4 * Copyright (C) International Business Machines Corp., 2002,2008
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * Jeremy Allison (jra@samba.org) 2006.
8 * This library is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Lesser General Public License as published
10 * by the Free Software Foundation; either version 2.1 of the License, or
11 * (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
16 * the GNU Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this library; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include <linux/list.h>
25 #include <linux/gfp.h>
26 #include <linux/wait.h>
27 #include <linux/net.h>
28 #include <linux/delay.h>
29 #include <linux/freezer.h>
30 #include <linux/tcp.h>
31 #include <linux/highmem.h>
32 #include <asm/uaccess.h>
33 #include <asm/processor.h>
34 #include <linux/mempool.h>
37 #include "cifsproto.h"
38 #include "cifs_debug.h"
41 cifs_wake_up_task(struct mid_q_entry *mid)
43 wake_up_process(mid->callback_data);
47 AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
49 struct mid_q_entry *temp;
52 cERROR(1, "Null TCP session in AllocMidQEntry");
56 temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS);
60 memset(temp, 0, sizeof(struct mid_q_entry));
61 temp->mid = smb_buffer->Mid; /* always LE */
62 temp->pid = current->pid;
63 temp->command = cpu_to_le16(smb_buffer->Command);
64 cFYI(1, "For smb_command %d", smb_buffer->Command);
65 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
66 /* when mid allocated can be before when sent */
67 temp->when_alloc = jiffies;
68 temp->server = server;
71 * The default is for the mid to be synchronous, so the
72 * default callback just wakes up the current task.
74 temp->callback = cifs_wake_up_task;
75 temp->callback_data = current;
78 atomic_inc(&midCount);
79 temp->mid_state = MID_REQUEST_ALLOCATED;
84 DeleteMidQEntry(struct mid_q_entry *midEntry)
86 #ifdef CONFIG_CIFS_STATS2
87 __le16 command = midEntry->server->vals->lock_cmd;
90 midEntry->mid_state = MID_FREE;
91 atomic_dec(&midCount);
92 if (midEntry->large_buf)
93 cifs_buf_release(midEntry->resp_buf);
95 cifs_small_buf_release(midEntry->resp_buf);
96 #ifdef CONFIG_CIFS_STATS2
98 /* commands taking longer than one second are indications that
99 something is wrong, unless it is quite a slow link or server */
100 if ((now - midEntry->when_alloc) > HZ) {
101 if ((cifsFYI & CIFS_TIMER) && (midEntry->command != command)) {
102 printk(KERN_DEBUG " CIFS slow rsp: cmd %d mid %llu",
103 midEntry->command, midEntry->mid);
104 printk(" A: 0x%lx S: 0x%lx R: 0x%lx\n",
105 now - midEntry->when_alloc,
106 now - midEntry->when_sent,
107 now - midEntry->when_received);
111 mempool_free(midEntry, cifs_mid_poolp);
115 cifs_delete_mid(struct mid_q_entry *mid)
117 spin_lock(&GlobalMid_Lock);
118 list_del(&mid->qhead);
119 spin_unlock(&GlobalMid_Lock);
121 DeleteMidQEntry(mid);
125 * smb_send_kvec - send an array of kvecs to the server
126 * @server: Server to send the data to
127 * @iov: Pointer to array of kvecs
128 * @n_vec: length of kvec array
129 * @sent: amount of data sent on socket is stored here
131 * Our basic "send data to server" function. Should be called with srv_mutex
132 * held. The caller is responsible for handling the results.
135 smb_send_kvec(struct TCP_Server_Info *server, struct kvec *iov, size_t n_vec,
140 struct msghdr smb_msg;
141 unsigned int remaining;
142 size_t first_vec = 0;
143 struct socket *ssocket = server->ssocket;
148 return -ENOTSOCK; /* BB eventually add reconnect code here */
150 smb_msg.msg_name = (struct sockaddr *) &server->dstaddr;
151 smb_msg.msg_namelen = sizeof(struct sockaddr);
152 smb_msg.msg_control = NULL;
153 smb_msg.msg_controllen = 0;
154 if (server->noblocksnd)
155 smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
157 smb_msg.msg_flags = MSG_NOSIGNAL;
160 for (i = 0; i < n_vec; i++)
161 remaining += iov[i].iov_len;
166 * If blocking send, we try 3 times, since each can block
167 * for 5 seconds. For nonblocking we have to try more
168 * but wait increasing amounts of time allowing time for
169 * socket to clear. The overall time we wait in either
170 * case to send on the socket is about 15 seconds.
171 * Similarly we wait for 15 seconds for a response from
172 * the server in SendReceive[2] for the server to send
173 * a response back for most types of requests (except
174 * SMB Write past end of file which can be slow, and
175 * blocking lock operations). NFS waits slightly longer
176 * than CIFS, but this can make it take longer for
177 * nonresponsive servers to be detected and 15 seconds
178 * is more than enough time for modern networks to
179 * send a packet. In most cases if we fail to send
180 * after the retries we will kill the socket and
181 * reconnect which may clear the network problem.
183 rc = kernel_sendmsg(ssocket, &smb_msg, &iov[first_vec],
184 n_vec - first_vec, remaining);
185 if (rc == -ENOSPC || rc == -EAGAIN) {
187 if (i >= 14 || (!server->noblocksnd && (i > 2))) {
188 cERROR(1, "sends on sock %p stuck for 15 "
200 /* send was at least partially successful */
203 if (rc == remaining) {
208 if (rc > remaining) {
209 cERROR(1, "sent %d requested %d", rc, remaining);
214 /* should never happen, letting socket clear before
215 retrying is our only obvious option here */
216 cERROR(1, "tcp sent no data");
223 /* the line below resets i */
224 for (i = first_vec; i < n_vec; i++) {
225 if (iov[i].iov_len) {
226 if (rc > iov[i].iov_len) {
227 rc -= iov[i].iov_len;
230 iov[i].iov_base += rc;
231 iov[i].iov_len -= rc;
238 i = 0; /* in case we get ENOSPC on the next send */
245 * rqst_page_to_kvec - Turn a slot in the smb_rqst page array into a kvec
246 * @rqst: pointer to smb_rqst
247 * @idx: index into the array of the page
248 * @iov: pointer to struct kvec that will hold the result
250 * Helper function to convert a slot in the rqst->rq_pages array into a kvec.
251 * The page will be kmapped and the address placed into iov_base. The length
252 * will then be adjusted according to the ptailoff.
255 cifs_rqst_page_to_kvec(struct smb_rqst *rqst, unsigned int idx,
259 * FIXME: We could avoid this kmap altogether if we used
260 * kernel_sendpage instead of kernel_sendmsg. That will only
261 * work if signing is disabled though as sendpage inlines the
262 * page directly into the fraglist. If userspace modifies the
263 * page after we calculate the signature, then the server will
264 * reject it and may break the connection. kernel_sendmsg does
265 * an extra copy of the data and avoids that issue.
267 iov->iov_base = kmap(rqst->rq_pages[idx]);
269 /* if last page, don't send beyond this offset into page */
270 if (idx == (rqst->rq_npages - 1))
271 iov->iov_len = rqst->rq_tailsz;
273 iov->iov_len = rqst->rq_pagesz;
277 smb_send_rqst(struct TCP_Server_Info *server, struct smb_rqst *rqst)
280 struct kvec *iov = rqst->rq_iov;
281 int n_vec = rqst->rq_nvec;
282 unsigned int smb_buf_length = get_rfc1002_length(iov[0].iov_base);
284 size_t total_len = 0, sent;
285 struct socket *ssocket = server->ssocket;
288 cFYI(1, "Sending smb: smb_len=%u", smb_buf_length);
289 dump_smb(iov[0].iov_base, iov[0].iov_len);
291 /* cork the socket */
292 kernel_setsockopt(ssocket, SOL_TCP, TCP_CORK,
293 (char *)&val, sizeof(val));
295 rc = smb_send_kvec(server, iov, n_vec, &sent);
301 /* now walk the page array and send each page in it */
302 for (i = 0; i < rqst->rq_npages; i++) {
305 cifs_rqst_page_to_kvec(rqst, i, &p_iov);
306 rc = smb_send_kvec(server, &p_iov, 1, &sent);
307 kunmap(rqst->rq_pages[i]);
317 kernel_setsockopt(ssocket, SOL_TCP, TCP_CORK,
318 (char *)&val, sizeof(val));
320 if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
321 cFYI(1, "partial send (wanted=%u sent=%zu): terminating "
322 "session", smb_buf_length + 4, total_len);
324 * If we have only sent part of an SMB then the next SMB could
325 * be taken as the remainder of this one. We need to kill the
326 * socket so the server throws away the partial SMB
328 server->tcpStatus = CifsNeedReconnect;
331 if (rc < 0 && rc != -EINTR)
332 cERROR(1, "Error %d sending data on socket to server", rc);
340 smb_sendv(struct TCP_Server_Info *server, struct kvec *iov, int n_vec)
342 struct smb_rqst rqst = { .rq_iov = iov,
345 return smb_send_rqst(server, &rqst);
349 smb_send(struct TCP_Server_Info *server, struct smb_hdr *smb_buffer,
350 unsigned int smb_buf_length)
354 iov.iov_base = smb_buffer;
355 iov.iov_len = smb_buf_length + 4;
357 return smb_sendv(server, &iov, 1);
361 wait_for_free_credits(struct TCP_Server_Info *server, const int timeout,
366 spin_lock(&server->req_lock);
367 if (timeout == CIFS_ASYNC_OP) {
368 /* oplock breaks must not be held up */
371 spin_unlock(&server->req_lock);
377 spin_unlock(&server->req_lock);
378 cifs_num_waiters_inc(server);
379 rc = wait_event_killable(server->request_q,
380 has_credits(server, credits));
381 cifs_num_waiters_dec(server);
384 spin_lock(&server->req_lock);
386 if (server->tcpStatus == CifsExiting) {
387 spin_unlock(&server->req_lock);
392 * Can not count locking commands against total
393 * as they are allowed to block on server.
396 /* update # of requests on the wire to server */
397 if (timeout != CIFS_BLOCKING_OP) {
401 spin_unlock(&server->req_lock);
409 wait_for_free_request(struct TCP_Server_Info *server, const int timeout,
412 return wait_for_free_credits(server, timeout,
413 server->ops->get_credits_field(server, optype));
416 static int allocate_mid(struct cifs_ses *ses, struct smb_hdr *in_buf,
417 struct mid_q_entry **ppmidQ)
419 if (ses->server->tcpStatus == CifsExiting) {
423 if (ses->server->tcpStatus == CifsNeedReconnect) {
424 cFYI(1, "tcp session dead - return to caller to retry");
428 if (ses->status != CifsGood) {
429 /* check if SMB session is bad because we are setting it up */
430 if ((in_buf->Command != SMB_COM_SESSION_SETUP_ANDX) &&
431 (in_buf->Command != SMB_COM_NEGOTIATE))
433 /* else ok - we are setting up session */
435 *ppmidQ = AllocMidQEntry(in_buf, ses->server);
438 spin_lock(&GlobalMid_Lock);
439 list_add_tail(&(*ppmidQ)->qhead, &ses->server->pending_mid_q);
440 spin_unlock(&GlobalMid_Lock);
445 wait_for_response(struct TCP_Server_Info *server, struct mid_q_entry *midQ)
449 error = wait_event_freezekillable(server->response_q,
450 midQ->mid_state != MID_REQUEST_SUBMITTED);
458 cifs_setup_async_request(struct TCP_Server_Info *server, struct smb_rqst *rqst)
461 struct smb_hdr *hdr = (struct smb_hdr *)rqst->rq_iov[0].iov_base;
462 struct mid_q_entry *mid;
464 /* enable signing if server requires it */
465 if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
466 hdr->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
468 mid = AllocMidQEntry(hdr, server);
470 return ERR_PTR(-ENOMEM);
472 rc = cifs_sign_rqst(rqst, server, &mid->sequence_number);
474 DeleteMidQEntry(mid);
482 * Send a SMB request and set the callback function in the mid to handle
483 * the result. Caller is responsible for dealing with timeouts.
486 cifs_call_async(struct TCP_Server_Info *server, struct smb_rqst *rqst,
487 mid_receive_t *receive, mid_callback_t *callback,
488 void *cbdata, const int flags)
490 int rc, timeout, optype;
491 struct mid_q_entry *mid;
493 timeout = flags & CIFS_TIMEOUT_MASK;
494 optype = flags & CIFS_OP_MASK;
496 rc = wait_for_free_request(server, timeout, optype);
500 mutex_lock(&server->srv_mutex);
501 mid = server->ops->setup_async_request(server, rqst);
503 mutex_unlock(&server->srv_mutex);
504 add_credits(server, 1, optype);
505 wake_up(&server->request_q);
509 mid->receive = receive;
510 mid->callback = callback;
511 mid->callback_data = cbdata;
512 mid->mid_state = MID_REQUEST_SUBMITTED;
514 /* put it on the pending_mid_q */
515 spin_lock(&GlobalMid_Lock);
516 list_add_tail(&mid->qhead, &server->pending_mid_q);
517 spin_unlock(&GlobalMid_Lock);
520 cifs_in_send_inc(server);
521 rc = smb_send_rqst(server, rqst);
522 cifs_in_send_dec(server);
523 cifs_save_when_sent(mid);
524 mutex_unlock(&server->srv_mutex);
529 cifs_delete_mid(mid);
530 add_credits(server, 1, optype);
531 wake_up(&server->request_q);
537 * Send an SMB Request. No response info (other than return code)
538 * needs to be parsed.
540 * flags indicate the type of request buffer and how long to wait
541 * and whether to log NT STATUS code (error) before mapping it to POSIX error
545 SendReceiveNoRsp(const unsigned int xid, struct cifs_ses *ses,
546 char *in_buf, int flags)
552 iov[0].iov_base = in_buf;
553 iov[0].iov_len = get_rfc1002_length(in_buf) + 4;
554 flags |= CIFS_NO_RESP;
555 rc = SendReceive2(xid, ses, iov, 1, &resp_buf_type, flags);
556 cFYI(DBG2, "SendRcvNoRsp flags %d rc %d", flags, rc);
562 cifs_sync_mid_result(struct mid_q_entry *mid, struct TCP_Server_Info *server)
566 cFYI(1, "%s: cmd=%d mid=%llu state=%d", __func__,
567 le16_to_cpu(mid->command), mid->mid, mid->mid_state);
569 spin_lock(&GlobalMid_Lock);
570 switch (mid->mid_state) {
571 case MID_RESPONSE_RECEIVED:
572 spin_unlock(&GlobalMid_Lock);
574 case MID_RETRY_NEEDED:
577 case MID_RESPONSE_MALFORMED:
584 list_del_init(&mid->qhead);
585 cERROR(1, "%s: invalid mid state mid=%llu state=%d", __func__,
586 mid->mid, mid->mid_state);
589 spin_unlock(&GlobalMid_Lock);
591 DeleteMidQEntry(mid);
596 send_cancel(struct TCP_Server_Info *server, void *buf, struct mid_q_entry *mid)
598 return server->ops->send_cancel ?
599 server->ops->send_cancel(server, buf, mid) : 0;
603 cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
606 unsigned int len = get_rfc1002_length(mid->resp_buf) + 4;
608 dump_smb(mid->resp_buf, min_t(u32, 92, len));
610 /* convert the length into a more usable form */
611 if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
614 struct smb_rqst rqst = { .rq_iov = &iov,
617 iov.iov_base = mid->resp_buf;
619 /* FIXME: add code to kill session */
620 rc = cifs_verify_signature(&rqst, server,
621 mid->sequence_number + 1);
623 cERROR(1, "SMB signature verification returned error = "
627 /* BB special case reconnect tid and uid here? */
628 return map_smb_to_linux_error(mid->resp_buf, log_error);
632 cifs_setup_request(struct cifs_ses *ses, struct smb_rqst *rqst)
635 struct smb_hdr *hdr = (struct smb_hdr *)rqst->rq_iov[0].iov_base;
636 struct mid_q_entry *mid;
638 rc = allocate_mid(ses, hdr, &mid);
641 rc = cifs_sign_rqst(rqst, ses->server, &mid->sequence_number);
643 cifs_delete_mid(mid);
650 SendReceive2(const unsigned int xid, struct cifs_ses *ses,
651 struct kvec *iov, int n_vec, int *resp_buf_type /* ret */,
656 struct mid_q_entry *midQ;
657 char *buf = iov[0].iov_base;
658 unsigned int credits = 1;
659 struct smb_rqst rqst = { .rq_iov = iov,
662 timeout = flags & CIFS_TIMEOUT_MASK;
663 optype = flags & CIFS_OP_MASK;
665 *resp_buf_type = CIFS_NO_BUFFER; /* no response buf yet */
667 if ((ses == NULL) || (ses->server == NULL)) {
668 cifs_small_buf_release(buf);
669 cERROR(1, "Null session");
673 if (ses->server->tcpStatus == CifsExiting) {
674 cifs_small_buf_release(buf);
679 * Ensure that we do not send more than 50 overlapping requests
680 * to the same server. We may make this configurable later or
684 rc = wait_for_free_request(ses->server, timeout, optype);
686 cifs_small_buf_release(buf);
691 * Make sure that we sign in the same order that we send on this socket
692 * and avoid races inside tcp sendmsg code that could cause corruption
696 mutex_lock(&ses->server->srv_mutex);
698 midQ = ses->server->ops->setup_request(ses, &rqst);
700 mutex_unlock(&ses->server->srv_mutex);
701 cifs_small_buf_release(buf);
702 /* Update # of requests on wire to server */
703 add_credits(ses->server, 1, optype);
704 return PTR_ERR(midQ);
707 midQ->mid_state = MID_REQUEST_SUBMITTED;
708 cifs_in_send_inc(ses->server);
709 rc = smb_sendv(ses->server, iov, n_vec);
710 cifs_in_send_dec(ses->server);
711 cifs_save_when_sent(midQ);
713 mutex_unlock(&ses->server->srv_mutex);
716 cifs_small_buf_release(buf);
720 if (timeout == CIFS_ASYNC_OP) {
721 cifs_small_buf_release(buf);
725 rc = wait_for_response(ses->server, midQ);
727 send_cancel(ses->server, buf, midQ);
728 spin_lock(&GlobalMid_Lock);
729 if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
730 midQ->callback = DeleteMidQEntry;
731 spin_unlock(&GlobalMid_Lock);
732 cifs_small_buf_release(buf);
733 add_credits(ses->server, 1, optype);
736 spin_unlock(&GlobalMid_Lock);
739 cifs_small_buf_release(buf);
741 rc = cifs_sync_mid_result(midQ, ses->server);
743 add_credits(ses->server, 1, optype);
747 if (!midQ->resp_buf || midQ->mid_state != MID_RESPONSE_RECEIVED) {
749 cFYI(1, "Bad MID state?");
753 buf = (char *)midQ->resp_buf;
754 iov[0].iov_base = buf;
755 iov[0].iov_len = get_rfc1002_length(buf) + 4;
757 *resp_buf_type = CIFS_LARGE_BUFFER;
759 *resp_buf_type = CIFS_SMALL_BUFFER;
761 credits = ses->server->ops->get_credits(midQ);
763 rc = ses->server->ops->check_receive(midQ, ses->server,
764 flags & CIFS_LOG_ERROR);
766 /* mark it so buf will not be freed by cifs_delete_mid */
767 if ((flags & CIFS_NO_RESP) == 0)
768 midQ->resp_buf = NULL;
770 cifs_delete_mid(midQ);
771 add_credits(ses->server, credits, optype);
777 SendReceive(const unsigned int xid, struct cifs_ses *ses,
778 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
779 int *pbytes_returned, const int timeout)
782 struct mid_q_entry *midQ;
785 cERROR(1, "Null smb session");
788 if (ses->server == NULL) {
789 cERROR(1, "Null tcp session");
793 if (ses->server->tcpStatus == CifsExiting)
796 /* Ensure that we do not send more than 50 overlapping requests
797 to the same server. We may make this configurable later or
800 if (be32_to_cpu(in_buf->smb_buf_length) > CIFSMaxBufSize +
801 MAX_CIFS_HDR_SIZE - 4) {
802 cERROR(1, "Illegal length, greater than maximum frame, %d",
803 be32_to_cpu(in_buf->smb_buf_length));
807 rc = wait_for_free_request(ses->server, timeout, 0);
811 /* make sure that we sign in the same order that we send on this socket
812 and avoid races inside tcp sendmsg code that could cause corruption
815 mutex_lock(&ses->server->srv_mutex);
817 rc = allocate_mid(ses, in_buf, &midQ);
819 mutex_unlock(&ses->server->srv_mutex);
820 /* Update # of requests on wire to server */
821 add_credits(ses->server, 1, 0);
825 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
827 mutex_unlock(&ses->server->srv_mutex);
831 midQ->mid_state = MID_REQUEST_SUBMITTED;
833 cifs_in_send_inc(ses->server);
834 rc = smb_send(ses->server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
835 cifs_in_send_dec(ses->server);
836 cifs_save_when_sent(midQ);
837 mutex_unlock(&ses->server->srv_mutex);
842 if (timeout == CIFS_ASYNC_OP)
845 rc = wait_for_response(ses->server, midQ);
847 send_cancel(ses->server, in_buf, midQ);
848 spin_lock(&GlobalMid_Lock);
849 if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
850 /* no longer considered to be "in-flight" */
851 midQ->callback = DeleteMidQEntry;
852 spin_unlock(&GlobalMid_Lock);
853 add_credits(ses->server, 1, 0);
856 spin_unlock(&GlobalMid_Lock);
859 rc = cifs_sync_mid_result(midQ, ses->server);
861 add_credits(ses->server, 1, 0);
865 if (!midQ->resp_buf || !out_buf ||
866 midQ->mid_state != MID_RESPONSE_RECEIVED) {
868 cERROR(1, "Bad MID state?");
872 *pbytes_returned = get_rfc1002_length(midQ->resp_buf);
873 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
874 rc = cifs_check_receive(midQ, ses->server, 0);
876 cifs_delete_mid(midQ);
877 add_credits(ses->server, 1, 0);
882 /* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
883 blocking lock to return. */
886 send_lock_cancel(const unsigned int xid, struct cifs_tcon *tcon,
887 struct smb_hdr *in_buf,
888 struct smb_hdr *out_buf)
891 struct cifs_ses *ses = tcon->ses;
892 LOCK_REQ *pSMB = (LOCK_REQ *)in_buf;
894 /* We just modify the current in_buf to change
895 the type of lock from LOCKING_ANDX_SHARED_LOCK
896 or LOCKING_ANDX_EXCLUSIVE_LOCK to
897 LOCKING_ANDX_CANCEL_LOCK. */
899 pSMB->LockType = LOCKING_ANDX_CANCEL_LOCK|LOCKING_ANDX_LARGE_FILES;
901 pSMB->hdr.Mid = get_next_mid(ses->server);
903 return SendReceive(xid, ses, in_buf, out_buf,
908 SendReceiveBlockingLock(const unsigned int xid, struct cifs_tcon *tcon,
909 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
910 int *pbytes_returned)
914 struct mid_q_entry *midQ;
915 struct cifs_ses *ses;
917 if (tcon == NULL || tcon->ses == NULL) {
918 cERROR(1, "Null smb session");
923 if (ses->server == NULL) {
924 cERROR(1, "Null tcp session");
928 if (ses->server->tcpStatus == CifsExiting)
931 /* Ensure that we do not send more than 50 overlapping requests
932 to the same server. We may make this configurable later or
935 if (be32_to_cpu(in_buf->smb_buf_length) > CIFSMaxBufSize +
936 MAX_CIFS_HDR_SIZE - 4) {
937 cERROR(1, "Illegal length, greater than maximum frame, %d",
938 be32_to_cpu(in_buf->smb_buf_length));
942 rc = wait_for_free_request(ses->server, CIFS_BLOCKING_OP, 0);
946 /* make sure that we sign in the same order that we send on this socket
947 and avoid races inside tcp sendmsg code that could cause corruption
950 mutex_lock(&ses->server->srv_mutex);
952 rc = allocate_mid(ses, in_buf, &midQ);
954 mutex_unlock(&ses->server->srv_mutex);
958 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
960 cifs_delete_mid(midQ);
961 mutex_unlock(&ses->server->srv_mutex);
965 midQ->mid_state = MID_REQUEST_SUBMITTED;
966 cifs_in_send_inc(ses->server);
967 rc = smb_send(ses->server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
968 cifs_in_send_dec(ses->server);
969 cifs_save_when_sent(midQ);
970 mutex_unlock(&ses->server->srv_mutex);
973 cifs_delete_mid(midQ);
977 /* Wait for a reply - allow signals to interrupt. */
978 rc = wait_event_interruptible(ses->server->response_q,
979 (!(midQ->mid_state == MID_REQUEST_SUBMITTED)) ||
980 ((ses->server->tcpStatus != CifsGood) &&
981 (ses->server->tcpStatus != CifsNew)));
983 /* Were we interrupted by a signal ? */
984 if ((rc == -ERESTARTSYS) &&
985 (midQ->mid_state == MID_REQUEST_SUBMITTED) &&
986 ((ses->server->tcpStatus == CifsGood) ||
987 (ses->server->tcpStatus == CifsNew))) {
989 if (in_buf->Command == SMB_COM_TRANSACTION2) {
990 /* POSIX lock. We send a NT_CANCEL SMB to cause the
991 blocking lock to return. */
992 rc = send_cancel(ses->server, in_buf, midQ);
994 cifs_delete_mid(midQ);
998 /* Windows lock. We send a LOCKINGX_CANCEL_LOCK
999 to cause the blocking lock to return. */
1001 rc = send_lock_cancel(xid, tcon, in_buf, out_buf);
1003 /* If we get -ENOLCK back the lock may have
1004 already been removed. Don't exit in this case. */
1005 if (rc && rc != -ENOLCK) {
1006 cifs_delete_mid(midQ);
1011 rc = wait_for_response(ses->server, midQ);
1013 send_cancel(ses->server, in_buf, midQ);
1014 spin_lock(&GlobalMid_Lock);
1015 if (midQ->mid_state == MID_REQUEST_SUBMITTED) {
1016 /* no longer considered to be "in-flight" */
1017 midQ->callback = DeleteMidQEntry;
1018 spin_unlock(&GlobalMid_Lock);
1021 spin_unlock(&GlobalMid_Lock);
1024 /* We got the response - restart system call. */
1028 rc = cifs_sync_mid_result(midQ, ses->server);
1032 /* rcvd frame is ok */
1033 if (out_buf == NULL || midQ->mid_state != MID_RESPONSE_RECEIVED) {
1035 cERROR(1, "Bad MID state?");
1039 *pbytes_returned = get_rfc1002_length(midQ->resp_buf);
1040 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
1041 rc = cifs_check_receive(midQ, ses->server, 0);
1043 cifs_delete_mid(midQ);
1044 if (rstart && rc == -EACCES)
1045 return -ERESTARTSYS;
projects / platform / adaptation / renesas_rcar / renesas_kernel.git / blob