4 * Copyright (C) International Business Machines Corp., 2002,2008
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * Jeremy Allison (jra@samba.org) 2006.
8 * This library is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Lesser General Public License as published
10 * by the Free Software Foundation; either version 2.1 of the License, or
11 * (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
16 * the GNU Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this library; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include <linux/list.h>
25 #include <linux/gfp.h>
26 #include <linux/wait.h>
27 #include <linux/net.h>
28 #include <linux/delay.h>
29 #include <linux/freezer.h>
30 #include <asm/uaccess.h>
31 #include <asm/processor.h>
32 #include <linux/mempool.h>
35 #include "cifsproto.h"
36 #include "cifs_debug.h"
38 extern mempool_t *cifs_mid_poolp;
41 wake_up_task(struct mid_q_entry *mid)
43 wake_up_process(mid->callback_data);
47 AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
49 struct mid_q_entry *temp;
52 cERROR(1, "Null TCP session in AllocMidQEntry");
56 temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS);
60 memset(temp, 0, sizeof(struct mid_q_entry));
61 temp->mid = smb_buffer->Mid; /* always LE */
62 temp->pid = current->pid;
63 temp->command = smb_buffer->Command;
64 cFYI(1, "For smb_command %d", temp->command);
65 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
66 /* when mid allocated can be before when sent */
67 temp->when_alloc = jiffies;
70 * The default is for the mid to be synchronous, so the
71 * default callback just wakes up the current task.
73 temp->callback = wake_up_task;
74 temp->callback_data = current;
77 atomic_inc(&midCount);
78 temp->midState = MID_REQUEST_ALLOCATED;
83 DeleteMidQEntry(struct mid_q_entry *midEntry)
85 #ifdef CONFIG_CIFS_STATS2
88 midEntry->midState = MID_FREE;
89 atomic_dec(&midCount);
90 if (midEntry->largeBuf)
91 cifs_buf_release(midEntry->resp_buf);
93 cifs_small_buf_release(midEntry->resp_buf);
94 #ifdef CONFIG_CIFS_STATS2
96 /* commands taking longer than one second are indications that
97 something is wrong, unless it is quite a slow link or server */
98 if ((now - midEntry->when_alloc) > HZ) {
99 if ((cifsFYI & CIFS_TIMER) &&
100 (midEntry->command != SMB_COM_LOCKING_ANDX)) {
101 printk(KERN_DEBUG " CIFS slow rsp: cmd %d mid %d",
102 midEntry->command, midEntry->mid);
103 printk(" A: 0x%lx S: 0x%lx R: 0x%lx\n",
104 now - midEntry->when_alloc,
105 now - midEntry->when_sent,
106 now - midEntry->when_received);
110 mempool_free(midEntry, cifs_mid_poolp);
114 delete_mid(struct mid_q_entry *mid)
116 spin_lock(&GlobalMid_Lock);
117 list_del(&mid->qhead);
118 spin_unlock(&GlobalMid_Lock);
120 DeleteMidQEntry(mid);
124 smb_sendv(struct TCP_Server_Info *server, struct kvec *iov, int n_vec)
128 struct msghdr smb_msg;
129 struct smb_hdr *smb_buffer = iov[0].iov_base;
130 unsigned int len = iov[0].iov_len;
131 unsigned int total_len;
133 unsigned int smb_buf_length = be32_to_cpu(smb_buffer->smb_buf_length);
134 struct socket *ssocket = server->ssocket;
137 return -ENOTSOCK; /* BB eventually add reconnect code here */
139 smb_msg.msg_name = (struct sockaddr *) &server->dstaddr;
140 smb_msg.msg_namelen = sizeof(struct sockaddr);
141 smb_msg.msg_control = NULL;
142 smb_msg.msg_controllen = 0;
143 if (server->noblocksnd)
144 smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
146 smb_msg.msg_flags = MSG_NOSIGNAL;
149 for (i = 0; i < n_vec; i++)
150 total_len += iov[i].iov_len;
152 cFYI(1, "Sending smb: total_len %d", total_len);
153 dump_smb(smb_buffer, len);
157 rc = kernel_sendmsg(ssocket, &smb_msg, &iov[first_vec],
158 n_vec - first_vec, total_len);
159 if ((rc == -ENOSPC) || (rc == -EAGAIN)) {
161 /* if blocking send we try 3 times, since each can block
162 for 5 seconds. For nonblocking we have to try more
163 but wait increasing amounts of time allowing time for
164 socket to clear. The overall time we wait in either
165 case to send on the socket is about 15 seconds.
166 Similarly we wait for 15 seconds for
167 a response from the server in SendReceive[2]
168 for the server to send a response back for
169 most types of requests (except SMB Write
170 past end of file which can be slow, and
171 blocking lock operations). NFS waits slightly longer
172 than CIFS, but this can make it take longer for
173 nonresponsive servers to be detected and 15 seconds
174 is more than enough time for modern networks to
175 send a packet. In most cases if we fail to send
176 after the retries we will kill the socket and
177 reconnect which may clear the network problem.
179 if ((i >= 14) || (!server->noblocksnd && (i > 2))) {
180 cERROR(1, "sends on sock %p stuck for 15 seconds",
191 if (rc == total_len) {
194 } else if (rc > total_len) {
195 cERROR(1, "sent %d requested %d", rc, total_len);
199 /* should never happen, letting socket clear before
200 retrying is our only obvious option here */
201 cERROR(1, "tcp sent no data");
206 /* the line below resets i */
207 for (i = first_vec; i < n_vec; i++) {
208 if (iov[i].iov_len) {
209 if (rc > iov[i].iov_len) {
210 rc -= iov[i].iov_len;
213 iov[i].iov_base += rc;
214 iov[i].iov_len -= rc;
220 i = 0; /* in case we get ENOSPC on the next send */
223 if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
224 cFYI(1, "partial send (%d remaining), terminating session",
226 /* If we have only sent part of an SMB then the next SMB
227 could be taken as the remainder of this one. We need
228 to kill the socket so the server throws away the partial
230 server->tcpStatus = CifsNeedReconnect;
233 if (rc < 0 && rc != -EINTR)
234 cERROR(1, "Error %d sending data on socket to server", rc);
238 /* Don't want to modify the buffer as a
239 side effect of this call. */
240 smb_buffer->smb_buf_length = cpu_to_be32(smb_buf_length);
246 smb_send(struct TCP_Server_Info *server, struct smb_hdr *smb_buffer,
247 unsigned int smb_buf_length)
251 iov.iov_base = smb_buffer;
252 iov.iov_len = smb_buf_length + 4;
254 return smb_sendv(server, &iov, 1);
258 wait_for_free_credits(struct TCP_Server_Info *server, const int optype,
263 spin_lock(&server->req_lock);
264 if (optype == CIFS_ASYNC_OP) {
265 /* oplock breaks must not be held up */
268 spin_unlock(&server->req_lock);
274 spin_unlock(&server->req_lock);
275 cifs_num_waiters_inc(server);
276 rc = wait_event_killable(server->request_q,
277 has_credits(server, credits));
278 cifs_num_waiters_dec(server);
281 spin_lock(&server->req_lock);
283 if (server->tcpStatus == CifsExiting) {
284 spin_unlock(&server->req_lock);
289 * Can not count locking commands against total
290 * as they are allowed to block on server.
293 /* update # of requests on the wire to server */
294 if (optype != CIFS_BLOCKING_OP) {
298 spin_unlock(&server->req_lock);
306 wait_for_free_request(struct TCP_Server_Info *server, const int optype)
308 return wait_for_free_credits(server, optype, get_credits_field(server));
311 static int allocate_mid(struct cifs_ses *ses, struct smb_hdr *in_buf,
312 struct mid_q_entry **ppmidQ)
314 if (ses->server->tcpStatus == CifsExiting) {
318 if (ses->server->tcpStatus == CifsNeedReconnect) {
319 cFYI(1, "tcp session dead - return to caller to retry");
323 if (ses->status != CifsGood) {
324 /* check if SMB session is bad because we are setting it up */
325 if ((in_buf->Command != SMB_COM_SESSION_SETUP_ANDX) &&
326 (in_buf->Command != SMB_COM_NEGOTIATE))
328 /* else ok - we are setting up session */
330 *ppmidQ = AllocMidQEntry(in_buf, ses->server);
333 spin_lock(&GlobalMid_Lock);
334 list_add_tail(&(*ppmidQ)->qhead, &ses->server->pending_mid_q);
335 spin_unlock(&GlobalMid_Lock);
340 wait_for_response(struct TCP_Server_Info *server, struct mid_q_entry *midQ)
344 error = wait_event_freezekillable(server->response_q,
345 midQ->midState != MID_REQUEST_SUBMITTED);
354 * Send a SMB request and set the callback function in the mid to handle
355 * the result. Caller is responsible for dealing with timeouts.
358 cifs_call_async(struct TCP_Server_Info *server, struct kvec *iov,
359 unsigned int nvec, mid_receive_t *receive,
360 mid_callback_t *callback, void *cbdata, bool ignore_pend)
363 struct mid_q_entry *mid;
364 struct smb_hdr *hdr = (struct smb_hdr *)iov[0].iov_base;
366 rc = wait_for_free_request(server, ignore_pend ? CIFS_ASYNC_OP : 0);
370 /* enable signing if server requires it */
371 if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
372 hdr->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
374 mutex_lock(&server->srv_mutex);
375 mid = AllocMidQEntry(hdr, server);
377 mutex_unlock(&server->srv_mutex);
378 cifs_add_credits(server, 1);
379 wake_up(&server->request_q);
383 /* put it on the pending_mid_q */
384 spin_lock(&GlobalMid_Lock);
385 list_add_tail(&mid->qhead, &server->pending_mid_q);
386 spin_unlock(&GlobalMid_Lock);
388 rc = cifs_sign_smb2(iov, nvec, server, &mid->sequence_number);
390 mutex_unlock(&server->srv_mutex);
394 mid->receive = receive;
395 mid->callback = callback;
396 mid->callback_data = cbdata;
397 mid->midState = MID_REQUEST_SUBMITTED;
399 cifs_in_send_inc(server);
400 rc = smb_sendv(server, iov, nvec);
401 cifs_in_send_dec(server);
402 cifs_save_when_sent(mid);
403 mutex_unlock(&server->srv_mutex);
411 cifs_add_credits(server, 1);
412 wake_up(&server->request_q);
418 * Send an SMB Request. No response info (other than return code)
419 * needs to be parsed.
421 * flags indicate the type of request buffer and how long to wait
422 * and whether to log NT STATUS code (error) before mapping it to POSIX error
426 SendReceiveNoRsp(const unsigned int xid, struct cifs_ses *ses,
427 struct smb_hdr *in_buf, int flags)
433 iov[0].iov_base = (char *)in_buf;
434 iov[0].iov_len = be32_to_cpu(in_buf->smb_buf_length) + 4;
435 flags |= CIFS_NO_RESP;
436 rc = SendReceive2(xid, ses, iov, 1, &resp_buf_type, flags);
437 cFYI(DBG2, "SendRcvNoRsp flags %d rc %d", flags, rc);
443 cifs_sync_mid_result(struct mid_q_entry *mid, struct TCP_Server_Info *server)
447 cFYI(1, "%s: cmd=%d mid=%d state=%d", __func__, mid->command,
448 mid->mid, mid->midState);
450 spin_lock(&GlobalMid_Lock);
451 switch (mid->midState) {
452 case MID_RESPONSE_RECEIVED:
453 spin_unlock(&GlobalMid_Lock);
455 case MID_RETRY_NEEDED:
458 case MID_RESPONSE_MALFORMED:
465 list_del_init(&mid->qhead);
466 cERROR(1, "%s: invalid mid state mid=%d state=%d", __func__,
467 mid->mid, mid->midState);
470 spin_unlock(&GlobalMid_Lock);
472 DeleteMidQEntry(mid);
477 * An NT cancel request header looks just like the original request except:
479 * The Command is SMB_COM_NT_CANCEL
480 * The WordCount is zeroed out
481 * The ByteCount is zeroed out
483 * This function mangles an existing request buffer into a
484 * SMB_COM_NT_CANCEL request and then sends it.
487 send_nt_cancel(struct TCP_Server_Info *server, struct smb_hdr *in_buf,
488 struct mid_q_entry *mid)
492 /* -4 for RFC1001 length and +2 for BCC field */
493 in_buf->smb_buf_length = cpu_to_be32(sizeof(struct smb_hdr) - 4 + 2);
494 in_buf->Command = SMB_COM_NT_CANCEL;
495 in_buf->WordCount = 0;
498 mutex_lock(&server->srv_mutex);
499 rc = cifs_sign_smb(in_buf, server, &mid->sequence_number);
501 mutex_unlock(&server->srv_mutex);
504 rc = smb_send(server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
505 mutex_unlock(&server->srv_mutex);
507 cFYI(1, "issued NT_CANCEL for mid %u, rc = %d",
514 cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
517 unsigned int len = be32_to_cpu(mid->resp_buf->smb_buf_length) + 4;
519 dump_smb(mid->resp_buf, min_t(u32, 92, len));
521 /* convert the length into a more usable form */
522 if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
525 iov.iov_base = mid->resp_buf;
527 /* FIXME: add code to kill session */
528 if (cifs_verify_signature(&iov, 1, server,
529 mid->sequence_number + 1) != 0)
530 cERROR(1, "Unexpected SMB signature");
533 /* BB special case reconnect tid and uid here? */
534 return map_smb_to_linux_error(mid->resp_buf, log_error);
538 SendReceive2(const unsigned int xid, struct cifs_ses *ses,
539 struct kvec *iov, int n_vec, int *pRespBufType /* ret */,
544 struct mid_q_entry *midQ;
545 struct smb_hdr *in_buf = iov[0].iov_base;
547 long_op = flags & CIFS_TIMEOUT_MASK;
549 *pRespBufType = CIFS_NO_BUFFER; /* no response buf yet */
551 if ((ses == NULL) || (ses->server == NULL)) {
552 cifs_small_buf_release(in_buf);
553 cERROR(1, "Null session");
557 if (ses->server->tcpStatus == CifsExiting) {
558 cifs_small_buf_release(in_buf);
562 /* Ensure that we do not send more than 50 overlapping requests
563 to the same server. We may make this configurable later or
566 rc = wait_for_free_request(ses->server, long_op);
568 cifs_small_buf_release(in_buf);
572 /* make sure that we sign in the same order that we send on this socket
573 and avoid races inside tcp sendmsg code that could cause corruption
576 mutex_lock(&ses->server->srv_mutex);
578 rc = allocate_mid(ses, in_buf, &midQ);
580 mutex_unlock(&ses->server->srv_mutex);
581 cifs_small_buf_release(in_buf);
582 /* Update # of requests on wire to server */
583 cifs_add_credits(ses->server, 1);
586 rc = cifs_sign_smb2(iov, n_vec, ses->server, &midQ->sequence_number);
588 mutex_unlock(&ses->server->srv_mutex);
589 cifs_small_buf_release(in_buf);
593 midQ->midState = MID_REQUEST_SUBMITTED;
594 cifs_in_send_inc(ses->server);
595 rc = smb_sendv(ses->server, iov, n_vec);
596 cifs_in_send_dec(ses->server);
597 cifs_save_when_sent(midQ);
599 mutex_unlock(&ses->server->srv_mutex);
602 cifs_small_buf_release(in_buf);
606 if (long_op == CIFS_ASYNC_OP) {
607 cifs_small_buf_release(in_buf);
611 rc = wait_for_response(ses->server, midQ);
613 send_nt_cancel(ses->server, in_buf, midQ);
614 spin_lock(&GlobalMid_Lock);
615 if (midQ->midState == MID_REQUEST_SUBMITTED) {
616 midQ->callback = DeleteMidQEntry;
617 spin_unlock(&GlobalMid_Lock);
618 cifs_small_buf_release(in_buf);
619 cifs_add_credits(ses->server, 1);
622 spin_unlock(&GlobalMid_Lock);
625 cifs_small_buf_release(in_buf);
627 rc = cifs_sync_mid_result(midQ, ses->server);
629 cifs_add_credits(ses->server, 1);
633 if (!midQ->resp_buf || midQ->midState != MID_RESPONSE_RECEIVED) {
635 cFYI(1, "Bad MID state?");
639 iov[0].iov_base = (char *)midQ->resp_buf;
640 iov[0].iov_len = be32_to_cpu(midQ->resp_buf->smb_buf_length) + 4;
642 *pRespBufType = CIFS_LARGE_BUFFER;
644 *pRespBufType = CIFS_SMALL_BUFFER;
646 rc = cifs_check_receive(midQ, ses->server, flags & CIFS_LOG_ERROR);
648 /* mark it so buf will not be freed by delete_mid */
649 if ((flags & CIFS_NO_RESP) == 0)
650 midQ->resp_buf = NULL;
653 cifs_add_credits(ses->server, 1);
659 SendReceive(const unsigned int xid, struct cifs_ses *ses,
660 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
661 int *pbytes_returned, const int long_op)
664 struct mid_q_entry *midQ;
667 cERROR(1, "Null smb session");
670 if (ses->server == NULL) {
671 cERROR(1, "Null tcp session");
675 if (ses->server->tcpStatus == CifsExiting)
678 /* Ensure that we do not send more than 50 overlapping requests
679 to the same server. We may make this configurable later or
682 if (be32_to_cpu(in_buf->smb_buf_length) > CIFSMaxBufSize +
683 MAX_CIFS_HDR_SIZE - 4) {
684 cERROR(1, "Illegal length, greater than maximum frame, %d",
685 be32_to_cpu(in_buf->smb_buf_length));
689 rc = wait_for_free_request(ses->server, long_op);
693 /* make sure that we sign in the same order that we send on this socket
694 and avoid races inside tcp sendmsg code that could cause corruption
697 mutex_lock(&ses->server->srv_mutex);
699 rc = allocate_mid(ses, in_buf, &midQ);
701 mutex_unlock(&ses->server->srv_mutex);
702 /* Update # of requests on wire to server */
703 cifs_add_credits(ses->server, 1);
707 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
709 mutex_unlock(&ses->server->srv_mutex);
713 midQ->midState = MID_REQUEST_SUBMITTED;
715 cifs_in_send_inc(ses->server);
716 rc = smb_send(ses->server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
717 cifs_in_send_dec(ses->server);
718 cifs_save_when_sent(midQ);
719 mutex_unlock(&ses->server->srv_mutex);
724 if (long_op == CIFS_ASYNC_OP)
727 rc = wait_for_response(ses->server, midQ);
729 send_nt_cancel(ses->server, in_buf, midQ);
730 spin_lock(&GlobalMid_Lock);
731 if (midQ->midState == MID_REQUEST_SUBMITTED) {
732 /* no longer considered to be "in-flight" */
733 midQ->callback = DeleteMidQEntry;
734 spin_unlock(&GlobalMid_Lock);
735 cifs_add_credits(ses->server, 1);
738 spin_unlock(&GlobalMid_Lock);
741 rc = cifs_sync_mid_result(midQ, ses->server);
743 cifs_add_credits(ses->server, 1);
747 if (!midQ->resp_buf || !out_buf ||
748 midQ->midState != MID_RESPONSE_RECEIVED) {
750 cERROR(1, "Bad MID state?");
754 *pbytes_returned = be32_to_cpu(midQ->resp_buf->smb_buf_length);
755 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
756 rc = cifs_check_receive(midQ, ses->server, 0);
759 cifs_add_credits(ses->server, 1);
764 /* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
765 blocking lock to return. */
768 send_lock_cancel(const unsigned int xid, struct cifs_tcon *tcon,
769 struct smb_hdr *in_buf,
770 struct smb_hdr *out_buf)
773 struct cifs_ses *ses = tcon->ses;
774 LOCK_REQ *pSMB = (LOCK_REQ *)in_buf;
776 /* We just modify the current in_buf to change
777 the type of lock from LOCKING_ANDX_SHARED_LOCK
778 or LOCKING_ANDX_EXCLUSIVE_LOCK to
779 LOCKING_ANDX_CANCEL_LOCK. */
781 pSMB->LockType = LOCKING_ANDX_CANCEL_LOCK|LOCKING_ANDX_LARGE_FILES;
783 pSMB->hdr.Mid = GetNextMid(ses->server);
785 return SendReceive(xid, ses, in_buf, out_buf,
790 SendReceiveBlockingLock(const unsigned int xid, struct cifs_tcon *tcon,
791 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
792 int *pbytes_returned)
796 struct mid_q_entry *midQ;
797 struct cifs_ses *ses;
799 if (tcon == NULL || tcon->ses == NULL) {
800 cERROR(1, "Null smb session");
805 if (ses->server == NULL) {
806 cERROR(1, "Null tcp session");
810 if (ses->server->tcpStatus == CifsExiting)
813 /* Ensure that we do not send more than 50 overlapping requests
814 to the same server. We may make this configurable later or
817 if (be32_to_cpu(in_buf->smb_buf_length) > CIFSMaxBufSize +
818 MAX_CIFS_HDR_SIZE - 4) {
819 cERROR(1, "Illegal length, greater than maximum frame, %d",
820 be32_to_cpu(in_buf->smb_buf_length));
824 rc = wait_for_free_request(ses->server, CIFS_BLOCKING_OP);
828 /* make sure that we sign in the same order that we send on this socket
829 and avoid races inside tcp sendmsg code that could cause corruption
832 mutex_lock(&ses->server->srv_mutex);
834 rc = allocate_mid(ses, in_buf, &midQ);
836 mutex_unlock(&ses->server->srv_mutex);
840 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
843 mutex_unlock(&ses->server->srv_mutex);
847 midQ->midState = MID_REQUEST_SUBMITTED;
848 cifs_in_send_inc(ses->server);
849 rc = smb_send(ses->server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
850 cifs_in_send_dec(ses->server);
851 cifs_save_when_sent(midQ);
852 mutex_unlock(&ses->server->srv_mutex);
859 /* Wait for a reply - allow signals to interrupt. */
860 rc = wait_event_interruptible(ses->server->response_q,
861 (!(midQ->midState == MID_REQUEST_SUBMITTED)) ||
862 ((ses->server->tcpStatus != CifsGood) &&
863 (ses->server->tcpStatus != CifsNew)));
865 /* Were we interrupted by a signal ? */
866 if ((rc == -ERESTARTSYS) &&
867 (midQ->midState == MID_REQUEST_SUBMITTED) &&
868 ((ses->server->tcpStatus == CifsGood) ||
869 (ses->server->tcpStatus == CifsNew))) {
871 if (in_buf->Command == SMB_COM_TRANSACTION2) {
872 /* POSIX lock. We send a NT_CANCEL SMB to cause the
873 blocking lock to return. */
874 rc = send_nt_cancel(ses->server, in_buf, midQ);
880 /* Windows lock. We send a LOCKINGX_CANCEL_LOCK
881 to cause the blocking lock to return. */
883 rc = send_lock_cancel(xid, tcon, in_buf, out_buf);
885 /* If we get -ENOLCK back the lock may have
886 already been removed. Don't exit in this case. */
887 if (rc && rc != -ENOLCK) {
893 rc = wait_for_response(ses->server, midQ);
895 send_nt_cancel(ses->server, in_buf, midQ);
896 spin_lock(&GlobalMid_Lock);
897 if (midQ->midState == MID_REQUEST_SUBMITTED) {
898 /* no longer considered to be "in-flight" */
899 midQ->callback = DeleteMidQEntry;
900 spin_unlock(&GlobalMid_Lock);
903 spin_unlock(&GlobalMid_Lock);
906 /* We got the response - restart system call. */
910 rc = cifs_sync_mid_result(midQ, ses->server);
914 /* rcvd frame is ok */
915 if (out_buf == NULL || midQ->midState != MID_RESPONSE_RECEIVED) {
917 cERROR(1, "Bad MID state?");
921 *pbytes_returned = be32_to_cpu(midQ->resp_buf->smb_buf_length);
922 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
923 rc = cifs_check_receive(midQ, ses->server, 0);
926 if (rstart && rc == -EACCES)