diff options
author | Federico Sauter <fsauter@innominate.com> | 2015-03-17 17:45:28 +0100 |
---|---|---|
committer | Steve French <smfrench@gmail.com> | 2015-05-20 13:25:55 -0500 |
commit | 4afe260bab50290a05e5732570329a530ed023f3 (patch) | |
tree | f5b2c9281cd3fe80c9bfcc3679baed8155bfdc76 /fs | |
parent | b29103076bec8316e155e71309dc0fba499022c6 (diff) | |
download | op-kernel-dev-4afe260bab50290a05e5732570329a530ed023f3.zip op-kernel-dev-4afe260bab50290a05e5732570329a530ed023f3.tar.gz |
CIFS: Fix race condition on RFC1002_NEGATIVE_SESSION_RESPONSE
This patch fixes a race condition that occurs when connecting
to a NT 3.51 host without specifying a NetBIOS name.
In that case a RFC1002_NEGATIVE_SESSION_RESPONSE is received
and the SMB negotiation is reattempted, but under some conditions
it leads SendReceive() to hang forever while waiting for srv_mutex.
This, in turn, sets the calling process to an uninterruptible sleep
state and makes it unkillable.
The solution is to unlock the srv_mutex acquired in the demux
thread *before* going to sleep (after the reconnect error) and
before reattempting the connection.
Diffstat (limited to 'fs')
-rw-r--r-- | fs/cifs/connect.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index f3bfe08..8383d5e 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -386,6 +386,7 @@ cifs_reconnect(struct TCP_Server_Info *server) rc = generic_ip_connect(server); if (rc) { cifs_dbg(FYI, "reconnect error %d\n", rc); + mutex_unlock(&server->srv_mutex); msleep(3000); } else { atomic_inc(&tcpSesReconnectCount); @@ -393,8 +394,8 @@ cifs_reconnect(struct TCP_Server_Info *server) if (server->tcpStatus != CifsExiting) server->tcpStatus = CifsNeedNegotiate; spin_unlock(&GlobalMid_Lock); + mutex_unlock(&server->srv_mutex); } - mutex_unlock(&server->srv_mutex); } while (server->tcpStatus == CifsNeedReconnect); return rc; |