4 * Copyright (C) International Business Machines Corp., 2002,2008
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * Jeremy Allison (jra@samba.org) 2006.
8 * This library is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Lesser General Public License as published
10 * by the Free Software Foundation; either version 2.1 of the License, or
11 * (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
16 * the GNU Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this library; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include <linux/list.h>
25 #include <linux/gfp.h>
26 #include <linux/wait.h>
27 #include <linux/net.h>
28 #include <linux/delay.h>
29 #include <linux/freezer.h>
30 #include <asm/uaccess.h>
31 #include <asm/processor.h>
32 #include <linux/mempool.h>
35 #include "cifsproto.h"
36 #include "cifs_debug.h"
38 extern mempool_t *cifs_mid_poolp;
41 wake_up_task(struct mid_q_entry *mid)
43 wake_up_process(mid->callback_data);
47 AllocMidQEntry(const struct smb_hdr *smb_buffer, struct TCP_Server_Info *server)
49 struct mid_q_entry *temp;
52 cERROR(1, "Null TCP session in AllocMidQEntry");
56 temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS);
60 memset(temp, 0, sizeof(struct mid_q_entry));
61 temp->mid = smb_buffer->Mid; /* always LE */
62 temp->pid = current->pid;
63 temp->command = smb_buffer->Command;
64 cFYI(1, "For smb_command %d", temp->command);
65 /* do_gettimeofday(&temp->when_sent);*/ /* easier to use jiffies */
66 /* when mid allocated can be before when sent */
67 temp->when_alloc = jiffies;
70 * The default is for the mid to be synchronous, so the
71 * default callback just wakes up the current task.
73 temp->callback = wake_up_task;
74 temp->callback_data = current;
77 atomic_inc(&midCount);
78 temp->midState = MID_REQUEST_ALLOCATED;
83 DeleteMidQEntry(struct mid_q_entry *midEntry)
85 #ifdef CONFIG_CIFS_STATS2
88 midEntry->midState = MID_FREE;
89 atomic_dec(&midCount);
90 if (midEntry->largeBuf)
91 cifs_buf_release(midEntry->resp_buf);
93 cifs_small_buf_release(midEntry->resp_buf);
94 #ifdef CONFIG_CIFS_STATS2
96 /* commands taking longer than one second are indications that
97 something is wrong, unless it is quite a slow link or server */
98 if ((now - midEntry->when_alloc) > HZ) {
99 if ((cifsFYI & CIFS_TIMER) &&
100 (midEntry->command != SMB_COM_LOCKING_ANDX)) {
101 printk(KERN_DEBUG " CIFS slow rsp: cmd %d mid %d",
102 midEntry->command, midEntry->mid);
103 printk(" A: 0x%lx S: 0x%lx R: 0x%lx\n",
104 now - midEntry->when_alloc,
105 now - midEntry->when_sent,
106 now - midEntry->when_received);
110 mempool_free(midEntry, cifs_mid_poolp);
114 delete_mid(struct mid_q_entry *mid)
116 spin_lock(&GlobalMid_Lock);
117 list_del(&mid->qhead);
118 spin_unlock(&GlobalMid_Lock);
120 DeleteMidQEntry(mid);
124 smb_sendv(struct TCP_Server_Info *server, struct kvec *iov, int n_vec)
128 struct msghdr smb_msg;
129 struct smb_hdr *smb_buffer = iov[0].iov_base;
130 unsigned int len = iov[0].iov_len;
131 unsigned int total_len;
133 unsigned int smb_buf_length = be32_to_cpu(smb_buffer->smb_buf_length);
134 struct socket *ssocket = server->ssocket;
137 return -ENOTSOCK; /* BB eventually add reconnect code here */
139 smb_msg.msg_name = (struct sockaddr *) &server->dstaddr;
140 smb_msg.msg_namelen = sizeof(struct sockaddr);
141 smb_msg.msg_control = NULL;
142 smb_msg.msg_controllen = 0;
143 if (server->noblocksnd)
144 smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
146 smb_msg.msg_flags = MSG_NOSIGNAL;
149 for (i = 0; i < n_vec; i++)
150 total_len += iov[i].iov_len;
152 cFYI(1, "Sending smb: total_len %d", total_len);
153 dump_smb(smb_buffer, len);
157 rc = kernel_sendmsg(ssocket, &smb_msg, &iov[first_vec],
158 n_vec - first_vec, total_len);
159 if ((rc == -ENOSPC) || (rc == -EAGAIN)) {
161 /* if blocking send we try 3 times, since each can block
162 for 5 seconds. For nonblocking we have to try more
163 but wait increasing amounts of time allowing time for
164 socket to clear. The overall time we wait in either
165 case to send on the socket is about 15 seconds.
166 Similarly we wait for 15 seconds for
167 a response from the server in SendReceive[2]
168 for the server to send a response back for
169 most types of requests (except SMB Write
170 past end of file which can be slow, and
171 blocking lock operations). NFS waits slightly longer
172 than CIFS, but this can make it take longer for
173 nonresponsive servers to be detected and 15 seconds
174 is more than enough time for modern networks to
175 send a packet. In most cases if we fail to send
176 after the retries we will kill the socket and
177 reconnect which may clear the network problem.
179 if ((i >= 14) || (!server->noblocksnd && (i > 2))) {
180 cERROR(1, "sends on sock %p stuck for 15 seconds",
191 if (rc == total_len) {
194 } else if (rc > total_len) {
195 cERROR(1, "sent %d requested %d", rc, total_len);
199 /* should never happen, letting socket clear before
200 retrying is our only obvious option here */
201 cERROR(1, "tcp sent no data");
206 /* the line below resets i */
207 for (i = first_vec; i < n_vec; i++) {
208 if (iov[i].iov_len) {
209 if (rc > iov[i].iov_len) {
210 rc -= iov[i].iov_len;
213 iov[i].iov_base += rc;
214 iov[i].iov_len -= rc;
220 i = 0; /* in case we get ENOSPC on the next send */
223 if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
224 cFYI(1, "partial send (%d remaining), terminating session",
226 /* If we have only sent part of an SMB then the next SMB
227 could be taken as the remainder of this one. We need
228 to kill the socket so the server throws away the partial
230 server->tcpStatus = CifsNeedReconnect;
233 if (rc < 0 && rc != -EINTR)
234 cERROR(1, "Error %d sending data on socket to server", rc);
238 /* Don't want to modify the buffer as a
239 side effect of this call. */
240 smb_buffer->smb_buf_length = cpu_to_be32(smb_buf_length);
246 smb_send(struct TCP_Server_Info *server, struct smb_hdr *smb_buffer,
247 unsigned int smb_buf_length)
251 iov.iov_base = smb_buffer;
252 iov.iov_len = smb_buf_length + 4;
254 return smb_sendv(server, &iov, 1);
257 static int wait_for_free_request(struct TCP_Server_Info *server,
260 if (long_op == CIFS_ASYNC_OP) {
261 /* oplock breaks must not be held up */
262 atomic_inc(&server->inFlight);
266 spin_lock(&GlobalMid_Lock);
268 if (atomic_read(&server->inFlight) >= server->maxReq) {
269 spin_unlock(&GlobalMid_Lock);
270 cifs_num_waiters_inc(server);
271 wait_event(server->request_q,
272 atomic_read(&server->inFlight)
274 cifs_num_waiters_dec(server);
275 spin_lock(&GlobalMid_Lock);
277 if (server->tcpStatus == CifsExiting) {
278 spin_unlock(&GlobalMid_Lock);
282 /* can not count locking commands against total
283 as they are allowed to block on server */
285 /* update # of requests on the wire to server */
286 if (long_op != CIFS_BLOCKING_OP)
287 atomic_inc(&server->inFlight);
288 spin_unlock(&GlobalMid_Lock);
295 static int allocate_mid(struct cifs_ses *ses, struct smb_hdr *in_buf,
296 struct mid_q_entry **ppmidQ)
298 if (ses->server->tcpStatus == CifsExiting) {
302 if (ses->server->tcpStatus == CifsNeedReconnect) {
303 cFYI(1, "tcp session dead - return to caller to retry");
307 if (ses->status != CifsGood) {
308 /* check if SMB session is bad because we are setting it up */
309 if ((in_buf->Command != SMB_COM_SESSION_SETUP_ANDX) &&
310 (in_buf->Command != SMB_COM_NEGOTIATE))
312 /* else ok - we are setting up session */
314 *ppmidQ = AllocMidQEntry(in_buf, ses->server);
317 spin_lock(&GlobalMid_Lock);
318 list_add_tail(&(*ppmidQ)->qhead, &ses->server->pending_mid_q);
319 spin_unlock(&GlobalMid_Lock);
324 wait_for_response(struct TCP_Server_Info *server, struct mid_q_entry *midQ)
328 error = wait_event_freezekillable(server->response_q,
329 midQ->midState != MID_REQUEST_SUBMITTED);
338 * Send a SMB request and set the callback function in the mid to handle
339 * the result. Caller is responsible for dealing with timeouts.
342 cifs_call_async(struct TCP_Server_Info *server, struct kvec *iov,
343 unsigned int nvec, mid_receive_t *receive,
344 mid_callback_t *callback, void *cbdata, bool ignore_pend)
347 struct mid_q_entry *mid;
348 struct smb_hdr *hdr = (struct smb_hdr *)iov[0].iov_base;
350 rc = wait_for_free_request(server, ignore_pend ? CIFS_ASYNC_OP : 0);
354 /* enable signing if server requires it */
355 if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
356 hdr->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
358 mutex_lock(&server->srv_mutex);
359 mid = AllocMidQEntry(hdr, server);
361 mutex_unlock(&server->srv_mutex);
362 atomic_dec(&server->inFlight);
363 wake_up(&server->request_q);
367 /* put it on the pending_mid_q */
368 spin_lock(&GlobalMid_Lock);
369 list_add_tail(&mid->qhead, &server->pending_mid_q);
370 spin_unlock(&GlobalMid_Lock);
372 rc = cifs_sign_smb2(iov, nvec, server, &mid->sequence_number);
376 mid->receive = receive;
377 mid->callback = callback;
378 mid->callback_data = cbdata;
379 mid->midState = MID_REQUEST_SUBMITTED;
381 cifs_in_send_inc(server);
382 rc = smb_sendv(server, iov, nvec);
383 cifs_in_send_dec(server);
384 cifs_save_when_sent(mid);
389 mutex_unlock(&server->srv_mutex);
394 atomic_dec(&server->inFlight);
395 wake_up(&server->request_q);
401 * Send an SMB Request. No response info (other than return code)
402 * needs to be parsed.
404 * flags indicate the type of request buffer and how long to wait
405 * and whether to log NT STATUS code (error) before mapping it to POSIX error
409 SendReceiveNoRsp(const unsigned int xid, struct cifs_ses *ses,
410 struct smb_hdr *in_buf, int flags)
416 iov[0].iov_base = (char *)in_buf;
417 iov[0].iov_len = be32_to_cpu(in_buf->smb_buf_length) + 4;
418 flags |= CIFS_NO_RESP;
419 rc = SendReceive2(xid, ses, iov, 1, &resp_buf_type, flags);
420 cFYI(DBG2, "SendRcvNoRsp flags %d rc %d", flags, rc);
426 cifs_sync_mid_result(struct mid_q_entry *mid, struct TCP_Server_Info *server)
430 cFYI(1, "%s: cmd=%d mid=%d state=%d", __func__, mid->command,
431 mid->mid, mid->midState);
433 spin_lock(&GlobalMid_Lock);
434 switch (mid->midState) {
435 case MID_RESPONSE_RECEIVED:
436 spin_unlock(&GlobalMid_Lock);
438 case MID_RETRY_NEEDED:
441 case MID_RESPONSE_MALFORMED:
448 list_del_init(&mid->qhead);
449 cERROR(1, "%s: invalid mid state mid=%d state=%d", __func__,
450 mid->mid, mid->midState);
453 spin_unlock(&GlobalMid_Lock);
455 DeleteMidQEntry(mid);
460 * An NT cancel request header looks just like the original request except:
462 * The Command is SMB_COM_NT_CANCEL
463 * The WordCount is zeroed out
464 * The ByteCount is zeroed out
466 * This function mangles an existing request buffer into a
467 * SMB_COM_NT_CANCEL request and then sends it.
470 send_nt_cancel(struct TCP_Server_Info *server, struct smb_hdr *in_buf,
471 struct mid_q_entry *mid)
475 /* -4 for RFC1001 length and +2 for BCC field */
476 in_buf->smb_buf_length = cpu_to_be32(sizeof(struct smb_hdr) - 4 + 2);
477 in_buf->Command = SMB_COM_NT_CANCEL;
478 in_buf->WordCount = 0;
481 mutex_lock(&server->srv_mutex);
482 rc = cifs_sign_smb(in_buf, server, &mid->sequence_number);
484 mutex_unlock(&server->srv_mutex);
489 * The response to this call was already factored into the sequence
490 * number when the call went out, so we must adjust it back downward
491 * after signing here.
493 --server->sequence_number;
494 rc = smb_send(server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
495 mutex_unlock(&server->srv_mutex);
497 cFYI(1, "issued NT_CANCEL for mid %u, rc = %d",
504 cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
507 unsigned int len = be32_to_cpu(mid->resp_buf->smb_buf_length) + 4;
509 dump_smb(mid->resp_buf, min_t(u32, 92, len));
511 /* convert the length into a more usable form */
512 if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
515 iov.iov_base = mid->resp_buf;
517 /* FIXME: add code to kill session */
518 if (cifs_verify_signature(&iov, 1, server,
519 mid->sequence_number + 1) != 0)
520 cERROR(1, "Unexpected SMB signature");
523 /* BB special case reconnect tid and uid here? */
524 return map_smb_to_linux_error(mid->resp_buf, log_error);
528 SendReceive2(const unsigned int xid, struct cifs_ses *ses,
529 struct kvec *iov, int n_vec, int *pRespBufType /* ret */,
534 struct mid_q_entry *midQ;
535 struct smb_hdr *in_buf = iov[0].iov_base;
537 long_op = flags & CIFS_TIMEOUT_MASK;
539 *pRespBufType = CIFS_NO_BUFFER; /* no response buf yet */
541 if ((ses == NULL) || (ses->server == NULL)) {
542 cifs_small_buf_release(in_buf);
543 cERROR(1, "Null session");
547 if (ses->server->tcpStatus == CifsExiting) {
548 cifs_small_buf_release(in_buf);
552 /* Ensure that we do not send more than 50 overlapping requests
553 to the same server. We may make this configurable later or
556 rc = wait_for_free_request(ses->server, long_op);
558 cifs_small_buf_release(in_buf);
562 /* make sure that we sign in the same order that we send on this socket
563 and avoid races inside tcp sendmsg code that could cause corruption
566 mutex_lock(&ses->server->srv_mutex);
568 rc = allocate_mid(ses, in_buf, &midQ);
570 mutex_unlock(&ses->server->srv_mutex);
571 cifs_small_buf_release(in_buf);
572 /* Update # of requests on wire to server */
573 atomic_dec(&ses->server->inFlight);
574 wake_up(&ses->server->request_q);
577 rc = cifs_sign_smb2(iov, n_vec, ses->server, &midQ->sequence_number);
579 mutex_unlock(&ses->server->srv_mutex);
580 cifs_small_buf_release(in_buf);
584 midQ->midState = MID_REQUEST_SUBMITTED;
585 cifs_in_send_inc(ses->server);
586 rc = smb_sendv(ses->server, iov, n_vec);
587 cifs_in_send_dec(ses->server);
588 cifs_save_when_sent(midQ);
590 mutex_unlock(&ses->server->srv_mutex);
593 cifs_small_buf_release(in_buf);
597 if (long_op == CIFS_ASYNC_OP) {
598 cifs_small_buf_release(in_buf);
602 rc = wait_for_response(ses->server, midQ);
604 send_nt_cancel(ses->server, in_buf, midQ);
605 spin_lock(&GlobalMid_Lock);
606 if (midQ->midState == MID_REQUEST_SUBMITTED) {
607 midQ->callback = DeleteMidQEntry;
608 spin_unlock(&GlobalMid_Lock);
609 cifs_small_buf_release(in_buf);
610 atomic_dec(&ses->server->inFlight);
611 wake_up(&ses->server->request_q);
614 spin_unlock(&GlobalMid_Lock);
617 cifs_small_buf_release(in_buf);
619 rc = cifs_sync_mid_result(midQ, ses->server);
621 atomic_dec(&ses->server->inFlight);
622 wake_up(&ses->server->request_q);
626 if (!midQ->resp_buf || midQ->midState != MID_RESPONSE_RECEIVED) {
628 cFYI(1, "Bad MID state?");
632 iov[0].iov_base = (char *)midQ->resp_buf;
633 iov[0].iov_len = be32_to_cpu(midQ->resp_buf->smb_buf_length) + 4;
635 *pRespBufType = CIFS_LARGE_BUFFER;
637 *pRespBufType = CIFS_SMALL_BUFFER;
639 rc = cifs_check_receive(midQ, ses->server, flags & CIFS_LOG_ERROR);
641 /* mark it so buf will not be freed by delete_mid */
642 if ((flags & CIFS_NO_RESP) == 0)
643 midQ->resp_buf = NULL;
646 atomic_dec(&ses->server->inFlight);
647 wake_up(&ses->server->request_q);
653 SendReceive(const unsigned int xid, struct cifs_ses *ses,
654 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
655 int *pbytes_returned, const int long_op)
658 struct mid_q_entry *midQ;
661 cERROR(1, "Null smb session");
664 if (ses->server == NULL) {
665 cERROR(1, "Null tcp session");
669 if (ses->server->tcpStatus == CifsExiting)
672 /* Ensure that we do not send more than 50 overlapping requests
673 to the same server. We may make this configurable later or
676 if (be32_to_cpu(in_buf->smb_buf_length) > CIFSMaxBufSize +
677 MAX_CIFS_HDR_SIZE - 4) {
678 cERROR(1, "Illegal length, greater than maximum frame, %d",
679 be32_to_cpu(in_buf->smb_buf_length));
683 rc = wait_for_free_request(ses->server, long_op);
687 /* make sure that we sign in the same order that we send on this socket
688 and avoid races inside tcp sendmsg code that could cause corruption
691 mutex_lock(&ses->server->srv_mutex);
693 rc = allocate_mid(ses, in_buf, &midQ);
695 mutex_unlock(&ses->server->srv_mutex);
696 /* Update # of requests on wire to server */
697 atomic_dec(&ses->server->inFlight);
698 wake_up(&ses->server->request_q);
702 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
704 mutex_unlock(&ses->server->srv_mutex);
708 midQ->midState = MID_REQUEST_SUBMITTED;
710 cifs_in_send_inc(ses->server);
711 rc = smb_send(ses->server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
712 cifs_in_send_dec(ses->server);
713 cifs_save_when_sent(midQ);
714 mutex_unlock(&ses->server->srv_mutex);
719 if (long_op == CIFS_ASYNC_OP)
722 rc = wait_for_response(ses->server, midQ);
724 send_nt_cancel(ses->server, in_buf, midQ);
725 spin_lock(&GlobalMid_Lock);
726 if (midQ->midState == MID_REQUEST_SUBMITTED) {
727 /* no longer considered to be "in-flight" */
728 midQ->callback = DeleteMidQEntry;
729 spin_unlock(&GlobalMid_Lock);
730 atomic_dec(&ses->server->inFlight);
731 wake_up(&ses->server->request_q);
734 spin_unlock(&GlobalMid_Lock);
737 rc = cifs_sync_mid_result(midQ, ses->server);
739 atomic_dec(&ses->server->inFlight);
740 wake_up(&ses->server->request_q);
744 if (!midQ->resp_buf || !out_buf ||
745 midQ->midState != MID_RESPONSE_RECEIVED) {
747 cERROR(1, "Bad MID state?");
751 *pbytes_returned = be32_to_cpu(midQ->resp_buf->smb_buf_length);
752 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
753 rc = cifs_check_receive(midQ, ses->server, 0);
756 atomic_dec(&ses->server->inFlight);
757 wake_up(&ses->server->request_q);
762 /* We send a LOCKINGX_CANCEL_LOCK to cause the Windows
763 blocking lock to return. */
766 send_lock_cancel(const unsigned int xid, struct cifs_tcon *tcon,
767 struct smb_hdr *in_buf,
768 struct smb_hdr *out_buf)
771 struct cifs_ses *ses = tcon->ses;
772 LOCK_REQ *pSMB = (LOCK_REQ *)in_buf;
774 /* We just modify the current in_buf to change
775 the type of lock from LOCKING_ANDX_SHARED_LOCK
776 or LOCKING_ANDX_EXCLUSIVE_LOCK to
777 LOCKING_ANDX_CANCEL_LOCK. */
779 pSMB->LockType = LOCKING_ANDX_CANCEL_LOCK|LOCKING_ANDX_LARGE_FILES;
781 pSMB->hdr.Mid = GetNextMid(ses->server);
783 return SendReceive(xid, ses, in_buf, out_buf,
788 SendReceiveBlockingLock(const unsigned int xid, struct cifs_tcon *tcon,
789 struct smb_hdr *in_buf, struct smb_hdr *out_buf,
790 int *pbytes_returned)
794 struct mid_q_entry *midQ;
795 struct cifs_ses *ses;
797 if (tcon == NULL || tcon->ses == NULL) {
798 cERROR(1, "Null smb session");
803 if (ses->server == NULL) {
804 cERROR(1, "Null tcp session");
808 if (ses->server->tcpStatus == CifsExiting)
811 /* Ensure that we do not send more than 50 overlapping requests
812 to the same server. We may make this configurable later or
815 if (be32_to_cpu(in_buf->smb_buf_length) > CIFSMaxBufSize +
816 MAX_CIFS_HDR_SIZE - 4) {
817 cERROR(1, "Illegal length, greater than maximum frame, %d",
818 be32_to_cpu(in_buf->smb_buf_length));
822 rc = wait_for_free_request(ses->server, CIFS_BLOCKING_OP);
826 /* make sure that we sign in the same order that we send on this socket
827 and avoid races inside tcp sendmsg code that could cause corruption
830 mutex_lock(&ses->server->srv_mutex);
832 rc = allocate_mid(ses, in_buf, &midQ);
834 mutex_unlock(&ses->server->srv_mutex);
838 rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number);
841 mutex_unlock(&ses->server->srv_mutex);
845 midQ->midState = MID_REQUEST_SUBMITTED;
846 cifs_in_send_inc(ses->server);
847 rc = smb_send(ses->server, in_buf, be32_to_cpu(in_buf->smb_buf_length));
848 cifs_in_send_dec(ses->server);
849 cifs_save_when_sent(midQ);
850 mutex_unlock(&ses->server->srv_mutex);
857 /* Wait for a reply - allow signals to interrupt. */
858 rc = wait_event_interruptible(ses->server->response_q,
859 (!(midQ->midState == MID_REQUEST_SUBMITTED)) ||
860 ((ses->server->tcpStatus != CifsGood) &&
861 (ses->server->tcpStatus != CifsNew)));
863 /* Were we interrupted by a signal ? */
864 if ((rc == -ERESTARTSYS) &&
865 (midQ->midState == MID_REQUEST_SUBMITTED) &&
866 ((ses->server->tcpStatus == CifsGood) ||
867 (ses->server->tcpStatus == CifsNew))) {
869 if (in_buf->Command == SMB_COM_TRANSACTION2) {
870 /* POSIX lock. We send a NT_CANCEL SMB to cause the
871 blocking lock to return. */
872 rc = send_nt_cancel(ses->server, in_buf, midQ);
878 /* Windows lock. We send a LOCKINGX_CANCEL_LOCK
879 to cause the blocking lock to return. */
881 rc = send_lock_cancel(xid, tcon, in_buf, out_buf);
883 /* If we get -ENOLCK back the lock may have
884 already been removed. Don't exit in this case. */
885 if (rc && rc != -ENOLCK) {
891 rc = wait_for_response(ses->server, midQ);
893 send_nt_cancel(ses->server, in_buf, midQ);
894 spin_lock(&GlobalMid_Lock);
895 if (midQ->midState == MID_REQUEST_SUBMITTED) {
896 /* no longer considered to be "in-flight" */
897 midQ->callback = DeleteMidQEntry;
898 spin_unlock(&GlobalMid_Lock);
901 spin_unlock(&GlobalMid_Lock);
904 /* We got the response - restart system call. */
908 rc = cifs_sync_mid_result(midQ, ses->server);
912 /* rcvd frame is ok */
913 if (out_buf == NULL || midQ->midState != MID_RESPONSE_RECEIVED) {
915 cERROR(1, "Bad MID state?");
919 *pbytes_returned = be32_to_cpu(midQ->resp_buf->smb_buf_length);
920 memcpy(out_buf, midQ->resp_buf, *pbytes_returned + 4);
921 rc = cifs_check_receive(midQ, ses->server, 0);
924 if (rstart && rc == -EACCES)