projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 00e485b)
[CIFS] In SendReceive, move consistency check out of the mutexed region
authorVolker Lendecke <vl@samba.org>
Mon, 8 Dec 2008 20:50:24 +0000 (20:50 +0000)
committerSteve French <sfrench@us.ibm.com>
Fri, 26 Dec 2008 02:29:11 +0000 (02:29 +0000)
inbuf->smb_buf_length does not change in in wait_for_free_request() or in
allocate_mid(), so we can check it early.

Signed-off-by: Volker Lendecke <vl@samba.org>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
fs/cifs/transport.c patch | blob | blame | history

diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
index 4d076be46d90eb190ca393bd6b02405faae10364..e80210693ff70c964a17b636f041fb1c644749d8 100644 (file)
--- a/fs/cifs/transport.c
+++ b/fs/cifs/transport.c
@@ -687,6 +687,12 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
           to the same server. We may make this configurable later or
           use ses->maxReq */
 
+       if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
+               cERROR(1, ("Illegal length, greater than maximum frame, %d",
+                          in_buf->smb_buf_length));
+               return -EIO;
+       }
+
        rc = wait_for_free_request(ses, long_op);
        if (rc)
                return rc;
@@ -706,17 +712,6 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
                return rc;
        }
 
-       if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
-               cERROR(1, ("Illegal length, greater than maximum frame, %d",
-                       in_buf->smb_buf_length));
-               DeleteMidQEntry(midQ);
-               mutex_unlock(&ses->server->srv_mutex);
-               /* Update # of requests on wire to server */
-               atomic_dec(&ses->server->inFlight);
-               wake_up(&ses->server->request_q);
-               return -EIO;
-       }
-
        rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
 
        midQ->midState = MID_REQUEST_SUBMITTED;
@@ -925,6 +920,12 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
           to the same server. We may make this configurable later or
           use ses->maxReq */
 
+       if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
+               cERROR(1, ("Illegal length, greater than maximum frame, %d",
+                          in_buf->smb_buf_length));
+               return -EIO;
+       }
+
        rc = wait_for_free_request(ses, CIFS_BLOCKING_OP);
        if (rc)
                return rc;
@@ -941,14 +942,6 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
                return rc;
        }
 
-       if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
-               mutex_unlock(&ses->server->srv_mutex);
-               cERROR(1, ("Illegal length, greater than maximum frame, %d",
-                       in_buf->smb_buf_length));
-               DeleteMidQEntry(midQ);
-               return -EIO;
-       }
-
        rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
 
        midQ->midState = MID_REQUEST_SUBMITTED;