4 * Copyright (C) 1995, 1996 by Paal-Kr. Engstad and Volker Lendecke
5 * Copyright (C) 1997 by Volker Lendecke
7 * Please add a note about your changes to smbfs in the ChangeLog file.
10 #include <linux/sched.h>
11 #include <linux/errno.h>
12 #include <linux/socket.h>
13 #include <linux/fcntl.h>
14 #include <linux/file.h>
16 #include <linux/net.h>
18 #include <linux/netdevice.h>
19 #include <linux/smp_lock.h>
23 #include <linux/smb_fs.h>
24 #include <linux/smb.h>
25 #include <linux/smbno.h>
27 #include <asm/uaccess.h>
29 #include "smb_debug.h"
33 _recvfrom(struct socket
*socket
, unsigned char *ubuf
, int size
,
38 struct scm_cookie scm
;
44 msg
.msg_control
= NULL
;
48 memset(&scm
, 0,sizeof(scm
));
49 size
=socket
->ops
->recvmsg(socket
, &msg
, size
, flags
, &scm
);
51 scm_recv(socket
,&msg
,&scm
,flags
);
56 _send(struct socket
*socket
, const void *buff
, int len
)
60 struct scm_cookie scm
;
67 msg
.msg_control
= NULL
;
68 msg
.msg_controllen
= 0;
70 iov
.iov_base
= (void *)buff
;
75 err
= scm_send(socket
, &msg
, &scm
);
78 err
= socket
->ops
->sendmsg(socket
, &msg
, len
, &scm
);
84 struct data_callback
{
89 * N.B. What happens if we're in here when the socket closes??
92 found_data(struct sock
*sk
)
95 * FIXME: copied from sock_def_readable, it should be a call to
96 * server->data_ready() -- manfreds@colorfullife.com
98 read_lock(&sk
->callback_lock
);
100 wake_up_interruptible(sk
->sleep
);
101 sock_wake_async(sk
->socket
,1,POLL_IN
);
103 read_unlock(&sk
->callback_lock
);
107 smb_data_callback(void* ptr
)
109 struct data_callback
* job
=ptr
;
110 struct socket
*socket
= job
->sk
->socket
;
111 unsigned char peek_buf
[4];
114 int count
= 100; /* this is a lot, we should have some data waiting */
121 while (count
-- > 0) {
126 PARANOIA("sock dead!\n");
130 result
= _recvfrom(socket
, (void *) peek_buf
, 1,
131 MSG_PEEK
| MSG_DONTWAIT
);
134 if (peek_buf
[0] != 0x85)
137 /* got SESSION KEEP ALIVE */
138 result
= _recvfrom(socket
, (void *) peek_buf
, 4,
141 DEBUG1("got SESSION KEEPALIVE\n");
150 DEBUG1("found=%d, count=%d, result=%d\n", found
, count
, result
);
157 smb_data_ready(struct sock
*sk
, int len
)
159 struct data_callback
* job
;
160 job
= kmalloc(sizeof(struct data_callback
),GFP_ATOMIC
);
162 printk("smb_data_ready: lost SESSION KEEPALIVE due to OOM.\n");
168 job
->cb
.routine
= smb_data_callback
;
171 schedule_task(&job
->cb
);
175 smb_valid_socket(struct inode
* inode
)
177 return (inode
&& S_ISSOCK(inode
->i_mode
) &&
178 inode
->u
.socket_i
.type
== SOCK_STREAM
);
181 static struct socket
*
182 server_sock(struct smb_sb_info
*server
)
186 if (server
&& (file
= server
->sock_file
))
188 #ifdef SMBFS_PARANOIA
189 if (!smb_valid_socket(file
->f_dentry
->d_inode
))
190 PARANOIA("bad socket!\n");
192 return &file
->f_dentry
->d_inode
->u
.socket_i
;
198 smb_catch_keepalive(struct smb_sb_info
*server
)
200 struct socket
*socket
;
206 socket
= server_sock(server
);
209 printk(KERN_DEBUG
"smb_catch_keepalive: did not get valid server!\n");
210 server
->data_ready
= NULL
;
217 DEBUG1("sk == NULL");
218 server
->data_ready
= NULL
;
221 DEBUG1("sk->d_r = %x, server->d_r = %x\n",
222 (unsigned int) (sk
->data_ready
),
223 (unsigned int) (server
->data_ready
));
226 * Install the callback atomically to avoid races ...
228 data_ready
= xchg(&sk
->data_ready
, smb_data_ready
);
229 if (data_ready
!= smb_data_ready
) {
230 server
->data_ready
= data_ready
;
233 printk(KERN_ERR
"smb_catch_keepalive: already done\n");
239 smb_dont_catch_keepalive(struct smb_sb_info
*server
)
241 struct socket
*socket
;
247 socket
= server_sock(server
);
250 printk(KERN_DEBUG
"smb_dont_catch_keepalive: did not get valid server!\n");
257 DEBUG1("sk == NULL");
261 /* Is this really an error?? */
262 if (server
->data_ready
== NULL
)
264 printk(KERN_DEBUG
"smb_dont_catch_keepalive: "
265 "server->data_ready == NULL\n");
268 DEBUG1("smb_dont_catch_keepalive: sk->d_r = %x, server->d_r = %x\n",
269 (unsigned int) (sk
->data_ready
),
270 (unsigned int) (server
->data_ready
));
273 * Restore the original callback atomically to avoid races ...
275 data_ready
= xchg(&sk
->data_ready
, server
->data_ready
);
276 server
->data_ready
= NULL
;
277 if (data_ready
!= smb_data_ready
)
279 printk(KERN_ERR
"smb_dont_catch_keepalive: "
280 "sk->data_ready != smb_data_ready\n");
288 * Called with the server locked.
291 smb_close_socket(struct smb_sb_info
*server
)
293 struct file
* file
= server
->sock_file
;
297 VERBOSE("closing socket %p\n", server_sock(server
));
298 #ifdef SMBFS_PARANOIA
299 if (server_sock(server
)->sk
->data_ready
== smb_data_ready
)
300 PARANOIA("still catching keepalives!\n");
302 server
->sock_file
= NULL
;
308 smb_send_raw(struct socket
*socket
, unsigned char *source
, int length
)
311 int already_sent
= 0;
313 while (already_sent
< length
)
315 result
= _send(socket
,
316 (void *) (source
+ already_sent
),
317 length
- already_sent
);
325 DEBUG1("smb_send_raw: sendto error = %d\n", -result
);
328 already_sent
+= result
;
334 smb_receive_raw(struct socket
*socket
, unsigned char *target
, int length
)
337 int already_read
= 0;
339 while (already_read
< length
)
341 result
= _recvfrom(socket
,
342 (void *) (target
+ already_read
),
343 length
- already_read
, 0);
351 DEBUG1("recvfrom error = %d\n", -result
);
354 already_read
+= result
;
360 smb_get_length(struct socket
*socket
, unsigned char *header
)
363 unsigned char peek_buf
[4];
369 result
= smb_receive_raw(socket
, peek_buf
, 4);
374 PARANOIA("recv error = %d\n", -result
);
384 DEBUG1("Got SESSION KEEP ALIVE\n");
388 PARANOIA("Invalid NBT packet, code=%x\n", peek_buf
[0]);
394 memcpy(header
, peek_buf
, 4);
396 /* The length in the RFC NB header is the raw data length */
397 return smb_len(peek_buf
);
401 * Since we allocate memory in increments of PAGE_SIZE,
402 * round up the packet length to the next multiple.
405 smb_round_length(int len
)
407 return (len
+ PAGE_SIZE
- 1) & ~(PAGE_SIZE
- 1);
412 * fs points to the correct segment
415 smb_receive(struct smb_sb_info
*server
)
417 struct socket
*socket
= server_sock(server
);
418 unsigned char * packet
= server
->packet
;
420 unsigned char peek_buf
[4];
422 result
= smb_get_length(socket
, peek_buf
);
427 * Some servers do not respect our max_xmit and send
428 * larger packets. Try to allocate a new packet,
429 * but don't free the old one unless we succeed.
431 if (len
+ 4 > server
->packet_size
)
433 int new_len
= smb_round_length(len
+ 4);
436 packet
= smb_vmalloc(new_len
);
439 smb_vfree(server
->packet
);
440 server
->packet
= packet
;
441 server
->packet_size
= new_len
;
443 memcpy(packet
, peek_buf
, 4);
444 result
= smb_receive_raw(socket
, packet
+ 4, len
);
447 VERBOSE("receive error: %d\n", result
);
450 server
->rcls
= *(packet
+ smb_rcls
);
451 server
->err
= WVAL(packet
, smb_err
);
453 #ifdef SMBFS_DEBUG_VERBOSE
454 if (server
->rcls
!= 0)
455 VERBOSE("rcls=%d, err=%d\n", server
->rcls
, server
->err
);
462 * This routine checks first for "fast track" processing, as most
463 * packets won't need to be copied. Otherwise, it allocates a new
464 * packet to hold the incoming data.
466 * Note that the final server packet must be the larger of the two;
467 * server packets aren't allowed to shrink.
470 smb_receive_trans2(struct smb_sb_info
*server
,
471 int *ldata
, unsigned char **data
,
472 int *lparm
, unsigned char **parm
)
474 unsigned char *inbuf
, *base
, *rcv_buf
= NULL
;
475 unsigned int parm_disp
, parm_offset
, parm_count
, parm_tot
, parm_len
= 0;
476 unsigned int data_disp
, data_offset
, data_count
, data_tot
, data_len
= 0;
477 unsigned int total_p
= 0, total_d
= 0, buf_len
= 0;
482 result
= smb_receive(server
);
485 inbuf
= server
->packet
;
486 if (server
->rcls
!= 0)
488 *parm
= *data
= inbuf
;
493 * Extract the control data from the packet.
495 data_tot
= WVAL(inbuf
, smb_tdrcnt
);
496 parm_tot
= WVAL(inbuf
, smb_tprcnt
);
497 parm_disp
= WVAL(inbuf
, smb_prdisp
);
498 parm_offset
= WVAL(inbuf
, smb_proff
);
499 parm_count
= WVAL(inbuf
, smb_prcnt
);
500 data_disp
= WVAL(inbuf
, smb_drdisp
);
501 data_offset
= WVAL(inbuf
, smb_droff
);
502 data_count
= WVAL(inbuf
, smb_drcnt
);
503 base
= smb_base(inbuf
);
506 * Assume success and increment lengths.
508 parm_len
+= parm_count
;
509 data_len
+= data_count
;
514 * Check for fast track processing ... just this packet.
516 if (parm_count
== parm_tot
&& data_count
== data_tot
)
518 VERBOSE("fast track, parm=%u %u %u, data=%u %u %u\n",
519 parm_disp
, parm_offset
, parm_count
,
520 data_disp
, data_offset
, data_count
);
521 *parm
= base
+ parm_offset
;
522 *data
= base
+ data_offset
;
526 if (parm_tot
> TRANS2_MAX_TRANSFER
||
527 data_tot
> TRANS2_MAX_TRANSFER
)
531 * Save the total parameter and data length.
536 buf_len
= total_d
+ total_p
;
537 if (server
->packet_size
> buf_len
)
538 buf_len
= server
->packet_size
;
539 buf_len
= smb_round_length(buf_len
);
541 rcv_buf
= smb_vmalloc(buf_len
);
545 *data
= rcv_buf
+ total_p
;
547 else if (data_tot
> total_d
|| parm_tot
> total_p
)
550 if (parm_disp
+ parm_count
> total_p
)
552 if (data_disp
+ data_count
> total_d
)
554 memcpy(*parm
+ parm_disp
, base
+ parm_offset
, parm_count
);
555 memcpy(*data
+ data_disp
, base
+ data_offset
, data_count
);
557 PARANOIA("copied, parm=%u of %u, data=%u of %u\n",
558 parm_len
, parm_tot
, data_len
, data_tot
);
561 * Check whether we've received all of the data. Note that
562 * we use the packet totals -- total lengths might shrink!
564 if (data_len
>= data_tot
&& parm_len
>= parm_tot
)
569 * Install the new packet. Note that it's possible, though
570 * unlikely, that the new packet could be smaller than the
571 * old one, in which case we just copy the data.
573 inbuf
= server
->packet
;
574 if (buf_len
>= server
->packet_size
)
576 server
->packet_size
= buf_len
;
577 server
->packet
= rcv_buf
;
580 PARANOIA("copying data, old size=%d, new size=%u\n",
581 server
->packet_size
, buf_len
);
582 memcpy(inbuf
, rcv_buf
, parm_len
+ data_len
);
594 PARANOIA("couldn't allocate data area\n");
598 printk(KERN_ERR
"smb_receive_trans2: data/param too long, data=%d, parm=%d\n",
602 printk(KERN_ERR
"smb_receive_trans2: data/params grew!\n");
605 printk(KERN_ERR
"smb_receive_trans2: invalid parms, disp=%d, cnt=%d, tot=%d\n",
606 parm_disp
, parm_count
, parm_tot
);
609 printk(KERN_ERR
"smb_receive_trans2: invalid data, disp=%d, cnt=%d, tot=%d\n",
610 data_disp
, data_count
, data_tot
);
617 * Called with the server locked
620 smb_request(struct smb_sb_info
*server
)
622 unsigned long flags
, sigpipe
;
626 unsigned char *buffer
;
629 buffer
= server
->packet
;
634 if (server
->state
!= CONN_VALID
)
637 if ((result
= smb_dont_catch_keepalive(server
)) != 0)
640 len
= smb_len(buffer
) + 4;
641 DEBUG1("len = %d cmd = 0x%X\n", len
, buffer
[8]);
643 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
644 sigpipe
= sigismember(¤t
->pending
.signal
, SIGPIPE
);
645 old_set
= current
->blocked
;
646 siginitsetinv(¤t
->blocked
, sigmask(SIGKILL
)|sigmask(SIGSTOP
));
647 recalc_sigpending(current
);
648 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
653 result
= smb_send_raw(server_sock(server
), (void *) buffer
, len
);
656 result
= smb_receive(server
);
659 /* read/write errors are handled by errno */
660 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
661 if (result
== -EPIPE
&& !sigpipe
)
662 sigdelset(¤t
->pending
.signal
, SIGPIPE
);
663 current
->blocked
= old_set
;
664 recalc_sigpending(current
);
665 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
671 int result2
= smb_catch_keepalive(server
);
674 printk(KERN_ERR
"smb_request: catch keepalive failed\n");
681 * Check for fatal server errors ...
684 int error
= smb_errno(server
);
685 if (error
== EBADSLT
) {
686 printk(KERN_ERR
"smb_request: tree ID invalid\n");
693 DEBUG1("result = %d\n", result
);
697 PARANOIA("result %d, setting invalid\n", result
);
698 server
->state
= CONN_INVALID
;
699 smb_invalidate_inodes(server
);
702 printk(KERN_ERR
"smb_request: no packet!\n");
705 printk(KERN_ERR
"smb_request: connection %d not valid!\n",
710 #define ROUND_UP(x) (((x)+3) & ~3)
712 smb_send_trans2(struct smb_sb_info
*server
, __u16 trans2_command
,
713 int ldata
, unsigned char *data
,
714 int lparam
, unsigned char *param
)
716 struct socket
*sock
= server_sock(server
);
717 struct scm_cookie scm
;
720 /* I know the following is very ugly, but I want to build the
721 smb packet as efficiently as possible. */
723 const int smb_parameters
= 15;
725 ROUND_UP(SMB_HEADER_LEN
+ 2 * smb_parameters
+ 2 + 3);
727 ROUND_UP(oparam
+ lparam
);
729 odata
+ ldata
- (SMB_HEADER_LEN
+ 2 * smb_parameters
+ 2);
730 const int packet_length
=
731 SMB_HEADER_LEN
+ 2 * smb_parameters
+ bcc
+ 2;
733 unsigned char padding
[4] =
740 /* N.B. This test isn't valid! packet_size may be < max_xmit */
741 if ((bcc
+ oparam
) > server
->opt
.max_xmit
)
745 p
= smb_setup_header(server
, SMBtrans2
, smb_parameters
, bcc
);
747 WSET(server
->packet
, smb_tpscnt
, lparam
);
748 WSET(server
->packet
, smb_tdscnt
, ldata
);
749 /* N.B. these values should reflect out current packet size */
750 WSET(server
->packet
, smb_mprcnt
, TRANS2_MAX_TRANSFER
);
751 WSET(server
->packet
, smb_mdrcnt
, TRANS2_MAX_TRANSFER
);
752 WSET(server
->packet
, smb_msrcnt
, 0);
753 WSET(server
->packet
, smb_flags
, 0);
754 DSET(server
->packet
, smb_timeout
, 0);
755 WSET(server
->packet
, smb_pscnt
, lparam
);
756 WSET(server
->packet
, smb_psoff
, oparam
- 4);
757 WSET(server
->packet
, smb_dscnt
, ldata
);
758 WSET(server
->packet
, smb_dsoff
, odata
- 4);
759 WSET(server
->packet
, smb_suwcnt
, 1);
760 WSET(server
->packet
, smb_setup0
, trans2_command
);
761 *p
++ = 0; /* null smb_name for trans2 */
762 *p
++ = 'D'; /* this was added because OS/2 does it */
768 msg
.msg_control
= NULL
;
769 msg
.msg_controllen
= 0;
774 iov
[0].iov_base
= (void *) server
->packet
;
775 iov
[0].iov_len
= oparam
;
776 iov
[1].iov_base
= (param
== NULL
) ? padding
: param
;
777 iov
[1].iov_len
= lparam
;
778 iov
[2].iov_base
= padding
;
779 iov
[2].iov_len
= odata
- oparam
- lparam
;
780 iov
[3].iov_base
= (data
== NULL
) ? padding
: data
;
781 iov
[3].iov_len
= ldata
;
783 err
= scm_send(sock
, &msg
, &scm
);
786 err
= sock
->ops
->sendmsg(sock
, &msg
, packet_length
, &scm
);
793 * This is not really a trans2 request, we assume that you only have
794 * one packet to send.
797 smb_trans2_request(struct smb_sb_info
*server
, __u16 trans2_command
,
798 int ldata
, unsigned char *data
,
799 int lparam
, unsigned char *param
,
800 int *lrdata
, unsigned char **rdata
,
801 int *lrparam
, unsigned char **rparam
)
804 unsigned long flags
, sigpipe
;
808 DEBUG1("com=%d, ld=%d, lp=%d\n", trans2_command
, ldata
, lparam
);
811 * These are initialized in smb_request_ok, but not here??
817 if (server
->state
!= CONN_VALID
)
820 if ((result
= smb_dont_catch_keepalive(server
)) != 0)
823 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
824 sigpipe
= sigismember(¤t
->pending
.signal
, SIGPIPE
);
825 old_set
= current
->blocked
;
826 siginitsetinv(¤t
->blocked
, sigmask(SIGKILL
)|sigmask(SIGSTOP
));
827 recalc_sigpending(current
);
828 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
833 result
= smb_send_trans2(server
, trans2_command
,
834 ldata
, data
, lparam
, param
);
837 result
= smb_receive_trans2(server
,
838 lrdata
, rdata
, lrparam
, rparam
);
841 /* read/write errors are handled by errno */
842 spin_lock_irqsave(¤t
->sigmask_lock
, flags
);
843 if (result
== -EPIPE
&& !sigpipe
)
844 sigdelset(¤t
->pending
.signal
, SIGPIPE
);
845 current
->blocked
= old_set
;
846 recalc_sigpending(current
);
847 spin_unlock_irqrestore(¤t
->sigmask_lock
, flags
);
853 int result2
= smb_catch_keepalive(server
);
862 * Check for fatal server errors ...
865 int error
= smb_errno(server
);
866 if (error
== EBADSLT
) {
867 printk(KERN_ERR
"smb_request: tree ID invalid\n");
877 PARANOIA("result=%d, setting invalid\n", result
);
878 server
->state
= CONN_INVALID
;
879 smb_invalidate_inodes(server
);