[PATCH] CIFS: avoid using MID 0xFFFF
ronnie sahlberg
ronniesahlberg at gmail.com
Mon Oct 14 09:08:43 UTC 2019
On Mon, Oct 14, 2019 at 7:01 PM Roberto Bergantinos Corpas
<rbergant at redhat.com> wrote:
>
> According to MS-CIFS specification MID 0xFFFF should not be used by the
> CIFS client, but we actually do. Besides, this has proven to cause races
> leading to oops between SendReceive2/cifs_demultiplex_thread. On SMB1,
> MID is a 2 byte value easy to reach in CurrentMid which may conflict with
> an oplock break notification request coming from server
>
> Signed-off-by: Roberto Bergantinos Corpas <rbergant at redhat.com>
> ---
> fs/cifs/smb1ops.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/fs/cifs/smb1ops.c b/fs/cifs/smb1ops.c
> index c4e75afa3258..c8d96230cbd2 100644
> --- a/fs/cifs/smb1ops.c
> +++ b/fs/cifs/smb1ops.c
> @@ -183,6 +183,9 @@ cifs_get_next_mid(struct TCP_Server_Info *server)
> /* we do not want to loop forever */
> last_mid = cur_mid;
> cur_mid++;
> + /* avoid 0xFFFF MID */
> + if (cur_mid == 0xffff)
> + cur_mid++;
>
> /*
> * This nested loop looks more expensive than it is.
> --
Reviewed-by: lsahlber at redhat.com>
Steve, can we get this pushed to linus soonish? It is a bad issue.
More information about the samba-technical
mailing list