1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * linux/fs/nfs/fs_context.c
4 *
5 * Copyright (C) 1992 Rick Sladkey
6 * Conversion to new mount api Copyright (C) David Howells
7 *
8 * NFS mount handling.
9 *
10 * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com>
11 */
12
13 #include <linux/compat.h>
14 #include <linux/module.h>
15 #include <linux/fs.h>
16 #include <linux/fs_context.h>
17 #include <linux/fs_parser.h>
18 #include <linux/nfs_fs.h>
19 #include <linux/nfs_mount.h>
20 #include <linux/nfs4_mount.h>
21
22 #include <net/handshake.h>
23
24 #include "nfs.h"
25 #include "internal.h"
26
27 #include "nfstrace.h"
28
29 #define NFSDBG_FACILITY NFSDBG_MOUNT
30
31 #if IS_ENABLED(CONFIG_NFS_V3)
32 #define NFS_DEFAULT_VERSION 3
33 #else
34 #define NFS_DEFAULT_VERSION 2
35 #endif
36
37 #define NFS_MAX_CONNECTIONS 16
38
39 enum nfs_param {
40 Opt_ac,
41 Opt_acdirmax,
42 Opt_acdirmin,
43 Opt_acl,
44 Opt_acregmax,
45 Opt_acregmin,
46 Opt_actimeo,
47 Opt_addr,
48 Opt_bg,
49 Opt_bsize,
50 Opt_clientaddr,
51 Opt_cto,
52 Opt_alignwrite,
53 Opt_fg,
54 Opt_fscache,
55 Opt_fscache_flag,
56 Opt_hard,
57 Opt_intr,
58 Opt_local_lock,
59 Opt_lock,
60 Opt_lookupcache,
61 Opt_migration,
62 Opt_minorversion,
63 Opt_mountaddr,
64 Opt_mounthost,
65 Opt_mountport,
66 Opt_mountproto,
67 Opt_mountvers,
68 Opt_namelen,
69 Opt_nconnect,
70 Opt_max_connect,
71 Opt_port,
72 Opt_posix,
73 Opt_proto,
74 Opt_rdirplus,
75 Opt_rdma,
76 Opt_resvport,
77 Opt_retrans,
78 Opt_retry,
79 Opt_rsize,
80 Opt_sec,
81 Opt_sharecache,
82 Opt_sloppy,
83 Opt_soft,
84 Opt_softerr,
85 Opt_softreval,
86 Opt_source,
87 Opt_tcp,
88 Opt_timeo,
89 Opt_trunkdiscovery,
90 Opt_udp,
91 Opt_v,
92 Opt_vers,
93 Opt_wsize,
94 Opt_write,
95 Opt_xprtsec,
96 };
97
98 enum {
99 Opt_local_lock_all,
100 Opt_local_lock_flock,
101 Opt_local_lock_none,
102 Opt_local_lock_posix,
103 };
104
105 static const struct constant_table nfs_param_enums_local_lock[] = {
106 { "all", Opt_local_lock_all },
107 { "flock", Opt_local_lock_flock },
108 { "posix", Opt_local_lock_posix },
109 { "none", Opt_local_lock_none },
110 {}
111 };
112
113 enum {
114 Opt_lookupcache_all,
115 Opt_lookupcache_none,
116 Opt_lookupcache_positive,
117 };
118
119 static const struct constant_table nfs_param_enums_lookupcache[] = {
120 { "all", Opt_lookupcache_all },
121 { "none", Opt_lookupcache_none },
122 { "pos", Opt_lookupcache_positive },
123 { "positive", Opt_lookupcache_positive },
124 {}
125 };
126
127 enum {
128 Opt_write_lazy,
129 Opt_write_eager,
130 Opt_write_wait,
131 };
132
133 static const struct constant_table nfs_param_enums_write[] = {
134 { "lazy", Opt_write_lazy },
135 { "eager", Opt_write_eager },
136 { "wait", Opt_write_wait },
137 {}
138 };
139
140 static const struct fs_parameter_spec nfs_fs_parameters[] = {
141 fsparam_flag_no("ac", Opt_ac),
142 fsparam_u32 ("acdirmax", Opt_acdirmax),
143 fsparam_u32 ("acdirmin", Opt_acdirmin),
144 fsparam_flag_no("acl", Opt_acl),
145 fsparam_u32 ("acregmax", Opt_acregmax),
146 fsparam_u32 ("acregmin", Opt_acregmin),
147 fsparam_u32 ("actimeo", Opt_actimeo),
148 fsparam_string("addr", Opt_addr),
149 fsparam_flag ("bg", Opt_bg),
150 fsparam_u32 ("bsize", Opt_bsize),
151 fsparam_string("clientaddr", Opt_clientaddr),
152 fsparam_flag_no("cto", Opt_cto),
153 fsparam_flag_no("alignwrite", Opt_alignwrite),
154 fsparam_flag ("fg", Opt_fg),
155 fsparam_flag_no("fsc", Opt_fscache_flag),
156 fsparam_string("fsc", Opt_fscache),
157 fsparam_flag ("hard", Opt_hard),
158 __fsparam(NULL, "intr", Opt_intr,
159 fs_param_neg_with_no|fs_param_deprecated, NULL),
160 fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock),
161 fsparam_flag_no("lock", Opt_lock),
162 fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache),
163 fsparam_flag_no("migration", Opt_migration),
164 fsparam_u32 ("minorversion", Opt_minorversion),
165 fsparam_string("mountaddr", Opt_mountaddr),
166 fsparam_string("mounthost", Opt_mounthost),
167 fsparam_u32 ("mountport", Opt_mountport),
168 fsparam_string("mountproto", Opt_mountproto),
169 fsparam_u32 ("mountvers", Opt_mountvers),
170 fsparam_u32 ("namlen", Opt_namelen),
171 fsparam_u32 ("nconnect", Opt_nconnect),
172 fsparam_u32 ("max_connect", Opt_max_connect),
173 fsparam_string("nfsvers", Opt_vers),
174 fsparam_u32 ("port", Opt_port),
175 fsparam_flag_no("posix", Opt_posix),
176 fsparam_string("proto", Opt_proto),
177 fsparam_flag_no("rdirplus", Opt_rdirplus),
178 fsparam_flag ("rdma", Opt_rdma),
179 fsparam_flag_no("resvport", Opt_resvport),
180 fsparam_u32 ("retrans", Opt_retrans),
181 fsparam_string("retry", Opt_retry),
182 fsparam_u32 ("rsize", Opt_rsize),
183 fsparam_string("sec", Opt_sec),
184 fsparam_flag_no("sharecache", Opt_sharecache),
185 fsparam_flag ("sloppy", Opt_sloppy),
186 fsparam_flag ("soft", Opt_soft),
187 fsparam_flag ("softerr", Opt_softerr),
188 fsparam_flag ("softreval", Opt_softreval),
189 fsparam_string("source", Opt_source),
190 fsparam_flag ("tcp", Opt_tcp),
191 fsparam_u32 ("timeo", Opt_timeo),
192 fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery),
193 fsparam_flag ("udp", Opt_udp),
194 fsparam_flag ("v2", Opt_v),
195 fsparam_flag ("v3", Opt_v),
196 fsparam_flag ("v4", Opt_v),
197 fsparam_flag ("v4.0", Opt_v),
198 fsparam_flag ("v4.1", Opt_v),
199 fsparam_flag ("v4.2", Opt_v),
200 fsparam_string("vers", Opt_vers),
201 fsparam_enum ("write", Opt_write, nfs_param_enums_write),
202 fsparam_u32 ("wsize", Opt_wsize),
203 fsparam_string("xprtsec", Opt_xprtsec),
204 {}
205 };
206
207 enum {
208 Opt_vers_2,
209 Opt_vers_3,
210 Opt_vers_4,
211 Opt_vers_4_0,
212 Opt_vers_4_1,
213 Opt_vers_4_2,
214 };
215
216 static const struct constant_table nfs_vers_tokens[] = {
217 { "2", Opt_vers_2 },
218 { "3", Opt_vers_3 },
219 { "4", Opt_vers_4 },
220 { "4.0", Opt_vers_4_0 },
221 { "4.1", Opt_vers_4_1 },
222 { "4.2", Opt_vers_4_2 },
223 {}
224 };
225
226 enum {
227 Opt_xprt_rdma,
228 Opt_xprt_rdma6,
229 Opt_xprt_tcp,
230 Opt_xprt_tcp6,
231 Opt_xprt_udp,
232 Opt_xprt_udp6,
233 nr__Opt_xprt
234 };
235
236 static const struct constant_table nfs_xprt_protocol_tokens[] = {
237 { "rdma", Opt_xprt_rdma },
238 { "rdma6", Opt_xprt_rdma6 },
239 { "tcp", Opt_xprt_tcp },
240 { "tcp6", Opt_xprt_tcp6 },
241 { "udp", Opt_xprt_udp },
242 { "udp6", Opt_xprt_udp6 },
243 {}
244 };
245
246 enum {
247 Opt_sec_krb5,
248 Opt_sec_krb5i,
249 Opt_sec_krb5p,
250 Opt_sec_lkey,
251 Opt_sec_lkeyi,
252 Opt_sec_lkeyp,
253 Opt_sec_none,
254 Opt_sec_spkm,
255 Opt_sec_spkmi,
256 Opt_sec_spkmp,
257 Opt_sec_sys,
258 nr__Opt_sec
259 };
260
261 static const struct constant_table nfs_secflavor_tokens[] = {
262 { "krb5", Opt_sec_krb5 },
263 { "krb5i", Opt_sec_krb5i },
264 { "krb5p", Opt_sec_krb5p },
265 { "lkey", Opt_sec_lkey },
266 { "lkeyi", Opt_sec_lkeyi },
267 { "lkeyp", Opt_sec_lkeyp },
268 { "none", Opt_sec_none },
269 { "null", Opt_sec_none },
270 { "spkm3", Opt_sec_spkm },
271 { "spkm3i", Opt_sec_spkmi },
272 { "spkm3p", Opt_sec_spkmp },
273 { "sys", Opt_sec_sys },
274 {}
275 };
276
277 enum {
278 Opt_xprtsec_none,
279 Opt_xprtsec_tls,
280 Opt_xprtsec_mtls,
281 nr__Opt_xprtsec
282 };
283
284 static const struct constant_table nfs_xprtsec_policies[] = {
285 { "none", Opt_xprtsec_none },
286 { "tls", Opt_xprtsec_tls },
287 { "mtls", Opt_xprtsec_mtls },
288 {}
289 };
290
291 /*
292 * Sanity-check a server address provided by the mount command.
293 *
294 * Address family must be initialized, and address must not be
295 * the ANY address for that family.
296 */
nfs_verify_server_address(struct sockaddr_storage * addr)297 static int nfs_verify_server_address(struct sockaddr_storage *addr)
298 {
299 switch (addr->ss_family) {
300 case AF_INET: {
301 struct sockaddr_in *sa = (struct sockaddr_in *)addr;
302 return sa->sin_addr.s_addr != htonl(INADDR_ANY);
303 }
304 case AF_INET6: {
305 struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr;
306 return !ipv6_addr_any(sa);
307 }
308 }
309
310 return 0;
311 }
312
313 #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT
nfs_server_transport_udp_invalid(const struct nfs_fs_context * ctx)314 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
315 {
316 return true;
317 }
318 #else
nfs_server_transport_udp_invalid(const struct nfs_fs_context * ctx)319 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
320 {
321 if (ctx->version == 4)
322 return true;
323 return false;
324 }
325 #endif
326
327 /*
328 * Sanity check the NFS transport protocol.
329 */
nfs_validate_transport_protocol(struct fs_context * fc,struct nfs_fs_context * ctx)330 static int nfs_validate_transport_protocol(struct fs_context *fc,
331 struct nfs_fs_context *ctx)
332 {
333 switch (ctx->nfs_server.protocol) {
334 case XPRT_TRANSPORT_UDP:
335 if (nfs_server_transport_udp_invalid(ctx))
336 goto out_invalid_transport_udp;
337 break;
338 case XPRT_TRANSPORT_TCP:
339 case XPRT_TRANSPORT_RDMA:
340 break;
341 default:
342 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
343 }
344
345 if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE)
346 switch (ctx->nfs_server.protocol) {
347 case XPRT_TRANSPORT_TCP:
348 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS;
349 break;
350 default:
351 goto out_invalid_xprtsec_policy;
352 }
353
354 return 0;
355 out_invalid_transport_udp:
356 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp");
357 out_invalid_xprtsec_policy:
358 return nfs_invalf(fc, "NFS: Transport does not support xprtsec");
359 }
360
361 /*
362 * For text based NFSv2/v3 mounts, the mount protocol transport default
363 * settings should depend upon the specified NFS transport.
364 */
nfs_set_mount_transport_protocol(struct nfs_fs_context * ctx)365 static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx)
366 {
367 if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP ||
368 ctx->mount_server.protocol == XPRT_TRANSPORT_TCP)
369 return;
370 switch (ctx->nfs_server.protocol) {
371 case XPRT_TRANSPORT_UDP:
372 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
373 break;
374 case XPRT_TRANSPORT_TCP:
375 case XPRT_TRANSPORT_RDMA:
376 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
377 }
378 }
379
380 /*
381 * Add 'flavor' to 'auth_info' if not already present.
382 * Returns true if 'flavor' ends up in the list, false otherwise
383 */
nfs_auth_info_add(struct fs_context * fc,struct nfs_auth_info * auth_info,rpc_authflavor_t flavor)384 static int nfs_auth_info_add(struct fs_context *fc,
385 struct nfs_auth_info *auth_info,
386 rpc_authflavor_t flavor)
387 {
388 unsigned int i;
389 unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors);
390
391 /* make sure this flavor isn't already in the list */
392 for (i = 0; i < auth_info->flavor_len; i++) {
393 if (flavor == auth_info->flavors[i])
394 return 0;
395 }
396
397 if (auth_info->flavor_len + 1 >= max_flavor_len)
398 return nfs_invalf(fc, "NFS: too many sec= flavors");
399
400 auth_info->flavors[auth_info->flavor_len++] = flavor;
401 return 0;
402 }
403
404 /*
405 * Parse the value of the 'sec=' option.
406 */
nfs_parse_security_flavors(struct fs_context * fc,struct fs_parameter * param)407 static int nfs_parse_security_flavors(struct fs_context *fc,
408 struct fs_parameter *param)
409 {
410 struct nfs_fs_context *ctx = nfs_fc2context(fc);
411 rpc_authflavor_t pseudoflavor;
412 char *string = param->string, *p;
413 int ret;
414
415 trace_nfs_mount_assign(param->key, string);
416
417 while ((p = strsep(&string, ":")) != NULL) {
418 if (!*p)
419 continue;
420 switch (lookup_constant(nfs_secflavor_tokens, p, -1)) {
421 case Opt_sec_none:
422 pseudoflavor = RPC_AUTH_NULL;
423 break;
424 case Opt_sec_sys:
425 pseudoflavor = RPC_AUTH_UNIX;
426 break;
427 case Opt_sec_krb5:
428 pseudoflavor = RPC_AUTH_GSS_KRB5;
429 break;
430 case Opt_sec_krb5i:
431 pseudoflavor = RPC_AUTH_GSS_KRB5I;
432 break;
433 case Opt_sec_krb5p:
434 pseudoflavor = RPC_AUTH_GSS_KRB5P;
435 break;
436 case Opt_sec_lkey:
437 pseudoflavor = RPC_AUTH_GSS_LKEY;
438 break;
439 case Opt_sec_lkeyi:
440 pseudoflavor = RPC_AUTH_GSS_LKEYI;
441 break;
442 case Opt_sec_lkeyp:
443 pseudoflavor = RPC_AUTH_GSS_LKEYP;
444 break;
445 case Opt_sec_spkm:
446 pseudoflavor = RPC_AUTH_GSS_SPKM;
447 break;
448 case Opt_sec_spkmi:
449 pseudoflavor = RPC_AUTH_GSS_SPKMI;
450 break;
451 case Opt_sec_spkmp:
452 pseudoflavor = RPC_AUTH_GSS_SPKMP;
453 break;
454 default:
455 return nfs_invalf(fc, "NFS: sec=%s option not recognized", p);
456 }
457
458 ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor);
459 if (ret < 0)
460 return ret;
461 }
462
463 return 0;
464 }
465
nfs_parse_xprtsec_policy(struct fs_context * fc,struct fs_parameter * param)466 static int nfs_parse_xprtsec_policy(struct fs_context *fc,
467 struct fs_parameter *param)
468 {
469 struct nfs_fs_context *ctx = nfs_fc2context(fc);
470
471 trace_nfs_mount_assign(param->key, param->string);
472
473 switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) {
474 case Opt_xprtsec_none:
475 ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
476 break;
477 case Opt_xprtsec_tls:
478 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON;
479 break;
480 case Opt_xprtsec_mtls:
481 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509;
482 break;
483 default:
484 return nfs_invalf(fc, "NFS: Unrecognized transport security policy");
485 }
486 return 0;
487 }
488
nfs_parse_version_string(struct fs_context * fc,const char * string)489 static int nfs_parse_version_string(struct fs_context *fc,
490 const char *string)
491 {
492 struct nfs_fs_context *ctx = nfs_fc2context(fc);
493
494 ctx->flags &= ~NFS_MOUNT_VER3;
495 switch (lookup_constant(nfs_vers_tokens, string, -1)) {
496 case Opt_vers_2:
497 ctx->version = 2;
498 break;
499 case Opt_vers_3:
500 ctx->flags |= NFS_MOUNT_VER3;
501 ctx->version = 3;
502 break;
503 case Opt_vers_4:
504 /* Backward compatibility option. In future,
505 * the mount program should always supply
506 * a NFSv4 minor version number.
507 */
508 ctx->version = 4;
509 break;
510 case Opt_vers_4_0:
511 ctx->version = 4;
512 ctx->minorversion = 0;
513 break;
514 case Opt_vers_4_1:
515 ctx->version = 4;
516 ctx->minorversion = 1;
517 break;
518 case Opt_vers_4_2:
519 ctx->version = 4;
520 ctx->minorversion = 2;
521 break;
522 default:
523 return nfs_invalf(fc, "NFS: Unsupported NFS version");
524 }
525 return 0;
526 }
527
528 /*
529 * Parse a single mount parameter.
530 */
nfs_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)531 static int nfs_fs_context_parse_param(struct fs_context *fc,
532 struct fs_parameter *param)
533 {
534 struct fs_parse_result result;
535 struct nfs_fs_context *ctx = nfs_fc2context(fc);
536 unsigned short protofamily, mountfamily;
537 unsigned int len;
538 int ret, opt;
539
540 trace_nfs_mount_option(param);
541
542 opt = fs_parse(fc, nfs_fs_parameters, param, &result);
543 if (opt < 0)
544 return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt;
545
546 if (fc->security)
547 ctx->has_sec_mnt_opts = 1;
548
549 switch (opt) {
550 case Opt_source:
551 if (fc->source)
552 return nfs_invalf(fc, "NFS: Multiple sources not supported");
553 fc->source = param->string;
554 param->string = NULL;
555 break;
556
557 /*
558 * boolean options: foo/nofoo
559 */
560 case Opt_soft:
561 ctx->flags |= NFS_MOUNT_SOFT;
562 ctx->flags &= ~NFS_MOUNT_SOFTERR;
563 break;
564 case Opt_softerr:
565 ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL;
566 ctx->flags &= ~NFS_MOUNT_SOFT;
567 break;
568 case Opt_hard:
569 ctx->flags &= ~(NFS_MOUNT_SOFT |
570 NFS_MOUNT_SOFTERR |
571 NFS_MOUNT_SOFTREVAL);
572 break;
573 case Opt_softreval:
574 if (result.negated)
575 ctx->flags &= ~NFS_MOUNT_SOFTREVAL;
576 else
577 ctx->flags |= NFS_MOUNT_SOFTREVAL;
578 break;
579 case Opt_posix:
580 if (result.negated)
581 ctx->flags &= ~NFS_MOUNT_POSIX;
582 else
583 ctx->flags |= NFS_MOUNT_POSIX;
584 break;
585 case Opt_cto:
586 if (result.negated)
587 ctx->flags |= NFS_MOUNT_NOCTO;
588 else
589 ctx->flags &= ~NFS_MOUNT_NOCTO;
590 break;
591 case Opt_trunkdiscovery:
592 if (result.negated)
593 ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY;
594 else
595 ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY;
596 break;
597 case Opt_alignwrite:
598 if (result.negated)
599 ctx->flags |= NFS_MOUNT_NO_ALIGNWRITE;
600 else
601 ctx->flags &= ~NFS_MOUNT_NO_ALIGNWRITE;
602 break;
603 case Opt_ac:
604 if (result.negated)
605 ctx->flags |= NFS_MOUNT_NOAC;
606 else
607 ctx->flags &= ~NFS_MOUNT_NOAC;
608 break;
609 case Opt_lock:
610 if (result.negated) {
611 ctx->lock_status = NFS_LOCK_NOLOCK;
612 ctx->flags |= NFS_MOUNT_NONLM;
613 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
614 } else {
615 ctx->lock_status = NFS_LOCK_LOCK;
616 ctx->flags &= ~NFS_MOUNT_NONLM;
617 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
618 }
619 break;
620 case Opt_udp:
621 ctx->flags &= ~NFS_MOUNT_TCP;
622 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
623 break;
624 case Opt_tcp:
625 case Opt_rdma:
626 ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */
627 ret = xprt_find_transport_ident(param->key);
628 if (ret < 0)
629 goto out_bad_transport;
630 ctx->nfs_server.protocol = ret;
631 break;
632 case Opt_acl:
633 if (result.negated)
634 ctx->flags |= NFS_MOUNT_NOACL;
635 else
636 ctx->flags &= ~NFS_MOUNT_NOACL;
637 break;
638 case Opt_rdirplus:
639 if (result.negated)
640 ctx->flags |= NFS_MOUNT_NORDIRPLUS;
641 else
642 ctx->flags &= ~NFS_MOUNT_NORDIRPLUS;
643 break;
644 case Opt_sharecache:
645 if (result.negated)
646 ctx->flags |= NFS_MOUNT_UNSHARED;
647 else
648 ctx->flags &= ~NFS_MOUNT_UNSHARED;
649 break;
650 case Opt_resvport:
651 if (result.negated)
652 ctx->flags |= NFS_MOUNT_NORESVPORT;
653 else
654 ctx->flags &= ~NFS_MOUNT_NORESVPORT;
655 break;
656 case Opt_fscache_flag:
657 if (result.negated)
658 ctx->options &= ~NFS_OPTION_FSCACHE;
659 else
660 ctx->options |= NFS_OPTION_FSCACHE;
661 kfree(ctx->fscache_uniq);
662 ctx->fscache_uniq = NULL;
663 break;
664 case Opt_fscache:
665 trace_nfs_mount_assign(param->key, param->string);
666 ctx->options |= NFS_OPTION_FSCACHE;
667 kfree(ctx->fscache_uniq);
668 ctx->fscache_uniq = param->string;
669 param->string = NULL;
670 break;
671 case Opt_migration:
672 if (result.negated)
673 ctx->options &= ~NFS_OPTION_MIGRATION;
674 else
675 ctx->options |= NFS_OPTION_MIGRATION;
676 break;
677
678 /*
679 * options that take numeric values
680 */
681 case Opt_port:
682 if (result.uint_32 > USHRT_MAX)
683 goto out_of_bounds;
684 ctx->nfs_server.port = result.uint_32;
685 break;
686 case Opt_rsize:
687 ctx->rsize = result.uint_32;
688 break;
689 case Opt_wsize:
690 ctx->wsize = result.uint_32;
691 break;
692 case Opt_bsize:
693 ctx->bsize = result.uint_32;
694 break;
695 case Opt_timeo:
696 if (result.uint_32 < 1 || result.uint_32 > INT_MAX)
697 goto out_of_bounds;
698 ctx->timeo = result.uint_32;
699 break;
700 case Opt_retrans:
701 if (result.uint_32 > INT_MAX)
702 goto out_of_bounds;
703 ctx->retrans = result.uint_32;
704 break;
705 case Opt_acregmin:
706 ctx->acregmin = result.uint_32;
707 break;
708 case Opt_acregmax:
709 ctx->acregmax = result.uint_32;
710 break;
711 case Opt_acdirmin:
712 ctx->acdirmin = result.uint_32;
713 break;
714 case Opt_acdirmax:
715 ctx->acdirmax = result.uint_32;
716 break;
717 case Opt_actimeo:
718 ctx->acregmin = result.uint_32;
719 ctx->acregmax = result.uint_32;
720 ctx->acdirmin = result.uint_32;
721 ctx->acdirmax = result.uint_32;
722 break;
723 case Opt_namelen:
724 ctx->namlen = result.uint_32;
725 break;
726 case Opt_mountport:
727 if (result.uint_32 > USHRT_MAX)
728 goto out_of_bounds;
729 ctx->mount_server.port = result.uint_32;
730 break;
731 case Opt_mountvers:
732 if (result.uint_32 < NFS_MNT_VERSION ||
733 result.uint_32 > NFS_MNT3_VERSION)
734 goto out_of_bounds;
735 ctx->mount_server.version = result.uint_32;
736 break;
737 case Opt_minorversion:
738 if (result.uint_32 > NFS4_MAX_MINOR_VERSION)
739 goto out_of_bounds;
740 ctx->minorversion = result.uint_32;
741 break;
742
743 /*
744 * options that take text values
745 */
746 case Opt_v:
747 ret = nfs_parse_version_string(fc, param->key + 1);
748 if (ret < 0)
749 return ret;
750 break;
751 case Opt_vers:
752 if (!param->string)
753 goto out_invalid_value;
754 trace_nfs_mount_assign(param->key, param->string);
755 ret = nfs_parse_version_string(fc, param->string);
756 if (ret < 0)
757 return ret;
758 break;
759 case Opt_sec:
760 ret = nfs_parse_security_flavors(fc, param);
761 if (ret < 0)
762 return ret;
763 break;
764 case Opt_xprtsec:
765 ret = nfs_parse_xprtsec_policy(fc, param);
766 if (ret < 0)
767 return ret;
768 break;
769
770 case Opt_proto:
771 if (!param->string)
772 goto out_invalid_value;
773 trace_nfs_mount_assign(param->key, param->string);
774 protofamily = AF_INET;
775 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
776 case Opt_xprt_udp6:
777 protofamily = AF_INET6;
778 fallthrough;
779 case Opt_xprt_udp:
780 ctx->flags &= ~NFS_MOUNT_TCP;
781 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
782 break;
783 case Opt_xprt_tcp6:
784 protofamily = AF_INET6;
785 fallthrough;
786 case Opt_xprt_tcp:
787 ctx->flags |= NFS_MOUNT_TCP;
788 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
789 break;
790 case Opt_xprt_rdma6:
791 protofamily = AF_INET6;
792 fallthrough;
793 case Opt_xprt_rdma:
794 /* vector side protocols to TCP */
795 ctx->flags |= NFS_MOUNT_TCP;
796 ret = xprt_find_transport_ident(param->string);
797 if (ret < 0)
798 goto out_bad_transport;
799 ctx->nfs_server.protocol = ret;
800 break;
801 default:
802 goto out_bad_transport;
803 }
804
805 ctx->protofamily = protofamily;
806 break;
807
808 case Opt_mountproto:
809 if (!param->string)
810 goto out_invalid_value;
811 trace_nfs_mount_assign(param->key, param->string);
812 mountfamily = AF_INET;
813 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
814 case Opt_xprt_udp6:
815 mountfamily = AF_INET6;
816 fallthrough;
817 case Opt_xprt_udp:
818 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
819 break;
820 case Opt_xprt_tcp6:
821 mountfamily = AF_INET6;
822 fallthrough;
823 case Opt_xprt_tcp:
824 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
825 break;
826 case Opt_xprt_rdma: /* not used for side protocols */
827 default:
828 goto out_bad_transport;
829 }
830 ctx->mountfamily = mountfamily;
831 break;
832
833 case Opt_addr:
834 trace_nfs_mount_assign(param->key, param->string);
835 len = rpc_pton(fc->net_ns, param->string, param->size,
836 &ctx->nfs_server.address,
837 sizeof(ctx->nfs_server._address));
838 if (len == 0)
839 goto out_invalid_address;
840 ctx->nfs_server.addrlen = len;
841 break;
842 case Opt_clientaddr:
843 trace_nfs_mount_assign(param->key, param->string);
844 kfree(ctx->client_address);
845 ctx->client_address = param->string;
846 param->string = NULL;
847 break;
848 case Opt_mounthost:
849 trace_nfs_mount_assign(param->key, param->string);
850 kfree(ctx->mount_server.hostname);
851 ctx->mount_server.hostname = param->string;
852 param->string = NULL;
853 break;
854 case Opt_mountaddr:
855 trace_nfs_mount_assign(param->key, param->string);
856 len = rpc_pton(fc->net_ns, param->string, param->size,
857 &ctx->mount_server.address,
858 sizeof(ctx->mount_server._address));
859 if (len == 0)
860 goto out_invalid_address;
861 ctx->mount_server.addrlen = len;
862 break;
863 case Opt_nconnect:
864 trace_nfs_mount_assign(param->key, param->string);
865 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS)
866 goto out_of_bounds;
867 ctx->nfs_server.nconnect = result.uint_32;
868 break;
869 case Opt_max_connect:
870 trace_nfs_mount_assign(param->key, param->string);
871 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS)
872 goto out_of_bounds;
873 ctx->nfs_server.max_connect = result.uint_32;
874 break;
875 case Opt_lookupcache:
876 trace_nfs_mount_assign(param->key, param->string);
877 switch (result.uint_32) {
878 case Opt_lookupcache_all:
879 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE);
880 break;
881 case Opt_lookupcache_positive:
882 ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE;
883 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG;
884 break;
885 case Opt_lookupcache_none:
886 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE;
887 break;
888 default:
889 goto out_invalid_value;
890 }
891 break;
892 case Opt_local_lock:
893 trace_nfs_mount_assign(param->key, param->string);
894 switch (result.uint_32) {
895 case Opt_local_lock_all:
896 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK |
897 NFS_MOUNT_LOCAL_FCNTL);
898 break;
899 case Opt_local_lock_flock:
900 ctx->flags |= NFS_MOUNT_LOCAL_FLOCK;
901 break;
902 case Opt_local_lock_posix:
903 ctx->flags |= NFS_MOUNT_LOCAL_FCNTL;
904 break;
905 case Opt_local_lock_none:
906 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK |
907 NFS_MOUNT_LOCAL_FCNTL);
908 break;
909 default:
910 goto out_invalid_value;
911 }
912 break;
913 case Opt_write:
914 trace_nfs_mount_assign(param->key, param->string);
915 switch (result.uint_32) {
916 case Opt_write_lazy:
917 ctx->flags &=
918 ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT);
919 break;
920 case Opt_write_eager:
921 ctx->flags |= NFS_MOUNT_WRITE_EAGER;
922 ctx->flags &= ~NFS_MOUNT_WRITE_WAIT;
923 break;
924 case Opt_write_wait:
925 ctx->flags |=
926 NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT;
927 break;
928 default:
929 goto out_invalid_value;
930 }
931 break;
932
933 /*
934 * Special options
935 */
936 case Opt_sloppy:
937 ctx->sloppy = true;
938 break;
939 }
940
941 return 0;
942
943 out_invalid_value:
944 return nfs_invalf(fc, "NFS: Bad mount option value specified");
945 out_invalid_address:
946 return nfs_invalf(fc, "NFS: Bad IP address specified");
947 out_of_bounds:
948 return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key);
949 out_bad_transport:
950 return nfs_invalf(fc, "NFS: Unrecognized transport protocol");
951 }
952
953 /*
954 * Split fc->source into "hostname:export_path".
955 *
956 * The leftmost colon demarks the split between the server's hostname
957 * and the export path. If the hostname starts with a left square
958 * bracket, then it may contain colons.
959 *
960 * Note: caller frees hostname and export path, even on error.
961 */
nfs_parse_source(struct fs_context * fc,size_t maxnamlen,size_t maxpathlen)962 static int nfs_parse_source(struct fs_context *fc,
963 size_t maxnamlen, size_t maxpathlen)
964 {
965 struct nfs_fs_context *ctx = nfs_fc2context(fc);
966 const char *dev_name = fc->source;
967 size_t len;
968 const char *end;
969
970 if (unlikely(!dev_name || !*dev_name))
971 return -EINVAL;
972
973 /* Is the host name protected with square brakcets? */
974 if (*dev_name == '[') {
975 end = strchr(++dev_name, ']');
976 if (end == NULL || end[1] != ':')
977 goto out_bad_devname;
978
979 len = end - dev_name;
980 end++;
981 } else {
982 const char *comma;
983
984 end = strchr(dev_name, ':');
985 if (end == NULL)
986 goto out_bad_devname;
987 len = end - dev_name;
988
989 /* kill possible hostname list: not supported */
990 comma = memchr(dev_name, ',', len);
991 if (comma)
992 len = comma - dev_name;
993 }
994
995 if (len > maxnamlen)
996 goto out_hostname;
997
998 kfree(ctx->nfs_server.hostname);
999
1000 /* N.B. caller will free nfs_server.hostname in all cases */
1001 ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL);
1002 if (!ctx->nfs_server.hostname)
1003 goto out_nomem;
1004 len = strlen(++end);
1005 if (len > maxpathlen)
1006 goto out_path;
1007 ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL);
1008 if (!ctx->nfs_server.export_path)
1009 goto out_nomem;
1010
1011 trace_nfs_mount_path(ctx->nfs_server.export_path);
1012 return 0;
1013
1014 out_bad_devname:
1015 return nfs_invalf(fc, "NFS: device name not in host:path format");
1016 out_nomem:
1017 nfs_errorf(fc, "NFS: not enough memory to parse device name");
1018 return -ENOMEM;
1019 out_hostname:
1020 nfs_errorf(fc, "NFS: server hostname too long");
1021 return -ENAMETOOLONG;
1022 out_path:
1023 nfs_errorf(fc, "NFS: export pathname too long");
1024 return -ENAMETOOLONG;
1025 }
1026
is_remount_fc(struct fs_context * fc)1027 static inline bool is_remount_fc(struct fs_context *fc)
1028 {
1029 return fc->root != NULL;
1030 }
1031
1032 /*
1033 * Parse monolithic NFS2/NFS3 mount data
1034 * - fills in the mount root filehandle
1035 *
1036 * For option strings, user space handles the following behaviors:
1037 *
1038 * + DNS: mapping server host name to IP address ("addr=" option)
1039 *
1040 * + failure mode: how to behave if a mount request can't be handled
1041 * immediately ("fg/bg" option)
1042 *
1043 * + retry: how often to retry a mount request ("retry=" option)
1044 *
1045 * + breaking back: trying proto=udp after proto=tcp, v2 after v3,
1046 * mountproto=tcp after mountproto=udp, and so on
1047 */
nfs23_parse_monolithic(struct fs_context * fc,struct nfs_mount_data * data)1048 static int nfs23_parse_monolithic(struct fs_context *fc,
1049 struct nfs_mount_data *data)
1050 {
1051 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1052 struct nfs_fh *mntfh = ctx->mntfh;
1053 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1054 int extra_flags = NFS_MOUNT_LEGACY_INTERFACE;
1055 int ret;
1056
1057 if (data == NULL)
1058 goto out_no_data;
1059
1060 ctx->version = NFS_DEFAULT_VERSION;
1061 switch (data->version) {
1062 case 1:
1063 data->namlen = 0;
1064 fallthrough;
1065 case 2:
1066 data->bsize = 0;
1067 fallthrough;
1068 case 3:
1069 if (data->flags & NFS_MOUNT_VER3)
1070 goto out_no_v3;
1071 data->root.size = NFS2_FHSIZE;
1072 memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE);
1073 /* Turn off security negotiation */
1074 extra_flags |= NFS_MOUNT_SECFLAVOUR;
1075 fallthrough;
1076 case 4:
1077 if (data->flags & NFS_MOUNT_SECFLAVOUR)
1078 goto out_no_sec;
1079 fallthrough;
1080 case 5:
1081 memset(data->context, 0, sizeof(data->context));
1082 fallthrough;
1083 case 6:
1084 if (data->flags & NFS_MOUNT_VER3) {
1085 if (data->root.size > NFS3_FHSIZE || data->root.size == 0)
1086 goto out_invalid_fh;
1087 mntfh->size = data->root.size;
1088 ctx->version = 3;
1089 } else {
1090 mntfh->size = NFS2_FHSIZE;
1091 ctx->version = 2;
1092 }
1093
1094
1095 memcpy(mntfh->data, data->root.data, mntfh->size);
1096 if (mntfh->size < sizeof(mntfh->data))
1097 memset(mntfh->data + mntfh->size, 0,
1098 sizeof(mntfh->data) - mntfh->size);
1099
1100 /*
1101 * for proto == XPRT_TRANSPORT_UDP, which is what uses
1102 * to_exponential, implying shift: limit the shift value
1103 * to BITS_PER_LONG (majortimeo is unsigned long)
1104 */
1105 if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */
1106 if (data->retrans >= 64) /* shift value is too large */
1107 goto out_invalid_data;
1108
1109 /*
1110 * Translate to nfs_fs_context, which nfs_fill_super
1111 * can deal with.
1112 */
1113 ctx->flags = data->flags & NFS_MOUNT_FLAGMASK;
1114 ctx->flags |= extra_flags;
1115 ctx->rsize = data->rsize;
1116 ctx->wsize = data->wsize;
1117 ctx->timeo = data->timeo;
1118 ctx->retrans = data->retrans;
1119 ctx->acregmin = data->acregmin;
1120 ctx->acregmax = data->acregmax;
1121 ctx->acdirmin = data->acdirmin;
1122 ctx->acdirmax = data->acdirmax;
1123 ctx->need_mount = false;
1124
1125 if (!is_remount_fc(fc)) {
1126 memcpy(sap, &data->addr, sizeof(data->addr));
1127 ctx->nfs_server.addrlen = sizeof(data->addr);
1128 ctx->nfs_server.port = ntohs(data->addr.sin_port);
1129 }
1130
1131 if (sap->ss_family != AF_INET ||
1132 !nfs_verify_server_address(sap))
1133 goto out_no_address;
1134
1135 if (!(data->flags & NFS_MOUNT_TCP))
1136 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
1137 /* N.B. caller will free nfs_server.hostname in all cases */
1138 ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
1139 if (!ctx->nfs_server.hostname)
1140 goto out_nomem;
1141
1142 ctx->namlen = data->namlen;
1143 ctx->bsize = data->bsize;
1144
1145 if (data->flags & NFS_MOUNT_SECFLAVOUR)
1146 ctx->selected_flavor = data->pseudoflavor;
1147 else
1148 ctx->selected_flavor = RPC_AUTH_UNIX;
1149
1150 if (!(data->flags & NFS_MOUNT_NONLM))
1151 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK|
1152 NFS_MOUNT_LOCAL_FCNTL);
1153 else
1154 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK|
1155 NFS_MOUNT_LOCAL_FCNTL);
1156
1157 /*
1158 * The legacy version 6 binary mount data from userspace has a
1159 * field used only to transport selinux information into the
1160 * kernel. To continue to support that functionality we
1161 * have a touch of selinux knowledge here in the NFS code. The
1162 * userspace code converted context=blah to just blah so we are
1163 * converting back to the full string selinux understands.
1164 */
1165 if (data->context[0]){
1166 #ifdef CONFIG_SECURITY_SELINUX
1167 int ret;
1168
1169 data->context[NFS_MAX_CONTEXT_LEN] = '\0';
1170 ret = vfs_parse_fs_string(fc, "context",
1171 data->context, strlen(data->context));
1172 if (ret < 0)
1173 return ret;
1174 #else
1175 return -EINVAL;
1176 #endif
1177 }
1178
1179 break;
1180 default:
1181 goto generic;
1182 }
1183
1184 ret = nfs_validate_transport_protocol(fc, ctx);
1185 if (ret)
1186 return ret;
1187
1188 ctx->skip_reconfig_option_check = true;
1189 return 0;
1190
1191 generic:
1192 return generic_parse_monolithic(fc, data);
1193
1194 out_no_data:
1195 if (is_remount_fc(fc)) {
1196 ctx->skip_reconfig_option_check = true;
1197 return 0;
1198 }
1199 return nfs_invalf(fc, "NFS: mount program didn't pass any mount data");
1200
1201 out_no_v3:
1202 return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3");
1203
1204 out_no_sec:
1205 return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS");
1206
1207 out_nomem:
1208 return -ENOMEM;
1209
1210 out_no_address:
1211 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1212
1213 out_invalid_fh:
1214 return nfs_invalf(fc, "NFS: invalid root filehandle");
1215
1216 out_invalid_data:
1217 return nfs_invalf(fc, "NFS: invalid binary mount data");
1218 }
1219
1220 #if IS_ENABLED(CONFIG_NFS_V4)
1221 struct compat_nfs_string {
1222 compat_uint_t len;
1223 compat_uptr_t data;
1224 };
1225
compat_nfs_string(struct nfs_string * dst,struct compat_nfs_string * src)1226 static inline void compat_nfs_string(struct nfs_string *dst,
1227 struct compat_nfs_string *src)
1228 {
1229 dst->data = compat_ptr(src->data);
1230 dst->len = src->len;
1231 }
1232
1233 struct compat_nfs4_mount_data_v1 {
1234 compat_int_t version;
1235 compat_int_t flags;
1236 compat_int_t rsize;
1237 compat_int_t wsize;
1238 compat_int_t timeo;
1239 compat_int_t retrans;
1240 compat_int_t acregmin;
1241 compat_int_t acregmax;
1242 compat_int_t acdirmin;
1243 compat_int_t acdirmax;
1244 struct compat_nfs_string client_addr;
1245 struct compat_nfs_string mnt_path;
1246 struct compat_nfs_string hostname;
1247 compat_uint_t host_addrlen;
1248 compat_uptr_t host_addr;
1249 compat_int_t proto;
1250 compat_int_t auth_flavourlen;
1251 compat_uptr_t auth_flavours;
1252 };
1253
nfs4_compat_mount_data_conv(struct nfs4_mount_data * data)1254 static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data)
1255 {
1256 struct compat_nfs4_mount_data_v1 *compat =
1257 (struct compat_nfs4_mount_data_v1 *)data;
1258
1259 /* copy the fields backwards */
1260 data->auth_flavours = compat_ptr(compat->auth_flavours);
1261 data->auth_flavourlen = compat->auth_flavourlen;
1262 data->proto = compat->proto;
1263 data->host_addr = compat_ptr(compat->host_addr);
1264 data->host_addrlen = compat->host_addrlen;
1265 compat_nfs_string(&data->hostname, &compat->hostname);
1266 compat_nfs_string(&data->mnt_path, &compat->mnt_path);
1267 compat_nfs_string(&data->client_addr, &compat->client_addr);
1268 data->acdirmax = compat->acdirmax;
1269 data->acdirmin = compat->acdirmin;
1270 data->acregmax = compat->acregmax;
1271 data->acregmin = compat->acregmin;
1272 data->retrans = compat->retrans;
1273 data->timeo = compat->timeo;
1274 data->wsize = compat->wsize;
1275 data->rsize = compat->rsize;
1276 data->flags = compat->flags;
1277 data->version = compat->version;
1278 }
1279
1280 /*
1281 * Validate NFSv4 mount options
1282 */
nfs4_parse_monolithic(struct fs_context * fc,struct nfs4_mount_data * data)1283 static int nfs4_parse_monolithic(struct fs_context *fc,
1284 struct nfs4_mount_data *data)
1285 {
1286 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1287 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1288 int ret;
1289 char *c;
1290
1291 if (!data) {
1292 if (is_remount_fc(fc))
1293 goto done;
1294 return nfs_invalf(fc,
1295 "NFS4: mount program didn't pass any mount data");
1296 }
1297
1298 ctx->version = 4;
1299
1300 if (data->version != 1)
1301 return generic_parse_monolithic(fc, data);
1302
1303 if (in_compat_syscall())
1304 nfs4_compat_mount_data_conv(data);
1305
1306 if (data->host_addrlen > sizeof(ctx->nfs_server.address))
1307 goto out_no_address;
1308 if (data->host_addrlen == 0)
1309 goto out_no_address;
1310 ctx->nfs_server.addrlen = data->host_addrlen;
1311 if (copy_from_user(sap, data->host_addr, data->host_addrlen))
1312 return -EFAULT;
1313 if (!nfs_verify_server_address(sap))
1314 goto out_no_address;
1315 ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port);
1316
1317 if (data->auth_flavourlen) {
1318 rpc_authflavor_t pseudoflavor;
1319
1320 if (data->auth_flavourlen > 1)
1321 goto out_inval_auth;
1322 if (copy_from_user(&pseudoflavor, data->auth_flavours,
1323 sizeof(pseudoflavor)))
1324 return -EFAULT;
1325 ctx->selected_flavor = pseudoflavor;
1326 } else {
1327 ctx->selected_flavor = RPC_AUTH_UNIX;
1328 }
1329
1330 c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN);
1331 if (IS_ERR(c))
1332 return PTR_ERR(c);
1333 ctx->nfs_server.hostname = c;
1334
1335 c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN);
1336 if (IS_ERR(c))
1337 return PTR_ERR(c);
1338 ctx->nfs_server.export_path = c;
1339 trace_nfs_mount_path(c);
1340
1341 c = strndup_user(data->client_addr.data, 16);
1342 if (IS_ERR(c))
1343 return PTR_ERR(c);
1344 ctx->client_address = c;
1345
1346 /*
1347 * Translate to nfs_fs_context, which nfs_fill_super
1348 * can deal with.
1349 */
1350
1351 ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK;
1352 ctx->rsize = data->rsize;
1353 ctx->wsize = data->wsize;
1354 ctx->timeo = data->timeo;
1355 ctx->retrans = data->retrans;
1356 ctx->acregmin = data->acregmin;
1357 ctx->acregmax = data->acregmax;
1358 ctx->acdirmin = data->acdirmin;
1359 ctx->acdirmax = data->acdirmax;
1360 ctx->nfs_server.protocol = data->proto;
1361 ret = nfs_validate_transport_protocol(fc, ctx);
1362 if (ret)
1363 return ret;
1364 done:
1365 ctx->skip_reconfig_option_check = true;
1366 return 0;
1367
1368 out_inval_auth:
1369 return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d",
1370 data->auth_flavourlen);
1371
1372 out_no_address:
1373 return nfs_invalf(fc, "NFS4: mount program didn't pass remote address");
1374 }
1375 #endif
1376
1377 /*
1378 * Parse a monolithic block of data from sys_mount().
1379 */
nfs_fs_context_parse_monolithic(struct fs_context * fc,void * data)1380 static int nfs_fs_context_parse_monolithic(struct fs_context *fc,
1381 void *data)
1382 {
1383 if (fc->fs_type == &nfs_fs_type)
1384 return nfs23_parse_monolithic(fc, data);
1385
1386 #if IS_ENABLED(CONFIG_NFS_V4)
1387 if (fc->fs_type == &nfs4_fs_type)
1388 return nfs4_parse_monolithic(fc, data);
1389 #endif
1390
1391 return nfs_invalf(fc, "NFS: Unsupported monolithic data version");
1392 }
1393
1394 /*
1395 * Validate the preparsed information in the config.
1396 */
nfs_fs_context_validate(struct fs_context * fc)1397 static int nfs_fs_context_validate(struct fs_context *fc)
1398 {
1399 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1400 struct nfs_subversion *nfs_mod;
1401 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1402 int max_namelen = PAGE_SIZE;
1403 int max_pathlen = NFS_MAXPATHLEN;
1404 int port = 0;
1405 int ret;
1406
1407 if (!fc->source)
1408 goto out_no_device_name;
1409
1410 /* Check for sanity first. */
1411 if (ctx->minorversion && ctx->version != 4)
1412 goto out_minorversion_mismatch;
1413
1414 if (ctx->options & NFS_OPTION_MIGRATION &&
1415 (ctx->version != 4 || ctx->minorversion != 0))
1416 goto out_migration_misuse;
1417
1418 /* Verify that any proto=/mountproto= options match the address
1419 * families in the addr=/mountaddr= options.
1420 */
1421 if (ctx->protofamily != AF_UNSPEC &&
1422 ctx->protofamily != ctx->nfs_server.address.sa_family)
1423 goto out_proto_mismatch;
1424
1425 if (ctx->mountfamily != AF_UNSPEC) {
1426 if (ctx->mount_server.addrlen) {
1427 if (ctx->mountfamily != ctx->mount_server.address.sa_family)
1428 goto out_mountproto_mismatch;
1429 } else {
1430 if (ctx->mountfamily != ctx->nfs_server.address.sa_family)
1431 goto out_mountproto_mismatch;
1432 }
1433 }
1434
1435 if (!nfs_verify_server_address(sap))
1436 goto out_no_address;
1437
1438 ret = nfs_validate_transport_protocol(fc, ctx);
1439 if (ret)
1440 return ret;
1441
1442 if (ctx->version == 4) {
1443 if (IS_ENABLED(CONFIG_NFS_V4)) {
1444 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1445 port = NFS_RDMA_PORT;
1446 else
1447 port = NFS_PORT;
1448 max_namelen = NFS4_MAXNAMLEN;
1449 max_pathlen = NFS4_MAXPATHLEN;
1450 ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL |
1451 NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK |
1452 NFS_MOUNT_LOCAL_FCNTL);
1453 } else {
1454 goto out_v4_not_compiled;
1455 }
1456 } else {
1457 nfs_set_mount_transport_protocol(ctx);
1458 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1459 port = NFS_RDMA_PORT;
1460 }
1461
1462 nfs_set_port(sap, &ctx->nfs_server.port, port);
1463
1464 ret = nfs_parse_source(fc, max_namelen, max_pathlen);
1465 if (ret < 0)
1466 return ret;
1467
1468 /* Load the NFS protocol module if we haven't done so yet */
1469 if (!ctx->nfs_mod) {
1470 nfs_mod = get_nfs_version(ctx->version);
1471 if (IS_ERR(nfs_mod)) {
1472 ret = PTR_ERR(nfs_mod);
1473 goto out_version_unavailable;
1474 }
1475 ctx->nfs_mod = nfs_mod;
1476 }
1477
1478 /* Ensure the filesystem context has the correct fs_type */
1479 if (fc->fs_type != ctx->nfs_mod->nfs_fs) {
1480 module_put(fc->fs_type->owner);
1481 __module_get(ctx->nfs_mod->nfs_fs->owner);
1482 fc->fs_type = ctx->nfs_mod->nfs_fs;
1483 }
1484 return 0;
1485
1486 out_no_device_name:
1487 return nfs_invalf(fc, "NFS: Device name not specified");
1488 out_v4_not_compiled:
1489 nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel");
1490 return -EPROTONOSUPPORT;
1491 out_no_address:
1492 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1493 out_mountproto_mismatch:
1494 return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option");
1495 out_proto_mismatch:
1496 return nfs_invalf(fc, "NFS: Server address does not match proto= option");
1497 out_minorversion_mismatch:
1498 return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u",
1499 ctx->version, ctx->minorversion);
1500 out_migration_misuse:
1501 return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version");
1502 out_version_unavailable:
1503 nfs_errorf(fc, "NFS: Version unavailable");
1504 return ret;
1505 }
1506
1507 /*
1508 * Create an NFS superblock by the appropriate method.
1509 */
nfs_get_tree(struct fs_context * fc)1510 static int nfs_get_tree(struct fs_context *fc)
1511 {
1512 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1513 int err = nfs_fs_context_validate(fc);
1514
1515 if (err)
1516 return err;
1517 if (!ctx->internal)
1518 return ctx->nfs_mod->rpc_ops->try_get_tree(fc);
1519 else
1520 return nfs_get_tree_common(fc);
1521 }
1522
1523 /*
1524 * Handle duplication of a configuration. The caller copied *src into *sc, but
1525 * it can't deal with resource pointers in the filesystem context, so we have
1526 * to do that. We need to clear pointers, copy data or get extra refs as
1527 * appropriate.
1528 */
nfs_fs_context_dup(struct fs_context * fc,struct fs_context * src_fc)1529 static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc)
1530 {
1531 struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx;
1532
1533 ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL);
1534 if (!ctx)
1535 return -ENOMEM;
1536
1537 ctx->mntfh = nfs_alloc_fhandle();
1538 if (!ctx->mntfh) {
1539 kfree(ctx);
1540 return -ENOMEM;
1541 }
1542 nfs_copy_fh(ctx->mntfh, src->mntfh);
1543
1544 __module_get(ctx->nfs_mod->owner);
1545 ctx->client_address = NULL;
1546 ctx->mount_server.hostname = NULL;
1547 ctx->nfs_server.export_path = NULL;
1548 ctx->nfs_server.hostname = NULL;
1549 ctx->fscache_uniq = NULL;
1550 ctx->clone_data.fattr = NULL;
1551 fc->fs_private = ctx;
1552 return 0;
1553 }
1554
nfs_fs_context_free(struct fs_context * fc)1555 static void nfs_fs_context_free(struct fs_context *fc)
1556 {
1557 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1558
1559 if (ctx) {
1560 if (ctx->server)
1561 nfs_free_server(ctx->server);
1562 if (ctx->nfs_mod)
1563 put_nfs_version(ctx->nfs_mod);
1564 kfree(ctx->client_address);
1565 kfree(ctx->mount_server.hostname);
1566 kfree(ctx->nfs_server.export_path);
1567 kfree(ctx->nfs_server.hostname);
1568 kfree(ctx->fscache_uniq);
1569 nfs_free_fhandle(ctx->mntfh);
1570 nfs_free_fattr(ctx->clone_data.fattr);
1571 kfree(ctx);
1572 }
1573 }
1574
1575 static const struct fs_context_operations nfs_fs_context_ops = {
1576 .free = nfs_fs_context_free,
1577 .dup = nfs_fs_context_dup,
1578 .parse_param = nfs_fs_context_parse_param,
1579 .parse_monolithic = nfs_fs_context_parse_monolithic,
1580 .get_tree = nfs_get_tree,
1581 .reconfigure = nfs_reconfigure,
1582 };
1583
1584 /*
1585 * Prepare superblock configuration. We use the namespaces attached to the
1586 * context. This may be the current process's namespaces, or it may be a
1587 * container's namespaces.
1588 */
nfs_init_fs_context(struct fs_context * fc)1589 static int nfs_init_fs_context(struct fs_context *fc)
1590 {
1591 struct nfs_fs_context *ctx;
1592
1593 ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL);
1594 if (unlikely(!ctx))
1595 return -ENOMEM;
1596
1597 ctx->mntfh = nfs_alloc_fhandle();
1598 if (unlikely(!ctx->mntfh)) {
1599 kfree(ctx);
1600 return -ENOMEM;
1601 }
1602
1603 ctx->protofamily = AF_UNSPEC;
1604 ctx->mountfamily = AF_UNSPEC;
1605 ctx->mount_server.port = NFS_UNSPEC_PORT;
1606
1607 if (fc->root) {
1608 /* reconfigure, start with the current config */
1609 struct nfs_server *nfss = fc->root->d_sb->s_fs_info;
1610 struct net *net = nfss->nfs_client->cl_net;
1611
1612 ctx->flags = nfss->flags;
1613 ctx->rsize = nfss->rsize;
1614 ctx->wsize = nfss->wsize;
1615 ctx->retrans = nfss->client->cl_timeout->to_retries;
1616 ctx->selected_flavor = nfss->client->cl_auth->au_flavor;
1617 ctx->acregmin = nfss->acregmin / HZ;
1618 ctx->acregmax = nfss->acregmax / HZ;
1619 ctx->acdirmin = nfss->acdirmin / HZ;
1620 ctx->acdirmax = nfss->acdirmax / HZ;
1621 ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ;
1622 ctx->nfs_server.port = nfss->port;
1623 ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen;
1624 ctx->version = nfss->nfs_client->rpc_ops->version;
1625 ctx->minorversion = nfss->nfs_client->cl_minorversion;
1626
1627 memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr,
1628 ctx->nfs_server.addrlen);
1629
1630 if (fc->net_ns != net) {
1631 put_net(fc->net_ns);
1632 fc->net_ns = get_net(net);
1633 }
1634
1635 ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod;
1636 __module_get(ctx->nfs_mod->owner);
1637 } else {
1638 /* defaults */
1639 ctx->timeo = NFS_UNSPEC_TIMEO;
1640 ctx->retrans = NFS_UNSPEC_RETRANS;
1641 ctx->acregmin = NFS_DEF_ACREGMIN;
1642 ctx->acregmax = NFS_DEF_ACREGMAX;
1643 ctx->acdirmin = NFS_DEF_ACDIRMIN;
1644 ctx->acdirmax = NFS_DEF_ACDIRMAX;
1645 ctx->nfs_server.port = NFS_UNSPEC_PORT;
1646 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
1647 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR;
1648 ctx->minorversion = 0;
1649 ctx->need_mount = true;
1650 ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
1651 ctx->xprtsec.cert_serial = TLS_NO_CERT;
1652 ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY;
1653
1654 fc->s_iflags |= SB_I_STABLE_WRITES;
1655 }
1656 fc->fs_private = ctx;
1657 fc->ops = &nfs_fs_context_ops;
1658 return 0;
1659 }
1660
1661 struct file_system_type nfs_fs_type = {
1662 .owner = THIS_MODULE,
1663 .name = "nfs",
1664 .init_fs_context = nfs_init_fs_context,
1665 .parameters = nfs_fs_parameters,
1666 .kill_sb = nfs_kill_super,
1667 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1668 };
1669 MODULE_ALIAS_FS("nfs");
1670 EXPORT_SYMBOL_GPL(nfs_fs_type);
1671
1672 #if IS_ENABLED(CONFIG_NFS_V4)
1673 struct file_system_type nfs4_fs_type = {
1674 .owner = THIS_MODULE,
1675 .name = "nfs4",
1676 .init_fs_context = nfs_init_fs_context,
1677 .parameters = nfs_fs_parameters,
1678 .kill_sb = nfs_kill_super,
1679 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1680 };
1681 MODULE_ALIAS_FS("nfs4");
1682 MODULE_ALIAS("nfs4");
1683 EXPORT_SYMBOL_GPL(nfs4_fs_type);
1684 #endif /* CONFIG_NFS_V4 */
1685