From: Jeff Layton <jlayton@redhat.com>
Date: Sat, 29 Jan 2011 12:02:28 +0000 (-0500)
Subject: cifs: force a reconnect if there are too many MIDs in flight
X-Git-Tag: v2.6.38-rc4~48^2~5
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92a4e0f0169498867ecb19c2244510dd4beba149;p=pandora-kernel.git

cifs: force a reconnect if there are too many MIDs in flight

Currently, we allow the pending_mid_q to grow without bound with
SIGKILL'ed processes. This could eventually be a DoS'able problem. An
unprivileged user could a process that does a long-running call and then
SIGKILL it.

If he can also intercept the NT_CANCEL calls or the replies from the
server, then the pending_mid_q could grow very large, possibly even to
2^16 entries which might leave GetNextMid in an infinite loop. Fix this
by imposing a hard limit of 32k calls per server. If we cross that
limit, set the tcpStatus to CifsNeedReconnect to force cifsd to
eventually reconnect the socket and clean out the pending_mid_q.

While we're at it, clean up the function a bit and eliminate an
unnecessary NULL pointer check.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
---

Reading git-diff-tree failed