summaryrefslogtreecommitdiffstats
path: root/fs/cifs
diff options
context:
space:
mode:
authorShu Wang <shuwang@redhat.com>2017-09-08 18:48:33 +0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2017-10-05 09:41:44 +0200
commitfcc949a48842c4b05bea7057289fe7e7206a03fc (patch)
tree7e8bd27242334b0e34d677f11833189fac1782f2 /fs/cifs
parent10def3a6779924f7bb130200b8b940caf2914111 (diff)
downloadlinux-stable-fcc949a48842c4b05bea7057289fe7e7206a03fc.tar.gz
linux-stable-fcc949a48842c4b05bea7057289fe7e7206a03fc.tar.bz2
linux-stable-fcc949a48842c4b05bea7057289fe7e7206a03fc.zip
cifs: release auth_key.response for reconnect.
commit f5c4ba816315d3b813af16f5571f86c8d4e897bd upstream. There is a race that cause cifs reconnect in cifs_mount, - cifs_mount - cifs_get_tcp_session - [ start thread cifs_demultiplex_thread - cifs_read_from_socket: -ECONNABORTED - DELAY_WORK smb2_reconnect_server ] - cifs_setup_session - [ smb2_reconnect_server ] auth_key.response was allocated in cifs_setup_session, and will release when the session destoried. So when session re- connect, auth_key.response should be check and released. Tested with my system: CIFS VFS: Free previous auth_key.response = ffff8800320bbf80 A simple auth_key.response allocation call trace: - cifs_setup_session - SMB2_sess_setup - SMB2_sess_auth_rawntlmssp_authenticate - build_ntlmssp_auth_blob - setup_ntlmv2_rsp Signed-off-by: Shu Wang <shuwang@redhat.com> Signed-off-by: Steve French <smfrench@gmail.com> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs/cifs')
-rw-r--r--fs/cifs/connect.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 53a827c6d8b1..b377aa8f266f 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -4060,6 +4060,14 @@ cifs_setup_session(const unsigned int xid, struct cifs_ses *ses,
cifs_dbg(FYI, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d\n",
server->sec_mode, server->capabilities, server->timeAdj);
+ if (ses->auth_key.response) {
+ cifs_dbg(VFS, "Free previous auth_key.response = %p\n",
+ ses->auth_key.response);
+ kfree(ses->auth_key.response);
+ ses->auth_key.response = NULL;
+ ses->auth_key.len = 0;
+ }
+
if (server->ops->sess_setup)
rc = server->ops->sess_setup(xid, ses, nls_info);