1 /*
2  *   fs/cifs/misc.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2008
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 
22 #include <linux/slab.h>
23 #include <linux/ctype.h>
24 #include <linux/mempool.h>
25 #include "cifspdu.h"
26 #include "cifsglob.h"
27 #include "cifsproto.h"
28 #include "cifs_debug.h"
29 #include "smberr.h"
30 #include "nterr.h"
31 #include "cifs_unicode.h"
32 
33 extern mempool_t *cifs_sm_req_poolp;
34 extern mempool_t *cifs_req_poolp;
35 
36 /* The xid serves as a useful identifier for each incoming vfs request,
37    in a similar way to the mid which is useful to track each sent smb,
38    and CurrentXid can also provide a running counter (although it
39    will eventually wrap past zero) of the total vfs operations handled
40    since the cifs fs was mounted */
41 
42 unsigned int
_GetXid(void)43 _GetXid(void)
44 {
45 	unsigned int xid;
46 
47 	spin_lock(&GlobalMid_Lock);
48 	GlobalTotalActiveXid++;
49 
50 	/* keep high water mark for number of simultaneous ops in filesystem */
51 	if (GlobalTotalActiveXid > GlobalMaxActiveXid)
52 		GlobalMaxActiveXid = GlobalTotalActiveXid;
53 	if (GlobalTotalActiveXid > 65000)
54 		cFYI(1, "warning: more than 65000 requests active");
55 	xid = GlobalCurrentXid++;
56 	spin_unlock(&GlobalMid_Lock);
57 	return xid;
58 }
59 
60 void
_FreeXid(unsigned int xid)61 _FreeXid(unsigned int xid)
62 {
63 	spin_lock(&GlobalMid_Lock);
64 	/* if (GlobalTotalActiveXid == 0)
65 		BUG(); */
66 	GlobalTotalActiveXid--;
67 	spin_unlock(&GlobalMid_Lock);
68 }
69 
70 struct cifs_ses *
sesInfoAlloc(void)71 sesInfoAlloc(void)
72 {
73 	struct cifs_ses *ret_buf;
74 
75 	ret_buf = kzalloc(sizeof(struct cifs_ses), GFP_KERNEL);
76 	if (ret_buf) {
77 		atomic_inc(&sesInfoAllocCount);
78 		ret_buf->status = CifsNew;
79 		++ret_buf->ses_count;
80 		INIT_LIST_HEAD(&ret_buf->smb_ses_list);
81 		INIT_LIST_HEAD(&ret_buf->tcon_list);
82 		mutex_init(&ret_buf->session_mutex);
83 	}
84 	return ret_buf;
85 }
86 
87 void
sesInfoFree(struct cifs_ses * buf_to_free)88 sesInfoFree(struct cifs_ses *buf_to_free)
89 {
90 	if (buf_to_free == NULL) {
91 		cFYI(1, "Null buffer passed to sesInfoFree");
92 		return;
93 	}
94 
95 	atomic_dec(&sesInfoAllocCount);
96 	kfree(buf_to_free->serverOS);
97 	kfree(buf_to_free->serverDomain);
98 	kfree(buf_to_free->serverNOS);
99 	if (buf_to_free->password) {
100 		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
101 		kfree(buf_to_free->password);
102 	}
103 	kfree(buf_to_free->user_name);
104 	kfree(buf_to_free->domainName);
105 	kfree(buf_to_free);
106 }
107 
108 struct cifs_tcon *
tconInfoAlloc(void)109 tconInfoAlloc(void)
110 {
111 	struct cifs_tcon *ret_buf;
112 	ret_buf = kzalloc(sizeof(struct cifs_tcon), GFP_KERNEL);
113 	if (ret_buf) {
114 		atomic_inc(&tconInfoAllocCount);
115 		ret_buf->tidStatus = CifsNew;
116 		++ret_buf->tc_count;
117 		INIT_LIST_HEAD(&ret_buf->openFileList);
118 		INIT_LIST_HEAD(&ret_buf->tcon_list);
119 #ifdef CONFIG_CIFS_STATS
120 		spin_lock_init(&ret_buf->stat_lock);
121 #endif
122 	}
123 	return ret_buf;
124 }
125 
126 void
tconInfoFree(struct cifs_tcon * buf_to_free)127 tconInfoFree(struct cifs_tcon *buf_to_free)
128 {
129 	if (buf_to_free == NULL) {
130 		cFYI(1, "Null buffer passed to tconInfoFree");
131 		return;
132 	}
133 	atomic_dec(&tconInfoAllocCount);
134 	kfree(buf_to_free->nativeFileSystem);
135 	if (buf_to_free->password) {
136 		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
137 		kfree(buf_to_free->password);
138 	}
139 	kfree(buf_to_free);
140 }
141 
142 struct smb_hdr *
cifs_buf_get(void)143 cifs_buf_get(void)
144 {
145 	struct smb_hdr *ret_buf = NULL;
146 
147 /* We could use negotiated size instead of max_msgsize -
148    but it may be more efficient to always alloc same size
149    albeit slightly larger than necessary and maxbuffersize
150    defaults to this and can not be bigger */
151 	ret_buf = mempool_alloc(cifs_req_poolp, GFP_NOFS);
152 
153 	/* clear the first few header bytes */
154 	/* for most paths, more is cleared in header_assemble */
155 	if (ret_buf) {
156 		memset(ret_buf, 0, sizeof(struct smb_hdr) + 3);
157 		atomic_inc(&bufAllocCount);
158 #ifdef CONFIG_CIFS_STATS2
159 		atomic_inc(&totBufAllocCount);
160 #endif /* CONFIG_CIFS_STATS2 */
161 	}
162 
163 	return ret_buf;
164 }
165 
166 void
cifs_buf_release(void * buf_to_free)167 cifs_buf_release(void *buf_to_free)
168 {
169 	if (buf_to_free == NULL) {
170 		/* cFYI(1, "Null buffer passed to cifs_buf_release");*/
171 		return;
172 	}
173 	mempool_free(buf_to_free, cifs_req_poolp);
174 
175 	atomic_dec(&bufAllocCount);
176 	return;
177 }
178 
179 struct smb_hdr *
cifs_small_buf_get(void)180 cifs_small_buf_get(void)
181 {
182 	struct smb_hdr *ret_buf = NULL;
183 
184 /* We could use negotiated size instead of max_msgsize -
185    but it may be more efficient to always alloc same size
186    albeit slightly larger than necessary and maxbuffersize
187    defaults to this and can not be bigger */
188 	ret_buf = mempool_alloc(cifs_sm_req_poolp, GFP_NOFS);
189 	if (ret_buf) {
190 	/* No need to clear memory here, cleared in header assemble */
191 	/*	memset(ret_buf, 0, sizeof(struct smb_hdr) + 27);*/
192 		atomic_inc(&smBufAllocCount);
193 #ifdef CONFIG_CIFS_STATS2
194 		atomic_inc(&totSmBufAllocCount);
195 #endif /* CONFIG_CIFS_STATS2 */
196 
197 	}
198 	return ret_buf;
199 }
200 
201 void
cifs_small_buf_release(void * buf_to_free)202 cifs_small_buf_release(void *buf_to_free)
203 {
204 
205 	if (buf_to_free == NULL) {
206 		cFYI(1, "Null buffer passed to cifs_small_buf_release");
207 		return;
208 	}
209 	mempool_free(buf_to_free, cifs_sm_req_poolp);
210 
211 	atomic_dec(&smBufAllocCount);
212 	return;
213 }
214 
215 /*
216  * Find a free multiplex id (SMB mid). Otherwise there could be
217  * mid collisions which might cause problems, demultiplexing the
218  * wrong response to this request. Multiplex ids could collide if
219  * one of a series requests takes much longer than the others, or
220  * if a very large number of long lived requests (byte range
221  * locks or FindNotify requests) are pending. No more than
222  * 64K-1 requests can be outstanding at one time. If no
223  * mids are available, return zero. A future optimization
224  * could make the combination of mids and uid the key we use
225  * to demultiplex on (rather than mid alone).
226  * In addition to the above check, the cifs demultiplex
227  * code already used the command code as a secondary
228  * check of the frame and if signing is negotiated the
229  * response would be discarded if the mid were the same
230  * but the signature was wrong. Since the mid is not put in the
231  * pending queue until later (when it is about to be dispatched)
232  * we do have to limit the number of outstanding requests
233  * to somewhat less than 64K-1 although it is hard to imagine
234  * so many threads being in the vfs at one time.
235  */
GetNextMid(struct TCP_Server_Info * server)236 __u64 GetNextMid(struct TCP_Server_Info *server)
237 {
238 	__u64 mid = 0;
239 	__u16 last_mid, cur_mid;
240 	bool collision;
241 
242 	spin_lock(&GlobalMid_Lock);
243 
244 	/* mid is 16 bit only for CIFS/SMB */
245 	cur_mid = (__u16)((server->CurrentMid) & 0xffff);
246 	/* we do not want to loop forever */
247 	last_mid = cur_mid;
248 	cur_mid++;
249 
250 	/*
251 	 * This nested loop looks more expensive than it is.
252 	 * In practice the list of pending requests is short,
253 	 * fewer than 50, and the mids are likely to be unique
254 	 * on the first pass through the loop unless some request
255 	 * takes longer than the 64 thousand requests before it
256 	 * (and it would also have to have been a request that
257 	 * did not time out).
258 	 */
259 	while (cur_mid != last_mid) {
260 		struct mid_q_entry *mid_entry;
261 		unsigned int num_mids;
262 
263 		collision = false;
264 		if (cur_mid == 0)
265 			cur_mid++;
266 
267 		num_mids = 0;
268 		list_for_each_entry(mid_entry, &server->pending_mid_q, qhead) {
269 			++num_mids;
270 			if (mid_entry->mid == cur_mid &&
271 			    mid_entry->mid_state == MID_REQUEST_SUBMITTED) {
272 				/* This mid is in use, try a different one */
273 				collision = true;
274 				break;
275 			}
276 		}
277 
278 		/*
279 		 * if we have more than 32k mids in the list, then something
280 		 * is very wrong. Possibly a local user is trying to DoS the
281 		 * box by issuing long-running calls and SIGKILL'ing them. If
282 		 * we get to 2^16 mids then we're in big trouble as this
283 		 * function could loop forever.
284 		 *
285 		 * Go ahead and assign out the mid in this situation, but force
286 		 * an eventual reconnect to clean out the pending_mid_q.
287 		 */
288 		if (num_mids > 32768)
289 			server->tcpStatus = CifsNeedReconnect;
290 
291 		if (!collision) {
292 			mid = (__u64)cur_mid;
293 			server->CurrentMid = mid;
294 			break;
295 		}
296 		cur_mid++;
297 	}
298 	spin_unlock(&GlobalMid_Lock);
299 	return mid;
300 }
301 
302 /* NB: MID can not be set if treeCon not passed in, in that
303    case it is responsbility of caller to set the mid */
304 void
header_assemble(struct smb_hdr * buffer,char smb_command,const struct cifs_tcon * treeCon,int word_count)305 header_assemble(struct smb_hdr *buffer, char smb_command /* command */ ,
306 		const struct cifs_tcon *treeCon, int word_count
307 		/* length of fixed section (word count) in two byte units  */)
308 {
309 	struct list_head *temp_item;
310 	struct cifs_ses *ses;
311 	char *temp = (char *) buffer;
312 
313 	memset(temp, 0, 256); /* bigger than MAX_CIFS_HDR_SIZE */
314 
315 	buffer->smb_buf_length = cpu_to_be32(
316 	    (2 * word_count) + sizeof(struct smb_hdr) -
317 	    4 /*  RFC 1001 length field does not count */  +
318 	    2 /* for bcc field itself */) ;
319 
320 	buffer->Protocol[0] = 0xFF;
321 	buffer->Protocol[1] = 'S';
322 	buffer->Protocol[2] = 'M';
323 	buffer->Protocol[3] = 'B';
324 	buffer->Command = smb_command;
325 	buffer->Flags = 0x00;	/* case sensitive */
326 	buffer->Flags2 = SMBFLG2_KNOWS_LONG_NAMES;
327 	buffer->Pid = cpu_to_le16((__u16)current->tgid);
328 	buffer->PidHigh = cpu_to_le16((__u16)(current->tgid >> 16));
329 	if (treeCon) {
330 		buffer->Tid = treeCon->tid;
331 		if (treeCon->ses) {
332 			if (treeCon->ses->capabilities & CAP_UNICODE)
333 				buffer->Flags2 |= SMBFLG2_UNICODE;
334 			if (treeCon->ses->capabilities & CAP_STATUS32)
335 				buffer->Flags2 |= SMBFLG2_ERR_STATUS;
336 
337 			/* Uid is not converted */
338 			buffer->Uid = treeCon->ses->Suid;
339 			buffer->Mid = GetNextMid(treeCon->ses->server);
340 			if (multiuser_mount != 0) {
341 		/* For the multiuser case, there are few obvious technically  */
342 		/* possible mechanisms to match the local linux user (uid)    */
343 		/* to a valid remote smb user (smb_uid):		      */
344 		/* 	1) Query Winbind (or other local pam/nss daemon       */
345 		/* 	  for userid/password/logon_domain or credential      */
346 		/*      2) Query Winbind for uid to sid to username mapping   */
347 		/* 	   and see if we have a matching password for existing*/
348 		/*         session for that user perhas getting password by   */
349 		/*         adding a new pam_cifs module that stores passwords */
350 		/*         so that the cifs vfs can get at that for all logged*/
351 		/*	   on users					      */
352 		/*	3) (Which is the mechanism we have chosen)	      */
353 		/*	   Search through sessions to the same server for a   */
354 		/*	   a match on the uid that was passed in on mount     */
355 		/*         with the current processes uid (or euid?) and use  */
356 		/* 	   that smb uid.   If no existing smb session for     */
357 		/* 	   that uid found, use the default smb session ie     */
358 		/*         the smb session for the volume mounted which is    */
359 		/* 	   the same as would be used if the multiuser mount   */
360 		/* 	   flag were disabled.  */
361 
362 		/*  BB Add support for establishing new tCon and SMB Session  */
363 		/*      with userid/password pairs found on the smb session   */
364 		/*	for other target tcp/ip addresses 		BB    */
365 				if (current_fsuid() != treeCon->ses->linux_uid) {
366 					cFYI(1, "Multiuser mode and UID "
367 						 "did not match tcon uid");
368 					spin_lock(&cifs_tcp_ses_lock);
369 					list_for_each(temp_item, &treeCon->ses->server->smb_ses_list) {
370 						ses = list_entry(temp_item, struct cifs_ses, smb_ses_list);
371 						if (ses->linux_uid == current_fsuid()) {
372 							if (ses->server == treeCon->ses->server) {
373 								cFYI(1, "found matching uid substitute right smb_uid");
374 								buffer->Uid = ses->Suid;
375 								break;
376 							} else {
377 				/* BB eventually call cifs_setup_session here */
378 								cFYI(1, "local UID found but no smb sess with this server exists");
379 							}
380 						}
381 					}
382 					spin_unlock(&cifs_tcp_ses_lock);
383 				}
384 			}
385 		}
386 		if (treeCon->Flags & SMB_SHARE_IS_IN_DFS)
387 			buffer->Flags2 |= SMBFLG2_DFS;
388 		if (treeCon->nocase)
389 			buffer->Flags  |= SMBFLG_CASELESS;
390 		if ((treeCon->ses) && (treeCon->ses->server))
391 			if (treeCon->ses->server->sec_mode &
392 			  (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
393 				buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
394 	}
395 
396 /*  endian conversion of flags is now done just before sending */
397 	buffer->WordCount = (char) word_count;
398 	return;
399 }
400 
401 static int
check_smb_hdr(struct smb_hdr * smb,__u16 mid)402 check_smb_hdr(struct smb_hdr *smb, __u16 mid)
403 {
404 	/* does it have the right SMB "signature" ? */
405 	if (*(__le32 *) smb->Protocol != cpu_to_le32(0x424d53ff)) {
406 		cERROR(1, "Bad protocol string signature header 0x%x",
407 			*(unsigned int *)smb->Protocol);
408 		return 1;
409 	}
410 
411 	/* Make sure that message ids match */
412 	if (mid != smb->Mid) {
413 		cERROR(1, "Mids do not match. received=%u expected=%u",
414 			smb->Mid, mid);
415 		return 1;
416 	}
417 
418 	/* if it's a response then accept */
419 	if (smb->Flags & SMBFLG_RESPONSE)
420 		return 0;
421 
422 	/* only one valid case where server sends us request */
423 	if (smb->Command == SMB_COM_LOCKING_ANDX)
424 		return 0;
425 
426 	cERROR(1, "Server sent request, not response. mid=%u", smb->Mid);
427 	return 1;
428 }
429 
430 int
checkSMB(char * buf,unsigned int total_read)431 checkSMB(char *buf, unsigned int total_read)
432 {
433 	struct smb_hdr *smb = (struct smb_hdr *)buf;
434 	__u16 mid = smb->Mid;
435 	__u32 rfclen = be32_to_cpu(smb->smb_buf_length);
436 	__u32 clc_len;  /* calculated length */
437 	cFYI(0, "checkSMB Length: 0x%x, smb_buf_length: 0x%x",
438 		total_read, rfclen);
439 
440 	/* is this frame too small to even get to a BCC? */
441 	if (total_read < 2 + sizeof(struct smb_hdr)) {
442 		if ((total_read >= sizeof(struct smb_hdr) - 1)
443 			    && (smb->Status.CifsError != 0)) {
444 			/* it's an error return */
445 			smb->WordCount = 0;
446 			/* some error cases do not return wct and bcc */
447 			return 0;
448 		} else if ((total_read == sizeof(struct smb_hdr) + 1) &&
449 				(smb->WordCount == 0)) {
450 			char *tmp = (char *)smb;
451 			/* Need to work around a bug in two servers here */
452 			/* First, check if the part of bcc they sent was zero */
453 			if (tmp[sizeof(struct smb_hdr)] == 0) {
454 				/* some servers return only half of bcc
455 				 * on simple responses (wct, bcc both zero)
456 				 * in particular have seen this on
457 				 * ulogoffX and FindClose. This leaves
458 				 * one byte of bcc potentially unitialized
459 				 */
460 				/* zero rest of bcc */
461 				tmp[sizeof(struct smb_hdr)+1] = 0;
462 				return 0;
463 			}
464 			cERROR(1, "rcvd invalid byte count (bcc)");
465 		} else {
466 			cERROR(1, "Length less than smb header size");
467 		}
468 		return -EIO;
469 	}
470 
471 	/* otherwise, there is enough to get to the BCC */
472 	if (check_smb_hdr(smb, mid))
473 		return -EIO;
474 	clc_len = smbCalcSize(smb);
475 
476 	if (4 + rfclen != total_read) {
477 		cERROR(1, "Length read does not match RFC1001 length %d",
478 				rfclen);
479 		return -EIO;
480 	}
481 
482 	if (4 + rfclen != clc_len) {
483 		/* check if bcc wrapped around for large read responses */
484 		if ((rfclen > 64 * 1024) && (rfclen > clc_len)) {
485 			/* check if lengths match mod 64K */
486 			if (((4 + rfclen) & 0xFFFF) == (clc_len & 0xFFFF))
487 				return 0; /* bcc wrapped */
488 		}
489 		cFYI(1, "Calculated size %u vs length %u mismatch for mid=%u",
490 				clc_len, 4 + rfclen, smb->Mid);
491 
492 		if (4 + rfclen < clc_len) {
493 			cERROR(1, "RFC1001 size %u smaller than SMB for mid=%u",
494 					rfclen, smb->Mid);
495 			return -EIO;
496 		} else if (rfclen > clc_len + 512) {
497 			/*
498 			 * Some servers (Windows XP in particular) send more
499 			 * data than the lengths in the SMB packet would
500 			 * indicate on certain calls (byte range locks and
501 			 * trans2 find first calls in particular). While the
502 			 * client can handle such a frame by ignoring the
503 			 * trailing data, we choose limit the amount of extra
504 			 * data to 512 bytes.
505 			 */
506 			cERROR(1, "RFC1001 size %u more than 512 bytes larger "
507 				  "than SMB for mid=%u", rfclen, smb->Mid);
508 			return -EIO;
509 		}
510 	}
511 	return 0;
512 }
513 
514 bool
is_valid_oplock_break(char * buffer,struct TCP_Server_Info * srv)515 is_valid_oplock_break(char *buffer, struct TCP_Server_Info *srv)
516 {
517 	struct smb_hdr *buf = (struct smb_hdr *)buffer;
518 	struct smb_com_lock_req *pSMB = (struct smb_com_lock_req *)buf;
519 	struct list_head *tmp, *tmp1, *tmp2;
520 	struct cifs_ses *ses;
521 	struct cifs_tcon *tcon;
522 	struct cifsInodeInfo *pCifsInode;
523 	struct cifsFileInfo *netfile;
524 
525 	cFYI(1, "Checking for oplock break or dnotify response");
526 	if ((pSMB->hdr.Command == SMB_COM_NT_TRANSACT) &&
527 	   (pSMB->hdr.Flags & SMBFLG_RESPONSE)) {
528 		struct smb_com_transaction_change_notify_rsp *pSMBr =
529 			(struct smb_com_transaction_change_notify_rsp *)buf;
530 		struct file_notify_information *pnotify;
531 		__u32 data_offset = 0;
532 		if (get_bcc(buf) > sizeof(struct file_notify_information)) {
533 			data_offset = le32_to_cpu(pSMBr->DataOffset);
534 
535 			pnotify = (struct file_notify_information *)
536 				((char *)&pSMBr->hdr.Protocol + data_offset);
537 			cFYI(1, "dnotify on %s Action: 0x%x",
538 				 pnotify->FileName, pnotify->Action);
539 			/*   cifs_dump_mem("Rcvd notify Data: ",buf,
540 				sizeof(struct smb_hdr)+60); */
541 			return true;
542 		}
543 		if (pSMBr->hdr.Status.CifsError) {
544 			cFYI(1, "notify err 0x%d",
545 				pSMBr->hdr.Status.CifsError);
546 			return true;
547 		}
548 		return false;
549 	}
550 	if (pSMB->hdr.Command != SMB_COM_LOCKING_ANDX)
551 		return false;
552 	if (pSMB->hdr.Flags & SMBFLG_RESPONSE) {
553 		/* no sense logging error on invalid handle on oplock
554 		   break - harmless race between close request and oplock
555 		   break response is expected from time to time writing out
556 		   large dirty files cached on the client */
557 		if ((NT_STATUS_INVALID_HANDLE) ==
558 		   le32_to_cpu(pSMB->hdr.Status.CifsError)) {
559 			cFYI(1, "invalid handle on oplock break");
560 			return true;
561 		} else if (ERRbadfid ==
562 		   le16_to_cpu(pSMB->hdr.Status.DosError.Error)) {
563 			return true;
564 		} else {
565 			return false; /* on valid oplock brk we get "request" */
566 		}
567 	}
568 	if (pSMB->hdr.WordCount != 8)
569 		return false;
570 
571 	cFYI(1, "oplock type 0x%d level 0x%d",
572 		 pSMB->LockType, pSMB->OplockLevel);
573 	if (!(pSMB->LockType & LOCKING_ANDX_OPLOCK_RELEASE))
574 		return false;
575 
576 	/* look up tcon based on tid & uid */
577 	spin_lock(&cifs_tcp_ses_lock);
578 	list_for_each(tmp, &srv->smb_ses_list) {
579 		ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
580 		list_for_each(tmp1, &ses->tcon_list) {
581 			tcon = list_entry(tmp1, struct cifs_tcon, tcon_list);
582 			if (tcon->tid != buf->Tid)
583 				continue;
584 
585 			cifs_stats_inc(&tcon->num_oplock_brks);
586 			spin_lock(&cifs_file_list_lock);
587 			list_for_each(tmp2, &tcon->openFileList) {
588 				netfile = list_entry(tmp2, struct cifsFileInfo,
589 						     tlist);
590 				if (pSMB->Fid != netfile->netfid)
591 					continue;
592 
593 				cFYI(1, "file id match, oplock break");
594 				pCifsInode = CIFS_I(netfile->dentry->d_inode);
595 
596 				cifs_set_oplock_level(pCifsInode,
597 					pSMB->OplockLevel ? OPLOCK_READ : 0);
598 				queue_work(cifsiod_wq,
599 					   &netfile->oplock_break);
600 				netfile->oplock_break_cancelled = false;
601 
602 				spin_unlock(&cifs_file_list_lock);
603 				spin_unlock(&cifs_tcp_ses_lock);
604 				return true;
605 			}
606 			spin_unlock(&cifs_file_list_lock);
607 			spin_unlock(&cifs_tcp_ses_lock);
608 			cFYI(1, "No matching file for oplock break");
609 			return true;
610 		}
611 	}
612 	spin_unlock(&cifs_tcp_ses_lock);
613 	cFYI(1, "Can not process oplock break for non-existent connection");
614 	return true;
615 }
616 
617 void
dump_smb(void * buf,int smb_buf_length)618 dump_smb(void *buf, int smb_buf_length)
619 {
620 	int i, j;
621 	char debug_line[17];
622 	unsigned char *buffer = buf;
623 
624 	if (traceSMB == 0)
625 		return;
626 
627 	for (i = 0, j = 0; i < smb_buf_length; i++, j++) {
628 		if (i % 8 == 0) {
629 			/* have reached the beginning of line */
630 			printk(KERN_DEBUG "| ");
631 			j = 0;
632 		}
633 		printk("%0#4x ", buffer[i]);
634 		debug_line[2 * j] = ' ';
635 		if (isprint(buffer[i]))
636 			debug_line[1 + (2 * j)] = buffer[i];
637 		else
638 			debug_line[1 + (2 * j)] = '_';
639 
640 		if (i % 8 == 7) {
641 			/* reached end of line, time to print ascii */
642 			debug_line[16] = 0;
643 			printk(" | %s\n", debug_line);
644 		}
645 	}
646 	for (; j < 8; j++) {
647 		printk("     ");
648 		debug_line[2 * j] = ' ';
649 		debug_line[1 + (2 * j)] = ' ';
650 	}
651 	printk(" | %s\n", debug_line);
652 	return;
653 }
654 
655 void
cifs_autodisable_serverino(struct cifs_sb_info * cifs_sb)656 cifs_autodisable_serverino(struct cifs_sb_info *cifs_sb)
657 {
658 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SERVER_INUM) {
659 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
660 		cERROR(1, "Autodisabling the use of server inode numbers on "
661 			   "%s. This server doesn't seem to support them "
662 			   "properly. Hardlinks will not be recognized on this "
663 			   "mount. Consider mounting with the \"noserverino\" "
664 			   "option to silence this message.",
665 			   cifs_sb_master_tcon(cifs_sb)->treeName);
666 	}
667 }
668 
cifs_set_oplock_level(struct cifsInodeInfo * cinode,__u32 oplock)669 void cifs_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock)
670 {
671 	oplock &= 0xF;
672 
673 	if (oplock == OPLOCK_EXCLUSIVE) {
674 		cinode->clientCanCacheAll = true;
675 		cinode->clientCanCacheRead = true;
676 		cFYI(1, "Exclusive Oplock granted on inode %p",
677 		     &cinode->vfs_inode);
678 	} else if (oplock == OPLOCK_READ) {
679 		cinode->clientCanCacheAll = false;
680 		cinode->clientCanCacheRead = true;
681 		cFYI(1, "Level II Oplock granted on inode %p",
682 		    &cinode->vfs_inode);
683 	} else {
684 		cinode->clientCanCacheAll = false;
685 		cinode->clientCanCacheRead = false;
686 	}
687 }
688 
689 bool
backup_cred(struct cifs_sb_info * cifs_sb)690 backup_cred(struct cifs_sb_info *cifs_sb)
691 {
692 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_CIFS_BACKUPUID) {
693 		if (cifs_sb->mnt_backupuid == current_fsuid())
694 			return true;
695 	}
696 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_CIFS_BACKUPGID) {
697 		if (in_group_p(cifs_sb->mnt_backupgid))
698 			return true;
699 	}
700 
701 	return false;
702 }
703 
704 void
cifs_add_credits(struct TCP_Server_Info * server,const unsigned int add)705 cifs_add_credits(struct TCP_Server_Info *server, const unsigned int add)
706 {
707 	spin_lock(&server->req_lock);
708 	server->credits += add;
709 	server->in_flight--;
710 	spin_unlock(&server->req_lock);
711 	wake_up(&server->request_q);
712 }
713 
714 void
cifs_set_credits(struct TCP_Server_Info * server,const int val)715 cifs_set_credits(struct TCP_Server_Info *server, const int val)
716 {
717 	spin_lock(&server->req_lock);
718 	server->credits = val;
719 	server->oplocks = val > 1 ? enable_oplocks : false;
720 	spin_unlock(&server->req_lock);
721 }
722