Merge tag '6.7-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd

void ksmbd_conn_wait_idle(struct ksmbd_conn *conn, u64 sess_id)

{

	struct ksmbd_conn *bind_conn;

	wait_event(conn->req_running_q, atomic_read(&conn->req_running) < 2);

	down_read(&conn_list_lock);

	list_for_each_entry(bind_conn, &conn_list, conns_list) {

		if (bind_conn == conn)

			continue;

		if ((bind_conn->binding || xa_load(&bind_conn->sessions, sess_id)) &&

		    !ksmbd_conn_releasing(bind_conn) &&

		    atomic_read(&bind_conn->req_running)) {

			wait_event(bind_conn->req_running_q,

				atomic_read(&bind_conn->req_running) == 0);

		}

	}

	up_read(&conn_list_lock);

}

int ksmbd_conn_write(struct ksmbd_work *work)

	return queue_work(ksmbd_wq, &work->work);

}

static int ksmbd_realloc_iov_pin(struct ksmbd_work *work, void *ib,

static inline void __ksmbd_iov_pin(struct ksmbd_work *work, void *ib,

				   unsigned int ib_len)

{

	work->iov[++work->iov_idx].iov_base = ib;

	work->iov[work->iov_idx].iov_len = ib_len;

	work->iov_cnt++;

}

static int __ksmbd_iov_pin_rsp(struct ksmbd_work *work, void *ib, int len,

			       void *aux_buf, unsigned int aux_size)

{

	struct aux_read *ar;

	int need_iov_cnt = 1;

	if (aux_size) {

		need_iov_cnt++;

		ar = kmalloc(sizeof(struct aux_read), GFP_KERNEL);

		if (!ar)

			return -ENOMEM;

	}

	if (work->iov_alloc_cnt <= work->iov_cnt) {

	if (work->iov_alloc_cnt < work->iov_cnt + need_iov_cnt) {

		struct kvec *new;

		work->iov_alloc_cnt += 4;

		work->iov = new;

	}

	work->iov[++work->iov_idx].iov_base = ib;

	work->iov[work->iov_idx].iov_len = ib_len;

	work->iov_cnt++;

	return 0;

}

static int __ksmbd_iov_pin_rsp(struct ksmbd_work *work, void *ib, int len,

			       void *aux_buf, unsigned int aux_size)

{

	/* Plus rfc_length size on first iov */

	if (!work->iov_idx) {

		work->iov[work->iov_idx].iov_base = work->response_buf;

		work->iov_cnt++;

	}

	ksmbd_realloc_iov_pin(work, ib, len);

	__ksmbd_iov_pin(work, ib, len);

	inc_rfc1001_len(work->iov[0].iov_base, len);

	if (aux_size) {

		struct aux_read *ar;

		ksmbd_realloc_iov_pin(work, aux_buf, aux_size);

		__ksmbd_iov_pin(work, aux_buf, aux_size);

		inc_rfc1001_len(work->iov[0].iov_base, aux_size);

		ar = kmalloc(sizeof(struct aux_read), GFP_KERNEL);

		if (!ar)

			return -ENOMEM;

		ar->buf = aux_buf;

		list_add(&ar->entry, &work->aux_read_list);

	}

	size_t			passkey_sz;

	char			*passkey;

	unsigned int		failed_login_count;

};

static inline bool user_guest(struct ksmbd_user *user)

	if (ib_dev->node_type != RDMA_NODE_IB_CA)

		smb_direct_port = SMB_DIRECT_PORT_IWARP;

	if (!ib_dev->ops.get_netdev ||

	    !rdma_frwr_is_supported(&ib_dev->attrs))

	if (!rdma_frwr_is_supported(&ib_dev->attrs))

		return 0;

	smb_dev = kzalloc(sizeof(*smb_dev), GFP_KERNEL);

		for (i = 0; i < smb_dev->ib_dev->phys_port_cnt; i++) {

			struct net_device *ndev;

			ndev = smb_dev->ib_dev->ops.get_netdev(smb_dev->ib_dev,

							       i + 1);

			if (smb_dev->ib_dev->ops.get_netdev) {

				ndev = smb_dev->ib_dev->ops.get_netdev(

					smb_dev->ib_dev, i + 1);

				if (!ndev)

					continue;

					goto out;

				}

				dev_put(ndev);

			/* if ib_dev does not implement ops.get_netdev

			 * check for matching infiniband GUID in hw_addr

			 */

			} else if (netdev->type == ARPHRD_INFINIBAND) {

				struct netdev_hw_addr *ha;

				union ib_gid gid;

				u32 port_num;

				int ret;

				netdev_hw_addr_list_for_each(

					ha, &netdev->dev_addrs) {

					memcpy(&gid, ha->addr + 4, sizeof(gid));

					ret = ib_find_gid(smb_dev->ib_dev, &gid,

							  &port_num, NULL);

					if (!ret) {

						rdma_capable = true;

						goto out;

					}

				}

			}

		}

	}

out:

#include "unicode.h"

#include "smb_common.h"

/*

 * smb_utf16_bytes() - how long will a string be after conversion?

 * @from:	pointer to input string

 * @maxbytes:	don't go past this many bytes of input string

 * @codepage:	destination codepage

 *

 * Walk a utf16le string and return the number of bytes that the string will

 * be after being converted to the given charset, not including any null

 * termination required. Don't walk past maxbytes in the source buffer.

 *

 * Return:	string length after conversion

 */

static int smb_utf16_bytes(const __le16 *from, int maxbytes,

			   const struct nls_table *codepage)

{

	int i;

	int charlen, outlen = 0;

	int maxwords = maxbytes / 2;

	char tmp[NLS_MAX_CHARSET_SIZE];

	__u16 ftmp;

	for (i = 0; i < maxwords; i++) {

		ftmp = get_unaligned_le16(&from[i]);

		if (ftmp == 0)

			break;

		charlen = codepage->uni2char(ftmp, tmp, NLS_MAX_CHARSET_SIZE);

		if (charlen > 0)

			outlen += charlen;

		else

			outlen++;

	}

	return outlen;

}

/*

 * cifs_mapchar() - convert a host-endian char to proper char in codepage

 * @target:	where converted character should be copied

 * @src_char:	2 byte host-endian source character

 * @from:	host-endian source string

 * @cp:		codepage to which character should be converted

 * @mapchar:	should character be mapped according to mapchars mount option?

 *

 * Return:	string length after conversion

 */

static int

cifs_mapchar(char *target, const __u16 src_char, const struct nls_table *cp,

cifs_mapchar(char *target, const __u16 *from, const struct nls_table *cp,

	     bool mapchar)

{

	int len = 1;

	__u16 src_char;

	src_char = *from;

	if (!mapchar)

		goto cp_convert;

cp_convert:

	len = cp->uni2char(src_char, target, NLS_MAX_CHARSET_SIZE);

	if (len <= 0) {

	if (len <= 0)

		goto surrogate_pair;

	goto out;

surrogate_pair:

	/* convert SURROGATE_PAIR and IVS */

	if (strcmp(cp->charset, "utf8"))

		goto unknown;

	len = utf16s_to_utf8s(from, 3, UTF16_LITTLE_ENDIAN, target, 6);

	if (len <= 0)

		goto unknown;

	return len;

unknown:

	*target = '?';

	len = 1;

	goto out;

}

	goto out;

/*

 * smb_utf16_bytes() - compute converted string length

 * @from:	pointer to input string

 * @maxbytes:	input string length

 * @codepage:	destination codepage

 *

 * Walk a utf16le string and return the number of bytes that the string will

 * be after being converted to the given charset, not including any null

 * termination required. Don't walk past maxbytes in the source buffer.

 *

 * Return:	string length after conversion

 */

static int smb_utf16_bytes(const __le16 *from, int maxbytes,

			   const struct nls_table *codepage)

{

	int i, j;

	int charlen, outlen = 0;

	int maxwords = maxbytes / 2;

	char tmp[NLS_MAX_CHARSET_SIZE];

	__u16 ftmp[3];

	for (i = 0; i < maxwords; i++) {

		ftmp[0] = get_unaligned_le16(&from[i]);

		if (ftmp[0] == 0)

			break;

		for (j = 1; j <= 2; j++) {

			if (i + j < maxwords)

				ftmp[j] = get_unaligned_le16(&from[i + j]);

			else

				ftmp[j] = 0;

		}

		charlen = cifs_mapchar(tmp, ftmp, codepage, 0);

		if (charlen > 0)

			outlen += charlen;

		else

			outlen++;

	}

	return outlen;

}

/*

static int smb_from_utf16(char *to, const __le16 *from, int tolen, int fromlen,

			  const struct nls_table *codepage, bool mapchar)

{

	int i, charlen, safelen;

	int i, j, charlen, safelen;

	int outlen = 0;

	int nullsize = nls_nullsize(codepage);

	int fromwords = fromlen / 2;

	char tmp[NLS_MAX_CHARSET_SIZE];

	__u16 ftmp;

	__u16 ftmp[3];	/* ftmp[3] = 3array x 2bytes = 6bytes UTF-16 */

	/*

	 * because the chars can be of varying widths, we need to take care

	safelen = tolen - (NLS_MAX_CHARSET_SIZE + nullsize);

	for (i = 0; i < fromwords; i++) {

		ftmp = get_unaligned_le16(&from[i]);

		if (ftmp == 0)

		ftmp[0] = get_unaligned_le16(&from[i]);

		if (ftmp[0] == 0)

			break;

		for (j = 1; j <= 2; j++) {

			if (i + j < fromwords)

				ftmp[j] = get_unaligned_le16(&from[i + j]);

			else

				ftmp[j] = 0;

		}

		/*

		 * check to see if converting this character might make the

		/* put converted char into 'to' buffer */

		charlen = cifs_mapchar(&to[outlen], ftmp, codepage, mapchar);

		outlen += charlen;

		/*

		 * charlen (=bytes of UTF-8 for 1 character)

		 * 4bytes UTF-8(surrogate pair) is charlen=4

		 * (4bytes UTF-16 code)

		 * 7-8bytes UTF-8(IVS) is charlen=3+4 or 4+4

		 * (2 UTF-8 pairs divided to 2 UTF-16 pairs)

		 */

		if (charlen == 4)

			i++;

		else if (charlen >= 5)

			/* 5-6bytes UTF-8 */

			i += 2;

	}

	/* properly null-terminate string */

	char src_char;

	__le16 dst_char;

	wchar_t tmp;

	wchar_t wchar_to[6];	/* UTF-16 */

	int ret;

	unicode_t u;

	if (!mapchars)

		return smb_strtoUTF16(target, source, srclen, cp);

			 * if no match, use question mark, which at least in

			 * some cases serves as wild card

			 */

			if (charlen < 1) {

			if (charlen > 0)

				goto ctoUTF16;

			/* convert SURROGATE_PAIR */

			if (strcmp(cp->charset, "utf8"))

				goto unknown;

			if (*(source + i) & 0x80) {

				charlen = utf8_to_utf32(source + i, 6, &u);

				if (charlen < 0)

					goto unknown;

			} else

				goto unknown;

			ret  = utf8s_to_utf16s(source + i, charlen,

					UTF16_LITTLE_ENDIAN,

					wchar_to, 6);

			if (ret < 0)

				goto unknown;

			i += charlen;

			dst_char = cpu_to_le16(*wchar_to);

			if (charlen <= 3)

				/* 1-3bytes UTF-8 to 2bytes UTF-16 */

				put_unaligned(dst_char, &target[j]);

			else if (charlen == 4) {

				/*

				 * 4bytes UTF-8(surrogate pair) to 4bytes UTF-16

				 * 7-8bytes UTF-8(IVS) divided to 2 UTF-16

				 * (charlen=3+4 or 4+4)

				 */

				put_unaligned(dst_char, &target[j]);

				dst_char = cpu_to_le16(*(wchar_to + 1));

				j++;

				put_unaligned(dst_char, &target[j]);

			} else if (charlen >= 5) {

				/* 5-6bytes UTF-8 to 6bytes UTF-16 */

				put_unaligned(dst_char, &target[j]);

				dst_char = cpu_to_le16(*(wchar_to + 1));

				j++;

				put_unaligned(dst_char, &target[j]);

				dst_char = cpu_to_le16(*(wchar_to + 2));

				j++;

				put_unaligned(dst_char, &target[j]);

			}

			continue;

unknown:

			dst_char = cpu_to_le16(0x003f);

			charlen = 1;

		}

		}

ctoUTF16:

		/*

		 * character may take more than one byte in the source string,

		 * but will take exactly two bytes in the target string