From 690f969705138b235b9fa4c4d19e5129ed54a845 Mon Sep 17 00:00:00 2001
From: Namjae Jeon <namjae.jeon@samsung.com>
Date: Sat, 3 Jul 2021 08:00:06 +0900
Subject: [PATCH] ksmbd: fix kernel oops in ksmbd_rpc_ioctl/rap()

"ksmbd: remove macros in transport_ipc.c" commit change msg to req in
ksmbd_rpc_ioctl/rap(). This will cause kernel oops when running smbclient
-L test.

Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
---
 fs/ksmbd/transport_ipc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/ksmbd/transport_ipc.c b/fs/ksmbd/transport_ipc.c
index ca5099118fdf3..44aea33a67fa7 100644
--- a/fs/ksmbd/transport_ipc.c
+++ b/fs/ksmbd/transport_ipc.c
@@ -752,7 +752,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_ioctl(struct ksmbd_session *sess, int handle
 		return NULL;
 
 	msg->type = KSMBD_EVENT_RPC_REQUEST;
-	req = (struct ksmbd_rpc_command *)req->payload;
+	req = (struct ksmbd_rpc_command *)msg->payload;
 	req->handle = handle;
 	req->flags = ksmbd_session_rpc_method(sess, handle);
 	req->flags |= rpc_context_flags(sess);
@@ -777,7 +777,7 @@ struct ksmbd_rpc_command *ksmbd_rpc_rap(struct ksmbd_session *sess, void *payloa
 		return NULL;
 
 	msg->type = KSMBD_EVENT_RPC_REQUEST;
-	req = (struct ksmbd_rpc_command *)req->payload;
+	req = (struct ksmbd_rpc_command *)msg->payload;
 	req->handle = ksmbd_acquire_id(&ipc_ida);
 	req->flags = rpc_context_flags(sess);
 	req->flags |= KSMBD_RPC_RAP_METHOD;