Commit 1551f8f2 authored by Linus Torvalds's avatar Linus Torvalds

Merge tag '6.0-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs fixes from Steve French:
 "Five fixes, all also marked for stable:

   - fixes for collapse range and insert range (also fixes xfstest
     generic/031)

   - memory leak fix"

* tag '6.0-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: fix small mempool leak in SMB2_negotiate()
  smb3: use filemap_write_and_wait_range instead of filemap_write_and_wait
  smb3: fix temporary data corruption in insert range
  smb3: fix temporary data corruption in collapse range
  smb3: Move the flush out of smb2_copychunk_range() into its callers
parents 0c95f022 27893dfc
...@@ -1248,6 +1248,12 @@ ssize_t cifs_file_copychunk_range(unsigned int xid, ...@@ -1248,6 +1248,12 @@ ssize_t cifs_file_copychunk_range(unsigned int xid,
lock_two_nondirectories(target_inode, src_inode); lock_two_nondirectories(target_inode, src_inode);
cifs_dbg(FYI, "about to flush pages\n"); cifs_dbg(FYI, "about to flush pages\n");
rc = filemap_write_and_wait_range(src_inode->i_mapping, off,
off + len - 1);
if (rc)
goto out;
/* should we flush first and last page first */ /* should we flush first and last page first */
truncate_inode_pages(&target_inode->i_data, 0); truncate_inode_pages(&target_inode->i_data, 0);
......
...@@ -1600,17 +1600,8 @@ smb2_copychunk_range(const unsigned int xid, ...@@ -1600,17 +1600,8 @@ smb2_copychunk_range(const unsigned int xid,
int chunks_copied = 0; int chunks_copied = 0;
bool chunk_sizes_updated = false; bool chunk_sizes_updated = false;
ssize_t bytes_written, total_bytes_written = 0; ssize_t bytes_written, total_bytes_written = 0;
struct inode *inode;
pcchunk = kmalloc(sizeof(struct copychunk_ioctl), GFP_KERNEL); pcchunk = kmalloc(sizeof(struct copychunk_ioctl), GFP_KERNEL);
/*
* We need to flush all unwritten data before we can send the
* copychunk ioctl to the server.
*/
inode = d_inode(trgtfile->dentry);
filemap_write_and_wait(inode->i_mapping);
if (pcchunk == NULL) if (pcchunk == NULL)
return -ENOMEM; return -ENOMEM;
...@@ -3678,39 +3669,50 @@ static long smb3_collapse_range(struct file *file, struct cifs_tcon *tcon, ...@@ -3678,39 +3669,50 @@ static long smb3_collapse_range(struct file *file, struct cifs_tcon *tcon,
{ {
int rc; int rc;
unsigned int xid; unsigned int xid;
struct inode *inode; struct inode *inode = file_inode(file);
struct cifsFileInfo *cfile = file->private_data; struct cifsFileInfo *cfile = file->private_data;
struct cifsInodeInfo *cifsi; struct cifsInodeInfo *cifsi = CIFS_I(inode);
__le64 eof; __le64 eof;
loff_t old_eof;
xid = get_xid(); xid = get_xid();
inode = d_inode(cfile->dentry); inode_lock(inode);
cifsi = CIFS_I(inode);
if (off >= i_size_read(inode) || old_eof = i_size_read(inode);
off + len >= i_size_read(inode)) { if ((off >= old_eof) ||
off + len >= old_eof) {
rc = -EINVAL; rc = -EINVAL;
goto out; goto out;
} }
filemap_invalidate_lock(inode->i_mapping);
rc = filemap_write_and_wait_range(inode->i_mapping, off, old_eof - 1);
if (rc < 0)
goto out_2;
truncate_pagecache_range(inode, off, old_eof);
rc = smb2_copychunk_range(xid, cfile, cfile, off + len, rc = smb2_copychunk_range(xid, cfile, cfile, off + len,
i_size_read(inode) - off - len, off); old_eof - off - len, off);
if (rc < 0) if (rc < 0)
goto out; goto out_2;
eof = cpu_to_le64(i_size_read(inode) - len); eof = cpu_to_le64(old_eof - len);
rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid, rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid,
cfile->fid.volatile_fid, cfile->pid, &eof); cfile->fid.volatile_fid, cfile->pid, &eof);
if (rc < 0) if (rc < 0)
goto out; goto out_2;
rc = 0; rc = 0;
cifsi->server_eof = i_size_read(inode) - len; cifsi->server_eof = i_size_read(inode) - len;
truncate_setsize(inode, cifsi->server_eof); truncate_setsize(inode, cifsi->server_eof);
fscache_resize_cookie(cifs_inode_cookie(inode), cifsi->server_eof); fscache_resize_cookie(cifs_inode_cookie(inode), cifsi->server_eof);
out_2:
filemap_invalidate_unlock(inode->i_mapping);
out: out:
inode_unlock(inode);
free_xid(xid); free_xid(xid);
return rc; return rc;
} }
...@@ -3721,34 +3723,47 @@ static long smb3_insert_range(struct file *file, struct cifs_tcon *tcon, ...@@ -3721,34 +3723,47 @@ static long smb3_insert_range(struct file *file, struct cifs_tcon *tcon,
int rc; int rc;
unsigned int xid; unsigned int xid;
struct cifsFileInfo *cfile = file->private_data; struct cifsFileInfo *cfile = file->private_data;
struct inode *inode = file_inode(file);
__le64 eof; __le64 eof;
__u64 count; __u64 count, old_eof;
xid = get_xid(); xid = get_xid();
if (off >= i_size_read(file->f_inode)) { inode_lock(inode);
old_eof = i_size_read(inode);
if (off >= old_eof) {
rc = -EINVAL; rc = -EINVAL;
goto out; goto out;
} }
count = i_size_read(file->f_inode) - off; count = old_eof - off;
eof = cpu_to_le64(i_size_read(file->f_inode) + len); eof = cpu_to_le64(old_eof + len);
filemap_invalidate_lock(inode->i_mapping);
rc = filemap_write_and_wait_range(inode->i_mapping, off, old_eof + len - 1);
if (rc < 0)
goto out_2;
truncate_pagecache_range(inode, off, old_eof);
rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid, rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid,
cfile->fid.volatile_fid, cfile->pid, &eof); cfile->fid.volatile_fid, cfile->pid, &eof);
if (rc < 0) if (rc < 0)
goto out; goto out_2;
rc = smb2_copychunk_range(xid, cfile, cfile, off, count, off + len); rc = smb2_copychunk_range(xid, cfile, cfile, off, count, off + len);
if (rc < 0) if (rc < 0)
goto out; goto out_2;
rc = smb3_zero_range(file, tcon, off, len, 1); rc = smb3_zero_data(file, tcon, off, len, xid);
if (rc < 0) if (rc < 0)
goto out; goto out_2;
rc = 0; rc = 0;
out_2:
filemap_invalidate_unlock(inode->i_mapping);
out: out:
inode_unlock(inode);
free_xid(xid); free_xid(xid);
return rc; return rc;
} }
......
...@@ -965,16 +965,17 @@ SMB2_negotiate(const unsigned int xid, ...@@ -965,16 +965,17 @@ SMB2_negotiate(const unsigned int xid,
} else if (rc != 0) } else if (rc != 0)
goto neg_exit; goto neg_exit;
rc = -EIO;
if (strcmp(server->vals->version_string, if (strcmp(server->vals->version_string,
SMB3ANY_VERSION_STRING) == 0) { SMB3ANY_VERSION_STRING) == 0) {
if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID)) { if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID)) {
cifs_server_dbg(VFS, cifs_server_dbg(VFS,
"SMB2 dialect returned but not requested\n"); "SMB2 dialect returned but not requested\n");
return -EIO; goto neg_exit;
} else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID)) { } else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID)) {
cifs_server_dbg(VFS, cifs_server_dbg(VFS,
"SMB2.1 dialect returned but not requested\n"); "SMB2.1 dialect returned but not requested\n");
return -EIO; goto neg_exit;
} else if (rsp->DialectRevision == cpu_to_le16(SMB311_PROT_ID)) { } else if (rsp->DialectRevision == cpu_to_le16(SMB311_PROT_ID)) {
/* ops set to 3.0 by default for default so update */ /* ops set to 3.0 by default for default so update */
server->ops = &smb311_operations; server->ops = &smb311_operations;
...@@ -985,7 +986,7 @@ SMB2_negotiate(const unsigned int xid, ...@@ -985,7 +986,7 @@ SMB2_negotiate(const unsigned int xid,
if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID)) { if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID)) {
cifs_server_dbg(VFS, cifs_server_dbg(VFS,
"SMB2 dialect returned but not requested\n"); "SMB2 dialect returned but not requested\n");
return -EIO; goto neg_exit;
} else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID)) { } else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID)) {
/* ops set to 3.0 by default for default so update */ /* ops set to 3.0 by default for default so update */
server->ops = &smb21_operations; server->ops = &smb21_operations;
...@@ -999,7 +1000,7 @@ SMB2_negotiate(const unsigned int xid, ...@@ -999,7 +1000,7 @@ SMB2_negotiate(const unsigned int xid,
/* if requested single dialect ensure returned dialect matched */ /* if requested single dialect ensure returned dialect matched */
cifs_server_dbg(VFS, "Invalid 0x%x dialect returned: not requested\n", cifs_server_dbg(VFS, "Invalid 0x%x dialect returned: not requested\n",
le16_to_cpu(rsp->DialectRevision)); le16_to_cpu(rsp->DialectRevision));
return -EIO; goto neg_exit;
} }
cifs_dbg(FYI, "mode 0x%x\n", rsp->SecurityMode); cifs_dbg(FYI, "mode 0x%x\n", rsp->SecurityMode);
...@@ -1017,9 +1018,10 @@ SMB2_negotiate(const unsigned int xid, ...@@ -1017,9 +1018,10 @@ SMB2_negotiate(const unsigned int xid,
else { else {
cifs_server_dbg(VFS, "Invalid dialect returned by server 0x%x\n", cifs_server_dbg(VFS, "Invalid dialect returned by server 0x%x\n",
le16_to_cpu(rsp->DialectRevision)); le16_to_cpu(rsp->DialectRevision));
rc = -EIO;
goto neg_exit; goto neg_exit;
} }
rc = 0;
server->dialect = le16_to_cpu(rsp->DialectRevision); server->dialect = le16_to_cpu(rsp->DialectRevision);
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment