@@ -2144,13 +2144,16 @@ static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf,
static struct scatterlist *
init_sg(int num_rqst, struct smb_rqst *rqst, u8 *sign)
{
- unsigned int sg_len = rqst->rq_nvec + rqst->rq_npages + 1;
+ unsigned int sg_len = 1; /* signature */
unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;
struct scatterlist *sg;
unsigned int i;
unsigned int j;
unsigned int idx = 0;
+ for (i = 0; i < num_rqst; i++)
+ sg_len += rqst[i].rq_nvec + rqst[i].rq_npages;
+
sg = kmalloc_array(sg_len, sizeof(struct scatterlist), GFP_KERNEL);
if (!sg)
return NULL;
@@ -2162,10 +2165,10 @@ init_sg(int num_rqst, struct smb_rqst *rqst, u8 *sign)
*/
if (i == 0)
smb2_sg_set_buf(&sg[idx++],
- rqst[i].rq_iov[i].iov_base + 20,
+ rqst[i].rq_iov[0].iov_base + 20,
assoc_data_len);
else
- smb2_sg_set_buf(&sg[idx++], rqst[i].rq_iov[i].iov_base,
+ smb2_sg_set_buf(&sg[idx++], rqst[i].rq_iov[0].iov_base,
rqst[i].rq_iov[0].iov_len);
for (j = 1; j < rqst[i].rq_nvec; j++)
@@ -2302,68 +2305,85 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst,
return rc;
}
+static void
+smb3_free_transform_rq_one(struct smb_rqst *rqst)
+{
+ int i;
+
+ for (i = rqst->rq_npages - 1; i >= 0; i--)
+ put_page(rqst->rq_pages[i]);
+ kfree(rqst->rq_pages);
+ kfree(rqst->rq_iov);
+}
+
/* Encrypt all the requests but only add a transform header to the first */
static int
smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst,
struct smb_rqst *new_rq, struct smb_rqst *old_rq)
{
- struct kvec *iov;
- struct page **pages;
+ struct kvec *iov = NULL;
+ struct page **pages = NULL;
struct smb2_transform_hdr *tr_hdr;
- unsigned int npages = old_rq->rq_npages;
+ unsigned int npages;
unsigned int orig_len = 0;
- int i;
+ int i, j = 0;
int rc = -ENOMEM;
tr_hdr = kmalloc(sizeof(struct smb2_transform_hdr), GFP_KERNEL);
if (!tr_hdr)
return rc;
- pages = kmalloc_array(npages, sizeof(struct page *), GFP_KERNEL);
- if (!pages)
- goto err_free_tr_hdr;
-
- new_rq->rq_pages = pages;
- new_rq->rq_npages = old_rq->rq_npages;
- new_rq->rq_pagesz = old_rq->rq_pagesz;
- new_rq->rq_tailsz = old_rq->rq_tailsz;
-
- for (i = 0; i < old_rq->rq_nvec; i++)
- orig_len += old_rq->rq_iov[i].iov_len;
+ for (i = 0; i < num_rqst; i++) {
+ for (j = 0; j < old_rq[i].rq_nvec; j++)
+ orig_len += old_rq[i].rq_iov[j].iov_len;
+
+ npages = old_rq[i].rq_npages;
+ pages = kmalloc_array(npages, sizeof(struct page *),
+ GFP_KERNEL);
+ if (!pages)
+ goto err_free_tr_hdr;
+
+ new_rq[i].rq_pages = pages;
+ new_rq[i].rq_npages = old_rq[i].rq_npages;
+ new_rq[i].rq_pagesz = old_rq[i].rq_pagesz;
+ new_rq[i].rq_tailsz = old_rq[i].rq_tailsz;
+
+ for (j = 0; j < npages; j++) {
+ pages[j] = alloc_page(GFP_KERNEL|__GFP_HIGHMEM);
+ if (!pages[j])
+ goto err_free_pages;
+ }
- for (i = 0; i < npages; i++) {
- pages[i] = alloc_page(GFP_KERNEL|__GFP_HIGHMEM);
- if (!pages[i])
+ /* Copy all iovs from the old. The first request has an extra
+ * iov to hold the transform header.
+ */
+ iov = kmalloc_array(old_rq[i].rq_nvec + (i == 0),
+ sizeof(struct kvec), GFP_KERNEL);
+ if (!iov)
goto err_free_pages;
- }
-
- iov = kmalloc_array(old_rq->rq_nvec + 1, sizeof(struct kvec),
- GFP_KERNEL);
- if (!iov)
- goto err_free_pages;
-
- /* copy all iovs from the old */
- memcpy(&iov[1], &old_rq->rq_iov[0],
- sizeof(struct kvec) * old_rq->rq_nvec);
- new_rq->rq_iov = iov;
- new_rq->rq_nvec = old_rq->rq_nvec + 1;
+ memcpy(&iov[i == 0], &old_rq[i].rq_iov[0],
+ sizeof(struct kvec) * old_rq[i].rq_nvec);
+
+ new_rq[i].rq_iov = iov;
+ new_rq[i].rq_nvec = old_rq[i].rq_nvec + (i == 0);
+
+ /* copy pages form the old */
+ for (j = 0; j < npages; j++) {
+ char *dst = kmap(new_rq[i].rq_pages[j]);
+ char *src = kmap(old_rq[i].rq_pages[j]);
+ unsigned int len = (j < npages - 1) ?
+ new_rq[i].rq_pagesz : new_rq[i].rq_tailsz;
+ memcpy(dst, src, len);
+ kunmap(new_rq[i].rq_pages[j]);
+ kunmap(old_rq[i].rq_pages[j]);
+ }
+ }
/* fill the 1nd iov with a transform header */
fill_transform_hdr(tr_hdr, orig_len, old_rq);
- new_rq->rq_iov[0].iov_base = tr_hdr;
- new_rq->rq_iov[0].iov_len = sizeof(struct smb2_transform_hdr);
-
- /* copy pages form the old */
- for (i = 0; i < npages; i++) {
- char *dst = kmap(new_rq->rq_pages[i]);
- char *src = kmap(old_rq->rq_pages[i]);
- unsigned int len = (i < npages - 1) ? new_rq->rq_pagesz :
- new_rq->rq_tailsz;
- memcpy(dst, src, len);
- kunmap(new_rq->rq_pages[i]);
- kunmap(old_rq->rq_pages[i]);
- }
+ new_rq[0].rq_iov[0].iov_base = tr_hdr;
+ new_rq[0].rq_iov[0].iov_len = sizeof(struct smb2_transform_hdr);
rc = crypt_message(server, num_rqst, new_rq, 1);
cifs_dbg(FYI, "encrypt message returned %d", rc);
@@ -2375,11 +2395,13 @@ smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst,
err_free_iov:
kfree(iov);
err_free_pages:
- for (i = i - 1; i >= 0; i--)
- put_page(pages[i]);
+ for (j = j - 1; j >= 0; j--)
+ put_page(pages[j]);
kfree(pages);
err_free_tr_hdr:
kfree(tr_hdr);
+ while (--i >= 0)
+ smb3_free_transform_rq_one(&new_rq[i]);
return rc;
}
@@ -2387,17 +2409,13 @@ smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst,
static void
smb3_free_transform_rq(int num_rqst, struct smb_rqst *rqst)
{
- int i, j;
+ int i;
/* free transform header */
kfree(rqst->rq_iov[0].iov_base);
- for (i = 0; i < num_rqst; i++) {
- for (j = rqst[i].rq_npages - 1; j >= 0; j--)
- put_page(rqst[i].rq_pages[j]);
- kfree(rqst[i].rq_pages);
- kfree(rqst[i].rq_iov);
- }
+ for (i = 0; i < num_rqst; i++)
+ smb3_free_transform_rq_one(&rqst[i]);
}
static int
The first request will get pre-pended with a smb3 transform header. Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> --- fs/cifs/smb2ops.c | 128 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 73 insertions(+), 55 deletions(-)