From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Ronnie Sahlberg <lsahlber@redhat.com>,
Pavel Shilovsky <pshilov@microsoft.com>,
Steve French <stfrench@microsoft.com>,
Sasha Levin <sashal@kernel.org>,
linux-cifs@vger.kernel.org
Subject: [PATCH AUTOSEL 5.1 062/186] cifs: fix credits leak for SMB1 oplock breaks
Date: Sat, 1 Jun 2019 09:14:38 -0400 [thread overview]
Message-ID: <20190601131653.24205-62-sashal@kernel.org> (raw)
In-Reply-To: <20190601131653.24205-1-sashal@kernel.org>
From: Ronnie Sahlberg <lsahlber@redhat.com>
[ Upstream commit d69cb728e70c40268762182a62f5d5d6fa51c5b2 ]
For SMB1 oplock breaks we would grab one credit while sending the PDU
but we would never relese the credit back since we will never receive a
response to this from the server. Eventuallt this would lead to a hang
once all credits are leaked.
Fix this by defining a new flag CIFS_NO_SRV_RSP which indicates that there
is no server response to this command and thus we need to add any credits back
immediately after sending the PDU.
CC: Stable <stable@vger.kernel.org> #v5.0+
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/cifs/cifsglob.h | 1 +
fs/cifs/cifssmb.c | 2 +-
fs/cifs/transport.c | 10 +++++-----
3 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 585ad3207cb12..607468948f72b 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -1687,6 +1687,7 @@ static inline bool is_retryable_error(int error)
#define CIFS_HAS_CREDITS 0x0400 /* already has credits */
#define CIFS_TRANSFORM_REQ 0x0800 /* transform request before sending */
+#define CIFS_NO_SRV_RSP 0x1000 /* there is no server response */
/* Security Flags: indicate type of session setup needed */
#define CIFSSEC_MAY_SIGN 0x00001
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index f43747c062a70..6050851edcb82 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -2540,7 +2540,7 @@ CIFSSMBLock(const unsigned int xid, struct cifs_tcon *tcon,
if (lockType == LOCKING_ANDX_OPLOCK_RELEASE) {
/* no response expected */
- flags = CIFS_ASYNC_OP | CIFS_OBREAK_OP;
+ flags = CIFS_NO_SRV_RSP | CIFS_ASYNC_OP | CIFS_OBREAK_OP;
pSMB->Timeout = 0;
} else if (waitFlag) {
flags = CIFS_BLOCKING_OP; /* blocking operation, no timeout */
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
index 1de8e996e566f..72e242c49ca11 100644
--- a/fs/cifs/transport.c
+++ b/fs/cifs/transport.c
@@ -1054,8 +1054,11 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses,
mutex_unlock(&ses->server->srv_mutex);
- if (rc < 0) {
- /* Sending failed for some reason - return credits back */
+ /*
+ * If sending failed for some reason or it is an oplock break that we
+ * will not receive a response to - return credits back
+ */
+ if (rc < 0 || (flags & CIFS_NO_SRV_RSP)) {
for (i = 0; i < num_rqst; i++)
add_credits(ses->server, &credits[i], optype);
goto out;
@@ -1076,9 +1079,6 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses,
smb311_update_preauth_hash(ses, rqst[0].rq_iov,
rqst[0].rq_nvec);
- if ((flags & CIFS_TIMEOUT_MASK) == CIFS_ASYNC_OP)
- goto out;
-
for (i = 0; i < num_rqst; i++) {
rc = wait_for_response(ses->server, midQ[i]);
if (rc != 0)
--
2.20.1
next prev parent reply other threads:[~2019-06-01 13:41 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-01 13:13 [PATCH AUTOSEL 5.1 001/186] media: rockchip/vpu: Fix/re-order probe-error/remove path Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 002/186] media: rockchip/vpu: Add missing dont_use_autosuspend() calls Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 003/186] rapidio: fix a NULL pointer dereference when create_workqueue() fails Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 004/186] fs/fat/file.c: issue flush after the writeback of FAT Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 005/186] sysctl: return -EINVAL if val violates minmax Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 006/186] ipc: prevent lockup on alloc_msg and free_msg Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 007/186] drm/msm: correct attempted NULL pointer dereference in debugfs Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 008/186] drm/pl111: Initialize clock spinlock early Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 009/186] mm/mprotect.c: fix compilation warning because of unused 'mm' variable Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 010/186] ARM: prevent tracing IPI_CPU_BACKTRACE Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 011/186] mm/hmm: select mmu notifier when selecting HMM Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 012/186] hugetlbfs: on restore reserve error path retain subpool reservation Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 013/186] mm/memory_hotplug: release memory resource after arch_remove_memory() Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 014/186] mem-hotplug: fix node spanned pages when we have a node with only ZONE_MOVABLE Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 015/186] mm/cma.c: fix crash on CMA allocation if bitmap allocation fails Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 016/186] initramfs: free initrd memory if opening /initrd.image fails Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 017/186] mm/compaction.c: fix an undefined behaviour Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 018/186] mm/memory_hotplug.c: fix the wrong usage of N_HIGH_MEMORY Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 019/186] mm/cma.c: fix the bitmap status to show failed allocation reason Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 020/186] mm: page_mkclean vs MADV_DONTNEED race Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 021/186] mm/cma_debug.c: fix the break condition in cma_maxchunk_get() Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 022/186] mm/slab.c: fix an infinite loop in leaks_show() Sasha Levin
2019-06-01 13:13 ` [PATCH AUTOSEL 5.1 023/186] kernel/sys.c: prctl: fix false positive in validate_prctl_map() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 024/186] thermal: rcar_gen3_thermal: disable interrupt in .remove Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 025/186] drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 026/186] mfd: tps65912-spi: Add missing of table registration Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 027/186] mfd: intel-lpss: Set the device in reset state when init Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 028/186] drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 029/186] mfd: twl6040: Fix device init errors for ACCCTL register Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 030/186] perf/x86/intel: Allow PEBS multi-entry in watermark mode Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 031/186] drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 032/186] drm/nouveau: fix duplication of nv50_head_atom struct Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 033/186] drm/bridge: adv7511: Fix low refresh rate selection Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 034/186] objtool: Don't use ignore flag for fake jumps Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 035/186] drm/nouveau/kms/gv100-: fix spurious window immediate interlocks Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 036/186] bpf: fix undefined behavior in narrow load handling Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 037/186] gcc-plugins: arm_ssp_per_task_plugin: Fix for older GCC < 6 Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 038/186] EDAC/mpc85xx: Prevent building as a module Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 039/186] NFS4: Fix v4.0 client state corruption when mount Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 040/186] pwm: meson: Use the spin-lock only to protect register modifications Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 041/186] mailbox: stm32-ipcc: check invalid irq Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 042/186] ntp: Allow TAI-UTC offset to be set to zero Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 043/186] f2fs: fix to avoid panic in do_recover_data() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 044/186] f2fs: fix to avoid panic in f2fs_inplace_write_data() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 045/186] f2fs: fix error path of recovery Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 046/186] f2fs: fix to avoid panic in f2fs_remove_inode_page() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 047/186] f2fs: fix to do sanity check on free nid Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 048/186] f2fs: fix to clear dirty inode in error path of f2fs_iget() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 049/186] f2fs: fix to avoid panic in dec_valid_block_count() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 050/186] f2fs: fix to use inline space only if inline_xattr is enable Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 051/186] f2fs: fix to avoid panic in dec_valid_node_count() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 052/186] f2fs: fix to do sanity check on valid block count of segment Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 053/186] f2fs: fix to avoid deadloop in foreground GC Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 054/186] f2fs: fix to retrieve inline xattr space Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 055/186] f2fs: fix to do checksum even if inode page is uptodate Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 056/186] media: atmel: atmel-isc: fix asd memory allocation Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 057/186] percpu: remove spurious lock dependency between percpu and sched Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 058/186] tracing: probeevent: Fix to make the type of $comm string Sasha Levin
2019-06-08 21:31 ` Steven Rostedt
2019-06-09 19:13 ` Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 059/186] tracing: Fix partial reading of trace event's id file Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 060/186] configfs: fix possible use-after-free in configfs_register_group Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 061/186] uml: fix a boot splat wrt use of cpu_all_mask Sasha Levin
2019-06-01 13:14 ` Sasha Levin [this message]
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 063/186] PCI: dwc: Free MSI in dw_pcie_host_init() error path Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 064/186] PCI: dwc: Free MSI IRQ page in dw_pcie_free_msi() Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 065/186] fbcon: Don't reset logo_shown when logo is currently shown Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 066/186] netfilter: ctnetlink: Resolve conntrack L3-protocol flush regression Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 067/186] ovl: do not generate duplicate fsnotify events for "fake" path Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 068/186] mmc: mmci: Prevent polling for busy detection in IRQ context Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 069/186] netfilter: nf_flow_table: fix missing error check for rhashtable_insert_fast Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 070/186] netfilter: nf_conntrack_h323: restore boundary check correctness Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 071/186] mips: Make sure dt memory regions are valid Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 072/186] netfilter: nf_tables: fix base chain stat rcu_dereference usage Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 073/186] watchdog: Use depends instead of select for pretimeout governors Sasha Levin
2019-06-01 13:14 ` [PATCH AUTOSEL 5.1 074/186] watchdog: imx2_wdt: Fix set_timeout for big timeout values Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190601131653.24205-62-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-cifs@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lsahlber@redhat.com \
--cc=pshilov@microsoft.com \
--cc=stable@vger.kernel.org \
--cc=stfrench@microsoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox