1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 static const match_table_t cifs_smb_version_tokens = {
41 { Smb_1, SMB1_VERSION_STRING },
42 { Smb_20, SMB20_VERSION_STRING},
43 { Smb_21, SMB21_VERSION_STRING },
44 { Smb_30, SMB30_VERSION_STRING },
45 { Smb_302, SMB302_VERSION_STRING },
46 { Smb_302, ALT_SMB302_VERSION_STRING },
47 { Smb_311, SMB311_VERSION_STRING },
48 { Smb_311, ALT_SMB311_VERSION_STRING },
49 { Smb_3any, SMB3ANY_VERSION_STRING },
50 { Smb_default, SMBDEFAULT_VERSION_STRING },
51 { Smb_version_err, NULL }
52 };
53
54 static const match_table_t cifs_secflavor_tokens = {
55 { Opt_sec_krb5, "krb5" },
56 { Opt_sec_krb5i, "krb5i" },
57 { Opt_sec_krb5p, "krb5p" },
58 { Opt_sec_ntlmsspi, "ntlmsspi" },
59 { Opt_sec_ntlmssp, "ntlmssp" },
60 { Opt_sec_ntlmv2, "nontlm" },
61 { Opt_sec_ntlmv2, "ntlmv2" },
62 { Opt_sec_ntlmv2i, "ntlmv2i" },
63 { Opt_sec_none, "none" },
64
65 { Opt_sec_err, NULL }
66 };
67
68 const struct fs_parameter_spec smb3_fs_parameters[] = {
69 /* Mount options that take no arguments */
70 fsparam_flag_no("user_xattr", Opt_user_xattr),
71 fsparam_flag_no("forceuid", Opt_forceuid),
72 fsparam_flag_no("multichannel", Opt_multichannel),
73 fsparam_flag_no("forcegid", Opt_forcegid),
74 fsparam_flag("noblocksend", Opt_noblocksend),
75 fsparam_flag("noautotune", Opt_noautotune),
76 fsparam_flag("nolease", Opt_nolease),
77 fsparam_flag_no("hard", Opt_hard),
78 fsparam_flag_no("soft", Opt_soft),
79 fsparam_flag_no("perm", Opt_perm),
80 fsparam_flag("nodelete", Opt_nodelete),
81 fsparam_flag_no("mapposix", Opt_mapposix),
82 fsparam_flag("mapchars", Opt_mapchars),
83 fsparam_flag("nomapchars", Opt_nomapchars),
84 fsparam_flag_no("sfu", Opt_sfu),
85 fsparam_flag("nodfs", Opt_nodfs),
86 fsparam_flag_no("posixpaths", Opt_posixpaths),
87 fsparam_flag_no("unix", Opt_unix),
88 fsparam_flag_no("linux", Opt_unix),
89 fsparam_flag_no("posix", Opt_unix),
90 fsparam_flag("nocase", Opt_nocase),
91 fsparam_flag("ignorecase", Opt_nocase),
92 fsparam_flag_no("brl", Opt_brl),
93 fsparam_flag_no("handlecache", Opt_handlecache),
94 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
95 fsparam_flag("forcemand", Opt_forcemandatorylock),
96 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
97 fsparam_flag("idsfromsid", Opt_setuidfromacl),
98 fsparam_flag_no("setuids", Opt_setuids),
99 fsparam_flag_no("dynperm", Opt_dynperm),
100 fsparam_flag_no("intr", Opt_intr),
101 fsparam_flag_no("strictsync", Opt_strictsync),
102 fsparam_flag_no("serverino", Opt_serverino),
103 fsparam_flag("rwpidforward", Opt_rwpidforward),
104 fsparam_flag("cifsacl", Opt_cifsacl),
105 fsparam_flag_no("acl", Opt_acl),
106 fsparam_flag("locallease", Opt_locallease),
107 fsparam_flag("sign", Opt_sign),
108 fsparam_flag("ignore_signature", Opt_ignore_signature),
109 fsparam_flag("signloosely", Opt_ignore_signature),
110 fsparam_flag("seal", Opt_seal),
111 fsparam_flag("noac", Opt_noac),
112 fsparam_flag("fsc", Opt_fsc),
113 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
114 fsparam_flag("multiuser", Opt_multiuser),
115 fsparam_flag("sloppy", Opt_sloppy),
116 fsparam_flag("nosharesock", Opt_nosharesock),
117 fsparam_flag_no("persistenthandles", Opt_persistent),
118 fsparam_flag_no("resilienthandles", Opt_resilient),
119 fsparam_flag("domainauto", Opt_domainauto),
120 fsparam_flag("rdma", Opt_rdma),
121 fsparam_flag("modesid", Opt_modesid),
122 fsparam_flag("modefromsid", Opt_modesid),
123 fsparam_flag("rootfs", Opt_rootfs),
124 fsparam_flag("compress", Opt_compress),
125 fsparam_flag("witness", Opt_witness),
126
127 /* Mount options which take numeric value */
128 fsparam_u32("backupuid", Opt_backupuid),
129 fsparam_u32("backupgid", Opt_backupgid),
130 fsparam_u32("uid", Opt_uid),
131 fsparam_u32("cruid", Opt_cruid),
132 fsparam_u32("gid", Opt_gid),
133 fsparam_u32("file_mode", Opt_file_mode),
134 fsparam_u32("dirmode", Opt_dirmode),
135 fsparam_u32("dir_mode", Opt_dirmode),
136 fsparam_u32("port", Opt_port),
137 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
138 fsparam_u32("esize", Opt_min_enc_offload),
139 fsparam_u32("bsize", Opt_blocksize),
140 fsparam_u32("rasize", Opt_rasize),
141 fsparam_u32("rsize", Opt_rsize),
142 fsparam_u32("wsize", Opt_wsize),
143 fsparam_u32("actimeo", Opt_actimeo),
144 fsparam_u32("acdirmax", Opt_acdirmax),
145 fsparam_u32("acregmax", Opt_acregmax),
146 fsparam_u32("closetimeo", Opt_closetimeo),
147 fsparam_u32("echo_interval", Opt_echo_interval),
148 fsparam_u32("max_credits", Opt_max_credits),
149 fsparam_u32("handletimeout", Opt_handletimeout),
150 fsparam_u64("snapshot", Opt_snapshot),
151 fsparam_u32("max_channels", Opt_max_channels),
152
153 /* Mount options which take string value */
154 fsparam_string("source", Opt_source),
155 fsparam_string("user", Opt_user),
156 fsparam_string("username", Opt_user),
157 fsparam_string("pass", Opt_pass),
158 fsparam_string("password", Opt_pass),
159 fsparam_string("ip", Opt_ip),
160 fsparam_string("addr", Opt_ip),
161 fsparam_string("domain", Opt_domain),
162 fsparam_string("dom", Opt_domain),
163 fsparam_string("srcaddr", Opt_srcaddr),
164 fsparam_string("iocharset", Opt_iocharset),
165 fsparam_string("netbiosname", Opt_netbiosname),
166 fsparam_string("servern", Opt_servern),
167 fsparam_string("ver", Opt_ver),
168 fsparam_string("vers", Opt_vers),
169 fsparam_string("sec", Opt_sec),
170 fsparam_string("cache", Opt_cache),
171
172 /* Arguments that should be ignored */
173 fsparam_flag("guest", Opt_ignore),
174 fsparam_flag("noatime", Opt_ignore),
175 fsparam_flag("relatime", Opt_ignore),
176 fsparam_flag("_netdev", Opt_ignore),
177 fsparam_flag_no("suid", Opt_ignore),
178 fsparam_flag_no("exec", Opt_ignore),
179 fsparam_flag_no("dev", Opt_ignore),
180 fsparam_flag_no("mand", Opt_ignore),
181 fsparam_flag_no("auto", Opt_ignore),
182 fsparam_string("cred", Opt_ignore),
183 fsparam_string("credentials", Opt_ignore),
184 /*
185 * UNC and prefixpath is now extracted from Opt_source
186 * in the new mount API so we can just ignore them going forward.
187 */
188 fsparam_string("unc", Opt_ignore),
189 fsparam_string("prefixpath", Opt_ignore),
190 {}
191 };
192
193 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)194 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
195 {
196
197 substring_t args[MAX_OPT_ARGS];
198
199 /*
200 * With mount options, the last one should win. Reset any existing
201 * settings back to default.
202 */
203 ctx->sectype = Unspecified;
204 ctx->sign = false;
205
206 switch (match_token(value, cifs_secflavor_tokens, args)) {
207 case Opt_sec_krb5p:
208 cifs_errorf(fc, "sec=krb5p is not supported!\n");
209 return 1;
210 case Opt_sec_krb5i:
211 ctx->sign = true;
212 fallthrough;
213 case Opt_sec_krb5:
214 ctx->sectype = Kerberos;
215 break;
216 case Opt_sec_ntlmsspi:
217 ctx->sign = true;
218 fallthrough;
219 case Opt_sec_ntlmssp:
220 ctx->sectype = RawNTLMSSP;
221 break;
222 case Opt_sec_ntlmv2i:
223 ctx->sign = true;
224 fallthrough;
225 case Opt_sec_ntlmv2:
226 ctx->sectype = NTLMv2;
227 break;
228 case Opt_sec_none:
229 ctx->nullauth = 1;
230 break;
231 default:
232 cifs_errorf(fc, "bad security option: %s\n", value);
233 return 1;
234 }
235
236 return 0;
237 }
238
239 static const match_table_t cifs_cacheflavor_tokens = {
240 { Opt_cache_loose, "loose" },
241 { Opt_cache_strict, "strict" },
242 { Opt_cache_none, "none" },
243 { Opt_cache_ro, "ro" },
244 { Opt_cache_rw, "singleclient" },
245 { Opt_cache_err, NULL }
246 };
247
248 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)249 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
250 {
251 substring_t args[MAX_OPT_ARGS];
252
253 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
254 case Opt_cache_loose:
255 ctx->direct_io = false;
256 ctx->strict_io = false;
257 ctx->cache_ro = false;
258 ctx->cache_rw = false;
259 break;
260 case Opt_cache_strict:
261 ctx->direct_io = false;
262 ctx->strict_io = true;
263 ctx->cache_ro = false;
264 ctx->cache_rw = false;
265 break;
266 case Opt_cache_none:
267 ctx->direct_io = true;
268 ctx->strict_io = false;
269 ctx->cache_ro = false;
270 ctx->cache_rw = false;
271 break;
272 case Opt_cache_ro:
273 ctx->direct_io = false;
274 ctx->strict_io = false;
275 ctx->cache_ro = true;
276 ctx->cache_rw = false;
277 break;
278 case Opt_cache_rw:
279 ctx->direct_io = false;
280 ctx->strict_io = false;
281 ctx->cache_ro = false;
282 ctx->cache_rw = true;
283 break;
284 default:
285 cifs_errorf(fc, "bad cache= option: %s\n", value);
286 return 1;
287 }
288 return 0;
289 }
290
291 #define DUP_CTX_STR(field) \
292 do { \
293 if (ctx->field) { \
294 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
295 if (new_ctx->field == NULL) { \
296 smb3_cleanup_fs_context_contents(new_ctx); \
297 return -ENOMEM; \
298 } \
299 } \
300 } while (0)
301
302 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)303 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
304 {
305 memcpy(new_ctx, ctx, sizeof(*ctx));
306 new_ctx->prepath = NULL;
307 new_ctx->mount_options = NULL;
308 new_ctx->nodename = NULL;
309 new_ctx->username = NULL;
310 new_ctx->password = NULL;
311 new_ctx->server_hostname = NULL;
312 new_ctx->domainname = NULL;
313 new_ctx->UNC = NULL;
314 new_ctx->source = NULL;
315 new_ctx->iocharset = NULL;
316 /*
317 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
318 */
319 DUP_CTX_STR(prepath);
320 DUP_CTX_STR(mount_options);
321 DUP_CTX_STR(username);
322 DUP_CTX_STR(password);
323 DUP_CTX_STR(server_hostname);
324 DUP_CTX_STR(UNC);
325 DUP_CTX_STR(source);
326 DUP_CTX_STR(domainname);
327 DUP_CTX_STR(nodename);
328 DUP_CTX_STR(iocharset);
329
330 return 0;
331 }
332
333 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)334 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
335 {
336 substring_t args[MAX_OPT_ARGS];
337
338 switch (match_token(value, cifs_smb_version_tokens, args)) {
339 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
340 case Smb_1:
341 if (disable_legacy_dialects) {
342 cifs_errorf(fc, "mount with legacy dialect disabled\n");
343 return 1;
344 }
345 if (is_smb3) {
346 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
347 return 1;
348 }
349 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
350 ctx->ops = &smb1_operations;
351 ctx->vals = &smb1_values;
352 break;
353 case Smb_20:
354 if (disable_legacy_dialects) {
355 cifs_errorf(fc, "mount with legacy dialect disabled\n");
356 return 1;
357 }
358 if (is_smb3) {
359 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
360 return 1;
361 }
362 ctx->ops = &smb20_operations;
363 ctx->vals = &smb20_values;
364 break;
365 #else
366 case Smb_1:
367 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
368 return 1;
369 case Smb_20:
370 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
371 return 1;
372 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
373 case Smb_21:
374 ctx->ops = &smb21_operations;
375 ctx->vals = &smb21_values;
376 break;
377 case Smb_30:
378 ctx->ops = &smb30_operations;
379 ctx->vals = &smb30_values;
380 break;
381 case Smb_302:
382 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
383 ctx->vals = &smb302_values;
384 break;
385 case Smb_311:
386 ctx->ops = &smb311_operations;
387 ctx->vals = &smb311_values;
388 break;
389 case Smb_3any:
390 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
391 ctx->vals = &smb3any_values;
392 break;
393 case Smb_default:
394 ctx->ops = &smb30_operations;
395 ctx->vals = &smbdefault_values;
396 break;
397 default:
398 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
399 return 1;
400 }
401 return 0;
402 }
403
smb3_parse_opt(const char * options,const char * key,char ** val)404 int smb3_parse_opt(const char *options, const char *key, char **val)
405 {
406 int rc = -ENOENT;
407 char *opts, *orig, *p;
408
409 orig = opts = kstrdup(options, GFP_KERNEL);
410 if (!opts)
411 return -ENOMEM;
412
413 while ((p = strsep(&opts, ","))) {
414 char *nval;
415
416 if (!*p)
417 continue;
418 if (strncasecmp(p, key, strlen(key)))
419 continue;
420 nval = strchr(p, '=');
421 if (nval) {
422 if (nval == p)
423 continue;
424 *nval++ = 0;
425 *val = kstrdup(nval, GFP_KERNEL);
426 rc = !*val ? -ENOMEM : 0;
427 goto out;
428 }
429 }
430 out:
431 kfree(orig);
432 return rc;
433 }
434
435 /*
436 * Remove duplicate path delimiters. Windows is supposed to do that
437 * but there are some bugs that prevent rename from working if there are
438 * multiple delimiters.
439 *
440 * Returns a sanitized duplicate of @path. @gfp indicates the GFP_* flags
441 * for kstrdup.
442 * The caller is responsible for freeing the original.
443 */
444 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
cifs_sanitize_prepath(char * prepath,gfp_t gfp)445 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
446 {
447 char *cursor1 = prepath, *cursor2 = prepath;
448
449 /* skip all prepended delimiters */
450 while (IS_DELIM(*cursor1))
451 cursor1++;
452
453 /* copy the first letter */
454 *cursor2 = *cursor1;
455
456 /* copy the remainder... */
457 while (*(cursor1++)) {
458 /* ... skipping all duplicated delimiters */
459 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
460 continue;
461 *(++cursor2) = *cursor1;
462 }
463
464 /* if the last character is a delimiter, skip it */
465 if (IS_DELIM(*(cursor2 - 1)))
466 cursor2--;
467
468 *(cursor2) = '\0';
469 return kstrdup(prepath, gfp);
470 }
471
472 /*
473 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
474 * fields with the result. Returns 0 on success and an error otherwise
475 * (e.g. ENOMEM or EINVAL)
476 */
477 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)478 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
479 {
480 char *pos;
481 const char *delims = "/\\";
482 size_t len;
483
484 if (unlikely(!devname || !*devname)) {
485 cifs_dbg(VFS, "Device name not specified\n");
486 return -EINVAL;
487 }
488
489 /* make sure we have a valid UNC double delimiter prefix */
490 len = strspn(devname, delims);
491 if (len != 2)
492 return -EINVAL;
493
494 /* find delimiter between host and sharename */
495 pos = strpbrk(devname + 2, delims);
496 if (!pos)
497 return -EINVAL;
498
499 /* record the server hostname */
500 kfree(ctx->server_hostname);
501 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
502 if (!ctx->server_hostname)
503 return -ENOMEM;
504
505 /* skip past delimiter */
506 ++pos;
507
508 /* now go until next delimiter or end of string */
509 len = strcspn(pos, delims);
510
511 /* move "pos" up to delimiter or NULL */
512 pos += len;
513 kfree(ctx->UNC);
514 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
515 if (!ctx->UNC)
516 return -ENOMEM;
517
518 convert_delimiter(ctx->UNC, '\\');
519
520 /* skip any delimiter */
521 if (*pos == '/' || *pos == '\\')
522 pos++;
523
524 kfree(ctx->prepath);
525 ctx->prepath = NULL;
526
527 /* If pos is NULL then no prepath */
528 if (!*pos)
529 return 0;
530
531 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
532 if (!ctx->prepath)
533 return -ENOMEM;
534
535 return 0;
536 }
537
538 static void smb3_fs_context_free(struct fs_context *fc);
539 static int smb3_fs_context_parse_param(struct fs_context *fc,
540 struct fs_parameter *param);
541 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
542 void *data);
543 static int smb3_get_tree(struct fs_context *fc);
544 static int smb3_reconfigure(struct fs_context *fc);
545
546 static const struct fs_context_operations smb3_fs_context_ops = {
547 .free = smb3_fs_context_free,
548 .parse_param = smb3_fs_context_parse_param,
549 .parse_monolithic = smb3_fs_context_parse_monolithic,
550 .get_tree = smb3_get_tree,
551 .reconfigure = smb3_reconfigure,
552 };
553
554 /*
555 * Parse a monolithic block of data from sys_mount().
556 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
557 * @ctx: The superblock configuration to fill in.
558 * @data: The data to parse
559 *
560 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
561 * called from the ->monolithic_mount_data() fs_context operation.
562 *
563 * Returns 0 on success or the error returned by the ->parse_option() fs_context
564 * operation on failure.
565 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)566 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
567 void *data)
568 {
569 struct smb3_fs_context *ctx = smb3_fc2context(fc);
570 char *options = data, *key;
571 int ret = 0;
572
573 if (!options)
574 return 0;
575
576 ctx->mount_options = kstrdup(data, GFP_KERNEL);
577 if (ctx->mount_options == NULL)
578 return -ENOMEM;
579
580 ret = security_sb_eat_lsm_opts(options, &fc->security);
581 if (ret)
582 return ret;
583
584 /* BB Need to add support for sep= here TBD */
585 while ((key = strsep(&options, ",")) != NULL) {
586 size_t len;
587 char *value;
588
589 if (*key == 0)
590 break;
591
592 /* Check if following character is the deliminator If yes,
593 * we have encountered a double deliminator reset the NULL
594 * character to the deliminator
595 */
596 while (options && options[0] == ',') {
597 len = strlen(key);
598 strcpy(key + len, options);
599 options = strchr(options, ',');
600 if (options)
601 *options++ = 0;
602 }
603
604
605 len = 0;
606 value = strchr(key, '=');
607 if (value) {
608 if (value == key)
609 continue;
610 *value++ = 0;
611 len = strlen(value);
612 }
613
614 ret = vfs_parse_fs_string(fc, key, value, len);
615 if (ret < 0)
616 break;
617 }
618
619 return ret;
620 }
621
622 /*
623 * Validate the preparsed information in the config.
624 */
smb3_fs_context_validate(struct fs_context * fc)625 static int smb3_fs_context_validate(struct fs_context *fc)
626 {
627 struct smb3_fs_context *ctx = smb3_fc2context(fc);
628
629 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
630 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
631 return -EOPNOTSUPP;
632 }
633
634 #ifndef CONFIG_KEYS
635 /* Muliuser mounts require CONFIG_KEYS support */
636 if (ctx->multiuser) {
637 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
638 return -1;
639 }
640 #endif
641
642 if (ctx->got_version == false)
643 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
644
645
646 if (!ctx->UNC) {
647 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
648 return -1;
649 }
650
651 /* make sure UNC has a share name */
652 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
653 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
654 return -ENOENT;
655 }
656
657 if (!ctx->got_ip) {
658 int len;
659 const char *slash;
660
661 /* No ip= option specified? Try to get it from UNC */
662 /* Use the address part of the UNC. */
663 slash = strchr(&ctx->UNC[2], '\\');
664 len = slash - &ctx->UNC[2];
665 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
666 &ctx->UNC[2], len)) {
667 pr_err("Unable to determine destination address\n");
668 return -EHOSTUNREACH;
669 }
670 }
671
672 /* set the port that we got earlier */
673 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
674
675 if (ctx->override_uid && !ctx->uid_specified) {
676 ctx->override_uid = 0;
677 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
678 }
679
680 if (ctx->override_gid && !ctx->gid_specified) {
681 ctx->override_gid = 0;
682 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
683 }
684
685 return 0;
686 }
687
smb3_get_tree_common(struct fs_context * fc)688 static int smb3_get_tree_common(struct fs_context *fc)
689 {
690 struct smb3_fs_context *ctx = smb3_fc2context(fc);
691 struct dentry *root;
692 int rc = 0;
693
694 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
695 if (IS_ERR(root))
696 return PTR_ERR(root);
697
698 fc->root = root;
699
700 return rc;
701 }
702
703 /*
704 * Create an SMB3 superblock from the parameters passed.
705 */
smb3_get_tree(struct fs_context * fc)706 static int smb3_get_tree(struct fs_context *fc)
707 {
708 int err = smb3_fs_context_validate(fc);
709
710 if (err)
711 return err;
712 return smb3_get_tree_common(fc);
713 }
714
smb3_fs_context_free(struct fs_context * fc)715 static void smb3_fs_context_free(struct fs_context *fc)
716 {
717 struct smb3_fs_context *ctx = smb3_fc2context(fc);
718
719 smb3_cleanup_fs_context(ctx);
720 }
721
722 /*
723 * Compare the old and new proposed context during reconfigure
724 * and check if the changes are compatible.
725 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx)726 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
727 struct smb3_fs_context *new_ctx,
728 struct smb3_fs_context *old_ctx)
729 {
730 if (new_ctx->posix_paths != old_ctx->posix_paths) {
731 cifs_errorf(fc, "can not change posixpaths during remount\n");
732 return -EINVAL;
733 }
734 if (new_ctx->sectype != old_ctx->sectype) {
735 cifs_errorf(fc, "can not change sec during remount\n");
736 return -EINVAL;
737 }
738 if (new_ctx->multiuser != old_ctx->multiuser) {
739 cifs_errorf(fc, "can not change multiuser during remount\n");
740 return -EINVAL;
741 }
742 if (new_ctx->UNC &&
743 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
744 cifs_errorf(fc, "can not change UNC during remount\n");
745 return -EINVAL;
746 }
747 if (new_ctx->username &&
748 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
749 cifs_errorf(fc, "can not change username during remount\n");
750 return -EINVAL;
751 }
752 if (new_ctx->password &&
753 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
754 cifs_errorf(fc, "can not change password during remount\n");
755 return -EINVAL;
756 }
757 if (new_ctx->domainname &&
758 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
759 cifs_errorf(fc, "can not change domainname during remount\n");
760 return -EINVAL;
761 }
762 if (new_ctx->nodename &&
763 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
764 cifs_errorf(fc, "can not change nodename during remount\n");
765 return -EINVAL;
766 }
767 if (new_ctx->iocharset &&
768 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
769 cifs_errorf(fc, "can not change iocharset during remount\n");
770 return -EINVAL;
771 }
772
773 return 0;
774 }
775
776 #define STEAL_STRING(cifs_sb, ctx, field) \
777 do { \
778 kfree(ctx->field); \
779 ctx->field = cifs_sb->ctx->field; \
780 cifs_sb->ctx->field = NULL; \
781 } while (0)
782
smb3_reconfigure(struct fs_context * fc)783 static int smb3_reconfigure(struct fs_context *fc)
784 {
785 struct smb3_fs_context *ctx = smb3_fc2context(fc);
786 struct dentry *root = fc->root;
787 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
788 int rc;
789
790 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
791 if (rc)
792 return rc;
793
794 /*
795 * We can not change UNC/username/password/domainname/nodename/iocharset
796 * during reconnect so ignore what we have in the new context and
797 * just use what we already have in cifs_sb->ctx.
798 */
799 STEAL_STRING(cifs_sb, ctx, UNC);
800 STEAL_STRING(cifs_sb, ctx, source);
801 STEAL_STRING(cifs_sb, ctx, username);
802 STEAL_STRING(cifs_sb, ctx, password);
803 STEAL_STRING(cifs_sb, ctx, domainname);
804 STEAL_STRING(cifs_sb, ctx, nodename);
805 STEAL_STRING(cifs_sb, ctx, iocharset);
806
807 /* if rsize or wsize not passed in on remount, use previous values */
808 if (ctx->rsize == 0)
809 ctx->rsize = cifs_sb->ctx->rsize;
810 if (ctx->wsize == 0)
811 ctx->wsize = cifs_sb->ctx->wsize;
812
813
814 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
815 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
816 smb3_update_mnt_flags(cifs_sb);
817 #ifdef CONFIG_CIFS_DFS_UPCALL
818 if (!rc)
819 rc = dfs_cache_remount_fs(cifs_sb);
820 #endif
821
822 return rc;
823 }
824
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)825 static int smb3_fs_context_parse_param(struct fs_context *fc,
826 struct fs_parameter *param)
827 {
828 struct fs_parse_result result;
829 struct smb3_fs_context *ctx = smb3_fc2context(fc);
830 int i, opt;
831 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
832 bool skip_parsing = false;
833 kuid_t uid;
834 kgid_t gid;
835
836 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
837
838 /*
839 * fs_parse can not handle string options with an empty value so
840 * we will need special handling of them.
841 */
842 if (param->type == fs_value_is_string && param->string[0] == 0) {
843 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
844 skip_parsing = true;
845 opt = Opt_pass;
846 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
847 skip_parsing = true;
848 opt = Opt_user;
849 }
850 }
851
852 if (!skip_parsing) {
853 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
854 if (opt < 0)
855 return ctx->sloppy ? 1 : opt;
856 }
857
858 switch (opt) {
859 case Opt_compress:
860 ctx->compression = UNKNOWN_TYPE;
861 cifs_dbg(VFS,
862 "SMB3 compression support is experimental\n");
863 break;
864 case Opt_nodfs:
865 ctx->nodfs = 1;
866 break;
867 case Opt_hard:
868 if (result.negated)
869 ctx->retry = 0;
870 else
871 ctx->retry = 1;
872 break;
873 case Opt_soft:
874 if (result.negated)
875 ctx->retry = 1;
876 else
877 ctx->retry = 0;
878 break;
879 case Opt_mapposix:
880 if (result.negated)
881 ctx->remap = false;
882 else {
883 ctx->remap = true;
884 ctx->sfu_remap = false; /* disable SFU mapping */
885 }
886 break;
887 case Opt_mapchars:
888 if (result.negated)
889 ctx->sfu_remap = false;
890 else {
891 ctx->sfu_remap = true;
892 ctx->remap = false; /* disable SFM (mapposix) mapping */
893 }
894 break;
895 case Opt_user_xattr:
896 if (result.negated)
897 ctx->no_xattr = 1;
898 else
899 ctx->no_xattr = 0;
900 break;
901 case Opt_forceuid:
902 if (result.negated)
903 ctx->override_uid = 0;
904 else
905 ctx->override_uid = 1;
906 break;
907 case Opt_forcegid:
908 if (result.negated)
909 ctx->override_gid = 0;
910 else
911 ctx->override_gid = 1;
912 break;
913 case Opt_perm:
914 if (result.negated)
915 ctx->noperm = 1;
916 else
917 ctx->noperm = 0;
918 break;
919 case Opt_dynperm:
920 if (result.negated)
921 ctx->dynperm = 0;
922 else
923 ctx->dynperm = 1;
924 break;
925 case Opt_sfu:
926 if (result.negated)
927 ctx->sfu_emul = 0;
928 else
929 ctx->sfu_emul = 1;
930 break;
931 case Opt_noblocksend:
932 ctx->noblocksnd = 1;
933 break;
934 case Opt_noautotune:
935 ctx->noautotune = 1;
936 break;
937 case Opt_nolease:
938 ctx->no_lease = 1;
939 break;
940 case Opt_nodelete:
941 ctx->nodelete = 1;
942 break;
943 case Opt_multichannel:
944 if (result.negated) {
945 ctx->multichannel = false;
946 ctx->max_channels = 1;
947 } else {
948 ctx->multichannel = true;
949 /* if number of channels not specified, default to 2 */
950 if (ctx->max_channels < 2)
951 ctx->max_channels = 2;
952 }
953 break;
954 case Opt_uid:
955 uid = make_kuid(current_user_ns(), result.uint_32);
956 if (!uid_valid(uid))
957 goto cifs_parse_mount_err;
958 ctx->linux_uid = uid;
959 ctx->uid_specified = true;
960 break;
961 case Opt_cruid:
962 uid = make_kuid(current_user_ns(), result.uint_32);
963 if (!uid_valid(uid))
964 goto cifs_parse_mount_err;
965 ctx->cred_uid = uid;
966 ctx->cruid_specified = true;
967 break;
968 case Opt_backupuid:
969 uid = make_kuid(current_user_ns(), result.uint_32);
970 if (!uid_valid(uid))
971 goto cifs_parse_mount_err;
972 ctx->backupuid = uid;
973 ctx->backupuid_specified = true;
974 break;
975 case Opt_backupgid:
976 gid = make_kgid(current_user_ns(), result.uint_32);
977 if (!gid_valid(gid))
978 goto cifs_parse_mount_err;
979 ctx->backupgid = gid;
980 ctx->backupgid_specified = true;
981 break;
982 case Opt_gid:
983 gid = make_kgid(current_user_ns(), result.uint_32);
984 if (!gid_valid(gid))
985 goto cifs_parse_mount_err;
986 ctx->linux_gid = gid;
987 ctx->gid_specified = true;
988 break;
989 case Opt_port:
990 ctx->port = result.uint_32;
991 break;
992 case Opt_file_mode:
993 ctx->file_mode = result.uint_32;
994 break;
995 case Opt_dirmode:
996 ctx->dir_mode = result.uint_32;
997 break;
998 case Opt_min_enc_offload:
999 ctx->min_offload = result.uint_32;
1000 break;
1001 case Opt_blocksize:
1002 /*
1003 * inode blocksize realistically should never need to be
1004 * less than 16K or greater than 16M and default is 1MB.
1005 * Note that small inode block sizes (e.g. 64K) can lead
1006 * to very poor performance of common tools like cp and scp
1007 */
1008 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1009 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1010 cifs_errorf(fc, "%s: Invalid blocksize\n",
1011 __func__);
1012 goto cifs_parse_mount_err;
1013 }
1014 ctx->bsize = result.uint_32;
1015 ctx->got_bsize = true;
1016 break;
1017 case Opt_rasize:
1018 /*
1019 * readahead size realistically should never need to be
1020 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1021 * (perhaps an exception should be considered in the
1022 * for the case of a large number of channels
1023 * when multichannel is negotiated) since that would lead
1024 * to plenty of parallel I/O in flight to the server.
1025 * Note that smaller read ahead sizes would
1026 * hurt performance of common tools like cp and scp
1027 * which often trigger sequential i/o with read ahead
1028 */
1029 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1030 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1031 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1032 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1033 goto cifs_parse_mount_err;
1034 }
1035 ctx->rasize = result.uint_32;
1036 break;
1037 case Opt_rsize:
1038 ctx->rsize = result.uint_32;
1039 ctx->got_rsize = true;
1040 break;
1041 case Opt_wsize:
1042 ctx->wsize = result.uint_32;
1043 ctx->got_wsize = true;
1044 break;
1045 case Opt_acregmax:
1046 ctx->acregmax = HZ * result.uint_32;
1047 if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
1048 cifs_errorf(fc, "acregmax too large\n");
1049 goto cifs_parse_mount_err;
1050 }
1051 break;
1052 case Opt_acdirmax:
1053 ctx->acdirmax = HZ * result.uint_32;
1054 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
1055 cifs_errorf(fc, "acdirmax too large\n");
1056 goto cifs_parse_mount_err;
1057 }
1058 break;
1059 case Opt_actimeo:
1060 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
1061 cifs_errorf(fc, "timeout too large\n");
1062 goto cifs_parse_mount_err;
1063 }
1064 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1065 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1066 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1067 break;
1068 }
1069 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1070 break;
1071 case Opt_closetimeo:
1072 ctx->closetimeo = HZ * result.uint_32;
1073 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) {
1074 cifs_errorf(fc, "closetimeo too large\n");
1075 goto cifs_parse_mount_err;
1076 }
1077 break;
1078 case Opt_echo_interval:
1079 ctx->echo_interval = result.uint_32;
1080 break;
1081 case Opt_snapshot:
1082 ctx->snapshot_time = result.uint_64;
1083 break;
1084 case Opt_max_credits:
1085 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1086 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1087 __func__);
1088 goto cifs_parse_mount_err;
1089 }
1090 ctx->max_credits = result.uint_32;
1091 break;
1092 case Opt_max_channels:
1093 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1094 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1095 __func__, CIFS_MAX_CHANNELS);
1096 goto cifs_parse_mount_err;
1097 }
1098 ctx->max_channels = result.uint_32;
1099 /* If more than one channel requested ... they want multichan */
1100 if (result.uint_32 > 1)
1101 ctx->multichannel = true;
1102 break;
1103 case Opt_handletimeout:
1104 ctx->handle_timeout = result.uint_32;
1105 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1106 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1107 goto cifs_parse_mount_err;
1108 }
1109 break;
1110 case Opt_source:
1111 kfree(ctx->UNC);
1112 ctx->UNC = NULL;
1113 switch (smb3_parse_devname(param->string, ctx)) {
1114 case 0:
1115 break;
1116 case -ENOMEM:
1117 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1118 goto cifs_parse_mount_err;
1119 case -EINVAL:
1120 cifs_errorf(fc, "Malformed UNC in devname\n");
1121 goto cifs_parse_mount_err;
1122 default:
1123 cifs_errorf(fc, "Unknown error parsing devname\n");
1124 goto cifs_parse_mount_err;
1125 }
1126 ctx->source = kstrdup(param->string, GFP_KERNEL);
1127 if (ctx->source == NULL) {
1128 cifs_errorf(fc, "OOM when copying UNC string\n");
1129 goto cifs_parse_mount_err;
1130 }
1131 fc->source = kstrdup(param->string, GFP_KERNEL);
1132 if (fc->source == NULL) {
1133 cifs_errorf(fc, "OOM when copying UNC string\n");
1134 goto cifs_parse_mount_err;
1135 }
1136 break;
1137 case Opt_user:
1138 kfree(ctx->username);
1139 ctx->username = NULL;
1140 if (strlen(param->string) == 0) {
1141 /* null user, ie. anonymous authentication */
1142 ctx->nullauth = 1;
1143 break;
1144 }
1145
1146 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1147 CIFS_MAX_USERNAME_LEN) {
1148 pr_warn("username too long\n");
1149 goto cifs_parse_mount_err;
1150 }
1151 ctx->username = kstrdup(param->string, GFP_KERNEL);
1152 if (ctx->username == NULL) {
1153 cifs_errorf(fc, "OOM when copying username string\n");
1154 goto cifs_parse_mount_err;
1155 }
1156 break;
1157 case Opt_pass:
1158 kfree(ctx->password);
1159 ctx->password = NULL;
1160 if (strlen(param->string) == 0)
1161 break;
1162
1163 ctx->password = kstrdup(param->string, GFP_KERNEL);
1164 if (ctx->password == NULL) {
1165 cifs_errorf(fc, "OOM when copying password string\n");
1166 goto cifs_parse_mount_err;
1167 }
1168 break;
1169 case Opt_ip:
1170 if (strlen(param->string) == 0) {
1171 ctx->got_ip = false;
1172 break;
1173 }
1174 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1175 param->string,
1176 strlen(param->string))) {
1177 pr_err("bad ip= option (%s)\n", param->string);
1178 goto cifs_parse_mount_err;
1179 }
1180 ctx->got_ip = true;
1181 break;
1182 case Opt_domain:
1183 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1184 == CIFS_MAX_DOMAINNAME_LEN) {
1185 pr_warn("domain name too long\n");
1186 goto cifs_parse_mount_err;
1187 }
1188
1189 kfree(ctx->domainname);
1190 ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1191 if (ctx->domainname == NULL) {
1192 cifs_errorf(fc, "OOM when copying domainname string\n");
1193 goto cifs_parse_mount_err;
1194 }
1195 cifs_dbg(FYI, "Domain name set\n");
1196 break;
1197 case Opt_srcaddr:
1198 if (!cifs_convert_address(
1199 (struct sockaddr *)&ctx->srcaddr,
1200 param->string, strlen(param->string))) {
1201 pr_warn("Could not parse srcaddr: %s\n",
1202 param->string);
1203 goto cifs_parse_mount_err;
1204 }
1205 break;
1206 case Opt_iocharset:
1207 if (strnlen(param->string, 1024) >= 65) {
1208 pr_warn("iocharset name too long\n");
1209 goto cifs_parse_mount_err;
1210 }
1211
1212 if (strncasecmp(param->string, "default", 7) != 0) {
1213 kfree(ctx->iocharset);
1214 ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1215 if (ctx->iocharset == NULL) {
1216 cifs_errorf(fc, "OOM when copying iocharset string\n");
1217 goto cifs_parse_mount_err;
1218 }
1219 }
1220 /* if iocharset not set then load_nls_default
1221 * is used by caller
1222 */
1223 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1224 break;
1225 case Opt_netbiosname:
1226 memset(ctx->source_rfc1001_name, 0x20,
1227 RFC1001_NAME_LEN);
1228 /*
1229 * FIXME: are there cases in which a comma can
1230 * be valid in workstation netbios name (and
1231 * need special handling)?
1232 */
1233 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1234 /* don't ucase netbiosname for user */
1235 if (param->string[i] == 0)
1236 break;
1237 ctx->source_rfc1001_name[i] = param->string[i];
1238 }
1239 /* The string has 16th byte zero still from
1240 * set at top of the function
1241 */
1242 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1243 pr_warn("netbiosname longer than 15 truncated\n");
1244 break;
1245 case Opt_servern:
1246 /* last byte, type, is 0x20 for servr type */
1247 memset(ctx->target_rfc1001_name, 0x20,
1248 RFC1001_NAME_LEN_WITH_NULL);
1249 /*
1250 * BB are there cases in which a comma can be valid in this
1251 * workstation netbios name (and need special handling)?
1252 */
1253
1254 /* user or mount helper must uppercase the netbios name */
1255 for (i = 0; i < 15; i++) {
1256 if (param->string[i] == 0)
1257 break;
1258 ctx->target_rfc1001_name[i] = param->string[i];
1259 }
1260
1261 /* The string has 16th byte zero still from set at top of function */
1262 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1263 pr_warn("server netbiosname longer than 15 truncated\n");
1264 break;
1265 case Opt_ver:
1266 /* version of mount userspace tools, not dialect */
1267 /* If interface changes in mount.cifs bump to new ver */
1268 if (strncasecmp(param->string, "1", 1) == 0) {
1269 if (strlen(param->string) > 1) {
1270 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1271 param->string);
1272 goto cifs_parse_mount_err;
1273 }
1274 /* This is the default */
1275 break;
1276 }
1277 /* For all other value, error */
1278 pr_warn("Invalid mount helper version specified\n");
1279 goto cifs_parse_mount_err;
1280 case Opt_vers:
1281 /* protocol version (dialect) */
1282 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1283 goto cifs_parse_mount_err;
1284 ctx->got_version = true;
1285 break;
1286 case Opt_sec:
1287 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1288 goto cifs_parse_mount_err;
1289 break;
1290 case Opt_cache:
1291 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1292 goto cifs_parse_mount_err;
1293 break;
1294 case Opt_witness:
1295 #ifndef CONFIG_CIFS_SWN_UPCALL
1296 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1297 goto cifs_parse_mount_err;
1298 #endif
1299 ctx->witness = true;
1300 pr_warn_once("Witness protocol support is experimental\n");
1301 break;
1302 case Opt_rootfs:
1303 #ifndef CONFIG_CIFS_ROOT
1304 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1305 goto cifs_parse_mount_err;
1306 #endif
1307 ctx->rootfs = true;
1308 break;
1309 case Opt_posixpaths:
1310 if (result.negated)
1311 ctx->posix_paths = 0;
1312 else
1313 ctx->posix_paths = 1;
1314 break;
1315 case Opt_unix:
1316 if (result.negated) {
1317 if (ctx->linux_ext == 1)
1318 pr_warn_once("conflicting posix mount options specified\n");
1319 ctx->linux_ext = 0;
1320 ctx->no_linux_ext = 1;
1321 } else {
1322 if (ctx->no_linux_ext == 1)
1323 pr_warn_once("conflicting posix mount options specified\n");
1324 ctx->linux_ext = 1;
1325 ctx->no_linux_ext = 0;
1326 }
1327 break;
1328 case Opt_nocase:
1329 ctx->nocase = 1;
1330 break;
1331 case Opt_brl:
1332 if (result.negated) {
1333 /*
1334 * turn off mandatory locking in mode
1335 * if remote locking is turned off since the
1336 * local vfs will do advisory
1337 */
1338 if (ctx->file_mode ==
1339 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1340 ctx->file_mode = S_IALLUGO;
1341 ctx->nobrl = 1;
1342 } else
1343 ctx->nobrl = 0;
1344 break;
1345 case Opt_handlecache:
1346 if (result.negated)
1347 ctx->nohandlecache = 1;
1348 else
1349 ctx->nohandlecache = 0;
1350 break;
1351 case Opt_forcemandatorylock:
1352 ctx->mand_lock = 1;
1353 break;
1354 case Opt_setuids:
1355 ctx->setuids = result.negated;
1356 break;
1357 case Opt_intr:
1358 ctx->intr = !result.negated;
1359 break;
1360 case Opt_setuidfromacl:
1361 ctx->setuidfromacl = 1;
1362 break;
1363 case Opt_strictsync:
1364 ctx->nostrictsync = result.negated;
1365 break;
1366 case Opt_serverino:
1367 ctx->server_ino = !result.negated;
1368 break;
1369 case Opt_rwpidforward:
1370 ctx->rwpidforward = 1;
1371 break;
1372 case Opt_modesid:
1373 ctx->mode_ace = 1;
1374 break;
1375 case Opt_cifsacl:
1376 ctx->cifs_acl = !result.negated;
1377 break;
1378 case Opt_acl:
1379 ctx->no_psx_acl = result.negated;
1380 break;
1381 case Opt_locallease:
1382 ctx->local_lease = 1;
1383 break;
1384 case Opt_sign:
1385 ctx->sign = true;
1386 break;
1387 case Opt_ignore_signature:
1388 ctx->sign = true;
1389 ctx->ignore_signature = true;
1390 break;
1391 case Opt_seal:
1392 /* we do not do the following in secFlags because seal
1393 * is a per tree connection (mount) not a per socket
1394 * or per-smb connection option in the protocol
1395 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1396 */
1397 ctx->seal = 1;
1398 break;
1399 case Opt_noac:
1400 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1401 break;
1402 case Opt_fsc:
1403 #ifndef CONFIG_CIFS_FSCACHE
1404 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1405 goto cifs_parse_mount_err;
1406 #endif
1407 ctx->fsc = true;
1408 break;
1409 case Opt_mfsymlinks:
1410 ctx->mfsymlinks = true;
1411 break;
1412 case Opt_multiuser:
1413 ctx->multiuser = true;
1414 break;
1415 case Opt_sloppy:
1416 ctx->sloppy = true;
1417 break;
1418 case Opt_nosharesock:
1419 ctx->nosharesock = true;
1420 break;
1421 case Opt_persistent:
1422 if (result.negated) {
1423 ctx->nopersistent = true;
1424 if (ctx->persistent) {
1425 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1426 goto cifs_parse_mount_err;
1427 }
1428 } else {
1429 ctx->persistent = true;
1430 if ((ctx->nopersistent) || (ctx->resilient)) {
1431 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1432 goto cifs_parse_mount_err;
1433 }
1434 }
1435 break;
1436 case Opt_resilient:
1437 if (result.negated) {
1438 ctx->resilient = false; /* already the default */
1439 } else {
1440 ctx->resilient = true;
1441 if (ctx->persistent) {
1442 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1443 goto cifs_parse_mount_err;
1444 }
1445 }
1446 break;
1447 case Opt_domainauto:
1448 ctx->domainauto = true;
1449 break;
1450 case Opt_rdma:
1451 ctx->rdma = true;
1452 break;
1453 }
1454 /* case Opt_ignore: - is ignored as expected ... */
1455
1456 return 0;
1457
1458 cifs_parse_mount_err:
1459 return -EINVAL;
1460 }
1461
smb3_init_fs_context(struct fs_context * fc)1462 int smb3_init_fs_context(struct fs_context *fc)
1463 {
1464 struct smb3_fs_context *ctx;
1465 char *nodename = utsname()->nodename;
1466 int i;
1467
1468 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1469 if (unlikely(!ctx))
1470 return -ENOMEM;
1471
1472 /*
1473 * does not have to be perfect mapping since field is
1474 * informational, only used for servers that do not support
1475 * port 445 and it can be overridden at mount time
1476 */
1477 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1478 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1479 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1480
1481 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1482 /*
1483 * null target name indicates to use *SMBSERVR default called name
1484 * if we end up sending RFC1001 session initialize
1485 */
1486 ctx->target_rfc1001_name[0] = 0;
1487 ctx->cred_uid = current_uid();
1488 ctx->linux_uid = current_uid();
1489 ctx->linux_gid = current_gid();
1490 /* By default 4MB read ahead size, 1MB block size */
1491 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1492 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1493
1494 /*
1495 * default to SFM style remapping of seven reserved characters
1496 * unless user overrides it or we negotiate CIFS POSIX where
1497 * it is unnecessary. Can not simultaneously use more than one mapping
1498 * since then readdir could list files that open could not open
1499 */
1500 ctx->remap = true;
1501
1502 /* default to only allowing write access to owner of the mount */
1503 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1504
1505 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1506 /* default is always to request posix paths. */
1507 ctx->posix_paths = 1;
1508 /* default to using server inode numbers where available */
1509 ctx->server_ino = 1;
1510
1511 /* default is to use strict cifs caching semantics */
1512 ctx->strict_io = true;
1513
1514 ctx->acregmax = CIFS_DEF_ACTIMEO;
1515 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1516 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1517
1518 /* Most clients set timeout to 0, allows server to use its default */
1519 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1520
1521 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1522 ctx->ops = &smb30_operations;
1523 ctx->vals = &smbdefault_values;
1524
1525 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1526
1527 /* default to no multichannel (single server connection) */
1528 ctx->multichannel = false;
1529 ctx->max_channels = 1;
1530
1531 ctx->backupuid_specified = false; /* no backup intent for a user */
1532 ctx->backupgid_specified = false; /* no backup intent for a group */
1533
1534 /*
1535 * short int override_uid = -1;
1536 * short int override_gid = -1;
1537 * char *nodename = strdup(utsname()->nodename);
1538 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1539 */
1540
1541 fc->fs_private = ctx;
1542 fc->ops = &smb3_fs_context_ops;
1543 return 0;
1544 }
1545
1546 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1547 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1548 {
1549 if (ctx == NULL)
1550 return;
1551
1552 /*
1553 * Make sure this stays in sync with smb3_fs_context_dup()
1554 */
1555 kfree(ctx->mount_options);
1556 ctx->mount_options = NULL;
1557 kfree(ctx->username);
1558 ctx->username = NULL;
1559 kfree_sensitive(ctx->password);
1560 ctx->password = NULL;
1561 kfree(ctx->server_hostname);
1562 ctx->server_hostname = NULL;
1563 kfree(ctx->UNC);
1564 ctx->UNC = NULL;
1565 kfree(ctx->source);
1566 ctx->source = NULL;
1567 kfree(ctx->domainname);
1568 ctx->domainname = NULL;
1569 kfree(ctx->nodename);
1570 ctx->nodename = NULL;
1571 kfree(ctx->iocharset);
1572 ctx->iocharset = NULL;
1573 kfree(ctx->prepath);
1574 ctx->prepath = NULL;
1575 }
1576
1577 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1578 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1579 {
1580 if (!ctx)
1581 return;
1582 smb3_cleanup_fs_context_contents(ctx);
1583 kfree(ctx);
1584 }
1585
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1586 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1587 {
1588 struct smb3_fs_context *ctx = cifs_sb->ctx;
1589
1590 if (ctx->nodfs)
1591 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1592 else
1593 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1594
1595 if (ctx->noperm)
1596 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1597 else
1598 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1599
1600 if (ctx->setuids)
1601 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1602 else
1603 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1604
1605 if (ctx->setuidfromacl)
1606 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1607 else
1608 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1609
1610 if (ctx->server_ino)
1611 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1612 else
1613 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1614
1615 if (ctx->remap)
1616 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1617 else
1618 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1619
1620 if (ctx->sfu_remap)
1621 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1622 else
1623 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1624
1625 if (ctx->no_xattr)
1626 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1627 else
1628 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1629
1630 if (ctx->sfu_emul)
1631 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1632 else
1633 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1634
1635 if (ctx->nobrl)
1636 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1637 else
1638 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1639
1640 if (ctx->nohandlecache)
1641 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1642 else
1643 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1644
1645 if (ctx->nostrictsync)
1646 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1647 else
1648 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1649
1650 if (ctx->mand_lock)
1651 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1652 else
1653 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1654
1655 if (ctx->rwpidforward)
1656 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1657 else
1658 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1659
1660 if (ctx->mode_ace)
1661 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1662 else
1663 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1664
1665 if (ctx->cifs_acl)
1666 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1667 else
1668 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1669
1670 if (ctx->backupuid_specified)
1671 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1672 else
1673 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1674
1675 if (ctx->backupgid_specified)
1676 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1677 else
1678 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1679
1680 if (ctx->override_uid)
1681 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1682 else
1683 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1684
1685 if (ctx->override_gid)
1686 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1687 else
1688 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1689
1690 if (ctx->dynperm)
1691 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1692 else
1693 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1694
1695 if (ctx->fsc)
1696 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1697 else
1698 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1699
1700 if (ctx->multiuser)
1701 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1702 CIFS_MOUNT_NO_PERM);
1703 else
1704 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1705
1706
1707 if (ctx->strict_io)
1708 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1709 else
1710 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1711
1712 if (ctx->direct_io)
1713 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1714 else
1715 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1716
1717 if (ctx->mfsymlinks)
1718 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1719 else
1720 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1721 if (ctx->mfsymlinks) {
1722 if (ctx->sfu_emul) {
1723 /*
1724 * Our SFU ("Services for Unix" emulation does not allow
1725 * creating symlinks but does allow reading existing SFU
1726 * symlinks (it does allow both creating and reading SFU
1727 * style mknod and FIFOs though). When "mfsymlinks" and
1728 * "sfu" are both enabled at the same time, it allows
1729 * reading both types of symlinks, but will only create
1730 * them with mfsymlinks format. This allows better
1731 * Apple compatibility (probably better for Samba too)
1732 * while still recognizing old Windows style symlinks.
1733 */
1734 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1735 }
1736 }
1737 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1738
1739 return;
1740 }
1741