From patchwork Fri Jan 21 23:54:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 534097 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B1901C433FE for ; Fri, 21 Jan 2022 23:54:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229885AbiAUXyn (ORCPT ); Fri, 21 Jan 2022 18:54:43 -0500 Received: from mail-pl1-f174.google.com ([209.85.214.174]:41732 "EHLO mail-pl1-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229879AbiAUXym (ORCPT ); Fri, 21 Jan 2022 18:54:42 -0500 Received: by mail-pl1-f174.google.com with SMTP id e8so10084635plh.8; Fri, 21 Jan 2022 15:54:42 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=qiUDYeE4bFCB9/8M/hX30JmAmvOyaQeLUDs6VhvkilY=; b=SKViBcBJtlTMmXshoB9W7MLyIf6NLUwl8B96q/p4p6QOB2e69p9YRU+Tl2tfVGHj3O 5Co9OD5tAFIodiUVS5JZD7vlmw7R4mhUmZ9QfZ6s2k9TJB567fp/LNtvyg+cWJl/dIVq Z/hZav+eOfOJN+rCdIXK1b08NaFQtK3LoM1myKRc5QnQ2qN374fY5pZ5CpMnTkveXxfW Dj057Bg/8uEzilLz/yhXATZDLe1fR8TAW2lxnPdOszeiK2h9IlZf0BfUudIP/drrJQhz oqYYRnz4mQaTvpRzvgYSNSftnNhoi2mDRu/xFIq7inVtlJAC/sxnfzv8Yw/XL0USsOL+ Uhzw== X-Gm-Message-State: AOAM532Ep1GK/tMQrsGs1nVzOs/KGWPb1qNQumtaEOFd4dVnuoPaSW6M /exvUTTs19XqANRAlVw/W5DaMBhDmXY= X-Google-Smtp-Source: ABdhPJz4pFMOOCIOtrYZhZCLl7JjrkpFkhloC0QIFUQFA7m8EWzGc5n3Y5PVhj+Dw8txA/2tTTdSIA== X-Received: by 2002:a17:902:b60b:b0:14a:fa6d:7e4c with SMTP id b11-20020a170902b60b00b0014afa6d7e4cmr6046286pls.109.1642809282217; Fri, 21 Jan 2022 15:54:42 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id 5sm14530082pjf.34.2022.01.21.15.54.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:54:41 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.16.y 1/4] ksmbd: add support for smb2 max credit parameter Date: Sat, 22 Jan 2022 08:54:24 +0900 Message-Id: <20220121235427.10349-2-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235427.10349-1-linkinjeon@kernel.org> References: <20220121235427.10349-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org commit 004443b3f6d722b455cf963ed7c3edd7f4772405 upstream. Add smb2 max credits parameter to adjust maximum credits value to limit number of outstanding requests. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/connection.h | 1 - fs/ksmbd/ksmbd_netlink.h | 1 + fs/ksmbd/smb2misc.c | 2 +- fs/ksmbd/smb2ops.c | 16 ++++++++++++---- fs/ksmbd/smb2pdu.c | 8 ++++---- fs/ksmbd/smb2pdu.h | 1 + fs/ksmbd/smb_common.h | 1 + fs/ksmbd/transport_ipc.c | 2 ++ 8 files changed, 22 insertions(+), 10 deletions(-) diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h index e5403c587a58..08e85568ccd6 100644 --- a/fs/ksmbd/connection.h +++ b/fs/ksmbd/connection.h @@ -62,7 +62,6 @@ struct ksmbd_conn { /* References which are made for this Server object*/ atomic_t r_count; unsigned short total_credits; - unsigned short max_credits; spinlock_t credits_lock; wait_queue_head_t req_running_q; /* Lock to protect requests list*/ diff --git a/fs/ksmbd/ksmbd_netlink.h b/fs/ksmbd/ksmbd_netlink.h index c6718a05d347..a5c2861792ae 100644 --- a/fs/ksmbd/ksmbd_netlink.h +++ b/fs/ksmbd/ksmbd_netlink.h @@ -103,6 +103,7 @@ struct ksmbd_startup_request { * we set the SPARSE_FILES bit (0x40). */ __u32 sub_auth[3]; /* Subauth value for Security ID */ + __u32 smb2_max_credits; /* MAX credits */ __u32 ifc_list_sz; /* interfaces list size */ __s8 ____payload[]; }; diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c index 50d0b1022289..6892d1822269 100644 --- a/fs/ksmbd/smb2misc.c +++ b/fs/ksmbd/smb2misc.c @@ -326,7 +326,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, ksmbd_debug(SMB, "Insufficient credit charge, given: %d, needed: %d\n", credit_charge, calc_credit_num); return 1; - } else if (credit_charge > conn->max_credits) { + } else if (credit_charge > conn->vals->max_credits) { ksmbd_debug(SMB, "Too large credit charge: %d\n", credit_charge); return 1; } diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c index 02a44d28bdaf..ab23da2120b9 100644 --- a/fs/ksmbd/smb2ops.c +++ b/fs/ksmbd/smb2ops.c @@ -19,6 +19,7 @@ static struct smb_version_values smb21_server_values = { .max_read_size = SMB21_DEFAULT_IOSIZE, .max_write_size = SMB21_DEFAULT_IOSIZE, .max_trans_size = SMB21_DEFAULT_IOSIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -44,6 +45,7 @@ static struct smb_version_values smb30_server_values = { .max_read_size = SMB3_DEFAULT_IOSIZE, .max_write_size = SMB3_DEFAULT_IOSIZE, .max_trans_size = SMB3_DEFAULT_TRANS_SIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -70,6 +72,7 @@ static struct smb_version_values smb302_server_values = { .max_read_size = SMB3_DEFAULT_IOSIZE, .max_write_size = SMB3_DEFAULT_IOSIZE, .max_trans_size = SMB3_DEFAULT_TRANS_SIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -96,6 +99,7 @@ static struct smb_version_values smb311_server_values = { .max_read_size = SMB3_DEFAULT_IOSIZE, .max_write_size = SMB3_DEFAULT_IOSIZE, .max_trans_size = SMB3_DEFAULT_TRANS_SIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -197,7 +201,6 @@ void init_smb2_1_server(struct ksmbd_conn *conn) conn->ops = &smb2_0_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_HMAC_SHA256_LE; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -215,7 +218,6 @@ void init_smb3_0_server(struct ksmbd_conn *conn) conn->ops = &smb3_0_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_AES_CMAC_LE; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -240,7 +242,6 @@ void init_smb3_02_server(struct ksmbd_conn *conn) conn->ops = &smb3_0_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_AES_CMAC_LE; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -265,7 +266,6 @@ int init_smb3_11_server(struct ksmbd_conn *conn) conn->ops = &smb3_11_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_AES_CMAC_LE; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -304,3 +304,11 @@ void init_smb2_max_trans_size(unsigned int sz) smb302_server_values.max_trans_size = sz; smb311_server_values.max_trans_size = sz; } + +void init_smb2_max_credits(unsigned int sz) +{ + smb21_server_values.max_credits = sz; + smb30_server_values.max_credits = sz; + smb302_server_values.max_credits = sz; + smb311_server_values.max_credits = sz; +} diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index b8b3a4c28b74..d8f89b753c54 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -308,7 +308,7 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) hdr->CreditCharge = req_hdr->CreditCharge; - if (conn->total_credits > conn->max_credits) { + if (conn->total_credits > conn->vals->max_credits) { hdr->CreditRequest = 0; pr_err("Total credits overflow: %d\n", conn->total_credits); return -EINVAL; @@ -329,12 +329,12 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) if (hdr->Command == SMB2_NEGOTIATE) aux_max = 0; else - aux_max = conn->max_credits - credit_charge; + aux_max = conn->vals->max_credits - credit_charge; aux_credits = min_t(unsigned short, aux_credits, aux_max); credits_granted = credit_charge + aux_credits; - if (conn->max_credits - conn->total_credits < credits_granted) - credits_granted = conn->max_credits - + if (conn->vals->max_credits - conn->total_credits < credits_granted) + credits_granted = conn->vals->max_credits - conn->total_credits; conn->total_credits += credits_granted; diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h index 4a3e4339d4c4..725b800c29c8 100644 --- a/fs/ksmbd/smb2pdu.h +++ b/fs/ksmbd/smb2pdu.h @@ -980,6 +980,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn); void init_smb2_max_read_size(unsigned int sz); void init_smb2_max_write_size(unsigned int sz); void init_smb2_max_trans_size(unsigned int sz); +void init_smb2_max_credits(unsigned int sz); bool is_smb2_neg_cmd(struct ksmbd_work *work); bool is_smb2_rsp(struct ksmbd_work *work); diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h index 50590842b651..e1369b4345a9 100644 --- a/fs/ksmbd/smb_common.h +++ b/fs/ksmbd/smb_common.h @@ -365,6 +365,7 @@ struct smb_version_values { __u32 max_read_size; __u32 max_write_size; __u32 max_trans_size; + __u32 max_credits; __u32 large_lock_type; __u32 exclusive_lock_type; __u32 shared_lock_type; diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c index 1acf1892a466..3ad6881e0f7e 100644 --- a/fs/ksmbd/transport_ipc.c +++ b/fs/ksmbd/transport_ipc.c @@ -301,6 +301,8 @@ static int ipc_server_config_on_startup(struct ksmbd_startup_request *req) init_smb2_max_write_size(req->smb2_max_write); if (req->smb2_max_trans) init_smb2_max_trans_size(req->smb2_max_trans); + if (req->smb2_max_credits) + init_smb2_max_credits(req->smb2_max_credits); ret = ksmbd_set_netbios_name(req->netbios_name); ret |= ksmbd_set_server_string(req->server_string); From patchwork Fri Jan 21 23:53:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 534099 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 10ADCC433F5 for ; Fri, 21 Jan 2022 23:54:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229630AbiAUXyC (ORCPT ); Fri, 21 Jan 2022 18:54:02 -0500 Received: from mail-pj1-f49.google.com ([209.85.216.49]:35785 "EHLO mail-pj1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229868AbiAUXyB (ORCPT ); Fri, 21 Jan 2022 18:54:01 -0500 Received: by mail-pj1-f49.google.com with SMTP id w12-20020a17090a528c00b001b276aa3aabso14970983pjh.0; Fri, 21 Jan 2022 15:54:01 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kiSTIgq2L6RzGs0SDabU1lIwcvCVrILXPf+FV7lZnhk=; b=LybJaZG5qzyZMszhaUPqh+UyZefW79qDvgmQ170mp47Yzup4PklmT242MUQTd/EoLW n+taLod1aelC9atKVyKxMQgXAuGexWjUNyVIOVyZ1FNcOMkkco4RLuxIeoXoIGFp/MG+ VOADqPo8+H+NqULUv3Rar0Rkf4QePy5NQdiylZjP9pbt/hxHm6Rzj6+PFgqgb1GQWDUW 8PlqLAuPkjSDRCtXXmyp2xd7h7j26Q41rzX7COPiDRH6sCmwgan2NDIrTqB97CXC3bs8 ryTpsKvxAKsCWZ0xQdiaVfWCXS5+uD0ozZcxhtrukdIsKM9udrzjbQkgMN1zhozROp5H pyoA== X-Gm-Message-State: AOAM532AbVYgfnUm8gKlRlIQKGRa8x2yOHhZd+RtZwTVzqY4rxGPF8Ez hNIAb21NMz5Wpm/t2ZO9avw= X-Google-Smtp-Source: ABdhPJz3Axor6BLNUdu1mkm4qXB65ctwuDIhbq8aEqspxz0VnWvMemNSMPikUmqmAJycmV8zf6p1cg== X-Received: by 2002:a17:90a:56:: with SMTP id 22mr2874962pjb.199.1642809241290; Fri, 21 Jan 2022 15:54:01 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id nn14sm6076356pjb.26.2022.01.21.15.53.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:54:01 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.15.y 2/4] ksmbd: move credit charge deduction under processing request Date: Sat, 22 Jan 2022 08:53:38 +0900 Message-Id: <20220121235340.10269-3-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235340.10269-1-linkinjeon@kernel.org> References: <20220121235340.10269-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org commit 914d7e5709ac59ded70bea7956d408fe2acd7c3c upstream. Moves the credit charge deduction from total_credits under the processing a request. When repeating smb2 lock request and other command request, there will be a problem that ->total_credits does not decrease. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/smb2misc.c | 7 ++----- fs/ksmbd/smb2pdu.c | 16 ++++++++++------ 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c index f8f031978d06..e4a28eae51b2 100644 --- a/fs/ksmbd/smb2misc.c +++ b/fs/ksmbd/smb2misc.c @@ -290,7 +290,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, unsigned int req_len = 0, expect_resp_len = 0, calc_credit_num, max_len; unsigned short credit_charge = le16_to_cpu(hdr->CreditCharge); void *__hdr = hdr; - int ret; + int ret = 0; switch (hdr->Command) { case SMB2_QUERY_INFO: @@ -333,10 +333,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, } spin_lock(&conn->credits_lock); - if (credit_charge <= conn->total_credits) { - conn->total_credits -= credit_charge; - ret = 0; - } else { + if (credit_charge > conn->total_credits) { ksmbd_debug(SMB, "Insufficient credits granted, given: %u, granted: %u\n", credit_charge, conn->total_credits); ret = 1; diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index 7be0e0994e10..0ce35717cdde 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -301,9 +301,8 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) struct smb2_hdr *req_hdr = ksmbd_req_buf_next(work); struct smb2_hdr *hdr = ksmbd_resp_buf_next(work); struct ksmbd_conn *conn = work->conn; - unsigned short credits_requested; + unsigned short credits_requested, aux_max; unsigned short credit_charge, credits_granted = 0; - unsigned short aux_max, aux_credits; if (work->send_no_response) return 0; @@ -318,6 +317,13 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) credit_charge = max_t(unsigned short, le16_to_cpu(req_hdr->CreditCharge), 1); + if (credit_charge > conn->total_credits) { + ksmbd_debug(SMB, "Insufficient credits granted, given: %u, granted: %u\n", + credit_charge, conn->total_credits); + return -EINVAL; + } + + conn->total_credits -= credit_charge; credits_requested = max_t(unsigned short, le16_to_cpu(req_hdr->CreditRequest), 1); @@ -327,13 +333,11 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) * TODO: Need to adjuct CreditRequest value according to * current cpu load */ - aux_credits = credits_requested - 1; if (hdr->Command == SMB2_NEGOTIATE) - aux_max = 0; + aux_max = 1; else aux_max = conn->vals->max_credits - credit_charge; - aux_credits = min_t(unsigned short, aux_credits, aux_max); - credits_granted = credit_charge + aux_credits; + credits_granted = min_t(unsigned short, credits_requested, aux_max); if (conn->vals->max_credits - conn->total_credits < credits_granted) credits_granted = conn->vals->max_credits - From patchwork Fri Jan 21 23:54:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 534096 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E17BDC433F5 for ; Fri, 21 Jan 2022 23:54:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229891AbiAUXyu (ORCPT ); Fri, 21 Jan 2022 18:54:50 -0500 Received: from mail-pj1-f49.google.com ([209.85.216.49]:35330 "EHLO mail-pj1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229894AbiAUXys (ORCPT ); Fri, 21 Jan 2022 18:54:48 -0500 Received: by mail-pj1-f49.google.com with SMTP id w12-20020a17090a528c00b001b276aa3aabso14972200pjh.0; Fri, 21 Jan 2022 15:54:48 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ptHSWfZg92dLsxCEcWmPzTBy5GPDtKlzuE5K+wwkQgI=; b=3X/2ZCKuC4cbd0ZuSTUHz9qAbKMYzA0iI7qZTpGXGHPGd7xXtEn1EzQA0yejGFR2/n bzvMy1YuME6/JY5OMmzRTbueCeLVQHj5h83Hh/Fbu1eKJGi4Slk1jCs10gaxZAwkitll QXLBjn4E5C1FPRq16n56+MByzDUbkh/CXEwk319aKNGelzlTqHQvsgtgyHqwRe45ctBS jQKsNuScluLCumgAAGtemIHXhiyNdJEiSlqCZrB1G6XIDLG5soURarU6ATV8IDpoLxRJ BkukdGb2Lca6IYRc/On15DlCpkFQ3TbML7RqvtjhBDec64ucfD6Y06lpXM6cRRon64Co 0QOg== X-Gm-Message-State: AOAM530hcy4awLT47GqWdd7iyVSBfel1vryqfP6VQMKut5VMqoiBbp59 IP/BBZ1rjKzSUxv430dcESU= X-Google-Smtp-Source: ABdhPJxz1NqsX6kUg5rlqMtKK6bAholKNHoE3i3Nr8XIS585WqxegyyoEe+FkI4IENH0JyTZ3wmMIw== X-Received: by 2002:a17:90a:9284:: with SMTP id n4mr2921502pjo.109.1642809288525; Fri, 21 Jan 2022 15:54:48 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id 5sm14530082pjf.34.2022.01.21.15.54.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:54:48 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.16.y 3/4] ksmbd: limits exceeding the maximum allowable outstanding requests Date: Sat, 22 Jan 2022 08:54:26 +0900 Message-Id: <20220121235427.10349-4-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235427.10349-1-linkinjeon@kernel.org> References: <20220121235427.10349-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org commit b589f5db6d4af8f14d70e31e1276b4c017668a26 upstream. If the client ignores the CreditResponse received from the server and continues to send the request, ksmbd limits the requests if it exceeds smb2 max credits. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/connection.c | 1 + fs/ksmbd/connection.h | 3 ++- fs/ksmbd/smb2misc.c | 9 +++++++++ fs/ksmbd/smb2pdu.c | 1 + 4 files changed, 13 insertions(+), 1 deletion(-) diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c index 83a94d0bb480..d1d0105be5b1 100644 --- a/fs/ksmbd/connection.c +++ b/fs/ksmbd/connection.c @@ -62,6 +62,7 @@ struct ksmbd_conn *ksmbd_conn_alloc(void) atomic_set(&conn->req_running, 0); atomic_set(&conn->r_count, 0); conn->total_credits = 1; + conn->outstanding_credits = 1; init_waitqueue_head(&conn->req_running_q); INIT_LIST_HEAD(&conn->conns_list); diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h index 08e85568ccd6..8694aef482c1 100644 --- a/fs/ksmbd/connection.h +++ b/fs/ksmbd/connection.h @@ -61,7 +61,8 @@ struct ksmbd_conn { atomic_t req_running; /* References which are made for this Server object*/ atomic_t r_count; - unsigned short total_credits; + unsigned int total_credits; + unsigned int outstanding_credits; spinlock_t credits_lock; wait_queue_head_t req_running_q; /* Lock to protect requests list*/ diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c index fedcb753c7af..4a9460153b59 100644 --- a/fs/ksmbd/smb2misc.c +++ b/fs/ksmbd/smb2misc.c @@ -337,7 +337,16 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, credit_charge, conn->total_credits); ret = 1; } + + if ((u64)conn->outstanding_credits + credit_charge > conn->vals->max_credits) { + ksmbd_debug(SMB, "Limits exceeding the maximum allowable outstanding requests, given : %u, pending : %u\n", + credit_charge, conn->outstanding_credits); + ret = 1; + } else + conn->outstanding_credits += credit_charge; + spin_unlock(&conn->credits_lock); + return ret; } diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index cbeadaf20697..fcb456ef765b 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -322,6 +322,7 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) } conn->total_credits -= credit_charge; + conn->outstanding_credits -= credit_charge; credits_requested = max_t(unsigned short, le16_to_cpu(req_hdr->CreditRequest), 1); From patchwork Fri Jan 21 23:53:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 534098 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9D53DC433EF for ; Fri, 21 Jan 2022 23:54:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229868AbiAUXyJ (ORCPT ); Fri, 21 Jan 2022 18:54:09 -0500 Received: from mail-pf1-f178.google.com ([209.85.210.178]:33282 "EHLO mail-pf1-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229880AbiAUXyH (ORCPT ); Fri, 21 Jan 2022 18:54:07 -0500 Received: by mail-pf1-f178.google.com with SMTP id y27so6105227pfa.0; Fri, 21 Jan 2022 15:54:07 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=khIC+u+MTPJ26mN7B+E2bNWIhiuFBq3/IbsqxM4+2ys=; b=SOGzurSdsjQbbW+IpUW011P3sJME4av5fhZIDpPpMPpr/XCdRGWOj6ZK2kzJjbX48z z3eh/4xuh303jbT783bD8GxlHUDDcvk39jj8sCAznGR59JNm8hJGLysgTFnaAxDx5O7g CP1jcCBB0orTdiH0kpgVFKXQkT1px9iMwNr27QAe6n5x1t7UluxgmppZQKjlgXroLbEJ 3U2CNUYdQjM4pAl6DJsG53hINPQmqfnxE/FgZ/seP6kXvJbpfOOt6COuK+Q3fOseHcUB rzwwXXJK0QAExB2PECAJcgM/STdbZxksb1O3Wse3lwmk6rwPMHub9hs7HoDIeO0TT51O ltuw== X-Gm-Message-State: AOAM532L5Dpu09QASr71N8JiV6FVxhjkq2aPz4ROaa0ZWOGlTQ1a+p7r Vs4P2cgfLxnirynIzlsdK9ETK7pN4FQ= X-Google-Smtp-Source: ABdhPJyjXbsyyNsUsZqUsHfgFQpHFScvk3yRbY187roDQQaqaGPnUw1RJPkfddY5TFLr2Tp/t/1C2Q== X-Received: by 2002:a63:b44a:: with SMTP id n10mr4431716pgu.77.1642809247178; Fri, 21 Jan 2022 15:54:07 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id nn14sm6076356pjb.26.2022.01.21.15.54.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:54:06 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.15.y 4/4] ksmbd: add reserved room in ipc request/response Date: Sat, 22 Jan 2022 08:53:40 +0900 Message-Id: <20220121235340.10269-5-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235340.10269-1-linkinjeon@kernel.org> References: <20220121235340.10269-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org commit 41dbda16a0902798e732abc6599de256b9dc3b27 upstream. Whenever new parameter is added to smb configuration, It is possible to break the execution of the IPC daemon by mismatch size of request/response. This patch tries to reserve space in ipc request/response in advance to prevent that. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/ksmbd_netlink.h | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/fs/ksmbd/ksmbd_netlink.h b/fs/ksmbd/ksmbd_netlink.h index a5c2861792ae..71bfb7de4472 100644 --- a/fs/ksmbd/ksmbd_netlink.h +++ b/fs/ksmbd/ksmbd_netlink.h @@ -104,6 +104,7 @@ struct ksmbd_startup_request { */ __u32 sub_auth[3]; /* Subauth value for Security ID */ __u32 smb2_max_credits; /* MAX credits */ + __u32 reserved[128]; /* Reserved room */ __u32 ifc_list_sz; /* interfaces list size */ __s8 ____payload[]; }; @@ -114,7 +115,7 @@ struct ksmbd_startup_request { * IPC request to shutdown ksmbd server. */ struct ksmbd_shutdown_request { - __s32 reserved; + __s32 reserved[16]; }; /* @@ -123,6 +124,7 @@ struct ksmbd_shutdown_request { struct ksmbd_login_request { __u32 handle; __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -136,6 +138,7 @@ struct ksmbd_login_response { __u16 status; __u16 hash_sz; /* hash size */ __s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -144,6 +147,7 @@ struct ksmbd_login_response { struct ksmbd_share_config_request { __u32 handle; __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -158,6 +162,7 @@ struct ksmbd_share_config_response { __u16 force_directory_mode; __u16 force_uid; __u16 force_gid; + __u32 reserved[128]; /* Reserved room */ __u32 veto_list_sz; __s8 ____payload[]; }; @@ -188,6 +193,7 @@ struct ksmbd_tree_connect_request { __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; __s8 share[KSMBD_REQ_MAX_SHARE_NAME]; __s8 peer_addr[64]; + __u32 reserved[16]; /* Reserved room */ }; /* @@ -197,6 +203,7 @@ struct ksmbd_tree_connect_response { __u32 handle; __u16 status; __u16 connection_flags; + __u32 reserved[16]; /* Reserved room */ }; /* @@ -205,6 +212,7 @@ struct ksmbd_tree_connect_response { struct ksmbd_tree_disconnect_request { __u64 session_id; /* session id */ __u64 connect_id; /* tree connection id */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -213,6 +221,7 @@ struct ksmbd_tree_disconnect_request { struct ksmbd_logout_request { __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ __u32 account_flags; + __u32 reserved[16]; /* Reserved room */ }; /*