Commit b8f42965 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag '5.15-rc2-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6 

Pull cifs fixes from Steve French:
 "Six small cifs/smb3 fixes, two for stable:

   - important fix for deferred close (found by a git functional test)
     related to attribute caching on close.

   - four (two cosmetic, two more serious) small fixes for problems
     pointed out by smatch via Dan Carpenter

   - fix for comment formatting problems pointed out by W=1"

* tag '5.15-rc2-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: fix incorrect check for null pointer in header_assemble
  smb3: correct server pointer dereferencing check to be more consistent
  smb3: correct smb3 ACL security descriptor
  cifs: Clear modified attribute bit from inode flags
  cifs: Deal with some warnings from W=1
  cifs: fix a sign extension bug
parents 85736168 9ed38fd4

fs/cifs/connect.c

+3 −2
Original line number Diff line number Diff line
@@ -2389,9 +2389,10 @@ cifs_match_super(struct super_block *sb, void *data) 
	spin_lock(&cifs_tcp_ses_lock);

	cifs_sb = CIFS_SB(sb);

	tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));

	if (IS_ERR(tlink)) {

	if (tlink == NULL) {

		/* can not match superblock if tlink were ever null */

		spin_unlock(&cifs_tcp_ses_lock);

		return rc;

		return 0;

	}

	tcon = tlink_tcon(tlink);

	ses = tcon->ses;

fs/cifs/file.c

+2 −2
Original line number Diff line number Diff line
@@ -884,7 +884,7 @@ int cifs_close(struct inode *inode, struct file *file) 
		    cinode->lease_granted &&

		    !test_bit(CIFS_INO_CLOSE_ON_LOCK, &cinode->flags) &&

		    dclose) {

			if (test_bit(CIFS_INO_MODIFIED_ATTR, &cinode->flags)) {

			if (test_and_clear_bit(CIFS_INO_MODIFIED_ATTR, &cinode->flags)) {

				inode->i_ctime = inode->i_mtime = current_time(inode);

				cifs_fscache_update_inode_cookie(inode);

			}
@@ -3113,7 +3113,7 @@ static void collect_uncached_write_data(struct cifs_aio_ctx *ctx) 
	struct cifs_tcon *tcon;

	struct cifs_sb_info *cifs_sb;

	struct dentry *dentry = ctx->cfile->dentry;

	int rc;

	ssize_t rc;



	tcon = tlink_tcon(ctx->cfile->tlink);

	cifs_sb = CIFS_SB(dentry->d_sb);

fs/cifs/misc.c

+14 −3
Original line number Diff line number Diff line
@@ -264,6 +264,7 @@ header_assemble(struct smb_hdr *buffer, char smb_command /* command */ , 


			/* Uid is not converted */

			buffer->Uid = treeCon->ses->Suid;

			if (treeCon->ses->server)

				buffer->Mid = get_next_mid(treeCon->ses->server);

		}

		if (treeCon->Flags & SMB_SHARE_IS_IN_DFS)
@@ -590,6 +591,7 @@ void cifs_put_writer(struct cifsInodeInfo *cinode) 


/**

 * cifs_queue_oplock_break - queue the oplock break handler for cfile

 * @cfile: The file to break the oplock on

 *

 * This function is called from the demultiplex thread when it

 * receives an oplock break for @cfile.
@@ -1065,6 +1067,9 @@ setup_aio_ctx_iter(struct cifs_aio_ctx *ctx, struct iov_iter *iter, int rw) 


/**

 * cifs_alloc_hash - allocate hash and hash context together

 * @name: The name of the crypto hash algo

 * @shash: Where to put the pointer to the hash algo

 * @sdesc: Where to put the pointer to the hash descriptor

 *

 * The caller has to make sure @sdesc is initialized to either NULL or

 * a valid context. Both can be freed via cifs_free_hash().
@@ -1103,6 +1108,8 @@ cifs_alloc_hash(const char *name, 


/**

 * cifs_free_hash - free hash and hash context together

 * @shash: Where to find the pointer to the hash algo

 * @sdesc: Where to find the pointer to the hash descriptor

 *

 * Freeing a NULL hash or context is safe.

 */
@@ -1118,8 +1125,10 @@ cifs_free_hash(struct crypto_shash **shash, struct sdesc **sdesc) 


/**

 * rqst_page_get_length - obtain the length and offset for a page in smb_rqst

 * Input: rqst - a smb_rqst, page - a page index for rqst

 * Output: *len - the length for this page, *offset - the offset for this page

 * @rqst: The request descriptor

 * @page: The index of the page to query

 * @len: Where to store the length for this page:

 * @offset: Where to store the offset for this page

 */

void rqst_page_get_length(struct smb_rqst *rqst, unsigned int page,

				unsigned int *len, unsigned int *offset)
@@ -1152,6 +1161,8 @@ void extract_unc_hostname(const char *unc, const char **h, size_t *len) 


/**

 * copy_path_name - copy src path to dst, possibly truncating

 * @dst: The destination buffer

 * @src: The source name

 *

 * returns number of bytes written (including trailing nul)

 */

fs/cifs/smb2pdu.c

+2 −2
Original line number Diff line number Diff line
@@ -2397,7 +2397,7 @@ create_sd_buf(umode_t mode, bool set_owner, unsigned int *len) 
	buf->sd.OffsetDacl = cpu_to_le32(ptr - (__u8 *)&buf->sd);

	/* Ship the ACL for now. we will copy it into buf later. */

	aclptr = ptr;

	ptr += sizeof(struct cifs_acl);

	ptr += sizeof(struct smb3_acl);



	/* create one ACE to hold the mode embedded in reserved special SID */

	acelen = setup_special_mode_ACE((struct cifs_ace *)ptr, (__u64)mode);
@@ -2422,7 +2422,7 @@ create_sd_buf(umode_t mode, bool set_owner, unsigned int *len) 
	acl.AclRevision = ACL_REVISION; /* See 2.4.4.1 of MS-DTYP */

	acl.AclSize = cpu_to_le16(acl_size);

	acl.AceCount = cpu_to_le16(ace_count);

	memcpy(aclptr, &acl, sizeof(struct cifs_acl));

	memcpy(aclptr, &acl, sizeof(struct smb3_acl));



	buf->ccontext.DataLength = cpu_to_le32(ptr - (__u8 *)&buf->sd);

	*len = roundup(ptr - (__u8 *)buf, 8);