review.tizen.org Git - platform/kernel/linux-exynos.git/commit

author	Pavel Shilovsky <pshilov@microsoft.com>
	Sat, 19 Jan 2019 01:25:36 +0000 (17:25 -0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 31 Jan 2019 07:13:44 +0000 (08:13 +0100)
commit	2cffcebe17439fab6d2d54d754054cd3da547f09
tree	009ea553574c12a78463f6baa5643600e3f3617f	tree \| snapshot
parent	1c69ba8b1453eb1c9f77536433616dab0a147c65	commit \| diff

CIFS: Do not reconnect TCP session in add_credits()

commit ef68e831840c40c7d01b328b3c0f5d8c4796c232 upstream.

When executing add_credits() we currently call cifs_reconnect()
if the number of credits is zero and there are no requests in
flight. In this case we may call cifs_reconnect() recursively
twice and cause memory corruption given the following sequence
of functions:

mid1.callback() -> add_credits() -> cifs_reconnect() ->
-> mid2.callback() -> add_credits() -> cifs_reconnect().

Fix this by avoiding to call cifs_reconnect() in add_credits()
and checking for zero credits in the demultiplex thread.

Cc: <stable@vger.kernel.org>
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/cifs/connect.c		diff \| blob \| history
fs/cifs/smb2ops.c		diff \| blob \| history