From patchwork Fri Jan 21 23:53:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 12720345 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF5C7C433EF for ; Fri, 21 Jan 2022 23:53:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229863AbiAUXx7 (ORCPT ); Fri, 21 Jan 2022 18:53:59 -0500 Received: from mail-pj1-f42.google.com ([209.85.216.42]:43739 "EHLO mail-pj1-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229827AbiAUXx7 (ORCPT ); Fri, 21 Jan 2022 18:53:59 -0500 Received: by mail-pj1-f42.google.com with SMTP id d15-20020a17090a110f00b001b4e7d27474so10377531pja.2; Fri, 21 Jan 2022 15:53:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=PKpYfvu75bjzmuB0jNhLO6MiMsGCXSstIBn/dx33W1U=; b=seFfIckTMYwS3YBkCEzJFd8jj69x15m0E0U7uaQ+QSmlgJfcea/INCTs6eLG7Eqx4f 7uAcuPm2OvlCUc2Fl4QzRN/4h2kuKy+qfYB/TM4jKpnHmsyV7jcTNIPF38ggZDvhDrkT DCpJ3cXtigzq1Rh5lbtoNZpa4qrtv13TvV88UlUlWU4i4bXlNJ7ZfoKrcVbQZwqW/tcW l6Ge6nxnYYfePj/fZ5fz5MGFHQZDeiWICv94Dx49cDTu5bfnNrGnr1k6/pHwQQzu/fzZ GGp/dlurchLCpgjRxHYKvyWWZ92m869wcy0MhZkJ8+bavLWNN2U5Q4AlegKf8eJEMO+c khVQ== X-Gm-Message-State: AOAM5335uNrd5C6jqfYxUlBpckeD5GeAfWyG0U088QYKbonCpQUgCeg4 dSddkIhRtime8rFv5zqTHhc= X-Google-Smtp-Source: ABdhPJwtyL4BooCqUsT3h85+MSa5T15BnL2iaH0u59HXyofC0+0gWYocI3P5PJGiq7JA+IoREKnnKA== X-Received: by 2002:a17:90a:bd01:: with SMTP id y1mr2948435pjr.33.1642809238487; Fri, 21 Jan 2022 15:53:58 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id nn14sm6076356pjb.26.2022.01.21.15.53.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:53:58 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.15.y 1/4] ksmbd: add support for smb2 max credit parameter Date: Sat, 22 Jan 2022 08:53:37 +0900 Message-Id: <20220121235340.10269-2-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235340.10269-1-linkinjeon@kernel.org> References: <20220121235340.10269-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org commit 004443b3f6d722b455cf963ed7c3edd7f4772405 upstream. Add smb2 max credits parameter to adjust maximum credits value to limit number of outstanding requests. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/connection.h | 1 - fs/ksmbd/ksmbd_netlink.h | 1 + fs/ksmbd/smb2misc.c | 2 +- fs/ksmbd/smb2ops.c | 16 ++++++++++++---- fs/ksmbd/smb2pdu.c | 8 ++++---- fs/ksmbd/smb2pdu.h | 1 + fs/ksmbd/smb_common.h | 1 + fs/ksmbd/transport_ipc.c | 2 ++ 8 files changed, 22 insertions(+), 10 deletions(-) diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h index e5403c587a58..08e85568ccd6 100644 --- a/fs/ksmbd/connection.h +++ b/fs/ksmbd/connection.h @@ -62,7 +62,6 @@ struct ksmbd_conn { /* References which are made for this Server object*/ atomic_t r_count; unsigned short total_credits; - unsigned short max_credits; spinlock_t credits_lock; wait_queue_head_t req_running_q; /* Lock to protect requests list*/ diff --git a/fs/ksmbd/ksmbd_netlink.h b/fs/ksmbd/ksmbd_netlink.h index c6718a05d347..a5c2861792ae 100644 --- a/fs/ksmbd/ksmbd_netlink.h +++ b/fs/ksmbd/ksmbd_netlink.h @@ -103,6 +103,7 @@ struct ksmbd_startup_request { * we set the SPARSE_FILES bit (0x40). */ __u32 sub_auth[3]; /* Subauth value for Security ID */ + __u32 smb2_max_credits; /* MAX credits */ __u32 ifc_list_sz; /* interfaces list size */ __s8 ____payload[]; }; diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c index 9f516f73bd1b..f8f031978d06 100644 --- a/fs/ksmbd/smb2misc.c +++ b/fs/ksmbd/smb2misc.c @@ -327,7 +327,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, ksmbd_debug(SMB, "Insufficient credit charge, given: %d, needed: %d\n", credit_charge, calc_credit_num); return 1; - } else if (credit_charge > conn->max_credits) { + } else if (credit_charge > conn->vals->max_credits) { ksmbd_debug(SMB, "Too large credit charge: %d\n", credit_charge); return 1; } diff --git a/fs/ksmbd/smb2ops.c b/fs/ksmbd/smb2ops.c index 2a6205103df2..f0a5b704f301 100644 --- a/fs/ksmbd/smb2ops.c +++ b/fs/ksmbd/smb2ops.c @@ -20,6 +20,7 @@ static struct smb_version_values smb21_server_values = { .max_read_size = SMB21_DEFAULT_IOSIZE, .max_write_size = SMB21_DEFAULT_IOSIZE, .max_trans_size = SMB21_DEFAULT_IOSIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -45,6 +46,7 @@ static struct smb_version_values smb30_server_values = { .max_read_size = SMB3_DEFAULT_IOSIZE, .max_write_size = SMB3_DEFAULT_IOSIZE, .max_trans_size = SMB3_DEFAULT_TRANS_SIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -71,6 +73,7 @@ static struct smb_version_values smb302_server_values = { .max_read_size = SMB3_DEFAULT_IOSIZE, .max_write_size = SMB3_DEFAULT_IOSIZE, .max_trans_size = SMB3_DEFAULT_TRANS_SIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -97,6 +100,7 @@ static struct smb_version_values smb311_server_values = { .max_read_size = SMB3_DEFAULT_IOSIZE, .max_write_size = SMB3_DEFAULT_IOSIZE, .max_trans_size = SMB3_DEFAULT_TRANS_SIZE, + .max_credits = SMB2_MAX_CREDITS, .large_lock_type = 0, .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, .shared_lock_type = SMB2_LOCKFLAG_SHARED, @@ -198,7 +202,6 @@ void init_smb2_1_server(struct ksmbd_conn *conn) conn->ops = &smb2_0_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_HMAC_SHA256; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -216,7 +219,6 @@ void init_smb3_0_server(struct ksmbd_conn *conn) conn->ops = &smb3_0_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_AES_CMAC; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -241,7 +243,6 @@ void init_smb3_02_server(struct ksmbd_conn *conn) conn->ops = &smb3_0_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_AES_CMAC; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -266,7 +267,6 @@ int init_smb3_11_server(struct ksmbd_conn *conn) conn->ops = &smb3_11_server_ops; conn->cmds = smb2_0_server_cmds; conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); - conn->max_credits = SMB2_MAX_CREDITS; conn->signing_algorithm = SIGNING_ALG_AES_CMAC; if (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB2_LEASES) @@ -305,3 +305,11 @@ void init_smb2_max_trans_size(unsigned int sz) smb302_server_values.max_trans_size = sz; smb311_server_values.max_trans_size = sz; } + +void init_smb2_max_credits(unsigned int sz) +{ + smb21_server_values.max_credits = sz; + smb30_server_values.max_credits = sz; + smb302_server_values.max_credits = sz; + smb311_server_values.max_credits = sz; +} diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index cb71cbfc5fc9..7be0e0994e10 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -310,7 +310,7 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) hdr->CreditCharge = req_hdr->CreditCharge; - if (conn->total_credits > conn->max_credits) { + if (conn->total_credits > conn->vals->max_credits) { hdr->CreditRequest = 0; pr_err("Total credits overflow: %d\n", conn->total_credits); return -EINVAL; @@ -331,12 +331,12 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) if (hdr->Command == SMB2_NEGOTIATE) aux_max = 0; else - aux_max = conn->max_credits - credit_charge; + aux_max = conn->vals->max_credits - credit_charge; aux_credits = min_t(unsigned short, aux_credits, aux_max); credits_granted = credit_charge + aux_credits; - if (conn->max_credits - conn->total_credits < credits_granted) - credits_granted = conn->max_credits - + if (conn->vals->max_credits - conn->total_credits < credits_granted) + credits_granted = conn->vals->max_credits - conn->total_credits; conn->total_credits += credits_granted; diff --git a/fs/ksmbd/smb2pdu.h b/fs/ksmbd/smb2pdu.h index ff5a2f01d34a..4f8574944ac1 100644 --- a/fs/ksmbd/smb2pdu.h +++ b/fs/ksmbd/smb2pdu.h @@ -1647,6 +1647,7 @@ int init_smb3_11_server(struct ksmbd_conn *conn); void init_smb2_max_read_size(unsigned int sz); void init_smb2_max_write_size(unsigned int sz); void init_smb2_max_trans_size(unsigned int sz); +void init_smb2_max_credits(unsigned int sz); bool is_smb2_neg_cmd(struct ksmbd_work *work); bool is_smb2_rsp(struct ksmbd_work *work); diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h index 6e79e7577f6b..1eba8dabaf31 100644 --- a/fs/ksmbd/smb_common.h +++ b/fs/ksmbd/smb_common.h @@ -412,6 +412,7 @@ struct smb_version_values { __u32 max_read_size; __u32 max_write_size; __u32 max_trans_size; + __u32 max_credits; __u32 large_lock_type; __u32 exclusive_lock_type; __u32 shared_lock_type; diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c index 1acf1892a466..3ad6881e0f7e 100644 --- a/fs/ksmbd/transport_ipc.c +++ b/fs/ksmbd/transport_ipc.c @@ -301,6 +301,8 @@ static int ipc_server_config_on_startup(struct ksmbd_startup_request *req) init_smb2_max_write_size(req->smb2_max_write); if (req->smb2_max_trans) init_smb2_max_trans_size(req->smb2_max_trans); + if (req->smb2_max_credits) + init_smb2_max_credits(req->smb2_max_credits); ret = ksmbd_set_netbios_name(req->netbios_name); ret |= ksmbd_set_server_string(req->server_string); From patchwork Fri Jan 21 23:53:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 12720346 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5737CC433FE for ; Fri, 21 Jan 2022 23:54:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229791AbiAUXyC (ORCPT ); Fri, 21 Jan 2022 18:54:02 -0500 Received: from mail-pj1-f49.google.com ([209.85.216.49]:35785 "EHLO mail-pj1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229868AbiAUXyB (ORCPT ); Fri, 21 Jan 2022 18:54:01 -0500 Received: by mail-pj1-f49.google.com with SMTP id w12-20020a17090a528c00b001b276aa3aabso14970983pjh.0; Fri, 21 Jan 2022 15:54:01 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kiSTIgq2L6RzGs0SDabU1lIwcvCVrILXPf+FV7lZnhk=; b=LybJaZG5qzyZMszhaUPqh+UyZefW79qDvgmQ170mp47Yzup4PklmT242MUQTd/EoLW n+taLod1aelC9atKVyKxMQgXAuGexWjUNyVIOVyZ1FNcOMkkco4RLuxIeoXoIGFp/MG+ VOADqPo8+H+NqULUv3Rar0Rkf4QePy5NQdiylZjP9pbt/hxHm6Rzj6+PFgqgb1GQWDUW 8PlqLAuPkjSDRCtXXmyp2xd7h7j26Q41rzX7COPiDRH6sCmwgan2NDIrTqB97CXC3bs8 ryTpsKvxAKsCWZ0xQdiaVfWCXS5+uD0ozZcxhtrukdIsKM9udrzjbQkgMN1zhozROp5H pyoA== X-Gm-Message-State: AOAM532AbVYgfnUm8gKlRlIQKGRa8x2yOHhZd+RtZwTVzqY4rxGPF8Ez hNIAb21NMz5Wpm/t2ZO9avw= X-Google-Smtp-Source: ABdhPJz3Axor6BLNUdu1mkm4qXB65ctwuDIhbq8aEqspxz0VnWvMemNSMPikUmqmAJycmV8zf6p1cg== X-Received: by 2002:a17:90a:56:: with SMTP id 22mr2874962pjb.199.1642809241290; Fri, 21 Jan 2022 15:54:01 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id nn14sm6076356pjb.26.2022.01.21.15.53.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:54:01 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.15.y 2/4] ksmbd: move credit charge deduction under processing request Date: Sat, 22 Jan 2022 08:53:38 +0900 Message-Id: <20220121235340.10269-3-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235340.10269-1-linkinjeon@kernel.org> References: <20220121235340.10269-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org commit 914d7e5709ac59ded70bea7956d408fe2acd7c3c upstream. Moves the credit charge deduction from total_credits under the processing a request. When repeating smb2 lock request and other command request, there will be a problem that ->total_credits does not decrease. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/smb2misc.c | 7 ++----- fs/ksmbd/smb2pdu.c | 16 ++++++++++------ 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c index f8f031978d06..e4a28eae51b2 100644 --- a/fs/ksmbd/smb2misc.c +++ b/fs/ksmbd/smb2misc.c @@ -290,7 +290,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, unsigned int req_len = 0, expect_resp_len = 0, calc_credit_num, max_len; unsigned short credit_charge = le16_to_cpu(hdr->CreditCharge); void *__hdr = hdr; - int ret; + int ret = 0; switch (hdr->Command) { case SMB2_QUERY_INFO: @@ -333,10 +333,7 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, } spin_lock(&conn->credits_lock); - if (credit_charge <= conn->total_credits) { - conn->total_credits -= credit_charge; - ret = 0; - } else { + if (credit_charge > conn->total_credits) { ksmbd_debug(SMB, "Insufficient credits granted, given: %u, granted: %u\n", credit_charge, conn->total_credits); ret = 1; diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index 7be0e0994e10..0ce35717cdde 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -301,9 +301,8 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) struct smb2_hdr *req_hdr = ksmbd_req_buf_next(work); struct smb2_hdr *hdr = ksmbd_resp_buf_next(work); struct ksmbd_conn *conn = work->conn; - unsigned short credits_requested; + unsigned short credits_requested, aux_max; unsigned short credit_charge, credits_granted = 0; - unsigned short aux_max, aux_credits; if (work->send_no_response) return 0; @@ -318,6 +317,13 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) credit_charge = max_t(unsigned short, le16_to_cpu(req_hdr->CreditCharge), 1); + if (credit_charge > conn->total_credits) { + ksmbd_debug(SMB, "Insufficient credits granted, given: %u, granted: %u\n", + credit_charge, conn->total_credits); + return -EINVAL; + } + + conn->total_credits -= credit_charge; credits_requested = max_t(unsigned short, le16_to_cpu(req_hdr->CreditRequest), 1); @@ -327,13 +333,11 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) * TODO: Need to adjuct CreditRequest value according to * current cpu load */ - aux_credits = credits_requested - 1; if (hdr->Command == SMB2_NEGOTIATE) - aux_max = 0; + aux_max = 1; else aux_max = conn->vals->max_credits - credit_charge; - aux_credits = min_t(unsigned short, aux_credits, aux_max); - credits_granted = credit_charge + aux_credits; + credits_granted = min_t(unsigned short, credits_requested, aux_max); if (conn->vals->max_credits - conn->total_credits < credits_granted) credits_granted = conn->vals->max_credits - From patchwork Fri Jan 21 23:53:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 12720347 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32DA2C433EF for ; Fri, 21 Jan 2022 23:54:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229869AbiAUXyE (ORCPT ); Fri, 21 Jan 2022 18:54:04 -0500 Received: from mail-pg1-f178.google.com ([209.85.215.178]:45890 "EHLO mail-pg1-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229868AbiAUXyE (ORCPT ); Fri, 21 Jan 2022 18:54:04 -0500 Received: by mail-pg1-f178.google.com with SMTP id c5so9376981pgk.12; Fri, 21 Jan 2022 15:54:04 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WHDD6AnNIbFltgrQnZ3SkV7eKjXRnp3FzJv1cPkHzs8=; b=o+pixkJe3SNxcoVKROW0J5l7XRkCo0xD+p60r7xSFcIMzJeffLjK1QZOxgafu1lddc tWhP9am1hjxUiSZN+g/FeS2GLqCCPNK0Tif0y09YeJJIti+EzVQwE+30AVfnAFK/NkYT nY+CXRRy2BuBG4HBkZ1KQ9uvr9IBBz+JOH8J2eFe8yk9Ns2vwQjg/lK+QhfWizdSao6L PjUCm/c+wY3BSUD8iMqgyhMwimpOA++bMyvwHcQOzUxf/hBAN8IWOuXYmlq+CSLbchLm TIwjYZKG91zLSILqf9aPET+Kfwo7XeHkNHSq02aMQPS3IDvLjx66cdB4nd23+rbelfVJ ksSw== X-Gm-Message-State: AOAM532DM2U88Ut54sYf94AphydYdSbg6Xsql7Um3nTGI//eRJgksYes AOcNSJ/HaI1lsrrBEbGc/RBJDblDVx8= X-Google-Smtp-Source: ABdhPJyOI99NLxzay0/sIgGgPGA7+6x07gUbIEdHFjK0hgkEiYC5N65o4qoDrC2Qtnixaxmoj7NAaA== X-Received: by 2002:a63:7110:: with SMTP id m16mr4372330pgc.621.1642809244068; Fri, 21 Jan 2022 15:54:04 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id nn14sm6076356pjb.26.2022.01.21.15.54.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:54:03 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.15.y 3/4] ksmbd: limits exceeding the maximum allowable outstanding requests Date: Sat, 22 Jan 2022 08:53:39 +0900 Message-Id: <20220121235340.10269-4-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235340.10269-1-linkinjeon@kernel.org> References: <20220121235340.10269-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org commit b589f5db6d4af8f14d70e31e1276b4c017668a26 upstream. If the client ignores the CreditResponse received from the server and continues to send the request, ksmbd limits the requests if it exceeds smb2 max credits. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/connection.c | 1 + fs/ksmbd/connection.h | 3 ++- fs/ksmbd/smb2misc.c | 9 +++++++++ fs/ksmbd/smb2pdu.c | 1 + 4 files changed, 13 insertions(+), 1 deletion(-) diff --git a/fs/ksmbd/connection.c b/fs/ksmbd/connection.c index b57a0d8a392f..f7d5e8b7bef7 100644 --- a/fs/ksmbd/connection.c +++ b/fs/ksmbd/connection.c @@ -62,6 +62,7 @@ struct ksmbd_conn *ksmbd_conn_alloc(void) atomic_set(&conn->req_running, 0); atomic_set(&conn->r_count, 0); conn->total_credits = 1; + conn->outstanding_credits = 1; init_waitqueue_head(&conn->req_running_q); INIT_LIST_HEAD(&conn->conns_list); diff --git a/fs/ksmbd/connection.h b/fs/ksmbd/connection.h index 08e85568ccd6..8694aef482c1 100644 --- a/fs/ksmbd/connection.h +++ b/fs/ksmbd/connection.h @@ -61,7 +61,8 @@ struct ksmbd_conn { atomic_t req_running; /* References which are made for this Server object*/ atomic_t r_count; - unsigned short total_credits; + unsigned int total_credits; + unsigned int outstanding_credits; spinlock_t credits_lock; wait_queue_head_t req_running_q; /* Lock to protect requests list*/ diff --git a/fs/ksmbd/smb2misc.c b/fs/ksmbd/smb2misc.c index e4a28eae51b2..cc1c38686ecd 100644 --- a/fs/ksmbd/smb2misc.c +++ b/fs/ksmbd/smb2misc.c @@ -338,7 +338,16 @@ static int smb2_validate_credit_charge(struct ksmbd_conn *conn, credit_charge, conn->total_credits); ret = 1; } + + if ((u64)conn->outstanding_credits + credit_charge > conn->vals->max_credits) { + ksmbd_debug(SMB, "Limits exceeding the maximum allowable outstanding requests, given : %u, pending : %u\n", + credit_charge, conn->outstanding_credits); + ret = 1; + } else + conn->outstanding_credits += credit_charge; + spin_unlock(&conn->credits_lock); + return ret; } diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index 0ce35717cdde..5327247f98e4 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -324,6 +324,7 @@ int smb2_set_rsp_credits(struct ksmbd_work *work) } conn->total_credits -= credit_charge; + conn->outstanding_credits -= credit_charge; credits_requested = max_t(unsigned short, le16_to_cpu(req_hdr->CreditRequest), 1); From patchwork Fri Jan 21 23:53:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Namjae Jeon X-Patchwork-Id: 12720348 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 373C0C433F5 for ; Fri, 21 Jan 2022 23:54:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229827AbiAUXyI (ORCPT ); Fri, 21 Jan 2022 18:54:08 -0500 Received: from mail-pf1-f178.google.com ([209.85.210.178]:33282 "EHLO mail-pf1-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229880AbiAUXyH (ORCPT ); Fri, 21 Jan 2022 18:54:07 -0500 Received: by mail-pf1-f178.google.com with SMTP id y27so6105227pfa.0; Fri, 21 Jan 2022 15:54:07 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=khIC+u+MTPJ26mN7B+E2bNWIhiuFBq3/IbsqxM4+2ys=; b=SOGzurSdsjQbbW+IpUW011P3sJME4av5fhZIDpPpMPpr/XCdRGWOj6ZK2kzJjbX48z z3eh/4xuh303jbT783bD8GxlHUDDcvk39jj8sCAznGR59JNm8hJGLysgTFnaAxDx5O7g CP1jcCBB0orTdiH0kpgVFKXQkT1px9iMwNr27QAe6n5x1t7UluxgmppZQKjlgXroLbEJ 3U2CNUYdQjM4pAl6DJsG53hINPQmqfnxE/FgZ/seP6kXvJbpfOOt6COuK+Q3fOseHcUB rzwwXXJK0QAExB2PECAJcgM/STdbZxksb1O3Wse3lwmk6rwPMHub9hs7HoDIeO0TT51O ltuw== X-Gm-Message-State: AOAM532L5Dpu09QASr71N8JiV6FVxhjkq2aPz4ROaa0ZWOGlTQ1a+p7r Vs4P2cgfLxnirynIzlsdK9ETK7pN4FQ= X-Google-Smtp-Source: ABdhPJyjXbsyyNsUsZqUsHfgFQpHFScvk3yRbY187roDQQaqaGPnUw1RJPkfddY5TFLr2Tp/t/1C2Q== X-Received: by 2002:a63:b44a:: with SMTP id n10mr4431716pgu.77.1642809247178; Fri, 21 Jan 2022 15:54:07 -0800 (PST) Received: from localhost.localdomain ([61.74.27.164]) by smtp.gmail.com with ESMTPSA id nn14sm6076356pjb.26.2022.01.21.15.54.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jan 2022 15:54:06 -0800 (PST) From: Namjae Jeon To: gregkh@linuxfoundation.org Cc: stable@vger.kernel.org, smfrench@gmail.com, linux-cifs@vger.kernel.org, Namjae Jeon , Steve French Subject: [PATCH 5.15.y 4/4] ksmbd: add reserved room in ipc request/response Date: Sat, 22 Jan 2022 08:53:40 +0900 Message-Id: <20220121235340.10269-5-linkinjeon@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220121235340.10269-1-linkinjeon@kernel.org> References: <20220121235340.10269-1-linkinjeon@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org commit 41dbda16a0902798e732abc6599de256b9dc3b27 upstream. Whenever new parameter is added to smb configuration, It is possible to break the execution of the IPC daemon by mismatch size of request/response. This patch tries to reserve space in ipc request/response in advance to prevent that. Signed-off-by: Namjae Jeon Signed-off-by: Steve French --- fs/ksmbd/ksmbd_netlink.h | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/fs/ksmbd/ksmbd_netlink.h b/fs/ksmbd/ksmbd_netlink.h index a5c2861792ae..71bfb7de4472 100644 --- a/fs/ksmbd/ksmbd_netlink.h +++ b/fs/ksmbd/ksmbd_netlink.h @@ -104,6 +104,7 @@ struct ksmbd_startup_request { */ __u32 sub_auth[3]; /* Subauth value for Security ID */ __u32 smb2_max_credits; /* MAX credits */ + __u32 reserved[128]; /* Reserved room */ __u32 ifc_list_sz; /* interfaces list size */ __s8 ____payload[]; }; @@ -114,7 +115,7 @@ struct ksmbd_startup_request { * IPC request to shutdown ksmbd server. */ struct ksmbd_shutdown_request { - __s32 reserved; + __s32 reserved[16]; }; /* @@ -123,6 +124,7 @@ struct ksmbd_shutdown_request { struct ksmbd_login_request { __u32 handle; __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -136,6 +138,7 @@ struct ksmbd_login_response { __u16 status; __u16 hash_sz; /* hash size */ __s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -144,6 +147,7 @@ struct ksmbd_login_response { struct ksmbd_share_config_request { __u32 handle; __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -158,6 +162,7 @@ struct ksmbd_share_config_response { __u16 force_directory_mode; __u16 force_uid; __u16 force_gid; + __u32 reserved[128]; /* Reserved room */ __u32 veto_list_sz; __s8 ____payload[]; }; @@ -188,6 +193,7 @@ struct ksmbd_tree_connect_request { __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; __s8 share[KSMBD_REQ_MAX_SHARE_NAME]; __s8 peer_addr[64]; + __u32 reserved[16]; /* Reserved room */ }; /* @@ -197,6 +203,7 @@ struct ksmbd_tree_connect_response { __u32 handle; __u16 status; __u16 connection_flags; + __u32 reserved[16]; /* Reserved room */ }; /* @@ -205,6 +212,7 @@ struct ksmbd_tree_connect_response { struct ksmbd_tree_disconnect_request { __u64 session_id; /* session id */ __u64 connect_id; /* tree connection id */ + __u32 reserved[16]; /* Reserved room */ }; /* @@ -213,6 +221,7 @@ struct ksmbd_tree_disconnect_request { struct ksmbd_logout_request { __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ __u32 account_flags; + __u32 reserved[16]; /* Reserved room */ }; /*