Merge tag 'v6.13-rc3-ksmbd-server-fixes' of git://git.samba.org/ksmbd

	atomic_set(&conn->req_running, 0);

	atomic_set(&conn->r_count, 0);

	atomic_set(&conn->refcnt, 1);

	atomic_set(&conn->mux_smb_requests, 0);

	conn->total_credits = 1;

	conn->outstanding_credits = 0;

	if (conn->ops->get_cmd_val(work) != SMB2_CANCEL_HE)

		requests_queue = &conn->requests;

	if (requests_queue) {

	atomic_inc(&conn->req_running);

	if (requests_queue) {

		spin_lock(&conn->request_lock);

		list_add_tail(&work->request_entry, requests_queue);

		spin_unlock(&conn->request_lock);

{

	struct ksmbd_conn *conn = work->conn;

	atomic_dec(&conn->req_running);

	if (waitqueue_active(&conn->req_running_q))

		wake_up(&conn->req_running_q);

	if (list_empty(&work->request_entry) &&

	    list_empty(&work->async_request_entry))

		return;

	atomic_dec(&conn->req_running);

	spin_lock(&conn->request_lock);

	list_del_init(&work->request_entry);

	spin_unlock(&conn->request_lock);

{

	struct ksmbd_conn *conn = (struct ksmbd_conn *)p;

	struct ksmbd_transport *t = conn->transport;

	unsigned int pdu_size, max_allowed_pdu_size;

	unsigned int pdu_size, max_allowed_pdu_size, max_req;

	char hdr_buf[4] = {0,};

	int size;

	if (t->ops->prepare && t->ops->prepare(t))

		goto out;

	max_req = server_conf.max_inflight_req;

	conn->last_active = jiffies;

	set_freezable();

	while (ksmbd_conn_alive(conn)) {

		kvfree(conn->request_buf);

		conn->request_buf = NULL;

recheck:

		if (atomic_read(&conn->req_running) + 1 > max_req) {

			wait_event_interruptible(conn->req_running_q,

				atomic_read(&conn->req_running) < max_req);

			goto recheck;

		}

		size = t->ops->read(t, hdr_buf, sizeof(hdr_buf), -1);

		if (size != sizeof(hdr_buf))

			break;

	__le16				signing_algorithm;

	bool				binding;

	atomic_t			refcnt;

	atomic_t			mux_smb_requests;

};

struct ksmbd_conn_ops {

	ksmbd_conn_try_dequeue_request(work);

	ksmbd_free_work_struct(work);

	atomic_dec(&conn->mux_smb_requests);

	/*

	 * Checking waitqueue to dropping pending requests on

	 * disconnection. waitqueue_active is safe because it

	if (err)

		return 0;

	if (atomic_inc_return(&conn->mux_smb_requests) >= conn->vals->max_credits) {

		atomic_dec_return(&conn->mux_smb_requests);

		return -ENOSPC;

	}

	work = ksmbd_alloc_work_struct();

	if (!work) {

		pr_err("allocation for work failed\n");

	server_conf.auth_mechs |= KSMBD_AUTH_KRB5 |

				KSMBD_AUTH_MSKRB5;

#endif

	server_conf.max_inflight_req = SMB2_MAX_CREDITS;

	return 0;

}

	struct smb_sid		domain_sid;

	unsigned int		auth_mechs;

	unsigned int		max_connections;

	unsigned int		max_inflight_req;

	char			*conf[SERVER_CONF_WORK_GROUP + 1];

	struct task_struct	*dh_task;

		return rc;

	}

	ksmbd_conn_lock(conn);

	smb2_buf_len = get_rfc1002_len(work->request_buf);

	smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects);

	if (smb2_neg_size > smb2_buf_len) {

	ksmbd_conn_set_need_negotiate(conn);

err_out:

	ksmbd_conn_unlock(conn);

	if (rc)

		rsp->hdr.Status = STATUS_INSUFFICIENT_RESOURCES;