Commit be8e3b00 authored by Steve French's avatar Steve French
Browse files

consistently use smb_buf_length as be32 for cifs (try 3) 



       There is one big endian field in the cifs protocol, the RFC1001
       length, which cifs code (unlike in the smb2 code) had been handling as
       u32 until the last possible moment, when it was converted to be32 (its
       native form) before sending on the wire.   To remove the last sparse
       endian warning, and to make this consistent with the smb2
       implementation  (which always treats the fields in their
       native size and endianness), convert all uses of smb_buf_length to
       be32.

       This version incorporates Christoph's comment about
       using be32_add_cpu, and fixes a typo in the second
       version of the patch.

Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
Signed-off-by: default avatarPavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent 9409ae58

fs/cifs/cifsencrypt.c

+1 −1
Original line number Diff line number Diff line
@@ -60,7 +60,7 @@ static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, 
		server->session_key.response, server->session_key.len);



	crypto_shash_update(&server->secmech.sdescmd5->shash,

		cifs_pdu->Protocol, cifs_pdu->smb_buf_length);

		cifs_pdu->Protocol, be32_to_cpu(cifs_pdu->smb_buf_length));



	rc = crypto_shash_final(&server->secmech.sdescmd5->shash, signature);

fs/cifs/cifspdu.h

+3 −3
Original line number Diff line number Diff line
@@ -397,9 +397,9 @@ 
#define GETU32(var)  (*((__u32 *)var))	/* BB check for endian issues */



struct smb_hdr {

	__u32 smb_buf_length;	/* big endian on wire *//* BB length is only two

		or three bytes - with one or two byte type preceding it that are

		zero - we could mask the type byte off just in case BB */

	__be32 smb_buf_length;	/* BB length is only two (rarely three) bytes,

		with one or two byte "type" preceding it that will be

		zero - we could mask the type byte off */

	__u8 Protocol[4];

	__u8 Command;

	union {

fs/cifs/cifssmb.c

+65 −58
Original line number Diff line number Diff line
@@ -358,6 +358,13 @@ vt2_err: 
	return -EINVAL;

}



static inline void inc_rfc1001_len(void *pSMB, int count)

{

	struct smb_hdr *hdr = (struct smb_hdr *)pSMB;



	be32_add_cpu(&hdr->smb_buf_length, count);

}



int

CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)

{
@@ -410,7 +417,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) 
		count += strlen(protocols[i].name) + 1;

		/* null at end of source and target buffers anyway */

	}

	pSMB->hdr.smb_buf_length += count;

	inc_rfc1001_len(pSMB, count);

	pSMB->ByteCount = cpu_to_le16(count);



	rc = SendReceive(xid, ses, (struct smb_hdr *) pSMB,
@@ -731,7 +738,7 @@ CIFSSMBEcho(struct TCP_Server_Info *server) 
	put_unaligned_le16(1, &smb->EchoCount);

	put_bcc_le(1, &smb->hdr);

	smb->Data[0] = 'a';

	smb->hdr.smb_buf_length += 3;

	inc_rfc1001_len(smb, 3);



	rc = cifs_call_async(server, (struct smb_hdr *)smb,

				cifs_echo_callback, server);
@@ -849,7 +856,7 @@ PsxDelete: 
	pSMB->TotalParameterCount = pSMB->ParameterCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_POSIX_UNLINK);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -895,7 +902,7 @@ DelFileRetry: 
	pSMB->SearchAttributes =

	    cpu_to_le16(ATTR_READONLY | ATTR_HIDDEN | ATTR_SYSTEM);

	pSMB->BufferFormat = 0x04;

	pSMB->hdr.smb_buf_length += name_len + 1;

	inc_rfc1001_len(pSMB, name_len + 1);

	pSMB->ByteCount = cpu_to_le16(name_len + 1);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -939,7 +946,7 @@ RmDirRetry: 
	}



	pSMB->BufferFormat = 0x04;

	pSMB->hdr.smb_buf_length += name_len + 1;

	inc_rfc1001_len(pSMB, name_len + 1);

	pSMB->ByteCount = cpu_to_le16(name_len + 1);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -982,7 +989,7 @@ MkDirRetry: 
	}



	pSMB->BufferFormat = 0x04;

	pSMB->hdr.smb_buf_length += name_len + 1;

	inc_rfc1001_len(pSMB, name_len + 1);

	pSMB->ByteCount = cpu_to_le16(name_len + 1);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -1060,7 +1067,7 @@ PsxCreat: 
	pSMB->TotalParameterCount = pSMB->ParameterCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_POSIX_OPEN);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -1225,7 +1232,7 @@ OldOpenRetry: 
	pSMB->Sattr = cpu_to_le16(ATTR_HIDDEN | ATTR_SYSTEM | ATTR_DIRECTORY);

	pSMB->OpenFunction = cpu_to_le16(convert_disposition(openDisposition));

	count += name_len;

	pSMB->hdr.smb_buf_length += count;

	inc_rfc1001_len(pSMB, count);



	pSMB->ByteCount = cpu_to_le16(count);

	/* long_op set to 1 to allow for oplock break timeouts */
@@ -1338,7 +1345,7 @@ openRetry: 
	    SECURITY_CONTEXT_TRACKING | SECURITY_EFFECTIVE_ONLY;



	count += name_len;

	pSMB->hdr.smb_buf_length += count;

	inc_rfc1001_len(pSMB, count);



	pSMB->ByteCount = cpu_to_le16(count);

	/* long_op set to 1 to allow for oplock break timeouts */
@@ -1423,7 +1430,7 @@ CIFSSMBRead(const int xid, struct cifsTconInfo *tcon, const int netfid, 
	}



	iov[0].iov_base = (char *)pSMB;

	iov[0].iov_len = pSMB->hdr.smb_buf_length + 4;

	iov[0].iov_len = be32_to_cpu(pSMB->hdr.smb_buf_length) + 4;

	rc = SendReceive2(xid, tcon->ses, iov, 1 /* num iovecs */,

			 &resp_buf_type, CIFS_LOG_ERROR);

	cifs_stats_inc(&tcon->num_reads);
@@ -1557,7 +1564,7 @@ CIFSSMBWrite(const int xid, struct cifsTconInfo *tcon, 


	pSMB->DataLengthLow = cpu_to_le16(bytes_sent & 0xFFFF);

	pSMB->DataLengthHigh = cpu_to_le16(bytes_sent >> 16);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);



	if (wct == 14)

		pSMB->ByteCount = cpu_to_le16(byte_count);
@@ -1641,11 +1648,12 @@ CIFSSMBWrite2(const int xid, struct cifsTconInfo *tcon, 


	pSMB->DataLengthLow = cpu_to_le16(count & 0xFFFF);

	pSMB->DataLengthHigh = cpu_to_le16(count >> 16);

	smb_hdr_len = pSMB->hdr.smb_buf_length + 1; /* hdr + 1 byte pad */

	/* header + 1 byte pad */

	smb_hdr_len = be32_to_cpu(pSMB->hdr.smb_buf_length) + 1;

	if (wct == 14)

		pSMB->hdr.smb_buf_length += count+1;

		inc_rfc1001_len(pSMB, count + 1);

	else /* wct == 12 */

		pSMB->hdr.smb_buf_length += count+5; /* smb data starts later */

		inc_rfc1001_len(pSMB, count + 5); /* smb data starts later */

	if (wct == 14)

		pSMB->ByteCount = cpu_to_le16(count + 1);

	else /* wct == 12 */ /* bigger pad, smaller smb hdr, keep offset ok */ {
@@ -1745,7 +1753,7 @@ CIFSSMBLock(const int xid, struct cifsTconInfo *tcon, 
		/* oplock break */

		count = 0;

	}

	pSMB->hdr.smb_buf_length += count;

	inc_rfc1001_len(pSMB, count);

	pSMB->ByteCount = cpu_to_le16(count);



	if (waitFlag) {
@@ -1836,14 +1844,14 @@ CIFSSMBPosixLock(const int xid, struct cifsTconInfo *tcon, 
	pSMB->Fid = smb_file_id;

	pSMB->InformationLevel = cpu_to_le16(SMB_SET_POSIX_LOCK);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	if (waitFlag) {

		rc = SendReceiveBlockingLock(xid, tcon, (struct smb_hdr *) pSMB,

			(struct smb_hdr *) pSMBr, &bytes_returned);

	} else {

		iov[0].iov_base = (char *)pSMB;

		iov[0].iov_len = pSMB->hdr.smb_buf_length + 4;

		iov[0].iov_len = be32_to_cpu(pSMB->hdr.smb_buf_length) + 4;

		rc = SendReceive2(xid, tcon->ses, iov, 1 /* num iovecs */,

				&resp_buf_type, timeout);

		pSMB = NULL; /* request buf already freed by SendReceive2. Do
@@ -2009,7 +2017,7 @@ renameRetry: 
	}



	count = 1 /* 1st signature byte */  + name_len + name_len2;

	pSMB->hdr.smb_buf_length += count;

	inc_rfc1001_len(pSMB, count);

	pSMB->ByteCount = cpu_to_le16(count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -2089,7 +2097,7 @@ int CIFSSMBRenameOpenFile(const int xid, struct cifsTconInfo *pTcon, 
	pSMB->InformationLevel =

		cpu_to_le16(SMB_SET_FILE_RENAME_INFORMATION);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, pTcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -2156,7 +2164,7 @@ copyRetry: 
	}



	count = 1 /* 1st signature byte */  + name_len + name_len2;

	pSMB->hdr.smb_buf_length += count;

	inc_rfc1001_len(pSMB, count);

	pSMB->ByteCount = cpu_to_le16(count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -2246,7 +2254,7 @@ createSymLinkRetry: 
	pSMB->DataOffset = cpu_to_le16(offset);

	pSMB->InformationLevel = cpu_to_le16(SMB_SET_FILE_UNIX_LINK);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -2332,7 +2340,7 @@ createHardLinkRetry: 
	pSMB->DataOffset = cpu_to_le16(offset);

	pSMB->InformationLevel = cpu_to_le16(SMB_SET_FILE_UNIX_HLINK);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -2403,7 +2411,7 @@ winCreateHardLinkRetry: 
	}



	count = 1 /* string type byte */  + name_len + name_len2;

	pSMB->hdr.smb_buf_length += count;

	inc_rfc1001_len(pSMB, count);

	pSMB->ByteCount = cpu_to_le16(count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -2474,7 +2482,7 @@ querySymLinkRetry: 
	pSMB->ParameterCount = pSMB->TotalParameterCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FILE_UNIX_LINK);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -2821,7 +2829,7 @@ queryAclRetry: 
	pSMB->ParameterCount = pSMB->TotalParameterCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_POSIX_ACL);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -2915,7 +2923,7 @@ setAclRetry: 
	pSMB->ParameterCount = cpu_to_le16(params);

	pSMB->TotalParameterCount = pSMB->ParameterCount;

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -2973,7 +2981,7 @@ GetExtAttrRetry: 
	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_ATTR_FLAGS);

	pSMB->Pad = 0;

	pSMB->Fid = netfid;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->t2.ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -3131,9 +3139,9 @@ CIFSSMBGetCIFSACL(const int xid, struct cifsTconInfo *tcon, __u16 fid, 
	pSMB->AclFlags = cpu_to_le32(CIFS_ACL_OWNER | CIFS_ACL_GROUP |

				     CIFS_ACL_DACL);

	pSMB->ByteCount = cpu_to_le16(11); /* 3 bytes pad + 8 bytes parm */

	pSMB->hdr.smb_buf_length += 11;

	inc_rfc1001_len(pSMB, 11);

	iov[0].iov_base = (char *)pSMB;

	iov[0].iov_len = pSMB->hdr.smb_buf_length + 4;

	iov[0].iov_len = be32_to_cpu(pSMB->hdr.smb_buf_length) + 4;



	rc = SendReceive2(xid, tcon->ses, iov, 1 /* num iovec */, &buf_type,

			 0);
@@ -3242,10 +3250,9 @@ setCifsAclRetry: 
		memcpy((char *) &pSMBr->hdr.Protocol + data_offset,

			(char *) pntsd,

			acllen);

		pSMB->hdr.smb_buf_length += (byte_count + data_count);



		inc_rfc1001_len(pSMB, byte_count + data_count);

	} else

		pSMB->hdr.smb_buf_length += byte_count;

		inc_rfc1001_len(pSMB, byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

		(struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -3296,7 +3303,7 @@ QInfRetry: 
	}

	pSMB->BufferFormat = 0x04;

	name_len++; /* account for buffer type byte */

	pSMB->hdr.smb_buf_length += (__u16) name_len;

	inc_rfc1001_len(pSMB, (__u16)name_len);

	pSMB->ByteCount = cpu_to_le16(name_len);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -3371,7 +3378,7 @@ QFileInfoRetry: 
	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FILE_ALL_INFO);

	pSMB->Pad = 0;

	pSMB->Fid = netfid;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -3458,7 +3465,7 @@ QPathInfoRetry: 
	else

		pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FILE_ALL_INFO);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -3539,7 +3546,7 @@ UnixQFileInfoRetry: 
	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FILE_UNIX_BASIC);

	pSMB->Pad = 0;

	pSMB->Fid = netfid;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -3624,7 +3631,7 @@ UnixQPathInfoRetry: 
	pSMB->ParameterCount = pSMB->TotalParameterCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FILE_UNIX_BASIC);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -3738,7 +3745,7 @@ findFirstRetry: 


	/* BB what should we set StorageType to? Does it matter? BB */

	pSMB->SearchStorageType = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -3867,7 +3874,7 @@ int CIFSFindNext(const int xid, struct cifsTconInfo *tcon, 
	byte_count = params + 1 /* pad */ ;

	pSMB->TotalParameterCount = cpu_to_le16(params);

	pSMB->ParameterCount = pSMB->TotalParameterCount;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4029,7 +4036,7 @@ GetInodeNumberRetry: 
	pSMB->ParameterCount = pSMB->TotalParameterCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FILE_INTERNAL_INFO);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4253,7 +4260,7 @@ getDFSRetry: 
	pSMB->ParameterCount = cpu_to_le16(params);

	pSMB->TotalParameterCount = pSMB->ParameterCount;

	pSMB->MaxReferralLevel = cpu_to_le16(3);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, ses, (struct smb_hdr *) pSMB,
@@ -4327,7 +4334,7 @@ oldQFSInfoRetry: 
	pSMB->Reserved3 = 0;

	pSMB->SubCommand = cpu_to_le16(TRANS2_QUERY_FS_INFORMATION);

	pSMB->InformationLevel = cpu_to_le16(SMB_INFO_ALLOCATION);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4406,7 +4413,7 @@ QFSInfoRetry: 
	pSMB->Reserved3 = 0;

	pSMB->SubCommand = cpu_to_le16(TRANS2_QUERY_FS_INFORMATION);

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FS_SIZE_INFO);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4486,7 +4493,7 @@ QFSAttributeRetry: 
	pSMB->Reserved3 = 0;

	pSMB->SubCommand = cpu_to_le16(TRANS2_QUERY_FS_INFORMATION);

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FS_ATTRIBUTE_INFO);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4557,7 +4564,7 @@ QFSDeviceRetry: 
	pSMB->Reserved3 = 0;

	pSMB->SubCommand = cpu_to_le16(TRANS2_QUERY_FS_INFORMATION);

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_FS_DEVICE_INFO);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4626,7 +4633,7 @@ QFSUnixRetry: 
	pSMB->Reserved3 = 0;

	pSMB->SubCommand = cpu_to_le16(TRANS2_QUERY_FS_INFORMATION);

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_CIFS_UNIX_INFO);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4709,7 +4716,7 @@ SETFSUnixRetry: 
	pSMB->ClientUnixMinor = cpu_to_le16(CIFS_UNIX_MINOR_VERSION);

	pSMB->ClientUnixCap = cpu_to_le64(cap);



	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4771,7 +4778,7 @@ QFSPosixRetry: 
	pSMB->Reserved3 = 0;

	pSMB->SubCommand = cpu_to_le16(TRANS2_QUERY_FS_INFORMATION);

	pSMB->InformationLevel = cpu_to_le16(SMB_QUERY_POSIX_FS_INFO);

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4897,7 +4904,7 @@ SetEOFRetry: 
	pSMB->ParameterCount = cpu_to_le16(params);

	pSMB->TotalParameterCount = pSMB->ParameterCount;

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	parm_data->FileSize = cpu_to_le64(size);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -4976,7 +4983,7 @@ CIFSSMBSetFileSize(const int xid, struct cifsTconInfo *tcon, __u64 size, 
				cpu_to_le16(SMB_SET_FILE_END_OF_FILE_INFO);

	}

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceiveNoRsp(xid, tcon->ses, (struct smb_hdr *) pSMB, 0);

	if (rc) {
@@ -5044,7 +5051,7 @@ CIFSSMBSetFileInfo(const int xid, struct cifsTconInfo *tcon, 
	else

		pSMB->InformationLevel = cpu_to_le16(SMB_SET_FILE_BASIC_INFO);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	memcpy(data_offset, data, sizeof(FILE_BASIC_INFO));

	rc = SendReceiveNoRsp(xid, tcon->ses, (struct smb_hdr *) pSMB, 0);
@@ -5103,7 +5110,7 @@ CIFSSMBSetFileDisposition(const int xid, struct cifsTconInfo *tcon, 
	pSMB->Fid = fid;

	pSMB->InformationLevel = cpu_to_le16(SMB_SET_FILE_DISPOSITION_INFO);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	*data_offset = delete_file ? 1 : 0;

	rc = SendReceiveNoRsp(xid, tcon->ses, (struct smb_hdr *) pSMB, 0);
@@ -5176,7 +5183,7 @@ SetTimesRetry: 
	else

		pSMB->InformationLevel = cpu_to_le16(SMB_SET_FILE_BASIC_INFO);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	memcpy(data_offset, data, sizeof(FILE_BASIC_INFO));

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -5228,7 +5235,7 @@ SetAttrLgcyRetry: 
	}

	pSMB->attr = cpu_to_le16(dos_attrs);

	pSMB->BufferFormat = 0x04;

	pSMB->hdr.smb_buf_length += name_len + 1;

	inc_rfc1001_len(pSMB, name_len + 1);

	pSMB->ByteCount = cpu_to_le16(name_len + 1);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);
@@ -5333,7 +5340,7 @@ CIFSSMBUnixSetFileInfo(const int xid, struct cifsTconInfo *tcon, 
	pSMB->Fid = fid;

	pSMB->InformationLevel = cpu_to_le16(SMB_SET_FILE_UNIX_BASIC);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	cifs_fill_unix_set_info(data_offset, args);
@@ -5409,7 +5416,7 @@ setPermsRetry: 
	pSMB->TotalDataCount = pSMB->DataCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_SET_FILE_UNIX_BASIC);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);



	cifs_fill_unix_set_info(data_offset, args);
@@ -5494,7 +5501,7 @@ QAllEAsRetry: 
	pSMB->ParameterCount = pSMB->TotalParameterCount;

	pSMB->InformationLevel = cpu_to_le16(SMB_INFO_QUERY_ALL_EAS);

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);



	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,
@@ -5707,7 +5714,7 @@ SetEARetry: 
	pSMB->ParameterCount = cpu_to_le16(params);

	pSMB->TotalParameterCount = pSMB->ParameterCount;

	pSMB->Reserved4 = 0;

	pSMB->hdr.smb_buf_length += byte_count;

	inc_rfc1001_len(pSMB, byte_count);

	pSMB->ByteCount = cpu_to_le16(byte_count);

	rc = SendReceive(xid, tcon->ses, (struct smb_hdr *) pSMB,

			 (struct smb_hdr *) pSMBr, &bytes_returned, 0);

fs/cifs/connect.c

+6 −6
Original line number Diff line number Diff line
@@ -324,12 +324,12 @@ static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB) 
		return -EPROTO;

	put_bcc_le(byte_count, pTargetSMB);



	byte_count = pTargetSMB->smb_buf_length;

	byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);

	byte_count += total_in_buf2;

	/* don't allow buffer to overflow */

	if (byte_count > CIFSMaxBufSize)

		return -ENOBUFS;

	pTargetSMB->smb_buf_length = byte_count;

	pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);



	memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
@@ -496,8 +496,7 @@ incomplete_rcv: 
		/* Note that FC 1001 length is big endian on the wire,

		but we convert it here so it is always manipulated

		as host byte order */

		pdu_length = be32_to_cpu((__force __be32)smb_buffer->smb_buf_length);

		smb_buffer->smb_buf_length = pdu_length;

		pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);



		cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
@@ -2297,7 +2296,7 @@ ip_rfc1001_connect(struct TCP_Server_Info *server) 
		smb_buf = (struct smb_hdr *)ses_init_buf;



		/* sizeof RFC1002_SESSION_REQUEST with no scope */

		smb_buf->smb_buf_length = 0x81000044;

		smb_buf->smb_buf_length = cpu_to_be32(0x81000044);

		rc = smb_send(server, smb_buf, 0x44);

		kfree(ses_init_buf);

		/*
@@ -3100,7 +3099,8 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, 
	bcc_ptr += strlen("?????");

	bcc_ptr += 1;

	count = bcc_ptr - &pSMB->Password[0];

	pSMB->hdr.smb_buf_length += count;

	pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(

					pSMB->hdr.smb_buf_length) + count);

	pSMB->ByteCount = cpu_to_le16(count);



	rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,

fs/cifs/misc.c

+3 −5
Original line number Diff line number Diff line
@@ -304,12 +304,10 @@ header_assemble(struct smb_hdr *buffer, char smb_command /* command */ , 


	memset(temp, 0, 256); /* bigger than MAX_CIFS_HDR_SIZE */



	buffer->smb_buf_length =

	buffer->smb_buf_length = cpu_to_be32(

	    (2 * word_count) + sizeof(struct smb_hdr) -

	    4 /*  RFC 1001 length field does not count */  +

	    2 /* for bcc field itself */ ;

	/* Note that this is the only network field that has to be converted

	   to big endian and it is done just before we send it */

	    2 /* for bcc field itself */) ;



	buffer->Protocol[0] = 0xFF;

	buffer->Protocol[1] = 'S';
@@ -424,7 +422,7 @@ check_smb_hdr(struct smb_hdr *smb, __u16 mid) 
int

checkSMB(struct smb_hdr *smb, __u16 mid, unsigned int length)

{

	__u32 len = smb->smb_buf_length;

	__u32 len = be32_to_cpu(smb->smb_buf_length);

	__u32 clc_len;  /* calculated length */

	cFYI(0, "checkSMB Length: 0x%x, smb_buf_length: 0x%x", length, len);

CRA Git | Maintained and supported by SUSTech CRA and CCSE