• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2011
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/sched/signal.h>
25 #include <linux/list.h>
26 #include <linux/wait.h>
27 #include <linux/slab.h>
28 #include <linux/pagemap.h>
29 #include <linux/ctype.h>
30 #include <linux/utsname.h>
31 #include <linux/mempool.h>
32 #include <linux/delay.h>
33 #include <linux/completion.h>
34 #include <linux/kthread.h>
35 #include <linux/pagevec.h>
36 #include <linux/freezer.h>
37 #include <linux/namei.h>
38 #include <linux/uuid.h>
39 #include <linux/uaccess.h>
40 #include <asm/processor.h>
41 #include <linux/inet.h>
42 #include <linux/module.h>
43 #include <keys/user-type.h>
44 #include <net/ipv6.h>
45 #include <linux/parser.h>
46 #include <linux/bvec.h>
47 
48 #include "cifspdu.h"
49 #include "cifsglob.h"
50 #include "cifsproto.h"
51 #include "cifs_unicode.h"
52 #include "cifs_debug.h"
53 #include "cifs_fs_sb.h"
54 #include "dns_resolve.h"
55 #include "ntlmssp.h"
56 #include "nterr.h"
57 #include "rfc1002pdu.h"
58 #include "fscache.h"
59 #include "smb2proto.h"
60 
61 #define CIFS_PORT 445
62 #define RFC1001_PORT 139
63 
64 extern mempool_t *cifs_req_poolp;
65 
66 /* FIXME: should these be tunable? */
67 #define TLINK_ERROR_EXPIRE	(1 * HZ)
68 #define TLINK_IDLE_EXPIRE	(600 * HZ)
69 
70 enum {
71 	/* Mount options that take no arguments */
72 	Opt_user_xattr, Opt_nouser_xattr,
73 	Opt_forceuid, Opt_noforceuid,
74 	Opt_forcegid, Opt_noforcegid,
75 	Opt_noblocksend, Opt_noautotune,
76 	Opt_hard, Opt_soft, Opt_perm, Opt_noperm,
77 	Opt_mapposix, Opt_nomapposix,
78 	Opt_mapchars, Opt_nomapchars, Opt_sfu,
79 	Opt_nosfu, Opt_nodfs, Opt_posixpaths,
80 	Opt_noposixpaths, Opt_nounix,
81 	Opt_nocase,
82 	Opt_brl, Opt_nobrl,
83 	Opt_forcemandatorylock, Opt_setuidfromacl, Opt_setuids,
84 	Opt_nosetuids, Opt_dynperm, Opt_nodynperm,
85 	Opt_nohard, Opt_nosoft,
86 	Opt_nointr, Opt_intr,
87 	Opt_nostrictsync, Opt_strictsync,
88 	Opt_serverino, Opt_noserverino,
89 	Opt_rwpidforward, Opt_cifsacl, Opt_nocifsacl,
90 	Opt_acl, Opt_noacl, Opt_locallease,
91 	Opt_sign, Opt_seal, Opt_noac,
92 	Opt_fsc, Opt_mfsymlinks,
93 	Opt_multiuser, Opt_sloppy, Opt_nosharesock,
94 	Opt_persistent, Opt_nopersistent,
95 	Opt_resilient, Opt_noresilient,
96 	Opt_domainauto,
97 
98 	/* Mount options which take numeric value */
99 	Opt_backupuid, Opt_backupgid, Opt_uid,
100 	Opt_cruid, Opt_gid, Opt_file_mode,
101 	Opt_dirmode, Opt_port,
102 	Opt_rsize, Opt_wsize, Opt_actimeo,
103 	Opt_echo_interval, Opt_max_credits,
104 	Opt_snapshot,
105 
106 	/* Mount options which take string value */
107 	Opt_user, Opt_pass, Opt_ip,
108 	Opt_domain, Opt_srcaddr, Opt_iocharset,
109 	Opt_netbiosname, Opt_servern,
110 	Opt_ver, Opt_vers, Opt_sec, Opt_cache,
111 
112 	/* Mount options to be ignored */
113 	Opt_ignore,
114 
115 	/* Options which could be blank */
116 	Opt_blank_pass,
117 	Opt_blank_user,
118 	Opt_blank_ip,
119 
120 	Opt_err
121 };
122 
123 static const match_table_t cifs_mount_option_tokens = {
124 
125 	{ Opt_user_xattr, "user_xattr" },
126 	{ Opt_nouser_xattr, "nouser_xattr" },
127 	{ Opt_forceuid, "forceuid" },
128 	{ Opt_noforceuid, "noforceuid" },
129 	{ Opt_forcegid, "forcegid" },
130 	{ Opt_noforcegid, "noforcegid" },
131 	{ Opt_noblocksend, "noblocksend" },
132 	{ Opt_noautotune, "noautotune" },
133 	{ Opt_hard, "hard" },
134 	{ Opt_soft, "soft" },
135 	{ Opt_perm, "perm" },
136 	{ Opt_noperm, "noperm" },
137 	{ Opt_mapchars, "mapchars" }, /* SFU style */
138 	{ Opt_nomapchars, "nomapchars" },
139 	{ Opt_mapposix, "mapposix" }, /* SFM style */
140 	{ Opt_nomapposix, "nomapposix" },
141 	{ Opt_sfu, "sfu" },
142 	{ Opt_nosfu, "nosfu" },
143 	{ Opt_nodfs, "nodfs" },
144 	{ Opt_posixpaths, "posixpaths" },
145 	{ Opt_noposixpaths, "noposixpaths" },
146 	{ Opt_nounix, "nounix" },
147 	{ Opt_nounix, "nolinux" },
148 	{ Opt_nocase, "nocase" },
149 	{ Opt_nocase, "ignorecase" },
150 	{ Opt_brl, "brl" },
151 	{ Opt_nobrl, "nobrl" },
152 	{ Opt_nobrl, "nolock" },
153 	{ Opt_forcemandatorylock, "forcemandatorylock" },
154 	{ Opt_forcemandatorylock, "forcemand" },
155 	{ Opt_setuids, "setuids" },
156 	{ Opt_nosetuids, "nosetuids" },
157 	{ Opt_setuidfromacl, "idsfromsid" },
158 	{ Opt_dynperm, "dynperm" },
159 	{ Opt_nodynperm, "nodynperm" },
160 	{ Opt_nohard, "nohard" },
161 	{ Opt_nosoft, "nosoft" },
162 	{ Opt_nointr, "nointr" },
163 	{ Opt_intr, "intr" },
164 	{ Opt_nostrictsync, "nostrictsync" },
165 	{ Opt_strictsync, "strictsync" },
166 	{ Opt_serverino, "serverino" },
167 	{ Opt_noserverino, "noserverino" },
168 	{ Opt_rwpidforward, "rwpidforward" },
169 	{ Opt_cifsacl, "cifsacl" },
170 	{ Opt_nocifsacl, "nocifsacl" },
171 	{ Opt_acl, "acl" },
172 	{ Opt_noacl, "noacl" },
173 	{ Opt_locallease, "locallease" },
174 	{ Opt_sign, "sign" },
175 	{ Opt_seal, "seal" },
176 	{ Opt_noac, "noac" },
177 	{ Opt_fsc, "fsc" },
178 	{ Opt_mfsymlinks, "mfsymlinks" },
179 	{ Opt_multiuser, "multiuser" },
180 	{ Opt_sloppy, "sloppy" },
181 	{ Opt_nosharesock, "nosharesock" },
182 	{ Opt_persistent, "persistenthandles"},
183 	{ Opt_nopersistent, "nopersistenthandles"},
184 	{ Opt_resilient, "resilienthandles"},
185 	{ Opt_noresilient, "noresilienthandles"},
186 	{ Opt_domainauto, "domainauto"},
187 
188 	{ Opt_backupuid, "backupuid=%s" },
189 	{ Opt_backupgid, "backupgid=%s" },
190 	{ Opt_uid, "uid=%s" },
191 	{ Opt_cruid, "cruid=%s" },
192 	{ Opt_gid, "gid=%s" },
193 	{ Opt_file_mode, "file_mode=%s" },
194 	{ Opt_dirmode, "dirmode=%s" },
195 	{ Opt_dirmode, "dir_mode=%s" },
196 	{ Opt_port, "port=%s" },
197 	{ Opt_rsize, "rsize=%s" },
198 	{ Opt_wsize, "wsize=%s" },
199 	{ Opt_actimeo, "actimeo=%s" },
200 	{ Opt_echo_interval, "echo_interval=%s" },
201 	{ Opt_max_credits, "max_credits=%s" },
202 	{ Opt_snapshot, "snapshot=%s" },
203 
204 	{ Opt_blank_user, "user=" },
205 	{ Opt_blank_user, "username=" },
206 	{ Opt_user, "user=%s" },
207 	{ Opt_user, "username=%s" },
208 	{ Opt_blank_pass, "pass=" },
209 	{ Opt_blank_pass, "password=" },
210 	{ Opt_pass, "pass=%s" },
211 	{ Opt_pass, "password=%s" },
212 	{ Opt_blank_ip, "ip=" },
213 	{ Opt_blank_ip, "addr=" },
214 	{ Opt_ip, "ip=%s" },
215 	{ Opt_ip, "addr=%s" },
216 	{ Opt_ignore, "unc=%s" },
217 	{ Opt_ignore, "target=%s" },
218 	{ Opt_ignore, "path=%s" },
219 	{ Opt_domain, "dom=%s" },
220 	{ Opt_domain, "domain=%s" },
221 	{ Opt_domain, "workgroup=%s" },
222 	{ Opt_srcaddr, "srcaddr=%s" },
223 	{ Opt_ignore, "prefixpath=%s" },
224 	{ Opt_iocharset, "iocharset=%s" },
225 	{ Opt_netbiosname, "netbiosname=%s" },
226 	{ Opt_servern, "servern=%s" },
227 	{ Opt_ver, "ver=%s" },
228 	{ Opt_vers, "vers=%s" },
229 	{ Opt_sec, "sec=%s" },
230 	{ Opt_cache, "cache=%s" },
231 
232 	{ Opt_ignore, "cred" },
233 	{ Opt_ignore, "credentials" },
234 	{ Opt_ignore, "cred=%s" },
235 	{ Opt_ignore, "credentials=%s" },
236 	{ Opt_ignore, "guest" },
237 	{ Opt_ignore, "rw" },
238 	{ Opt_ignore, "ro" },
239 	{ Opt_ignore, "suid" },
240 	{ Opt_ignore, "nosuid" },
241 	{ Opt_ignore, "exec" },
242 	{ Opt_ignore, "noexec" },
243 	{ Opt_ignore, "nodev" },
244 	{ Opt_ignore, "noauto" },
245 	{ Opt_ignore, "dev" },
246 	{ Opt_ignore, "mand" },
247 	{ Opt_ignore, "nomand" },
248 	{ Opt_ignore, "_netdev" },
249 
250 	{ Opt_err, NULL }
251 };
252 
253 enum {
254 	Opt_sec_krb5, Opt_sec_krb5i, Opt_sec_krb5p,
255 	Opt_sec_ntlmsspi, Opt_sec_ntlmssp,
256 	Opt_ntlm, Opt_sec_ntlmi, Opt_sec_ntlmv2,
257 	Opt_sec_ntlmv2i, Opt_sec_lanman,
258 	Opt_sec_none,
259 
260 	Opt_sec_err
261 };
262 
263 static const match_table_t cifs_secflavor_tokens = {
264 	{ Opt_sec_krb5, "krb5" },
265 	{ Opt_sec_krb5i, "krb5i" },
266 	{ Opt_sec_krb5p, "krb5p" },
267 	{ Opt_sec_ntlmsspi, "ntlmsspi" },
268 	{ Opt_sec_ntlmssp, "ntlmssp" },
269 	{ Opt_ntlm, "ntlm" },
270 	{ Opt_sec_ntlmi, "ntlmi" },
271 	{ Opt_sec_ntlmv2, "nontlm" },
272 	{ Opt_sec_ntlmv2, "ntlmv2" },
273 	{ Opt_sec_ntlmv2i, "ntlmv2i" },
274 	{ Opt_sec_lanman, "lanman" },
275 	{ Opt_sec_none, "none" },
276 
277 	{ Opt_sec_err, NULL }
278 };
279 
280 /* cache flavors */
281 enum {
282 	Opt_cache_loose,
283 	Opt_cache_strict,
284 	Opt_cache_none,
285 	Opt_cache_err
286 };
287 
288 static const match_table_t cifs_cacheflavor_tokens = {
289 	{ Opt_cache_loose, "loose" },
290 	{ Opt_cache_strict, "strict" },
291 	{ Opt_cache_none, "none" },
292 	{ Opt_cache_err, NULL }
293 };
294 
295 static const match_table_t cifs_smb_version_tokens = {
296 	{ Smb_1, SMB1_VERSION_STRING },
297 	{ Smb_20, SMB20_VERSION_STRING},
298 	{ Smb_21, SMB21_VERSION_STRING },
299 	{ Smb_30, SMB30_VERSION_STRING },
300 	{ Smb_302, SMB302_VERSION_STRING },
301 #ifdef CONFIG_CIFS_SMB311
302 	{ Smb_311, SMB311_VERSION_STRING },
303 	{ Smb_311, ALT_SMB311_VERSION_STRING },
304 #endif /* SMB311 */
305 	{ Smb_3any, SMB3ANY_VERSION_STRING },
306 	{ Smb_default, SMBDEFAULT_VERSION_STRING },
307 	{ Smb_version_err, NULL }
308 };
309 
310 static int ip_connect(struct TCP_Server_Info *server);
311 static int generic_ip_connect(struct TCP_Server_Info *server);
312 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
313 static void cifs_prune_tlinks(struct work_struct *work);
314 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
315 					const char *devname);
316 
317 /*
318  * Resolve hostname and set ip addr in tcp ses. Useful for hostnames that may
319  * get their ip addresses changed at some point.
320  *
321  * This should be called with server->srv_mutex held.
322  */
323 #ifdef CONFIG_CIFS_DFS_UPCALL
reconn_set_ipaddr(struct TCP_Server_Info * server)324 static int reconn_set_ipaddr(struct TCP_Server_Info *server)
325 {
326 	int rc;
327 	int len;
328 	char *unc, *ipaddr = NULL;
329 
330 	if (!server->hostname)
331 		return -EINVAL;
332 
333 	len = strlen(server->hostname) + 3;
334 
335 	unc = kmalloc(len, GFP_KERNEL);
336 	if (!unc) {
337 		cifs_dbg(FYI, "%s: failed to create UNC path\n", __func__);
338 		return -ENOMEM;
339 	}
340 	snprintf(unc, len, "\\\\%s", server->hostname);
341 
342 	rc = dns_resolve_server_name_to_ip(unc, &ipaddr);
343 	kfree(unc);
344 
345 	if (rc < 0) {
346 		cifs_dbg(FYI, "%s: failed to resolve server part of %s to IP: %d\n",
347 			 __func__, server->hostname, rc);
348 		return rc;
349 	}
350 
351 	rc = cifs_convert_address((struct sockaddr *)&server->dstaddr, ipaddr,
352 				  strlen(ipaddr));
353 	kfree(ipaddr);
354 
355 	return !rc ? -1 : 0;
356 }
357 #else
reconn_set_ipaddr(struct TCP_Server_Info * server)358 static inline int reconn_set_ipaddr(struct TCP_Server_Info *server)
359 {
360 	return 0;
361 }
362 #endif
363 
364 /*
365  * cifs tcp session reconnection
366  *
367  * mark tcp session as reconnecting so temporarily locked
368  * mark all smb sessions as reconnecting for tcp session
369  * reconnect tcp session
370  * wake up waiters on reconnection? - (not needed currently)
371  */
372 int
cifs_reconnect(struct TCP_Server_Info * server)373 cifs_reconnect(struct TCP_Server_Info *server)
374 {
375 	int rc = 0;
376 	struct list_head *tmp, *tmp2;
377 	struct cifs_ses *ses;
378 	struct cifs_tcon *tcon;
379 	struct mid_q_entry *mid_entry;
380 	struct list_head retry_list;
381 
382 	spin_lock(&GlobalMid_Lock);
383 	if (server->tcpStatus == CifsExiting) {
384 		/* the demux thread will exit normally
385 		next time through the loop */
386 		spin_unlock(&GlobalMid_Lock);
387 		return rc;
388 	} else
389 		server->tcpStatus = CifsNeedReconnect;
390 	spin_unlock(&GlobalMid_Lock);
391 	server->maxBuf = 0;
392 	server->max_read = 0;
393 
394 	cifs_dbg(FYI, "Reconnecting tcp session\n");
395 
396 	/* before reconnecting the tcp session, mark the smb session (uid)
397 		and the tid bad so they are not used until reconnected */
398 	cifs_dbg(FYI, "%s: marking sessions and tcons for reconnect\n",
399 		 __func__);
400 	spin_lock(&cifs_tcp_ses_lock);
401 	list_for_each(tmp, &server->smb_ses_list) {
402 		ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
403 		ses->need_reconnect = true;
404 		ses->ipc_tid = 0;
405 		list_for_each(tmp2, &ses->tcon_list) {
406 			tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
407 			tcon->need_reconnect = true;
408 		}
409 	}
410 	spin_unlock(&cifs_tcp_ses_lock);
411 
412 	/* do not want to be sending data on a socket we are freeing */
413 	cifs_dbg(FYI, "%s: tearing down socket\n", __func__);
414 	mutex_lock(&server->srv_mutex);
415 	if (server->ssocket) {
416 		cifs_dbg(FYI, "State: 0x%x Flags: 0x%lx\n",
417 			 server->ssocket->state, server->ssocket->flags);
418 		kernel_sock_shutdown(server->ssocket, SHUT_WR);
419 		cifs_dbg(FYI, "Post shutdown state: 0x%x Flags: 0x%lx\n",
420 			 server->ssocket->state, server->ssocket->flags);
421 		sock_release(server->ssocket);
422 		server->ssocket = NULL;
423 	}
424 	server->sequence_number = 0;
425 	server->session_estab = false;
426 	kfree(server->session_key.response);
427 	server->session_key.response = NULL;
428 	server->session_key.len = 0;
429 	server->lstrp = jiffies;
430 
431 	/* mark submitted MIDs for retry and issue callback */
432 	INIT_LIST_HEAD(&retry_list);
433 	cifs_dbg(FYI, "%s: moving mids to private list\n", __func__);
434 	spin_lock(&GlobalMid_Lock);
435 	list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
436 		mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
437 		if (mid_entry->mid_state == MID_REQUEST_SUBMITTED)
438 			mid_entry->mid_state = MID_RETRY_NEEDED;
439 		list_move(&mid_entry->qhead, &retry_list);
440 	}
441 	spin_unlock(&GlobalMid_Lock);
442 	mutex_unlock(&server->srv_mutex);
443 
444 	cifs_dbg(FYI, "%s: issuing mid callbacks\n", __func__);
445 	list_for_each_safe(tmp, tmp2, &retry_list) {
446 		mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
447 		list_del_init(&mid_entry->qhead);
448 		mid_entry->callback(mid_entry);
449 	}
450 
451 	do {
452 		try_to_freeze();
453 
454 		/* we should try only the port we connected to before */
455 		mutex_lock(&server->srv_mutex);
456 		rc = generic_ip_connect(server);
457 		if (rc) {
458 			cifs_dbg(FYI, "reconnect error %d\n", rc);
459 			rc = reconn_set_ipaddr(server);
460 			if (rc) {
461 				cifs_dbg(FYI, "%s: failed to resolve hostname: %d\n",
462 					 __func__, rc);
463 			}
464 			mutex_unlock(&server->srv_mutex);
465 			msleep(3000);
466 		} else {
467 			atomic_inc(&tcpSesReconnectCount);
468 			spin_lock(&GlobalMid_Lock);
469 			if (server->tcpStatus != CifsExiting)
470 				server->tcpStatus = CifsNeedNegotiate;
471 			spin_unlock(&GlobalMid_Lock);
472 			mutex_unlock(&server->srv_mutex);
473 		}
474 	} while (server->tcpStatus == CifsNeedReconnect);
475 
476 	if (server->tcpStatus == CifsNeedNegotiate)
477 		mod_delayed_work(cifsiod_wq, &server->echo, 0);
478 
479 	return rc;
480 }
481 
482 static void
cifs_echo_request(struct work_struct * work)483 cifs_echo_request(struct work_struct *work)
484 {
485 	int rc;
486 	struct TCP_Server_Info *server = container_of(work,
487 					struct TCP_Server_Info, echo.work);
488 	unsigned long echo_interval;
489 
490 	/*
491 	 * If we need to renegotiate, set echo interval to zero to
492 	 * immediately call echo service where we can renegotiate.
493 	 */
494 	if (server->tcpStatus == CifsNeedNegotiate)
495 		echo_interval = 0;
496 	else
497 		echo_interval = server->echo_interval;
498 
499 	/*
500 	 * We cannot send an echo if it is disabled.
501 	 * Also, no need to ping if we got a response recently.
502 	 */
503 
504 	if (server->tcpStatus == CifsNeedReconnect ||
505 	    server->tcpStatus == CifsExiting ||
506 	    server->tcpStatus == CifsNew ||
507 	    (server->ops->can_echo && !server->ops->can_echo(server)) ||
508 	    time_before(jiffies, server->lstrp + echo_interval - HZ))
509 		goto requeue_echo;
510 
511 	rc = server->ops->echo ? server->ops->echo(server) : -ENOSYS;
512 	if (rc)
513 		cifs_dbg(FYI, "Unable to send echo request to server: %s\n",
514 			 server->hostname);
515 
516 requeue_echo:
517 	queue_delayed_work(cifsiod_wq, &server->echo, server->echo_interval);
518 }
519 
520 static bool
allocate_buffers(struct TCP_Server_Info * server)521 allocate_buffers(struct TCP_Server_Info *server)
522 {
523 	if (!server->bigbuf) {
524 		server->bigbuf = (char *)cifs_buf_get();
525 		if (!server->bigbuf) {
526 			cifs_dbg(VFS, "No memory for large SMB response\n");
527 			msleep(3000);
528 			/* retry will check if exiting */
529 			return false;
530 		}
531 	} else if (server->large_buf) {
532 		/* we are reusing a dirty large buf, clear its start */
533 		memset(server->bigbuf, 0, HEADER_SIZE(server));
534 	}
535 
536 	if (!server->smallbuf) {
537 		server->smallbuf = (char *)cifs_small_buf_get();
538 		if (!server->smallbuf) {
539 			cifs_dbg(VFS, "No memory for SMB response\n");
540 			msleep(1000);
541 			/* retry will check if exiting */
542 			return false;
543 		}
544 		/* beginning of smb buffer is cleared in our buf_get */
545 	} else {
546 		/* if existing small buf clear beginning */
547 		memset(server->smallbuf, 0, HEADER_SIZE(server));
548 	}
549 
550 	return true;
551 }
552 
553 static bool
server_unresponsive(struct TCP_Server_Info * server)554 server_unresponsive(struct TCP_Server_Info *server)
555 {
556 	/*
557 	 * We need to wait 3 echo intervals to make sure we handle such
558 	 * situations right:
559 	 * 1s  client sends a normal SMB request
560 	 * 3s  client gets a response
561 	 * 30s echo workqueue job pops, and decides we got a response recently
562 	 *     and don't need to send another
563 	 * ...
564 	 * 65s kernel_recvmsg times out, and we see that we haven't gotten
565 	 *     a response in >60s.
566 	 */
567 	if ((server->tcpStatus == CifsGood ||
568 	    server->tcpStatus == CifsNeedNegotiate) &&
569 	    time_after(jiffies, server->lstrp + 3 * server->echo_interval)) {
570 		cifs_dbg(VFS, "Server %s has not responded in %lu seconds. Reconnecting...\n",
571 			 server->hostname, (3 * server->echo_interval) / HZ);
572 		cifs_reconnect(server);
573 		wake_up(&server->response_q);
574 		return true;
575 	}
576 
577 	return false;
578 }
579 
580 static inline bool
zero_credits(struct TCP_Server_Info * server)581 zero_credits(struct TCP_Server_Info *server)
582 {
583 	int val;
584 
585 	spin_lock(&server->req_lock);
586 	val = server->credits + server->echo_credits + server->oplock_credits;
587 	if (server->in_flight == 0 && val == 0) {
588 		spin_unlock(&server->req_lock);
589 		return true;
590 	}
591 	spin_unlock(&server->req_lock);
592 	return false;
593 }
594 
595 static int
cifs_readv_from_socket(struct TCP_Server_Info * server,struct msghdr * smb_msg)596 cifs_readv_from_socket(struct TCP_Server_Info *server, struct msghdr *smb_msg)
597 {
598 	int length = 0;
599 	int total_read;
600 
601 	smb_msg->msg_control = NULL;
602 	smb_msg->msg_controllen = 0;
603 
604 	for (total_read = 0; msg_data_left(smb_msg); total_read += length) {
605 		try_to_freeze();
606 
607 		/* reconnect if no credits and no requests in flight */
608 		if (zero_credits(server)) {
609 			cifs_reconnect(server);
610 			return -ECONNABORTED;
611 		}
612 
613 		if (server_unresponsive(server))
614 			return -ECONNABORTED;
615 
616 		length = sock_recvmsg(server->ssocket, smb_msg, 0);
617 
618 		if (server->tcpStatus == CifsExiting)
619 			return -ESHUTDOWN;
620 
621 		if (server->tcpStatus == CifsNeedReconnect) {
622 			cifs_reconnect(server);
623 			return -ECONNABORTED;
624 		}
625 
626 		if (length == -ERESTARTSYS ||
627 		    length == -EAGAIN ||
628 		    length == -EINTR) {
629 			/*
630 			 * Minimum sleep to prevent looping, allowing socket
631 			 * to clear and app threads to set tcpStatus
632 			 * CifsNeedReconnect if server hung.
633 			 */
634 			usleep_range(1000, 2000);
635 			length = 0;
636 			continue;
637 		}
638 
639 		if (length <= 0) {
640 			cifs_dbg(FYI, "Received no data or error: %d\n", length);
641 			cifs_reconnect(server);
642 			return -ECONNABORTED;
643 		}
644 	}
645 	return total_read;
646 }
647 
648 int
cifs_read_from_socket(struct TCP_Server_Info * server,char * buf,unsigned int to_read)649 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
650 		      unsigned int to_read)
651 {
652 	struct msghdr smb_msg;
653 	struct kvec iov = {.iov_base = buf, .iov_len = to_read};
654 	iov_iter_kvec(&smb_msg.msg_iter, READ | ITER_KVEC, &iov, 1, to_read);
655 
656 	return cifs_readv_from_socket(server, &smb_msg);
657 }
658 
659 int
cifs_read_page_from_socket(struct TCP_Server_Info * server,struct page * page,unsigned int to_read)660 cifs_read_page_from_socket(struct TCP_Server_Info *server, struct page *page,
661 		      unsigned int to_read)
662 {
663 	struct msghdr smb_msg;
664 	struct bio_vec bv = {.bv_page = page, .bv_len = to_read};
665 	iov_iter_bvec(&smb_msg.msg_iter, READ | ITER_BVEC, &bv, 1, to_read);
666 	return cifs_readv_from_socket(server, &smb_msg);
667 }
668 
669 static bool
is_smb_response(struct TCP_Server_Info * server,unsigned char type)670 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
671 {
672 	/*
673 	 * The first byte big endian of the length field,
674 	 * is actually not part of the length but the type
675 	 * with the most common, zero, as regular data.
676 	 */
677 	switch (type) {
678 	case RFC1002_SESSION_MESSAGE:
679 		/* Regular SMB response */
680 		return true;
681 	case RFC1002_SESSION_KEEP_ALIVE:
682 		cifs_dbg(FYI, "RFC 1002 session keep alive\n");
683 		break;
684 	case RFC1002_POSITIVE_SESSION_RESPONSE:
685 		cifs_dbg(FYI, "RFC 1002 positive session response\n");
686 		break;
687 	case RFC1002_NEGATIVE_SESSION_RESPONSE:
688 		/*
689 		 * We get this from Windows 98 instead of an error on
690 		 * SMB negprot response.
691 		 */
692 		cifs_dbg(FYI, "RFC 1002 negative session response\n");
693 		/* give server a second to clean up */
694 		msleep(1000);
695 		/*
696 		 * Always try 445 first on reconnect since we get NACK
697 		 * on some if we ever connected to port 139 (the NACK
698 		 * is since we do not begin with RFC1001 session
699 		 * initialize frame).
700 		 */
701 		cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
702 		cifs_reconnect(server);
703 		wake_up(&server->response_q);
704 		break;
705 	default:
706 		cifs_dbg(VFS, "RFC 1002 unknown response type 0x%x\n", type);
707 		cifs_reconnect(server);
708 	}
709 
710 	return false;
711 }
712 
713 void
dequeue_mid(struct mid_q_entry * mid,bool malformed)714 dequeue_mid(struct mid_q_entry *mid, bool malformed)
715 {
716 #ifdef CONFIG_CIFS_STATS2
717 	mid->when_received = jiffies;
718 #endif
719 	spin_lock(&GlobalMid_Lock);
720 	if (!malformed)
721 		mid->mid_state = MID_RESPONSE_RECEIVED;
722 	else
723 		mid->mid_state = MID_RESPONSE_MALFORMED;
724 	list_del_init(&mid->qhead);
725 	spin_unlock(&GlobalMid_Lock);
726 }
727 
728 static void
handle_mid(struct mid_q_entry * mid,struct TCP_Server_Info * server,char * buf,int malformed)729 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
730 	   char *buf, int malformed)
731 {
732 	if (server->ops->check_trans2 &&
733 	    server->ops->check_trans2(mid, server, buf, malformed))
734 		return;
735 	mid->resp_buf = buf;
736 	mid->large_buf = server->large_buf;
737 	/* Was previous buf put in mpx struct for multi-rsp? */
738 	if (!mid->multiRsp) {
739 		/* smb buffer will be freed by user thread */
740 		if (server->large_buf)
741 			server->bigbuf = NULL;
742 		else
743 			server->smallbuf = NULL;
744 	}
745 	dequeue_mid(mid, malformed);
746 }
747 
clean_demultiplex_info(struct TCP_Server_Info * server)748 static void clean_demultiplex_info(struct TCP_Server_Info *server)
749 {
750 	int length;
751 
752 	/* take it off the list, if it's not already */
753 	spin_lock(&cifs_tcp_ses_lock);
754 	list_del_init(&server->tcp_ses_list);
755 	spin_unlock(&cifs_tcp_ses_lock);
756 
757 	spin_lock(&GlobalMid_Lock);
758 	server->tcpStatus = CifsExiting;
759 	spin_unlock(&GlobalMid_Lock);
760 	wake_up_all(&server->response_q);
761 
762 	/* check if we have blocked requests that need to free */
763 	spin_lock(&server->req_lock);
764 	if (server->credits <= 0)
765 		server->credits = 1;
766 	spin_unlock(&server->req_lock);
767 	/*
768 	 * Although there should not be any requests blocked on this queue it
769 	 * can not hurt to be paranoid and try to wake up requests that may
770 	 * haven been blocked when more than 50 at time were on the wire to the
771 	 * same server - they now will see the session is in exit state and get
772 	 * out of SendReceive.
773 	 */
774 	wake_up_all(&server->request_q);
775 	/* give those requests time to exit */
776 	msleep(125);
777 
778 	if (server->ssocket) {
779 		sock_release(server->ssocket);
780 		server->ssocket = NULL;
781 	}
782 
783 	if (!list_empty(&server->pending_mid_q)) {
784 		struct list_head dispose_list;
785 		struct mid_q_entry *mid_entry;
786 		struct list_head *tmp, *tmp2;
787 
788 		INIT_LIST_HEAD(&dispose_list);
789 		spin_lock(&GlobalMid_Lock);
790 		list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
791 			mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
792 			cifs_dbg(FYI, "Clearing mid 0x%llx\n", mid_entry->mid);
793 			mid_entry->mid_state = MID_SHUTDOWN;
794 			list_move(&mid_entry->qhead, &dispose_list);
795 		}
796 		spin_unlock(&GlobalMid_Lock);
797 
798 		/* now walk dispose list and issue callbacks */
799 		list_for_each_safe(tmp, tmp2, &dispose_list) {
800 			mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
801 			cifs_dbg(FYI, "Callback mid 0x%llx\n", mid_entry->mid);
802 			list_del_init(&mid_entry->qhead);
803 			mid_entry->callback(mid_entry);
804 		}
805 		/* 1/8th of sec is more than enough time for them to exit */
806 		msleep(125);
807 	}
808 
809 	if (!list_empty(&server->pending_mid_q)) {
810 		/*
811 		 * mpx threads have not exited yet give them at least the smb
812 		 * send timeout time for long ops.
813 		 *
814 		 * Due to delays on oplock break requests, we need to wait at
815 		 * least 45 seconds before giving up on a request getting a
816 		 * response and going ahead and killing cifsd.
817 		 */
818 		cifs_dbg(FYI, "Wait for exit from demultiplex thread\n");
819 		msleep(46000);
820 		/*
821 		 * If threads still have not exited they are probably never
822 		 * coming home not much else we can do but free the memory.
823 		 */
824 	}
825 
826 	kfree(server->hostname);
827 	kfree(server);
828 
829 	length = atomic_dec_return(&tcpSesAllocCount);
830 	if (length > 0)
831 		mempool_resize(cifs_req_poolp, length + cifs_min_rcv);
832 }
833 
834 static int
standard_receive3(struct TCP_Server_Info * server,struct mid_q_entry * mid)835 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
836 {
837 	int length;
838 	char *buf = server->smallbuf;
839 	unsigned int pdu_length = get_rfc1002_length(buf);
840 
841 	/* make sure this will fit in a large buffer */
842 	if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server) - 4) {
843 		cifs_dbg(VFS, "SMB response too long (%u bytes)\n", pdu_length);
844 		cifs_reconnect(server);
845 		wake_up(&server->response_q);
846 		return -ECONNABORTED;
847 	}
848 
849 	/* switch to large buffer if too big for a small one */
850 	if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
851 		server->large_buf = true;
852 		memcpy(server->bigbuf, buf, server->total_read);
853 		buf = server->bigbuf;
854 	}
855 
856 	/* now read the rest */
857 	length = cifs_read_from_socket(server, buf + HEADER_SIZE(server) - 1,
858 				pdu_length - HEADER_SIZE(server) + 1 + 4);
859 	if (length < 0)
860 		return length;
861 	server->total_read += length;
862 
863 	dump_smb(buf, server->total_read);
864 
865 	return cifs_handle_standard(server, mid);
866 }
867 
868 int
cifs_handle_standard(struct TCP_Server_Info * server,struct mid_q_entry * mid)869 cifs_handle_standard(struct TCP_Server_Info *server, struct mid_q_entry *mid)
870 {
871 	char *buf = server->large_buf ? server->bigbuf : server->smallbuf;
872 	int length;
873 
874 	/*
875 	 * We know that we received enough to get to the MID as we
876 	 * checked the pdu_length earlier. Now check to see
877 	 * if the rest of the header is OK. We borrow the length
878 	 * var for the rest of the loop to avoid a new stack var.
879 	 *
880 	 * 48 bytes is enough to display the header and a little bit
881 	 * into the payload for debugging purposes.
882 	 */
883 	length = server->ops->check_message(buf, server->total_read, server);
884 	if (length != 0)
885 		cifs_dump_mem("Bad SMB: ", buf,
886 			min_t(unsigned int, server->total_read, 48));
887 
888 	if (server->ops->is_session_expired &&
889 	    server->ops->is_session_expired(buf)) {
890 		cifs_reconnect(server);
891 		wake_up(&server->response_q);
892 		return -1;
893 	}
894 
895 	if (server->ops->is_status_pending &&
896 	    server->ops->is_status_pending(buf, server, length))
897 		return -1;
898 
899 	if (!mid)
900 		return length;
901 
902 	handle_mid(mid, server, buf, length);
903 	return 0;
904 }
905 
906 static int
cifs_demultiplex_thread(void * p)907 cifs_demultiplex_thread(void *p)
908 {
909 	int length;
910 	struct TCP_Server_Info *server = p;
911 	unsigned int pdu_length;
912 	char *buf = NULL;
913 	struct task_struct *task_to_wake = NULL;
914 	struct mid_q_entry *mid_entry;
915 
916 	current->flags |= PF_MEMALLOC;
917 	cifs_dbg(FYI, "Demultiplex PID: %d\n", task_pid_nr(current));
918 
919 	length = atomic_inc_return(&tcpSesAllocCount);
920 	if (length > 1)
921 		mempool_resize(cifs_req_poolp, length + cifs_min_rcv);
922 
923 	set_freezable();
924 	allow_kernel_signal(SIGKILL);
925 	while (server->tcpStatus != CifsExiting) {
926 		if (try_to_freeze())
927 			continue;
928 
929 		if (!allocate_buffers(server))
930 			continue;
931 
932 		server->large_buf = false;
933 		buf = server->smallbuf;
934 		pdu_length = 4; /* enough to get RFC1001 header */
935 
936 		length = cifs_read_from_socket(server, buf, pdu_length);
937 		if (length < 0)
938 			continue;
939 		server->total_read = length;
940 
941 		/*
942 		 * The right amount was read from socket - 4 bytes,
943 		 * so we can now interpret the length field.
944 		 */
945 		pdu_length = get_rfc1002_length(buf);
946 
947 		cifs_dbg(FYI, "RFC1002 header 0x%x\n", pdu_length);
948 		if (!is_smb_response(server, buf[0]))
949 			continue;
950 
951 		/* make sure we have enough to get to the MID */
952 		if (pdu_length < HEADER_SIZE(server) - 1 - 4) {
953 			cifs_dbg(VFS, "SMB response too short (%u bytes)\n",
954 				 pdu_length);
955 			cifs_reconnect(server);
956 			wake_up(&server->response_q);
957 			continue;
958 		}
959 
960 		/* read down to the MID */
961 		length = cifs_read_from_socket(server, buf + 4,
962 					       HEADER_SIZE(server) - 1 - 4);
963 		if (length < 0)
964 			continue;
965 		server->total_read += length;
966 
967 		mid_entry = NULL;
968 		if (server->ops->is_transform_hdr &&
969 		    server->ops->receive_transform &&
970 		    server->ops->is_transform_hdr(buf)) {
971 			length = server->ops->receive_transform(server,
972 								&mid_entry);
973 		} else {
974 			mid_entry = server->ops->find_mid(server, buf);
975 
976 			if (!mid_entry || !mid_entry->receive)
977 				length = standard_receive3(server, mid_entry);
978 			else
979 				length = mid_entry->receive(server, mid_entry);
980 		}
981 
982 		if (length < 0) {
983 			if (mid_entry)
984 				cifs_mid_q_entry_release(mid_entry);
985 			continue;
986 		}
987 
988 		if (server->large_buf)
989 			buf = server->bigbuf;
990 
991 		server->lstrp = jiffies;
992 		if (mid_entry != NULL) {
993 			if ((mid_entry->mid_flags & MID_WAIT_CANCELLED) &&
994 			     mid_entry->mid_state == MID_RESPONSE_RECEIVED &&
995 					server->ops->handle_cancelled_mid)
996 				server->ops->handle_cancelled_mid(
997 							mid_entry->resp_buf,
998 							server);
999 
1000 			if (!mid_entry->multiRsp || mid_entry->multiEnd)
1001 				mid_entry->callback(mid_entry);
1002 
1003 			cifs_mid_q_entry_release(mid_entry);
1004 		} else if (server->ops->is_oplock_break &&
1005 			   server->ops->is_oplock_break(buf, server)) {
1006 			cifs_dbg(FYI, "Received oplock break\n");
1007 		} else {
1008 			cifs_dbg(VFS, "No task to wake, unknown frame received! NumMids %d\n",
1009 				 atomic_read(&midCount));
1010 			cifs_dump_mem("Received Data is: ", buf,
1011 				      HEADER_SIZE(server));
1012 #ifdef CONFIG_CIFS_DEBUG2
1013 			if (server->ops->dump_detail)
1014 				server->ops->dump_detail(buf);
1015 			cifs_dump_mids(server);
1016 #endif /* CIFS_DEBUG2 */
1017 
1018 		}
1019 	} /* end while !EXITING */
1020 
1021 	/* buffer usually freed in free_mid - need to free it here on exit */
1022 	cifs_buf_release(server->bigbuf);
1023 	if (server->smallbuf) /* no sense logging a debug message if NULL */
1024 		cifs_small_buf_release(server->smallbuf);
1025 
1026 	task_to_wake = xchg(&server->tsk, NULL);
1027 	clean_demultiplex_info(server);
1028 
1029 	/* if server->tsk was NULL then wait for a signal before exiting */
1030 	if (!task_to_wake) {
1031 		set_current_state(TASK_INTERRUPTIBLE);
1032 		while (!signal_pending(current)) {
1033 			schedule();
1034 			set_current_state(TASK_INTERRUPTIBLE);
1035 		}
1036 		set_current_state(TASK_RUNNING);
1037 	}
1038 
1039 	module_put_and_exit(0);
1040 }
1041 
1042 /* extract the host portion of the UNC string */
1043 static char *
extract_hostname(const char * unc)1044 extract_hostname(const char *unc)
1045 {
1046 	const char *src;
1047 	char *dst, *delim;
1048 	unsigned int len;
1049 
1050 	/* skip double chars at beginning of string */
1051 	/* BB: check validity of these bytes? */
1052 	src = unc + 2;
1053 
1054 	/* delimiter between hostname and sharename is always '\\' now */
1055 	delim = strchr(src, '\\');
1056 	if (!delim)
1057 		return ERR_PTR(-EINVAL);
1058 
1059 	len = delim - src;
1060 	dst = kmalloc((len + 1), GFP_KERNEL);
1061 	if (dst == NULL)
1062 		return ERR_PTR(-ENOMEM);
1063 
1064 	memcpy(dst, src, len);
1065 	dst[len] = '\0';
1066 
1067 	return dst;
1068 }
1069 
get_option_ul(substring_t args[],unsigned long * option)1070 static int get_option_ul(substring_t args[], unsigned long *option)
1071 {
1072 	int rc;
1073 	char *string;
1074 
1075 	string = match_strdup(args);
1076 	if (string == NULL)
1077 		return -ENOMEM;
1078 	rc = kstrtoul(string, 0, option);
1079 	kfree(string);
1080 
1081 	return rc;
1082 }
1083 
get_option_uid(substring_t args[],kuid_t * result)1084 static int get_option_uid(substring_t args[], kuid_t *result)
1085 {
1086 	unsigned long value;
1087 	kuid_t uid;
1088 	int rc;
1089 
1090 	rc = get_option_ul(args, &value);
1091 	if (rc)
1092 		return rc;
1093 
1094 	uid = make_kuid(current_user_ns(), value);
1095 	if (!uid_valid(uid))
1096 		return -EINVAL;
1097 
1098 	*result = uid;
1099 	return 0;
1100 }
1101 
get_option_gid(substring_t args[],kgid_t * result)1102 static int get_option_gid(substring_t args[], kgid_t *result)
1103 {
1104 	unsigned long value;
1105 	kgid_t gid;
1106 	int rc;
1107 
1108 	rc = get_option_ul(args, &value);
1109 	if (rc)
1110 		return rc;
1111 
1112 	gid = make_kgid(current_user_ns(), value);
1113 	if (!gid_valid(gid))
1114 		return -EINVAL;
1115 
1116 	*result = gid;
1117 	return 0;
1118 }
1119 
cifs_parse_security_flavors(char * value,struct smb_vol * vol)1120 static int cifs_parse_security_flavors(char *value,
1121 				       struct smb_vol *vol)
1122 {
1123 
1124 	substring_t args[MAX_OPT_ARGS];
1125 
1126 	/*
1127 	 * With mount options, the last one should win. Reset any existing
1128 	 * settings back to default.
1129 	 */
1130 	vol->sectype = Unspecified;
1131 	vol->sign = false;
1132 
1133 	switch (match_token(value, cifs_secflavor_tokens, args)) {
1134 	case Opt_sec_krb5p:
1135 		cifs_dbg(VFS, "sec=krb5p is not supported!\n");
1136 		return 1;
1137 	case Opt_sec_krb5i:
1138 		vol->sign = true;
1139 		/* Fallthrough */
1140 	case Opt_sec_krb5:
1141 		vol->sectype = Kerberos;
1142 		break;
1143 	case Opt_sec_ntlmsspi:
1144 		vol->sign = true;
1145 		/* Fallthrough */
1146 	case Opt_sec_ntlmssp:
1147 		vol->sectype = RawNTLMSSP;
1148 		break;
1149 	case Opt_sec_ntlmi:
1150 		vol->sign = true;
1151 		/* Fallthrough */
1152 	case Opt_ntlm:
1153 		vol->sectype = NTLM;
1154 		break;
1155 	case Opt_sec_ntlmv2i:
1156 		vol->sign = true;
1157 		/* Fallthrough */
1158 	case Opt_sec_ntlmv2:
1159 		vol->sectype = NTLMv2;
1160 		break;
1161 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1162 	case Opt_sec_lanman:
1163 		vol->sectype = LANMAN;
1164 		break;
1165 #endif
1166 	case Opt_sec_none:
1167 		vol->nullauth = 1;
1168 		break;
1169 	default:
1170 		cifs_dbg(VFS, "bad security option: %s\n", value);
1171 		return 1;
1172 	}
1173 
1174 	return 0;
1175 }
1176 
1177 static int
cifs_parse_cache_flavor(char * value,struct smb_vol * vol)1178 cifs_parse_cache_flavor(char *value, struct smb_vol *vol)
1179 {
1180 	substring_t args[MAX_OPT_ARGS];
1181 
1182 	switch (match_token(value, cifs_cacheflavor_tokens, args)) {
1183 	case Opt_cache_loose:
1184 		vol->direct_io = false;
1185 		vol->strict_io = false;
1186 		break;
1187 	case Opt_cache_strict:
1188 		vol->direct_io = false;
1189 		vol->strict_io = true;
1190 		break;
1191 	case Opt_cache_none:
1192 		vol->direct_io = true;
1193 		vol->strict_io = false;
1194 		break;
1195 	default:
1196 		cifs_dbg(VFS, "bad cache= option: %s\n", value);
1197 		return 1;
1198 	}
1199 	return 0;
1200 }
1201 
1202 static int
cifs_parse_smb_version(char * value,struct smb_vol * vol)1203 cifs_parse_smb_version(char *value, struct smb_vol *vol)
1204 {
1205 	substring_t args[MAX_OPT_ARGS];
1206 
1207 	switch (match_token(value, cifs_smb_version_tokens, args)) {
1208 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1209 	case Smb_1:
1210 		vol->ops = &smb1_operations;
1211 		vol->vals = &smb1_values;
1212 		break;
1213 	case Smb_20:
1214 		vol->ops = &smb20_operations;
1215 		vol->vals = &smb20_values;
1216 		break;
1217 #else
1218 	case Smb_1:
1219 		cifs_dbg(VFS, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
1220 		return 1;
1221 	case Smb_20:
1222 		cifs_dbg(VFS, "vers=2.0 mount not permitted when legacy dialects disabled\n");
1223 		return 1;
1224 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
1225 	case Smb_21:
1226 		vol->ops = &smb21_operations;
1227 		vol->vals = &smb21_values;
1228 		break;
1229 	case Smb_30:
1230 		vol->ops = &smb30_operations;
1231 		vol->vals = &smb30_values;
1232 		break;
1233 	case Smb_302:
1234 		vol->ops = &smb30_operations; /* currently identical with 3.0 */
1235 		vol->vals = &smb302_values;
1236 		break;
1237 #ifdef CONFIG_CIFS_SMB311
1238 	case Smb_311:
1239 		vol->ops = &smb311_operations;
1240 		vol->vals = &smb311_values;
1241 		break;
1242 #endif /* SMB311 */
1243 	case Smb_3any:
1244 		vol->ops = &smb30_operations; /* currently identical with 3.0 */
1245 		vol->vals = &smb3any_values;
1246 		break;
1247 	case Smb_default:
1248 		vol->ops = &smb30_operations; /* currently identical with 3.0 */
1249 		vol->vals = &smbdefault_values;
1250 		break;
1251 	default:
1252 		cifs_dbg(VFS, "Unknown vers= option specified: %s\n", value);
1253 		return 1;
1254 	}
1255 	return 0;
1256 }
1257 
1258 /*
1259  * Parse a devname into substrings and populate the vol->UNC and vol->prepath
1260  * fields with the result. Returns 0 on success and an error otherwise.
1261  */
1262 static int
cifs_parse_devname(const char * devname,struct smb_vol * vol)1263 cifs_parse_devname(const char *devname, struct smb_vol *vol)
1264 {
1265 	char *pos;
1266 	const char *delims = "/\\";
1267 	size_t len;
1268 
1269 	if (unlikely(!devname || !*devname)) {
1270 		cifs_dbg(VFS, "Device name not specified.\n");
1271 		return -EINVAL;
1272 	}
1273 
1274 	/* make sure we have a valid UNC double delimiter prefix */
1275 	len = strspn(devname, delims);
1276 	if (len != 2)
1277 		return -EINVAL;
1278 
1279 	/* find delimiter between host and sharename */
1280 	pos = strpbrk(devname + 2, delims);
1281 	if (!pos)
1282 		return -EINVAL;
1283 
1284 	/* skip past delimiter */
1285 	++pos;
1286 
1287 	/* now go until next delimiter or end of string */
1288 	len = strcspn(pos, delims);
1289 
1290 	/* move "pos" up to delimiter or NULL */
1291 	pos += len;
1292 	vol->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
1293 	if (!vol->UNC)
1294 		return -ENOMEM;
1295 
1296 	convert_delimiter(vol->UNC, '\\');
1297 
1298 	/* skip any delimiter */
1299 	if (*pos == '/' || *pos == '\\')
1300 		pos++;
1301 
1302 	/* If pos is NULL then no prepath */
1303 	if (!*pos)
1304 		return 0;
1305 
1306 	vol->prepath = kstrdup(pos, GFP_KERNEL);
1307 	if (!vol->prepath)
1308 		return -ENOMEM;
1309 
1310 	return 0;
1311 }
1312 
1313 static int
cifs_parse_mount_options(const char * mountdata,const char * devname,struct smb_vol * vol)1314 cifs_parse_mount_options(const char *mountdata, const char *devname,
1315 			 struct smb_vol *vol)
1316 {
1317 	char *data, *end;
1318 	char *mountdata_copy = NULL, *options;
1319 	unsigned int  temp_len, i, j;
1320 	char separator[2];
1321 	short int override_uid = -1;
1322 	short int override_gid = -1;
1323 	bool uid_specified = false;
1324 	bool gid_specified = false;
1325 	bool sloppy = false;
1326 	char *invalid = NULL;
1327 	char *nodename = utsname()->nodename;
1328 	char *string = NULL;
1329 	char *tmp_end, *value;
1330 	char delim;
1331 	bool got_ip = false;
1332 	bool got_version = false;
1333 	unsigned short port = 0;
1334 	struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1335 
1336 	separator[0] = ',';
1337 	separator[1] = 0;
1338 	delim = separator[0];
1339 
1340 	/* ensure we always start with zeroed-out smb_vol */
1341 	memset(vol, 0, sizeof(*vol));
1342 
1343 	/*
1344 	 * does not have to be perfect mapping since field is
1345 	 * informational, only used for servers that do not support
1346 	 * port 445 and it can be overridden at mount time
1347 	 */
1348 	memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1349 	for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1350 		vol->source_rfc1001_name[i] = toupper(nodename[i]);
1351 
1352 	vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1353 	/* null target name indicates to use *SMBSERVR default called name
1354 	   if we end up sending RFC1001 session initialize */
1355 	vol->target_rfc1001_name[0] = 0;
1356 	vol->cred_uid = current_uid();
1357 	vol->linux_uid = current_uid();
1358 	vol->linux_gid = current_gid();
1359 
1360 	/*
1361 	 * default to SFM style remapping of seven reserved characters
1362 	 * unless user overrides it or we negotiate CIFS POSIX where
1363 	 * it is unnecessary.  Can not simultaneously use more than one mapping
1364 	 * since then readdir could list files that open could not open
1365 	 */
1366 	vol->remap = true;
1367 
1368 	/* default to only allowing write access to owner of the mount */
1369 	vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1370 
1371 	/* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1372 	/* default is always to request posix paths. */
1373 	vol->posix_paths = 1;
1374 	/* default to using server inode numbers where available */
1375 	vol->server_ino = 1;
1376 
1377 	/* default is to use strict cifs caching semantics */
1378 	vol->strict_io = true;
1379 
1380 	vol->actimeo = CIFS_DEF_ACTIMEO;
1381 
1382 	/* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1383 	vol->ops = &smb30_operations;
1384 	vol->vals = &smbdefault_values;
1385 
1386 	vol->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1387 
1388 	if (!mountdata)
1389 		goto cifs_parse_mount_err;
1390 
1391 	mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
1392 	if (!mountdata_copy)
1393 		goto cifs_parse_mount_err;
1394 
1395 	options = mountdata_copy;
1396 	end = options + strlen(options);
1397 
1398 	if (strncmp(options, "sep=", 4) == 0) {
1399 		if (options[4] != 0) {
1400 			separator[0] = options[4];
1401 			options += 5;
1402 		} else {
1403 			cifs_dbg(FYI, "Null separator not allowed\n");
1404 		}
1405 	}
1406 	vol->backupuid_specified = false; /* no backup intent for a user */
1407 	vol->backupgid_specified = false; /* no backup intent for a group */
1408 
1409 	switch (cifs_parse_devname(devname, vol)) {
1410 	case 0:
1411 		break;
1412 	case -ENOMEM:
1413 		cifs_dbg(VFS, "Unable to allocate memory for devname.\n");
1414 		goto cifs_parse_mount_err;
1415 	case -EINVAL:
1416 		cifs_dbg(VFS, "Malformed UNC in devname.\n");
1417 		goto cifs_parse_mount_err;
1418 	default:
1419 		cifs_dbg(VFS, "Unknown error parsing devname.\n");
1420 		goto cifs_parse_mount_err;
1421 	}
1422 
1423 	while ((data = strsep(&options, separator)) != NULL) {
1424 		substring_t args[MAX_OPT_ARGS];
1425 		unsigned long option;
1426 		int token;
1427 
1428 		if (!*data)
1429 			continue;
1430 
1431 		token = match_token(data, cifs_mount_option_tokens, args);
1432 
1433 		switch (token) {
1434 
1435 		/* Ingnore the following */
1436 		case Opt_ignore:
1437 			break;
1438 
1439 		/* Boolean values */
1440 		case Opt_user_xattr:
1441 			vol->no_xattr = 0;
1442 			break;
1443 		case Opt_nouser_xattr:
1444 			vol->no_xattr = 1;
1445 			break;
1446 		case Opt_forceuid:
1447 			override_uid = 1;
1448 			break;
1449 		case Opt_noforceuid:
1450 			override_uid = 0;
1451 			break;
1452 		case Opt_forcegid:
1453 			override_gid = 1;
1454 			break;
1455 		case Opt_noforcegid:
1456 			override_gid = 0;
1457 			break;
1458 		case Opt_noblocksend:
1459 			vol->noblocksnd = 1;
1460 			break;
1461 		case Opt_noautotune:
1462 			vol->noautotune = 1;
1463 			break;
1464 		case Opt_hard:
1465 			vol->retry = 1;
1466 			break;
1467 		case Opt_soft:
1468 			vol->retry = 0;
1469 			break;
1470 		case Opt_perm:
1471 			vol->noperm = 0;
1472 			break;
1473 		case Opt_noperm:
1474 			vol->noperm = 1;
1475 			break;
1476 		case Opt_mapchars:
1477 			vol->sfu_remap = true;
1478 			vol->remap = false; /* disable SFM mapping */
1479 			break;
1480 		case Opt_nomapchars:
1481 			vol->sfu_remap = false;
1482 			break;
1483 		case Opt_mapposix:
1484 			vol->remap = true;
1485 			vol->sfu_remap = false; /* disable SFU mapping */
1486 			break;
1487 		case Opt_nomapposix:
1488 			vol->remap = false;
1489 			break;
1490 		case Opt_sfu:
1491 			vol->sfu_emul = 1;
1492 			break;
1493 		case Opt_nosfu:
1494 			vol->sfu_emul = 0;
1495 			break;
1496 		case Opt_nodfs:
1497 			vol->nodfs = 1;
1498 			break;
1499 		case Opt_posixpaths:
1500 			vol->posix_paths = 1;
1501 			break;
1502 		case Opt_noposixpaths:
1503 			vol->posix_paths = 0;
1504 			break;
1505 		case Opt_nounix:
1506 			vol->no_linux_ext = 1;
1507 			break;
1508 		case Opt_nocase:
1509 			vol->nocase = 1;
1510 			break;
1511 		case Opt_brl:
1512 			vol->nobrl =  0;
1513 			break;
1514 		case Opt_nobrl:
1515 			vol->nobrl =  1;
1516 			/*
1517 			 * turn off mandatory locking in mode
1518 			 * if remote locking is turned off since the
1519 			 * local vfs will do advisory
1520 			 */
1521 			if (vol->file_mode ==
1522 				(S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1523 				vol->file_mode = S_IALLUGO;
1524 			break;
1525 		case Opt_forcemandatorylock:
1526 			vol->mand_lock = 1;
1527 			break;
1528 		case Opt_setuids:
1529 			vol->setuids = 1;
1530 			break;
1531 		case Opt_nosetuids:
1532 			vol->setuids = 0;
1533 			break;
1534 		case Opt_setuidfromacl:
1535 			vol->setuidfromacl = 1;
1536 			break;
1537 		case Opt_dynperm:
1538 			vol->dynperm = true;
1539 			break;
1540 		case Opt_nodynperm:
1541 			vol->dynperm = false;
1542 			break;
1543 		case Opt_nohard:
1544 			vol->retry = 0;
1545 			break;
1546 		case Opt_nosoft:
1547 			vol->retry = 1;
1548 			break;
1549 		case Opt_nointr:
1550 			vol->intr = 0;
1551 			break;
1552 		case Opt_intr:
1553 			vol->intr = 1;
1554 			break;
1555 		case Opt_nostrictsync:
1556 			vol->nostrictsync = 1;
1557 			break;
1558 		case Opt_strictsync:
1559 			vol->nostrictsync = 0;
1560 			break;
1561 		case Opt_serverino:
1562 			vol->server_ino = 1;
1563 			break;
1564 		case Opt_noserverino:
1565 			vol->server_ino = 0;
1566 			break;
1567 		case Opt_rwpidforward:
1568 			vol->rwpidforward = 1;
1569 			break;
1570 		case Opt_cifsacl:
1571 			vol->cifs_acl = 1;
1572 			break;
1573 		case Opt_nocifsacl:
1574 			vol->cifs_acl = 0;
1575 			break;
1576 		case Opt_acl:
1577 			vol->no_psx_acl = 0;
1578 			break;
1579 		case Opt_noacl:
1580 			vol->no_psx_acl = 1;
1581 			break;
1582 		case Opt_locallease:
1583 			vol->local_lease = 1;
1584 			break;
1585 		case Opt_sign:
1586 			vol->sign = true;
1587 			break;
1588 		case Opt_seal:
1589 			/* we do not do the following in secFlags because seal
1590 			 * is a per tree connection (mount) not a per socket
1591 			 * or per-smb connection option in the protocol
1592 			 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1593 			 */
1594 			vol->seal = 1;
1595 			break;
1596 		case Opt_noac:
1597 			pr_warn("CIFS: Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1598 			break;
1599 		case Opt_fsc:
1600 #ifndef CONFIG_CIFS_FSCACHE
1601 			cifs_dbg(VFS, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1602 			goto cifs_parse_mount_err;
1603 #endif
1604 			vol->fsc = true;
1605 			break;
1606 		case Opt_mfsymlinks:
1607 			vol->mfsymlinks = true;
1608 			break;
1609 		case Opt_multiuser:
1610 			vol->multiuser = true;
1611 			break;
1612 		case Opt_sloppy:
1613 			sloppy = true;
1614 			break;
1615 		case Opt_nosharesock:
1616 			vol->nosharesock = true;
1617 			break;
1618 		case Opt_nopersistent:
1619 			vol->nopersistent = true;
1620 			if (vol->persistent) {
1621 				cifs_dbg(VFS,
1622 				  "persistenthandles mount options conflict\n");
1623 				goto cifs_parse_mount_err;
1624 			}
1625 			break;
1626 		case Opt_persistent:
1627 			vol->persistent = true;
1628 			if ((vol->nopersistent) || (vol->resilient)) {
1629 				cifs_dbg(VFS,
1630 				  "persistenthandles mount options conflict\n");
1631 				goto cifs_parse_mount_err;
1632 			}
1633 			break;
1634 		case Opt_resilient:
1635 			vol->resilient = true;
1636 			if (vol->persistent) {
1637 				cifs_dbg(VFS,
1638 				  "persistenthandles mount options conflict\n");
1639 				goto cifs_parse_mount_err;
1640 			}
1641 			break;
1642 		case Opt_noresilient:
1643 			vol->resilient = false; /* already the default */
1644 			break;
1645 		case Opt_domainauto:
1646 			vol->domainauto = true;
1647 			break;
1648 
1649 		/* Numeric Values */
1650 		case Opt_backupuid:
1651 			if (get_option_uid(args, &vol->backupuid)) {
1652 				cifs_dbg(VFS, "%s: Invalid backupuid value\n",
1653 					 __func__);
1654 				goto cifs_parse_mount_err;
1655 			}
1656 			vol->backupuid_specified = true;
1657 			break;
1658 		case Opt_backupgid:
1659 			if (get_option_gid(args, &vol->backupgid)) {
1660 				cifs_dbg(VFS, "%s: Invalid backupgid value\n",
1661 					 __func__);
1662 				goto cifs_parse_mount_err;
1663 			}
1664 			vol->backupgid_specified = true;
1665 			break;
1666 		case Opt_uid:
1667 			if (get_option_uid(args, &vol->linux_uid)) {
1668 				cifs_dbg(VFS, "%s: Invalid uid value\n",
1669 					 __func__);
1670 				goto cifs_parse_mount_err;
1671 			}
1672 			uid_specified = true;
1673 			break;
1674 		case Opt_cruid:
1675 			if (get_option_uid(args, &vol->cred_uid)) {
1676 				cifs_dbg(VFS, "%s: Invalid cruid value\n",
1677 					 __func__);
1678 				goto cifs_parse_mount_err;
1679 			}
1680 			break;
1681 		case Opt_gid:
1682 			if (get_option_gid(args, &vol->linux_gid)) {
1683 				cifs_dbg(VFS, "%s: Invalid gid value\n",
1684 					 __func__);
1685 				goto cifs_parse_mount_err;
1686 			}
1687 			gid_specified = true;
1688 			break;
1689 		case Opt_file_mode:
1690 			if (get_option_ul(args, &option)) {
1691 				cifs_dbg(VFS, "%s: Invalid file_mode value\n",
1692 					 __func__);
1693 				goto cifs_parse_mount_err;
1694 			}
1695 			vol->file_mode = option;
1696 			break;
1697 		case Opt_dirmode:
1698 			if (get_option_ul(args, &option)) {
1699 				cifs_dbg(VFS, "%s: Invalid dir_mode value\n",
1700 					 __func__);
1701 				goto cifs_parse_mount_err;
1702 			}
1703 			vol->dir_mode = option;
1704 			break;
1705 		case Opt_port:
1706 			if (get_option_ul(args, &option) ||
1707 			    option > USHRT_MAX) {
1708 				cifs_dbg(VFS, "%s: Invalid port value\n",
1709 					 __func__);
1710 				goto cifs_parse_mount_err;
1711 			}
1712 			port = (unsigned short)option;
1713 			break;
1714 		case Opt_rsize:
1715 			if (get_option_ul(args, &option)) {
1716 				cifs_dbg(VFS, "%s: Invalid rsize value\n",
1717 					 __func__);
1718 				goto cifs_parse_mount_err;
1719 			}
1720 			vol->rsize = option;
1721 			break;
1722 		case Opt_wsize:
1723 			if (get_option_ul(args, &option)) {
1724 				cifs_dbg(VFS, "%s: Invalid wsize value\n",
1725 					 __func__);
1726 				goto cifs_parse_mount_err;
1727 			}
1728 			vol->wsize = option;
1729 			break;
1730 		case Opt_actimeo:
1731 			if (get_option_ul(args, &option)) {
1732 				cifs_dbg(VFS, "%s: Invalid actimeo value\n",
1733 					 __func__);
1734 				goto cifs_parse_mount_err;
1735 			}
1736 			vol->actimeo = HZ * option;
1737 			if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1738 				cifs_dbg(VFS, "attribute cache timeout too large\n");
1739 				goto cifs_parse_mount_err;
1740 			}
1741 			break;
1742 		case Opt_echo_interval:
1743 			if (get_option_ul(args, &option)) {
1744 				cifs_dbg(VFS, "%s: Invalid echo interval value\n",
1745 					 __func__);
1746 				goto cifs_parse_mount_err;
1747 			}
1748 			vol->echo_interval = option;
1749 			break;
1750 		case Opt_snapshot:
1751 			if (get_option_ul(args, &option)) {
1752 				cifs_dbg(VFS, "%s: Invalid snapshot time\n",
1753 					 __func__);
1754 				goto cifs_parse_mount_err;
1755 			}
1756 			vol->snapshot_time = option;
1757 			break;
1758 		case Opt_max_credits:
1759 			if (get_option_ul(args, &option) || (option < 20) ||
1760 			    (option > 60000)) {
1761 				cifs_dbg(VFS, "%s: Invalid max_credits value\n",
1762 					 __func__);
1763 				goto cifs_parse_mount_err;
1764 			}
1765 			vol->max_credits = option;
1766 			break;
1767 
1768 		/* String Arguments */
1769 
1770 		case Opt_blank_user:
1771 			/* null user, ie. anonymous authentication */
1772 			vol->nullauth = 1;
1773 			vol->username = NULL;
1774 			break;
1775 		case Opt_user:
1776 			string = match_strdup(args);
1777 			if (string == NULL)
1778 				goto out_nomem;
1779 
1780 			if (strnlen(string, CIFS_MAX_USERNAME_LEN) >
1781 							CIFS_MAX_USERNAME_LEN) {
1782 				pr_warn("CIFS: username too long\n");
1783 				goto cifs_parse_mount_err;
1784 			}
1785 
1786 			kfree(vol->username);
1787 			vol->username = kstrdup(string, GFP_KERNEL);
1788 			if (!vol->username)
1789 				goto cifs_parse_mount_err;
1790 			break;
1791 		case Opt_blank_pass:
1792 			/* passwords have to be handled differently
1793 			 * to allow the character used for deliminator
1794 			 * to be passed within them
1795 			 */
1796 
1797 			/*
1798 			 * Check if this is a case where the  password
1799 			 * starts with a delimiter
1800 			 */
1801 			tmp_end = strchr(data, '=');
1802 			tmp_end++;
1803 			if (!(tmp_end < end && tmp_end[1] == delim)) {
1804 				/* No it is not. Set the password to NULL */
1805 				kzfree(vol->password);
1806 				vol->password = NULL;
1807 				break;
1808 			}
1809 			/* Yes it is. Drop down to Opt_pass below.*/
1810 		case Opt_pass:
1811 			/* Obtain the value string */
1812 			value = strchr(data, '=');
1813 			value++;
1814 
1815 			/* Set tmp_end to end of the string */
1816 			tmp_end = (char *) value + strlen(value);
1817 
1818 			/* Check if following character is the deliminator
1819 			 * If yes, we have encountered a double deliminator
1820 			 * reset the NULL character to the deliminator
1821 			 */
1822 			if (tmp_end < end && tmp_end[1] == delim) {
1823 				tmp_end[0] = delim;
1824 
1825 				/* Keep iterating until we get to a single
1826 				 * deliminator OR the end
1827 				 */
1828 				while ((tmp_end = strchr(tmp_end, delim))
1829 					!= NULL && (tmp_end[1] == delim)) {
1830 						tmp_end = (char *) &tmp_end[2];
1831 				}
1832 
1833 				/* Reset var options to point to next element */
1834 				if (tmp_end) {
1835 					tmp_end[0] = '\0';
1836 					options = (char *) &tmp_end[1];
1837 				} else
1838 					/* Reached the end of the mount option
1839 					 * string */
1840 					options = end;
1841 			}
1842 
1843 			kzfree(vol->password);
1844 			/* Now build new password string */
1845 			temp_len = strlen(value);
1846 			vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1847 			if (vol->password == NULL) {
1848 				pr_warn("CIFS: no memory for password\n");
1849 				goto cifs_parse_mount_err;
1850 			}
1851 
1852 			for (i = 0, j = 0; i < temp_len; i++, j++) {
1853 				vol->password[j] = value[i];
1854 				if ((value[i] == delim) &&
1855 				     value[i+1] == delim)
1856 					/* skip the second deliminator */
1857 					i++;
1858 			}
1859 			vol->password[j] = '\0';
1860 			break;
1861 		case Opt_blank_ip:
1862 			/* FIXME: should this be an error instead? */
1863 			got_ip = false;
1864 			break;
1865 		case Opt_ip:
1866 			string = match_strdup(args);
1867 			if (string == NULL)
1868 				goto out_nomem;
1869 
1870 			if (!cifs_convert_address(dstaddr, string,
1871 					strlen(string))) {
1872 				pr_err("CIFS: bad ip= option (%s).\n", string);
1873 				goto cifs_parse_mount_err;
1874 			}
1875 			got_ip = true;
1876 			break;
1877 		case Opt_domain:
1878 			string = match_strdup(args);
1879 			if (string == NULL)
1880 				goto out_nomem;
1881 
1882 			if (strnlen(string, CIFS_MAX_DOMAINNAME_LEN)
1883 					== CIFS_MAX_DOMAINNAME_LEN) {
1884 				pr_warn("CIFS: domain name too long\n");
1885 				goto cifs_parse_mount_err;
1886 			}
1887 
1888 			kfree(vol->domainname);
1889 			vol->domainname = kstrdup(string, GFP_KERNEL);
1890 			if (!vol->domainname) {
1891 				pr_warn("CIFS: no memory for domainname\n");
1892 				goto cifs_parse_mount_err;
1893 			}
1894 			cifs_dbg(FYI, "Domain name set\n");
1895 			break;
1896 		case Opt_srcaddr:
1897 			string = match_strdup(args);
1898 			if (string == NULL)
1899 				goto out_nomem;
1900 
1901 			if (!cifs_convert_address(
1902 					(struct sockaddr *)&vol->srcaddr,
1903 					string, strlen(string))) {
1904 				pr_warn("CIFS: Could not parse srcaddr: %s\n",
1905 					string);
1906 				goto cifs_parse_mount_err;
1907 			}
1908 			break;
1909 		case Opt_iocharset:
1910 			string = match_strdup(args);
1911 			if (string == NULL)
1912 				goto out_nomem;
1913 
1914 			if (strnlen(string, 1024) >= 65) {
1915 				pr_warn("CIFS: iocharset name too long.\n");
1916 				goto cifs_parse_mount_err;
1917 			}
1918 
1919 			 if (strncasecmp(string, "default", 7) != 0) {
1920 				kfree(vol->iocharset);
1921 				vol->iocharset = kstrdup(string,
1922 							 GFP_KERNEL);
1923 				if (!vol->iocharset) {
1924 					pr_warn("CIFS: no memory for charset\n");
1925 					goto cifs_parse_mount_err;
1926 				}
1927 			}
1928 			/* if iocharset not set then load_nls_default
1929 			 * is used by caller
1930 			 */
1931 			 cifs_dbg(FYI, "iocharset set to %s\n", string);
1932 			break;
1933 		case Opt_netbiosname:
1934 			string = match_strdup(args);
1935 			if (string == NULL)
1936 				goto out_nomem;
1937 
1938 			memset(vol->source_rfc1001_name, 0x20,
1939 				RFC1001_NAME_LEN);
1940 			/*
1941 			 * FIXME: are there cases in which a comma can
1942 			 * be valid in workstation netbios name (and
1943 			 * need special handling)?
1944 			 */
1945 			for (i = 0; i < RFC1001_NAME_LEN; i++) {
1946 				/* don't ucase netbiosname for user */
1947 				if (string[i] == 0)
1948 					break;
1949 				vol->source_rfc1001_name[i] = string[i];
1950 			}
1951 			/* The string has 16th byte zero still from
1952 			 * set at top of the function
1953 			 */
1954 			if (i == RFC1001_NAME_LEN && string[i] != 0)
1955 				pr_warn("CIFS: netbiosname longer than 15 truncated.\n");
1956 			break;
1957 		case Opt_servern:
1958 			/* servernetbiosname specified override *SMBSERVER */
1959 			string = match_strdup(args);
1960 			if (string == NULL)
1961 				goto out_nomem;
1962 
1963 			/* last byte, type, is 0x20 for servr type */
1964 			memset(vol->target_rfc1001_name, 0x20,
1965 				RFC1001_NAME_LEN_WITH_NULL);
1966 
1967 			/* BB are there cases in which a comma can be
1968 			   valid in this workstation netbios name
1969 			   (and need special handling)? */
1970 
1971 			/* user or mount helper must uppercase the
1972 			   netbios name */
1973 			for (i = 0; i < 15; i++) {
1974 				if (string[i] == 0)
1975 					break;
1976 				vol->target_rfc1001_name[i] = string[i];
1977 			}
1978 			/* The string has 16th byte zero still from
1979 			   set at top of the function  */
1980 			if (i == RFC1001_NAME_LEN && string[i] != 0)
1981 				pr_warn("CIFS: server netbiosname longer than 15 truncated.\n");
1982 			break;
1983 		case Opt_ver:
1984 			/* version of mount userspace tools, not dialect */
1985 			string = match_strdup(args);
1986 			if (string == NULL)
1987 				goto out_nomem;
1988 
1989 			/* If interface changes in mount.cifs bump to new ver */
1990 			if (strncasecmp(string, "1", 1) == 0) {
1991 				if (strlen(string) > 1) {
1992 					pr_warn("Bad mount helper ver=%s. Did "
1993 						"you want SMB1 (CIFS) dialect "
1994 						"and mean to type vers=1.0 "
1995 						"instead?\n", string);
1996 					goto cifs_parse_mount_err;
1997 				}
1998 				/* This is the default */
1999 				break;
2000 			}
2001 			/* For all other value, error */
2002 			pr_warn("CIFS: Invalid mount helper version specified\n");
2003 			goto cifs_parse_mount_err;
2004 		case Opt_vers:
2005 			/* protocol version (dialect) */
2006 			string = match_strdup(args);
2007 			if (string == NULL)
2008 				goto out_nomem;
2009 
2010 			if (cifs_parse_smb_version(string, vol) != 0)
2011 				goto cifs_parse_mount_err;
2012 			got_version = true;
2013 			break;
2014 		case Opt_sec:
2015 			string = match_strdup(args);
2016 			if (string == NULL)
2017 				goto out_nomem;
2018 
2019 			if (cifs_parse_security_flavors(string, vol) != 0)
2020 				goto cifs_parse_mount_err;
2021 			break;
2022 		case Opt_cache:
2023 			string = match_strdup(args);
2024 			if (string == NULL)
2025 				goto out_nomem;
2026 
2027 			if (cifs_parse_cache_flavor(string, vol) != 0)
2028 				goto cifs_parse_mount_err;
2029 			break;
2030 		default:
2031 			/*
2032 			 * An option we don't recognize. Save it off for later
2033 			 * if we haven't already found one
2034 			 */
2035 			if (!invalid)
2036 				invalid = data;
2037 			break;
2038 		}
2039 		/* Free up any allocated string */
2040 		kfree(string);
2041 		string = NULL;
2042 	}
2043 
2044 	if (!sloppy && invalid) {
2045 		pr_err("CIFS: Unknown mount option \"%s\"\n", invalid);
2046 		goto cifs_parse_mount_err;
2047 	}
2048 
2049 #ifndef CONFIG_KEYS
2050 	/* Muliuser mounts require CONFIG_KEYS support */
2051 	if (vol->multiuser) {
2052 		cifs_dbg(VFS, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
2053 		goto cifs_parse_mount_err;
2054 	}
2055 #endif
2056 	if (!vol->UNC) {
2057 		cifs_dbg(VFS, "CIFS mount error: No usable UNC path provided in device string!\n");
2058 		goto cifs_parse_mount_err;
2059 	}
2060 
2061 	/* make sure UNC has a share name */
2062 	if (!strchr(vol->UNC + 3, '\\')) {
2063 		cifs_dbg(VFS, "Malformed UNC. Unable to find share name.\n");
2064 		goto cifs_parse_mount_err;
2065 	}
2066 
2067 	if (!got_ip) {
2068 		int len;
2069 		const char *slash;
2070 
2071 		/* No ip= option specified? Try to get it from UNC */
2072 		/* Use the address part of the UNC. */
2073 		slash = strchr(&vol->UNC[2], '\\');
2074 		len = slash - &vol->UNC[2];
2075 		if (!cifs_convert_address(dstaddr, &vol->UNC[2], len)) {
2076 			pr_err("Unable to determine destination address.\n");
2077 			goto cifs_parse_mount_err;
2078 		}
2079 	}
2080 
2081 	/* set the port that we got earlier */
2082 	cifs_set_port(dstaddr, port);
2083 
2084 	if (uid_specified)
2085 		vol->override_uid = override_uid;
2086 	else if (override_uid == 1)
2087 		pr_notice("CIFS: ignoring forceuid mount option specified with no uid= option.\n");
2088 
2089 	if (gid_specified)
2090 		vol->override_gid = override_gid;
2091 	else if (override_gid == 1)
2092 		pr_notice("CIFS: ignoring forcegid mount option specified with no gid= option.\n");
2093 
2094 	if (got_version == false)
2095 		pr_warn("No dialect specified on mount. Default has changed to "
2096 			"a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS "
2097 			"(SMB1). To use the less secure SMB1 dialect to access "
2098 			"old servers which do not support SMB3 (or SMB2.1) specify vers=1.0"
2099 			" on mount.\n");
2100 
2101 	kfree(mountdata_copy);
2102 	return 0;
2103 
2104 out_nomem:
2105 	pr_warn("Could not allocate temporary buffer\n");
2106 cifs_parse_mount_err:
2107 	kfree(string);
2108 	kfree(mountdata_copy);
2109 	return 1;
2110 }
2111 
2112 /** Returns true if srcaddr isn't specified and rhs isn't
2113  * specified, or if srcaddr is specified and
2114  * matches the IP address of the rhs argument.
2115  */
2116 static bool
srcip_matches(struct sockaddr * srcaddr,struct sockaddr * rhs)2117 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
2118 {
2119 	switch (srcaddr->sa_family) {
2120 	case AF_UNSPEC:
2121 		return (rhs->sa_family == AF_UNSPEC);
2122 	case AF_INET: {
2123 		struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
2124 		struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
2125 		return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
2126 	}
2127 	case AF_INET6: {
2128 		struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
2129 		struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)rhs;
2130 		return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
2131 	}
2132 	default:
2133 		WARN_ON(1);
2134 		return false; /* don't expect to be here */
2135 	}
2136 }
2137 
2138 /*
2139  * If no port is specified in addr structure, we try to match with 445 port
2140  * and if it fails - with 139 ports. It should be called only if address
2141  * families of server and addr are equal.
2142  */
2143 static bool
match_port(struct TCP_Server_Info * server,struct sockaddr * addr)2144 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
2145 {
2146 	__be16 port, *sport;
2147 
2148 	switch (addr->sa_family) {
2149 	case AF_INET:
2150 		sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
2151 		port = ((struct sockaddr_in *) addr)->sin_port;
2152 		break;
2153 	case AF_INET6:
2154 		sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
2155 		port = ((struct sockaddr_in6 *) addr)->sin6_port;
2156 		break;
2157 	default:
2158 		WARN_ON(1);
2159 		return false;
2160 	}
2161 
2162 	if (!port) {
2163 		port = htons(CIFS_PORT);
2164 		if (port == *sport)
2165 			return true;
2166 
2167 		port = htons(RFC1001_PORT);
2168 	}
2169 
2170 	return port == *sport;
2171 }
2172 
2173 static bool
match_address(struct TCP_Server_Info * server,struct sockaddr * addr,struct sockaddr * srcaddr)2174 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
2175 	      struct sockaddr *srcaddr)
2176 {
2177 	switch (addr->sa_family) {
2178 	case AF_INET: {
2179 		struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
2180 		struct sockaddr_in *srv_addr4 =
2181 					(struct sockaddr_in *)&server->dstaddr;
2182 
2183 		if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
2184 			return false;
2185 		break;
2186 	}
2187 	case AF_INET6: {
2188 		struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
2189 		struct sockaddr_in6 *srv_addr6 =
2190 					(struct sockaddr_in6 *)&server->dstaddr;
2191 
2192 		if (!ipv6_addr_equal(&addr6->sin6_addr,
2193 				     &srv_addr6->sin6_addr))
2194 			return false;
2195 		if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
2196 			return false;
2197 		break;
2198 	}
2199 	default:
2200 		WARN_ON(1);
2201 		return false; /* don't expect to be here */
2202 	}
2203 
2204 	if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
2205 		return false;
2206 
2207 	return true;
2208 }
2209 
2210 static bool
match_security(struct TCP_Server_Info * server,struct smb_vol * vol)2211 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
2212 {
2213 	/*
2214 	 * The select_sectype function should either return the vol->sectype
2215 	 * that was specified, or "Unspecified" if that sectype was not
2216 	 * compatible with the given NEGOTIATE request.
2217 	 */
2218 	if (server->ops->select_sectype(server, vol->sectype)
2219 	     == Unspecified)
2220 		return false;
2221 
2222 	/*
2223 	 * Now check if signing mode is acceptable. No need to check
2224 	 * global_secflags at this point since if MUST_SIGN is set then
2225 	 * the server->sign had better be too.
2226 	 */
2227 	if (vol->sign && !server->sign)
2228 		return false;
2229 
2230 	return true;
2231 }
2232 
match_server(struct TCP_Server_Info * server,struct smb_vol * vol)2233 static int match_server(struct TCP_Server_Info *server, struct smb_vol *vol)
2234 {
2235 	struct sockaddr *addr = (struct sockaddr *)&vol->dstaddr;
2236 
2237 	if (vol->nosharesock)
2238 		return 0;
2239 
2240 	/* BB update this for smb3any and default case */
2241 	if ((server->vals != vol->vals) || (server->ops != vol->ops))
2242 		return 0;
2243 
2244 	if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
2245 		return 0;
2246 
2247 	if (!match_address(server, addr,
2248 			   (struct sockaddr *)&vol->srcaddr))
2249 		return 0;
2250 
2251 	if (!match_port(server, addr))
2252 		return 0;
2253 
2254 	if (!match_security(server, vol))
2255 		return 0;
2256 
2257 	if (server->echo_interval != vol->echo_interval * HZ)
2258 		return 0;
2259 
2260 	return 1;
2261 }
2262 
2263 static struct TCP_Server_Info *
cifs_find_tcp_session(struct smb_vol * vol)2264 cifs_find_tcp_session(struct smb_vol *vol)
2265 {
2266 	struct TCP_Server_Info *server;
2267 
2268 	spin_lock(&cifs_tcp_ses_lock);
2269 	list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
2270 		if (!match_server(server, vol))
2271 			continue;
2272 
2273 		++server->srv_count;
2274 		spin_unlock(&cifs_tcp_ses_lock);
2275 		cifs_dbg(FYI, "Existing tcp session with server found\n");
2276 		return server;
2277 	}
2278 	spin_unlock(&cifs_tcp_ses_lock);
2279 	return NULL;
2280 }
2281 
2282 void
cifs_put_tcp_session(struct TCP_Server_Info * server,int from_reconnect)2283 cifs_put_tcp_session(struct TCP_Server_Info *server, int from_reconnect)
2284 {
2285 	struct task_struct *task;
2286 
2287 	spin_lock(&cifs_tcp_ses_lock);
2288 	if (--server->srv_count > 0) {
2289 		spin_unlock(&cifs_tcp_ses_lock);
2290 		return;
2291 	}
2292 
2293 	put_net(cifs_net_ns(server));
2294 
2295 	list_del_init(&server->tcp_ses_list);
2296 	spin_unlock(&cifs_tcp_ses_lock);
2297 
2298 	cancel_delayed_work_sync(&server->echo);
2299 
2300 	if (from_reconnect)
2301 		/*
2302 		 * Avoid deadlock here: reconnect work calls
2303 		 * cifs_put_tcp_session() at its end. Need to be sure
2304 		 * that reconnect work does nothing with server pointer after
2305 		 * that step.
2306 		 */
2307 		cancel_delayed_work(&server->reconnect);
2308 	else
2309 		cancel_delayed_work_sync(&server->reconnect);
2310 
2311 	spin_lock(&GlobalMid_Lock);
2312 	server->tcpStatus = CifsExiting;
2313 	spin_unlock(&GlobalMid_Lock);
2314 
2315 	cifs_crypto_secmech_release(server);
2316 	cifs_fscache_release_client_cookie(server);
2317 
2318 	kfree(server->session_key.response);
2319 	server->session_key.response = NULL;
2320 	server->session_key.len = 0;
2321 
2322 	task = xchg(&server->tsk, NULL);
2323 	if (task)
2324 		send_sig(SIGKILL, task, 1);
2325 }
2326 
2327 static struct TCP_Server_Info *
cifs_get_tcp_session(struct smb_vol * volume_info)2328 cifs_get_tcp_session(struct smb_vol *volume_info)
2329 {
2330 	struct TCP_Server_Info *tcp_ses = NULL;
2331 	int rc;
2332 
2333 	cifs_dbg(FYI, "UNC: %s\n", volume_info->UNC);
2334 
2335 	/* see if we already have a matching tcp_ses */
2336 	tcp_ses = cifs_find_tcp_session(volume_info);
2337 	if (tcp_ses)
2338 		return tcp_ses;
2339 
2340 	tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
2341 	if (!tcp_ses) {
2342 		rc = -ENOMEM;
2343 		goto out_err;
2344 	}
2345 
2346 	tcp_ses->ops = volume_info->ops;
2347 	tcp_ses->vals = volume_info->vals;
2348 	cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
2349 	tcp_ses->hostname = extract_hostname(volume_info->UNC);
2350 	if (IS_ERR(tcp_ses->hostname)) {
2351 		rc = PTR_ERR(tcp_ses->hostname);
2352 		goto out_err_crypto_release;
2353 	}
2354 
2355 	tcp_ses->noblocksnd = volume_info->noblocksnd;
2356 	tcp_ses->noautotune = volume_info->noautotune;
2357 	tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
2358 	tcp_ses->in_flight = 0;
2359 	tcp_ses->credits = 1;
2360 	init_waitqueue_head(&tcp_ses->response_q);
2361 	init_waitqueue_head(&tcp_ses->request_q);
2362 	INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
2363 	mutex_init(&tcp_ses->srv_mutex);
2364 	memcpy(tcp_ses->workstation_RFC1001_name,
2365 		volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2366 	memcpy(tcp_ses->server_RFC1001_name,
2367 		volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2368 	tcp_ses->session_estab = false;
2369 	tcp_ses->sequence_number = 0;
2370 	tcp_ses->lstrp = jiffies;
2371 	spin_lock_init(&tcp_ses->req_lock);
2372 	INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
2373 	INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
2374 	INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
2375 	INIT_DELAYED_WORK(&tcp_ses->reconnect, smb2_reconnect_server);
2376 	mutex_init(&tcp_ses->reconnect_mutex);
2377 	memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
2378 	       sizeof(tcp_ses->srcaddr));
2379 	memcpy(&tcp_ses->dstaddr, &volume_info->dstaddr,
2380 		sizeof(tcp_ses->dstaddr));
2381 	generate_random_uuid(tcp_ses->client_guid);
2382 	/*
2383 	 * at this point we are the only ones with the pointer
2384 	 * to the struct since the kernel thread not created yet
2385 	 * no need to spinlock this init of tcpStatus or srv_count
2386 	 */
2387 	tcp_ses->tcpStatus = CifsNew;
2388 	++tcp_ses->srv_count;
2389 
2390 	if (volume_info->echo_interval >= SMB_ECHO_INTERVAL_MIN &&
2391 		volume_info->echo_interval <= SMB_ECHO_INTERVAL_MAX)
2392 		tcp_ses->echo_interval = volume_info->echo_interval * HZ;
2393 	else
2394 		tcp_ses->echo_interval = SMB_ECHO_INTERVAL_DEFAULT * HZ;
2395 
2396 	rc = ip_connect(tcp_ses);
2397 	if (rc < 0) {
2398 		cifs_dbg(VFS, "Error connecting to socket. Aborting operation.\n");
2399 		goto out_err_crypto_release;
2400 	}
2401 
2402 	/*
2403 	 * since we're in a cifs function already, we know that
2404 	 * this will succeed. No need for try_module_get().
2405 	 */
2406 	__module_get(THIS_MODULE);
2407 	tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
2408 				  tcp_ses, "cifsd");
2409 	if (IS_ERR(tcp_ses->tsk)) {
2410 		rc = PTR_ERR(tcp_ses->tsk);
2411 		cifs_dbg(VFS, "error %d create cifsd thread\n", rc);
2412 		module_put(THIS_MODULE);
2413 		goto out_err_crypto_release;
2414 	}
2415 	tcp_ses->tcpStatus = CifsNeedNegotiate;
2416 
2417 	/* thread spawned, put it on the list */
2418 	spin_lock(&cifs_tcp_ses_lock);
2419 	list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
2420 	spin_unlock(&cifs_tcp_ses_lock);
2421 
2422 	cifs_fscache_get_client_cookie(tcp_ses);
2423 
2424 	/* queue echo request delayed work */
2425 	queue_delayed_work(cifsiod_wq, &tcp_ses->echo, tcp_ses->echo_interval);
2426 
2427 	return tcp_ses;
2428 
2429 out_err_crypto_release:
2430 	cifs_crypto_secmech_release(tcp_ses);
2431 
2432 	put_net(cifs_net_ns(tcp_ses));
2433 
2434 out_err:
2435 	if (tcp_ses) {
2436 		if (!IS_ERR(tcp_ses->hostname))
2437 			kfree(tcp_ses->hostname);
2438 		if (tcp_ses->ssocket)
2439 			sock_release(tcp_ses->ssocket);
2440 		kfree(tcp_ses);
2441 	}
2442 	return ERR_PTR(rc);
2443 }
2444 
match_session(struct cifs_ses * ses,struct smb_vol * vol)2445 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
2446 {
2447 	if (vol->sectype != Unspecified &&
2448 	    vol->sectype != ses->sectype)
2449 		return 0;
2450 
2451 	switch (ses->sectype) {
2452 	case Kerberos:
2453 		if (!uid_eq(vol->cred_uid, ses->cred_uid))
2454 			return 0;
2455 		break;
2456 	default:
2457 		/* NULL username means anonymous session */
2458 		if (ses->user_name == NULL) {
2459 			if (!vol->nullauth)
2460 				return 0;
2461 			break;
2462 		}
2463 
2464 		/* anything else takes username/password */
2465 		if (strncmp(ses->user_name,
2466 			    vol->username ? vol->username : "",
2467 			    CIFS_MAX_USERNAME_LEN))
2468 			return 0;
2469 		if ((vol->username && strlen(vol->username) != 0) &&
2470 		    ses->password != NULL &&
2471 		    strncmp(ses->password,
2472 			    vol->password ? vol->password : "",
2473 			    CIFS_MAX_PASSWORD_LEN))
2474 			return 0;
2475 	}
2476 	return 1;
2477 }
2478 
2479 static struct cifs_ses *
cifs_find_smb_ses(struct TCP_Server_Info * server,struct smb_vol * vol)2480 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2481 {
2482 	struct cifs_ses *ses;
2483 
2484 	spin_lock(&cifs_tcp_ses_lock);
2485 	list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2486 		if (ses->status == CifsExiting)
2487 			continue;
2488 		if (!match_session(ses, vol))
2489 			continue;
2490 		++ses->ses_count;
2491 		spin_unlock(&cifs_tcp_ses_lock);
2492 		return ses;
2493 	}
2494 	spin_unlock(&cifs_tcp_ses_lock);
2495 	return NULL;
2496 }
2497 
2498 static void
cifs_put_smb_ses(struct cifs_ses * ses)2499 cifs_put_smb_ses(struct cifs_ses *ses)
2500 {
2501 	unsigned int rc, xid;
2502 	struct TCP_Server_Info *server = ses->server;
2503 
2504 	cifs_dbg(FYI, "%s: ses_count=%d\n", __func__, ses->ses_count);
2505 
2506 	spin_lock(&cifs_tcp_ses_lock);
2507 	if (ses->status == CifsExiting) {
2508 		spin_unlock(&cifs_tcp_ses_lock);
2509 		return;
2510 	}
2511 	if (--ses->ses_count > 0) {
2512 		spin_unlock(&cifs_tcp_ses_lock);
2513 		return;
2514 	}
2515 	if (ses->status == CifsGood)
2516 		ses->status = CifsExiting;
2517 	spin_unlock(&cifs_tcp_ses_lock);
2518 
2519 	if (ses->status == CifsExiting && server->ops->logoff) {
2520 		xid = get_xid();
2521 		rc = server->ops->logoff(xid, ses);
2522 		if (rc)
2523 			cifs_dbg(VFS, "%s: Session Logoff failure rc=%d\n",
2524 				__func__, rc);
2525 		_free_xid(xid);
2526 	}
2527 
2528 	spin_lock(&cifs_tcp_ses_lock);
2529 	list_del_init(&ses->smb_ses_list);
2530 	spin_unlock(&cifs_tcp_ses_lock);
2531 
2532 	sesInfoFree(ses);
2533 	cifs_put_tcp_session(server, 0);
2534 }
2535 
2536 #ifdef CONFIG_KEYS
2537 
2538 /* strlen("cifs:a:") + CIFS_MAX_DOMAINNAME_LEN + 1 */
2539 #define CIFSCREDS_DESC_SIZE (7 + CIFS_MAX_DOMAINNAME_LEN + 1)
2540 
2541 /* Populate username and pw fields from keyring if possible */
2542 static int
cifs_set_cifscreds(struct smb_vol * vol,struct cifs_ses * ses)2543 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2544 {
2545 	int rc = 0;
2546 	int is_domain = 0;
2547 	const char *delim, *payload;
2548 	char *desc;
2549 	ssize_t len;
2550 	struct key *key;
2551 	struct TCP_Server_Info *server = ses->server;
2552 	struct sockaddr_in *sa;
2553 	struct sockaddr_in6 *sa6;
2554 	const struct user_key_payload *upayload;
2555 
2556 	desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2557 	if (!desc)
2558 		return -ENOMEM;
2559 
2560 	/* try to find an address key first */
2561 	switch (server->dstaddr.ss_family) {
2562 	case AF_INET:
2563 		sa = (struct sockaddr_in *)&server->dstaddr;
2564 		sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2565 		break;
2566 	case AF_INET6:
2567 		sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2568 		sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2569 		break;
2570 	default:
2571 		cifs_dbg(FYI, "Bad ss_family (%hu)\n",
2572 			 server->dstaddr.ss_family);
2573 		rc = -EINVAL;
2574 		goto out_err;
2575 	}
2576 
2577 	cifs_dbg(FYI, "%s: desc=%s\n", __func__, desc);
2578 	key = request_key(&key_type_logon, desc, "");
2579 	if (IS_ERR(key)) {
2580 		if (!ses->domainName) {
2581 			cifs_dbg(FYI, "domainName is NULL\n");
2582 			rc = PTR_ERR(key);
2583 			goto out_err;
2584 		}
2585 
2586 		/* didn't work, try to find a domain key */
2587 		sprintf(desc, "cifs:d:%s", ses->domainName);
2588 		cifs_dbg(FYI, "%s: desc=%s\n", __func__, desc);
2589 		key = request_key(&key_type_logon, desc, "");
2590 		if (IS_ERR(key)) {
2591 			rc = PTR_ERR(key);
2592 			goto out_err;
2593 		}
2594 		is_domain = 1;
2595 	}
2596 
2597 	down_read(&key->sem);
2598 	upayload = user_key_payload_locked(key);
2599 	if (IS_ERR_OR_NULL(upayload)) {
2600 		rc = upayload ? PTR_ERR(upayload) : -EINVAL;
2601 		goto out_key_put;
2602 	}
2603 
2604 	/* find first : in payload */
2605 	payload = upayload->data;
2606 	delim = strnchr(payload, upayload->datalen, ':');
2607 	cifs_dbg(FYI, "payload=%s\n", payload);
2608 	if (!delim) {
2609 		cifs_dbg(FYI, "Unable to find ':' in payload (datalen=%d)\n",
2610 			 upayload->datalen);
2611 		rc = -EINVAL;
2612 		goto out_key_put;
2613 	}
2614 
2615 	len = delim - payload;
2616 	if (len > CIFS_MAX_USERNAME_LEN || len <= 0) {
2617 		cifs_dbg(FYI, "Bad value from username search (len=%zd)\n",
2618 			 len);
2619 		rc = -EINVAL;
2620 		goto out_key_put;
2621 	}
2622 
2623 	vol->username = kstrndup(payload, len, GFP_KERNEL);
2624 	if (!vol->username) {
2625 		cifs_dbg(FYI, "Unable to allocate %zd bytes for username\n",
2626 			 len);
2627 		rc = -ENOMEM;
2628 		goto out_key_put;
2629 	}
2630 	cifs_dbg(FYI, "%s: username=%s\n", __func__, vol->username);
2631 
2632 	len = key->datalen - (len + 1);
2633 	if (len > CIFS_MAX_PASSWORD_LEN || len <= 0) {
2634 		cifs_dbg(FYI, "Bad len for password search (len=%zd)\n", len);
2635 		rc = -EINVAL;
2636 		kfree(vol->username);
2637 		vol->username = NULL;
2638 		goto out_key_put;
2639 	}
2640 
2641 	++delim;
2642 	vol->password = kstrndup(delim, len, GFP_KERNEL);
2643 	if (!vol->password) {
2644 		cifs_dbg(FYI, "Unable to allocate %zd bytes for password\n",
2645 			 len);
2646 		rc = -ENOMEM;
2647 		kfree(vol->username);
2648 		vol->username = NULL;
2649 		goto out_key_put;
2650 	}
2651 
2652 	/*
2653 	 * If we have a domain key then we must set the domainName in the
2654 	 * for the request.
2655 	 */
2656 	if (is_domain && ses->domainName) {
2657 		vol->domainname = kstrndup(ses->domainName,
2658 					   strlen(ses->domainName),
2659 					   GFP_KERNEL);
2660 		if (!vol->domainname) {
2661 			cifs_dbg(FYI, "Unable to allocate %zd bytes for "
2662 				 "domain\n", len);
2663 			rc = -ENOMEM;
2664 			kfree(vol->username);
2665 			vol->username = NULL;
2666 			kzfree(vol->password);
2667 			vol->password = NULL;
2668 			goto out_key_put;
2669 		}
2670 	}
2671 
2672 out_key_put:
2673 	up_read(&key->sem);
2674 	key_put(key);
2675 out_err:
2676 	kfree(desc);
2677 	cifs_dbg(FYI, "%s: returning %d\n", __func__, rc);
2678 	return rc;
2679 }
2680 #else /* ! CONFIG_KEYS */
2681 static inline int
cifs_set_cifscreds(struct smb_vol * vol,struct cifs_ses * ses)2682 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2683 		   struct cifs_ses *ses __attribute__((unused)))
2684 {
2685 	return -ENOSYS;
2686 }
2687 #endif /* CONFIG_KEYS */
2688 
2689 static struct cifs_ses *
cifs_get_smb_ses(struct TCP_Server_Info * server,struct smb_vol * volume_info)2690 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2691 {
2692 	int rc = -ENOMEM;
2693 	unsigned int xid;
2694 	struct cifs_ses *ses;
2695 	struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2696 	struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2697 
2698 	xid = get_xid();
2699 
2700 	ses = cifs_find_smb_ses(server, volume_info);
2701 	if (ses) {
2702 		cifs_dbg(FYI, "Existing smb sess found (status=%d)\n",
2703 			 ses->status);
2704 
2705 		mutex_lock(&ses->session_mutex);
2706 		rc = cifs_negotiate_protocol(xid, ses);
2707 		if (rc) {
2708 			mutex_unlock(&ses->session_mutex);
2709 			/* problem -- put our ses reference */
2710 			cifs_put_smb_ses(ses);
2711 			free_xid(xid);
2712 			return ERR_PTR(rc);
2713 		}
2714 		if (ses->need_reconnect) {
2715 			cifs_dbg(FYI, "Session needs reconnect\n");
2716 			rc = cifs_setup_session(xid, ses,
2717 						volume_info->local_nls);
2718 			if (rc) {
2719 				mutex_unlock(&ses->session_mutex);
2720 				/* problem -- put our reference */
2721 				cifs_put_smb_ses(ses);
2722 				free_xid(xid);
2723 				return ERR_PTR(rc);
2724 			}
2725 		}
2726 		mutex_unlock(&ses->session_mutex);
2727 
2728 		/* existing SMB ses has a server reference already */
2729 		cifs_put_tcp_session(server, 0);
2730 		free_xid(xid);
2731 		return ses;
2732 	}
2733 
2734 	cifs_dbg(FYI, "Existing smb sess not found\n");
2735 	ses = sesInfoAlloc();
2736 	if (ses == NULL)
2737 		goto get_ses_fail;
2738 
2739 	/* new SMB session uses our server ref */
2740 	ses->server = server;
2741 	if (server->dstaddr.ss_family == AF_INET6)
2742 		sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2743 	else
2744 		sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2745 
2746 	if (volume_info->username) {
2747 		ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2748 		if (!ses->user_name)
2749 			goto get_ses_fail;
2750 	}
2751 
2752 	/* volume_info->password freed at unmount */
2753 	if (volume_info->password) {
2754 		ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2755 		if (!ses->password)
2756 			goto get_ses_fail;
2757 	}
2758 	if (volume_info->domainname) {
2759 		ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2760 		if (!ses->domainName)
2761 			goto get_ses_fail;
2762 	}
2763 	if (volume_info->domainauto)
2764 		ses->domainAuto = volume_info->domainauto;
2765 	ses->cred_uid = volume_info->cred_uid;
2766 	ses->linux_uid = volume_info->linux_uid;
2767 
2768 	ses->sectype = volume_info->sectype;
2769 	ses->sign = volume_info->sign;
2770 
2771 	mutex_lock(&ses->session_mutex);
2772 	rc = cifs_negotiate_protocol(xid, ses);
2773 	if (!rc)
2774 		rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2775 	mutex_unlock(&ses->session_mutex);
2776 	if (rc)
2777 		goto get_ses_fail;
2778 
2779 	/* success, put it on the list */
2780 	spin_lock(&cifs_tcp_ses_lock);
2781 	list_add(&ses->smb_ses_list, &server->smb_ses_list);
2782 	spin_unlock(&cifs_tcp_ses_lock);
2783 
2784 	free_xid(xid);
2785 	return ses;
2786 
2787 get_ses_fail:
2788 	sesInfoFree(ses);
2789 	free_xid(xid);
2790 	return ERR_PTR(rc);
2791 }
2792 
match_tcon(struct cifs_tcon * tcon,struct smb_vol * volume_info)2793 static int match_tcon(struct cifs_tcon *tcon, struct smb_vol *volume_info)
2794 {
2795 	if (tcon->tidStatus == CifsExiting)
2796 		return 0;
2797 	if (strncmp(tcon->treeName, volume_info->UNC, MAX_TREE_SIZE))
2798 		return 0;
2799 	if (tcon->seal != volume_info->seal)
2800 		return 0;
2801 	if (tcon->snapshot_time != volume_info->snapshot_time)
2802 		return 0;
2803 	return 1;
2804 }
2805 
2806 static struct cifs_tcon *
cifs_find_tcon(struct cifs_ses * ses,struct smb_vol * volume_info)2807 cifs_find_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2808 {
2809 	struct list_head *tmp;
2810 	struct cifs_tcon *tcon;
2811 
2812 	spin_lock(&cifs_tcp_ses_lock);
2813 	list_for_each(tmp, &ses->tcon_list) {
2814 		tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2815 		if (!match_tcon(tcon, volume_info))
2816 			continue;
2817 		++tcon->tc_count;
2818 		spin_unlock(&cifs_tcp_ses_lock);
2819 		return tcon;
2820 	}
2821 	spin_unlock(&cifs_tcp_ses_lock);
2822 	return NULL;
2823 }
2824 
2825 void
cifs_put_tcon(struct cifs_tcon * tcon)2826 cifs_put_tcon(struct cifs_tcon *tcon)
2827 {
2828 	unsigned int xid;
2829 	struct cifs_ses *ses = tcon->ses;
2830 
2831 	cifs_dbg(FYI, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2832 	spin_lock(&cifs_tcp_ses_lock);
2833 	if (--tcon->tc_count > 0) {
2834 		spin_unlock(&cifs_tcp_ses_lock);
2835 		return;
2836 	}
2837 
2838 	list_del_init(&tcon->tcon_list);
2839 	spin_unlock(&cifs_tcp_ses_lock);
2840 
2841 	xid = get_xid();
2842 	if (ses->server->ops->tree_disconnect)
2843 		ses->server->ops->tree_disconnect(xid, tcon);
2844 	_free_xid(xid);
2845 
2846 	cifs_fscache_release_super_cookie(tcon);
2847 	tconInfoFree(tcon);
2848 	cifs_put_smb_ses(ses);
2849 }
2850 
2851 static struct cifs_tcon *
cifs_get_tcon(struct cifs_ses * ses,struct smb_vol * volume_info)2852 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2853 {
2854 	int rc, xid;
2855 	struct cifs_tcon *tcon;
2856 
2857 	tcon = cifs_find_tcon(ses, volume_info);
2858 	if (tcon) {
2859 		cifs_dbg(FYI, "Found match on UNC path\n");
2860 		/* existing tcon already has a reference */
2861 		cifs_put_smb_ses(ses);
2862 		return tcon;
2863 	}
2864 
2865 	if (!ses->server->ops->tree_connect) {
2866 		rc = -ENOSYS;
2867 		goto out_fail;
2868 	}
2869 
2870 	tcon = tconInfoAlloc();
2871 	if (tcon == NULL) {
2872 		rc = -ENOMEM;
2873 		goto out_fail;
2874 	}
2875 
2876 	if (volume_info->snapshot_time) {
2877 		if (ses->server->vals->protocol_id == 0) {
2878 			cifs_dbg(VFS,
2879 			     "Use SMB2 or later for snapshot mount option\n");
2880 			rc = -EOPNOTSUPP;
2881 			goto out_fail;
2882 		} else
2883 			tcon->snapshot_time = volume_info->snapshot_time;
2884 	}
2885 
2886 	tcon->ses = ses;
2887 	if (volume_info->password) {
2888 		tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2889 		if (!tcon->password) {
2890 			rc = -ENOMEM;
2891 			goto out_fail;
2892 		}
2893 	}
2894 
2895 	/*
2896 	 * BB Do we need to wrap session_mutex around this TCon call and Unix
2897 	 * SetFS as we do on SessSetup and reconnect?
2898 	 */
2899 	xid = get_xid();
2900 	rc = ses->server->ops->tree_connect(xid, ses, volume_info->UNC, tcon,
2901 					    volume_info->local_nls);
2902 	free_xid(xid);
2903 	cifs_dbg(FYI, "Tcon rc = %d\n", rc);
2904 	if (rc)
2905 		goto out_fail;
2906 
2907 	if (volume_info->nodfs) {
2908 		tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2909 		cifs_dbg(FYI, "DFS disabled (%d)\n", tcon->Flags);
2910 	}
2911 	tcon->use_persistent = false;
2912 	/* check if SMB2 or later, CIFS does not support persistent handles */
2913 	if (volume_info->persistent) {
2914 		if (ses->server->vals->protocol_id == 0) {
2915 			cifs_dbg(VFS,
2916 			     "SMB3 or later required for persistent handles\n");
2917 			rc = -EOPNOTSUPP;
2918 			goto out_fail;
2919 		} else if (ses->server->capabilities &
2920 			   SMB2_GLOBAL_CAP_PERSISTENT_HANDLES)
2921 			tcon->use_persistent = true;
2922 		else /* persistent handles requested but not supported */ {
2923 			cifs_dbg(VFS,
2924 				"Persistent handles not supported on share\n");
2925 			rc = -EOPNOTSUPP;
2926 			goto out_fail;
2927 		}
2928 	} else if ((tcon->capabilities & SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY)
2929 	     && (ses->server->capabilities & SMB2_GLOBAL_CAP_PERSISTENT_HANDLES)
2930 	     && (volume_info->nopersistent == false)) {
2931 		cifs_dbg(FYI, "enabling persistent handles\n");
2932 		tcon->use_persistent = true;
2933 	} else if (volume_info->resilient) {
2934 		if (ses->server->vals->protocol_id == 0) {
2935 			cifs_dbg(VFS,
2936 			     "SMB2.1 or later required for resilient handles\n");
2937 			rc = -EOPNOTSUPP;
2938 			goto out_fail;
2939 		}
2940 		tcon->use_resilient = true;
2941 	}
2942 
2943 	if (volume_info->seal) {
2944 		if (ses->server->vals->protocol_id == 0) {
2945 			cifs_dbg(VFS,
2946 				 "SMB3 or later required for encryption\n");
2947 			rc = -EOPNOTSUPP;
2948 			goto out_fail;
2949 		} else if (tcon->ses->server->capabilities &
2950 					SMB2_GLOBAL_CAP_ENCRYPTION)
2951 			tcon->seal = true;
2952 		else {
2953 			cifs_dbg(VFS, "Encryption is not supported on share\n");
2954 			rc = -EOPNOTSUPP;
2955 			goto out_fail;
2956 		}
2957 	}
2958 
2959 	/*
2960 	 * We can have only one retry value for a connection to a share so for
2961 	 * resources mounted more than once to the same server share the last
2962 	 * value passed in for the retry flag is used.
2963 	 */
2964 	tcon->retry = volume_info->retry;
2965 	tcon->nocase = volume_info->nocase;
2966 	tcon->local_lease = volume_info->local_lease;
2967 	INIT_LIST_HEAD(&tcon->pending_opens);
2968 
2969 	spin_lock(&cifs_tcp_ses_lock);
2970 	list_add(&tcon->tcon_list, &ses->tcon_list);
2971 	spin_unlock(&cifs_tcp_ses_lock);
2972 
2973 	cifs_fscache_get_super_cookie(tcon);
2974 
2975 	return tcon;
2976 
2977 out_fail:
2978 	tconInfoFree(tcon);
2979 	return ERR_PTR(rc);
2980 }
2981 
2982 void
cifs_put_tlink(struct tcon_link * tlink)2983 cifs_put_tlink(struct tcon_link *tlink)
2984 {
2985 	if (!tlink || IS_ERR(tlink))
2986 		return;
2987 
2988 	if (!atomic_dec_and_test(&tlink->tl_count) ||
2989 	    test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2990 		tlink->tl_time = jiffies;
2991 		return;
2992 	}
2993 
2994 	if (!IS_ERR(tlink_tcon(tlink)))
2995 		cifs_put_tcon(tlink_tcon(tlink));
2996 	kfree(tlink);
2997 	return;
2998 }
2999 
3000 static inline struct tcon_link *
cifs_sb_master_tlink(struct cifs_sb_info * cifs_sb)3001 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
3002 {
3003 	return cifs_sb->master_tlink;
3004 }
3005 
3006 static int
compare_mount_options(struct super_block * sb,struct cifs_mnt_data * mnt_data)3007 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
3008 {
3009 	struct cifs_sb_info *old = CIFS_SB(sb);
3010 	struct cifs_sb_info *new = mnt_data->cifs_sb;
3011 
3012 	if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
3013 		return 0;
3014 
3015 	if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
3016 	    (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
3017 		return 0;
3018 
3019 	/*
3020 	 * We want to share sb only if we don't specify an r/wsize or
3021 	 * specified r/wsize is greater than or equal to existing one.
3022 	 */
3023 	if (new->wsize && new->wsize < old->wsize)
3024 		return 0;
3025 
3026 	if (new->rsize && new->rsize < old->rsize)
3027 		return 0;
3028 
3029 	if (!uid_eq(old->mnt_uid, new->mnt_uid) || !gid_eq(old->mnt_gid, new->mnt_gid))
3030 		return 0;
3031 
3032 	if (old->mnt_file_mode != new->mnt_file_mode ||
3033 	    old->mnt_dir_mode != new->mnt_dir_mode)
3034 		return 0;
3035 
3036 	if (strcmp(old->local_nls->charset, new->local_nls->charset))
3037 		return 0;
3038 
3039 	if (old->actimeo != new->actimeo)
3040 		return 0;
3041 
3042 	return 1;
3043 }
3044 
3045 static int
match_prepath(struct super_block * sb,struct cifs_mnt_data * mnt_data)3046 match_prepath(struct super_block *sb, struct cifs_mnt_data *mnt_data)
3047 {
3048 	struct cifs_sb_info *old = CIFS_SB(sb);
3049 	struct cifs_sb_info *new = mnt_data->cifs_sb;
3050 	bool old_set = (old->mnt_cifs_flags & CIFS_MOUNT_USE_PREFIX_PATH) &&
3051 		old->prepath;
3052 	bool new_set = (new->mnt_cifs_flags & CIFS_MOUNT_USE_PREFIX_PATH) &&
3053 		new->prepath;
3054 
3055 	if (old_set && new_set && !strcmp(new->prepath, old->prepath))
3056 		return 1;
3057 	else if (!old_set && !new_set)
3058 		return 1;
3059 
3060 	return 0;
3061 }
3062 
3063 int
cifs_match_super(struct super_block * sb,void * data)3064 cifs_match_super(struct super_block *sb, void *data)
3065 {
3066 	struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
3067 	struct smb_vol *volume_info;
3068 	struct cifs_sb_info *cifs_sb;
3069 	struct TCP_Server_Info *tcp_srv;
3070 	struct cifs_ses *ses;
3071 	struct cifs_tcon *tcon;
3072 	struct tcon_link *tlink;
3073 	int rc = 0;
3074 
3075 	spin_lock(&cifs_tcp_ses_lock);
3076 	cifs_sb = CIFS_SB(sb);
3077 	tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3078 	if (IS_ERR(tlink)) {
3079 		spin_unlock(&cifs_tcp_ses_lock);
3080 		return rc;
3081 	}
3082 	tcon = tlink_tcon(tlink);
3083 	ses = tcon->ses;
3084 	tcp_srv = ses->server;
3085 
3086 	volume_info = mnt_data->vol;
3087 
3088 	if (!match_server(tcp_srv, volume_info) ||
3089 	    !match_session(ses, volume_info) ||
3090 	    !match_tcon(tcon, volume_info) ||
3091 	    !match_prepath(sb, mnt_data)) {
3092 		rc = 0;
3093 		goto out;
3094 	}
3095 
3096 	rc = compare_mount_options(sb, mnt_data);
3097 out:
3098 	spin_unlock(&cifs_tcp_ses_lock);
3099 	cifs_put_tlink(tlink);
3100 	return rc;
3101 }
3102 
3103 int
get_dfs_path(const unsigned int xid,struct cifs_ses * ses,const char * old_path,const struct nls_table * nls_codepage,unsigned int * num_referrals,struct dfs_info3_param ** referrals,int remap)3104 get_dfs_path(const unsigned int xid, struct cifs_ses *ses, const char *old_path,
3105 	     const struct nls_table *nls_codepage, unsigned int *num_referrals,
3106 	     struct dfs_info3_param **referrals, int remap)
3107 {
3108 	char *temp_unc;
3109 	int rc = 0;
3110 
3111 	if (!ses->server->ops->tree_connect || !ses->server->ops->get_dfs_refer)
3112 		return -ENOSYS;
3113 
3114 	*num_referrals = 0;
3115 	*referrals = NULL;
3116 
3117 	if (ses->ipc_tid == 0) {
3118 		temp_unc = kmalloc(2 /* for slashes */ +
3119 			strnlen(ses->serverName, SERVER_NAME_LEN_WITH_NULL * 2)
3120 				+ 1 + 4 /* slash IPC$ */ + 2, GFP_KERNEL);
3121 		if (temp_unc == NULL)
3122 			return -ENOMEM;
3123 		temp_unc[0] = '\\';
3124 		temp_unc[1] = '\\';
3125 		strcpy(temp_unc + 2, ses->serverName);
3126 		strcpy(temp_unc + 2 + strlen(ses->serverName), "\\IPC$");
3127 		rc = ses->server->ops->tree_connect(xid, ses, temp_unc, NULL,
3128 						    nls_codepage);
3129 		cifs_dbg(FYI, "Tcon rc = %d ipc_tid = %d\n", rc, ses->ipc_tid);
3130 		kfree(temp_unc);
3131 	}
3132 	if (rc == 0)
3133 		rc = ses->server->ops->get_dfs_refer(xid, ses, old_path,
3134 						     referrals, num_referrals,
3135 						     nls_codepage, remap);
3136 	/*
3137 	 * BB - map targetUNCs to dfs_info3 structures, here or in
3138 	 * ses->server->ops->get_dfs_refer.
3139 	 */
3140 
3141 	return rc;
3142 }
3143 
3144 #ifdef CONFIG_DEBUG_LOCK_ALLOC
3145 static struct lock_class_key cifs_key[2];
3146 static struct lock_class_key cifs_slock_key[2];
3147 
3148 static inline void
cifs_reclassify_socket4(struct socket * sock)3149 cifs_reclassify_socket4(struct socket *sock)
3150 {
3151 	struct sock *sk = sock->sk;
3152 	BUG_ON(!sock_allow_reclassification(sk));
3153 	sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
3154 		&cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
3155 }
3156 
3157 static inline void
cifs_reclassify_socket6(struct socket * sock)3158 cifs_reclassify_socket6(struct socket *sock)
3159 {
3160 	struct sock *sk = sock->sk;
3161 	BUG_ON(!sock_allow_reclassification(sk));
3162 	sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
3163 		&cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
3164 }
3165 #else
3166 static inline void
cifs_reclassify_socket4(struct socket * sock)3167 cifs_reclassify_socket4(struct socket *sock)
3168 {
3169 }
3170 
3171 static inline void
cifs_reclassify_socket6(struct socket * sock)3172 cifs_reclassify_socket6(struct socket *sock)
3173 {
3174 }
3175 #endif
3176 
3177 /* See RFC1001 section 14 on representation of Netbios names */
rfc1002mangle(char * target,char * source,unsigned int length)3178 static void rfc1002mangle(char *target, char *source, unsigned int length)
3179 {
3180 	unsigned int i, j;
3181 
3182 	for (i = 0, j = 0; i < (length); i++) {
3183 		/* mask a nibble at a time and encode */
3184 		target[j] = 'A' + (0x0F & (source[i] >> 4));
3185 		target[j+1] = 'A' + (0x0F & source[i]);
3186 		j += 2;
3187 	}
3188 
3189 }
3190 
3191 static int
bind_socket(struct TCP_Server_Info * server)3192 bind_socket(struct TCP_Server_Info *server)
3193 {
3194 	int rc = 0;
3195 	if (server->srcaddr.ss_family != AF_UNSPEC) {
3196 		/* Bind to the specified local IP address */
3197 		struct socket *socket = server->ssocket;
3198 		rc = socket->ops->bind(socket,
3199 				       (struct sockaddr *) &server->srcaddr,
3200 				       sizeof(server->srcaddr));
3201 		if (rc < 0) {
3202 			struct sockaddr_in *saddr4;
3203 			struct sockaddr_in6 *saddr6;
3204 			saddr4 = (struct sockaddr_in *)&server->srcaddr;
3205 			saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
3206 			if (saddr6->sin6_family == AF_INET6)
3207 				cifs_dbg(VFS, "Failed to bind to: %pI6c, error: %d\n",
3208 					 &saddr6->sin6_addr, rc);
3209 			else
3210 				cifs_dbg(VFS, "Failed to bind to: %pI4, error: %d\n",
3211 					 &saddr4->sin_addr.s_addr, rc);
3212 		}
3213 	}
3214 	return rc;
3215 }
3216 
3217 static int
ip_rfc1001_connect(struct TCP_Server_Info * server)3218 ip_rfc1001_connect(struct TCP_Server_Info *server)
3219 {
3220 	int rc = 0;
3221 	/*
3222 	 * some servers require RFC1001 sessinit before sending
3223 	 * negprot - BB check reconnection in case where second
3224 	 * sessinit is sent but no second negprot
3225 	 */
3226 	struct rfc1002_session_packet *ses_init_buf;
3227 	struct smb_hdr *smb_buf;
3228 	ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
3229 			       GFP_KERNEL);
3230 	if (ses_init_buf) {
3231 		ses_init_buf->trailer.session_req.called_len = 32;
3232 
3233 		if (server->server_RFC1001_name[0] != 0)
3234 			rfc1002mangle(ses_init_buf->trailer.
3235 				      session_req.called_name,
3236 				      server->server_RFC1001_name,
3237 				      RFC1001_NAME_LEN_WITH_NULL);
3238 		else
3239 			rfc1002mangle(ses_init_buf->trailer.
3240 				      session_req.called_name,
3241 				      DEFAULT_CIFS_CALLED_NAME,
3242 				      RFC1001_NAME_LEN_WITH_NULL);
3243 
3244 		ses_init_buf->trailer.session_req.calling_len = 32;
3245 
3246 		/*
3247 		 * calling name ends in null (byte 16) from old smb
3248 		 * convention.
3249 		 */
3250 		if (server->workstation_RFC1001_name[0] != 0)
3251 			rfc1002mangle(ses_init_buf->trailer.
3252 				      session_req.calling_name,
3253 				      server->workstation_RFC1001_name,
3254 				      RFC1001_NAME_LEN_WITH_NULL);
3255 		else
3256 			rfc1002mangle(ses_init_buf->trailer.
3257 				      session_req.calling_name,
3258 				      "LINUX_CIFS_CLNT",
3259 				      RFC1001_NAME_LEN_WITH_NULL);
3260 
3261 		ses_init_buf->trailer.session_req.scope1 = 0;
3262 		ses_init_buf->trailer.session_req.scope2 = 0;
3263 		smb_buf = (struct smb_hdr *)ses_init_buf;
3264 
3265 		/* sizeof RFC1002_SESSION_REQUEST with no scope */
3266 		smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
3267 		rc = smb_send(server, smb_buf, 0x44);
3268 		kfree(ses_init_buf);
3269 		/*
3270 		 * RFC1001 layer in at least one server
3271 		 * requires very short break before negprot
3272 		 * presumably because not expecting negprot
3273 		 * to follow so fast.  This is a simple
3274 		 * solution that works without
3275 		 * complicating the code and causes no
3276 		 * significant slowing down on mount
3277 		 * for everyone else
3278 		 */
3279 		usleep_range(1000, 2000);
3280 	}
3281 	/*
3282 	 * else the negprot may still work without this
3283 	 * even though malloc failed
3284 	 */
3285 
3286 	return rc;
3287 }
3288 
3289 static int
generic_ip_connect(struct TCP_Server_Info * server)3290 generic_ip_connect(struct TCP_Server_Info *server)
3291 {
3292 	int rc = 0;
3293 	__be16 sport;
3294 	int slen, sfamily;
3295 	struct socket *socket = server->ssocket;
3296 	struct sockaddr *saddr;
3297 
3298 	saddr = (struct sockaddr *) &server->dstaddr;
3299 
3300 	if (server->dstaddr.ss_family == AF_INET6) {
3301 		sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
3302 		slen = sizeof(struct sockaddr_in6);
3303 		sfamily = AF_INET6;
3304 	} else {
3305 		sport = ((struct sockaddr_in *) saddr)->sin_port;
3306 		slen = sizeof(struct sockaddr_in);
3307 		sfamily = AF_INET;
3308 	}
3309 
3310 	if (socket == NULL) {
3311 		rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
3312 				   IPPROTO_TCP, &socket, 1);
3313 		if (rc < 0) {
3314 			cifs_dbg(VFS, "Error %d creating socket\n", rc);
3315 			server->ssocket = NULL;
3316 			return rc;
3317 		}
3318 
3319 		/* BB other socket options to set KEEPALIVE, NODELAY? */
3320 		cifs_dbg(FYI, "Socket created\n");
3321 		server->ssocket = socket;
3322 		socket->sk->sk_allocation = GFP_NOFS;
3323 		if (sfamily == AF_INET6)
3324 			cifs_reclassify_socket6(socket);
3325 		else
3326 			cifs_reclassify_socket4(socket);
3327 	}
3328 
3329 	rc = bind_socket(server);
3330 	if (rc < 0)
3331 		return rc;
3332 
3333 	/*
3334 	 * Eventually check for other socket options to change from
3335 	 * the default. sock_setsockopt not used because it expects
3336 	 * user space buffer
3337 	 */
3338 	socket->sk->sk_rcvtimeo = 7 * HZ;
3339 	socket->sk->sk_sndtimeo = 5 * HZ;
3340 
3341 	/* make the bufsizes depend on wsize/rsize and max requests */
3342 	if (server->noautotune) {
3343 		if (socket->sk->sk_sndbuf < (200 * 1024))
3344 			socket->sk->sk_sndbuf = 200 * 1024;
3345 		if (socket->sk->sk_rcvbuf < (140 * 1024))
3346 			socket->sk->sk_rcvbuf = 140 * 1024;
3347 	}
3348 
3349 	if (server->tcp_nodelay) {
3350 		int val = 1;
3351 		rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
3352 				(char *)&val, sizeof(val));
3353 		if (rc)
3354 			cifs_dbg(FYI, "set TCP_NODELAY socket option error %d\n",
3355 				 rc);
3356 	}
3357 
3358 	cifs_dbg(FYI, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx\n",
3359 		 socket->sk->sk_sndbuf,
3360 		 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
3361 
3362 	rc = socket->ops->connect(socket, saddr, slen, 0);
3363 	if (rc < 0) {
3364 		cifs_dbg(FYI, "Error %d connecting to server\n", rc);
3365 		sock_release(socket);
3366 		server->ssocket = NULL;
3367 		return rc;
3368 	}
3369 
3370 	if (sport == htons(RFC1001_PORT))
3371 		rc = ip_rfc1001_connect(server);
3372 
3373 	return rc;
3374 }
3375 
3376 static int
ip_connect(struct TCP_Server_Info * server)3377 ip_connect(struct TCP_Server_Info *server)
3378 {
3379 	__be16 *sport;
3380 	struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
3381 	struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
3382 
3383 	if (server->dstaddr.ss_family == AF_INET6)
3384 		sport = &addr6->sin6_port;
3385 	else
3386 		sport = &addr->sin_port;
3387 
3388 	if (*sport == 0) {
3389 		int rc;
3390 
3391 		/* try with 445 port at first */
3392 		*sport = htons(CIFS_PORT);
3393 
3394 		rc = generic_ip_connect(server);
3395 		if (rc >= 0)
3396 			return rc;
3397 
3398 		/* if it failed, try with 139 port */
3399 		*sport = htons(RFC1001_PORT);
3400 	}
3401 
3402 	return generic_ip_connect(server);
3403 }
3404 
reset_cifs_unix_caps(unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,struct smb_vol * vol_info)3405 void reset_cifs_unix_caps(unsigned int xid, struct cifs_tcon *tcon,
3406 			  struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
3407 {
3408 	/* if we are reconnecting then should we check to see if
3409 	 * any requested capabilities changed locally e.g. via
3410 	 * remount but we can not do much about it here
3411 	 * if they have (even if we could detect it by the following)
3412 	 * Perhaps we could add a backpointer to array of sb from tcon
3413 	 * or if we change to make all sb to same share the same
3414 	 * sb as NFS - then we only have one backpointer to sb.
3415 	 * What if we wanted to mount the server share twice once with
3416 	 * and once without posixacls or posix paths? */
3417 	__u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3418 
3419 	if (vol_info && vol_info->no_linux_ext) {
3420 		tcon->fsUnixInfo.Capability = 0;
3421 		tcon->unix_ext = 0; /* Unix Extensions disabled */
3422 		cifs_dbg(FYI, "Linux protocol extensions disabled\n");
3423 		return;
3424 	} else if (vol_info)
3425 		tcon->unix_ext = 1; /* Unix Extensions supported */
3426 
3427 	if (tcon->unix_ext == 0) {
3428 		cifs_dbg(FYI, "Unix extensions disabled so not set on reconnect\n");
3429 		return;
3430 	}
3431 
3432 	if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
3433 		__u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3434 		cifs_dbg(FYI, "unix caps which server supports %lld\n", cap);
3435 		/* check for reconnect case in which we do not
3436 		   want to change the mount behavior if we can avoid it */
3437 		if (vol_info == NULL) {
3438 			/* turn off POSIX ACL and PATHNAMES if not set
3439 			   originally at mount time */
3440 			if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
3441 				cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3442 			if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3443 				if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3444 					cifs_dbg(VFS, "POSIXPATH support change\n");
3445 				cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3446 			} else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3447 				cifs_dbg(VFS, "possible reconnect error\n");
3448 				cifs_dbg(VFS, "server disabled POSIX path support\n");
3449 			}
3450 		}
3451 
3452 		if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3453 			cifs_dbg(VFS, "per-share encryption not supported yet\n");
3454 
3455 		cap &= CIFS_UNIX_CAP_MASK;
3456 		if (vol_info && vol_info->no_psx_acl)
3457 			cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3458 		else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
3459 			cifs_dbg(FYI, "negotiated posix acl support\n");
3460 			if (cifs_sb)
3461 				cifs_sb->mnt_cifs_flags |=
3462 					CIFS_MOUNT_POSIXACL;
3463 		}
3464 
3465 		if (vol_info && vol_info->posix_paths == 0)
3466 			cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3467 		else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
3468 			cifs_dbg(FYI, "negotiate posix pathnames\n");
3469 			if (cifs_sb)
3470 				cifs_sb->mnt_cifs_flags |=
3471 					CIFS_MOUNT_POSIX_PATHS;
3472 		}
3473 
3474 		cifs_dbg(FYI, "Negotiate caps 0x%x\n", (int)cap);
3475 #ifdef CONFIG_CIFS_DEBUG2
3476 		if (cap & CIFS_UNIX_FCNTL_CAP)
3477 			cifs_dbg(FYI, "FCNTL cap\n");
3478 		if (cap & CIFS_UNIX_EXTATTR_CAP)
3479 			cifs_dbg(FYI, "EXTATTR cap\n");
3480 		if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3481 			cifs_dbg(FYI, "POSIX path cap\n");
3482 		if (cap & CIFS_UNIX_XATTR_CAP)
3483 			cifs_dbg(FYI, "XATTR cap\n");
3484 		if (cap & CIFS_UNIX_POSIX_ACL_CAP)
3485 			cifs_dbg(FYI, "POSIX ACL cap\n");
3486 		if (cap & CIFS_UNIX_LARGE_READ_CAP)
3487 			cifs_dbg(FYI, "very large read cap\n");
3488 		if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
3489 			cifs_dbg(FYI, "very large write cap\n");
3490 		if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
3491 			cifs_dbg(FYI, "transport encryption cap\n");
3492 		if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3493 			cifs_dbg(FYI, "mandatory transport encryption cap\n");
3494 #endif /* CIFS_DEBUG2 */
3495 		if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
3496 			if (vol_info == NULL) {
3497 				cifs_dbg(FYI, "resetting capabilities failed\n");
3498 			} else
3499 				cifs_dbg(VFS, "Negotiating Unix capabilities with the server failed. Consider mounting with the Unix Extensions disabled if problems are found by specifying the nounix mount option.\n");
3500 
3501 		}
3502 	}
3503 }
3504 
cifs_setup_cifs_sb(struct smb_vol * pvolume_info,struct cifs_sb_info * cifs_sb)3505 int cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
3506 			struct cifs_sb_info *cifs_sb)
3507 {
3508 	INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
3509 
3510 	spin_lock_init(&cifs_sb->tlink_tree_lock);
3511 	cifs_sb->tlink_tree = RB_ROOT;
3512 
3513 	/*
3514 	 * Temporarily set r/wsize for matching superblock. If we end up using
3515 	 * new sb then client will later negotiate it downward if needed.
3516 	 */
3517 	cifs_sb->rsize = pvolume_info->rsize;
3518 	cifs_sb->wsize = pvolume_info->wsize;
3519 
3520 	cifs_sb->mnt_uid = pvolume_info->linux_uid;
3521 	cifs_sb->mnt_gid = pvolume_info->linux_gid;
3522 	cifs_sb->mnt_file_mode = pvolume_info->file_mode;
3523 	cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
3524 	cifs_dbg(FYI, "file mode: %04ho  dir mode: %04ho\n",
3525 		 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3526 
3527 	cifs_sb->actimeo = pvolume_info->actimeo;
3528 	cifs_sb->local_nls = pvolume_info->local_nls;
3529 
3530 	if (pvolume_info->noperm)
3531 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
3532 	if (pvolume_info->setuids)
3533 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
3534 	if (pvolume_info->setuidfromacl)
3535 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
3536 	if (pvolume_info->server_ino)
3537 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
3538 	if (pvolume_info->remap)
3539 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
3540 	if (pvolume_info->sfu_remap)
3541 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
3542 	if (pvolume_info->no_xattr)
3543 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
3544 	if (pvolume_info->sfu_emul)
3545 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
3546 	if (pvolume_info->nobrl)
3547 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
3548 	if (pvolume_info->nostrictsync)
3549 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
3550 	if (pvolume_info->mand_lock)
3551 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
3552 	if (pvolume_info->rwpidforward)
3553 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3554 	if (pvolume_info->cifs_acl)
3555 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3556 	if (pvolume_info->backupuid_specified) {
3557 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3558 		cifs_sb->mnt_backupuid = pvolume_info->backupuid;
3559 	}
3560 	if (pvolume_info->backupgid_specified) {
3561 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3562 		cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3563 	}
3564 	if (pvolume_info->override_uid)
3565 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3566 	if (pvolume_info->override_gid)
3567 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3568 	if (pvolume_info->dynperm)
3569 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
3570 	if (pvolume_info->fsc)
3571 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
3572 	if (pvolume_info->multiuser)
3573 		cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3574 					    CIFS_MOUNT_NO_PERM);
3575 	if (pvolume_info->strict_io)
3576 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3577 	if (pvolume_info->direct_io) {
3578 		cifs_dbg(FYI, "mounting share using direct i/o\n");
3579 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3580 	}
3581 	if (pvolume_info->mfsymlinks) {
3582 		if (pvolume_info->sfu_emul) {
3583 			/*
3584 			 * Our SFU ("Services for Unix" emulation does not allow
3585 			 * creating symlinks but does allow reading existing SFU
3586 			 * symlinks (it does allow both creating and reading SFU
3587 			 * style mknod and FIFOs though). When "mfsymlinks" and
3588 			 * "sfu" are both enabled at the same time, it allows
3589 			 * reading both types of symlinks, but will only create
3590 			 * them with mfsymlinks format. This allows better
3591 			 * Apple compatibility (probably better for Samba too)
3592 			 * while still recognizing old Windows style symlinks.
3593 			 */
3594 			cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
3595 		}
3596 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3597 	}
3598 
3599 	if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
3600 		cifs_dbg(VFS, "mount option dynperm ignored if cifsacl mount option supported\n");
3601 
3602 	if (pvolume_info->prepath) {
3603 		cifs_sb->prepath = kstrdup(pvolume_info->prepath, GFP_KERNEL);
3604 		if (cifs_sb->prepath == NULL)
3605 			return -ENOMEM;
3606 	}
3607 
3608 	return 0;
3609 }
3610 
3611 static void
cleanup_volume_info_contents(struct smb_vol * volume_info)3612 cleanup_volume_info_contents(struct smb_vol *volume_info)
3613 {
3614 	kfree(volume_info->username);
3615 	kzfree(volume_info->password);
3616 	kfree(volume_info->UNC);
3617 	kfree(volume_info->domainname);
3618 	kfree(volume_info->iocharset);
3619 	kfree(volume_info->prepath);
3620 }
3621 
3622 void
cifs_cleanup_volume_info(struct smb_vol * volume_info)3623 cifs_cleanup_volume_info(struct smb_vol *volume_info)
3624 {
3625 	if (!volume_info)
3626 		return;
3627 	cleanup_volume_info_contents(volume_info);
3628 	kfree(volume_info);
3629 }
3630 
3631 
3632 #ifdef CONFIG_CIFS_DFS_UPCALL
3633 /*
3634  * cifs_build_path_to_root returns full path to root when we do not have an
3635  * exiting connection (tcon)
3636  */
3637 static char *
build_unc_path_to_root(const struct smb_vol * vol,const struct cifs_sb_info * cifs_sb)3638 build_unc_path_to_root(const struct smb_vol *vol,
3639 		const struct cifs_sb_info *cifs_sb)
3640 {
3641 	char *full_path, *pos;
3642 	unsigned int pplen = vol->prepath ? strlen(vol->prepath) + 1 : 0;
3643 	unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3644 
3645 	full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3646 	if (full_path == NULL)
3647 		return ERR_PTR(-ENOMEM);
3648 
3649 	strncpy(full_path, vol->UNC, unc_len);
3650 	pos = full_path + unc_len;
3651 
3652 	if (pplen) {
3653 		*pos = CIFS_DIR_SEP(cifs_sb);
3654 		strncpy(pos + 1, vol->prepath, pplen);
3655 		pos += pplen;
3656 	}
3657 
3658 	*pos = '\0'; /* add trailing null */
3659 	convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3660 	cifs_dbg(FYI, "%s: full_path=%s\n", __func__, full_path);
3661 	return full_path;
3662 }
3663 
3664 /*
3665  * Perform a dfs referral query for a share and (optionally) prefix
3666  *
3667  * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3668  * to a string containing updated options for the submount.  Otherwise it
3669  * will be left untouched.
3670  *
3671  * Returns the rc from get_dfs_path to the caller, which can be used to
3672  * determine whether there were referrals.
3673  */
3674 static int
expand_dfs_referral(const unsigned int xid,struct cifs_ses * ses,struct smb_vol * volume_info,struct cifs_sb_info * cifs_sb,int check_prefix)3675 expand_dfs_referral(const unsigned int xid, struct cifs_ses *ses,
3676 		    struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3677 		    int check_prefix)
3678 {
3679 	int rc;
3680 	unsigned int num_referrals = 0;
3681 	struct dfs_info3_param *referrals = NULL;
3682 	char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3683 
3684 	full_path = build_unc_path_to_root(volume_info, cifs_sb);
3685 	if (IS_ERR(full_path))
3686 		return PTR_ERR(full_path);
3687 
3688 	/* For DFS paths, skip the first '\' of the UNC */
3689 	ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3690 
3691 	rc = get_dfs_path(xid, ses, ref_path, cifs_sb->local_nls,
3692 			  &num_referrals, &referrals, cifs_remap(cifs_sb));
3693 
3694 	if (!rc && num_referrals > 0) {
3695 		char *fake_devname = NULL;
3696 
3697 		mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3698 						   full_path + 1, referrals,
3699 						   &fake_devname);
3700 
3701 		free_dfs_info_array(referrals, num_referrals);
3702 
3703 		if (IS_ERR(mdata)) {
3704 			rc = PTR_ERR(mdata);
3705 			mdata = NULL;
3706 		} else {
3707 			cleanup_volume_info_contents(volume_info);
3708 			rc = cifs_setup_volume_info(volume_info, mdata,
3709 							fake_devname);
3710 		}
3711 		kfree(fake_devname);
3712 		kfree(cifs_sb->mountdata);
3713 		cifs_sb->mountdata = mdata;
3714 	}
3715 	kfree(full_path);
3716 	return rc;
3717 }
3718 #endif
3719 
3720 static int
cifs_setup_volume_info(struct smb_vol * volume_info,char * mount_data,const char * devname)3721 cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3722 			const char *devname)
3723 {
3724 	int rc = 0;
3725 
3726 	if (cifs_parse_mount_options(mount_data, devname, volume_info))
3727 		return -EINVAL;
3728 
3729 	if (volume_info->nullauth) {
3730 		cifs_dbg(FYI, "Anonymous login\n");
3731 		kfree(volume_info->username);
3732 		volume_info->username = NULL;
3733 	} else if (volume_info->username) {
3734 		/* BB fixme parse for domain name here */
3735 		cifs_dbg(FYI, "Username: %s\n", volume_info->username);
3736 	} else {
3737 		cifs_dbg(VFS, "No username specified\n");
3738 	/* In userspace mount helper we can get user name from alternate
3739 	   locations such as env variables and files on disk */
3740 		return -EINVAL;
3741 	}
3742 
3743 	/* this is needed for ASCII cp to Unicode converts */
3744 	if (volume_info->iocharset == NULL) {
3745 		/* load_nls_default cannot return null */
3746 		volume_info->local_nls = load_nls_default();
3747 	} else {
3748 		volume_info->local_nls = load_nls(volume_info->iocharset);
3749 		if (volume_info->local_nls == NULL) {
3750 			cifs_dbg(VFS, "CIFS mount error: iocharset %s not found\n",
3751 				 volume_info->iocharset);
3752 			return -ELIBACC;
3753 		}
3754 	}
3755 
3756 	return rc;
3757 }
3758 
3759 struct smb_vol *
cifs_get_volume_info(char * mount_data,const char * devname)3760 cifs_get_volume_info(char *mount_data, const char *devname)
3761 {
3762 	int rc;
3763 	struct smb_vol *volume_info;
3764 
3765 	volume_info = kmalloc(sizeof(struct smb_vol), GFP_KERNEL);
3766 	if (!volume_info)
3767 		return ERR_PTR(-ENOMEM);
3768 
3769 	rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3770 	if (rc) {
3771 		cifs_cleanup_volume_info(volume_info);
3772 		volume_info = ERR_PTR(rc);
3773 	}
3774 
3775 	return volume_info;
3776 }
3777 
3778 static int
cifs_are_all_path_components_accessible(struct TCP_Server_Info * server,unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,char * full_path)3779 cifs_are_all_path_components_accessible(struct TCP_Server_Info *server,
3780 					unsigned int xid,
3781 					struct cifs_tcon *tcon,
3782 					struct cifs_sb_info *cifs_sb,
3783 					char *full_path)
3784 {
3785 	int rc;
3786 	char *s;
3787 	char sep, tmp;
3788 
3789 	sep = CIFS_DIR_SEP(cifs_sb);
3790 	s = full_path;
3791 
3792 	rc = server->ops->is_path_accessible(xid, tcon, cifs_sb, "");
3793 	while (rc == 0) {
3794 		/* skip separators */
3795 		while (*s == sep)
3796 			s++;
3797 		if (!*s)
3798 			break;
3799 		/* next separator */
3800 		while (*s && *s != sep)
3801 			s++;
3802 
3803 		/*
3804 		 * temporarily null-terminate the path at the end of
3805 		 * the current component
3806 		 */
3807 		tmp = *s;
3808 		*s = 0;
3809 		rc = server->ops->is_path_accessible(xid, tcon, cifs_sb,
3810 						     full_path);
3811 		*s = tmp;
3812 	}
3813 	return rc;
3814 }
3815 
3816 int
cifs_mount(struct cifs_sb_info * cifs_sb,struct smb_vol * volume_info)3817 cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3818 {
3819 	int rc;
3820 	unsigned int xid;
3821 	struct cifs_ses *ses;
3822 	struct cifs_tcon *tcon;
3823 	struct TCP_Server_Info *server;
3824 	char   *full_path;
3825 	struct tcon_link *tlink;
3826 #ifdef CONFIG_CIFS_DFS_UPCALL
3827 	int referral_walks_count = 0;
3828 #endif
3829 
3830 #ifdef CONFIG_CIFS_DFS_UPCALL
3831 try_mount_again:
3832 	/* cleanup activities if we're chasing a referral */
3833 	if (referral_walks_count) {
3834 		if (tcon)
3835 			cifs_put_tcon(tcon);
3836 		else if (ses)
3837 			cifs_put_smb_ses(ses);
3838 
3839 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_POSIX_PATHS;
3840 
3841 		free_xid(xid);
3842 	}
3843 #endif
3844 	rc = 0;
3845 	tcon = NULL;
3846 	ses = NULL;
3847 	server = NULL;
3848 	full_path = NULL;
3849 	tlink = NULL;
3850 
3851 	xid = get_xid();
3852 
3853 	/* get a reference to a tcp session */
3854 	server = cifs_get_tcp_session(volume_info);
3855 	if (IS_ERR(server)) {
3856 		rc = PTR_ERR(server);
3857 		goto out;
3858 	}
3859 	if ((volume_info->max_credits < 20) ||
3860 	     (volume_info->max_credits > 60000))
3861 		server->max_credits = SMB2_MAX_CREDITS_AVAILABLE;
3862 	else
3863 		server->max_credits = volume_info->max_credits;
3864 	/* get a reference to a SMB session */
3865 	ses = cifs_get_smb_ses(server, volume_info);
3866 	if (IS_ERR(ses)) {
3867 		rc = PTR_ERR(ses);
3868 		ses = NULL;
3869 		goto mount_fail_check;
3870 	}
3871 
3872 	if ((volume_info->persistent == true) && ((ses->server->capabilities &
3873 		SMB2_GLOBAL_CAP_PERSISTENT_HANDLES) == 0)) {
3874 		cifs_dbg(VFS, "persistent handles not supported by server\n");
3875 		rc = -EOPNOTSUPP;
3876 		goto mount_fail_check;
3877 	}
3878 
3879 	/* search for existing tcon to this server share */
3880 	tcon = cifs_get_tcon(ses, volume_info);
3881 	if (IS_ERR(tcon)) {
3882 		rc = PTR_ERR(tcon);
3883 		tcon = NULL;
3884 		if (rc == -EACCES)
3885 			goto mount_fail_check;
3886 
3887 		goto remote_path_check;
3888 	}
3889 
3890 	/* tell server which Unix caps we support */
3891 	if (cap_unix(tcon->ses)) {
3892 		/* reset of caps checks mount to see if unix extensions
3893 		   disabled for just this mount */
3894 		reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3895 		if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3896 		    (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3897 		     CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3898 			rc = -EACCES;
3899 			goto mount_fail_check;
3900 		}
3901 	} else
3902 		tcon->unix_ext = 0; /* server does not support them */
3903 
3904 	/* do not care if a following call succeed - informational */
3905 	if (!tcon->ipc && server->ops->qfs_tcon)
3906 		server->ops->qfs_tcon(xid, tcon);
3907 
3908 	cifs_sb->wsize = server->ops->negotiate_wsize(tcon, volume_info);
3909 	cifs_sb->rsize = server->ops->negotiate_rsize(tcon, volume_info);
3910 
3911 remote_path_check:
3912 #ifdef CONFIG_CIFS_DFS_UPCALL
3913 	/*
3914 	 * Perform an unconditional check for whether there are DFS
3915 	 * referrals for this path without prefix, to provide support
3916 	 * for DFS referrals from w2k8 servers which don't seem to respond
3917 	 * with PATH_NOT_COVERED to requests that include the prefix.
3918 	 * Chase the referral if found, otherwise continue normally.
3919 	 */
3920 	if (referral_walks_count == 0) {
3921 		int refrc = expand_dfs_referral(xid, ses, volume_info, cifs_sb,
3922 						false);
3923 		if (!refrc) {
3924 			referral_walks_count++;
3925 			goto try_mount_again;
3926 		}
3927 	}
3928 #endif
3929 
3930 	/* check if a whole path is not remote */
3931 	if (!rc && tcon) {
3932 		if (!server->ops->is_path_accessible) {
3933 			rc = -ENOSYS;
3934 			goto mount_fail_check;
3935 		}
3936 		/*
3937 		 * cifs_build_path_to_root works only when we have a valid tcon
3938 		 */
3939 		full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon,
3940 					tcon->Flags & SMB_SHARE_IS_IN_DFS);
3941 		if (full_path == NULL) {
3942 			rc = -ENOMEM;
3943 			goto mount_fail_check;
3944 		}
3945 		rc = server->ops->is_path_accessible(xid, tcon, cifs_sb,
3946 						     full_path);
3947 		if (rc != 0 && rc != -EREMOTE) {
3948 			kfree(full_path);
3949 			goto mount_fail_check;
3950 		}
3951 
3952 		if (rc != -EREMOTE) {
3953 			rc = cifs_are_all_path_components_accessible(server,
3954 							     xid, tcon, cifs_sb,
3955 							     full_path);
3956 			if (rc != 0) {
3957 				cifs_dbg(VFS, "cannot query dirs between root and final path, "
3958 					 "enabling CIFS_MOUNT_USE_PREFIX_PATH\n");
3959 				cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_USE_PREFIX_PATH;
3960 				rc = 0;
3961 			}
3962 		}
3963 		kfree(full_path);
3964 	}
3965 
3966 	/* get referral if needed */
3967 	if (rc == -EREMOTE) {
3968 #ifdef CONFIG_CIFS_DFS_UPCALL
3969 		if (referral_walks_count > MAX_NESTED_LINKS) {
3970 			/*
3971 			 * BB: when we implement proper loop detection,
3972 			 *     we will remove this check. But now we need it
3973 			 *     to prevent an indefinite loop if 'DFS tree' is
3974 			 *     misconfigured (i.e. has loops).
3975 			 */
3976 			rc = -ELOOP;
3977 			goto mount_fail_check;
3978 		}
3979 
3980 		rc = expand_dfs_referral(xid, ses, volume_info, cifs_sb, true);
3981 
3982 		if (!rc) {
3983 			referral_walks_count++;
3984 			goto try_mount_again;
3985 		}
3986 		goto mount_fail_check;
3987 #else /* No DFS support, return error on mount */
3988 		rc = -EOPNOTSUPP;
3989 #endif
3990 	}
3991 
3992 	if (rc)
3993 		goto mount_fail_check;
3994 
3995 	/* now, hang the tcon off of the superblock */
3996 	tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3997 	if (tlink == NULL) {
3998 		rc = -ENOMEM;
3999 		goto mount_fail_check;
4000 	}
4001 
4002 	tlink->tl_uid = ses->linux_uid;
4003 	tlink->tl_tcon = tcon;
4004 	tlink->tl_time = jiffies;
4005 	set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
4006 	set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4007 
4008 	cifs_sb->master_tlink = tlink;
4009 	spin_lock(&cifs_sb->tlink_tree_lock);
4010 	tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4011 	spin_unlock(&cifs_sb->tlink_tree_lock);
4012 
4013 	queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
4014 				TLINK_IDLE_EXPIRE);
4015 
4016 mount_fail_check:
4017 	/* on error free sesinfo and tcon struct if needed */
4018 	if (rc) {
4019 		/* If find_unc succeeded then rc == 0 so we can not end */
4020 		/* up accidentally freeing someone elses tcon struct */
4021 		if (tcon)
4022 			cifs_put_tcon(tcon);
4023 		else if (ses)
4024 			cifs_put_smb_ses(ses);
4025 		else
4026 			cifs_put_tcp_session(server, 0);
4027 	}
4028 
4029 out:
4030 	free_xid(xid);
4031 	return rc;
4032 }
4033 
4034 /*
4035  * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
4036  * pointer may be NULL.
4037  */
4038 int
CIFSTCon(const unsigned int xid,struct cifs_ses * ses,const char * tree,struct cifs_tcon * tcon,const struct nls_table * nls_codepage)4039 CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
4040 	 const char *tree, struct cifs_tcon *tcon,
4041 	 const struct nls_table *nls_codepage)
4042 {
4043 	struct smb_hdr *smb_buffer;
4044 	struct smb_hdr *smb_buffer_response;
4045 	TCONX_REQ *pSMB;
4046 	TCONX_RSP *pSMBr;
4047 	unsigned char *bcc_ptr;
4048 	int rc = 0;
4049 	int length;
4050 	__u16 bytes_left, count;
4051 
4052 	if (ses == NULL)
4053 		return -EIO;
4054 
4055 	smb_buffer = cifs_buf_get();
4056 	if (smb_buffer == NULL)
4057 		return -ENOMEM;
4058 
4059 	smb_buffer_response = smb_buffer;
4060 
4061 	header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
4062 			NULL /*no tid */ , 4 /*wct */ );
4063 
4064 	smb_buffer->Mid = get_next_mid(ses->server);
4065 	smb_buffer->Uid = ses->Suid;
4066 	pSMB = (TCONX_REQ *) smb_buffer;
4067 	pSMBr = (TCONX_RSP *) smb_buffer_response;
4068 
4069 	pSMB->AndXCommand = 0xFF;
4070 	pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
4071 	bcc_ptr = &pSMB->Password[0];
4072 	if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
4073 		pSMB->PasswordLength = cpu_to_le16(1);	/* minimum */
4074 		*bcc_ptr = 0; /* password is null byte */
4075 		bcc_ptr++;              /* skip password */
4076 		/* already aligned so no need to do it below */
4077 	} else {
4078 		pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
4079 		/* BB FIXME add code to fail this if NTLMv2 or Kerberos
4080 		   specified as required (when that support is added to
4081 		   the vfs in the future) as only NTLM or the much
4082 		   weaker LANMAN (which we do not send by default) is accepted
4083 		   by Samba (not sure whether other servers allow
4084 		   NTLMv2 password here) */
4085 #ifdef CONFIG_CIFS_WEAK_PW_HASH
4086 		if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
4087 		    (ses->sectype == LANMAN))
4088 			calc_lanman_hash(tcon->password, ses->server->cryptkey,
4089 					 ses->server->sec_mode &
4090 					    SECMODE_PW_ENCRYPT ? true : false,
4091 					 bcc_ptr);
4092 		else
4093 #endif /* CIFS_WEAK_PW_HASH */
4094 		rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
4095 					bcc_ptr, nls_codepage);
4096 		if (rc) {
4097 			cifs_dbg(FYI, "%s Can't generate NTLM rsp. Error: %d\n",
4098 				 __func__, rc);
4099 			cifs_buf_release(smb_buffer);
4100 			return rc;
4101 		}
4102 
4103 		bcc_ptr += CIFS_AUTH_RESP_SIZE;
4104 		if (ses->capabilities & CAP_UNICODE) {
4105 			/* must align unicode strings */
4106 			*bcc_ptr = 0; /* null byte password */
4107 			bcc_ptr++;
4108 		}
4109 	}
4110 
4111 	if (ses->server->sign)
4112 		smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
4113 
4114 	if (ses->capabilities & CAP_STATUS32) {
4115 		smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
4116 	}
4117 	if (ses->capabilities & CAP_DFS) {
4118 		smb_buffer->Flags2 |= SMBFLG2_DFS;
4119 	}
4120 	if (ses->capabilities & CAP_UNICODE) {
4121 		smb_buffer->Flags2 |= SMBFLG2_UNICODE;
4122 		length =
4123 		    cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
4124 			6 /* max utf8 char length in bytes */ *
4125 			(/* server len*/ + 256 /* share len */), nls_codepage);
4126 		bcc_ptr += 2 * length;	/* convert num 16 bit words to bytes */
4127 		bcc_ptr += 2;	/* skip trailing null */
4128 	} else {		/* ASCII */
4129 		strcpy(bcc_ptr, tree);
4130 		bcc_ptr += strlen(tree) + 1;
4131 	}
4132 	strcpy(bcc_ptr, "?????");
4133 	bcc_ptr += strlen("?????");
4134 	bcc_ptr += 1;
4135 	count = bcc_ptr - &pSMB->Password[0];
4136 	pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
4137 					pSMB->hdr.smb_buf_length) + count);
4138 	pSMB->ByteCount = cpu_to_le16(count);
4139 
4140 	rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
4141 			 0);
4142 
4143 	/* above now done in SendReceive */
4144 	if ((rc == 0) && (tcon != NULL)) {
4145 		bool is_unicode;
4146 
4147 		tcon->tidStatus = CifsGood;
4148 		tcon->need_reconnect = false;
4149 		tcon->tid = smb_buffer_response->Tid;
4150 		bcc_ptr = pByteArea(smb_buffer_response);
4151 		bytes_left = get_bcc(smb_buffer_response);
4152 		length = strnlen(bcc_ptr, bytes_left - 2);
4153 		if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
4154 			is_unicode = true;
4155 		else
4156 			is_unicode = false;
4157 
4158 
4159 		/* skip service field (NB: this field is always ASCII) */
4160 		if (length == 3) {
4161 			if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
4162 			    (bcc_ptr[2] == 'C')) {
4163 				cifs_dbg(FYI, "IPC connection\n");
4164 				tcon->ipc = 1;
4165 			}
4166 		} else if (length == 2) {
4167 			if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
4168 				/* the most common case */
4169 				cifs_dbg(FYI, "disk share connection\n");
4170 			}
4171 		}
4172 		bcc_ptr += length + 1;
4173 		bytes_left -= (length + 1);
4174 		strlcpy(tcon->treeName, tree, sizeof(tcon->treeName));
4175 
4176 		/* mostly informational -- no need to fail on error here */
4177 		kfree(tcon->nativeFileSystem);
4178 		tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
4179 						      bytes_left, is_unicode,
4180 						      nls_codepage);
4181 
4182 		cifs_dbg(FYI, "nativeFileSystem=%s\n", tcon->nativeFileSystem);
4183 
4184 		if ((smb_buffer_response->WordCount == 3) ||
4185 			 (smb_buffer_response->WordCount == 7))
4186 			/* field is in same location */
4187 			tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
4188 		else
4189 			tcon->Flags = 0;
4190 		cifs_dbg(FYI, "Tcon flags: 0x%x\n", tcon->Flags);
4191 	} else if ((rc == 0) && tcon == NULL) {
4192 		/* all we need to save for IPC$ connection */
4193 		ses->ipc_tid = smb_buffer_response->Tid;
4194 	}
4195 
4196 	cifs_buf_release(smb_buffer);
4197 	return rc;
4198 }
4199 
delayed_free(struct rcu_head * p)4200 static void delayed_free(struct rcu_head *p)
4201 {
4202 	struct cifs_sb_info *sbi = container_of(p, struct cifs_sb_info, rcu);
4203 	unload_nls(sbi->local_nls);
4204 	kfree(sbi);
4205 }
4206 
4207 void
cifs_umount(struct cifs_sb_info * cifs_sb)4208 cifs_umount(struct cifs_sb_info *cifs_sb)
4209 {
4210 	struct rb_root *root = &cifs_sb->tlink_tree;
4211 	struct rb_node *node;
4212 	struct tcon_link *tlink;
4213 
4214 	cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
4215 
4216 	spin_lock(&cifs_sb->tlink_tree_lock);
4217 	while ((node = rb_first(root))) {
4218 		tlink = rb_entry(node, struct tcon_link, tl_rbnode);
4219 		cifs_get_tlink(tlink);
4220 		clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4221 		rb_erase(node, root);
4222 
4223 		spin_unlock(&cifs_sb->tlink_tree_lock);
4224 		cifs_put_tlink(tlink);
4225 		spin_lock(&cifs_sb->tlink_tree_lock);
4226 	}
4227 	spin_unlock(&cifs_sb->tlink_tree_lock);
4228 
4229 	kfree(cifs_sb->mountdata);
4230 	kfree(cifs_sb->prepath);
4231 	call_rcu(&cifs_sb->rcu, delayed_free);
4232 }
4233 
4234 int
cifs_negotiate_protocol(const unsigned int xid,struct cifs_ses * ses)4235 cifs_negotiate_protocol(const unsigned int xid, struct cifs_ses *ses)
4236 {
4237 	int rc = 0;
4238 	struct TCP_Server_Info *server = ses->server;
4239 
4240 	if (!server->ops->need_neg || !server->ops->negotiate)
4241 		return -ENOSYS;
4242 
4243 	/* only send once per connect */
4244 	if (!server->ops->need_neg(server))
4245 		return 0;
4246 
4247 	set_credits(server, 1);
4248 
4249 	rc = server->ops->negotiate(xid, ses);
4250 	if (rc == 0) {
4251 		spin_lock(&GlobalMid_Lock);
4252 		if (server->tcpStatus == CifsNeedNegotiate)
4253 			server->tcpStatus = CifsGood;
4254 		else
4255 			rc = -EHOSTDOWN;
4256 		spin_unlock(&GlobalMid_Lock);
4257 	}
4258 
4259 	return rc;
4260 }
4261 
4262 int
cifs_setup_session(const unsigned int xid,struct cifs_ses * ses,struct nls_table * nls_info)4263 cifs_setup_session(const unsigned int xid, struct cifs_ses *ses,
4264 		   struct nls_table *nls_info)
4265 {
4266 	int rc = -ENOSYS;
4267 	struct TCP_Server_Info *server = ses->server;
4268 
4269 	ses->capabilities = server->capabilities;
4270 	if (linuxExtEnabled == 0)
4271 		ses->capabilities &= (~server->vals->cap_unix);
4272 
4273 	cifs_dbg(FYI, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d\n",
4274 		 server->sec_mode, server->capabilities, server->timeAdj);
4275 
4276 	if (ses->auth_key.response) {
4277 		cifs_dbg(VFS, "Free previous auth_key.response = %p\n",
4278 			 ses->auth_key.response);
4279 		kfree(ses->auth_key.response);
4280 		ses->auth_key.response = NULL;
4281 		ses->auth_key.len = 0;
4282 	}
4283 
4284 	if (server->ops->sess_setup)
4285 		rc = server->ops->sess_setup(xid, ses, nls_info);
4286 
4287 	if (rc)
4288 		cifs_dbg(VFS, "Send error in SessSetup = %d\n", rc);
4289 
4290 	return rc;
4291 }
4292 
4293 static int
cifs_set_vol_auth(struct smb_vol * vol,struct cifs_ses * ses)4294 cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
4295 {
4296 	vol->sectype = ses->sectype;
4297 
4298 	/* krb5 is special, since we don't need username or pw */
4299 	if (vol->sectype == Kerberos)
4300 		return 0;
4301 
4302 	return cifs_set_cifscreds(vol, ses);
4303 }
4304 
4305 static struct cifs_tcon *
cifs_construct_tcon(struct cifs_sb_info * cifs_sb,kuid_t fsuid)4306 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid)
4307 {
4308 	int rc;
4309 	struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
4310 	struct cifs_ses *ses;
4311 	struct cifs_tcon *tcon = NULL;
4312 	struct smb_vol *vol_info;
4313 
4314 	vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
4315 	if (vol_info == NULL)
4316 		return ERR_PTR(-ENOMEM);
4317 
4318 	vol_info->local_nls = cifs_sb->local_nls;
4319 	vol_info->linux_uid = fsuid;
4320 	vol_info->cred_uid = fsuid;
4321 	vol_info->UNC = master_tcon->treeName;
4322 	vol_info->retry = master_tcon->retry;
4323 	vol_info->nocase = master_tcon->nocase;
4324 	vol_info->local_lease = master_tcon->local_lease;
4325 	vol_info->no_linux_ext = !master_tcon->unix_ext;
4326 	vol_info->sectype = master_tcon->ses->sectype;
4327 	vol_info->sign = master_tcon->ses->sign;
4328 
4329 	rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
4330 	if (rc) {
4331 		tcon = ERR_PTR(rc);
4332 		goto out;
4333 	}
4334 
4335 	/* get a reference for the same TCP session */
4336 	spin_lock(&cifs_tcp_ses_lock);
4337 	++master_tcon->ses->server->srv_count;
4338 	spin_unlock(&cifs_tcp_ses_lock);
4339 
4340 	ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
4341 	if (IS_ERR(ses)) {
4342 		tcon = (struct cifs_tcon *)ses;
4343 		cifs_put_tcp_session(master_tcon->ses->server, 0);
4344 		goto out;
4345 	}
4346 
4347 	tcon = cifs_get_tcon(ses, vol_info);
4348 	if (IS_ERR(tcon)) {
4349 		cifs_put_smb_ses(ses);
4350 		goto out;
4351 	}
4352 
4353 	if (cap_unix(ses))
4354 		reset_cifs_unix_caps(0, tcon, NULL, vol_info);
4355 out:
4356 	kfree(vol_info->username);
4357 	kzfree(vol_info->password);
4358 	kfree(vol_info);
4359 
4360 	return tcon;
4361 }
4362 
4363 struct cifs_tcon *
cifs_sb_master_tcon(struct cifs_sb_info * cifs_sb)4364 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
4365 {
4366 	return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
4367 }
4368 
4369 /* find and return a tlink with given uid */
4370 static struct tcon_link *
tlink_rb_search(struct rb_root * root,kuid_t uid)4371 tlink_rb_search(struct rb_root *root, kuid_t uid)
4372 {
4373 	struct rb_node *node = root->rb_node;
4374 	struct tcon_link *tlink;
4375 
4376 	while (node) {
4377 		tlink = rb_entry(node, struct tcon_link, tl_rbnode);
4378 
4379 		if (uid_gt(tlink->tl_uid, uid))
4380 			node = node->rb_left;
4381 		else if (uid_lt(tlink->tl_uid, uid))
4382 			node = node->rb_right;
4383 		else
4384 			return tlink;
4385 	}
4386 	return NULL;
4387 }
4388 
4389 /* insert a tcon_link into the tree */
4390 static void
tlink_rb_insert(struct rb_root * root,struct tcon_link * new_tlink)4391 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
4392 {
4393 	struct rb_node **new = &(root->rb_node), *parent = NULL;
4394 	struct tcon_link *tlink;
4395 
4396 	while (*new) {
4397 		tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
4398 		parent = *new;
4399 
4400 		if (uid_gt(tlink->tl_uid, new_tlink->tl_uid))
4401 			new = &((*new)->rb_left);
4402 		else
4403 			new = &((*new)->rb_right);
4404 	}
4405 
4406 	rb_link_node(&new_tlink->tl_rbnode, parent, new);
4407 	rb_insert_color(&new_tlink->tl_rbnode, root);
4408 }
4409 
4410 /*
4411  * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
4412  * current task.
4413  *
4414  * If the superblock doesn't refer to a multiuser mount, then just return
4415  * the master tcon for the mount.
4416  *
4417  * First, search the rbtree for an existing tcon for this fsuid. If one
4418  * exists, then check to see if it's pending construction. If it is then wait
4419  * for construction to complete. Once it's no longer pending, check to see if
4420  * it failed and either return an error or retry construction, depending on
4421  * the timeout.
4422  *
4423  * If one doesn't exist then insert a new tcon_link struct into the tree and
4424  * try to construct a new one.
4425  */
4426 struct tcon_link *
cifs_sb_tlink(struct cifs_sb_info * cifs_sb)4427 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
4428 {
4429 	int ret;
4430 	kuid_t fsuid = current_fsuid();
4431 	struct tcon_link *tlink, *newtlink;
4432 
4433 	if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
4434 		return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
4435 
4436 	spin_lock(&cifs_sb->tlink_tree_lock);
4437 	tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4438 	if (tlink)
4439 		cifs_get_tlink(tlink);
4440 	spin_unlock(&cifs_sb->tlink_tree_lock);
4441 
4442 	if (tlink == NULL) {
4443 		newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
4444 		if (newtlink == NULL)
4445 			return ERR_PTR(-ENOMEM);
4446 		newtlink->tl_uid = fsuid;
4447 		newtlink->tl_tcon = ERR_PTR(-EACCES);
4448 		set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
4449 		set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
4450 		cifs_get_tlink(newtlink);
4451 
4452 		spin_lock(&cifs_sb->tlink_tree_lock);
4453 		/* was one inserted after previous search? */
4454 		tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4455 		if (tlink) {
4456 			cifs_get_tlink(tlink);
4457 			spin_unlock(&cifs_sb->tlink_tree_lock);
4458 			kfree(newtlink);
4459 			goto wait_for_construction;
4460 		}
4461 		tlink = newtlink;
4462 		tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4463 		spin_unlock(&cifs_sb->tlink_tree_lock);
4464 	} else {
4465 wait_for_construction:
4466 		ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4467 				  TASK_INTERRUPTIBLE);
4468 		if (ret) {
4469 			cifs_put_tlink(tlink);
4470 			return ERR_PTR(-ERESTARTSYS);
4471 		}
4472 
4473 		/* if it's good, return it */
4474 		if (!IS_ERR(tlink->tl_tcon))
4475 			return tlink;
4476 
4477 		/* return error if we tried this already recently */
4478 		if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4479 			cifs_put_tlink(tlink);
4480 			return ERR_PTR(-EACCES);
4481 		}
4482 
4483 		if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4484 			goto wait_for_construction;
4485 	}
4486 
4487 	tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4488 	clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4489 	wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4490 
4491 	if (IS_ERR(tlink->tl_tcon)) {
4492 		cifs_put_tlink(tlink);
4493 		return ERR_PTR(-EACCES);
4494 	}
4495 
4496 	return tlink;
4497 }
4498 
4499 /*
4500  * periodic workqueue job that scans tcon_tree for a superblock and closes
4501  * out tcons.
4502  */
4503 static void
cifs_prune_tlinks(struct work_struct * work)4504 cifs_prune_tlinks(struct work_struct *work)
4505 {
4506 	struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4507 						    prune_tlinks.work);
4508 	struct rb_root *root = &cifs_sb->tlink_tree;
4509 	struct rb_node *node = rb_first(root);
4510 	struct rb_node *tmp;
4511 	struct tcon_link *tlink;
4512 
4513 	/*
4514 	 * Because we drop the spinlock in the loop in order to put the tlink
4515 	 * it's not guarded against removal of links from the tree. The only
4516 	 * places that remove entries from the tree are this function and
4517 	 * umounts. Because this function is non-reentrant and is canceled
4518 	 * before umount can proceed, this is safe.
4519 	 */
4520 	spin_lock(&cifs_sb->tlink_tree_lock);
4521 	node = rb_first(root);
4522 	while (node != NULL) {
4523 		tmp = node;
4524 		node = rb_next(tmp);
4525 		tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4526 
4527 		if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4528 		    atomic_read(&tlink->tl_count) != 0 ||
4529 		    time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4530 			continue;
4531 
4532 		cifs_get_tlink(tlink);
4533 		clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4534 		rb_erase(tmp, root);
4535 
4536 		spin_unlock(&cifs_sb->tlink_tree_lock);
4537 		cifs_put_tlink(tlink);
4538 		spin_lock(&cifs_sb->tlink_tree_lock);
4539 	}
4540 	spin_unlock(&cifs_sb->tlink_tree_lock);
4541 
4542 	queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
4543 				TLINK_IDLE_EXPIRE);
4544 }
4545