4 * Copyright (C) International Business Machines Corp., 2002,2008
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * Jeremy Allison (jra@samba.org) 2006.
8 * This library is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Lesser General Public License as published
10 * by the Free Software Foundation; either version 2.1 of the License, or
11 * (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
16 * the GNU Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this library; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/net.h>
27 #include <linux/delay.h>
28 #include <asm/uaccess.h>
29 #include <asm/processor.h>
30 #include <linux/mempool.h>
33 #include "cifsproto.h"
34 #include "cifs_debug.h"
36 extern mempool_t *cifs_mid_poolp;
37 extern struct kmem_cache *cifs_oplock_cachep;
39 static struct mid_q_entry *
40 AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
42 struct mid_q_entry *temp;
45 cERROR(1, ("Null TCP session in AllocMidQEntry"));
49 temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS);
53 memset(temp, 0, sizeof(struct mid_q_entry));
54 temp->mid = smb_buffer->Mid; /* always LE */
55 temp->pid = current->pid;
56 temp->command = smb_buffer->Command;
57 cFYI(1, ("For smb_command %d", temp->command));
58 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
59 /* when mid allocated can be before when sent */
60 temp->when_alloc = jiffies;
64 spin_lock(&GlobalMid_Lock);
65 list_add_tail(&temp->qhead, &server->pending_mid_q);
66 atomic_inc(&midCount);
67 temp->midState = MID_REQUEST_ALLOCATED;
68 spin_unlock(&GlobalMid_Lock);
73 DeleteMidQEntry(struct mid_q_entry *midEntry)
75 #ifdef CONFIG_CIFS_STATS2
78 spin_lock(&GlobalMid_Lock);
79 midEntry->midState = MID_FREE;
80 list_del(&midEntry->qhead);
81 atomic_dec(&midCount);
82 spin_unlock(&GlobalMid_Lock);
83 if (midEntry->largeBuf)
84 cifs_buf_release(midEntry->resp_buf);
86 cifs_small_buf_release(midEntry->resp_buf);
87 #ifdef CONFIG_CIFS_STATS2
89 /* commands taking longer than one second are indications that
90 something is wrong, unless it is quite a slow link or server */
91 if ((now - midEntry->when_alloc) > HZ) {
92 if ((cifsFYI & CIFS_TIMER) &&
93 (midEntry->command != SMB_COM_LOCKING_ANDX)) {
94 printk(KERN_DEBUG " CIFS slow rsp: cmd %d mid %d",
95 midEntry->command, midEntry->mid);
96 printk(" A: 0x%lx S: 0x%lx R: 0x%lx\n",
97 now - midEntry->when_alloc,
98 now - midEntry->when_sent,
99 now - midEntry->when_received);
103 mempool_free(midEntry, cifs_mid_poolp);
106 struct oplock_q_entry *
107 AllocOplockQEntry(struct inode *pinode, __u16 fid, struct cifsTconInfo *tcon)
109 struct oplock_q_entry *temp;
110 if ((pinode == NULL) || (tcon == NULL)) {
111 cERROR(1, ("Null parms passed to AllocOplockQEntry"));
114 temp = (struct oplock_q_entry *) kmem_cache_alloc(cifs_oplock_cachep,
119 temp->pinode = pinode;
122 spin_lock(&GlobalMid_Lock);
123 list_add_tail(&temp->qhead, &GlobalOplock_Q);
124 spin_unlock(&GlobalMid_Lock);
130 void DeleteOplockQEntry(struct oplock_q_entry *oplockEntry)
132 spin_lock(&GlobalMid_Lock);
133 /* should we check if list empty first? */
134 list_del(&oplockEntry->qhead);
135 spin_unlock(&GlobalMid_Lock);
136 kmem_cache_free(cifs_oplock_cachep, oplockEntry);
140 void DeleteTconOplockQEntries(struct cifsTconInfo *tcon)
142 struct oplock_q_entry *temp;
147 spin_lock(&GlobalMid_Lock);
148 list_for_each_entry(temp, &GlobalOplock_Q, qhead) {
149 if ((temp->tcon) && (temp->tcon == tcon)) {
150 list_del(&temp->qhead);
151 kmem_cache_free(cifs_oplock_cachep, temp);
154 spin_unlock(&GlobalMid_Lock);
158 smb_send(struct socket *ssocket, struct smb_hdr *smb_buffer,
159 unsigned int smb_buf_length, struct sockaddr *sin, bool noblocksnd)
163 struct msghdr smb_msg;
165 unsigned len = smb_buf_length + 4;
168 return -ENOTSOCK; /* BB eventually add reconnect code here */
169 iov.iov_base = smb_buffer;
172 smb_msg.msg_name = sin;
173 smb_msg.msg_namelen = sizeof(struct sockaddr);
174 smb_msg.msg_control = NULL;
175 smb_msg.msg_controllen = 0;
177 smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
179 smb_msg.msg_flags = MSG_NOSIGNAL;
181 /* smb header is converted in header_assemble. bcc and rest of SMB word
182 area, and byte area if necessary, is converted to littleendian in
183 cifssmb.c and RFC1001 len is converted to bigendian in smb_send
184 Flags2 is converted in SendReceive */
186 smb_buffer->smb_buf_length = cpu_to_be32(smb_buffer->smb_buf_length);
187 cFYI(1, ("Sending smb of length %d", smb_buf_length));
188 dump_smb(smb_buffer, len);
191 rc = kernel_sendmsg(ssocket, &smb_msg, &iov, 1, len);
192 if ((rc == -ENOSPC) || (rc == -EAGAIN)) {
194 /* smaller timeout here than send2 since smaller size */
195 /* Although it may not be required, this also is smaller
199 ("sends on sock %p stuck for 7 seconds",
210 i = 0; /* reset i after each successful send */
217 cERROR(1, ("Error %d sending data on socket to server", rc));
222 /* Don't want to modify the buffer as a
223 side effect of this call. */
224 smb_buffer->smb_buf_length = smb_buf_length;
230 smb_send2(struct TCP_Server_Info *server, struct kvec *iov, int n_vec,
231 struct sockaddr *sin, bool noblocksnd)
235 struct msghdr smb_msg;
236 struct smb_hdr *smb_buffer = iov[0].iov_base;
237 unsigned int len = iov[0].iov_len;
238 unsigned int total_len;
240 unsigned int smb_buf_length = smb_buffer->smb_buf_length;
241 struct socket *ssocket = server->ssocket;
244 return -ENOTSOCK; /* BB eventually add reconnect code here */
246 smb_msg.msg_name = sin;
247 smb_msg.msg_namelen = sizeof(struct sockaddr);
248 smb_msg.msg_control = NULL;
249 smb_msg.msg_controllen = 0;
251 smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
253 smb_msg.msg_flags = MSG_NOSIGNAL;
255 /* smb header is converted in header_assemble. bcc and rest of SMB word
256 area, and byte area if necessary, is converted to littleendian in
257 cifssmb.c and RFC1001 len is converted to bigendian in smb_send
258 Flags2 is converted in SendReceive */
262 for (i = 0; i < n_vec; i++)
263 total_len += iov[i].iov_len;
265 smb_buffer->smb_buf_length = cpu_to_be32(smb_buffer->smb_buf_length);
266 cFYI(1, ("Sending smb: total_len %d", total_len));
267 dump_smb(smb_buffer, len);
271 rc = kernel_sendmsg(ssocket, &smb_msg, &iov[first_vec],
272 n_vec - first_vec, total_len);
273 if ((rc == -ENOSPC) || (rc == -EAGAIN)) {
277 ("sends on sock %p stuck for 15 seconds",
288 if (rc == total_len) {
291 } else if (rc > total_len) {
292 cERROR(1, ("sent %d requested %d", rc, total_len));
296 /* should never happen, letting socket clear before
297 retrying is our only obvious option here */
298 cERROR(1, ("tcp sent no data"));
303 /* the line below resets i */
304 for (i = first_vec; i < n_vec; i++) {
305 if (iov[i].iov_len) {
306 if (rc > iov[i].iov_len) {
307 rc -= iov[i].iov_len;
310 iov[i].iov_base += rc;
311 iov[i].iov_len -= rc;
317 i = 0; /* in case we get ENOSPC on the next send */
320 if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
321 cFYI(1, ("partial send (%d remaining), terminating session",
323 /* If we have only sent part of an SMB then the next SMB
324 could be taken as the remainder of this one. We need
325 to kill the socket so the server throws away the partial
327 server->tcpStatus = CifsNeedReconnect;
331 cERROR(1, ("Error %d sending data on socket to server", rc));
335 /* Don't want to modify the buffer as a
336 side effect of this call. */
337 smb_buffer->smb_buf_length = smb_buf_length;
342 static int wait_for_free_request(struct cifsSesInfo *ses, const int long_op)
344 if (long_op == CIFS_ASYNC_OP) {
345 /* oplock breaks must not be held up */
346 atomic_inc(&ses->server->inFlight);
348 spin_lock(&GlobalMid_Lock);
350 if (atomic_read(&ses->server->inFlight) >=
352 spin_unlock(&GlobalMid_Lock);
353 #ifdef CONFIG_CIFS_STATS2
354 atomic_inc(&ses->server->num_waiters);
356 wait_event(ses->server->request_q,
357 atomic_read(&ses->server->inFlight)
359 #ifdef CONFIG_CIFS_STATS2
360 atomic_dec(&ses->server->num_waiters);
362 spin_lock(&GlobalMid_Lock);
364 if (ses->server->tcpStatus == CifsExiting) {
365 spin_unlock(&GlobalMid_Lock);
369 /* can not count locking commands against total
370 as they are allowed to block on server */
372 /* update # of requests on the wire to server */
373 if (long_op != CIFS_BLOCKING_OP)
374 atomic_inc(&ses->server->inFlight);
375 spin_unlock(&GlobalMid_Lock);
383 static int allocate_mid(struct cifsSesInfo *ses, struct smb_hdr *in_buf,
384 struct mid_q_entry **ppmidQ)
386 if (ses->server->tcpStatus == CifsExiting) {
390 if (ses->server->tcpStatus == CifsNeedReconnect) {
391 cFYI(1, ("tcp session dead - return to caller to retry"));
395 if (ses->status != CifsGood) {
396 /* check if SMB session is bad because we are setting it up */
397 if ((in_buf->Command != SMB_COM_SESSION_SETUP_ANDX) &&
398 (in_buf->Command != SMB_COM_NEGOTIATE))
400 /* else ok - we are setting up session */
402 *ppmidQ = AllocMidQEntry(in_buf, ses->server);
408 static int wait_for_response(struct cifsSesInfo *ses,
409 struct mid_q_entry *midQ,
410 unsigned long timeout,
411 unsigned long time_to_wait)
413 unsigned long curr_timeout;
416 curr_timeout = timeout + jiffies;
417 wait_event_timeout(ses->server->response_q,
418 midQ->midState != MID_REQUEST_SUBMITTED, timeout);
420 if (time_after(jiffies, curr_timeout) &&
421 (midQ->midState == MID_REQUEST_SUBMITTED) &&
422 ((ses->server->tcpStatus == CifsGood) ||
423 (ses->server->tcpStatus == CifsNew))) {
427 /* We timed out. Is the server still
429 spin_lock(&GlobalMid_Lock);
430 lrt = ses->server->lstrp;
431 spin_unlock(&GlobalMid_Lock);
433 /* Calculate time_to_wait past last receive time.
434 Although we prefer not to time out if the
435 server is still responding - we will time
436 out if the server takes more than 15 (or 45
437 or 180) seconds to respond to this request
438 and has not responded to any request from
439 other threads on the client within 10 seconds */
441 if (time_after(jiffies, lrt)) {
442 /* No replies for time_to_wait. */
443 cERROR(1, ("server not responding"));
455 * Send an SMB Request. No response info (other than return code)
456 * needs to be parsed.
458 * flags indicate the type of request buffer and how long to wait
459 * and whether to log NT STATUS code (error) before mapping it to POSIX error
463 SendReceiveNoRsp(const unsigned int xid, struct cifsSesInfo *ses,
464 struct smb_hdr *in_buf, int flags)
470 iov[0].iov_base = (char *)in_buf;
471 iov[0].iov_len = in_buf->smb_buf_length + 4;
472 flags |= CIFS_NO_RESP;
473 rc = SendReceive2(xid, ses, iov, 1, &resp_buf_type, flags);
474 cFYI(DBG2, ("SendRcvNoRsp flags %d rc %d", flags, rc));
480 SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
481 struct kvec *iov, int n_vec, int *pRespBufType /* ret */,
486 unsigned int receive_len;
487 unsigned long timeout;
488 struct mid_q_entry *midQ;
489 struct smb_hdr *in_buf = iov[0].iov_base;
491 long_op = flags & CIFS_TIMEOUT_MASK;
493 *pRespBufType = CIFS_NO_BUFFER; /* no response buf yet */
495 if ((ses == NULL) || (ses->server == NULL)) {
496 cifs_small_buf_release(in_buf);
497 cERROR(1, ("Null session"));
501 if (ses->server->tcpStatus == CifsExiting) {
502 cifs_small_buf_release(in_buf);
506 /* Ensure that we do not send more than 50 overlapping requests
507 to the same server. We may make this configurable later or
510 rc = wait_for_free_request(ses, long_op);
512 cifs_small_buf_release(in_buf);
516 /* make sure that we sign in the same order that we send on this socket
517 and avoid races inside tcp sendmsg code that could cause corruption
520 mutex_lock(&ses->server->srv_mutex);
522 rc = allocate_mid(ses, in_buf, &midQ);
524 mutex_unlock(&ses->server->srv_mutex);
525 cifs_small_buf_release(in_buf);
526 /* Update # of requests on wire to server */
527 atomic_dec(&ses->server->inFlight);
528 wake_up(&ses->server->request_q);
531 rc = cifs_sign_smb2(iov, n_vec, ses->server, &midQ->sequence_number);
533 midQ->midState = MID_REQUEST_SUBMITTED;
534 #ifdef CONFIG_CIFS_STATS2
535 atomic_inc(&ses->server->inSend);
537 rc = smb_send2(ses->server, iov, n_vec,
538 (struct sockaddr *) &(ses->server->addr.sockAddr),
539 ses->server->noblocksnd);
540 #ifdef CONFIG_CIFS_STATS2
541 atomic_dec(&ses->server->inSend);
542 midQ->when_sent = jiffies;
545 mutex_unlock(&ses->server->srv_mutex);
546 cifs_small_buf_release(in_buf);
551 if (long_op == CIFS_STD_OP)
553 else if (long_op == CIFS_VLONG_OP) /* e.g. slow writes past EOF */
555 else if (long_op == CIFS_LONG_OP)
556 timeout = 45 * HZ; /* should be greater than
557 servers oplock break timeout (about 43 seconds) */
558 else if (long_op == CIFS_ASYNC_OP)
560 else if (long_op == CIFS_BLOCKING_OP)
561 timeout = 0x7FFFFFFF; /* large, but not so large as to wrap */
563 cERROR(1, ("unknown timeout flag %d", long_op));
568 /* wait for 15 seconds or until woken up due to response arriving or
569 due to last connection to this server being unmounted */
570 if (signal_pending(current)) {
571 /* if signal pending do not hold up user for full smb timeout
572 but we still give response a chance to complete */
576 /* No user interrupts in wait - wreaks havoc with performance */
577 wait_for_response(ses, midQ, timeout, 10 * HZ);
579 spin_lock(&GlobalMid_Lock);
580 if (midQ->resp_buf) {
581 spin_unlock(&GlobalMid_Lock);
582 receive_len = midQ->resp_buf->smb_buf_length;
584 cERROR(1, ("No response to cmd %d mid %d",
585 midQ->command, midQ->mid));
586 if (midQ->midState == MID_REQUEST_SUBMITTED) {
587 if (ses->server->tcpStatus == CifsExiting)
590 ses->server->tcpStatus = CifsNeedReconnect;
591 midQ->midState = MID_RETRY_NEEDED;
595 if (rc != -EHOSTDOWN) {
596 if (midQ->midState == MID_RETRY_NEEDED) {
598 cFYI(1, ("marking request for retry"));
603 spin_unlock(&GlobalMid_Lock);
604 DeleteMidQEntry(midQ);
605 /* Update # of requests on wire to server */
606 atomic_dec(&ses->server->inFlight);
607 wake_up(&ses->server->request_q);
611 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
612 cERROR(1, ("Frame too large received. Length: %d Xid: %d",
615 } else { /* rcvd frame is ok */
616 if (midQ->resp_buf &&
617 (midQ->midState == MID_RESPONSE_RECEIVED)) {
619 iov[0].iov_base = (char *)midQ->resp_buf;
621 *pRespBufType = CIFS_LARGE_BUFFER;
623 *pRespBufType = CIFS_SMALL_BUFFER;
624 iov[0].iov_len = receive_len + 4;
626 dump_smb(midQ->resp_buf, 80);
627 /* convert the length into a more usable form */
628 if ((receive_len > 24) &&
629 (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
630 SECMODE_SIGN_ENABLED))) {
631 rc = cifs_verify_signature(midQ->resp_buf,
632 &ses->server->mac_signing_key,
633 midQ->sequence_number+1);
635 cERROR(1, ("Unexpected SMB signature"));
636 /* BB FIXME add code to kill session */
640 /* BB special case reconnect tid and uid here? */
641 rc = map_smb_to_linux_error(midQ->resp_buf,
642 flags & CIFS_LOG_ERROR);
644 /* convert ByteCount if necessary */
645 if (receive_len >= sizeof(struct smb_hdr) - 4
646 /* do not count RFC1001 header */ +
647 (2 * midQ->resp_buf->WordCount) + 2 /* bcc */ )
648 BCC(midQ->resp_buf) =
649 le16_to_cpu(BCC_LE(midQ->resp_buf));
650 if ((flags & CIFS_NO_RESP) == 0)
651 midQ->resp_buf = NULL; /* mark it so buf will
656 cFYI(1, ("Bad MID state?"));
661 DeleteMidQEntry(midQ);
662 atomic_dec(&ses->server->inFlight);
663 wake_up(&ses->server->request_q);
669 SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
670 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
671 int *pbytes_returned, const int long_op)
674 unsigned int receive_len;
675 unsigned long timeout;
676 struct mid_q_entry *midQ;
679 cERROR(1, ("Null smb session"));
682 if (ses->server == NULL) {
683 cERROR(1, ("Null tcp session"));
687 if (ses->server->tcpStatus == CifsExiting)
690 /* Ensure that we do not send more than 50 overlapping requests
691 to the same server. We may make this configurable later or
694 if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
695 cERROR(1, ("Illegal length, greater than maximum frame, %d",
696 in_buf->smb_buf_length));
700 rc = wait_for_free_request(ses, long_op);
704 /* make sure that we sign in the same order that we send on this socket
705 and avoid races inside tcp sendmsg code that could cause corruption
708 mutex_lock(&ses->server->srv_mutex);
710 rc = allocate_mid(ses, in_buf, &midQ);
712 mutex_unlock(&ses->server->srv_mutex);
713 /* Update # of requests on wire to server */
714 atomic_dec(&ses->server->inFlight);
715 wake_up(&ses->server->request_q);
719 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
721 midQ->midState = MID_REQUEST_SUBMITTED;
722 #ifdef CONFIG_CIFS_STATS2
723 atomic_inc(&ses->server->inSend);
725 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
726 (struct sockaddr *) &(ses->server->addr.sockAddr),
727 ses->server->noblocksnd);
728 #ifdef CONFIG_CIFS_STATS2
729 atomic_dec(&ses->server->inSend);
730 midQ->when_sent = jiffies;
732 mutex_unlock(&ses->server->srv_mutex);
737 if (long_op == CIFS_STD_OP)
739 /* wait for 15 seconds or until woken up due to response arriving or
740 due to last connection to this server being unmounted */
741 else if (long_op == CIFS_ASYNC_OP)
743 else if (long_op == CIFS_VLONG_OP) /* writes past EOF can be slow */
745 else if (long_op == CIFS_LONG_OP)
746 timeout = 45 * HZ; /* should be greater than
747 servers oplock break timeout (about 43 seconds) */
748 else if (long_op == CIFS_BLOCKING_OP)
749 timeout = 0x7FFFFFFF; /* large but no so large as to wrap */
751 cERROR(1, ("unknown timeout flag %d", long_op));
756 if (signal_pending(current)) {
757 /* if signal pending do not hold up user for full smb timeout
758 but we still give response a chance to complete */
762 /* No user interrupts in wait - wreaks havoc with performance */
763 wait_for_response(ses, midQ, timeout, 10 * HZ);
765 spin_lock(&GlobalMid_Lock);
766 if (midQ->resp_buf) {
767 spin_unlock(&GlobalMid_Lock);
768 receive_len = midQ->resp_buf->smb_buf_length;
770 cERROR(1, ("No response for cmd %d mid %d",
771 midQ->command, midQ->mid));
772 if (midQ->midState == MID_REQUEST_SUBMITTED) {
773 if (ses->server->tcpStatus == CifsExiting)
776 ses->server->tcpStatus = CifsNeedReconnect;
777 midQ->midState = MID_RETRY_NEEDED;
781 if (rc != -EHOSTDOWN) {
782 if (midQ->midState == MID_RETRY_NEEDED) {
784 cFYI(1, ("marking request for retry"));
789 spin_unlock(&GlobalMid_Lock);
790 DeleteMidQEntry(midQ);
791 /* Update # of requests on wire to server */
792 atomic_dec(&ses->server->inFlight);
793 wake_up(&ses->server->request_q);
797 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
798 cERROR(1, ("Frame too large received. Length: %d Xid: %d",
801 } else { /* rcvd frame is ok */
803 if (midQ->resp_buf && out_buf
804 && (midQ->midState == MID_RESPONSE_RECEIVED)) {
805 out_buf->smb_buf_length = receive_len;
806 memcpy((char *)out_buf + 4,
807 (char *)midQ->resp_buf + 4,
810 dump_smb(out_buf, 92);
811 /* convert the length into a more usable form */
812 if ((receive_len > 24) &&
813 (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
814 SECMODE_SIGN_ENABLED))) {
815 rc = cifs_verify_signature(out_buf,
816 &ses->server->mac_signing_key,
817 midQ->sequence_number+1);
819 cERROR(1, ("Unexpected SMB signature"));
820 /* BB FIXME add code to kill session */
824 *pbytes_returned = out_buf->smb_buf_length;
826 /* BB special case reconnect tid and uid here? */
827 rc = map_smb_to_linux_error(out_buf, 0 /* no log */ );
829 /* convert ByteCount if necessary */
830 if (receive_len >= sizeof(struct smb_hdr) - 4
831 /* do not count RFC1001 header */ +
832 (2 * out_buf->WordCount) + 2 /* bcc */ )
833 BCC(out_buf) = le16_to_cpu(BCC_LE(out_buf));
836 cERROR(1, ("Bad MID state?"));
841 DeleteMidQEntry(midQ);
842 atomic_dec(&ses->server->inFlight);
843 wake_up(&ses->server->request_q);
848 /* Send an NT_CANCEL SMB to cause the POSIX blocking lock to return. */
851 send_nt_cancel(struct cifsTconInfo *tcon, struct smb_hdr *in_buf,
852 struct mid_q_entry *midQ)
855 struct cifsSesInfo *ses = tcon->ses;
856 __u16 mid = in_buf->Mid;
858 header_assemble(in_buf, SMB_COM_NT_CANCEL, tcon, 0);
860 mutex_lock(&ses->server->srv_mutex);
861 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
863 mutex_unlock(&ses->server->srv_mutex);
866 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
867 (struct sockaddr *) &(ses->server->addr.sockAddr),
868 ses->server->noblocksnd);
869 mutex_unlock(&ses->server->srv_mutex);
873 /* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
874 blocking lock to return. */
877 send_lock_cancel(const unsigned int xid, struct cifsTconInfo *tcon,
878 struct smb_hdr *in_buf,
879 struct smb_hdr *out_buf)
882 struct cifsSesInfo *ses = tcon->ses;
883 LOCK_REQ *pSMB = (LOCK_REQ *)in_buf;
885 /* We just modify the current in_buf to change
886 the type of lock from LOCKING_ANDX_SHARED_LOCK
887 or LOCKING_ANDX_EXCLUSIVE_LOCK to
888 LOCKING_ANDX_CANCEL_LOCK. */
890 pSMB->LockType = LOCKING_ANDX_CANCEL_LOCK|LOCKING_ANDX_LARGE_FILES;
892 pSMB->hdr.Mid = GetNextMid(ses->server);
894 return SendReceive(xid, ses, in_buf, out_buf,
895 &bytes_returned, CIFS_STD_OP);
899 SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
900 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
901 int *pbytes_returned)
905 unsigned int receive_len;
906 struct mid_q_entry *midQ;
907 struct cifsSesInfo *ses;
909 if (tcon == NULL || tcon->ses == NULL) {
910 cERROR(1, ("Null smb session"));
915 if (ses->server == NULL) {
916 cERROR(1, ("Null tcp session"));
920 if (ses->server->tcpStatus == CifsExiting)
923 /* Ensure that we do not send more than 50 overlapping requests
924 to the same server. We may make this configurable later or
927 if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
928 cERROR(1, ("Illegal length, greater than maximum frame, %d",
929 in_buf->smb_buf_length));
933 rc = wait_for_free_request(ses, CIFS_BLOCKING_OP);
937 /* make sure that we sign in the same order that we send on this socket
938 and avoid races inside tcp sendmsg code that could cause corruption
941 mutex_lock(&ses->server->srv_mutex);
943 rc = allocate_mid(ses, in_buf, &midQ);
945 mutex_unlock(&ses->server->srv_mutex);
949 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
951 midQ->midState = MID_REQUEST_SUBMITTED;
952 #ifdef CONFIG_CIFS_STATS2
953 atomic_inc(&ses->server->inSend);
955 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
956 (struct sockaddr *) &(ses->server->addr.sockAddr),
957 ses->server->noblocksnd);
958 #ifdef CONFIG_CIFS_STATS2
959 atomic_dec(&ses->server->inSend);
960 midQ->when_sent = jiffies;
962 mutex_unlock(&ses->server->srv_mutex);
965 DeleteMidQEntry(midQ);
969 /* Wait for a reply - allow signals to interrupt. */
970 rc = wait_event_interruptible(ses->server->response_q,
971 (!(midQ->midState == MID_REQUEST_SUBMITTED)) ||
972 ((ses->server->tcpStatus != CifsGood) &&
973 (ses->server->tcpStatus != CifsNew)));
975 /* Were we interrupted by a signal ? */
976 if ((rc == -ERESTARTSYS) &&
977 (midQ->midState == MID_REQUEST_SUBMITTED) &&
978 ((ses->server->tcpStatus == CifsGood) ||
979 (ses->server->tcpStatus == CifsNew))) {
981 if (in_buf->Command == SMB_COM_TRANSACTION2) {
982 /* POSIX lock. We send a NT_CANCEL SMB to cause the
983 blocking lock to return. */
985 rc = send_nt_cancel(tcon, in_buf, midQ);
987 DeleteMidQEntry(midQ);
991 /* Windows lock. We send a LOCKINGX_CANCEL_LOCK
992 to cause the blocking lock to return. */
994 rc = send_lock_cancel(xid, tcon, in_buf, out_buf);
996 /* If we get -ENOLCK back the lock may have
997 already been removed. Don't exit in this case. */
998 if (rc && rc != -ENOLCK) {
999 DeleteMidQEntry(midQ);
1004 /* Wait 5 seconds for the response. */
1005 if (wait_for_response(ses, midQ, 5 * HZ, 5 * HZ) == 0) {
1006 /* We got the response - restart system call. */
1011 spin_lock(&GlobalMid_Lock);
1012 if (midQ->resp_buf) {
1013 spin_unlock(&GlobalMid_Lock);
1014 receive_len = midQ->resp_buf->smb_buf_length;
1016 cERROR(1, ("No response for cmd %d mid %d",
1017 midQ->command, midQ->mid));
1018 if (midQ->midState == MID_REQUEST_SUBMITTED) {
1019 if (ses->server->tcpStatus == CifsExiting)
1022 ses->server->tcpStatus = CifsNeedReconnect;
1023 midQ->midState = MID_RETRY_NEEDED;
1027 if (rc != -EHOSTDOWN) {
1028 if (midQ->midState == MID_RETRY_NEEDED) {
1030 cFYI(1, ("marking request for retry"));
1035 spin_unlock(&GlobalMid_Lock);
1036 DeleteMidQEntry(midQ);
1040 if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) {
1041 cERROR(1, ("Frame too large received. Length: %d Xid: %d",
1044 } else { /* rcvd frame is ok */
1046 if (midQ->resp_buf && out_buf
1047 && (midQ->midState == MID_RESPONSE_RECEIVED)) {
1048 out_buf->smb_buf_length = receive_len;
1049 memcpy((char *)out_buf + 4,
1050 (char *)midQ->resp_buf + 4,
1053 dump_smb(out_buf, 92);
1054 /* convert the length into a more usable form */
1055 if ((receive_len > 24) &&
1056 (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
1057 SECMODE_SIGN_ENABLED))) {
1058 rc = cifs_verify_signature(out_buf,
1059 &ses->server->mac_signing_key,
1060 midQ->sequence_number+1);
1062 cERROR(1, ("Unexpected SMB signature"));
1063 /* BB FIXME add code to kill session */
1067 *pbytes_returned = out_buf->smb_buf_length;
1069 /* BB special case reconnect tid and uid here? */
1070 rc = map_smb_to_linux_error(out_buf, 0 /* no log */ );
1072 /* convert ByteCount if necessary */
1073 if (receive_len >= sizeof(struct smb_hdr) - 4
1074 /* do not count RFC1001 header */ +
1075 (2 * out_buf->WordCount) + 2 /* bcc */ )
1076 BCC(out_buf) = le16_to_cpu(BCC_LE(out_buf));
1079 cERROR(1, ("Bad MID state?"));
1082 DeleteMidQEntry(midQ);
1083 if (rstart && rc == -EACCES)
1084 return -ERESTARTSYS;