /*NULL*/; /* To end of first string */
+ ucs1--; /* Return to the null */
+ while ((*ucs1++ = *ucs2++))
+ /*NULL*/; /* copy string 2 over */
+ return anchor;
+}
+
+/*
+ * UniStrchr: Find a character in a string
+ *
+ * Returns:
+ * Address of first occurrence of character in string
+ * or NULL if the character is not in the string
+ */
+ static inline wchar_t *
+UniStrchr(const wchar_t *ucs, wchar_t uc)
+{
+ while ((*ucs != uc) && *ucs)
+ ucs++;
+
+ if (*ucs == uc)
+ return (wchar_t *) ucs;
+ return NULL;
+}
+
+/*
+ * UniStrcmp: Compare two strings
+ *
+ * Returns:
+ * < 0: First string is less than second
+ * = 0: Strings are equal
+ * > 0: First string is greater than second
+ */
+ static inline int
+UniStrcmp(const wchar_t *ucs1, const wchar_t *ucs2)
+{
+ while ((*ucs1 == *ucs2) && *ucs1) {
+ ucs1++;
+ ucs2++;
+ }
+ return (int) *ucs1 - (int) *ucs2;
+}
+
+/*
+ * UniStrcpy: Copy a string
+ */
+ static inline wchar_t *
+UniStrcpy(wchar_t *ucs1, const wchar_t *ucs2)
+{
+ wchar_t *anchor = ucs1; /* save the start of result string */
+
+ while ((*ucs1++ = *ucs2++))
+ /*NULL*/;
+ return anchor;
+}
+
+/*
+ * UniStrlen: Return the length of a string (in 16 bit Unicode chars not bytes)
+ */
+ static inline size_t
+UniStrlen(const wchar_t *ucs1)
+{
+ int i = 0;
+
+ while (*ucs1++)
+ i++;
+ return i;
+}
+
+/*
+ * UniStrnlen: Return the length (in 16 bit Unicode chars not bytes) of a
+ * string (length limited)
+ */
+ static inline size_t
+UniStrnlen(const wchar_t *ucs1, int maxlen)
+{
+ int i = 0;
+
+ while (*ucs1++) {
+ i++;
+ if (i >= maxlen)
+ break;
+ }
+ return i;
+}
+
+/*
+ * UniStrncat: Concatenate length limited string
+ */
+ static inline wchar_t *
+UniStrncat(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+{
+ wchar_t *anchor = ucs1; /* save pointer to string 1 */
+
+ while (*ucs1++)
+ /*NULL*/;
+ ucs1--; /* point to null terminator of s1 */
+ while (n-- && (*ucs1 = *ucs2)) { /* copy s2 after s1 */
+ ucs1++;
+ ucs2++;
+ }
+ *ucs1 = 0; /* Null terminate the result */
+ return anchor;
+}
+
+/*
+ * UniStrncmp: Compare length limited string
+ */
+ static inline int
+UniStrncmp(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+{
+ if (!n)
+ return 0; /* Null strings are equal */
+ while ((*ucs1 == *ucs2) && *ucs1 && --n) {
+ ucs1++;
+ ucs2++;
+ }
+ return (int) *ucs1 - (int) *ucs2;
+}
+
+/*
+ * UniStrncmp_le: Compare length limited string - native to little-endian
+ */
+ static inline int
+UniStrncmp_le(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+{
+ if (!n)
+ return 0; /* Null strings are equal */
+ while ((*ucs1 == __le16_to_cpu(*ucs2)) && *ucs1 && --n) {
+ ucs1++;
+ ucs2++;
+ }
+ return (int) *ucs1 - (int) __le16_to_cpu(*ucs2);
+}
+
+/*
+ * UniStrncpy: Copy length limited string with pad
+ */
+ static inline wchar_t *
+UniStrncpy(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+{
+ wchar_t *anchor = ucs1;
+
+ while (n-- && *ucs2) /* Copy the strings */
+ *ucs1++ = *ucs2++;
+
+ n++;
+ while (n--) /* Pad with nulls */
+ *ucs1++ = 0;
+ return anchor;
+}
+
+/*
+ * UniStrncpy_le: Copy length limited string with pad to little-endian
+ */
+ static inline wchar_t *
+UniStrncpy_le(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+{
+ wchar_t *anchor = ucs1;
+
+ while (n-- && *ucs2) /* Copy the strings */
+ *ucs1++ = __le16_to_cpu(*ucs2++);
+
+ n++;
+ while (n--) /* Pad with nulls */
+ *ucs1++ = 0;
+ return anchor;
+}
+
+/*
+ * UniStrstr: Find a string in a string
+ *
+ * Returns:
+ * Address of first match found
+ * NULL if no matching string is found
+ */
+ static inline wchar_t *
+UniStrstr(const wchar_t *ucs1, const wchar_t *ucs2)
+{
+ const wchar_t *anchor1 = ucs1;
+ const wchar_t *anchor2 = ucs2;
+
+ while (*ucs1) {
+ if (*ucs1 == *ucs2) {
+ /* Partial match found */
+ ucs1++;
+ ucs2++;
+ } else {
+ if (!*ucs2) /* Match found */
+ return (wchar_t *) anchor1;
+ ucs1 = ++anchor1; /* No match */
+ ucs2 = anchor2;
+ }
+ }
+
+ if (!*ucs2) /* Both end together */
+ return (wchar_t *) anchor1; /* Match found */
+ return NULL; /* No match */
+}
+
+#ifndef UNIUPR_NOUPPER
+/*
+ * UniToupper: Convert a unicode character to upper case
+ */
+ static inline wchar_t
+UniToupper(register wchar_t uc)
+{
+ register const struct UniCaseRange *rp;
+
+ if (uc < sizeof(SmbUniUpperTable)) {
+ /* Latin characters */
+ return uc + SmbUniUpperTable[uc]; /* Use base tables */
+ }
+
+ rp = SmbUniUpperRange; /* Use range tables */
+ while (rp->start) {
+ if (uc < rp->start) /* Before start of range */
+ return uc; /* Uppercase = input */
+ if (uc <= rp->end) /* In range */
+ return uc + rp->table[uc - rp->start];
+ rp++; /* Try next range */
+ }
+ return uc; /* Past last range */
+}
+
+/*
+ * UniStrupr: Upper case a unicode string
+ */
+ static inline __le16 *
+UniStrupr(register __le16 *upin)
+{
+ register __le16 *up;
+
+ up = upin;
+ while (*up) { /* For all characters */
+ *up = cpu_to_le16(UniToupper(le16_to_cpu(*up)));
+ up++;
+ }
+ return upin; /* Return input pointer */
+}
+#endif /* UNIUPR_NOUPPER */
+
+#ifndef UNIUPR_NOLOWER
+/*
+ * UniTolower: Convert a unicode character to lower case
+ */
+ static inline wchar_t
+UniTolower(register wchar_t uc)
+{
+ register const struct UniCaseRange *rp;
+
+ if (uc < sizeof(CifsUniLowerTable)) {
+ /* Latin characters */
+ return uc + CifsUniLowerTable[uc]; /* Use base tables */
+ }
+
+ rp = CifsUniLowerRange; /* Use range tables */
+ while (rp->start) {
+ if (uc < rp->start) /* Before start of range */
+ return uc; /* Uppercase = input */
+ if (uc <= rp->end) /* In range */
+ return uc + rp->table[uc - rp->start];
+ rp++; /* Try next range */
+ }
+ return uc; /* Past last range */
+}
+
+/*
+ * UniStrlwr: Lower case a unicode string
+ */
+ static inline wchar_t *
+UniStrlwr(register wchar_t *upin)
+{
+ register wchar_t *up;
+
+ up = upin;
+ while (*up) { /* For all characters */
+ *up = UniTolower(*up);
+ up++;
+ }
+ return upin; /* Return input pointer */
+}
+
+#endif
+
+#endif /* _CIFS_UNICODE_H */
diff --git a/fs/cifsd/uniupr.h b/fs/cifsd/uniupr.h
new file mode 100644
index 000000000000..26583b776897
--- /dev/null
+++ b/fs/cifsd/uniupr.h
@@ -0,0 +1,268 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Some of the source code in this file came from fs/cifs/uniupr.h
+ * Copyright (c) International Business Machines Corp., 2000,2002
+ *
+ * uniupr.h - Unicode compressed case ranges
+ *
+ */
+#ifndef __KSMBD_UNIUPR_H
+#define __KSMBD_UNIUPR_H
+
+#ifndef UNIUPR_NOUPPER
+/*
+ * Latin upper case
+ */
+signed char SmbUniUpperTable[512] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 000-00f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 010-01f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 020-02f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 030-03f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 040-04f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 050-05f */
+ 0, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+ -32, -32, -32, -32, -32, /* 060-06f */
+ -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+ -32, 0, 0, 0, 0, 0, /* 070-07f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 080-08f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 090-09f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0a0-0af */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0b0-0bf */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0c0-0cf */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0d0-0df */
+ -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+ -32, -32, -32, -32, -32, -32, /* 0e0-0ef */
+ -32, -32, -32, -32, -32, -32, -32, 0, -32, -32,
+ -32, -32, -32, -32, -32, 121, /* 0f0-0ff */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 100-10f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 110-11f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 120-12f */
+ 0, 0, 0, -1, 0, -1, 0, -1, 0, 0, -1, 0, -1, 0, -1, 0, /* 130-13f */
+ -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, 0, -1, 0, -1, 0, -1, /* 140-14f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 150-15f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 160-16f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, 0, -1, 0, -1, 0, -1, 0, /* 170-17f */
+ 0, 0, 0, -1, 0, -1, 0, 0, -1, 0, 0, 0, -1, 0, 0, 0, /* 180-18f */
+ 0, 0, -1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, /* 190-19f */
+ 0, -1, 0, -1, 0, -1, 0, 0, -1, 0, 0, 0, 0, -1, 0, 0, /* 1a0-1af */
+ -1, 0, 0, 0, -1, 0, -1, 0, 0, -1, 0, 0, 0, -1, 0, 0, /* 1b0-1bf */
+ 0, 0, 0, 0, 0, -1, -2, 0, -1, -2, 0, -1, -2, 0, -1, 0, /* 1c0-1cf */
+ -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, -79, 0, -1, /* 1d0-1df */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e0-1ef */
+ 0, 0, -1, -2, 0, -1, 0, 0, 0, -1, 0, -1, 0, -1, 0, -1, /* 1f0-1ff */
+};
+
+/* Upper case range - Greek */
+static signed char UniCaseRangeU03a0[47] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -38, -37, -37, -37, /* 3a0-3af */
+ 0, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+ -32, -32, -32, -32, /* 3b0-3bf */
+ -32, -32, -31, -32, -32, -32, -32, -32, -32, -32, -32, -32, -64,
+ -63, -63,
+};
+
+/* Upper case range - Cyrillic */
+static signed char UniCaseRangeU0430[48] = {
+ -32, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+ -32, -32, -32, -32, /* 430-43f */
+ -32, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+ -32, -32, -32, -32, /* 440-44f */
+ 0, -80, -80, -80, -80, -80, -80, -80, -80, -80, -80,
+ -80, -80, 0, -80, -80, /* 450-45f */
+};
+
+/* Upper case range - Extended cyrillic */
+static signed char UniCaseRangeU0490[61] = {
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 490-49f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 4a0-4af */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 4b0-4bf */
+ 0, 0, -1, 0, -1, 0, 0, 0, -1, 0, 0, 0, -1,
+};
+
+/* Upper case range - Extended latin and greek */
+static signed char UniCaseRangeU1e00[509] = {
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e00-1e0f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e10-1e1f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e20-1e2f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e30-1e3f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e40-1e4f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e50-1e5f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e60-1e6f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e70-1e7f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e80-1e8f */
+ 0, -1, 0, -1, 0, -1, 0, 0, 0, 0, 0, -59, 0, -1, 0, -1, /* 1e90-1e9f */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1ea0-1eaf */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1eb0-1ebf */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1ec0-1ecf */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1ed0-1edf */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1ee0-1eef */
+ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, 0, 0, 0, 0, 0, /* 1ef0-1eff */
+ 8, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f00-1f0f */
+ 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f10-1f1f */
+ 8, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f20-1f2f */
+ 8, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f30-1f3f */
+ 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f40-1f4f */
+ 0, 8, 0, 8, 0, 8, 0, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f50-1f5f */
+ 8, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f60-1f6f */
+ 74, 74, 86, 86, 86, 86, 100, 100, 0, 0, 112, 112,
+ 126, 126, 0, 0, /* 1f70-1f7f */
+ 8, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f80-1f8f */
+ 8, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f90-1f9f */
+ 8, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, /* 1fa0-1faf */
+ 8, 8, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1fb0-1fbf */
+ 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1fc0-1fcf */
+ 8, 8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1fd0-1fdf */
+ 8, 8, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1fe0-1fef */
+ 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+};
+
+/* Upper case range - Wide latin */
+static signed char UniCaseRangeUff40[27] = {
+ 0, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+ -32, -32, -32, -32, -32, /* ff40-ff4f */
+ -32, -32, -32, -32, -32, -32, -32, -32, -32, -32, -32,
+};
+
+/*
+ * Upper Case Range
+ */
+const struct UniCaseRange SmbUniUpperRange[] = {
+ {0x03a0, 0x03ce, UniCaseRangeU03a0},
+ {0x0430, 0x045f, UniCaseRangeU0430},
+ {0x0490, 0x04cc, UniCaseRangeU0490},
+ {0x1e00, 0x1ffc, UniCaseRangeU1e00},
+ {0xff40, 0xff5a, UniCaseRangeUff40},
+ {0}
+};
+#endif
+
+#ifndef UNIUPR_NOLOWER
+/*
+ * Latin lower case
+ */
+signed char CifsUniLowerTable[512] = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 000-00f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 010-01f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 020-02f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 030-03f */
+ 0, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+ 32, 32, 32, /* 040-04f */
+ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 0, 0,
+ 0, 0, 0, /* 050-05f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 060-06f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 070-07f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 080-08f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 090-09f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0a0-0af */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0b0-0bf */
+ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+ 32, 32, 32, 32, /* 0c0-0cf */
+ 32, 32, 32, 32, 32, 32, 32, 0, 32, 32, 32, 32,
+ 32, 32, 32, 0, /* 0d0-0df */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0e0-0ef */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0f0-0ff */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 100-10f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 110-11f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 120-12f */
+ 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, /* 130-13f */
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, /* 140-14f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 150-15f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 160-16f */
+ 1, 0, 1, 0, 1, 0, 1, 0, -121, 1, 0, 1, 0, 1, 0,
+ 0, /* 170-17f */
+ 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 79,
+ 0, /* 180-18f */
+ 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, /* 190-19f */
+ 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, /* 1a0-1af */
+ 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, /* 1b0-1bf */
+ 0, 0, 0, 0, 2, 1, 0, 2, 1, 0, 2, 1, 0, 1, 0, 1, /* 1c0-1cf */
+ 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, /* 1d0-1df */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e0-1ef */
+ 0, 2, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1f0-1ff */
+};
+
+/* Lower case range - Greek */
+static signed char UniCaseRangeL0380[44] = {
+ 0, 0, 0, 0, 0, 0, 38, 0, 37, 37, 37, 0, 64, 0, 63, 63, /* 380-38f */
+ 0, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+ 32, 32, 32, /* 390-39f */
+ 32, 32, 0, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+};
+
+/* Lower case range - Cyrillic */
+static signed char UniCaseRangeL0400[48] = {
+ 0, 80, 80, 80, 80, 80, 80, 80, 80, 80, 80, 80, 80,
+ 0, 80, 80, /* 400-40f */
+ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+ 32, 32, 32, /* 410-41f */
+ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+ 32, 32, 32, /* 420-42f */
+};
+
+/* Lower case range - Extended cyrillic */
+static signed char UniCaseRangeL0490[60] = {
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 490-49f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 4a0-4af */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 4b0-4bf */
+ 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1,
+};
+
+/* Lower case range - Extended latin and greek */
+static signed char UniCaseRangeL1e00[504] = {
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e00-1e0f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e10-1e1f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e20-1e2f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e30-1e3f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e40-1e4f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e50-1e5f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e60-1e6f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e70-1e7f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1e80-1e8f */
+ 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, /* 1e90-1e9f */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1ea0-1eaf */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1eb0-1ebf */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1ec0-1ecf */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1ed0-1edf */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, /* 1ee0-1eef */
+ 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, /* 1ef0-1eff */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, -8, -8, /* 1f00-1f0f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, 0, 0, /* 1f10-1f1f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, -8, -8, /* 1f20-1f2f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, -8, -8, /* 1f30-1f3f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, 0, 0, /* 1f40-1f4f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, -8, 0, -8, 0, -8, 0, -8, /* 1f50-1f5f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, -8, -8, /* 1f60-1f6f */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 1f70-1f7f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, -8, -8, /* 1f80-1f8f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, -8, -8, /* 1f90-1f9f */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -8, -8, -8, -8, -8, -8, /* 1fa0-1faf */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -74, -74, -9, 0, 0, 0, /* 1fb0-1fbf */
+ 0, 0, 0, 0, 0, 0, 0, 0, -86, -86, -86, -86, -9, 0,
+ 0, 0, /* 1fc0-1fcf */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -100, -100, 0, 0, 0, 0, /* 1fd0-1fdf */
+ 0, 0, 0, 0, 0, 0, 0, 0, -8, -8, -112, -112, -7, 0,
+ 0, 0, /* 1fe0-1fef */
+ 0, 0, 0, 0, 0, 0, 0, 0,
+};
+
+/* Lower case range - Wide latin */
+static signed char UniCaseRangeLff20[27] = {
+ 0, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+ 32, /* ff20-ff2f */
+ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32,
+};
+
+/*
+ * Lower Case Range
+ */
+const struct UniCaseRange CifsUniLowerRange[] = {
+ {0x0380, 0x03ab, UniCaseRangeL0380},
+ {0x0400, 0x042f, UniCaseRangeL0400},
+ {0x0490, 0x04cb, UniCaseRangeL0490},
+ {0x1e00, 0x1ff7, UniCaseRangeL1e00},
+ {0xff20, 0xff3a, UniCaseRangeLff20},
+ {0}
+};
+#endif
+
+#endif /* __KSMBD_UNIUPR_H */
From patchwork Mon Nov 14 12:48:32 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183099
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:12 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:12 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:12 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 003/308] cifsd: add file operations
Date: Mon, 14 Nov 2022 20:48:32 +0800
Message-ID: <20221114125337.1831594-4-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7b8cc0f0-ecb7-4957-b523-08dac63c415c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.8511994
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit f44158485826c076335d6860d35872271a83791d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f44158485826
-------------------------------
This adds file operations and buffer pool for cifsd.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Acked-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/buffer_pool.c | 292 ++++++
fs/cifsd/buffer_pool.h | 28 +
fs/cifsd/vfs.c | 1989 ++++++++++++++++++++++++++++++++++++++++
fs/cifsd/vfs.h | 314 +++++++
fs/cifsd/vfs_cache.c | 855 +++++++++++++++++
fs/cifsd/vfs_cache.h | 213 +++++
6 files changed, 3691 insertions(+)
create mode 100644 fs/cifsd/buffer_pool.c
create mode 100644 fs/cifsd/buffer_pool.h
create mode 100644 fs/cifsd/vfs.c
create mode 100644 fs/cifsd/vfs.h
create mode 100644 fs/cifsd/vfs_cache.c
create mode 100644 fs/cifsd/vfs_cache.h
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
new file mode 100644
index 000000000000..864fea547c68
--- /dev/null
+++ b/fs/cifsd/buffer_pool.c
@@ -0,0 +1,292 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/kernel.h>
+#include <linux/wait.h>
+#include <linux/sched.h>
+#include <linux/mm.h>
+#include <linux/slab.h>
+#include <linux/vmalloc.h>
+#include <linux/rwlock.h>
+
+#include "glob.h"
+#include "buffer_pool.h"
+#include "connection.h"
+#include "mgmt/ksmbd_ida.h"
+
+static struct kmem_cache *filp_cache;
+
+struct wm {
+ struct list_head list;
+ unsigned int sz;
+ char buffer[0];
+};
+
+struct wm_list {
+ struct list_head list;
+ unsigned int sz;
+
+ spinlock_t wm_lock;
+ int avail_wm;
+ struct list_head idle_wm;
+ wait_queue_head_t wm_wait;
+};
+
+static LIST_HEAD(wm_lists);
+static DEFINE_RWLOCK(wm_lists_lock);
+
+void *ksmbd_alloc(size_t size)
+{
+ return kvmalloc(size, GFP_KERNEL | __GFP_ZERO);
+}
+
+void ksmbd_free(void *ptr)
+{
+ kvfree(ptr);
+}
+
+static struct wm *wm_alloc(size_t sz, gfp_t flags)
+{
+ struct wm *wm;
+ size_t alloc_sz = sz + sizeof(struct wm);
+
+ wm = kvmalloc(alloc_sz, flags);
+ if (!wm)
+ return NULL;
+ wm->sz = sz;
+ return wm;
+}
+
+static int register_wm_size_class(size_t sz)
+{
+ struct wm_list *l, *nl;
+
+ nl = kvmalloc(sizeof(struct wm_list), GFP_KERNEL);
+ if (!nl)
+ return -ENOMEM;
+
+ nl->sz = sz;
+ spin_lock_init(&nl->wm_lock);
+ INIT_LIST_HEAD(&nl->idle_wm);
+ INIT_LIST_HEAD(&nl->list);
+ init_waitqueue_head(&nl->wm_wait);
+ nl->avail_wm = 0;
+
+ write_lock(&wm_lists_lock);
+ list_for_each_entry(l, &wm_lists, list) {
+ if (l->sz == sz) {
+ write_unlock(&wm_lists_lock);
+ kvfree(nl);
+ return 0;
+ }
+ }
+
+ list_add(&nl->list, &wm_lists);
+ write_unlock(&wm_lists_lock);
+ return 0;
+}
+
+static struct wm_list *match_wm_list(size_t size)
+{
+ struct wm_list *l, *rl = NULL;
+
+ read_lock(&wm_lists_lock);
+ list_for_each_entry(l, &wm_lists, list) {
+ if (l->sz == size) {
+ rl = l;
+ break;
+ }
+ }
+ read_unlock(&wm_lists_lock);
+ return rl;
+}
+
+static struct wm *find_wm(size_t size)
+{
+ struct wm_list *wm_list;
+ struct wm *wm;
+
+ wm_list = match_wm_list(size);
+ if (!wm_list) {
+ if (register_wm_size_class(size))
+ return NULL;
+ wm_list = match_wm_list(size);
+ }
+
+ if (!wm_list)
+ return NULL;
+
+ while (1) {
+ spin_lock(&wm_list->wm_lock);
+ if (!list_empty(&wm_list->idle_wm)) {
+ wm = list_entry(wm_list->idle_wm.next,
+ struct wm,
+ list);
+ list_del(&wm->list);
+ spin_unlock(&wm_list->wm_lock);
+ return wm;
+ }
+
+ if (wm_list->avail_wm > num_online_cpus()) {
+ spin_unlock(&wm_list->wm_lock);
+ wait_event(wm_list->wm_wait,
+ !list_empty(&wm_list->idle_wm));
+ continue;
+ }
+
+ wm_list->avail_wm++;
+ spin_unlock(&wm_list->wm_lock);
+
+ wm = wm_alloc(size, GFP_KERNEL);
+ if (!wm) {
+ spin_lock(&wm_list->wm_lock);
+ wm_list->avail_wm--;
+ spin_unlock(&wm_list->wm_lock);
+ wait_event(wm_list->wm_wait,
+ !list_empty(&wm_list->idle_wm));
+ continue;
+ }
+ break;
+ }
+
+ return wm;
+}
+
+static void release_wm(struct wm *wm, struct wm_list *wm_list)
+{
+ if (!wm)
+ return;
+
+ spin_lock(&wm_list->wm_lock);
+ if (wm_list->avail_wm <= num_online_cpus()) {
+ list_add(&wm->list, &wm_list->idle_wm);
+ spin_unlock(&wm_list->wm_lock);
+ wake_up(&wm_list->wm_wait);
+ return;
+ }
+
+ wm_list->avail_wm--;
+ spin_unlock(&wm_list->wm_lock);
+ ksmbd_free(wm);
+}
+
+static void wm_list_free(struct wm_list *l)
+{
+ struct wm *wm;
+
+ while (!list_empty(&l->idle_wm)) {
+ wm = list_entry(l->idle_wm.next, struct wm, list);
+ list_del(&wm->list);
+ kvfree(wm);
+ }
+ kvfree(l);
+}
+
+static void wm_lists_destroy(void)
+{
+ struct wm_list *l;
+
+ while (!list_empty(&wm_lists)) {
+ l = list_entry(wm_lists.next, struct wm_list, list);
+ list_del(&l->list);
+ wm_list_free(l);
+ }
+}
+
+void ksmbd_free_request(void *addr)
+{
+ kvfree(addr);
+}
+
+void *ksmbd_alloc_request(size_t size)
+{
+ return kvmalloc(size, GFP_KERNEL);
+}
+
+void ksmbd_free_response(void *buffer)
+{
+ kvfree(buffer);
+}
+
+void *ksmbd_alloc_response(size_t size)
+{
+ return kvmalloc(size, GFP_KERNEL | __GFP_ZERO);
+}
+
+void *ksmbd_find_buffer(size_t size)
+{
+ struct wm *wm;
+
+ wm = find_wm(size);
+
+ WARN_ON(!wm);
+ if (wm)
+ return wm->buffer;
+ return NULL;
+}
+
+void ksmbd_release_buffer(void *buffer)
+{
+ struct wm_list *wm_list;
+ struct wm *wm;
+
+ if (!buffer)
+ return;
+
+ wm = container_of(buffer, struct wm, buffer);
+ wm_list = match_wm_list(wm->sz);
+ WARN_ON(!wm_list);
+ if (wm_list)
+ release_wm(wm, wm_list);
+}
+
+void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz)
+{
+ size_t sz = min(old_sz, new_sz);
+ void *nptr;
+
+ nptr = ksmbd_alloc_response(new_sz);
+ if (!nptr)
+ return ptr;
+ memcpy(nptr, ptr, sz);
+ ksmbd_free_response(ptr);
+ return nptr;
+}
+
+void ksmbd_free_file_struct(void *filp)
+{
+ kmem_cache_free(filp_cache, filp);
+}
+
+void *ksmbd_alloc_file_struct(void)
+{
+ return kmem_cache_zalloc(filp_cache, GFP_KERNEL);
+}
+
+void ksmbd_destroy_buffer_pools(void)
+{
+ wm_lists_destroy();
+ ksmbd_work_pool_destroy();
+ kmem_cache_destroy(filp_cache);
+}
+
+int ksmbd_init_buffer_pools(void)
+{
+ if (ksmbd_work_pool_init())
+ goto out;
+
+ filp_cache = kmem_cache_create("ksmbd_file_cache",
+ sizeof(struct ksmbd_file), 0,
+ SLAB_HWCACHE_ALIGN, NULL);
+ if (!filp_cache)
+ goto out;
+
+ return 0;
+
+out:
+ ksmbd_err("failed to allocate memory\n");
+ ksmbd_destroy_buffer_pools();
+ return -ENOMEM;
+}
diff --git a/fs/cifsd/buffer_pool.h b/fs/cifsd/buffer_pool.h
new file mode 100644
index 000000000000..2b3d03afcf27
--- /dev/null
+++ b/fs/cifsd/buffer_pool.h
@@ -0,0 +1,28 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_BUFFER_POOL_H__
+#define __KSMBD_BUFFER_POOL_H__
+
+void *ksmbd_find_buffer(size_t size);
+void ksmbd_release_buffer(void *buffer);
+
+void *ksmbd_alloc(size_t size);
+void ksmbd_free(void *ptr);
+
+void ksmbd_free_request(void *addr);
+void *ksmbd_alloc_request(size_t size);
+void ksmbd_free_response(void *buffer);
+void *ksmbd_alloc_response(size_t size);
+
+void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz);
+
+void ksmbd_free_file_struct(void *filp);
+void *ksmbd_alloc_file_struct(void);
+
+void ksmbd_destroy_buffer_pools(void);
+int ksmbd_init_buffer_pools(void);
+
+#endif /* __KSMBD_BUFFER_POOL_H__ */
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
new file mode 100644
index 000000000000..00f80ca45690
--- /dev/null
+++ b/fs/cifsd/vfs.c
@@ -0,0 +1,1989 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/kernel.h>
+#include <linux/fs.h>
+#include <linux/uaccess.h>
+#include <linux/backing-dev.h>
+#include <linux/writeback.h>
+#include <linux/version.h>
+#include <linux/xattr.h>
+#include <linux/falloc.h>
+#include <linux/genhd.h>
+#include <linux/blkdev.h>
+#include <linux/fsnotify.h>
+#include <linux/dcache.h>
+#include <linux/slab.h>
+#include <linux/vmalloc.h>
+#include <linux/sched/xacct.h>
+#include <linux/crc32c.h>
+
+#include "glob.h"
+#include "oplock.h"
+#include "connection.h"
+#include "buffer_pool.h"
+#include "vfs.h"
+#include "vfs_cache.h"
+#include "smbacl.h"
+#include "ndr.h"
+#include "auth.h"
+
+#include "time_wrappers.h"
+#include "smb_common.h"
+#include "mgmt/share_config.h"
+#include "mgmt/tree_connect.h"
+#include "mgmt/user_session.h"
+#include "mgmt/user_config.h"
+
+static char *extract_last_component(char *path)
+{
+ char *p = strrchr(path, '/');
+
+ if (p && p[1] != '\0') {
+ *p = '\0';
+ p++;
+ } else {
+ p = NULL;
+ ksmbd_err("Invalid path %s\n", path);
+ }
+ return p;
+}
+
+static void rollback_path_modification(char *filename)
+{
+ if (filename) {
+ filename--;
+ *filename = '/';
+ }
+}
+
+static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
+ struct inode *parent_inode,
+ struct inode *inode)
+{
+ if (!test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_INHERIT_OWNER))
+ return;
+
+ i_uid_write(inode, i_uid_read(parent_inode));
+}
+
+static void ksmbd_vfs_inherit_smack(struct ksmbd_work *work,
+ struct dentry *dir_dentry,
+ struct dentry *dentry)
+{
+ char *name, *xattr_list = NULL, *smack_buf;
+ int value_len, xattr_list_len;
+
+ if (!test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_INHERIT_SMACK))
+ return;
+
+ xattr_list_len = ksmbd_vfs_listxattr(dir_dentry, &xattr_list);
+ if (xattr_list_len < 0) {
+ goto out;
+ } else if (!xattr_list_len) {
+ ksmbd_err("no ea data in the file\n");
+ return;
+ }
+
+ for (name = xattr_list; name - xattr_list < xattr_list_len;
+ name += strlen(name) + 1) {
+ int rc;
+
+ ksmbd_debug(VFS, "%s, len %zd\n", name, strlen(name));
+ if (strcmp(name, XATTR_NAME_SMACK))
+ continue;
+
+ value_len = ksmbd_vfs_getxattr(dir_dentry, name, &smack_buf);
+ if (value_len <= 0)
+ continue;
+
+ rc = ksmbd_vfs_setxattr(dentry, XATTR_NAME_SMACK, smack_buf,
+ value_len, 0);
+ ksmbd_free(smack_buf);
+ if (rc < 0)
+ ksmbd_err("ksmbd_vfs_setxattr() failed: %d\n", rc);
+ }
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+}
+
+int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
+{
+ int mask;
+
+ mask = 0;
+ acc_mode &= O_ACCMODE;
+
+ if (acc_mode == O_RDONLY)
+ mask = MAY_READ;
+ else if (acc_mode == O_WRONLY)
+ mask = MAY_WRITE;
+ else if (acc_mode == O_RDWR)
+ mask = MAY_READ | MAY_WRITE;
+
+ if (inode_permission(&init_user_ns, d_inode(dentry), mask | MAY_OPEN))
+ return -EACCES;
+
+ if (delete) {
+ struct dentry *parent;
+
+ parent = dget_parent(dentry);
+ if (!parent)
+ return -EINVAL;
+
+ if (inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE)) {
+ dput(parent);
+ return -EACCES;
+ }
+ dput(parent);
+ }
+ return 0;
+}
+
+int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
+{
+ struct dentry *parent;
+
+ *daccess = cpu_to_le32(FILE_READ_ATTRIBUTES | READ_CONTROL);
+
+ if (!inode_permission(&init_user_ns, d_inode(dentry), MAY_OPEN | MAY_WRITE))
+ *daccess |= cpu_to_le32(WRITE_DAC | WRITE_OWNER | SYNCHRONIZE |
+ FILE_WRITE_DATA | FILE_APPEND_DATA |
+ FILE_WRITE_EA | FILE_WRITE_ATTRIBUTES |
+ FILE_DELETE_CHILD);
+
+ if (!inode_permission(&init_user_ns, d_inode(dentry), MAY_OPEN | MAY_READ))
+ *daccess |= FILE_READ_DATA_LE | FILE_READ_EA_LE;
+
+ if (!inode_permission(&init_user_ns, d_inode(dentry), MAY_OPEN | MAY_EXEC))
+ *daccess |= FILE_EXECUTE_LE;
+
+ parent = dget_parent(dentry);
+ if (!parent)
+ return 0;
+
+ if (!inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE))
+ *daccess |= FILE_DELETE_LE;
+ dput(parent);
+ return 0;
+}
+
+
+/**
+ * ksmbd_vfs_create() - vfs helper for smb create file
+ * @work: work
+ * @name: file name
+ * @mode: file create mode
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_create(struct ksmbd_work *work,
+ const char *name,
+ umode_t mode)
+{
+ struct path path;
+ struct dentry *dentry;
+ int err;
+
+ dentry = kern_path_create(AT_FDCWD, name, &path, 0);
+ if (IS_ERR(dentry)) {
+ err = PTR_ERR(dentry);
+ if (err != -ENOENT)
+ ksmbd_err("path create failed for %s, err %d\n",
+ name, err);
+ return err;
+ }
+
+ mode |= S_IFREG;
+ err = vfs_create(&init_user_ns, d_inode(path.dentry), dentry, mode, true);
+ if (!err) {
+ ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
+ d_inode(dentry));
+ ksmbd_vfs_inherit_smack(work, path.dentry, dentry);
+ } else {
+ ksmbd_err("File(%s): creation failed (err:%d)\n", name, err);
+ }
+ done_path_create(&path, dentry);
+ return err;
+}
+
+/**
+ * ksmbd_vfs_mkdir() - vfs helper for smb create directory
+ * @work: work
+ * @name: directory name
+ * @mode: directory create mode
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_mkdir(struct ksmbd_work *work,
+ const char *name,
+ umode_t mode)
+{
+ struct path path;
+ struct dentry *dentry;
+ int err;
+
+ dentry = kern_path_create(AT_FDCWD, name, &path, LOOKUP_DIRECTORY);
+ if (IS_ERR(dentry)) {
+ err = PTR_ERR(dentry);
+ if (err != -EEXIST)
+ ksmbd_debug(VFS, "path create failed for %s, err %d\n",
+ name, err);
+ return err;
+ }
+
+ mode |= S_IFDIR;
+ err = vfs_mkdir(&init_user_ns, d_inode(path.dentry), dentry, mode);
+ if (!err) {
+ ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
+ d_inode(dentry));
+ ksmbd_vfs_inherit_smack(work, path.dentry, dentry);
+ } else
+ ksmbd_err("mkdir(%s): creation failed (err:%d)\n", name, err);
+
+ done_path_create(&path, dentry);
+ return err;
+}
+
+static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry,
+ char *attr_name,
+ int attr_name_len,
+ char **attr_value)
+{
+ char *name, *xattr_list = NULL;
+ ssize_t value_len = -ENOENT, xattr_list_len;
+
+ xattr_list_len = ksmbd_vfs_listxattr(dentry, &xattr_list);
+ if (xattr_list_len <= 0)
+ goto out;
+
+ for (name = xattr_list; name - xattr_list < xattr_list_len;
+ name += strlen(name) + 1) {
+ ksmbd_debug(VFS, "%s, len %zd\n", name, strlen(name));
+ if (strncasecmp(attr_name, name, attr_name_len))
+ continue;
+
+ value_len = ksmbd_vfs_getxattr(dentry,
+ name,
+ attr_value);
+ if (value_len < 0)
+ ksmbd_err("failed to get xattr in file\n");
+ break;
+ }
+
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+ return value_len;
+}
+
+static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
+ size_t count)
+{
+ ssize_t v_len;
+ char *stream_buf = NULL;
+ int err;
+
+ ksmbd_debug(VFS, "read stream data pos : %llu, count : %zd\n",
+ *pos, count);
+
+ v_len = ksmbd_vfs_getcasexattr(fp->filp->f_path.dentry,
+ fp->stream.name,
+ fp->stream.size,
+ &stream_buf);
+ if (v_len == -ENOENT) {
+ ksmbd_err("not found stream in xattr : %zd\n", v_len);
+ err = -ENOENT;
+ return err;
+ }
+
+ memcpy(buf, &stream_buf[*pos], count);
+ return v_len > count ? count : v_len;
+}
+
+/**
+ * check_lock_range() - vfs helper for smb byte range file locking
+ * @filp: the file to apply the lock to
+ * @start: lock start byte offset
+ * @end: lock end byte offset
+ * @type: byte range type read/write
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int check_lock_range(struct file *filp,
+ loff_t start,
+ loff_t end,
+ unsigned char type)
+{
+ struct file_lock *flock;
+ struct file_lock_context *ctx = file_inode(filp)->i_flctx;
+ int error = 0;
+
+ if (!ctx || list_empty_careful(&ctx->flc_posix))
+ return 0;
+
+ spin_lock(&ctx->flc_lock);
+ list_for_each_entry(flock, &ctx->flc_posix, fl_list) {
+ /* check conflict locks */
+ if (flock->fl_end >= start && end >= flock->fl_start) {
+ if (flock->fl_type == F_RDLCK) {
+ if (type == WRITE) {
+ ksmbd_err("not allow write by shared lock\n");
+ error = 1;
+ goto out;
+ }
+ } else if (flock->fl_type == F_WRLCK) {
+ /* check owner in lock */
+ if (flock->fl_file != filp) {
+ error = 1;
+ ksmbd_err("not allow rw access by exclusive lock from other opens\n");
+ goto out;
+ }
+ }
+ }
+ }
+out:
+ spin_unlock(&ctx->flc_lock);
+ return error;
+}
+
+/**
+ * ksmbd_vfs_read() - vfs helper for smb file read
+ * @work: smb work
+ * @fid: file id of open file
+ * @count: read byte count
+ * @pos: file pos
+ *
+ * Return: number of read bytes on success, otherwise error
+ */
+int ksmbd_vfs_read(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ size_t count,
+ loff_t *pos)
+{
+ struct file *filp;
+ ssize_t nbytes = 0;
+ char *rbuf, *name;
+ struct inode *inode;
+ char namebuf[NAME_MAX];
+ int ret;
+
+ rbuf = AUX_PAYLOAD(work);
+ filp = fp->filp;
+ inode = d_inode(filp->f_path.dentry);
+ if (S_ISDIR(inode->i_mode))
+ return -EISDIR;
+
+ if (unlikely(count == 0))
+ return 0;
+
+ if (work->conn->connection_type) {
+ if (!(fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) {
+ ksmbd_err("no right to read(%s)\n", FP_FILENAME(fp));
+ return -EACCES;
+ }
+ }
+
+ if (ksmbd_stream_fd(fp))
+ return ksmbd_vfs_stream_read(fp, rbuf, pos, count);
+
+ ret = check_lock_range(filp, *pos, *pos + count - 1,
+ READ);
+ if (ret) {
+ ksmbd_err("unable to read due to lock\n");
+ return -EAGAIN;
+ }
+
+ nbytes = kernel_read(filp, rbuf, count, pos);
+ if (nbytes < 0) {
+ name = d_path(&filp->f_path, namebuf, sizeof(namebuf));
+ if (IS_ERR(name))
+ name = "(error)";
+ ksmbd_err("smb read failed for (%s), err = %zd\n",
+ name, nbytes);
+ return nbytes;
+ }
+
+ filp->f_pos = *pos;
+ return nbytes;
+}
+
+static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
+ size_t count)
+{
+ char *stream_buf = NULL, *wbuf;
+ size_t size, v_len;
+ int err = 0;
+
+ ksmbd_debug(VFS, "write stream data pos : %llu, count : %zd\n",
+ *pos, count);
+
+ size = *pos + count;
+ if (size > XATTR_SIZE_MAX) {
+ size = XATTR_SIZE_MAX;
+ count = (*pos + count) - XATTR_SIZE_MAX;
+ }
+
+ v_len = ksmbd_vfs_getcasexattr(fp->filp->f_path.dentry,
+ fp->stream.name,
+ fp->stream.size,
+ &stream_buf);
+ if (v_len == -ENOENT) {
+ ksmbd_err("not found stream in xattr : %zd\n", v_len);
+ err = -ENOENT;
+ goto out;
+ }
+
+ if (v_len < size) {
+ wbuf = ksmbd_alloc(size);
+ if (!wbuf) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ if (v_len > 0)
+ memcpy(wbuf, stream_buf, v_len);
+ stream_buf = wbuf;
+ }
+
+ memcpy(&stream_buf[*pos], buf, count);
+
+ err = ksmbd_vfs_setxattr(fp->filp->f_path.dentry,
+ fp->stream.name,
+ (void *)stream_buf,
+ size,
+ 0);
+ if (err < 0)
+ goto out;
+
+ fp->filp->f_pos = *pos;
+ err = 0;
+out:
+ ksmbd_free(stream_buf);
+ return err;
+}
+
+/**
+ * ksmbd_vfs_write() - vfs helper for smb file write
+ * @work: work
+ * @fid: file id of open file
+ * @buf: buf containing data for writing
+ * @count: read byte count
+ * @pos: file pos
+ * @sync: fsync after write
+ * @written: number of bytes written
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
+ char *buf, size_t count, loff_t *pos, bool sync, ssize_t *written)
+{
+ struct ksmbd_session *sess = work->sess;
+ struct file *filp;
+ loff_t offset = *pos;
+ int err = 0;
+
+ if (sess->conn->connection_type) {
+ if (!(fp->daccess & FILE_WRITE_DATA_LE)) {
+ ksmbd_err("no right to write(%s)\n", FP_FILENAME(fp));
+ err = -EACCES;
+ goto out;
+ }
+ }
+
+ filp = fp->filp;
+
+ if (ksmbd_stream_fd(fp)) {
+ err = ksmbd_vfs_stream_write(fp, buf, pos, count);
+ if (!err)
+ *written = count;
+ goto out;
+ }
+
+ err = check_lock_range(filp, *pos, *pos + count - 1, WRITE);
+ if (err) {
+ ksmbd_err("unable to write due to lock\n");
+ err = -EAGAIN;
+ goto out;
+ }
+
+ /* Do we need to break any of a levelII oplock? */
+ smb_break_all_levII_oplock(work, fp, 1);
+
+ err = kernel_write(filp, buf, count, pos);
+ if (err < 0) {
+ ksmbd_debug(VFS, "smb write failed, err = %d\n", err);
+ goto out;
+ }
+
+ filp->f_pos = *pos;
+ *written = err;
+ err = 0;
+ if (sync) {
+ err = vfs_fsync_range(filp, offset, offset + *written, 0);
+ if (err < 0)
+ ksmbd_err("fsync failed for filename = %s, err = %d\n",
+ FP_FILENAME(fp), err);
+ }
+
+out:
+ return err;
+}
+
+/**
+ * ksmbd_vfs_getattr() - vfs helper for smb getattr
+ * @work: work
+ * @fid: file id of open file
+ * @attrs: inode attributes
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_getattr(struct path *path, struct kstat *stat)
+{
+ int err;
+
+ err = vfs_getattr(path, stat, STATX_BTIME, AT_STATX_SYNC_AS_STAT);
+ if (err)
+ ksmbd_err("getattr failed, err %d\n", err);
+ return err;
+}
+
+/**
+ * ksmbd_vfs_fsync() - vfs helper for smb fsync
+ * @work: work
+ * @fid: file id of open file
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_fsync(struct ksmbd_work *work, uint64_t fid, uint64_t p_id)
+{
+ struct ksmbd_file *fp;
+ int err;
+
+ fp = ksmbd_lookup_fd_slow(work, fid, p_id);
+ if (!fp) {
+ ksmbd_err("failed to get filp for fid %llu\n", fid);
+ return -ENOENT;
+ }
+ err = vfs_fsync(fp->filp, 0);
+ if (err < 0)
+ ksmbd_err("smb fsync failed, err = %d\n", err);
+ ksmbd_fd_put(work, fp);
+ return err;
+}
+
+/**
+ * ksmbd_vfs_remove_file() - vfs helper for smb rmdir or unlink
+ * @name: absolute directory or file name
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
+{
+ struct path parent;
+ struct dentry *dir, *dentry;
+ char *last;
+ int err = -ENOENT;
+
+ last = extract_last_component(name);
+ if (!last)
+ return -ENOENT;
+
+ if (ksmbd_override_fsids(work))
+ return -ENOMEM;
+
+ err = kern_path(name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &parent);
+ if (err) {
+ ksmbd_debug(VFS, "can't get %s, err %d\n", name, err);
+ ksmbd_revert_fsids(work);
+ rollback_path_modification(last);
+ return err;
+ }
+
+ dir = parent.dentry;
+ if (!d_inode(dir))
+ goto out;
+
+ inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
+ dentry = lookup_one_len(last, dir, strlen(last));
+ if (IS_ERR(dentry)) {
+ err = PTR_ERR(dentry);
+ ksmbd_debug(VFS, "%s: lookup failed, err %d\n", last, err);
+ goto out_err;
+ }
+
+ if (!d_inode(dentry) || !d_inode(dentry)->i_nlink) {
+ dput(dentry);
+ err = -ENOENT;
+ goto out_err;
+ }
+
+ if (S_ISDIR(d_inode(dentry)->i_mode)) {
+ err = vfs_rmdir(&init_user_ns, d_inode(dir), dentry);
+ if (err && err != -ENOTEMPTY)
+ ksmbd_debug(VFS, "%s: rmdir failed, err %d\n", name,
+ err);
+ } else {
+ err = vfs_unlink(&init_user_ns, d_inode(dir), dentry, NULL);
+ if (err)
+ ksmbd_debug(VFS, "%s: unlink failed, err %d\n", name,
+ err);
+ }
+
+ dput(dentry);
+out_err:
+ inode_unlock(d_inode(dir));
+out:
+ rollback_path_modification(last);
+ path_put(&parent);
+ ksmbd_revert_fsids(work);
+ return err;
+}
+
+/**
+ * ksmbd_vfs_link() - vfs helper for creating smb hardlink
+ * @oldname: source file name
+ * @newname: hardlink name
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_link(struct ksmbd_work *work,
+ const char *oldname, const char *newname)
+{
+ struct path oldpath, newpath;
+ struct dentry *dentry;
+ int err;
+
+ if (ksmbd_override_fsids(work))
+ return -ENOMEM;
+
+ err = kern_path(oldname, LOOKUP_FOLLOW, &oldpath);
+ if (err) {
+ ksmbd_err("cannot get linux path for %s, err = %d\n",
+ oldname, err);
+ goto out1;
+ }
+
+ dentry = kern_path_create(AT_FDCWD, newname, &newpath,
+ LOOKUP_FOLLOW | LOOKUP_REVAL);
+ if (IS_ERR(dentry)) {
+ err = PTR_ERR(dentry);
+ ksmbd_err("path create err for %s, err %d\n", newname, err);
+ goto out2;
+ }
+
+ err = -EXDEV;
+ if (oldpath.mnt != newpath.mnt) {
+ ksmbd_err("vfs_link failed err %d\n", err);
+ goto out3;
+ }
+
+ err = vfs_link(oldpath.dentry, &init_user_ns, d_inode(newpath.dentry),
+ dentry, NULL);
+ if (err)
+ ksmbd_debug(VFS, "vfs_link failed err %d\n", err);
+
+out3:
+ done_path_create(&newpath, dentry);
+out2:
+ path_put(&oldpath);
+out1:
+ ksmbd_revert_fsids(work);
+ return err;
+}
+
+static int __ksmbd_vfs_rename(struct ksmbd_work *work,
+ struct dentry *src_dent_parent,
+ struct dentry *src_dent,
+ struct dentry *dst_dent_parent,
+ struct dentry *trap_dent,
+ char *dst_name)
+{
+ struct dentry *dst_dent;
+ int err;
+
+ spin_lock(&src_dent->d_lock);
+ list_for_each_entry(dst_dent, &src_dent->d_subdirs, d_child) {
+ struct ksmbd_file *child_fp;
+
+ if (d_really_is_negative(dst_dent))
+ continue;
+
+ child_fp = ksmbd_lookup_fd_inode(d_inode(dst_dent));
+ if (child_fp) {
+ spin_unlock(&src_dent->d_lock);
+ ksmbd_debug(VFS, "Forbid rename, sub file/dir is in use\n");
+ return -EACCES;
+ }
+ }
+ spin_unlock(&src_dent->d_lock);
+
+ if (d_really_is_negative(src_dent_parent))
+ return -ENOENT;
+ if (d_really_is_negative(dst_dent_parent))
+ return -ENOENT;
+ if (d_really_is_negative(src_dent))
+ return -ENOENT;
+ if (src_dent == trap_dent)
+ return -EINVAL;
+
+ if (ksmbd_override_fsids(work))
+ return -ENOMEM;
+
+ dst_dent = lookup_one_len(dst_name, dst_dent_parent, strlen(dst_name));
+ err = PTR_ERR(dst_dent);
+ if (IS_ERR(dst_dent)) {
+ ksmbd_err("lookup failed %s [%d]\n", dst_name, err);
+ goto out;
+ }
+
+ err = -ENOTEMPTY;
+ if (dst_dent != trap_dent && !d_really_is_positive(dst_dent)) {
+ struct renamedata rd = {
+ .old_mnt_userns = &init_user_ns,
+ .old_dir = d_inode(src_dent_parent),
+ .old_dentry = src_dent,
+ .new_mnt_userns = &init_user_ns,
+ .new_dir = d_inode(dst_dent_parent),
+ .new_dentry = dst_dent,
+ };
+ err = vfs_rename(&rd);
+ }
+ if (err)
+ ksmbd_err("vfs_rename failed err %d\n", err);
+ if (dst_dent)
+ dput(dst_dent);
+out:
+ ksmbd_revert_fsids(work);
+ return err;
+}
+
+int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
+ char *newname)
+{
+ struct path dst_path;
+ struct dentry *src_dent_parent, *dst_dent_parent;
+ struct dentry *src_dent, *trap_dent;
+ char *dst_name;
+ int err;
+
+ dst_name = extract_last_component(newname);
+ if (!dst_name)
+ return -EINVAL;
+
+ src_dent_parent = dget_parent(fp->filp->f_path.dentry);
+ if (!src_dent_parent)
+ return -EINVAL;
+
+ src_dent = fp->filp->f_path.dentry;
+ dget(src_dent);
+
+ err = kern_path(newname, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &dst_path);
+ if (err) {
+ ksmbd_debug(VFS, "Cannot get path for %s [%d]\n", newname, err);
+ goto out;
+ }
+ dst_dent_parent = dst_path.dentry;
+ dget(dst_dent_parent);
+
+ trap_dent = lock_rename(src_dent_parent, dst_dent_parent);
+ err = __ksmbd_vfs_rename(work,
+ src_dent_parent,
+ src_dent,
+ dst_dent_parent,
+ trap_dent,
+ dst_name);
+ unlock_rename(src_dent_parent, dst_dent_parent);
+ dput(dst_dent_parent);
+ path_put(&dst_path);
+out:
+ dput(src_dent);
+ dput(src_dent_parent);
+ return err;
+}
+
+/**
+ * ksmbd_vfs_truncate() - vfs helper for smb file truncate
+ * @work: work
+ * @name: old filename
+ * @fid: file id of old file
+ * @size: truncate to given size
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
+ struct ksmbd_file *fp, loff_t size)
+{
+ struct path path;
+ int err = 0;
+ struct inode *inode;
+
+ if (name) {
+ err = kern_path(name, 0, &path);
+ if (err) {
+ ksmbd_err("cannot get linux path for %s, err %d\n",
+ name, err);
+ return err;
+ }
+ err = vfs_truncate(&path, size);
+ if (err)
+ ksmbd_err("truncate failed for %s err %d\n",
+ name, err);
+ path_put(&path);
+ } else {
+ struct file *filp;
+
+ filp = fp->filp;
+
+ /* Do we need to break any of a levelII oplock? */
+ smb_break_all_levII_oplock(work, fp, 1);
+
+ inode = file_inode(filp);
+ if (size < inode->i_size) {
+ err = check_lock_range(filp, size,
+ inode->i_size - 1, WRITE);
+ } else {
+ err = check_lock_range(filp, inode->i_size,
+ size - 1, WRITE);
+ }
+
+ if (err) {
+ ksmbd_err("failed due to lock\n");
+ return -EAGAIN;
+ }
+
+ err = vfs_truncate(&filp->f_path, size);
+ if (err)
+ ksmbd_err("truncate failed for filename : %s err %d\n",
+ fp->filename, err);
+ }
+
+ return err;
+}
+
+/**
+ * ksmbd_vfs_listxattr() - vfs helper for smb list extended attributes
+ * @dentry: dentry of file for listing xattrs
+ * @list: destination buffer
+ * @size: destination buffer length
+ *
+ * Return: xattr list length on success, otherwise error
+ */
+ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list)
+{
+ ssize_t size;
+ char *vlist = NULL;
+
+ size = vfs_listxattr(dentry, NULL, 0);
+ if (size <= 0)
+ return size;
+
+ vlist = ksmbd_alloc(size);
+ if (!vlist)
+ return -ENOMEM;
+
+ *list = vlist;
+ size = vfs_listxattr(dentry, vlist, size);
+ if (size < 0) {
+ ksmbd_debug(VFS, "listxattr failed\n");
+ ksmbd_vfs_xattr_free(vlist);
+ *list = NULL;
+ }
+
+ return size;
+}
+
+static ssize_t ksmbd_vfs_xattr_len(struct dentry *dentry,
+ char *xattr_name)
+{
+ return vfs_getxattr(&init_user_ns, dentry, xattr_name, NULL, 0);
+}
+
+/**
+ * ksmbd_vfs_getxattr() - vfs helper for smb get extended attributes value
+ * @dentry: dentry of file for getting xattrs
+ * @xattr_name: name of xattr name to query
+ * @xattr_buf: destination buffer xattr value
+ *
+ * Return: read xattr value length on success, otherwise error
+ */
+ssize_t ksmbd_vfs_getxattr(struct dentry *dentry,
+ char *xattr_name,
+ char **xattr_buf)
+{
+ ssize_t xattr_len;
+ char *buf;
+
+ *xattr_buf = NULL;
+ xattr_len = ksmbd_vfs_xattr_len(dentry, xattr_name);
+ if (xattr_len < 0)
+ return xattr_len;
+
+ buf = kmalloc(xattr_len + 1, GFP_KERNEL);
+ if (!buf)
+ return -ENOMEM;
+
+ xattr_len = vfs_getxattr(&init_user_ns, dentry, xattr_name, (void *)buf,
+ xattr_len);
+ if (xattr_len > 0)
+ *xattr_buf = buf;
+ else
+ kfree(buf);
+ return xattr_len;
+}
+
+/**
+ * ksmbd_vfs_setxattr() - vfs helper for smb set extended attributes value
+ * @dentry: dentry to set XATTR at
+ * @name: xattr name for setxattr
+ * @value: xattr value to set
+ * @size: size of xattr value
+ * @flags: destination buffer length
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_setxattr(struct dentry *dentry,
+ const char *attr_name,
+ const void *attr_value,
+ size_t attr_size,
+ int flags)
+{
+ int err;
+
+ err = vfs_setxattr(&init_user_ns, dentry,
+ attr_name,
+ attr_value,
+ attr_size,
+ flags);
+ if (err)
+ ksmbd_debug(VFS, "setxattr failed, err %d\n", err);
+ return err;
+}
+
+/**
+ * ksmbd_vfs_set_fadvise() - convert smb IO caching options to linux options
+ * @filp: file pointer for IO
+ * @options: smb IO options
+ */
+void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option)
+{
+ struct address_space *mapping;
+
+ mapping = filp->f_mapping;
+
+ if (!option || !mapping)
+ return;
+
+ if (option & FILE_WRITE_THROUGH_LE)
+ filp->f_flags |= O_SYNC;
+ else if (option & FILE_SEQUENTIAL_ONLY_LE) {
+ filp->f_ra.ra_pages = inode_to_bdi(mapping->host)->ra_pages * 2;
+ spin_lock(&filp->f_lock);
+ filp->f_mode &= ~FMODE_RANDOM;
+ spin_unlock(&filp->f_lock);
+ } else if (option & FILE_RANDOM_ACCESS_LE) {
+ spin_lock(&filp->f_lock);
+ filp->f_mode |= FMODE_RANDOM;
+ spin_unlock(&filp->f_lock);
+ }
+}
+
+/**
+ * ksmbd_vfs_lock() - vfs helper for smb file locking
+ * @filp: the file to apply the lock to
+ * @cmd: type of locking operation (F_SETLK, F_GETLK, etc.)
+ * @flock: The lock to be applied
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_lock(struct file *filp, int cmd,
+ struct file_lock *flock)
+{
+ ksmbd_debug(VFS, "calling vfs_lock_file\n");
+ return vfs_lock_file(filp, cmd, flock, NULL);
+}
+
+int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata)
+{
+ return iterate_dir(file, &rdata->ctx);
+}
+
+int ksmbd_vfs_alloc_size(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ loff_t len)
+{
+ smb_break_all_levII_oplock(work, fp, 1);
+ return vfs_fallocate(fp->filp, FALLOC_FL_KEEP_SIZE, 0, len);
+}
+
+int ksmbd_vfs_zero_data(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ loff_t off,
+ loff_t len)
+{
+ smb_break_all_levII_oplock(work, fp, 1);
+ if (fp->f_ci->m_fattr & ATTR_SPARSE_FILE_LE)
+ return vfs_fallocate(fp->filp,
+ FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE, off, len);
+
+ return vfs_fallocate(fp->filp, FALLOC_FL_ZERO_RANGE, off, len);
+}
+
+int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
+ struct file_allocated_range_buffer *ranges,
+ int in_count, int *out_count)
+{
+ struct file *f = fp->filp;
+ struct inode *inode = FP_INODE(fp);
+ loff_t maxbytes = (u64)inode->i_sb->s_maxbytes, end;
+ loff_t extent_start, extent_end;
+ int ret = 0;
+
+ if (start > maxbytes)
+ return -EFBIG;
+
+ if (!in_count)
+ return 0;
+
+ /*
+ * Shrink request scope to what the fs can actually handle.
+ */
+ if (length > maxbytes || (maxbytes - length) < start)
+ length = maxbytes - start;
+
+ if (start + length > inode->i_size)
+ length = inode->i_size - start;
+
+ *out_count = 0;
+ end = start + length;
+ while (start < end && *out_count < in_count) {
+ extent_start = f->f_op->llseek(f, start, SEEK_DATA);
+ if (extent_start < 0) {
+ if (extent_start != -ENXIO)
+ ret = (int)extent_start;
+ break;
+ }
+
+ if (extent_start >= end)
+ break;
+
+ extent_end = f->f_op->llseek(f, extent_start, SEEK_HOLE);
+ if (extent_end < 0) {
+ if (extent_end != -ENXIO)
+ ret = (int)extent_end;
+ break;
+ } else if (extent_start >= extent_end)
+ break;
+
+ ranges[*out_count].file_offset = cpu_to_le64(extent_start);
+ ranges[(*out_count)++].length =
+ cpu_to_le64(min(extent_end, end) - extent_start);
+
+ start = extent_end;
+ }
+
+ return ret;
+}
+
+int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name)
+{
+ return vfs_removexattr(&init_user_ns, dentry, attr_name);
+}
+
+void ksmbd_vfs_xattr_free(char *xattr)
+{
+ ksmbd_free(xattr);
+}
+
+int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
+{
+ int err = 0;
+
+ dget(dentry);
+ inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
+ if (!d_inode(dentry) || !d_inode(dentry)->i_nlink) {
+ err = -ENOENT;
+ goto out;
+ }
+
+ if (S_ISDIR(d_inode(dentry)->i_mode))
+ err = vfs_rmdir(&init_user_ns, d_inode(dir), dentry);
+ else
+ err = vfs_unlink(&init_user_ns, d_inode(dir), dentry, NULL);
+
+out:
+ inode_unlock(d_inode(dir));
+ dput(dentry);
+ if (err)
+ ksmbd_debug(VFS, "failed to delete, err %d\n", err);
+
+ return err;
+}
+
+/*
+ * ksmbd_vfs_get_logical_sector_size() - get logical sector size from inode
+ * @inode: inode
+ *
+ * Return: logical sector size
+ */
+unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode)
+{
+ struct request_queue *q;
+ unsigned short ret_val = 512;
+
+ if (!inode->i_sb->s_bdev)
+ return ret_val;
+
+ q = inode->i_sb->s_bdev->bd_disk->queue;
+
+ if (q && q->limits.logical_block_size)
+ ret_val = q->limits.logical_block_size;
+
+ return ret_val;
+}
+
+/*
+ * ksmbd_vfs_get_smb2_sector_size() - get fs sector sizes
+ * @inode: inode
+ * @fs_ss: fs sector size struct
+ */
+void ksmbd_vfs_smb2_sector_size(struct inode *inode,
+ struct ksmbd_fs_sector_size *fs_ss)
+{
+ struct request_queue *q;
+
+ fs_ss->logical_sector_size = 512;
+ fs_ss->physical_sector_size = 512;
+ fs_ss->optimal_io_size = 512;
+
+ if (!inode->i_sb->s_bdev)
+ return;
+
+ q = inode->i_sb->s_bdev->bd_disk->queue;
+
+ if (q) {
+ if (q->limits.logical_block_size)
+ fs_ss->logical_sector_size =
+ q->limits.logical_block_size;
+ if (q->limits.physical_block_size)
+ fs_ss->physical_sector_size =
+ q->limits.physical_block_size;
+ if (q->limits.io_opt)
+ fs_ss->optimal_io_size = q->limits.io_opt;
+ }
+}
+
+static int __dir_empty(struct dir_context *ctx,
+ const char *name,
+ int namlen,
+ loff_t offset,
+ u64 ino,
+ unsigned int d_type)
+{
+ struct ksmbd_readdir_data *buf;
+
+ buf = container_of(ctx, struct ksmbd_readdir_data, ctx);
+ buf->dirent_count++;
+
+ if (buf->dirent_count > 2)
+ return -ENOTEMPTY;
+ return 0;
+}
+
+/**
+ * ksmbd_vfs_empty_dir() - check for empty directory
+ * @fp: ksmbd file pointer
+ *
+ * Return: true if directory empty, otherwise false
+ */
+int ksmbd_vfs_empty_dir(struct ksmbd_file *fp)
+{
+ int err;
+ struct ksmbd_readdir_data readdir_data;
+
+ memset(&readdir_data, 0, sizeof(struct ksmbd_readdir_data));
+
+ set_ctx_actor(&readdir_data.ctx, __dir_empty);
+ readdir_data.dirent_count = 0;
+
+ err = ksmbd_vfs_readdir(fp->filp, &readdir_data);
+ if (readdir_data.dirent_count > 2)
+ err = -ENOTEMPTY;
+ else
+ err = 0;
+ return err;
+}
+
+static int __caseless_lookup(struct dir_context *ctx,
+ const char *name,
+ int namlen,
+ loff_t offset,
+ u64 ino,
+ unsigned int d_type)
+{
+ struct ksmbd_readdir_data *buf;
+
+ buf = container_of(ctx, struct ksmbd_readdir_data, ctx);
+
+ if (buf->used != namlen)
+ return 0;
+ if (!strncasecmp((char *)buf->private, name, namlen)) {
+ memcpy((char *)buf->private, name, namlen);
+ buf->dirent_count = 1;
+ return -EEXIST;
+ }
+ return 0;
+}
+
+/**
+ * ksmbd_vfs_lookup_in_dir() - lookup a file in a directory
+ * @dirname: directory name
+ * @filename: filename to lookup
+ *
+ * Return: 0 on success, otherwise error
+ */
+static int ksmbd_vfs_lookup_in_dir(char *dirname, char *filename)
+{
+ struct path dir_path;
+ int ret;
+ struct file *dfilp;
+ int flags = O_RDONLY|O_LARGEFILE;
+ int dirnamelen = strlen(dirname);
+ struct ksmbd_readdir_data readdir_data = {
+ .ctx.actor = __caseless_lookup,
+ .private = filename,
+ .used = strlen(filename),
+ };
+
+ ret = ksmbd_vfs_kern_path(dirname, 0, &dir_path, true);
+ if (ret)
+ goto error;
+
+ dfilp = dentry_open(&dir_path, flags, current_cred());
+ if (IS_ERR(dfilp)) {
+ path_put(&dir_path);
+ ksmbd_err("cannot open directory %s\n", dirname);
+ ret = -EINVAL;
+ goto error;
+ }
+
+ ret = ksmbd_vfs_readdir(dfilp, &readdir_data);
+ if (readdir_data.dirent_count > 0)
+ ret = 0;
+
+ fput(dfilp);
+ path_put(&dir_path);
+error:
+ dirname[dirnamelen] = '/';
+ return ret;
+}
+
+/**
+ * ksmbd_vfs_kern_path() - lookup a file and get path info
+ * @name: name of file for lookup
+ * @flags: lookup flags
+ * @path: if lookup succeed, return path info
+ * @caseless: caseless filename lookup
+ *
+ * Return: 0 on success, otherwise error
+ */
+int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
+ bool caseless)
+{
+ char *filename = NULL;
+ int err;
+
+ err = kern_path(name, flags, path);
+ if (!err)
+ return err;
+
+ if (caseless) {
+ filename = extract_last_component(name);
+ if (!filename)
+ goto out;
+
+ /* root reached */
+ if (strlen(name) == 0)
+ goto out;
+
+ err = ksmbd_vfs_lookup_in_dir(name, filename);
+ if (err)
+ goto out;
+ err = kern_path(name, flags, path);
+ }
+
+out:
+ rollback_path_modification(filename);
+ return err;
+}
+
+int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry)
+{
+ char *name, *xattr_list = NULL;
+ ssize_t xattr_list_len;
+ int err = 0;
+
+ xattr_list_len = ksmbd_vfs_listxattr(dentry, &xattr_list);
+ if (xattr_list_len < 0) {
+ goto out;
+ } else if (!xattr_list_len) {
+ ksmbd_debug(SMB, "empty xattr in the file\n");
+ goto out;
+ }
+
+ for (name = xattr_list; name - xattr_list < xattr_list_len;
+ name += strlen(name) + 1) {
+ ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name));
+
+ if (!strncmp(name, XATTR_NAME_POSIX_ACL_ACCESS,
+ sizeof(XATTR_NAME_POSIX_ACL_ACCESS)-1) ||
+ !strncmp(name, XATTR_NAME_POSIX_ACL_DEFAULT,
+ sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)-1)) {
+ err = ksmbd_vfs_remove_xattr(dentry, name);
+ if (err)
+ ksmbd_debug(SMB,
+ "remove acl xattr failed : %s\n", name);
+ }
+ }
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+ return err;
+}
+
+int ksmbd_vfs_remove_sd_xattrs(struct dentry *dentry)
+{
+ char *name, *xattr_list = NULL;
+ ssize_t xattr_list_len;
+ int err = 0;
+
+ xattr_list_len = ksmbd_vfs_listxattr(dentry, &xattr_list);
+ if (xattr_list_len < 0) {
+ goto out;
+ } else if (!xattr_list_len) {
+ ksmbd_debug(SMB, "empty xattr in the file\n");
+ goto out;
+ }
+
+ for (name = xattr_list; name - xattr_list < xattr_list_len;
+ name += strlen(name) + 1) {
+ ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name));
+
+ if (!strncmp(name, XATTR_NAME_SD, XATTR_NAME_SD_LEN)) {
+ err = ksmbd_vfs_remove_xattr(dentry, name);
+ if (err)
+ ksmbd_debug(SMB, "remove xattr failed : %s\n", name);
+ }
+ }
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+ return err;
+}
+
+static struct xattr_smb_acl *ksmbd_vfs_make_xattr_posix_acl(struct inode *inode,
+ int acl_type)
+{
+ struct xattr_smb_acl *smb_acl = NULL;
+ struct posix_acl *posix_acls;
+ struct posix_acl_entry *pa_entry;
+ struct xattr_acl_entry *xa_entry;
+ int i;
+
+ posix_acls = ksmbd_vfs_get_acl(inode, acl_type);
+ if (!posix_acls)
+ return NULL;
+
+ smb_acl = kzalloc(sizeof(struct xattr_smb_acl) +
+ sizeof(struct xattr_acl_entry) * posix_acls->a_count,
+ GFP_KERNEL);
+ if (!smb_acl)
+ goto out;
+
+ smb_acl->count = posix_acls->a_count;
+ pa_entry = posix_acls->a_entries;
+ xa_entry = smb_acl->entries;
+ for (i = 0; i < posix_acls->a_count; i++, pa_entry++, xa_entry++) {
+ switch (pa_entry->e_tag) {
+ case ACL_USER:
+ xa_entry->type = SMB_ACL_USER;
+ xa_entry->uid = from_kuid(&init_user_ns, pa_entry->e_uid);
+ break;
+ case ACL_USER_OBJ:
+ xa_entry->type = SMB_ACL_USER_OBJ;
+ break;
+ case ACL_GROUP:
+ xa_entry->type = SMB_ACL_GROUP;
+ xa_entry->gid = from_kgid(&init_user_ns, pa_entry->e_gid);
+ break;
+ case ACL_GROUP_OBJ:
+ xa_entry->type = SMB_ACL_GROUP_OBJ;
+ break;
+ case ACL_OTHER:
+ xa_entry->type = SMB_ACL_OTHER;
+ break;
+ case ACL_MASK:
+ xa_entry->type = SMB_ACL_MASK;
+ break;
+ default:
+ ksmbd_err("unknown type : 0x%x\n", pa_entry->e_tag);
+ goto out;
+ }
+
+ if (pa_entry->e_perm & ACL_READ)
+ xa_entry->perm |= SMB_ACL_READ;
+ if (pa_entry->e_perm & ACL_WRITE)
+ xa_entry->perm |= SMB_ACL_WRITE;
+ if (pa_entry->e_perm & ACL_EXECUTE)
+ xa_entry->perm |= SMB_ACL_EXECUTE;
+ }
+out:
+ posix_acl_release(posix_acls);
+ return smb_acl;
+}
+
+int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
+ struct smb_ntsd *pntsd, int len)
+{
+ int rc;
+ struct ndr sd_ndr = {0}, acl_ndr = {0};
+ struct xattr_ntacl acl = {0};
+ struct xattr_smb_acl *smb_acl, *def_smb_acl = NULL;
+ struct inode *inode = dentry->d_inode;
+
+ acl.version = 4;
+ acl.hash_type = XATTR_SD_HASH_TYPE_SHA256;
+ acl.current_time = ksmbd_UnixTimeToNT(current_time(dentry->d_inode));
+
+ memcpy(acl.desc, "posix_acl", 9);
+ acl.desc_len = 10;
+
+ pntsd->osidoffset =
+ cpu_to_le32(le32_to_cpu(pntsd->osidoffset) + NDR_NTSD_OFFSETOF);
+ pntsd->gsidoffset =
+ cpu_to_le32(le32_to_cpu(pntsd->gsidoffset) + NDR_NTSD_OFFSETOF);
+ pntsd->dacloffset =
+ cpu_to_le32(le32_to_cpu(pntsd->dacloffset) + NDR_NTSD_OFFSETOF);
+
+ acl.sd_buf = (char *)pntsd;
+ acl.sd_size = len;
+
+ rc = ksmbd_gen_sd_hash(conn, acl.sd_buf, acl.sd_size, acl.hash);
+ if (rc) {
+ ksmbd_err("failed to generate hash for ndr acl\n");
+ return rc;
+ }
+
+ smb_acl = ksmbd_vfs_make_xattr_posix_acl(dentry->d_inode, ACL_TYPE_ACCESS);
+ if (S_ISDIR(inode->i_mode))
+ def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(dentry->d_inode,
+ ACL_TYPE_DEFAULT);
+
+ rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
+ if (rc) {
+ ksmbd_err("failed to encode ndr to posix acl\n");
+ goto out;
+ }
+
+ rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
+ acl.posix_acl_hash);
+ if (rc) {
+ ksmbd_err("failed to generate hash for ndr acl\n");
+ goto out;
+ }
+
+ rc = ndr_encode_v4_ntacl(&sd_ndr, &acl);
+ if (rc) {
+ ksmbd_err("failed to encode ndr to posix acl\n");
+ goto out;
+ }
+
+ rc = ksmbd_vfs_setxattr(dentry, XATTR_NAME_SD, sd_ndr.data,
+ sd_ndr.offset, 0);
+ if (rc < 0)
+ ksmbd_err("Failed to store XATTR ntacl :%d\n", rc);
+
+ kfree(sd_ndr.data);
+out:
+ kfree(acl_ndr.data);
+ kfree(smb_acl);
+ kfree(def_smb_acl);
+ return rc;
+}
+
+int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
+ struct smb_ntsd **pntsd)
+{
+ int rc;
+ struct ndr n;
+
+ rc = ksmbd_vfs_getxattr(dentry, XATTR_NAME_SD, &n.data);
+ if (rc > 0) {
+ struct inode *inode = dentry->d_inode;
+ struct ndr acl_ndr = {0};
+ struct xattr_ntacl acl;
+ struct xattr_smb_acl *smb_acl = NULL, *def_smb_acl = NULL;
+ __u8 cmp_hash[XATTR_SD_HASH_SIZE] = {0};
+
+ n.length = rc;
+ rc = ndr_decode_v4_ntacl(&n, &acl);
+ if (rc)
+ return rc;
+
+ smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
+ ACL_TYPE_ACCESS);
+ if (S_ISDIR(inode->i_mode))
+ def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
+ ACL_TYPE_DEFAULT);
+
+ rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
+ if (rc) {
+ ksmbd_err("failed to encode ndr to posix acl\n");
+ goto out;
+ }
+
+ rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
+ cmp_hash);
+ if (rc) {
+ ksmbd_err("failed to generate hash for ndr acl\n");
+ goto out;
+ }
+
+ if (memcmp(cmp_hash, acl.posix_acl_hash, XATTR_SD_HASH_SIZE)) {
+ ksmbd_err("hash value diff\n");
+ rc = -EINVAL;
+ goto out;
+ }
+
+ *pntsd = acl.sd_buf;
+ (*pntsd)->osidoffset =
+ cpu_to_le32(le32_to_cpu((*pntsd)->osidoffset) - NDR_NTSD_OFFSETOF);
+ (*pntsd)->gsidoffset =
+ cpu_to_le32(le32_to_cpu((*pntsd)->gsidoffset) - NDR_NTSD_OFFSETOF);
+ (*pntsd)->dacloffset =
+ cpu_to_le32(le32_to_cpu((*pntsd)->dacloffset) - NDR_NTSD_OFFSETOF);
+
+ rc = acl.sd_size;
+out:
+ kfree(n.data);
+ kfree(acl_ndr.data);
+ kfree(smb_acl);
+ kfree(def_smb_acl);
+ }
+
+ return rc;
+}
+
+int ksmbd_vfs_set_dos_attrib_xattr(struct dentry *dentry,
+ struct xattr_dos_attrib *da)
+{
+ struct ndr n;
+ int err;
+
+ err = ndr_encode_dos_attr(&n, da);
+ if (err)
+ return err;
+
+ err = ksmbd_vfs_setxattr(dentry,
+ XATTR_NAME_DOS_ATTRIBUTE,
+ (void *)n.data,
+ n.offset,
+ 0);
+ if (err)
+ ksmbd_debug(SMB, "failed to store dos attribute in xattr\n");
+ kfree(n.data);
+
+ return err;
+}
+
+int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
+ struct xattr_dos_attrib *da)
+{
+ struct ndr n;
+ int err;
+
+ err = ksmbd_vfs_getxattr(dentry,
+ XATTR_NAME_DOS_ATTRIBUTE,
+ (char **)&n.data);
+ if (err > 0) {
+ n.length = err;
+ if (ndr_decode_dos_attr(&n, da))
+ err = -EINVAL;
+ ksmbd_free(n.data);
+ } else
+ ksmbd_debug(SMB, "failed to load dos attribute in xattr\n");
+
+ return err;
+}
+
+struct posix_acl *ksmbd_vfs_posix_acl_alloc(int count, gfp_t flags)
+{
+#if IS_ENABLED(CONFIG_FS_POSIX_ACL)
+ return posix_acl_alloc(count, flags);
+#else
+ return NULL;
+#endif
+}
+
+struct posix_acl *ksmbd_vfs_get_acl(struct inode *inode, int type)
+{
+#if IS_ENABLED(CONFIG_FS_POSIX_ACL)
+ return get_acl(inode, type);
+#else
+ return NULL;
+#endif
+}
+
+int ksmbd_vfs_set_posix_acl(struct inode *inode, int type,
+ struct posix_acl *acl)
+{
+#if IS_ENABLED(CONFIG_FS_POSIX_ACL)
+ return set_posix_acl(&init_user_ns, inode, type, acl);
+#else
+ return -EOPNOTSUPP;
+#endif
+}
+
+/**
+ * ksmbd_vfs_init_kstat() - convert unix stat information to smb stat format
+ * @p: destination buffer
+ * @ksmbd_kstat: ksmbd kstat wrapper
+ */
+void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat)
+{
+ struct file_directory_info *info = (struct file_directory_info *)(*p);
+ struct kstat *kstat = ksmbd_kstat->kstat;
+ u64 time;
+
+ info->FileIndex = 0;
+ info->CreationTime = cpu_to_le64(ksmbd_kstat->create_time);
+ time = ksmbd_UnixTimeToNT(kstat->atime);
+ info->LastAccessTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(kstat->mtime);
+ info->LastWriteTime = cpu_to_le64(time);
+ time = ksmbd_UnixTimeToNT(kstat->ctime);
+ info->ChangeTime = cpu_to_le64(time);
+
+ if (ksmbd_kstat->file_attributes & ATTR_DIRECTORY_LE) {
+ info->EndOfFile = 0;
+ info->AllocationSize = 0;
+ } else {
+ info->EndOfFile = cpu_to_le64(kstat->size);
+ info->AllocationSize = cpu_to_le64(kstat->blocks << 9);
+ }
+ info->ExtFileAttributes = ksmbd_kstat->file_attributes;
+
+ return info;
+}
+
+int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work,
+ struct dentry *dentry,
+ struct ksmbd_kstat *ksmbd_kstat)
+{
+ u64 time;
+ int rc;
+
+ generic_fillattr(&init_user_ns, d_inode(dentry), ksmbd_kstat->kstat);
+
+ time = ksmbd_UnixTimeToNT(ksmbd_kstat->kstat->ctime);
+ ksmbd_kstat->create_time = time;
+
+ /*
+ * set default value for the case that store dos attributes is not yes
+ * or that acl is disable in server's filesystem and the config is yes.
+ */
+ if (S_ISDIR(ksmbd_kstat->kstat->mode))
+ ksmbd_kstat->file_attributes = ATTR_DIRECTORY_LE;
+ else
+ ksmbd_kstat->file_attributes = ATTR_ARCHIVE_LE;
+
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) {
+ struct xattr_dos_attrib da;
+
+ rc = ksmbd_vfs_get_dos_attrib_xattr(dentry, &da);
+ if (rc > 0) {
+ ksmbd_kstat->file_attributes = cpu_to_le32(da.attr);
+ ksmbd_kstat->create_time = da.create_time;
+ } else
+ ksmbd_debug(VFS, "fail to load dos attribute.\n");
+ }
+
+ return 0;
+}
+
+ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry,
+ char *attr_name,
+ int attr_name_len)
+{
+ char *name, *xattr_list = NULL;
+ ssize_t value_len = -ENOENT, xattr_list_len;
+
+ xattr_list_len = ksmbd_vfs_listxattr(dentry, &xattr_list);
+ if (xattr_list_len <= 0)
+ goto out;
+
+ for (name = xattr_list; name - xattr_list < xattr_list_len;
+ name += strlen(name) + 1) {
+ ksmbd_debug(VFS, "%s, len %zd\n", name, strlen(name));
+ if (strncasecmp(attr_name, name, attr_name_len))
+ continue;
+
+ value_len = ksmbd_vfs_xattr_len(dentry, name);
+ break;
+ }
+
+out:
+ ksmbd_vfs_xattr_free(xattr_list);
+ return value_len;
+}
+
+int ksmbd_vfs_xattr_stream_name(char *stream_name,
+ char **xattr_stream_name,
+ size_t *xattr_stream_name_size,
+ int s_type)
+{
+ int stream_name_size;
+ char *xattr_stream_name_buf;
+ char *type;
+ int type_len;
+
+ if (s_type == DIR_STREAM)
+ type = ":$INDEX_ALLOCATION";
+ else
+ type = ":$DATA";
+
+ type_len = strlen(type);
+ stream_name_size = strlen(stream_name);
+ *xattr_stream_name_size = stream_name_size + XATTR_NAME_STREAM_LEN + 1;
+ xattr_stream_name_buf = kmalloc(*xattr_stream_name_size + type_len,
+ GFP_KERNEL);
+ if (!xattr_stream_name_buf)
+ return -ENOMEM;
+
+ memcpy(xattr_stream_name_buf,
+ XATTR_NAME_STREAM,
+ XATTR_NAME_STREAM_LEN);
+
+ if (stream_name_size) {
+ memcpy(&xattr_stream_name_buf[XATTR_NAME_STREAM_LEN],
+ stream_name,
+ stream_name_size);
+ }
+ memcpy(&xattr_stream_name_buf[*xattr_stream_name_size - 1], type, type_len);
+ *xattr_stream_name_size += type_len;
+
+ xattr_stream_name_buf[*xattr_stream_name_size - 1] = '\0';
+ *xattr_stream_name = xattr_stream_name_buf;
+
+ return 0;
+}
+
+static int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
+ struct file *file_out, loff_t pos_out,
+ size_t len)
+{
+ struct inode *inode_in = file_inode(file_in);
+ struct inode *inode_out = file_inode(file_out);
+ int ret;
+
+ ret = vfs_copy_file_range(file_in, pos_in, file_out, pos_out, len, 0);
+ /* do splice for the copy between different file systems */
+ if (ret != -EXDEV)
+ return ret;
+
+ if (S_ISDIR(inode_in->i_mode) || S_ISDIR(inode_out->i_mode))
+ return -EISDIR;
+ if (!S_ISREG(inode_in->i_mode) || !S_ISREG(inode_out->i_mode))
+ return -EINVAL;
+
+ if (!(file_in->f_mode & FMODE_READ) ||
+ !(file_out->f_mode & FMODE_WRITE))
+ return -EBADF;
+
+ if (len == 0)
+ return 0;
+
+ file_start_write(file_out);
+
+ /*
+ * skip the verification of the range of data. it will be done
+ * in do_splice_direct
+ */
+ ret = do_splice_direct(file_in, &pos_in, file_out, &pos_out,
+ len > MAX_RW_COUNT ? MAX_RW_COUNT : len, 0);
+ if (ret > 0) {
+ fsnotify_access(file_in);
+ add_rchar(current, ret);
+ fsnotify_modify(file_out);
+ add_wchar(current, ret);
+ }
+
+ inc_syscr(current);
+ inc_syscw(current);
+
+ file_end_write(file_out);
+ return ret;
+}
+
+int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
+ struct ksmbd_file *src_fp,
+ struct ksmbd_file *dst_fp,
+ struct srv_copychunk *chunks,
+ unsigned int chunk_count,
+ unsigned int *chunk_count_written,
+ unsigned int *chunk_size_written,
+ loff_t *total_size_written)
+{
+ unsigned int i;
+ loff_t src_off, dst_off, src_file_size;
+ size_t len;
+ int ret;
+
+ *chunk_count_written = 0;
+ *chunk_size_written = 0;
+ *total_size_written = 0;
+
+ if (!(src_fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) {
+ ksmbd_err("no right to read(%s)\n", FP_FILENAME(src_fp));
+ return -EACCES;
+ }
+ if (!(dst_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE))) {
+ ksmbd_err("no right to write(%s)\n", FP_FILENAME(dst_fp));
+ return -EACCES;
+ }
+
+ if (ksmbd_stream_fd(src_fp) || ksmbd_stream_fd(dst_fp))
+ return -EBADF;
+
+ smb_break_all_levII_oplock(work, dst_fp, 1);
+
+ for (i = 0; i < chunk_count; i++) {
+ src_off = le64_to_cpu(chunks[i].SourceOffset);
+ dst_off = le64_to_cpu(chunks[i].TargetOffset);
+ len = le32_to_cpu(chunks[i].Length);
+
+ if (check_lock_range(src_fp->filp, src_off,
+ src_off + len - 1, READ))
+ return -EAGAIN;
+ if (check_lock_range(dst_fp->filp, dst_off,
+ dst_off + len - 1, WRITE))
+ return -EAGAIN;
+ }
+
+ src_file_size = i_size_read(file_inode(src_fp->filp));
+
+ for (i = 0; i < chunk_count; i++) {
+ src_off = le64_to_cpu(chunks[i].SourceOffset);
+ dst_off = le64_to_cpu(chunks[i].TargetOffset);
+ len = le32_to_cpu(chunks[i].Length);
+
+ if (src_off + len > src_file_size)
+ return -E2BIG;
+
+ ret = ksmbd_vfs_copy_file_range(src_fp->filp, src_off,
+ dst_fp->filp, dst_off, len);
+ if (ret < 0)
+ return ret;
+
+ *chunk_count_written += 1;
+ *total_size_written += ret;
+ }
+ return 0;
+}
+
+int ksmbd_vfs_posix_lock_wait(struct file_lock *flock)
+{
+ return wait_event_interruptible(flock->fl_wait, !flock->fl_blocker);
+}
+
+int ksmbd_vfs_posix_lock_wait_timeout(struct file_lock *flock, long timeout)
+{
+ return wait_event_interruptible_timeout(flock->fl_wait,
+ !flock->fl_blocker,
+ timeout);
+}
+
+void ksmbd_vfs_posix_lock_unblock(struct file_lock *flock)
+{
+ locks_delete_block(flock);
+}
+
+int ksmbd_vfs_set_init_posix_acl(struct inode *inode)
+{
+ struct posix_acl_state acl_state;
+ struct posix_acl *acls;
+ int rc;
+
+ ksmbd_debug(SMB, "Set posix acls\n");
+ rc = init_acl_state(&acl_state, 1);
+ if (rc)
+ return rc;
+
+ /* Set default owner group */
+ acl_state.owner.allow = (inode->i_mode & 0700) >> 6;
+ acl_state.group.allow = (inode->i_mode & 0070) >> 3;
+ acl_state.other.allow = inode->i_mode & 0007;
+ acl_state.users->aces[acl_state.users->n].uid = inode->i_uid;
+ acl_state.users->aces[acl_state.users->n++].perms.allow =
+ acl_state.owner.allow;
+ acl_state.groups->aces[acl_state.groups->n].gid = inode->i_gid;
+ acl_state.groups->aces[acl_state.groups->n++].perms.allow =
+ acl_state.group.allow;
+ acl_state.mask.allow = 0x07;
+
+ acls = ksmbd_vfs_posix_acl_alloc(6, GFP_KERNEL);
+ if (!acls) {
+ free_acl_state(&acl_state);
+ return -ENOMEM;
+ }
+ posix_state_to_acl(&acl_state, acls->a_entries);
+ rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
+ if (rc < 0)
+ ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
+ rc);
+ else if (S_ISDIR(inode->i_mode)) {
+ posix_state_to_acl(&acl_state, acls->a_entries);
+ rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT, acls);
+ if (rc < 0)
+ ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
+ rc);
+ }
+ free_acl_state(&acl_state);
+ posix_acl_release(acls);
+ return rc;
+}
+
+int ksmbd_vfs_inherit_posix_acl(struct inode *inode, struct inode *parent_inode)
+{
+ struct posix_acl *acls;
+ struct posix_acl_entry *pace;
+ int rc, i;
+
+ acls = ksmbd_vfs_get_acl(parent_inode, ACL_TYPE_DEFAULT);
+ if (!acls)
+ return -ENOENT;
+ pace = acls->a_entries;
+
+ for (i = 0; i < acls->a_count; i++, pace++) {
+ if (pace->e_tag == ACL_MASK) {
+ pace->e_perm = 0x07;
+ break;
+ }
+ }
+
+ rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
+ if (rc < 0)
+ ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
+ rc);
+ if (S_ISDIR(inode->i_mode)) {
+ rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT, acls);
+ if (rc < 0)
+ ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
+ rc);
+ }
+ posix_acl_release(acls);
+ return rc;
+}
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
new file mode 100644
index 000000000000..bbef5c20c146
--- /dev/null
+++ b/fs/cifsd/vfs.h
@@ -0,0 +1,314 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2018 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __KSMBD_VFS_H__
+#define __KSMBD_VFS_H__
+
+#include <linux/file.h>
+#include <linux/fs.h>
+#include <linux/namei.h>
+#include <uapi/linux/xattr.h>
+#include <linux/posix_acl.h>
+
+#include "smbacl.h"
+
+/* STREAM XATTR PREFIX */
+#define STREAM_PREFIX "DosStream."
+#define STREAM_PREFIX_LEN (sizeof(STREAM_PREFIX) - 1)
+#define XATTR_NAME_STREAM (XATTR_USER_PREFIX STREAM_PREFIX)
+#define XATTR_NAME_STREAM_LEN (sizeof(XATTR_NAME_STREAM) - 1)
+
+enum {
+ XATTR_DOSINFO_ATTRIB = 0x00000001,
+ XATTR_DOSINFO_EA_SIZE = 0x00000002,
+ XATTR_DOSINFO_SIZE = 0x00000004,
+ XATTR_DOSINFO_ALLOC_SIZE = 0x00000008,
+ XATTR_DOSINFO_CREATE_TIME = 0x00000010,
+ XATTR_DOSINFO_CHANGE_TIME = 0x00000020,
+ XATTR_DOSINFO_ITIME = 0x00000040
+};
+
+struct xattr_dos_attrib {
+ __u16 version;
+ __u32 flags;
+ __u32 attr;
+ __u32 ea_size;
+ __u64 size;
+ __u64 alloc_size;
+ __u64 create_time;
+ __u64 change_time;
+ __u64 itime;
+};
+
+/* DOS ATTRIBUITE XATTR PREFIX */
+#define DOS_ATTRIBUTE_PREFIX "DOSATTRIB"
+#define DOS_ATTRIBUTE_PREFIX_LEN (sizeof(DOS_ATTRIBUTE_PREFIX) - 1)
+#define XATTR_NAME_DOS_ATTRIBUTE \
+ (XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX)
+#define XATTR_NAME_DOS_ATTRIBUTE_LEN \
+ (sizeof(XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX) - 1)
+
+#define XATTR_SD_HASH_TYPE_SHA256 0x1
+#define XATTR_SD_HASH_SIZE 64
+
+#define SMB_ACL_READ 4
+#define SMB_ACL_WRITE 2
+#define SMB_ACL_EXECUTE 1
+
+enum {
+ SMB_ACL_TAG_INVALID = 0,
+ SMB_ACL_USER,
+ SMB_ACL_USER_OBJ,
+ SMB_ACL_GROUP,
+ SMB_ACL_GROUP_OBJ,
+ SMB_ACL_OTHER,
+ SMB_ACL_MASK
+};
+
+struct xattr_acl_entry {
+ int type;
+ uid_t uid;
+ gid_t gid;
+ mode_t perm;
+};
+
+struct xattr_smb_acl {
+ int count;
+ int next;
+ struct xattr_acl_entry entries[0];
+};
+
+struct xattr_ntacl {
+ __u16 version;
+ void *sd_buf;
+ __u32 sd_size;
+ __u16 hash_type;
+ __u8 desc[10];
+ __u16 desc_len;
+ __u64 current_time;
+ __u8 hash[XATTR_SD_HASH_SIZE];
+ __u8 posix_acl_hash[XATTR_SD_HASH_SIZE];
+};
+
+/* SECURITY DESCRIPTOR XATTR PREFIX */
+#define SD_PREFIX "NTACL"
+#define SD_PREFIX_LEN (sizeof(SD_PREFIX) - 1)
+#define XATTR_NAME_SD \
+ (XATTR_SECURITY_PREFIX SD_PREFIX)
+#define XATTR_NAME_SD_LEN \
+ (sizeof(XATTR_SECURITY_PREFIX SD_PREFIX) - 1)
+
+
+/* CreateOptions */
+/* Flag is set, it must not be a file , valid for directory only */
+#define FILE_DIRECTORY_FILE_LE cpu_to_le32(0x00000001)
+#define FILE_WRITE_THROUGH_LE cpu_to_le32(0x00000002)
+#define FILE_SEQUENTIAL_ONLY_LE cpu_to_le32(0x00000004)
+
+/* Should not buffer on server*/
+#define FILE_NO_INTERMEDIATE_BUFFERING_LE cpu_to_le32(0x00000008)
+/* MBZ */
+#define FILE_SYNCHRONOUS_IO_ALERT_LE cpu_to_le32(0x00000010)
+/* MBZ */
+#define FILE_SYNCHRONOUS_IO_NONALERT_LE cpu_to_le32(0x00000020)
+
+/* Flaf must not be set for directory */
+#define FILE_NON_DIRECTORY_FILE_LE cpu_to_le32(0x00000040)
+
+/* Should be zero */
+#define CREATE_TREE_CONNECTION cpu_to_le32(0x00000080)
+#define FILE_COMPLETE_IF_OPLOCKED_LE cpu_to_le32(0x00000100)
+#define FILE_NO_EA_KNOWLEDGE_LE cpu_to_le32(0x00000200)
+#define FILE_OPEN_REMOTE_INSTANCE cpu_to_le32(0x00000400)
+
+/**
+ * Doc says this is obsolete "open for recovery" flag should be zero
+ * in any case.
+ */
+#define CREATE_OPEN_FOR_RECOVERY cpu_to_le32(0x00000400)
+#define FILE_RANDOM_ACCESS_LE cpu_to_le32(0x00000800)
+#define FILE_DELETE_ON_CLOSE_LE cpu_to_le32(0x00001000)
+#define FILE_OPEN_BY_FILE_ID_LE cpu_to_le32(0x00002000)
+#define FILE_OPEN_FOR_BACKUP_INTENT_LE cpu_to_le32(0x00004000)
+#define FILE_NO_COMPRESSION_LE cpu_to_le32(0x00008000)
+
+/* Should be zero*/
+#define FILE_OPEN_REQUIRING_OPLOCK cpu_to_le32(0x00010000)
+#define FILE_DISALLOW_EXCLUSIVE cpu_to_le32(0x00020000)
+#define FILE_RESERVE_OPFILTER_LE cpu_to_le32(0x00100000)
+#define FILE_OPEN_REPARSE_POINT_LE cpu_to_le32(0x00200000)
+#define FILE_OPEN_NO_RECALL_LE cpu_to_le32(0x00400000)
+
+/* Should be zero */
+#define FILE_OPEN_FOR_FREE_SPACE_QUERY_LE cpu_to_le32(0x00800000)
+#define CREATE_OPTIONS_MASK cpu_to_le32(0x00FFFFFF)
+#define CREATE_OPTION_READONLY 0x10000000
+/* system. NB not sent over wire */
+#define CREATE_OPTION_SPECIAL 0x20000000
+
+struct ksmbd_work;
+struct ksmbd_file;
+struct ksmbd_conn;
+
+struct ksmbd_dir_info {
+ const char *name;
+ char *wptr;
+ char *rptr;
+ int name_len;
+ int out_buf_len;
+ int num_entry;
+ int data_count;
+ int last_entry_offset;
+ bool hide_dot_file;
+ int flags;
+};
+
+struct ksmbd_readdir_data {
+ struct dir_context ctx;
+ union {
+ void *private;
+ char *dirent;
+ };
+
+ unsigned int used;
+ unsigned int dirent_count;
+ unsigned int file_attr;
+};
+
+/* ksmbd kstat wrapper to get valid create time when reading dir entry */
+struct ksmbd_kstat {
+ struct kstat *kstat;
+ unsigned long long create_time;
+ __le32 file_attributes;
+};
+
+struct ksmbd_fs_sector_size {
+ unsigned short logical_sector_size;
+ unsigned int physical_sector_size;
+ unsigned int optimal_io_size;
+};
+
+int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode,
+ bool delete);
+int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess);
+int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode);
+int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode);
+int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp,
+ size_t count, loff_t *pos);
+int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
+ char *buf, size_t count, loff_t *pos, bool sync, ssize_t *written);
+int ksmbd_vfs_fsync(struct ksmbd_work *work, uint64_t fid, uint64_t p_id);
+int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name);
+int ksmbd_vfs_link(struct ksmbd_work *work,
+ const char *oldname, const char *newname);
+int ksmbd_vfs_getattr(struct path *path, struct kstat *stat);
+int ksmbd_vfs_symlink(const char *name, const char *symname);
+int ksmbd_vfs_readlink(struct path *path, char *buf, int lenp);
+
+int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
+ char *newname);
+int ksmbd_vfs_rename_slowpath(struct ksmbd_work *work,
+ char *oldname, char *newname);
+
+int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
+ struct ksmbd_file *fp, loff_t size);
+
+struct srv_copychunk;
+int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
+ struct ksmbd_file *src_fp,
+ struct ksmbd_file *dst_fp,
+ struct srv_copychunk *chunks,
+ unsigned int chunk_count,
+ unsigned int *chunk_count_written,
+ unsigned int *chunk_size_written,
+ loff_t *total_size_written);
+
+struct ksmbd_file *ksmbd_vfs_dentry_open(struct ksmbd_work *work,
+ const struct path *path,
+ int flags,
+ __le32 option,
+ int fexist);
+
+ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list);
+ssize_t ksmbd_vfs_getxattr(struct dentry *dentry,
+ char *xattr_name,
+ char **xattr_buf);
+
+ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry,
+ char *attr_name,
+ int attr_name_len);
+
+int ksmbd_vfs_setxattr(struct dentry *dentry,
+ const char *attr_name,
+ const void *attr_value,
+ size_t attr_size,
+ int flags);
+
+int ksmbd_vfs_fsetxattr(const char *filename,
+ const char *attr_name,
+ const void *attr_value,
+ size_t attr_size,
+ int flags);
+
+int ksmbd_vfs_xattr_stream_name(char *stream_name,
+ char **xattr_stream_name,
+ size_t *xattr_stream_name_size,
+ int s_type);
+
+int ksmbd_vfs_truncate_xattr(struct dentry *dentry, int wo_streams);
+int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
+void ksmbd_vfs_xattr_free(char *xattr);
+
+int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
+ bool caseless);
+int ksmbd_vfs_empty_dir(struct ksmbd_file *fp);
+void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option);
+int ksmbd_vfs_lock(struct file *filp, int cmd, struct file_lock *flock);
+int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata);
+int ksmbd_vfs_alloc_size(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ loff_t len);
+int ksmbd_vfs_zero_data(struct ksmbd_work *work,
+ struct ksmbd_file *fp,
+ loff_t off,
+ loff_t len);
+
+struct file_allocated_range_buffer;
+int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
+ struct file_allocated_range_buffer *ranges,
+ int in_count, int *out_count);
+int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry);
+unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode);
+void ksmbd_vfs_smb2_sector_size(struct inode *inode,
+ struct ksmbd_fs_sector_size *fs_ss);
+void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
+
+int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work,
+ struct dentry *dentry,
+ struct ksmbd_kstat *ksmbd_kstat);
+
+int ksmbd_vfs_posix_lock_wait(struct file_lock *flock);
+int ksmbd_vfs_posix_lock_wait_timeout(struct file_lock *flock, long timeout);
+void ksmbd_vfs_posix_lock_unblock(struct file_lock *flock);
+
+int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry);
+int ksmbd_vfs_remove_sd_xattrs(struct dentry *dentry);
+int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
+ struct smb_ntsd *pntsd, int len);
+int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
+ struct smb_ntsd **pntsd);
+int ksmbd_vfs_set_dos_attrib_xattr(struct dentry *dentry,
+ struct xattr_dos_attrib *da);
+int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
+ struct xattr_dos_attrib *da);
+struct posix_acl *ksmbd_vfs_posix_acl_alloc(int count, gfp_t flags);
+struct posix_acl *ksmbd_vfs_get_acl(struct inode *inode, int type);
+int ksmbd_vfs_set_posix_acl(struct inode *inode, int type,
+ struct posix_acl *acl);
+int ksmbd_vfs_set_init_posix_acl(struct inode *inode);
+int ksmbd_vfs_inherit_posix_acl(struct inode *inode,
+ struct inode *parent_inode);
+#endif /* __KSMBD_VFS_H__ */
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
new file mode 100644
index 000000000000..8d8c4e373308
--- /dev/null
+++ b/fs/cifsd/vfs_cache.c
@@ -0,0 +1,855 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2016 Namjae Jeon <linkinjeon(a)kernel.org>
+ * Copyright (C) 2019 Samsung Electronics Co., Ltd.
+ */
+
+#include <linux/fs.h>
+#include <linux/slab.h>
+#include <linux/vmalloc.h>
+
+/* @FIXME */
+#include "glob.h"
+#include "vfs_cache.h"
+#include "buffer_pool.h"
+
+#include "oplock.h"
+#include "vfs.h"
+#include "connection.h"
+#include "mgmt/tree_connect.h"
+#include "mgmt/user_session.h"
+
+/* @FIXME */
+#include "smb_common.h"
+
+#define S_DEL_PENDING 1
+#define S_DEL_ON_CLS 2
+#define S_DEL_ON_CLS_STREAM 8
+
+static unsigned int inode_hash_mask __read_mostly;
+static unsigned int inode_hash_shift __read_mostly;
+static struct hlist_head *inode_hashtable __read_mostly;
+static DEFINE_RWLOCK(inode_hash_lock);
+
+static struct ksmbd_file_table global_ft;
+static atomic_long_t fd_limit;
+
+void ksmbd_set_fd_limit(unsigned long limit)
+{
+ limit = min(limit, get_max_files());
+ atomic_long_set(&fd_limit, limit);
+}
+
+static bool fd_limit_depleted(void)
+{
+ long v = atomic_long_dec_return(&fd_limit);
+
+ if (v >= 0)
+ return false;
+ atomic_long_inc(&fd_limit);
+ return true;
+}
+
+static void fd_limit_close(void)
+{
+ atomic_long_inc(&fd_limit);
+}
+
+/*
+ * INODE hash
+ */
+
+static unsigned long inode_hash(struct super_block *sb, unsigned long hashval)
+{
+ unsigned long tmp;
+
+ tmp = (hashval * (unsigned long)sb) ^ (GOLDEN_RATIO_PRIME + hashval) /
+ L1_CACHE_BYTES;
+ tmp = tmp ^ ((tmp ^ GOLDEN_RATIO_PRIME) >> inode_hash_shift);
+ return tmp & inode_hash_mask;
+}
+
+static struct ksmbd_inode *__ksmbd_inode_lookup(struct inode *inode)
+{
+ struct hlist_head *head = inode_hashtable +
+ inode_hash(inode->i_sb, inode->i_ino);
+ struct ksmbd_inode *ci = NULL, *ret_ci = NULL;
+
+ hlist_for_each_entry(ci, head, m_hash) {
+ if (ci->m_inode == inode) {
+ if (atomic_inc_not_zero(&ci->m_count))
+ ret_ci = ci;
+ break;
+ }
+ }
+ return ret_ci;
+}
+
+static struct ksmbd_inode *ksmbd_inode_lookup(struct ksmbd_file *fp)
+{
+ return __ksmbd_inode_lookup(FP_INODE(fp));
+}
+
+static struct ksmbd_inode *ksmbd_inode_lookup_by_vfsinode(struct inode *inode)
+{
+ struct ksmbd_inode *ci;
+
+ read_lock(&inode_hash_lock);
+ ci = __ksmbd_inode_lookup(inode);
+ read_unlock(&inode_hash_lock);
+ return ci;
+}
+
+int ksmbd_query_inode_status(struct inode *inode)
+{
+ struct ksmbd_inode *ci;
+ int ret = KSMBD_INODE_STATUS_UNKNOWN;
+
+ read_lock(&inode_hash_lock);
+ ci = __ksmbd_inode_lookup(inode);
+ if (ci) {
+ ret = KSMBD_INODE_STATUS_OK;
+ if (ci->m_flags & S_DEL_PENDING)
+ ret = KSMBD_INODE_STATUS_PENDING_DELETE;
+ atomic_dec(&ci->m_count);
+ }
+ read_unlock(&inode_hash_lock);
+ return ret;
+}
+
+bool ksmbd_inode_pending_delete(struct ksmbd_file *fp)
+{
+ return (fp->f_ci->m_flags & S_DEL_PENDING);
+}
+
+void ksmbd_set_inode_pending_delete(struct ksmbd_file *fp)
+{
+ fp->f_ci->m_flags |= S_DEL_PENDING;
+}
+
+void ksmbd_clear_inode_pending_delete(struct ksmbd_file *fp)
+{
+ fp->f_ci->m_flags &= ~S_DEL_PENDING;
+}
+
+void ksmbd_fd_set_delete_on_close(struct ksmbd_file *fp,
+ int file_info)
+{
+ if (ksmbd_stream_fd(fp)) {
+ fp->f_ci->m_flags |= S_DEL_ON_CLS_STREAM;
+ return;
+ }
+
+ fp->f_ci->m_flags |= S_DEL_ON_CLS;
+}
+
+static void ksmbd_inode_hash(struct ksmbd_inode *ci)
+{
+ struct hlist_head *b = inode_hashtable +
+ inode_hash(ci->m_inode->i_sb, ci->m_inode->i_ino);
+
+ hlist_add_head(&ci->m_hash, b);
+}
+
+static void ksmbd_inode_unhash(struct ksmbd_inode *ci)
+{
+ write_lock(&inode_hash_lock);
+ hlist_del_init(&ci->m_hash);
+ write_unlock(&inode_hash_lock);
+}
+
+static int ksmbd_inode_init(struct ksmbd_inode *ci, struct ksmbd_file *fp)
+{
+ ci->m_inode = FP_INODE(fp);
+ atomic_set(&ci->m_count, 1);
+ atomic_set(&ci->op_count, 0);
+ atomic_set(&ci->sop_count, 0);
+ ci->m_flags = 0;
+ ci->m_fattr = 0;
+ INIT_LIST_HEAD(&ci->m_fp_list);
+ INIT_LIST_HEAD(&ci->m_op_list);
+ rwlock_init(&ci->m_lock);
+ return 0;
+}
+
+static struct ksmbd_inode *ksmbd_inode_get(struct ksmbd_file *fp)
+{
+ struct ksmbd_inode *ci, *tmpci;
+ int rc;
+
+ read_lock(&inode_hash_lock);
+ ci = ksmbd_inode_lookup(fp);
+ read_unlock(&inode_hash_lock);
+ if (ci)
+ return ci;
+
+ ci = kmalloc(sizeof(struct ksmbd_inode), GFP_KERNEL);
+ if (!ci)
+ return NULL;
+
+ rc = ksmbd_inode_init(ci, fp);
+ if (rc) {
+ ksmbd_err("inode initialized failed\n");
+ kfree(ci);
+ return NULL;
+ }
+
+ write_lock(&inode_hash_lock);
+ tmpci = ksmbd_inode_lookup(fp);
+ if (!tmpci) {
+ ksmbd_inode_hash(ci);
+ } else {
+ kfree(ci);
+ ci = tmpci;
+ }
+ write_unlock(&inode_hash_lock);
+ return ci;
+}
+
+static void ksmbd_inode_free(struct ksmbd_inode *ci)
+{
+ ksmbd_inode_unhash(ci);
+ kfree(ci);
+}
+
+static void ksmbd_inode_put(struct ksmbd_inode *ci)
+{
+ if (atomic_dec_and_test(&ci->m_count))
+ ksmbd_inode_free(ci);
+}
+
+int __init ksmbd_inode_hash_init(void)
+{
+ unsigned int loop;
+ unsigned long numentries = 16384;
+ unsigned long bucketsize = sizeof(struct hlist_head);
+ unsigned long size;
+
+ inode_hash_shift = ilog2(numentries);
+ inode_hash_mask = (1 << inode_hash_shift) - 1;
+
+ size = bucketsize << inode_hash_shift;
+
+ /* init master fp hash table */
+ inode_hashtable = vmalloc(size);
+ if (!inode_hashtable)
+ return -ENOMEM;
+
+ for (loop = 0; loop < (1U << inode_hash_shift); loop++)
+ INIT_HLIST_HEAD(&inode_hashtable[loop]);
+ return 0;
+}
+
+void __exit ksmbd_release_inode_hash(void)
+{
+ vfree(inode_hashtable);
+}
+
+static void __ksmbd_inode_close(struct ksmbd_file *fp)
+{
+ struct dentry *dir, *dentry;
+ struct ksmbd_inode *ci = fp->f_ci;
+ int err;
+ struct file *filp;
+
+ filp = fp->filp;
+ if (ksmbd_stream_fd(fp) && (ci->m_flags & S_DEL_ON_CLS_STREAM)) {
+ ci->m_flags &= ~S_DEL_ON_CLS_STREAM;
+ err = ksmbd_vfs_remove_xattr(filp->f_path.dentry,
+ fp->stream.name);
+ if (err)
+ ksmbd_err("remove xattr failed : %s\n",
+ fp->stream.name);
+ }
+
+ if (atomic_dec_and_test(&ci->m_count)) {
+ write_lock(&ci->m_lock);
+ if (ci->m_flags & (S_DEL_ON_CLS | S_DEL_PENDING)) {
+ dentry = filp->f_path.dentry;
+ dir = dentry->d_parent;
+ ci->m_flags &= ~(S_DEL_ON_CLS | S_DEL_PENDING);
+ write_unlock(&ci->m_lock);
+ ksmbd_vfs_unlink(dir, dentry);
+ write_lock(&ci->m_lock);
+ }
+ write_unlock(&ci->m_lock);
+
+ ksmbd_inode_free(ci);
+ }
+}
+
+static void __ksmbd_remove_durable_fd(struct ksmbd_file *fp)
+{
+ if (!HAS_FILE_ID(fp->persistent_id))
+ return;
+
+ write_lock(&global_ft.lock);
+ idr_remove(global_ft.idr, fp->persistent_id);
+ write_unlock(&global_ft.lock);
+}
+
+static void __ksmbd_remove_fd(struct ksmbd_file_table *ft,
+ struct ksmbd_file *fp)
+{
+ if (!HAS_FILE_ID(fp->volatile_id))
+ return;
+
+ write_lock(&fp->f_ci->m_lock);
+ list_del_init(&fp->node);
+ write_unlock(&fp->f_ci->m_lock);
+
+ write_lock(&ft->lock);
+ idr_remove(ft->idr, fp->volatile_id);
+ write_unlock(&ft->lock);
+}
+
+static void __ksmbd_close_fd(struct ksmbd_file_table *ft,
+ struct ksmbd_file *fp)
+{
+ struct file *filp;
+
+ fd_limit_close();
+ __ksmbd_remove_durable_fd(fp);
+ __ksmbd_remove_fd(ft, fp);
+
+ close_id_del_oplock(fp);
+ filp = fp->filp;
+
+ __ksmbd_inode_close(fp);
+ if (!IS_ERR_OR_NULL(filp))
+ fput(filp);
+ kfree(fp->filename);
+ if (ksmbd_stream_fd(fp))
+ kfree(fp->stream.name);
+ ksmbd_free_file_struct(fp);
+}
+
+static struct ksmbd_file *ksmbd_fp_get(struct ksmbd_file *fp)
+{
+ if (!atomic_inc_not_zero(&fp->refcount))
+ return NULL;
+ return fp;
+}
+
+static struct ksmbd_file *__ksmbd_lookup_fd(struct ksmbd_file_table *ft,
+ unsigned int id)
+{
+ bool unclaimed = true;
+ struct ksmbd_file *fp;
+
+ read_lock(&ft->lock);
+ fp = idr_find(ft->idr, id);
+ if (fp)
+ fp = ksmbd_fp_get(fp);
+
+ if (fp && fp->f_ci) {
+ read_lock(&fp->f_ci->m_lock);
+ unclaimed = list_empty(&fp->node);
+ read_unlock(&fp->f_ci->m_lock);
+ }
+ read_unlock(&ft->lock);
+
+ if (fp && unclaimed) {
+ atomic_dec(&fp->refcount);
+ return NULL;
+ }
+ return fp;
+}
+
+static void __put_fd_final(struct ksmbd_work *work,
+ struct ksmbd_file *fp)
+{
+ __ksmbd_close_fd(&work->sess->file_table, fp);
+ atomic_dec(&work->conn->stats.open_files_count);
+}
+
+static void set_close_state_blocked_works(struct ksmbd_file *fp)
+{
+ struct ksmbd_work *cancel_work, *ctmp;
+
+ spin_lock(&fp->f_lock);
+ list_for_each_entry_safe(cancel_work, ctmp, &fp->blocked_works,
+ fp_entry) {
+ list_del(&cancel_work->fp_entry);
+ cancel_work->state = KSMBD_WORK_CLOSED;
+ cancel_work->cancel_fn(cancel_work->cancel_argv);
+ }
+ spin_unlock(&fp->f_lock);
+}
+
+int ksmbd_close_fd(struct ksmbd_work *work, unsigned int id)
+{
+ struct ksmbd_file *fp;
+ struct ksmbd_file_table *ft;
+
+ if (!HAS_FILE_ID(id))
+ return 0;
+
+ ft = &work->sess->file_table;
+ read_lock(&ft->lock);
+ fp = idr_find(ft->idr, id);
+ if (fp) {
+ set_close_state_blocked_works(fp);
+
+ if (!atomic_dec_and_test(&fp->refcount))
+ fp = NULL;
+ }
+ read_unlock(&ft->lock);
+
+ if (!fp)
+ return -EINVAL;
+
+ __put_fd_final(work, fp);
+ return 0;
+}
+
+void ksmbd_fd_put(struct ksmbd_work *work,
+ struct ksmbd_file *fp)
+{
+ if (!fp)
+ return;
+
+ if (!atomic_dec_and_test(&fp->refcount))
+ return;
+ __put_fd_final(work, fp);
+}
+
+static bool __sanity_check(struct ksmbd_tree_connect *tcon,
+ struct ksmbd_file *fp)
+{
+ if (!fp)
+ return false;
+ if (fp->tcon != tcon)
+ return false;
+ return true;
+}
+
+struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work,
+ unsigned int id)
+{
+ return __ksmbd_lookup_fd(&work->sess->file_table, id);
+}
+
+struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work,
+ unsigned int id)
+{
+ struct ksmbd_file *fp = __ksmbd_lookup_fd(&work->sess->file_table, id);
+
+ if (__sanity_check(work->tcon, fp))
+ return fp;
+
+ ksmbd_fd_put(work, fp);
+ return NULL;
+}
+
+struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work,
+ unsigned int id,
+ unsigned int pid)
+{
+ struct ksmbd_file *fp;
+
+ if (!HAS_FILE_ID(id)) {
+ id = work->compound_fid;
+ pid = work->compound_pfid;
+ }
+
+ if (!HAS_FILE_ID(id))
+ return NULL;
+
+ fp = __ksmbd_lookup_fd(&work->sess->file_table, id);
+ if (!__sanity_check(work->tcon, fp)) {
+ ksmbd_fd_put(work, fp);
+ return NULL;
+ }
+ if (fp->persistent_id != pid) {
+ ksmbd_fd_put(work, fp);
+ return NULL;
+ }
+ return fp;
+}
+
+struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id)
+{
+ return __ksmbd_lookup_fd(&global_ft, id);
+}
+
+int ksmbd_close_fd_app_id(struct ksmbd_work *work,
+ char *app_id)
+{
+ struct ksmbd_file *fp = NULL;
+ unsigned int id;
+
+ read_lock(&global_ft.lock);
+ idr_for_each_entry(global_ft.idr, fp, id) {
+ if (!memcmp(fp->app_instance_id,
+ app_id,
+ SMB2_CREATE_GUID_SIZE)) {
+ if (!atomic_dec_and_test(&fp->refcount))
+ fp = NULL;
+ break;
+ }
+ }
+ read_unlock(&global_ft.lock);
+
+ if (!fp)
+ return -EINVAL;
+
+ __put_fd_final(work, fp);
+ return 0;
+}
+
+struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid)
+{
+ struct ksmbd_file *fp = NULL;
+ unsigned int id;
+
+ read_lock(&global_ft.lock);
+ idr_for_each_entry(global_ft.idr, fp, id) {
+ if (!memcmp(fp->create_guid,
+ cguid,
+ SMB2_CREATE_GUID_SIZE)) {
+ fp = ksmbd_fp_get(fp);
+ break;
+ }
+ }
+ read_unlock(&global_ft.lock);
+
+ return fp;
+}
+
+struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work,
+ char *filename)
+{
+ struct ksmbd_file *fp = NULL;
+ unsigned int id;
+
+ read_lock(&work->sess->file_table.lock);
+ idr_for_each_entry(work->sess->file_table.idr, fp, id) {
+ if (!strcmp(fp->filename, filename)) {
+ fp = ksmbd_fp_get(fp);
+ break;
+ }
+ }
+ read_unlock(&work->sess->file_table.lock);
+
+ return fp;
+}
+
+struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode)
+{
+ struct ksmbd_file *lfp;
+ struct ksmbd_inode *ci;
+ struct list_head *cur;
+
+ ci = ksmbd_inode_lookup_by_vfsinode(inode);
+ if (!ci)
+ return NULL;
+
+ read_lock(&ci->m_lock);
+ list_for_each(cur, &ci->m_fp_list) {
+ lfp = list_entry(cur, struct ksmbd_file, node);
+ if (inode == FP_INODE(lfp)) {
+ atomic_dec(&ci->m_count);
+ read_unlock(&ci->m_lock);
+ return lfp;
+ }
+ }
+ atomic_dec(&ci->m_count);
+ read_unlock(&ci->m_lock);
+ return NULL;
+}
+
+#define OPEN_ID_TYPE_VOLATILE_ID (0)
+#define OPEN_ID_TYPE_PERSISTENT_ID (1)
+
+static void __open_id_set(struct ksmbd_file *fp, unsigned int id, int type)
+{
+ if (type == OPEN_ID_TYPE_VOLATILE_ID)
+ fp->volatile_id = id;
+ if (type == OPEN_ID_TYPE_PERSISTENT_ID)
+ fp->persistent_id = id;
+}
+
+static int __open_id(struct ksmbd_file_table *ft,
+ struct ksmbd_file *fp,
+ int type)
+{
+ unsigned int id = 0;
+ int ret;
+
+ if (type == OPEN_ID_TYPE_VOLATILE_ID && fd_limit_depleted()) {
+ __open_id_set(fp, KSMBD_NO_FID, type);
+ return -EMFILE;
+ }
+
+ idr_preload(GFP_KERNEL);
+ write_lock(&ft->lock);
+ ret = idr_alloc_cyclic(ft->idr, fp, 0, INT_MAX, GFP_NOWAIT);
+ if (ret >= 0) {
+ id = ret;
+ ret = 0;
+ } else {
+ id = KSMBD_NO_FID;
+ fd_limit_close();
+ }
+
+ __open_id_set(fp, id, type);
+ write_unlock(&ft->lock);
+ idr_preload_end();
+ return ret;
+}
+
+unsigned int ksmbd_open_durable_fd(struct ksmbd_file *fp)
+{
+ __open_id(&global_ft, fp, OPEN_ID_TYPE_PERSISTENT_ID);
+ return fp->persistent_id;
+}
+
+struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work,
+ struct file *filp)
+{
+ struct ksmbd_file *fp;
+ int ret;
+
+ fp = ksmbd_alloc_file_struct();
+ if (!fp) {
+ ksmbd_err("Failed to allocate memory\n");
+ return ERR_PTR(-ENOMEM);
+ }
+
+ INIT_LIST_HEAD(&fp->blocked_works);
+ INIT_LIST_HEAD(&fp->node);
+ spin_lock_init(&fp->f_lock);
+ atomic_set(&fp->refcount, 1);
+
+ fp->filp = filp;
+ fp->conn = work->sess->conn;
+ fp->tcon = work->tcon;
+ fp->volatile_id = KSMBD_NO_FID;
+ fp->persistent_id = KSMBD_NO_FID;
+ fp->f_ci = ksmbd_inode_get(fp);
+
+ if (!fp->f_ci) {
+ ksmbd_free_file_struct(fp);
+ return ERR_PTR(-ENOMEM);
+ }
+
+ ret = __open_id(&work->sess->file_table, fp, OPEN_ID_TYPE_VOLATILE_ID);
+ if (ret) {
+ ksmbd_inode_put(fp->f_ci);
+ ksmbd_free_file_struct(fp);
+ return ERR_PTR(ret);
+ }
+
+ atomic_inc(&work->conn->stats.open_files_count);
+ return fp;
+}
+
+static inline bool is_reconnectable(struct ksmbd_file *fp)
+{
+ struct oplock_info *opinfo = opinfo_get(fp);
+ bool reconn = false;
+
+ if (!opinfo)
+ return false;
+
+ if (opinfo->op_state != OPLOCK_STATE_NONE) {
+ opinfo_put(opinfo);
+ return false;
+ }
+
+ if (fp->is_resilient || fp->is_persistent)
+ reconn = true;
+ else if (fp->is_durable && opinfo->is_lease &&
+ opinfo->o_lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
+ reconn = true;
+
+ else if (fp->is_durable && opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)
+ reconn = true;
+
+ opinfo_put(opinfo);
+ return reconn;
+}
+
+static int
+__close_file_table_ids(struct ksmbd_file_table *ft,
+ struct ksmbd_tree_connect *tcon,
+ bool (*skip)(struct ksmbd_tree_connect *tcon,
+ struct ksmbd_file *fp))
+{
+ unsigned int id;
+ struct ksmbd_file *fp;
+ int num = 0;
+
+ idr_for_each_entry(ft->idr, fp, id) {
+ if (skip(tcon, fp))
+ continue;
+
+ set_close_state_blocked_works(fp);
+
+ if (!atomic_dec_and_test(&fp->refcount))
+ continue;
+ __ksmbd_close_fd(ft, fp);
+ num++;
+ }
+ return num;
+}
+
+static bool tree_conn_fd_check(struct ksmbd_tree_connect *tcon,
+ struct ksmbd_file *fp)
+{
+ return fp->tcon != tcon;
+}
+
+static bool session_fd_check(struct ksmbd_tree_connect *tcon,
+ struct ksmbd_file *fp)
+{
+ if (!is_reconnectable(fp))
+ return false;
+
+ fp->conn = NULL;
+ fp->tcon = NULL;
+ fp->volatile_id = KSMBD_NO_FID;
+ return true;
+}
+
+void ksmbd_close_tree_conn_fds(struct ksmbd_work *work)
+{
+ int num = __close_file_table_ids(&work->sess->file_table,
+ work->tcon,
+ tree_conn_fd_check);
+
+ atomic_sub(num, &work->conn->stats.open_files_count);
+}
+
+void ksmbd_close_session_fds(struct ksmbd_work *work)
+{
+ int num = __close_file_table_ids(&work->sess->file_table,
+ work->tcon,
+ session_fd_check);
+
+ atomic_sub(num, &work->conn->stats.open_files_count);
+}
+
+int ksmbd_init_global_file_table(void)
+{
+ return ksmbd_init_file_table(&global_ft);
+}
+
+void ksmbd_free_global_file_table(void)
+{
+ struct ksmbd_file *fp = NULL;
+ unsigned int id;
+
+ idr_for_each_entry(global_ft.idr, fp, id) {
+ __ksmbd_remove_durable_fd(fp);
+ ksmbd_free_file_struct(fp);
+ }
+
+ ksmbd_destroy_file_table(&global_ft);
+}
+
+int ksmbd_reopen_durable_fd(struct ksmbd_work *work,
+ struct ksmbd_file *fp)
+{
+ if (!fp->is_durable || fp->conn || fp->tcon) {
+ ksmbd_err("Invalid durable fd [%p:%p]\n",
+ fp->conn, fp->tcon);
+ return -EBADF;
+ }
+
+ if (HAS_FILE_ID(fp->volatile_id)) {
+ ksmbd_err("Still in use durable fd: %u\n", fp->volatile_id);
+ return -EBADF;
+ }
+
+ fp->conn = work->sess->conn;
+ fp->tcon = work->tcon;
+
+ __open_id(&work->sess->file_table, fp, OPEN_ID_TYPE_VOLATILE_ID);
+ if (!HAS_FILE_ID(fp->volatile_id)) {
+ fp->conn = NULL;
+ fp->tcon = NULL;
+ return -EBADF;
+ }
+ return 0;
+}
+
+static void close_fd_list(struct ksmbd_work *work, struct list_head *head)
+{
+ while (!list_empty(head)) {
+ struct ksmbd_file *fp;
+
+ fp = list_first_entry(head, struct ksmbd_file, node);
+ list_del_init(&fp->node);
+
+ __ksmbd_close_fd(&work->sess->file_table, fp);
+ }
+}
+
+int ksmbd_close_inode_fds(struct ksmbd_work *work, struct inode *inode)
+{
+ struct ksmbd_inode *ci;
+ bool unlinked = true;
+ struct ksmbd_file *fp, *fptmp;
+ LIST_HEAD(dispose);
+
+ ci = ksmbd_inode_lookup_by_vfsinode(inode);
+ if (!ci)
+ return true;
+
+ if (ci->m_flags & (S_DEL_ON_CLS | S_DEL_PENDING))
+ unlinked = false;
+
+ write_lock(&ci->m_lock);
+ list_for_each_entry_safe(fp, fptmp, &ci->m_fp_list, node) {
+ if (fp->conn)
+ continue;
+
+ list_del(&fp->node);
+ list_add(&fp->node, &dispose);
+ }
+ atomic_dec(&ci->m_count);
+ write_unlock(&ci->m_lock);
+
+ close_fd_list(work, &dispose);
+ return unlinked;
+}
+
+int ksmbd_file_table_flush(struct ksmbd_work *work)
+{
+ struct ksmbd_file *fp = NULL;
+ unsigned int id;
+ int ret;
+
+ read_lock(&work->sess->file_table.lock);
+ idr_for_each_entry(work->sess->file_table.idr, fp, id) {
+ ret = ksmbd_vfs_fsync(work, fp->volatile_id, KSMBD_NO_FID);
+ if (ret)
+ break;
+ }
+ read_unlock(&work->sess->file_table.lock);
+ return ret;
+}
+
+int ksmbd_init_file_table(struct ksmbd_file_table *ft)
+{
+ ft->idr = ksmbd_alloc(sizeof(struct idr));
+ if (!ft->idr)
+ return -ENOMEM;
+
+ idr_init(ft->idr);
+ rwlock_init(&ft->lock);
+ return 0;
+}
+
+void ksmbd_destroy_file_table(struct ksmbd_file_table *ft)
+{
+ if (!ft->idr)
+ return;
+
+ __close_file_table_ids(ft, NULL, session_fd_check);
+ idr_destroy(ft->idr);
+ ksmbd_free(ft->idr);
+ ft->idr = NULL;
+}
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
new file mode 100644
index 000000000000..7d23657c86c6
--- /dev/null
+++ b/fs/cifsd/vfs_cache.h
@@ -0,0 +1,213 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2019 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __VFS_CACHE_H__
+#define __VFS_CACHE_H__
+
+#include <linux/version.h>
+#include <linux/file.h>
+#include <linux/fs.h>
+#include <linux/rwsem.h>
+#include <linux/spinlock.h>
+#include <linux/idr.h>
+#include <linux/workqueue.h>
+
+#include "vfs.h"
+
+/* Windows style file permissions for extended response */
+#define FILE_GENERIC_ALL 0x1F01FF
+#define FILE_GENERIC_READ 0x120089
+#define FILE_GENERIC_WRITE 0x120116
+#define FILE_GENERIC_EXECUTE 0X1200a0
+
+#define KSMBD_START_FID 0
+#define KSMBD_NO_FID (UINT_MAX)
+#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
+
+#define FP_FILENAME(fp) fp->filp->f_path.dentry->d_name.name
+#define FP_INODE(fp) fp->filp->f_path.dentry->d_inode
+#define PARENT_INODE(fp) fp->filp->f_path.dentry->d_parent->d_inode
+
+#define ATTR_FP(fp) (fp->attrib_only && \
+ (fp->cdoption != FILE_OVERWRITE_IF_LE && \
+ fp->cdoption != FILE_OVERWRITE_LE && \
+ fp->cdoption != FILE_SUPERSEDE_LE))
+
+struct ksmbd_conn;
+struct ksmbd_session;
+
+struct ksmbd_lock {
+ struct file_lock *fl;
+ struct list_head glist;
+ struct list_head llist;
+ unsigned int flags;
+ int cmd;
+ int zero_len;
+ unsigned long long start;
+ unsigned long long end;
+};
+
+struct stream {
+ char *name;
+ ssize_t size;
+};
+
+struct ksmbd_inode {
+ rwlock_t m_lock;
+ atomic_t m_count;
+ atomic_t op_count;
+ /* opinfo count for streams */
+ atomic_t sop_count;
+ struct inode *m_inode;
+ unsigned int m_flags;
+ struct hlist_node m_hash;
+ struct list_head m_fp_list;
+ struct list_head m_op_list;
+ struct oplock_info *m_opinfo;
+ __le32 m_fattr;
+};
+
+struct ksmbd_file {
+ struct file *filp;
+ char *filename;
+ unsigned int persistent_id;
+ unsigned int volatile_id;
+
+ spinlock_t f_lock;
+
+ struct ksmbd_inode *f_ci;
+ struct ksmbd_inode *f_parent_ci;
+ struct oplock_info __rcu *f_opinfo;
+ struct ksmbd_conn *conn;
+ struct ksmbd_tree_connect *tcon;
+
+ atomic_t refcount;
+ __le32 daccess;
+ __le32 saccess;
+ __le32 coption;
+ __le32 cdoption;
+ __u64 create_time;
+ __u64 itime;
+
+ bool is_durable;
+ bool is_resilient;
+ bool is_persistent;
+ bool is_nt_open;
+ bool attrib_only;
+
+ char client_guid[16];
+ char create_guid[16];
+ char app_instance_id[16];
+
+ struct stream stream;
+ struct list_head node;
+ struct list_head blocked_works;
+
+ int durable_timeout;
+
+ /* for SMB1 */
+ int pid;
+
+ /* conflict lock fail count for SMB1 */
+ unsigned int cflock_cnt;
+ /* last lock failure start offset for SMB1 */
+ unsigned long long llock_fstart;
+
+ int dirent_offset;
+
+ /* if ls is happening on directory, below is valid*/
+ struct ksmbd_readdir_data readdir_data;
+ int dot_dotdot[2];
+};
+
+static inline void set_ctx_actor(struct dir_context *ctx,
+ filldir_t actor)
+{
+ ctx->actor = actor;
+}
+
+#define KSMBD_NR_OPEN_DEFAULT BITS_PER_LONG
+
+struct ksmbd_file_table {
+ rwlock_t lock;
+ struct idr *idr;
+};
+
+static inline bool HAS_FILE_ID(unsigned long long req)
+{
+ unsigned int id = (unsigned int)req;
+
+ return id < KSMBD_NO_FID;
+}
+
+static inline bool ksmbd_stream_fd(struct ksmbd_file *fp)
+{
+ return fp->stream.name != NULL;
+}
+
+int ksmbd_init_file_table(struct ksmbd_file_table *ft);
+void ksmbd_destroy_file_table(struct ksmbd_file_table *ft);
+
+int ksmbd_close_fd(struct ksmbd_work *work, unsigned int id);
+
+struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work,
+ unsigned int id);
+struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work,
+ unsigned int id);
+struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work,
+ unsigned int id,
+ unsigned int pid);
+
+void ksmbd_fd_put(struct ksmbd_work *work, struct ksmbd_file *fp);
+
+int ksmbd_close_fd_app_id(struct ksmbd_work *work, char *app_id);
+struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id);
+struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid);
+struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work,
+ char *filename);
+struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode);
+
+unsigned int ksmbd_open_durable_fd(struct ksmbd_file *fp);
+
+struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work,
+ struct file *filp);
+
+void ksmbd_close_tree_conn_fds(struct ksmbd_work *work);
+void ksmbd_close_session_fds(struct ksmbd_work *work);
+
+int ksmbd_close_inode_fds(struct ksmbd_work *work, struct inode *inode);
+
+int ksmbd_reopen_durable_fd(struct ksmbd_work *work,
+ struct ksmbd_file *fp);
+
+int ksmbd_init_global_file_table(void);
+void ksmbd_free_global_file_table(void);
+
+int ksmbd_file_table_flush(struct ksmbd_work *work);
+
+void ksmbd_set_fd_limit(unsigned long limit);
+
+/*
+ * INODE hash
+ */
+
+int __init ksmbd_inode_hash_init(void);
+void __exit ksmbd_release_inode_hash(void);
+
+enum KSMBD_INODE_STATUS {
+ KSMBD_INODE_STATUS_OK,
+ KSMBD_INODE_STATUS_UNKNOWN,
+ KSMBD_INODE_STATUS_PENDING_DELETE,
+};
+
+int ksmbd_query_inode_status(struct inode *inode);
+
+bool ksmbd_inode_pending_delete(struct ksmbd_file *fp);
+void ksmbd_set_inode_pending_delete(struct ksmbd_file *fp);
+void ksmbd_clear_inode_pending_delete(struct ksmbd_file *fp);
+
+void ksmbd_fd_set_delete_on_close(struct ksmbd_file *fp,
+ int file_info);
+#endif /* __VFS_CACHE_H__ */
From patchwork Mon Nov 14 12:48:33 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183101
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:13 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:13 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:12 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 004/308] cifsd: uniquify extract_sharename()
Date: Mon, 14 Nov 2022 20:48:33 +0800
Message-ID: <20221114125337.1831594-5-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
efc5a278-2b32-4750-f682-08dac63c41ae
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7073844
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Stephen Rothwell <sfr(a)canb.auug.org.au>
mainline inclusion
from mainline-5.15-rc1
commit 36ba38663be0a1b34aee1c79f3bb359fcac96c55
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/36ba38663be0
-------------------------------
uniquify extract_sharename().
Signed-off-by: Stephen Rothwell <sfr(a)canb.auug.org.au>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/misc.c | 4 ++--
fs/cifsd/misc.h | 2 +-
fs/cifsd/smb2pdu.c | 2 +-
fs/cifsd/unicode.h | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
index 9e689c33f7bb..68983b08d519 100644
--- a/fs/cifsd/misc.c
+++ b/fs/cifsd/misc.c
@@ -210,12 +210,12 @@ void ksmbd_conv_path_to_windows(char *path)
}
/**
- * extract_sharename() - get share name from tree connect request
+ * ksmbd_extract_sharename() - get share name from tree connect request
* @treename: buffer containing tree name and share name
*
* Return: share name on success, otherwise error
*/
-char *extract_sharename(char *treename)
+char *ksmbd_extract_sharename(char *treename)
{
char *name = treename;
char *dst;
diff --git a/fs/cifsd/misc.h b/fs/cifsd/misc.h
index d67843aad509..41b3dac2f5fc 100644
--- a/fs/cifsd/misc.h
+++ b/fs/cifsd/misc.h
@@ -25,7 +25,7 @@ void ksmbd_conv_path_to_unix(char *path);
void ksmbd_strip_last_slash(char *path);
void ksmbd_conv_path_to_windows(char *path);
-char *extract_sharename(char *treename);
+char *ksmbd_extract_sharename(char *treename);
char *convert_to_unix_name(struct ksmbd_share_config *share, char *name);
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index b20cc07ee809..a4e78ebb0773 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1709,7 +1709,7 @@ int smb2_tree_connect(struct ksmbd_work *work)
goto out_err1;
}
- name = extract_sharename(treename);
+ name = ksmbd_extract_sharename(treename);
if (IS_ERR(name)) {
status.ret = KSMBD_TREE_CONN_STATUS_ERROR;
goto out_err1;
diff --git a/fs/cifsd/unicode.h b/fs/cifsd/unicode.h
index 228a02c9b95d..7135d62bf9b0 100644
--- a/fs/cifsd/unicode.h
+++ b/fs/cifsd/unicode.h
@@ -69,7 +69,7 @@ char *smb_strndup_from_utf16(const char *src, const int maxlen,
const struct nls_table *codepage);
extern int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
const struct nls_table *cp, int mapchars);
-extern char *extract_sharename(char *treename);
+extern char *ksmbd_extract_sharename(char *treename);
#endif
wchar_t cifs_toupper(wchar_t in);
From patchwork Mon Nov 14 12:48:34 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183102
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:13 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:13 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:13 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 005/308] cifsd: Fix a handful of spelling mistakes
Date: Mon, 14 Nov 2022 20:48:34 +0800
Message-ID: <20221114125337.1831594-6-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4818e0f9-7378-4c5c-8872-08dac63c41f7
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7125840
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Colin Ian King <colin.king(a)canonical.com>
mainline inclusion
from mainline-5.15-rc1
commit 1e853b937b2fcc51ff3939c7ae657d0726681ca1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1e853b937b2f
-------------------------------
There are several spelling mistakes in various ksmbd_err and
ksmbd_debug messages. Fix these.
Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/ndr.c | 2 +-
fs/cifsd/smb2pdu.c | 4 ++--
fs/cifsd/transport_rdma.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/cifsd/ndr.c b/fs/cifsd/ndr.c
index d96dcd9e43c6..aa0cb8fc555d 100644
--- a/fs/cifsd/ndr.c
+++ b/fs/cifsd/ndr.c
@@ -325,7 +325,7 @@ int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)
ndr_read_bytes(n, acl->desc, 10);
if (strncmp(acl->desc, "posix_acl", 9)) {
- ksmbd_err("Invalid acl desciption : %s\n", acl->desc);
+ ksmbd_err("Invalid acl description : %s\n", acl->desc);
return -EINVAL;
}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index a4e78ebb0773..730bddbc8152 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2508,7 +2508,7 @@ int smb2_open(struct ksmbd_work *work)
if (req->NameLength) {
if ((req->CreateOptions & FILE_DIRECTORY_FILE_LE) &&
*(char *)req->Buffer == '\\') {
- ksmbd_err("not allow directory name included leadning slash\n");
+ ksmbd_err("not allow directory name included leading slash\n");
rc = -EINVAL;
goto err_out1;
}
@@ -2636,7 +2636,7 @@ int smb2_open(struct ksmbd_work *work)
}
if (!(req->DesiredAccess & DESIRED_ACCESS_MASK)) {
- ksmbd_err("Invalid disired access : 0x%x\n",
+ ksmbd_err("Invalid desired access : 0x%x\n",
le32_to_cpu(req->DesiredAccess));
rc = -EACCES;
goto err_out1;
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
index 1698f7ed9c2f..4f4806d67ab0 100644
--- a/fs/cifsd/transport_rdma.c
+++ b/fs/cifsd/transport_rdma.c
@@ -485,7 +485,7 @@ static int smb_direct_check_recvmsg(struct smb_direct_recvmsg *recvmsg)
struct smb2_hdr *hdr = (struct smb2_hdr *) (recvmsg->packet
+ le32_to_cpu(req->data_offset) - 4);
ksmbd_debug(RDMA,
- "CreditGranted: %u, CreditRequested: %u, DataLength: %u, RemaingDataLength: %u, SMB: %x, Command: %u\n",
+ "CreditGranted: %u, CreditRequested: %u, DataLength: %u, RemainingDataLength: %u, SMB: %x, Command: %u\n",
le16_to_cpu(req->credits_granted),
le16_to_cpu(req->credits_requested),
req->data_length, req->remaining_data_length,
From patchwork Mon Nov 14 12:48:35 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183103
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:14 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:14 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:13 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 006/308] cifsd: fix a precedence bug in
parse_dacl()
Date: Mon, 14 Nov 2022 20:48:35 +0800
Message-ID: <20221114125337.1831594-7-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
22710a90-e440-44c5-4032-08dac63c4240
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6976017
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit 86df49e105afa6a205abb7d90809c3c76136eaa9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/86df49e105af
-------------------------------
The shift has higher precedence than mask so this doesn't work as
intended.
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smbacl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index 8d8360ca4751..294c5a8fe9af 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -520,7 +520,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
fattr->cf_gid;
acl_state.groups->aces[acl_state.groups->n++].perms.allow =
(mode & 0070) >> 3;
- default_acl_state.group.allow = mode & 0070 >> 3;
+ default_acl_state.group.allow = (mode & 0070) >> 3;
default_acl_state.groups->aces[default_acl_state.groups->n].gid =
fattr->cf_gid;
default_acl_state.groups->aces[default_acl_state.groups->n++].perms.allow =
From patchwork Mon Nov 14 12:48:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183104
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:14 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:14 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:13 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 007/308] cifsd: fix a IS_ERR() vs NULL bug
Date: Mon, 14 Nov 2022 20:48:36 +0800
Message-ID: <20221114125337.1831594-8-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
63ec9b29-8955-4210-2a9b-08dac63c428a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7260184
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit 8ef32967065737dac51974efae333436354bea0a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8ef329670657
-------------------------------
The smb_direct_alloc_sendmsg() function never returns NULL, it only
returns error pointers so the check needs to be updated.
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/transport_rdma.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
index 4f4806d67ab0..d235051dc5b1 100644
--- a/fs/cifsd/transport_rdma.c
+++ b/fs/cifsd/transport_rdma.c
@@ -997,8 +997,8 @@ static int smb_direct_create_header(struct smb_direct_transport *t,
int ret;
sendmsg = smb_direct_alloc_sendmsg(t);
- if (!sendmsg)
- return -ENOMEM;
+ if (IS_ERR(sendmsg))
+ return PTR_ERR(sendmsg);
/* Fill in the packet header */
packet = (struct smb_direct_data_transfer *)sendmsg->packet;
From patchwork Mon Nov 14 12:48:37 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183105
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:15 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:14 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 008/308] cifsd: Fix a use after free on error path
Date: Mon, 14 Nov 2022 20:48:37 +0800
Message-ID: <20221114125337.1831594-9-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
568d6f8a-038b-436b-1296-08dac63c42d4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7053472
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit a2ba2709f5e465b316ef1f18605190d249847aad
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a2ba2709f5e4
-------------------------------
The ksmbd_free_work_struct() frees "work" so we need to swap the order
of these two function calls to avoid a use after free.
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/oplock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index 6c3dbc71134e..f694c14be0df 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -638,8 +638,8 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
if (allocate_oplock_break_buf(work)) {
ksmbd_err("smb2_allocate_rsp_buf failed! ");
atomic_dec(&conn->r_count);
- ksmbd_free_work_struct(work);
ksmbd_fd_put(work, fp);
+ ksmbd_free_work_struct(work);
return;
}
From patchwork Mon Nov 14 12:48:38 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183106
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:15 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:14 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 009/308] cifsd: fix static checker warning from
smb_direct_post_send_data()
Date: Mon, 14 Nov 2022 20:48:38 +0800
Message-ID: <20221114125337.1831594-10-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4b2c2481-f18e-454a-2240-08dac63c431e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6775579
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit bc3fcc9462ef4ba3ae66593cbaf47bf7af703ed3
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/bc3fcc9462ef
-------------------------------
Dan reported static checker warning:
fs/cifsd/transport_rdma.c:1168 smb_direct_post_send_data()
warn: missing error code 'ret'
This patch add missing ret error code.
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/transport_rdma.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
index d235051dc5b1..45b76847f1e7 100644
--- a/fs/cifsd/transport_rdma.c
+++ b/fs/cifsd/transport_rdma.c
@@ -1165,6 +1165,7 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
sg, SMB_DIRECT_MAX_SEND_SGES-1, DMA_TO_DEVICE);
if (sg_cnt <= 0) {
ksmbd_err("failed to map buffer\n");
+ ret = -ENOMEM;
goto err;
} else if (sg_cnt + msg->num_sge > SMB_DIRECT_MAX_SEND_SGES-1) {
ksmbd_err("buffer not fitted into sges\n");
From patchwork Mon Nov 14 12:48:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183107
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:16 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:15 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 010/308] cifsd: fix static checker warning from
smb_check_perm_dacl()
Date: Mon, 14 Nov 2022 20:48:39 +0800
Message-ID: <20221114125337.1831594-11-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7f16bfe2-9dc2-4303-7d50-08dac63c4368
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7210129
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 50355b0b20103a2be39e269a92909fa69f16f2d0
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/50355b0b2010
-------------------------------
Dan reported static checker warning:
fs/cifsd/smbacl.c:1140 smb_check_perm_dacl()
error: we previously assumed 'pntsd' could be null (see line 1137)
This patch validate bounds of pntsd buffer.
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smbacl.c | 27 +++++++++++++++++++++++++--
1 file changed, 25 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index 294c5a8fe9af..77c79cf4afd0 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -800,9 +800,13 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
le32_to_cpu(pntsd->gsidoffset),
le32_to_cpu(pntsd->sacloffset), dacloffset);
- if (dacloffset && dacl_ptr)
+ if (dacloffset) {
+ if (end_of_acl <= (char *)dacl_ptr ||
+ end_of_acl < (char *)dacl_ptr + le16_to_cpu(dacl_ptr->size))
+ return -EIO;
total_ace_size =
le16_to_cpu(dacl_ptr->size) - sizeof(struct smb_acl);
+ }
pntsd_type = le16_to_cpu(pntsd->type);
@@ -1131,13 +1135,28 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
struct smb_ace *others_ace = NULL;
struct posix_acl_entry *pa_entry;
unsigned int sid_type = SIDOWNER;
+ char *end_of_acl;
ksmbd_debug(SMB, "check permission using windows acl\n");
acl_size = ksmbd_vfs_get_sd_xattr(conn, dentry, &pntsd);
- if (acl_size <= 0 || (pntsd && !pntsd->dacloffset))
+ if (acl_size <= 0 || !pntsd || !pntsd->dacloffset) {
+ kfree(pntsd);
return 0;
+ }
pdacl = (struct smb_acl *)((char *)pntsd + le32_to_cpu(pntsd->dacloffset));
+ end_of_acl = ((char *)pntsd) + acl_size;
+ if (end_of_acl <= (char *)pdacl) {
+ kfree(pntsd);
+ return 0;
+ }
+
+ if (end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size) ||
+ le16_to_cpu(pdacl->size) < sizeof(struct smb_acl)) {
+ kfree(pntsd);
+ return 0;
+ }
+
if (!pdacl->num_aces) {
if (!(le16_to_cpu(pdacl->size) - sizeof(struct smb_acl)) &&
*pdaccess & ~(FILE_READ_CONTROL_LE | FILE_WRITE_DAC_LE)) {
@@ -1156,6 +1175,8 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
for (i = 0; i < le32_to_cpu(pdacl->num_aces); i++) {
granted |= le32_to_cpu(ace->access_req);
ace = (struct smb_ace *) ((char *)ace + le16_to_cpu(ace->size));
+ if (end_of_acl < (char *)ace)
+ goto err_out;
}
if (!pdacl->num_aces)
@@ -1177,6 +1198,8 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
others_ace = ace;
ace = (struct smb_ace *) ((char *)ace + le16_to_cpu(ace->size));
+ if (end_of_acl < (char *)ace)
+ goto err_out;
}
if (*pdaccess & FILE_MAXIMAL_ACCESS_LE && found) {
From patchwork Mon Nov 14 12:48:40 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183108
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:16 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:16 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:15 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 011/308] cifsd: remove unneeded FIXME comments
Date: Mon, 14 Nov 2022 20:48:40 +0800
Message-ID: <20221114125337.1831594-12-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
db5b6905-b6de-4740-e91e-08dac63c43b0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7011317
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Sergey Senozhatsky <senozhatsky(a)chromium.org>
mainline inclusion
from mainline-5.15-rc1
commit 2e2b0dda188993c86490cca02892a9a6e1449f5d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2e2b0dda1889
-------------------------------
Remove unneeded FIXME comments.
Signed-off-by: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/mgmt/share_config.c | 1 -
fs/cifsd/mgmt/share_config.h | 2 --
fs/cifsd/mgmt/tree_connect.c | 1 -
fs/cifsd/mgmt/tree_connect.h | 2 +-
fs/cifsd/mgmt/user_config.c | 1 -
fs/cifsd/mgmt/user_config.h | 3 +--
fs/cifsd/mgmt/user_session.c | 1 -
fs/cifsd/server.c | 2 --
fs/cifsd/smb_common.c | 1 -
fs/cifsd/transport_ipc.c | 3 ---
fs/cifsd/transport_ipc.h | 1 -
fs/cifsd/vfs_cache.c | 4 ----
12 files changed, 2 insertions(+), 20 deletions(-)
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index 0593702babfe..9bc7f7555ee2 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -16,7 +16,6 @@
#include "user_session.h"
#include "../buffer_pool.h"
#include "../transport_ipc.h"
-#include "../ksmbd_server.h" /* FIXME */
#define SHARE_HASH_BITS 3
static DEFINE_HASHTABLE(shares_table, SHARE_HASH_BITS);
diff --git a/fs/cifsd/mgmt/share_config.h b/fs/cifsd/mgmt/share_config.h
index c47b874bd80b..49ca89667991 100644
--- a/fs/cifsd/mgmt/share_config.h
+++ b/fs/cifsd/mgmt/share_config.h
@@ -10,8 +10,6 @@
#include <linux/hashtable.h>
#include <linux/path.h>
-#include "../glob.h" /* FIXME */
-
struct ksmbd_share_config {
char *name;
char *path;
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/cifsd/mgmt/tree_connect.c
index 2be7b2e2e3cd..d5670f2596a3 100644
--- a/fs/cifsd/mgmt/tree_connect.c
+++ b/fs/cifsd/mgmt/tree_connect.c
@@ -6,7 +6,6 @@
#include <linux/list.h>
#include <linux/slab.h>
-#include "../ksmbd_server.h" /* FIXME */
#include "../buffer_pool.h"
#include "../transport_ipc.h"
#include "../connection.h"
diff --git a/fs/cifsd/mgmt/tree_connect.h b/fs/cifsd/mgmt/tree_connect.h
index 46237cd05b9c..4e40ec3f4774 100644
--- a/fs/cifsd/mgmt/tree_connect.h
+++ b/fs/cifsd/mgmt/tree_connect.h
@@ -8,7 +8,7 @@
#include <linux/hashtable.h>
-#include "../ksmbd_server.h" /* FIXME */
+#include "../ksmbd_server.h"
struct ksmbd_share_config;
struct ksmbd_user;
diff --git a/fs/cifsd/mgmt/user_config.c b/fs/cifsd/mgmt/user_config.c
index 1ab68f80f72e..a1a454bfb57b 100644
--- a/fs/cifsd/mgmt/user_config.c
+++ b/fs/cifsd/mgmt/user_config.c
@@ -8,7 +8,6 @@
#include "user_config.h"
#include "../buffer_pool.h"
#include "../transport_ipc.h"
-#include "../ksmbd_server.h" /* FIXME */
struct ksmbd_user *ksmbd_login_user(const char *account)
{
diff --git a/fs/cifsd/mgmt/user_config.h b/fs/cifsd/mgmt/user_config.h
index 5cda4a5d3e2f..b2bb074a0150 100644
--- a/fs/cifsd/mgmt/user_config.h
+++ b/fs/cifsd/mgmt/user_config.h
@@ -6,8 +6,7 @@
#ifndef __USER_CONFIG_MANAGEMENT_H__
#define __USER_CONFIG_MANAGEMENT_H__
-#include "../glob.h" /* FIXME */
-#include "../ksmbd_server.h" /* FIXME */
+#include "../glob.h"
struct ksmbd_user {
unsigned short flags;
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index d9f6dbde850a..afcdf76a3851 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -14,7 +14,6 @@
#include "../transport_ipc.h"
#include "../connection.h"
#include "../buffer_pool.h"
-#include "../ksmbd_server.h" /* FIXME */
#include "../vfs_cache.h"
static struct ksmbd_ida *session_ida;
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index b9e114f8a5d2..4db443cd6dd1 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -102,8 +102,6 @@ static inline int check_conn_state(struct ksmbd_work *work)
return 0;
}
-/* @FIXME what a mess... god help. */
-
#define TCP_HANDLER_CONTINUE 0
#define TCP_HANDLER_ABORT 1
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index f7560b68b820..7eb6d98656c7 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -8,7 +8,6 @@
#include "server.h"
#include "misc.h"
#include "smbstatus.h"
-/* @FIXME */
#include "connection.h"
#include "ksmbd_work.h"
#include "mgmt/user_session.h"
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index b91fa265f85d..c49e46fda9b1 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -28,9 +28,6 @@
#include "connection.h"
#include "transport_tcp.h"
-/* @FIXME fix this code */
-extern int get_protocol_idx(char *str);
-
#define IPC_WAIT_TIMEOUT (2 * HZ)
#define IPC_MSG_HASH_BITS 3
diff --git a/fs/cifsd/transport_ipc.h b/fs/cifsd/transport_ipc.h
index 68c003027811..6ed7cbea727e 100644
--- a/fs/cifsd/transport_ipc.h
+++ b/fs/cifsd/transport_ipc.h
@@ -7,7 +7,6 @@
#define __KSMBD_TRANSPORT_IPC_H__
#include <linux/wait.h>
-#include "ksmbd_server.h" /* FIXME */
#define KSMBD_IPC_MAX_PAYLOAD 4096
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 8d8c4e373308..af92fab5b7ae 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -8,18 +8,14 @@
#include <linux/slab.h>
#include <linux/vmalloc.h>
-/* @FIXME */
#include "glob.h"
#include "vfs_cache.h"
#include "buffer_pool.h"
-
#include "oplock.h"
#include "vfs.h"
#include "connection.h"
#include "mgmt/tree_connect.h"
#include "mgmt/user_session.h"
-
-/* @FIXME */
#include "smb_common.h"
#define S_DEL_PENDING 1
From patchwork Mon Nov 14 12:48:41 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183109
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:17 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:16 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:16 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 012/308] cifsd: fix incorrect comments
Date: Mon, 14 Nov 2022 20:48:41 +0800
Message-ID: <20221114125337.1831594-13-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
5c433ec2-3367-4eca-54bf-08dac63c43f9
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7122418
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 95fa1ce947d60b1bb4a0b6c92989cbe3612c1e68
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/95fa1ce947d6
-------------------------------
kernel test bot reports some incorrect comments.
This patch fixes these comments.
Reported-by: kernel test bot <lkp(a)intel.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/oplock.c | 66 ++++++++++++++++------------------------
fs/cifsd/server.c | 6 ++--
fs/cifsd/smb2pdu.c | 60 +++++++++---------------------------
fs/cifsd/smb_common.c | 7 ++---
fs/cifsd/transport_tcp.c | 5 +--
5 files changed, 51 insertions(+), 93 deletions(-)
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index f694c14be0df..e56c938a8f7a 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -21,11 +21,10 @@ static LIST_HEAD(lease_table_list);
static DEFINE_RWLOCK(lease_list_lock);
/**
- * get_new_opinfo() - allocate a new opinfo object for oplock info
- * @conn: connection instance
+ * alloc_opinfo() - allocate a new opinfo object for oplock info
+ * @work: smb work
* @id: fid of open file
* @Tid: tree id of connection
- * @lctx: lease context information
*
* Return: allocated opinfo object on success, otherwise NULL
*/
@@ -462,14 +461,6 @@ static void grant_none_oplock(struct oplock_info *opinfo_new,
}
}
-/**
- * find_opinfo() - find lease object for given client guid and lease key
- * @head: oplock list(read,write or none) head
- * @guid1: client guid of matching lease owner
- * @key1: lease key of matching lease owner
- *
- * Return: oplock(lease) object on success, otherwise NULL
- */
static inline int compare_guid_key(struct oplock_info *opinfo,
const char *guid1, const char *key1)
{
@@ -610,9 +601,9 @@ static inline int allocate_oplock_break_buf(struct ksmbd_work *work)
}
/**
- * smb2_oplock_break_noti() - send smb2 oplock break cmd from conn
+ * __smb2_oplock_break_noti() - send smb2 oplock break cmd from conn
* to client
- * @work: smb work object
+ * @wk: smb work object
*
* There are two ways this function can be called. 1- while file open we break
* from exclusive/batch lock to levelII oplock and 2- while file write/truncate
@@ -686,10 +677,9 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
}
/**
- * smb2_oplock_break() - send smb2 exclusive/batch to level2 oplock
+ * smb2_oplock_break_noti() - send smb2 exclusive/batch to level2 oplock
* break command from server to client
* @opinfo: oplock info object
- * @ack_required if requiring ack
*
* Return: 0 on success, otherwise error
*/
@@ -734,7 +724,7 @@ static int smb2_oplock_break_noti(struct oplock_info *opinfo)
/**
* __smb2_lease_break_noti() - send lease break command from server
* to client
- * @work: smb work object
+ * @wk: smb work object
*/
static void __smb2_lease_break_noti(struct work_struct *wk)
{
@@ -790,10 +780,9 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
}
/**
- * smb2_break_lease() - break lease when a new client request
+ * smb2_lease_break_noti() - break lease when a new client request
* write lease
* @opinfo: conains lease state information
- * @ack_required: if requring ack
*
* Return: 0 on success, otherwise error
*/
@@ -1085,12 +1074,13 @@ static void set_oplock_level(struct oplock_info *opinfo, int level,
/**
* smb_grant_oplock() - handle oplock/lease request on file open
- * @fp: ksmbd file pointer
- * @oplock: granted oplock type
- * @id: fid of open file
- * @Tid: Tree id of connection
- * @lctx: lease context information on file open
- * @attr_only: attribute only file open type
+ * @work: smb work
+ * @req_op_level: oplock level
+ * @pid: id of open file
+ * @fp: ksmbd file pointer
+ * @tid: Tree id of connection
+ * @lctx: lease context information on file open
+ * @share_ret: share mode
*
* Return: 0 on success, otherwise error
*/
@@ -1222,10 +1212,10 @@ int smb_grant_oplock(struct ksmbd_work *work,
}
/**
- * smb_break_write_oplock() - break batch/exclusive oplock to level2
+ * smb_break_all_write_oplock() - break batch/exclusive oplock to level2
* @work: smb work
* @fp: ksmbd file pointer
- * @openfile: open file object
+ * @is_trunc: truncate on open
*/
static void smb_break_all_write_oplock(struct ksmbd_work *work,
struct ksmbd_file *fp, int is_trunc)
@@ -1250,7 +1240,7 @@ static void smb_break_all_write_oplock(struct ksmbd_work *work,
/**
* smb_break_all_levII_oplock() - send level2 oplock or read lease break command
* from server to client
- * @conn: connection instance
+ * @work: smb work
* @fp: ksmbd file pointer
* @is_trunc: truncate on open
*/
@@ -1351,7 +1341,7 @@ __u8 smb2_map_lease_to_oplock(__le32 lease_state)
/**
* create_lease_buf() - create lease context for open cmd response
* @rbuf: buffer to create lease context response
- * @lreq: buffer to stored parsed lease state information
+ * @lease: buffer to stored parsed lease state information
*/
void create_lease_buf(u8 *rbuf, struct lease *lease)
{
@@ -1378,7 +1368,6 @@ void create_lease_buf(u8 *rbuf, struct lease *lease)
/**
* parse_lease_state() - parse lease context containted in file open request
* @open_req: buffer containing smb2 file open(create) request
- * @lreq: buffer to stored parsed lease state information
*
* Return: oplock state, -ENOENT if create lease context not found
*/
@@ -1426,7 +1415,7 @@ struct lease_ctx_info *parse_lease_state(void *open_req)
/**
* smb2_find_context_vals() - find a particular context info in open request
* @open_req: buffer containing smb2 file open(create) request
- * @str: context name to search for
+ * @tag: context name to search for
*
* Return: pointer to requested context, NULL if @str context not found
*/
@@ -1458,7 +1447,7 @@ struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
}
/**
- * create_durable_buf() - create durable handle context
+ * create_durable_rsp__buf() - create durable handle context
* @cc: buffer to create durable context response
*/
void create_durable_rsp_buf(char *cc)
@@ -1481,8 +1470,9 @@ void create_durable_rsp_buf(char *cc)
}
/**
- * create_durable_buf() - create durable handle v2 context
+ * create_durable_v2_rsp_buf() - create durable handle v2 context
* @cc: buffer to create durable context response
+ * @fp: ksmbd file pointer
*/
void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp)
{
@@ -1508,8 +1498,9 @@ void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp)
}
/**
- * create_mxac_buf() - create query maximal access context
- * @cc: buffer to create maximal access context response
+ * create_mxac_rsp_buf() - create query maximal access context
+ * @cc: buffer to create maximal access context response
+ * @maximal_access: maximal access
*/
void create_mxac_rsp_buf(char *cc, int maximal_access)
{
@@ -1533,10 +1524,6 @@ void create_mxac_rsp_buf(char *cc, int maximal_access)
buf->MaximalAccess = cpu_to_le32(maximal_access);
}
-/**
- * create_mxac_buf() - create query maximal access context
- * @cc: buffer to create query disk on id context response
- */
void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id)
{
struct create_disk_id_rsp *buf;
@@ -1560,8 +1547,9 @@ void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id)
}
/**
- * create_posix_buf() - create posix extension context
+ * create_posix_rsp_buf() - create posix extension context
* @cc: buffer to create posix on posix response
+ * @fp: ksmbd file pointer
*/
void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
{
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index 4db443cd6dd1..d222190a846b 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -86,7 +86,7 @@ char *ksmbd_work_group(void)
/**
* check_conn_state() - check state of server thread connection
- * @ksmbd_work: smb work containing server thread information
+ * @work: smb work containing server thread information
*
* Return: 0 on valid connection, otherwise 1 to reconnect
*/
@@ -248,7 +248,7 @@ static void __handle_ksmbd_work(struct ksmbd_work *work,
/**
* handle_ksmbd_work() - process pending smb work requests
- * @ksmbd_work: smb work containing request command buffer
+ * @wk: smb work containing request command buffer
*
* called by kworker threads to processing remaining smb work requests
*/
@@ -604,7 +604,7 @@ static int __init ksmbd_server_init(void)
}
/**
- * exit_smb_server() - shutdown forker thread and free memory at module exit
+ * ksmbd_server_exit() - shutdown forker thread and free memory at module exit
*/
static void __exit ksmbd_server_exit(void)
{
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 730bddbc8152..e4b91838d35c 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -88,8 +88,7 @@ struct channel *lookup_chann_list(struct ksmbd_session *sess)
/**
* smb2_get_ksmbd_tcon() - get tree connection information for a tree id
- * @sess: session containing tree list
- * @tid: match tree connection with tree id
+ * @work: smb work
*
* Return: matching tree connection on success, otherwise error
*/
@@ -209,6 +208,7 @@ uint16_t get_smb2_cmd_val(struct ksmbd_work *work)
/**
* set_smb2_rsp_status() - set error response code on smb2 header
* @work: smb work containing response buffer
+ * @err: error response code
*/
void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err)
{
@@ -633,9 +633,10 @@ static void destroy_previous_session(struct ksmbd_user *user, uint64_t id)
/**
* smb2_get_name() - get filename string from on the wire smb format
+ * @share: ksmbd_share_config pointer
* @src: source buffer
* @maxlen: maxlen of source string
- * @work: smb work containing smb request buffer
+ * @nls_table: nls_table pointer
*
* Return: matching converted filename on success, otherwise error ptr
*/
@@ -747,6 +748,7 @@ static __le32 smb2_get_reparse_tag_special_file(umode_t mode)
/**
* smb2_get_dos_mode() - get file mode in dos format from unix mode
* @stat: kstat containing file mode
+ * @attribute: attribute flags
*
* Return: converted dos mode
*/
@@ -1797,7 +1799,6 @@ int smb2_tree_connect(struct ksmbd_work *work)
* @file_present: is file already present
* @access: file access flags
* @disposition: file disposition flags
- * @work: smb work containing smb request buffer
*
* Return: file open flags
*/
@@ -4112,12 +4113,6 @@ static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp,
inc_rfc1001_len(rsp, sizeof(struct smb2_file_internal_info));
}
-/**
- * smb2_info_file_pipe() - handler for smb2 query info on IPC pipe
- * @work: smb work containing query info command buffer
- *
- * Return: 0 on success, otherwise error
- */
static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
struct smb2_query_info_req *req, struct smb2_query_info_rsp *rsp)
{
@@ -4157,10 +4152,10 @@ static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
/**
* smb2_get_ea() - handler for smb2 get extended attribute command
* @work: smb work containing query info command buffer
- * @path: path of file/dir to query info command
- * @rq: get extended attribute request
- * @resp: response buffer pointer
- * @resp_org: base response buffer pointer in case of chained response
+ * @fp: ksmbd_file pointer
+ * @req: get extended attribute request
+ * @rsp: response buffer pointer
+ * @rsp_org: base response buffer pointer in case of chained response
*
* Return: 0 on success, otherwise error
*/
@@ -4761,12 +4756,6 @@ static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
return 0;
}
-/**
- * smb2_get_info_file() - handler for smb2 query info command
- * @work: smb work containing query info request buffer
- *
- * Return: 0 on success, otherwise error
- */
static int smb2_get_info_file(struct ksmbd_work *work,
struct smb2_query_info_req *req,
struct smb2_query_info_rsp *rsp,
@@ -4901,13 +4890,6 @@ static int smb2_get_info_file(struct ksmbd_work *work,
return rc;
}
-/**
- * smb2_get_info_filesystem() - handler for smb2 query info command
- * @work: smb work containing query info request buffer
- *
- * Return: 0 on success, otherwise error
- * TODO: need to implement STATUS_INFO_LENGTH_MISMATCH error handling
- */
static int smb2_get_info_filesystem(struct ksmbd_work *work,
struct smb2_query_info_req *req,
struct smb2_query_info_rsp *rsp,
@@ -5416,14 +5398,6 @@ int smb2_echo(struct ksmbd_work *work)
return 0;
}
-/**
- * smb2_rename() - handler for rename using smb2 setinfo command
- * @work: smb work containing set info command buffer
- * @filp: file pointer of source file
- * @old_fid: file id of source file
- *
- * Return: 0 on success, otherwise error
- */
static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
struct smb2_file_rename_info *file_info,
struct nls_table *local_nls)
@@ -5544,14 +5518,6 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
return rc;
}
-/**
- * smb2_create_link() - handler for creating hardlink using smb2
- * set info command
- * @work: smb work containing set info command buffer
- * @filp: file pointer of source file
- *
- * Return: 0 on success, otherwise error
- */
static int smb2_create_link(struct ksmbd_work *work,
struct ksmbd_share_config *share,
struct smb2_file_link_info *file_info,
@@ -5914,6 +5880,9 @@ static int set_file_mode_info(struct ksmbd_file *fp,
/**
* smb2_set_info_file() - handler for smb2 set info command
* @work: smb work containing set info command buffer
+ * @fp: ksmbd_file pointer
+ * @info_class: smb2 set info class
+ * @share: ksmbd_share_config pointer
*
* Return: 0 on success, otherwise error
* TODO: need to implement an error handling for STATUS_INFO_LENGTH_MISMATCH
@@ -8057,7 +8026,7 @@ int smb2_oplock_break(struct ksmbd_work *work)
/**
* smb2_notify() - handler for smb2 notify request
- * @ksmbd_work: smb work containing notify command buffer
+ * @work: smb work containing notify command buffer
*
* Return: 0
*/
@@ -8081,7 +8050,8 @@ int smb2_notify(struct ksmbd_work *work)
/**
* smb2_is_sign_req() - handler for checking packet signing status
- * @work:smb work containing notify command buffer
+ * @work: smb work containing notify command buffer
+ * @command: SMB2 command id
*
* Return: true if packed is signed, false otherwise
*/
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index 7eb6d98656c7..f779aae3fd6c 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -107,8 +107,8 @@ int ksmbd_lookup_protocol_idx(char *str)
}
/**
- * check_message() - check for valid smb2 request header
- * @buf: smb2 header to be checked
+ * ksmbd_verify_smb_message() - check for valid smb2 request header
+ * @work: smb work
*
* check for valid smb signature and packet direction(request/response)
*
@@ -125,9 +125,8 @@ int ksmbd_verify_smb_message(struct ksmbd_work *work)
}
/**
- * is_smb_request() - check for valid smb request type
+ * ksmbd_smb_request() - check for valid smb request type
* @conn: connection instance
- * @type: smb request type
*
* Return: true on success, otherwise false
*/
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index 60ec9b2e0370..359401227d93 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -173,7 +173,7 @@ static unsigned short ksmbd_tcp_get_port(const struct sockaddr *sa)
/**
* ksmbd_tcp_new_connection() - create a new tcp session on mount
- * @sock: socket associated with new connection
+ * @client_sk: socket associated with new connection
*
* whenever a new connection is requested, create a conn thread
* (session thread) to handle new incoming smb requests from the connection
@@ -252,7 +252,8 @@ static int ksmbd_kthread_fn(void *p)
}
/**
- * ksmbd_create_ksmbd_kthread() - start forker thread
+ * ksmbd_tcp_run_kthread() - start forker thread
+ * @iface: pointer to struct interface
*
* start forker thread(ksmbd/0) at module init time to listen
* on port 445 for new SMB connection requests. It creates per connection
From patchwork Mon Nov 14 12:48:42 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183110
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:17 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:17 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:16 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 013/308] cifsd: fix warning: variable
'total_ace_size' and 'posix_ccontext' set but not used
Date: Mon, 14 Nov 2022 20:48:42 +0800
Message-ID: <20221114125337.1831594-14-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ece37d63-aa11-4e34-32d8-08dac63c4442
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6822122
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 548e9ad317393b0439081454d2110f519431d5ef
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/548e9ad31739
-------------------------------
kernel test robot reported warnings:
fs/cifsd/smbacl.c: In function 'parse_sec_desc':
>> fs/cifsd/smbacl.c:786:6: warning: variable 'total_ace_size' set but
not used [-Wunused-but-set-variable]
786 | int total_ace_size = 0, pntsd_type;
| ^~~~~~~~~~~~~~
---
fs/cifsd/smb2pdu.c: In function 'smb2_open':
>> fs/cifsd/smb2pdu.c:3285:26: warning: variable 'posix_ccontext' set but
not used [-Wunused-but-set-variable]
3285 | struct create_context *posix_ccontext;
| ^~~~~~~~~~~~~~
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 4 ----
fs/cifsd/smbacl.c | 14 +++-----------
2 files changed, 3 insertions(+), 15 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index e4b91838d35c..4ec45c3fa00e 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -3283,10 +3283,6 @@ int smb2_open(struct ksmbd_work *work)
}
if (posix_ctxt) {
- struct create_context *posix_ccontext;
-
- posix_ccontext = (struct create_context *)(rsp->Buffer +
- le32_to_cpu(rsp->CreateContextsLength));
contxt_cnt++;
create_posix_rsp_buf(rsp->Buffer +
le32_to_cpu(rsp->CreateContextsLength),
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index 77c79cf4afd0..7f6d5313a02c 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -389,7 +389,8 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
return;
/* validate that we do not go past end of acl */
- if (end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size)) {
+ if (end_of_acl <= (char *)pdacl ||
+ end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size)) {
ksmbd_err("ACL too small to parse DACL\n");
return;
}
@@ -783,7 +784,7 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
struct smb_acl *dacl_ptr; /* no need for SACL ptr */
char *end_of_acl = ((char *)pntsd) + acl_len;
__u32 dacloffset;
- int total_ace_size = 0, pntsd_type;
+ int pntsd_type;
if (pntsd == NULL)
return -EIO;
@@ -800,16 +801,7 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
le32_to_cpu(pntsd->gsidoffset),
le32_to_cpu(pntsd->sacloffset), dacloffset);
- if (dacloffset) {
- if (end_of_acl <= (char *)dacl_ptr ||
- end_of_acl < (char *)dacl_ptr + le16_to_cpu(dacl_ptr->size))
- return -EIO;
- total_ace_size =
- le16_to_cpu(dacl_ptr->size) - sizeof(struct smb_acl);
- }
-
pntsd_type = le16_to_cpu(pntsd->type);
-
if (!(pntsd_type & DACL_PRESENT)) {
ksmbd_debug(SMB, "DACL_PRESENT in DACL type is not set\n");
return rc;
From patchwork Mon Nov 14 12:48:43 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183111
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:18 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:17 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:17 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 014/308] cifsd: Pass string length parameter to
match_pattern()
Date: Mon, 14 Nov 2022 20:48:43 +0800
Message-ID: <20221114125337.1831594-15-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2d8481bd-faf1-462b-eae7-08dac63c448a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7073721
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit b24c93358035e3c20630a45c0bcdbb45aad9707d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b24c93358035
-------------------------------
When iterating through a directory, a file's name may not be
null-terminated (depending on the underlying filesystem implementation).
Modify match_pattern to take the string's length into account when matching
it against the request pattern.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/misc.c | 7 +++++--
fs/cifsd/misc.h | 2 +-
fs/cifsd/smb2pdu.c | 2 +-
fs/cifsd/smb_common.c | 3 ++-
4 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
index 68983b08d519..189b90414976 100644
--- a/fs/cifsd/misc.c
+++ b/fs/cifsd/misc.c
@@ -22,20 +22,22 @@
* TODO : implement consideration about DOS_DOT, DOS_QM and DOS_STAR
*
* @string: string to compare with a pattern
+ * @len: string length
* @pattern: pattern string which might include wildcard '*' and '?'
*
* Return: 0 if pattern matched with the string, otherwise non zero value
*/
-int match_pattern(const char *str, const char *pattern)
+int match_pattern(const char *str, size_t len, const char *pattern)
{
const char *s = str;
const char *p = pattern;
bool star = false;
- while (*s) {
+ while (*s && len) {
switch (*p) {
case '?':
s++;
+ len--;
p++;
break;
case '*':
@@ -48,6 +50,7 @@ int match_pattern(const char *str, const char *pattern)
default:
if (tolower(*s) == tolower(*p)) {
s++;
+ len--;
p++;
} else {
if (!star)
diff --git a/fs/cifsd/misc.h b/fs/cifsd/misc.h
index 41b3dac2f5fc..73b21709b6c9 100644
--- a/fs/cifsd/misc.h
+++ b/fs/cifsd/misc.h
@@ -11,7 +11,7 @@ struct nls_table;
struct kstat;
struct ksmbd_file;
-int match_pattern(const char *str, const char *pattern);
+int match_pattern(const char *str, size_t len, const char *pattern);
int ksmbd_validate_filename(char *filename);
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 4ec45c3fa00e..32816baa8a99 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -3837,7 +3837,7 @@ static int __query_dir(struct dir_context *ctx,
return 0;
if (ksmbd_share_veto_filename(priv->work->tcon->share_conf, name))
return 0;
- if (!match_pattern(name, priv->search_pattern))
+ if (!match_pattern(name, namlen, priv->search_pattern))
return 0;
d_info->name = name;
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index f779aae3fd6c..2f58ef003238 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -294,7 +294,8 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work,
d_info->name_len = 2;
}
- if (!match_pattern(d_info->name, search_pattern)) {
+ if (!match_pattern(d_info->name, d_info->name_len,
+ search_pattern)) {
dir->dot_dotdot[i] = 1;
continue;
}
From patchwork Mon Nov 14 12:48:44 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183112
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:18 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:18 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:17 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 015/308] cifsd: Fix an error code in smb2_read()
Date: Mon, 14 Nov 2022 20:48:44 +0800
Message-ID: <20221114125337.1831594-16-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
73870316-d0cb-4f77-c904-08dac63c44d3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6834675
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit c1ea111fd1bb4c4020503f5c53cd05a703d1a30b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c1ea111fd1bb
-------------------------------
This code is assigning the wrong variable to "err" so it returns
zero/success instead of -ENOMEM.
Fixes: 788b6f45c1d2 ("cifsd: add server-side procedures for SMB3")
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 32816baa8a99..6770ebedc24a 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -6200,7 +6200,7 @@ int smb2_read(struct ksmbd_work *work)
work->aux_payload_buf = ksmbd_alloc_response(length);
}
if (!work->aux_payload_buf) {
- err = nbytes;
+ err = -ENOMEM;
goto out;
}
From patchwork Mon Nov 14 12:48:45 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183113
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:18 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:18 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 016/308] cifsd: fix error handling in
ksmbd_server_init()
Date: Mon, 14 Nov 2022 20:48:45 +0800
Message-ID: <20221114125337.1831594-17-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3eef6d13-a311-4c06-b225-08dac63c451d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7068589
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit 849f59e1a18adecf0617afc82efbfc5d126c49f8
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/849f59e1a18a
-------------------------------
The error handling in ksmbd_server_init() uses "one function to free
everything style" which is impossible to audit and leads to several
canonical bugs. When we free something that wasn't allocated it may be
uninitialized, an error pointer, freed in a different function or we
try freeing "foo->bar" when "foo" is a NULL pointer. And since the
code is impossible to audit then it leads to memory leaks.
In the ksmbd_server_init() function, every goto will lead to a crash
because we have not allocated the work queue but we call
ksmbd_workqueue_destroy() which tries to flush a NULL work queue.
Another bug is if ksmbd_init_buffer_pools() fails then it leads to a
double free because we free "work_cache" twice. A third type of bug is
that we forgot to call ksmbd_release_inode_hash() so that is a resource
leak.
A better way to write error handling is for every function to clean up
after itself and never leave things partially allocated. Then we can
use "free the last successfully allocated resource" style. That way
when someone is reading the code they can just track the last resource
in their head and verify that the goto matches what they expect.
In this patch I modified ksmbd_ipc_init() to clean up after itself and
then I converted ksmbd_server_init() to use gotos to clean up.
Fixes: cabcebc31de4 ("cifsd: introduce SMB3 kernel server")
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/server.c | 33 +++++++++++++++++++++++----------
fs/cifsd/transport_ipc.c | 14 +++++++++++---
fs/cifsd/vfs_cache.c | 2 +-
fs/cifsd/vfs_cache.h | 2 +-
4 files changed, 36 insertions(+), 15 deletions(-)
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index d222190a846b..048bbc66aa60 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -567,39 +567,52 @@ static int __init ksmbd_server_init(void)
ret = server_conf_init();
if (ret)
- return ret;
+ goto err_unregister;
ret = ksmbd_init_buffer_pools();
if (ret)
- return ret;
+ goto err_unregister;
ret = ksmbd_init_session_table();
if (ret)
- goto error;
+ goto err_destroy_pools;
ret = ksmbd_ipc_init();
if (ret)
- goto error;
+ goto err_free_session_table;
ret = ksmbd_init_global_file_table();
if (ret)
- goto error;
+ goto err_ipc_release;
ret = ksmbd_inode_hash_init();
if (ret)
- goto error;
+ goto err_destroy_file_table;
ret = ksmbd_crypto_create();
if (ret)
- goto error;
+ goto err_release_inode_hash;
ret = ksmbd_workqueue_init();
if (ret)
- goto error;
+ goto err_crypto_destroy;
return 0;
-error:
- ksmbd_server_shutdown();
+err_crypto_destroy:
+ ksmbd_crypto_destroy();
+err_release_inode_hash:
+ ksmbd_release_inode_hash();
+err_destroy_file_table:
+ ksmbd_free_global_file_table();
+err_ipc_release:
+ ksmbd_ipc_release();
+err_free_session_table:
+ ksmbd_free_session_table();
+err_destroy_pools:
+ ksmbd_destroy_buffer_pools();
+err_unregister:
+ class_unregister(&ksmbd_control_class);
+
return ret;
}
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index c49e46fda9b1..e5f4d97b2924 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -887,11 +887,19 @@ int ksmbd_ipc_init(void)
if (ret) {
ksmbd_err("Failed to register KSMBD netlink interface %d\n",
ret);
- return ret;
+ goto cancel_work;
}
ida = ksmbd_ida_alloc();
- if (!ida)
- return -ENOMEM;
+ if (!ida) {
+ ret = -ENOMEM;
+ goto unregister;
+ }
return 0;
+
+unregister:
+ genl_unregister_family(&ksmbd_genl_family);
+cancel_work:
+ cancel_delayed_work_sync(&ipc_timer_work);
+ return ret;
}
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index af92fab5b7ae..34e045f27230 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -236,7 +236,7 @@ int __init ksmbd_inode_hash_init(void)
return 0;
}
-void __exit ksmbd_release_inode_hash(void)
+void ksmbd_release_inode_hash(void)
{
vfree(inode_hashtable);
}
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index 7d23657c86c6..04ab5967a9ae 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -194,7 +194,7 @@ void ksmbd_set_fd_limit(unsigned long limit);
*/
int __init ksmbd_inode_hash_init(void);
-void __exit ksmbd_release_inode_hash(void);
+void ksmbd_release_inode_hash(void);
enum KSMBD_INODE_STATUS {
KSMBD_INODE_STATUS_OK,
From patchwork Mon Nov 14 12:48:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183114
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:19 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:18 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 017/308] cifsd: remove redundant assignment to
variable err
Date: Mon, 14 Nov 2022 20:48:46 +0800
Message-ID: <20221114125337.1831594-18-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d7f64538-d9fe-4dc4-1dfd-08dac63c4566
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6999095
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Colin Ian King <colin.king(a)canonical.com>
mainline inclusion
from mainline-5.15-rc1
commit 3161ad3a717e69b26ea3d73467ed8399023b5075
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/3161ad3a717e
-------------------------------
The variable err is being initialized with a value that is never read
and it is being updated later with a new value. The initialization is
redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 00f80ca45690..3d7413b8f526 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -587,7 +587,7 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
struct path parent;
struct dentry *dir, *dentry;
char *last;
- int err = -ENOENT;
+ int err;
last = extract_last_component(name);
if (!last)
From patchwork Mon Nov 14 12:48:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183115
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:19 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:19 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 018/308] cifsd: remove unneeded macros
Date: Mon, 14 Nov 2022 20:48:47 +0800
Message-ID: <20221114125337.1831594-19-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
91ef09b4-fbe2-459a-2dcf-08dac63c45b0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7053408
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit e5066499079de0e1dac094baf4cb62eb86cbdd4f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e5066499079d
-------------------------------
Remove unneeded RESPONSE_BUF, REQUEST_BUF, RESPONSE_SZ, INIT_AUX_PAYLOAD,
HAS_AUX_PAYLOAD, AUX_PAYLOAD, AUX_PAYLOAD_SIZE, RESP_HDR_SIZE,
HAS_TRANSFORM_BUF and TRANSFORM_BUF macros.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/connection.c | 15 ++-
fs/cifsd/ksmbd_work.c | 12 +--
fs/cifsd/ksmbd_work.h | 24 +----
fs/cifsd/oplock.c | 14 +--
fs/cifsd/server.c | 4 +-
fs/cifsd/smb2misc.c | 2 +-
fs/cifsd/smb2pdu.c | 212 +++++++++++++++++++++---------------------
fs/cifsd/smb_common.c | 8 +-
fs/cifsd/vfs.c | 2 +-
9 files changed, 139 insertions(+), 154 deletions(-)
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
index d27553dee2ad..bdfde5ca2ded 100644
--- a/fs/cifsd/connection.c
+++ b/fs/cifsd/connection.c
@@ -154,7 +154,7 @@ void ksmbd_conn_wait_idle(struct ksmbd_conn *conn)
int ksmbd_conn_write(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb_hdr *rsp_hdr = RESPONSE_BUF(work);
+ struct smb_hdr *rsp_hdr = work->response_buf;
size_t len = 0;
int sent;
struct kvec iov[3];
@@ -166,21 +166,20 @@ int ksmbd_conn_write(struct ksmbd_work *work)
return -EINVAL;
}
- if (HAS_TRANSFORM_BUF(work)) {
+ if (work->tr_buf) {
iov[iov_idx] = (struct kvec) { work->tr_buf,
sizeof(struct smb2_transform_hdr) };
len += iov[iov_idx++].iov_len;
}
- if (HAS_AUX_PAYLOAD(work)) {
- iov[iov_idx] = (struct kvec) { rsp_hdr, RESP_HDR_SIZE(work) };
+ if (work->aux_payload_sz) {
+ iov[iov_idx] = (struct kvec) { rsp_hdr, work->resp_hdr_sz };
len += iov[iov_idx++].iov_len;
- iov[iov_idx] = (struct kvec) { AUX_PAYLOAD(work),
- AUX_PAYLOAD_SIZE(work) };
+ iov[iov_idx] = (struct kvec) { work->aux_payload_buf, work->aux_payload_sz };
len += iov[iov_idx++].iov_len;
} else {
- if (HAS_TRANSFORM_BUF(work))
- iov[iov_idx].iov_len = RESP_HDR_SIZE(work);
+ if (work->tr_buf)
+ iov[iov_idx].iov_len = work->resp_hdr_sz;
else
iov[iov_idx].iov_len = get_rfc1002_len(rsp_hdr) + 4;
iov[iov_idx].iov_base = rsp_hdr;
diff --git a/fs/cifsd/ksmbd_work.c b/fs/cifsd/ksmbd_work.c
index 8cd5dff0762d..505e59df3071 100644
--- a/fs/cifsd/ksmbd_work.c
+++ b/fs/cifsd/ksmbd_work.c
@@ -40,18 +40,18 @@ void ksmbd_free_work_struct(struct ksmbd_work *work)
WARN_ON(work->saved_cred != NULL);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_TBUF &&
work->set_trans_buf)
- ksmbd_release_buffer(RESPONSE_BUF(work));
+ ksmbd_release_buffer(work->response_buf);
else
- ksmbd_free_response(RESPONSE_BUF(work));
+ ksmbd_free_response(work->response_buf);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF &&
work->set_read_buf)
- ksmbd_release_buffer(AUX_PAYLOAD(work));
+ ksmbd_release_buffer(work->aux_payload_buf);
else
- ksmbd_free_response(AUX_PAYLOAD(work));
+ ksmbd_free_response(work->aux_payload_buf);
- ksmbd_free_response(TRANSFORM_BUF(work));
- ksmbd_free_request(REQUEST_BUF(work));
+ ksmbd_free_response(work->tr_buf);
+ ksmbd_free_request(work->request_buf);
if (work->async_id)
ksmbd_release_id(work->conn->async_ida, work->async_id);
kmem_cache_free(work_cache, work);
diff --git a/fs/cifsd/ksmbd_work.h b/fs/cifsd/ksmbd_work.h
index 405434d4c8ab..28a1692ed37f 100644
--- a/fs/cifsd/ksmbd_work.h
+++ b/fs/cifsd/ksmbd_work.h
@@ -27,12 +27,12 @@ struct ksmbd_work {
struct ksmbd_tree_connect *tcon;
/* Pointer to received SMB header */
- char *request_buf;
+ void *request_buf;
/* Response buffer */
- char *response_buf;
+ void *response_buf;
/* Read data buffer */
- char *aux_payload_buf;
+ void *aux_payload_buf;
/* Next cmd hdr in compound req buf*/
int next_smb2_rcv_hdr_off;
@@ -92,24 +92,10 @@ struct ksmbd_work {
#define WORK_CLOSED(w) ((w)->state == KSMBD_WORK_CLOSED)
#define WORK_ACTIVE(w) ((w)->state == KSMBD_WORK_ACTIVE)
-#define RESPONSE_BUF(w) ((void *)(w)->response_buf)
-#define REQUEST_BUF(w) ((void *)(w)->request_buf)
-
#define RESPONSE_BUF_NEXT(w) \
- ((void *)((w)->response_buf + (w)->next_smb2_rsp_hdr_off))
+ (((w)->response_buf + (w)->next_smb2_rsp_hdr_off))
#define REQUEST_BUF_NEXT(w) \
- ((void *)((w)->request_buf + (w)->next_smb2_rcv_hdr_off))
-
-#define RESPONSE_SZ(w) ((w)->response_sz)
-
-#define INIT_AUX_PAYLOAD(w) ((w)->aux_payload_buf = NULL)
-#define HAS_AUX_PAYLOAD(w) ((w)->aux_payload_sz != 0)
-#define AUX_PAYLOAD(w) ((void *)((w)->aux_payload_buf))
-#define AUX_PAYLOAD_SIZE(w) ((w)->aux_payload_sz)
-#define RESP_HDR_SIZE(w) ((w)->resp_hdr_sz)
-
-#define HAS_TRANSFORM_BUF(w) ((w)->tr_buf != NULL)
-#define TRANSFORM_BUF(w) ((void *)((w)->tr_buf))
+ (((w)->request_buf + (w)->next_smb2_rcv_hdr_off))
struct ksmbd_work *ksmbd_alloc_work_struct(void);
void ksmbd_free_work_struct(struct ksmbd_work *work);
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index e56c938a8f7a..25823bb7d086 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -608,14 +608,14 @@ static inline int allocate_oplock_break_buf(struct ksmbd_work *work)
* There are two ways this function can be called. 1- while file open we break
* from exclusive/batch lock to levelII oplock and 2- while file write/truncate
* we break from levelII oplock no oplock.
- * REQUEST_BUF(work) contains oplock_info.
+ * work->request_buf contains oplock_info.
*/
static void __smb2_oplock_break_noti(struct work_struct *wk)
{
struct smb2_oplock_break *rsp = NULL;
struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
struct ksmbd_conn *conn = work->conn;
- struct oplock_break_info *br_info = REQUEST_BUF(work);
+ struct oplock_break_info *br_info = work->request_buf;
struct smb2_hdr *rsp_hdr;
struct ksmbd_file *fp;
@@ -634,7 +634,7 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
return;
}
- rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr = work->response_buf;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
@@ -650,7 +650,7 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
memset(rsp_hdr->Signature, 0, 16);
- rsp = RESPONSE_BUF(work);
+ rsp = work->response_buf;
rsp->StructureSize = cpu_to_le16(24);
if (!br_info->open_trunc &&
@@ -730,7 +730,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
{
struct smb2_lease_break *rsp = NULL;
struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
- struct lease_break_info *br_info = REQUEST_BUF(work);
+ struct lease_break_info *br_info = work->request_buf;
struct ksmbd_conn *conn = work->conn;
struct smb2_hdr *rsp_hdr;
@@ -741,7 +741,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
return;
}
- rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr = work->response_buf;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
@@ -756,7 +756,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
rsp_hdr->SessionId = 0;
memset(rsp_hdr->Signature, 0, 16);
- rsp = RESPONSE_BUF(work);
+ rsp = work->response_buf;
rsp->StructureSize = cpu_to_le16(44);
rsp->Reserved = 0;
rsp->Flags = 0;
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index 048bbc66aa60..80f5229da3ac 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -95,7 +95,7 @@ static inline int check_conn_state(struct ksmbd_work *work)
struct smb_hdr *rsp_hdr;
if (ksmbd_conn_exiting(work) || ksmbd_conn_need_reconnect(work)) {
- rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr = work->response_buf;
rsp_hdr->Status.CifsError = STATUS_CONNECTION_DISCONNECTED;
return 1;
}
@@ -169,7 +169,7 @@ static void __handle_ksmbd_work(struct ksmbd_work *work,
return;
if (conn->ops->is_transform_hdr &&
- conn->ops->is_transform_hdr(REQUEST_BUF(work))) {
+ conn->ops->is_transform_hdr(work->request_buf)) {
rc = conn->ops->decrypt_req(work);
if (rc < 0) {
conn->ops->set_rsp_status(work, STATUS_DATA_ERROR);
diff --git a/fs/cifsd/smb2misc.c b/fs/cifsd/smb2misc.c
index 485f431c776c..e6b87d9d33ed 100644
--- a/fs/cifsd/smb2misc.c
+++ b/fs/cifsd/smb2misc.c
@@ -355,7 +355,7 @@ static int smb2_validate_credit_charge(struct smb2_hdr *hdr)
int ksmbd_smb2_check_message(struct ksmbd_work *work)
{
- struct smb2_pdu *pdu = REQUEST_BUF(work);
+ struct smb2_pdu *pdu = work->request_buf;
struct smb2_hdr *hdr = &pdu->hdr;
int command;
__u32 clc_len; /* calculated length */
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 6770ebedc24a..460d5ba275bf 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -44,8 +44,8 @@ static void __wbuf(struct ksmbd_work *work, void **req, void **rsp)
*req = REQUEST_BUF_NEXT(work);
*rsp = RESPONSE_BUF_NEXT(work);
} else {
- *req = REQUEST_BUF(work);
- *rsp = RESPONSE_BUF(work);
+ *req = work->request_buf;
+ *rsp = work->response_buf;
}
}
@@ -94,7 +94,7 @@ struct channel *lookup_chann_list(struct ksmbd_session *sess)
*/
int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
{
- struct smb2_hdr *req_hdr = REQUEST_BUF(work);
+ struct smb2_hdr *req_hdr = work->request_buf;
int tree_id;
work->tcon = NULL;
@@ -131,7 +131,7 @@ void smb2_set_err_rsp(struct ksmbd_work *work)
if (work->next_smb2_rcv_hdr_off)
err_rsp = RESPONSE_BUF_NEXT(work);
else
- err_rsp = RESPONSE_BUF(work);
+ err_rsp = work->response_buf;
if (err_rsp->hdr.Status != STATUS_STOPPED_ON_SYMLINK) {
err_rsp->StructureSize = SMB2_ERROR_STRUCTURE_SIZE2_LE;
@@ -139,7 +139,7 @@ void smb2_set_err_rsp(struct ksmbd_work *work)
err_rsp->Reserved = 0;
err_rsp->ByteCount = 0;
err_rsp->ErrorData[0] = 0;
- inc_rfc1001_len(RESPONSE_BUF(work), SMB2_ERROR_STRUCTURE_SIZE2);
+ inc_rfc1001_len(work->response_buf, SMB2_ERROR_STRUCTURE_SIZE2);
}
}
@@ -151,7 +151,7 @@ void smb2_set_err_rsp(struct ksmbd_work *work)
*/
int is_smb2_neg_cmd(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = REQUEST_BUF(work);
+ struct smb2_hdr *hdr = work->request_buf;
/* is it SMB2 header ? */
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
@@ -175,7 +175,7 @@ int is_smb2_neg_cmd(struct ksmbd_work *work)
*/
int is_smb2_rsp(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = RESPONSE_BUF(work);
+ struct smb2_hdr *hdr = work->response_buf;
/* is it SMB2 header ? */
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
@@ -201,7 +201,7 @@ uint16_t get_smb2_cmd_val(struct ksmbd_work *work)
if (work->next_smb2_rcv_hdr_off)
rcv_hdr = REQUEST_BUF_NEXT(work);
else
- rcv_hdr = REQUEST_BUF(work);
+ rcv_hdr = work->request_buf;
return le16_to_cpu(rcv_hdr->Command);
}
@@ -217,7 +217,7 @@ void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err)
if (work->next_smb2_rcv_hdr_off)
rsp_hdr = RESPONSE_BUF_NEXT(work);
else
- rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr = work->response_buf;
rsp_hdr->Status = err;
smb2_set_err_rsp(work);
}
@@ -241,7 +241,7 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
conn->dialect <= SMB311_PROT_ID))
return -EINVAL;
- rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr = work->response_buf;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
@@ -260,7 +260,7 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
rsp_hdr->SessionId = 0;
memset(rsp_hdr->Signature, 0, 16);
- rsp = RESPONSE_BUF(work);
+ rsp = work->response_buf;
WARN_ON(ksmbd_conn_good(work));
@@ -410,11 +410,11 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
work->compound_sid = le64_to_cpu(rsp->SessionId);
}
- len = get_rfc1002_len(RESPONSE_BUF(work)) - work->next_smb2_rsp_hdr_off;
+ len = get_rfc1002_len(work->response_buf) - work->next_smb2_rsp_hdr_off;
next_hdr_offset = le32_to_cpu(req->NextCommand);
new_len = ALIGN(len, 8);
- inc_rfc1001_len(RESPONSE_BUF(work), ((sizeof(struct smb2_hdr) - 4)
+ inc_rfc1001_len(work->response_buf, ((sizeof(struct smb2_hdr) - 4)
+ new_len - len));
rsp->NextCommand = cpu_to_le32(new_len);
@@ -459,7 +459,7 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
*/
bool is_chained_smb2_message(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = REQUEST_BUF(work);
+ struct smb2_hdr *hdr = work->request_buf;
unsigned int len;
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
@@ -475,12 +475,12 @@ bool is_chained_smb2_message(struct ksmbd_work *work)
* This is last request in chained command,
* align response to 8 byte
*/
- len = ALIGN(get_rfc1002_len(RESPONSE_BUF(work)), 8);
- len = len - get_rfc1002_len(RESPONSE_BUF(work));
+ len = ALIGN(get_rfc1002_len(work->response_buf), 8);
+ len = len - get_rfc1002_len(work->response_buf);
if (len) {
ksmbd_debug(SMB, "padding len %u\n", len);
- inc_rfc1001_len(RESPONSE_BUF(work), len);
- if (HAS_AUX_PAYLOAD(work))
+ inc_rfc1001_len(work->response_buf, len);
+ if (work->aux_payload_sz)
work->aux_payload_sz += len;
}
}
@@ -495,8 +495,8 @@ bool is_chained_smb2_message(struct ksmbd_work *work)
*/
int init_smb2_rsp_hdr(struct ksmbd_work *work)
{
- struct smb2_hdr *rsp_hdr = RESPONSE_BUF(work);
- struct smb2_hdr *rcv_hdr = REQUEST_BUF(work);
+ struct smb2_hdr *rsp_hdr = work->response_buf;
+ struct smb2_hdr *rcv_hdr = work->request_buf;
struct ksmbd_conn *conn = work->conn;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
@@ -533,7 +533,7 @@ int init_smb2_rsp_hdr(struct ksmbd_work *work)
*/
int smb2_allocate_rsp_buf(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = REQUEST_BUF(work);
+ struct smb2_hdr *hdr = work->request_buf;
size_t small_sz = MAX_CIFS_SMALL_BUFFER_SIZE;
size_t large_sz = work->conn->vals->max_trans_size + MAX_SMB2_HDR_SIZE;
size_t sz = small_sz;
@@ -547,7 +547,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
if (cmd == SMB2_QUERY_INFO_HE) {
struct smb2_query_info_req *req;
- req = REQUEST_BUF(work);
+ req = work->request_buf;
if (req->InfoType == SMB2_O_INFO_FILE &&
(req->FileInfoClass == FILE_FULL_EA_INFORMATION ||
req->FileInfoClass == FILE_ALL_INFORMATION)) {
@@ -566,7 +566,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
else
work->response_buf = ksmbd_alloc_response(sz);
- if (!RESPONSE_BUF(work)) {
+ if (!work->response_buf) {
ksmbd_err("Failed to allocate %zu bytes buffer\n", sz);
return -ENOMEM;
}
@@ -583,7 +583,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
*/
int smb2_check_user_session(struct ksmbd_work *work)
{
- struct smb2_hdr *req_hdr = REQUEST_BUF(work);
+ struct smb2_hdr *req_hdr = work->request_buf;
struct ksmbd_conn *conn = work->conn;
unsigned int cmd = conn->ops->get_cmd_val(work);
unsigned long long sess_id;
@@ -686,7 +686,7 @@ int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
struct ksmbd_conn *conn = work->conn;
int id;
- rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr = work->response_buf;
rsp_hdr->Flags |= SMB2_FLAGS_ASYNC_COMMAND;
id = ksmbd_acquire_async_msg_id(conn->async_ida);
@@ -716,7 +716,7 @@ void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status)
{
struct smb2_hdr *rsp_hdr;
- rsp_hdr = RESPONSE_BUF(work);
+ rsp_hdr = work->response_buf;
smb2_set_err_rsp(work);
rsp_hdr->Status = status;
@@ -1030,8 +1030,8 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
int smb2_handle_negotiate(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_negotiate_req *req = REQUEST_BUF(work);
- struct smb2_negotiate_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_negotiate_req *req = work->request_buf;
+ struct smb2_negotiate_rsp *rsp = work->response_buf;
int rc = 0;
__le32 status;
@@ -1078,7 +1078,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
}
ksmbd_gen_preauth_integrity_hash(conn,
- REQUEST_BUF(work),
+ work->request_buf,
conn->preauth_info->Preauth_HashValue);
rsp->NegotiateContextOffset =
cpu_to_le32(OFFSET_OF_NEG_CONTEXT);
@@ -1198,7 +1198,7 @@ static int generate_preauth_hash(struct ksmbd_work *work)
}
ksmbd_gen_preauth_integrity_hash(conn,
- REQUEST_BUF(work),
+ work->request_buf,
sess->Preauth_HashValue);
return 0;
}
@@ -1213,7 +1213,7 @@ static int decode_negotiation_token(struct ksmbd_work *work,
if (!conn->use_spnego)
return -EINVAL;
- req = REQUEST_BUF(work);
+ req = work->request_buf;
sz = le16_to_cpu(req->SecurityBufferLength);
if (!ksmbd_decode_negTokenInit((char *)negblob, sz, conn)) {
@@ -1229,8 +1229,8 @@ static int decode_negotiation_token(struct ksmbd_work *work,
static int ntlm_negotiate(struct ksmbd_work *work,
struct negotiate_message *negblob)
{
- struct smb2_sess_setup_req *req = REQUEST_BUF(work);
- struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_sess_setup_req *req = work->request_buf;
+ struct smb2_sess_setup_rsp *rsp = work->response_buf;
struct challenge_message *chgblob;
unsigned char *spnego_blob = NULL;
u16 spnego_blob_len;
@@ -1330,8 +1330,8 @@ static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
static int ntlm_authenticate(struct ksmbd_work *work)
{
- struct smb2_sess_setup_req *req = REQUEST_BUF(work);
- struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_sess_setup_req *req = work->request_buf;
+ struct smb2_sess_setup_rsp *rsp = work->response_buf;
struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess = work->sess;
struct channel *chann = NULL;
@@ -1473,8 +1473,8 @@ static int ntlm_authenticate(struct ksmbd_work *work)
#ifdef CONFIG_SMB_SERVER_KERBEROS5
static int krb5_authenticate(struct ksmbd_work *work)
{
- struct smb2_sess_setup_req *req = REQUEST_BUF(work);
- struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_sess_setup_req *req = work->request_buf;
+ struct smb2_sess_setup_rsp *rsp = work->response_buf;
struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess = work->sess;
char *in_blob, *out_blob;
@@ -1570,8 +1570,8 @@ static int krb5_authenticate(struct ksmbd_work *work)
int smb2_sess_setup(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_sess_setup_req *req = REQUEST_BUF(work);
- struct smb2_sess_setup_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_sess_setup_req *req = work->request_buf;
+ struct smb2_sess_setup_rsp *rsp = work->response_buf;
struct ksmbd_session *sess;
struct negotiate_message *negblob;
int rc = 0;
@@ -1695,8 +1695,8 @@ int smb2_sess_setup(struct ksmbd_work *work)
int smb2_tree_connect(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_tree_connect_req *req = REQUEST_BUF(work);
- struct smb2_tree_connect_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_tree_connect_req *req = work->request_buf;
+ struct smb2_tree_connect_rsp *rsp = work->response_buf;
struct ksmbd_session *sess = work->sess;
char *treename = NULL, *name = NULL;
struct ksmbd_tree_conn_status status;
@@ -1858,7 +1858,7 @@ static int smb2_create_open_flags(bool file_present, __le32 access,
*/
int smb2_tree_disconnect(struct ksmbd_work *work)
{
- struct smb2_tree_disconnect_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_tree_disconnect_rsp *rsp = work->response_buf;
struct ksmbd_session *sess = work->sess;
struct ksmbd_tree_connect *tcon = work->tcon;
@@ -1868,7 +1868,7 @@ int smb2_tree_disconnect(struct ksmbd_work *work)
ksmbd_debug(SMB, "request\n");
if (!tcon) {
- struct smb2_tree_disconnect_req *req = REQUEST_BUF(work);
+ struct smb2_tree_disconnect_req *req = work->request_buf;
ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId);
rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED;
@@ -1890,7 +1890,7 @@ int smb2_tree_disconnect(struct ksmbd_work *work)
int smb2_session_logoff(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_logoff_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_logoff_rsp *rsp = work->response_buf;
struct ksmbd_session *sess = work->sess;
rsp->StructureSize = cpu_to_le16(4);
@@ -1907,7 +1907,7 @@ int smb2_session_logoff(struct ksmbd_work *work)
ksmbd_conn_wait_idle(conn);
if (ksmbd_tree_conn_session_logoff(sess)) {
- struct smb2_logoff_req *req = REQUEST_BUF(work);
+ struct smb2_logoff_req *req = work->request_buf;
ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId);
rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED;
@@ -1934,8 +1934,8 @@ int smb2_session_logoff(struct ksmbd_work *work)
*/
static noinline int create_smb2_pipe(struct ksmbd_work *work)
{
- struct smb2_create_rsp *rsp = RESPONSE_BUF(work);
- struct smb2_create_req *req = REQUEST_BUF(work);
+ struct smb2_create_rsp *rsp = work->response_buf;
+ struct smb2_create_req *req = work->request_buf;
int id;
int err;
char *name;
@@ -2490,7 +2490,7 @@ int smb2_open(struct ksmbd_work *work)
umode_t posix_mode = 0;
__le32 daccess, maximal_access = 0;
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (req->hdr.NextCommand && !work->next_smb2_rcv_hdr_off &&
@@ -3889,7 +3889,7 @@ int smb2_query_dir(struct ksmbd_work *work)
int buffer_sz;
struct smb2_query_dir_private query_dir_private = {NULL, };
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (ksmbd_override_fsids(work)) {
@@ -5190,7 +5190,7 @@ int smb2_query_info(struct ksmbd_work *work)
struct smb2_query_info_rsp *rsp, *rsp_org;
int rc = 0;
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
ksmbd_debug(SMB, "GOT query info request\n");
@@ -5244,8 +5244,8 @@ int smb2_query_info(struct ksmbd_work *work)
static noinline int smb2_close_pipe(struct ksmbd_work *work)
{
uint64_t id;
- struct smb2_close_req *req = REQUEST_BUF(work);
- struct smb2_close_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_close_req *req = work->request_buf;
+ struct smb2_close_rsp *rsp = work->response_buf;
id = le64_to_cpu(req->VolatileFileId);
ksmbd_session_rpc_close(work->sess, id);
@@ -5283,7 +5283,7 @@ int smb2_close(struct ksmbd_work *work)
u64 time;
int err = 0;
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (test_share_config_flag(work->tcon->share_conf,
@@ -5386,7 +5386,7 @@ int smb2_close(struct ksmbd_work *work)
*/
int smb2_echo(struct ksmbd_work *work)
{
- struct smb2_echo_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_echo_rsp *rsp = work->response_buf;
rsp->StructureSize = cpu_to_le16(4);
rsp->Reserved = 0;
@@ -5974,7 +5974,7 @@ int smb2_set_info(struct ksmbd_work *work)
ksmbd_debug(SMB, "Received set info request\n");
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
if (work->next_smb2_rcv_hdr_off) {
req = REQUEST_BUF_NEXT(work);
rsp = RESPONSE_BUF_NEXT(work);
@@ -5985,8 +5985,8 @@ int smb2_set_info(struct ksmbd_work *work)
pid = work->compound_pfid;
}
} else {
- req = REQUEST_BUF(work);
- rsp = RESPONSE_BUF(work);
+ req = work->request_buf;
+ rsp = work->response_buf;
}
if (!HAS_FILE_ID(id)) {
@@ -6062,8 +6062,8 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
int nbytes = 0, err;
uint64_t id;
struct ksmbd_rpc_command *rpc_resp;
- struct smb2_read_req *req = REQUEST_BUF(work);
- struct smb2_read_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_read_req *req = work->request_buf;
+ struct smb2_read_rsp *rsp = work->response_buf;
id = le64_to_cpu(req->VolatileFileId);
@@ -6155,7 +6155,7 @@ int smb2_read(struct ksmbd_work *work)
ssize_t nbytes = 0, remain_bytes = 0;
int err = 0;
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (test_share_config_flag(work->tcon->share_conf,
@@ -6212,10 +6212,10 @@ int smb2_read(struct ksmbd_work *work)
if ((nbytes == 0 && length != 0) || nbytes < mincount) {
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
- ksmbd_release_buffer(AUX_PAYLOAD(work));
+ ksmbd_release_buffer(work->aux_payload_buf);
else
- ksmbd_free_response(AUX_PAYLOAD(work));
- INIT_AUX_PAYLOAD(work);
+ ksmbd_free_response(work->aux_payload_buf);
+ work->aux_payload_buf = NULL;
rsp->hdr.Status = STATUS_END_OF_FILE;
smb2_set_err_rsp(work);
ksmbd_fd_put(work, fp);
@@ -6229,12 +6229,12 @@ int smb2_read(struct ksmbd_work *work)
req->Channel == SMB2_CHANNEL_RDMA_V1) {
/* write data to the client using rdma channel */
remain_bytes = smb2_read_rdma_channel(work, req,
- AUX_PAYLOAD(work), nbytes);
+ work->aux_payload_buf, nbytes);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
- ksmbd_release_buffer(AUX_PAYLOAD(work));
+ ksmbd_release_buffer(work->aux_payload_buf);
else
- ksmbd_free_response(AUX_PAYLOAD(work));
- INIT_AUX_PAYLOAD(work);
+ ksmbd_free_response(work->aux_payload_buf);
+ work->aux_payload_buf = NULL;
nbytes = 0;
if (remain_bytes < 0) {
@@ -6287,8 +6287,8 @@ int smb2_read(struct ksmbd_work *work)
*/
static noinline int smb2_write_pipe(struct ksmbd_work *work)
{
- struct smb2_write_req *req = REQUEST_BUF(work);
- struct smb2_write_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_write_req *req = work->request_buf;
+ struct smb2_write_rsp *rsp = work->response_buf;
struct ksmbd_rpc_command *rpc_resp;
uint64_t id = 0;
int err = 0, ret = 0;
@@ -6418,7 +6418,7 @@ int smb2_write(struct ksmbd_work *work)
bool writethrough = false;
int err = 0;
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (test_share_config_flag(work->tcon->share_conf,
@@ -6548,7 +6548,7 @@ int smb2_flush(struct ksmbd_work *work)
struct smb2_flush_rsp *rsp, *rsp_org;
int err;
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
ksmbd_debug(SMB, "SMB2_FLUSH called for fid %llu\n",
@@ -6583,7 +6583,7 @@ int smb2_flush(struct ksmbd_work *work)
int smb2_cancel(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_hdr *hdr = REQUEST_BUF(work);
+ struct smb2_hdr *hdr = work->request_buf;
struct smb2_hdr *chdr;
struct ksmbd_work *cancel_work = NULL;
struct list_head *tmp;
@@ -6600,7 +6600,7 @@ int smb2_cancel(struct ksmbd_work *work)
list_for_each(tmp, command_list) {
cancel_work = list_entry(tmp, struct ksmbd_work,
async_request_entry);
- chdr = REQUEST_BUF(cancel_work);
+ chdr = cancel_work->request_buf;
if (cancel_work->async_id !=
le64_to_cpu(hdr->Id.AsyncId))
@@ -6621,7 +6621,7 @@ int smb2_cancel(struct ksmbd_work *work)
list_for_each(tmp, command_list) {
cancel_work = list_entry(tmp, struct ksmbd_work,
request_entry);
- chdr = REQUEST_BUF(cancel_work);
+ chdr = cancel_work->request_buf;
if (chdr->MessageId != hdr->MessageId ||
cancel_work == work)
@@ -6754,8 +6754,8 @@ static inline bool lock_defer_pending(struct file_lock *fl)
*/
int smb2_lock(struct ksmbd_work *work)
{
- struct smb2_lock_req *req = REQUEST_BUF(work);
- struct smb2_lock_rsp *rsp = RESPONSE_BUF(work);
+ struct smb2_lock_req *req = work->request_buf;
+ struct smb2_lock_rsp *rsp = work->response_buf;
struct smb2_lock_element *lock_ele;
struct ksmbd_file *fp = NULL;
struct file_lock *flock = NULL;
@@ -7504,7 +7504,7 @@ int smb2_ioctl(struct ksmbd_work *work)
struct ksmbd_conn *conn = work->conn;
int ret = 0;
- rsp_org = RESPONSE_BUF(work);
+ rsp_org = work->response_buf;
if (work->next_smb2_rcv_hdr_off) {
req = REQUEST_BUF_NEXT(work);
rsp = RESPONSE_BUF_NEXT(work);
@@ -7514,8 +7514,8 @@ int smb2_ioctl(struct ksmbd_work *work)
id = work->compound_fid;
}
} else {
- req = REQUEST_BUF(work);
- rsp = RESPONSE_BUF(work);
+ req = work->request_buf;
+ rsp = work->response_buf;
}
if (!HAS_FILE_ID(id))
@@ -7725,8 +7725,8 @@ int smb2_ioctl(struct ksmbd_work *work)
*/
static void smb20_oplock_break_ack(struct ksmbd_work *work)
{
- struct smb2_oplock_break *req = REQUEST_BUF(work);
- struct smb2_oplock_break *rsp = RESPONSE_BUF(work);
+ struct smb2_oplock_break *req = work->request_buf;
+ struct smb2_oplock_break *rsp = work->response_buf;
struct ksmbd_file *fp;
struct oplock_info *opinfo = NULL;
__le32 err = 0;
@@ -7867,8 +7867,8 @@ static int check_lease_state(struct lease *lease, __le32 req_state)
static void smb21_lease_break_ack(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_lease_ack *req = REQUEST_BUF(work);
- struct smb2_lease_ack *rsp = RESPONSE_BUF(work);
+ struct smb2_lease_ack *req = work->request_buf;
+ struct smb2_lease_ack *rsp = work->response_buf;
struct oplock_info *opinfo;
__le32 err = 0;
int ret = 0;
@@ -8000,8 +8000,8 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
*/
int smb2_oplock_break(struct ksmbd_work *work)
{
- struct smb2_oplock_break *req = REQUEST_BUF(work);
- struct smb2_oplock_break *rsp = RESPONSE_BUF(work);
+ struct smb2_oplock_break *req = work->request_buf;
+ struct smb2_oplock_break *rsp = work->response_buf;
switch (le16_to_cpu(req->StructureSize)) {
case OP_BREAK_STRUCT_SIZE_20:
@@ -8053,7 +8053,7 @@ int smb2_notify(struct ksmbd_work *work)
*/
bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command)
{
- struct smb2_hdr *rcv_hdr2 = REQUEST_BUF(work);
+ struct smb2_hdr *rcv_hdr2 = work->request_buf;
if ((rcv_hdr2->Flags & SMB2_FLAGS_SIGNED) &&
command != SMB2_NEGOTIATE_HE &&
@@ -8078,7 +8078,7 @@ int smb2_check_sign_req(struct ksmbd_work *work)
struct kvec iov[1];
size_t len;
- hdr_org = hdr = REQUEST_BUF(work);
+ hdr_org = hdr = work->request_buf;
if (work->next_smb2_rcv_hdr_off)
hdr = REQUEST_BUF_NEXT(work);
@@ -8122,7 +8122,7 @@ void smb2_set_sign_rsp(struct ksmbd_work *work)
size_t len;
int n_vec = 1;
- hdr_org = hdr = RESPONSE_BUF(work);
+ hdr_org = hdr = work->response_buf;
if (work->next_smb2_rsp_hdr_off)
hdr = RESPONSE_BUF_NEXT(work);
@@ -8146,11 +8146,11 @@ void smb2_set_sign_rsp(struct ksmbd_work *work)
iov[0].iov_base = (char *)&hdr->ProtocolId;
iov[0].iov_len = len;
- if (HAS_AUX_PAYLOAD(work)) {
- iov[0].iov_len -= AUX_PAYLOAD_SIZE(work);
+ if (work->aux_payload_sz) {
+ iov[0].iov_len -= work->aux_payload_sz;
- iov[1].iov_base = AUX_PAYLOAD(work);
- iov[1].iov_len = AUX_PAYLOAD_SIZE(work);
+ iov[1].iov_base = work->aux_payload_buf;
+ iov[1].iov_len = work->aux_payload_sz;
n_vec++;
}
@@ -8176,7 +8176,7 @@ int smb3_check_sign_req(struct ksmbd_work *work)
struct kvec iov[1];
size_t len;
- hdr_org = hdr = REQUEST_BUF(work);
+ hdr_org = hdr = work->request_buf;
if (work->next_smb2_rcv_hdr_off)
hdr = REQUEST_BUF_NEXT(work);
@@ -8237,7 +8237,7 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)
size_t len;
char *signing_key;
- hdr_org = hdr = RESPONSE_BUF(work);
+ hdr_org = hdr = work->response_buf;
if (work->next_smb2_rsp_hdr_off)
hdr = RESPONSE_BUF_NEXT(work);
@@ -8273,10 +8273,10 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)
memset(hdr->Signature, 0, SMB2_SIGNATURE_SIZE);
iov[0].iov_base = (char *)&hdr->ProtocolId;
iov[0].iov_len = len;
- if (HAS_AUX_PAYLOAD(work)) {
- iov[0].iov_len -= AUX_PAYLOAD_SIZE(work);
- iov[1].iov_base = AUX_PAYLOAD(work);
- iov[1].iov_len = AUX_PAYLOAD_SIZE(work);
+ if (work->aux_payload_sz) {
+ iov[0].iov_len -= work->aux_payload_sz;
+ iov[1].iov_base = work->aux_payload_buf;
+ iov[1].iov_len = work->aux_payload_sz;
n_vec++;
}
@@ -8336,11 +8336,11 @@ static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr,
int smb3_encrypt_resp(struct ksmbd_work *work)
{
- char *buf = RESPONSE_BUF(work);
+ char *buf = work->response_buf;
struct smb2_transform_hdr *tr_hdr;
struct kvec iov[3];
int rc = -ENOMEM;
- int buf_size = 0, rq_nvec = 2 + (HAS_AUX_PAYLOAD(work) ? 1 : 0);
+ int buf_size = 0, rq_nvec = 2 + (work->aux_payload_sz ? 1 : 0);
if (ARRAY_SIZE(iov) < rq_nvec)
return -ENOMEM;
@@ -8358,11 +8358,11 @@ int smb3_encrypt_resp(struct ksmbd_work *work)
iov[1].iov_base = buf + 4;
iov[1].iov_len = get_rfc1002_len(buf);
- if (HAS_AUX_PAYLOAD(work)) {
- iov[1].iov_len = RESP_HDR_SIZE(work) - 4;
+ if (work->aux_payload_sz) {
+ iov[1].iov_len = work->resp_hdr_sz - 4;
- iov[2].iov_base = AUX_PAYLOAD(work);
- iov[2].iov_len = AUX_PAYLOAD_SIZE(work);
+ iov[2].iov_base = work->aux_payload_buf;
+ iov[2].iov_len = work->aux_payload_sz;
buf_size += iov[2].iov_len;
}
buf_size += iov[1].iov_len;
@@ -8390,7 +8390,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess;
- char *buf = REQUEST_BUF(work);
+ char *buf = work->request_buf;
struct smb2_hdr *hdr;
unsigned int pdu_length = get_rfc1002_len(buf);
struct kvec iov[2];
@@ -8437,7 +8437,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_hdr *rsp = RESPONSE_BUF(work);
+ struct smb2_hdr *rsp = work->response_buf;
if (conn->dialect < SMB30_PROT_ID)
return false;
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index 2f58ef003238..da1928b948f8 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -116,7 +116,7 @@ int ksmbd_lookup_protocol_idx(char *str)
*/
int ksmbd_verify_smb_message(struct ksmbd_work *work)
{
- struct smb2_hdr *smb2_hdr = REQUEST_BUF(work);
+ struct smb2_hdr *smb2_hdr = work->request_buf;
if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER)
return ksmbd_smb2_check_message(work);
@@ -408,7 +408,7 @@ static int __smb2_negotiate(struct ksmbd_conn *conn)
static int smb_handle_negotiate(struct ksmbd_work *work)
{
- struct smb_negotiate_rsp *neg_rsp = RESPONSE_BUF(work);
+ struct smb_negotiate_rsp *neg_rsp = work->response_buf;
ksmbd_debug(SMB, "Unsupported SMB protocol\n");
neg_rsp->hdr.Status.CifsError = STATUS_INVALID_LOGON_TYPE;
@@ -420,11 +420,11 @@ int ksmbd_smb_negotiate_common(struct ksmbd_work *work, unsigned int command)
struct ksmbd_conn *conn = work->conn;
int ret;
- conn->dialect = ksmbd_negotiate_smb_dialect(REQUEST_BUF(work));
+ conn->dialect = ksmbd_negotiate_smb_dialect(work->request_buf);
ksmbd_debug(SMB, "conn->dialect 0x%x\n", conn->dialect);
if (command == SMB2_NEGOTIATE_HE) {
- struct smb2_hdr *smb2_hdr = REQUEST_BUF(work);
+ struct smb2_hdr *smb2_hdr = work->request_buf;
if (smb2_hdr->ProtocolId != SMB2_PROTO_NUMBER) {
ksmbd_debug(SMB, "Downgrade to SMB1 negotiation\n");
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 3d7413b8f526..e860ff9145a7 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -372,7 +372,7 @@ int ksmbd_vfs_read(struct ksmbd_work *work,
char namebuf[NAME_MAX];
int ret;
- rbuf = AUX_PAYLOAD(work);
+ rbuf = work->aux_payload_buf;
filp = fp->filp;
inode = d_inode(filp->f_path.dentry);
if (S_ISDIR(inode->i_mode))
From patchwork Mon Nov 14 12:48:48 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183116
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:20 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:20 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:19 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 019/308] cifsd: fix wrong use of rw semaphore in
__session_create()
Date: Mon, 14 Nov 2022 20:48:48 +0800
Message-ID: <20221114125337.1831594-20-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
b314706b-939f-450f-5771-08dac63c45f9
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7164575
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 69f447be15130b57cc00fa0a5c2d3fa949a46165
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/69f447be1513
-------------------------------
Adding list to session table should be protected by
down_write/up_write().
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/mgmt/user_session.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index afcdf76a3851..1b71a20dacdb 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -298,9 +298,9 @@ static struct ksmbd_session *__session_create(int protocol)
goto error;
if (protocol == CIFDS_SESSION_FLAG_SMB2) {
- down_read(&sessions_table_lock);
+ down_write(&sessions_table_lock);
hash_add(sessions_table, &sess->hlist, sess->id);
- up_read(&sessions_table_lock);
+ up_write(&sessions_table_lock);
}
return sess;
From patchwork Mon Nov 14 12:48:49 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183117
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:20 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:20 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:20 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 020/308] cifsd: use kmalloc() for small
allocations
Date: Mon, 14 Nov 2022 20:48:49 +0800
Message-ID: <20221114125337.1831594-21-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cb7210a4-21b4-4368-1ab1-08dac63c4643
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7247924
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 20ea7fd2ac7513c90b5d0675360298ca6722593d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/20ea7fd2ac75
-------------------------------
Just use kmalloc() for small allocations.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/buffer_pool.c | 2 +-
fs/cifsd/mgmt/share_config.c | 4 ++--
fs/cifsd/mgmt/user_config.c | 4 ++--
fs/cifsd/mgmt/user_session.c | 4 ++--
fs/cifsd/oplock.c | 2 +-
fs/cifsd/smb2pdu.c | 4 ++--
fs/cifsd/transport_tcp.c | 2 +-
fs/cifsd/vfs_cache.c | 2 +-
8 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
index 864fea547c68..91c04879e931 100644
--- a/fs/cifsd/buffer_pool.c
+++ b/fs/cifsd/buffer_pool.c
@@ -63,7 +63,7 @@ static int register_wm_size_class(size_t sz)
{
struct wm_list *l, *nl;
- nl = kvmalloc(sizeof(struct wm_list), GFP_KERNEL);
+ nl = kmalloc(sizeof(struct wm_list), GFP_KERNEL);
if (!nl)
return -ENOMEM;
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index 9bc7f7555ee2..db780febd692 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -92,7 +92,7 @@ static int parse_veto_list(struct ksmbd_share_config *share,
while (veto_list_sz > 0) {
struct ksmbd_veto_pattern *p;
- p = ksmbd_alloc(sizeof(struct ksmbd_veto_pattern));
+ p = kzalloc(sizeof(struct ksmbd_veto_pattern), GFP_KERNEL);
if (!p)
return -ENOMEM;
@@ -129,7 +129,7 @@ static struct ksmbd_share_config *share_config_request(char *name)
if (resp->flags == KSMBD_SHARE_FLAG_INVALID)
goto out;
- share = ksmbd_alloc(sizeof(struct ksmbd_share_config));
+ share = kzalloc(sizeof(struct ksmbd_share_config), GFP_KERNEL);
if (!share)
goto out;
diff --git a/fs/cifsd/mgmt/user_config.c b/fs/cifsd/mgmt/user_config.c
index a1a454bfb57b..f0c2f8994a6b 100644
--- a/fs/cifsd/mgmt/user_config.c
+++ b/fs/cifsd/mgmt/user_config.c
@@ -31,7 +31,7 @@ struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp)
{
struct ksmbd_user *user = NULL;
- user = ksmbd_alloc(sizeof(struct ksmbd_user));
+ user = kmalloc(sizeof(struct ksmbd_user), GFP_KERNEL);
if (!user)
return NULL;
@@ -40,7 +40,7 @@ struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp)
user->gid = resp->gid;
user->uid = resp->uid;
user->passkey_sz = resp->hash_sz;
- user->passkey = ksmbd_alloc(resp->hash_sz);
+ user->passkey = kmalloc(resp->hash_sz, GFP_KERNEL);
if (user->passkey)
memcpy(user->passkey, resp->hash, resp->hash_sz);
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index 1b71a20dacdb..5a2113bf18ef 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -101,7 +101,7 @@ int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name)
if (!method)
return -EINVAL;
- entry = ksmbd_alloc(sizeof(struct ksmbd_session_rpc));
+ entry = kzalloc(sizeof(struct ksmbd_session_rpc), GFP_KERNEL);
if (!entry)
return -EINVAL;
@@ -266,7 +266,7 @@ static struct ksmbd_session *__session_create(int protocol)
struct ksmbd_session *sess;
int ret;
- sess = ksmbd_alloc(sizeof(struct ksmbd_session));
+ sess = kzalloc(sizeof(struct ksmbd_session), GFP_KERNEL);
if (!sess)
return NULL;
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index 25823bb7d086..d76aa47e19e4 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -593,7 +593,7 @@ static int oplock_break_pending(struct oplock_info *opinfo, int req_op_level)
static inline int allocate_oplock_break_buf(struct ksmbd_work *work)
{
- work->response_buf = ksmbd_alloc_response(MAX_CIFS_SMALL_BUFFER_SIZE);
+ work->response_buf = kzalloc(MAX_CIFS_SMALL_BUFFER_SIZE, GFP_KERNEL);
if (!work->response_buf)
return -ENOMEM;
work->response_sz = MAX_CIFS_SMALL_BUFFER_SIZE;
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 460d5ba275bf..a1aa42b52597 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1174,7 +1174,7 @@ static int alloc_preauth_hash(struct ksmbd_session *sess,
if (sess->Preauth_HashValue)
return 0;
- sess->Preauth_HashValue = ksmbd_alloc(PREAUTH_HASHVALUE_SIZE);
+ sess->Preauth_HashValue = kmalloc(PREAUTH_HASHVALUE_SIZE, GFP_KERNEL);
if (!sess->Preauth_HashValue)
return -ENOMEM;
@@ -8345,7 +8345,7 @@ int smb3_encrypt_resp(struct ksmbd_work *work)
if (ARRAY_SIZE(iov) < rq_nvec)
return -ENOMEM;
- tr_hdr = ksmbd_alloc_response(sizeof(struct smb2_transform_hdr));
+ tr_hdr = kzalloc(sizeof(struct smb2_transform_hdr), GFP_KERNEL);
if (!tr_hdr)
return rc;
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index 359401227d93..5dd8641f66ba 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -569,7 +569,7 @@ static struct interface *alloc_iface(char *ifname)
if (!ifname)
return NULL;
- iface = ksmbd_alloc(sizeof(struct interface));
+ iface = kzalloc(sizeof(struct interface), GFP_KERNEL);
if (!iface) {
kfree(ifname);
return NULL;
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 34e045f27230..2b38628e1cb8 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -830,7 +830,7 @@ int ksmbd_file_table_flush(struct ksmbd_work *work)
int ksmbd_init_file_table(struct ksmbd_file_table *ft)
{
- ft->idr = ksmbd_alloc(sizeof(struct idr));
+ ft->idr = kzalloc(sizeof(struct idr), GFP_KERNEL);
if (!ft->idr)
return -ENOMEM;
From patchwork Mon Nov 14 12:48:50 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183118
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:21 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:21 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:20 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 021/308] cifsd: add the check to work file lock
and rename behaviors like Windows unless POSIX extensions are negotiated
Date: Mon, 14 Nov 2022 20:48:50 +0800
Message-ID: <20221114125337.1831594-22-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
8bdd7fb8-8ccf-45a9-f8b9-08dac63c468b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7139324
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit c36fca8630dda0fba7b9672f3c99ac4e260a0fd0
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c36fca8630dd
-------------------------------
This patch add the check to work file lock and rename behaviors
like Windows if POSIX extensions are not negotiated.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 101 +++++++++++++++++++++++++++----------------------
1 file changed, 56 insertions(+), 45 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index e860ff9145a7..f93cc55ea153 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -370,7 +370,6 @@ int ksmbd_vfs_read(struct ksmbd_work *work,
char *rbuf, *name;
struct inode *inode;
char namebuf[NAME_MAX];
- int ret;
rbuf = work->aux_payload_buf;
filp = fp->filp;
@@ -391,11 +390,15 @@ int ksmbd_vfs_read(struct ksmbd_work *work,
if (ksmbd_stream_fd(fp))
return ksmbd_vfs_stream_read(fp, rbuf, pos, count);
- ret = check_lock_range(filp, *pos, *pos + count - 1,
- READ);
- if (ret) {
- ksmbd_err("unable to read due to lock\n");
- return -EAGAIN;
+ if (!work->tcon->posix_extensions) {
+ int ret;
+
+ ret = check_lock_range(filp, *pos, *pos + count - 1,
+ READ);
+ if (ret) {
+ ksmbd_err("unable to read due to lock\n");
+ return -EAGAIN;
+ }
}
nbytes = kernel_read(filp, rbuf, count, pos);
@@ -504,11 +507,13 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
goto out;
}
- err = check_lock_range(filp, *pos, *pos + count - 1, WRITE);
- if (err) {
- ksmbd_err("unable to write due to lock\n");
- err = -EAGAIN;
- goto out;
+ if (!work->tcon->posix_extensions) {
+ err = check_lock_range(filp, *pos, *pos + count - 1, WRITE);
+ if (err) {
+ ksmbd_err("unable to write due to lock\n");
+ err = -EAGAIN;
+ goto out;
+ }
}
/* Do we need to break any of a levelII oplock? */
@@ -706,21 +711,23 @@ static int __ksmbd_vfs_rename(struct ksmbd_work *work,
struct dentry *dst_dent;
int err;
- spin_lock(&src_dent->d_lock);
- list_for_each_entry(dst_dent, &src_dent->d_subdirs, d_child) {
- struct ksmbd_file *child_fp;
+ if (!work->tcon->posix_extensions) {
+ spin_lock(&src_dent->d_lock);
+ list_for_each_entry(dst_dent, &src_dent->d_subdirs, d_child) {
+ struct ksmbd_file *child_fp;
- if (d_really_is_negative(dst_dent))
- continue;
+ if (d_really_is_negative(dst_dent))
+ continue;
- child_fp = ksmbd_lookup_fd_inode(d_inode(dst_dent));
- if (child_fp) {
- spin_unlock(&src_dent->d_lock);
- ksmbd_debug(VFS, "Forbid rename, sub file/dir is in use\n");
- return -EACCES;
+ child_fp = ksmbd_lookup_fd_inode(d_inode(dst_dent));
+ if (child_fp) {
+ spin_unlock(&src_dent->d_lock);
+ ksmbd_debug(VFS, "Forbid rename, sub file/dir is in use\n");
+ return -EACCES;
+ }
}
+ spin_unlock(&src_dent->d_lock);
}
- spin_unlock(&src_dent->d_lock);
if (d_really_is_negative(src_dent_parent))
return -ENOENT;
@@ -820,7 +827,6 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
{
struct path path;
int err = 0;
- struct inode *inode;
if (name) {
err = kern_path(name, 0, &path);
@@ -842,18 +848,21 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
/* Do we need to break any of a levelII oplock? */
smb_break_all_levII_oplock(work, fp, 1);
- inode = file_inode(filp);
- if (size < inode->i_size) {
- err = check_lock_range(filp, size,
- inode->i_size - 1, WRITE);
- } else {
- err = check_lock_range(filp, inode->i_size,
- size - 1, WRITE);
- }
+ if (!work->tcon->posix_extensions) {
+ struct inode *inode = file_inode(filp);
- if (err) {
- ksmbd_err("failed due to lock\n");
- return -EAGAIN;
+ if (size < inode->i_size) {
+ err = check_lock_range(filp, size,
+ inode->i_size - 1, WRITE);
+ } else {
+ err = check_lock_range(filp, inode->i_size,
+ size - 1, WRITE);
+ }
+
+ if (err) {
+ ksmbd_err("failed due to lock\n");
+ return -EAGAIN;
+ }
}
err = vfs_truncate(&filp->f_path, size);
@@ -1860,17 +1869,19 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
smb_break_all_levII_oplock(work, dst_fp, 1);
- for (i = 0; i < chunk_count; i++) {
- src_off = le64_to_cpu(chunks[i].SourceOffset);
- dst_off = le64_to_cpu(chunks[i].TargetOffset);
- len = le32_to_cpu(chunks[i].Length);
-
- if (check_lock_range(src_fp->filp, src_off,
- src_off + len - 1, READ))
- return -EAGAIN;
- if (check_lock_range(dst_fp->filp, dst_off,
- dst_off + len - 1, WRITE))
- return -EAGAIN;
+ if (!work->tcon->posix_extensions) {
+ for (i = 0; i < chunk_count; i++) {
+ src_off = le64_to_cpu(chunks[i].SourceOffset);
+ dst_off = le64_to_cpu(chunks[i].TargetOffset);
+ len = le32_to_cpu(chunks[i].Length);
+
+ if (check_lock_range(src_fp->filp, src_off,
+ src_off + len - 1, READ))
+ return -EAGAIN;
+ if (check_lock_range(dst_fp->filp, dst_off,
+ dst_off + len - 1, WRITE))
+ return -EAGAIN;
+ }
}
src_file_size = i_size_read(file_inode(src_fp->filp));
From patchwork Mon Nov 14 12:48:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183119
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:21 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:21 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:21 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 022/308] cifsd: fix error return code in
ksmbd_vfs_remove_file()
Date: Mon, 14 Nov 2022 20:48:51 +0800
Message-ID: <20221114125337.1831594-23-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cb86b2a2-649a-4552-fcc4-08dac63c46d4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7000713
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 7cb82de3cdf2da0acd6fc3e670c7271ded37e116
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7cb82de3cdf2
-------------------------------
Change -ENOENT error to -EINVAL to response STATUS_INVALID_PARAMETER.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index f93cc55ea153..da44d131e25b 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -596,7 +596,7 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
last = extract_last_component(name);
if (!last)
- return -ENOENT;
+ return -EINVAL;
if (ksmbd_override_fsids(work))
return -ENOMEM;
From patchwork Mon Nov 14 12:48:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183120
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:22 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:22 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:21 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 023/308] cifsd: clean-up codes using chechpatch.pl
--strict
Date: Mon, 14 Nov 2022 20:48:52 +0800
Message-ID: <20221114125337.1831594-24-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9f3b704d-0bf3-47cb-5e4c-08dac63c4723
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.0594383
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 64b39f4a2fd293cf899dd8062c57ce3715dd7ee9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/64b39f4a2fd2
-------------------------------
Dan Carpenter suggested to run chechpatch.pl --strict on ksmbd to fix
check warnings. This patch does not fix all warnings but only things that
I can understand.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 117 ++---
fs/cifsd/buffer_pool.c | 3 +-
fs/cifsd/connection.c | 23 +-
fs/cifsd/connection.h | 34 +-
fs/cifsd/glob.h | 14 +-
fs/cifsd/ksmbd_server.h | 94 ++--
fs/cifsd/mgmt/user_session.h | 4 +-
fs/cifsd/misc.c | 9 +-
fs/cifsd/ndr.c | 9 +-
fs/cifsd/netmisc.c | 2 -
fs/cifsd/oplock.c | 118 +++--
fs/cifsd/oplock.h | 24 +-
fs/cifsd/server.c | 35 +-
fs/cifsd/smb2misc.c | 81 ++--
fs/cifsd/smb2ops.c | 2 +-
fs/cifsd/smb2pdu.c | 827 +++++++++++++++--------------------
fs/cifsd/smb2pdu.h | 129 +++---
fs/cifsd/smb_common.c | 68 ++-
fs/cifsd/smb_common.h | 4 +-
fs/cifsd/smbacl.c | 85 ++--
fs/cifsd/time_wrappers.h | 4 +-
fs/cifsd/transport_ipc.c | 46 +-
fs/cifsd/transport_ipc.h | 34 +-
fs/cifsd/transport_rdma.c | 163 ++++---
fs/cifsd/transport_tcp.c | 27 +-
fs/cifsd/unicode.c | 40 +-
fs/cifsd/unicode.h | 80 ++--
fs/cifsd/vfs.c | 158 +++----
fs/cifsd/vfs.h | 89 ++--
fs/cifsd/vfs_cache.c | 57 +--
fs/cifsd/vfs_cache.h | 35 +-
31 files changed, 1011 insertions(+), 1404 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 0a49c67a69d6..b9fd62f77e1c 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -64,7 +64,6 @@ static char NEGOTIATE_GSS_HEADER[AUTH_GSS_LENGTH] = {
#endif
};
-
void ksmbd_copy_gss_neg_header(void *buf)
{
memcpy(buf, NEGOTIATE_GSS_HEADER, AUTH_GSS_LENGTH);
@@ -107,9 +106,7 @@ smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
return 0;
}
-static int ksmbd_enc_p24(unsigned char *p21,
- const unsigned char *c8,
- unsigned char *p24)
+static int ksmbd_enc_p24(unsigned char *p21, const unsigned char *c8, unsigned char *p24)
{
int rc;
@@ -124,9 +121,8 @@ static int ksmbd_enc_p24(unsigned char *p21,
}
/* produce a md4 message digest from data of length n bytes */
-static int ksmbd_enc_md4(unsigned char *md4_hash,
- unsigned char *link_str,
- int link_len)
+static int ksmbd_enc_md4(unsigned char *md4_hash, unsigned char *link_str,
+ int link_len)
{
int rc;
struct ksmbd_crypto_ctx *ctx;
@@ -157,10 +153,8 @@ static int ksmbd_enc_md4(unsigned char *md4_hash,
return rc;
}
-static int ksmbd_enc_update_sess_key(unsigned char *md5_hash,
- char *nonce,
- char *server_challenge,
- int len)
+static int ksmbd_enc_update_sess_key(unsigned char *md5_hash, char *nonce,
+ char *server_challenge, int len)
{
int rc;
struct ksmbd_crypto_ctx *ctx;
@@ -204,9 +198,8 @@ static int ksmbd_enc_update_sess_key(unsigned char *md5_hash,
* @hmac: source hmac value to be used for finding session key
*
*/
-static int ksmbd_gen_sess_key(struct ksmbd_session *sess,
- char *hash,
- char *hmac)
+static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
+ char *hmac)
{
struct ksmbd_crypto_ctx *ctx;
int rc = -EINVAL;
@@ -251,7 +244,7 @@ static int ksmbd_gen_sess_key(struct ksmbd_session *sess,
}
static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
- char *dname)
+ char *dname)
{
int ret = -EINVAL, len;
wchar_t *domain = NULL;
@@ -361,8 +354,9 @@ int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
if (strncmp(pw_buf, key, CIFS_AUTH_RESP_SIZE) != 0) {
ksmbd_debug(AUTH, "ntlmv1 authentication failed\n");
rc = -EINVAL;
- } else
+ } else {
ksmbd_debug(AUTH, "ntlmv1 authentication pass\n");
+ }
return rc;
}
@@ -376,10 +370,8 @@ int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
*
* Return: 0 on success, error number on error
*/
-int ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
- struct ntlmv2_resp *ntlmv2,
- int blen,
- char *domain_name)
+int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
+ int blen, char *domain_name)
{
char ntlmv2_hash[CIFS_ENCPWD_SIZE];
char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE];
@@ -457,9 +449,8 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
*
* Return: 0 on success, error number on error
*/
-static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
- char *client_nonce,
- char *ntlm_resp)
+static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce,
+ char *ntlm_resp)
{
char sess_key[CIFS_SMB1_SESSKEY_SIZE] = {0};
int rc;
@@ -497,8 +488,7 @@ static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
* Return: 0 on success, error number on error
*/
int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
- int blob_len,
- struct ksmbd_session *sess)
+ int blob_len, struct ksmbd_session *sess)
{
char *domain_name;
unsigned int lm_off, nt_off;
@@ -523,8 +513,8 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
/* process NTLM authentication */
if (nt_len == CIFS_AUTH_RESP_SIZE) {
- if (le32_to_cpu(authblob->NegotiateFlags)
- & NTLMSSP_NEGOTIATE_EXTENDED_SEC)
+ if (le32_to_cpu(authblob->NegotiateFlags) &
+ NTLMSSP_NEGOTIATE_EXTENDED_SEC)
return __ksmbd_auth_ntlmv2(sess, (char *)authblob +
lm_off, (char *)authblob + nt_off);
else
@@ -533,8 +523,7 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
}
/* TODO : use domain name that imported from configuration file */
- domain_name = smb_strndup_from_utf16(
- (const char *)authblob +
+ domain_name = smb_strndup_from_utf16((const char *)authblob +
le32_to_cpu(authblob->DomainName.BufferOffset),
le16_to_cpu(authblob->DomainName.Length), true,
sess->conn->local_nls);
@@ -561,8 +550,7 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
*
*/
int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
- int blob_len,
- struct ksmbd_session *sess)
+ int blob_len, struct ksmbd_session *sess)
{
if (blob_len < sizeof(struct negotiate_message)) {
ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
@@ -618,7 +606,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
flags |= NTLMSSP_REQUEST_TARGET;
if (sess->conn->use_spnego &&
- (cflags & NTLMSSP_NEGOTIATE_EXTENDED_SEC))
+ (cflags & NTLMSSP_NEGOTIATE_EXTENDED_SEC))
flags |= NTLMSSP_NEGOTIATE_EXTENDED_SEC;
chgblob->NegotiateFlags = cpu_to_le32(flags);
@@ -675,9 +663,8 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
}
#ifdef CONFIG_SMB_SERVER_KERBEROS5
-int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
- char *in_blob, int in_len,
- char *out_blob, int *out_len)
+int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
+ int in_len, char *out_blob, int *out_len)
{
struct ksmbd_spnego_authen_response *resp;
struct ksmbd_user *user = NULL;
@@ -726,9 +713,8 @@ int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
return retval;
}
#else
-int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
- char *in_blob, int in_len,
- char *out_blob, int *out_len)
+int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
+ int in_len, char *out_blob, int *out_len)
{
return -EOPNOTSUPP;
}
@@ -743,11 +729,8 @@ int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
* @sig: signature value generated for client request packet
*
*/
-int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn,
- char *key,
- struct kvec *iov,
- int n_vec,
- char *sig)
+int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
+ int n_vec, char *sig)
{
struct ksmbd_crypto_ctx *ctx;
int rc = -EINVAL;
@@ -798,11 +781,8 @@ int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn,
* @sig: signature value generated for client request packet
*
*/
-int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn,
- char *key,
- struct kvec *iov,
- int n_vec,
- char *sig)
+int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
+ int n_vec, char *sig)
{
struct ksmbd_crypto_ctx *ctx;
int rc = -EINVAL;
@@ -851,7 +831,7 @@ struct derivation {
};
static int generate_key(struct ksmbd_session *sess, struct kvec label,
- struct kvec context, __u8 *key, unsigned int key_size)
+ struct kvec context, __u8 *key, unsigned int key_size)
{
unsigned char zero = 0x0;
__u8 i[4] = {0, 0, 0, 1};
@@ -931,7 +911,7 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
}
static int generate_smb3signingkey(struct ksmbd_session *sess,
- const struct derivation *signing)
+ const struct derivation *signing)
{
int rc;
struct channel *chann;
@@ -995,7 +975,7 @@ struct derivation_twin {
};
static int generate_smb3encryptionkey(struct ksmbd_session *sess,
- const struct derivation_twin *ptwin)
+ const struct derivation_twin *ptwin)
{
int rc;
@@ -1062,9 +1042,8 @@ int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess)
return generate_smb3encryptionkey(sess, &twin);
}
-int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn,
- char *buf,
- __u8 *pi_hash)
+int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
+ __u8 *pi_hash)
{
int rc = -1;
struct smb2_hdr *rcv_hdr = (struct smb2_hdr *)buf;
@@ -1073,14 +1052,15 @@ int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn,
struct ksmbd_crypto_ctx *ctx = NULL;
if (conn->preauth_info->Preauth_HashId ==
- SMB2_PREAUTH_INTEGRITY_SHA512) {
+ SMB2_PREAUTH_INTEGRITY_SHA512) {
ctx = ksmbd_crypto_ctx_find_sha512();
if (!ctx) {
ksmbd_debug(AUTH, "could not alloc sha512 rc %d\n", rc);
goto out;
}
- } else
+ } else {
goto out;
+ }
rc = crypto_shash_init(CRYPTO_SHA512(ctx));
if (rc) {
@@ -1144,10 +1124,8 @@ int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
return rc;
}
-static int ksmbd_get_encryption_key(struct ksmbd_conn *conn,
- __u64 ses_id,
- int enc,
- u8 *key)
+static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,
+ int enc, u8 *key)
{
struct ksmbd_session *sess;
u8 *ses_enc_key;
@@ -1175,9 +1153,8 @@ static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf,
sg_set_page(sg, addr, buflen, offset_in_page(buf));
}
-static struct scatterlist *ksmbd_init_sg(struct kvec *iov,
- unsigned int nvec,
- u8 *sign)
+static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
+ u8 *sign)
{
struct scatterlist *sg;
unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
@@ -1190,8 +1167,9 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov,
nr_entries[i] = ((kaddr + iov[i + 1].iov_len +
PAGE_SIZE - 1) >> PAGE_SHIFT) -
(kaddr >> PAGE_SHIFT);
- } else
+ } else {
nr_entries[i]++;
+ }
total_entries += nr_entries[i];
}
@@ -1232,16 +1210,13 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov,
sg_set_page(&sg[sg_idx++], virt_to_page(data), len,
offset_in_page(data));
}
-
}
smb2_sg_set_buf(&sg[sg_idx], sign, SMB2_SIGNATURE_SIZE);
return sg;
}
-int ksmbd_crypt_message(struct ksmbd_conn *conn,
- struct kvec *iov,
- unsigned int nvec,
- int enc)
+int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
+ unsigned int nvec, int enc)
{
struct smb2_transform_hdr *tr_hdr =
(struct smb2_transform_hdr *)iov[0].iov_base;
@@ -1319,9 +1294,9 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn,
goto free_sg;
}
- if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM) {
memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
- else {
+ } else {
iv[0] = 3;
memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
}
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
index 91c04879e931..ad2a2c885a2c 100644
--- a/fs/cifsd/buffer_pool.c
+++ b/fs/cifsd/buffer_pool.c
@@ -278,8 +278,7 @@ int ksmbd_init_buffer_pools(void)
goto out;
filp_cache = kmem_cache_create("ksmbd_file_cache",
- sizeof(struct ksmbd_file), 0,
- SLAB_HWCACHE_ALIGN, NULL);
+ sizeof(struct ksmbd_file), 0, SLAB_HWCACHE_ALIGN, NULL);
if (!filp_cache)
goto out;
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
index bdfde5ca2ded..df56e347b709 100644
--- a/fs/cifsd/connection.c
+++ b/fs/cifsd/connection.c
@@ -119,7 +119,7 @@ int ksmbd_conn_try_dequeue_request(struct ksmbd_work *work)
int ret = 1;
if (list_empty(&work->request_entry) &&
- list_empty(&work->async_request_entry))
+ list_empty(&work->async_request_entry))
return 0;
atomic_dec(&conn->req_running);
@@ -201,10 +201,9 @@ int ksmbd_conn_write(struct ksmbd_work *work)
return 0;
}
-int ksmbd_conn_rdma_read(struct ksmbd_conn *conn,
- void *buf, unsigned int buflen,
- u32 remote_key, u64 remote_offset,
- u32 remote_len)
+int ksmbd_conn_rdma_read(struct ksmbd_conn *conn, void *buf,
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len)
{
int ret = -EINVAL;
@@ -216,10 +215,9 @@ int ksmbd_conn_rdma_read(struct ksmbd_conn *conn,
return ret;
}
-int ksmbd_conn_rdma_write(struct ksmbd_conn *conn,
- void *buf, unsigned int buflen,
- u32 remote_key, u64 remote_offset,
- u32 remote_len)
+int ksmbd_conn_rdma_write(struct ksmbd_conn *conn, void *buf,
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len)
{
int ret = -EINVAL;
@@ -251,7 +249,7 @@ bool ksmbd_conn_alive(struct ksmbd_conn *conn)
* zero.
*/
if (server_conf.deadtime > 0 &&
- time_after(jiffies, conn->last_active + server_conf.deadtime)) {
+ time_after(jiffies, conn->last_active + server_conf.deadtime)) {
ksmbd_debug(CONN, "No response from client in %lu minutes\n",
server_conf.deadtime / SMB_ECHO_INTERVAL);
return false;
@@ -393,14 +391,13 @@ static void stop_sessions(void)
task = conn->transport->handler;
if (task)
ksmbd_debug(CONN, "Stop session handler %s/%d\n",
- task->comm,
- task_pid_nr(task));
+ task->comm, task_pid_nr(task));
conn->status = KSMBD_SESS_EXITING;
}
read_unlock(&conn_list_lock);
if (!list_empty(&conn_list)) {
- schedule_timeout_interruptible(HZ/10); /* 100ms */
+ schedule_timeout_interruptible(HZ / 10); /* 100ms */
goto again;
}
}
diff --git a/fs/cifsd/connection.h b/fs/cifsd/connection.h
index 179fb9278999..021dada3d76d 100644
--- a/fs/cifsd/connection.h
+++ b/fs/cifsd/connection.h
@@ -116,17 +116,15 @@ struct ksmbd_conn_ops {
struct ksmbd_transport_ops {
int (*prepare)(struct ksmbd_transport *t);
void (*disconnect)(struct ksmbd_transport *t);
- int (*read)(struct ksmbd_transport *t,
- char *buf, unsigned int size);
- int (*writev)(struct ksmbd_transport *t,
- struct kvec *iovs, int niov, int size,
- bool need_invalidate_rkey, unsigned int remote_key);
- int (*rdma_read)(struct ksmbd_transport *t,
- void *buf, unsigned int len, u32 remote_key,
- u64 remote_offset, u32 remote_len);
- int (*rdma_write)(struct ksmbd_transport *t,
- void *buf, unsigned int len, u32 remote_key,
- u64 remote_offset, u32 remote_len);
+ int (*read)(struct ksmbd_transport *t, char *buf, unsigned int size);
+ int (*writev)(struct ksmbd_transport *t, struct kvec *iovs, int niov,
+ int size, bool need_invalidate_rkey,
+ unsigned int remote_key);
+ int (*rdma_read)(struct ksmbd_transport *t, void *buf, unsigned int len,
+ u32 remote_key, u64 remote_offset, u32 remote_len);
+ int (*rdma_write)(struct ksmbd_transport *t, void *buf,
+ unsigned int len, u32 remote_key, u64 remote_offset,
+ u32 remote_len);
};
struct ksmbd_transport {
@@ -146,14 +144,12 @@ struct ksmbd_conn *ksmbd_conn_alloc(void);
void ksmbd_conn_free(struct ksmbd_conn *conn);
bool ksmbd_conn_lookup_dialect(struct ksmbd_conn *c);
int ksmbd_conn_write(struct ksmbd_work *work);
-int ksmbd_conn_rdma_read(struct ksmbd_conn *conn,
- void *buf, unsigned int buflen,
- u32 remote_key, u64 remote_offset,
- u32 remote_len);
-int ksmbd_conn_rdma_write(struct ksmbd_conn *conn,
- void *buf, unsigned int buflen,
- u32 remote_key, u64 remote_offset,
- u32 remote_len);
+int ksmbd_conn_rdma_read(struct ksmbd_conn *conn, void *buf,
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len);
+int ksmbd_conn_rdma_write(struct ksmbd_conn *conn, void *buf,
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len);
void ksmbd_conn_enqueue_request(struct ksmbd_work *work);
int ksmbd_conn_try_dequeue_request(struct ksmbd_work *work);
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
index 2dc3f603e837..27500afbeaf5 100644
--- a/fs/cifsd/glob.h
+++ b/fs/cifsd/glob.h
@@ -24,13 +24,13 @@ extern int ksmbd_caseless_search;
#define DATA_STREAM 1
#define DIR_STREAM 2
-#define KSMBD_DEBUG_SMB (1 << 0)
-#define KSMBD_DEBUG_AUTH (1 << 1)
-#define KSMBD_DEBUG_VFS (1 << 2)
-#define KSMBD_DEBUG_OPLOCK (1 << 3)
-#define KSMBD_DEBUG_IPC (1 << 4)
-#define KSMBD_DEBUG_CONN (1 << 5)
-#define KSMBD_DEBUG_RDMA (1 << 6)
+#define KSMBD_DEBUG_SMB BIT(0)
+#define KSMBD_DEBUG_AUTH BIT(1)
+#define KSMBD_DEBUG_VFS BIT(2)
+#define KSMBD_DEBUG_OPLOCK BIT(3)
+#define KSMBD_DEBUG_IPC BIT(4)
+#define KSMBD_DEBUG_CONN BIT(5)
+#define KSMBD_DEBUG_RDMA BIT(6)
#define KSMBD_DEBUG_ALL (KSMBD_DEBUG_SMB | KSMBD_DEBUG_AUTH | \
KSMBD_DEBUG_VFS | KSMBD_DEBUG_OPLOCK | \
KSMBD_DEBUG_IPC | KSMBD_DEBUG_CONN | \
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
index 01eaf9ec4fde..c5181a2702ff 100644
--- a/fs/cifsd/ksmbd_server.h
+++ b/fs/cifsd/ksmbd_server.h
@@ -29,11 +29,11 @@ struct ksmbd_heartbeat {
* Global config flags.
*/
#define KSMBD_GLOBAL_FLAG_INVALID (0)
-#define KSMBD_GLOBAL_FLAG_SMB2_LEASES (1 << 0)
-#define KSMBD_GLOBAL_FLAG_CACHE_TBUF (1 << 1)
-#define KSMBD_GLOBAL_FLAG_CACHE_RBUF (1 << 2)
-#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION (1 << 3)
-#define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE (1 << 4)
+#define KSMBD_GLOBAL_FLAG_SMB2_LEASES BIT(0)
+#define KSMBD_GLOBAL_FLAG_CACHE_TBUF BIT(1)
+#define KSMBD_GLOBAL_FLAG_CACHE_RBUF BIT(2)
+#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(3)
+#define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE BIT(4)
struct ksmbd_startup_request {
__u32 flags;
@@ -204,66 +204,66 @@ enum KSMBD_TREE_CONN_STATUS {
* User config flags.
*/
#define KSMBD_USER_FLAG_INVALID (0)
-#define KSMBD_USER_FLAG_OK (1 << 0)
-#define KSMBD_USER_FLAG_BAD_PASSWORD (1 << 1)
-#define KSMBD_USER_FLAG_BAD_UID (1 << 2)
-#define KSMBD_USER_FLAG_BAD_USER (1 << 3)
-#define KSMBD_USER_FLAG_GUEST_ACCOUNT (1 << 4)
+#define KSMBD_USER_FLAG_OK BIT(0)
+#define KSMBD_USER_FLAG_BAD_PASSWORD BIT(1)
+#define KSMBD_USER_FLAG_BAD_UID BIT(2)
+#define KSMBD_USER_FLAG_BAD_USER BIT(3)
+#define KSMBD_USER_FLAG_GUEST_ACCOUNT BIT(4)
/*
* Share config flags.
*/
#define KSMBD_SHARE_FLAG_INVALID (0)
-#define KSMBD_SHARE_FLAG_AVAILABLE (1 << 0)
-#define KSMBD_SHARE_FLAG_BROWSEABLE (1 << 1)
-#define KSMBD_SHARE_FLAG_WRITEABLE (1 << 2)
-#define KSMBD_SHARE_FLAG_READONLY (1 << 3)
-#define KSMBD_SHARE_FLAG_GUEST_OK (1 << 4)
-#define KSMBD_SHARE_FLAG_GUEST_ONLY (1 << 5)
-#define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS (1 << 6)
-#define KSMBD_SHARE_FLAG_OPLOCKS (1 << 7)
-#define KSMBD_SHARE_FLAG_PIPE (1 << 8)
-#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES (1 << 9)
-#define KSMBD_SHARE_FLAG_INHERIT_SMACK (1 << 10)
-#define KSMBD_SHARE_FLAG_INHERIT_OWNER (1 << 11)
-#define KSMBD_SHARE_FLAG_STREAMS (1 << 12)
-#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS (1 << 13)
-#define KSMBD_SHARE_FLAG_ACL_XATTR (1 << 14)
+#define KSMBD_SHARE_FLAG_AVAILABLE BIT(0)
+#define KSMBD_SHARE_FLAG_BROWSEABLE BIT(1)
+#define KSMBD_SHARE_FLAG_WRITEABLE BIT(2)
+#define KSMBD_SHARE_FLAG_READONLY BIT(3)
+#define KSMBD_SHARE_FLAG_GUEST_OK BIT(4)
+#define KSMBD_SHARE_FLAG_GUEST_ONLY BIT(5)
+#define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS BIT(6)
+#define KSMBD_SHARE_FLAG_OPLOCKS BIT(7)
+#define KSMBD_SHARE_FLAG_PIPE BIT(8)
+#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES BIT(9)
+#define KSMBD_SHARE_FLAG_INHERIT_SMACK BIT(10)
+#define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(11)
+#define KSMBD_SHARE_FLAG_STREAMS BIT(12)
+#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(13)
+#define KSMBD_SHARE_FLAG_ACL_XATTR BIT(14)
/*
* Tree connect request flags.
*/
#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1 (0)
-#define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 (1 << 0)
-#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 (1 << 1)
+#define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 BIT(0)
+#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 BIT(1)
/*
* Tree connect flags.
*/
-#define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT (1 << 0)
-#define KSMBD_TREE_CONN_FLAG_READ_ONLY (1 << 1)
-#define KSMBD_TREE_CONN_FLAG_WRITABLE (1 << 2)
-#define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT (1 << 3)
+#define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT BIT(0)
+#define KSMBD_TREE_CONN_FLAG_READ_ONLY BIT(1)
+#define KSMBD_TREE_CONN_FLAG_WRITABLE BIT(2)
+#define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT BIT(3)
/*
* RPC over IPC.
*/
-#define KSMBD_RPC_METHOD_RETURN (1 << 0)
-#define KSMBD_RPC_SRVSVC_METHOD_INVOKE (1 << 1)
-#define KSMBD_RPC_SRVSVC_METHOD_RETURN ((1 << 1) | KSMBD_RPC_METHOD_RETURN)
-#define KSMBD_RPC_WKSSVC_METHOD_INVOKE (1 << 2)
-#define KSMBD_RPC_WKSSVC_METHOD_RETURN ((1 << 2) | KSMBD_RPC_METHOD_RETURN)
-#define KSMBD_RPC_IOCTL_METHOD ((1 << 3) | KSMBD_RPC_METHOD_RETURN)
-#define KSMBD_RPC_OPEN_METHOD (1 << 4)
-#define KSMBD_RPC_WRITE_METHOD (1 << 5)
-#define KSMBD_RPC_READ_METHOD ((1 << 6) | KSMBD_RPC_METHOD_RETURN)
-#define KSMBD_RPC_CLOSE_METHOD (1 << 7)
-#define KSMBD_RPC_RAP_METHOD ((1 << 8) | KSMBD_RPC_METHOD_RETURN)
-#define KSMBD_RPC_RESTRICTED_CONTEXT (1 << 9)
-#define KSMBD_RPC_SAMR_METHOD_INVOKE (1 << 10)
-#define KSMBD_RPC_SAMR_METHOD_RETURN ((1 << 10) | KSMBD_RPC_METHOD_RETURN)
-#define KSMBD_RPC_LSARPC_METHOD_INVOKE (1 << 11)
-#define KSMBD_RPC_LSARPC_METHOD_RETURN ((1 << 11) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_METHOD_RETURN BIT(0)
+#define KSMBD_RPC_SRVSVC_METHOD_INVOKE BIT(1)
+#define KSMBD_RPC_SRVSVC_METHOD_RETURN (KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_WKSSVC_METHOD_INVOKE BIT(2)
+#define KSMBD_RPC_WKSSVC_METHOD_RETURN (KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_IOCTL_METHOD (BIT(3) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_OPEN_METHOD BIT(4)
+#define KSMBD_RPC_WRITE_METHOD BIT(5)
+#define KSMBD_RPC_READ_METHOD (BIT(6) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_CLOSE_METHOD BIT(7)
+#define KSMBD_RPC_RAP_METHOD (BIT(8) | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_RESTRICTED_CONTEXT BIT(9)
+#define KSMBD_RPC_SAMR_METHOD_INVOKE BIT(10)
+#define KSMBD_RPC_SAMR_METHOD_RETURN (KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
+#define KSMBD_RPC_LSARPC_METHOD_INVOKE BIT(11)
+#define KSMBD_RPC_LSARPC_METHOD_RETURN (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
#define KSMBD_RPC_OK 0
#define KSMBD_RPC_EBAD_FUNC 0x00000001
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
index 0a6eb21647ab..68018f0f5c0b 100644
--- a/fs/cifsd/mgmt/user_session.h
+++ b/fs/cifsd/mgmt/user_session.h
@@ -26,12 +26,12 @@ struct channel {
struct preauth_session {
__u8 Preauth_HashValue[PREAUTH_HASHVALUE_SIZE];
- uint64_t sess_id;
+ u64 sess_id;
struct list_head list_entry;
};
struct ksmbd_session {
- uint64_t id;
+ u64 id;
struct ksmbd_user *user;
struct ksmbd_conn *conn;
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
index 189b90414976..b6f3f0818217 100644
--- a/fs/cifsd/misc.c
+++ b/fs/cifsd/misc.c
@@ -78,9 +78,9 @@ static inline int is_char_allowed(char ch)
{
/* check for control chars, wildcards etc. */
if (!(ch & 0x80) &&
- (ch <= 0x1f ||
- ch == '?' || ch == '"' || ch == '<' ||
- ch == '>' || ch == '|' || ch == '*'))
+ (ch <= 0x1f ||
+ ch == '?' || ch == '"' || ch == '<' ||
+ ch == '>' || ch == '|' || ch == '*'))
return 0;
return 1;
@@ -268,8 +268,7 @@ char *convert_to_unix_name(struct ksmbd_share_config *share, char *name)
}
char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
- const struct nls_table *local_nls,
- int *conv_len)
+ const struct nls_table *local_nls, int *conv_len)
{
char *conv;
int sz = min(4 * d_info->name_len, PATH_MAX);
diff --git a/fs/cifsd/ndr.c b/fs/cifsd/ndr.c
index aa0cb8fc555d..1838fc2b1d7c 100644
--- a/fs/cifsd/ndr.c
+++ b/fs/cifsd/ndr.c
@@ -159,8 +159,9 @@ int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
ndr_write_int32(n, da->ea_size);
ndr_write_int64(n, da->size);
ndr_write_int64(n, da->alloc_size);
- } else
+ } else {
ndr_write_int64(n, da->itime);
+ }
ndr_write_int64(n, da->create_time);
if (da->version == 3)
ndr_write_int64(n, da->change_time);
@@ -248,15 +249,17 @@ int ndr_encode_posix_acl(struct ndr *n, struct inode *inode,
/* ACL ACCESS */
ndr_write_int32(n, ref_id);
ref_id += 4;
- } else
+ } else {
ndr_write_int32(n, 0);
+ }
if (def_acl) {
/* DEFAULT ACL ACCESS */
ndr_write_int32(n, ref_id);
ref_id += 4;
- } else
+ } else {
ndr_write_int32(n, 0);
+ }
ndr_write_int64(n, from_kuid(&init_user_ns, inode->i_uid));
ndr_write_int64(n, from_kgid(&init_user_ns, inode->i_gid));
diff --git a/fs/cifsd/netmisc.c b/fs/cifsd/netmisc.c
index 6f7dd78348a3..55393667abcc 100644
--- a/fs/cifsd/netmisc.c
+++ b/fs/cifsd/netmisc.c
@@ -1,7 +1,5 @@
// SPDX-License-Identifier: GPL-2.0-or-later
/*
- * fs/ksmbd/netmisc.c
- *
* Copyright (c) International Business Machines Corp., 2002,2008
* Author(s): Steve French (sfrench(a)us.ibm.com)
*
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index d76aa47e19e4..8e072c3e7b89 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -29,7 +29,7 @@ static DEFINE_RWLOCK(lease_list_lock);
* Return: allocated opinfo object on success, otherwise NULL
*/
static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
- uint64_t id, __u16 Tid)
+ u64 id, __u16 Tid)
{
struct ksmbd_session *sess = work->sess;
struct oplock_info *opinfo;
@@ -89,8 +89,7 @@ static void lb_add(struct lease_table *lb)
write_unlock(&lease_list_lock);
}
-static int alloc_lease(struct oplock_info *opinfo,
- struct lease_ctx_info *lctx)
+static int alloc_lease(struct oplock_info *opinfo, struct lease_ctx_info *lctx)
{
struct lease *lease;
@@ -227,8 +226,8 @@ int opinfo_write_to_read(struct oplock_info *opinfo)
{
struct lease *lease = opinfo->o_lease;
- if (!((opinfo->level == SMB2_OPLOCK_LEVEL_BATCH) ||
- (opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))) {
+ if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
+ opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
if (opinfo->is_lease)
ksmbd_err("lease state(0x%x)\n", lease->state);
@@ -266,8 +265,8 @@ int opinfo_write_to_none(struct oplock_info *opinfo)
{
struct lease *lease = opinfo->o_lease;
- if (!((opinfo->level == SMB2_OPLOCK_LEVEL_BATCH) ||
- (opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))) {
+ if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
+ opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
if (opinfo->is_lease)
ksmbd_err("lease state(0x%x)\n",
@@ -334,8 +333,7 @@ int lease_read_to_write(struct oplock_info *opinfo)
*
* Return: 0 on success, otherwise -EINVAL
*/
-static int lease_none_upgrade(struct oplock_info *opinfo,
- __le32 new_state)
+static int lease_none_upgrade(struct oplock_info *opinfo, __le32 new_state)
{
struct lease *lease = opinfo->o_lease;
@@ -401,7 +399,7 @@ void close_id_del_oplock(struct ksmbd_file *fp)
* Return: 0
*/
static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
struct lease *lease = opinfo_new->o_lease;
@@ -425,7 +423,7 @@ static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
* Return: 0
*/
static void grant_read_oplock(struct oplock_info *opinfo_new,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
struct lease *lease = opinfo_new->o_lease;
@@ -448,7 +446,7 @@ static void grant_read_oplock(struct oplock_info *opinfo_new,
* Return: 0
*/
static void grant_none_oplock(struct oplock_info *opinfo_new,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
struct lease *lease = opinfo_new->o_lease;
@@ -469,7 +467,7 @@ static inline int compare_guid_key(struct oplock_info *opinfo,
guid2 = opinfo->conn->ClientGUID;
key2 = opinfo->o_lease->lease_key;
if (!memcmp(guid1, guid2, SMB2_CLIENT_GUID_SIZE) &&
- !memcmp(key1, key2, SMB2_LEASE_KEY_SIZE))
+ !memcmp(key1, key2, SMB2_LEASE_KEY_SIZE))
return 1;
return 0;
@@ -485,7 +483,7 @@ static inline int compare_guid_key(struct oplock_info *opinfo,
* Return: oplock(lease) object on success, otherwise NULL
*/
static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci,
- char *client_guid, struct lease_ctx_info *lctx)
+ char *client_guid, struct lease_ctx_info *lctx)
{
int ret;
struct lease *lease;
@@ -649,13 +647,12 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
rsp_hdr->SessionId = 0;
memset(rsp_hdr->Signature, 0, 16);
-
rsp = work->response_buf;
rsp->StructureSize = cpu_to_le16(24);
if (!br_info->open_trunc &&
- (br_info->level == SMB2_OPLOCK_LEVEL_BATCH ||
- br_info->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
+ (br_info->level == SMB2_OPLOCK_LEVEL_BATCH ||
+ br_info->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
rsp->OplockLevel = SMB2_OPLOCK_LEVEL_II;
else
rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE;
@@ -845,10 +842,8 @@ static void wait_lease_breaking(struct oplock_info *opinfo)
if (atomic_read(&opinfo->breaking_cnt)) {
int ret = 0;
- ret = wait_event_interruptible_timeout(
- opinfo->oplock_brk,
- atomic_read(&opinfo->breaking_cnt) == 0,
- HZ);
+ ret = wait_event_interruptible_timeout(opinfo->oplock_brk,
+ atomic_read(&opinfo->breaking_cnt) == 0, HZ);
if (!ret)
atomic_set(&opinfo->breaking_cnt, 0);
}
@@ -907,7 +902,7 @@ static int oplock_break(struct oplock_info *brk_opinfo, int req_op_level)
return err < 0 ? err : 0;
if (brk_opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
- brk_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
+ brk_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
brk_opinfo->op_state = OPLOCK_ACK_WAIT;
}
@@ -939,7 +934,7 @@ void destroy_lease_table(struct ksmbd_conn *conn)
list_for_each_entry_safe(lb, lbtmp, &lease_table_list, l_entry) {
if (conn && memcmp(lb->client_guid, conn->ClientGUID,
- SMB2_CLIENT_GUID_SIZE))
+ SMB2_CLIENT_GUID_SIZE))
continue;
again:
rcu_read_lock();
@@ -974,7 +969,7 @@ int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
list_for_each_entry(lb, &lease_table_list, l_entry) {
if (!memcmp(lb->client_guid, sess->conn->ClientGUID,
- SMB2_CLIENT_GUID_SIZE))
+ SMB2_CLIENT_GUID_SIZE))
goto found;
}
read_unlock(&lease_list_lock);
@@ -1031,7 +1026,7 @@ static int add_lease_global_list(struct oplock_info *opinfo)
read_lock(&lease_list_lock);
list_for_each_entry(lb, &lease_table_list, l_entry) {
if (!memcmp(lb->client_guid, opinfo->conn->ClientGUID,
- SMB2_CLIENT_GUID_SIZE)) {
+ SMB2_CLIENT_GUID_SIZE)) {
opinfo->o_lease->l_lb = lb;
lease_add_list(opinfo);
read_unlock(&lease_list_lock);
@@ -1055,13 +1050,12 @@ static int add_lease_global_list(struct oplock_info *opinfo)
}
static void set_oplock_level(struct oplock_info *opinfo, int level,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
switch (level) {
case SMB2_OPLOCK_LEVEL_BATCH:
case SMB2_OPLOCK_LEVEL_EXCLUSIVE:
- grant_write_oplock(opinfo,
- level, lctx);
+ grant_write_oplock(opinfo, level, lctx);
break;
case SMB2_OPLOCK_LEVEL_II:
grant_read_oplock(opinfo, lctx);
@@ -1084,13 +1078,9 @@ static void set_oplock_level(struct oplock_info *opinfo, int level,
*
* Return: 0 on success, otherwise error
*/
-int smb_grant_oplock(struct ksmbd_work *work,
- int req_op_level,
- uint64_t pid,
- struct ksmbd_file *fp,
- __u16 tid,
- struct lease_ctx_info *lctx,
- int share_ret)
+int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
+ struct ksmbd_file *fp, __u16 tid, struct lease_ctx_info *lctx,
+ int share_ret)
{
struct ksmbd_session *sess = work->sess;
int err = 0;
@@ -1150,14 +1140,14 @@ int smb_grant_oplock(struct ksmbd_work *work,
prev_op_state = prev_opinfo->o_lease->state;
if (share_ret < 0 &&
- (prev_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
+ prev_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
err = share_ret;
opinfo_put(prev_opinfo);
goto err_out;
}
- if ((prev_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH) &&
- (prev_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
+ if (prev_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH &&
+ prev_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
opinfo_put(prev_opinfo);
goto op_break_not_needed;
}
@@ -1218,7 +1208,7 @@ int smb_grant_oplock(struct ksmbd_work *work,
* @is_trunc: truncate on open
*/
static void smb_break_all_write_oplock(struct ksmbd_work *work,
- struct ksmbd_file *fp, int is_trunc)
+ struct ksmbd_file *fp, int is_trunc)
{
struct oplock_info *brk_opinfo;
@@ -1226,7 +1216,7 @@ static void smb_break_all_write_oplock(struct ksmbd_work *work,
if (!brk_opinfo)
return;
if (brk_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH &&
- brk_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
+ brk_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
opinfo_put(brk_opinfo);
return;
}
@@ -1244,17 +1234,16 @@ static void smb_break_all_write_oplock(struct ksmbd_work *work,
* @fp: ksmbd file pointer
* @is_trunc: truncate on open
*/
-void smb_break_all_levII_oplock(struct ksmbd_work *work,
- struct ksmbd_file *fp, int is_trunc)
+void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp,
+ int is_trunc)
{
struct oplock_info *op, *brk_op;
struct ksmbd_inode *ci;
struct ksmbd_conn *conn = work->sess->conn;
if (!test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_OPLOCKS)) {
+ KSMBD_SHARE_FLAG_OPLOCKS))
return;
- }
ci = fp->f_ci;
op = opinfo_get(fp);
@@ -1283,13 +1272,11 @@ void smb_break_all_levII_oplock(struct ksmbd_work *work,
atomic_read(&brk_op->breaking_cnt))
goto next;
- if (op && op->is_lease &&
- brk_op->is_lease &&
- !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID,
- SMB2_CLIENT_GUID_SIZE) &&
- !memcmp(op->o_lease->lease_key,
- brk_op->o_lease->lease_key,
- SMB2_LEASE_KEY_SIZE))
+ if (op && op->is_lease && brk_op->is_lease &&
+ !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE) &&
+ !memcmp(op->o_lease->lease_key, brk_op->o_lease->lease_key,
+ SMB2_LEASE_KEY_SIZE))
goto next;
brk_op->open_trunc = is_trunc;
oplock_break(brk_op, SMB2_OPLOCK_LEVEL_NONE);
@@ -1311,7 +1298,7 @@ void smb_break_all_levII_oplock(struct ksmbd_work *work,
void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp)
{
if (!test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_OPLOCKS))
+ KSMBD_SHARE_FLAG_OPLOCKS))
return;
smb_break_all_write_oplock(work, fp, 1);
@@ -1327,14 +1314,16 @@ void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp)
__u8 smb2_map_lease_to_oplock(__le32 lease_state)
{
if (lease_state == (SMB2_LEASE_HANDLE_CACHING_LE |
- SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_WRITE_CACHING_LE))
+ SMB2_LEASE_READ_CACHING_LE |
+ SMB2_LEASE_WRITE_CACHING_LE)) {
return SMB2_OPLOCK_LEVEL_BATCH;
- else if (lease_state != SMB2_LEASE_WRITE_CACHING_LE &&
- lease_state & SMB2_LEASE_WRITE_CACHING_LE) {
+ } else if (lease_state != SMB2_LEASE_WRITE_CACHING_LE &&
+ lease_state & SMB2_LEASE_WRITE_CACHING_LE) {
if (!(lease_state & SMB2_LEASE_HANDLE_CACHING_LE))
return SMB2_OPLOCK_LEVEL_EXCLUSIVE;
- } else if (lease_state & SMB2_LEASE_READ_CACHING_LE)
+ } else if (lease_state & SMB2_LEASE_READ_CACHING_LE) {
return SMB2_OPLOCK_LEVEL_II;
+ }
return 0;
}
@@ -1390,7 +1379,7 @@ struct lease_ctx_info *parse_lease_state(void *open_req)
cc = (struct create_context *)((char *)cc + next);
name = le16_to_cpu(cc->NameOffset) + (char *)cc;
if (le16_to_cpu(cc->NameLength) != 4 ||
- strncmp(name, SMB2_CREATE_REQUEST_LEASE, 4)) {
+ strncmp(name, SMB2_CREATE_REQUEST_LEASE, 4)) {
next = le32_to_cpu(cc->Next);
continue;
}
@@ -1603,7 +1592,7 @@ void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
* Return: opinfo if found matching opinfo, otherwise NULL
*/
struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
- char *lease_key)
+ char *lease_key)
{
struct oplock_info *opinfo = NULL, *ret_op = NULL;
struct lease_table *lt;
@@ -1612,7 +1601,7 @@ struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
read_lock(&lease_list_lock);
list_for_each_entry(lt, &lease_table_list, l_entry) {
if (!memcmp(lt->client_guid, conn->ClientGUID,
- SMB2_CLIENT_GUID_SIZE))
+ SMB2_CLIENT_GUID_SIZE))
goto found;
}
@@ -1625,12 +1614,11 @@ struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
if (!atomic_inc_not_zero(&opinfo->refcount))
continue;
rcu_read_unlock();
- if (!opinfo->op_state ||
- opinfo->op_state == OPLOCK_CLOSING)
+ if (!opinfo->op_state || opinfo->op_state == OPLOCK_CLOSING)
goto op_next;
if (!(opinfo->o_lease->state &
- (SMB2_LEASE_HANDLE_CACHING_LE |
- SMB2_LEASE_WRITE_CACHING_LE)))
+ (SMB2_LEASE_HANDLE_CACHING_LE |
+ SMB2_LEASE_WRITE_CACHING_LE)))
goto op_next;
ret = compare_guid_key(opinfo, conn->ClientGUID,
lease_key);
@@ -1651,7 +1639,7 @@ struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
}
int smb2_check_durable_oplock(struct ksmbd_file *fp,
- struct lease_ctx_info *lctx, char *name)
+ struct lease_ctx_info *lctx, char *name)
{
struct oplock_info *opinfo = opinfo_get(fp);
int ret = 0;
@@ -1663,7 +1651,7 @@ int smb2_check_durable_oplock(struct ksmbd_file *fp,
goto out;
}
if (memcmp(opinfo->o_lease->lease_key, lctx->lease_key,
- SMB2_LEASE_KEY_SIZE)) {
+ SMB2_LEASE_KEY_SIZE)) {
ksmbd_err("invalid lease key\n");
ret = -EBADF;
goto out;
diff --git a/fs/cifsd/oplock.h b/fs/cifsd/oplock.h
index b0e2e795f29a..5b6615f99c76 100644
--- a/fs/cifsd/oplock.h
+++ b/fs/cifsd/oplock.h
@@ -9,7 +9,7 @@
#include "smb_common.h"
-#define OPLOCK_WAIT_TIME (35*HZ)
+#define OPLOCK_WAIT_TIME (35 * HZ)
/* SMB Oplock levels */
#define OPLOCK_NONE 0
@@ -68,7 +68,7 @@ struct oplock_info {
int level;
int op_state;
unsigned long pending_break;
- uint64_t fid;
+ u64 fid;
atomic_t breaking_cnt;
atomic_t refcount;
__u16 Tid;
@@ -95,11 +95,11 @@ struct oplock_break_info {
int fid;
};
-extern int smb_grant_oplock(struct ksmbd_work *work, int req_op_level,
- uint64_t pid, struct ksmbd_file *fp, __u16 tid,
+int smb_grant_oplock(struct ksmbd_work *work, int req_op_level,
+ u64 pid, struct ksmbd_file *fp, __u16 tid,
struct lease_ctx_info *lctx, int share_ret);
-extern void smb_break_all_levII_oplock(struct ksmbd_work *work,
- struct ksmbd_file *fp, int is_trunc);
+void smb_break_all_levII_oplock(struct ksmbd_work *work,
+ struct ksmbd_file *fp, int is_trunc);
int opinfo_write_to_read(struct oplock_info *opinfo);
int opinfo_read_handle_to_read(struct oplock_info *opinfo);
@@ -124,15 +124,13 @@ void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id);
void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp);
struct create_context *smb2_find_context_vals(void *open_req, const char *str);
int ksmbd_durable_verify_and_del_oplock(struct ksmbd_session *curr_sess,
- struct ksmbd_session *prev_sess,
- int fid, struct file **filp,
- uint64_t sess_id);
+ struct ksmbd_session *prev_sess, int fid, struct file **filp,
+ u64 sess_id);
struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
- char *lease_key);
+ char *lease_key);
int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
- struct lease_ctx_info *lctx);
+ struct lease_ctx_info *lctx);
void destroy_lease_table(struct ksmbd_conn *conn);
int smb2_check_durable_oplock(struct ksmbd_file *fp,
- struct lease_ctx_info *lctx, char *name);
-
+ struct lease_ctx_info *lctx, char *name);
#endif /* __KSMBD_OPLOCK_H */
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index 80f5229da3ac..04f959a88a1a 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -105,9 +105,8 @@ static inline int check_conn_state(struct ksmbd_work *work)
#define TCP_HANDLER_CONTINUE 0
#define TCP_HANDLER_ABORT 1
-static int __process_request(struct ksmbd_work *work,
- struct ksmbd_conn *conn,
- uint16_t *cmd)
+static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
+ uint16_t *cmd)
{
struct smb_version_cmds *cmds;
uint16_t command;
@@ -160,16 +159,16 @@ static int __process_request(struct ksmbd_work *work,
}
static void __handle_ksmbd_work(struct ksmbd_work *work,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
- uint16_t command = 0;
+ u16 command = 0;
int rc;
if (conn->ops->allocate_rsp_buf(work))
return;
if (conn->ops->is_transform_hdr &&
- conn->ops->is_transform_hdr(work->request_buf)) {
+ conn->ops->is_transform_hdr(work->request_buf)) {
rc = conn->ops->decrypt_req(work);
if (rc < 0) {
conn->ops->set_rsp_status(work, STATUS_DATA_ERROR);
@@ -224,7 +223,7 @@ static void __handle_ksmbd_work(struct ksmbd_work *work,
}
if (work->sess && (work->sess->sign ||
- smb3_11_final_sess_setup_resp(work) ||
+ smb3_11_final_sess_setup_resp(work) ||
conn->ops->is_sign_req(work, command)))
conn->ops->set_sign_rsp(work);
} while (is_chained_smb2_message(work));
@@ -235,7 +234,7 @@ static void __handle_ksmbd_work(struct ksmbd_work *work,
send:
smb3_preauth_hash_rsp(work);
if (work->sess && work->sess->enc && work->encrypted &&
- conn->ops->encrypt_resp) {
+ conn->ops->encrypt_resp) {
rc = conn->ops->encrypt_resp(work);
if (rc < 0) {
conn->ops->set_rsp_status(work, STATUS_DATA_ERROR);
@@ -416,9 +415,8 @@ int server_queue_ctrl_reset_work(void)
return __queue_ctrl_work(SERVER_CTRL_TYPE_RESET);
}
-static ssize_t stats_show(struct class *class,
- struct class_attribute *attr,
- char *buf)
+static ssize_t stats_show(struct class *class, struct class_attribute *attr,
+ char *buf)
{
/*
* Inc this each time you change stats output format,
@@ -443,9 +441,8 @@ static ssize_t stats_show(struct class *class,
}
static ssize_t kill_server_store(struct class *class,
- struct class_attribute *attr,
- const char *buf,
- size_t len)
+ struct class_attribute *attr, const char *buf,
+ size_t len)
{
if (!sysfs_streq(buf, "hard"))
return len;
@@ -464,8 +461,7 @@ static const char * const debug_type_strings[] = {"smb", "auth", "vfs",
"oplock", "ipc", "conn",
"rdma"};
-static ssize_t debug_show(struct class *class,
- struct class_attribute *attr,
+static ssize_t debug_show(struct class *class, struct class_attribute *attr,
char *buf)
{
ssize_t sz = 0;
@@ -484,16 +480,13 @@ static ssize_t debug_show(struct class *class,
debug_type_strings[i]);
}
sz += pos;
-
}
sz += scnprintf(buf + sz, PAGE_SIZE - sz, "\n");
return sz;
}
-static ssize_t debug_store(struct class *class,
- struct class_attribute *attr,
- const char *buf,
- size_t len)
+static ssize_t debug_store(struct class *class, struct class_attribute *attr,
+ const char *buf, size_t len)
{
int i;
diff --git a/fs/cifsd/smb2misc.c b/fs/cifsd/smb2misc.c
index e6b87d9d33ed..5a50c4ec43f2 100644
--- a/fs/cifsd/smb2misc.c
+++ b/fs/cifsd/smb2misc.c
@@ -90,8 +90,7 @@ static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
/* error reqeusts do not have data area */
if (hdr->Status && hdr->Status != STATUS_MORE_PROCESSING_REQUIRED &&
- (((struct smb2_err_rsp *)hdr)->StructureSize) ==
- SMB2_ERROR_STRUCTURE_SIZE2_LE)
+ (((struct smb2_err_rsp *)hdr)->StructureSize) == SMB2_ERROR_STRUCTURE_SIZE2_LE)
return NULL;
/*
@@ -101,16 +100,12 @@ static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
*/
switch (hdr->Command) {
case SMB2_SESSION_SETUP:
- *off = le16_to_cpu(
- ((struct smb2_sess_setup_req *)hdr)->SecurityBufferOffset);
- *len = le16_to_cpu(
- ((struct smb2_sess_setup_req *)hdr)->SecurityBufferLength);
+ *off = le16_to_cpu(((struct smb2_sess_setup_req *)hdr)->SecurityBufferOffset);
+ *len = le16_to_cpu(((struct smb2_sess_setup_req *)hdr)->SecurityBufferLength);
break;
case SMB2_TREE_CONNECT:
- *off = le16_to_cpu(
- ((struct smb2_tree_connect_req *)hdr)->PathOffset);
- *len = le16_to_cpu(
- ((struct smb2_tree_connect_req *)hdr)->PathLength);
+ *off = le16_to_cpu(((struct smb2_tree_connect_req *)hdr)->PathOffset);
+ *len = le16_to_cpu(((struct smb2_tree_connect_req *)hdr)->PathLength);
break;
case SMB2_CREATE:
{
@@ -122,49 +117,35 @@ static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
break;
}
- *off = le16_to_cpu(
- ((struct smb2_create_req *)hdr)->NameOffset);
- *len = le16_to_cpu(
- ((struct smb2_create_req *)hdr)->NameLength);
+ *off = le16_to_cpu(((struct smb2_create_req *)hdr)->NameOffset);
+ *len = le16_to_cpu(((struct smb2_create_req *)hdr)->NameLength);
break;
}
case SMB2_QUERY_INFO:
- *off = le16_to_cpu(
- ((struct smb2_query_info_req *)hdr)->InputBufferOffset);
- *len = le32_to_cpu(
- ((struct smb2_query_info_req *)hdr)->InputBufferLength);
+ *off = le16_to_cpu(((struct smb2_query_info_req *)hdr)->InputBufferOffset);
+ *len = le32_to_cpu(((struct smb2_query_info_req *)hdr)->InputBufferLength);
break;
case SMB2_SET_INFO:
- *off = le16_to_cpu(
- ((struct smb2_set_info_req *)hdr)->BufferOffset);
- *len = le32_to_cpu(
- ((struct smb2_set_info_req *)hdr)->BufferLength);
+ *off = le16_to_cpu(((struct smb2_set_info_req *)hdr)->BufferOffset);
+ *len = le32_to_cpu(((struct smb2_set_info_req *)hdr)->BufferLength);
break;
case SMB2_READ:
- *off = le16_to_cpu(
- ((struct smb2_read_req *)hdr)->ReadChannelInfoOffset);
- *len = le16_to_cpu(
- ((struct smb2_read_req *)hdr)->ReadChannelInfoLength);
+ *off = le16_to_cpu(((struct smb2_read_req *)hdr)->ReadChannelInfoOffset);
+ *len = le16_to_cpu(((struct smb2_read_req *)hdr)->ReadChannelInfoLength);
break;
case SMB2_WRITE:
if (((struct smb2_write_req *)hdr)->DataOffset) {
- *off = le16_to_cpu(
- ((struct smb2_write_req *)hdr)->DataOffset);
- *len = le32_to_cpu(
- ((struct smb2_write_req *)hdr)->Length);
+ *off = le16_to_cpu(((struct smb2_write_req *)hdr)->DataOffset);
+ *len = le32_to_cpu(((struct smb2_write_req *)hdr)->Length);
break;
}
- *off = le16_to_cpu(
- ((struct smb2_write_req *)hdr)->WriteChannelInfoOffset);
- *len = le16_to_cpu(
- ((struct smb2_write_req *)hdr)->WriteChannelInfoLength);
+ *off = le16_to_cpu(((struct smb2_write_req *)hdr)->WriteChannelInfoOffset);
+ *len = le16_to_cpu(((struct smb2_write_req *)hdr)->WriteChannelInfoLength);
break;
case SMB2_QUERY_DIRECTORY:
- *off = le16_to_cpu(
- ((struct smb2_query_directory_req *)hdr)->FileNameOffset);
- *len = le16_to_cpu(
- ((struct smb2_query_directory_req *)hdr)->FileNameLength);
+ *off = le16_to_cpu(((struct smb2_query_directory_req *)hdr)->FileNameOffset);
+ *len = le16_to_cpu(((struct smb2_query_directory_req *)hdr)->FileNameLength);
break;
case SMB2_LOCK:
{
@@ -174,8 +155,7 @@ static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
* smb2_lock request size is 48 included single
* smb2_lock_element structure size.
*/
- lock_count = le16_to_cpu(
- ((struct smb2_lock_req *)hdr)->LockCount) - 1;
+ lock_count = le16_to_cpu(((struct smb2_lock_req *)hdr)->LockCount) - 1;
if (lock_count > 0) {
*off = __SMB2_HEADER_STRUCTURE_SIZE + 48;
*len = sizeof(struct smb2_lock_element) * lock_count;
@@ -183,8 +163,7 @@ static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
break;
}
case SMB2_IOCTL:
- *off = le32_to_cpu(
- ((struct smb2_ioctl_req *)hdr)->InputOffset);
+ *off = le32_to_cpu(((struct smb2_ioctl_req *)hdr)->InputOffset);
*len = le32_to_cpu(((struct smb2_ioctl_req *)hdr)->InputCount);
break;
@@ -366,9 +345,9 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
hdr = &pdu->hdr;
}
- if (le32_to_cpu(hdr->NextCommand) > 0)
+ if (le32_to_cpu(hdr->NextCommand) > 0) {
len = le32_to_cpu(hdr->NextCommand);
- else if (work->next_smb2_rcv_hdr_off) {
+ } else if (work->next_smb2_rcv_hdr_off) {
len -= work->next_smb2_rcv_hdr_off;
len = round_up(len, 8);
}
@@ -389,19 +368,17 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
}
if (smb2_req_struct_sizes[command] != pdu->StructureSize2) {
- if (command != SMB2_OPLOCK_BREAK_HE && (hdr->Status == 0 ||
- pdu->StructureSize2 != SMB2_ERROR_STRUCTURE_SIZE2_LE)) {
+ if (command != SMB2_OPLOCK_BREAK_HE &&
+ (hdr->Status == 0 || pdu->StructureSize2 != SMB2_ERROR_STRUCTURE_SIZE2_LE)) {
/* error packets have 9 byte structure size */
ksmbd_debug(SMB,
"Illegal request size %u for command %d\n",
le16_to_cpu(pdu->StructureSize2), command);
return 1;
- } else if (command == SMB2_OPLOCK_BREAK_HE
- && (hdr->Status == 0)
- && (le16_to_cpu(pdu->StructureSize2) !=
- OP_BREAK_STRUCT_SIZE_20)
- && (le16_to_cpu(pdu->StructureSize2) !=
- OP_BREAK_STRUCT_SIZE_21)) {
+ } else if (command == SMB2_OPLOCK_BREAK_HE &&
+ hdr->Status == 0 &&
+ le16_to_cpu(pdu->StructureSize2) != OP_BREAK_STRUCT_SIZE_20 &&
+ le16_to_cpu(pdu->StructureSize2) != OP_BREAK_STRUCT_SIZE_21) {
/* special case for SMB2.1 lease break message */
ksmbd_debug(SMB,
"Illegal request size %d for oplock break\n",
diff --git a/fs/cifsd/smb2ops.c b/fs/cifsd/smb2ops.c
index a47219ea3b80..945bc6a78d3c 100644
--- a/fs/cifsd/smb2ops.c
+++ b/fs/cifsd/smb2ops.c
@@ -248,7 +248,7 @@ void init_smb3_02_server(struct ksmbd_conn *conn)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION &&
- conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
+ conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index a1aa42b52597..3e8f1a3800dd 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -58,7 +58,7 @@ static void __wbuf(struct ksmbd_work *work, void **req, void **rsp)
*
* Return: 1 if valid session id, otherwise 0
*/
-static inline int check_session_id(struct ksmbd_conn *conn, uint64_t id)
+static inline int check_session_id(struct ksmbd_conn *conn, u64 id)
{
struct ksmbd_session *sess;
@@ -98,9 +98,9 @@ int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
int tree_id;
work->tcon = NULL;
- if ((work->conn->ops->get_cmd_val(work) == SMB2_TREE_CONNECT_HE) ||
- (work->conn->ops->get_cmd_val(work) == SMB2_CANCEL_HE) ||
- (work->conn->ops->get_cmd_val(work) == SMB2_LOGOFF_HE)) {
+ if (work->conn->ops->get_cmd_val(work) == SMB2_TREE_CONNECT_HE ||
+ work->conn->ops->get_cmd_val(work) == SMB2_CANCEL_HE ||
+ work->conn->ops->get_cmd_val(work) == SMB2_LOGOFF_HE) {
ksmbd_debug(SMB, "skip to check tree connect request\n");
return 0;
}
@@ -238,7 +238,7 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
if (conn->need_neg == false)
return -EINVAL;
if (!(conn->dialect >= SMB20_PROT_ID &&
- conn->dialect <= SMB311_PROT_ID))
+ conn->dialect <= SMB311_PROT_ID))
return -EINVAL;
rsp_hdr = work->response_buf;
@@ -549,8 +549,8 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
req = work->request_buf;
if (req->InfoType == SMB2_O_INFO_FILE &&
- (req->FileInfoClass == FILE_FULL_EA_INFORMATION ||
- req->FileInfoClass == FILE_ALL_INFORMATION)) {
+ (req->FileInfoClass == FILE_FULL_EA_INFORMATION ||
+ req->FileInfoClass == FILE_ALL_INFORMATION)) {
sz = large_sz;
work->set_trans_buf = true;
}
@@ -595,7 +595,7 @@ int smb2_check_user_session(struct ksmbd_work *work)
* these commands.
*/
if (cmd == SMB2_ECHO_HE || cmd == SMB2_NEGOTIATE_HE ||
- cmd == SMB2_SESSION_SETUP_HE)
+ cmd == SMB2_SESSION_SETUP_HE)
return 0;
if (!ksmbd_conn_good(work))
@@ -610,7 +610,7 @@ int smb2_check_user_session(struct ksmbd_work *work)
return -EINVAL;
}
-static void destroy_previous_session(struct ksmbd_user *user, uint64_t id)
+static void destroy_previous_session(struct ksmbd_user *user, u64 id)
{
struct ksmbd_session *prev_sess = ksmbd_session_lookup_slowpath(id);
struct ksmbd_user *prev_user;
@@ -641,15 +641,12 @@ static void destroy_previous_session(struct ksmbd_user *user, uint64_t id)
* Return: matching converted filename on success, otherwise error ptr
*/
static char *
-smb2_get_name(struct ksmbd_share_config *share,
- const char *src,
- const int maxlen,
- struct nls_table *local_nls)
+smb2_get_name(struct ksmbd_share_config *share, const char *src,
+ const int maxlen, struct nls_table *local_nls)
{
char *name, *unixname;
- name = smb_strndup_from_utf16(src, maxlen, 1,
- local_nls);
+ name = smb_strndup_from_utf16(src, maxlen, 1, local_nls);
if (IS_ERR(name)) {
ksmbd_err("failed to get name %ld\n", PTR_ERR(name));
return name;
@@ -756,10 +753,10 @@ static int smb2_get_dos_mode(struct kstat *stat, int attribute)
{
int attr = 0;
- if (S_ISDIR(stat->mode))
+ if (S_ISDIR(stat->mode)) {
attr = ATTR_DIRECTORY |
(attribute & (ATTR_HIDDEN | ATTR_SYSTEM));
- else {
+ } else {
attr = (attribute & 0x00005137) | ATTR_ARCHIVE;
attr &= ~(ATTR_DIRECTORY);
if (S_ISREG(stat->mode) && (server_conf.share_fake_fscaps &
@@ -774,7 +771,7 @@ static int smb2_get_dos_mode(struct kstat *stat, int attribute)
}
static void build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt,
- __le16 hash_id)
+ __le16 hash_id)
{
pneg_ctxt->ContextType = SMB2_PREAUTH_INTEGRITY_CAPABILITIES;
pneg_ctxt->DataLength = cpu_to_le16(38);
@@ -786,7 +783,7 @@ static void build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt,
}
static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt,
- __le16 cipher_type)
+ __le16 cipher_type)
{
pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES;
pneg_ctxt->DataLength = cpu_to_le16(4);
@@ -796,7 +793,7 @@ static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt,
}
static void build_compression_ctxt(struct smb2_compression_ctx *pneg_ctxt,
- __le16 comp_algo)
+ __le16 comp_algo)
{
pneg_ctxt->ContextType = SMB2_COMPRESSION_CAPABILITIES;
pneg_ctxt->DataLength =
@@ -808,8 +805,7 @@ static void build_compression_ctxt(struct smb2_compression_ctx *pneg_ctxt,
pneg_ctxt->CompressionAlgorithms[0] = comp_algo;
}
-static void
-build_posix_ctxt(struct smb2_posix_neg_context *pneg_ctxt)
+static void build_posix_ctxt(struct smb2_posix_neg_context *pneg_ctxt)
{
pneg_ctxt->ContextType = SMB2_POSIX_EXTENSIONS_AVAILABLE;
pneg_ctxt->DataLength = cpu_to_le16(POSIX_CTXT_DATA_LEN);
@@ -832,9 +828,8 @@ build_posix_ctxt(struct smb2_posix_neg_context *pneg_ctxt)
pneg_ctxt->Name[15] = 0x7C;
}
-static void
-assemble_neg_contexts(struct ksmbd_conn *conn,
- struct smb2_negotiate_rsp *rsp)
+static void assemble_neg_contexts(struct ksmbd_conn *conn,
+ struct smb2_negotiate_rsp *rsp)
{
/* +4 is to account for the RFC1001 len field */
char *pneg_ctxt = (char *)rsp +
@@ -856,8 +851,7 @@ assemble_neg_contexts(struct ksmbd_conn *conn,
ctxt_size = round_up(ctxt_size, 8);
ksmbd_debug(SMB,
"assemble SMB2_ENCRYPTION_CAPABILITIES context\n");
- build_encrypt_ctxt(
- (struct smb2_encryption_neg_context *)pneg_ctxt,
+ build_encrypt_ctxt((struct smb2_encryption_neg_context *)pneg_ctxt,
conn->cipher_type);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
ctxt_size += sizeof(struct smb2_encryption_neg_context);
@@ -892,9 +886,8 @@ assemble_neg_contexts(struct ksmbd_conn *conn,
inc_rfc1001_len(rsp, ctxt_size);
}
-static __le32
-decode_preauth_ctxt(struct ksmbd_conn *conn,
- struct smb2_preauth_neg_context *pneg_ctxt)
+static __le32 decode_preauth_ctxt(struct ksmbd_conn *conn,
+ struct smb2_preauth_neg_context *pneg_ctxt)
{
__le32 err = STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP;
@@ -909,7 +902,7 @@ decode_preauth_ctxt(struct ksmbd_conn *conn,
}
static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
- struct smb2_encryption_neg_context *pneg_ctxt)
+ struct smb2_encryption_neg_context *pneg_ctxt)
{
int i;
int cph_cnt = le16_to_cpu(pneg_ctxt->CipherCount);
@@ -921,7 +914,7 @@ static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
for (i = 0; i < cph_cnt; i++) {
if (pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_GCM ||
- pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_CCM) {
+ pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_CCM) {
ksmbd_debug(SMB, "Cipher ID = 0x%x\n",
pneg_ctxt->Ciphers[i]);
conn->cipher_type = pneg_ctxt->Ciphers[i];
@@ -939,7 +932,7 @@ static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
}
static int decode_compress_ctxt(struct ksmbd_conn *conn,
- struct smb2_compression_ctx *pneg_ctxt)
+ struct smb2_compression_ctx *pneg_ctxt)
{
int algo_cnt = le16_to_cpu(pneg_ctxt->CompressionAlgorithmCount);
@@ -954,7 +947,7 @@ static int decode_compress_ctxt(struct ksmbd_conn *conn,
}
static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
- struct smb2_negotiate_req *req)
+ struct smb2_negotiate_req *req)
{
int i = 0;
__le32 status = 0;
@@ -976,8 +969,7 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
status = decode_preauth_ctxt(conn,
(struct smb2_preauth_neg_context *)pneg_ctxt);
- pneg_ctxt += DIV_ROUND_UP(
- sizeof(struct smb2_preauth_neg_context), 8) * 8;
+ pneg_ctxt += DIV_ROUND_UP(sizeof(struct smb2_preauth_neg_context), 8) * 8;
} else if (*ContextType == SMB2_ENCRYPTION_CAPABILITIES) {
ksmbd_debug(SMB,
"deassemble SMB2_ENCRYPTION_CAPABILITIES context\n");
@@ -985,8 +977,7 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
break;
ctxt_size = decode_encrypt_ctxt(conn,
- (struct smb2_encryption_neg_context *)
- pneg_ctxt);
+ (struct smb2_encryption_neg_context *)pneg_ctxt);
pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
} else if (*ContextType == SMB2_COMPRESSION_CAPABILITIES) {
ksmbd_debug(SMB,
@@ -995,23 +986,20 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
break;
ctxt_size = decode_compress_ctxt(conn,
- (struct smb2_compression_ctx *)
- pneg_ctxt);
+ (struct smb2_compression_ctx *) pneg_ctxt);
pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
} else if (*ContextType == SMB2_NETNAME_NEGOTIATE_CONTEXT_ID) {
ksmbd_debug(SMB,
"deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context\n");
ctxt_size = sizeof(struct smb2_netname_neg_context);
- ctxt_size += DIV_ROUND_UP(
- le16_to_cpu(((struct smb2_netname_neg_context *)
+ ctxt_size += DIV_ROUND_UP(le16_to_cpu(((struct smb2_netname_neg_context *)
pneg_ctxt)->DataLength), 8) * 8;
pneg_ctxt += ctxt_size;
} else if (*ContextType == SMB2_POSIX_EXTENSIONS_AVAILABLE) {
ksmbd_debug(SMB,
"deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
conn->posix_ext_supported = true;
- pneg_ctxt += DIV_ROUND_UP(
- sizeof(struct smb2_posix_neg_context), 8) * 8;
+ pneg_ctxt += DIV_ROUND_UP(sizeof(struct smb2_posix_neg_context), 8) * 8;
}
ContextType = (__le16 *)pneg_ctxt;
@@ -1149,8 +1137,8 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
conn->use_spnego = true;
if ((server_conf.signing == KSMBD_CONFIG_OPT_AUTO ||
- server_conf.signing == KSMBD_CONFIG_OPT_DISABLED) &&
- req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED_LE)
+ server_conf.signing == KSMBD_CONFIG_OPT_DISABLED) &&
+ req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED_LE)
conn->sign = true;
else if (server_conf.signing == KSMBD_CONFIG_OPT_MANDATORY) {
server_conf.enforced_signing = true;
@@ -1169,7 +1157,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
}
static int alloc_preauth_hash(struct ksmbd_session *sess,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
if (sess->Preauth_HashValue)
return 0;
@@ -1204,7 +1192,7 @@ static int generate_preauth_hash(struct ksmbd_work *work)
}
static int decode_negotiation_token(struct ksmbd_work *work,
- struct negotiate_message *negblob)
+ struct negotiate_message *negblob)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_sess_setup_req *req;
@@ -1227,7 +1215,7 @@ static int decode_negotiation_token(struct ksmbd_work *work,
}
static int ntlm_negotiate(struct ksmbd_work *work,
- struct negotiate_message *negblob)
+ struct negotiate_message *negblob)
{
struct smb2_sess_setup_req *req = work->request_buf;
struct smb2_sess_setup_rsp *rsp = work->response_buf;
@@ -1291,7 +1279,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
}
static struct authenticate_message *user_authblob(struct ksmbd_conn *conn,
- struct smb2_sess_setup_req *req)
+ struct smb2_sess_setup_req *req)
{
int sz;
@@ -1304,7 +1292,7 @@ static struct authenticate_message *user_authblob(struct ksmbd_conn *conn,
}
static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
- struct smb2_sess_setup_req *req)
+ struct smb2_sess_setup_req *req)
{
struct authenticate_message *authblob;
struct ksmbd_user *user;
@@ -1336,7 +1324,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
struct ksmbd_session *sess = work->sess;
struct channel *chann = NULL;
struct ksmbd_user *user;
- uint64_t prev_id;
+ u64 prev_id;
int sz, rc;
ksmbd_debug(SMB, "authenticate phase\n");
@@ -1351,9 +1339,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
return -ENOMEM;
sz = le16_to_cpu(rsp->SecurityBufferOffset);
- memcpy((char *)&rsp->hdr.ProtocolId + sz,
- spnego_blob,
- spnego_blob_len);
+ memcpy((char *)&rsp->hdr.ProtocolId + sz, spnego_blob, spnego_blob_len);
rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len);
kfree(spnego_blob);
inc_rfc1001_len(rsp, spnego_blob_len - 1);
@@ -1386,8 +1372,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
sess->user = user;
if (user_guest(sess->user)) {
if (conn->sign) {
- ksmbd_debug(SMB,
- "Guest login not allowed when signing enabled\n");
+ ksmbd_debug(SMB, "Guest login not allowed when signing enabled\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
return -EACCES;
}
@@ -1415,11 +1400,11 @@ static int ntlm_authenticate(struct ksmbd_work *work)
return 0;
if ((conn->sign || server_conf.enforced_signing) ||
- (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
+ (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
sess->sign = true;
if (conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION &&
- conn->ops->generate_encryptionkey) {
+ conn->ops->generate_encryptionkey) {
rc = conn->ops->generate_encryptionkey(sess);
if (rc) {
ksmbd_debug(SMB,
@@ -1453,8 +1438,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
if (conn->ops->generate_signingkey) {
rc = conn->ops->generate_signingkey(sess);
if (rc) {
- ksmbd_debug(SMB,
- "SMB3 signing key generation failed\n");
+ ksmbd_debug(SMB, "SMB3 signing key generation failed\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
return rc;
}
@@ -1479,7 +1463,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
struct ksmbd_session *sess = work->sess;
char *in_blob, *out_blob;
struct channel *chann = NULL;
- uint64_t prev_sess_id;
+ u64 prev_sess_id;
int in_len, out_len;
int retval;
@@ -1511,11 +1495,11 @@ static int krb5_authenticate(struct ksmbd_work *work)
inc_rfc1001_len(rsp, out_len - 1);
if ((conn->sign || server_conf.enforced_signing) ||
- (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
+ (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
sess->sign = true;
if ((conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION) &&
- conn->ops->generate_encryptionkey) {
+ conn->ops->generate_encryptionkey) {
retval = conn->ops->generate_encryptionkey(sess);
if (retval) {
ksmbd_debug(SMB,
@@ -1544,8 +1528,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
if (conn->ops->generate_signingkey) {
retval = conn->ops->generate_signingkey(sess);
if (retval) {
- ksmbd_debug(SMB,
- "SMB3 signing key generation failed\n");
+ ksmbd_debug(SMB, "SMB3 signing key generation failed\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
return retval;
}
@@ -1646,9 +1629,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
* Note: here total size -1 is done as an
* adjustment for 0 size blob
*/
- inc_rfc1001_len(rsp,
- le16_to_cpu(rsp->SecurityBufferLength)
- - 1);
+ inc_rfc1001_len(rsp, le16_to_cpu(rsp->SecurityBufferLength) - 1);
} else if (negblob->MessageType == NtLmAuthenticate) {
rc = ntlm_authenticate(work);
@@ -1704,7 +1685,7 @@ int smb2_tree_connect(struct ksmbd_work *work)
int rc = -EINVAL;
treename = smb_strndup_from_utf16(req->Buffer,
- le16_to_cpu(req->PathLength), true, conn->local_nls);
+ le16_to_cpu(req->PathLength), true, conn->local_nls);
if (IS_ERR(treename)) {
ksmbd_err("treename is NULL\n");
status.ret = KSMBD_TREE_CONN_STATUS_ERROR;
@@ -1808,7 +1789,7 @@ static int smb2_create_open_flags(bool file_present, __le32 access,
int oflags = O_NONBLOCK | O_LARGEFILE;
if (access & FILE_READ_DESIRED_ACCESS_LE &&
- access & FILE_WRITE_DESIRE_ACCESS_LE)
+ access & FILE_WRITE_DESIRE_ACCESS_LE)
oflags |= O_RDWR;
else if (access & FILE_WRITE_DESIRE_ACCESS_LE)
oflags |= O_WRONLY;
@@ -1995,13 +1976,13 @@ struct durable_info {
};
static int parse_durable_handle_context(struct ksmbd_work *work,
- struct smb2_create_req *req, struct lease_ctx_info *lc,
- struct durable_info *d_info)
+ struct smb2_create_req *req, struct lease_ctx_info *lc,
+ struct durable_info *d_info)
{
struct ksmbd_conn *conn = work->conn;
struct create_context *context;
int i, err = 0;
- uint64_t persistent_id = 0;
+ u64 persistent_id = 0;
int req_op_level;
static const char * const durable_arr[] = {"DH2C", "DHnC", "DH2Q",
"DHnQ", SMB2_CREATE_APP_INSTANCE_ID};
@@ -2026,8 +2007,7 @@ static int parse_durable_handle_context(struct ksmbd_work *work,
recon_v2 =
(struct create_durable_reconn_v2_req *)context;
- persistent_id = le64_to_cpu(
- recon_v2->Fid.PersistentFileId);
+ persistent_id = le64_to_cpu(recon_v2->Fid.PersistentFileId);
d_info->fp = ksmbd_lookup_durable_fd(persistent_id);
if (!d_info->fp) {
ksmbd_err("Failed to get Durable handle state\n");
@@ -2035,9 +2015,8 @@ static int parse_durable_handle_context(struct ksmbd_work *work,
goto out;
}
- if (memcmp(d_info->fp->create_guid,
- recon_v2->CreateGuid,
- SMB2_CREATE_GUID_SIZE)) {
+ if (memcmp(d_info->fp->create_guid, recon_v2->CreateGuid,
+ SMB2_CREATE_GUID_SIZE)) {
err = -EBADF;
goto out;
}
@@ -2053,15 +2032,14 @@ static int parse_durable_handle_context(struct ksmbd_work *work,
struct create_durable_reconn_req *recon;
if (d_info->type == DURABLE_RECONN_V2 ||
- d_info->type == DURABLE_REQ_V2) {
+ d_info->type == DURABLE_REQ_V2) {
err = -EINVAL;
goto out;
}
recon =
(struct create_durable_reconn_req *)context;
- persistent_id = le64_to_cpu(
- recon->Data.Fid.PersistentFileId);
+ persistent_id = le64_to_cpu(recon->Data.Fid.PersistentFileId);
d_info->fp = ksmbd_lookup_durable_fd(persistent_id);
if (!d_info->fp) {
ksmbd_err("Failed to get Durable handle state\n");
@@ -2080,7 +2058,7 @@ static int parse_durable_handle_context(struct ksmbd_work *work,
struct create_durable_req_v2 *durable_v2_blob;
if (d_info->type == DURABLE_RECONN ||
- d_info->type == DURABLE_RECONN_V2) {
+ d_info->type == DURABLE_RECONN_V2) {
err = -EINVAL;
goto out;
}
@@ -2088,14 +2066,11 @@ static int parse_durable_handle_context(struct ksmbd_work *work,
durable_v2_blob =
(struct create_durable_req_v2 *)context;
ksmbd_debug(SMB, "Request for durable v2 open\n");
- d_info->fp = ksmbd_lookup_fd_cguid(
- durable_v2_blob->CreateGuid);
+ d_info->fp = ksmbd_lookup_fd_cguid(durable_v2_blob->CreateGuid);
if (d_info->fp) {
- if (!memcmp(conn->ClientGUID,
- d_info->fp->client_guid,
- SMB2_CLIENT_GUID_SIZE)) {
- if (!(req->hdr.Flags &
- SMB2_FLAGS_REPLAY_OPERATIONS)) {
+ if (!memcmp(conn->ClientGUID, d_info->fp->client_guid,
+ SMB2_CLIENT_GUID_SIZE)) {
+ if (!(req->hdr.Flags & SMB2_FLAGS_REPLAY_OPERATIONS)) {
err = -ENOEXEC;
goto out;
}
@@ -2105,10 +2080,8 @@ static int parse_durable_handle_context(struct ksmbd_work *work,
goto out;
}
}
- if (((lc &&
- (lc->req_state &
- SMB2_LEASE_HANDLE_CACHING_LE)) ||
- (req_op_level == SMB2_OPLOCK_LEVEL_BATCH))) {
+ if (((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) ||
+ req_op_level == SMB2_OPLOCK_LEVEL_BATCH)) {
d_info->CreateGuid =
durable_v2_blob->CreateGuid;
d_info->persistent =
@@ -2123,15 +2096,13 @@ static int parse_durable_handle_context(struct ksmbd_work *work,
if (d_info->type == DURABLE_RECONN)
goto out;
if (d_info->type == DURABLE_RECONN_V2 ||
- d_info->type == DURABLE_REQ_V2) {
+ d_info->type == DURABLE_REQ_V2) {
err = -EINVAL;
goto out;
}
- if (((lc &&
- (lc->req_state &
- SMB2_LEASE_HANDLE_CACHING_LE)) ||
- (req_op_level == SMB2_OPLOCK_LEVEL_BATCH))) {
+ if (((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) ||
+ req_op_level == SMB2_OPLOCK_LEVEL_BATCH)) {
ksmbd_debug(SMB, "Request for durable open\n");
d_info->type = i;
}
@@ -2252,9 +2223,7 @@ static inline int check_context_err(void *ctx, char *str)
}
static noinline int smb2_set_stream_name_xattr(struct path *path,
- struct ksmbd_file *fp,
- char *stream_name,
- int s_type)
+ struct ksmbd_file *fp, char *stream_name, int s_type)
{
size_t xattr_stream_size;
char *xattr_stream_name;
@@ -2307,12 +2276,9 @@ static int smb2_remove_smb_xattrs(struct dentry *dentry)
ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name));
if (strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) &&
- strncmp(&name[XATTR_USER_PREFIX_LEN],
- DOS_ATTRIBUTE_PREFIX,
- DOS_ATTRIBUTE_PREFIX_LEN) &&
- strncmp(&name[XATTR_USER_PREFIX_LEN],
- STREAM_PREFIX,
- STREAM_PREFIX_LEN))
+ strncmp(&name[XATTR_USER_PREFIX_LEN], DOS_ATTRIBUTE_PREFIX,
+ DOS_ATTRIBUTE_PREFIX_LEN) &&
+ strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX, STREAM_PREFIX_LEN))
continue;
err = ksmbd_vfs_remove_xattr(dentry, name);
@@ -2343,9 +2309,8 @@ static int smb2_create_truncate(struct path *path)
return rc;
}
-static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon,
- struct path *path,
- struct ksmbd_file *fp)
+static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon, struct path *path,
+ struct ksmbd_file *fp)
{
struct xattr_dos_attrib da = {0};
int rc;
@@ -2366,8 +2331,7 @@ static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon,
}
static void smb2_update_xattrs(struct ksmbd_tree_connect *tcon,
- struct path *path,
- struct ksmbd_file *fp)
+ struct path *path, struct ksmbd_file *fp)
{
struct xattr_dos_attrib da;
int rc;
@@ -2376,7 +2340,7 @@ static void smb2_update_xattrs(struct ksmbd_tree_connect *tcon,
/* get FileAttributes from XATTR_NAME_DOS_ATTRIBUTE */
if (!test_share_config_flag(tcon->share_conf,
- KSMBD_SHARE_FLAG_STORE_DOS_ATTRS))
+ KSMBD_SHARE_FLAG_STORE_DOS_ATTRS))
return;
rc = ksmbd_vfs_get_dos_attrib_xattr(path->dentry, &da);
@@ -2387,12 +2351,8 @@ static void smb2_update_xattrs(struct ksmbd_tree_connect *tcon,
}
}
-static int smb2_creat(struct ksmbd_work *work,
- struct path *path,
- char *name,
- int open_flags,
- umode_t posix_mode,
- bool is_dir)
+static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name,
+ int open_flags, umode_t posix_mode, bool is_dir)
{
struct ksmbd_tree_connect *tcon = work->tcon;
struct ksmbd_share_config *share = tcon->share_conf;
@@ -2494,7 +2454,7 @@ int smb2_open(struct ksmbd_work *work)
WORK_BUFFERS(work, req, rsp);
if (req->hdr.NextCommand && !work->next_smb2_rcv_hdr_off &&
- (req->hdr.Flags & SMB2_FLAGS_RELATED_OPERATIONS)) {
+ (req->hdr.Flags & SMB2_FLAGS_RELATED_OPERATIONS)) {
ksmbd_debug(SMB, "invalid flag in chained command\n");
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
smb2_set_err_rsp(work);
@@ -2508,7 +2468,7 @@ int smb2_open(struct ksmbd_work *work)
if (req->NameLength) {
if ((req->CreateOptions & FILE_DIRECTORY_FILE_LE) &&
- *(char *)req->Buffer == '\\') {
+ *(char *)req->Buffer == '\\') {
ksmbd_err("not allow directory name included leading slash\n");
rc = -EINVAL;
goto err_out1;
@@ -2528,7 +2488,7 @@ int smb2_open(struct ksmbd_work *work)
ksmbd_debug(SMB, "converted name = %s\n", name);
if (strchr(name, ':')) {
if (!test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_STREAMS)) {
+ KSMBD_SHARE_FLAG_STREAMS)) {
rc = -EBADF;
goto err_out1;
}
@@ -2564,7 +2524,7 @@ int smb2_open(struct ksmbd_work *work)
req_op_level = req->RequestedOplockLevel;
memset(&d_info, 0, sizeof(struct durable_info));
if (server_conf.flags & KSMBD_GLOBAL_FLAG_DURABLE_HANDLE &&
- req->CreateContextsOffset) {
+ req->CreateContextsOffset) {
lc = parse_lease_state(req);
rc = parse_durable_handle_context(work, req, lc, &d_info);
if (rc) {
@@ -2593,8 +2553,7 @@ int smb2_open(struct ksmbd_work *work)
lc = parse_lease_state(req);
}
- if (le32_to_cpu(req->ImpersonationLevel) >
- le32_to_cpu(IL_DELEGATE_LE)) {
+ if (le32_to_cpu(req->ImpersonationLevel) > le32_to_cpu(IL_DELEGATE_LE)) {
ksmbd_err("Invalid impersonationlevel : 0x%x\n",
le32_to_cpu(req->ImpersonationLevel));
rc = -EIO;
@@ -2610,7 +2569,7 @@ int smb2_open(struct ksmbd_work *work)
} else {
if (req->CreateOptions & FILE_SEQUENTIAL_ONLY_LE &&
- req->CreateOptions & FILE_RANDOM_ACCESS_LE)
+ req->CreateOptions & FILE_RANDOM_ACCESS_LE)
req->CreateOptions = ~(FILE_SEQUENTIAL_ONLY_LE);
if (req->CreateOptions & (FILE_OPEN_BY_FILE_ID_LE |
@@ -2623,8 +2582,9 @@ int smb2_open(struct ksmbd_work *work)
if (req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE) {
rc = -EINVAL;
goto err_out1;
- } else if (req->CreateOptions & FILE_NO_COMPRESSION_LE)
+ } else if (req->CreateOptions & FILE_NO_COMPRESSION_LE) {
req->CreateOptions = ~(FILE_NO_COMPRESSION_LE);
+ }
}
}
@@ -2643,8 +2603,7 @@ int smb2_open(struct ksmbd_work *work)
goto err_out1;
}
- if (req->FileAttributes &&
- !(req->FileAttributes & ATTR_MASK_LE)) {
+ if (req->FileAttributes && !(req->FileAttributes & ATTR_MASK_LE)) {
ksmbd_err("Invalid file attribute : 0x%x\n",
le32_to_cpu(req->FileAttributes));
rc = -EINVAL;
@@ -2729,14 +2688,13 @@ int smb2_open(struct ksmbd_work *work)
* denied error.
*/
if (req->CreateDisposition == FILE_OVERWRITE_IF_LE ||
- req->CreateDisposition == FILE_OPEN_IF_LE) {
+ req->CreateDisposition == FILE_OPEN_IF_LE) {
rc = -EACCES;
path_put(&path);
goto err_out;
}
- if (!test_tree_conn_flag(tcon,
- KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
"User does not have write permission\n");
rc = -EACCES;
@@ -2746,7 +2704,7 @@ int smb2_open(struct ksmbd_work *work)
}
} else {
if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS)) {
+ KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS)) {
/*
* Use LOOKUP_FOLLOW to follow the path of
* symlink in path buildup
@@ -2792,7 +2750,7 @@ int smb2_open(struct ksmbd_work *work)
}
if (req->CreateOptions & FILE_DIRECTORY_FILE_LE &&
- req->FileAttributes & ATTR_NORMAL_LE) {
+ req->FileAttributes & ATTR_NORMAL_LE) {
rsp->hdr.Status = STATUS_NOT_A_DIRECTORY;
rc = -EIO;
}
@@ -2801,9 +2759,8 @@ int smb2_open(struct ksmbd_work *work)
goto err_out;
}
- if (file_present && req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE
- && S_ISDIR(stat.mode) &&
- !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
+ if (file_present && req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE &&
+ S_ISDIR(stat.mode) && !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
ksmbd_debug(SMB, "open() argument is a directory: %s, %x\n",
name, req->CreateOptions);
rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY;
@@ -2812,21 +2769,21 @@ int smb2_open(struct ksmbd_work *work)
}
if (file_present && (req->CreateOptions & FILE_DIRECTORY_FILE_LE) &&
- !(req->CreateDisposition == FILE_CREATE_LE) &&
- !S_ISDIR(stat.mode)) {
+ !(req->CreateDisposition == FILE_CREATE_LE) &&
+ !S_ISDIR(stat.mode)) {
rsp->hdr.Status = STATUS_NOT_A_DIRECTORY;
rc = -EIO;
goto err_out;
}
if (!stream_name && file_present &&
- (req->CreateDisposition == FILE_CREATE_LE)) {
+ req->CreateDisposition == FILE_CREATE_LE) {
rc = -EEXIST;
goto err_out;
}
if (server_conf.flags & KSMBD_GLOBAL_FLAG_DURABLE_HANDLE &&
- file_present)
+ file_present)
file_present = ksmbd_close_inode_fds(work,
d_inode(path.dentry));
@@ -2889,10 +2846,10 @@ int smb2_open(struct ksmbd_work *work)
* because execute(search) permission on a parent directory,
* is already granted.
*/
- if (daccess & ~(FILE_READ_ATTRIBUTES_LE |
- FILE_READ_CONTROL_LE)) {
+ if (daccess & ~(FILE_READ_ATTRIBUTES_LE | FILE_READ_CONTROL_LE)) {
if (ksmbd_vfs_inode_permission(path.dentry,
- open_flags & O_ACCMODE, may_delete)) {
+ open_flags & O_ACCMODE,
+ may_delete)) {
rc = -EACCES;
goto err_out;
}
@@ -2922,8 +2879,9 @@ int smb2_open(struct ksmbd_work *work)
if ((req->CreateDisposition & FILE_CREATE_MASK_LE)
== FILE_SUPERSEDE_LE)
file_info = FILE_SUPERSEDED;
- } else if (open_flags & O_CREAT)
+ } else if (open_flags & O_CREAT) {
file_info = FILE_CREATED;
+ }
ksmbd_vfs_set_fadvise(filp, req->CreateOptions);
@@ -2959,7 +2917,7 @@ int smb2_open(struct ksmbd_work *work)
ksmbd_debug(SMB, "inherit posix acl failed : %d\n", posix_acl_rc);
if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_ACL_XATTR)) {
+ KSMBD_SHARE_FLAG_ACL_XATTR)) {
rc = smb_inherit_dacl(conn, path.dentry, sess->user->uid,
sess->user->gid);
}
@@ -2971,7 +2929,7 @@ int smb2_open(struct ksmbd_work *work)
ksmbd_vfs_set_init_posix_acl(inode);
if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_ACL_XATTR)) {
+ KSMBD_SHARE_FLAG_ACL_XATTR)) {
struct smb_fattr fattr;
struct smb_ntsd *pntsd;
int pntsd_size, ace_num;
@@ -2990,9 +2948,9 @@ int smb2_open(struct ksmbd_work *work)
}
pntsd = kmalloc(sizeof(struct smb_ntsd) +
- sizeof(struct smb_sid)*3 +
+ sizeof(struct smb_sid) * 3 +
sizeof(struct smb_acl) +
- sizeof(struct smb_ace)*ace_num*2,
+ sizeof(struct smb_ace) * ace_num * 2,
GFP_KERNEL);
if (!pntsd)
goto err_out;
@@ -3026,8 +2984,8 @@ int smb2_open(struct ksmbd_work *work)
fp->attrib_only = !(req->DesiredAccess & ~(FILE_READ_ATTRIBUTES_LE |
FILE_WRITE_ATTRIBUTES_LE | FILE_SYNCHRONIZE_LE));
- if (!S_ISDIR(file_inode(filp)->i_mode) && open_flags & O_TRUNC
- && !fp->attrib_only && !stream_name) {
+ if (!S_ISDIR(file_inode(filp)->i_mode) && open_flags & O_TRUNC &&
+ !fp->attrib_only && !stream_name) {
smb_break_all_oplock(work, fp);
need_truncate = 1;
}
@@ -3053,10 +3011,9 @@ int smb2_open(struct ksmbd_work *work)
}
share_ret = ksmbd_smb_check_shared_mode(fp->filp, fp);
- if (!test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_OPLOCKS) ||
- (req_op_level == SMB2_OPLOCK_LEVEL_LEASE &&
- !(conn->vals->capabilities & SMB2_GLOBAL_CAP_LEASING))) {
+ if (!test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_OPLOCKS) ||
+ (req_op_level == SMB2_OPLOCK_LEVEL_LEASE &&
+ !(conn->vals->capabilities & SMB2_GLOBAL_CAP_LEASING))) {
if (share_ret < 0 && !S_ISDIR(FP_INODE(fp)->i_mode)) {
rc = share_ret;
goto err_out;
@@ -3071,8 +3028,8 @@ int smb2_open(struct ksmbd_work *work)
if (rc)
goto err_out;
} else if (open_flags == O_RDONLY &&
- (req_op_level == SMB2_OPLOCK_LEVEL_BATCH ||
- req_op_level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
+ (req_op_level == SMB2_OPLOCK_LEVEL_BATCH ||
+ req_op_level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
req_op_level = SMB2_OPLOCK_LEVEL_II;
rc = smb_grant_oplock(work, req_op_level,
@@ -3117,11 +3074,9 @@ int smb2_open(struct ksmbd_work *work)
err);
}
- context = smb2_find_context_vals(req,
- SMB2_CREATE_QUERY_ON_DISK_ID);
+ context = smb2_find_context_vals(req, SMB2_CREATE_QUERY_ON_DISK_ID);
if (IS_ERR(context)) {
- rc = check_context_err(context,
- SMB2_CREATE_QUERY_ON_DISK_ID);
+ rc = check_context_err(context, SMB2_CREATE_QUERY_ON_DISK_ID);
if (rc < 0)
goto err_out;
} else {
@@ -3146,8 +3101,7 @@ int smb2_open(struct ksmbd_work *work)
memcpy(fp->client_guid, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE);
if (d_info.type) {
- if (d_info.type == DURABLE_REQ_V2 &&
- d_info.persistent)
+ if (d_info.type == DURABLE_REQ_V2 && d_info.persistent)
fp->is_persistent = 1;
else
fp->is_durable = 1;
@@ -3160,8 +3114,7 @@ int smb2_open(struct ksmbd_work *work)
else
fp->durable_timeout = 1600;
if (d_info.app_id)
- memcpy(fp->app_instance_id,
- d_info.app_id, 16);
+ memcpy(fp->app_instance_id, d_info.app_id, 16);
}
}
@@ -3457,10 +3410,8 @@ static int dentry_name(struct ksmbd_dir_info *d_info, int info_level)
*
* Return: 0 on success, otherwise error
*/
-static int smb2_populate_readdir_entry(struct ksmbd_conn *conn,
- int info_level,
- struct ksmbd_dir_info *d_info,
- struct ksmbd_kstat *ksmbd_kstat)
+static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
+ struct ksmbd_dir_info *d_info, struct ksmbd_kstat *ksmbd_kstat)
{
int next_entry_offset = 0;
char *conv_name;
@@ -3710,7 +3661,7 @@ static int process_query_dir_entries(struct smb2_query_dir_private *priv)
}
static int reserve_populate_dentry(struct ksmbd_dir_info *d_info,
- int info_level)
+ int info_level)
{
int struct_sz;
int conv_len;
@@ -3816,12 +3767,8 @@ static int reserve_populate_dentry(struct ksmbd_dir_info *d_info,
return 0;
}
-static int __query_dir(struct dir_context *ctx,
- const char *name,
- int namlen,
- loff_t offset,
- u64 ino,
- unsigned int d_type)
+static int __query_dir(struct dir_context *ctx, const char *name, int namlen,
+ loff_t offset, u64 ino, unsigned int d_type)
{
struct ksmbd_readdir_data *buf;
struct smb2_query_dir_private *priv;
@@ -3913,8 +3860,7 @@ int smb2_query_dir(struct ksmbd_work *work)
}
if (!(dir_fp->daccess & FILE_LIST_DIRECTORY_LE) ||
- inode_permission(&init_user_ns, file_inode(dir_fp->filp),
- MAY_READ | MAY_EXEC)) {
+ inode_permission(&init_user_ns, file_inode(dir_fp->filp), MAY_READ | MAY_EXEC)) {
ksmbd_err("no right to enumerate directory (%s)\n",
FP_FILENAME(dir_fp));
rc = -EACCES;
@@ -3935,8 +3881,9 @@ int smb2_query_dir(struct ksmbd_work *work)
ksmbd_debug(SMB, "Search Pattern not found\n");
rc = -EINVAL;
goto err_out2;
- } else
+ } else {
ksmbd_debug(SMB, "Search pattern is %s\n", srch_ptr);
+ }
ksmbd_debug(SMB, "Directory name is %s\n", dir_fp->filename);
@@ -3949,11 +3896,9 @@ int smb2_query_dir(struct ksmbd_work *work)
memset(&d_info, 0, sizeof(struct ksmbd_dir_info));
d_info.wptr = (char *)rsp->Buffer;
d_info.rptr = (char *)rsp->Buffer;
- d_info.out_buf_len = (work->response_sz -
- (get_rfc1002_len(rsp_org) + 4));
+ d_info.out_buf_len = (work->response_sz - (get_rfc1002_len(rsp_org) + 4));
d_info.out_buf_len = min_t(int, d_info.out_buf_len,
- le32_to_cpu(req->OutputBufferLength)) -
- sizeof(struct smb2_query_directory_rsp);
+ le32_to_cpu(req->OutputBufferLength)) - sizeof(struct smb2_query_directory_rsp);
d_info.flags = srch_flag;
/*
@@ -3995,9 +3940,9 @@ int smb2_query_dir(struct ksmbd_work *work)
goto err_out;
if (!d_info.data_count && d_info.out_buf_len >= 0) {
- if (srch_flag & SMB2_RETURN_SINGLE_ENTRY && !is_asterisk(srch_ptr))
+ if (srch_flag & SMB2_RETURN_SINGLE_ENTRY && !is_asterisk(srch_ptr)) {
rsp->hdr.Status = STATUS_NO_SUCH_FILE;
- else {
+ } else {
dir_fp->dot_dotdot[0] = dir_fp->dot_dotdot[1] = 0;
rsp->hdr.Status = STATUS_NO_MORE_FILES;
}
@@ -4057,24 +4002,21 @@ int smb2_query_dir(struct ksmbd_work *work)
* Return: 0 on success, otherwise error
*/
static int buffer_check_err(int reqOutputBufferLength,
- struct smb2_query_info_rsp *rsp, int infoclass_size)
+ struct smb2_query_info_rsp *rsp, int infoclass_size)
{
if (reqOutputBufferLength < le32_to_cpu(rsp->OutputBufferLength)) {
if (reqOutputBufferLength < infoclass_size) {
ksmbd_err("Invalid Buffer Size Requested\n");
rsp->hdr.Status = STATUS_INFO_LENGTH_MISMATCH;
- rsp->hdr.smb2_buf_length = cpu_to_be32(
- sizeof(struct smb2_hdr) - 4);
+ rsp->hdr.smb2_buf_length = cpu_to_be32(sizeof(struct smb2_hdr) - 4);
return -EINVAL;
}
ksmbd_debug(SMB, "Buffer Overflow\n");
rsp->hdr.Status = STATUS_BUFFER_OVERFLOW;
- rsp->hdr.smb2_buf_length = cpu_to_be32(
- sizeof(struct smb2_hdr) - 4
- + reqOutputBufferLength);
- rsp->OutputBufferLength = cpu_to_le32(
- reqOutputBufferLength);
+ rsp->hdr.smb2_buf_length = cpu_to_be32(sizeof(struct smb2_hdr) - 4 +
+ reqOutputBufferLength);
+ rsp->OutputBufferLength = cpu_to_le32(reqOutputBufferLength);
}
return 0;
}
@@ -4096,7 +4038,7 @@ static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp)
}
static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp,
- uint64_t num)
+ u64 num)
{
struct smb2_file_internal_info *file_info;
@@ -4110,9 +4052,10 @@ static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp,
}
static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
- struct smb2_query_info_req *req, struct smb2_query_info_rsp *rsp)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp)
{
- uint64_t id;
+ u64 id;
int rc;
/*
@@ -4155,11 +4098,9 @@ static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
*
* Return: 0 on success, otherwise error
*/
-static int smb2_get_ea(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp,
- void *rsp_org)
+static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct smb2_ea_info *eainfo, *prev_eainfo;
char *name, *ptr, *xattr_list = NULL, *buf;
@@ -4176,9 +4117,9 @@ static int smb2_get_ea(struct ksmbd_work *work,
path = &fp->filp->f_path;
/* single EA entry is requested with given user.* name */
- if (req->InputBufferLength)
+ if (req->InputBufferLength) {
ea_req = (struct smb2_ea_info_req *)req->Buffer;
- else {
+ } else {
/* need to send all EAs, if no specific EA is requested*/
if (le32_to_cpu(req->Flags) & SL_RETURN_SINGLE_ENTRY)
ksmbd_debug(SMB,
@@ -4224,16 +4165,16 @@ static int smb2_get_ea(struct ksmbd_work *work,
continue;
if (!strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX,
- STREAM_PREFIX_LEN))
+ STREAM_PREFIX_LEN))
continue;
if (req->InputBufferLength &&
- (strncmp(&name[XATTR_USER_PREFIX_LEN],
- ea_req->name, ea_req->EaNameLength)))
+ strncmp(&name[XATTR_USER_PREFIX_LEN], ea_req->name,
+ ea_req->EaNameLength))
continue;
if (!strncmp(&name[XATTR_USER_PREFIX_LEN],
- DOS_ATTRIBUTE_PREFIX, DOS_ATTRIBUTE_PREFIX_LEN))
+ DOS_ATTRIBUTE_PREFIX, DOS_ATTRIBUTE_PREFIX_LEN))
continue;
if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
@@ -4263,8 +4204,7 @@ static int smb2_get_ea(struct ksmbd_work *work,
eainfo->Flags = 0;
eainfo->EaNameLength = name_len;
- if (!strncmp(name, XATTR_USER_PREFIX,
- XATTR_USER_PREFIX_LEN))
+ if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
memcpy(eainfo->name, &name[XATTR_USER_PREFIX_LEN],
name_len);
else
@@ -4308,8 +4248,7 @@ static int smb2_get_ea(struct ksmbd_work *work,
}
static void get_file_access_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_access_info *file_info;
@@ -4321,8 +4260,7 @@ static void get_file_access_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_all_info *basic_info;
struct kstat stat;
@@ -4346,8 +4284,7 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
basic_info->Attributes = fp->f_ci->m_fattr;
basic_info->Pad1 = 0;
rsp->OutputBufferLength =
- cpu_to_le32(offsetof(struct smb2_file_all_info,
- AllocationSize));
+ cpu_to_le32(offsetof(struct smb2_file_all_info, AllocationSize));
inc_rfc1001_len(rsp_org, offsetof(struct smb2_file_all_info,
AllocationSize));
return 0;
@@ -4363,15 +4300,13 @@ static unsigned long long get_allocation_size(struct inode *inode,
alloc_size = stat->size;
else
alloc_size = inode->i_blocks << 9;
-
}
return alloc_size;
}
static void get_file_standard_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_standard_info *sinfo;
unsigned int delete_pending;
@@ -4396,7 +4331,7 @@ static void get_file_standard_info(struct smb2_query_info_rsp *rsp,
}
static void get_file_alignment_info(struct smb2_query_info_rsp *rsp,
- void *rsp_org)
+ void *rsp_org)
{
struct smb2_file_alignment_info *file_info;
@@ -4409,9 +4344,8 @@ static void get_file_alignment_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_all_info(struct ksmbd_work *work,
- struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct smb2_query_info_rsp *rsp, struct ksmbd_file *fp,
+ void *rsp_org)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_file_all_info *file_info;
@@ -4478,9 +4412,8 @@ static int get_file_all_info(struct ksmbd_work *work,
}
static void get_file_alternate_info(struct ksmbd_work *work,
- struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct smb2_query_info_rsp *rsp, struct ksmbd_file *fp,
+ void *rsp_org)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_file_alt_name_info *file_info;
@@ -4499,9 +4432,8 @@ static void get_file_alternate_info(struct ksmbd_work *work,
}
static void get_file_stream_info(struct ksmbd_work *work,
- struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct smb2_query_info_rsp *rsp, struct ksmbd_file *fp,
+ void *rsp_org)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_file_stream_info *file_info;
@@ -4530,7 +4462,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
ksmbd_debug(SMB, "%s, len %d\n", stream_name, streamlen);
if (strncmp(&stream_name[XATTR_USER_PREFIX_LEN],
- STREAM_PREFIX, STREAM_PREFIX_LEN))
+ STREAM_PREFIX, STREAM_PREFIX_LEN))
continue;
stream_name_len = streamlen - (XATTR_USER_PREFIX_LEN +
@@ -4588,8 +4520,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
}
static void get_file_internal_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_internal_info *file_info;
struct kstat stat;
@@ -4603,8 +4534,7 @@ static void get_file_internal_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_network_open_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_ntwrk_info *file_info;
struct inode *inode;
@@ -4640,8 +4570,7 @@ static int get_file_network_open_info(struct smb2_query_info_rsp *rsp,
return 0;
}
-static void get_file_ea_info(struct smb2_query_info_rsp *rsp,
- void *rsp_org)
+static void get_file_ea_info(struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct smb2_file_ea_info *file_info;
@@ -4653,8 +4582,7 @@ static void get_file_ea_info(struct smb2_query_info_rsp *rsp,
}
static void get_file_position_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_pos_info *file_info;
@@ -4666,8 +4594,7 @@ static void get_file_position_info(struct smb2_query_info_rsp *rsp,
}
static void get_file_mode_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_mode_info *file_info;
@@ -4679,8 +4606,7 @@ static void get_file_mode_info(struct smb2_query_info_rsp *rsp,
}
static void get_file_compression_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_comp_info *file_info;
struct kstat stat;
@@ -4701,8 +4627,7 @@ static void get_file_compression_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_attribute_tag_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_attr_tag_info *file_info;
@@ -4723,8 +4648,7 @@ static int get_file_attribute_tag_info(struct smb2_query_info_rsp *rsp,
}
static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp,
- void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb311_posix_qinfo *file_info;
struct inode *inode = FP_INODE(fp);
@@ -4747,15 +4671,13 @@ static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
file_info->DeviceId = cpu_to_le32(inode->i_rdev);
rsp->OutputBufferLength =
cpu_to_le32(sizeof(struct smb311_posix_qinfo));
- inc_rfc1001_len(rsp_org,
- sizeof(struct smb311_posix_qinfo));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb311_posix_qinfo));
return 0;
}
static int smb2_get_info_file(struct ksmbd_work *work,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp,
- void *rsp_org)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct ksmbd_file *fp;
int fileinfoclass = 0;
@@ -4764,7 +4686,7 @@ static int smb2_get_info_file(struct ksmbd_work *work,
unsigned int id = KSMBD_NO_FID, pid = KSMBD_NO_FID;
if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_PIPE)) {
+ KSMBD_SHARE_FLAG_PIPE)) {
/* smb2 info file called for pipe */
return smb2_get_info_file_pipe(work->sess, req, rsp);
}
@@ -4887,9 +4809,8 @@ static int smb2_get_info_file(struct ksmbd_work *work,
}
static int smb2_get_info_filesystem(struct ksmbd_work *work,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp,
- void *rsp_org)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct ksmbd_session *sess = work->sess;
struct ksmbd_conn *conn = sess->conn;
@@ -5029,9 +4950,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->extended_info.version = cpu_to_le32(1);
info->extended_info.release = cpu_to_le32(1);
info->extended_info.rel_date = 0;
- memcpy(info->extended_info.version_string,
- "1.1.0",
- strlen("1.1.0"));
+ memcpy(info->extended_info.version_string, "1.1.0", strlen("1.1.0"));
rsp->OutputBufferLength = cpu_to_le32(64);
inc_rfc1001_len(rsp_org, 64);
fs_infoclass_size = FS_OBJECT_ID_INFORMATION_SIZE;
@@ -5121,8 +5040,8 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
}
static int smb2_get_info_sec(struct ksmbd_work *work,
- struct smb2_query_info_req *req, struct smb2_query_info_rsp *rsp,
- void *rsp_org)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct ksmbd_file *fp;
struct smb_ntsd *pntsd = (struct smb_ntsd *)rsp->Buffer, *ppntsd = NULL;
@@ -5162,7 +5081,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
fattr.cf_dacls = ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_ACL_XATTR))
+ KSMBD_SHARE_FLAG_ACL_XATTR))
ksmbd_vfs_get_sd_xattr(work->conn, fp->filp->f_path.dentry, &ppntsd);
rc = build_sec_desc(pntsd, ppntsd, addition_info, &secdesclen, &fattr);
@@ -5243,7 +5162,7 @@ int smb2_query_info(struct ksmbd_work *work)
*/
static noinline int smb2_close_pipe(struct ksmbd_work *work)
{
- uint64_t id;
+ u64 id;
struct smb2_close_req *req = work->request_buf;
struct smb2_close_rsp *rsp = work->response_buf;
@@ -5273,7 +5192,7 @@ static noinline int smb2_close_pipe(struct ksmbd_work *work)
int smb2_close(struct ksmbd_work *work)
{
unsigned int volatile_id = KSMBD_NO_FID;
- uint64_t sess_id;
+ u64 sess_id;
struct smb2_close_req *req;
struct smb2_close_rsp *rsp;
struct smb2_close_rsp *rsp_org;
@@ -5297,9 +5216,9 @@ int smb2_close(struct ksmbd_work *work)
sess_id = work->compound_sid;
work->compound_sid = 0;
- if (check_session_id(conn, sess_id))
+ if (check_session_id(conn, sess_id)) {
work->compound_sid = sess_id;
- else {
+ } else {
rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
if (req->hdr.Flags & SMB2_FLAGS_RELATED_OPERATIONS)
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
@@ -5308,7 +5227,7 @@ int smb2_close(struct ksmbd_work *work)
}
if (work->next_smb2_rcv_hdr_off &&
- !HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
+ !HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
if (!HAS_FILE_ID(work->compound_fid)) {
/* file already closed, return FILE_CLOSED */
ksmbd_debug(SMB, "file already closed\n");
@@ -5395,8 +5314,8 @@ int smb2_echo(struct ksmbd_work *work)
}
static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
- struct smb2_file_rename_info *file_info,
- struct nls_table *local_nls)
+ struct smb2_file_rename_info *file_info,
+ struct nls_table *local_nls)
{
struct ksmbd_share_config *share = fp->tcon->share_conf;
char *new_name = NULL, *abs_oldname = NULL, *old_name = NULL;
@@ -5416,9 +5335,9 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
goto out;
}
old_name = strrchr(abs_oldname, '/');
- if (old_name && old_name[1] != '\0')
+ if (old_name && old_name[1] != '\0') {
old_name++;
- else {
+ } else {
ksmbd_debug(SMB, "can't get last component in path %s\n",
abs_oldname);
rc = -ENOENT;
@@ -5497,8 +5416,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
}
} else {
if (file_present &&
- strncmp(old_name, path.dentry->d_name.name,
- strlen(old_name))) {
+ strncmp(old_name, path.dentry->d_name.name, strlen(old_name))) {
rc = -EEXIST;
ksmbd_debug(SMB,
"cannot rename already existing file\n");
@@ -5515,10 +5433,9 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
}
static int smb2_create_link(struct ksmbd_work *work,
- struct ksmbd_share_config *share,
- struct smb2_file_link_info *file_info,
- struct file *filp,
- struct nls_table *local_nls)
+ struct ksmbd_share_config *share,
+ struct smb2_file_link_info *file_info, struct file *filp,
+ struct nls_table *local_nls)
{
char *link_name = NULL, *target_name = NULL, *pathname = NULL;
struct path path;
@@ -5586,9 +5503,8 @@ static bool is_attributes_write_allowed(struct ksmbd_file *fp)
return fp->daccess & FILE_WRITE_ATTRIBUTES_LE;
}
-static int set_file_basic_info(struct ksmbd_file *fp,
- char *buf,
- struct ksmbd_share_config *share)
+static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
+ struct ksmbd_share_config *share)
{
struct smb2_file_all_info *file_info;
struct iattr attrs;
@@ -5617,8 +5533,9 @@ static int set_file_basic_info(struct ksmbd_file *fp,
temp_attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);
attrs.ia_ctime = temp_attrs.ia_ctime;
attrs.ia_valid |= ATTR_CTIME;
- } else
+ } else {
temp_attrs.ia_ctime = inode->i_ctime;
+ }
if (file_info->LastWriteTime) {
attrs.ia_mtime = ksmbd_NTtimeToUnix(file_info->LastWriteTime);
@@ -5627,7 +5544,7 @@ static int set_file_basic_info(struct ksmbd_file *fp,
if (file_info->Attributes) {
if (!S_ISDIR(inode->i_mode) &&
- file_info->Attributes & ATTR_DIRECTORY_LE) {
+ file_info->Attributes & ATTR_DIRECTORY_LE) {
ksmbd_err("can't change a file to a directory\n");
return -EINVAL;
}
@@ -5683,8 +5600,7 @@ static int set_file_basic_info(struct ksmbd_file *fp,
}
static int set_file_allocation_info(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- char *buf)
+ struct ksmbd_file *fp, char *buf)
{
/*
* TODO : It's working fine only when store dos attributes
@@ -5733,9 +5649,8 @@ static int set_file_allocation_info(struct ksmbd_work *work,
return 0;
}
-static int set_end_of_file_info(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- char *buf)
+static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
+ char *buf)
{
struct smb2_file_eof_info *file_eof_info;
loff_t newsize;
@@ -5761,8 +5676,7 @@ static int set_end_of_file_info(struct ksmbd_work *work,
fp->filename, newsize);
rc = ksmbd_vfs_truncate(work, NULL, fp, newsize);
if (rc) {
- ksmbd_debug(SMB,
- "truncate failed! filename : %s err %d\n",
+ ksmbd_debug(SMB, "truncate failed! filename : %s err %d\n",
fp->filename, rc);
if (rc != -EAGAIN)
rc = -EBADF;
@@ -5772,9 +5686,8 @@ static int set_end_of_file_info(struct ksmbd_work *work,
return 0;
}
-static int set_rename_info(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- char *buf)
+static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
+ char *buf)
{
struct ksmbd_file *parent_fp;
@@ -5799,8 +5712,7 @@ static int set_rename_info(struct ksmbd_work *work,
work->sess->conn->local_nls);
}
-static int set_file_disposition_info(struct ksmbd_file *fp,
- char *buf)
+static int set_file_disposition_info(struct ksmbd_file *fp, char *buf)
{
struct smb2_file_disposition_info *file_info;
struct inode *inode;
@@ -5814,7 +5726,7 @@ static int set_file_disposition_info(struct ksmbd_file *fp,
file_info = (struct smb2_file_disposition_info *)buf;
if (file_info->DeletePending) {
if (S_ISDIR(inode->i_mode) &&
- ksmbd_vfs_empty_dir(fp) == -ENOTEMPTY)
+ ksmbd_vfs_empty_dir(fp) == -ENOTEMPTY)
return -EBUSY;
ksmbd_set_inode_pending_delete(fp);
} else {
@@ -5823,8 +5735,7 @@ static int set_file_disposition_info(struct ksmbd_file *fp,
return 0;
}
-static int set_file_position_info(struct ksmbd_file *fp,
- char *buf)
+static int set_file_position_info(struct ksmbd_file *fp, char *buf)
{
struct smb2_file_pos_info *file_info;
loff_t current_byte_offset;
@@ -5837,8 +5748,8 @@ static int set_file_position_info(struct ksmbd_file *fp,
sector_size = ksmbd_vfs_logical_sector_size(inode);
if (current_byte_offset < 0 ||
- (fp->coption == FILE_NO_INTERMEDIATE_BUFFERING_LE &&
- current_byte_offset & (sector_size-1))) {
+ (fp->coption == FILE_NO_INTERMEDIATE_BUFFERING_LE &&
+ current_byte_offset & (sector_size - 1))) {
ksmbd_err("CurrentByteOffset is not valid : %llu\n",
current_byte_offset);
return -EINVAL;
@@ -5848,8 +5759,7 @@ static int set_file_position_info(struct ksmbd_file *fp,
return 0;
}
-static int set_file_mode_info(struct ksmbd_file *fp,
- char *buf)
+static int set_file_mode_info(struct ksmbd_file *fp, char *buf)
{
struct smb2_file_mode_info *file_info;
__le32 mode;
@@ -5857,9 +5767,9 @@ static int set_file_mode_info(struct ksmbd_file *fp,
file_info = (struct smb2_file_mode_info *)buf;
mode = file_info->Mode;
- if ((mode & (~FILE_MODE_INFO_MASK)) ||
- (mode & FILE_SYNCHRONOUS_IO_ALERT_LE &&
- mode & FILE_SYNCHRONOUS_IO_NONALERT_LE)) {
+ if ((mode & ~FILE_MODE_INFO_MASK) ||
+ (mode & FILE_SYNCHRONOUS_IO_ALERT_LE &&
+ mode & FILE_SYNCHRONOUS_IO_NONALERT_LE)) {
ksmbd_err("Mode is not valid : 0x%x\n", le32_to_cpu(mode));
return -EINVAL;
}
@@ -5883,11 +5793,8 @@ static int set_file_mode_info(struct ksmbd_file *fp,
* Return: 0 on success, otherwise error
* TODO: need to implement an error handling for STATUS_INFO_LENGTH_MISMATCH
*/
-static int smb2_set_info_file(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- int info_class,
- char *buf,
- struct ksmbd_share_config *share)
+static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
+ int info_class, char *buf, struct ksmbd_share_config *share)
{
switch (info_class) {
case FILE_BASIC_INFORMATION:
@@ -5900,8 +5807,7 @@ static int smb2_set_info_file(struct ksmbd_work *work,
return set_end_of_file_info(work, fp, buf);
case FILE_RENAME_INFORMATION:
- if (!test_tree_conn_flag(work->tcon,
- KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
"User does not have write permission\n");
return -EACCES;
@@ -5914,8 +5820,7 @@ static int smb2_set_info_file(struct ksmbd_work *work,
work->sess->conn->local_nls);
case FILE_DISPOSITION_INFORMATION:
- if (!test_tree_conn_flag(work->tcon,
- KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
"User does not have write permission\n");
return -EACCES;
@@ -5945,10 +5850,8 @@ static int smb2_set_info_file(struct ksmbd_work *work,
return -EOPNOTSUPP;
}
-static int smb2_set_info_sec(struct ksmbd_file *fp,
- int addition_info,
- char *buffer,
- int buf_len)
+static int smb2_set_info_sec(struct ksmbd_file *fp, int addition_info,
+ char *buffer, int buf_len)
{
struct smb_ntsd *pntsd = (struct smb_ntsd *)buffer;
@@ -6060,7 +5963,7 @@ int smb2_set_info(struct ksmbd_work *work)
static noinline int smb2_read_pipe(struct ksmbd_work *work)
{
int nbytes = 0, err;
- uint64_t id;
+ u64 id;
struct ksmbd_rpc_command *rpc_resp;
struct smb2_read_req *req = work->request_buf;
struct smb2_read_rsp *rsp = work->response_buf;
@@ -6108,30 +6011,27 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
}
static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work,
- struct smb2_read_req *req,
- void *data_buf, size_t length)
+ struct smb2_read_req *req, void *data_buf, size_t length)
{
struct smb2_buffer_desc_v1 *desc =
(struct smb2_buffer_desc_v1 *)&req->Buffer[0];
int err;
- if (work->conn->dialect == SMB30_PROT_ID
- && req->Channel != SMB2_CHANNEL_RDMA_V1)
+ if (work->conn->dialect == SMB30_PROT_ID &&
+ req->Channel != SMB2_CHANNEL_RDMA_V1)
return -EINVAL;
- if (req->ReadChannelInfoOffset == 0
- || le16_to_cpu(req->ReadChannelInfoLength) < sizeof(*desc))
+ if (req->ReadChannelInfoOffset == 0 ||
+ le16_to_cpu(req->ReadChannelInfoLength) < sizeof(*desc))
return -EINVAL;
work->need_invalidate_rkey =
(req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
work->remote_key = le32_to_cpu(desc->token);
- err = ksmbd_conn_rdma_write(work->conn,
- data_buf, length,
- le32_to_cpu(desc->token),
- le64_to_cpu(desc->offset),
- le32_to_cpu(desc->length));
+ err = ksmbd_conn_rdma_write(work->conn, data_buf, length,
+ le32_to_cpu(desc->token), le64_to_cpu(desc->offset),
+ le32_to_cpu(desc->length));
if (err)
return err;
@@ -6226,7 +6126,7 @@ int smb2_read(struct ksmbd_work *work)
nbytes, offset, mincount);
if (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE ||
- req->Channel == SMB2_CHANNEL_RDMA_V1) {
+ req->Channel == SMB2_CHANNEL_RDMA_V1) {
/* write data to the client using rdma channel */
remain_bytes = smb2_read_rdma_channel(work, req,
work->aux_payload_buf, nbytes);
@@ -6290,7 +6190,7 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
struct smb2_write_req *req = work->request_buf;
struct smb2_write_rsp *rsp = work->response_buf;
struct ksmbd_rpc_command *rpc_resp;
- uint64_t id = 0;
+ u64 id = 0;
int err = 0, ret = 0;
char *data_buf;
size_t length;
@@ -6299,15 +6199,13 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
id = le64_to_cpu(req->VolatileFileId);
if (le16_to_cpu(req->DataOffset) ==
- (offsetof(struct smb2_write_req, Buffer) - 4)) {
+ (offsetof(struct smb2_write_req, Buffer) - 4)) {
data_buf = (char *)&req->Buffer[0];
} else {
if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
- (le16_to_cpu(req->DataOffset) +
- length > get_rfc1002_len(req))) {
+ (le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
ksmbd_err("invalid write data offset %u, smb_len %u\n",
- le16_to_cpu(req->DataOffset),
- get_rfc1002_len(req));
+ le16_to_cpu(req->DataOffset), get_rfc1002_len(req));
err = -EINVAL;
goto out;
}
@@ -6351,8 +6249,8 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
}
static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
- struct smb2_write_req *req, struct ksmbd_file *fp,
- loff_t offset, size_t length, bool sync)
+ struct smb2_write_req *req, struct ksmbd_file *fp,
+ loff_t offset, size_t length, bool sync)
{
struct smb2_buffer_desc_v1 *desc;
char *data_buf;
@@ -6362,14 +6260,14 @@ static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
desc = (struct smb2_buffer_desc_v1 *)&req->Buffer[0];
if (work->conn->dialect == SMB30_PROT_ID &&
- req->Channel != SMB2_CHANNEL_RDMA_V1)
+ req->Channel != SMB2_CHANNEL_RDMA_V1)
return -EINVAL;
if (req->Length != 0 || req->DataOffset != 0)
return -EINVAL;
- if (req->WriteChannelInfoOffset == 0
- || le16_to_cpu(req->WriteChannelInfoLength) < sizeof(*desc))
+ if (req->WriteChannelInfoOffset == 0 ||
+ le16_to_cpu(req->WriteChannelInfoLength) < sizeof(*desc))
return -EINVAL;
work->need_invalidate_rkey =
@@ -6384,15 +6282,12 @@ static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
le32_to_cpu(desc->token),
le64_to_cpu(desc->offset),
le32_to_cpu(desc->length));
-
if (ret < 0) {
ksmbd_free_response(data_buf);
return ret;
}
- ret = ksmbd_vfs_write(work, fp, data_buf, length, &offset,
- sync, &nbytes);
-
+ ret = ksmbd_vfs_write(work, fp, data_buf, length, &offset, sync, &nbytes);
ksmbd_free_response(data_buf);
if (ret < 0)
return ret;
@@ -6421,8 +6316,7 @@ int smb2_write(struct ksmbd_work *work)
rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
- if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_PIPE)) {
+ if (test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_PIPE)) {
ksmbd_debug(SMB, "IPC pipe write request\n");
return smb2_write_pipe(work);
}
@@ -6433,9 +6327,8 @@ int smb2_write(struct ksmbd_work *work)
goto out;
}
- fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ fp = ksmbd_lookup_fd_slow(work, le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
if (!fp) {
rsp->hdr.Status = STATUS_FILE_CLOSED;
return -ENOENT;
@@ -6461,16 +6354,13 @@ int smb2_write(struct ksmbd_work *work)
writethrough = true;
if (req->Channel != SMB2_CHANNEL_RDMA_V1 &&
- req->Channel != SMB2_CHANNEL_RDMA_V1_INVALIDATE) {
-
+ req->Channel != SMB2_CHANNEL_RDMA_V1_INVALIDATE) {
if (le16_to_cpu(req->DataOffset) ==
(offsetof(struct smb2_write_req, Buffer) - 4)) {
data_buf = (char *)&req->Buffer[0];
} else {
- if ((le16_to_cpu(req->DataOffset) >
- get_rfc1002_len(req)) ||
- (le16_to_cpu(req->DataOffset) +
- length > get_rfc1002_len(req))) {
+ if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
+ (le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
ksmbd_err("invalid write data offset %u, smb_len %u\n",
le16_to_cpu(req->DataOffset),
get_rfc1002_len(req));
@@ -6603,7 +6493,7 @@ int smb2_cancel(struct ksmbd_work *work)
chdr = cancel_work->request_buf;
if (cancel_work->async_id !=
- le64_to_cpu(hdr->Id.AsyncId))
+ le64_to_cpu(hdr->Id.AsyncId))
continue;
ksmbd_debug(SMB,
@@ -6624,7 +6514,7 @@ int smb2_cancel(struct ksmbd_work *work)
chdr = cancel_work->request_buf;
if (chdr->MessageId != hdr->MessageId ||
- cancel_work == work)
+ cancel_work == work)
continue;
ksmbd_debug(SMB,
@@ -6687,13 +6577,13 @@ static int smb2_set_flock_flags(struct file_lock *flock, int flags)
flock->fl_type = F_WRLCK;
flock->fl_flags |= FL_SLEEP;
break;
- case SMB2_LOCKFLAG_SHARED|SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
+ case SMB2_LOCKFLAG_SHARED | SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
ksmbd_debug(SMB,
"received shared & fail immediately request\n");
cmd = F_SETLK;
flock->fl_type = F_RDLCK;
break;
- case SMB2_LOCKFLAG_EXCLUSIVE|SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
+ case SMB2_LOCKFLAG_EXCLUSIVE | SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
ksmbd_debug(SMB,
"received exclusive & fail immediately request\n");
cmd = F_SETLK;
@@ -6710,7 +6600,7 @@ static int smb2_set_flock_flags(struct file_lock *flock, int flags)
}
static struct ksmbd_lock *smb2_lock_init(struct file_lock *flock,
- unsigned int cmd, int flags, struct list_head *lock_list)
+ unsigned int cmd, int flags, struct list_head *lock_list)
{
struct ksmbd_lock *lock;
@@ -6764,7 +6654,7 @@ int smb2_lock(struct ksmbd_work *work)
int flags = 0;
int cmd = 0;
int err = 0, i;
- uint64_t lock_length;
+ u64 lock_length;
struct ksmbd_lock *smb_lock = NULL, *cmp_lock, *tmp;
int nolock = 0;
LIST_HEAD(lock_list);
@@ -6773,8 +6663,8 @@ int smb2_lock(struct ksmbd_work *work)
ksmbd_debug(SMB, "Received lock request\n");
fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
if (!fp) {
ksmbd_debug(SMB, "Invalid file id for lock : %llu\n",
le64_to_cpu(req->VolatileFileId));
@@ -6812,16 +6702,16 @@ int smb2_lock(struct ksmbd_work *work)
lock_length = le64_to_cpu(lock_ele[i].Length);
if (lock_length > 0) {
- if (lock_length >
- OFFSET_MAX - flock->fl_start) {
+ if (lock_length > OFFSET_MAX - flock->fl_start) {
ksmbd_debug(SMB,
"Invalid lock range requested\n");
lock_length = OFFSET_MAX - flock->fl_start;
rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
goto out;
}
- } else
+ } else {
lock_length = 0;
+ }
flock->fl_end = flock->fl_start + lock_length;
@@ -6836,9 +6726,9 @@ int smb2_lock(struct ksmbd_work *work)
/* Check conflict locks in one request */
list_for_each_entry(cmp_lock, &lock_list, llist) {
if (cmp_lock->fl->fl_start <= flock->fl_start &&
- cmp_lock->fl->fl_end >= flock->fl_end) {
+ cmp_lock->fl->fl_end >= flock->fl_end) {
if (cmp_lock->fl->fl_type != F_UNLCK &&
- flock->fl_type != F_UNLCK) {
+ flock->fl_type != F_UNLCK) {
ksmbd_err("conflict two locks in one request\n");
rsp->hdr.Status =
STATUS_INVALID_PARAMETER;
@@ -6865,11 +6755,10 @@ int smb2_lock(struct ksmbd_work *work)
goto out;
}
- if ((prior_lock & (SMB2_LOCKFLAG_EXCLUSIVE |
- SMB2_LOCKFLAG_SHARED) &&
- smb_lock->flags & SMB2_LOCKFLAG_UNLOCK) ||
- (prior_lock == SMB2_LOCKFLAG_UNLOCK &&
- !(smb_lock->flags & SMB2_LOCKFLAG_UNLOCK))) {
+ if ((prior_lock & (SMB2_LOCKFLAG_EXCLUSIVE | SMB2_LOCKFLAG_SHARED) &&
+ smb_lock->flags & SMB2_LOCKFLAG_UNLOCK) ||
+ (prior_lock == SMB2_LOCKFLAG_UNLOCK &&
+ !(smb_lock->flags & SMB2_LOCKFLAG_UNLOCK))) {
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
goto out;
}
@@ -6877,22 +6766,21 @@ int smb2_lock(struct ksmbd_work *work)
prior_lock = smb_lock->flags;
if (!(smb_lock->flags & SMB2_LOCKFLAG_UNLOCK) &&
- !(smb_lock->flags & SMB2_LOCKFLAG_FAIL_IMMEDIATELY))
+ !(smb_lock->flags & SMB2_LOCKFLAG_FAIL_IMMEDIATELY))
goto no_check_gl;
nolock = 1;
/* check locks in global list */
list_for_each_entry(cmp_lock, &global_lock_list, glist) {
if (file_inode(cmp_lock->fl->fl_file) !=
- file_inode(smb_lock->fl->fl_file))
+ file_inode(smb_lock->fl->fl_file))
continue;
if (smb_lock->fl->fl_type == F_UNLCK) {
- if (cmp_lock->fl->fl_file ==
- smb_lock->fl->fl_file &&
- cmp_lock->start == smb_lock->start &&
- cmp_lock->end == smb_lock->end &&
- !lock_defer_pending(cmp_lock->fl)) {
+ if (cmp_lock->fl->fl_file == smb_lock->fl->fl_file &&
+ cmp_lock->start == smb_lock->start &&
+ cmp_lock->end == smb_lock->end &&
+ !lock_defer_pending(cmp_lock->fl)) {
nolock = 0;
locks_free_lock(cmp_lock->fl);
list_del(&cmp_lock->glist);
@@ -6912,26 +6800,25 @@ int smb2_lock(struct ksmbd_work *work)
/* check zero byte lock range */
if (cmp_lock->zero_len && !smb_lock->zero_len &&
- cmp_lock->start > smb_lock->start &&
- cmp_lock->start < smb_lock->end) {
+ cmp_lock->start > smb_lock->start &&
+ cmp_lock->start < smb_lock->end) {
ksmbd_err("previous lock conflict with zero byte lock range\n");
rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
goto out;
}
if (smb_lock->zero_len && !cmp_lock->zero_len &&
- smb_lock->start > cmp_lock->start &&
- smb_lock->start < cmp_lock->end) {
+ smb_lock->start > cmp_lock->start &&
+ smb_lock->start < cmp_lock->end) {
ksmbd_err("current lock conflict with zero byte lock range\n");
rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
goto out;
}
if (((cmp_lock->start <= smb_lock->start &&
- cmp_lock->end > smb_lock->start) ||
- (cmp_lock->start < smb_lock->end &&
- cmp_lock->end >= smb_lock->end)) &&
- !cmp_lock->zero_len && !smb_lock->zero_len) {
+ cmp_lock->end > smb_lock->start) ||
+ (cmp_lock->start < smb_lock->end && cmp_lock->end >= smb_lock->end)) &&
+ !cmp_lock->zero_len && !smb_lock->zero_len) {
ksmbd_err("Not allow lock operation on exclusive lock range\n");
rsp->hdr.Status =
STATUS_LOCK_NOT_GRANTED;
@@ -6957,9 +6844,9 @@ int smb2_lock(struct ksmbd_work *work)
err = ksmbd_vfs_lock(filp, smb_lock->cmd, flock);
skip:
if (flags & SMB2_LOCKFLAG_UNLOCK) {
- if (!err)
+ if (!err) {
ksmbd_debug(SMB, "File unlocked\n");
- else if (err == -ENOENT) {
+ } else if (err == -ENOENT) {
rsp->hdr.Status = STATUS_NOT_LOCKED;
goto out;
}
@@ -7082,9 +6969,8 @@ int smb2_lock(struct ksmbd_work *work)
return 0;
}
-static int fsctl_copychunk(struct ksmbd_work *work,
- struct smb2_ioctl_req *req,
- struct smb2_ioctl_rsp *rsp)
+static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
+ struct smb2_ioctl_rsp *rsp)
{
struct copychunk_ioctl_req *ci_req;
struct copychunk_ioctl_rsp *ci_rsp;
@@ -7101,12 +6987,12 @@ static int fsctl_copychunk(struct ksmbd_work *work,
rsp->VolatileFileId = req->VolatileFileId;
rsp->PersistentFileId = req->PersistentFileId;
- ci_rsp->ChunksWritten = cpu_to_le32(
- ksmbd_server_side_copy_max_chunk_count());
- ci_rsp->ChunkBytesWritten = cpu_to_le32(
- ksmbd_server_side_copy_max_chunk_size());
- ci_rsp->TotalBytesWritten = cpu_to_le32(
- ksmbd_server_side_copy_max_total_size());
+ ci_rsp->ChunksWritten =
+ cpu_to_le32(ksmbd_server_side_copy_max_chunk_count());
+ ci_rsp->ChunkBytesWritten =
+ cpu_to_le32(ksmbd_server_side_copy_max_chunk_size());
+ ci_rsp->TotalBytesWritten =
+ cpu_to_le32(ksmbd_server_side_copy_max_total_size());
chunks = (struct srv_copychunk *)&ci_req->Chunks[0];
chunk_count = le32_to_cpu(ci_req->ChunkCount);
@@ -7114,22 +7000,22 @@ static int fsctl_copychunk(struct ksmbd_work *work,
/* verify the SRV_COPYCHUNK_COPY packet */
if (chunk_count > ksmbd_server_side_copy_max_chunk_count() ||
- le32_to_cpu(req->InputCount) <
- offsetof(struct copychunk_ioctl_req, Chunks) +
- chunk_count * sizeof(struct srv_copychunk)) {
+ le32_to_cpu(req->InputCount) <
+ offsetof(struct copychunk_ioctl_req, Chunks) +
+ chunk_count * sizeof(struct srv_copychunk)) {
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
return -EINVAL;
}
for (i = 0; i < chunk_count; i++) {
if (le32_to_cpu(chunks[i].Length) == 0 ||
- le32_to_cpu(chunks[i].Length) >
- ksmbd_server_side_copy_max_chunk_size())
+ le32_to_cpu(chunks[i].Length) > ksmbd_server_side_copy_max_chunk_size())
break;
total_size_written += le32_to_cpu(chunks[i].Length);
}
- if (i < chunk_count || total_size_written >
- ksmbd_server_side_copy_max_total_size()) {
+
+ if (i < chunk_count ||
+ total_size_written > ksmbd_server_side_copy_max_total_size()) {
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
return -EINVAL;
}
@@ -7139,13 +7025,13 @@ static int fsctl_copychunk(struct ksmbd_work *work,
dst_fp = ksmbd_lookup_fd_slow(work,
le64_to_cpu(req->VolatileFileId),
le64_to_cpu(req->PersistentFileId));
-
ret = -EINVAL;
- if (!src_fp || src_fp->persistent_id !=
- le64_to_cpu(ci_req->ResumeKey[1])) {
+ if (!src_fp ||
+ src_fp->persistent_id != le64_to_cpu(ci_req->ResumeKey[1])) {
rsp->hdr.Status = STATUS_OBJECT_NAME_NOT_FOUND;
goto out;
}
+
if (!dst_fp) {
rsp->hdr.Status = STATUS_FILE_CLOSED;
goto out;
@@ -7212,8 +7098,7 @@ static __be32 idev_ipv4_address(struct in_device *idev)
}
static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
- struct smb2_ioctl_req *req,
- struct smb2_ioctl_rsp *rsp)
+ struct smb2_ioctl_req *req, struct smb2_ioctl_rsp *rsp)
{
struct network_interface_info_ioctl_rsp *nii_rsp = NULL;
int nbytes = 0;
@@ -7255,10 +7140,8 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
netdev->ethtool_ops->get_link_ksettings(netdev, &cmd);
speed = cmd.base.speed;
} else {
- ksmbd_err("%s %s %s\n",
- netdev->name,
- "speed is unknown,",
- "defaulting to 1Gb/sec");
+ ksmbd_err("%s %s\n", netdev->name,
+ "speed is unknown, defaulting to 1Gb/sec");
speed = SPEED_1000;
}
@@ -7321,10 +7204,9 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
return nbytes;
}
-
static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
- struct validate_negotiate_info_req *neg_req,
- struct validate_negotiate_info_rsp *neg_rsp)
+ struct validate_negotiate_info_req *neg_req,
+ struct validate_negotiate_info_rsp *neg_rsp)
{
int ret = 0;
int dialect;
@@ -7359,10 +7241,10 @@ static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
return ret;
}
-static int fsctl_query_allocated_ranges(struct ksmbd_work *work, uint64_t id,
- struct file_allocated_range_buffer *qar_req,
- struct file_allocated_range_buffer *qar_rsp,
- int in_count, int *out_count)
+static int fsctl_query_allocated_ranges(struct ksmbd_work *work, u64 id,
+ struct file_allocated_range_buffer *qar_req,
+ struct file_allocated_range_buffer *qar_rsp,
+ int in_count, int *out_count)
{
struct ksmbd_file *fp;
loff_t start, length;
@@ -7388,15 +7270,15 @@ static int fsctl_query_allocated_ranges(struct ksmbd_work *work, uint64_t id,
return ret;
}
-static int fsctl_pipe_transceive(struct ksmbd_work *work, uint64_t id,
- int out_buf_len, struct smb2_ioctl_req *req, struct smb2_ioctl_rsp *rsp)
+static int fsctl_pipe_transceive(struct ksmbd_work *work, u64 id,
+ int out_buf_len, struct smb2_ioctl_req *req,
+ struct smb2_ioctl_rsp *rsp)
{
struct ksmbd_rpc_command *rpc_resp;
char *data_buf = (char *)&req->Buffer[0];
int nbytes = 0;
- rpc_resp = ksmbd_rpc_ioctl(work->sess, id,
- data_buf,
+ rpc_resp = ksmbd_rpc_ioctl(work->sess, id, data_buf,
le32_to_cpu(req->InputCount));
if (rpc_resp) {
if (rpc_resp->flags == KSMBD_RPC_SOME_NOT_MAPPED) {
@@ -7432,8 +7314,8 @@ static int fsctl_pipe_transceive(struct ksmbd_work *work, uint64_t id,
return nbytes;
}
-static inline int fsctl_set_sparse(struct ksmbd_work *work, uint64_t id,
- struct file_sparse *sparse)
+static inline int fsctl_set_sparse(struct ksmbd_work *work, u64 id,
+ struct file_sparse *sparse)
{
struct ksmbd_file *fp;
int ret = 0;
@@ -7450,8 +7332,8 @@ static inline int fsctl_set_sparse(struct ksmbd_work *work, uint64_t id,
fp->f_ci->m_fattr &= ~ATTR_SPARSE_FILE_LE;
if (fp->f_ci->m_fattr != old_fattr &&
- test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) {
+ test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) {
struct xattr_dos_attrib da;
ret = ksmbd_vfs_get_dos_attrib_xattr(fp->filp->f_path.dentry, &da);
@@ -7470,7 +7352,8 @@ static inline int fsctl_set_sparse(struct ksmbd_work *work, uint64_t id,
}
static int fsctl_request_resume_key(struct ksmbd_work *work,
- struct smb2_ioctl_req *req, struct resume_key_ioctl_rsp *key_rsp)
+ struct smb2_ioctl_req *req,
+ struct resume_key_ioctl_rsp *key_rsp)
{
struct ksmbd_file *fp;
@@ -7500,7 +7383,7 @@ int smb2_ioctl(struct ksmbd_work *work)
struct smb2_ioctl_rsp *rsp, *rsp_org;
int cnt_code, nbytes = 0;
int out_buf_len;
- uint64_t id = KSMBD_NO_FID;
+ u64 id = KSMBD_NO_FID;
struct ksmbd_conn *conn = work->conn;
int ret = 0;
@@ -7595,8 +7478,7 @@ int smb2_ioctl(struct ksmbd_work *work)
break;
case FSCTL_COPYCHUNK:
case FSCTL_COPYCHUNK_WRITE:
- if (!test_tree_conn_flag(work->tcon,
- KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
"User does not have write permission\n");
ret = -EACCES;
@@ -7623,8 +7505,7 @@ int smb2_ioctl(struct ksmbd_work *work)
struct ksmbd_file *fp;
loff_t off, len;
- if (!test_tree_conn_flag(work->tcon,
- KSMBD_TREE_CONN_FLAG_WRITABLE)) {
+ if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
"User does not have write permission\n");
ret = -EACCES;
@@ -7731,7 +7612,7 @@ static void smb20_oplock_break_ack(struct ksmbd_work *work)
struct oplock_info *opinfo = NULL;
__le32 err = 0;
int ret = 0;
- uint64_t volatile_id, persistent_id;
+ u64 volatile_id, persistent_id;
char req_oplevel = 0, rsp_oplevel = 0;
unsigned int oplock_change_type;
@@ -7768,34 +7649,36 @@ static void smb20_oplock_break_ack(struct ksmbd_work *work)
goto err_out;
}
- if (((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) ||
- (opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)) &&
- ((req_oplevel != SMB2_OPLOCK_LEVEL_II) &&
- (req_oplevel != SMB2_OPLOCK_LEVEL_NONE))) {
+ if ((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE ||
+ opinfo->level == SMB2_OPLOCK_LEVEL_BATCH) &&
+ (req_oplevel != SMB2_OPLOCK_LEVEL_II &&
+ req_oplevel != SMB2_OPLOCK_LEVEL_NONE)) {
err = STATUS_INVALID_OPLOCK_PROTOCOL;
oplock_change_type = OPLOCK_WRITE_TO_NONE;
- } else if ((opinfo->level == SMB2_OPLOCK_LEVEL_II) &&
- (req_oplevel != SMB2_OPLOCK_LEVEL_NONE)) {
+ } else if (opinfo->level == SMB2_OPLOCK_LEVEL_II &&
+ req_oplevel != SMB2_OPLOCK_LEVEL_NONE) {
err = STATUS_INVALID_OPLOCK_PROTOCOL;
oplock_change_type = OPLOCK_READ_TO_NONE;
- } else if ((req_oplevel == SMB2_OPLOCK_LEVEL_II) ||
- (req_oplevel == SMB2_OPLOCK_LEVEL_NONE)) {
+ } else if (req_oplevel == SMB2_OPLOCK_LEVEL_II ||
+ req_oplevel == SMB2_OPLOCK_LEVEL_NONE) {
err = STATUS_INVALID_DEVICE_STATE;
- if (((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) ||
- (opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)) &&
- (req_oplevel == SMB2_OPLOCK_LEVEL_II)) {
+ if ((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE ||
+ opinfo->level == SMB2_OPLOCK_LEVEL_BATCH) &&
+ req_oplevel == SMB2_OPLOCK_LEVEL_II) {
oplock_change_type = OPLOCK_WRITE_TO_READ;
- } else if (((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
- || (opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)) &&
- (req_oplevel == SMB2_OPLOCK_LEVEL_NONE)) {
+ } else if ((opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE ||
+ opinfo->level == SMB2_OPLOCK_LEVEL_BATCH) &&
+ req_oplevel == SMB2_OPLOCK_LEVEL_NONE) {
oplock_change_type = OPLOCK_WRITE_TO_NONE;
- } else if ((opinfo->level == SMB2_OPLOCK_LEVEL_II) &&
- (req_oplevel == SMB2_OPLOCK_LEVEL_NONE)) {
+ } else if (opinfo->level == SMB2_OPLOCK_LEVEL_II &&
+ req_oplevel == SMB2_OPLOCK_LEVEL_NONE) {
oplock_change_type = OPLOCK_READ_TO_NONE;
- } else
+ } else {
oplock_change_type = 0;
- } else
+ }
+ } else {
oplock_change_type = 0;
+ }
switch (oplock_change_type) {
case OPLOCK_WRITE_TO_READ:
@@ -7846,8 +7729,8 @@ static void smb20_oplock_break_ack(struct ksmbd_work *work)
static int check_lease_state(struct lease *lease, __le32 req_state)
{
if ((lease->new_state ==
- (SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_HANDLE_CACHING_LE))
- && !(req_state & SMB2_LEASE_WRITE_CACHING_LE)) {
+ (SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_HANDLE_CACHING_LE)) &&
+ !(req_state & SMB2_LEASE_WRITE_CACHING_LE)) {
lease->new_state = req_state;
return 0;
}
@@ -7909,7 +7792,7 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
/* check for bad lease state */
if (req->LeaseState & (~(SMB2_LEASE_READ_CACHING_LE |
- SMB2_LEASE_HANDLE_CACHING_LE))) {
+ SMB2_LEASE_HANDLE_CACHING_LE))) {
err = STATUS_INVALID_OPLOCK_PROTOCOL;
if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
lease_change_type = OPLOCK_WRITE_TO_NONE;
@@ -7918,8 +7801,8 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
ksmbd_debug(OPLOCK, "handle bad lease state 0x%x -> 0x%x\n",
le32_to_cpu(lease->state),
le32_to_cpu(req->LeaseState));
- } else if ((lease->state == SMB2_LEASE_READ_CACHING_LE) &&
- (req->LeaseState != SMB2_LEASE_NONE_LE)) {
+ } else if (lease->state == SMB2_LEASE_READ_CACHING_LE &&
+ req->LeaseState != SMB2_LEASE_NONE_LE) {
err = STATUS_INVALID_OPLOCK_PROTOCOL;
lease_change_type = OPLOCK_READ_TO_NONE;
ksmbd_debug(OPLOCK, "handle bad lease state 0x%x -> 0x%x\n",
@@ -7938,8 +7821,9 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
lease_change_type = OPLOCK_WRITE_TO_READ;
else
lease_change_type = OPLOCK_READ_HANDLE_TO_READ;
- } else
+ } else {
lease_change_type = 0;
+ }
}
switch (lease_change_type) {
@@ -8056,9 +7940,9 @@ bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command)
struct smb2_hdr *rcv_hdr2 = work->request_buf;
if ((rcv_hdr2->Flags & SMB2_FLAGS_SIGNED) &&
- command != SMB2_NEGOTIATE_HE &&
- command != SMB2_SESSION_SETUP_HE &&
- command != SMB2_OPLOCK_BREAK_HE)
+ command != SMB2_NEGOTIATE_HE &&
+ command != SMB2_SESSION_SETUP_HE &&
+ command != SMB2_OPLOCK_BREAK_HE)
return true;
return 0;
@@ -8097,7 +7981,7 @@ int smb2_check_sign_req(struct ksmbd_work *work)
iov[0].iov_len = len;
if (ksmbd_sign_smb2_pdu(work->conn, work->sess->sess_key, iov, 1,
- signature))
+ signature))
return 0;
if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
@@ -8155,7 +8039,7 @@ void smb2_set_sign_rsp(struct ksmbd_work *work)
}
if (!ksmbd_sign_smb2_pdu(work->conn, work->sess->sess_key, iov, n_vec,
- signature))
+ signature))
memcpy(hdr->Signature, signature, SMB2_SIGNATURE_SIZE);
}
@@ -8305,7 +8189,7 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
conn->preauth_info->Preauth_HashValue);
if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE &&
- sess && sess->state == SMB2_SESSION_IN_PROGRESS) {
+ sess && sess->state == SMB2_SESSION_IN_PROGRESS) {
__u8 *hash_value;
hash_value = sess->Preauth_HashValue;
@@ -8314,9 +8198,8 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
}
}
-static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr,
- char *old_buf,
- __le16 cipher_type)
+static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, char *old_buf,
+ __le16 cipher_type)
{
struct smb2_hdr *hdr = (struct smb2_hdr *)old_buf;
unsigned int orig_len = get_rfc1002_len(old_buf);
@@ -8403,7 +8286,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
sess = ksmbd_session_lookup(conn, le64_to_cpu(tr_hdr->SessionId));
if (!sess) {
ksmbd_err("invalid session id(%llx) in transform header\n",
- le64_to_cpu(tr_hdr->SessionId));
+ le64_to_cpu(tr_hdr->SessionId));
return -ECONNABORTED;
}
@@ -8446,7 +8329,7 @@ bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work)
rsp = RESPONSE_BUF_NEXT(work);
if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE &&
- rsp->Status == STATUS_SUCCESS)
+ rsp->Status == STATUS_SUCCESS)
return true;
return false;
}
diff --git a/fs/cifsd/smb2pdu.h b/fs/cifsd/smb2pdu.h
index deb3d7444c2a..156ff6a2968b 100644
--- a/fs/cifsd/smb2pdu.h
+++ b/fs/cifsd/smb2pdu.h
@@ -346,8 +346,8 @@ struct smb2_negotiate_rsp {
#define SMB2_SESSION_REQ_FLAG_ENCRYPT_DATA 0x04
#define SMB2_SESSION_EXPIRED (0)
-#define SMB2_SESSION_IN_PROGRESS (1 << 0)
-#define SMB2_SESSION_VALID (1 << 1)
+#define SMB2_SESSION_IN_PROGRESS BIT(0)
+#define SMB2_SESSION_VALID BIT(1)
/* Flags */
#define SMB2_SESSION_REQ_FLAG_BINDING 0x01
@@ -1161,7 +1161,6 @@ struct smb2_set_info_rsp {
__le16 StructureSize; /* Must be 2 */
} __packed;
-
/* FILE Info response size */
#define FILE_DIRECTORY_INFORMATION_SIZE 1
#define FILE_FULL_DIRECTORY_INFORMATION_SIZE 2
@@ -1199,7 +1198,6 @@ struct smb2_set_info_rsp {
#define FILE_NETWORK_OPEN_INFORMATION_SIZE 56
#define FILE_ATTRIBUTE_TAG_INFORMATION_SIZE 8
-
/* FS Info response size */
#define FS_DEVICE_INFORMATION_SIZE 8
#define FS_ATTRIBUTE_INFORMATION_SIZE 16
@@ -1579,71 +1577,70 @@ struct smb2_posix_info {
} __packed;
/* functions */
-
-extern int init_smb2_0_server(struct ksmbd_conn *conn);
-extern void init_smb2_1_server(struct ksmbd_conn *conn);
-extern void init_smb3_0_server(struct ksmbd_conn *conn);
-extern void init_smb3_02_server(struct ksmbd_conn *conn);
-extern int init_smb3_11_server(struct ksmbd_conn *conn);
-
-extern void init_smb2_max_read_size(unsigned int sz);
-extern void init_smb2_max_write_size(unsigned int sz);
-extern void init_smb2_max_trans_size(unsigned int sz);
-
-extern int is_smb2_neg_cmd(struct ksmbd_work *work);
-extern int is_smb2_rsp(struct ksmbd_work *work);
-
-extern uint16_t get_smb2_cmd_val(struct ksmbd_work *work);
-extern void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err);
-extern int init_smb2_rsp_hdr(struct ksmbd_work *work);
-extern int smb2_allocate_rsp_buf(struct ksmbd_work *work);
-extern bool is_chained_smb2_message(struct ksmbd_work *work);
-extern int init_smb2_neg_rsp(struct ksmbd_work *work);
-extern void smb2_set_err_rsp(struct ksmbd_work *work);
-extern int smb2_check_user_session(struct ksmbd_work *work);
-extern int smb2_get_ksmbd_tcon(struct ksmbd_work *work);
-extern bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command);
-extern int smb2_check_sign_req(struct ksmbd_work *work);
-extern void smb2_set_sign_rsp(struct ksmbd_work *work);
-extern int smb3_check_sign_req(struct ksmbd_work *work);
-extern void smb3_set_sign_rsp(struct ksmbd_work *work);
-extern int find_matching_smb2_dialect(int start_index, __le16 *cli_dialects,
- __le16 dialects_count);
-extern struct file_lock *smb_flock_init(struct file *f);
-extern int setup_async_work(struct ksmbd_work *work, void (*fn)(void **),
- void **arg);
-extern void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status);
-extern struct channel *lookup_chann_list(struct ksmbd_session *sess);
-extern void smb3_preauth_hash_rsp(struct ksmbd_work *work);
-extern int smb3_is_transform_hdr(void *buf);
-extern int smb3_decrypt_req(struct ksmbd_work *work);
-extern int smb3_encrypt_resp(struct ksmbd_work *work);
-extern bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work);
-extern int smb2_set_rsp_credits(struct ksmbd_work *work);
+int init_smb2_0_server(struct ksmbd_conn *conn);
+void init_smb2_1_server(struct ksmbd_conn *conn);
+void init_smb3_0_server(struct ksmbd_conn *conn);
+void init_smb3_02_server(struct ksmbd_conn *conn);
+int init_smb3_11_server(struct ksmbd_conn *conn);
+
+void init_smb2_max_read_size(unsigned int sz);
+void init_smb2_max_write_size(unsigned int sz);
+void init_smb2_max_trans_size(unsigned int sz);
+
+int is_smb2_neg_cmd(struct ksmbd_work *work);
+int is_smb2_rsp(struct ksmbd_work *work);
+
+u16 get_smb2_cmd_val(struct ksmbd_work *work);
+void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err);
+int init_smb2_rsp_hdr(struct ksmbd_work *work);
+int smb2_allocate_rsp_buf(struct ksmbd_work *work);
+bool is_chained_smb2_message(struct ksmbd_work *work);
+int init_smb2_neg_rsp(struct ksmbd_work *work);
+void smb2_set_err_rsp(struct ksmbd_work *work);
+int smb2_check_user_session(struct ksmbd_work *work);
+int smb2_get_ksmbd_tcon(struct ksmbd_work *work);
+bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command);
+int smb2_check_sign_req(struct ksmbd_work *work);
+void smb2_set_sign_rsp(struct ksmbd_work *work);
+int smb3_check_sign_req(struct ksmbd_work *work);
+void smb3_set_sign_rsp(struct ksmbd_work *work);
+int find_matching_smb2_dialect(int start_index, __le16 *cli_dialects,
+ __le16 dialects_count);
+struct file_lock *smb_flock_init(struct file *f);
+int setup_async_work(struct ksmbd_work *work, void (*fn)(void **),
+ void **arg);
+void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status);
+struct channel *lookup_chann_list(struct ksmbd_session *sess);
+void smb3_preauth_hash_rsp(struct ksmbd_work *work);
+int smb3_is_transform_hdr(void *buf);
+int smb3_decrypt_req(struct ksmbd_work *work);
+int smb3_encrypt_resp(struct ksmbd_work *work);
+bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work);
+int smb2_set_rsp_credits(struct ksmbd_work *work);
/* smb2 misc functions */
-extern int ksmbd_smb2_check_message(struct ksmbd_work *work);
+int ksmbd_smb2_check_message(struct ksmbd_work *work);
/* smb2 command handlers */
-extern int smb2_handle_negotiate(struct ksmbd_work *work);
-extern int smb2_negotiate_request(struct ksmbd_work *work);
-extern int smb2_sess_setup(struct ksmbd_work *work);
-extern int smb2_tree_connect(struct ksmbd_work *work);
-extern int smb2_tree_disconnect(struct ksmbd_work *work);
-extern int smb2_session_logoff(struct ksmbd_work *work);
-extern int smb2_open(struct ksmbd_work *work);
-extern int smb2_query_info(struct ksmbd_work *work);
-extern int smb2_query_dir(struct ksmbd_work *work);
-extern int smb2_close(struct ksmbd_work *work);
-extern int smb2_echo(struct ksmbd_work *work);
-extern int smb2_set_info(struct ksmbd_work *work);
-extern int smb2_read(struct ksmbd_work *work);
-extern int smb2_write(struct ksmbd_work *work);
-extern int smb2_flush(struct ksmbd_work *work);
-extern int smb2_cancel(struct ksmbd_work *work);
-extern int smb2_lock(struct ksmbd_work *work);
-extern int smb2_ioctl(struct ksmbd_work *work);
-extern int smb2_oplock_break(struct ksmbd_work *work);
-extern int smb2_notify(struct ksmbd_work *ksmbd_work);
+int smb2_handle_negotiate(struct ksmbd_work *work);
+int smb2_negotiate_request(struct ksmbd_work *work);
+int smb2_sess_setup(struct ksmbd_work *work);
+int smb2_tree_connect(struct ksmbd_work *work);
+int smb2_tree_disconnect(struct ksmbd_work *work);
+int smb2_session_logoff(struct ksmbd_work *work);
+int smb2_open(struct ksmbd_work *work);
+int smb2_query_info(struct ksmbd_work *work);
+int smb2_query_dir(struct ksmbd_work *work);
+int smb2_close(struct ksmbd_work *work);
+int smb2_echo(struct ksmbd_work *work);
+int smb2_set_info(struct ksmbd_work *work);
+int smb2_read(struct ksmbd_work *work);
+int smb2_write(struct ksmbd_work *work);
+int smb2_flush(struct ksmbd_work *work);
+int smb2_cancel(struct ksmbd_work *work);
+int smb2_lock(struct ksmbd_work *work);
+int smb2_ioctl(struct ksmbd_work *work);
+int smb2_oplock_break(struct ksmbd_work *work);
+int smb2_notify(struct ksmbd_work *ksmbd_work);
#endif /* _SMB2PDU_H */
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index da1928b948f8..b0510213eb6d 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -17,7 +17,7 @@
/*for shortname implementation */
static const char basechars[43] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-!@#$%";
-#define MANGLE_BASE (sizeof(basechars)/sizeof(char)-1)
+#define MANGLE_BASE (sizeof(basechars) / sizeof(char) - 1)
#define MAGIC_CHAR '~'
#define PERIOD '.'
#define mangle(V) ((char)(basechars[(V) % MANGLE_BASE]))
@@ -268,15 +268,10 @@ bool ksmbd_pdu_size_has_room(unsigned int pdu)
return (pdu >= KSMBD_MIN_SUPPORTED_HEADER_SIZE - 4);
}
-int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work,
- int info_level,
- struct ksmbd_file *dir,
- struct ksmbd_dir_info *d_info,
- char *search_pattern,
- int (*fn)(struct ksmbd_conn *,
- int,
- struct ksmbd_dir_info *,
- struct ksmbd_kstat *))
+int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
+ struct ksmbd_file *dir, struct ksmbd_dir_info *d_info,
+ char *search_pattern, int (*fn)(struct ksmbd_conn *, int,
+ struct ksmbd_dir_info *, struct ksmbd_kstat *))
{
int i, rc = 0;
struct ksmbd_conn *conn = work->conn;
@@ -295,7 +290,7 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work,
}
if (!match_pattern(d_info->name, d_info->name_len,
- search_pattern)) {
+ search_pattern)) {
dir->dot_dotdot[i] = 1;
continue;
}
@@ -331,9 +326,8 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work,
* TODO: Though this function comforms the restriction of 8.3 Filename spec,
* but the result is different with Windows 7's one. need to check.
*/
-int ksmbd_extract_shortname(struct ksmbd_conn *conn,
- const char *longname,
- char *shortname)
+int ksmbd_extract_shortname(struct ksmbd_conn *conn, const char *longname,
+ char *shortname)
{
const char *p;
char base[9], extension[4];
@@ -354,7 +348,7 @@ int ksmbd_extract_shortname(struct ksmbd_conn *conn,
if (p == longname) { /*name starts with a dot*/
strscpy(extension, "___", strlen("___"));
} else {
- if (p != NULL) {
+ if (p) {
p++;
while (*p && extlen < 3) {
if (*p != '.')
@@ -362,8 +356,9 @@ int ksmbd_extract_shortname(struct ksmbd_conn *conn,
p++;
}
extension[extlen] = '\0';
- } else
+ } else {
dot_present = false;
+ }
}
p = longname;
@@ -378,7 +373,7 @@ int ksmbd_extract_shortname(struct ksmbd_conn *conn,
}
base[baselen] = MAGIC_CHAR;
- memcpy(out, base, baselen+1);
+ memcpy(out, base, baselen + 1);
ptr = longname;
len = strlen(longname);
@@ -386,14 +381,14 @@ int ksmbd_extract_shortname(struct ksmbd_conn *conn,
csum += *ptr;
csum = csum % (MANGLE_BASE * MANGLE_BASE);
- out[baselen+1] = mangle(csum/MANGLE_BASE);
- out[baselen+2] = mangle(csum);
- out[baselen+3] = PERIOD;
+ out[baselen + 1] = mangle(csum / MANGLE_BASE);
+ out[baselen + 2] = mangle(csum);
+ out[baselen + 3] = PERIOD;
if (dot_present)
- memcpy(&out[baselen+4], extension, 4);
+ memcpy(&out[baselen + 4], extension, 4);
else
- out[baselen+4] = '\0';
+ out[baselen + 4] = '\0';
smbConvertToUTF16((__le16 *)shortname, out, PATH_MAX,
conn->local_nls, 0);
len = strlen(out) * 2;
@@ -471,9 +466,8 @@ static const char * const shared_mode_errors[] = {
"Desired access mode does not permit FILE_DELETE",
};
-static void smb_shared_mode_error(int error,
- struct ksmbd_file *prev_fp,
- struct ksmbd_file *curr_fp)
+static void smb_shared_mode_error(int error, struct ksmbd_file *prev_fp,
+ struct ksmbd_file *curr_fp)
{
ksmbd_debug(SMB, "%s\n", shared_mode_errors[error]);
ksmbd_debug(SMB, "Current mode: 0x%x Desired mode: 0x%x\n",
@@ -512,7 +506,7 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
continue;
if (!(prev_fp->saccess & FILE_SHARE_DELETE_LE) &&
- curr_fp->daccess & FILE_DELETE_LE) {
+ curr_fp->daccess & FILE_DELETE_LE) {
smb_shared_mode_error(SHARE_DELETE_ERROR,
prev_fp,
curr_fp);
@@ -528,8 +522,7 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
continue;
if (!(prev_fp->saccess & FILE_SHARE_READ_LE) &&
- curr_fp->daccess & (FILE_EXECUTE_LE |
- FILE_READ_DATA_LE)) {
+ curr_fp->daccess & (FILE_EXECUTE_LE | FILE_READ_DATA_LE)) {
smb_shared_mode_error(SHARE_READ_ERROR,
prev_fp,
curr_fp);
@@ -538,8 +531,7 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
}
if (!(prev_fp->saccess & FILE_SHARE_WRITE_LE) &&
- curr_fp->daccess & (FILE_WRITE_DATA_LE |
- FILE_APPEND_DATA_LE)) {
+ curr_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE)) {
smb_shared_mode_error(SHARE_WRITE_ERROR,
prev_fp,
curr_fp);
@@ -547,9 +539,8 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
break;
}
- if (prev_fp->daccess & (FILE_EXECUTE_LE |
- FILE_READ_DATA_LE) &&
- !(curr_fp->saccess & FILE_SHARE_READ_LE)) {
+ if (prev_fp->daccess & (FILE_EXECUTE_LE | FILE_READ_DATA_LE) &&
+ !(curr_fp->saccess & FILE_SHARE_READ_LE)) {
smb_shared_mode_error(FILE_READ_ERROR,
prev_fp,
curr_fp);
@@ -557,9 +548,8 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
break;
}
- if (prev_fp->daccess & (FILE_WRITE_DATA_LE |
- FILE_APPEND_DATA_LE) &&
- !(curr_fp->saccess & FILE_SHARE_WRITE_LE)) {
+ if (prev_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE) &&
+ !(curr_fp->saccess & FILE_SHARE_WRITE_LE)) {
smb_shared_mode_error(FILE_WRITE_ERROR,
prev_fp,
curr_fp);
@@ -568,7 +558,7 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
}
if (prev_fp->daccess & FILE_DELETE_LE &&
- !(curr_fp->saccess & FILE_SHARE_DELETE_LE)) {
+ !(curr_fp->saccess & FILE_SHARE_DELETE_LE)) {
smb_shared_mode_error(FILE_DELETE_ERROR,
prev_fp,
curr_fp);
@@ -620,7 +610,7 @@ int ksmbd_override_fsids(struct ksmbd_work *work)
if (!uid_eq(cred->fsuid, GLOBAL_ROOT_UID))
cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
- WARN_ON(work->saved_cred != NULL);
+ WARN_ON(work->saved_cred);
work->saved_cred = override_creds(cred);
if (!work->saved_cred) {
abort_creds(cred);
@@ -633,7 +623,7 @@ void ksmbd_revert_fsids(struct ksmbd_work *work)
{
const struct cred *cred;
- WARN_ON(work->saved_cred == NULL);
+ WARN_ON(!work->saved_cred);
cred = current_cred();
revert_creds(work->saved_cred);
diff --git a/fs/cifsd/smb_common.h b/fs/cifsd/smb_common.h
index ec954e6bc4ae..2d7b1c693ff4 100644
--- a/fs/cifsd/smb_common.h
+++ b/fs/cifsd/smb_common.h
@@ -43,7 +43,7 @@
#define SMB311_PROT_ID 0x0311
#define BAD_PROT_ID 0xFFFF
-#define SMB_ECHO_INTERVAL (60*HZ)
+#define SMB_ECHO_INTERVAL (60 * HZ)
#define CIFS_DEFAULT_IOSIZE (64 * 1024)
#define MAX_CIFS_SMALL_BUFFER_SIZE 448 /* big enough for most */
@@ -490,8 +490,6 @@ struct smb_version_cmds {
int (*proc)(struct ksmbd_work *swork);
};
-
-
int ksmbd_min_protocol(void);
int ksmbd_max_protocol(void);
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index 7f6d5313a02c..a3675aa837b9 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -68,13 +68,12 @@ static const struct smb_sid sid_unix_NFS_mode = { 1, 2, {0, 0, 0, 0, 0, 5},
* if the two SIDs (roughly equivalent to a UUID for a user or group) are
* the same returns zero, if they do not match returns non-zero.
*/
-int
-compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid)
+int compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid)
{
int i;
int num_subauth, num_sat, num_saw;
- if ((!ctsid) || (!cwsid))
+ if (!ctsid || !cwsid)
return 1;
/* compare the revision */
@@ -103,7 +102,7 @@ compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid)
for (i = 0; i < num_subauth; ++i) {
if (ctsid->sub_auth[i] != cwsid->sub_auth[i]) {
if (le32_to_cpu(ctsid->sub_auth[i]) >
- le32_to_cpu(cwsid->sub_auth[i]))
+ le32_to_cpu(cwsid->sub_auth[i]))
return 1;
else
return -1;
@@ -114,8 +113,7 @@ compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid)
return 0; /* sids compare/match */
}
-static void
-smb_copy_sid(struct smb_sid *dst, const struct smb_sid *src)
+static void smb_copy_sid(struct smb_sid *dst, const struct smb_sid *src)
{
int i;
@@ -144,21 +142,17 @@ static umode_t access_flags_to_mode(struct smb_fattr *fattr, __le32 ace_flags,
return mode;
}
- if ((flags & GENERIC_READ) ||
- (flags & FILE_READ_RIGHTS))
+ if ((flags & GENERIC_READ) || (flags & FILE_READ_RIGHTS))
mode = 0444;
- if ((flags & GENERIC_WRITE) ||
- (flags & FILE_WRITE_RIGHTS)) {
+ if ((flags & GENERIC_WRITE) || (flags & FILE_WRITE_RIGHTS)) {
mode |= 0222;
if (S_ISDIR(fattr->cf_mode))
mode |= 0111;
}
- if ((flags & GENERIC_EXECUTE) ||
- (flags & FILE_EXEC_RIGHTS))
+ if ((flags & GENERIC_EXECUTE) || (flags & FILE_EXEC_RIGHTS))
mode |= 0111;
- if (type == ACCESS_DENIED_ACE_TYPE ||
- type == ACCESS_DENIED_OBJECT_ACE_TYPE)
+ if (type == ACCESS_DENIED_ACE_TYPE || type == ACCESS_DENIED_OBJECT_ACE_TYPE)
mode = ~mode;
ksmbd_debug(SMB, "access flags 0x%x mode now %04o\n", flags, mode);
@@ -282,8 +276,7 @@ static int sid_to_id(struct smb_sid *psid, uint sidtype,
id = le32_to_cpu(psid->sub_auth[psid->num_subauth - 1]);
if (id > 0) {
uid = make_kuid(&init_user_ns, id);
- if (uid_valid(uid) &&
- kuid_has_mapping(&init_user_ns, uid)) {
+ if (uid_valid(uid) && kuid_has_mapping(&init_user_ns, uid)) {
fattr->cf_uid = uid;
rc = 0;
}
@@ -295,8 +288,7 @@ static int sid_to_id(struct smb_sid *psid, uint sidtype,
id = le32_to_cpu(psid->sub_auth[psid->num_subauth - 1]);
if (id > 0) {
gid = make_kgid(&init_user_ns, id);
- if (gid_valid(gid) &&
- kgid_has_mapping(&init_user_ns, gid)) {
+ if (gid_valid(gid) && kgid_has_mapping(&init_user_ns, gid)) {
fattr->cf_gid = gid;
rc = 0;
}
@@ -353,7 +345,7 @@ int init_acl_state(struct posix_acl_state *state, int cnt)
* enough space for either:
*/
alloc = sizeof(struct posix_ace_state_array)
- + cnt*sizeof(struct posix_user_ace_state);
+ + cnt * sizeof(struct posix_user_ace_state);
state->users = kzalloc(alloc, GFP_KERNEL);
if (!state->users)
return -ENOMEM;
@@ -429,17 +421,17 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
* user/group/other have no permissions
*/
for (i = 0; i < num_aces; ++i) {
- ppace[i] = (struct smb_ace *) (acl_base + acl_size);
+ ppace[i] = (struct smb_ace *)(acl_base + acl_size);
acl_base = (char *)ppace[i];
acl_size = le16_to_cpu(ppace[i]->size);
ppace[i]->access_req =
smb_map_generic_desired_access(ppace[i]->access_req);
- if (!(compare_sids(&(ppace[i]->sid), &sid_unix_NFS_mode))) {
+ if (!(compare_sids(&ppace[i]->sid, &sid_unix_NFS_mode))) {
fattr->cf_mode =
le32_to_cpu(ppace[i]->sid.sub_auth[2]);
break;
- } else if (!compare_sids(&(ppace[i]->sid), pownersid)) {
+ } else if (!compare_sids(&ppace[i]->sid, pownersid)) {
acl_mode = access_flags_to_mode(fattr,
ppace[i]->access_req, ppace[i]->type);
acl_mode &= 0700;
@@ -449,9 +441,9 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
mode |= acl_mode;
}
owner_found = true;
- } else if (!compare_sids(&(ppace[i]->sid), pgrpsid) ||
- ppace[i]->sid.sub_auth[ppace[i]->sid.num_subauth - 1] ==
- DOMAIN_USER_RID_LE) {
+ } else if (!compare_sids(&ppace[i]->sid, pgrpsid) ||
+ ppace[i]->sid.sub_auth[ppace[i]->sid.num_subauth - 1] ==
+ DOMAIN_USER_RID_LE) {
acl_mode = access_flags_to_mode(fattr,
ppace[i]->access_req, ppace[i]->type);
acl_mode &= 0070;
@@ -460,7 +452,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
mode |= acl_mode;
}
group_found = true;
- } else if (!compare_sids(&(ppace[i]->sid), &sid_everyone)) {
+ } else if (!compare_sids(&ppace[i]->sid, &sid_everyone)) {
acl_mode = access_flags_to_mode(fattr,
ppace[i]->access_req, ppace[i]->type);
acl_mode &= 0007;
@@ -469,13 +461,13 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
mode |= acl_mode;
}
others_found = true;
- } else if (!compare_sids(&(ppace[i]->sid), &creator_owner))
+ } else if (!compare_sids(&ppace[i]->sid, &creator_owner)) {
continue;
- else if (!compare_sids(&(ppace[i]->sid), &creator_group))
+ } else if (!compare_sids(&ppace[i]->sid, &creator_group)) {
continue;
- else if (!compare_sids(&(ppace[i]->sid), &sid_authusers))
+ } else if (!compare_sids(&ppace[i]->sid, &sid_authusers)) {
continue;
- else {
+ } else {
struct smb_fattr temp_fattr;
acl_mode = access_flags_to_mode(fattr, ppace[i]->access_req,
@@ -610,7 +602,7 @@ static void set_posix_acl_entries_dacl(struct smb_ace *pndace,
if (S_ISDIR(fattr->cf_mode) && pace->e_tag == ACL_OTHER)
flags = 0x03;
- ntace = (struct smb_ace *) ((char *)pndace + *size);
+ ntace = (struct smb_ace *)((char *)pndace + *size);
*size += fill_ace_for_sid(ntace, sid, ACCESS_ALLOWED, flags,
pace->e_perm, 0777);
(*num_aces)++;
@@ -619,8 +611,8 @@ static void set_posix_acl_entries_dacl(struct smb_ace *pndace,
FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
if (S_ISDIR(fattr->cf_mode) &&
- (pace->e_tag == ACL_USER || pace->e_tag == ACL_GROUP)) {
- ntace = (struct smb_ace *) ((char *)pndace + *size);
+ (pace->e_tag == ACL_USER || pace->e_tag == ACL_GROUP)) {
+ ntace = (struct smb_ace *)((char *)pndace + *size);
*size += fill_ace_for_sid(ntace, sid, ACCESS_ALLOWED,
0x03, pace->e_perm, 0777);
(*num_aces)++;
@@ -661,7 +653,7 @@ static void set_posix_acl_entries_dacl(struct smb_ace *pndace,
continue;
}
- ntace = (struct smb_ace *) ((char *)pndace + *size);
+ ntace = (struct smb_ace *)((char *)pndace + *size);
*size += fill_ace_for_sid(ntace, sid, ACCESS_ALLOWED, 0x0b,
pace->e_perm, 0777);
(*num_aces)++;
@@ -786,7 +778,7 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
__u32 dacloffset;
int pntsd_type;
- if (pntsd == NULL)
+ if (!pntsd)
return -EIO;
owner_sid_ptr = (struct smb_sid *)((char *)pntsd +
@@ -913,11 +905,11 @@ int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *ppntsd,
dacl_ptr->size = cpu_to_le16(sizeof(struct smb_acl));
dacl_ptr->num_aces = 0;
- if (!ppntsd)
+ if (!ppntsd) {
set_mode_dacl(dacl_ptr, fattr);
- else if (!ppntsd->dacloffset)
+ } else if (!ppntsd->dacloffset) {
goto out;
- else {
+ } else {
struct smb_acl *ppdacl_ptr;
ppdacl_ptr = (struct smb_acl *)((char *)ppntsd +
@@ -992,8 +984,9 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
flags |= INHERIT_ONLY_ACE;
if (flags & NO_PROPAGATE_INHERIT_ACE)
flags = 0;
- } else
+ } else {
flags = 0;
+ }
if (!compare_sids(&creator_owner, &parent_aces->sid)) {
creator = &creator_owner;
@@ -1016,8 +1009,9 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
aces = (struct smb_ace *)((char *)aces + le16_to_cpu(aces->size));
flags |= INHERIT_ONLY_ACE;
psid = creator;
- } else if (is_dir && !(parent_aces->flags & NO_PROPAGATE_INHERIT_ACE))
+ } else if (is_dir && !(parent_aces->flags & NO_PROPAGATE_INHERIT_ACE)) {
psid = &parent_aces->sid;
+ }
smb_set_ace(aces, psid, parent_aces->type, flags | inherited_flags,
parent_aces->access_req);
@@ -1166,7 +1160,7 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
ace = (struct smb_ace *)((char *)pdacl + sizeof(struct smb_acl));
for (i = 0; i < le32_to_cpu(pdacl->num_aces); i++) {
granted |= le32_to_cpu(ace->access_req);
- ace = (struct smb_ace *) ((char *)ace + le16_to_cpu(ace->size));
+ ace = (struct smb_ace *)((char *)ace + le16_to_cpu(ace->size));
if (end_of_acl < (char *)ace)
goto err_out;
}
@@ -1189,7 +1183,7 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
if (!compare_sids(&sid_everyone, &ace->sid))
others_ace = ace;
- ace = (struct smb_ace *) ((char *)ace + le16_to_cpu(ace->size));
+ ace = (struct smb_ace *)((char *)ace + le16_to_cpu(ace->size));
if (end_of_acl < (char *)ace)
goto err_out;
}
@@ -1229,9 +1223,9 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
posix_acl_release(posix_acls);
if (!found) {
- if (others_ace)
+ if (others_ace) {
ace = others_ace;
- else {
+ } else {
ksmbd_debug(SMB, "Can't find corresponding sid\n");
rc = -EACCES;
goto err_out;
@@ -1300,8 +1294,7 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
if (type_check && !(le16_to_cpu(pntsd->type) & DACL_PRESENT))
goto out;
- if (test_share_config_flag(tcon->share_conf,
- KSMBD_SHARE_FLAG_ACL_XATTR)) {
+ if (test_share_config_flag(tcon->share_conf, KSMBD_SHARE_FLAG_ACL_XATTR)) {
/* Update WinACL in xattr */
ksmbd_vfs_remove_sd_xattrs(dentry);
ksmbd_vfs_set_sd_xattr(conn, dentry, pntsd, ntsd_len);
diff --git a/fs/cifsd/time_wrappers.h b/fs/cifsd/time_wrappers.h
index a702ca96947e..31bea2058f88 100644
--- a/fs/cifsd/time_wrappers.h
+++ b/fs/cifsd/time_wrappers.h
@@ -11,13 +11,13 @@
* between different kernel versions.
*/
-#define NTFS_TIME_OFFSET ((u64)(369*365 + 89) * 24 * 3600 * 10000000)
+#define NTFS_TIME_OFFSET ((u64)(369 * 365 + 89) * 24 * 3600 * 10000000)
/* Convert the Unix UTC into NT UTC. */
static inline u64 ksmbd_UnixTimeToNT(struct timespec64 t)
{
/* Convert to 100ns intervals and then add the NTFS time offset. */
- return (u64) t.tv_sec * 10000000 + t.tv_nsec / 100 + NTFS_TIME_OFFSET;
+ return (u64)t.tv_sec * 10000000 + t.tv_nsec / 100 + NTFS_TIME_OFFSET;
}
struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc);
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index e5f4d97b2924..1bbff53436b3 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -75,8 +75,7 @@ struct ipc_msg_table_entry {
static struct delayed_work ipc_timer_work;
static int handle_startup_event(struct sk_buff *skb, struct genl_info *info);
-static int handle_unsupported_event(struct sk_buff *skb,
- struct genl_info *info);
+static int handle_unsupported_event(struct sk_buff *skb, struct genl_info *info);
static int handle_generic_event(struct sk_buff *skb, struct genl_info *info);
static int ksmbd_ipc_heartbeat_request(void);
@@ -385,8 +384,7 @@ static int handle_startup_event(struct sk_buff *skb, struct genl_info *info)
return ret;
}
-static int handle_unsupported_event(struct sk_buff *skb,
- struct genl_info *info)
+static int handle_unsupported_event(struct sk_buff *skb, struct genl_info *info)
{
ksmbd_err("Unknown IPC event: %d, ignore.\n", info->genlhdr->cmd);
return -EINVAL;
@@ -453,8 +451,7 @@ static int ipc_msg_send(struct ksmbd_ipc_msg *msg)
return ret;
}
-static void *ipc_msg_send_request(struct ksmbd_ipc_msg *msg,
- unsigned int handle)
+static void *ipc_msg_send_request(struct ksmbd_ipc_msg *msg, unsigned int handle)
{
struct ipc_msg_table_entry entry;
int ret;
@@ -550,9 +547,9 @@ ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len)
struct ksmbd_tree_connect_response *
ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
- struct ksmbd_share_config *share,
- struct ksmbd_tree_connect *tree_conn,
- struct sockaddr *peer_addr)
+ struct ksmbd_share_config *share,
+ struct ksmbd_tree_connect *tree_conn,
+ struct sockaddr *peer_addr)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_tree_connect_request *req;
@@ -591,7 +588,7 @@ ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
}
int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
- unsigned long long connect_id)
+ unsigned long long connect_id)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_tree_disconnect_request *req;
@@ -658,8 +655,7 @@ ksmbd_ipc_share_config_request(const char *name)
return resp;
}
-struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess,
- int handle)
+struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess, int handle)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -681,8 +677,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess,
return resp;
}
-struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess,
- int handle)
+struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess, int handle)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -704,10 +699,8 @@ struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess,
return resp;
}
-struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess,
- int handle,
- void *payload,
- size_t payload_sz)
+struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess, int handle,
+ void *payload, size_t payload_sz)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -731,8 +724,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess,
return resp;
}
-struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess,
- int handle)
+struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess, int handle)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -755,10 +747,8 @@ struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess,
return resp;
}
-struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess,
- int handle,
- void *payload,
- size_t payload_sz)
+struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle,
+ void *payload, size_t payload_sz)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -782,9 +772,8 @@ struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess,
return resp;
}
-struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess,
- void *payload,
- size_t payload_sz)
+struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payload,
+ size_t payload_sz)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -885,8 +874,7 @@ int ksmbd_ipc_init(void)
ret = genl_register_family(&ksmbd_genl_family);
if (ret) {
- ksmbd_err("Failed to register KSMBD netlink interface %d\n",
- ret);
+ ksmbd_err("Failed to register KSMBD netlink interface %d\n", ret);
goto cancel_work;
}
diff --git a/fs/cifsd/transport_ipc.h b/fs/cifsd/transport_ipc.h
index 6ed7cbea727e..c3744ed7a085 100644
--- a/fs/cifsd/transport_ipc.h
+++ b/fs/cifsd/transport_ipc.h
@@ -20,9 +20,9 @@ struct sockaddr;
struct ksmbd_tree_connect_response *
ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
- struct ksmbd_share_config *share,
- struct ksmbd_tree_connect *tree_conn,
- struct sockaddr *peer_addr);
+ struct ksmbd_share_config *share,
+ struct ksmbd_tree_connect *tree_conn,
+ struct sockaddr *peer_addr);
int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
unsigned long long connect_id);
@@ -37,24 +37,16 @@ ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len);
int ksmbd_ipc_id_alloc(void);
void ksmbd_rpc_id_free(int handle);
-struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess,
- int handle);
-struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess,
- int handle);
-
-struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess,
- int handle,
- void *payload,
- size_t payload_sz);
-struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess,
- int handle);
-struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess,
- int handle,
- void *payload,
- size_t payload_sz);
-struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess,
- void *payload,
- size_t payload_sz);
+struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess, int handle);
+struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess, int handle);
+
+struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess, int handle,
+ void *payload, size_t payload_sz);
+struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess, int handle);
+struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle,
+ void *payload, size_t payload_sz);
+struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payload,
+ size_t payload_sz);
void ksmbd_ipc_release(void);
void ksmbd_ipc_soft_reset(void);
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
index 45b76847f1e7..8174a97bade4 100644
--- a/fs/cifsd/transport_rdma.c
+++ b/fs/cifsd/transport_rdma.c
@@ -85,7 +85,6 @@ static struct smb_direct_listener {
struct rdma_cm_id *cm_id;
} smb_direct_listener;
-
static struct workqueue_struct *smb_direct_wq;
enum smb_direct_status {
@@ -213,8 +212,8 @@ struct smb_direct_rdma_rw_msg {
static void smb_direct_destroy_pools(struct smb_direct_transport *transport);
static void smb_direct_post_recv_credits(struct work_struct *work);
static int smb_direct_post_send_data(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- struct kvec *iov, int niov, int remaining_data_length);
+ struct smb_direct_send_ctx *send_ctx,
+ struct kvec *iov, int niov, int remaining_data_length);
static inline void
*smb_direct_recvmsg_payload(struct smb_direct_recvmsg *recvmsg)
@@ -223,7 +222,7 @@ static inline void
}
static inline bool is_receive_credit_post_required(int receive_credits,
- int avail_recvmsg_count)
+ int avail_recvmsg_count)
{
return receive_credits <= (smb_direct_receive_credit_max >> 3) &&
avail_recvmsg_count >= (receive_credits >> 2);
@@ -246,7 +245,7 @@ smb_direct_recvmsg *get_free_recvmsg(struct smb_direct_transport *t)
}
static void put_recvmsg(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg)
+ struct smb_direct_recvmsg *recvmsg)
{
ib_dma_unmap_single(t->cm_id->device, recvmsg->sge.addr,
recvmsg->sge.length, DMA_FROM_DEVICE);
@@ -254,7 +253,6 @@ static void put_recvmsg(struct smb_direct_transport *t,
spin_lock(&t->recvmsg_queue_lock);
list_add(&recvmsg->list, &t->recvmsg_queue);
spin_unlock(&t->recvmsg_queue_lock);
-
}
static struct
@@ -264,8 +262,7 @@ smb_direct_recvmsg *get_empty_recvmsg(struct smb_direct_transport *t)
spin_lock(&t->empty_recvmsg_queue_lock);
if (!list_empty(&t->empty_recvmsg_queue)) {
- recvmsg = list_first_entry(
- &t->empty_recvmsg_queue,
+ recvmsg = list_first_entry(&t->empty_recvmsg_queue,
struct smb_direct_recvmsg, list);
list_del(&recvmsg->list);
}
@@ -274,7 +271,7 @@ smb_direct_recvmsg *get_empty_recvmsg(struct smb_direct_transport *t)
}
static void put_empty_recvmsg(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg)
+ struct smb_direct_recvmsg *recvmsg)
{
ib_dma_unmap_single(t->cm_id->device, recvmsg->sge.addr,
recvmsg->sge.length, DMA_FROM_DEVICE);
@@ -285,8 +282,7 @@ static void put_empty_recvmsg(struct smb_direct_transport *t,
}
static void enqueue_reassembly(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg,
- int data_length)
+ struct smb_direct_recvmsg *recvmsg, int data_length)
{
spin_lock(&t->reassembly_queue_lock);
list_add_tail(&recvmsg->list, &t->reassembly_queue);
@@ -300,11 +296,9 @@ static void enqueue_reassembly(struct smb_direct_transport *t,
virt_wmb();
t->reassembly_data_length += data_length;
spin_unlock(&t->reassembly_queue_lock);
-
}
-static struct smb_direct_recvmsg *get_first_reassembly(
- struct smb_direct_transport *t)
+static struct smb_direct_recvmsg *get_first_reassembly(struct smb_direct_transport *t)
{
if (!list_empty(&t->reassembly_queue))
return list_first_entry(&t->reassembly_queue,
@@ -423,11 +417,11 @@ static void free_transport(struct smb_direct_transport *t)
recvmsg = get_first_reassembly(t);
if (recvmsg) {
list_del(&recvmsg->list);
- spin_unlock(
- &t->reassembly_queue_lock);
+ spin_unlock(&t->reassembly_queue_lock);
put_recvmsg(t, recvmsg);
- } else
+ } else {
spin_unlock(&t->reassembly_queue_lock);
+ }
} while (recvmsg);
t->reassembly_data_length = 0;
@@ -460,7 +454,7 @@ static struct smb_direct_sendmsg
}
static void smb_direct_free_sendmsg(struct smb_direct_transport *t,
- struct smb_direct_sendmsg *msg)
+ struct smb_direct_sendmsg *msg)
{
int i;
@@ -481,8 +475,8 @@ static int smb_direct_check_recvmsg(struct smb_direct_recvmsg *recvmsg)
switch (recvmsg->type) {
case SMB_DIRECT_MSG_DATA_TRANSFER: {
struct smb_direct_data_transfer *req =
- (struct smb_direct_data_transfer *) recvmsg->packet;
- struct smb2_hdr *hdr = (struct smb2_hdr *) (recvmsg->packet
+ (struct smb_direct_data_transfer *)recvmsg->packet;
+ struct smb2_hdr *hdr = (struct smb2_hdr *)(recvmsg->packet
+ le32_to_cpu(req->data_offset) - 4);
ksmbd_debug(RDMA,
"CreditGranted: %u, CreditRequested: %u, DataLength: %u, RemainingDataLength: %u, SMB: %x, Command: %u\n",
@@ -504,12 +498,12 @@ static int smb_direct_check_recvmsg(struct smb_direct_recvmsg *recvmsg)
le32_to_cpu(req->max_receive_size),
le32_to_cpu(req->max_fragmented_size));
if (le16_to_cpu(req->min_version) > 0x0100 ||
- le16_to_cpu(req->max_version) < 0x0100)
+ le16_to_cpu(req->max_version) < 0x0100)
return -EOPNOTSUPP;
if (le16_to_cpu(req->credits_requested) <= 0 ||
- le32_to_cpu(req->max_receive_size) <= 128 ||
- le32_to_cpu(req->max_fragmented_size) <=
- 128*1024)
+ le32_to_cpu(req->max_receive_size) <= 128 ||
+ le32_to_cpu(req->max_fragmented_size) <=
+ 128 * 1024)
return -ECONNABORTED;
break;
@@ -595,8 +589,7 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
if (atomic_read(&t->send_credits) > 0)
wake_up_interruptible(&t->wait_send_credits);
- if (is_receive_credit_post_required(receive_credits,
- avail_recvmsg_count))
+ if (is_receive_credit_post_required(receive_credits, avail_recvmsg_count))
mod_delayed_work(smb_direct_wq,
&t->post_recv_credits_work, 0);
break;
@@ -607,7 +600,7 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
}
static int smb_direct_post_recv(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg)
+ struct smb_direct_recvmsg *recvmsg)
{
struct ib_recv_wr wr;
int ret;
@@ -681,8 +674,7 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
data_transfer = smb_direct_recvmsg_payload(recvmsg);
data_length = le32_to_cpu(data_transfer->data_length);
remaining_data_length =
- le32_to_cpu(
- data_transfer->remaining_data_length);
+ le32_to_cpu(data_transfer->remaining_data_length);
data_offset = le32_to_cpu(data_transfer->data_offset);
/*
@@ -706,9 +698,7 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
}
to_copy = min_t(int, data_length - offset, to_read);
- memcpy(
- buf + data_read,
- (char *)data_transfer + data_offset + offset,
+ memcpy(buf + data_read, (char *)data_transfer + data_offset + offset,
to_copy);
/* move on to the next buffer? */
@@ -718,20 +708,19 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
* No need to lock if we are not at the
* end of the queue
*/
- if (queue_length)
+ if (queue_length) {
list_del(&recvmsg->list);
- else {
- spin_lock_irq(
- &st->reassembly_queue_lock);
+ } else {
+ spin_lock_irq(&st->reassembly_queue_lock);
list_del(&recvmsg->list);
- spin_unlock_irq(
- &st->reassembly_queue_lock);
+ spin_unlock_irq(&st->reassembly_queue_lock);
}
queue_removed++;
put_recvmsg(st, recvmsg);
offset = 0;
- } else
+ } else {
offset += to_copy;
+ }
to_read -= to_copy;
data_read += to_copy;
@@ -744,13 +733,13 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
spin_lock(&st->receive_credit_lock);
st->count_avail_recvmsg += queue_removed;
- if (is_receive_credit_post_required(st->recv_credits,
- st->count_avail_recvmsg)) {
+ if (is_receive_credit_post_required(st->recv_credits, st->count_avail_recvmsg)) {
spin_unlock(&st->receive_credit_lock);
mod_delayed_work(smb_direct_wq,
&st->post_recv_credits_work, 0);
- } else
+ } else {
spin_unlock(&st->receive_credit_lock);
+ }
st->first_entry_offset = offset;
ksmbd_debug(RDMA,
@@ -762,10 +751,8 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
}
ksmbd_debug(RDMA, "wait_event on more data\n");
- rc = wait_event_interruptible(
- st->wait_reassembly_queue,
- st->reassembly_data_length >= size ||
- st->status != SMB_DIRECT_CS_CONNECTED);
+ rc = wait_event_interruptible(st->wait_reassembly_queue,
+ st->reassembly_data_length >= size || st->status != SMB_DIRECT_CS_CONNECTED);
if (rc)
return -EINTR;
@@ -795,8 +782,9 @@ static void smb_direct_post_recv_credits(struct work_struct *work)
if (use_free) {
use_free = 0;
continue;
- } else
+ } else {
break;
+ }
}
recvmsg->type = SMB_DIRECT_MSG_DATA_TRANSFER;
@@ -904,8 +892,8 @@ static int smb_direct_post_send(struct smb_direct_transport *t,
}
static void smb_direct_send_ctx_init(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- bool need_invalidate_rkey, unsigned int remote_key)
+ struct smb_direct_send_ctx *send_ctx,
+ bool need_invalidate_rkey, unsigned int remote_key)
{
INIT_LIST_HEAD(&send_ctx->msg_list);
send_ctx->wr_cnt = 0;
@@ -914,7 +902,7 @@ static void smb_direct_send_ctx_init(struct smb_direct_transport *t,
}
static int smb_direct_flush_send_list(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx, bool is_last)
+ struct smb_direct_send_ctx *send_ctx, bool is_last)
{
struct smb_direct_sendmsg *first, *last;
int ret;
@@ -973,12 +961,12 @@ static int wait_for_credits(struct smb_direct_transport *t,
}
static int wait_for_send_credits(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx)
+ struct smb_direct_send_ctx *send_ctx)
{
int ret;
if (send_ctx && (send_ctx->wr_cnt >= 16 ||
- atomic_read(&t->send_credits) <= 1)) {
+ atomic_read(&t->send_credits) <= 1)) {
ret = smb_direct_flush_send_list(t, send_ctx, false);
if (ret)
return ret;
@@ -1048,8 +1036,7 @@ static int smb_direct_create_header(struct smb_direct_transport *t,
return 0;
}
-static int get_sg_list(void *buf, int size,
- struct scatterlist *sg_list, int nentries)
+static int get_sg_list(void *buf, int size, struct scatterlist *sg_list, int nentries)
{
bool high = is_vmalloc_addr(buf);
struct page *page;
@@ -1082,8 +1069,8 @@ static int get_sg_list(void *buf, int size,
}
static int get_mapped_sg_list(struct ib_device *device, void *buf, int size,
- struct scatterlist *sg_list, int nentries,
- enum dma_data_direction dir)
+ struct scatterlist *sg_list, int nentries,
+ enum dma_data_direction dir)
{
int npages;
@@ -1094,8 +1081,8 @@ static int get_mapped_sg_list(struct ib_device *device, void *buf, int size,
}
static int post_sendmsg(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- struct smb_direct_sendmsg *msg)
+ struct smb_direct_send_ctx *send_ctx,
+ struct smb_direct_sendmsg *msg)
{
int i;
@@ -1132,13 +1119,13 @@ static int post_sendmsg(struct smb_direct_transport *t,
}
static int smb_direct_post_send_data(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- struct kvec *iov, int niov, int remaining_data_length)
+ struct smb_direct_send_ctx *send_ctx,
+ struct kvec *iov, int niov, int remaining_data_length)
{
int i, j, ret;
struct smb_direct_sendmsg *msg;
int data_length;
- struct scatterlist sg[SMB_DIRECT_MAX_SEND_SGES-1];
+ struct scatterlist sg[SMB_DIRECT_MAX_SEND_SGES - 1];
ret = wait_for_send_credits(t, send_ctx);
if (ret)
@@ -1159,15 +1146,15 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
struct ib_sge *sge;
int sg_cnt;
- sg_init_table(sg, SMB_DIRECT_MAX_SEND_SGES-1);
+ sg_init_table(sg, SMB_DIRECT_MAX_SEND_SGES - 1);
sg_cnt = get_mapped_sg_list(t->cm_id->device,
iov[i].iov_base, iov[i].iov_len,
- sg, SMB_DIRECT_MAX_SEND_SGES-1, DMA_TO_DEVICE);
+ sg, SMB_DIRECT_MAX_SEND_SGES - 1, DMA_TO_DEVICE);
if (sg_cnt <= 0) {
ksmbd_err("failed to map buffer\n");
ret = -ENOMEM;
goto err;
- } else if (sg_cnt + msg->num_sge > SMB_DIRECT_MAX_SEND_SGES-1) {
+ } else if (sg_cnt + msg->num_sge > SMB_DIRECT_MAX_SEND_SGES - 1) {
ksmbd_err("buffer not fitted into sges\n");
ret = -E2BIG;
ib_dma_unmap_sg(t->cm_id->device, sg, sg_cnt,
@@ -1195,8 +1182,8 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
}
static int smb_direct_writev(struct ksmbd_transport *t,
- struct kvec *iov, int niovs, int buflen,
- bool need_invalidate, unsigned int remote_key)
+ struct kvec *iov, int niovs, int buflen,
+ bool need_invalidate, unsigned int remote_key)
{
struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
int remaining_data_length;
@@ -1228,24 +1215,24 @@ static int smb_direct_writev(struct ksmbd_transport *t,
if (buflen > max_iov_size) {
if (i > start) {
remaining_data_length -=
- (buflen-iov[i].iov_len);
+ (buflen - iov[i].iov_len);
ret = smb_direct_post_send_data(st, &send_ctx,
- &iov[start], i-start,
+ &iov[start], i - start,
remaining_data_length);
if (ret)
goto done;
} else {
/* iov[start] is too big, break it */
- int nvec = (buflen+max_iov_size-1) /
+ int nvec = (buflen + max_iov_size - 1) /
max_iov_size;
for (j = 0; j < nvec; j++) {
vec.iov_base =
(char *)iov[start].iov_base +
- j*max_iov_size;
+ j * max_iov_size;
vec.iov_len =
min_t(int, max_iov_size,
- buflen - max_iov_size*j);
+ buflen - max_iov_size * j);
remaining_data_length -= vec.iov_len;
ret = smb_direct_post_send_data(st,
&send_ctx, &vec, 1,
@@ -1265,7 +1252,7 @@ static int smb_direct_writev(struct ksmbd_transport *t,
/* send out all remaining vecs */
remaining_data_length -= buflen;
ret = smb_direct_post_send_data(st, &send_ctx,
- &iov[start], i-start,
+ &iov[start], i - start,
remaining_data_length);
if (ret)
goto done;
@@ -1290,7 +1277,7 @@ static int smb_direct_writev(struct ksmbd_transport *t,
}
static void read_write_done(struct ib_cq *cq, struct ib_wc *wc,
- enum dma_data_direction dir)
+ enum dma_data_direction dir)
{
struct smb_direct_rdma_rw_msg *msg = container_of(wc->wr_cqe,
struct smb_direct_rdma_rw_msg, cqe);
@@ -1323,8 +1310,8 @@ static void write_done(struct ib_cq *cq, struct ib_wc *wc)
}
static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
- int buf_len, u32 remote_key, u64 remote_offset, u32 remote_len,
- bool is_read)
+ int buf_len, u32 remote_key, u64 remote_offset, u32 remote_len,
+ bool is_read)
{
struct smb_direct_rdma_rw_msg *msg;
int ret;
@@ -1392,23 +1379,20 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
sg_free_table_chained(&msg->sgt, SG_CHUNK_SIZE);
kfree(msg);
return ret;
-
}
-static int smb_direct_rdma_write(struct ksmbd_transport *t,
- void *buf, unsigned int buflen,
- u32 remote_key, u64 remote_offset,
- u32 remote_len)
+static int smb_direct_rdma_write(struct ksmbd_transport *t, void *buf,
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len)
{
return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
remote_key, remote_offset,
remote_len, false);
}
-static int smb_direct_rdma_read(struct ksmbd_transport *t,
- void *buf, unsigned int buflen,
- u32 remote_key, u64 remote_offset,
- u32 remote_len)
+static int smb_direct_rdma_read(struct ksmbd_transport *t, void *buf,
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len)
{
return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
remote_key, remote_offset,
@@ -1428,7 +1412,7 @@ static void smb_direct_disconnect(struct ksmbd_transport *t)
}
static int smb_direct_cm_handler(struct rdma_cm_id *cm_id,
- struct rdma_cm_event *event)
+ struct rdma_cm_event *event)
{
struct smb_direct_transport *t = cm_id->context;
@@ -1505,8 +1489,7 @@ static int smb_direct_send_negotiate_response(struct smb_direct_transport *t,
resp->reserved = 0;
resp->credits_requested =
cpu_to_le16(t->send_credit_target);
- resp->credits_granted = cpu_to_le16(
- manage_credits_prior_sending(t));
+ resp->credits_granted = cpu_to_le16(manage_credits_prior_sending(t));
resp->max_readwrite_size = cpu_to_le32(t->max_rdma_rw_size);
resp->preferred_send_size = cpu_to_le32(t->max_send_size);
resp->max_receive_size = cpu_to_le32(t->max_recv_size);
@@ -1665,7 +1648,7 @@ static int smb_direct_init_params(struct smb_direct_transport *t,
max_send_wrs = smb_direct_send_credit_target + max_rw_wrs;
if (max_send_wrs > device->attrs.max_cqe ||
- max_send_wrs > device->attrs.max_qp_wr) {
+ max_send_wrs > device->attrs.max_qp_wr) {
ksmbd_err("consider lowering send_credit_target = %d, or max_outstanding_rw_ops = %d\n",
smb_direct_send_credit_target,
smb_direct_max_outstanding_rw_ops);
@@ -1936,7 +1919,7 @@ static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
}
static int smb_direct_listen_handler(struct rdma_cm_id *cm_id,
- struct rdma_cm_event *event)
+ struct rdma_cm_event *event)
{
switch (event->event) {
case RDMA_CM_EVENT_CONNECT_REQUEST: {
@@ -2010,7 +1993,7 @@ int ksmbd_rdma_init(void)
* for lack of credits
*/
smb_direct_wq = alloc_workqueue("ksmbd-smb_direct-wq",
- WQ_HIGHPRI|WQ_MEM_RECLAIM, 0);
+ WQ_HIGHPRI | WQ_MEM_RECLAIM, 0);
if (!smb_direct_wq)
return -ENOMEM;
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index 5dd8641f66ba..67163efcf472 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -13,8 +13,8 @@
#include "connection.h"
#include "transport_tcp.h"
-#define IFACE_STATE_DOWN (1 << 0)
-#define IFACE_STATE_CONFIGURED (1 << 1)
+#define IFACE_STATE_DOWN BIT(0)
+#define IFACE_STATE_CONFIGURED BIT(1)
struct interface {
struct task_struct *ksmbd_kthread;
@@ -113,7 +113,7 @@ static void free_transport(struct tcp_transport *t)
* Return: Number of IO segments
*/
static unsigned int kvec_array_init(struct kvec *new, struct kvec *iov,
- unsigned int nr_segs, size_t bytes)
+ unsigned int nr_segs, size_t bytes)
{
size_t base = 0;
@@ -142,8 +142,7 @@ static unsigned int kvec_array_init(struct kvec *new, struct kvec *iov,
*
* Return: return existing or newly allocate iovec
*/
-static struct kvec *get_conn_iovec(struct tcp_transport *t,
- unsigned int nr_segs)
+static struct kvec *get_conn_iovec(struct tcp_transport *t, unsigned int nr_segs)
{
struct kvec *new_iov;
@@ -287,10 +286,8 @@ static int ksmbd_tcp_run_kthread(struct interface *iface)
* Return: on success return number of bytes read from socket,
* otherwise return error number
*/
-static int ksmbd_tcp_readv(struct tcp_transport *t,
- struct kvec *iov_orig,
- unsigned int nr_segs,
- unsigned int to_read)
+static int ksmbd_tcp_readv(struct tcp_transport *t, struct kvec *iov_orig,
+ unsigned int nr_segs, unsigned int to_read)
{
int length = 0;
int total_read;
@@ -345,9 +342,7 @@ static int ksmbd_tcp_readv(struct tcp_transport *t,
* Return: on success return number of bytes read from socket,
* otherwise return error number
*/
-static int ksmbd_tcp_read(struct ksmbd_transport *t,
- char *buf,
- unsigned int to_read)
+static int ksmbd_tcp_read(struct ksmbd_transport *t, char *buf, unsigned int to_read)
{
struct kvec iov;
@@ -357,9 +352,8 @@ static int ksmbd_tcp_read(struct ksmbd_transport *t,
return ksmbd_tcp_readv(TCP_TRANS(t), &iov, 1, to_read);
}
-static int ksmbd_tcp_writev(struct ksmbd_transport *t,
- struct kvec *iov, int nvecs, int size,
- bool need_invalidate, unsigned int remote_key)
+static int ksmbd_tcp_writev(struct ksmbd_transport *t, struct kvec *iov,
+ int nvecs, int size, bool need_invalidate, unsigned int remote_key)
{
struct msghdr smb_msg = {.msg_flags = MSG_NOSIGNAL};
@@ -473,7 +467,7 @@ static int create_socket(struct interface *iface)
}
static int ksmbd_netdev_event(struct notifier_block *nb, unsigned long event,
- void *ptr)
+ void *ptr)
{
struct net_device *netdev = netdev_notifier_info_to_dev(ptr);
struct interface *iface;
@@ -523,7 +517,6 @@ static int ksmbd_netdev_event(struct notifier_block *nb, unsigned long event,
}
return NOTIFY_DONE;
-
}
static struct notifier_block ksmbd_netdev_notifier = {
diff --git a/fs/cifsd/unicode.c b/fs/cifsd/unicode.c
index 22a4d10a2000..38bba50c4f16 100644
--- a/fs/cifsd/unicode.c
+++ b/fs/cifsd/unicode.c
@@ -26,9 +26,8 @@
*
* Return: string length after conversion
*/
-static int smb_utf16_bytes(const __le16 *from,
- int maxbytes,
- const struct nls_table *codepage)
+static int smb_utf16_bytes(const __le16 *from, int maxbytes,
+ const struct nls_table *codepage)
{
int i;
int charlen, outlen = 0;
@@ -66,7 +65,7 @@ static int smb_utf16_bytes(const __le16 *from,
*/
static int
cifs_mapchar(char *target, const __u16 src_char, const struct nls_table *cp,
- bool mapchar)
+ bool mapchar)
{
int len = 1;
@@ -124,9 +123,9 @@ static inline int is_char_allowed(char *ch)
{
/* check for control chars, wildcards etc. */
if (!(*ch & 0x80) &&
- (*ch <= 0x1f ||
- *ch == '?' || *ch == '"' || *ch == '<' ||
- *ch == '>' || *ch == '|'))
+ (*ch <= 0x1f ||
+ *ch == '?' || *ch == '"' || *ch == '<' ||
+ *ch == '>' || *ch == '|'))
return 0;
return 1;
@@ -156,12 +155,8 @@ static inline int is_char_allowed(char *ch)
*
* Return: string length after conversion
*/
-static int smb_from_utf16(char *to,
- const __le16 *from,
- int tolen,
- int fromlen,
- const struct nls_table *codepage,
- bool mapchar)
+static int smb_from_utf16(char *to, const __le16 *from, int tolen, int fromlen,
+ const struct nls_table *codepage, bool mapchar)
{
int i, charlen, safelen;
int outlen = 0;
@@ -214,8 +209,7 @@ static int smb_from_utf16(char *to,
*
* Return: string length after conversion
*/
-int
-smb_strtoUTF16(__le16 *to, const char *from, int len,
+int smb_strtoUTF16(__le16 *to, const char *from, int len,
const struct nls_table *codepage)
{
int charlen;
@@ -230,7 +224,7 @@ smb_strtoUTF16(__le16 *to, const char *from, int len,
* in destination len is length in wchar_t units (16bits)
*/
i = utf8s_to_utf16s(from, len, UTF16_LITTLE_ENDIAN,
- (wchar_t *) to, len);
+ (wchar_t *)to, len);
/* if success terminate and exit */
if (i >= 0)
@@ -272,20 +266,19 @@ smb_strtoUTF16(__le16 *to, const char *from, int len,
*
* Return: destination string buffer or error ptr
*/
-char *
-smb_strndup_from_utf16(const char *src, const int maxlen,
- const bool is_unicode, const struct nls_table *codepage)
+char *smb_strndup_from_utf16(const char *src, const int maxlen,
+ const bool is_unicode, const struct nls_table *codepage)
{
int len, ret;
char *dst;
if (is_unicode) {
- len = smb_utf16_bytes((__le16 *) src, maxlen, codepage);
+ len = smb_utf16_bytes((__le16 *)src, maxlen, codepage);
len += nls_nullsize(codepage);
dst = kmalloc(len, GFP_KERNEL);
if (!dst)
return ERR_PTR(-ENOMEM);
- ret = smb_from_utf16(dst, (__le16 *) src, len, maxlen, codepage,
+ ret = smb_from_utf16(dst, (__le16 *)src, len, maxlen, codepage,
false);
if (ret < 0) {
kfree(dst);
@@ -324,9 +317,8 @@ smb_strndup_from_utf16(const char *src, const int maxlen,
*
* Return: char length after conversion
*/
-int
-smbConvertToUTF16(__le16 *target, const char *source, int srclen,
- const struct nls_table *cp, int mapchars)
+int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
+ const struct nls_table *cp, int mapchars)
{
int i, j, charlen;
char src_char;
diff --git a/fs/cifsd/unicode.h b/fs/cifsd/unicode.h
index 7135d62bf9b0..c37d7024cf60 100644
--- a/fs/cifsd/unicode.h
+++ b/fs/cifsd/unicode.h
@@ -32,13 +32,13 @@
* reserved symbols (along with \ and /), otherwise illegal to store
* in filenames in NTFS
*/
-#define UNI_ASTERISK ((__u16) ('*' + 0xF000))
-#define UNI_QUESTION ((__u16) ('?' + 0xF000))
-#define UNI_COLON ((__u16) (':' + 0xF000))
-#define UNI_GRTRTHAN ((__u16) ('>' + 0xF000))
-#define UNI_LESSTHAN ((__u16) ('<' + 0xF000))
-#define UNI_PIPE ((__u16) ('|' + 0xF000))
-#define UNI_SLASH ((__u16) ('\\' + 0xF000))
+#define UNI_ASTERISK ((__u16)('*' + 0xF000))
+#define UNI_QUESTION ((__u16)('?' + 0xF000))
+#define UNI_COLON ((__u16)(':' + 0xF000))
+#define UNI_GRTRTHAN ((__u16)('>' + 0xF000))
+#define UNI_LESSTHAN ((__u16)('<' + 0xF000))
+#define UNI_PIPE ((__u16)('|' + 0xF000))
+#define UNI_SLASH ((__u16)('\\' + 0xF000))
/* Just define what we want from uniupr.h. We don't want to define the tables
* in each source file.
@@ -63,13 +63,12 @@ extern const struct UniCaseRange CifsUniLowerRange[];
#ifdef __KERNEL__
int smb_strtoUTF16(__le16 *to, const char *from, int len,
- const struct nls_table *codepage);
-char *smb_strndup_from_utf16(const char *src, const int maxlen,
- const bool is_unicode,
const struct nls_table *codepage);
-extern int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
+char *smb_strndup_from_utf16(const char *src, const int maxlen,
+ const bool is_unicode, const struct nls_table *codepage);
+int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
const struct nls_table *cp, int mapchars);
-extern char *ksmbd_extract_sharename(char *treename);
+char *ksmbd_extract_sharename(char *treename);
#endif
wchar_t cifs_toupper(wchar_t in);
@@ -80,8 +79,7 @@ wchar_t cifs_toupper(wchar_t in);
* Returns:
* Address of the first string
*/
- static inline wchar_t *
-UniStrcat(wchar_t *ucs1, const wchar_t *ucs2)
+static inline wchar_t *UniStrcat(wchar_t *ucs1, const wchar_t *ucs2)
{
wchar_t *anchor = ucs1; /* save a pointer to start of ucs1 */
@@ -100,14 +98,13 @@ UniStrcat(wchar_t *ucs1, const wchar_t *ucs2)
* Address of first occurrence of character in string
* or NULL if the character is not in the string
*/
- static inline wchar_t *
-UniStrchr(const wchar_t *ucs, wchar_t uc)
+static inline wchar_t *UniStrchr(const wchar_t *ucs, wchar_t uc)
{
while ((*ucs != uc) && *ucs)
ucs++;
if (*ucs == uc)
- return (wchar_t *) ucs;
+ return (wchar_t *)ucs;
return NULL;
}
@@ -119,21 +116,19 @@ UniStrchr(const wchar_t *ucs, wchar_t uc)
* = 0: Strings are equal
* > 0: First string is greater than second
*/
- static inline int
-UniStrcmp(const wchar_t *ucs1, const wchar_t *ucs2)
+static inline int UniStrcmp(const wchar_t *ucs1, const wchar_t *ucs2)
{
while ((*ucs1 == *ucs2) && *ucs1) {
ucs1++;
ucs2++;
}
- return (int) *ucs1 - (int) *ucs2;
+ return (int)*ucs1 - (int)*ucs2;
}
/*
* UniStrcpy: Copy a string
*/
- static inline wchar_t *
-UniStrcpy(wchar_t *ucs1, const wchar_t *ucs2)
+static inline wchar_t *UniStrcpy(wchar_t *ucs1, const wchar_t *ucs2)
{
wchar_t *anchor = ucs1; /* save the start of result string */
@@ -145,8 +140,7 @@ UniStrcpy(wchar_t *ucs1, const wchar_t *ucs2)
/*
* UniStrlen: Return the length of a string (in 16 bit Unicode chars not bytes)
*/
- static inline size_t
-UniStrlen(const wchar_t *ucs1)
+static inline size_t UniStrlen(const wchar_t *ucs1)
{
int i = 0;
@@ -159,8 +153,7 @@ UniStrlen(const wchar_t *ucs1)
* UniStrnlen: Return the length (in 16 bit Unicode chars not bytes) of a
* string (length limited)
*/
- static inline size_t
-UniStrnlen(const wchar_t *ucs1, int maxlen)
+static inline size_t UniStrnlen(const wchar_t *ucs1, int maxlen)
{
int i = 0;
@@ -175,8 +168,7 @@ UniStrnlen(const wchar_t *ucs1, int maxlen)
/*
* UniStrncat: Concatenate length limited string
*/
- static inline wchar_t *
-UniStrncat(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+static inline wchar_t *UniStrncat(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
{
wchar_t *anchor = ucs1; /* save pointer to string 1 */
@@ -194,8 +186,7 @@ UniStrncat(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
/*
* UniStrncmp: Compare length limited string
*/
- static inline int
-UniStrncmp(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+static inline int UniStrncmp(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
{
if (!n)
return 0; /* Null strings are equal */
@@ -203,7 +194,7 @@ UniStrncmp(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
ucs1++;
ucs2++;
}
- return (int) *ucs1 - (int) *ucs2;
+ return (int)*ucs1 - (int)*ucs2;
}
/*
@@ -218,14 +209,13 @@ UniStrncmp_le(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
ucs1++;
ucs2++;
}
- return (int) *ucs1 - (int) __le16_to_cpu(*ucs2);
+ return (int)*ucs1 - (int)__le16_to_cpu(*ucs2);
}
/*
* UniStrncpy: Copy length limited string with pad
*/
- static inline wchar_t *
-UniStrncpy(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+static inline wchar_t *UniStrncpy(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
{
wchar_t *anchor = ucs1;
@@ -241,8 +231,7 @@ UniStrncpy(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
/*
* UniStrncpy_le: Copy length limited string with pad to little-endian
*/
- static inline wchar_t *
-UniStrncpy_le(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
+static inline wchar_t *UniStrncpy_le(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
{
wchar_t *anchor = ucs1;
@@ -262,8 +251,7 @@ UniStrncpy_le(wchar_t *ucs1, const wchar_t *ucs2, size_t n)
* Address of first match found
* NULL if no matching string is found
*/
- static inline wchar_t *
-UniStrstr(const wchar_t *ucs1, const wchar_t *ucs2)
+static inline wchar_t *UniStrstr(const wchar_t *ucs1, const wchar_t *ucs2)
{
const wchar_t *anchor1 = ucs1;
const wchar_t *anchor2 = ucs2;
@@ -275,14 +263,14 @@ UniStrstr(const wchar_t *ucs1, const wchar_t *ucs2)
ucs2++;
} else {
if (!*ucs2) /* Match found */
- return (wchar_t *) anchor1;
+ return (wchar_t *)anchor1;
ucs1 = ++anchor1; /* No match */
ucs2 = anchor2;
}
}
if (!*ucs2) /* Both end together */
- return (wchar_t *) anchor1; /* Match found */
+ return (wchar_t *)anchor1; /* Match found */
return NULL; /* No match */
}
@@ -290,8 +278,7 @@ UniStrstr(const wchar_t *ucs1, const wchar_t *ucs2)
/*
* UniToupper: Convert a unicode character to upper case
*/
- static inline wchar_t
-UniToupper(register wchar_t uc)
+static inline wchar_t UniToupper(register wchar_t uc)
{
register const struct UniCaseRange *rp;
@@ -314,8 +301,7 @@ UniToupper(register wchar_t uc)
/*
* UniStrupr: Upper case a unicode string
*/
- static inline __le16 *
-UniStrupr(register __le16 *upin)
+static inline __le16 *UniStrupr(register __le16 *upin)
{
register __le16 *up;
@@ -332,8 +318,7 @@ UniStrupr(register __le16 *upin)
/*
* UniTolower: Convert a unicode character to lower case
*/
- static inline wchar_t
-UniTolower(register wchar_t uc)
+static inline wchar_t UniTolower(register wchar_t uc)
{
register const struct UniCaseRange *rp;
@@ -356,8 +341,7 @@ UniTolower(register wchar_t uc)
/*
* UniStrlwr: Lower case a unicode string
*/
- static inline wchar_t *
-UniStrlwr(register wchar_t *upin)
+static inline wchar_t *UniStrlwr(register wchar_t *upin)
{
register wchar_t *up;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index da44d131e25b..69dc1ee0fc75 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -61,19 +61,17 @@ static void rollback_path_modification(char *filename)
}
static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
- struct inode *parent_inode,
- struct inode *inode)
+ struct inode *parent_inode, struct inode *inode)
{
if (!test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_INHERIT_OWNER))
+ KSMBD_SHARE_FLAG_INHERIT_OWNER))
return;
i_uid_write(inode, i_uid_read(parent_inode));
}
static void ksmbd_vfs_inherit_smack(struct ksmbd_work *work,
- struct dentry *dir_dentry,
- struct dentry *dentry)
+ struct dentry *dir_dentry, struct dentry *dentry)
{
char *name, *xattr_list = NULL, *smack_buf;
int value_len, xattr_list_len;
@@ -173,7 +171,6 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
return 0;
}
-
/**
* ksmbd_vfs_create() - vfs helper for smb create file
* @work: work
@@ -182,9 +179,7 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_create(struct ksmbd_work *work,
- const char *name,
- umode_t mode)
+int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
{
struct path path;
struct dentry *dentry;
@@ -220,9 +215,7 @@ int ksmbd_vfs_create(struct ksmbd_work *work,
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_mkdir(struct ksmbd_work *work,
- const char *name,
- umode_t mode)
+int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
{
struct path path;
struct dentry *dentry;
@@ -243,17 +236,16 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work,
ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
d_inode(dentry));
ksmbd_vfs_inherit_smack(work, path.dentry, dentry);
- } else
+ } else {
ksmbd_err("mkdir(%s): creation failed (err:%d)\n", name, err);
+ }
done_path_create(&path, dentry);
return err;
}
-static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry,
- char *attr_name,
- int attr_name_len,
- char **attr_value)
+static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry, char *attr_name,
+ int attr_name_len, char **attr_value)
{
char *name, *xattr_list = NULL;
ssize_t value_len = -ENOENT, xattr_list_len;
@@ -282,7 +274,7 @@ static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry,
}
static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
- size_t count)
+ size_t count)
{
ssize_t v_len;
char *stream_buf = NULL;
@@ -314,10 +306,8 @@ static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
*
* Return: 0 on success, otherwise error
*/
-static int check_lock_range(struct file *filp,
- loff_t start,
- loff_t end,
- unsigned char type)
+static int check_lock_range(struct file *filp, loff_t start, loff_t end,
+ unsigned char type)
{
struct file_lock *flock;
struct file_lock_context *ctx = file_inode(filp)->i_flctx;
@@ -360,9 +350,7 @@ static int check_lock_range(struct file *filp,
*
* Return: number of read bytes on success, otherwise error
*/
-int ksmbd_vfs_read(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- size_t count,
+int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
loff_t *pos)
{
struct file *filp;
@@ -416,7 +404,7 @@ int ksmbd_vfs_read(struct ksmbd_work *work,
}
static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
- size_t count)
+ size_t count)
{
char *stream_buf = NULL, *wbuf;
size_t size, v_len;
@@ -483,7 +471,8 @@ static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
* Return: 0 on success, otherwise error
*/
int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf, size_t count, loff_t *pos, bool sync, ssize_t *written)
+ char *buf, size_t count, loff_t *pos, bool sync,
+ ssize_t *written)
{
struct ksmbd_session *sess = work->sess;
struct file *filp;
@@ -564,7 +553,7 @@ int ksmbd_vfs_getattr(struct path *path, struct kstat *stat)
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_fsync(struct ksmbd_work *work, uint64_t fid, uint64_t p_id)
+int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id)
{
struct ksmbd_file *fp;
int err;
@@ -656,8 +645,8 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_link(struct ksmbd_work *work,
- const char *oldname, const char *newname)
+int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
+ const char *newname)
{
struct path oldpath, newpath;
struct dentry *dentry;
@@ -702,11 +691,9 @@ int ksmbd_vfs_link(struct ksmbd_work *work,
}
static int __ksmbd_vfs_rename(struct ksmbd_work *work,
- struct dentry *src_dent_parent,
- struct dentry *src_dent,
- struct dentry *dst_dent_parent,
- struct dentry *trap_dent,
- char *dst_name)
+ struct dentry *src_dent_parent, struct dentry *src_dent,
+ struct dentry *dst_dent_parent, struct dentry *trap_dent,
+ char *dst_name)
{
struct dentry *dst_dent;
int err;
@@ -823,7 +810,7 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
* Return: 0 on success, otherwise error
*/
int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
- struct ksmbd_file *fp, loff_t size)
+ struct ksmbd_file *fp, loff_t size)
{
struct path path;
int err = 0;
@@ -906,8 +893,7 @@ ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list)
return size;
}
-static ssize_t ksmbd_vfs_xattr_len(struct dentry *dentry,
- char *xattr_name)
+static ssize_t ksmbd_vfs_xattr_len(struct dentry *dentry, char *xattr_name)
{
return vfs_getxattr(&init_user_ns, dentry, xattr_name, NULL, 0);
}
@@ -920,9 +906,8 @@ static ssize_t ksmbd_vfs_xattr_len(struct dentry *dentry,
*
* Return: read xattr value length on success, otherwise error
*/
-ssize_t ksmbd_vfs_getxattr(struct dentry *dentry,
- char *xattr_name,
- char **xattr_buf)
+ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
+ char **xattr_buf)
{
ssize_t xattr_len;
char *buf;
@@ -955,11 +940,8 @@ ssize_t ksmbd_vfs_getxattr(struct dentry *dentry,
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_setxattr(struct dentry *dentry,
- const char *attr_name,
- const void *attr_value,
- size_t attr_size,
- int flags)
+int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
+ const void *attr_value, size_t attr_size, int flags)
{
int err;
@@ -987,9 +969,9 @@ void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option)
if (!option || !mapping)
return;
- if (option & FILE_WRITE_THROUGH_LE)
+ if (option & FILE_WRITE_THROUGH_LE) {
filp->f_flags |= O_SYNC;
- else if (option & FILE_SEQUENTIAL_ONLY_LE) {
+ } else if (option & FILE_SEQUENTIAL_ONLY_LE) {
filp->f_ra.ra_pages = inode_to_bdi(mapping->host)->ra_pages * 2;
spin_lock(&filp->f_lock);
filp->f_mode &= ~FMODE_RANDOM;
@@ -1021,18 +1003,15 @@ int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata)
return iterate_dir(file, &rdata->ctx);
}
-int ksmbd_vfs_alloc_size(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- loff_t len)
+int ksmbd_vfs_alloc_size(struct ksmbd_work *work, struct ksmbd_file *fp,
+ loff_t len)
{
smb_break_all_levII_oplock(work, fp, 1);
return vfs_fallocate(fp->filp, FALLOC_FL_KEEP_SIZE, 0, len);
}
-int ksmbd_vfs_zero_data(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- loff_t off,
- loff_t len)
+int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
+ loff_t off, loff_t len)
{
smb_break_all_levII_oplock(work, fp, 1);
if (fp->f_ci->m_fattr & ATTR_SPARSE_FILE_LE)
@@ -1085,8 +1064,9 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
if (extent_end != -ENXIO)
ret = (int)extent_end;
break;
- } else if (extent_start >= extent_end)
+ } else if (extent_start >= extent_end) {
break;
+ }
ranges[*out_count].file_offset = cpu_to_le64(extent_start);
ranges[(*out_count)++].length =
@@ -1161,7 +1141,7 @@ unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode)
* @fs_ss: fs sector size struct
*/
void ksmbd_vfs_smb2_sector_size(struct inode *inode,
- struct ksmbd_fs_sector_size *fs_ss)
+ struct ksmbd_fs_sector_size *fs_ss)
{
struct request_queue *q;
@@ -1186,12 +1166,8 @@ void ksmbd_vfs_smb2_sector_size(struct inode *inode,
}
}
-static int __dir_empty(struct dir_context *ctx,
- const char *name,
- int namlen,
- loff_t offset,
- u64 ino,
- unsigned int d_type)
+static int __dir_empty(struct dir_context *ctx, const char *name, int namlen,
+ loff_t offset, u64 ino, unsigned int d_type)
{
struct ksmbd_readdir_data *buf;
@@ -1227,12 +1203,8 @@ int ksmbd_vfs_empty_dir(struct ksmbd_file *fp)
return err;
}
-static int __caseless_lookup(struct dir_context *ctx,
- const char *name,
- int namlen,
- loff_t offset,
- u64 ino,
- unsigned int d_type)
+static int __caseless_lookup(struct dir_context *ctx, const char *name,
+ int namlen, loff_t offset, u64 ino, unsigned int d_type)
{
struct ksmbd_readdir_data *buf;
@@ -1260,7 +1232,7 @@ static int ksmbd_vfs_lookup_in_dir(char *dirname, char *filename)
struct path dir_path;
int ret;
struct file *dfilp;
- int flags = O_RDONLY|O_LARGEFILE;
+ int flags = O_RDONLY | O_LARGEFILE;
int dirnamelen = strlen(dirname);
struct ksmbd_readdir_data readdir_data = {
.ctx.actor = __caseless_lookup,
@@ -1349,9 +1321,9 @@ int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry)
ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name));
if (!strncmp(name, XATTR_NAME_POSIX_ACL_ACCESS,
- sizeof(XATTR_NAME_POSIX_ACL_ACCESS)-1) ||
+ sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1) ||
!strncmp(name, XATTR_NAME_POSIX_ACL_DEFAULT,
- sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)-1)) {
+ sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1)) {
err = ksmbd_vfs_remove_xattr(dentry, name);
if (err)
ksmbd_debug(SMB,
@@ -1621,8 +1593,9 @@ int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
if (ndr_decode_dos_attr(&n, da))
err = -EINVAL;
ksmbd_free(n.data);
- } else
+ } else {
ksmbd_debug(SMB, "failed to load dos attribute in xattr\n");
+ }
return err;
}
@@ -1687,9 +1660,8 @@ void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat)
return info;
}
-int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work,
- struct dentry *dentry,
- struct ksmbd_kstat *ksmbd_kstat)
+int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
+ struct ksmbd_kstat *ksmbd_kstat)
{
u64 time;
int rc;
@@ -1709,23 +1681,23 @@ int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work,
ksmbd_kstat->file_attributes = ATTR_ARCHIVE_LE;
if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) {
+ KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) {
struct xattr_dos_attrib da;
rc = ksmbd_vfs_get_dos_attrib_xattr(dentry, &da);
if (rc > 0) {
ksmbd_kstat->file_attributes = cpu_to_le32(da.attr);
ksmbd_kstat->create_time = da.create_time;
- } else
+ } else {
ksmbd_debug(VFS, "fail to load dos attribute.\n");
+ }
}
return 0;
}
-ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry,
- char *attr_name,
- int attr_name_len)
+ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry, char *attr_name,
+ int attr_name_len)
{
char *name, *xattr_list = NULL;
ssize_t value_len = -ENOENT, xattr_list_len;
@@ -1749,10 +1721,8 @@ ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry,
return value_len;
}
-int ksmbd_vfs_xattr_stream_name(char *stream_name,
- char **xattr_stream_name,
- size_t *xattr_stream_name_size,
- int s_type)
+int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
+ size_t *xattr_stream_name_size, int s_type)
{
int stream_name_size;
char *xattr_stream_name_buf;
@@ -1791,8 +1761,7 @@ int ksmbd_vfs_xattr_stream_name(char *stream_name,
}
static int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
- struct file *file_out, loff_t pos_out,
- size_t len)
+ struct file *file_out, loff_t pos_out, size_t len)
{
struct inode *inode_in = file_inode(file_in);
struct inode *inode_out = file_inode(file_out);
@@ -1838,13 +1807,10 @@ static int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
}
int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
- struct ksmbd_file *src_fp,
- struct ksmbd_file *dst_fp,
- struct srv_copychunk *chunks,
- unsigned int chunk_count,
- unsigned int *chunk_count_written,
- unsigned int *chunk_size_written,
- loff_t *total_size_written)
+ struct ksmbd_file *src_fp, struct ksmbd_file *dst_fp,
+ struct srv_copychunk *chunks, unsigned int chunk_count,
+ unsigned int *chunk_count_written,
+ unsigned int *chunk_size_written, loff_t *total_size_written)
{
unsigned int i;
loff_t src_off, dst_off, src_file_size;
@@ -1876,10 +1842,10 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
len = le32_to_cpu(chunks[i].Length);
if (check_lock_range(src_fp->filp, src_off,
- src_off + len - 1, READ))
+ src_off + len - 1, READ))
return -EAGAIN;
if (check_lock_range(dst_fp->filp, dst_off,
- dst_off + len - 1, WRITE))
+ dst_off + len - 1, WRITE))
return -EAGAIN;
}
}
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index bbef5c20c146..e1ca9ac11ba5 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -101,7 +101,6 @@ struct xattr_ntacl {
#define XATTR_NAME_SD_LEN \
(sizeof(XATTR_SECURITY_PREFIX SD_PREFIX) - 1)
-
/* CreateOptions */
/* Flag is set, it must not be a file , valid for directory only */
#define FILE_DIRECTORY_FILE_LE cpu_to_le32(0x00000001)
@@ -197,10 +196,11 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess);
int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode);
int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode);
int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp,
- size_t count, loff_t *pos);
+ size_t count, loff_t *pos);
int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf, size_t count, loff_t *pos, bool sync, ssize_t *written);
-int ksmbd_vfs_fsync(struct ksmbd_work *work, uint64_t fid, uint64_t p_id);
+ char *buf, size_t count, loff_t *pos, bool sync,
+ ssize_t *written);
+int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id);
int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name);
int ksmbd_vfs_link(struct ksmbd_work *work,
const char *oldname, const char *newname);
@@ -210,90 +210,53 @@ int ksmbd_vfs_readlink(struct path *path, char *buf, int lenp);
int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
char *newname);
-int ksmbd_vfs_rename_slowpath(struct ksmbd_work *work,
- char *oldname, char *newname);
int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
- struct ksmbd_file *fp, loff_t size);
+ struct ksmbd_file *fp, loff_t size);
struct srv_copychunk;
int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
- struct ksmbd_file *src_fp,
- struct ksmbd_file *dst_fp,
- struct srv_copychunk *chunks,
- unsigned int chunk_count,
- unsigned int *chunk_count_written,
- unsigned int *chunk_size_written,
- loff_t *total_size_written);
-
-struct ksmbd_file *ksmbd_vfs_dentry_open(struct ksmbd_work *work,
- const struct path *path,
- int flags,
- __le32 option,
- int fexist);
+ struct ksmbd_file *src_fp, struct ksmbd_file *dst_fp,
+ struct srv_copychunk *chunks, unsigned int chunk_count,
+ unsigned int *chunk_count_written,
+ unsigned int *chunk_size_written, loff_t *total_size_written);
ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list);
-ssize_t ksmbd_vfs_getxattr(struct dentry *dentry,
- char *xattr_name,
- char **xattr_buf);
-
-ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry,
- char *attr_name,
- int attr_name_len);
-
-int ksmbd_vfs_setxattr(struct dentry *dentry,
- const char *attr_name,
- const void *attr_value,
- size_t attr_size,
- int flags);
-
-int ksmbd_vfs_fsetxattr(const char *filename,
- const char *attr_name,
- const void *attr_value,
- size_t attr_size,
- int flags);
-
-int ksmbd_vfs_xattr_stream_name(char *stream_name,
- char **xattr_stream_name,
- size_t *xattr_stream_name_size,
- int s_type);
-
+ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
+ char **xattr_buf);
+ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry, char *attr_name,
+ int attr_name_len);
+int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
+ const void *attr_value, size_t attr_size, int flags);
+int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
+ size_t *xattr_stream_name_size, int s_type);
int ksmbd_vfs_truncate_xattr(struct dentry *dentry, int wo_streams);
int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
void ksmbd_vfs_xattr_free(char *xattr);
-
int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
bool caseless);
int ksmbd_vfs_empty_dir(struct ksmbd_file *fp);
void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option);
int ksmbd_vfs_lock(struct file *filp, int cmd, struct file_lock *flock);
int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata);
-int ksmbd_vfs_alloc_size(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- loff_t len);
-int ksmbd_vfs_zero_data(struct ksmbd_work *work,
- struct ksmbd_file *fp,
- loff_t off,
- loff_t len);
-
+int ksmbd_vfs_alloc_size(struct ksmbd_work *work, struct ksmbd_file *fp,
+ loff_t len);
+int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
+ loff_t off, loff_t len);
struct file_allocated_range_buffer;
int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
- struct file_allocated_range_buffer *ranges,
- int in_count, int *out_count);
+ struct file_allocated_range_buffer *ranges,
+ int in_count, int *out_count);
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry);
unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode);
void ksmbd_vfs_smb2_sector_size(struct inode *inode,
- struct ksmbd_fs_sector_size *fs_ss);
+ struct ksmbd_fs_sector_size *fs_ss);
void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
-
-int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work,
- struct dentry *dentry,
- struct ksmbd_kstat *ksmbd_kstat);
-
+int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
+ struct ksmbd_kstat *ksmbd_kstat);
int ksmbd_vfs_posix_lock_wait(struct file_lock *flock);
int ksmbd_vfs_posix_lock_wait_timeout(struct file_lock *flock, long timeout);
void ksmbd_vfs_posix_lock_unblock(struct file_lock *flock);
-
int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry);
int ksmbd_vfs_remove_sd_xattrs(struct dentry *dentry);
int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 2b38628e1cb8..ec631dc6f1fb 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -284,8 +284,7 @@ static void __ksmbd_remove_durable_fd(struct ksmbd_file *fp)
write_unlock(&global_ft.lock);
}
-static void __ksmbd_remove_fd(struct ksmbd_file_table *ft,
- struct ksmbd_file *fp)
+static void __ksmbd_remove_fd(struct ksmbd_file_table *ft, struct ksmbd_file *fp)
{
if (!HAS_FILE_ID(fp->volatile_id))
return;
@@ -299,8 +298,7 @@ static void __ksmbd_remove_fd(struct ksmbd_file_table *ft,
write_unlock(&ft->lock);
}
-static void __ksmbd_close_fd(struct ksmbd_file_table *ft,
- struct ksmbd_file *fp)
+static void __ksmbd_close_fd(struct ksmbd_file_table *ft, struct ksmbd_file *fp)
{
struct file *filp;
@@ -328,7 +326,7 @@ static struct ksmbd_file *ksmbd_fp_get(struct ksmbd_file *fp)
}
static struct ksmbd_file *__ksmbd_lookup_fd(struct ksmbd_file_table *ft,
- unsigned int id)
+ unsigned int id)
{
bool unclaimed = true;
struct ksmbd_file *fp;
@@ -352,8 +350,7 @@ static struct ksmbd_file *__ksmbd_lookup_fd(struct ksmbd_file_table *ft,
return fp;
}
-static void __put_fd_final(struct ksmbd_work *work,
- struct ksmbd_file *fp)
+static void __put_fd_final(struct ksmbd_work *work, struct ksmbd_file *fp)
{
__ksmbd_close_fd(&work->sess->file_table, fp);
atomic_dec(&work->conn->stats.open_files_count);
@@ -399,8 +396,7 @@ int ksmbd_close_fd(struct ksmbd_work *work, unsigned int id)
return 0;
}
-void ksmbd_fd_put(struct ksmbd_work *work,
- struct ksmbd_file *fp)
+void ksmbd_fd_put(struct ksmbd_work *work, struct ksmbd_file *fp)
{
if (!fp)
return;
@@ -410,8 +406,7 @@ void ksmbd_fd_put(struct ksmbd_work *work,
__put_fd_final(work, fp);
}
-static bool __sanity_check(struct ksmbd_tree_connect *tcon,
- struct ksmbd_file *fp)
+static bool __sanity_check(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp)
{
if (!fp)
return false;
@@ -420,14 +415,12 @@ static bool __sanity_check(struct ksmbd_tree_connect *tcon,
return true;
}
-struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work,
- unsigned int id)
+struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, unsigned int id)
{
return __ksmbd_lookup_fd(&work->sess->file_table, id);
}
-struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work,
- unsigned int id)
+struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, unsigned int id)
{
struct ksmbd_file *fp = __ksmbd_lookup_fd(&work->sess->file_table, id);
@@ -438,9 +431,8 @@ struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work,
return NULL;
}
-struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work,
- unsigned int id,
- unsigned int pid)
+struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, unsigned int id,
+ unsigned int pid)
{
struct ksmbd_file *fp;
@@ -469,8 +461,7 @@ struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id)
return __ksmbd_lookup_fd(&global_ft, id);
}
-int ksmbd_close_fd_app_id(struct ksmbd_work *work,
- char *app_id)
+int ksmbd_close_fd_app_id(struct ksmbd_work *work, char *app_id)
{
struct ksmbd_file *fp = NULL;
unsigned int id;
@@ -513,8 +504,7 @@ struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid)
return fp;
}
-struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work,
- char *filename)
+struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work, char *filename)
{
struct ksmbd_file *fp = NULL;
unsigned int id;
@@ -566,8 +556,7 @@ static void __open_id_set(struct ksmbd_file *fp, unsigned int id, int type)
fp->persistent_id = id;
}
-static int __open_id(struct ksmbd_file_table *ft,
- struct ksmbd_file *fp,
+static int __open_id(struct ksmbd_file_table *ft, struct ksmbd_file *fp,
int type)
{
unsigned int id = 0;
@@ -601,8 +590,7 @@ unsigned int ksmbd_open_durable_fd(struct ksmbd_file *fp)
return fp->persistent_id;
}
-struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work,
- struct file *filp)
+struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
{
struct ksmbd_file *fp;
int ret;
@@ -657,7 +645,7 @@ static inline bool is_reconnectable(struct ksmbd_file *fp)
if (fp->is_resilient || fp->is_persistent)
reconn = true;
else if (fp->is_durable && opinfo->is_lease &&
- opinfo->o_lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
+ opinfo->o_lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
reconn = true;
else if (fp->is_durable && opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)
@@ -668,10 +656,8 @@ static inline bool is_reconnectable(struct ksmbd_file *fp)
}
static int
-__close_file_table_ids(struct ksmbd_file_table *ft,
- struct ksmbd_tree_connect *tcon,
- bool (*skip)(struct ksmbd_tree_connect *tcon,
- struct ksmbd_file *fp))
+__close_file_table_ids(struct ksmbd_file_table *ft, struct ksmbd_tree_connect *tcon,
+ bool (*skip)(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp))
{
unsigned int id;
struct ksmbd_file *fp;
@@ -691,14 +677,12 @@ __close_file_table_ids(struct ksmbd_file_table *ft,
return num;
}
-static bool tree_conn_fd_check(struct ksmbd_tree_connect *tcon,
- struct ksmbd_file *fp)
+static bool tree_conn_fd_check(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp)
{
return fp->tcon != tcon;
}
-static bool session_fd_check(struct ksmbd_tree_connect *tcon,
- struct ksmbd_file *fp)
+static bool session_fd_check(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp)
{
if (!is_reconnectable(fp))
return false;
@@ -745,8 +729,7 @@ void ksmbd_free_global_file_table(void)
ksmbd_destroy_file_table(&global_ft);
}
-int ksmbd_reopen_durable_fd(struct ksmbd_work *work,
- struct ksmbd_file *fp)
+int ksmbd_reopen_durable_fd(struct ksmbd_work *work, struct ksmbd_file *fp)
{
if (!fp->is_durable || fp->conn || fp->tcon) {
ksmbd_err("Invalid durable fd [%p:%p]\n",
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index 04ab5967a9ae..318dcb1a297a 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -149,50 +149,31 @@ static inline bool ksmbd_stream_fd(struct ksmbd_file *fp)
int ksmbd_init_file_table(struct ksmbd_file_table *ft);
void ksmbd_destroy_file_table(struct ksmbd_file_table *ft);
-
int ksmbd_close_fd(struct ksmbd_work *work, unsigned int id);
-
-struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work,
- unsigned int id);
-struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work,
- unsigned int id);
-struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work,
- unsigned int id,
- unsigned int pid);
-
+struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, unsigned int id);
+struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, unsigned int id);
+struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, unsigned int id,
+ unsigned int pid);
void ksmbd_fd_put(struct ksmbd_work *work, struct ksmbd_file *fp);
-
int ksmbd_close_fd_app_id(struct ksmbd_work *work, char *app_id);
struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id);
struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid);
-struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work,
- char *filename);
+struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work, char *filename);
struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode);
-
unsigned int ksmbd_open_durable_fd(struct ksmbd_file *fp);
-
-struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work,
- struct file *filp);
-
+struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp);
void ksmbd_close_tree_conn_fds(struct ksmbd_work *work);
void ksmbd_close_session_fds(struct ksmbd_work *work);
-
int ksmbd_close_inode_fds(struct ksmbd_work *work, struct inode *inode);
-
-int ksmbd_reopen_durable_fd(struct ksmbd_work *work,
- struct ksmbd_file *fp);
-
+int ksmbd_reopen_durable_fd(struct ksmbd_work *work, struct ksmbd_file *fp);
int ksmbd_init_global_file_table(void);
void ksmbd_free_global_file_table(void);
-
int ksmbd_file_table_flush(struct ksmbd_work *work);
-
void ksmbd_set_fd_limit(unsigned long limit);
/*
* INODE hash
*/
-
int __init ksmbd_inode_hash_init(void);
void ksmbd_release_inode_hash(void);
@@ -203,11 +184,9 @@ enum KSMBD_INODE_STATUS {
};
int ksmbd_query_inode_status(struct inode *inode);
-
bool ksmbd_inode_pending_delete(struct ksmbd_file *fp);
void ksmbd_set_inode_pending_delete(struct ksmbd_file *fp);
void ksmbd_clear_inode_pending_delete(struct ksmbd_file *fp);
-
void ksmbd_fd_set_delete_on_close(struct ksmbd_file *fp,
int file_info);
#endif /* __VFS_CACHE_H__ */
From patchwork Mon Nov 14 12:48:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183121
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:22 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:22 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:22 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 024/308] cifsd: merge time_wrappers.h into
smb_common.h
Date: Mon, 14 Nov 2022 20:48:53 +0800
Message-ID: <20221114125337.1831594-25-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
b92a385b-5bd6-4297-3e31-08dac63c477a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7037939
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit a648d8aff84beedaff6302df47a947a56533ec41
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a648d8aff84b
-------------------------------
This patch merge time_wrappers.h into smb_common.h.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/netmisc.c | 17 ++++++++++++++++-
fs/cifsd/smb2pdu.c | 1 -
fs/cifsd/smb_common.h | 6 ++++++
fs/cifsd/time_wrappers.h | 34 ----------------------------------
fs/cifsd/vfs.c | 1 -
5 files changed, 22 insertions(+), 37 deletions(-)
delete mode 100644 fs/cifsd/time_wrappers.h
diff --git a/fs/cifsd/netmisc.c b/fs/cifsd/netmisc.c
index 55393667abcc..5d0327d87397 100644
--- a/fs/cifsd/netmisc.c
+++ b/fs/cifsd/netmisc.c
@@ -10,7 +10,7 @@
#include "glob.h"
#include "smberr.h"
#include "nterr.h"
-#include "time_wrappers.h"
+#include "smb_common.h"
/*
* Convert the NT UTC (based 1601-01-01, in hundred nanosecond units)
@@ -42,3 +42,18 @@ struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc)
return ts;
}
+
+/* Convert the Unix UTC into NT UTC. */
+inline u64 ksmbd_UnixTimeToNT(struct timespec64 t)
+{
+ /* Convert to 100ns intervals and then add the NTFS time offset. */
+ return (u64)t.tv_sec * 10000000 + t.tv_nsec / 100 + NTFS_TIME_OFFSET;
+}
+
+inline long long ksmbd_systime(void)
+{
+ struct timespec64 ts;
+
+ ktime_get_real_ts64(&ts);
+ return ksmbd_UnixTimeToNT(ts);
+}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 3e8f1a3800dd..139041768f65 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -26,7 +26,6 @@
#include "vfs_cache.h"
#include "misc.h"
-#include "time_wrappers.h"
#include "server.h"
#include "smb_common.h"
#include "smbstatus.h"
diff --git a/fs/cifsd/smb_common.h b/fs/cifsd/smb_common.h
index 2d7b1c693ff4..2e171c9002b2 100644
--- a/fs/cifsd/smb_common.h
+++ b/fs/cifsd/smb_common.h
@@ -541,4 +541,10 @@ static inline void inc_rfc1001_len(void *buf, int count)
{
be32_add_cpu((__be32 *)buf, count);
}
+
+#define NTFS_TIME_OFFSET ((u64)(369 * 365 + 89) * 24 * 3600 * 10000000)
+
+struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc);
+u64 ksmbd_UnixTimeToNT(struct timespec64 t);
+long long ksmbd_systime(void);
#endif /* __SMB_COMMON_H__ */
diff --git a/fs/cifsd/time_wrappers.h b/fs/cifsd/time_wrappers.h
deleted file mode 100644
index 31bea2058f88..000000000000
--- a/fs/cifsd/time_wrappers.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-or-later */
-/*
- * Copyright (C) 2019 Samsung Electronics Co., Ltd.
- */
-
-#ifndef __KSMBD_TIME_WRAPPERS_H
-#define __KSMBD_TIME_WRAPPERS_H
-
-/*
- * A bunch of ugly hacks to workaoround all the API differences
- * between different kernel versions.
- */
-
-#define NTFS_TIME_OFFSET ((u64)(369 * 365 + 89) * 24 * 3600 * 10000000)
-
-/* Convert the Unix UTC into NT UTC. */
-static inline u64 ksmbd_UnixTimeToNT(struct timespec64 t)
-{
- /* Convert to 100ns intervals and then add the NTFS time offset. */
- return (u64)t.tv_sec * 10000000 + t.tv_nsec / 100 + NTFS_TIME_OFFSET;
-}
-
-struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc);
-
-#define KSMBD_TIME_TO_TM time64_to_tm
-
-static inline long long ksmbd_systime(void)
-{
- struct timespec64 ts;
-
- ktime_get_real_ts64(&ts);
- return ksmbd_UnixTimeToNT(ts);
-}
-#endif /* __KSMBD_TIME_WRAPPERS_H */
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 69dc1ee0fc75..264f8932d40f 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -31,7 +31,6 @@
#include "ndr.h"
#include "auth.h"
-#include "time_wrappers.h"
#include "smb_common.h"
#include "mgmt/share_config.h"
#include "mgmt/tree_connect.h"
From patchwork Mon Nov 14 12:48:54 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183122
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:23 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:23 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:22 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 025/308] cifsd: fix wrong prototype in comment
Date: Mon, 14 Nov 2022 20:48:54 +0800
Message-ID: <20221114125337.1831594-26-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cfee76de-8888-4310-1c98-08dac63c47c3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7098900
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 5365564901778d96a81e00e34c804d4fb05f0093
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/536556490177
-------------------------------
kernel test robot reported:
>> fs/cifsd/oplock.c:1454: warning: expecting prototype for
create_durable_rsp__buf(). Prototype was for
create_durable_rsp_buf() instead
This patch fix wrong prototype in comment.
Reported-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/oplock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index 8e072c3e7b89..4ff23aee69fa 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -1436,7 +1436,7 @@ struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
}
/**
- * create_durable_rsp__buf() - create durable handle context
+ * create_durable_rsp_buf() - create durable handle context
* @cc: buffer to create durable context response
*/
void create_durable_rsp_buf(char *cc)
From patchwork Mon Nov 14 12:48:55 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183123
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:23 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:23 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:23 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 026/308] cifsd: remove smack inherit leftovers
Date: Mon, 14 Nov 2022 20:48:55 +0800
Message-ID: <20221114125337.1831594-27-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6bb6816d-d067-4e69-063b-08dac63c480d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6832120
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit d710f37c7bcd7f2cedab4762fff3e11c83aebf3f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d710f37c7bcd
-------------------------------
smack inherit was added for internal product beofre.
It is no longer used. This patch remove it's left overs.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/ksmbd_server.h | 9 ++++-----
fs/cifsd/vfs.c | 42 -----------------------------------------
2 files changed, 4 insertions(+), 47 deletions(-)
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
index c5181a2702ff..e46be4084087 100644
--- a/fs/cifsd/ksmbd_server.h
+++ b/fs/cifsd/ksmbd_server.h
@@ -224,11 +224,10 @@ enum KSMBD_TREE_CONN_STATUS {
#define KSMBD_SHARE_FLAG_OPLOCKS BIT(7)
#define KSMBD_SHARE_FLAG_PIPE BIT(8)
#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES BIT(9)
-#define KSMBD_SHARE_FLAG_INHERIT_SMACK BIT(10)
-#define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(11)
-#define KSMBD_SHARE_FLAG_STREAMS BIT(12)
-#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(13)
-#define KSMBD_SHARE_FLAG_ACL_XATTR BIT(14)
+#define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(10)
+#define KSMBD_SHARE_FLAG_STREAMS BIT(11)
+#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(12)
+#define KSMBD_SHARE_FLAG_ACL_XATTR BIT(13)
/*
* Tree connect request flags.
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 264f8932d40f..0ecdb5121c3a 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -69,46 +69,6 @@ static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
i_uid_write(inode, i_uid_read(parent_inode));
}
-static void ksmbd_vfs_inherit_smack(struct ksmbd_work *work,
- struct dentry *dir_dentry, struct dentry *dentry)
-{
- char *name, *xattr_list = NULL, *smack_buf;
- int value_len, xattr_list_len;
-
- if (!test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_INHERIT_SMACK))
- return;
-
- xattr_list_len = ksmbd_vfs_listxattr(dir_dentry, &xattr_list);
- if (xattr_list_len < 0) {
- goto out;
- } else if (!xattr_list_len) {
- ksmbd_err("no ea data in the file\n");
- return;
- }
-
- for (name = xattr_list; name - xattr_list < xattr_list_len;
- name += strlen(name) + 1) {
- int rc;
-
- ksmbd_debug(VFS, "%s, len %zd\n", name, strlen(name));
- if (strcmp(name, XATTR_NAME_SMACK))
- continue;
-
- value_len = ksmbd_vfs_getxattr(dir_dentry, name, &smack_buf);
- if (value_len <= 0)
- continue;
-
- rc = ksmbd_vfs_setxattr(dentry, XATTR_NAME_SMACK, smack_buf,
- value_len, 0);
- ksmbd_free(smack_buf);
- if (rc < 0)
- ksmbd_err("ksmbd_vfs_setxattr() failed: %d\n", rc);
- }
-out:
- ksmbd_vfs_xattr_free(xattr_list);
-}
-
int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
{
int mask;
@@ -198,7 +158,6 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
if (!err) {
ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
d_inode(dentry));
- ksmbd_vfs_inherit_smack(work, path.dentry, dentry);
} else {
ksmbd_err("File(%s): creation failed (err:%d)\n", name, err);
}
@@ -234,7 +193,6 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
if (!err) {
ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
d_inode(dentry));
- ksmbd_vfs_inherit_smack(work, path.dentry, dentry);
} else {
ksmbd_err("mkdir(%s): creation failed (err:%d)\n", name, err);
}
From patchwork Mon Nov 14 12:48:56 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183124
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:24 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:24 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:23 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 027/308] cifsd: remove calling d_path in error
paths
Date: Mon, 14 Nov 2022 20:48:56 +0800
Message-ID: <20221114125337.1831594-28-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
1503914c-89b9-4d08-e3b0-08dac63c4855
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6903094
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 96a34377dc5a0969b7b0404fce84159b7c8f89d7
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/96a34377dc5a
-------------------------------
calling d_path is excessive in error paths.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 0ecdb5121c3a..b509c90d911f 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -312,9 +312,8 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
{
struct file *filp;
ssize_t nbytes = 0;
- char *rbuf, *name;
+ char *rbuf;
struct inode *inode;
- char namebuf[NAME_MAX];
rbuf = work->aux_payload_buf;
filp = fp->filp;
@@ -348,11 +347,8 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
nbytes = kernel_read(filp, rbuf, count, pos);
if (nbytes < 0) {
- name = d_path(&filp->f_path, namebuf, sizeof(namebuf));
- if (IS_ERR(name))
- name = "(error)";
ksmbd_err("smb read failed for (%s), err = %zd\n",
- name, nbytes);
+ fp->filename, nbytes);
return nbytes;
}
From patchwork Mon Nov 14 12:48:57 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183125
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:24 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:24 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:24 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 028/308] cifsd: handle unhashed dentry in
ksmbd_vfs_mkdir
Date: Mon, 14 Nov 2022 20:48:57 +0800
Message-ID: <20221114125337.1831594-29-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
dea61c5f-d308-43eb-2981-08dac63c489e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6834585
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 1637023594c1fd11fa4d77dd0c9493a864aa0d17
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1637023594c1
-------------------------------
vfs_mkdir could return the dentry left unhashed negative on success.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 28 +++++++++++++++++++++++-----
1 file changed, 23 insertions(+), 5 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index b509c90d911f..bdc30a7b6d52 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -190,14 +190,32 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
mode |= S_IFDIR;
err = vfs_mkdir(&init_user_ns, d_inode(path.dentry), dentry, mode);
- if (!err) {
+ if (err)
+ goto out;
+ else if (d_unhashed(dentry)) {
+ struct dentry *d;
+
+ d = lookup_one_len(dentry->d_name.name,
+ dentry->d_parent,
+ dentry->d_name.len);
+ if (IS_ERR(d)) {
+ err = PTR_ERR(d);
+ goto out;
+ }
+ if (unlikely(d_is_negative(d))) {
+ dput(d);
+ err = -ENOENT;
+ goto out;
+ }
+
ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
- d_inode(dentry));
- } else {
- ksmbd_err("mkdir(%s): creation failed (err:%d)\n", name, err);
+ d_inode(d));
+ dput(d);
}
-
+out:
done_path_create(&path, dentry);
+ if (err)
+ ksmbd_err("mkdir(%s): creation failed (err:%d)\n", name, err);
return err;
}
From patchwork Mon Nov 14 12:48:58 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183126
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:25 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:25 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:24 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 029/308] cifsd: use file_inode() instead of
d_inode()
Date: Mon, 14 Nov 2022 20:48:58 +0800
Message-ID: <20221114125337.1831594-30-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9efdcf63-c6cb-4d29-1265-08dac63c48e8
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6876691
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit d2f72ed8fa0c0e6c90af8ee0bbb39d41ab2d5465
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d2f72ed8fa0c
-------------------------------
use file_inode() to get layerd filesystems right.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index bdc30a7b6d52..6313d5ca4b46 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -335,7 +335,7 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
rbuf = work->aux_payload_buf;
filp = fp->filp;
- inode = d_inode(filp->f_path.dentry);
+ inode = file_inode(filp);
if (S_ISDIR(inode->i_mode))
return -EISDIR;
From patchwork Mon Nov 14 12:48:59 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183127
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:25 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:25 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:25 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 030/308] cifsd: remove useless error handling in
ksmbd_vfs_read
Date: Mon, 14 Nov 2022 20:48:59 +0800
Message-ID: <20221114125337.1831594-31-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ccf3d24c-4b3f-492b-b0d8-08dac63c4931
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7431741
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 8044ee8e64b4fdb068e504ec3ade597d1ccad456
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8044ee8e64b4
-------------------------------
dentry->d_inode never happen to be NULL if we hold the dentry.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 17 ++++++-----------
1 file changed, 6 insertions(+), 11 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 6313d5ca4b46..ef823679f6be 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -550,7 +550,7 @@ int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id)
int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
{
struct path parent;
- struct dentry *dir, *dentry;
+ struct dentry *dentry;
char *last;
int err;
@@ -569,12 +569,8 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
return err;
}
- dir = parent.dentry;
- if (!d_inode(dir))
- goto out;
-
- inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
- dentry = lookup_one_len(last, dir, strlen(last));
+ inode_lock_nested(d_inode(parent.dentry), I_MUTEX_PARENT);
+ dentry = lookup_one_len(last, parent.dentry, strlen(last));
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
ksmbd_debug(VFS, "%s: lookup failed, err %d\n", last, err);
@@ -588,12 +584,12 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
}
if (S_ISDIR(d_inode(dentry)->i_mode)) {
- err = vfs_rmdir(&init_user_ns, d_inode(dir), dentry);
+ err = vfs_rmdir(&init_user_ns, d_inode(parent.dentry), dentry);
if (err && err != -ENOTEMPTY)
ksmbd_debug(VFS, "%s: rmdir failed, err %d\n", name,
err);
} else {
- err = vfs_unlink(&init_user_ns, d_inode(dir), dentry, NULL);
+ err = vfs_unlink(&init_user_ns, d_inode(parent.dentry), dentry, NULL);
if (err)
ksmbd_debug(VFS, "%s: unlink failed, err %d\n", name,
err);
@@ -601,8 +597,7 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
dput(dentry);
out_err:
- inode_unlock(d_inode(dir));
-out:
+ inode_unlock(d_inode(parent.dentry));
rollback_path_modification(last);
path_put(&parent);
ksmbd_revert_fsids(work);
From patchwork Mon Nov 14 12:49:00 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183128
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:26 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:26 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:25 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 031/308] cifsd: use xarray instead of linked list
for tree connect list
Date: Mon, 14 Nov 2022 20:49:00 +0800
Message-ID: <20221114125337.1831594-32-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a7030dad-00ad-484f-40f4-08dac63c497a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7081186
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 02b68b2065c91ce706f462fd509032a77db5d9dc
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/02b68b2065c9
-------------------------------
Matthew suggest to change linked list of tree connect list to xarray.
It will be tree connect lookup in O(log(n)) time instead of O(n) time.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/mgmt/tree_connect.c | 35 +++++++++++++++--------------------
fs/cifsd/mgmt/user_session.c | 4 +++-
fs/cifsd/mgmt/user_session.h | 6 +++++-
fs/cifsd/smb2pdu.c | 2 +-
4 files changed, 24 insertions(+), 23 deletions(-)
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/cifsd/mgmt/tree_connect.c
index d5670f2596a3..0c8374e8240f 100644
--- a/fs/cifsd/mgmt/tree_connect.c
+++ b/fs/cifsd/mgmt/tree_connect.c
@@ -5,6 +5,8 @@
#include <linux/list.h>
#include <linux/slab.h>
+#include <linux/version.h>
+#include <linux/xarray.h>
#include "../buffer_pool.h"
#include "../transport_ipc.h"
@@ -23,6 +25,7 @@ ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
struct ksmbd_share_config *sc;
struct ksmbd_tree_connect *tree_conn = NULL;
struct sockaddr *peer_addr;
+ int ret;
sc = ksmbd_share_config_get(share_name);
if (!sc)
@@ -59,8 +62,12 @@ ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
tree_conn->share_conf = sc;
status.tree_conn = tree_conn;
- list_add(&tree_conn->list, &sess->tree_conn_list);
-
+ ret = xa_err(xa_store(&sess->tree_conns, tree_conn->id, tree_conn,
+ GFP_KERNEL));
+ if (ret) {
+ status.ret = -ENOMEM;
+ goto out_error;
+ }
ksmbd_free(resp);
return status;
@@ -80,7 +87,7 @@ int ksmbd_tree_conn_disconnect(struct ksmbd_session *sess,
ret = ksmbd_ipc_tree_disconnect_request(sess->id, tree_conn->id);
ksmbd_release_tree_conn_id(sess, tree_conn->id);
- list_del(&tree_conn->list);
+ xa_erase(&sess->tree_conns, tree_conn->id);
ksmbd_share_config_put(tree_conn->share_conf);
ksmbd_free(tree_conn);
return ret;
@@ -89,15 +96,7 @@ int ksmbd_tree_conn_disconnect(struct ksmbd_session *sess,
struct ksmbd_tree_connect *ksmbd_tree_conn_lookup(struct ksmbd_session *sess,
unsigned int id)
{
- struct ksmbd_tree_connect *tree_conn;
- struct list_head *tmp;
-
- list_for_each(tmp, &sess->tree_conn_list) {
- tree_conn = list_entry(tmp, struct ksmbd_tree_connect, list);
- if (tree_conn->id == id)
- return tree_conn;
- }
- return NULL;
+ return xa_load(&sess->tree_conns, id);
}
struct ksmbd_share_config *ksmbd_tree_conn_share(struct ksmbd_session *sess,
@@ -114,15 +113,11 @@ struct ksmbd_share_config *ksmbd_tree_conn_share(struct ksmbd_session *sess,
int ksmbd_tree_conn_session_logoff(struct ksmbd_session *sess)
{
int ret = 0;
+ struct ksmbd_tree_connect *tc;
+ unsigned long id;
- while (!list_empty(&sess->tree_conn_list)) {
- struct ksmbd_tree_connect *tc;
-
- tc = list_entry(sess->tree_conn_list.next,
- struct ksmbd_tree_connect,
- list);
+ xa_for_each(&sess->tree_conns, id, tc)
ret |= ksmbd_tree_conn_disconnect(sess, tc);
- }
-
+ xa_destroy(&sess->tree_conns);
return ret;
}
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index 5a2113bf18ef..f5cc7a62d848 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -6,6 +6,8 @@
#include <linux/list.h>
#include <linux/slab.h>
#include <linux/rwsem.h>
+#include <linux/version.h>
+#include <linux/xarray.h>
#include "ksmbd_ida.h"
#include "user_session.h"
@@ -275,7 +277,7 @@ static struct ksmbd_session *__session_create(int protocol)
set_session_flag(sess, protocol);
INIT_LIST_HEAD(&sess->sessions_entry);
- INIT_LIST_HEAD(&sess->tree_conn_list);
+ xa_init(&sess->tree_conns);
INIT_LIST_HEAD(&sess->ksmbd_chann_list);
INIT_LIST_HEAD(&sess->rpc_handle_list);
sess->sequence_number = 1;
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
index 68018f0f5c0b..1a97c851f2fc 100644
--- a/fs/cifsd/mgmt/user_session.h
+++ b/fs/cifsd/mgmt/user_session.h
@@ -7,6 +7,8 @@
#define __USER_SESSION_MANAGEMENT_H__
#include <linux/hashtable.h>
+#include <linux/version.h>
+#include <linux/xarray.h>
#include "../smb_common.h"
#include "../ntlmssp.h"
@@ -50,10 +52,12 @@ struct ksmbd_session {
struct hlist_node hlist;
struct list_head ksmbd_chann_list;
- struct list_head tree_conn_list;
+ struct xarray tree_conns;
struct ksmbd_ida *tree_conn_ida;
struct list_head rpc_handle_list;
+
+
__u8 smb3encryptionkey[SMB3_SIGN_KEY_SIZE];
__u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE];
__u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 139041768f65..0b7199444f73 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -104,7 +104,7 @@ int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
return 0;
}
- if (list_empty(&work->sess->tree_conn_list)) {
+ if (xa_empty(&work->sess->tree_conns)) {
ksmbd_debug(SMB, "NO tree connected\n");
return -1;
}
From patchwork Mon Nov 14 12:49:01 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183129
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:26 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:26 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:26 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 032/308] cifsd: remove stale prototype and
variables
Date: Mon, 14 Nov 2022 20:49:01 +0800
Message-ID: <20221114125337.1831594-33-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4a365331-fd47-439f-041b-08dac63c49c4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6983889
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Gibeom Kim <gibeomii.kim(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 5da64d8784d36c0601743a5159a598f5888089c7
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5da64d8784d3
-------------------------------
Remove unused function prototype and variables.
Signed-off-by: Gibeom Kim <gibeomii.kim(a)samsung.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/glob.h | 1 -
fs/cifsd/oplock.h | 3 ---
fs/cifsd/server.h | 2 --
fs/cifsd/smbacl.h | 1 -
fs/cifsd/unicode.h | 2 --
fs/cifsd/vfs.h | 3 ---
6 files changed, 12 deletions(-)
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
index 27500afbeaf5..d0bc6edd0477 100644
--- a/fs/cifsd/glob.h
+++ b/fs/cifsd/glob.h
@@ -19,7 +19,6 @@
/* @FIXME clean up this code */
extern int ksmbd_debug_types;
-extern int ksmbd_caseless_search;
#define DATA_STREAM 1
#define DIR_STREAM 2
diff --git a/fs/cifsd/oplock.h b/fs/cifsd/oplock.h
index 5b6615f99c76..f8b4b486eb93 100644
--- a/fs/cifsd/oplock.h
+++ b/fs/cifsd/oplock.h
@@ -123,9 +123,6 @@ void create_mxac_rsp_buf(char *cc, int maximal_access);
void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id);
void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp);
struct create_context *smb2_find_context_vals(void *open_req, const char *str);
-int ksmbd_durable_verify_and_del_oplock(struct ksmbd_session *curr_sess,
- struct ksmbd_session *prev_sess, int fid, struct file **filp,
- u64 sess_id);
struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
char *lease_key);
int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
diff --git a/fs/cifsd/server.h b/fs/cifsd/server.h
index 7b2f6318fcff..b682d28963e8 100644
--- a/fs/cifsd/server.h
+++ b/fs/cifsd/server.h
@@ -17,8 +17,6 @@
#define SERVER_CONF_SERVER_STRING 1
#define SERVER_CONF_WORK_GROUP 2
-extern int ksmbd_debugging;
-
struct ksmbd_server_config {
unsigned int flags;
unsigned int state;
diff --git a/fs/cifsd/smbacl.h b/fs/cifsd/smbacl.h
index 9b22bff4191f..032b6a3ec6f4 100644
--- a/fs/cifsd/smbacl.h
+++ b/fs/cifsd/smbacl.h
@@ -193,7 +193,6 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
unsigned int uid, unsigned int gid);
int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
__le32 *pdaccess, int uid);
-int store_init_posix_acl(struct inode *inode, umode_t perm);
int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
bool type_check);
diff --git a/fs/cifsd/unicode.h b/fs/cifsd/unicode.h
index c37d7024cf60..68f1c8290911 100644
--- a/fs/cifsd/unicode.h
+++ b/fs/cifsd/unicode.h
@@ -71,8 +71,6 @@ int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
char *ksmbd_extract_sharename(char *treename);
#endif
-wchar_t cifs_toupper(wchar_t in);
-
/*
* UniStrcat: Concatenate the second string to the first
*
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index e1ca9ac11ba5..b41b23d40636 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -205,8 +205,6 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name);
int ksmbd_vfs_link(struct ksmbd_work *work,
const char *oldname, const char *newname);
int ksmbd_vfs_getattr(struct path *path, struct kstat *stat);
-int ksmbd_vfs_symlink(const char *name, const char *symname);
-int ksmbd_vfs_readlink(struct path *path, char *buf, int lenp);
int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
char *newname);
@@ -230,7 +228,6 @@ int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
const void *attr_value, size_t attr_size, int flags);
int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
size_t *xattr_stream_name_size, int s_type);
-int ksmbd_vfs_truncate_xattr(struct dentry *dentry, int wo_streams);
int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
void ksmbd_vfs_xattr_free(char *xattr);
int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
From patchwork Mon Nov 14 12:49:02 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183130
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:27 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:27 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:26 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 033/308] cifsd: fix memory leak when loop ends
Date: Mon, 14 Nov 2022 20:49:02 +0800
Message-ID: <20221114125337.1831594-34-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f06a0938-fd8e-4154-bbe9-08dac63c4a0c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6784936
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Muhammad Usama Anjum <musamaanjum(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit c250e8f5566f2e1a0ea177837520eff8e59c0b7d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c250e8f5566f
-------------------------------
Memory is being allocated and if veto_list is zero, the loop breaks
without cleaning up the allocated memory. In this patch, the length
check has been moved before allocation. If loop breaks, the memory isn't
allocated in the first place. Thus the memory is being protected from
leaking.
Reported-by: coverity-bot <keescook+coverity-bot(a)chromium.org>
Addresses-Coverity-ID: 1503590 ("Resource leaks")
Signed-off-by: Muhammad Usama Anjum <musamaanjum(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/mgmt/share_config.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index db780febd692..b2bd789af945 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -92,14 +92,14 @@ static int parse_veto_list(struct ksmbd_share_config *share,
while (veto_list_sz > 0) {
struct ksmbd_veto_pattern *p;
- p = kzalloc(sizeof(struct ksmbd_veto_pattern), GFP_KERNEL);
- if (!p)
- return -ENOMEM;
-
sz = strlen(veto_list);
if (!sz)
break;
+ p = kzalloc(sizeof(struct ksmbd_veto_pattern), GFP_KERNEL);
+ if (!p)
+ return -ENOMEM;
+
p->pattern = kstrdup(veto_list, GFP_KERNEL);
if (!p->pattern) {
ksmbd_free(p);
From patchwork Mon Nov 14 12:49:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183131
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:27 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:27 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:27 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 034/308] cifsd: use kfree to free memory allocated
by kmalloc or kzalloc
Date: Mon, 14 Nov 2022 20:49:03 +0800
Message-ID: <20221114125337.1831594-35-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2b6c10f7-8c60-4b7b-01a3-08dac63c4a55
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7668788
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Muhammad Usama Anjum <musamaanjum(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 822bc8ea514ecd4a8bbb86237858146ca8845eba
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/822bc8ea514e
-------------------------------
kfree should be used to free memory allocated by kmalloc or kzalloc to
avoid any overhead and for maintaining consistency.
Signed-off-by: Muhammad Usama Anjum <musamaanjum(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/buffer_pool.c | 4 ++--
fs/cifsd/mgmt/share_config.c | 2 +-
fs/cifsd/mgmt/user_config.c | 8 ++++----
fs/cifsd/mgmt/user_session.c | 6 +++---
fs/cifsd/smb2pdu.c | 4 ++--
fs/cifsd/transport_tcp.c | 2 +-
fs/cifsd/vfs_cache.c | 2 +-
7 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
index ad2a2c885a2c..a9ef3e703232 100644
--- a/fs/cifsd/buffer_pool.c
+++ b/fs/cifsd/buffer_pool.c
@@ -78,7 +78,7 @@ static int register_wm_size_class(size_t sz)
list_for_each_entry(l, &wm_lists, list) {
if (l->sz == sz) {
write_unlock(&wm_lists_lock);
- kvfree(nl);
+ kfree(nl);
return 0;
}
}
@@ -181,7 +181,7 @@ static void wm_list_free(struct wm_list *l)
list_del(&wm->list);
kvfree(wm);
}
- kvfree(l);
+ kfree(l);
}
static void wm_lists_destroy(void)
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index b2bd789af945..11abdbc8a533 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -102,7 +102,7 @@ static int parse_veto_list(struct ksmbd_share_config *share,
p->pattern = kstrdup(veto_list, GFP_KERNEL);
if (!p->pattern) {
- ksmbd_free(p);
+ kfree(p);
return -ENOMEM;
}
diff --git a/fs/cifsd/mgmt/user_config.c b/fs/cifsd/mgmt/user_config.c
index f0c2f8994a6b..c31e2c4d2d6f 100644
--- a/fs/cifsd/mgmt/user_config.c
+++ b/fs/cifsd/mgmt/user_config.c
@@ -46,8 +46,8 @@ struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp)
if (!user->name || !user->passkey) {
kfree(user->name);
- ksmbd_free(user->passkey);
- ksmbd_free(user);
+ kfree(user->passkey);
+ kfree(user);
user = NULL;
}
return user;
@@ -57,8 +57,8 @@ void ksmbd_free_user(struct ksmbd_user *user)
{
ksmbd_ipc_logout_request(user->name);
kfree(user->name);
- ksmbd_free(user->passkey);
- ksmbd_free(user);
+ kfree(user->passkey);
+ kfree(user);
}
int ksmbd_anonymous_user(struct ksmbd_user *user)
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index f5cc7a62d848..9dfe222e51ab 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -55,7 +55,7 @@ static void __session_rpc_close(struct ksmbd_session *sess,
ksmbd_free(resp);
ksmbd_rpc_id_free(entry->id);
- ksmbd_free(entry);
+ kfree(entry);
}
static void ksmbd_session_rpc_clear_list(struct ksmbd_session *sess)
@@ -121,7 +121,7 @@ int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name)
return entry->id;
error:
list_del(&entry->list);
- ksmbd_free(entry);
+ kfree(entry);
return -EINVAL;
}
@@ -176,7 +176,7 @@ void ksmbd_session_destroy(struct ksmbd_session *sess)
ksmbd_release_id(session_ida, sess->id);
ksmbd_ida_free(sess->tree_conn_ida);
- ksmbd_free(sess);
+ kfree(sess);
}
static struct ksmbd_session *__session_lookup(unsigned long long id)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 0b7199444f73..7549b35bb792 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1611,7 +1611,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
ksmbd_conn_set_good(work);
sess->state = SMB2_SESSION_VALID;
- ksmbd_free(sess->Preauth_HashValue);
+ kfree(sess->Preauth_HashValue);
sess->Preauth_HashValue = NULL;
} else if (conn->preferred_auth_mech == KSMBD_AUTH_NTLMSSP) {
rc = generate_preauth_hash(work);
@@ -1637,7 +1637,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
ksmbd_conn_set_good(work);
sess->state = SMB2_SESSION_VALID;
- ksmbd_free(sess->Preauth_HashValue);
+ kfree(sess->Preauth_HashValue);
sess->Preauth_HashValue = NULL;
}
} else {
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index 67163efcf472..040881893417 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -551,7 +551,7 @@ void ksmbd_tcp_destroy(void)
list_for_each_entry_safe(iface, tmp, &iface_list, entry) {
list_del(&iface->entry);
kfree(iface->name);
- ksmbd_free(iface);
+ kfree(iface);
}
}
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index ec631dc6f1fb..f2a863542dc7 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -829,6 +829,6 @@ void ksmbd_destroy_file_table(struct ksmbd_file_table *ft)
__close_file_table_ids(ft, NULL, session_fd_check);
idr_destroy(ft->idr);
- ksmbd_free(ft->idr);
+ kfree(ft->idr);
ft->idr = NULL;
}
From patchwork Mon Nov 14 12:49:04 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183132
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:28 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:28 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:27 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 035/308] cifsd: fix memdup.cocci warnings
Date: Mon, 14 Nov 2022 20:49:04 +0800
Message-ID: <20221114125337.1831594-36-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
060aa6ee-f3ad-4812-e000-08dac63c4a9d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6845608
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: kernel test robot <lkp(a)intel.com>
mainline inclusion
from mainline-5.15-rc1
commit 86f52978465b8f4e384880a5fd0543e9e455fb62
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/86f52978465b
-------------------------------
fs/cifsd/smb2pdu.c:1177:27-34: WARNING opportunity for kmemdup
Use kmemdup rather than duplicating its implementation
Generated by: scripts/coccinelle/api/memdup.cocci
Reported-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 7549b35bb792..e6cdc3b89d85 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1161,13 +1161,11 @@ static int alloc_preauth_hash(struct ksmbd_session *sess,
if (sess->Preauth_HashValue)
return 0;
- sess->Preauth_HashValue = kmalloc(PREAUTH_HASHVALUE_SIZE, GFP_KERNEL);
+ sess->Preauth_HashValue = kmemdup(conn->preauth_info->Preauth_HashValue,
+ PREAUTH_HASHVALUE_SIZE, GFP_KERNEL);
if (!sess->Preauth_HashValue)
return -ENOMEM;
- memcpy(sess->Preauth_HashValue,
- conn->preauth_info->Preauth_HashValue,
- PREAUTH_HASHVALUE_SIZE);
return 0;
}
From patchwork Mon Nov 14 12:49:05 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183133
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:28 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:28 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 036/308] cifsd: remove wrappers of kvmalloc/kvfree
Date: Mon, 14 Nov 2022 20:49:05 +0800
Message-ID: <20221114125337.1831594-37-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
76d26842-2093-418f-e416-08dac63c4ae6
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7260012
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 79f6b11a104f3a32f4f4a6f7808a02c301c19710
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/79f6b11a104f
-------------------------------
Do directly call kvmalloc/kvfree().
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 2 +-
fs/cifsd/buffer_pool.c | 36 +++-------------------------------
fs/cifsd/buffer_pool.h | 8 --------
fs/cifsd/connection.c | 6 +++---
fs/cifsd/crypto_ctx.c | 4 ++--
fs/cifsd/ksmbd_work.c | 8 ++++----
fs/cifsd/mgmt/share_config.c | 3 ++-
fs/cifsd/mgmt/tree_connect.c | 10 +++++-----
fs/cifsd/mgmt/user_config.c | 3 ++-
fs/cifsd/mgmt/user_session.c | 4 ++--
fs/cifsd/smb2pdu.c | 38 ++++++++++++++++++------------------
fs/cifsd/transport_ipc.c | 6 +++---
fs/cifsd/vfs.c | 23 +++++++++-------------
fs/cifsd/vfs.h | 1 -
14 files changed, 55 insertions(+), 97 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index b9fd62f77e1c..437e58a0826d 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -709,7 +709,7 @@ int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
*out_len = resp->spnego_blob_len;
retval = 0;
out:
- ksmbd_free(resp);
+ kvfree(resp);
return retval;
}
#else
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
index a9ef3e703232..caf22c190634 100644
--- a/fs/cifsd/buffer_pool.c
+++ b/fs/cifsd/buffer_pool.c
@@ -37,16 +37,6 @@ struct wm_list {
static LIST_HEAD(wm_lists);
static DEFINE_RWLOCK(wm_lists_lock);
-void *ksmbd_alloc(size_t size)
-{
- return kvmalloc(size, GFP_KERNEL | __GFP_ZERO);
-}
-
-void ksmbd_free(void *ptr)
-{
- kvfree(ptr);
-}
-
static struct wm *wm_alloc(size_t sz, gfp_t flags)
{
struct wm *wm;
@@ -169,7 +159,7 @@ static void release_wm(struct wm *wm, struct wm_list *wm_list)
wm_list->avail_wm--;
spin_unlock(&wm_list->wm_lock);
- ksmbd_free(wm);
+ kvfree(wm);
}
static void wm_list_free(struct wm_list *l)
@@ -195,26 +185,6 @@ static void wm_lists_destroy(void)
}
}
-void ksmbd_free_request(void *addr)
-{
- kvfree(addr);
-}
-
-void *ksmbd_alloc_request(size_t size)
-{
- return kvmalloc(size, GFP_KERNEL);
-}
-
-void ksmbd_free_response(void *buffer)
-{
- kvfree(buffer);
-}
-
-void *ksmbd_alloc_response(size_t size)
-{
- return kvmalloc(size, GFP_KERNEL | __GFP_ZERO);
-}
-
void *ksmbd_find_buffer(size_t size)
{
struct wm *wm;
@@ -247,11 +217,11 @@ void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz)
size_t sz = min(old_sz, new_sz);
void *nptr;
- nptr = ksmbd_alloc_response(new_sz);
+ nptr = kvmalloc(new_sz, GFP_KERNEL | __GFP_ZERO);
if (!nptr)
return ptr;
memcpy(nptr, ptr, sz);
- ksmbd_free_response(ptr);
+ kvfree(ptr);
return nptr;
}
diff --git a/fs/cifsd/buffer_pool.h b/fs/cifsd/buffer_pool.h
index 2b3d03afcf27..f7157144a92f 100644
--- a/fs/cifsd/buffer_pool.h
+++ b/fs/cifsd/buffer_pool.h
@@ -9,14 +9,6 @@
void *ksmbd_find_buffer(size_t size);
void ksmbd_release_buffer(void *buffer);
-void *ksmbd_alloc(size_t size);
-void ksmbd_free(void *ptr);
-
-void ksmbd_free_request(void *addr);
-void *ksmbd_alloc_request(size_t size);
-void ksmbd_free_response(void *buffer);
-void *ksmbd_alloc_response(size_t size);
-
void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz);
void ksmbd_free_file_struct(void *filp);
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
index df56e347b709..e1814492fb58 100644
--- a/fs/cifsd/connection.c
+++ b/fs/cifsd/connection.c
@@ -37,7 +37,7 @@ void ksmbd_conn_free(struct ksmbd_conn *conn)
list_del(&conn->conns_list);
write_unlock(&conn_list_lock);
- ksmbd_free_request(conn->request_buf);
+ kvfree(conn->request_buf);
ksmbd_ida_free(conn->async_ida);
kfree(conn->preauth_info);
kfree(conn);
@@ -284,7 +284,7 @@ int ksmbd_conn_handler_loop(void *p)
if (try_to_freeze())
continue;
- ksmbd_free_request(conn->request_buf);
+ kvfree(conn->request_buf);
conn->request_buf = NULL;
size = t->ops->read(t, hdr_buf, sizeof(hdr_buf));
@@ -303,7 +303,7 @@ int ksmbd_conn_handler_loop(void *p)
/* 4 for rfc1002 length field */
size = pdu_size + 4;
- conn->request_buf = ksmbd_alloc_request(size);
+ conn->request_buf = kvmalloc(size, GFP_KERNEL);
if (!conn->request_buf)
continue;
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index 15d7e2f7c3d7..2c31e8b32de7 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -105,7 +105,7 @@ static struct shash_desc *alloc_shash_desc(int id)
static struct ksmbd_crypto_ctx *ctx_alloc(void)
{
- return ksmbd_alloc(sizeof(struct ksmbd_crypto_ctx));
+ return kzalloc(sizeof(struct ksmbd_crypto_ctx), GFP_KERNEL);
}
static void ctx_free(struct ksmbd_crypto_ctx *ctx)
@@ -116,7 +116,7 @@ static void ctx_free(struct ksmbd_crypto_ctx *ctx)
free_shash(ctx->desc[i]);
for (i = 0; i < CRYPTO_AEAD_MAX; i++)
free_aead(ctx->ccmaes[i]);
- ksmbd_free(ctx);
+ kfree(ctx);
}
static struct ksmbd_crypto_ctx *ksmbd_find_crypto_ctx(void)
diff --git a/fs/cifsd/ksmbd_work.c b/fs/cifsd/ksmbd_work.c
index 505e59df3071..33ee52c1829f 100644
--- a/fs/cifsd/ksmbd_work.c
+++ b/fs/cifsd/ksmbd_work.c
@@ -42,16 +42,16 @@ void ksmbd_free_work_struct(struct ksmbd_work *work)
work->set_trans_buf)
ksmbd_release_buffer(work->response_buf);
else
- ksmbd_free_response(work->response_buf);
+ kvfree(work->response_buf);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF &&
work->set_read_buf)
ksmbd_release_buffer(work->aux_payload_buf);
else
- ksmbd_free_response(work->aux_payload_buf);
+ kvfree(work->aux_payload_buf);
- ksmbd_free_response(work->tr_buf);
- ksmbd_free_request(work->request_buf);
+ kfree(work->tr_buf);
+ kvfree(work->request_buf);
if (work->async_id)
ksmbd_release_id(work->conn->async_ida, work->async_id);
kmem_cache_free(work_cache, work);
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index 11abdbc8a533..910d03516b73 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -10,6 +10,7 @@
#include <linux/parser.h>
#include <linux/namei.h>
#include <linux/sched.h>
+#include <linux/mm.h>
#include "share_config.h"
#include "user_config.h"
@@ -182,7 +183,7 @@ static struct ksmbd_share_config *share_config_request(char *name)
up_write(&shares_table_lock);
out:
- ksmbd_free(resp);
+ kvfree(resp);
return share;
}
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/cifsd/mgmt/tree_connect.c
index 0c8374e8240f..d3f28b10db4b 100644
--- a/fs/cifsd/mgmt/tree_connect.c
+++ b/fs/cifsd/mgmt/tree_connect.c
@@ -31,7 +31,7 @@ ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
if (!sc)
return status;
- tree_conn = ksmbd_alloc(sizeof(struct ksmbd_tree_connect));
+ tree_conn = kzalloc(sizeof(struct ksmbd_tree_connect), GFP_KERNEL);
if (!tree_conn) {
status.ret = -ENOMEM;
goto out_error;
@@ -68,15 +68,15 @@ ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
status.ret = -ENOMEM;
goto out_error;
}
- ksmbd_free(resp);
+ kvfree(resp);
return status;
out_error:
if (tree_conn)
ksmbd_release_tree_conn_id(sess, tree_conn->id);
ksmbd_share_config_put(sc);
- ksmbd_free(tree_conn);
- ksmbd_free(resp);
+ kfree(tree_conn);
+ kvfree(resp);
return status;
}
@@ -89,7 +89,7 @@ int ksmbd_tree_conn_disconnect(struct ksmbd_session *sess,
ksmbd_release_tree_conn_id(sess, tree_conn->id);
xa_erase(&sess->tree_conns, tree_conn->id);
ksmbd_share_config_put(tree_conn->share_conf);
- ksmbd_free(tree_conn);
+ kfree(tree_conn);
return ret;
}
diff --git a/fs/cifsd/mgmt/user_config.c b/fs/cifsd/mgmt/user_config.c
index c31e2c4d2d6f..7f898c5bda25 100644
--- a/fs/cifsd/mgmt/user_config.c
+++ b/fs/cifsd/mgmt/user_config.c
@@ -4,6 +4,7 @@
*/
#include <linux/slab.h>
+#include <linux/mm.h>
#include "user_config.h"
#include "../buffer_pool.h"
@@ -23,7 +24,7 @@ struct ksmbd_user *ksmbd_login_user(const char *account)
user = ksmbd_alloc_user(resp);
out:
- ksmbd_free(resp);
+ kvfree(resp);
return user;
}
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index 9dfe222e51ab..bd5789b7e08e 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -53,7 +53,7 @@ static void __session_rpc_close(struct ksmbd_session *sess,
if (!resp)
pr_err("Unable to close RPC pipe %d\n", entry->id);
- ksmbd_free(resp);
+ kvfree(resp);
ksmbd_rpc_id_free(entry->id);
kfree(entry);
}
@@ -117,7 +117,7 @@ int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name)
if (!resp)
goto error;
- ksmbd_free(resp);
+ kvfree(resp);
return entry->id;
error:
list_del(&entry->list);
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index e6cdc3b89d85..c1f6361603b9 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -563,7 +563,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
work->set_trans_buf)
work->response_buf = ksmbd_find_buffer(sz);
else
- work->response_buf = ksmbd_alloc_response(sz);
+ work->response_buf = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
if (!work->response_buf) {
ksmbd_err("Failed to allocate %zu bytes buffer\n", sz);
@@ -2283,7 +2283,7 @@ static int smb2_remove_smb_xattrs(struct dentry *dentry)
ksmbd_debug(SMB, "remove xattr failed : %s\n", name);
}
out:
- ksmbd_vfs_xattr_free(xattr_list);
+ kvfree(xattr_list);
return err;
}
@@ -4190,12 +4190,12 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
buf_free_len -= value_len;
if (buf_free_len < 0) {
- ksmbd_free(buf);
+ kfree(buf);
break;
}
memcpy(ptr, buf, value_len);
- ksmbd_free(buf);
+ kfree(buf);
ptr += value_len;
eainfo->Flags = 0;
@@ -4240,7 +4240,7 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
rsp->OutputBufferLength = cpu_to_le32(rsp_data_cnt);
inc_rfc1001_len(rsp_org, rsp_data_cnt);
out:
- ksmbd_vfs_xattr_free(xattr_list);
+ kvfree(xattr_list);
return rc;
}
@@ -4510,7 +4510,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
/* last entry offset should be 0 */
file_info->NextEntryOffset = 0;
out:
- ksmbd_vfs_xattr_free(xattr_list);
+ kvfree(xattr_list);
rsp->OutputBufferLength = cpu_to_le32(nbytes);
inc_rfc1001_len(rsp_org, nbytes);
@@ -5976,7 +5976,7 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
}
work->aux_payload_buf =
- ksmbd_alloc_response(rpc_resp->payload_sz);
+ kvmalloc(rpc_resp->payload_sz, GFP_KERNEL | __GFP_ZERO);
if (!work->aux_payload_buf) {
err = -ENOMEM;
goto out;
@@ -5988,7 +5988,7 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
nbytes = rpc_resp->payload_sz;
work->resp_hdr_sz = get_rfc1002_len(rsp) + 4;
work->aux_payload_sz = nbytes;
- ksmbd_free(rpc_resp);
+ kvfree(rpc_resp);
}
rsp->StructureSize = cpu_to_le16(17);
@@ -6003,7 +6003,7 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
out:
rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;
smb2_set_err_rsp(work);
- ksmbd_free(rpc_resp);
+ kvfree(rpc_resp);
return err;
}
@@ -6094,7 +6094,7 @@ int smb2_read(struct ksmbd_work *work)
ksmbd_find_buffer(conn->vals->max_read_size);
work->set_read_buf = true;
} else {
- work->aux_payload_buf = ksmbd_alloc_response(length);
+ work->aux_payload_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO);
}
if (!work->aux_payload_buf) {
err = -ENOMEM;
@@ -6111,7 +6111,7 @@ int smb2_read(struct ksmbd_work *work)
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
ksmbd_release_buffer(work->aux_payload_buf);
else
- ksmbd_free_response(work->aux_payload_buf);
+ kvfree(work->aux_payload_buf);
work->aux_payload_buf = NULL;
rsp->hdr.Status = STATUS_END_OF_FILE;
smb2_set_err_rsp(work);
@@ -6130,7 +6130,7 @@ int smb2_read(struct ksmbd_work *work)
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
ksmbd_release_buffer(work->aux_payload_buf);
else
- ksmbd_free_response(work->aux_payload_buf);
+ kvfree(work->aux_payload_buf);
work->aux_payload_buf = NULL;
nbytes = 0;
@@ -6215,17 +6215,17 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
if (rpc_resp) {
if (rpc_resp->flags == KSMBD_RPC_ENOTIMPLEMENTED) {
rsp->hdr.Status = STATUS_NOT_SUPPORTED;
- ksmbd_free(rpc_resp);
+ kvfree(rpc_resp);
smb2_set_err_rsp(work);
return -EOPNOTSUPP;
}
if (rpc_resp->flags != KSMBD_RPC_OK) {
rsp->hdr.Status = STATUS_INVALID_HANDLE;
smb2_set_err_rsp(work);
- ksmbd_free(rpc_resp);
+ kvfree(rpc_resp);
return ret;
}
- ksmbd_free(rpc_resp);
+ kvfree(rpc_resp);
}
rsp->StructureSize = cpu_to_le16(17);
@@ -6271,7 +6271,7 @@ static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
(req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
work->remote_key = le32_to_cpu(desc->token);
- data_buf = ksmbd_alloc_response(length);
+ data_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO);
if (!data_buf)
return -ENOMEM;
@@ -6280,12 +6280,12 @@ static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
le64_to_cpu(desc->offset),
le32_to_cpu(desc->length));
if (ret < 0) {
- ksmbd_free_response(data_buf);
+ kvfree(data_buf);
return ret;
}
ret = ksmbd_vfs_write(work, fp, data_buf, length, &offset, sync, &nbytes);
- ksmbd_free_response(data_buf);
+ kvfree(data_buf);
if (ret < 0)
return ret;
@@ -7307,7 +7307,7 @@ static int fsctl_pipe_transceive(struct ksmbd_work *work, u64 id,
memcpy((char *)rsp->Buffer, rpc_resp->payload, nbytes);
}
out:
- ksmbd_free(rpc_resp);
+ kvfree(rpc_resp);
return nbytes;
}
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index 1bbff53436b3..60c0289402c1 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -233,7 +233,7 @@ static struct ksmbd_ipc_msg *ipc_msg_alloc(size_t sz)
struct ksmbd_ipc_msg *msg;
size_t msg_sz = sz + sizeof(struct ksmbd_ipc_msg);
- msg = ksmbd_alloc(msg_sz);
+ msg = kvmalloc(msg_sz, GFP_KERNEL | __GFP_ZERO);
if (msg)
msg->sz = sz;
return msg;
@@ -241,7 +241,7 @@ static struct ksmbd_ipc_msg *ipc_msg_alloc(size_t sz)
static void ipc_msg_free(struct ksmbd_ipc_msg *msg)
{
- ksmbd_free(msg);
+ kvfree(msg);
}
static void ipc_msg_handle_free(int handle)
@@ -272,7 +272,7 @@ static int handle_response(int type, void *payload, size_t sz)
entry->type + 1, type);
}
- entry->response = ksmbd_alloc(sz);
+ entry->response = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
if (!entry->response) {
ret = -ENOMEM;
break;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index ef823679f6be..d3882208a259 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -244,7 +244,7 @@ static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry, char *attr_name,
}
out:
- ksmbd_vfs_xattr_free(xattr_list);
+ kvfree(xattr_list);
return value_len;
}
@@ -401,7 +401,7 @@ static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
}
if (v_len < size) {
- wbuf = ksmbd_alloc(size);
+ wbuf = kvmalloc(size, GFP_KERNEL | __GFP_ZERO);
if (!wbuf) {
err = -ENOMEM;
goto out;
@@ -425,7 +425,7 @@ static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
fp->filp->f_pos = *pos;
err = 0;
out:
- ksmbd_free(stream_buf);
+ kvfree(stream_buf);
return err;
}
@@ -844,7 +844,7 @@ ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list)
if (size <= 0)
return size;
- vlist = ksmbd_alloc(size);
+ vlist = kvmalloc(size, GFP_KERNEL | __GFP_ZERO);
if (!vlist)
return -ENOMEM;
@@ -852,7 +852,7 @@ ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list)
size = vfs_listxattr(dentry, vlist, size);
if (size < 0) {
ksmbd_debug(VFS, "listxattr failed\n");
- ksmbd_vfs_xattr_free(vlist);
+ kvfree(vlist);
*list = NULL;
}
@@ -1049,11 +1049,6 @@ int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name)
return vfs_removexattr(&init_user_ns, dentry, attr_name);
}
-void ksmbd_vfs_xattr_free(char *xattr)
-{
- ksmbd_free(xattr);
-}
-
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
{
int err = 0;
@@ -1297,7 +1292,7 @@ int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry)
}
}
out:
- ksmbd_vfs_xattr_free(xattr_list);
+ kvfree(xattr_list);
return err;
}
@@ -1326,7 +1321,7 @@ int ksmbd_vfs_remove_sd_xattrs(struct dentry *dentry)
}
}
out:
- ksmbd_vfs_xattr_free(xattr_list);
+ kvfree(xattr_list);
return err;
}
@@ -1558,7 +1553,7 @@ int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
n.length = err;
if (ndr_decode_dos_attr(&n, da))
err = -EINVAL;
- ksmbd_free(n.data);
+ kfree(n.data);
} else {
ksmbd_debug(SMB, "failed to load dos attribute in xattr\n");
}
@@ -1683,7 +1678,7 @@ ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry, char *attr_name,
}
out:
- ksmbd_vfs_xattr_free(xattr_list);
+ kvfree(xattr_list);
return value_len;
}
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index b41b23d40636..0163be4297de 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -229,7 +229,6 @@ int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
size_t *xattr_stream_name_size, int s_type);
int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
-void ksmbd_vfs_xattr_free(char *xattr);
int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
bool caseless);
int ksmbd_vfs_empty_dir(struct ksmbd_file *fp);
From patchwork Mon Nov 14 12:49:06 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183134
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:29 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:29 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 037/308] cifsd: prevent a integer overflow in
wm_alloc()
Date: Mon, 14 Nov 2022 20:49:06 +0800
Message-ID: <20221114125337.1831594-38-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
935ec38d-f772-4725-9cd3-08dac63c4b2f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7199482
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 4030b278368d89bba99a31e87766968cbf7909d2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4030b278368d
-------------------------------
Dan Carpenter pointed out that there there is a possibility of
integer overflow. This patch prevent a integer overflow in wm_alloc().
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/buffer_pool.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
index caf22c190634..1ee1feef1bb4 100644
--- a/fs/cifsd/buffer_pool.c
+++ b/fs/cifsd/buffer_pool.c
@@ -42,6 +42,9 @@ static struct wm *wm_alloc(size_t sz, gfp_t flags)
struct wm *wm;
size_t alloc_sz = sz + sizeof(struct wm);
+ if (sz > SIZE_MAX - sizeof(struct wm))
+ return NULL;
+
wm = kvmalloc(alloc_sz, flags);
if (!wm)
return NULL;
From patchwork Mon Nov 14 12:49:07 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183135
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:29 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:29 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 038/308] cifsd: remove unused including
<linux/version.h>
Date: Mon, 14 Nov 2022 20:49:07 +0800
Message-ID: <20221114125337.1831594-39-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
87b01901-f448-4f7b-5ebd-08dac63c4b79
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7032996
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Tian Tao <tiantao6(a)hisilicon.com>
mainline inclusion
from mainline-5.15-rc1
commit 1920bb1f8022202530eeae3e488d6f5156799faf
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1920bb1f8022
-------------------------------
Remove including <linux/version.h> that don't need it.
Signed-off-by: Tian Tao <tiantao6(a)hisilicon.com>
Signed-off-by: Zhiqi Song <songzhiqi1(a)huawei.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/crypto_ctx.c | 1 -
fs/cifsd/glob.h | 1 -
fs/cifsd/mgmt/tree_connect.c | 1 -
fs/cifsd/mgmt/user_session.c | 1 -
fs/cifsd/mgmt/user_session.h | 1 -
fs/cifsd/misc.c | 1 -
fs/cifsd/vfs.c | 1 -
fs/cifsd/vfs_cache.h | 1 -
8 files changed, 8 deletions(-)
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index 2c31e8b32de7..8322b0f7a7fc 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -9,7 +9,6 @@
#include <linux/slab.h>
#include <linux/wait.h>
#include <linux/sched.h>
-#include <linux/version.h>
#include "glob.h"
#include "crypto_ctx.h"
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
index d0bc6edd0477..9d70093a837a 100644
--- a/fs/cifsd/glob.h
+++ b/fs/cifsd/glob.h
@@ -8,7 +8,6 @@
#define __KSMBD_GLOB_H
#include <linux/ctype.h>
-#include <linux/version.h>
#include "unicode.h"
#include "vfs_cache.h"
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/cifsd/mgmt/tree_connect.c
index d3f28b10db4b..b9cd8fc46e5e 100644
--- a/fs/cifsd/mgmt/tree_connect.c
+++ b/fs/cifsd/mgmt/tree_connect.c
@@ -5,7 +5,6 @@
#include <linux/list.h>
#include <linux/slab.h>
-#include <linux/version.h>
#include <linux/xarray.h>
#include "../buffer_pool.h"
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index bd5789b7e08e..52c5c036ecf9 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -6,7 +6,6 @@
#include <linux/list.h>
#include <linux/slab.h>
#include <linux/rwsem.h>
-#include <linux/version.h>
#include <linux/xarray.h>
#include "ksmbd_ida.h"
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
index 1a97c851f2fc..ad5c0430b62a 100644
--- a/fs/cifsd/mgmt/user_session.h
+++ b/fs/cifsd/mgmt/user_session.h
@@ -7,7 +7,6 @@
#define __USER_SESSION_MANAGEMENT_H__
#include <linux/hashtable.h>
-#include <linux/version.h>
#include <linux/xarray.h>
#include "../smb_common.h"
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
index b6f3f0818217..cbaaecf2eca1 100644
--- a/fs/cifsd/misc.c
+++ b/fs/cifsd/misc.c
@@ -5,7 +5,6 @@
*/
#include <linux/kernel.h>
-#include <linux/version.h>
#include <linux/xattr.h>
#include <linux/fs.h>
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index d3882208a259..5985d2d1f276 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -9,7 +9,6 @@
#include <linux/uaccess.h>
#include <linux/backing-dev.h>
#include <linux/writeback.h>
-#include <linux/version.h>
#include <linux/xattr.h>
#include <linux/falloc.h>
#include <linux/genhd.h>
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index 318dcb1a297a..8226fdf882e4 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -6,7 +6,6 @@
#ifndef __VFS_CACHE_H__
#define __VFS_CACHE_H__
-#include <linux/version.h>
#include <linux/file.h>
#include <linux/fs.h>
#include <linux/rwsem.h>
From patchwork Mon Nov 14 12:49:08 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183136
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:30 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:29 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 039/308] cifsd: declare ida statically
Date: Mon, 14 Nov 2022 20:49:08 +0800
Message-ID: <20221114125337.1831594-40-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7d4294d6-c6fe-4660-16c9-08dac63c4bc2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7164172
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit d40012a83f87f47967ad0b3c346179c7e5339ae7
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d40012a83f87
-------------------------------
Matthew pointed out that embedding struct ida into the struct is
better than having a pointer to it.
This patch initialise it statically using DEFINE_IDA() or ida_init()
and remove ksmbd_ida_alloc/free().
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/connection.c | 3 +--
fs/cifsd/connection.h | 2 +-
fs/cifsd/ksmbd_work.c | 2 +-
fs/cifsd/mgmt/ksmbd_ida.c | 45 ++++++++++--------------------------
fs/cifsd/mgmt/ksmbd_ida.h | 17 ++++----------
fs/cifsd/mgmt/user_session.c | 29 +++++------------------
fs/cifsd/mgmt/user_session.h | 7 +-----
fs/cifsd/server.c | 7 ------
fs/cifsd/smb2pdu.c | 4 ++--
fs/cifsd/transport_ipc.c | 34 +++++++++------------------
10 files changed, 40 insertions(+), 110 deletions(-)
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
index e1814492fb58..4785dd59fcc5 100644
--- a/fs/cifsd/connection.c
+++ b/fs/cifsd/connection.c
@@ -38,7 +38,6 @@ void ksmbd_conn_free(struct ksmbd_conn *conn)
write_unlock(&conn_list_lock);
kvfree(conn->request_buf);
- ksmbd_ida_free(conn->async_ida);
kfree(conn->preauth_info);
kfree(conn);
}
@@ -70,7 +69,7 @@ struct ksmbd_conn *ksmbd_conn_alloc(void)
INIT_LIST_HEAD(&conn->async_requests);
spin_lock_init(&conn->request_lock);
spin_lock_init(&conn->credits_lock);
- conn->async_ida = ksmbd_ida_alloc();
+ ida_init(&conn->async_ida);
write_lock(&conn_list_lock);
list_add(&conn->conns_list, &conn_list);
diff --git a/fs/cifsd/connection.h b/fs/cifsd/connection.h
index 021dada3d76d..00ede7a67199 100644
--- a/fs/cifsd/connection.h
+++ b/fs/cifsd/connection.h
@@ -101,7 +101,7 @@ struct ksmbd_conn {
struct sockaddr_storage peer_addr;
/* Identifier for async message */
- struct ksmbd_ida *async_ida;
+ struct ida async_ida;
__le16 cipher_type;
__le16 compress_algorithm;
diff --git a/fs/cifsd/ksmbd_work.c b/fs/cifsd/ksmbd_work.c
index 33ee52c1829f..eb8c8a34acab 100644
--- a/fs/cifsd/ksmbd_work.c
+++ b/fs/cifsd/ksmbd_work.c
@@ -53,7 +53,7 @@ void ksmbd_free_work_struct(struct ksmbd_work *work)
kfree(work->tr_buf);
kvfree(work->request_buf);
if (work->async_id)
- ksmbd_release_id(work->conn->async_ida, work->async_id);
+ ksmbd_release_id(&work->conn->async_ida, work->async_id);
kmem_cache_free(work_cache, work);
}
diff --git a/fs/cifsd/mgmt/ksmbd_ida.c b/fs/cifsd/mgmt/ksmbd_ida.c
index cbc9fd049852..3dbc27cb5385 100644
--- a/fs/cifsd/mgmt/ksmbd_ida.c
+++ b/fs/cifsd/mgmt/ksmbd_ida.c
@@ -5,65 +5,44 @@
#include "ksmbd_ida.h"
-struct ksmbd_ida *ksmbd_ida_alloc(void)
+static inline int __acquire_id(struct ida *ida, int from, int to)
{
- struct ksmbd_ida *ida;
-
- ida = kmalloc(sizeof(struct ksmbd_ida), GFP_KERNEL);
- if (!ida)
- return NULL;
-
- ida_init(&ida->map);
- return ida;
-}
-
-void ksmbd_ida_free(struct ksmbd_ida *ida)
-{
- if (!ida)
- return;
-
- ida_destroy(&ida->map);
- kfree(ida);
-}
-
-static inline int __acquire_id(struct ksmbd_ida *ida, int from, int to)
-{
- return ida_simple_get(&ida->map, from, to, GFP_KERNEL);
+ return ida_simple_get(ida, from, to, GFP_KERNEL);
}
-int ksmbd_acquire_smb2_tid(struct ksmbd_ida *ida)
+int ksmbd_acquire_smb2_tid(struct ida *ida)
{
int id;
- do {
+ id = __acquire_id(ida, 0, 0);
+ if (id == 0xFFFF)
id = __acquire_id(ida, 0, 0);
- } while (id == 0xFFFF);
return id;
}
-int ksmbd_acquire_smb2_uid(struct ksmbd_ida *ida)
+int ksmbd_acquire_smb2_uid(struct ida *ida)
{
int id;
- do {
+ id = __acquire_id(ida, 1, 0);
+ if (id == 0xFFFE)
id = __acquire_id(ida, 1, 0);
- } while (id == 0xFFFE);
return id;
}
-int ksmbd_acquire_async_msg_id(struct ksmbd_ida *ida)
+int ksmbd_acquire_async_msg_id(struct ida *ida)
{
return __acquire_id(ida, 1, 0);
}
-int ksmbd_acquire_id(struct ksmbd_ida *ida)
+int ksmbd_acquire_id(struct ida *ida)
{
return __acquire_id(ida, 0, 0);
}
-void ksmbd_release_id(struct ksmbd_ida *ida, int id)
+void ksmbd_release_id(struct ida *ida, int id)
{
- ida_simple_remove(&ida->map, id);
+ ida_simple_remove(ida, id);
}
diff --git a/fs/cifsd/mgmt/ksmbd_ida.h b/fs/cifsd/mgmt/ksmbd_ida.h
index b075156adf23..2bc07b16cfde 100644
--- a/fs/cifsd/mgmt/ksmbd_ida.h
+++ b/fs/cifsd/mgmt/ksmbd_ida.h
@@ -9,13 +9,6 @@
#include <linux/slab.h>
#include <linux/idr.h>
-struct ksmbd_ida {
- struct ida map;
-};
-
-struct ksmbd_ida *ksmbd_ida_alloc(void);
-void ksmbd_ida_free(struct ksmbd_ida *ida);
-
/*
* 2.2.1.6.7 TID Generation
* The value 0xFFFF MUST NOT be used as a valid TID. All other
@@ -23,7 +16,7 @@ void ksmbd_ida_free(struct ksmbd_ida *ida);
* The value 0xFFFF is used to specify all TIDs or no TID,
* depending upon the context in which it is used.
*/
-int ksmbd_acquire_smb2_tid(struct ksmbd_ida *ida);
+int ksmbd_acquire_smb2_tid(struct ida *ida);
/*
* 2.2.1.6.8 UID Generation
@@ -32,10 +25,10 @@ int ksmbd_acquire_smb2_tid(struct ksmbd_ida *ida);
* valid UID.<21> All other possible values for a UID, excluding
* zero (0x0000), are valid.
*/
-int ksmbd_acquire_smb2_uid(struct ksmbd_ida *ida);
-int ksmbd_acquire_async_msg_id(struct ksmbd_ida *ida);
+int ksmbd_acquire_smb2_uid(struct ida *ida);
+int ksmbd_acquire_async_msg_id(struct ida *ida);
-int ksmbd_acquire_id(struct ksmbd_ida *ida);
+int ksmbd_acquire_id(struct ida *ida);
-void ksmbd_release_id(struct ksmbd_ida *ida, int id);
+void ksmbd_release_id(struct ida *ida, int id);
#endif /* __KSMBD_IDA_MANAGEMENT_H__ */
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index 52c5c036ecf9..739588a6c96a 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -17,7 +17,7 @@
#include "../buffer_pool.h"
#include "../vfs_cache.h"
-static struct ksmbd_ida *session_ida;
+static DEFINE_IDA(session_ida);
#define SESSION_HASH_BITS 3
static DEFINE_HASHTABLE(sessions_table, SESSION_HASH_BITS);
@@ -172,9 +172,7 @@ void ksmbd_session_destroy(struct ksmbd_session *sess)
ksmbd_session_rpc_clear_list(sess);
free_channel_list(sess);
kfree(sess->Preauth_HashValue);
- ksmbd_release_id(session_ida, sess->id);
-
- ksmbd_ida_free(sess->tree_conn_ida);
+ ksmbd_release_id(&session_ida, sess->id);
kfree(sess);
}
@@ -254,7 +252,7 @@ struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id)
static int __init_smb2_session(struct ksmbd_session *sess)
{
- int id = ksmbd_acquire_smb2_uid(session_ida);
+ int id = ksmbd_acquire_smb2_uid(&session_ida);
if (id < 0)
return -EINVAL;
@@ -294,9 +292,7 @@ static struct ksmbd_session *__session_create(int protocol)
if (ret)
goto error;
- sess->tree_conn_ida = ksmbd_ida_alloc();
- if (!sess->tree_conn_ida)
- goto error;
+ ida_init(&sess->tree_conn_ida);
if (protocol == CIFDS_SESSION_FLAG_SMB2) {
down_write(&sessions_table_lock);
@@ -320,7 +316,7 @@ int ksmbd_acquire_tree_conn_id(struct ksmbd_session *sess)
int id = -EINVAL;
if (test_session_flag(sess, CIFDS_SESSION_FLAG_SMB2))
- id = ksmbd_acquire_smb2_tid(sess->tree_conn_ida);
+ id = ksmbd_acquire_smb2_tid(&sess->tree_conn_ida);
return id;
}
@@ -328,18 +324,5 @@ int ksmbd_acquire_tree_conn_id(struct ksmbd_session *sess)
void ksmbd_release_tree_conn_id(struct ksmbd_session *sess, int id)
{
if (id >= 0)
- ksmbd_release_id(sess->tree_conn_ida, id);
-}
-
-int ksmbd_init_session_table(void)
-{
- session_ida = ksmbd_ida_alloc();
- if (!session_ida)
- return -ENOMEM;
- return 0;
-}
-
-void ksmbd_free_session_table(void)
-{
- ksmbd_ida_free(session_ida);
+ ksmbd_release_id(&sess->tree_conn_ida, id);
}
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
index ad5c0430b62a..72b40348bdc4 100644
--- a/fs/cifsd/mgmt/user_session.h
+++ b/fs/cifsd/mgmt/user_session.h
@@ -16,7 +16,6 @@
#define PREAUTH_HASHVALUE_SIZE 64
-struct ksmbd_ida;
struct ksmbd_file_table;
struct channel {
@@ -52,7 +51,7 @@ struct ksmbd_session {
struct hlist_node hlist;
struct list_head ksmbd_chann_list;
struct xarray tree_conns;
- struct ksmbd_ida *tree_conn_ida;
+ struct ida tree_conn_ida;
struct list_head rpc_handle_list;
@@ -101,8 +100,4 @@ void ksmbd_session_rpc_close(struct ksmbd_session *sess, int id);
int ksmbd_session_rpc_method(struct ksmbd_session *sess, int id);
int get_session(struct ksmbd_session *sess);
void put_session(struct ksmbd_session *sess);
-
-int ksmbd_init_session_table(void);
-void ksmbd_free_session_table(void);
-
#endif /* __USER_SESSION_MANAGEMENT_H__ */
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index 04f959a88a1a..4aff89ce1464 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -537,7 +537,6 @@ static int ksmbd_server_shutdown(void)
ksmbd_workqueue_destroy();
ksmbd_ipc_release();
ksmbd_conn_transport_destroy();
- ksmbd_free_session_table();
ksmbd_crypto_destroy();
ksmbd_free_global_file_table();
destroy_lease_table(NULL);
@@ -566,10 +565,6 @@ static int __init ksmbd_server_init(void)
if (ret)
goto err_unregister;
- ret = ksmbd_init_session_table();
- if (ret)
- goto err_destroy_pools;
-
ret = ksmbd_ipc_init();
if (ret)
goto err_free_session_table;
@@ -600,8 +595,6 @@ static int __init ksmbd_server_init(void)
err_ipc_release:
ksmbd_ipc_release();
err_free_session_table:
- ksmbd_free_session_table();
-err_destroy_pools:
ksmbd_destroy_buffer_pools();
err_unregister:
class_unregister(&ksmbd_control_class);
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index c1f6361603b9..cc4e8f11c487 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -517,7 +517,7 @@ int init_smb2_rsp_hdr(struct ksmbd_work *work)
work->syncronous = true;
if (work->async_id) {
- ksmbd_release_id(conn->async_ida, work->async_id);
+ ksmbd_release_id(&conn->async_ida, work->async_id);
work->async_id = 0;
}
@@ -685,7 +685,7 @@ int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
rsp_hdr = work->response_buf;
rsp_hdr->Flags |= SMB2_FLAGS_ASYNC_COMMAND;
- id = ksmbd_acquire_async_msg_id(conn->async_ida);
+ id = ksmbd_acquire_async_msg_id(&conn->async_ida);
if (id < 0) {
ksmbd_err("Failed to alloc async message id\n");
return id;
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index 60c0289402c1..78061fecf816 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -35,7 +35,7 @@ static DEFINE_HASHTABLE(ipc_msg_table, IPC_MSG_HASH_BITS);
static DECLARE_RWSEM(ipc_msg_table_lock);
static DEFINE_MUTEX(startup_lock);
-static struct ksmbd_ida *ida;
+static DEFINE_IDA(ipc_ida);
static unsigned int ksmbd_tools_pid;
@@ -247,7 +247,7 @@ static void ipc_msg_free(struct ksmbd_ipc_msg *msg)
static void ipc_msg_handle_free(int handle)
{
if (handle >= 0)
- ksmbd_release_id(ida, handle);
+ ksmbd_release_id(&ipc_ida, handle);
}
static int handle_response(int type, void *payload, size_t sz)
@@ -512,7 +512,7 @@ struct ksmbd_login_response *ksmbd_ipc_login_request(const char *account)
msg->type = KSMBD_EVENT_LOGIN_REQUEST;
req = KSMBD_IPC_MSG_PAYLOAD(msg);
- req->handle = ksmbd_acquire_id(ida);
+ req->handle = ksmbd_acquire_id(&ipc_ida);
strscpy(req->account, account, KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
resp = ipc_msg_send_request(msg, req->handle);
@@ -535,7 +535,7 @@ ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len)
msg->type = KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST;
req = KSMBD_IPC_MSG_PAYLOAD(msg);
- req->handle = ksmbd_acquire_id(ida);
+ req->handle = ksmbd_acquire_id(&ipc_ida);
req->spnego_blob_len = blob_len;
memcpy(req->spnego_blob, spnego_blob, blob_len);
@@ -568,7 +568,7 @@ ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
msg->type = KSMBD_EVENT_TREE_CONNECT_REQUEST;
req = KSMBD_IPC_MSG_PAYLOAD(msg);
- req->handle = ksmbd_acquire_id(ida);
+ req->handle = ksmbd_acquire_id(&ipc_ida);
req->account_flags = sess->user->flags;
req->session_id = sess->id;
req->connect_id = tree_conn->id;
@@ -646,7 +646,7 @@ ksmbd_ipc_share_config_request(const char *name)
msg->type = KSMBD_EVENT_SHARE_CONFIG_REQUEST;
req = KSMBD_IPC_MSG_PAYLOAD(msg);
- req->handle = ksmbd_acquire_id(ida);
+ req->handle = ksmbd_acquire_id(&ipc_ida);
strscpy(req->share_name, name, KSMBD_REQ_MAX_SHARE_NAME);
resp = ipc_msg_send_request(msg, req->handle);
@@ -785,7 +785,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payloa
msg->type = KSMBD_EVENT_RPC_REQUEST;
req = KSMBD_IPC_MSG_PAYLOAD(msg);
- req->handle = ksmbd_acquire_id(ida);
+ req->handle = ksmbd_acquire_id(&ipc_ida);
req->flags = rpc_context_flags(sess);
req->flags |= KSMBD_RPC_RAP_METHOD;
req->payload_sz = payload_sz;
@@ -842,18 +842,17 @@ static void ipc_timer_heartbeat(struct work_struct *w)
int ksmbd_ipc_id_alloc(void)
{
- return ksmbd_acquire_id(ida);
+ return ksmbd_acquire_id(&ipc_ida);
}
void ksmbd_rpc_id_free(int handle)
{
- ksmbd_release_id(ida, handle);
+ ksmbd_release_id(&ipc_ida, handle);
}
void ksmbd_ipc_release(void)
{
cancel_delayed_work_sync(&ipc_timer_work);
- ksmbd_ida_free(ida);
genl_unregister_family(&ksmbd_genl_family);
}
@@ -867,7 +866,7 @@ void ksmbd_ipc_soft_reset(void)
int ksmbd_ipc_init(void)
{
- int ret;
+ int ret = 0;
ksmbd_nl_init_fixup();
INIT_DELAYED_WORK(&ipc_timer_work, ipc_timer_heartbeat);
@@ -875,19 +874,8 @@ int ksmbd_ipc_init(void)
ret = genl_register_family(&ksmbd_genl_family);
if (ret) {
ksmbd_err("Failed to register KSMBD netlink interface %d\n", ret);
- goto cancel_work;
+ cancel_delayed_work_sync(&ipc_timer_work);
}
- ida = ksmbd_ida_alloc();
- if (!ida) {
- ret = -ENOMEM;
- goto unregister;
- }
- return 0;
-
-unregister:
- genl_unregister_family(&ksmbd_genl_family);
-cancel_work:
- cancel_delayed_work_sync(&ipc_timer_work);
return ret;
}
From patchwork Mon Nov 14 12:49:09 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183137
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:30 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:29 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 040/308] cifsd: add the check if parent is stable
by unexpected rename
Date: Mon, 14 Nov 2022 20:49:09 +0800
Message-ID: <20221114125337.1831594-41-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
8944c1d3-c0d5-4de0-a8bc-08dac63c4c0a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7155905
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit ff1d57272552e4d48e0aab015a457d0297915e0b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ff1d57272552
-------------------------------
This patch add the check if parent is stable by unexpected rename.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 12 +++---
fs/cifsd/vfs.c | 98 +++++++++++++++++++++++++++++++++++-----------
2 files changed, 80 insertions(+), 30 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index cc4e8f11c487..3fbd8e4925bb 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2844,12 +2844,10 @@ int smb2_open(struct ksmbd_work *work)
* is already granted.
*/
if (daccess & ~(FILE_READ_ATTRIBUTES_LE | FILE_READ_CONTROL_LE)) {
- if (ksmbd_vfs_inode_permission(path.dentry,
- open_flags & O_ACCMODE,
- may_delete)) {
- rc = -EACCES;
+ rc = ksmbd_vfs_inode_permission(path.dentry,
+ open_flags & O_ACCMODE, may_delete);
+ if (rc)
goto err_out;
- }
}
}
@@ -3260,7 +3258,7 @@ int smb2_open(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
else if (rc == -EOPNOTSUPP)
rsp->hdr.Status = STATUS_NOT_SUPPORTED;
- else if (rc == -EACCES)
+ else if (rc == -EACCES || rc == -ESTALE)
rsp->hdr.Status = STATUS_ACCESS_DENIED;
else if (rc == -ENOENT)
rsp->hdr.Status = STATUS_OBJECT_NAME_INVALID;
@@ -5938,7 +5936,7 @@ int smb2_set_info(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_DIRECTORY_NOT_EMPTY;
else if (rc == -EAGAIN)
rsp->hdr.Status = STATUS_FILE_LOCK_CONFLICT;
- else if (rc == -EBADF)
+ else if (rc == -EBADF || rc == -ESTALE)
rsp->hdr.Status = STATUS_INVALID_HANDLE;
else if (rc == -EEXIST)
rsp->hdr.Status = STATUS_OBJECT_NAME_COLLISION;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 5985d2d1f276..f818aeff244f 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -70,7 +70,7 @@ static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
{
- int mask;
+ int mask, ret = 0;
mask = 0;
acc_mode &= O_ACCMODE;
@@ -86,24 +86,39 @@ int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
return -EACCES;
if (delete) {
- struct dentry *parent;
+ struct dentry *child, *parent;
parent = dget_parent(dentry);
- if (!parent)
- return -EINVAL;
+ inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
+ child = lookup_one_len(dentry->d_name.name, parent,
+ dentry->d_name.len);
+ if (IS_ERR(child)) {
+ ret = PTR_ERR(child);
+ goto out_lock;
+ }
+
+ if (child != dentry) {
+ ret = -ESTALE;
+ dput(child);
+ goto out_lock;
+ }
+ dput(child);
if (inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE)) {
- dput(parent);
- return -EACCES;
+ ret = -EACCES;
+ goto out_lock;
}
+out_lock:
+ inode_unlock(d_inode(parent));
dput(parent);
}
- return 0;
+ return ret;
}
int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
{
- struct dentry *parent;
+ struct dentry *parent, *child;
+ int ret = 0;
*daccess = cpu_to_le32(FILE_READ_ATTRIBUTES | READ_CONTROL);
@@ -120,13 +135,28 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
*daccess |= FILE_EXECUTE_LE;
parent = dget_parent(dentry);
- if (!parent)
- return 0;
+ inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
+ child = lookup_one_len(dentry->d_name.name, parent,
+ dentry->d_name.len);
+ if (IS_ERR(child)) {
+ ret = PTR_ERR(child);
+ goto out_lock;
+ }
+
+ if (child != dentry) {
+ ret = -ESTALE;
+ dput(child);
+ goto out_lock;
+ }
+ dput(child);
if (!inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE))
*daccess |= FILE_DELETE_LE;
+
+out_lock:
+ inode_unlock(d_inode(parent));
dput(parent);
- return 0;
+ return ret;
}
/**
@@ -726,7 +756,7 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
{
struct path dst_path;
struct dentry *src_dent_parent, *dst_dent_parent;
- struct dentry *src_dent, *trap_dent;
+ struct dentry *src_dent, *trap_dent, *src_child;
char *dst_name;
int err;
@@ -735,11 +765,7 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
return -EINVAL;
src_dent_parent = dget_parent(fp->filp->f_path.dentry);
- if (!src_dent_parent)
- return -EINVAL;
-
src_dent = fp->filp->f_path.dentry;
- dget(src_dent);
err = kern_path(newname, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &dst_path);
if (err) {
@@ -747,20 +773,36 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
goto out;
}
dst_dent_parent = dst_path.dentry;
- dget(dst_dent_parent);
trap_dent = lock_rename(src_dent_parent, dst_dent_parent);
+ dget(src_dent);
+ dget(dst_dent_parent);
+ src_child = lookup_one_len(src_dent->d_name.name, src_dent_parent,
+ src_dent->d_name.len);
+ if (IS_ERR(src_child)) {
+ err = PTR_ERR(src_child);
+ goto out_lock;
+ }
+
+ if (src_child != src_dent) {
+ err = -ESTALE;
+ dput(src_child);
+ goto out_lock;
+ }
+ dput(src_child);
+
err = __ksmbd_vfs_rename(work,
src_dent_parent,
src_dent,
dst_dent_parent,
trap_dent,
dst_name);
- unlock_rename(src_dent_parent, dst_dent_parent);
+out_lock:
+ dput(src_dent);
dput(dst_dent_parent);
+ unlock_rename(src_dent_parent, dst_dent_parent);
path_put(&dst_path);
out:
- dput(src_dent);
dput(src_dent_parent);
return err;
}
@@ -1050,23 +1092,33 @@ int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name)
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
{
+ struct dentry *child;
int err = 0;
- dget(dentry);
inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
- if (!d_inode(dentry) || !d_inode(dentry)->i_nlink) {
- err = -ENOENT;
+ dget(dentry);
+ child = lookup_one_len(dentry->d_name.name, dir,
+ dentry->d_name.len);
+ if (IS_ERR(child)) {
+ err = PTR_ERR(child);
goto out;
}
+ if (child != dentry) {
+ err = -ESTALE;
+ dput(child);
+ goto out;
+ }
+ dput(child);
+
if (S_ISDIR(d_inode(dentry)->i_mode))
err = vfs_rmdir(&init_user_ns, d_inode(dir), dentry);
else
err = vfs_unlink(&init_user_ns, d_inode(dir), dentry, NULL);
out:
- inode_unlock(d_inode(dir));
dput(dentry);
+ inode_unlock(d_inode(dir));
if (err)
ksmbd_debug(VFS, "failed to delete, err %d\n", err);
From patchwork Mon Nov 14 12:49:10 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183138
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:31 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:30 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 041/308] cifsd: get parent dentry from child in
ksmbd_vfs_remove_file()
Date: Mon, 14 Nov 2022 20:49:10 +0800
Message-ID: <20221114125337.1831594-42-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
01ce8f9b-4b4f-4ee3-acd2-08dac63c4c53
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6905770
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 7c3d3e99ca29f0abd5443353fe018a1368f08c43
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7c3d3e99ca29
-------------------------------
To remove the file, We have parsed full pathname to divide parent path and
filename. It is a better way to get parent dentry from child dentry that
obtained by lookup with given pathname.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 31 ++++++++++++++-----------------
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index f818aeff244f..010dfddb6240 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -578,31 +578,28 @@ int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id)
*/
int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
{
- struct path parent;
- struct dentry *dentry;
- char *last;
+ struct path path;
+ struct dentry *dentry, *parent;
int err;
- last = extract_last_component(name);
- if (!last)
- return -EINVAL;
-
if (ksmbd_override_fsids(work))
return -ENOMEM;
- err = kern_path(name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &parent);
+ err = kern_path(name, LOOKUP_FOLLOW, &path);
if (err) {
ksmbd_debug(VFS, "can't get %s, err %d\n", name, err);
ksmbd_revert_fsids(work);
- rollback_path_modification(last);
return err;
}
- inode_lock_nested(d_inode(parent.dentry), I_MUTEX_PARENT);
- dentry = lookup_one_len(last, parent.dentry, strlen(last));
+ parent = dget_parent(path.dentry);
+ inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
+ dentry = lookup_one_len(path.dentry->d_name.name, parent,
+ strlen(path.dentry->d_name.name));
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
- ksmbd_debug(VFS, "%s: lookup failed, err %d\n", last, err);
+ ksmbd_debug(VFS, "%s: lookup failed, err %d\n",
+ path.dentry->d_name.name, err);
goto out_err;
}
@@ -613,12 +610,12 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
}
if (S_ISDIR(d_inode(dentry)->i_mode)) {
- err = vfs_rmdir(&init_user_ns, d_inode(parent.dentry), dentry);
+ err = vfs_rmdir(&init_user_ns, d_inode(parent), dentry);
if (err && err != -ENOTEMPTY)
ksmbd_debug(VFS, "%s: rmdir failed, err %d\n", name,
err);
} else {
- err = vfs_unlink(&init_user_ns, d_inode(parent.dentry), dentry, NULL);
+ err = vfs_unlink(&init_user_ns, d_inode(parent), dentry, NULL);
if (err)
ksmbd_debug(VFS, "%s: unlink failed, err %d\n", name,
err);
@@ -626,9 +623,9 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
dput(dentry);
out_err:
- inode_unlock(d_inode(parent.dentry));
- rollback_path_modification(last);
- path_put(&parent);
+ inode_unlock(d_inode(parent));
+ dput(parent);
+ path_put(&path);
ksmbd_revert_fsids(work);
return err;
}
From patchwork Mon Nov 14 12:49:11 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183139
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:31 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:31 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:30 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 042/308] cifsd: re-implement ksmbd_vfs_kern_path
Date: Mon, 14 Nov 2022 20:49:11 +0800
Message-ID: <20221114125337.1831594-43-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d9bcfa1a-7e5d-4194-8aee-08dac63c4c9c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7289007
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 3c20378325c710e7257b22ba333310771be51192
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/3c20378325c7
-------------------------------
re-implement ksmbd_vfs_kern_path() to change
recursion to iteration.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 103 +++++++++++++++++++++++++++++--------------------
1 file changed, 61 insertions(+), 42 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 010dfddb6240..d8259ca2493e 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -50,14 +50,6 @@ static char *extract_last_component(char *path)
return p;
}
-static void rollback_path_modification(char *filename)
-{
- if (filename) {
- filename--;
- *filename = '/';
- }
-}
-
static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
struct inode *parent_inode, struct inode *inode)
{
@@ -1231,44 +1223,32 @@ static int __caseless_lookup(struct dir_context *ctx, const char *name,
/**
* ksmbd_vfs_lookup_in_dir() - lookup a file in a directory
- * @dirname: directory name
- * @filename: filename to lookup
+ * @dir: path info
+ * @name: filename to lookup
+ * @namelen: filename length
*
* Return: 0 on success, otherwise error
*/
-static int ksmbd_vfs_lookup_in_dir(char *dirname, char *filename)
+static int ksmbd_vfs_lookup_in_dir(struct path *dir, char *name, size_t namelen)
{
- struct path dir_path;
int ret;
struct file *dfilp;
int flags = O_RDONLY | O_LARGEFILE;
- int dirnamelen = strlen(dirname);
struct ksmbd_readdir_data readdir_data = {
.ctx.actor = __caseless_lookup,
- .private = filename,
- .used = strlen(filename),
+ .private = name,
+ .used = namelen,
+ .dirent_count = 0,
};
- ret = ksmbd_vfs_kern_path(dirname, 0, &dir_path, true);
- if (ret)
- goto error;
-
- dfilp = dentry_open(&dir_path, flags, current_cred());
- if (IS_ERR(dfilp)) {
- path_put(&dir_path);
- ksmbd_err("cannot open directory %s\n", dirname);
- ret = -EINVAL;
- goto error;
- }
+ dfilp = dentry_open(dir, flags, current_cred());
+ if (IS_ERR(dfilp))
+ return PTR_ERR(dfilp);
ret = ksmbd_vfs_readdir(dfilp, &readdir_data);
if (readdir_data.dirent_count > 0)
ret = 0;
-
fput(dfilp);
- path_put(&dir_path);
-error:
- dirname[dirnamelen] = '/';
return ret;
}
@@ -1284,30 +1264,69 @@ static int ksmbd_vfs_lookup_in_dir(char *dirname, char *filename)
int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
bool caseless)
{
- char *filename = NULL;
int err;
+ if (name[0] != '/')
+ return -EINVAL;
+
err = kern_path(name, flags, path);
if (!err)
- return err;
+ return 0;
if (caseless) {
- filename = extract_last_component(name);
- if (!filename)
- goto out;
+ char *filepath;
+ struct path parent;
+ size_t path_len, remain_len;
- /* root reached */
- if (strlen(name) == 0)
- goto out;
+ filepath = kstrdup(name, GFP_KERNEL);
+ if (!filepath)
+ return -ENOMEM;
+
+ path_len = strlen(filepath);
+ remain_len = path_len - 1;
- err = ksmbd_vfs_lookup_in_dir(name, filename);
+ err = kern_path("/", flags, &parent);
if (err)
goto out;
- err = kern_path(name, flags, path);
- }
+ while (d_can_lookup(parent.dentry)) {
+ char *filename = filepath + path_len - remain_len;
+ char *next = strchrnul(filename, '/');
+ size_t filename_len = next - filename;
+ bool is_last = !next[0];
+
+ if (filename_len == 0)
+ break;
+
+ err = ksmbd_vfs_lookup_in_dir(&parent, filename,
+ filename_len);
+ if (err) {
+ path_put(&parent);
+ goto out;
+ }
+
+ path_put(&parent);
+ next[0] = '\0';
+
+ err = kern_path(filepath, flags, &parent);
+ if (err)
+ goto out;
+
+ if (is_last) {
+ path->mnt = parent.mnt;
+ path->dentry = parent.dentry;
+ goto out;
+ }
+
+ next[0] = '/';
+ remain_len -= filename_len + 1;
+ }
+
+ path_put(&parent);
+ err = -EINVAL;
out:
- rollback_path_modification(filename);
+ kfree(filepath);
+ }
return err;
}
From patchwork Mon Nov 14 12:49:12 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183140
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:32 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:31 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:31 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 043/308] cifsd: fix reference count decrement of
unclaimed file in __ksmbd_lookup_fd
Date: Mon, 14 Nov 2022 20:49:12 +0800
Message-ID: <20221114125337.1831594-44-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e6d9c7db-3e1a-41d9-1d0e-08dac63c4ce5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6958624
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 24b626967d9574a477acf2ab94f55c847d04939a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/24b626967d95
-------------------------------
__ksmbd_lookup_fd could decrement the reference count of
unclaimed ksmbd_file to 0 but not release this ksmbd_file.
ksmbd_file cannot be unclaimed except ksmbd_close_inode_fds(),
because ksmbd_file is only removed from the m_fp_list list
after the reference count of ksmbd_file becomes 0. And if the
count is 0, __ksmbd_lookup_fd does not use ksmbd_file found
from idr due to atomic_inc_not_zero.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 5 -----
fs/cifsd/vfs_cache.c | 53 --------------------------------------------
2 files changed, 58 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 3fbd8e4925bb..08b06ec97e22 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2779,11 +2779,6 @@ int smb2_open(struct ksmbd_work *work)
goto err_out;
}
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_DURABLE_HANDLE &&
- file_present)
- file_present = ksmbd_close_inode_fds(work,
- d_inode(path.dentry));
-
daccess = smb_map_generic_desired_access(req->DesiredAccess);
if (file_present && !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index f2a863542dc7..3ab06e0b723c 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -328,25 +328,13 @@ static struct ksmbd_file *ksmbd_fp_get(struct ksmbd_file *fp)
static struct ksmbd_file *__ksmbd_lookup_fd(struct ksmbd_file_table *ft,
unsigned int id)
{
- bool unclaimed = true;
struct ksmbd_file *fp;
read_lock(&ft->lock);
fp = idr_find(ft->idr, id);
if (fp)
fp = ksmbd_fp_get(fp);
-
- if (fp && fp->f_ci) {
- read_lock(&fp->f_ci->m_lock);
- unclaimed = list_empty(&fp->node);
- read_unlock(&fp->f_ci->m_lock);
- }
read_unlock(&ft->lock);
-
- if (fp && unclaimed) {
- atomic_dec(&fp->refcount);
- return NULL;
- }
return fp;
}
@@ -754,47 +742,6 @@ int ksmbd_reopen_durable_fd(struct ksmbd_work *work, struct ksmbd_file *fp)
return 0;
}
-static void close_fd_list(struct ksmbd_work *work, struct list_head *head)
-{
- while (!list_empty(head)) {
- struct ksmbd_file *fp;
-
- fp = list_first_entry(head, struct ksmbd_file, node);
- list_del_init(&fp->node);
-
- __ksmbd_close_fd(&work->sess->file_table, fp);
- }
-}
-
-int ksmbd_close_inode_fds(struct ksmbd_work *work, struct inode *inode)
-{
- struct ksmbd_inode *ci;
- bool unlinked = true;
- struct ksmbd_file *fp, *fptmp;
- LIST_HEAD(dispose);
-
- ci = ksmbd_inode_lookup_by_vfsinode(inode);
- if (!ci)
- return true;
-
- if (ci->m_flags & (S_DEL_ON_CLS | S_DEL_PENDING))
- unlinked = false;
-
- write_lock(&ci->m_lock);
- list_for_each_entry_safe(fp, fptmp, &ci->m_fp_list, node) {
- if (fp->conn)
- continue;
-
- list_del(&fp->node);
- list_add(&fp->node, &dispose);
- }
- atomic_dec(&ci->m_count);
- write_unlock(&ci->m_lock);
-
- close_fd_list(work, &dispose);
- return unlinked;
-}
-
int ksmbd_file_table_flush(struct ksmbd_work *work)
{
struct ksmbd_file *fp = NULL;
From patchwork Mon Nov 14 12:49:13 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183141
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:32 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:32 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:31 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 044/308] cifsd: Remove smb2_put_name()
Date: Mon, 14 Nov 2022 20:49:13 +0800
Message-ID: <20221114125337.1831594-45-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
60945999-a68b-4633-fad9-08dac63c4d2d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6929266
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit 915f570a971b4e5abd95e8b169dd41c120ab5a5b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/915f570a971b
-------------------------------
smb2_put_name() is called twice, and both call sites do the IS_ERR() check
before.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 14 ++------------
1 file changed, 2 insertions(+), 12 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 08b06ec97e22..1ff0b20ff7b8 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -666,16 +666,6 @@ smb2_get_name(struct ksmbd_share_config *share, const char *src,
return unixname;
}
-/**
- * smb2_put_name() - free memory allocated for filename
- * @name: filename pointer to be freed
- */
-static void smb2_put_name(void *name)
-{
- if (!IS_ERR(name))
- kfree(name);
-}
-
int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
{
struct smb2_hdr *rsp_hdr;
@@ -5418,7 +5408,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
out:
kfree(pathname);
if (!IS_ERR(new_name))
- smb2_put_name(new_name);
+ kfree(new_name);
return rc;
}
@@ -5483,7 +5473,7 @@ static int smb2_create_link(struct ksmbd_work *work,
rc = -EINVAL;
out:
if (!IS_ERR(link_name))
- smb2_put_name(link_name);
+ kfree(link_name);
kfree(pathname);
return rc;
}
From patchwork Mon Nov 14 12:49:14 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183142
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:33 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:32 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:32 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 045/308] cifsd: remove unused smberr.h
Date: Mon, 14 Nov 2022 20:49:14 +0800
Message-ID: <20221114125337.1831594-46-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
af7dda38-2b9a-46a7-1a5f-08dac63c4d76
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7110645
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 7e8094a73e522635a85fb5ad82847b544f4448bf
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7e8094a73e52
-------------------------------
smberr.h is a leftover of SMB1. This patch remove unused smberr.h.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/glob.h | 1 -
fs/cifsd/netmisc.c | 1 -
fs/cifsd/smberr.h | 235 ---------------------------------------------
3 files changed, 237 deletions(-)
delete mode 100644 fs/cifsd/smberr.h
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
index 9d70093a837a..ffeaf8aa5595 100644
--- a/fs/cifsd/glob.h
+++ b/fs/cifsd/glob.h
@@ -11,7 +11,6 @@
#include "unicode.h"
#include "vfs_cache.h"
-#include "smberr.h"
#define KSMBD_VERSION "3.1.9"
diff --git a/fs/cifsd/netmisc.c b/fs/cifsd/netmisc.c
index 5d0327d87397..8f052434b64c 100644
--- a/fs/cifsd/netmisc.c
+++ b/fs/cifsd/netmisc.c
@@ -8,7 +8,6 @@
*/
#include "glob.h"
-#include "smberr.h"
#include "nterr.h"
#include "smb_common.h"
diff --git a/fs/cifsd/smberr.h b/fs/cifsd/smberr.h
deleted file mode 100644
index ce842303ae1f..000000000000
--- a/fs/cifsd/smberr.h
+++ /dev/null
@@ -1,235 +0,0 @@
-/* SPDX-License-Identifier: LGPL-2.1+ */
-/*
- * Copyright (c) International Business Machines Corp., 2002,2004
- * Author(s): Steve French (sfrench(a)us.ibm.com)
- *
- * See Error Codes section of the SNIA CIFS Specification
- * for more information
- */
-#ifndef __KSMBD_SMBERR_H
-#define __KSMBD_SMBERR_H
-
-#define SUCCESS 0x00 /* The request was successful. */
-#define ERRDOS 0x01 /* Error is from the core DOS operating system set */
-#define ERRSRV 0x02 /* Error is generated by the file server daemon */
-#define ERRHRD 0x03 /* Error is a hardware error. */
-#define ERRCMD 0xFF /* Command was not in the "SMB" format. */
-
-/* The following error codes may be generated with the SUCCESS error class.*/
-
-/*#define SUCCESS 0 The request was successful. */
-
-/* The following error codes may be generated with the ERRDOS error class.*/
-
-#define ERRbadfunc 1 /*
- * Invalid function. The server did not
- * recognize or could not perform a
- * system call generated by the server,
- * e.g., set the DIRECTORY attribute on
- * a data file, invalid seek mode.
- */
-#define ERRbadfile 2 /*
- * File not found. The last component
- * of a file's pathname could not be
- * found.
- */
-#define ERRbadpath 3 /*
- * Directory invalid. A directory
- * component in a pathname could not be
- * found.
- */
-#define ERRnofids 4 /*
- * Too many open files. The server has
- * no file handles available.
- */
-#define ERRnoaccess 5 /*
- * Access denied, the client's context
- * does not permit the requested
- * function. This includes the
- * following conditions: invalid rename
- * command, write to Fid open for read
- * only, read on Fid open for write
- * only, attempt to delete a non-empty
- * directory
- */
-#define ERRbadfid 6 /*
- * Invalid file handle. The file handle
- * specified was not recognized by the
- * server.
- */
-#define ERRbadmcb 7 /* Memory control blocks destroyed. */
-#define ERRnomem 8 /*
- * Insufficient server memory to
- * perform the requested function.
- */
-#define ERRbadmem 9 /* Invalid memory block address. */
-#define ERRbadenv 10 /* Invalid environment. */
-#define ERRbadformat 11 /* Invalid format. */
-#define ERRbadaccess 12 /* Invalid open mode. */
-#define ERRbaddata 13 /*
- * Invalid data (generated only by
- * IOCTL calls within the server).
- */
-#define ERRbaddrive 15 /* Invalid drive specified. */
-#define ERRremcd 16 /*
- * A Delete Directory request attempted
- * to remove the server's current
- * directory.
- */
-#define ERRdiffdevice 17 /*
- * Not same device (e.g., a cross
- * volume rename was attempted
- */
-#define ERRnofiles 18 /*
- * A File Search command can find no
- * more files matching the specified
- * criteria.
- */
-#define ERRwriteprot 19 /* media is write protected */
-#define ERRgeneral 31
-#define ERRbadshare 32 /*
- * The sharing mode specified for an
- * Open conflicts with existing FIDs on
- * the file.
- */
-#define ERRlock 33 /*
- * A Lock request conflicted with an
- * existing lock or specified an
- * invalid mode, or an Unlock requested
- * attempted to remove a lock held by
- * another process.
- */
-#define ERRunsup 50
-#define ERRnosuchshare 67
-#define ERRfilexists 80 /*
- * The file named in the request
- * already exists.
- */
-#define ERRinvparm 87
-#define ERRdiskfull 112
-#define ERRinvname 123
-#define ERRinvlevel 124
-#define ERRdirnotempty 145
-#define ERRnotlocked 158
-#define ERRcancelviolation 173
-#define ERRnoatomiclocks 174
-#define ERRalreadyexists 183
-#define ERRbadpipe 230
-#define ERRpipebusy 231
-#define ERRpipeclosing 232
-#define ERRnotconnected 233
-#define ERRmoredata 234
-#define ERReasnotsupported 282
-#define ErrQuota 0x200 /*
- * The operation would cause a quota
- * limit to be exceeded.
- */
-#define ErrNotALink 0x201 /*
- * A link operation was performed on a
- * pathname that was not a link.
- */
-
-/*
- * Below errors are used internally (do not come over the wire) for passthrough
- * from STATUS codes to POSIX only
- */
-#define ERRsymlink 0xFFFD
-#define ErrTooManyLinks 0xFFFE
-
-/* Following error codes may be generated with the ERRSRV error class.*/
-
-#define ERRerror 1 /*
- * Non-specific error code. It is
- * returned under the following
- * conditions: resource other than disk
- * space exhausted (e.g. TIDs), first
- * SMB command was not negotiate,
- * multiple negotiates attempted, and
- * internal server error.
- */
-#define ERRbadpw 2 /*
- * Bad password - name/password pair in
- * a TreeConnect or Session Setup are
- * invalid.
- */
-#define ERRbadtype 3 /*
- * used for indicating DFS referral
- * needed
- */
-#define ERRaccess 4 /*
- * The client does not have the
- * necessary access rights within the
- * specified context for requested
- * function.
- */
-#define ERRinvtid 5 /*
- * The Tid specified in a command was
- * invalid.
- */
-#define ERRinvnetname 6 /*
- * Invalid network name in tree
- * connect.
- */
-#define ERRinvdevice 7 /*
- * Invalid device - printer request
- * made to non-printer connection or
- * non-printer request made to printer
- * connection.
- */
-#define ERRqfull 49 /*
- * Print queue full (files) -- returned
- * by open print file.
- */
-#define ERRqtoobig 50 /* Print queue full -- no space. */
-#define ERRqeof 51 /* EOF on print queue dump */
-#define ERRinvpfid 52 /* Invalid print file FID. */
-#define ERRsmbcmd 64 /*
- * The server did not recognize the
- * command received.
- */
-#define ERRsrverror 65 /*
- * The server encountered an internal
- * error, e.g., system file
- * unavailable.
- */
-#define ERRbadBID 66 /* (obsolete) */
-#define ERRfilespecs 67 /*
- * The Fid and pathname parameters
- * contained an invalid combination of
- * values.
- */
-#define ERRbadLink 68 /* (obsolete) */
-#define ERRbadpermits 69 /*
- * The access permissions specified for
- * a file or directory are not a valid
- * combination.
- */
-#define ERRbadPID 70
-#define ERRsetattrmode 71 /* attribute (mode) is invalid */
-#define ERRpaused 81 /* Server is paused */
-#define ERRmsgoff 82 /* reserved - messaging off */
-#define ERRnoroom 83 /* reserved - no room for message */
-#define ERRrmuns 87 /* reserved - too many remote names */
-#define ERRtimeout 88 /* operation timed out */
-#define ERRnoresource 89 /* No resources available for request */
-#define ERRtoomanyuids 90 /*
- * Too many UIDs active on this session
- */
-#define ERRbaduid 91 /*
- * The UID is not known as a valid user
- */
-#define ERRusempx 250 /* temporarily unable to use raw */
-#define ERRusestd 251 /*
- * temporarily unable to use either raw
- * or mpx
- */
-#define ERR_NOTIFY_ENUM_DIR 1024
-#define ERRnoSuchUser 2238 /* user account does not exist */
-#define ERRaccountexpired 2239
-#define ERRbadclient 2240 /* can not logon from this client */
-#define ERRbadLogonTime 2241 /* logon hours do not allow this */
-#define ERRpasswordExpired 2242
-#define ERRnetlogonNotStarted 2455
-#define ERRnosupport 0xFFFF
-
-#endif /* __KSMBD_SMBERR_H */
From patchwork Mon Nov 14 12:49:15 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183143
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:33 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:33 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:32 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 046/308] cifsd: remove unused nterr.c file
Date: Mon, 14 Nov 2022 20:49:15 +0800
Message-ID: <20221114125337.1831594-47-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
bddb25dd-168f-46bd-913e-08dac63c4dbf
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7262994
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 2efec2dee861000263d255a24f7a7c6d82c749d1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2efec2dee861
-------------------------------
Remove unused nterr.c file.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/nterr.c | 674 -----------------------------------------------
fs/cifsd/nterr.h | 7 -
2 files changed, 681 deletions(-)
delete mode 100644 fs/cifsd/nterr.c
diff --git a/fs/cifsd/nterr.c b/fs/cifsd/nterr.c
deleted file mode 100644
index 358a766375b4..000000000000
--- a/fs/cifsd/nterr.c
+++ /dev/null
@@ -1,674 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0-or-later
-/*
- * Unix SMB/Netbios implementation.
- * Version 1.9.
- * RPC Pipe client / server routines
- * Copyright (C) Luke Kenneth Casson Leighton 1997-2001.
- */
-
-/* NT error codes - see nterr.h */
-#include <linux/types.h>
-#include <linux/fs.h>
-#include "nterr.h"
-
-const struct nt_err_code_struct nt_errs[] = {
- {"NT_STATUS_OK", NT_STATUS_OK},
- {"NT_STATUS_UNSUCCESSFUL", NT_STATUS_UNSUCCESSFUL},
- {"NT_STATUS_NOT_IMPLEMENTED", NT_STATUS_NOT_IMPLEMENTED},
- {"NT_STATUS_INVALID_INFO_CLASS", NT_STATUS_INVALID_INFO_CLASS},
- {"NT_STATUS_INFO_LENGTH_MISMATCH", NT_STATUS_INFO_LENGTH_MISMATCH},
- {"NT_STATUS_ACCESS_VIOLATION", NT_STATUS_ACCESS_VIOLATION},
- {"NT_STATUS_BUFFER_OVERFLOW", NT_STATUS_BUFFER_OVERFLOW},
- {"NT_STATUS_IN_PAGE_ERROR", NT_STATUS_IN_PAGE_ERROR},
- {"NT_STATUS_PAGEFILE_QUOTA", NT_STATUS_PAGEFILE_QUOTA},
- {"NT_STATUS_INVALID_HANDLE", NT_STATUS_INVALID_HANDLE},
- {"NT_STATUS_BAD_INITIAL_STACK", NT_STATUS_BAD_INITIAL_STACK},
- {"NT_STATUS_BAD_INITIAL_PC", NT_STATUS_BAD_INITIAL_PC},
- {"NT_STATUS_INVALID_CID", NT_STATUS_INVALID_CID},
- {"NT_STATUS_TIMER_NOT_CANCELED", NT_STATUS_TIMER_NOT_CANCELED},
- {"NT_STATUS_INVALID_PARAMETER", NT_STATUS_INVALID_PARAMETER},
- {"NT_STATUS_NO_SUCH_DEVICE", NT_STATUS_NO_SUCH_DEVICE},
- {"NT_STATUS_NO_SUCH_FILE", NT_STATUS_NO_SUCH_FILE},
- {"NT_STATUS_INVALID_DEVICE_REQUEST",
- NT_STATUS_INVALID_DEVICE_REQUEST},
- {"NT_STATUS_END_OF_FILE", NT_STATUS_END_OF_FILE},
- {"NT_STATUS_WRONG_VOLUME", NT_STATUS_WRONG_VOLUME},
- {"NT_STATUS_NO_MEDIA_IN_DEVICE", NT_STATUS_NO_MEDIA_IN_DEVICE},
- {"NT_STATUS_UNRECOGNIZED_MEDIA", NT_STATUS_UNRECOGNIZED_MEDIA},
- {"NT_STATUS_NONEXISTENT_SECTOR", NT_STATUS_NONEXISTENT_SECTOR},
- {"NT_STATUS_MORE_PROCESSING_REQUIRED",
- NT_STATUS_MORE_PROCESSING_REQUIRED},
- {"NT_STATUS_NO_MEMORY", NT_STATUS_NO_MEMORY},
- {"NT_STATUS_CONFLICTING_ADDRESSES",
- NT_STATUS_CONFLICTING_ADDRESSES},
- {"NT_STATUS_NOT_MAPPED_VIEW", NT_STATUS_NOT_MAPPED_VIEW},
- {"NT_STATUS_UNABLE_TO_FREE_VM", NT_STATUS_UNABLE_TO_FREE_VM},
- {"NT_STATUS_UNABLE_TO_DELETE_SECTION",
- NT_STATUS_UNABLE_TO_DELETE_SECTION},
- {"NT_STATUS_INVALID_SYSTEM_SERVICE",
- NT_STATUS_INVALID_SYSTEM_SERVICE},
- {"NT_STATUS_ILLEGAL_INSTRUCTION", NT_STATUS_ILLEGAL_INSTRUCTION},
- {"NT_STATUS_INVALID_LOCK_SEQUENCE",
- NT_STATUS_INVALID_LOCK_SEQUENCE},
- {"NT_STATUS_INVALID_VIEW_SIZE", NT_STATUS_INVALID_VIEW_SIZE},
- {"NT_STATUS_INVALID_FILE_FOR_SECTION",
- NT_STATUS_INVALID_FILE_FOR_SECTION},
- {"NT_STATUS_ALREADY_COMMITTED", NT_STATUS_ALREADY_COMMITTED},
- {"NT_STATUS_ACCESS_DENIED", NT_STATUS_ACCESS_DENIED},
- {"NT_STATUS_BUFFER_TOO_SMALL", NT_STATUS_BUFFER_TOO_SMALL},
- {"NT_STATUS_OBJECT_TYPE_MISMATCH", NT_STATUS_OBJECT_TYPE_MISMATCH},
- {"NT_STATUS_NONCONTINUABLE_EXCEPTION",
- NT_STATUS_NONCONTINUABLE_EXCEPTION},
- {"NT_STATUS_INVALID_DISPOSITION", NT_STATUS_INVALID_DISPOSITION},
- {"NT_STATUS_UNWIND", NT_STATUS_UNWIND},
- {"NT_STATUS_BAD_STACK", NT_STATUS_BAD_STACK},
- {"NT_STATUS_INVALID_UNWIND_TARGET",
- NT_STATUS_INVALID_UNWIND_TARGET},
- {"NT_STATUS_NOT_LOCKED", NT_STATUS_NOT_LOCKED},
- {"NT_STATUS_PARITY_ERROR", NT_STATUS_PARITY_ERROR},
- {"NT_STATUS_UNABLE_TO_DECOMMIT_VM",
- NT_STATUS_UNABLE_TO_DECOMMIT_VM},
- {"NT_STATUS_NOT_COMMITTED", NT_STATUS_NOT_COMMITTED},
- {"NT_STATUS_INVALID_PORT_ATTRIBUTES",
- NT_STATUS_INVALID_PORT_ATTRIBUTES},
- {"NT_STATUS_PORT_MESSAGE_TOO_LONG",
- NT_STATUS_PORT_MESSAGE_TOO_LONG},
- {"NT_STATUS_INVALID_PARAMETER_MIX",
- NT_STATUS_INVALID_PARAMETER_MIX},
- {"NT_STATUS_INVALID_QUOTA_LOWER", NT_STATUS_INVALID_QUOTA_LOWER},
- {"NT_STATUS_DISK_CORRUPT_ERROR", NT_STATUS_DISK_CORRUPT_ERROR},
- {"NT_STATUS_OBJECT_NAME_INVALID", NT_STATUS_OBJECT_NAME_INVALID},
- {"NT_STATUS_OBJECT_NAME_NOT_FOUND",
- NT_STATUS_OBJECT_NAME_NOT_FOUND},
- {"NT_STATUS_OBJECT_NAME_COLLISION",
- NT_STATUS_OBJECT_NAME_COLLISION},
- {"NT_STATUS_HANDLE_NOT_WAITABLE", NT_STATUS_HANDLE_NOT_WAITABLE},
- {"NT_STATUS_PORT_DISCONNECTED", NT_STATUS_PORT_DISCONNECTED},
- {"NT_STATUS_DEVICE_ALREADY_ATTACHED",
- NT_STATUS_DEVICE_ALREADY_ATTACHED},
- {"NT_STATUS_OBJECT_PATH_INVALID", NT_STATUS_OBJECT_PATH_INVALID},
- {"NT_STATUS_OBJECT_PATH_NOT_FOUND",
- NT_STATUS_OBJECT_PATH_NOT_FOUND},
- {"NT_STATUS_OBJECT_PATH_SYNTAX_BAD",
- NT_STATUS_OBJECT_PATH_SYNTAX_BAD},
- {"NT_STATUS_DATA_OVERRUN", NT_STATUS_DATA_OVERRUN},
- {"NT_STATUS_DATA_LATE_ERROR", NT_STATUS_DATA_LATE_ERROR},
- {"NT_STATUS_DATA_ERROR", NT_STATUS_DATA_ERROR},
- {"NT_STATUS_CRC_ERROR", NT_STATUS_CRC_ERROR},
- {"NT_STATUS_SECTION_TOO_BIG", NT_STATUS_SECTION_TOO_BIG},
- {"NT_STATUS_PORT_CONNECTION_REFUSED",
- NT_STATUS_PORT_CONNECTION_REFUSED},
- {"NT_STATUS_INVALID_PORT_HANDLE", NT_STATUS_INVALID_PORT_HANDLE},
- {"NT_STATUS_SHARING_VIOLATION", NT_STATUS_SHARING_VIOLATION},
- {"NT_STATUS_QUOTA_EXCEEDED", NT_STATUS_QUOTA_EXCEEDED},
- {"NT_STATUS_INVALID_PAGE_PROTECTION",
- NT_STATUS_INVALID_PAGE_PROTECTION},
- {"NT_STATUS_MUTANT_NOT_OWNED", NT_STATUS_MUTANT_NOT_OWNED},
- {"NT_STATUS_SEMAPHORE_LIMIT_EXCEEDED",
- NT_STATUS_SEMAPHORE_LIMIT_EXCEEDED},
- {"NT_STATUS_PORT_ALREADY_SET", NT_STATUS_PORT_ALREADY_SET},
- {"NT_STATUS_SECTION_NOT_IMAGE", NT_STATUS_SECTION_NOT_IMAGE},
- {"NT_STATUS_SUSPEND_COUNT_EXCEEDED",
- NT_STATUS_SUSPEND_COUNT_EXCEEDED},
- {"NT_STATUS_THREAD_IS_TERMINATING",
- NT_STATUS_THREAD_IS_TERMINATING},
- {"NT_STATUS_BAD_WORKING_SET_LIMIT",
- NT_STATUS_BAD_WORKING_SET_LIMIT},
- {"NT_STATUS_INCOMPATIBLE_FILE_MAP",
- NT_STATUS_INCOMPATIBLE_FILE_MAP},
- {"NT_STATUS_SECTION_PROTECTION", NT_STATUS_SECTION_PROTECTION},
- {"NT_STATUS_EAS_NOT_SUPPORTED", NT_STATUS_EAS_NOT_SUPPORTED},
- {"NT_STATUS_EA_TOO_LARGE", NT_STATUS_EA_TOO_LARGE},
- {"NT_STATUS_NONEXISTENT_EA_ENTRY", NT_STATUS_NONEXISTENT_EA_ENTRY},
- {"NT_STATUS_NO_EAS_ON_FILE", NT_STATUS_NO_EAS_ON_FILE},
- {"NT_STATUS_EA_CORRUPT_ERROR", NT_STATUS_EA_CORRUPT_ERROR},
- {"NT_STATUS_FILE_LOCK_CONFLICT", NT_STATUS_FILE_LOCK_CONFLICT},
- {"NT_STATUS_LOCK_NOT_GRANTED", NT_STATUS_LOCK_NOT_GRANTED},
- {"NT_STATUS_DELETE_PENDING", NT_STATUS_DELETE_PENDING},
- {"NT_STATUS_CTL_FILE_NOT_SUPPORTED",
- NT_STATUS_CTL_FILE_NOT_SUPPORTED},
- {"NT_STATUS_UNKNOWN_REVISION", NT_STATUS_UNKNOWN_REVISION},
- {"NT_STATUS_REVISION_MISMATCH", NT_STATUS_REVISION_MISMATCH},
- {"NT_STATUS_INVALID_OWNER", NT_STATUS_INVALID_OWNER},
- {"NT_STATUS_INVALID_PRIMARY_GROUP",
- NT_STATUS_INVALID_PRIMARY_GROUP},
- {"NT_STATUS_NO_IMPERSONATION_TOKEN",
- NT_STATUS_NO_IMPERSONATION_TOKEN},
- {"NT_STATUS_CANT_DISABLE_MANDATORY",
- NT_STATUS_CANT_DISABLE_MANDATORY},
- {"NT_STATUS_NO_LOGON_SERVERS", NT_STATUS_NO_LOGON_SERVERS},
- {"NT_STATUS_NO_SUCH_LOGON_SESSION",
- NT_STATUS_NO_SUCH_LOGON_SESSION},
- {"NT_STATUS_NO_SUCH_PRIVILEGE", NT_STATUS_NO_SUCH_PRIVILEGE},
- {"NT_STATUS_PRIVILEGE_NOT_HELD", NT_STATUS_PRIVILEGE_NOT_HELD},
- {"NT_STATUS_INVALID_ACCOUNT_NAME", NT_STATUS_INVALID_ACCOUNT_NAME},
- {"NT_STATUS_USER_EXISTS", NT_STATUS_USER_EXISTS},
- {"NT_STATUS_NO_SUCH_USER", NT_STATUS_NO_SUCH_USER},
- {"NT_STATUS_GROUP_EXISTS", NT_STATUS_GROUP_EXISTS},
- {"NT_STATUS_NO_SUCH_GROUP", NT_STATUS_NO_SUCH_GROUP},
- {"NT_STATUS_MEMBER_IN_GROUP", NT_STATUS_MEMBER_IN_GROUP},
- {"NT_STATUS_MEMBER_NOT_IN_GROUP", NT_STATUS_MEMBER_NOT_IN_GROUP},
- {"NT_STATUS_LAST_ADMIN", NT_STATUS_LAST_ADMIN},
- {"NT_STATUS_WRONG_PASSWORD", NT_STATUS_WRONG_PASSWORD},
- {"NT_STATUS_ILL_FORMED_PASSWORD", NT_STATUS_ILL_FORMED_PASSWORD},
- {"NT_STATUS_PASSWORD_RESTRICTION", NT_STATUS_PASSWORD_RESTRICTION},
- {"NT_STATUS_LOGON_FAILURE", NT_STATUS_LOGON_FAILURE},
- {"NT_STATUS_ACCOUNT_RESTRICTION", NT_STATUS_ACCOUNT_RESTRICTION},
- {"NT_STATUS_INVALID_LOGON_HOURS", NT_STATUS_INVALID_LOGON_HOURS},
- {"NT_STATUS_INVALID_WORKSTATION", NT_STATUS_INVALID_WORKSTATION},
- {"NT_STATUS_PASSWORD_EXPIRED", NT_STATUS_PASSWORD_EXPIRED},
- {"NT_STATUS_ACCOUNT_DISABLED", NT_STATUS_ACCOUNT_DISABLED},
- {"NT_STATUS_NONE_MAPPED", NT_STATUS_NONE_MAPPED},
- {"NT_STATUS_TOO_MANY_LUIDS_REQUESTED",
- NT_STATUS_TOO_MANY_LUIDS_REQUESTED},
- {"NT_STATUS_LUIDS_EXHAUSTED", NT_STATUS_LUIDS_EXHAUSTED},
- {"NT_STATUS_INVALID_SUB_AUTHORITY",
- NT_STATUS_INVALID_SUB_AUTHORITY},
- {"NT_STATUS_INVALID_ACL", NT_STATUS_INVALID_ACL},
- {"NT_STATUS_INVALID_SID", NT_STATUS_INVALID_SID},
- {"NT_STATUS_INVALID_SECURITY_DESCR",
- NT_STATUS_INVALID_SECURITY_DESCR},
- {"NT_STATUS_PROCEDURE_NOT_FOUND", NT_STATUS_PROCEDURE_NOT_FOUND},
- {"NT_STATUS_INVALID_IMAGE_FORMAT", NT_STATUS_INVALID_IMAGE_FORMAT},
- {"NT_STATUS_NO_TOKEN", NT_STATUS_NO_TOKEN},
- {"NT_STATUS_BAD_INHERITANCE_ACL", NT_STATUS_BAD_INHERITANCE_ACL},
- {"NT_STATUS_RANGE_NOT_LOCKED", NT_STATUS_RANGE_NOT_LOCKED},
- {"NT_STATUS_DISK_FULL", NT_STATUS_DISK_FULL},
- {"NT_STATUS_SERVER_DISABLED", NT_STATUS_SERVER_DISABLED},
- {"NT_STATUS_SERVER_NOT_DISABLED", NT_STATUS_SERVER_NOT_DISABLED},
- {"NT_STATUS_TOO_MANY_GUIDS_REQUESTED",
- NT_STATUS_TOO_MANY_GUIDS_REQUESTED},
- {"NT_STATUS_GUIDS_EXHAUSTED", NT_STATUS_GUIDS_EXHAUSTED},
- {"NT_STATUS_INVALID_ID_AUTHORITY", NT_STATUS_INVALID_ID_AUTHORITY},
- {"NT_STATUS_AGENTS_EXHAUSTED", NT_STATUS_AGENTS_EXHAUSTED},
- {"NT_STATUS_INVALID_VOLUME_LABEL", NT_STATUS_INVALID_VOLUME_LABEL},
- {"NT_STATUS_SECTION_NOT_EXTENDED", NT_STATUS_SECTION_NOT_EXTENDED},
- {"NT_STATUS_NOT_MAPPED_DATA", NT_STATUS_NOT_MAPPED_DATA},
- {"NT_STATUS_RESOURCE_DATA_NOT_FOUND",
- NT_STATUS_RESOURCE_DATA_NOT_FOUND},
- {"NT_STATUS_RESOURCE_TYPE_NOT_FOUND",
- NT_STATUS_RESOURCE_TYPE_NOT_FOUND},
- {"NT_STATUS_RESOURCE_NAME_NOT_FOUND",
- NT_STATUS_RESOURCE_NAME_NOT_FOUND},
- {"NT_STATUS_ARRAY_BOUNDS_EXCEEDED",
- NT_STATUS_ARRAY_BOUNDS_EXCEEDED},
- {"NT_STATUS_FLOAT_DENORMAL_OPERAND",
- NT_STATUS_FLOAT_DENORMAL_OPERAND},
- {"NT_STATUS_FLOAT_DIVIDE_BY_ZERO", NT_STATUS_FLOAT_DIVIDE_BY_ZERO},
- {"NT_STATUS_FLOAT_INEXACT_RESULT", NT_STATUS_FLOAT_INEXACT_RESULT},
- {"NT_STATUS_FLOAT_INVALID_OPERATION",
- NT_STATUS_FLOAT_INVALID_OPERATION},
- {"NT_STATUS_FLOAT_OVERFLOW", NT_STATUS_FLOAT_OVERFLOW},
- {"NT_STATUS_FLOAT_STACK_CHECK", NT_STATUS_FLOAT_STACK_CHECK},
- {"NT_STATUS_FLOAT_UNDERFLOW", NT_STATUS_FLOAT_UNDERFLOW},
- {"NT_STATUS_INTEGER_DIVIDE_BY_ZERO",
- NT_STATUS_INTEGER_DIVIDE_BY_ZERO},
- {"NT_STATUS_INTEGER_OVERFLOW", NT_STATUS_INTEGER_OVERFLOW},
- {"NT_STATUS_PRIVILEGED_INSTRUCTION",
- NT_STATUS_PRIVILEGED_INSTRUCTION},
- {"NT_STATUS_TOO_MANY_PAGING_FILES",
- NT_STATUS_TOO_MANY_PAGING_FILES},
- {"NT_STATUS_FILE_INVALID", NT_STATUS_FILE_INVALID},
- {"NT_STATUS_ALLOTTED_SPACE_EXCEEDED",
- NT_STATUS_ALLOTTED_SPACE_EXCEEDED},
- {"NT_STATUS_INSUFFICIENT_RESOURCES",
- NT_STATUS_INSUFFICIENT_RESOURCES},
- {"NT_STATUS_DFS_EXIT_PATH_FOUND", NT_STATUS_DFS_EXIT_PATH_FOUND},
- {"NT_STATUS_DEVICE_DATA_ERROR", NT_STATUS_DEVICE_DATA_ERROR},
- {"NT_STATUS_DEVICE_NOT_CONNECTED", NT_STATUS_DEVICE_NOT_CONNECTED},
- {"NT_STATUS_DEVICE_POWER_FAILURE", NT_STATUS_DEVICE_POWER_FAILURE},
- {"NT_STATUS_FREE_VM_NOT_AT_BASE", NT_STATUS_FREE_VM_NOT_AT_BASE},
- {"NT_STATUS_MEMORY_NOT_ALLOCATED", NT_STATUS_MEMORY_NOT_ALLOCATED},
- {"NT_STATUS_WORKING_SET_QUOTA", NT_STATUS_WORKING_SET_QUOTA},
- {"NT_STATUS_MEDIA_WRITE_PROTECTED",
- NT_STATUS_MEDIA_WRITE_PROTECTED},
- {"NT_STATUS_DEVICE_NOT_READY", NT_STATUS_DEVICE_NOT_READY},
- {"NT_STATUS_INVALID_GROUP_ATTRIBUTES",
- NT_STATUS_INVALID_GROUP_ATTRIBUTES},
- {"NT_STATUS_BAD_IMPERSONATION_LEVEL",
- NT_STATUS_BAD_IMPERSONATION_LEVEL},
- {"NT_STATUS_CANT_OPEN_ANONYMOUS", NT_STATUS_CANT_OPEN_ANONYMOUS},
- {"NT_STATUS_BAD_VALIDATION_CLASS", NT_STATUS_BAD_VALIDATION_CLASS},
- {"NT_STATUS_BAD_TOKEN_TYPE", NT_STATUS_BAD_TOKEN_TYPE},
- {"NT_STATUS_BAD_MASTER_BOOT_RECORD",
- NT_STATUS_BAD_MASTER_BOOT_RECORD},
- {"NT_STATUS_INSTRUCTION_MISALIGNMENT",
- NT_STATUS_INSTRUCTION_MISALIGNMENT},
- {"NT_STATUS_INSTANCE_NOT_AVAILABLE",
- NT_STATUS_INSTANCE_NOT_AVAILABLE},
- {"NT_STATUS_PIPE_NOT_AVAILABLE", NT_STATUS_PIPE_NOT_AVAILABLE},
- {"NT_STATUS_INVALID_PIPE_STATE", NT_STATUS_INVALID_PIPE_STATE},
- {"NT_STATUS_PIPE_BUSY", NT_STATUS_PIPE_BUSY},
- {"NT_STATUS_ILLEGAL_FUNCTION", NT_STATUS_ILLEGAL_FUNCTION},
- {"NT_STATUS_PIPE_DISCONNECTED", NT_STATUS_PIPE_DISCONNECTED},
- {"NT_STATUS_PIPE_CLOSING", NT_STATUS_PIPE_CLOSING},
- {"NT_STATUS_PIPE_CONNECTED", NT_STATUS_PIPE_CONNECTED},
- {"NT_STATUS_PIPE_LISTENING", NT_STATUS_PIPE_LISTENING},
- {"NT_STATUS_INVALID_READ_MODE", NT_STATUS_INVALID_READ_MODE},
- {"NT_STATUS_IO_TIMEOUT", NT_STATUS_IO_TIMEOUT},
- {"NT_STATUS_FILE_FORCED_CLOSED", NT_STATUS_FILE_FORCED_CLOSED},
- {"NT_STATUS_PROFILING_NOT_STARTED",
- NT_STATUS_PROFILING_NOT_STARTED},
- {"NT_STATUS_PROFILING_NOT_STOPPED",
- NT_STATUS_PROFILING_NOT_STOPPED},
- {"NT_STATUS_COULD_NOT_INTERPRET", NT_STATUS_COULD_NOT_INTERPRET},
- {"NT_STATUS_FILE_IS_A_DIRECTORY", NT_STATUS_FILE_IS_A_DIRECTORY},
- {"NT_STATUS_NOT_SUPPORTED", NT_STATUS_NOT_SUPPORTED},
- {"NT_STATUS_REMOTE_NOT_LISTENING", NT_STATUS_REMOTE_NOT_LISTENING},
- {"NT_STATUS_DUPLICATE_NAME", NT_STATUS_DUPLICATE_NAME},
- {"NT_STATUS_BAD_NETWORK_PATH", NT_STATUS_BAD_NETWORK_PATH},
- {"NT_STATUS_NETWORK_BUSY", NT_STATUS_NETWORK_BUSY},
- {"NT_STATUS_DEVICE_DOES_NOT_EXIST",
- NT_STATUS_DEVICE_DOES_NOT_EXIST},
- {"NT_STATUS_TOO_MANY_COMMANDS", NT_STATUS_TOO_MANY_COMMANDS},
- {"NT_STATUS_ADAPTER_HARDWARE_ERROR",
- NT_STATUS_ADAPTER_HARDWARE_ERROR},
- {"NT_STATUS_INVALID_NETWORK_RESPONSE",
- NT_STATUS_INVALID_NETWORK_RESPONSE},
- {"NT_STATUS_UNEXPECTED_NETWORK_ERROR",
- NT_STATUS_UNEXPECTED_NETWORK_ERROR},
- {"NT_STATUS_BAD_REMOTE_ADAPTER", NT_STATUS_BAD_REMOTE_ADAPTER},
- {"NT_STATUS_PRINT_QUEUE_FULL", NT_STATUS_PRINT_QUEUE_FULL},
- {"NT_STATUS_NO_SPOOL_SPACE", NT_STATUS_NO_SPOOL_SPACE},
- {"NT_STATUS_PRINT_CANCELLED", NT_STATUS_PRINT_CANCELLED},
- {"NT_STATUS_NETWORK_NAME_DELETED", NT_STATUS_NETWORK_NAME_DELETED},
- {"NT_STATUS_NETWORK_ACCESS_DENIED",
- NT_STATUS_NETWORK_ACCESS_DENIED},
- {"NT_STATUS_BAD_DEVICE_TYPE", NT_STATUS_BAD_DEVICE_TYPE},
- {"NT_STATUS_BAD_NETWORK_NAME", NT_STATUS_BAD_NETWORK_NAME},
- {"NT_STATUS_TOO_MANY_NAMES", NT_STATUS_TOO_MANY_NAMES},
- {"NT_STATUS_TOO_MANY_SESSIONS", NT_STATUS_TOO_MANY_SESSIONS},
- {"NT_STATUS_SHARING_PAUSED", NT_STATUS_SHARING_PAUSED},
- {"NT_STATUS_REQUEST_NOT_ACCEPTED", NT_STATUS_REQUEST_NOT_ACCEPTED},
- {"NT_STATUS_REDIRECTOR_PAUSED", NT_STATUS_REDIRECTOR_PAUSED},
- {"NT_STATUS_NET_WRITE_FAULT", NT_STATUS_NET_WRITE_FAULT},
- {"NT_STATUS_PROFILING_AT_LIMIT", NT_STATUS_PROFILING_AT_LIMIT},
- {"NT_STATUS_NOT_SAME_DEVICE", NT_STATUS_NOT_SAME_DEVICE},
- {"NT_STATUS_FILE_RENAMED", NT_STATUS_FILE_RENAMED},
- {"NT_STATUS_VIRTUAL_CIRCUIT_CLOSED",
- NT_STATUS_VIRTUAL_CIRCUIT_CLOSED},
- {"NT_STATUS_NO_SECURITY_ON_OBJECT",
- NT_STATUS_NO_SECURITY_ON_OBJECT},
- {"NT_STATUS_CANT_WAIT", NT_STATUS_CANT_WAIT},
- {"NT_STATUS_PIPE_EMPTY", NT_STATUS_PIPE_EMPTY},
- {"NT_STATUS_CANT_ACCESS_DOMAIN_INFO",
- NT_STATUS_CANT_ACCESS_DOMAIN_INFO},
- {"NT_STATUS_CANT_TERMINATE_SELF", NT_STATUS_CANT_TERMINATE_SELF},
- {"NT_STATUS_INVALID_SERVER_STATE", NT_STATUS_INVALID_SERVER_STATE},
- {"NT_STATUS_INVALID_DOMAIN_STATE", NT_STATUS_INVALID_DOMAIN_STATE},
- {"NT_STATUS_INVALID_DOMAIN_ROLE", NT_STATUS_INVALID_DOMAIN_ROLE},
- {"NT_STATUS_NO_SUCH_DOMAIN", NT_STATUS_NO_SUCH_DOMAIN},
- {"NT_STATUS_DOMAIN_EXISTS", NT_STATUS_DOMAIN_EXISTS},
- {"NT_STATUS_DOMAIN_LIMIT_EXCEEDED",
- NT_STATUS_DOMAIN_LIMIT_EXCEEDED},
- {"NT_STATUS_OPLOCK_NOT_GRANTED", NT_STATUS_OPLOCK_NOT_GRANTED},
- {"NT_STATUS_INVALID_OPLOCK_PROTOCOL",
- NT_STATUS_INVALID_OPLOCK_PROTOCOL},
- {"NT_STATUS_INTERNAL_DB_CORRUPTION",
- NT_STATUS_INTERNAL_DB_CORRUPTION},
- {"NT_STATUS_INTERNAL_ERROR", NT_STATUS_INTERNAL_ERROR},
- {"NT_STATUS_GENERIC_NOT_MAPPED", NT_STATUS_GENERIC_NOT_MAPPED},
- {"NT_STATUS_BAD_DESCRIPTOR_FORMAT",
- NT_STATUS_BAD_DESCRIPTOR_FORMAT},
- {"NT_STATUS_INVALID_USER_BUFFER", NT_STATUS_INVALID_USER_BUFFER},
- {"NT_STATUS_UNEXPECTED_IO_ERROR", NT_STATUS_UNEXPECTED_IO_ERROR},
- {"NT_STATUS_UNEXPECTED_MM_CREATE_ERR",
- NT_STATUS_UNEXPECTED_MM_CREATE_ERR},
- {"NT_STATUS_UNEXPECTED_MM_MAP_ERROR",
- NT_STATUS_UNEXPECTED_MM_MAP_ERROR},
- {"NT_STATUS_UNEXPECTED_MM_EXTEND_ERR",
- NT_STATUS_UNEXPECTED_MM_EXTEND_ERR},
- {"NT_STATUS_NOT_LOGON_PROCESS", NT_STATUS_NOT_LOGON_PROCESS},
- {"NT_STATUS_LOGON_SESSION_EXISTS", NT_STATUS_LOGON_SESSION_EXISTS},
- {"NT_STATUS_INVALID_PARAMETER_1", NT_STATUS_INVALID_PARAMETER_1},
- {"NT_STATUS_INVALID_PARAMETER_2", NT_STATUS_INVALID_PARAMETER_2},
- {"NT_STATUS_INVALID_PARAMETER_3", NT_STATUS_INVALID_PARAMETER_3},
- {"NT_STATUS_INVALID_PARAMETER_4", NT_STATUS_INVALID_PARAMETER_4},
- {"NT_STATUS_INVALID_PARAMETER_5", NT_STATUS_INVALID_PARAMETER_5},
- {"NT_STATUS_INVALID_PARAMETER_6", NT_STATUS_INVALID_PARAMETER_6},
- {"NT_STATUS_INVALID_PARAMETER_7", NT_STATUS_INVALID_PARAMETER_7},
- {"NT_STATUS_INVALID_PARAMETER_8", NT_STATUS_INVALID_PARAMETER_8},
- {"NT_STATUS_INVALID_PARAMETER_9", NT_STATUS_INVALID_PARAMETER_9},
- {"NT_STATUS_INVALID_PARAMETER_10", NT_STATUS_INVALID_PARAMETER_10},
- {"NT_STATUS_INVALID_PARAMETER_11", NT_STATUS_INVALID_PARAMETER_11},
- {"NT_STATUS_INVALID_PARAMETER_12", NT_STATUS_INVALID_PARAMETER_12},
- {"NT_STATUS_REDIRECTOR_NOT_STARTED",
- NT_STATUS_REDIRECTOR_NOT_STARTED},
- {"NT_STATUS_REDIRECTOR_STARTED", NT_STATUS_REDIRECTOR_STARTED},
- {"NT_STATUS_STACK_OVERFLOW", NT_STATUS_STACK_OVERFLOW},
- {"NT_STATUS_NO_SUCH_PACKAGE", NT_STATUS_NO_SUCH_PACKAGE},
- {"NT_STATUS_BAD_FUNCTION_TABLE", NT_STATUS_BAD_FUNCTION_TABLE},
- {"NT_STATUS_DIRECTORY_NOT_EMPTY", NT_STATUS_DIRECTORY_NOT_EMPTY},
- {"NT_STATUS_FILE_CORRUPT_ERROR", NT_STATUS_FILE_CORRUPT_ERROR},
- {"NT_STATUS_NOT_A_DIRECTORY", NT_STATUS_NOT_A_DIRECTORY},
- {"NT_STATUS_BAD_LOGON_SESSION_STATE",
- NT_STATUS_BAD_LOGON_SESSION_STATE},
- {"NT_STATUS_LOGON_SESSION_COLLISION",
- NT_STATUS_LOGON_SESSION_COLLISION},
- {"NT_STATUS_NAME_TOO_LONG", NT_STATUS_NAME_TOO_LONG},
- {"NT_STATUS_FILES_OPEN", NT_STATUS_FILES_OPEN},
- {"NT_STATUS_CONNECTION_IN_USE", NT_STATUS_CONNECTION_IN_USE},
- {"NT_STATUS_MESSAGE_NOT_FOUND", NT_STATUS_MESSAGE_NOT_FOUND},
- {"NT_STATUS_PROCESS_IS_TERMINATING",
- NT_STATUS_PROCESS_IS_TERMINATING},
- {"NT_STATUS_INVALID_LOGON_TYPE", NT_STATUS_INVALID_LOGON_TYPE},
- {"NT_STATUS_NO_GUID_TRANSLATION", NT_STATUS_NO_GUID_TRANSLATION},
- {"NT_STATUS_CANNOT_IMPERSONATE", NT_STATUS_CANNOT_IMPERSONATE},
- {"NT_STATUS_IMAGE_ALREADY_LOADED", NT_STATUS_IMAGE_ALREADY_LOADED},
- {"NT_STATUS_ABIOS_NOT_PRESENT", NT_STATUS_ABIOS_NOT_PRESENT},
- {"NT_STATUS_ABIOS_LID_NOT_EXIST", NT_STATUS_ABIOS_LID_NOT_EXIST},
- {"NT_STATUS_ABIOS_LID_ALREADY_OWNED",
- NT_STATUS_ABIOS_LID_ALREADY_OWNED},
- {"NT_STATUS_ABIOS_NOT_LID_OWNER", NT_STATUS_ABIOS_NOT_LID_OWNER},
- {"NT_STATUS_ABIOS_INVALID_COMMAND",
- NT_STATUS_ABIOS_INVALID_COMMAND},
- {"NT_STATUS_ABIOS_INVALID_LID", NT_STATUS_ABIOS_INVALID_LID},
- {"NT_STATUS_ABIOS_SELECTOR_NOT_AVAILABLE",
- NT_STATUS_ABIOS_SELECTOR_NOT_AVAILABLE},
- {"NT_STATUS_ABIOS_INVALID_SELECTOR",
- NT_STATUS_ABIOS_INVALID_SELECTOR},
- {"NT_STATUS_NO_LDT", NT_STATUS_NO_LDT},
- {"NT_STATUS_INVALID_LDT_SIZE", NT_STATUS_INVALID_LDT_SIZE},
- {"NT_STATUS_INVALID_LDT_OFFSET", NT_STATUS_INVALID_LDT_OFFSET},
- {"NT_STATUS_INVALID_LDT_DESCRIPTOR",
- NT_STATUS_INVALID_LDT_DESCRIPTOR},
- {"NT_STATUS_INVALID_IMAGE_NE_FORMAT",
- NT_STATUS_INVALID_IMAGE_NE_FORMAT},
- {"NT_STATUS_RXACT_INVALID_STATE", NT_STATUS_RXACT_INVALID_STATE},
- {"NT_STATUS_RXACT_COMMIT_FAILURE", NT_STATUS_RXACT_COMMIT_FAILURE},
- {"NT_STATUS_MAPPED_FILE_SIZE_ZERO",
- NT_STATUS_MAPPED_FILE_SIZE_ZERO},
- {"NT_STATUS_TOO_MANY_OPENED_FILES",
- NT_STATUS_TOO_MANY_OPENED_FILES},
- {"NT_STATUS_CANCELLED", NT_STATUS_CANCELLED},
- {"NT_STATUS_CANNOT_DELETE", NT_STATUS_CANNOT_DELETE},
- {"NT_STATUS_INVALID_COMPUTER_NAME",
- NT_STATUS_INVALID_COMPUTER_NAME},
- {"NT_STATUS_FILE_DELETED", NT_STATUS_FILE_DELETED},
- {"NT_STATUS_SPECIAL_ACCOUNT", NT_STATUS_SPECIAL_ACCOUNT},
- {"NT_STATUS_SPECIAL_GROUP", NT_STATUS_SPECIAL_GROUP},
- {"NT_STATUS_SPECIAL_USER", NT_STATUS_SPECIAL_USER},
- {"NT_STATUS_MEMBERS_PRIMARY_GROUP",
- NT_STATUS_MEMBERS_PRIMARY_GROUP},
- {"NT_STATUS_FILE_CLOSED", NT_STATUS_FILE_CLOSED},
- {"NT_STATUS_TOO_MANY_THREADS", NT_STATUS_TOO_MANY_THREADS},
- {"NT_STATUS_THREAD_NOT_IN_PROCESS",
- NT_STATUS_THREAD_NOT_IN_PROCESS},
- {"NT_STATUS_TOKEN_ALREADY_IN_USE", NT_STATUS_TOKEN_ALREADY_IN_USE},
- {"NT_STATUS_PAGEFILE_QUOTA_EXCEEDED",
- NT_STATUS_PAGEFILE_QUOTA_EXCEEDED},
- {"NT_STATUS_COMMITMENT_LIMIT", NT_STATUS_COMMITMENT_LIMIT},
- {"NT_STATUS_INVALID_IMAGE_LE_FORMAT",
- NT_STATUS_INVALID_IMAGE_LE_FORMAT},
- {"NT_STATUS_INVALID_IMAGE_NOT_MZ", NT_STATUS_INVALID_IMAGE_NOT_MZ},
- {"NT_STATUS_INVALID_IMAGE_PROTECT",
- NT_STATUS_INVALID_IMAGE_PROTECT},
- {"NT_STATUS_INVALID_IMAGE_WIN_16", NT_STATUS_INVALID_IMAGE_WIN_16},
- {"NT_STATUS_LOGON_SERVER_CONFLICT",
- NT_STATUS_LOGON_SERVER_CONFLICT},
- {"NT_STATUS_TIME_DIFFERENCE_AT_DC",
- NT_STATUS_TIME_DIFFERENCE_AT_DC},
- {"NT_STATUS_SYNCHRONIZATION_REQUIRED",
- NT_STATUS_SYNCHRONIZATION_REQUIRED},
- {"NT_STATUS_DLL_NOT_FOUND", NT_STATUS_DLL_NOT_FOUND},
- {"NT_STATUS_OPEN_FAILED", NT_STATUS_OPEN_FAILED},
- {"NT_STATUS_IO_PRIVILEGE_FAILED", NT_STATUS_IO_PRIVILEGE_FAILED},
- {"NT_STATUS_ORDINAL_NOT_FOUND", NT_STATUS_ORDINAL_NOT_FOUND},
- {"NT_STATUS_ENTRYPOINT_NOT_FOUND", NT_STATUS_ENTRYPOINT_NOT_FOUND},
- {"NT_STATUS_CONTROL_C_EXIT", NT_STATUS_CONTROL_C_EXIT},
- {"NT_STATUS_LOCAL_DISCONNECT", NT_STATUS_LOCAL_DISCONNECT},
- {"NT_STATUS_REMOTE_DISCONNECT", NT_STATUS_REMOTE_DISCONNECT},
- {"NT_STATUS_REMOTE_RESOURCES", NT_STATUS_REMOTE_RESOURCES},
- {"NT_STATUS_LINK_FAILED", NT_STATUS_LINK_FAILED},
- {"NT_STATUS_LINK_TIMEOUT", NT_STATUS_LINK_TIMEOUT},
- {"NT_STATUS_INVALID_CONNECTION", NT_STATUS_INVALID_CONNECTION},
- {"NT_STATUS_INVALID_ADDRESS", NT_STATUS_INVALID_ADDRESS},
- {"NT_STATUS_DLL_INIT_FAILED", NT_STATUS_DLL_INIT_FAILED},
- {"NT_STATUS_MISSING_SYSTEMFILE", NT_STATUS_MISSING_SYSTEMFILE},
- {"NT_STATUS_UNHANDLED_EXCEPTION", NT_STATUS_UNHANDLED_EXCEPTION},
- {"NT_STATUS_APP_INIT_FAILURE", NT_STATUS_APP_INIT_FAILURE},
- {"NT_STATUS_PAGEFILE_CREATE_FAILED",
- NT_STATUS_PAGEFILE_CREATE_FAILED},
- {"NT_STATUS_NO_PAGEFILE", NT_STATUS_NO_PAGEFILE},
- {"NT_STATUS_INVALID_LEVEL", NT_STATUS_INVALID_LEVEL},
- {"NT_STATUS_WRONG_PASSWORD_CORE", NT_STATUS_WRONG_PASSWORD_CORE},
- {"NT_STATUS_ILLEGAL_FLOAT_CONTEXT",
- NT_STATUS_ILLEGAL_FLOAT_CONTEXT},
- {"NT_STATUS_PIPE_BROKEN", NT_STATUS_PIPE_BROKEN},
- {"NT_STATUS_REGISTRY_CORRUPT", NT_STATUS_REGISTRY_CORRUPT},
- {"NT_STATUS_REGISTRY_IO_FAILED", NT_STATUS_REGISTRY_IO_FAILED},
- {"NT_STATUS_NO_EVENT_PAIR", NT_STATUS_NO_EVENT_PAIR},
- {"NT_STATUS_UNRECOGNIZED_VOLUME", NT_STATUS_UNRECOGNIZED_VOLUME},
- {"NT_STATUS_SERIAL_NO_DEVICE_INITED",
- NT_STATUS_SERIAL_NO_DEVICE_INITED},
- {"NT_STATUS_NO_SUCH_ALIAS", NT_STATUS_NO_SUCH_ALIAS},
- {"NT_STATUS_MEMBER_NOT_IN_ALIAS", NT_STATUS_MEMBER_NOT_IN_ALIAS},
- {"NT_STATUS_MEMBER_IN_ALIAS", NT_STATUS_MEMBER_IN_ALIAS},
- {"NT_STATUS_ALIAS_EXISTS", NT_STATUS_ALIAS_EXISTS},
- {"NT_STATUS_LOGON_NOT_GRANTED", NT_STATUS_LOGON_NOT_GRANTED},
- {"NT_STATUS_TOO_MANY_SECRETS", NT_STATUS_TOO_MANY_SECRETS},
- {"NT_STATUS_SECRET_TOO_LONG", NT_STATUS_SECRET_TOO_LONG},
- {"NT_STATUS_INTERNAL_DB_ERROR", NT_STATUS_INTERNAL_DB_ERROR},
- {"NT_STATUS_FULLSCREEN_MODE", NT_STATUS_FULLSCREEN_MODE},
- {"NT_STATUS_TOO_MANY_CONTEXT_IDS", NT_STATUS_TOO_MANY_CONTEXT_IDS},
- {"NT_STATUS_LOGON_TYPE_NOT_GRANTED",
- NT_STATUS_LOGON_TYPE_NOT_GRANTED},
- {"NT_STATUS_NOT_REGISTRY_FILE", NT_STATUS_NOT_REGISTRY_FILE},
- {"NT_STATUS_NT_CROSS_ENCRYPTION_REQUIRED",
- NT_STATUS_NT_CROSS_ENCRYPTION_REQUIRED},
- {"NT_STATUS_DOMAIN_CTRLR_CONFIG_ERROR",
- NT_STATUS_DOMAIN_CTRLR_CONFIG_ERROR},
- {"NT_STATUS_FT_MISSING_MEMBER", NT_STATUS_FT_MISSING_MEMBER},
- {"NT_STATUS_ILL_FORMED_SERVICE_ENTRY",
- NT_STATUS_ILL_FORMED_SERVICE_ENTRY},
- {"NT_STATUS_ILLEGAL_CHARACTER", NT_STATUS_ILLEGAL_CHARACTER},
- {"NT_STATUS_UNMAPPABLE_CHARACTER", NT_STATUS_UNMAPPABLE_CHARACTER},
- {"NT_STATUS_UNDEFINED_CHARACTER", NT_STATUS_UNDEFINED_CHARACTER},
- {"NT_STATUS_FLOPPY_VOLUME", NT_STATUS_FLOPPY_VOLUME},
- {"NT_STATUS_FLOPPY_ID_MARK_NOT_FOUND",
- NT_STATUS_FLOPPY_ID_MARK_NOT_FOUND},
- {"NT_STATUS_FLOPPY_WRONG_CYLINDER",
- NT_STATUS_FLOPPY_WRONG_CYLINDER},
- {"NT_STATUS_FLOPPY_UNKNOWN_ERROR", NT_STATUS_FLOPPY_UNKNOWN_ERROR},
- {"NT_STATUS_FLOPPY_BAD_REGISTERS", NT_STATUS_FLOPPY_BAD_REGISTERS},
- {"NT_STATUS_DISK_RECALIBRATE_FAILED",
- NT_STATUS_DISK_RECALIBRATE_FAILED},
- {"NT_STATUS_DISK_OPERATION_FAILED",
- NT_STATUS_DISK_OPERATION_FAILED},
- {"NT_STATUS_DISK_RESET_FAILED", NT_STATUS_DISK_RESET_FAILED},
- {"NT_STATUS_SHARED_IRQ_BUSY", NT_STATUS_SHARED_IRQ_BUSY},
- {"NT_STATUS_FT_ORPHANING", NT_STATUS_FT_ORPHANING},
- {"NT_STATUS_PARTITION_FAILURE", NT_STATUS_PARTITION_FAILURE},
- {"NT_STATUS_INVALID_BLOCK_LENGTH", NT_STATUS_INVALID_BLOCK_LENGTH},
- {"NT_STATUS_DEVICE_NOT_PARTITIONED",
- NT_STATUS_DEVICE_NOT_PARTITIONED},
- {"NT_STATUS_UNABLE_TO_LOCK_MEDIA", NT_STATUS_UNABLE_TO_LOCK_MEDIA},
- {"NT_STATUS_UNABLE_TO_UNLOAD_MEDIA",
- NT_STATUS_UNABLE_TO_UNLOAD_MEDIA},
- {"NT_STATUS_EOM_OVERFLOW", NT_STATUS_EOM_OVERFLOW},
- {"NT_STATUS_NO_MEDIA", NT_STATUS_NO_MEDIA},
- {"NT_STATUS_NO_SUCH_MEMBER", NT_STATUS_NO_SUCH_MEMBER},
- {"NT_STATUS_INVALID_MEMBER", NT_STATUS_INVALID_MEMBER},
- {"NT_STATUS_KEY_DELETED", NT_STATUS_KEY_DELETED},
- {"NT_STATUS_NO_LOG_SPACE", NT_STATUS_NO_LOG_SPACE},
- {"NT_STATUS_TOO_MANY_SIDS", NT_STATUS_TOO_MANY_SIDS},
- {"NT_STATUS_LM_CROSS_ENCRYPTION_REQUIRED",
- NT_STATUS_LM_CROSS_ENCRYPTION_REQUIRED},
- {"NT_STATUS_KEY_HAS_CHILDREN", NT_STATUS_KEY_HAS_CHILDREN},
- {"NT_STATUS_CHILD_MUST_BE_VOLATILE",
- NT_STATUS_CHILD_MUST_BE_VOLATILE},
- {"NT_STATUS_DEVICE_CONFIGURATION_ERROR",
- NT_STATUS_DEVICE_CONFIGURATION_ERROR},
- {"NT_STATUS_DRIVER_INTERNAL_ERROR",
- NT_STATUS_DRIVER_INTERNAL_ERROR},
- {"NT_STATUS_INVALID_DEVICE_STATE", NT_STATUS_INVALID_DEVICE_STATE},
- {"NT_STATUS_IO_DEVICE_ERROR", NT_STATUS_IO_DEVICE_ERROR},
- {"NT_STATUS_DEVICE_PROTOCOL_ERROR",
- NT_STATUS_DEVICE_PROTOCOL_ERROR},
- {"NT_STATUS_BACKUP_CONTROLLER", NT_STATUS_BACKUP_CONTROLLER},
- {"NT_STATUS_LOG_FILE_FULL", NT_STATUS_LOG_FILE_FULL},
- {"NT_STATUS_TOO_LATE", NT_STATUS_TOO_LATE},
- {"NT_STATUS_NO_TRUST_LSA_SECRET", NT_STATUS_NO_TRUST_LSA_SECRET},
- {"NT_STATUS_NO_TRUST_SAM_ACCOUNT", NT_STATUS_NO_TRUST_SAM_ACCOUNT},
- {"NT_STATUS_TRUSTED_DOMAIN_FAILURE",
- NT_STATUS_TRUSTED_DOMAIN_FAILURE},
- {"NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE",
- NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE},
- {"NT_STATUS_EVENTLOG_FILE_CORRUPT",
- NT_STATUS_EVENTLOG_FILE_CORRUPT},
- {"NT_STATUS_EVENTLOG_CANT_START", NT_STATUS_EVENTLOG_CANT_START},
- {"NT_STATUS_TRUST_FAILURE", NT_STATUS_TRUST_FAILURE},
- {"NT_STATUS_MUTANT_LIMIT_EXCEEDED",
- NT_STATUS_MUTANT_LIMIT_EXCEEDED},
- {"NT_STATUS_NETLOGON_NOT_STARTED", NT_STATUS_NETLOGON_NOT_STARTED},
- {"NT_STATUS_ACCOUNT_EXPIRED", NT_STATUS_ACCOUNT_EXPIRED},
- {"NT_STATUS_POSSIBLE_DEADLOCK", NT_STATUS_POSSIBLE_DEADLOCK},
- {"NT_STATUS_NETWORK_CREDENTIAL_CONFLICT",
- NT_STATUS_NETWORK_CREDENTIAL_CONFLICT},
- {"NT_STATUS_REMOTE_SESSION_LIMIT", NT_STATUS_REMOTE_SESSION_LIMIT},
- {"NT_STATUS_EVENTLOG_FILE_CHANGED",
- NT_STATUS_EVENTLOG_FILE_CHANGED},
- {"NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT",
- NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT},
- {"NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT",
- NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT},
- {"NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT",
- NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT},
- {"NT_STATUS_DOMAIN_TRUST_INCONSISTENT",
- NT_STATUS_DOMAIN_TRUST_INCONSISTENT},
- {"NT_STATUS_FS_DRIVER_REQUIRED", NT_STATUS_FS_DRIVER_REQUIRED},
- {"NT_STATUS_NO_USER_SESSION_KEY", NT_STATUS_NO_USER_SESSION_KEY},
- {"NT_STATUS_USER_SESSION_DELETED", NT_STATUS_USER_SESSION_DELETED},
- {"NT_STATUS_RESOURCE_LANG_NOT_FOUND",
- NT_STATUS_RESOURCE_LANG_NOT_FOUND},
- {"NT_STATUS_INSUFF_SERVER_RESOURCES",
- NT_STATUS_INSUFF_SERVER_RESOURCES},
- {"NT_STATUS_INVALID_BUFFER_SIZE", NT_STATUS_INVALID_BUFFER_SIZE},
- {"NT_STATUS_INVALID_ADDRESS_COMPONENT",
- NT_STATUS_INVALID_ADDRESS_COMPONENT},
- {"NT_STATUS_INVALID_ADDRESS_WILDCARD",
- NT_STATUS_INVALID_ADDRESS_WILDCARD},
- {"NT_STATUS_TOO_MANY_ADDRESSES", NT_STATUS_TOO_MANY_ADDRESSES},
- {"NT_STATUS_ADDRESS_ALREADY_EXISTS",
- NT_STATUS_ADDRESS_ALREADY_EXISTS},
- {"NT_STATUS_ADDRESS_CLOSED", NT_STATUS_ADDRESS_CLOSED},
- {"NT_STATUS_CONNECTION_DISCONNECTED",
- NT_STATUS_CONNECTION_DISCONNECTED},
- {"NT_STATUS_CONNECTION_RESET", NT_STATUS_CONNECTION_RESET},
- {"NT_STATUS_TOO_MANY_NODES", NT_STATUS_TOO_MANY_NODES},
- {"NT_STATUS_TRANSACTION_ABORTED", NT_STATUS_TRANSACTION_ABORTED},
- {"NT_STATUS_TRANSACTION_TIMED_OUT",
- NT_STATUS_TRANSACTION_TIMED_OUT},
- {"NT_STATUS_TRANSACTION_NO_RELEASE",
- NT_STATUS_TRANSACTION_NO_RELEASE},
- {"NT_STATUS_TRANSACTION_NO_MATCH", NT_STATUS_TRANSACTION_NO_MATCH},
- {"NT_STATUS_TRANSACTION_RESPONDED",
- NT_STATUS_TRANSACTION_RESPONDED},
- {"NT_STATUS_TRANSACTION_INVALID_ID",
- NT_STATUS_TRANSACTION_INVALID_ID},
- {"NT_STATUS_TRANSACTION_INVALID_TYPE",
- NT_STATUS_TRANSACTION_INVALID_TYPE},
- {"NT_STATUS_NOT_SERVER_SESSION", NT_STATUS_NOT_SERVER_SESSION},
- {"NT_STATUS_NOT_CLIENT_SESSION", NT_STATUS_NOT_CLIENT_SESSION},
- {"NT_STATUS_CANNOT_LOAD_REGISTRY_FILE",
- NT_STATUS_CANNOT_LOAD_REGISTRY_FILE},
- {"NT_STATUS_DEBUG_ATTACH_FAILED", NT_STATUS_DEBUG_ATTACH_FAILED},
- {"NT_STATUS_SYSTEM_PROCESS_TERMINATED",
- NT_STATUS_SYSTEM_PROCESS_TERMINATED},
- {"NT_STATUS_DATA_NOT_ACCEPTED", NT_STATUS_DATA_NOT_ACCEPTED},
- {"NT_STATUS_NO_BROWSER_SERVERS_FOUND",
- NT_STATUS_NO_BROWSER_SERVERS_FOUND},
- {"NT_STATUS_VDM_HARD_ERROR", NT_STATUS_VDM_HARD_ERROR},
- {"NT_STATUS_DRIVER_CANCEL_TIMEOUT",
- NT_STATUS_DRIVER_CANCEL_TIMEOUT},
- {"NT_STATUS_REPLY_MESSAGE_MISMATCH",
- NT_STATUS_REPLY_MESSAGE_MISMATCH},
- {"NT_STATUS_MAPPED_ALIGNMENT", NT_STATUS_MAPPED_ALIGNMENT},
- {"NT_STATUS_IMAGE_CHECKSUM_MISMATCH",
- NT_STATUS_IMAGE_CHECKSUM_MISMATCH},
- {"NT_STATUS_LOST_WRITEBEHIND_DATA",
- NT_STATUS_LOST_WRITEBEHIND_DATA},
- {"NT_STATUS_CLIENT_SERVER_PARAMETERS_INVALID",
- NT_STATUS_CLIENT_SERVER_PARAMETERS_INVALID},
- {"NT_STATUS_PASSWORD_MUST_CHANGE", NT_STATUS_PASSWORD_MUST_CHANGE},
- {"NT_STATUS_NOT_FOUND", NT_STATUS_NOT_FOUND},
- {"NT_STATUS_NOT_TINY_STREAM", NT_STATUS_NOT_TINY_STREAM},
- {"NT_STATUS_RECOVERY_FAILURE", NT_STATUS_RECOVERY_FAILURE},
- {"NT_STATUS_STACK_OVERFLOW_READ", NT_STATUS_STACK_OVERFLOW_READ},
- {"NT_STATUS_FAIL_CHECK", NT_STATUS_FAIL_CHECK},
- {"NT_STATUS_DUPLICATE_OBJECTID", NT_STATUS_DUPLICATE_OBJECTID},
- {"NT_STATUS_OBJECTID_EXISTS", NT_STATUS_OBJECTID_EXISTS},
- {"NT_STATUS_CONVERT_TO_LARGE", NT_STATUS_CONVERT_TO_LARGE},
- {"NT_STATUS_RETRY", NT_STATUS_RETRY},
- {"NT_STATUS_FOUND_OUT_OF_SCOPE", NT_STATUS_FOUND_OUT_OF_SCOPE},
- {"NT_STATUS_ALLOCATE_BUCKET", NT_STATUS_ALLOCATE_BUCKET},
- {"NT_STATUS_PROPSET_NOT_FOUND", NT_STATUS_PROPSET_NOT_FOUND},
- {"NT_STATUS_MARSHALL_OVERFLOW", NT_STATUS_MARSHALL_OVERFLOW},
- {"NT_STATUS_INVALID_VARIANT", NT_STATUS_INVALID_VARIANT},
- {"NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND",
- NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND},
- {"NT_STATUS_ACCOUNT_LOCKED_OUT", NT_STATUS_ACCOUNT_LOCKED_OUT},
- {"NT_STATUS_HANDLE_NOT_CLOSABLE", NT_STATUS_HANDLE_NOT_CLOSABLE},
- {"NT_STATUS_CONNECTION_REFUSED", NT_STATUS_CONNECTION_REFUSED},
- {"NT_STATUS_GRACEFUL_DISCONNECT", NT_STATUS_GRACEFUL_DISCONNECT},
- {"NT_STATUS_ADDRESS_ALREADY_ASSOCIATED",
- NT_STATUS_ADDRESS_ALREADY_ASSOCIATED},
- {"NT_STATUS_ADDRESS_NOT_ASSOCIATED",
- NT_STATUS_ADDRESS_NOT_ASSOCIATED},
- {"NT_STATUS_CONNECTION_INVALID", NT_STATUS_CONNECTION_INVALID},
- {"NT_STATUS_CONNECTION_ACTIVE", NT_STATUS_CONNECTION_ACTIVE},
- {"NT_STATUS_NETWORK_UNREACHABLE", NT_STATUS_NETWORK_UNREACHABLE},
- {"NT_STATUS_HOST_UNREACHABLE", NT_STATUS_HOST_UNREACHABLE},
- {"NT_STATUS_PROTOCOL_UNREACHABLE", NT_STATUS_PROTOCOL_UNREACHABLE},
- {"NT_STATUS_PORT_UNREACHABLE", NT_STATUS_PORT_UNREACHABLE},
- {"NT_STATUS_REQUEST_ABORTED", NT_STATUS_REQUEST_ABORTED},
- {"NT_STATUS_CONNECTION_ABORTED", NT_STATUS_CONNECTION_ABORTED},
- {"NT_STATUS_BAD_COMPRESSION_BUFFER",
- NT_STATUS_BAD_COMPRESSION_BUFFER},
- {"NT_STATUS_USER_MAPPED_FILE", NT_STATUS_USER_MAPPED_FILE},
- {"NT_STATUS_AUDIT_FAILED", NT_STATUS_AUDIT_FAILED},
- {"NT_STATUS_TIMER_RESOLUTION_NOT_SET",
- NT_STATUS_TIMER_RESOLUTION_NOT_SET},
- {"NT_STATUS_CONNECTION_COUNT_LIMIT",
- NT_STATUS_CONNECTION_COUNT_LIMIT},
- {"NT_STATUS_LOGIN_TIME_RESTRICTION",
- NT_STATUS_LOGIN_TIME_RESTRICTION},
- {"NT_STATUS_LOGIN_WKSTA_RESTRICTION",
- NT_STATUS_LOGIN_WKSTA_RESTRICTION},
- {"NT_STATUS_IMAGE_MP_UP_MISMATCH", NT_STATUS_IMAGE_MP_UP_MISMATCH},
- {"NT_STATUS_INSUFFICIENT_LOGON_INFO",
- NT_STATUS_INSUFFICIENT_LOGON_INFO},
- {"NT_STATUS_BAD_DLL_ENTRYPOINT", NT_STATUS_BAD_DLL_ENTRYPOINT},
- {"NT_STATUS_BAD_SERVICE_ENTRYPOINT",
- NT_STATUS_BAD_SERVICE_ENTRYPOINT},
- {"NT_STATUS_LPC_REPLY_LOST", NT_STATUS_LPC_REPLY_LOST},
- {"NT_STATUS_IP_ADDRESS_CONFLICT1", NT_STATUS_IP_ADDRESS_CONFLICT1},
- {"NT_STATUS_IP_ADDRESS_CONFLICT2", NT_STATUS_IP_ADDRESS_CONFLICT2},
- {"NT_STATUS_REGISTRY_QUOTA_LIMIT", NT_STATUS_REGISTRY_QUOTA_LIMIT},
- {"NT_STATUS_PATH_NOT_COVERED", NT_STATUS_PATH_NOT_COVERED},
- {"NT_STATUS_NO_CALLBACK_ACTIVE", NT_STATUS_NO_CALLBACK_ACTIVE},
- {"NT_STATUS_LICENSE_QUOTA_EXCEEDED",
- NT_STATUS_LICENSE_QUOTA_EXCEEDED},
- {"NT_STATUS_PWD_TOO_SHORT", NT_STATUS_PWD_TOO_SHORT},
- {"NT_STATUS_PWD_TOO_RECENT", NT_STATUS_PWD_TOO_RECENT},
- {"NT_STATUS_PWD_HISTORY_CONFLICT", NT_STATUS_PWD_HISTORY_CONFLICT},
- {"NT_STATUS_PLUGPLAY_NO_DEVICE", NT_STATUS_PLUGPLAY_NO_DEVICE},
- {"NT_STATUS_UNSUPPORTED_COMPRESSION",
- NT_STATUS_UNSUPPORTED_COMPRESSION},
- {"NT_STATUS_INVALID_HW_PROFILE", NT_STATUS_INVALID_HW_PROFILE},
- {"NT_STATUS_INVALID_PLUGPLAY_DEVICE_PATH",
- NT_STATUS_INVALID_PLUGPLAY_DEVICE_PATH},
- {"NT_STATUS_DRIVER_ORDINAL_NOT_FOUND",
- NT_STATUS_DRIVER_ORDINAL_NOT_FOUND},
- {"NT_STATUS_DRIVER_ENTRYPOINT_NOT_FOUND",
- NT_STATUS_DRIVER_ENTRYPOINT_NOT_FOUND},
- {"NT_STATUS_RESOURCE_NOT_OWNED", NT_STATUS_RESOURCE_NOT_OWNED},
- {"NT_STATUS_TOO_MANY_LINKS", NT_STATUS_TOO_MANY_LINKS},
- {"NT_STATUS_QUOTA_LIST_INCONSISTENT",
- NT_STATUS_QUOTA_LIST_INCONSISTENT},
- {"NT_STATUS_FILE_IS_OFFLINE", NT_STATUS_FILE_IS_OFFLINE},
- {"NT_STATUS_NO_MORE_ENTRIES", NT_STATUS_NO_MORE_ENTRIES},
- {"NT_STATUS_MORE_ENTRIES", NT_STATUS_MORE_ENTRIES},
- {"NT_STATUS_SOME_UNMAPPED", NT_STATUS_SOME_UNMAPPED},
- {NULL, 0}
-};
diff --git a/fs/cifsd/nterr.h b/fs/cifsd/nterr.h
index 9f5004b69d30..a66100e74741 100644
--- a/fs/cifsd/nterr.h
+++ b/fs/cifsd/nterr.h
@@ -14,13 +14,6 @@
#ifndef _NTERR_H
#define _NTERR_H
-struct nt_err_code_struct {
- char *nt_errstr;
- __u32 nt_errcode;
-};
-
-extern const struct nt_err_code_struct nt_errs[];
-
/* Win32 Status codes. */
#define NT_STATUS_MORE_ENTRIES 0x0105
#define NT_ERROR_INVALID_PARAMETER 0x0057
From patchwork Mon Nov 14 12:49:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183144
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:33 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:33 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:33 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 047/308] cifsd: move nt time functions to misc.c
Date: Mon, 14 Nov 2022 20:49:16 +0800
Message-ID: <20221114125337.1831594-48-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2c9230ed-8060-4d1d-6f13-08dac63c4e08
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6923692
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 5626518ecaa50ffa5797e516a47a0b1392db1aa9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5626518ecaa5
-------------------------------
Move nt time functions in netmisc.c to misc.c to remove netmisc.c file.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/misc.c | 46 ++++++++++++++++++++++++++++++++++
fs/cifsd/misc.h | 6 +++++
fs/cifsd/netmisc.c | 58 -------------------------------------------
fs/cifsd/smb_common.h | 6 -----
fs/cifsd/vfs.c | 1 +
5 files changed, 53 insertions(+), 64 deletions(-)
delete mode 100644 fs/cifsd/netmisc.c
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
index cbaaecf2eca1..7fa6649fadfd 100644
--- a/fs/cifsd/misc.c
+++ b/fs/cifsd/misc.c
@@ -292,3 +292,49 @@ char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
conv[*conv_len + 1] = 0x00;
return conv;
}
+
+/*
+ * Convert the NT UTC (based 1601-01-01, in hundred nanosecond units)
+ * into Unix UTC (based 1970-01-01, in seconds).
+ */
+struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc)
+{
+ struct timespec64 ts;
+
+ /* Subtract the NTFS time offset, then convert to 1s intervals. */
+ s64 t = le64_to_cpu(ntutc) - NTFS_TIME_OFFSET;
+ u64 abs_t;
+
+ /*
+ * Unfortunately can not use normal 64 bit division on 32 bit arch, but
+ * the alternative, do_div, does not work with negative numbers so have
+ * to special case them
+ */
+ if (t < 0) {
+ abs_t = -t;
+ ts.tv_nsec = do_div(abs_t, 10000000) * 100;
+ ts.tv_nsec = -ts.tv_nsec;
+ ts.tv_sec = -abs_t;
+ } else {
+ abs_t = t;
+ ts.tv_nsec = do_div(abs_t, 10000000) * 100;
+ ts.tv_sec = abs_t;
+ }
+
+ return ts;
+}
+
+/* Convert the Unix UTC into NT UTC. */
+inline u64 ksmbd_UnixTimeToNT(struct timespec64 t)
+{
+ /* Convert to 100ns intervals and then add the NTFS time offset. */
+ return (u64)t.tv_sec * 10000000 + t.tv_nsec / 100 + NTFS_TIME_OFFSET;
+}
+
+inline long long ksmbd_systime(void)
+{
+ struct timespec64 ts;
+
+ ktime_get_real_ts64(&ts);
+ return ksmbd_UnixTimeToNT(ts);
+}
diff --git a/fs/cifsd/misc.h b/fs/cifsd/misc.h
index 73b21709b6c9..e4bd02a8d45f 100644
--- a/fs/cifsd/misc.h
+++ b/fs/cifsd/misc.h
@@ -35,4 +35,10 @@ struct ksmbd_dir_info;
char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
const struct nls_table *local_nls,
int *conv_len);
+
+#define NTFS_TIME_OFFSET ((u64)(369 * 365 + 89) * 24 * 3600 * 10000000)
+
+struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc);
+u64 ksmbd_UnixTimeToNT(struct timespec64 t);
+long long ksmbd_systime(void);
#endif /* __KSMBD_MISC_H__ */
diff --git a/fs/cifsd/netmisc.c b/fs/cifsd/netmisc.c
deleted file mode 100644
index 8f052434b64c..000000000000
--- a/fs/cifsd/netmisc.c
+++ /dev/null
@@ -1,58 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0-or-later
-/*
- * Copyright (c) International Business Machines Corp., 2002,2008
- * Author(s): Steve French (sfrench(a)us.ibm.com)
- *
- * Error mapping routines from Samba libsmb/errormap.c
- * Copyright (C) Andrew Tridgell 2001
- */
-
-#include "glob.h"
-#include "nterr.h"
-#include "smb_common.h"
-
-/*
- * Convert the NT UTC (based 1601-01-01, in hundred nanosecond units)
- * into Unix UTC (based 1970-01-01, in seconds).
- */
-struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc)
-{
- struct timespec64 ts;
-
- /* Subtract the NTFS time offset, then convert to 1s intervals. */
- s64 t = le64_to_cpu(ntutc) - NTFS_TIME_OFFSET;
- u64 abs_t;
-
- /*
- * Unfortunately can not use normal 64 bit division on 32 bit arch, but
- * the alternative, do_div, does not work with negative numbers so have
- * to special case them
- */
- if (t < 0) {
- abs_t = -t;
- ts.tv_nsec = do_div(abs_t, 10000000) * 100;
- ts.tv_nsec = -ts.tv_nsec;
- ts.tv_sec = -abs_t;
- } else {
- abs_t = t;
- ts.tv_nsec = do_div(abs_t, 10000000) * 100;
- ts.tv_sec = abs_t;
- }
-
- return ts;
-}
-
-/* Convert the Unix UTC into NT UTC. */
-inline u64 ksmbd_UnixTimeToNT(struct timespec64 t)
-{
- /* Convert to 100ns intervals and then add the NTFS time offset. */
- return (u64)t.tv_sec * 10000000 + t.tv_nsec / 100 + NTFS_TIME_OFFSET;
-}
-
-inline long long ksmbd_systime(void)
-{
- struct timespec64 ts;
-
- ktime_get_real_ts64(&ts);
- return ksmbd_UnixTimeToNT(ts);
-}
diff --git a/fs/cifsd/smb_common.h b/fs/cifsd/smb_common.h
index 2e171c9002b2..2d7b1c693ff4 100644
--- a/fs/cifsd/smb_common.h
+++ b/fs/cifsd/smb_common.h
@@ -541,10 +541,4 @@ static inline void inc_rfc1001_len(void *buf, int count)
{
be32_add_cpu((__be32 *)buf, count);
}
-
-#define NTFS_TIME_OFFSET ((u64)(369 * 365 + 89) * 24 * 3600 * 10000000)
-
-struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc);
-u64 ksmbd_UnixTimeToNT(struct timespec64 t);
-long long ksmbd_systime(void);
#endif /* __SMB_COMMON_H__ */
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index d8259ca2493e..7c8ab19ab014 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -29,6 +29,7 @@
#include "smbacl.h"
#include "ndr.h"
#include "auth.h"
+#include "misc.h"
#include "smb_common.h"
#include "mgmt/share_config.h"
From patchwork Mon Nov 14 12:49:17 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183145
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:34 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:34 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:33 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 048/308] cifsd: Fix potential null-ptr-deref in
smb2_open()
Date: Mon, 14 Nov 2022 20:49:17 +0800
Message-ID: <20221114125337.1831594-49-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3592b69e-6196-4767-7e9e-08dac63c4e52
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6844183
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit e6b1059ffaeac794bf1a76fd35947c7c6ac4cb57
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e6b1059ffaea
-------------------------------
Fix potential null-ptr-deref in smb2_open().
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 1ff0b20ff7b8..ba552b8f2127 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2918,13 +2918,16 @@ int smb2_open(struct ksmbd_work *work)
fattr.cf_gid = inode->i_gid;
fattr.cf_mode = inode->i_mode;
fattr.cf_dacls = NULL;
+ ace_num = 0;
fattr.cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
- ace_num = fattr.cf_acls->a_count;
+ if (fattr.cf_acls)
+ ace_num = fattr.cf_acls->a_count;
if (S_ISDIR(inode->i_mode)) {
fattr.cf_dacls =
ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
- ace_num += fattr.cf_dacls->a_count;
+ if (fattr.cf_dacls)
+ ace_num += fattr.cf_dacls->a_count;
}
pntsd = kmalloc(sizeof(struct smb_ntsd) +
From patchwork Mon Nov 14 12:49:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183146
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:34 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:34 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:34 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 049/308] cifsd: use d_inode()
Date: Mon, 14 Nov 2022 20:49:18 +0800
Message-ID: <20221114125337.1831594-50-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9ed89f24-2fbf-4908-ea39-08dac63c4e9a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7098137
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit fba08fa005e44b18d6956de3abbe104f45e74697
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/fba08fa005e4
-------------------------------
Use d_inode().
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 4 ++--
fs/cifsd/smbacl.c | 6 +++---
fs/cifsd/vfs.c | 10 +++++-----
fs/cifsd/vfs_cache.h | 4 ++--
4 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index ba552b8f2127..7d6013ea23e7 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2890,9 +2890,9 @@ int smb2_open(struct ksmbd_work *work)
/* Set default windows and posix acls if creating new file */
if (created) {
int posix_acl_rc;
- struct inode *inode = path.dentry->d_inode;
+ struct inode *inode = d_inode(path.dentry);
- posix_acl_rc = ksmbd_vfs_inherit_posix_acl(inode, path.dentry->d_parent->d_inode);
+ posix_acl_rc = ksmbd_vfs_inherit_posix_acl(inode, d_inode(path.dentry->d_parent));
if (posix_acl_rc)
ksmbd_debug(SMB, "inherit posix acl failed : %d\n", posix_acl_rc);
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index a3675aa837b9..d65e853ab00f 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -950,7 +950,7 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
int inherited_flags = 0, flags = 0, i, ace_cnt = 0, nt_size = 0;
int rc = -ENOENT, num_aces, dacloffset, pntsd_type, acl_len;
char *aces_base;
- bool is_dir = S_ISDIR(dentry->d_inode->i_mode);
+ bool is_dir = S_ISDIR(d_inode(dentry)->i_mode);
acl_len = ksmbd_vfs_get_sd_xattr(conn, parent, &parent_pntsd);
if (acl_len <= 0)
@@ -1198,7 +1198,7 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
granted = GENERIC_ALL_FLAGS;
}
- posix_acls = ksmbd_vfs_get_acl(dentry->d_inode, ACL_TYPE_ACCESS);
+ posix_acls = ksmbd_vfs_get_acl(d_inode(dentry), ACL_TYPE_ACCESS);
if (posix_acls && !found) {
unsigned int id = -1;
@@ -1263,7 +1263,7 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
{
int rc;
struct smb_fattr fattr = {{0}};
- struct inode *inode = dentry->d_inode;
+ struct inode *inode = d_inode(dentry);
fattr.cf_uid = INVALID_UID;
fattr.cf_gid = INVALID_GID;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 7c8ab19ab014..29f31db4e07e 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -1461,11 +1461,11 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
struct ndr sd_ndr = {0}, acl_ndr = {0};
struct xattr_ntacl acl = {0};
struct xattr_smb_acl *smb_acl, *def_smb_acl = NULL;
- struct inode *inode = dentry->d_inode;
+ struct inode *inode = d_inode(dentry);
acl.version = 4;
acl.hash_type = XATTR_SD_HASH_TYPE_SHA256;
- acl.current_time = ksmbd_UnixTimeToNT(current_time(dentry->d_inode));
+ acl.current_time = ksmbd_UnixTimeToNT(current_time(inode));
memcpy(acl.desc, "posix_acl", 9);
acl.desc_len = 10;
@@ -1486,9 +1486,9 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
return rc;
}
- smb_acl = ksmbd_vfs_make_xattr_posix_acl(dentry->d_inode, ACL_TYPE_ACCESS);
+ smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode, ACL_TYPE_ACCESS);
if (S_ISDIR(inode->i_mode))
- def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(dentry->d_inode,
+ def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
ACL_TYPE_DEFAULT);
rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
@@ -1531,7 +1531,7 @@ int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
rc = ksmbd_vfs_getxattr(dentry, XATTR_NAME_SD, &n.data);
if (rc > 0) {
- struct inode *inode = dentry->d_inode;
+ struct inode *inode = d_inode(dentry);
struct ndr acl_ndr = {0};
struct xattr_ntacl acl;
struct xattr_smb_acl *smb_acl = NULL, *def_smb_acl = NULL;
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index 8226fdf882e4..ce2047dda36a 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -26,8 +26,8 @@
#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
#define FP_FILENAME(fp) fp->filp->f_path.dentry->d_name.name
-#define FP_INODE(fp) fp->filp->f_path.dentry->d_inode
-#define PARENT_INODE(fp) fp->filp->f_path.dentry->d_parent->d_inode
+#define FP_INODE(fp) d_inode(fp->filp->f_path.dentry)
+#define PARENT_INODE(fp) d_inode(fp->filp->f_path.dentry->d_parent)
#define ATTR_FP(fp) (fp->attrib_only && \
(fp->cdoption != FILE_OVERWRITE_IF_LE && \
From patchwork Mon Nov 14 12:49:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183147
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:35 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:35 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:34 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 050/308] cifsd: remove the dead code of
unimplemented durable handle
Date: Mon, 14 Nov 2022 20:49:19 +0800
Message-ID: <20221114125337.1831594-51-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
1508bf2e-b339-4aa1-86f3-08dac63c4ee4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6999668
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 73f9dad511e8c5d53a6565192eb0b3a213863563
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/73f9dad511e8
-------------------------------
Remove the dead code of unimplemented durable handle.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/ksmbd_server.h | 1 -
fs/cifsd/oplock.c | 2 -
fs/cifsd/smb2pdu.c | 246 +---------------------------------------
fs/cifsd/smb_common.c | 5 -
fs/cifsd/vfs_cache.c | 100 +---------------
fs/cifsd/vfs_cache.h | 6 -
6 files changed, 2 insertions(+), 358 deletions(-)
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
index e46be4084087..442077a1e77b 100644
--- a/fs/cifsd/ksmbd_server.h
+++ b/fs/cifsd/ksmbd_server.h
@@ -33,7 +33,6 @@ struct ksmbd_heartbeat {
#define KSMBD_GLOBAL_FLAG_CACHE_TBUF BIT(1)
#define KSMBD_GLOBAL_FLAG_CACHE_RBUF BIT(2)
#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(3)
-#define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE BIT(4)
struct ksmbd_startup_request {
__u32 flags;
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index 4ff23aee69fa..e77f1385a8c1 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -1482,8 +1482,6 @@ void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp)
buf->Name[3] = 'Q';
buf->Timeout = cpu_to_le32(fp->durable_timeout);
- if (fp->is_persistent)
- buf->Flags = SMB2_FLAGS_REPLAY_OPERATIONS;
}
/**
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 7d6013ea23e7..343e96ccdd4c 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1946,173 +1946,6 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work)
return err;
}
-#define DURABLE_RECONN_V2 1
-#define DURABLE_RECONN 2
-#define DURABLE_REQ_V2 3
-#define DURABLE_REQ 4
-#define APP_INSTANCE_ID 5
-
-struct durable_info {
- struct ksmbd_file *fp;
- int type;
- int reconnected;
- int persistent;
- int timeout;
- char *CreateGuid;
- char *app_id;
-};
-
-static int parse_durable_handle_context(struct ksmbd_work *work,
- struct smb2_create_req *req, struct lease_ctx_info *lc,
- struct durable_info *d_info)
-{
- struct ksmbd_conn *conn = work->conn;
- struct create_context *context;
- int i, err = 0;
- u64 persistent_id = 0;
- int req_op_level;
- static const char * const durable_arr[] = {"DH2C", "DHnC", "DH2Q",
- "DHnQ", SMB2_CREATE_APP_INSTANCE_ID};
-
- req_op_level = req->RequestedOplockLevel;
- for (i = 1; i <= 5; i++) {
- context = smb2_find_context_vals(req, durable_arr[i - 1]);
- if (IS_ERR(context)) {
- err = PTR_ERR(context);
- if (err == -EINVAL) {
- ksmbd_err("bad name length\n");
- goto out;
- }
- err = 0;
- continue;
- }
-
- switch (i) {
- case DURABLE_RECONN_V2:
- {
- struct create_durable_reconn_v2_req *recon_v2;
-
- recon_v2 =
- (struct create_durable_reconn_v2_req *)context;
- persistent_id = le64_to_cpu(recon_v2->Fid.PersistentFileId);
- d_info->fp = ksmbd_lookup_durable_fd(persistent_id);
- if (!d_info->fp) {
- ksmbd_err("Failed to get Durable handle state\n");
- err = -EBADF;
- goto out;
- }
-
- if (memcmp(d_info->fp->create_guid, recon_v2->CreateGuid,
- SMB2_CREATE_GUID_SIZE)) {
- err = -EBADF;
- goto out;
- }
- d_info->type = i;
- d_info->reconnected = 1;
- ksmbd_debug(SMB,
- "reconnect v2 Persistent-id from reconnect = %llu\n",
- persistent_id);
- break;
- }
- case DURABLE_RECONN:
- {
- struct create_durable_reconn_req *recon;
-
- if (d_info->type == DURABLE_RECONN_V2 ||
- d_info->type == DURABLE_REQ_V2) {
- err = -EINVAL;
- goto out;
- }
-
- recon =
- (struct create_durable_reconn_req *)context;
- persistent_id = le64_to_cpu(recon->Data.Fid.PersistentFileId);
- d_info->fp = ksmbd_lookup_durable_fd(persistent_id);
- if (!d_info->fp) {
- ksmbd_err("Failed to get Durable handle state\n");
- err = -EBADF;
- goto out;
- }
- d_info->type = i;
- d_info->reconnected = 1;
- ksmbd_debug(SMB,
- "reconnect Persistent-id from reconnect = %llu\n",
- persistent_id);
- break;
- }
- case DURABLE_REQ_V2:
- {
- struct create_durable_req_v2 *durable_v2_blob;
-
- if (d_info->type == DURABLE_RECONN ||
- d_info->type == DURABLE_RECONN_V2) {
- err = -EINVAL;
- goto out;
- }
-
- durable_v2_blob =
- (struct create_durable_req_v2 *)context;
- ksmbd_debug(SMB, "Request for durable v2 open\n");
- d_info->fp = ksmbd_lookup_fd_cguid(durable_v2_blob->CreateGuid);
- if (d_info->fp) {
- if (!memcmp(conn->ClientGUID, d_info->fp->client_guid,
- SMB2_CLIENT_GUID_SIZE)) {
- if (!(req->hdr.Flags & SMB2_FLAGS_REPLAY_OPERATIONS)) {
- err = -ENOEXEC;
- goto out;
- }
-
- d_info->fp->conn = conn;
- d_info->reconnected = 1;
- goto out;
- }
- }
- if (((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) ||
- req_op_level == SMB2_OPLOCK_LEVEL_BATCH)) {
- d_info->CreateGuid =
- durable_v2_blob->CreateGuid;
- d_info->persistent =
- le32_to_cpu(durable_v2_blob->Flags);
- d_info->timeout =
- le32_to_cpu(durable_v2_blob->Timeout);
- d_info->type = i;
- }
- break;
- }
- case DURABLE_REQ:
- if (d_info->type == DURABLE_RECONN)
- goto out;
- if (d_info->type == DURABLE_RECONN_V2 ||
- d_info->type == DURABLE_REQ_V2) {
- err = -EINVAL;
- goto out;
- }
-
- if (((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) ||
- req_op_level == SMB2_OPLOCK_LEVEL_BATCH)) {
- ksmbd_debug(SMB, "Request for durable open\n");
- d_info->type = i;
- }
- break;
- case APP_INSTANCE_ID:
- {
- struct create_app_inst_id *inst_id;
-
- inst_id = (struct create_app_inst_id *)context;
- ksmbd_close_fd_app_id(work, inst_id->AppInstanceId);
- d_info->app_id = inst_id->AppInstanceId;
- break;
- }
- default:
- break;
- }
- }
-
-out:
-
- return err;
-}
-
/**
* smb2_set_ea() - handler for setting extended attributes using set
* info command
@@ -2431,7 +2264,6 @@ int smb2_open(struct ksmbd_work *work)
char *name = NULL;
char *stream_name = NULL;
bool file_present = false, created = false, already_permitted = false;
- struct durable_info d_info;
int share_ret, need_truncate = 0;
u64 time;
umode_t posix_mode = 0;
@@ -2509,36 +2341,8 @@ int smb2_open(struct ksmbd_work *work)
}
req_op_level = req->RequestedOplockLevel;
- memset(&d_info, 0, sizeof(struct durable_info));
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_DURABLE_HANDLE &&
- req->CreateContextsOffset) {
+ if (req_op_level == SMB2_OPLOCK_LEVEL_LEASE)
lc = parse_lease_state(req);
- rc = parse_durable_handle_context(work, req, lc, &d_info);
- if (rc) {
- ksmbd_err("error parsing durable handle context\n");
- goto err_out1;
- }
-
- if (d_info.reconnected) {
- fp = d_info.fp;
- rc = smb2_check_durable_oplock(d_info.fp, lc, name);
- if (rc)
- goto err_out1;
- rc = ksmbd_reopen_durable_fd(work, d_info.fp);
- if (rc)
- goto err_out1;
- if (ksmbd_override_fsids(work)) {
- rc = -ENOMEM;
- goto err_out1;
- }
- file_info = FILE_OPENED;
- fp = d_info.fp;
- goto reconnected;
- }
- } else {
- if (req_op_level == SMB2_OPLOCK_LEVEL_LEASE)
- lc = parse_lease_state(req);
- }
if (le32_to_cpu(req->ImpersonationLevel) > le32_to_cpu(IL_DELEGATE_LE)) {
ksmbd_err("Invalid impersonationlevel : 0x%x\n",
@@ -3083,25 +2887,6 @@ int smb2_open(struct ksmbd_work *work)
memcpy(fp->client_guid, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE);
- if (d_info.type) {
- if (d_info.type == DURABLE_REQ_V2 && d_info.persistent)
- fp->is_persistent = 1;
- else
- fp->is_durable = 1;
-
- if (d_info.type == DURABLE_REQ_V2) {
- memcpy(fp->create_guid, d_info.CreateGuid,
- SMB2_CREATE_GUID_SIZE);
- if (d_info.timeout)
- fp->durable_timeout = d_info.timeout;
- else
- fp->durable_timeout = 1600;
- if (d_info.app_id)
- memcpy(fp->app_instance_id, d_info.app_id, 16);
- }
- }
-
-reconnected:
generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
rsp->StructureSize = cpu_to_le16(89);
@@ -3150,35 +2935,6 @@ int smb2_open(struct ksmbd_work *work)
next_off = conn->vals->create_lease_size;
}
- if (d_info.type == DURABLE_REQ || d_info.type == DURABLE_REQ_V2) {
- struct create_context *durable_ccontext;
-
- durable_ccontext = (struct create_context *)(rsp->Buffer +
- le32_to_cpu(rsp->CreateContextsLength));
- contxt_cnt++;
- if (d_info.type == DURABLE_REQ) {
- create_durable_rsp_buf(rsp->Buffer +
- le32_to_cpu(rsp->CreateContextsLength));
- le32_add_cpu(&rsp->CreateContextsLength,
- conn->vals->create_durable_size);
- inc_rfc1001_len(rsp_org,
- conn->vals->create_durable_size);
- } else {
- create_durable_v2_rsp_buf(rsp->Buffer +
- le32_to_cpu(rsp->CreateContextsLength),
- fp);
- le32_add_cpu(&rsp->CreateContextsLength,
- conn->vals->create_durable_v2_size);
- inc_rfc1001_len(rsp_org,
- conn->vals->create_durable_v2_size);
- }
-
- if (next_ptr)
- *next_ptr = cpu_to_le32(next_off);
- next_ptr = &durable_ccontext->Next;
- next_off = conn->vals->create_durable_size;
- }
-
if (maximal_access_ctxt) {
struct create_context *mxac_ccontext;
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index b0510213eb6d..985171cbf192 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -497,11 +497,6 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
if (strcmp(prev_fp->stream.name, curr_fp->stream.name))
continue;
- if (prev_fp->is_durable) {
- prev_fp->is_durable = 0;
- continue;
- }
-
if (prev_fp->attrib_only != curr_fp->attrib_only)
continue;
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 3ab06e0b723c..3286e74e2a56 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -449,30 +449,6 @@ struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id)
return __ksmbd_lookup_fd(&global_ft, id);
}
-int ksmbd_close_fd_app_id(struct ksmbd_work *work, char *app_id)
-{
- struct ksmbd_file *fp = NULL;
- unsigned int id;
-
- read_lock(&global_ft.lock);
- idr_for_each_entry(global_ft.idr, fp, id) {
- if (!memcmp(fp->app_instance_id,
- app_id,
- SMB2_CREATE_GUID_SIZE)) {
- if (!atomic_dec_and_test(&fp->refcount))
- fp = NULL;
- break;
- }
- }
- read_unlock(&global_ft.lock);
-
- if (!fp)
- return -EINVAL;
-
- __put_fd_final(work, fp);
- return 0;
-}
-
struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid)
{
struct ksmbd_file *fp = NULL;
@@ -492,23 +468,6 @@ struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid)
return fp;
}
-struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work, char *filename)
-{
- struct ksmbd_file *fp = NULL;
- unsigned int id;
-
- read_lock(&work->sess->file_table.lock);
- idr_for_each_entry(work->sess->file_table.idr, fp, id) {
- if (!strcmp(fp->filename, filename)) {
- fp = ksmbd_fp_get(fp);
- break;
- }
- }
- read_unlock(&work->sess->file_table.lock);
-
- return fp;
-}
-
struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode)
{
struct ksmbd_file *lfp;
@@ -617,32 +576,6 @@ struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
return fp;
}
-static inline bool is_reconnectable(struct ksmbd_file *fp)
-{
- struct oplock_info *opinfo = opinfo_get(fp);
- bool reconn = false;
-
- if (!opinfo)
- return false;
-
- if (opinfo->op_state != OPLOCK_STATE_NONE) {
- opinfo_put(opinfo);
- return false;
- }
-
- if (fp->is_resilient || fp->is_persistent)
- reconn = true;
- else if (fp->is_durable && opinfo->is_lease &&
- opinfo->o_lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
- reconn = true;
-
- else if (fp->is_durable && opinfo->level == SMB2_OPLOCK_LEVEL_BATCH)
- reconn = true;
-
- opinfo_put(opinfo);
- return reconn;
-}
-
static int
__close_file_table_ids(struct ksmbd_file_table *ft, struct ksmbd_tree_connect *tcon,
bool (*skip)(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp))
@@ -672,13 +605,7 @@ static bool tree_conn_fd_check(struct ksmbd_tree_connect *tcon, struct ksmbd_fil
static bool session_fd_check(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp)
{
- if (!is_reconnectable(fp))
- return false;
-
- fp->conn = NULL;
- fp->tcon = NULL;
- fp->volatile_id = KSMBD_NO_FID;
- return true;
+ return false;
}
void ksmbd_close_tree_conn_fds(struct ksmbd_work *work)
@@ -717,31 +644,6 @@ void ksmbd_free_global_file_table(void)
ksmbd_destroy_file_table(&global_ft);
}
-int ksmbd_reopen_durable_fd(struct ksmbd_work *work, struct ksmbd_file *fp)
-{
- if (!fp->is_durable || fp->conn || fp->tcon) {
- ksmbd_err("Invalid durable fd [%p:%p]\n",
- fp->conn, fp->tcon);
- return -EBADF;
- }
-
- if (HAS_FILE_ID(fp->volatile_id)) {
- ksmbd_err("Still in use durable fd: %u\n", fp->volatile_id);
- return -EBADF;
- }
-
- fp->conn = work->sess->conn;
- fp->tcon = work->tcon;
-
- __open_id(&work->sess->file_table, fp, OPEN_ID_TYPE_VOLATILE_ID);
- if (!HAS_FILE_ID(fp->volatile_id)) {
- fp->conn = NULL;
- fp->tcon = NULL;
- return -EBADF;
- }
- return 0;
-}
-
int ksmbd_file_table_flush(struct ksmbd_work *work)
{
struct ksmbd_file *fp = NULL;
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index ce2047dda36a..5638641dd0cf 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -90,9 +90,6 @@ struct ksmbd_file {
__u64 create_time;
__u64 itime;
- bool is_durable;
- bool is_resilient;
- bool is_persistent;
bool is_nt_open;
bool attrib_only;
@@ -154,17 +151,14 @@ struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, unsigned int
struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, unsigned int id,
unsigned int pid);
void ksmbd_fd_put(struct ksmbd_work *work, struct ksmbd_file *fp);
-int ksmbd_close_fd_app_id(struct ksmbd_work *work, char *app_id);
struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id);
struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid);
-struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work, char *filename);
struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode);
unsigned int ksmbd_open_durable_fd(struct ksmbd_file *fp);
struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp);
void ksmbd_close_tree_conn_fds(struct ksmbd_work *work);
void ksmbd_close_session_fds(struct ksmbd_work *work);
int ksmbd_close_inode_fds(struct ksmbd_work *work, struct inode *inode);
-int ksmbd_reopen_durable_fd(struct ksmbd_work *work, struct ksmbd_file *fp);
int ksmbd_init_global_file_table(void);
void ksmbd_free_global_file_table(void);
int ksmbd_file_table_flush(struct ksmbd_work *work);
From patchwork Mon Nov 14 12:49:20 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183148
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:35 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:35 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:35 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 051/308] cifsd: Update access check in
set_file_allocation_info/set_end_of_file_info
Date: Mon, 14 Nov 2022 20:49:20 +0800
Message-ID: <20221114125337.1831594-52-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
5bef3da9-5ad1-4fe1-f33c-08dac63c4f2c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6891068
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit a299669b2c3d26cdb787ba4a87603f6de4fd7714
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a299669b2c3d
-------------------------------
[MS-SMB2] 3.3.5.21.1
If the object store supports security and FileInfoClass is
FileAllocationInformation, FileEndOfFileInformation, or
FileValidDataLengthInformation, and Open.GrantedAccess does not
include FILE_WRITE_DATA, the server MUST fail the request with
STATUS_ACCESS_DENIED.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 343e96ccdd4c..73c6154170cf 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -5352,7 +5352,7 @@ static int set_file_allocation_info(struct ksmbd_work *work,
struct inode *inode;
int rc;
- if (!is_attributes_write_allowed(fp))
+ if (!(fp->daccess & FILE_WRITE_DATA_LE))
return -EACCES;
file_alloc_info = (struct smb2_file_alloc_info *)buf;
@@ -5396,7 +5396,7 @@ static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
struct inode *inode;
int rc;
- if (!is_attributes_write_allowed(fp))
+ if (!(fp->daccess & FILE_WRITE_DATA_LE))
return -EACCES;
file_eof_info = (struct smb2_file_eof_info *)buf;
From patchwork Mon Nov 14 12:49:21 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183149
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:36 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:36 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:35 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 052/308] cifsd: Remove
is_attributes_write_allowed() wrapper
Date: Mon, 14 Nov 2022 20:49:21 +0800
Message-ID: <20221114125337.1831594-53-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
52689609-f20e-4942-849c-08dac63c4f75
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6991101
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit 7adfd4f6f78eb1c2561bcfdc20f7cc39f2d89437
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7adfd4f6f78e
-------------------------------
Inline it in the only place it is used and remove it.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 73c6154170cf..eeb3f09e8765 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -5237,11 +5237,6 @@ static int smb2_create_link(struct ksmbd_work *work,
return rc;
}
-static bool is_attributes_write_allowed(struct ksmbd_file *fp)
-{
- return fp->daccess & FILE_WRITE_ATTRIBUTES_LE;
-}
-
static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
struct ksmbd_share_config *share)
{
@@ -5252,7 +5247,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
struct inode *inode;
int rc;
- if (!is_attributes_write_allowed(fp))
+ if (!(fp->daccess & FILE_WRITE_ATTRIBUTES_LE))
return -EACCES;
file_info = (struct smb2_file_all_info *)buf;
From patchwork Mon Nov 14 12:49:22 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183150
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:36 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:36 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:36 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 053/308] cifsd: Fix regression in smb2_get_info
Date: Mon, 14 Nov 2022 20:49:22 +0800
Message-ID: <20221114125337.1831594-54-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2e550a78-de3b-4ff8-174f-08dac63c4fbe
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6872460
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Sebastian Gottschall <s.gottschall(a)dd-wrt.com>
mainline inclusion
from mainline-5.15-rc1
commit ced2b26a76cd1db0b6ccb39e0bc873177c9bda21
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ced2b26a76cd
-------------------------------
a Windows 10 client isn't able to store files from ksmbd servers due
unknown local permission problems (code 0x8007003A) if smb3 encryption
is enabled. Windows 10 is requesting for ATTRIBUTE_SECINFO (mask 0x20)
which is not yet handled by ksmbd, this leads to a invalid response.
For now we just reintroduce the old check to avoid processing of unhandled
flags until ATTRIBUTE_SECINFO is properly handled.
Signed-off-by: Sebastian Gottschall <s.gottschall(a)dd-wrt.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index eeb3f09e8765..3b8da5dfd4a1 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -4791,6 +4791,24 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
int addition_info = le32_to_cpu(req->AdditionalInformation);
int rc;
+ if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO)) {
+ ksmbd_debug(SMB, "Unsupported addition info: 0x%x)\n",
+ addition_info);
+
+ pntsd->revision = cpu_to_le16(1);
+ pntsd->type = cpu_to_le16(SELF_RELATIVE | DACL_PROTECTED);
+ pntsd->osidoffset = 0;
+ pntsd->gsidoffset = 0;
+ pntsd->sacloffset = 0;
+ pntsd->dacloffset = 0;
+
+ secdesclen = sizeof(struct smb_ntsd);
+ rsp->OutputBufferLength = cpu_to_le32(secdesclen);
+ inc_rfc1001_len(rsp_org, secdesclen);
+
+ return 0;
+ }
+
if (work->next_smb2_rcv_hdr_off) {
if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
ksmbd_debug(SMB, "Compound request set FID = %u\n",
From patchwork Mon Nov 14 12:49:23 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183151
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:37 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:37 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:36 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 054/308] cifsd: Call smb2_set_err_rsp() in
smb2_read/smb2_write error path
Date: Mon, 14 Nov 2022 20:49:23 +0800
Message-ID: <20221114125337.1831594-55-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
5f28818a-ddd6-4aae-f449-08dac63c5006
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6973526
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit a4382db9bac314440f662be91ec8010465e67603
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a4382db9bac3
-------------------------------
Call smb2_set_err_rsp() in smb2_read/smb2_write error path.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 3b8da5dfd4a1..e5aff1ca11e1 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -5820,8 +5820,8 @@ int smb2_read(struct ksmbd_work *work)
le64_to_cpu(req->VolatileFileId),
le64_to_cpu(req->PersistentFileId));
if (!fp) {
- rsp->hdr.Status = STATUS_FILE_CLOSED;
- return -ENOENT;
+ err = -ENOENT;
+ goto out;
}
if (!(fp->daccess & (FILE_READ_DATA_LE | FILE_READ_ATTRIBUTES_LE))) {
@@ -6057,7 +6057,7 @@ int smb2_write(struct ksmbd_work *work)
{
struct smb2_write_req *req;
struct smb2_write_rsp *rsp, *rsp_org;
- struct ksmbd_file *fp = NULL;
+ struct ksmbd_file *fp;
loff_t offset;
size_t length;
ssize_t nbytes;
@@ -6082,8 +6082,8 @@ int smb2_write(struct ksmbd_work *work)
fp = ksmbd_lookup_fd_slow(work, le64_to_cpu(req->VolatileFileId),
le64_to_cpu(req->PersistentFileId));
if (!fp) {
- rsp->hdr.Status = STATUS_FILE_CLOSED;
- return -ENOENT;
+ err = -ENOENT;
+ goto out;
}
if (!(fp->daccess & (FILE_WRITE_DATA_LE | FILE_READ_ATTRIBUTES_LE))) {
From patchwork Mon Nov 14 12:49:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183152
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:37 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:37 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:37 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 055/308] cifsd: Handle ksmbd_session_rpc_open()
failure in create_smb2_pipe()
Date: Mon, 14 Nov 2022 20:49:24 +0800
Message-ID: <20221114125337.1831594-56-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
8f7591f7-16ad-4875-5fff-08dac63c504f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6984349
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit 79caa9606df1504b3b5104457cbb5d759f0e5fae
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/79caa9606df1
-------------------------------
Currently, a SMB2 client does not receive an error message if
ksmbd_session_rpc_open() fails when opening a pipe.
Fix this by responding with STATUS_NO_MEMORY or STATUS_INVALID_PARAMETER
depending on the error that occurred.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index e5aff1ca11e1..fec385318ff3 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1917,9 +1917,13 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work)
}
id = ksmbd_session_rpc_open(work->sess, name);
- if (id < 0)
+ if (id < 0) {
ksmbd_err("Unable to open RPC pipe: %d\n", id);
+ err = id;
+ goto out;
+ }
+ rsp->hdr.Status = STATUS_SUCCESS;
rsp->StructureSize = cpu_to_le16(89);
rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE;
rsp->Reserved = 0;
@@ -1942,6 +1946,19 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work)
return 0;
out:
+ switch (err) {
+ case -EINVAL:
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ break;
+ case -ENOSPC:
+ case -ENOMEM:
+ rsp->hdr.Status = STATUS_NO_MEMORY;
+ break;
+ }
+
+ if (!IS_ERR(name))
+ kfree(name);
+
smb2_set_err_rsp(work);
return err;
}
From patchwork Mon Nov 14 12:49:25 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183153
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:38 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:38 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:37 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 056/308] cifsd: Update out_buf_len in
smb2_populate_readdir_entry()
Date: Mon, 14 Nov 2022 20:49:25 +0800
Message-ID: <20221114125337.1831594-57-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
da713069-2842-46b8-f1c3-08dac63c5097
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6914779
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit e7735c854880084a6d97e60465f19daa42842eff
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e7735c854880
-------------------------------
When processing a SMB2 QUERY_DIRECTORY request,
smb2_populate_readdir_entry() is called first to fill the dot/dotdot
entries. This moves the d_info->wptr pointer but out_buf_len remains
unchanged. As a result, reserve_populate_dentry() may end up writing
past the end of the buffer since the bounds checking is done on
invalid values.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index fec385318ff3..54df9a30bd23 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -3333,6 +3333,7 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
d_info->last_entry_offset = d_info->data_count;
d_info->data_count += next_entry_offset;
+ d_info->out_buf_len -= next_entry_offset;
d_info->wptr += next_entry_offset;
kfree(conv_name);
From patchwork Mon Nov 14 12:49:26 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183154
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:38 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:38 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:38 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 057/308] cifsd: Fix potential null-ptr-deref in
destroy_previous_session()
Date: Mon, 14 Nov 2022 20:49:26 +0800
Message-ID: <20221114125337.1831594-58-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cc2f5a90-8d61-4c5e-8e8b-08dac63c50e1
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7068411
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit 1fca8038e9f10bc14eb3484d212b3f03b49ac3f5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1fca8038e9f1
-------------------------------
The user field in the session structure is allocated when the client is
authenticated. If the client explicitly logs off, the user field is freed,
but the session is kept around in case the user reconnects. If the TCP
connection hasn't been closed and the client sends a session setup with
a PreviousSessionId set, destroy_previous_session() will be called to
check if the session needs to be cleaned up.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 54df9a30bd23..ebae992f88a0 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -619,7 +619,8 @@ static void destroy_previous_session(struct ksmbd_user *user, u64 id)
prev_user = prev_sess->user;
- if (strcmp(user->name, prev_user->name) ||
+ if (!prev_user ||
+ strcmp(user->name, prev_user->name) ||
user->passkey_sz != prev_user->passkey_sz ||
memcmp(user->passkey, prev_user->passkey, user->passkey_sz)) {
put_session(prev_sess);
From patchwork Mon Nov 14 12:49:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183155
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:39 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:39 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:38 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 058/308] cifsd: add support for AES256 encryption
Date: Mon, 14 Nov 2022 20:49:27 +0800
Message-ID: <20221114125337.1831594-59-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
16761a57-423a-41c0-92e5-08dac63c512a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6717882
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 5a0ca7700591a5275875920cf0c3113435e4b6f7
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5a0ca7700591
-------------------------------
Now that 256 bit encryption can be negotiated, update
names of the nonces to match the updated official protocol
documentation (e.g. AES_GCM_NONCE instead of AES_128GCM_NONCE)
since they apply to both 128 bit and 256 bit encryption.
update smb encryption code to set 32 byte key length and to
set gcm256/ccm256 when requested on mount.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 53 +++++++++++++++++++++++++-----------
fs/cifsd/crypto_ctx.c | 8 +++---
fs/cifsd/crypto_ctx.h | 8 +++---
fs/cifsd/mgmt/user_session.h | 4 +--
fs/cifsd/smb2pdu.c | 11 +++++---
fs/cifsd/smb2pdu.h | 18 +++++++++---
6 files changed, 68 insertions(+), 34 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 437e58a0826d..6b90aac86fcc 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -835,7 +835,8 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
{
unsigned char zero = 0x0;
__u8 i[4] = {0, 0, 0, 1};
- __u8 L[4] = {0, 0, 0, 128};
+ __u8 L128[4] = {0, 0, 0, 128};
+ __u8 L256[4] = {0, 0, 1, 0};
int rc = -EINVAL;
unsigned char prfhash[SMB2_HMACSHA256_SIZE];
unsigned char *hashptr = prfhash;
@@ -890,7 +891,11 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
goto smb3signkey_ret;
}
- rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L, 4);
+ if (sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
+ sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L256, 4);
+ else
+ rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L128, 4);
if (rc) {
ksmbd_debug(AUTH, "could not update with L\n");
goto smb3signkey_ret;
@@ -981,24 +986,33 @@ static int generate_smb3encryptionkey(struct ksmbd_session *sess,
rc = generate_key(sess, ptwin->encryption.label,
ptwin->encryption.context, sess->smb3encryptionkey,
- SMB3_SIGN_KEY_SIZE);
+ SMB3_ENC_DEC_KEY_SIZE);
if (rc)
return rc;
rc = generate_key(sess, ptwin->decryption.label,
ptwin->decryption.context,
- sess->smb3decryptionkey, SMB3_SIGN_KEY_SIZE);
+ sess->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE);
if (rc)
return rc;
ksmbd_debug(AUTH, "dumping generated AES encryption keys\n");
+ ksmbd_debug(AUTH, "Cipher type %d\n", sess->conn->cipher_type);
ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
ksmbd_debug(AUTH, "Session Key %*ph\n",
SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
- ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
- SMB3_SIGN_KEY_SIZE, sess->smb3encryptionkey);
- ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
- SMB3_SIGN_KEY_SIZE, sess->smb3decryptionkey);
+ if (sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
+ sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) {
+ ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
+ SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3encryptionkey);
+ ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
+ SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3decryptionkey);
+ } else {
+ ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
+ SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3encryptionkey);
+ ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
+ SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3decryptionkey);
+ }
return rc;
}
@@ -1136,7 +1150,7 @@ static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,
ses_enc_key = enc ? sess->smb3encryptionkey :
sess->smb3decryptionkey;
- memcpy(key, ses_enc_key, SMB3_SIGN_KEY_SIZE);
+ memcpy(key, ses_enc_key, SMB3_ENC_DEC_KEY_SIZE);
return 0;
}
@@ -1224,7 +1238,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
int rc = 0;
struct scatterlist *sg;
u8 sign[SMB2_SIGNATURE_SIZE] = {};
- u8 key[SMB3_SIGN_KEY_SIZE];
+ u8 key[SMB3_ENC_DEC_KEY_SIZE];
struct aead_request *req;
char *iv;
unsigned int iv_len;
@@ -1241,7 +1255,8 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
return 0;
}
- if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
+ conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
ctx = ksmbd_crypto_ctx_find_gcm();
else
ctx = ksmbd_crypto_ctx_find_ccm();
@@ -1250,12 +1265,17 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
return -EINVAL;
}
- if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
+ conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
tfm = CRYPTO_GCM(ctx);
else
tfm = CRYPTO_CCM(ctx);
- rc = crypto_aead_setkey(tfm, key, SMB3_SIGN_KEY_SIZE);
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
+ conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
+ rc = crypto_aead_setkey(tfm, key, SMB3_GCM256_CRYPTKEY_SIZE);
+ else
+ rc = crypto_aead_setkey(tfm, key, SMB3_GCM128_CRYPTKEY_SIZE);
if (rc) {
ksmbd_err("Failed to set aead key %d\n", rc);
goto free_ctx;
@@ -1294,11 +1314,12 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
goto free_sg;
}
- if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM) {
- memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
+ conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) {
+ memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES_GCM_NONCE);
} else {
iv[0] = 3;
- memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES_CCM_NONCE);
}
aead_request_set_crypt(req, sg, sg, crypt_len, iv);
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index 8322b0f7a7fc..1830ae1b5ed3 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -42,10 +42,10 @@ static struct crypto_aead *alloc_aead(int id)
struct crypto_aead *tfm = NULL;
switch (id) {
- case CRYPTO_AEAD_AES128_GCM:
+ case CRYPTO_AEAD_AES_GCM:
tfm = crypto_alloc_aead("gcm(aes)", 0, 0);
break;
- case CRYPTO_AEAD_AES128_CCM:
+ case CRYPTO_AEAD_AES_CCM:
tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
break;
default:
@@ -248,12 +248,12 @@ static struct ksmbd_crypto_ctx *____crypto_aead_ctx_find(int id)
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_gcm(void)
{
- return ____crypto_aead_ctx_find(CRYPTO_AEAD_AES128_GCM);
+ return ____crypto_aead_ctx_find(CRYPTO_AEAD_AES_GCM);
}
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_ccm(void)
{
- return ____crypto_aead_ctx_find(CRYPTO_AEAD_AES128_CCM);
+ return ____crypto_aead_ctx_find(CRYPTO_AEAD_AES_CCM);
}
void ksmbd_crypto_destroy(void)
diff --git a/fs/cifsd/crypto_ctx.h b/fs/cifsd/crypto_ctx.h
index 64a11dfd6c83..b0d3cd650485 100644
--- a/fs/cifsd/crypto_ctx.h
+++ b/fs/cifsd/crypto_ctx.h
@@ -21,8 +21,8 @@ enum {
};
enum {
- CRYPTO_AEAD_AES128_GCM = 16,
- CRYPTO_AEAD_AES128_CCM,
+ CRYPTO_AEAD_AES_GCM = 16,
+ CRYPTO_AEAD_AES_CCM,
CRYPTO_AEAD_MAX,
};
@@ -55,8 +55,8 @@ struct ksmbd_crypto_ctx {
#define CRYPTO_MD4_TFM(c) ((c)->desc[CRYPTO_SHASH_MD4]->tfm)
#define CRYPTO_MD5_TFM(c) ((c)->desc[CRYPTO_SHASH_MD5]->tfm)
-#define CRYPTO_GCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES128_GCM])
-#define CRYPTO_CCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES128_CCM])
+#define CRYPTO_GCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES_GCM])
+#define CRYPTO_CCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES_CCM])
void ksmbd_release_crypto_ctx(struct ksmbd_crypto_ctx *ctx);
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
index 72b40348bdc4..1709563d718b 100644
--- a/fs/cifsd/mgmt/user_session.h
+++ b/fs/cifsd/mgmt/user_session.h
@@ -56,8 +56,8 @@ struct ksmbd_session {
- __u8 smb3encryptionkey[SMB3_SIGN_KEY_SIZE];
- __u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE];
+ __u8 smb3encryptionkey[SMB3_ENC_DEC_KEY_SIZE];
+ __u8 smb3decryptionkey[SMB3_ENC_DEC_KEY_SIZE];
__u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
struct list_head sessions_entry;
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index ebae992f88a0..d07d7c45f899 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -904,7 +904,9 @@ static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
for (i = 0; i < cph_cnt; i++) {
if (pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_GCM ||
- pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_CCM) {
+ pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_CCM ||
+ pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES256_CCM ||
+ pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES256_GCM) {
ksmbd_debug(SMB, "Cipher ID = 0x%x\n",
pneg_ctxt->Ciphers[i]);
conn->cipher_type = pneg_ctxt->Ciphers[i];
@@ -7979,10 +7981,11 @@ static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, char *old_buf,
tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
tr_hdr->Flags = cpu_to_le16(0x01);
- if (cipher_type == SMB2_ENCRYPTION_AES128_GCM)
- get_random_bytes(&tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ if (cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
+ cipher_type == SMB2_ENCRYPTION_AES256_GCM)
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES_GCM_NONCE);
else
- get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES_CCM_NONCE);
memcpy(&tr_hdr->SessionId, &hdr->SessionId, 8);
inc_rfc1001_len(tr_hdr, sizeof(struct smb2_transform_hdr) - 4);
inc_rfc1001_len(tr_hdr, orig_len);
diff --git a/fs/cifsd/smb2pdu.h b/fs/cifsd/smb2pdu.h
index 156ff6a2968b..c5c32610aafe 100644
--- a/fs/cifsd/smb2pdu.h
+++ b/fs/cifsd/smb2pdu.h
@@ -77,6 +77,13 @@
#define SMB2_SIGNATURE_SIZE 16
#define SMB2_HMACSHA256_SIZE 32
#define SMB2_CMACAES_SIZE 16
+#define SMB3_GCM128_CRYPTKEY_SIZE 16
+#define SMB3_GCM256_CRYPTKEY_SIZE 32
+
+/*
+ * Size of the smb3 encryption/decryption keys
+ */
+#define SMB3_ENC_DEC_KEY_SIZE 32
/*
* Size of the smb3 signing key
@@ -151,8 +158,8 @@ struct smb2_pdu {
__le16 StructureSize2; /* size of wct area (varies, request specific) */
} __packed;
-#define SMB3_AES128CCM_NONCE 11
-#define SMB3_AES128GCM_NONCE 12
+#define SMB3_AES_CCM_NONCE 11
+#define SMB3_AES_GCM_NONCE 12
struct smb2_transform_hdr {
__be32 smb2_buf_length; /* big endian on wire */
@@ -283,13 +290,16 @@ struct smb2_preauth_neg_context {
/* Encryption Algorithms Ciphers */
#define SMB2_ENCRYPTION_AES128_CCM cpu_to_le16(0x0001)
#define SMB2_ENCRYPTION_AES128_GCM cpu_to_le16(0x0002)
+#define SMB2_ENCRYPTION_AES256_CCM cpu_to_le16(0x0003)
+#define SMB2_ENCRYPTION_AES256_GCM cpu_to_le16(0x0004)
struct smb2_encryption_neg_context {
__le16 ContextType; /* 2 */
__le16 DataLength;
__le32 Reserved;
- __le16 CipherCount; /* AES-128-GCM and AES-128-CCM */
- __le16 Ciphers[1]; /* Ciphers[0] since only one used now */
+ /* CipherCount usally 2, but can be 3 when AES256-GCM enabled */
+ __le16 CipherCount; /* AES-128-GCM and AES-128-CCM by default */
+ __le16 Ciphers[1];
} __packed;
#define SMB3_COMPRESS_NONE cpu_to_le16(0x0000)
From patchwork Mon Nov 14 12:49:28 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183156
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:39 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:39 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:39 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 059/308] cifsd: fix invalid memory access in
smb2_write()
Date: Mon, 14 Nov 2022 20:49:28 +0800
Message-ID: <20221114125337.1831594-60-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f8697506-7de9-4994-249b-08dac63c5173
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6920488
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit bcd62a368314deeea8bd0823399b649a236b7d5b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/bcd62a368314
-------------------------------
Add missing fp initialzation to prevent invalid memory access in
smb2_write().
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index d07d7c45f899..18de8a763209 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -6078,7 +6078,7 @@ int smb2_write(struct ksmbd_work *work)
{
struct smb2_write_req *req;
struct smb2_write_rsp *rsp, *rsp_org;
- struct ksmbd_file *fp;
+ struct ksmbd_file *fp = NULL;
loff_t offset;
size_t length;
ssize_t nbytes;
From patchwork Mon Nov 14 12:49:29 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183157
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:40 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:40 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:39 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 060/308] cifsd: decoding gss token using
lib/asn1_decoder.c
Date: Mon, 14 Nov 2022 20:49:29 +0800
Message-ID: <20221114125337.1831594-61-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
efd33fd1-b9aa-4163-cc89-08dac63c51bd
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7155463
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit fad4161b5cd01a24202234976ebbb133f7adc0b5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/fad4161b5cd0
-------------------------------
Decode gss token of SMB2_SESSSION_SETUP using
lib/asn1_decoder.c
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 614 +++++++-----------------------
fs/cifsd/smb2pdu.c | 4 +-
fs/cifsd/spnego_negtokeninit.asn1 | 43 +++
fs/cifsd/spnego_negtokentarg.asn1 | 19 +
4 files changed, 196 insertions(+), 484 deletions(-)
create mode 100644 fs/cifsd/spnego_negtokeninit.asn1
create mode 100644 fs/cifsd/spnego_negtokentarg.asn1
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index aa702b665849..aa6ea855c422 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -11,61 +11,15 @@
#include <linux/kernel.h>
#include <linux/mm.h>
#include <linux/slab.h>
+#include <linux/oid_registry.h>
#include "glob.h"
#include "asn1.h"
#include "connection.h"
#include "auth.h"
-
-/*****************************************************************************
- *
- * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
- *
- *****************************************************************************/
-
-/* Class */
-#define ASN1_UNI 0 /* Universal */
-#define ASN1_APL 1 /* Application */
-#define ASN1_CTX 2 /* Context */
-#define ASN1_PRV 3 /* Private */
-
-/* Tag */
-#define ASN1_EOC 0 /* End Of Contents or N/A */
-#define ASN1_BOL 1 /* Boolean */
-#define ASN1_INT 2 /* Integer */
-#define ASN1_BTS 3 /* Bit String */
-#define ASN1_OTS 4 /* Octet String */
-#define ASN1_NUL 5 /* Null */
-#define ASN1_OJI 6 /* Object Identifier */
-#define ASN1_OJD 7 /* Object Description */
-#define ASN1_EXT 8 /* External */
-#define ASN1_ENUM 10 /* Enumerated */
-#define ASN1_SEQ 16 /* Sequence */
-#define ASN1_SET 17 /* Set */
-#define ASN1_NUMSTR 18 /* Numerical String */
-#define ASN1_PRNSTR 19 /* Printable String */
-#define ASN1_TEXSTR 20 /* Teletext String */
-#define ASN1_VIDSTR 21 /* Video String */
-#define ASN1_IA5STR 22 /* IA5 String */
-#define ASN1_UNITIM 23 /* Universal Time */
-#define ASN1_GENTIM 24 /* General Time */
-#define ASN1_GRASTR 25 /* Graphical String */
-#define ASN1_VISSTR 26 /* Visible String */
-#define ASN1_GENSTR 27 /* General String */
-
-/* Primitive / Constructed methods*/
-#define ASN1_PRI 0 /* Primitive */
-#define ASN1_CON 1 /* Constructed */
-
-/*
- * Error codes.
- */
-#define ASN1_ERR_NOERROR 0
-#define ASN1_ERR_DEC_EMPTY 2
-#define ASN1_ERR_DEC_EOC_MISMATCH 3
-#define ASN1_ERR_DEC_LENGTH_MISMATCH 4
-#define ASN1_ERR_DEC_BADVALUE 5
+#include "spnego_negtokeninit.asn1.h"
+#include "spnego_negtokentarg.asn1.h"
#define SPNEGO_OID_LEN 7
#define NTLMSSP_OID_LEN 10
@@ -81,212 +35,49 @@ static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 };
static char NTLMSSP_OID_STR[NTLMSSP_OID_LEN] = { 0x2b, 0x06, 0x01, 0x04, 0x01,
0x82, 0x37, 0x02, 0x02, 0x0a };
-/*
- * ASN.1 context.
- */
-struct asn1_ctx {
- int error; /* Error condition */
- unsigned char *pointer; /* Octet just to be decoded */
- unsigned char *begin; /* First octet */
- unsigned char *end; /* Octet after last octet */
-};
-
-/*
- * Octet string (not null terminated)
- */
-struct asn1_octstr {
- unsigned char *data;
- unsigned int len;
-};
-
-static void
-asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len)
-{
- ctx->begin = buf;
- ctx->end = buf + len;
- ctx->pointer = buf;
- ctx->error = ASN1_ERR_NOERROR;
-}
-
-static unsigned char
-asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
-{
- if (ctx->pointer >= ctx->end) {
- ctx->error = ASN1_ERR_DEC_EMPTY;
- return 0;
- }
- *ch = *(ctx->pointer)++;
- return 1;
-}
-
-static unsigned char
-asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag)
-{
- unsigned char ch;
-
- *tag = 0;
-
- do {
- if (!asn1_octet_decode(ctx, &ch))
- return 0;
- *tag <<= 7;
- *tag |= ch & 0x7F;
- } while ((ch & 0x80) == 0x80);
- return 1;
-}
-
-static unsigned char
-asn1_id_decode(struct asn1_ctx *ctx,
- unsigned int *cls, unsigned int *con, unsigned int *tag)
-{
- unsigned char ch;
-
- if (!asn1_octet_decode(ctx, &ch))
- return 0;
-
- *cls = (ch & 0xC0) >> 6;
- *con = (ch & 0x20) >> 5;
- *tag = (ch & 0x1F);
-
- if (*tag == 0x1F) {
- if (!asn1_tag_decode(ctx, tag))
- return 0;
- }
- return 1;
-}
-
-static unsigned char
-asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len)
-{
- unsigned char ch, cnt;
-
- if (!asn1_octet_decode(ctx, &ch))
- return 0;
-
- if (ch == 0x80)
- *def = 0;
- else {
- *def = 1;
-
- if (ch < 0x80)
- *len = ch;
- else {
- cnt = (unsigned char) (ch & 0x7F);
- *len = 0;
-
- while (cnt > 0) {
- if (!asn1_octet_decode(ctx, &ch))
- return 0;
- *len <<= 8;
- *len |= ch;
- cnt--;
- }
- }
- }
-
- /* don't trust len bigger than ctx buffer */
- if (*len > ctx->end - ctx->pointer)
- return 0;
-
- return 1;
-}
-
-static unsigned char
-asn1_header_decode(struct asn1_ctx *ctx,
- unsigned char **eoc,
- unsigned int *cls, unsigned int *con, unsigned int *tag)
-{
- unsigned int def = 0;
- unsigned int len = 0;
-
- if (!asn1_id_decode(ctx, cls, con, tag))
- return 0;
-
- if (!asn1_length_decode(ctx, &def, &len))
- return 0;
-
- /* primitive shall be definite, indefinite shall be constructed */
- if (*con == ASN1_PRI && !def)
- return 0;
-
- if (def)
- *eoc = ctx->pointer + len;
- else
- *eoc = NULL;
- return 1;
-}
-
-static unsigned char
-asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc)
-{
- unsigned char ch;
-
- if (!eoc) {
- if (!asn1_octet_decode(ctx, &ch))
- return 0;
-
- if (ch != 0x00) {
- ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
- return 0;
- }
-
- if (!asn1_octet_decode(ctx, &ch))
- return 0;
-
- if (ch != 0x00) {
- ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
- return 0;
- }
- } else {
- if (ctx->pointer != eoc) {
- ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
- return 0;
- }
- }
- return 1;
-}
-
-static unsigned char
-asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
+static bool
+asn1_subid_decode(const unsigned char **begin, const unsigned char *end,
+ unsigned long *subid)
{
+ const unsigned char *ptr = *begin;
unsigned char ch;
*subid = 0;
do {
- if (!asn1_octet_decode(ctx, &ch))
- return 0;
+ if (ptr >= end)
+ return false;
+ ch = *ptr++;
*subid <<= 7;
*subid |= ch & 0x7F;
} while ((ch & 0x80) == 0x80);
- return 1;
+
+ *begin = ptr;
+ return true;
}
-static int
-asn1_oid_decode(struct asn1_ctx *ctx,
- unsigned char *eoc, unsigned long **oid, unsigned int *len)
+static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
+ unsigned long **oid, size_t *oidlen)
{
- unsigned long subid;
- unsigned int size;
+ const unsigned char *iptr = value, *end = value + vlen;
unsigned long *optr;
+ unsigned long subid;
- size = eoc - ctx->pointer + 1;
-
- /* first subid actually encodes first two subids */
- if (size < 2 || size > UINT_MAX/sizeof(unsigned long))
- return 0;
+ vlen += 1;
+ if (vlen < 2 || vlen > UINT_MAX/sizeof(unsigned long))
+ return false;
- *oid = kmalloc(size * sizeof(unsigned long), GFP_KERNEL);
+ *oid = kmalloc(vlen * sizeof(unsigned long), GFP_KERNEL);
if (!*oid)
- return 0;
+ return false;
optr = *oid;
- if (!asn1_subid_decode(ctx, &subid)) {
+ if (!asn1_subid_decode(&iptr, end, &subid)) {
kfree(*oid);
*oid = NULL;
- return 0;
+ return false;
}
if (subid < 40) {
@@ -300,285 +91,55 @@ asn1_oid_decode(struct asn1_ctx *ctx,
optr[1] = subid - 80;
}
- *len = 2;
+ *oidlen = 2;
optr += 2;
- while (ctx->pointer < eoc) {
- if (++(*len) > size) {
- ctx->error = ASN1_ERR_DEC_BADVALUE;
+ while (iptr < end) {
+ if (++(*oidlen) > vlen) {
kfree(*oid);
*oid = NULL;
- return 0;
+ return false;
}
- if (!asn1_subid_decode(ctx, optr++)) {
+ if (!asn1_subid_decode(&iptr, end, optr++)) {
kfree(*oid);
*oid = NULL;
- return 0;
+ return false;
}
}
- return 1;
+ return true;
}
-static int
-compare_oid(unsigned long *oid1, unsigned int oid1len,
- unsigned long *oid2, unsigned int oid2len)
+static bool
+oid_eq(unsigned long *oid1, unsigned int oid1len,
+ unsigned long *oid2, unsigned int oid2len)
{
unsigned int i;
if (oid1len != oid2len)
- return 0;
+ return false;
for (i = 0; i < oid1len; i++) {
if (oid1[i] != oid2[i])
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-/* BB check for endian conversion issues here */
-
int
ksmbd_decode_negTokenInit(unsigned char *security_blob, int length,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
- struct asn1_ctx ctx;
- unsigned char *end;
- unsigned char *sequence_end;
- unsigned long *oid = NULL;
- unsigned int cls, con, tag, oidlen, rc, mechTokenlen;
- unsigned int mech_type;
-
- ksmbd_debug(AUTH, "Received SecBlob: length %d\n", length);
-
- asn1_open(&ctx, security_blob, length);
-
- /* GSSAPI header */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit header\n");
- return 0;
- } else if ((cls != ASN1_APL) || (con != ASN1_CON)
- || (tag != ASN1_EOC)) {
- ksmbd_debug(AUTH, "cls = %d con = %d tag = %d\n", cls, con,
- tag);
- return 0;
- }
-
- /* Check for SPNEGO OID -- remember to free obj->oid */
- rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
- if (rc) {
- if ((tag == ASN1_OJI) && (con == ASN1_PRI) &&
- (cls == ASN1_UNI)) {
- rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
- if (rc) {
- rc = compare_oid(oid, oidlen, SPNEGO_OID,
- SPNEGO_OID_LEN);
- kfree(oid);
- }
- } else
- rc = 0;
- }
-
- /* SPNEGO OID not present or garbled -- bail out */
- if (!rc) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit header\n");
- return 0;
- }
-
- /* SPNEGO */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
- || (tag != ASN1_EOC)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- /* negTokenInit */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
- || (tag != ASN1_SEQ)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- /* sequence */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
- || (tag != ASN1_EOC)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- /* sequence of */
- if (asn1_header_decode
- (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
- || (tag != ASN1_SEQ)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- /* list of security mechanisms */
- while (!asn1_eoc_decode(&ctx, sequence_end)) {
- rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
- if (!rc) {
- ksmbd_debug(AUTH,
- "Error decoding negTokenInit hdr exit2\n");
- return 0;
- }
- if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
- if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) {
- if (compare_oid(oid, oidlen, MSKRB5_OID,
- MSKRB5_OID_LEN))
- mech_type = KSMBD_AUTH_MSKRB5;
- else if (compare_oid(oid, oidlen, KRB5U2U_OID,
- KRB5U2U_OID_LEN))
- mech_type = KSMBD_AUTH_KRB5U2U;
- else if (compare_oid(oid, oidlen, KRB5_OID,
- KRB5_OID_LEN))
- mech_type = KSMBD_AUTH_KRB5;
- else if (compare_oid(oid, oidlen, NTLMSSP_OID,
- NTLMSSP_OID_LEN))
- mech_type = KSMBD_AUTH_NTLMSSP;
- else {
- kfree(oid);
- continue;
- }
-
- conn->auth_mechs |= mech_type;
- if (conn->preferred_auth_mech == 0)
- conn->preferred_auth_mech = mech_type;
- kfree(oid);
- }
- } else {
- ksmbd_debug(AUTH,
- "Should be an oid what is going on?\n");
- }
- }
-
- /* sequence */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
- || (tag != ASN1_INT)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- /* sequence of */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding 2nd part of negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
- || (tag != ASN1_OTS)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- mechTokenlen = ctx.end - ctx.pointer;
- conn->mechToken = kmalloc(mechTokenlen + 1, GFP_KERNEL);
- if (!conn->mechToken) {
- ksmbd_err("memory allocation error\n");
- return 0;
- }
-
- memcpy(conn->mechToken, ctx.pointer, mechTokenlen);
- conn->mechToken[mechTokenlen] = '\0';
-
- return 1;
+ return asn1_ber_decoder(&spnego_negtokeninit_decoder, conn,
+ security_blob, length);
}
int
ksmbd_decode_negTokenTarg(unsigned char *security_blob, int length,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
- struct asn1_ctx ctx;
- unsigned char *end;
- unsigned int cls, con, tag, mechTokenlen;
-
- ksmbd_debug(AUTH, "Received Auth SecBlob: length %d\n", length);
-
- asn1_open(&ctx, security_blob, length);
-
- /* GSSAPI header */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit header\n");
- return 0;
- } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
- || (tag != ASN1_BOL)) {
- ksmbd_debug(AUTH, "cls = %d con = %d tag = %d\n", cls, con,
- tag);
- return 0;
- }
-
- /* SPNEGO */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
- || (tag != ASN1_SEQ)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 0\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- /* negTokenTarg */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
- || (tag != ASN1_INT)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- /* negTokenTarg */
- if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
- ksmbd_debug(AUTH, "Error decoding negTokenInit\n");
- return 0;
- } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
- || (tag != ASN1_OTS)) {
- ksmbd_debug(AUTH,
- "cls = %d con = %d tag = %d end = %p (%d) exit 1\n",
- cls, con, tag, end, *end);
- return 0;
- }
-
- mechTokenlen = ctx.end - ctx.pointer;
- conn->mechToken = kmalloc(mechTokenlen + 1, GFP_KERNEL);
- if (!conn->mechToken) {
- ksmbd_err("memory allocation error\n");
- return 0;
- }
-
- memcpy(conn->mechToken, ctx.pointer, mechTokenlen);
- conn->mechToken[mechTokenlen] = '\0';
-
- return 1;
+ return asn1_ber_decoder(&spnego_negtokentarg_decoder, conn,
+ security_blob, length);
}
static int compute_asn_hdr_len_bytes(int len)
@@ -700,3 +261,92 @@ int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer, u16 *buflen,
*buflen = total_len;
return 0;
}
+
+int gssapi_this_mech(void *context, size_t hdrlen,
+ unsigned char tag, const void *value, size_t vlen)
+{
+ unsigned long *oid;
+ size_t oidlen;
+ int err = 0;
+
+ if (!asn1_oid_decode(value, vlen, &oid, &oidlen)) {
+ err = -EBADMSG;
+ goto out;
+ }
+
+ if (!oid_eq(oid, oidlen, SPNEGO_OID, SPNEGO_OID_LEN))
+ err = -EBADMSG;
+ kfree(oid);
+out:
+ if (err) {
+ char buf[50];
+
+ sprint_oid(value, vlen, buf, sizeof(buf));
+ ksmbd_debug(AUTH, "Unexpected OID: %s\n", buf);
+ }
+ return err;
+}
+
+int neg_token_init_mech_type(void *context, size_t hdrlen,
+ unsigned char tag, const void *value, size_t vlen)
+{
+ struct ksmbd_conn *conn = context;
+ unsigned long *oid;
+ size_t oidlen;
+ int mech_type;
+
+ if (!asn1_oid_decode(value, vlen, &oid, &oidlen)) {
+ char buf[50];
+
+ sprint_oid(value, vlen, buf, sizeof(buf));
+ ksmbd_debug(AUTH, "Unexpected OID: %s\n", buf);
+ return -EBADMSG;
+ }
+
+ if (oid_eq(oid, oidlen, NTLMSSP_OID, NTLMSSP_OID_LEN))
+ mech_type = KSMBD_AUTH_NTLMSSP;
+ else if (oid_eq(oid, oidlen, MSKRB5_OID, MSKRB5_OID_LEN))
+ mech_type = KSMBD_AUTH_MSKRB5;
+ else if (oid_eq(oid, oidlen, KRB5_OID, KRB5_OID_LEN))
+ mech_type = KSMBD_AUTH_KRB5;
+ else if (oid_eq(oid, oidlen, KRB5U2U_OID, KRB5U2U_OID_LEN))
+ mech_type = KSMBD_AUTH_KRB5U2U;
+ else
+ goto out;
+
+ conn->auth_mechs |= mech_type;
+ if (conn->preferred_auth_mech == 0)
+ conn->preferred_auth_mech = mech_type;
+
+out:
+ kfree(oid);
+ return 0;
+}
+
+int neg_token_init_mech_token(void *context, size_t hdrlen,
+ unsigned char tag, const void *value, size_t vlen)
+{
+ struct ksmbd_conn *conn = context;
+
+ conn->mechToken = kmalloc(vlen + 1, GFP_KERNEL);
+ if (!conn->mechToken)
+ return -ENOMEM;
+
+ memcpy(conn->mechToken, value, vlen);
+ conn->mechToken[vlen] = '\0';
+ return 0;
+}
+
+int neg_token_targ_resp_token(void *context, size_t hdrlen,
+ unsigned char tag, const void *value, size_t vlen)
+{
+ struct ksmbd_conn *conn = context;
+
+ conn->mechToken = kmalloc(vlen + 1, GFP_KERNEL);
+ if (!conn->mechToken)
+ return -ENOMEM;
+
+ memcpy(conn->mechToken, value, vlen);
+ conn->mechToken[vlen] = '\0';
+ return 0;
+}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 18de8a763209..92b5020ae778 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1194,8 +1194,8 @@ static int decode_negotiation_token(struct ksmbd_work *work,
req = work->request_buf;
sz = le16_to_cpu(req->SecurityBufferLength);
- if (!ksmbd_decode_negTokenInit((char *)negblob, sz, conn)) {
- if (!ksmbd_decode_negTokenTarg((char *)negblob, sz, conn)) {
+ if (ksmbd_decode_negTokenInit((char *)negblob, sz, conn)) {
+ if (ksmbd_decode_negTokenTarg((char *)negblob, sz, conn)) {
conn->auth_mechs |= KSMBD_AUTH_NTLMSSP;
conn->preferred_auth_mech = KSMBD_AUTH_NTLMSSP;
conn->use_spnego = false;
diff --git a/fs/cifsd/spnego_negtokeninit.asn1 b/fs/cifsd/spnego_negtokeninit.asn1
new file mode 100644
index 000000000000..1b153cb6a39e
--- /dev/null
+++ b/fs/cifsd/spnego_negtokeninit.asn1
@@ -0,0 +1,43 @@
+GSSAPI ::=
+ [APPLICATION 0] IMPLICIT SEQUENCE {
+ thisMech
+ OBJECT IDENTIFIER ({gssapi_this_mech}),
+ negotiationToken
+ NegotiationToken
+ }
+
+MechType ::= OBJECT IDENTIFIER ({neg_token_init_mech_type})
+
+MechTypeList ::= SEQUENCE OF MechType
+
+NegTokenInit ::=
+ SEQUENCE {
+ mechTypes
+ [0] MechTypeList,
+ reqFlags
+ [1] BIT STRING OPTIONAL,
+ mechToken
+ [2] OCTET STRING OPTIONAL ({neg_token_init_mech_token}),
+ mechListMIC
+ [3] OCTET STRING OPTIONAL
+ }
+
+NegTokenTarg ::=
+ SEQUENCE {
+ negResult
+ [0] ENUMERATED OPTIONAL,
+ supportedMech
+ [1] OBJECT IDENTIFIER OPTIONAL,
+ responseToken
+ [2] OCTET STRING OPTIONAL ({neg_token_targ_resp_token}),
+ mechListMIC
+ [3] OCTET STRING OPTIONAL
+ }
+
+NegotiationToken ::=
+ CHOICE {
+ negTokenInit
+ [0] NegTokenInit,
+ negTokenTarg
+ [1] ANY
+ }
diff --git a/fs/cifsd/spnego_negtokentarg.asn1 b/fs/cifsd/spnego_negtokentarg.asn1
new file mode 100644
index 000000000000..8324bcd1bbd7
--- /dev/null
+++ b/fs/cifsd/spnego_negtokentarg.asn1
@@ -0,0 +1,19 @@
+GSSAPI ::=
+ CHOICE {
+ negTokenInit
+ [0] ANY,
+ negTokenTarg
+ [1] NegTokenTarg
+ }
+
+NegTokenTarg ::=
+ SEQUENCE {
+ negResult
+ [0] ENUMERATED OPTIONAL,
+ supportedMech
+ [1] OBJECT IDENTIFIER OPTIONAL,
+ responseToken
+ [2] OCTET STRING OPTIONAL ({neg_token_targ_resp_token}),
+ mechListMIC
+ [3] OCTET STRING OPTIONAL
+ }
From patchwork Mon Nov 14 12:49:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183158
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:40 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:40 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:39 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 061/308] cifsd: fix WARNING: Possible unnecessary
'out of memory' message
Date: Mon, 14 Nov 2022 20:49:30 +0800
Message-ID: <20221114125337.1831594-62-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
94ed6599-4603-4e69-3849-08dac63c5206
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7055836
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 63c454f8392832a770d9cfcf9baa1733959b71e3
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/63c454f83928
-------------------------------
WARNING: Possible unnecessary 'out of memory' message
902: FILE: fs/cifsd/smb2pdu.c:569:
+ if (!work->response_buf) {
+ ksmbd_err("Failed to allocate %zu bytes buffer\n", sz);
Fix a warning from checkpatch.pl.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 92b5020ae778..a18792ce96be 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -565,10 +565,8 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
else
work->response_buf = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
- if (!work->response_buf) {
- ksmbd_err("Failed to allocate %zu bytes buffer\n", sz);
+ if (!work->response_buf)
return -ENOMEM;
- }
work->response_sz = sz;
return 0;
From patchwork Mon Nov 14 12:49:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183159
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:41 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:41 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:40 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 062/308] cifsd: fix WARNING: Too many leading tabs
Date: Mon, 14 Nov 2022 20:49:31 +0800
Message-ID: <20221114125337.1831594-63-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
747a8fb0-630e-4469-fb2d-08dac63c524f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7309682
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 3d47e54623897020e996b952bdf3ed9df447b5bf
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/3d47e5462389
-------------------------------
WARNING: Too many leading tabs - consider code refactoring
3066: FILE: fs/cifsd/smb2pdu.c:2733:
+ if (fattr.cf_dacls)
Fix a warning from checkpatch.pl.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 41 +++++++++++++++++++----------------------
1 file changed, 19 insertions(+), 22 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index a18792ce96be..18576148f530 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2250,6 +2250,19 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work,
return rc;
}
+
+static void ksmbd_acls_fattr(struct smb_fattr *fattr, struct inode *inode)
+{
+ fattr->cf_uid = inode->i_uid;
+ fattr->cf_gid = inode->i_gid;
+ fattr->cf_mode = inode->i_mode;
+ fattr->cf_dacls = NULL;
+
+ fattr->cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
+ if (S_ISDIR(inode->i_mode))
+ fattr->cf_dacls = ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
+}
+
/**
* smb2_open() - handler for smb file open request
* @work: smb work containing request buffer
@@ -2734,23 +2747,13 @@ int smb2_open(struct ksmbd_work *work)
KSMBD_SHARE_FLAG_ACL_XATTR)) {
struct smb_fattr fattr;
struct smb_ntsd *pntsd;
- int pntsd_size, ace_num;
-
- fattr.cf_uid = inode->i_uid;
- fattr.cf_gid = inode->i_gid;
- fattr.cf_mode = inode->i_mode;
- fattr.cf_dacls = NULL;
- ace_num = 0;
+ int pntsd_size, ace_num = 0;
- fattr.cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
+ ksmbd_acls_fattr(&fattr, inode);
if (fattr.cf_acls)
ace_num = fattr.cf_acls->a_count;
- if (S_ISDIR(inode->i_mode)) {
- fattr.cf_dacls =
- ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
- if (fattr.cf_dacls)
- ace_num += fattr.cf_dacls->a_count;
- }
+ if (fattr.cf_dacls)
+ ace_num += fattr.cf_dacls->a_count;
pntsd = kmalloc(sizeof(struct smb_ntsd) +
sizeof(struct smb_sid) * 3 +
@@ -2768,6 +2771,7 @@ int smb2_open(struct ksmbd_work *work)
rc = ksmbd_vfs_set_sd_xattr(conn,
path.dentry, pntsd, pntsd_size);
+ kfree(pntsd);
if (rc)
ksmbd_err("failed to store ntacl in xattr : %d\n",
rc);
@@ -4847,14 +4851,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
return -ENOENT;
inode = FP_INODE(fp);
- fattr.cf_uid = inode->i_uid;
- fattr.cf_gid = inode->i_gid;
- fattr.cf_mode = inode->i_mode;
- fattr.cf_dacls = NULL;
-
- fattr.cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
- if (S_ISDIR(inode->i_mode))
- fattr.cf_dacls = ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
+ ksmbd_acls_fattr(&fattr, inode);
if (test_share_config_flag(work->tcon->share_conf,
KSMBD_SHARE_FLAG_ACL_XATTR))
From patchwork Mon Nov 14 12:49:32 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183160
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:41 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:41 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:40 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 063/308] cifsd: fix boolreturn.cocci warnings
Date: Mon, 14 Nov 2022 20:49:32 +0800
Message-ID: <20221114125337.1831594-64-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7912e75c-3e26-4c86-8cfe-08dac63c5298
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7179997
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: kernel test robot <lkp(a)intel.com>
mainline inclusion
from mainline-5.15-rc1
commit 5616015f548a9beda791d8d607e1b17ebdc1e09d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5616015f548a
-------------------------------
fs/cifsd/smb2pdu.c:8098:8-9: WARNING: return of 0/1 in function
'smb2_is_sign_req' with return type bool
Return statements in functions returning bool should use true/false
instead of 1/0.
Generated by: scripts/coccinelle/misc/boolreturn.cocci
Reported-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 18576148f530..e17ad2032fc7 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -7713,7 +7713,7 @@ bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command)
command != SMB2_OPLOCK_BREAK_HE)
return true;
- return 0;
+ return false;
}
/**
From patchwork Mon Nov 14 12:49:33 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183161
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:42 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:41 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:41 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 064/308] cifsd: fix xfstests generic/504 test
failure
Date: Mon, 14 Nov 2022 20:49:33 +0800
Message-ID: <20221114125337.1831594-65-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a27db963-bf77-4401-0eb6-08dac63c52e3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6973391
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 50bf80a553ccb5eca0bc2426e5a082eaf65cb602
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/50bf80a553cc
-------------------------------
If lock length in smb2 lock request from client is over
flock max length size, lock length is changed to flock max length
and don't return error response.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 25 +++++++++++--------------
1 file changed, 11 insertions(+), 14 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index e17ad2032fc7..3fd266a94996 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -6422,7 +6422,7 @@ int smb2_lock(struct ksmbd_work *work)
int flags = 0;
int cmd = 0;
int err = 0, i;
- u64 lock_length;
+ u64 lock_start, lock_length;
struct ksmbd_lock *smb_lock = NULL, *cmp_lock, *tmp;
int nolock = 0;
LIST_HEAD(lock_list);
@@ -6461,25 +6461,22 @@ int smb2_lock(struct ksmbd_work *work)
cmd = smb2_set_flock_flags(flock, flags);
- flock->fl_start = le64_to_cpu(lock_ele[i].Offset);
- if (flock->fl_start > OFFSET_MAX) {
+ lock_start = le64_to_cpu(lock_ele[i].Offset);
+ lock_length = le64_to_cpu(lock_ele[i].Length);
+ if (lock_start > U64_MAX - lock_length) {
ksmbd_err("Invalid lock range requested\n");
rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
goto out;
}
+ if (lock_start > OFFSET_MAX)
+ flock->fl_start = OFFSET_MAX;
+ else
+ flock->fl_start = lock_start;
+
lock_length = le64_to_cpu(lock_ele[i].Length);
- if (lock_length > 0) {
- if (lock_length > OFFSET_MAX - flock->fl_start) {
- ksmbd_debug(SMB,
- "Invalid lock range requested\n");
- lock_length = OFFSET_MAX - flock->fl_start;
- rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
- goto out;
- }
- } else {
- lock_length = 0;
- }
+ if (lock_length > OFFSET_MAX - flock->fl_start)
+ lock_length = OFFSET_MAX - flock->fl_start;
flock->fl_end = flock->fl_start + lock_length;
From patchwork Mon Nov 14 12:49:34 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183162
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:42 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:42 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:41 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 065/308] cifsd: Do not use 0 or 0xFFFFFFFF for
TreeID
Date: Mon, 14 Nov 2022 20:49:34 +0800
Message-ID: <20221114125337.1831594-66-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
fbf9362f-74df-4896-a179-08dac63c532b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6964179
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit 8602c3e2ceef5f50f5718e8442a8ea17530101b4
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8602c3e2ceef
-------------------------------
Returning TreeID=0 is valid behaviour according to [MS-SMB2] 2.2.1.2:
TreeId (4 bytes): Uniquely identifies the tree connect for the command.
This MUST be 0 for the SMB2 TREE_CONNECT Request. The TreeId can be
any unsigned 32-bit integer that is received from a previous
SMB2 TREE_CONNECT Response. TreeId SHOULD be set to 0 for the
following commands:
[...]
However, some client implementations reject it as invalid. Windows10
assigns ids starting from 1, and samba4 returns a random uint32_t
which suggests there may be other clients that consider it is
invalid behaviour.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/mgmt/ksmbd_ida.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/cifsd/mgmt/ksmbd_ida.c b/fs/cifsd/mgmt/ksmbd_ida.c
index 3dbc27cb5385..54194d959a5e 100644
--- a/fs/cifsd/mgmt/ksmbd_ida.c
+++ b/fs/cifsd/mgmt/ksmbd_ida.c
@@ -14,9 +14,7 @@ int ksmbd_acquire_smb2_tid(struct ida *ida)
{
int id;
- id = __acquire_id(ida, 0, 0);
- if (id == 0xFFFF)
- id = __acquire_id(ida, 0, 0);
+ id = __acquire_id(ida, 1, 0xFFFFFFFF);
return id;
}
From patchwork Mon Nov 14 12:49:35 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183163
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:43 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:42 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:42 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 066/308] cifsd: add support for
FSCTL_DUPLICATE_EXTENTS_TO_FILE
Date: Mon, 14 Nov 2022 20:49:35 +0800
Message-ID: <20221114125337.1831594-67-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
1c46c516-ae47-4a7c-5874-08dac63c5374
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6884650
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit eb817368f50c1cbe1bd07044124aad7db6330e3a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/eb817368f50c
-------------------------------
Add support for FSCTL_DUPLICATE_EXTENTS_TO_FILE in smb2 ioctl.
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 52 ++++++++++++++++++++++++++++++++++++++++++++-
fs/cifsd/smb2pdu.h | 8 +++++++
fs/cifsd/smbfsctl.h | 1 +
fs/cifsd/vfs.c | 2 +-
fs/cifsd/vfs.h | 3 ++-
5 files changed, 63 insertions(+), 3 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 3fd266a94996..e5d3a5790a81 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -4622,7 +4622,8 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
FILE_PERSISTENT_ACLS |
FILE_UNICODE_ON_DISK |
FILE_CASE_PRESERVED_NAMES |
- FILE_CASE_SENSITIVE_SEARCH);
+ FILE_CASE_SENSITIVE_SEARCH |
+ FILE_SUPPORTS_BLOCK_REFCOUNTING);
info->Attributes |= cpu_to_le32(server_conf.share_fake_fscaps);
@@ -7330,6 +7331,55 @@ int smb2_ioctl(struct ksmbd_work *work)
nbytes = sizeof(struct reparse_data_buffer);
break;
}
+ case FSCTL_DUPLICATE_EXTENTS_TO_FILE:
+ {
+ struct ksmbd_file *fp_in, *fp_out = NULL;
+ struct duplicate_extents_to_file *dup_ext;
+ loff_t src_off, dst_off, length, cloned;
+
+ dup_ext = (struct duplicate_extents_to_file *)&req->Buffer[0];
+
+ fp_in = ksmbd_lookup_fd_slow(work, dup_ext->VolatileFileHandle,
+ dup_ext->PersistentFileHandle);
+ if (!fp_in) {
+ ksmbd_err("not found file handle in duplicate extent to file\n");
+ ret = -ENOENT;
+ goto out;
+ }
+
+ fp_out = ksmbd_lookup_fd_fast(work, id);
+ if (!fp_out) {
+ ksmbd_err("not found fp\n");
+ ret = -ENOENT;
+ goto dup_ext_out;
+ }
+
+ src_off = le64_to_cpu(dup_ext->SourceFileOffset);
+ dst_off = le64_to_cpu(dup_ext->TargetFileOffset);
+ length = le64_to_cpu(dup_ext->ByteCount);
+ cloned = vfs_clone_file_range(fp_in->filp, src_off, fp_out->filp,
+ dst_off, length, 0);
+ if (cloned == -EXDEV || cloned == -EOPNOTSUPP) {
+ ret = -EOPNOTSUPP;
+ goto dup_ext_out;
+ } else if (cloned != length) {
+ cloned = ksmbd_vfs_copy_file_range(fp_in->filp, src_off,
+ fp_out->filp, dst_off, length);
+ if (cloned != length) {
+ if (cloned < 0)
+ ret = cloned;
+ else
+ ret = -EINVAL;
+ }
+ }
+
+dup_ext_out:
+ ksmbd_fd_put(work, fp_in);
+ ksmbd_fd_put(work, fp_out);
+ if (ret < 0)
+ goto out;
+ break;
+ }
default:
ksmbd_debug(SMB, "not implemented yet ioctl command 0x%x\n",
cnt_code);
diff --git a/fs/cifsd/smb2pdu.h b/fs/cifsd/smb2pdu.h
index c5c32610aafe..1a8da2122b75 100644
--- a/fs/cifsd/smb2pdu.h
+++ b/fs/cifsd/smb2pdu.h
@@ -851,6 +851,14 @@ struct smb2_write_rsp {
#define SMB2_0_IOCTL_IS_FSCTL 0x00000001
+struct duplicate_extents_to_file {
+ __u64 PersistentFileHandle; /* source file handle, opaque endianness */
+ __u64 VolatileFileHandle;
+ __le64 SourceFileOffset;
+ __le64 TargetFileOffset;
+ __le64 ByteCount; /* Bytes to be copied */
+} __packed;
+
struct smb2_ioctl_req {
struct smb2_hdr hdr;
__le16 StructureSize; /* Must be 57 */
diff --git a/fs/cifsd/smbfsctl.h b/fs/cifsd/smbfsctl.h
index 908c4e68a479..b98418aae20c 100644
--- a/fs/cifsd/smbfsctl.h
+++ b/fs/cifsd/smbfsctl.h
@@ -64,6 +64,7 @@
#define FSCTL_SET_SHORT_NAME_BEHAVIOR 0x000901B4 /* BB add struct */
#define FSCTL_QUERY_ALLOCATED_RANGES 0x000940CF /* BB add struct */
#define FSCTL_SET_DEFECT_MANAGEMENT 0x00098134 /* BB add struct */
+#define FSCTL_DUPLICATE_EXTENTS_TO_FILE 0x00098344
#define FSCTL_SIS_LINK_FILES 0x0009C104
#define FSCTL_PIPE_PEEK 0x0011400C /* BB add struct */
#define FSCTL_PIPE_TRANSCEIVE 0x0011C017 /* BB add struct */
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 29f31db4e07e..cdbb844fddad 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -1789,7 +1789,7 @@ int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
return 0;
}
-static int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
+int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
struct file *file_out, loff_t pos_out, size_t len)
{
struct inode *inode_in = file_inode(file_in);
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index 0163be4297de..2d19e2bac33a 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -218,7 +218,8 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
struct srv_copychunk *chunks, unsigned int chunk_count,
unsigned int *chunk_count_written,
unsigned int *chunk_size_written, loff_t *total_size_written);
-
+int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
+ struct file *file_out, loff_t pos_out, size_t len);
ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list);
ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
char **xattr_buf);
From patchwork Mon Nov 14 12:49:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183164
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:43 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:43 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:42 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 067/308] cifsd: add goto fail in asn1_oid_decode()
Date: Mon, 14 Nov 2022 20:49:36 +0800
Message-ID: <20221114125337.1831594-68-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
27604c49-17d9-43b3-3701-08dac63c53bd
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6995817
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit cdd10398e71a1843ef99ed545bbb872b6cb9d249
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/cdd10398e71a
-------------------------------
Add goto fail in asn1_oid_decode() to clean-up exception handling code.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index aa6ea855c422..f2628dc3490f 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -74,11 +74,8 @@ static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
optr = *oid;
- if (!asn1_subid_decode(&iptr, end, &subid)) {
- kfree(*oid);
- *oid = NULL;
- return false;
- }
+ if (!asn1_subid_decode(&iptr, end, &subid))
+ goto fail;
if (subid < 40) {
optr[0] = 0;
@@ -95,19 +92,18 @@ static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
optr += 2;
while (iptr < end) {
- if (++(*oidlen) > vlen) {
- kfree(*oid);
- *oid = NULL;
- return false;
- }
+ if (++(*oidlen) > vlen)
+ goto fail;
- if (!asn1_subid_decode(&iptr, end, optr++)) {
- kfree(*oid);
- *oid = NULL;
- return false;
- }
+ if (!asn1_subid_decode(&iptr, end, optr++))
+ goto fail;
}
return true;
+
+fail:
+ kfree(*oid);
+ *oid = NULL;
+ return false;
}
static bool
From patchwork Mon Nov 14 12:49:37 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183165
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:44 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:43 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:43 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 068/308] cifsd: use memcmp instead of for loop
check in oid_eq()
Date: Mon, 14 Nov 2022 20:49:37 +0800
Message-ID: <20221114125337.1831594-69-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f33574dd-7653-498c-c8cb-08dac63c5405
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6857101
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 3566a2b0f73a46eb93beafd70b8386a3b59d5acb
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/3566a2b0f73a
-------------------------------
Use memcmp instead of for loop check in oid_eq().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 8 +-------
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index f2628dc3490f..a7db37eef2a9 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -110,16 +110,10 @@ static bool
oid_eq(unsigned long *oid1, unsigned int oid1len,
unsigned long *oid2, unsigned int oid2len)
{
- unsigned int i;
-
if (oid1len != oid2len)
return false;
- for (i = 0; i < oid1len; i++) {
- if (oid1[i] != oid2[i])
- return false;
- }
- return true;
+ return memcmp(oid1, oid2, oid1len) == 0;
}
int
From patchwork Mon Nov 14 12:49:38 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183166
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:44 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:44 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:43 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 069/308] cifsd: add goto fail in
neg_token_init_mech_type()
Date: Mon, 14 Nov 2022 20:49:38 +0800
Message-ID: <20221114125337.1831594-70-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a2e7cc01-03c3-43bd-edd6-08dac63c5451
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7080949
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 8bae4419ce636f6f8414193a206a2dc2e6dd37db
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8bae4419ce63
-------------------------------
Add goto fail in neg_token_init_mech_type().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index a7db37eef2a9..769fa328c020 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -284,14 +284,10 @@ int neg_token_init_mech_type(void *context, size_t hdrlen,
unsigned long *oid;
size_t oidlen;
int mech_type;
+ char buf[50];
- if (!asn1_oid_decode(value, vlen, &oid, &oidlen)) {
- char buf[50];
-
- sprint_oid(value, vlen, buf, sizeof(buf));
- ksmbd_debug(AUTH, "Unexpected OID: %s\n", buf);
- return -EBADMSG;
- }
+ if (!asn1_oid_decode(value, vlen, &oid, &oidlen))
+ goto fail;
if (oid_eq(oid, oidlen, NTLMSSP_OID, NTLMSSP_OID_LEN))
mech_type = KSMBD_AUTH_NTLMSSP;
@@ -302,15 +298,20 @@ int neg_token_init_mech_type(void *context, size_t hdrlen,
else if (oid_eq(oid, oidlen, KRB5U2U_OID, KRB5U2U_OID_LEN))
mech_type = KSMBD_AUTH_KRB5U2U;
else
- goto out;
+ goto fail;
conn->auth_mechs |= mech_type;
if (conn->preferred_auth_mech == 0)
conn->preferred_auth_mech = mech_type;
-out:
kfree(oid);
return 0;
+
+fail:
+ kfree(oid);
+ sprint_oid(value, vlen, buf, sizeof(buf));
+ ksmbd_debug(AUTH, "Unexpected OID: %s\n", buf);
+ return -EBADMSG;
}
int neg_token_init_mech_token(void *context, size_t hdrlen,
From patchwork Mon Nov 14 12:49:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183170
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:46 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:46 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:44 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 070/308] cifsd: move fips_enabled check before the
str_to_key()
Date: Mon, 14 Nov 2022 20:49:39 +0800
Message-ID: <20221114125337.1831594-71-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c64d4b58-3d4f-4b69-b27f-08dac63c549a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:02.4638033
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 94096702376ecb99c86cbee9dd95fc3675231b8a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/94096702376e
-------------------------------
Move fips_enabled check before the str_to_key().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 6b90aac86fcc..9263c9ce2dd2 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -92,14 +92,13 @@ smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
unsigned char key2[8];
struct des_ctx ctx;
- str_to_key(key, key2);
-
if (fips_enabled) {
ksmbd_debug(AUTH,
"FIPS compliance enabled: DES not permitted\n");
return -ENOENT;
}
+ str_to_key(key, key2);
des_expand_key(&ctx, key2, DES_KEY_SIZE);
des_encrypt(&ctx, out, in);
memzero_explicit(&ctx, sizeof(ctx));
From patchwork Mon Nov 14 12:49:40 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183167
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:45 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:45 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:44 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 071/308] cifsd: just return smbhash() instead of
using rc return value
Date: Mon, 14 Nov 2022 20:49:40 +0800
Message-ID: <20221114125337.1831594-72-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7db09d26-64a7-4cf3-01b8-08dac63c54e5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6919793
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit fd43cbbe0af5e528ec7e1f85e6e942d1b77ff781
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/fd43cbbe0af5
-------------------------------
Just return smbhash() instead of using rc return value.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 9263c9ce2dd2..ab698093f728 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -115,8 +115,7 @@ static int ksmbd_enc_p24(unsigned char *p21, const unsigned char *c8, unsigned c
rc = smbhash(p24 + 8, c8, p21 + 7);
if (rc)
return rc;
- rc = smbhash(p24 + 16, c8, p21 + 14);
- return rc;
+ return smbhash(p24 + 16, c8, p21 + 14);
}
/* produce a md4 message digest from data of length n bytes */
From patchwork Mon Nov 14 12:49:41 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183168
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:45 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:45 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:45 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 072/308] cifsd: move ret check before the out
label
Date: Mon, 14 Nov 2022 20:49:41 +0800
Message-ID: <20221114125337.1831594-73-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
22fadc25-052c-4aa3-9e4d-08dac63c552e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6993107
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 7e38ea254c8274ea25ffc28df65ac2683c5f8a72
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7e38ea254c82
-------------------------------
Move ret check before the out label.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index ab698093f728..092db15e4234 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -311,9 +311,9 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
}
ret = crypto_shash_final(CRYPTO_HMACMD5(ctx), ntlmv2_hash);
-out:
if (ret)
ksmbd_debug(AUTH, "Could not generate md5 hash\n");
+out:
kfree(uniname);
kfree(domain);
ksmbd_release_crypto_ctx(ctx);
From patchwork Mon Nov 14 12:49:42 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183169
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:46 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:46 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:45 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 073/308] cifsd: simplify error handling in
ksmbd_auth_ntlm()
Date: Mon, 14 Nov 2022 20:49:42 +0800
Message-ID: <20221114125337.1831594-74-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
609c437e-22b4-4e48-ae04-08dac63c5578
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6414094
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 4a6b02282632f0b4e88a85f26266f7674e0ce288
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4a6b02282632
-------------------------------
simplify error handling in ksmbd_auth_ntlm().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 092db15e4234..7771429f55a4 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -351,12 +351,11 @@ int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
if (strncmp(pw_buf, key, CIFS_AUTH_RESP_SIZE) != 0) {
ksmbd_debug(AUTH, "ntlmv1 authentication failed\n");
- rc = -EINVAL;
- } else {
- ksmbd_debug(AUTH, "ntlmv1 authentication pass\n");
+ return -EINVAL;
}
- return rc;
+ ksmbd_debug(AUTH, "ntlmv1 authentication pass\n");
+ return 0;
}
/**
From patchwork Mon Nov 14 12:49:43 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183171
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:46 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:46 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:46 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 074/308] cifsd: remove unneeded type casting
Date: Mon, 14 Nov 2022 20:49:43 +0800
Message-ID: <20221114125337.1831594-75-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7e20588a-d509-4f03-4a69-08dac63c55c2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.5915361
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 192cc732c65a7c22da77cf21baba5e8a3efdea29
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/192cc732c65a
-------------------------------
Remove unneeded type casting.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 7771429f55a4..ed32052fbf93 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -410,8 +410,7 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
}
memcpy(construct, sess->ntlmssp.cryptkey, CIFS_CRYPTO_KEY_SIZE);
- memcpy(construct + CIFS_CRYPTO_KEY_SIZE,
- (char *)(&ntlmv2->blob_signature), blen);
+ memcpy(construct + CIFS_CRYPTO_KEY_SIZE, &ntlmv2->blob_signature, blen);
rc = crypto_shash_update(CRYPTO_HMACMD5(ctx), construct, len);
if (rc) {
From patchwork Mon Nov 14 12:49:44 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183172
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:47 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:47 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:46 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 075/308] cifsd: set error return value for
memcmp() difference
Date: Mon, 14 Nov 2022 20:49:44 +0800
Message-ID: <20221114125337.1831594-76-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2f9e8ba8-6510-47dc-236d-08dac63c560e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7062463
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit b72802aa77dc2729b848057e96b6a2126182f75e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b72802aa77dc
-------------------------------
Set error return value for memcmp() difference.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index ed32052fbf93..adfb3b33f2e5 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -430,7 +430,8 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
goto out;
}
- rc = memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE);
+ if (memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE) != 0)
+ rc = -EINVAL;
out:
ksmbd_release_crypto_ctx(ctx);
kfree(construct);
@@ -469,7 +470,8 @@ static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce,
goto out;
}
- rc = memcmp(ntlm_resp, key, CIFS_AUTH_RESP_SIZE);
+ if (memcmp(ntlm_resp, key, CIFS_AUTH_RESP_SIZE) != 0)
+ rc = -EINVAL;
out:
return rc;
}
From patchwork Mon Nov 14 12:49:45 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183173
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:47 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:47 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:47 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 076/308] cifsd: return zero in always success case
Date: Mon, 14 Nov 2022 20:49:45 +0800
Message-ID: <20221114125337.1831594-77-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3455cb64-529c-460d-01a5-08dac63c5657
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6947272
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 876edcc4cffd26f83eae591e906384dab7f25a51
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/876edcc4cffd
-------------------------------
Return zero in always success case.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index adfb3b33f2e5..a89de24aa576 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -943,7 +943,7 @@ static int generate_smb3signingkey(struct ksmbd_session *sess,
SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
ksmbd_debug(AUTH, "Signing Key %*ph\n",
SMB3_SIGN_KEY_SIZE, key);
- return rc;
+ return 0;
}
int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess)
@@ -1011,7 +1011,7 @@ static int generate_smb3encryptionkey(struct ksmbd_session *sess,
ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3decryptionkey);
}
- return rc;
+ return 0;
}
int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess)
From patchwork Mon Nov 14 12:49:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183174
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:48 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:48 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:47 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 077/308] cifsd: never return 1 on failure
Date: Mon, 14 Nov 2022 20:49:46 +0800
Message-ID: <20221114125337.1831594-78-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d15b2eb7-e1cb-455e-1c1c-08dac63c56a2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6901303
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 522dcc76269fcc27a3a0128ca7699270fae61b60
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/522dcc76269f
-------------------------------
Never return 1 on failure.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index a89de24aa576..7e56966f87d4 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -1144,7 +1144,7 @@ static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,
sess = ksmbd_session_lookup(conn, ses_id);
if (!sess)
- return 1;
+ return -EINVAL;
ses_enc_key = enc ? sess->smb3encryptionkey :
sess->smb3decryptionkey;
From patchwork Mon Nov 14 12:49:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183175
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:48 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:48 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:48 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 078/308] cifsd: add the check if nvec is zero
Date: Mon, 14 Nov 2022 20:49:47 +0800
Message-ID: <20221114125337.1831594-79-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a539fd86-a490-4465-b9a6-08dac63c56eb
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6895444
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 41a7848a01b3f4401b8b87815e643584b86895f2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/41a7848a01b3
-------------------------------
Dan Carpenter pointed out that memory can be corrupted when nvec is zero.
This patch add the check to prevent it.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 7e56966f87d4..9f957c8c123c 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -1172,6 +1172,9 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
int i, nr_entries[3] = {0}, total_entries = 0, sg_idx = 0;
+ if (!nvec)
+ return NULL;
+
for (i = 0; i < nvec - 1; i++) {
unsigned long kaddr = (unsigned long)iov[i + 1].iov_base;
From patchwork Mon Nov 14 12:49:48 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183176
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:49 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:49 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:48 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 079/308] cifsd: len can never be negative in
ksmbd_init_sg()
Date: Mon, 14 Nov 2022 20:49:48 +0800
Message-ID: <20221114125337.1831594-80-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cab09624-1388-4b6b-ee50-08dac63c5735
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7059040
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 08591ccfdd4f237b3d931e0ebf05690b1ab91399
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/08591ccfdd4f
-------------------------------
Dan pointed out len can not be negative.
This patch remove unneeded negative check in loop.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 9f957c8c123c..9af1b334be82 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -1207,7 +1207,7 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
for (j = 0; j < nr_entries[i]; j++) {
unsigned int bytes = PAGE_SIZE - offset;
- if (len <= 0)
+ if (!len)
break;
if (bytes > len)
From patchwork Mon Nov 14 12:49:49 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183177
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:49 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:49 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:49 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 080/308] cifsd: remove unneeded initialization of
rc variable in ksmbd_crypt_message()
Date: Mon, 14 Nov 2022 20:49:49 +0800
Message-ID: <20221114125337.1831594-81-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
b7a334d5-02b2-4c48-d723-08dac63c577f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7033106
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 03f1c3d38887803266ec4d5a820b08b01b2766d8
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/03f1c3d38887
-------------------------------
Remove unneeded initialization of rc variable in ksmbd_crypt_message().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 9af1b334be82..711f8dec38e1 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -1236,7 +1236,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
struct smb2_transform_hdr *tr_hdr =
(struct smb2_transform_hdr *)iov[0].iov_base;
unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
- int rc = 0;
+ int rc;
struct scatterlist *sg;
u8 sign[SMB2_SIGNATURE_SIZE] = {};
u8 key[SMB3_ENC_DEC_KEY_SIZE];
From patchwork Mon Nov 14 12:49:50 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183178
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:50 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:50 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:49 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 081/308] cifsd: fix wrong return value in
ksmbd_crypt_message()
Date: Mon, 14 Nov 2022 20:49:50 +0800
Message-ID: <20221114125337.1831594-82-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e900da02-a24b-4af5-32f2-08dac63c57ca
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7106455
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 27aa646db0f0465c5abf8e5cd545e070e7f14120
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/27aa646db0f0
-------------------------------
Change error return instead of returning always success return.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 711f8dec38e1..5a56dd65fa06 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -1253,7 +1253,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
key);
if (rc) {
ksmbd_err("Could not get %scryption key\n", enc ? "en" : "de");
- return 0;
+ return rc;
}
if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
From patchwork Mon Nov 14 12:49:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183179
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:50 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:50 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:50 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 082/308] cifsd: change success handling to failure
handling
Date: Mon, 14 Nov 2022 20:49:51 +0800
Message-ID: <20221114125337.1831594-83-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cc95641d-3680-4e1f-a979-08dac63c5813
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6989097
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 73b8b08539423a888ed76b53401a6366e0e2af2b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/73b8b0853942
-------------------------------
Change success handling to failure handling in ksmbd_crypt_message().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 5a56dd65fa06..b0a9e4591fa5 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -1331,9 +1331,13 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
rc = crypto_aead_encrypt(req);
else
rc = crypto_aead_decrypt(req);
- if (!rc && enc)
+ if (rc)
+ goto free_iv;
+
+ if (enc)
memcpy(&tr_hdr->Signature, sign, SMB2_SIGNATURE_SIZE);
+free_iv:
kfree(iv);
free_sg:
kfree(sg);
From patchwork Mon Nov 14 12:49:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183180
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:51 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:51 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:50 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 083/308] cifsd: add default case in switch
statment in alloc_shash_desc()
Date: Mon, 14 Nov 2022 20:49:52 +0800
Message-ID: <20221114125337.1831594-84-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e34523eb-96b9-4fbf-9381-08dac63c585d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6950911
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 533a45da1a8900267a667648450976bc334b71a8
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/533a45da1a89
-------------------------------
Add default case in switch statment in alloc_shash_desc().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/crypto_ctx.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index 1830ae1b5ed3..dbfe36ee9be1 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -88,6 +88,8 @@ static struct shash_desc *alloc_shash_desc(int id)
case CRYPTO_SHASH_MD5:
tfm = crypto_alloc_shash("md5", 0, 0);
break;
+ default:
+ return NULL;
}
if (IS_ERR(tfm))
From patchwork Mon Nov 14 12:49:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183181
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:51 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:51 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:51 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 084/308] cifsd: call kzalloc() directly instead of
wrapper
Date: Mon, 14 Nov 2022 20:49:53 +0800
Message-ID: <20221114125337.1831594-85-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
22403bcf-0c5d-4e81-569f-08dac63c58a7
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7145683
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 12fc704441ad86a0a29e60708490109954f097fa
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/12fc704441ad
-------------------------------
Call kzalloc() directly instead of wrapper function.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/crypto_ctx.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index dbfe36ee9be1..9685bf963702 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -104,11 +104,6 @@ static struct shash_desc *alloc_shash_desc(int id)
return shash;
}
-static struct ksmbd_crypto_ctx *ctx_alloc(void)
-{
- return kzalloc(sizeof(struct ksmbd_crypto_ctx), GFP_KERNEL);
-}
-
static void ctx_free(struct ksmbd_crypto_ctx *ctx)
{
int i;
@@ -145,7 +140,7 @@ static struct ksmbd_crypto_ctx *ksmbd_find_crypto_ctx(void)
ctx_list.avail_ctx++;
spin_unlock(&ctx_list.ctx_lock);
- ctx = ctx_alloc();
+ ctx = kzalloc(sizeof(struct ksmbd_crypto_ctx), GFP_KERNEL);
if (!ctx) {
spin_lock(&ctx_list.ctx_lock);
ctx_list.avail_ctx--;
@@ -280,7 +275,7 @@ int ksmbd_crypto_create(void)
init_waitqueue_head(&ctx_list.ctx_wait);
ctx_list.avail_ctx = 1;
- ctx = ctx_alloc();
+ ctx = kzalloc(sizeof(struct ksmbd_crypto_ctx), GFP_KERNEL);
if (!ctx)
return -ENOMEM;
list_add(&ctx->list, &ctx_list.idle_ctx);
From patchwork Mon Nov 14 12:49:54 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183182
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:52 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:52 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:51 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 085/308] cifsd: simplify error handling in
ksmbd_gen_preauth_integrity_hash()
Date: Mon, 14 Nov 2022 20:49:54 +0800
Message-ID: <20221114125337.1831594-86-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
0f9d4860-ef25-4e0f-5ab2-08dac63c58f0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6243256
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit d3cd8c491559ca9eb7ce81242df3b3927466e6d9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d3cd8c491559
-------------------------------
Simplify error handling in ksmbd_gen_preauth_integrity_hash().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index b0a9e4591fa5..1d4c4e6d28cd 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -1063,14 +1063,13 @@ int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
int msg_size = be32_to_cpu(rcv_hdr->smb2_buf_length);
struct ksmbd_crypto_ctx *ctx = NULL;
- if (conn->preauth_info->Preauth_HashId ==
- SMB2_PREAUTH_INTEGRITY_SHA512) {
- ctx = ksmbd_crypto_ctx_find_sha512();
- if (!ctx) {
- ksmbd_debug(AUTH, "could not alloc sha512 rc %d\n", rc);
- goto out;
- }
- } else {
+ if (conn->preauth_info->Preauth_HashId !=
+ SMB2_PREAUTH_INTEGRITY_SHA512)
+ return -EINVAL;
+
+ ctx = ksmbd_crypto_ctx_find_sha512();
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not alloc sha512 rc %d\n", rc);
goto out;
}
From patchwork Mon Nov 14 12:49:55 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183183
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:52 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:52 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:52 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 086/308] cifsd: return -ENOMEM about error from
ksmbd_crypto_ctx_find_xxx calls
Date: Mon, 14 Nov 2022 20:49:55 +0800
Message-ID: <20221114125337.1831594-87-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6085825d-bd03-4193-5f10-08dac63c5939
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6988805
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 0e579cd17f8e9c2e70a68edb66a1457b2c6e9926
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/0e579cd17f8e
-------------------------------
Return -ENOMEM about error from ksmbd_crypto_ctx_find_xxx calls.
And remove unneeded return value print in debug message.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 56 ++++++++++++++++++++++++-------------------------
1 file changed, 28 insertions(+), 28 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 1d4c4e6d28cd..cc13d0eedd80 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -128,7 +128,7 @@ static int ksmbd_enc_md4(unsigned char *md4_hash, unsigned char *link_str,
ctx = ksmbd_crypto_ctx_find_md4();
if (!ctx) {
ksmbd_debug(AUTH, "Crypto md4 allocation error\n");
- return -EINVAL;
+ return -ENOMEM;
}
rc = crypto_shash_init(CRYPTO_MD4(ctx));
@@ -160,7 +160,7 @@ static int ksmbd_enc_update_sess_key(unsigned char *md5_hash, char *nonce,
ctx = ksmbd_crypto_ctx_find_md5();
if (!ctx) {
ksmbd_debug(AUTH, "Crypto md5 allocation error\n");
- return -EINVAL;
+ return -ENOMEM;
}
rc = crypto_shash_init(CRYPTO_MD5(ctx));
@@ -200,11 +200,13 @@ static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
char *hmac)
{
struct ksmbd_crypto_ctx *ctx;
- int rc = -EINVAL;
+ int rc;
ctx = ksmbd_crypto_ctx_find_hmacmd5();
- if (!ctx)
- goto out;
+ if (!ctx) {
+ ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
+ return -ENOMEM;
+ }
rc = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
hash,
@@ -244,7 +246,7 @@ static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
char *dname)
{
- int ret = -EINVAL, len;
+ int ret, len;
wchar_t *domain = NULL;
__le16 *uniname = NULL;
struct ksmbd_crypto_ctx *ctx;
@@ -252,7 +254,7 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
ctx = ksmbd_crypto_ctx_find_hmacmd5();
if (!ctx) {
ksmbd_debug(AUTH, "can't generate ntlmv2 hash\n");
- goto out;
+ return -ENOMEM;
}
ret = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
@@ -374,12 +376,12 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE];
struct ksmbd_crypto_ctx *ctx;
char *construct = NULL;
- int rc = -EINVAL, len;
+ int rc, len;
ctx = ksmbd_crypto_ctx_find_hmacmd5();
if (!ctx) {
- ksmbd_debug(AUTH, "could not crypto alloc hmacmd5 rc %d\n", rc);
- goto out;
+ ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
+ return -ENOMEM;
}
rc = calc_ntlmv2_hash(sess, ntlmv2_hash, domain_name);
@@ -731,13 +733,12 @@ int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
int n_vec, char *sig)
{
struct ksmbd_crypto_ctx *ctx;
- int rc = -EINVAL;
- int i;
+ int rc, i;
ctx = ksmbd_crypto_ctx_find_hmacsha256();
if (!ctx) {
- ksmbd_debug(AUTH, "could not crypto alloc hmacmd5 rc %d\n", rc);
- goto out;
+ ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
+ return -ENOMEM;
}
rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),
@@ -783,13 +784,12 @@ int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
int n_vec, char *sig)
{
struct ksmbd_crypto_ctx *ctx;
- int rc = -EINVAL;
- int i;
+ int rc, i;
ctx = ksmbd_crypto_ctx_find_cmacaes();
if (!ctx) {
- ksmbd_debug(AUTH, "could not crypto alloc cmac rc %d\n", rc);
- goto out;
+ ksmbd_debug(AUTH, "could not crypto alloc cmac\n");
+ return -ENOMEM;
}
rc = crypto_shash_setkey(CRYPTO_CMACAES_TFM(ctx),
@@ -835,7 +835,7 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
__u8 i[4] = {0, 0, 0, 1};
__u8 L128[4] = {0, 0, 0, 128};
__u8 L256[4] = {0, 0, 1, 0};
- int rc = -EINVAL;
+ int rc;
unsigned char prfhash[SMB2_HMACSHA256_SIZE];
unsigned char *hashptr = prfhash;
struct ksmbd_crypto_ctx *ctx;
@@ -845,8 +845,8 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
ctx = ksmbd_crypto_ctx_find_hmacsha256();
if (!ctx) {
- ksmbd_debug(AUTH, "could not crypto alloc hmacmd5 rc %d\n", rc);
- goto smb3signkey_ret;
+ ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
+ return -ENOMEM;
}
rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),
@@ -1057,7 +1057,7 @@ int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess)
int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
__u8 *pi_hash)
{
- int rc = -1;
+ int rc;
struct smb2_hdr *rcv_hdr = (struct smb2_hdr *)buf;
char *all_bytes_msg = (char *)&rcv_hdr->ProtocolId;
int msg_size = be32_to_cpu(rcv_hdr->smb2_buf_length);
@@ -1069,8 +1069,8 @@ int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
ctx = ksmbd_crypto_ctx_find_sha512();
if (!ctx) {
- ksmbd_debug(AUTH, "could not alloc sha512 rc %d\n", rc);
- goto out;
+ ksmbd_debug(AUTH, "could not alloc sha512\n");
+ return -ENOMEM;
}
rc = crypto_shash_init(CRYPTO_SHA512(ctx));
@@ -1104,13 +1104,13 @@ int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
__u8 *pi_hash)
{
- int rc = -1;
+ int rc;
struct ksmbd_crypto_ctx *ctx = NULL;
ctx = ksmbd_crypto_ctx_find_sha256();
if (!ctx) {
- ksmbd_debug(AUTH, "could not alloc sha256 rc %d\n", rc);
- goto out;
+ ksmbd_debug(AUTH, "could not alloc sha256\n");
+ return -ENOMEM;
}
rc = crypto_shash_init(CRYPTO_SHA256(ctx));
@@ -1262,7 +1262,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
ctx = ksmbd_crypto_ctx_find_ccm();
if (!ctx) {
ksmbd_err("crypto alloc failed\n");
- return -EINVAL;
+ return -ENOMEM;
}
if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
From patchwork Mon Nov 14 12:49:56 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183184
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:53 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:53 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:52 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 087/308] cifsd: alignment match open parenthesis
Date: Mon, 14 Nov 2022 20:49:56 +0800
Message-ID: <20221114125337.1831594-88-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6543fd4d-a026-4d77-165c-08dac63c5982
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6909241
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 70478059762688d9a975477cf6903cc170901c4c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/704780597626
-------------------------------
Alignment match open parenthesis.
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index cc13d0eedd80..8c80f918c8d7 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -596,7 +596,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
if (cflags & NTLMSSP_NEGOTIATE_SIGN) {
flags |= NTLMSSP_NEGOTIATE_SIGN;
flags |= cflags & (NTLMSSP_NEGOTIATE_128 |
- NTLMSSP_NEGOTIATE_56);
+ NTLMSSP_NEGOTIATE_56);
}
if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
@@ -641,7 +641,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
chgblob->TargetInfoArray.Length = 0;
/* Add target info list for NetBIOS/DNS settings */
for (type = NTLMSSP_AV_NB_COMPUTER_NAME;
- type <= NTLMSSP_AV_DNS_DOMAIN_NAME; type++) {
+ type <= NTLMSSP_AV_DNS_DOMAIN_NAME; type++) {
tinfo->Type = cpu_to_le16(type);
tinfo->Length = cpu_to_le16(len);
memcpy(tinfo->Content, name, len);
From patchwork Mon Nov 14 12:49:57 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183185
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:53 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:53 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:53 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 088/308] cifsd: add the check to prevent potential
overflow with smb_strtoUTF16() and UNICODE_LEN()
Date: Mon, 14 Nov 2022 20:49:57 +0800
Message-ID: <20221114125337.1831594-89-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
da6c2e6d-f770-404d-5bcd-08dac63c59ca
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6959082
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit a2d0b5034a5fff029ec1be08d3264f8407d47602
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a2d0b5034a5f
-------------------------------
Add the check to prevent potential overflow with smb_strtoUTF16() and
UNICODE_LEN().
Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 50 ++++++++++++++++++++++++++++++-------------------
1 file changed, 31 insertions(+), 19 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 8c80f918c8d7..f742870a930b 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -246,7 +246,7 @@ static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
char *dname)
{
- int ret, len;
+ int ret, len, conv_len;
wchar_t *domain = NULL;
__le16 *uniname = NULL;
struct ksmbd_crypto_ctx *ctx;
@@ -279,15 +279,17 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
goto out;
}
- if (len) {
- len = smb_strtoUTF16(uniname, user_name(sess->user), len,
+ conv_len = smb_strtoUTF16(uniname, user_name(sess->user), len,
sess->conn->local_nls);
- UniStrupr(uniname);
+ if (conv_len < 0 || conv_len > len) {
+ ret = -EINVAL;
+ goto out;
}
+ UniStrupr(uniname);
ret = crypto_shash_update(CRYPTO_HMACMD5(ctx),
(char *)uniname,
- UNICODE_LEN(len));
+ UNICODE_LEN(conv_len));
if (ret) {
ksmbd_debug(AUTH, "Could not update with user\n");
goto out;
@@ -301,12 +303,16 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
goto out;
}
- len = smb_strtoUTF16((__le16 *)domain, dname, len,
+ conv_len = smb_strtoUTF16((__le16 *)domain, dname, len,
sess->conn->local_nls);
+ if (conv_len < 0 || conv_len > len) {
+ ret = -EINVAL;
+ goto out;
+ }
ret = crypto_shash_update(CRYPTO_HMACMD5(ctx),
(char *)domain,
- UNICODE_LEN(len));
+ UNICODE_LEN(conv_len));
if (ret) {
ksmbd_debug(AUTH, "Could not update with domain\n");
goto out;
@@ -584,6 +590,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
wchar_t *name;
__u8 *target_name;
unsigned int len, flags, blob_off, blob_len, type, target_info_len = 0;
+ unsigned int uni_len, conv_len;
int cflags = sess->ntlmssp.client_flags;
memcpy(chgblob->Signature, NTLMSSP_SIGNATURE, 8);
@@ -611,19 +618,24 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
chgblob->NegotiateFlags = cpu_to_le32(flags);
len = strlen(ksmbd_netbios_name());
- name = kmalloc(2 + (len * 2), GFP_KERNEL);
+ name = kmalloc(2 + UNICODE_LEN(len), GFP_KERNEL);
if (!name)
return -ENOMEM;
- len = smb_strtoUTF16((__le16 *)name, ksmbd_netbios_name(), len,
+ conv_len = smb_strtoUTF16((__le16 *)name, ksmbd_netbios_name(), len,
sess->conn->local_nls);
- len = UNICODE_LEN(len);
+ if (conv_len < 0 || conv_len > len) {
+ kfree(name);
+ return -EINVAL;
+ }
+
+ uni_len = UNICODE_LEN(conv_len);
blob_off = sizeof(struct challenge_message);
- blob_len = blob_off + len;
+ blob_len = blob_off + uni_len;
- chgblob->TargetName.Length = cpu_to_le16(len);
- chgblob->TargetName.MaximumLength = cpu_to_le16(len);
+ chgblob->TargetName.Length = cpu_to_le16(uni_len);
+ chgblob->TargetName.MaximumLength = cpu_to_le16(uni_len);
chgblob->TargetName.BufferOffset = cpu_to_le32(blob_off);
/* Initialize random conn challenge */
@@ -635,18 +647,18 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
chgblob->TargetInfoArray.BufferOffset = cpu_to_le32(blob_len);
target_name = (__u8 *)chgblob + blob_off;
- memcpy(target_name, name, len);
- tinfo = (struct target_info *)(target_name + len);
+ memcpy(target_name, name, uni_len);
+ tinfo = (struct target_info *)(target_name + uni_len);
chgblob->TargetInfoArray.Length = 0;
/* Add target info list for NetBIOS/DNS settings */
for (type = NTLMSSP_AV_NB_COMPUTER_NAME;
type <= NTLMSSP_AV_DNS_DOMAIN_NAME; type++) {
tinfo->Type = cpu_to_le16(type);
- tinfo->Length = cpu_to_le16(len);
- memcpy(tinfo->Content, name, len);
- tinfo = (struct target_info *)((char *)tinfo + 4 + len);
- target_info_len += 4 + len;
+ tinfo->Length = cpu_to_le16(uni_len);
+ memcpy(tinfo->Content, name, uni_len);
+ tinfo = (struct target_info *)((char *)tinfo + 4 + uni_len);
+ target_info_len += 4 + uni_len;
}
/* Add terminator subblock */
From patchwork Mon Nov 14 12:49:58 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183186
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:54 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:54 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:53 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 089/308] cifsd: braces {} should be used on all
arms of this statement
Date: Mon, 14 Nov 2022 20:49:58 +0800
Message-ID: <20221114125337.1831594-90-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
abd2cc08-1afb-4e9c-144d-08dac63c5a13
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6960865
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit a2d6321b459aee5f2b4380271a79668c24165c56
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a2d6321b459a
-------------------------------
Fix "CHECK: braces {} should be used on all arms of this statement"
from checkpatch.pl --strict.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 8 ++++----
fs/cifsd/vfs.c | 4 ++--
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index 769fa328c020..479a9c1fcbbe 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -160,9 +160,9 @@ static void encode_asn_tag(char *buf,
/* insert tag */
buf[index++] = tag;
- if (!hdr_len)
+ if (!hdr_len) {
buf[index++] = len;
- else {
+ } else {
buf[index++] = 0x80 | hdr_len;
for (i = hdr_len - 1; i >= 0; i--)
buf[index++] = (len >> (i * 8)) & 0xFF;
@@ -172,9 +172,9 @@ static void encode_asn_tag(char *buf,
len = len - (index - *ofs);
buf[index++] = seq;
- if (!hdr_len)
+ if (!hdr_len) {
buf[index++] = len;
- else {
+ } else {
buf[index++] = 0x80 | hdr_len;
for (i = hdr_len - 1; i >= 0; i--)
buf[index++] = (len >> (i * 8)) & 0xFF;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index cdbb844fddad..e1295b72c410 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -212,9 +212,9 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
mode |= S_IFDIR;
err = vfs_mkdir(&init_user_ns, d_inode(path.dentry), dentry, mode);
- if (err)
+ if (err) {
goto out;
- else if (d_unhashed(dentry)) {
+ } else if (d_unhashed(dentry)) {
struct dentry *d;
d = lookup_one_len(dentry->d_name.name,
From patchwork Mon Nov 14 12:49:59 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183187
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:54 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:54 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:53 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 090/308] cifsd: spaces preferred around that '/'
Date: Mon, 14 Nov 2022 20:49:59 +0800
Message-ID: <20221114125337.1831594-91-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
92ac1ff5-30e0-453f-a5be-08dac63c5a5b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6931512
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit c8ed11522b4acbe378687b6388ceffd72e72d736
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c8ed11522b4a
-------------------------------
Fix "CHECK: paces preferred around that '/' from checkpatch.pl --strict.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index 479a9c1fcbbe..846f4e73abbf 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -65,7 +65,7 @@ static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
unsigned long subid;
vlen += 1;
- if (vlen < 2 || vlen > UINT_MAX/sizeof(unsigned long))
+ if (vlen < 2 || vlen > UINT_MAX / sizeof(unsigned long))
return false;
*oid = kmalloc(vlen * sizeof(unsigned long), GFP_KERNEL);
From patchwork Mon Nov 14 12:50:00 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183188
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:55 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:54 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:54 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 091/308] cifsd: don't use multiple blank lines
Date: Mon, 14 Nov 2022 20:50:00 +0800
Message-ID: <20221114125337.1831594-92-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
98b516f1-96f2-46f0-b565-08dac63c5aa5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6984750
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 2f5205c2377c0a3c501a33092c91a45e074bfc04
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2f5205c2377c
-------------------------------
don't use multiple blank lines.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/nterr.h | 2 --
fs/cifsd/smb2pdu.c | 1 -
2 files changed, 3 deletions(-)
diff --git a/fs/cifsd/nterr.h b/fs/cifsd/nterr.h
index a66100e74741..2f358f88a018 100644
--- a/fs/cifsd/nterr.h
+++ b/fs/cifsd/nterr.h
@@ -9,8 +9,6 @@
* Copyright (C) Paul Ashton 1998-2000
*/
-
-
#ifndef _NTERR_H
#define _NTERR_H
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index e5d3a5790a81..c0c0cf600ce7 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2250,7 +2250,6 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work,
return rc;
}
-
static void ksmbd_acls_fattr(struct smb_fattr *fattr, struct inode *inode)
{
fattr->cf_uid = inode->i_uid;
From patchwork Mon Nov 14 12:50:01 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183189
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:55 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:55 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:54 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 092/308] cifsd: No space is necessary after a cast
Date: Mon, 14 Nov 2022 20:50:01 +0800
Message-ID: <20221114125337.1831594-93-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d59663df-2d6d-4f2b-c4ca-08dac63c5aef
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7188527
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 10268f7d5755f42e50e862505e7bac992d284546
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/10268f7d5755
-------------------------------
No space is necessary after a cast.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index c0c0cf600ce7..bdaa69facee5 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -976,7 +976,7 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
break;
ctxt_size = decode_compress_ctxt(conn,
- (struct smb2_compression_ctx *) pneg_ctxt);
+ (struct smb2_compression_ctx *)pneg_ctxt);
pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
} else if (*ContextType == SMB2_NETNAME_NEGOTIATE_CONTEXT_ID) {
ksmbd_debug(SMB,
From patchwork Mon Nov 14 12:50:02 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183190
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:56 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:55 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:55 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 093/308] cifsd: Blank lines aren't necessary after
an open brace '{'
Date: Mon, 14 Nov 2022 20:50:02 +0800
Message-ID: <20221114125337.1831594-94-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
abd7e39e-9841-4828-ae0a-08dac63c5b39
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7071205
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit fe30ea69ff81f99607b0e4002ef9ae12e4694b31
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/fe30ea69ff81
-------------------------------
Blank lines aren't necessary after an open brace '{'.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index bdaa69facee5..16290ad710fa 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2388,7 +2388,6 @@ int smb2_open(struct ksmbd_work *work)
rc = -EINVAL;
goto err_out1;
} else {
-
if (req->CreateOptions & FILE_SEQUENTIAL_ONLY_LE &&
req->CreateOptions & FILE_RANDOM_ACCESS_LE)
req->CreateOptions = ~(FILE_SEQUENTIAL_ONLY_LE);
From patchwork Mon Nov 14 12:50:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183191
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:56 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:56 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:55 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 094/308] cifsd: Alignment should match open
parenthesis
Date: Mon, 14 Nov 2022 20:50:03 +0800
Message-ID: <20221114125337.1831594-95-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
36e2b19a-714c-43cf-3673-08dac63c5b88
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.0745227
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 070fb21e5912b6aa22509083aaca030d1f4e7d57
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/070fb21e5912
-------------------------------
Fix warnings "Alignment should match open parenthesis" from
checkpatch.pl --strict.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 38 +-
fs/cifsd/asn1.h | 18 +-
fs/cifsd/auth.c | 115 +++----
fs/cifsd/auth.h | 57 +--
fs/cifsd/buffer_pool.c | 3 +-
fs/cifsd/buffer_pool.h | 3 -
fs/cifsd/connection.c | 24 +-
fs/cifsd/connection.h | 22 +-
fs/cifsd/crypto_ctx.c | 4 +-
fs/cifsd/crypto_ctx.h | 3 -
fs/cifsd/ksmbd_work.c | 8 +-
fs/cifsd/misc.c | 12 +-
fs/cifsd/misc.h | 9 -
fs/cifsd/ndr.c | 7 +-
fs/cifsd/ndr.h | 3 +-
fs/cifsd/oplock.c | 108 +++---
fs/cifsd/oplock.h | 13 +-
fs/cifsd/server.c | 32 +-
fs/cifsd/smb2misc.c | 42 +--
fs/cifsd/smb2pdu.c | 707 +++++++++++++++++++-------------------
fs/cifsd/smb_common.c | 37 +-
fs/cifsd/smbacl.c | 106 +++---
fs/cifsd/transport_ipc.c | 21 +-
fs/cifsd/transport_ipc.h | 13 +-
fs/cifsd/transport_rdma.c | 358 +++++++++----------
fs/cifsd/transport_tcp.c | 26 +-
fs/cifsd/unicode.c | 17 +-
fs/cifsd/unicode.h | 9 +-
fs/cifsd/vfs.c | 196 ++++++-----
fs/cifsd/vfs.h | 65 ++--
fs/cifsd/vfs_cache.c | 14 +-
fs/cifsd/vfs_cache.h | 2 +-
32 files changed, 1021 insertions(+), 1071 deletions(-)
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index 846f4e73abbf..1be3072fee1a 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -37,7 +37,7 @@ static char NTLMSSP_OID_STR[NTLMSSP_OID_LEN] = { 0x2b, 0x06, 0x01, 0x04, 0x01,
static bool
asn1_subid_decode(const unsigned char **begin, const unsigned char *end,
- unsigned long *subid)
+ unsigned long *subid)
{
const unsigned char *ptr = *begin;
unsigned char ch;
@@ -58,7 +58,7 @@ asn1_subid_decode(const unsigned char **begin, const unsigned char *end,
}
static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
- unsigned long **oid, size_t *oidlen)
+ unsigned long **oid, size_t *oidlen)
{
const unsigned char *iptr = value, *end = value + vlen;
unsigned long *optr;
@@ -106,9 +106,8 @@ static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
return false;
}
-static bool
-oid_eq(unsigned long *oid1, unsigned int oid1len,
- unsigned long *oid2, unsigned int oid2len)
+static bool oid_eq(unsigned long *oid1, unsigned int oid1len,
+ unsigned long *oid2, unsigned int oid2len)
{
if (oid1len != oid2len)
return false;
@@ -118,7 +117,7 @@ oid_eq(unsigned long *oid1, unsigned int oid1len,
int
ksmbd_decode_negTokenInit(unsigned char *security_blob, int length,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
return asn1_ber_decoder(&spnego_negtokeninit_decoder, conn,
security_blob, length);
@@ -126,7 +125,7 @@ ksmbd_decode_negTokenInit(unsigned char *security_blob, int length,
int
ksmbd_decode_negTokenTarg(unsigned char *security_blob, int length,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
return asn1_ber_decoder(&spnego_negtokentarg_decoder, conn,
security_blob, length);
@@ -146,10 +145,7 @@ static int compute_asn_hdr_len_bytes(int len)
return 0;
}
-static void encode_asn_tag(char *buf,
- unsigned int *ofs,
- char tag,
- char seq,
+static void encode_asn_tag(char *buf, unsigned int *ofs, char tag, char seq,
int length)
{
int i;
@@ -184,7 +180,7 @@ static void encode_asn_tag(char *buf,
}
int build_spnego_ntlmssp_neg_blob(unsigned char **pbuffer, u16 *buflen,
- char *ntlm_blob, int ntlm_blob_len)
+ char *ntlm_blob, int ntlm_blob_len)
{
char *buf;
unsigned int ofs = 0;
@@ -225,7 +221,7 @@ int build_spnego_ntlmssp_neg_blob(unsigned char **pbuffer, u16 *buflen,
}
int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer, u16 *buflen,
- int neg_result)
+ int neg_result)
{
char *buf;
unsigned int ofs = 0;
@@ -252,8 +248,8 @@ int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer, u16 *buflen,
return 0;
}
-int gssapi_this_mech(void *context, size_t hdrlen,
- unsigned char tag, const void *value, size_t vlen)
+int gssapi_this_mech(void *context, size_t hdrlen, unsigned char tag,
+ const void *value, size_t vlen)
{
unsigned long *oid;
size_t oidlen;
@@ -277,8 +273,8 @@ int gssapi_this_mech(void *context, size_t hdrlen,
return err;
}
-int neg_token_init_mech_type(void *context, size_t hdrlen,
- unsigned char tag, const void *value, size_t vlen)
+int neg_token_init_mech_type(void *context, size_t hdrlen, unsigned char tag,
+ const void *value, size_t vlen)
{
struct ksmbd_conn *conn = context;
unsigned long *oid;
@@ -314,8 +310,8 @@ int neg_token_init_mech_type(void *context, size_t hdrlen,
return -EBADMSG;
}
-int neg_token_init_mech_token(void *context, size_t hdrlen,
- unsigned char tag, const void *value, size_t vlen)
+int neg_token_init_mech_token(void *context, size_t hdrlen, unsigned char tag,
+ const void *value, size_t vlen)
{
struct ksmbd_conn *conn = context;
@@ -328,8 +324,8 @@ int neg_token_init_mech_token(void *context, size_t hdrlen,
return 0;
}
-int neg_token_targ_resp_token(void *context, size_t hdrlen,
- unsigned char tag, const void *value, size_t vlen)
+int neg_token_targ_resp_token(void *context, size_t hdrlen, unsigned char tag,
+ const void *value, size_t vlen)
{
struct ksmbd_conn *conn = context;
diff --git a/fs/cifsd/asn1.h b/fs/cifsd/asn1.h
index ff2692b502d6..ce105f4ce305 100644
--- a/fs/cifsd/asn1.h
+++ b/fs/cifsd/asn1.h
@@ -10,20 +10,12 @@
#ifndef __ASN1_H__
#define __ASN1_H__
-int ksmbd_decode_negTokenInit(unsigned char *security_blob,
- int length,
+int ksmbd_decode_negTokenInit(unsigned char *security_blob, int length,
struct ksmbd_conn *conn);
-
-int ksmbd_decode_negTokenTarg(unsigned char *security_blob,
- int length,
+int ksmbd_decode_negTokenTarg(unsigned char *security_blob, int length,
struct ksmbd_conn *conn);
-
-int build_spnego_ntlmssp_neg_blob(unsigned char **pbuffer,
- u16 *buflen,
- char *ntlm_blob,
- int ntlm_blob_len);
-
-int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer,
- u16 *buflen,
+int build_spnego_ntlmssp_neg_blob(unsigned char **pbuffer, u16 *buflen,
+ char *ntlm_blob, int ntlm_blob_len);
+int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer, u16 *buflen,
int neg_result);
#endif /* __ASN1_H__ */
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index f742870a930b..9b86cf4fd73f 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -93,8 +93,7 @@ smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
struct des_ctx ctx;
if (fips_enabled) {
- ksmbd_debug(AUTH,
- "FIPS compliance enabled: DES not permitted\n");
+ ksmbd_debug(AUTH, "FIPS compliance enabled: DES not permitted\n");
return -ENOENT;
}
@@ -120,7 +119,7 @@ static int ksmbd_enc_p24(unsigned char *p21, const unsigned char *c8, unsigned c
/* produce a md4 message digest from data of length n bytes */
static int ksmbd_enc_md4(unsigned char *md4_hash, unsigned char *link_str,
- int link_len)
+ int link_len)
{
int rc;
struct ksmbd_crypto_ctx *ctx;
@@ -152,7 +151,7 @@ static int ksmbd_enc_md4(unsigned char *md4_hash, unsigned char *link_str,
}
static int ksmbd_enc_update_sess_key(unsigned char *md5_hash, char *nonce,
- char *server_challenge, int len)
+ char *server_challenge, int len)
{
int rc;
struct ksmbd_crypto_ctx *ctx;
@@ -197,7 +196,7 @@ static int ksmbd_enc_update_sess_key(unsigned char *md5_hash, char *nonce,
*
*/
static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
- char *hmac)
+ char *hmac)
{
struct ksmbd_crypto_ctx *ctx;
int rc;
@@ -226,15 +225,13 @@ static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
hmac,
SMB2_NTLMV2_SESSKEY_SIZE);
if (rc) {
- ksmbd_debug(AUTH, "Could not update with response error %d\n",
- rc);
+ ksmbd_debug(AUTH, "Could not update with response error %d\n", rc);
goto out;
}
rc = crypto_shash_final(CRYPTO_HMACMD5(ctx), sess->sess_key);
if (rc) {
- ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n",
- rc);
+ ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n", rc);
goto out;
}
@@ -244,7 +241,7 @@ static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
}
static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
- char *dname)
+ char *dname)
{
int ret, len, conv_len;
wchar_t *domain = NULL;
@@ -280,7 +277,7 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
}
conv_len = smb_strtoUTF16(uniname, user_name(sess->user), len,
- sess->conn->local_nls);
+ sess->conn->local_nls);
if (conv_len < 0 || conv_len > len) {
ret = -EINVAL;
goto out;
@@ -304,7 +301,7 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
}
conv_len = smb_strtoUTF16((__le16 *)domain, dname, len,
- sess->conn->local_nls);
+ sess->conn->local_nls);
if (conv_len < 0 || conv_len > len) {
ret = -EINVAL;
goto out;
@@ -350,11 +347,10 @@ int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
return rc;
}
- ksmbd_enc_md4(sess->sess_key,
- user_passkey(sess->user),
- CIFS_SMB1_SESSKEY_SIZE);
+ ksmbd_enc_md4(sess->sess_key, user_passkey(sess->user),
+ CIFS_SMB1_SESSKEY_SIZE);
memcpy(sess->sess_key + CIFS_SMB1_SESSKEY_SIZE, key,
- CIFS_AUTH_RESP_SIZE);
+ CIFS_AUTH_RESP_SIZE);
sess->sequence_number = 1;
if (strncmp(pw_buf, key, CIFS_AUTH_RESP_SIZE) != 0) {
@@ -376,7 +372,7 @@ int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
* Return: 0 on success, error number on error
*/
int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
- int blen, char *domain_name)
+ int blen, char *domain_name)
{
char ntlmv2_hash[CIFS_ENCPWD_SIZE];
char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE];
@@ -455,7 +451,7 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
* Return: 0 on success, error number on error
*/
static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce,
- char *ntlm_resp)
+ char *ntlm_resp)
{
char sess_key[CIFS_SMB1_SESSKEY_SIZE] = {0};
int rc;
@@ -494,7 +490,7 @@ static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce,
* Return: 0 on success, error number on error
*/
int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
- int blob_len, struct ksmbd_session *sess)
+ int blob_len, struct ksmbd_session *sess)
{
char *domain_name;
unsigned int lm_off, nt_off;
@@ -503,13 +499,13 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
if (blob_len < sizeof(struct authenticate_message)) {
ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
- blob_len);
+ blob_len);
return -EINVAL;
}
if (memcmp(authblob->Signature, "NTLMSSP", 8)) {
ksmbd_debug(AUTH, "blob signature incorrect %s\n",
- authblob->Signature);
+ authblob->Signature);
return -EINVAL;
}
@@ -538,11 +534,10 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
/* process NTLMv2 authentication */
ksmbd_debug(AUTH, "decode_ntlmssp_authenticate_blob dname%s\n",
- domain_name);
- ret = ksmbd_auth_ntlmv2(sess,
- (struct ntlmv2_resp *)((char *)authblob + nt_off),
- nt_len - CIFS_ENCPWD_SIZE,
- domain_name);
+ domain_name);
+ ret = ksmbd_auth_ntlmv2(sess, (struct ntlmv2_resp *)((char *)authblob + nt_off),
+ nt_len - CIFS_ENCPWD_SIZE,
+ domain_name);
kfree(domain_name);
return ret;
}
@@ -556,17 +551,17 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
*
*/
int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
- int blob_len, struct ksmbd_session *sess)
+ int blob_len, struct ksmbd_session *sess)
{
if (blob_len < sizeof(struct negotiate_message)) {
ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
- blob_len);
+ blob_len);
return -EINVAL;
}
if (memcmp(negblob->Signature, "NTLMSSP", 8)) {
ksmbd_debug(AUTH, "blob signature incorrect %s\n",
- negblob->Signature);
+ negblob->Signature);
return -EINVAL;
}
@@ -584,7 +579,7 @@ int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
*/
unsigned int
ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
- struct ksmbd_session *sess)
+ struct ksmbd_session *sess)
{
struct target_info *tinfo;
wchar_t *name;
@@ -623,7 +618,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
return -ENOMEM;
conv_len = smb_strtoUTF16((__le16 *)name, ksmbd_netbios_name(), len,
- sess->conn->local_nls);
+ sess->conn->local_nls);
if (conv_len < 0 || conv_len > len) {
kfree(name);
return -EINVAL;
@@ -641,7 +636,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
/* Initialize random conn challenge */
get_random_bytes(sess->ntlmssp.cryptkey, sizeof(__u64));
memcpy(chgblob->Challenge, sess->ntlmssp.cryptkey,
- CIFS_CRYPTO_KEY_SIZE);
+ CIFS_CRYPTO_KEY_SIZE);
/* Add Target Information to security buffer */
chgblob->TargetInfoArray.BufferOffset = cpu_to_le32(blob_len);
@@ -676,7 +671,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
#ifdef CONFIG_SMB_SERVER_KERBEROS5
int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
- int in_len, char *out_blob, int *out_len)
+ int in_len, char *out_blob, int *out_len)
{
struct ksmbd_spnego_authen_response *resp;
struct ksmbd_user *user = NULL;
@@ -696,7 +691,7 @@ int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
if (*out_len <= resp->spnego_blob_len) {
ksmbd_debug(AUTH, "buf len %d, but blob len %d\n",
- *out_len, resp->spnego_blob_len);
+ *out_len, resp->spnego_blob_len);
retval = -EINVAL;
goto out;
}
@@ -717,7 +712,7 @@ int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
memcpy(sess->sess_key, resp->payload, resp->session_key_len);
memcpy(out_blob, resp->payload + resp->session_key_len,
- resp->spnego_blob_len);
+ resp->spnego_blob_len);
*out_len = resp->spnego_blob_len;
retval = 0;
out:
@@ -726,7 +721,7 @@ int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
}
#else
int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
- int in_len, char *out_blob, int *out_len)
+ int in_len, char *out_blob, int *out_len)
{
return -EOPNOTSUPP;
}
@@ -742,7 +737,7 @@ int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
*
*/
int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
- int n_vec, char *sig)
+ int n_vec, char *sig)
{
struct ksmbd_crypto_ctx *ctx;
int rc, i;
@@ -793,7 +788,7 @@ int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
*
*/
int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
- int n_vec, char *sig)
+ int n_vec, char *sig)
{
struct ksmbd_crypto_ctx *ctx;
int rc, i;
@@ -841,7 +836,7 @@ struct derivation {
};
static int generate_key(struct ksmbd_session *sess, struct kvec label,
- struct kvec context, __u8 *key, unsigned int key_size)
+ struct kvec context, __u8 *key, unsigned int key_size)
{
unsigned char zero = 0x0;
__u8 i[4] = {0, 0, 0, 1};
@@ -914,7 +909,7 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
rc = crypto_shash_final(CRYPTO_HMACSHA256(ctx), hashptr);
if (rc) {
ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n",
- rc);
+ rc);
goto smb3signkey_ret;
}
@@ -926,7 +921,7 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
}
static int generate_smb3signingkey(struct ksmbd_session *sess,
- const struct derivation *signing)
+ const struct derivation *signing)
{
int rc;
struct channel *chann;
@@ -942,7 +937,7 @@ static int generate_smb3signingkey(struct ksmbd_session *sess,
key = sess->smb3signingkey;
rc = generate_key(sess, signing->label, signing->context, key,
- SMB3_SIGN_KEY_SIZE);
+ SMB3_SIGN_KEY_SIZE);
if (rc)
return rc;
@@ -952,9 +947,9 @@ static int generate_smb3signingkey(struct ksmbd_session *sess,
ksmbd_debug(AUTH, "dumping generated AES signing keys\n");
ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
ksmbd_debug(AUTH, "Session Key %*ph\n",
- SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
+ SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
ksmbd_debug(AUTH, "Signing Key %*ph\n",
- SMB3_SIGN_KEY_SIZE, key);
+ SMB3_SIGN_KEY_SIZE, key);
return 0;
}
@@ -990,19 +985,19 @@ struct derivation_twin {
};
static int generate_smb3encryptionkey(struct ksmbd_session *sess,
- const struct derivation_twin *ptwin)
+ const struct derivation_twin *ptwin)
{
int rc;
rc = generate_key(sess, ptwin->encryption.label,
- ptwin->encryption.context, sess->smb3encryptionkey,
- SMB3_ENC_DEC_KEY_SIZE);
+ ptwin->encryption.context, sess->smb3encryptionkey,
+ SMB3_ENC_DEC_KEY_SIZE);
if (rc)
return rc;
rc = generate_key(sess, ptwin->decryption.label,
- ptwin->decryption.context,
- sess->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE);
+ ptwin->decryption.context,
+ sess->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE);
if (rc)
return rc;
@@ -1010,18 +1005,18 @@ static int generate_smb3encryptionkey(struct ksmbd_session *sess,
ksmbd_debug(AUTH, "Cipher type %d\n", sess->conn->cipher_type);
ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
ksmbd_debug(AUTH, "Session Key %*ph\n",
- SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
+ SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
if (sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) {
ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
- SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3encryptionkey);
+ SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3encryptionkey);
ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
- SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3decryptionkey);
+ SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3decryptionkey);
} else {
ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
- SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3encryptionkey);
+ SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3encryptionkey);
ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
- SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3decryptionkey);
+ SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3decryptionkey);
}
return 0;
}
@@ -1067,7 +1062,7 @@ int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess)
}
int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
- __u8 *pi_hash)
+ __u8 *pi_hash)
{
int rc;
struct smb2_hdr *rcv_hdr = (struct smb2_hdr *)buf;
@@ -1114,7 +1109,7 @@ int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
}
int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
- __u8 *pi_hash)
+ __u8 *pi_hash)
{
int rc;
struct ksmbd_crypto_ctx *ctx = NULL;
@@ -1148,7 +1143,7 @@ int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
}
static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,
- int enc, u8 *key)
+ int enc, u8 *key)
{
struct ksmbd_session *sess;
u8 *ses_enc_key;
@@ -1165,7 +1160,7 @@ static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,
}
static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf,
- unsigned int buflen)
+ unsigned int buflen)
{
void *addr;
@@ -1177,7 +1172,7 @@ static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf,
}
static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
- u8 *sign)
+ u8 *sign)
{
struct scatterlist *sg;
unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
@@ -1242,7 +1237,7 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
}
int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
- unsigned int nvec, int enc)
+ unsigned int nvec, int enc)
{
struct smb2_transform_hdr *tr_hdr =
(struct smb2_transform_hdr *)iov[0].iov_base;
diff --git a/fs/cifsd/auth.h b/fs/cifsd/auth.h
index 6fcfad5e7e1f..650bd7dd6750 100644
--- a/fs/cifsd/auth.h
+++ b/fs/cifsd/auth.h
@@ -35,56 +35,31 @@ struct ksmbd_session;
struct ksmbd_conn;
struct kvec;
-int ksmbd_crypt_message(struct ksmbd_conn *conn,
- struct kvec *iov,
- unsigned int nvec,
- int enc);
-
+int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
+ unsigned int nvec, int enc);
void ksmbd_copy_gss_neg_header(void *buf);
-
-int ksmbd_auth_ntlm(struct ksmbd_session *sess,
- char *pw_buf);
-
-int ksmbd_auth_ntlmv2(struct ksmbd_session *sess,
- struct ntlmv2_resp *ntlmv2,
- int blen,
- char *domain_name);
-
+int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf);
+int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
+ int blen, char *domain_name);
int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
- int blob_len,
- struct ksmbd_session *sess);
-
+ int blob_len, struct ksmbd_session *sess);
int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
- int blob_len,
- struct ksmbd_session *sess);
-
+ int blob_len, struct ksmbd_session *sess);
unsigned int
ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
- struct ksmbd_session *sess);
-
-int ksmbd_krb5_authenticate(struct ksmbd_session *sess,
- char *in_blob, int in_len,
- char *out_blob, int *out_len);
-
-int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn,
- char *key,
- struct kvec *iov,
- int n_vec,
- char *sig);
-int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn,
- char *key,
- struct kvec *iov,
- int n_vec,
- char *sig);
-
+ struct ksmbd_session *sess);
+int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
+ int in_len, char *out_blob, int *out_len);
+int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
+ int n_vec, char *sig);
+int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
+ int n_vec, char *sig);
int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess);
int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess);
int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess);
int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess);
-
-int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn,
- char *buf,
+int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
__u8 *pi_hash);
int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
- __u8 *pi_hash);
+ __u8 *pi_hash);
#endif
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
index 1ee1feef1bb4..ea7d2d1a056a 100644
--- a/fs/cifsd/buffer_pool.c
+++ b/fs/cifsd/buffer_pool.c
@@ -251,7 +251,8 @@ int ksmbd_init_buffer_pools(void)
goto out;
filp_cache = kmem_cache_create("ksmbd_file_cache",
- sizeof(struct ksmbd_file), 0, SLAB_HWCACHE_ALIGN, NULL);
+ sizeof(struct ksmbd_file), 0,
+ SLAB_HWCACHE_ALIGN, NULL);
if (!filp_cache)
goto out;
diff --git a/fs/cifsd/buffer_pool.h b/fs/cifsd/buffer_pool.h
index f7157144a92f..088aa07ba09b 100644
--- a/fs/cifsd/buffer_pool.h
+++ b/fs/cifsd/buffer_pool.h
@@ -8,12 +8,9 @@
void *ksmbd_find_buffer(size_t size);
void ksmbd_release_buffer(void *buffer);
-
void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz);
-
void ksmbd_free_file_struct(void *filp);
void *ksmbd_alloc_file_struct(void);
-
void ksmbd_destroy_buffer_pools(void);
int ksmbd_init_buffer_pools(void);
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
index 4785dd59fcc5..06c42309be72 100644
--- a/fs/cifsd/connection.c
+++ b/fs/cifsd/connection.c
@@ -201,30 +201,30 @@ int ksmbd_conn_write(struct ksmbd_work *work)
}
int ksmbd_conn_rdma_read(struct ksmbd_conn *conn, void *buf,
- unsigned int buflen, u32 remote_key, u64 remote_offset,
- u32 remote_len)
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len)
{
int ret = -EINVAL;
if (conn->transport->ops->rdma_read)
ret = conn->transport->ops->rdma_read(conn->transport,
- buf, buflen,
- remote_key, remote_offset,
- remote_len);
+ buf, buflen,
+ remote_key, remote_offset,
+ remote_len);
return ret;
}
int ksmbd_conn_rdma_write(struct ksmbd_conn *conn, void *buf,
- unsigned int buflen, u32 remote_key, u64 remote_offset,
- u32 remote_len)
+ unsigned int buflen, u32 remote_key,
+ u64 remote_offset, u32 remote_len)
{
int ret = -EINVAL;
if (conn->transport->ops->rdma_write)
ret = conn->transport->ops->rdma_write(conn->transport,
- buf, buflen,
- remote_key, remote_offset,
- remote_len);
+ buf, buflen,
+ remote_key, remote_offset,
+ remote_len);
return ret;
}
@@ -250,7 +250,7 @@ bool ksmbd_conn_alive(struct ksmbd_conn *conn)
if (server_conf.deadtime > 0 &&
time_after(jiffies, conn->last_active + server_conf.deadtime)) {
ksmbd_debug(CONN, "No response from client in %lu minutes\n",
- server_conf.deadtime / SMB_ECHO_INTERVAL);
+ server_conf.deadtime / SMB_ECHO_INTERVAL);
return false;
}
return true;
@@ -390,7 +390,7 @@ static void stop_sessions(void)
task = conn->transport->handler;
if (task)
ksmbd_debug(CONN, "Stop session handler %s/%d\n",
- task->comm, task_pid_nr(task));
+ task->comm, task_pid_nr(task));
conn->status = KSMBD_SESS_EXITING;
}
read_unlock(&conn_list_lock);
diff --git a/fs/cifsd/connection.h b/fs/cifsd/connection.h
index 00ede7a67199..1658442b27b0 100644
--- a/fs/cifsd/connection.h
+++ b/fs/cifsd/connection.h
@@ -118,13 +118,13 @@ struct ksmbd_transport_ops {
void (*disconnect)(struct ksmbd_transport *t);
int (*read)(struct ksmbd_transport *t, char *buf, unsigned int size);
int (*writev)(struct ksmbd_transport *t, struct kvec *iovs, int niov,
- int size, bool need_invalidate_rkey,
- unsigned int remote_key);
+ int size, bool need_invalidate_rkey,
+ unsigned int remote_key);
int (*rdma_read)(struct ksmbd_transport *t, void *buf, unsigned int len,
- u32 remote_key, u64 remote_offset, u32 remote_len);
+ u32 remote_key, u64 remote_offset, u32 remote_len);
int (*rdma_write)(struct ksmbd_transport *t, void *buf,
- unsigned int len, u32 remote_key, u64 remote_offset,
- u32 remote_len);
+ unsigned int len, u32 remote_key, u64 remote_offset,
+ u32 remote_len);
};
struct ksmbd_transport {
@@ -139,24 +139,20 @@ struct ksmbd_transport {
bool ksmbd_conn_alive(struct ksmbd_conn *conn);
void ksmbd_conn_wait_idle(struct ksmbd_conn *conn);
-
struct ksmbd_conn *ksmbd_conn_alloc(void);
void ksmbd_conn_free(struct ksmbd_conn *conn);
bool ksmbd_conn_lookup_dialect(struct ksmbd_conn *c);
int ksmbd_conn_write(struct ksmbd_work *work);
int ksmbd_conn_rdma_read(struct ksmbd_conn *conn, void *buf,
- unsigned int buflen, u32 remote_key, u64 remote_offset,
- u32 remote_len);
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len);
int ksmbd_conn_rdma_write(struct ksmbd_conn *conn, void *buf,
- unsigned int buflen, u32 remote_key, u64 remote_offset,
- u32 remote_len);
-
+ unsigned int buflen, u32 remote_key, u64 remote_offset,
+ u32 remote_len);
void ksmbd_conn_enqueue_request(struct ksmbd_work *work);
int ksmbd_conn_try_dequeue_request(struct ksmbd_work *work);
void ksmbd_conn_init_server_callbacks(struct ksmbd_conn_ops *ops);
-
int ksmbd_conn_handler_loop(void *p);
-
int ksmbd_conn_transport_init(void);
void ksmbd_conn_transport_destroy(void);
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index 9685bf963702..cfea4c4db30f 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -123,8 +123,8 @@ static struct ksmbd_crypto_ctx *ksmbd_find_crypto_ctx(void)
spin_lock(&ctx_list.ctx_lock);
if (!list_empty(&ctx_list.idle_ctx)) {
ctx = list_entry(ctx_list.idle_ctx.next,
- struct ksmbd_crypto_ctx,
- list);
+ struct ksmbd_crypto_ctx,
+ list);
list_del(&ctx->list);
spin_unlock(&ctx_list.ctx_lock);
return ctx;
diff --git a/fs/cifsd/crypto_ctx.h b/fs/cifsd/crypto_ctx.h
index b0d3cd650485..ef11154b43df 100644
--- a/fs/cifsd/crypto_ctx.h
+++ b/fs/cifsd/crypto_ctx.h
@@ -59,7 +59,6 @@ struct ksmbd_crypto_ctx {
#define CRYPTO_CCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES_CCM])
void ksmbd_release_crypto_ctx(struct ksmbd_crypto_ctx *ctx);
-
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_hmacmd5(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_hmacsha256(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_cmacaes(void);
@@ -67,10 +66,8 @@ struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha512(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha256(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md4(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md5(void);
-
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_gcm(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_ccm(void);
-
void ksmbd_crypto_destroy(void);
int ksmbd_crypto_create(void);
diff --git a/fs/cifsd/ksmbd_work.c b/fs/cifsd/ksmbd_work.c
index eb8c8a34acab..f284a2a803d6 100644
--- a/fs/cifsd/ksmbd_work.c
+++ b/fs/cifsd/ksmbd_work.c
@@ -39,13 +39,13 @@ void ksmbd_free_work_struct(struct ksmbd_work *work)
{
WARN_ON(work->saved_cred != NULL);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_TBUF &&
- work->set_trans_buf)
+ work->set_trans_buf)
ksmbd_release_buffer(work->response_buf);
else
kvfree(work->response_buf);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF &&
- work->set_read_buf)
+ work->set_read_buf)
ksmbd_release_buffer(work->aux_payload_buf);
else
kvfree(work->aux_payload_buf);
@@ -65,8 +65,8 @@ void ksmbd_work_pool_destroy(void)
int ksmbd_work_pool_init(void)
{
work_cache = kmem_cache_create("ksmbd_work_cache",
- sizeof(struct ksmbd_work), 0,
- SLAB_HWCACHE_ALIGN, NULL);
+ sizeof(struct ksmbd_work), 0,
+ SLAB_HWCACHE_ALIGN, NULL);
if (!work_cache)
return -ENOMEM;
return 0;
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
index 7fa6649fadfd..1c6ed20f4a18 100644
--- a/fs/cifsd/misc.c
+++ b/fs/cifsd/misc.c
@@ -135,7 +135,7 @@ int parse_stream_name(char *filename, char **stream_name, int *s_type)
}
ksmbd_debug(SMB, "stream name : %s, stream type : %s\n", s_name,
- stream_type);
+ stream_type);
if (!strncasecmp("$data", stream_type, 5))
*s_type = DATA_STREAM;
else if (!strncasecmp("$index_allocation", stream_type, 17))
@@ -267,7 +267,8 @@ char *convert_to_unix_name(struct ksmbd_share_config *share, char *name)
}
char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
- const struct nls_table *local_nls, int *conv_len)
+ const struct nls_table *local_nls,
+ int *conv_len)
{
char *conv;
int sz = min(4 * d_info->name_len, PATH_MAX);
@@ -280,11 +281,8 @@ char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
return NULL;
/* XXX */
- *conv_len = smbConvertToUTF16((__le16 *)conv,
- d_info->name,
- d_info->name_len,
- local_nls,
- 0);
+ *conv_len = smbConvertToUTF16((__le16 *)conv, d_info->name,
+ d_info->name_len, local_nls, 0);
*conv_len *= 2;
/* We allocate buffer twice bigger than needed. */
diff --git a/fs/cifsd/misc.h b/fs/cifsd/misc.h
index e4bd02a8d45f..af8717d4d85b 100644
--- a/fs/cifsd/misc.h
+++ b/fs/cifsd/misc.h
@@ -12,32 +12,23 @@ struct kstat;
struct ksmbd_file;
int match_pattern(const char *str, size_t len, const char *pattern);
-
int ksmbd_validate_filename(char *filename);
-
int parse_stream_name(char *filename, char **stream_name, int *s_type);
-
char *convert_to_nt_pathname(char *filename, char *sharepath);
-
int get_nlink(struct kstat *st);
-
void ksmbd_conv_path_to_unix(char *path);
void ksmbd_strip_last_slash(char *path);
void ksmbd_conv_path_to_windows(char *path);
-
char *ksmbd_extract_sharename(char *treename);
-
char *convert_to_unix_name(struct ksmbd_share_config *share, char *name);
#define KSMBD_DIR_INFO_ALIGNMENT 8
-
struct ksmbd_dir_info;
char *ksmbd_convert_dir_info_name(struct ksmbd_dir_info *d_info,
const struct nls_table *local_nls,
int *conv_len);
#define NTFS_TIME_OFFSET ((u64)(369 * 365 + 89) * 24 * 3600 * 10000000)
-
struct timespec64 ksmbd_NTtimeToUnix(__le64 ntutc);
u64 ksmbd_UnixTimeToNT(struct timespec64 t);
long long ksmbd_systime(void);
diff --git a/fs/cifsd/ndr.c b/fs/cifsd/ndr.c
index 1838fc2b1d7c..14189832c65e 100644
--- a/fs/cifsd/ndr.c
+++ b/fs/cifsd/ndr.c
@@ -185,7 +185,7 @@ int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
version2 = ndr_read_int32(n);
if (da->version != version2) {
ksmbd_err("ndr version mismatched(version: %d, version2: %d)\n",
- da->version, version2);
+ da->version, version2);
return -EINVAL;
}
@@ -235,7 +235,8 @@ static int ndr_encode_posix_acl_entry(struct ndr *n, struct xattr_smb_acl *acl)
}
int ndr_encode_posix_acl(struct ndr *n, struct inode *inode,
- struct xattr_smb_acl *acl, struct xattr_smb_acl *def_acl)
+ struct xattr_smb_acl *acl,
+ struct xattr_smb_acl *def_acl)
{
int ref_id = 0x00020000;
@@ -315,7 +316,7 @@ int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)
version2 = ndr_read_int32(n);
if (acl->version != version2) {
ksmbd_err("ndr version mismatched(version: %d, version2: %d)\n",
- acl->version, version2);
+ acl->version, version2);
return -EINVAL;
}
diff --git a/fs/cifsd/ndr.h b/fs/cifsd/ndr.h
index a9db968b78ac..77b2d1ac93a0 100644
--- a/fs/cifsd/ndr.h
+++ b/fs/cifsd/ndr.h
@@ -15,7 +15,8 @@ struct ndr {
int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da);
int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da);
int ndr_encode_posix_acl(struct ndr *n, struct inode *inode,
- struct xattr_smb_acl *acl, struct xattr_smb_acl *def_acl);
+ struct xattr_smb_acl *acl,
+ struct xattr_smb_acl *def_acl);
int ndr_encode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl);
int ndr_encode_v3_ntacl(struct ndr *n, struct xattr_ntacl *acl);
int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl);
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index e77f1385a8c1..56c68e9cb7ff 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -29,7 +29,7 @@ static DEFINE_RWLOCK(lease_list_lock);
* Return: allocated opinfo object on success, otherwise NULL
*/
static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
- u64 id, __u16 Tid)
+ u64 id, __u16 Tid)
{
struct ksmbd_session *sess = work->sess;
struct oplock_info *opinfo;
@@ -153,7 +153,7 @@ static struct oplock_info *opinfo_get_list(struct ksmbd_inode *ci)
rcu_read_lock();
opinfo = list_first_or_null_rcu(&ci->m_op_list, struct oplock_info,
- op_entry);
+ op_entry);
if (opinfo && !atomic_inc_not_zero(&opinfo->refcount))
opinfo = NULL;
rcu_read_unlock();
@@ -269,8 +269,7 @@ int opinfo_write_to_none(struct oplock_info *opinfo)
opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
if (opinfo->is_lease)
- ksmbd_err("lease state(0x%x)\n",
- lease->state);
+ ksmbd_err("lease state(0x%x)\n", lease->state);
return -EINVAL;
}
opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
@@ -312,8 +311,7 @@ int lease_read_to_write(struct oplock_info *opinfo)
struct lease *lease = opinfo->o_lease;
if (!(lease->state & SMB2_LEASE_READ_CACHING_LE)) {
- ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n",
- lease->state);
+ ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state);
return -EINVAL;
}
@@ -338,8 +336,7 @@ static int lease_none_upgrade(struct oplock_info *opinfo, __le32 new_state)
struct lease *lease = opinfo->o_lease;
if (!(lease->state == SMB2_LEASE_NONE_LE)) {
- ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n",
- lease->state);
+ ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state);
return -EINVAL;
}
@@ -399,7 +396,7 @@ void close_id_del_oplock(struct ksmbd_file *fp)
* Return: 0
*/
static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
struct lease *lease = opinfo_new->o_lease;
@@ -410,8 +407,7 @@ static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
if (lctx) {
lease->state = lctx->req_state;
- memcpy(lease->lease_key, lctx->lease_key,
- SMB2_LEASE_KEY_SIZE);
+ memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
}
}
@@ -423,7 +419,7 @@ static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
* Return: 0
*/
static void grant_read_oplock(struct oplock_info *opinfo_new,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
struct lease *lease = opinfo_new->o_lease;
@@ -433,8 +429,7 @@ static void grant_read_oplock(struct oplock_info *opinfo_new,
lease->state = SMB2_LEASE_READ_CACHING_LE;
if (lctx->req_state & SMB2_LEASE_HANDLE_CACHING_LE)
lease->state |= SMB2_LEASE_HANDLE_CACHING_LE;
- memcpy(lease->lease_key, lctx->lease_key,
- SMB2_LEASE_KEY_SIZE);
+ memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
}
}
@@ -446,7 +441,7 @@ static void grant_read_oplock(struct oplock_info *opinfo_new,
* Return: 0
*/
static void grant_none_oplock(struct oplock_info *opinfo_new,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
struct lease *lease = opinfo_new->o_lease;
@@ -454,13 +449,12 @@ static void grant_none_oplock(struct oplock_info *opinfo_new,
if (lctx) {
lease->state = 0;
- memcpy(lease->lease_key, lctx->lease_key,
- SMB2_LEASE_KEY_SIZE);
+ memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
}
}
static inline int compare_guid_key(struct oplock_info *opinfo,
- const char *guid1, const char *key1)
+ const char *guid1, const char *key1)
{
const char *guid2, *key2;
@@ -483,7 +477,8 @@ static inline int compare_guid_key(struct oplock_info *opinfo,
* Return: oplock(lease) object on success, otherwise NULL
*/
static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci,
- char *client_guid, struct lease_ctx_info *lctx)
+ char *client_guid,
+ struct lease_ctx_info *lctx)
{
int ret;
struct lease *lease;
@@ -517,7 +512,7 @@ static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci,
if ((atomic_read(&ci->op_count) +
atomic_read(&ci->sop_count)) == 1) {
if (lease->state ==
- (lctx->req_state & lease->state)) {
+ (lctx->req_state & lease->state)) {
lease->state |= lctx->req_state;
if (lctx->req_state &
SMB2_LEASE_WRITE_CACHING_LE)
@@ -526,13 +521,13 @@ static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci,
} else if ((atomic_read(&ci->op_count) +
atomic_read(&ci->sop_count)) > 1) {
if (lctx->req_state ==
- (SMB2_LEASE_READ_CACHING_LE |
- SMB2_LEASE_HANDLE_CACHING_LE))
+ (SMB2_LEASE_READ_CACHING_LE |
+ SMB2_LEASE_HANDLE_CACHING_LE))
lease->state = lctx->req_state;
}
if (lctx->req_state && lease->state ==
- SMB2_LEASE_NONE_LE)
+ SMB2_LEASE_NONE_LE)
lease_none_upgrade(opinfo, lctx->req_state);
}
read_lock(&ci->m_lock);
@@ -547,9 +542,9 @@ static void wait_for_break_ack(struct oplock_info *opinfo)
int rc = 0;
rc = wait_event_interruptible_timeout(opinfo->oplock_q,
- opinfo->op_state == OPLOCK_STATE_NONE ||
- opinfo->op_state == OPLOCK_CLOSING,
- OPLOCK_WAIT_TIME);
+ opinfo->op_state == OPLOCK_STATE_NONE ||
+ opinfo->op_state == OPLOCK_CLOSING,
+ OPLOCK_WAIT_TIME);
/* is this a timeout ? */
if (!rc) {
@@ -664,8 +659,8 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
inc_rfc1001_len(rsp, 24);
ksmbd_debug(OPLOCK,
- "sending oplock break v_id %llu p_id = %llu lock level = %d\n",
- rsp->VolatileFid, rsp->PersistentFid, rsp->OplockLevel);
+ "sending oplock break v_id %llu p_id = %llu lock level = %d\n",
+ rsp->VolatileFid, rsp->PersistentFid, rsp->OplockLevel);
ksmbd_fd_put(work, fp);
ksmbd_conn_write(work);
@@ -815,7 +810,7 @@ static int smb2_lease_break_noti(struct oplock_info *opinfo)
struct ksmbd_work *in_work;
in_work = list_entry(tmp, struct ksmbd_work,
- interim_entry);
+ interim_entry);
setup_async_work(in_work, NULL, NULL);
smb2_send_interim_resp(in_work, STATUS_PENDING);
list_del(&in_work->interim_entry);
@@ -843,7 +838,8 @@ static void wait_lease_breaking(struct oplock_info *opinfo)
int ret = 0;
ret = wait_event_interruptible_timeout(opinfo->oplock_brk,
- atomic_read(&opinfo->breaking_cnt) == 0, HZ);
+ atomic_read(&opinfo->breaking_cnt) == 0,
+ HZ);
if (!ret)
atomic_set(&opinfo->breaking_cnt, 0);
}
@@ -855,8 +851,8 @@ static int oplock_break(struct oplock_info *brk_opinfo, int req_op_level)
/* Need to break exclusive/batch oplock, write lease or overwrite_if */
ksmbd_debug(OPLOCK,
- "request to send oplock(level : 0x%x) break notification\n",
- brk_opinfo->level);
+ "request to send oplock(level : 0x%x) break notification\n",
+ brk_opinfo->level);
if (brk_opinfo->is_lease) {
struct lease *lease = brk_opinfo->o_lease;
@@ -939,7 +935,7 @@ void destroy_lease_table(struct ksmbd_conn *conn)
again:
rcu_read_lock();
list_for_each_entry_rcu(opinfo, &lb->lease_list,
- lease_entry) {
+ lease_entry) {
rcu_read_unlock();
lease_del_list(opinfo);
goto again;
@@ -952,7 +948,7 @@ void destroy_lease_table(struct ksmbd_conn *conn)
}
int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
struct oplock_info *opinfo;
int err = 0;
@@ -978,20 +974,18 @@ int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
found:
rcu_read_lock();
- list_for_each_entry_rcu(opinfo, &lb->lease_list,
- lease_entry) {
+ list_for_each_entry_rcu(opinfo, &lb->lease_list, lease_entry) {
if (!atomic_inc_not_zero(&opinfo->refcount))
continue;
rcu_read_unlock();
if (opinfo->o_fp->f_ci == ci)
goto op_next;
- err = compare_guid_key(opinfo,
- sess->conn->ClientGUID,
- lctx->lease_key);
+ err = compare_guid_key(opinfo, sess->conn->ClientGUID,
+ lctx->lease_key);
if (err) {
err = -EINVAL;
ksmbd_debug(OPLOCK,
- "found same lease key is already used in other files\n");
+ "found same lease key is already used in other files\n");
opinfo_put(opinfo);
goto out;
}
@@ -1014,7 +1008,7 @@ static void copy_lease(struct oplock_info *op1, struct oplock_info *op2)
op2->level = op1->level;
lease2->state = lease1->state;
memcpy(lease2->lease_key, lease1->lease_key,
- SMB2_LEASE_KEY_SIZE);
+ SMB2_LEASE_KEY_SIZE);
lease2->duration = lease1->duration;
lease2->flags = lease1->flags;
}
@@ -1040,7 +1034,7 @@ static int add_lease_global_list(struct oplock_info *opinfo)
return -ENOMEM;
memcpy(lb->client_guid, opinfo->conn->ClientGUID,
- SMB2_CLIENT_GUID_SIZE);
+ SMB2_CLIENT_GUID_SIZE);
INIT_LIST_HEAD(&lb->lease_list);
spin_lock_init(&lb->lb_lock);
opinfo->o_lease->l_lb = lb;
@@ -1050,7 +1044,7 @@ static int add_lease_global_list(struct oplock_info *opinfo)
}
static void set_oplock_level(struct oplock_info *opinfo, int level,
- struct lease_ctx_info *lctx)
+ struct lease_ctx_info *lctx)
{
switch (level) {
case SMB2_OPLOCK_LEVEL_BATCH:
@@ -1079,8 +1073,8 @@ static void set_oplock_level(struct oplock_info *opinfo, int level,
* Return: 0 on success, otherwise error
*/
int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
- struct ksmbd_file *fp, __u16 tid, struct lease_ctx_info *lctx,
- int share_ret)
+ struct ksmbd_file *fp, __u16 tid,
+ struct lease_ctx_info *lctx, int share_ret)
{
struct ksmbd_session *sess = work->sess;
int err = 0;
@@ -1122,7 +1116,7 @@ int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
/* is lease already granted ? */
m_opinfo = same_client_has_lease(ci, sess->conn->ClientGUID,
- lctx);
+ lctx);
if (m_opinfo) {
copy_lease(m_opinfo, opinfo);
if (atomic_read(&m_opinfo->breaking_cnt))
@@ -1208,7 +1202,7 @@ int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
* @is_trunc: truncate on open
*/
static void smb_break_all_write_oplock(struct ksmbd_work *work,
- struct ksmbd_file *fp, int is_trunc)
+ struct ksmbd_file *fp, int is_trunc)
{
struct oplock_info *brk_opinfo;
@@ -1235,7 +1229,7 @@ static void smb_break_all_write_oplock(struct ksmbd_work *work,
* @is_trunc: truncate on open
*/
void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp,
- int is_trunc)
+ int is_trunc)
{
struct oplock_info *op, *brk_op;
struct ksmbd_inode *ci;
@@ -1257,18 +1251,18 @@ void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp,
(~(SMB2_LEASE_READ_CACHING_LE |
SMB2_LEASE_HANDLE_CACHING_LE)))) {
ksmbd_debug(OPLOCK, "unexpected lease state(0x%x)\n",
- brk_op->o_lease->state);
+ brk_op->o_lease->state);
goto next;
} else if (brk_op->level !=
SMB2_OPLOCK_LEVEL_II) {
ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n",
- brk_op->level);
+ brk_op->level);
goto next;
}
/* Skip oplock being break to none */
- if (brk_op->is_lease && (brk_op->o_lease->new_state ==
- SMB2_LEASE_NONE_LE) &&
+ if (brk_op->is_lease &&
+ (brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE) &&
atomic_read(&brk_op->breaking_cnt))
goto next;
@@ -1573,9 +1567,9 @@ void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
buf->reparse_tag = cpu_to_le32(fp->volatile_id);
buf->mode = cpu_to_le32(inode->i_mode);
id_to_sid(from_kuid(&init_user_ns, inode->i_uid),
- SIDNFS_USER, (struct smb_sid *)&buf->SidBuffer[0]);
+ SIDNFS_USER, (struct smb_sid *)&buf->SidBuffer[0]);
id_to_sid(from_kgid(&init_user_ns, inode->i_gid),
- SIDNFS_GROUP, (struct smb_sid *)&buf->SidBuffer[20]);
+ SIDNFS_GROUP, (struct smb_sid *)&buf->SidBuffer[20]);
}
/*
@@ -1590,7 +1584,7 @@ void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
* Return: opinfo if found matching opinfo, otherwise NULL
*/
struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
- char *lease_key)
+ char *lease_key)
{
struct oplock_info *opinfo = NULL, *ret_op = NULL;
struct lease_table *lt;
@@ -1619,7 +1613,7 @@ struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
SMB2_LEASE_WRITE_CACHING_LE)))
goto op_next;
ret = compare_guid_key(opinfo, conn->ClientGUID,
- lease_key);
+ lease_key);
if (ret) {
ksmbd_debug(OPLOCK, "found opinfo\n");
ret_op = opinfo;
@@ -1637,7 +1631,7 @@ struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
}
int smb2_check_durable_oplock(struct ksmbd_file *fp,
- struct lease_ctx_info *lctx, char *name)
+ struct lease_ctx_info *lctx, char *name)
{
struct oplock_info *opinfo = opinfo_get(fp);
int ret = 0;
diff --git a/fs/cifsd/oplock.h b/fs/cifsd/oplock.h
index f8b4b486eb93..0abd26123f6d 100644
--- a/fs/cifsd/oplock.h
+++ b/fs/cifsd/oplock.h
@@ -96,11 +96,10 @@ struct oplock_break_info {
};
int smb_grant_oplock(struct ksmbd_work *work, int req_op_level,
- u64 pid, struct ksmbd_file *fp, __u16 tid,
- struct lease_ctx_info *lctx, int share_ret);
+ u64 pid, struct ksmbd_file *fp, __u16 tid,
+ struct lease_ctx_info *lctx, int share_ret);
void smb_break_all_levII_oplock(struct ksmbd_work *work,
- struct ksmbd_file *fp, int is_trunc);
-
+ struct ksmbd_file *fp, int is_trunc);
int opinfo_write_to_read(struct oplock_info *opinfo);
int opinfo_read_handle_to_read(struct oplock_info *opinfo);
int opinfo_write_to_none(struct oplock_info *opinfo);
@@ -124,10 +123,10 @@ void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id);
void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp);
struct create_context *smb2_find_context_vals(void *open_req, const char *str);
struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
- char *lease_key);
+ char *lease_key);
int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
- struct lease_ctx_info *lctx);
+ struct lease_ctx_info *lctx);
void destroy_lease_table(struct ksmbd_conn *conn);
int smb2_check_durable_oplock(struct ksmbd_file *fp,
- struct lease_ctx_info *lctx, char *name);
+ struct lease_ctx_info *lctx, char *name);
#endif /* __KSMBD_OPLOCK_H */
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index 4aff89ce1464..87838f76a348 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -106,7 +106,7 @@ static inline int check_conn_state(struct ksmbd_work *work)
#define TCP_HANDLER_ABORT 1
static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
- uint16_t *cmd)
+ uint16_t *cmd)
{
struct smb_version_cmds *cmds;
uint16_t command;
@@ -159,7 +159,7 @@ static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
}
static void __handle_ksmbd_work(struct ksmbd_work *work,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
u16 command = 0;
int rc;
@@ -222,8 +222,8 @@ static void __handle_ksmbd_work(struct ksmbd_work *work,
}
}
- if (work->sess && (work->sess->sign ||
- smb3_11_final_sess_setup_resp(work) ||
+ if (work->sess &&
+ (work->sess->sign || smb3_11_final_sess_setup_resp(work) ||
conn->ops->is_sign_req(work, command)))
conn->ops->set_sign_rsp(work);
} while (is_chained_smb2_message(work));
@@ -416,7 +416,7 @@ int server_queue_ctrl_reset_work(void)
}
static ssize_t stats_show(struct class *class, struct class_attribute *attr,
- char *buf)
+ char *buf)
{
/*
* Inc this each time you change stats output format,
@@ -430,19 +430,15 @@ static ssize_t stats_show(struct class *class, struct class_attribute *attr,
"shutdown"
};
- ssize_t sz = scnprintf(buf,
- PAGE_SIZE,
- "%d %s %d %lu\n",
- stats_version,
- state[server_conf.state],
- server_conf.tcp_port,
- server_conf.ipc_last_active / HZ);
+ ssize_t sz = scnprintf(buf, PAGE_SIZE, "%d %s %d %lu\n", stats_version,
+ state[server_conf.state], server_conf.tcp_port,
+ server_conf.ipc_last_active / HZ);
return sz;
}
static ssize_t kill_server_store(struct class *class,
- struct class_attribute *attr, const char *buf,
- size_t len)
+ struct class_attribute *attr, const char *buf,
+ size_t len)
{
if (!sysfs_streq(buf, "hard"))
return len;
@@ -458,11 +454,11 @@ static ssize_t kill_server_store(struct class *class,
}
static const char * const debug_type_strings[] = {"smb", "auth", "vfs",
- "oplock", "ipc", "conn",
- "rdma"};
+ "oplock", "ipc", "conn",
+ "rdma"};
static ssize_t debug_show(struct class *class, struct class_attribute *attr,
- char *buf)
+ char *buf)
{
ssize_t sz = 0;
int i, pos = 0;
@@ -486,7 +482,7 @@ static ssize_t debug_show(struct class *class, struct class_attribute *attr,
}
static ssize_t debug_store(struct class *class, struct class_attribute *attr,
- const char *buf, size_t len)
+ const char *buf, size_t len)
{
int i;
diff --git a/fs/cifsd/smb2misc.c b/fs/cifsd/smb2misc.c
index 5a50c4ec43f2..c4b870dbf683 100644
--- a/fs/cifsd/smb2misc.c
+++ b/fs/cifsd/smb2misc.c
@@ -178,19 +178,19 @@ static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
*/
if (*off > 4096) {
ksmbd_debug(SMB, "offset %d too large, data area ignored\n",
- *off);
+ *off);
*len = 0;
*off = 0;
} else if (*off < 0) {
ksmbd_debug(SMB,
- "negative offset %d to data invalid ignore data area\n",
- *off);
+ "negative offset %d to data invalid ignore data area\n",
+ *off);
*off = 0;
*len = 0;
} else if (*len < 0) {
ksmbd_debug(SMB,
- "negative data length %d invalid, data area ignored\n",
- *len);
+ "negative data length %d invalid, data area ignored\n",
+ *len);
*len = 0;
} else if (*len > 128 * 1024) {
ksmbd_debug(SMB, "data area larger than 128K: %d\n", *len);
@@ -228,7 +228,7 @@ static unsigned int smb2_calc_size(void *buf)
smb2_get_data_area_len(&offset, &data_length, hdr);
ksmbd_debug(SMB, "SMB2 data length %d offset %d\n", data_length,
- offset);
+ offset);
if (data_length > 0) {
/*
@@ -239,8 +239,8 @@ static unsigned int smb2_calc_size(void *buf)
*/
if (offset + 1 < len)
ksmbd_debug(SMB,
- "data area offset %d overlaps SMB2 header %d\n",
- offset + 1, len);
+ "data area offset %d overlaps SMB2 header %d\n",
+ offset + 1, len);
else
len = offset + data_length;
}
@@ -321,11 +321,11 @@ static int smb2_validate_credit_charge(struct smb2_hdr *hdr)
calc_credit_num = DIV_ROUND_UP(max_len, SMB2_MAX_BUFFER_SIZE);
if (!credit_charge && max_len > SMB2_MAX_BUFFER_SIZE) {
ksmbd_err("credit charge is zero and payload size(%d) is bigger than 64K\n",
- max_len);
+ max_len);
return 1;
} else if (credit_charge < calc_credit_num) {
ksmbd_err("credit charge : %d, calc_credit_num : %d\n",
- credit_charge, calc_credit_num);
+ credit_charge, calc_credit_num);
return 1;
}
@@ -357,7 +357,7 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
if (hdr->StructureSize != SMB2_HEADER_STRUCTURE_SIZE) {
ksmbd_debug(SMB, "Illegal structure size %u\n",
- le16_to_cpu(hdr->StructureSize));
+ le16_to_cpu(hdr->StructureSize));
return 1;
}
@@ -372,8 +372,8 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
(hdr->Status == 0 || pdu->StructureSize2 != SMB2_ERROR_STRUCTURE_SIZE2_LE)) {
/* error packets have 9 byte structure size */
ksmbd_debug(SMB,
- "Illegal request size %u for command %d\n",
- le16_to_cpu(pdu->StructureSize2), command);
+ "Illegal request size %u for command %d\n",
+ le16_to_cpu(pdu->StructureSize2), command);
return 1;
} else if (command == SMB2_OPLOCK_BREAK_HE &&
hdr->Status == 0 &&
@@ -381,8 +381,8 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
le16_to_cpu(pdu->StructureSize2) != OP_BREAK_STRUCT_SIZE_21) {
/* special case for SMB2.1 lease break message */
ksmbd_debug(SMB,
- "Illegal request size %d for oplock break\n",
- le16_to_cpu(pdu->StructureSize2));
+ "Illegal request size %d for oplock break\n",
+ le16_to_cpu(pdu->StructureSize2));
return 1;
}
}
@@ -408,9 +408,9 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
*/
if (clc_len < len) {
ksmbd_debug(SMB,
- "cli req padded more than expected. Length %d not %d for cmd:%d mid:%llu\n",
- len, clc_len, command,
- le64_to_cpu(hdr->MessageId));
+ "cli req padded more than expected. Length %d not %d for cmd:%d mid:%llu\n",
+ len, clc_len, command,
+ le64_to_cpu(hdr->MessageId));
return 0;
}
@@ -418,9 +418,9 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
return 0;
ksmbd_debug(SMB,
- "cli req too short, len %d not %d. cmd:%d mid:%llu\n",
- len, clc_len, command,
- le64_to_cpu(hdr->MessageId));
+ "cli req too short, len %d not %d. cmd:%d mid:%llu\n",
+ len, clc_len, command,
+ le64_to_cpu(hdr->MessageId));
return 1;
}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 16290ad710fa..84b243b3895a 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -296,7 +296,7 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
}
static int smb2_consume_credit_charge(struct ksmbd_work *work,
- unsigned short credit_charge)
+ unsigned short credit_charge)
{
struct ksmbd_conn *conn = work->conn;
unsigned int rsp_credits = 1;
@@ -336,8 +336,8 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
conn->total_credits = min_credits;
}
- rsp_credit_charge = smb2_consume_credit_charge(work,
- le16_to_cpu(req_hdr->CreditCharge));
+ rsp_credit_charge =
+ smb2_consume_credit_charge(work, le16_to_cpu(req_hdr->CreditCharge));
if (rsp_credit_charge < 0)
return -EINVAL;
@@ -373,9 +373,9 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
}
out:
ksmbd_debug(SMB,
- "credits: requested[%d] granted[%d] total_granted[%d]\n",
- credits_requested, credits_granted,
- conn->total_credits);
+ "credits: requested[%d] granted[%d] total_granted[%d]\n",
+ credits_requested, credits_granted,
+ conn->total_credits);
return 0;
}
@@ -420,9 +420,9 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
work->next_smb2_rcv_hdr_off += next_hdr_offset;
work->next_smb2_rsp_hdr_off += new_len;
ksmbd_debug(SMB,
- "Compound req new_len = %d rcv off = %d rsp off = %d\n",
- new_len, work->next_smb2_rcv_hdr_off,
- work->next_smb2_rsp_hdr_off);
+ "Compound req new_len = %d rcv off = %d rsp off = %d\n",
+ new_len, work->next_smb2_rcv_hdr_off,
+ work->next_smb2_rsp_hdr_off);
rsp_hdr = RESPONSE_BUF_NEXT(work);
rcv_hdr = REQUEST_BUF_NEXT(work);
@@ -640,7 +640,7 @@ static void destroy_previous_session(struct ksmbd_user *user, u64 id)
*/
static char *
smb2_get_name(struct ksmbd_share_config *share, const char *src,
- const int maxlen, struct nls_table *local_nls)
+ const int maxlen, struct nls_table *local_nls)
{
char *name, *unixname;
@@ -684,8 +684,8 @@ int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
rsp_hdr->Id.AsyncId = cpu_to_le64(id);
ksmbd_debug(SMB,
- "Send interim Response to inform async request id : %d\n",
- work->async_id);
+ "Send interim Response to inform async request id : %d\n",
+ work->async_id);
work->cancel_fn = fn;
work->cancel_argv = arg;
@@ -759,7 +759,7 @@ static int smb2_get_dos_mode(struct kstat *stat, int attribute)
}
static void build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt,
- __le16 hash_id)
+ __le16 hash_id)
{
pneg_ctxt->ContextType = SMB2_PREAUTH_INTEGRITY_CAPABILITIES;
pneg_ctxt->DataLength = cpu_to_le16(38);
@@ -771,7 +771,7 @@ static void build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt,
}
static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt,
- __le16 cipher_type)
+ __le16 cipher_type)
{
pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES;
pneg_ctxt->DataLength = cpu_to_le16(4);
@@ -781,7 +781,7 @@ static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt,
}
static void build_compression_ctxt(struct smb2_compression_ctx *pneg_ctxt,
- __le16 comp_algo)
+ __le16 comp_algo)
{
pneg_ctxt->ContextType = SMB2_COMPRESSION_CAPABILITIES;
pneg_ctxt->DataLength =
@@ -817,7 +817,7 @@ static void build_posix_ctxt(struct smb2_posix_neg_context *pneg_ctxt)
}
static void assemble_neg_contexts(struct ksmbd_conn *conn,
- struct smb2_negotiate_rsp *rsp)
+ struct smb2_negotiate_rsp *rsp)
{
/* +4 is to account for the RFC1001 len field */
char *pneg_ctxt = (char *)rsp +
@@ -826,9 +826,9 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
int ctxt_size;
ksmbd_debug(SMB,
- "assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
+ "assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt,
- conn->preauth_info->Preauth_HashId);
+ conn->preauth_info->Preauth_HashId);
rsp->NegotiateContextCount = cpu_to_le16(neg_ctxt_cnt);
inc_rfc1001_len(rsp, AUTH_GSS_PADDING);
ctxt_size = sizeof(struct smb2_preauth_neg_context);
@@ -838,9 +838,9 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
if (conn->cipher_type) {
ctxt_size = round_up(ctxt_size, 8);
ksmbd_debug(SMB,
- "assemble SMB2_ENCRYPTION_CAPABILITIES context\n");
+ "assemble SMB2_ENCRYPTION_CAPABILITIES context\n");
build_encrypt_ctxt((struct smb2_encryption_neg_context *)pneg_ctxt,
- conn->cipher_type);
+ conn->cipher_type);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
ctxt_size += sizeof(struct smb2_encryption_neg_context);
/* Round to 8 byte boundary */
@@ -852,10 +852,10 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
if (conn->compress_algorithm) {
ctxt_size = round_up(ctxt_size, 8);
ksmbd_debug(SMB,
- "assemble SMB2_COMPRESSION_CAPABILITIES context\n");
+ "assemble SMB2_COMPRESSION_CAPABILITIES context\n");
/* Temporarily set to SMB3_COMPRESS_NONE */
build_compression_ctxt((struct smb2_compression_ctx *)pneg_ctxt,
- conn->compress_algorithm);
+ conn->compress_algorithm);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
ctxt_size += sizeof(struct smb2_compression_ctx);
/* Round to 8 byte boundary */
@@ -865,7 +865,7 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
if (conn->posix_ext_supported) {
ctxt_size = round_up(ctxt_size, 8);
ksmbd_debug(SMB,
- "assemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
+ "assemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
build_posix_ctxt((struct smb2_posix_neg_context *)pneg_ctxt);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
ctxt_size += sizeof(struct smb2_posix_neg_context);
@@ -875,12 +875,11 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
}
static __le32 decode_preauth_ctxt(struct ksmbd_conn *conn,
- struct smb2_preauth_neg_context *pneg_ctxt)
+ struct smb2_preauth_neg_context *pneg_ctxt)
{
__le32 err = STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP;
- if (pneg_ctxt->HashAlgorithms ==
- SMB2_PREAUTH_INTEGRITY_SHA512) {
+ if (pneg_ctxt->HashAlgorithms == SMB2_PREAUTH_INTEGRITY_SHA512) {
conn->preauth_info->Preauth_HashId =
SMB2_PREAUTH_INTEGRITY_SHA512;
err = STATUS_SUCCESS;
@@ -890,7 +889,7 @@ static __le32 decode_preauth_ctxt(struct ksmbd_conn *conn,
}
static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
- struct smb2_encryption_neg_context *pneg_ctxt)
+ struct smb2_encryption_neg_context *pneg_ctxt)
{
int i;
int cph_cnt = le16_to_cpu(pneg_ctxt->CipherCount);
@@ -906,7 +905,7 @@ static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES256_CCM ||
pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES256_GCM) {
ksmbd_debug(SMB, "Cipher ID = 0x%x\n",
- pneg_ctxt->Ciphers[i]);
+ pneg_ctxt->Ciphers[i]);
conn->cipher_type = pneg_ctxt->Ciphers[i];
break;
}
@@ -922,7 +921,7 @@ static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
}
static int decode_compress_ctxt(struct ksmbd_conn *conn,
- struct smb2_compression_ctx *pneg_ctxt)
+ struct smb2_compression_ctx *pneg_ctxt)
{
int algo_cnt = le16_to_cpu(pneg_ctxt->CompressionAlgorithmCount);
@@ -937,7 +936,7 @@ static int decode_compress_ctxt(struct ksmbd_conn *conn,
}
static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
- struct smb2_negotiate_req *req)
+ struct smb2_negotiate_req *req)
{
int i = 0;
__le32 status = 0;
@@ -953,16 +952,16 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
while (i++ < neg_ctxt_cnt) {
if (*ContextType == SMB2_PREAUTH_INTEGRITY_CAPABILITIES) {
ksmbd_debug(SMB,
- "deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
+ "deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
if (conn->preauth_info->Preauth_HashId)
break;
status = decode_preauth_ctxt(conn,
- (struct smb2_preauth_neg_context *)pneg_ctxt);
+ (struct smb2_preauth_neg_context *)pneg_ctxt);
pneg_ctxt += DIV_ROUND_UP(sizeof(struct smb2_preauth_neg_context), 8) * 8;
} else if (*ContextType == SMB2_ENCRYPTION_CAPABILITIES) {
ksmbd_debug(SMB,
- "deassemble SMB2_ENCRYPTION_CAPABILITIES context\n");
+ "deassemble SMB2_ENCRYPTION_CAPABILITIES context\n");
if (conn->cipher_type)
break;
@@ -971,7 +970,7 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
} else if (*ContextType == SMB2_COMPRESSION_CAPABILITIES) {
ksmbd_debug(SMB,
- "deassemble SMB2_COMPRESSION_CAPABILITIES context\n");
+ "deassemble SMB2_COMPRESSION_CAPABILITIES context\n");
if (conn->compress_algorithm)
break;
@@ -980,14 +979,14 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
} else if (*ContextType == SMB2_NETNAME_NEGOTIATE_CONTEXT_ID) {
ksmbd_debug(SMB,
- "deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context\n");
+ "deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context\n");
ctxt_size = sizeof(struct smb2_netname_neg_context);
ctxt_size += DIV_ROUND_UP(le16_to_cpu(((struct smb2_netname_neg_context *)
- pneg_ctxt)->DataLength), 8) * 8;
+ pneg_ctxt)->DataLength), 8) * 8;
pneg_ctxt += ctxt_size;
} else if (*ContextType == SMB2_POSIX_EXTENSIONS_AVAILABLE) {
ksmbd_debug(SMB,
- "deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
+ "deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
conn->posix_ext_supported = true;
pneg_ctxt += DIV_ROUND_UP(sizeof(struct smb2_posix_neg_context), 8) * 8;
}
@@ -1033,7 +1032,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
case SMB311_PROT_ID:
conn->preauth_info =
kzalloc(sizeof(struct preauth_integrity_info),
- GFP_KERNEL);
+ GFP_KERNEL);
if (!conn->preauth_info) {
rc = -ENOMEM;
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
@@ -1043,7 +1042,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
status = deassemble_neg_contexts(conn, req);
if (status != STATUS_SUCCESS) {
ksmbd_err("deassemble_neg_contexts error(0x%x)\n",
- status);
+ status);
rsp->hdr.Status = status;
rc = -EINVAL;
goto err_out;
@@ -1056,8 +1055,8 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
}
ksmbd_gen_preauth_integrity_hash(conn,
- work->request_buf,
- conn->preauth_info->Preauth_HashValue);
+ work->request_buf,
+ conn->preauth_info->Preauth_HashValue);
rsp->NegotiateContextOffset =
cpu_to_le32(OFFSET_OF_NEG_CONTEXT);
assemble_neg_contexts(conn, rsp);
@@ -1082,7 +1081,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
case BAD_PROT_ID:
default:
ksmbd_debug(SMB, "Server dialect :0x%x not supported\n",
- conn->dialect);
+ conn->dialect);
rsp->hdr.Status = STATUS_NOT_SUPPORTED;
rc = -EINVAL;
goto err_out;
@@ -1098,7 +1097,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
if (conn->dialect > SMB20_PROT_ID) {
memcpy(conn->ClientGUID, req->ClientGUID,
- SMB2_CLIENT_GUID_SIZE);
+ SMB2_CLIENT_GUID_SIZE);
conn->cli_sec_mode = le16_to_cpu(req->SecurityMode);
}
@@ -1112,17 +1111,17 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
rsp->SystemTime = cpu_to_le64(ksmbd_systime());
rsp->ServerStartTime = 0;
ksmbd_debug(SMB, "negotiate context offset %d, count %d\n",
- le32_to_cpu(rsp->NegotiateContextOffset),
- le16_to_cpu(rsp->NegotiateContextCount));
+ le32_to_cpu(rsp->NegotiateContextOffset),
+ le16_to_cpu(rsp->NegotiateContextCount));
rsp->SecurityBufferOffset = cpu_to_le16(128);
rsp->SecurityBufferLength = cpu_to_le16(AUTH_GSS_LENGTH);
ksmbd_copy_gss_neg_header(((char *)(&rsp->hdr) +
- sizeof(rsp->hdr.smb2_buf_length)) +
- le16_to_cpu(rsp->SecurityBufferOffset));
+ sizeof(rsp->hdr.smb2_buf_length)) +
+ le16_to_cpu(rsp->SecurityBufferOffset));
inc_rfc1001_len(rsp, sizeof(struct smb2_negotiate_rsp) -
- sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) +
- AUTH_GSS_LENGTH);
+ sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) +
+ AUTH_GSS_LENGTH);
rsp->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED_LE;
conn->use_spnego = true;
@@ -1147,13 +1146,13 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
}
static int alloc_preauth_hash(struct ksmbd_session *sess,
- struct ksmbd_conn *conn)
+ struct ksmbd_conn *conn)
{
if (sess->Preauth_HashValue)
return 0;
sess->Preauth_HashValue = kmemdup(conn->preauth_info->Preauth_HashValue,
- PREAUTH_HASHVALUE_SIZE, GFP_KERNEL);
+ PREAUTH_HASHVALUE_SIZE, GFP_KERNEL);
if (!sess->Preauth_HashValue)
return -ENOMEM;
@@ -1180,7 +1179,7 @@ static int generate_preauth_hash(struct ksmbd_work *work)
}
static int decode_negotiation_token(struct ksmbd_work *work,
- struct negotiate_message *negblob)
+ struct negotiate_message *negblob)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_sess_setup_req *req;
@@ -1203,7 +1202,7 @@ static int decode_negotiation_token(struct ksmbd_work *work,
}
static int ntlm_negotiate(struct ksmbd_work *work,
- struct negotiate_message *negblob)
+ struct negotiate_message *negblob)
{
struct smb2_sess_setup_req *req = work->request_buf;
struct smb2_sess_setup_rsp *rsp = work->response_buf;
@@ -1247,10 +1246,8 @@ static int ntlm_negotiate(struct ksmbd_work *work,
goto out;
}
- rc = build_spnego_ntlmssp_neg_blob(&spnego_blob,
- &spnego_blob_len,
- neg_blob,
- sz);
+ rc = build_spnego_ntlmssp_neg_blob(&spnego_blob, &spnego_blob_len,
+ neg_blob, sz);
if (rc) {
rc = -ENOMEM;
goto out;
@@ -1267,7 +1264,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
}
static struct authenticate_message *user_authblob(struct ksmbd_conn *conn,
- struct smb2_sess_setup_req *req)
+ struct smb2_sess_setup_req *req)
{
int sz;
@@ -1280,7 +1277,7 @@ static struct authenticate_message *user_authblob(struct ksmbd_conn *conn,
}
static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
- struct smb2_sess_setup_req *req)
+ struct smb2_sess_setup_req *req)
{
struct authenticate_message *authblob;
struct ksmbd_user *user;
@@ -1396,7 +1393,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
rc = conn->ops->generate_encryptionkey(sess);
if (rc) {
ksmbd_debug(SMB,
- "SMB3 encryption key generation failed\n");
+ "SMB3 encryption key generation failed\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
return rc;
}
@@ -1473,7 +1470,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
ksmbd_free_user(sess->user);
retval = ksmbd_krb5_authenticate(sess, in_blob, in_len,
- out_blob, &out_len);
+ out_blob, &out_len);
if (retval) {
ksmbd_debug(SMB, "krb5 authentication failed\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
@@ -1491,7 +1488,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
retval = conn->ops->generate_encryptionkey(sess);
if (retval) {
ksmbd_debug(SMB,
- "SMB3 encryption key generation failed\n");
+ "SMB3 encryption key generation failed\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
return retval;
}
@@ -1565,7 +1562,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
ksmbd_session_register(conn, sess);
} else {
sess = ksmbd_session_lookup(conn,
- le64_to_cpu(req->hdr.SessionId));
+ le64_to_cpu(req->hdr.SessionId));
if (!sess) {
rc = -ENOENT;
rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
@@ -1673,7 +1670,8 @@ int smb2_tree_connect(struct ksmbd_work *work)
int rc = -EINVAL;
treename = smb_strndup_from_utf16(req->Buffer,
- le16_to_cpu(req->PathLength), true, conn->local_nls);
+ le16_to_cpu(req->PathLength), true,
+ conn->local_nls);
if (IS_ERR(treename)) {
ksmbd_err("treename is NULL\n");
status.ret = KSMBD_TREE_CONN_STATUS_ERROR;
@@ -1687,7 +1685,7 @@ int smb2_tree_connect(struct ksmbd_work *work)
}
ksmbd_debug(SMB, "tree connect request for tree %s treename %s\n",
- name, treename);
+ name, treename);
status = ksmbd_tree_conn_connect(sess, name);
if (status.ret == KSMBD_TREE_CONN_STATUS_OK)
@@ -1772,7 +1770,7 @@ int smb2_tree_connect(struct ksmbd_work *work)
* Return: file open flags
*/
static int smb2_create_open_flags(bool file_present, __le32 access,
- __le32 disposition)
+ __le32 disposition)
{
int oflags = O_NONBLOCK | O_LARGEFILE;
@@ -1910,7 +1908,7 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work)
char *name;
name = smb_strndup_from_utf16(req->Buffer, le16_to_cpu(req->NameLength),
- 1, work->conn->local_nls);
+ 1, work->conn->local_nls);
if (IS_ERR(name)) {
rsp->hdr.Status = STATUS_NO_MEMORY;
err = PTR_ERR(name);
@@ -1987,20 +1985,20 @@ static int smb2_set_ea(struct smb2_ea_info *eabuf, struct path *path)
goto next;
ksmbd_debug(SMB,
- "name : <%s>, name_len : %u, value_len : %u, next : %u\n",
- eabuf->name, eabuf->EaNameLength,
- le16_to_cpu(eabuf->EaValueLength),
- le32_to_cpu(eabuf->NextEntryOffset));
+ "name : <%s>, name_len : %u, value_len : %u, next : %u\n",
+ eabuf->name, eabuf->EaNameLength,
+ le16_to_cpu(eabuf->EaValueLength),
+ le32_to_cpu(eabuf->NextEntryOffset));
if (eabuf->EaNameLength >
- (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN)) {
+ (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN)) {
rc = -EINVAL;
break;
}
memcpy(attr_name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN);
memcpy(&attr_name[XATTR_USER_PREFIX_LEN], eabuf->name,
- eabuf->EaNameLength);
+ eabuf->EaNameLength);
attr_name[XATTR_USER_PREFIX_LEN + eabuf->EaNameLength] = '\0';
value = (char *)&eabuf->name + eabuf->EaNameLength + 1;
@@ -2017,8 +2015,8 @@ static int smb2_set_ea(struct smb2_ea_info *eabuf, struct path *path)
if (rc < 0) {
ksmbd_debug(SMB,
- "remove xattr failed(%d)\n",
- rc);
+ "remove xattr failed(%d)\n",
+ rc);
break;
}
}
@@ -2027,11 +2025,11 @@ static int smb2_set_ea(struct smb2_ea_info *eabuf, struct path *path)
rc = 0;
} else {
rc = ksmbd_vfs_setxattr(path->dentry, attr_name, value,
- le16_to_cpu(eabuf->EaValueLength), 0);
+ le16_to_cpu(eabuf->EaValueLength), 0);
if (rc < 0) {
ksmbd_debug(SMB,
- "ksmbd_vfs_setxattr is failed(%d)\n",
- rc);
+ "ksmbd_vfs_setxattr is failed(%d)\n",
+ rc);
break;
}
}
@@ -2061,7 +2059,8 @@ static inline int check_context_err(void *ctx, char *str)
}
static noinline int smb2_set_stream_name_xattr(struct path *path,
- struct ksmbd_file *fp, char *stream_name, int s_type)
+ struct ksmbd_file *fp,
+ char *stream_name, int s_type)
{
size_t xattr_stream_size;
char *xattr_stream_name;
@@ -2142,13 +2141,13 @@ static int smb2_create_truncate(struct path *path)
rc = 0;
if (rc)
ksmbd_debug(SMB,
- "ksmbd_truncate_stream_name_xattr failed, rc %d\n",
- rc);
+ "ksmbd_truncate_stream_name_xattr failed, rc %d\n",
+ rc);
return rc;
}
static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon, struct path *path,
- struct ksmbd_file *fp)
+ struct ksmbd_file *fp)
{
struct xattr_dos_attrib da = {0};
int rc;
@@ -2169,7 +2168,7 @@ static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon, struct path *path,
}
static void smb2_update_xattrs(struct ksmbd_tree_connect *tcon,
- struct path *path, struct ksmbd_file *fp)
+ struct path *path, struct ksmbd_file *fp)
{
struct xattr_dos_attrib da;
int rc;
@@ -2190,7 +2189,7 @@ static void smb2_update_xattrs(struct ksmbd_tree_connect *tcon,
}
static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name,
- int open_flags, umode_t posix_mode, bool is_dir)
+ int open_flags, umode_t posix_mode, bool is_dir)
{
struct ksmbd_tree_connect *tcon = work->tcon;
struct ksmbd_share_config *share = tcon->share_conf;
@@ -2220,14 +2219,15 @@ static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name,
rc = ksmbd_vfs_kern_path(name, 0, path, 0);
if (rc) {
ksmbd_err("cannot get linux path (%s), err = %d\n",
- name, rc);
+ name, rc);
return rc;
}
return 0;
}
static int smb2_create_sd_buffer(struct ksmbd_work *work,
- struct smb2_create_req *req, struct dentry *dentry)
+ struct smb2_create_req *req,
+ struct dentry *dentry)
{
struct create_context *context;
int rc = -ENOENT;
@@ -2241,10 +2241,10 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work,
struct create_sd_buf_req *sd_buf;
ksmbd_debug(SMB,
- "Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
+ "Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
sd_buf = (struct create_sd_buf_req *)context;
rc = set_info_sec(work->conn, work->tcon, dentry, &sd_buf->ntsd,
- le32_to_cpu(sd_buf->ccontext.DataLength), true);
+ le32_to_cpu(sd_buf->ccontext.DataLength), true);
}
return rc;
@@ -2353,7 +2353,7 @@ int smb2_open(struct ksmbd_work *work)
if (ksmbd_share_veto_filename(share, name)) {
rc = -ENOENT;
ksmbd_debug(SMB, "Reject open(), vetoed file: %s\n",
- name);
+ name);
goto err_out1;
}
} else {
@@ -2376,7 +2376,7 @@ int smb2_open(struct ksmbd_work *work)
if (le32_to_cpu(req->ImpersonationLevel) > le32_to_cpu(IL_DELEGATE_LE)) {
ksmbd_err("Invalid impersonationlevel : 0x%x\n",
- le32_to_cpu(req->ImpersonationLevel));
+ le32_to_cpu(req->ImpersonationLevel));
rc = -EIO;
rsp->hdr.Status = STATUS_BAD_IMPERSONATION_LEVEL;
goto err_out1;
@@ -2384,7 +2384,7 @@ int smb2_open(struct ksmbd_work *work)
if (req->CreateOptions && !(req->CreateOptions & CREATE_OPTIONS_MASK)) {
ksmbd_err("Invalid create options : 0x%x\n",
- le32_to_cpu(req->CreateOptions));
+ le32_to_cpu(req->CreateOptions));
rc = -EINVAL;
goto err_out1;
} else {
@@ -2392,8 +2392,9 @@ int smb2_open(struct ksmbd_work *work)
req->CreateOptions & FILE_RANDOM_ACCESS_LE)
req->CreateOptions = ~(FILE_SEQUENTIAL_ONLY_LE);
- if (req->CreateOptions & (FILE_OPEN_BY_FILE_ID_LE |
- CREATE_TREE_CONNECTION | FILE_RESERVE_OPFILTER_LE)) {
+ if (req->CreateOptions &
+ (FILE_OPEN_BY_FILE_ID_LE | CREATE_TREE_CONNECTION |
+ FILE_RESERVE_OPFILTER_LE)) {
rc = -EOPNOTSUPP;
goto err_out1;
}
@@ -2409,23 +2410,23 @@ int smb2_open(struct ksmbd_work *work)
}
if (le32_to_cpu(req->CreateDisposition) >
- le32_to_cpu(FILE_OVERWRITE_IF_LE)) {
+ le32_to_cpu(FILE_OVERWRITE_IF_LE)) {
ksmbd_err("Invalid create disposition : 0x%x\n",
- le32_to_cpu(req->CreateDisposition));
+ le32_to_cpu(req->CreateDisposition));
rc = -EINVAL;
goto err_out1;
}
if (!(req->DesiredAccess & DESIRED_ACCESS_MASK)) {
ksmbd_err("Invalid desired access : 0x%x\n",
- le32_to_cpu(req->DesiredAccess));
+ le32_to_cpu(req->DesiredAccess));
rc = -EACCES;
goto err_out1;
}
if (req->FileAttributes && !(req->FileAttributes & ATTR_MASK_LE)) {
ksmbd_err("Invalid file attribute : 0x%x\n",
- le32_to_cpu(req->FileAttributes));
+ le32_to_cpu(req->FileAttributes));
rc = -EINVAL;
goto err_out1;
}
@@ -2447,23 +2448,23 @@ int smb2_open(struct ksmbd_work *work)
}
context = smb2_find_context_vals(req,
- SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
+ SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
if (IS_ERR(context)) {
rc = check_context_err(context,
- SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
+ SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
if (rc < 0)
goto err_out1;
} else {
ksmbd_debug(SMB,
- "get query maximal access context\n");
+ "get query maximal access context\n");
maximal_access_ctxt = 1;
}
context = smb2_find_context_vals(req,
- SMB2_CREATE_TIMEWARP_REQUEST);
+ SMB2_CREATE_TIMEWARP_REQUEST);
if (IS_ERR(context)) {
rc = check_context_err(context,
- SMB2_CREATE_TIMEWARP_REQUEST);
+ SMB2_CREATE_TIMEWARP_REQUEST);
if (rc < 0)
goto err_out1;
} else {
@@ -2474,10 +2475,10 @@ int smb2_open(struct ksmbd_work *work)
if (tcon->posix_extensions) {
context = smb2_find_context_vals(req,
- SMB2_CREATE_TAG_POSIX);
+ SMB2_CREATE_TAG_POSIX);
if (IS_ERR(context)) {
rc = check_context_err(context,
- SMB2_CREATE_TAG_POSIX);
+ SMB2_CREATE_TAG_POSIX);
if (rc < 0)
goto err_out1;
} else {
@@ -2516,7 +2517,7 @@ int smb2_open(struct ksmbd_work *work)
if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
- "User does not have write permission\n");
+ "User does not have write permission\n");
rc = -EACCES;
path_put(&path);
goto err_out;
@@ -2546,11 +2547,11 @@ int smb2_open(struct ksmbd_work *work)
if (rc) {
if (rc == -EACCES) {
ksmbd_debug(SMB,
- "User does not have right permission\n");
+ "User does not have right permission\n");
goto err_out;
}
ksmbd_debug(SMB, "can not get linux path for %s, rc = %d\n",
- name, rc);
+ name, rc);
rc = 0;
} else {
file_present = true;
@@ -2582,7 +2583,7 @@ int smb2_open(struct ksmbd_work *work)
if (file_present && req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE &&
S_ISDIR(stat.mode) && !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
ksmbd_debug(SMB, "open() argument is a directory: %s, %x\n",
- name, req->CreateOptions);
+ name, req->CreateOptions);
rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY;
rc = -EIO;
goto err_out;
@@ -2606,7 +2607,7 @@ int smb2_open(struct ksmbd_work *work)
if (file_present && !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
rc = smb_check_perm_dacl(conn, path.dentry, &daccess,
- sess->user->uid);
+ sess->user->uid);
if (rc)
goto err_out;
}
@@ -2624,13 +2625,13 @@ int smb2_open(struct ksmbd_work *work)
maximal_access = daccess;
}
- open_flags = smb2_create_open_flags(file_present,
- daccess, req->CreateDisposition);
+ open_flags = smb2_create_open_flags(file_present, daccess,
+ req->CreateDisposition);
if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
if (open_flags & O_CREAT) {
ksmbd_debug(SMB,
- "User does not have write permission\n");
+ "User does not have write permission\n");
rc = -EACCES;
goto err_out;
}
@@ -2639,7 +2640,7 @@ int smb2_open(struct ksmbd_work *work)
/*create file if not present */
if (!file_present) {
rc = smb2_creat(work, &path, name, open_flags, posix_mode,
- req->CreateOptions & FILE_DIRECTORY_FILE_LE);
+ req->CreateOptions & FILE_DIRECTORY_FILE_LE);
if (rc)
goto err_out;
@@ -2663,7 +2664,8 @@ int smb2_open(struct ksmbd_work *work)
*/
if (daccess & ~(FILE_READ_ATTRIBUTES_LE | FILE_READ_CONTROL_LE)) {
rc = ksmbd_vfs_inode_permission(path.dentry,
- open_flags & O_ACCMODE, may_delete);
+ open_flags & O_ACCMODE,
+ may_delete);
if (rc)
goto err_out;
}
@@ -2689,8 +2691,8 @@ int smb2_open(struct ksmbd_work *work)
else
file_info = FILE_OVERWRITTEN;
- if ((req->CreateDisposition & FILE_CREATE_MASK_LE)
- == FILE_SUPERSEDE_LE)
+ if ((req->CreateDisposition & FILE_CREATE_MASK_LE) ==
+ FILE_SUPERSEDE_LE)
file_info = FILE_SUPERSEDED;
} else if (open_flags & O_CREAT) {
file_info = FILE_CREATED;
@@ -2732,7 +2734,7 @@ int smb2_open(struct ksmbd_work *work)
if (test_share_config_flag(work->tcon->share_conf,
KSMBD_SHARE_FLAG_ACL_XATTR)) {
rc = smb_inherit_dacl(conn, path.dentry, sess->user->uid,
- sess->user->gid);
+ sess->user->gid);
}
if (rc) {
@@ -2762,17 +2764,21 @@ int smb2_open(struct ksmbd_work *work)
goto err_out;
rc = build_sec_desc(pntsd, NULL,
- OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO,
- &pntsd_size, &fattr);
+ OWNER_SECINFO |
+ GROUP_SECINFO |
+ DACL_SECINFO,
+ &pntsd_size, &fattr);
posix_acl_release(fattr.cf_acls);
posix_acl_release(fattr.cf_dacls);
rc = ksmbd_vfs_set_sd_xattr(conn,
- path.dentry, pntsd, pntsd_size);
+ path.dentry,
+ pntsd,
+ pntsd_size);
kfree(pntsd);
if (rc)
ksmbd_err("failed to store ntacl in xattr : %d\n",
- rc);
+ rc);
}
}
}
@@ -2829,8 +2835,8 @@ int smb2_open(struct ksmbd_work *work)
if (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) {
req_op_level = smb2_map_lease_to_oplock(lc->req_state);
ksmbd_debug(SMB,
- "lease req for(%s) req oplock state 0x%x, lease state 0x%x\n",
- name, req_op_level, lc->req_state);
+ "lease req for(%s) req oplock state 0x%x, lease state 0x%x\n",
+ name, req_op_level, lc->req_state);
rc = find_same_lease_key(sess, fp->f_ci, lc);
if (rc)
goto err_out;
@@ -2859,12 +2865,11 @@ int smb2_open(struct ksmbd_work *work)
if (req->CreateContextsOffset) {
struct create_alloc_size_req *az_req;
- az_req = (struct create_alloc_size_req *)
- smb2_find_context_vals(req,
- SMB2_CREATE_ALLOCATION_SIZE);
+ az_req = (struct create_alloc_size_req *)smb2_find_context_vals(req,
+ SMB2_CREATE_ALLOCATION_SIZE);
if (IS_ERR(az_req)) {
rc = check_context_err(az_req,
- SMB2_CREATE_ALLOCATION_SIZE);
+ SMB2_CREATE_ALLOCATION_SIZE);
if (rc < 0)
goto err_out;
} else {
@@ -2872,13 +2877,13 @@ int smb2_open(struct ksmbd_work *work)
int err;
ksmbd_debug(SMB,
- "request smb2 create allocate size : %llu\n",
- alloc_size);
+ "request smb2 create allocate size : %llu\n",
+ alloc_size);
err = ksmbd_vfs_alloc_size(work, fp, alloc_size);
if (err < 0)
ksmbd_debug(SMB,
- "ksmbd_vfs_alloc_size is failed : %d\n",
- err);
+ "ksmbd_vfs_alloc_size is failed : %d\n",
+ err);
}
context = smb2_find_context_vals(req, SMB2_CREATE_QUERY_ON_DISK_ID);
@@ -2897,8 +2902,8 @@ int smb2_open(struct ksmbd_work *work)
else
fp->create_time = ksmbd_UnixTimeToNT(stat.ctime);
if (req->FileAttributes || fp->f_ci->m_fattr == 0)
- fp->f_ci->m_fattr = cpu_to_le32(smb2_get_dos_mode(&stat,
- le32_to_cpu(req->FileAttributes)));
+ fp->f_ci->m_fattr =
+ cpu_to_le32(smb2_get_dos_mode(&stat, le32_to_cpu(req->FileAttributes)));
if (!created)
smb2_update_xattrs(tcon, &path, fp);
@@ -2942,7 +2947,7 @@ int smb2_open(struct ksmbd_work *work)
struct create_context *lease_ccontext;
ksmbd_debug(SMB, "lease granted on(%s) lease state 0x%x\n",
- name, opinfo->o_lease->state);
+ name, opinfo->o_lease->state);
rsp->OplockLevel = SMB2_OPLOCK_LEVEL_LEASE;
lease_ccontext = (struct create_context *)rsp->Buffer;
@@ -3170,7 +3175,8 @@ static int dentry_name(struct ksmbd_dir_info *d_info, int info_level)
* Return: 0 on success, otherwise error
*/
static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
- struct ksmbd_dir_info *d_info, struct ksmbd_kstat *ksmbd_kstat)
+ struct ksmbd_dir_info *d_info,
+ struct ksmbd_kstat *ksmbd_kstat)
{
int next_entry_offset = 0;
char *conv_name;
@@ -3323,9 +3329,9 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
if (d_info->hide_dot_file && d_info->name[0] == '.')
posix_info->DosAttributes |= ATTR_HIDDEN_LE;
id_to_sid(from_kuid(&init_user_ns, ksmbd_kstat->kstat->uid),
- SIDNFS_USER, (struct smb_sid *)&posix_info->SidBuffer[0]);
+ SIDNFS_USER, (struct smb_sid *)&posix_info->SidBuffer[0]);
id_to_sid(from_kgid(&init_user_ns, ksmbd_kstat->kstat->gid),
- SIDNFS_GROUP, (struct smb_sid *)&posix_info->SidBuffer[20]);
+ SIDNFS_GROUP, (struct smb_sid *)&posix_info->SidBuffer[20]);
memcpy(posix_info->name, conv_name, conv_len);
posix_info->name_len = cpu_to_le32(conv_len);
posix_info->NextEntryOffset = cpu_to_le32(next_entry_offset);
@@ -3341,9 +3347,9 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
kfree(conv_name);
ksmbd_debug(SMB,
- "info_level : %d, buf_len :%d, next_offset : %d, data_count : %d\n",
- info_level, d_info->out_buf_len,
- next_entry_offset, d_info->data_count);
+ "info_level : %d, buf_len :%d, next_offset : %d, data_count : %d\n",
+ info_level, d_info->out_buf_len,
+ next_entry_offset, d_info->data_count);
return 0;
}
@@ -3392,8 +3398,8 @@ static int process_query_dir_entries(struct smb2_query_dir_private *priv)
if (IS_ERR(dent)) {
ksmbd_debug(SMB, "Cannot lookup `%s' [%ld]\n",
- priv->d_info->name,
- PTR_ERR(dent));
+ priv->d_info->name,
+ PTR_ERR(dent));
continue;
}
if (unlikely(d_is_negative(dent))) {
@@ -3421,7 +3427,7 @@ static int process_query_dir_entries(struct smb2_query_dir_private *priv)
}
static int reserve_populate_dentry(struct ksmbd_dir_info *d_info,
- int info_level)
+ int info_level)
{
int struct_sz;
int conv_len;
@@ -3528,7 +3534,7 @@ static int reserve_populate_dentry(struct ksmbd_dir_info *d_info,
}
static int __query_dir(struct dir_context *ctx, const char *name, int namlen,
- loff_t offset, u64 ino, unsigned int d_type)
+ loff_t offset, u64 ino, unsigned int d_type)
{
struct ksmbd_readdir_data *buf;
struct smb2_query_dir_private *priv;
@@ -3612,17 +3618,18 @@ int smb2_query_dir(struct ksmbd_work *work)
}
dir_fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
if (!dir_fp) {
rc = -EBADF;
goto err_out2;
}
if (!(dir_fp->daccess & FILE_LIST_DIRECTORY_LE) ||
- inode_permission(&init_user_ns, file_inode(dir_fp->filp), MAY_READ | MAY_EXEC)) {
+ inode_permission(&init_user_ns, file_inode(dir_fp->filp),
+ MAY_READ | MAY_EXEC)) {
ksmbd_err("no right to enumerate directory (%s)\n",
- FP_FILENAME(dir_fp));
+ FP_FILENAME(dir_fp));
rc = -EACCES;
goto err_out2;
}
@@ -3635,8 +3642,8 @@ int smb2_query_dir(struct ksmbd_work *work)
srch_flag = req->Flags;
srch_ptr = smb_strndup_from_utf16(req->Buffer,
- le16_to_cpu(req->FileNameLength), 1,
- conn->local_nls);
+ le16_to_cpu(req->FileNameLength), 1,
+ conn->local_nls);
if (IS_ERR(srch_ptr)) {
ksmbd_debug(SMB, "Search Pattern not found\n");
rc = -EINVAL;
@@ -3657,8 +3664,8 @@ int smb2_query_dir(struct ksmbd_work *work)
d_info.wptr = (char *)rsp->Buffer;
d_info.rptr = (char *)rsp->Buffer;
d_info.out_buf_len = (work->response_sz - (get_rfc1002_len(rsp_org) + 4));
- d_info.out_buf_len = min_t(int, d_info.out_buf_len,
- le32_to_cpu(req->OutputBufferLength)) - sizeof(struct smb2_query_directory_rsp);
+ d_info.out_buf_len = min_t(int, d_info.out_buf_len, le32_to_cpu(req->OutputBufferLength)) -
+ sizeof(struct smb2_query_directory_rsp);
d_info.flags = srch_flag;
/*
@@ -3666,7 +3673,8 @@ int smb2_query_dir(struct ksmbd_work *work)
* in first response
*/
rc = ksmbd_populate_dot_dotdot_entries(work, req->FileInformationClass,
- dir_fp, &d_info, srch_ptr, smb2_populate_readdir_entry);
+ dir_fp, &d_info, srch_ptr,
+ smb2_populate_readdir_entry);
if (rc == -ENOSPC)
rc = 0;
else if (rc)
@@ -3762,7 +3770,7 @@ int smb2_query_dir(struct ksmbd_work *work)
* Return: 0 on success, otherwise error
*/
static int buffer_check_err(int reqOutputBufferLength,
- struct smb2_query_info_rsp *rsp, int infoclass_size)
+ struct smb2_query_info_rsp *rsp, int infoclass_size)
{
if (reqOutputBufferLength < le32_to_cpu(rsp->OutputBufferLength)) {
if (reqOutputBufferLength < infoclass_size) {
@@ -3797,8 +3805,7 @@ static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp)
inc_rfc1001_len(rsp, sizeof(struct smb2_file_standard_info));
}
-static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp,
- u64 num)
+static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp, u64 num)
{
struct smb2_file_internal_info *file_info;
@@ -3812,8 +3819,8 @@ static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp,
}
static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp)
{
u64 id;
int rc;
@@ -3827,22 +3834,22 @@ static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
return -ENOENT;
ksmbd_debug(SMB, "FileInfoClass %u, FileId 0x%llx\n",
- req->FileInfoClass, le64_to_cpu(req->VolatileFileId));
+ req->FileInfoClass, le64_to_cpu(req->VolatileFileId));
switch (req->FileInfoClass) {
case FILE_STANDARD_INFORMATION:
get_standard_info_pipe(rsp);
rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
- rsp, FILE_STANDARD_INFORMATION_SIZE);
+ rsp, FILE_STANDARD_INFORMATION_SIZE);
break;
case FILE_INTERNAL_INFORMATION:
get_internal_info_pipe(rsp, id);
rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
- rsp, FILE_INTERNAL_INFORMATION_SIZE);
+ rsp, FILE_INTERNAL_INFORMATION_SIZE);
break;
default:
ksmbd_debug(SMB, "smb2_info_file_pipe for %u not supported\n",
- req->FileInfoClass);
+ req->FileInfoClass);
rc = -EOPNOTSUPP;
}
return rc;
@@ -3859,8 +3866,8 @@ static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
* Return: 0 on success, otherwise error
*/
static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp, void *rsp_org)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct smb2_ea_info *eainfo, *prev_eainfo;
char *name, *ptr, *xattr_list = NULL, *buf;
@@ -3883,8 +3890,8 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
/* need to send all EAs, if no specific EA is requested*/
if (le32_to_cpu(req->Flags) & SL_RETURN_SINGLE_ENTRY)
ksmbd_debug(SMB,
- "All EAs are requested but need to send single EA entry in rsp flags 0x%x\n",
- le32_to_cpu(req->Flags));
+ "All EAs are requested but need to send single EA entry in rsp flags 0x%x\n",
+ le32_to_cpu(req->Flags));
}
buf_free_len = work->response_sz -
@@ -3966,7 +3973,7 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
memcpy(eainfo->name, &name[XATTR_USER_PREFIX_LEN],
- name_len);
+ name_len);
else
memcpy(eainfo->name, name, name_len);
@@ -4008,7 +4015,7 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
}
static void get_file_access_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_access_info *file_info;
@@ -4020,7 +4027,7 @@ static void get_file_access_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_all_info *basic_info;
struct kstat stat;
@@ -4028,7 +4035,7 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
ksmbd_err("no right to read the attributes : 0x%x\n",
- fp->daccess);
+ fp->daccess);
return -EACCES;
}
@@ -4051,7 +4058,7 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
}
static unsigned long long get_allocation_size(struct inode *inode,
- struct kstat *stat)
+ struct kstat *stat)
{
unsigned long long alloc_size = 0;
@@ -4066,7 +4073,7 @@ static unsigned long long get_allocation_size(struct inode *inode,
}
static void get_file_standard_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_standard_info *sinfo;
unsigned int delete_pending;
@@ -4091,7 +4098,7 @@ static void get_file_standard_info(struct smb2_query_info_rsp *rsp,
}
static void get_file_alignment_info(struct smb2_query_info_rsp *rsp,
- void *rsp_org)
+ void *rsp_org)
{
struct smb2_file_alignment_info *file_info;
@@ -4104,8 +4111,9 @@ static void get_file_alignment_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_all_info(struct ksmbd_work *work,
- struct smb2_query_info_rsp *rsp, struct ksmbd_file *fp,
- void *rsp_org)
+ struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_file_all_info *file_info;
@@ -4118,7 +4126,7 @@ static int get_file_all_info(struct ksmbd_work *work,
if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
ksmbd_debug(SMB, "no right to read the attributes : 0x%x\n",
- fp->daccess);
+ fp->daccess);
return -EACCES;
}
@@ -4157,11 +4165,8 @@ static int get_file_all_info(struct ksmbd_work *work,
file_info->CurrentByteOffset = cpu_to_le64(fp->filp->f_pos);
file_info->Mode = fp->coption;
file_info->AlignmentRequirement = 0;
- conv_len = smbConvertToUTF16((__le16 *)file_info->FileName,
- filename,
- PATH_MAX,
- conn->local_nls,
- 0);
+ conv_len = smbConvertToUTF16((__le16 *)file_info->FileName, filename,
+ PATH_MAX, conn->local_nls, 0);
conv_len *= 2;
file_info->FileNameLength = cpu_to_le32(conv_len);
rsp->OutputBufferLength =
@@ -4172,8 +4177,9 @@ static int get_file_all_info(struct ksmbd_work *work,
}
static void get_file_alternate_info(struct ksmbd_work *work,
- struct smb2_query_info_rsp *rsp, struct ksmbd_file *fp,
- void *rsp_org)
+ struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_file_alt_name_info *file_info;
@@ -4192,8 +4198,9 @@ static void get_file_alternate_info(struct ksmbd_work *work,
}
static void get_file_stream_info(struct ksmbd_work *work,
- struct smb2_query_info_rsp *rsp, struct ksmbd_file *fp,
- void *rsp_org)
+ struct smb2_query_info_rsp *rsp,
+ struct ksmbd_file *fp,
+ void *rsp_org)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_file_stream_info *file_info;
@@ -4236,15 +4243,12 @@ static void get_file_stream_info(struct ksmbd_work *work,
break;
streamlen = snprintf(stream_buf, streamlen + 1,
- ":%s", &stream_name[XATTR_NAME_STREAM_LEN]);
+ ":%s", &stream_name[XATTR_NAME_STREAM_LEN]);
- file_info = (struct smb2_file_stream_info *)
- &rsp->Buffer[nbytes];
+ file_info = (struct smb2_file_stream_info *)&rsp->Buffer[nbytes];
streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
- stream_buf,
- streamlen,
- conn->local_nls,
- 0);
+ stream_buf, streamlen,
+ conn->local_nls, 0);
streamlen *= 2;
kfree(stream_buf);
file_info->StreamNameLength = cpu_to_le32(streamlen);
@@ -4260,7 +4264,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
file_info = (struct smb2_file_stream_info *)
&rsp->Buffer[nbytes];
streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
- "::$DATA", 7, conn->local_nls, 0);
+ "::$DATA", 7, conn->local_nls, 0);
streamlen *= 2;
file_info->StreamNameLength = cpu_to_le32(streamlen);
file_info->StreamSize = S_ISDIR(stat.mode) ? 0 :
@@ -4280,7 +4284,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
}
static void get_file_internal_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_internal_info *file_info;
struct kstat stat;
@@ -4294,7 +4298,7 @@ static void get_file_internal_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_network_open_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_ntwrk_info *file_info;
struct inode *inode;
@@ -4342,7 +4346,7 @@ static void get_file_ea_info(struct smb2_query_info_rsp *rsp, void *rsp_org)
}
static void get_file_position_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_pos_info *file_info;
@@ -4354,7 +4358,7 @@ static void get_file_position_info(struct smb2_query_info_rsp *rsp,
}
static void get_file_mode_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_mode_info *file_info;
@@ -4366,7 +4370,7 @@ static void get_file_mode_info(struct smb2_query_info_rsp *rsp,
}
static void get_file_compression_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_comp_info *file_info;
struct kstat stat;
@@ -4387,7 +4391,7 @@ static void get_file_compression_info(struct smb2_query_info_rsp *rsp,
}
static int get_file_attribute_tag_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb2_file_attr_tag_info *file_info;
@@ -4402,13 +4406,12 @@ static int get_file_attribute_tag_info(struct smb2_query_info_rsp *rsp,
file_info->ReparseTag = 0;
rsp->OutputBufferLength =
cpu_to_le32(sizeof(struct smb2_file_attr_tag_info));
- inc_rfc1001_len(rsp_org,
- sizeof(struct smb2_file_attr_tag_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_attr_tag_info));
return 0;
}
static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
- struct ksmbd_file *fp, void *rsp_org)
+ struct ksmbd_file *fp, void *rsp_org)
{
struct smb311_posix_qinfo *file_info;
struct inode *inode = FP_INODE(fp);
@@ -4436,8 +4439,8 @@ static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
}
static int smb2_get_info_file(struct ksmbd_work *work,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp, void *rsp_org)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct ksmbd_file *fp;
int fileinfoclass = 0;
@@ -4454,7 +4457,7 @@ static int smb2_get_info_file(struct ksmbd_work *work,
if (work->next_smb2_rcv_hdr_off) {
if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
ksmbd_debug(SMB, "Compound request set FID = %u\n",
- work->compound_fid);
+ work->compound_fid);
id = work->compound_fid;
pid = work->compound_pfid;
}
@@ -4569,8 +4572,8 @@ static int smb2_get_info_file(struct ksmbd_work *work,
}
static int smb2_get_info_filesystem(struct ksmbd_work *work,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp, void *rsp_org)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct ksmbd_session *sess = work->sess;
struct ksmbd_conn *conn = sess->conn;
@@ -4801,8 +4804,8 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
}
static int smb2_get_info_sec(struct ksmbd_work *work,
- struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp, void *rsp_org)
+ struct smb2_query_info_req *req,
+ struct smb2_query_info_rsp *rsp, void *rsp_org)
{
struct ksmbd_file *fp;
struct smb_ntsd *pntsd = (struct smb_ntsd *)rsp->Buffer, *ppntsd = NULL;
@@ -4815,7 +4818,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO)) {
ksmbd_debug(SMB, "Unsupported addition info: 0x%x)\n",
- addition_info);
+ addition_info);
pntsd->revision = cpu_to_le16(1);
pntsd->type = cpu_to_le16(SELF_RELATIVE | DACL_PROTECTED);
@@ -4834,7 +4837,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
if (work->next_smb2_rcv_hdr_off) {
if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
ksmbd_debug(SMB, "Compound request set FID = %u\n",
- work->compound_fid);
+ work->compound_fid);
id = work->compound_fid;
pid = work->compound_pfid;
}
@@ -4901,7 +4904,7 @@ int smb2_query_info(struct ksmbd_work *work)
break;
default:
ksmbd_debug(SMB, "InfoType %d not supported yet\n",
- req->InfoType);
+ req->InfoType);
rc = -EOPNOTSUPP;
}
@@ -4917,7 +4920,7 @@ int smb2_query_info(struct ksmbd_work *work)
smb2_set_err_rsp(work);
ksmbd_debug(SMB, "error while processing smb2 query rc = %d\n",
- rc);
+ rc);
return rc;
}
rsp->StructureSize = cpu_to_le16(9);
@@ -5008,8 +5011,8 @@ int smb2_close(struct ksmbd_work *work)
goto out;
} else {
ksmbd_debug(SMB, "Compound request set FID = %u:%u\n",
- work->compound_fid,
- work->compound_pfid);
+ work->compound_fid,
+ work->compound_pfid);
volatile_id = work->compound_fid;
/* file closed, stored id is not valid anymore */
@@ -5086,8 +5089,8 @@ int smb2_echo(struct ksmbd_work *work)
}
static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
- struct smb2_file_rename_info *file_info,
- struct nls_table *local_nls)
+ struct smb2_file_rename_info *file_info,
+ struct nls_table *local_nls)
{
struct ksmbd_share_config *share = fp->tcon->share_conf;
char *new_name = NULL, *abs_oldname = NULL, *old_name = NULL;
@@ -5111,7 +5114,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
old_name++;
} else {
ksmbd_debug(SMB, "can't get last component in path %s\n",
- abs_oldname);
+ abs_oldname);
rc = -ENOENT;
goto out;
}
@@ -5154,7 +5157,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
NULL, 0, 0);
if (rc < 0) {
ksmbd_err("failed to store stream name in xattr: %d\n",
- rc);
+ rc);
rc = -EINVAL;
goto out;
}
@@ -5182,7 +5185,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
if (rc != -ENOTEMPTY)
rc = -EINVAL;
ksmbd_debug(SMB, "cannot delete %s, rc %d\n",
- new_name, rc);
+ new_name, rc);
goto out;
}
}
@@ -5191,7 +5194,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
strncmp(old_name, path.dentry->d_name.name, strlen(old_name))) {
rc = -EEXIST;
ksmbd_debug(SMB,
- "cannot rename already existing file\n");
+ "cannot rename already existing file\n");
goto out;
}
}
@@ -5205,9 +5208,10 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
}
static int smb2_create_link(struct ksmbd_work *work,
- struct ksmbd_share_config *share,
- struct smb2_file_link_info *file_info, struct file *filp,
- struct nls_table *local_nls)
+ struct ksmbd_share_config *share,
+ struct smb2_file_link_info *file_info,
+ struct file *filp,
+ struct nls_table *local_nls)
{
char *link_name = NULL, *target_name = NULL, *pathname = NULL;
struct path path;
@@ -5248,7 +5252,7 @@ static int smb2_create_link(struct ksmbd_work *work,
if (rc) {
rc = -EINVAL;
ksmbd_debug(SMB, "cannot delete %s\n",
- link_name);
+ link_name);
goto out;
}
}
@@ -5271,7 +5275,7 @@ static int smb2_create_link(struct ksmbd_work *work,
}
static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
- struct ksmbd_share_config *share)
+ struct ksmbd_share_config *share)
{
struct smb2_file_all_info *file_info;
struct iattr attrs;
@@ -5335,7 +5339,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
rc = ksmbd_vfs_set_dos_attrib_xattr(filp->f_path.dentry, &da);
if (rc)
ksmbd_debug(SMB,
- "failed to restore file attribute in EA\n");
+ "failed to restore file attribute in EA\n");
rc = 0;
}
@@ -5367,7 +5371,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
}
static int set_file_allocation_info(struct ksmbd_work *work,
- struct ksmbd_file *fp, char *buf)
+ struct ksmbd_file *fp, char *buf)
{
/*
* TODO : It's working fine only when store dos attributes
@@ -5417,7 +5421,7 @@ static int set_file_allocation_info(struct ksmbd_work *work,
}
static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf)
+ char *buf)
{
struct smb2_file_eof_info *file_eof_info;
loff_t newsize;
@@ -5440,11 +5444,11 @@ static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
*/
if (inode->i_sb->s_magic != MSDOS_SUPER_MAGIC) {
ksmbd_debug(SMB, "filename : %s truncated to newsize %lld\n",
- fp->filename, newsize);
+ fp->filename, newsize);
rc = ksmbd_vfs_truncate(work, NULL, fp, newsize);
if (rc) {
ksmbd_debug(SMB, "truncate failed! filename : %s err %d\n",
- fp->filename, rc);
+ fp->filename, rc);
if (rc != -EAGAIN)
rc = -EBADF;
return rc;
@@ -5454,7 +5458,7 @@ static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
}
static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf)
+ char *buf)
{
struct ksmbd_file *parent_fp;
@@ -5518,7 +5522,7 @@ static int set_file_position_info(struct ksmbd_file *fp, char *buf)
(fp->coption == FILE_NO_INTERMEDIATE_BUFFERING_LE &&
current_byte_offset & (sector_size - 1))) {
ksmbd_err("CurrentByteOffset is not valid : %llu\n",
- current_byte_offset);
+ current_byte_offset);
return -EINVAL;
}
@@ -5561,7 +5565,8 @@ static int set_file_mode_info(struct ksmbd_file *fp, char *buf)
* TODO: need to implement an error handling for STATUS_INFO_LENGTH_MISMATCH
*/
static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
- int info_class, char *buf, struct ksmbd_share_config *share)
+ int info_class, char *buf,
+ struct ksmbd_share_config *share)
{
switch (info_class) {
case FILE_BASIC_INFORMATION:
@@ -5576,20 +5581,20 @@ static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
case FILE_RENAME_INFORMATION:
if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
- "User does not have write permission\n");
+ "User does not have write permission\n");
return -EACCES;
}
return set_rename_info(work, fp, buf);
case FILE_LINK_INFORMATION:
return smb2_create_link(work, work->tcon->share_conf,
- (struct smb2_file_link_info *)buf, fp->filp,
- work->sess->conn->local_nls);
+ (struct smb2_file_link_info *)buf, fp->filp,
+ work->sess->conn->local_nls);
case FILE_DISPOSITION_INFORMATION:
if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
- "User does not have write permission\n");
+ "User does not have write permission\n");
return -EACCES;
}
return set_file_disposition_info(fp, buf);
@@ -5618,7 +5623,7 @@ static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
}
static int smb2_set_info_sec(struct ksmbd_file *fp, int addition_info,
- char *buffer, int buf_len)
+ char *buffer, int buf_len)
{
struct smb_ntsd *pntsd = (struct smb_ntsd *)buffer;
@@ -5650,7 +5655,7 @@ int smb2_set_info(struct ksmbd_work *work)
rsp = RESPONSE_BUF_NEXT(work);
if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
ksmbd_debug(SMB, "Compound request set FID = %u\n",
- work->compound_fid);
+ work->compound_fid);
id = work->compound_fid;
pid = work->compound_pfid;
}
@@ -5680,8 +5685,9 @@ int smb2_set_info(struct ksmbd_work *work)
case SMB2_O_INFO_SECURITY:
ksmbd_debug(SMB, "GOT SMB2_O_INFO_SECURITY\n");
rc = smb2_set_info_sec(fp,
- le32_to_cpu(req->AdditionalInformation), req->Buffer,
- le32_to_cpu(req->BufferLength));
+ le32_to_cpu(req->AdditionalInformation),
+ req->Buffer,
+ le32_to_cpu(req->BufferLength));
break;
default:
rc = -EOPNOTSUPP;
@@ -5716,8 +5722,7 @@ int smb2_set_info(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_INVALID_INFO_CLASS;
smb2_set_err_rsp(work);
ksmbd_fd_put(work, fp);
- ksmbd_debug(SMB, "error while processing smb2 query rc = %d\n",
- rc);
+ ksmbd_debug(SMB, "error while processing smb2 query rc = %d\n", rc);
return rc;
}
@@ -5753,7 +5758,7 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
}
memcpy(work->aux_payload_buf, rpc_resp->payload,
- rpc_resp->payload_sz);
+ rpc_resp->payload_sz);
nbytes = rpc_resp->payload_sz;
work->resp_hdr_sz = get_rfc1002_len(rsp) + 4;
@@ -5778,7 +5783,8 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
}
static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work,
- struct smb2_read_req *req, void *data_buf, size_t length)
+ struct smb2_read_req *req, void *data_buf,
+ size_t length)
{
struct smb2_buffer_desc_v1 *desc =
(struct smb2_buffer_desc_v1 *)&req->Buffer[0];
@@ -5797,8 +5803,9 @@ static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work,
work->remote_key = le32_to_cpu(desc->token);
err = ksmbd_conn_rdma_write(work->conn, data_buf, length,
- le32_to_cpu(desc->token), le64_to_cpu(desc->offset),
- le32_to_cpu(desc->length));
+ le32_to_cpu(desc->token),
+ le64_to_cpu(desc->offset),
+ le32_to_cpu(desc->length));
if (err)
return err;
@@ -5831,9 +5838,8 @@ int smb2_read(struct ksmbd_work *work)
return smb2_read_pipe(work);
}
- fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ fp = ksmbd_lookup_fd_slow(work, le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
if (!fp) {
err = -ENOENT;
goto out;
@@ -5857,7 +5863,7 @@ int smb2_read(struct ksmbd_work *work)
}
ksmbd_debug(SMB, "filename %s, offset %lld, len %zu\n", FP_FILENAME(fp),
- offset, length);
+ offset, length);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF) {
work->aux_payload_buf =
@@ -5890,13 +5896,14 @@ int smb2_read(struct ksmbd_work *work)
}
ksmbd_debug(SMB, "nbytes %zu, offset %lld mincount %zu\n",
- nbytes, offset, mincount);
+ nbytes, offset, mincount);
if (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE ||
req->Channel == SMB2_CHANNEL_RDMA_V1) {
/* write data to the client using rdma channel */
remain_bytes = smb2_read_rdma_channel(work, req,
- work->aux_payload_buf, nbytes);
+ work->aux_payload_buf,
+ nbytes);
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
ksmbd_release_buffer(work->aux_payload_buf);
else
@@ -5972,7 +5979,8 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
(le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
ksmbd_err("invalid write data offset %u, smb_len %u\n",
- le16_to_cpu(req->DataOffset), get_rfc1002_len(req));
+ le16_to_cpu(req->DataOffset),
+ get_rfc1002_len(req));
err = -EINVAL;
goto out;
}
@@ -6016,8 +6024,9 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
}
static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
- struct smb2_write_req *req, struct ksmbd_file *fp,
- loff_t offset, size_t length, bool sync)
+ struct smb2_write_req *req,
+ struct ksmbd_file *fp,
+ loff_t offset, size_t length, bool sync)
{
struct smb2_buffer_desc_v1 *desc;
char *data_buf;
@@ -6046,9 +6055,9 @@ static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
return -ENOMEM;
ret = ksmbd_conn_rdma_read(work->conn, data_buf, length,
- le32_to_cpu(desc->token),
- le64_to_cpu(desc->offset),
- le32_to_cpu(desc->length));
+ le32_to_cpu(desc->token),
+ le64_to_cpu(desc->offset),
+ le32_to_cpu(desc->length));
if (ret < 0) {
kvfree(data_buf);
return ret;
@@ -6095,7 +6104,7 @@ int smb2_write(struct ksmbd_work *work)
}
fp = ksmbd_lookup_fd_slow(work, le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ le64_to_cpu(req->PersistentFileId));
if (!fp) {
err = -ENOENT;
goto out;
@@ -6123,14 +6132,14 @@ int smb2_write(struct ksmbd_work *work)
if (req->Channel != SMB2_CHANNEL_RDMA_V1 &&
req->Channel != SMB2_CHANNEL_RDMA_V1_INVALIDATE) {
if (le16_to_cpu(req->DataOffset) ==
- (offsetof(struct smb2_write_req, Buffer) - 4)) {
+ (offsetof(struct smb2_write_req, Buffer) - 4)) {
data_buf = (char *)&req->Buffer[0];
} else {
if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
(le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
ksmbd_err("invalid write data offset %u, smb_len %u\n",
- le16_to_cpu(req->DataOffset),
- get_rfc1002_len(req));
+ le16_to_cpu(req->DataOffset),
+ get_rfc1002_len(req));
err = -EINVAL;
goto out;
}
@@ -6144,7 +6153,7 @@ int smb2_write(struct ksmbd_work *work)
writethrough = true;
ksmbd_debug(SMB, "filename %s, offset %lld, len %zu\n",
- FP_FILENAME(fp), offset, length);
+ FP_FILENAME(fp), offset, length);
err = ksmbd_vfs_write(work, fp, data_buf, length, &offset,
writethrough, &nbytes);
if (err < 0)
@@ -6154,8 +6163,8 @@ int smb2_write(struct ksmbd_work *work)
* write the data.
*/
nbytes = smb2_write_rdma_channel(work, req, fp, offset,
- le32_to_cpu(req->RemainingBytes),
- writethrough);
+ le32_to_cpu(req->RemainingBytes),
+ writethrough);
if (nbytes < 0) {
err = (int)nbytes;
goto out;
@@ -6209,7 +6218,7 @@ int smb2_flush(struct ksmbd_work *work)
WORK_BUFFERS(work, req, rsp);
ksmbd_debug(SMB, "SMB2_FLUSH called for fid %llu\n",
- le64_to_cpu(req->VolatileFileId));
+ le64_to_cpu(req->VolatileFileId));
err = ksmbd_vfs_fsync(work,
le64_to_cpu(req->VolatileFileId),
@@ -6248,7 +6257,7 @@ int smb2_cancel(struct ksmbd_work *work)
struct list_head *command_list;
ksmbd_debug(SMB, "smb2 cancel called on mid %llu, async flags 0x%x\n",
- hdr->MessageId, hdr->Flags);
+ hdr->MessageId, hdr->Flags);
if (hdr->Flags & SMB2_FLAGS_ASYNC_COMMAND) {
command_list = &conn->async_requests;
@@ -6256,7 +6265,7 @@ int smb2_cancel(struct ksmbd_work *work)
spin_lock(&conn->request_lock);
list_for_each(tmp, command_list) {
cancel_work = list_entry(tmp, struct ksmbd_work,
- async_request_entry);
+ async_request_entry);
chdr = cancel_work->request_buf;
if (cancel_work->async_id !=
@@ -6264,9 +6273,9 @@ int smb2_cancel(struct ksmbd_work *work)
continue;
ksmbd_debug(SMB,
- "smb2 with AsyncId %llu cancelled command = 0x%x\n",
- le64_to_cpu(hdr->Id.AsyncId),
- le16_to_cpu(chdr->Command));
+ "smb2 with AsyncId %llu cancelled command = 0x%x\n",
+ le64_to_cpu(hdr->Id.AsyncId),
+ le16_to_cpu(chdr->Command));
canceled = 1;
break;
}
@@ -6277,7 +6286,7 @@ int smb2_cancel(struct ksmbd_work *work)
spin_lock(&conn->request_lock);
list_for_each(tmp, command_list) {
cancel_work = list_entry(tmp, struct ksmbd_work,
- request_entry);
+ request_entry);
chdr = cancel_work->request_buf;
if (chdr->MessageId != hdr->MessageId ||
@@ -6285,9 +6294,9 @@ int smb2_cancel(struct ksmbd_work *work)
continue;
ksmbd_debug(SMB,
- "smb2 with mid %llu cancelled command = 0x%x\n",
- le64_to_cpu(hdr->MessageId),
- le16_to_cpu(chdr->Command));
+ "smb2 with mid %llu cancelled command = 0x%x\n",
+ le64_to_cpu(hdr->MessageId),
+ le16_to_cpu(chdr->Command));
canceled = 1;
break;
}
@@ -6346,13 +6355,13 @@ static int smb2_set_flock_flags(struct file_lock *flock, int flags)
break;
case SMB2_LOCKFLAG_SHARED | SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
ksmbd_debug(SMB,
- "received shared & fail immediately request\n");
+ "received shared & fail immediately request\n");
cmd = F_SETLK;
flock->fl_type = F_RDLCK;
break;
case SMB2_LOCKFLAG_EXCLUSIVE | SMB2_LOCKFLAG_FAIL_IMMEDIATELY:
ksmbd_debug(SMB,
- "received exclusive & fail immediately request\n");
+ "received exclusive & fail immediately request\n");
cmd = F_SETLK;
flock->fl_type = F_WRLCK;
break;
@@ -6367,7 +6376,8 @@ static int smb2_set_flock_flags(struct file_lock *flock, int flags)
}
static struct ksmbd_lock *smb2_lock_init(struct file_lock *flock,
- unsigned int cmd, int flags, struct list_head *lock_list)
+ unsigned int cmd, int flags,
+ struct list_head *lock_list)
{
struct ksmbd_lock *lock;
@@ -6430,11 +6440,11 @@ int smb2_lock(struct ksmbd_work *work)
ksmbd_debug(SMB, "Received lock request\n");
fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
if (!fp) {
ksmbd_debug(SMB, "Invalid file id for lock : %llu\n",
- le64_to_cpu(req->VolatileFileId));
+ le64_to_cpu(req->VolatileFileId));
rsp->hdr.Status = STATUS_FILE_CLOSED;
goto out2;
}
@@ -6444,7 +6454,7 @@ int smb2_lock(struct ksmbd_work *work)
lock_ele = req->locks;
ksmbd_debug(SMB, "lock count is %d\n", lock_count);
- if (!lock_count) {
+ if (!lock_count) {
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
goto out2;
}
@@ -6481,8 +6491,8 @@ int smb2_lock(struct ksmbd_work *work)
if (flock->fl_end < flock->fl_start) {
ksmbd_debug(SMB,
- "the end offset(%llx) is smaller than the start offset(%llx)\n",
- flock->fl_end, flock->fl_start);
+ "the end offset(%llx) is smaller than the start offset(%llx)\n",
+ flock->fl_end, flock->fl_start);
rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
goto out;
}
@@ -6621,9 +6631,9 @@ int smb2_lock(struct ksmbd_work *work)
void **argv;
ksmbd_debug(SMB,
- "would have to wait for getting lock\n");
+ "would have to wait for getting lock\n");
list_add_tail(&smb_lock->glist,
- &global_lock_list);
+ &global_lock_list);
list_add(&smb_lock->llist, &rollback_list);
argv = kmalloc(sizeof(void *), GFP_KERNEL);
@@ -6634,7 +6644,8 @@ int smb2_lock(struct ksmbd_work *work)
argv[0] = flock;
err = setup_async_work(work,
- smb2_remove_blocked_lock, argv);
+ smb2_remove_blocked_lock,
+ argv);
if (err) {
rsp->hdr.Status =
STATUS_INSUFFICIENT_RESOURCES;
@@ -6661,7 +6672,7 @@ int smb2_lock(struct ksmbd_work *work)
STATUS_CANCELLED;
kfree(smb_lock);
smb2_send_interim_resp(work,
- STATUS_CANCELLED);
+ STATUS_CANCELLED);
work->send_no_response = 1;
goto out;
}
@@ -6681,7 +6692,7 @@ int smb2_lock(struct ksmbd_work *work)
goto retry;
} else if (!err) {
list_add_tail(&smb_lock->glist,
- &global_lock_list);
+ &global_lock_list);
list_add(&smb_lock->llist, &rollback_list);
ksmbd_debug(SMB, "successful in taking lock\n");
} else {
@@ -6734,7 +6745,7 @@ int smb2_lock(struct ksmbd_work *work)
}
static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
- struct smb2_ioctl_rsp *rsp)
+ struct smb2_ioctl_rsp *rsp)
{
struct copychunk_ioctl_req *ci_req;
struct copychunk_ioctl_rsp *ci_rsp;
@@ -6785,10 +6796,10 @@ static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
}
src_fp = ksmbd_lookup_foreign_fd(work,
- le64_to_cpu(ci_req->ResumeKey[0]));
+ le64_to_cpu(ci_req->ResumeKey[0]));
dst_fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
ret = -EINVAL;
if (!src_fp ||
src_fp->persistent_id != le64_to_cpu(ci_req->ResumeKey[1])) {
@@ -6805,16 +6816,17 @@ static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
* FILE_READ_DATA should only be included in
* the FSCTL_COPYCHUNK case
*/
- if (cnt_code == FSCTL_COPYCHUNK && !(dst_fp->daccess &
- (FILE_READ_DATA_LE | FILE_GENERIC_READ_LE))) {
+ if (cnt_code == FSCTL_COPYCHUNK &&
+ !(dst_fp->daccess & (FILE_READ_DATA_LE | FILE_GENERIC_READ_LE))) {
rsp->hdr.Status = STATUS_ACCESS_DENIED;
goto out;
}
ret = ksmbd_vfs_copy_file_ranges(work, src_fp, dst_fp,
- chunks, chunk_count,
- &chunk_count_written, &chunk_size_written,
- &total_size_written);
+ chunks, chunk_count,
+ &chunk_count_written,
+ &chunk_size_written,
+ &total_size_written);
if (ret < 0) {
if (ret == -EACCES)
rsp->hdr.Status = STATUS_ACCESS_DENIED;
@@ -6862,7 +6874,8 @@ static __be32 idev_ipv4_address(struct in_device *idev)
}
static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
- struct smb2_ioctl_req *req, struct smb2_ioctl_rsp *rsp)
+ struct smb2_ioctl_req *req,
+ struct smb2_ioctl_rsp *rsp)
{
struct network_interface_info_ioctl_rsp *nii_rsp = NULL;
int nbytes = 0;
@@ -6905,7 +6918,7 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
speed = cmd.base.speed;
} else {
ksmbd_err("%s %s\n", netdev->name,
- "speed is unknown, defaulting to 1Gb/sec");
+ "speed is unknown, defaulting to 1Gb/sec");
speed = SPEED_1000;
}
@@ -6969,14 +6982,14 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
}
static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
- struct validate_negotiate_info_req *neg_req,
- struct validate_negotiate_info_rsp *neg_rsp)
+ struct validate_negotiate_info_req *neg_req,
+ struct validate_negotiate_info_rsp *neg_rsp)
{
int ret = 0;
int dialect;
dialect = ksmbd_lookup_dialect_by_id(neg_req->Dialects,
- neg_req->DialectCount);
+ neg_req->DialectCount);
if (dialect == BAD_PROT_ID || dialect != conn->dialect) {
ret = -EINVAL;
goto err_out;
@@ -7006,9 +7019,9 @@ static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
}
static int fsctl_query_allocated_ranges(struct ksmbd_work *work, u64 id,
- struct file_allocated_range_buffer *qar_req,
- struct file_allocated_range_buffer *qar_rsp,
- int in_count, int *out_count)
+ struct file_allocated_range_buffer *qar_req,
+ struct file_allocated_range_buffer *qar_rsp,
+ int in_count, int *out_count)
{
struct ksmbd_file *fp;
loff_t start, length;
@@ -7026,7 +7039,7 @@ static int fsctl_query_allocated_ranges(struct ksmbd_work *work, u64 id,
length = le64_to_cpu(qar_req->length);
ret = ksmbd_vfs_fqar_lseek(fp, start, length,
- qar_rsp, in_count, out_count);
+ qar_rsp, in_count, out_count);
if (ret && ret != -E2BIG)
*out_count = 0;
@@ -7035,15 +7048,15 @@ static int fsctl_query_allocated_ranges(struct ksmbd_work *work, u64 id,
}
static int fsctl_pipe_transceive(struct ksmbd_work *work, u64 id,
- int out_buf_len, struct smb2_ioctl_req *req,
- struct smb2_ioctl_rsp *rsp)
+ int out_buf_len, struct smb2_ioctl_req *req,
+ struct smb2_ioctl_rsp *rsp)
{
struct ksmbd_rpc_command *rpc_resp;
char *data_buf = (char *)&req->Buffer[0];
int nbytes = 0;
rpc_resp = ksmbd_rpc_ioctl(work->sess, id, data_buf,
- le32_to_cpu(req->InputCount));
+ le32_to_cpu(req->InputCount));
if (rpc_resp) {
if (rpc_resp->flags == KSMBD_RPC_SOME_NOT_MAPPED) {
/*
@@ -7079,7 +7092,7 @@ static int fsctl_pipe_transceive(struct ksmbd_work *work, u64 id,
}
static inline int fsctl_set_sparse(struct ksmbd_work *work, u64 id,
- struct file_sparse *sparse)
+ struct file_sparse *sparse)
{
struct ksmbd_file *fp;
int ret = 0;
@@ -7116,14 +7129,14 @@ static inline int fsctl_set_sparse(struct ksmbd_work *work, u64 id,
}
static int fsctl_request_resume_key(struct ksmbd_work *work,
- struct smb2_ioctl_req *req,
- struct resume_key_ioctl_rsp *key_rsp)
+ struct smb2_ioctl_req *req,
+ struct resume_key_ioctl_rsp *key_rsp)
{
struct ksmbd_file *fp;
fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId));
if (!fp)
return -ENOENT;
@@ -7157,7 +7170,7 @@ int smb2_ioctl(struct ksmbd_work *work)
rsp = RESPONSE_BUF_NEXT(work);
if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
ksmbd_debug(SMB, "Compound request set FID = %u\n",
- work->compound_fid);
+ work->compound_fid);
id = work->compound_fid;
}
} else {
@@ -7233,7 +7246,7 @@ int smb2_ioctl(struct ksmbd_work *work)
}
ret = fsctl_request_resume_key(work, req,
- (struct resume_key_ioctl_rsp *)&rsp->Buffer[0]);
+ (struct resume_key_ioctl_rsp *)&rsp->Buffer[0]);
if (ret < 0)
goto out;
rsp->PersistentFileId = req->PersistentFileId;
@@ -7244,7 +7257,7 @@ int smb2_ioctl(struct ksmbd_work *work)
case FSCTL_COPYCHUNK_WRITE:
if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
- "User does not have write permission\n");
+ "User does not have write permission\n");
ret = -EACCES;
goto out;
}
@@ -7259,7 +7272,7 @@ int smb2_ioctl(struct ksmbd_work *work)
break;
case FSCTL_SET_SPARSE:
ret = fsctl_set_sparse(work, id,
- (struct file_sparse *)&req->Buffer[0]);
+ (struct file_sparse *)&req->Buffer[0]);
if (ret < 0)
goto out;
break;
@@ -7271,7 +7284,7 @@ int smb2_ioctl(struct ksmbd_work *work)
if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
- "User does not have write permission\n");
+ "User does not have write permission\n");
ret = -EACCES;
goto out;
}
@@ -7338,7 +7351,7 @@ int smb2_ioctl(struct ksmbd_work *work)
dup_ext = (struct duplicate_extents_to_file *)&req->Buffer[0];
fp_in = ksmbd_lookup_fd_slow(work, dup_ext->VolatileFileHandle,
- dup_ext->PersistentFileHandle);
+ dup_ext->PersistentFileHandle);
if (!fp_in) {
ksmbd_err("not found file handle in duplicate extent to file\n");
ret = -ENOENT;
@@ -7356,13 +7369,13 @@ int smb2_ioctl(struct ksmbd_work *work)
dst_off = le64_to_cpu(dup_ext->TargetFileOffset);
length = le64_to_cpu(dup_ext->ByteCount);
cloned = vfs_clone_file_range(fp_in->filp, src_off, fp_out->filp,
- dst_off, length, 0);
+ dst_off, length, 0);
if (cloned == -EXDEV || cloned == -EOPNOTSUPP) {
ret = -EOPNOTSUPP;
goto dup_ext_out;
} else if (cloned != length) {
cloned = ksmbd_vfs_copy_file_range(fp_in->filp, src_off,
- fp_out->filp, dst_off, length);
+ fp_out->filp, dst_off, length);
if (cloned != length) {
if (cloned < 0)
ret = cloned;
@@ -7380,7 +7393,7 @@ int smb2_ioctl(struct ksmbd_work *work)
}
default:
ksmbd_debug(SMB, "not implemented yet ioctl command 0x%x\n",
- cnt_code);
+ cnt_code);
ret = -EOPNOTSUPP;
goto out;
}
@@ -7508,7 +7521,7 @@ static void smb20_oplock_break_ack(struct ksmbd_work *work)
break;
default:
ksmbd_err("unknown oplock change 0x%x -> 0x%x\n",
- opinfo->level, rsp_oplevel);
+ opinfo->level, rsp_oplevel);
}
if (ret < 0) {
@@ -7573,7 +7586,7 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
struct lease *lease;
ksmbd_debug(OPLOCK, "smb21 lease break, lease state(0x%x)\n",
- le32_to_cpu(req->LeaseState));
+ le32_to_cpu(req->LeaseState));
opinfo = lookup_lease_in_table(conn, req->LeaseKey);
if (!opinfo) {
ksmbd_debug(OPLOCK, "file not opened\n");
@@ -7585,7 +7598,7 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
if (opinfo->op_state == OPLOCK_STATE_NONE) {
ksmbd_err("unexpected lease break state 0x%x\n",
- opinfo->op_state);
+ opinfo->op_state);
rsp->hdr.Status = STATUS_UNSUCCESSFUL;
goto err_out;
}
@@ -7593,8 +7606,8 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
if (check_lease_state(lease, req->LeaseState)) {
rsp->hdr.Status = STATUS_REQUEST_NOT_ACCEPTED;
ksmbd_debug(OPLOCK,
- "req lease state: 0x%x, expected state: 0x%x\n",
- req->LeaseState, lease->new_state);
+ "req lease state: 0x%x, expected state: 0x%x\n",
+ req->LeaseState, lease->new_state);
goto err_out;
}
@@ -7604,23 +7617,23 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
}
/* check for bad lease state */
- if (req->LeaseState & (~(SMB2_LEASE_READ_CACHING_LE |
- SMB2_LEASE_HANDLE_CACHING_LE))) {
+ if (req->LeaseState &
+ (~(SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_HANDLE_CACHING_LE))) {
err = STATUS_INVALID_OPLOCK_PROTOCOL;
if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
lease_change_type = OPLOCK_WRITE_TO_NONE;
else
lease_change_type = OPLOCK_READ_TO_NONE;
ksmbd_debug(OPLOCK, "handle bad lease state 0x%x -> 0x%x\n",
- le32_to_cpu(lease->state),
- le32_to_cpu(req->LeaseState));
+ le32_to_cpu(lease->state),
+ le32_to_cpu(req->LeaseState));
} else if (lease->state == SMB2_LEASE_READ_CACHING_LE &&
req->LeaseState != SMB2_LEASE_NONE_LE) {
err = STATUS_INVALID_OPLOCK_PROTOCOL;
lease_change_type = OPLOCK_READ_TO_NONE;
ksmbd_debug(OPLOCK, "handle bad lease state 0x%x -> 0x%x\n",
- le32_to_cpu(lease->state),
- le32_to_cpu(req->LeaseState));
+ le32_to_cpu(lease->state),
+ le32_to_cpu(req->LeaseState));
} else {
/* valid lease state changes */
err = STATUS_INVALID_DEVICE_STATE;
@@ -7654,8 +7667,8 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
break;
default:
ksmbd_debug(OPLOCK, "unknown lease change 0x%x -> 0x%x\n",
- le32_to_cpu(lease->state),
- le32_to_cpu(req->LeaseState));
+ le32_to_cpu(lease->state),
+ le32_to_cpu(req->LeaseState));
}
lease_state = lease->state;
@@ -7709,7 +7722,7 @@ int smb2_oplock_break(struct ksmbd_work *work)
break;
default:
ksmbd_debug(OPLOCK, "invalid break cmd %d\n",
- le16_to_cpu(req->StructureSize));
+ le16_to_cpu(req->StructureSize));
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
smb2_set_err_rsp(work);
}
@@ -7999,7 +8012,7 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
if (le16_to_cpu(req->Command) == SMB2_NEGOTIATE_HE)
ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
- conn->preauth_info->Preauth_HashValue);
+ conn->preauth_info->Preauth_HashValue);
if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE &&
sess && sess->state == SMB2_SESSION_IN_PROGRESS) {
@@ -8007,12 +8020,12 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
hash_value = sess->Preauth_HashValue;
ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
- hash_value);
+ hash_value);
}
}
static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, char *old_buf,
- __le16 cipher_type)
+ __le16 cipher_type)
{
struct smb2_hdr *hdr = (struct smb2_hdr *)old_buf;
unsigned int orig_len = get_rfc1002_len(old_buf);
@@ -8100,14 +8113,14 @@ int smb3_decrypt_req(struct ksmbd_work *work)
sess = ksmbd_session_lookup(conn, le64_to_cpu(tr_hdr->SessionId));
if (!sess) {
ksmbd_err("invalid session id(%llx) in transform header\n",
- le64_to_cpu(tr_hdr->SessionId));
+ le64_to_cpu(tr_hdr->SessionId));
return -ECONNABORTED;
}
- if (pdu_length + 4 < sizeof(struct smb2_transform_hdr) +
- sizeof(struct smb2_hdr)) {
+ if (pdu_length + 4 <
+ sizeof(struct smb2_transform_hdr) + sizeof(struct smb2_hdr)) {
ksmbd_err("Transform message is too small (%u)\n",
- pdu_length);
+ pdu_length);
return -ECONNABORTED;
}
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index 985171cbf192..039030968b50 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -98,7 +98,7 @@ int ksmbd_lookup_protocol_idx(char *str)
while (offt >= 0) {
if (!strncmp(str, smb_protos[offt].prot, len)) {
ksmbd_debug(SMB, "selected %s dialect idx = %d\n",
- smb_protos[offt].prot, offt);
+ smb_protos[offt].prot, offt);
return smb_protos[offt].index;
}
offt--;
@@ -156,7 +156,7 @@ static bool supported_protocol(int idx)
return true;
return (server_conf.min_protocol <= idx &&
- idx <= server_conf.max_protocol);
+ idx <= server_conf.max_protocol);
}
static char *next_dialect(char *dialect, int *next_off)
@@ -179,12 +179,12 @@ static int ksmbd_lookup_dialect_by_name(char *cli_dialects, __le16 byte_count)
do {
dialect = next_dialect(dialect, &next);
ksmbd_debug(SMB, "client requested dialect %s\n",
- dialect);
+ dialect);
if (!strcmp(dialect, smb_protos[i].name)) {
if (supported_protocol(smb_protos[i].index)) {
ksmbd_debug(SMB,
- "selected %s dialect\n",
- smb_protos[i].name);
+ "selected %s dialect\n",
+ smb_protos[i].name);
if (smb_protos[i].index == SMB1_PROT)
return seq_num;
return smb_protos[i].prot_id;
@@ -207,14 +207,14 @@ int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count)
count = le16_to_cpu(dialects_count);
while (--count >= 0) {
ksmbd_debug(SMB, "client requested dialect 0x%x\n",
- le16_to_cpu(cli_dialects[count]));
+ le16_to_cpu(cli_dialects[count]));
if (le16_to_cpu(cli_dialects[count]) !=
smb_protos[i].prot_id)
continue;
if (supported_protocol(smb_protos[i].index)) {
ksmbd_debug(SMB, "selected %s dialect\n",
- smb_protos[i].name);
+ smb_protos[i].name);
return smb_protos[i].prot_id;
}
}
@@ -269,9 +269,12 @@ bool ksmbd_pdu_size_has_room(unsigned int pdu)
}
int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
- struct ksmbd_file *dir, struct ksmbd_dir_info *d_info,
- char *search_pattern, int (*fn)(struct ksmbd_conn *, int,
- struct ksmbd_dir_info *, struct ksmbd_kstat *))
+ struct ksmbd_file *dir,
+ struct ksmbd_dir_info *d_info,
+ char *search_pattern,
+ int (*fn)(struct ksmbd_conn *, int,
+ struct ksmbd_dir_info *,
+ struct ksmbd_kstat *))
{
int i, rc = 0;
struct ksmbd_conn *conn = work->conn;
@@ -297,8 +300,8 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
ksmbd_kstat.kstat = &kstat;
ksmbd_vfs_fill_dentry_attrs(work,
- dir->filp->f_path.dentry->d_parent,
- &ksmbd_kstat);
+ dir->filp->f_path.dentry->d_parent,
+ &ksmbd_kstat);
rc = fn(conn, info_level, d_info, &ksmbd_kstat);
if (rc)
break;
@@ -327,7 +330,7 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
* but the result is different with Windows 7's one. need to check.
*/
int ksmbd_extract_shortname(struct ksmbd_conn *conn, const char *longname,
- char *shortname)
+ char *shortname)
{
const char *p;
char base[9], extension[4];
@@ -390,7 +393,7 @@ int ksmbd_extract_shortname(struct ksmbd_conn *conn, const char *longname,
else
out[baselen + 4] = '\0';
smbConvertToUTF16((__le16 *)shortname, out, PATH_MAX,
- conn->local_nls, 0);
+ conn->local_nls, 0);
len = strlen(out) * 2;
return len;
}
@@ -398,7 +401,7 @@ int ksmbd_extract_shortname(struct ksmbd_conn *conn, const char *longname,
static int __smb2_negotiate(struct ksmbd_conn *conn)
{
return (conn->dialect >= SMB20_PROT_ID &&
- conn->dialect <= SMB311_PROT_ID);
+ conn->dialect <= SMB311_PROT_ID);
}
static int smb_handle_negotiate(struct ksmbd_work *work)
@@ -467,11 +470,11 @@ static const char * const shared_mode_errors[] = {
};
static void smb_shared_mode_error(int error, struct ksmbd_file *prev_fp,
- struct ksmbd_file *curr_fp)
+ struct ksmbd_file *curr_fp)
{
ksmbd_debug(SMB, "%s\n", shared_mode_errors[error]);
ksmbd_debug(SMB, "Current mode: 0x%x Desired mode: 0x%x\n",
- prev_fp->saccess, curr_fp->daccess);
+ prev_fp->saccess, curr_fp->daccess);
}
int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index d65e853ab00f..63db8c015f9d 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -131,7 +131,7 @@ static void smb_copy_sid(struct smb_sid *dst, const struct smb_sid *src)
* bits to set can be: S_IRWXU, S_IRWXG or S_IRWXO ie 00700 or 00070 or 00007
*/
static umode_t access_flags_to_mode(struct smb_fattr *fattr, __le32 ace_flags,
- int type)
+ int type)
{
__u32 flags = le32_to_cpu(ace_flags);
umode_t mode = 0;
@@ -166,7 +166,7 @@ static umode_t access_flags_to_mode(struct smb_fattr *fattr, __le32 ace_flags,
* with either owner or group or everyone.
*/
static void mode_to_access_flags(umode_t mode, umode_t bits_to_use,
- __u32 *pace_flags)
+ __u32 *pace_flags)
{
/* reset access mask */
*pace_flags = 0x0;
@@ -187,12 +187,12 @@ static void mode_to_access_flags(umode_t mode, umode_t bits_to_use,
*pace_flags |= SET_FILE_EXEC_RIGHTS;
ksmbd_debug(SMB, "mode: %o, access flags now 0x%x\n",
- mode, *pace_flags);
+ mode, *pace_flags);
}
static __u16 fill_ace_for_sid(struct smb_ace *pntace,
- const struct smb_sid *psid, int type, int flags,
- umode_t mode, umode_t bits)
+ const struct smb_sid *psid, int type, int flags,
+ umode_t mode, umode_t bits)
{
int i;
__u16 size = 0;
@@ -255,7 +255,7 @@ void id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid)
}
static int sid_to_id(struct smb_sid *psid, uint sidtype,
- struct smb_fattr *fattr)
+ struct smb_fattr *fattr)
{
int rc = -EINVAL;
@@ -265,7 +265,7 @@ static int sid_to_id(struct smb_sid *psid, uint sidtype,
*/
if (unlikely(psid->num_subauth > SID_MAX_SUB_AUTHORITIES)) {
ksmbd_err("%s: %u subauthorities is too many!\n",
- __func__, psid->num_subauth);
+ __func__, psid->num_subauth);
return -EIO;
}
@@ -299,7 +299,7 @@ static int sid_to_id(struct smb_sid *psid, uint sidtype,
}
void posix_state_to_acl(struct posix_acl_state *state,
- struct posix_acl_entry *pace)
+ struct posix_acl_entry *pace)
{
int i;
@@ -364,8 +364,8 @@ void free_acl_state(struct posix_acl_state *state)
}
static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
- struct smb_sid *pownersid, struct smb_sid *pgrpsid,
- struct smb_fattr *fattr)
+ struct smb_sid *pownersid, struct smb_sid *pgrpsid,
+ struct smb_fattr *fattr)
{
int i, ret;
int num_aces = 0;
@@ -388,8 +388,8 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
}
ksmbd_debug(SMB, "DACL revision %d size %d num aces %d\n",
- le16_to_cpu(pdacl->revision), le16_to_cpu(pdacl->size),
- le32_to_cpu(pdacl->num_aces));
+ le16_to_cpu(pdacl->revision), le16_to_cpu(pdacl->size),
+ le32_to_cpu(pdacl->num_aces));
acl_base = (char *)pdacl;
acl_size = sizeof(struct smb_acl);
@@ -401,8 +401,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
if (num_aces > ULONG_MAX / sizeof(struct smb_ace *))
return;
- ppace = kmalloc_array(num_aces, sizeof(struct smb_ace *),
- GFP_KERNEL);
+ ppace = kmalloc_array(num_aces, sizeof(struct smb_ace *), GFP_KERNEL);
if (!ppace)
return;
@@ -433,7 +432,8 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
break;
} else if (!compare_sids(&ppace[i]->sid, pownersid)) {
acl_mode = access_flags_to_mode(fattr,
- ppace[i]->access_req, ppace[i]->type);
+ ppace[i]->access_req,
+ ppace[i]->type);
acl_mode &= 0700;
if (!owner_found) {
@@ -445,7 +445,8 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
ppace[i]->sid.sub_auth[ppace[i]->sid.num_subauth - 1] ==
DOMAIN_USER_RID_LE) {
acl_mode = access_flags_to_mode(fattr,
- ppace[i]->access_req, ppace[i]->type);
+ ppace[i]->access_req,
+ ppace[i]->type);
acl_mode &= 0070;
if (!group_found) {
mode &= ~(0070);
@@ -454,7 +455,8 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
group_found = true;
} else if (!compare_sids(&ppace[i]->sid, &sid_everyone)) {
acl_mode = access_flags_to_mode(fattr,
- ppace[i]->access_req, ppace[i]->type);
+ ppace[i]->access_req,
+ ppace[i]->type);
acl_mode &= 0007;
if (!others_found) {
mode &= ~(0007);
@@ -471,12 +473,12 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
struct smb_fattr temp_fattr;
acl_mode = access_flags_to_mode(fattr, ppace[i]->access_req,
- ppace[i]->type);
+ ppace[i]->type);
temp_fattr.cf_uid = INVALID_UID;
ret = sid_to_id(&ppace[i]->sid, SIDOWNER, &temp_fattr);
if (ret || uid_eq(temp_fattr.cf_uid, INVALID_UID)) {
ksmbd_err("%s: Error %d mapping Owner SID to uid\n",
- __func__, ret);
+ __func__, ret);
continue;
}
@@ -553,7 +555,8 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
}
static void set_posix_acl_entries_dacl(struct smb_ace *pndace,
- struct smb_fattr *fattr, u32 *num_aces, u16 *size, u32 nt_aces_num)
+ struct smb_fattr *fattr, u32 *num_aces,
+ u16 *size, u32 nt_aces_num)
{
struct posix_acl_entry *pace;
struct smb_sid *sid;
@@ -665,8 +668,9 @@ static void set_posix_acl_entries_dacl(struct smb_ace *pndace,
}
static void set_ntacl_dacl(struct smb_acl *pndacl, struct smb_acl *nt_dacl,
- const struct smb_sid *pownersid, const struct smb_sid *pgrpsid,
- struct smb_fattr *fattr)
+ const struct smb_sid *pownersid,
+ const struct smb_sid *pgrpsid,
+ struct smb_fattr *fattr)
{
struct smb_ace *ntace, *pndace;
int nt_num_aces = le32_to_cpu(nt_dacl->num_aces), num_aces = 0;
@@ -711,7 +715,7 @@ static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr)
else
sid = &sid_unix_users;
ace_size = fill_ace_for_sid(pace, sid, ACCESS_ALLOWED, 0,
- fattr->cf_mode, 0700);
+ fattr->cf_mode, 0700);
pace->sid.sub_auth[pace->sid.num_subauth++] = cpu_to_le32(uid);
pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
pace->size = cpu_to_le16(ace_size + 4);
@@ -720,7 +724,7 @@ static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr)
/* Group RID */
ace_size = fill_ace_for_sid(pace, &sid_unix_groups,
- ACCESS_ALLOWED, 0, fattr->cf_mode, 0070);
+ ACCESS_ALLOWED, 0, fattr->cf_mode, 0070);
pace->sid.sub_auth[pace->sid.num_subauth++] =
cpu_to_le32(from_kgid(&init_user_ns, fattr->cf_gid));
pace->size = cpu_to_le16(ace_size + 4);
@@ -733,20 +737,20 @@ static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr)
/* creator owner */
size += fill_ace_for_sid(pace, &creator_owner, ACCESS_ALLOWED,
- 0x0b, fattr->cf_mode, 0700);
+ 0x0b, fattr->cf_mode, 0700);
pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
pace = (struct smb_ace *)((char *)pndace + size);
/* creator group */
size += fill_ace_for_sid(pace, &creator_group, ACCESS_ALLOWED,
- 0x0b, fattr->cf_mode, 0070);
+ 0x0b, fattr->cf_mode, 0070);
pace = (struct smb_ace *)((char *)pndace + size);
num_aces = 5;
}
/* other */
size += fill_ace_for_sid(pace, &sid_everyone, ACCESS_ALLOWED, 0,
- fattr->cf_mode, 0007);
+ fattr->cf_mode, 0007);
out:
pndacl->num_aces = cpu_to_le32(num_aces);
@@ -769,7 +773,7 @@ static int parse_sid(struct smb_sid *psid, char *end_of_acl)
/* Convert CIFS ACL to POSIX form */
int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
- struct smb_fattr *fattr)
+ struct smb_fattr *fattr)
{
int rc = 0;
struct smb_sid *owner_sid_ptr, *group_sid_ptr;
@@ -788,10 +792,10 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
dacloffset = le32_to_cpu(pntsd->dacloffset);
dacl_ptr = (struct smb_acl *)((char *)pntsd + dacloffset);
ksmbd_debug(SMB,
- "revision %d type 0x%x ooffset 0x%x goffset 0x%x sacloffset 0x%x dacloffset 0x%x\n",
- pntsd->revision, pntsd->type, le32_to_cpu(pntsd->osidoffset),
- le32_to_cpu(pntsd->gsidoffset),
- le32_to_cpu(pntsd->sacloffset), dacloffset);
+ "revision %d type 0x%x ooffset 0x%x goffset 0x%x sacloffset 0x%x dacloffset 0x%x\n",
+ pntsd->revision, pntsd->type, le32_to_cpu(pntsd->osidoffset),
+ le32_to_cpu(pntsd->gsidoffset),
+ le32_to_cpu(pntsd->sacloffset), dacloffset);
pntsd_type = le16_to_cpu(pntsd->type);
if (!(pntsd_type & DACL_PRESENT)) {
@@ -811,7 +815,7 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
rc = sid_to_id(owner_sid_ptr, SIDOWNER, fattr);
if (rc) {
ksmbd_err("%s: Error %d mapping Owner SID to uid\n",
- __func__, rc);
+ __func__, rc);
owner_sid_ptr = NULL;
}
}
@@ -820,19 +824,18 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
rc = parse_sid(group_sid_ptr, end_of_acl);
if (rc) {
ksmbd_err("%s: Error %d mapping Owner SID to gid\n",
- __func__, rc);
+ __func__, rc);
return rc;
}
rc = sid_to_id(group_sid_ptr, SIDUNIX_GROUP, fattr);
if (rc) {
ksmbd_err("%s: Error %d mapping Group SID to gid\n",
- __func__, rc);
+ __func__, rc);
group_sid_ptr = NULL;
}
}
- if ((pntsd_type &
- (DACL_AUTO_INHERITED | DACL_AUTO_INHERIT_REQ)) ==
+ if ((pntsd_type & (DACL_AUTO_INHERITED | DACL_AUTO_INHERIT_REQ)) ==
(DACL_AUTO_INHERITED | DACL_AUTO_INHERIT_REQ))
pntsd->type |= cpu_to_le16(DACL_AUTO_INHERITED);
if (pntsd_type & DACL_PROTECTED)
@@ -840,7 +843,7 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
if (dacloffset) {
parse_dacl(dacl_ptr, end_of_acl, owner_sid_ptr, group_sid_ptr,
- fattr);
+ fattr);
}
return 0;
@@ -848,7 +851,8 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
/* Convert permission bits from mode to equivalent CIFS ACL */
int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *ppntsd,
- int addition_info, __u32 *secdesclen, struct smb_fattr *fattr)
+ int addition_info, __u32 *secdesclen,
+ struct smb_fattr *fattr)
{
int rc = 0;
__u32 offset;
@@ -929,7 +933,7 @@ int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *ppntsd,
}
static void smb_set_ace(struct smb_ace *ace, const struct smb_sid *sid, u8 type,
- u8 flags, __le32 access_req)
+ u8 flags, __le32 access_req)
{
ace->type = type;
ace->flags = flags;
@@ -939,7 +943,7 @@ static void smb_set_ace(struct smb_ace *ace, const struct smb_sid *sid, u8 type,
}
int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
- unsigned int uid, unsigned int gid)
+ unsigned int uid, unsigned int gid)
{
const struct smb_sid *psid, *creator = NULL;
struct smb_ace *parent_aces, *aces;
@@ -1003,7 +1007,7 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
if (is_dir && creator && flags & CONTAINER_INHERIT_ACE) {
smb_set_ace(aces, psid, parent_aces->type, inherited_flags,
- parent_aces->access_req);
+ parent_aces->access_req);
nt_size += le16_to_cpu(aces->size);
ace_cnt++;
aces = (struct smb_ace *)((char *)aces + le16_to_cpu(aces->size));
@@ -1014,7 +1018,7 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
}
smb_set_ace(aces, psid, parent_aces->type, flags | inherited_flags,
- parent_aces->access_req);
+ parent_aces->access_req);
nt_size += le16_to_cpu(aces->size);
aces = (struct smb_ace *)((char *)aces + le16_to_cpu(aces->size));
ace_cnt++;
@@ -1107,7 +1111,7 @@ bool smb_inherit_flags(int flags, bool is_dir)
}
int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
- __le32 *pdaccess, int uid)
+ __le32 *pdaccess, int uid)
{
struct smb_ntsd *pntsd = NULL;
struct smb_acl *pdacl;
@@ -1243,10 +1247,10 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
}
check_access_bits:
- if (granted & ~(access_bits | FILE_READ_ATTRIBUTES |
- READ_CONTROL | WRITE_DAC | DELETE)) {
+ if (granted &
+ ~(access_bits | FILE_READ_ATTRIBUTES | READ_CONTROL | WRITE_DAC | DELETE)) {
ksmbd_debug(SMB, "Access denied with winACL, granted : %x, access_req : %x\n",
- granted, le32_to_cpu(ace->access_req));
+ granted, le32_to_cpu(ace->access_req));
rc = -EACCES;
goto err_out;
}
@@ -1258,8 +1262,8 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
}
int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
- struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
- bool type_check)
+ struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
+ bool type_check)
{
int rc;
struct smb_fattr fattr = {{0}};
@@ -1284,10 +1288,10 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
/* Update posix acls */
if (fattr.cf_dacls) {
rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS,
- fattr.cf_acls);
+ fattr.cf_acls);
if (S_ISDIR(inode->i_mode) && fattr.cf_dacls)
rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT,
- fattr.cf_dacls);
+ fattr.cf_dacls);
}
/* Check it only calling from SD BUFFER context */
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index 78061fecf816..b09df832431f 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -269,7 +269,7 @@ static int handle_response(int type, void *payload, size_t sz)
*/
if (entry->type + 1 != type) {
ksmbd_err("Waiting for IPC type %d, got %d. Ignore.\n",
- entry->type + 1, type);
+ entry->type + 1, type);
}
entry->response = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
@@ -315,9 +315,8 @@ static int ipc_server_config_on_startup(struct ksmbd_startup_request *req)
req->ifc_list_sz);
if (ret) {
ksmbd_err("Server configuration error: %s %s %s\n",
- req->netbios_name,
- req->server_string,
- req->work_group);
+ req->netbios_name, req->server_string,
+ req->work_group);
return ret;
}
@@ -547,9 +546,9 @@ ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len)
struct ksmbd_tree_connect_response *
ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
- struct ksmbd_share_config *share,
- struct ksmbd_tree_connect *tree_conn,
- struct sockaddr *peer_addr)
+ struct ksmbd_share_config *share,
+ struct ksmbd_tree_connect *tree_conn,
+ struct sockaddr *peer_addr)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_tree_connect_request *req;
@@ -588,7 +587,7 @@ ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
}
int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
- unsigned long long connect_id)
+ unsigned long long connect_id)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_tree_disconnect_request *req;
@@ -700,7 +699,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess, int handle
}
struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess, int handle,
- void *payload, size_t payload_sz)
+ void *payload, size_t payload_sz)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -748,7 +747,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess, int handle)
}
struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle,
- void *payload, size_t payload_sz)
+ void *payload, size_t payload_sz)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
@@ -773,7 +772,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle
}
struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payload,
- size_t payload_sz)
+ size_t payload_sz)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_rpc_command *req;
diff --git a/fs/cifsd/transport_ipc.h b/fs/cifsd/transport_ipc.h
index c3744ed7a085..523b4df2c783 100644
--- a/fs/cifsd/transport_ipc.h
+++ b/fs/cifsd/transport_ipc.h
@@ -23,31 +23,24 @@ ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
struct ksmbd_share_config *share,
struct ksmbd_tree_connect *tree_conn,
struct sockaddr *peer_addr);
-
int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
unsigned long long connect_id);
int ksmbd_ipc_logout_request(const char *account);
-
struct ksmbd_share_config_response *
ksmbd_ipc_share_config_request(const char *name);
-
struct ksmbd_spnego_authen_response *
ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len);
-
int ksmbd_ipc_id_alloc(void);
void ksmbd_rpc_id_free(int handle);
-
struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess, int handle);
struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess, int handle);
-
struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess, int handle,
- void *payload, size_t payload_sz);
+ void *payload, size_t payload_sz);
struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess, int handle);
struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle,
- void *payload, size_t payload_sz);
+ void *payload, size_t payload_sz);
struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payload,
- size_t payload_sz);
-
+ size_t payload_sz);
void ksmbd_ipc_release(void);
void ksmbd_ipc_soft_reset(void);
int ksmbd_ipc_init(void);
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
index 8174a97bade4..efaa9776841f 100644
--- a/fs/cifsd/transport_rdma.c
+++ b/fs/cifsd/transport_rdma.c
@@ -212,8 +212,9 @@ struct smb_direct_rdma_rw_msg {
static void smb_direct_destroy_pools(struct smb_direct_transport *transport);
static void smb_direct_post_recv_credits(struct work_struct *work);
static int smb_direct_post_send_data(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- struct kvec *iov, int niov, int remaining_data_length);
+ struct smb_direct_send_ctx *send_ctx,
+ struct kvec *iov, int niov,
+ int remaining_data_length);
static inline void
*smb_direct_recvmsg_payload(struct smb_direct_recvmsg *recvmsg)
@@ -222,7 +223,7 @@ static inline void
}
static inline bool is_receive_credit_post_required(int receive_credits,
- int avail_recvmsg_count)
+ int avail_recvmsg_count)
{
return receive_credits <= (smb_direct_receive_credit_max >> 3) &&
avail_recvmsg_count >= (receive_credits >> 2);
@@ -245,10 +246,10 @@ smb_direct_recvmsg *get_free_recvmsg(struct smb_direct_transport *t)
}
static void put_recvmsg(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg)
+ struct smb_direct_recvmsg *recvmsg)
{
ib_dma_unmap_single(t->cm_id->device, recvmsg->sge.addr,
- recvmsg->sge.length, DMA_FROM_DEVICE);
+ recvmsg->sge.length, DMA_FROM_DEVICE);
spin_lock(&t->recvmsg_queue_lock);
list_add(&recvmsg->list, &t->recvmsg_queue);
@@ -263,7 +264,7 @@ smb_direct_recvmsg *get_empty_recvmsg(struct smb_direct_transport *t)
spin_lock(&t->empty_recvmsg_queue_lock);
if (!list_empty(&t->empty_recvmsg_queue)) {
recvmsg = list_first_entry(&t->empty_recvmsg_queue,
- struct smb_direct_recvmsg, list);
+ struct smb_direct_recvmsg, list);
list_del(&recvmsg->list);
}
spin_unlock(&t->empty_recvmsg_queue_lock);
@@ -271,10 +272,10 @@ smb_direct_recvmsg *get_empty_recvmsg(struct smb_direct_transport *t)
}
static void put_empty_recvmsg(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg)
+ struct smb_direct_recvmsg *recvmsg)
{
ib_dma_unmap_single(t->cm_id->device, recvmsg->sge.addr,
- recvmsg->sge.length, DMA_FROM_DEVICE);
+ recvmsg->sge.length, DMA_FROM_DEVICE);
spin_lock(&t->empty_recvmsg_queue_lock);
list_add_tail(&recvmsg->list, &t->empty_recvmsg_queue);
@@ -282,7 +283,8 @@ static void put_empty_recvmsg(struct smb_direct_transport *t,
}
static void enqueue_reassembly(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg, int data_length)
+ struct smb_direct_recvmsg *recvmsg,
+ int data_length)
{
spin_lock(&t->reassembly_queue_lock);
list_add_tail(&recvmsg->list, &t->reassembly_queue);
@@ -398,9 +400,9 @@ static void free_transport(struct smb_direct_transport *t)
ksmbd_debug(RDMA, "wait for all send posted to IB to finish\n");
wait_event(t->wait_send_payload_pending,
- atomic_read(&t->send_payload_pending) == 0);
+ atomic_read(&t->send_payload_pending) == 0);
wait_event(t->wait_send_pending,
- atomic_read(&t->send_pending) == 0);
+ atomic_read(&t->send_pending) == 0);
cancel_work_sync(&t->disconnect_work);
cancel_delayed_work_sync(&t->post_recv_credits_work);
@@ -454,18 +456,18 @@ static struct smb_direct_sendmsg
}
static void smb_direct_free_sendmsg(struct smb_direct_transport *t,
- struct smb_direct_sendmsg *msg)
+ struct smb_direct_sendmsg *msg)
{
int i;
if (msg->num_sge > 0) {
ib_dma_unmap_single(t->cm_id->device,
- msg->sge[0].addr, msg->sge[0].length,
- DMA_TO_DEVICE);
+ msg->sge[0].addr, msg->sge[0].length,
+ DMA_TO_DEVICE);
for (i = 1; i < msg->num_sge; i++)
ib_dma_unmap_page(t->cm_id->device,
- msg->sge[i].addr, msg->sge[i].length,
- DMA_TO_DEVICE);
+ msg->sge[i].addr, msg->sge[i].length,
+ DMA_TO_DEVICE);
}
mempool_free(msg, t->sendmsg_mempool);
}
@@ -479,24 +481,24 @@ static int smb_direct_check_recvmsg(struct smb_direct_recvmsg *recvmsg)
struct smb2_hdr *hdr = (struct smb2_hdr *)(recvmsg->packet
+ le32_to_cpu(req->data_offset) - 4);
ksmbd_debug(RDMA,
- "CreditGranted: %u, CreditRequested: %u, DataLength: %u, RemainingDataLength: %u, SMB: %x, Command: %u\n",
- le16_to_cpu(req->credits_granted),
- le16_to_cpu(req->credits_requested),
- req->data_length, req->remaining_data_length,
- hdr->ProtocolId, hdr->Command);
+ "CreditGranted: %u, CreditRequested: %u, DataLength: %u, RemainingDataLength: %u, SMB: %x, Command: %u\n",
+ le16_to_cpu(req->credits_granted),
+ le16_to_cpu(req->credits_requested),
+ req->data_length, req->remaining_data_length,
+ hdr->ProtocolId, hdr->Command);
break;
}
case SMB_DIRECT_MSG_NEGOTIATE_REQ: {
struct smb_direct_negotiate_req *req =
(struct smb_direct_negotiate_req *)recvmsg->packet;
ksmbd_debug(RDMA,
- "MinVersion: %u, MaxVersion: %u, CreditRequested: %u, MaxSendSize: %u, MaxRecvSize: %u, MaxFragmentedSize: %u\n",
- le16_to_cpu(req->min_version),
- le16_to_cpu(req->max_version),
- le16_to_cpu(req->credits_requested),
- le32_to_cpu(req->preferred_send_size),
- le32_to_cpu(req->max_receive_size),
- le32_to_cpu(req->max_fragmented_size));
+ "MinVersion: %u, MaxVersion: %u, CreditRequested: %u, MaxSendSize: %u, MaxRecvSize: %u, MaxFragmentedSize: %u\n",
+ le16_to_cpu(req->min_version),
+ le16_to_cpu(req->max_version),
+ le16_to_cpu(req->credits_requested),
+ le32_to_cpu(req->preferred_send_size),
+ le32_to_cpu(req->max_receive_size),
+ le32_to_cpu(req->max_fragmented_size));
if (le16_to_cpu(req->min_version) > 0x0100 ||
le16_to_cpu(req->max_version) < 0x0100)
return -EOPNOTSUPP;
@@ -525,8 +527,8 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_RECV) {
if (wc->status != IB_WC_WR_FLUSH_ERR) {
ksmbd_err("Recv error. status='%s (%d)' opcode=%d\n",
- ib_wc_status_msg(wc->status), wc->status,
- wc->opcode);
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
smb_direct_disconnect_rdma_connection(t);
}
put_empty_recvmsg(t, recvmsg);
@@ -534,11 +536,11 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
}
ksmbd_debug(RDMA, "Recv completed. status='%s (%d)', opcode=%d\n",
- ib_wc_status_msg(wc->status), wc->status,
- wc->opcode);
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
ib_dma_sync_single_for_cpu(wc->qp->device, recvmsg->sge.addr,
- recvmsg->sge.length, DMA_FROM_DEVICE);
+ recvmsg->sge.length, DMA_FROM_DEVICE);
switch (recvmsg->type) {
case SMB_DIRECT_MSG_NEGOTIATE_REQ:
@@ -580,10 +582,10 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
t->recv_credit_target =
le16_to_cpu(data_transfer->credits_requested);
atomic_add(le16_to_cpu(data_transfer->credits_granted),
- &t->send_credits);
+ &t->send_credits);
if (le16_to_cpu(data_transfer->flags) &
- SMB_DIRECT_RESPONSE_REQUESTED)
+ SMB_DIRECT_RESPONSE_REQUESTED)
queue_work(smb_direct_wq, &t->send_immediate_work);
if (atomic_read(&t->send_credits) > 0)
@@ -591,7 +593,7 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
if (is_receive_credit_post_required(receive_credits, avail_recvmsg_count))
mod_delayed_work(smb_direct_wq,
- &t->post_recv_credits_work, 0);
+ &t->post_recv_credits_work, 0);
break;
}
default:
@@ -600,14 +602,14 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
}
static int smb_direct_post_recv(struct smb_direct_transport *t,
- struct smb_direct_recvmsg *recvmsg)
+ struct smb_direct_recvmsg *recvmsg)
{
struct ib_recv_wr wr;
int ret;
recvmsg->sge.addr = ib_dma_map_single(t->cm_id->device,
- recvmsg->packet, t->max_recv_size,
- DMA_FROM_DEVICE);
+ recvmsg->packet, t->max_recv_size,
+ DMA_FROM_DEVICE);
ret = ib_dma_mapping_error(t->cm_id->device, recvmsg->sge.addr);
if (ret)
return ret;
@@ -624,8 +626,8 @@ static int smb_direct_post_recv(struct smb_direct_transport *t,
if (ret) {
ksmbd_err("Can't post recv: %d\n", ret);
ib_dma_unmap_single(t->cm_id->device,
- recvmsg->sge.addr, recvmsg->sge.length,
- DMA_FROM_DEVICE);
+ recvmsg->sge.addr, recvmsg->sge.length,
+ DMA_FROM_DEVICE);
smb_direct_disconnect_rdma_connection(t);
return ret;
}
@@ -633,7 +635,7 @@ static int smb_direct_post_recv(struct smb_direct_transport *t,
}
static int smb_direct_read(struct ksmbd_transport *t, char *buf,
- unsigned int size)
+ unsigned int size)
{
struct smb_direct_recvmsg *recvmsg;
struct smb_direct_data_transfer *data_transfer;
@@ -692,14 +694,14 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
data_read = 4;
recvmsg->first_segment = false;
ksmbd_debug(RDMA,
- "returning rfc1002 length %d\n",
- rfc1002_len);
+ "returning rfc1002 length %d\n",
+ rfc1002_len);
goto read_rfc1002_done;
}
to_copy = min_t(int, data_length - offset, to_read);
memcpy(buf + data_read, (char *)data_transfer + data_offset + offset,
- to_copy);
+ to_copy);
/* move on to the next buffer? */
if (to_copy == data_length - offset) {
@@ -736,23 +738,24 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
if (is_receive_credit_post_required(st->recv_credits, st->count_avail_recvmsg)) {
spin_unlock(&st->receive_credit_lock);
mod_delayed_work(smb_direct_wq,
- &st->post_recv_credits_work, 0);
+ &st->post_recv_credits_work, 0);
} else {
spin_unlock(&st->receive_credit_lock);
}
st->first_entry_offset = offset;
ksmbd_debug(RDMA,
- "returning to thread data_read=%d reassembly_data_length=%d first_entry_offset=%d\n",
- data_read, st->reassembly_data_length,
- st->first_entry_offset);
+ "returning to thread data_read=%d reassembly_data_length=%d first_entry_offset=%d\n",
+ data_read, st->reassembly_data_length,
+ st->first_entry_offset);
read_rfc1002_done:
return data_read;
}
ksmbd_debug(RDMA, "wait_event on more data\n");
rc = wait_event_interruptible(st->wait_reassembly_queue,
- st->reassembly_data_length >= size || st->status != SMB_DIRECT_CS_CONNECTED);
+ st->reassembly_data_length >= size ||
+ st->status != SMB_DIRECT_CS_CONNECTED);
if (rc)
return -EINTR;
@@ -823,13 +826,13 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc)
t = sendmsg->transport;
ksmbd_debug(RDMA, "Send completed. status='%s (%d)', opcode=%d\n",
- ib_wc_status_msg(wc->status), wc->status,
- wc->opcode);
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
ksmbd_err("Send error. status='%s (%d)', opcode=%d\n",
- ib_wc_status_msg(wc->status), wc->status,
- wc->opcode);
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
smb_direct_disconnect_rdma_connection(t);
}
@@ -845,7 +848,7 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc)
* is invalid.
*/
for (pos = &sendmsg->list, prev = pos->prev, end = sendmsg->list.next;
- prev != end; pos = prev, prev = prev->prev) {
+ prev != end; pos = prev, prev = prev->prev) {
sibling = container_of(pos, struct smb_direct_sendmsg, list);
smb_direct_free_sendmsg(t, sibling);
}
@@ -867,7 +870,7 @@ static int manage_credits_prior_sending(struct smb_direct_transport *t)
}
static int smb_direct_post_send(struct smb_direct_transport *t,
- struct ib_send_wr *wr)
+ struct ib_send_wr *wr)
{
int ret;
@@ -892,8 +895,9 @@ static int smb_direct_post_send(struct smb_direct_transport *t,
}
static void smb_direct_send_ctx_init(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- bool need_invalidate_rkey, unsigned int remote_key)
+ struct smb_direct_send_ctx *send_ctx,
+ bool need_invalidate_rkey,
+ unsigned int remote_key)
{
INIT_LIST_HEAD(&send_ctx->msg_list);
send_ctx->wr_cnt = 0;
@@ -902,7 +906,8 @@ static void smb_direct_send_ctx_init(struct smb_direct_transport *t,
}
static int smb_direct_flush_send_list(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx, bool is_last)
+ struct smb_direct_send_ctx *send_ctx,
+ bool is_last)
{
struct smb_direct_sendmsg *first, *last;
int ret;
@@ -911,11 +916,11 @@ static int smb_direct_flush_send_list(struct smb_direct_transport *t,
return 0;
first = list_first_entry(&send_ctx->msg_list,
- struct smb_direct_sendmsg,
- list);
+ struct smb_direct_sendmsg,
+ list);
last = list_last_entry(&send_ctx->msg_list,
- struct smb_direct_sendmsg,
- list);
+ struct smb_direct_sendmsg,
+ list);
last->wr.send_flags = IB_SEND_SIGNALED;
last->wr.wr_cqe = &last->cqe;
@@ -927,12 +932,13 @@ static int smb_direct_flush_send_list(struct smb_direct_transport *t,
ret = smb_direct_post_send(t, &first->wr);
if (!ret) {
smb_direct_send_ctx_init(t, send_ctx,
- send_ctx->need_invalidate_rkey, send_ctx->remote_key);
+ send_ctx->need_invalidate_rkey,
+ send_ctx->remote_key);
} else {
atomic_add(send_ctx->wr_cnt, &t->send_credits);
wake_up(&t->wait_send_credits);
list_for_each_entry_safe(first, last, &send_ctx->msg_list,
- list) {
+ list) {
smb_direct_free_sendmsg(t, first);
}
}
@@ -940,7 +946,7 @@ static int smb_direct_flush_send_list(struct smb_direct_transport *t,
}
static int wait_for_credits(struct smb_direct_transport *t,
- wait_queue_head_t *waitq, atomic_t *credits)
+ wait_queue_head_t *waitq, atomic_t *credits)
{
int ret;
@@ -950,8 +956,8 @@ static int wait_for_credits(struct smb_direct_transport *t,
atomic_inc(credits);
ret = wait_event_interruptible(*waitq,
- atomic_read(credits) > 0 ||
- t->status != SMB_DIRECT_CS_CONNECTED);
+ atomic_read(credits) > 0 ||
+ t->status != SMB_DIRECT_CS_CONNECTED);
if (t->status != SMB_DIRECT_CS_CONNECTED)
return -ENOTCONN;
@@ -961,12 +967,12 @@ static int wait_for_credits(struct smb_direct_transport *t,
}
static int wait_for_send_credits(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx)
+ struct smb_direct_send_ctx *send_ctx)
{
int ret;
- if (send_ctx && (send_ctx->wr_cnt >= 16 ||
- atomic_read(&t->send_credits) <= 1)) {
+ if (send_ctx &&
+ (send_ctx->wr_cnt >= 16 || atomic_read(&t->send_credits) <= 1)) {
ret = smb_direct_flush_send_list(t, send_ctx, false);
if (ret)
return ret;
@@ -976,8 +982,8 @@ static int wait_for_send_credits(struct smb_direct_transport *t,
}
static int smb_direct_create_header(struct smb_direct_transport *t,
- int size, int remaining_data_length,
- struct smb_direct_sendmsg **sendmsg_out)
+ int size, int remaining_data_length,
+ struct smb_direct_sendmsg **sendmsg_out)
{
struct smb_direct_sendmsg *sendmsg;
struct smb_direct_data_transfer *packet;
@@ -1004,12 +1010,12 @@ static int smb_direct_create_header(struct smb_direct_transport *t,
packet->padding = 0;
ksmbd_debug(RDMA,
- "credits_requested=%d credits_granted=%d data_offset=%d data_length=%d remaining_data_length=%d\n",
- le16_to_cpu(packet->credits_requested),
- le16_to_cpu(packet->credits_granted),
- le32_to_cpu(packet->data_offset),
- le32_to_cpu(packet->data_length),
- le32_to_cpu(packet->remaining_data_length));
+ "credits_requested=%d credits_granted=%d data_offset=%d data_length=%d remaining_data_length=%d\n",
+ le16_to_cpu(packet->credits_requested),
+ le16_to_cpu(packet->credits_granted),
+ le32_to_cpu(packet->data_offset),
+ le32_to_cpu(packet->data_length),
+ le32_to_cpu(packet->remaining_data_length));
/* Map the packet to DMA */
header_length = sizeof(struct smb_direct_data_transfer);
@@ -1069,8 +1075,8 @@ static int get_sg_list(void *buf, int size, struct scatterlist *sg_list, int nen
}
static int get_mapped_sg_list(struct ib_device *device, void *buf, int size,
- struct scatterlist *sg_list, int nentries,
- enum dma_data_direction dir)
+ struct scatterlist *sg_list, int nentries,
+ enum dma_data_direction dir)
{
int npages;
@@ -1081,15 +1087,15 @@ static int get_mapped_sg_list(struct ib_device *device, void *buf, int size,
}
static int post_sendmsg(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- struct smb_direct_sendmsg *msg)
+ struct smb_direct_send_ctx *send_ctx,
+ struct smb_direct_sendmsg *msg)
{
int i;
for (i = 0; i < msg->num_sge; i++)
ib_dma_sync_single_for_device(t->cm_id->device,
- msg->sge[i].addr, msg->sge[i].length,
- DMA_TO_DEVICE);
+ msg->sge[i].addr, msg->sge[i].length,
+ DMA_TO_DEVICE);
msg->cqe.done = send_done;
msg->wr.opcode = IB_WR_SEND;
@@ -1119,8 +1125,9 @@ static int post_sendmsg(struct smb_direct_transport *t,
}
static int smb_direct_post_send_data(struct smb_direct_transport *t,
- struct smb_direct_send_ctx *send_ctx,
- struct kvec *iov, int niov, int remaining_data_length)
+ struct smb_direct_send_ctx *send_ctx,
+ struct kvec *iov, int niov,
+ int remaining_data_length)
{
int i, j, ret;
struct smb_direct_sendmsg *msg;
@@ -1148,8 +1155,9 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
sg_init_table(sg, SMB_DIRECT_MAX_SEND_SGES - 1);
sg_cnt = get_mapped_sg_list(t->cm_id->device,
- iov[i].iov_base, iov[i].iov_len,
- sg, SMB_DIRECT_MAX_SEND_SGES - 1, DMA_TO_DEVICE);
+ iov[i].iov_base, iov[i].iov_len,
+ sg, SMB_DIRECT_MAX_SEND_SGES - 1,
+ DMA_TO_DEVICE);
if (sg_cnt <= 0) {
ksmbd_err("failed to map buffer\n");
ret = -ENOMEM;
@@ -1182,8 +1190,8 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
}
static int smb_direct_writev(struct ksmbd_transport *t,
- struct kvec *iov, int niovs, int buflen,
- bool need_invalidate, unsigned int remote_key)
+ struct kvec *iov, int niovs, int buflen,
+ bool need_invalidate, unsigned int remote_key)
{
struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
int remaining_data_length;
@@ -1217,8 +1225,8 @@ static int smb_direct_writev(struct ksmbd_transport *t,
remaining_data_length -=
(buflen - iov[i].iov_len);
ret = smb_direct_post_send_data(st, &send_ctx,
- &iov[start], i - start,
- remaining_data_length);
+ &iov[start], i - start,
+ remaining_data_length);
if (ret)
goto done;
} else {
@@ -1232,11 +1240,10 @@ static int smb_direct_writev(struct ksmbd_transport *t,
j * max_iov_size;
vec.iov_len =
min_t(int, max_iov_size,
- buflen - max_iov_size * j);
+ buflen - max_iov_size * j);
remaining_data_length -= vec.iov_len;
- ret = smb_direct_post_send_data(st,
- &send_ctx, &vec, 1,
- remaining_data_length);
+ ret = smb_direct_post_send_data(st, &send_ctx, &vec, 1,
+ remaining_data_length);
if (ret)
goto done;
}
@@ -1252,8 +1259,8 @@ static int smb_direct_writev(struct ksmbd_transport *t,
/* send out all remaining vecs */
remaining_data_length -= buflen;
ret = smb_direct_post_send_data(st, &send_ctx,
- &iov[start], i - start,
- remaining_data_length);
+ &iov[start], i - start,
+ remaining_data_length);
if (ret)
goto done;
break;
@@ -1272,20 +1279,20 @@ static int smb_direct_writev(struct ksmbd_transport *t,
*/
wait_event(st->wait_send_payload_pending,
- atomic_read(&st->send_payload_pending) == 0);
+ atomic_read(&st->send_payload_pending) == 0);
return ret;
}
static void read_write_done(struct ib_cq *cq, struct ib_wc *wc,
- enum dma_data_direction dir)
+ enum dma_data_direction dir)
{
struct smb_direct_rdma_rw_msg *msg = container_of(wc->wr_cqe,
- struct smb_direct_rdma_rw_msg, cqe);
+ struct smb_direct_rdma_rw_msg, cqe);
struct smb_direct_transport *t = msg->t;
if (wc->status != IB_WC_SUCCESS) {
ksmbd_err("read/write error. opcode = %d, status = %s(%d)\n",
- wc->opcode, ib_wc_status_msg(wc->status), wc->status);
+ wc->opcode, ib_wc_status_msg(wc->status), wc->status);
smb_direct_disconnect_rdma_connection(t);
}
@@ -1293,7 +1300,7 @@ static void read_write_done(struct ib_cq *cq, struct ib_wc *wc,
wake_up(&t->wait_rw_avail_ops);
rdma_rw_ctx_destroy(&msg->rw_ctx, t->qp, t->qp->port,
- msg->sg_list, msg->sgt.nents, dir);
+ msg->sg_list, msg->sgt.nents, dir);
sg_free_table_chained(&msg->sgt, SG_CHUNK_SIZE);
complete(msg->completion);
kfree(msg);
@@ -1310,8 +1317,8 @@ static void write_done(struct ib_cq *cq, struct ib_wc *wc)
}
static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
- int buf_len, u32 remote_key, u64 remote_offset, u32 remote_len,
- bool is_read)
+ int buf_len, u32 remote_key, u64 remote_offset,
+ u32 remote_len, bool is_read)
{
struct smb_direct_rdma_rw_msg *msg;
int ret;
@@ -1324,7 +1331,7 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
/* TODO: mempool */
msg = kmalloc(offsetof(struct smb_direct_rdma_rw_msg, sg_list) +
- sizeof(struct scatterlist) * SG_CHUNK_SIZE, GFP_KERNEL);
+ sizeof(struct scatterlist) * SG_CHUNK_SIZE, GFP_KERNEL);
if (!msg) {
atomic_inc(&t->rw_avail_ops);
return -ENOMEM;
@@ -1332,8 +1339,8 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
msg->sgt.sgl = &msg->sg_list[0];
ret = sg_alloc_table_chained(&msg->sgt,
- BUFFER_NR_PAGES(buf, buf_len),
- msg->sg_list, SG_CHUNK_SIZE);
+ BUFFER_NR_PAGES(buf, buf_len),
+ msg->sg_list, SG_CHUNK_SIZE);
if (ret) {
atomic_inc(&t->rw_avail_ops);
kfree(msg);
@@ -1347,9 +1354,9 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
}
ret = rdma_rw_ctx_init(&msg->rw_ctx, t->qp, t->qp->port,
- msg->sg_list, BUFFER_NR_PAGES(buf, buf_len),
- 0, remote_offset, remote_key,
- is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
+ msg->sg_list, BUFFER_NR_PAGES(buf, buf_len),
+ 0, remote_offset, remote_key,
+ is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
if (ret < 0) {
ksmbd_err("failed to init rdma_rw_ctx: %d\n", ret);
goto err;
@@ -1359,7 +1366,7 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
msg->cqe.done = is_read ? read_done : write_done;
msg->completion = &completion;
first_wr = rdma_rw_ctx_wrs(&msg->rw_ctx, t->qp, t->qp->port,
- &msg->cqe, NULL);
+ &msg->cqe, NULL);
ret = ib_post_send(t->qp, first_wr, NULL);
if (ret) {
@@ -1374,29 +1381,29 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
atomic_inc(&t->rw_avail_ops);
if (first_wr)
rdma_rw_ctx_destroy(&msg->rw_ctx, t->qp, t->qp->port,
- msg->sg_list, msg->sgt.nents,
- is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
+ msg->sg_list, msg->sgt.nents,
+ is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
sg_free_table_chained(&msg->sgt, SG_CHUNK_SIZE);
kfree(msg);
return ret;
}
static int smb_direct_rdma_write(struct ksmbd_transport *t, void *buf,
- unsigned int buflen, u32 remote_key, u64 remote_offset,
- u32 remote_len)
+ unsigned int buflen, u32 remote_key,
+ u64 remote_offset, u32 remote_len)
{
return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
- remote_key, remote_offset,
- remote_len, false);
+ remote_key, remote_offset,
+ remote_len, false);
}
static int smb_direct_rdma_read(struct ksmbd_transport *t, void *buf,
- unsigned int buflen, u32 remote_key, u64 remote_offset,
- u32 remote_len)
+ unsigned int buflen, u32 remote_key,
+ u64 remote_offset, u32 remote_len)
{
return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
- remote_key, remote_offset,
- remote_len, true);
+ remote_key, remote_offset,
+ remote_len, true);
}
static void smb_direct_disconnect(struct ksmbd_transport *t)
@@ -1407,17 +1414,17 @@ static void smb_direct_disconnect(struct ksmbd_transport *t)
smb_direct_disconnect_rdma_connection(st);
wait_event_interruptible(st->wait_status,
- st->status == SMB_DIRECT_CS_DISCONNECTED);
+ st->status == SMB_DIRECT_CS_DISCONNECTED);
free_transport(st);
}
static int smb_direct_cm_handler(struct rdma_cm_id *cm_id,
- struct rdma_cm_event *event)
+ struct rdma_cm_event *event)
{
struct smb_direct_transport *t = cm_id->context;
ksmbd_debug(RDMA, "RDMA CM event. cm_id=%p event=%s (%d)\n",
- cm_id, rdma_event_msg(event->event), event->event);
+ cm_id, rdma_event_msg(event->event), event->event);
switch (event->event) {
case RDMA_CM_EVENT_ESTABLISHED: {
@@ -1440,8 +1447,8 @@ static int smb_direct_cm_handler(struct rdma_cm_id *cm_id,
}
default:
ksmbd_err("Unexpected RDMA CM event. cm_id=%p, event=%s (%d)\n",
- cm_id, rdma_event_msg(event->event),
- event->event);
+ cm_id, rdma_event_msg(event->event),
+ event->event);
break;
}
return 0;
@@ -1452,7 +1459,7 @@ static void smb_direct_qpair_handler(struct ib_event *event, void *context)
struct smb_direct_transport *t = context;
ksmbd_debug(RDMA, "Received QP event. cm_id=%p, event=%s (%d)\n",
- t->cm_id, ib_event_msg(event->event), event->event);
+ t->cm_id, ib_event_msg(event->event), event->event);
switch (event->event) {
case IB_EVENT_CQ_ERR:
@@ -1465,7 +1472,7 @@ static void smb_direct_qpair_handler(struct ib_event *event, void *context)
}
static int smb_direct_send_negotiate_response(struct smb_direct_transport *t,
- int failed)
+ int failed)
{
struct smb_direct_sendmsg *sendmsg;
struct smb_direct_negotiate_resp *resp;
@@ -1498,9 +1505,9 @@ static int smb_direct_send_negotiate_response(struct smb_direct_transport *t,
}
sendmsg->sge[0].addr = ib_dma_map_single(t->cm_id->device,
- (void *)resp, sizeof(*resp), DMA_TO_DEVICE);
- ret = ib_dma_mapping_error(t->cm_id->device,
- sendmsg->sge[0].addr);
+ (void *)resp, sizeof(*resp),
+ DMA_TO_DEVICE);
+ ret = ib_dma_mapping_error(t->cm_id->device, sendmsg->sge[0].addr);
if (ret) {
smb_direct_free_sendmsg(t, sendmsg);
return ret;
@@ -1517,7 +1524,7 @@ static int smb_direct_send_negotiate_response(struct smb_direct_transport *t,
}
wait_event(t->wait_send_pending,
- atomic_read(&t->send_pending) == 0);
+ atomic_read(&t->send_pending) == 0);
return 0;
}
@@ -1529,13 +1536,13 @@ static int smb_direct_accept_client(struct smb_direct_transport *t)
int ret;
memset(&conn_param, 0, sizeof(conn_param));
- conn_param.initiator_depth = min_t(u8,
- t->cm_id->device->attrs.max_qp_rd_atom,
- SMB_DIRECT_CM_INITIATOR_DEPTH);
+ conn_param.initiator_depth = min_t(u8, t->cm_id->device->attrs.max_qp_rd_atom,
+ SMB_DIRECT_CM_INITIATOR_DEPTH);
conn_param.responder_resources = 0;
t->cm_id->device->ops.get_port_immutable(t->cm_id->device,
- t->cm_id->port_num, &port_immutable);
+ t->cm_id->port_num,
+ &port_immutable);
if (port_immutable.core_cap_flags & RDMA_CORE_PORT_IWARP) {
ird_ord_hdr[0] = conn_param.responder_resources;
ird_ord_hdr[1] = 1;
@@ -1590,9 +1597,9 @@ static int smb_direct_negotiate(struct smb_direct_transport *t)
ksmbd_debug(RDMA, "Waiting for SMB_DIRECT negotiate request\n");
ret = wait_event_interruptible_timeout(t->wait_status,
- t->negotiation_requested ||
- t->status == SMB_DIRECT_CS_DISCONNECTED,
- SMB_DIRECT_NEGOTIATE_TIMEOUT * HZ);
+ t->negotiation_requested ||
+ t->status == SMB_DIRECT_CS_DISCONNECTED,
+ SMB_DIRECT_NEGOTIATE_TIMEOUT * HZ);
if (ret <= 0 || t->status == SMB_DIRECT_CS_DISCONNECTED) {
ret = ret < 0 ? ret : -ETIMEDOUT;
goto out;
@@ -1604,9 +1611,9 @@ static int smb_direct_negotiate(struct smb_direct_transport *t)
req = (struct smb_direct_negotiate_req *)recvmsg->packet;
t->max_recv_size = min_t(int, t->max_recv_size,
- le32_to_cpu(req->preferred_send_size));
+ le32_to_cpu(req->preferred_send_size));
t->max_send_size = min_t(int, t->max_send_size,
- le32_to_cpu(req->max_receive_size));
+ le32_to_cpu(req->max_receive_size));
t->max_fragmented_send_size =
le32_to_cpu(req->max_fragmented_size);
@@ -1618,7 +1625,7 @@ static int smb_direct_negotiate(struct smb_direct_transport *t)
}
static int smb_direct_init_params(struct smb_direct_transport *t,
- struct ib_qp_cap *cap)
+ struct ib_qp_cap *cap)
{
struct ib_device *device = t->cm_id->device;
int max_send_sges, max_pages, max_rw_wrs, max_send_wrs;
@@ -1650,30 +1657,30 @@ static int smb_direct_init_params(struct smb_direct_transport *t,
if (max_send_wrs > device->attrs.max_cqe ||
max_send_wrs > device->attrs.max_qp_wr) {
ksmbd_err("consider lowering send_credit_target = %d, or max_outstanding_rw_ops = %d\n",
- smb_direct_send_credit_target,
- smb_direct_max_outstanding_rw_ops);
+ smb_direct_send_credit_target,
+ smb_direct_max_outstanding_rw_ops);
ksmbd_err("Possible CQE overrun, device reporting max_cqe %d max_qp_wr %d\n",
- device->attrs.max_cqe, device->attrs.max_qp_wr);
+ device->attrs.max_cqe, device->attrs.max_qp_wr);
return -EINVAL;
}
if (smb_direct_receive_credit_max > device->attrs.max_cqe ||
smb_direct_receive_credit_max > device->attrs.max_qp_wr) {
ksmbd_err("consider lowering receive_credit_max = %d\n",
- smb_direct_receive_credit_max);
+ smb_direct_receive_credit_max);
ksmbd_err("Possible CQE overrun, device reporting max_cpe %d max_qp_wr %d\n",
- device->attrs.max_cqe, device->attrs.max_qp_wr);
+ device->attrs.max_cqe, device->attrs.max_qp_wr);
return -EINVAL;
}
if (device->attrs.max_send_sge < SMB_DIRECT_MAX_SEND_SGES) {
ksmbd_err("warning: device max_send_sge = %d too small\n",
- device->attrs.max_send_sge);
+ device->attrs.max_send_sge);
return -EINVAL;
}
if (device->attrs.max_recv_sge < SMB_DIRECT_MAX_RECV_SGES) {
ksmbd_err("warning: device max_recv_sge = %d too small\n",
- device->attrs.max_recv_sge);
+ device->attrs.max_recv_sge);
return -EINVAL;
}
@@ -1731,29 +1738,29 @@ static int smb_direct_create_pools(struct smb_direct_transport *t)
snprintf(name, sizeof(name), "smb_direct_rqst_pool_%p", t);
t->sendmsg_cache = kmem_cache_create(name,
- sizeof(struct smb_direct_sendmsg) +
- sizeof(struct smb_direct_negotiate_resp),
- 0, SLAB_HWCACHE_ALIGN, NULL);
+ sizeof(struct smb_direct_sendmsg) +
+ sizeof(struct smb_direct_negotiate_resp),
+ 0, SLAB_HWCACHE_ALIGN, NULL);
if (!t->sendmsg_cache)
return -ENOMEM;
t->sendmsg_mempool = mempool_create(t->send_credit_target,
- mempool_alloc_slab, mempool_free_slab,
- t->sendmsg_cache);
+ mempool_alloc_slab, mempool_free_slab,
+ t->sendmsg_cache);
if (!t->sendmsg_mempool)
goto err;
snprintf(name, sizeof(name), "smb_direct_resp_%p", t);
t->recvmsg_cache = kmem_cache_create(name,
- sizeof(struct smb_direct_recvmsg) +
- t->max_recv_size,
- 0, SLAB_HWCACHE_ALIGN, NULL);
+ sizeof(struct smb_direct_recvmsg) +
+ t->max_recv_size,
+ 0, SLAB_HWCACHE_ALIGN, NULL);
if (!t->recvmsg_cache)
goto err;
t->recvmsg_mempool =
mempool_create(t->recv_credit_max, mempool_alloc_slab,
- mempool_free_slab, t->recvmsg_cache);
+ mempool_free_slab, t->recvmsg_cache);
if (!t->recvmsg_mempool)
goto err;
@@ -1775,7 +1782,7 @@ static int smb_direct_create_pools(struct smb_direct_transport *t)
}
static int smb_direct_create_qpair(struct smb_direct_transport *t,
- struct ib_qp_cap *cap)
+ struct ib_qp_cap *cap)
{
int ret;
struct ib_qp_init_attr qp_attr;
@@ -1789,7 +1796,7 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
}
t->send_cq = ib_alloc_cq(t->cm_id->device, t,
- t->send_credit_target, 0, IB_POLL_WORKQUEUE);
+ t->send_credit_target, 0, IB_POLL_WORKQUEUE);
if (IS_ERR(t->send_cq)) {
ksmbd_err("Can't create RDMA send CQ\n");
ret = PTR_ERR(t->send_cq);
@@ -1798,8 +1805,8 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
}
t->recv_cq = ib_alloc_cq(t->cm_id->device, t,
- cap->max_send_wr + cap->max_rdma_ctxs,
- 0, IB_POLL_WORKQUEUE);
+ cap->max_send_wr + cap->max_rdma_ctxs,
+ 0, IB_POLL_WORKQUEUE);
if (IS_ERR(t->recv_cq)) {
ksmbd_err("Can't create RDMA recv CQ\n");
ret = PTR_ERR(t->recv_cq);
@@ -1896,8 +1903,8 @@ static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
if (!rdma_frwr_is_supported(&new_cm_id->device->attrs)) {
ksmbd_debug(RDMA,
- "Fast Registration Work Requests is not supported. device capabilities=%llx\n",
- new_cm_id->device->attrs.device_cap_flags);
+ "Fast Registration Work Requests is not supported. device capabilities=%llx\n",
+ new_cm_id->device->attrs.device_cap_flags);
return -EPROTONOSUPPORT;
}
@@ -1906,7 +1913,8 @@ static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
return -ENOMEM;
KSMBD_TRANS(t)->handler = kthread_run(ksmbd_conn_handler_loop,
- KSMBD_TRANS(t)->conn, "ksmbd:r%u", SMB_DIRECT_PORT);
+ KSMBD_TRANS(t)->conn, "ksmbd:r%u",
+ SMB_DIRECT_PORT);
if (IS_ERR(KSMBD_TRANS(t)->handler)) {
int ret = PTR_ERR(KSMBD_TRANS(t)->handler);
@@ -1919,7 +1927,7 @@ static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
}
static int smb_direct_listen_handler(struct rdma_cm_id *cm_id,
- struct rdma_cm_event *event)
+ struct rdma_cm_event *event)
{
switch (event->event) {
case RDMA_CM_EVENT_CONNECT_REQUEST: {
@@ -1931,13 +1939,12 @@ static int smb_direct_listen_handler(struct rdma_cm_id *cm_id,
}
ksmbd_debug(RDMA, "Received connection request. cm_id=%p\n",
- cm_id);
+ cm_id);
break;
}
default:
ksmbd_err("Unexpected listen event. cm_id=%p, event=%s (%d)\n",
- cm_id,
- rdma_event_msg(event->event), event->event);
+ cm_id, rdma_event_msg(event->event), event->event);
break;
}
return 0;
@@ -1954,10 +1961,9 @@ static int smb_direct_listen(int port)
};
cm_id = rdma_create_id(&init_net, smb_direct_listen_handler,
- &smb_direct_listener, RDMA_PS_TCP, IB_QPT_RC);
+ &smb_direct_listener, RDMA_PS_TCP, IB_QPT_RC);
if (IS_ERR(cm_id)) {
- ksmbd_err("Can't create cm id: %ld\n",
- PTR_ERR(cm_id));
+ ksmbd_err("Can't create cm id: %ld\n", PTR_ERR(cm_id));
return PTR_ERR(cm_id);
}
@@ -1993,7 +1999,7 @@ int ksmbd_rdma_init(void)
* for lack of credits
*/
smb_direct_wq = alloc_workqueue("ksmbd-smb_direct-wq",
- WQ_HIGHPRI | WQ_MEM_RECLAIM, 0);
+ WQ_HIGHPRI | WQ_MEM_RECLAIM, 0);
if (!smb_direct_wq)
return -ENOMEM;
@@ -2006,7 +2012,7 @@ int ksmbd_rdma_init(void)
}
ksmbd_debug(RDMA, "init RDMA listener. cm_id=%p\n",
- smb_direct_listener.cm_id);
+ smb_direct_listener.cm_id);
return 0;
}
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index 040881893417..5bd332a58596 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -113,7 +113,7 @@ static void free_transport(struct tcp_transport *t)
* Return: Number of IO segments
*/
static unsigned int kvec_array_init(struct kvec *new, struct kvec *iov,
- unsigned int nr_segs, size_t bytes)
+ unsigned int nr_segs, size_t bytes)
{
size_t base = 0;
@@ -197,8 +197,9 @@ static int ksmbd_tcp_new_connection(struct socket *client_sk)
}
KSMBD_TRANS(t)->handler = kthread_run(ksmbd_conn_handler_loop,
- KSMBD_TRANS(t)->conn,
- "ksmbd:%u", ksmbd_tcp_get_port(csin));
+ KSMBD_TRANS(t)->conn,
+ "ksmbd:%u",
+ ksmbd_tcp_get_port(csin));
if (IS_ERR(KSMBD_TRANS(t)->handler)) {
ksmbd_err("cannot start conn thread\n");
rc = PTR_ERR(KSMBD_TRANS(t)->handler);
@@ -230,7 +231,7 @@ static int ksmbd_kthread_fn(void *p)
break;
}
ret = kernel_accept(iface->ksmbd_socket, &client_sk,
- O_NONBLOCK);
+ O_NONBLOCK);
mutex_unlock(&iface->sock_release_lock);
if (ret) {
if (ret == -EAGAIN)
@@ -265,8 +266,8 @@ static int ksmbd_tcp_run_kthread(struct interface *iface)
int rc;
struct task_struct *kthread;
- kthread = kthread_run(ksmbd_kthread_fn, (void *)iface,
- "ksmbd-%s", iface->name);
+ kthread = kthread_run(ksmbd_kthread_fn, (void *)iface, "ksmbd-%s",
+ iface->name);
if (IS_ERR(kthread)) {
rc = PTR_ERR(kthread);
return rc;
@@ -287,7 +288,7 @@ static int ksmbd_tcp_run_kthread(struct interface *iface)
* otherwise return error number
*/
static int ksmbd_tcp_readv(struct tcp_transport *t, struct kvec *iov_orig,
- unsigned int nr_segs, unsigned int to_read)
+ unsigned int nr_segs, unsigned int to_read)
{
int length = 0;
int total_read;
@@ -353,7 +354,8 @@ static int ksmbd_tcp_read(struct ksmbd_transport *t, char *buf, unsigned int to_
}
static int ksmbd_tcp_writev(struct ksmbd_transport *t, struct kvec *iov,
- int nvecs, int size, bool need_invalidate, unsigned int remote_key)
+ int nvecs, int size, bool need_invalidate,
+ unsigned int remote_key)
{
struct msghdr smb_msg = {.msg_flags = MSG_NOSIGNAL};
@@ -401,7 +403,7 @@ static int create_socket(struct interface *iface)
if (ret) {
ksmbd_err("Can't create socket for ipv6, try ipv4: %d\n", ret);
ret = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP,
- &ksmbd_socket);
+ &ksmbd_socket);
if (ret) {
ksmbd_err("Can't create socket for ipv4: %d\n", ret);
goto out_error;
@@ -432,10 +434,10 @@ static int create_socket(struct interface *iface)
if (ipv4)
ret = kernel_bind(ksmbd_socket, (struct sockaddr *)&sin,
- sizeof(sin));
+ sizeof(sin));
else
ret = kernel_bind(ksmbd_socket, (struct sockaddr *)&sin6,
- sizeof(sin6));
+ sizeof(sin6));
if (ret) {
ksmbd_err("Failed to bind socket: %d\n", ret);
goto out_error;
@@ -467,7 +469,7 @@ static int create_socket(struct interface *iface)
}
static int ksmbd_netdev_event(struct notifier_block *nb, unsigned long event,
- void *ptr)
+ void *ptr)
{
struct net_device *netdev = netdev_notifier_info_to_dev(ptr);
struct interface *iface;
diff --git a/fs/cifsd/unicode.c b/fs/cifsd/unicode.c
index 38bba50c4f16..a0db699ddafd 100644
--- a/fs/cifsd/unicode.c
+++ b/fs/cifsd/unicode.c
@@ -27,7 +27,7 @@
* Return: string length after conversion
*/
static int smb_utf16_bytes(const __le16 *from, int maxbytes,
- const struct nls_table *codepage)
+ const struct nls_table *codepage)
{
int i;
int charlen, outlen = 0;
@@ -65,7 +65,7 @@ static int smb_utf16_bytes(const __le16 *from, int maxbytes,
*/
static int
cifs_mapchar(char *target, const __u16 src_char, const struct nls_table *cp,
- bool mapchar)
+ bool mapchar)
{
int len = 1;
@@ -156,7 +156,7 @@ static inline int is_char_allowed(char *ch)
* Return: string length after conversion
*/
static int smb_from_utf16(char *to, const __le16 *from, int tolen, int fromlen,
- const struct nls_table *codepage, bool mapchar)
+ const struct nls_table *codepage, bool mapchar)
{
int i, charlen, safelen;
int outlen = 0;
@@ -210,7 +210,7 @@ static int smb_from_utf16(char *to, const __le16 *from, int tolen, int fromlen,
* Return: string length after conversion
*/
int smb_strtoUTF16(__le16 *to, const char *from, int len,
- const struct nls_table *codepage)
+ const struct nls_table *codepage)
{
int charlen;
int i;
@@ -224,7 +224,7 @@ int smb_strtoUTF16(__le16 *to, const char *from, int len,
* in destination len is length in wchar_t units (16bits)
*/
i = utf8s_to_utf16s(from, len, UTF16_LITTLE_ENDIAN,
- (wchar_t *)to, len);
+ (wchar_t *)to, len);
/* if success terminate and exit */
if (i >= 0)
@@ -267,7 +267,8 @@ int smb_strtoUTF16(__le16 *to, const char *from, int len,
* Return: destination string buffer or error ptr
*/
char *smb_strndup_from_utf16(const char *src, const int maxlen,
- const bool is_unicode, const struct nls_table *codepage)
+ const bool is_unicode,
+ const struct nls_table *codepage)
{
int len, ret;
char *dst;
@@ -279,7 +280,7 @@ char *smb_strndup_from_utf16(const char *src, const int maxlen,
if (!dst)
return ERR_PTR(-ENOMEM);
ret = smb_from_utf16(dst, (__le16 *)src, len, maxlen, codepage,
- false);
+ false);
if (ret < 0) {
kfree(dst);
return ERR_PTR(-EINVAL);
@@ -318,7 +319,7 @@ char *smb_strndup_from_utf16(const char *src, const int maxlen,
* Return: char length after conversion
*/
int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
- const struct nls_table *cp, int mapchars)
+ const struct nls_table *cp, int mapchars)
{
int i, j, charlen;
char src_char;
diff --git a/fs/cifsd/unicode.h b/fs/cifsd/unicode.h
index 68f1c8290911..5593024230ae 100644
--- a/fs/cifsd/unicode.h
+++ b/fs/cifsd/unicode.h
@@ -63,11 +63,12 @@ extern const struct UniCaseRange CifsUniLowerRange[];
#ifdef __KERNEL__
int smb_strtoUTF16(__le16 *to, const char *from, int len,
- const struct nls_table *codepage);
+ const struct nls_table *codepage);
char *smb_strndup_from_utf16(const char *src, const int maxlen,
- const bool is_unicode, const struct nls_table *codepage);
+ const bool is_unicode,
+ const struct nls_table *codepage);
int smbConvertToUTF16(__le16 *target, const char *source, int srclen,
- const struct nls_table *cp, int mapchars);
+ const struct nls_table *cp, int mapchars);
char *ksmbd_extract_sharename(char *treename);
#endif
@@ -198,7 +199,7 @@ static inline int UniStrncmp(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
/*
* UniStrncmp_le: Compare length limited string - native to little-endian
*/
- static inline int
+static inline int
UniStrncmp_le(const wchar_t *ucs1, const wchar_t *ucs2, size_t n)
{
if (!n)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index e1295b72c410..355e1a5a893b 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -52,7 +52,8 @@ static char *extract_last_component(char *path)
}
static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
- struct inode *parent_inode, struct inode *inode)
+ struct inode *parent_inode,
+ struct inode *inode)
{
if (!test_share_config_flag(work->tcon->share_conf,
KSMBD_SHARE_FLAG_INHERIT_OWNER))
@@ -84,7 +85,7 @@ int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
parent = dget_parent(dentry);
inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
child = lookup_one_len(dentry->d_name.name, parent,
- dentry->d_name.len);
+ dentry->d_name.len);
if (IS_ERR(child)) {
ret = PTR_ERR(child);
goto out_lock;
@@ -130,7 +131,7 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
parent = dget_parent(dentry);
inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
child = lookup_one_len(dentry->d_name.name, parent,
- dentry->d_name.len);
+ dentry->d_name.len);
if (IS_ERR(child)) {
ret = PTR_ERR(child);
goto out_lock;
@@ -171,7 +172,7 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
err = PTR_ERR(dentry);
if (err != -ENOENT)
ksmbd_err("path create failed for %s, err %d\n",
- name, err);
+ name, err);
return err;
}
@@ -179,7 +180,7 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
err = vfs_create(&init_user_ns, d_inode(path.dentry), dentry, mode, true);
if (!err) {
ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
- d_inode(dentry));
+ d_inode(dentry));
} else {
ksmbd_err("File(%s): creation failed (err:%d)\n", name, err);
}
@@ -206,7 +207,7 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
err = PTR_ERR(dentry);
if (err != -EEXIST)
ksmbd_debug(VFS, "path create failed for %s, err %d\n",
- name, err);
+ name, err);
return err;
}
@@ -217,9 +218,8 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
} else if (d_unhashed(dentry)) {
struct dentry *d;
- d = lookup_one_len(dentry->d_name.name,
- dentry->d_parent,
- dentry->d_name.len);
+ d = lookup_one_len(dentry->d_name.name, dentry->d_parent,
+ dentry->d_name.len);
if (IS_ERR(d)) {
err = PTR_ERR(d);
goto out;
@@ -230,8 +230,7 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
goto out;
}
- ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
- d_inode(d));
+ ksmbd_vfs_inherit_owner(work, d_inode(path.dentry), d_inode(d));
dput(d);
}
out:
@@ -242,7 +241,7 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
}
static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry, char *attr_name,
- int attr_name_len, char **attr_value)
+ int attr_name_len, char **attr_value)
{
char *name, *xattr_list = NULL;
ssize_t value_len = -ENOENT, xattr_list_len;
@@ -271,14 +270,14 @@ static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry, char *attr_name,
}
static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
- size_t count)
+ size_t count)
{
ssize_t v_len;
char *stream_buf = NULL;
int err;
ksmbd_debug(VFS, "read stream data pos : %llu, count : %zd\n",
- *pos, count);
+ *pos, count);
v_len = ksmbd_vfs_getcasexattr(fp->filp->f_path.dentry,
fp->stream.name,
@@ -304,7 +303,7 @@ static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
* Return: 0 on success, otherwise error
*/
static int check_lock_range(struct file *filp, loff_t start, loff_t end,
- unsigned char type)
+ unsigned char type)
{
struct file_lock *flock;
struct file_lock_context *ctx = file_inode(filp)->i_flctx;
@@ -348,7 +347,7 @@ static int check_lock_range(struct file *filp, loff_t start, loff_t end,
* Return: number of read bytes on success, otherwise error
*/
int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
- loff_t *pos)
+ loff_t *pos)
{
struct file *filp;
ssize_t nbytes = 0;
@@ -377,8 +376,7 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
if (!work->tcon->posix_extensions) {
int ret;
- ret = check_lock_range(filp, *pos, *pos + count - 1,
- READ);
+ ret = check_lock_range(filp, *pos, *pos + count - 1, READ);
if (ret) {
ksmbd_err("unable to read due to lock\n");
return -EAGAIN;
@@ -388,7 +386,7 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
nbytes = kernel_read(filp, rbuf, count, pos);
if (nbytes < 0) {
ksmbd_err("smb read failed for (%s), err = %zd\n",
- fp->filename, nbytes);
+ fp->filename, nbytes);
return nbytes;
}
@@ -397,14 +395,14 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
}
static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
- size_t count)
+ size_t count)
{
char *stream_buf = NULL, *wbuf;
size_t size, v_len;
int err = 0;
ksmbd_debug(VFS, "write stream data pos : %llu, count : %zd\n",
- *pos, count);
+ *pos, count);
size = *pos + count;
if (size > XATTR_SIZE_MAX) {
@@ -464,8 +462,8 @@ static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
* Return: 0 on success, otherwise error
*/
int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf, size_t count, loff_t *pos, bool sync,
- ssize_t *written)
+ char *buf, size_t count, loff_t *pos, bool sync,
+ ssize_t *written)
{
struct ksmbd_session *sess = work->sess;
struct file *filp;
@@ -514,7 +512,7 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
err = vfs_fsync_range(filp, offset, offset + *written, 0);
if (err < 0)
ksmbd_err("fsync failed for filename = %s, err = %d\n",
- FP_FILENAME(fp), err);
+ FP_FILENAME(fp), err);
}
out:
@@ -588,11 +586,11 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
parent = dget_parent(path.dentry);
inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
dentry = lookup_one_len(path.dentry->d_name.name, parent,
- strlen(path.dentry->d_name.name));
+ strlen(path.dentry->d_name.name));
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
ksmbd_debug(VFS, "%s: lookup failed, err %d\n",
- path.dentry->d_name.name, err);
+ path.dentry->d_name.name, err);
goto out_err;
}
@@ -606,12 +604,12 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
err = vfs_rmdir(&init_user_ns, d_inode(parent), dentry);
if (err && err != -ENOTEMPTY)
ksmbd_debug(VFS, "%s: rmdir failed, err %d\n", name,
- err);
+ err);
} else {
err = vfs_unlink(&init_user_ns, d_inode(parent), dentry, NULL);
if (err)
ksmbd_debug(VFS, "%s: unlink failed, err %d\n", name,
- err);
+ err);
}
dput(dentry);
@@ -631,7 +629,7 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
* Return: 0 on success, otherwise error
*/
int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
- const char *newname)
+ const char *newname)
{
struct path oldpath, newpath;
struct dentry *dentry;
@@ -643,12 +641,12 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
err = kern_path(oldname, LOOKUP_FOLLOW, &oldpath);
if (err) {
ksmbd_err("cannot get linux path for %s, err = %d\n",
- oldname, err);
+ oldname, err);
goto out1;
}
dentry = kern_path_create(AT_FDCWD, newname, &newpath,
- LOOKUP_FOLLOW | LOOKUP_REVAL);
+ LOOKUP_FOLLOW | LOOKUP_REVAL);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
ksmbd_err("path create err for %s, err %d\n", newname, err);
@@ -662,7 +660,7 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
}
err = vfs_link(oldpath.dentry, &init_user_ns, d_inode(newpath.dentry),
- dentry, NULL);
+ dentry, NULL);
if (err)
ksmbd_debug(VFS, "vfs_link failed err %d\n", err);
@@ -676,9 +674,11 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
}
static int __ksmbd_vfs_rename(struct ksmbd_work *work,
- struct dentry *src_dent_parent, struct dentry *src_dent,
- struct dentry *dst_dent_parent, struct dentry *trap_dent,
- char *dst_name)
+ struct dentry *src_dent_parent,
+ struct dentry *src_dent,
+ struct dentry *dst_dent_parent,
+ struct dentry *trap_dent,
+ char *dst_name)
{
struct dentry *dst_dent;
int err;
@@ -742,7 +742,7 @@ static int __ksmbd_vfs_rename(struct ksmbd_work *work,
}
int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *newname)
+ char *newname)
{
struct path dst_path;
struct dentry *src_dent_parent, *dst_dent_parent;
@@ -768,7 +768,7 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
dget(src_dent);
dget(dst_dent_parent);
src_child = lookup_one_len(src_dent->d_name.name, src_dent_parent,
- src_dent->d_name.len);
+ src_dent->d_name.len);
if (IS_ERR(src_child)) {
err = PTR_ERR(src_child);
goto out_lock;
@@ -807,7 +807,7 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
* Return: 0 on success, otherwise error
*/
int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
- struct ksmbd_file *fp, loff_t size)
+ struct ksmbd_file *fp, loff_t size)
{
struct path path;
int err = 0;
@@ -816,13 +816,13 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
err = kern_path(name, 0, &path);
if (err) {
ksmbd_err("cannot get linux path for %s, err %d\n",
- name, err);
+ name, err);
return err;
}
err = vfs_truncate(&path, size);
if (err)
ksmbd_err("truncate failed for %s err %d\n",
- name, err);
+ name, err);
path_put(&path);
} else {
struct file *filp;
@@ -837,10 +837,10 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
if (size < inode->i_size) {
err = check_lock_range(filp, size,
- inode->i_size - 1, WRITE);
+ inode->i_size - 1, WRITE);
} else {
err = check_lock_range(filp, inode->i_size,
- size - 1, WRITE);
+ size - 1, WRITE);
}
if (err) {
@@ -852,7 +852,7 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
err = vfs_truncate(&filp->f_path, size);
if (err)
ksmbd_err("truncate failed for filename : %s err %d\n",
- fp->filename, err);
+ fp->filename, err);
}
return err;
@@ -904,7 +904,7 @@ static ssize_t ksmbd_vfs_xattr_len(struct dentry *dentry, char *xattr_name)
* Return: read xattr value length on success, otherwise error
*/
ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
- char **xattr_buf)
+ char **xattr_buf)
{
ssize_t xattr_len;
char *buf;
@@ -938,7 +938,7 @@ ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
* Return: 0 on success, otherwise error
*/
int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
- const void *attr_value, size_t attr_size, int flags)
+ const void *attr_value, size_t attr_size, int flags)
{
int err;
@@ -988,8 +988,7 @@ void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option)
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_lock(struct file *filp, int cmd,
- struct file_lock *flock)
+int ksmbd_vfs_lock(struct file *filp, int cmd, struct file_lock *flock)
{
ksmbd_debug(VFS, "calling vfs_lock_file\n");
return vfs_lock_file(filp, cmd, flock, NULL);
@@ -1001,26 +1000,27 @@ int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata)
}
int ksmbd_vfs_alloc_size(struct ksmbd_work *work, struct ksmbd_file *fp,
- loff_t len)
+ loff_t len)
{
smb_break_all_levII_oplock(work, fp, 1);
return vfs_fallocate(fp->filp, FALLOC_FL_KEEP_SIZE, 0, len);
}
int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
- loff_t off, loff_t len)
+ loff_t off, loff_t len)
{
smb_break_all_levII_oplock(work, fp, 1);
if (fp->f_ci->m_fattr & ATTR_SPARSE_FILE_LE)
return vfs_fallocate(fp->filp,
- FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE, off, len);
+ FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
+ off, len);
return vfs_fallocate(fp->filp, FALLOC_FL_ZERO_RANGE, off, len);
}
int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
- struct file_allocated_range_buffer *ranges,
- int in_count, int *out_count)
+ struct file_allocated_range_buffer *ranges,
+ int in_count, int *out_count)
{
struct file *f = fp->filp;
struct inode *inode = FP_INODE(fp);
@@ -1087,8 +1087,7 @@ int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
dget(dentry);
- child = lookup_one_len(dentry->d_name.name, dir,
- dentry->d_name.len);
+ child = lookup_one_len(dentry->d_name.name, dir, dentry->d_name.len);
if (IS_ERR(child)) {
err = PTR_ERR(child);
goto out;
@@ -1143,7 +1142,7 @@ unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode)
* @fs_ss: fs sector size struct
*/
void ksmbd_vfs_smb2_sector_size(struct inode *inode,
- struct ksmbd_fs_sector_size *fs_ss)
+ struct ksmbd_fs_sector_size *fs_ss)
{
struct request_queue *q;
@@ -1169,7 +1168,7 @@ void ksmbd_vfs_smb2_sector_size(struct inode *inode,
}
static int __dir_empty(struct dir_context *ctx, const char *name, int namlen,
- loff_t offset, u64 ino, unsigned int d_type)
+ loff_t offset, u64 ino, unsigned int d_type)
{
struct ksmbd_readdir_data *buf;
@@ -1206,7 +1205,8 @@ int ksmbd_vfs_empty_dir(struct ksmbd_file *fp)
}
static int __caseless_lookup(struct dir_context *ctx, const char *name,
- int namlen, loff_t offset, u64 ino, unsigned int d_type)
+ int namlen, loff_t offset, u64 ino,
+ unsigned int d_type)
{
struct ksmbd_readdir_data *buf;
@@ -1263,7 +1263,7 @@ static int ksmbd_vfs_lookup_in_dir(struct path *dir, char *name, size_t namelen)
* Return: 0 on success, otherwise error
*/
int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
- bool caseless)
+ bool caseless)
{
int err;
@@ -1346,7 +1346,7 @@ int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry)
}
for (name = xattr_list; name - xattr_list < xattr_list_len;
- name += strlen(name) + 1) {
+ name += strlen(name) + 1) {
ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name));
if (!strncmp(name, XATTR_NAME_POSIX_ACL_ACCESS,
@@ -1356,7 +1356,7 @@ int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry)
err = ksmbd_vfs_remove_xattr(dentry, name);
if (err)
ksmbd_debug(SMB,
- "remove acl xattr failed : %s\n", name);
+ "remove acl xattr failed : %s\n", name);
}
}
out:
@@ -1394,7 +1394,7 @@ int ksmbd_vfs_remove_sd_xattrs(struct dentry *dentry)
}
static struct xattr_smb_acl *ksmbd_vfs_make_xattr_posix_acl(struct inode *inode,
- int acl_type)
+ int acl_type)
{
struct xattr_smb_acl *smb_acl = NULL;
struct posix_acl *posix_acls;
@@ -1455,7 +1455,7 @@ static struct xattr_smb_acl *ksmbd_vfs_make_xattr_posix_acl(struct inode *inode,
}
int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
- struct smb_ntsd *pntsd, int len)
+ struct smb_ntsd *pntsd, int len)
{
int rc;
struct ndr sd_ndr = {0}, acl_ndr = {0};
@@ -1489,7 +1489,7 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode, ACL_TYPE_ACCESS);
if (S_ISDIR(inode->i_mode))
def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
- ACL_TYPE_DEFAULT);
+ ACL_TYPE_DEFAULT);
rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
if (rc) {
@@ -1498,7 +1498,7 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
}
rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
- acl.posix_acl_hash);
+ acl.posix_acl_hash);
if (rc) {
ksmbd_err("failed to generate hash for ndr acl\n");
goto out;
@@ -1511,7 +1511,7 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
}
rc = ksmbd_vfs_setxattr(dentry, XATTR_NAME_SD, sd_ndr.data,
- sd_ndr.offset, 0);
+ sd_ndr.offset, 0);
if (rc < 0)
ksmbd_err("Failed to store XATTR ntacl :%d\n", rc);
@@ -1524,7 +1524,7 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
}
int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
- struct smb_ntsd **pntsd)
+ struct smb_ntsd **pntsd)
{
int rc;
struct ndr n;
@@ -1543,10 +1543,10 @@ int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
return rc;
smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
- ACL_TYPE_ACCESS);
+ ACL_TYPE_ACCESS);
if (S_ISDIR(inode->i_mode))
def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
- ACL_TYPE_DEFAULT);
+ ACL_TYPE_DEFAULT);
rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
if (rc) {
@@ -1555,7 +1555,7 @@ int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
}
rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
- cmp_hash);
+ cmp_hash);
if (rc) {
ksmbd_err("failed to generate hash for ndr acl\n");
goto out;
@@ -1587,7 +1587,7 @@ int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
}
int ksmbd_vfs_set_dos_attrib_xattr(struct dentry *dentry,
- struct xattr_dos_attrib *da)
+ struct xattr_dos_attrib *da)
{
struct ndr n;
int err;
@@ -1596,11 +1596,8 @@ int ksmbd_vfs_set_dos_attrib_xattr(struct dentry *dentry,
if (err)
return err;
- err = ksmbd_vfs_setxattr(dentry,
- XATTR_NAME_DOS_ATTRIBUTE,
- (void *)n.data,
- n.offset,
- 0);
+ err = ksmbd_vfs_setxattr(dentry, XATTR_NAME_DOS_ATTRIBUTE,
+ (void *)n.data, n.offset, 0);
if (err)
ksmbd_debug(SMB, "failed to store dos attribute in xattr\n");
kfree(n.data);
@@ -1609,14 +1606,13 @@ int ksmbd_vfs_set_dos_attrib_xattr(struct dentry *dentry,
}
int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
- struct xattr_dos_attrib *da)
+ struct xattr_dos_attrib *da)
{
struct ndr n;
int err;
- err = ksmbd_vfs_getxattr(dentry,
- XATTR_NAME_DOS_ATTRIBUTE,
- (char **)&n.data);
+ err = ksmbd_vfs_getxattr(dentry, XATTR_NAME_DOS_ATTRIBUTE,
+ (char **)&n.data);
if (err > 0) {
n.length = err;
if (ndr_decode_dos_attr(&n, da))
@@ -1648,7 +1644,7 @@ struct posix_acl *ksmbd_vfs_get_acl(struct inode *inode, int type)
}
int ksmbd_vfs_set_posix_acl(struct inode *inode, int type,
- struct posix_acl *acl)
+ struct posix_acl *acl)
{
#if IS_ENABLED(CONFIG_FS_POSIX_ACL)
return set_posix_acl(&init_user_ns, inode, type, acl);
@@ -1690,7 +1686,7 @@ void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat)
}
int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
- struct ksmbd_kstat *ksmbd_kstat)
+ struct ksmbd_kstat *ksmbd_kstat)
{
u64 time;
int rc;
@@ -1726,7 +1722,7 @@ int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
}
ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry, char *attr_name,
- int attr_name_len)
+ int attr_name_len)
{
char *name, *xattr_list = NULL;
ssize_t value_len = -ENOENT, xattr_list_len;
@@ -1751,7 +1747,7 @@ ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry, char *attr_name,
}
int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
- size_t *xattr_stream_name_size, int s_type)
+ size_t *xattr_stream_name_size, int s_type)
{
int stream_name_size;
char *xattr_stream_name_buf;
@@ -1767,18 +1763,15 @@ int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
stream_name_size = strlen(stream_name);
*xattr_stream_name_size = stream_name_size + XATTR_NAME_STREAM_LEN + 1;
xattr_stream_name_buf = kmalloc(*xattr_stream_name_size + type_len,
- GFP_KERNEL);
+ GFP_KERNEL);
if (!xattr_stream_name_buf)
return -ENOMEM;
- memcpy(xattr_stream_name_buf,
- XATTR_NAME_STREAM,
- XATTR_NAME_STREAM_LEN);
+ memcpy(xattr_stream_name_buf, XATTR_NAME_STREAM, XATTR_NAME_STREAM_LEN);
if (stream_name_size) {
memcpy(&xattr_stream_name_buf[XATTR_NAME_STREAM_LEN],
- stream_name,
- stream_name_size);
+ stream_name, stream_name_size);
}
memcpy(&xattr_stream_name_buf[*xattr_stream_name_size - 1], type, type_len);
*xattr_stream_name_size += type_len;
@@ -1790,7 +1783,7 @@ int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
}
int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
- struct file *file_out, loff_t pos_out, size_t len)
+ struct file *file_out, loff_t pos_out, size_t len)
{
struct inode *inode_in = file_inode(file_in);
struct inode *inode_out = file_inode(file_out);
@@ -1820,7 +1813,7 @@ int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
* in do_splice_direct
*/
ret = do_splice_direct(file_in, &pos_in, file_out, &pos_out,
- len > MAX_RW_COUNT ? MAX_RW_COUNT : len, 0);
+ len > MAX_RW_COUNT ? MAX_RW_COUNT : len, 0);
if (ret > 0) {
fsnotify_access(file_in);
add_rchar(current, ret);
@@ -1836,10 +1829,13 @@ int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
}
int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
- struct ksmbd_file *src_fp, struct ksmbd_file *dst_fp,
- struct srv_copychunk *chunks, unsigned int chunk_count,
- unsigned int *chunk_count_written,
- unsigned int *chunk_size_written, loff_t *total_size_written)
+ struct ksmbd_file *src_fp,
+ struct ksmbd_file *dst_fp,
+ struct srv_copychunk *chunks,
+ unsigned int chunk_count,
+ unsigned int *chunk_count_written,
+ unsigned int *chunk_size_written,
+ loff_t *total_size_written)
{
unsigned int i;
loff_t src_off, dst_off, src_file_size;
@@ -1890,7 +1886,7 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
return -E2BIG;
ret = ksmbd_vfs_copy_file_range(src_fp->filp, src_off,
- dst_fp->filp, dst_off, len);
+ dst_fp->filp, dst_off, len);
if (ret < 0)
return ret;
@@ -1949,13 +1945,13 @@ int ksmbd_vfs_set_init_posix_acl(struct inode *inode)
rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
- rc);
+ rc);
else if (S_ISDIR(inode->i_mode)) {
posix_state_to_acl(&acl_state, acls->a_entries);
rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
- rc);
+ rc);
}
free_acl_state(&acl_state);
posix_acl_release(acls);
@@ -1983,12 +1979,12 @@ int ksmbd_vfs_inherit_posix_acl(struct inode *inode, struct inode *parent_inode)
rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
- rc);
+ rc);
if (S_ISDIR(inode->i_mode)) {
rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
- rc);
+ rc);
}
posix_acl_release(acls);
return rc;
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index 2d19e2bac33a..5db1e9e2a754 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -191,84 +191,85 @@ struct ksmbd_fs_sector_size {
};
int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode,
- bool delete);
+ bool delete);
int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess);
int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode);
int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode);
int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp,
- size_t count, loff_t *pos);
+ size_t count, loff_t *pos);
int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf, size_t count, loff_t *pos, bool sync,
- ssize_t *written);
+ char *buf, size_t count, loff_t *pos, bool sync,
+ ssize_t *written);
int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id);
int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name);
int ksmbd_vfs_link(struct ksmbd_work *work,
- const char *oldname, const char *newname);
+ const char *oldname, const char *newname);
int ksmbd_vfs_getattr(struct path *path, struct kstat *stat);
-
int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *newname);
-
+ char *newname);
int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
- struct ksmbd_file *fp, loff_t size);
-
+ struct ksmbd_file *fp, loff_t size);
struct srv_copychunk;
int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
- struct ksmbd_file *src_fp, struct ksmbd_file *dst_fp,
- struct srv_copychunk *chunks, unsigned int chunk_count,
- unsigned int *chunk_count_written,
- unsigned int *chunk_size_written, loff_t *total_size_written);
+ struct ksmbd_file *src_fp,
+ struct ksmbd_file *dst_fp,
+ struct srv_copychunk *chunks,
+ unsigned int chunk_count,
+ unsigned int *chunk_count_written,
+ unsigned int *chunk_size_written,
+ loff_t *total_size_written);
int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
- struct file *file_out, loff_t pos_out, size_t len);
+ struct file *file_out, loff_t pos_out,
+ size_t len);
ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list);
ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
- char **xattr_buf);
+ char **xattr_buf);
ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry, char *attr_name,
- int attr_name_len);
+ int attr_name_len);
int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
- const void *attr_value, size_t attr_size, int flags);
+ const void *attr_value, size_t attr_size, int flags);
int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
- size_t *xattr_stream_name_size, int s_type);
+ size_t *xattr_stream_name_size, int s_type);
int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
- bool caseless);
+ bool caseless);
int ksmbd_vfs_empty_dir(struct ksmbd_file *fp);
void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option);
int ksmbd_vfs_lock(struct file *filp, int cmd, struct file_lock *flock);
int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata);
int ksmbd_vfs_alloc_size(struct ksmbd_work *work, struct ksmbd_file *fp,
- loff_t len);
+ loff_t len);
int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
- loff_t off, loff_t len);
+ loff_t off, loff_t len);
struct file_allocated_range_buffer;
int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
- struct file_allocated_range_buffer *ranges,
- int in_count, int *out_count);
+ struct file_allocated_range_buffer *ranges,
+ int in_count, int *out_count);
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry);
unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode);
void ksmbd_vfs_smb2_sector_size(struct inode *inode,
- struct ksmbd_fs_sector_size *fs_ss);
+ struct ksmbd_fs_sector_size *fs_ss);
void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
- struct ksmbd_kstat *ksmbd_kstat);
+ struct ksmbd_kstat *ksmbd_kstat);
int ksmbd_vfs_posix_lock_wait(struct file_lock *flock);
int ksmbd_vfs_posix_lock_wait_timeout(struct file_lock *flock, long timeout);
void ksmbd_vfs_posix_lock_unblock(struct file_lock *flock);
int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry);
int ksmbd_vfs_remove_sd_xattrs(struct dentry *dentry);
int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
- struct smb_ntsd *pntsd, int len);
+ struct smb_ntsd *pntsd, int len);
int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
- struct smb_ntsd **pntsd);
+ struct smb_ntsd **pntsd);
int ksmbd_vfs_set_dos_attrib_xattr(struct dentry *dentry,
- struct xattr_dos_attrib *da);
+ struct xattr_dos_attrib *da);
int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
- struct xattr_dos_attrib *da);
+ struct xattr_dos_attrib *da);
struct posix_acl *ksmbd_vfs_posix_acl_alloc(int count, gfp_t flags);
struct posix_acl *ksmbd_vfs_get_acl(struct inode *inode, int type);
int ksmbd_vfs_set_posix_acl(struct inode *inode, int type,
- struct posix_acl *acl);
+ struct posix_acl *acl);
int ksmbd_vfs_set_init_posix_acl(struct inode *inode);
int ksmbd_vfs_inherit_posix_acl(struct inode *inode,
- struct inode *parent_inode);
+ struct inode *parent_inode);
#endif /* __KSMBD_VFS_H__ */
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 3286e74e2a56..6ea09fe82814 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -255,7 +255,7 @@ static void __ksmbd_inode_close(struct ksmbd_file *fp)
fp->stream.name);
if (err)
ksmbd_err("remove xattr failed : %s\n",
- fp->stream.name);
+ fp->stream.name);
}
if (atomic_dec_and_test(&ci->m_count)) {
@@ -326,7 +326,7 @@ static struct ksmbd_file *ksmbd_fp_get(struct ksmbd_file *fp)
}
static struct ksmbd_file *__ksmbd_lookup_fd(struct ksmbd_file_table *ft,
- unsigned int id)
+ unsigned int id)
{
struct ksmbd_file *fp;
@@ -350,7 +350,7 @@ static void set_close_state_blocked_works(struct ksmbd_file *fp)
spin_lock(&fp->f_lock);
list_for_each_entry_safe(cancel_work, ctmp, &fp->blocked_works,
- fp_entry) {
+ fp_entry) {
list_del(&cancel_work->fp_entry);
cancel_work->state = KSMBD_WORK_CLOSED;
cancel_work->cancel_fn(cancel_work->cancel_argv);
@@ -420,7 +420,7 @@ struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, unsigned int id
}
struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, unsigned int id,
- unsigned int pid)
+ unsigned int pid)
{
struct ksmbd_file *fp;
@@ -577,8 +577,10 @@ struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
}
static int
-__close_file_table_ids(struct ksmbd_file_table *ft, struct ksmbd_tree_connect *tcon,
- bool (*skip)(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp))
+__close_file_table_ids(struct ksmbd_file_table *ft,
+ struct ksmbd_tree_connect *tcon,
+ bool (*skip)(struct ksmbd_tree_connect *tcon,
+ struct ksmbd_file *fp))
{
unsigned int id;
struct ksmbd_file *fp;
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index 5638641dd0cf..823fcb257a42 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -149,7 +149,7 @@ int ksmbd_close_fd(struct ksmbd_work *work, unsigned int id);
struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, unsigned int id);
struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, unsigned int id);
struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, unsigned int id,
- unsigned int pid);
+ unsigned int pid);
void ksmbd_fd_put(struct ksmbd_work *work, struct ksmbd_file *fp);
struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id);
struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid);
From patchwork Mon Nov 14 12:50:04 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183192
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:57 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:57 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:56 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 095/308] cifsd: remove unnecessary parentheses
around
Date: Mon, 14 Nov 2022 20:50:04 +0800
Message-ID: <20221114125337.1831594-96-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cd8aabf0-f149-401e-e5a4-08dac63c5be4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7059632
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit c986ed981ae6a622a453c533389994b6aed6359b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c986ed981ae6
-------------------------------
Fix warnings from checkpatch.pl --strict :
CHECK: Unnecessary parentheses around 'brk_op->o_lease->new_state ==
SMB2_LEASE_NONE_LE'
#1511: FILE: oplock.c:1511:
+ if (brk_op->is_lease &&
+ (brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE)
&&
+ atomic_read(&brk_op->breaking_cnt))
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/oplock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index 56c68e9cb7ff..f76de7861e7b 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -1262,7 +1262,7 @@ void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp,
/* Skip oplock being break to none */
if (brk_op->is_lease &&
- (brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE) &&
+ brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE &&
atomic_read(&brk_op->breaking_cnt))
goto next;
From patchwork Mon Nov 14 12:50:05 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183193
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:57 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:57 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:57 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 096/308] cifsd: Prefer kernel type 'u16' over
'uint16_t'
Date: Mon, 14 Nov 2022 20:50:05 +0800
Message-ID: <20221114125337.1831594-97-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
08b78a66-3a01-4957-cdea-08dac63c5c2e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7374899
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit fc2d1b58c4f2c7240093d738ca99cfcf7a8b3107
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/fc2d1b58c4f2
-------------------------------
Fix a warning from checkpatch.pl --strict:
CHECK: Prefer kernel type 'u16' over 'uint16_t'
#112: FILE: server.c:112:
+ uint16_t command;
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/server.c | 4 ++--
fs/cifsd/smb2pdu.c | 2 +-
fs/cifsd/smb_common.h | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index 87838f76a348..a71fafa176b3 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -106,10 +106,10 @@ static inline int check_conn_state(struct ksmbd_work *work)
#define TCP_HANDLER_ABORT 1
static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
- uint16_t *cmd)
+ u16 *cmd)
{
struct smb_version_cmds *cmds;
- uint16_t command;
+ u16 command;
int ret;
if (check_conn_state(work))
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 84b243b3895a..212cdffd27bc 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -193,7 +193,7 @@ int is_smb2_rsp(struct ksmbd_work *work)
*
* Return: smb2 request command value
*/
-uint16_t get_smb2_cmd_val(struct ksmbd_work *work)
+u16 get_smb2_cmd_val(struct ksmbd_work *work)
{
struct smb2_hdr *rcv_hdr;
diff --git a/fs/cifsd/smb_common.h b/fs/cifsd/smb_common.h
index 2d7b1c693ff4..6e7404b8db96 100644
--- a/fs/cifsd/smb_common.h
+++ b/fs/cifsd/smb_common.h
@@ -469,7 +469,7 @@ struct filesystem_posix_info {
} __packed;
struct smb_version_ops {
- uint16_t (*get_cmd_val)(struct ksmbd_work *swork);
+ u16 (*get_cmd_val)(struct ksmbd_work *swork);
int (*init_rsp_hdr)(struct ksmbd_work *swork);
void (*set_rsp_status)(struct ksmbd_work *swork, __le32 err);
int (*allocate_rsp_buf)(struct ksmbd_work *work);
From patchwork Mon Nov 14 12:50:06 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183194
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:58 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:58 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:57 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 097/308] cifsd: lookup a file with LOOKUP_FOLLOW
only if 'follow symlinks = yes'
Date: Mon, 14 Nov 2022 20:50:06 +0800
Message-ID: <20221114125337.1831594-98-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f9ff9ffe-defe-46a0-86ab-08dac63c5c77
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6873815
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit a6a5fa77805b291afc90291a6ae705b1759b9735
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a6a5fa77805b
-------------------------------
Some vfs help functions lookup a file with
LOOKUP_FOLLOW regardless of the "follow symlinks"
option.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 6 +++++-
fs/cifsd/vfs.c | 24 ++++++++++++++++++++----
2 files changed, 25 insertions(+), 5 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 212cdffd27bc..f68e2638d629 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -4583,8 +4583,12 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
struct path path;
int rc = 0, len;
int fs_infoclass_size = 0;
+ int lookup_flags = 0;
- rc = ksmbd_vfs_kern_path(share->path, LOOKUP_FOLLOW, &path, 0);
+ if (test_share_config_flag(share, KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
+ lookup_flags = LOOKUP_FOLLOW;
+
+ rc = ksmbd_vfs_kern_path(share->path, lookup_flags, &path, 0);
if (rc) {
ksmbd_err("cannot create vfs path\n");
return -EIO;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 355e1a5a893b..291953eff5fa 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -572,11 +572,16 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
struct path path;
struct dentry *dentry, *parent;
int err;
+ int flags = 0;
if (ksmbd_override_fsids(work))
return -ENOMEM;
- err = kern_path(name, LOOKUP_FOLLOW, &path);
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
+ flags = LOOKUP_FOLLOW;
+
+ err = kern_path(name, flags, &path);
if (err) {
ksmbd_debug(VFS, "can't get %s, err %d\n", name, err);
ksmbd_revert_fsids(work);
@@ -634,11 +639,16 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
struct path oldpath, newpath;
struct dentry *dentry;
int err;
+ int flags = 0;
if (ksmbd_override_fsids(work))
return -ENOMEM;
- err = kern_path(oldname, LOOKUP_FOLLOW, &oldpath);
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
+ flags = LOOKUP_FOLLOW;
+
+ err = kern_path(oldname, flags, &oldpath);
if (err) {
ksmbd_err("cannot get linux path for %s, err = %d\n",
oldname, err);
@@ -646,7 +656,7 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
}
dentry = kern_path_create(AT_FDCWD, newname, &newpath,
- LOOKUP_FOLLOW | LOOKUP_REVAL);
+ flags | LOOKUP_REVAL);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
ksmbd_err("path create err for %s, err %d\n", newname, err);
@@ -749,6 +759,7 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
struct dentry *src_dent, *trap_dent, *src_child;
char *dst_name;
int err;
+ int flags;
dst_name = extract_last_component(newname);
if (!dst_name)
@@ -757,7 +768,12 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
src_dent_parent = dget_parent(fp->filp->f_path.dentry);
src_dent = fp->filp->f_path.dentry;
- err = kern_path(newname, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &dst_path);
+ flags = LOOKUP_DIRECTORY;
+ if (test_share_config_flag(work->tcon->share_conf,
+ KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
+ flags |= LOOKUP_FOLLOW;
+
+ err = kern_path(newname, flags, &dst_path);
if (err) {
ksmbd_debug(VFS, "Cannot get path for %s [%d]\n", newname, err);
goto out;
From patchwork Mon Nov 14 12:50:07 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183195
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:58 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:58 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:57 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 098/308] cifsd: fix Control flow issues in
ksmbd_build_ntlmssp_challenge_blob()
Date: Mon, 14 Nov 2022 20:50:07 +0800
Message-ID: <20221114125337.1831594-99-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
b5eb0e7d-dae6-43b8-a556-08dac63c5cbf
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7095314
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 152de8c68d13845592e8e511136842bcdb691063
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/152de8c68d13
-------------------------------
Fix a defect reported by Coverity Scan.
*** CID 1504970: Control flow issues (NO_EFFECT)
/fs/cifsd/auth.c: 622 in ksmbd_build_ntlmssp_challenge_blob()
616 name = kmalloc(2 + UNICODE_LEN(len), GFP_KERNEL);
617 if (!name)
618 return -ENOMEM;
619
620 conv_len = smb_strtoUTF16((__le16 *)name,
ksmbd_netbios_name(), len,
621 sess->conn->local_nls);
>>> CID 1504970: Control flow issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true.
622 if (conv_len < 0 || conv_len > len) {
623 kfree(name);
624 return -EINVAL;
625 }
626
627 uni_len = UNICODE_LEN(conv_len);
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 9b86cf4fd73f..5f47de49c05d 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -584,8 +584,8 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
struct target_info *tinfo;
wchar_t *name;
__u8 *target_name;
- unsigned int len, flags, blob_off, blob_len, type, target_info_len = 0;
- unsigned int uni_len, conv_len;
+ unsigned int flags, blob_off, blob_len, type, target_info_len = 0;
+ int len, uni_len, conv_len;
int cflags = sess->ntlmssp.client_flags;
memcpy(chgblob->Signature, NTLMSSP_SIGNATURE, 8);
From patchwork Mon Nov 14 12:50:08 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183196
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:59 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:58 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:58 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 099/308] cifsd: enclose macro variables in
parenthesis
Date: Mon, 14 Nov 2022 20:50:08 +0800
Message-ID: <20221114125337.1831594-100-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a214912b-7281-4cec-1121-08dac63c5d08
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6021188
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 40c594b647660bf91bc95fe7c9358bff7f56cf2e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/40c594b64766
-------------------------------
checkpatch.pl complains as the following:
CHECK: Macro argument 'fp' may be better as '(fp)' to avoid
precedence issues.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs_cache.h | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index 823fcb257a42..635eedbd497c 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -25,14 +25,14 @@
#define KSMBD_NO_FID (UINT_MAX)
#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
-#define FP_FILENAME(fp) fp->filp->f_path.dentry->d_name.name
-#define FP_INODE(fp) d_inode(fp->filp->f_path.dentry)
-#define PARENT_INODE(fp) d_inode(fp->filp->f_path.dentry->d_parent)
-
-#define ATTR_FP(fp) (fp->attrib_only && \
- (fp->cdoption != FILE_OVERWRITE_IF_LE && \
- fp->cdoption != FILE_OVERWRITE_LE && \
- fp->cdoption != FILE_SUPERSEDE_LE))
+#define FP_FILENAME(fp) ((fp)->filp->f_path.dentry->d_name.name)
+#define FP_INODE(fp) d_inode((fp)->filp->f_path.dentry)
+#define PARENT_INODE(fp) d_inode((fp)->filp->f_path.dentry->d_parent)
+
+#define ATTR_FP(fp) ((fp)->attrib_only && \
+ ((fp)->cdoption != FILE_OVERWRITE_IF_LE && \
+ (fp)->cdoption != FILE_OVERWRITE_LE && \
+ (fp)->cdoption != FILE_SUPERSEDE_LE))
struct ksmbd_conn;
struct ksmbd_session;
From patchwork Mon Nov 14 12:50:09 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183197
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:32:59 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:59 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:58 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 100/308] cifsd: make alignment match open
parenthesis
Date: Mon, 14 Nov 2022 20:50:09 +0800
Message-ID: <20221114125337.1831594-101-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
5dc90734-022a-45ec-a328-08dac63c5d50
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6975243
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit d7e5852b4deb121e2c929b2bb7440c5db3e2f90a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d7e5852b4deb
-------------------------------
checkpatch.pl complains as the following:
Alignment should match open parenthesis.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2ops.c | 2 +-
fs/cifsd/smb2pdu.c | 2 +-
fs/cifsd/smb2pdu.h | 4 ++--
fs/cifsd/smbacl.h | 15 ++++++++-------
fs/cifsd/transport_ipc.h | 6 +++---
fs/cifsd/transport_tcp.c | 8 ++++----
fs/cifsd/vfs.c | 4 ++--
7 files changed, 21 insertions(+), 20 deletions(-)
diff --git a/fs/cifsd/smb2ops.c b/fs/cifsd/smb2ops.c
index 945bc6a78d3c..c47d60bce9d4 100644
--- a/fs/cifsd/smb2ops.c
+++ b/fs/cifsd/smb2ops.c
@@ -227,7 +227,7 @@ void init_smb3_0_server(struct ksmbd_conn *conn)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION &&
- conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
+ conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index f68e2638d629..3e112fbdc2d9 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -560,7 +560,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
sz = large_sz;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_TBUF &&
- work->set_trans_buf)
+ work->set_trans_buf)
work->response_buf = ksmbd_find_buffer(sz);
else
work->response_buf = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
diff --git a/fs/cifsd/smb2pdu.h b/fs/cifsd/smb2pdu.h
index 1a8da2122b75..b3d3365d7070 100644
--- a/fs/cifsd/smb2pdu.h
+++ b/fs/cifsd/smb2pdu.h
@@ -1623,10 +1623,10 @@ void smb2_set_sign_rsp(struct ksmbd_work *work);
int smb3_check_sign_req(struct ksmbd_work *work);
void smb3_set_sign_rsp(struct ksmbd_work *work);
int find_matching_smb2_dialect(int start_index, __le16 *cli_dialects,
- __le16 dialects_count);
+ __le16 dialects_count);
struct file_lock *smb_flock_init(struct file *f);
int setup_async_work(struct ksmbd_work *work, void (*fn)(void **),
- void **arg);
+ void **arg);
void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status);
struct channel *lookup_chann_list(struct ksmbd_session *sess);
void smb3_preauth_hash_rsp(struct ksmbd_work *work);
diff --git a/fs/cifsd/smbacl.h b/fs/cifsd/smbacl.h
index 032b6a3ec6f4..fb5480f0aa89 100644
--- a/fs/cifsd/smbacl.h
+++ b/fs/cifsd/smbacl.h
@@ -180,22 +180,23 @@ struct posix_acl_state {
};
int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
- struct smb_fattr *fattr);
+ struct smb_fattr *fattr);
int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *ppntsd,
- int addition_info, __u32 *secdesclen, struct smb_fattr *fattr);
+ int addition_info, __u32 *secdesclen,
+ struct smb_fattr *fattr);
int init_acl_state(struct posix_acl_state *state, int cnt);
void free_acl_state(struct posix_acl_state *state);
void posix_state_to_acl(struct posix_acl_state *state,
- struct posix_acl_entry *pace);
+ struct posix_acl_entry *pace);
int compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid);
bool smb_inherit_flags(int flags, bool is_dir);
int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
- unsigned int uid, unsigned int gid);
+ unsigned int uid, unsigned int gid);
int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
- __le32 *pdaccess, int uid);
+ __le32 *pdaccess, int uid);
int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
- struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
- bool type_check);
+ struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
+ bool type_check);
void id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid);
void ksmbd_init_domain(u32 *sub_auth);
#endif /* _SMBACL_H */
diff --git a/fs/cifsd/transport_ipc.h b/fs/cifsd/transport_ipc.h
index 523b4df2c783..9eacc895ffdb 100644
--- a/fs/cifsd/transport_ipc.h
+++ b/fs/cifsd/transport_ipc.h
@@ -20,9 +20,9 @@ struct sockaddr;
struct ksmbd_tree_connect_response *
ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
- struct ksmbd_share_config *share,
- struct ksmbd_tree_connect *tree_conn,
- struct sockaddr *peer_addr);
+ struct ksmbd_share_config *share,
+ struct ksmbd_tree_connect *tree_conn,
+ struct sockaddr *peer_addr);
int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
unsigned long long connect_id);
int ksmbd_ipc_logout_request(const char *account);
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index 5bd332a58596..d6d5c0038dea 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -423,10 +423,10 @@ static int create_socket(struct interface *iface)
ksmbd_tcp_reuseaddr(ksmbd_socket);
ret = sock_setsockopt(ksmbd_socket,
- SOL_SOCKET,
- SO_BINDTODEVICE,
- KERNEL_SOCKPTR(iface->name),
- strlen(iface->name));
+ SOL_SOCKET,
+ SO_BINDTODEVICE,
+ KERNEL_SOCKPTR(iface->name),
+ strlen(iface->name));
if (ret != -ENODEV && ret < 0) {
ksmbd_err("Failed to set SO_BINDTODEVICE: %d\n", ret);
goto out_error;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 291953eff5fa..cd037594f486 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -934,8 +934,8 @@ ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
if (!buf)
return -ENOMEM;
- xattr_len = vfs_getxattr(&init_user_ns, dentry, xattr_name, (void *)buf,
- xattr_len);
+ xattr_len = vfs_getxattr(&init_user_ns, dentry, xattr_name,
+ (void *)buf, xattr_len);
if (xattr_len > 0)
*xattr_buf = buf;
else
From patchwork Mon Nov 14 12:50:10 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183198
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:00 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:32:59 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:59 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 101/308] cifsd: fix memleak in
ksmbd_vfs_stream_write()
Date: Mon, 14 Nov 2022 20:50:10 +0800
Message-ID: <20221114125337.1831594-102-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
763a1acf-0e4a-48ab-5a78-08dac63c5d99
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7197834
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Yang Yingliang <yangyingliang(a)huawei.com>
mainline inclusion
from mainline-5.15-rc1
commit 113ef68d47f5d36611c16a6ef4bd2a837aa344ab
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/113ef68d47f5
-------------------------------
Before assigning wbuf to stream_buf, memory allocate in
ksmbd_vfs_getcasexattr() need be freed.
Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index cd037594f486..e70b67e41cd4 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -429,6 +429,7 @@ static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
if (v_len > 0)
memcpy(wbuf, stream_buf, v_len);
+ kvfree(stream_buf);
stream_buf = wbuf;
}
From patchwork Mon Nov 14 12:50:11 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183199
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:00 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:00 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:32:59 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 102/308] cifsd: fix memleak in
ksmbd_vfs_stream_read()
Date: Mon, 14 Nov 2022 20:50:11 +0800
Message-ID: <20221114125337.1831594-103-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c543fa15-71f1-4349-1d3f-08dac63c5de3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7080445
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Yang Yingliang <yangyingliang(a)huawei.com>
mainline inclusion
from mainline-5.15-rc1
commit 673b9ba7a1404fa5beda936b8ad509b70a516b52
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/673b9ba7a140
-------------------------------
Before ksmbd_vfs_stream_read() return, memory allocate in
ksmbd_vfs_getcasexattr() need be freed.
Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index e70b67e41cd4..85872416bf9b 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -290,6 +290,7 @@ static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
}
memcpy(buf, &stream_buf[*pos], count);
+ kvfree(stream_buf);
return v_len > count ? count : v_len;
}
From patchwork Mon Nov 14 12:50:12 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183200
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:01 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:00 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:00 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 103/308] cifsd: check return value of
ksmbd_vfs_getcasexattr() correctly
Date: Mon, 14 Nov 2022 20:50:12 +0800
Message-ID: <20221114125337.1831594-104-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
71188157-21f1-43cb-2c9a-08dac63c5e2d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7023299
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Yang Yingliang <yangyingliang(a)huawei.com>
mainline inclusion
from mainline-5.15-rc1
commit fd6de099d7fabc2b86f51dc622453eb279f7cce9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/fd6de099d7fa
-------------------------------
If ksmbd_vfs_getcasexattr() returns -ENOMEM, stream_buf is NULL,
it will cause null-ptr-deref when using it to copy memory. So we
need check the return value of ksmbd_vfs_getcasexattr() by comparing
with 0.
Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 85872416bf9b..56b1091473b9 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -274,7 +274,6 @@ static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
{
ssize_t v_len;
char *stream_buf = NULL;
- int err;
ksmbd_debug(VFS, "read stream data pos : %llu, count : %zd\n",
*pos, count);
@@ -283,11 +282,8 @@ static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
fp->stream.name,
fp->stream.size,
&stream_buf);
- if (v_len == -ENOENT) {
- ksmbd_err("not found stream in xattr : %zd\n", v_len);
- err = -ENOENT;
- return err;
- }
+ if ((int)v_len <= 0)
+ return (int)v_len;
memcpy(buf, &stream_buf[*pos], count);
kvfree(stream_buf);
@@ -415,9 +411,9 @@ static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
fp->stream.name,
fp->stream.size,
&stream_buf);
- if (v_len == -ENOENT) {
+ if ((int)v_len < 0) {
ksmbd_err("not found stream in xattr : %zd\n", v_len);
- err = -ENOENT;
+ err = (int)v_len;
goto out;
}
From patchwork Mon Nov 14 12:50:13 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183201
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:01 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:01 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:00 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 104/308] cifsd: fix potential read overflow in
ksmbd_vfs_stream_read()
Date: Mon, 14 Nov 2022 20:50:13 +0800
Message-ID: <20221114125337.1831594-105-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
39e76e5a-bb8c-405f-bf0b-08dac63c5e75
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7154502
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 2ae1a6cc43027d84e33819ac4376c5e5e11b4152
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2ae1a6cc4302
-------------------------------
If *pos or *pos + count is greater than v_len, It will read beyond
the stream_buf buffer. This patch add the check and cut down count with
size of the buffer.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 56b1091473b9..9111b485d611 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -285,9 +285,19 @@ static int ksmbd_vfs_stream_read(struct ksmbd_file *fp, char *buf, loff_t *pos,
if ((int)v_len <= 0)
return (int)v_len;
+ if (v_len <= *pos) {
+ count = -EINVAL;
+ goto free_buf;
+ }
+
+ if (v_len - *pos < count)
+ count = v_len - *pos;
+
memcpy(buf, &stream_buf[*pos], count);
+
+free_buf:
kvfree(stream_buf);
- return v_len > count ? count : v_len;
+ return count;
}
/**
From patchwork Mon Nov 14 12:50:14 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183202
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:02 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:01 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:01 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 105/308] cifsd: fix additional warnings from
checkpatch.pl --strict
Date: Mon, 14 Nov 2022 20:50:14 +0800
Message-ID: <20221114125337.1831594-106-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4e566618-29dc-47cb-f42c-08dac63c5ebf
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7108502
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 97d7f3d3e0e719db42c4f413531e4e417fadf0c1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/97d7f3d3e0e7
-------------------------------
Fix additional warnings from checkpatch.pl --strict.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/mgmt/share_config.c | 2 +-
fs/cifsd/mgmt/share_config.h | 6 +++---
fs/cifsd/mgmt/tree_connect.c | 2 +-
fs/cifsd/mgmt/user_session.h | 4 +---
4 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index 910d03516b73..bcc4ae4381b9 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -157,7 +157,7 @@ static struct ksmbd_share_config *share_config_request(char *name)
ret = kern_path(share->path, 0, &share->vfs_path);
if (ret) {
ksmbd_debug(SMB, "failed to access '%s'\n",
- share->path);
+ share->path);
/* Avoid put_path() */
kfree(share->path);
share->path = NULL;
diff --git a/fs/cifsd/mgmt/share_config.h b/fs/cifsd/mgmt/share_config.h
index 49ca89667991..953befc94e84 100644
--- a/fs/cifsd/mgmt/share_config.h
+++ b/fs/cifsd/mgmt/share_config.h
@@ -34,7 +34,7 @@ struct ksmbd_share_config {
#define KSMBD_SHARE_INVALID_GID ((__u16)-1)
static inline int share_config_create_mode(struct ksmbd_share_config *share,
- umode_t posix_mode)
+ umode_t posix_mode)
{
if (!share->force_create_mode) {
if (!posix_mode)
@@ -46,7 +46,7 @@ static inline int share_config_create_mode(struct ksmbd_share_config *share,
}
static inline int share_config_directory_mode(struct ksmbd_share_config *share,
- umode_t posix_mode)
+ umode_t posix_mode)
{
if (!share->force_directory_mode) {
if (!posix_mode)
@@ -64,7 +64,7 @@ static inline int test_share_config_flag(struct ksmbd_share_config *share,
return share->flags & flag;
}
-extern void __ksmbd_share_config_put(struct ksmbd_share_config *share);
+void __ksmbd_share_config_put(struct ksmbd_share_config *share);
static inline void ksmbd_share_config_put(struct ksmbd_share_config *share)
{
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/cifsd/mgmt/tree_connect.c
index b9cd8fc46e5e..029a9e81e844 100644
--- a/fs/cifsd/mgmt/tree_connect.c
+++ b/fs/cifsd/mgmt/tree_connect.c
@@ -62,7 +62,7 @@ ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
status.tree_conn = tree_conn;
ret = xa_err(xa_store(&sess->tree_conns, tree_conn->id, tree_conn,
- GFP_KERNEL));
+ GFP_KERNEL));
if (ret) {
status.ret = -ENOMEM;
goto out_error;
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
index 1709563d718b..761bf4776cf1 100644
--- a/fs/cifsd/mgmt/user_session.h
+++ b/fs/cifsd/mgmt/user_session.h
@@ -12,7 +12,7 @@
#include "../smb_common.h"
#include "../ntlmssp.h"
-#define CIFDS_SESSION_FLAG_SMB2 (1 << 1)
+#define CIFDS_SESSION_FLAG_SMB2 BIT(1)
#define PREAUTH_HASHVALUE_SIZE 64
@@ -54,8 +54,6 @@ struct ksmbd_session {
struct ida tree_conn_ida;
struct list_head rpc_handle_list;
-
-
__u8 smb3encryptionkey[SMB3_ENC_DEC_KEY_SIZE];
__u8 smb3decryptionkey[SMB3_ENC_DEC_KEY_SIZE];
__u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
From patchwork Mon Nov 14 12:50:15 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183203
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:02 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:02 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:01 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 106/308] cifsd: fix list_add double add BUG_ON
trap in setup_async_work()
Date: Mon, 14 Nov 2022 20:50:15 +0800
Message-ID: <20221114125337.1831594-107-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
da7b2b30-6622-4110-452d-08dac63c5f09
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6879579
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 6c4e675ad3594526d6604a7d30f1defdd08a42e4
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6c4e675ad359
-------------------------------
BUG_ON trap is coming when running xfstests generic/591 and
smb2 leases = yes in smb.conf.
[ 597.224978] list_add double add: new=ffff9110d292bb20,
prev=ffff9110d292bb20, next=ffff9110d6c389e8.
[ 597.225073] ------------[ cut here ]------------
[ 597.225077] kernel BUG at lib/list_debug.c:31!
[ 597.225090] invalid opcode: 0000 [#1] SMP PTI
[ 597.225095] CPU: 2 PID: 501 Comm: kworker/2:3 Tainted: G OE
5.13.0-rc1+ #2
[ 597.225099] Hardware name: SAMSUNG ELECTRONICS CO., LTD. Samsung
DeskTop System/SAMSUNG_DT1234567890, BIOS P04KBM.022.121023.SK
10/23/2012
[ 597.225102] Workqueue: ksmbd-io handle_ksmbd_work [ksmbd]
[ 597.225125] RIP: 0010:__list_add_valid+0x66/0x70
[ 597.225132] Code: 0b 48 89 c1 4c 89 c6 48 c7 c7 c8 08 c0 95 e8 fd 54
66 00 0f 0b 48 89 f2 4c 89 c1 48 89 fe 48 c7 c7 20 09 c0 95 e8 e6 54 66
00 <0f> 0b 0f 1f 84 00 00 00 00 00 55 48 8b 07 48 b9 00 01 00 00 00 00
[ 597.225136] RSP: 0018:ffffb9c9408dbac0 EFLAGS: 00010282
[ 597.225139] RAX: 0000000000000058 RBX: ffff9110d292ba40 RCX:
0000000000000000
[ 597.225142] RDX: 0000000000000000 RSI: ffff9111da328c30 RDI:
ffff9111da328c30
[ 597.225144] RBP: ffffb9c9408dbac0 R08: 0000000000000001 R09:
0000000000000001
[ 597.225147] R10: 0000000003dd35ed R11: ffffb9c9408db888 R12:
ffff9110d6c38998
[ 597.225149] R13: ffff9110d6c38800 R14: ffff9110d292bb20 R15:
ffff9110d292bb20
[ 597.225152] FS: 0000000000000000(0000) GS:ffff9111da300000(0000)
knlGS:0000000000000000
[ 597.225155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 597.225157] CR2: 00007fd1629f84d0 CR3: 00000000c9a12006 CR4:
00000000001706e0
[ 597.225160] Call Trace:
[ 597.225163] setup_async_work+0xa2/0x120 [ksmbd]
[ 597.225191] oplock_break+0x396/0x5d0 [ksmbd]
[ 597.225206] smb_grant_oplock+0x7a1/0x900 [ksmbd]
[ 597.225218] ? smb_grant_oplock+0x7a1/0x900 [ksmbd]
[ 597.225231] smb2_open+0xbbb/0x2960 [ksmbd]
[ 597.225243] ? smb2_open+0xbbb/0x2960 [ksmbd]
[ 597.225257] ? find_held_lock+0x35/0xa0
[ 597.225261] ? xa_load+0xaf/0x160
[ 597.225268] handle_ksmbd_work+0x2e0/0x420 [ksmbd]
[ 597.225280] ? handle_ksmbd_work+0x2e0/0x420 [ksmbd]
[ 597.225292] process_one_work+0x25a/0x5d0
[ 597.225298] worker_thread+0x3f/0x3a0
[ 597.225302] ? __kthread_parkme+0x6f/0xa0
[ 597.225306] ? process_one_work+0x5d0/0x5d0
[ 597.225309] kthread+0x142/0x160
[ 597.225313] ? kthread_park+0x90/0x90
[ 597.225316] ret_from_fork+0x22/0x30
same work struct can be add to list in smb_break_all_write_oplock() and
smb_grant_oplock(). If client send invalid lease break ack to server,
This issue can occur by calling both functions.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 3e112fbdc2d9..5b92e00881bb 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -690,9 +690,11 @@ int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
work->cancel_fn = fn;
work->cancel_argv = arg;
- spin_lock(&conn->request_lock);
- list_add_tail(&work->async_request_entry, &conn->async_requests);
- spin_unlock(&conn->request_lock);
+ if (list_empty(&work->async_request_entry)) {
+ spin_lock(&conn->request_lock);
+ list_add_tail(&work->async_request_entry, &conn->async_requests);
+ spin_unlock(&conn->request_lock);
+ }
return 0;
}
From patchwork Mon Nov 14 12:50:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183204
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:02 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:02 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:02 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 107/308] cifsd: set epoch in smb2_lease_break
response
Date: Mon, 14 Nov 2022 20:50:16 +0800
Message-ID: <20221114125337.1831594-108-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ad7ab8b8-3800-4d93-d5dc-08dac63c5f51
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7001781
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit ade62d8b429fe49325593785316bdee3cabaec44
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ade62d8b429f
-------------------------------
When running generic/591 after smb2 leases is enable, all smb2 lease ack
requests failed in ksmbd. because cifs client seems to support only smb2
v2 lease. So cifs doesn't update lease state in ack request if epoch is
not set in smb2 lease break request from ksmbd. epoch is used for smb2
v2 leases. So this patch add smb2 create v2 lease context and set
increased epoch in smb2 lease break response.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/oplock.c | 95 +++++++++++++++++++++++++++++++++-------------
fs/cifsd/oplock.h | 15 +++++---
fs/cifsd/smb2ops.c | 6 +--
fs/cifsd/smb2pdu.h | 21 +++++++++-
4 files changed, 102 insertions(+), 35 deletions(-)
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index f76de7861e7b..5868cdca7187 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -102,6 +102,9 @@ static int alloc_lease(struct oplock_info *opinfo, struct lease_ctx_info *lctx)
lease->new_state = 0;
lease->flags = lctx->flags;
lease->duration = lctx->duration;
+ memcpy(lease->parent_lease_key, lctx->parent_lease_key, SMB2_LEASE_KEY_SIZE);
+ lease->version = lctx->version;
+ lease->epoch = 0;
INIT_LIST_HEAD(&opinfo->lease_entry);
opinfo->o_lease = lease;
@@ -750,7 +753,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
rsp = work->response_buf;
rsp->StructureSize = cpu_to_le16(44);
- rsp->Reserved = 0;
+ rsp->Epoch = br_info->epoch;
rsp->Flags = 0;
if (br_info->curr_state & (SMB2_LEASE_WRITE_CACHING_LE |
@@ -798,6 +801,10 @@ static int smb2_lease_break_noti(struct oplock_info *opinfo)
br_info->curr_state = lease->state;
br_info->new_state = lease->new_state;
+ if (lease->version == 2)
+ br_info->epoch = cpu_to_le16(++lease->epoch);
+ else
+ br_info->epoch = 0;
memcpy(br_info->lease_key, lease->lease_key, SMB2_LEASE_KEY_SIZE);
work->request_buf = (char *)br_info;
@@ -1084,11 +1091,8 @@ int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
__le32 prev_op_state = 0;
/* not support directory lease */
- if (S_ISDIR(file_inode(fp->filp)->i_mode)) {
- if (lctx)
- lctx->dlease = 1;
+ if (S_ISDIR(file_inode(fp->filp)->i_mode))
return 0;
- }
opinfo = alloc_opinfo(work, pid, tid);
if (!opinfo)
@@ -1328,24 +1332,48 @@ __u8 smb2_map_lease_to_oplock(__le32 lease_state)
*/
void create_lease_buf(u8 *rbuf, struct lease *lease)
{
- struct create_lease *buf = (struct create_lease *)rbuf;
char *LeaseKey = (char *)&lease->lease_key;
- memset(buf, 0, sizeof(struct create_lease));
- buf->lcontext.LeaseKeyLow = *((__le64 *)LeaseKey);
- buf->lcontext.LeaseKeyHigh = *((__le64 *)(LeaseKey + 8));
- buf->lcontext.LeaseFlags = lease->flags;
- buf->lcontext.LeaseState = lease->state;
- buf->ccontext.DataOffset = cpu_to_le16(offsetof
- (struct create_lease, lcontext));
- buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context));
- buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ if (lease->version == 2) {
+ struct create_lease_v2 *buf = (struct create_lease_v2 *)rbuf;
+ char *ParentLeaseKey = (char *)&lease->parent_lease_key;
+
+ memset(buf, 0, sizeof(struct create_lease_v2));
+ buf->lcontext.LeaseKeyLow = *((__le64 *)LeaseKey);
+ buf->lcontext.LeaseKeyHigh = *((__le64 *)(LeaseKey + 8));
+ buf->lcontext.LeaseFlags = lease->flags;
+ buf->lcontext.LeaseState = lease->state;
+ buf->lcontext.ParentLeaseKeyLow = *((__le64 *)ParentLeaseKey);
+ buf->lcontext.ParentLeaseKeyHigh = *((__le64 *)(ParentLeaseKey + 8));
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_lease_v2, lcontext));
+ buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context_v2));
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
+ (struct create_lease_v2, Name));
+ buf->ccontext.NameLength = cpu_to_le16(4);
+ buf->Name[0] = 'R';
+ buf->Name[1] = 'q';
+ buf->Name[2] = 'L';
+ buf->Name[3] = 's';
+ } else {
+ struct create_lease *buf = (struct create_lease *)rbuf;
+
+ memset(buf, 0, sizeof(struct create_lease));
+ buf->lcontext.LeaseKeyLow = *((__le64 *)LeaseKey);
+ buf->lcontext.LeaseKeyHigh = *((__le64 *)(LeaseKey + 8));
+ buf->lcontext.LeaseFlags = lease->flags;
+ buf->lcontext.LeaseState = lease->state;
+ buf->ccontext.DataOffset = cpu_to_le16(offsetof
+ (struct create_lease, lcontext));
+ buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context));
+ buf->ccontext.NameOffset = cpu_to_le16(offsetof
(struct create_lease, Name));
- buf->ccontext.NameLength = cpu_to_le16(4);
- buf->Name[0] = 'R';
- buf->Name[1] = 'q';
- buf->Name[2] = 'L';
- buf->Name[3] = 's';
+ buf->ccontext.NameLength = cpu_to_le16(4);
+ buf->Name[0] = 'R';
+ buf->Name[1] = 'q';
+ buf->Name[2] = 'L';
+ buf->Name[3] = 's';
+ }
}
/**
@@ -1382,12 +1410,27 @@ struct lease_ctx_info *parse_lease_state(void *open_req)
} while (next != 0);
if (found) {
- struct create_lease *lc = (struct create_lease *)cc;
- *((__le64 *)lreq->lease_key) = lc->lcontext.LeaseKeyLow;
- *((__le64 *)(lreq->lease_key + 8)) = lc->lcontext.LeaseKeyHigh;
- lreq->req_state = lc->lcontext.LeaseState;
- lreq->flags = lc->lcontext.LeaseFlags;
- lreq->duration = lc->lcontext.LeaseDuration;
+ if (sizeof(struct lease_context_v2) == le32_to_cpu(cc->DataLength)) {
+ struct create_lease_v2 *lc = (struct create_lease_v2 *)cc;
+
+ *((__le64 *)lreq->lease_key) = lc->lcontext.LeaseKeyLow;
+ *((__le64 *)(lreq->lease_key + 8)) = lc->lcontext.LeaseKeyHigh;
+ lreq->req_state = lc->lcontext.LeaseState;
+ lreq->flags = lc->lcontext.LeaseFlags;
+ lreq->duration = lc->lcontext.LeaseDuration;
+ *((__le64 *)lreq->parent_lease_key) = lc->lcontext.ParentLeaseKeyLow;
+ *((__le64 *)(lreq->parent_lease_key + 8)) = lc->lcontext.ParentLeaseKeyHigh;
+ lreq->version = 2;
+ } else {
+ struct create_lease *lc = (struct create_lease *)cc;
+
+ *((__le64 *)lreq->lease_key) = lc->lcontext.LeaseKeyLow;
+ *((__le64 *)(lreq->lease_key + 8)) = lc->lcontext.LeaseKeyHigh;
+ lreq->req_state = lc->lcontext.LeaseState;
+ lreq->flags = lc->lcontext.LeaseFlags;
+ lreq->duration = lc->lcontext.LeaseDuration;
+ lreq->version = 1;
+ }
return lreq;
}
diff --git a/fs/cifsd/oplock.h b/fs/cifsd/oplock.h
index 0abd26123f6d..9fb7ea74e86c 100644
--- a/fs/cifsd/oplock.h
+++ b/fs/cifsd/oplock.h
@@ -37,11 +37,12 @@
#define SMB2_LEASE_KEY_SIZE 16
struct lease_ctx_info {
- __u8 lease_key[SMB2_LEASE_KEY_SIZE];
- __le32 req_state;
- __le32 flags;
- __le64 duration;
- int dlease;
+ __u8 lease_key[SMB2_LEASE_KEY_SIZE];
+ __le32 req_state;
+ __le32 flags;
+ __le64 duration;
+ __u8 parent_lease_key[SMB2_LEASE_KEY_SIZE];
+ int version;
};
struct lease_table {
@@ -57,6 +58,9 @@ struct lease {
__le32 new_state;
__le32 flags;
__le64 duration;
+ __u8 parent_lease_key[SMB2_LEASE_KEY_SIZE];
+ int version;
+ unsigned short epoch;
struct lease_table *l_lb;
};
@@ -86,6 +90,7 @@ struct oplock_info {
struct lease_break_info {
__le32 curr_state;
__le32 new_state;
+ __le16 epoch;
char lease_key[SMB2_LEASE_KEY_SIZE];
};
diff --git a/fs/cifsd/smb2ops.c b/fs/cifsd/smb2ops.c
index c47d60bce9d4..8999c3faf4fc 100644
--- a/fs/cifsd/smb2ops.c
+++ b/fs/cifsd/smb2ops.c
@@ -57,7 +57,7 @@ static struct smb_version_values smb30_server_values = {
.cap_unix = 0,
.cap_nt_find = SMB2_NT_FIND,
.cap_large_files = SMB2_LARGE_FILES,
- .create_lease_size = sizeof(struct create_lease),
+ .create_lease_size = sizeof(struct create_lease_v2),
.create_durable_size = sizeof(struct create_durable_rsp),
.create_durable_v2_size = sizeof(struct create_durable_v2_rsp),
.create_mxac_size = sizeof(struct create_mxac_rsp),
@@ -83,7 +83,7 @@ static struct smb_version_values smb302_server_values = {
.cap_unix = 0,
.cap_nt_find = SMB2_NT_FIND,
.cap_large_files = SMB2_LARGE_FILES,
- .create_lease_size = sizeof(struct create_lease),
+ .create_lease_size = sizeof(struct create_lease_v2),
.create_durable_size = sizeof(struct create_durable_rsp),
.create_durable_v2_size = sizeof(struct create_durable_v2_rsp),
.create_mxac_size = sizeof(struct create_mxac_rsp),
@@ -109,7 +109,7 @@ static struct smb_version_values smb311_server_values = {
.cap_unix = 0,
.cap_nt_find = SMB2_NT_FIND,
.cap_large_files = SMB2_LARGE_FILES,
- .create_lease_size = sizeof(struct create_lease),
+ .create_lease_size = sizeof(struct create_lease_v2),
.create_durable_size = sizeof(struct create_durable_rsp),
.create_durable_v2_size = sizeof(struct create_durable_v2_rsp),
.create_mxac_size = sizeof(struct create_mxac_rsp),
diff --git a/fs/cifsd/smb2pdu.h b/fs/cifsd/smb2pdu.h
index b3d3365d7070..0d5349e75dd9 100644
--- a/fs/cifsd/smb2pdu.h
+++ b/fs/cifsd/smb2pdu.h
@@ -735,12 +735,31 @@ struct lease_context {
__le64 LeaseDuration;
} __packed;
+struct lease_context_v2 {
+ __le64 LeaseKeyLow;
+ __le64 LeaseKeyHigh;
+ __le32 LeaseState;
+ __le32 LeaseFlags;
+ __le64 LeaseDuration;
+ __le64 ParentLeaseKeyLow;
+ __le64 ParentLeaseKeyHigh;
+ __le16 Epoch;
+ __le16 Reserved;
+} __packed;
+
struct create_lease {
struct create_context ccontext;
__u8 Name[8];
struct lease_context lcontext;
} __packed;
+struct create_lease_v2 {
+ struct create_context ccontext;
+ __u8 Name[8];
+ struct lease_context_v2 lcontext;
+ __u8 Pad[4];
+} __packed;
+
/* Currently defined values for close flags */
#define SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB cpu_to_le16(0x0001)
struct smb2_close_req {
@@ -1249,7 +1268,7 @@ struct smb2_oplock_break {
struct smb2_lease_break {
struct smb2_hdr hdr;
__le16 StructureSize; /* Must be 44 */
- __le16 Reserved;
+ __le16 Epoch;
__le32 Flags;
__u8 LeaseKey[16];
__le32 CurrentLeaseState;
From patchwork Mon Nov 14 12:50:17 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183205
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:03 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:03 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:02 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 108/308] cifsd: remove duplicated argument
Date: Mon, 14 Nov 2022 20:50:17 +0800
Message-ID: <20221114125337.1831594-109-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
b1f515fc-c5c2-4059-b421-08dac63c5f9a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6922287
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Wan Jiabing <wanjiabing(a)vivo.com>
mainline inclusion
from mainline-5.15-rc1
commit 3aefd54da5ec6e7ec1f1e682007f5819c99d8588
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/3aefd54da5ec
-------------------------------
Fix the following coccicheck warning:
./fs/cifsd/smb2pdu.c:1713:27-41: duplicated argument to & or |
FILE_DELETE_LE is duplicated. Remove one and reorder argument to
make coding style reasonable.
Signed-off-by: Wan Jiabing <wanjiabing(a)vivo.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 5b92e00881bb..ac15a9287310 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -1712,10 +1712,10 @@ int smb2_tree_connect(struct ksmbd_work *work)
KSMBD_TREE_CONN_FLAG_WRITABLE)) {
rsp->MaximalAccess |= FILE_WRITE_DATA_LE |
FILE_APPEND_DATA_LE | FILE_WRITE_EA_LE |
- FILE_DELETE_CHILD_LE | FILE_DELETE_LE |
- FILE_WRITE_ATTRIBUTES_LE | FILE_DELETE_LE |
- FILE_READ_CONTROL_LE | FILE_WRITE_DAC_LE |
- FILE_WRITE_OWNER_LE | FILE_SYNCHRONIZE_LE;
+ FILE_DELETE_LE | FILE_WRITE_ATTRIBUTES_LE |
+ FILE_DELETE_CHILD_LE | FILE_READ_CONTROL_LE |
+ FILE_WRITE_DAC_LE | FILE_WRITE_OWNER_LE |
+ FILE_SYNCHRONIZE_LE;
}
}
From patchwork Mon Nov 14 12:50:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183206
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:03 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:03 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:03 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 109/308] cifsd: append ksmbd prefix into names for
asn1 decoder
Date: Mon, 14 Nov 2022 20:50:18 +0800
Message-ID: <20221114125337.1831594-110-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
fe9a06e0-f525-48e3-2a7b-08dac63c5fe4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7173989
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 99f45259fe121a10881f486e075019260f403b6a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/99f45259fe12
-------------------------------
Because functions and variables generated from
ASN1 compiler aren't static, append ksmbd prefix
into thoses to avoid link errors.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 27 ++++++------
fs/cifsd/ksmbd_spnego_negtokeninit.asn1 | 31 +++++++++++++
...rg.asn1 => ksmbd_spnego_negtokentarg.asn1} | 2 +-
fs/cifsd/spnego_negtokeninit.asn1 | 43 -------------------
4 files changed, 47 insertions(+), 56 deletions(-)
create mode 100644 fs/cifsd/ksmbd_spnego_negtokeninit.asn1
rename fs/cifsd/{spnego_negtokentarg.asn1 => ksmbd_spnego_negtokentarg.asn1} (80%)
delete mode 100644 fs/cifsd/spnego_negtokeninit.asn1
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index 1be3072fee1a..2c63a3e5618b 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -18,8 +18,8 @@
#include "asn1.h"
#include "connection.h"
#include "auth.h"
-#include "spnego_negtokeninit.asn1.h"
-#include "spnego_negtokentarg.asn1.h"
+#include "ksmbd_spnego_negtokeninit.asn1.h"
+#include "ksmbd_spnego_negtokentarg.asn1.h"
#define SPNEGO_OID_LEN 7
#define NTLMSSP_OID_LEN 10
@@ -119,7 +119,7 @@ int
ksmbd_decode_negTokenInit(unsigned char *security_blob, int length,
struct ksmbd_conn *conn)
{
- return asn1_ber_decoder(&spnego_negtokeninit_decoder, conn,
+ return asn1_ber_decoder(&ksmbd_spnego_negtokeninit_decoder, conn,
security_blob, length);
}
@@ -127,7 +127,7 @@ int
ksmbd_decode_negTokenTarg(unsigned char *security_blob, int length,
struct ksmbd_conn *conn)
{
- return asn1_ber_decoder(&spnego_negtokentarg_decoder, conn,
+ return asn1_ber_decoder(&ksmbd_spnego_negtokentarg_decoder, conn,
security_blob, length);
}
@@ -248,8 +248,8 @@ int build_spnego_ntlmssp_auth_blob(unsigned char **pbuffer, u16 *buflen,
return 0;
}
-int gssapi_this_mech(void *context, size_t hdrlen, unsigned char tag,
- const void *value, size_t vlen)
+int ksmbd_gssapi_this_mech(void *context, size_t hdrlen, unsigned char tag,
+ const void *value, size_t vlen)
{
unsigned long *oid;
size_t oidlen;
@@ -273,8 +273,9 @@ int gssapi_this_mech(void *context, size_t hdrlen, unsigned char tag,
return err;
}
-int neg_token_init_mech_type(void *context, size_t hdrlen, unsigned char tag,
- const void *value, size_t vlen)
+int ksmbd_neg_token_init_mech_type(void *context, size_t hdrlen,
+ unsigned char tag, const void *value,
+ size_t vlen)
{
struct ksmbd_conn *conn = context;
unsigned long *oid;
@@ -310,8 +311,9 @@ int neg_token_init_mech_type(void *context, size_t hdrlen, unsigned char tag,
return -EBADMSG;
}
-int neg_token_init_mech_token(void *context, size_t hdrlen, unsigned char tag,
- const void *value, size_t vlen)
+int ksmbd_neg_token_init_mech_token(void *context, size_t hdrlen,
+ unsigned char tag, const void *value,
+ size_t vlen)
{
struct ksmbd_conn *conn = context;
@@ -324,8 +326,9 @@ int neg_token_init_mech_token(void *context, size_t hdrlen, unsigned char tag,
return 0;
}
-int neg_token_targ_resp_token(void *context, size_t hdrlen, unsigned char tag,
- const void *value, size_t vlen)
+int ksmbd_neg_token_targ_resp_token(void *context, size_t hdrlen,
+ unsigned char tag, const void *value,
+ size_t vlen)
{
struct ksmbd_conn *conn = context;
diff --git a/fs/cifsd/ksmbd_spnego_negtokeninit.asn1 b/fs/cifsd/ksmbd_spnego_negtokeninit.asn1
new file mode 100644
index 000000000000..0065f191b54b
--- /dev/null
+++ b/fs/cifsd/ksmbd_spnego_negtokeninit.asn1
@@ -0,0 +1,31 @@
+GSSAPI ::=
+ [APPLICATION 0] IMPLICIT SEQUENCE {
+ thisMech
+ OBJECT IDENTIFIER ({ksmbd_gssapi_this_mech}),
+ negotiationToken
+ NegotiationToken
+ }
+
+MechType ::= OBJECT IDENTIFIER ({ksmbd_neg_token_init_mech_type})
+
+MechTypeList ::= SEQUENCE OF MechType
+
+NegTokenInit ::=
+ SEQUENCE {
+ mechTypes
+ [0] MechTypeList,
+ reqFlags
+ [1] BIT STRING OPTIONAL,
+ mechToken
+ [2] OCTET STRING OPTIONAL ({ksmbd_neg_token_init_mech_token}),
+ mechListMIC
+ [3] OCTET STRING OPTIONAL
+ }
+
+NegotiationToken ::=
+ CHOICE {
+ negTokenInit
+ [0] NegTokenInit,
+ negTokenTarg
+ [1] ANY
+ }
diff --git a/fs/cifsd/spnego_negtokentarg.asn1 b/fs/cifsd/ksmbd_spnego_negtokentarg.asn1
similarity index 80%
rename from fs/cifsd/spnego_negtokentarg.asn1
rename to fs/cifsd/ksmbd_spnego_negtokentarg.asn1
index 8324bcd1bbd7..1151933e7b9c 100644
--- a/fs/cifsd/spnego_negtokentarg.asn1
+++ b/fs/cifsd/ksmbd_spnego_negtokentarg.asn1
@@ -13,7 +13,7 @@ NegTokenTarg ::=
supportedMech
[1] OBJECT IDENTIFIER OPTIONAL,
responseToken
- [2] OCTET STRING OPTIONAL ({neg_token_targ_resp_token}),
+ [2] OCTET STRING OPTIONAL ({ksmbd_neg_token_targ_resp_token}),
mechListMIC
[3] OCTET STRING OPTIONAL
}
diff --git a/fs/cifsd/spnego_negtokeninit.asn1 b/fs/cifsd/spnego_negtokeninit.asn1
deleted file mode 100644
index 1b153cb6a39e..000000000000
--- a/fs/cifsd/spnego_negtokeninit.asn1
+++ /dev/null
@@ -1,43 +0,0 @@
-GSSAPI ::=
- [APPLICATION 0] IMPLICIT SEQUENCE {
- thisMech
- OBJECT IDENTIFIER ({gssapi_this_mech}),
- negotiationToken
- NegotiationToken
- }
-
-MechType ::= OBJECT IDENTIFIER ({neg_token_init_mech_type})
-
-MechTypeList ::= SEQUENCE OF MechType
-
-NegTokenInit ::=
- SEQUENCE {
- mechTypes
- [0] MechTypeList,
- reqFlags
- [1] BIT STRING OPTIONAL,
- mechToken
- [2] OCTET STRING OPTIONAL ({neg_token_init_mech_token}),
- mechListMIC
- [3] OCTET STRING OPTIONAL
- }
-
-NegTokenTarg ::=
- SEQUENCE {
- negResult
- [0] ENUMERATED OPTIONAL,
- supportedMech
- [1] OBJECT IDENTIFIER OPTIONAL,
- responseToken
- [2] OCTET STRING OPTIONAL ({neg_token_targ_resp_token}),
- mechListMIC
- [3] OCTET STRING OPTIONAL
- }
-
-NegotiationToken ::=
- CHOICE {
- negTokenInit
- [0] NegTokenInit,
- negTokenTarg
- [1] ANY
- }
From patchwork Mon Nov 14 12:50:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183207
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:04 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:04 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:03 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 110/308] ksmbd: fix kfree of uninitialized pointer
oid
Date: Mon, 14 Nov 2022 20:50:19 +0800
Message-ID: <20221114125337.1831594-111-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ed5f9bb2-8ae9-4e99-a1d5-08dac63c602d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6907132
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Colin Ian King <colin.king(a)canonical.com>
mainline inclusion
from mainline-5.15-rc1
commit 5fb68864674faa3e0a4fc767c4a87f51ece218c6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5fb68864674f
-------------------------------
Currently function ksmbd_neg_token_init_mech_type can kfree an
uninitialized pointer oid when the call to asn1_oid_decode fails when
vlen is out of range. All the other failure cases in function
asn1_oid_decode set *oid to NULL on an error, so fix the issue by
ensuring the vlen out of range error also nullifies the pointer.
Addresses-Coverity: ("Uninitialized pointer read")
Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/asn1.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/cifsd/asn1.c b/fs/cifsd/asn1.c
index 2c63a3e5618b..b014f4638610 100644
--- a/fs/cifsd/asn1.c
+++ b/fs/cifsd/asn1.c
@@ -66,7 +66,7 @@ static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
vlen += 1;
if (vlen < 2 || vlen > UINT_MAX / sizeof(unsigned long))
- return false;
+ goto fail_nullify;
*oid = kmalloc(vlen * sizeof(unsigned long), GFP_KERNEL);
if (!*oid)
@@ -102,6 +102,7 @@ static bool asn1_oid_decode(const unsigned char *value, size_t vlen,
fail:
kfree(*oid);
+fail_nullify:
*oid = NULL;
return false;
}
From patchwork Mon Nov 14 12:50:20 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183208
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:04 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:04 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:04 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 111/308] ksmbd: add support for SMB3 multichannel
Date: Mon, 14 Nov 2022 20:50:20 +0800
Message-ID: <20221114125337.1831594-112-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7662d1f4-6c6a-465a-7f0d-08dac63c6076
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7189979
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit f5a544e3bab78142207e0242d22442db85ba1eff
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f5a544e3bab7
-------------------------------
Add support for SMB3 multichannel. It will be enable by setting
'server multi channel support = yes' in smb.conf.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 30 +++++--
fs/cifsd/auth.h | 6 +-
fs/cifsd/connection.h | 1 +
fs/cifsd/ksmbd_server.h | 1 +
fs/cifsd/mgmt/user_session.c | 49 ++++++++++-
fs/cifsd/mgmt/user_session.h | 11 ++-
fs/cifsd/smb2ops.c | 9 ++
fs/cifsd/smb2pdu.c | 165 ++++++++++++++++++++++++++---------
fs/cifsd/smb2pdu.h | 3 +-
fs/cifsd/smb_common.h | 2 +-
10 files changed, 220 insertions(+), 57 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 5f47de49c05d..1ba03a7c3201 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -921,13 +921,14 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
}
static int generate_smb3signingkey(struct ksmbd_session *sess,
+ struct ksmbd_conn *conn,
const struct derivation *signing)
{
int rc;
struct channel *chann;
char *key;
- chann = lookup_chann_list(sess);
+ chann = lookup_chann_list(sess, conn);
if (!chann)
return 0;
@@ -953,7 +954,8 @@ static int generate_smb3signingkey(struct ksmbd_session *sess,
return 0;
}
-int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess)
+int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess,
+ struct ksmbd_conn *conn)
{
struct derivation d;
@@ -961,22 +963,32 @@ int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess)
d.label.iov_len = 12;
d.context.iov_base = "SmbSign";
d.context.iov_len = 8;
- d.binding = false;
+ d.binding = conn->binding;
- return generate_smb3signingkey(sess, &d);
+ return generate_smb3signingkey(sess, conn, &d);
}
-int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess)
+int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess,
+ struct ksmbd_conn *conn)
{
struct derivation d;
d.label.iov_base = "SMBSigningKey";
d.label.iov_len = 14;
- d.context.iov_base = sess->Preauth_HashValue;
+ if (conn->binding) {
+ struct preauth_session *preauth_sess;
+
+ preauth_sess = ksmbd_preauth_session_lookup(conn, sess->id);
+ if (!preauth_sess)
+ return -ENOENT;
+ d.context.iov_base = preauth_sess->Preauth_HashValue;
+ } else {
+ d.context.iov_base = sess->Preauth_HashValue;
+ }
d.context.iov_len = 64;
- d.binding = false;
+ d.binding = conn->binding;
- return generate_smb3signingkey(sess, &d);
+ return generate_smb3signingkey(sess, conn, &d);
}
struct derivation_twin {
@@ -1148,7 +1160,7 @@ static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,
struct ksmbd_session *sess;
u8 *ses_enc_key;
- sess = ksmbd_session_lookup(conn, ses_id);
+ sess = ksmbd_session_lookup_all(conn, ses_id);
if (!sess)
return -EINVAL;
diff --git a/fs/cifsd/auth.h b/fs/cifsd/auth.h
index 650bd7dd6750..9c2d4badd05d 100644
--- a/fs/cifsd/auth.h
+++ b/fs/cifsd/auth.h
@@ -54,8 +54,10 @@ int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
int n_vec, char *sig);
int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
int n_vec, char *sig);
-int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess);
-int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess);
+int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess,
+ struct ksmbd_conn *conn);
+int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess,
+ struct ksmbd_conn *conn);
int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess);
int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess);
int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
diff --git a/fs/cifsd/connection.h b/fs/cifsd/connection.h
index 1658442b27b0..98108b41f739 100644
--- a/fs/cifsd/connection.h
+++ b/fs/cifsd/connection.h
@@ -106,6 +106,7 @@ struct ksmbd_conn {
__le16 cipher_type;
__le16 compress_algorithm;
bool posix_ext_supported;
+ bool binding;
};
struct ksmbd_conn_ops {
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
index 442077a1e77b..5ae3fe91bfb4 100644
--- a/fs/cifsd/ksmbd_server.h
+++ b/fs/cifsd/ksmbd_server.h
@@ -33,6 +33,7 @@ struct ksmbd_heartbeat {
#define KSMBD_GLOBAL_FLAG_CACHE_TBUF BIT(1)
#define KSMBD_GLOBAL_FLAG_CACHE_RBUF BIT(2)
#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(3)
+#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(4)
struct ksmbd_startup_request {
__u32 flags;
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index 739588a6c96a..c3487b1a004c 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -207,7 +207,8 @@ void ksmbd_sessions_deregister(struct ksmbd_conn *conn)
}
}
-bool ksmbd_session_id_match(struct ksmbd_session *sess, unsigned long long id)
+static bool ksmbd_session_id_match(struct ksmbd_session *sess,
+ unsigned long long id)
{
return sess->id == id;
}
@@ -250,6 +251,52 @@ struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id)
return sess;
}
+struct ksmbd_session *ksmbd_session_lookup_all(struct ksmbd_conn *conn,
+ unsigned long long id)
+{
+ struct ksmbd_session *sess;
+
+ sess = ksmbd_session_lookup(conn, id);
+ if (!sess && conn->binding)
+ sess = ksmbd_session_lookup_slowpath(id);
+ return sess;
+}
+
+struct preauth_session *ksmbd_preauth_session_alloc(struct ksmbd_conn *conn,
+ u64 sess_id)
+{
+ struct preauth_session *sess;
+
+ sess = kmalloc(sizeof(struct preauth_session), GFP_KERNEL);
+ if (!sess)
+ return NULL;
+
+ sess->id = sess_id;
+ memcpy(sess->Preauth_HashValue, conn->preauth_info->Preauth_HashValue,
+ PREAUTH_HASHVALUE_SIZE);
+ list_add(&sess->preauth_entry, &conn->preauth_sess_table);
+
+ return sess;
+}
+
+static bool ksmbd_preauth_session_id_match(struct preauth_session *sess,
+ unsigned long long id)
+{
+ return sess->id == id;
+}
+
+struct preauth_session *ksmbd_preauth_session_lookup(struct ksmbd_conn *conn,
+ unsigned long long id)
+{
+ struct preauth_session *sess = NULL;
+
+ list_for_each_entry(sess, &conn->preauth_sess_table, preauth_entry) {
+ if (ksmbd_preauth_session_id_match(sess, id))
+ return sess;
+ }
+ return NULL;
+}
+
static int __init_smb2_session(struct ksmbd_session *sess)
{
int id = ksmbd_acquire_smb2_uid(&session_ida);
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/cifsd/mgmt/user_session.h
index 761bf4776cf1..82289c3cbd2b 100644
--- a/fs/cifsd/mgmt/user_session.h
+++ b/fs/cifsd/mgmt/user_session.h
@@ -26,8 +26,8 @@ struct channel {
struct preauth_session {
__u8 Preauth_HashValue[PREAUTH_HASHVALUE_SIZE];
- u64 sess_id;
- struct list_head list_entry;
+ u64 id;
+ struct list_head preauth_entry;
};
struct ksmbd_session {
@@ -82,13 +82,18 @@ struct ksmbd_session *ksmbd_smb2_session_create(void);
void ksmbd_session_destroy(struct ksmbd_session *sess);
-bool ksmbd_session_id_match(struct ksmbd_session *sess, unsigned long long id);
struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id);
struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn,
unsigned long long id);
void ksmbd_session_register(struct ksmbd_conn *conn,
struct ksmbd_session *sess);
void ksmbd_sessions_deregister(struct ksmbd_conn *conn);
+struct ksmbd_session *ksmbd_session_lookup_all(struct ksmbd_conn *conn,
+ unsigned long long id);
+struct preauth_session *ksmbd_preauth_session_alloc(struct ksmbd_conn *conn,
+ u64 sess_id);
+struct preauth_session *ksmbd_preauth_session_lookup(struct ksmbd_conn *conn,
+ unsigned long long id);
int ksmbd_acquire_tree_conn_id(struct ksmbd_session *sess);
void ksmbd_release_tree_conn_id(struct ksmbd_session *sess, int id);
diff --git a/fs/cifsd/smb2ops.c b/fs/cifsd/smb2ops.c
index 8999c3faf4fc..f7e5f21d4ae2 100644
--- a/fs/cifsd/smb2ops.c
+++ b/fs/cifsd/smb2ops.c
@@ -229,6 +229,9 @@ void init_smb3_0_server(struct ksmbd_conn *conn)
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION &&
conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_MULTI_CHANNEL;
}
/**
@@ -250,6 +253,9 @@ void init_smb3_02_server(struct ksmbd_conn *conn)
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION &&
conn->cli_cap & SMB2_GLOBAL_CAP_ENCRYPTION)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
+
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_MULTI_CHANNEL;
}
/**
@@ -271,6 +277,9 @@ int init_smb3_11_server(struct ksmbd_conn *conn)
if (conn->cipher_type)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
+ if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL)
+ conn->vals->capabilities |= SMB2_GLOBAL_CAP_MULTI_CHANNEL;
+
INIT_LIST_HEAD(&conn->preauth_sess_table);
return 0;
}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index ac15a9287310..12c954dac51a 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -64,21 +64,21 @@ static inline int check_session_id(struct ksmbd_conn *conn, u64 id)
if (id == 0 || id == -1)
return 0;
- sess = ksmbd_session_lookup(conn, id);
+ sess = ksmbd_session_lookup_all(conn, id);
if (sess)
return 1;
ksmbd_err("Invalid user session id: %llu\n", id);
return 0;
}
-struct channel *lookup_chann_list(struct ksmbd_session *sess)
+struct channel *lookup_chann_list(struct ksmbd_session *sess, struct ksmbd_conn *conn)
{
struct channel *chann;
struct list_head *t;
list_for_each(t, &sess->ksmbd_chann_list) {
chann = list_entry(t, struct channel, chann_list);
- if (chann && chann->conn == sess->conn)
+ if (chann && chann->conn == conn)
return chann;
}
@@ -600,7 +600,7 @@ int smb2_check_user_session(struct ksmbd_work *work)
sess_id = le64_to_cpu(req_hdr->SessionId);
/* Check for validity of user session */
- work->sess = ksmbd_session_lookup(conn, sess_id);
+ work->sess = ksmbd_session_lookup_all(conn, sess_id);
if (work->sess)
return 1;
ksmbd_debug(SMB, "Invalid user session, Uid %llu\n", sess_id);
@@ -1165,18 +1165,30 @@ static int generate_preauth_hash(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess = work->sess;
+ u8 *preauth_hash;
if (conn->dialect != SMB311_PROT_ID)
return 0;
- if (!sess->Preauth_HashValue) {
- if (alloc_preauth_hash(sess, conn))
- return -ENOMEM;
+ if (conn->binding) {
+ struct preauth_session *preauth_sess;
+
+ preauth_sess = ksmbd_preauth_session_lookup(conn, sess->id);
+ if (!preauth_sess) {
+ preauth_sess = ksmbd_preauth_session_alloc(conn, sess->id);
+ if (!preauth_sess)
+ return -ENOMEM;
+ }
+
+ preauth_hash = preauth_sess->Preauth_HashValue;
+ } else {
+ if (!sess->Preauth_HashValue)
+ if (alloc_preauth_hash(sess, conn))
+ return -ENOMEM;
+ preauth_hash = sess->Preauth_HashValue;
}
- ksmbd_gen_preauth_integrity_hash(conn,
- work->request_buf,
- sess->Preauth_HashValue);
+ ksmbd_gen_preauth_integrity_hash(conn, work->request_buf, preauth_hash);
return 0;
}
@@ -1383,15 +1395,19 @@ static int ntlm_authenticate(struct ksmbd_work *work)
* that it is reauthentication. And the user/password
* has been verified, so return it here.
*/
- if (sess->state == SMB2_SESSION_VALID)
+ if (sess->state == SMB2_SESSION_VALID) {
+ if (conn->binding)
+ goto binding_session;
return 0;
+ }
if ((conn->sign || server_conf.enforced_signing) ||
(req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
sess->sign = true;
if (conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION &&
- conn->ops->generate_encryptionkey) {
+ conn->ops->generate_encryptionkey &&
+ !(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
rc = conn->ops->generate_encryptionkey(sess);
if (rc) {
ksmbd_debug(SMB,
@@ -1409,8 +1425,9 @@ static int ntlm_authenticate(struct ksmbd_work *work)
}
}
+binding_session:
if (conn->dialect >= SMB30_PROT_ID) {
- chann = lookup_chann_list(sess);
+ chann = lookup_chann_list(sess, conn);
if (!chann) {
chann = kmalloc(sizeof(struct channel), GFP_KERNEL);
if (!chann)
@@ -1423,7 +1440,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
}
if (conn->ops->generate_signingkey) {
- rc = conn->ops->generate_signingkey(sess);
+ rc = conn->ops->generate_signingkey(sess, conn);
if (rc) {
ksmbd_debug(SMB, "SMB3 signing key generation failed\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
@@ -1500,7 +1517,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
}
if (conn->dialect >= SMB30_PROT_ID) {
- chann = lookup_chann_list(sess);
+ chann = lookup_chann_list(sess, conn);
if (!chann) {
chann = kmalloc(sizeof(struct channel), GFP_KERNEL);
if (!chann)
@@ -1513,7 +1530,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
}
if (conn->ops->generate_signingkey) {
- retval = conn->ops->generate_signingkey(sess);
+ retval = conn->ops->generate_signingkey(sess, conn);
if (retval) {
ksmbd_debug(SMB, "SMB3 signing key generation failed\n");
rsp->hdr.Status = STATUS_LOGON_FAILURE;
@@ -1562,12 +1579,59 @@ int smb2_sess_setup(struct ksmbd_work *work)
}
rsp->hdr.SessionId = cpu_to_le64(sess->id);
ksmbd_session_register(conn, sess);
+ } else if (conn->dialect >= SMB30_PROT_ID &&
+ (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) &&
+ req->Flags & SMB2_SESSION_REQ_FLAG_BINDING) {
+ u64 sess_id = le64_to_cpu(req->hdr.SessionId);
+
+ sess = ksmbd_session_lookup_slowpath(sess_id);
+ if (!sess) {
+ rc = -ENOENT;
+ goto out_err;
+ }
+
+ if (conn->dialect != sess->conn->dialect) {
+ rc = -EINVAL;
+ goto out_err;
+ }
+
+ if (!(req->hdr.Flags & SMB2_FLAGS_SIGNED)) {
+ rc = -EINVAL;
+ goto out_err;
+ }
+
+ if (strncmp(conn->ClientGUID, sess->conn->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE)) {
+ rc = -ENOENT;
+ goto out_err;
+ }
+
+ if (sess->state == SMB2_SESSION_IN_PROGRESS) {
+ rc = -EACCES;
+ goto out_err;
+ }
+
+ if (sess->state == SMB2_SESSION_EXPIRED) {
+ rc = -EFAULT;
+ goto out_err;
+ }
+
+ if (ksmbd_session_lookup(conn, sess_id)) {
+ rc = -EACCES;
+ goto out_err;
+ }
+
+ conn->binding = true;
+ } else if ((conn->dialect < SMB30_PROT_ID ||
+ server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) &&
+ (req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
+ rc = -EACCES;
+ goto out_err;
} else {
sess = ksmbd_session_lookup(conn,
le64_to_cpu(req->hdr.SessionId));
if (!sess) {
rc = -ENOENT;
- rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
goto out_err;
}
}
@@ -1585,15 +1649,15 @@ int smb2_sess_setup(struct ksmbd_work *work)
}
if (server_conf.auth_mechs & conn->auth_mechs) {
+ rc = generate_preauth_hash(work);
+ if (rc)
+ goto out_err;
+
if (conn->preferred_auth_mech &
(KSMBD_AUTH_KRB5 | KSMBD_AUTH_MSKRB5)) {
- rc = generate_preauth_hash(work);
- if (rc)
- goto out_err;
-
rc = krb5_authenticate(work);
if (rc) {
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ rc = -EINVAL;
goto out_err;
}
@@ -1602,10 +1666,6 @@ int smb2_sess_setup(struct ksmbd_work *work)
kfree(sess->Preauth_HashValue);
sess->Preauth_HashValue = NULL;
} else if (conn->preferred_auth_mech == KSMBD_AUTH_NTLMSSP) {
- rc = generate_preauth_hash(work);
- if (rc)
- goto out_err;
-
if (negblob->MessageType == NtLmNegotiate) {
rc = ntlm_negotiate(work, negblob);
if (rc)
@@ -1625,6 +1685,16 @@ int smb2_sess_setup(struct ksmbd_work *work)
ksmbd_conn_set_good(work);
sess->state = SMB2_SESSION_VALID;
+ if (conn->binding) {
+ struct preauth_session *preauth_sess;
+
+ preauth_sess =
+ ksmbd_preauth_session_lookup(conn, sess->id);
+ if (preauth_sess) {
+ list_del(&preauth_sess->preauth_entry);
+ kfree(preauth_sess);
+ }
+ }
kfree(sess->Preauth_HashValue);
sess->Preauth_HashValue = NULL;
}
@@ -1632,15 +1702,24 @@ int smb2_sess_setup(struct ksmbd_work *work)
/* TODO: need one more negotiation */
ksmbd_err("Not support the preferred authentication\n");
rc = -EINVAL;
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
}
} else {
ksmbd_err("Not support authentication\n");
rc = -EINVAL;
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
}
out_err:
+ if (rc == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else if (rc == -ENOENT)
+ rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
+ else if (rc == -EACCES)
+ rsp->hdr.Status = STATUS_REQUEST_NOT_ACCEPTED;
+ else if (rc == -EFAULT)
+ rsp->hdr.Status = STATUS_NETWORK_SESSION_EXPIRED;
+ else if (rc)
+ rsp->hdr.Status = STATUS_LOGON_FAILURE;
+
if (conn->use_spnego && conn->mechToken) {
kfree(conn->mechToken);
conn->mechToken = NULL;
@@ -7883,7 +7962,7 @@ void smb2_set_sign_rsp(struct ksmbd_work *work)
*/
int smb3_check_sign_req(struct ksmbd_work *work)
{
- struct ksmbd_conn *conn;
+ struct ksmbd_conn *conn = work->conn;
char *signing_key;
struct smb2_hdr *hdr, *hdr_org;
struct channel *chann;
@@ -7906,13 +7985,11 @@ int smb3_check_sign_req(struct ksmbd_work *work)
if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
signing_key = work->sess->smb3signingkey;
- conn = work->sess->conn;
} else {
- chann = lookup_chann_list(work->sess);
+ chann = lookup_chann_list(work->sess, conn);
if (!chann)
return 0;
signing_key = chann->smb3signingkey;
- conn = chann->conn;
}
if (!signing_key) {
@@ -7943,7 +8020,7 @@ int smb3_check_sign_req(struct ksmbd_work *work)
*/
void smb3_set_sign_rsp(struct ksmbd_work *work)
{
- struct ksmbd_conn *conn;
+ struct ksmbd_conn *conn = work->conn;
struct smb2_hdr *req_hdr;
struct smb2_hdr *hdr, *hdr_org;
struct channel *chann;
@@ -7970,13 +8047,11 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)
if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
signing_key = work->sess->smb3signingkey;
- conn = work->sess->conn;
} else {
- chann = lookup_chann_list(work->sess);
+ chann = lookup_chann_list(work->sess, work->conn);
if (!chann)
return;
signing_key = chann->smb3signingkey;
- conn = chann->conn;
}
if (!signing_key)
@@ -8020,11 +8095,21 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
conn->preauth_info->Preauth_HashValue);
- if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE &&
- sess && sess->state == SMB2_SESSION_IN_PROGRESS) {
+ if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE && sess) {
__u8 *hash_value;
- hash_value = sess->Preauth_HashValue;
+ if (conn->binding) {
+ struct preauth_session *preauth_sess;
+
+ preauth_sess = ksmbd_preauth_session_lookup(conn, sess->id);
+ if (!preauth_sess)
+ return;
+ hash_value = preauth_sess->Preauth_HashValue;
+ } else {
+ hash_value = sess->Preauth_HashValue;
+ if (!hash_value)
+ return;
+ }
ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
hash_value);
}
@@ -8116,7 +8201,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
unsigned int orig_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
int rc = 0;
- sess = ksmbd_session_lookup(conn, le64_to_cpu(tr_hdr->SessionId));
+ sess = ksmbd_session_lookup_all(conn, le64_to_cpu(tr_hdr->SessionId));
if (!sess) {
ksmbd_err("invalid session id(%llx) in transform header\n",
le64_to_cpu(tr_hdr->SessionId));
diff --git a/fs/cifsd/smb2pdu.h b/fs/cifsd/smb2pdu.h
index 0d5349e75dd9..0eac40e1ba65 100644
--- a/fs/cifsd/smb2pdu.h
+++ b/fs/cifsd/smb2pdu.h
@@ -1647,7 +1647,8 @@ struct file_lock *smb_flock_init(struct file *f);
int setup_async_work(struct ksmbd_work *work, void (*fn)(void **),
void **arg);
void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status);
-struct channel *lookup_chann_list(struct ksmbd_session *sess);
+struct channel *lookup_chann_list(struct ksmbd_session *sess,
+ struct ksmbd_conn *conn);
void smb3_preauth_hash_rsp(struct ksmbd_work *work);
int smb3_is_transform_hdr(void *buf);
int smb3_decrypt_req(struct ksmbd_work *work);
diff --git a/fs/cifsd/smb_common.h b/fs/cifsd/smb_common.h
index 6e7404b8db96..084166ba7654 100644
--- a/fs/cifsd/smb_common.h
+++ b/fs/cifsd/smb_common.h
@@ -479,7 +479,7 @@ struct smb_version_ops {
bool (*is_sign_req)(struct ksmbd_work *work, unsigned int command);
int (*check_sign_req)(struct ksmbd_work *work);
void (*set_sign_rsp)(struct ksmbd_work *work);
- int (*generate_signingkey)(struct ksmbd_session *sess);
+ int (*generate_signingkey)(struct ksmbd_session *sess, struct ksmbd_conn *conn);
int (*generate_encryptionkey)(struct ksmbd_session *sess);
int (*is_transform_hdr)(void *buf);
int (*decrypt_req)(struct ksmbd_work *work);
From patchwork Mon Nov 14 12:50:21 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183209
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:05 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:05 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:04 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 112/308] ksmbd: remove cache read/trans buffer
support
Date: Mon, 14 Nov 2022 20:50:21 +0800
Message-ID: <20221114125337.1831594-113-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6c35187d-9762-47c8-831f-08dac63c60bf
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6729074
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit c30f4eb84badf7476824c38f874542a2e653b46b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c30f4eb84bad
-------------------------------
As vmalloc performance improvement patch for big allocation is merged into
linux kernel, This feature is no longer not needed.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 1 -
fs/cifsd/buffer_pool.c | 265 -----------------------------------
fs/cifsd/buffer_pool.h | 17 ---
fs/cifsd/connection.c | 1 -
fs/cifsd/crypto_ctx.c | 1 -
fs/cifsd/ksmbd_server.h | 6 +-
fs/cifsd/ksmbd_work.c | 14 +-
fs/cifsd/ksmbd_work.h | 2 -
fs/cifsd/mgmt/share_config.c | 1 -
fs/cifsd/mgmt/tree_connect.c | 1 -
fs/cifsd/mgmt/user_config.c | 1 -
fs/cifsd/mgmt/user_session.c | 1 -
fs/cifsd/oplock.c | 1 -
fs/cifsd/server.c | 18 ++-
fs/cifsd/smb2pdu.c | 34 +----
fs/cifsd/transport_ipc.c | 1 -
fs/cifsd/transport_rdma.c | 1 -
fs/cifsd/transport_tcp.c | 1 -
fs/cifsd/vfs.c | 1 -
fs/cifsd/vfs_cache.c | 34 ++++-
fs/cifsd/vfs_cache.h | 2 +
21 files changed, 51 insertions(+), 353 deletions(-)
delete mode 100644 fs/cifsd/buffer_pool.c
delete mode 100644 fs/cifsd/buffer_pool.h
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index 1ba03a7c3201..daf31c9f0880 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -29,7 +29,6 @@
#include "mgmt/user_config.h"
#include "crypto_ctx.h"
#include "transport_ipc.h"
-#include "buffer_pool.h"
/*
* Fixed format data defining GSS header and fixed string
diff --git a/fs/cifsd/buffer_pool.c b/fs/cifsd/buffer_pool.c
deleted file mode 100644
index ea7d2d1a056a..000000000000
--- a/fs/cifsd/buffer_pool.c
+++ /dev/null
@@ -1,265 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0-or-later
-/*
- * Copyright (C) 2018 Samsung Electronics Co., Ltd.
- */
-
-#include <linux/kernel.h>
-#include <linux/wait.h>
-#include <linux/sched.h>
-#include <linux/mm.h>
-#include <linux/slab.h>
-#include <linux/vmalloc.h>
-#include <linux/rwlock.h>
-
-#include "glob.h"
-#include "buffer_pool.h"
-#include "connection.h"
-#include "mgmt/ksmbd_ida.h"
-
-static struct kmem_cache *filp_cache;
-
-struct wm {
- struct list_head list;
- unsigned int sz;
- char buffer[0];
-};
-
-struct wm_list {
- struct list_head list;
- unsigned int sz;
-
- spinlock_t wm_lock;
- int avail_wm;
- struct list_head idle_wm;
- wait_queue_head_t wm_wait;
-};
-
-static LIST_HEAD(wm_lists);
-static DEFINE_RWLOCK(wm_lists_lock);
-
-static struct wm *wm_alloc(size_t sz, gfp_t flags)
-{
- struct wm *wm;
- size_t alloc_sz = sz + sizeof(struct wm);
-
- if (sz > SIZE_MAX - sizeof(struct wm))
- return NULL;
-
- wm = kvmalloc(alloc_sz, flags);
- if (!wm)
- return NULL;
- wm->sz = sz;
- return wm;
-}
-
-static int register_wm_size_class(size_t sz)
-{
- struct wm_list *l, *nl;
-
- nl = kmalloc(sizeof(struct wm_list), GFP_KERNEL);
- if (!nl)
- return -ENOMEM;
-
- nl->sz = sz;
- spin_lock_init(&nl->wm_lock);
- INIT_LIST_HEAD(&nl->idle_wm);
- INIT_LIST_HEAD(&nl->list);
- init_waitqueue_head(&nl->wm_wait);
- nl->avail_wm = 0;
-
- write_lock(&wm_lists_lock);
- list_for_each_entry(l, &wm_lists, list) {
- if (l->sz == sz) {
- write_unlock(&wm_lists_lock);
- kfree(nl);
- return 0;
- }
- }
-
- list_add(&nl->list, &wm_lists);
- write_unlock(&wm_lists_lock);
- return 0;
-}
-
-static struct wm_list *match_wm_list(size_t size)
-{
- struct wm_list *l, *rl = NULL;
-
- read_lock(&wm_lists_lock);
- list_for_each_entry(l, &wm_lists, list) {
- if (l->sz == size) {
- rl = l;
- break;
- }
- }
- read_unlock(&wm_lists_lock);
- return rl;
-}
-
-static struct wm *find_wm(size_t size)
-{
- struct wm_list *wm_list;
- struct wm *wm;
-
- wm_list = match_wm_list(size);
- if (!wm_list) {
- if (register_wm_size_class(size))
- return NULL;
- wm_list = match_wm_list(size);
- }
-
- if (!wm_list)
- return NULL;
-
- while (1) {
- spin_lock(&wm_list->wm_lock);
- if (!list_empty(&wm_list->idle_wm)) {
- wm = list_entry(wm_list->idle_wm.next,
- struct wm,
- list);
- list_del(&wm->list);
- spin_unlock(&wm_list->wm_lock);
- return wm;
- }
-
- if (wm_list->avail_wm > num_online_cpus()) {
- spin_unlock(&wm_list->wm_lock);
- wait_event(wm_list->wm_wait,
- !list_empty(&wm_list->idle_wm));
- continue;
- }
-
- wm_list->avail_wm++;
- spin_unlock(&wm_list->wm_lock);
-
- wm = wm_alloc(size, GFP_KERNEL);
- if (!wm) {
- spin_lock(&wm_list->wm_lock);
- wm_list->avail_wm--;
- spin_unlock(&wm_list->wm_lock);
- wait_event(wm_list->wm_wait,
- !list_empty(&wm_list->idle_wm));
- continue;
- }
- break;
- }
-
- return wm;
-}
-
-static void release_wm(struct wm *wm, struct wm_list *wm_list)
-{
- if (!wm)
- return;
-
- spin_lock(&wm_list->wm_lock);
- if (wm_list->avail_wm <= num_online_cpus()) {
- list_add(&wm->list, &wm_list->idle_wm);
- spin_unlock(&wm_list->wm_lock);
- wake_up(&wm_list->wm_wait);
- return;
- }
-
- wm_list->avail_wm--;
- spin_unlock(&wm_list->wm_lock);
- kvfree(wm);
-}
-
-static void wm_list_free(struct wm_list *l)
-{
- struct wm *wm;
-
- while (!list_empty(&l->idle_wm)) {
- wm = list_entry(l->idle_wm.next, struct wm, list);
- list_del(&wm->list);
- kvfree(wm);
- }
- kfree(l);
-}
-
-static void wm_lists_destroy(void)
-{
- struct wm_list *l;
-
- while (!list_empty(&wm_lists)) {
- l = list_entry(wm_lists.next, struct wm_list, list);
- list_del(&l->list);
- wm_list_free(l);
- }
-}
-
-void *ksmbd_find_buffer(size_t size)
-{
- struct wm *wm;
-
- wm = find_wm(size);
-
- WARN_ON(!wm);
- if (wm)
- return wm->buffer;
- return NULL;
-}
-
-void ksmbd_release_buffer(void *buffer)
-{
- struct wm_list *wm_list;
- struct wm *wm;
-
- if (!buffer)
- return;
-
- wm = container_of(buffer, struct wm, buffer);
- wm_list = match_wm_list(wm->sz);
- WARN_ON(!wm_list);
- if (wm_list)
- release_wm(wm, wm_list);
-}
-
-void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz)
-{
- size_t sz = min(old_sz, new_sz);
- void *nptr;
-
- nptr = kvmalloc(new_sz, GFP_KERNEL | __GFP_ZERO);
- if (!nptr)
- return ptr;
- memcpy(nptr, ptr, sz);
- kvfree(ptr);
- return nptr;
-}
-
-void ksmbd_free_file_struct(void *filp)
-{
- kmem_cache_free(filp_cache, filp);
-}
-
-void *ksmbd_alloc_file_struct(void)
-{
- return kmem_cache_zalloc(filp_cache, GFP_KERNEL);
-}
-
-void ksmbd_destroy_buffer_pools(void)
-{
- wm_lists_destroy();
- ksmbd_work_pool_destroy();
- kmem_cache_destroy(filp_cache);
-}
-
-int ksmbd_init_buffer_pools(void)
-{
- if (ksmbd_work_pool_init())
- goto out;
-
- filp_cache = kmem_cache_create("ksmbd_file_cache",
- sizeof(struct ksmbd_file), 0,
- SLAB_HWCACHE_ALIGN, NULL);
- if (!filp_cache)
- goto out;
-
- return 0;
-
-out:
- ksmbd_err("failed to allocate memory\n");
- ksmbd_destroy_buffer_pools();
- return -ENOMEM;
-}
diff --git a/fs/cifsd/buffer_pool.h b/fs/cifsd/buffer_pool.h
deleted file mode 100644
index 088aa07ba09b..000000000000
--- a/fs/cifsd/buffer_pool.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-or-later */
-/*
- * Copyright (C) 2018 Samsung Electronics Co., Ltd.
- */
-
-#ifndef __KSMBD_BUFFER_POOL_H__
-#define __KSMBD_BUFFER_POOL_H__
-
-void *ksmbd_find_buffer(size_t size);
-void ksmbd_release_buffer(void *buffer);
-void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz);
-void ksmbd_free_file_struct(void *filp);
-void *ksmbd_alloc_file_struct(void);
-void ksmbd_destroy_buffer_pools(void);
-int ksmbd_init_buffer_pools(void);
-
-#endif /* __KSMBD_BUFFER_POOL_H__ */
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
index 06c42309be72..a0d15093dd6f 100644
--- a/fs/cifsd/connection.c
+++ b/fs/cifsd/connection.c
@@ -9,7 +9,6 @@
#include <linux/module.h>
#include "server.h"
-#include "buffer_pool.h"
#include "smb_common.h"
#include "mgmt/ksmbd_ida.h"
#include "connection.h"
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index cfea4c4db30f..7b727fe141a6 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -12,7 +12,6 @@
#include "glob.h"
#include "crypto_ctx.h"
-#include "buffer_pool.h"
struct crypto_ctx_list {
spinlock_t ctx_lock;
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
index 5ae3fe91bfb4..c2467a709144 100644
--- a/fs/cifsd/ksmbd_server.h
+++ b/fs/cifsd/ksmbd_server.h
@@ -30,10 +30,8 @@ struct ksmbd_heartbeat {
*/
#define KSMBD_GLOBAL_FLAG_INVALID (0)
#define KSMBD_GLOBAL_FLAG_SMB2_LEASES BIT(0)
-#define KSMBD_GLOBAL_FLAG_CACHE_TBUF BIT(1)
-#define KSMBD_GLOBAL_FLAG_CACHE_RBUF BIT(2)
-#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(3)
-#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(4)
+#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(1)
+#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2)
struct ksmbd_startup_request {
__u32 flags;
diff --git a/fs/cifsd/ksmbd_work.c b/fs/cifsd/ksmbd_work.c
index f284a2a803d6..a88c25965012 100644
--- a/fs/cifsd/ksmbd_work.c
+++ b/fs/cifsd/ksmbd_work.c
@@ -11,7 +11,6 @@
#include "server.h"
#include "connection.h"
#include "ksmbd_work.h"
-#include "buffer_pool.h"
#include "mgmt/ksmbd_ida.h"
/* @FIXME */
@@ -38,18 +37,9 @@ struct ksmbd_work *ksmbd_alloc_work_struct(void)
void ksmbd_free_work_struct(struct ksmbd_work *work)
{
WARN_ON(work->saved_cred != NULL);
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_TBUF &&
- work->set_trans_buf)
- ksmbd_release_buffer(work->response_buf);
- else
- kvfree(work->response_buf);
-
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF &&
- work->set_read_buf)
- ksmbd_release_buffer(work->aux_payload_buf);
- else
- kvfree(work->aux_payload_buf);
+ kvfree(work->response_buf);
+ kvfree(work->aux_payload_buf);
kfree(work->tr_buf);
kvfree(work->request_buf);
if (work->async_id)
diff --git a/fs/cifsd/ksmbd_work.h b/fs/cifsd/ksmbd_work.h
index 28a1692ed37f..0e2d4f3fc49f 100644
--- a/fs/cifsd/ksmbd_work.h
+++ b/fs/cifsd/ksmbd_work.h
@@ -70,8 +70,6 @@ struct ksmbd_work {
/* Is this SYNC or ASYNC ksmbd_work */
bool syncronous:1;
bool need_invalidate_rkey:1;
- bool set_trans_buf:1;
- bool set_read_buf:1;
unsigned int remote_key;
/* cancel works */
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index bcc4ae4381b9..fac6034b97a9 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -15,7 +15,6 @@
#include "share_config.h"
#include "user_config.h"
#include "user_session.h"
-#include "../buffer_pool.h"
#include "../transport_ipc.h"
#define SHARE_HASH_BITS 3
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/cifsd/mgmt/tree_connect.c
index 029a9e81e844..0d28e723a28c 100644
--- a/fs/cifsd/mgmt/tree_connect.c
+++ b/fs/cifsd/mgmt/tree_connect.c
@@ -7,7 +7,6 @@
#include <linux/slab.h>
#include <linux/xarray.h>
-#include "../buffer_pool.h"
#include "../transport_ipc.h"
#include "../connection.h"
diff --git a/fs/cifsd/mgmt/user_config.c b/fs/cifsd/mgmt/user_config.c
index 7f898c5bda25..d21629ae5c89 100644
--- a/fs/cifsd/mgmt/user_config.c
+++ b/fs/cifsd/mgmt/user_config.c
@@ -7,7 +7,6 @@
#include <linux/mm.h>
#include "user_config.h"
-#include "../buffer_pool.h"
#include "../transport_ipc.h"
struct ksmbd_user *ksmbd_login_user(const char *account)
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index c3487b1a004c..77bdf3642f72 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -14,7 +14,6 @@
#include "tree_connect.h"
#include "../transport_ipc.h"
#include "../connection.h"
-#include "../buffer_pool.h"
#include "../vfs_cache.h"
static DEFINE_IDA(session_ida);
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index 5868cdca7187..1ef2acbea2bb 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -11,7 +11,6 @@
#include "smb_common.h"
#include "smbstatus.h"
-#include "buffer_pool.h"
#include "connection.h"
#include "mgmt/user_session.h"
#include "mgmt/share_config.h"
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index a71fafa176b3..93402c56b8ff 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -16,7 +16,6 @@
#include "server.h"
#include "smb_common.h"
#include "smbstatus.h"
-#include "buffer_pool.h"
#include "connection.h"
#include "transport_ipc.h"
#include "mgmt/user_session.h"
@@ -536,7 +535,8 @@ static int ksmbd_server_shutdown(void)
ksmbd_crypto_destroy();
ksmbd_free_global_file_table();
destroy_lease_table(NULL);
- ksmbd_destroy_buffer_pools();
+ ksmbd_work_pool_destroy();
+ ksmbd_exit_file_cache();
server_conf_free();
return 0;
}
@@ -557,13 +557,17 @@ static int __init ksmbd_server_init(void)
if (ret)
goto err_unregister;
- ret = ksmbd_init_buffer_pools();
+ ret = ksmbd_work_pool_init();
if (ret)
goto err_unregister;
+ ret = ksmbd_init_file_cache();
+ if (ret)
+ goto err_destroy_work_pools;
+
ret = ksmbd_ipc_init();
if (ret)
- goto err_free_session_table;
+ goto err_exit_file_cache;
ret = ksmbd_init_global_file_table();
if (ret)
@@ -590,8 +594,10 @@ static int __init ksmbd_server_init(void)
ksmbd_free_global_file_table();
err_ipc_release:
ksmbd_ipc_release();
-err_free_session_table:
- ksmbd_destroy_buffer_pools();
+err_exit_file_cache:
+ ksmbd_exit_file_cache();
+err_destroy_work_pools:
+ ksmbd_work_pool_destroy();
err_unregister:
class_unregister(&ksmbd_control_class);
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 12c954dac51a..345c4c75da9a 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -19,7 +19,6 @@
#include "auth.h"
#include "asn1.h"
-#include "buffer_pool.h"
#include "connection.h"
#include "transport_ipc.h"
#include "vfs.h"
@@ -538,10 +537,8 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
size_t sz = small_sz;
int cmd = le16_to_cpu(hdr->Command);
- if (cmd == SMB2_IOCTL_HE || cmd == SMB2_QUERY_DIRECTORY_HE) {
+ if (cmd == SMB2_IOCTL_HE || cmd == SMB2_QUERY_DIRECTORY_HE)
sz = large_sz;
- work->set_trans_buf = true;
- }
if (cmd == SMB2_QUERY_INFO_HE) {
struct smb2_query_info_req *req;
@@ -549,22 +546,15 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
req = work->request_buf;
if (req->InfoType == SMB2_O_INFO_FILE &&
(req->FileInfoClass == FILE_FULL_EA_INFORMATION ||
- req->FileInfoClass == FILE_ALL_INFORMATION)) {
+ req->FileInfoClass == FILE_ALL_INFORMATION))
sz = large_sz;
- work->set_trans_buf = true;
- }
}
/* allocate large response buf for chained commands */
if (le32_to_cpu(hdr->NextCommand) > 0)
sz = large_sz;
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_TBUF &&
- work->set_trans_buf)
- work->response_buf = ksmbd_find_buffer(sz);
- else
- work->response_buf = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
-
+ work->response_buf = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
if (!work->response_buf)
return -ENOMEM;
@@ -5950,13 +5940,7 @@ int smb2_read(struct ksmbd_work *work)
ksmbd_debug(SMB, "filename %s, offset %lld, len %zu\n", FP_FILENAME(fp),
offset, length);
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF) {
- work->aux_payload_buf =
- ksmbd_find_buffer(conn->vals->max_read_size);
- work->set_read_buf = true;
- } else {
- work->aux_payload_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO);
- }
+ work->aux_payload_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO);
if (!work->aux_payload_buf) {
err = -ENOMEM;
goto out;
@@ -5969,10 +5953,7 @@ int smb2_read(struct ksmbd_work *work)
}
if ((nbytes == 0 && length != 0) || nbytes < mincount) {
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
- ksmbd_release_buffer(work->aux_payload_buf);
- else
- kvfree(work->aux_payload_buf);
+ kvfree(work->aux_payload_buf);
work->aux_payload_buf = NULL;
rsp->hdr.Status = STATUS_END_OF_FILE;
smb2_set_err_rsp(work);
@@ -5989,10 +5970,7 @@ int smb2_read(struct ksmbd_work *work)
remain_bytes = smb2_read_rdma_channel(work, req,
work->aux_payload_buf,
nbytes);
- if (server_conf.flags & KSMBD_GLOBAL_FLAG_CACHE_RBUF)
- ksmbd_release_buffer(work->aux_payload_buf);
- else
- kvfree(work->aux_payload_buf);
+ kvfree(work->aux_payload_buf);
work->aux_payload_buf = NULL;
nbytes = 0;
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index b09df832431f..2bcc1cad6037 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -16,7 +16,6 @@
#include "vfs_cache.h"
#include "transport_ipc.h"
-#include "buffer_pool.h"
#include "server.h"
#include "smb_common.h"
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
index efaa9776841f..52237f023b66 100644
--- a/fs/cifsd/transport_rdma.c
+++ b/fs/cifsd/transport_rdma.c
@@ -33,7 +33,6 @@
#include "connection.h"
#include "smb_common.h"
#include "smbstatus.h"
-#include "buffer_pool.h"
#include "transport_rdma.h"
#define SMB_DIRECT_PORT 5445
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index d6d5c0038dea..16702b7874f4 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -9,7 +9,6 @@
#include "smb_common.h"
#include "server.h"
#include "auth.h"
-#include "buffer_pool.h"
#include "connection.h"
#include "transport_tcp.h"
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 9111b485d611..fb31c1ccb1bd 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -23,7 +23,6 @@
#include "glob.h"
#include "oplock.h"
#include "connection.h"
-#include "buffer_pool.h"
#include "vfs.h"
#include "vfs_cache.h"
#include "smbacl.h"
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 6ea09fe82814..dcac1f0a29e4 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -10,7 +10,6 @@
#include "glob.h"
#include "vfs_cache.h"
-#include "buffer_pool.h"
#include "oplock.h"
#include "vfs.h"
#include "connection.h"
@@ -29,6 +28,7 @@ static DEFINE_RWLOCK(inode_hash_lock);
static struct ksmbd_file_table global_ft;
static atomic_long_t fd_limit;
+static struct kmem_cache *filp_cache;
void ksmbd_set_fd_limit(unsigned long limit)
{
@@ -315,7 +315,7 @@ static void __ksmbd_close_fd(struct ksmbd_file_table *ft, struct ksmbd_file *fp)
kfree(fp->filename);
if (ksmbd_stream_fd(fp))
kfree(fp->stream.name);
- ksmbd_free_file_struct(fp);
+ kmem_cache_free(filp_cache, fp);
}
static struct ksmbd_file *ksmbd_fp_get(struct ksmbd_file *fp)
@@ -539,10 +539,10 @@ unsigned int ksmbd_open_durable_fd(struct ksmbd_file *fp)
struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
{
- struct ksmbd_file *fp;
+ struct ksmbd_file *fp;
int ret;
- fp = ksmbd_alloc_file_struct();
+ fp = kmem_cache_zalloc(filp_cache, GFP_KERNEL);
if (!fp) {
ksmbd_err("Failed to allocate memory\n");
return ERR_PTR(-ENOMEM);
@@ -561,14 +561,14 @@ struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
fp->f_ci = ksmbd_inode_get(fp);
if (!fp->f_ci) {
- ksmbd_free_file_struct(fp);
+ kmem_cache_free(filp_cache, fp);
return ERR_PTR(-ENOMEM);
}
ret = __open_id(&work->sess->file_table, fp, OPEN_ID_TYPE_VOLATILE_ID);
if (ret) {
ksmbd_inode_put(fp->f_ci);
- ksmbd_free_file_struct(fp);
+ kmem_cache_free(filp_cache, fp);
return ERR_PTR(ret);
}
@@ -640,7 +640,7 @@ void ksmbd_free_global_file_table(void)
idr_for_each_entry(global_ft.idr, fp, id) {
__ksmbd_remove_durable_fd(fp);
- ksmbd_free_file_struct(fp);
+ kmem_cache_free(filp_cache, fp);
}
ksmbd_destroy_file_table(&global_ft);
@@ -683,3 +683,23 @@ void ksmbd_destroy_file_table(struct ksmbd_file_table *ft)
kfree(ft->idr);
ft->idr = NULL;
}
+
+int ksmbd_init_file_cache(void)
+{
+ filp_cache = kmem_cache_create("ksmbd_file_cache",
+ sizeof(struct ksmbd_file), 0,
+ SLAB_HWCACHE_ALIGN, NULL);
+ if (!filp_cache)
+ goto out;
+
+ return 0;
+
+out:
+ ksmbd_err("failed to allocate file cache\n");
+ return -ENOMEM;
+}
+
+void ksmbd_exit_file_cache(void)
+{
+ kmem_cache_destroy(filp_cache);
+}
diff --git a/fs/cifsd/vfs_cache.h b/fs/cifsd/vfs_cache.h
index 635eedbd497c..745855367106 100644
--- a/fs/cifsd/vfs_cache.h
+++ b/fs/cifsd/vfs_cache.h
@@ -182,4 +182,6 @@ void ksmbd_set_inode_pending_delete(struct ksmbd_file *fp);
void ksmbd_clear_inode_pending_delete(struct ksmbd_file *fp);
void ksmbd_fd_set_delete_on_close(struct ksmbd_file *fp,
int file_info);
+int ksmbd_init_file_cache(void);
+void ksmbd_exit_file_cache(void);
#endif /* __VFS_CACHE_H__ */
From patchwork Mon Nov 14 12:50:22 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183210
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:05 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:05 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:05 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 113/308] ksmbd: initialize variables on the
declaration
Date: Mon, 14 Nov 2022 20:50:22 +0800
Message-ID: <20221114125337.1831594-114-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
15664d23-9515-4690-3acb-08dac63c6108
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6881488
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit afa8f016c5a527bd004042ea47ca8b8007e4185f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/afa8f016c5a5
-------------------------------
Initialize variables on the declaration.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index fb31c1ccb1bd..4e0cf1b95419 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -355,14 +355,11 @@ static int check_lock_range(struct file *filp, loff_t start, loff_t end,
int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
loff_t *pos)
{
- struct file *filp;
+ struct file *filp = fp->filp;
ssize_t nbytes = 0;
- char *rbuf;
- struct inode *inode;
+ char *rbuf = work->aux_payload_buf;
+ struct inode *inode = file_inode(filp);
- rbuf = work->aux_payload_buf;
- filp = fp->filp;
- inode = file_inode(filp);
if (S_ISDIR(inode->i_mode))
return -EISDIR;
From patchwork Mon Nov 14 12:50:23 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183211
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:06 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:06 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:05 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 114/308] ksmbd: remove ksmbd_vfs_copy_file_range
Date: Mon, 14 Nov 2022 20:50:23 +0800
Message-ID: <20221114125337.1831594-115-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a9204477-decb-46af-4a77-08dac63c6152
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6202081
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit f8524776f1bbf2895de757438b41915a9b3d9bbc
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f8524776f1bb
-------------------------------
vfs_copy_file_range and cifs client already does this type of fallback,
so this is dead code.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 4 ++--
fs/cifsd/vfs.c | 50 ++--------------------------------------------
fs/cifsd/vfs.h | 3 ---
3 files changed, 4 insertions(+), 53 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 345c4c75da9a..2df8217c7395 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -7437,8 +7437,8 @@ int smb2_ioctl(struct ksmbd_work *work)
ret = -EOPNOTSUPP;
goto dup_ext_out;
} else if (cloned != length) {
- cloned = ksmbd_vfs_copy_file_range(fp_in->filp, src_off,
- fp_out->filp, dst_off, length);
+ cloned = vfs_copy_file_range(fp_in->filp, src_off,
+ fp_out->filp, dst_off, length, 0);
if (cloned != length) {
if (cloned < 0)
ret = cloned;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 4e0cf1b95419..ef74e56cd05f 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -1802,52 +1802,6 @@ int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
return 0;
}
-int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
- struct file *file_out, loff_t pos_out, size_t len)
-{
- struct inode *inode_in = file_inode(file_in);
- struct inode *inode_out = file_inode(file_out);
- int ret;
-
- ret = vfs_copy_file_range(file_in, pos_in, file_out, pos_out, len, 0);
- /* do splice for the copy between different file systems */
- if (ret != -EXDEV)
- return ret;
-
- if (S_ISDIR(inode_in->i_mode) || S_ISDIR(inode_out->i_mode))
- return -EISDIR;
- if (!S_ISREG(inode_in->i_mode) || !S_ISREG(inode_out->i_mode))
- return -EINVAL;
-
- if (!(file_in->f_mode & FMODE_READ) ||
- !(file_out->f_mode & FMODE_WRITE))
- return -EBADF;
-
- if (len == 0)
- return 0;
-
- file_start_write(file_out);
-
- /*
- * skip the verification of the range of data. it will be done
- * in do_splice_direct
- */
- ret = do_splice_direct(file_in, &pos_in, file_out, &pos_out,
- len > MAX_RW_COUNT ? MAX_RW_COUNT : len, 0);
- if (ret > 0) {
- fsnotify_access(file_in);
- add_rchar(current, ret);
- fsnotify_modify(file_out);
- add_wchar(current, ret);
- }
-
- inc_syscr(current);
- inc_syscw(current);
-
- file_end_write(file_out);
- return ret;
-}
-
int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
struct ksmbd_file *src_fp,
struct ksmbd_file *dst_fp,
@@ -1905,8 +1859,8 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
if (src_off + len > src_file_size)
return -E2BIG;
- ret = ksmbd_vfs_copy_file_range(src_fp->filp, src_off,
- dst_fp->filp, dst_off, len);
+ ret = vfs_copy_file_range(src_fp->filp, src_off,
+ dst_fp->filp, dst_off, len, 0);
if (ret < 0)
return ret;
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index 5db1e9e2a754..03b877e6520b 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -218,9 +218,6 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
unsigned int *chunk_count_written,
unsigned int *chunk_size_written,
loff_t *total_size_written);
-int ksmbd_vfs_copy_file_range(struct file *file_in, loff_t pos_in,
- struct file *file_out, loff_t pos_out,
- size_t len);
ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list);
ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
char **xattr_buf);
From patchwork Mon Nov 14 12:50:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183212
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:06 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:06 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:06 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 115/308] ksmbd: use list_for_each_entry instead of
list_for_each
Date: Mon, 14 Nov 2022 20:50:24 +0800
Message-ID: <20221114125337.1831594-116-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
797c5c3e-094e-4d99-1d93-08dac63c619a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6894166
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 6f3d5eeec744727bf017be3bb12e7fbf1c4438ed
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6f3d5eeec744
-------------------------------
Use list_for_each_entry instead of list_for_each.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 14 ++++----------
fs/cifsd/smb_common.c | 4 +---
fs/cifsd/vfs_cache.c | 4 +---
3 files changed, 6 insertions(+), 16 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 2df8217c7395..f1642fffe4e1 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -73,10 +73,8 @@ static inline int check_session_id(struct ksmbd_conn *conn, u64 id)
struct channel *lookup_chann_list(struct ksmbd_session *sess, struct ksmbd_conn *conn)
{
struct channel *chann;
- struct list_head *t;
- list_for_each(t, &sess->ksmbd_chann_list) {
- chann = list_entry(t, struct channel, chann_list);
+ list_for_each_entry(chann, &sess->ksmbd_chann_list, chann_list) {
if (chann && chann->conn == conn)
return chann;
}
@@ -6315,7 +6313,6 @@ int smb2_cancel(struct ksmbd_work *work)
struct smb2_hdr *hdr = work->request_buf;
struct smb2_hdr *chdr;
struct ksmbd_work *cancel_work = NULL;
- struct list_head *tmp;
int canceled = 0;
struct list_head *command_list;
@@ -6326,9 +6323,8 @@ int smb2_cancel(struct ksmbd_work *work)
command_list = &conn->async_requests;
spin_lock(&conn->request_lock);
- list_for_each(tmp, command_list) {
- cancel_work = list_entry(tmp, struct ksmbd_work,
- async_request_entry);
+ list_for_each_entry(cancel_work, command_list,
+ async_request_entry) {
chdr = cancel_work->request_buf;
if (cancel_work->async_id !=
@@ -6347,9 +6343,7 @@ int smb2_cancel(struct ksmbd_work *work)
command_list = &conn->requests;
spin_lock(&conn->request_lock);
- list_for_each(tmp, command_list) {
- cancel_work = list_entry(tmp, struct ksmbd_work,
- request_entry);
+ list_for_each_entry(cancel_work, command_list, request_entry) {
chdr = cancel_work->request_buf;
if (chdr->MessageId != hdr->MessageId ||
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index 039030968b50..d74b2ce08187 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -481,15 +481,13 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
{
int rc = 0;
struct ksmbd_file *prev_fp;
- struct list_head *cur;
/*
* Lookup fp in master fp list, and check desired access and
* shared mode between previous open and current open.
*/
read_lock(&curr_fp->f_ci->m_lock);
- list_for_each(cur, &curr_fp->f_ci->m_fp_list) {
- prev_fp = list_entry(cur, struct ksmbd_file, node);
+ list_for_each_entry(prev_fp, &curr_fp->f_ci->m_fp_list, node) {
if (file_inode(filp) != FP_INODE(prev_fp))
continue;
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index dcac1f0a29e4..3f18018668b6 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -472,15 +472,13 @@ struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode)
{
struct ksmbd_file *lfp;
struct ksmbd_inode *ci;
- struct list_head *cur;
ci = ksmbd_inode_lookup_by_vfsinode(inode);
if (!ci)
return NULL;
read_lock(&ci->m_lock);
- list_for_each(cur, &ci->m_fp_list) {
- lfp = list_entry(cur, struct ksmbd_file, node);
+ list_for_each_entry(lfp, &ci->m_fp_list, node) {
if (inode == FP_INODE(lfp)) {
atomic_dec(&ci->m_count);
read_unlock(&ci->m_lock);
From patchwork Mon Nov 14 12:50:25 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183213
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:07 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:07 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:06 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 116/308] ksmbd: use goto instead of duplicating
the resoure cleanup in ksmbd_open_fd
Date: Mon, 14 Nov 2022 20:50:25 +0800
Message-ID: <20221114125337.1831594-117-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ab40349f-c4d3-4e4f-fb91-08dac63c61e2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6814626
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 1dfb8242e8d982d036399766c4af62ddc221e38d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1dfb8242e8d9
-------------------------------
Use goto instead of duplicating the resoure cleanup in ksmbd_open_fd.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs_cache.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 3f18018668b6..71a11128d908 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -559,19 +559,22 @@ struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
fp->f_ci = ksmbd_inode_get(fp);
if (!fp->f_ci) {
- kmem_cache_free(filp_cache, fp);
- return ERR_PTR(-ENOMEM);
+ ret = -ENOMEM;
+ goto err_out;
}
ret = __open_id(&work->sess->file_table, fp, OPEN_ID_TYPE_VOLATILE_ID);
if (ret) {
ksmbd_inode_put(fp->f_ci);
- kmem_cache_free(filp_cache, fp);
- return ERR_PTR(ret);
+ goto err_out;
}
atomic_inc(&work->conn->stats.open_files_count);
return fp;
+
+err_out:
+ kmem_cache_free(filp_cache, fp);
+ return ERR_PTR(ret);
}
static int
From patchwork Mon Nov 14 12:50:26 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183214
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:07 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:07 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:07 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 117/308] ksmbd: fix overly long line
Date: Mon, 14 Nov 2022 20:50:26 +0800
Message-ID: <20221114125337.1831594-118-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
acc8b47c-01f4-4832-d8e7-08dac63c622b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7027237
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 79a8a71db4084d7536fc45ed2a33ce7b451ba127
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/79a8a71db408
-------------------------------
Fix overly long line.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs_cache.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 71a11128d908..4cf14c247e9e 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -601,12 +601,14 @@ __close_file_table_ids(struct ksmbd_file_table *ft,
return num;
}
-static bool tree_conn_fd_check(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp)
+static bool tree_conn_fd_check(struct ksmbd_tree_connect *tcon,
+ struct ksmbd_file *fp)
{
return fp->tcon != tcon;
}
-static bool session_fd_check(struct ksmbd_tree_connect *tcon, struct ksmbd_file *fp)
+static bool session_fd_check(struct ksmbd_tree_connect *tcon,
+ struct ksmbd_file *fp)
{
return false;
}
From patchwork Mon Nov 14 12:50:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183215
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:08 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:08 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:07 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 118/308] ksmbd: remove unneeded FIXME comment
Date: Mon, 14 Nov 2022 20:50:27 +0800
Message-ID: <20221114125337.1831594-119-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3c3b3c06-1335-4102-9bc3-08dac63c6275
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7020223
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 9c78ad067faf605e0cd16d557859310e5f5312be
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9c78ad067faf
-------------------------------
Remove unneeded FIXME comment.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/glob.h | 2 --
fs/cifsd/ksmbd_work.c | 2 --
2 files changed, 4 deletions(-)
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
index ffeaf8aa5595..da8f804a3ee2 100644
--- a/fs/cifsd/glob.h
+++ b/fs/cifsd/glob.h
@@ -14,8 +14,6 @@
#define KSMBD_VERSION "3.1.9"
-/* @FIXME clean up this code */
-
extern int ksmbd_debug_types;
#define DATA_STREAM 1
diff --git a/fs/cifsd/ksmbd_work.c b/fs/cifsd/ksmbd_work.c
index a88c25965012..7c914451bbe1 100644
--- a/fs/cifsd/ksmbd_work.c
+++ b/fs/cifsd/ksmbd_work.c
@@ -12,8 +12,6 @@
#include "connection.h"
#include "ksmbd_work.h"
#include "mgmt/ksmbd_ida.h"
-
-/* @FIXME */
#include "ksmbd_server.h"
static struct kmem_cache *work_cache;
From patchwork Mon Nov 14 12:50:28 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183216
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:08 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:08 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:08 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 119/308] ksmbd: remove ____ksmbd_align in
ksmbd_server.h
Date: Mon, 14 Nov 2022 20:50:28 +0800
Message-ID: <20221114125337.1831594-120-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
96ea0a85-2b59-4a34-8535-08dac63c62bf
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6923966
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 9f88af04f03d585b8257740745d19897b48a9795
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9f88af04f03d
-------------------------------
None of structures needs the attribute.
So remove ____ksmbd_align in ksmbd_server.h.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/ksmbd_server.h | 38 +++++++++++++++++---------------------
1 file changed, 17 insertions(+), 21 deletions(-)
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
index c2467a709144..a915ca5596dc 100644
--- a/fs/cifsd/ksmbd_server.h
+++ b/fs/cifsd/ksmbd_server.h
@@ -13,10 +13,6 @@
#define KSMBD_GENL_NAME "SMBD_GENL"
#define KSMBD_GENL_VERSION 0x01
-#ifndef ____ksmbd_align
-#define ____ksmbd_align __aligned(4)
-#endif
-
#define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ 48
#define KSMBD_REQ_MAX_HASH_SZ 18
#define KSMBD_REQ_MAX_SHARE_NAME 64
@@ -51,19 +47,19 @@ struct ksmbd_startup_request {
__u32 share_fake_fscaps;
__u32 sub_auth[3];
__u32 ifc_list_sz;
- __s8 ____payload[0];
-} ____ksmbd_align;
+ __s8 ____payload[];
+};
#define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload)
struct ksmbd_shutdown_request {
__s32 reserved;
-} ____ksmbd_align;
+};
struct ksmbd_login_request {
__u32 handle;
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
-} ____ksmbd_align;
+};
struct ksmbd_login_response {
__u32 handle;
@@ -73,12 +69,12 @@ struct ksmbd_login_response {
__u16 status;
__u16 hash_sz;
__s8 hash[KSMBD_REQ_MAX_HASH_SZ];
-} ____ksmbd_align;
+};
struct ksmbd_share_config_request {
__u32 handle;
__s8 share_name[KSMBD_REQ_MAX_SHARE_NAME];
-} ____ksmbd_align;
+};
struct ksmbd_share_config_response {
__u32 handle;
@@ -90,8 +86,8 @@ struct ksmbd_share_config_response {
__u16 force_uid;
__u16 force_gid;
__u32 veto_list_sz;
- __s8 ____payload[0];
-} ____ksmbd_align;
+ __s8 ____payload[];
+};
#define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
#define KSMBD_SHARE_CONFIG_PATH(s) \
@@ -111,43 +107,43 @@ struct ksmbd_tree_connect_request {
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
__s8 share[KSMBD_REQ_MAX_SHARE_NAME];
__s8 peer_addr[64];
-} ____ksmbd_align;
+};
struct ksmbd_tree_connect_response {
__u32 handle;
__u16 status;
__u16 connection_flags;
-} ____ksmbd_align;
+};
struct ksmbd_tree_disconnect_request {
__u64 session_id;
__u64 connect_id;
-} ____ksmbd_align;
+};
struct ksmbd_logout_request {
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
-} ____ksmbd_align;
+};
struct ksmbd_rpc_command {
__u32 handle;
__u32 flags;
__u32 payload_sz;
- __u8 payload[0];
-} ____ksmbd_align;
+ __u8 payload[];
+};
struct ksmbd_spnego_authen_request {
__u32 handle;
__u16 spnego_blob_len;
__u8 spnego_blob[0];
-} ____ksmbd_align;
+};
struct ksmbd_spnego_authen_response {
__u32 handle;
struct ksmbd_login_response login_response;
__u16 session_key_len;
__u16 spnego_blob_len;
- __u8 payload[0]; /* session key + AP_REP */
-} ____ksmbd_align;
+ __u8 payload[]; /* session key + AP_REP */
+};
/*
* This also used as NETLINK attribute type value.
From patchwork Mon Nov 14 12:50:29 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183217
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:09 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:09 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:08 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 120/308] ksmbd: replace KSMBD_SHARE_CONFIG_PATH
with inline function
Date: Mon, 14 Nov 2022 20:50:29 +0800
Message-ID: <20221114125337.1831594-121-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
edec0764-ca0a-4611-3d3d-08dac63c6308
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6953785
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 3fbe43c9f577cadd6b5136fda2e6a6c0b4e0651e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/3fbe43c9f577
-------------------------------
replace KSMBD_SHARE_CONFIG_PATH with inline function.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/ksmbd_server.h | 18 +++++++++++-------
fs/cifsd/mgmt/share_config.c | 2 +-
2 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/fs/cifsd/ksmbd_server.h b/fs/cifsd/ksmbd_server.h
index a915ca5596dc..55b7602b79bd 100644
--- a/fs/cifsd/ksmbd_server.h
+++ b/fs/cifsd/ksmbd_server.h
@@ -90,13 +90,17 @@ struct ksmbd_share_config_response {
};
#define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
-#define KSMBD_SHARE_CONFIG_PATH(s) \
- ({ \
- char *p = (s)->____payload; \
- if ((s)->veto_list_sz) \
- p += (s)->veto_list_sz + 1; \
- p; \
- })
+
+static inline char *
+ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
+{
+ char *p = sc->____payload;
+
+ if (sc->veto_list_sz)
+ p += sc->veto_list_sz + 1;
+
+ return p;
+}
struct ksmbd_tree_connect_request {
__u32 handle;
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/cifsd/mgmt/share_config.c
index fac6034b97a9..cb72d30f5b71 100644
--- a/fs/cifsd/mgmt/share_config.c
+++ b/fs/cifsd/mgmt/share_config.c
@@ -139,7 +139,7 @@ static struct ksmbd_share_config *share_config_request(char *name)
share->name = kstrdup(name, GFP_KERNEL);
if (!test_share_config_flag(share, KSMBD_SHARE_FLAG_PIPE)) {
- share->path = kstrdup(KSMBD_SHARE_CONFIG_PATH(resp),
+ share->path = kstrdup(ksmbd_share_config_path(resp),
GFP_KERNEL);
if (share->path)
share->path_sz = strlen(share->path);
From patchwork Mon Nov 14 12:50:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183218
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:09 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:09 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:08 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 121/308] ksmbd: remove ksmbd_err/info
Date: Mon, 14 Nov 2022 20:50:30 +0800
Message-ID: <20221114125337.1831594-122-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
097176d4-c6f1-4364-25f8-08dac63c6352
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.8272490
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit bde1694aecdb535970787b4f1d07ddb317e191e3
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/bde1694aecdb
-------------------------------
Use the pr_fmt built into pr_*. and use pr_err/info after removing
wrapper ksmbd_err/info.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/auth.c | 18 ++--
fs/cifsd/connection.c | 15 ++-
fs/cifsd/crypto_ctx.c | 4 +-
fs/cifsd/glob.h | 24 ++---
fs/cifsd/mgmt/user_session.c | 4 +-
fs/cifsd/misc.c | 2 +-
fs/cifsd/ndr.c | 14 +--
fs/cifsd/oplock.c | 20 ++--
fs/cifsd/server.c | 6 +-
fs/cifsd/smb2misc.c | 8 +-
fs/cifsd/smb2pdu.c | 204 +++++++++++++++++------------------
fs/cifsd/smb_common.c | 2 +-
fs/cifsd/smbacl.c | 26 ++---
fs/cifsd/transport_ipc.c | 30 +++---
fs/cifsd/transport_rdma.c | 106 +++++++++---------
fs/cifsd/transport_tcp.c | 20 ++--
fs/cifsd/vfs.c | 88 +++++++--------
fs/cifsd/vfs_cache.c | 10 +-
18 files changed, 294 insertions(+), 307 deletions(-)
diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c
index daf31c9f0880..de36f12070bf 100644
--- a/fs/cifsd/auth.c
+++ b/fs/cifsd/auth.c
@@ -342,7 +342,7 @@ int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE);
rc = ksmbd_enc_p24(p21, sess->ntlmssp.cryptkey, key);
if (rc) {
- ksmbd_err("password processing failed\n");
+ pr_err("password processing failed\n");
return rc;
}
@@ -461,7 +461,7 @@ static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce,
client_nonce,
(char *)sess->ntlmssp.cryptkey, 8);
if (rc) {
- ksmbd_err("password processing failed\n");
+ pr_err("password processing failed\n");
goto out;
}
@@ -469,7 +469,7 @@ static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce,
memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE);
rc = ksmbd_enc_p24(p21, sess_key, key);
if (rc) {
- ksmbd_err("password processing failed\n");
+ pr_err("password processing failed\n");
goto out;
}
@@ -1269,7 +1269,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
enc,
key);
if (rc) {
- ksmbd_err("Could not get %scryption key\n", enc ? "en" : "de");
+ pr_err("Could not get %scryption key\n", enc ? "en" : "de");
return rc;
}
@@ -1279,7 +1279,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
else
ctx = ksmbd_crypto_ctx_find_ccm();
if (!ctx) {
- ksmbd_err("crypto alloc failed\n");
+ pr_err("crypto alloc failed\n");
return -ENOMEM;
}
@@ -1295,19 +1295,18 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
else
rc = crypto_aead_setkey(tfm, key, SMB3_GCM128_CRYPTKEY_SIZE);
if (rc) {
- ksmbd_err("Failed to set aead key %d\n", rc);
+ pr_err("Failed to set aead key %d\n", rc);
goto free_ctx;
}
rc = crypto_aead_setauthsize(tfm, SMB2_SIGNATURE_SIZE);
if (rc) {
- ksmbd_err("Failed to set authsize %d\n", rc);
+ pr_err("Failed to set authsize %d\n", rc);
goto free_ctx;
}
req = aead_request_alloc(tfm, GFP_KERNEL);
if (!req) {
- ksmbd_err("Failed to alloc aead request\n");
rc = -ENOMEM;
goto free_ctx;
}
@@ -1319,7 +1318,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
sg = ksmbd_init_sg(iov, nvec, sign);
if (!sg) {
- ksmbd_err("Failed to init sg\n");
+ pr_err("Failed to init sg\n");
rc = -ENOMEM;
goto free_req;
}
@@ -1327,7 +1326,6 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
iv_len = crypto_aead_ivsize(tfm);
iv = kzalloc(iv_len, GFP_KERNEL);
if (!iv) {
- ksmbd_err("Failed to alloc IV\n");
rc = -ENOMEM;
goto free_sg;
}
diff --git a/fs/cifsd/connection.c b/fs/cifsd/connection.c
index a0d15093dd6f..928e22e19def 100644
--- a/fs/cifsd/connection.c
+++ b/fs/cifsd/connection.c
@@ -160,7 +160,7 @@ int ksmbd_conn_write(struct ksmbd_work *work)
ksmbd_conn_try_dequeue_request(work);
if (!rsp_hdr) {
- ksmbd_err("NULL response header\n");
+ pr_err("NULL response header\n");
return -EINVAL;
}
@@ -192,7 +192,7 @@ int ksmbd_conn_write(struct ksmbd_work *work)
ksmbd_conn_unlock(conn);
if (sent < 0) {
- ksmbd_err("Failed to send message: %d\n", sent);
+ pr_err("Failed to send message: %d\n", sent);
return sent;
}
@@ -315,24 +315,23 @@ int ksmbd_conn_handler_loop(void *p)
*/
size = t->ops->read(t, conn->request_buf + 4, pdu_size);
if (size < 0) {
- ksmbd_err("sock_read failed: %d\n", size);
+ pr_err("sock_read failed: %d\n", size);
break;
}
if (size != pdu_size) {
- ksmbd_err("PDU error. Read: %d, Expected: %d\n",
- size,
- pdu_size);
+ pr_err("PDU error. Read: %d, Expected: %d\n",
+ size, pdu_size);
continue;
}
if (!default_conn_ops.process_fn) {
- ksmbd_err("No connection request callback\n");
+ pr_err("No connection request callback\n");
break;
}
if (default_conn_ops.process_fn(conn)) {
- ksmbd_err("Cannot handle request\n");
+ pr_err("Cannot handle request\n");
break;
}
}
diff --git a/fs/cifsd/crypto_ctx.c b/fs/cifsd/crypto_ctx.c
index 7b727fe141a6..5f4b1008d17e 100644
--- a/fs/cifsd/crypto_ctx.c
+++ b/fs/cifsd/crypto_ctx.c
@@ -48,12 +48,12 @@ static struct crypto_aead *alloc_aead(int id)
tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
break;
default:
- ksmbd_err("Does not support encrypt ahead(id : %d)\n", id);
+ pr_err("Does not support encrypt ahead(id : %d)\n", id);
return NULL;
}
if (IS_ERR(tfm)) {
- ksmbd_err("Failed to alloc encrypt aead : %ld\n", PTR_ERR(tfm));
+ pr_err("Failed to alloc encrypt aead : %ld\n", PTR_ERR(tfm));
return NULL;
}
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
index da8f804a3ee2..8119cb7ddbed 100644
--- a/fs/cifsd/glob.h
+++ b/fs/cifsd/glob.h
@@ -31,32 +31,22 @@ extern int ksmbd_debug_types;
KSMBD_DEBUG_IPC | KSMBD_DEBUG_CONN | \
KSMBD_DEBUG_RDMA)
-#ifndef ksmbd_pr_fmt
+#ifdef pr_fmt
+#undef pr_fmt
+#endif
+
#ifdef SUBMOD_NAME
-#define ksmbd_pr_fmt(fmt) "ksmbd: " SUBMOD_NAME ": " fmt
+#define pr_fmt(fmt) "ksmbd: " SUBMOD_NAME ": " fmt
#else
-#define ksmbd_pr_fmt(fmt) "ksmbd: " fmt
-#endif
+#define pr_fmt(fmt) "ksmbd: " fmt
#endif
#define ksmbd_debug(type, fmt, ...) \
do { \
if (ksmbd_debug_types & KSMBD_DEBUG_##type) \
- pr_info(ksmbd_pr_fmt("%s:%d: " fmt), \
- __func__, \
- __LINE__, \
- ##__VA_ARGS__); \
+ pr_info(fmt, ##__VA_ARGS__); \
} while (0)
-#define ksmbd_info(fmt, ...) \
- pr_info(ksmbd_pr_fmt(fmt), ##__VA_ARGS__)
-
-#define ksmbd_err(fmt, ...) \
- pr_err(ksmbd_pr_fmt("%s:%d: " fmt), \
- __func__, \
- __LINE__, \
- ##__VA_ARGS__)
-
#define UNICODE_LEN(x) ((x) * 2)
#endif /* __KSMBD_GLOB_H */
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index 77bdf3642f72..615b46f0762b 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -87,7 +87,7 @@ static int __rpc_method(char *rpc_name)
if (!strcmp(rpc_name, "\\lsarpc") || !strcmp(rpc_name, "lsarpc"))
return KSMBD_RPC_LSARPC_METHOD_INVOKE;
- ksmbd_err("Unsupported RPC: %s\n", rpc_name);
+ pr_err("Unsupported RPC: %s\n", rpc_name);
return 0;
}
@@ -232,7 +232,7 @@ int get_session(struct ksmbd_session *sess)
void put_session(struct ksmbd_session *sess)
{
if (atomic_dec_and_test(&sess->refcnt))
- ksmbd_err("get/%s seems to be mismatched.", __func__);
+ pr_err("get/%s seems to be mismatched.", __func__);
}
struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id)
diff --git a/fs/cifsd/misc.c b/fs/cifsd/misc.c
index 1c6ed20f4a18..0b307ca28a19 100644
--- a/fs/cifsd/misc.c
+++ b/fs/cifsd/misc.c
@@ -107,7 +107,7 @@ static int ksmbd_validate_stream_name(char *stream_name)
stream_name++;
if (c == '/' || c == ':' || c == '\\') {
- ksmbd_err("Stream name validation failed: %c\n", c);
+ pr_err("Stream name validation failed: %c\n", c);
return -ENOENT;
}
}
diff --git a/fs/cifsd/ndr.c b/fs/cifsd/ndr.c
index 14189832c65e..46cc01475d38 100644
--- a/fs/cifsd/ndr.c
+++ b/fs/cifsd/ndr.c
@@ -178,14 +178,14 @@ int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
da->version = ndr_read_int16(n);
if (da->version != 3 && da->version != 4) {
- ksmbd_err("v%d version is not supported\n", da->version);
+ pr_err("v%d version is not supported\n", da->version);
return -EINVAL;
}
version2 = ndr_read_int32(n);
if (da->version != version2) {
- ksmbd_err("ndr version mismatched(version: %d, version2: %d)\n",
- da->version, version2);
+ pr_err("ndr version mismatched(version: %d, version2: %d)\n",
+ da->version, version2);
return -EINVAL;
}
@@ -309,14 +309,14 @@ int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)
n->offset = 0;
acl->version = ndr_read_int16(n);
if (acl->version != 4) {
- ksmbd_err("v%d version is not supported\n", acl->version);
+ pr_err("v%d version is not supported\n", acl->version);
return -EINVAL;
}
version2 = ndr_read_int32(n);
if (acl->version != version2) {
- ksmbd_err("ndr version mismatched(version: %d, version2: %d)\n",
- acl->version, version2);
+ pr_err("ndr version mismatched(version: %d, version2: %d)\n",
+ acl->version, version2);
return -EINVAL;
}
@@ -329,7 +329,7 @@ int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl)
ndr_read_bytes(n, acl->desc, 10);
if (strncmp(acl->desc, "posix_acl", 9)) {
- ksmbd_err("Invalid acl description : %s\n", acl->desc);
+ pr_err("Invalid acl description : %s\n", acl->desc);
return -EINVAL;
}
diff --git a/fs/cifsd/oplock.c b/fs/cifsd/oplock.c
index 1ef2acbea2bb..9027cb7d970f 100644
--- a/fs/cifsd/oplock.c
+++ b/fs/cifsd/oplock.c
@@ -230,9 +230,9 @@ int opinfo_write_to_read(struct oplock_info *opinfo)
if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
- ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
+ pr_err("bad oplock(0x%x)\n", opinfo->level);
if (opinfo->is_lease)
- ksmbd_err("lease state(0x%x)\n", lease->state);
+ pr_err("lease state(0x%x)\n", lease->state);
return -EINVAL;
}
opinfo->level = SMB2_OPLOCK_LEVEL_II;
@@ -269,9 +269,9 @@ int opinfo_write_to_none(struct oplock_info *opinfo)
if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
- ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
+ pr_err("bad oplock(0x%x)\n", opinfo->level);
if (opinfo->is_lease)
- ksmbd_err("lease state(0x%x)\n", lease->state);
+ pr_err("lease state(0x%x)\n", lease->state);
return -EINVAL;
}
opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
@@ -291,9 +291,9 @@ int opinfo_read_to_none(struct oplock_info *opinfo)
struct lease *lease = opinfo->o_lease;
if (opinfo->level != SMB2_OPLOCK_LEVEL_II) {
- ksmbd_err("bad oplock(0x%x)\n", opinfo->level);
+ pr_err("bad oplock(0x%x)\n", opinfo->level);
if (opinfo->is_lease)
- ksmbd_err("lease state(0x%x)\n", lease->state);
+ pr_err("lease state(0x%x)\n", lease->state);
return -EINVAL;
}
opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
@@ -622,7 +622,7 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
}
if (allocate_oplock_break_buf(work)) {
- ksmbd_err("smb2_allocate_rsp_buf failed! ");
+ pr_err("smb2_allocate_rsp_buf failed! ");
atomic_dec(&conn->r_count);
ksmbd_fd_put(work, fp);
ksmbd_free_work_struct(work);
@@ -1680,18 +1680,18 @@ int smb2_check_durable_oplock(struct ksmbd_file *fp,
if (opinfo && opinfo->is_lease) {
if (!lctx) {
- ksmbd_err("open does not include lease\n");
+ pr_err("open does not include lease\n");
ret = -EBADF;
goto out;
}
if (memcmp(opinfo->o_lease->lease_key, lctx->lease_key,
SMB2_LEASE_KEY_SIZE)) {
- ksmbd_err("invalid lease key\n");
+ pr_err("invalid lease key\n");
ret = -EBADF;
goto out;
}
if (name && strcmp(fp->filename, name)) {
- ksmbd_err("invalid name reconnect %s\n", name);
+ pr_err("invalid name reconnect %s\n", name);
ret = -EINVAL;
goto out;
}
diff --git a/fs/cifsd/server.c b/fs/cifsd/server.c
index 93402c56b8ff..c9a3a459f3e6 100644
--- a/fs/cifsd/server.c
+++ b/fs/cifsd/server.c
@@ -277,7 +277,7 @@ static int queue_ksmbd_work(struct ksmbd_conn *conn)
work = ksmbd_alloc_work_struct();
if (!work) {
- ksmbd_err("allocation for work failed\n");
+ pr_err("allocation for work failed\n");
return -ENOMEM;
}
@@ -442,7 +442,7 @@ static ssize_t kill_server_store(struct class *class,
if (!sysfs_streq(buf, "hard"))
return len;
- ksmbd_info("kill command received\n");
+ pr_info("kill command received\n");
mutex_lock(&ctrl_lock);
WRITE_ONCE(server_conf.state, SERVER_STATE_RESETTING);
__module_get(THIS_MODULE);
@@ -547,7 +547,7 @@ static int __init ksmbd_server_init(void)
ret = class_register(&ksmbd_control_class);
if (ret) {
- ksmbd_err("Unable to register ksmbd-control class\n");
+ pr_err("Unable to register ksmbd-control class\n");
return ret;
}
diff --git a/fs/cifsd/smb2misc.c b/fs/cifsd/smb2misc.c
index c4b870dbf683..e412d69690ed 100644
--- a/fs/cifsd/smb2misc.c
+++ b/fs/cifsd/smb2misc.c
@@ -320,12 +320,12 @@ static int smb2_validate_credit_charge(struct smb2_hdr *hdr)
max_len = max(req_len, expect_resp_len);
calc_credit_num = DIV_ROUND_UP(max_len, SMB2_MAX_BUFFER_SIZE);
if (!credit_charge && max_len > SMB2_MAX_BUFFER_SIZE) {
- ksmbd_err("credit charge is zero and payload size(%d) is bigger than 64K\n",
- max_len);
+ pr_err("credit charge is zero and payload size(%d) is bigger than 64K\n",
+ max_len);
return 1;
} else if (credit_charge < calc_credit_num) {
- ksmbd_err("credit charge : %d, calc_credit_num : %d\n",
- credit_charge, calc_credit_num);
+ pr_err("credit charge : %d, calc_credit_num : %d\n",
+ credit_charge, calc_credit_num);
return 1;
}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index f1642fffe4e1..84f4cd7f545f 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -66,7 +66,7 @@ static inline int check_session_id(struct ksmbd_conn *conn, u64 id)
sess = ksmbd_session_lookup_all(conn, id);
if (sess)
return 1;
- ksmbd_err("Invalid user session id: %llu\n", id);
+ pr_err("Invalid user session id: %llu\n", id);
return 0;
}
@@ -109,7 +109,7 @@ int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
tree_id = le32_to_cpu(req_hdr->Id.SyncId.TreeId);
work->tcon = ksmbd_tree_conn_lookup(work->sess, tree_id);
if (!work->tcon) {
- ksmbd_err("Invalid tid %d\n", tree_id);
+ pr_err("Invalid tid %d\n", tree_id);
return -1;
}
@@ -329,7 +329,7 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
min_credits = conn->max_credits >> 4;
if (conn->total_credits >= conn->max_credits) {
- ksmbd_err("Total credits overflow: %d\n", conn->total_credits);
+ pr_err("Total credits overflow: %d\n", conn->total_credits);
conn->total_credits = min_credits;
}
@@ -634,7 +634,7 @@ smb2_get_name(struct ksmbd_share_config *share, const char *src,
name = smb_strndup_from_utf16(src, maxlen, 1, local_nls);
if (IS_ERR(name)) {
- ksmbd_err("failed to get name %ld\n", PTR_ERR(name));
+ pr_err("failed to get name %ld\n", PTR_ERR(name));
return name;
}
@@ -645,7 +645,7 @@ smb2_get_name(struct ksmbd_share_config *share, const char *src,
unixname = convert_to_unix_name(share, name);
kfree(name);
if (!unixname) {
- ksmbd_err("can not convert absolute name\n");
+ pr_err("can not convert absolute name\n");
return ERR_PTR(-ENOMEM);
}
@@ -664,7 +664,7 @@ int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
id = ksmbd_acquire_async_msg_id(&conn->async_ida);
if (id < 0) {
- ksmbd_err("Failed to alloc async message id\n");
+ pr_err("Failed to alloc async message id\n");
return id;
}
work->syncronous = false;
@@ -1005,13 +1005,13 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
ksmbd_debug(SMB, "Received negotiate request\n");
conn->need_neg = false;
if (ksmbd_conn_good(work)) {
- ksmbd_err("conn->tcp_status is already in CifsGood State\n");
+ pr_err("conn->tcp_status is already in CifsGood State\n");
work->send_no_response = 1;
return rc;
}
if (req->DialectCount == 0) {
- ksmbd_err("malformed packet\n");
+ pr_err("malformed packet\n");
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
rc = -EINVAL;
goto err_out;
@@ -1031,8 +1031,8 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
status = deassemble_neg_contexts(conn, req);
if (status != STATUS_SUCCESS) {
- ksmbd_err("deassemble_neg_contexts error(0x%x)\n",
- status);
+ pr_err("deassemble_neg_contexts error(0x%x)\n",
+ status);
rsp->hdr.Status = status;
rc = -EINVAL;
goto err_out;
@@ -1293,7 +1293,7 @@ static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
true,
conn->local_nls);
if (IS_ERR(name)) {
- ksmbd_err("cannot allocate memory\n");
+ pr_err("cannot allocate memory\n");
return NULL;
}
@@ -1438,7 +1438,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
if (conn->dialect > SMB20_PROT_ID) {
if (!ksmbd_conn_lookup_dialect(conn)) {
- ksmbd_err("fail to verify the dialect\n");
+ pr_err("fail to verify the dialect\n");
rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
return -EPERM;
}
@@ -1528,7 +1528,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
if (conn->dialect > SMB20_PROT_ID) {
if (!ksmbd_conn_lookup_dialect(conn)) {
- ksmbd_err("fail to verify the dialect\n");
+ pr_err("fail to verify the dialect\n");
rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
return -EPERM;
}
@@ -1688,11 +1688,11 @@ int smb2_sess_setup(struct ksmbd_work *work)
}
} else {
/* TODO: need one more negotiation */
- ksmbd_err("Not support the preferred authentication\n");
+ pr_err("Not support the preferred authentication\n");
rc = -EINVAL;
}
} else {
- ksmbd_err("Not support authentication\n");
+ pr_err("Not support authentication\n");
rc = -EINVAL;
}
@@ -1742,7 +1742,7 @@ int smb2_tree_connect(struct ksmbd_work *work)
le16_to_cpu(req->PathLength), true,
conn->local_nls);
if (IS_ERR(treename)) {
- ksmbd_err("treename is NULL\n");
+ pr_err("treename is NULL\n");
status.ret = KSMBD_TREE_CONN_STATUS_ERROR;
goto out_err1;
}
@@ -1986,7 +1986,7 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work)
id = ksmbd_session_rpc_open(work->sess, name);
if (id < 0) {
- ksmbd_err("Unable to open RPC pipe: %d\n", id);
+ pr_err("Unable to open RPC pipe: %d\n", id);
err = id;
goto out;
}
@@ -2120,7 +2120,7 @@ static inline int check_context_err(void *ctx, char *str)
ksmbd_debug(SMB, "find context %s err %d\n", str, err);
if (err == -EINVAL) {
- ksmbd_err("bad name length\n");
+ pr_err("bad name length\n");
return err;
}
@@ -2159,7 +2159,7 @@ static noinline int smb2_set_stream_name_xattr(struct path *path,
rc = ksmbd_vfs_setxattr(path->dentry, xattr_stream_name, NULL, 0, 0);
if (rc < 0)
- ksmbd_err("Failed to store XATTR stream name :%d\n", rc);
+ pr_err("Failed to store XATTR stream name :%d\n", rc);
return 0;
}
@@ -2201,7 +2201,7 @@ static int smb2_create_truncate(struct path *path)
int rc = vfs_truncate(path, 0);
if (rc) {
- ksmbd_err("vfs_truncate failed, rc %d\n", rc);
+ pr_err("vfs_truncate failed, rc %d\n", rc);
return rc;
}
@@ -2287,8 +2287,8 @@ static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name,
rc = ksmbd_vfs_kern_path(name, 0, path, 0);
if (rc) {
- ksmbd_err("cannot get linux path (%s), err = %d\n",
- name, rc);
+ pr_err("cannot get linux path (%s), err = %d\n",
+ name, rc);
return rc;
}
return 0;
@@ -2387,7 +2387,7 @@ int smb2_open(struct ksmbd_work *work)
if (req->NameLength) {
if ((req->CreateOptions & FILE_DIRECTORY_FILE_LE) &&
*(char *)req->Buffer == '\\') {
- ksmbd_err("not allow directory name included leading slash\n");
+ pr_err("not allow directory name included leading slash\n");
rc = -EINVAL;
goto err_out1;
}
@@ -2444,16 +2444,16 @@ int smb2_open(struct ksmbd_work *work)
lc = parse_lease_state(req);
if (le32_to_cpu(req->ImpersonationLevel) > le32_to_cpu(IL_DELEGATE_LE)) {
- ksmbd_err("Invalid impersonationlevel : 0x%x\n",
- le32_to_cpu(req->ImpersonationLevel));
+ pr_err("Invalid impersonationlevel : 0x%x\n",
+ le32_to_cpu(req->ImpersonationLevel));
rc = -EIO;
rsp->hdr.Status = STATUS_BAD_IMPERSONATION_LEVEL;
goto err_out1;
}
if (req->CreateOptions && !(req->CreateOptions & CREATE_OPTIONS_MASK)) {
- ksmbd_err("Invalid create options : 0x%x\n",
- le32_to_cpu(req->CreateOptions));
+ pr_err("Invalid create options : 0x%x\n",
+ le32_to_cpu(req->CreateOptions));
rc = -EINVAL;
goto err_out1;
} else {
@@ -2480,22 +2480,22 @@ int smb2_open(struct ksmbd_work *work)
if (le32_to_cpu(req->CreateDisposition) >
le32_to_cpu(FILE_OVERWRITE_IF_LE)) {
- ksmbd_err("Invalid create disposition : 0x%x\n",
- le32_to_cpu(req->CreateDisposition));
+ pr_err("Invalid create disposition : 0x%x\n",
+ le32_to_cpu(req->CreateDisposition));
rc = -EINVAL;
goto err_out1;
}
if (!(req->DesiredAccess & DESIRED_ACCESS_MASK)) {
- ksmbd_err("Invalid desired access : 0x%x\n",
- le32_to_cpu(req->DesiredAccess));
+ pr_err("Invalid desired access : 0x%x\n",
+ le32_to_cpu(req->DesiredAccess));
rc = -EACCES;
goto err_out1;
}
if (req->FileAttributes && !(req->FileAttributes & ATTR_MASK_LE)) {
- ksmbd_err("Invalid file attribute : 0x%x\n",
- le32_to_cpu(req->FileAttributes));
+ pr_err("Invalid file attribute : 0x%x\n",
+ le32_to_cpu(req->FileAttributes));
rc = -EINVAL;
goto err_out1;
}
@@ -2750,7 +2750,7 @@ int smb2_open(struct ksmbd_work *work)
filp = dentry_open(&path, open_flags, current_cred());
if (IS_ERR(filp)) {
rc = PTR_ERR(filp);
- ksmbd_err("dentry open for dir failed, rc %d\n", rc);
+ pr_err("dentry open for dir failed, rc %d\n", rc);
goto err_out;
}
@@ -2846,8 +2846,8 @@ int smb2_open(struct ksmbd_work *work)
pntsd_size);
kfree(pntsd);
if (rc)
- ksmbd_err("failed to store ntacl in xattr : %d\n",
- rc);
+ pr_err("failed to store ntacl in xattr : %d\n",
+ rc);
}
}
}
@@ -3697,14 +3697,14 @@ int smb2_query_dir(struct ksmbd_work *work)
if (!(dir_fp->daccess & FILE_LIST_DIRECTORY_LE) ||
inode_permission(&init_user_ns, file_inode(dir_fp->filp),
MAY_READ | MAY_EXEC)) {
- ksmbd_err("no right to enumerate directory (%s)\n",
- FP_FILENAME(dir_fp));
+ pr_err("no right to enumerate directory (%s)\n",
+ FP_FILENAME(dir_fp));
rc = -EACCES;
goto err_out2;
}
if (!S_ISDIR(file_inode(dir_fp->filp)->i_mode)) {
- ksmbd_err("can't do query dir for a file\n");
+ pr_err("can't do query dir for a file\n");
rc = -EINVAL;
goto err_out2;
}
@@ -3805,7 +3805,7 @@ int smb2_query_dir(struct ksmbd_work *work)
return 0;
err_out:
- ksmbd_err("error while processing smb2 query dir rc = %d\n", rc);
+ pr_err("error while processing smb2 query dir rc = %d\n", rc);
kfree(srch_ptr);
err_out2:
@@ -3843,7 +3843,7 @@ static int buffer_check_err(int reqOutputBufferLength,
{
if (reqOutputBufferLength < le32_to_cpu(rsp->OutputBufferLength)) {
if (reqOutputBufferLength < infoclass_size) {
- ksmbd_err("Invalid Buffer Size Requested\n");
+ pr_err("Invalid Buffer Size Requested\n");
rsp->hdr.Status = STATUS_INFO_LENGTH_MISMATCH;
rsp->hdr.smb2_buf_length = cpu_to_be32(sizeof(struct smb2_hdr) - 4);
return -EINVAL;
@@ -3946,8 +3946,8 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
struct path *path;
if (!(fp->daccess & FILE_READ_EA_LE)) {
- ksmbd_err("Not permitted to read ext attr : 0x%x\n",
- fp->daccess);
+ pr_err("Not permitted to read ext attr : 0x%x\n",
+ fp->daccess);
return -EACCES;
}
@@ -4103,8 +4103,8 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
u64 time;
if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
- ksmbd_err("no right to read the attributes : 0x%x\n",
- fp->daccess);
+ pr_err("no right to read the attributes : 0x%x\n",
+ fp->daccess);
return -EACCES;
}
@@ -4375,8 +4375,8 @@ static int get_file_network_open_info(struct smb2_query_info_rsp *rsp,
u64 time;
if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
- ksmbd_err("no right to read the attributes : 0x%x\n",
- fp->daccess);
+ pr_err("no right to read the attributes : 0x%x\n",
+ fp->daccess);
return -EACCES;
}
@@ -4465,8 +4465,8 @@ static int get_file_attribute_tag_info(struct smb2_query_info_rsp *rsp,
struct smb2_file_attr_tag_info *file_info;
if (!(fp->daccess & FILE_READ_ATTRIBUTES_LE)) {
- ksmbd_err("no right to read the attributes : 0x%x\n",
- fp->daccess);
+ pr_err("no right to read the attributes : 0x%x\n",
+ fp->daccess);
return -EACCES;
}
@@ -4620,7 +4620,7 @@ static int smb2_get_info_file(struct ksmbd_work *work,
break;
case SMB_FIND_FILE_POSIX_INFO:
if (!work->tcon->posix_extensions) {
- ksmbd_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
+ pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
rc = -EOPNOTSUPP;
} else {
rc = find_file_posix_info(rsp, fp, rsp_org);
@@ -4659,13 +4659,13 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
rc = ksmbd_vfs_kern_path(share->path, lookup_flags, &path, 0);
if (rc) {
- ksmbd_err("cannot create vfs path\n");
+ pr_err("cannot create vfs path\n");
return -EIO;
}
rc = vfs_statfs(&path, &stfs);
if (rc) {
- ksmbd_err("cannot do stat of path %s\n", share->path);
+ pr_err("cannot do stat of path %s\n", share->path);
path_put(&path);
return -EIO;
}
@@ -4846,7 +4846,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
unsigned short logical_sector_size;
if (!work->tcon->posix_extensions) {
- ksmbd_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
+ pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
rc = -EOPNOTSUPP;
} else {
info = (struct filesystem_posix_info *)(rsp->Buffer);
@@ -5213,7 +5213,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
len = strlen(new_name);
if (new_name[len - 1] != '/') {
- ksmbd_err("not allow base filename in rename\n");
+ pr_err("not allow base filename in rename\n");
rc = -ESHARE;
goto out;
}
@@ -5229,8 +5229,8 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
xattr_stream_name,
NULL, 0, 0);
if (rc < 0) {
- ksmbd_err("failed to store stream name in xattr: %d\n",
- rc);
+ pr_err("failed to store stream name in xattr: %d\n",
+ rc);
rc = -EINVAL;
goto out;
}
@@ -5389,7 +5389,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
if (file_info->Attributes) {
if (!S_ISDIR(inode->i_mode) &&
file_info->Attributes & ATTR_DIRECTORY_LE) {
- ksmbd_err("can't change a file to a directory\n");
+ pr_err("can't change a file to a directory\n");
return -EINVAL;
}
@@ -5467,7 +5467,7 @@ static int set_file_allocation_info(struct ksmbd_work *work,
if (alloc_blks > inode->i_blocks) {
rc = ksmbd_vfs_alloc_size(work, fp, alloc_blks * 512);
if (rc && rc != -EOPNOTSUPP) {
- ksmbd_err("ksmbd_vfs_alloc_size is failed : %d\n", rc);
+ pr_err("ksmbd_vfs_alloc_size is failed : %d\n", rc);
return rc;
}
} else if (alloc_blks < inode->i_blocks) {
@@ -5483,8 +5483,8 @@ static int set_file_allocation_info(struct ksmbd_work *work,
size = i_size_read(inode);
rc = ksmbd_vfs_truncate(work, NULL, fp, alloc_blks * 512);
if (rc) {
- ksmbd_err("truncate failed! filename : %s, err %d\n",
- fp->filename, rc);
+ pr_err("truncate failed! filename : %s, err %d\n",
+ fp->filename, rc);
return rc;
}
if (size < alloc_blks * 512)
@@ -5536,7 +5536,7 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
struct ksmbd_file *parent_fp;
if (!(fp->daccess & FILE_DELETE_LE)) {
- ksmbd_err("no right to delete : 0x%x\n", fp->daccess);
+ pr_err("no right to delete : 0x%x\n", fp->daccess);
return -EACCES;
}
@@ -5546,7 +5546,7 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
parent_fp = ksmbd_lookup_fd_inode(PARENT_INODE(fp));
if (parent_fp) {
if (parent_fp->daccess & FILE_DELETE_LE) {
- ksmbd_err("parent dir is opened with delete access\n");
+ pr_err("parent dir is opened with delete access\n");
return -ESHARE;
}
}
@@ -5562,7 +5562,7 @@ static int set_file_disposition_info(struct ksmbd_file *fp, char *buf)
struct inode *inode;
if (!(fp->daccess & FILE_DELETE_LE)) {
- ksmbd_err("no right to delete : 0x%x\n", fp->daccess);
+ pr_err("no right to delete : 0x%x\n", fp->daccess);
return -EACCES;
}
@@ -5594,8 +5594,8 @@ static int set_file_position_info(struct ksmbd_file *fp, char *buf)
if (current_byte_offset < 0 ||
(fp->coption == FILE_NO_INTERMEDIATE_BUFFERING_LE &&
current_byte_offset & (sector_size - 1))) {
- ksmbd_err("CurrentByteOffset is not valid : %llu\n",
- current_byte_offset);
+ pr_err("CurrentByteOffset is not valid : %llu\n",
+ current_byte_offset);
return -EINVAL;
}
@@ -5614,7 +5614,7 @@ static int set_file_mode_info(struct ksmbd_file *fp, char *buf)
if ((mode & ~FILE_MODE_INFO_MASK) ||
(mode & FILE_SYNCHRONOUS_IO_ALERT_LE &&
mode & FILE_SYNCHRONOUS_IO_NONALERT_LE)) {
- ksmbd_err("Mode is not valid : 0x%x\n", le32_to_cpu(mode));
+ pr_err("Mode is not valid : 0x%x\n", le32_to_cpu(mode));
return -EINVAL;
}
@@ -5675,8 +5675,8 @@ static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
case FILE_FULL_EA_INFORMATION:
{
if (!(fp->daccess & FILE_WRITE_EA_LE)) {
- ksmbd_err("Not permitted to write ext attr: 0x%x\n",
- fp->daccess);
+ pr_err("Not permitted to write ext attr: 0x%x\n",
+ fp->daccess);
return -EACCES;
}
@@ -5691,7 +5691,7 @@ static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
return set_file_mode_info(fp, buf);
}
- ksmbd_err("Unimplemented Fileinfoclass :%d\n", info_class);
+ pr_err("Unimplemented Fileinfoclass :%d\n", info_class);
return -EOPNOTSUPP;
}
@@ -5919,7 +5919,7 @@ int smb2_read(struct ksmbd_work *work)
}
if (!(fp->daccess & (FILE_READ_DATA_LE | FILE_READ_ATTRIBUTES_LE))) {
- ksmbd_err("Not permitted to read : 0x%x\n", fp->daccess);
+ pr_err("Not permitted to read : 0x%x\n", fp->daccess);
err = -EACCES;
goto out;
}
@@ -6039,9 +6039,9 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
} else {
if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
(le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
- ksmbd_err("invalid write data offset %u, smb_len %u\n",
- le16_to_cpu(req->DataOffset),
- get_rfc1002_len(req));
+ pr_err("invalid write data offset %u, smb_len %u\n",
+ le16_to_cpu(req->DataOffset),
+ get_rfc1002_len(req));
err = -EINVAL;
goto out;
}
@@ -6172,7 +6172,7 @@ int smb2_write(struct ksmbd_work *work)
}
if (!(fp->daccess & (FILE_WRITE_DATA_LE | FILE_READ_ATTRIBUTES_LE))) {
- ksmbd_err("Not permitted to write : 0x%x\n", fp->daccess);
+ pr_err("Not permitted to write : 0x%x\n", fp->daccess);
err = -EACCES;
goto out;
}
@@ -6198,9 +6198,9 @@ int smb2_write(struct ksmbd_work *work)
} else {
if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
(le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
- ksmbd_err("invalid write data offset %u, smb_len %u\n",
- le16_to_cpu(req->DataOffset),
- get_rfc1002_len(req));
+ pr_err("invalid write data offset %u, smb_len %u\n",
+ le16_to_cpu(req->DataOffset),
+ get_rfc1002_len(req));
err = -EINVAL;
goto out;
}
@@ -6530,7 +6530,7 @@ int smb2_lock(struct ksmbd_work *work)
lock_start = le64_to_cpu(lock_ele[i].Offset);
lock_length = le64_to_cpu(lock_ele[i].Length);
if (lock_start > U64_MAX - lock_length) {
- ksmbd_err("Invalid lock range requested\n");
+ pr_err("Invalid lock range requested\n");
rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE;
goto out;
}
@@ -6560,7 +6560,7 @@ int smb2_lock(struct ksmbd_work *work)
cmp_lock->fl->fl_end >= flock->fl_end) {
if (cmp_lock->fl->fl_type != F_UNLCK &&
flock->fl_type != F_UNLCK) {
- ksmbd_err("conflict two locks in one request\n");
+ pr_err("conflict two locks in one request\n");
rsp->hdr.Status =
STATUS_INVALID_PARAMETER;
goto out;
@@ -6633,7 +6633,7 @@ int smb2_lock(struct ksmbd_work *work)
if (cmp_lock->zero_len && !smb_lock->zero_len &&
cmp_lock->start > smb_lock->start &&
cmp_lock->start < smb_lock->end) {
- ksmbd_err("previous lock conflict with zero byte lock range\n");
+ pr_err("previous lock conflict with zero byte lock range\n");
rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
goto out;
}
@@ -6641,7 +6641,7 @@ int smb2_lock(struct ksmbd_work *work)
if (smb_lock->zero_len && !cmp_lock->zero_len &&
smb_lock->start > cmp_lock->start &&
smb_lock->start < cmp_lock->end) {
- ksmbd_err("current lock conflict with zero byte lock range\n");
+ pr_err("current lock conflict with zero byte lock range\n");
rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
goto out;
}
@@ -6650,7 +6650,7 @@ int smb2_lock(struct ksmbd_work *work)
cmp_lock->end > smb_lock->start) ||
(cmp_lock->start < smb_lock->end && cmp_lock->end >= smb_lock->end)) &&
!cmp_lock->zero_len && !smb_lock->zero_len) {
- ksmbd_err("Not allow lock operation on exclusive lock range\n");
+ pr_err("Not allow lock operation on exclusive lock range\n");
rsp->hdr.Status =
STATUS_LOCK_NOT_GRANTED;
goto out;
@@ -6658,7 +6658,7 @@ int smb2_lock(struct ksmbd_work *work)
}
if (smb_lock->fl->fl_type == F_UNLCK && nolock) {
- ksmbd_err("Try to unlock nolocked range\n");
+ pr_err("Try to unlock nolocked range\n");
rsp->hdr.Status = STATUS_RANGE_NOT_LOCKED;
goto out;
}
@@ -6787,7 +6787,7 @@ int smb2_lock(struct ksmbd_work *work)
err = ksmbd_vfs_lock(filp, 0, rlock);
if (err)
- ksmbd_err("rollback unlock fail : %d\n", err);
+ pr_err("rollback unlock fail : %d\n", err);
list_del(&smb_lock->llist);
list_del(&smb_lock->glist);
locks_free_lock(smb_lock->fl);
@@ -6974,8 +6974,8 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
netdev->ethtool_ops->get_link_ksettings(netdev, &cmd);
speed = cmd.base.speed;
} else {
- ksmbd_err("%s %s\n", netdev->name,
- "speed is unknown, defaulting to 1Gb/sec");
+ pr_err("%s %s\n", netdev->name,
+ "speed is unknown, defaulting to 1Gb/sec");
speed = SPEED_1000;
}
@@ -7387,7 +7387,7 @@ int smb2_ioctl(struct ksmbd_work *work)
reparse_ptr = (struct reparse_data_buffer *)&rsp->Buffer[0];
fp = ksmbd_lookup_fd_fast(work, id);
if (!fp) {
- ksmbd_err("not found fp!!\n");
+ pr_err("not found fp!!\n");
ret = -ENOENT;
goto out;
}
@@ -7410,14 +7410,14 @@ int smb2_ioctl(struct ksmbd_work *work)
fp_in = ksmbd_lookup_fd_slow(work, dup_ext->VolatileFileHandle,
dup_ext->PersistentFileHandle);
if (!fp_in) {
- ksmbd_err("not found file handle in duplicate extent to file\n");
+ pr_err("not found file handle in duplicate extent to file\n");
ret = -ENOENT;
goto out;
}
fp_out = ksmbd_lookup_fd_fast(work, id);
if (!fp_out) {
- ksmbd_err("not found fp\n");
+ pr_err("not found fp\n");
ret = -ENOENT;
goto dup_ext_out;
}
@@ -7514,7 +7514,7 @@ static void smb20_oplock_break_ack(struct ksmbd_work *work)
opinfo = opinfo_get(fp);
if (!opinfo) {
- ksmbd_err("unexpected null oplock_info\n");
+ pr_err("unexpected null oplock_info\n");
rsp->hdr.Status = STATUS_INVALID_OPLOCK_PROTOCOL;
smb2_set_err_rsp(work);
ksmbd_fd_put(work, fp);
@@ -7577,8 +7577,8 @@ static void smb20_oplock_break_ack(struct ksmbd_work *work)
rsp_oplevel = SMB2_OPLOCK_LEVEL_NONE;
break;
default:
- ksmbd_err("unknown oplock change 0x%x -> 0x%x\n",
- opinfo->level, rsp_oplevel);
+ pr_err("unknown oplock change 0x%x -> 0x%x\n",
+ opinfo->level, rsp_oplevel);
}
if (ret < 0) {
@@ -7654,8 +7654,8 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
lease = opinfo->o_lease;
if (opinfo->op_state == OPLOCK_STATE_NONE) {
- ksmbd_err("unexpected lease break state 0x%x\n",
- opinfo->op_state);
+ pr_err("unexpected lease break state 0x%x\n",
+ opinfo->op_state);
rsp->hdr.Status = STATUS_UNSUCCESSFUL;
goto err_out;
}
@@ -7868,7 +7868,7 @@ int smb2_check_sign_req(struct ksmbd_work *work)
return 0;
if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
- ksmbd_err("bad smb2 signature\n");
+ pr_err("bad smb2 signature\n");
return 0;
}
@@ -7965,7 +7965,7 @@ int smb3_check_sign_req(struct ksmbd_work *work)
}
if (!signing_key) {
- ksmbd_err("SMB3 signing key is not generated\n");
+ pr_err("SMB3 signing key is not generated\n");
return 0;
}
@@ -7978,7 +7978,7 @@ int smb3_check_sign_req(struct ksmbd_work *work)
return 0;
if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
- ksmbd_err("bad smb2 signature\n");
+ pr_err("bad smb2 signature\n");
return 0;
}
@@ -8175,20 +8175,20 @@ int smb3_decrypt_req(struct ksmbd_work *work)
sess = ksmbd_session_lookup_all(conn, le64_to_cpu(tr_hdr->SessionId));
if (!sess) {
- ksmbd_err("invalid session id(%llx) in transform header\n",
- le64_to_cpu(tr_hdr->SessionId));
+ pr_err("invalid session id(%llx) in transform header\n",
+ le64_to_cpu(tr_hdr->SessionId));
return -ECONNABORTED;
}
if (pdu_length + 4 <
sizeof(struct smb2_transform_hdr) + sizeof(struct smb2_hdr)) {
- ksmbd_err("Transform message is too small (%u)\n",
- pdu_length);
+ pr_err("Transform message is too small (%u)\n",
+ pdu_length);
return -ECONNABORTED;
}
if (pdu_length + 4 < orig_len + sizeof(struct smb2_transform_hdr)) {
- ksmbd_err("Transform message is broken\n");
+ pr_err("Transform message is broken\n");
return -ECONNABORTED;
}
diff --git a/fs/cifsd/smb_common.c b/fs/cifsd/smb_common.c
index d74b2ce08187..5bf644d7e321 100644
--- a/fs/cifsd/smb_common.c
+++ b/fs/cifsd/smb_common.c
@@ -447,7 +447,7 @@ int ksmbd_smb_negotiate_common(struct ksmbd_work *work, unsigned int command)
return smb_handle_negotiate(work);
}
- ksmbd_err("Unknown SMB negotiation command: %u\n", command);
+ pr_err("Unknown SMB negotiation command: %u\n", command);
return -EINVAL;
}
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index 63db8c015f9d..23c952612db4 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -264,8 +264,8 @@ static int sid_to_id(struct smb_sid *psid, uint sidtype,
* Just return an error.
*/
if (unlikely(psid->num_subauth > SID_MAX_SUB_AUTHORITIES)) {
- ksmbd_err("%s: %u subauthorities is too many!\n",
- __func__, psid->num_subauth);
+ pr_err("%s: %u subauthorities is too many!\n",
+ __func__, psid->num_subauth);
return -EIO;
}
@@ -383,7 +383,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
/* validate that we do not go past end of acl */
if (end_of_acl <= (char *)pdacl ||
end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size)) {
- ksmbd_err("ACL too small to parse DACL\n");
+ pr_err("ACL too small to parse DACL\n");
return;
}
@@ -477,8 +477,8 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
temp_fattr.cf_uid = INVALID_UID;
ret = sid_to_id(&ppace[i]->sid, SIDOWNER, &temp_fattr);
if (ret || uid_eq(temp_fattr.cf_uid, INVALID_UID)) {
- ksmbd_err("%s: Error %d mapping Owner SID to uid\n",
- __func__, ret);
+ pr_err("%s: Error %d mapping Owner SID to uid\n",
+ __func__, ret);
continue;
}
@@ -764,7 +764,7 @@ static int parse_sid(struct smb_sid *psid, char *end_of_acl)
* bytes long (assuming no sub-auths - e.g. the null SID
*/
if (end_of_acl < (char *)psid + 8) {
- ksmbd_err("ACL too small to parse SID %p\n", psid);
+ pr_err("ACL too small to parse SID %p\n", psid);
return -EINVAL;
}
@@ -808,14 +808,14 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
if (pntsd->osidoffset) {
rc = parse_sid(owner_sid_ptr, end_of_acl);
if (rc) {
- ksmbd_err("%s: Error %d parsing Owner SID\n", __func__, rc);
+ pr_err("%s: Error %d parsing Owner SID\n", __func__, rc);
return rc;
}
rc = sid_to_id(owner_sid_ptr, SIDOWNER, fattr);
if (rc) {
- ksmbd_err("%s: Error %d mapping Owner SID to uid\n",
- __func__, rc);
+ pr_err("%s: Error %d mapping Owner SID to uid\n",
+ __func__, rc);
owner_sid_ptr = NULL;
}
}
@@ -823,14 +823,14 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
if (pntsd->gsidoffset) {
rc = parse_sid(group_sid_ptr, end_of_acl);
if (rc) {
- ksmbd_err("%s: Error %d mapping Owner SID to gid\n",
- __func__, rc);
+ pr_err("%s: Error %d mapping Owner SID to gid\n",
+ __func__, rc);
return rc;
}
rc = sid_to_id(group_sid_ptr, SIDUNIX_GROUP, fattr);
if (rc) {
- ksmbd_err("%s: Error %d mapping Group SID to gid\n",
- __func__, rc);
+ pr_err("%s: Error %d mapping Group SID to gid\n",
+ __func__, rc);
group_sid_ptr = NULL;
}
}
diff --git a/fs/cifsd/transport_ipc.c b/fs/cifsd/transport_ipc.c
index 2bcc1cad6037..13eacfda64ac 100644
--- a/fs/cifsd/transport_ipc.c
+++ b/fs/cifsd/transport_ipc.c
@@ -43,11 +43,11 @@ static unsigned int ksmbd_tools_pid;
static bool ksmbd_ipc_validate_version(struct genl_info *m)
{
if (m->genlhdr->version != KSMBD_GENL_VERSION) {
- ksmbd_err("%s. ksmbd: %d, kernel module: %d. %s.\n",
- "Daemon and kernel module version mismatch",
- m->genlhdr->version,
- KSMBD_GENL_VERSION,
- "User-space ksmbd should terminate");
+ pr_err("%s. ksmbd: %d, kernel module: %d. %s.\n",
+ "Daemon and kernel module version mismatch",
+ m->genlhdr->version,
+ KSMBD_GENL_VERSION,
+ "User-space ksmbd should terminate");
return false;
}
return true;
@@ -267,8 +267,8 @@ static int handle_response(int type, void *payload, size_t sz)
* request message type + 1.
*/
if (entry->type + 1 != type) {
- ksmbd_err("Waiting for IPC type %d, got %d. Ignore.\n",
- entry->type + 1, type);
+ pr_err("Waiting for IPC type %d, got %d. Ignore.\n",
+ entry->type + 1, type);
}
entry->response = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO);
@@ -313,9 +313,9 @@ static int ipc_server_config_on_startup(struct ksmbd_startup_request *req)
ret |= ksmbd_tcp_set_interfaces(KSMBD_STARTUP_CONFIG_INTERFACES(req),
req->ifc_list_sz);
if (ret) {
- ksmbd_err("Server configuration error: %s %s %s\n",
- req->netbios_name, req->server_string,
- req->work_group);
+ pr_err("Server configuration error: %s %s %s\n",
+ req->netbios_name, req->server_string,
+ req->work_group);
return ret;
}
@@ -353,7 +353,7 @@ static int handle_startup_event(struct sk_buff *skb, struct genl_info *info)
mutex_lock(&startup_lock);
if (!ksmbd_server_configurable()) {
mutex_unlock(&startup_lock);
- ksmbd_err("Server reset is in progress, can't start daemon\n");
+ pr_err("Server reset is in progress, can't start daemon\n");
return -EINVAL;
}
@@ -363,7 +363,7 @@ static int handle_startup_event(struct sk_buff *skb, struct genl_info *info)
goto out;
}
- ksmbd_err("Reconnect to a new user space daemon\n");
+ pr_err("Reconnect to a new user space daemon\n");
} else {
struct ksmbd_startup_request *req;
@@ -384,7 +384,7 @@ static int handle_startup_event(struct sk_buff *skb, struct genl_info *info)
static int handle_unsupported_event(struct sk_buff *skb, struct genl_info *info)
{
- ksmbd_err("Unknown IPC event: %d, ignore.\n", info->genlhdr->cmd);
+ pr_err("Unknown IPC event: %d, ignore.\n", info->genlhdr->cmd);
return -EINVAL;
}
@@ -827,7 +827,7 @@ static int __ipc_heartbeat(void)
WRITE_ONCE(server_conf.state, SERVER_STATE_RESETTING);
server_conf.ipc_last_active = 0;
ksmbd_tools_pid = 0;
- ksmbd_err("No IPC daemon response for %lus\n", delta / HZ);
+ pr_err("No IPC daemon response for %lus\n", delta / HZ);
mutex_unlock(&startup_lock);
return -EINVAL;
}
@@ -871,7 +871,7 @@ int ksmbd_ipc_init(void)
ret = genl_register_family(&ksmbd_genl_family);
if (ret) {
- ksmbd_err("Failed to register KSMBD netlink interface %d\n", ret);
+ pr_err("Failed to register KSMBD netlink interface %d\n", ret);
cancel_delayed_work_sync(&ipc_timer_work);
}
diff --git a/fs/cifsd/transport_rdma.c b/fs/cifsd/transport_rdma.c
index 52237f023b66..bd7a090d5350 100644
--- a/fs/cifsd/transport_rdma.c
+++ b/fs/cifsd/transport_rdma.c
@@ -525,9 +525,9 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_RECV) {
if (wc->status != IB_WC_WR_FLUSH_ERR) {
- ksmbd_err("Recv error. status='%s (%d)' opcode=%d\n",
- ib_wc_status_msg(wc->status), wc->status,
- wc->opcode);
+ pr_err("Recv error. status='%s (%d)' opcode=%d\n",
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
smb_direct_disconnect_rdma_connection(t);
}
put_empty_recvmsg(t, recvmsg);
@@ -623,7 +623,7 @@ static int smb_direct_post_recv(struct smb_direct_transport *t,
ret = ib_post_recv(t->qp, &wr, NULL);
if (ret) {
- ksmbd_err("Can't post recv: %d\n", ret);
+ pr_err("Can't post recv: %d\n", ret);
ib_dma_unmap_single(t->cm_id->device,
recvmsg->sge.addr, recvmsg->sge.length,
DMA_FROM_DEVICE);
@@ -645,7 +645,7 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
again:
if (st->status != SMB_DIRECT_CS_CONNECTED) {
- ksmbd_err("disconnected\n");
+ pr_err("disconnected\n");
return -ENOTCONN;
}
@@ -794,7 +794,7 @@ static void smb_direct_post_recv_credits(struct work_struct *work)
ret = smb_direct_post_recv(t, recvmsg);
if (ret) {
- ksmbd_err("Can't post recv: %d\n", ret);
+ pr_err("Can't post recv: %d\n", ret);
put_recvmsg(t, recvmsg);
break;
}
@@ -829,9 +829,9 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc)
wc->opcode);
if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
- ksmbd_err("Send error. status='%s (%d)', opcode=%d\n",
- ib_wc_status_msg(wc->status), wc->status,
- wc->opcode);
+ pr_err("Send error. status='%s (%d)', opcode=%d\n",
+ ib_wc_status_msg(wc->status), wc->status,
+ wc->opcode);
smb_direct_disconnect_rdma_connection(t);
}
@@ -880,7 +880,7 @@ static int smb_direct_post_send(struct smb_direct_transport *t,
ret = ib_post_send(t->qp, wr, NULL);
if (ret) {
- ksmbd_err("failed to post send: %d\n", ret);
+ pr_err("failed to post send: %d\n", ret);
if (wr->num_sge > 1) {
if (atomic_dec_and_test(&t->send_payload_pending))
wake_up(&t->wait_send_payload_pending);
@@ -1158,11 +1158,11 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
sg, SMB_DIRECT_MAX_SEND_SGES - 1,
DMA_TO_DEVICE);
if (sg_cnt <= 0) {
- ksmbd_err("failed to map buffer\n");
+ pr_err("failed to map buffer\n");
ret = -ENOMEM;
goto err;
} else if (sg_cnt + msg->num_sge > SMB_DIRECT_MAX_SEND_SGES - 1) {
- ksmbd_err("buffer not fitted into sges\n");
+ pr_err("buffer not fitted into sges\n");
ret = -E2BIG;
ib_dma_unmap_sg(t->cm_id->device, sg, sg_cnt,
DMA_TO_DEVICE);
@@ -1290,8 +1290,8 @@ static void read_write_done(struct ib_cq *cq, struct ib_wc *wc,
struct smb_direct_transport *t = msg->t;
if (wc->status != IB_WC_SUCCESS) {
- ksmbd_err("read/write error. opcode = %d, status = %s(%d)\n",
- wc->opcode, ib_wc_status_msg(wc->status), wc->status);
+ pr_err("read/write error. opcode = %d, status = %s(%d)\n",
+ wc->opcode, ib_wc_status_msg(wc->status), wc->status);
smb_direct_disconnect_rdma_connection(t);
}
@@ -1348,7 +1348,7 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
ret = get_sg_list(buf, buf_len, msg->sgt.sgl, msg->sgt.orig_nents);
if (ret <= 0) {
- ksmbd_err("failed to get pages\n");
+ pr_err("failed to get pages\n");
goto err;
}
@@ -1357,7 +1357,7 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
0, remote_offset, remote_key,
is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
if (ret < 0) {
- ksmbd_err("failed to init rdma_rw_ctx: %d\n", ret);
+ pr_err("failed to init rdma_rw_ctx: %d\n", ret);
goto err;
}
@@ -1369,7 +1369,7 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
ret = ib_post_send(t->qp, first_wr, NULL);
if (ret) {
- ksmbd_err("failed to post send wr: %d\n", ret);
+ pr_err("failed to post send wr: %d\n", ret);
goto err;
}
@@ -1445,9 +1445,9 @@ static int smb_direct_cm_handler(struct rdma_cm_id *cm_id,
break;
}
default:
- ksmbd_err("Unexpected RDMA CM event. cm_id=%p, event=%s (%d)\n",
- cm_id, rdma_event_msg(event->event),
- event->event);
+ pr_err("Unexpected RDMA CM event. cm_id=%p, event=%s (%d)\n",
+ cm_id, rdma_event_msg(event->event),
+ event->event);
break;
}
return 0;
@@ -1557,7 +1557,7 @@ static int smb_direct_accept_client(struct smb_direct_transport *t)
ret = rdma_accept(t->cm_id, &conn_param);
if (ret) {
- ksmbd_err("error at rdma_accept: %d\n", ret);
+ pr_err("error at rdma_accept: %d\n", ret);
return ret;
}
@@ -1581,14 +1581,14 @@ static int smb_direct_negotiate(struct smb_direct_transport *t)
ret = smb_direct_post_recv(t, recvmsg);
if (ret) {
- ksmbd_err("Can't post recv: %d\n", ret);
+ pr_err("Can't post recv: %d\n", ret);
goto out;
}
t->negotiation_requested = false;
ret = smb_direct_accept_client(t);
if (ret) {
- ksmbd_err("Can't accept client\n");
+ pr_err("Can't accept client\n");
goto out;
}
@@ -1635,7 +1635,7 @@ static int smb_direct_init_params(struct smb_direct_transport *t,
t->max_send_size = smb_direct_max_send_size;
max_send_sges = DIV_ROUND_UP(t->max_send_size, PAGE_SIZE) + 2;
if (max_send_sges > SMB_DIRECT_MAX_SEND_SGES) {
- ksmbd_err("max_send_size %d is too large\n", t->max_send_size);
+ pr_err("max_send_size %d is too large\n", t->max_send_size);
return -EINVAL;
}
@@ -1655,31 +1655,31 @@ static int smb_direct_init_params(struct smb_direct_transport *t,
max_send_wrs = smb_direct_send_credit_target + max_rw_wrs;
if (max_send_wrs > device->attrs.max_cqe ||
max_send_wrs > device->attrs.max_qp_wr) {
- ksmbd_err("consider lowering send_credit_target = %d, or max_outstanding_rw_ops = %d\n",
- smb_direct_send_credit_target,
- smb_direct_max_outstanding_rw_ops);
- ksmbd_err("Possible CQE overrun, device reporting max_cqe %d max_qp_wr %d\n",
- device->attrs.max_cqe, device->attrs.max_qp_wr);
+ pr_err("consider lowering send_credit_target = %d, or max_outstanding_rw_ops = %d\n",
+ smb_direct_send_credit_target,
+ smb_direct_max_outstanding_rw_ops);
+ pr_err("Possible CQE overrun, device reporting max_cqe %d max_qp_wr %d\n",
+ device->attrs.max_cqe, device->attrs.max_qp_wr);
return -EINVAL;
}
if (smb_direct_receive_credit_max > device->attrs.max_cqe ||
smb_direct_receive_credit_max > device->attrs.max_qp_wr) {
- ksmbd_err("consider lowering receive_credit_max = %d\n",
- smb_direct_receive_credit_max);
- ksmbd_err("Possible CQE overrun, device reporting max_cpe %d max_qp_wr %d\n",
- device->attrs.max_cqe, device->attrs.max_qp_wr);
+ pr_err("consider lowering receive_credit_max = %d\n",
+ smb_direct_receive_credit_max);
+ pr_err("Possible CQE overrun, device reporting max_cpe %d max_qp_wr %d\n",
+ device->attrs.max_cqe, device->attrs.max_qp_wr);
return -EINVAL;
}
if (device->attrs.max_send_sge < SMB_DIRECT_MAX_SEND_SGES) {
- ksmbd_err("warning: device max_send_sge = %d too small\n",
- device->attrs.max_send_sge);
+ pr_err("warning: device max_send_sge = %d too small\n",
+ device->attrs.max_send_sge);
return -EINVAL;
}
if (device->attrs.max_recv_sge < SMB_DIRECT_MAX_RECV_SGES) {
- ksmbd_err("warning: device max_recv_sge = %d too small\n",
- device->attrs.max_recv_sge);
+ pr_err("warning: device max_recv_sge = %d too small\n",
+ device->attrs.max_recv_sge);
return -EINVAL;
}
@@ -1788,7 +1788,7 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
t->pd = ib_alloc_pd(t->cm_id->device, 0);
if (IS_ERR(t->pd)) {
- ksmbd_err("Can't create RDMA PD\n");
+ pr_err("Can't create RDMA PD\n");
ret = PTR_ERR(t->pd);
t->pd = NULL;
return ret;
@@ -1797,7 +1797,7 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
t->send_cq = ib_alloc_cq(t->cm_id->device, t,
t->send_credit_target, 0, IB_POLL_WORKQUEUE);
if (IS_ERR(t->send_cq)) {
- ksmbd_err("Can't create RDMA send CQ\n");
+ pr_err("Can't create RDMA send CQ\n");
ret = PTR_ERR(t->send_cq);
t->send_cq = NULL;
goto err;
@@ -1807,7 +1807,7 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
cap->max_send_wr + cap->max_rdma_ctxs,
0, IB_POLL_WORKQUEUE);
if (IS_ERR(t->recv_cq)) {
- ksmbd_err("Can't create RDMA recv CQ\n");
+ pr_err("Can't create RDMA recv CQ\n");
ret = PTR_ERR(t->recv_cq);
t->recv_cq = NULL;
goto err;
@@ -1825,7 +1825,7 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
ret = rdma_create_qp(t->cm_id, t->pd, &qp_attr);
if (ret) {
- ksmbd_err("Can't create RDMA QP: %d\n", ret);
+ pr_err("Can't create RDMA QP: %d\n", ret);
goto err;
}
@@ -1861,25 +1861,25 @@ static int smb_direct_prepare(struct ksmbd_transport *t)
ret = smb_direct_init_params(st, &qp_cap);
if (ret) {
- ksmbd_err("Can't configure RDMA parameters\n");
+ pr_err("Can't configure RDMA parameters\n");
return ret;
}
ret = smb_direct_create_pools(st);
if (ret) {
- ksmbd_err("Can't init RDMA pool: %d\n", ret);
+ pr_err("Can't init RDMA pool: %d\n", ret);
return ret;
}
ret = smb_direct_create_qpair(st, &qp_cap);
if (ret) {
- ksmbd_err("Can't accept RDMA client: %d\n", ret);
+ pr_err("Can't accept RDMA client: %d\n", ret);
return ret;
}
ret = smb_direct_negotiate(st);
if (ret) {
- ksmbd_err("Can't negotiate: %d\n", ret);
+ pr_err("Can't negotiate: %d\n", ret);
return ret;
}
@@ -1917,7 +1917,7 @@ static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
if (IS_ERR(KSMBD_TRANS(t)->handler)) {
int ret = PTR_ERR(KSMBD_TRANS(t)->handler);
- ksmbd_err("Can't start thread\n");
+ pr_err("Can't start thread\n");
free_transport(t);
return ret;
}
@@ -1933,7 +1933,7 @@ static int smb_direct_listen_handler(struct rdma_cm_id *cm_id,
int ret = smb_direct_handle_connect_request(cm_id);
if (ret) {
- ksmbd_err("Can't create transport: %d\n", ret);
+ pr_err("Can't create transport: %d\n", ret);
return ret;
}
@@ -1942,8 +1942,8 @@ static int smb_direct_listen_handler(struct rdma_cm_id *cm_id,
break;
}
default:
- ksmbd_err("Unexpected listen event. cm_id=%p, event=%s (%d)\n",
- cm_id, rdma_event_msg(event->event), event->event);
+ pr_err("Unexpected listen event. cm_id=%p, event=%s (%d)\n",
+ cm_id, rdma_event_msg(event->event), event->event);
break;
}
return 0;
@@ -1962,13 +1962,13 @@ static int smb_direct_listen(int port)
cm_id = rdma_create_id(&init_net, smb_direct_listen_handler,
&smb_direct_listener, RDMA_PS_TCP, IB_QPT_RC);
if (IS_ERR(cm_id)) {
- ksmbd_err("Can't create cm id: %ld\n", PTR_ERR(cm_id));
+ pr_err("Can't create cm id: %ld\n", PTR_ERR(cm_id));
return PTR_ERR(cm_id);
}
ret = rdma_bind_addr(cm_id, (struct sockaddr *)&sin);
if (ret) {
- ksmbd_err("Can't bind: %d\n", ret);
+ pr_err("Can't bind: %d\n", ret);
goto err;
}
@@ -1976,7 +1976,7 @@ static int smb_direct_listen(int port)
ret = rdma_listen(cm_id, 10);
if (ret) {
- ksmbd_err("Can't listen: %d\n", ret);
+ pr_err("Can't listen: %d\n", ret);
goto err;
}
return 0;
@@ -2006,7 +2006,7 @@ int ksmbd_rdma_init(void)
if (ret) {
destroy_workqueue(smb_direct_wq);
smb_direct_wq = NULL;
- ksmbd_err("Can't listen: %d\n", ret);
+ pr_err("Can't listen: %d\n", ret);
return ret;
}
diff --git a/fs/cifsd/transport_tcp.c b/fs/cifsd/transport_tcp.c
index 16702b7874f4..56ec11ff5a9f 100644
--- a/fs/cifsd/transport_tcp.c
+++ b/fs/cifsd/transport_tcp.c
@@ -190,7 +190,7 @@ static int ksmbd_tcp_new_connection(struct socket *client_sk)
csin = KSMBD_TCP_PEER_SOCKADDR(KSMBD_TRANS(t)->conn);
if (kernel_getpeername(client_sk, csin) < 0) {
- ksmbd_err("client ip resolution failed\n");
+ pr_err("client ip resolution failed\n");
rc = -EINVAL;
goto out_error;
}
@@ -200,7 +200,7 @@ static int ksmbd_tcp_new_connection(struct socket *client_sk)
"ksmbd:%u",
ksmbd_tcp_get_port(csin));
if (IS_ERR(KSMBD_TRANS(t)->handler)) {
- ksmbd_err("cannot start conn thread\n");
+ pr_err("cannot start conn thread\n");
rc = PTR_ERR(KSMBD_TRANS(t)->handler);
free_transport(t);
}
@@ -380,7 +380,7 @@ static void tcp_destroy_socket(struct socket *ksmbd_socket)
ret = kernel_sock_shutdown(ksmbd_socket, SHUT_RDWR);
if (ret)
- ksmbd_err("Failed to shutdown socket: %d\n", ret);
+ pr_err("Failed to shutdown socket: %d\n", ret);
else
sock_release(ksmbd_socket);
}
@@ -400,11 +400,11 @@ static int create_socket(struct interface *iface)
ret = sock_create(PF_INET6, SOCK_STREAM, IPPROTO_TCP, &ksmbd_socket);
if (ret) {
- ksmbd_err("Can't create socket for ipv6, try ipv4: %d\n", ret);
+ pr_err("Can't create socket for ipv6, try ipv4: %d\n", ret);
ret = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP,
&ksmbd_socket);
if (ret) {
- ksmbd_err("Can't create socket for ipv4: %d\n", ret);
+ pr_err("Can't create socket for ipv4: %d\n", ret);
goto out_error;
}
@@ -427,7 +427,7 @@ static int create_socket(struct interface *iface)
KERNEL_SOCKPTR(iface->name),
strlen(iface->name));
if (ret != -ENODEV && ret < 0) {
- ksmbd_err("Failed to set SO_BINDTODEVICE: %d\n", ret);
+ pr_err("Failed to set SO_BINDTODEVICE: %d\n", ret);
goto out_error;
}
@@ -438,7 +438,7 @@ static int create_socket(struct interface *iface)
ret = kernel_bind(ksmbd_socket, (struct sockaddr *)&sin6,
sizeof(sin6));
if (ret) {
- ksmbd_err("Failed to bind socket: %d\n", ret);
+ pr_err("Failed to bind socket: %d\n", ret);
goto out_error;
}
@@ -447,14 +447,14 @@ static int create_socket(struct interface *iface)
ret = kernel_listen(ksmbd_socket, KSMBD_SOCKET_BACKLOG);
if (ret) {
- ksmbd_err("Port listen() error: %d\n", ret);
+ pr_err("Port listen() error: %d\n", ret);
goto out_error;
}
iface->ksmbd_socket = ksmbd_socket;
ret = ksmbd_tcp_run_kthread(iface);
if (ret) {
- ksmbd_err("Can't start ksmbd main kthread: %d\n", ret);
+ pr_err("Can't start ksmbd main kthread: %d\n", ret);
goto out_error;
}
iface->state = IFACE_STATE_CONFIGURED;
@@ -540,7 +540,7 @@ static void tcp_stop_kthread(struct task_struct *kthread)
ret = kthread_stop(kthread);
if (ret)
- ksmbd_err("failed to stop forker thread\n");
+ pr_err("failed to stop forker thread\n");
}
void ksmbd_tcp_destroy(void)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index ef74e56cd05f..ad08bad8df4e 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -45,7 +45,7 @@ static char *extract_last_component(char *path)
p++;
} else {
p = NULL;
- ksmbd_err("Invalid path %s\n", path);
+ pr_err("Invalid path %s\n", path);
}
return p;
}
@@ -170,8 +170,8 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
if (err != -ENOENT)
- ksmbd_err("path create failed for %s, err %d\n",
- name, err);
+ pr_err("path create failed for %s, err %d\n",
+ name, err);
return err;
}
@@ -181,7 +181,7 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
d_inode(dentry));
} else {
- ksmbd_err("File(%s): creation failed (err:%d)\n", name, err);
+ pr_err("File(%s): creation failed (err:%d)\n", name, err);
}
done_path_create(&path, dentry);
return err;
@@ -235,7 +235,7 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
out:
done_path_create(&path, dentry);
if (err)
- ksmbd_err("mkdir(%s): creation failed (err:%d)\n", name, err);
+ pr_err("mkdir(%s): creation failed (err:%d)\n", name, err);
return err;
}
@@ -259,7 +259,7 @@ static ssize_t ksmbd_vfs_getcasexattr(struct dentry *dentry, char *attr_name,
name,
attr_value);
if (value_len < 0)
- ksmbd_err("failed to get xattr in file\n");
+ pr_err("failed to get xattr in file\n");
break;
}
@@ -324,7 +324,7 @@ static int check_lock_range(struct file *filp, loff_t start, loff_t end,
if (flock->fl_end >= start && end >= flock->fl_start) {
if (flock->fl_type == F_RDLCK) {
if (type == WRITE) {
- ksmbd_err("not allow write by shared lock\n");
+ pr_err("not allow write by shared lock\n");
error = 1;
goto out;
}
@@ -332,7 +332,7 @@ static int check_lock_range(struct file *filp, loff_t start, loff_t end,
/* check owner in lock */
if (flock->fl_file != filp) {
error = 1;
- ksmbd_err("not allow rw access by exclusive lock from other opens\n");
+ pr_err("not allow rw access by exclusive lock from other opens\n");
goto out;
}
}
@@ -368,7 +368,7 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
if (work->conn->connection_type) {
if (!(fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) {
- ksmbd_err("no right to read(%s)\n", FP_FILENAME(fp));
+ pr_err("no right to read(%s)\n", FP_FILENAME(fp));
return -EACCES;
}
}
@@ -381,15 +381,15 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
ret = check_lock_range(filp, *pos, *pos + count - 1, READ);
if (ret) {
- ksmbd_err("unable to read due to lock\n");
+ pr_err("unable to read due to lock\n");
return -EAGAIN;
}
}
nbytes = kernel_read(filp, rbuf, count, pos);
if (nbytes < 0) {
- ksmbd_err("smb read failed for (%s), err = %zd\n",
- fp->filename, nbytes);
+ pr_err("smb read failed for (%s), err = %zd\n",
+ fp->filename, nbytes);
return nbytes;
}
@@ -418,7 +418,7 @@ static int ksmbd_vfs_stream_write(struct ksmbd_file *fp, char *buf, loff_t *pos,
fp->stream.size,
&stream_buf);
if ((int)v_len < 0) {
- ksmbd_err("not found stream in xattr : %zd\n", v_len);
+ pr_err("not found stream in xattr : %zd\n", v_len);
err = (int)v_len;
goto out;
}
@@ -476,7 +476,7 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
if (sess->conn->connection_type) {
if (!(fp->daccess & FILE_WRITE_DATA_LE)) {
- ksmbd_err("no right to write(%s)\n", FP_FILENAME(fp));
+ pr_err("no right to write(%s)\n", FP_FILENAME(fp));
err = -EACCES;
goto out;
}
@@ -494,7 +494,7 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
if (!work->tcon->posix_extensions) {
err = check_lock_range(filp, *pos, *pos + count - 1, WRITE);
if (err) {
- ksmbd_err("unable to write due to lock\n");
+ pr_err("unable to write due to lock\n");
err = -EAGAIN;
goto out;
}
@@ -515,8 +515,8 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
if (sync) {
err = vfs_fsync_range(filp, offset, offset + *written, 0);
if (err < 0)
- ksmbd_err("fsync failed for filename = %s, err = %d\n",
- FP_FILENAME(fp), err);
+ pr_err("fsync failed for filename = %s, err = %d\n",
+ FP_FILENAME(fp), err);
}
out:
@@ -537,7 +537,7 @@ int ksmbd_vfs_getattr(struct path *path, struct kstat *stat)
err = vfs_getattr(path, stat, STATX_BTIME, AT_STATX_SYNC_AS_STAT);
if (err)
- ksmbd_err("getattr failed, err %d\n", err);
+ pr_err("getattr failed, err %d\n", err);
return err;
}
@@ -555,12 +555,12 @@ int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id)
fp = ksmbd_lookup_fd_slow(work, fid, p_id);
if (!fp) {
- ksmbd_err("failed to get filp for fid %llu\n", fid);
+ pr_err("failed to get filp for fid %llu\n", fid);
return -ENOENT;
}
err = vfs_fsync(fp->filp, 0);
if (err < 0)
- ksmbd_err("smb fsync failed, err = %d\n", err);
+ pr_err("smb fsync failed, err = %d\n", err);
ksmbd_fd_put(work, fp);
return err;
}
@@ -654,8 +654,8 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
err = kern_path(oldname, flags, &oldpath);
if (err) {
- ksmbd_err("cannot get linux path for %s, err = %d\n",
- oldname, err);
+ pr_err("cannot get linux path for %s, err = %d\n",
+ oldname, err);
goto out1;
}
@@ -663,13 +663,13 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
flags | LOOKUP_REVAL);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
- ksmbd_err("path create err for %s, err %d\n", newname, err);
+ pr_err("path create err for %s, err %d\n", newname, err);
goto out2;
}
err = -EXDEV;
if (oldpath.mnt != newpath.mnt) {
- ksmbd_err("vfs_link failed err %d\n", err);
+ pr_err("vfs_link failed err %d\n", err);
goto out3;
}
@@ -730,7 +730,7 @@ static int __ksmbd_vfs_rename(struct ksmbd_work *work,
dst_dent = lookup_one_len(dst_name, dst_dent_parent, strlen(dst_name));
err = PTR_ERR(dst_dent);
if (IS_ERR(dst_dent)) {
- ksmbd_err("lookup failed %s [%d]\n", dst_name, err);
+ pr_err("lookup failed %s [%d]\n", dst_name, err);
goto out;
}
@@ -747,7 +747,7 @@ static int __ksmbd_vfs_rename(struct ksmbd_work *work,
err = vfs_rename(&rd);
}
if (err)
- ksmbd_err("vfs_rename failed err %d\n", err);
+ pr_err("vfs_rename failed err %d\n", err);
if (dst_dent)
dput(dst_dent);
out:
@@ -835,14 +835,14 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
if (name) {
err = kern_path(name, 0, &path);
if (err) {
- ksmbd_err("cannot get linux path for %s, err %d\n",
- name, err);
+ pr_err("cannot get linux path for %s, err %d\n",
+ name, err);
return err;
}
err = vfs_truncate(&path, size);
if (err)
- ksmbd_err("truncate failed for %s err %d\n",
- name, err);
+ pr_err("truncate failed for %s err %d\n",
+ name, err);
path_put(&path);
} else {
struct file *filp;
@@ -864,15 +864,15 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
}
if (err) {
- ksmbd_err("failed due to lock\n");
+ pr_err("failed due to lock\n");
return -EAGAIN;
}
}
err = vfs_truncate(&filp->f_path, size);
if (err)
- ksmbd_err("truncate failed for filename : %s err %d\n",
- fp->filename, err);
+ pr_err("truncate failed for filename : %s err %d\n",
+ fp->filename, err);
}
return err;
@@ -1458,7 +1458,7 @@ static struct xattr_smb_acl *ksmbd_vfs_make_xattr_posix_acl(struct inode *inode,
xa_entry->type = SMB_ACL_MASK;
break;
default:
- ksmbd_err("unknown type : 0x%x\n", pa_entry->e_tag);
+ pr_err("unknown type : 0x%x\n", pa_entry->e_tag);
goto out;
}
@@ -1502,7 +1502,7 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
rc = ksmbd_gen_sd_hash(conn, acl.sd_buf, acl.sd_size, acl.hash);
if (rc) {
- ksmbd_err("failed to generate hash for ndr acl\n");
+ pr_err("failed to generate hash for ndr acl\n");
return rc;
}
@@ -1513,27 +1513,27 @@ int ksmbd_vfs_set_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
if (rc) {
- ksmbd_err("failed to encode ndr to posix acl\n");
+ pr_err("failed to encode ndr to posix acl\n");
goto out;
}
rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
acl.posix_acl_hash);
if (rc) {
- ksmbd_err("failed to generate hash for ndr acl\n");
+ pr_err("failed to generate hash for ndr acl\n");
goto out;
}
rc = ndr_encode_v4_ntacl(&sd_ndr, &acl);
if (rc) {
- ksmbd_err("failed to encode ndr to posix acl\n");
+ pr_err("failed to encode ndr to posix acl\n");
goto out;
}
rc = ksmbd_vfs_setxattr(dentry, XATTR_NAME_SD, sd_ndr.data,
sd_ndr.offset, 0);
if (rc < 0)
- ksmbd_err("Failed to store XATTR ntacl :%d\n", rc);
+ pr_err("Failed to store XATTR ntacl :%d\n", rc);
kfree(sd_ndr.data);
out:
@@ -1570,19 +1570,19 @@ int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
if (rc) {
- ksmbd_err("failed to encode ndr to posix acl\n");
+ pr_err("failed to encode ndr to posix acl\n");
goto out;
}
rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
cmp_hash);
if (rc) {
- ksmbd_err("failed to generate hash for ndr acl\n");
+ pr_err("failed to generate hash for ndr acl\n");
goto out;
}
if (memcmp(cmp_hash, acl.posix_acl_hash, XATTR_SD_HASH_SIZE)) {
- ksmbd_err("hash value diff\n");
+ pr_err("hash value diff\n");
rc = -EINVAL;
goto out;
}
@@ -1821,11 +1821,11 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
*total_size_written = 0;
if (!(src_fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) {
- ksmbd_err("no right to read(%s)\n", FP_FILENAME(src_fp));
+ pr_err("no right to read(%s)\n", FP_FILENAME(src_fp));
return -EACCES;
}
if (!(dst_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE))) {
- ksmbd_err("no right to write(%s)\n", FP_FILENAME(dst_fp));
+ pr_err("no right to write(%s)\n", FP_FILENAME(dst_fp));
return -EACCES;
}
diff --git a/fs/cifsd/vfs_cache.c b/fs/cifsd/vfs_cache.c
index 4cf14c247e9e..c88210b15289 100644
--- a/fs/cifsd/vfs_cache.c
+++ b/fs/cifsd/vfs_cache.c
@@ -185,7 +185,7 @@ static struct ksmbd_inode *ksmbd_inode_get(struct ksmbd_file *fp)
rc = ksmbd_inode_init(ci, fp);
if (rc) {
- ksmbd_err("inode initialized failed\n");
+ pr_err("inode initialized failed\n");
kfree(ci);
return NULL;
}
@@ -254,8 +254,8 @@ static void __ksmbd_inode_close(struct ksmbd_file *fp)
err = ksmbd_vfs_remove_xattr(filp->f_path.dentry,
fp->stream.name);
if (err)
- ksmbd_err("remove xattr failed : %s\n",
- fp->stream.name);
+ pr_err("remove xattr failed : %s\n",
+ fp->stream.name);
}
if (atomic_dec_and_test(&ci->m_count)) {
@@ -542,7 +542,7 @@ struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
fp = kmem_cache_zalloc(filp_cache, GFP_KERNEL);
if (!fp) {
- ksmbd_err("Failed to allocate memory\n");
+ pr_err("Failed to allocate memory\n");
return ERR_PTR(-ENOMEM);
}
@@ -698,7 +698,7 @@ int ksmbd_init_file_cache(void)
return 0;
out:
- ksmbd_err("failed to allocate file cache\n");
+ pr_err("failed to allocate file cache\n");
return -ENOMEM;
}
From patchwork Mon Nov 14 12:50:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183219
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:10 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:10 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:09 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 122/308] ksmbd: opencode to avoid trivial wrappers
Date: Mon, 14 Nov 2022 20:50:31 +0800
Message-ID: <20221114125337.1831594-123-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
bac2f3f1-84fc-4865-7d56-08dac63c639f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6846293
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit e8c061917133dd77410239bfc0fae151b1955af2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e8c061917133
-------------------------------
Opencode to avoid trivial wrappers that just make the code hard to
follow.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 19 ++++++++++++-------
fs/cifsd/vfs.c | 30 ++----------------------------
fs/cifsd/vfs.h | 4 ----
3 files changed, 14 insertions(+), 39 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 84f4cd7f545f..96a0cb512882 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -10,6 +10,7 @@
#include <linux/namei.h>
#include <linux/statfs.h>
#include <linux/ethtool.h>
+#include <linux/falloc.h>
#include "glob.h"
#include "smb2pdu.h"
@@ -2948,10 +2949,12 @@ int smb2_open(struct ksmbd_work *work)
ksmbd_debug(SMB,
"request smb2 create allocate size : %llu\n",
alloc_size);
- err = ksmbd_vfs_alloc_size(work, fp, alloc_size);
+ smb_break_all_levII_oplock(work, fp, 1);
+ err = vfs_fallocate(fp->filp, FALLOC_FL_KEEP_SIZE, 0,
+ alloc_size);
if (err < 0)
ksmbd_debug(SMB,
- "ksmbd_vfs_alloc_size is failed : %d\n",
+ "vfs_fallocate is failed : %d\n",
err);
}
@@ -3762,7 +3765,7 @@ int smb2_query_dir(struct ksmbd_work *work)
dir_fp->readdir_data.private = &query_dir_private;
set_ctx_actor(&dir_fp->readdir_data.ctx, __query_dir);
- rc = ksmbd_vfs_readdir(dir_fp->filp, &dir_fp->readdir_data);
+ rc = iterate_dir(dir_fp->filp, &dir_fp->readdir_data.ctx);
if (rc == 0)
restart_ctx(&dir_fp->readdir_data.ctx);
if (rc == -ENOSPC)
@@ -5465,9 +5468,11 @@ static int set_file_allocation_info(struct ksmbd_work *work,
inode = file_inode(fp->filp);
if (alloc_blks > inode->i_blocks) {
- rc = ksmbd_vfs_alloc_size(work, fp, alloc_blks * 512);
+ smb_break_all_levII_oplock(work, fp, 1);
+ rc = vfs_fallocate(fp->filp, FALLOC_FL_KEEP_SIZE, 0,
+ alloc_blks * 512);
if (rc && rc != -EOPNOTSUPP) {
- pr_err("ksmbd_vfs_alloc_size is failed : %d\n", rc);
+ pr_err("vfs_fallocate is failed : %d\n", rc);
return rc;
}
} else if (alloc_blks < inode->i_blocks) {
@@ -6672,7 +6677,7 @@ int smb2_lock(struct ksmbd_work *work)
flock = smb_lock->fl;
list_del(&smb_lock->llist);
retry:
- err = ksmbd_vfs_lock(filp, smb_lock->cmd, flock);
+ err = vfs_lock_file(filp, smb_lock->cmd, flock, NULL);
skip:
if (flags & SMB2_LOCKFLAG_UNLOCK) {
if (!err) {
@@ -6785,7 +6790,7 @@ int smb2_lock(struct ksmbd_work *work)
rlock->fl_start = smb_lock->start;
rlock->fl_end = smb_lock->end;
- err = ksmbd_vfs_lock(filp, 0, rlock);
+ err = vfs_lock_file(filp, 0, rlock, NULL);
if (err)
pr_err("rollback unlock fail : %d\n", err);
list_del(&smb_lock->llist);
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index ad08bad8df4e..1ba3fd95ba6b 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -1000,32 +1000,6 @@ void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option)
}
}
-/**
- * ksmbd_vfs_lock() - vfs helper for smb file locking
- * @filp: the file to apply the lock to
- * @cmd: type of locking operation (F_SETLK, F_GETLK, etc.)
- * @flock: The lock to be applied
- *
- * Return: 0 on success, otherwise error
- */
-int ksmbd_vfs_lock(struct file *filp, int cmd, struct file_lock *flock)
-{
- ksmbd_debug(VFS, "calling vfs_lock_file\n");
- return vfs_lock_file(filp, cmd, flock, NULL);
-}
-
-int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata)
-{
- return iterate_dir(file, &rdata->ctx);
-}
-
-int ksmbd_vfs_alloc_size(struct ksmbd_work *work, struct ksmbd_file *fp,
- loff_t len)
-{
- smb_break_all_levII_oplock(work, fp, 1);
- return vfs_fallocate(fp->filp, FALLOC_FL_KEEP_SIZE, 0, len);
-}
-
int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
loff_t off, loff_t len)
{
@@ -1216,7 +1190,7 @@ int ksmbd_vfs_empty_dir(struct ksmbd_file *fp)
set_ctx_actor(&readdir_data.ctx, __dir_empty);
readdir_data.dirent_count = 0;
- err = ksmbd_vfs_readdir(fp->filp, &readdir_data);
+ err = iterate_dir(fp->filp, &readdir_data.ctx);
if (readdir_data.dirent_count > 2)
err = -ENOTEMPTY;
else
@@ -1266,7 +1240,7 @@ static int ksmbd_vfs_lookup_in_dir(struct path *dir, char *name, size_t namelen)
if (IS_ERR(dfilp))
return PTR_ERR(dfilp);
- ret = ksmbd_vfs_readdir(dfilp, &readdir_data);
+ ret = iterate_dir(dfilp, &readdir_data.ctx);
if (readdir_data.dirent_count > 0)
ret = 0;
fput(dfilp);
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index 03b877e6520b..e1021f579f37 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -232,10 +232,6 @@ int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
bool caseless);
int ksmbd_vfs_empty_dir(struct ksmbd_file *fp);
void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option);
-int ksmbd_vfs_lock(struct file *filp, int cmd, struct file_lock *flock);
-int ksmbd_vfs_readdir(struct file *file, struct ksmbd_readdir_data *rdata);
-int ksmbd_vfs_alloc_size(struct ksmbd_work *work, struct ksmbd_file *fp,
- loff_t len);
int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
loff_t off, loff_t len);
struct file_allocated_range_buffer;
From patchwork Mon Nov 14 12:50:32 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183222
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:11 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:10 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:09 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 123/308] ksmbd: factor out a
ksmbd_validate_entry_in_use helper from __ksmbd_vfs_rename
Date: Mon, 14 Nov 2022 20:50:32 +0800
Message-ID: <20221114125337.1831594-124-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
aefc6c77-c939-4cf9-3483-08dac63c63e8
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.6823187
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 4b637fc18902600dfe722f9b1a45950bfc8bc7b5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4b637fc18902
-------------------------------
Factor out a self-contained helper to find sub file/dir in use.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/vfs.c | 41 ++++++++++++++++++++++++++---------------
1 file changed, 26 insertions(+), 15 deletions(-)
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 1ba3fd95ba6b..ca4c6c020a8e 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -687,6 +687,29 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
return err;
}
+static int ksmbd_validate_entry_in_use(struct dentry *src_dent)
+{
+ struct dentry *dst_dent;
+
+ spin_lock(&src_dent->d_lock);
+ list_for_each_entry(dst_dent, &src_dent->d_subdirs, d_child) {
+ struct ksmbd_file *child_fp;
+
+ if (d_really_is_negative(dst_dent))
+ continue;
+
+ child_fp = ksmbd_lookup_fd_inode(d_inode(dst_dent));
+ if (child_fp) {
+ spin_unlock(&src_dent->d_lock);
+ ksmbd_debug(VFS, "Forbid rename, sub file/dir is in use\n");
+ return -EACCES;
+ }
+ }
+ spin_unlock(&src_dent->d_lock);
+
+ return 0;
+}
+
static int __ksmbd_vfs_rename(struct ksmbd_work *work,
struct dentry *src_dent_parent,
struct dentry *src_dent,
@@ -698,21 +721,9 @@ static int __ksmbd_vfs_rename(struct ksmbd_work *work,
int err;
if (!work->tcon->posix_extensions) {
- spin_lock(&src_dent->d_lock);
- list_for_each_entry(dst_dent, &src_dent->d_subdirs, d_child) {
- struct ksmbd_file *child_fp;
-
- if (d_really_is_negative(dst_dent))
- continue;
-
- child_fp = ksmbd_lookup_fd_inode(d_inode(dst_dent));
- if (child_fp) {
- spin_unlock(&src_dent->d_lock);
- ksmbd_debug(VFS, "Forbid rename, sub file/dir is in use\n");
- return -EACCES;
- }
- }
- spin_unlock(&src_dent->d_lock);
+ err = ksmbd_validate_entry_in_use(src_dent);
+ if (err)
+ return err;
}
if (d_really_is_negative(src_dent_parent))
From patchwork Mon Nov 14 12:50:33 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183220
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:11 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:10 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:10 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 124/308] ksmbd: opencode posix acl functions
instead of wrappers
Date: Mon, 14 Nov 2022 20:50:33 +0800
Message-ID: <20221114125337.1831594-125-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f8778257-b983-4a41-599e-08dac63c6426
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7031082
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 67d1c432994cbf30f63ec35abba493b027f0c910
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/67d1c432994c
-------------------------------
Add select FS_POSIX_ACL in Kconfig and then opencode posix acl functions
instead of wrappers
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 4 ++--
fs/cifsd/smbacl.c | 14 +++++++-------
fs/cifsd/vfs.c | 44 +++++++++-----------------------------------
fs/cifsd/vfs.h | 4 ----
4 files changed, 18 insertions(+), 48 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 96a0cb512882..0d004c6d1c63 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2327,9 +2327,9 @@ static void ksmbd_acls_fattr(struct smb_fattr *fattr, struct inode *inode)
fattr->cf_mode = inode->i_mode;
fattr->cf_dacls = NULL;
- fattr->cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
+ fattr->cf_acls = get_acl(inode, ACL_TYPE_ACCESS);
if (S_ISDIR(inode->i_mode))
- fattr->cf_dacls = ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
+ fattr->cf_dacls = get_acl(inode, ACL_TYPE_DEFAULT);
}
/**
diff --git a/fs/cifsd/smbacl.c b/fs/cifsd/smbacl.c
index 23c952612db4..958937a548a1 100644
--- a/fs/cifsd/smbacl.c
+++ b/fs/cifsd/smbacl.c
@@ -532,7 +532,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
if (acl_state.users->n || acl_state.groups->n) {
acl_state.mask.allow = 0x07;
- fattr->cf_acls = ksmbd_vfs_posix_acl_alloc(acl_state.users->n +
+ fattr->cf_acls = posix_acl_alloc(acl_state.users->n +
acl_state.groups->n + 4, GFP_KERNEL);
if (fattr->cf_acls) {
cf_pace = fattr->cf_acls->a_entries;
@@ -543,7 +543,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
if (default_acl_state.users->n || default_acl_state.groups->n) {
default_acl_state.mask.allow = 0x07;
fattr->cf_dacls =
- ksmbd_vfs_posix_acl_alloc(default_acl_state.users->n +
+ posix_acl_alloc(default_acl_state.users->n +
default_acl_state.groups->n + 4, GFP_KERNEL);
if (fattr->cf_dacls) {
cf_pdace = fattr->cf_dacls->a_entries;
@@ -1202,7 +1202,7 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
granted = GENERIC_ALL_FLAGS;
}
- posix_acls = ksmbd_vfs_get_acl(d_inode(dentry), ACL_TYPE_ACCESS);
+ posix_acls = get_acl(d_inode(dentry), ACL_TYPE_ACCESS);
if (posix_acls && !found) {
unsigned int id = -1;
@@ -1287,11 +1287,11 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
ksmbd_vfs_remove_acl_xattrs(dentry);
/* Update posix acls */
if (fattr.cf_dacls) {
- rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS,
- fattr.cf_acls);
+ rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_ACCESS,
+ fattr.cf_acls);
if (S_ISDIR(inode->i_mode) && fattr.cf_dacls)
- rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT,
- fattr.cf_dacls);
+ rc = set_posix_acl(&init_user_ns, inode,
+ ACL_TYPE_DEFAULT, fattr.cf_dacls);
}
/* Check it only calling from SD BUFFER context */
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index ca4c6c020a8e..e34e536dc9ce 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -1407,7 +1407,7 @@ static struct xattr_smb_acl *ksmbd_vfs_make_xattr_posix_acl(struct inode *inode,
struct xattr_acl_entry *xa_entry;
int i;
- posix_acls = ksmbd_vfs_get_acl(inode, acl_type);
+ posix_acls = get_acl(inode, acl_type);
if (!posix_acls)
return NULL;
@@ -1630,34 +1630,6 @@ int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
return err;
}
-struct posix_acl *ksmbd_vfs_posix_acl_alloc(int count, gfp_t flags)
-{
-#if IS_ENABLED(CONFIG_FS_POSIX_ACL)
- return posix_acl_alloc(count, flags);
-#else
- return NULL;
-#endif
-}
-
-struct posix_acl *ksmbd_vfs_get_acl(struct inode *inode, int type)
-{
-#if IS_ENABLED(CONFIG_FS_POSIX_ACL)
- return get_acl(inode, type);
-#else
- return NULL;
-#endif
-}
-
-int ksmbd_vfs_set_posix_acl(struct inode *inode, int type,
- struct posix_acl *acl)
-{
-#if IS_ENABLED(CONFIG_FS_POSIX_ACL)
- return set_posix_acl(&init_user_ns, inode, type, acl);
-#else
- return -EOPNOTSUPP;
-#endif
-}
-
/**
* ksmbd_vfs_init_kstat() - convert unix stat information to smb stat format
* @p: destination buffer
@@ -1895,19 +1867,20 @@ int ksmbd_vfs_set_init_posix_acl(struct inode *inode)
acl_state.group.allow;
acl_state.mask.allow = 0x07;
- acls = ksmbd_vfs_posix_acl_alloc(6, GFP_KERNEL);
+ acls = posix_acl_alloc(6, GFP_KERNEL);
if (!acls) {
free_acl_state(&acl_state);
return -ENOMEM;
}
posix_state_to_acl(&acl_state, acls->a_entries);
- rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
+ rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_ACCESS, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
rc);
else if (S_ISDIR(inode->i_mode)) {
posix_state_to_acl(&acl_state, acls->a_entries);
- rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT, acls);
+ rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_DEFAULT,
+ acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
rc);
@@ -1923,7 +1896,7 @@ int ksmbd_vfs_inherit_posix_acl(struct inode *inode, struct inode *parent_inode)
struct posix_acl_entry *pace;
int rc, i;
- acls = ksmbd_vfs_get_acl(parent_inode, ACL_TYPE_DEFAULT);
+ acls = get_acl(parent_inode, ACL_TYPE_DEFAULT);
if (!acls)
return -ENOENT;
pace = acls->a_entries;
@@ -1935,12 +1908,13 @@ int ksmbd_vfs_inherit_posix_acl(struct inode *inode, struct inode *parent_inode)
}
}
- rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
+ rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_ACCESS, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
rc);
if (S_ISDIR(inode->i_mode)) {
- rc = ksmbd_vfs_set_posix_acl(inode, ACL_TYPE_DEFAULT, acls);
+ rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_DEFAULT,
+ acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
rc);
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index e1021f579f37..29352c227028 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -258,10 +258,6 @@ int ksmbd_vfs_set_dos_attrib_xattr(struct dentry *dentry,
struct xattr_dos_attrib *da);
int ksmbd_vfs_get_dos_attrib_xattr(struct dentry *dentry,
struct xattr_dos_attrib *da);
-struct posix_acl *ksmbd_vfs_posix_acl_alloc(int count, gfp_t flags);
-struct posix_acl *ksmbd_vfs_get_acl(struct inode *inode, int type);
-int ksmbd_vfs_set_posix_acl(struct inode *inode, int type,
- struct posix_acl *acl);
int ksmbd_vfs_set_init_posix_acl(struct inode *inode);
int ksmbd_vfs_inherit_posix_acl(struct inode *inode,
struct inode *parent_inode);
From patchwork Mon Nov 14 12:50:34 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183221
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:11 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:11 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:10 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 125/308] ksmbd: change stream type macro to
enumeration
Date: Mon, 14 Nov 2022 20:50:34 +0800
Message-ID: <20221114125337.1831594-126-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d7c47fe4-9458-41e6-3654-08dac63c646f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6459776
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit ee2033e9c64139c4f052bed52e72eba44a08b40a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ee2033e9c641
-------------------------------
Change stream type macro to enumeration and move it to vfs.h.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/glob.h | 3 ---
fs/cifsd/vfs.h | 8 ++++++++
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/fs/cifsd/glob.h b/fs/cifsd/glob.h
index 8119cb7ddbed..49a5a3afa118 100644
--- a/fs/cifsd/glob.h
+++ b/fs/cifsd/glob.h
@@ -16,9 +16,6 @@
extern int ksmbd_debug_types;
-#define DATA_STREAM 1
-#define DIR_STREAM 2
-
#define KSMBD_DEBUG_SMB BIT(0)
#define KSMBD_DEBUG_AUTH BIT(1)
#define KSMBD_DEBUG_VFS BIT(2)
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index 29352c227028..a9c14c5dee8d 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -101,6 +101,14 @@ struct xattr_ntacl {
#define XATTR_NAME_SD_LEN \
(sizeof(XATTR_SECURITY_PREFIX SD_PREFIX) - 1)
+/*
+ * Enumeration for stream type.
+ */
+enum {
+ DATA_STREAM = 1, /* type $DATA */
+ DIR_STREAM /* type $INDEX_ALLOCATION */
+};
+
/* CreateOptions */
/* Flag is set, it must not be a file , valid for directory only */
#define FILE_DIRECTORY_FILE_LE cpu_to_le32(0x00000001)
From patchwork Mon Nov 14 12:50:35 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183223
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:12 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:11 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:11 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 126/308] ksmbd: use f_bsize instead of
q->limits.logical_block_size
Date: Mon, 14 Nov 2022 20:50:35 +0800
Message-ID: <20221114125337.1831594-127-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
00ab0595-730e-40d6-1436-08dac63c64b8
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6963437
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit ee81cae1a6323fa4489313dfd9de436da7ff8519
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ee81cae1a632
-------------------------------
Use f_bsize instead of q->limits.logical_block_size.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 25 +++++++------------------
fs/cifsd/vfs.c | 23 -----------------------
fs/cifsd/vfs.h | 1 -
3 files changed, 7 insertions(+), 42 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 0d004c6d1c63..341d51e711a5 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -4739,16 +4739,12 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
case FS_SIZE_INFORMATION:
{
struct filesystem_info *info;
- unsigned short logical_sector_size;
info = (struct filesystem_info *)(rsp->Buffer);
- logical_sector_size =
- ksmbd_vfs_logical_sector_size(d_inode(path.dentry));
-
info->TotalAllocationUnits = cpu_to_le64(stfs.f_blocks);
info->FreeAllocationUnits = cpu_to_le64(stfs.f_bfree);
- info->SectorsPerAllocationUnit = cpu_to_le32(stfs.f_bsize >> 9);
- info->BytesPerSector = cpu_to_le32(logical_sector_size);
+ info->SectorsPerAllocationUnit = cpu_to_le32(1);
+ info->BytesPerSector = cpu_to_le32(stfs.f_bsize);
rsp->OutputBufferLength = cpu_to_le32(24);
inc_rfc1001_len(rsp_org, 24);
fs_infoclass_size = FS_SIZE_INFORMATION_SIZE;
@@ -4757,19 +4753,15 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
case FS_FULL_SIZE_INFORMATION:
{
struct smb2_fs_full_size_info *info;
- unsigned short logical_sector_size;
info = (struct smb2_fs_full_size_info *)(rsp->Buffer);
- logical_sector_size =
- ksmbd_vfs_logical_sector_size(d_inode(path.dentry));
-
info->TotalAllocationUnits = cpu_to_le64(stfs.f_blocks);
info->CallerAvailableAllocationUnits =
cpu_to_le64(stfs.f_bavail);
info->ActualAvailableAllocationUnits =
cpu_to_le64(stfs.f_bfree);
- info->SectorsPerAllocationUnit = cpu_to_le32(stfs.f_bsize >> 9);
- info->BytesPerSector = cpu_to_le32(logical_sector_size);
+ info->SectorsPerAllocationUnit = cpu_to_le32(1);
+ info->BytesPerSector = cpu_to_le32(stfs.f_bsize);
rsp->OutputBufferLength = cpu_to_le32(32);
inc_rfc1001_len(rsp_org, 32);
fs_infoclass_size = FS_FULL_SIZE_INFORMATION_SIZE;
@@ -4846,16 +4838,13 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
case FS_POSIX_INFORMATION:
{
struct filesystem_posix_info *info;
- unsigned short logical_sector_size;
if (!work->tcon->posix_extensions) {
pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
rc = -EOPNOTSUPP;
} else {
info = (struct filesystem_posix_info *)(rsp->Buffer);
- logical_sector_size =
- ksmbd_vfs_logical_sector_size(d_inode(path.dentry));
- info->OptimalTransferSize = cpu_to_le32(logical_sector_size);
+ info->OptimalTransferSize = cpu_to_le32(stfs.f_bsize);
info->BlockSize = cpu_to_le32(stfs.f_bsize);
info->TotalBlocks = cpu_to_le64(stfs.f_blocks);
info->BlocksAvail = cpu_to_le64(stfs.f_bfree);
@@ -5588,13 +5577,13 @@ static int set_file_position_info(struct ksmbd_file *fp, char *buf)
{
struct smb2_file_pos_info *file_info;
loff_t current_byte_offset;
- unsigned short sector_size;
+ unsigned long sector_size;
struct inode *inode;
inode = file_inode(fp->filp);
file_info = (struct smb2_file_pos_info *)buf;
current_byte_offset = le64_to_cpu(file_info->CurrentByteOffset);
- sector_size = ksmbd_vfs_logical_sector_size(inode);
+ sector_size = inode->i_sb->s_blocksize;
if (current_byte_offset < 0 ||
(fp->coption == FILE_NO_INTERMEDIATE_BUFFERING_LE &&
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index e34e536dc9ce..9c594e88b2c7 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -12,7 +12,6 @@
#include <linux/xattr.h>
#include <linux/falloc.h>
#include <linux/genhd.h>
-#include <linux/blkdev.h>
#include <linux/fsnotify.h>
#include <linux/dcache.h>
#include <linux/slab.h>
@@ -1119,28 +1118,6 @@ int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
return err;
}
-/*
- * ksmbd_vfs_get_logical_sector_size() - get logical sector size from inode
- * @inode: inode
- *
- * Return: logical sector size
- */
-unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode)
-{
- struct request_queue *q;
- unsigned short ret_val = 512;
-
- if (!inode->i_sb->s_bdev)
- return ret_val;
-
- q = inode->i_sb->s_bdev->bd_disk->queue;
-
- if (q && q->limits.logical_block_size)
- ret_val = q->limits.logical_block_size;
-
- return ret_val;
-}
-
/*
* ksmbd_vfs_get_smb2_sector_size() - get fs sector sizes
* @inode: inode
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index a9c14c5dee8d..751bb6ea6e12 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -247,7 +247,6 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
struct file_allocated_range_buffer *ranges,
int in_count, int *out_count);
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry);
-unsigned short ksmbd_vfs_logical_sector_size(struct inode *inode);
void ksmbd_vfs_smb2_sector_size(struct inode *inode,
struct ksmbd_fs_sector_size *fs_ss);
void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
From patchwork Mon Nov 14 12:50:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183224
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:12 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:12 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:11 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 127/308] ksmbd: remove unneeded NULL check in the
list iterator
Date: Mon, 14 Nov 2022 20:50:36 +0800
Message-ID: <20221114125337.1831594-128-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e049cc7b-cc75-4f16-f297-08dac63c6500
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6873968
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 560ac05130696de2491881bbc2a5024c94bc3912
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/560ac0513069
-------------------------------
Remove unneeded NULL check in the list iterator. And use
list_for_each_entry_safe instead of list_for_each_safe.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/mgmt/user_session.c | 15 ++++++---------
fs/cifsd/smb2pdu.c | 2 +-
2 files changed, 7 insertions(+), 10 deletions(-)
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/cifsd/mgmt/user_session.c
index 615b46f0762b..c5ba9694e1f1 100644
--- a/fs/cifsd/mgmt/user_session.c
+++ b/fs/cifsd/mgmt/user_session.c
@@ -30,15 +30,12 @@ struct ksmbd_session_rpc {
static void free_channel_list(struct ksmbd_session *sess)
{
- struct channel *chann;
- struct list_head *tmp, *t;
-
- list_for_each_safe(tmp, t, &sess->ksmbd_chann_list) {
- chann = list_entry(tmp, struct channel, chann_list);
- if (chann) {
- list_del(&chann->chann_list);
- kfree(chann);
- }
+ struct channel *chann, *tmp;
+
+ list_for_each_entry_safe(chann, tmp, &sess->ksmbd_chann_list,
+ chann_list) {
+ list_del(&chann->chann_list);
+ kfree(chann);
}
}
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 341d51e711a5..bbb35e68abc4 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -76,7 +76,7 @@ struct channel *lookup_chann_list(struct ksmbd_session *sess, struct ksmbd_conn
struct channel *chann;
list_for_each_entry(chann, &sess->ksmbd_chann_list, chann_list) {
- if (chann && chann->conn == conn)
+ if (chann->conn == conn)
return chann;
}
From patchwork Mon Nov 14 12:50:37 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183225
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:12 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:12 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:12 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 128/308] ksmbd: use f_bsize in
FS_SECTOR_SIZE_INFORMATION
Date: Mon, 14 Nov 2022 20:50:37 +0800
Message-ID: <20221114125337.1831594-129-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d8dab6c1-934e-4c03-ab21-08dac63c6549
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6835615
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 131bac1ece2e16201674b2f29b64d2044c826b56
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/131bac1ece2e
-------------------------------
Use f_bsize in FS_SECTOR_SIZE_INFORMATION to avoid the access the block
layer.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/cifsd/smb2pdu.c | 12 ++++--------
fs/cifsd/vfs.c | 31 -------------------------------
fs/cifsd/vfs.h | 8 --------
3 files changed, 4 insertions(+), 47 deletions(-)
diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index bbb35e68abc4..1327ae806b17 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -4791,19 +4791,15 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
case FS_SECTOR_SIZE_INFORMATION:
{
struct smb3_fs_ss_info *info;
- struct ksmbd_fs_sector_size fs_ss;
info = (struct smb3_fs_ss_info *)(rsp->Buffer);
- ksmbd_vfs_smb2_sector_size(d_inode(path.dentry), &fs_ss);
- info->LogicalBytesPerSector =
- cpu_to_le32(fs_ss.logical_sector_size);
+ info->LogicalBytesPerSector = cpu_to_le32(stfs.f_bsize);
info->PhysicalBytesPerSectorForAtomicity =
- cpu_to_le32(fs_ss.physical_sector_size);
- info->PhysicalBytesPerSectorForPerf =
- cpu_to_le32(fs_ss.optimal_io_size);
+ cpu_to_le32(stfs.f_bsize);
+ info->PhysicalBytesPerSectorForPerf = cpu_to_le32(stfs.f_bsize);
info->FSEffPhysicalBytesPerSectorForAtomicity =
- cpu_to_le32(fs_ss.optimal_io_size);
+ cpu_to_le32(stfs.f_bsize);
info->Flags = cpu_to_le32(SSINFO_FLAGS_ALIGNED_DEVICE |
SSINFO_FLAGS_PARTITION_ALIGNED_ON_DEVICE);
info->ByteOffsetForSectorAlignment = 0;
diff --git a/fs/cifsd/vfs.c b/fs/cifsd/vfs.c
index 9c594e88b2c7..fddabb4c7db6 100644
--- a/fs/cifsd/vfs.c
+++ b/fs/cifsd/vfs.c
@@ -1118,37 +1118,6 @@ int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
return err;
}
-/*
- * ksmbd_vfs_get_smb2_sector_size() - get fs sector sizes
- * @inode: inode
- * @fs_ss: fs sector size struct
- */
-void ksmbd_vfs_smb2_sector_size(struct inode *inode,
- struct ksmbd_fs_sector_size *fs_ss)
-{
- struct request_queue *q;
-
- fs_ss->logical_sector_size = 512;
- fs_ss->physical_sector_size = 512;
- fs_ss->optimal_io_size = 512;
-
- if (!inode->i_sb->s_bdev)
- return;
-
- q = inode->i_sb->s_bdev->bd_disk->queue;
-
- if (q) {
- if (q->limits.logical_block_size)
- fs_ss->logical_sector_size =
- q->limits.logical_block_size;
- if (q->limits.physical_block_size)
- fs_ss->physical_sector_size =
- q->limits.physical_block_size;
- if (q->limits.io_opt)
- fs_ss->optimal_io_size = q->limits.io_opt;
- }
-}
-
static int __dir_empty(struct dir_context *ctx, const char *name, int namlen,
loff_t offset, u64 ino, unsigned int d_type)
{
diff --git a/fs/cifsd/vfs.h b/fs/cifsd/vfs.h
index 751bb6ea6e12..49f0558ace32 100644
--- a/fs/cifsd/vfs.h
+++ b/fs/cifsd/vfs.h
@@ -192,12 +192,6 @@ struct ksmbd_kstat {
__le32 file_attributes;
};
-struct ksmbd_fs_sector_size {
- unsigned short logical_sector_size;
- unsigned int physical_sector_size;
- unsigned int optimal_io_size;
-};
-
int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode,
bool delete);
int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess);
@@ -247,8 +241,6 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
struct file_allocated_range_buffer *ranges,
int in_count, int *out_count);
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry);
-void ksmbd_vfs_smb2_sector_size(struct inode *inode,
- struct ksmbd_fs_sector_size *fs_ss);
void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
struct ksmbd_kstat *ksmbd_kstat);
From patchwork Mon Nov 14 12:50:38 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183226
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:13 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:13 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:12 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 129/308] cifsd: fix WARNING: Title overline too
short
Date: Mon, 14 Nov 2022 20:50:38 +0800
Message-ID: <20221114125337.1831594-130-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7de38c99-0ba8-4ad3-2104-08dac63c6593
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7068281
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit c0e8110e6c75758c4567f8e713f26e5dbd88cc7c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c0e8110e6c75
-------------------------------
Stephen reported a warning message from cifsd.rst file.
Documentation/filesystems/cifs/cifsd.rst:3: WARNING: Title overline too
short.
Reported-by: Stephen Rothwell <sfr(a)canb.auug.org.au>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/cifsd.rst | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Documentation/filesystems/cifs/cifsd.rst b/Documentation/filesystems/cifs/cifsd.rst
index e0c33d03f290..af3589da6923 100644
--- a/Documentation/filesystems/cifs/cifsd.rst
+++ b/Documentation/filesystems/cifs/cifsd.rst
@@ -1,8 +1,8 @@
.. SPDX-License-Identifier: GPL-2.0
-=========================
+==========================
CIFSD - SMB3 Kernel Server
-=========================
+==========================
CIFSD is a linux kernel server which implements SMB3 protocol in kernel space
for sharing files over network.
From patchwork Mon Nov 14 12:50:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183227
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:13 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:13 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:13 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 130/308] cifsd: update cifsd.rst document
Date: Mon, 14 Nov 2022 20:50:39 +0800
Message-ID: <20221114125337.1831594-131-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
8527599b-62ec-4df8-e414-08dac63c65dc
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6951034
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 04bee6e336be1accb7f28d8e86454f42b58a860f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/04bee6e336be
-------------------------------
Add work flow of cifsd and feature stats table.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/cifsd.rst | 96 +++++++++++++++++-------
1 file changed, 70 insertions(+), 26 deletions(-)
diff --git a/Documentation/filesystems/cifs/cifsd.rst b/Documentation/filesystems/cifs/cifsd.rst
index af3589da6923..7eac7e459c2d 100644
--- a/Documentation/filesystems/cifs/cifsd.rst
+++ b/Documentation/filesystems/cifs/cifsd.rst
@@ -10,6 +10,34 @@ for sharing files over network.
CIFSD architecture
==================
+ |--- ...
+ --------|--- ksmbd/3 - Client 3
+ |-------|--- ksmbd/2 - Client 2
+ | | ____________________________________________________
+ | | |- Client 1 |
+<--- Socket ---|--- ksmbd/1 <<= Authentication : NTLM/NTLM2, Kerberos |
+ | | | | <<= SMB engine : SMB2, SMB2.1, SMB3, SMB3.0.2, |
+ | | | | SMB3.1.1 |
+ | | | |____________________________________________________|
+ | | |
+ | | |--- VFS --- Local Filesystem
+ | |
+KERNEL |--- ksmbd/0(forker kthread)
+---------------||---------------------------------------------------------------
+USER ||
+ || communication using NETLINK
+ || ______________________________________________
+ || | |
+ ksmbd.mountd <<= DCE/RPC(srvsvc, wkssvc, smar, lsarpc) |
+ ^ | <<= configure shares setting, user accounts |
+ | |______________________________________________|
+ |
+ |------ smb.conf(config file)
+ |
+ |------ ksmbdpwd.db(user account/password file)
+ ^
+ ksmbd.adduser ---------------|
+
The subset of performance related operations belong in kernelspace and
the other subset which belong to operations which are not really related with
performance in userspace. So, DCE/RPC management that has historically resulted
@@ -59,32 +87,48 @@ dozen) that are most important for file server from NetShareEnum and
NetServerGetInfo. Complete DCE/RPC response is prepared from the user space
and passed over to the associated kernel thread for the client.
-Key Features
-============
-
-The supported features are:
- * SMB3 protocols for basic file sharing
- * Auto negotiation
- * Compound requests
- * Oplock/Lease
- * Large MTU
- * NTLM/NTLMv2
- * HMAC-SHA256 Signing
- * Secure negotiate
- * Signing Update
- * Pre-authentication integrity(SMB 3.1.1)
- * SMB3 encryption(CCM, GCM)
- * SMB direct(RDMA)
- * SMB3.1.1 POSIX extension support
- * ACLs
- * Kerberos
-
-The features that are planned or not supported:
- * SMB3 Multi-channel
- * Durable handle v1,v2
- * Persistent handles
- * Directory lease
- * SMB2 notify
+
+CIFSD Feature Status
+====================
+
+============================== =================================================
+Feature name Status
+============================== =================================================
+Dialects Supported. SMB2.1 SMB3.0, SMB3.1.1 dialects
+ excluding security vulnerable SMB1.
+Auto Negotiation Supported.
+Compound Request Supported.
+Oplock Cache Mechanism Supported.
+SMB2 leases(v1 lease) Supported.
+Directory leases(v2 lease) Planned for future.
+Multi-credits Supported.
+NTLM/NTLMv2 Supported.
+HMAC-SHA256 Signing Supported.
+Secure negotiate Supported.
+Signing Update Supported.
+Pre-authentication integrity Supported.
+SMB3 encryption(CCM, GCM) Supported.
+SMB direct(RDMA) Partial Supported. SMB3 Multi-channel is required
+ to connect to Windows client.
+SMB3 Multi-channel In Progress.
+SMB3.1.1 POSIX extension Supported.
+ACLs Partial Supported. only DACLs available, SACLs is
+ planned for future. ksmbd generate random subauth
+ values(then store it to disk) and use uid/gid
+ get from inode as RID for local domain SID.
+ The current acl implementation is limited to
+ standalone server, not a domain member.
+Kerberos Supported.
+Durable handle v1,v2 Planned for future.
+Persistent handle Planned for future.
+SMB2 notify Planned for future.
+Sparse file support Supported.
+DCE/RPC support Partial Supported. a few calls(NetShareEnumAll,
+ NetServerGetInfo, SAMR, LSARPC) that needed as
+ file server via netlink interface from
+ ksmbd.mountd.
+============================== =================================================
+
How to run
==========
From patchwork Mon Nov 14 12:50:40 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183228
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:14 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:14 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:13 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 131/308] cifsd: fix build warnings from cifsd.rst
Date: Mon, 14 Nov 2022 20:50:40 +0800
Message-ID: <20221114125337.1831594-132-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3a505631-b82d-4a58-c267-08dac63c6625
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6981843
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 269d3feec1b0f0c286ff3cc3eef43416614ee261
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/269d3feec1b0
-------------------------------
Stephen reported a build warnings from cifsd.rst:
Documentation/filesystems/cifs/cifsd.rst:13: WARNING: Inline
substitution_reference start-string without end-string.
Documentation/filesystems/cifs/cifsd.rst:14: WARNING: Block quote ends
without a blank line; unexpected unindent.
Documentation/filesystems/cifs/cifsd.rst:14: WARNING: Inline
substitution_reference start-string without end-string.
Documentation/filesystems/cifs/cifsd.rst:18: WARNING: Block quote ends
without a blank line; unexpected unindent.
Documentation/filesystems/cifs/cifsd.rst:23: WARNING: Inline
substitution_reference start-string without end-string.
Documentation/filesystems/cifs/cifsd.rst:23: WARNING: Inline
substitution_reference start-string without end-string.
Documentation/filesystems/cifs/cifsd.rst:24: WARNING: Inline
substitution_reference start-string without end-string.
Documentation/filesystems/cifs/cifsd.rst:25: WARNING: Definition list
ends without a blank line; unexpected unindent.
Documentation/filesystems/cifs/cifsd.rst:28: WARNING: Unexpected
indentation.
Documentation/filesystems/cifs/cifsd.rst:31: WARNING: Block quote ends
without a blank line; unexpected unindent.
Documentation/filesystems/cifs/cifsd.rst:38: WARNING: Unexpected
indentation.
Documentation/filesystems/cifs/cifsd.rst:32: WARNING: Inline
substitution_reference start-string without end-string.
Documentation/filesystems/cifs/cifsd.rst:32: WARNING: Inline
substitution_reference start-string without end-string.
Documentation/filesystems/cifs/cifsd.rst:39: WARNING: Block quote ends
without a blank line; unexpected unindent.
Documentation/filesystems/cifs/cifsd.rst:14: WARNING: Undefined
substitution referenced: "--- ksmbd/3 - Client 3 |-------".
Documentation/filesystems/cifs/cifsd.rst:0: WARNING: Undefined
substitution referenced:
"____________________________________________________".
Documentation/filesystems/cifs/cifsd.rst:25: WARNING: Undefined
substitution referenced: "--- ksmbd/0(forker kthread) ---------------|".
Documentation/filesystems/cifs/cifsd.rst:32: WARNING: Undefined
substitution referenced:
"______________________________________________".
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/cifsd.rst | 28 ------------------------
1 file changed, 28 deletions(-)
diff --git a/Documentation/filesystems/cifs/cifsd.rst b/Documentation/filesystems/cifs/cifsd.rst
index 7eac7e459c2d..48ae58f2a53c 100644
--- a/Documentation/filesystems/cifs/cifsd.rst
+++ b/Documentation/filesystems/cifs/cifsd.rst
@@ -10,34 +10,6 @@ for sharing files over network.
CIFSD architecture
==================
- |--- ...
- --------|--- ksmbd/3 - Client 3
- |-------|--- ksmbd/2 - Client 2
- | | ____________________________________________________
- | | |- Client 1 |
-<--- Socket ---|--- ksmbd/1 <<= Authentication : NTLM/NTLM2, Kerberos |
- | | | | <<= SMB engine : SMB2, SMB2.1, SMB3, SMB3.0.2, |
- | | | | SMB3.1.1 |
- | | | |____________________________________________________|
- | | |
- | | |--- VFS --- Local Filesystem
- | |
-KERNEL |--- ksmbd/0(forker kthread)
----------------||---------------------------------------------------------------
-USER ||
- || communication using NETLINK
- || ______________________________________________
- || | |
- ksmbd.mountd <<= DCE/RPC(srvsvc, wkssvc, smar, lsarpc) |
- ^ | <<= configure shares setting, user accounts |
- | |______________________________________________|
- |
- |------ smb.conf(config file)
- |
- |------ ksmbdpwd.db(user account/password file)
- ^
- ksmbd.adduser ---------------|
-
The subset of performance related operations belong in kernelspace and
the other subset which belong to operations which are not really related with
performance in userspace. So, DCE/RPC management that has historically resulted
From patchwork Mon Nov 14 12:50:41 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183229
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:14 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:14 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:14 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 132/308] doc: cifsd: change the reference to
configuration.txt
Date: Mon, 14 Nov 2022 20:50:41 +0800
Message-ID: <20221114125337.1831594-133-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7f952bc3-cd14-409c-bb64-08dac63c666d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6781884
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org>
mainline inclusion
from mainline-5.15-rc1
commit 9cca7516f4c6373223d6059f1a69548fed74c5ed
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9cca7516f4c6
-------------------------------
added documentation for cifsd. There, it points to a file
named:
Documentation/configuration.txt
This confuses Kernel scripts, as they think that this is a
document within the Kernel tree, instead of a file from
some other place.
Replace it by an hyperlink to the ksmbd-tools tree, in order
to avoid false-positives.
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/cifsd.rst | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Documentation/filesystems/cifs/cifsd.rst b/Documentation/filesystems/cifs/cifsd.rst
index 48ae58f2a53c..cb9f87b8529f 100644
--- a/Documentation/filesystems/cifs/cifsd.rst
+++ b/Documentation/filesystems/cifs/cifsd.rst
@@ -114,8 +114,8 @@ How to run
# ksmbd.adduser -a <Enter USERNAME for SMB share access>
3. Create /etc/ksmbd/smb.conf file, add SMB share in smb.conf file
- - Refer smb.conf.example and Documentation/configuration.txt
- in ksmbd-tools
+ - Refer smb.conf.example and
+ https://github.com/cifsd-team/ksmbd-tools/blob/master/Documentation/configu…
4. Insert ksmbd.ko module
From patchwork Mon Nov 14 12:50:42 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183230
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:15 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:14 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 133/308] cifsd: add ksmbd/nfsd interoperability to
feature table
Date: Mon, 14 Nov 2022 20:50:42 +0800
Message-ID: <20221114125337.1831594-134-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f3738148-efe5-46c2-bf8b-08dac63c66b6
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7063584
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 204fcceb7ccf43034da8e97078153c7c6d0bc84d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/204fcceb7ccf
-------------------------------
Add ksmbd/nfsd interoperability to feature table and sync with a table in
patch cover letter.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/cifsd.rst | 32 ++++++++++++++++--------
1 file changed, 22 insertions(+), 10 deletions(-)
diff --git a/Documentation/filesystems/cifs/cifsd.rst b/Documentation/filesystems/cifs/cifsd.rst
index cb9f87b8529f..01a0be272ce6 100644
--- a/Documentation/filesystems/cifs/cifsd.rst
+++ b/Documentation/filesystems/cifs/cifsd.rst
@@ -67,7 +67,8 @@ CIFSD Feature Status
Feature name Status
============================== =================================================
Dialects Supported. SMB2.1 SMB3.0, SMB3.1.1 dialects
- excluding security vulnerable SMB1.
+ (intentionally excludes security vulnerable SMB1
+ dialect).
Auto Negotiation Supported.
Compound Request Supported.
Oplock Cache Mechanism Supported.
@@ -79,26 +80,37 @@ HMAC-SHA256 Signing Supported.
Secure negotiate Supported.
Signing Update Supported.
Pre-authentication integrity Supported.
-SMB3 encryption(CCM, GCM) Supported.
-SMB direct(RDMA) Partial Supported. SMB3 Multi-channel is required
- to connect to Windows client.
+SMB3 encryption(CCM, GCM) Supported. (CCM and GCM128 supported, GCM256 in
+ progress)
+SMB direct(RDMA) Partially Supported. SMB3 Multi-channel is
+ required to connect to Windows client.
SMB3 Multi-channel In Progress.
SMB3.1.1 POSIX extension Supported.
-ACLs Partial Supported. only DACLs available, SACLs is
- planned for future. ksmbd generate random subauth
+ACLs Partially Supported. only DACLs available, SACLs
+ (auditing) is planned for the future. For
+ ownership (SIDs) ksmbd generates random subauth
values(then store it to disk) and use uid/gid
get from inode as RID for local domain SID.
The current acl implementation is limited to
standalone server, not a domain member.
+ Integration with Samba tools is being worked on
+ to allow future support for running as a domain
+ member.
Kerberos Supported.
Durable handle v1,v2 Planned for future.
Persistent handle Planned for future.
SMB2 notify Planned for future.
Sparse file support Supported.
-DCE/RPC support Partial Supported. a few calls(NetShareEnumAll,
- NetServerGetInfo, SAMR, LSARPC) that needed as
- file server via netlink interface from
- ksmbd.mountd.
+DCE/RPC support Partially Supported. a few calls(NetShareEnumAll,
+ NetServerGetInfo, SAMR, LSARPC) that are needed
+ for file server handled via netlink interface
+ from ksmbd.mountd. Additional integration with
+ Samba tools and libraries via upcall is being
+ investigated to allow support for additional
+ DCE/RPC management calls (and future support
+ for Witness protocol e.g.)
+ksmbd/nfsd interoperability Planned for future. The features that ksmbd
+ support are Leases, Notify, ACLs and Share modes.
============================== =================================================
From patchwork Mon Nov 14 12:50:43 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183231
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:15 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:15 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 134/308] cifsd: fix WARNING: document isn't
included in any toctree
Date: Mon, 14 Nov 2022 20:50:43 +0800
Message-ID: <20221114125337.1831594-135-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
67e4c679-c1c5-4488-776a-08dac63c66ff
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6934990
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 42da4086b987fbb35562e93e534e57ad3f81f855
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/42da4086b987
-------------------------------
Stephen reported a warning message from cifsd.rst file.
Documentation/filesystems/cifs/cifsd.rst: WARNING: document isn't
included in any toctree
Reported-by: Stephen Rothwell <sfr(a)canb.auug.org.au>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/index.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/Documentation/filesystems/index.rst b/Documentation/filesystems/index.rst
index 757684537248..fa9a4a5a15ba 100644
--- a/Documentation/filesystems/index.rst
+++ b/Documentation/filesystems/index.rst
@@ -71,6 +71,7 @@ Documentation for filesystem implementations.
befs
bfs
btrfs
+ cifs/cifsd
cifs/cifsroot
ceph
coda
From patchwork Mon Nov 14 12:50:44 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183232
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:16 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:16 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:15 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 135/308] cifsd: add index.rst in cifs
documentation
Date: Mon, 14 Nov 2022 20:50:44 +0800
Message-ID: <20221114125337.1831594-136-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ff866611-bdec-444a-60c2-08dac63c6749
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6717174
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 04165366515a2ba36c78540da776d3a12164f824
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/04165366515a
-------------------------------
Since more than one file is in the cifs document directory,
This patch add an index.rst.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/index.rst | 10 ++++++++++
Documentation/filesystems/index.rst | 3 +--
2 files changed, 11 insertions(+), 2 deletions(-)
create mode 100644 Documentation/filesystems/cifs/index.rst
diff --git a/Documentation/filesystems/cifs/index.rst b/Documentation/filesystems/cifs/index.rst
new file mode 100644
index 000000000000..e762586b5dc7
--- /dev/null
+++ b/Documentation/filesystems/cifs/index.rst
@@ -0,0 +1,10 @@
+===============================
+CIFS
+===============================
+
+
+.. toctree::
+ :maxdepth: 1
+
+ cifsd
+ cifsroot
diff --git a/Documentation/filesystems/index.rst b/Documentation/filesystems/index.rst
index fa9a4a5a15ba..fe691c6c83fd 100644
--- a/Documentation/filesystems/index.rst
+++ b/Documentation/filesystems/index.rst
@@ -71,8 +71,7 @@ Documentation for filesystem implementations.
befs
bfs
btrfs
- cifs/cifsd
- cifs/cifsroot
+ cifs/index
ceph
coda
configfs
From patchwork Mon Nov 14 12:50:45 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183233
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:16 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:16 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:16 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 136/308] ksmbd: move fs/cifsd to fs/ksmbd
Date: Mon, 14 Nov 2022 20:50:45 +0800
Message-ID: <20221114125337.1831594-137-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
64cc95a4-3aea-4fdb-654f-08dac63c6792
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7210761
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 1a93084b9a89818aec0ac7b59a5a51f2112bf203
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1a93084b9a89
-------------------------------
Move fs/cifsd to fs/ksmbd and rename the remaining cifsd name to ksmbd.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
Documentation/filesystems/cifs/index.rst | 2 +-
.../filesystems/cifs/{cifsd.rst => ksmbd.rst} | 10 +++++-----
fs/{cifsd => ksmbd}/asn1.c | 0
fs/{cifsd => ksmbd}/asn1.h | 0
fs/{cifsd => ksmbd}/auth.c | 0
fs/{cifsd => ksmbd}/auth.h | 0
fs/{cifsd => ksmbd}/connection.c | 0
fs/{cifsd => ksmbd}/connection.h | 0
fs/{cifsd => ksmbd}/crypto_ctx.c | 0
fs/{cifsd => ksmbd}/crypto_ctx.h | 0
fs/{cifsd => ksmbd}/glob.h | 0
fs/{cifsd => ksmbd}/ksmbd_server.h | 0
fs/{cifsd => ksmbd}/ksmbd_spnego_negtokeninit.asn1 | 0
fs/{cifsd => ksmbd}/ksmbd_spnego_negtokentarg.asn1 | 0
fs/{cifsd => ksmbd}/ksmbd_work.c | 0
fs/{cifsd => ksmbd}/ksmbd_work.h | 0
fs/{cifsd => ksmbd}/mgmt/ksmbd_ida.c | 0
fs/{cifsd => ksmbd}/mgmt/ksmbd_ida.h | 0
fs/{cifsd => ksmbd}/mgmt/share_config.c | 0
fs/{cifsd => ksmbd}/mgmt/share_config.h | 0
fs/{cifsd => ksmbd}/mgmt/tree_connect.c | 0
fs/{cifsd => ksmbd}/mgmt/tree_connect.h | 0
fs/{cifsd => ksmbd}/mgmt/user_config.c | 0
fs/{cifsd => ksmbd}/mgmt/user_config.h | 0
fs/{cifsd => ksmbd}/mgmt/user_session.c | 0
fs/{cifsd => ksmbd}/mgmt/user_session.h | 0
fs/{cifsd => ksmbd}/misc.c | 0
fs/{cifsd => ksmbd}/misc.h | 0
fs/{cifsd => ksmbd}/ndr.c | 0
fs/{cifsd => ksmbd}/ndr.h | 0
fs/{cifsd => ksmbd}/nterr.h | 0
fs/{cifsd => ksmbd}/ntlmssp.h | 0
fs/{cifsd => ksmbd}/oplock.c | 0
fs/{cifsd => ksmbd}/oplock.h | 0
fs/{cifsd => ksmbd}/server.c | 0
fs/{cifsd => ksmbd}/server.h | 0
fs/{cifsd => ksmbd}/smb2misc.c | 0
fs/{cifsd => ksmbd}/smb2ops.c | 0
fs/{cifsd => ksmbd}/smb2pdu.c | 0
fs/{cifsd => ksmbd}/smb2pdu.h | 0
fs/{cifsd => ksmbd}/smb_common.c | 0
fs/{cifsd => ksmbd}/smb_common.h | 0
fs/{cifsd => ksmbd}/smbacl.c | 0
fs/{cifsd => ksmbd}/smbacl.h | 0
fs/{cifsd => ksmbd}/smbfsctl.h | 0
fs/{cifsd => ksmbd}/smbstatus.h | 0
fs/{cifsd => ksmbd}/transport_ipc.c | 0
fs/{cifsd => ksmbd}/transport_ipc.h | 0
fs/{cifsd => ksmbd}/transport_rdma.c | 0
fs/{cifsd => ksmbd}/transport_rdma.h | 0
fs/{cifsd => ksmbd}/transport_tcp.c | 0
fs/{cifsd => ksmbd}/transport_tcp.h | 0
fs/{cifsd => ksmbd}/unicode.c | 0
fs/{cifsd => ksmbd}/unicode.h | 0
fs/{cifsd => ksmbd}/uniupr.h | 0
fs/{cifsd => ksmbd}/vfs.c | 0
fs/{cifsd => ksmbd}/vfs.h | 0
fs/{cifsd => ksmbd}/vfs_cache.c | 0
fs/{cifsd => ksmbd}/vfs_cache.h | 0
59 files changed, 6 insertions(+), 6 deletions(-)
rename Documentation/filesystems/cifs/{cifsd.rst => ksmbd.rst} (98%)
rename fs/{cifsd => ksmbd}/asn1.c (100%)
rename fs/{cifsd => ksmbd}/asn1.h (100%)
rename fs/{cifsd => ksmbd}/auth.c (100%)
rename fs/{cifsd => ksmbd}/auth.h (100%)
rename fs/{cifsd => ksmbd}/connection.c (100%)
rename fs/{cifsd => ksmbd}/connection.h (100%)
rename fs/{cifsd => ksmbd}/crypto_ctx.c (100%)
rename fs/{cifsd => ksmbd}/crypto_ctx.h (100%)
rename fs/{cifsd => ksmbd}/glob.h (100%)
rename fs/{cifsd => ksmbd}/ksmbd_server.h (100%)
rename fs/{cifsd => ksmbd}/ksmbd_spnego_negtokeninit.asn1 (100%)
rename fs/{cifsd => ksmbd}/ksmbd_spnego_negtokentarg.asn1 (100%)
rename fs/{cifsd => ksmbd}/ksmbd_work.c (100%)
rename fs/{cifsd => ksmbd}/ksmbd_work.h (100%)
rename fs/{cifsd => ksmbd}/mgmt/ksmbd_ida.c (100%)
rename fs/{cifsd => ksmbd}/mgmt/ksmbd_ida.h (100%)
rename fs/{cifsd => ksmbd}/mgmt/share_config.c (100%)
rename fs/{cifsd => ksmbd}/mgmt/share_config.h (100%)
rename fs/{cifsd => ksmbd}/mgmt/tree_connect.c (100%)
rename fs/{cifsd => ksmbd}/mgmt/tree_connect.h (100%)
rename fs/{cifsd => ksmbd}/mgmt/user_config.c (100%)
rename fs/{cifsd => ksmbd}/mgmt/user_config.h (100%)
rename fs/{cifsd => ksmbd}/mgmt/user_session.c (100%)
rename fs/{cifsd => ksmbd}/mgmt/user_session.h (100%)
rename fs/{cifsd => ksmbd}/misc.c (100%)
rename fs/{cifsd => ksmbd}/misc.h (100%)
rename fs/{cifsd => ksmbd}/ndr.c (100%)
rename fs/{cifsd => ksmbd}/ndr.h (100%)
rename fs/{cifsd => ksmbd}/nterr.h (100%)
rename fs/{cifsd => ksmbd}/ntlmssp.h (100%)
rename fs/{cifsd => ksmbd}/oplock.c (100%)
rename fs/{cifsd => ksmbd}/oplock.h (100%)
rename fs/{cifsd => ksmbd}/server.c (100%)
rename fs/{cifsd => ksmbd}/server.h (100%)
rename fs/{cifsd => ksmbd}/smb2misc.c (100%)
rename fs/{cifsd => ksmbd}/smb2ops.c (100%)
rename fs/{cifsd => ksmbd}/smb2pdu.c (100%)
rename fs/{cifsd => ksmbd}/smb2pdu.h (100%)
rename fs/{cifsd => ksmbd}/smb_common.c (100%)
rename fs/{cifsd => ksmbd}/smb_common.h (100%)
rename fs/{cifsd => ksmbd}/smbacl.c (100%)
rename fs/{cifsd => ksmbd}/smbacl.h (100%)
rename fs/{cifsd => ksmbd}/smbfsctl.h (100%)
rename fs/{cifsd => ksmbd}/smbstatus.h (100%)
rename fs/{cifsd => ksmbd}/transport_ipc.c (100%)
rename fs/{cifsd => ksmbd}/transport_ipc.h (100%)
rename fs/{cifsd => ksmbd}/transport_rdma.c (100%)
rename fs/{cifsd => ksmbd}/transport_rdma.h (100%)
rename fs/{cifsd => ksmbd}/transport_tcp.c (100%)
rename fs/{cifsd => ksmbd}/transport_tcp.h (100%)
rename fs/{cifsd => ksmbd}/unicode.c (100%)
rename fs/{cifsd => ksmbd}/unicode.h (100%)
rename fs/{cifsd => ksmbd}/uniupr.h (100%)
rename fs/{cifsd => ksmbd}/vfs.c (100%)
rename fs/{cifsd => ksmbd}/vfs.h (100%)
rename fs/{cifsd => ksmbd}/vfs_cache.c (100%)
rename fs/{cifsd => ksmbd}/vfs_cache.h (100%)
diff --git a/Documentation/filesystems/cifs/index.rst b/Documentation/filesystems/cifs/index.rst
index e762586b5dc7..1c8597a679ab 100644
--- a/Documentation/filesystems/cifs/index.rst
+++ b/Documentation/filesystems/cifs/index.rst
@@ -6,5 +6,5 @@ CIFS
.. toctree::
:maxdepth: 1
- cifsd
+ ksmbd
cifsroot
diff --git a/Documentation/filesystems/cifs/cifsd.rst b/Documentation/filesystems/cifs/ksmbd.rst
similarity index 98%
rename from Documentation/filesystems/cifs/cifsd.rst
rename to Documentation/filesystems/cifs/ksmbd.rst
index 01a0be272ce6..1e111efecd45 100644
--- a/Documentation/filesystems/cifs/cifsd.rst
+++ b/Documentation/filesystems/cifs/ksmbd.rst
@@ -1,13 +1,13 @@
.. SPDX-License-Identifier: GPL-2.0
==========================
-CIFSD - SMB3 Kernel Server
+KSMBD - SMB3 Kernel Server
==========================
-CIFSD is a linux kernel server which implements SMB3 protocol in kernel space
+KSMBD is a linux kernel server which implements SMB3 protocol in kernel space
for sharing files over network.
-CIFSD architecture
+KSMBD architecture
==================
The subset of performance related operations belong in kernelspace and
@@ -60,7 +60,7 @@ NetServerGetInfo. Complete DCE/RPC response is prepared from the user space
and passed over to the associated kernel thread for the client.
-CIFSD Feature Status
+KSMBD Feature Status
====================
============================== =================================================
@@ -138,7 +138,7 @@ How to run
6. Access share from Windows or Linux using CIFS
-Shutdown CIFSD
+Shutdown KSMBD
==============
1. kill user and kernel space daemon
diff --git a/fs/cifsd/asn1.c b/fs/ksmbd/asn1.c
similarity index 100%
rename from fs/cifsd/asn1.c
rename to fs/ksmbd/asn1.c
diff --git a/fs/cifsd/asn1.h b/fs/ksmbd/asn1.h
similarity index 100%
rename from fs/cifsd/asn1.h
rename to fs/ksmbd/asn1.h
diff --git a/fs/cifsd/auth.c b/fs/ksmbd/auth.c
similarity index 100%
rename from fs/cifsd/auth.c
rename to fs/ksmbd/auth.c
diff --git a/fs/cifsd/auth.h b/fs/ksmbd/auth.h
similarity index 100%
rename from fs/cifsd/auth.h
rename to fs/ksmbd/auth.h
diff --git a/fs/cifsd/connection.c b/fs/ksmbd/connection.c
similarity index 100%
rename from fs/cifsd/connection.c
rename to fs/ksmbd/connection.c
diff --git a/fs/cifsd/connection.h b/fs/ksmbd/connection.h
similarity index 100%
rename from fs/cifsd/connection.h
rename to fs/ksmbd/connection.h
diff --git a/fs/cifsd/crypto_ctx.c b/fs/ksmbd/crypto_ctx.c
similarity index 100%
rename from fs/cifsd/crypto_ctx.c
rename to fs/ksmbd/crypto_ctx.c
diff --git a/fs/cifsd/crypto_ctx.h b/fs/ksmbd/crypto_ctx.h
similarity index 100%
rename from fs/cifsd/crypto_ctx.h
rename to fs/ksmbd/crypto_ctx.h
diff --git a/fs/cifsd/glob.h b/fs/ksmbd/glob.h
similarity index 100%
rename from fs/cifsd/glob.h
rename to fs/ksmbd/glob.h
diff --git a/fs/cifsd/ksmbd_server.h b/fs/ksmbd/ksmbd_server.h
similarity index 100%
rename from fs/cifsd/ksmbd_server.h
rename to fs/ksmbd/ksmbd_server.h
diff --git a/fs/cifsd/ksmbd_spnego_negtokeninit.asn1 b/fs/ksmbd/ksmbd_spnego_negtokeninit.asn1
similarity index 100%
rename from fs/cifsd/ksmbd_spnego_negtokeninit.asn1
rename to fs/ksmbd/ksmbd_spnego_negtokeninit.asn1
diff --git a/fs/cifsd/ksmbd_spnego_negtokentarg.asn1 b/fs/ksmbd/ksmbd_spnego_negtokentarg.asn1
similarity index 100%
rename from fs/cifsd/ksmbd_spnego_negtokentarg.asn1
rename to fs/ksmbd/ksmbd_spnego_negtokentarg.asn1
diff --git a/fs/cifsd/ksmbd_work.c b/fs/ksmbd/ksmbd_work.c
similarity index 100%
rename from fs/cifsd/ksmbd_work.c
rename to fs/ksmbd/ksmbd_work.c
diff --git a/fs/cifsd/ksmbd_work.h b/fs/ksmbd/ksmbd_work.h
similarity index 100%
rename from fs/cifsd/ksmbd_work.h
rename to fs/ksmbd/ksmbd_work.h
diff --git a/fs/cifsd/mgmt/ksmbd_ida.c b/fs/ksmbd/mgmt/ksmbd_ida.c
similarity index 100%
rename from fs/cifsd/mgmt/ksmbd_ida.c
rename to fs/ksmbd/mgmt/ksmbd_ida.c
diff --git a/fs/cifsd/mgmt/ksmbd_ida.h b/fs/ksmbd/mgmt/ksmbd_ida.h
similarity index 100%
rename from fs/cifsd/mgmt/ksmbd_ida.h
rename to fs/ksmbd/mgmt/ksmbd_ida.h
diff --git a/fs/cifsd/mgmt/share_config.c b/fs/ksmbd/mgmt/share_config.c
similarity index 100%
rename from fs/cifsd/mgmt/share_config.c
rename to fs/ksmbd/mgmt/share_config.c
diff --git a/fs/cifsd/mgmt/share_config.h b/fs/ksmbd/mgmt/share_config.h
similarity index 100%
rename from fs/cifsd/mgmt/share_config.h
rename to fs/ksmbd/mgmt/share_config.h
diff --git a/fs/cifsd/mgmt/tree_connect.c b/fs/ksmbd/mgmt/tree_connect.c
similarity index 100%
rename from fs/cifsd/mgmt/tree_connect.c
rename to fs/ksmbd/mgmt/tree_connect.c
diff --git a/fs/cifsd/mgmt/tree_connect.h b/fs/ksmbd/mgmt/tree_connect.h
similarity index 100%
rename from fs/cifsd/mgmt/tree_connect.h
rename to fs/ksmbd/mgmt/tree_connect.h
diff --git a/fs/cifsd/mgmt/user_config.c b/fs/ksmbd/mgmt/user_config.c
similarity index 100%
rename from fs/cifsd/mgmt/user_config.c
rename to fs/ksmbd/mgmt/user_config.c
diff --git a/fs/cifsd/mgmt/user_config.h b/fs/ksmbd/mgmt/user_config.h
similarity index 100%
rename from fs/cifsd/mgmt/user_config.h
rename to fs/ksmbd/mgmt/user_config.h
diff --git a/fs/cifsd/mgmt/user_session.c b/fs/ksmbd/mgmt/user_session.c
similarity index 100%
rename from fs/cifsd/mgmt/user_session.c
rename to fs/ksmbd/mgmt/user_session.c
diff --git a/fs/cifsd/mgmt/user_session.h b/fs/ksmbd/mgmt/user_session.h
similarity index 100%
rename from fs/cifsd/mgmt/user_session.h
rename to fs/ksmbd/mgmt/user_session.h
diff --git a/fs/cifsd/misc.c b/fs/ksmbd/misc.c
similarity index 100%
rename from fs/cifsd/misc.c
rename to fs/ksmbd/misc.c
diff --git a/fs/cifsd/misc.h b/fs/ksmbd/misc.h
similarity index 100%
rename from fs/cifsd/misc.h
rename to fs/ksmbd/misc.h
diff --git a/fs/cifsd/ndr.c b/fs/ksmbd/ndr.c
similarity index 100%
rename from fs/cifsd/ndr.c
rename to fs/ksmbd/ndr.c
diff --git a/fs/cifsd/ndr.h b/fs/ksmbd/ndr.h
similarity index 100%
rename from fs/cifsd/ndr.h
rename to fs/ksmbd/ndr.h
diff --git a/fs/cifsd/nterr.h b/fs/ksmbd/nterr.h
similarity index 100%
rename from fs/cifsd/nterr.h
rename to fs/ksmbd/nterr.h
diff --git a/fs/cifsd/ntlmssp.h b/fs/ksmbd/ntlmssp.h
similarity index 100%
rename from fs/cifsd/ntlmssp.h
rename to fs/ksmbd/ntlmssp.h
diff --git a/fs/cifsd/oplock.c b/fs/ksmbd/oplock.c
similarity index 100%
rename from fs/cifsd/oplock.c
rename to fs/ksmbd/oplock.c
diff --git a/fs/cifsd/oplock.h b/fs/ksmbd/oplock.h
similarity index 100%
rename from fs/cifsd/oplock.h
rename to fs/ksmbd/oplock.h
diff --git a/fs/cifsd/server.c b/fs/ksmbd/server.c
similarity index 100%
rename from fs/cifsd/server.c
rename to fs/ksmbd/server.c
diff --git a/fs/cifsd/server.h b/fs/ksmbd/server.h
similarity index 100%
rename from fs/cifsd/server.h
rename to fs/ksmbd/server.h
diff --git a/fs/cifsd/smb2misc.c b/fs/ksmbd/smb2misc.c
similarity index 100%
rename from fs/cifsd/smb2misc.c
rename to fs/ksmbd/smb2misc.c
diff --git a/fs/cifsd/smb2ops.c b/fs/ksmbd/smb2ops.c
similarity index 100%
rename from fs/cifsd/smb2ops.c
rename to fs/ksmbd/smb2ops.c
diff --git a/fs/cifsd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
similarity index 100%
rename from fs/cifsd/smb2pdu.c
rename to fs/ksmbd/smb2pdu.c
diff --git a/fs/cifsd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
similarity index 100%
rename from fs/cifsd/smb2pdu.h
rename to fs/ksmbd/smb2pdu.h
diff --git a/fs/cifsd/smb_common.c b/fs/ksmbd/smb_common.c
similarity index 100%
rename from fs/cifsd/smb_common.c
rename to fs/ksmbd/smb_common.c
diff --git a/fs/cifsd/smb_common.h b/fs/ksmbd/smb_common.h
similarity index 100%
rename from fs/cifsd/smb_common.h
rename to fs/ksmbd/smb_common.h
diff --git a/fs/cifsd/smbacl.c b/fs/ksmbd/smbacl.c
similarity index 100%
rename from fs/cifsd/smbacl.c
rename to fs/ksmbd/smbacl.c
diff --git a/fs/cifsd/smbacl.h b/fs/ksmbd/smbacl.h
similarity index 100%
rename from fs/cifsd/smbacl.h
rename to fs/ksmbd/smbacl.h
diff --git a/fs/cifsd/smbfsctl.h b/fs/ksmbd/smbfsctl.h
similarity index 100%
rename from fs/cifsd/smbfsctl.h
rename to fs/ksmbd/smbfsctl.h
diff --git a/fs/cifsd/smbstatus.h b/fs/ksmbd/smbstatus.h
similarity index 100%
rename from fs/cifsd/smbstatus.h
rename to fs/ksmbd/smbstatus.h
diff --git a/fs/cifsd/transport_ipc.c b/fs/ksmbd/transport_ipc.c
similarity index 100%
rename from fs/cifsd/transport_ipc.c
rename to fs/ksmbd/transport_ipc.c
diff --git a/fs/cifsd/transport_ipc.h b/fs/ksmbd/transport_ipc.h
similarity index 100%
rename from fs/cifsd/transport_ipc.h
rename to fs/ksmbd/transport_ipc.h
diff --git a/fs/cifsd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
similarity index 100%
rename from fs/cifsd/transport_rdma.c
rename to fs/ksmbd/transport_rdma.c
diff --git a/fs/cifsd/transport_rdma.h b/fs/ksmbd/transport_rdma.h
similarity index 100%
rename from fs/cifsd/transport_rdma.h
rename to fs/ksmbd/transport_rdma.h
diff --git a/fs/cifsd/transport_tcp.c b/fs/ksmbd/transport_tcp.c
similarity index 100%
rename from fs/cifsd/transport_tcp.c
rename to fs/ksmbd/transport_tcp.c
diff --git a/fs/cifsd/transport_tcp.h b/fs/ksmbd/transport_tcp.h
similarity index 100%
rename from fs/cifsd/transport_tcp.h
rename to fs/ksmbd/transport_tcp.h
diff --git a/fs/cifsd/unicode.c b/fs/ksmbd/unicode.c
similarity index 100%
rename from fs/cifsd/unicode.c
rename to fs/ksmbd/unicode.c
diff --git a/fs/cifsd/unicode.h b/fs/ksmbd/unicode.h
similarity index 100%
rename from fs/cifsd/unicode.h
rename to fs/ksmbd/unicode.h
diff --git a/fs/cifsd/uniupr.h b/fs/ksmbd/uniupr.h
similarity index 100%
rename from fs/cifsd/uniupr.h
rename to fs/ksmbd/uniupr.h
diff --git a/fs/cifsd/vfs.c b/fs/ksmbd/vfs.c
similarity index 100%
rename from fs/cifsd/vfs.c
rename to fs/ksmbd/vfs.c
diff --git a/fs/cifsd/vfs.h b/fs/ksmbd/vfs.h
similarity index 100%
rename from fs/cifsd/vfs.h
rename to fs/ksmbd/vfs.h
diff --git a/fs/cifsd/vfs_cache.c b/fs/ksmbd/vfs_cache.c
similarity index 100%
rename from fs/cifsd/vfs_cache.c
rename to fs/ksmbd/vfs_cache.c
diff --git a/fs/cifsd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
similarity index 100%
rename from fs/cifsd/vfs_cache.h
rename to fs/ksmbd/vfs_cache.h
From patchwork Mon Nov 14 12:50:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183234
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:17 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:17 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:16 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 137/308] ksmbd: factor out a ksmbd_vfs_lock_parent
helper
Date: Mon, 14 Nov 2022 20:50:46 +0800
Message-ID: <20221114125337.1831594-138-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a913d36a-52d7-47b5-6969-08dac63c67db
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7191504
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 333111a6dc32a2768f581876bdb5ef4231f5084e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/333111a6dc32
-------------------------------
Factor out a self-contained helper to
get stable parent dentry.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/vfs.c | 125 ++++++++++++++++++++++++-------------------------
1 file changed, 62 insertions(+), 63 deletions(-)
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index fddabb4c7db6..e64eab7a58a8 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -60,6 +60,41 @@ static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
i_uid_write(inode, i_uid_read(parent_inode));
}
+/**
+ * ksmbd_vfs_lock_parent() - lock parent dentry if it is stable
+ *
+ * the parent dentry got by dget_parent or @parent could be
+ * unstable, we try to lock a parent inode and lookup the
+ * child dentry again.
+ *
+ * the reference count of @parent isn't incremented.
+ */
+static int ksmbd_vfs_lock_parent(struct dentry *parent, struct dentry *child)
+{
+ struct dentry *dentry;
+ int ret = 0;
+
+ inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
+ dentry = lookup_one_len(child->d_name.name, parent,
+ child->d_name.len);
+ if (IS_ERR(dentry)) {
+ ret = PTR_ERR(dentry);
+ goto out_err;
+ }
+
+ if (dentry != child) {
+ ret = -ESTALE;
+ dput(dentry);
+ goto out_err;
+ }
+
+ dput(dentry);
+ return 0;
+out_err:
+ inode_unlock(d_inode(parent));
+ return ret;
+}
+
int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
{
int mask, ret = 0;
@@ -78,29 +113,18 @@ int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
return -EACCES;
if (delete) {
- struct dentry *child, *parent;
+ struct dentry *parent;
parent = dget_parent(dentry);
- inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
- child = lookup_one_len(dentry->d_name.name, parent,
- dentry->d_name.len);
- if (IS_ERR(child)) {
- ret = PTR_ERR(child);
- goto out_lock;
- }
-
- if (child != dentry) {
- ret = -ESTALE;
- dput(child);
- goto out_lock;
+ ret = ksmbd_vfs_lock_parent(parent, dentry);
+ if (ret) {
+ dput(parent);
+ return ret;
}
- dput(child);
- if (inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE)) {
+ if (inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE))
ret = -EACCES;
- goto out_lock;
- }
-out_lock:
+
inode_unlock(d_inode(parent));
dput(parent);
}
@@ -109,7 +133,7 @@ int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
{
- struct dentry *parent, *child;
+ struct dentry *parent;
int ret = 0;
*daccess = cpu_to_le32(FILE_READ_ATTRIBUTES | READ_CONTROL);
@@ -127,25 +151,15 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
*daccess |= FILE_EXECUTE_LE;
parent = dget_parent(dentry);
- inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
- child = lookup_one_len(dentry->d_name.name, parent,
- dentry->d_name.len);
- if (IS_ERR(child)) {
- ret = PTR_ERR(child);
- goto out_lock;
- }
-
- if (child != dentry) {
- ret = -ESTALE;
- dput(child);
- goto out_lock;
+ ret = ksmbd_vfs_lock_parent(parent, dentry);
+ if (ret) {
+ dput(parent);
+ return ret;
}
- dput(child);
if (!inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE))
*daccess |= FILE_DELETE_LE;
-out_lock:
inode_unlock(d_inode(parent));
dput(parent);
return ret;
@@ -573,7 +587,7 @@ int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id)
int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
{
struct path path;
- struct dentry *dentry, *parent;
+ struct dentry *parent;
int err;
int flags = 0;
@@ -592,35 +606,32 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
}
parent = dget_parent(path.dentry);
- inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
- dentry = lookup_one_len(path.dentry->d_name.name, parent,
- strlen(path.dentry->d_name.name));
- if (IS_ERR(dentry)) {
- err = PTR_ERR(dentry);
- ksmbd_debug(VFS, "%s: lookup failed, err %d\n",
- path.dentry->d_name.name, err);
- goto out_err;
+ err = ksmbd_vfs_lock_parent(parent, path.dentry);
+ if (err) {
+ dput(parent);
+ path_put(&path);
+ ksmbd_revert_fsids(work);
+ return err;
}
- if (!d_inode(dentry) || !d_inode(dentry)->i_nlink) {
- dput(dentry);
+ if (!d_inode(path.dentry)->i_nlink) {
err = -ENOENT;
goto out_err;
}
- if (S_ISDIR(d_inode(dentry)->i_mode)) {
- err = vfs_rmdir(&init_user_ns, d_inode(parent), dentry);
+ if (S_ISDIR(d_inode(path.dentry)->i_mode)) {
+ err = vfs_rmdir(&init_user_ns, d_inode(parent), path.dentry);
if (err && err != -ENOTEMPTY)
ksmbd_debug(VFS, "%s: rmdir failed, err %d\n", name,
err);
} else {
- err = vfs_unlink(&init_user_ns, d_inode(parent), dentry, NULL);
+ err = vfs_unlink(&init_user_ns, d_inode(parent), path.dentry,
+ NULL);
if (err)
ksmbd_debug(VFS, "%s: unlink failed, err %d\n", name,
err);
}
- dput(dentry);
out_err:
inode_unlock(d_inode(parent));
dput(parent);
@@ -1086,30 +1097,18 @@ int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name)
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
{
- struct dentry *child;
int err = 0;
- inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
+ err = ksmbd_vfs_lock_parent(dir, dentry);
+ if (err)
+ return err;
dget(dentry);
- child = lookup_one_len(dentry->d_name.name, dir, dentry->d_name.len);
- if (IS_ERR(child)) {
- err = PTR_ERR(child);
- goto out;
- }
-
- if (child != dentry) {
- err = -ESTALE;
- dput(child);
- goto out;
- }
- dput(child);
if (S_ISDIR(d_inode(dentry)->i_mode))
err = vfs_rmdir(&init_user_ns, d_inode(dir), dentry);
else
err = vfs_unlink(&init_user_ns, d_inode(dir), dentry, NULL);
-out:
dput(dentry);
inode_unlock(d_inode(dir));
if (err)
From patchwork Mon Nov 14 12:50:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183235
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:17 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:17 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:17 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 138/308] ksmbd: set MAY_* flags together with open
flags
Date: Mon, 14 Nov 2022 20:50:47 +0800
Message-ID: <20221114125337.1831594-139-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3f875ef2-7d55-4569-22e1-08dac63c6824
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6872233
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-v5.15-rc1
commit 6c5e36d13e2a338ed611d2bcc6c615dd0550b17d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6c5e36d13e2a
set MAY_* flags together with open flags and
remove ksmbd_vfs_inode_permission().
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 38 ++++++++++++++++++++++++--------------
fs/ksmbd/vfs.c | 42 +++++++++++++-----------------------------
fs/ksmbd/vfs.h | 3 +--
3 files changed, 38 insertions(+), 45 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 1327ae806b17..25715d57c2bb 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1836,21 +1836,27 @@ int smb2_tree_connect(struct ksmbd_work *work)
* @file_present: is file already present
* @access: file access flags
* @disposition: file disposition flags
+ * @may_flags: set with MAY_ flags
*
* Return: file open flags
*/
static int smb2_create_open_flags(bool file_present, __le32 access,
- __le32 disposition)
+ __le32 disposition,
+ int *may_flags)
{
int oflags = O_NONBLOCK | O_LARGEFILE;
if (access & FILE_READ_DESIRED_ACCESS_LE &&
- access & FILE_WRITE_DESIRE_ACCESS_LE)
+ access & FILE_WRITE_DESIRE_ACCESS_LE) {
oflags |= O_RDWR;
- else if (access & FILE_WRITE_DESIRE_ACCESS_LE)
+ *may_flags = MAY_OPEN | MAY_READ | MAY_WRITE;
+ } else if (access & FILE_WRITE_DESIRE_ACCESS_LE) {
oflags |= O_WRONLY;
- else
+ *may_flags = MAY_OPEN | MAY_WRITE;
+ } else {
oflags |= O_RDONLY;
+ *may_flags = MAY_OPEN | MAY_READ;
+ }
if (access == FILE_READ_ATTRIBUTES_LE)
oflags |= O_PATH;
@@ -1884,6 +1890,7 @@ static int smb2_create_open_flags(bool file_present, __le32 access,
break;
}
}
+
return oflags;
}
@@ -2355,7 +2362,7 @@ int smb2_open(struct ksmbd_work *work)
struct create_ea_buf_req *ea_buf = NULL;
struct oplock_info *opinfo;
__le32 *next_ptr = NULL;
- int req_op_level = 0, open_flags = 0, file_info = 0;
+ int req_op_level = 0, open_flags = 0, may_flags = 0, file_info = 0;
int rc = 0, len = 0;
int contxt_cnt = 0, query_disk_id = 0;
int maximal_access_ctxt = 0, posix_ctxt = 0;
@@ -2696,7 +2703,8 @@ int smb2_open(struct ksmbd_work *work)
}
open_flags = smb2_create_open_flags(file_present, daccess,
- req->CreateDisposition);
+ req->CreateDisposition,
+ &may_flags);
if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
if (open_flags & O_CREAT) {
@@ -2723,21 +2731,23 @@ int smb2_open(struct ksmbd_work *work)
goto err_out;
}
} else if (!already_permitted) {
- bool may_delete;
-
- may_delete = daccess & FILE_DELETE_LE ||
- req->CreateOptions & FILE_DELETE_ON_CLOSE_LE;
-
/* FILE_READ_ATTRIBUTE is allowed without inode_permission,
* because execute(search) permission on a parent directory,
* is already granted.
*/
if (daccess & ~(FILE_READ_ATTRIBUTES_LE | FILE_READ_CONTROL_LE)) {
- rc = ksmbd_vfs_inode_permission(path.dentry,
- open_flags & O_ACCMODE,
- may_delete);
+ rc = inode_permission(&init_user_ns,
+ d_inode(path.dentry),
+ may_flags);
if (rc)
goto err_out;
+
+ if ((daccess & FILE_DELETE_LE) ||
+ (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
+ rc = ksmbd_vfs_may_delete(path.dentry);
+ if (rc)
+ goto err_out;
+ }
}
}
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index e64eab7a58a8..6181a58e8a33 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -95,39 +95,23 @@ static int ksmbd_vfs_lock_parent(struct dentry *parent, struct dentry *child)
return ret;
}
-int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode, bool delete)
+int ksmbd_vfs_may_delete(struct dentry *dentry)
{
- int mask, ret = 0;
-
- mask = 0;
- acc_mode &= O_ACCMODE;
-
- if (acc_mode == O_RDONLY)
- mask = MAY_READ;
- else if (acc_mode == O_WRONLY)
- mask = MAY_WRITE;
- else if (acc_mode == O_RDWR)
- mask = MAY_READ | MAY_WRITE;
-
- if (inode_permission(&init_user_ns, d_inode(dentry), mask | MAY_OPEN))
- return -EACCES;
-
- if (delete) {
- struct dentry *parent;
-
- parent = dget_parent(dentry);
- ret = ksmbd_vfs_lock_parent(parent, dentry);
- if (ret) {
- dput(parent);
- return ret;
- }
-
- if (inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE))
- ret = -EACCES;
+ struct dentry *parent;
+ int ret;
- inode_unlock(d_inode(parent));
+ parent = dget_parent(dentry);
+ ret = ksmbd_vfs_lock_parent(parent, dentry);
+ if (ret) {
dput(parent);
+ return ret;
}
+
+ ret = inode_permission(&init_user_ns, d_inode(parent),
+ MAY_EXEC | MAY_WRITE);
+
+ inode_unlock(d_inode(parent));
+ dput(parent);
return ret;
}
diff --git a/fs/ksmbd/vfs.h b/fs/ksmbd/vfs.h
index 49f0558ace32..ae8eff1f0315 100644
--- a/fs/ksmbd/vfs.h
+++ b/fs/ksmbd/vfs.h
@@ -192,8 +192,7 @@ struct ksmbd_kstat {
__le32 file_attributes;
};
-int ksmbd_vfs_inode_permission(struct dentry *dentry, int acc_mode,
- bool delete);
+int ksmbd_vfs_may_delete(struct dentry *dentry);
int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess);
int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode);
int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode);
From patchwork Mon Nov 14 12:50:48 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183236
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:18 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:18 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:17 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 139/308] ksmbd: remove macros in transport_ipc.c
Date: Mon, 14 Nov 2022 20:50:48 +0800
Message-ID: <20221114125337.1831594-140-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2905400f-6411-4d5e-ff8d-08dac63c686c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6852905
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit b622948789a96a8f347c8e77e18d100c7f1a78fa
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b622948789a9
-------------------------------
Remove macros in transport_ipc.c
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_ipc.c | 35 +++++++++++++++--------------------
1 file changed, 15 insertions(+), 20 deletions(-)
diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c
index 13eacfda64ac..ca5099118fdf 100644
--- a/fs/ksmbd/transport_ipc.c
+++ b/fs/ksmbd/transport_ipc.c
@@ -38,8 +38,6 @@ static DEFINE_IDA(ipc_ida);
static unsigned int ksmbd_tools_pid;
-#define KSMBD_IPC_MSG_HANDLE(m) (*(unsigned int *)m)
-
static bool ksmbd_ipc_validate_version(struct genl_info *m)
{
if (m->genlhdr->version != KSMBD_GENL_VERSION) {
@@ -56,12 +54,9 @@ static bool ksmbd_ipc_validate_version(struct genl_info *m)
struct ksmbd_ipc_msg {
unsigned int type;
unsigned int sz;
- unsigned char ____payload[0];
+ unsigned char payload[];
};
-#define KSMBD_IPC_MSG_PAYLOAD(m) \
- ((void *)(((struct ksmbd_ipc_msg *)(m))->____payload))
-
struct ipc_msg_table_entry {
unsigned int handle;
unsigned int type;
@@ -251,7 +246,7 @@ static void ipc_msg_handle_free(int handle)
static int handle_response(int type, void *payload, size_t sz)
{
- int handle = KSMBD_IPC_MSG_HANDLE(payload);
+ unsigned int handle = *(unsigned int *)payload;
struct ipc_msg_table_entry *entry;
int ret = 0;
@@ -432,7 +427,7 @@ static int ipc_msg_send(struct ksmbd_ipc_msg *msg)
if (!nlh)
goto out;
- ret = nla_put(skb, msg->type, msg->sz, KSMBD_IPC_MSG_PAYLOAD(msg));
+ ret = nla_put(skb, msg->type, msg->sz, msg->payload);
if (ret) {
genlmsg_cancel(skb, nlh);
goto out;
@@ -509,7 +504,7 @@ struct ksmbd_login_response *ksmbd_ipc_login_request(const char *account)
return NULL;
msg->type = KSMBD_EVENT_LOGIN_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_login_request *)msg->payload;
req->handle = ksmbd_acquire_id(&ipc_ida);
strscpy(req->account, account, KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
@@ -532,7 +527,7 @@ ksmbd_ipc_spnego_authen_request(const char *spnego_blob, int blob_len)
return NULL;
msg->type = KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_spnego_authen_request *)msg->payload;
req->handle = ksmbd_acquire_id(&ipc_ida);
req->spnego_blob_len = blob_len;
memcpy(req->spnego_blob, spnego_blob, blob_len);
@@ -564,7 +559,7 @@ ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
return NULL;
msg->type = KSMBD_EVENT_TREE_CONNECT_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_tree_connect_request *)msg->payload;
req->handle = ksmbd_acquire_id(&ipc_ida);
req->account_flags = sess->user->flags;
@@ -597,7 +592,7 @@ int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
return -ENOMEM;
msg->type = KSMBD_EVENT_TREE_DISCONNECT_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_tree_disconnect_request *)msg->payload;
req->session_id = session_id;
req->connect_id = connect_id;
@@ -620,7 +615,7 @@ int ksmbd_ipc_logout_request(const char *account)
return -ENOMEM;
msg->type = KSMBD_EVENT_LOGOUT_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_logout_request *)msg->payload;
strscpy(req->account, account, KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
ret = ipc_msg_send(msg);
@@ -643,7 +638,7 @@ ksmbd_ipc_share_config_request(const char *name)
return NULL;
msg->type = KSMBD_EVENT_SHARE_CONFIG_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_share_config_request *)msg->payload;
req->handle = ksmbd_acquire_id(&ipc_ida);
strscpy(req->share_name, name, KSMBD_REQ_MAX_SHARE_NAME);
@@ -664,7 +659,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_open(struct ksmbd_session *sess, int handle)
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_rpc_command *)msg->payload;
req->handle = handle;
req->flags = ksmbd_session_rpc_method(sess, handle);
req->flags |= KSMBD_RPC_OPEN_METHOD;
@@ -686,7 +681,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_close(struct ksmbd_session *sess, int handle
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_rpc_command *)msg->payload;
req->handle = handle;
req->flags = ksmbd_session_rpc_method(sess, handle);
req->flags |= KSMBD_RPC_CLOSE_METHOD;
@@ -709,7 +704,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_write(struct ksmbd_session *sess, int handle
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_rpc_command *)msg->payload;
req->handle = handle;
req->flags = ksmbd_session_rpc_method(sess, handle);
req->flags |= rpc_context_flags(sess);
@@ -733,7 +728,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_read(struct ksmbd_session *sess, int handle)
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_rpc_command *)msg->payload;
req->handle = handle;
req->flags = ksmbd_session_rpc_method(sess, handle);
req->flags |= rpc_context_flags(sess);
@@ -757,7 +752,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_rpc_command *)req->payload;
req->handle = handle;
req->flags = ksmbd_session_rpc_method(sess, handle);
req->flags |= rpc_context_flags(sess);
@@ -782,7 +777,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payloa
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = KSMBD_IPC_MSG_PAYLOAD(msg);
+ req = (struct ksmbd_rpc_command *)req->payload;
req->handle = ksmbd_acquire_id(&ipc_ida);
req->flags = rpc_context_flags(sess);
req->flags |= KSMBD_RPC_RAP_METHOD;
From patchwork Mon Nov 14 12:50:49 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183237
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:18 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:18 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:18 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 140/308] ksmbd: replace BUFFER_NR_PAGES with
inline function
Date: Mon, 14 Nov 2022 20:50:49 +0800
Message-ID: <20221114125337.1831594-141-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
aea11117-421f-4433-70da-08dac63c68b2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6526816
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 8ad8dc34211742c816d45dd2ce62aa103a82f4c2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8ad8dc342117
-------------------------------
Replace BUFFER_NR_PAGES with inline function
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index bd7a090d5350..b3af474d4cad 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -204,9 +204,11 @@ struct smb_direct_rdma_rw_msg {
struct scatterlist sg_list[0];
};
-#define BUFFER_NR_PAGES(buf, len) \
- (DIV_ROUND_UP((unsigned long)(buf) + (len), PAGE_SIZE) \
- - (unsigned long)(buf) / PAGE_SIZE)
+static inline int get_buf_page_count(void *buf, int size)
+{
+ return DIV_ROUND_UP((uintptr_t)buf + size, PAGE_SIZE) -
+ (uintptr_t)buf / PAGE_SIZE;
+}
static void smb_direct_destroy_pools(struct smb_direct_transport *transport);
static void smb_direct_post_recv_credits(struct work_struct *work);
@@ -1048,7 +1050,7 @@ static int get_sg_list(void *buf, int size, struct scatterlist *sg_list, int nen
int offset, len;
int i = 0;
- if (nentries < BUFFER_NR_PAGES(buf, size))
+ if (nentries < get_buf_page_count(buf, size))
return -EINVAL;
offset = offset_in_page(buf);
@@ -1338,7 +1340,7 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
msg->sgt.sgl = &msg->sg_list[0];
ret = sg_alloc_table_chained(&msg->sgt,
- BUFFER_NR_PAGES(buf, buf_len),
+ get_buf_page_count(buf, buf_len),
msg->sg_list, SG_CHUNK_SIZE);
if (ret) {
atomic_inc(&t->rw_avail_ops);
@@ -1353,7 +1355,7 @@ static int smb_direct_rdma_xmit(struct smb_direct_transport *t, void *buf,
}
ret = rdma_rw_ctx_init(&msg->rw_ctx, t->qp, t->qp->port,
- msg->sg_list, BUFFER_NR_PAGES(buf, buf_len),
+ msg->sg_list, get_buf_page_count(buf, buf_len),
0, remote_offset, remote_key,
is_read ? DMA_FROM_DEVICE : DMA_TO_DEVICE);
if (ret < 0) {
From patchwork Mon Nov 14 12:50:50 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183238
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:19 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:18 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 141/308] ksmbd: replace KSMBD_ALIGN with kernel
ALIGN macro
Date: Mon, 14 Nov 2022 20:50:50 +0800
Message-ID: <20221114125337.1831594-142-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9a2e3233-4656-439f-2215-08dac63c68f7
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7062487
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit c2220322b4577fc32ad3b7b4ddb856bd1f8c7461
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c2220322b457
-------------------------------
Replace KSMBD_ALIGN with kernel ALIGN macro
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ndr.c | 27 ++++++---------------------
1 file changed, 6 insertions(+), 21 deletions(-)
diff --git a/fs/ksmbd/ndr.c b/fs/ksmbd/ndr.c
index 46cc01475d38..db2ec07e076e 100644
--- a/fs/ksmbd/ndr.c
+++ b/fs/ksmbd/ndr.c
@@ -11,21 +11,6 @@
#define PAYLOAD_HEAD(d) ((d)->data + (d)->offset)
-#define KSMBD_ALIGN_MASK(x, mask) (((x) + (mask)) & ~(mask))
-
-#define KSMBD_ALIGN(x, a) \
- ({ \
- typeof(x) ret = (x); \
- if (((x) & ((typeof(x))(a) - 1)) != 0) \
- ret = KSMBD_ALIGN_MASK(x, (typeof(x))(a) - 1); \
- ret; \
- })
-
-static void align_offset(struct ndr *ndr, int n)
-{
- ndr->offset = KSMBD_ALIGN(ndr->offset, n);
-}
-
static int try_to_realloc_ndr_blob(struct ndr *n, size_t sz)
{
char *data;
@@ -85,7 +70,7 @@ static int ndr_write_string(struct ndr *n, void *value, size_t sz)
strncpy(PAYLOAD_HEAD(n), value, sz);
sz++;
n->offset += sz;
- align_offset(n, 2);
+ n->offset = ALIGN(n->offset, 2);
return 0;
}
@@ -96,7 +81,7 @@ static int ndr_read_string(struct ndr *n, void *value, size_t sz)
memcpy(value, PAYLOAD_HEAD(n), len);
len++;
n->offset += len;
- align_offset(n, 2);
+ n->offset = ALIGN(n->offset, 2);
return 0;
}
@@ -210,20 +195,20 @@ static int ndr_encode_posix_acl_entry(struct ndr *n, struct xattr_smb_acl *acl)
int i;
ndr_write_int32(n, acl->count);
- align_offset(n, 8);
+ n->offset = ALIGN(n->offset, 8);
ndr_write_int32(n, acl->count);
ndr_write_int32(n, 0);
for (i = 0; i < acl->count; i++) {
- align_offset(n, 8);
+ n->offset = ALIGN(n->offset, 8);
ndr_write_int16(n, acl->entries[i].type);
ndr_write_int16(n, acl->entries[i].type);
if (acl->entries[i].type == SMB_ACL_USER) {
- align_offset(n, 8);
+ n->offset = ALIGN(n->offset, 8);
ndr_write_int64(n, acl->entries[i].uid);
} else if (acl->entries[i].type == SMB_ACL_GROUP) {
- align_offset(n, 8);
+ n->offset = ALIGN(n->offset, 8);
ndr_write_int64(n, acl->entries[i].gid);
}
From patchwork Mon Nov 14 12:50:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183239
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:19 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:18 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 142/308] ksmbd: replace PAYLOAD_HEAD with inline
function
Date: Mon, 14 Nov 2022 20:50:51 +0800
Message-ID: <20221114125337.1831594-143-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4bc71723-86bc-4a47-2643-08dac63c6940
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6863670
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit cb5b047f8e14e91774f68625dafb130fb160b4eb
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/cb5b047f8e14
-------------------------------
Replace PAYLOAD_HEAD with inline function.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ndr.c | 27 +++++++++++++++------------
1 file changed, 15 insertions(+), 12 deletions(-)
diff --git a/fs/ksmbd/ndr.c b/fs/ksmbd/ndr.c
index db2ec07e076e..bcf13a2aa9d4 100644
--- a/fs/ksmbd/ndr.c
+++ b/fs/ksmbd/ndr.c
@@ -9,7 +9,10 @@
#include "glob.h"
#include "ndr.h"
-#define PAYLOAD_HEAD(d) ((d)->data + (d)->offset)
+static inline char *ndr_get_field(struct ndr *n)
+{
+ return n->data + n->offset;
+}
static int try_to_realloc_ndr_blob(struct ndr *n, size_t sz)
{
@@ -30,7 +33,7 @@ static void ndr_write_int16(struct ndr *n, __u16 value)
if (n->length <= n->offset + sizeof(value))
try_to_realloc_ndr_blob(n, sizeof(value));
- *(__le16 *)PAYLOAD_HEAD(n) = cpu_to_le16(value);
+ *(__le16 *)ndr_get_field(n) = cpu_to_le16(value);
n->offset += sizeof(value);
}
@@ -39,7 +42,7 @@ static void ndr_write_int32(struct ndr *n, __u32 value)
if (n->length <= n->offset + sizeof(value))
try_to_realloc_ndr_blob(n, sizeof(value));
- *(__le32 *)PAYLOAD_HEAD(n) = cpu_to_le32(value);
+ *(__le32 *)ndr_get_field(n) = cpu_to_le32(value);
n->offset += sizeof(value);
}
@@ -48,7 +51,7 @@ static void ndr_write_int64(struct ndr *n, __u64 value)
if (n->length <= n->offset + sizeof(value))
try_to_realloc_ndr_blob(n, sizeof(value));
- *(__le64 *)PAYLOAD_HEAD(n) = cpu_to_le64(value);
+ *(__le64 *)ndr_get_field(n) = cpu_to_le64(value);
n->offset += sizeof(value);
}
@@ -57,7 +60,7 @@ static int ndr_write_bytes(struct ndr *n, void *value, size_t sz)
if (n->length <= n->offset + sz)
try_to_realloc_ndr_blob(n, sz);
- memcpy(PAYLOAD_HEAD(n), value, sz);
+ memcpy(ndr_get_field(n), value, sz);
n->offset += sz;
return 0;
}
@@ -67,7 +70,7 @@ static int ndr_write_string(struct ndr *n, void *value, size_t sz)
if (n->length <= n->offset + sz)
try_to_realloc_ndr_blob(n, sz);
- strncpy(PAYLOAD_HEAD(n), value, sz);
+ strncpy(ndr_get_field(n), value, sz);
sz++;
n->offset += sz;
n->offset = ALIGN(n->offset, 2);
@@ -76,9 +79,9 @@ static int ndr_write_string(struct ndr *n, void *value, size_t sz)
static int ndr_read_string(struct ndr *n, void *value, size_t sz)
{
- int len = strnlen(PAYLOAD_HEAD(n), sz);
+ int len = strnlen(ndr_get_field(n), sz);
- memcpy(value, PAYLOAD_HEAD(n), len);
+ memcpy(value, ndr_get_field(n), len);
len++;
n->offset += len;
n->offset = ALIGN(n->offset, 2);
@@ -87,7 +90,7 @@ static int ndr_read_string(struct ndr *n, void *value, size_t sz)
static int ndr_read_bytes(struct ndr *n, void *value, size_t sz)
{
- memcpy(value, PAYLOAD_HEAD(n), sz);
+ memcpy(value, ndr_get_field(n), sz);
n->offset += sz;
return 0;
}
@@ -96,7 +99,7 @@ static __u16 ndr_read_int16(struct ndr *n)
{
__u16 ret;
- ret = le16_to_cpu(*(__le16 *)PAYLOAD_HEAD(n));
+ ret = le16_to_cpu(*(__le16 *)ndr_get_field(n));
n->offset += sizeof(__u16);
return ret;
}
@@ -105,7 +108,7 @@ static __u32 ndr_read_int32(struct ndr *n)
{
__u32 ret;
- ret = le32_to_cpu(*(__le32 *)PAYLOAD_HEAD(n));
+ ret = le32_to_cpu(*(__le32 *)ndr_get_field(n));
n->offset += sizeof(__u32);
return ret;
}
@@ -114,7 +117,7 @@ static __u64 ndr_read_int64(struct ndr *n)
{
__u64 ret;
- ret = le64_to_cpu(*(__le64 *)PAYLOAD_HEAD(n));
+ ret = le64_to_cpu(*(__le64 *)ndr_get_field(n));
n->offset += sizeof(__u64);
return ret;
}
From patchwork Mon Nov 14 12:50:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183240
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:20 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:19 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:19 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 143/308] ksmbd: remove getting worker state macros
Date: Mon, 14 Nov 2022 20:50:52 +0800
Message-ID: <20221114125337.1831594-144-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2e1806f8-d635-4735-de7b-08dac63c6988
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6523287
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit d4075abbc6b571e9d03d7a742e53fd6085223649
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d4075abbc6b5
-------------------------------
Remove getting worker state macros
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ksmbd_work.h | 4 ----
fs/ksmbd/smb2pdu.c | 4 ++--
2 files changed, 2 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/ksmbd_work.h b/fs/ksmbd/ksmbd_work.h
index 0e2d4f3fc49f..a91abd438a85 100644
--- a/fs/ksmbd/ksmbd_work.h
+++ b/fs/ksmbd/ksmbd_work.h
@@ -86,10 +86,6 @@ struct ksmbd_work {
struct list_head interim_entry;
};
-#define WORK_CANCELLED(w) ((w)->state == KSMBD_WORK_CANCELLED)
-#define WORK_CLOSED(w) ((w)->state == KSMBD_WORK_CLOSED)
-#define WORK_ACTIVE(w) ((w)->state == KSMBD_WORK_ACTIVE)
-
#define RESPONSE_BUF_NEXT(w) \
(((w)->response_buf + (w)->next_smb2_rsp_hdr_off))
#define REQUEST_BUF_NEXT(w) \
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 25715d57c2bb..38a36390b64d 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6716,12 +6716,12 @@ int smb2_lock(struct ksmbd_work *work)
err = ksmbd_vfs_posix_lock_wait(flock);
- if (!WORK_ACTIVE(work)) {
+ if (work->state != KSMBD_WORK_ACTIVE) {
list_del(&smb_lock->llist);
list_del(&smb_lock->glist);
locks_free_lock(flock);
- if (WORK_CANCELLED(work)) {
+ if (work->state == KSMBD_WORK_CANCELLED) {
spin_lock(&fp->f_lock);
list_del(&work->fp_entry);
spin_unlock(&fp->f_lock);
From patchwork Mon Nov 14 12:50:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183241
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:20 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:20 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:19 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 144/308] ksmbd: remove and replace macros with
inline functions in smb_common.h
Date: Mon, 14 Nov 2022 20:50:53 +0800
Message-ID: <20221114125337.1831594-145-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d1dfc558-cf4a-4dc9-e279-08dac63c69d1
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7036974
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit d8fb29980cb5369c4ea520c0b4e1a8893e88f14c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d8fb29980cb5
-------------------------------
Remove and replace macros with inline functions
in smb_common.h
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/mgmt/user_session.c | 8 +++-----
fs/ksmbd/oplock.c | 6 ++++--
fs/ksmbd/smb2pdu.c | 5 +++--
fs/ksmbd/smb_common.h | 12 ++++++------
4 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/fs/ksmbd/mgmt/user_session.c b/fs/ksmbd/mgmt/user_session.c
index c5ba9694e1f1..8d8ffd8c6f19 100644
--- a/fs/ksmbd/mgmt/user_session.c
+++ b/fs/ksmbd/mgmt/user_session.c
@@ -154,11 +154,9 @@ void ksmbd_session_destroy(struct ksmbd_session *sess)
list_del(&sess->sessions_entry);
- if (IS_SMB2(sess->conn)) {
- down_write(&sessions_table_lock);
- hash_del(&sess->hlist);
- up_write(&sessions_table_lock);
- }
+ down_write(&sessions_table_lock);
+ hash_del(&sess->hlist);
+ up_write(&sessions_table_lock);
if (sess->user)
ksmbd_free_user(sess->user);
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 9027cb7d970f..71e15a591582 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -631,7 +631,8 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
rsp_hdr = work->response_buf;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
- rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+ rsp_hdr->smb2_buf_length =
+ cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->CreditRequest = cpu_to_le16(0);
@@ -737,7 +738,8 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
rsp_hdr = work->response_buf;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
- rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+ rsp_hdr->smb2_buf_length =
+ cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->CreditRequest = cpu_to_le16(0);
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 38a36390b64d..ece03135127c 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -243,7 +243,7 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
rsp_hdr->smb2_buf_length =
- cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+ cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
@@ -497,7 +497,8 @@ int init_smb2_rsp_hdr(struct ksmbd_work *work)
struct ksmbd_conn *conn = work->conn;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
- rsp_hdr->smb2_buf_length = cpu_to_be32(HEADER_SIZE_NO_BUF_LEN(conn));
+ rsp_hdr->smb2_buf_length =
+ cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
rsp_hdr->ProtocolId = rcv_hdr->ProtocolId;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->Command = rcv_hdr->Command;
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 084166ba7654..8489b92229fa 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -50,12 +50,6 @@
extern struct list_head global_lock_list;
-#define IS_SMB2(x) ((x)->vals->protocol_id != SMB10_PROT_ID)
-
-#define HEADER_SIZE(conn) ((conn)->vals->header_size)
-#define HEADER_SIZE_NO_BUF_LEN(conn) ((conn)->vals->header_size - 4)
-#define MAX_HEADER_SIZE(conn) ((conn)->vals->max_header_size)
-
/* RFC 1002 session packet types */
#define RFC1002_SESSION_MESSAGE 0x00
#define RFC1002_SESSION_REQUEST 0x81
@@ -490,6 +484,12 @@ struct smb_version_cmds {
int (*proc)(struct ksmbd_work *swork);
};
+static inline size_t
+smb2_hdr_size_no_buflen(struct smb_version_values *vals)
+{
+ return vals->header_size - 4;
+}
+
int ksmbd_min_protocol(void);
int ksmbd_max_protocol(void);
From patchwork Mon Nov 14 12:50:54 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183242
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:21 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:20 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:20 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 145/308] ksmbd: replace SMB_DIRECT_TRANS macro
with inline function
Date: Mon, 14 Nov 2022 20:50:54 +0800
Message-ID: <20221114125337.1831594-146-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
abce3903-68ac-49ee-4e51-08dac63c6a1a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6897192
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 02d4b4aa6d3b135b00f20da9d623d2bbae63768f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/02d4b4aa6d3b
-------------------------------
replace SMB_DIRECT_TRANS macro with inline function.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index b3af474d4cad..171fb3dd018a 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -158,8 +158,6 @@ struct smb_direct_transport {
};
#define KSMBD_TRANS(t) ((struct ksmbd_transport *)&((t)->transport))
-#define SMB_DIRECT_TRANS(t) ((struct smb_direct_transport *)container_of(t, \
- struct smb_direct_transport, transport))
enum {
SMB_DIRECT_MSG_NEGOTIATE_REQ = 0,
@@ -217,6 +215,12 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
struct kvec *iov, int niov,
int remaining_data_length);
+static inline struct smb_direct_transport *
+smb_trans_direct_transfort(struct ksmbd_transport *t)
+{
+ return container_of(t, struct smb_direct_transport, transport);
+}
+
static inline void
*smb_direct_recvmsg_payload(struct smb_direct_recvmsg *recvmsg)
{
@@ -643,7 +647,7 @@ static int smb_direct_read(struct ksmbd_transport *t, char *buf,
int to_copy, to_read, data_read, offset;
u32 data_length, remaining_data_length, data_offset;
int rc;
- struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+ struct smb_direct_transport *st = smb_trans_direct_transfort(t);
again:
if (st->status != SMB_DIRECT_CS_CONNECTED) {
@@ -1194,7 +1198,7 @@ static int smb_direct_writev(struct ksmbd_transport *t,
struct kvec *iov, int niovs, int buflen,
bool need_invalidate, unsigned int remote_key)
{
- struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+ struct smb_direct_transport *st = smb_trans_direct_transfort(t);
int remaining_data_length;
int start, i, j;
int max_iov_size = st->max_send_size -
@@ -1393,7 +1397,7 @@ static int smb_direct_rdma_write(struct ksmbd_transport *t, void *buf,
unsigned int buflen, u32 remote_key,
u64 remote_offset, u32 remote_len)
{
- return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
+ return smb_direct_rdma_xmit(smb_trans_direct_transfort(t), buf, buflen,
remote_key, remote_offset,
remote_len, false);
}
@@ -1402,14 +1406,14 @@ static int smb_direct_rdma_read(struct ksmbd_transport *t, void *buf,
unsigned int buflen, u32 remote_key,
u64 remote_offset, u32 remote_len)
{
- return smb_direct_rdma_xmit(SMB_DIRECT_TRANS(t), buf, buflen,
+ return smb_direct_rdma_xmit(smb_trans_direct_transfort(t), buf, buflen,
remote_key, remote_offset,
remote_len, true);
}
static void smb_direct_disconnect(struct ksmbd_transport *t)
{
- struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+ struct smb_direct_transport *st = smb_trans_direct_transfort(t);
ksmbd_debug(RDMA, "Disconnecting cm_id=%p\n", st->cm_id);
@@ -1857,7 +1861,7 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
static int smb_direct_prepare(struct ksmbd_transport *t)
{
- struct smb_direct_transport *st = SMB_DIRECT_TRANS(t);
+ struct smb_direct_transport *st = smb_trans_direct_transfort(t);
int ret;
struct ib_qp_cap qp_cap;
From patchwork Mon Nov 14 12:50:55 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183243
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:21 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:21 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:20 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 146/308] ksmbd: replace request and respone buffer
macro with inline functions
Date: Mon, 14 Nov 2022 20:50:55 +0800
Message-ID: <20221114125337.1831594-147-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
380343e2-ea7a-43fc-2c48-08dac63c6a63
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7079599
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 8a893315dc06158ce33d1a3292e07170ce2fcd64
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8a893315dc06
-------------------------------
replace request and respone buffer macro with inline functions.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ksmbd_work.h | 21 ++++++++++++++++----
fs/ksmbd/smb2misc.c | 2 +-
fs/ksmbd/smb2pdu.c | 46 +++++++++++++++++++++----------------------
3 files changed, 41 insertions(+), 28 deletions(-)
diff --git a/fs/ksmbd/ksmbd_work.h b/fs/ksmbd/ksmbd_work.h
index a91abd438a85..c655bf371ce5 100644
--- a/fs/ksmbd/ksmbd_work.h
+++ b/fs/ksmbd/ksmbd_work.h
@@ -86,10 +86,23 @@ struct ksmbd_work {
struct list_head interim_entry;
};
-#define RESPONSE_BUF_NEXT(w) \
- (((w)->response_buf + (w)->next_smb2_rsp_hdr_off))
-#define REQUEST_BUF_NEXT(w) \
- (((w)->request_buf + (w)->next_smb2_rcv_hdr_off))
+/**
+ * ksmbd_resp_buf_next - Get next buffer on compound response.
+ * @work: smb work containing response buffer
+ */
+static inline void *ksmbd_resp_buf_next(struct ksmbd_work *work)
+{
+ return work->response_buf + work->next_smb2_rsp_hdr_off;
+}
+
+/**
+ * ksmbd_req_buf_next - Get next buffer on compound request.
+ * @work: smb work containing response buffer
+ */
+static inline void *ksmbd_req_buf_next(struct ksmbd_work *work)
+{
+ return work->request_buf + work->next_smb2_rcv_hdr_off;
+}
struct ksmbd_work *ksmbd_alloc_work_struct(void);
void ksmbd_free_work_struct(struct ksmbd_work *work);
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index e412d69690ed..730d68032c46 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -341,7 +341,7 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
__u32 len = get_rfc1002_len(pdu);
if (work->next_smb2_rcv_hdr_off) {
- pdu = REQUEST_BUF_NEXT(work);
+ pdu = ksmbd_req_buf_next(work);
hdr = &pdu->hdr;
}
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index ece03135127c..42fc3bd2d464 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -40,8 +40,8 @@
static void __wbuf(struct ksmbd_work *work, void **req, void **rsp)
{
if (work->next_smb2_rcv_hdr_off) {
- *req = REQUEST_BUF_NEXT(work);
- *rsp = RESPONSE_BUF_NEXT(work);
+ *req = ksmbd_req_buf_next(work);
+ *rsp = ksmbd_resp_buf_next(work);
} else {
*req = work->request_buf;
*rsp = work->response_buf;
@@ -126,7 +126,7 @@ void smb2_set_err_rsp(struct ksmbd_work *work)
struct smb2_err_rsp *err_rsp;
if (work->next_smb2_rcv_hdr_off)
- err_rsp = RESPONSE_BUF_NEXT(work);
+ err_rsp = ksmbd_resp_buf_next(work);
else
err_rsp = work->response_buf;
@@ -196,7 +196,7 @@ u16 get_smb2_cmd_val(struct ksmbd_work *work)
struct smb2_hdr *rcv_hdr;
if (work->next_smb2_rcv_hdr_off)
- rcv_hdr = REQUEST_BUF_NEXT(work);
+ rcv_hdr = ksmbd_req_buf_next(work);
else
rcv_hdr = work->request_buf;
return le16_to_cpu(rcv_hdr->Command);
@@ -212,7 +212,7 @@ void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err)
struct smb2_hdr *rsp_hdr;
if (work->next_smb2_rcv_hdr_off)
- rsp_hdr = RESPONSE_BUF_NEXT(work);
+ rsp_hdr = ksmbd_resp_buf_next(work);
else
rsp_hdr = work->response_buf;
rsp_hdr->Status = err;
@@ -315,8 +315,8 @@ static int smb2_consume_credit_charge(struct ksmbd_work *work,
*/
int smb2_set_rsp_credits(struct ksmbd_work *work)
{
- struct smb2_hdr *req_hdr = REQUEST_BUF_NEXT(work);
- struct smb2_hdr *hdr = RESPONSE_BUF_NEXT(work);
+ struct smb2_hdr *req_hdr = ksmbd_req_buf_next(work);
+ struct smb2_hdr *hdr = ksmbd_resp_buf_next(work);
struct ksmbd_conn *conn = work->conn;
unsigned short credits_requested = le16_to_cpu(req_hdr->CreditRequest);
unsigned short credit_charge = 1, credits_granted = 0;
@@ -383,8 +383,8 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
*/
static void init_chained_smb2_rsp(struct ksmbd_work *work)
{
- struct smb2_hdr *req = REQUEST_BUF_NEXT(work);
- struct smb2_hdr *rsp = RESPONSE_BUF_NEXT(work);
+ struct smb2_hdr *req = ksmbd_req_buf_next(work);
+ struct smb2_hdr *rsp = ksmbd_resp_buf_next(work);
struct smb2_hdr *rsp_hdr;
struct smb2_hdr *rcv_hdr;
int next_hdr_offset = 0;
@@ -422,8 +422,8 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
new_len, work->next_smb2_rcv_hdr_off,
work->next_smb2_rsp_hdr_off);
- rsp_hdr = RESPONSE_BUF_NEXT(work);
- rcv_hdr = REQUEST_BUF_NEXT(work);
+ rsp_hdr = ksmbd_resp_buf_next(work);
+ rcv_hdr = ksmbd_req_buf_next(work);
if (!(rcv_hdr->Flags & SMB2_FLAGS_RELATED_OPERATIONS)) {
ksmbd_debug(SMB, "related flag should be set\n");
@@ -462,7 +462,7 @@ bool is_chained_smb2_message(struct ksmbd_work *work)
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
return false;
- hdr = REQUEST_BUF_NEXT(work);
+ hdr = ksmbd_req_buf_next(work);
if (le32_to_cpu(hdr->NextCommand) > 0) {
ksmbd_debug(SMB, "got SMB2 chained command\n");
init_chained_smb2_rsp(work);
@@ -5725,8 +5725,8 @@ int smb2_set_info(struct ksmbd_work *work)
rsp_org = work->response_buf;
if (work->next_smb2_rcv_hdr_off) {
- req = REQUEST_BUF_NEXT(work);
- rsp = RESPONSE_BUF_NEXT(work);
+ req = ksmbd_req_buf_next(work);
+ rsp = ksmbd_resp_buf_next(work);
if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
ksmbd_debug(SMB, "Compound request set FID = %u\n",
work->compound_fid);
@@ -7224,8 +7224,8 @@ int smb2_ioctl(struct ksmbd_work *work)
rsp_org = work->response_buf;
if (work->next_smb2_rcv_hdr_off) {
- req = REQUEST_BUF_NEXT(work);
- rsp = RESPONSE_BUF_NEXT(work);
+ req = ksmbd_req_buf_next(work);
+ rsp = ksmbd_resp_buf_next(work);
if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
ksmbd_debug(SMB, "Compound request set FID = %u\n",
work->compound_fid);
@@ -7848,7 +7848,7 @@ int smb2_check_sign_req(struct ksmbd_work *work)
hdr_org = hdr = work->request_buf;
if (work->next_smb2_rcv_hdr_off)
- hdr = REQUEST_BUF_NEXT(work);
+ hdr = ksmbd_req_buf_next(work);
if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off)
len = be32_to_cpu(hdr_org->smb2_buf_length);
@@ -7892,9 +7892,9 @@ void smb2_set_sign_rsp(struct ksmbd_work *work)
hdr_org = hdr = work->response_buf;
if (work->next_smb2_rsp_hdr_off)
- hdr = RESPONSE_BUF_NEXT(work);
+ hdr = ksmbd_resp_buf_next(work);
- req_hdr = REQUEST_BUF_NEXT(work);
+ req_hdr = ksmbd_req_buf_next(work);
if (!work->next_smb2_rsp_hdr_off) {
len = get_rfc1002_len(hdr_org);
@@ -7946,7 +7946,7 @@ int smb3_check_sign_req(struct ksmbd_work *work)
hdr_org = hdr = work->request_buf;
if (work->next_smb2_rcv_hdr_off)
- hdr = REQUEST_BUF_NEXT(work);
+ hdr = ksmbd_req_buf_next(work);
if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off)
len = be32_to_cpu(hdr_org->smb2_buf_length);
@@ -8005,9 +8005,9 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)
hdr_org = hdr = work->response_buf;
if (work->next_smb2_rsp_hdr_off)
- hdr = RESPONSE_BUF_NEXT(work);
+ hdr = ksmbd_resp_buf_next(work);
- req_hdr = REQUEST_BUF_NEXT(work);
+ req_hdr = ksmbd_req_buf_next(work);
if (!work->next_smb2_rsp_hdr_off) {
len = get_rfc1002_len(hdr_org);
@@ -8217,7 +8217,7 @@ bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work)
return false;
if (work->next_smb2_rcv_hdr_off)
- rsp = RESPONSE_BUF_NEXT(work);
+ rsp = ksmbd_resp_buf_next(work);
if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE &&
rsp->Status == STATUS_SUCCESS)
From patchwork Mon Nov 14 12:50:56 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183244
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:22 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:21 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:21 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 147/308] ksmbd: allow PROTECTED_DACL_SECINFO and
UNPROTECTED_DACL_SECINFO addition information in smb2 set info security
Date: Mon, 14 Nov 2022 20:50:56 +0800
Message-ID: <20221114125337.1831594-148-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3f802545-648c-416f-0a49-08dac63c6aac
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6889757
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit e294f78d34785151cb6d7199ff61d110f9520e65
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e294f78d3478
-------------------------------
"cifsd: Fix regression in smb2_get_info" patch cause that dacl doesn't
work. windows send smb2 set info security with PROTECTED_DACL_SECINFO to
control dacl. But previous patch doesn't allow it.
This patch add PROTECTED_DACL_SECINFO and UNPROTECTED_DACL_SECINFO
addtional information flags in check.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 42fc3bd2d464..7d8bec07630b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -4888,9 +4888,11 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
int addition_info = le32_to_cpu(req->AdditionalInformation);
int rc;
- if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO)) {
- ksmbd_debug(SMB, "Unsupported addition info: 0x%x)\n",
- addition_info);
+ if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO |
+ PROTECTED_DACL_SECINFO |
+ UNPROTECTED_DACL_SECINFO)) {
+ pr_err("Unsupported addition info: 0x%x)\n",
+ addition_info);
pntsd->revision = cpu_to_le16(1);
pntsd->type = cpu_to_le16(SELF_RELATIVE | DACL_PROTECTED);
From patchwork Mon Nov 14 12:50:57 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183245
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:22 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:22 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:21 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 148/308] ksmbd: Relax credit_charge check in
smb2_validate_credit_charge()
Date: Mon, 14 Nov 2022 20:50:57 +0800
Message-ID: <20221114125337.1831594-149-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7ac33388-4d4a-43c5-c240-08dac63c6af4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7001877
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit a5a25a114ab2412831f063361360eb1192ca6151
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a5a25a114ab2
-------------------------------
smb2_validate_credit_charge() checks the CreditCharge field in the
request is valid with regards to the payload size.
The current implementation rejects requests with CreditCharge = 0 and a
payload < 64K, even though they should be accepted.
Set CreditCharge to a minimum value of 1 to avoid rejecting such
requests. This matches what samba4 does.
Fixes share enumeration for jcifs-ng clients.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 730d68032c46..4508631c5706 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -317,14 +317,12 @@ static int smb2_validate_credit_charge(struct smb2_hdr *hdr)
return 0;
}
+ credit_charge = max(1, credit_charge);
max_len = max(req_len, expect_resp_len);
calc_credit_num = DIV_ROUND_UP(max_len, SMB2_MAX_BUFFER_SIZE);
- if (!credit_charge && max_len > SMB2_MAX_BUFFER_SIZE) {
- pr_err("credit charge is zero and payload size(%d) is bigger than 64K\n",
- max_len);
- return 1;
- } else if (credit_charge < calc_credit_num) {
- pr_err("credit charge : %d, calc_credit_num : %d\n",
+
+ if (credit_charge < calc_credit_num) {
+ pr_err("Insufficient credit charge, given: %d, needed: %d\n",
credit_charge, calc_credit_num);
return 1;
}
From patchwork Mon Nov 14 12:50:58 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183246
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:22 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:22 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:22 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 149/308] ksmbd: fix dentry racy with rename()
Date: Mon, 14 Nov 2022 20:50:58 +0800
Message-ID: <20221114125337.1831594-150-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e81b44de-ed59-4f42-7a7b-08dac63c6b3d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7012721
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 493fa2fbe4597db474e43d38fb8805cbaef654ac
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/493fa2fbe459
-------------------------------
Using ->d_name can be broken due to races with rename().
So use %pd with ->d_name to print filename and In other cases,
use it under ->d_lock.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 19 ++++++++++---------
fs/ksmbd/vfs.c | 14 ++++++++------
fs/ksmbd/vfs_cache.h | 1 -
3 files changed, 18 insertions(+), 16 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 7d8bec07630b..70e6d6e3e84b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3711,8 +3711,8 @@ int smb2_query_dir(struct ksmbd_work *work)
if (!(dir_fp->daccess & FILE_LIST_DIRECTORY_LE) ||
inode_permission(&init_user_ns, file_inode(dir_fp->filp),
MAY_READ | MAY_EXEC)) {
- pr_err("no right to enumerate directory (%s)\n",
- FP_FILENAME(dir_fp));
+ pr_err("no right to enumerate directory (%pd)\n",
+ dir_fp->filp->f_path.dentry);
rc = -EACCES;
goto err_out2;
}
@@ -4266,14 +4266,15 @@ static void get_file_alternate_info(struct ksmbd_work *work,
{
struct ksmbd_conn *conn = work->conn;
struct smb2_file_alt_name_info *file_info;
+ struct dentry *dentry = fp->filp->f_path.dentry;
int conv_len;
- char *filename;
- filename = (char *)FP_FILENAME(fp);
+ spin_lock(&dentry->d_lock);
file_info = (struct smb2_file_alt_name_info *)rsp->Buffer;
conv_len = ksmbd_extract_shortname(conn,
- filename,
+ dentry->d_name.name,
file_info->FileName);
+ spin_unlock(&dentry->d_lock);
file_info->FileNameLength = cpu_to_le32(conv_len);
rsp->OutputBufferLength =
cpu_to_le32(sizeof(struct smb2_file_alt_name_info) + conv_len);
@@ -5938,8 +5939,8 @@ int smb2_read(struct ksmbd_work *work)
goto out;
}
- ksmbd_debug(SMB, "filename %s, offset %lld, len %zu\n", FP_FILENAME(fp),
- offset, length);
+ ksmbd_debug(SMB, "filename %pd, offset %lld, len %zu\n",
+ fp->filp->f_path.dentry, offset, length);
work->aux_payload_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO);
if (!work->aux_payload_buf) {
@@ -6216,8 +6217,8 @@ int smb2_write(struct ksmbd_work *work)
if (le32_to_cpu(req->Flags) & SMB2_WRITEFLAG_WRITE_THROUGH)
writethrough = true;
- ksmbd_debug(SMB, "filename %s, offset %lld, len %zu\n",
- FP_FILENAME(fp), offset, length);
+ ksmbd_debug(SMB, "filename %pd, offset %lld, len %zu\n",
+ fp->filp->f_path.dentry, offset, length);
err = ksmbd_vfs_write(work, fp, data_buf, length, &offset,
writethrough, &nbytes);
if (err < 0)
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 6181a58e8a33..ed1c0626e205 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -365,7 +365,8 @@ int ksmbd_vfs_read(struct ksmbd_work *work, struct ksmbd_file *fp, size_t count,
if (work->conn->connection_type) {
if (!(fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) {
- pr_err("no right to read(%s)\n", FP_FILENAME(fp));
+ pr_err("no right to read(%pd)\n",
+ fp->filp->f_path.dentry);
return -EACCES;
}
}
@@ -473,7 +474,8 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
if (sess->conn->connection_type) {
if (!(fp->daccess & FILE_WRITE_DATA_LE)) {
- pr_err("no right to write(%s)\n", FP_FILENAME(fp));
+ pr_err("no right to write(%pd)\n",
+ fp->filp->f_path.dentry);
err = -EACCES;
goto out;
}
@@ -512,8 +514,8 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
if (sync) {
err = vfs_fsync_range(filp, offset, offset + *written, 0);
if (err < 0)
- pr_err("fsync failed for filename = %s, err = %d\n",
- FP_FILENAME(fp), err);
+ pr_err("fsync failed for filename = %pd, err = %d\n",
+ fp->filp->f_path.dentry, err);
}
out:
@@ -1707,11 +1709,11 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
*total_size_written = 0;
if (!(src_fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) {
- pr_err("no right to read(%s)\n", FP_FILENAME(src_fp));
+ pr_err("no right to read(%pd)\n", src_fp->filp->f_path.dentry);
return -EACCES;
}
if (!(dst_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE))) {
- pr_err("no right to write(%s)\n", FP_FILENAME(dst_fp));
+ pr_err("no right to write(%pd)\n", dst_fp->filp->f_path.dentry);
return -EACCES;
}
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index 745855367106..03c36906cab0 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -25,7 +25,6 @@
#define KSMBD_NO_FID (UINT_MAX)
#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
-#define FP_FILENAME(fp) ((fp)->filp->f_path.dentry->d_name.name)
#define FP_INODE(fp) d_inode((fp)->filp->f_path.dentry)
#define PARENT_INODE(fp) d_inode((fp)->filp->f_path.dentry->d_parent)
From patchwork Mon Nov 14 12:50:59 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183247
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:23 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:23 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:22 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 150/308] ksmbd: opencode to remove FP_INODE macro
Date: Mon, 14 Nov 2022 20:50:59 +0800
Message-ID: <20221114125337.1831594-151-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
52d0e3db-2307-46cb-7f1d-08dac63c6b86
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7123858
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit ab0b263b749ade964db46b148a965eb88bd644be
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ab0b263b749a
-------------------------------
Opencode to remove FP_INODE macro.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/oplock.c | 2 +-
fs/ksmbd/smb2pdu.c | 26 +++++++++++++-------------
fs/ksmbd/smb_common.c | 2 +-
fs/ksmbd/vfs.c | 2 +-
fs/ksmbd/vfs_cache.c | 6 +++---
fs/ksmbd/vfs_cache.h | 1 -
6 files changed, 19 insertions(+), 20 deletions(-)
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 71e15a591582..3f0dd9b35c78 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -1579,7 +1579,7 @@ void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id)
void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
{
struct create_posix_rsp *buf;
- struct inode *inode = FP_INODE(fp);
+ struct inode *inode = file_inode(fp->filp);
buf = (struct create_posix_rsp *)cc;
memset(buf, 0, sizeof(struct create_posix_rsp));
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 70e6d6e3e84b..2d515e44d48e 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2908,7 +2908,7 @@ int smb2_open(struct ksmbd_work *work)
if (!test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_OPLOCKS) ||
(req_op_level == SMB2_OPLOCK_LEVEL_LEASE &&
!(conn->vals->capabilities & SMB2_GLOBAL_CAP_LEASING))) {
- if (share_ret < 0 && !S_ISDIR(FP_INODE(fp)->i_mode)) {
+ if (share_ret < 0 && !S_ISDIR(file_inode(fp->filp)->i_mode)) {
rc = share_ret;
goto err_out;
}
@@ -2995,7 +2995,7 @@ int smb2_open(struct ksmbd_work *work)
memcpy(fp->client_guid, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE);
- generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
rsp->StructureSize = cpu_to_le16(89);
rcu_read_lock();
@@ -4123,7 +4123,7 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
}
basic_info = (struct smb2_file_all_info *)rsp->Buffer;
- generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
basic_info->CreationTime = cpu_to_le64(fp->create_time);
time = ksmbd_UnixTimeToNT(stat.atime);
basic_info->LastAccessTime = cpu_to_le64(time);
@@ -4163,7 +4163,7 @@ static void get_file_standard_info(struct smb2_query_info_rsp *rsp,
struct inode *inode;
struct kstat stat;
- inode = FP_INODE(fp);
+ inode = file_inode(fp->filp);
generic_fillattr(&init_user_ns, inode, &stat);
sinfo = (struct smb2_file_standard_info *)rsp->Buffer;
@@ -4218,7 +4218,7 @@ static int get_file_all_info(struct ksmbd_work *work,
if (!filename)
return -ENOMEM;
- inode = FP_INODE(fp);
+ inode = file_inode(fp->filp);
generic_fillattr(&init_user_ns, inode, &stat);
ksmbd_debug(SMB, "filename = %s\n", filename);
@@ -4294,7 +4294,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
ssize_t xattr_list_len;
int nbytes = 0, streamlen, stream_name_len, next, idx = 0;
- generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
file_info = (struct smb2_file_stream_info *)rsp->Buffer;
xattr_list_len = ksmbd_vfs_listxattr(path->dentry, &xattr_list);
@@ -4373,7 +4373,7 @@ static void get_file_internal_info(struct smb2_query_info_rsp *rsp,
struct smb2_file_internal_info *file_info;
struct kstat stat;
- generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
file_info = (struct smb2_file_internal_info *)rsp->Buffer;
file_info->IndexNumber = cpu_to_le64(stat.ino);
rsp->OutputBufferLength =
@@ -4397,7 +4397,7 @@ static int get_file_network_open_info(struct smb2_query_info_rsp *rsp,
file_info = (struct smb2_file_ntwrk_info *)rsp->Buffer;
- inode = FP_INODE(fp);
+ inode = file_inode(fp->filp);
generic_fillattr(&init_user_ns, inode, &stat);
file_info->CreationTime = cpu_to_le64(fp->create_time);
@@ -4459,7 +4459,7 @@ static void get_file_compression_info(struct smb2_query_info_rsp *rsp,
struct smb2_file_comp_info *file_info;
struct kstat stat;
- generic_fillattr(&init_user_ns, FP_INODE(fp), &stat);
+ generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
file_info = (struct smb2_file_comp_info *)rsp->Buffer;
file_info->CompressedFileSize = cpu_to_le64(stat.blocks << 9);
@@ -4498,7 +4498,7 @@ static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
struct ksmbd_file *fp, void *rsp_org)
{
struct smb311_posix_qinfo *file_info;
- struct inode *inode = FP_INODE(fp);
+ struct inode *inode = file_inode(fp->filp);
u64 time;
file_info = (struct smb311_posix_qinfo *)rsp->Buffer;
@@ -4927,7 +4927,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
if (!fp)
return -ENOENT;
- inode = FP_INODE(fp);
+ inode = file_inode(fp->filp);
ksmbd_acls_fattr(&fattr, inode);
if (test_share_config_flag(work->tcon->share_conf,
@@ -5109,7 +5109,7 @@ int smb2_close(struct ksmbd_work *work)
goto out;
}
- inode = FP_INODE(fp);
+ inode = file_inode(fp->filp);
rsp->Flags = SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB;
rsp->AllocationSize = S_ISDIR(inode->i_mode) ? 0 :
cpu_to_le64(inode->i_blocks << 9);
@@ -7397,7 +7397,7 @@ int smb2_ioctl(struct ksmbd_work *work)
}
reparse_ptr->ReparseTag =
- smb2_get_reparse_tag_special_file(FP_INODE(fp)->i_mode);
+ smb2_get_reparse_tag_special_file(file_inode(fp->filp)->i_mode);
reparse_ptr->ReparseDataLength = 0;
ksmbd_fd_put(work, fp);
nbytes = sizeof(struct reparse_data_buffer);
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index 5bf644d7e321..b573575a1de5 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -488,7 +488,7 @@ int ksmbd_smb_check_shared_mode(struct file *filp, struct ksmbd_file *curr_fp)
*/
read_lock(&curr_fp->f_ci->m_lock);
list_for_each_entry(prev_fp, &curr_fp->f_ci->m_fp_list, node) {
- if (file_inode(filp) != FP_INODE(prev_fp))
+ if (file_inode(filp) != file_inode(prev_fp->filp))
continue;
if (filp == prev_fp->filp)
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index ed1c0626e205..40783bb414d6 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -1024,7 +1024,7 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
int in_count, int *out_count)
{
struct file *f = fp->filp;
- struct inode *inode = FP_INODE(fp);
+ struct inode *inode = file_inode(fp->filp);
loff_t maxbytes = (u64)inode->i_sb->s_maxbytes, end;
loff_t extent_start, extent_end;
int ret = 0;
diff --git a/fs/ksmbd/vfs_cache.c b/fs/ksmbd/vfs_cache.c
index c88210b15289..5c9efcfaeb5c 100644
--- a/fs/ksmbd/vfs_cache.c
+++ b/fs/ksmbd/vfs_cache.c
@@ -83,7 +83,7 @@ static struct ksmbd_inode *__ksmbd_inode_lookup(struct inode *inode)
static struct ksmbd_inode *ksmbd_inode_lookup(struct ksmbd_file *fp)
{
- return __ksmbd_inode_lookup(FP_INODE(fp));
+ return __ksmbd_inode_lookup(file_inode(fp->filp));
}
static struct ksmbd_inode *ksmbd_inode_lookup_by_vfsinode(struct inode *inode)
@@ -156,7 +156,7 @@ static void ksmbd_inode_unhash(struct ksmbd_inode *ci)
static int ksmbd_inode_init(struct ksmbd_inode *ci, struct ksmbd_file *fp)
{
- ci->m_inode = FP_INODE(fp);
+ ci->m_inode = file_inode(fp->filp);
atomic_set(&ci->m_count, 1);
atomic_set(&ci->op_count, 0);
atomic_set(&ci->sop_count, 0);
@@ -479,7 +479,7 @@ struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode)
read_lock(&ci->m_lock);
list_for_each_entry(lfp, &ci->m_fp_list, node) {
- if (inode == FP_INODE(lfp)) {
+ if (inode == file_inode(lfp->filp)) {
atomic_dec(&ci->m_count);
read_unlock(&ci->m_lock);
return lfp;
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index 03c36906cab0..b01192ebd86b 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -25,7 +25,6 @@
#define KSMBD_NO_FID (UINT_MAX)
#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
-#define FP_INODE(fp) d_inode((fp)->filp->f_path.dentry)
#define PARENT_INODE(fp) d_inode((fp)->filp->f_path.dentry->d_parent)
#define ATTR_FP(fp) ((fp)->attrib_only && \
From patchwork Mon Nov 14 12:51:00 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183248
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:23 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:23 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:23 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 151/308] ksmbd: use ksmbd_vfs_lock_parent to get
stable parent dentry
Date: Mon, 14 Nov 2022 20:51:00 +0800
Message-ID: <20221114125337.1831594-152-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
56dd4e96-17f9-484c-ea96-08dac63c6bce
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7055434
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 12202c0594b18218e1645fd0fad92cf77a1f3145
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/12202c0594b1
-------------------------------
Use ksmbd_vfs_lock_parent to get stable parent dentry and remove
PARENT_INODE macro.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 15 ++++++++++++++-
fs/ksmbd/vfs.c | 2 +-
fs/ksmbd/vfs.h | 1 +
fs/ksmbd/vfs_cache.h | 2 --
4 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 2d515e44d48e..bf798ee65b25 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5538,6 +5538,9 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
char *buf)
{
struct ksmbd_file *parent_fp;
+ struct dentry *parent;
+ struct dentry *dentry = fp->filp->f_path.dentry;
+ int ret;
if (!(fp->daccess & FILE_DELETE_LE)) {
pr_err("no right to delete : 0x%x\n", fp->daccess);
@@ -5547,7 +5550,17 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
if (ksmbd_stream_fd(fp))
goto next;
- parent_fp = ksmbd_lookup_fd_inode(PARENT_INODE(fp));
+ parent = dget_parent(dentry);
+ ret = ksmbd_vfs_lock_parent(parent, dentry);
+ if (ret) {
+ dput(parent);
+ return ret;
+ }
+
+ parent_fp = ksmbd_lookup_fd_inode(d_inode(parent));
+ inode_unlock(d_inode(parent));
+ dput(parent);
+
if (parent_fp) {
if (parent_fp->daccess & FILE_DELETE_LE) {
pr_err("parent dir is opened with delete access\n");
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 40783bb414d6..702166266f91 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -69,7 +69,7 @@ static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
*
* the reference count of @parent isn't incremented.
*/
-static int ksmbd_vfs_lock_parent(struct dentry *parent, struct dentry *child)
+int ksmbd_vfs_lock_parent(struct dentry *parent, struct dentry *child)
{
struct dentry *dentry;
int ret = 0;
diff --git a/fs/ksmbd/vfs.h b/fs/ksmbd/vfs.h
index ae8eff1f0315..ba12fea004b5 100644
--- a/fs/ksmbd/vfs.h
+++ b/fs/ksmbd/vfs.h
@@ -192,6 +192,7 @@ struct ksmbd_kstat {
__le32 file_attributes;
};
+int ksmbd_vfs_lock_parent(struct dentry *parent, struct dentry *child);
int ksmbd_vfs_may_delete(struct dentry *dentry);
int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess);
int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode);
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index b01192ebd86b..752cbdab3522 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -25,8 +25,6 @@
#define KSMBD_NO_FID (UINT_MAX)
#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
-#define PARENT_INODE(fp) d_inode((fp)->filp->f_path.dentry->d_parent)
-
#define ATTR_FP(fp) ((fp)->attrib_only && \
((fp)->cdoption != FILE_OVERWRITE_IF_LE && \
(fp)->cdoption != FILE_OVERWRITE_LE && \
From patchwork Mon Nov 14 12:51:01 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183249
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:24 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:24 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:23 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 152/308] ksmbd: opencode to remove ATTR_FP macro
Date: Mon, 14 Nov 2022 20:51:01 +0800
Message-ID: <20221114125337.1831594-153-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
5cb7dfcd-0ff9-4d86-ef72-08dac63c6c17
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6925793
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 849fbc549d4cca576d659d7df139c5f04104cb48
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/849fbc549d4c
-------------------------------
Opencode to remove ATTR_FP macro.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/oplock.c | 4 +++-
fs/ksmbd/vfs_cache.h | 5 -----
2 files changed, 3 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 3f0dd9b35c78..43c8b7ce6095 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -1111,7 +1111,9 @@ int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
goto set_lev;
/* grant none-oplock if second open is trunc */
- if (ATTR_FP(fp)) {
+ if (fp->attrib_only && fp->cdoption != FILE_OVERWRITE_IF_LE &&
+ fp->cdoption != FILE_OVERWRITE_LE &&
+ fp->cdoption != FILE_SUPERSEDE_LE) {
req_op_level = SMB2_OPLOCK_LEVEL_NONE;
goto set_lev;
}
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index 752cbdab3522..543494f664cb 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -25,11 +25,6 @@
#define KSMBD_NO_FID (UINT_MAX)
#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
-#define ATTR_FP(fp) ((fp)->attrib_only && \
- ((fp)->cdoption != FILE_OVERWRITE_IF_LE && \
- (fp)->cdoption != FILE_OVERWRITE_LE && \
- (fp)->cdoption != FILE_SUPERSEDE_LE))
-
struct ksmbd_conn;
struct ksmbd_session;
From patchwork Mon Nov 14 12:51:02 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183250
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:24 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:24 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:24 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 153/308] ksmbd: remove SMB1 oplock level macros
Date: Mon, 14 Nov 2022 20:51:02 +0800
Message-ID: <20221114125337.1831594-154-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c32dfd8a-718f-402d-804a-08dac63c6c60
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6787077
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 0ae941ef2e481e478a4b6c52a16e73c7bb4b9e3e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/0ae941ef2e48
-------------------------------
ksmbd does not support SMB1. This patch remove SMB1 oplock level macros.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/oplock.c | 2 +-
fs/ksmbd/oplock.h | 6 ------
2 files changed, 1 insertion(+), 7 deletions(-)
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 43c8b7ce6095..a9f171ccf770 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -39,7 +39,7 @@ static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
opinfo->sess = sess;
opinfo->conn = sess->conn;
- opinfo->level = OPLOCK_NONE;
+ opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
opinfo->op_state = OPLOCK_STATE_NONE;
opinfo->pending_break = 0;
opinfo->fid = id;
diff --git a/fs/ksmbd/oplock.h b/fs/ksmbd/oplock.h
index 9fb7ea74e86c..119b8047cfbd 100644
--- a/fs/ksmbd/oplock.h
+++ b/fs/ksmbd/oplock.h
@@ -11,12 +11,6 @@
#define OPLOCK_WAIT_TIME (35 * HZ)
-/* SMB Oplock levels */
-#define OPLOCK_NONE 0
-#define OPLOCK_EXCLUSIVE 1
-#define OPLOCK_BATCH 2
-#define OPLOCK_READ 3 /* level 2 oplock */
-
/* SMB2 Oplock levels */
#define SMB2_OPLOCK_LEVEL_NONE 0x00
#define SMB2_OPLOCK_LEVEL_II 0x01
From patchwork Mon Nov 14 12:51:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183251
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:25 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:25 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:24 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 154/308] ksmbd: change ACE types to enumeration
Date: Mon, 14 Nov 2022 20:51:03 +0800
Message-ID: <20221114125337.1831594-155-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3154eab9-fd7a-4e88-3847-08dac63c6ca9
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7057713
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 6128468da50c790f56d0aed2f604333fb324f897
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6128468da50c
-------------------------------
Change ACE types to enumeration.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smbacl.h | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smbacl.h b/fs/ksmbd/smbacl.h
index fb5480f0aa89..baa9b9b47a07 100644
--- a/fs/ksmbd/smbacl.h
+++ b/fs/ksmbd/smbacl.h
@@ -17,8 +17,13 @@
#define NUM_AUTHS (6) /* number of authority fields */
#define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */
-#define ACCESS_ALLOWED 0
-#define ACCESS_DENIED 1
+/*
+ * ACE types - see MS-DTYP 2.4.4.1
+ */
+enum {
+ ACCESS_ALLOWED,
+ ACCESS_DENIED,
+};
#define SIDOWNER 1
#define SIDGROUP 2
From patchwork Mon Nov 14 12:51:04 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183252
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:25 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:25 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:25 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 155/308] ksmbd: change sid types to enumeration
Date: Mon, 14 Nov 2022 20:51:04 +0800
Message-ID: <20221114125337.1831594-156-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d55fbeea-8680-458a-2228-08dac63c6cf3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6971527
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 12411ad59d49e415f987719b8f676e2c6b99be37
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/12411ad59d49
-------------------------------
Change sid types to enumeration.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smbacl.h | 23 ++++++++++++++---------
1 file changed, 14 insertions(+), 9 deletions(-)
diff --git a/fs/ksmbd/smbacl.h b/fs/ksmbd/smbacl.h
index baa9b9b47a07..3e1345e9f24f 100644
--- a/fs/ksmbd/smbacl.h
+++ b/fs/ksmbd/smbacl.h
@@ -25,15 +25,20 @@ enum {
ACCESS_DENIED,
};
-#define SIDOWNER 1
-#define SIDGROUP 2
-#define SIDCREATOR_OWNER 3
-#define SIDCREATOR_GROUP 4
-#define SIDUNIX_USER 5
-#define SIDUNIX_GROUP 6
-#define SIDNFS_USER 7
-#define SIDNFS_GROUP 8
-#define SIDNFS_MODE 9
+/*
+ * Security ID types
+ */
+enum {
+ SIDOWNER = 1,
+ SIDGROUP,
+ SIDCREATOR_OWNER,
+ SIDCREATOR_GROUP,
+ SIDUNIX_USER,
+ SIDUNIX_GROUP,
+ SIDNFS_USER,
+ SIDNFS_GROUP,
+ SIDNFS_MODE,
+};
/* Revision for ACLs */
#define SD_REVISION 1
From patchwork Mon Nov 14 12:51:05 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183253
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:26 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:26 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:25 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 156/308] ksmbd: change server state type macro to
enumeration
Date: Mon, 14 Nov 2022 20:51:05 +0800
Message-ID: <20221114125337.1831594-157-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7e19073a-4a16-4e71-311c-08dac63c6d3d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6854174
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit b9cbfb524d73ca953604dc421098b4a3aa14d095
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b9cbfb524d73
-------------------------------
Change server state type macro to enumeration.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/server.h | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/server.h b/fs/ksmbd/server.h
index b682d28963e8..2fce06e8b833 100644
--- a/fs/ksmbd/server.h
+++ b/fs/ksmbd/server.h
@@ -8,10 +8,15 @@
#include "smbacl.h"
-#define SERVER_STATE_STARTING_UP 0
-#define SERVER_STATE_RUNNING 1
-#define SERVER_STATE_RESETTING 2
-#define SERVER_STATE_SHUTTING_DOWN 3
+/*
+ * Server state type
+ */
+enum {
+ SERVER_STATE_STARTING_UP,
+ SERVER_STATE_RUNNING,
+ SERVER_STATE_RESETTING,
+ SERVER_STATE_SHUTTING_DOWN,
+};
#define SERVER_CONF_NETBIOS_NAME 0
#define SERVER_CONF_SERVER_STRING 1
From patchwork Mon Nov 14 12:51:06 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183254
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:26 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:26 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:26 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 157/308] ksmbd: change server config string index
to enumeration
Date: Mon, 14 Nov 2022 20:51:06 +0800
Message-ID: <20221114125337.1831594-158-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
be24a884-d554-43c3-f3ae-08dac63c6d86
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7027841
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit c63ee4a521e766da6ec5ee1d2058d1ec06216214
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c63ee4a521e7
-------------------------------
Change server config string index to enumeration.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/server.h | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/fs/ksmbd/server.h b/fs/ksmbd/server.h
index 2fce06e8b833..ac9d932f8c8a 100644
--- a/fs/ksmbd/server.h
+++ b/fs/ksmbd/server.h
@@ -18,9 +18,14 @@ enum {
SERVER_STATE_SHUTTING_DOWN,
};
-#define SERVER_CONF_NETBIOS_NAME 0
-#define SERVER_CONF_SERVER_STRING 1
-#define SERVER_CONF_WORK_GROUP 2
+/*
+ * Server global config string index
+ */
+enum {
+ SERVER_CONF_NETBIOS_NAME,
+ SERVER_CONF_SERVER_STRING,
+ SERVER_CONF_WORK_GROUP,
+};
struct ksmbd_server_config {
unsigned int flags;
From patchwork Mon Nov 14 12:51:07 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183255
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:27 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:27 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:26 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 158/308] ksmbd: reorder and document on-disk and
netlink structures in headers
Date: Mon, 14 Nov 2022 20:51:07 +0800
Message-ID: <20221114125337.1831594-159-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
37b20f09-a7ec-48c8-9baa-08dac63c6dd1
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7232750
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 8b758859dfbe9598ba41e8b9b01e44edcc0c2fc1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8b758859dfbe
-------------------------------
Reorder and document on-disk and netlink structures in headers.
This is a userspace ABI to communicate data between ksmbd and user IPC
daemon using netlink. This is added to track and cache user account DB
and share configuration info from userspace.
- KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
This event is to check whether user IPC daemon is alive. If user IPC
daemon is dead, ksmbd keep existing connection till disconnecting and
new connection will be denied.
- KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
This event is to receive the information that initializes the ksmbd
server from the user IPC daemon and to start the server. The global
section parameters are given from smb.conf as initialization
information.
- KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
This event is to shutdown ksmbd server.
- KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
This event is to get user account info to user IPC daemon.
- KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE
(ksmbd_share_config_request/response)
This event is to get net share configuration info.
- KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE
(ksmbd_tree_connect_request/response)
This event is to get session and tree connect info.
- KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
This event is to send tree disconnect info to user IPC daemon.
- KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
This event is to send logout request to user IPC daemon.
- KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
samr to be processed in userspace.
- KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE
(ksmbd_spnego_authen_request/response)
This event is to make kerberos authentication to be processed in
userspace.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/{ksmbd_server.h => ksmbd_netlink.h} | 177 +++++++++++++++----
fs/ksmbd/ksmbd_work.c | 1 -
fs/ksmbd/mgmt/tree_connect.h | 2 +-
fs/ksmbd/smb2ops.c | 1 -
fs/ksmbd/smbacl.c | 1 -
fs/ksmbd/vfs.h | 87 +--------
fs/ksmbd/xattr.h | 122 +++++++++++++
7 files changed, 269 insertions(+), 122 deletions(-)
rename fs/ksmbd/{ksmbd_server.h => ksmbd_netlink.h} (55%)
create mode 100644 fs/ksmbd/xattr.h
diff --git a/fs/ksmbd/ksmbd_server.h b/fs/ksmbd/ksmbd_netlink.h
similarity index 55%
rename from fs/ksmbd/ksmbd_server.h
rename to fs/ksmbd/ksmbd_netlink.h
index 55b7602b79bd..2fbe2bc1e093 100644
--- a/fs/ksmbd/ksmbd_server.h
+++ b/fs/ksmbd/ksmbd_netlink.h
@@ -10,6 +10,49 @@
#include <linux/types.h>
+/*
+ * This is a userspace ABI to communicate data between ksmbd and user IPC
+ * daemon using netlink. This is added to track and cache user account DB
+ * and share configuration info from userspace.
+ *
+ * - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
+ * This event is to check whether user IPC daemon is alive. If user IPC
+ * daemon is dead, ksmbd keep existing connection till disconnecting and
+ * new connection will be denied.
+ *
+ * - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
+ * This event is to receive the information that initializes the ksmbd
+ * server from the user IPC daemon and to start the server. The global
+ * section parameters are given from smb.conf as initialization
+ * information.
+ *
+ * - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
+ * This event is to shutdown ksmbd server.
+ *
+ * - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
+ * This event is to get user account info to user IPC daemon.
+ *
+ * - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
+ * This event is to get net share configuration info.
+ *
+ * - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
+ * This event is to get session and tree connect info.
+ *
+ * - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
+ * This event is to send tree disconnect info to user IPC daemon.
+ *
+ * - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
+ * This event is to send logout request to user IPC daemon.
+ *
+ * - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
+ * This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
+ * samr to be processed in userspace.
+ *
+ * - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
+ * This event is to make kerberos authentication to be processed in
+ * userspace.
+ */
+
#define KSMBD_GENL_NAME "SMBD_GENL"
#define KSMBD_GENL_VERSION 0x01
@@ -17,6 +60,9 @@
#define KSMBD_REQ_MAX_HASH_SZ 18
#define KSMBD_REQ_MAX_SHARE_NAME 64
+/*
+ * IPC heartbeat frame to check whether user IPC daemon is alive.
+ */
struct ksmbd_heartbeat {
__u32 handle;
};
@@ -29,53 +75,79 @@ struct ksmbd_heartbeat {
#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(1)
#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2)
+/*
+ * IPC request for ksmbd server startup
+ */
struct ksmbd_startup_request {
- __u32 flags;
- __s32 signing;
- __s8 min_prot[16];
- __s8 max_prot[16];
+ __u32 flags; /* Flags for global config */
+ __s32 signing; /* Signing enabled */
+ __s8 min_prot[16]; /* The minimum SMB protocol version */
+ __s8 max_prot[16]; /* The maximum SMB protocol version */
__s8 netbios_name[16];
- __s8 work_group[64];
- __s8 server_string[64];
- __u16 tcp_port;
- __u16 ipc_timeout;
- __u32 deadtime;
- __u32 file_max;
- __u32 smb2_max_write;
- __u32 smb2_max_read;
- __u32 smb2_max_trans;
- __u32 share_fake_fscaps;
- __u32 sub_auth[3];
- __u32 ifc_list_sz;
+ __s8 work_group[64]; /* Workgroup */
+ __s8 server_string[64]; /* Server string */
+ __u16 tcp_port; /* tcp port */
+ __u16 ipc_timeout; /*
+ * specifies the number of seconds
+ * server will wait for the userspace to
+ * reply to heartbeat frames.
+ */
+ __u32 deadtime; /* Number of minutes of inactivity */
+ __u32 file_max; /* Limits the maximum number of open files */
+ __u32 smb2_max_write; /* MAX write size */
+ __u32 smb2_max_read; /* MAX read size */
+ __u32 smb2_max_trans; /* MAX trans size */
+ __u32 share_fake_fscaps; /*
+ * Support some special application that
+ * makes QFSINFO calls to check whether
+ * we set the SPARSE_FILES bit (0x40).
+ */
+ __u32 sub_auth[3]; /* Subauth value for Security ID */
+ __u32 ifc_list_sz; /* interfaces list size */
__s8 ____payload[];
};
#define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload)
+/*
+ * IPC request to shutdown ksmbd server.
+ */
struct ksmbd_shutdown_request {
__s32 reserved;
};
+/*
+ * IPC user login request.
+ */
struct ksmbd_login_request {
__u32 handle;
- __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
+ __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
};
+/*
+ * IPC user login response.
+ */
struct ksmbd_login_response {
__u32 handle;
- __u32 gid;
- __u32 uid;
- __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
+ __u32 gid; /* group id */
+ __u32 uid; /* user id */
+ __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
__u16 status;
- __u16 hash_sz;
- __s8 hash[KSMBD_REQ_MAX_HASH_SZ];
+ __u16 hash_sz; /* hash size */
+ __s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */
};
+/*
+ * IPC request to fetch net share config.
+ */
struct ksmbd_share_config_request {
__u32 handle;
- __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME];
+ __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
};
+/*
+ * IPC response to the net share config request.
+ */
struct ksmbd_share_config_response {
__u32 handle;
__u32 flags;
@@ -102,6 +174,10 @@ ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
return p;
}
+/*
+ * IPC request for tree connection. This request include session and tree
+ * connect info from client.
+ */
struct ksmbd_tree_connect_request {
__u32 handle;
__u16 account_flags;
@@ -113,21 +189,34 @@ struct ksmbd_tree_connect_request {
__s8 peer_addr[64];
};
+/*
+ * IPC Response structure for tree connection.
+ */
struct ksmbd_tree_connect_response {
__u32 handle;
__u16 status;
__u16 connection_flags;
};
+/*
+ * IPC Request struture to disconnect tree connection.
+ */
struct ksmbd_tree_disconnect_request {
- __u64 session_id;
- __u64 connect_id;
+ __u64 session_id; /* session id */
+ __u64 connect_id; /* tree connection id */
};
+/*
+ * IPC Response structure to logout user account.
+ */
struct ksmbd_logout_request {
- __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
+ __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
};
+/*
+ * RPC command structure to send rpc request like srvsvc or wkssvc to
+ * IPC user daemon.
+ */
struct ksmbd_rpc_command {
__u32 handle;
__u32 flags;
@@ -135,18 +224,36 @@ struct ksmbd_rpc_command {
__u8 payload[];
};
+/*
+ * IPC Request Kerberos authentication
+ */
struct ksmbd_spnego_authen_request {
__u32 handle;
- __u16 spnego_blob_len;
- __u8 spnego_blob[0];
+ __u16 spnego_blob_len; /* the length of spnego_blob */
+ __u8 spnego_blob[0]; /*
+ * the GSS token from SecurityBuffer of
+ * SMB2 SESSION SETUP request
+ */
};
+/*
+ * Response data which includes the GSS token and the session key generated by
+ * user daemon.
+ */
struct ksmbd_spnego_authen_response {
__u32 handle;
- struct ksmbd_login_response login_response;
- __u16 session_key_len;
- __u16 spnego_blob_len;
- __u8 payload[]; /* session key + AP_REP */
+ struct ksmbd_login_response login_response; /*
+ * the login response with
+ * a user identified by the
+ * GSS token from a client
+ */
+ __u16 session_key_len; /* the length of the session key */
+ __u16 spnego_blob_len; /*
+ * the length of the GSS token which will be
+ * stored in SecurityBuffer of SMB2 SESSION
+ * SETUP response
+ */
+ __u8 payload[]; /* session key + AP_REP */
};
/*
@@ -185,6 +292,9 @@ enum ksmbd_event {
KSMBD_EVENT_MAX
};
+/*
+ * Enumeration for IPC tree connect status.
+ */
enum KSMBD_TREE_CONN_STATUS {
KSMBD_TREE_CONN_STATUS_OK = 0,
KSMBD_TREE_CONN_STATUS_NOMEM,
@@ -262,6 +372,9 @@ enum KSMBD_TREE_CONN_STATUS {
#define KSMBD_RPC_LSARPC_METHOD_INVOKE BIT(11)
#define KSMBD_RPC_LSARPC_METHOD_RETURN (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
+/*
+ * RPC status definitions.
+ */
#define KSMBD_RPC_OK 0
#define KSMBD_RPC_EBAD_FUNC 0x00000001
#define KSMBD_RPC_EACCESS_DENIED 0x00000005
diff --git a/fs/ksmbd/ksmbd_work.c b/fs/ksmbd/ksmbd_work.c
index 7c914451bbe1..fd58eb4809f6 100644
--- a/fs/ksmbd/ksmbd_work.c
+++ b/fs/ksmbd/ksmbd_work.c
@@ -12,7 +12,6 @@
#include "connection.h"
#include "ksmbd_work.h"
#include "mgmt/ksmbd_ida.h"
-#include "ksmbd_server.h"
static struct kmem_cache *work_cache;
static struct workqueue_struct *ksmbd_wq;
diff --git a/fs/ksmbd/mgmt/tree_connect.h b/fs/ksmbd/mgmt/tree_connect.h
index 4e40ec3f4774..18e2a996e0aa 100644
--- a/fs/ksmbd/mgmt/tree_connect.h
+++ b/fs/ksmbd/mgmt/tree_connect.h
@@ -8,7 +8,7 @@
#include <linux/hashtable.h>
-#include "../ksmbd_server.h"
+#include "../ksmbd_netlink.h"
struct ksmbd_share_config;
struct ksmbd_user;
diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c
index f7e5f21d4ae2..8262908e467c 100644
--- a/fs/ksmbd/smb2ops.c
+++ b/fs/ksmbd/smb2ops.c
@@ -12,7 +12,6 @@
#include "connection.h"
#include "smb_common.h"
#include "server.h"
-#include "ksmbd_server.h"
static struct smb_version_values smb21_server_values = {
.version_string = SMB21_VERSION_STRING,
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index 958937a548a1..d385c7045cc0 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -14,7 +14,6 @@
#include "smb_common.h"
#include "server.h"
#include "misc.h"
-#include "ksmbd_server.h"
#include "mgmt/share_config.h"
static const struct smb_sid domain = {1, 4, {0, 0, 0, 0, 0, 5},
diff --git a/fs/ksmbd/vfs.h b/fs/ksmbd/vfs.h
index ba12fea004b5..e30174a0e5a1 100644
--- a/fs/ksmbd/vfs.h
+++ b/fs/ksmbd/vfs.h
@@ -14,92 +14,7 @@
#include <linux/posix_acl.h>
#include "smbacl.h"
-
-/* STREAM XATTR PREFIX */
-#define STREAM_PREFIX "DosStream."
-#define STREAM_PREFIX_LEN (sizeof(STREAM_PREFIX) - 1)
-#define XATTR_NAME_STREAM (XATTR_USER_PREFIX STREAM_PREFIX)
-#define XATTR_NAME_STREAM_LEN (sizeof(XATTR_NAME_STREAM) - 1)
-
-enum {
- XATTR_DOSINFO_ATTRIB = 0x00000001,
- XATTR_DOSINFO_EA_SIZE = 0x00000002,
- XATTR_DOSINFO_SIZE = 0x00000004,
- XATTR_DOSINFO_ALLOC_SIZE = 0x00000008,
- XATTR_DOSINFO_CREATE_TIME = 0x00000010,
- XATTR_DOSINFO_CHANGE_TIME = 0x00000020,
- XATTR_DOSINFO_ITIME = 0x00000040
-};
-
-struct xattr_dos_attrib {
- __u16 version;
- __u32 flags;
- __u32 attr;
- __u32 ea_size;
- __u64 size;
- __u64 alloc_size;
- __u64 create_time;
- __u64 change_time;
- __u64 itime;
-};
-
-/* DOS ATTRIBUITE XATTR PREFIX */
-#define DOS_ATTRIBUTE_PREFIX "DOSATTRIB"
-#define DOS_ATTRIBUTE_PREFIX_LEN (sizeof(DOS_ATTRIBUTE_PREFIX) - 1)
-#define XATTR_NAME_DOS_ATTRIBUTE \
- (XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX)
-#define XATTR_NAME_DOS_ATTRIBUTE_LEN \
- (sizeof(XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX) - 1)
-
-#define XATTR_SD_HASH_TYPE_SHA256 0x1
-#define XATTR_SD_HASH_SIZE 64
-
-#define SMB_ACL_READ 4
-#define SMB_ACL_WRITE 2
-#define SMB_ACL_EXECUTE 1
-
-enum {
- SMB_ACL_TAG_INVALID = 0,
- SMB_ACL_USER,
- SMB_ACL_USER_OBJ,
- SMB_ACL_GROUP,
- SMB_ACL_GROUP_OBJ,
- SMB_ACL_OTHER,
- SMB_ACL_MASK
-};
-
-struct xattr_acl_entry {
- int type;
- uid_t uid;
- gid_t gid;
- mode_t perm;
-};
-
-struct xattr_smb_acl {
- int count;
- int next;
- struct xattr_acl_entry entries[0];
-};
-
-struct xattr_ntacl {
- __u16 version;
- void *sd_buf;
- __u32 sd_size;
- __u16 hash_type;
- __u8 desc[10];
- __u16 desc_len;
- __u64 current_time;
- __u8 hash[XATTR_SD_HASH_SIZE];
- __u8 posix_acl_hash[XATTR_SD_HASH_SIZE];
-};
-
-/* SECURITY DESCRIPTOR XATTR PREFIX */
-#define SD_PREFIX "NTACL"
-#define SD_PREFIX_LEN (sizeof(SD_PREFIX) - 1)
-#define XATTR_NAME_SD \
- (XATTR_SECURITY_PREFIX SD_PREFIX)
-#define XATTR_NAME_SD_LEN \
- (sizeof(XATTR_SECURITY_PREFIX SD_PREFIX) - 1)
+#include "xattr.h"
/*
* Enumeration for stream type.
diff --git a/fs/ksmbd/xattr.h b/fs/ksmbd/xattr.h
new file mode 100644
index 000000000000..8857c01093d9
--- /dev/null
+++ b/fs/ksmbd/xattr.h
@@ -0,0 +1,122 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (C) 2021 Samsung Electronics Co., Ltd.
+ */
+
+#ifndef __XATTR_H__
+#define __XATTR_H__
+
+/*
+ * These are on-disk structures to store additional metadata into xattr to
+ * reproduce windows filesystem semantics. And they are encoded with NDR to
+ * compatible with samba's xattr meta format. The compatibility with samba
+ * is important because it can lose the information(file attribute,
+ * creation time, acls) about the existing files when switching between
+ * ksmbd and samba.
+ */
+
+/*
+ * Dos attribute flags used for what variable is valid.
+ */
+enum {
+ XATTR_DOSINFO_ATTRIB = 0x00000001,
+ XATTR_DOSINFO_EA_SIZE = 0x00000002,
+ XATTR_DOSINFO_SIZE = 0x00000004,
+ XATTR_DOSINFO_ALLOC_SIZE = 0x00000008,
+ XATTR_DOSINFO_CREATE_TIME = 0x00000010,
+ XATTR_DOSINFO_CHANGE_TIME = 0x00000020,
+ XATTR_DOSINFO_ITIME = 0x00000040
+};
+
+/*
+ * Dos attribute structure which is compatible with samba's one.
+ * Storing it into the xattr named "DOSATTRIB" separately from inode
+ * allows ksmbd to faithfully reproduce windows filesystem semantics
+ * on top of a POSIX filesystem.
+ */
+struct xattr_dos_attrib {
+ __u16 version; /* version 3 or version 4 */
+ __u32 flags; /* valid flags */
+ __u32 attr; /* Dos attribute */
+ __u32 ea_size; /* EA size */
+ __u64 size;
+ __u64 alloc_size;
+ __u64 create_time; /* File creation time */
+ __u64 change_time; /* File change time */
+ __u64 itime; /* Invented/Initial time */
+};
+
+/*
+ * Enumeration is used for computing posix acl hash.
+ */
+enum {
+ SMB_ACL_TAG_INVALID = 0,
+ SMB_ACL_USER,
+ SMB_ACL_USER_OBJ,
+ SMB_ACL_GROUP,
+ SMB_ACL_GROUP_OBJ,
+ SMB_ACL_OTHER,
+ SMB_ACL_MASK
+};
+
+#define SMB_ACL_READ 4
+#define SMB_ACL_WRITE 2
+#define SMB_ACL_EXECUTE 1
+
+struct xattr_acl_entry {
+ int type;
+ uid_t uid;
+ gid_t gid;
+ mode_t perm;
+};
+
+/*
+ * xattr_smb_acl structure is used for computing posix acl hash.
+ */
+struct xattr_smb_acl {
+ int count;
+ int next;
+ struct xattr_acl_entry entries[0];
+};
+
+/* 64bytes hash in xattr_ntacl is computed with sha256 */
+#define XATTR_SD_HASH_TYPE_SHA256 0x1
+#define XATTR_SD_HASH_SIZE 64
+
+/*
+ * xattr_ntacl is used for storing ntacl and hashes.
+ * Hash is used for checking valid posix acl and ntacl in xattr.
+ */
+struct xattr_ntacl {
+ __u16 version; /* version 4*/
+ void *sd_buf;
+ __u32 sd_size;
+ __u16 hash_type; /* hash type */
+ __u8 desc[10]; /* posix_acl description */
+ __u16 desc_len;
+ __u64 current_time;
+ __u8 hash[XATTR_SD_HASH_SIZE]; /* 64bytes hash for ntacl */
+ __u8 posix_acl_hash[XATTR_SD_HASH_SIZE]; /* 64bytes hash for posix acl */
+};
+
+/* DOS ATTRIBUITE XATTR PREFIX */
+#define DOS_ATTRIBUTE_PREFIX "DOSATTRIB"
+#define DOS_ATTRIBUTE_PREFIX_LEN (sizeof(DOS_ATTRIBUTE_PREFIX) - 1)
+#define XATTR_NAME_DOS_ATTRIBUTE (XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX)
+#define XATTR_NAME_DOS_ATTRIBUTE_LEN \
+ (sizeof(XATTR_USER_PREFIX DOS_ATTRIBUTE_PREFIX) - 1)
+
+/* STREAM XATTR PREFIX */
+#define STREAM_PREFIX "DosStream."
+#define STREAM_PREFIX_LEN (sizeof(STREAM_PREFIX) - 1)
+#define XATTR_NAME_STREAM (XATTR_USER_PREFIX STREAM_PREFIX)
+#define XATTR_NAME_STREAM_LEN (sizeof(XATTR_NAME_STREAM) - 1)
+
+/* SECURITY DESCRIPTOR(NTACL) XATTR PREFIX */
+#define SD_PREFIX "NTACL"
+#define SD_PREFIX_LEN (sizeof(SD_PREFIX) - 1)
+#define XATTR_NAME_SD (XATTR_SECURITY_PREFIX SD_PREFIX)
+#define XATTR_NAME_SD_LEN \
+ (sizeof(XATTR_SECURITY_PREFIX SD_PREFIX) - 1)
+
+#endif /* __XATTR_H__ */
From patchwork Mon Nov 14 12:51:08 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183256
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:27 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:27 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:27 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 159/308] ksmbd: replace struct dentry with struct
path in some function's arguments
Date: Mon, 14 Nov 2022 20:51:08 +0800
Message-ID: <20221114125337.1831594-160-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
25094655-d530-4567-9fe9-08dac63c6e1a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6874381
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit ef24c962d0f29036041a007a75bcd0f50233c83e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ef24c962d0f2
-------------------------------
For user namespace support, we need to pass
struct user_namespace with struct dentry
to some functions. For reducing the number
of arguments, replace the struct dentry with
struct path in these functions.
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 21 +++++++++++----------
fs/ksmbd/smbacl.c | 25 +++++++++++++------------
fs/ksmbd/smbacl.h | 6 +++---
3 files changed, 27 insertions(+), 25 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index bf798ee65b25..d79ea3eb57a7 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2172,13 +2172,13 @@ static noinline int smb2_set_stream_name_xattr(struct path *path,
return 0;
}
-static int smb2_remove_smb_xattrs(struct dentry *dentry)
+static int smb2_remove_smb_xattrs(struct path *path)
{
char *name, *xattr_list = NULL;
ssize_t xattr_list_len;
int err = 0;
- xattr_list_len = ksmbd_vfs_listxattr(dentry, &xattr_list);
+ xattr_list_len = ksmbd_vfs_listxattr(path->dentry, &xattr_list);
if (xattr_list_len < 0) {
goto out;
} else if (!xattr_list_len) {
@@ -2196,7 +2196,7 @@ static int smb2_remove_smb_xattrs(struct dentry *dentry)
strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX, STREAM_PREFIX_LEN))
continue;
- err = ksmbd_vfs_remove_xattr(dentry, name);
+ err = ksmbd_vfs_remove_xattr(path->dentry, name);
if (err)
ksmbd_debug(SMB, "remove xattr failed : %s\n", name);
}
@@ -2214,7 +2214,7 @@ static int smb2_create_truncate(struct path *path)
return rc;
}
- rc = smb2_remove_smb_xattrs(path->dentry);
+ rc = smb2_remove_smb_xattrs(path);
if (rc == -EOPNOTSUPP)
rc = 0;
if (rc)
@@ -2305,7 +2305,7 @@ static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name,
static int smb2_create_sd_buffer(struct ksmbd_work *work,
struct smb2_create_req *req,
- struct dentry *dentry)
+ struct path *path)
{
struct create_context *context;
int rc = -ENOENT;
@@ -2321,7 +2321,8 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work,
ksmbd_debug(SMB,
"Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
sd_buf = (struct create_sd_buf_req *)context;
- rc = set_info_sec(work->conn, work->tcon, dentry, &sd_buf->ntsd,
+ rc = set_info_sec(work->conn, work->tcon,
+ path, &sd_buf->ntsd,
le32_to_cpu(sd_buf->ccontext.DataLength), true);
}
@@ -2684,7 +2685,7 @@ int smb2_open(struct ksmbd_work *work)
daccess = smb_map_generic_desired_access(req->DesiredAccess);
if (file_present && !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
- rc = smb_check_perm_dacl(conn, path.dentry, &daccess,
+ rc = smb_check_perm_dacl(conn, &path, &daccess,
sess->user->uid);
if (rc)
goto err_out;
@@ -2814,12 +2815,12 @@ int smb2_open(struct ksmbd_work *work)
if (test_share_config_flag(work->tcon->share_conf,
KSMBD_SHARE_FLAG_ACL_XATTR)) {
- rc = smb_inherit_dacl(conn, path.dentry, sess->user->uid,
+ rc = smb_inherit_dacl(conn, &path, sess->user->uid,
sess->user->gid);
}
if (rc) {
- rc = smb2_create_sd_buffer(work, req, path.dentry);
+ rc = smb2_create_sd_buffer(work, req, &path);
if (rc) {
if (posix_acl_rc)
ksmbd_vfs_set_init_posix_acl(inode);
@@ -5719,7 +5720,7 @@ static int smb2_set_info_sec(struct ksmbd_file *fp, int addition_info,
fp->saccess |= FILE_SHARE_DELETE_LE;
- return set_info_sec(fp->conn, fp->tcon, fp->filp->f_path.dentry, pntsd,
+ return set_info_sec(fp->conn, fp->tcon, &fp->filp->f_path, pntsd,
buf_len, false);
}
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index d385c7045cc0..e0825d3771a1 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -941,7 +941,8 @@ static void smb_set_ace(struct smb_ace *ace, const struct smb_sid *sid, u8 type,
ace->size = cpu_to_le16(1 + 1 + 2 + 4 + 1 + 1 + 6 + (sid->num_subauth * 4));
}
-int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+int smb_inherit_dacl(struct ksmbd_conn *conn,
+ struct path *path,
unsigned int uid, unsigned int gid)
{
const struct smb_sid *psid, *creator = NULL;
@@ -949,11 +950,11 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
struct smb_acl *parent_pdacl;
struct smb_ntsd *parent_pntsd = NULL;
struct smb_sid owner_sid, group_sid;
- struct dentry *parent = dentry->d_parent;
+ struct dentry *parent = path->dentry->d_parent;
int inherited_flags = 0, flags = 0, i, ace_cnt = 0, nt_size = 0;
int rc = -ENOENT, num_aces, dacloffset, pntsd_type, acl_len;
char *aces_base;
- bool is_dir = S_ISDIR(d_inode(dentry)->i_mode);
+ bool is_dir = S_ISDIR(d_inode(path->dentry)->i_mode);
acl_len = ksmbd_vfs_get_sd_xattr(conn, parent, &parent_pntsd);
if (acl_len <= 0)
@@ -1086,7 +1087,7 @@ int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
pntsd_size += sizeof(struct smb_acl) + nt_size;
}
- ksmbd_vfs_set_sd_xattr(conn, dentry, pntsd, pntsd_size);
+ ksmbd_vfs_set_sd_xattr(conn, path->dentry, pntsd, pntsd_size);
kfree(pntsd);
rc = 0;
}
@@ -1109,7 +1110,7 @@ bool smb_inherit_flags(int flags, bool is_dir)
return false;
}
-int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+int smb_check_perm_dacl(struct ksmbd_conn *conn, struct path *path,
__le32 *pdaccess, int uid)
{
struct smb_ntsd *pntsd = NULL;
@@ -1127,7 +1128,7 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
char *end_of_acl;
ksmbd_debug(SMB, "check permission using windows acl\n");
- acl_size = ksmbd_vfs_get_sd_xattr(conn, dentry, &pntsd);
+ acl_size = ksmbd_vfs_get_sd_xattr(conn, path->dentry, &pntsd);
if (acl_size <= 0 || !pntsd || !pntsd->dacloffset) {
kfree(pntsd);
return 0;
@@ -1201,7 +1202,7 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
granted = GENERIC_ALL_FLAGS;
}
- posix_acls = get_acl(d_inode(dentry), ACL_TYPE_ACCESS);
+ posix_acls = get_acl(d_inode(path->dentry), ACL_TYPE_ACCESS);
if (posix_acls && !found) {
unsigned int id = -1;
@@ -1261,12 +1262,12 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
}
int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
- struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
+ struct path *path, struct smb_ntsd *pntsd, int ntsd_len,
bool type_check)
{
int rc;
struct smb_fattr fattr = {{0}};
- struct inode *inode = d_inode(dentry);
+ struct inode *inode = d_inode(path->dentry);
fattr.cf_uid = INVALID_UID;
fattr.cf_gid = INVALID_GID;
@@ -1283,7 +1284,7 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
inode->i_gid = fattr.cf_gid;
mark_inode_dirty(inode);
- ksmbd_vfs_remove_acl_xattrs(dentry);
+ ksmbd_vfs_remove_acl_xattrs(path->dentry);
/* Update posix acls */
if (fattr.cf_dacls) {
rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_ACCESS,
@@ -1299,8 +1300,8 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
if (test_share_config_flag(tcon->share_conf, KSMBD_SHARE_FLAG_ACL_XATTR)) {
/* Update WinACL in xattr */
- ksmbd_vfs_remove_sd_xattrs(dentry);
- ksmbd_vfs_set_sd_xattr(conn, dentry, pntsd, ntsd_len);
+ ksmbd_vfs_remove_sd_xattrs(path->dentry);
+ ksmbd_vfs_set_sd_xattr(conn, path->dentry, pntsd, ntsd_len);
}
out:
diff --git a/fs/ksmbd/smbacl.h b/fs/ksmbd/smbacl.h
index 3e1345e9f24f..4ee7bda32e5f 100644
--- a/fs/ksmbd/smbacl.h
+++ b/fs/ksmbd/smbacl.h
@@ -200,12 +200,12 @@ void posix_state_to_acl(struct posix_acl_state *state,
struct posix_acl_entry *pace);
int compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid);
bool smb_inherit_flags(int flags, bool is_dir);
-int smb_inherit_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+int smb_inherit_dacl(struct ksmbd_conn *conn, struct path *path,
unsigned int uid, unsigned int gid);
-int smb_check_perm_dacl(struct ksmbd_conn *conn, struct dentry *dentry,
+int smb_check_perm_dacl(struct ksmbd_conn *conn, struct path *path,
__le32 *pdaccess, int uid);
int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
- struct dentry *dentry, struct smb_ntsd *pntsd, int ntsd_len,
+ struct path *path, struct smb_ntsd *pntsd, int ntsd_len,
bool type_check);
void id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid);
void ksmbd_init_domain(u32 *sub_auth);
From patchwork Mon Nov 14 12:51:09 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183257
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:28 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:28 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:27 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 160/308] ksmbd: adapt vfs api to 5.10
Date: Mon, 14 Nov 2022 20:51:09 +0800
Message-ID: <20221114125337.1831594-161-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e6ae0d0d-61ae-4a33-7e2b-08dac63c6e63
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6965482
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
-------------------------------
These vfs apis have not supported user namespace in 5.10, so we need to
adapt these apis to remove all user namespace parameters.
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 31 +++++++++++++-------------
fs/ksmbd/smbacl.c | 4 ++--
fs/ksmbd/vfs.c | 54 +++++++++++++++++++++-------------------------
3 files changed, 41 insertions(+), 48 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index d79ea3eb57a7..dedd00379fde 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2634,7 +2634,7 @@ int smb2_open(struct ksmbd_work *work)
rc = 0;
} else {
file_present = true;
- generic_fillattr(&init_user_ns, d_inode(path.dentry), &stat);
+ generic_fillattr(d_inode(path.dentry), &stat);
}
if (stream_name) {
if (req->CreateOptions & FILE_DIRECTORY_FILE_LE) {
@@ -2738,8 +2738,7 @@ int smb2_open(struct ksmbd_work *work)
* is already granted.
*/
if (daccess & ~(FILE_READ_ATTRIBUTES_LE | FILE_READ_CONTROL_LE)) {
- rc = inode_permission(&init_user_ns,
- d_inode(path.dentry),
+ rc = inode_permission(d_inode(path.dentry),
may_flags);
if (rc)
goto err_out;
@@ -2895,7 +2894,7 @@ int smb2_open(struct ksmbd_work *work)
rc = ksmbd_vfs_getattr(&path, &stat);
if (rc) {
- generic_fillattr(&init_user_ns, d_inode(path.dentry), &stat);
+ generic_fillattr(d_inode(path.dentry), &stat);
rc = 0;
}
@@ -2996,7 +2995,7 @@ int smb2_open(struct ksmbd_work *work)
memcpy(fp->client_guid, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE);
- generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
+ generic_fillattr(file_inode(fp->filp), &stat);
rsp->StructureSize = cpu_to_le16(89);
rcu_read_lock();
@@ -3710,7 +3709,7 @@ int smb2_query_dir(struct ksmbd_work *work)
}
if (!(dir_fp->daccess & FILE_LIST_DIRECTORY_LE) ||
- inode_permission(&init_user_ns, file_inode(dir_fp->filp),
+ inode_permission(file_inode(dir_fp->filp),
MAY_READ | MAY_EXEC)) {
pr_err("no right to enumerate directory (%pd)\n",
dir_fp->filp->f_path.dentry);
@@ -4124,7 +4123,7 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
}
basic_info = (struct smb2_file_all_info *)rsp->Buffer;
- generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
+ generic_fillattr(file_inode(fp->filp), &stat);
basic_info->CreationTime = cpu_to_le64(fp->create_time);
time = ksmbd_UnixTimeToNT(stat.atime);
basic_info->LastAccessTime = cpu_to_le64(time);
@@ -4165,7 +4164,7 @@ static void get_file_standard_info(struct smb2_query_info_rsp *rsp,
struct kstat stat;
inode = file_inode(fp->filp);
- generic_fillattr(&init_user_ns, inode, &stat);
+ generic_fillattr(inode, &stat);
sinfo = (struct smb2_file_standard_info *)rsp->Buffer;
delete_pending = ksmbd_inode_pending_delete(fp);
@@ -4220,7 +4219,7 @@ static int get_file_all_info(struct ksmbd_work *work,
return -ENOMEM;
inode = file_inode(fp->filp);
- generic_fillattr(&init_user_ns, inode, &stat);
+ generic_fillattr(inode, &stat);
ksmbd_debug(SMB, "filename = %s\n", filename);
delete_pending = ksmbd_inode_pending_delete(fp);
@@ -4295,7 +4294,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
ssize_t xattr_list_len;
int nbytes = 0, streamlen, stream_name_len, next, idx = 0;
- generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
+ generic_fillattr(file_inode(fp->filp), &stat);
file_info = (struct smb2_file_stream_info *)rsp->Buffer;
xattr_list_len = ksmbd_vfs_listxattr(path->dentry, &xattr_list);
@@ -4374,7 +4373,7 @@ static void get_file_internal_info(struct smb2_query_info_rsp *rsp,
struct smb2_file_internal_info *file_info;
struct kstat stat;
- generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
+ generic_fillattr(file_inode(fp->filp), &stat);
file_info = (struct smb2_file_internal_info *)rsp->Buffer;
file_info->IndexNumber = cpu_to_le64(stat.ino);
rsp->OutputBufferLength =
@@ -4399,7 +4398,7 @@ static int get_file_network_open_info(struct smb2_query_info_rsp *rsp,
file_info = (struct smb2_file_ntwrk_info *)rsp->Buffer;
inode = file_inode(fp->filp);
- generic_fillattr(&init_user_ns, inode, &stat);
+ generic_fillattr(inode, &stat);
file_info->CreationTime = cpu_to_le64(fp->create_time);
time = ksmbd_UnixTimeToNT(stat.atime);
@@ -4460,7 +4459,7 @@ static void get_file_compression_info(struct smb2_query_info_rsp *rsp,
struct smb2_file_comp_info *file_info;
struct kstat stat;
- generic_fillattr(&init_user_ns, file_inode(fp->filp), &stat);
+ generic_fillattr(file_inode(fp->filp), &stat);
file_info = (struct smb2_file_comp_info *)rsp->Buffer;
file_info->CompressedFileSize = cpu_to_le64(stat.blocks << 9);
@@ -5433,14 +5432,14 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
return -EACCES;
- rc = setattr_prepare(&init_user_ns, dentry, &attrs);
+ rc = setattr_prepare(dentry, &attrs);
if (rc)
return -EINVAL;
inode_lock(inode);
- setattr_copy(&init_user_ns, inode, &attrs);
+ setattr_copy(inode, &attrs);
attrs.ia_valid &= ~ATTR_CTIME;
- rc = notify_change(&init_user_ns, dentry, &attrs, NULL);
+ rc = notify_change(dentry, &attrs, NULL);
inode_unlock(inode);
}
return 0;
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index e0825d3771a1..b1e9473a732a 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -1287,10 +1287,10 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
ksmbd_vfs_remove_acl_xattrs(path->dentry);
/* Update posix acls */
if (fattr.cf_dacls) {
- rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_ACCESS,
+ rc = set_posix_acl(inode, ACL_TYPE_ACCESS,
fattr.cf_acls);
if (S_ISDIR(inode->i_mode) && fattr.cf_dacls)
- rc = set_posix_acl(&init_user_ns, inode,
+ rc = set_posix_acl(inode,
ACL_TYPE_DEFAULT, fattr.cf_dacls);
}
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 702166266f91..63aea927d71e 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -107,7 +107,7 @@ int ksmbd_vfs_may_delete(struct dentry *dentry)
return ret;
}
- ret = inode_permission(&init_user_ns, d_inode(parent),
+ ret = inode_permission(d_inode(parent),
MAY_EXEC | MAY_WRITE);
inode_unlock(d_inode(parent));
@@ -122,16 +122,16 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
*daccess = cpu_to_le32(FILE_READ_ATTRIBUTES | READ_CONTROL);
- if (!inode_permission(&init_user_ns, d_inode(dentry), MAY_OPEN | MAY_WRITE))
+ if (!inode_permission(d_inode(dentry), MAY_OPEN | MAY_WRITE))
*daccess |= cpu_to_le32(WRITE_DAC | WRITE_OWNER | SYNCHRONIZE |
FILE_WRITE_DATA | FILE_APPEND_DATA |
FILE_WRITE_EA | FILE_WRITE_ATTRIBUTES |
FILE_DELETE_CHILD);
- if (!inode_permission(&init_user_ns, d_inode(dentry), MAY_OPEN | MAY_READ))
+ if (!inode_permission(d_inode(dentry), MAY_OPEN | MAY_READ))
*daccess |= FILE_READ_DATA_LE | FILE_READ_EA_LE;
- if (!inode_permission(&init_user_ns, d_inode(dentry), MAY_OPEN | MAY_EXEC))
+ if (!inode_permission(d_inode(dentry), MAY_OPEN | MAY_EXEC))
*daccess |= FILE_EXECUTE_LE;
parent = dget_parent(dentry);
@@ -141,7 +141,7 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
return ret;
}
- if (!inode_permission(&init_user_ns, d_inode(parent), MAY_EXEC | MAY_WRITE))
+ if (!inode_permission(d_inode(parent), MAY_EXEC | MAY_WRITE))
*daccess |= FILE_DELETE_LE;
inode_unlock(d_inode(parent));
@@ -173,7 +173,7 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
}
mode |= S_IFREG;
- err = vfs_create(&init_user_ns, d_inode(path.dentry), dentry, mode, true);
+ err = vfs_create(d_inode(path.dentry), dentry, mode, true);
if (!err) {
ksmbd_vfs_inherit_owner(work, d_inode(path.dentry),
d_inode(dentry));
@@ -208,7 +208,7 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
}
mode |= S_IFDIR;
- err = vfs_mkdir(&init_user_ns, d_inode(path.dentry), dentry, mode);
+ err = vfs_mkdir(d_inode(path.dentry), dentry, mode);
if (err) {
goto out;
} else if (d_unhashed(dentry)) {
@@ -606,12 +606,12 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
}
if (S_ISDIR(d_inode(path.dentry)->i_mode)) {
- err = vfs_rmdir(&init_user_ns, d_inode(parent), path.dentry);
+ err = vfs_rmdir(d_inode(parent), path.dentry);
if (err && err != -ENOTEMPTY)
ksmbd_debug(VFS, "%s: rmdir failed, err %d\n", name,
err);
} else {
- err = vfs_unlink(&init_user_ns, d_inode(parent), path.dentry,
+ err = vfs_unlink(d_inode(parent), path.dentry,
NULL);
if (err)
ksmbd_debug(VFS, "%s: unlink failed, err %d\n", name,
@@ -669,7 +669,7 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
goto out3;
}
- err = vfs_link(oldpath.dentry, &init_user_ns, d_inode(newpath.dentry),
+ err = vfs_link(oldpath.dentry, d_inode(newpath.dentry),
dentry, NULL);
if (err)
ksmbd_debug(VFS, "vfs_link failed err %d\n", err);
@@ -743,15 +743,9 @@ static int __ksmbd_vfs_rename(struct ksmbd_work *work,
err = -ENOTEMPTY;
if (dst_dent != trap_dent && !d_really_is_positive(dst_dent)) {
- struct renamedata rd = {
- .old_mnt_userns = &init_user_ns,
- .old_dir = d_inode(src_dent_parent),
- .old_dentry = src_dent,
- .new_mnt_userns = &init_user_ns,
- .new_dir = d_inode(dst_dent_parent),
- .new_dentry = dst_dent,
- };
- err = vfs_rename(&rd);
+ err = vfs_rename(d_inode(src_dent_parent), src_dent,
+ d_inode(dst_dent_parent), dst_dent,
+ NULL, 0);
}
if (err)
pr_err("vfs_rename failed err %d\n", err);
@@ -919,7 +913,7 @@ ssize_t ksmbd_vfs_listxattr(struct dentry *dentry, char **list)
static ssize_t ksmbd_vfs_xattr_len(struct dentry *dentry, char *xattr_name)
{
- return vfs_getxattr(&init_user_ns, dentry, xattr_name, NULL, 0);
+ return vfs_getxattr(dentry, xattr_name, NULL, 0);
}
/**
@@ -945,7 +939,7 @@ ssize_t ksmbd_vfs_getxattr(struct dentry *dentry, char *xattr_name,
if (!buf)
return -ENOMEM;
- xattr_len = vfs_getxattr(&init_user_ns, dentry, xattr_name,
+ xattr_len = vfs_getxattr(dentry, xattr_name,
(void *)buf, xattr_len);
if (xattr_len > 0)
*xattr_buf = buf;
@@ -969,7 +963,7 @@ int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
{
int err;
- err = vfs_setxattr(&init_user_ns, dentry,
+ err = vfs_setxattr(dentry,
attr_name,
attr_value,
attr_size,
@@ -1078,7 +1072,7 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name)
{
- return vfs_removexattr(&init_user_ns, dentry, attr_name);
+ return vfs_removexattr(dentry, attr_name);
}
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
@@ -1091,9 +1085,9 @@ int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
dget(dentry);
if (S_ISDIR(d_inode(dentry)->i_mode))
- err = vfs_rmdir(&init_user_ns, d_inode(dir), dentry);
+ err = vfs_rmdir(d_inode(dir), dentry);
else
- err = vfs_unlink(&init_user_ns, d_inode(dir), dentry, NULL);
+ err = vfs_unlink(d_inode(dir), dentry, NULL);
dput(dentry);
inode_unlock(d_inode(dir));
@@ -1599,7 +1593,7 @@ int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
u64 time;
int rc;
- generic_fillattr(&init_user_ns, d_inode(dentry), ksmbd_kstat->kstat);
+ generic_fillattr(d_inode(dentry), ksmbd_kstat->kstat);
time = ksmbd_UnixTimeToNT(ksmbd_kstat->kstat->ctime);
ksmbd_kstat->create_time = time;
@@ -1804,13 +1798,13 @@ int ksmbd_vfs_set_init_posix_acl(struct inode *inode)
return -ENOMEM;
}
posix_state_to_acl(&acl_state, acls->a_entries);
- rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_ACCESS, acls);
+ rc = set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
rc);
else if (S_ISDIR(inode->i_mode)) {
posix_state_to_acl(&acl_state, acls->a_entries);
- rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_DEFAULT,
+ rc = set_posix_acl(inode, ACL_TYPE_DEFAULT,
acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
@@ -1839,12 +1833,12 @@ int ksmbd_vfs_inherit_posix_acl(struct inode *inode, struct inode *parent_inode)
}
}
- rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_ACCESS, acls);
+ rc = set_posix_acl(inode, ACL_TYPE_ACCESS, acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_ACCESS) failed, rc : %d\n",
rc);
if (S_ISDIR(inode->i_mode)) {
- rc = set_posix_acl(&init_user_ns, inode, ACL_TYPE_DEFAULT,
+ rc = set_posix_acl(inode, ACL_TYPE_DEFAULT,
acls);
if (rc < 0)
ksmbd_debug(SMB, "Set posix acl(ACL_TYPE_DEFAULT) failed, rc : %d\n",
From patchwork Mon Nov 14 12:51:10 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183258
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:28 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:28 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 161/308] ksmbd: fix kernel oops in
ksmbd_rpc_ioctl/rap()
Date: Mon, 14 Nov 2022 20:51:10 +0800
Message-ID: <20221114125337.1831594-162-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
b758bf36-af31-407e-5cf9-08dac63c6eac
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7047542
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 690f969705138b235b9fa4c4d19e5129ed54a845
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/690f96970513
-------------------------------
"ksmbd: remove macros in transport_ipc.c" commit change msg to req in
ksmbd_rpc_ioctl/rap(). This will cause kernel oops when running smbclient
-L test.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_ipc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c
index ca5099118fdf..44aea33a67fa 100644
--- a/fs/ksmbd/transport_ipc.c
+++ b/fs/ksmbd/transport_ipc.c
@@ -752,7 +752,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = (struct ksmbd_rpc_command *)req->payload;
+ req = (struct ksmbd_rpc_command *)msg->payload;
req->handle = handle;
req->flags = ksmbd_session_rpc_method(sess, handle);
req->flags |= rpc_context_flags(sess);
@@ -777,7 +777,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payloa
return NULL;
msg->type = KSMBD_EVENT_RPC_REQUEST;
- req = (struct ksmbd_rpc_command *)req->payload;
+ req = (struct ksmbd_rpc_command *)msg->payload;
req->handle = ksmbd_acquire_id(&ipc_ida);
req->flags = rpc_context_flags(sess);
req->flags |= KSMBD_RPC_RAP_METHOD;
From patchwork Mon Nov 14 12:51:11 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183259
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:29 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:29 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 162/308] ksmbd: Fix read on the uninitialized
pointer sess
Date: Mon, 14 Nov 2022 20:51:11 +0800
Message-ID: <20221114125337.1831594-163-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ce8da284-f311-4264-ee26-08dac63c6ef4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6968047
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Colin Ian King <colin.king(a)canonical.com>
mainline inclusion
from mainline-5.15-rc1
commit 4951a84f61d6de4ab5aca1d49a6b6ee2ad2d1eec
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4951a84f61d6
-------------------------------
There is a error handling case that passes control to label out_err
without pointer sess being assigned a value. The unassigned pointer
may be any garbage value and so the test of rc < 0 && sess maybe
true leading to sess being passed to the call to ksmbd_session_destroy.
Fix this by setting sess to NULL in this corner case.
Addresses-Coverity: ("Uninitialized pointer read")
Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index dedd00379fde..986ba0632dcc 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1615,6 +1615,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
} else if ((conn->dialect < SMB30_PROT_ID ||
server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) &&
(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
+ sess = NULL;
rc = -EACCES;
goto out_err;
} else {
From patchwork Mon Nov 14 12:51:12 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183260
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:29 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:29 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 163/308] ksmbd: remove unneeded NULL check in
for_each_netdev
Date: Mon, 14 Nov 2022 20:51:12 +0800
Message-ID: <20221114125337.1831594-164-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d12aa288-5677-446d-cc21-08dac63c6f3d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7039113
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 6cfbcf2f40e371ce36c030addc539597d058b3a9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6cfbcf2f40e3
-------------------------------
netdev can never be NULL in for_each_netdev loop.
This patch remove unneeded NULL check.
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 986ba0632dcc..381ee5a812fc 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6961,11 +6961,6 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
rtnl_lock();
for_each_netdev(&init_net, netdev) {
- if (unlikely(!netdev)) {
- rtnl_unlock();
- return -EINVAL;
- }
-
if (netdev->type == ARPHRD_LOOPBACK)
continue;
From patchwork Mon Nov 14 12:51:13 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183261
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:30 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:29 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 164/308] ksmbd: fix read on the uninitialized
send_ctx
Date: Mon, 14 Nov 2022 20:51:13 +0800
Message-ID: <20221114125337.1831594-165-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d022e6f3-669d-4b59-db23-08dac63c6f87
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7043174
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit b8fc94cdb144467d88f35344076fd3621af93a17
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b8fc94cdb144
-------------------------------
If st->status is not SMB_DIRECT_CS_CONNECTED, It will jump done label
and accessing the uninitialized send_ctxi by smb_direct_flush_send_list
will cause kernel oops. This patch just return -ENOTCONN to avoid it.
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 171fb3dd018a..d5728c84a15a 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -1207,10 +1207,8 @@ static int smb_direct_writev(struct ksmbd_transport *t,
struct kvec vec;
struct smb_direct_send_ctx send_ctx;
- if (st->status != SMB_DIRECT_CS_CONNECTED) {
- ret = -ENOTCONN;
- goto done;
- }
+ if (st->status != SMB_DIRECT_CS_CONNECTED)
+ return -ENOTCONN;
//FIXME: skip RFC1002 header..
buflen -= 4;
From patchwork Mon Nov 14 12:51:14 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183262
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:30 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:29 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 165/308] ksmbd: fix memory leak
smb2_populate_readdir_entry()
Date: Mon, 14 Nov 2022 20:51:14 +0800
Message-ID: <20221114125337.1831594-166-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
fc0fb736-7335-4cf8-9e92-08dac63c6fd1
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6825508
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit dac0ec6e1b4a876abb61b6cd2ec589f8e87e95c9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/dac0ec6e1b4a
-------------------------------
Add missing kfree(conv_name) on error path.
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 381ee5a812fc..7f665a82d5b4 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3266,7 +3266,7 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
char *conv_name;
int conv_len;
void *kstat;
- int struct_sz;
+ int struct_sz, rc = 0;
conv_name = ksmbd_convert_dir_info_name(d_info,
conn->local_nls,
@@ -3276,8 +3276,8 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
/* Somehow the name has only terminating NULL bytes */
if (conv_len < 0) {
- kfree(conv_name);
- return -EINVAL;
+ rc = -EINVAL;
+ goto free_conv_name;
}
struct_sz = readdir_info_level_struct_sz(info_level);
@@ -3286,7 +3286,8 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
if (next_entry_offset > d_info->out_buf_len) {
d_info->out_buf_len = 0;
- return -ENOSPC;
+ rc = -ENOSPC;
+ goto free_conv_name;
}
kstat = d_info->wptr;
@@ -3428,14 +3429,15 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
d_info->data_count += next_entry_offset;
d_info->out_buf_len -= next_entry_offset;
d_info->wptr += next_entry_offset;
- kfree(conv_name);
ksmbd_debug(SMB,
"info_level : %d, buf_len :%d, next_offset : %d, data_count : %d\n",
info_level, d_info->out_buf_len,
next_entry_offset, d_info->data_count);
- return 0;
+free_conv_name:
+ kfree(conv_name);
+ return rc;
}
struct smb2_query_dir_private {
From patchwork Mon Nov 14 12:51:15 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183263
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:31 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:30 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 166/308] ksmbd: fix memory leak in
smb_inherit_dacl()
Date: Mon, 14 Nov 2022 20:51:15 +0800
Message-ID: <20221114125337.1831594-167-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
082f282e-a33c-4d55-5686-08dac63c701a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6996852
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit a9071e3c8659d777eb6527e1d377021381d1b5ec
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a9071e3c8659
-------------------------------
Add two labels to fix memory leak in smb_inherit_dacl().
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smbacl.c | 23 ++++++++++++++---------
1 file changed, 14 insertions(+), 9 deletions(-)
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index b1e9473a732a..f6019f0dc8fd 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -952,24 +952,28 @@ int smb_inherit_dacl(struct ksmbd_conn *conn,
struct smb_sid owner_sid, group_sid;
struct dentry *parent = path->dentry->d_parent;
int inherited_flags = 0, flags = 0, i, ace_cnt = 0, nt_size = 0;
- int rc = -ENOENT, num_aces, dacloffset, pntsd_type, acl_len;
+ int rc = 0, num_aces, dacloffset, pntsd_type, acl_len;
char *aces_base;
bool is_dir = S_ISDIR(d_inode(path->dentry)->i_mode);
acl_len = ksmbd_vfs_get_sd_xattr(conn, parent, &parent_pntsd);
if (acl_len <= 0)
- return rc;
+ return -ENOENT;
dacloffset = le32_to_cpu(parent_pntsd->dacloffset);
- if (!dacloffset)
- goto out;
+ if (!dacloffset) {
+ rc = -EINVAL;
+ goto free_parent_pntsd;
+ }
parent_pdacl = (struct smb_acl *)((char *)parent_pntsd + dacloffset);
num_aces = le32_to_cpu(parent_pdacl->num_aces);
pntsd_type = le16_to_cpu(parent_pntsd->type);
aces_base = kmalloc(sizeof(struct smb_ace) * num_aces * 2, GFP_KERNEL);
- if (!aces_base)
- goto out;
+ if (!aces_base) {
+ rc = -ENOMEM;
+ goto free_parent_pntsd;
+ }
aces = (struct smb_ace *)aces_base;
parent_aces = (struct smb_ace *)((char *)parent_pdacl +
@@ -1049,7 +1053,7 @@ int smb_inherit_dacl(struct ksmbd_conn *conn,
nt_size, GFP_KERNEL);
if (!pntsd) {
rc = -ENOMEM;
- goto out;
+ goto free_aces_base;
}
pntsd->revision = cpu_to_le16(1);
@@ -1089,11 +1093,12 @@ int smb_inherit_dacl(struct ksmbd_conn *conn,
ksmbd_vfs_set_sd_xattr(conn, path->dentry, pntsd, pntsd_size);
kfree(pntsd);
- rc = 0;
}
+free_aces_base:
kfree(aces_base);
-out:
+free_parent_pntsd:
+ kfree(parent_pntsd);
return rc;
}
From patchwork Mon Nov 14 12:51:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183264
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:31 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:31 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:30 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 167/308] ksmbd: change data type of
volatile/persistent id to u64
Date: Mon, 14 Nov 2022 20:51:16 +0800
Message-ID: <20221114125337.1831594-168-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a47a0195-0b12-4b69-0e24-08dac63c7063
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7228413
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 3867369ef8f760155da684e10d29e0bf9b733b48
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/3867369ef8f7
-------------------------------
This patch change data type of volatile/persistent id to u64 to make
issue from idr_find and idr_remove(). !HAS_FILE_ID check will protect
integer overflow issue from idr_find and idr_remove().
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ksmbd_work.h | 6 +++---
fs/ksmbd/smb2pdu.c | 37 +++++++++++++++++++------------------
fs/ksmbd/vfs_cache.c | 32 ++++++++++++++++----------------
fs/ksmbd/vfs_cache.h | 20 +++++++++-----------
4 files changed, 47 insertions(+), 48 deletions(-)
diff --git a/fs/ksmbd/ksmbd_work.h b/fs/ksmbd/ksmbd_work.h
index c655bf371ce5..f7156bc50049 100644
--- a/fs/ksmbd/ksmbd_work.h
+++ b/fs/ksmbd/ksmbd_work.h
@@ -43,9 +43,9 @@ struct ksmbd_work {
* Current Local FID assigned compound response if SMB2 CREATE
* command is present in compound request
*/
- unsigned int compound_fid;
- unsigned int compound_pfid;
- unsigned int compound_sid;
+ u64 compound_fid;
+ u64 compound_pfid;
+ u64 compound_sid;
const struct cred *saved_cred;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 7f665a82d5b4..56759c254962 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2793,7 +2793,7 @@ int smb2_open(struct ksmbd_work *work)
/* Get Persistent-ID */
ksmbd_open_durable_fd(fp);
- if (!HAS_FILE_ID(fp->persistent_id)) {
+ if (!has_file_id(fp->persistent_id)) {
rc = -ENOMEM;
goto err_out;
}
@@ -4542,15 +4542,15 @@ static int smb2_get_info_file(struct ksmbd_work *work,
}
if (work->next_smb2_rcv_hdr_off) {
- if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
- ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ if (!has_file_id(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %llu\n",
work->compound_fid);
id = work->compound_fid;
pid = work->compound_pfid;
}
}
- if (!HAS_FILE_ID(id)) {
+ if (!has_file_id(id)) {
id = le64_to_cpu(req->VolatileFileId);
pid = le64_to_cpu(req->PersistentFileId);
}
@@ -4913,15 +4913,15 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
}
if (work->next_smb2_rcv_hdr_off) {
- if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
- ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ if (!has_file_id(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %llu\n",
work->compound_fid);
id = work->compound_fid;
pid = work->compound_pfid;
}
}
- if (!HAS_FILE_ID(id)) {
+ if (!has_file_id(id)) {
id = le64_to_cpu(req->VolatileFileId);
pid = le64_to_cpu(req->PersistentFileId);
}
@@ -5044,7 +5044,7 @@ static noinline int smb2_close_pipe(struct ksmbd_work *work)
*/
int smb2_close(struct ksmbd_work *work)
{
- unsigned int volatile_id = KSMBD_NO_FID;
+ u64 volatile_id = KSMBD_NO_FID;
u64 sess_id;
struct smb2_close_req *req;
struct smb2_close_rsp *rsp;
@@ -5080,15 +5080,16 @@ int smb2_close(struct ksmbd_work *work)
}
if (work->next_smb2_rcv_hdr_off &&
- !HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
- if (!HAS_FILE_ID(work->compound_fid)) {
+ !has_file_id(le64_to_cpu(req->VolatileFileId))) {
+ if (!has_file_id(work->compound_fid)) {
/* file already closed, return FILE_CLOSED */
ksmbd_debug(SMB, "file already closed\n");
rsp->hdr.Status = STATUS_FILE_CLOSED;
err = -EBADF;
goto out;
} else {
- ksmbd_debug(SMB, "Compound request set FID = %u:%u\n",
+ ksmbd_debug(SMB,
+ "Compound request set FID = %llu:%llu\n",
work->compound_fid,
work->compound_pfid);
volatile_id = work->compound_fid;
@@ -5100,7 +5101,7 @@ int smb2_close(struct ksmbd_work *work)
} else {
volatile_id = le64_to_cpu(req->VolatileFileId);
}
- ksmbd_debug(SMB, "volatile_id = %u\n", volatile_id);
+ ksmbd_debug(SMB, "volatile_id = %llu\n", volatile_id);
rsp->StructureSize = cpu_to_le16(60);
rsp->Reserved = 0;
@@ -5746,8 +5747,8 @@ int smb2_set_info(struct ksmbd_work *work)
if (work->next_smb2_rcv_hdr_off) {
req = ksmbd_req_buf_next(work);
rsp = ksmbd_resp_buf_next(work);
- if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
- ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ if (!has_file_id(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %llu\n",
work->compound_fid);
id = work->compound_fid;
pid = work->compound_pfid;
@@ -5757,7 +5758,7 @@ int smb2_set_info(struct ksmbd_work *work)
rsp = work->response_buf;
}
- if (!HAS_FILE_ID(id)) {
+ if (!has_file_id(id)) {
id = le64_to_cpu(req->VolatileFileId);
pid = le64_to_cpu(req->PersistentFileId);
}
@@ -7240,8 +7241,8 @@ int smb2_ioctl(struct ksmbd_work *work)
if (work->next_smb2_rcv_hdr_off) {
req = ksmbd_req_buf_next(work);
rsp = ksmbd_resp_buf_next(work);
- if (!HAS_FILE_ID(le64_to_cpu(req->VolatileFileId))) {
- ksmbd_debug(SMB, "Compound request set FID = %u\n",
+ if (!has_file_id(le64_to_cpu(req->VolatileFileId))) {
+ ksmbd_debug(SMB, "Compound request set FID = %llu\n",
work->compound_fid);
id = work->compound_fid;
}
@@ -7250,7 +7251,7 @@ int smb2_ioctl(struct ksmbd_work *work)
rsp = work->response_buf;
}
- if (!HAS_FILE_ID(id))
+ if (!has_file_id(id))
id = le64_to_cpu(req->VolatileFileId);
if (req->Flags != cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL)) {
diff --git a/fs/ksmbd/vfs_cache.c b/fs/ksmbd/vfs_cache.c
index 5c9efcfaeb5c..f9012016bada 100644
--- a/fs/ksmbd/vfs_cache.c
+++ b/fs/ksmbd/vfs_cache.c
@@ -276,7 +276,7 @@ static void __ksmbd_inode_close(struct ksmbd_file *fp)
static void __ksmbd_remove_durable_fd(struct ksmbd_file *fp)
{
- if (!HAS_FILE_ID(fp->persistent_id))
+ if (!has_file_id(fp->persistent_id))
return;
write_lock(&global_ft.lock);
@@ -286,7 +286,7 @@ static void __ksmbd_remove_durable_fd(struct ksmbd_file *fp)
static void __ksmbd_remove_fd(struct ksmbd_file_table *ft, struct ksmbd_file *fp)
{
- if (!HAS_FILE_ID(fp->volatile_id))
+ if (!has_file_id(fp->volatile_id))
return;
write_lock(&fp->f_ci->m_lock);
@@ -326,10 +326,13 @@ static struct ksmbd_file *ksmbd_fp_get(struct ksmbd_file *fp)
}
static struct ksmbd_file *__ksmbd_lookup_fd(struct ksmbd_file_table *ft,
- unsigned int id)
+ u64 id)
{
struct ksmbd_file *fp;
+ if (!has_file_id(id))
+ return NULL;
+
read_lock(&ft->lock);
fp = idr_find(ft->idr, id);
if (fp)
@@ -358,12 +361,12 @@ static void set_close_state_blocked_works(struct ksmbd_file *fp)
spin_unlock(&fp->f_lock);
}
-int ksmbd_close_fd(struct ksmbd_work *work, unsigned int id)
+int ksmbd_close_fd(struct ksmbd_work *work, u64 id)
{
struct ksmbd_file *fp;
struct ksmbd_file_table *ft;
- if (!HAS_FILE_ID(id))
+ if (!has_file_id(id))
return 0;
ft = &work->sess->file_table;
@@ -403,12 +406,12 @@ static bool __sanity_check(struct ksmbd_tree_connect *tcon, struct ksmbd_file *f
return true;
}
-struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, unsigned int id)
+struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, u64 id)
{
return __ksmbd_lookup_fd(&work->sess->file_table, id);
}
-struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, unsigned int id)
+struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, u64 id)
{
struct ksmbd_file *fp = __ksmbd_lookup_fd(&work->sess->file_table, id);
@@ -419,19 +422,16 @@ struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, unsigned int id
return NULL;
}
-struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, unsigned int id,
- unsigned int pid)
+struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, u64 id,
+ u64 pid)
{
struct ksmbd_file *fp;
- if (!HAS_FILE_ID(id)) {
+ if (!has_file_id(id)) {
id = work->compound_fid;
pid = work->compound_pfid;
}
- if (!HAS_FILE_ID(id))
- return NULL;
-
fp = __ksmbd_lookup_fd(&work->sess->file_table, id);
if (!__sanity_check(work->tcon, fp)) {
ksmbd_fd_put(work, fp);
@@ -493,7 +493,7 @@ struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode)
#define OPEN_ID_TYPE_VOLATILE_ID (0)
#define OPEN_ID_TYPE_PERSISTENT_ID (1)
-static void __open_id_set(struct ksmbd_file *fp, unsigned int id, int type)
+static void __open_id_set(struct ksmbd_file *fp, u64 id, int type)
{
if (type == OPEN_ID_TYPE_VOLATILE_ID)
fp->volatile_id = id;
@@ -504,7 +504,7 @@ static void __open_id_set(struct ksmbd_file *fp, unsigned int id, int type)
static int __open_id(struct ksmbd_file_table *ft, struct ksmbd_file *fp,
int type)
{
- unsigned int id = 0;
+ u64 id = 0;
int ret;
if (type == OPEN_ID_TYPE_VOLATILE_ID && fd_limit_depleted()) {
@@ -514,7 +514,7 @@ static int __open_id(struct ksmbd_file_table *ft, struct ksmbd_file *fp,
idr_preload(GFP_KERNEL);
write_lock(&ft->lock);
- ret = idr_alloc_cyclic(ft->idr, fp, 0, INT_MAX, GFP_NOWAIT);
+ ret = idr_alloc_cyclic(ft->idr, fp, 0, INT_MAX - 1, GFP_NOWAIT);
if (ret >= 0) {
id = ret;
ret = 0;
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index 543494f664cb..70e987293564 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -22,7 +22,7 @@
#define FILE_GENERIC_EXECUTE 0X1200a0
#define KSMBD_START_FID 0
-#define KSMBD_NO_FID (UINT_MAX)
+#define KSMBD_NO_FID (INT_MAX)
#define SMB2_NO_FID (0xFFFFFFFFFFFFFFFFULL)
struct ksmbd_conn;
@@ -62,8 +62,8 @@ struct ksmbd_inode {
struct ksmbd_file {
struct file *filp;
char *filename;
- unsigned int persistent_id;
- unsigned int volatile_id;
+ u64 persistent_id;
+ u64 volatile_id;
spinlock_t f_lock;
@@ -122,10 +122,8 @@ struct ksmbd_file_table {
struct idr *idr;
};
-static inline bool HAS_FILE_ID(unsigned long long req)
+static inline bool has_file_id(u64 id)
{
- unsigned int id = (unsigned int)req;
-
return id < KSMBD_NO_FID;
}
@@ -136,11 +134,11 @@ static inline bool ksmbd_stream_fd(struct ksmbd_file *fp)
int ksmbd_init_file_table(struct ksmbd_file_table *ft);
void ksmbd_destroy_file_table(struct ksmbd_file_table *ft);
-int ksmbd_close_fd(struct ksmbd_work *work, unsigned int id);
-struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, unsigned int id);
-struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, unsigned int id);
-struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, unsigned int id,
- unsigned int pid);
+int ksmbd_close_fd(struct ksmbd_work *work, u64 id);
+struct ksmbd_file *ksmbd_lookup_fd_fast(struct ksmbd_work *work, u64 id);
+struct ksmbd_file *ksmbd_lookup_foreign_fd(struct ksmbd_work *work, u64 id);
+struct ksmbd_file *ksmbd_lookup_fd_slow(struct ksmbd_work *work, u64 id,
+ u64 pid);
void ksmbd_fd_put(struct ksmbd_work *work, struct ksmbd_file *fp);
struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id);
struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid);
From patchwork Mon Nov 14 12:51:17 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183265
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:32 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:31 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:31 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 168/308] ksmbd: delete some stray tabs
Date: Mon, 14 Nov 2022 20:51:17 +0800
Message-ID: <20221114125337.1831594-169-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
52de56c8-5ca7-42b0-a011-08dac63c70ab
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6998343
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit 0f6619aee86f11cee0c5063777c4febdf18cb28b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/0f6619aee86f
-------------------------------
These lines are intended one tab too far.
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 56759c254962..a1c284c49e41 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6656,7 +6656,7 @@ int smb2_lock(struct ksmbd_work *work)
cmp_lock->start < smb_lock->end) {
pr_err("previous lock conflict with zero byte lock range\n");
rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
- goto out;
+ goto out;
}
if (smb_lock->zero_len && !cmp_lock->zero_len &&
@@ -6664,7 +6664,7 @@ int smb2_lock(struct ksmbd_work *work)
smb_lock->start < cmp_lock->end) {
pr_err("current lock conflict with zero byte lock range\n");
rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
- goto out;
+ goto out;
}
if (((cmp_lock->start <= smb_lock->start &&
From patchwork Mon Nov 14 12:51:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183266
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:32 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:32 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:31 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 169/308] ksmbd: use kasprintf() in
ksmbd_vfs_xattr_stream_name()
Date: Mon, 14 Nov 2022 20:51:18 +0800
Message-ID: <20221114125337.1831594-170-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
91da31ca-86c7-479e-a423-08dac63c70f4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7261156
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit 07781de9051859d2f38a9e199384c64bb1924c47
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/07781de90518
-------------------------------
Simplify the code by using kasprintf(). This also silences a Smatch
warning:
fs/ksmbd/vfs.c:1725 ksmbd_vfs_xattr_stream_name()
warn: inconsistent indenting
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/vfs.c | 27 ++++++---------------------
1 file changed, 6 insertions(+), 21 deletions(-)
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 63aea927d71e..f6eb746fbd03 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -1651,35 +1651,20 @@ ssize_t ksmbd_vfs_casexattr_len(struct dentry *dentry, char *attr_name,
int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
size_t *xattr_stream_name_size, int s_type)
{
- int stream_name_size;
- char *xattr_stream_name_buf;
- char *type;
- int type_len;
+ char *type, *buf;
if (s_type == DIR_STREAM)
type = ":$INDEX_ALLOCATION";
else
type = ":$DATA";
- type_len = strlen(type);
- stream_name_size = strlen(stream_name);
- *xattr_stream_name_size = stream_name_size + XATTR_NAME_STREAM_LEN + 1;
- xattr_stream_name_buf = kmalloc(*xattr_stream_name_size + type_len,
- GFP_KERNEL);
- if (!xattr_stream_name_buf)
+ buf = kasprintf(GFP_KERNEL, "%s%s%s",
+ XATTR_NAME_STREAM, stream_name, type);
+ if (!buf)
return -ENOMEM;
- memcpy(xattr_stream_name_buf, XATTR_NAME_STREAM, XATTR_NAME_STREAM_LEN);
-
- if (stream_name_size) {
- memcpy(&xattr_stream_name_buf[XATTR_NAME_STREAM_LEN],
- stream_name, stream_name_size);
- }
- memcpy(&xattr_stream_name_buf[*xattr_stream_name_size - 1], type, type_len);
- *xattr_stream_name_size += type_len;
-
- xattr_stream_name_buf[*xattr_stream_name_size - 1] = '\0';
- *xattr_stream_name = xattr_stream_name_buf;
+ *xattr_stream_name = buf;
+ *xattr_stream_name_size = strlen(buf) + 1;
return 0;
}
From patchwork Mon Nov 14 12:51:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183267
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:33 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:32 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:32 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 170/308] ksmbd: fix the running request count
decrement
Date: Mon, 14 Nov 2022 20:51:19 +0800
Message-ID: <20221114125337.1831594-171-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d1ac6dbb-d5ff-4009-35fb-08dac63c713d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7061228
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 4b92841ef27b56883fa4491a3d51db3eef68c481
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4b92841ef27b
-------------------------------
decrement the count of running requests after
sending the last response for multi-response
requests.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 928e22e19def..6e51e08addee 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -120,7 +120,8 @@ int ksmbd_conn_try_dequeue_request(struct ksmbd_work *work)
list_empty(&work->async_request_entry))
return 0;
- atomic_dec(&conn->req_running);
+ if (!work->multiRsp)
+ atomic_dec(&conn->req_running);
spin_lock(&conn->request_lock);
if (!work->multiRsp) {
list_del_init(&work->request_entry);
From patchwork Mon Nov 14 12:51:20 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183268
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:33 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:33 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:32 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 171/308] ksmbd: free ksmbd_lock when file is
closed
Date: Mon, 14 Nov 2022 20:51:20 +0800
Message-ID: <20221114125337.1831594-172-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
58de7972-4510-414d-91e9-08dac63c7187
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6764265
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit d63528eb0d43c4796c42aad56889dec12cf4e122
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d63528eb0d43
-------------------------------
Append ksmbd_lock into the connection's
lock list and the ksmbd_file's lock list.
And when a file is closed, detach ksmbd_lock
from these lists and free it.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 7 +-
fs/ksmbd/connection.h | 6 ++
fs/ksmbd/smb2pdu.c | 154 ++++++++++++++++++++++++++----------------
fs/ksmbd/smb_common.c | 2 -
fs/ksmbd/smb_common.h | 2 -
fs/ksmbd/vfs_cache.c | 16 +++++
fs/ksmbd/vfs_cache.h | 4 +-
7 files changed, 125 insertions(+), 66 deletions(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 6e51e08addee..8430848bea45 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -19,8 +19,8 @@ static DEFINE_MUTEX(init_lock);
static struct ksmbd_conn_ops default_conn_ops;
-static LIST_HEAD(conn_list);
-static DEFINE_RWLOCK(conn_list_lock);
+LIST_HEAD(conn_list);
+DEFINE_RWLOCK(conn_list_lock);
/**
* ksmbd_conn_free() - free resources of the connection instance
@@ -70,6 +70,9 @@ struct ksmbd_conn *ksmbd_conn_alloc(void)
spin_lock_init(&conn->credits_lock);
ida_init(&conn->async_ida);
+ spin_lock_init(&conn->llist_lock);
+ INIT_LIST_HEAD(&conn->lock_list);
+
write_lock(&conn_list_lock);
list_add(&conn->conns_list, &conn_list);
write_unlock(&conn_list_lock);
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index 98108b41f739..487c2024b0d5 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -79,6 +79,9 @@ struct ksmbd_conn {
char *ntlmssp_cryptkey;
};
+ spinlock_t llist_lock;
+ struct list_head lock_list;
+
struct preauth_integrity_info *preauth_info;
bool need_neg;
@@ -138,6 +141,9 @@ struct ksmbd_transport {
#define KSMBD_TCP_SEND_TIMEOUT (5 * HZ)
#define KSMBD_TCP_PEER_SOCKADDR(c) ((struct sockaddr *)&((c)->peer_addr))
+extern struct list_head conn_list;
+extern rwlock_t conn_list_lock;
+
bool ksmbd_conn_alive(struct ksmbd_conn *conn);
void ksmbd_conn_wait_idle(struct ksmbd_conn *conn);
struct ksmbd_conn *ksmbd_conn_alloc(void);
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index a1c284c49e41..3cff00fed97e 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6470,8 +6470,9 @@ static struct ksmbd_lock *smb2_lock_init(struct file_lock *flock,
lock->flags = flags;
if (lock->start == lock->end)
lock->zero_len = 1;
+ INIT_LIST_HEAD(&lock->clist);
+ INIT_LIST_HEAD(&lock->flist);
INIT_LIST_HEAD(&lock->llist);
- INIT_LIST_HEAD(&lock->glist);
list_add_tail(&lock->llist, lock_list);
return lock;
@@ -6510,7 +6511,8 @@ int smb2_lock(struct ksmbd_work *work)
int cmd = 0;
int err = 0, i;
u64 lock_start, lock_length;
- struct ksmbd_lock *smb_lock = NULL, *cmp_lock, *tmp;
+ struct ksmbd_lock *smb_lock = NULL, *cmp_lock, *tmp, *tmp2;
+ struct ksmbd_conn *conn;
int nolock = 0;
LIST_HEAD(lock_list);
LIST_HEAD(rollback_list);
@@ -6619,72 +6621,89 @@ int smb2_lock(struct ksmbd_work *work)
if (!(smb_lock->flags & SMB2_LOCKFLAG_UNLOCK) &&
!(smb_lock->flags & SMB2_LOCKFLAG_FAIL_IMMEDIATELY))
- goto no_check_gl;
+ goto no_check_cl;
nolock = 1;
- /* check locks in global list */
- list_for_each_entry(cmp_lock, &global_lock_list, glist) {
- if (file_inode(cmp_lock->fl->fl_file) !=
- file_inode(smb_lock->fl->fl_file))
- continue;
+ /* check locks in connection list */
+ read_lock(&conn_list_lock);
+ list_for_each_entry(conn, &conn_list, conns_list) {
+ spin_lock(&conn->llist_lock);
+ list_for_each_entry_safe(cmp_lock, tmp2, &conn->lock_list, clist) {
+ if (file_inode(cmp_lock->fl->fl_file) !=
+ file_inode(smb_lock->fl->fl_file))
+ continue;
- if (smb_lock->fl->fl_type == F_UNLCK) {
- if (cmp_lock->fl->fl_file == smb_lock->fl->fl_file &&
- cmp_lock->start == smb_lock->start &&
- cmp_lock->end == smb_lock->end &&
- !lock_defer_pending(cmp_lock->fl)) {
- nolock = 0;
- locks_free_lock(cmp_lock->fl);
- list_del(&cmp_lock->glist);
- kfree(cmp_lock);
- break;
+ if (smb_lock->fl->fl_type == F_UNLCK) {
+ if (cmp_lock->fl->fl_file == smb_lock->fl->fl_file &&
+ cmp_lock->start == smb_lock->start &&
+ cmp_lock->end == smb_lock->end &&
+ !lock_defer_pending(cmp_lock->fl)) {
+ nolock = 0;
+ list_del(&cmp_lock->flist);
+ list_del(&cmp_lock->clist);
+ spin_unlock(&conn->llist_lock);
+ read_unlock(&conn_list_lock);
+
+ locks_free_lock(cmp_lock->fl);
+ kfree(cmp_lock);
+ goto out_check_cl;
+ }
+ continue;
}
- continue;
- }
- if (cmp_lock->fl->fl_file == smb_lock->fl->fl_file) {
- if (smb_lock->flags & SMB2_LOCKFLAG_SHARED)
- continue;
- } else {
- if (cmp_lock->flags & SMB2_LOCKFLAG_SHARED)
- continue;
- }
+ if (cmp_lock->fl->fl_file == smb_lock->fl->fl_file) {
+ if (smb_lock->flags & SMB2_LOCKFLAG_SHARED)
+ continue;
+ } else {
+ if (cmp_lock->flags & SMB2_LOCKFLAG_SHARED)
+ continue;
+ }
- /* check zero byte lock range */
- if (cmp_lock->zero_len && !smb_lock->zero_len &&
- cmp_lock->start > smb_lock->start &&
- cmp_lock->start < smb_lock->end) {
- pr_err("previous lock conflict with zero byte lock range\n");
- rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
- goto out;
- }
+ /* check zero byte lock range */
+ if (cmp_lock->zero_len && !smb_lock->zero_len &&
+ cmp_lock->start > smb_lock->start &&
+ cmp_lock->start < smb_lock->end) {
+ spin_unlock(&conn->llist_lock);
+ read_unlock(&conn_list_lock);
+ pr_err("previous lock conflict with zero byte lock range\n");
+ rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
- if (smb_lock->zero_len && !cmp_lock->zero_len &&
- smb_lock->start > cmp_lock->start &&
- smb_lock->start < cmp_lock->end) {
- pr_err("current lock conflict with zero byte lock range\n");
- rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
- goto out;
- }
+ if (smb_lock->zero_len && !cmp_lock->zero_len &&
+ smb_lock->start > cmp_lock->start &&
+ smb_lock->start < cmp_lock->end) {
+ spin_unlock(&conn->llist_lock);
+ read_unlock(&conn_list_lock);
+ pr_err("current lock conflict with zero byte lock range\n");
+ rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
- if (((cmp_lock->start <= smb_lock->start &&
- cmp_lock->end > smb_lock->start) ||
- (cmp_lock->start < smb_lock->end && cmp_lock->end >= smb_lock->end)) &&
- !cmp_lock->zero_len && !smb_lock->zero_len) {
- pr_err("Not allow lock operation on exclusive lock range\n");
- rsp->hdr.Status =
- STATUS_LOCK_NOT_GRANTED;
- goto out;
+ if (((cmp_lock->start <= smb_lock->start &&
+ cmp_lock->end > smb_lock->start) ||
+ (cmp_lock->start < smb_lock->end &&
+ cmp_lock->end >= smb_lock->end)) &&
+ !cmp_lock->zero_len && !smb_lock->zero_len) {
+ spin_unlock(&conn->llist_lock);
+ read_unlock(&conn_list_lock);
+ pr_err("Not allow lock operation on exclusive lock range\n");
+ rsp->hdr.Status =
+ STATUS_LOCK_NOT_GRANTED;
+ goto out;
+ }
}
+ spin_unlock(&conn->llist_lock);
}
-
+ read_unlock(&conn_list_lock);
+out_check_cl:
if (smb_lock->fl->fl_type == F_UNLCK && nolock) {
pr_err("Try to unlock nolocked range\n");
rsp->hdr.Status = STATUS_RANGE_NOT_LOCKED;
goto out;
}
-no_check_gl:
+no_check_cl:
if (smb_lock->zero_len) {
err = 0;
goto skip;
@@ -6710,8 +6729,10 @@ int smb2_lock(struct ksmbd_work *work)
ksmbd_debug(SMB,
"would have to wait for getting lock\n");
- list_add_tail(&smb_lock->glist,
- &global_lock_list);
+ spin_lock(&work->conn->llist_lock);
+ list_add_tail(&smb_lock->clist,
+ &work->conn->lock_list);
+ spin_unlock(&work->conn->llist_lock);
list_add(&smb_lock->llist, &rollback_list);
argv = kmalloc(sizeof(void *), GFP_KERNEL);
@@ -6739,7 +6760,9 @@ int smb2_lock(struct ksmbd_work *work)
if (work->state != KSMBD_WORK_ACTIVE) {
list_del(&smb_lock->llist);
- list_del(&smb_lock->glist);
+ spin_lock(&work->conn->llist_lock);
+ list_del(&smb_lock->clist);
+ spin_unlock(&work->conn->llist_lock);
locks_free_lock(flock);
if (work->state == KSMBD_WORK_CANCELLED) {
@@ -6763,14 +6786,21 @@ int smb2_lock(struct ksmbd_work *work)
}
list_del(&smb_lock->llist);
- list_del(&smb_lock->glist);
+ spin_lock(&work->conn->llist_lock);
+ list_del(&smb_lock->clist);
+ spin_unlock(&work->conn->llist_lock);
+
spin_lock(&fp->f_lock);
list_del(&work->fp_entry);
spin_unlock(&fp->f_lock);
goto retry;
} else if (!err) {
- list_add_tail(&smb_lock->glist,
- &global_lock_list);
+ spin_lock(&work->conn->llist_lock);
+ list_add_tail(&smb_lock->clist,
+ &work->conn->lock_list);
+ list_add_tail(&smb_lock->flist,
+ &fp->lock_list);
+ spin_unlock(&work->conn->llist_lock);
list_add(&smb_lock->llist, &rollback_list);
ksmbd_debug(SMB, "successful in taking lock\n");
} else {
@@ -6809,8 +6839,14 @@ int smb2_lock(struct ksmbd_work *work)
err = vfs_lock_file(filp, 0, rlock, NULL);
if (err)
pr_err("rollback unlock fail : %d\n", err);
+
list_del(&smb_lock->llist);
- list_del(&smb_lock->glist);
+ spin_lock(&work->conn->llist_lock);
+ if (!list_empty(&smb_lock->flist))
+ list_del(&smb_lock->flist);
+ list_del(&smb_lock->clist);
+ spin_unlock(&work->conn->llist_lock);
+
locks_free_lock(smb_lock->fl);
locks_free_lock(rlock);
kfree(smb_lock);
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index b573575a1de5..61686d739ffc 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -23,8 +23,6 @@ static const char basechars[43] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-!@#$%";
#define mangle(V) ((char)(basechars[(V) % MANGLE_BASE]))
#define KSMBD_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr))
-LIST_HEAD(global_lock_list);
-
struct smb_protocol {
int index;
char *name;
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 8489b92229fa..95f297177c1a 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -48,8 +48,6 @@
#define CIFS_DEFAULT_IOSIZE (64 * 1024)
#define MAX_CIFS_SMALL_BUFFER_SIZE 448 /* big enough for most */
-extern struct list_head global_lock_list;
-
/* RFC 1002 session packet types */
#define RFC1002_SESSION_MESSAGE 0x00
#define RFC1002_SESSION_REQUEST 0x81
diff --git a/fs/ksmbd/vfs_cache.c b/fs/ksmbd/vfs_cache.c
index f9012016bada..f5b3f94b7f9b 100644
--- a/fs/ksmbd/vfs_cache.c
+++ b/fs/ksmbd/vfs_cache.c
@@ -301,6 +301,7 @@ static void __ksmbd_remove_fd(struct ksmbd_file_table *ft, struct ksmbd_file *fp
static void __ksmbd_close_fd(struct ksmbd_file_table *ft, struct ksmbd_file *fp)
{
struct file *filp;
+ struct ksmbd_lock *smb_lock, *tmp_lock;
fd_limit_close();
__ksmbd_remove_durable_fd(fp);
@@ -312,6 +313,20 @@ static void __ksmbd_close_fd(struct ksmbd_file_table *ft, struct ksmbd_file *fp)
__ksmbd_inode_close(fp);
if (!IS_ERR_OR_NULL(filp))
fput(filp);
+
+ /* because the reference count of fp is 0, it is guaranteed that
+ * there are not accesses to fp->lock_list.
+ */
+ list_for_each_entry_safe(smb_lock, tmp_lock, &fp->lock_list, flist) {
+ spin_lock(&fp->conn->llist_lock);
+ list_del(&smb_lock->clist);
+ spin_unlock(&fp->conn->llist_lock);
+
+ list_del(&smb_lock->flist);
+ locks_free_lock(smb_lock->fl);
+ kfree(smb_lock);
+ }
+
kfree(fp->filename);
if (ksmbd_stream_fd(fp))
kfree(fp->stream.name);
@@ -548,6 +563,7 @@ struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
INIT_LIST_HEAD(&fp->blocked_works);
INIT_LIST_HEAD(&fp->node);
+ INIT_LIST_HEAD(&fp->lock_list);
spin_lock_init(&fp->f_lock);
atomic_set(&fp->refcount, 1);
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index 70e987293564..70dfe6a99f13 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -30,7 +30,8 @@ struct ksmbd_session;
struct ksmbd_lock {
struct file_lock *fl;
- struct list_head glist;
+ struct list_head clist;
+ struct list_head flist;
struct list_head llist;
unsigned int flags;
int cmd;
@@ -91,6 +92,7 @@ struct ksmbd_file {
struct stream stream;
struct list_head node;
struct list_head blocked_works;
+ struct list_head lock_list;
int durable_timeout;
From patchwork Mon Nov 14 12:51:21 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183269
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:34 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:33 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:33 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 172/308] ksmbd: uninterruptible wait for a file
being unlocked
Date: Mon, 14 Nov 2022 20:51:21 +0800
Message-ID: <20221114125337.1831594-173-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
72a4f653-8c20-43ff-238b-08dac63c71d0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7377165
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 45a64e8b08493b768fa029a5508cec8cf2b89f2d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/45a64e8b0849
-------------------------------
the wait can be canceled by SMB2_CANCEL, SMB2_CLOSE,
SMB2_LOGOFF, disconnection or shutdown, we don't have
to use wait_event_interruptible.
And this remove the warning from Coverity:
CID 1502834 (#1 of 1): Unused value (UNUSED_VALUE)
returned_value: Assigning value from ksmbd_vfs_posix_lock_wait(flock)
to err here, but that stored value is overwritten before it can be used.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
fs/ksmbd/vfs.c | 4 ++--
fs/ksmbd/vfs.h | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 3cff00fed97e..91c199af51b7 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6756,7 +6756,7 @@ int smb2_lock(struct ksmbd_work *work)
smb2_send_interim_resp(work, STATUS_PENDING);
- err = ksmbd_vfs_posix_lock_wait(flock);
+ ksmbd_vfs_posix_lock_wait(flock);
if (work->state != KSMBD_WORK_ACTIVE) {
list_del(&smb_lock->llist);
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index f6eb746fbd03..53fbcb95f3b3 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -1737,9 +1737,9 @@ int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
return 0;
}
-int ksmbd_vfs_posix_lock_wait(struct file_lock *flock)
+void ksmbd_vfs_posix_lock_wait(struct file_lock *flock)
{
- return wait_event_interruptible(flock->fl_wait, !flock->fl_blocker);
+ wait_event(flock->fl_wait, !flock->fl_blocker);
}
int ksmbd_vfs_posix_lock_wait_timeout(struct file_lock *flock, long timeout)
diff --git a/fs/ksmbd/vfs.h b/fs/ksmbd/vfs.h
index e30174a0e5a1..319316f49aee 100644
--- a/fs/ksmbd/vfs.h
+++ b/fs/ksmbd/vfs.h
@@ -159,7 +159,7 @@ int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry);
void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
struct ksmbd_kstat *ksmbd_kstat);
-int ksmbd_vfs_posix_lock_wait(struct file_lock *flock);
+void ksmbd_vfs_posix_lock_wait(struct file_lock *flock);
int ksmbd_vfs_posix_lock_wait_timeout(struct file_lock *flock, long timeout);
void ksmbd_vfs_posix_lock_unblock(struct file_lock *flock);
int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry);
From patchwork Mon Nov 14 12:51:22 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183270
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:34 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:34 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:33 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 173/308] ksmbd: make smb2_find_context_vals return
NULL if not found
Date: Mon, 14 Nov 2022 20:51:22 +0800
Message-ID: <20221114125337.1831594-174-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
915634cf-87b8-422d-014f-08dac63c7219
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6284011
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit ce154c32af3c60727171ff28ae97bcceda63b1c6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ce154c32af3c
-------------------------------
instead of -ENOENT, make smb2_find_context_vals
return NULL if the given context cannot be found.
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/oplock.c | 2 +-
fs/ksmbd/smb2pdu.c | 14 +++++++-------
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index a9f171ccf770..96e486ebf2e1 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -1472,7 +1472,7 @@ struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
next = le32_to_cpu(cc->Next);
} while (next != 0);
- return ERR_PTR(-ENOENT);
+ return NULL;
}
/**
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 91c199af51b7..f158b7e104da 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2127,7 +2127,7 @@ static inline int check_context_err(void *ctx, char *str)
int err;
err = PTR_ERR(ctx);
- ksmbd_debug(SMB, "find context %s err %d\n", str, err);
+ ksmbd_debug(SMB, "find context %s err %d\n", str, err ? err : -ENOENT);
if (err == -EINVAL) {
pr_err("bad name length\n");
@@ -2514,7 +2514,7 @@ int smb2_open(struct ksmbd_work *work)
if (req->CreateContextsOffset) {
/* Parse non-durable handle create contexts */
context = smb2_find_context_vals(req, SMB2_CREATE_EA_BUFFER);
- if (IS_ERR(context)) {
+ if (IS_ERR_OR_NULL(context)) {
rc = check_context_err(context, SMB2_CREATE_EA_BUFFER);
if (rc < 0)
goto err_out1;
@@ -2529,7 +2529,7 @@ int smb2_open(struct ksmbd_work *work)
context = smb2_find_context_vals(req,
SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
- if (IS_ERR(context)) {
+ if (IS_ERR_OR_NULL(context)) {
rc = check_context_err(context,
SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
if (rc < 0)
@@ -2542,7 +2542,7 @@ int smb2_open(struct ksmbd_work *work)
context = smb2_find_context_vals(req,
SMB2_CREATE_TIMEWARP_REQUEST);
- if (IS_ERR(context)) {
+ if (IS_ERR_OR_NULL(context)) {
rc = check_context_err(context,
SMB2_CREATE_TIMEWARP_REQUEST);
if (rc < 0)
@@ -2556,7 +2556,7 @@ int smb2_open(struct ksmbd_work *work)
if (tcon->posix_extensions) {
context = smb2_find_context_vals(req,
SMB2_CREATE_TAG_POSIX);
- if (IS_ERR(context)) {
+ if (IS_ERR_OR_NULL(context)) {
rc = check_context_err(context,
SMB2_CREATE_TAG_POSIX);
if (rc < 0)
@@ -2949,7 +2949,7 @@ int smb2_open(struct ksmbd_work *work)
az_req = (struct create_alloc_size_req *)smb2_find_context_vals(req,
SMB2_CREATE_ALLOCATION_SIZE);
- if (IS_ERR(az_req)) {
+ if (IS_ERR_OR_NULL(az_req)) {
rc = check_context_err(az_req,
SMB2_CREATE_ALLOCATION_SIZE);
if (rc < 0)
@@ -2971,7 +2971,7 @@ int smb2_open(struct ksmbd_work *work)
}
context = smb2_find_context_vals(req, SMB2_CREATE_QUERY_ON_DISK_ID);
- if (IS_ERR(context)) {
+ if (IS_ERR_OR_NULL(context)) {
rc = check_context_err(context, SMB2_CREATE_QUERY_ON_DISK_ID);
if (rc < 0)
goto err_out;
From patchwork Mon Nov 14 12:51:23 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183271
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:34 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:34 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:34 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 174/308] ksmbd: handle error cases first in
smb2_create_sd_buffers
Date: Mon, 14 Nov 2022 20:51:23 +0800
Message-ID: <20221114125337.1831594-175-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9f940df1-25e4-4cb2-47cb-08dac63c7261
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7007338
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 21dd1fd6d718ac59841c3ee3d0b1d82508ef24dc
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/21dd1fd6d718
-------------------------------
For code cleanup, handle error cases first in
smb2_create_sd_buffers().
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 24 +++++++++++-------------
1 file changed, 11 insertions(+), 13 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index f158b7e104da..b842768fc209 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2309,25 +2309,23 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work,
struct path *path)
{
struct create_context *context;
- int rc = -ENOENT;
+ struct create_sd_buf_req *sd_buf;
if (!req->CreateContextsOffset)
- return rc;
+ return -ENOENT;
/* Parse SD BUFFER create contexts */
context = smb2_find_context_vals(req, SMB2_CREATE_SD_BUFFER);
- if (context && !IS_ERR(context)) {
- struct create_sd_buf_req *sd_buf;
-
- ksmbd_debug(SMB,
- "Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
- sd_buf = (struct create_sd_buf_req *)context;
- rc = set_info_sec(work->conn, work->tcon,
- path, &sd_buf->ntsd,
- le32_to_cpu(sd_buf->ccontext.DataLength), true);
- }
+ if (!context)
+ return -ENOENT;
+ else if (IS_ERR(context))
+ return PTR_ERR(context);
- return rc;
+ ksmbd_debug(SMB,
+ "Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
+ sd_buf = (struct create_sd_buf_req *)context;
+ return set_info_sec(work->conn, work->tcon, path, &sd_buf->ntsd,
+ le32_to_cpu(sd_buf->ccontext.DataLength), true);
}
static void ksmbd_acls_fattr(struct smb_fattr *fattr, struct inode *inode)
From patchwork Mon Nov 14 12:51:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183272
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:35 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:35 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:34 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 175/308] ksmbd: remove unneeded check_context_err
Date: Mon, 14 Nov 2022 20:51:24 +0800
Message-ID: <20221114125337.1831594-176-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
8f76db5b-f95c-4c36-4b54-08dac63c72aa
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7089439
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit f19b3967fb0967aa02b8bfe26ce186ca7525dff7
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f19b3967fb09
-------------------------------
Coverity Scan seems to report false alarm.
*** CID 1505930: (USE_AFTER_FREE)
/fs/ksmbd/smb2pdu.c: 2527 in smb2_open()
>>> CID 1505930: (USE_AFTER_FREE)
>>> Passing freed pointer "context" as an argument to
>>> "check_context_err".
This patch remove unneeded check_context_err to make coverity scan
happy.
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/oplock.c | 3 +-
fs/ksmbd/smb2pdu.c | 73 +++++++++++++++-------------------------------
2 files changed, 26 insertions(+), 50 deletions(-)
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 96e486ebf2e1..8bb62aae6e32 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -1446,7 +1446,8 @@ struct lease_ctx_info *parse_lease_state(void *open_req)
* @open_req: buffer containing smb2 file open(create) request
* @tag: context name to search for
*
- * Return: pointer to requested context, NULL if @str context not found
+ * Return: pointer to requested context, NULL if @str context not found
+ * or error pointer if name length is invalid.
*/
struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
{
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index b842768fc209..73958167c4f4 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2122,21 +2122,6 @@ static int smb2_set_ea(struct smb2_ea_info *eabuf, struct path *path)
return rc;
}
-static inline int check_context_err(void *ctx, char *str)
-{
- int err;
-
- err = PTR_ERR(ctx);
- ksmbd_debug(SMB, "find context %s err %d\n", str, err ? err : -ENOENT);
-
- if (err == -EINVAL) {
- pr_err("bad name length\n");
- return err;
- }
-
- return 0;
-}
-
static noinline int smb2_set_stream_name_xattr(struct path *path,
struct ksmbd_file *fp,
char *stream_name, int s_type)
@@ -2512,11 +2497,10 @@ int smb2_open(struct ksmbd_work *work)
if (req->CreateContextsOffset) {
/* Parse non-durable handle create contexts */
context = smb2_find_context_vals(req, SMB2_CREATE_EA_BUFFER);
- if (IS_ERR_OR_NULL(context)) {
- rc = check_context_err(context, SMB2_CREATE_EA_BUFFER);
- if (rc < 0)
- goto err_out1;
- } else {
+ if (IS_ERR(context)) {
+ rc = PTR_ERR(context);
+ goto err_out1;
+ } else if (context) {
ea_buf = (struct create_ea_buf_req *)context;
if (req->CreateOptions & FILE_NO_EA_KNOWLEDGE_LE) {
rsp->hdr.Status = STATUS_ACCESS_DENIED;
@@ -2527,12 +2511,10 @@ int smb2_open(struct ksmbd_work *work)
context = smb2_find_context_vals(req,
SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
- if (IS_ERR_OR_NULL(context)) {
- rc = check_context_err(context,
- SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST);
- if (rc < 0)
- goto err_out1;
- } else {
+ if (IS_ERR(context)) {
+ rc = PTR_ERR(context);
+ goto err_out1;
+ } else if (context) {
ksmbd_debug(SMB,
"get query maximal access context\n");
maximal_access_ctxt = 1;
@@ -2540,12 +2522,10 @@ int smb2_open(struct ksmbd_work *work)
context = smb2_find_context_vals(req,
SMB2_CREATE_TIMEWARP_REQUEST);
- if (IS_ERR_OR_NULL(context)) {
- rc = check_context_err(context,
- SMB2_CREATE_TIMEWARP_REQUEST);
- if (rc < 0)
- goto err_out1;
- } else {
+ if (IS_ERR(context)) {
+ rc = PTR_ERR(context);
+ goto err_out1;
+ } else if (context) {
ksmbd_debug(SMB, "get timewarp context\n");
rc = -EBADF;
goto err_out1;
@@ -2554,12 +2534,10 @@ int smb2_open(struct ksmbd_work *work)
if (tcon->posix_extensions) {
context = smb2_find_context_vals(req,
SMB2_CREATE_TAG_POSIX);
- if (IS_ERR_OR_NULL(context)) {
- rc = check_context_err(context,
- SMB2_CREATE_TAG_POSIX);
- if (rc < 0)
- goto err_out1;
- } else {
+ if (IS_ERR(context)) {
+ rc = PTR_ERR(context);
+ goto err_out1;
+ } else if (context) {
struct create_posix *posix =
(struct create_posix *)context;
ksmbd_debug(SMB, "get posix context\n");
@@ -2947,12 +2925,10 @@ int smb2_open(struct ksmbd_work *work)
az_req = (struct create_alloc_size_req *)smb2_find_context_vals(req,
SMB2_CREATE_ALLOCATION_SIZE);
- if (IS_ERR_OR_NULL(az_req)) {
- rc = check_context_err(az_req,
- SMB2_CREATE_ALLOCATION_SIZE);
- if (rc < 0)
- goto err_out;
- } else {
+ if (IS_ERR(az_req)) {
+ rc = PTR_ERR(az_req);
+ goto err_out;
+ } else if (az_req) {
loff_t alloc_size = le64_to_cpu(az_req->AllocationSize);
int err;
@@ -2969,11 +2945,10 @@ int smb2_open(struct ksmbd_work *work)
}
context = smb2_find_context_vals(req, SMB2_CREATE_QUERY_ON_DISK_ID);
- if (IS_ERR_OR_NULL(context)) {
- rc = check_context_err(context, SMB2_CREATE_QUERY_ON_DISK_ID);
- if (rc < 0)
- goto err_out;
- } else {
+ if (IS_ERR(context)) {
+ rc = PTR_ERR(context);
+ goto err_out;
+ } else if (context) {
ksmbd_debug(SMB, "get query on disk id context\n");
query_disk_id = 1;
}
From patchwork Mon Nov 14 12:51:25 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183273
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:35 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:35 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:35 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 176/308] ksmbd: fix memory leak in
ksmbd_vfs_get_sd_xattr()
Date: Mon, 14 Nov 2022 20:51:25 +0800
Message-ID: <20221114125337.1831594-177-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
51812b92-5d4a-40db-03fd-08dac63c72f3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6969799
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 78ad2c277af4cf503f985fd506fbb1f8576460f2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/78ad2c277af4
-------------------------------
Add free acl.sd_buf and n.data on error handling in
ksmbd_vfs_get_sd_xattr().
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/vfs.c | 99 ++++++++++++++++++++++++++------------------------
1 file changed, 52 insertions(+), 47 deletions(-)
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 53fbcb95f3b3..f10dfdb596e4 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -1458,61 +1458,66 @@ int ksmbd_vfs_get_sd_xattr(struct ksmbd_conn *conn, struct dentry *dentry,
{
int rc;
struct ndr n;
+ struct inode *inode = d_inode(dentry);
+ struct ndr acl_ndr = {0};
+ struct xattr_ntacl acl;
+ struct xattr_smb_acl *smb_acl = NULL, *def_smb_acl = NULL;
+ __u8 cmp_hash[XATTR_SD_HASH_SIZE] = {0};
rc = ksmbd_vfs_getxattr(dentry, XATTR_NAME_SD, &n.data);
- if (rc > 0) {
- struct inode *inode = d_inode(dentry);
- struct ndr acl_ndr = {0};
- struct xattr_ntacl acl;
- struct xattr_smb_acl *smb_acl = NULL, *def_smb_acl = NULL;
- __u8 cmp_hash[XATTR_SD_HASH_SIZE] = {0};
-
- n.length = rc;
- rc = ndr_decode_v4_ntacl(&n, &acl);
- if (rc)
- return rc;
-
- smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
- ACL_TYPE_ACCESS);
- if (S_ISDIR(inode->i_mode))
- def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
- ACL_TYPE_DEFAULT);
-
- rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
- if (rc) {
- pr_err("failed to encode ndr to posix acl\n");
- goto out;
- }
+ if (rc <= 0)
+ return rc;
- rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
- cmp_hash);
- if (rc) {
- pr_err("failed to generate hash for ndr acl\n");
- goto out;
- }
+ n.length = rc;
+ rc = ndr_decode_v4_ntacl(&n, &acl);
+ if (rc)
+ goto free_n_data;
- if (memcmp(cmp_hash, acl.posix_acl_hash, XATTR_SD_HASH_SIZE)) {
- pr_err("hash value diff\n");
- rc = -EINVAL;
- goto out;
- }
+ smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
+ ACL_TYPE_ACCESS);
+ if (S_ISDIR(inode->i_mode))
+ def_smb_acl = ksmbd_vfs_make_xattr_posix_acl(inode,
+ ACL_TYPE_DEFAULT);
+
+ rc = ndr_encode_posix_acl(&acl_ndr, inode, smb_acl, def_smb_acl);
+ if (rc) {
+ pr_err("failed to encode ndr to posix acl\n");
+ goto out_free;
+ }
- *pntsd = acl.sd_buf;
- (*pntsd)->osidoffset =
- cpu_to_le32(le32_to_cpu((*pntsd)->osidoffset) - NDR_NTSD_OFFSETOF);
- (*pntsd)->gsidoffset =
- cpu_to_le32(le32_to_cpu((*pntsd)->gsidoffset) - NDR_NTSD_OFFSETOF);
- (*pntsd)->dacloffset =
- cpu_to_le32(le32_to_cpu((*pntsd)->dacloffset) - NDR_NTSD_OFFSETOF);
+ rc = ksmbd_gen_sd_hash(conn, acl_ndr.data, acl_ndr.offset,
+ cmp_hash);
+ if (rc) {
+ pr_err("failed to generate hash for ndr acl\n");
+ goto out_free;
+ }
- rc = acl.sd_size;
-out:
- kfree(n.data);
- kfree(acl_ndr.data);
- kfree(smb_acl);
- kfree(def_smb_acl);
+ if (memcmp(cmp_hash, acl.posix_acl_hash, XATTR_SD_HASH_SIZE)) {
+ pr_err("hash value diff\n");
+ rc = -EINVAL;
+ goto out_free;
}
+ *pntsd = acl.sd_buf;
+ (*pntsd)->osidoffset =
+ cpu_to_le32(le32_to_cpu((*pntsd)->osidoffset) - NDR_NTSD_OFFSETOF);
+ (*pntsd)->gsidoffset =
+ cpu_to_le32(le32_to_cpu((*pntsd)->gsidoffset) - NDR_NTSD_OFFSETOF);
+ (*pntsd)->dacloffset =
+ cpu_to_le32(le32_to_cpu((*pntsd)->dacloffset) - NDR_NTSD_OFFSETOF);
+
+ rc = acl.sd_size;
+out_free:
+ kfree(acl_ndr.data);
+ kfree(smb_acl);
+ kfree(def_smb_acl);
+ if (rc < 0) {
+ kfree(acl.sd_buf);
+ *pntsd = NULL;
+ }
+
+free_n_data:
+ kfree(n.data);
return rc;
}
From patchwork Mon Nov 14 12:51:26 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183274
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:36 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:36 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:35 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 177/308] ksmbd: fix unused err value in smb2_lock
Date: Mon, 14 Nov 2022 20:51:26 +0800
Message-ID: <20221114125337.1831594-178-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2616f0b4-83f4-4cd8-e168-08dac63c733b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.1497548
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 96ad4ec51c06c6fafc10b4e3a20753e127ce27d4
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/96ad4ec51c06
-------------------------------
CID 1502845 (#1 of 1): Unused value (UNUSED_VALUE)
value_overwrite: Overwriting previous write to err with value from
vfs_lock_file(filp, 0U, rlock, NULL).
6880 err = vfs_lock_file(filp, 0, rlock, NULL);
6881 if (err)
6882 pr_err("rollback unlock fail : %d\n", err);
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 73958167c4f4..e63079e3459d 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6792,7 +6792,7 @@ int smb2_lock(struct ksmbd_work *work)
rsp->Reserved = 0;
inc_rfc1001_len(rsp, 4);
ksmbd_fd_put(work, fp);
- return err;
+ return 0;
out:
list_for_each_entry_safe(smb_lock, tmp, &lock_list, llist) {
@@ -6803,15 +6803,16 @@ int smb2_lock(struct ksmbd_work *work)
list_for_each_entry_safe(smb_lock, tmp, &rollback_list, llist) {
struct file_lock *rlock = NULL;
+ int rc;
rlock = smb_flock_init(filp);
rlock->fl_type = F_UNLCK;
rlock->fl_start = smb_lock->start;
rlock->fl_end = smb_lock->end;
- err = vfs_lock_file(filp, 0, rlock, NULL);
- if (err)
- pr_err("rollback unlock fail : %d\n", err);
+ rc = vfs_lock_file(filp, 0, rlock, NULL);
+ if (rc)
+ pr_err("rollback unlock fail : %d\n", rc);
list_del(&smb_lock->llist);
spin_lock(&work->conn->llist_lock);
@@ -6828,7 +6829,7 @@ int smb2_lock(struct ksmbd_work *work)
ksmbd_debug(SMB, "failed in taking lock(flags : %x)\n", flags);
smb2_set_err_rsp(work);
ksmbd_fd_put(work, fp);
- return 0;
+ return err;
}
static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
From patchwork Mon Nov 14 12:51:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183275
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:37 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:37 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:36 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 178/308] ksmbd: set RDMA capability for
FSCTL_QUERY_NETWORK_INTERFACE_INFO
Date: Mon, 14 Nov 2022 20:51:27 +0800
Message-ID: <20221114125337.1831594-179-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d44b2bce-c27d-46ef-cde1-08dac63c73c7
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6762099
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 03d8d4f1896eba2240aa946ce591e86e538504cd
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/03d8d4f1896e
-------------------------------
set RDMA capability for
FSCTL_QUERY_NETWORK_INTERFACE_INFO.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 9 +++++----
fs/ksmbd/transport_rdma.c | 14 ++++++++++++++
fs/ksmbd/transport_rdma.h | 2 ++
3 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index e63079e3459d..681b78caa333 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -22,6 +22,7 @@
#include "asn1.h"
#include "connection.h"
#include "transport_ipc.h"
+#include "transport_rdma.h"
#include "vfs.h"
#include "vfs_cache.h"
#include "misc.h"
@@ -6985,11 +6986,11 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
&rsp->Buffer[nbytes];
nii_rsp->IfIndex = cpu_to_le32(netdev->ifindex);
- /* TODO: specify the RDMA capabilities */
+ nii_rsp->Capability = 0;
if (netdev->num_tx_queues > 1)
- nii_rsp->Capability = cpu_to_le32(RSS_CAPABLE);
- else
- nii_rsp->Capability = 0;
+ nii_rsp->Capability |= cpu_to_le32(RSS_CAPABLE);
+ if (ksmbd_rdma_capable_netdev(netdev))
+ nii_rsp->Capability |= cpu_to_le32(RDMA_CAPABLE);
nii_rsp->Next = cpu_to_le32(152);
nii_rsp->Reserved = 0;
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index d5728c84a15a..f818fe358f31 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -2033,6 +2033,20 @@ int ksmbd_rdma_destroy(void)
return 0;
}
+bool ksmbd_rdma_capable_netdev(struct net_device *netdev)
+{
+ struct ib_device *ibdev;
+ bool rdma_capable = false;
+
+ ibdev = ib_device_get_by_netdev(netdev, RDMA_DRIVER_UNKNOWN);
+ if (ibdev) {
+ if (rdma_frwr_is_supported(&ibdev->attrs))
+ rdma_capable = true;
+ ib_device_put(ibdev);
+ }
+ return rdma_capable;
+}
+
static struct ksmbd_transport_ops ksmbd_smb_direct_transport_ops = {
.prepare = smb_direct_prepare,
.disconnect = smb_direct_disconnect,
diff --git a/fs/ksmbd/transport_rdma.h b/fs/ksmbd/transport_rdma.h
index da60fcec3ede..72e2574079f3 100644
--- a/fs/ksmbd/transport_rdma.h
+++ b/fs/ksmbd/transport_rdma.h
@@ -53,9 +53,11 @@ struct smb_direct_data_transfer {
#ifdef CONFIG_SMB_SERVER_SMBDIRECT
int ksmbd_rdma_init(void);
int ksmbd_rdma_destroy(void);
+bool ksmbd_rdma_capable_netdev(struct net_device *netdev);
#else
static inline int ksmbd_rdma_init(void) { return 0; }
static inline int ksmbd_rdma_destroy(void) { return 0; }
+static inline bool ksmbd_rdma_capable_netdev(struct net_device *netdev) { return false; }
#endif
#endif /* __KSMBD_TRANSPORT_RDMA_H__ */
From patchwork Mon Nov 14 12:51:28 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183276
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:37 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:37 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:37 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 179/308] ksmbd: fix an error message in
ksmbd_conn_trasnport_init
Date: Mon, 14 Nov 2022 20:51:28 +0800
Message-ID: <20221114125337.1831594-180-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
12a8f6fa-6a8b-42ed-1393-08dac63c7410
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7003726
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 0a427cc638ada13a703b044f38f4b01628c4e620
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/0a427cc638ad
-------------------------------
Fix an error message in ksmbd_conn_transport_init().
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 8430848bea45..d7ee0bfb5838 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -372,7 +372,7 @@ int ksmbd_conn_transport_init(void)
ret = ksmbd_rdma_init();
if (ret) {
- pr_err("Failed to init KSMBD subsystem: %d\n", ret);
+ pr_err("Failed to init RDMA subsystem: %d\n", ret);
goto out;
}
out:
From patchwork Mon Nov 14 12:51:29 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183277
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:38 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:38 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:37 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 180/308] ksmbd: fix typo in comment
Date: Mon, 14 Nov 2022 20:51:29 +0800
Message-ID: <20221114125337.1831594-181-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6436a593-a006-4f86-4977-08dac63c745a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7047933
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit a9c241d01d0a80209cb7dde76a89f450b0d5a78d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a9c241d01d0a
-------------------------------
Fix typo "openning" -> "opening".
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index d7ee0bfb5838..af086d35398a 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -247,7 +247,7 @@ bool ksmbd_conn_alive(struct ksmbd_conn *conn)
/*
* Stop current session if the time that get last request from client
- * is bigger than deadtime user configured and openning file count is
+ * is bigger than deadtime user configured and opening file count is
* zero.
*/
if (server_conf.deadtime > 0 &&
From patchwork Mon Nov 14 12:51:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183278
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:38 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:38 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:38 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 181/308] ksmbd: fix wrong compression context size
Date: Mon, 14 Nov 2022 20:51:30 +0800
Message-ID: <20221114125337.1831594-182-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
88bb725a-a747-445b-31d5-08dac63c74a4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6840309
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit e4b60e92d4f878b774eca22fa4c00fa04f6354b4
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e4b60e92d4f8
-------------------------------
Use smb2_compression_ctx instead of smb2_encryption_neg_context.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 681b78caa333..685ef11cb8f7 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -924,7 +924,7 @@ static int decode_compress_ctxt(struct ksmbd_conn *conn,
* Return compression context size in request.
* So need to plus extra number of CompressionAlgorithms size.
*/
- return sizeof(struct smb2_encryption_neg_context) +
+ return sizeof(struct smb2_compression_ctx) +
((algo_cnt - 1) * 2);
}
From patchwork Mon Nov 14 12:51:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183279
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:39 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:39 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:38 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 182/308] ksmbd: fix wrong error status return on
session setup
Date: Mon, 14 Nov 2022 20:51:31 +0800
Message-ID: <20221114125337.1831594-183-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
41b52b78-74d2-44bc-674f-08dac63c74ee
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6884486
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 58090b175271870842d823622013d4499f462a10
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/58090b175271
-------------------------------
When user insert wrong password, ksmbd return STATUS_INVALID_PARAMETER
error status to client. It will make user confusing whether it is not
password problem. This patch change error status to
STATUS_LOGON_FAILURE. and return STATUS_INSUFFICIENT_RESOURCES if memory
allocation failed on session setup.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 32 ++++++++++++--------------------
1 file changed, 12 insertions(+), 20 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 685ef11cb8f7..f65e518759a5 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1338,8 +1338,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
user = session_user(conn, req);
if (!user) {
ksmbd_debug(SMB, "Unknown user name or an error\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return -EINVAL;
+ return -EPERM;
}
/* Check for previous session */
@@ -1363,8 +1362,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
if (user_guest(sess->user)) {
if (conn->sign) {
ksmbd_debug(SMB, "Guest login not allowed when signing enabled\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return -EACCES;
+ return -EPERM;
}
rsp->SessionFlags = SMB2_SESSION_FLAG_IS_GUEST_LE;
@@ -1377,8 +1375,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
if (rc) {
set_user_flag(sess->user, KSMBD_USER_FLAG_BAD_PASSWORD);
ksmbd_debug(SMB, "authentication failed\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return -EINVAL;
+ return -EPERM;
}
/*
@@ -1403,8 +1400,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
if (rc) {
ksmbd_debug(SMB,
"SMB3 encryption key generation failed\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return rc;
+ return -EINVAL;
}
sess->enc = true;
rsp->SessionFlags = SMB2_SESSION_FLAG_ENCRYPT_DATA_LE;
@@ -1434,16 +1430,14 @@ static int ntlm_authenticate(struct ksmbd_work *work)
rc = conn->ops->generate_signingkey(sess, conn);
if (rc) {
ksmbd_debug(SMB, "SMB3 signing key generation failed\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return rc;
+ return -EINVAL;
}
}
if (conn->dialect > SMB20_PROT_ID) {
if (!ksmbd_conn_lookup_dialect(conn)) {
pr_err("fail to verify the dialect\n");
- rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
- return -EPERM;
+ return -ENOENT;
}
}
return 0;
@@ -1483,8 +1477,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
out_blob, &out_len);
if (retval) {
ksmbd_debug(SMB, "krb5 authentication failed\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return retval;
+ return -EINVAL;
}
rsp->SecurityBufferLength = cpu_to_le16(out_len);
inc_rfc1001_len(rsp, out_len - 1);
@@ -1499,8 +1492,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
if (retval) {
ksmbd_debug(SMB,
"SMB3 encryption key generation failed\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return retval;
+ return -EINVAL;
}
sess->enc = true;
rsp->SessionFlags = SMB2_SESSION_FLAG_ENCRYPT_DATA_LE;
@@ -1524,16 +1516,14 @@ static int krb5_authenticate(struct ksmbd_work *work)
retval = conn->ops->generate_signingkey(sess, conn);
if (retval) {
ksmbd_debug(SMB, "SMB3 signing key generation failed\n");
- rsp->hdr.Status = STATUS_LOGON_FAILURE;
- return retval;
+ return -EINVAL;
}
}
if (conn->dialect > SMB20_PROT_ID) {
if (!ksmbd_conn_lookup_dialect(conn)) {
pr_err("fail to verify the dialect\n");
- rsp->hdr.Status = STATUS_USER_SESSION_DELETED;
- return -EPERM;
+ return -ENOENT;
}
}
return 0;
@@ -1709,6 +1699,8 @@ int smb2_sess_setup(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_REQUEST_NOT_ACCEPTED;
else if (rc == -EFAULT)
rsp->hdr.Status = STATUS_NETWORK_SESSION_EXPIRED;
+ else if (rc == -ENOMEM)
+ rsp->hdr.Status = STATUS_INSUFFICIENT_RESOURCES;
else if (rc)
rsp->hdr.Status = STATUS_LOGON_FAILURE;
From patchwork Mon Nov 14 12:51:32 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183280
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:40 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:39 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:39 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 183/308] ksmbd: set STATUS_INVALID_PARAMETER error
status if credit charge is invalid
Date: Mon, 14 Nov 2022 20:51:32 +0800
Message-ID: <20221114125337.1831594-184-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6809e2d8-bd4a-4d7f-d3d5-08dac63c7536
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.0829146
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 67307023d02b1339e0b930b742fe5a9cd81284ca
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/67307023d02b
-------------------------------
MS-SMB2 specification describe :
If the calculated credit number is greater than the CreditCharge,
the server MUST fail the request with the error code
STATUS_INVALID_PARAMETER.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/server.c | 20 ++++++++++----------
fs/ksmbd/smb2misc.c | 9 +++++++--
2 files changed, 17 insertions(+), 12 deletions(-)
diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
index c9a3a459f3e6..8db739283d76 100644
--- a/fs/ksmbd/server.c
+++ b/fs/ksmbd/server.c
@@ -101,8 +101,8 @@ static inline int check_conn_state(struct ksmbd_work *work)
return 0;
}
-#define TCP_HANDLER_CONTINUE 0
-#define TCP_HANDLER_ABORT 1
+#define SERVER_HANDLER_CONTINUE 0
+#define SERVER_HANDLER_ABORT 1
static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
u16 *cmd)
@@ -112,10 +112,10 @@ static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
int ret;
if (check_conn_state(work))
- return TCP_HANDLER_CONTINUE;
+ return SERVER_HANDLER_CONTINUE;
if (ksmbd_verify_smb_message(work))
- return TCP_HANDLER_ABORT;
+ return SERVER_HANDLER_ABORT;
command = conn->ops->get_cmd_val(work);
*cmd = command;
@@ -123,21 +123,21 @@ static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
andx_again:
if (command >= conn->max_cmds) {
conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
- return TCP_HANDLER_CONTINUE;
+ return SERVER_HANDLER_CONTINUE;
}
cmds = &conn->cmds[command];
if (!cmds->proc) {
ksmbd_debug(SMB, "*** not implemented yet cmd = %x\n", command);
conn->ops->set_rsp_status(work, STATUS_NOT_IMPLEMENTED);
- return TCP_HANDLER_CONTINUE;
+ return SERVER_HANDLER_CONTINUE;
}
if (work->sess && conn->ops->is_sign_req(work, command)) {
ret = conn->ops->check_sign_req(work);
if (!ret) {
conn->ops->set_rsp_status(work, STATUS_ACCESS_DENIED);
- return TCP_HANDLER_CONTINUE;
+ return SERVER_HANDLER_CONTINUE;
}
}
@@ -153,8 +153,8 @@ static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
}
if (work->send_no_response)
- return TCP_HANDLER_ABORT;
- return TCP_HANDLER_CONTINUE;
+ return SERVER_HANDLER_ABORT;
+ return SERVER_HANDLER_CONTINUE;
}
static void __handle_ksmbd_work(struct ksmbd_work *work,
@@ -203,7 +203,7 @@ static void __handle_ksmbd_work(struct ksmbd_work *work,
do {
rc = __process_request(work, conn, &command);
- if (rc == TCP_HANDLER_ABORT)
+ if (rc == SERVER_HANDLER_ABORT)
break;
/*
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 4508631c5706..e68aa7d718ed 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -423,8 +423,13 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
return 1;
}
- return work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU ?
- smb2_validate_credit_charge(hdr) : 0;
+ if ((work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU) &&
+ smb2_validate_credit_charge(hdr)) {
+ work->conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
+ return 1;
+ }
+
+ return 0;
}
int smb2_negotiate_request(struct ksmbd_work *work)
From patchwork Mon Nov 14 12:51:33 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183281
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:40 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:40 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:39 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 184/308] ksmbd: move credit charge verification
over smb2 request size verification
Date: Mon, 14 Nov 2022 20:51:33 +0800
Message-ID: <20221114125337.1831594-185-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a0bd70af-831b-43e5-8c0d-08dac63c757f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7427916
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit d347d745f06c7e6503abc08f68dc3b71da71596d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d347d745f06c
-------------------------------
Move credit charge verification over smb2 request size verification
to avoid being skipped.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index e68aa7d718ed..9aa46bb3e10d 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -385,6 +385,12 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
}
}
+ if ((work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU) &&
+ smb2_validate_credit_charge(hdr)) {
+ work->conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
+ return 1;
+ }
+
clc_len = smb2_calc_size(hdr);
if (len != clc_len) {
/* server can return one byte more due to implied bcc[0] */
@@ -423,12 +429,6 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
return 1;
}
- if ((work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU) &&
- smb2_validate_credit_charge(hdr)) {
- work->conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
- return 1;
- }
-
return 0;
}
From patchwork Mon Nov 14 12:51:34 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183282
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:40 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:40 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:40 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 185/308] ksmbd: fix typo of MS-SMBD
Date: Mon, 14 Nov 2022 20:51:34 +0800
Message-ID: <20221114125337.1831594-186-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
31d70f0b-313a-485a-03a7-08dac63c75d7
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6854108
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 9223958816f9df133ae936c9371378ba1203e0da
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9223958816f9
-------------------------------
Fix typo : "MS-KSMBD" => "MS-SMBD".
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 2 +-
fs/ksmbd/transport_rdma.h | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index f818fe358f31..f2ae6bae83f1 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -58,7 +58,7 @@
/*
* User configurable initial values per SMB_DIRECT transport connection
- * as defined in [MS-KSMBD] 3.1.1.1
+ * as defined in [MS-SMBD] 3.1.1.1
* Those may change after a SMB_DIRECT negotiation
*/
/* The local peer's maximum number of credits to grant to the peer */
diff --git a/fs/ksmbd/transport_rdma.h b/fs/ksmbd/transport_rdma.h
index 72e2574079f3..0fa8adc0776f 100644
--- a/fs/ksmbd/transport_rdma.h
+++ b/fs/ksmbd/transport_rdma.h
@@ -9,7 +9,7 @@
#define SMB_DIRECT_PORT 5445
-/* SMB DIRECT negotiation request packet [MS-KSMBD] 2.2.1 */
+/* SMB DIRECT negotiation request packet [MS-SMBD] 2.2.1 */
struct smb_direct_negotiate_req {
__le16 min_version;
__le16 max_version;
@@ -20,7 +20,7 @@ struct smb_direct_negotiate_req {
__le32 max_fragmented_size;
} __packed;
-/* SMB DIRECT negotiation response packet [MS-KSMBD] 2.2.2 */
+/* SMB DIRECT negotiation response packet [MS-SMBD] 2.2.2 */
struct smb_direct_negotiate_resp {
__le16 min_version;
__le16 max_version;
@@ -37,7 +37,7 @@ struct smb_direct_negotiate_resp {
#define SMB_DIRECT_RESPONSE_REQUESTED 0x0001
-/* SMB DIRECT data transfer packet with payload [MS-KSMBD] 2.2.3 */
+/* SMB DIRECT data transfer packet with payload [MS-SMBD] 2.2.3 */
struct smb_direct_data_transfer {
__le16 credits_requested;
__le16 credits_granted;
From patchwork Mon Nov 14 12:51:35 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183283
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:41 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:41 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:40 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 186/308] ksmbd: add negotiate context verification
Date: Mon, 14 Nov 2022 20:51:35 +0800
Message-ID: <20221114125337.1831594-187-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3227e8aa-1db0-4bc4-07d8-08dac63c7620
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6995386
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit af320a739029f6f8c5c05e769fadaf88e9b7d34f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/af320a739029
-------------------------------
This patch add negotiate context verification code to check bounds.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 118 ++++++++++++++++++++++++---------------------
fs/ksmbd/smb2pdu.h | 6 +--
2 files changed, 65 insertions(+), 59 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index f65e518759a5..30bc210ce40b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -835,10 +835,10 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
build_encrypt_ctxt((struct smb2_encryption_neg_context *)pneg_ctxt,
conn->cipher_type);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
- ctxt_size += sizeof(struct smb2_encryption_neg_context);
+ ctxt_size += sizeof(struct smb2_encryption_neg_context) + 2;
/* Round to 8 byte boundary */
pneg_ctxt +=
- round_up(sizeof(struct smb2_encryption_neg_context),
+ round_up(sizeof(struct smb2_encryption_neg_context) + 2,
8);
}
@@ -850,9 +850,10 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
build_compression_ctxt((struct smb2_compression_ctx *)pneg_ctxt,
conn->compress_algorithm);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
- ctxt_size += sizeof(struct smb2_compression_ctx);
+ ctxt_size += sizeof(struct smb2_compression_ctx) + 2;
/* Round to 8 byte boundary */
- pneg_ctxt += round_up(sizeof(struct smb2_compression_ctx), 8);
+ pneg_ctxt += round_up(sizeof(struct smb2_compression_ctx) + 2,
+ 8);
}
if (conn->posix_ext_supported) {
@@ -881,16 +882,23 @@ static __le32 decode_preauth_ctxt(struct ksmbd_conn *conn,
return err;
}
-static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
- struct smb2_encryption_neg_context *pneg_ctxt)
+static void decode_encrypt_ctxt(struct ksmbd_conn *conn,
+ struct smb2_encryption_neg_context *pneg_ctxt,
+ int len_of_ctxts)
{
- int i;
int cph_cnt = le16_to_cpu(pneg_ctxt->CipherCount);
+ int i, cphs_size = cph_cnt * sizeof(__le16);
conn->cipher_type = 0;
+ if (sizeof(struct smb2_encryption_neg_context) + cphs_size >
+ len_of_ctxts) {
+ pr_err("Invalid cipher count(%d)\n", cph_cnt);
+ return;
+ }
+
if (!(server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION))
- goto out;
+ return;
for (i = 0; i < cph_cnt; i++) {
if (pneg_ctxt->Ciphers[i] == SMB2_ENCRYPTION_AES128_GCM ||
@@ -903,90 +911,88 @@ static int decode_encrypt_ctxt(struct ksmbd_conn *conn,
break;
}
}
-
-out:
- /*
- * Return encrypt context size in request.
- * So need to plus extra number of ciphers size.
- */
- return sizeof(struct smb2_encryption_neg_context) +
- ((cph_cnt - 1) * 2);
}
-static int decode_compress_ctxt(struct ksmbd_conn *conn,
- struct smb2_compression_ctx *pneg_ctxt)
+static void decode_compress_ctxt(struct ksmbd_conn *conn,
+ struct smb2_compression_ctx *pneg_ctxt)
{
- int algo_cnt = le16_to_cpu(pneg_ctxt->CompressionAlgorithmCount);
-
conn->compress_algorithm = SMB3_COMPRESS_NONE;
-
- /*
- * Return compression context size in request.
- * So need to plus extra number of CompressionAlgorithms size.
- */
- return sizeof(struct smb2_compression_ctx) +
- ((algo_cnt - 1) * 2);
}
static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
struct smb2_negotiate_req *req)
{
- int i = 0;
- __le32 status = 0;
/* +4 is to account for the RFC1001 len field */
- char *pneg_ctxt = (char *)req +
- le32_to_cpu(req->NegotiateContextOffset) + 4;
- __le16 *ContextType = (__le16 *)pneg_ctxt;
+ struct smb2_neg_context *pctx = (struct smb2_neg_context *)((char *)req + 4);
+ int i = 0, len_of_ctxts;
+ int offset = le32_to_cpu(req->NegotiateContextOffset);
int neg_ctxt_cnt = le16_to_cpu(req->NegotiateContextCount);
- int ctxt_size;
+ int len_of_smb = be32_to_cpu(req->hdr.smb2_buf_length);
+ __le32 status = STATUS_INVALID_PARAMETER;
+
+ ksmbd_debug(SMB, "decoding %d negotiate contexts\n", neg_ctxt_cnt);
+ if (len_of_smb <= offset) {
+ ksmbd_debug(SMB, "Invalid response: negotiate context offset\n");
+ return status;
+ }
+
+ len_of_ctxts = len_of_smb - offset;
- ksmbd_debug(SMB, "negotiate context count = %d\n", neg_ctxt_cnt);
- status = STATUS_INVALID_PARAMETER;
while (i++ < neg_ctxt_cnt) {
- if (*ContextType == SMB2_PREAUTH_INTEGRITY_CAPABILITIES) {
+ int clen;
+
+ /* check that offset is not beyond end of SMB */
+ if (len_of_ctxts == 0)
+ break;
+
+ if (len_of_ctxts < sizeof(struct smb2_neg_context))
+ break;
+
+ pctx = (struct smb2_neg_context *)((char *)pctx + offset);
+ clen = le16_to_cpu(pctx->DataLength);
+ if (clen + sizeof(struct smb2_neg_context) > len_of_ctxts)
+ break;
+
+ if (pctx->ContextType == SMB2_PREAUTH_INTEGRITY_CAPABILITIES) {
ksmbd_debug(SMB,
"deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
if (conn->preauth_info->Preauth_HashId)
break;
status = decode_preauth_ctxt(conn,
- (struct smb2_preauth_neg_context *)pneg_ctxt);
- pneg_ctxt += DIV_ROUND_UP(sizeof(struct smb2_preauth_neg_context), 8) * 8;
- } else if (*ContextType == SMB2_ENCRYPTION_CAPABILITIES) {
+ (struct smb2_preauth_neg_context *)pctx);
+ if (status != STATUS_SUCCESS)
+ break;
+ } else if (pctx->ContextType == SMB2_ENCRYPTION_CAPABILITIES) {
ksmbd_debug(SMB,
"deassemble SMB2_ENCRYPTION_CAPABILITIES context\n");
if (conn->cipher_type)
break;
- ctxt_size = decode_encrypt_ctxt(conn,
- (struct smb2_encryption_neg_context *)pneg_ctxt);
- pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
- } else if (*ContextType == SMB2_COMPRESSION_CAPABILITIES) {
+ decode_encrypt_ctxt(conn,
+ (struct smb2_encryption_neg_context *)pctx,
+ len_of_ctxts);
+ } else if (pctx->ContextType == SMB2_COMPRESSION_CAPABILITIES) {
ksmbd_debug(SMB,
"deassemble SMB2_COMPRESSION_CAPABILITIES context\n");
if (conn->compress_algorithm)
break;
- ctxt_size = decode_compress_ctxt(conn,
- (struct smb2_compression_ctx *)pneg_ctxt);
- pneg_ctxt += DIV_ROUND_UP(ctxt_size, 8) * 8;
- } else if (*ContextType == SMB2_NETNAME_NEGOTIATE_CONTEXT_ID) {
+ decode_compress_ctxt(conn,
+ (struct smb2_compression_ctx *)pctx);
+ } else if (pctx->ContextType == SMB2_NETNAME_NEGOTIATE_CONTEXT_ID) {
ksmbd_debug(SMB,
"deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context\n");
- ctxt_size = sizeof(struct smb2_netname_neg_context);
- ctxt_size += DIV_ROUND_UP(le16_to_cpu(((struct smb2_netname_neg_context *)
- pneg_ctxt)->DataLength), 8) * 8;
- pneg_ctxt += ctxt_size;
- } else if (*ContextType == SMB2_POSIX_EXTENSIONS_AVAILABLE) {
+ } else if (pctx->ContextType == SMB2_POSIX_EXTENSIONS_AVAILABLE) {
ksmbd_debug(SMB,
"deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
conn->posix_ext_supported = true;
- pneg_ctxt += DIV_ROUND_UP(sizeof(struct smb2_posix_neg_context), 8) * 8;
}
- ContextType = (__le16 *)pneg_ctxt;
- if (status != STATUS_SUCCESS)
- break;
+ /* offsets must be 8 byte aligned */
+ clen = (clen + 7) & ~0x7;
+ offset = clen + sizeof(struct smb2_neg_context);
+ len_of_ctxts -= clen + sizeof(struct smb2_neg_context);
}
return status;
}
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index 0eac40e1ba65..21cb93e771f7 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -299,7 +299,7 @@ struct smb2_encryption_neg_context {
__le32 Reserved;
/* CipherCount usally 2, but can be 3 when AES256-GCM enabled */
__le16 CipherCount; /* AES-128-GCM and AES-128-CCM by default */
- __le16 Ciphers[1];
+ __le16 Ciphers[];
} __packed;
#define SMB3_COMPRESS_NONE cpu_to_le16(0x0000)
@@ -314,7 +314,7 @@ struct smb2_compression_ctx {
__le16 CompressionAlgorithmCount;
__u16 Padding;
__le32 Reserved1;
- __le16 CompressionAlgorithms[1];
+ __le16 CompressionAlgorithms[];
} __packed;
#define POSIX_CTXT_DATA_LEN 16
@@ -329,7 +329,7 @@ struct smb2_netname_neg_context {
__le16 ContextType; /* 0x100 */
__le16 DataLength;
__le32 Reserved;
- __le16 NetName[0]; /* hostname of target converted to UCS-2 */
+ __le16 NetName[]; /* hostname of target converted to UCS-2 */
} __packed;
struct smb2_negotiate_rsp {
From patchwork Mon Nov 14 12:51:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183284
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:41 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:41 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:41 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 187/308] ksmbd: add support for negotiating
signing algorithm
Date: Mon, 14 Nov 2022 20:51:36 +0800
Message-ID: <20221114125337.1831594-188-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d683d679-23cb-4ea9-bfc1-08dac63c7668
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7067457
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 378087cd17eea71c4e78e6053597e38429ccee0f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/378087cd17ee
-------------------------------
Support for faster packet signing (using GMAC instead of CMAC) can
now be negotiated to some newer servers, including Windows.
See MS-SMB2 section 2.2.3.17.
This patch adds support for sending the new negotiate context with two
supported signing algorithms(AES-CMAC, HMAC-SHA256).
If client add support for AES_GMAC, Server will be supported later
depend on it.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.h | 2 ++
fs/ksmbd/smb2ops.c | 4 +++
fs/ksmbd/smb2pdu.c | 58 +++++++++++++++++++++++++++++++++++++++++++
fs/ksmbd/smb2pdu.h | 14 +++++++++++
4 files changed, 78 insertions(+)
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index 487c2024b0d5..e5403c587a58 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -109,6 +109,8 @@ struct ksmbd_conn {
__le16 cipher_type;
__le16 compress_algorithm;
bool posix_ext_supported;
+ bool signing_negotiated;
+ __le16 signing_algorithm;
bool binding;
};
diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c
index 8262908e467c..197473871aa4 100644
--- a/fs/ksmbd/smb2ops.c
+++ b/fs/ksmbd/smb2ops.c
@@ -204,6 +204,7 @@ void init_smb2_1_server(struct ksmbd_conn *conn)
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
conn->max_credits = SMB2_MAX_CREDITS;
+ conn->signing_algorithm = SIGNING_ALG_HMAC_SHA256;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
@@ -221,6 +222,7 @@ void init_smb3_0_server(struct ksmbd_conn *conn)
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
conn->max_credits = SMB2_MAX_CREDITS;
+ conn->signing_algorithm = SIGNING_ALG_AES_CMAC;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
@@ -245,6 +247,7 @@ void init_smb3_02_server(struct ksmbd_conn *conn)
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
conn->max_credits = SMB2_MAX_CREDITS;
+ conn->signing_algorithm = SIGNING_ALG_AES_CMAC;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
@@ -269,6 +272,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn)
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
conn->max_credits = SMB2_MAX_CREDITS;
+ conn->signing_algorithm = SIGNING_ALG_AES_CMAC;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 30bc210ce40b..f6a09c1eb1d2 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -786,6 +786,18 @@ static void build_compression_ctxt(struct smb2_compression_ctx *pneg_ctxt,
pneg_ctxt->CompressionAlgorithms[0] = comp_algo;
}
+static void build_sign_cap_ctxt(struct smb2_signing_capabilities *pneg_ctxt,
+ __le16 sign_algo)
+{
+ pneg_ctxt->ContextType = SMB2_SIGNING_CAPABILITIES;
+ pneg_ctxt->DataLength =
+ cpu_to_le16((sizeof(struct smb2_signing_capabilities) + 2)
+ - sizeof(struct smb2_neg_context));
+ pneg_ctxt->Reserved = cpu_to_le32(0);
+ pneg_ctxt->SigningAlgorithmCount = cpu_to_le16(1);
+ pneg_ctxt->SigningAlgorithms[0] = sign_algo;
+}
+
static void build_posix_ctxt(struct smb2_posix_neg_context *pneg_ctxt)
{
pneg_ctxt->ContextType = SMB2_POSIX_EXTENSIONS_AVAILABLE;
@@ -863,6 +875,18 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
build_posix_ctxt((struct smb2_posix_neg_context *)pneg_ctxt);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
ctxt_size += sizeof(struct smb2_posix_neg_context);
+ /* Round to 8 byte boundary */
+ pneg_ctxt += round_up(sizeof(struct smb2_posix_neg_context), 8);
+ }
+
+ if (conn->signing_negotiated) {
+ ctxt_size = round_up(ctxt_size, 8);
+ ksmbd_debug(SMB,
+ "assemble SMB2_SIGNING_CAPABILITIES context\n");
+ build_sign_cap_ctxt((struct smb2_signing_capabilities *)pneg_ctxt,
+ conn->signing_algorithm);
+ rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
+ ctxt_size += sizeof(struct smb2_signing_capabilities) + 2;
}
inc_rfc1001_len(rsp, ctxt_size);
@@ -919,6 +943,34 @@ static void decode_compress_ctxt(struct ksmbd_conn *conn,
conn->compress_algorithm = SMB3_COMPRESS_NONE;
}
+static void decode_sign_cap_ctxt(struct ksmbd_conn *conn,
+ struct smb2_signing_capabilities *pneg_ctxt,
+ int len_of_ctxts)
+{
+ int sign_algo_cnt = le16_to_cpu(pneg_ctxt->SigningAlgorithmCount);
+ int i, sign_alos_size = sign_algo_cnt * sizeof(__le16);
+
+ conn->signing_negotiated = false;
+
+ if (sizeof(struct smb2_signing_capabilities) + sign_alos_size >
+ len_of_ctxts) {
+ pr_err("Invalid signing algorithm count(%d)\n", sign_algo_cnt);
+ return;
+ }
+
+ for (i = 0; i < sign_algo_cnt; i++) {
+ if (pneg_ctxt->SigningAlgorithms[i] == SIGNING_ALG_HMAC_SHA256 ||
+ pneg_ctxt->SigningAlgorithms[i] == SIGNING_ALG_AES_CMAC) {
+ ksmbd_debug(SMB, "Signing Algorithm ID = 0x%x\n",
+ pneg_ctxt->SigningAlgorithms[i]);
+ conn->signing_negotiated = true;
+ conn->signing_algorithm =
+ pneg_ctxt->SigningAlgorithms[i];
+ break;
+ }
+ }
+}
+
static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
struct smb2_negotiate_req *req)
{
@@ -987,6 +1039,12 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
ksmbd_debug(SMB,
"deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
conn->posix_ext_supported = true;
+ } else if (pctx->ContextType == SMB2_SIGNING_CAPABILITIES) {
+ ksmbd_debug(SMB,
+ "deassemble SMB2_SIGNING_CAPABILITIES context\n");
+ decode_sign_cap_ctxt(conn,
+ (struct smb2_signing_capabilities *)pctx,
+ len_of_ctxts);
}
/* offsets must be 8 byte aligned */
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index 21cb93e771f7..89019f67234c 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -268,6 +268,7 @@ struct preauth_integrity_info {
#define SMB2_ENCRYPTION_CAPABILITIES cpu_to_le16(2)
#define SMB2_COMPRESSION_CAPABILITIES cpu_to_le16(3)
#define SMB2_NETNAME_NEGOTIATE_CONTEXT_ID cpu_to_le16(5)
+#define SMB2_SIGNING_CAPABILITIES cpu_to_le16(8)
#define SMB2_POSIX_EXTENSIONS_AVAILABLE cpu_to_le16(0x100)
struct smb2_neg_context {
@@ -332,6 +333,19 @@ struct smb2_netname_neg_context {
__le16 NetName[]; /* hostname of target converted to UCS-2 */
} __packed;
+/* Signing algorithms */
+#define SIGNING_ALG_HMAC_SHA256 cpu_to_le16(0)
+#define SIGNING_ALG_AES_CMAC cpu_to_le16(1)
+#define SIGNING_ALG_AES_GMAC cpu_to_le16(2)
+
+struct smb2_signing_capabilities {
+ __le16 ContextType; /* 8 */
+ __le16 DataLength;
+ __le32 Reserved;
+ __le16 SigningAlgorithmCount;
+ __le16 SigningAlgorithms[];
+} __packed;
+
struct smb2_negotiate_rsp {
struct smb2_hdr hdr;
__le16 StructureSize; /* Must be 65 */
From patchwork Mon Nov 14 12:51:37 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183285
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:42 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:42 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:41 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 188/308] ksmbd: Fix potential memory leak in
tcp_destroy_socket()
Date: Mon, 14 Nov 2022 20:51:37 +0800
Message-ID: <20221114125337.1831594-189-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
007bea80-cbe3-40d5-062f-08dac63c76b1
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6877498
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit 654c8876f93677915b1a009bc7f2421ab8750bf1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/654c8876f936
-------------------------------
ksmbd_socket must be freed even if kernel_sock_shutdown() somehow fails.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_tcp.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/ksmbd/transport_tcp.c b/fs/ksmbd/transport_tcp.c
index 56ec11ff5a9f..dc15a5ecd2e0 100644
--- a/fs/ksmbd/transport_tcp.c
+++ b/fs/ksmbd/transport_tcp.c
@@ -381,8 +381,7 @@ static void tcp_destroy_socket(struct socket *ksmbd_socket)
ret = kernel_sock_shutdown(ksmbd_socket, SHUT_RDWR);
if (ret)
pr_err("Failed to shutdown socket: %d\n", ret);
- else
- sock_release(ksmbd_socket);
+ sock_release(ksmbd_socket);
}
/**
From patchwork Mon Nov 14 12:51:38 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183286
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:42 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:42 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:41 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 189/308] ksmbd: fix -Wstringop-truncation warnings
Date: Mon, 14 Nov 2022 20:51:38 +0800
Message-ID: <20221114125337.1831594-190-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
95e4f5b5-7eab-402c-60e0-08dac63c76fb
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7452644
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 1d904eaf3f99565bdeffbed359e44dd88efbef02
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1d904eaf3f99
-------------------------------
Kernel test bot reports the following warnings:
In function 'ndr_write_string',
inlined from 'ndr_encode_dos_attr' at fs/ksmbd/ndr.c:136:3:
>> fs/ksmbd/ndr.c:70:2: warning: 'strncpy' destination unchanged after
copying no bytes [-Wstringop-truncation]
70 | strncpy(PAYLOAD_HEAD(n), value, sz);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function 'ndr_write_string',
inlined from 'ndr_encode_dos_attr' at fs/ksmbd/ndr.c:134:3:
>> fs/ksmbd/ndr.c:70:2: warning: 'strncpy' output truncated before
terminating nul copying as many bytes from a string as its length
[-Wstringop-truncation]
70 | strncpy(PAYLOAD_HEAD(n), value, sz);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/ksmbd/ndr.c: In function 'ndr_encode_dos_attr':
fs/ksmbd/ndr.c:134:3: note: length computed here
134 | ndr_write_string(n, hex_attr, strlen(hex_attr));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Reported-by: kernel test robot <lkp(a)intel.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ndr.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/fs/ksmbd/ndr.c b/fs/ksmbd/ndr.c
index bcf13a2aa9d4..50872377608d 100644
--- a/fs/ksmbd/ndr.c
+++ b/fs/ksmbd/ndr.c
@@ -65,13 +65,15 @@ static int ndr_write_bytes(struct ndr *n, void *value, size_t sz)
return 0;
}
-static int ndr_write_string(struct ndr *n, void *value, size_t sz)
+static int ndr_write_string(struct ndr *n, char *value)
{
+ size_t sz;
+
+ sz = strlen(value) + 1;
if (n->length <= n->offset + sz)
try_to_realloc_ndr_blob(n, sz);
- strncpy(ndr_get_field(n), value, sz);
- sz++;
+ memcpy(ndr_get_field(n), value, sz);
n->offset += sz;
n->offset = ALIGN(n->offset, 2);
return 0;
@@ -134,9 +136,9 @@ int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
if (da->version == 3) {
snprintf(hex_attr, 10, "0x%x", da->attr);
- ndr_write_string(n, hex_attr, strlen(hex_attr));
+ ndr_write_string(n, hex_attr);
} else {
- ndr_write_string(n, "", strlen(""));
+ ndr_write_string(n, "");
}
ndr_write_int16(n, da->version);
ndr_write_int32(n, da->version);
From patchwork Mon Nov 14 12:51:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183287
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:43 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:42 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:42 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 190/308] ksmbd: Return
STATUS_OBJECT_PATH_NOT_FOUND if smb2_creat() returns ENOENT
Date: Mon, 14 Nov 2022 20:51:39 +0800
Message-ID: <20221114125337.1831594-191-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a3ce36b7-2a79-4740-18eb-08dac63c7744
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7162412
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit d337a44e429e6de23ed3d73fcb81ec44f7b05522
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d337a44e429e
-------------------------------
Both Windows 10's SMB server and samba return STATUS_OBJECT_PATH_NOT_FOUND
when trying to access a nonexistent path.
This fixes Windows 10 File History tool. The latter relies on the server
returning STATUS_OBJECT_PATH_NOT_FOUND to figure out what part of the
target path needs to be created. Returning STATUS_OBJECT_NAME_INVALID
will make it stop and display an error to the user.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index f6a09c1eb1d2..4c9f3e6abf0f 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2755,8 +2755,13 @@ int smb2_open(struct ksmbd_work *work)
if (!file_present) {
rc = smb2_creat(work, &path, name, open_flags, posix_mode,
req->CreateOptions & FILE_DIRECTORY_FILE_LE);
- if (rc)
+ if (rc) {
+ if (rc == -ENOENT) {
+ rc = -EIO;
+ rsp->hdr.Status = STATUS_OBJECT_PATH_NOT_FOUND;
+ }
goto err_out;
+ }
created = true;
if (ea_buf) {
From patchwork Mon Nov 14 12:51:40 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183288
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:43 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:43 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:42 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 191/308] ksmbd: don't set RSS capable in
FSCTL_QUERY_NETWORK_INTERFACE_INFO
Date: Mon, 14 Nov 2022 20:51:40 +0800
Message-ID: <20221114125337.1831594-192-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
0b009830-f6ba-487b-aaa1-08dac63c778c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6973514
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 9fb8fac08f6670c9bba70d6c616ad84dd7a45528
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9fb8fac08f66
-------------------------------
ksmbd does not support RSS mode stably.
RSS mode enabling will be set later.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 4c9f3e6abf0f..65367958f569 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -7048,8 +7048,6 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
nii_rsp->IfIndex = cpu_to_le32(netdev->ifindex);
nii_rsp->Capability = 0;
- if (netdev->num_tx_queues > 1)
- nii_rsp->Capability |= cpu_to_le32(RSS_CAPABLE);
if (ksmbd_rdma_capable_netdev(netdev))
nii_rsp->Capability |= cpu_to_le32(RDMA_CAPABLE);
From patchwork Mon Nov 14 12:51:41 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183289
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:44 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:43 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:43 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 192/308] ksmbd: use channel signingkey for binding
SMB2 session setup
Date: Mon, 14 Nov 2022 20:51:41 +0800
Message-ID: <20221114125337.1831594-193-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
0093ca04-7469-453c-a9df-08dac63c77d8
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7006651
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 08bdbc6ef46ad522a24dc6b8e01c039cb0c7e761
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/08bdbc6ef46a
-------------------------------
Windows client disconnect connection by wrong signed SMB2 session
setup response on SMB3 multichannel mode.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 65367958f569..4b3df48df7a4 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -8103,7 +8103,8 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)
len = ALIGN(len, 8);
}
- if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
+ if (conn->binding == false &&
+ le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
signing_key = work->sess->smb3signingkey;
} else {
chann = lookup_chann_list(work->sess, work->conn);
From patchwork Mon Nov 14 12:51:42 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183290
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:44 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:44 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:43 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 193/308] ksmbd: fix missing error code in
smb2_lock
Date: Mon, 14 Nov 2022 20:51:42 +0800
Message-ID: <20221114125337.1831594-194-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2208543c-0b4e-4ddd-4718-08dac63c7822
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6772324
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 6c99dfc4c5f6fa1f5a90c068be6201d7a0cebff1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6c99dfc4c5f6
-------------------------------
Dan report a warning that is missing error code in smb2_lock
from static checker. This patch add error code to avoid static checker
warning.
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 66 ++++++++++++++++++++++++----------------------
1 file changed, 34 insertions(+), 32 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 4b3df48df7a4..32a66f37e008 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6544,7 +6544,7 @@ int smb2_lock(struct ksmbd_work *work)
int lock_count;
int flags = 0;
int cmd = 0;
- int err = 0, i;
+ int err = -EIO, i, rc = 0;
u64 lock_start, lock_length;
struct ksmbd_lock *smb_lock = NULL, *cmp_lock, *tmp, *tmp2;
struct ksmbd_conn *conn;
@@ -6560,7 +6560,7 @@ int smb2_lock(struct ksmbd_work *work)
if (!fp) {
ksmbd_debug(SMB, "Invalid file id for lock : %llu\n",
le64_to_cpu(req->VolatileFileId));
- rsp->hdr.Status = STATUS_FILE_CLOSED;
+ err = -ENOENT;
goto out2;
}
@@ -6570,7 +6570,7 @@ int smb2_lock(struct ksmbd_work *work)
ksmbd_debug(SMB, "lock count is %d\n", lock_count);
if (!lock_count) {
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ err = -EINVAL;
goto out2;
}
@@ -6578,10 +6578,8 @@ int smb2_lock(struct ksmbd_work *work)
flags = le32_to_cpu(lock_ele[i].Flags);
flock = smb_flock_init(filp);
- if (!flock) {
- rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ if (!flock)
goto out;
- }
cmd = smb2_set_flock_flags(flock, flags);
@@ -6619,8 +6617,7 @@ int smb2_lock(struct ksmbd_work *work)
if (cmp_lock->fl->fl_type != F_UNLCK &&
flock->fl_type != F_UNLCK) {
pr_err("conflict two locks in one request\n");
- rsp->hdr.Status =
- STATUS_INVALID_PARAMETER;
+ err = -EINVAL;
goto out;
}
}
@@ -6628,19 +6625,19 @@ int smb2_lock(struct ksmbd_work *work)
smb_lock = smb2_lock_init(flock, cmd, flags, &lock_list);
if (!smb_lock) {
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ err = -EINVAL;
goto out;
}
}
list_for_each_entry_safe(smb_lock, tmp, &lock_list, llist) {
if (smb_lock->cmd < 0) {
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ err = -EINVAL;
goto out;
}
if (!(smb_lock->flags & SMB2_LOCKFLAG_MASK)) {
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ err = -EINVAL;
goto out;
}
@@ -6648,7 +6645,7 @@ int smb2_lock(struct ksmbd_work *work)
smb_lock->flags & SMB2_LOCKFLAG_UNLOCK) ||
(prior_lock == SMB2_LOCKFLAG_UNLOCK &&
!(smb_lock->flags & SMB2_LOCKFLAG_UNLOCK))) {
- rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ err = -EINVAL;
goto out;
}
@@ -6701,8 +6698,7 @@ int smb2_lock(struct ksmbd_work *work)
spin_unlock(&conn->llist_lock);
read_unlock(&conn_list_lock);
pr_err("previous lock conflict with zero byte lock range\n");
- rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
- goto out;
+ goto out;
}
if (smb_lock->zero_len && !cmp_lock->zero_len &&
@@ -6711,8 +6707,7 @@ int smb2_lock(struct ksmbd_work *work)
spin_unlock(&conn->llist_lock);
read_unlock(&conn_list_lock);
pr_err("current lock conflict with zero byte lock range\n");
- rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
- goto out;
+ goto out;
}
if (((cmp_lock->start <= smb_lock->start &&
@@ -6723,8 +6718,6 @@ int smb2_lock(struct ksmbd_work *work)
spin_unlock(&conn->llist_lock);
read_unlock(&conn_list_lock);
pr_err("Not allow lock operation on exclusive lock range\n");
- rsp->hdr.Status =
- STATUS_LOCK_NOT_GRANTED;
goto out;
}
}
@@ -6747,19 +6740,19 @@ int smb2_lock(struct ksmbd_work *work)
flock = smb_lock->fl;
list_del(&smb_lock->llist);
retry:
- err = vfs_lock_file(filp, smb_lock->cmd, flock, NULL);
+ rc = vfs_lock_file(filp, smb_lock->cmd, flock, NULL);
skip:
if (flags & SMB2_LOCKFLAG_UNLOCK) {
- if (!err) {
+ if (!rc) {
ksmbd_debug(SMB, "File unlocked\n");
- } else if (err == -ENOENT) {
+ } else if (rc == -ENOENT) {
rsp->hdr.Status = STATUS_NOT_LOCKED;
goto out;
}
locks_free_lock(flock);
kfree(smb_lock);
} else {
- if (err == FILE_LOCK_DEFERRED) {
+ if (rc == FILE_LOCK_DEFERRED) {
void **argv;
ksmbd_debug(SMB,
@@ -6777,12 +6770,11 @@ int smb2_lock(struct ksmbd_work *work)
}
argv[0] = flock;
- err = setup_async_work(work,
- smb2_remove_blocked_lock,
- argv);
- if (err) {
- rsp->hdr.Status =
- STATUS_INSUFFICIENT_RESOURCES;
+ rc = setup_async_work(work,
+ smb2_remove_blocked_lock,
+ argv);
+ if (rc) {
+ err = -ENOMEM;
goto out;
}
spin_lock(&fp->f_lock);
@@ -6829,7 +6821,7 @@ int smb2_lock(struct ksmbd_work *work)
list_del(&work->fp_entry);
spin_unlock(&fp->f_lock);
goto retry;
- } else if (!err) {
+ } else if (!rc) {
spin_lock(&work->conn->llist_lock);
list_add_tail(&smb_lock->clist,
&work->conn->lock_list);
@@ -6839,7 +6831,6 @@ int smb2_lock(struct ksmbd_work *work)
list_add(&smb_lock->llist, &rollback_list);
ksmbd_debug(SMB, "successful in taking lock\n");
} else {
- rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
goto out;
}
}
@@ -6865,7 +6856,6 @@ int smb2_lock(struct ksmbd_work *work)
list_for_each_entry_safe(smb_lock, tmp, &rollback_list, llist) {
struct file_lock *rlock = NULL;
- int rc;
rlock = smb_flock_init(filp);
rlock->fl_type = F_UNLCK;
@@ -6888,7 +6878,19 @@ int smb2_lock(struct ksmbd_work *work)
kfree(smb_lock);
}
out2:
- ksmbd_debug(SMB, "failed in taking lock(flags : %x)\n", flags);
+ ksmbd_debug(SMB, "failed in taking lock(flags : %x), err : %d\n", flags, err);
+
+ if (!rsp->hdr.Status) {
+ if (err == -EINVAL)
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ else if (err == -ENOMEM)
+ rsp->hdr.Status = STATUS_INSUFFICIENT_RESOURCES;
+ else if (err == -ENOENT)
+ rsp->hdr.Status = STATUS_FILE_CLOSED;
+ else
+ rsp->hdr.Status = STATUS_LOCK_NOT_GRANTED;
+ }
+
smb2_set_err_rsp(work);
ksmbd_fd_put(work, fp);
return err;
From patchwork Mon Nov 14 12:51:43 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183291
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:45 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:44 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:44 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 194/308] ksmbd: add ipv6_addr_v4mapped check to
know if connection from client is ipv4
Date: Mon, 14 Nov 2022 20:51:43 +0800
Message-ID: <20221114125337.1831594-195-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
57cacf3a-e852-4588-d875-08dac63c786a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6752932
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit f1abdb78a1080a49deac6e91e1675525d1d3dfbe
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f1abdb78a108
-------------------------------
ksmbd create socket with IPv6 to listen both IPv4 and IPv6 connection
from client. Server should send IP addresses of NICs through network
interface info response. If Client connection is IPv4, Server should
fill IPv4 address in response buffer. But ss_family is always PF_INET6
on IPv6 socket. So This patch add ipv6_addr_v4mapped check to know
client connection is IPv4.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 32a66f37e008..d2fc945c38ec 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -7035,6 +7035,7 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
struct sockaddr_storage_rsp *sockaddr_storage;
unsigned int flags;
unsigned long long speed;
+ struct sockaddr_in6 *csin6 = (struct sockaddr_in6 *)&conn->peer_addr;
rtnl_lock();
for_each_netdev(&init_net, netdev) {
@@ -7074,7 +7075,8 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
nii_rsp->SockAddr_Storage;
memset(sockaddr_storage, 0, 128);
- if (conn->peer_addr.ss_family == PF_INET) {
+ if (conn->peer_addr.ss_family == PF_INET ||
+ ipv6_addr_v4mapped(&csin6->sin6_addr)) {
struct in_device *idev;
sockaddr_storage->Family = cpu_to_le16(INTERNETWORK);
From patchwork Mon Nov 14 12:51:44 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183292
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:45 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:45 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:44 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 195/308] ksmbd: fix an oops in error handling in
smb2_open()
Date: Mon, 14 Nov 2022 20:51:44 +0800
Message-ID: <20221114125337.1831594-196-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2f6f4378-0c55-42f2-4435-08dac63c78b3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7094897
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc1
commit 8b99f3504b688e3b55380521b6bf68c3d0c485d6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8b99f3504b68
-------------------------------
If smb2_get_name() then name is an error pointer. In the clean up
code, we try to kfree() it and that will lead to an Oops. Set it to
NULL instead.
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index d2fc945c38ec..8155a282c151 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2451,6 +2451,7 @@ int smb2_open(struct ksmbd_work *work)
rc = PTR_ERR(name);
if (rc != -ENOMEM)
rc = -ENOENT;
+ name = NULL;
goto err_out1;
}
From patchwork Mon Nov 14 12:51:45 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183293
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:46 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:45 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:45 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 196/308] ksmbd: Fix multi-protocol negotiation
Date: Mon, 14 Nov 2022 20:51:45 +0800
Message-ID: <20221114125337.1831594-197-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
150149f0-50ef-4826-79d5-08dac63c78fd
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7077887
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc1
commit eebff916f07775b2ecd9186439e69a70af24630b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/eebff916f077
-------------------------------
To negotiate either the SMB2 protocol or SMB protocol, a client must
send a SMB_COM_NEGOTIATE message containing the list of dialects it
supports, to which the server will respond with either a
SMB_COM_NEGOTIATE or a SMB2_NEGOTIATE response.
The current implementation responds with the highest common dialect,
rather than looking explicitly for "SMB 2.???" and "SMB 2.002", as
indicated in [MS-SMB2]:
[MS-SMB2] 3.3.5.3.1:
If the server does not implement the SMB 2.1 or 3.x dialect family,
processing MUST continue as specified in 3.3.5.3.2.
Otherwise, the server MUST scan the dialects provided for the dialect
string "SMB 2.???". If the string is not present, continue to section
3.3.5.3.2. If the string is present, the server MUST respond with an
SMB2 NEGOTIATE Response as specified in 2.2.4.
[MS-SMB2] 3.3.5.3.2:
The server MUST scan the dialects provided for the dialect string "SMB
2.002". If the string is present, the client understands SMB2, and the
server MUST respond with an SMB2 NEGOTIATE Response.
This is an issue if a client attempts to negotiate SMB3.1.1 using
a SMB_COM_NEGOTIATE, as it will trigger the following NULL pointer
dereference:
8<--- cut here ---
Unable to handle kernel NULL pointer dereference at virtual address 00000000
pgd = 1917455e
[00000000] *pgd=00000000
Internal error: Oops: 17 [#1] ARM
CPU: 0 PID: 60 Comm: kworker/0:1 Not tainted 5.4.60-00027-g0518c02b5c5b #35
Hardware name: Marvell Kirkwood (Flattened Device Tree)
Workqueue: ksmbd-io handle_ksmbd_work
PC is at ksmbd_gen_preauth_integrity_hash+0x24/0x190
LR is at smb3_preauth_hash_rsp+0x50/0xa0
pc : [<802b7044>] lr : [<802d6ac0>] psr: 40000013
sp : bf199ed8 ip : 00000000 fp : 80d1edb0
r10: 80a3471b r9 : 8091af16 r8 : 80d70640
r7 : 00000072 r6 : be95e198 r5 : ca000000 r4 : b97fee00
r3 : 00000000 r2 : 00000002 r1 : b97fea00 r0 : b97fee00
Flags: nZcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
Control: 0005317f Table: 3e7f4000 DAC: 00000055
Process kworker/0:1 (pid: 60, stack limit = 0x3dd1fdb4)
Stack: (0xbf199ed8 to 0xbf19a000)
9ec0: b97fee00 00000000
9ee0: be95e198 00000072 80d70640 802d6ac0 b3da2680 b97fea00 424d53ff be95e140
9f00: b97fee00 802bd7b0 bf10fa58 80128a78 00000000 000001c8 b6220000 bf0b7720
9f20: be95e198 80d0c410 bf7e2a00 00000000 00000000 be95e19c 80d0c370 80123b90
9f40: bf0b7720 be95e198 bf0b7720 bf0b7734 80d0c410 bf198000 80d0c424 80d116e0
9f60: bf10fa58 801240c0 00000000 bf10fa40 bf1463a0 bf198000 bf0b7720 80123ed0
9f80: bf077ee4 bf10fa58 00000000 80127f80 bf1463a0 80127e88 00000000 00000000
9fa0: 00000000 00000000 00000000 801010d0 00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000
[<802b7044>] (ksmbd_gen_preauth_integrity_hash) from [<802d6ac0>] (smb3_preauth_hash_rsp+0x50/0xa0)
[<802d6ac0>] (smb3_preauth_hash_rsp) from [<802bd7b0>] (handle_ksmbd_work+0x348/0x3f8)
[<802bd7b0>] (handle_ksmbd_work) from [<80123b90>] (process_one_work+0x160/0x200)
[<80123b90>] (process_one_work) from [<801240c0>] (worker_thread+0x1f0/0x2e4)
[<801240c0>] (worker_thread) from [<80127f80>] (kthread+0xf8/0x10c)
[<80127f80>] (kthread) from [<801010d0>] (ret_from_fork+0x14/0x24)
Exception stack(0xbf199fb0 to 0xbf199ff8)
9fa0: 00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
Code: e1855803 e5d13003 e1855c03 e5903094 (e1d330b0)
---[ end trace 8d03be3ed09e5699 ]---
Kernel panic - not syncing: Fatal exception
smb3_preauth_hash_rsp() panics because conn->preauth_info is only allocated
when processing a SMB2 NEGOTIATE request.
Fix this by splitting the smb_protos array into two, each containing
only SMB1 and SMB2 dialects respectively.
While here, make ksmbd_negotiate_smb_dialect() static as it not
called from anywhere else.
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb_common.c | 53 +++++++++++++++++++++++++++++--------------
fs/ksmbd/smb_common.h | 1 -
2 files changed, 36 insertions(+), 18 deletions(-)
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index 61686d739ffc..b2370d0f08c6 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -30,7 +30,7 @@ struct smb_protocol {
__u16 prot_id;
};
-static struct smb_protocol smb_protos[] = {
+static struct smb_protocol smb1_protos[] = {
{
SMB21_PROT,
"\2SMB 2.1",
@@ -43,6 +43,15 @@ static struct smb_protocol smb_protos[] = {
"SMB2_22",
SMB2X_PROT_ID
},
+};
+
+static struct smb_protocol smb2_protos[] = {
+ {
+ SMB21_PROT,
+ "\2SMB 2.1",
+ "SMB2_10",
+ SMB21_PROT_ID
+ },
{
SMB30_PROT,
"\2SMB 3.0",
@@ -90,14 +99,24 @@ inline int ksmbd_max_protocol(void)
int ksmbd_lookup_protocol_idx(char *str)
{
- int offt = ARRAY_SIZE(smb_protos) - 1;
+ int offt = ARRAY_SIZE(smb1_protos) - 1;
int len = strlen(str);
while (offt >= 0) {
- if (!strncmp(str, smb_protos[offt].prot, len)) {
+ if (!strncmp(str, smb1_protos[offt].prot, len)) {
+ ksmbd_debug(SMB, "selected %s dialect idx = %d\n",
+ smb1_protos[offt].prot, offt);
+ return smb1_protos[offt].index;
+ }
+ offt--;
+ }
+
+ offt = ARRAY_SIZE(smb2_protos) - 1;
+ while (offt >= 0) {
+ if (!strncmp(str, smb2_protos[offt].prot, len)) {
ksmbd_debug(SMB, "selected %s dialect idx = %d\n",
- smb_protos[offt].prot, offt);
- return smb_protos[offt].index;
+ smb2_protos[offt].prot, offt);
+ return smb2_protos[offt].index;
}
offt--;
}
@@ -169,7 +188,7 @@ static int ksmbd_lookup_dialect_by_name(char *cli_dialects, __le16 byte_count)
int i, seq_num, bcount, next;
char *dialect;
- for (i = ARRAY_SIZE(smb_protos) - 1; i >= 0; i--) {
+ for (i = ARRAY_SIZE(smb1_protos) - 1; i >= 0; i--) {
seq_num = 0;
next = 0;
dialect = cli_dialects;
@@ -178,14 +197,14 @@ static int ksmbd_lookup_dialect_by_name(char *cli_dialects, __le16 byte_count)
dialect = next_dialect(dialect, &next);
ksmbd_debug(SMB, "client requested dialect %s\n",
dialect);
- if (!strcmp(dialect, smb_protos[i].name)) {
- if (supported_protocol(smb_protos[i].index)) {
+ if (!strcmp(dialect, smb1_protos[i].name)) {
+ if (supported_protocol(smb1_protos[i].index)) {
ksmbd_debug(SMB,
"selected %s dialect\n",
- smb_protos[i].name);
- if (smb_protos[i].index == SMB1_PROT)
+ smb1_protos[i].name);
+ if (smb1_protos[i].index == SMB1_PROT)
return seq_num;
- return smb_protos[i].prot_id;
+ return smb1_protos[i].prot_id;
}
}
seq_num++;
@@ -201,19 +220,19 @@ int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count)
int i;
int count;
- for (i = ARRAY_SIZE(smb_protos) - 1; i >= 0; i--) {
+ for (i = ARRAY_SIZE(smb2_protos) - 1; i >= 0; i--) {
count = le16_to_cpu(dialects_count);
while (--count >= 0) {
ksmbd_debug(SMB, "client requested dialect 0x%x\n",
le16_to_cpu(cli_dialects[count]));
if (le16_to_cpu(cli_dialects[count]) !=
- smb_protos[i].prot_id)
+ smb2_protos[i].prot_id)
continue;
- if (supported_protocol(smb_protos[i].index)) {
+ if (supported_protocol(smb2_protos[i].index)) {
ksmbd_debug(SMB, "selected %s dialect\n",
- smb_protos[i].name);
- return smb_protos[i].prot_id;
+ smb2_protos[i].name);
+ return smb2_protos[i].prot_id;
}
}
}
@@ -221,7 +240,7 @@ int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count)
return BAD_PROT_ID;
}
-int ksmbd_negotiate_smb_dialect(void *buf)
+static int ksmbd_negotiate_smb_dialect(void *buf)
{
__le32 proto;
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 95f297177c1a..a4a765440ea3 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -498,7 +498,6 @@ bool ksmbd_smb_request(struct ksmbd_conn *conn);
int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count);
-int ksmbd_negotiate_smb_dialect(void *buf);
int ksmbd_init_smb_server(struct ksmbd_work *work);
bool ksmbd_pdu_size_has_room(unsigned int pdu);
From patchwork Mon Nov 14 12:51:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183294
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:46 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:46 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:45 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 197/308] ksmbd: change int data type to boolean
Date: Mon, 14 Nov 2022 20:51:46 +0800
Message-ID: <20221114125337.1831594-198-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ce55e28c-ae8c-4a42-7f39-08dac63c7946
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6889075
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit f4228b678b410a401148f9ad9911d0013fa0f24e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f4228b678b41
-------------------------------
Change data type of function that return only 0 or 1 to boolean.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 32 ++++++++++++++++----------------
fs/ksmbd/smb2pdu.h | 6 +++---
fs/ksmbd/smb_common.h | 2 +-
3 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 8155a282c151..5684841450d6 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -58,18 +58,18 @@ static void __wbuf(struct ksmbd_work *work, void **req, void **rsp)
*
* Return: 1 if valid session id, otherwise 0
*/
-static inline int check_session_id(struct ksmbd_conn *conn, u64 id)
+static inline bool check_session_id(struct ksmbd_conn *conn, u64 id)
{
struct ksmbd_session *sess;
if (id == 0 || id == -1)
- return 0;
+ return false;
sess = ksmbd_session_lookup_all(conn, id);
if (sess)
- return 1;
+ return true;
pr_err("Invalid user session id: %llu\n", id);
- return 0;
+ return false;
}
struct channel *lookup_chann_list(struct ksmbd_session *sess, struct ksmbd_conn *conn)
@@ -145,45 +145,45 @@ void smb2_set_err_rsp(struct ksmbd_work *work)
* is_smb2_neg_cmd() - is it smb2 negotiation command
* @work: smb work containing smb header
*
- * Return: 1 if smb2 negotiation command, otherwise 0
+ * Return: true if smb2 negotiation command, otherwise false
*/
-int is_smb2_neg_cmd(struct ksmbd_work *work)
+bool is_smb2_neg_cmd(struct ksmbd_work *work)
{
struct smb2_hdr *hdr = work->request_buf;
/* is it SMB2 header ? */
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
- return 0;
+ return false;
/* make sure it is request not response message */
if (hdr->Flags & SMB2_FLAGS_SERVER_TO_REDIR)
- return 0;
+ return false;
if (hdr->Command != SMB2_NEGOTIATE)
- return 0;
+ return false;
- return 1;
+ return true;
}
/**
* is_smb2_rsp() - is it smb2 response
* @work: smb work containing smb response buffer
*
- * Return: 1 if smb2 response, otherwise 0
+ * Return: true if smb2 response, otherwise false
*/
-int is_smb2_rsp(struct ksmbd_work *work)
+bool is_smb2_rsp(struct ksmbd_work *work)
{
struct smb2_hdr *hdr = work->response_buf;
/* is it SMB2 header ? */
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
- return 0;
+ return false;
/* make sure it is response not request message */
if (!(hdr->Flags & SMB2_FLAGS_SERVER_TO_REDIR))
- return 0;
+ return false;
- return 1;
+ return true;
}
/**
@@ -8244,7 +8244,7 @@ int smb3_encrypt_resp(struct ksmbd_work *work)
return rc;
}
-int smb3_is_transform_hdr(void *buf)
+bool smb3_is_transform_hdr(void *buf)
{
struct smb2_transform_hdr *trhdr = buf;
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index 89019f67234c..bcec845b03f3 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -1638,8 +1638,8 @@ void init_smb2_max_read_size(unsigned int sz);
void init_smb2_max_write_size(unsigned int sz);
void init_smb2_max_trans_size(unsigned int sz);
-int is_smb2_neg_cmd(struct ksmbd_work *work);
-int is_smb2_rsp(struct ksmbd_work *work);
+bool is_smb2_neg_cmd(struct ksmbd_work *work);
+bool is_smb2_rsp(struct ksmbd_work *work);
u16 get_smb2_cmd_val(struct ksmbd_work *work);
void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err);
@@ -1664,7 +1664,7 @@ void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status);
struct channel *lookup_chann_list(struct ksmbd_session *sess,
struct ksmbd_conn *conn);
void smb3_preauth_hash_rsp(struct ksmbd_work *work);
-int smb3_is_transform_hdr(void *buf);
+bool smb3_is_transform_hdr(void *buf);
int smb3_decrypt_req(struct ksmbd_work *work);
int smb3_encrypt_resp(struct ksmbd_work *work);
bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work);
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index a4a765440ea3..57c667c1be06 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -473,7 +473,7 @@ struct smb_version_ops {
void (*set_sign_rsp)(struct ksmbd_work *work);
int (*generate_signingkey)(struct ksmbd_session *sess, struct ksmbd_conn *conn);
int (*generate_encryptionkey)(struct ksmbd_session *sess);
- int (*is_transform_hdr)(void *buf);
+ bool (*is_transform_hdr)(void *buf);
int (*decrypt_req)(struct ksmbd_work *work);
int (*encrypt_resp)(struct ksmbd_work *work);
};
From patchwork Mon Nov 14 12:51:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183295
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:46 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:46 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:46 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 198/308] ksmbd: update the comment for
smb2_get_ksmbd_tcon()
Date: Mon, 14 Nov 2022 20:51:47 +0800
Message-ID: <20221114125337.1831594-199-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ca02e44b-4286-4abb-a982-08dac63c798f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6750505
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 5ec3df8e98f51e21fe1f46633b6085897f9b040e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5ec3df8e98f5
-------------------------------
Update the comment for smb2_get_ksmbd_tcon().
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 5684841450d6..711aac6f4e1b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -85,10 +85,11 @@ struct channel *lookup_chann_list(struct ksmbd_session *sess, struct ksmbd_conn
}
/**
- * smb2_get_ksmbd_tcon() - get tree connection information for a tree id
+ * smb2_get_ksmbd_tcon() - get tree connection information using a tree id.
* @work: smb work
*
- * Return: matching tree connection on success, otherwise error
+ * Return: 0 if there is a tree connection matched or these are
+ * skipable commands, otherwise error
*/
int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
{
From patchwork Mon Nov 14 12:51:48 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183296
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:47 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:47 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:46 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 199/308] ksmbd: use proper errno instead of -1 in
smb2_get_ksmbd_tcon()
Date: Mon, 14 Nov 2022 20:51:48 +0800
Message-ID: <20221114125337.1831594-200-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cfa04750-3ef0-43b1-29e8-08dac63c79da
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.9975978
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit c6ce2b5716b04cc6ec36fa7e3c3b851368e6ee7c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c6ce2b5716b0
-------------------------------
Use proper errno instead of -1 in smb2_get_ksmbd_tcon().
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 711aac6f4e1b..adab4a138648 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -106,14 +106,14 @@ int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
if (xa_empty(&work->sess->tree_conns)) {
ksmbd_debug(SMB, "NO tree connected\n");
- return -1;
+ return -ENOENT;
}
tree_id = le32_to_cpu(req_hdr->Id.SyncId.TreeId);
work->tcon = ksmbd_tree_conn_lookup(work->sess, tree_id);
if (!work->tcon) {
pr_err("Invalid tid %d\n", tree_id);
- return -1;
+ return -EINVAL;
}
return 1;
From patchwork Mon Nov 14 12:51:49 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183297
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:48 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:48 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:47 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 200/308] ksmbd: smbd: fix kernel oops during
server shutdown
Date: Mon, 14 Nov 2022 20:51:49 +0800
Message-ID: <20221114125337.1831594-201-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
baa9ce82-ef9a-4b5b-7005-08dac63c7a4f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6805813
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 323b1ea10263e5f11c9fb12e25f6d8beb327228c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/323b1ea10263
-------------------------------
if server shutdown happens in the situation that
there are connections, workqueue could be destroyed
before queueing disconnect work.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index f2ae6bae83f1..58f530056ac0 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -329,7 +329,8 @@ static void smb_direct_disconnect_rdma_work(struct work_struct *work)
static void
smb_direct_disconnect_rdma_connection(struct smb_direct_transport *t)
{
- queue_work(smb_direct_wq, &t->disconnect_work);
+ if (t->status == SMB_DIRECT_CS_CONNECTED)
+ queue_work(smb_direct_wq, &t->disconnect_work);
}
static void smb_direct_send_immediate_work(struct work_struct *work)
@@ -1415,7 +1416,7 @@ static void smb_direct_disconnect(struct ksmbd_transport *t)
ksmbd_debug(RDMA, "Disconnecting cm_id=%p\n", st->cm_id);
- smb_direct_disconnect_rdma_connection(st);
+ smb_direct_disconnect_rdma_work(&st->disconnect_work);
wait_event_interruptible(st->wait_status,
st->status == SMB_DIRECT_CS_DISCONNECTED);
free_transport(st);
From patchwork Mon Nov 14 12:51:50 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183298
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:48 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:48 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:48 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 201/308] ksmbd: don't set FILE DELETE and
FILE_DELETE_CHILD in access mask by default
Date: Mon, 14 Nov 2022 20:51:50 +0800
Message-ID: <20221114125337.1831594-202-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
009ce3d1-f361-47a3-2870-08dac63c7a98
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6988343
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit a9a27d4ab3de2a6a81bad4b158c74a554d78e89b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a9a27d4ab3de
-------------------------------
When there is no dacl in request, ksmbd send dacl that coverted by using
file permission. This patch don't set FILE DELETE and FILE_DELETE_CHILD
in access mask by default.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smbacl.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index f6019f0dc8fd..49411e791b08 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -716,7 +716,6 @@ static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr)
ace_size = fill_ace_for_sid(pace, sid, ACCESS_ALLOWED, 0,
fattr->cf_mode, 0700);
pace->sid.sub_auth[pace->sid.num_subauth++] = cpu_to_le32(uid);
- pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
pace->size = cpu_to_le16(ace_size + 4);
size += le16_to_cpu(pace->size);
pace = (struct smb_ace *)((char *)pndace + size);
@@ -737,7 +736,6 @@ static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr)
/* creator owner */
size += fill_ace_for_sid(pace, &creator_owner, ACCESS_ALLOWED,
0x0b, fattr->cf_mode, 0700);
- pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE;
pace = (struct smb_ace *)((char *)pndace + size);
/* creator group */
From patchwork Mon Nov 14 12:51:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183299
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:49 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:49 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:48 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 202/308] ksmbd: fix permission check issue on
chown and chmod
Date: Mon, 14 Nov 2022 20:51:51 +0800
Message-ID: <20221114125337.1831594-203-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4ed1c8c5-b4e0-4fe3-93b6-08dac63c7ae0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7039227
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit e70e392fa768d46ca59f2f8c0e7374099c980622
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e70e392fa768
-------------------------------
When commanding chmod and chown on cifs&ksmbd, ksmbd allows it without file
permissions check. There is code to check it in settattr_prepare.
Instead of setting the inode directly, update the mode and uid/gid
through notify_change.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 5 +++++
fs/ksmbd/smbacl.c | 24 ++++++++++++++++++------
2 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index adab4a138648..ecfa8264e926 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5815,10 +5815,15 @@ int smb2_set_info(struct ksmbd_work *work)
break;
case SMB2_O_INFO_SECURITY:
ksmbd_debug(SMB, "GOT SMB2_O_INFO_SECURITY\n");
+ if (ksmbd_override_fsids(work)) {
+ rc = -ENOMEM;
+ goto err_out;
+ }
rc = smb2_set_info_sec(fp,
le32_to_cpu(req->AdditionalInformation),
req->Buffer,
le32_to_cpu(req->BufferLength));
+ ksmbd_revert_fsids(work);
break;
default:
rc = -EOPNOTSUPP;
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index 49411e791b08..321676a74b48 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -1271,6 +1271,7 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
int rc;
struct smb_fattr fattr = {{0}};
struct inode *inode = d_inode(path->dentry);
+ struct iattr newattrs;
fattr.cf_uid = INVALID_UID;
fattr.cf_gid = INVALID_GID;
@@ -1280,12 +1281,23 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
if (rc)
goto out;
- inode->i_mode = (inode->i_mode & ~0777) | (fattr.cf_mode & 0777);
- if (!uid_eq(fattr.cf_uid, INVALID_UID))
- inode->i_uid = fattr.cf_uid;
- if (!gid_eq(fattr.cf_gid, INVALID_GID))
- inode->i_gid = fattr.cf_gid;
- mark_inode_dirty(inode);
+ newattrs.ia_valid = ATTR_CTIME;
+ if (!uid_eq(fattr.cf_uid, INVALID_UID)) {
+ newattrs.ia_valid |= ATTR_UID;
+ newattrs.ia_uid = fattr.cf_uid;
+ }
+ if (!gid_eq(fattr.cf_gid, INVALID_GID)) {
+ newattrs.ia_valid |= ATTR_GID;
+ newattrs.ia_gid = fattr.cf_gid;
+ }
+ newattrs.ia_valid |= ATTR_MODE;
+ newattrs.ia_mode = (inode->i_mode & ~0777) | (fattr.cf_mode & 0777);
+
+ inode_lock(inode);
+ rc = notify_change(path->dentry, &newattrs, NULL);
+ inode_unlock(inode);
+ if (rc)
+ goto out;
ksmbd_vfs_remove_acl_xattrs(path->dentry);
/* Update posix acls */
From patchwork Mon Nov 14 12:51:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183300
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:49 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:49 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:48 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 203/308] ksmbd: fix __write_overflow warning in
ndr_read_string
Date: Mon, 14 Nov 2022 20:51:52 +0800
Message-ID: <20221114125337.1831594-204-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2789b849-fee6-42ad-25a2-08dac63c7b29
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6237250
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 7d5d8d7156892f82cf40b63228ce788248cc57a3
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7d5d8d715689
-------------------------------
Dan reported __write_overflow warning in ndr_read_string.
CC [M] fs/ksmbd/ndr.o
In file included from ./include/linux/string.h:253,
from ./include/linux/bitmap.h:11,
from ./include/linux/cpumask.h:12,
from ./arch/x86/include/asm/cpumask.h:5,
from ./arch/x86/include/asm/msr.h:11,
from ./arch/x86/include/asm/processor.h:22,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:60,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:55,
from ./include/linux/wait.h:9,
from ./include/linux/wait_bit.h:8,
from ./include/linux/fs.h:6,
from fs/ksmbd/ndr.c:7:
In function memcpy,
inlined from ndr_read_string at fs/ksmbd/ndr.c:86:2,
inlined from ndr_decode_dos_attr at fs/ksmbd/ndr.c:167:2:
./include/linux/fortify-string.h:219:4: error: call to __write_overflow
declared with attribute error: detected write beyond size of object
__write_overflow();
^~~~~~~~~~~~~~~~~~
This seems to be a false alarm because hex_attr size is always smaller
than n->length. This patch fix this warning by allocation hex_attr with
n->length.
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ndr.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/ndr.c b/fs/ksmbd/ndr.c
index 50872377608d..039ed7884aeb 100644
--- a/fs/ksmbd/ndr.c
+++ b/fs/ksmbd/ndr.c
@@ -160,11 +160,16 @@ int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da)
{
- char hex_attr[12] = {0};
+ char *hex_attr;
int version2;
+ hex_attr = kzalloc(n->length, GFP_KERNEL);
+ if (!hex_attr)
+ return -ENOMEM;
+
n->offset = 0;
- ndr_read_string(n, hex_attr, n->length - n->offset);
+ ndr_read_string(n, hex_attr, n->length);
+ kfree(hex_attr);
da->version = ndr_read_int16(n);
if (da->version != 3 && da->version != 4) {
From patchwork Mon Nov 14 12:51:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183301
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:50 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:49 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:49 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 204/308] ksmbd: ensure error is surfaced in
set_file_basic_info()
Date: Mon, 14 Nov 2022 20:51:53 +0800
Message-ID: <20221114125337.1831594-205-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
b5d854dc-c74a-4163-7a20-08dac63c7b68
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6984457
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Christian Brauner <christian.brauner(a)ubuntu.com>
mainline inclusion
from mainline-5.15-rc1
commit eb5784f0c6efbe0db720ad7e34e097cea51c1afc
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/eb5784f0c6ef
-------------------------------
It seems the error was accidently ignored until now. Make sure it is
surfaced.
Cc: Steve French <stfrench(a)microsoft.com>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: Namjae Jeon <namjae.jeon(a)samsung.com>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Cc: linux-cifs(a)vger.kernel.org
Signed-off-by: Christian Brauner <christian.brauner(a)ubuntu.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index ecfa8264e926..d51b436af523 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5483,7 +5483,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
rc = notify_change(dentry, &attrs, NULL);
inode_unlock(inode);
}
- return 0;
+ return rc;
}
static int set_file_allocation_info(struct ksmbd_work *work,
From patchwork Mon Nov 14 12:51:54 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183302
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:50 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:50 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:49 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 205/308] ksmbd: remove setattr preparations in
set_file_basic_info()
Date: Mon, 14 Nov 2022 20:51:54 +0800
Message-ID: <20221114125337.1831594-206-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c32e9ab9-f4a5-42bc-3d1c-08dac63c7bb2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6917202
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Christian Brauner <christian.brauner(a)ubuntu.com>
mainline inclusion
from mainline-5.15-rc1
commit db7fb6fe3d7a8eb05f2b74c6252771c9362f3b74
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/db7fb6fe3d7a
-------------------------------
Permission checking and copying over ownership information is the task
of the underlying filesystem not ksmbd. The order is also wrong here.
This modifies the inode before notify_change(). If notify_change() fails
this will have changed ownership nonetheless. All of this is unnecessary
though since the underlying filesystem's ->setattr handler will do all
this (if required) by itself.
Cc: Steve French <stfrench(a)microsoft.com>
Cc: Christoph Hellwig <hch(a)infradead.org>
Cc: Namjae Jeon <namjae.jeon(a)samsung.com>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Cc: linux-cifs(a)vger.kernel.org
Signed-off-by: Christian Brauner <christian.brauner(a)ubuntu.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 25 ++++++++-----------------
1 file changed, 8 insertions(+), 17 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index d51b436af523..445fa0843232 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5395,7 +5395,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
{
struct smb2_file_all_info *file_info;
struct iattr attrs;
- struct iattr temp_attrs;
+ struct timespec64 ctime;
struct file *filp;
struct inode *inode;
int rc;
@@ -5417,11 +5417,11 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
}
if (file_info->ChangeTime) {
- temp_attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);
- attrs.ia_ctime = temp_attrs.ia_ctime;
+ attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);
+ ctime = attrs.ia_ctime;
attrs.ia_valid |= ATTR_CTIME;
} else {
- temp_attrs.ia_ctime = inode->i_ctime;
+ ctime = inode->i_ctime;
}
if (file_info->LastWriteTime) {
@@ -5459,13 +5459,6 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
rc = 0;
}
- /*
- * HACK : set ctime here to avoid ctime changed
- * when file_info->ChangeTime is zero.
- */
- attrs.ia_ctime = temp_attrs.ia_ctime;
- attrs.ia_valid |= ATTR_CTIME;
-
if (attrs.ia_valid) {
struct dentry *dentry = filp->f_path.dentry;
struct inode *inode = d_inode(dentry);
@@ -5473,14 +5466,12 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
return -EACCES;
- rc = setattr_prepare(dentry, &attrs);
- if (rc)
- return -EINVAL;
-
inode_lock(inode);
- setattr_copy(inode, &attrs);
- attrs.ia_valid &= ~ATTR_CTIME;
rc = notify_change(dentry, &attrs, NULL);
+ if (!rc) {
+ inode->i_ctime = ctime;
+ mark_inode_dirty(inode);
+ }
inode_unlock(inode);
}
return rc;
From patchwork Mon Nov 14 12:51:55 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183303
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:51 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:50 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:50 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 206/308] ksmbd: Reduce error log 'speed is
unknown' to debug
Date: Mon, 14 Nov 2022 20:51:55 +0800
Message-ID: <20221114125337.1831594-207-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4695ffb0-a760-4115-8319-08dac63c7bfa
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7057338
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Per Forlin <perfn(a)axis.com>
mainline inclusion
from mainline-5.15-rc1
commit d475866eeed89cc44ed54e0cd296537a68667b1b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d475866eeed8
-------------------------------
This log happens on servers with a network bridge since
the bridge does not have a specified link speed.
This is not a real error so change the error log to debug instead.
Signed-off-by: Per Forlin <perfn(a)axis.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 445fa0843232..33e77ef0dbb5 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -7061,8 +7061,8 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
netdev->ethtool_ops->get_link_ksettings(netdev, &cmd);
speed = cmd.base.speed;
} else {
- pr_err("%s %s\n", netdev->name,
- "speed is unknown, defaulting to 1Gb/sec");
+ ksmbd_debug(SMB, "%s %s\n", netdev->name,
+ "speed is unknown, defaulting to 1Gb/sec");
speed = SPEED_1000;
}
From patchwork Mon Nov 14 12:51:56 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183304
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:51 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:51 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:50 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 207/308] ksmbd: smbd: fix dma mapping error in
smb_direct_post_send_data
Date: Mon, 14 Nov 2022 20:51:56 +0800
Message-ID: <20221114125337.1831594-208-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c432b5ec-11bd-4f52-91de-08dac63c7c44
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6939956
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc1
commit 72d6cbb533d4309734606027fe083c4edb0aa7aa
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/72d6cbb533d4
-------------------------------
Becase smb direct header is mapped and msg->num_sge
already is incremented, the decrement should be
removed from the condition.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 58f530056ac0..52b2556e76b1 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -1168,7 +1168,7 @@ static int smb_direct_post_send_data(struct smb_direct_transport *t,
pr_err("failed to map buffer\n");
ret = -ENOMEM;
goto err;
- } else if (sg_cnt + msg->num_sge > SMB_DIRECT_MAX_SEND_SGES - 1) {
+ } else if (sg_cnt + msg->num_sge > SMB_DIRECT_MAX_SEND_SGES) {
pr_err("buffer not fitted into sges\n");
ret = -E2BIG;
ib_dma_unmap_sg(t->cm_id->device, sg, sg_cnt,
From patchwork Mon Nov 14 12:51:57 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183305
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:52 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:51 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:51 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 208/308] ksmbd: remove unused
ksmbd_file_table_flush function
Date: Mon, 14 Nov 2022 20:51:57 +0800
Message-ID: <20221114125337.1831594-209-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
552636e5-7de6-478b-c7b4-08dac63c7c8e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7044455
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc1
commit 687c59e702f48e0eca91455d3ef3197b7b8a8314
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/687c59e702f4
-------------------------------
ksmbd_file_table_flush is a leftover from SMB1. This function is no longer
needed as SMB1 has been removed from ksmbd.
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/vfs_cache.c | 16 ----------------
fs/ksmbd/vfs_cache.h | 1 -
2 files changed, 17 deletions(-)
diff --git a/fs/ksmbd/vfs_cache.c b/fs/ksmbd/vfs_cache.c
index f5b3f94b7f9b..cc9c8b46827d 100644
--- a/fs/ksmbd/vfs_cache.c
+++ b/fs/ksmbd/vfs_cache.c
@@ -665,22 +665,6 @@ void ksmbd_free_global_file_table(void)
ksmbd_destroy_file_table(&global_ft);
}
-int ksmbd_file_table_flush(struct ksmbd_work *work)
-{
- struct ksmbd_file *fp = NULL;
- unsigned int id;
- int ret;
-
- read_lock(&work->sess->file_table.lock);
- idr_for_each_entry(work->sess->file_table.idr, fp, id) {
- ret = ksmbd_vfs_fsync(work, fp->volatile_id, KSMBD_NO_FID);
- if (ret)
- break;
- }
- read_unlock(&work->sess->file_table.lock);
- return ret;
-}
-
int ksmbd_init_file_table(struct ksmbd_file_table *ft)
{
ft->idr = kzalloc(sizeof(struct idr), GFP_KERNEL);
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index 70dfe6a99f13..448576fbe4b7 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -152,7 +152,6 @@ void ksmbd_close_session_fds(struct ksmbd_work *work);
int ksmbd_close_inode_fds(struct ksmbd_work *work, struct inode *inode);
int ksmbd_init_global_file_table(void);
void ksmbd_free_global_file_table(void);
-int ksmbd_file_table_flush(struct ksmbd_work *work);
void ksmbd_set_fd_limit(unsigned long limit);
/*
From patchwork Mon Nov 14 12:51:58 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183306
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:52 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:52 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:51 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 209/308] ksmbd: fix read of uninitialized variable
ret in set_file_basic_info
Date: Mon, 14 Nov 2022 20:51:58 +0800
Message-ID: <20221114125337.1831594-210-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
085e4b21-7ee6-4a9f-7fca-08dac63c7cd7
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6774280
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc1
commit 4ffd5264e8ecb20e1826b9474c19738fdecd67e6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4ffd5264e8ec
-------------------------------
Addresses-Coverity reported Uninitialized variables warninig :
/fs/ksmbd/smb2pdu.c: 5525 in set_file_basic_info()
5519 if (!rc) {
5520 inode->i_ctime = ctime;
5521 mark_inode_dirty(inode);
5522 }
5523 inode_unlock(inode);
5524 }
>>> CID 1506805: Uninitialized variables (UNINIT)
>>> Using uninitialized value "rc".
5525 return rc;
5526 }
5527
5528 static int set_file_allocation_info(struct ksmbd_work *work,
5529 struct ksmbd_file *fp, char *buf)
5530 {
Addresses-Coverity: ("Uninitialized variable")
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 33e77ef0dbb5..2fa4584df93e 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5398,7 +5398,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
struct timespec64 ctime;
struct file *filp;
struct inode *inode;
- int rc;
+ int rc = 0;
if (!(fp->daccess & FILE_WRITE_ATTRIBUTES_LE))
return -EACCES;
From patchwork Mon Nov 14 12:51:59 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183307
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:52 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:52 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:52 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 210/308] ksmbd: transport_rdma: Don't include
rwlock.h directly
Date: Mon, 14 Nov 2022 20:51:59 +0800
Message-ID: <20221114125337.1831594-211-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
fdb88533-b5a3-4fe7-3749-08dac63c7d20
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6826270
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Mike Galbraith <efault(a)gmx.de>
mainline inclusion
from mainline-5.15-rc3
commit a9b3043de47b7f8cbe38c36aee572526665b6315
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a9b3043de47b
-------------------------------
rwlock.h specifically asks to not be included directly.
In fact, the proper spinlock.h include isn't needed either,
it comes with the huge pile that kthread.h ends up pulling
in, so just drop it entirely.
Signed-off-by: Mike Galbraith <efault(a)gmx.de>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 52b2556e76b1..3a7fa23ba850 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -20,7 +20,6 @@
#define SUBMOD_NAME "smb_direct"
#include <linux/kthread.h>
-#include <linux/rwlock.h>
#include <linux/list.h>
#include <linux/mempool.h>
#include <linux/highmem.h>
From patchwork Mon Nov 14 12:52:00 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183308
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:53 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:53 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:52 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 211/308] ksmbd: prevent out of share access
Date: Mon, 14 Nov 2022 20:52:00 +0800
Message-ID: <20221114125337.1831594-212-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e41faa1f-4c82-46e8-4697-08dac63c7d6a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7341143
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc3
commit f58eae6c5fa882d6d0a6b7587a099602a59d57b5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f58eae6c5fa8
-------------------------------
Because of .., files outside the share directory
could be accessed. To prevent this, normalize
the given path and remove all . and ..
components.
In addition to the usual large set of regression tests (smbtorture
and xfstests), ran various tests on this to specifically check
path name validation including libsmb2 tests to verify path
normalization:
./examples/smb2-ls-async smb://172.30.1.15/homes2/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/..bar/
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar..
./examples/smb2-ls-async smb://172.30.1.15/homes2/foo/bar../../../../
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/misc.c | 76 ++++++++++++++++++++++++++++++++++++++++------
fs/ksmbd/misc.h | 3 +-
fs/ksmbd/smb2pdu.c | 14 ++++++---
3 files changed, 77 insertions(+), 16 deletions(-)
diff --git a/fs/ksmbd/misc.c b/fs/ksmbd/misc.c
index 0b307ca28a19..3eac3c01749f 100644
--- a/fs/ksmbd/misc.c
+++ b/fs/ksmbd/misc.c
@@ -191,19 +191,77 @@ int get_nlink(struct kstat *st)
return nlink;
}
-void ksmbd_conv_path_to_unix(char *path)
+char *ksmbd_conv_path_to_unix(char *path)
{
+ size_t path_len, remain_path_len, out_path_len;
+ char *out_path, *out_next;
+ int i, pre_dotdot_cnt = 0, slash_cnt = 0;
+ bool is_last;
+
strreplace(path, '\\', '/');
-}
+ path_len = strlen(path);
+ remain_path_len = path_len;
+ if (path_len == 0)
+ return ERR_PTR(-EINVAL);
-void ksmbd_strip_last_slash(char *path)
-{
- int len = strlen(path);
+ out_path = kzalloc(path_len + 2, GFP_KERNEL);
+ if (!out_path)
+ return ERR_PTR(-ENOMEM);
+ out_path_len = 0;
+ out_next = out_path;
+
+ do {
+ char *name = path + path_len - remain_path_len;
+ char *next = strchrnul(name, '/');
+ size_t name_len = next - name;
+
+ is_last = !next[0];
+ if (name_len == 2 && name[0] == '.' && name[1] == '.') {
+ pre_dotdot_cnt++;
+ /* handle the case that path ends with "/.." */
+ if (is_last)
+ goto follow_dotdot;
+ } else {
+ if (pre_dotdot_cnt) {
+follow_dotdot:
+ slash_cnt = 0;
+ for (i = out_path_len - 1; i >= 0; i--) {
+ if (out_path[i] == '/' &&
+ ++slash_cnt == pre_dotdot_cnt + 1)
+ break;
+ }
+
+ if (i < 0 &&
+ slash_cnt != pre_dotdot_cnt) {
+ kfree(out_path);
+ return ERR_PTR(-EINVAL);
+ }
+
+ out_next = &out_path[i+1];
+ *out_next = '\0';
+ out_path_len = i + 1;
- while (len && path[len - 1] == '/') {
- path[len - 1] = '\0';
- len--;
- }
+ }
+
+ if (name_len != 0 &&
+ !(name_len == 1 && name[0] == '.') &&
+ !(name_len == 2 && name[0] == '.' && name[1] == '.')) {
+ next[0] = '\0';
+ sprintf(out_next, "%s/", name);
+ out_next += name_len + 1;
+ out_path_len += name_len + 1;
+ next[0] = '/';
+ }
+ pre_dotdot_cnt = 0;
+ }
+
+ remain_path_len -= name_len + 1;
+ } while (!is_last);
+
+ if (out_path_len > 0)
+ out_path[out_path_len-1] = '\0';
+ path[path_len] = '\0';
+ return out_path;
}
void ksmbd_conv_path_to_windows(char *path)
diff --git a/fs/ksmbd/misc.h b/fs/ksmbd/misc.h
index af8717d4d85b..b7b10139ada2 100644
--- a/fs/ksmbd/misc.h
+++ b/fs/ksmbd/misc.h
@@ -16,8 +16,7 @@ int ksmbd_validate_filename(char *filename);
int parse_stream_name(char *filename, char **stream_name, int *s_type);
char *convert_to_nt_pathname(char *filename, char *sharepath);
int get_nlink(struct kstat *st);
-void ksmbd_conv_path_to_unix(char *path);
-void ksmbd_strip_last_slash(char *path);
+char *ksmbd_conv_path_to_unix(char *path);
void ksmbd_conv_path_to_windows(char *path);
char *ksmbd_extract_sharename(char *treename);
char *convert_to_unix_name(struct ksmbd_share_config *share, char *name);
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 2fa4584df93e..acb13fbc7713 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -634,7 +634,7 @@ static char *
smb2_get_name(struct ksmbd_share_config *share, const char *src,
const int maxlen, struct nls_table *local_nls)
{
- char *name, *unixname;
+ char *name, *norm_name, *unixname;
name = smb_strndup_from_utf16(src, maxlen, 1, local_nls);
if (IS_ERR(name)) {
@@ -643,11 +643,15 @@ smb2_get_name(struct ksmbd_share_config *share, const char *src,
}
/* change it to absolute unix name */
- ksmbd_conv_path_to_unix(name);
- ksmbd_strip_last_slash(name);
-
- unixname = convert_to_unix_name(share, name);
+ norm_name = ksmbd_conv_path_to_unix(name);
+ if (IS_ERR(norm_name)) {
+ kfree(name);
+ return norm_name;
+ }
kfree(name);
+
+ unixname = convert_to_unix_name(share, norm_name);
+ kfree(norm_name);
if (!unixname) {
pr_err("can not convert absolute name\n");
return ERR_PTR(-ENOMEM);
From patchwork Mon Nov 14 12:52:01 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183309
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:53 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:53 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:53 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 212/308] ksmbd: add validation for
FILE_FULL_EA_INFORMATION of smb2_get_info
Date: Mon, 14 Nov 2022 20:52:01 +0800
Message-ID: <20221114125337.1831594-213-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
314bb48b-f891-4b62-8c34-08dac63c7db2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7070937
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc3
commit 6d56262c3d224699b29b9bb6b4ace8bab7d692c2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6d56262c3d22
-------------------------------
Add validation to check whether req->InputBufferLength is smaller than
smb2_ea_info_req structure size.
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Steve French <smfrench(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index acb13fbc7713..ddae30487a48 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -4012,6 +4012,10 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
path = &fp->filp->f_path;
/* single EA entry is requested with given user.* name */
if (req->InputBufferLength) {
+ if (le32_to_cpu(req->InputBufferLength) <
+ sizeof(struct smb2_ea_info_req))
+ return -EINVAL;
+
ea_req = (struct smb2_ea_info_req *)req->Buffer;
} else {
/* need to send all EAs, if no specific EA is requested*/
From patchwork Mon Nov 14 12:52:02 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183310
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:54 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:54 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:53 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 213/308] ksmbd: log that server is experimental at
module load
Date: Mon, 14 Nov 2022 20:52:02 +0800
Message-ID: <20221114125337.1831594-214-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c5d556c3-e3b4-4fb4-c1f3-08dac63c7dfc
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7324846
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Steve French <stfrench(a)microsoft.com>
mainline inclusion
from mainline-5.15-rc3
commit e44fd5081c50b0ffdb75ce6c83452e60173d791b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e44fd5081c50
-------------------------------
While we are working through detailed security reviews
of ksmbd server code we should remind users that it is an
experimental module by adding a warning when the module
loads. Currently the module shows as experimental
in Kconfig and is disabled by default, but we don't want
to confuse users.
Although ksmbd passes a wide variety of the
important functional tests (since initial focus had
been largely on functional testing such as smbtorture,
xfstests etc.), and ksmbd has added key security
features (e.g. GCM256 encryption, Kerberos support),
there are ongoing detailed reviews of the code base
for path processing and network buffer decoding, and
this patch reminds users that the module should be
considered "experimental."
Reviewed-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Paulo Alcantara (SUSE) <pc(a)cjr.nz>
Reviewed-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/server.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
index 8db739283d76..9e635aa25c13 100644
--- a/fs/ksmbd/server.c
+++ b/fs/ksmbd/server.c
@@ -584,6 +584,9 @@ static int __init ksmbd_server_init(void)
ret = ksmbd_workqueue_init();
if (ret)
goto err_crypto_destroy;
+
+ pr_warn_once("The ksmbd server is experimental, use at your own risk.\n");
+
return 0;
err_crypto_destroy:
From patchwork Mon Nov 14 12:52:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183311
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:54 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:54 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:54 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 214/308] ksmbd: add default data stream name in
FILE_STREAM_INFORMATION
Date: Mon, 14 Nov 2022 20:52:03 +0800
Message-ID: <20221114125337.1831594-215-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
0abe1f4d-51d4-4fbb-e0df-08dac63c7e44
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6994469
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc3
commit 9f6323311c7064414bfd1edb28e0837baf6b3c7f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9f6323311c70
-------------------------------
Windows client expect to get default stream name(::DATA) in
FILE_STREAM_INFORMATION response even if there is no stream data in file.
This patch fix update failure when writing ppt or doc files.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-By: Tom Talpey <tom(a)talpey.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index ddae30487a48..0fe4d2c5bea1 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -4392,17 +4392,15 @@ static void get_file_stream_info(struct ksmbd_work *work,
file_info->NextEntryOffset = cpu_to_le32(next);
}
- if (nbytes) {
+ if (!S_ISDIR(stat.mode)) {
file_info = (struct smb2_file_stream_info *)
&rsp->Buffer[nbytes];
streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
"::$DATA", 7, conn->local_nls, 0);
streamlen *= 2;
file_info->StreamNameLength = cpu_to_le32(streamlen);
- file_info->StreamSize = S_ISDIR(stat.mode) ? 0 :
- cpu_to_le64(stat.size);
- file_info->StreamAllocationSize = S_ISDIR(stat.mode) ? 0 :
- cpu_to_le64(stat.size);
+ file_info->StreamSize = 0;
+ file_info->StreamAllocationSize = 0;
nbytes += sizeof(struct smb2_file_stream_info) + streamlen;
}
From patchwork Mon Nov 14 12:52:04 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183312
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:55 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:55 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:54 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 215/308] ksmbd: check protocol id in
ksmbd_verify_smb_message()
Date: Mon, 14 Nov 2022 20:52:04 +0800
Message-ID: <20221114125337.1831594-216-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
168759f9-783d-4ac4-0b54-08dac63c7e8e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6804545
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc3
commit 18a015bccf9e8927008d0a255c9f14b8ec15a648
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/18a015bccf9e
-------------------------------
When second smb2 pdu has invalid protocol id, ksmbd doesn't detect it
and allow to process smb2 request. This patch add the check it in
ksmbd_verify_smb_message() and don't use protocol id of smb2 request as
protocol id of response.
Reviewed-by: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Reviewed-by: Ralph B��hme <slow(a)samba.org>
Reported-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
fs/ksmbd/smb_common.c | 13 +++++++++----
fs/ksmbd/smb_common.h | 1 +
3 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 0fe4d2c5bea1..e816f9ce77a7 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -433,7 +433,7 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
work->compound_pfid = KSMBD_NO_FID;
}
memset((char *)rsp_hdr + 4, 0, sizeof(struct smb2_hdr) + 2);
- rsp_hdr->ProtocolId = rcv_hdr->ProtocolId;
+ rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->Command = rcv_hdr->Command;
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index b2370d0f08c6..7ea15d77d50e 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -129,16 +129,22 @@ int ksmbd_lookup_protocol_idx(char *str)
*
* check for valid smb signature and packet direction(request/response)
*
- * Return: 0 on success, otherwise 1
+ * Return: 0 on success, otherwise -EINVAL
*/
int ksmbd_verify_smb_message(struct ksmbd_work *work)
{
- struct smb2_hdr *smb2_hdr = work->request_buf;
+ struct smb2_hdr *smb2_hdr = work->request_buf + work->next_smb2_rcv_hdr_off;
+ struct smb_hdr *hdr;
if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER)
return ksmbd_smb2_check_message(work);
- return 0;
+ hdr = work->request_buf;
+ if (*(__le32 *)hdr->Protocol == SMB1_PROTO_NUMBER &&
+ hdr->Command == SMB_COM_NEGOTIATE)
+ return 0;
+
+ return -EINVAL;
}
/**
@@ -265,7 +271,6 @@ static int ksmbd_negotiate_smb_dialect(void *buf)
return BAD_PROT_ID;
}
-#define SMB_COM_NEGOTIATE 0x72
int ksmbd_init_smb_server(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 57c667c1be06..0a6af447cc45 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -210,6 +210,7 @@
FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES)
#define SMB1_PROTO_NUMBER cpu_to_le32(0x424d53ff)
+#define SMB_COM_NEGOTIATE 0x72
#define SMB1_CLIENT_GUID_SIZE (16)
struct smb_hdr {
From patchwork Mon Nov 14 12:52:05 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183313
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:56 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:56 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:55 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 216/308] ksmbd: remove follow symlinks support
Date: Mon, 14 Nov 2022 20:52:05 +0800
Message-ID: <20221114125337.1831594-217-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
675f048a-1c5d-4d5b-50e1-08dac63c7ed6
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.3941435
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc3
commit 4ea477988c423a57241ea4840b12832de6fabdfd
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4ea477988c42
-------------------------------
Use LOOKUP_NO_SYMLINKS flags for default lookup to prohibit the middle of
symlink component lookup and remove follow symlinks parameter support.
We re-implement it as reparse point later.
Test result:
smbclient -Ulinkinjeon%1234 //172.30.1.42/share -c
"get hacked/passwd passwd"
NT_STATUS_OBJECT_NAME_NOT_FOUND opening remote file \hacked\passwd
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Steve French <smfrench(a)gmail.com>
Acked-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 43 ++++++++++---------------------------------
fs/ksmbd/vfs.c | 32 +++++++++-----------------------
2 files changed, 19 insertions(+), 56 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index e816f9ce77a7..9a919b6590c7 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2616,13 +2616,9 @@ int smb2_open(struct ksmbd_work *work)
goto err_out1;
}
- if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE) {
- /*
- * On delete request, instead of following up, need to
- * look the current entity
- */
- rc = ksmbd_vfs_kern_path(name, 0, &path, 1);
- if (!rc) {
+ rc = ksmbd_vfs_kern_path(name, LOOKUP_NO_SYMLINKS, &path, 1);
+ if (!rc) {
+ if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE) {
/*
* If file exists with under flags, return access
* denied error.
@@ -2641,25 +2637,10 @@ int smb2_open(struct ksmbd_work *work)
path_put(&path);
goto err_out;
}
- }
- } else {
- if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS)) {
- /*
- * Use LOOKUP_FOLLOW to follow the path of
- * symlink in path buildup
- */
- rc = ksmbd_vfs_kern_path(name, LOOKUP_FOLLOW, &path, 1);
- if (rc) { /* Case for broken link ?*/
- rc = ksmbd_vfs_kern_path(name, 0, &path, 1);
- }
- } else {
- rc = ksmbd_vfs_kern_path(name, 0, &path, 1);
- if (!rc && d_is_symlink(path.dentry)) {
- rc = -EACCES;
- path_put(&path);
- goto err_out;
- }
+ } else if (d_is_symlink(path.dentry)) {
+ rc = -EACCES;
+ path_put(&path);
+ goto err_out;
}
}
@@ -4713,12 +4694,8 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
struct path path;
int rc = 0, len;
int fs_infoclass_size = 0;
- int lookup_flags = 0;
-
- if (test_share_config_flag(share, KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
- lookup_flags = LOOKUP_FOLLOW;
- rc = ksmbd_vfs_kern_path(share->path, lookup_flags, &path, 0);
+ rc = ksmbd_vfs_kern_path(share->path, LOOKUP_NO_SYMLINKS, &path, 0);
if (rc) {
pr_err("cannot create vfs path\n");
return -EIO;
@@ -5288,7 +5265,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
}
ksmbd_debug(SMB, "new name %s\n", new_name);
- rc = ksmbd_vfs_kern_path(new_name, 0, &path, 1);
+ rc = ksmbd_vfs_kern_path(new_name, LOOKUP_NO_SYMLINKS, &path, 1);
if (rc)
file_present = false;
else
@@ -5362,7 +5339,7 @@ static int smb2_create_link(struct ksmbd_work *work,
}
ksmbd_debug(SMB, "target name is %s\n", target_name);
- rc = ksmbd_vfs_kern_path(link_name, 0, &path, 0);
+ rc = ksmbd_vfs_kern_path(link_name, LOOKUP_NO_SYMLINKS, &path, 0);
if (rc)
file_present = false;
else
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index f10dfdb596e4..3b656274375f 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -163,7 +163,7 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
struct dentry *dentry;
int err;
- dentry = kern_path_create(AT_FDCWD, name, &path, 0);
+ dentry = kern_path_create(AT_FDCWD, name, &path, LOOKUP_NO_SYMLINKS);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
if (err != -ENOENT)
@@ -198,7 +198,8 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
struct dentry *dentry;
int err;
- dentry = kern_path_create(AT_FDCWD, name, &path, LOOKUP_DIRECTORY);
+ dentry = kern_path_create(AT_FDCWD, name, &path,
+ LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
if (err != -EEXIST)
@@ -575,16 +576,11 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
struct path path;
struct dentry *parent;
int err;
- int flags = 0;
if (ksmbd_override_fsids(work))
return -ENOMEM;
- if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
- flags = LOOKUP_FOLLOW;
-
- err = kern_path(name, flags, &path);
+ err = kern_path(name, LOOKUP_NO_SYMLINKS, &path);
if (err) {
ksmbd_debug(VFS, "can't get %s, err %d\n", name, err);
ksmbd_revert_fsids(work);
@@ -639,16 +635,11 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
struct path oldpath, newpath;
struct dentry *dentry;
int err;
- int flags = 0;
if (ksmbd_override_fsids(work))
return -ENOMEM;
- if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
- flags = LOOKUP_FOLLOW;
-
- err = kern_path(oldname, flags, &oldpath);
+ err = kern_path(oldname, LOOKUP_NO_SYMLINKS, &oldpath);
if (err) {
pr_err("cannot get linux path for %s, err = %d\n",
oldname, err);
@@ -656,7 +647,7 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
}
dentry = kern_path_create(AT_FDCWD, newname, &newpath,
- flags | LOOKUP_REVAL);
+ LOOKUP_NO_SYMLINKS | LOOKUP_REVAL);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
pr_err("path create err for %s, err %d\n", newname, err);
@@ -764,7 +755,6 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
struct dentry *src_dent, *trap_dent, *src_child;
char *dst_name;
int err;
- int flags;
dst_name = extract_last_component(newname);
if (!dst_name)
@@ -773,12 +763,8 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
src_dent_parent = dget_parent(fp->filp->f_path.dentry);
src_dent = fp->filp->f_path.dentry;
- flags = LOOKUP_DIRECTORY;
- if (test_share_config_flag(work->tcon->share_conf,
- KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS))
- flags |= LOOKUP_FOLLOW;
-
- err = kern_path(newname, flags, &dst_path);
+ err = kern_path(newname, LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY,
+ &dst_path);
if (err) {
ksmbd_debug(VFS, "Cannot get path for %s [%d]\n", newname, err);
goto out;
@@ -834,7 +820,7 @@ int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
int err = 0;
if (name) {
- err = kern_path(name, 0, &path);
+ err = kern_path(name, LOOKUP_NO_SYMLINKS, &path);
if (err) {
pr_err("cannot get linux path for %s, err %d\n",
name, err);
From patchwork Mon Nov 14 12:52:06 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183314
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:57 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:56 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:56 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 217/308] ksmbd: use LOOKUP_BENEATH to prevent the
out of share access
Date: Mon, 14 Nov 2022 20:52:06 +0800
Message-ID: <20221114125337.1831594-218-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
154bd8a9-7bee-43cc-b5a4-08dac63c7f8c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6975964
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc3
commit 265fd1991c1db85fbabaad4946ca0e63e2ae688d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/265fd1991c1d
-------------------------------
instead of removing '..' in a given path, call
kern_path with LOOKUP_BENEATH flag to prevent
the out of share access.
ran various test on this:
smb2-cat-async smb://127.0.0.1/homes/../out_of_share
smb2-cat-async smb://127.0.0.1/homes/foo/../../out_of_share
smbclient //127.0.0.1/homes -c "mkdir ../foo2"
smbclient //127.0.0.1/homes -c "rename bar ../bar"
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph Boehme <slow(a)samba.org>
Tested-by: Steve French <smfrench(a)gmail.com>
Tested-by: Namjae Jeon <linkinjeon(a)kernel.org>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/misc.c | 100 ++++++-----------------------
fs/ksmbd/misc.h | 7 +-
fs/ksmbd/smb2pdu.c | 74 ++++++++-------------
fs/ksmbd/vfs.c | 156 ++++++++++++++++++++++++---------------------
fs/ksmbd/vfs.h | 9 ++-
5 files changed, 140 insertions(+), 206 deletions(-)
diff --git a/fs/ksmbd/misc.c b/fs/ksmbd/misc.c
index 3eac3c01749f..6a19f4bc692d 100644
--- a/fs/ksmbd/misc.c
+++ b/fs/ksmbd/misc.c
@@ -158,25 +158,21 @@ int parse_stream_name(char *filename, char **stream_name, int *s_type)
* Return : windows path string or error
*/
-char *convert_to_nt_pathname(char *filename, char *sharepath)
+char *convert_to_nt_pathname(char *filename)
{
char *ab_pathname;
- int len, name_len;
- name_len = strlen(filename);
- ab_pathname = kmalloc(name_len, GFP_KERNEL);
- if (!ab_pathname)
- return NULL;
-
- ab_pathname[0] = '\\';
- ab_pathname[1] = '\0';
+ if (strlen(filename) == 0) {
+ ab_pathname = kmalloc(2, GFP_KERNEL);
+ ab_pathname[0] = '\\';
+ ab_pathname[1] = '\0';
+ } else {
+ ab_pathname = kstrdup(filename, GFP_KERNEL);
+ if (!ab_pathname)
+ return NULL;
- len = strlen(sharepath);
- if (!strncmp(filename, sharepath, len) && name_len != len) {
- strscpy(ab_pathname, &filename[len], name_len);
ksmbd_conv_path_to_windows(ab_pathname);
}
-
return ab_pathname;
}
@@ -191,77 +187,19 @@ int get_nlink(struct kstat *st)
return nlink;
}
-char *ksmbd_conv_path_to_unix(char *path)
+void ksmbd_conv_path_to_unix(char *path)
{
- size_t path_len, remain_path_len, out_path_len;
- char *out_path, *out_next;
- int i, pre_dotdot_cnt = 0, slash_cnt = 0;
- bool is_last;
-
strreplace(path, '\\', '/');
- path_len = strlen(path);
- remain_path_len = path_len;
- if (path_len == 0)
- return ERR_PTR(-EINVAL);
-
- out_path = kzalloc(path_len + 2, GFP_KERNEL);
- if (!out_path)
- return ERR_PTR(-ENOMEM);
- out_path_len = 0;
- out_next = out_path;
-
- do {
- char *name = path + path_len - remain_path_len;
- char *next = strchrnul(name, '/');
- size_t name_len = next - name;
-
- is_last = !next[0];
- if (name_len == 2 && name[0] == '.' && name[1] == '.') {
- pre_dotdot_cnt++;
- /* handle the case that path ends with "/.." */
- if (is_last)
- goto follow_dotdot;
- } else {
- if (pre_dotdot_cnt) {
-follow_dotdot:
- slash_cnt = 0;
- for (i = out_path_len - 1; i >= 0; i--) {
- if (out_path[i] == '/' &&
- ++slash_cnt == pre_dotdot_cnt + 1)
- break;
- }
-
- if (i < 0 &&
- slash_cnt != pre_dotdot_cnt) {
- kfree(out_path);
- return ERR_PTR(-EINVAL);
- }
-
- out_next = &out_path[i+1];
- *out_next = '\0';
- out_path_len = i + 1;
-
- }
-
- if (name_len != 0 &&
- !(name_len == 1 && name[0] == '.') &&
- !(name_len == 2 && name[0] == '.' && name[1] == '.')) {
- next[0] = '\0';
- sprintf(out_next, "%s/", name);
- out_next += name_len + 1;
- out_path_len += name_len + 1;
- next[0] = '/';
- }
- pre_dotdot_cnt = 0;
- }
+}
- remain_path_len -= name_len + 1;
- } while (!is_last);
+void ksmbd_strip_last_slash(char *path)
+{
+ int len = strlen(path);
- if (out_path_len > 0)
- out_path[out_path_len-1] = '\0';
- path[path_len] = '\0';
- return out_path;
+ while (len && path[len - 1] == '/') {
+ path[len - 1] = '\0';
+ len--;
+ }
}
void ksmbd_conv_path_to_windows(char *path)
@@ -298,7 +236,7 @@ char *ksmbd_extract_sharename(char *treename)
*
* Return: converted name on success, otherwise NULL
*/
-char *convert_to_unix_name(struct ksmbd_share_config *share, char *name)
+char *convert_to_unix_name(struct ksmbd_share_config *share, const char *name)
{
int no_slash = 0, name_len, path_len;
char *new_name;
diff --git a/fs/ksmbd/misc.h b/fs/ksmbd/misc.h
index b7b10139ada2..253366bd0951 100644
--- a/fs/ksmbd/misc.h
+++ b/fs/ksmbd/misc.h
@@ -14,12 +14,13 @@ struct ksmbd_file;
int match_pattern(const char *str, size_t len, const char *pattern);
int ksmbd_validate_filename(char *filename);
int parse_stream_name(char *filename, char **stream_name, int *s_type);
-char *convert_to_nt_pathname(char *filename, char *sharepath);
+char *convert_to_nt_pathname(char *filename);
int get_nlink(struct kstat *st);
-char *ksmbd_conv_path_to_unix(char *path);
+void ksmbd_conv_path_to_unix(char *path);
+void ksmbd_strip_last_slash(char *path);
void ksmbd_conv_path_to_windows(char *path);
char *ksmbd_extract_sharename(char *treename);
-char *convert_to_unix_name(struct ksmbd_share_config *share, char *name);
+char *convert_to_unix_name(struct ksmbd_share_config *share, const char *name);
#define KSMBD_DIR_INFO_ALIGNMENT 8
struct ksmbd_dir_info;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 9a919b6590c7..bb78a28af101 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -634,7 +634,7 @@ static char *
smb2_get_name(struct ksmbd_share_config *share, const char *src,
const int maxlen, struct nls_table *local_nls)
{
- char *name, *norm_name, *unixname;
+ char *name;
name = smb_strndup_from_utf16(src, maxlen, 1, local_nls);
if (IS_ERR(name)) {
@@ -642,23 +642,9 @@ smb2_get_name(struct ksmbd_share_config *share, const char *src,
return name;
}
- /* change it to absolute unix name */
- norm_name = ksmbd_conv_path_to_unix(name);
- if (IS_ERR(norm_name)) {
- kfree(name);
- return norm_name;
- }
- kfree(name);
-
- unixname = convert_to_unix_name(share, norm_name);
- kfree(norm_name);
- if (!unixname) {
- pr_err("can not convert absolute name\n");
- return ERR_PTR(-ENOMEM);
- }
-
- ksmbd_debug(SMB, "absolute name = %s\n", unixname);
- return unixname;
+ ksmbd_conv_path_to_unix(name);
+ ksmbd_strip_last_slash(name);
+ return name;
}
int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
@@ -2342,7 +2328,7 @@ static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name,
return rc;
}
- rc = ksmbd_vfs_kern_path(name, 0, path, 0);
+ rc = ksmbd_vfs_kern_path(work, name, 0, path, 0);
if (rc) {
pr_err("cannot get linux path (%s), err = %d\n",
name, rc);
@@ -2411,7 +2397,7 @@ int smb2_open(struct ksmbd_work *work)
struct oplock_info *opinfo;
__le32 *next_ptr = NULL;
int req_op_level = 0, open_flags = 0, may_flags = 0, file_info = 0;
- int rc = 0, len = 0;
+ int rc = 0;
int contxt_cnt = 0, query_disk_id = 0;
int maximal_access_ctxt = 0, posix_ctxt = 0;
int s_type = 0;
@@ -2483,17 +2469,11 @@ int smb2_open(struct ksmbd_work *work)
goto err_out1;
}
} else {
- len = strlen(share->path);
- ksmbd_debug(SMB, "share path len %d\n", len);
- name = kmalloc(len + 1, GFP_KERNEL);
+ name = kstrdup("", GFP_KERNEL);
if (!name) {
- rsp->hdr.Status = STATUS_NO_MEMORY;
rc = -ENOMEM;
goto err_out1;
}
-
- memcpy(name, share->path, len);
- *(name + len) = '\0';
}
req_op_level = req->RequestedOplockLevel;
@@ -2616,7 +2596,7 @@ int smb2_open(struct ksmbd_work *work)
goto err_out1;
}
- rc = ksmbd_vfs_kern_path(name, LOOKUP_NO_SYMLINKS, &path, 1);
+ rc = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, 1);
if (!rc) {
if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE) {
/*
@@ -2645,11 +2625,8 @@ int smb2_open(struct ksmbd_work *work)
}
if (rc) {
- if (rc == -EACCES) {
- ksmbd_debug(SMB,
- "User does not have right permission\n");
+ if (rc != -ENOENT)
goto err_out;
- }
ksmbd_debug(SMB, "can not get linux path for %s, rc = %d\n",
name, rc);
rc = 0;
@@ -3133,7 +3110,7 @@ int smb2_open(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
else if (rc == -EOPNOTSUPP)
rsp->hdr.Status = STATUS_NOT_SUPPORTED;
- else if (rc == -EACCES || rc == -ESTALE)
+ else if (rc == -EACCES || rc == -ESTALE || rc == -EXDEV)
rsp->hdr.Status = STATUS_ACCESS_DENIED;
else if (rc == -ENOENT)
rsp->hdr.Status = STATUS_OBJECT_NAME_INVALID;
@@ -4242,8 +4219,7 @@ static int get_file_all_info(struct ksmbd_work *work,
return -EACCES;
}
- filename = convert_to_nt_pathname(fp->filename,
- work->tcon->share_conf->path);
+ filename = convert_to_nt_pathname(fp->filename);
if (!filename)
return -ENOMEM;
@@ -4695,7 +4671,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
int rc = 0, len;
int fs_infoclass_size = 0;
- rc = ksmbd_vfs_kern_path(share->path, LOOKUP_NO_SYMLINKS, &path, 0);
+ rc = kern_path(share->path, LOOKUP_NO_SYMLINKS, &path);
if (rc) {
pr_err("cannot create vfs path\n");
return -EIO;
@@ -5238,7 +5214,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
goto out;
len = strlen(new_name);
- if (new_name[len - 1] != '/') {
+ if (len > 0 && new_name[len - 1] != '/') {
pr_err("not allow base filename in rename\n");
rc = -ESHARE;
goto out;
@@ -5265,11 +5241,14 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
}
ksmbd_debug(SMB, "new name %s\n", new_name);
- rc = ksmbd_vfs_kern_path(new_name, LOOKUP_NO_SYMLINKS, &path, 1);
- if (rc)
+ rc = ksmbd_vfs_kern_path(work, new_name, LOOKUP_NO_SYMLINKS, &path, 1);
+ if (rc) {
+ if (rc != -ENOENT)
+ goto out;
file_present = false;
- else
+ } else {
path_put(&path);
+ }
if (ksmbd_share_veto_filename(share, new_name)) {
rc = -ENOENT;
@@ -5339,11 +5318,14 @@ static int smb2_create_link(struct ksmbd_work *work,
}
ksmbd_debug(SMB, "target name is %s\n", target_name);
- rc = ksmbd_vfs_kern_path(link_name, LOOKUP_NO_SYMLINKS, &path, 0);
- if (rc)
+ rc = ksmbd_vfs_kern_path(work, link_name, LOOKUP_NO_SYMLINKS, &path, 0);
+ if (rc) {
+ if (rc != -ENOENT)
+ goto out;
file_present = false;
- else
+ } else {
path_put(&path);
+ }
if (file_info->ReplaceIfExists) {
if (file_present) {
@@ -5500,7 +5482,7 @@ static int set_file_allocation_info(struct ksmbd_work *work,
* inode size is retained by backup inode size.
*/
size = i_size_read(inode);
- rc = ksmbd_vfs_truncate(work, NULL, fp, alloc_blks * 512);
+ rc = ksmbd_vfs_truncate(work, fp, alloc_blks * 512);
if (rc) {
pr_err("truncate failed! filename : %s, err %d\n",
fp->filename, rc);
@@ -5537,7 +5519,7 @@ static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
if (inode->i_sb->s_magic != MSDOS_SUPER_MAGIC) {
ksmbd_debug(SMB, "filename : %s truncated to newsize %lld\n",
fp->filename, newsize);
- rc = ksmbd_vfs_truncate(work, NULL, fp, newsize);
+ rc = ksmbd_vfs_truncate(work, fp, newsize);
if (rc) {
ksmbd_debug(SMB, "truncate failed! filename : %s err %d\n",
fp->filename, rc);
@@ -5812,7 +5794,7 @@ int smb2_set_info(struct ksmbd_work *work)
return 0;
err_out:
- if (rc == -EACCES || rc == -EPERM)
+ if (rc == -EACCES || rc == -EPERM || rc == -EXDEV)
rsp->hdr.Status = STATUS_ACCESS_DENIED;
else if (rc == -EINVAL)
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 3b656274375f..2887995b2c47 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -19,6 +19,8 @@
#include <linux/sched/xacct.h>
#include <linux/crc32c.h>
+#include "../internal.h" /* for vfs_path_lookup */
+
#include "glob.h"
#include "oplock.h"
#include "connection.h"
@@ -44,7 +46,6 @@ static char *extract_last_component(char *path)
p++;
} else {
p = NULL;
- pr_err("Invalid path %s\n", path);
}
return p;
}
@@ -152,7 +153,7 @@ int ksmbd_vfs_query_maximal_access(struct dentry *dentry, __le32 *daccess)
/**
* ksmbd_vfs_create() - vfs helper for smb create file
* @work: work
- * @name: file name
+ * @name: file name that is relative to share
* @mode: file create mode
*
* Return: 0 on success, otherwise error
@@ -163,7 +164,8 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
struct dentry *dentry;
int err;
- dentry = kern_path_create(AT_FDCWD, name, &path, LOOKUP_NO_SYMLINKS);
+ dentry = ksmbd_vfs_kern_path_create(work, name,
+ LOOKUP_NO_SYMLINKS, &path);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
if (err != -ENOENT)
@@ -187,7 +189,7 @@ int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode)
/**
* ksmbd_vfs_mkdir() - vfs helper for smb create directory
* @work: work
- * @name: directory name
+ * @name: directory name that is relative to share
* @mode: directory create mode
*
* Return: 0 on success, otherwise error
@@ -198,8 +200,9 @@ int ksmbd_vfs_mkdir(struct ksmbd_work *work, const char *name, umode_t mode)
struct dentry *dentry;
int err;
- dentry = kern_path_create(AT_FDCWD, name, &path,
- LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY);
+ dentry = ksmbd_vfs_kern_path_create(work, name,
+ LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY,
+ &path);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
if (err != -EEXIST)
@@ -567,7 +570,7 @@ int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id)
/**
* ksmbd_vfs_remove_file() - vfs helper for smb rmdir or unlink
- * @name: absolute directory or file name
+ * @name: directory or file name that is relative to share
*
* Return: 0 on success, otherwise error
*/
@@ -580,7 +583,7 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
if (ksmbd_override_fsids(work))
return -ENOMEM;
- err = kern_path(name, LOOKUP_NO_SYMLINKS, &path);
+ err = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, false);
if (err) {
ksmbd_debug(VFS, "can't get %s, err %d\n", name, err);
ksmbd_revert_fsids(work);
@@ -625,7 +628,7 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name)
/**
* ksmbd_vfs_link() - vfs helper for creating smb hardlink
* @oldname: source file name
- * @newname: hardlink name
+ * @newname: hardlink name that is relative to share
*
* Return: 0 on success, otherwise error
*/
@@ -646,8 +649,9 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
goto out1;
}
- dentry = kern_path_create(AT_FDCWD, newname, &newpath,
- LOOKUP_NO_SYMLINKS | LOOKUP_REVAL);
+ dentry = ksmbd_vfs_kern_path_create(work, newname,
+ LOOKUP_NO_SYMLINKS | LOOKUP_REVAL,
+ &newpath);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
pr_err("path create err for %s, err %d\n", newname, err);
@@ -757,14 +761,17 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
int err;
dst_name = extract_last_component(newname);
- if (!dst_name)
- return -EINVAL;
+ if (!dst_name) {
+ dst_name = newname;
+ newname = "";
+ }
src_dent_parent = dget_parent(fp->filp->f_path.dentry);
src_dent = fp->filp->f_path.dentry;
- err = kern_path(newname, LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY,
- &dst_path);
+ err = ksmbd_vfs_kern_path(work, newname,
+ LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY,
+ &dst_path, false);
if (err) {
ksmbd_debug(VFS, "Cannot get path for %s [%d]\n", newname, err);
goto out;
@@ -807,61 +814,43 @@ int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
/**
* ksmbd_vfs_truncate() - vfs helper for smb file truncate
* @work: work
- * @name: old filename
* @fid: file id of old file
* @size: truncate to given size
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
+int ksmbd_vfs_truncate(struct ksmbd_work *work,
struct ksmbd_file *fp, loff_t size)
{
- struct path path;
int err = 0;
+ struct file *filp;
- if (name) {
- err = kern_path(name, LOOKUP_NO_SYMLINKS, &path);
- if (err) {
- pr_err("cannot get linux path for %s, err %d\n",
- name, err);
- return err;
- }
- err = vfs_truncate(&path, size);
- if (err)
- pr_err("truncate failed for %s err %d\n",
- name, err);
- path_put(&path);
- } else {
- struct file *filp;
-
- filp = fp->filp;
-
- /* Do we need to break any of a levelII oplock? */
- smb_break_all_levII_oplock(work, fp, 1);
+ filp = fp->filp;
- if (!work->tcon->posix_extensions) {
- struct inode *inode = file_inode(filp);
+ /* Do we need to break any of a levelII oplock? */
+ smb_break_all_levII_oplock(work, fp, 1);
- if (size < inode->i_size) {
- err = check_lock_range(filp, size,
- inode->i_size - 1, WRITE);
- } else {
- err = check_lock_range(filp, inode->i_size,
- size - 1, WRITE);
- }
+ if (!work->tcon->posix_extensions) {
+ struct inode *inode = file_inode(filp);
- if (err) {
- pr_err("failed due to lock\n");
- return -EAGAIN;
- }
+ if (size < inode->i_size) {
+ err = check_lock_range(filp, size,
+ inode->i_size - 1, WRITE);
+ } else {
+ err = check_lock_range(filp, inode->i_size,
+ size - 1, WRITE);
}
- err = vfs_truncate(&filp->f_path, size);
- if (err)
- pr_err("truncate failed for filename : %s err %d\n",
- fp->filename, err);
+ if (err) {
+ pr_err("failed due to lock\n");
+ return -EAGAIN;
+ }
}
+ err = vfs_truncate(&filp->f_path, size);
+ if (err)
+ pr_err("truncate failed for filename : %s err %d\n",
+ fp->filename, err);
return err;
}
@@ -1171,22 +1160,25 @@ static int ksmbd_vfs_lookup_in_dir(struct path *dir, char *name, size_t namelen)
/**
* ksmbd_vfs_kern_path() - lookup a file and get path info
- * @name: name of file for lookup
+ * @name: file path that is relative to share
* @flags: lookup flags
* @path: if lookup succeed, return path info
* @caseless: caseless filename lookup
*
* Return: 0 on success, otherwise error
*/
-int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
- bool caseless)
+int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name,
+ unsigned int flags, struct path *path, bool caseless)
{
+ struct ksmbd_share_config *share_conf = work->tcon->share_conf;
int err;
- if (name[0] != '/')
- return -EINVAL;
-
- err = kern_path(name, flags, path);
+ flags |= LOOKUP_BENEATH;
+ err = vfs_path_lookup(share_conf->vfs_path.dentry,
+ share_conf->vfs_path.mnt,
+ name,
+ flags,
+ path);
if (!err)
return 0;
@@ -1200,11 +1192,10 @@ int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
return -ENOMEM;
path_len = strlen(filepath);
- remain_len = path_len - 1;
+ remain_len = path_len;
- err = kern_path("/", flags, &parent);
- if (err)
- goto out;
+ parent = share_conf->vfs_path;
+ path_get(&parent);
while (d_can_lookup(parent.dentry)) {
char *filename = filepath + path_len - remain_len;
@@ -1217,21 +1208,21 @@ int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
err = ksmbd_vfs_lookup_in_dir(&parent, filename,
filename_len);
- if (err) {
- path_put(&parent);
+ path_put(&parent);
+ if (err)
goto out;
- }
- path_put(&parent);
next[0] = '\0';
- err = kern_path(filepath, flags, &parent);
+ err = vfs_path_lookup(share_conf->vfs_path.dentry,
+ share_conf->vfs_path.mnt,
+ filepath,
+ flags,
+ &parent);
if (err)
goto out;
-
- if (is_last) {
- path->mnt = parent.mnt;
- path->dentry = parent.dentry;
+ else if (is_last) {
+ *path = parent;
goto out;
}
@@ -1247,6 +1238,23 @@ int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
return err;
}
+struct dentry *ksmbd_vfs_kern_path_create(struct ksmbd_work *work,
+ const char *name,
+ unsigned int flags,
+ struct path *path)
+{
+ char *abs_name;
+ struct dentry *dent;
+
+ abs_name = convert_to_unix_name(work->tcon->share_conf, name);
+ if (!abs_name)
+ return ERR_PTR(-ENOMEM);
+
+ dent = kern_path_create(AT_FDCWD, abs_name, path, flags);
+ kfree(abs_name);
+ return dent;
+}
+
int ksmbd_vfs_remove_acl_xattrs(struct dentry *dentry)
{
char *name, *xattr_list = NULL;
diff --git a/fs/ksmbd/vfs.h b/fs/ksmbd/vfs.h
index 319316f49aee..ef4a89cf0221 100644
--- a/fs/ksmbd/vfs.h
+++ b/fs/ksmbd/vfs.h
@@ -124,7 +124,7 @@ int ksmbd_vfs_link(struct ksmbd_work *work,
int ksmbd_vfs_getattr(struct path *path, struct kstat *stat);
int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
char *newname);
-int ksmbd_vfs_truncate(struct ksmbd_work *work, const char *name,
+int ksmbd_vfs_truncate(struct ksmbd_work *work,
struct ksmbd_file *fp, loff_t size);
struct srv_copychunk;
int ksmbd_vfs_copy_file_ranges(struct ksmbd_work *work,
@@ -145,8 +145,13 @@ int ksmbd_vfs_setxattr(struct dentry *dentry, const char *attr_name,
int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
size_t *xattr_stream_name_size, int s_type);
int ksmbd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
-int ksmbd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
+int ksmbd_vfs_kern_path(struct ksmbd_work *work,
+ char *name, unsigned int flags, struct path *path,
bool caseless);
+struct dentry *ksmbd_vfs_kern_path_create(struct ksmbd_work *work,
+ const char *name,
+ unsigned int flags,
+ struct path *path);
int ksmbd_vfs_empty_dir(struct ksmbd_file *fp);
void ksmbd_vfs_set_fadvise(struct file *filp, __le32 option);
int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
From patchwork Mon Nov 14 12:52:07 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183315
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:57 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:57 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:56 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 218/308] ksmbd: remove RFC1002 check in smb2
request
Date: Mon, 14 Nov 2022 20:52:07 +0800
Message-ID: <20221114125337.1831594-219-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
1b4fecaf-80ee-4e2a-796c-08dac63c7fd6
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6927731
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Ronnie Sahlberg <lsahlber(a)redhat.com>
mainline inclusion
from mainline-5.15-rc4
commit 18d46769d54aba03c2c3fa666fe810f264b5d7b8
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/18d46769d54a
-------------------------------
In smb_common.c you have this function : ksmbd_smb_request() which
is called from connection.c once you have read the initial 4 bytes for
the next length+smb2 blob.
It checks the first byte of this 4 byte preamble for valid values,
i.e. a NETBIOSoverTCP SESSION_MESSAGE or a SESSION_KEEP_ALIVE.
We don't need to check this for ksmbd since it only implements SMB2
over TCP port 445.
The netbios stuff was only used in very old servers when SMB ran over
TCP port 139.
Now that we run over TCP port 445, this is actually not a NB header anymore
and you can just treat it as a 4 byte length field that must be less
than 16Mbyte. and remove the references to the RFC1002 constants that no
longer applies.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Steve French <smfrench(a)gmail.com>
Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb_common.c | 15 +--------------
fs/ksmbd/smb_common.h | 8 --------
2 files changed, 1 insertion(+), 22 deletions(-)
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index 7ea15d77d50e..98c22a3abf92 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -155,20 +155,7 @@ int ksmbd_verify_smb_message(struct ksmbd_work *work)
*/
bool ksmbd_smb_request(struct ksmbd_conn *conn)
{
- int type = *(char *)conn->request_buf;
-
- switch (type) {
- case RFC1002_SESSION_MESSAGE:
- /* Regular SMB request */
- return true;
- case RFC1002_SESSION_KEEP_ALIVE:
- ksmbd_debug(SMB, "RFC 1002 session keep alive\n");
- break;
- default:
- ksmbd_debug(SMB, "RFC 1002 unknown request type 0x%x\n", type);
- }
-
- return false;
+ return conn->request_buf[0] == 0;
}
static bool supported_protocol(int idx)
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 0a6af447cc45..994abede27e9 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -48,14 +48,6 @@
#define CIFS_DEFAULT_IOSIZE (64 * 1024)
#define MAX_CIFS_SMALL_BUFFER_SIZE 448 /* big enough for most */
-/* RFC 1002 session packet types */
-#define RFC1002_SESSION_MESSAGE 0x00
-#define RFC1002_SESSION_REQUEST 0x81
-#define RFC1002_POSITIVE_SESSION_RESPONSE 0x82
-#define RFC1002_NEGATIVE_SESSION_RESPONSE 0x83
-#define RFC1002_RETARGET_SESSION_RESPONSE 0x84
-#define RFC1002_SESSION_KEEP_ALIVE 0x85
-
/* Responses when opening a file. */
#define F_SUPERSEDED 0
#define F_OPENED 1
From patchwork Mon Nov 14 12:52:08 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183316
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:58 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:57 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:57 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 219/308] ksmbd: fix invalid request buffer access
in compound
Date: Mon, 14 Nov 2022 20:52:08 +0800
Message-ID: <20221114125337.1831594-220-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
47707e44-a9e0-4afb-e403-08dac63c801e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7159297
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc4
commit d72a9c158893d537d769a669a5837bc80b0f851c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d72a9c158893
-------------------------------
Ronnie reported invalid request buffer access in chained command when
inserting garbage value to NextCommand of compound request.
This patch add validation check to avoid this issue.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Tested-by: Steve French <smfrench(a)gmail.com>
Reviewed-by: Steve French <smfrench(a)gmail.com>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index bb78a28af101..f124482fcccd 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -459,13 +459,22 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
bool is_chained_smb2_message(struct ksmbd_work *work)
{
struct smb2_hdr *hdr = work->request_buf;
- unsigned int len;
+ unsigned int len, next_cmd;
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
return false;
hdr = ksmbd_req_buf_next(work);
- if (le32_to_cpu(hdr->NextCommand) > 0) {
+ next_cmd = le32_to_cpu(hdr->NextCommand);
+ if (next_cmd > 0) {
+ if ((u64)work->next_smb2_rcv_hdr_off + next_cmd +
+ __SMB2_HEADER_STRUCTURE_SIZE >
+ get_rfc1002_len(work->request_buf)) {
+ pr_err("next command(%u) offset exceeds smb msg size\n",
+ next_cmd);
+ return false;
+ }
+
ksmbd_debug(SMB, "got SMB2 chained command\n");
init_chained_smb2_rsp(work);
return true;
From patchwork Mon Nov 14 12:52:09 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183317
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:58 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:58 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:57 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 220/308] ksmbd: fix documentation for 2 functions
Date: Mon, 14 Nov 2022 20:52:09 +0800
Message-ID: <20221114125337.1831594-221-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a1cea009-d32e-4cf7-c234-08dac63c8067
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6798768
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Enzo Matsumiya <ematsumiya(a)suse.de>
mainline inclusion
from mainline-5.15-rc4
commit 1018bf24550fd0feec14648309a0aeb62401f4dc
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1018bf24550f
-------------------------------
ksmbd_kthread_fn() and create_socket() returns 0 or error code, and not
task_struct/ERR_PTR.
Signed-off-by: Enzo Matsumiya <ematsumiya(a)suse.de>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_tcp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/transport_tcp.c b/fs/ksmbd/transport_tcp.c
index dc15a5ecd2e0..c14320e03b69 100644
--- a/fs/ksmbd/transport_tcp.c
+++ b/fs/ksmbd/transport_tcp.c
@@ -215,7 +215,7 @@ static int ksmbd_tcp_new_connection(struct socket *client_sk)
* ksmbd_kthread_fn() - listen to new SMB connections and callback server
* @p: arguments to forker thread
*
- * Return: Returns a task_struct or ERR_PTR
+ * Return: 0 on success, error number otherwise
*/
static int ksmbd_kthread_fn(void *p)
{
@@ -387,7 +387,7 @@ static void tcp_destroy_socket(struct socket *ksmbd_socket)
/**
* create_socket - create socket for ksmbd/0
*
- * Return: Returns a task_struct or ERR_PTR
+ * Return: 0 on success, error number otherwise
*/
static int create_socket(struct interface *iface)
{
From patchwork Mon Nov 14 12:52:10 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183318
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:58 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:58 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:58 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 221/308] ksmbd: remove NTLMv1 authentication
Date: Mon, 14 Nov 2022 20:52:10 +0800
Message-ID: <20221114125337.1831594-222-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
1453a236-03ef-4473-54c1-08dac63c80b0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6991293
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc4
commit ce812992f239f45e13c820a52455fec6eacbce1e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ce812992f239
-------------------------------
Remove insecure NTLMv1 authentication.
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Reviewed-by: Tom Talpey <tom(a)talpey.com>
Acked-by: Steve French <smfrench(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 205 ------------------------------------------
fs/ksmbd/crypto_ctx.c | 16 ----
fs/ksmbd/crypto_ctx.h | 8 --
3 files changed, 229 deletions(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index de36f12070bf..71c989f1568d 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -68,125 +68,6 @@ void ksmbd_copy_gss_neg_header(void *buf)
memcpy(buf, NEGOTIATE_GSS_HEADER, AUTH_GSS_LENGTH);
}
-static void
-str_to_key(unsigned char *str, unsigned char *key)
-{
- int i;
-
- key[0] = str[0] >> 1;
- key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
- key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
- key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
- key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
- key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
- key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
- key[7] = str[6] & 0x7F;
- for (i = 0; i < 8; i++)
- key[i] = (key[i] << 1);
-}
-
-static int
-smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
-{
- unsigned char key2[8];
- struct des_ctx ctx;
-
- if (fips_enabled) {
- ksmbd_debug(AUTH, "FIPS compliance enabled: DES not permitted\n");
- return -ENOENT;
- }
-
- str_to_key(key, key2);
- des_expand_key(&ctx, key2, DES_KEY_SIZE);
- des_encrypt(&ctx, out, in);
- memzero_explicit(&ctx, sizeof(ctx));
- return 0;
-}
-
-static int ksmbd_enc_p24(unsigned char *p21, const unsigned char *c8, unsigned char *p24)
-{
- int rc;
-
- rc = smbhash(p24, c8, p21);
- if (rc)
- return rc;
- rc = smbhash(p24 + 8, c8, p21 + 7);
- if (rc)
- return rc;
- return smbhash(p24 + 16, c8, p21 + 14);
-}
-
-/* produce a md4 message digest from data of length n bytes */
-static int ksmbd_enc_md4(unsigned char *md4_hash, unsigned char *link_str,
- int link_len)
-{
- int rc;
- struct ksmbd_crypto_ctx *ctx;
-
- ctx = ksmbd_crypto_ctx_find_md4();
- if (!ctx) {
- ksmbd_debug(AUTH, "Crypto md4 allocation error\n");
- return -ENOMEM;
- }
-
- rc = crypto_shash_init(CRYPTO_MD4(ctx));
- if (rc) {
- ksmbd_debug(AUTH, "Could not init md4 shash\n");
- goto out;
- }
-
- rc = crypto_shash_update(CRYPTO_MD4(ctx), link_str, link_len);
- if (rc) {
- ksmbd_debug(AUTH, "Could not update with link_str\n");
- goto out;
- }
-
- rc = crypto_shash_final(CRYPTO_MD4(ctx), md4_hash);
- if (rc)
- ksmbd_debug(AUTH, "Could not generate md4 hash\n");
-out:
- ksmbd_release_crypto_ctx(ctx);
- return rc;
-}
-
-static int ksmbd_enc_update_sess_key(unsigned char *md5_hash, char *nonce,
- char *server_challenge, int len)
-{
- int rc;
- struct ksmbd_crypto_ctx *ctx;
-
- ctx = ksmbd_crypto_ctx_find_md5();
- if (!ctx) {
- ksmbd_debug(AUTH, "Crypto md5 allocation error\n");
- return -ENOMEM;
- }
-
- rc = crypto_shash_init(CRYPTO_MD5(ctx));
- if (rc) {
- ksmbd_debug(AUTH, "Could not init md5 shash\n");
- goto out;
- }
-
- rc = crypto_shash_update(CRYPTO_MD5(ctx), server_challenge, len);
- if (rc) {
- ksmbd_debug(AUTH, "Could not update with challenge\n");
- goto out;
- }
-
- rc = crypto_shash_update(CRYPTO_MD5(ctx), nonce, len);
- if (rc) {
- ksmbd_debug(AUTH, "Could not update with nonce\n");
- goto out;
- }
-
- rc = crypto_shash_final(CRYPTO_MD5(ctx), md5_hash);
- if (rc)
- ksmbd_debug(AUTH, "Could not generate md5 hash\n");
-out:
- ksmbd_release_crypto_ctx(ctx);
- return rc;
-}
-
/**
* ksmbd_gen_sess_key() - function to generate session key
* @sess: session of connection
@@ -324,43 +205,6 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
return ret;
}
-/**
- * ksmbd_auth_ntlm() - NTLM authentication handler
- * @sess: session of connection
- * @pw_buf: NTLM challenge response
- * @passkey: user password
- *
- * Return: 0 on success, error number on error
- */
-int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf)
-{
- int rc;
- unsigned char p21[21];
- char key[CIFS_AUTH_RESP_SIZE];
-
- memset(p21, '\0', 21);
- memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE);
- rc = ksmbd_enc_p24(p21, sess->ntlmssp.cryptkey, key);
- if (rc) {
- pr_err("password processing failed\n");
- return rc;
- }
-
- ksmbd_enc_md4(sess->sess_key, user_passkey(sess->user),
- CIFS_SMB1_SESSKEY_SIZE);
- memcpy(sess->sess_key + CIFS_SMB1_SESSKEY_SIZE, key,
- CIFS_AUTH_RESP_SIZE);
- sess->sequence_number = 1;
-
- if (strncmp(pw_buf, key, CIFS_AUTH_RESP_SIZE) != 0) {
- ksmbd_debug(AUTH, "ntlmv1 authentication failed\n");
- return -EINVAL;
- }
-
- ksmbd_debug(AUTH, "ntlmv1 authentication pass\n");
- return 0;
-}
-
/**
* ksmbd_auth_ntlmv2() - NTLMv2 authentication handler
* @sess: session of connection
@@ -441,44 +285,6 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
return rc;
}
-/**
- * __ksmbd_auth_ntlmv2() - NTLM2(extended security) authentication handler
- * @sess: session of connection
- * @client_nonce: client nonce from LM response.
- * @ntlm_resp: ntlm response data from client.
- *
- * Return: 0 on success, error number on error
- */
-static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce,
- char *ntlm_resp)
-{
- char sess_key[CIFS_SMB1_SESSKEY_SIZE] = {0};
- int rc;
- unsigned char p21[21];
- char key[CIFS_AUTH_RESP_SIZE];
-
- rc = ksmbd_enc_update_sess_key(sess_key,
- client_nonce,
- (char *)sess->ntlmssp.cryptkey, 8);
- if (rc) {
- pr_err("password processing failed\n");
- goto out;
- }
-
- memset(p21, '\0', 21);
- memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE);
- rc = ksmbd_enc_p24(p21, sess_key, key);
- if (rc) {
- pr_err("password processing failed\n");
- goto out;
- }
-
- if (memcmp(ntlm_resp, key, CIFS_AUTH_RESP_SIZE) != 0)
- rc = -EINVAL;
-out:
- return rc;
-}
-
/**
* ksmbd_decode_ntlmssp_auth_blob() - helper function to construct
* authenticate blob
@@ -512,17 +318,6 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
nt_off = le32_to_cpu(authblob->NtChallengeResponse.BufferOffset);
nt_len = le16_to_cpu(authblob->NtChallengeResponse.Length);
- /* process NTLM authentication */
- if (nt_len == CIFS_AUTH_RESP_SIZE) {
- if (le32_to_cpu(authblob->NegotiateFlags) &
- NTLMSSP_NEGOTIATE_EXTENDED_SEC)
- return __ksmbd_auth_ntlmv2(sess, (char *)authblob +
- lm_off, (char *)authblob + nt_off);
- else
- return ksmbd_auth_ntlm(sess, (char *)authblob +
- nt_off);
- }
-
/* TODO : use domain name that imported from configuration file */
domain_name = smb_strndup_from_utf16((const char *)authblob +
le32_to_cpu(authblob->DomainName.BufferOffset),
diff --git a/fs/ksmbd/crypto_ctx.c b/fs/ksmbd/crypto_ctx.c
index 5f4b1008d17e..81488d04199d 100644
--- a/fs/ksmbd/crypto_ctx.c
+++ b/fs/ksmbd/crypto_ctx.c
@@ -81,12 +81,6 @@ static struct shash_desc *alloc_shash_desc(int id)
case CRYPTO_SHASH_SHA512:
tfm = crypto_alloc_shash("sha512", 0, 0);
break;
- case CRYPTO_SHASH_MD4:
- tfm = crypto_alloc_shash("md4", 0, 0);
- break;
- case CRYPTO_SHASH_MD5:
- tfm = crypto_alloc_shash("md5", 0, 0);
- break;
default:
return NULL;
}
@@ -214,16 +208,6 @@ struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha512(void)
return ____crypto_shash_ctx_find(CRYPTO_SHASH_SHA512);
}
-struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md4(void)
-{
- return ____crypto_shash_ctx_find(CRYPTO_SHASH_MD4);
-}
-
-struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md5(void)
-{
- return ____crypto_shash_ctx_find(CRYPTO_SHASH_MD5);
-}
-
static struct ksmbd_crypto_ctx *____crypto_aead_ctx_find(int id)
{
struct ksmbd_crypto_ctx *ctx;
diff --git a/fs/ksmbd/crypto_ctx.h b/fs/ksmbd/crypto_ctx.h
index ef11154b43df..4a367c62f653 100644
--- a/fs/ksmbd/crypto_ctx.h
+++ b/fs/ksmbd/crypto_ctx.h
@@ -15,8 +15,6 @@ enum {
CRYPTO_SHASH_CMACAES,
CRYPTO_SHASH_SHA256,
CRYPTO_SHASH_SHA512,
- CRYPTO_SHASH_MD4,
- CRYPTO_SHASH_MD5,
CRYPTO_SHASH_MAX,
};
@@ -43,8 +41,6 @@ struct ksmbd_crypto_ctx {
#define CRYPTO_CMACAES(c) ((c)->desc[CRYPTO_SHASH_CMACAES])
#define CRYPTO_SHA256(c) ((c)->desc[CRYPTO_SHASH_SHA256])
#define CRYPTO_SHA512(c) ((c)->desc[CRYPTO_SHASH_SHA512])
-#define CRYPTO_MD4(c) ((c)->desc[CRYPTO_SHASH_MD4])
-#define CRYPTO_MD5(c) ((c)->desc[CRYPTO_SHASH_MD5])
#define CRYPTO_HMACMD5_TFM(c) ((c)->desc[CRYPTO_SHASH_HMACMD5]->tfm)
#define CRYPTO_HMACSHA256_TFM(c)\
@@ -52,8 +48,6 @@ struct ksmbd_crypto_ctx {
#define CRYPTO_CMACAES_TFM(c) ((c)->desc[CRYPTO_SHASH_CMACAES]->tfm)
#define CRYPTO_SHA256_TFM(c) ((c)->desc[CRYPTO_SHASH_SHA256]->tfm)
#define CRYPTO_SHA512_TFM(c) ((c)->desc[CRYPTO_SHASH_SHA512]->tfm)
-#define CRYPTO_MD4_TFM(c) ((c)->desc[CRYPTO_SHASH_MD4]->tfm)
-#define CRYPTO_MD5_TFM(c) ((c)->desc[CRYPTO_SHASH_MD5]->tfm)
#define CRYPTO_GCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES_GCM])
#define CRYPTO_CCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES_CCM])
@@ -64,8 +58,6 @@ struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_hmacsha256(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_cmacaes(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha512(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha256(void);
-struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md4(void);
-struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md5(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_gcm(void);
struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_ccm(void);
void ksmbd_crypto_destroy(void);
From patchwork Mon Nov 14 12:52:11 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183319
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:59 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:59 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:58 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 222/308] ksmbd: use correct basic info level in
set_file_basic_info()
Date: Mon, 14 Nov 2022 20:52:11 +0800
Message-ID: <20221114125337.1831594-223-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
34bf3152-0885-49ac-3d7f-08dac63c80fa
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7094602
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc4
commit 88d300522cbb2827b679359e98cbadfb46e8226c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/88d300522cbb
-------------------------------
Use correct basic info level in set/get_file_basic_info().
Reviewed-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 13 ++++++-------
fs/ksmbd/smb2pdu.h | 9 +++++++++
2 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index f124482fcccd..f96aff7f54f4 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -4127,7 +4127,7 @@ static void get_file_access_info(struct smb2_query_info_rsp *rsp,
static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
struct ksmbd_file *fp, void *rsp_org)
{
- struct smb2_file_all_info *basic_info;
+ struct smb2_file_basic_info *basic_info;
struct kstat stat;
u64 time;
@@ -4137,7 +4137,7 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
return -EACCES;
}
- basic_info = (struct smb2_file_all_info *)rsp->Buffer;
+ basic_info = (struct smb2_file_basic_info *)rsp->Buffer;
generic_fillattr(file_inode(fp->filp), &stat);
basic_info->CreationTime = cpu_to_le64(fp->create_time);
time = ksmbd_UnixTimeToNT(stat.atime);
@@ -4149,9 +4149,8 @@ static int get_file_basic_info(struct smb2_query_info_rsp *rsp,
basic_info->Attributes = fp->f_ci->m_fattr;
basic_info->Pad1 = 0;
rsp->OutputBufferLength =
- cpu_to_le32(offsetof(struct smb2_file_all_info, AllocationSize));
- inc_rfc1001_len(rsp_org, offsetof(struct smb2_file_all_info,
- AllocationSize));
+ cpu_to_le32(sizeof(struct smb2_file_basic_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_basic_info));
return 0;
}
@@ -5367,7 +5366,7 @@ static int smb2_create_link(struct ksmbd_work *work,
static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
struct ksmbd_share_config *share)
{
- struct smb2_file_all_info *file_info;
+ struct smb2_file_basic_info *file_info;
struct iattr attrs;
struct timespec64 ctime;
struct file *filp;
@@ -5377,7 +5376,7 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
if (!(fp->daccess & FILE_WRITE_ATTRIBUTES_LE))
return -EACCES;
- file_info = (struct smb2_file_all_info *)buf;
+ file_info = (struct smb2_file_basic_info *)buf;
attrs.ia_valid = 0;
filp = fp->filp;
inode = file_inode(filp);
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index bcec845b03f3..261825d06391 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -1464,6 +1464,15 @@ struct smb2_file_all_info { /* data block encoding of response to level 18 */
char FileName[1];
} __packed; /* level 18 Query */
+struct smb2_file_basic_info { /* data block encoding of response to level 18 */
+ __le64 CreationTime; /* Beginning of FILE_BASIC_INFO equivalent */
+ __le64 LastAccessTime;
+ __le64 LastWriteTime;
+ __le64 ChangeTime;
+ __le32 Attributes;
+ __u32 Pad1; /* End of FILE_BASIC_INFO_INFO equivalent */
+} __packed;
+
struct smb2_file_alt_name_info {
__le32 FileNameLength;
char FileName[0];
From patchwork Mon Nov 14 12:52:12 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183320
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:33:59 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:33:59 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:59 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 223/308] ksmbd: add request buffer validation in
smb2_set_info
Date: Mon, 14 Nov 2022 20:52:12 +0800
Message-ID: <20221114125337.1831594-224-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
25125c33-316e-4fb3-1bcf-08dac63c8143
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6815507
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc4
commit 9496e268e3af78a92778bf635488a8ec2dca8996
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9496e268e3af
-------------------------------
Add buffer validation in smb2_set_info, and remove unused variable
in set_file_basic_info. and smb2_set_info infolevel functions take
structure pointer argument.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Reviewed-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 149 ++++++++++++++++++++++++++++++++-------------
1 file changed, 107 insertions(+), 42 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index f96aff7f54f4..7ce7fa898a42 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2102,15 +2102,21 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work)
* smb2_set_ea() - handler for setting extended attributes using set
* info command
* @eabuf: set info command buffer
+ * @buf_len: set info command buffer length
* @path: dentry path for get ea
*
* Return: 0 on success, otherwise error
*/
-static int smb2_set_ea(struct smb2_ea_info *eabuf, struct path *path)
+static int smb2_set_ea(struct smb2_ea_info *eabuf, unsigned int buf_len,
+ struct path *path)
{
char *attr_name = NULL, *value;
int rc = 0;
- int next = 0;
+ unsigned int next = 0;
+
+ if (buf_len < sizeof(struct smb2_ea_info) + eabuf->EaNameLength +
+ le16_to_cpu(eabuf->EaValueLength))
+ return -EINVAL;
attr_name = kmalloc(XATTR_NAME_MAX + 1, GFP_KERNEL);
if (!attr_name)
@@ -2172,7 +2178,13 @@ static int smb2_set_ea(struct smb2_ea_info *eabuf, struct path *path)
next:
next = le32_to_cpu(eabuf->NextEntryOffset);
+ if (next == 0 || buf_len < next)
+ break;
+ buf_len -= next;
eabuf = (struct smb2_ea_info *)((char *)eabuf + next);
+ if (next < (u32)eabuf->EaNameLength + le16_to_cpu(eabuf->EaValueLength))
+ break;
+
} while (next != 0);
kfree(attr_name);
@@ -2738,7 +2750,15 @@ int smb2_open(struct ksmbd_work *work)
created = true;
if (ea_buf) {
- rc = smb2_set_ea(&ea_buf->ea, &path);
+ if (le32_to_cpu(ea_buf->ccontext.DataLength) <
+ sizeof(struct smb2_ea_info)) {
+ rc = -EINVAL;
+ goto err_out;
+ }
+
+ rc = smb2_set_ea(&ea_buf->ea,
+ le32_to_cpu(ea_buf->ccontext.DataLength),
+ &path);
if (rc == -EOPNOTSUPP)
rc = 0;
else if (rc)
@@ -5296,7 +5316,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
static int smb2_create_link(struct ksmbd_work *work,
struct ksmbd_share_config *share,
struct smb2_file_link_info *file_info,
- struct file *filp,
+ unsigned int buf_len, struct file *filp,
struct nls_table *local_nls)
{
char *link_name = NULL, *target_name = NULL, *pathname = NULL;
@@ -5304,6 +5324,10 @@ static int smb2_create_link(struct ksmbd_work *work,
bool file_present = true;
int rc;
+ if (buf_len < (u64)sizeof(struct smb2_file_link_info) +
+ le32_to_cpu(file_info->FileNameLength))
+ return -EINVAL;
+
ksmbd_debug(SMB, "setting FILE_LINK_INFORMATION\n");
pathname = kmalloc(PATH_MAX, GFP_KERNEL);
if (!pathname)
@@ -5363,10 +5387,10 @@ static int smb2_create_link(struct ksmbd_work *work,
return rc;
}
-static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
+static int set_file_basic_info(struct ksmbd_file *fp,
+ struct smb2_file_basic_info *file_info,
struct ksmbd_share_config *share)
{
- struct smb2_file_basic_info *file_info;
struct iattr attrs;
struct timespec64 ctime;
struct file *filp;
@@ -5376,7 +5400,6 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
if (!(fp->daccess & FILE_WRITE_ATTRIBUTES_LE))
return -EACCES;
- file_info = (struct smb2_file_basic_info *)buf;
attrs.ia_valid = 0;
filp = fp->filp;
inode = file_inode(filp);
@@ -5451,7 +5474,8 @@ static int set_file_basic_info(struct ksmbd_file *fp, char *buf,
}
static int set_file_allocation_info(struct ksmbd_work *work,
- struct ksmbd_file *fp, char *buf)
+ struct ksmbd_file *fp,
+ struct smb2_file_alloc_info *file_alloc_info)
{
/*
* TODO : It's working fine only when store dos attributes
@@ -5459,7 +5483,6 @@ static int set_file_allocation_info(struct ksmbd_work *work,
* properly with any smb.conf option
*/
- struct smb2_file_alloc_info *file_alloc_info;
loff_t alloc_blks;
struct inode *inode;
int rc;
@@ -5467,7 +5490,6 @@ static int set_file_allocation_info(struct ksmbd_work *work,
if (!(fp->daccess & FILE_WRITE_DATA_LE))
return -EACCES;
- file_alloc_info = (struct smb2_file_alloc_info *)buf;
alloc_blks = (le64_to_cpu(file_alloc_info->AllocationSize) + 511) >> 9;
inode = file_inode(fp->filp);
@@ -5503,9 +5525,8 @@ static int set_file_allocation_info(struct ksmbd_work *work,
}
static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf)
+ struct smb2_file_eof_info *file_eof_info)
{
- struct smb2_file_eof_info *file_eof_info;
loff_t newsize;
struct inode *inode;
int rc;
@@ -5513,7 +5534,6 @@ static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
if (!(fp->daccess & FILE_WRITE_DATA_LE))
return -EACCES;
- file_eof_info = (struct smb2_file_eof_info *)buf;
newsize = le64_to_cpu(file_eof_info->EndOfFile);
inode = file_inode(fp->filp);
@@ -5540,7 +5560,8 @@ static int set_end_of_file_info(struct ksmbd_work *work, struct ksmbd_file *fp,
}
static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
- char *buf)
+ struct smb2_file_rename_info *rename_info,
+ unsigned int buf_len)
{
struct ksmbd_file *parent_fp;
struct dentry *parent;
@@ -5552,6 +5573,10 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
return -EACCES;
}
+ if (buf_len < (u64)sizeof(struct smb2_file_rename_info) +
+ le32_to_cpu(rename_info->FileNameLength))
+ return -EINVAL;
+
if (ksmbd_stream_fd(fp))
goto next;
@@ -5573,14 +5598,13 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
}
}
next:
- return smb2_rename(work, fp,
- (struct smb2_file_rename_info *)buf,
+ return smb2_rename(work, fp, rename_info,
work->sess->conn->local_nls);
}
-static int set_file_disposition_info(struct ksmbd_file *fp, char *buf)
+static int set_file_disposition_info(struct ksmbd_file *fp,
+ struct smb2_file_disposition_info *file_info)
{
- struct smb2_file_disposition_info *file_info;
struct inode *inode;
if (!(fp->daccess & FILE_DELETE_LE)) {
@@ -5589,7 +5613,6 @@ static int set_file_disposition_info(struct ksmbd_file *fp, char *buf)
}
inode = file_inode(fp->filp);
- file_info = (struct smb2_file_disposition_info *)buf;
if (file_info->DeletePending) {
if (S_ISDIR(inode->i_mode) &&
ksmbd_vfs_empty_dir(fp) == -ENOTEMPTY)
@@ -5601,15 +5624,14 @@ static int set_file_disposition_info(struct ksmbd_file *fp, char *buf)
return 0;
}
-static int set_file_position_info(struct ksmbd_file *fp, char *buf)
+static int set_file_position_info(struct ksmbd_file *fp,
+ struct smb2_file_pos_info *file_info)
{
- struct smb2_file_pos_info *file_info;
loff_t current_byte_offset;
unsigned long sector_size;
struct inode *inode;
inode = file_inode(fp->filp);
- file_info = (struct smb2_file_pos_info *)buf;
current_byte_offset = le64_to_cpu(file_info->CurrentByteOffset);
sector_size = inode->i_sb->s_blocksize;
@@ -5625,12 +5647,11 @@ static int set_file_position_info(struct ksmbd_file *fp, char *buf)
return 0;
}
-static int set_file_mode_info(struct ksmbd_file *fp, char *buf)
+static int set_file_mode_info(struct ksmbd_file *fp,
+ struct smb2_file_mode_info *file_info)
{
- struct smb2_file_mode_info *file_info;
__le32 mode;
- file_info = (struct smb2_file_mode_info *)buf;
mode = file_info->Mode;
if ((mode & ~FILE_MODE_INFO_MASK) ||
@@ -5660,40 +5681,74 @@ static int set_file_mode_info(struct ksmbd_file *fp, char *buf)
* TODO: need to implement an error handling for STATUS_INFO_LENGTH_MISMATCH
*/
static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
- int info_class, char *buf,
+ struct smb2_set_info_req *req,
struct ksmbd_share_config *share)
{
- switch (info_class) {
+ unsigned int buf_len = le32_to_cpu(req->BufferLength);
+
+ switch (req->FileInfoClass) {
case FILE_BASIC_INFORMATION:
- return set_file_basic_info(fp, buf, share);
+ {
+ if (buf_len < sizeof(struct smb2_file_basic_info))
+ return -EINVAL;
+ return set_file_basic_info(fp, (struct smb2_file_basic_info *)req->Buffer, share);
+ }
case FILE_ALLOCATION_INFORMATION:
- return set_file_allocation_info(work, fp, buf);
+ {
+ if (buf_len < sizeof(struct smb2_file_alloc_info))
+ return -EINVAL;
+ return set_file_allocation_info(work, fp,
+ (struct smb2_file_alloc_info *)req->Buffer);
+ }
case FILE_END_OF_FILE_INFORMATION:
- return set_end_of_file_info(work, fp, buf);
+ {
+ if (buf_len < sizeof(struct smb2_file_eof_info))
+ return -EINVAL;
+ return set_end_of_file_info(work, fp,
+ (struct smb2_file_eof_info *)req->Buffer);
+ }
case FILE_RENAME_INFORMATION:
+ {
if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
"User does not have write permission\n");
return -EACCES;
}
- return set_rename_info(work, fp, buf);
+ if (buf_len < sizeof(struct smb2_file_rename_info))
+ return -EINVAL;
+
+ return set_rename_info(work, fp,
+ (struct smb2_file_rename_info *)req->Buffer,
+ buf_len);
+ }
case FILE_LINK_INFORMATION:
+ {
+ if (buf_len < sizeof(struct smb2_file_link_info))
+ return -EINVAL;
+
return smb2_create_link(work, work->tcon->share_conf,
- (struct smb2_file_link_info *)buf, fp->filp,
+ (struct smb2_file_link_info *)req->Buffer,
+ buf_len, fp->filp,
work->sess->conn->local_nls);
-
+ }
case FILE_DISPOSITION_INFORMATION:
+ {
if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB,
"User does not have write permission\n");
return -EACCES;
}
- return set_file_disposition_info(fp, buf);
+ if (buf_len < sizeof(struct smb2_file_disposition_info))
+ return -EINVAL;
+
+ return set_file_disposition_info(fp,
+ (struct smb2_file_disposition_info *)req->Buffer);
+ }
case FILE_FULL_EA_INFORMATION:
{
if (!(fp->daccess & FILE_WRITE_EA_LE)) {
@@ -5702,18 +5757,29 @@ static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
return -EACCES;
}
- return smb2_set_ea((struct smb2_ea_info *)buf,
- &fp->filp->f_path);
- }
+ if (buf_len < sizeof(struct smb2_ea_info))
+ return -EINVAL;
+ return smb2_set_ea((struct smb2_ea_info *)req->Buffer,
+ buf_len, &fp->filp->f_path);
+ }
case FILE_POSITION_INFORMATION:
- return set_file_position_info(fp, buf);
+ {
+ if (buf_len < sizeof(struct smb2_file_pos_info))
+ return -EINVAL;
+ return set_file_position_info(fp, (struct smb2_file_pos_info *)req->Buffer);
+ }
case FILE_MODE_INFORMATION:
- return set_file_mode_info(fp, buf);
+ {
+ if (buf_len < sizeof(struct smb2_file_mode_info))
+ return -EINVAL;
+
+ return set_file_mode_info(fp, (struct smb2_file_mode_info *)req->Buffer);
+ }
}
- pr_err("Unimplemented Fileinfoclass :%d\n", info_class);
+ pr_err("Unimplemented Fileinfoclass :%d\n", req->FileInfoClass);
return -EOPNOTSUPP;
}
@@ -5774,8 +5840,7 @@ int smb2_set_info(struct ksmbd_work *work)
switch (req->InfoType) {
case SMB2_O_INFO_FILE:
ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILE\n");
- rc = smb2_set_info_file(work, fp, req->FileInfoClass,
- req->Buffer, work->tcon->share_conf);
+ rc = smb2_set_info_file(work, fp, req, work->tcon->share_conf);
break;
case SMB2_O_INFO_SECURITY:
ksmbd_debug(SMB, "GOT SMB2_O_INFO_SECURITY\n");
From patchwork Mon Nov 14 12:52:13 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183321
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:00 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:00 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:33:59 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 224/308] ksmbd: add validation in smb2 negotiate
Date: Mon, 14 Nov 2022 20:52:13 +0800
Message-ID: <20221114125337.1831594-225-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
464f98c4-e4cc-46f1-6bbf-08dac63c818c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6886603
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc4
commit 442ff9ebeb0129e90483356f3d79c732e632a7a6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/442ff9ebeb01
-------------------------------
This patch add validation to check request buffer check in smb2
negotiate and fix null pointer deferencing oops in smb3_preauth_hash_rsp()
that found from manual test.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Reviewed-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 42 +++++++++++++++++++++++++++++++++++++++++-
fs/ksmbd/smb_common.c | 32 +++++++++++++++++++++++++++-----
2 files changed, 68 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 7ce7fa898a42..00dcd10a9d69 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1067,6 +1067,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
struct smb2_negotiate_req *req = work->request_buf;
struct smb2_negotiate_rsp *rsp = work->response_buf;
int rc = 0;
+ unsigned int smb2_buf_len, smb2_neg_size;
__le32 status;
ksmbd_debug(SMB, "Received negotiate request\n");
@@ -1084,6 +1085,44 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
goto err_out;
}
+ smb2_buf_len = get_rfc1002_len(work->request_buf);
+ smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects) - 4;
+ if (smb2_neg_size > smb2_buf_len) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ rc = -EINVAL;
+ goto err_out;
+ }
+
+ if (conn->dialect == SMB311_PROT_ID) {
+ unsigned int nego_ctxt_off = le32_to_cpu(req->NegotiateContextOffset);
+
+ if (smb2_buf_len < nego_ctxt_off) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ rc = -EINVAL;
+ goto err_out;
+ }
+
+ if (smb2_neg_size > nego_ctxt_off) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ rc = -EINVAL;
+ goto err_out;
+ }
+
+ if (smb2_neg_size + le16_to_cpu(req->DialectCount) * sizeof(__le16) >
+ nego_ctxt_off) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ rc = -EINVAL;
+ goto err_out;
+ }
+ } else {
+ if (smb2_neg_size + le16_to_cpu(req->DialectCount) * sizeof(__le16) >
+ smb2_buf_len) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ rc = -EINVAL;
+ goto err_out;
+ }
+ }
+
conn->cli_cap = le32_to_cpu(req->Capabilities);
switch (conn->dialect) {
case SMB311_PROT_ID:
@@ -8190,7 +8229,8 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
WORK_BUFFERS(work, req, rsp);
- if (le16_to_cpu(req->Command) == SMB2_NEGOTIATE_HE)
+ if (le16_to_cpu(req->Command) == SMB2_NEGOTIATE_HE &&
+ conn->preauth_info)
ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
conn->preauth_info->Preauth_HashValue);
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index 98c22a3abf92..02f17d5b8656 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -169,10 +169,12 @@ static bool supported_protocol(int idx)
idx <= server_conf.max_protocol);
}
-static char *next_dialect(char *dialect, int *next_off)
+static char *next_dialect(char *dialect, int *next_off, int bcount)
{
dialect = dialect + *next_off;
- *next_off = strlen(dialect);
+ *next_off = strnlen(dialect, bcount);
+ if (dialect[*next_off] != '\0')
+ return NULL;
return dialect;
}
@@ -187,7 +189,9 @@ static int ksmbd_lookup_dialect_by_name(char *cli_dialects, __le16 byte_count)
dialect = cli_dialects;
bcount = le16_to_cpu(byte_count);
do {
- dialect = next_dialect(dialect, &next);
+ dialect = next_dialect(dialect, &next, bcount);
+ if (!dialect)
+ break;
ksmbd_debug(SMB, "client requested dialect %s\n",
dialect);
if (!strcmp(dialect, smb1_protos[i].name)) {
@@ -235,13 +239,22 @@ int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count)
static int ksmbd_negotiate_smb_dialect(void *buf)
{
- __le32 proto;
+ int smb_buf_length = get_rfc1002_len(buf);
+ __le32 proto = ((struct smb2_hdr *)buf)->ProtocolId;
- proto = ((struct smb2_hdr *)buf)->ProtocolId;
if (proto == SMB2_PROTO_NUMBER) {
struct smb2_negotiate_req *req;
+ int smb2_neg_size =
+ offsetof(struct smb2_negotiate_req, Dialects) - 4;
req = (struct smb2_negotiate_req *)buf;
+ if (smb2_neg_size > smb_buf_length)
+ goto err_out;
+
+ if (smb2_neg_size + le16_to_cpu(req->DialectCount) * sizeof(__le16) >
+ smb_buf_length)
+ goto err_out;
+
return ksmbd_lookup_dialect_by_id(req->Dialects,
req->DialectCount);
}
@@ -251,10 +264,19 @@ static int ksmbd_negotiate_smb_dialect(void *buf)
struct smb_negotiate_req *req;
req = (struct smb_negotiate_req *)buf;
+ if (le16_to_cpu(req->ByteCount) < 2)
+ goto err_out;
+
+ if (offsetof(struct smb_negotiate_req, DialectsArray) - 4 +
+ le16_to_cpu(req->ByteCount) > smb_buf_length) {
+ goto err_out;
+ }
+
return ksmbd_lookup_dialect_by_name(req->DialectsArray,
req->ByteCount);
}
+err_out:
return BAD_PROT_ID;
}
From patchwork Mon Nov 14 12:52:14 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183322
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:00 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:00 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:00 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 225/308] ksmbd: add buffer validation for
SMB2_CREATE_CONTEXT
Date: Mon, 14 Nov 2022 20:52:14 +0800
Message-ID: <20221114125337.1831594-226-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d588bcc5-5c42-430e-4a1d-08dac63c81d5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6647644
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc4
commit 8f77150c15f87796570125a43509f9a81a3d9e49
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8f77150c15f8
-------------------------------
Add buffer validation for SMB2_CREATE_CONTEXT.
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Reviewed-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/oplock.c | 41 +++++++++++++++++++++++++++++++----------
fs/ksmbd/smb2pdu.c | 25 ++++++++++++++++++++++++-
fs/ksmbd/smbacl.c | 21 +++++++++++++++++++--
3 files changed, 74 insertions(+), 13 deletions(-)
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 8bb62aae6e32..95e8c53a5cf3 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -1451,26 +1451,47 @@ struct lease_ctx_info *parse_lease_state(void *open_req)
*/
struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
{
- char *data_offset;
struct create_context *cc;
unsigned int next = 0;
char *name;
struct smb2_create_req *req = (struct smb2_create_req *)open_req;
+ unsigned int remain_len, name_off, name_len, value_off, value_len,
+ cc_len;
- data_offset = (char *)req + 4 + le32_to_cpu(req->CreateContextsOffset);
- cc = (struct create_context *)data_offset;
+ /*
+ * CreateContextsOffset and CreateContextsLength are guaranteed to
+ * be valid because of ksmbd_smb2_check_message().
+ */
+ cc = (struct create_context *)((char *)req + 4 +
+ le32_to_cpu(req->CreateContextsOffset));
+ remain_len = le32_to_cpu(req->CreateContextsLength);
do {
- int val;
-
cc = (struct create_context *)((char *)cc + next);
- name = le16_to_cpu(cc->NameOffset) + (char *)cc;
- val = le16_to_cpu(cc->NameLength);
- if (val < 4)
+ if (remain_len < offsetof(struct create_context, Buffer))
return ERR_PTR(-EINVAL);
- if (memcmp(name, tag, val) == 0)
- return cc;
next = le32_to_cpu(cc->Next);
+ name_off = le16_to_cpu(cc->NameOffset);
+ name_len = le16_to_cpu(cc->NameLength);
+ value_off = le16_to_cpu(cc->DataOffset);
+ value_len = le32_to_cpu(cc->DataLength);
+ cc_len = next ? next : remain_len;
+
+ if ((next & 0x7) != 0 ||
+ next > remain_len ||
+ name_off != offsetof(struct create_context, Buffer) ||
+ name_len < 4 ||
+ name_off + name_len > cc_len ||
+ (value_off & 0x7) != 0 ||
+ (value_off && (value_off < name_off + name_len)) ||
+ ((u64)value_off + value_len > cc_len))
+ return ERR_PTR(-EINVAL);
+
+ name = (char *)cc + name_off;
+ if (memcmp(name, tag, name_len) == 0)
+ return cc;
+
+ remain_len -= next;
} while (next != 0);
return NULL;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 00dcd10a9d69..67a14c2a1262 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2417,6 +2417,10 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work,
ksmbd_debug(SMB,
"Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
sd_buf = (struct create_sd_buf_req *)context;
+ if (le16_to_cpu(context->DataOffset) +
+ le32_to_cpu(context->DataLength) <
+ sizeof(struct create_sd_buf_req))
+ return -EINVAL;
return set_info_sec(work->conn, work->tcon, path, &sd_buf->ntsd,
le32_to_cpu(sd_buf->ccontext.DataLength), true);
}
@@ -2605,6 +2609,12 @@ int smb2_open(struct ksmbd_work *work)
goto err_out1;
} else if (context) {
ea_buf = (struct create_ea_buf_req *)context;
+ if (le16_to_cpu(context->DataOffset) +
+ le32_to_cpu(context->DataLength) <
+ sizeof(struct create_ea_buf_req)) {
+ rc = -EINVAL;
+ goto err_out1;
+ }
if (req->CreateOptions & FILE_NO_EA_KNOWLEDGE_LE) {
rsp->hdr.Status = STATUS_ACCESS_DENIED;
rc = -EACCES;
@@ -2643,6 +2653,12 @@ int smb2_open(struct ksmbd_work *work)
} else if (context) {
struct create_posix *posix =
(struct create_posix *)context;
+ if (le16_to_cpu(context->DataOffset) +
+ le32_to_cpu(context->DataLength) <
+ sizeof(struct create_posix)) {
+ rc = -EINVAL;
+ goto err_out1;
+ }
ksmbd_debug(SMB, "get posix context\n");
posix_mode = le32_to_cpu(posix->Mode);
@@ -3023,9 +3039,16 @@ int smb2_open(struct ksmbd_work *work)
rc = PTR_ERR(az_req);
goto err_out;
} else if (az_req) {
- loff_t alloc_size = le64_to_cpu(az_req->AllocationSize);
+ loff_t alloc_size;
int err;
+ if (le16_to_cpu(az_req->ccontext.DataOffset) +
+ le32_to_cpu(az_req->ccontext.DataLength) <
+ sizeof(struct create_alloc_size_req)) {
+ rc = -EINVAL;
+ goto err_out;
+ }
+ alloc_size = le64_to_cpu(az_req->AllocationSize);
ksmbd_debug(SMB,
"request smb2 create allocate size : %llu\n",
alloc_size);
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index 321676a74b48..40a1e7bc9f16 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -368,7 +368,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
{
int i, ret;
int num_aces = 0;
- int acl_size;
+ unsigned int acl_size;
char *acl_base;
struct smb_ace **ppace;
struct posix_acl_entry *cf_pace, *cf_pdace;
@@ -380,7 +380,7 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
return;
/* validate that we do not go past end of acl */
- if (end_of_acl <= (char *)pdacl ||
+ if (end_of_acl < (char *)pdacl + sizeof(struct smb_acl) ||
end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size)) {
pr_err("ACL too small to parse DACL\n");
return;
@@ -419,8 +419,22 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
* user/group/other have no permissions
*/
for (i = 0; i < num_aces; ++i) {
+ if (end_of_acl - acl_base < acl_size)
+ break;
+
ppace[i] = (struct smb_ace *)(acl_base + acl_size);
acl_base = (char *)ppace[i];
+ acl_size = offsetof(struct smb_ace, sid) +
+ offsetof(struct smb_sid, sub_auth);
+
+ if (end_of_acl - acl_base < acl_size ||
+ ppace[i]->sid.num_subauth > SID_MAX_SUB_AUTHORITIES ||
+ (end_of_acl - acl_base <
+ acl_size + sizeof(__le32) * ppace[i]->sid.num_subauth) ||
+ (le16_to_cpu(ppace[i]->size) <
+ acl_size + sizeof(__le32) * ppace[i]->sid.num_subauth))
+ break;
+
acl_size = le16_to_cpu(ppace[i]->size);
ppace[i]->access_req =
smb_map_generic_desired_access(ppace[i]->access_req);
@@ -782,6 +796,9 @@ int parse_sec_desc(struct smb_ntsd *pntsd, int acl_len,
if (!pntsd)
return -EIO;
+ if (acl_len < sizeof(struct smb_ntsd))
+ return -EINVAL;
+
owner_sid_ptr = (struct smb_sid *)((char *)pntsd +
le32_to_cpu(pntsd->osidoffset));
group_sid_ptr = (struct smb_sid *)((char *)pntsd +
From patchwork Mon Nov 14 12:52:15 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183323
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:01 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:01 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:00 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 226/308] ksmbd: fix transform header validation
Date: Mon, 14 Nov 2022 20:52:15 +0800
Message-ID: <20221114125337.1831594-227-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
ea43fd7c-cae2-420d-dc51-08dac63c821d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6517898
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc4
commit 4227f811cdeb4d85db91ea6b9adf9ac049cec12e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4227f811cdeb
-------------------------------
Validate that the transform and smb request headers are present
before checking OriginalMessageSize and SessionId fields.
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Reviewed-by: Tom Talpey <tom(a)talpey.com>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 67a14c2a1262..525089577d3b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -8360,16 +8360,8 @@ int smb3_decrypt_req(struct ksmbd_work *work)
unsigned int buf_data_size = pdu_length + 4 -
sizeof(struct smb2_transform_hdr);
struct smb2_transform_hdr *tr_hdr = (struct smb2_transform_hdr *)buf;
- unsigned int orig_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
int rc = 0;
- sess = ksmbd_session_lookup_all(conn, le64_to_cpu(tr_hdr->SessionId));
- if (!sess) {
- pr_err("invalid session id(%llx) in transform header\n",
- le64_to_cpu(tr_hdr->SessionId));
- return -ECONNABORTED;
- }
-
if (pdu_length + 4 <
sizeof(struct smb2_transform_hdr) + sizeof(struct smb2_hdr)) {
pr_err("Transform message is too small (%u)\n",
@@ -8377,11 +8369,19 @@ int smb3_decrypt_req(struct ksmbd_work *work)
return -ECONNABORTED;
}
- if (pdu_length + 4 < orig_len + sizeof(struct smb2_transform_hdr)) {
+ if (pdu_length + 4 <
+ le32_to_cpu(tr_hdr->OriginalMessageSize) + sizeof(struct smb2_transform_hdr)) {
pr_err("Transform message is broken\n");
return -ECONNABORTED;
}
+ sess = ksmbd_session_lookup_all(conn, le64_to_cpu(tr_hdr->SessionId));
+ if (!sess) {
+ pr_err("invalid session id(%llx) in transform header\n",
+ le64_to_cpu(tr_hdr->SessionId));
+ return -ECONNABORTED;
+ }
+
iov[0].iov_base = buf;
iov[0].iov_len = sizeof(struct smb2_transform_hdr);
iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr);
From patchwork Mon Nov 14 12:52:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183324
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:01 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:01 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:01 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 227/308] ksmbd: missing check for NULL in
convert_to_nt_pathname()
Date: Mon, 14 Nov 2022 20:52:16 +0800
Message-ID: <20221114125337.1831594-228-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e48c5b5b-1672-4963-fb60-08dac63c8265
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6699282
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.15-rc4
commit 87ffb310d5e8a441721a9d04dfa7c90cd9da3916
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/87ffb310d5e8
-------------------------------
The kmalloc() does not have a NULL check. This code can be re-written
slightly cleaner to just use the kstrdup().
Fixes: 265fd1991c1d ("ksmbd: use LOOKUP_BENEATH to prevent the out of share access")
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/misc.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/fs/ksmbd/misc.c b/fs/ksmbd/misc.c
index 6a19f4bc692d..60e7ac62c917 100644
--- a/fs/ksmbd/misc.c
+++ b/fs/ksmbd/misc.c
@@ -162,17 +162,14 @@ char *convert_to_nt_pathname(char *filename)
{
char *ab_pathname;
- if (strlen(filename) == 0) {
- ab_pathname = kmalloc(2, GFP_KERNEL);
- ab_pathname[0] = '\\';
- ab_pathname[1] = '\0';
- } else {
- ab_pathname = kstrdup(filename, GFP_KERNEL);
- if (!ab_pathname)
- return NULL;
+ if (strlen(filename) == 0)
+ filename = "\\";
- ksmbd_conv_path_to_windows(ab_pathname);
- }
+ ab_pathname = kstrdup(filename, GFP_KERNEL);
+ if (!ab_pathname)
+ return NULL;
+
+ ksmbd_conv_path_to_windows(ab_pathname);
return ab_pathname;
}
From patchwork Mon Nov 14 12:52:17 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183325
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:02 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:02 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:01 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 228/308] ksmbd: add the check to vaildate if
stream protocol length exceeds maximum value
Date: Mon, 14 Nov 2022 20:52:17 +0800
Message-ID: <20221114125337.1831594-229-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
bd439118-7db3-45bc-4b9f-08dac63c82af
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6850454
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc5
commit 363999901116ffa9a5462215fef25ea9c7f2823c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/363999901116
-------------------------------
This patch add MAX_STREAM_PROT_LEN macro and check if stream protocol
length exceeds maximum value. opencode pdu size check in
ksmbd_pdu_size_has_room().
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 10 ++++++----
fs/ksmbd/smb_common.c | 6 ------
fs/ksmbd/smb_common.h | 4 ++--
3 files changed, 8 insertions(+), 12 deletions(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index af086d35398a..48b18b4ec117 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -296,10 +296,12 @@ int ksmbd_conn_handler_loop(void *p)
pdu_size = get_rfc1002_len(hdr_buf);
ksmbd_debug(CONN, "RFC1002 header %u bytes\n", pdu_size);
- /* make sure we have enough to get to SMB header end */
- if (!ksmbd_pdu_size_has_room(pdu_size)) {
- ksmbd_debug(CONN, "SMB request too short (%u bytes)\n",
- pdu_size);
+ /*
+ * Check if pdu size is valid (min : smb header size,
+ * max : 0x00FFFFFF).
+ */
+ if (pdu_size < __SMB2_HEADER_STRUCTURE_SIZE ||
+ pdu_size > MAX_STREAM_PROT_LEN) {
continue;
}
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index 02f17d5b8656..8658cb7c9b33 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -21,7 +21,6 @@ static const char basechars[43] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-!@#$%";
#define MAGIC_CHAR '~'
#define PERIOD '.'
#define mangle(V) ((char)(basechars[(V) % MANGLE_BASE]))
-#define KSMBD_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr))
struct smb_protocol {
int index;
@@ -294,11 +293,6 @@ int ksmbd_init_smb_server(struct ksmbd_work *work)
return 0;
}
-bool ksmbd_pdu_size_has_room(unsigned int pdu)
-{
- return (pdu >= KSMBD_MIN_SUPPORTED_HEADER_SIZE - 4);
-}
-
int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
struct ksmbd_file *dir,
struct ksmbd_dir_info *d_info,
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 994abede27e9..6e79e7577f6b 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -48,6 +48,8 @@
#define CIFS_DEFAULT_IOSIZE (64 * 1024)
#define MAX_CIFS_SMALL_BUFFER_SIZE 448 /* big enough for most */
+#define MAX_STREAM_PROT_LEN 0x00FFFFFF
+
/* Responses when opening a file. */
#define F_SUPERSEDED 0
#define F_OPENED 1
@@ -493,8 +495,6 @@ int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count);
int ksmbd_init_smb_server(struct ksmbd_work *work);
-bool ksmbd_pdu_size_has_room(unsigned int pdu);
-
struct ksmbd_kstat;
int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work,
int info_level,
From patchwork Mon Nov 14 12:52:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183326
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:02 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:02 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:02 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 229/308] ksmbd: check strictly data area in
ksmbd_smb2_check_message()
Date: Mon, 14 Nov 2022 20:52:18 +0800
Message-ID: <20221114125337.1831594-230-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
3786245c-5fb4-4ee7-dd8f-08dac63c82f7
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7002918
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc5
commit c2e99d47973796c3fafd13079337dcadecd49d8a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c2e99d479737
-------------------------------
When invalid data offset and data length in request,
ksmbd_smb2_check_message check strictly and doesn't allow to process such
requests.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Reviewed-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 98 ++++++++++++++++++++++-----------------------
1 file changed, 47 insertions(+), 51 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 9aa46bb3e10d..9edd9c161b27 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -80,18 +80,21 @@ static const bool has_smb2_data_area[NUMBER_OF_SMB2_COMMANDS] = {
};
/*
- * Returns the pointer to the beginning of the data area. Length of the data
- * area and the offset to it (from the beginning of the smb are also returned.
+ * Set length of the data area and the offset to arguments.
+ * if they are invalid, return error.
*/
-static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
+static int smb2_get_data_area_len(unsigned int *off, unsigned int *len,
+ struct smb2_hdr *hdr)
{
+ int ret = 0;
+
*off = 0;
*len = 0;
/* error reqeusts do not have data area */
if (hdr->Status && hdr->Status != STATUS_MORE_PROCESSING_REQUIRED &&
(((struct smb2_err_rsp *)hdr)->StructureSize) == SMB2_ERROR_STRUCTURE_SIZE2_LE)
- return NULL;
+ return ret;
/*
* Following commands have data areas so we have to get the location
@@ -165,69 +168,60 @@ static char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr)
case SMB2_IOCTL:
*off = le32_to_cpu(((struct smb2_ioctl_req *)hdr)->InputOffset);
*len = le32_to_cpu(((struct smb2_ioctl_req *)hdr)->InputCount);
-
break;
default:
ksmbd_debug(SMB, "no length check for command\n");
break;
}
- /*
- * Invalid length or offset probably means data area is invalid, but
- * we have little choice but to ignore the data area in this case.
- */
if (*off > 4096) {
- ksmbd_debug(SMB, "offset %d too large, data area ignored\n",
- *off);
- *len = 0;
- *off = 0;
- } else if (*off < 0) {
- ksmbd_debug(SMB,
- "negative offset %d to data invalid ignore data area\n",
- *off);
- *off = 0;
- *len = 0;
- } else if (*len < 0) {
- ksmbd_debug(SMB,
- "negative data length %d invalid, data area ignored\n",
- *len);
- *len = 0;
- } else if (*len > 128 * 1024) {
- ksmbd_debug(SMB, "data area larger than 128K: %d\n", *len);
- *len = 0;
+ ksmbd_debug(SMB, "offset %d too large\n", *off);
+ ret = -EINVAL;
+ } else if ((u64)*off + *len > MAX_STREAM_PROT_LEN) {
+ ksmbd_debug(SMB, "Request is larger than maximum stream protocol length(%u): %llu\n",
+ MAX_STREAM_PROT_LEN, (u64)*off + *len);
+ ret = -EINVAL;
}
- /* return pointer to beginning of data area, ie offset from SMB start */
- if ((*off != 0) && (*len != 0))
- return (char *)hdr + *off;
- else
- return NULL;
+ return ret;
}
/*
* Calculate the size of the SMB message based on the fixed header
* portion, the number of word parameters and the data portion of the message.
*/
-static unsigned int smb2_calc_size(void *buf)
+static int smb2_calc_size(void *buf, unsigned int *len)
{
struct smb2_pdu *pdu = (struct smb2_pdu *)buf;
struct smb2_hdr *hdr = &pdu->hdr;
- int offset; /* the offset from the beginning of SMB to data area */
- int data_length; /* the length of the variable length data area */
+ unsigned int offset; /* the offset from the beginning of SMB to data area */
+ unsigned int data_length; /* the length of the variable length data area */
+ int ret;
+
/* Structure Size has already been checked to make sure it is 64 */
- int len = le16_to_cpu(hdr->StructureSize);
+ *len = le16_to_cpu(hdr->StructureSize);
/*
* StructureSize2, ie length of fixed parameter area has already
* been checked to make sure it is the correct length.
*/
- len += le16_to_cpu(pdu->StructureSize2);
+ *len += le16_to_cpu(pdu->StructureSize2);
+ /*
+ * StructureSize2 of smb2_lock pdu is set to 48, indicating
+ * the size of smb2 lock request with single smb2_lock_element
+ * regardless of number of locks. Subtract single
+ * smb2_lock_element for correct buffer size check.
+ */
+ if (hdr->Command == SMB2_LOCK)
+ *len -= sizeof(struct smb2_lock_element);
if (has_smb2_data_area[le16_to_cpu(hdr->Command)] == false)
goto calc_size_exit;
- smb2_get_data_area_len(&offset, &data_length, hdr);
- ksmbd_debug(SMB, "SMB2 data length %d offset %d\n", data_length,
+ ret = smb2_get_data_area_len(&offset, &data_length, hdr);
+ if (ret)
+ return ret;
+ ksmbd_debug(SMB, "SMB2 data length %u offset %u\n", data_length,
offset);
if (data_length > 0) {
@@ -237,16 +231,19 @@ static unsigned int smb2_calc_size(void *buf)
* for some commands, typically those with odd StructureSize,
* so we must add one to the calculation.
*/
- if (offset + 1 < len)
+ if (offset + 1 < *len) {
ksmbd_debug(SMB,
- "data area offset %d overlaps SMB2 header %d\n",
- offset + 1, len);
- else
- len = offset + data_length;
+ "data area offset %d overlaps SMB2 header %u\n",
+ offset + 1, *len);
+ return -EINVAL;
+ }
+
+ *len = offset + data_length;
}
+
calc_size_exit:
- ksmbd_debug(SMB, "SMB2 len %d\n", len);
- return len;
+ ksmbd_debug(SMB, "SMB2 len %u\n", *len);
+ return 0;
}
static inline int smb2_query_info_req_len(struct smb2_query_info_req *h)
@@ -391,9 +388,11 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
return 1;
}
- clc_len = smb2_calc_size(hdr);
+ if (smb2_calc_size(hdr, &clc_len))
+ return 1;
+
if (len != clc_len) {
- /* server can return one byte more due to implied bcc[0] */
+ /* client can return one byte more due to implied bcc[0] */
if (clc_len == len + 1)
return 0;
@@ -418,9 +417,6 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
return 0;
}
- if (command == SMB2_LOCK_HE && len == 88)
- return 0;
-
ksmbd_debug(SMB,
"cli req too short, len %d not %d. cmd:%d mid:%llu\n",
len, clc_len, command,
From patchwork Mon Nov 14 12:52:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183327
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:03 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:03 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:02 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 230/308] ksmbd: remove the leftover of smb2.0
dialect support
Date: Mon, 14 Nov 2022 20:52:19 +0800
Message-ID: <20221114125337.1831594-231-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
1b3fe46d-19fa-48b5-07ca-08dac63c8341
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6994706
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc5
commit 51a1387393d98c2ba52d53d089720fa9f1463178
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/51a1387393d9
-------------------------------
Although ksmbd doesn't send SMB2.0 support in supported dialect list of smb
negotiate response, There is the leftover of smb2.0 dialect.
This patch remove it not to support SMB2.0 in ksmbd.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2ops.c | 5 -----
fs/ksmbd/smb2pdu.c | 34 +++++++++-------------------------
fs/ksmbd/smb2pdu.h | 1 -
fs/ksmbd/smb_common.c | 6 +++---
4 files changed, 12 insertions(+), 34 deletions(-)
diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c
index 197473871aa4..b06456eb587b 100644
--- a/fs/ksmbd/smb2ops.c
+++ b/fs/ksmbd/smb2ops.c
@@ -187,11 +187,6 @@ static struct smb_version_cmds smb2_0_server_cmds[NUMBER_OF_SMB2_COMMANDS] = {
[SMB2_CHANGE_NOTIFY_HE] = { .proc = smb2_notify},
};
-int init_smb2_0_server(struct ksmbd_conn *conn)
-{
- return -EOPNOTSUPP;
-}
-
/**
* init_smb2_1_server() - initialize a smb server connection with smb2.1
* command dispatcher
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 525089577d3b..dae9366120ff 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -236,9 +236,6 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
if (conn->need_neg == false)
return -EINVAL;
- if (!(conn->dialect >= SMB20_PROT_ID &&
- conn->dialect <= SMB311_PROT_ID))
- return -EINVAL;
rsp_hdr = work->response_buf;
@@ -1166,13 +1163,6 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
case SMB21_PROT_ID:
init_smb2_1_server(conn);
break;
- case SMB20_PROT_ID:
- rc = init_smb2_0_server(conn);
- if (rc) {
- rsp->hdr.Status = STATUS_NOT_SUPPORTED;
- goto err_out;
- }
- break;
case SMB2X_PROT_ID:
case BAD_PROT_ID:
default:
@@ -1191,11 +1181,9 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
rsp->MaxReadSize = cpu_to_le32(conn->vals->max_read_size);
rsp->MaxWriteSize = cpu_to_le32(conn->vals->max_write_size);
- if (conn->dialect > SMB20_PROT_ID) {
- memcpy(conn->ClientGUID, req->ClientGUID,
- SMB2_CLIENT_GUID_SIZE);
- conn->cli_sec_mode = le16_to_cpu(req->SecurityMode);
- }
+ memcpy(conn->ClientGUID, req->ClientGUID,
+ SMB2_CLIENT_GUID_SIZE);
+ conn->cli_sec_mode = le16_to_cpu(req->SecurityMode);
rsp->StructureSize = cpu_to_le16(65);
rsp->DialectRevision = cpu_to_le16(conn->dialect);
@@ -1537,11 +1525,9 @@ static int ntlm_authenticate(struct ksmbd_work *work)
}
}
- if (conn->dialect > SMB20_PROT_ID) {
- if (!ksmbd_conn_lookup_dialect(conn)) {
- pr_err("fail to verify the dialect\n");
- return -ENOENT;
- }
+ if (!ksmbd_conn_lookup_dialect(conn)) {
+ pr_err("fail to verify the dialect\n");
+ return -ENOENT;
}
return 0;
}
@@ -1623,11 +1609,9 @@ static int krb5_authenticate(struct ksmbd_work *work)
}
}
- if (conn->dialect > SMB20_PROT_ID) {
- if (!ksmbd_conn_lookup_dialect(conn)) {
- pr_err("fail to verify the dialect\n");
- return -ENOENT;
- }
+ if (!ksmbd_conn_lookup_dialect(conn)) {
+ pr_err("fail to verify the dialect\n");
+ return -ENOENT;
}
return 0;
}
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index 261825d06391..a6dec5ec6a54 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -1637,7 +1637,6 @@ struct smb2_posix_info {
} __packed;
/* functions */
-int init_smb2_0_server(struct ksmbd_conn *conn);
void init_smb2_1_server(struct ksmbd_conn *conn);
void init_smb3_0_server(struct ksmbd_conn *conn);
void init_smb3_02_server(struct ksmbd_conn *conn);
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index 8658cb7c9b33..bd836a30ae89 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -88,7 +88,7 @@ unsigned int ksmbd_server_side_copy_max_total_size(void)
inline int ksmbd_min_protocol(void)
{
- return SMB2_PROT;
+ return SMB21_PROT;
}
inline int ksmbd_max_protocol(void)
@@ -425,7 +425,7 @@ int ksmbd_extract_shortname(struct ksmbd_conn *conn, const char *longname,
static int __smb2_negotiate(struct ksmbd_conn *conn)
{
- return (conn->dialect >= SMB20_PROT_ID &&
+ return (conn->dialect >= SMB21_PROT_ID &&
conn->dialect <= SMB311_PROT_ID);
}
@@ -455,7 +455,7 @@ int ksmbd_smb_negotiate_common(struct ksmbd_work *work, unsigned int command)
}
}
- if (command == SMB2_NEGOTIATE_HE) {
+ if (command == SMB2_NEGOTIATE_HE && __smb2_negotiate(conn)) {
ret = smb2_handle_negotiate(work);
init_smb2_neg_rsp(work);
return ret;
From patchwork Mon Nov 14 12:52:20 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183328
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:03 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:03 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:03 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 231/308] ksmbd: use buf_data_size instead of
recalculation in smb3_decrypt_req()
Date: Mon, 14 Nov 2022 20:52:20 +0800
Message-ID: <20221114125337.1831594-232-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
d9e95537-8f6a-4115-bfc8-08dac63c8389
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7055730
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc5
commit c7705eec78c999485609274c7ac5c27def8b84f1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c7705eec78c9
-------------------------------
Tom suggested to use buf_data_size that is already calculated, to verify
these offsets.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Suggested-by: Tom Talpey <tom(a)talpey.com>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index dae9366120ff..55d39459437d 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -8341,20 +8341,18 @@ int smb3_decrypt_req(struct ksmbd_work *work)
struct smb2_hdr *hdr;
unsigned int pdu_length = get_rfc1002_len(buf);
struct kvec iov[2];
- unsigned int buf_data_size = pdu_length + 4 -
+ int buf_data_size = pdu_length + 4 -
sizeof(struct smb2_transform_hdr);
struct smb2_transform_hdr *tr_hdr = (struct smb2_transform_hdr *)buf;
int rc = 0;
- if (pdu_length + 4 <
- sizeof(struct smb2_transform_hdr) + sizeof(struct smb2_hdr)) {
+ if (buf_data_size < sizeof(struct smb2_hdr)) {
pr_err("Transform message is too small (%u)\n",
pdu_length);
return -ECONNABORTED;
}
- if (pdu_length + 4 <
- le32_to_cpu(tr_hdr->OriginalMessageSize) + sizeof(struct smb2_transform_hdr)) {
+ if (buf_data_size < le32_to_cpu(tr_hdr->OriginalMessageSize)) {
pr_err("Transform message is broken\n");
return -ECONNABORTED;
}
From patchwork Mon Nov 14 12:52:21 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183329
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:04 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:04 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:03 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 232/308] ksmbd: fix version mismatch with out of
tree
Date: Mon, 14 Nov 2022 20:52:21 +0800
Message-ID: <20221114125337.1831594-233-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
9e1e37b9-a069-417b-c40a-08dac63c83d2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7036407
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc5
commit 2db72604f3eaebd6175548bf64372e163724ebe3
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2db72604f3ea
-------------------------------
Fix version mismatch with out of tree, This updated version will be
matched with ksmbd-tools.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Steve French <smfrench(a)gmail.com>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/glob.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/glob.h b/fs/ksmbd/glob.h
index 49a5a3afa118..5b8f3e0ebdb3 100644
--- a/fs/ksmbd/glob.h
+++ b/fs/ksmbd/glob.h
@@ -12,7 +12,7 @@
#include "unicode.h"
#include "vfs_cache.h"
-#define KSMBD_VERSION "3.1.9"
+#define KSMBD_VERSION "3.4.2"
extern int ksmbd_debug_types;
From patchwork Mon Nov 14 12:52:22 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183330
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:04 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:04 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:04 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 233/308] ksmbd: fix oops from fuse driver
Date: Mon, 14 Nov 2022 20:52:22 +0800
Message-ID: <20221114125337.1831594-234-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
a626f202-8f84-486d-86d6-08dac63c841c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6789696
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc5
commit 64e7875560270b8f669fca9fcd6a689fea56fbeb
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/64e787556027
-------------------------------
Marios reported kernel oops from fuse driver when ksmbd call
mark_inode_dirty(). This patch directly update ->i_ctime after removing
mark_inode_ditry() and notify_change will put inode to dirty list.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Reported-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Tested-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 17 ++++++-----------
1 file changed, 6 insertions(+), 11 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 55d39459437d..ec07cc459f4f 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5438,7 +5438,6 @@ static int set_file_basic_info(struct ksmbd_file *fp,
struct ksmbd_share_config *share)
{
struct iattr attrs;
- struct timespec64 ctime;
struct file *filp;
struct inode *inode;
int rc = 0;
@@ -5458,13 +5457,11 @@ static int set_file_basic_info(struct ksmbd_file *fp,
attrs.ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET);
}
- if (file_info->ChangeTime) {
+ attrs.ia_valid |= ATTR_CTIME;
+ if (file_info->ChangeTime)
attrs.ia_ctime = ksmbd_NTtimeToUnix(file_info->ChangeTime);
- ctime = attrs.ia_ctime;
- attrs.ia_valid |= ATTR_CTIME;
- } else {
- ctime = inode->i_ctime;
- }
+ else
+ attrs.ia_ctime = inode->i_ctime;
if (file_info->LastWriteTime) {
attrs.ia_mtime = ksmbd_NTtimeToUnix(file_info->LastWriteTime);
@@ -5509,11 +5506,9 @@ static int set_file_basic_info(struct ksmbd_file *fp,
return -EACCES;
inode_lock(inode);
+ inode->i_ctime = attrs.ia_ctime;
+ attrs.ia_valid &= ~ATTR_CTIME;
rc = notify_change(dentry, &attrs, NULL);
- if (!rc) {
- inode->i_ctime = ctime;
- mark_inode_dirty(inode);
- }
inode_unlock(inode);
}
return rc;
From patchwork Mon Nov 14 12:52:23 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183331
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:05 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:05 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:04 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 234/308] ksmbd: add validation in smb2_ioctl
Date: Mon, 14 Nov 2022 20:52:23 +0800
Message-ID: <20221114125337.1831594-235-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
91dee71a-1a61-49fd-f38f-08dac63c8464
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7021221
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc7
commit f7db8fd03a4bc5baf70ccf8978fe17cb54368b97
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f7db8fd03a4b
-------------------------------
Add validation for request/response buffer size check in smb2_ioctl and
fsctl_copychunk() take copychunk_ioctl_req pointer and the other arguments
instead of smb2_ioctl_req structure and remove an unused smb2_ioctl_req
argument of fsctl_validate_negotiate_info.
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Ralph B��hme <slow(a)samba.org>
Cc: Steve French <smfrench(a)gmail.com>
Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 113 +++++++++++++++++++++++++++++++++------------
fs/ksmbd/vfs.c | 2 +-
fs/ksmbd/vfs.h | 2 +-
3 files changed, 86 insertions(+), 31 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index ec07cc459f4f..2a4647273549 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6973,24 +6973,26 @@ int smb2_lock(struct ksmbd_work *work)
return err;
}
-static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
+static int fsctl_copychunk(struct ksmbd_work *work,
+ struct copychunk_ioctl_req *ci_req,
+ unsigned int cnt_code,
+ unsigned int input_count,
+ unsigned long long volatile_id,
+ unsigned long long persistent_id,
struct smb2_ioctl_rsp *rsp)
{
- struct copychunk_ioctl_req *ci_req;
struct copychunk_ioctl_rsp *ci_rsp;
struct ksmbd_file *src_fp = NULL, *dst_fp = NULL;
struct srv_copychunk *chunks;
unsigned int i, chunk_count, chunk_count_written = 0;
unsigned int chunk_size_written = 0;
loff_t total_size_written = 0;
- int ret, cnt_code;
+ int ret = 0;
- cnt_code = le32_to_cpu(req->CntCode);
- ci_req = (struct copychunk_ioctl_req *)&req->Buffer[0];
ci_rsp = (struct copychunk_ioctl_rsp *)&rsp->Buffer[0];
- rsp->VolatileFileId = req->VolatileFileId;
- rsp->PersistentFileId = req->PersistentFileId;
+ rsp->VolatileFileId = cpu_to_le64(volatile_id);
+ rsp->PersistentFileId = cpu_to_le64(persistent_id);
ci_rsp->ChunksWritten =
cpu_to_le32(ksmbd_server_side_copy_max_chunk_count());
ci_rsp->ChunkBytesWritten =
@@ -7000,12 +7002,13 @@ static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
chunks = (struct srv_copychunk *)&ci_req->Chunks[0];
chunk_count = le32_to_cpu(ci_req->ChunkCount);
+ if (chunk_count == 0)
+ goto out;
total_size_written = 0;
/* verify the SRV_COPYCHUNK_COPY packet */
if (chunk_count > ksmbd_server_side_copy_max_chunk_count() ||
- le32_to_cpu(req->InputCount) <
- offsetof(struct copychunk_ioctl_req, Chunks) +
+ input_count < offsetof(struct copychunk_ioctl_req, Chunks) +
chunk_count * sizeof(struct srv_copychunk)) {
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
return -EINVAL;
@@ -7026,9 +7029,7 @@ static int fsctl_copychunk(struct ksmbd_work *work, struct smb2_ioctl_req *req,
src_fp = ksmbd_lookup_foreign_fd(work,
le64_to_cpu(ci_req->ResumeKey[0]));
- dst_fp = ksmbd_lookup_fd_slow(work,
- le64_to_cpu(req->VolatileFileId),
- le64_to_cpu(req->PersistentFileId));
+ dst_fp = ksmbd_lookup_fd_slow(work, volatile_id, persistent_id);
ret = -EINVAL;
if (!src_fp ||
src_fp->persistent_id != le64_to_cpu(ci_req->ResumeKey[1])) {
@@ -7103,8 +7104,8 @@ static __be32 idev_ipv4_address(struct in_device *idev)
}
static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
- struct smb2_ioctl_req *req,
- struct smb2_ioctl_rsp *rsp)
+ struct smb2_ioctl_rsp *rsp,
+ unsigned int out_buf_len)
{
struct network_interface_info_ioctl_rsp *nii_rsp = NULL;
int nbytes = 0;
@@ -7116,6 +7117,12 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
rtnl_lock();
for_each_netdev(&init_net, netdev) {
+ if (out_buf_len <
+ nbytes + sizeof(struct network_interface_info_ioctl_rsp)) {
+ rtnl_unlock();
+ return -ENOSPC;
+ }
+
if (netdev->type == ARPHRD_LOOPBACK)
continue;
@@ -7195,11 +7202,6 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
if (nii_rsp)
nii_rsp->Next = 0;
- if (!nbytes) {
- rsp->hdr.Status = STATUS_BUFFER_TOO_SMALL;
- return -EINVAL;
- }
-
rsp->PersistentFileId = cpu_to_le64(SMB2_NO_FID);
rsp->VolatileFileId = cpu_to_le64(SMB2_NO_FID);
return nbytes;
@@ -7207,11 +7209,16 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
struct validate_negotiate_info_req *neg_req,
- struct validate_negotiate_info_rsp *neg_rsp)
+ struct validate_negotiate_info_rsp *neg_rsp,
+ unsigned int in_buf_len)
{
int ret = 0;
int dialect;
+ if (in_buf_len < sizeof(struct validate_negotiate_info_req) +
+ le16_to_cpu(neg_req->DialectCount) * sizeof(__le16))
+ return -EINVAL;
+
dialect = ksmbd_lookup_dialect_by_id(neg_req->Dialects,
neg_req->DialectCount);
if (dialect == BAD_PROT_ID || dialect != conn->dialect) {
@@ -7245,7 +7252,7 @@ static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
static int fsctl_query_allocated_ranges(struct ksmbd_work *work, u64 id,
struct file_allocated_range_buffer *qar_req,
struct file_allocated_range_buffer *qar_rsp,
- int in_count, int *out_count)
+ unsigned int in_count, unsigned int *out_count)
{
struct ksmbd_file *fp;
loff_t start, length;
@@ -7272,7 +7279,8 @@ static int fsctl_query_allocated_ranges(struct ksmbd_work *work, u64 id,
}
static int fsctl_pipe_transceive(struct ksmbd_work *work, u64 id,
- int out_buf_len, struct smb2_ioctl_req *req,
+ unsigned int out_buf_len,
+ struct smb2_ioctl_req *req,
struct smb2_ioctl_rsp *rsp)
{
struct ksmbd_rpc_command *rpc_resp;
@@ -7382,8 +7390,7 @@ int smb2_ioctl(struct ksmbd_work *work)
{
struct smb2_ioctl_req *req;
struct smb2_ioctl_rsp *rsp, *rsp_org;
- int cnt_code, nbytes = 0;
- int out_buf_len;
+ unsigned int cnt_code, nbytes = 0, out_buf_len, in_buf_len;
u64 id = KSMBD_NO_FID;
struct ksmbd_conn *conn = work->conn;
int ret = 0;
@@ -7412,7 +7419,11 @@ int smb2_ioctl(struct ksmbd_work *work)
cnt_code = le32_to_cpu(req->CntCode);
out_buf_len = le32_to_cpu(req->MaxOutputResponse);
- out_buf_len = min(KSMBD_IPC_MAX_PAYLOAD, out_buf_len);
+ out_buf_len =
+ min_t(u32, work->response_sz - work->next_smb2_rsp_hdr_off -
+ (offsetof(struct smb2_ioctl_rsp, Buffer) - 4),
+ out_buf_len);
+ in_buf_len = le32_to_cpu(req->InputCount);
switch (cnt_code) {
case FSCTL_DFS_GET_REFERRALS:
@@ -7440,6 +7451,7 @@ int smb2_ioctl(struct ksmbd_work *work)
break;
}
case FSCTL_PIPE_TRANSCEIVE:
+ out_buf_len = min_t(u32, KSMBD_IPC_MAX_PAYLOAD, out_buf_len);
nbytes = fsctl_pipe_transceive(work, id, out_buf_len, req, rsp);
break;
case FSCTL_VALIDATE_NEGOTIATE_INFO:
@@ -7448,9 +7460,16 @@ int smb2_ioctl(struct ksmbd_work *work)
goto out;
}
+ if (in_buf_len < sizeof(struct validate_negotiate_info_req))
+ return -EINVAL;
+
+ if (out_buf_len < sizeof(struct validate_negotiate_info_rsp))
+ return -EINVAL;
+
ret = fsctl_validate_negotiate_info(conn,
(struct validate_negotiate_info_req *)&req->Buffer[0],
- (struct validate_negotiate_info_rsp *)&rsp->Buffer[0]);
+ (struct validate_negotiate_info_rsp *)&rsp->Buffer[0],
+ in_buf_len);
if (ret < 0)
goto out;
@@ -7459,9 +7478,10 @@ int smb2_ioctl(struct ksmbd_work *work)
rsp->VolatileFileId = cpu_to_le64(SMB2_NO_FID);
break;
case FSCTL_QUERY_NETWORK_INTERFACE_INFO:
- nbytes = fsctl_query_iface_info_ioctl(conn, req, rsp);
- if (nbytes < 0)
+ ret = fsctl_query_iface_info_ioctl(conn, rsp, out_buf_len);
+ if (ret < 0)
goto out;
+ nbytes = ret;
break;
case FSCTL_REQUEST_RESUME_KEY:
if (out_buf_len < sizeof(struct resume_key_ioctl_rsp)) {
@@ -7486,15 +7506,33 @@ int smb2_ioctl(struct ksmbd_work *work)
goto out;
}
+ if (in_buf_len < sizeof(struct copychunk_ioctl_req)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
if (out_buf_len < sizeof(struct copychunk_ioctl_rsp)) {
ret = -EINVAL;
goto out;
}
nbytes = sizeof(struct copychunk_ioctl_rsp);
- fsctl_copychunk(work, req, rsp);
+ rsp->VolatileFileId = req->VolatileFileId;
+ rsp->PersistentFileId = req->PersistentFileId;
+ fsctl_copychunk(work,
+ (struct copychunk_ioctl_req *)&req->Buffer[0],
+ le32_to_cpu(req->CntCode),
+ le32_to_cpu(req->InputCount),
+ le64_to_cpu(req->VolatileFileId),
+ le64_to_cpu(req->PersistentFileId),
+ rsp);
break;
case FSCTL_SET_SPARSE:
+ if (in_buf_len < sizeof(struct file_sparse)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
ret = fsctl_set_sparse(work, id,
(struct file_sparse *)&req->Buffer[0]);
if (ret < 0)
@@ -7513,6 +7551,11 @@ int smb2_ioctl(struct ksmbd_work *work)
goto out;
}
+ if (in_buf_len < sizeof(struct file_zero_data_information)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
zero_data =
(struct file_zero_data_information *)&req->Buffer[0];
@@ -7532,6 +7575,11 @@ int smb2_ioctl(struct ksmbd_work *work)
break;
}
case FSCTL_QUERY_ALLOCATED_RANGES:
+ if (in_buf_len < sizeof(struct file_allocated_range_buffer)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
ret = fsctl_query_allocated_ranges(work, id,
(struct file_allocated_range_buffer *)&req->Buffer[0],
(struct file_allocated_range_buffer *)&rsp->Buffer[0],
@@ -7572,6 +7620,11 @@ int smb2_ioctl(struct ksmbd_work *work)
struct duplicate_extents_to_file *dup_ext;
loff_t src_off, dst_off, length, cloned;
+ if (in_buf_len < sizeof(struct duplicate_extents_to_file)) {
+ ret = -EINVAL;
+ goto out;
+ }
+
dup_ext = (struct duplicate_extents_to_file *)&req->Buffer[0];
fp_in = ksmbd_lookup_fd_slow(work, dup_ext->VolatileFileHandle,
@@ -7642,6 +7695,8 @@ int smb2_ioctl(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_OBJECT_NAME_NOT_FOUND;
else if (ret == -EOPNOTSUPP)
rsp->hdr.Status = STATUS_NOT_SUPPORTED;
+ else if (ret == -ENOSPC)
+ rsp->hdr.Status = STATUS_BUFFER_TOO_SMALL;
else if (ret < 0 || rsp->hdr.Status == 0)
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
smb2_set_err_rsp(work);
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 2887995b2c47..7f6a53ddf8a1 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -990,7 +990,7 @@ int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
struct file_allocated_range_buffer *ranges,
- int in_count, int *out_count)
+ unsigned int in_count, unsigned int *out_count)
{
struct file *f = fp->filp;
struct inode *inode = file_inode(fp->filp);
diff --git a/fs/ksmbd/vfs.h b/fs/ksmbd/vfs.h
index ef4a89cf0221..51ff1f63965c 100644
--- a/fs/ksmbd/vfs.h
+++ b/fs/ksmbd/vfs.h
@@ -159,7 +159,7 @@ int ksmbd_vfs_zero_data(struct ksmbd_work *work, struct ksmbd_file *fp,
struct file_allocated_range_buffer;
int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
struct file_allocated_range_buffer *ranges,
- int in_count, int *out_count);
+ unsigned int in_count, unsigned int *out_count);
int ksmbd_vfs_unlink(struct dentry *dir, struct dentry *dentry);
void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, struct dentry *dentry,
From patchwork Mon Nov 14 12:52:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183332
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:05 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:05 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:04 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 235/308] ksmbd: improve credits management
Date: Mon, 14 Nov 2022 20:52:24 +0800
Message-ID: <20221114125337.1831594-236-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
19cff0c2-39bd-44b6-3829-08dac63c84ad
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7031939
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc7
commit bf8acc9e10e21c28452dfa067a7d31e6067104b1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/bf8acc9e10e2
-------------------------------
* Requests except READ, WRITE, IOCTL, INFO, QUERY
DIRECOTRY, CANCEL must consume one credit.
* If client's granted credits are insufficient,
refuse to handle requests.
* Windows server 2016 or later grant up to 8192
credits to clients at once.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 2 ++
fs/ksmbd/smb2misc.c | 38 ++++++++++++++------
fs/ksmbd/smb2pdu.c | 81 ++++++++++++++++---------------------------
3 files changed, 59 insertions(+), 62 deletions(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 48b18b4ec117..b57a0d8a392f 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -61,6 +61,8 @@ struct ksmbd_conn *ksmbd_conn_alloc(void)
conn->local_nls = load_nls_default();
atomic_set(&conn->req_running, 0);
atomic_set(&conn->r_count, 0);
+ conn->total_credits = 1;
+
init_waitqueue_head(&conn->req_running_q);
INIT_LIST_HEAD(&conn->conns_list);
INIT_LIST_HEAD(&conn->sessions);
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 9edd9c161b27..e7e441c8f050 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -284,11 +284,13 @@ static inline int smb2_ioctl_resp_len(struct smb2_ioctl_req *h)
le32_to_cpu(h->MaxOutputResponse);
}
-static int smb2_validate_credit_charge(struct smb2_hdr *hdr)
+static int smb2_validate_credit_charge(struct ksmbd_conn *conn,
+ struct smb2_hdr *hdr)
{
- int req_len = 0, expect_resp_len = 0, calc_credit_num, max_len;
- int credit_charge = le16_to_cpu(hdr->CreditCharge);
+ unsigned int req_len = 0, expect_resp_len = 0, calc_credit_num, max_len;
+ unsigned short credit_charge = le16_to_cpu(hdr->CreditCharge);
void *__hdr = hdr;
+ int ret;
switch (hdr->Command) {
case SMB2_QUERY_INFO:
@@ -310,21 +312,37 @@ static int smb2_validate_credit_charge(struct smb2_hdr *hdr)
req_len = smb2_ioctl_req_len(__hdr);
expect_resp_len = smb2_ioctl_resp_len(__hdr);
break;
- default:
+ case SMB2_CANCEL:
return 0;
+ default:
+ req_len = 1;
+ break;
}
- credit_charge = max(1, credit_charge);
- max_len = max(req_len, expect_resp_len);
+ credit_charge = max_t(unsigned short, credit_charge, 1);
+ max_len = max_t(unsigned int, req_len, expect_resp_len);
calc_credit_num = DIV_ROUND_UP(max_len, SMB2_MAX_BUFFER_SIZE);
if (credit_charge < calc_credit_num) {
- pr_err("Insufficient credit charge, given: %d, needed: %d\n",
- credit_charge, calc_credit_num);
+ ksmbd_debug(SMB, "Insufficient credit charge, given: %d, needed: %d\n",
+ credit_charge, calc_credit_num);
+ return 1;
+ } else if (credit_charge > conn->max_credits) {
+ ksmbd_debug(SMB, "Too large credit charge: %d\n", credit_charge);
return 1;
}
- return 0;
+ spin_lock(&conn->credits_lock);
+ if (credit_charge <= conn->total_credits) {
+ conn->total_credits -= credit_charge;
+ ret = 0;
+ } else {
+ ksmbd_debug(SMB, "Insufficient credits granted, given: %u, granted: %u\n",
+ credit_charge, conn->total_credits);
+ ret = 1;
+ }
+ spin_unlock(&conn->credits_lock);
+ return ret;
}
int ksmbd_smb2_check_message(struct ksmbd_work *work)
@@ -383,7 +401,7 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
}
if ((work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU) &&
- smb2_validate_credit_charge(hdr)) {
+ smb2_validate_credit_charge(work->conn, hdr)) {
work->conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
return 1;
}
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 2a4647273549..f081f1735c5a 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -292,22 +292,6 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
return 0;
}
-static int smb2_consume_credit_charge(struct ksmbd_work *work,
- unsigned short credit_charge)
-{
- struct ksmbd_conn *conn = work->conn;
- unsigned int rsp_credits = 1;
-
- if (!conn->total_credits)
- return 0;
-
- if (credit_charge > 0)
- rsp_credits = credit_charge;
-
- conn->total_credits -= rsp_credits;
- return rsp_credits;
-}
-
/**
* smb2_set_rsp_credits() - set number of credits in response buffer
* @work: smb work containing smb response buffer
@@ -317,49 +301,43 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
struct smb2_hdr *req_hdr = ksmbd_req_buf_next(work);
struct smb2_hdr *hdr = ksmbd_resp_buf_next(work);
struct ksmbd_conn *conn = work->conn;
- unsigned short credits_requested = le16_to_cpu(req_hdr->CreditRequest);
- unsigned short credit_charge = 1, credits_granted = 0;
- unsigned short aux_max, aux_credits, min_credits;
- int rsp_credit_charge;
+ unsigned short credits_requested;
+ unsigned short credit_charge, credits_granted = 0;
+ unsigned short aux_max, aux_credits;
- if (hdr->Command == SMB2_CANCEL)
- goto out;
+ if (work->send_no_response)
+ return 0;
- /* get default minimum credits by shifting maximum credits by 4 */
- min_credits = conn->max_credits >> 4;
+ hdr->CreditCharge = req_hdr->CreditCharge;
- if (conn->total_credits >= conn->max_credits) {
+ if (conn->total_credits > conn->max_credits) {
+ hdr->CreditRequest = 0;
pr_err("Total credits overflow: %d\n", conn->total_credits);
- conn->total_credits = min_credits;
- }
-
- rsp_credit_charge =
- smb2_consume_credit_charge(work, le16_to_cpu(req_hdr->CreditCharge));
- if (rsp_credit_charge < 0)
return -EINVAL;
+ }
- hdr->CreditCharge = cpu_to_le16(rsp_credit_charge);
+ credit_charge = max_t(unsigned short,
+ le16_to_cpu(req_hdr->CreditCharge), 1);
+ credits_requested = max_t(unsigned short,
+ le16_to_cpu(req_hdr->CreditRequest), 1);
- if (credits_requested > 0) {
- aux_credits = credits_requested - 1;
- aux_max = 32;
- if (hdr->Command == SMB2_NEGOTIATE)
- aux_max = 0;
- aux_credits = (aux_credits < aux_max) ? aux_credits : aux_max;
- credits_granted = aux_credits + credit_charge;
+ /* according to smb2.credits smbtorture, Windows server
+ * 2016 or later grant up to 8192 credits at once.
+ *
+ * TODO: Need to adjuct CreditRequest value according to
+ * current cpu load
+ */
+ aux_credits = credits_requested - 1;
+ if (hdr->Command == SMB2_NEGOTIATE)
+ aux_max = 0;
+ else
+ aux_max = conn->max_credits - credit_charge;
+ aux_credits = min_t(unsigned short, aux_credits, aux_max);
+ credits_granted = credit_charge + aux_credits;
- /* if credits granted per client is getting bigger than default
- * minimum credits then we should wrap it up within the limits.
- */
- if ((conn->total_credits + credits_granted) > min_credits)
- credits_granted = min_credits - conn->total_credits;
- /*
- * TODO: Need to adjuct CreditRequest value according to
- * current cpu load
- */
- } else if (conn->total_credits == 0) {
- credits_granted = 1;
- }
+ if (conn->max_credits - conn->total_credits < credits_granted)
+ credits_granted = conn->max_credits -
+ conn->total_credits;
conn->total_credits += credits_granted;
work->credits_granted += credits_granted;
@@ -368,7 +346,6 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
/* Update CreditRequest in last request */
hdr->CreditRequest = cpu_to_le16(work->credits_granted);
}
-out:
ksmbd_debug(SMB,
"credits: requested[%d] granted[%d] total_granted[%d]\n",
credits_requested, credits_granted,
From patchwork Mon Nov 14 12:52:25 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183333
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:05 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:05 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:05 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 236/308] ksmbd: fix potencial 32bit overflow from
data area check in smb2_write
Date: Mon, 14 Nov 2022 20:52:25 +0800
Message-ID: <20221114125337.1831594-237-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
5a54f8e0-21f5-4f87-f161-08dac63c84f5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.5607664
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc7
commit 9a63b999ae5435d82a5c353c6b1467100f857742
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9a63b999ae54
-------------------------------
DataOffset and Length validation can be potencial 32bit overflow.
This patch fix it.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index f081f1735c5a..32e7d107fa0c 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6147,8 +6147,7 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
(offsetof(struct smb2_write_req, Buffer) - 4)) {
data_buf = (char *)&req->Buffer[0];
} else {
- if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
- (le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
+ if ((u64)le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req)) {
pr_err("invalid write data offset %u, smb_len %u\n",
le16_to_cpu(req->DataOffset),
get_rfc1002_len(req));
@@ -6306,8 +6305,7 @@ int smb2_write(struct ksmbd_work *work)
(offsetof(struct smb2_write_req, Buffer) - 4)) {
data_buf = (char *)&req->Buffer[0];
} else {
- if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) ||
- (le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req))) {
+ if ((u64)le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req)) {
pr_err("invalid write data offset %u, smb_len %u\n",
le16_to_cpu(req->DataOffset),
get_rfc1002_len(req));
From patchwork Mon Nov 14 12:52:26 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183334
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:06 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:06 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:05 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 237/308] ksmbd: validate compound response buffer
Date: Mon, 14 Nov 2022 20:52:26 +0800
Message-ID: <20221114125337.1831594-238-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ac4a83db-3cf5-42f8-0f96-08dac63c8537
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7039663
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc7
commit dbad63001eac3abeeb2b66ddf71504e8ab128c5c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/dbad63001eac
-------------------------------
Add the check to validate compound response buffer.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 32e7d107fa0c..7da58e4e4abf 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -449,6 +449,12 @@ bool is_chained_smb2_message(struct ksmbd_work *work)
return false;
}
+ if ((u64)get_rfc1002_len(work->response_buf) + MAX_CIFS_SMALL_BUFFER_SIZE >
+ work->response_sz) {
+ pr_err("next response offset exceeds response buffer size\n");
+ return false;
+ }
+
ksmbd_debug(SMB, "got SMB2 chained command\n");
init_chained_smb2_rsp(work);
return true;
From patchwork Mon Nov 14 12:52:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183335
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:07 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:06 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:06 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 238/308] ksmbd: limit read/write/trans buffer size
not to exceed 8MB
Date: Mon, 14 Nov 2022 20:52:27 +0800
Message-ID: <20221114125337.1831594-239-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3c673f50-a99b-4445-b717-08dac63c8581
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7164264
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc7
commit 4bc59477c3298b191c72b5d99feb54a1dc8c254d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4bc59477c329
-------------------------------
ksmbd limit read/write/trans buffer size not to exceed maximum 8MB.
And set the minimum value of max response buffer size to 64KB.
Windows client doesn't send session setup request if ksmbd set max
trans/read/write size lower than 64KB in smb2 negotiate.
It means windows allow at least 64 KB or more about this value.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2ops.c | 3 +++
fs/ksmbd/smb2pdu.c | 2 +-
fs/ksmbd/smb2pdu.h | 2 ++
3 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c
index b06456eb587b..fb6a65d23139 100644
--- a/fs/ksmbd/smb2ops.c
+++ b/fs/ksmbd/smb2ops.c
@@ -284,6 +284,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn)
void init_smb2_max_read_size(unsigned int sz)
{
+ sz = clamp_val(sz, SMB3_MIN_IOSIZE, SMB3_MAX_IOSIZE);
smb21_server_values.max_read_size = sz;
smb30_server_values.max_read_size = sz;
smb302_server_values.max_read_size = sz;
@@ -292,6 +293,7 @@ void init_smb2_max_read_size(unsigned int sz)
void init_smb2_max_write_size(unsigned int sz)
{
+ sz = clamp_val(sz, SMB3_MIN_IOSIZE, SMB3_MAX_IOSIZE);
smb21_server_values.max_write_size = sz;
smb30_server_values.max_write_size = sz;
smb302_server_values.max_write_size = sz;
@@ -300,6 +302,7 @@ void init_smb2_max_write_size(unsigned int sz)
void init_smb2_max_trans_size(unsigned int sz)
{
+ sz = clamp_val(sz, SMB3_MIN_IOSIZE, SMB3_MAX_IOSIZE);
smb21_server_values.max_trans_size = sz;
smb30_server_values.max_trans_size = sz;
smb302_server_values.max_trans_size = sz;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 7da58e4e4abf..2e4380cffac5 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -524,7 +524,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
{
struct smb2_hdr *hdr = work->request_buf;
size_t small_sz = MAX_CIFS_SMALL_BUFFER_SIZE;
- size_t large_sz = work->conn->vals->max_trans_size + MAX_SMB2_HDR_SIZE;
+ size_t large_sz = small_sz + work->conn->vals->max_trans_size;
size_t sz = small_sz;
int cmd = le16_to_cpu(hdr->Command);
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index a6dec5ec6a54..ff5a2f01d34a 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -113,6 +113,8 @@
#define SMB21_DEFAULT_IOSIZE (1024 * 1024)
#define SMB3_DEFAULT_IOSIZE (4 * 1024 * 1024)
#define SMB3_DEFAULT_TRANS_SIZE (1024 * 1024)
+#define SMB3_MIN_IOSIZE (64 * 1024)
+#define SMB3_MAX_IOSIZE (8 * 1024 * 1024)
/*
* SMB2 Header Definition
From patchwork Mon Nov 14 12:52:28 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183336
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:07 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:07 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:06 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 239/308] ksmbd: add buffer validation for smb
direct
Date: Mon, 14 Nov 2022 20:52:28 +0800
Message-ID: <20221114125337.1831594-240-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
61be61e5-4e5d-4329-07c0-08dac63c85cb
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6814979
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc7
commit 2ea086e35c3d726a3bacd0a971c1f02a50e98206
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2ea086e35c3d
-------------------------------
Add buffer validation for smb direct.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 21 +++++++++++++++++++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 3a7fa23ba850..a2fd5a4d4cd5 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -549,6 +549,10 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
switch (recvmsg->type) {
case SMB_DIRECT_MSG_NEGOTIATE_REQ:
+ if (wc->byte_len < sizeof(struct smb_direct_negotiate_req)) {
+ put_empty_recvmsg(t, recvmsg);
+ return;
+ }
t->negotiation_requested = true;
t->full_packet_received = true;
wake_up_interruptible(&t->wait_status);
@@ -556,10 +560,23 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
case SMB_DIRECT_MSG_DATA_TRANSFER: {
struct smb_direct_data_transfer *data_transfer =
(struct smb_direct_data_transfer *)recvmsg->packet;
- int data_length = le32_to_cpu(data_transfer->data_length);
+ unsigned int data_length;
int avail_recvmsg_count, receive_credits;
+ if (wc->byte_len <
+ offsetof(struct smb_direct_data_transfer, padding)) {
+ put_empty_recvmsg(t, recvmsg);
+ return;
+ }
+
+ data_length = le32_to_cpu(data_transfer->data_length);
if (data_length) {
+ if (wc->byte_len < sizeof(struct smb_direct_data_transfer) +
+ (u64)data_length) {
+ put_empty_recvmsg(t, recvmsg);
+ return;
+ }
+
if (t->full_packet_received)
recvmsg->first_segment = true;
@@ -568,7 +585,7 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
else
t->full_packet_received = true;
- enqueue_reassembly(t, recvmsg, data_length);
+ enqueue_reassembly(t, recvmsg, (int)data_length);
wake_up_interruptible(&t->wait_reassembly_queue);
spin_lock(&t->receive_credit_lock);
From patchwork Mon Nov 14 12:52:29 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183337
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:07 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:07 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:07 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 240/308] ksmbd: validate credit charge after
validating SMB2 PDU body size
Date: Mon, 14 Nov 2022 20:52:29 +0800
Message-ID: <20221114125337.1831594-241-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
195e35af-f5be-4edc-9913-08dac63c8613
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6937221
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Ralph Boehme <slow(a)samba.org>
mainline inclusion
from mainline-5.15-rc7
commit 7a33488705008b5bb5f8d95d05326dcc64fc55f4
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7a3348870500
-------------------------------
smb2_validate_credit_charge() accesses fields in the SMB2 PDU body,
but until smb2_calc_size() is called the PDU has not yet been verified
to be large enough to access the PDU dynamic part length field.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index e7e441c8f050..030ca57c3784 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -400,26 +400,20 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
}
}
- if ((work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU) &&
- smb2_validate_credit_charge(work->conn, hdr)) {
- work->conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
- return 1;
- }
-
if (smb2_calc_size(hdr, &clc_len))
return 1;
if (len != clc_len) {
/* client can return one byte more due to implied bcc[0] */
if (clc_len == len + 1)
- return 0;
+ goto validate_credit;
/*
* Some windows servers (win2016) will pad also the final
* PDU in a compound to 8 bytes.
*/
if (ALIGN(clc_len, 8) == len)
- return 0;
+ goto validate_credit;
/*
* windows client also pad up to 8 bytes when compounding.
@@ -432,7 +426,7 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
"cli req padded more than expected. Length %d not %d for cmd:%d mid:%llu\n",
len, clc_len, command,
le64_to_cpu(hdr->MessageId));
- return 0;
+ goto validate_credit;
}
ksmbd_debug(SMB,
@@ -443,6 +437,13 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
return 1;
}
+validate_credit:
+ if ((work->conn->vals->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU) &&
+ smb2_validate_credit_charge(work->conn, hdr)) {
+ work->conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
+ return 1;
+ }
+
return 0;
}
From patchwork Mon Nov 14 12:52:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183338
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:08 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:08 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:07 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 241/308] ksmbd: validate OutputBufferLength of
QUERY_DIR, QUERY_INFO, IOCTL requests
Date: Mon, 14 Nov 2022 20:52:30 +0800
Message-ID: <20221114125337.1831594-242-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
54e0e9f8-6d7b-47c5-9d84-08dac63c865c
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6747344
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.15-rc7
commit 34061d6b76a41b1e43c19e1e50d98e5d77f77d4e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/34061d6b76a4
-------------------------------
Validate OutputBufferLength of QUERY_DIR, QUERY_INFO, IOCTL requests and
check the free size of response buffer for these requests.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 68 +++++++++++++++++++++++++++++++++++-----------
1 file changed, 52 insertions(+), 16 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 2e4380cffac5..71aade05a587 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3731,6 +3731,24 @@ static int verify_info_level(int info_level)
return 0;
}
+static int smb2_calc_max_out_buf_len(struct ksmbd_work *work,
+ unsigned short hdr2_len,
+ unsigned int out_buf_len)
+{
+ int free_len;
+
+ if (out_buf_len > work->conn->vals->max_trans_size)
+ return -EINVAL;
+
+ free_len = (int)(work->response_sz -
+ (get_rfc1002_len(work->response_buf) + 4)) -
+ hdr2_len;
+ if (free_len < 0)
+ return -EINVAL;
+
+ return min_t(int, out_buf_len, free_len);
+}
+
int smb2_query_dir(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
@@ -3806,9 +3824,13 @@ int smb2_query_dir(struct ksmbd_work *work)
memset(&d_info, 0, sizeof(struct ksmbd_dir_info));
d_info.wptr = (char *)rsp->Buffer;
d_info.rptr = (char *)rsp->Buffer;
- d_info.out_buf_len = (work->response_sz - (get_rfc1002_len(rsp_org) + 4));
- d_info.out_buf_len = min_t(int, d_info.out_buf_len, le32_to_cpu(req->OutputBufferLength)) -
- sizeof(struct smb2_query_directory_rsp);
+ d_info.out_buf_len =
+ smb2_calc_max_out_buf_len(work, 8,
+ le32_to_cpu(req->OutputBufferLength));
+ if (d_info.out_buf_len < 0) {
+ rc = -EINVAL;
+ goto err_out;
+ }
d_info.flags = srch_flag;
/*
@@ -4041,12 +4063,11 @@ static int smb2_get_ea(struct ksmbd_work *work, struct ksmbd_file *fp,
le32_to_cpu(req->Flags));
}
- buf_free_len = work->response_sz -
- (get_rfc1002_len(rsp_org) + 4) -
- sizeof(struct smb2_query_info_rsp);
-
- if (le32_to_cpu(req->OutputBufferLength) < buf_free_len)
- buf_free_len = le32_to_cpu(req->OutputBufferLength);
+ buf_free_len =
+ smb2_calc_max_out_buf_len(work, 8,
+ le32_to_cpu(req->OutputBufferLength));
+ if (buf_free_len < 0)
+ return -EINVAL;
rc = ksmbd_vfs_listxattr(path->dentry, &xattr_list);
if (rc < 0) {
@@ -4355,6 +4376,8 @@ static void get_file_stream_info(struct ksmbd_work *work,
struct path *path = &fp->filp->f_path;
ssize_t xattr_list_len;
int nbytes = 0, streamlen, stream_name_len, next, idx = 0;
+ int buf_free_len;
+ struct smb2_query_info_req *req = ksmbd_req_buf_next(work);
generic_fillattr(file_inode(fp->filp), &stat);
file_info = (struct smb2_file_stream_info *)rsp->Buffer;
@@ -4367,6 +4390,12 @@ static void get_file_stream_info(struct ksmbd_work *work,
goto out;
}
+ buf_free_len =
+ smb2_calc_max_out_buf_len(work, 8,
+ le32_to_cpu(req->OutputBufferLength));
+ if (buf_free_len < 0)
+ goto out;
+
while (idx < xattr_list_len) {
stream_name = xattr_list + idx;
streamlen = strlen(stream_name);
@@ -4391,6 +4420,10 @@ static void get_file_stream_info(struct ksmbd_work *work,
streamlen = snprintf(stream_buf, streamlen + 1,
":%s", &stream_name[XATTR_NAME_STREAM_LEN]);
+ next = sizeof(struct smb2_file_stream_info) + streamlen * 2;
+ if (next > buf_free_len)
+ break;
+
file_info = (struct smb2_file_stream_info *)&rsp->Buffer[nbytes];
streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
stream_buf, streamlen,
@@ -4401,12 +4434,13 @@ static void get_file_stream_info(struct ksmbd_work *work,
file_info->StreamSize = cpu_to_le64(stream_name_len);
file_info->StreamAllocationSize = cpu_to_le64(stream_name_len);
- next = sizeof(struct smb2_file_stream_info) + streamlen;
nbytes += next;
+ buf_free_len -= next;
file_info->NextEntryOffset = cpu_to_le32(next);
}
- if (!S_ISDIR(stat.mode)) {
+ if (!S_ISDIR(stat.mode) &&
+ buf_free_len >= sizeof(struct smb2_file_stream_info) + 7 * 2) {
file_info = (struct smb2_file_stream_info *)
&rsp->Buffer[nbytes];
streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
@@ -7399,11 +7433,13 @@ int smb2_ioctl(struct ksmbd_work *work)
}
cnt_code = le32_to_cpu(req->CntCode);
- out_buf_len = le32_to_cpu(req->MaxOutputResponse);
- out_buf_len =
- min_t(u32, work->response_sz - work->next_smb2_rsp_hdr_off -
- (offsetof(struct smb2_ioctl_rsp, Buffer) - 4),
- out_buf_len);
+ ret = smb2_calc_max_out_buf_len(work, 48,
+ le32_to_cpu(req->MaxOutputResponse));
+ if (ret < 0) {
+ rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ goto out;
+ }
+ out_buf_len = (unsigned int)ret;
in_buf_len = le32_to_cpu(req->InputCount);
switch (cnt_code) {
From patchwork Mon Nov 14 12:52:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183339
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:08 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:08 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:08 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 242/308] ksmbd: throttle session setup failures to
avoid dictionary attacks
Date: Mon, 14 Nov 2022 20:52:31 +0800
Message-ID: <20221114125337.1831594-243-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
ca3309e7-4ac2-4c03-55de-08dac63c86a5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7060263
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.15-rc7
commit 621be84a9d1fbf0097fd058e249ec5cc4f35f3c5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/621be84a9d1f
-------------------------------
To avoid dictionary attacks (repeated session setups rapidly sent) to
connect to server, ksmbd make a delay of a 5 seconds on session setup
failure to make it harder to send enough random connection requests
to break into a server if a user insert the wrong password 10 times
in a row.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ksmbd_netlink.h | 2 ++
fs/ksmbd/mgmt/user_config.c | 2 +-
fs/ksmbd/mgmt/user_config.h | 1 +
fs/ksmbd/smb2pdu.c | 27 ++++++++++++++++++++++++---
fs/ksmbd/transport_ipc.c | 3 ++-
fs/ksmbd/transport_ipc.h | 2 +-
6 files changed, 31 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/ksmbd_netlink.h b/fs/ksmbd/ksmbd_netlink.h
index 2fbe2bc1e093..c6718a05d347 100644
--- a/fs/ksmbd/ksmbd_netlink.h
+++ b/fs/ksmbd/ksmbd_netlink.h
@@ -211,6 +211,7 @@ struct ksmbd_tree_disconnect_request {
*/
struct ksmbd_logout_request {
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
+ __u32 account_flags;
};
/*
@@ -317,6 +318,7 @@ enum KSMBD_TREE_CONN_STATUS {
#define KSMBD_USER_FLAG_BAD_UID BIT(2)
#define KSMBD_USER_FLAG_BAD_USER BIT(3)
#define KSMBD_USER_FLAG_GUEST_ACCOUNT BIT(4)
+#define KSMBD_USER_FLAG_DELAY_SESSION BIT(5)
/*
* Share config flags.
diff --git a/fs/ksmbd/mgmt/user_config.c b/fs/ksmbd/mgmt/user_config.c
index d21629ae5c89..1019d3677d55 100644
--- a/fs/ksmbd/mgmt/user_config.c
+++ b/fs/ksmbd/mgmt/user_config.c
@@ -55,7 +55,7 @@ struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp)
void ksmbd_free_user(struct ksmbd_user *user)
{
- ksmbd_ipc_logout_request(user->name);
+ ksmbd_ipc_logout_request(user->name, user->flags);
kfree(user->name);
kfree(user->passkey);
kfree(user);
diff --git a/fs/ksmbd/mgmt/user_config.h b/fs/ksmbd/mgmt/user_config.h
index b2bb074a0150..aff80b029579 100644
--- a/fs/ksmbd/mgmt/user_config.h
+++ b/fs/ksmbd/mgmt/user_config.h
@@ -18,6 +18,7 @@ struct ksmbd_user {
size_t passkey_sz;
char *passkey;
+ unsigned int failed_login_count;
};
static inline bool user_guest(struct ksmbd_user *user)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 71aade05a587..82677e282af0 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1779,9 +1779,30 @@ int smb2_sess_setup(struct ksmbd_work *work)
conn->mechToken = NULL;
}
- if (rc < 0 && sess) {
- ksmbd_session_destroy(sess);
- work->sess = NULL;
+ if (rc < 0) {
+ /*
+ * SecurityBufferOffset should be set to zero
+ * in session setup error response.
+ */
+ rsp->SecurityBufferOffset = 0;
+
+ if (sess) {
+ bool try_delay = false;
+
+ /*
+ * To avoid dictionary attacks (repeated session setups rapidly sent) to
+ * connect to server, ksmbd make a delay of a 5 seconds on session setup
+ * failure to make it harder to send enough random connection requests
+ * to break into a server.
+ */
+ if (sess->user && sess->user->flags & KSMBD_USER_FLAG_DELAY_SESSION)
+ try_delay = true;
+
+ ksmbd_session_destroy(sess);
+ work->sess = NULL;
+ if (try_delay)
+ ssleep(5);
+ }
}
return rc;
diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c
index 44aea33a67fa..1acf1892a466 100644
--- a/fs/ksmbd/transport_ipc.c
+++ b/fs/ksmbd/transport_ipc.c
@@ -601,7 +601,7 @@ int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
return ret;
}
-int ksmbd_ipc_logout_request(const char *account)
+int ksmbd_ipc_logout_request(const char *account, int flags)
{
struct ksmbd_ipc_msg *msg;
struct ksmbd_logout_request *req;
@@ -616,6 +616,7 @@ int ksmbd_ipc_logout_request(const char *account)
msg->type = KSMBD_EVENT_LOGOUT_REQUEST;
req = (struct ksmbd_logout_request *)msg->payload;
+ req->account_flags = flags;
strscpy(req->account, account, KSMBD_REQ_MAX_ACCOUNT_NAME_SZ);
ret = ipc_msg_send(msg);
diff --git a/fs/ksmbd/transport_ipc.h b/fs/ksmbd/transport_ipc.h
index 9eacc895ffdb..5e5b90a0c187 100644
--- a/fs/ksmbd/transport_ipc.h
+++ b/fs/ksmbd/transport_ipc.h
@@ -25,7 +25,7 @@ ksmbd_ipc_tree_connect_request(struct ksmbd_session *sess,
struct sockaddr *peer_addr);
int ksmbd_ipc_tree_disconnect_request(unsigned long long session_id,
unsigned long long connect_id);
-int ksmbd_ipc_logout_request(const char *account);
+int ksmbd_ipc_logout_request(const char *account, int flags);
struct ksmbd_share_config_response *
ksmbd_ipc_share_config_request(const char *name);
struct ksmbd_spnego_authen_response *
From patchwork Mon Nov 14 12:52:32 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183340
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:09 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:09 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:08 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 243/308] ksmbd: add buffer validation in session
setup
Date: Mon, 14 Nov 2022 20:52:32 +0800
Message-ID: <20221114125337.1831594-244-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6bb722ce-fb1e-44b9-80b4-08dac63c86ee
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6911622
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.15-rc7
commit 0d994cd482ee4e8e851388a70869beee51be1c54
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/0d994cd482ee
-------------------------------
Make sure the security buffer's length/offset are valid with regards to
the packet length.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 16 ++++++++-------
fs/ksmbd/smb2pdu.c | 51 ++++++++++++++++++++++++++++------------------
2 files changed, 40 insertions(+), 27 deletions(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index 71c989f1568d..30a92ddc1817 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -298,8 +298,8 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
int blob_len, struct ksmbd_session *sess)
{
char *domain_name;
- unsigned int lm_off, nt_off;
- unsigned short nt_len;
+ unsigned int nt_off, dn_off;
+ unsigned short nt_len, dn_len;
int ret;
if (blob_len < sizeof(struct authenticate_message)) {
@@ -314,15 +314,17 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
return -EINVAL;
}
- lm_off = le32_to_cpu(authblob->LmChallengeResponse.BufferOffset);
nt_off = le32_to_cpu(authblob->NtChallengeResponse.BufferOffset);
nt_len = le16_to_cpu(authblob->NtChallengeResponse.Length);
+ dn_off = le32_to_cpu(authblob->DomainName.BufferOffset);
+ dn_len = le16_to_cpu(authblob->DomainName.Length);
+
+ if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len)
+ return -EINVAL;
/* TODO : use domain name that imported from configuration file */
- domain_name = smb_strndup_from_utf16((const char *)authblob +
- le32_to_cpu(authblob->DomainName.BufferOffset),
- le16_to_cpu(authblob->DomainName.Length), true,
- sess->conn->local_nls);
+ domain_name = smb_strndup_from_utf16((const char *)authblob + dn_off,
+ dn_len, true, sess->conn->local_nls);
if (IS_ERR(domain_name))
return PTR_ERR(domain_name);
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 82677e282af0..37da97576669 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1257,19 +1257,13 @@ static int generate_preauth_hash(struct ksmbd_work *work)
return 0;
}
-static int decode_negotiation_token(struct ksmbd_work *work,
- struct negotiate_message *negblob)
+static int decode_negotiation_token(struct ksmbd_conn *conn,
+ struct negotiate_message *negblob,
+ size_t sz)
{
- struct ksmbd_conn *conn = work->conn;
- struct smb2_sess_setup_req *req;
- int sz;
-
if (!conn->use_spnego)
return -EINVAL;
- req = work->request_buf;
- sz = le16_to_cpu(req->SecurityBufferLength);
-
if (ksmbd_decode_negTokenInit((char *)negblob, sz, conn)) {
if (ksmbd_decode_negTokenTarg((char *)negblob, sz, conn)) {
conn->auth_mechs |= KSMBD_AUTH_NTLMSSP;
@@ -1281,9 +1275,9 @@ static int decode_negotiation_token(struct ksmbd_work *work,
}
static int ntlm_negotiate(struct ksmbd_work *work,
- struct negotiate_message *negblob)
+ struct negotiate_message *negblob,
+ size_t negblob_len)
{
- struct smb2_sess_setup_req *req = work->request_buf;
struct smb2_sess_setup_rsp *rsp = work->response_buf;
struct challenge_message *chgblob;
unsigned char *spnego_blob = NULL;
@@ -1292,8 +1286,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
int sz, rc;
ksmbd_debug(SMB, "negotiate phase\n");
- sz = le16_to_cpu(req->SecurityBufferLength);
- rc = ksmbd_decode_ntlmssp_neg_blob(negblob, sz, work->sess);
+ rc = ksmbd_decode_ntlmssp_neg_blob(negblob, negblob_len, work->sess);
if (rc)
return rc;
@@ -1361,12 +1354,23 @@ static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
struct authenticate_message *authblob;
struct ksmbd_user *user;
char *name;
- int sz;
+ unsigned int auth_msg_len, name_off, name_len, secbuf_len;
+ secbuf_len = le16_to_cpu(req->SecurityBufferLength);
+ if (secbuf_len < sizeof(struct authenticate_message)) {
+ ksmbd_debug(SMB, "blob len %d too small\n", secbuf_len);
+ return NULL;
+ }
authblob = user_authblob(conn, req);
- sz = le32_to_cpu(authblob->UserName.BufferOffset);
- name = smb_strndup_from_utf16((const char *)authblob + sz,
- le16_to_cpu(authblob->UserName.Length),
+ name_off = le32_to_cpu(authblob->UserName.BufferOffset);
+ name_len = le16_to_cpu(authblob->UserName.Length);
+ auth_msg_len = le16_to_cpu(req->SecurityBufferOffset) + secbuf_len;
+
+ if (auth_msg_len < (u64)name_off + name_len)
+ return NULL;
+
+ name = smb_strndup_from_utf16((const char *)authblob + name_off,
+ name_len,
true,
conn->local_nls);
if (IS_ERR(name)) {
@@ -1612,6 +1616,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
struct smb2_sess_setup_rsp *rsp = work->response_buf;
struct ksmbd_session *sess;
struct negotiate_message *negblob;
+ unsigned int negblob_len, negblob_off;
int rc = 0;
ksmbd_debug(SMB, "Received request for session setup\n");
@@ -1692,10 +1697,16 @@ int smb2_sess_setup(struct ksmbd_work *work)
if (sess->state == SMB2_SESSION_EXPIRED)
sess->state = SMB2_SESSION_IN_PROGRESS;
+ negblob_off = le16_to_cpu(req->SecurityBufferOffset);
+ negblob_len = le16_to_cpu(req->SecurityBufferLength);
+ if (negblob_off < (offsetof(struct smb2_sess_setup_req, Buffer) - 4) ||
+ negblob_len < offsetof(struct negotiate_message, NegotiateFlags))
+ return -EINVAL;
+
negblob = (struct negotiate_message *)((char *)&req->hdr.ProtocolId +
- le16_to_cpu(req->SecurityBufferOffset));
+ negblob_off);
- if (decode_negotiation_token(work, negblob) == 0) {
+ if (decode_negotiation_token(conn, negblob, negblob_len) == 0) {
if (conn->mechToken)
negblob = (struct negotiate_message *)conn->mechToken;
}
@@ -1719,7 +1730,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
sess->Preauth_HashValue = NULL;
} else if (conn->preferred_auth_mech == KSMBD_AUTH_NTLMSSP) {
if (negblob->MessageType == NtLmNegotiate) {
- rc = ntlm_negotiate(work, negblob);
+ rc = ntlm_negotiate(work, negblob, negblob_len);
if (rc)
goto out_err;
rsp->hdr.Status =
From patchwork Mon Nov 14 12:52:33 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183341
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:09 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:09 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:09 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 244/308] ksmbd: use ksmbd_req_buf_next() in
ksmbd_verify_smb_message()
Date: Mon, 14 Nov 2022 20:52:33 +0800
Message-ID: <20221114125337.1831594-245-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e3d6108c-8de0-4dcc-eb7b-08dac63c8736
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6972547
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Ralph Boehme <slow(a)samba.org>
mainline inclusion
from mainline-5.16-rc1
commit a088ac859f8124d491f02a19d080fc5ee4dbd202
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a088ac859f81
-------------------------------
Use ksmbd_req_buf_next() in ksmbd_verify_smb_message().
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb_common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index bd836a30ae89..f3f1953b2bcf 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -132,7 +132,7 @@ int ksmbd_lookup_protocol_idx(char *str)
*/
int ksmbd_verify_smb_message(struct ksmbd_work *work)
{
- struct smb2_hdr *smb2_hdr = work->request_buf + work->next_smb2_rcv_hdr_off;
+ struct smb2_hdr *smb2_hdr = ksmbd_req_buf_next(work);
struct smb_hdr *hdr;
if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER)
From patchwork Mon Nov 14 12:52:34 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183342
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:10 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:10 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:09 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 245/308] ksmbd: use ksmbd_req_buf_next() in
ksmbd_smb2_check_message()
Date: Mon, 14 Nov 2022 20:52:34 +0800
Message-ID: <20221114125337.1831594-246-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
31644803-a809-48b1-93f2-08dac63c8781
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6725800
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Ralph Boehme <slow(a)samba.org>
mainline inclusion
from mainline-5.16-rc1
commit b83b27909e74d27796de19c802fbc3b65ab4ba9a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b83b27909e74
-------------------------------
Use ksmbd_req_buf_next() in ksmbd_smb2_check_message().
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Steve French <smfrench(a)gmail.com>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 030ca57c3784..2385622cc3c8 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -347,17 +347,12 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn,
int ksmbd_smb2_check_message(struct ksmbd_work *work)
{
- struct smb2_pdu *pdu = work->request_buf;
+ struct smb2_pdu *pdu = ksmbd_req_buf_next(work);
struct smb2_hdr *hdr = &pdu->hdr;
int command;
__u32 clc_len; /* calculated length */
__u32 len = get_rfc1002_len(pdu);
- if (work->next_smb2_rcv_hdr_off) {
- pdu = ksmbd_req_buf_next(work);
- hdr = &pdu->hdr;
- }
-
if (le32_to_cpu(hdr->NextCommand) > 0) {
len = le32_to_cpu(hdr->NextCommand);
} else if (work->next_smb2_rcv_hdr_off) {
From patchwork Mon Nov 14 12:52:35 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183343
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:10 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:10 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:10 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 246/308] ksmdb: use cmd helper variable in
smb2_get_ksmbd_tcon()
Date: Mon, 14 Nov 2022 20:52:35 +0800
Message-ID: <20221114125337.1831594-247-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
34a18c8d-ca10-4a3d-fefd-08dac63c87c9
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6987538
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Ralph Boehme <slow(a)samba.org>
mainline inclusion
from mainline-5.16-rc1
commit 341b16014bf871115f0883e831372c4b76389d03
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/341b16014bf8
-------------------------------
Use cmd helper variable in smb2_get_ksmbd_tcon().
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Cc: Steve French <smfrench(a)gmail.com>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Ralph Boehme <slow(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 37da97576669..ed08697ec56c 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -94,12 +94,13 @@ struct channel *lookup_chann_list(struct ksmbd_session *sess, struct ksmbd_conn
int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
{
struct smb2_hdr *req_hdr = work->request_buf;
+ unsigned int cmd = le16_to_cpu(req_hdr->Command);
int tree_id;
work->tcon = NULL;
- if (work->conn->ops->get_cmd_val(work) == SMB2_TREE_CONNECT_HE ||
- work->conn->ops->get_cmd_val(work) == SMB2_CANCEL_HE ||
- work->conn->ops->get_cmd_val(work) == SMB2_LOGOFF_HE) {
+ if (cmd == SMB2_TREE_CONNECT_HE ||
+ cmd == SMB2_CANCEL_HE ||
+ cmd == SMB2_LOGOFF_HE) {
ksmbd_debug(SMB, "skip to check tree connect request\n");
return 0;
}
From patchwork Mon Nov 14 12:52:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183344
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:11 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:11 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:10 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 247/308] ksmbd: Remove redundant
'flush_workqueue()' calls
Date: Mon, 14 Nov 2022 20:52:36 +0800
Message-ID: <20221114125337.1831594-248-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
60937ae3-17b7-476c-4f9c-08dac63c8813
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6919144
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
mainline inclusion
from mainline-5.16-rc1
commit e8d585b2f68c0b10c966ee55146de043429085a3
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e8d585b2f68c
-------------------------------
'destroy_workqueue()' already drains the queue before destroying it, so
there is no need to flush it explicitly.
Remove the redundant 'flush_workqueue()' calls.
This was generated with coccinelle:
@@
expression E;
@@
- flush_workqueue(E);
destroy_workqueue(E);
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ksmbd_work.c | 1 -
fs/ksmbd/transport_rdma.c | 1 -
2 files changed, 2 deletions(-)
diff --git a/fs/ksmbd/ksmbd_work.c b/fs/ksmbd/ksmbd_work.c
index fd58eb4809f6..14b9caebf7a4 100644
--- a/fs/ksmbd/ksmbd_work.c
+++ b/fs/ksmbd/ksmbd_work.c
@@ -69,7 +69,6 @@ int ksmbd_workqueue_init(void)
void ksmbd_workqueue_destroy(void)
{
- flush_workqueue(ksmbd_wq);
destroy_workqueue(ksmbd_wq);
ksmbd_wq = NULL;
}
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index a2fd5a4d4cd5..6330dfc302ff 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -2043,7 +2043,6 @@ int ksmbd_rdma_destroy(void)
smb_direct_listener.cm_id = NULL;
if (smb_direct_wq) {
- flush_workqueue(smb_direct_wq);
destroy_workqueue(smb_direct_wq);
smb_direct_wq = NULL;
}
From patchwork Mon Nov 14 12:52:37 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183345
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:11 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:11 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:11 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 248/308] ksmbd: Fix buffer length check in
fsctl_validate_negotiate_info()
Date: Mon, 14 Nov 2022 20:52:37 +0800
Message-ID: <20221114125337.1831594-249-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
aedc835b-4363-4e82-e1a0-08dac63c885b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6429262
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.16-rc1
commit 78f1688a64cca77758ceb9b183088cf0054bfc82
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/78f1688a64cc
-------------------------------
The validate_negotiate_info_req struct definition includes an extra
field to access the data coming after the header. This causes the check
in fsctl_validate_negotiate_info() to count the first element of the
array twice. This in turn makes some valid requests fail, depending on
whether they include padding or not.
Fixes: f7db8fd03a4b ("ksmbd: add validation in smb2_ioctl")
Cc: stable(a)vger.kernel.org # v5.15
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index ed08697ec56c..bec55e1f08dc 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -7263,7 +7263,7 @@ static int fsctl_validate_negotiate_info(struct ksmbd_conn *conn,
int ret = 0;
int dialect;
- if (in_buf_len < sizeof(struct validate_negotiate_info_req) +
+ if (in_buf_len < offsetof(struct validate_negotiate_info_req, Dialects) +
le16_to_cpu(neg_req->DialectCount) * sizeof(__le16))
return -EINVAL;
From patchwork Mon Nov 14 12:52:38 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183346
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:12 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:12 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:11 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 249/308] ksmbd: don't need 8byte alignment for
request length in ksmbd_check_message
Date: Mon, 14 Nov 2022 20:52:38 +0800
Message-ID: <20221114125337.1831594-250-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
21519b03-337c-4ddc-9997-08dac63c88a4
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6940747
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc1
commit b53ad8107ee873795ecb5039d46b5d5502d404f2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b53ad8107ee8
-------------------------------
When validating request length in ksmbd_check_message, 8byte alignment
is not needed for compound request. It can cause wrong validation
of request length.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org # v5.15
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 2385622cc3c8..0239fa96926c 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -353,12 +353,10 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
__u32 clc_len; /* calculated length */
__u32 len = get_rfc1002_len(pdu);
- if (le32_to_cpu(hdr->NextCommand) > 0) {
+ if (le32_to_cpu(hdr->NextCommand) > 0)
len = le32_to_cpu(hdr->NextCommand);
- } else if (work->next_smb2_rcv_hdr_off) {
+ else if (work->next_smb2_rcv_hdr_off)
len -= work->next_smb2_rcv_hdr_off;
- len = round_up(len, 8);
- }
if (check_smb2_hdr(hdr))
return 1;
From patchwork Mon Nov 14 12:52:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183347
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:12 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:12 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:12 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 250/308] ksmbd: remove smb2_buf_length in smb2_hdr
Date: Mon, 14 Nov 2022 20:52:39 +0800
Message-ID: <20221114125337.1831594-251-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6046a616-8344-4d8b-5c29-08dac63c88ee
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.8239436
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc1
commit cb4517201b8acdb5fd5314494aaf86c267f22345
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/cb4517201b8a
-------------------------------
To move smb2_hdr to smbfs_common, This patch remove smb2_buf_length
variable in smb2_hdr. Also, declare smb2_get_msg function to get smb2
request/response from ->request/response_buf.
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 4 +-
fs/ksmbd/connection.c | 9 +-
fs/ksmbd/ksmbd_work.h | 4 +-
fs/ksmbd/oplock.c | 24 +--
fs/ksmbd/smb2misc.c | 2 +-
fs/ksmbd/smb2pdu.c | 440 +++++++++++++++++++-------------------
fs/ksmbd/smb2pdu.h | 20 +-
fs/ksmbd/smb_common.c | 11 +-
fs/ksmbd/smb_common.h | 6 -
fs/ksmbd/transport_rdma.c | 2 +-
10 files changed, 260 insertions(+), 262 deletions(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index 30a92ddc1817..c69c5471db1c 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -873,9 +873,9 @@ int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
__u8 *pi_hash)
{
int rc;
- struct smb2_hdr *rcv_hdr = (struct smb2_hdr *)buf;
+ struct smb2_hdr *rcv_hdr = smb2_get_msg(buf);
char *all_bytes_msg = (char *)&rcv_hdr->ProtocolId;
- int msg_size = be32_to_cpu(rcv_hdr->smb2_buf_length);
+ int msg_size = get_rfc1002_len(buf);
struct ksmbd_crypto_ctx *ctx = NULL;
if (conn->preauth_info->Preauth_HashId !=
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index b57a0d8a392f..12f710ccbdff 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -158,14 +158,13 @@ void ksmbd_conn_wait_idle(struct ksmbd_conn *conn)
int ksmbd_conn_write(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb_hdr *rsp_hdr = work->response_buf;
size_t len = 0;
int sent;
struct kvec iov[3];
int iov_idx = 0;
ksmbd_conn_try_dequeue_request(work);
- if (!rsp_hdr) {
+ if (!work->response_buf) {
pr_err("NULL response header\n");
return -EINVAL;
}
@@ -177,7 +176,7 @@ int ksmbd_conn_write(struct ksmbd_work *work)
}
if (work->aux_payload_sz) {
- iov[iov_idx] = (struct kvec) { rsp_hdr, work->resp_hdr_sz };
+ iov[iov_idx] = (struct kvec) { work->response_buf, work->resp_hdr_sz };
len += iov[iov_idx++].iov_len;
iov[iov_idx] = (struct kvec) { work->aux_payload_buf, work->aux_payload_sz };
len += iov[iov_idx++].iov_len;
@@ -185,8 +184,8 @@ int ksmbd_conn_write(struct ksmbd_work *work)
if (work->tr_buf)
iov[iov_idx].iov_len = work->resp_hdr_sz;
else
- iov[iov_idx].iov_len = get_rfc1002_len(rsp_hdr) + 4;
- iov[iov_idx].iov_base = rsp_hdr;
+ iov[iov_idx].iov_len = get_rfc1002_len(work->response_buf) + 4;
+ iov[iov_idx].iov_base = work->response_buf;
len += iov[iov_idx++].iov_len;
}
diff --git a/fs/ksmbd/ksmbd_work.h b/fs/ksmbd/ksmbd_work.h
index f7156bc50049..5ece58e40c97 100644
--- a/fs/ksmbd/ksmbd_work.h
+++ b/fs/ksmbd/ksmbd_work.h
@@ -92,7 +92,7 @@ struct ksmbd_work {
*/
static inline void *ksmbd_resp_buf_next(struct ksmbd_work *work)
{
- return work->response_buf + work->next_smb2_rsp_hdr_off;
+ return work->response_buf + work->next_smb2_rsp_hdr_off + 4;
}
/**
@@ -101,7 +101,7 @@ static inline void *ksmbd_resp_buf_next(struct ksmbd_work *work)
*/
static inline void *ksmbd_req_buf_next(struct ksmbd_work *work)
{
- return work->request_buf + work->next_smb2_rcv_hdr_off;
+ return work->request_buf + work->next_smb2_rcv_hdr_off + 4;
}
struct ksmbd_work *ksmbd_alloc_work_struct(void);
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 95e8c53a5cf3..e529bc11b04b 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -629,10 +629,10 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
return;
}
- rsp_hdr = work->response_buf;
+ rsp_hdr = smb2_get_msg(work->response_buf);
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
- rsp_hdr->smb2_buf_length =
- cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
+ *(__be32 *)work->response_buf =
+ cpu_to_be32(conn->vals->header_size);
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->CreditRequest = cpu_to_le16(0);
@@ -645,7 +645,7 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
rsp_hdr->SessionId = 0;
memset(rsp_hdr->Signature, 0, 16);
- rsp = work->response_buf;
+ rsp = smb2_get_msg(work->response_buf);
rsp->StructureSize = cpu_to_le16(24);
if (!br_info->open_trunc &&
@@ -659,7 +659,7 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
rsp->PersistentFid = cpu_to_le64(fp->persistent_id);
rsp->VolatileFid = cpu_to_le64(fp->volatile_id);
- inc_rfc1001_len(rsp, 24);
+ inc_rfc1001_len(work->response_buf, 24);
ksmbd_debug(OPLOCK,
"sending oplock break v_id %llu p_id = %llu lock level = %d\n",
@@ -736,10 +736,10 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
return;
}
- rsp_hdr = work->response_buf;
+ rsp_hdr = smb2_get_msg(work->response_buf);
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
- rsp_hdr->smb2_buf_length =
- cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
+ *(__be32 *)work->response_buf =
+ cpu_to_be32(conn->vals->header_size);
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->CreditRequest = cpu_to_le16(0);
@@ -752,7 +752,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
rsp_hdr->SessionId = 0;
memset(rsp_hdr->Signature, 0, 16);
- rsp = work->response_buf;
+ rsp = smb2_get_msg(work->response_buf);
rsp->StructureSize = cpu_to_le16(44);
rsp->Epoch = br_info->epoch;
rsp->Flags = 0;
@@ -768,7 +768,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
rsp->AccessMaskHint = 0;
rsp->ShareMaskHint = 0;
- inc_rfc1001_len(rsp, 44);
+ inc_rfc1001_len(work->response_buf, 44);
ksmbd_conn_write(work);
ksmbd_free_work_struct(work);
@@ -1398,7 +1398,7 @@ struct lease_ctx_info *parse_lease_state(void *open_req)
if (!lreq)
return NULL;
- data_offset = (char *)req + 4 + le32_to_cpu(req->CreateContextsOffset);
+ data_offset = (char *)req + le32_to_cpu(req->CreateContextsOffset);
cc = (struct create_context *)data_offset;
do {
cc = (struct create_context *)((char *)cc + next);
@@ -1462,7 +1462,7 @@ struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
* CreateContextsOffset and CreateContextsLength are guaranteed to
* be valid because of ksmbd_smb2_check_message().
*/
- cc = (struct create_context *)((char *)req + 4 +
+ cc = (struct create_context *)((char *)req +
le32_to_cpu(req->CreateContextsOffset));
remain_len = le32_to_cpu(req->CreateContextsLength);
do {
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 0239fa96926c..0aba1c91fd37 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -351,7 +351,7 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work)
struct smb2_hdr *hdr = &pdu->hdr;
int command;
__u32 clc_len; /* calculated length */
- __u32 len = get_rfc1002_len(pdu);
+ __u32 len = get_rfc1002_len(work->request_buf);
if (le32_to_cpu(hdr->NextCommand) > 0)
len = le32_to_cpu(hdr->NextCommand);
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index bec55e1f08dc..ae906e78616e 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -44,8 +44,8 @@ static void __wbuf(struct ksmbd_work *work, void **req, void **rsp)
*req = ksmbd_req_buf_next(work);
*rsp = ksmbd_resp_buf_next(work);
} else {
- *req = work->request_buf;
- *rsp = work->response_buf;
+ *req = smb2_get_msg(work->request_buf);
+ *rsp = smb2_get_msg(work->response_buf);
}
}
@@ -93,7 +93,7 @@ struct channel *lookup_chann_list(struct ksmbd_session *sess, struct ksmbd_conn
*/
int smb2_get_ksmbd_tcon(struct ksmbd_work *work)
{
- struct smb2_hdr *req_hdr = work->request_buf;
+ struct smb2_hdr *req_hdr = smb2_get_msg(work->request_buf);
unsigned int cmd = le16_to_cpu(req_hdr->Command);
int tree_id;
@@ -131,7 +131,7 @@ void smb2_set_err_rsp(struct ksmbd_work *work)
if (work->next_smb2_rcv_hdr_off)
err_rsp = ksmbd_resp_buf_next(work);
else
- err_rsp = work->response_buf;
+ err_rsp = smb2_get_msg(work->response_buf);
if (err_rsp->hdr.Status != STATUS_STOPPED_ON_SYMLINK) {
err_rsp->StructureSize = SMB2_ERROR_STRUCTURE_SIZE2_LE;
@@ -151,7 +151,7 @@ void smb2_set_err_rsp(struct ksmbd_work *work)
*/
bool is_smb2_neg_cmd(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = work->request_buf;
+ struct smb2_hdr *hdr = smb2_get_msg(work->request_buf);
/* is it SMB2 header ? */
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
@@ -175,7 +175,7 @@ bool is_smb2_neg_cmd(struct ksmbd_work *work)
*/
bool is_smb2_rsp(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = work->response_buf;
+ struct smb2_hdr *hdr = smb2_get_msg(work->response_buf);
/* is it SMB2 header ? */
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
@@ -201,7 +201,7 @@ u16 get_smb2_cmd_val(struct ksmbd_work *work)
if (work->next_smb2_rcv_hdr_off)
rcv_hdr = ksmbd_req_buf_next(work);
else
- rcv_hdr = work->request_buf;
+ rcv_hdr = smb2_get_msg(work->request_buf);
return le16_to_cpu(rcv_hdr->Command);
}
@@ -217,7 +217,7 @@ void set_smb2_rsp_status(struct ksmbd_work *work, __le32 err)
if (work->next_smb2_rcv_hdr_off)
rsp_hdr = ksmbd_resp_buf_next(work);
else
- rsp_hdr = work->response_buf;
+ rsp_hdr = smb2_get_msg(work->response_buf);
rsp_hdr->Status = err;
smb2_set_err_rsp(work);
}
@@ -238,13 +238,11 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
if (conn->need_neg == false)
return -EINVAL;
- rsp_hdr = work->response_buf;
+ *(__be32 *)work->response_buf =
+ cpu_to_be32(conn->vals->header_size);
+ rsp_hdr = smb2_get_msg(work->response_buf);
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
-
- rsp_hdr->smb2_buf_length =
- cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
-
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->CreditRequest = cpu_to_le16(2);
@@ -257,7 +255,7 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
rsp_hdr->SessionId = 0;
memset(rsp_hdr->Signature, 0, 16);
- rsp = work->response_buf;
+ rsp = smb2_get_msg(work->response_buf);
WARN_ON(ksmbd_conn_good(work));
@@ -278,12 +276,12 @@ int init_smb2_neg_rsp(struct ksmbd_work *work)
rsp->SecurityBufferOffset = cpu_to_le16(128);
rsp->SecurityBufferLength = cpu_to_le16(AUTH_GSS_LENGTH);
- ksmbd_copy_gss_neg_header(((char *)(&rsp->hdr) +
- sizeof(rsp->hdr.smb2_buf_length)) +
+ ksmbd_copy_gss_neg_header((char *)(&rsp->hdr) +
le16_to_cpu(rsp->SecurityBufferOffset));
- inc_rfc1001_len(rsp, sizeof(struct smb2_negotiate_rsp) -
- sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) +
- AUTH_GSS_LENGTH);
+ inc_rfc1001_len(work->response_buf,
+ sizeof(struct smb2_negotiate_rsp) -
+ sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) +
+ AUTH_GSS_LENGTH);
rsp->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED_LE;
if (server_conf.signing == KSMBD_CONFIG_OPT_MANDATORY)
rsp->SecurityMode |= SMB2_NEGOTIATE_SIGNING_REQUIRED_LE;
@@ -388,8 +386,8 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
next_hdr_offset = le32_to_cpu(req->NextCommand);
new_len = ALIGN(len, 8);
- inc_rfc1001_len(work->response_buf, ((sizeof(struct smb2_hdr) - 4)
- + new_len - len));
+ inc_rfc1001_len(work->response_buf,
+ sizeof(struct smb2_hdr) + new_len - len);
rsp->NextCommand = cpu_to_le32(new_len);
work->next_smb2_rcv_hdr_off += next_hdr_offset;
@@ -407,7 +405,7 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
work->compound_fid = KSMBD_NO_FID;
work->compound_pfid = KSMBD_NO_FID;
}
- memset((char *)rsp_hdr + 4, 0, sizeof(struct smb2_hdr) + 2);
+ memset((char *)rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->Command = rcv_hdr->Command;
@@ -433,7 +431,7 @@ static void init_chained_smb2_rsp(struct ksmbd_work *work)
*/
bool is_chained_smb2_message(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = work->request_buf;
+ struct smb2_hdr *hdr = smb2_get_msg(work->request_buf);
unsigned int len, next_cmd;
if (hdr->ProtocolId != SMB2_PROTO_NUMBER)
@@ -484,13 +482,13 @@ bool is_chained_smb2_message(struct ksmbd_work *work)
*/
int init_smb2_rsp_hdr(struct ksmbd_work *work)
{
- struct smb2_hdr *rsp_hdr = work->response_buf;
- struct smb2_hdr *rcv_hdr = work->request_buf;
+ struct smb2_hdr *rsp_hdr = smb2_get_msg(work->response_buf);
+ struct smb2_hdr *rcv_hdr = smb2_get_msg(work->request_buf);
struct ksmbd_conn *conn = work->conn;
memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
- rsp_hdr->smb2_buf_length =
- cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals));
+ *(__be32 *)work->response_buf =
+ cpu_to_be32(conn->vals->header_size);
rsp_hdr->ProtocolId = rcv_hdr->ProtocolId;
rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
rsp_hdr->Command = rcv_hdr->Command;
@@ -523,7 +521,7 @@ int init_smb2_rsp_hdr(struct ksmbd_work *work)
*/
int smb2_allocate_rsp_buf(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr = work->request_buf;
+ struct smb2_hdr *hdr = smb2_get_msg(work->request_buf);
size_t small_sz = MAX_CIFS_SMALL_BUFFER_SIZE;
size_t large_sz = small_sz + work->conn->vals->max_trans_size;
size_t sz = small_sz;
@@ -535,7 +533,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
if (cmd == SMB2_QUERY_INFO_HE) {
struct smb2_query_info_req *req;
- req = work->request_buf;
+ req = smb2_get_msg(work->request_buf);
if (req->InfoType == SMB2_O_INFO_FILE &&
(req->FileInfoClass == FILE_FULL_EA_INFORMATION ||
req->FileInfoClass == FILE_ALL_INFORMATION))
@@ -562,7 +560,7 @@ int smb2_allocate_rsp_buf(struct ksmbd_work *work)
*/
int smb2_check_user_session(struct ksmbd_work *work)
{
- struct smb2_hdr *req_hdr = work->request_buf;
+ struct smb2_hdr *req_hdr = smb2_get_msg(work->request_buf);
struct ksmbd_conn *conn = work->conn;
unsigned int cmd = conn->ops->get_cmd_val(work);
unsigned long long sess_id;
@@ -643,7 +641,7 @@ int setup_async_work(struct ksmbd_work *work, void (*fn)(void **), void **arg)
struct ksmbd_conn *conn = work->conn;
int id;
- rsp_hdr = work->response_buf;
+ rsp_hdr = smb2_get_msg(work->response_buf);
rsp_hdr->Flags |= SMB2_FLAGS_ASYNC_COMMAND;
id = ksmbd_acquire_async_msg_id(&conn->async_ida);
@@ -675,7 +673,7 @@ void smb2_send_interim_resp(struct ksmbd_work *work, __le32 status)
{
struct smb2_hdr *rsp_hdr;
- rsp_hdr = work->response_buf;
+ rsp_hdr = smb2_get_msg(work->response_buf);
smb2_set_err_rsp(work);
rsp_hdr->Status = status;
@@ -803,11 +801,11 @@ static void build_posix_ctxt(struct smb2_posix_neg_context *pneg_ctxt)
}
static void assemble_neg_contexts(struct ksmbd_conn *conn,
- struct smb2_negotiate_rsp *rsp)
+ struct smb2_negotiate_rsp *rsp,
+ void *smb2_buf_len)
{
- /* +4 is to account for the RFC1001 len field */
char *pneg_ctxt = (char *)rsp +
- le32_to_cpu(rsp->NegotiateContextOffset) + 4;
+ le32_to_cpu(rsp->NegotiateContextOffset);
int neg_ctxt_cnt = 1;
int ctxt_size;
@@ -816,7 +814,7 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt,
conn->preauth_info->Preauth_HashId);
rsp->NegotiateContextCount = cpu_to_le16(neg_ctxt_cnt);
- inc_rfc1001_len(rsp, AUTH_GSS_PADDING);
+ inc_rfc1001_len(smb2_buf_len, AUTH_GSS_PADDING);
ctxt_size = sizeof(struct smb2_preauth_neg_context);
/* Round to 8 byte boundary */
pneg_ctxt += round_up(sizeof(struct smb2_preauth_neg_context), 8);
@@ -870,7 +868,7 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
ctxt_size += sizeof(struct smb2_signing_capabilities) + 2;
}
- inc_rfc1001_len(rsp, ctxt_size);
+ inc_rfc1001_len(smb2_buf_len, ctxt_size);
}
static __le32 decode_preauth_ctxt(struct ksmbd_conn *conn,
@@ -953,14 +951,14 @@ static void decode_sign_cap_ctxt(struct ksmbd_conn *conn,
}
static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
- struct smb2_negotiate_req *req)
+ struct smb2_negotiate_req *req,
+ int len_of_smb)
{
/* +4 is to account for the RFC1001 len field */
- struct smb2_neg_context *pctx = (struct smb2_neg_context *)((char *)req + 4);
+ struct smb2_neg_context *pctx = (struct smb2_neg_context *)req;
int i = 0, len_of_ctxts;
int offset = le32_to_cpu(req->NegotiateContextOffset);
int neg_ctxt_cnt = le16_to_cpu(req->NegotiateContextCount);
- int len_of_smb = be32_to_cpu(req->hdr.smb2_buf_length);
__le32 status = STATUS_INVALID_PARAMETER;
ksmbd_debug(SMB, "decoding %d negotiate contexts\n", neg_ctxt_cnt);
@@ -1045,8 +1043,8 @@ static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn,
int smb2_handle_negotiate(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_negotiate_req *req = work->request_buf;
- struct smb2_negotiate_rsp *rsp = work->response_buf;
+ struct smb2_negotiate_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_negotiate_rsp *rsp = smb2_get_msg(work->response_buf);
int rc = 0;
unsigned int smb2_buf_len, smb2_neg_size;
__le32 status;
@@ -1067,7 +1065,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
}
smb2_buf_len = get_rfc1002_len(work->request_buf);
- smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects) - 4;
+ smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects);
if (smb2_neg_size > smb2_buf_len) {
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
rc = -EINVAL;
@@ -1116,7 +1114,8 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
goto err_out;
}
- status = deassemble_neg_contexts(conn, req);
+ status = deassemble_neg_contexts(conn, req,
+ get_rfc1002_len(work->request_buf));
if (status != STATUS_SUCCESS) {
pr_err("deassemble_neg_contexts error(0x%x)\n",
status);
@@ -1136,7 +1135,7 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
conn->preauth_info->Preauth_HashValue);
rsp->NegotiateContextOffset =
cpu_to_le32(OFFSET_OF_NEG_CONTEXT);
- assemble_neg_contexts(conn, rsp);
+ assemble_neg_contexts(conn, rsp, work->response_buf);
break;
case SMB302_PROT_ID:
init_smb3_02_server(conn);
@@ -1184,10 +1183,9 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
rsp->SecurityBufferOffset = cpu_to_le16(128);
rsp->SecurityBufferLength = cpu_to_le16(AUTH_GSS_LENGTH);
- ksmbd_copy_gss_neg_header(((char *)(&rsp->hdr) +
- sizeof(rsp->hdr.smb2_buf_length)) +
- le16_to_cpu(rsp->SecurityBufferOffset));
- inc_rfc1001_len(rsp, sizeof(struct smb2_negotiate_rsp) -
+ ksmbd_copy_gss_neg_header((char *)(&rsp->hdr) +
+ le16_to_cpu(rsp->SecurityBufferOffset));
+ inc_rfc1001_len(work->response_buf, sizeof(struct smb2_negotiate_rsp) -
sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) +
AUTH_GSS_LENGTH);
rsp->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED_LE;
@@ -1279,7 +1277,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
struct negotiate_message *negblob,
size_t negblob_len)
{
- struct smb2_sess_setup_rsp *rsp = work->response_buf;
+ struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf);
struct challenge_message *chgblob;
unsigned char *spnego_blob = NULL;
u16 spnego_blob_len;
@@ -1387,8 +1385,8 @@ static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
static int ntlm_authenticate(struct ksmbd_work *work)
{
- struct smb2_sess_setup_req *req = work->request_buf;
- struct smb2_sess_setup_rsp *rsp = work->response_buf;
+ struct smb2_sess_setup_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess = work->sess;
struct channel *chann = NULL;
@@ -1411,7 +1409,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
memcpy((char *)&rsp->hdr.ProtocolId + sz, spnego_blob, spnego_blob_len);
rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len);
kfree(spnego_blob);
- inc_rfc1001_len(rsp, spnego_blob_len - 1);
+ inc_rfc1001_len(work->response_buf, spnego_blob_len - 1);
}
user = session_user(conn, req);
@@ -1523,8 +1521,8 @@ static int ntlm_authenticate(struct ksmbd_work *work)
#ifdef CONFIG_SMB_SERVER_KERBEROS5
static int krb5_authenticate(struct ksmbd_work *work)
{
- struct smb2_sess_setup_req *req = work->request_buf;
- struct smb2_sess_setup_rsp *rsp = work->response_buf;
+ struct smb2_sess_setup_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess = work->sess;
char *in_blob, *out_blob;
@@ -1539,8 +1537,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
out_blob = (char *)&rsp->hdr.ProtocolId +
le16_to_cpu(rsp->SecurityBufferOffset);
out_len = work->response_sz -
- offsetof(struct smb2_hdr, smb2_buf_length) -
- le16_to_cpu(rsp->SecurityBufferOffset);
+ (le16_to_cpu(rsp->SecurityBufferOffset) + 4);
/* Check previous session */
prev_sess_id = le64_to_cpu(req->PreviousSessionId);
@@ -1557,7 +1554,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
return -EINVAL;
}
rsp->SecurityBufferLength = cpu_to_le16(out_len);
- inc_rfc1001_len(rsp, out_len - 1);
+ inc_rfc1001_len(work->response_buf, out_len - 1);
if ((conn->sign || server_conf.enforced_signing) ||
(req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
@@ -1613,8 +1610,8 @@ static int krb5_authenticate(struct ksmbd_work *work)
int smb2_sess_setup(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_sess_setup_req *req = work->request_buf;
- struct smb2_sess_setup_rsp *rsp = work->response_buf;
+ struct smb2_sess_setup_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_session *sess;
struct negotiate_message *negblob;
unsigned int negblob_len, negblob_off;
@@ -1626,7 +1623,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
rsp->SessionFlags = 0;
rsp->SecurityBufferOffset = cpu_to_le16(72);
rsp->SecurityBufferLength = 0;
- inc_rfc1001_len(rsp, 9);
+ inc_rfc1001_len(work->response_buf, 9);
if (!req->hdr.SessionId) {
sess = ksmbd_smb2_session_create();
@@ -1700,7 +1697,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
negblob_off = le16_to_cpu(req->SecurityBufferOffset);
negblob_len = le16_to_cpu(req->SecurityBufferLength);
- if (negblob_off < (offsetof(struct smb2_sess_setup_req, Buffer) - 4) ||
+ if (negblob_off < offsetof(struct smb2_sess_setup_req, Buffer) ||
negblob_len < offsetof(struct negotiate_message, NegotiateFlags))
return -EINVAL;
@@ -1740,7 +1737,8 @@ int smb2_sess_setup(struct ksmbd_work *work)
* Note: here total size -1 is done as an
* adjustment for 0 size blob
*/
- inc_rfc1001_len(rsp, le16_to_cpu(rsp->SecurityBufferLength) - 1);
+ inc_rfc1001_len(work->response_buf,
+ le16_to_cpu(rsp->SecurityBufferLength) - 1);
} else if (negblob->MessageType == NtLmAuthenticate) {
rc = ntlm_authenticate(work);
@@ -1829,8 +1827,8 @@ int smb2_sess_setup(struct ksmbd_work *work)
int smb2_tree_connect(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_tree_connect_req *req = work->request_buf;
- struct smb2_tree_connect_rsp *rsp = work->response_buf;
+ struct smb2_tree_connect_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_tree_connect_rsp *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_session *sess = work->sess;
char *treename = NULL, *name = NULL;
struct ksmbd_tree_conn_status status;
@@ -1895,7 +1893,7 @@ int smb2_tree_connect(struct ksmbd_work *work)
rsp->Reserved = 0;
/* default manual caching */
rsp->ShareFlags = SMB2_SHAREFLAG_MANUAL_CACHING;
- inc_rfc1001_len(rsp, 16);
+ inc_rfc1001_len(work->response_buf, 16);
if (!IS_ERR(treename))
kfree(treename);
@@ -2000,17 +1998,18 @@ static int smb2_create_open_flags(bool file_present, __le32 access,
*/
int smb2_tree_disconnect(struct ksmbd_work *work)
{
- struct smb2_tree_disconnect_rsp *rsp = work->response_buf;
+ struct smb2_tree_disconnect_rsp *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_session *sess = work->sess;
struct ksmbd_tree_connect *tcon = work->tcon;
rsp->StructureSize = cpu_to_le16(4);
- inc_rfc1001_len(rsp, 4);
+ inc_rfc1001_len(work->response_buf, 4);
ksmbd_debug(SMB, "request\n");
if (!tcon) {
- struct smb2_tree_disconnect_req *req = work->request_buf;
+ struct smb2_tree_disconnect_req *req =
+ smb2_get_msg(work->request_buf);
ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId);
rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED;
@@ -2032,11 +2031,11 @@ int smb2_tree_disconnect(struct ksmbd_work *work)
int smb2_session_logoff(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_logoff_rsp *rsp = work->response_buf;
+ struct smb2_logoff_rsp *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_session *sess = work->sess;
rsp->StructureSize = cpu_to_le16(4);
- inc_rfc1001_len(rsp, 4);
+ inc_rfc1001_len(work->response_buf, 4);
ksmbd_debug(SMB, "request\n");
@@ -2049,7 +2048,7 @@ int smb2_session_logoff(struct ksmbd_work *work)
ksmbd_conn_wait_idle(conn);
if (ksmbd_tree_conn_session_logoff(sess)) {
- struct smb2_logoff_req *req = work->request_buf;
+ struct smb2_logoff_req *req = smb2_get_msg(work->request_buf);
ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId);
rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED;
@@ -2076,8 +2075,8 @@ int smb2_session_logoff(struct ksmbd_work *work)
*/
static noinline int create_smb2_pipe(struct ksmbd_work *work)
{
- struct smb2_create_rsp *rsp = work->response_buf;
- struct smb2_create_req *req = work->request_buf;
+ struct smb2_create_rsp *rsp = smb2_get_msg(work->response_buf);
+ struct smb2_create_req *req = smb2_get_msg(work->request_buf);
int id;
int err;
char *name;
@@ -2115,7 +2114,7 @@ static noinline int create_smb2_pipe(struct ksmbd_work *work)
rsp->CreateContextsOffset = 0;
rsp->CreateContextsLength = 0;
- inc_rfc1001_len(rsp, 88); /* StructureSize - 1*/
+ inc_rfc1001_len(work->response_buf, 88); /* StructureSize - 1*/
kfree(name);
return 0;
@@ -2449,7 +2448,7 @@ int smb2_open(struct ksmbd_work *work)
struct ksmbd_session *sess = work->sess;
struct ksmbd_tree_connect *tcon = work->tcon;
struct smb2_create_req *req;
- struct smb2_create_rsp *rsp, *rsp_org;
+ struct smb2_create_rsp *rsp;
struct path path;
struct ksmbd_share_config *share = tcon->share_conf;
struct ksmbd_file *fp = NULL;
@@ -2474,7 +2473,6 @@ int smb2_open(struct ksmbd_work *work)
umode_t posix_mode = 0;
__le32 daccess, maximal_access = 0;
- rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (req->hdr.NextCommand && !work->next_smb2_rcv_hdr_off &&
@@ -3114,7 +3112,7 @@ int smb2_open(struct ksmbd_work *work)
rsp->CreateContextsOffset = 0;
rsp->CreateContextsLength = 0;
- inc_rfc1001_len(rsp_org, 88); /* StructureSize - 1*/
+ inc_rfc1001_len(work->response_buf, 88); /* StructureSize - 1*/
/* If lease is request send lease context response */
if (opinfo && opinfo->is_lease) {
@@ -3129,7 +3127,8 @@ int smb2_open(struct ksmbd_work *work)
create_lease_buf(rsp->Buffer, opinfo->o_lease);
le32_add_cpu(&rsp->CreateContextsLength,
conn->vals->create_lease_size);
- inc_rfc1001_len(rsp_org, conn->vals->create_lease_size);
+ inc_rfc1001_len(work->response_buf,
+ conn->vals->create_lease_size);
next_ptr = &lease_ccontext->Next;
next_off = conn->vals->create_lease_size;
}
@@ -3148,7 +3147,8 @@ int smb2_open(struct ksmbd_work *work)
le32_to_cpu(maximal_access));
le32_add_cpu(&rsp->CreateContextsLength,
conn->vals->create_mxac_size);
- inc_rfc1001_len(rsp_org, conn->vals->create_mxac_size);
+ inc_rfc1001_len(work->response_buf,
+ conn->vals->create_mxac_size);
if (next_ptr)
*next_ptr = cpu_to_le32(next_off);
next_ptr = &mxac_ccontext->Next;
@@ -3166,7 +3166,8 @@ int smb2_open(struct ksmbd_work *work)
stat.ino, tcon->id);
le32_add_cpu(&rsp->CreateContextsLength,
conn->vals->create_disk_id_size);
- inc_rfc1001_len(rsp_org, conn->vals->create_disk_id_size);
+ inc_rfc1001_len(work->response_buf,
+ conn->vals->create_disk_id_size);
if (next_ptr)
*next_ptr = cpu_to_le32(next_off);
next_ptr = &disk_id_ccontext->Next;
@@ -3180,15 +3181,15 @@ int smb2_open(struct ksmbd_work *work)
fp);
le32_add_cpu(&rsp->CreateContextsLength,
conn->vals->create_posix_size);
- inc_rfc1001_len(rsp_org, conn->vals->create_posix_size);
+ inc_rfc1001_len(work->response_buf,
+ conn->vals->create_posix_size);
if (next_ptr)
*next_ptr = cpu_to_le32(next_off);
}
if (contxt_cnt > 0) {
rsp->CreateContextsOffset =
- cpu_to_le32(offsetof(struct smb2_create_rsp, Buffer)
- - 4);
+ cpu_to_le32(offsetof(struct smb2_create_rsp, Buffer));
}
err_out:
@@ -3786,7 +3787,7 @@ int smb2_query_dir(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_query_directory_req *req;
- struct smb2_query_directory_rsp *rsp, *rsp_org;
+ struct smb2_query_directory_rsp *rsp;
struct ksmbd_share_config *share = work->tcon->share_conf;
struct ksmbd_file *dir_fp = NULL;
struct ksmbd_dir_info d_info;
@@ -3796,7 +3797,6 @@ int smb2_query_dir(struct ksmbd_work *work)
int buffer_sz;
struct smb2_query_dir_private query_dir_private = {NULL, };
- rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (ksmbd_override_fsids(work)) {
@@ -3916,7 +3916,7 @@ int smb2_query_dir(struct ksmbd_work *work)
rsp->OutputBufferOffset = cpu_to_le16(0);
rsp->OutputBufferLength = cpu_to_le32(0);
rsp->Buffer[0] = 0;
- inc_rfc1001_len(rsp_org, 9);
+ inc_rfc1001_len(work->response_buf, 9);
} else {
((struct file_directory_info *)
((char *)rsp->Buffer + d_info.last_entry_offset))
@@ -3925,7 +3925,7 @@ int smb2_query_dir(struct ksmbd_work *work)
rsp->StructureSize = cpu_to_le16(9);
rsp->OutputBufferOffset = cpu_to_le16(72);
rsp->OutputBufferLength = cpu_to_le32(d_info.data_count);
- inc_rfc1001_len(rsp_org, 8 + d_info.data_count);
+ inc_rfc1001_len(work->response_buf, 8 + d_info.data_count);
}
kfree(srch_ptr);
@@ -3968,26 +3968,28 @@ int smb2_query_dir(struct ksmbd_work *work)
* Return: 0 on success, otherwise error
*/
static int buffer_check_err(int reqOutputBufferLength,
- struct smb2_query_info_rsp *rsp, int infoclass_size)
+ struct smb2_query_info_rsp *rsp,
+ void *rsp_org, int infoclass_size)
{
if (reqOutputBufferLength < le32_to_cpu(rsp->OutputBufferLength)) {
if (reqOutputBufferLength < infoclass_size) {
pr_err("Invalid Buffer Size Requested\n");
rsp->hdr.Status = STATUS_INFO_LENGTH_MISMATCH;
- rsp->hdr.smb2_buf_length = cpu_to_be32(sizeof(struct smb2_hdr) - 4);
+ *(__be32 *)rsp_org = cpu_to_be32(sizeof(struct smb2_hdr));
return -EINVAL;
}
ksmbd_debug(SMB, "Buffer Overflow\n");
rsp->hdr.Status = STATUS_BUFFER_OVERFLOW;
- rsp->hdr.smb2_buf_length = cpu_to_be32(sizeof(struct smb2_hdr) - 4 +
+ *(__be32 *)rsp_org = cpu_to_be32(sizeof(struct smb2_hdr) +
reqOutputBufferLength);
rsp->OutputBufferLength = cpu_to_le32(reqOutputBufferLength);
}
return 0;
}
-static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp)
+static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
{
struct smb2_file_standard_info *sinfo;
@@ -4000,10 +4002,11 @@ static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp)
sinfo->Directory = 0;
rsp->OutputBufferLength =
cpu_to_le32(sizeof(struct smb2_file_standard_info));
- inc_rfc1001_len(rsp, sizeof(struct smb2_file_standard_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_standard_info));
}
-static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp, u64 num)
+static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp, u64 num,
+ void *rsp_org)
{
struct smb2_file_internal_info *file_info;
@@ -4013,12 +4016,13 @@ static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp, u64 num)
file_info->IndexNumber = cpu_to_le64(num | (1ULL << 63));
rsp->OutputBufferLength =
cpu_to_le32(sizeof(struct smb2_file_internal_info));
- inc_rfc1001_len(rsp, sizeof(struct smb2_file_internal_info));
+ inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_internal_info));
}
static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp)
+ struct smb2_query_info_rsp *rsp,
+ void *rsp_org)
{
u64 id;
int rc;
@@ -4036,14 +4040,16 @@ static int smb2_get_info_file_pipe(struct ksmbd_session *sess,
switch (req->FileInfoClass) {
case FILE_STANDARD_INFORMATION:
- get_standard_info_pipe(rsp);
+ get_standard_info_pipe(rsp, rsp_org);
rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
- rsp, FILE_STANDARD_INFORMATION_SIZE);
+ rsp, rsp_org,
+ FILE_STANDARD_INFORMATION_SIZE);
break;
case FILE_INTERNAL_INFORMATION:
- get_internal_info_pipe(rsp, id);
+ get_internal_info_pipe(rsp, id, rsp_org);
rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
- rsp, FILE_INTERNAL_INFORMATION_SIZE);
+ rsp, rsp_org,
+ FILE_INTERNAL_INFORMATION_SIZE);
break;
default:
ksmbd_debug(SMB, "smb2_info_file_pipe for %u not supported\n",
@@ -4651,7 +4657,7 @@ static int find_file_posix_info(struct smb2_query_info_rsp *rsp,
static int smb2_get_info_file(struct ksmbd_work *work,
struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp, void *rsp_org)
+ struct smb2_query_info_rsp *rsp)
{
struct ksmbd_file *fp;
int fileinfoclass = 0;
@@ -4662,7 +4668,8 @@ static int smb2_get_info_file(struct ksmbd_work *work,
if (test_share_config_flag(work->tcon->share_conf,
KSMBD_SHARE_FLAG_PIPE)) {
/* smb2 info file called for pipe */
- return smb2_get_info_file_pipe(work->sess, req, rsp);
+ return smb2_get_info_file_pipe(work->sess, req, rsp,
+ work->response_buf);
}
if (work->next_smb2_rcv_hdr_off) {
@@ -4687,77 +4694,77 @@ static int smb2_get_info_file(struct ksmbd_work *work,
switch (fileinfoclass) {
case FILE_ACCESS_INFORMATION:
- get_file_access_info(rsp, fp, rsp_org);
+ get_file_access_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_ACCESS_INFORMATION_SIZE;
break;
case FILE_BASIC_INFORMATION:
- rc = get_file_basic_info(rsp, fp, rsp_org);
+ rc = get_file_basic_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_BASIC_INFORMATION_SIZE;
break;
case FILE_STANDARD_INFORMATION:
- get_file_standard_info(rsp, fp, rsp_org);
+ get_file_standard_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_STANDARD_INFORMATION_SIZE;
break;
case FILE_ALIGNMENT_INFORMATION:
- get_file_alignment_info(rsp, rsp_org);
+ get_file_alignment_info(rsp, work->response_buf);
file_infoclass_size = FILE_ALIGNMENT_INFORMATION_SIZE;
break;
case FILE_ALL_INFORMATION:
- rc = get_file_all_info(work, rsp, fp, rsp_org);
+ rc = get_file_all_info(work, rsp, fp, work->response_buf);
file_infoclass_size = FILE_ALL_INFORMATION_SIZE;
break;
case FILE_ALTERNATE_NAME_INFORMATION:
- get_file_alternate_info(work, rsp, fp, rsp_org);
+ get_file_alternate_info(work, rsp, fp, work->response_buf);
file_infoclass_size = FILE_ALTERNATE_NAME_INFORMATION_SIZE;
break;
case FILE_STREAM_INFORMATION:
- get_file_stream_info(work, rsp, fp, rsp_org);
+ get_file_stream_info(work, rsp, fp, work->response_buf);
file_infoclass_size = FILE_STREAM_INFORMATION_SIZE;
break;
case FILE_INTERNAL_INFORMATION:
- get_file_internal_info(rsp, fp, rsp_org);
+ get_file_internal_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_INTERNAL_INFORMATION_SIZE;
break;
case FILE_NETWORK_OPEN_INFORMATION:
- rc = get_file_network_open_info(rsp, fp, rsp_org);
+ rc = get_file_network_open_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_NETWORK_OPEN_INFORMATION_SIZE;
break;
case FILE_EA_INFORMATION:
- get_file_ea_info(rsp, rsp_org);
+ get_file_ea_info(rsp, work->response_buf);
file_infoclass_size = FILE_EA_INFORMATION_SIZE;
break;
case FILE_FULL_EA_INFORMATION:
- rc = smb2_get_ea(work, fp, req, rsp, rsp_org);
+ rc = smb2_get_ea(work, fp, req, rsp, work->response_buf);
file_infoclass_size = FILE_FULL_EA_INFORMATION_SIZE;
break;
case FILE_POSITION_INFORMATION:
- get_file_position_info(rsp, fp, rsp_org);
+ get_file_position_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_POSITION_INFORMATION_SIZE;
break;
case FILE_MODE_INFORMATION:
- get_file_mode_info(rsp, fp, rsp_org);
+ get_file_mode_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_MODE_INFORMATION_SIZE;
break;
case FILE_COMPRESSION_INFORMATION:
- get_file_compression_info(rsp, fp, rsp_org);
+ get_file_compression_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_COMPRESSION_INFORMATION_SIZE;
break;
case FILE_ATTRIBUTE_TAG_INFORMATION:
- rc = get_file_attribute_tag_info(rsp, fp, rsp_org);
+ rc = get_file_attribute_tag_info(rsp, fp, work->response_buf);
file_infoclass_size = FILE_ATTRIBUTE_TAG_INFORMATION_SIZE;
break;
case SMB_FIND_FILE_POSIX_INFO:
@@ -4765,7 +4772,7 @@ static int smb2_get_info_file(struct ksmbd_work *work,
pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
rc = -EOPNOTSUPP;
} else {
- rc = find_file_posix_info(rsp, fp, rsp_org);
+ rc = find_file_posix_info(rsp, fp, work->response_buf);
file_infoclass_size = sizeof(struct smb311_posix_qinfo);
}
break;
@@ -4776,7 +4783,7 @@ static int smb2_get_info_file(struct ksmbd_work *work,
}
if (!rc)
rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
- rsp,
+ rsp, work->response_buf,
file_infoclass_size);
ksmbd_fd_put(work, fp);
return rc;
@@ -4784,7 +4791,7 @@ static int smb2_get_info_file(struct ksmbd_work *work,
static int smb2_get_info_filesystem(struct ksmbd_work *work,
struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp, void *rsp_org)
+ struct smb2_query_info_rsp *rsp)
{
struct ksmbd_session *sess = work->sess;
struct ksmbd_conn *conn = sess->conn;
@@ -4820,7 +4827,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->DeviceType = cpu_to_le32(stfs.f_type);
info->DeviceCharacteristics = cpu_to_le32(0x00000020);
rsp->OutputBufferLength = cpu_to_le32(8);
- inc_rfc1001_len(rsp_org, 8);
+ inc_rfc1001_len(work->response_buf, 8);
fs_infoclass_size = FS_DEVICE_INFORMATION_SIZE;
break;
}
@@ -4846,7 +4853,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->FileSystemNameLen = cpu_to_le32(len);
sz = sizeof(struct filesystem_attribute_info) - 2 + len;
rsp->OutputBufferLength = cpu_to_le32(sz);
- inc_rfc1001_len(rsp_org, sz);
+ inc_rfc1001_len(work->response_buf, sz);
fs_infoclass_size = FS_ATTRIBUTE_INFORMATION_SIZE;
break;
}
@@ -4867,7 +4874,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->Reserved = 0;
sz = sizeof(struct filesystem_vol_info) - 2 + len;
rsp->OutputBufferLength = cpu_to_le32(sz);
- inc_rfc1001_len(rsp_org, sz);
+ inc_rfc1001_len(work->response_buf, sz);
fs_infoclass_size = FS_VOLUME_INFORMATION_SIZE;
break;
}
@@ -4881,7 +4888,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->SectorsPerAllocationUnit = cpu_to_le32(1);
info->BytesPerSector = cpu_to_le32(stfs.f_bsize);
rsp->OutputBufferLength = cpu_to_le32(24);
- inc_rfc1001_len(rsp_org, 24);
+ inc_rfc1001_len(work->response_buf, 24);
fs_infoclass_size = FS_SIZE_INFORMATION_SIZE;
break;
}
@@ -4898,7 +4905,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->SectorsPerAllocationUnit = cpu_to_le32(1);
info->BytesPerSector = cpu_to_le32(stfs.f_bsize);
rsp->OutputBufferLength = cpu_to_le32(32);
- inc_rfc1001_len(rsp_org, 32);
+ inc_rfc1001_len(work->response_buf, 32);
fs_infoclass_size = FS_FULL_SIZE_INFORMATION_SIZE;
break;
}
@@ -4919,7 +4926,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->extended_info.rel_date = 0;
memcpy(info->extended_info.version_string, "1.1.0", strlen("1.1.0"));
rsp->OutputBufferLength = cpu_to_le32(64);
- inc_rfc1001_len(rsp_org, 64);
+ inc_rfc1001_len(work->response_buf, 64);
fs_infoclass_size = FS_OBJECT_ID_INFORMATION_SIZE;
break;
}
@@ -4940,7 +4947,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->ByteOffsetForSectorAlignment = 0;
info->ByteOffsetForPartitionAlignment = 0;
rsp->OutputBufferLength = cpu_to_le32(28);
- inc_rfc1001_len(rsp_org, 28);
+ inc_rfc1001_len(work->response_buf, 28);
fs_infoclass_size = FS_SECTOR_SIZE_INFORMATION_SIZE;
break;
}
@@ -4962,7 +4969,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->DefaultQuotaLimit = cpu_to_le64(SMB2_NO_FID);
info->Padding = 0;
rsp->OutputBufferLength = cpu_to_le32(48);
- inc_rfc1001_len(rsp_org, 48);
+ inc_rfc1001_len(work->response_buf, 48);
fs_infoclass_size = FS_CONTROL_INFORMATION_SIZE;
break;
}
@@ -4983,7 +4990,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
info->TotalFileNodes = cpu_to_le64(stfs.f_files);
info->FreeFileNodes = cpu_to_le64(stfs.f_ffree);
rsp->OutputBufferLength = cpu_to_le32(56);
- inc_rfc1001_len(rsp_org, 56);
+ inc_rfc1001_len(work->response_buf, 56);
fs_infoclass_size = FS_POSIX_INFORMATION_SIZE;
}
break;
@@ -4993,7 +5000,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
return -EOPNOTSUPP;
}
rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength),
- rsp,
+ rsp, work->response_buf,
fs_infoclass_size);
path_put(&path);
return rc;
@@ -5001,7 +5008,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
static int smb2_get_info_sec(struct ksmbd_work *work,
struct smb2_query_info_req *req,
- struct smb2_query_info_rsp *rsp, void *rsp_org)
+ struct smb2_query_info_rsp *rsp)
{
struct ksmbd_file *fp;
struct smb_ntsd *pntsd = (struct smb_ntsd *)rsp->Buffer, *ppntsd = NULL;
@@ -5027,7 +5034,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
secdesclen = sizeof(struct smb_ntsd);
rsp->OutputBufferLength = cpu_to_le32(secdesclen);
- inc_rfc1001_len(rsp_org, secdesclen);
+ inc_rfc1001_len(work->response_buf, secdesclen);
return 0;
}
@@ -5066,7 +5073,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
return rc;
rsp->OutputBufferLength = cpu_to_le32(secdesclen);
- inc_rfc1001_len(rsp_org, secdesclen);
+ inc_rfc1001_len(work->response_buf, secdesclen);
return 0;
}
@@ -5079,10 +5086,9 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
int smb2_query_info(struct ksmbd_work *work)
{
struct smb2_query_info_req *req;
- struct smb2_query_info_rsp *rsp, *rsp_org;
+ struct smb2_query_info_rsp *rsp;
int rc = 0;
- rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
ksmbd_debug(SMB, "GOT query info request\n");
@@ -5090,15 +5096,15 @@ int smb2_query_info(struct ksmbd_work *work)
switch (req->InfoType) {
case SMB2_O_INFO_FILE:
ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILE\n");
- rc = smb2_get_info_file(work, req, rsp, (void *)rsp_org);
+ rc = smb2_get_info_file(work, req, rsp);
break;
case SMB2_O_INFO_FILESYSTEM:
ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILESYSTEM\n");
- rc = smb2_get_info_filesystem(work, req, rsp, (void *)rsp_org);
+ rc = smb2_get_info_filesystem(work, req, rsp);
break;
case SMB2_O_INFO_SECURITY:
ksmbd_debug(SMB, "GOT SMB2_O_INFO_SECURITY\n");
- rc = smb2_get_info_sec(work, req, rsp, (void *)rsp_org);
+ rc = smb2_get_info_sec(work, req, rsp);
break;
default:
ksmbd_debug(SMB, "InfoType %d not supported yet\n",
@@ -5123,7 +5129,7 @@ int smb2_query_info(struct ksmbd_work *work)
}
rsp->StructureSize = cpu_to_le16(9);
rsp->OutputBufferOffset = cpu_to_le16(72);
- inc_rfc1001_len(rsp_org, 8);
+ inc_rfc1001_len(work->response_buf, 8);
return 0;
}
@@ -5136,8 +5142,8 @@ int smb2_query_info(struct ksmbd_work *work)
static noinline int smb2_close_pipe(struct ksmbd_work *work)
{
u64 id;
- struct smb2_close_req *req = work->request_buf;
- struct smb2_close_rsp *rsp = work->response_buf;
+ struct smb2_close_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_close_rsp *rsp = smb2_get_msg(work->response_buf);
id = le64_to_cpu(req->VolatileFileId);
ksmbd_session_rpc_close(work->sess, id);
@@ -5152,7 +5158,7 @@ static noinline int smb2_close_pipe(struct ksmbd_work *work)
rsp->AllocationSize = 0;
rsp->EndOfFile = 0;
rsp->Attributes = 0;
- inc_rfc1001_len(rsp, 60);
+ inc_rfc1001_len(work->response_buf, 60);
return 0;
}
@@ -5168,14 +5174,12 @@ int smb2_close(struct ksmbd_work *work)
u64 sess_id;
struct smb2_close_req *req;
struct smb2_close_rsp *rsp;
- struct smb2_close_rsp *rsp_org;
struct ksmbd_conn *conn = work->conn;
struct ksmbd_file *fp;
struct inode *inode;
u64 time;
int err = 0;
- rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (test_share_config_flag(work->tcon->share_conf,
@@ -5265,7 +5269,7 @@ int smb2_close(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_FILE_CLOSED;
smb2_set_err_rsp(work);
} else {
- inc_rfc1001_len(rsp_org, 60);
+ inc_rfc1001_len(work->response_buf, 60);
}
return 0;
@@ -5279,11 +5283,11 @@ int smb2_close(struct ksmbd_work *work)
*/
int smb2_echo(struct ksmbd_work *work)
{
- struct smb2_echo_rsp *rsp = work->response_buf;
+ struct smb2_echo_rsp *rsp = smb2_get_msg(work->response_buf);
rsp->StructureSize = cpu_to_le16(4);
rsp->Reserved = 0;
- inc_rfc1001_len(rsp, 4);
+ inc_rfc1001_len(work->response_buf, 4);
return 0;
}
@@ -5894,14 +5898,13 @@ static int smb2_set_info_sec(struct ksmbd_file *fp, int addition_info,
int smb2_set_info(struct ksmbd_work *work)
{
struct smb2_set_info_req *req;
- struct smb2_set_info_rsp *rsp, *rsp_org;
+ struct smb2_set_info_rsp *rsp;
struct ksmbd_file *fp;
int rc = 0;
unsigned int id = KSMBD_NO_FID, pid = KSMBD_NO_FID;
ksmbd_debug(SMB, "Received set info request\n");
- rsp_org = work->response_buf;
if (work->next_smb2_rcv_hdr_off) {
req = ksmbd_req_buf_next(work);
rsp = ksmbd_resp_buf_next(work);
@@ -5912,8 +5915,8 @@ int smb2_set_info(struct ksmbd_work *work)
pid = work->compound_pfid;
}
} else {
- req = work->request_buf;
- rsp = work->response_buf;
+ req = smb2_get_msg(work->request_buf);
+ rsp = smb2_get_msg(work->response_buf);
}
if (!has_file_id(id)) {
@@ -5953,7 +5956,7 @@ int smb2_set_info(struct ksmbd_work *work)
goto err_out;
rsp->StructureSize = cpu_to_le16(2);
- inc_rfc1001_len(rsp_org, 2);
+ inc_rfc1001_len(work->response_buf, 2);
ksmbd_fd_put(work, fp);
return 0;
@@ -5993,12 +5996,12 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
int nbytes = 0, err;
u64 id;
struct ksmbd_rpc_command *rpc_resp;
- struct smb2_read_req *req = work->request_buf;
- struct smb2_read_rsp *rsp = work->response_buf;
+ struct smb2_read_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_read_rsp *rsp = smb2_get_msg(work->response_buf);
id = le64_to_cpu(req->VolatileFileId);
- inc_rfc1001_len(rsp, 16);
+ inc_rfc1001_len(work->response_buf, 16);
rpc_resp = ksmbd_rpc_read(work->sess, id);
if (rpc_resp) {
if (rpc_resp->flags != KSMBD_RPC_OK) {
@@ -6017,7 +6020,7 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
rpc_resp->payload_sz);
nbytes = rpc_resp->payload_sz;
- work->resp_hdr_sz = get_rfc1002_len(rsp) + 4;
+ work->resp_hdr_sz = get_rfc1002_len(work->response_buf) + 4;
work->aux_payload_sz = nbytes;
kvfree(rpc_resp);
}
@@ -6028,7 +6031,7 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
rsp->DataLength = cpu_to_le32(nbytes);
rsp->DataRemaining = 0;
rsp->Reserved2 = 0;
- inc_rfc1001_len(rsp, nbytes);
+ inc_rfc1001_len(work->response_buf, nbytes);
return 0;
out:
@@ -6078,14 +6081,13 @@ int smb2_read(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
struct smb2_read_req *req;
- struct smb2_read_rsp *rsp, *rsp_org;
+ struct smb2_read_rsp *rsp;
struct ksmbd_file *fp;
loff_t offset;
size_t length, mincount;
ssize_t nbytes = 0, remain_bytes = 0;
int err = 0;
- rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (test_share_config_flag(work->tcon->share_conf,
@@ -6167,10 +6169,10 @@ int smb2_read(struct ksmbd_work *work)
rsp->DataLength = cpu_to_le32(nbytes);
rsp->DataRemaining = cpu_to_le32(remain_bytes);
rsp->Reserved2 = 0;
- inc_rfc1001_len(rsp_org, 16);
- work->resp_hdr_sz = get_rfc1002_len(rsp_org) + 4;
+ inc_rfc1001_len(work->response_buf, 16);
+ work->resp_hdr_sz = get_rfc1002_len(work->response_buf) + 4;
work->aux_payload_sz = nbytes;
- inc_rfc1001_len(rsp_org, nbytes);
+ inc_rfc1001_len(work->response_buf, nbytes);
ksmbd_fd_put(work, fp);
return 0;
@@ -6205,8 +6207,8 @@ int smb2_read(struct ksmbd_work *work)
*/
static noinline int smb2_write_pipe(struct ksmbd_work *work)
{
- struct smb2_write_req *req = work->request_buf;
- struct smb2_write_rsp *rsp = work->response_buf;
+ struct smb2_write_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_write_rsp *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_rpc_command *rpc_resp;
u64 id = 0;
int err = 0, ret = 0;
@@ -6217,13 +6219,14 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
id = le64_to_cpu(req->VolatileFileId);
if (le16_to_cpu(req->DataOffset) ==
- (offsetof(struct smb2_write_req, Buffer) - 4)) {
+ offsetof(struct smb2_write_req, Buffer)) {
data_buf = (char *)&req->Buffer[0];
} else {
- if ((u64)le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req)) {
+ if ((u64)le16_to_cpu(req->DataOffset) + length >
+ get_rfc1002_len(work->request_buf)) {
pr_err("invalid write data offset %u, smb_len %u\n",
le16_to_cpu(req->DataOffset),
- get_rfc1002_len(req));
+ get_rfc1002_len(work->request_buf));
err = -EINVAL;
goto out;
}
@@ -6255,7 +6258,7 @@ static noinline int smb2_write_pipe(struct ksmbd_work *work)
rsp->DataLength = cpu_to_le32(length);
rsp->DataRemaining = 0;
rsp->Reserved2 = 0;
- inc_rfc1001_len(rsp, 16);
+ inc_rfc1001_len(work->response_buf, 16);
return 0;
out:
if (err) {
@@ -6323,7 +6326,7 @@ static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
int smb2_write(struct ksmbd_work *work)
{
struct smb2_write_req *req;
- struct smb2_write_rsp *rsp, *rsp_org;
+ struct smb2_write_rsp *rsp;
struct ksmbd_file *fp = NULL;
loff_t offset;
size_t length;
@@ -6332,7 +6335,6 @@ int smb2_write(struct ksmbd_work *work)
bool writethrough = false;
int err = 0;
- rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
if (test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_PIPE)) {
@@ -6375,13 +6377,14 @@ int smb2_write(struct ksmbd_work *work)
if (req->Channel != SMB2_CHANNEL_RDMA_V1 &&
req->Channel != SMB2_CHANNEL_RDMA_V1_INVALIDATE) {
if (le16_to_cpu(req->DataOffset) ==
- (offsetof(struct smb2_write_req, Buffer) - 4)) {
+ offsetof(struct smb2_write_req, Buffer)) {
data_buf = (char *)&req->Buffer[0];
} else {
- if ((u64)le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req)) {
+ if ((u64)le16_to_cpu(req->DataOffset) + length >
+ get_rfc1002_len(work->request_buf)) {
pr_err("invalid write data offset %u, smb_len %u\n",
le16_to_cpu(req->DataOffset),
- get_rfc1002_len(req));
+ get_rfc1002_len(work->request_buf));
err = -EINVAL;
goto out;
}
@@ -6419,7 +6422,7 @@ int smb2_write(struct ksmbd_work *work)
rsp->DataLength = cpu_to_le32(nbytes);
rsp->DataRemaining = 0;
rsp->Reserved2 = 0;
- inc_rfc1001_len(rsp_org, 16);
+ inc_rfc1001_len(work->response_buf, 16);
ksmbd_fd_put(work, fp);
return 0;
@@ -6453,10 +6456,9 @@ int smb2_write(struct ksmbd_work *work)
int smb2_flush(struct ksmbd_work *work)
{
struct smb2_flush_req *req;
- struct smb2_flush_rsp *rsp, *rsp_org;
+ struct smb2_flush_rsp *rsp;
int err;
- rsp_org = work->response_buf;
WORK_BUFFERS(work, req, rsp);
ksmbd_debug(SMB, "SMB2_FLUSH called for fid %llu\n",
@@ -6470,7 +6472,7 @@ int smb2_flush(struct ksmbd_work *work)
rsp->StructureSize = cpu_to_le16(4);
rsp->Reserved = 0;
- inc_rfc1001_len(rsp_org, 4);
+ inc_rfc1001_len(work->response_buf, 4);
return 0;
out:
@@ -6491,7 +6493,7 @@ int smb2_flush(struct ksmbd_work *work)
int smb2_cancel(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_hdr *hdr = work->request_buf;
+ struct smb2_hdr *hdr = smb2_get_msg(work->request_buf);
struct smb2_hdr *chdr;
struct ksmbd_work *cancel_work = NULL;
int canceled = 0;
@@ -6506,7 +6508,7 @@ int smb2_cancel(struct ksmbd_work *work)
spin_lock(&conn->request_lock);
list_for_each_entry(cancel_work, command_list,
async_request_entry) {
- chdr = cancel_work->request_buf;
+ chdr = smb2_get_msg(cancel_work->request_buf);
if (cancel_work->async_id !=
le64_to_cpu(hdr->Id.AsyncId))
@@ -6525,7 +6527,7 @@ int smb2_cancel(struct ksmbd_work *work)
spin_lock(&conn->request_lock);
list_for_each_entry(cancel_work, command_list, request_entry) {
- chdr = cancel_work->request_buf;
+ chdr = smb2_get_msg(cancel_work->request_buf);
if (chdr->MessageId != hdr->MessageId ||
cancel_work == work)
@@ -6660,8 +6662,8 @@ static inline bool lock_defer_pending(struct file_lock *fl)
*/
int smb2_lock(struct ksmbd_work *work)
{
- struct smb2_lock_req *req = work->request_buf;
- struct smb2_lock_rsp *rsp = work->response_buf;
+ struct smb2_lock_req *req = smb2_get_msg(work->request_buf);
+ struct smb2_lock_rsp *rsp = smb2_get_msg(work->response_buf);
struct smb2_lock_element *lock_ele;
struct ksmbd_file *fp = NULL;
struct file_lock *flock = NULL;
@@ -6968,7 +6970,7 @@ int smb2_lock(struct ksmbd_work *work)
ksmbd_debug(SMB, "successful in taking lock\n");
rsp->hdr.Status = STATUS_SUCCESS;
rsp->Reserved = 0;
- inc_rfc1001_len(rsp, 4);
+ inc_rfc1001_len(work->response_buf, 4);
ksmbd_fd_put(work, fp);
return 0;
@@ -7437,13 +7439,12 @@ static int fsctl_request_resume_key(struct ksmbd_work *work,
int smb2_ioctl(struct ksmbd_work *work)
{
struct smb2_ioctl_req *req;
- struct smb2_ioctl_rsp *rsp, *rsp_org;
+ struct smb2_ioctl_rsp *rsp;
unsigned int cnt_code, nbytes = 0, out_buf_len, in_buf_len;
u64 id = KSMBD_NO_FID;
struct ksmbd_conn *conn = work->conn;
int ret = 0;
- rsp_org = work->response_buf;
if (work->next_smb2_rcv_hdr_off) {
req = ksmbd_req_buf_next(work);
rsp = ksmbd_resp_buf_next(work);
@@ -7453,8 +7454,8 @@ int smb2_ioctl(struct ksmbd_work *work)
id = work->compound_fid;
}
} else {
- req = work->request_buf;
- rsp = work->response_buf;
+ req = smb2_get_msg(work->request_buf);
+ rsp = smb2_get_msg(work->response_buf);
}
if (!has_file_id(id))
@@ -7734,7 +7735,7 @@ int smb2_ioctl(struct ksmbd_work *work)
rsp->Reserved = cpu_to_le16(0);
rsp->Flags = cpu_to_le32(0);
rsp->Reserved2 = cpu_to_le32(0);
- inc_rfc1001_len(rsp_org, 48 + nbytes);
+ inc_rfc1001_len(work->response_buf, 48 + nbytes);
return 0;
@@ -7761,8 +7762,8 @@ int smb2_ioctl(struct ksmbd_work *work)
*/
static void smb20_oplock_break_ack(struct ksmbd_work *work)
{
- struct smb2_oplock_break *req = work->request_buf;
- struct smb2_oplock_break *rsp = work->response_buf;
+ struct smb2_oplock_break *req = smb2_get_msg(work->request_buf);
+ struct smb2_oplock_break *rsp = smb2_get_msg(work->response_buf);
struct ksmbd_file *fp;
struct oplock_info *opinfo = NULL;
__le32 err = 0;
@@ -7869,7 +7870,7 @@ static void smb20_oplock_break_ack(struct ksmbd_work *work)
rsp->Reserved2 = 0;
rsp->VolatileFid = cpu_to_le64(volatile_id);
rsp->PersistentFid = cpu_to_le64(persistent_id);
- inc_rfc1001_len(rsp, 24);
+ inc_rfc1001_len(work->response_buf, 24);
return;
err_out:
@@ -7905,8 +7906,8 @@ static int check_lease_state(struct lease *lease, __le32 req_state)
static void smb21_lease_break_ack(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_lease_ack *req = work->request_buf;
- struct smb2_lease_ack *rsp = work->response_buf;
+ struct smb2_lease_ack *req = smb2_get_msg(work->request_buf);
+ struct smb2_lease_ack *rsp = smb2_get_msg(work->response_buf);
struct oplock_info *opinfo;
__le32 err = 0;
int ret = 0;
@@ -8018,7 +8019,7 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
memcpy(rsp->LeaseKey, req->LeaseKey, 16);
rsp->LeaseState = lease_state;
rsp->LeaseDuration = 0;
- inc_rfc1001_len(rsp, 36);
+ inc_rfc1001_len(work->response_buf, 36);
return;
err_out:
@@ -8039,8 +8040,8 @@ static void smb21_lease_break_ack(struct ksmbd_work *work)
*/
int smb2_oplock_break(struct ksmbd_work *work)
{
- struct smb2_oplock_break *req = work->request_buf;
- struct smb2_oplock_break *rsp = work->response_buf;
+ struct smb2_oplock_break *req = smb2_get_msg(work->request_buf);
+ struct smb2_oplock_break *rsp = smb2_get_msg(work->response_buf);
switch (le16_to_cpu(req->StructureSize)) {
case OP_BREAK_STRUCT_SIZE_20:
@@ -8092,7 +8093,7 @@ int smb2_notify(struct ksmbd_work *work)
*/
bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command)
{
- struct smb2_hdr *rcv_hdr2 = work->request_buf;
+ struct smb2_hdr *rcv_hdr2 = smb2_get_msg(work->request_buf);
if ((rcv_hdr2->Flags & SMB2_FLAGS_SIGNED) &&
command != SMB2_NEGOTIATE_HE &&
@@ -8111,22 +8112,22 @@ bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command)
*/
int smb2_check_sign_req(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr, *hdr_org;
+ struct smb2_hdr *hdr;
char signature_req[SMB2_SIGNATURE_SIZE];
char signature[SMB2_HMACSHA256_SIZE];
struct kvec iov[1];
size_t len;
- hdr_org = hdr = work->request_buf;
+ hdr = smb2_get_msg(work->request_buf);
if (work->next_smb2_rcv_hdr_off)
hdr = ksmbd_req_buf_next(work);
if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off)
- len = be32_to_cpu(hdr_org->smb2_buf_length);
+ len = get_rfc1002_len(work->request_buf);
else if (hdr->NextCommand)
len = le32_to_cpu(hdr->NextCommand);
else
- len = be32_to_cpu(hdr_org->smb2_buf_length) -
+ len = get_rfc1002_len(work->request_buf) -
work->next_smb2_rcv_hdr_off;
memcpy(signature_req, hdr->Signature, SMB2_SIGNATURE_SIZE);
@@ -8154,25 +8155,26 @@ int smb2_check_sign_req(struct ksmbd_work *work)
*/
void smb2_set_sign_rsp(struct ksmbd_work *work)
{
- struct smb2_hdr *hdr, *hdr_org;
+ struct smb2_hdr *hdr;
struct smb2_hdr *req_hdr;
char signature[SMB2_HMACSHA256_SIZE];
struct kvec iov[2];
size_t len;
int n_vec = 1;
- hdr_org = hdr = work->response_buf;
+ hdr = smb2_get_msg(work->response_buf);
if (work->next_smb2_rsp_hdr_off)
hdr = ksmbd_resp_buf_next(work);
req_hdr = ksmbd_req_buf_next(work);
if (!work->next_smb2_rsp_hdr_off) {
- len = get_rfc1002_len(hdr_org);
+ len = get_rfc1002_len(work->response_buf);
if (req_hdr->NextCommand)
len = ALIGN(len, 8);
} else {
- len = get_rfc1002_len(hdr_org) - work->next_smb2_rsp_hdr_off;
+ len = get_rfc1002_len(work->response_buf) -
+ work->next_smb2_rsp_hdr_off;
len = ALIGN(len, 8);
}
@@ -8208,23 +8210,23 @@ int smb3_check_sign_req(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
char *signing_key;
- struct smb2_hdr *hdr, *hdr_org;
+ struct smb2_hdr *hdr;
struct channel *chann;
char signature_req[SMB2_SIGNATURE_SIZE];
char signature[SMB2_CMACAES_SIZE];
struct kvec iov[1];
size_t len;
- hdr_org = hdr = work->request_buf;
+ hdr = smb2_get_msg(work->request_buf);
if (work->next_smb2_rcv_hdr_off)
hdr = ksmbd_req_buf_next(work);
if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off)
- len = be32_to_cpu(hdr_org->smb2_buf_length);
+ len = get_rfc1002_len(work->request_buf);
else if (hdr->NextCommand)
len = le32_to_cpu(hdr->NextCommand);
else
- len = be32_to_cpu(hdr_org->smb2_buf_length) -
+ len = get_rfc1002_len(work->request_buf) -
work->next_smb2_rcv_hdr_off;
if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
@@ -8265,8 +8267,7 @@ int smb3_check_sign_req(struct ksmbd_work *work)
void smb3_set_sign_rsp(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_hdr *req_hdr;
- struct smb2_hdr *hdr, *hdr_org;
+ struct smb2_hdr *req_hdr, *hdr;
struct channel *chann;
char signature[SMB2_CMACAES_SIZE];
struct kvec iov[2];
@@ -8274,18 +8275,19 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)
size_t len;
char *signing_key;
- hdr_org = hdr = work->response_buf;
+ hdr = smb2_get_msg(work->response_buf);
if (work->next_smb2_rsp_hdr_off)
hdr = ksmbd_resp_buf_next(work);
req_hdr = ksmbd_req_buf_next(work);
if (!work->next_smb2_rsp_hdr_off) {
- len = get_rfc1002_len(hdr_org);
+ len = get_rfc1002_len(work->response_buf);
if (req_hdr->NextCommand)
len = ALIGN(len, 8);
} else {
- len = get_rfc1002_len(hdr_org) - work->next_smb2_rsp_hdr_off;
+ len = get_rfc1002_len(work->response_buf) -
+ work->next_smb2_rsp_hdr_off;
len = ALIGN(len, 8);
}
@@ -8338,7 +8340,7 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
if (le16_to_cpu(req->Command) == SMB2_NEGOTIATE_HE &&
conn->preauth_info)
- ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
+ ksmbd_gen_preauth_integrity_hash(conn, work->response_buf,
conn->preauth_info->Preauth_HashValue);
if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE && sess) {
@@ -8356,7 +8358,7 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
if (!hash_value)
return;
}
- ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp,
+ ksmbd_gen_preauth_integrity_hash(conn, work->response_buf,
hash_value);
}
}
@@ -8438,7 +8440,6 @@ int smb3_decrypt_req(struct ksmbd_work *work)
struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess;
char *buf = work->request_buf;
- struct smb2_hdr *hdr;
unsigned int pdu_length = get_rfc1002_len(buf);
struct kvec iov[2];
int buf_data_size = pdu_length + 4 -
@@ -8473,8 +8474,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
return rc;
memmove(buf + 4, iov[1].iov_base, buf_data_size);
- hdr = (struct smb2_hdr *)buf;
- hdr->smb2_buf_length = cpu_to_be32(buf_data_size);
+ *(__be32 *)buf = cpu_to_be32(buf_data_size);
return rc;
}
@@ -8482,7 +8482,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work)
{
struct ksmbd_conn *conn = work->conn;
- struct smb2_hdr *rsp = work->response_buf;
+ struct smb2_hdr *rsp = smb2_get_msg(work->response_buf);
if (conn->dialect < SMB30_PROT_ID)
return false;
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index ff5a2f01d34a..a70f5461bffe 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -130,11 +130,6 @@
cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE)
struct smb2_hdr {
- __be32 smb2_buf_length; /* big endian on wire */
- /*
- * length is only two or three bytes - with
- * one or two byte type preceding it that MBZ
- */
__le32 ProtocolId; /* 0xFE 'S' 'M' 'B' */
__le16 StructureSize; /* 64 */
__le16 CreditCharge; /* MBZ */
@@ -253,14 +248,14 @@ struct preauth_integrity_info {
__u8 Preauth_HashValue[PREAUTH_HASHVALUE_SIZE];
};
-/* offset is sizeof smb2_negotiate_rsp - 4 but rounded up to 8 bytes. */
+/* offset is sizeof smb2_negotiate_rsp but rounded up to 8 bytes. */
#ifdef CONFIG_SMB_SERVER_KERBEROS5
-/* sizeof(struct smb2_negotiate_rsp) - 4 =
+/* sizeof(struct smb2_negotiate_rsp) =
* header(64) + response(64) + GSS_LENGTH(96) + GSS_PADDING(0)
*/
#define OFFSET_OF_NEG_CONTEXT 0xe0
#else
-/* sizeof(struct smb2_negotiate_rsp) - 4 =
+/* sizeof(struct smb2_negotiate_rsp) =
* header(64) + response(64) + GSS_LENGTH(74) + GSS_PADDING(6)
*/
#define OFFSET_OF_NEG_CONTEXT 0xd0
@@ -1705,4 +1700,13 @@ int smb2_ioctl(struct ksmbd_work *work);
int smb2_oplock_break(struct ksmbd_work *work);
int smb2_notify(struct ksmbd_work *ksmbd_work);
+/*
+ * Get the body of the smb2 message excluding the 4 byte rfc1002 headers
+ * from request/response buffer.
+ */
+static inline void *smb2_get_msg(void *buf)
+{
+ return buf + 4;
+}
+
#endif /* _SMB2PDU_H */
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index f3f1953b2bcf..be9701273c71 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -239,14 +239,14 @@ int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count)
static int ksmbd_negotiate_smb_dialect(void *buf)
{
int smb_buf_length = get_rfc1002_len(buf);
- __le32 proto = ((struct smb2_hdr *)buf)->ProtocolId;
+ __le32 proto = ((struct smb2_hdr *)smb2_get_msg(buf))->ProtocolId;
if (proto == SMB2_PROTO_NUMBER) {
struct smb2_negotiate_req *req;
int smb2_neg_size =
- offsetof(struct smb2_negotiate_req, Dialects) - 4;
+ offsetof(struct smb2_negotiate_req, Dialects);
- req = (struct smb2_negotiate_req *)buf;
+ req = (struct smb2_negotiate_req *)smb2_get_msg(buf);
if (smb2_neg_size > smb_buf_length)
goto err_out;
@@ -443,11 +443,12 @@ int ksmbd_smb_negotiate_common(struct ksmbd_work *work, unsigned int command)
struct ksmbd_conn *conn = work->conn;
int ret;
- conn->dialect = ksmbd_negotiate_smb_dialect(work->request_buf);
+ conn->dialect =
+ ksmbd_negotiate_smb_dialect(work->request_buf);
ksmbd_debug(SMB, "conn->dialect 0x%x\n", conn->dialect);
if (command == SMB2_NEGOTIATE_HE) {
- struct smb2_hdr *smb2_hdr = work->request_buf;
+ struct smb2_hdr *smb2_hdr = smb2_get_msg(work->request_buf);
if (smb2_hdr->ProtocolId != SMB2_PROTO_NUMBER) {
ksmbd_debug(SMB, "Downgrade to SMB1 negotiation\n");
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 6e79e7577f6b..35ca9b7d9979 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -477,12 +477,6 @@ struct smb_version_cmds {
int (*proc)(struct ksmbd_work *swork);
};
-static inline size_t
-smb2_hdr_size_no_buflen(struct smb_version_values *vals)
-{
- return vals->header_size - 4;
-}
-
int ksmbd_min_protocol(void);
int ksmbd_max_protocol(void);
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 6330dfc302ff..7e57cbb0bb35 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -484,7 +484,7 @@ static int smb_direct_check_recvmsg(struct smb_direct_recvmsg *recvmsg)
struct smb_direct_data_transfer *req =
(struct smb_direct_data_transfer *)recvmsg->packet;
struct smb2_hdr *hdr = (struct smb2_hdr *)(recvmsg->packet
- + le32_to_cpu(req->data_offset) - 4);
+ + le32_to_cpu(req->data_offset));
ksmbd_debug(RDMA,
"CreditGranted: %u, CreditRequested: %u, DataLength: %u, RemainingDataLength: %u, SMB: %x, Command: %u\n",
le16_to_cpu(req->credits_granted),
From patchwork Mon Nov 14 12:52:40 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183348
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:13 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:13 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:12 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 251/308] ksmbd: remove smb2_buf_length in
smb2_transform_hdr
Date: Mon, 14 Nov 2022 20:52:40 +0800
Message-ID: <20221114125337.1831594-252-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f0488c85-2bb2-42d8-0a21-08dac63c893d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6434101
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc1
commit 2dd9129f7dec1de369e4447a54ea2edf695f765b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2dd9129f7dec
-------------------------------
To move smb2_transform_hdr to smbfs_common, This patch remove
smb2_buf_length variable in smb2_transform_hdr.
Cc: Ronnie Sahlberg <ronniesahlberg(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 7 +++----
fs/ksmbd/connection.c | 2 +-
fs/ksmbd/smb2pdu.c | 37 +++++++++++++++++--------------------
fs/ksmbd/smb2pdu.h | 5 -----
4 files changed, 21 insertions(+), 30 deletions(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index c69c5471db1c..3503b1c48cb4 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -983,7 +983,7 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
u8 *sign)
{
struct scatterlist *sg;
- unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
+ unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;
int i, nr_entries[3] = {0}, total_entries = 0, sg_idx = 0;
if (!nvec)
@@ -1047,9 +1047,8 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
unsigned int nvec, int enc)
{
- struct smb2_transform_hdr *tr_hdr =
- (struct smb2_transform_hdr *)iov[0].iov_base;
- unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24;
+ struct smb2_transform_hdr *tr_hdr = smb2_get_msg(iov[0].iov_base);
+ unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;
int rc;
struct scatterlist *sg;
u8 sign[SMB2_SIGNATURE_SIZE] = {};
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 12f710ccbdff..83a94d0bb480 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -171,7 +171,7 @@ int ksmbd_conn_write(struct ksmbd_work *work)
if (work->tr_buf) {
iov[iov_idx] = (struct kvec) { work->tr_buf,
- sizeof(struct smb2_transform_hdr) };
+ sizeof(struct smb2_transform_hdr) + 4 };
len += iov[iov_idx++].iov_len;
}
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index ae906e78616e..bbf9f04ee2fb 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -8363,13 +8363,13 @@ void smb3_preauth_hash_rsp(struct ksmbd_work *work)
}
}
-static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, char *old_buf,
- __le16 cipher_type)
+static void fill_transform_hdr(void *tr_buf, char *old_buf, __le16 cipher_type)
{
- struct smb2_hdr *hdr = (struct smb2_hdr *)old_buf;
+ struct smb2_transform_hdr *tr_hdr = tr_buf + 4;
+ struct smb2_hdr *hdr = smb2_get_msg(old_buf);
unsigned int orig_len = get_rfc1002_len(old_buf);
- memset(tr_hdr, 0, sizeof(struct smb2_transform_hdr));
+ memset(tr_buf, 0, sizeof(struct smb2_transform_hdr) + 4);
tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
tr_hdr->Flags = cpu_to_le16(0x01);
@@ -8379,14 +8379,13 @@ static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, char *old_buf,
else
get_random_bytes(&tr_hdr->Nonce, SMB3_AES_CCM_NONCE);
memcpy(&tr_hdr->SessionId, &hdr->SessionId, 8);
- inc_rfc1001_len(tr_hdr, sizeof(struct smb2_transform_hdr) - 4);
- inc_rfc1001_len(tr_hdr, orig_len);
+ inc_rfc1001_len(tr_buf, sizeof(struct smb2_transform_hdr));
+ inc_rfc1001_len(tr_buf, orig_len);
}
int smb3_encrypt_resp(struct ksmbd_work *work)
{
char *buf = work->response_buf;
- struct smb2_transform_hdr *tr_hdr;
struct kvec iov[3];
int rc = -ENOMEM;
int buf_size = 0, rq_nvec = 2 + (work->aux_payload_sz ? 1 : 0);
@@ -8394,15 +8393,15 @@ int smb3_encrypt_resp(struct ksmbd_work *work)
if (ARRAY_SIZE(iov) < rq_nvec)
return -ENOMEM;
- tr_hdr = kzalloc(sizeof(struct smb2_transform_hdr), GFP_KERNEL);
- if (!tr_hdr)
+ work->tr_buf = kzalloc(sizeof(struct smb2_transform_hdr) + 4, GFP_KERNEL);
+ if (!work->tr_buf)
return rc;
/* fill transform header */
- fill_transform_hdr(tr_hdr, buf, work->conn->cipher_type);
+ fill_transform_hdr(work->tr_buf, buf, work->conn->cipher_type);
- iov[0].iov_base = tr_hdr;
- iov[0].iov_len = sizeof(struct smb2_transform_hdr);
+ iov[0].iov_base = work->tr_buf;
+ iov[0].iov_len = sizeof(struct smb2_transform_hdr) + 4;
buf_size += iov[0].iov_len - 4;
iov[1].iov_base = buf + 4;
@@ -8422,15 +8421,14 @@ int smb3_encrypt_resp(struct ksmbd_work *work)
return rc;
memmove(buf, iov[1].iov_base, iov[1].iov_len);
- tr_hdr->smb2_buf_length = cpu_to_be32(buf_size);
- work->tr_buf = tr_hdr;
+ *(__be32 *)work->tr_buf = cpu_to_be32(buf_size);
return rc;
}
bool smb3_is_transform_hdr(void *buf)
{
- struct smb2_transform_hdr *trhdr = buf;
+ struct smb2_transform_hdr *trhdr = smb2_get_msg(buf);
return trhdr->ProtocolId == SMB2_TRANSFORM_PROTO_NUM;
}
@@ -8442,9 +8440,8 @@ int smb3_decrypt_req(struct ksmbd_work *work)
char *buf = work->request_buf;
unsigned int pdu_length = get_rfc1002_len(buf);
struct kvec iov[2];
- int buf_data_size = pdu_length + 4 -
- sizeof(struct smb2_transform_hdr);
- struct smb2_transform_hdr *tr_hdr = (struct smb2_transform_hdr *)buf;
+ int buf_data_size = pdu_length - sizeof(struct smb2_transform_hdr);
+ struct smb2_transform_hdr *tr_hdr = smb2_get_msg(buf);
int rc = 0;
if (buf_data_size < sizeof(struct smb2_hdr)) {
@@ -8466,8 +8463,8 @@ int smb3_decrypt_req(struct ksmbd_work *work)
}
iov[0].iov_base = buf;
- iov[0].iov_len = sizeof(struct smb2_transform_hdr);
- iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr);
+ iov[0].iov_len = sizeof(struct smb2_transform_hdr) + 4;
+ iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr) + 4;
iov[1].iov_len = buf_data_size;
rc = ksmbd_crypt_message(conn, iov, 2, 0);
if (rc)
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index a70f5461bffe..f418b001b999 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -159,11 +159,6 @@ struct smb2_pdu {
#define SMB3_AES_GCM_NONCE 12
struct smb2_transform_hdr {
- __be32 smb2_buf_length; /* big endian on wire */
- /*
- * length is only two or three bytes - with
- * one or two byte type preceding it that MBZ
- */
__le32 ProtocolId; /* 0xFD 'S' 'M' 'B' */
__u8 Signature[16];
__u8 Nonce[16];
From patchwork Mon Nov 14 12:52:41 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183349
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:13 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:13 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:13 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 252/308] ksmbd: change LeaseKey data type to u8
array
Date: Mon, 14 Nov 2022 20:52:41 +0800
Message-ID: <20221114125337.1831594-253-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d3602676-ccbc-4a0f-9c04-08dac63c8985
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6906586
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc1
commit 2734b692f7b8167b93498dcd698067623d4267ca
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2734b692f7b8
-------------------------------
cifs define LeaseKey as u8 array in structure. To move lease structure
to smbfs_common, ksmbd change LeaseKey data type to u8 array.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/oplock.c | 24 +++++++++---------------
fs/ksmbd/oplock.h | 2 --
fs/ksmbd/smb2pdu.h | 11 +++++------
3 files changed, 14 insertions(+), 23 deletions(-)
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index e529bc11b04b..3162bdcdb255 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -1335,19 +1335,16 @@ __u8 smb2_map_lease_to_oplock(__le32 lease_state)
*/
void create_lease_buf(u8 *rbuf, struct lease *lease)
{
- char *LeaseKey = (char *)&lease->lease_key;
-
if (lease->version == 2) {
struct create_lease_v2 *buf = (struct create_lease_v2 *)rbuf;
- char *ParentLeaseKey = (char *)&lease->parent_lease_key;
memset(buf, 0, sizeof(struct create_lease_v2));
- buf->lcontext.LeaseKeyLow = *((__le64 *)LeaseKey);
- buf->lcontext.LeaseKeyHigh = *((__le64 *)(LeaseKey + 8));
+ memcpy(buf->lcontext.LeaseKey, lease->lease_key,
+ SMB2_LEASE_KEY_SIZE);
buf->lcontext.LeaseFlags = lease->flags;
buf->lcontext.LeaseState = lease->state;
- buf->lcontext.ParentLeaseKeyLow = *((__le64 *)ParentLeaseKey);
- buf->lcontext.ParentLeaseKeyHigh = *((__le64 *)(ParentLeaseKey + 8));
+ memcpy(buf->lcontext.ParentLeaseKey, lease->parent_lease_key,
+ SMB2_LEASE_KEY_SIZE);
buf->ccontext.DataOffset = cpu_to_le16(offsetof
(struct create_lease_v2, lcontext));
buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context_v2));
@@ -1362,8 +1359,7 @@ void create_lease_buf(u8 *rbuf, struct lease *lease)
struct create_lease *buf = (struct create_lease *)rbuf;
memset(buf, 0, sizeof(struct create_lease));
- buf->lcontext.LeaseKeyLow = *((__le64 *)LeaseKey);
- buf->lcontext.LeaseKeyHigh = *((__le64 *)(LeaseKey + 8));
+ memcpy(buf->lcontext.LeaseKey, lease->lease_key, SMB2_LEASE_KEY_SIZE);
buf->lcontext.LeaseFlags = lease->flags;
buf->lcontext.LeaseState = lease->state;
buf->ccontext.DataOffset = cpu_to_le16(offsetof
@@ -1416,19 +1412,17 @@ struct lease_ctx_info *parse_lease_state(void *open_req)
if (sizeof(struct lease_context_v2) == le32_to_cpu(cc->DataLength)) {
struct create_lease_v2 *lc = (struct create_lease_v2 *)cc;
- *((__le64 *)lreq->lease_key) = lc->lcontext.LeaseKeyLow;
- *((__le64 *)(lreq->lease_key + 8)) = lc->lcontext.LeaseKeyHigh;
+ memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE);
lreq->req_state = lc->lcontext.LeaseState;
lreq->flags = lc->lcontext.LeaseFlags;
lreq->duration = lc->lcontext.LeaseDuration;
- *((__le64 *)lreq->parent_lease_key) = lc->lcontext.ParentLeaseKeyLow;
- *((__le64 *)(lreq->parent_lease_key + 8)) = lc->lcontext.ParentLeaseKeyHigh;
+ memcpy(lreq->parent_lease_key, lc->lcontext.ParentLeaseKey,
+ SMB2_LEASE_KEY_SIZE);
lreq->version = 2;
} else {
struct create_lease *lc = (struct create_lease *)cc;
- *((__le64 *)lreq->lease_key) = lc->lcontext.LeaseKeyLow;
- *((__le64 *)(lreq->lease_key + 8)) = lc->lcontext.LeaseKeyHigh;
+ memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE);
lreq->req_state = lc->lcontext.LeaseState;
lreq->flags = lc->lcontext.LeaseFlags;
lreq->duration = lc->lcontext.LeaseDuration;
diff --git a/fs/ksmbd/oplock.h b/fs/ksmbd/oplock.h
index 119b8047cfbd..0cf7a2b5bbc0 100644
--- a/fs/ksmbd/oplock.h
+++ b/fs/ksmbd/oplock.h
@@ -28,8 +28,6 @@
#define OPLOCK_WRITE_TO_NONE 0x04
#define OPLOCK_READ_TO_NONE 0x08
-#define SMB2_LEASE_KEY_SIZE 16
-
struct lease_ctx_info {
__u8 lease_key[SMB2_LEASE_KEY_SIZE];
__le32 req_state;
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index f418b001b999..829f44569077 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -733,22 +733,21 @@ struct create_posix_rsp {
#define SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE cpu_to_le32(0x02)
+#define SMB2_LEASE_KEY_SIZE 16
+
struct lease_context {
- __le64 LeaseKeyLow;
- __le64 LeaseKeyHigh;
+ __u8 LeaseKey[SMB2_LEASE_KEY_SIZE];
__le32 LeaseState;
__le32 LeaseFlags;
__le64 LeaseDuration;
} __packed;
struct lease_context_v2 {
- __le64 LeaseKeyLow;
- __le64 LeaseKeyHigh;
+ __u8 LeaseKey[SMB2_LEASE_KEY_SIZE];
__le32 LeaseState;
__le32 LeaseFlags;
__le64 LeaseDuration;
- __le64 ParentLeaseKeyLow;
- __le64 ParentLeaseKeyHigh;
+ __u8 ParentLeaseKey[SMB2_LEASE_KEY_SIZE];
__le16 Epoch;
__le16 Reserved;
} __packed;
From patchwork Mon Nov 14 12:52:42 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183350
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:14 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:14 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:13 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 253/308] ksmbd: Fix an error handling path in
'smb2_sess_setup()'
Date: Mon, 14 Nov 2022 20:52:42 +0800
Message-ID: <20221114125337.1831594-254-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4062c24c-9bfb-4694-a0be-08dac63c89ce
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6938450
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
mainline inclusion
from mainline-5.16-rc3
commit f8fbfd85f5c95fff477a7c19f576725945891d0c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f8fbfd85f5c9
-------------------------------
All the error handling paths of 'smb2_sess_setup()' end to 'out_err'.
All but the new error handling path added by the commit given in the Fixes
tag below.
Fix this error handling path and branch to 'out_err' as well.
Fixes: 0d994cd482ee ("ksmbd: add buffer validation in session setup")
Cc: stable(a)vger.kernel.org # v5.15
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index bbf9f04ee2fb..27307cc0722b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1698,8 +1698,10 @@ int smb2_sess_setup(struct ksmbd_work *work)
negblob_off = le16_to_cpu(req->SecurityBufferOffset);
negblob_len = le16_to_cpu(req->SecurityBufferLength);
if (negblob_off < offsetof(struct smb2_sess_setup_req, Buffer) ||
- negblob_len < offsetof(struct negotiate_message, NegotiateFlags))
- return -EINVAL;
+ negblob_len < offsetof(struct negotiate_message, NegotiateFlags)) {
+ rc = -EINVAL;
+ goto out_err;
+ }
negblob = (struct negotiate_message *)((char *)&req->hdr.ProtocolId +
negblob_off);
From patchwork Mon Nov 14 12:52:43 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183351
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:14 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:14 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:14 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 254/308] ksmbd: downgrade addition info error msg
to debug in smb2_get_info_sec()
Date: Mon, 14 Nov 2022 20:52:43 +0800
Message-ID: <20221114125337.1831594-255-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
516ee83a-de11-401b-3206-08dac63c8a17
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6889079
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc3
commit 8e537d1465e7401f352a6e0a728a93f8cad5294a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8e537d1465e7
-------------------------------
While file transfer through windows client, This error flood message
happen. This flood message will cause performance degradation and
misunderstand server has problem.
Fixes: e294f78d3478 ("ksmbd: allow PROTECTED_DACL_SECINFO and UNPROTECTED_DACL_SECINFO addition information in smb2 set info security")
Cc: stable(a)vger.kernel.org # v5.15
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 27307cc0722b..0b2d2904f7e7 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5024,7 +5024,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO |
PROTECTED_DACL_SECINFO |
UNPROTECTED_DACL_SECINFO)) {
- pr_err("Unsupported addition info: 0x%x)\n",
+ ksmbd_debug(SMB, "Unsupported addition info: 0x%x)\n",
addition_info);
pntsd->revision = cpu_to_le16(1);
From patchwork Mon Nov 14 12:52:44 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183352
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:15 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:14 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 255/308] ksmbd: contain default data stream even
if xattr is empty
Date: Mon, 14 Nov 2022 20:52:44 +0800
Message-ID: <20221114125337.1831594-256-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2e3d8b5c-b171-49a0-c437-08dac63c8a5f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6970114
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc3
commit 1ec72153ff434ce75bace3044dc89a23a05d7064
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1ec72153ff43
-------------------------------
If xattr is not supported like exfat or fat, ksmbd server doesn't
contain default data stream in FILE_STREAM_INFORMATION response. It will
cause ppt or doc file update issue if local filesystem is such as ones.
This patch move goto statement to contain it.
Fixes: 9f6323311c70 ("ksmbd: add default data stream name in FILE_STREAM_INFORMATION")
Cc: stable(a)vger.kernel.org # v5.15
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 0b2d2904f7e7..96a7a2bcd878 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -4423,6 +4423,12 @@ static void get_file_stream_info(struct ksmbd_work *work,
generic_fillattr(file_inode(fp->filp), &stat);
file_info = (struct smb2_file_stream_info *)rsp->Buffer;
+ buf_free_len =
+ smb2_calc_max_out_buf_len(work, 8,
+ le32_to_cpu(req->OutputBufferLength));
+ if (buf_free_len < 0)
+ goto out;
+
xattr_list_len = ksmbd_vfs_listxattr(path->dentry, &xattr_list);
if (xattr_list_len < 0) {
goto out;
@@ -4431,12 +4437,6 @@ static void get_file_stream_info(struct ksmbd_work *work,
goto out;
}
- buf_free_len =
- smb2_calc_max_out_buf_len(work, 8,
- le32_to_cpu(req->OutputBufferLength));
- if (buf_free_len < 0)
- goto out;
-
while (idx < xattr_list_len) {
stream_name = xattr_list + idx;
streamlen = strlen(stream_name);
@@ -4480,6 +4480,7 @@ static void get_file_stream_info(struct ksmbd_work *work,
file_info->NextEntryOffset = cpu_to_le32(next);
}
+out:
if (!S_ISDIR(stat.mode) &&
buf_free_len >= sizeof(struct smb2_file_stream_info) + 7 * 2) {
file_info = (struct smb2_file_stream_info *)
@@ -4488,14 +4489,13 @@ static void get_file_stream_info(struct ksmbd_work *work,
"::$DATA", 7, conn->local_nls, 0);
streamlen *= 2;
file_info->StreamNameLength = cpu_to_le32(streamlen);
- file_info->StreamSize = 0;
- file_info->StreamAllocationSize = 0;
+ file_info->StreamSize = cpu_to_le64(stat.size);
+ file_info->StreamAllocationSize = cpu_to_le64(stat.blocks << 9);
nbytes += sizeof(struct smb2_file_stream_info) + streamlen;
}
/* last entry offset should be 0 */
file_info->NextEntryOffset = 0;
-out:
kvfree(xattr_list);
rsp->OutputBufferLength = cpu_to_le32(nbytes);
From patchwork Mon Nov 14 12:52:45 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183353
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:15 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:14 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 256/308] ksmbd: fix memleak in
get_file_stream_info()
Date: Mon, 14 Nov 2022 20:52:45 +0800
Message-ID: <20221114125337.1831594-257-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9536ecea-0828-4c24-2fce-08dac63c8aa8
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7000964
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc3
commit 178ca6f85aa3231094467691f5ea1ff2f398aa8d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/178ca6f85aa3
-------------------------------
Fix memleak in get_file_stream_info()
Fixes: 34061d6b76a4 ("ksmbd: validate OutputBufferLength of QUERY_DIR, QUERY_INFO, IOCTL requests")
Cc: stable(a)vger.kernel.org # v5.15
Reported-by: Coverity Scan <scan-admin(a)coverity.com>
Acked-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 96a7a2bcd878..44f7a219c525 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -4462,8 +4462,10 @@ static void get_file_stream_info(struct ksmbd_work *work,
":%s", &stream_name[XATTR_NAME_STREAM_LEN]);
next = sizeof(struct smb2_file_stream_info) + streamlen * 2;
- if (next > buf_free_len)
+ if (next > buf_free_len) {
+ kfree(stream_buf);
break;
+ }
file_info = (struct smb2_file_stream_info *)&rsp->Buffer[nbytes];
streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
From patchwork Mon Nov 14 12:52:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183354
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:16 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:15 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:15 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 257/308] ksmbd: remove select FS_POSIX_ACL in
Kconfig
Date: Mon, 14 Nov 2022 20:52:46 +0800
Message-ID: <20221114125337.1831594-258-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
fa188aad-794b-43f5-9b47-08dac63c8af0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7021712
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit 777cad1604d68ed4379ec899d1f7d2f6a29f01f0
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/777cad1604d6
-------------------------------
ksmbd is forcing to turn on FS_POSIX_ACL in Kconfig to use vfs acl
functions(posix_acl_alloc, get_acl, set_posix_acl). OpenWRT and other
platform doesn't use acl and this config is disable by default in
kernel. This patch use IS_ENABLED() to know acl config is enable and use
acl function if it is enable.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 9 ++++--
fs/ksmbd/smbacl.c | 80 ++++++++++++++++++++++++++--------------------
fs/ksmbd/vfs.c | 9 ++++++
3 files changed, 61 insertions(+), 37 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 44f7a219c525..81a56d78fc2d 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2431,11 +2431,14 @@ static void ksmbd_acls_fattr(struct smb_fattr *fattr, struct inode *inode)
fattr->cf_uid = inode->i_uid;
fattr->cf_gid = inode->i_gid;
fattr->cf_mode = inode->i_mode;
+ fattr->cf_acls = NULL;
fattr->cf_dacls = NULL;
- fattr->cf_acls = get_acl(inode, ACL_TYPE_ACCESS);
- if (S_ISDIR(inode->i_mode))
- fattr->cf_dacls = get_acl(inode, ACL_TYPE_DEFAULT);
+ if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {
+ fattr->cf_acls = get_acl(inode, ACL_TYPE_ACCESS);
+ if (S_ISDIR(inode->i_mode))
+ fattr->cf_dacls = get_acl(inode, ACL_TYPE_DEFAULT);
+ }
}
/**
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index 40a1e7bc9f16..7d8f9d03fb64 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -545,22 +545,29 @@ static void parse_dacl(struct smb_acl *pdacl, char *end_of_acl,
if (acl_state.users->n || acl_state.groups->n) {
acl_state.mask.allow = 0x07;
- fattr->cf_acls = posix_acl_alloc(acl_state.users->n +
- acl_state.groups->n + 4, GFP_KERNEL);
- if (fattr->cf_acls) {
- cf_pace = fattr->cf_acls->a_entries;
- posix_state_to_acl(&acl_state, cf_pace);
+
+ if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {
+ fattr->cf_acls =
+ posix_acl_alloc(acl_state.users->n +
+ acl_state.groups->n + 4, GFP_KERNEL);
+ if (fattr->cf_acls) {
+ cf_pace = fattr->cf_acls->a_entries;
+ posix_state_to_acl(&acl_state, cf_pace);
+ }
}
}
if (default_acl_state.users->n || default_acl_state.groups->n) {
default_acl_state.mask.allow = 0x07;
- fattr->cf_dacls =
- posix_acl_alloc(default_acl_state.users->n +
- default_acl_state.groups->n + 4, GFP_KERNEL);
- if (fattr->cf_dacls) {
- cf_pdace = fattr->cf_dacls->a_entries;
- posix_state_to_acl(&default_acl_state, cf_pdace);
+
+ if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {
+ fattr->cf_dacls =
+ posix_acl_alloc(default_acl_state.users->n +
+ default_acl_state.groups->n + 4, GFP_KERNEL);
+ if (fattr->cf_dacls) {
+ cf_pdace = fattr->cf_dacls->a_entries;
+ posix_state_to_acl(&default_acl_state, cf_pdace);
+ }
}
}
free_acl_state(&acl_state);
@@ -1222,29 +1229,34 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct path *path,
granted = GENERIC_ALL_FLAGS;
}
- posix_acls = get_acl(d_inode(path->dentry), ACL_TYPE_ACCESS);
- if (posix_acls && !found) {
- unsigned int id = -1;
-
- pa_entry = posix_acls->a_entries;
- for (i = 0; i < posix_acls->a_count; i++, pa_entry++) {
- if (pa_entry->e_tag == ACL_USER)
- id = from_kuid(&init_user_ns, pa_entry->e_uid);
- else if (pa_entry->e_tag == ACL_GROUP)
- id = from_kgid(&init_user_ns, pa_entry->e_gid);
- else
- continue;
-
- if (id == uid) {
- mode_to_access_flags(pa_entry->e_perm, 0777, &access_bits);
- if (!access_bits)
- access_bits = SET_MINIMUM_RIGHTS;
- goto check_access_bits;
+ if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {
+ posix_acls = get_acl(d_inode(path->dentry), ACL_TYPE_ACCESS);
+ if (posix_acls && !found) {
+ unsigned int id = -1;
+
+ pa_entry = posix_acls->a_entries;
+ for (i = 0; i < posix_acls->a_count; i++, pa_entry++) {
+ if (pa_entry->e_tag == ACL_USER)
+ id = from_kuid(&init_user_ns, pa_entry->e_uid);
+ else if (pa_entry->e_tag == ACL_GROUP)
+ id = from_kgid(&init_user_ns, pa_entry->e_gid);
+ else
+ continue;
+
+ if (id == uid) {
+ mode_to_access_flags(pa_entry->e_perm,
+ 0777,
+ &access_bits);
+ if (!access_bits)
+ access_bits =
+ SET_MINIMUM_RIGHTS;
+ goto check_access_bits;
+ }
}
}
+ if (posix_acls)
+ posix_acl_release(posix_acls);
}
- if (posix_acls)
- posix_acl_release(posix_acls);
if (!found) {
if (others_ace) {
@@ -1318,9 +1330,9 @@ int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon,
ksmbd_vfs_remove_acl_xattrs(path->dentry);
/* Update posix acls */
- if (fattr.cf_dacls) {
- rc = set_posix_acl(inode, ACL_TYPE_ACCESS,
- fattr.cf_acls);
+ if (IS_ENABLED(CONFIG_FS_POSIX_ACL) && fattr.cf_dacls) {
+ rc = set_posix_acl(inode,
+ ACL_TYPE_ACCESS, fattr.cf_acls);
if (S_ISDIR(inode->i_mode) && fattr.cf_dacls)
rc = set_posix_acl(inode,
ACL_TYPE_DEFAULT, fattr.cf_dacls);
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index 7f6a53ddf8a1..fff5f8674ad0 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -1326,6 +1326,9 @@ static struct xattr_smb_acl *ksmbd_vfs_make_xattr_posix_acl(struct inode *inode,
struct xattr_acl_entry *xa_entry;
int i;
+ if (!IS_ENABLED(CONFIG_FS_POSIX_ACL))
+ return NULL;
+
posix_acls = get_acl(inode, acl_type);
if (!posix_acls)
return NULL;
@@ -1759,6 +1762,9 @@ int ksmbd_vfs_set_init_posix_acl(struct inode *inode)
struct posix_acl *acls;
int rc;
+ if (!IS_ENABLED(CONFIG_FS_POSIX_ACL))
+ return -EOPNOTSUPP;
+
ksmbd_debug(SMB, "Set posix acls\n");
rc = init_acl_state(&acl_state, 1);
if (rc)
@@ -1805,6 +1811,9 @@ int ksmbd_vfs_inherit_posix_acl(struct inode *inode, struct inode *parent_inode)
struct posix_acl_entry *pace;
int rc, i;
+ if (!IS_ENABLED(CONFIG_FS_POSIX_ACL))
+ return -EOPNOTSUPP;
+
acls = get_acl(parent_inode, ACL_TYPE_DEFAULT);
if (!acls)
return -ENOENT;
From patchwork Mon Nov 14 12:52:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183355
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:16 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:16 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:15 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 258/308] ksmbd: fix uninitialized symbol
'pntsd_size'
Date: Mon, 14 Nov 2022 20:52:47 +0800
Message-ID: <20221114125337.1831594-259-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e64c942f-0d0d-430e-2d85-08dac63c8b39
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7012424
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc7
commit f2e78affc48dee29b989c1d9b0d89b503dcd1204
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/f2e78affc48d
-------------------------------
No check for if "rc" is an error code for build_sec_desc().
This can cause problems with using uninitialized pntsd_size.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org # v5.15
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 81a56d78fc2d..80142d420660 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2941,6 +2941,10 @@ int smb2_open(struct ksmbd_work *work)
&pntsd_size, &fattr);
posix_acl_release(fattr.cf_acls);
posix_acl_release(fattr.cf_dacls);
+ if (rc) {
+ kfree(pntsd);
+ goto err_out;
+ }
rc = ksmbd_vfs_set_sd_xattr(conn,
path.dentry,
From patchwork Mon Nov 14 12:52:48 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183356
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:17 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:16 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:16 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 259/308] ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION
for SMB 3.1.1
Date: Mon, 14 Nov 2022 20:52:48 +0800
Message-ID: <20221114125337.1831594-260-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
03333e29-5186-4dcb-f0ea-08dac63c8b82
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6965283
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marcos Del Sol Vives <marcos(a)orca.pet>
mainline inclusion
from mainline-5.16-rc7
commit 83912d6d55be10d65b5268d1871168b9ebe1ec4b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/83912d6d55be
-------------------------------
According to the official Microsoft MS-SMB2 document section 3.3.5.4, this
flag should be used only for 3.0 and 3.0.2 dialects. Setting it for 3.1.1
is a violation of the specification.
This causes my Windows 10 client to detect an anomaly in the negotiation,
and disable encryption entirely despite being explicitly enabled in ksmbd,
causing all data transfers to go in plain text.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org # v5.15
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Marcos Del Sol Vives <marcos(a)orca.pet>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2ops.c | 3 ---
fs/ksmbd/smb2pdu.c | 25 +++++++++++++++++++++----
2 files changed, 21 insertions(+), 7 deletions(-)
diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c
index fb6a65d23139..2a6205103df2 100644
--- a/fs/ksmbd/smb2ops.c
+++ b/fs/ksmbd/smb2ops.c
@@ -272,9 +272,6 @@ int init_smb3_11_server(struct ksmbd_conn *conn)
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING;
- if (conn->cipher_type)
- conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION;
-
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL)
conn->vals->capabilities |= SMB2_GLOBAL_CAP_MULTI_CHANNEL;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 80142d420660..c03b454d0200 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -916,6 +916,25 @@ static void decode_encrypt_ctxt(struct ksmbd_conn *conn,
}
}
+/**
+ * smb3_encryption_negotiated() - checks if server and client agreed on enabling encryption
+ * @conn: smb connection
+ *
+ * Return: true if connection should be encrypted, else false
+ */
+static bool smb3_encryption_negotiated(struct ksmbd_conn *conn)
+{
+ if (!conn->ops->generate_encryptionkey)
+ return false;
+
+ /*
+ * SMB 3.0 and 3.0.2 dialects use the SMB2_GLOBAL_CAP_ENCRYPTION flag.
+ * SMB 3.1.1 uses the cipher_type field.
+ */
+ return (conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION) ||
+ conn->cipher_type;
+}
+
static void decode_compress_ctxt(struct ksmbd_conn *conn,
struct smb2_compression_ctx *pneg_ctxt)
{
@@ -1470,8 +1489,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
(req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
sess->sign = true;
- if (conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION &&
- conn->ops->generate_encryptionkey &&
+ if (smb3_encryption_negotiated(conn) &&
!(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
rc = conn->ops->generate_encryptionkey(sess);
if (rc) {
@@ -1560,8 +1578,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
(req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
sess->sign = true;
- if ((conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION) &&
- conn->ops->generate_encryptionkey) {
+ if (smb3_encryption_negotiated(conn)) {
retval = conn->ops->generate_encryptionkey(sess);
if (retval) {
ksmbd_debug(SMB,
From patchwork Mon Nov 14 12:52:49 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183357
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:17 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:17 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:16 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 260/308] ksmbd: Remove unused parameter from
smb2_get_name()
Date: Mon, 14 Nov 2022 20:52:49 +0800
Message-ID: <20221114125337.1831594-261-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
21554939-4b2c-45a9-819d-08dac63c8bcb
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6956031
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.17-rc1
commit 80917f17e3f99027661a45262c310139e53a9faa
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/80917f17e3f9
-------------------------------
The 'share' parameter is no longer used by smb2_get_name() since
commit 265fd1991c1d ("ksmbd: use LOOKUP_BENEATH to prevent the out of
share access").
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 13 ++++---------
1 file changed, 4 insertions(+), 9 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index c03b454d0200..b8c931140b14 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -611,7 +611,6 @@ static void destroy_previous_session(struct ksmbd_user *user, u64 id)
/**
* smb2_get_name() - get filename string from on the wire smb format
- * @share: ksmbd_share_config pointer
* @src: source buffer
* @maxlen: maxlen of source string
* @nls_table: nls_table pointer
@@ -619,8 +618,7 @@ static void destroy_previous_session(struct ksmbd_user *user, u64 id)
* Return: matching converted filename on success, otherwise error ptr
*/
static char *
-smb2_get_name(struct ksmbd_share_config *share, const char *src,
- const int maxlen, struct nls_table *local_nls)
+smb2_get_name(const char *src, const int maxlen, struct nls_table *local_nls)
{
char *name;
@@ -2518,8 +2516,7 @@ int smb2_open(struct ksmbd_work *work)
goto err_out1;
}
- name = smb2_get_name(share,
- req->Buffer,
+ name = smb2_get_name(req->Buffer,
le16_to_cpu(req->NameLength),
work->conn->local_nls);
if (IS_ERR(name)) {
@@ -5350,8 +5347,7 @@ static int smb2_rename(struct ksmbd_work *work, struct ksmbd_file *fp,
goto out;
}
- new_name = smb2_get_name(share,
- file_info->FileName,
+ new_name = smb2_get_name(file_info->FileName,
le32_to_cpu(file_info->FileNameLength),
local_nls);
if (IS_ERR(new_name)) {
@@ -5461,8 +5457,7 @@ static int smb2_create_link(struct ksmbd_work *work,
if (!pathname)
return -ENOMEM;
- link_name = smb2_get_name(share,
- file_info->FileName,
+ link_name = smb2_get_name(file_info->FileName,
le32_to_cpu(file_info->FileNameLength),
local_nls);
if (IS_ERR(link_name) || S_ISDIR(file_inode(filp)->i_mode)) {
From patchwork Mon Nov 14 12:52:50 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183358
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:18 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:17 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:17 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 261/308] ksmbd: Remove unused fields from
ksmbd_file struct definition
Date: Mon, 14 Nov 2022 20:52:50 +0800
Message-ID: <20221114125337.1831594-262-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
390ce115-d3c2-49d9-ed56-08dac63c8c13
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6846320
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Marios Makassikis <mmakassikis(a)freebox.fr>
mainline inclusion
from mainline-5.17-rc1
commit 305f8bda15ebbe4004681286a5c67d0dc296c771
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/305f8bda15eb
-------------------------------
These fields are remnants of the not upstreamed SMB1 code.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Marios Makassikis <mmakassikis(a)freebox.fr>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/vfs_cache.h | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/fs/ksmbd/vfs_cache.h b/fs/ksmbd/vfs_cache.h
index 448576fbe4b7..36239ce31afd 100644
--- a/fs/ksmbd/vfs_cache.h
+++ b/fs/ksmbd/vfs_cache.h
@@ -96,16 +96,6 @@ struct ksmbd_file {
int durable_timeout;
- /* for SMB1 */
- int pid;
-
- /* conflict lock fail count for SMB1 */
- unsigned int cflock_cnt;
- /* last lock failure start offset for SMB1 */
- unsigned long long llock_fstart;
-
- int dirent_offset;
-
/* if ls is happening on directory, below is valid*/
struct ksmbd_readdir_data readdir_data;
int dot_dotdot[2];
From patchwork Mon Nov 14 12:52:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183359
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:18 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:18 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:17 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 262/308] ksmbd: set RSS capable in
FSCTL_QUERY_NETWORK_INTERFACE_INFO
Date: Mon, 14 Nov 2022 20:52:51 +0800
Message-ID: <20221114125337.1831594-263-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9bf56580-7e3d-4c70-b062-08dac63c8c5d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6909522
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit a58b45a4dbfd0bf2ebb157789da4d8e6368afb1b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a58b45a4dbfd
-------------------------------
Set RSS capable in FSCTL_QUERY_NETWORK_INTERFACE_INFO if netdev has
multi tx queues. And add ksmbd_compare_user() to avoid racy condition
issue in ksmbd_free_user(). because windows client is simultaneously used
to send session setup requests for multichannel connection.
Tested-by: Ziwei Xie <zw.xie(a)high-flyer.cn>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/mgmt/user_config.c | 10 ++++++++++
fs/ksmbd/mgmt/user_config.h | 1 +
fs/ksmbd/smb2pdu.c | 15 ++++++++++-----
3 files changed, 21 insertions(+), 5 deletions(-)
diff --git a/fs/ksmbd/mgmt/user_config.c b/fs/ksmbd/mgmt/user_config.c
index 1019d3677d55..279d00feff21 100644
--- a/fs/ksmbd/mgmt/user_config.c
+++ b/fs/ksmbd/mgmt/user_config.c
@@ -67,3 +67,13 @@ int ksmbd_anonymous_user(struct ksmbd_user *user)
return 1;
return 0;
}
+
+bool ksmbd_compare_user(struct ksmbd_user *u1, struct ksmbd_user *u2)
+{
+ if (strcmp(u1->name, u2->name))
+ return false;
+ if (memcmp(u1->passkey, u2->passkey, u1->passkey_sz))
+ return false;
+
+ return true;
+}
diff --git a/fs/ksmbd/mgmt/user_config.h b/fs/ksmbd/mgmt/user_config.h
index aff80b029579..6a44109617f1 100644
--- a/fs/ksmbd/mgmt/user_config.h
+++ b/fs/ksmbd/mgmt/user_config.h
@@ -64,4 +64,5 @@ struct ksmbd_user *ksmbd_login_user(const char *account);
struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp);
void ksmbd_free_user(struct ksmbd_user *user);
int ksmbd_anonymous_user(struct ksmbd_user *user);
+bool ksmbd_compare_user(struct ksmbd_user *u1, struct ksmbd_user *u2);
#endif /* __USER_CONFIG_MANAGEMENT_H__ */
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index b8c931140b14..c4df4edf879d 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1449,10 +1449,16 @@ static int ntlm_authenticate(struct ksmbd_work *work)
ksmbd_free_user(user);
return 0;
}
- ksmbd_free_user(sess->user);
+
+ if (!ksmbd_compare_user(sess->user, user)) {
+ ksmbd_free_user(user);
+ return -EPERM;
+ }
+ ksmbd_free_user(user);
+ } else {
+ sess->user = user;
}
- sess->user = user;
if (user_guest(sess->user)) {
if (conn->sign) {
ksmbd_debug(SMB, "Guest login not allowed when signing enabled\n");
@@ -2056,9 +2062,6 @@ int smb2_session_logoff(struct ksmbd_work *work)
ksmbd_debug(SMB, "request\n");
- /* Got a valid session, set connection state */
- WARN_ON(sess->conn != conn);
-
/* setting CifsExiting here may race with start_tcp_sess */
ksmbd_conn_set_need_reconnect(work);
ksmbd_close_session_fds(work);
@@ -7208,6 +7211,8 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
nii_rsp->IfIndex = cpu_to_le32(netdev->ifindex);
nii_rsp->Capability = 0;
+ if (netdev->real_num_tx_queues > 1)
+ nii_rsp->Capability |= cpu_to_le32(RSS_CAPABLE);
if (ksmbd_rdma_capable_netdev(netdev))
nii_rsp->Capability |= cpu_to_le32(RDMA_CAPABLE);
From patchwork Mon Nov 14 12:52:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183360
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:18 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:18 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 263/308] ksmbd: set both ipv4 and ipv6 in
FSCTL_QUERY_NETWORK_INTERFACE_INFO
Date: Mon, 14 Nov 2022 20:52:52 +0800
Message-ID: <20221114125337.1831594-264-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
af850026-a2ef-4371-68b9-08dac63c8ca6
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7030730
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit 71cd9cb680cb5d536c0dcbddb1c1d0010d79b214
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/71cd9cb680cb
-------------------------------
Set ipv4 and ipv6 address in FSCTL_QUERY_NETWORK_INTERFACE_INFO.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index c4df4edf879d..c7b7d7f841e7 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -7189,15 +7189,10 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
struct sockaddr_storage_rsp *sockaddr_storage;
unsigned int flags;
unsigned long long speed;
- struct sockaddr_in6 *csin6 = (struct sockaddr_in6 *)&conn->peer_addr;
rtnl_lock();
for_each_netdev(&init_net, netdev) {
- if (out_buf_len <
- nbytes + sizeof(struct network_interface_info_ioctl_rsp)) {
- rtnl_unlock();
- return -ENOSPC;
- }
+ bool ipv4_set = false;
if (netdev->type == ARPHRD_LOOPBACK)
continue;
@@ -7205,6 +7200,12 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
flags = dev_get_flags(netdev);
if (!(flags & IFF_RUNNING))
continue;
+ipv6_retry:
+ if (out_buf_len <
+ nbytes + sizeof(struct network_interface_info_ioctl_rsp)) {
+ rtnl_unlock();
+ return -ENOSPC;
+ }
nii_rsp = (struct network_interface_info_ioctl_rsp *)
&rsp->Buffer[nbytes];
@@ -7237,8 +7238,7 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
nii_rsp->SockAddr_Storage;
memset(sockaddr_storage, 0, 128);
- if (conn->peer_addr.ss_family == PF_INET ||
- ipv6_addr_v4mapped(&csin6->sin6_addr)) {
+ if (!ipv4_set) {
struct in_device *idev;
sockaddr_storage->Family = cpu_to_le16(INTERNETWORK);
@@ -7249,6 +7249,9 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
continue;
sockaddr_storage->addr4.IPv4address =
idev_ipv4_address(idev);
+ nbytes += sizeof(struct network_interface_info_ioctl_rsp);
+ ipv4_set = true;
+ goto ipv6_retry;
} else {
struct inet6_dev *idev6;
struct inet6_ifaddr *ifa;
@@ -7270,9 +7273,8 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
break;
}
sockaddr_storage->addr6.ScopeId = 0;
+ nbytes += sizeof(struct network_interface_info_ioctl_rsp);
}
-
- nbytes += sizeof(struct network_interface_info_ioctl_rsp);
}
rtnl_unlock();
From patchwork Mon Nov 14 12:52:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183361
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:19 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:18 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 264/308] ksmbd: fix multi session connection
failure
Date: Mon, 14 Nov 2022 20:52:53 +0800
Message-ID: <20221114125337.1831594-265-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c0b633d4-b7cf-4e28-b954-08dac63c8cef
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6831906
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit ce53d365378cde71bb6596d79c257e600d951d29
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ce53d365378c
-------------------------------
When RSS mode is enable, windows client do simultaneously send several
session requests to server. There is racy issue using
sess->ntlmssp.cryptkey on N connection : 1 session. So authetication
failed using wrong cryptkey on some session. This patch move cryptkey
to ksmbd_conn structure to use each cryptkey on connection.
Tested-by: Ziwei Xie <zw.xie(a)high-flyer.cn>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 27 ++++++++++++++-------------
fs/ksmbd/auth.h | 10 +++++-----
fs/ksmbd/connection.h | 7 +------
fs/ksmbd/mgmt/user_session.h | 1 -
fs/ksmbd/smb2pdu.c | 8 ++++----
5 files changed, 24 insertions(+), 29 deletions(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index 3503b1c48cb4..dc3d061edda9 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -215,7 +215,7 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
* Return: 0 on success, error number on error
*/
int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
- int blen, char *domain_name)
+ int blen, char *domain_name, char *cryptkey)
{
char ntlmv2_hash[CIFS_ENCPWD_SIZE];
char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE];
@@ -256,7 +256,7 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
goto out;
}
- memcpy(construct, sess->ntlmssp.cryptkey, CIFS_CRYPTO_KEY_SIZE);
+ memcpy(construct, cryptkey, CIFS_CRYPTO_KEY_SIZE);
memcpy(construct + CIFS_CRYPTO_KEY_SIZE, &ntlmv2->blob_signature, blen);
rc = crypto_shash_update(CRYPTO_HMACMD5(ctx), construct, len);
@@ -295,7 +295,8 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
* Return: 0 on success, error number on error
*/
int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
- int blob_len, struct ksmbd_session *sess)
+ int blob_len, struct ksmbd_conn *conn,
+ struct ksmbd_session *sess)
{
char *domain_name;
unsigned int nt_off, dn_off;
@@ -324,7 +325,7 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
/* TODO : use domain name that imported from configuration file */
domain_name = smb_strndup_from_utf16((const char *)authblob + dn_off,
- dn_len, true, sess->conn->local_nls);
+ dn_len, true, conn->local_nls);
if (IS_ERR(domain_name))
return PTR_ERR(domain_name);
@@ -333,7 +334,7 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
domain_name);
ret = ksmbd_auth_ntlmv2(sess, (struct ntlmv2_resp *)((char *)authblob + nt_off),
nt_len - CIFS_ENCPWD_SIZE,
- domain_name);
+ domain_name, conn->ntlmssp.cryptkey);
kfree(domain_name);
return ret;
}
@@ -347,7 +348,7 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
*
*/
int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
- int blob_len, struct ksmbd_session *sess)
+ int blob_len, struct ksmbd_conn *conn)
{
if (blob_len < sizeof(struct negotiate_message)) {
ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
@@ -361,7 +362,7 @@ int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
return -EINVAL;
}
- sess->ntlmssp.client_flags = le32_to_cpu(negblob->NegotiateFlags);
+ conn->ntlmssp.client_flags = le32_to_cpu(negblob->NegotiateFlags);
return 0;
}
@@ -375,14 +376,14 @@ int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
*/
unsigned int
ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
- struct ksmbd_session *sess)
+ struct ksmbd_conn *conn)
{
struct target_info *tinfo;
wchar_t *name;
__u8 *target_name;
unsigned int flags, blob_off, blob_len, type, target_info_len = 0;
int len, uni_len, conv_len;
- int cflags = sess->ntlmssp.client_flags;
+ int cflags = conn->ntlmssp.client_flags;
memcpy(chgblob->Signature, NTLMSSP_SIGNATURE, 8);
chgblob->MessageType = NtLmChallenge;
@@ -403,7 +404,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
if (cflags & NTLMSSP_REQUEST_TARGET)
flags |= NTLMSSP_REQUEST_TARGET;
- if (sess->conn->use_spnego &&
+ if (conn->use_spnego &&
(cflags & NTLMSSP_NEGOTIATE_EXTENDED_SEC))
flags |= NTLMSSP_NEGOTIATE_EXTENDED_SEC;
@@ -414,7 +415,7 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
return -ENOMEM;
conv_len = smb_strtoUTF16((__le16 *)name, ksmbd_netbios_name(), len,
- sess->conn->local_nls);
+ conn->local_nls);
if (conv_len < 0 || conv_len > len) {
kfree(name);
return -EINVAL;
@@ -430,8 +431,8 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
chgblob->TargetName.BufferOffset = cpu_to_le32(blob_off);
/* Initialize random conn challenge */
- get_random_bytes(sess->ntlmssp.cryptkey, sizeof(__u64));
- memcpy(chgblob->Challenge, sess->ntlmssp.cryptkey,
+ get_random_bytes(conn->ntlmssp.cryptkey, sizeof(__u64));
+ memcpy(chgblob->Challenge, conn->ntlmssp.cryptkey,
CIFS_CRYPTO_KEY_SIZE);
/* Add Target Information to security buffer */
diff --git a/fs/ksmbd/auth.h b/fs/ksmbd/auth.h
index 9c2d4badd05d..95629651cf26 100644
--- a/fs/ksmbd/auth.h
+++ b/fs/ksmbd/auth.h
@@ -38,16 +38,16 @@ struct kvec;
int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
unsigned int nvec, int enc);
void ksmbd_copy_gss_neg_header(void *buf);
-int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf);
int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
- int blen, char *domain_name);
+ int blen, char *domain_name, char *cryptkey);
int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
- int blob_len, struct ksmbd_session *sess);
+ int blob_len, struct ksmbd_conn *conn,
+ struct ksmbd_session *sess);
int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
- int blob_len, struct ksmbd_session *sess);
+ int blob_len, struct ksmbd_conn *conn);
unsigned int
ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
- struct ksmbd_session *sess);
+ struct ksmbd_conn *conn);
int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
int in_len, char *out_blob, int *out_len);
int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index e5403c587a58..72dfd155b5bf 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -72,12 +72,7 @@ struct ksmbd_conn {
int connection_type;
struct ksmbd_stats stats;
char ClientGUID[SMB2_CLIENT_GUID_SIZE];
- union {
- /* pending trans request table */
- struct trans_state *recent_trans;
- /* Used by ntlmssp */
- char *ntlmssp_cryptkey;
- };
+ struct ntlmssp_auth ntlmssp;
spinlock_t llist_lock;
struct list_head lock_list;
diff --git a/fs/ksmbd/mgmt/user_session.h b/fs/ksmbd/mgmt/user_session.h
index 82289c3cbd2b..e241f16a3851 100644
--- a/fs/ksmbd/mgmt/user_session.h
+++ b/fs/ksmbd/mgmt/user_session.h
@@ -45,7 +45,6 @@ struct ksmbd_session {
int state;
__u8 *Preauth_HashValue;
- struct ntlmssp_auth ntlmssp;
char sess_key[CIFS_KEY_SIZE];
struct hlist_node hlist;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index c7b7d7f841e7..bf1b744acba4 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1302,7 +1302,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
int sz, rc;
ksmbd_debug(SMB, "negotiate phase\n");
- rc = ksmbd_decode_ntlmssp_neg_blob(negblob, negblob_len, work->sess);
+ rc = ksmbd_decode_ntlmssp_neg_blob(negblob, negblob_len, work->conn);
if (rc)
return rc;
@@ -1312,7 +1312,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
memset(chgblob, 0, sizeof(struct challenge_message));
if (!work->conn->use_spnego) {
- sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->sess);
+ sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->conn);
if (sz < 0)
return -ENOMEM;
@@ -1328,7 +1328,7 @@ static int ntlm_negotiate(struct ksmbd_work *work,
return -ENOMEM;
chgblob = (struct challenge_message *)neg_blob;
- sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->sess);
+ sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->conn);
if (sz < 0) {
rc = -ENOMEM;
goto out;
@@ -1471,7 +1471,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
authblob = user_authblob(conn, req);
sz = le16_to_cpu(req->SecurityBufferLength);
- rc = ksmbd_decode_ntlmssp_auth_blob(authblob, sz, sess);
+ rc = ksmbd_decode_ntlmssp_auth_blob(authblob, sz, conn, sess);
if (rc) {
set_user_flag(sess->user, KSMBD_USER_FLAG_BAD_PASSWORD);
ksmbd_debug(SMB, "authentication failed\n");
From patchwork Mon Nov 14 12:52:54 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183362
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:19 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:19 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:19 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 265/308] ksmbd: Fix buffer_check_err() kernel-doc
comment
Date: Mon, 14 Nov 2022 20:52:54 +0800
Message-ID: <20221114125337.1831594-266-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
411a2a50-e513-41e8-251b-08dac63c8d38
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6703241
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Yang Li <yang.lee(a)linux.alibaba.com>
mainline inclusion
from mainline-5.17-rc1
commit e230d013378489bcd4b5589ca1d2a5b91ff8d098
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e230d0133784
-------------------------------
Add the description of @rsp_org in buffer_check_err() kernel-doc comment
to remove a warning found by running scripts/kernel-doc, which is caused
by using 'make W=1'.
fs/ksmbd/smb2pdu.c:4028: warning: Function parameter or member 'rsp_org'
not described in 'buffer_check_err'
Reported-by: Abaci Robot <abaci(a)linux.alibaba.com>
Fixes: cb4517201b8a ("ksmbd: remove smb2_buf_length in smb2_hdr")
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Yang Li <yang.lee(a)linux.alibaba.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index bf1b744acba4..dad7e8edd09b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3989,6 +3989,7 @@ int smb2_query_dir(struct ksmbd_work *work)
* buffer_check_err() - helper function to check buffer errors
* @reqOutputBufferLength: max buffer length expected in command response
* @rsp: query info response buffer contains output buffer length
+ * @rsp_org: base response buffer pointer in case of chained response
* @infoclass_size: query info class response buffer size
*
* Return: 0 on success, otherwise error
From patchwork Mon Nov 14 12:52:55 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183363
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:20 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:20 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:19 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 266/308] ksmbd: Fix smb2_set_info_file()
kernel-doc comment
Date: Mon, 14 Nov 2022 20:52:55 +0800
Message-ID: <20221114125337.1831594-267-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d8b2436f-81ba-4133-dcc7-08dac63c8d80
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6863491
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Yang Li <yang.lee(a)linux.alibaba.com>
mainline inclusion
from mainline-5.17-rc1
commit 4bfd9eed15e163969156e976c62db5ef423e5b0f
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4bfd9eed15e1
-------------------------------
Fix argument list that the kdoc format and script verified in
smb2_set_info_file().
The warnings were found by running scripts/kernel-doc, which is
caused by using 'make W=1'.
fs/ksmbd/smb2pdu.c:5862: warning: Function parameter or member 'req' not
described in 'smb2_set_info_file'
fs/ksmbd/smb2pdu.c:5862: warning: Excess function parameter 'info_class'
description in 'smb2_set_info_file'
Reported-by: Abaci Robot <abaci(a)linux.alibaba.com>
Fixes: 9496e268e3af ("ksmbd: add request buffer validation in smb2_set_info")
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Yang Li <yang.lee(a)linux.alibaba.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index dad7e8edd09b..af6465ab7388 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -5796,7 +5796,7 @@ static int set_file_mode_info(struct ksmbd_file *fp,
* smb2_set_info_file() - handler for smb2 set info command
* @work: smb work containing set info command buffer
* @fp: ksmbd_file pointer
- * @info_class: smb2 set info class
+ * @req: request buffer pointer
* @share: ksmbd_share_config pointer
*
* Return: 0 on success, otherwise error
From patchwork Mon Nov 14 12:52:56 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183364
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:20 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:20 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:20 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 267/308] ksmbd: Fix smb2_get_name() kernel-doc
comment
Date: Mon, 14 Nov 2022 20:52:56 +0800
Message-ID: <20221114125337.1831594-268-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
0ae4b73e-fe1c-47eb-94fb-08dac63c8dc9
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6915486
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Yang Li <yang.lee(a)linux.alibaba.com>
mainline inclusion
from mainline-5.17-rc1
commit d4eeb82674acadf789277b577986e8e7d3faf695
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d4eeb82674ac
-------------------------------
Remove some warnings found by running scripts/kernel-doc,
which is caused by using 'make W=1'.
fs/ksmbd/smb2pdu.c:623: warning: Function parameter or member
'local_nls' not described in 'smb2_get_name'
fs/ksmbd/smb2pdu.c:623: warning: Excess function parameter 'nls_table'
description in 'smb2_get_name'
Reported-by: Abaci Robot <abaci(a)linux.alibaba.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Yang Li <yang.lee(a)linux.alibaba.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index af6465ab7388..e0cd70b6829d 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -613,7 +613,7 @@ static void destroy_previous_session(struct ksmbd_user *user, u64 id)
* smb2_get_name() - get filename string from on the wire smb format
* @src: source buffer
* @maxlen: maxlen of source string
- * @nls_table: nls_table pointer
+ * @local_nls: nls_table pointer
*
* Return: matching converted filename on success, otherwise error ptr
*/
From patchwork Mon Nov 14 12:52:57 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183365
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:21 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:21 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:20 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 268/308] ksmbd: register ksmbd ib client with
ib_register_client()
Date: Mon, 14 Nov 2022 20:52:57 +0800
Message-ID: <20221114125337.1831594-269-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cca4f28d-84f3-4ac7-268c-08dac63c8e12
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7086800
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.17-rc1
commit 31928a001bed0d9642711d2eba520fc46d41c376
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/31928a001bed
-------------------------------
Register ksmbd ib client with ib_register_client() to find the rdma capable
network adapter. If ops.get_netdev(Chelsio NICs) is NULL, ksmbd will find
it using ib_device_get_by_netdev in old way.
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 107 ++++++++++++++++++++++++++++++++++----
fs/ksmbd/transport_rdma.h | 2 +-
2 files changed, 98 insertions(+), 11 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 7e57cbb0bb35..339fa4f025f7 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -79,6 +79,14 @@ static int smb_direct_max_read_write_size = 1024 * 1024;
static int smb_direct_max_outstanding_rw_ops = 8;
+static LIST_HEAD(smb_direct_device_list);
+static DEFINE_RWLOCK(smb_direct_device_lock);
+
+struct smb_direct_device {
+ struct ib_device *ib_dev;
+ struct list_head list;
+};
+
static struct smb_direct_listener {
struct rdma_cm_id *cm_id;
} smb_direct_listener;
@@ -2007,12 +2015,61 @@ static int smb_direct_listen(int port)
return ret;
}
+static int smb_direct_ib_client_add(struct ib_device *ib_dev)
+{
+ struct smb_direct_device *smb_dev;
+
+ if (!ib_dev->ops.get_netdev ||
+ !rdma_frwr_is_supported(&ib_dev->attrs))
+ return 0;
+
+ smb_dev = kzalloc(sizeof(*smb_dev), GFP_KERNEL);
+ if (!smb_dev)
+ return -ENOMEM;
+ smb_dev->ib_dev = ib_dev;
+
+ write_lock(&smb_direct_device_lock);
+ list_add(&smb_dev->list, &smb_direct_device_list);
+ write_unlock(&smb_direct_device_lock);
+
+ ksmbd_debug(RDMA, "ib device added: name %s\n", ib_dev->name);
+ return 0;
+}
+
+static void smb_direct_ib_client_remove(struct ib_device *ib_dev,
+ void *client_data)
+{
+ struct smb_direct_device *smb_dev, *tmp;
+
+ write_lock(&smb_direct_device_lock);
+ list_for_each_entry_safe(smb_dev, tmp, &smb_direct_device_list, list) {
+ if (smb_dev->ib_dev == ib_dev) {
+ list_del(&smb_dev->list);
+ kfree(smb_dev);
+ break;
+ }
+ }
+ write_unlock(&smb_direct_device_lock);
+}
+
+static struct ib_client smb_direct_ib_client = {
+ .name = "ksmbd_smb_direct_ib",
+ .add = smb_direct_ib_client_add,
+ .remove = smb_direct_ib_client_remove,
+};
+
int ksmbd_rdma_init(void)
{
int ret;
smb_direct_listener.cm_id = NULL;
+ ret = ib_register_client(&smb_direct_ib_client);
+ if (ret) {
+ pr_err("failed to ib_register_client\n");
+ return ret;
+ }
+
/* When a client is running out of send credits, the credits are
* granted by the server's sending a packet using this queue.
* This avoids the situation that a clients cannot send packets
@@ -2036,30 +2093,60 @@ int ksmbd_rdma_init(void)
return 0;
}
-int ksmbd_rdma_destroy(void)
+void ksmbd_rdma_destroy(void)
{
- if (smb_direct_listener.cm_id)
- rdma_destroy_id(smb_direct_listener.cm_id);
+ if (!smb_direct_listener.cm_id)
+ return;
+
+ ib_unregister_client(&smb_direct_ib_client);
+ rdma_destroy_id(smb_direct_listener.cm_id);
+
smb_direct_listener.cm_id = NULL;
if (smb_direct_wq) {
destroy_workqueue(smb_direct_wq);
smb_direct_wq = NULL;
}
- return 0;
}
bool ksmbd_rdma_capable_netdev(struct net_device *netdev)
{
- struct ib_device *ibdev;
+ struct smb_direct_device *smb_dev;
+ int i;
bool rdma_capable = false;
- ibdev = ib_device_get_by_netdev(netdev, RDMA_DRIVER_UNKNOWN);
- if (ibdev) {
- if (rdma_frwr_is_supported(&ibdev->attrs))
- rdma_capable = true;
- ib_device_put(ibdev);
+ read_lock(&smb_direct_device_lock);
+ list_for_each_entry(smb_dev, &smb_direct_device_list, list) {
+ for (i = 0; i < smb_dev->ib_dev->phys_port_cnt; i++) {
+ struct net_device *ndev;
+
+ ndev = smb_dev->ib_dev->ops.get_netdev(smb_dev->ib_dev,
+ i + 1);
+ if (!ndev)
+ continue;
+
+ if (ndev == netdev) {
+ dev_put(ndev);
+ rdma_capable = true;
+ goto out;
+ }
+ dev_put(ndev);
+ }
+ }
+out:
+ read_unlock(&smb_direct_device_lock);
+
+ if (rdma_capable == false) {
+ struct ib_device *ibdev;
+
+ ibdev = ib_device_get_by_netdev(netdev, RDMA_DRIVER_UNKNOWN);
+ if (ibdev) {
+ if (rdma_frwr_is_supported(&ibdev->attrs))
+ rdma_capable = true;
+ ib_device_put(ibdev);
+ }
}
+
return rdma_capable;
}
diff --git a/fs/ksmbd/transport_rdma.h b/fs/ksmbd/transport_rdma.h
index 0fa8adc0776f..ab9250a7cb86 100644
--- a/fs/ksmbd/transport_rdma.h
+++ b/fs/ksmbd/transport_rdma.h
@@ -52,7 +52,7 @@ struct smb_direct_data_transfer {
#ifdef CONFIG_SMB_SERVER_SMBDIRECT
int ksmbd_rdma_init(void);
-int ksmbd_rdma_destroy(void);
+void ksmbd_rdma_destroy(void);
bool ksmbd_rdma_capable_netdev(struct net_device *netdev);
#else
static inline int ksmbd_rdma_init(void) { return 0; }
From patchwork Mon Nov 14 12:52:58 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183366
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:21 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:21 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:21 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 269/308] ksmbd: set 445 port to smbdirect port by
default
Date: Mon, 14 Nov 2022 20:52:58 +0800
Message-ID: <20221114125337.1831594-270-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
69d9440d-172e-4668-b875-08dac63c8e5a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7007305
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit cb097b3dd5ece9596a0a0b7e33893c02a9bde8c6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/cb097b3dd5ec
-------------------------------
When SMB Direct is used with iWARP, Windows use 5445 port for smb direct
port, 445 port for SMB. This patch check ib_device using ib_client to
know if NICs type is iWARP or Infiniband.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 15 ++++++++++++---
fs/ksmbd/transport_rdma.h | 2 --
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 339fa4f025f7..f89b64e27836 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -34,7 +34,8 @@
#include "smbstatus.h"
#include "transport_rdma.h"
-#define SMB_DIRECT_PORT 5445
+#define SMB_DIRECT_PORT_IWARP 5445
+#define SMB_DIRECT_PORT_INFINIBAND 445
#define SMB_DIRECT_VERSION_LE cpu_to_le16(0x0100)
@@ -60,6 +61,10 @@
* as defined in [MS-SMBD] 3.1.1.1
* Those may change after a SMB_DIRECT negotiation
*/
+
+/* Set 445 port to SMB Direct port by default */
+static int smb_direct_port = SMB_DIRECT_PORT_INFINIBAND;
+
/* The local peer's maximum number of credits to grant to the peer */
static int smb_direct_receive_credit_max = 255;
@@ -1942,7 +1947,7 @@ static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
KSMBD_TRANS(t)->handler = kthread_run(ksmbd_conn_handler_loop,
KSMBD_TRANS(t)->conn, "ksmbd:r%u",
- SMB_DIRECT_PORT);
+ smb_direct_port);
if (IS_ERR(KSMBD_TRANS(t)->handler)) {
int ret = PTR_ERR(KSMBD_TRANS(t)->handler);
@@ -2019,6 +2024,10 @@ static int smb_direct_ib_client_add(struct ib_device *ib_dev)
{
struct smb_direct_device *smb_dev;
+ /* Set 5445 port if device type is iWARP(No IB) */
+ if (ib_dev->node_type != RDMA_NODE_IB_CA)
+ smb_direct_port = SMB_DIRECT_PORT_IWARP;
+
if (!ib_dev->ops.get_netdev ||
!rdma_frwr_is_supported(&ib_dev->attrs))
return 0;
@@ -2080,7 +2089,7 @@ int ksmbd_rdma_init(void)
if (!smb_direct_wq)
return -ENOMEM;
- ret = smb_direct_listen(SMB_DIRECT_PORT);
+ ret = smb_direct_listen(smb_direct_port);
if (ret) {
destroy_workqueue(smb_direct_wq);
smb_direct_wq = NULL;
diff --git a/fs/ksmbd/transport_rdma.h b/fs/ksmbd/transport_rdma.h
index ab9250a7cb86..5567d93a6f96 100644
--- a/fs/ksmbd/transport_rdma.h
+++ b/fs/ksmbd/transport_rdma.h
@@ -7,8 +7,6 @@
#ifndef __KSMBD_TRANSPORT_RDMA_H__
#define __KSMBD_TRANSPORT_RDMA_H__
-#define SMB_DIRECT_PORT 5445
-
/* SMB DIRECT negotiation request packet [MS-SMBD] 2.2.1 */
struct smb_direct_negotiate_req {
__le16 min_version;
From patchwork Mon Nov 14 12:52:59 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183367
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:22 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:22 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:21 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 270/308] ksmbd: smbd: call rdma_accept() under CM
handler
Date: Mon, 14 Nov 2022 20:52:59 +0800
Message-ID: <20221114125337.1831594-271-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
f225667f-7d27-4e6f-e3b4-08dac63c8ea3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7791870
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.17-rc1
commit 99b7650ac51847e81b4d5139824e321e6cb76130
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/99b7650ac518
-------------------------------
if CONFIG_LOCKDEP is enabled, the following
kernel warning message is generated because
rdma_accept() checks whehter the handler_mutex
is held by lockdep_assert_held. CM(Connection
Manager) holds the mutex before CM handler
callback is called.
[ 63.211405 ] WARNING: CPU: 1 PID: 345 at drivers/infiniband/core/cma.c:4405 rdma_accept+0x17a/0x350
[ 63.212080 ] RIP: 0010:rdma_accept+0x17a/0x350
...
[ 63.214036 ] Call Trace:
[ 63.214098 ] <TASK>
[ 63.214185 ] smb_direct_accept_client+0xb4/0x170 [ksmbd]
[ 63.214412 ] smb_direct_prepare+0x322/0x8c0 [ksmbd]
[ 63.214555 ] ? rcu_read_lock_sched_held+0x3a/0x70
[ 63.214700 ] ksmbd_conn_handler_loop+0x63/0x270 [ksmbd]
[ 63.214826 ] ? ksmbd_conn_alive+0x80/0x80 [ksmbd]
[ 63.214952 ] kthread+0x171/0x1a0
[ 63.215039 ] ? set_kthread_struct+0x40/0x40
[ 63.215128 ] ret_from_fork+0x22/0x30
To avoid this, move creating a queue pair and accepting
a client from transport_ops->prepare() to
smb_direct_handle_connect_request().
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 102 ++++++++++++++++++++++----------------
1 file changed, 59 insertions(+), 43 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index f89b64e27836..0fd706d01790 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -568,6 +568,7 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
}
t->negotiation_requested = true;
t->full_packet_received = true;
+ enqueue_reassembly(t, recvmsg, 0);
wake_up_interruptible(&t->wait_status);
break;
case SMB_DIRECT_MSG_DATA_TRANSFER: {
@@ -1594,19 +1595,13 @@ static int smb_direct_accept_client(struct smb_direct_transport *t)
pr_err("error at rdma_accept: %d\n", ret);
return ret;
}
-
- wait_event_interruptible(t->wait_status,
- t->status != SMB_DIRECT_CS_NEW);
- if (t->status != SMB_DIRECT_CS_CONNECTED)
- return -ENOTCONN;
return 0;
}
-static int smb_direct_negotiate(struct smb_direct_transport *t)
+static int smb_direct_prepare_negotiation(struct smb_direct_transport *t)
{
int ret;
struct smb_direct_recvmsg *recvmsg;
- struct smb_direct_negotiate_req *req;
recvmsg = get_free_recvmsg(t);
if (!recvmsg)
@@ -1616,44 +1611,20 @@ static int smb_direct_negotiate(struct smb_direct_transport *t)
ret = smb_direct_post_recv(t, recvmsg);
if (ret) {
pr_err("Can't post recv: %d\n", ret);
- goto out;
+ goto out_err;
}
t->negotiation_requested = false;
ret = smb_direct_accept_client(t);
if (ret) {
pr_err("Can't accept client\n");
- goto out;
+ goto out_err;
}
smb_direct_post_recv_credits(&t->post_recv_credits_work.work);
-
- ksmbd_debug(RDMA, "Waiting for SMB_DIRECT negotiate request\n");
- ret = wait_event_interruptible_timeout(t->wait_status,
- t->negotiation_requested ||
- t->status == SMB_DIRECT_CS_DISCONNECTED,
- SMB_DIRECT_NEGOTIATE_TIMEOUT * HZ);
- if (ret <= 0 || t->status == SMB_DIRECT_CS_DISCONNECTED) {
- ret = ret < 0 ? ret : -ETIMEDOUT;
- goto out;
- }
-
- ret = smb_direct_check_recvmsg(recvmsg);
- if (ret == -ECONNABORTED)
- goto out;
-
- req = (struct smb_direct_negotiate_req *)recvmsg->packet;
- t->max_recv_size = min_t(int, t->max_recv_size,
- le32_to_cpu(req->preferred_send_size));
- t->max_send_size = min_t(int, t->max_send_size,
- le32_to_cpu(req->max_receive_size));
- t->max_fragmented_send_size =
- le32_to_cpu(req->max_fragmented_size);
-
- ret = smb_direct_send_negotiate_response(t, ret);
-out:
- if (recvmsg)
- put_recvmsg(t, recvmsg);
+ return 0;
+out_err:
+ put_recvmsg(t, recvmsg);
return ret;
}
@@ -1890,6 +1861,47 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
static int smb_direct_prepare(struct ksmbd_transport *t)
{
struct smb_direct_transport *st = smb_trans_direct_transfort(t);
+ struct smb_direct_recvmsg *recvmsg;
+ struct smb_direct_negotiate_req *req;
+ int ret;
+
+ ksmbd_debug(RDMA, "Waiting for SMB_DIRECT negotiate request\n");
+ ret = wait_event_interruptible_timeout(st->wait_status,
+ st->negotiation_requested ||
+ st->status == SMB_DIRECT_CS_DISCONNECTED,
+ SMB_DIRECT_NEGOTIATE_TIMEOUT * HZ);
+ if (ret <= 0 || st->status == SMB_DIRECT_CS_DISCONNECTED)
+ return ret < 0 ? ret : -ETIMEDOUT;
+
+ recvmsg = get_first_reassembly(st);
+ if (!recvmsg)
+ return -ECONNABORTED;
+
+ ret = smb_direct_check_recvmsg(recvmsg);
+ if (ret == -ECONNABORTED)
+ goto out;
+
+ req = (struct smb_direct_negotiate_req *)recvmsg->packet;
+ st->max_recv_size = min_t(int, st->max_recv_size,
+ le32_to_cpu(req->preferred_send_size));
+ st->max_send_size = min_t(int, st->max_send_size,
+ le32_to_cpu(req->max_receive_size));
+ st->max_fragmented_send_size =
+ le32_to_cpu(req->max_fragmented_size);
+
+ ret = smb_direct_send_negotiate_response(st, ret);
+out:
+ spin_lock_irq(&st->reassembly_queue_lock);
+ st->reassembly_queue_length--;
+ list_del(&recvmsg->list);
+ spin_unlock_irq(&st->reassembly_queue_lock);
+ put_recvmsg(st, recvmsg);
+
+ return ret;
+}
+
+static int smb_direct_connect(struct smb_direct_transport *st)
+{
int ret;
struct ib_qp_cap qp_cap;
@@ -1911,13 +1923,11 @@ static int smb_direct_prepare(struct ksmbd_transport *t)
return ret;
}
- ret = smb_direct_negotiate(st);
+ ret = smb_direct_prepare_negotiation(st);
if (ret) {
pr_err("Can't negotiate: %d\n", ret);
return ret;
}
-
- st->status = SMB_DIRECT_CS_CONNECTED;
return 0;
}
@@ -1933,6 +1943,7 @@ static bool rdma_frwr_is_supported(struct ib_device_attr *attrs)
static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
{
struct smb_direct_transport *t;
+ int ret;
if (!rdma_frwr_is_supported(&new_cm_id->device->attrs)) {
ksmbd_debug(RDMA,
@@ -1945,18 +1956,23 @@ static int smb_direct_handle_connect_request(struct rdma_cm_id *new_cm_id)
if (!t)
return -ENOMEM;
+ ret = smb_direct_connect(t);
+ if (ret)
+ goto out_err;
+
KSMBD_TRANS(t)->handler = kthread_run(ksmbd_conn_handler_loop,
KSMBD_TRANS(t)->conn, "ksmbd:r%u",
smb_direct_port);
if (IS_ERR(KSMBD_TRANS(t)->handler)) {
- int ret = PTR_ERR(KSMBD_TRANS(t)->handler);
-
+ ret = PTR_ERR(KSMBD_TRANS(t)->handler);
pr_err("Can't start thread\n");
- free_transport(t);
- return ret;
+ goto out_err;
}
return 0;
+out_err:
+ free_transport(t);
+ return ret;
}
static int smb_direct_listen_handler(struct rdma_cm_id *cm_id,
From patchwork Mon Nov 14 12:53:00 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183368
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:22 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:22 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:22 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 271/308] ksmbd: smbd: create MR pool
Date: Mon, 14 Nov 2022 20:53:00 +0800
Message-ID: <20221114125337.1831594-272-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
56213196-fb07-45f6-747b-08dac63c8eec
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7070150
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.17-rc1
commit c9f189271cff85d5d735e25dfa4bc95952ec12d8
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/c9f189271cff
-------------------------------
Create a memory region pool because rdma_rw_ctx_init()
uses memory registration if memory registration yields
better performance than using multiple SGE entries.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 0fd706d01790..f0b17da1cac2 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -428,6 +428,7 @@ static void free_transport(struct smb_direct_transport *t)
if (t->qp) {
ib_drain_qp(t->qp);
+ ib_mr_pool_destroy(t->qp, &t->qp->rdma_mrs);
ib_destroy_qp(t->qp);
}
@@ -1708,7 +1709,9 @@ static int smb_direct_init_params(struct smb_direct_transport *t,
cap->max_send_sge = SMB_DIRECT_MAX_SEND_SGES;
cap->max_recv_sge = SMB_DIRECT_MAX_RECV_SGES;
cap->max_inline_data = 0;
- cap->max_rdma_ctxs = 0;
+ cap->max_rdma_ctxs =
+ rdma_rw_mr_factor(device, t->cm_id->port_num, max_pages) *
+ smb_direct_max_outstanding_rw_ops;
return 0;
}
@@ -1790,6 +1793,7 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
{
int ret;
struct ib_qp_init_attr qp_attr;
+ int pages_per_rw;
t->pd = ib_alloc_pd(t->cm_id->device, 0);
if (IS_ERR(t->pd)) {
@@ -1837,6 +1841,23 @@ static int smb_direct_create_qpair(struct smb_direct_transport *t,
t->qp = t->cm_id->qp;
t->cm_id->event_handler = smb_direct_cm_handler;
+ pages_per_rw = DIV_ROUND_UP(t->max_rdma_rw_size, PAGE_SIZE) + 1;
+ if (pages_per_rw > t->cm_id->device->attrs.max_sgl_rd) {
+ int pages_per_mr, mr_count;
+
+ pages_per_mr = min_t(int, pages_per_rw,
+ t->cm_id->device->attrs.max_fast_reg_page_list_len);
+ mr_count = DIV_ROUND_UP(pages_per_rw, pages_per_mr) *
+ atomic_read(&t->rw_avail_ops);
+ ret = ib_mr_pool_init(t->qp, &t->qp->rdma_mrs, mr_count,
+ IB_MR_TYPE_MEM_REG, pages_per_mr, 0);
+ if (ret) {
+ pr_err("failed to init mr pool count %d pages %d\n",
+ mr_count, pages_per_mr);
+ goto err;
+ }
+ }
+
return 0;
err:
if (t->qp) {
From patchwork Mon Nov 14 12:53:01 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183369
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:23 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:23 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:22 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 272/308] ksmbd: smbd: change the default maximum
read/write, receive size
Date: Mon, 14 Nov 2022 20:53:01 +0800
Message-ID: <20221114125337.1831594-273-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d98ed25b-5b7c-4282-5283-08dac63c8f35
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6870156
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.17-rc1
commit 4d02c4fdc0e256b493f9a3b604c7ff18f0019f17
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/4d02c4fdc0e2
-------------------------------
Due to restriction that cannot handle multiple
buffer descriptor structures, decrease the maximum
read/write size for Windows clients.
And set the maximum fragmented receive size
in consideration of the receive queue size.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index f0b17da1cac2..86fd64511512 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -80,7 +80,7 @@ static int smb_direct_max_fragmented_recv_size = 1024 * 1024;
/* The maximum single-message size which can be received */
static int smb_direct_max_receive_size = 8192;
-static int smb_direct_max_read_write_size = 1024 * 1024;
+static int smb_direct_max_read_write_size = 1048512;
static int smb_direct_max_outstanding_rw_ops = 8;
@@ -1908,7 +1908,9 @@ static int smb_direct_prepare(struct ksmbd_transport *t)
st->max_send_size = min_t(int, st->max_send_size,
le32_to_cpu(req->max_receive_size));
st->max_fragmented_send_size =
- le32_to_cpu(req->max_fragmented_size);
+ le32_to_cpu(req->max_fragmented_size);
+ st->max_fragmented_recv_size =
+ (st->recv_credit_max * st->max_recv_size) / 2;
ret = smb_direct_send_negotiate_response(st, ret);
out:
From patchwork Mon Nov 14 12:53:02 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183370
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:23 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:23 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:23 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 273/308] ksmbd: add smb-direct shutdown
Date: Mon, 14 Nov 2022 20:53:02 +0800
Message-ID: <20221114125337.1831594-274-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
94120031-d911-425f-be2b-08dac63c8f7d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6882045
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Yufan Chen <wiz.chen(a)gmail.com>
mainline inclusion
from mainline-5.17-rc1
commit 136dff3a6b71dc16c30b35cc390feb0bfc32ed50
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/136dff3a6b71
-------------------------------
When killing ksmbd server after connecting rdma, ksmbd threads does not
terminate properly because the rdma connection is still alive.
This patch add shutdown operation to disconnect rdma connection while
ksmbd threads terminate.
Signed-off-by: Yufan Chen <wiz.chen(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 9 ++++++++-
fs/ksmbd/connection.h | 1 +
fs/ksmbd/transport_rdma.c | 10 ++++++++++
3 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 83a94d0bb480..6f4cee9beaa9 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -386,17 +386,24 @@ int ksmbd_conn_transport_init(void)
static void stop_sessions(void)
{
struct ksmbd_conn *conn;
+ struct ksmbd_transport *t;
again:
read_lock(&conn_list_lock);
list_for_each_entry(conn, &conn_list, conns_list) {
struct task_struct *task;
- task = conn->transport->handler;
+ t = conn->transport;
+ task = t->handler;
if (task)
ksmbd_debug(CONN, "Stop session handler %s/%d\n",
task->comm, task_pid_nr(task));
conn->status = KSMBD_SESS_EXITING;
+ if (t->ops->shutdown) {
+ read_unlock(&conn_list_lock);
+ t->ops->shutdown(t);
+ read_lock(&conn_list_lock);
+ }
}
read_unlock(&conn_list_lock);
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index 72dfd155b5bf..d85f0122edc9 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -117,6 +117,7 @@ struct ksmbd_conn_ops {
struct ksmbd_transport_ops {
int (*prepare)(struct ksmbd_transport *t);
void (*disconnect)(struct ksmbd_transport *t);
+ void (*shutdown)(struct ksmbd_transport *t);
int (*read)(struct ksmbd_transport *t, char *buf, unsigned int size);
int (*writev)(struct ksmbd_transport *t, struct kvec *iovs, int niov,
int size, bool need_invalidate_rkey,
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 86fd64511512..3c1ec1ac0b27 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -1453,6 +1453,15 @@ static void smb_direct_disconnect(struct ksmbd_transport *t)
free_transport(st);
}
+static void smb_direct_shutdown(struct ksmbd_transport *t)
+{
+ struct smb_direct_transport *st = smb_trans_direct_transfort(t);
+
+ ksmbd_debug(RDMA, "smb-direct shutdown cm_id=%p\n", st->cm_id);
+
+ smb_direct_disconnect_rdma_work(&st->disconnect_work);
+}
+
static int smb_direct_cm_handler(struct rdma_cm_id *cm_id,
struct rdma_cm_event *event)
{
@@ -2201,6 +2210,7 @@ bool ksmbd_rdma_capable_netdev(struct net_device *netdev)
static struct ksmbd_transport_ops ksmbd_smb_direct_transport_ops = {
.prepare = smb_direct_prepare,
.disconnect = smb_direct_disconnect,
+ .shutdown = smb_direct_shutdown,
.writev = smb_direct_writev,
.read = smb_direct_read,
.rdma_read = smb_direct_rdma_read,
From patchwork Mon Nov 14 12:53:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183371
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:24 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:24 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:23 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 274/308] ksmbd: smbd: fix missing client's memory
region invalidation
Date: Mon, 14 Nov 2022 20:53:03 +0800
Message-ID: <20221114125337.1831594-275-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
430bb79d-f128-43d7-76b2-08dac63c8fc6
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7032252
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.17-rc1
commit 2fd5dcb1c8ef96c9f0fa8bda53ca480524b80ae7
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/2fd5dcb1c8ef
-------------------------------
if the Channel of a SMB2 WRITE request is
SMB2_CHANNEL_RDMA_V1_INVALIDTE, a client
does not invalidate its memory regions but
ksmbd must do it by sending a SMB2 WRITE response
with IB_WR_SEND_WITH_INV.
But if errors occur while processing a SMB2
READ/WRITE request, ksmbd sends a response
with IB_WR_SEND. So a client could use memory
regions already in use.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 73 +++++++++++++++++++++++++++++-----------------
1 file changed, 46 insertions(+), 27 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index e0cd70b6829d..2ec206d22946 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6068,25 +6068,33 @@ static noinline int smb2_read_pipe(struct ksmbd_work *work)
return err;
}
-static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work,
- struct smb2_read_req *req, void *data_buf,
- size_t length)
+static int smb2_set_remote_key_for_rdma(struct ksmbd_work *work,
+ struct smb2_buffer_desc_v1 *desc,
+ __le32 Channel,
+ __le16 ChannelInfoOffset,
+ __le16 ChannelInfoLength)
{
- struct smb2_buffer_desc_v1 *desc =
- (struct smb2_buffer_desc_v1 *)&req->Buffer[0];
- int err;
-
if (work->conn->dialect == SMB30_PROT_ID &&
- req->Channel != SMB2_CHANNEL_RDMA_V1)
+ Channel != SMB2_CHANNEL_RDMA_V1)
return -EINVAL;
- if (req->ReadChannelInfoOffset == 0 ||
- le16_to_cpu(req->ReadChannelInfoLength) < sizeof(*desc))
+ if (ChannelInfoOffset == 0 ||
+ le16_to_cpu(ChannelInfoLength) < sizeof(*desc))
return -EINVAL;
work->need_invalidate_rkey =
- (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
+ (Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
work->remote_key = le32_to_cpu(desc->token);
+ return 0;
+}
+
+static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work,
+ struct smb2_read_req *req, void *data_buf,
+ size_t length)
+{
+ struct smb2_buffer_desc_v1 *desc =
+ (struct smb2_buffer_desc_v1 *)&req->Buffer[0];
+ int err;
err = ksmbd_conn_rdma_write(work->conn, data_buf, length,
le32_to_cpu(desc->token),
@@ -6109,7 +6117,7 @@ int smb2_read(struct ksmbd_work *work)
struct ksmbd_conn *conn = work->conn;
struct smb2_read_req *req;
struct smb2_read_rsp *rsp;
- struct ksmbd_file *fp;
+ struct ksmbd_file *fp = NULL;
loff_t offset;
size_t length, mincount;
ssize_t nbytes = 0, remain_bytes = 0;
@@ -6123,6 +6131,18 @@ int smb2_read(struct ksmbd_work *work)
return smb2_read_pipe(work);
}
+ if (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE ||
+ req->Channel == SMB2_CHANNEL_RDMA_V1) {
+ err = smb2_set_remote_key_for_rdma(work,
+ (struct smb2_buffer_desc_v1 *)
+ &req->Buffer[0],
+ req->Channel,
+ req->ReadChannelInfoOffset,
+ req->ReadChannelInfoLength);
+ if (err)
+ goto out;
+ }
+
fp = ksmbd_lookup_fd_slow(work, le64_to_cpu(req->VolatileFileId),
le64_to_cpu(req->PersistentFileId));
if (!fp) {
@@ -6308,21 +6328,6 @@ static ssize_t smb2_write_rdma_channel(struct ksmbd_work *work,
desc = (struct smb2_buffer_desc_v1 *)&req->Buffer[0];
- if (work->conn->dialect == SMB30_PROT_ID &&
- req->Channel != SMB2_CHANNEL_RDMA_V1)
- return -EINVAL;
-
- if (req->Length != 0 || req->DataOffset != 0)
- return -EINVAL;
-
- if (req->WriteChannelInfoOffset == 0 ||
- le16_to_cpu(req->WriteChannelInfoLength) < sizeof(*desc))
- return -EINVAL;
-
- work->need_invalidate_rkey =
- (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
- work->remote_key = le32_to_cpu(desc->token);
-
data_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO);
if (!data_buf)
return -ENOMEM;
@@ -6369,6 +6374,20 @@ int smb2_write(struct ksmbd_work *work)
return smb2_write_pipe(work);
}
+ if (req->Channel == SMB2_CHANNEL_RDMA_V1 ||
+ req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE) {
+ if (req->Length != 0 || req->DataOffset != 0)
+ return -EINVAL;
+ err = smb2_set_remote_key_for_rdma(work,
+ (struct smb2_buffer_desc_v1 *)
+ &req->Buffer[0],
+ req->Channel,
+ req->WriteChannelInfoOffset,
+ req->WriteChannelInfoLength);
+ if (err)
+ goto out;
+ }
+
if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) {
ksmbd_debug(SMB, "User does not have write permission\n");
err = -EACCES;
From patchwork Mon Nov 14 12:53:04 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183372
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:24 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:24 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:24 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 275/308] ksmbd: uninitialized variable in
create_socket()
Date: Mon, 14 Nov 2022 20:53:04 +0800
Message-ID: <20221114125337.1831594-276-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9b07eb75-e8cf-4b2e-0849-08dac63c900f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6773112
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Dan Carpenter <dan.carpenter(a)oracle.com>
mainline inclusion
from mainline-5.17-rc1
commit b207602fb04537cb21ac38fabd7577eca2fa05ae
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b207602fb045
-------------------------------
The "ksmbd_socket" variable is not initialized on this error path.
Cc: stable(a)vger.kernel.org
Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers")
Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_tcp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/transport_tcp.c b/fs/ksmbd/transport_tcp.c
index c14320e03b69..82a1429bbe12 100644
--- a/fs/ksmbd/transport_tcp.c
+++ b/fs/ksmbd/transport_tcp.c
@@ -404,7 +404,7 @@ static int create_socket(struct interface *iface)
&ksmbd_socket);
if (ret) {
pr_err("Can't create socket for ipv4: %d\n", ret);
- goto out_error;
+ goto out_clear;
}
sin.sin_family = PF_INET;
@@ -462,6 +462,7 @@ static int create_socket(struct interface *iface)
out_error:
tcp_destroy_socket(ksmbd_socket);
+out_clear:
iface->ksmbd_socket = NULL;
return ret;
}
From patchwork Mon Nov 14 12:53:05 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183373
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:25 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:25 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:24 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 276/308] ksmbd: fix guest connection failure with
nautilus
Date: Mon, 14 Nov 2022 20:53:05 +0800
Message-ID: <20221114125337.1831594-277-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
831bc2f8-88a8-48cc-f17e-08dac63c9058
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6986920
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit ac090d9c90b087d6fb714e54b2a6dd1e6c373ed6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/ac090d9c90b0
-------------------------------
MS-SMB2 describe session sign like the following.
Session.SigningRequired MUST be set to TRUE under the following conditions:
- If the SMB2_NEGOTIATE_SIGNING_REQUIRED bit is set in the SecurityMode
field of the client request.
- If the SMB2_SESSION_FLAG_IS_GUEST bit is not set in the SessionFlags
field and Session.IsAnonymous is FALSE and either Connection.ShouldSign
or global RequireMessageSigning is TRUE.
When trying guest account connection using nautilus, The login failure
happened on session setup. ksmbd does not allow this connection
when the user is a guest and the connection sign is set. Just do not set
session sign instead of error response as described in the specification.
And this change improves the guest connection in Nautilus.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org # v5.15+
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 62 ++++++++++++++++++++++------------------------
1 file changed, 29 insertions(+), 33 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 2ec206d22946..7bf9f85cd021 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1460,11 +1460,6 @@ static int ntlm_authenticate(struct ksmbd_work *work)
}
if (user_guest(sess->user)) {
- if (conn->sign) {
- ksmbd_debug(SMB, "Guest login not allowed when signing enabled\n");
- return -EPERM;
- }
-
rsp->SessionFlags = SMB2_SESSION_FLAG_IS_GUEST_LE;
} else {
struct authenticate_message *authblob;
@@ -1477,38 +1472,39 @@ static int ntlm_authenticate(struct ksmbd_work *work)
ksmbd_debug(SMB, "authentication failed\n");
return -EPERM;
}
+ }
- /*
- * If session state is SMB2_SESSION_VALID, We can assume
- * that it is reauthentication. And the user/password
- * has been verified, so return it here.
- */
- if (sess->state == SMB2_SESSION_VALID) {
- if (conn->binding)
- goto binding_session;
- return 0;
- }
+ /*
+ * If session state is SMB2_SESSION_VALID, We can assume
+ * that it is reauthentication. And the user/password
+ * has been verified, so return it here.
+ */
+ if (sess->state == SMB2_SESSION_VALID) {
+ if (conn->binding)
+ goto binding_session;
+ return 0;
+ }
- if ((conn->sign || server_conf.enforced_signing) ||
- (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
- sess->sign = true;
+ if ((rsp->SessionFlags != SMB2_SESSION_FLAG_IS_GUEST_LE &&
+ (conn->sign || server_conf.enforced_signing)) ||
+ (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED))
+ sess->sign = true;
- if (smb3_encryption_negotiated(conn) &&
- !(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
- rc = conn->ops->generate_encryptionkey(sess);
- if (rc) {
- ksmbd_debug(SMB,
- "SMB3 encryption key generation failed\n");
- return -EINVAL;
- }
- sess->enc = true;
- rsp->SessionFlags = SMB2_SESSION_FLAG_ENCRYPT_DATA_LE;
- /*
- * signing is disable if encryption is enable
- * on this session
- */
- sess->sign = false;
+ if (smb3_encryption_negotiated(conn) &&
+ !(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
+ rc = conn->ops->generate_encryptionkey(sess);
+ if (rc) {
+ ksmbd_debug(SMB,
+ "SMB3 encryption key generation failed\n");
+ return -EINVAL;
}
+ sess->enc = true;
+ rsp->SessionFlags = SMB2_SESSION_FLAG_ENCRYPT_DATA_LE;
+ /*
+ * signing is disable if encryption is enable
+ * on this session
+ */
+ sess->sign = false;
}
binding_session:
From patchwork Mon Nov 14 12:53:06 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183374
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:25 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:25 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:25 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 277/308] ksmbd: fix SMB 3.11 posix extension mount
failure
Date: Mon, 14 Nov 2022 20:53:06 +0800
Message-ID: <20221114125337.1831594-278-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
44f7cc44-db5e-4d53-5cf7-08dac63c90a1
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6907406
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc4
commit 9ca8581e79e51c57e60b3b8e3b89d816448f49fe
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/9ca8581e79e5
-------------------------------
cifs client set 4 to DataLength of create_posix context, which mean
Mode variable of create_posix context is only available. So buffer
validation of ksmbd should check only the size of Mode except for
the size of Reserved variable.
Fixes: 8f77150c15f8 ("ksmbd: add buffer validation for SMB2_CREATE_CONTEXT")
Cc: stable(a)vger.kernel.org # v5.15+
Reported-by: Steve French <smfrench(a)gmail.com>
Tested-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 7bf9f85cd021..98f2805bf092 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2671,7 +2671,7 @@ int smb2_open(struct ksmbd_work *work)
(struct create_posix *)context;
if (le16_to_cpu(context->DataOffset) +
le32_to_cpu(context->DataLength) <
- sizeof(struct create_posix)) {
+ sizeof(struct create_posix) - 4) {
rc = -EINVAL;
goto err_out1;
}
From patchwork Mon Nov 14 12:53:07 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183375
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:26 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:26 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:25 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 278/308] ksmbd: smbd: validate buffer descriptor
structures
Date: Mon, 14 Nov 2022 20:53:07 +0800
Message-ID: <20221114125337.1831594-279-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d0b5a431-b977-449e-3b69-08dac63c90ea
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6938225
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.17-rc4
commit 6d896d3b44cf64ab9b2483697e222098e7b72f70
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/6d896d3b44cf
-------------------------------
Check ChannelInfoOffset and ChannelInfoLength
to validate buffer descriptor structures.
And add a debug log to print the structures'
content.
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 36 ++++++++++++++++++++++++++++++------
1 file changed, 30 insertions(+), 6 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 98f2805bf092..53f263742b0f 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -6070,13 +6070,26 @@ static int smb2_set_remote_key_for_rdma(struct ksmbd_work *work,
__le16 ChannelInfoOffset,
__le16 ChannelInfoLength)
{
+ unsigned int i, ch_count;
+
if (work->conn->dialect == SMB30_PROT_ID &&
Channel != SMB2_CHANNEL_RDMA_V1)
return -EINVAL;
- if (ChannelInfoOffset == 0 ||
- le16_to_cpu(ChannelInfoLength) < sizeof(*desc))
+ ch_count = le16_to_cpu(ChannelInfoLength) / sizeof(*desc);
+ if (ksmbd_debug_types & KSMBD_DEBUG_RDMA) {
+ for (i = 0; i < ch_count; i++) {
+ pr_info("RDMA r/w request %#x: token %#x, length %#x\n",
+ i,
+ le32_to_cpu(desc[i].token),
+ le32_to_cpu(desc[i].length));
+ }
+ }
+ if (ch_count != 1) {
+ ksmbd_debug(RDMA, "RDMA multiple buffer descriptors %d are not supported yet\n",
+ ch_count);
return -EINVAL;
+ }
work->need_invalidate_rkey =
(Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE);
@@ -6129,9 +6142,15 @@ int smb2_read(struct ksmbd_work *work)
if (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE ||
req->Channel == SMB2_CHANNEL_RDMA_V1) {
+ unsigned int ch_offset = le16_to_cpu(req->ReadChannelInfoOffset);
+
+ if (ch_offset < offsetof(struct smb2_read_req, Buffer)) {
+ err = -EINVAL;
+ goto out;
+ }
err = smb2_set_remote_key_for_rdma(work,
(struct smb2_buffer_desc_v1 *)
- &req->Buffer[0],
+ ((char *)req + ch_offset),
req->Channel,
req->ReadChannelInfoOffset,
req->ReadChannelInfoLength);
@@ -6372,11 +6391,16 @@ int smb2_write(struct ksmbd_work *work)
if (req->Channel == SMB2_CHANNEL_RDMA_V1 ||
req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE) {
- if (req->Length != 0 || req->DataOffset != 0)
- return -EINVAL;
+ unsigned int ch_offset = le16_to_cpu(req->WriteChannelInfoOffset);
+
+ if (req->Length != 0 || req->DataOffset != 0 ||
+ ch_offset < offsetof(struct smb2_write_req, Buffer)) {
+ err = -EINVAL;
+ goto out;
+ }
err = smb2_set_remote_key_for_rdma(work,
(struct smb2_buffer_desc_v1 *)
- &req->Buffer[0],
+ ((char *)req + ch_offset),
req->Channel,
req->WriteChannelInfoOffset,
req->WriteChannelInfoLength);
From patchwork Mon Nov 14 12:53:08 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183376
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:26 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:26 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:25 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 279/308] ksmbd: fix same UniqueId for dot and
dotdot entries
Date: Mon, 14 Nov 2022 20:53:08 +0800
Message-ID: <20221114125337.1831594-280-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2191281a-5600-4be6-cca7-08dac63c9132
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6819616
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc4
commit 97550c7478a2da93e348d8c3075d92cddd473a78
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/97550c7478a2
-------------------------------
ksmbd sets the inode number to UniqueId. However, the same UniqueId for
dot and dotdot entry is set to the inode number of the parent inode.
This patch set them using the current inode and parent inode.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb_common.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index be9701273c71..2476ba92b475 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -307,14 +307,17 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
for (i = 0; i < 2; i++) {
struct kstat kstat;
struct ksmbd_kstat ksmbd_kstat;
+ struct dentry *dentry;
if (!dir->dot_dotdot[i]) { /* fill dot entry info */
if (i == 0) {
d_info->name = ".";
d_info->name_len = 1;
+ dentry = dir->filp->f_path.dentry;
} else {
d_info->name = "..";
d_info->name_len = 2;
+ dentry = dir->filp->f_path.dentry->d_parent;
}
if (!match_pattern(d_info->name, d_info->name_len,
@@ -325,7 +328,7 @@ int ksmbd_populate_dot_dotdot_entries(struct ksmbd_work *work, int info_level,
ksmbd_kstat.kstat = &kstat;
ksmbd_vfs_fill_dentry_attrs(work,
- dir->filp->f_path.dentry->d_parent,
+ dentry,
&ksmbd_kstat);
rc = fn(conn, info_level, d_info, &ksmbd_kstat);
if (rc)
From patchwork Mon Nov 14 12:53:09 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183377
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:27 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:26 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:26 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 280/308] ksmbd: don't align last entry offset in
smb2 query directory
Date: Mon, 14 Nov 2022 20:53:09 +0800
Message-ID: <20221114125337.1831594-281-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
d0cc8882-d53d-4c81-8508-08dac63c917b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7000995
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc4
commit 04e260948a160d3b7d622bf4c8a96fa4577c09bd
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/04e260948a16
-------------------------------
When checking smb2 query directory packets from other servers,
OutputBufferLength is different with ksmbd. Other servers add an unaligned
next offset to OutputBufferLength for the last entry.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 7 ++++---
fs/ksmbd/vfs.h | 1 +
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 53f263742b0f..f118cbf00cac 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3393,9 +3393,9 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
goto free_conv_name;
}
- struct_sz = readdir_info_level_struct_sz(info_level);
- next_entry_offset = ALIGN(struct_sz - 1 + conv_len,
- KSMBD_DIR_INFO_ALIGNMENT);
+ struct_sz = readdir_info_level_struct_sz(info_level) - 1 + conv_len;
+ next_entry_offset = ALIGN(struct_sz, KSMBD_DIR_INFO_ALIGNMENT);
+ d_info->last_entry_off_align = next_entry_offset - struct_sz;
if (next_entry_offset > d_info->out_buf_len) {
d_info->out_buf_len = 0;
@@ -3943,6 +3943,7 @@ int smb2_query_dir(struct ksmbd_work *work)
((struct file_directory_info *)
((char *)rsp->Buffer + d_info.last_entry_offset))
->NextEntryOffset = 0;
+ d_info.data_count -= d_info.last_entry_off_align;
rsp->StructureSize = cpu_to_le16(9);
rsp->OutputBufferOffset = cpu_to_le16(72);
diff --git a/fs/ksmbd/vfs.h b/fs/ksmbd/vfs.h
index 51ff1f63965c..edaf12ced841 100644
--- a/fs/ksmbd/vfs.h
+++ b/fs/ksmbd/vfs.h
@@ -86,6 +86,7 @@ struct ksmbd_dir_info {
int last_entry_offset;
bool hide_dot_file;
int flags;
+ int last_entry_off_align;
};
struct ksmbd_readdir_data {
From patchwork Mon Nov 14 12:53:10 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183378
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:27 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:27 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:26 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 281/308] ksmbd: reduce smb direct max read/write
size
Date: Mon, 14 Nov 2022 20:53:10 +0800
Message-ID: <20221114125337.1831594-282-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
56754099-5497-41d3-ca2e-08dac63c91c3
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7001672
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc4
commit deae24b0b13ff5f46022124fbfc2c72fc534bc6a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/deae24b0b13f
-------------------------------
ksmbd does not support more than one Buffer Descriptor V1 element in
an smbdirect protocol request. Reducing the maximum read/write size to
about 512KB allows interoperability with Windows over a wider variety
of RDMA NICs, as an interim workaround.
Reviewed-by: Tom Talpey <tom(a)talpey.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 3c1ec1ac0b27..ba5a22bc2e6d 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -80,7 +80,7 @@ static int smb_direct_max_fragmented_recv_size = 1024 * 1024;
/* The maximum single-message size which can be received */
static int smb_direct_max_receive_size = 8192;
-static int smb_direct_max_read_write_size = 1048512;
+static int smb_direct_max_read_write_size = 524224;
static int smb_direct_max_outstanding_rw_ops = 8;
From patchwork Mon Nov 14 12:53:11 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183379
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:28 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:27 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:27 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 282/308] ksmbd: fix reference count leak in
smb_check_perm_dacl()
Date: Mon, 14 Nov 2022 20:53:11 +0800
Message-ID: <20221114125337.1831594-283-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7d3bcc32-5661-4969-8d48-08dac63c920d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6924425
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Xin Xiong <xiongx18(a)fudan.edu.cn>
mainline inclusion
from mainline-5.19-rc1
commit d21a580dafc69aa04f46e6099616146a536b0724
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/d21a580dafc6
-------------------------------
The issue happens in a specific path in smb_check_perm_dacl(). When
"id" and "uid" have the same value, the function simply jumps out of
the loop without decrementing the reference count of the object
"posix_acls", which is increased by get_acl() earlier. This may
result in memory leaks.
Fix it by decreasing the reference count of "posix_acls" before
jumping to label "check_access_bits".
Fixes: 777cad1604d6 ("ksmbd: remove select FS_POSIX_ACL in Kconfig")
Signed-off-by: Xin Xiong <xiongx18(a)fudan.edu.cn>
Signed-off-by: Xin Tan <tanxin.ctf(a)gmail.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smbacl.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index 7d8f9d03fb64..aa2c76e1bcbe 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -1250,6 +1250,7 @@ int smb_check_perm_dacl(struct ksmbd_conn *conn, struct path *path,
if (!access_bits)
access_bits =
SET_MINIMUM_RIGHTS;
+ posix_acl_release(posix_acls);
goto check_access_bits;
}
}
From patchwork Mon Nov 14 12:53:12 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183380
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:28 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:28 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:27 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 283/308] ksmbd: smbd: fix connection dropped issue
Date: Mon, 14 Nov 2022 20:53:12 +0800
Message-ID: <20221114125337.1831594-284-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c6527e00-d62c-42f6-1eed-08dac63c9256
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7065658
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-5.19-rc1
commit 5366afc4065075a4456941fbd51c33604d631ee5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5366afc40650
-------------------------------
When there are bursty connection requests,
RDMA connection event handler is deferred and
Negotiation requests are received even if
connection status is NEW.
To handle it, set the status to CONNECTED
if Negotiation requests are received.
Reported-by: Yufan Chen <wiz.chen(a)gmail.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Tested-by: Yufan Chen <wiz.chen(a)gmail.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/transport_rdma.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index ba5a22bc2e6d..d3b60b833a81 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -569,6 +569,7 @@ static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
}
t->negotiation_requested = true;
t->full_packet_received = true;
+ t->status = SMB_DIRECT_CS_CONNECTED;
enqueue_reassembly(t, recvmsg, 0);
wake_up_interruptible(&t->wait_status);
break;
From patchwork Mon Nov 14 12:53:13 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183381
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:29 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:28 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 284/308] ksmbd: add channel rwlock
Date: Mon, 14 Nov 2022 20:53:13 +0800
Message-ID: <20221114125337.1831594-285-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
47db2fea-44fc-4910-54d4-08dac63c92a0
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6827952
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit 8e06b31e348107c5d78e2c90bb7e69388cb97fb6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/8e06b31e3481
-------------------------------
Add missing rwlock for channel list in session.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/mgmt/user_session.c | 3 +++
fs/ksmbd/mgmt/user_session.h | 1 +
fs/ksmbd/smb2pdu.c | 20 ++++++++++++++++++--
3 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/mgmt/user_session.c b/fs/ksmbd/mgmt/user_session.c
index 8d8ffd8c6f19..e963433a645c 100644
--- a/fs/ksmbd/mgmt/user_session.c
+++ b/fs/ksmbd/mgmt/user_session.c
@@ -32,11 +32,13 @@ static void free_channel_list(struct ksmbd_session *sess)
{
struct channel *chann, *tmp;
+ write_lock(&sess->chann_lock);
list_for_each_entry_safe(chann, tmp, &sess->ksmbd_chann_list,
chann_list) {
list_del(&chann->chann_list);
kfree(chann);
}
+ write_unlock(&sess->chann_lock);
}
static void __session_rpc_close(struct ksmbd_session *sess,
@@ -320,6 +322,7 @@ static struct ksmbd_session *__session_create(int protocol)
INIT_LIST_HEAD(&sess->rpc_handle_list);
sess->sequence_number = 1;
atomic_set(&sess->refcnt, 1);
+ rwlock_init(&sess->chann_lock);
switch (protocol) {
case CIFDS_SESSION_FLAG_SMB2:
diff --git a/fs/ksmbd/mgmt/user_session.h b/fs/ksmbd/mgmt/user_session.h
index e241f16a3851..67f5c4106528 100644
--- a/fs/ksmbd/mgmt/user_session.h
+++ b/fs/ksmbd/mgmt/user_session.h
@@ -48,6 +48,7 @@ struct ksmbd_session {
char sess_key[CIFS_KEY_SIZE];
struct hlist_node hlist;
+ rwlock_t chann_lock;
struct list_head ksmbd_chann_list;
struct xarray tree_conns;
struct ida tree_conn_ida;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index f118cbf00cac..39a49010e3b9 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1509,7 +1509,9 @@ static int ntlm_authenticate(struct ksmbd_work *work)
binding_session:
if (conn->dialect >= SMB30_PROT_ID) {
+ read_lock(&sess->chann_lock);
chann = lookup_chann_list(sess, conn);
+ read_unlock(&sess->chann_lock);
if (!chann) {
chann = kmalloc(sizeof(struct channel), GFP_KERNEL);
if (!chann)
@@ -1517,7 +1519,9 @@ static int ntlm_authenticate(struct ksmbd_work *work)
chann->conn = conn;
INIT_LIST_HEAD(&chann->chann_list);
+ write_lock(&sess->chann_lock);
list_add(&chann->chann_list, &sess->ksmbd_chann_list);
+ write_unlock(&sess->chann_lock);
}
}
@@ -1591,7 +1595,9 @@ static int krb5_authenticate(struct ksmbd_work *work)
}
if (conn->dialect >= SMB30_PROT_ID) {
+ read_lock(&sess->chann_lock);
chann = lookup_chann_list(sess, conn);
+ read_unlock(&sess->chann_lock);
if (!chann) {
chann = kmalloc(sizeof(struct channel), GFP_KERNEL);
if (!chann)
@@ -1599,7 +1605,9 @@ static int krb5_authenticate(struct ksmbd_work *work)
chann->conn = conn;
INIT_LIST_HEAD(&chann->chann_list);
+ write_lock(&sess->chann_lock);
list_add(&chann->chann_list, &sess->ksmbd_chann_list);
+ write_unlock(&sess->chann_lock);
}
}
@@ -8303,10 +8311,14 @@ int smb3_check_sign_req(struct ksmbd_work *work)
if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
signing_key = work->sess->smb3signingkey;
} else {
+ read_lock(&work->sess->chann_lock);
chann = lookup_chann_list(work->sess, conn);
- if (!chann)
+ if (!chann) {
+ read_unlock(&work->sess->chann_lock);
return 0;
+ }
signing_key = chann->smb3signingkey;
+ read_unlock(&work->sess->chann_lock);
}
if (!signing_key) {
@@ -8366,10 +8378,14 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)
le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) {
signing_key = work->sess->smb3signingkey;
} else {
+ read_lock(&work->sess->chann_lock);
chann = lookup_chann_list(work->sess, work->conn);
- if (!chann)
+ if (!chann) {
+ read_unlock(&work->sess->chann_lock);
return;
+ }
signing_key = chann->smb3signingkey;
+ read_unlock(&work->sess->chann_lock);
}
if (!signing_key)
From patchwork Mon Nov 14 12:53:14 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183382
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:29 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:29 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:28 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 285/308] ksmbd: handle smb2 query dir request for
OutputBufferLength that is too small
Date: Mon, 14 Nov 2022 20:53:14 +0800
Message-ID: <20221114125337.1831594-286-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
56048b9f-f006-4299-32a9-08dac63c92e9
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6848766
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.19-rc1
commit 65ca7a3ffff811d6c0d4342d467c381257d566d4
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/65ca7a3ffff8
-------------------------------
We found the issue that ksmbd return STATUS_NO_MORE_FILES response
even though there are still dentries that needs to be read while
file read/write test using framtest utils.
windows client send smb2 query dir request included
OutputBufferLength(128) that is too small to contain even one entry.
This patch make ksmbd immediately returns OutputBufferLength of response
as zero to client.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 39a49010e3b9..8d51cfc3f04a 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3922,6 +3922,12 @@ int smb2_query_dir(struct ksmbd_work *work)
set_ctx_actor(&dir_fp->readdir_data.ctx, __query_dir);
rc = iterate_dir(dir_fp->filp, &dir_fp->readdir_data.ctx);
+ /*
+ * req->OutputBufferLength is too small to contain even one entry.
+ * In this case, it immediately returns OutputBufferLength 0 to client.
+ */
+ if (!d_info.out_buf_len && !d_info.num_entry)
+ goto no_buf_len;
if (rc == 0)
restart_ctx(&dir_fp->readdir_data.ctx);
if (rc == -ENOSPC)
@@ -3948,10 +3954,12 @@ int smb2_query_dir(struct ksmbd_work *work)
rsp->Buffer[0] = 0;
inc_rfc1001_len(work->response_buf, 9);
} else {
+no_buf_len:
((struct file_directory_info *)
((char *)rsp->Buffer + d_info.last_entry_offset))
->NextEntryOffset = 0;
- d_info.data_count -= d_info.last_entry_off_align;
+ if (d_info.data_count >= d_info.last_entry_off_align)
+ d_info.data_count -= d_info.last_entry_off_align;
rsp->StructureSize = cpu_to_le16(9);
rsp->OutputBufferOffset = cpu_to_le16(72);
From patchwork Mon Nov 14 12:53:15 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183383
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:29 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:29 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:29 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 286/308] ksmbd: fix incorrect handling of
iterate_dir
Date: Mon, 14 Nov 2022 20:53:15 +0800
Message-ID: <20221114125337.1831594-287-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9e971fb7-20d3-4d9e-5262-08dac63c9331
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6909730
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.1-rc1
commit 88541cb414b7a2450c45fc9c131b37b5753b7679
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/88541cb414b7
-------------------------------
if iterate_dir() returns non-negative value, caller has to treat it
as normal and check there is any error while populating dentry
information. ksmbd doesn't have to do anything because ksmbd already
checks too small OutputBufferLength to store one file information.
And because ctx->pos is set to file->f_pos when iterative_dir is called,
remove restart_ctx(). And if iterate_dir() return -EIO, which mean
directory entry is corrupted, return STATUS_FILE_CORRUPT_ERROR error
response.
This patch fixes some failure of SMB2_QUERY_DIRECTORY, which happens when
ntfs3 is local filesystem.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 8d51cfc3f04a..9695661f4cc0 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3772,11 +3772,6 @@ static int __query_dir(struct dir_context *ctx, const char *name, int namlen,
return 0;
}
-static void restart_ctx(struct dir_context *ctx)
-{
- ctx->pos = 0;
-}
-
static int verify_info_level(int info_level)
{
switch (info_level) {
@@ -3881,7 +3876,6 @@ int smb2_query_dir(struct ksmbd_work *work)
if (srch_flag & SMB2_REOPEN || srch_flag & SMB2_RESTART_SCANS) {
ksmbd_debug(SMB, "Restart directory scan\n");
generic_file_llseek(dir_fp->filp, 0, SEEK_SET);
- restart_ctx(&dir_fp->readdir_data.ctx);
}
memset(&d_info, 0, sizeof(struct ksmbd_dir_info));
@@ -3928,11 +3922,9 @@ int smb2_query_dir(struct ksmbd_work *work)
*/
if (!d_info.out_buf_len && !d_info.num_entry)
goto no_buf_len;
- if (rc == 0)
- restart_ctx(&dir_fp->readdir_data.ctx);
- if (rc == -ENOSPC)
+ if (rc > 0 || rc == -ENOSPC)
rc = 0;
- if (rc)
+ else if (rc)
goto err_out;
d_info.wptr = d_info.rptr;
@@ -3989,6 +3981,8 @@ int smb2_query_dir(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_NO_MEMORY;
else if (rc == -EFAULT)
rsp->hdr.Status = STATUS_INVALID_INFO_CLASS;
+ else if (rc == -EIO)
+ rsp->hdr.Status = STATUS_FILE_CORRUPT_ERROR;
if (!rsp->hdr.Status)
rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR;
From patchwork Mon Nov 14 12:53:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183384
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:30 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:29 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 287/308] ksmbd: use wait_event instead of
schedule_timeout()
Date: Mon, 14 Nov 2022 20:53:16 +0800
Message-ID: <20221114125337.1831594-288-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e6730972-d602-48c2-bdbc-08dac63c9379
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7101074
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit a14c573870a664386adc10526a6c2648ea56dae1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a14c573870a6
-------------------------------
ksmbd threads eating masses of cputime when connection is disconnected.
If connection is disconnected, ksmbd thread waits for pending requests
to be processed using schedule_timeout. schedule_timeout() incorrectly
is used, and it is more efficient to use wait_event/wake_up than to check
r_count every time with timeout.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 6 +++---
fs/ksmbd/connection.h | 1 +
fs/ksmbd/oplock.c | 35 ++++++++++++++++++++++-------------
fs/ksmbd/server.c | 8 +++++++-
4 files changed, 33 insertions(+), 17 deletions(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 6f4cee9beaa9..41e9c2d6c3b1 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -64,6 +64,7 @@ struct ksmbd_conn *ksmbd_conn_alloc(void)
conn->total_credits = 1;
init_waitqueue_head(&conn->req_running_q);
+ init_waitqueue_head(&conn->r_count_q);
INIT_LIST_HEAD(&conn->conns_list);
INIT_LIST_HEAD(&conn->sessions);
INIT_LIST_HEAD(&conn->requests);
@@ -163,7 +164,6 @@ int ksmbd_conn_write(struct ksmbd_work *work)
struct kvec iov[3];
int iov_idx = 0;
- ksmbd_conn_try_dequeue_request(work);
if (!work->response_buf) {
pr_err("NULL response header\n");
return -EINVAL;
@@ -345,8 +345,8 @@ int ksmbd_conn_handler_loop(void *p)
out:
/* Wait till all reference dropped to the Server object*/
- while (atomic_read(&conn->r_count) > 0)
- schedule_timeout(HZ);
+ wait_event(conn->r_count_q, atomic_read(&conn->r_count) == 0);
+
unload_nls(conn->local_nls);
if (default_conn_ops.terminate_fn)
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index d85f0122edc9..e330e1f87dbe 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -65,6 +65,7 @@ struct ksmbd_conn {
unsigned short max_credits;
spinlock_t credits_lock;
wait_queue_head_t req_running_q;
+ wait_queue_head_t r_count_q;
/* Lock to protect requests list*/
spinlock_t request_lock;
struct list_head requests;
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index 3162bdcdb255..f6f1adf94673 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -615,18 +615,13 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
struct ksmbd_file *fp;
fp = ksmbd_lookup_durable_fd(br_info->fid);
- if (!fp) {
- atomic_dec(&conn->r_count);
- ksmbd_free_work_struct(work);
- return;
- }
+ if (!fp)
+ goto out;
if (allocate_oplock_break_buf(work)) {
pr_err("smb2_allocate_rsp_buf failed! ");
- atomic_dec(&conn->r_count);
ksmbd_fd_put(work, fp);
- ksmbd_free_work_struct(work);
- return;
+ goto out;
}
rsp_hdr = smb2_get_msg(work->response_buf);
@@ -667,8 +662,16 @@ static void __smb2_oplock_break_noti(struct work_struct *wk)
ksmbd_fd_put(work, fp);
ksmbd_conn_write(work);
+
+out:
ksmbd_free_work_struct(work);
- atomic_dec(&conn->r_count);
+ /*
+ * Checking waitqueue to dropping pending requests on
+ * disconnection. waitqueue_active is safe because it
+ * uses atomic operation for condition.
+ */
+ if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q))
+ wake_up(&conn->r_count_q);
}
/**
@@ -731,9 +734,7 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
if (allocate_oplock_break_buf(work)) {
ksmbd_debug(OPLOCK, "smb2_allocate_rsp_buf failed! ");
- ksmbd_free_work_struct(work);
- atomic_dec(&conn->r_count);
- return;
+ goto out;
}
rsp_hdr = smb2_get_msg(work->response_buf);
@@ -771,8 +772,16 @@ static void __smb2_lease_break_noti(struct work_struct *wk)
inc_rfc1001_len(work->response_buf, 44);
ksmbd_conn_write(work);
+
+out:
ksmbd_free_work_struct(work);
- atomic_dec(&conn->r_count);
+ /*
+ * Checking waitqueue to dropping pending requests on
+ * disconnection. waitqueue_active is safe because it
+ * uses atomic operation for condition.
+ */
+ if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q))
+ wake_up(&conn->r_count_q);
}
/**
diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
index 9e635aa25c13..72d8fd1c4d43 100644
--- a/fs/ksmbd/server.c
+++ b/fs/ksmbd/server.c
@@ -261,7 +261,13 @@ static void handle_ksmbd_work(struct work_struct *wk)
ksmbd_conn_try_dequeue_request(work);
ksmbd_free_work_struct(work);
- atomic_dec(&conn->r_count);
+ /*
+ * Checking waitqueue to dropping pending requests on
+ * disconnection. waitqueue_active is safe because it
+ * uses atomic operation for condition.
+ */
+ if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q))
+ wake_up(&conn->r_count_q);
}
/**
From patchwork Mon Nov 14 12:53:17 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183385
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:30 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:30 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:30 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 288/308] ksmbd: replace sessions list in
connection with xarray
Date: Mon, 14 Nov 2022 20:53:17 +0800
Message-ID: <20221114125337.1831594-289-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
29ae969c-b4f0-4fb8-e813-08dac63c93c2
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7062858
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit e4d3e6b524c0c928f7fc9e03e047885c4951ae60
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e4d3e6b524c0
-------------------------------
Replace sessions list in connection with xarray.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 3 ++-
fs/ksmbd/connection.h | 2 +-
fs/ksmbd/mgmt/user_session.c | 31 +++++++------------------------
fs/ksmbd/mgmt/user_session.h | 5 ++---
fs/ksmbd/smb2pdu.c | 13 +++++++++----
5 files changed, 21 insertions(+), 33 deletions(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index 41e9c2d6c3b1..cdb029e4fae5 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -36,6 +36,7 @@ void ksmbd_conn_free(struct ksmbd_conn *conn)
list_del(&conn->conns_list);
write_unlock(&conn_list_lock);
+ xa_destroy(&conn->sessions);
kvfree(conn->request_buf);
kfree(conn->preauth_info);
kfree(conn);
@@ -66,12 +67,12 @@ struct ksmbd_conn *ksmbd_conn_alloc(void)
init_waitqueue_head(&conn->req_running_q);
init_waitqueue_head(&conn->r_count_q);
INIT_LIST_HEAD(&conn->conns_list);
- INIT_LIST_HEAD(&conn->sessions);
INIT_LIST_HEAD(&conn->requests);
INIT_LIST_HEAD(&conn->async_requests);
spin_lock_init(&conn->request_lock);
spin_lock_init(&conn->credits_lock);
ida_init(&conn->async_ida);
+ xa_init(&conn->sessions);
spin_lock_init(&conn->llist_lock);
INIT_LIST_HEAD(&conn->lock_list);
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index e330e1f87dbe..aeef0a74c1dd 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -55,7 +55,7 @@ struct ksmbd_conn {
struct nls_table *local_nls;
struct list_head conns_list;
/* smb session 1 per user */
- struct list_head sessions;
+ struct xarray sessions;
unsigned long last_active;
/* How many request are running currently */
atomic_t req_running;
diff --git a/fs/ksmbd/mgmt/user_session.c b/fs/ksmbd/mgmt/user_session.c
index e963433a645c..25e9ba3b7550 100644
--- a/fs/ksmbd/mgmt/user_session.c
+++ b/fs/ksmbd/mgmt/user_session.c
@@ -154,8 +154,6 @@ void ksmbd_session_destroy(struct ksmbd_session *sess)
if (!atomic_dec_and_test(&sess->refcnt))
return;
- list_del(&sess->sessions_entry);
-
down_write(&sessions_table_lock);
hash_del(&sess->hlist);
up_write(&sessions_table_lock);
@@ -183,42 +181,28 @@ static struct ksmbd_session *__session_lookup(unsigned long long id)
return NULL;
}
-void ksmbd_session_register(struct ksmbd_conn *conn,
- struct ksmbd_session *sess)
+int ksmbd_session_register(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess)
{
sess->conn = conn;
- list_add(&sess->sessions_entry, &conn->sessions);
+ return xa_err(xa_store(&conn->sessions, sess->id, sess, GFP_KERNEL));
}
void ksmbd_sessions_deregister(struct ksmbd_conn *conn)
{
struct ksmbd_session *sess;
+ unsigned long id;
- while (!list_empty(&conn->sessions)) {
- sess = list_entry(conn->sessions.next,
- struct ksmbd_session,
- sessions_entry);
-
+ xa_for_each(&conn->sessions, id, sess) {
+ xa_erase(&conn->sessions, sess->id);
ksmbd_session_destroy(sess);
}
}
-static bool ksmbd_session_id_match(struct ksmbd_session *sess,
- unsigned long long id)
-{
- return sess->id == id;
-}
-
struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn,
unsigned long long id)
{
- struct ksmbd_session *sess = NULL;
-
- list_for_each_entry(sess, &conn->sessions, sessions_entry) {
- if (ksmbd_session_id_match(sess, id))
- return sess;
- }
- return NULL;
+ return xa_load(&conn->sessions, id);
}
int get_session(struct ksmbd_session *sess)
@@ -316,7 +300,6 @@ static struct ksmbd_session *__session_create(int protocol)
goto error;
set_session_flag(sess, protocol);
- INIT_LIST_HEAD(&sess->sessions_entry);
xa_init(&sess->tree_conns);
INIT_LIST_HEAD(&sess->ksmbd_chann_list);
INIT_LIST_HEAD(&sess->rpc_handle_list);
diff --git a/fs/ksmbd/mgmt/user_session.h b/fs/ksmbd/mgmt/user_session.h
index 67f5c4106528..1ec659f0151b 100644
--- a/fs/ksmbd/mgmt/user_session.h
+++ b/fs/ksmbd/mgmt/user_session.h
@@ -58,7 +58,6 @@ struct ksmbd_session {
__u8 smb3decryptionkey[SMB3_ENC_DEC_KEY_SIZE];
__u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
- struct list_head sessions_entry;
struct ksmbd_file_table file_table;
atomic_t refcnt;
};
@@ -85,8 +84,8 @@ void ksmbd_session_destroy(struct ksmbd_session *sess);
struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id);
struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn,
unsigned long long id);
-void ksmbd_session_register(struct ksmbd_conn *conn,
- struct ksmbd_session *sess);
+int ksmbd_session_register(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess);
void ksmbd_sessions_deregister(struct ksmbd_conn *conn);
struct ksmbd_session *ksmbd_session_lookup_all(struct ksmbd_conn *conn,
unsigned long long id);
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 9695661f4cc0..7dba9a84cb5e 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -587,7 +587,8 @@ int smb2_check_user_session(struct ksmbd_work *work)
return -EINVAL;
}
-static void destroy_previous_session(struct ksmbd_user *user, u64 id)
+static void destroy_previous_session(struct ksmbd_conn *conn,
+ struct ksmbd_user *user, u64 id)
{
struct ksmbd_session *prev_sess = ksmbd_session_lookup_slowpath(id);
struct ksmbd_user *prev_user;
@@ -606,6 +607,7 @@ static void destroy_previous_session(struct ksmbd_user *user, u64 id)
}
put_session(prev_sess);
+ xa_erase(&conn->sessions, prev_sess->id);
ksmbd_session_destroy(prev_sess);
}
@@ -1438,7 +1440,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
/* Check for previous session */
prev_id = le64_to_cpu(req->PreviousSessionId);
if (prev_id && prev_id != sess->id)
- destroy_previous_session(user, prev_id);
+ destroy_previous_session(conn, user, prev_id);
if (sess->state == SMB2_SESSION_VALID) {
/*
@@ -1564,7 +1566,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
/* Check previous session */
prev_sess_id = le64_to_cpu(req->PreviousSessionId);
if (prev_sess_id && prev_sess_id != sess->id)
- destroy_previous_session(sess->user, prev_sess_id);
+ destroy_previous_session(conn, sess->user, prev_sess_id);
if (sess->state == SMB2_SESSION_VALID)
ksmbd_free_user(sess->user);
@@ -1657,7 +1659,9 @@ int smb2_sess_setup(struct ksmbd_work *work)
goto out_err;
}
rsp->hdr.SessionId = cpu_to_le64(sess->id);
- ksmbd_session_register(conn, sess);
+ rc = ksmbd_session_register(conn, sess);
+ if (rc)
+ goto out_err;
} else if (conn->dialect >= SMB30_PROT_ID &&
(server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) &&
req->Flags & SMB2_SESSION_REQ_FLAG_BINDING) {
@@ -1835,6 +1839,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
if (sess->user && sess->user->flags & KSMBD_USER_FLAG_DELAY_SESSION)
try_delay = true;
+ xa_erase(&conn->sessions, sess->id);
ksmbd_session_destroy(sess);
work->sess = NULL;
if (try_delay)
From patchwork Mon Nov 14 12:53:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183386
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:31 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:31 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:30 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 289/308] ksmbd: fix kernel oops from idr_remove()
Date: Mon, 14 Nov 2022 20:53:18 +0800
Message-ID: <20221114125337.1831594-290-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a771a888-9105-4f91-ec3a-08dac63c940b
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6872937
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit 17ea92a9f6d0b9a97aaec5ab748e4591d70a562c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/17ea92a9f6d0
-------------------------------
There is a report that kernel oops happen from idr_remove().
kernel: BUG: kernel NULL pointer dereference, address: 0000000000000010
kernel: RIP: 0010:idr_remove+0x1/0x20
kernel: __ksmbd_close_fd+0xb2/0x2d0 [ksmbd]
kernel: ksmbd_vfs_read+0x91/0x190 [ksmbd]
kernel: ksmbd_fd_put+0x29/0x40 [ksmbd]
kernel: smb2_read+0x210/0x390 [ksmbd]
kernel: __process_request+0xa4/0x180 [ksmbd]
kernel: __handle_ksmbd_work+0xf0/0x290 [ksmbd]
kernel: handle_ksmbd_work+0x2d/0x50 [ksmbd]
kernel: process_one_work+0x21d/0x3f0
kernel: worker_thread+0x50/0x3d0
kernel: rescuer_thread+0x390/0x390
kernel: kthread+0xee/0x120
kthread_complete_and_exit+0x20/0x20
kernel: ret_from_fork+0x22/0x30
While accessing files, If connection is disconnected, windows send
session setup request included previous session destroy. But while still
processing requests on previous session, this request destroy file
table, which mean file table idr will be freed and set to NULL.
So kernel oops happen from ft->idr in __ksmbd_close_fd().
This patch don't directly destroy session in destroy_previous_session().
It just set to KSMBD_SESS_EXITING so that connection will be
terminated after finishing the rest of requests.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/mgmt/user_session.c | 2 ++
fs/ksmbd/smb2pdu.c | 8 ++++++--
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/mgmt/user_session.c b/fs/ksmbd/mgmt/user_session.c
index 25e9ba3b7550..b9acb6770b03 100644
--- a/fs/ksmbd/mgmt/user_session.c
+++ b/fs/ksmbd/mgmt/user_session.c
@@ -239,6 +239,8 @@ struct ksmbd_session *ksmbd_session_lookup_all(struct ksmbd_conn *conn,
sess = ksmbd_session_lookup(conn, id);
if (!sess && conn->binding)
sess = ksmbd_session_lookup_slowpath(id);
+ if (sess && sess->state != SMB2_SESSION_VALID)
+ sess = NULL;
return sess;
}
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 7dba9a84cb5e..efdba70ad240 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -592,6 +592,7 @@ static void destroy_previous_session(struct ksmbd_conn *conn,
{
struct ksmbd_session *prev_sess = ksmbd_session_lookup_slowpath(id);
struct ksmbd_user *prev_user;
+ struct channel *chann;
if (!prev_sess)
return;
@@ -607,8 +608,11 @@ static void destroy_previous_session(struct ksmbd_conn *conn,
}
put_session(prev_sess);
- xa_erase(&conn->sessions, prev_sess->id);
- ksmbd_session_destroy(prev_sess);
+ prev_sess->state = SMB2_SESSION_EXPIRED;
+ write_lock(&prev_sess->chann_lock);
+ list_for_each_entry(chann, &prev_sess->ksmbd_chann_list, chann_list)
+ chann->conn->status = KSMBD_SESS_EXITING;
+ write_unlock(&prev_sess->chann_lock);
}
/**
From patchwork Mon Nov 14 12:53:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183387
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:31 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:31 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:31 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 290/308] ksmbd: remove unused
ksmbd_share_configs_cleanup function
Date: Mon, 14 Nov 2022 20:53:19 +0800
Message-ID: <20221114125337.1831594-291-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
3c528bce-95fc-47fc-57ca-08dac63c9454
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6944937
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit 1c90b54718fdea4f89e7e0c2415803f33f6d0b00
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/1c90b54718fd
-------------------------------
remove unused ksmbd_share_configs_cleanup function.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/mgmt/share_config.c | 14 --------------
fs/ksmbd/mgmt/share_config.h | 2 --
2 files changed, 16 deletions(-)
diff --git a/fs/ksmbd/mgmt/share_config.c b/fs/ksmbd/mgmt/share_config.c
index cb72d30f5b71..70655af93b44 100644
--- a/fs/ksmbd/mgmt/share_config.c
+++ b/fs/ksmbd/mgmt/share_config.c
@@ -222,17 +222,3 @@ bool ksmbd_share_veto_filename(struct ksmbd_share_config *share,
}
return false;
}
-
-void ksmbd_share_configs_cleanup(void)
-{
- struct ksmbd_share_config *share;
- struct hlist_node *tmp;
- int i;
-
- down_write(&shares_table_lock);
- hash_for_each_safe(shares_table, i, tmp, share, hlist) {
- hash_del(&share->hlist);
- kill_share(share);
- }
- up_write(&shares_table_lock);
-}
diff --git a/fs/ksmbd/mgmt/share_config.h b/fs/ksmbd/mgmt/share_config.h
index 953befc94e84..28bf3511763f 100644
--- a/fs/ksmbd/mgmt/share_config.h
+++ b/fs/ksmbd/mgmt/share_config.h
@@ -76,6 +76,4 @@ static inline void ksmbd_share_config_put(struct ksmbd_share_config *share)
struct ksmbd_share_config *ksmbd_share_config_get(char *name);
bool ksmbd_share_veto_filename(struct ksmbd_share_config *share,
const char *filename);
-void ksmbd_share_configs_cleanup(void);
-
#endif /* __SHARE_CONFIG_MANAGEMENT_H__ */
From patchwork Mon Nov 14 12:53:20 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183388
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:32 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:32 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:31 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 291/308] ksmbd: use vfs_llseek instead of
dereferencing NULL
Date: Mon, 14 Nov 2022 20:53:20 +0800
Message-ID: <20221114125337.1831594-292-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6ad09d78-ce5f-4a79-1065-08dac63c949d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7025897
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: "Jason A. Donenfeld" <Jason(a)zx2c4.com>
mainline inclusion
from mainline-5.19-rc5
commit 067baa9a37b32b95fdeabccde4b0cb6a2cf95f96
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/067baa9a37b3
-------------------------------
By not checking whether llseek is NULL, this might jump to NULL. Also,
it doesn't check FMODE_LSEEK. Fix this by using vfs_llseek(), which
always does the right thing.
Fixes: f44158485826 ("cifsd: add file operations")
Cc: stable(a)vger.kernel.org
Cc: linux-cifs(a)vger.kernel.org
Cc: Ronnie Sahlberg <lsahlber(a)redhat.com>
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Reviewed-by: Namjae Jeon <linkinjeon(a)kernel.org>
Acked-by: Al Viro <viro(a)zeniv.linux.org.uk>
Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/vfs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index fff5f8674ad0..d6665b03dc18 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -1016,7 +1016,7 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
*out_count = 0;
end = start + length;
while (start < end && *out_count < in_count) {
- extent_start = f->f_op->llseek(f, start, SEEK_DATA);
+ extent_start = vfs_llseek(f, start, SEEK_DATA);
if (extent_start < 0) {
if (extent_start != -ENXIO)
ret = (int)extent_start;
@@ -1026,7 +1026,7 @@ int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
if (extent_start >= end)
break;
- extent_end = f->f_op->llseek(f, extent_start, SEEK_HOLE);
+ extent_end = vfs_llseek(f, extent_start, SEEK_HOLE);
if (extent_end < 0) {
if (extent_end != -ENXIO)
ret = (int)extent_end;
From patchwork Mon Nov 14 12:53:21 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183389
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:32 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:32 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:32 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 292/308] ksmbd: fix racy issue while destroying
session on multichannel
Date: Mon, 14 Nov 2022 20:53:21 +0800
Message-ID: <20221114125337.1831594-293-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
4348e66d-5c27-4b70-c80d-08dac63c94e5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7267599
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit af7c39d971e43cd0af488729bca362427ad99488
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/af7c39d971e4
-------------------------------
After multi-channel connection with windows, Several channels of
session are connected. Among them, if there is a problem in one channel,
Windows connects again after disconnecting the channel. In this process,
the session is released and a kernel oop can occurs while processing
requests to other channels. When the channel is disconnected, if other
channels still exist in the session after deleting the channel from
the channel list in the session, the session should not be released.
Finally, the session will be released after all channels are disconnected.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 56 ++++++++++++++++--------------
fs/ksmbd/auth.h | 11 +++---
fs/ksmbd/connection.h | 7 ----
fs/ksmbd/mgmt/tree_connect.c | 5 +--
fs/ksmbd/mgmt/tree_connect.h | 4 ++-
fs/ksmbd/mgmt/user_session.c | 67 ++++++++++++++++++++++++------------
fs/ksmbd/mgmt/user_session.h | 7 ++--
fs/ksmbd/oplock.c | 11 +++---
fs/ksmbd/smb2pdu.c | 21 +++++------
fs/ksmbd/smb_common.h | 2 +-
fs/ksmbd/vfs.c | 3 +-
fs/ksmbd/vfs_cache.c | 2 +-
12 files changed, 110 insertions(+), 86 deletions(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index dc3d061edda9..c85205b37c18 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -120,8 +120,8 @@ static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
return rc;
}
-static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
- char *dname)
+static int calc_ntlmv2_hash(struct ksmbd_conn *conn, struct ksmbd_session *sess,
+ char *ntlmv2_hash, char *dname)
{
int ret, len, conv_len;
wchar_t *domain = NULL;
@@ -157,7 +157,7 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
}
conv_len = smb_strtoUTF16(uniname, user_name(sess->user), len,
- sess->conn->local_nls);
+ conn->local_nls);
if (conv_len < 0 || conv_len > len) {
ret = -EINVAL;
goto out;
@@ -181,7 +181,7 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
}
conv_len = smb_strtoUTF16((__le16 *)domain, dname, len,
- sess->conn->local_nls);
+ conn->local_nls);
if (conv_len < 0 || conv_len > len) {
ret = -EINVAL;
goto out;
@@ -214,8 +214,9 @@ static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash,
*
* Return: 0 on success, error number on error
*/
-int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
- int blen, char *domain_name, char *cryptkey)
+int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess,
+ struct ntlmv2_resp *ntlmv2, int blen, char *domain_name,
+ char *cryptkey)
{
char ntlmv2_hash[CIFS_ENCPWD_SIZE];
char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE];
@@ -229,7 +230,7 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
return -ENOMEM;
}
- rc = calc_ntlmv2_hash(sess, ntlmv2_hash, domain_name);
+ rc = calc_ntlmv2_hash(conn, sess, ntlmv2_hash, domain_name);
if (rc) {
ksmbd_debug(AUTH, "could not get v2 hash rc %d\n", rc);
goto out;
@@ -332,7 +333,8 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
/* process NTLMv2 authentication */
ksmbd_debug(AUTH, "decode_ntlmssp_authenticate_blob dname%s\n",
domain_name);
- ret = ksmbd_auth_ntlmv2(sess, (struct ntlmv2_resp *)((char *)authblob + nt_off),
+ ret = ksmbd_auth_ntlmv2(conn, sess,
+ (struct ntlmv2_resp *)((char *)authblob + nt_off),
nt_len - CIFS_ENCPWD_SIZE,
domain_name, conn->ntlmssp.cryptkey);
kfree(domain_name);
@@ -632,8 +634,9 @@ struct derivation {
bool binding;
};
-static int generate_key(struct ksmbd_session *sess, struct kvec label,
- struct kvec context, __u8 *key, unsigned int key_size)
+static int generate_key(struct ksmbd_conn *conn, struct ksmbd_session *sess,
+ struct kvec label, struct kvec context, __u8 *key,
+ unsigned int key_size)
{
unsigned char zero = 0x0;
__u8 i[4] = {0, 0, 0, 1};
@@ -693,8 +696,8 @@ static int generate_key(struct ksmbd_session *sess, struct kvec label,
goto smb3signkey_ret;
}
- if (sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
- sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
+ conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L256, 4);
else
rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L128, 4);
@@ -729,17 +732,17 @@ static int generate_smb3signingkey(struct ksmbd_session *sess,
if (!chann)
return 0;
- if (sess->conn->dialect >= SMB30_PROT_ID && signing->binding)
+ if (conn->dialect >= SMB30_PROT_ID && signing->binding)
key = chann->smb3signingkey;
else
key = sess->smb3signingkey;
- rc = generate_key(sess, signing->label, signing->context, key,
+ rc = generate_key(conn, sess, signing->label, signing->context, key,
SMB3_SIGN_KEY_SIZE);
if (rc)
return rc;
- if (!(sess->conn->dialect >= SMB30_PROT_ID && signing->binding))
+ if (!(conn->dialect >= SMB30_PROT_ID && signing->binding))
memcpy(chann->smb3signingkey, key, SMB3_SIGN_KEY_SIZE);
ksmbd_debug(AUTH, "dumping generated AES signing keys\n");
@@ -793,30 +796,31 @@ struct derivation_twin {
struct derivation decryption;
};
-static int generate_smb3encryptionkey(struct ksmbd_session *sess,
+static int generate_smb3encryptionkey(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess,
const struct derivation_twin *ptwin)
{
int rc;
- rc = generate_key(sess, ptwin->encryption.label,
+ rc = generate_key(conn, sess, ptwin->encryption.label,
ptwin->encryption.context, sess->smb3encryptionkey,
SMB3_ENC_DEC_KEY_SIZE);
if (rc)
return rc;
- rc = generate_key(sess, ptwin->decryption.label,
+ rc = generate_key(conn, sess, ptwin->decryption.label,
ptwin->decryption.context,
sess->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE);
if (rc)
return rc;
ksmbd_debug(AUTH, "dumping generated AES encryption keys\n");
- ksmbd_debug(AUTH, "Cipher type %d\n", sess->conn->cipher_type);
+ ksmbd_debug(AUTH, "Cipher type %d\n", conn->cipher_type);
ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
ksmbd_debug(AUTH, "Session Key %*ph\n",
SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
- if (sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
- sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) {
+ if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
+ conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) {
ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3encryptionkey);
ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
@@ -830,7 +834,8 @@ static int generate_smb3encryptionkey(struct ksmbd_session *sess,
return 0;
}
-int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess)
+int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess)
{
struct derivation_twin twin;
struct derivation *d;
@@ -847,10 +852,11 @@ int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess)
d->context.iov_base = "ServerIn ";
d->context.iov_len = 10;
- return generate_smb3encryptionkey(sess, &twin);
+ return generate_smb3encryptionkey(conn, sess, &twin);
}
-int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess)
+int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess)
{
struct derivation_twin twin;
struct derivation *d;
@@ -867,7 +873,7 @@ int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess)
d->context.iov_base = sess->Preauth_HashValue;
d->context.iov_len = 64;
- return generate_smb3encryptionkey(sess, &twin);
+ return generate_smb3encryptionkey(conn, sess, &twin);
}
int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
diff --git a/fs/ksmbd/auth.h b/fs/ksmbd/auth.h
index 95629651cf26..25b772653de0 100644
--- a/fs/ksmbd/auth.h
+++ b/fs/ksmbd/auth.h
@@ -38,8 +38,9 @@ struct kvec;
int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
unsigned int nvec, int enc);
void ksmbd_copy_gss_neg_header(void *buf);
-int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2,
- int blen, char *domain_name, char *cryptkey);
+int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess,
+ struct ntlmv2_resp *ntlmv2, int blen, char *domain_name,
+ char *cryptkey);
int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
int blob_len, struct ksmbd_conn *conn,
struct ksmbd_session *sess);
@@ -58,8 +59,10 @@ int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess,
struct ksmbd_conn *conn);
int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess,
struct ksmbd_conn *conn);
-int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess);
-int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess);
+int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess);
+int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn,
+ struct ksmbd_session *sess);
int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
__u8 *pi_hash);
int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index aeef0a74c1dd..6aa72b17c3eb 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -20,13 +20,6 @@
#define KSMBD_SOCKET_BACKLOG 16
-/*
- * WARNING
- *
- * This is nothing but a HACK. Session status should move to channel
- * or to session. As of now we have 1 tcp_conn : 1 ksmbd_session, but
- * we need to change it to 1 tcp_conn : N ksmbd_sessions.
- */
enum {
KSMBD_SESS_NEW = 0,
KSMBD_SESS_GOOD,
diff --git a/fs/ksmbd/mgmt/tree_connect.c b/fs/ksmbd/mgmt/tree_connect.c
index 0d28e723a28c..b35ea6a6abc5 100644
--- a/fs/ksmbd/mgmt/tree_connect.c
+++ b/fs/ksmbd/mgmt/tree_connect.c
@@ -16,7 +16,8 @@
#include "user_session.h"
struct ksmbd_tree_conn_status
-ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
+ksmbd_tree_conn_connect(struct ksmbd_conn *conn, struct ksmbd_session *sess,
+ char *share_name)
{
struct ksmbd_tree_conn_status status = {-EINVAL, NULL};
struct ksmbd_tree_connect_response *resp = NULL;
@@ -41,7 +42,7 @@ ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name)
goto out_error;
}
- peer_addr = KSMBD_TCP_PEER_SOCKADDR(sess->conn);
+ peer_addr = KSMBD_TCP_PEER_SOCKADDR(conn);
resp = ksmbd_ipc_tree_connect_request(sess,
sc,
tree_conn,
diff --git a/fs/ksmbd/mgmt/tree_connect.h b/fs/ksmbd/mgmt/tree_connect.h
index 18e2a996e0aa..71e50271dccf 100644
--- a/fs/ksmbd/mgmt/tree_connect.h
+++ b/fs/ksmbd/mgmt/tree_connect.h
@@ -12,6 +12,7 @@
struct ksmbd_share_config;
struct ksmbd_user;
+struct ksmbd_conn;
struct ksmbd_tree_connect {
int id;
@@ -40,7 +41,8 @@ static inline int test_tree_conn_flag(struct ksmbd_tree_connect *tree_conn,
struct ksmbd_session;
struct ksmbd_tree_conn_status
-ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name);
+ksmbd_tree_conn_connect(struct ksmbd_conn *conn, struct ksmbd_session *sess,
+ char *share_name);
int ksmbd_tree_conn_disconnect(struct ksmbd_session *sess,
struct ksmbd_tree_connect *tree_conn);
diff --git a/fs/ksmbd/mgmt/user_session.c b/fs/ksmbd/mgmt/user_session.c
index b9acb6770b03..3fa2139a0b30 100644
--- a/fs/ksmbd/mgmt/user_session.c
+++ b/fs/ksmbd/mgmt/user_session.c
@@ -151,9 +151,6 @@ void ksmbd_session_destroy(struct ksmbd_session *sess)
if (!sess)
return;
- if (!atomic_dec_and_test(&sess->refcnt))
- return;
-
down_write(&sessions_table_lock);
hash_del(&sess->hlist);
up_write(&sessions_table_lock);
@@ -184,16 +181,58 @@ static struct ksmbd_session *__session_lookup(unsigned long long id)
int ksmbd_session_register(struct ksmbd_conn *conn,
struct ksmbd_session *sess)
{
- sess->conn = conn;
+ sess->dialect = conn->dialect;
+ memcpy(sess->ClientGUID, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE);
return xa_err(xa_store(&conn->sessions, sess->id, sess, GFP_KERNEL));
}
+static int ksmbd_chann_del(struct ksmbd_conn *conn, struct ksmbd_session *sess)
+{
+ struct channel *chann, *tmp;
+
+ write_lock(&sess->chann_lock);
+ list_for_each_entry_safe(chann, tmp, &sess->ksmbd_chann_list,
+ chann_list) {
+ if (chann->conn == conn) {
+ list_del(&chann->chann_list);
+ kfree(chann);
+ write_unlock(&sess->chann_lock);
+ return 0;
+ }
+ }
+ write_unlock(&sess->chann_lock);
+
+ return -ENOENT;
+}
+
void ksmbd_sessions_deregister(struct ksmbd_conn *conn)
{
struct ksmbd_session *sess;
- unsigned long id;
- xa_for_each(&conn->sessions, id, sess) {
+ if (conn->binding) {
+ int bkt;
+
+ down_write(&sessions_table_lock);
+ hash_for_each(sessions_table, bkt, sess, hlist) {
+ if (!ksmbd_chann_del(conn, sess)) {
+ up_write(&sessions_table_lock);
+ goto sess_destroy;
+ }
+ }
+ up_write(&sessions_table_lock);
+ } else {
+ unsigned long id;
+
+ xa_for_each(&conn->sessions, id, sess) {
+ if (!ksmbd_chann_del(conn, sess))
+ goto sess_destroy;
+ }
+ }
+
+ return;
+
+sess_destroy:
+ if (list_empty(&sess->ksmbd_chann_list)) {
xa_erase(&conn->sessions, sess->id);
ksmbd_session_destroy(sess);
}
@@ -205,27 +244,12 @@ struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn,
return xa_load(&conn->sessions, id);
}
-int get_session(struct ksmbd_session *sess)
-{
- return atomic_inc_not_zero(&sess->refcnt);
-}
-
-void put_session(struct ksmbd_session *sess)
-{
- if (atomic_dec_and_test(&sess->refcnt))
- pr_err("get/%s seems to be mismatched.", __func__);
-}
-
struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id)
{
struct ksmbd_session *sess;
down_read(&sessions_table_lock);
sess = __session_lookup(id);
- if (sess) {
- if (!get_session(sess))
- sess = NULL;
- }
up_read(&sessions_table_lock);
return sess;
@@ -306,7 +330,6 @@ static struct ksmbd_session *__session_create(int protocol)
INIT_LIST_HEAD(&sess->ksmbd_chann_list);
INIT_LIST_HEAD(&sess->rpc_handle_list);
sess->sequence_number = 1;
- atomic_set(&sess->refcnt, 1);
rwlock_init(&sess->chann_lock);
switch (protocol) {
diff --git a/fs/ksmbd/mgmt/user_session.h b/fs/ksmbd/mgmt/user_session.h
index 1ec659f0151b..8934b8ee275b 100644
--- a/fs/ksmbd/mgmt/user_session.h
+++ b/fs/ksmbd/mgmt/user_session.h
@@ -33,8 +33,10 @@ struct preauth_session {
struct ksmbd_session {
u64 id;
+ __u16 dialect;
+ char ClientGUID[SMB2_CLIENT_GUID_SIZE];
+
struct ksmbd_user *user;
- struct ksmbd_conn *conn;
unsigned int sequence_number;
unsigned int flags;
@@ -59,7 +61,6 @@ struct ksmbd_session {
__u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
struct ksmbd_file_table file_table;
- atomic_t refcnt;
};
static inline int test_session_flag(struct ksmbd_session *sess, int bit)
@@ -100,6 +101,4 @@ void ksmbd_release_tree_conn_id(struct ksmbd_session *sess, int id);
int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name);
void ksmbd_session_rpc_close(struct ksmbd_session *sess, int id);
int ksmbd_session_rpc_method(struct ksmbd_session *sess, int id);
-int get_session(struct ksmbd_session *sess);
-void put_session(struct ksmbd_session *sess);
#endif /* __USER_SESSION_MANAGEMENT_H__ */
diff --git a/fs/ksmbd/oplock.c b/fs/ksmbd/oplock.c
index f6f1adf94673..3721fd44a43a 100644
--- a/fs/ksmbd/oplock.c
+++ b/fs/ksmbd/oplock.c
@@ -30,6 +30,7 @@ static DEFINE_RWLOCK(lease_list_lock);
static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
u64 id, __u16 Tid)
{
+ struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess = work->sess;
struct oplock_info *opinfo;
@@ -38,7 +39,7 @@ static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
return NULL;
opinfo->sess = sess;
- opinfo->conn = sess->conn;
+ opinfo->conn = conn;
opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
opinfo->op_state = OPLOCK_STATE_NONE;
opinfo->pending_break = 0;
@@ -981,7 +982,7 @@ int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
}
list_for_each_entry(lb, &lease_table_list, l_entry) {
- if (!memcmp(lb->client_guid, sess->conn->ClientGUID,
+ if (!memcmp(lb->client_guid, sess->ClientGUID,
SMB2_CLIENT_GUID_SIZE))
goto found;
}
@@ -997,7 +998,7 @@ int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
rcu_read_unlock();
if (opinfo->o_fp->f_ci == ci)
goto op_next;
- err = compare_guid_key(opinfo, sess->conn->ClientGUID,
+ err = compare_guid_key(opinfo, sess->ClientGUID,
lctx->lease_key);
if (err) {
err = -EINVAL;
@@ -1131,7 +1132,7 @@ int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
struct oplock_info *m_opinfo;
/* is lease already granted ? */
- m_opinfo = same_client_has_lease(ci, sess->conn->ClientGUID,
+ m_opinfo = same_client_has_lease(ci, sess->ClientGUID,
lctx);
if (m_opinfo) {
copy_lease(m_opinfo, opinfo);
@@ -1249,7 +1250,7 @@ void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp,
{
struct oplock_info *op, *brk_op;
struct ksmbd_inode *ci;
- struct ksmbd_conn *conn = work->sess->conn;
+ struct ksmbd_conn *conn = work->conn;
if (!test_share_config_flag(work->tcon->share_conf,
KSMBD_SHARE_FLAG_OPLOCKS))
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index efdba70ad240..8a47738bedbb 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -602,12 +602,9 @@ static void destroy_previous_session(struct ksmbd_conn *conn,
if (!prev_user ||
strcmp(user->name, prev_user->name) ||
user->passkey_sz != prev_user->passkey_sz ||
- memcmp(user->passkey, prev_user->passkey, user->passkey_sz)) {
- put_session(prev_sess);
+ memcmp(user->passkey, prev_user->passkey, user->passkey_sz))
return;
- }
- put_session(prev_sess);
prev_sess->state = SMB2_SESSION_EXPIRED;
write_lock(&prev_sess->chann_lock);
list_for_each_entry(chann, &prev_sess->ksmbd_chann_list, chann_list)
@@ -1498,7 +1495,7 @@ static int ntlm_authenticate(struct ksmbd_work *work)
if (smb3_encryption_negotiated(conn) &&
!(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
- rc = conn->ops->generate_encryptionkey(sess);
+ rc = conn->ops->generate_encryptionkey(conn, sess);
if (rc) {
ksmbd_debug(SMB,
"SMB3 encryption key generation failed\n");
@@ -1589,7 +1586,7 @@ static int krb5_authenticate(struct ksmbd_work *work)
sess->sign = true;
if (smb3_encryption_negotiated(conn)) {
- retval = conn->ops->generate_encryptionkey(sess);
+ retval = conn->ops->generate_encryptionkey(conn, sess);
if (retval) {
ksmbd_debug(SMB,
"SMB3 encryption key generation failed\n");
@@ -1677,7 +1674,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
goto out_err;
}
- if (conn->dialect != sess->conn->dialect) {
+ if (conn->dialect != sess->dialect) {
rc = -EINVAL;
goto out_err;
}
@@ -1687,7 +1684,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
goto out_err;
}
- if (strncmp(conn->ClientGUID, sess->conn->ClientGUID,
+ if (strncmp(conn->ClientGUID, sess->ClientGUID,
SMB2_CLIENT_GUID_SIZE)) {
rc = -ENOENT;
goto out_err;
@@ -1889,7 +1886,7 @@ int smb2_tree_connect(struct ksmbd_work *work)
ksmbd_debug(SMB, "tree connect request for tree %s treename %s\n",
name, treename);
- status = ksmbd_tree_conn_connect(sess, name);
+ status = ksmbd_tree_conn_connect(conn, sess, name);
if (status.ret == KSMBD_TREE_CONN_STATUS_OK)
rsp->hdr.Id.SyncId.TreeId = cpu_to_le32(status.tree_conn->id);
else
@@ -4839,7 +4836,7 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
struct smb2_query_info_rsp *rsp)
{
struct ksmbd_session *sess = work->sess;
- struct ksmbd_conn *conn = sess->conn;
+ struct ksmbd_conn *conn = work->conn;
struct ksmbd_share_config *share = work->tcon->share_conf;
int fsinfoclass = 0;
struct kstatfs stfs;
@@ -5737,7 +5734,7 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
}
next:
return smb2_rename(work, fp, rename_info,
- work->sess->conn->local_nls);
+ work->conn->local_nls);
}
static int set_file_disposition_info(struct ksmbd_file *fp,
@@ -5871,7 +5868,7 @@ static int smb2_set_info_file(struct ksmbd_work *work, struct ksmbd_file *fp,
return smb2_create_link(work, work->tcon->share_conf,
(struct smb2_file_link_info *)req->Buffer,
buf_len, fp->filp,
- work->sess->conn->local_nls);
+ work->conn->local_nls);
}
case FILE_DISPOSITION_INFORMATION:
{
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 35ca9b7d9979..da3dd29079a2 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -467,7 +467,7 @@ struct smb_version_ops {
int (*check_sign_req)(struct ksmbd_work *work);
void (*set_sign_rsp)(struct ksmbd_work *work);
int (*generate_signingkey)(struct ksmbd_session *sess, struct ksmbd_conn *conn);
- int (*generate_encryptionkey)(struct ksmbd_session *sess);
+ int (*generate_encryptionkey)(struct ksmbd_conn *conn, struct ksmbd_session *sess);
bool (*is_transform_hdr)(void *buf);
int (*decrypt_req)(struct ksmbd_work *work);
int (*encrypt_resp)(struct ksmbd_work *work);
diff --git a/fs/ksmbd/vfs.c b/fs/ksmbd/vfs.c
index d6665b03dc18..bf0fdf90bbfa 100644
--- a/fs/ksmbd/vfs.c
+++ b/fs/ksmbd/vfs.c
@@ -471,12 +471,11 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
char *buf, size_t count, loff_t *pos, bool sync,
ssize_t *written)
{
- struct ksmbd_session *sess = work->sess;
struct file *filp;
loff_t offset = *pos;
int err = 0;
- if (sess->conn->connection_type) {
+ if (work->conn->connection_type) {
if (!(fp->daccess & FILE_WRITE_DATA_LE)) {
pr_err("no right to write(%pd)\n",
fp->filp->f_path.dentry);
diff --git a/fs/ksmbd/vfs_cache.c b/fs/ksmbd/vfs_cache.c
index cc9c8b46827d..26db346c5c4f 100644
--- a/fs/ksmbd/vfs_cache.c
+++ b/fs/ksmbd/vfs_cache.c
@@ -568,7 +568,7 @@ struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp)
atomic_set(&fp->refcount, 1);
fp->filp = filp;
- fp->conn = work->sess->conn;
+ fp->conn = work->conn;
fp->tcon = work->tcon;
fp->volatile_id = KSMBD_NO_FID;
fp->persistent_id = KSMBD_NO_FID;
From patchwork Mon Nov 14 12:53:22 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183390
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:33 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:33 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:32 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 293/308] ksmbd: fix memory leak in
smb2_handle_negotiate
Date: Mon, 14 Nov 2022 20:53:22 +0800
Message-ID: <20221114125337.1831594-294-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
a1277807-bfae-47c5-a656-08dac63c952e
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6876974
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit aa7253c2393f6dcd6a1468b0792f6da76edad917
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/aa7253c2393f
-------------------------------
The allocated memory didn't free under an error
path in smb2_handle_negotiate().
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org
Reported-by: zdi-disclosures(a)trendmicro.com # ZDI-CAN-17815
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 8a47738bedbb..de7deb3147a2 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1141,12 +1141,16 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
status);
rsp->hdr.Status = status;
rc = -EINVAL;
+ kfree(conn->preauth_info);
+ conn->preauth_info = NULL;
goto err_out;
}
rc = init_smb3_11_server(conn);
if (rc < 0) {
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
+ kfree(conn->preauth_info);
+ conn->preauth_info = NULL;
goto err_out;
}
From patchwork Mon Nov 14 12:53:23 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183391
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:33 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:33 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:33 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 294/308] ksmbd: fix use-after-free bug in
smb2_tree_disconect
Date: Mon, 14 Nov 2022 20:53:23 +0800
Message-ID: <20221114125337.1831594-295-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
1265f856-a290-47b6-68eb-08dac63c9578
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6841000
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc1
commit cf6531d98190fa2cf92a6d8bbc8af0a4740a223c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/cf6531d98190
-------------------------------
smb2_tree_disconnect() freed the struct ksmbd_tree_connect,
but it left the dangling pointer. It can be accessed
again under compound requests.
This bug can lead an oops looking something link:
[ 1685.468014 ] BUG: KASAN: use-after-free in ksmbd_tree_conn_disconnect+0x131/0x160 [ksmbd]
[ 1685.468068 ] Read of size 4 at addr ffff888102172180 by task kworker/1:2/4807
...
[ 1685.468130 ] Call Trace:
[ 1685.468132 ] <TASK>
[ 1685.468135 ] dump_stack_lvl+0x49/0x5f
[ 1685.468141 ] print_report.cold+0x5e/0x5cf
[ 1685.468145 ] ? ksmbd_tree_conn_disconnect+0x131/0x160 [ksmbd]
[ 1685.468157 ] kasan_report+0xaa/0x120
[ 1685.468194 ] ? ksmbd_tree_conn_disconnect+0x131/0x160 [ksmbd]
[ 1685.468206 ] __asan_report_load4_noabort+0x14/0x20
[ 1685.468210 ] ksmbd_tree_conn_disconnect+0x131/0x160 [ksmbd]
[ 1685.468222 ] smb2_tree_disconnect+0x175/0x250 [ksmbd]
[ 1685.468235 ] handle_ksmbd_work+0x30e/0x1020 [ksmbd]
[ 1685.468247 ] process_one_work+0x778/0x11c0
[ 1685.468251 ] ? _raw_spin_lock_irq+0x8e/0xe0
[ 1685.468289 ] worker_thread+0x544/0x1180
[ 1685.468293 ] ? __cpuidle_text_end+0x4/0x4
[ 1685.468297 ] kthread+0x282/0x320
[ 1685.468301 ] ? process_one_work+0x11c0/0x11c0
[ 1685.468305 ] ? kthread_complete_and_exit+0x30/0x30
[ 1685.468309 ] ret_from_fork+0x1f/0x30
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org
Reported-by: zdi-disclosures(a)trendmicro.com # ZDI-CAN-17816
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index de7deb3147a2..e6a35294ba54 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2056,6 +2056,7 @@ int smb2_tree_disconnect(struct ksmbd_work *work)
ksmbd_close_tree_conn_fds(work);
ksmbd_tree_conn_disconnect(sess, tcon);
+ work->tcon = NULL;
return 0;
}
From patchwork Mon Nov 14 12:53:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183392
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:34 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:34 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:33 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 295/308] ksmbd: Fix user namespace mapping
Date: Mon, 14 Nov 2022 20:53:24 +0800
Message-ID: <20221114125337.1831594-296-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-MS-Exchange-Organization-Network-Message-Id:
545e4012-1b53-4693-6d01-08dac63c95c1
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6942101
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Micka��l Sala��n <mic(a)digikod.net>
mainline inclusion
from mainline-6.1-rc1
commit 7c88c1e0ab1704bacb751341ee6431c3be34b834
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/7c88c1e0ab17
-------------------------------
A kernel daemon should not rely on the current thread, which is unknown
and might be malicious. Before this security fix,
ksmbd_override_fsids() didn't correctly override FS UID/GID which means
that arbitrary user space threads could trick the kernel to impersonate
arbitrary users or groups for file system access checks, leading to
file system access bypass.
This was found while investigating truncate support for Landlock:
https://lore.kernel.org/r/CAKYAXd8fpMJ7guizOjHgxEyyjoUwPsx3jLOPZP=wPYcbhkVX…
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: Hyunchul Lee <hyc.lee(a)gmail.com>
Cc: Steve French <smfrench(a)gmail.com>
Cc: stable(a)vger.kernel.org
Signed-off-by: Micka��l Sala��n <mic(a)digikod.net>
Link: https://lore.kernel.org/r/20220929100447.108468-1-mic@digikod.net
Acked-by: Christian Brauner (Microsoft) <brauner(a)kernel.org>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb_common.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index 2476ba92b475..8ea2cdda0984 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -4,6 +4,8 @@
* Copyright (C) 2018 Namjae Jeon <linkinjeon(a)kernel.org>
*/
+#include <linux/user_namespace.h>
+
#include "smb_common.h"
#include "server.h"
#include "misc.h"
@@ -621,8 +623,8 @@ int ksmbd_override_fsids(struct ksmbd_work *work)
if (!cred)
return -ENOMEM;
- cred->fsuid = make_kuid(current_user_ns(), uid);
- cred->fsgid = make_kgid(current_user_ns(), gid);
+ cred->fsuid = make_kuid(&init_user_ns, uid);
+ cred->fsgid = make_kgid(&init_user_ns, gid);
gi = groups_alloc(0);
if (!gi) {
From patchwork Mon Nov 14 12:53:25 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183393
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:34 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:34 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:34 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 296/308] ksmbd: prevent out of bound read for
SMB2_TREE_CONNNECT
Date: Mon, 14 Nov 2022 20:53:25 +0800
Message-ID: <20221114125337.1831594-297-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
e6bd7f0e-793b-4372-d8d6-08dac63c9609
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7395479
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Hyunchul Lee <hyc.lee(a)gmail.com>
mainline inclusion
from mainline-6.0-rc1
commit 824d4f64c20093275f72fc8101394d75ff6a249e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/824d4f64c200
-------------------------------
if Status is not 0 and PathLength is long,
smb_strndup_from_utf16 could make out of bound
read in smb2_tree_connnect.
This bug can lead an oops looking something like:
[ 1553.882047] BUG: KASAN: slab-out-of-bounds in smb_strndup_from_utf16+0x469/0x4c0 [ksmbd]
[ 1553.882064] Read of size 2 at addr ffff88802c4eda04 by task kworker/0:2/42805
...
[ 1553.882095] Call Trace:
[ 1553.882098] <TASK>
[ 1553.882101] dump_stack_lvl+0x49/0x5f
[ 1553.882107] print_report.cold+0x5e/0x5cf
[ 1553.882112] ? smb_strndup_from_utf16+0x469/0x4c0 [ksmbd]
[ 1553.882122] kasan_report+0xaa/0x120
[ 1553.882128] ? smb_strndup_from_utf16+0x469/0x4c0 [ksmbd]
[ 1553.882139] __asan_report_load_n_noabort+0xf/0x20
[ 1553.882143] smb_strndup_from_utf16+0x469/0x4c0 [ksmbd]
[ 1553.882155] ? smb_strtoUTF16+0x3b0/0x3b0 [ksmbd]
[ 1553.882166] ? __kmalloc_node+0x185/0x430
[ 1553.882171] smb2_tree_connect+0x140/0xab0 [ksmbd]
[ 1553.882185] handle_ksmbd_work+0x30e/0x1020 [ksmbd]
[ 1553.882197] process_one_work+0x778/0x11c0
[ 1553.882201] ? _raw_spin_lock_irq+0x8e/0xe0
[ 1553.882206] worker_thread+0x544/0x1180
[ 1553.882209] ? __cpuidle_text_end+0x4/0x4
[ 1553.882214] kthread+0x282/0x320
[ 1553.882218] ? process_one_work+0x11c0/0x11c0
[ 1553.882221] ? kthread_complete_and_exit+0x30/0x30
[ 1553.882225] ret_from_fork+0x1f/0x30
[ 1553.882231] </TASK>
There is no need to check error request validation in server.
This check allow invalid requests not to validate message.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org
Reported-by: zdi-disclosures(a)trendmicro.com # ZDI-CAN-17818
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 0aba1c91fd37..faaeacd8ea55 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -91,11 +91,6 @@ static int smb2_get_data_area_len(unsigned int *off, unsigned int *len,
*off = 0;
*len = 0;
- /* error reqeusts do not have data area */
- if (hdr->Status && hdr->Status != STATUS_MORE_PROCESSING_REQUIRED &&
- (((struct smb2_err_rsp *)hdr)->StructureSize) == SMB2_ERROR_STRUCTURE_SIZE2_LE)
- return ret;
-
/*
* Following commands have data areas so we have to get the location
* of the data buffer offset and data buffer length for the particular
From patchwork Mon Nov 14 12:53:26 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183394
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:35 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:35 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:34 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 297/308] ksmbd: return STATUS_BAD_NETWORK_NAME
error status if share is not configured
Date: Mon, 14 Nov 2022 20:53:26 +0800
Message-ID: <20221114125337.1831594-298-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
8eeaf90f-2fb1-4934-90a7-08dac63c9652
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6632466
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.0-rc2
commit fe54833dc8d97ef387e86f7c80537d51c503ca75
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/fe54833dc8d9
-------------------------------
If share is not configured in smb.conf, smb2 tree connect should return
STATUS_BAD_NETWORK_NAME instead of STATUS_BAD_NETWORK_PATH.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/mgmt/tree_connect.c | 2 +-
fs/ksmbd/smb2pdu.c | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/ksmbd/mgmt/tree_connect.c b/fs/ksmbd/mgmt/tree_connect.c
index b35ea6a6abc5..dd262daa2c4a 100644
--- a/fs/ksmbd/mgmt/tree_connect.c
+++ b/fs/ksmbd/mgmt/tree_connect.c
@@ -19,7 +19,7 @@ struct ksmbd_tree_conn_status
ksmbd_tree_conn_connect(struct ksmbd_conn *conn, struct ksmbd_session *sess,
char *share_name)
{
- struct ksmbd_tree_conn_status status = {-EINVAL, NULL};
+ struct ksmbd_tree_conn_status status = {-ENOENT, NULL};
struct ksmbd_tree_connect_response *resp = NULL;
struct ksmbd_share_config *sc;
struct ksmbd_tree_connect *tree_conn = NULL;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index e6a35294ba54..5a41d5a00db4 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1942,8 +1942,9 @@ int smb2_tree_connect(struct ksmbd_work *work)
rsp->hdr.Status = STATUS_SUCCESS;
rc = 0;
break;
+ case -ENOENT:
case KSMBD_TREE_CONN_STATUS_NO_SHARE:
- rsp->hdr.Status = STATUS_BAD_NETWORK_PATH;
+ rsp->hdr.Status = STATUS_BAD_NETWORK_NAME;
break;
case -ENOMEM:
case KSMBD_TREE_CONN_STATUS_NOMEM:
From patchwork Mon Nov 14 12:53:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183395
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:35 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:35 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:35 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 298/308] ksmbd: fix endless loop when encryption
for response fails
Date: Mon, 14 Nov 2022 20:53:27 +0800
Message-ID: <20221114125337.1831594-299-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
c7951670-d48c-4f85-d63e-08dac63c969a
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6945350
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.1-rc1
commit 360c8ee6fefdb496fffd2c18bb9a96a376a1a804
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/360c8ee6fefd
-------------------------------
If ->encrypt_resp return error, goto statement cause endless loop.
It send an error response immediately after removing it.
Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers")
Cc: stable(a)vger.kernel.org
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/server.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
index 72d8fd1c4d43..90aeb8a835f7 100644
--- a/fs/ksmbd/server.c
+++ b/fs/ksmbd/server.c
@@ -235,10 +235,8 @@ static void __handle_ksmbd_work(struct ksmbd_work *work,
if (work->sess && work->sess->enc && work->encrypted &&
conn->ops->encrypt_resp) {
rc = conn->ops->encrypt_resp(work);
- if (rc < 0) {
+ if (rc < 0)
conn->ops->set_rsp_status(work, STATUS_DATA_ERROR);
- goto send;
- }
}
ksmbd_conn_write(work);
From patchwork Mon Nov 14 12:53:28 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183396
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:36 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:36 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:35 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 299/308] ksmbd: fix encryption failure issue for
session logoff response
Date: Mon, 14 Nov 2022 20:53:28 +0800
Message-ID: <20221114125337.1831594-300-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
5ff708a0-23c3-455c-0bcc-08dac63c96e5
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7027668
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.1-rc1
commit af705ef2b0ded0d8f54c238fdf3c17a1d47ad924
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/af705ef2b0de
-------------------------------
If client send encrypted session logoff request on seal mount,
Encryption for that response fails.
ksmbd: Could not get encryption key
CIFS: VFS: cifs_put_smb_ses: Session Logoff failure rc=-512
Session lookup fails in ksmbd_get_encryption_key() because sess->state is
set to SMB2_SESSION_EXPIRED in session logoff. There is no need to do
session lookup again to encrypt the response. This patch change to use
ksmbd_session in ksmbd_work.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 12 ++++++++----
fs/ksmbd/auth.h | 3 ++-
fs/ksmbd/smb2pdu.c | 7 +++----
3 files changed, 13 insertions(+), 9 deletions(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index c85205b37c18..dbd3038c61e0 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -957,13 +957,16 @@ int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
return rc;
}
-static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id,
+static int ksmbd_get_encryption_key(struct ksmbd_work *work, __u64 ses_id,
int enc, u8 *key)
{
struct ksmbd_session *sess;
u8 *ses_enc_key;
- sess = ksmbd_session_lookup_all(conn, ses_id);
+ if (enc)
+ sess = work->sess;
+ else
+ sess = ksmbd_session_lookup_all(work->conn, ses_id);
if (!sess)
return -EINVAL;
@@ -1051,9 +1054,10 @@ static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
return sg;
}
-int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
+int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,
unsigned int nvec, int enc)
{
+ struct ksmbd_conn *conn = work->conn;
struct smb2_transform_hdr *tr_hdr = smb2_get_msg(iov[0].iov_base);
unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;
int rc;
@@ -1067,7 +1071,7 @@ int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
unsigned int crypt_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
struct ksmbd_crypto_ctx *ctx;
- rc = ksmbd_get_encryption_key(conn,
+ rc = ksmbd_get_encryption_key(work,
le64_to_cpu(tr_hdr->SessionId),
enc,
key);
diff --git a/fs/ksmbd/auth.h b/fs/ksmbd/auth.h
index 25b772653de0..362b6159a6cf 100644
--- a/fs/ksmbd/auth.h
+++ b/fs/ksmbd/auth.h
@@ -33,9 +33,10 @@
struct ksmbd_session;
struct ksmbd_conn;
+struct ksmbd_work;
struct kvec;
-int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov,
+int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,
unsigned int nvec, int enc);
void ksmbd_copy_gss_neg_header(void *buf);
int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess,
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 5a41d5a00db4..27f3465e6f73 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -8517,7 +8517,7 @@ int smb3_encrypt_resp(struct ksmbd_work *work)
buf_size += iov[1].iov_len;
work->resp_hdr_sz = iov[1].iov_len;
- rc = ksmbd_crypt_message(work->conn, iov, rq_nvec, 1);
+ rc = ksmbd_crypt_message(work, iov, rq_nvec, 1);
if (rc)
return rc;
@@ -8536,7 +8536,6 @@ bool smb3_is_transform_hdr(void *buf)
int smb3_decrypt_req(struct ksmbd_work *work)
{
- struct ksmbd_conn *conn = work->conn;
struct ksmbd_session *sess;
char *buf = work->request_buf;
unsigned int pdu_length = get_rfc1002_len(buf);
@@ -8556,7 +8555,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
return -ECONNABORTED;
}
- sess = ksmbd_session_lookup_all(conn, le64_to_cpu(tr_hdr->SessionId));
+ sess = ksmbd_session_lookup_all(work->conn, le64_to_cpu(tr_hdr->SessionId));
if (!sess) {
pr_err("invalid session id(%llx) in transform header\n",
le64_to_cpu(tr_hdr->SessionId));
@@ -8567,7 +8566,7 @@ int smb3_decrypt_req(struct ksmbd_work *work)
iov[0].iov_len = sizeof(struct smb2_transform_hdr) + 4;
iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr) + 4;
iov[1].iov_len = buf_data_size;
- rc = ksmbd_crypt_message(conn, iov, 2, 0);
+ rc = ksmbd_crypt_message(work, iov, 2, 0);
if (rc)
return rc;
From patchwork Mon Nov 14 12:53:29 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183397
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:36 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:36 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:35 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 300/308] ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to
challenge blob
Date: Mon, 14 Nov 2022 20:53:29 +0800
Message-ID: <20221114125337.1831594-301-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
7569e9bd-5943-44f0-c3ec-08dac63c972d
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6638118
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-6.1-rc1
commit 5bedae90b369ca1a7660b9af39591ed19009b495
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5bedae90b369
-------------------------------
If NTLMSSP_NEGOTIATE_SEAL flags is set in negotiate blob from client,
Set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/auth.c | 3 +++
fs/ksmbd/smb2pdu.c | 2 +-
fs/ksmbd/smb2pdu.h | 1 +
3 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c
index dbd3038c61e0..fc87c9913c8d 100644
--- a/fs/ksmbd/auth.c
+++ b/fs/ksmbd/auth.c
@@ -400,6 +400,9 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
NTLMSSP_NEGOTIATE_56);
}
+ if (cflags & NTLMSSP_NEGOTIATE_SEAL && smb3_encryption_negotiated(conn))
+ flags |= NTLMSSP_NEGOTIATE_SEAL;
+
if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 27f3465e6f73..8ac88c0eacce 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -923,7 +923,7 @@ static void decode_encrypt_ctxt(struct ksmbd_conn *conn,
*
* Return: true if connection should be encrypted, else false
*/
-static bool smb3_encryption_negotiated(struct ksmbd_conn *conn)
+bool smb3_encryption_negotiated(struct ksmbd_conn *conn)
{
if (!conn->ops->generate_encryptionkey)
return false;
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index 829f44569077..940ec510d3e2 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -1668,6 +1668,7 @@ int smb3_decrypt_req(struct ksmbd_work *work);
int smb3_encrypt_resp(struct ksmbd_work *work);
bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work);
int smb2_set_rsp_credits(struct ksmbd_work *work);
+bool smb3_encryption_negotiated(struct ksmbd_conn *conn);
/* smb2 misc functions */
int ksmbd_smb2_check_message(struct ksmbd_work *work);
From patchwork Mon Nov 14 12:53:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183398
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:37 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:37 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:36 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 301/308] ksmbd: Fix wrong return value and message
length check in smb2_ioctl()
Date: Mon, 14 Nov 2022 20:53:30 +0800
Message-ID: <20221114125337.1831594-302-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
cdc27931-54cd-400c-571d-08dac63c9776
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6890753
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com>
mainline inclusion
from mainline-6.1-rc1
commit b1763d265af62800ec96eeb79803c4c537dcef3a
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b1763d265af6
-------------------------------
Commit c7803b05f74b ("smb3: fix ksmbd bigendian bug in oplock
break, and move its struct to smbfs_common") use the defination
of 'struct validate_negotiate_info_req' in smbfs_common, the
array length of 'Dialects' changed from 1 to 4, but the protocol
does not require the client to send all 4. This lead the request
which satisfied with protocol and server to fail.
So just ensure the request payload has the 'DialectCount' in
smb2_ioctl(), then fsctl_validate_negotiate_info() will use it
to validate the payload length and each dialect.
Also when the {in, out}_buf_len is less than the required, should
goto out to initialize the status in the response header.
Fixes: f7db8fd03a4b ("ksmbd: add validation in smb2_ioctl")
Cc: stable(a)vger.kernel.org
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5(a)huawei.com>
Acked-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2pdu.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 8ac88c0eacce..7a6a2942f72a 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -7604,11 +7604,16 @@ int smb2_ioctl(struct ksmbd_work *work)
goto out;
}
- if (in_buf_len < sizeof(struct validate_negotiate_info_req))
- return -EINVAL;
+ if (in_buf_len < offsetof(struct validate_negotiate_info_req,
+ Dialects)) {
+ ret = -EINVAL;
+ goto out;
+ }
- if (out_buf_len < sizeof(struct validate_negotiate_info_rsp))
- return -EINVAL;
+ if (out_buf_len < sizeof(struct validate_negotiate_info_rsp)) {
+ ret = -EINVAL;
+ goto out;
+ }
ret = fsctl_validate_negotiate_info(conn,
(struct validate_negotiate_info_req *)&req->Buffer[0],
From patchwork Mon Nov 14 12:53:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183399
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:37 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:37 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:36 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 302/308] cifsd: add Kconfig and Makefile
Date: Mon, 14 Nov 2022 20:53:31 +0800
Message-ID: <20221114125337.1831594-303-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
9f062df2-ee76-4ab0-7510-08dac63c97be
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6990773
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <namjae.jeon(a)samsung.com>
mainline inclusion
from mainline-5.15-rc1
commit a848c4f15ab6d5d405dbee7de5da71839b2bf35e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/a848c4f15ab6
-------------------------------
This adds the Kconfig and Makefile for cifsd.
Signed-off-by: Namjae Jeon <namjae.jeon(a)samsung.com>
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com>
Signed-off-by: Hyunchul Lee <hyc.lee(a)gmail.com>
Acked-by: Ronnie Sahlberg <lsahlber(a)redhat.com>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/Kconfig | 1 +
fs/Makefile | 1 +
fs/ksmbd/Kconfig | 67 +++++++++++++++++++++++++++++++++++++++++++++++
fs/ksmbd/Makefile | 20 ++++++++++++++
fs/ksmbd/server.c | 2 --
5 files changed, 89 insertions(+), 2 deletions(-)
create mode 100644 fs/ksmbd/Kconfig
create mode 100644 fs/ksmbd/Makefile
diff --git a/fs/Kconfig b/fs/Kconfig
index aa097ca64ef6..a5ed26b093b7 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -370,6 +370,7 @@ config NFS_COMMON
source "net/sunrpc/Kconfig"
source "fs/ceph/Kconfig"
source "fs/cifs/Kconfig"
+source "fs/ksmbd/Kconfig"
source "fs/coda/Kconfig"
source "fs/afs/Kconfig"
source "fs/9p/Kconfig"
diff --git a/fs/Makefile b/fs/Makefile
index 73acb48ce6bc..d91d30ba8b4e 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -100,6 +100,7 @@ obj-$(CONFIG_NLS) += nls/
obj-$(CONFIG_UNICODE) += unicode/
obj-$(CONFIG_SYSV_FS) += sysv/
obj-$(CONFIG_CIFS) += cifs/
+obj-$(CONFIG_SMB_SERVER) += ksmbd/
obj-$(CONFIG_HPFS_FS) += hpfs/
obj-$(CONFIG_NTFS_FS) += ntfs/
obj-$(CONFIG_NTFS3_FS) += ntfs3/
diff --git a/fs/ksmbd/Kconfig b/fs/ksmbd/Kconfig
new file mode 100644
index 000000000000..c893ba4490e4
--- /dev/null
+++ b/fs/ksmbd/Kconfig
@@ -0,0 +1,67 @@
+config SMB_SERVER
+ tristate "SMB3 server support (EXPERIMENTAL)"
+ depends on INET
+ depends on MULTIUSER
+ depends on FILE_LOCKING
+ select NLS
+ select NLS_UTF8
+ select CRYPTO
+ select CRYPTO_MD5
+ select CRYPTO_HMAC
+ select CRYPTO_ECB
+ select CRYPTO_LIB_DES
+ select CRYPTO_SHA256
+ select CRYPTO_CMAC
+ select CRYPTO_SHA512
+ select CRYPTO_AEAD2
+ select CRYPTO_CCM
+ select CRYPTO_GCM
+ select ASN1
+ select OID_REGISTRY
+ default n
+ help
+ Choose Y here if you want to allow SMB3 compliant clients
+ to access files residing on this system using SMB3 protocol.
+ To compile the SMB3 server support as a module,
+ choose M here: the module will be called ksmbd.
+
+ You may choose to use a samba server instead, in which
+ case you can choose N here.
+
+ You also need to install user space programs which can be found
+ in ksmbd-tools, available from
+ https://github.com/cifsd-team/ksmbd-tools.
+ More detail about how to run the ksmbd kernel server is
+ available via README file
+ (https://github.com/cifsd-team/ksmbd-tools/blob/master/README)
+
+ ksmbd kernel server includes support for auto-negotiation,
+ Secure negotiate, Pre-authentication integrity, oplock/lease,
+ compound requests, multi-credit, packet signing, RDMA(smbdirect),
+ smb3 encryption, copy-offload, secure per-user session
+ establishment via NTLM or NTLMv2.
+
+config SMB_SERVER_SMBDIRECT
+ bool "Support for SMB Direct protocol"
+ depends on SMB_SERVER=m && INFINIBAND && INFINIBAND_ADDR_TRANS || SMB_SERVER=y && INFINIBAND=y && INFINIBAND_ADDR_TRANS=y
+ select SG_POOL
+ default n
+
+ help
+ Enables SMB Direct support for SMB 3.0, 3.02 and 3.1.1.
+
+ SMB Direct allows transferring SMB packets over RDMA. If unsure,
+ say N.
+
+config SMB_SERVER_CHECK_CAP_NET_ADMIN
+ bool "Enable check network administration capability"
+ depends on SMB_SERVER
+ default y
+
+ help
+ Prevent unprivileged processes to start the ksmbd kernel server.
+
+config SMB_SERVER_KERBEROS5
+ bool "Support for Kerberos 5"
+ depends on SMB_SERVER
+ default n
diff --git a/fs/ksmbd/Makefile b/fs/ksmbd/Makefile
new file mode 100644
index 000000000000..7d6337a7dee4
--- /dev/null
+++ b/fs/ksmbd/Makefile
@@ -0,0 +1,20 @@
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+# Makefile for Linux SMB3 kernel server
+#
+obj-$(CONFIG_SMB_SERVER) += ksmbd.o
+
+ksmbd-y := unicode.o auth.o vfs.o vfs_cache.o server.o ndr.o \
+ misc.o oplock.o connection.o ksmbd_work.o crypto_ctx.o \
+ mgmt/ksmbd_ida.o mgmt/user_config.o mgmt/share_config.o \
+ mgmt/tree_connect.o mgmt/user_session.o smb_common.o \
+ transport_tcp.o transport_ipc.o smbacl.o smb2pdu.o \
+ smb2ops.o smb2misc.o ksmbd_spnego_negtokeninit.asn1.o \
+ ksmbd_spnego_negtokentarg.asn1.o asn1.o
+
+$(obj)/asn1.o: $(obj)/ksmbd_spnego_negtokeninit.asn1.h $(obj)/ksmbd_spnego_negtokentarg.asn1.h
+
+$(obj)/ksmbd_spnego_negtokeninit.asn1.o: $(obj)/ksmbd_spnego_negtokeninit.asn1.c $(obj)/ksmbd_spnego_negtokeninit.asn1.h
+$(obj)/ksmbd_spnego_negtokentarg.asn1.o: $(obj)/ksmbd_spnego_negtokentarg.asn1.c $(obj)/ksmbd_spnego_negtokentarg.asn1.h
+
+ksmbd-$(CONFIG_SMB_SERVER_SMBDIRECT) += transport_rdma.o
diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
index 90aeb8a835f7..ad742ac28f1d 100644
--- a/fs/ksmbd/server.c
+++ b/fs/ksmbd/server.c
@@ -624,10 +624,8 @@ MODULE_AUTHOR("Namjae Jeon <linkinjeon(a)kernel.org>");
MODULE_VERSION(KSMBD_VERSION);
MODULE_DESCRIPTION("Linux kernel CIFS/SMB SERVER");
MODULE_LICENSE("GPL");
-MODULE_SOFTDEP("pre: arc4");
MODULE_SOFTDEP("pre: ecb");
MODULE_SOFTDEP("pre: hmac");
-MODULE_SOFTDEP("pre: md4");
MODULE_SOFTDEP("pre: md5");
MODULE_SOFTDEP("pre: nls");
MODULE_SOFTDEP("pre: aes");
From patchwork Mon Nov 14 12:53:32 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183400
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems706-chm.china.huawei.com (10.3.19.183) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:38 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems706-chm.china.huawei.com (10.3.19.183) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:37 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:37 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 303/308] ksmbd: set unique value to volume serial
field in FS_VOLUME_INFORMATION
Date: Mon, 14 Nov 2022 20:53:32 +0800
Message-ID: <20221114125337.1831594-304-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
09ecea80-0134-4ac5-06b2-08dac63c9807
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7031601
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.16-rc1
commit 5d2f0b1083eb158bdff01dd557e2c25046c0a7d2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/5d2f0b1083eb
-------------------------------
Steve French reported ksmbd set fixed value to volume serial field in
FS_VOLUME_INFORMATION. Volume serial value needs to be set to a unique
value for client fscache. This patch set crc value that is generated
with share name, path name and netbios name to volume serial.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable(a)vger.kernel.org # v5.15
Reported-by: Steve French <smfrench(a)gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/Kconfig | 1 +
fs/ksmbd/server.c | 1 +
fs/ksmbd/smb2pdu.c | 9 ++++++++-
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/Kconfig b/fs/ksmbd/Kconfig
index c893ba4490e4..e1fe17747ed6 100644
--- a/fs/ksmbd/Kconfig
+++ b/fs/ksmbd/Kconfig
@@ -18,6 +18,7 @@ config SMB_SERVER
select CRYPTO_GCM
select ASN1
select OID_REGISTRY
+ select CRC32
default n
help
Choose Y here if you want to allow SMB3 compliant clients
diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
index ad742ac28f1d..8cd93052cfab 100644
--- a/fs/ksmbd/server.c
+++ b/fs/ksmbd/server.c
@@ -635,5 +635,6 @@ MODULE_SOFTDEP("pre: sha512");
MODULE_SOFTDEP("pre: aead2");
MODULE_SOFTDEP("pre: ccm");
MODULE_SOFTDEP("pre: gcm");
+MODULE_SOFTDEP("pre: crc32");
module_init(ksmbd_server_init)
module_exit(ksmbd_server_exit)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 7a6a2942f72a..31947a994a8d 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -4909,11 +4909,18 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work,
{
struct filesystem_vol_info *info;
size_t sz;
+ unsigned int serial_crc = 0;
info = (struct filesystem_vol_info *)(rsp->Buffer);
info->VolumeCreationTime = 0;
+ serial_crc = crc32_le(serial_crc, share->name,
+ strlen(share->name));
+ serial_crc = crc32_le(serial_crc, share->path,
+ strlen(share->path));
+ serial_crc = crc32_le(serial_crc, ksmbd_netbios_name(),
+ strlen(ksmbd_netbios_name()));
/* Taking dummy value of serial number*/
- info->SerialNumber = cpu_to_le32(0xbc3ac512);
+ info->SerialNumber = cpu_to_le32(serial_crc);
len = smbConvertToUTF16((__le16 *)info->VolumeLabel,
share->name, PATH_MAX,
conn->local_nls, 0);
From patchwork Mon Nov 14 12:53:33 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183401
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems705-chm.china.huawei.com (10.3.19.182) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:38 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems705-chm.china.huawei.com (10.3.19.182) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:38 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:37 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 304/308] ksmbd: add support for smb2 max credit
parameter
Date: Mon, 14 Nov 2022 20:53:33 +0800
Message-ID: <20221114125337.1831594-305-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
6f73e789-fa72-4762-e4c1-08dac63c984f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7353506
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit 004443b3f6d722b455cf963ed7c3edd7f4772405
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/004443b3f6d7
-------------------------------
Add smb2 max credits parameter to adjust maximum credits value to limit
number of outstanding requests.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.h | 1 -
fs/ksmbd/ksmbd_netlink.h | 1 +
fs/ksmbd/smb2misc.c | 2 +-
fs/ksmbd/smb2ops.c | 16 ++++++++++++----
fs/ksmbd/smb2pdu.c | 8 ++++----
fs/ksmbd/smb2pdu.h | 1 +
fs/ksmbd/smb_common.h | 1 +
fs/ksmbd/transport_ipc.c | 2 ++
8 files changed, 22 insertions(+), 10 deletions(-)
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index 6aa72b17c3eb..b50c33bd1315 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -55,7 +55,6 @@ struct ksmbd_conn {
/* References which are made for this Server object*/
atomic_t r_count;
unsigned short total_credits;
- unsigned short max_credits;
spinlock_t credits_lock;
wait_queue_head_t req_running_q;
wait_queue_head_t r_count_q;
diff --git a/fs/ksmbd/ksmbd_netlink.h b/fs/ksmbd/ksmbd_netlink.h
index c6718a05d347..a5c2861792ae 100644
--- a/fs/ksmbd/ksmbd_netlink.h
+++ b/fs/ksmbd/ksmbd_netlink.h
@@ -103,6 +103,7 @@ struct ksmbd_startup_request {
* we set the SPARSE_FILES bit (0x40).
*/
__u32 sub_auth[3]; /* Subauth value for Security ID */
+ __u32 smb2_max_credits; /* MAX credits */
__u32 ifc_list_sz; /* interfaces list size */
__s8 ____payload[];
};
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index faaeacd8ea55..df09a1bd4981 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -322,7 +322,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn,
ksmbd_debug(SMB, "Insufficient credit charge, given: %d, needed: %d\n",
credit_charge, calc_credit_num);
return 1;
- } else if (credit_charge > conn->max_credits) {
+ } else if (credit_charge > conn->vals->max_credits) {
ksmbd_debug(SMB, "Too large credit charge: %d\n", credit_charge);
return 1;
}
diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c
index 2a6205103df2..f0a5b704f301 100644
--- a/fs/ksmbd/smb2ops.c
+++ b/fs/ksmbd/smb2ops.c
@@ -20,6 +20,7 @@ static struct smb_version_values smb21_server_values = {
.max_read_size = SMB21_DEFAULT_IOSIZE,
.max_write_size = SMB21_DEFAULT_IOSIZE,
.max_trans_size = SMB21_DEFAULT_IOSIZE,
+ .max_credits = SMB2_MAX_CREDITS,
.large_lock_type = 0,
.exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
.shared_lock_type = SMB2_LOCKFLAG_SHARED,
@@ -45,6 +46,7 @@ static struct smb_version_values smb30_server_values = {
.max_read_size = SMB3_DEFAULT_IOSIZE,
.max_write_size = SMB3_DEFAULT_IOSIZE,
.max_trans_size = SMB3_DEFAULT_TRANS_SIZE,
+ .max_credits = SMB2_MAX_CREDITS,
.large_lock_type = 0,
.exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
.shared_lock_type = SMB2_LOCKFLAG_SHARED,
@@ -71,6 +73,7 @@ static struct smb_version_values smb302_server_values = {
.max_read_size = SMB3_DEFAULT_IOSIZE,
.max_write_size = SMB3_DEFAULT_IOSIZE,
.max_trans_size = SMB3_DEFAULT_TRANS_SIZE,
+ .max_credits = SMB2_MAX_CREDITS,
.large_lock_type = 0,
.exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
.shared_lock_type = SMB2_LOCKFLAG_SHARED,
@@ -97,6 +100,7 @@ static struct smb_version_values smb311_server_values = {
.max_read_size = SMB3_DEFAULT_IOSIZE,
.max_write_size = SMB3_DEFAULT_IOSIZE,
.max_trans_size = SMB3_DEFAULT_TRANS_SIZE,
+ .max_credits = SMB2_MAX_CREDITS,
.large_lock_type = 0,
.exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
.shared_lock_type = SMB2_LOCKFLAG_SHARED,
@@ -198,7 +202,6 @@ void init_smb2_1_server(struct ksmbd_conn *conn)
conn->ops = &smb2_0_server_ops;
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
- conn->max_credits = SMB2_MAX_CREDITS;
conn->signing_algorithm = SIGNING_ALG_HMAC_SHA256;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
@@ -216,7 +219,6 @@ void init_smb3_0_server(struct ksmbd_conn *conn)
conn->ops = &smb3_0_server_ops;
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
- conn->max_credits = SMB2_MAX_CREDITS;
conn->signing_algorithm = SIGNING_ALG_AES_CMAC;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
@@ -241,7 +243,6 @@ void init_smb3_02_server(struct ksmbd_conn *conn)
conn->ops = &smb3_0_server_ops;
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
- conn->max_credits = SMB2_MAX_CREDITS;
conn->signing_algorithm = SIGNING_ALG_AES_CMAC;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
@@ -266,7 +267,6 @@ int init_smb3_11_server(struct ksmbd_conn *conn)
conn->ops = &smb3_11_server_ops;
conn->cmds = smb2_0_server_cmds;
conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds);
- conn->max_credits = SMB2_MAX_CREDITS;
conn->signing_algorithm = SIGNING_ALG_AES_CMAC;
if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES)
@@ -305,3 +305,11 @@ void init_smb2_max_trans_size(unsigned int sz)
smb302_server_values.max_trans_size = sz;
smb311_server_values.max_trans_size = sz;
}
+
+void init_smb2_max_credits(unsigned int sz)
+{
+ smb21_server_values.max_credits = sz;
+ smb30_server_values.max_credits = sz;
+ smb302_server_values.max_credits = sz;
+ smb311_server_values.max_credits = sz;
+}
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 31947a994a8d..e397476641ee 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -309,7 +309,7 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
hdr->CreditCharge = req_hdr->CreditCharge;
- if (conn->total_credits > conn->max_credits) {
+ if (conn->total_credits > conn->vals->max_credits) {
hdr->CreditRequest = 0;
pr_err("Total credits overflow: %d\n", conn->total_credits);
return -EINVAL;
@@ -330,12 +330,12 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
if (hdr->Command == SMB2_NEGOTIATE)
aux_max = 0;
else
- aux_max = conn->max_credits - credit_charge;
+ aux_max = conn->vals->max_credits - credit_charge;
aux_credits = min_t(unsigned short, aux_credits, aux_max);
credits_granted = credit_charge + aux_credits;
- if (conn->max_credits - conn->total_credits < credits_granted)
- credits_granted = conn->max_credits -
+ if (conn->vals->max_credits - conn->total_credits < credits_granted)
+ credits_granted = conn->vals->max_credits -
conn->total_credits;
conn->total_credits += credits_granted;
diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h
index 940ec510d3e2..9018d919cdd8 100644
--- a/fs/ksmbd/smb2pdu.h
+++ b/fs/ksmbd/smb2pdu.h
@@ -1636,6 +1636,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn);
void init_smb2_max_read_size(unsigned int sz);
void init_smb2_max_write_size(unsigned int sz);
void init_smb2_max_trans_size(unsigned int sz);
+void init_smb2_max_credits(unsigned int sz);
bool is_smb2_neg_cmd(struct ksmbd_work *work);
bool is_smb2_rsp(struct ksmbd_work *work);
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index da3dd29079a2..fe498fd6343c 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -412,6 +412,7 @@ struct smb_version_values {
__u32 max_read_size;
__u32 max_write_size;
__u32 max_trans_size;
+ __u32 max_credits;
__u32 large_lock_type;
__u32 exclusive_lock_type;
__u32 shared_lock_type;
diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c
index 1acf1892a466..3ad6881e0f7e 100644
--- a/fs/ksmbd/transport_ipc.c
+++ b/fs/ksmbd/transport_ipc.c
@@ -301,6 +301,8 @@ static int ipc_server_config_on_startup(struct ksmbd_startup_request *req)
init_smb2_max_write_size(req->smb2_max_write);
if (req->smb2_max_trans)
init_smb2_max_trans_size(req->smb2_max_trans);
+ if (req->smb2_max_credits)
+ init_smb2_max_credits(req->smb2_max_credits);
ret = ksmbd_set_netbios_name(req->netbios_name);
ret |= ksmbd_set_server_string(req->server_string);
From patchwork Mon Nov 14 12:53:34 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183402
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems701-chm.china.huawei.com (10.3.19.178) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:39 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems701-chm.china.huawei.com (10.3.19.178) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:38 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:38 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 305/308] ksmbd: move credit charge deduction under
processing request
Date: Mon, 14 Nov 2022 20:53:34 +0800
Message-ID: <20221114125337.1831594-306-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
19cfa166-1c27-453c-0f44-08dac63c9899
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6612780
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit 914d7e5709ac59ded70bea7956d408fe2acd7c3c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/914d7e5709ac
-------------------------------
Moves the credit charge deduction from total_credits under the processing
a request. When repeating smb2 lock request and other command request,
there will be a problem that ->total_credits does not decrease.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/smb2misc.c | 7 ++-----
fs/ksmbd/smb2pdu.c | 16 ++++++++++------
2 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index df09a1bd4981..5dd91879e3d9 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -285,7 +285,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn,
unsigned int req_len = 0, expect_resp_len = 0, calc_credit_num, max_len;
unsigned short credit_charge = le16_to_cpu(hdr->CreditCharge);
void *__hdr = hdr;
- int ret;
+ int ret = 0;
switch (hdr->Command) {
case SMB2_QUERY_INFO:
@@ -328,10 +328,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn,
}
spin_lock(&conn->credits_lock);
- if (credit_charge <= conn->total_credits) {
- conn->total_credits -= credit_charge;
- ret = 0;
- } else {
+ if (credit_charge > conn->total_credits) {
ksmbd_debug(SMB, "Insufficient credits granted, given: %u, granted: %u\n",
credit_charge, conn->total_credits);
ret = 1;
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index e397476641ee..1370fc6f1f0b 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -300,9 +300,8 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
struct smb2_hdr *req_hdr = ksmbd_req_buf_next(work);
struct smb2_hdr *hdr = ksmbd_resp_buf_next(work);
struct ksmbd_conn *conn = work->conn;
- unsigned short credits_requested;
+ unsigned short credits_requested, aux_max;
unsigned short credit_charge, credits_granted = 0;
- unsigned short aux_max, aux_credits;
if (work->send_no_response)
return 0;
@@ -317,6 +316,13 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
credit_charge = max_t(unsigned short,
le16_to_cpu(req_hdr->CreditCharge), 1);
+ if (credit_charge > conn->total_credits) {
+ ksmbd_debug(SMB, "Insufficient credits granted, given: %u, granted: %u\n",
+ credit_charge, conn->total_credits);
+ return -EINVAL;
+ }
+
+ conn->total_credits -= credit_charge;
credits_requested = max_t(unsigned short,
le16_to_cpu(req_hdr->CreditRequest), 1);
@@ -326,13 +332,11 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
* TODO: Need to adjuct CreditRequest value according to
* current cpu load
*/
- aux_credits = credits_requested - 1;
if (hdr->Command == SMB2_NEGOTIATE)
- aux_max = 0;
+ aux_max = 1;
else
aux_max = conn->vals->max_credits - credit_charge;
- aux_credits = min_t(unsigned short, aux_credits, aux_max);
- credits_granted = credit_charge + aux_credits;
+ credits_granted = min_t(unsigned short, credits_requested, aux_max);
if (conn->vals->max_credits - conn->total_credits < credits_granted)
credits_granted = conn->vals->max_credits -
From patchwork Mon Nov 14 12:53:35 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183403
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems702-chm.china.huawei.com (10.3.19.179) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:39 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:39 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:38 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 306/308] ksmbd: limits exceeding the maximum
allowable outstanding requests
Date: Mon, 14 Nov 2022 20:53:35 +0800
Message-ID: <20221114125337.1831594-307-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
fac8ea7a-568b-47d9-02bc-08dac63c98dd
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7177478
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit b589f5db6d4af8f14d70e31e1276b4c017668a26
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/b589f5db6d4a
-------------------------------
If the client ignores the CreditResponse received from the server and
continues to send the request, ksmbd limits the requests if it exceeds
smb2 max credits.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/connection.c | 1 +
fs/ksmbd/connection.h | 3 ++-
fs/ksmbd/smb2misc.c | 9 +++++++++
fs/ksmbd/smb2pdu.c | 1 +
4 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c
index cdb029e4fae5..8e15ec9e8f43 100644
--- a/fs/ksmbd/connection.c
+++ b/fs/ksmbd/connection.c
@@ -63,6 +63,7 @@ struct ksmbd_conn *ksmbd_conn_alloc(void)
atomic_set(&conn->req_running, 0);
atomic_set(&conn->r_count, 0);
conn->total_credits = 1;
+ conn->outstanding_credits = 1;
init_waitqueue_head(&conn->req_running_q);
init_waitqueue_head(&conn->r_count_q);
diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h
index b50c33bd1315..f803e3e60d34 100644
--- a/fs/ksmbd/connection.h
+++ b/fs/ksmbd/connection.h
@@ -54,7 +54,8 @@ struct ksmbd_conn {
atomic_t req_running;
/* References which are made for this Server object*/
atomic_t r_count;
- unsigned short total_credits;
+ unsigned int total_credits;
+ unsigned int outstanding_credits;
spinlock_t credits_lock;
wait_queue_head_t req_running_q;
wait_queue_head_t r_count_q;
diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c
index 5dd91879e3d9..81b227034865 100644
--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -333,7 +333,16 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn,
credit_charge, conn->total_credits);
ret = 1;
}
+
+ if ((u64)conn->outstanding_credits + credit_charge > conn->vals->max_credits) {
+ ksmbd_debug(SMB, "Limits exceeding the maximum allowable outstanding requests, given : %u, pending : %u\n",
+ credit_charge, conn->outstanding_credits);
+ ret = 1;
+ } else
+ conn->outstanding_credits += credit_charge;
+
spin_unlock(&conn->credits_lock);
+
return ret;
}
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 1370fc6f1f0b..5a7eab3991db 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -323,6 +323,7 @@ int smb2_set_rsp_credits(struct ksmbd_work *work)
}
conn->total_credits -= credit_charge;
+ conn->outstanding_credits -= credit_charge;
credits_requested = max_t(unsigned short,
le16_to_cpu(req_hdr->CreditRequest), 1);
From patchwork Mon Nov 14 12:53:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183404
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems703-chm.china.huawei.com (10.3.19.180) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:40 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems703-chm.china.huawei.com (10.3.19.180) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:39 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:39 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 307/308] ksmbd: add reserved room in ipc
request/response
Date: Mon, 14 Nov 2022 20:53:36 +0800
Message-ID: <20221114125337.1831594-308-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
8cb41985-87f4-403c-9450-08dac63c9925
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.7238442
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: Namjae Jeon <linkinjeon(a)kernel.org>
mainline inclusion
from mainline-5.17-rc1
commit 41dbda16a0902798e732abc6599de256b9dc3b27
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/41dbda16a090
-------------------------------
Whenever new parameter is added to smb configuration, It is possible
to break the execution of the IPC daemon by mismatch size of
request/response. This patch tries to reserve space in ipc request/response
in advance to prevent that.
Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/ksmbd/ksmbd_netlink.h | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/fs/ksmbd/ksmbd_netlink.h b/fs/ksmbd/ksmbd_netlink.h
index a5c2861792ae..71bfb7de4472 100644
--- a/fs/ksmbd/ksmbd_netlink.h
+++ b/fs/ksmbd/ksmbd_netlink.h
@@ -104,6 +104,7 @@ struct ksmbd_startup_request {
*/
__u32 sub_auth[3]; /* Subauth value for Security ID */
__u32 smb2_max_credits; /* MAX credits */
+ __u32 reserved[128]; /* Reserved room */
__u32 ifc_list_sz; /* interfaces list size */
__s8 ____payload[];
};
@@ -114,7 +115,7 @@ struct ksmbd_startup_request {
* IPC request to shutdown ksmbd server.
*/
struct ksmbd_shutdown_request {
- __s32 reserved;
+ __s32 reserved[16];
};
/*
@@ -123,6 +124,7 @@ struct ksmbd_shutdown_request {
struct ksmbd_login_request {
__u32 handle;
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
+ __u32 reserved[16]; /* Reserved room */
};
/*
@@ -136,6 +138,7 @@ struct ksmbd_login_response {
__u16 status;
__u16 hash_sz; /* hash size */
__s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */
+ __u32 reserved[16]; /* Reserved room */
};
/*
@@ -144,6 +147,7 @@ struct ksmbd_login_response {
struct ksmbd_share_config_request {
__u32 handle;
__s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
+ __u32 reserved[16]; /* Reserved room */
};
/*
@@ -158,6 +162,7 @@ struct ksmbd_share_config_response {
__u16 force_directory_mode;
__u16 force_uid;
__u16 force_gid;
+ __u32 reserved[128]; /* Reserved room */
__u32 veto_list_sz;
__s8 ____payload[];
};
@@ -188,6 +193,7 @@ struct ksmbd_tree_connect_request {
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
__s8 share[KSMBD_REQ_MAX_SHARE_NAME];
__s8 peer_addr[64];
+ __u32 reserved[16]; /* Reserved room */
};
/*
@@ -197,6 +203,7 @@ struct ksmbd_tree_connect_response {
__u32 handle;
__u16 status;
__u16 connection_flags;
+ __u32 reserved[16]; /* Reserved room */
};
/*
@@ -205,6 +212,7 @@ struct ksmbd_tree_connect_response {
struct ksmbd_tree_disconnect_request {
__u64 session_id; /* session id */
__u64 connect_id; /* tree connection id */
+ __u32 reserved[16]; /* Reserved room */
};
/*
@@ -213,6 +221,7 @@ struct ksmbd_tree_disconnect_request {
struct ksmbd_logout_request {
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
__u32 account_flags;
+ __u32 reserved[16]; /* Reserved room */
};
/*
From patchwork Mon Nov 14 12:53:37 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Yan <yanaijie(a)huawei.com>
X-Patchwork-Id: 183405
Return-Path: <yanaijie(a)huawei.com>
Received: from dggems704-chm.china.huawei.com (10.3.19.181) by
dggems702-chm.china.huawei.com (10.3.19.179) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31 via Mailbox Transport; Mon, 14 Nov 2022 20:34:40 +0800
Received: from canpemm500004.china.huawei.com (7.192.104.92) by
dggems704-chm.china.huawei.com (10.3.19.181) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Mon, 14 Nov 2022 20:34:40 +0800
Received: from huawei.com (10.175.127.227) by canpemm500004.china.huawei.com
(7.192.104.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 14 Nov
2022 20:34:39 +0800
From: Jason Yan <yanaijie(a)huawei.com>
To: <yanaijie(a)huawei.com>, <zhengzengkai(a)huawei.com>, <xiexiuqi(a)huawei.com>,
<yi.zhang(a)huawei.com>, <patchwork(a)huawei.com>, <kernel.openeuler(a)huawei.com>,
<houtao1(a)huawei.com>
Subject: [PATCH OLK-5.10 v2 308/308] vfs: Check the truncate maximum size in
inode_newsize_ok()
Date: Mon, 14 Nov 2022 20:53:37 +0800
Message-ID: <20221114125337.1831594-309-yanaijie(a)huawei.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20221114125337.1831594-1-yanaijie(a)huawei.com>
References: <20221114125337.1831594-1-yanaijie(a)huawei.com>
Content-Type: text/plain
X-MS-Exchange-Organization-Network-Message-Id:
2f26f158-a78f-4901-0b11-08dac63c996f
X-MS-Exchange-Organization-AuthSource: canpemm500004.china.huawei.com
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-Originating-IP: [10.175.127.227]
X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To
canpemm500004.china.huawei.com (7.192.104.92)
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.6968201
X-MS-Exchange-Processed-By-BccFoldering: 15.01.2375.031
MIME-Version: 1.0
From: David Howells <dhowells(a)redhat.com>
mainline inclusion
from mainline-6.0-rc1
commit e2ebff9c57fe4eb104ce4768f6ebcccf76bef849
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA
Reference: https://git.kernel.org/torvalds/linux/c/e2ebff9c57fe
-------------------------------
If something manages to set the maximum file size to MAX_OFFSET+1, this
can cause the xfs and ext4 filesystems at least to become corrupt.
Ordinarily, the kernel protects against userspace trying this by
checking the value early in the truncate() and ftruncate() system calls
calls - but there are at least two places that this check is bypassed:
(1) Cachefiles will round up the EOF of the backing file to DIO block
size so as to allow DIO on the final block - but this might push
the offset negative. It then calls notify_change(), but this
inadvertently bypasses the checking. This can be triggered if
someone puts an 8EiB-1 file on a server for someone else to try and
access by, say, nfs.
(2) ksmbd doesn't check the value it is given in set_end_of_file_info()
and then calls vfs_truncate() directly - which also bypasses the
check.
In both cases, it is potentially possible for a network filesystem to
cause a disk filesystem to be corrupted: cachefiles in the client's
cache filesystem; ksmbd in the server's filesystem.
nfsd is okay as it checks the value, but we can then remove this check
too.
Fix this by adding a check to inode_newsize_ok(), as called from
setattr_prepare(), thereby catching the issue as filesystems set up to
perform the truncate with minimal opportunity for bypassing the new
check.
Fixes: 1f08c925e7a3 ("cachefiles: Implement backing file wrangling")
Fixes: f44158485826 ("cifsd: add file operations")
Signed-off-by: David Howells <dhowells(a)redhat.com>
Reported-by: Jeff Layton <jlayton(a)kernel.org>
Tested-by: Jeff Layton <jlayton(a)kernel.org>
Reviewed-by: Namjae Jeon <linkinjeon(a)kernel.org>
Cc: stable(a)kernel.org
Acked-by: Alexander Viro <viro(a)zeniv.linux.org.uk>
cc: Steve French <sfrench(a)samba.org>
cc: Hyunchul Lee <hyc.lee(a)gmail.com>
cc: Chuck Lever <chuck.lever(a)oracle.com>
cc: Dave Wysochanski <dwysocha(a)redhat.com>
Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org>
Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
---
fs/attr.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/attr.c b/fs/attr.c
index b4bbdbd4c8ca..848ffe6e3c24 100644
--- a/fs/attr.c
+++ b/fs/attr.c
@@ -134,6 +134,8 @@ EXPORT_SYMBOL(setattr_prepare);
*/
int inode_newsize_ok(const struct inode *inode, loff_t offset)
{
+ if (offset < 0)
+ return -EINVAL;
if (inode->i_size < offset) {
unsigned long limit;
1
0
[PATCH openEuler-1.0-LTS] block: check flags of claimed slave bdev to fix uaf for bd_holder_dir
by Yongqiang Liu 15 Nov '22
by Yongqiang Liu 15 Nov '22
15 Nov '22
From: Li Lingfeng <lilingfeng3(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I60QE9
CVE: NA
--------------------------------
As explained in 0eb440122f89 ("block: fix use after free for
bd_holder_dir"), we should make sure the "disk" is still live and
then grab a reference to 'bd_holder_dir'. However, the "disk"
should be "the claimed slave bdev" rather than "the holding disk".
Fixes: 0eb440122f89 ("block: fix use after free for bd_holder_dir")
Signed-off-by: Li Lingfeng <lilingfeng3(a)huawei.com>
Reviewed-by: Yu Kuai <yukuai3(a)huawei.com>
Reviewed-by: Jason Yan <yanaijie(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
fs/block_dev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/block_dev.c b/fs/block_dev.c
index f2932e84055d..2680092c022d 100644
--- a/fs/block_dev.c
+++ b/fs/block_dev.c
@@ -1310,7 +1310,7 @@ int bd_link_disk_holder(struct block_device *bdev, struct gendisk *disk)
* the holder directory. Hold on to it.
*/
down_read(&bdev->bd_disk->lookup_sem);
- if (!(disk->flags & GENHD_FL_UP)) {
+ if (!(bdev->bd_disk->flags & GENHD_FL_UP)) {
up_read(&bdev->bd_disk->lookup_sem);
return -ENODEV;
}
--
2.25.1
1
0
With the increase of memory capacity and density, the probability of
memory error increases. The increasing size and density of server RAM
in the data center and cloud have shown increased uncorrectable memory
errors.
Currently, the kernel has a mechanism to recover from hardware memory
errors. This patchset provides an new recovery mechanism.
For arm64, the hardware memory error handling is do_sea() which divided
into two cases:
1. The user state consumed the memory errors, the solution is kill the
user process and isolate the error page.
2. The kernel state consumed the memory errors, the solution is panic.
For case 2, Undifferentiated panic maybe not the optimal choice, it can be
handled better, in some scenarios, we can avoid panic, such as uaccess, if the
uaccess fails due to memory error, only the user process will be affected,
kill the user process and isolate the user page with hardware memory errors
is a better choice.
Tong Tiangen (14):
Revert "arm64: ras: copy_from_user scenario support uce kernel
recovery"
Revert "arm64: config: enable CONFIG_ARM64_UCE_KERNEL_RECOVERY"
uaccess: add generic fallback version of copy_mc_to_user()
arm64: extable: add new extable type "__mc_ex_table"
arm64: add support for machine check error safe
arm64: copy_form/to_user support machine check safe
arm64: get/put_user support machine check safe
arm64: add cow to machine check safe
arm64: introduce copy_mc_to_kernel() implementation
arm64: add dump_user_range() to machine check safe
arm64: add machine check safe sysctl interface
arm64/__mc_ex_table: search_module_mc_extables should not use
num_exentries
arm64/__mc_ex_table: fix compile error when CONFIG_ARCH_HAS_COPY_MC=n
arm64/__mc_ex_table: fix __mc_ex_table do_sort() issue
Documentation/admin-guide/sysctl/kernel.rst | 38 ++--
arch/arm64/Kconfig | 14 +-
arch/arm64/configs/openeuler_defconfig | 1 -
arch/arm64/include/asm/asm-uaccess.h | 5 +
arch/arm64/include/asm/assembler.h | 26 ++-
arch/arm64/include/asm/exception.h | 13 --
arch/arm64/include/asm/extable.h | 1 +
arch/arm64/include/asm/mte.h | 4 +
arch/arm64/include/asm/page.h | 10 +
arch/arm64/include/asm/processor.h | 2 +
arch/arm64/include/asm/string.h | 5 +
arch/arm64/include/asm/uaccess.h | 70 +++++--
arch/arm64/lib/Makefile | 10 +-
arch/arm64/lib/copy_from_user.S | 19 +-
arch/arm64/lib/copy_page_mc.S | 80 ++++++++
arch/arm64/lib/copy_to_user.S | 10 +-
arch/arm64/lib/memcpy_mc.S | 73 ++++++++
arch/arm64/lib/mte.S | 19 ++
arch/arm64/mm/Makefile | 2 -
arch/arm64/mm/copypage.c | 37 +++-
arch/arm64/mm/extable.c | 12 ++
arch/arm64/mm/fault.c | 36 +++-
arch/arm64/mm/uce_kernel_recovery.c | 198 --------------------
arch/powerpc/include/asm/uaccess.h | 1 +
arch/x86/include/asm/uaccess.h | 1 +
fs/coredump.c | 2 +
include/asm-generic/vmlinux.lds.h | 19 +-
include/linux/extable.h | 23 +++
include/linux/highmem.h | 8 +
include/linux/module.h | 11 ++
include/linux/sched.h | 1 +
include/linux/uaccess.h | 9 +
kernel/extable.c | 29 +++
kernel/module.c | 38 ++++
kernel/sysctl.c | 11 ++
lib/iov_iter.c | 12 +-
mm/memory.c | 2 +-
scripts/sorttable.h | 27 +++
38 files changed, 583 insertions(+), 296 deletions(-)
create mode 100644 arch/arm64/lib/copy_page_mc.S
create mode 100644 arch/arm64/lib/memcpy_mc.S
delete mode 100644 arch/arm64/mm/uce_kernel_recovery.c
--
2.25.1
1
14
From: Zhang Jian <zhangjian210(a)huawei.com>
It includes these patches:
Six patches for sharepool bugfix and ascend feature
One patch for gic bugfix
One patch for adding ascend characteristic switch
One patch for export some interface for ascend
Guo Mengqi (1):
sharepool: fix sp_alloc_populate no fallocate bug
Wang Wensheng (1):
ascend/arm64: Add ascend_enable_all kernel parameter
Xu Qiang (2):
irq-gic-v3: Fix too large cpu_count
mm/sharepool: Fix add group failed with errno 28
Yuan Can (1):
ascend: export interfaces required by ascend drivers
Zhang Zekun (2):
mm/sharepool: Use "tgid" instead of "pid" to find a task
mm: sharepool: Fix static check warning
Zhou Guanghui (2):
mm: fix alloc CDM node memory for MPOL_BIND
mm: fix ignore cpuset enforcement
arch/arm64/kernel/cpufeature.c | 2 +-
arch/arm64/mm/init.c | 42 ++++++++++
drivers/irqchip/irq-gic-v3-its.c | 10 +++
include/linux/share_pool.h | 28 +++----
kernel/exit.c | 8 ++
kernel/fork.c | 4 -
kernel/power/autosleep.c | 1 +
kernel/workqueue.c | 3 +
mm/hugetlb.c | 2 +-
mm/memcontrol.c | 2 +-
mm/oom_kill.c | 1 +
mm/page_alloc.c | 6 +-
mm/share_pool.c | 136 ++++++++++++++-----------------
mm/vmalloc.c | 3 +
14 files changed, 152 insertions(+), 96 deletions(-)
--
2.17.1
1
9
您好!
Kernel SIG 邀请您参加 2022-11-18 14:00 召开的Zoom会议(自动录制)
会议主题:openEuler Kernel SIG 双周例会
会议内容:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题~(新增议题可以回复邮件反馈,或者录入会议看板)
会议链接:https://us06web.zoom.us/j/87237435945?pwd=OGJBQS9OYnNuNEpHRmZLZ2ptcENZUT09
会议纪要:https://etherpad.openeuler.org/p/Kernel-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler Kernel SIG invites you to attend the Zoom conference(auto recording) will be held at 2022-11-18 14:00,
The subject of the conference is openEuler Kernel SIG 双周例会,
Summary:
1. 进展update
2. 议题征集中
欢迎大家积极申报议题~(新增议题可以回复邮件反馈,或者录入会议看板)
You can join the meeting at https://us06web.zoom.us/j/87237435945?pwd=OGJBQS9OYnNuNEpHRmZLZ2ptcENZUT09.
Add topics at https://etherpad.openeuler.org/p/Kernel-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
[PATCH openEuler-1.0-LTS 1/2] Revert "block: Fix UAF in bd_link_disk_holder()"
by Yongqiang Liu 14 Nov '22
by Yongqiang Liu 14 Nov '22
14 Nov '22
From: Yu Kuai <yukuai3(a)huawei.com>
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I60QE9
CVE: NA
--------------------------------
This reverts commit 01b1ec1d028fdd78d0c763578e4b804240283b24.
Official solution will be applied to mainline, and this solution can't
fix uaf for 'bd_holder_dir' thoroughly. hence revert this temporary
solution. Officail solution will be backported in the next patch.
Signed-off-by: Yu Kuai <yukuai3(a)huawei.com>
Reviewed-by: Jason Yan <yanaijie(a)huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13(a)huawei.com>
---
fs/block_dev.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/fs/block_dev.c b/fs/block_dev.c
index 7e891e08d0ce..9868b21b8ef9 100644
--- a/fs/block_dev.c
+++ b/fs/block_dev.c
@@ -1650,7 +1650,6 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part)
}
}
bdev->bd_openers++;
- kobject_get(bdev->bd_part->holder_dir);
if (for_part)
bdev->bd_part_count++;
if (mode & FMODE_WRITE)
@@ -1926,7 +1925,6 @@ static void __blkdev_put(struct block_device *bdev, fmode_t mode, int for_part)
if (for_part)
bdev->bd_part_count--;
- kobject_put(bdev->bd_part->holder_dir);
if (!--bdev->bd_openers) {
WARN_ON_ONCE(bdev->bd_holders);
sync_blockdev(bdev);
--
2.25.1
1
1
Backport 5.10.136 LTS patches from upstream.
git cherry-pick v5.10.135..v5.10.136~1 -s
Already merged(-4):
a01a4e9f5dc9 tun: avoid double free in tun_free_netdev
3c77292d52b3 crypto: arm64/poly1305 - fix a read out-of-bound
509c2c9fe75e x86/speculation: Add RSB VM Exit protections
1bea03b44ea2 x86/speculation: Add LFENCE to RSB fill sequence
Total patches: 23 - 4 = 19
Aaron Ma (1):
Bluetooth: btusb: Add support of IMC Networks PID 0x3568
Ahmad Fatoum (1):
Bluetooth: hci_bcm: Add BCM4349B1 variant
Ben Hutchings (1):
x86/speculation: Make all RETbleed mitigations 64-bit only
Dmitry Klochkov (1):
tools/kvm_stat: fix display of error when multiple processes are found
Hakan Jansson (1):
Bluetooth: hci_bcm: Add DT compatible for CYW55572
Hilda Wu (5):
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
Jakub Sitnicki (2):
selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads
selftests/bpf: Check dst_port only on the client socket
Ning Qiang (1):
macintosh/adb: fix oob read in do_adb_query() function
Raghavendra Rao Ananta (1):
selftests: KVM: Handle compiler optimizations in ucall
Tetsuo Handa (2):
ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
Tony Luck (1):
ACPI: APEI: Better fix to avoid spamming the console with old error
logs
Werner Sembach (2):
ACPI: video: Force backlight native for some TongFang devices
ACPI: video: Shortening quirk list by identifying Clevo by board_name
only
arch/x86/Kconfig | 8 +-
drivers/acpi/apei/bert.c | 31 +++++--
drivers/acpi/video_detect.c | 55 ++++++++-----
drivers/bluetooth/btbcm.c | 2 +
drivers/bluetooth/btusb.c | 15 ++++
drivers/bluetooth/hci_bcm.c | 2 +
drivers/macintosh/adb.c | 2 +-
drivers/net/wireless/ath/ath9k/htc.h | 2 +
drivers/net/wireless/ath/ath9k/htc_drv_txrx.c | 13 +++
drivers/net/wireless/ath/ath9k/wmi.c | 4 +
tools/include/uapi/linux/bpf.h | 3 +-
tools/kvm/kvm_stat/kvm_stat | 3 +-
.../selftests/bpf/prog_tests/sock_fields.c | 60 +++++++++-----
.../selftests/bpf/progs/test_sock_fields.c | 45 +++++++++++
tools/testing/selftests/bpf/verifier/sock.c | 81 ++++++++++++++++++-
.../testing/selftests/kvm/lib/aarch64/ucall.c | 9 +--
16 files changed, 273 insertions(+), 62 deletions(-)
--
2.20.1
1
19
Backport 5.10.135 LTS patches from upstream.
git cherry-pick v5.10.134..v5.10.135~1 -s
Already merged(-10):
8008e797ec6f ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
440dccd80f62 netfilter: nf_queue: do not allow packet truncation below transport
header offset
41fbfdaba94a xfs: refactor xfs_file_fsync
6d3605f84edd xfs: xfs_log_force_lsn isn't passed a LSN
eccacbcbfd70 xfs: fix log intent recovery ENOSPC shutdowns when inactivating
inodes
d8f5bb0a09b7 xfs: force the log offline when log intent item recovery fails
c85cbb0b21a1 xfs: hold buffer across unpin and potential shutdown processing
c1268acaa0dd xfs: remove dead stale buf unpin handling code
e5f9d4e0f895 xfs: logging the on disk inode LSN can make it go backwards
14b494b7aaf2 xfs: Enforce attr3 buffer recovery order
Context Conflict and Defered(-3):
6aad811b37ee bpf: Consolidate shared test timing code
6d3fad2b44eb bpf: Add PROG_TEST_RUN support for sk_lookup programs
4bfc9dc60873 selftests: bpf: Don't run sk_lookup in verifier tests
Total patches: 65 - 13 = 52
Alejandro Lucero (1):
sfc: disable softirqs for ptp TX
Alistair Popple (1):
nouveau/svm: Fix to migrate all requested pages
ChenXiaoSong (1):
ntfs: fix use-after-free in ntfs_ucsncmp()
Darrick J. Wong (1):
xfs: prevent UAF in xfs_log_item_in_current_chkpt
David Howells (1):
watch_queue: Fix missing rcu annotation
Duoming Zhou (1):
sctp: fix sleep in atomic context bug in timer handlers
Eiichi Tsukata (1):
docs/kernel-parameters: Update descriptions for "mitigations=" param
with retbleed
Florian Fainelli (1):
ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow
Greg Kroah-Hartman (1):
ARM: crypto: comment out gcc warning that breaks clang builds
Harald Freudenberger (1):
s390/archrandom: prevent CPACF trng invocations in interrupt context
Jaewon Kim (1):
page_alloc: fix invalid watermark check on a negative value
Jason Wang (1):
virtio-net: fix the race between refill work and close
Jianglei Nie (1):
net: macsec: fix potential resource leak in macsec_add_rxsa() and
macsec_add_txsa()
Junxiao Bi (1):
Revert "ocfs2: mount shared volume without ha stack"
Kuniyuki Iwashima (19):
tcp: Fix data-races around sysctl_tcp_dsack.
tcp: Fix a data-race around sysctl_tcp_app_win.
tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
tcp: Fix a data-race around sysctl_tcp_frto.
tcp: Fix a data-race around sysctl_tcp_nometrics_save.
tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
net: ping6: Fix memleak in ipv6_renew_options().
igmp: Fix data-races around sysctl_igmp_qrv.
tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
tcp: Fix a data-race around sysctl_tcp_autocorking.
tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
tcp: Fix data-races around sysctl_tcp_reflect_tos.
Leo Yan (1):
perf symbol: Correct address for bss symbols
Liang He (2):
scsi: ufs: host: Hold reference returned by of_parse_phandle()
net: sungem_phy: Add of_node_put() for reference returned by
of_get_parent()
Linus Torvalds (1):
watch_queue: Fix missing locking in add_watch_to_object()
Luiz Augusto von Dentz (1):
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
Maciej Fijalkowski (2):
ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
ice: do not setup vlan for loopback VSI
Maxim Mikityanskiy (1):
net/tls: Remove the context from the list in tls_device_down
Michal Maloszewski (1):
i40e: Fix interface init with MSI interrupts (no MSI-X)
Sabrina Dubroca (4):
macsec: fix NULL deref in macsec_add_rxsa
macsec: fix error message in macsec_add_rxsa and _txsa
macsec: limit replay window size with XPN
macsec: always read MACSEC_SA_ATTR_PN as a u64
Thadeu Lima de Souza Cascardo (1):
x86/bugs: Do not enable IBPB at firmware entry when IBPB is not
available
Toshi Kani (1):
EDAC/ghes: Set the DIMM label unconditionally
Wei Mingzhi (1):
mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
Wei Wang (1):
Revert "tcp: change pingpong threshold to 3"
Xin Long (2):
Documentation: fix sctp_wmem in ip-sysctl.rst
sctp: leave the err path free in sctp_stream_init to sctp_stream_free
.../admin-guide/kernel-parameters.txt | 2 +
Documentation/networking/ip-sysctl.rst | 9 ++-
arch/arm/include/asm/dma.h | 2 +-
arch/arm/lib/xor-neon.c | 3 +-
arch/s390/include/asm/archrandom.h | 9 ++-
arch/x86/kernel/cpu/bugs.c | 1 +
drivers/edac/ghes_edac.c | 11 +++-
drivers/gpu/drm/nouveau/nouveau_dmem.c | 6 +-
drivers/net/ethernet/intel/i40e/i40e_main.c | 4 ++
drivers/net/ethernet/intel/ice/ice_ethtool.c | 3 +-
drivers/net/ethernet/intel/ice/ice_main.c | 8 ++-
drivers/net/ethernet/sfc/ptp.c | 22 +++++++
drivers/net/macsec.c | 33 ++++++----
drivers/net/sungem_phy.c | 1 +
drivers/net/virtio_net.c | 37 ++++++++++-
drivers/net/wireless/mediatek/mt7601u/usb.c | 1 +
drivers/scsi/ufs/ufshcd-pltfrm.c | 15 ++++-
fs/ntfs/attrib.c | 8 ++-
fs/ocfs2/ocfs2.h | 4 +-
fs/ocfs2/slot_map.c | 46 ++++++--------
fs/ocfs2/super.c | 21 -------
fs/xfs/xfs_log_cil.c | 6 +-
include/net/bluetooth/l2cap.h | 1 +
include/net/inet_connection_sock.h | 10 +--
include/net/tcp.h | 2 +-
kernel/watch_queue.c | 58 +++++++++++-------
mm/page_alloc.c | 12 ++--
net/bluetooth/l2cap_core.c | 61 +++++++++++++++----
net/ipv4/igmp.c | 24 ++++----
net/ipv4/tcp.c | 2 +-
net/ipv4/tcp_input.c | 24 ++++----
net/ipv4/tcp_ipv4.c | 4 +-
net/ipv4/tcp_metrics.c | 10 +--
net/ipv4/tcp_output.c | 19 +++---
net/ipv6/ping.c | 6 ++
net/ipv6/tcp_ipv6.c | 4 +-
net/mptcp/protocol.c | 2 +-
net/sctp/associola.c | 5 +-
net/sctp/stream.c | 19 +-----
net/sctp/stream_sched.c | 2 +-
net/tls/tls_device.c | 7 ++-
tools/perf/util/symbol-elf.c | 45 ++++++++++++--
42 files changed, 364 insertions(+), 205 deletions(-)
--
2.20.1
1
52
Backport 5.10.134 LTS patches from upstream.
git cherry-pick v5.10.133..v5.10.134~1 -s
Already merged(-12):
ab5050fd7430 lockdown: Fix kexec lockdown bypass with ima policy
2ee0cab11f66 io_uring: Use original task for req identity in io_identity_cow()
ed6964ff4714 net: make free_netdev() more lenient with unregistering devices
2e11856ec379 net: make sure devices go through netdev_wait_all_refs
47b696dd6544 xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
xfrm_bundle_lookup()
0adf21eec590 watchqueue: make sure to serialize 'wqueue->defunct' properly
6a8184825286 tty: drivers/tty/, stop using tty_schedule_flip()
4d374625cca2 tty: the rest, stop using tty_schedule_flip()
c84986d09745 tty: drop tty_schedule_flip()
a4bb7ef2d6f6 tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
08afa87f58d8 tty: use new tty_insert_flip_string_and_push_buffer() in
pty_write()
bb1990a3005e watch-queue: remove spurious double semicolon
Context Conflict:
2686f62fa78c docs: net: explain struct net_device lifetime
bf2f3d1970c0 net: move rollback_registered_many()
b7b9e5cc8b24 x86/amd: Use IBPB for firmware calls
Total patches: = 101 - 12 = 89
Alex Deucher (1):
drm/amdgpu/display: add quirk handling for stutter mode
Alexander Aring (1):
dlm: fix pending remove if msg allocation fails
Alexey Kardashevskiy (1):
KVM: Don't null dereference ops->destroy
Ben Dooks (1):
riscv: add as-options for modules with assembly compontents
Biao Huang (1):
net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
Dawid Lukwinski (1):
i40e: Fix erroneous adapter reinitialization during recovery process
Demi Marie Obenour (1):
xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
Eric Dumazet (1):
bpf: Make sure mac_header was set before using it
Fabien Dessenne (1):
pinctrl: stm32: fix optional IRQ support to gpios
Greg Kroah-Hartman (1):
Revert "m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch"
Haibo Chen (3):
gpio: pca953x: only use single read/write for No AI mode
gpio: pca953x: use the correct range when do regmap sync
gpio: pca953x: use the correct register address when regcache sync
during init
Hristo Venev (1):
be2net: Fix buffer overflow in be_get_module_eeprom
Ido Schimmel (1):
mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
Jakub Kicinski (5):
docs: net: explain struct net_device lifetime
net: move net_set_todo inside rollback_registered()
net: inline rollback_registered()
net: move rollback_registered_many()
net: inline rollback_registered_many()
Jeffrey Hugo (4):
PCI: hv: Fix multi-MSI to allow more than one MSI vector
PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
PCI: hv: Fix interrupt mapping for multi-MSI
Jose Alonso (1):
net: usb: ax88179_178a needs FLAG_SEND_ZLP
Junxiao Chang (1):
net: stmmac: fix dma queue left shift overflow issue
Juri Lelli (1):
sched/deadline: Fix BUG_ON condition for deboosted tasks
Kees Cook (1):
x86/alternative: Report missing return thunk details
Kuniyuki Iwashima (37):
ip: Fix data-races around sysctl_ip_no_pmtu_disc.
ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
ip: Fix data-races around sysctl_ip_fwd_update_priority.
ip: Fix data-races around sysctl_ip_nonlocal_bind.
ip: Fix a data-race around sysctl_ip_autobind_reuse.
ip: Fix a data-race around sysctl_fwmark_reflect.
tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
tcp: Fix data-races around sysctl_tcp_mtu_probing.
tcp: Fix data-races around sysctl_tcp_base_mss.
tcp: Fix data-races around sysctl_tcp_min_snd_mss.
tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
tcp: Fix a data-race around sysctl_tcp_probe_threshold.
tcp: Fix a data-race around sysctl_tcp_probe_interval.
igmp: Fix data-races around sysctl_igmp_llm_reports.
igmp: Fix a data-race around sysctl_igmp_max_memberships.
igmp: Fix data-races around sysctl_igmp_max_msf.
tcp: Fix data-races around keepalive sysctl knobs.
tcp: Fix data-races around sysctl_tcp_syncookies.
tcp: Fix data-races around sysctl_tcp_reordering.
tcp: Fix data-races around some timeout sysctl knobs.
tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
tcp: Fix a data-race around sysctl_tcp_tw_reuse.
tcp: Fix data-races around sysctl_max_syn_backlog.
tcp: Fix data-races around sysctl_tcp_fastopen.
tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
ip: Fix data-races around sysctl_ip_prot_sock.
udp: Fix a data-race around sysctl_udp_l3mdev_accept.
tcp: Fix data-races around sysctl knobs related to SYN option.
tcp: Fix a data-race around sysctl_tcp_early_retrans.
tcp: Fix data-races around sysctl_tcp_recovery.
tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
tcp: Fix a data-race around sysctl_tcp_stdurg.
tcp: Fix a data-race around sysctl_tcp_rfc1337.
tcp: Fix data-races around sysctl_tcp_max_reordering.
Lennert Buytenhek (1):
igc: Reinstate IGC_REMOVED logic and implement it properly
Liang He (1):
drm/imx/dcss: Add missing of_node_put() in fail path
Luiz Augusto von Dentz (7):
Bluetooth: Add bt_skb_sendmsg helper
Bluetooth: Add bt_skb_sendmmsg helper
Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
Bluetooth: Fix passing NULL to PTR_ERR
Bluetooth: SCO: Fix sco_send_frame returning skb->len
Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
Marc Kleine-Budde (1):
spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non
DMA transfers
Miaoqian Lin (1):
power/reset: arm-versatile: Fix refcount leak in
versatile_reboot_probe
Pali Rohár (1):
serial: mvebu-uart: correctly report configured baudrate value
Pawan Gupta (1):
x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS
parts
Peter Zijlstra (3):
perf/core: Fix data race between perf_event_set_output() and
perf_mmap_close()
bitfield.h: Fix "type of reg too small for mask" test
x86/amd: Use IBPB for firmware calls
Piotr Skajewski (1):
ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
Przemyslaw Patynowski (1):
iavf: Fix handling of dummy receive descriptors
Robert Hancock (1):
i2c: cadence: Change large transfer count reset logic to be
unconditional
Takashi Iwai (1):
ALSA: memalloc: Align buffer allocations in page size
Tariq Toukan (1):
net/tls: Fix race in TLS device down flow
Wang Cheng (1):
mm/mempolicy: fix uninit-value in mpol_rebind_policy()
Wang ShaoBo (1):
drm/imx/dcss: fix unused but set variable warnings
William Dean (1):
pinctrl: ralink: Check for null return of devm_kcalloc
Documentation/networking/netdevices.rst | 171 +++++++++++++-
arch/m68k/Kconfig.bus | 2 +-
arch/riscv/Makefile | 1 +
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/mshyperv.h | 7 -
arch/x86/include/asm/nospec-branch.h | 2 +
arch/x86/kernel/alternative.c | 4 +-
arch/x86/kernel/cpu/bugs.c | 14 +-
drivers/gpio/gpio-pca953x.c | 22 +-
.../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 33 +++
drivers/gpu/drm/imx/dcss/dcss-dev.c | 3 +
drivers/gpu/drm/imx/dcss/dcss-plane.c | 2 -
drivers/i2c/busses/i2c-cadence.c | 30 +--
.../chelsio/inline_crypto/chtls/chtls_cm.c | 6 +-
drivers/net/ethernet/emulex/benet/be_cmds.c | 10 +-
drivers/net/ethernet/emulex/benet/be_cmds.h | 2 +-
.../net/ethernet/emulex/benet/be_ethtool.c | 31 ++-
drivers/net/ethernet/intel/i40e/i40e_main.c | 13 +-
drivers/net/ethernet/intel/iavf/iavf_txrx.c | 5 +-
drivers/net/ethernet/intel/igc/igc_main.c | 3 +
drivers/net/ethernet/intel/igc/igc_regs.h | 5 +-
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 1 +
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 3 +
.../net/ethernet/intel/ixgbe/ixgbe_sriov.c | 6 +
.../ethernet/mellanox/mlxsw/spectrum_router.c | 5 +-
.../net/ethernet/stmicro/stmmac/dwmac4_core.c | 3 +
.../net/ethernet/stmicro/stmmac/stmmac_main.c | 17 +-
.../ethernet/stmicro/stmmac/stmmac_platform.c | 8 +-
drivers/net/usb/ax88179_178a.c | 20 +-
drivers/pci/controller/pci-hyperv.c | 99 ++++++--
drivers/pinctrl/stm32/pinctrl-stm32.c | 18 +-
drivers/power/reset/arm-versatile-reboot.c | 1 +
drivers/spi/spi-bcm2835.c | 12 +-
.../staging/mt7621-pinctrl/pinctrl-rt2880.c | 2 +
drivers/tty/serial/mvebu-uart.c | 25 ++-
drivers/xen/gntdev.c | 3 +-
fs/dlm/lock.c | 3 +-
include/linux/bitfield.h | 19 +-
include/net/bluetooth/bluetooth.h | 65 ++++++
include/net/inet_sock.h | 5 +-
include/net/ip.h | 6 +-
include/net/tcp.h | 18 +-
include/net/udp.h | 2 +-
kernel/bpf/core.c | 8 +-
kernel/events/core.c | 45 ++--
kernel/sched/deadline.c | 5 +-
mm/mempolicy.c | 2 +-
net/bluetooth/rfcomm/core.c | 50 ++++-
net/bluetooth/rfcomm/sock.c | 46 +---
net/bluetooth/sco.c | 30 +--
net/core/dev.c | 212 ++++++++----------
net/core/filter.c | 4 +-
net/core/secure_seq.c | 4 +-
net/ipv4/af_inet.c | 4 +-
net/ipv4/fib_semantics.c | 2 +-
net/ipv4/icmp.c | 2 +-
net/ipv4/igmp.c | 25 ++-
net/ipv4/inet_connection_sock.c | 2 +-
net/ipv4/ip_forward.c | 2 +-
net/ipv4/ip_sockglue.c | 6 +-
net/ipv4/route.c | 2 +-
net/ipv4/syncookies.c | 9 +-
net/ipv4/sysctl_net_ipv4.c | 6 +-
net/ipv4/tcp.c | 10 +-
net/ipv4/tcp_fastopen.c | 9 +-
net/ipv4/tcp_input.c | 51 +++--
net/ipv4/tcp_ipv4.c | 2 +-
net/ipv4/tcp_metrics.c | 3 +-
net/ipv4/tcp_minisocks.c | 2 +-
net/ipv4/tcp_output.c | 29 +--
net/ipv4/tcp_recovery.c | 6 +-
net/ipv4/tcp_timer.c | 20 +-
net/ipv6/af_inet6.c | 2 +-
net/ipv6/syncookies.c | 3 +-
net/sctp/protocol.c | 2 +-
net/smc/smc_llc.c | 2 +-
net/tls/tls_device.c | 8 +-
net/xfrm/xfrm_state.c | 2 +-
sound/core/memalloc.c | 1 +
virt/kvm/kvm_main.c | 5 +-
80 files changed, 877 insertions(+), 454 deletions(-)
--
2.20.1
1
89
[PATCH openEuler-5.10-LTS 01/12] scsi: libsas: Resume SAS host for phy reset or enable via sysfs
by Zheng Zengkai 10 Nov '22
by Zheng Zengkai 10 Nov '22
10 Nov '22
From: Xiang Chen <chenxiang66(a)hisilicon.com>
mainline inclusion
from mainline-v5.19-rc7
commit 1e82e4627a795
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I5M9GC
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
----------------------------------------------------------------------
Currently if a phy reset or enable phy is issued via sysfs when controller
is suspended, those operations will be ignored as SAS_HA_REGISTERED is
cleared. If RPM is enabled then we may aggressively suspend automatically.
In this case it may be difficult to enable or reset a phy via sysfs, so
resume the host in these scenarios.
Link: https://lore.kernel.org/r/1657823002-139010-6-git-send-email-john.garry@hua…
Signed-off-by: Xiang Chen <chenxiang66(a)hisilicon.com>
Signed-off-by: John Garry <john.garry(a)huawei.com>
Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com>
Signed-off-by: xiabing <xiabing12(a)h-partners.com>
Reviewed-by: Jason Yan <yanaijie(a)huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai(a)huawei.com>
---
drivers/scsi/libsas/sas_init.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/scsi/libsas/sas_init.c b/drivers/scsi/libsas/sas_init.c
index f1989a98f511..58ffcecf1a2f 100644
--- a/drivers/scsi/libsas/sas_init.c
+++ b/drivers/scsi/libsas/sas_init.c
@@ -528,6 +528,7 @@ static int queue_phy_reset(struct sas_phy *phy, int hard_reset)
if (!d)
return -ENOMEM;
+ pm_runtime_get_sync(ha->dev);
/* libsas workqueue coordinates ata-eh reset with discovery */
mutex_lock(&d->event_lock);
d->reset_result = 0;
@@ -541,6 +542,7 @@ static int queue_phy_reset(struct sas_phy *phy, int hard_reset)
if (rc == 0)
rc = d->reset_result;
mutex_unlock(&d->event_lock);
+ pm_runtime_put_sync(ha->dev);
return rc;
}
@@ -555,6 +557,7 @@ static int queue_phy_enable(struct sas_phy *phy, int enable)
if (!d)
return -ENOMEM;
+ pm_runtime_get_sync(ha->dev);
/* libsas workqueue coordinates ata-eh reset with discovery */
mutex_lock(&d->event_lock);
d->enable_result = 0;
@@ -568,6 +571,7 @@ static int queue_phy_enable(struct sas_phy *phy, int enable)
if (rc == 0)
rc = d->enable_result;
mutex_unlock(&d->event_lock);
+ pm_runtime_put_sync(ha->dev);
return rc;
}
--
2.20.1
3
13
10 Nov '22
iptables 版本为v1.8.7 不支持 --destination-to 和 --port-to 我如何解决这个问题?
wangpengyuan(a)bjca.org.cn
1
0
[PATCH OLK-5.10,v1,0/9] ROH: Support ROH basic functions and adapt ROH mode for RDMA/hns driver
by Ke Chen 09 Nov '22
by Ke Chen 09 Nov '22
09 Nov '22
[Description]
The ROH module driver consists of the ROH Core and ROH DRV
modules, which work with hardware to implement communication
between nodes through HCCS packets.
ROH Core is a protocol stack of the ROH architecture. It provides
related services for upper layers by invoking operation interfaces
provided by the ROH DRV.
The ROH DRV implements the lower layer functions of the ROH
featureand provides a series of interfaces for operating hardware
for the ROH Core.
This patch supports basic ROH functions, such as: sysfs file node
query, abnormal interrupt handling, reset capability and dfx
information query.
RDMA/hns supports ROH mode, mainly adapted to the device id of ROH,
and the different capabilities and features of RDMA/hns in ROH mode.
[Testing]
kernel options:
CONFIG_ROH=m
CONFIG_ROH_HNS=m
Test passed with below step:
1. Using a hardware environment that supports ROH, insmod net/hns,
RDMA/hns and ROH related drivers:
insmod hnae3.ko
insmod hclge.ko
insmod hns3.ko
insmod roh_core.ko
insmod hns-roh-v1.ko
insmod hns-roce-hw-v2.ko
2. Check whether ROH generates the corresponding sysfs node:
ls /sys/class/roh/hns3_0/
3. Check whether the abnormal interrupt information of roh is correct.
The down or up of the network device link corresponding to roh will
cause the roh abnormal interrupt count to increase.
cat /proc/interrupts | grep roh
4. Configure the network port ip and check whether the ip/mac has the
correct mapping relationship.
5. Query eid to check whether it complies with ip conversion rules:
cat /sys/class/roh/hns3_0/node_eid
6. Use ping to check Ethernet communication is normal.
7. Use perftest to check RDMA communication is normal.
8. Use the "ethtool --reset eth1 all" command to trigger a reset.
Ke Chen (9):
roh/core: Add roh device sysfs node
roh/hns3: Add support for roh abnormal interruption
roh/core: Add support for inetaddr notifier
roh/hns3: Add support for roh reset
roh/hns3: Add support for roh dfx(debugfs)
RDMA/hns: Add new device ID
RDMA/hns: Add ROH basic configuration and check
RDMA/hns: Support RDMA_CM in ROH mode
RDMA/hns: Pass mac type to user driver for ROH mode
drivers/infiniband/hw/hns/hns_roce_device.h | 1 +
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 35 ++
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 1 +
drivers/infiniband/hw/hns/hns_roce_main.c | 12 +-
drivers/roh/core/Makefile | 2 +-
drivers/roh/core/core.c | 205 ++++++++++
drivers/roh/core/core.h | 24 ++
drivers/roh/core/core_priv.h | 9 +
drivers/roh/core/sysfs.c | 270 +++++++++++++
drivers/roh/hw/hns3/Makefile | 2 +
drivers/roh/hw/hns3/hns3_cmdq.c | 135 +++++++
drivers/roh/hw/hns3/hns3_cmdq.h | 46 +++
drivers/roh/hw/hns3/hns3_common.h | 32 ++
drivers/roh/hw/hns3/hns3_device.h | 40 ++
drivers/roh/hw/hns3/hns3_intr.c | 136 +++++++
drivers/roh/hw/hns3/hns3_intr.h | 13 +
drivers/roh/hw/hns3/hns3_main.c | 406 +++++++++++++++++++-
drivers/roh/hw/hns3/hns3_verbs.c | 270 +++++++++++++
drivers/roh/hw/hns3/hns3_verbs.h | 16 +
include/uapi/rdma/hns-abi.h | 2 +
20 files changed, 1651 insertions(+), 6 deletions(-)
create mode 100644 drivers/roh/core/sysfs.c
create mode 100644 drivers/roh/hw/hns3/hns3_device.h
create mode 100644 drivers/roh/hw/hns3/hns3_intr.c
create mode 100644 drivers/roh/hw/hns3/hns3_intr.h
create mode 100644 drivers/roh/hw/hns3/hns3_verbs.c
create mode 100644 drivers/roh/hw/hns3/hns3_verbs.h
--
2.30.0
1
9