From: Greg KH <gregkh@linuxfoundation.org>
To: longli@microsoft.com
Cc: Steve French <sfrench@samba.org>,
linux-cifs@vger.kernel.org, samba-technical@lists.samba.org,
linux-kernel@vger.kernel.org, linux-rdma@vger.kernel.org,
stable@vger.kernel.org
Subject: Re: [PATCH 2/6] cifs: Allocate validate negoation request through kmalloc
Date: Tue, 17 Apr 2018 09:30:01 +0200 [thread overview]
Message-ID: <20180417073001.GF15310@kroah.com> (raw)
In-Reply-To: <20180417004918.29213-2-longli@linuxonhyperv.com>
On Mon, Apr 16, 2018 at 05:49:14PM -0700, Long Li wrote:
> From: Long Li <longli@microsoft.com>
>
> The data buffer allocated on the stack can't be DMA'ed, and hence can't send
> through RDMA via SMB Direct.
>
> Fix this by allocating the request on the heap in smb3_validate_negotiate.
>
> Signed-off-by: Long Li <longli@microsoft.com>
> ---
> fs/cifs/smb2pdu.c | 38 ++++++++++++++++++++++----------------
> 1 file changed, 22 insertions(+), 16 deletions(-)
>
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index 0f044c4..abbefe2 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -730,7 +730,7 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
> int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon)
> {
> int rc = 0;
> - struct validate_negotiate_info_req vneg_inbuf;
> + struct validate_negotiate_info_req *pneg_inbuf;
> struct validate_negotiate_info_rsp *pneg_rsp = NULL;
> u32 rsplen;
> u32 inbuflen; /* max of 4 dialects */
> @@ -741,6 +741,9 @@ int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon)
> if (tcon->ses->server->rdma)
> return 0;
> #endif
> + pneg_inbuf = kmalloc(sizeof(*pneg_inbuf), GFP_KERNEL);
> + if (!pneg_inbuf)
> + return -ENOMEM;
>
> /* In SMB3.11 preauth integrity supersedes validate negotiate */
> if (tcon->ses->server->dialect == SMB311_PROT_ID)
> @@ -764,52 +767,53 @@ int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon)
> if (tcon->ses->session_flags & SMB2_SESSION_FLAG_IS_NULL)
> cifs_dbg(VFS, "Unexpected null user (anonymous) auth flag sent by server\n");
>
> - vneg_inbuf.Capabilities =
> + pneg_inbuf->Capabilities =
> cpu_to_le32(tcon->ses->server->vals->req_capabilities);
> - memcpy(vneg_inbuf.Guid, tcon->ses->server->client_guid,
> + memcpy(pneg_inbuf->Guid, tcon->ses->server->client_guid,
> SMB2_CLIENT_GUID_SIZE);
>
> if (tcon->ses->sign)
> - vneg_inbuf.SecurityMode =
> + pneg_inbuf->SecurityMode =
> cpu_to_le16(SMB2_NEGOTIATE_SIGNING_REQUIRED);
> else if (global_secflags & CIFSSEC_MAY_SIGN)
> - vneg_inbuf.SecurityMode =
> + pneg_inbuf->SecurityMode =
> cpu_to_le16(SMB2_NEGOTIATE_SIGNING_ENABLED);
> else
> - vneg_inbuf.SecurityMode = 0;
> + pneg_inbuf->SecurityMode = 0;
>
>
> if (strcmp(tcon->ses->server->vals->version_string,
> SMB3ANY_VERSION_STRING) == 0) {
> - vneg_inbuf.Dialects[0] = cpu_to_le16(SMB30_PROT_ID);
> - vneg_inbuf.Dialects[1] = cpu_to_le16(SMB302_PROT_ID);
> - vneg_inbuf.DialectCount = cpu_to_le16(2);
> + pneg_inbuf->Dialects[0] = cpu_to_le16(SMB30_PROT_ID);
> + pneg_inbuf->Dialects[1] = cpu_to_le16(SMB302_PROT_ID);
> + pneg_inbuf->DialectCount = cpu_to_le16(2);
> /* structure is big enough for 3 dialects, sending only 2 */
> inbuflen = sizeof(struct validate_negotiate_info_req) - 2;
> } else if (strcmp(tcon->ses->server->vals->version_string,
> SMBDEFAULT_VERSION_STRING) == 0) {
> - vneg_inbuf.Dialects[0] = cpu_to_le16(SMB21_PROT_ID);
> - vneg_inbuf.Dialects[1] = cpu_to_le16(SMB30_PROT_ID);
> - vneg_inbuf.Dialects[2] = cpu_to_le16(SMB302_PROT_ID);
> - vneg_inbuf.DialectCount = cpu_to_le16(3);
> + pneg_inbuf->Dialects[0] = cpu_to_le16(SMB21_PROT_ID);
> + pneg_inbuf->Dialects[1] = cpu_to_le16(SMB30_PROT_ID);
> + pneg_inbuf->Dialects[2] = cpu_to_le16(SMB302_PROT_ID);
> + pneg_inbuf->DialectCount = cpu_to_le16(3);
> /* structure is big enough for 3 dialects */
> inbuflen = sizeof(struct validate_negotiate_info_req);
> } else {
> /* otherwise specific dialect was requested */
> - vneg_inbuf.Dialects[0] =
> + pneg_inbuf->Dialects[0] =
> cpu_to_le16(tcon->ses->server->vals->protocol_id);
> - vneg_inbuf.DialectCount = cpu_to_le16(1);
> + pneg_inbuf->DialectCount = cpu_to_le16(1);
> /* structure is big enough for 3 dialects, sending only 1 */
> inbuflen = sizeof(struct validate_negotiate_info_req) - 4;
> }
>
> rc = SMB2_ioctl(xid, tcon, NO_FILE_ID, NO_FILE_ID,
> FSCTL_VALIDATE_NEGOTIATE_INFO, true /* is_fsctl */,
> - (char *)&vneg_inbuf, sizeof(struct validate_negotiate_info_req),
> + (char *)pneg_inbuf, sizeof(struct validate_negotiate_info_req),
> (char **)&pneg_rsp, &rsplen);
>
> if (rc != 0) {
> cifs_dbg(VFS, "validate protocol negotiate failed: %d\n", rc);
> + kfree(pneg_inbuf);
> return -EIO;
> }
>
> @@ -838,12 +842,14 @@ int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon)
>
> /* validate negotiate successful */
> cifs_dbg(FYI, "validate negotiate info successful\n");
> + kfree(pneg_inbuf);
> kfree(pneg_rsp);
> return 0;
>
> vneg_out:
> cifs_dbg(VFS, "protocol revalidation - security settings mismatch\n");
> err_rsp_free:
> + kfree(pneg_inbuf);
> kfree(pneg_rsp);
> return -EIO;
> }
> --
> 2.7.4
<formletter>
This is not the correct way to submit patches for inclusion in the
stable kernel tree. Please read:
https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.
</formletter>
next prev parent reply other threads:[~2018-04-17 7:30 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-17 0:49 [PATCH 1/6] cifs: smbd: Check for iov length on sending the last iov Long Li
2018-04-17 0:49 ` [PATCH 2/6] cifs: Allocate validate negoation request through kmalloc Long Li
2018-04-17 4:01 ` Parav Pandit
2018-04-17 18:11 ` Long Li
2018-04-17 7:30 ` Greg KH [this message]
2018-04-17 0:49 ` [PATCH 3/6] cifs: smbd: Avoid allocating iov on the stack Long Li
2018-04-17 7:29 ` Greg KH
2018-04-17 0:49 ` [PATCH 4/6] cifs: smbd: Don't use RDMA read/write when signing is used Long Li
2018-04-17 7:29 ` Greg KH
2018-04-17 0:49 ` [PATCH 5/6] cifs: smbd: Enable signing with smbdirect Long Li
2018-04-17 7:29 ` Greg KH
2018-04-17 0:49 ` [PATCH 6/6] cifs: smbd: Dump SMB packet when configured Long Li
2018-04-17 7:29 ` Greg KH
2018-04-17 7:29 ` [PATCH 1/6] cifs: smbd: Check for iov length on sending the last iov Greg KH
2018-04-17 17:55 ` Long Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180417073001.GF15310@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=linux-cifs@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=longli@microsoft.com \
--cc=samba-technical@lists.samba.org \
--cc=sfrench@samba.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.