4 * Copyright (C) International Business Machines Corp., 2002,2008
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * Jeremy Allison (jra@samba.org) 2006.
8 * This library is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Lesser General Public License as published
10 * by the Free Software Foundation; either version 2.1 of the License, or
11 * (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
16 * the GNU Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this library; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include <linux/list.h>
25 #include <linux/gfp.h>
26 #include <linux/wait.h>
27 #include <linux/net.h>
28 #include <linux/delay.h>
29 #include <linux/freezer.h>
30 #include <linux/tcp.h>
31 #include <linux/highmem.h>
32 #include <asm/uaccess.h>
33 #include <asm/processor.h>
34 #include <linux/mempool.h>
37 #include "cifsproto.h"
38 #include "cifs_debug.h"
41 cifs_wake_up_task(struct mid_q_entry
*mid
)
43 wake_up_process(mid
->callback_data
);
47 AllocMidQEntry(const struct smb_hdr
*smb_buffer
, struct TCP_Server_Info
*server
)
49 struct mid_q_entry
*temp
;
52 cERROR(1, "Null TCP session in AllocMidQEntry");
56 temp
= mempool_alloc(cifs_mid_poolp
, GFP_NOFS
);
60 memset(temp
, 0, sizeof(struct mid_q_entry
));
61 temp
->mid
= smb_buffer
->Mid
; /* always LE */
62 temp
->pid
= current
->pid
;
63 temp
->command
= cpu_to_le16(smb_buffer
->Command
);
64 cFYI(1, "For smb_command %d", smb_buffer
->Command
);
65 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
66 /* when mid allocated can be before when sent */
67 temp
->when_alloc
= jiffies
;
68 temp
->server
= server
;
71 * The default is for the mid to be synchronous, so the
72 * default callback just wakes up the current task.
74 temp
->callback
= cifs_wake_up_task
;
75 temp
->callback_data
= current
;
78 atomic_inc(&midCount
);
79 temp
->mid_state
= MID_REQUEST_ALLOCATED
;
84 DeleteMidQEntry(struct mid_q_entry
*midEntry
)
86 #ifdef CONFIG_CIFS_STATS2
87 __le16 command
= midEntry
->server
->vals
->lock_cmd
;
90 midEntry
->mid_state
= MID_FREE
;
91 atomic_dec(&midCount
);
92 if (midEntry
->large_buf
)
93 cifs_buf_release(midEntry
->resp_buf
);
95 cifs_small_buf_release(midEntry
->resp_buf
);
96 #ifdef CONFIG_CIFS_STATS2
98 /* commands taking longer than one second are indications that
99 something is wrong, unless it is quite a slow link or server */
100 if ((now
- midEntry
->when_alloc
) > HZ
) {
101 if ((cifsFYI
& CIFS_TIMER
) && (midEntry
->command
!= command
)) {
102 printk(KERN_DEBUG
" CIFS slow rsp: cmd %d mid %llu",
103 midEntry
->command
, midEntry
->mid
);
104 printk(" A: 0x%lx S: 0x%lx R: 0x%lx\n",
105 now
- midEntry
->when_alloc
,
106 now
- midEntry
->when_sent
,
107 now
- midEntry
->when_received
);
111 mempool_free(midEntry
, cifs_mid_poolp
);
115 cifs_delete_mid(struct mid_q_entry
*mid
)
117 spin_lock(&GlobalMid_Lock
);
118 list_del(&mid
->qhead
);
119 spin_unlock(&GlobalMid_Lock
);
121 DeleteMidQEntry(mid
);
125 * smb_send_kvec - send an array of kvecs to the server
126 * @server: Server to send the data to
127 * @iov: Pointer to array of kvecs
128 * @n_vec: length of kvec array
129 * @sent: amount of data sent on socket is stored here
131 * Our basic "send data to server" function. Should be called with srv_mutex
132 * held. The caller is responsible for handling the results.
135 smb_send_kvec(struct TCP_Server_Info
*server
, struct kvec
*iov
, size_t n_vec
,
140 struct msghdr smb_msg
;
141 unsigned int remaining
;
142 size_t first_vec
= 0;
143 struct socket
*ssocket
= server
->ssocket
;
148 return -ENOTSOCK
; /* BB eventually add reconnect code here */
150 smb_msg
.msg_name
= (struct sockaddr
*) &server
->dstaddr
;
151 smb_msg
.msg_namelen
= sizeof(struct sockaddr
);
152 smb_msg
.msg_control
= NULL
;
153 smb_msg
.msg_controllen
= 0;
154 if (server
->noblocksnd
)
155 smb_msg
.msg_flags
= MSG_DONTWAIT
+ MSG_NOSIGNAL
;
157 smb_msg
.msg_flags
= MSG_NOSIGNAL
;
160 for (i
= 0; i
< n_vec
; i
++)
161 remaining
+= iov
[i
].iov_len
;
166 * If blocking send, we try 3 times, since each can block
167 * for 5 seconds. For nonblocking we have to try more
168 * but wait increasing amounts of time allowing time for
169 * socket to clear. The overall time we wait in either
170 * case to send on the socket is about 15 seconds.
171 * Similarly we wait for 15 seconds for a response from
172 * the server in SendReceive[2] for the server to send
173 * a response back for most types of requests (except
174 * SMB Write past end of file which can be slow, and
175 * blocking lock operations). NFS waits slightly longer
176 * than CIFS, but this can make it take longer for
177 * nonresponsive servers to be detected and 15 seconds
178 * is more than enough time for modern networks to
179 * send a packet. In most cases if we fail to send
180 * after the retries we will kill the socket and
181 * reconnect which may clear the network problem.
183 rc
= kernel_sendmsg(ssocket
, &smb_msg
, &iov
[first_vec
],
184 n_vec
- first_vec
, remaining
);
185 if (rc
== -ENOSPC
|| rc
== -EAGAIN
) {
187 if (i
>= 14 || (!server
->noblocksnd
&& (i
> 2))) {
188 cERROR(1, "sends on sock %p stuck for 15 "
200 /* send was at least partially successful */
203 if (rc
== remaining
) {
208 if (rc
> remaining
) {
209 cERROR(1, "sent %d requested %d", rc
, remaining
);
214 /* should never happen, letting socket clear before
215 retrying is our only obvious option here */
216 cERROR(1, "tcp sent no data");
223 /* the line below resets i */
224 for (i
= first_vec
; i
< n_vec
; i
++) {
225 if (iov
[i
].iov_len
) {
226 if (rc
> iov
[i
].iov_len
) {
227 rc
-= iov
[i
].iov_len
;
230 iov
[i
].iov_base
+= rc
;
231 iov
[i
].iov_len
-= rc
;
238 i
= 0; /* in case we get ENOSPC on the next send */
245 * rqst_page_to_kvec - Turn a slot in the smb_rqst page array into a kvec
246 * @rqst: pointer to smb_rqst
247 * @idx: index into the array of the page
248 * @iov: pointer to struct kvec that will hold the result
250 * Helper function to convert a slot in the rqst->rq_pages array into a kvec.
251 * The page will be kmapped and the address placed into iov_base. The length
252 * will then be adjusted according to the ptailoff.
255 cifs_rqst_page_to_kvec(struct smb_rqst
*rqst
, unsigned int idx
,
259 * FIXME: We could avoid this kmap altogether if we used
260 * kernel_sendpage instead of kernel_sendmsg. That will only
261 * work if signing is disabled though as sendpage inlines the
262 * page directly into the fraglist. If userspace modifies the
263 * page after we calculate the signature, then the server will
264 * reject it and may break the connection. kernel_sendmsg does
265 * an extra copy of the data and avoids that issue.
267 iov
->iov_base
= kmap(rqst
->rq_pages
[idx
]);
269 /* if last page, don't send beyond this offset into page */
270 if (idx
== (rqst
->rq_npages
- 1))
271 iov
->iov_len
= rqst
->rq_tailsz
;
273 iov
->iov_len
= rqst
->rq_pagesz
;
277 smb_send_rqst(struct TCP_Server_Info
*server
, struct smb_rqst
*rqst
)
280 struct kvec
*iov
= rqst
->rq_iov
;
281 int n_vec
= rqst
->rq_nvec
;
282 unsigned int smb_buf_length
= get_rfc1002_length(iov
[0].iov_base
);
284 size_t total_len
= 0, sent
;
285 struct socket
*ssocket
= server
->ssocket
;
288 cFYI(1, "Sending smb: smb_len=%u", smb_buf_length
);
289 dump_smb(iov
[0].iov_base
, iov
[0].iov_len
);
291 /* cork the socket */
292 kernel_setsockopt(ssocket
, SOL_TCP
, TCP_CORK
,
293 (char *)&val
, sizeof(val
));
295 rc
= smb_send_kvec(server
, iov
, n_vec
, &sent
);
301 /* now walk the page array and send each page in it */
302 for (i
= 0; i
< rqst
->rq_npages
; i
++) {
305 cifs_rqst_page_to_kvec(rqst
, i
, &p_iov
);
306 rc
= smb_send_kvec(server
, &p_iov
, 1, &sent
);
307 kunmap(rqst
->rq_pages
[i
]);
317 kernel_setsockopt(ssocket
, SOL_TCP
, TCP_CORK
,
318 (char *)&val
, sizeof(val
));
320 if ((total_len
> 0) && (total_len
!= smb_buf_length
+ 4)) {
321 cFYI(1, "partial send (wanted=%u sent=%zu): terminating "
322 "session", smb_buf_length
+ 4, total_len
);
324 * If we have only sent part of an SMB then the next SMB could
325 * be taken as the remainder of this one. We need to kill the
326 * socket so the server throws away the partial SMB
328 server
->tcpStatus
= CifsNeedReconnect
;
331 if (rc
< 0 && rc
!= -EINTR
)
332 cERROR(1, "Error %d sending data on socket to server", rc
);
340 smb_sendv(struct TCP_Server_Info
*server
, struct kvec
*iov
, int n_vec
)
342 struct smb_rqst rqst
= { .rq_iov
= iov
,
345 return smb_send_rqst(server
, &rqst
);
349 smb_send(struct TCP_Server_Info
*server
, struct smb_hdr
*smb_buffer
,
350 unsigned int smb_buf_length
)
354 iov
.iov_base
= smb_buffer
;
355 iov
.iov_len
= smb_buf_length
+ 4;
357 return smb_sendv(server
, &iov
, 1);
361 wait_for_free_credits(struct TCP_Server_Info
*server
, const int timeout
,
366 spin_lock(&server
->req_lock
);
367 if (timeout
== CIFS_ASYNC_OP
) {
368 /* oplock breaks must not be held up */
371 spin_unlock(&server
->req_lock
);
377 spin_unlock(&server
->req_lock
);
378 cifs_num_waiters_inc(server
);
379 rc
= wait_event_killable(server
->request_q
,
380 has_credits(server
, credits
));
381 cifs_num_waiters_dec(server
);
384 spin_lock(&server
->req_lock
);
386 if (server
->tcpStatus
== CifsExiting
) {
387 spin_unlock(&server
->req_lock
);
392 * Can not count locking commands against total
393 * as they are allowed to block on server.
396 /* update # of requests on the wire to server */
397 if (timeout
!= CIFS_BLOCKING_OP
) {
401 spin_unlock(&server
->req_lock
);
409 wait_for_free_request(struct TCP_Server_Info
*server
, const int timeout
,
412 return wait_for_free_credits(server
, timeout
,
413 server
->ops
->get_credits_field(server
, optype
));
416 static int allocate_mid(struct cifs_ses
*ses
, struct smb_hdr
*in_buf
,
417 struct mid_q_entry
**ppmidQ
)
419 if (ses
->server
->tcpStatus
== CifsExiting
) {
423 if (ses
->server
->tcpStatus
== CifsNeedReconnect
) {
424 cFYI(1, "tcp session dead - return to caller to retry");
428 if (ses
->status
!= CifsGood
) {
429 /* check if SMB session is bad because we are setting it up */
430 if ((in_buf
->Command
!= SMB_COM_SESSION_SETUP_ANDX
) &&
431 (in_buf
->Command
!= SMB_COM_NEGOTIATE
))
433 /* else ok - we are setting up session */
435 *ppmidQ
= AllocMidQEntry(in_buf
, ses
->server
);
438 spin_lock(&GlobalMid_Lock
);
439 list_add_tail(&(*ppmidQ
)->qhead
, &ses
->server
->pending_mid_q
);
440 spin_unlock(&GlobalMid_Lock
);
445 wait_for_response(struct TCP_Server_Info
*server
, struct mid_q_entry
*midQ
)
449 error
= wait_event_freezekillable(server
->response_q
,
450 midQ
->mid_state
!= MID_REQUEST_SUBMITTED
);
458 cifs_setup_async_request(struct TCP_Server_Info
*server
, struct smb_rqst
*rqst
)
461 struct smb_hdr
*hdr
= (struct smb_hdr
*)rqst
->rq_iov
[0].iov_base
;
462 struct mid_q_entry
*mid
;
464 /* enable signing if server requires it */
465 if (server
->sec_mode
& (SECMODE_SIGN_REQUIRED
| SECMODE_SIGN_ENABLED
))
466 hdr
->Flags2
|= SMBFLG2_SECURITY_SIGNATURE
;
468 mid
= AllocMidQEntry(hdr
, server
);
470 return ERR_PTR(-ENOMEM
);
472 rc
= cifs_sign_rqst(rqst
, server
, &mid
->sequence_number
);
474 DeleteMidQEntry(mid
);
482 * Send a SMB request and set the callback function in the mid to handle
483 * the result. Caller is responsible for dealing with timeouts.
486 cifs_call_async(struct TCP_Server_Info
*server
, struct smb_rqst
*rqst
,
487 mid_receive_t
*receive
, mid_callback_t
*callback
,
488 void *cbdata
, const int flags
)
490 int rc
, timeout
, optype
;
491 struct mid_q_entry
*mid
;
493 timeout
= flags
& CIFS_TIMEOUT_MASK
;
494 optype
= flags
& CIFS_OP_MASK
;
496 rc
= wait_for_free_request(server
, timeout
, optype
);
500 mutex_lock(&server
->srv_mutex
);
501 mid
= server
->ops
->setup_async_request(server
, rqst
);
503 mutex_unlock(&server
->srv_mutex
);
504 add_credits(server
, 1, optype
);
505 wake_up(&server
->request_q
);
509 mid
->receive
= receive
;
510 mid
->callback
= callback
;
511 mid
->callback_data
= cbdata
;
512 mid
->mid_state
= MID_REQUEST_SUBMITTED
;
514 /* put it on the pending_mid_q */
515 spin_lock(&GlobalMid_Lock
);
516 list_add_tail(&mid
->qhead
, &server
->pending_mid_q
);
517 spin_unlock(&GlobalMid_Lock
);
520 cifs_in_send_inc(server
);
521 rc
= smb_send_rqst(server
, rqst
);
522 cifs_in_send_dec(server
);
523 cifs_save_when_sent(mid
);
524 mutex_unlock(&server
->srv_mutex
);
529 cifs_delete_mid(mid
);
530 add_credits(server
, 1, optype
);
531 wake_up(&server
->request_q
);
537 * Send an SMB Request. No response info (other than return code)
538 * needs to be parsed.
540 * flags indicate the type of request buffer and how long to wait
541 * and whether to log NT STATUS code (error) before mapping it to POSIX error
545 SendReceiveNoRsp(const unsigned int xid
, struct cifs_ses
*ses
,
546 char *in_buf
, int flags
)
552 iov
[0].iov_base
= in_buf
;
553 iov
[0].iov_len
= get_rfc1002_length(in_buf
) + 4;
554 flags
|= CIFS_NO_RESP
;
555 rc
= SendReceive2(xid
, ses
, iov
, 1, &resp_buf_type
, flags
);
556 cFYI(DBG2
, "SendRcvNoRsp flags %d rc %d", flags
, rc
);
562 cifs_sync_mid_result(struct mid_q_entry
*mid
, struct TCP_Server_Info
*server
)
566 cFYI(1, "%s: cmd=%d mid=%llu state=%d", __func__
,
567 le16_to_cpu(mid
->command
), mid
->mid
, mid
->mid_state
);
569 spin_lock(&GlobalMid_Lock
);
570 switch (mid
->mid_state
) {
571 case MID_RESPONSE_RECEIVED
:
572 spin_unlock(&GlobalMid_Lock
);
574 case MID_RETRY_NEEDED
:
577 case MID_RESPONSE_MALFORMED
:
584 list_del_init(&mid
->qhead
);
585 cERROR(1, "%s: invalid mid state mid=%llu state=%d", __func__
,
586 mid
->mid
, mid
->mid_state
);
589 spin_unlock(&GlobalMid_Lock
);
591 DeleteMidQEntry(mid
);
596 send_cancel(struct TCP_Server_Info
*server
, void *buf
, struct mid_q_entry
*mid
)
598 return server
->ops
->send_cancel
?
599 server
->ops
->send_cancel(server
, buf
, mid
) : 0;
603 cifs_check_receive(struct mid_q_entry
*mid
, struct TCP_Server_Info
*server
,
606 unsigned int len
= get_rfc1002_length(mid
->resp_buf
) + 4;
608 dump_smb(mid
->resp_buf
, min_t(u32
, 92, len
));
610 /* convert the length into a more usable form */
611 if (server
->sec_mode
& (SECMODE_SIGN_REQUIRED
| SECMODE_SIGN_ENABLED
)) {
614 struct smb_rqst rqst
= { .rq_iov
= &iov
,
617 iov
.iov_base
= mid
->resp_buf
;
619 /* FIXME: add code to kill session */
620 rc
= cifs_verify_signature(&rqst
, server
,
621 mid
->sequence_number
+ 1);
623 cERROR(1, "SMB signature verification returned error = "
627 /* BB special case reconnect tid and uid here? */
628 return map_smb_to_linux_error(mid
->resp_buf
, log_error
);
632 cifs_setup_request(struct cifs_ses
*ses
, struct smb_rqst
*rqst
)
635 struct smb_hdr
*hdr
= (struct smb_hdr
*)rqst
->rq_iov
[0].iov_base
;
636 struct mid_q_entry
*mid
;
638 rc
= allocate_mid(ses
, hdr
, &mid
);
641 rc
= cifs_sign_rqst(rqst
, ses
->server
, &mid
->sequence_number
);
643 cifs_delete_mid(mid
);
650 SendReceive2(const unsigned int xid
, struct cifs_ses
*ses
,
651 struct kvec
*iov
, int n_vec
, int *resp_buf_type
/* ret */,
656 struct mid_q_entry
*midQ
;
657 char *buf
= iov
[0].iov_base
;
658 unsigned int credits
= 1;
659 struct smb_rqst rqst
= { .rq_iov
= iov
,
662 timeout
= flags
& CIFS_TIMEOUT_MASK
;
663 optype
= flags
& CIFS_OP_MASK
;
665 *resp_buf_type
= CIFS_NO_BUFFER
; /* no response buf yet */
667 if ((ses
== NULL
) || (ses
->server
== NULL
)) {
668 cifs_small_buf_release(buf
);
669 cERROR(1, "Null session");
673 if (ses
->server
->tcpStatus
== CifsExiting
) {
674 cifs_small_buf_release(buf
);
679 * Ensure that we do not send more than 50 overlapping requests
680 * to the same server. We may make this configurable later or
684 rc
= wait_for_free_request(ses
->server
, timeout
, optype
);
686 cifs_small_buf_release(buf
);
691 * Make sure that we sign in the same order that we send on this socket
692 * and avoid races inside tcp sendmsg code that could cause corruption
696 mutex_lock(&ses
->server
->srv_mutex
);
698 midQ
= ses
->server
->ops
->setup_request(ses
, &rqst
);
700 mutex_unlock(&ses
->server
->srv_mutex
);
701 cifs_small_buf_release(buf
);
702 /* Update # of requests on wire to server */
703 add_credits(ses
->server
, 1, optype
);
704 return PTR_ERR(midQ
);
707 midQ
->mid_state
= MID_REQUEST_SUBMITTED
;
708 cifs_in_send_inc(ses
->server
);
709 rc
= smb_sendv(ses
->server
, iov
, n_vec
);
710 cifs_in_send_dec(ses
->server
);
711 cifs_save_when_sent(midQ
);
713 mutex_unlock(&ses
->server
->srv_mutex
);
716 cifs_small_buf_release(buf
);
720 if (timeout
== CIFS_ASYNC_OP
) {
721 cifs_small_buf_release(buf
);
725 rc
= wait_for_response(ses
->server
, midQ
);
727 send_cancel(ses
->server
, buf
, midQ
);
728 spin_lock(&GlobalMid_Lock
);
729 if (midQ
->mid_state
== MID_REQUEST_SUBMITTED
) {
730 midQ
->callback
= DeleteMidQEntry
;
731 spin_unlock(&GlobalMid_Lock
);
732 cifs_small_buf_release(buf
);
733 add_credits(ses
->server
, 1, optype
);
736 spin_unlock(&GlobalMid_Lock
);
739 cifs_small_buf_release(buf
);
741 rc
= cifs_sync_mid_result(midQ
, ses
->server
);
743 add_credits(ses
->server
, 1, optype
);
747 if (!midQ
->resp_buf
|| midQ
->mid_state
!= MID_RESPONSE_RECEIVED
) {
749 cFYI(1, "Bad MID state?");
753 buf
= (char *)midQ
->resp_buf
;
754 iov
[0].iov_base
= buf
;
755 iov
[0].iov_len
= get_rfc1002_length(buf
) + 4;
757 *resp_buf_type
= CIFS_LARGE_BUFFER
;
759 *resp_buf_type
= CIFS_SMALL_BUFFER
;
761 credits
= ses
->server
->ops
->get_credits(midQ
);
763 rc
= ses
->server
->ops
->check_receive(midQ
, ses
->server
,
764 flags
& CIFS_LOG_ERROR
);
766 /* mark it so buf will not be freed by cifs_delete_mid */
767 if ((flags
& CIFS_NO_RESP
) == 0)
768 midQ
->resp_buf
= NULL
;
770 cifs_delete_mid(midQ
);
771 add_credits(ses
->server
, credits
, optype
);
777 SendReceive(const unsigned int xid
, struct cifs_ses
*ses
,
778 struct smb_hdr
*in_buf
, struct smb_hdr
*out_buf
,
779 int *pbytes_returned
, const int timeout
)
782 struct mid_q_entry
*midQ
;
785 cERROR(1, "Null smb session");
788 if (ses
->server
== NULL
) {
789 cERROR(1, "Null tcp session");
793 if (ses
->server
->tcpStatus
== CifsExiting
)
796 /* Ensure that we do not send more than 50 overlapping requests
797 to the same server. We may make this configurable later or
800 if (be32_to_cpu(in_buf
->smb_buf_length
) > CIFSMaxBufSize
+
801 MAX_CIFS_HDR_SIZE
- 4) {
802 cERROR(1, "Illegal length, greater than maximum frame, %d",
803 be32_to_cpu(in_buf
->smb_buf_length
));
807 rc
= wait_for_free_request(ses
->server
, timeout
, 0);
811 /* make sure that we sign in the same order that we send on this socket
812 and avoid races inside tcp sendmsg code that could cause corruption
815 mutex_lock(&ses
->server
->srv_mutex
);
817 rc
= allocate_mid(ses
, in_buf
, &midQ
);
819 mutex_unlock(&ses
->server
->srv_mutex
);
820 /* Update # of requests on wire to server */
821 add_credits(ses
->server
, 1, 0);
825 rc
= cifs_sign_smb(in_buf
, ses
->server
, &midQ
->sequence_number
);
827 mutex_unlock(&ses
->server
->srv_mutex
);
831 midQ
->mid_state
= MID_REQUEST_SUBMITTED
;
833 cifs_in_send_inc(ses
->server
);
834 rc
= smb_send(ses
->server
, in_buf
, be32_to_cpu(in_buf
->smb_buf_length
));
835 cifs_in_send_dec(ses
->server
);
836 cifs_save_when_sent(midQ
);
837 mutex_unlock(&ses
->server
->srv_mutex
);
842 if (timeout
== CIFS_ASYNC_OP
)
845 rc
= wait_for_response(ses
->server
, midQ
);
847 send_cancel(ses
->server
, in_buf
, midQ
);
848 spin_lock(&GlobalMid_Lock
);
849 if (midQ
->mid_state
== MID_REQUEST_SUBMITTED
) {
850 /* no longer considered to be "in-flight" */
851 midQ
->callback
= DeleteMidQEntry
;
852 spin_unlock(&GlobalMid_Lock
);
853 add_credits(ses
->server
, 1, 0);
856 spin_unlock(&GlobalMid_Lock
);
859 rc
= cifs_sync_mid_result(midQ
, ses
->server
);
861 add_credits(ses
->server
, 1, 0);
865 if (!midQ
->resp_buf
|| !out_buf
||
866 midQ
->mid_state
!= MID_RESPONSE_RECEIVED
) {
868 cERROR(1, "Bad MID state?");
872 *pbytes_returned
= get_rfc1002_length(midQ
->resp_buf
);
873 memcpy(out_buf
, midQ
->resp_buf
, *pbytes_returned
+ 4);
874 rc
= cifs_check_receive(midQ
, ses
->server
, 0);
876 cifs_delete_mid(midQ
);
877 add_credits(ses
->server
, 1, 0);
882 /* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
883 blocking lock to return. */
886 send_lock_cancel(const unsigned int xid
, struct cifs_tcon
*tcon
,
887 struct smb_hdr
*in_buf
,
888 struct smb_hdr
*out_buf
)
891 struct cifs_ses
*ses
= tcon
->ses
;
892 LOCK_REQ
*pSMB
= (LOCK_REQ
*)in_buf
;
894 /* We just modify the current in_buf to change
895 the type of lock from LOCKING_ANDX_SHARED_LOCK
896 or LOCKING_ANDX_EXCLUSIVE_LOCK to
897 LOCKING_ANDX_CANCEL_LOCK. */
899 pSMB
->LockType
= LOCKING_ANDX_CANCEL_LOCK
|LOCKING_ANDX_LARGE_FILES
;
901 pSMB
->hdr
.Mid
= get_next_mid(ses
->server
);
903 return SendReceive(xid
, ses
, in_buf
, out_buf
,
908 SendReceiveBlockingLock(const unsigned int xid
, struct cifs_tcon
*tcon
,
909 struct smb_hdr
*in_buf
, struct smb_hdr
*out_buf
,
910 int *pbytes_returned
)
914 struct mid_q_entry
*midQ
;
915 struct cifs_ses
*ses
;
917 if (tcon
== NULL
|| tcon
->ses
== NULL
) {
918 cERROR(1, "Null smb session");
923 if (ses
->server
== NULL
) {
924 cERROR(1, "Null tcp session");
928 if (ses
->server
->tcpStatus
== CifsExiting
)
931 /* Ensure that we do not send more than 50 overlapping requests
932 to the same server. We may make this configurable later or
935 if (be32_to_cpu(in_buf
->smb_buf_length
) > CIFSMaxBufSize
+
936 MAX_CIFS_HDR_SIZE
- 4) {
937 cERROR(1, "Illegal length, greater than maximum frame, %d",
938 be32_to_cpu(in_buf
->smb_buf_length
));
942 rc
= wait_for_free_request(ses
->server
, CIFS_BLOCKING_OP
, 0);
946 /* make sure that we sign in the same order that we send on this socket
947 and avoid races inside tcp sendmsg code that could cause corruption
950 mutex_lock(&ses
->server
->srv_mutex
);
952 rc
= allocate_mid(ses
, in_buf
, &midQ
);
954 mutex_unlock(&ses
->server
->srv_mutex
);
958 rc
= cifs_sign_smb(in_buf
, ses
->server
, &midQ
->sequence_number
);
960 cifs_delete_mid(midQ
);
961 mutex_unlock(&ses
->server
->srv_mutex
);
965 midQ
->mid_state
= MID_REQUEST_SUBMITTED
;
966 cifs_in_send_inc(ses
->server
);
967 rc
= smb_send(ses
->server
, in_buf
, be32_to_cpu(in_buf
->smb_buf_length
));
968 cifs_in_send_dec(ses
->server
);
969 cifs_save_when_sent(midQ
);
970 mutex_unlock(&ses
->server
->srv_mutex
);
973 cifs_delete_mid(midQ
);
977 /* Wait for a reply - allow signals to interrupt. */
978 rc
= wait_event_interruptible(ses
->server
->response_q
,
979 (!(midQ
->mid_state
== MID_REQUEST_SUBMITTED
)) ||
980 ((ses
->server
->tcpStatus
!= CifsGood
) &&
981 (ses
->server
->tcpStatus
!= CifsNew
)));
983 /* Were we interrupted by a signal ? */
984 if ((rc
== -ERESTARTSYS
) &&
985 (midQ
->mid_state
== MID_REQUEST_SUBMITTED
) &&
986 ((ses
->server
->tcpStatus
== CifsGood
) ||
987 (ses
->server
->tcpStatus
== CifsNew
))) {
989 if (in_buf
->Command
== SMB_COM_TRANSACTION2
) {
990 /* POSIX lock. We send a NT_CANCEL SMB to cause the
991 blocking lock to return. */
992 rc
= send_cancel(ses
->server
, in_buf
, midQ
);
994 cifs_delete_mid(midQ
);
998 /* Windows lock. We send a LOCKINGX_CANCEL_LOCK
999 to cause the blocking lock to return. */
1001 rc
= send_lock_cancel(xid
, tcon
, in_buf
, out_buf
);
1003 /* If we get -ENOLCK back the lock may have
1004 already been removed. Don't exit in this case. */
1005 if (rc
&& rc
!= -ENOLCK
) {
1006 cifs_delete_mid(midQ
);
1011 rc
= wait_for_response(ses
->server
, midQ
);
1013 send_cancel(ses
->server
, in_buf
, midQ
);
1014 spin_lock(&GlobalMid_Lock
);
1015 if (midQ
->mid_state
== MID_REQUEST_SUBMITTED
) {
1016 /* no longer considered to be "in-flight" */
1017 midQ
->callback
= DeleteMidQEntry
;
1018 spin_unlock(&GlobalMid_Lock
);
1021 spin_unlock(&GlobalMid_Lock
);
1024 /* We got the response - restart system call. */
1028 rc
= cifs_sync_mid_result(midQ
, ses
->server
);
1032 /* rcvd frame is ok */
1033 if (out_buf
== NULL
|| midQ
->mid_state
!= MID_RESPONSE_RECEIVED
) {
1035 cERROR(1, "Bad MID state?");
1039 *pbytes_returned
= get_rfc1002_length(midQ
->resp_buf
);
1040 memcpy(out_buf
, midQ
->resp_buf
, *pbytes_returned
+ 4);
1041 rc
= cifs_check_receive(midQ
, ses
->server
, 0);
1043 cifs_delete_mid(midQ
);
1044 if (rstart
&& rc
== -EACCES
)
1045 return -ERESTARTSYS
;