An error occurred fetching the project authors.
- 01 Apr, 2019 1 commit
-
-
Steve French authored
Reconnecting after server or network failure can be improved (to maintain availability and protect data integrity) by allowing the client to choose the default persistent (or resilient) handle timeout in some use cases. Today we default to 0 which lets the server pick the default timeout (usually 120 seconds) but this can be problematic for some workloads. Add the new mount parameter to cifs.ko for SMB3 mounts "handletimeout" which enables the user to override the default handle timeout for persistent (mount option "persistenthandles") or resilient handles (mount option "resilienthandles"). Maximum allowed is 16 minutes (960000 ms). Units for the timeout are expressed in milliseconds. See section 2.2.14.2.12 and 2.2.31.3 of the MS-SMB2 protocol specification for more information. Signed-off-by:
Steve French <stfrench@microsoft.com> Reviewed-by:
Pavel Shilovsky <pshilov@microsoft.com> Reviewed-by:
Ronnie Sahlberg <lsahlber@redhat.com> CC: Stable <stable@vger.kernel.org>
-
- 15 Mar, 2019 1 commit
-
-
Steve French authored
Detected by CoverityScan CID#1438719 ("Unused Value") buf is reset again before being used so these two lines of code are useless. Signed-off-by:
-
- 06 Mar, 2019 2 commits
-
-
Pavel Shilovsky authored
Every time after a session reconnect we don't need to account for credits obtained in previous sessions. Introduce new struct cifs_credits which contains both credits value and reconnect instance of the time those credits were taken. Modify a routine that add credits back to handle the reconnect instance by assuming zero credits if the reconnect happened after the credits were obtained and before we decided to add them back due to some errors during sending. This patch fixes the MTU credits cases. The subsequent patch will handle non-MTU ones. Signed-off-by:
-
Pavel Shilovsky authored
Currently we set reconnect instance to zero on the first connection but this is not convenient because we need to reserve some special value for credit handling on reconnects which is coming in subsequent patches. Fix this by starting with one when initiating a new TCP connection. Signed-off-by:
-
- 05 Mar, 2019 5 commits
-
-
Pavel Shilovsky authored
Even if a response is malformed, we should count credits granted by the server to avoid miscalculations and unnecessary reconnects due to client or server bugs. If the response has been received partially, the session will be reconnected anyway on the next iteration of the demultiplex thread, so counting credits for such cases shouldn't break things. Signed-off-by:
-
Steve French authored
We negotiate rsize mounts (and it can be overridden by user) to typically 4MB, so using larger default I/O sizes from userspace (changing to 1MB default i/o size returned by stat) the performance is much better (and not just for long latency network connections) in most use cases for SMB3 than the default I/O size (which ends up being 128K for cp and can be even smaller for cp). This can be 4x slower or worse depending on network latency. By changing inode->blocksize from 32K (which was perhaps ok for very old SMB1/CIFS) to a larger value, 1MB (but still less than max size negotiated with the server which is 4MB, in order to minimize risk) it significantly increases performance for the noncached case, and slightly increases it for the cached case. This can be changed by the user on mount (specifying bsize= values from 16K to 16MB) to tune better for performance for applications that depend on blocksize. Signed-off-by:
-
Ronnie Sahlberg authored
We should add any credits granted to us from unmatched server responses. Signed-off-by:
-
Ronnie Sahlberg authored
a trivial patch that replaces all use of snprintf with scnprintf. scnprintf() is generally seen as a safer function to use than snprintf for many use cases. In our case, there is no actual difference between the two since we never look at the return value. Thus we did not have any of the bugs that scnprintf protects against and the patch does nothing. However, for people reading our code it will be a receipt that we have done our due dilligence and checked our code for this type of bugs. See the presentation "Making C Less Dangerous In The Linux Kernel" at this years LCA Signed-off-by:
-
Yao Liu authored
There is a NULL pointer dereference of devname in strspn() The oops looks something like: CIFS: Attempting to mount (null) BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 ... RIP: 0010:strspn+0x0/0x50 ... Call Trace: ? cifs_parse_mount_options+0x222/0x1710 [cifs] ? cifs_get_volume_info+0x2f/0x80 [cifs] cifs_setup_volume_info+0x20/0x190 [cifs] cifs_get_volume_info+0x50/0x80 [cifs] cifs_smb3_do_mount+0x59/0x630 [cifs] ? ida_alloc_range+0x34b/0x3d0 cifs_do_mount+0x11/0x20 [cifs] mount_fs+0x52/0x170 vfs_kern_mount+0x6b/0x170 do_mount+0x216/0xdc0 ksys_mount+0x83/0xd0 __x64_sys_mount+0x25/0x30 do_syscall_64+0x65/0x220 entry_SYSCALL_64_after_hwframe+0x49/0xbe Fix this by adding a NULL check on devname in cifs_parse_devname() Signed-off-by:
Yao Liu <yotta.liu@ucloud.cn> Signed-off-by:
-
- 24 Jan, 2019 1 commit
-
-
Pavel Shilovsky authored
When executing add_credits() we currently call cifs_reconnect() if the number of credits is zero and there are no requests in flight. In this case we may call cifs_reconnect() recursively twice and cause memory corruption given the following sequence of functions: mid1.callback() -> add_credits() -> cifs_reconnect() -> -> mid2.callback() -> add_credits() -> cifs_reconnect(). Fix this by avoiding to call cifs_reconnect() in add_credits() and checking for zero credits in the demultiplex thread. Cc: <stable@vger.kernel.org> Signed-off-by:
-
- 10 Jan, 2019 1 commit
-
-
Dan Carpenter authored
This debug message was never shown because it was checking for NULL returns but extract_hostname() returns error pointers. Fixes: 93d5cb51 ("cifs: Add support for failover in cifs_reconnect()") Signed-off-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
Paulo Alcantara <palcantara@suse.de>
-
- 03 Jan, 2019 1 commit
-
-
Steve French authored
When DFS is not used on the mount we should not be mentioning DFS in the warning message on reconnect (it could be confusing). Signed-off-by:
-
- 28 Dec, 2018 8 commits
-
-
Paulo Alcantara authored
In case a hostname resolves to a different IP address (e.g. long running mounts), make sure to resolve it every time prior to calling generic_ip_connect() in reconnect. Suggested-by:
-
Paulo Alcantara authored
Fix potential NULL ptr deref when DFS target list is empty. Signed-off-by:
Aurelien Aptel <aaptel@suse.com> Signed-off-by:
-
Paulo Alcantara authored
Start the DFS cache refresh worker per volume during cifs mount. Signed-off-by:
Aurelien Aptel <aaptel@suse.de> Signed-off-by:
-
YueHaibing authored
A spin lock is held before kstrndup, it may sleep with holding the spinlock, so we should use GFP_ATOMIC instead. Fixes: e58c31d5e387 ("cifs: Add support for failover in cifs_reconnect()") Signed-off-by:YueHaibing <yuehaibing@huawei.com> Signed-off-by:
-
Paulo Alcantara authored
After failing to reconnect to original target, it will retry any target available from DFS cache. Signed-off-by:
-
Paulo Alcantara authored
This patch adds support for failover when failing to connect in cifs_mount(). Signed-off-by:
-
Paulo Alcantara authored
This patch will make use of DFS cache routines where appropriate and do not always request a new referral from server. Signed-off-by:
-
Paulo Alcantara authored
* Add new dfs_cache.[ch] files * Add new /proc/fs/cifs/dfscache file - dump current cache when read - clear current cache when writing "0" to it * Add delayed_work to periodically refresh cache entries The new interface will be used for caching DFS referrals, as well as supporting client target failover. The DFS cache is a hashtable that maps UNC paths to cache entries. A cache entry contains: - the UNC path it is mapped on - how much the the UNC path the entry consumes - flags - a Time-To-Live after which the entry expires - a list of possible targets (linked lists of UNC paths) - a "hint target" pointing the last known working target or the first target if none were tried. This hint lets cifs.ko remember and try working targets first. * Looking for an entry in the cache is done with dfs_cache_find() - if no valid entries are found, a DFS query is made, stored in the cache and returned - the full target list can be copied and returned to avoid race conditions and looped on with the help with the dfs_cache_tgt_iterator * Updating the target hint to the next target is done with dfs_cache_update_tgthint() These functions have a dfs_cache_noreq_XXX() version that doesn't fetches referrals if no entries are found. These versions don't require the tcp/ses/tcon/cifs_sb parameters as a result. Expired entries cannot be used and since they have a pretty short TTL [1] in order for them to be useful for failover the DFS cache adds a delayed work called periodically to keep them fresh. Since we might not have available connections to issue the referral request when refreshing we need to store volume_info structs with credentials and other needed info to be able to connect to the right server. 1: Windows defaults: 5mn for domain-based referrals, 30mn for regular links Signed-off-by:
-
- 24 Dec, 2018 5 commits
-
-
Aurelien Aptel authored
Different servers have different set of file ids. After failover, unique IDs will be different so we can't validate them. Signed-off-by:
-
Paulo Alcantara authored
When extracting hostname from UNC, check for leading backslashes before trying to remove them. Signed-off-by:
-
Paulo Alcantara authored
* Split and refactor the very large function cifs_mount() in multiple functions: - tcp, ses and tcon setup to mount_get_conns() - tcp, ses and tcon cleanup in mount_put_conns() - tcon tlink setup to mount_setup_tlink() - remote path checking to is_path_remote() * Implement 2 version of cifs_mount() for DFS-enabled builds and non-DFS-enabled builds (CONFIG_CIFS_DFS_UPCALL). In preparation for DFS failover support. Signed-off-by:
-
Gustavo A. R. Silva authored
To avoid the warning: warning: this statement may fall through [-Wimplicit-fallthrough=] Signed-off-by:Gustavo A. R. Silva <gustavo@embeddedor.com> Reviewed-by:
Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by:
-
Kenneth D'souza authored
Technically 3.02 is not the dialect name although that is more familiar to many, so we should also accept the official dialect name (3.0.2 vs. 3.02) in vers= Signed-off-by:
Kenneth D'souza <kdsouza@redhat.com> Signed-off-by:
-
- 24 Oct, 2018 4 commits
-
-
Steve French authored
In network file system it is fairly easy for server and client atime vs. mtime to get confused (and atime updated less frequently) which we noticed broke some apps which expect atime >= mtime Also ignore relatime mount option (rather than error on it) since relatime is basically what some network server fs are doing (relatime). Signed-off-by:
-
Steve French authored
As we reset credits later in the reconnect path, useful to have optional (cifsFYI) debug message. Signed-off-by:
-
Aurelien Aptel authored
tcon->Flags is only used by SMB1 code and changing it is not permanent (you lose the setting on tcon reconnect). * Move the setting to superblock flags (per mount-points). * Make automount callback exit early when flag present * Make dfs resolving happening in mount syscall exit early if flag present Signed-off-by:
-
Steve French authored
Each time we reconnect to the same server, bump an instance counter (and display in /proc/fs/cifs/DebugData) to make it easier to debug. Signed-off-by:
-
- 23 Oct, 2018 1 commit
-
-
David Howells authored
In the iov_iter struct, separate the iterator type from the iterator direction and use accessor functions to access them in most places. Convert a bunch of places to use switch-statements to access them rather then chains of bitwise-AND statements. This makes it easier to add further iterator types. Also, this can be more efficient as to implement a switch of small contiguous integers, the compiler can use ~50% fewer compare instructions than it has to use bitwise-and instructions. Further, cease passing the iterator type into the iterator setup function. The iterator function can set that itself. Only the direction is required. Signed-off-by:David Howells <dhowells@redhat.com>
-
- 02 Oct, 2018 2 commits
-
-
Steve French authored
Fixes problem (discovered by Aurelien) introduced by recent commit: commit b24df3e3 ("cifs: update receive_encrypted_standard to handle compounded responses") which broke the ability to respond to some lease breaks (lease breaks being ignored is a problem since can block server response for duration of the lease break timeout). Signed-off-by:
-
Ronnie Sahlberg authored
cifs_delete_mid() is called once we are finished handling a mid and we expect no more work done on this mid. Needed to fix recent commit: commit 730928c8 ("cifs: update smb2_queryfs() to use compounding") Add a warning if someone tries to dequeue a mid that has already been flagged to be deleted. Also change list_del() to list_del_init() so that if we have similar bugs resurface in the future we will not oops. Signed-off-by:
-
- 03 Sep, 2018 1 commit
-
-
Thomas Werschlein authored
This patch is required allows access to a Microsoft fileserver failover cluster behind a 1:1 NAT firewall. The change also provides stronger context for authentication and share connection (see MS-SMB2 3.3.5.7 and MS-SRVS 3.1.6.8) as noted by Tom Talpey, and addresses comments about the buffer size for the UNC made by Aurélien Aptel. Signed-off-by:
Thomas Werschlein <thomas.werschlein@geo.uzh.ch> Signed-off-by:
-
- 10 Aug, 2018 1 commit
-
-
Ronnie Sahlberg authored
Signed-off-by:
Paulo Alcantara <palcantara@suse.com> Reviewed-by:
-
- 07 Aug, 2018 4 commits
-
-
Steve French authored
Add tracepoints for reconnecting an smb3 session Example output (from trace-cmd) with the patch (showing the session marked for reconnect, the stat failing, and then the subsequent SMB3 commands after the server comes back up). The "smb3_reconnect" event is the new one. cifsd-25993 [000] .... 29635.368265: smb3_reconnect: server=localhost current_mid=0x1e stat-26200 [001] .... 29638.516403: smb3_enter: cifs_revalidate_dentry_attr: xid=22 stat-26200 [001] .... 29648.723296: smb3_exit_err: cifs_revalidate_dentry_attr: xid=22 rc=-112 kworker/0:1-22830 [000] .... 29653.850947: smb3_cmd_done: sid=0x0 tid=0x0 cmd=0 mid=0 kworker/0:1-22830 [000] .... 29653.851191: smb3_cmd_err: sid=0x8ae4683c tid=0x0 cmd=1 mid=1 status=0xc0000016 rc=-5 kworker/0:1-22830 [000] .... 29653.855254: smb3_cmd_done: sid=0x8ae4683c tid=0x0 cmd=1 mid=2 kworker/0:1-22830 [000] .... 29653.855482: smb3_cmd_done: sid=0x8ae4683c tid=0x8084f30d cmd=3 mid=3 Signed-off-by: -
Steve French authored
We really, really want to be encouraging use of secure dialects, and SMB3.1.1 offers useful security features, and will soon be the recommended dialect for many use cases. Simplify the code by removing the CONFIG_CIFS_SMB311 ifdef so users don't disable it in the build, and create compatibility and/or security issues with modern servers - many of which have been supporting this dialect for multiple years. Also clarify some of the Kconfig text for cifs.ko about SMB3.1.1 and current supported features in the module. Signed-off-by:
-
Steve French authored
allow disabling cifs (SMB1 ie vers=1.0) and vers=2.0 in the config for the build of cifs.ko if want to always prevent mounting with these less secure dialects. Signed-off-by:
Jeremy Allison <jra@samba.org>
-
Steve French authored
If user specifies "posix" on an SMB3.11 mount, then fail the mount if server does not return the POSIX negotiate context indicating support for posix. Signed-off-by:
-
- 05 Jul, 2018 1 commit
-
-
Lars Persson authored
With protocol version 2.0 mounts we have seen crashes with corrupt mid entries. Either the server->pending_mid_q list becomes corrupt with a cyclic reference in one element or a mid object fetched by the demultiplexer thread becomes overwritten during use. Code review identified a race between the demultiplexer thread and the request issuing thread. The demultiplexer thread seems to be written with the assumption that it is the sole user of the mid object until it calls the mid callback which either wakes the issuer task or deletes the mid. This assumption is not true because the issuer task can be woken up earlier by a signal. If the demultiplexer thread has proceeded as far as setting the mid_state to MID_RESPONSE_RECEIVED then the issuer thread will happily end up calling cifs_delete_mid while the demultiplexer thread still is using the mid object. Inserting a delay in the cifs demultiplexer thread widens the race window and makes reproduction of the race very easy: if (server->large_buf) buf = server->bigbuf; + usleep_range(500, 4000); server->lstrp = jiffies; To resolve this I think the proper solution involves putting a reference count on the mid object. This patch makes sure that the demultiplexer thread holds a reference until it has finished processing the transaction. Cc: stable@vger.kernel.org Signed-off-by:
Lars Persson <larper@axis.com> Acked-by:
-
- 15 Jun, 2018 1 commit
-
-
Aurelien Aptel authored
Signed-off-by:
-
