diff options
author | Pavel Shilovsky <piastry@etersoft.ru> | 2014-02-14 13:31:02 +0400 |
---|---|---|
committer | Steve French <smfrench@gmail.com> | 2014-02-14 16:50:47 -0600 |
commit | 2365c4eaf077c48574ab6f143960048fc0f31518 (patch) | |
tree | d710354608b5fe6a559dc5c0045ab0e6104ffe28 /fs/cifs/smb2pdu.c | |
parent | 5d81de8e8667da7135d3a32a964087c0faf5483f (diff) | |
download | linux-2365c4eaf077c48574ab6f143960048fc0f31518.tar.bz2 |
CIFS: Fix too big maxBuf size for SMB3 mounts
SMB3 servers can respond with MaxTransactSize of more than 4M
that can cause a memory allocation error returned from kmalloc
in a lock codepath. Also the client doesn't support multicredit
requests now and allows buffer sizes of 65536 bytes only. Set
MaxTransactSize to this maximum supported value.
Cc: stable@vger.kernel.org # 3.7+
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'fs/cifs/smb2pdu.c')
-rw-r--r-- | fs/cifs/smb2pdu.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index a3f7a9c3cc69..860344701067 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -413,7 +413,9 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses) /* SMB2 only has an extended negflavor */ server->negflavor = CIFS_NEGFLAVOR_EXTENDED; - server->maxBuf = le32_to_cpu(rsp->MaxTransactSize); + /* set it to the maximum buffer size value we can send with 1 credit */ + server->maxBuf = min_t(unsigned int, le32_to_cpu(rsp->MaxTransactSize), + SMB2_MAX_BUFFER_SIZE); server->max_read = le32_to_cpu(rsp->MaxReadSize); server->max_write = le32_to_cpu(rsp->MaxWriteSize); /* BB Do we need to validate the SecurityMode? */ |