cifs: all initializations for tcon should happen in tcon_info_alloc
authorShyam Prasad N <sprasad@microsoft.com>
Mon, 30 Jun 2025 17:39:34 +0000 (23:09 +0530)
committerSteve French <stfrench@microsoft.com>
Mon, 30 Jun 2025 19:44:44 +0000 (14:44 -0500)
Today, a few work structs inside tcon are initialized inside
cifs_get_tcon and not in tcon_info_alloc. As a result, if a tcon
is obtained from tcon_info_alloc, but not called as a part of
cifs_get_tcon, we may trip over.

Cc: <stable@vger.kernel.org>
Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
Reviewed-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/smb/client/cifsproto.h
fs/smb/client/connect.c
fs/smb/client/misc.c

index 66093fa78aed7dd393fec5b2438f5eabd4d2522f..045227ed4efc96c9b8d84550c7b2bebae1386dc6 100644 (file)
@@ -136,6 +136,7 @@ extern int SendReceiveBlockingLock(const unsigned int xid,
                        struct smb_hdr *out_buf,
                        int *bytes_returned);
 
+void smb2_query_server_interfaces(struct work_struct *work);
 void
 cifs_signal_cifsd_for_reconnect(struct TCP_Server_Info *server,
                                      bool all_channels);
index 685c65dcb8c41f40f680016e60957504e51bac1b..484b677143fd8054b21b4b7aa67d3034974ee197 100644 (file)
@@ -97,7 +97,7 @@ static int reconn_set_ipaddr_from_hostname(struct TCP_Server_Info *server)
        return rc;
 }
 
-static void smb2_query_server_interfaces(struct work_struct *work)
+void smb2_query_server_interfaces(struct work_struct *work)
 {
        int rc;
        int xid;
@@ -2880,20 +2880,14 @@ cifs_get_tcon(struct cifs_ses *ses, struct smb3_fs_context *ctx)
        tcon->max_cached_dirs = ctx->max_cached_dirs;
        tcon->nodelete = ctx->nodelete;
        tcon->local_lease = ctx->local_lease;
-       INIT_LIST_HEAD(&tcon->pending_opens);
        tcon->status = TID_GOOD;
 
-       INIT_DELAYED_WORK(&tcon->query_interfaces,
-                         smb2_query_server_interfaces);
        if (ses->server->dialect >= SMB30_PROT_ID &&
            (ses->server->capabilities & SMB2_GLOBAL_CAP_MULTI_CHANNEL)) {
                /* schedule query interfaces poll */
                queue_delayed_work(cifsiod_wq, &tcon->query_interfaces,
                                   (SMB_INTERFACE_POLL_INTERVAL * HZ));
        }
-#ifdef CONFIG_CIFS_DFS_UPCALL
-       INIT_DELAYED_WORK(&tcon->dfs_cache_work, dfs_cache_refresh);
-#endif
        spin_lock(&cifs_tcp_ses_lock);
        list_add(&tcon->tcon_list, &ses->tcon_list);
        spin_unlock(&cifs_tcp_ses_lock);
index e77017f470845f9763516651b273ebd7b688f974..da23cc12a52caa19dc2810a49ae368d7e787febe 100644 (file)
@@ -151,6 +151,12 @@ tcon_info_alloc(bool dir_leases_enabled, enum smb3_tcon_ref_trace trace)
 #ifdef CONFIG_CIFS_DFS_UPCALL
        INIT_LIST_HEAD(&ret_buf->dfs_ses_list);
 #endif
+       INIT_LIST_HEAD(&ret_buf->pending_opens);
+       INIT_DELAYED_WORK(&ret_buf->query_interfaces,
+                         smb2_query_server_interfaces);
+#ifdef CONFIG_CIFS_DFS_UPCALL
+       INIT_DELAYED_WORK(&ret_buf->dfs_cache_work, dfs_cache_refresh);
+#endif
 
        return ret_buf;
 }