4 * Copyright (C) 1995, 1996 by Paal-Kr. Engstad and Volker Lendecke
5 * Copyright (C) 1997 by Volker Lendecke
9 #include <linux/sched.h>
10 #include <linux/errno.h>
11 #include <linux/socket.h>
12 #include <linux/fcntl.h>
13 #include <linux/file.h>
15 #include <linux/net.h>
17 #include <linux/netdevice.h>
21 #include <linux/smb_fs.h>
22 #include <linux/smb.h>
23 #include <linux/smbno.h>
25 #include <asm/uaccess.h>
27 #define SMBFS_PARANOIA 1
28 /* #define SMBFS_DEBUG_VERBOSE 1 */
31 _recvfrom(struct socket
*socket
, unsigned char *ubuf
, int size
,
36 struct scm_cookie scm
;
42 msg
.msg_control
= NULL
;
46 memset(&scm
, 0,sizeof(scm
));
47 size
=socket
->ops
->recvmsg(socket
, &msg
, size
, flags
, &scm
);
49 scm_recv(socket
,&msg
,&scm
,flags
);
54 _send(struct socket
*socket
, const void *buff
, int len
)
58 struct scm_cookie scm
;
65 msg
.msg_control
= NULL
;
66 msg
.msg_controllen
= 0;
68 iov
.iov_base
= (void *)buff
;
73 err
= scm_send(socket
, &msg
, &scm
);
76 err
= socket
->ops
->sendmsg(socket
, &msg
, len
, &scm
);
83 * N.B. What happens if we're in here when the socket closes??
86 smb_data_callback(struct sock
*sk
, int len
)
88 struct socket
*socket
= sk
->socket
;
89 unsigned char peek_buf
[4];
101 #ifdef SMBFS_PARANOIA
102 printk("smb_data_callback: sock dead!\n");
107 result
= _recvfrom(socket
, (void *) peek_buf
, 1,
108 MSG_PEEK
| MSG_DONTWAIT
);
109 if (result
== -EAGAIN
)
111 if (peek_buf
[0] != 0x85)
114 /* got SESSION KEEP ALIVE */
115 result
= _recvfrom(socket
, (void *) peek_buf
, 4,
118 pr_debug("smb_data_callback: got SESSION KEEPALIVE\n");
120 if (result
== -EAGAIN
)
125 if (result
!= -EAGAIN
)
127 wake_up_interruptible(sk
->sleep
);
132 smb_valid_socket(struct inode
* inode
)
134 return (inode
&& S_ISSOCK(inode
->i_mode
) &&
135 inode
->u
.socket_i
.type
== SOCK_STREAM
);
138 static struct socket
*
139 server_sock(struct smb_sb_info
*server
)
143 if (server
&& (file
= server
->sock_file
))
145 #ifdef SMBFS_PARANOIA
146 if (!smb_valid_socket(file
->f_dentry
->d_inode
))
147 printk("smb_server_sock: bad socket!\n");
149 return &file
->f_dentry
->d_inode
->u
.socket_i
;
155 smb_catch_keepalive(struct smb_sb_info
*server
)
157 struct socket
*socket
;
163 socket
= server_sock(server
);
166 printk("smb_catch_keepalive: did not get valid server!\n");
167 server
->data_ready
= NULL
;
174 pr_debug("smb_catch_keepalive: sk == NULL");
175 server
->data_ready
= NULL
;
178 pr_debug("smb_catch_keepalive.: sk->d_r = %x, server->d_r = %x\n",
179 (unsigned int) (sk
->data_ready
),
180 (unsigned int) (server
->data_ready
));
183 * Install the callback atomically to avoid races ...
185 data_ready
= xchg(&sk
->data_ready
, smb_data_callback
);
186 if (data_ready
!= smb_data_callback
)
188 server
->data_ready
= data_ready
;
191 printk(KERN_ERR
"smb_catch_keepalive: already done\n");
197 smb_dont_catch_keepalive(struct smb_sb_info
*server
)
199 struct socket
*socket
;
205 socket
= server_sock(server
);
208 printk("smb_dont_catch_keepalive: did not get valid server!\n");
215 printk("smb_dont_catch_keepalive: sk == NULL");
219 /* Is this really an error?? */
220 if (server
->data_ready
== NULL
)
222 printk("smb_dont_catch_keepalive: "
223 "server->data_ready == NULL\n");
226 pr_debug("smb_dont_catch_keepalive: sk->d_r = %x, server->d_r = %x\n",
227 (unsigned int) (sk
->data_ready
),
228 (unsigned int) (server
->data_ready
));
231 * Restore the original callback atomically to avoid races ...
233 data_ready
= xchg(&sk
->data_ready
, server
->data_ready
);
234 server
->data_ready
= NULL
;
235 if (data_ready
!= smb_data_callback
)
237 printk("smb_dont_catch_keepalive: "
238 "sk->data_callback != smb_data_callback\n");
246 * Called with the server locked.
249 smb_close_socket(struct smb_sb_info
*server
)
251 struct file
* file
= server
->sock_file
;
255 #ifdef SMBFS_DEBUG_VERBOSE
256 printk("smb_close_socket: closing socket %p\n", server_sock(server
));
258 #ifdef SMBFS_PARANOIA
259 if (server_sock(server
)->sk
->data_ready
== smb_data_callback
)
260 printk("smb_close_socket: still catching keepalives!\n");
262 server
->sock_file
= NULL
;
268 smb_send_raw(struct socket
*socket
, unsigned char *source
, int length
)
271 int already_sent
= 0;
273 while (already_sent
< length
)
275 result
= _send(socket
,
276 (void *) (source
+ already_sent
),
277 length
- already_sent
);
285 pr_debug("smb_send_raw: sendto error = %d\n",
289 already_sent
+= result
;
295 smb_receive_raw(struct socket
*socket
, unsigned char *target
, int length
)
298 int already_read
= 0;
300 while (already_read
< length
)
302 result
= _recvfrom(socket
,
303 (void *) (target
+ already_read
),
304 length
- already_read
, 0);
312 pr_debug("smb_receive_raw: recvfrom error = %d\n",
316 already_read
+= result
;
322 smb_get_length(struct socket
*socket
, unsigned char *header
)
325 unsigned char peek_buf
[4];
331 result
= smb_receive_raw(socket
, peek_buf
, 4);
336 #ifdef SMBFS_PARANOIA
337 printk("smb_get_length: recv error = %d\n", -result
);
348 pr_debug("smb_get_length: Got SESSION KEEP ALIVE\n");
352 #ifdef SMBFS_PARANOIA
353 printk("smb_get_length: Invalid NBT packet, code=%x\n", peek_buf
[0]);
360 memcpy(header
, peek_buf
, 4);
362 /* The length in the RFC NB header is the raw data length */
363 return smb_len(peek_buf
);
367 * Since we allocate memory in increments of PAGE_SIZE,
368 * round up the packet length to the next multiple.
371 smb_round_length(int len
)
373 return (len
+ PAGE_SIZE
- 1) & ~(PAGE_SIZE
- 1);
378 * fs points to the correct segment
381 smb_receive(struct smb_sb_info
*server
)
383 struct socket
*socket
= server_sock(server
);
384 unsigned char * packet
= server
->packet
;
386 unsigned char peek_buf
[4];
388 result
= smb_get_length(socket
, peek_buf
);
393 * Some servers do not respect our max_xmit and send
394 * larger packets. Try to allocate a new packet,
395 * but don't free the old one unless we succeed.
397 if (len
+ 4 > server
->packet_size
)
399 int new_len
= smb_round_length(len
+ 4);
402 packet
= smb_vmalloc(new_len
);
405 smb_vfree(server
->packet
);
406 server
->packet
= packet
;
407 server
->packet_size
= new_len
;
409 memcpy(packet
, peek_buf
, 4);
410 result
= smb_receive_raw(socket
, packet
+ 4, len
);
413 #ifdef SMBFS_DEBUG_VERBOSE
414 printk("smb_receive: receive error: %d\n", result
);
418 server
->rcls
= *(packet
+ smb_rcls
);
419 server
->err
= WVAL(packet
, smb_err
);
421 #ifdef SMBFS_DEBUG_VERBOSE
422 if (server
->rcls
!= 0)
423 printk("smb_receive: rcls=%d, err=%d\n", server
->rcls
, server
->err
);
430 * This routine checks first for "fast track" processing, as most
431 * packets won't need to be copied. Otherwise, it allocates a new
432 * packet to hold the incoming data.
434 * Note that the final server packet must be the larger of the two;
435 * server packets aren't allowed to shrink.
438 smb_receive_trans2(struct smb_sb_info
*server
,
439 int *ldata
, unsigned char **data
,
440 int *lparm
, unsigned char **parm
)
442 unsigned char *inbuf
, *base
, *rcv_buf
= NULL
;
443 unsigned int parm_disp
, parm_offset
, parm_count
, parm_tot
, parm_len
= 0;
444 unsigned int data_disp
, data_offset
, data_count
, data_tot
, data_len
= 0;
445 unsigned int total_p
= 0, total_d
= 0, buf_len
= 0;
450 result
= smb_receive(server
);
453 inbuf
= server
->packet
;
454 if (server
->rcls
!= 0)
456 *parm
= *data
= inbuf
;
461 * Extract the control data from the packet.
463 data_tot
= WVAL(inbuf
, smb_tdrcnt
);
464 parm_tot
= WVAL(inbuf
, smb_tprcnt
);
465 parm_disp
= WVAL(inbuf
, smb_prdisp
);
466 parm_offset
= WVAL(inbuf
, smb_proff
);
467 parm_count
= WVAL(inbuf
, smb_prcnt
);
468 data_disp
= WVAL(inbuf
, smb_drdisp
);
469 data_offset
= WVAL(inbuf
, smb_droff
);
470 data_count
= WVAL(inbuf
, smb_drcnt
);
471 base
= smb_base(inbuf
);
474 * Assume success and increment lengths.
476 parm_len
+= parm_count
;
477 data_len
+= data_count
;
482 * Check for fast track processing ... just this packet.
484 if (parm_count
== parm_tot
&& data_count
== data_tot
)
486 #ifdef SMBFS_DEBUG_VERBOSE
487 printk("smb_receive_trans2: fast track, parm=%u %u %u, data=%u %u %u\n",
488 parm_disp
, parm_offset
, parm_count
, data_disp
, data_offset
, data_count
);
490 *parm
= base
+ parm_offset
;
491 *data
= base
+ data_offset
;
495 if (parm_tot
> TRANS2_MAX_TRANSFER
||
496 data_tot
> TRANS2_MAX_TRANSFER
)
500 * Save the total parameter and data length.
505 buf_len
= total_d
+ total_p
;
506 if (server
->packet_size
> buf_len
)
507 buf_len
= server
->packet_size
;
508 buf_len
= smb_round_length(buf_len
);
510 rcv_buf
= smb_vmalloc(buf_len
);
514 *data
= rcv_buf
+ total_p
;
516 else if (data_tot
> total_d
|| parm_tot
> total_p
)
519 if (parm_disp
+ parm_count
> total_p
)
521 if (data_disp
+ data_count
> total_d
)
523 memcpy(*parm
+ parm_disp
, base
+ parm_offset
, parm_count
);
524 memcpy(*data
+ data_disp
, base
+ data_offset
, data_count
);
526 #ifdef SMBFS_PARANOIA
527 printk("smb_receive_trans2: copied, parm=%u of %u, data=%u of %u\n",
528 parm_len
, parm_tot
, data_len
, data_tot
);
531 * Check whether we've received all of the data. Note that
532 * we use the packet totals -- total lengths might shrink!
534 if (data_len
>= data_tot
&& parm_len
>= parm_tot
)
539 * Install the new packet. Note that it's possible, though
540 * unlikely, that the new packet could be smaller than the
541 * old one, in which case we just copy the data.
543 inbuf
= server
->packet
;
544 if (buf_len
>= server
->packet_size
)
546 server
->packet_size
= buf_len
;
547 server
->packet
= rcv_buf
;
551 #ifdef SMBFS_PARANOIA
552 printk("smb_receive_trans2: copying data, old size=%d, new size=%u\n",
553 server
->packet_size
, buf_len
);
555 memcpy(inbuf
, rcv_buf
, parm_len
+ data_len
);
567 #ifdef SMBFS_PARANOIA
568 printk("smb_receive_trans2: couldn't allocate data area\n");
573 printk("smb_receive_trans2: data/param too long, data=%d, parm=%d\n",
577 printk("smb_receive_trans2: data/params grew!\n");
580 printk("smb_receive_trans2: invalid parms, disp=%d, cnt=%d, tot=%d\n",
581 parm_disp
, parm_count
, parm_tot
);
584 printk("smb_receive_trans2: invalid data, disp=%d, cnt=%d, tot=%d\n",
585 data_disp
, data_count
, data_tot
);
592 * Called with the server locked
595 smb_request(struct smb_sb_info
*server
)
597 unsigned long flags
, sigpipe
;
601 unsigned char *buffer
;
604 buffer
= server
->packet
;
609 if (server
->state
!= CONN_VALID
)
612 if ((result
= smb_dont_catch_keepalive(server
)) != 0)
615 len
= smb_len(buffer
) + 4;
616 pr_debug("smb_request: len = %d cmd = 0x%X\n", len
, buffer
[8]);
618 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
619 sigpipe
= sigismember(¤t
->signal
, SIGPIPE
);
620 old_set
= current
->blocked
;
621 siginitsetinv(¤t
->blocked
, sigmask(SIGKILL
)|sigmask(SIGSTOP
));
622 recalc_sigpending(current
);
623 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
628 result
= smb_send_raw(server_sock(server
), (void *) buffer
, len
);
631 result
= smb_receive(server
);
634 /* read/write errors are handled by errno */
635 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
636 if (result
== -EPIPE
&& !sigpipe
)
637 sigdelset(¤t
->signal
, SIGPIPE
);
638 current
->blocked
= old_set
;
639 recalc_sigpending(current
);
640 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
646 int result2
= smb_catch_keepalive(server
);
649 printk("smb_request: catch keepalive failed\n");
656 * Check for fatal server errors ...
659 int error
= smb_errno(server
);
660 if (error
== EBADSLT
) {
661 printk("smb_request: tree ID invalid\n");
668 pr_debug("smb_request: result = %d\n", result
);
672 #ifdef SMBFS_PARANOIA
673 printk("smb_request: result %d, setting invalid\n", result
);
675 server
->state
= CONN_INVALID
;
676 smb_invalidate_inodes(server
);
679 printk("smb_request: no packet!\n");
682 printk("smb_request: connection %d not valid!\n", server
->state
);
686 #define ROUND_UP(x) (((x)+3) & ~3)
688 smb_send_trans2(struct smb_sb_info
*server
, __u16 trans2_command
,
689 int ldata
, unsigned char *data
,
690 int lparam
, unsigned char *param
)
692 struct socket
*sock
= server_sock(server
);
693 struct scm_cookie scm
;
696 /* I know the following is very ugly, but I want to build the
697 smb packet as efficiently as possible. */
699 const int smb_parameters
= 15;
701 ROUND_UP(SMB_HEADER_LEN
+ 2 * smb_parameters
+ 2 + 3);
703 ROUND_UP(oparam
+ lparam
);
705 odata
+ ldata
- (SMB_HEADER_LEN
+ 2 * smb_parameters
+ 2);
706 const int packet_length
=
707 SMB_HEADER_LEN
+ 2 * smb_parameters
+ bcc
+ 2;
709 unsigned char padding
[4] =
716 /* N.B. This test isn't valid! packet_size may be < max_xmit */
717 if ((bcc
+ oparam
) > server
->opt
.max_xmit
)
721 p
= smb_setup_header(server
, SMBtrans2
, smb_parameters
, bcc
);
723 WSET(server
->packet
, smb_tpscnt
, lparam
);
724 WSET(server
->packet
, smb_tdscnt
, ldata
);
725 /* N.B. these values should reflect out current packet size */
726 WSET(server
->packet
, smb_mprcnt
, TRANS2_MAX_TRANSFER
);
727 WSET(server
->packet
, smb_mdrcnt
, TRANS2_MAX_TRANSFER
);
728 WSET(server
->packet
, smb_msrcnt
, 0);
729 WSET(server
->packet
, smb_flags
, 0);
730 DSET(server
->packet
, smb_timeout
, 0);
731 WSET(server
->packet
, smb_pscnt
, lparam
);
732 WSET(server
->packet
, smb_psoff
, oparam
- 4);
733 WSET(server
->packet
, smb_dscnt
, ldata
);
734 WSET(server
->packet
, smb_dsoff
, odata
- 4);
735 WSET(server
->packet
, smb_suwcnt
, 1);
736 WSET(server
->packet
, smb_setup0
, trans2_command
);
737 *p
++ = 0; /* null smb_name for trans2 */
738 *p
++ = 'D'; /* this was added because OS/2 does it */
744 msg
.msg_control
= NULL
;
745 msg
.msg_controllen
= 0;
750 iov
[0].iov_base
= (void *) server
->packet
;
751 iov
[0].iov_len
= oparam
;
752 iov
[1].iov_base
= (param
== NULL
) ? padding
: param
;
753 iov
[1].iov_len
= lparam
;
754 iov
[2].iov_base
= padding
;
755 iov
[2].iov_len
= odata
- oparam
- lparam
;
756 iov
[3].iov_base
= (data
== NULL
) ? padding
: data
;
757 iov
[3].iov_len
= ldata
;
759 err
= scm_send(sock
, &msg
, &scm
);
762 err
= sock
->ops
->sendmsg(sock
, &msg
, packet_length
, &scm
);
769 * This is not really a trans2 request, we assume that you only have
770 * one packet to send.
773 smb_trans2_request(struct smb_sb_info
*server
, __u16 trans2_command
,
774 int ldata
, unsigned char *data
,
775 int lparam
, unsigned char *param
,
776 int *lrdata
, unsigned char **rdata
,
777 int *lrparam
, unsigned char **rparam
)
780 unsigned long flags
, sigpipe
;
784 pr_debug("smb_trans2_request: com=%d, ld=%d, lp=%d\n",
785 trans2_command
, ldata
, lparam
);
788 * These are initialized in smb_request_ok, but not here??
794 if (server
->state
!= CONN_VALID
)
797 if ((result
= smb_dont_catch_keepalive(server
)) != 0)
800 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
801 sigpipe
= sigismember(¤t
->signal
, SIGPIPE
);
802 old_set
= current
->blocked
;
803 siginitsetinv(¤t
->blocked
, sigmask(SIGKILL
)|sigmask(SIGSTOP
));
804 recalc_sigpending(current
);
805 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
810 result
= smb_send_trans2(server
, trans2_command
,
811 ldata
, data
, lparam
, param
);
814 result
= smb_receive_trans2(server
,
815 lrdata
, rdata
, lrparam
, rparam
);
818 /* read/write errors are handled by errno */
819 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
820 if (result
== -EPIPE
&& !sigpipe
)
821 sigdelset(¤t
->signal
, SIGPIPE
);
822 current
->blocked
= old_set
;
823 recalc_sigpending(current
);
824 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
830 int result2
= smb_catch_keepalive(server
);
839 * Check for fatal server errors ...
842 int error
= smb_errno(server
);
843 if (error
== EBADSLT
) {
844 printk("smb_request: tree ID invalid\n");
854 #ifdef SMBFS_PARANOIA
855 printk("smb_trans2_request: result=%d, setting invalid\n", result
);
857 server
->state
= CONN_INVALID
;
858 smb_invalidate_inodes(server
);