The global max_connections check in ksmbd's TCP accept path counts
the newly accepted connection with atomic_inc_return(), but then
rejects the connection when the result is greater than or equal to
server_conf.max_connections.

That makes the effective limit one smaller than configured. For
example:

- max_connections=1 rejects the first connection
- max_connections=2 allows only one connection

The per-IP limit in the same function uses <= correctly because it
counts only pre-existing connections. The global limit instead checks
the post-increment total, so it should reject only when that total
exceeds the configured maximum.

Fix this by changing the comparison from >= to >, so exactly
max_connections simultaneous connections are allowed and the next one
is rejected. This matches the documented meaning of max_connections
in fs/smb/server/ksmbd_netlink.h as the "Number of maximum simultaneous
connections".

Fixes: 0d0d4680db22 ("ksmbd: add max connections parameter")
Cc: stable@vger.kernel.org
Signed-off-by: DaeMyung Kang <charsyam@gmail.com>
---
 fs/smb/server/transport_tcp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/smb/server/transport_tcp.c b/fs/smb/server/transport_tcp.c
index 7e29b06820e2..5e85341698c7 100644
--- a/fs/smb/server/transport_tcp.c
+++ b/fs/smb/server/transport_tcp.c
@@ -279,7 +279,7 @@ static int ksmbd_kthread_fn(void *p)
 
 skip_max_ip_conns_limit:
 		if (server_conf.max_connections &&
-		    atomic_inc_return(&active_num_conn) >= server_conf.max_connections) {
+		    atomic_inc_return(&active_num_conn) > server_conf.max_connections) {
 			pr_info_ratelimited("Limit the maximum number of connections(%u)\n",
 					    atomic_read(&active_num_conn));
 			atomic_dec(&active_num_conn);
-- 
2.43.0

On Fri, Apr 17, 2026 at 6:17 AM DaeMyung Kang <charsyam@gmail.com> wrote:
>
> The global max_connections check in ksmbd's TCP accept path counts
> the newly accepted connection with atomic_inc_return(), but then
> rejects the connection when the result is greater than or equal to
> server_conf.max_connections.
>
> That makes the effective limit one smaller than configured. For
> example:
>
> - max_connections=1 rejects the first connection
> - max_connections=2 allows only one connection
>
> The per-IP limit in the same function uses <= correctly because it
> counts only pre-existing connections. The global limit instead checks
> the post-increment total, so it should reject only when that total
> exceeds the configured maximum.
>
> Fix this by changing the comparison from >= to >, so exactly
> max_connections simultaneous connections are allowed and the next one
> is rejected. This matches the documented meaning of max_connections
> in fs/smb/server/ksmbd_netlink.h as the "Number of maximum simultaneous
> connections".
>
> Fixes: 0d0d4680db22 ("ksmbd: add max connections parameter")
> Cc: stable@vger.kernel.org
> Signed-off-by: DaeMyung Kang <charsyam@gmail.com>
Applied it to #ksmbd-for-next-next.
Thanks!