Commit e0fac5fc authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'v6.11-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 

Pull smb client fixes from Steve French:

 - fix for clang warning - additional null check

 - fix for cached write with posix locks

 - flexible structure fix

* tag 'v6.11-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
  smb: smb2pdu.h: Use static_assert() to check struct sizes
  smb3: fix lock breakage for cached writes
  smb/client: avoid possible NULL dereference in cifs_free_subrequest()
parents 98a1b2d7 5b4f3af3

fs/smb/client/file.c

+15 −6
Original line number Diff line number Diff line
@@ -316,7 +316,7 @@ static void cifs_free_subrequest(struct netfs_io_subrequest *subreq) 
#endif

	}



	if (rdata->credits.value != 0)

	if (rdata->credits.value != 0) {

		trace_smb3_rw_credits(rdata->rreq->debug_id,

				      rdata->subreq.debug_index,

				      rdata->credits.value,
@@ -324,8 +324,12 @@ static void cifs_free_subrequest(struct netfs_io_subrequest *subreq) 
				      rdata->server ? rdata->server->in_flight : 0,

				      -rdata->credits.value,

				      cifs_trace_rw_credits_free_subreq);



		if (rdata->server)

			add_credits_and_wake_if(rdata->server, &rdata->credits, 0);

		else

			rdata->credits.value = 0;

	}



	if (rdata->have_xid)

		free_xid(rdata->xid);

}
@@ -2750,6 +2754,7 @@ cifs_writev(struct kiocb *iocb, struct iov_iter *from) 
	struct inode *inode = file->f_mapping->host;

	struct cifsInodeInfo *cinode = CIFS_I(inode);

	struct TCP_Server_Info *server = tlink_tcon(cfile->tlink)->ses->server;

	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);

	ssize_t rc;



	rc = netfs_start_io_write(inode);
@@ -2766,12 +2771,16 @@ cifs_writev(struct kiocb *iocb, struct iov_iter *from) 
	if (rc <= 0)

		goto out;



	if (!cifs_find_lock_conflict(cfile, iocb->ki_pos, iov_iter_count(from),

	if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOPOSIXBRL) &&

	    (cifs_find_lock_conflict(cfile, iocb->ki_pos, iov_iter_count(from),

				     server->vals->exclusive_lock_type, 0,

				     NULL, CIFS_WRITE_OP))

		rc = netfs_buffered_write_iter_locked(iocb, from, NULL);

	else

				     NULL, CIFS_WRITE_OP))) {

		rc = -EACCES;

		goto out;

	}



	rc = netfs_buffered_write_iter_locked(iocb, from, NULL);



out:

	up_read(&cinode->lock_sem);

	netfs_end_io_write(inode);

fs/smb/common/smb2pdu.h

+2 −0
Original line number Diff line number Diff line
@@ -1216,6 +1216,8 @@ struct create_context { 
	);

	__u8 Buffer[];

} __packed;

static_assert(offsetof(struct create_context, Buffer) == sizeof(struct create_context_hdr),

	      "struct member likely outside of __struct_group()");



struct smb2_create_req {

	struct smb2_hdr hdr;