1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 DEFINE_MUTEX(cifs_mount_mutex);
41
42 static const match_table_t cifs_smb_version_tokens = {
43 { Smb_1, SMB1_VERSION_STRING },
44 { Smb_20, SMB20_VERSION_STRING},
45 { Smb_21, SMB21_VERSION_STRING },
46 { Smb_30, SMB30_VERSION_STRING },
47 { Smb_302, SMB302_VERSION_STRING },
48 { Smb_302, ALT_SMB302_VERSION_STRING },
49 { Smb_311, SMB311_VERSION_STRING },
50 { Smb_311, ALT_SMB311_VERSION_STRING },
51 { Smb_3any, SMB3ANY_VERSION_STRING },
52 { Smb_default, SMBDEFAULT_VERSION_STRING },
53 { Smb_version_err, NULL }
54 };
55
56 static const match_table_t cifs_secflavor_tokens = {
57 { Opt_sec_krb5, "krb5" },
58 { Opt_sec_krb5i, "krb5i" },
59 { Opt_sec_krb5p, "krb5p" },
60 { Opt_sec_ntlmsspi, "ntlmsspi" },
61 { Opt_sec_ntlmssp, "ntlmssp" },
62 { Opt_sec_ntlmv2, "nontlm" },
63 { Opt_sec_ntlmv2, "ntlmv2" },
64 { Opt_sec_ntlmv2i, "ntlmv2i" },
65 { Opt_sec_none, "none" },
66
67 { Opt_sec_err, NULL }
68 };
69
70 static const match_table_t cifs_upcall_target = {
71 { Opt_upcall_target_mount, "mount" },
72 { Opt_upcall_target_application, "app" },
73 { Opt_upcall_target_err, NULL }
74 };
75
76 const struct fs_parameter_spec smb3_fs_parameters[] = {
77 /* Mount options that take no arguments */
78 fsparam_flag_no("user_xattr", Opt_user_xattr),
79 fsparam_flag_no("forceuid", Opt_forceuid),
80 fsparam_flag_no("multichannel", Opt_multichannel),
81 fsparam_flag_no("forcegid", Opt_forcegid),
82 fsparam_flag("noblocksend", Opt_noblocksend),
83 fsparam_flag("noautotune", Opt_noautotune),
84 fsparam_flag("nolease", Opt_nolease),
85 fsparam_flag_no("hard", Opt_hard),
86 fsparam_flag_no("soft", Opt_soft),
87 fsparam_flag_no("perm", Opt_perm),
88 fsparam_flag("nodelete", Opt_nodelete),
89 fsparam_flag_no("mapposix", Opt_mapposix),
90 fsparam_flag("mapchars", Opt_mapchars),
91 fsparam_flag("nomapchars", Opt_nomapchars),
92 fsparam_flag_no("sfu", Opt_sfu),
93 fsparam_flag("nodfs", Opt_nodfs),
94 fsparam_flag_no("posixpaths", Opt_posixpaths),
95 fsparam_flag_no("unix", Opt_unix),
96 fsparam_flag_no("linux", Opt_unix),
97 fsparam_flag_no("posix", Opt_unix),
98 fsparam_flag("nocase", Opt_nocase),
99 fsparam_flag("ignorecase", Opt_nocase),
100 fsparam_flag_no("brl", Opt_brl),
101 fsparam_flag_no("handlecache", Opt_handlecache),
102 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
103 fsparam_flag("forcemand", Opt_forcemandatorylock),
104 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
105 fsparam_flag("idsfromsid", Opt_setuidfromacl),
106 fsparam_flag_no("setuids", Opt_setuids),
107 fsparam_flag_no("dynperm", Opt_dynperm),
108 fsparam_flag_no("intr", Opt_intr),
109 fsparam_flag_no("strictsync", Opt_strictsync),
110 fsparam_flag_no("serverino", Opt_serverino),
111 fsparam_flag("rwpidforward", Opt_rwpidforward),
112 fsparam_flag("cifsacl", Opt_cifsacl),
113 fsparam_flag_no("acl", Opt_acl),
114 fsparam_flag("locallease", Opt_locallease),
115 fsparam_flag("sign", Opt_sign),
116 fsparam_flag("ignore_signature", Opt_ignore_signature),
117 fsparam_flag("signloosely", Opt_ignore_signature),
118 fsparam_flag("seal", Opt_seal),
119 fsparam_flag("noac", Opt_noac),
120 fsparam_flag("fsc", Opt_fsc),
121 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
122 fsparam_flag("multiuser", Opt_multiuser),
123 fsparam_flag("sloppy", Opt_sloppy),
124 fsparam_flag("nosharesock", Opt_nosharesock),
125 fsparam_flag_no("persistenthandles", Opt_persistent),
126 fsparam_flag_no("resilienthandles", Opt_resilient),
127 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
128 fsparam_flag("nosparse", Opt_nosparse),
129 fsparam_flag("domainauto", Opt_domainauto),
130 fsparam_flag("rdma", Opt_rdma),
131 fsparam_flag("modesid", Opt_modesid),
132 fsparam_flag("modefromsid", Opt_modesid),
133 fsparam_flag("rootfs", Opt_rootfs),
134 fsparam_flag("compress", Opt_compress),
135 fsparam_flag("witness", Opt_witness),
136 fsparam_flag_no("nativesocket", Opt_nativesocket),
137 fsparam_flag_no("unicode", Opt_unicode),
138 fsparam_flag_no("nbsessinit", Opt_nbsessinit),
139
140 /* Mount options which take uid or gid */
141 fsparam_uid("backupuid", Opt_backupuid),
142 fsparam_gid("backupgid", Opt_backupgid),
143 fsparam_uid("uid", Opt_uid),
144 fsparam_uid("cruid", Opt_cruid),
145 fsparam_gid("gid", Opt_gid),
146
147 /* Mount options which take numeric value */
148 fsparam_u32("file_mode", Opt_file_mode),
149 fsparam_u32("dirmode", Opt_dirmode),
150 fsparam_u32("dir_mode", Opt_dirmode),
151 fsparam_u32("port", Opt_port),
152 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
153 fsparam_u32("retrans", Opt_retrans),
154 fsparam_u32("esize", Opt_min_enc_offload),
155 fsparam_u32("bsize", Opt_blocksize),
156 fsparam_u32("rasize", Opt_rasize),
157 fsparam_u32("rsize", Opt_rsize),
158 fsparam_u32("wsize", Opt_wsize),
159 fsparam_u32("actimeo", Opt_actimeo),
160 fsparam_u32("acdirmax", Opt_acdirmax),
161 fsparam_u32("acregmax", Opt_acregmax),
162 fsparam_u32("closetimeo", Opt_closetimeo),
163 fsparam_u32("echo_interval", Opt_echo_interval),
164 fsparam_u32("max_credits", Opt_max_credits),
165 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs),
166 fsparam_u32("handletimeout", Opt_handletimeout),
167 fsparam_u64("snapshot", Opt_snapshot),
168 fsparam_u32("max_channels", Opt_max_channels),
169
170 /* Mount options which take string value */
171 fsparam_string("source", Opt_source),
172 fsparam_string("user", Opt_user),
173 fsparam_string("username", Opt_user),
174 fsparam_string("pass", Opt_pass),
175 fsparam_string("password", Opt_pass),
176 fsparam_string("pass2", Opt_pass2),
177 fsparam_string("password2", Opt_pass2),
178 fsparam_string("ip", Opt_ip),
179 fsparam_string("addr", Opt_ip),
180 fsparam_string("domain", Opt_domain),
181 fsparam_string("dom", Opt_domain),
182 fsparam_string("srcaddr", Opt_srcaddr),
183 fsparam_string("iocharset", Opt_iocharset),
184 fsparam_string("netbiosname", Opt_netbiosname),
185 fsparam_string("servern", Opt_servern),
186 fsparam_string("ver", Opt_ver),
187 fsparam_string("vers", Opt_vers),
188 fsparam_string("sec", Opt_sec),
189 fsparam_string("cache", Opt_cache),
190 fsparam_string("reparse", Opt_reparse),
191 fsparam_string("upcall_target", Opt_upcalltarget),
192 fsparam_string("symlink", Opt_symlink),
193 fsparam_string("symlinkroot", Opt_symlinkroot),
194
195 /* Arguments that should be ignored */
196 fsparam_flag("guest", Opt_ignore),
197 fsparam_flag("noatime", Opt_ignore),
198 fsparam_flag("relatime", Opt_ignore),
199 fsparam_flag("_netdev", Opt_ignore),
200 fsparam_flag_no("suid", Opt_ignore),
201 fsparam_flag_no("exec", Opt_ignore),
202 fsparam_flag_no("dev", Opt_ignore),
203 fsparam_flag_no("mand", Opt_ignore),
204 fsparam_flag_no("auto", Opt_ignore),
205 fsparam_string("cred", Opt_ignore),
206 fsparam_string("credentials", Opt_ignore),
207 /*
208 * UNC and prefixpath is now extracted from Opt_source
209 * in the new mount API so we can just ignore them going forward.
210 */
211 fsparam_string("unc", Opt_ignore),
212 fsparam_string("prefixpath", Opt_ignore),
213 {}
214 };
215
216 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)217 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
218 {
219
220 substring_t args[MAX_OPT_ARGS];
221
222 /*
223 * With mount options, the last one should win. Reset any existing
224 * settings back to default.
225 */
226 ctx->sectype = Unspecified;
227 ctx->sign = false;
228
229 switch (match_token(value, cifs_secflavor_tokens, args)) {
230 case Opt_sec_krb5p:
231 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n");
232 return 1;
233 case Opt_sec_krb5i:
234 ctx->sign = true;
235 fallthrough;
236 case Opt_sec_krb5:
237 ctx->sectype = Kerberos;
238 break;
239 case Opt_sec_ntlmsspi:
240 ctx->sign = true;
241 fallthrough;
242 case Opt_sec_ntlmssp:
243 ctx->sectype = RawNTLMSSP;
244 break;
245 case Opt_sec_ntlmv2i:
246 ctx->sign = true;
247 fallthrough;
248 case Opt_sec_ntlmv2:
249 ctx->sectype = NTLMv2;
250 break;
251 case Opt_sec_none:
252 ctx->nullauth = 1;
253 kfree(ctx->username);
254 ctx->username = NULL;
255 break;
256 default:
257 cifs_errorf(fc, "bad security option: %s\n", value);
258 return 1;
259 }
260
261 return 0;
262 }
263
264 static int
cifs_parse_upcall_target(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)265 cifs_parse_upcall_target(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
266 {
267 substring_t args[MAX_OPT_ARGS];
268
269 ctx->upcall_target = UPTARGET_UNSPECIFIED;
270
271 switch (match_token(value, cifs_upcall_target, args)) {
272 case Opt_upcall_target_mount:
273 ctx->upcall_target = UPTARGET_MOUNT;
274 break;
275 case Opt_upcall_target_application:
276 ctx->upcall_target = UPTARGET_APP;
277 break;
278
279 default:
280 cifs_errorf(fc, "bad upcall target: %s\n", value);
281 return 1;
282 }
283
284 return 0;
285 }
286
287 static const match_table_t cifs_cacheflavor_tokens = {
288 { Opt_cache_loose, "loose" },
289 { Opt_cache_strict, "strict" },
290 { Opt_cache_none, "none" },
291 { Opt_cache_ro, "ro" },
292 { Opt_cache_rw, "singleclient" },
293 { Opt_cache_err, NULL }
294 };
295
296 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)297 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
298 {
299 substring_t args[MAX_OPT_ARGS];
300
301 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
302 case Opt_cache_loose:
303 ctx->direct_io = false;
304 ctx->strict_io = false;
305 ctx->cache_ro = false;
306 ctx->cache_rw = false;
307 break;
308 case Opt_cache_strict:
309 ctx->direct_io = false;
310 ctx->strict_io = true;
311 ctx->cache_ro = false;
312 ctx->cache_rw = false;
313 break;
314 case Opt_cache_none:
315 ctx->direct_io = true;
316 ctx->strict_io = false;
317 ctx->cache_ro = false;
318 ctx->cache_rw = false;
319 break;
320 case Opt_cache_ro:
321 ctx->direct_io = false;
322 ctx->strict_io = false;
323 ctx->cache_ro = true;
324 ctx->cache_rw = false;
325 break;
326 case Opt_cache_rw:
327 ctx->direct_io = false;
328 ctx->strict_io = false;
329 ctx->cache_ro = false;
330 ctx->cache_rw = true;
331 break;
332 default:
333 cifs_errorf(fc, "bad cache= option: %s\n", value);
334 return 1;
335 }
336 return 0;
337 }
338
339 static const match_table_t reparse_flavor_tokens = {
340 { Opt_reparse_default, "default" },
341 { Opt_reparse_none, "none" },
342 { Opt_reparse_nfs, "nfs" },
343 { Opt_reparse_wsl, "wsl" },
344 { Opt_reparse_err, NULL },
345 };
346
parse_reparse_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)347 static int parse_reparse_flavor(struct fs_context *fc, char *value,
348 struct smb3_fs_context *ctx)
349 {
350 substring_t args[MAX_OPT_ARGS];
351
352 switch (match_token(value, reparse_flavor_tokens, args)) {
353 case Opt_reparse_default:
354 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
355 break;
356 case Opt_reparse_none:
357 ctx->reparse_type = CIFS_REPARSE_TYPE_NONE;
358 break;
359 case Opt_reparse_nfs:
360 ctx->reparse_type = CIFS_REPARSE_TYPE_NFS;
361 break;
362 case Opt_reparse_wsl:
363 ctx->reparse_type = CIFS_REPARSE_TYPE_WSL;
364 break;
365 default:
366 cifs_errorf(fc, "bad reparse= option: %s\n", value);
367 return 1;
368 }
369 return 0;
370 }
371
372 static const match_table_t symlink_flavor_tokens = {
373 { Opt_symlink_default, "default" },
374 { Opt_symlink_none, "none" },
375 { Opt_symlink_native, "native" },
376 { Opt_symlink_unix, "unix" },
377 { Opt_symlink_mfsymlinks, "mfsymlinks" },
378 { Opt_symlink_sfu, "sfu" },
379 { Opt_symlink_nfs, "nfs" },
380 { Opt_symlink_wsl, "wsl" },
381 { Opt_symlink_err, NULL },
382 };
383
parse_symlink_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)384 static int parse_symlink_flavor(struct fs_context *fc, char *value,
385 struct smb3_fs_context *ctx)
386 {
387 substring_t args[MAX_OPT_ARGS];
388
389 switch (match_token(value, symlink_flavor_tokens, args)) {
390 case Opt_symlink_default:
391 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
392 break;
393 case Opt_symlink_none:
394 ctx->symlink_type = CIFS_SYMLINK_TYPE_NONE;
395 break;
396 case Opt_symlink_native:
397 ctx->symlink_type = CIFS_SYMLINK_TYPE_NATIVE;
398 break;
399 case Opt_symlink_unix:
400 ctx->symlink_type = CIFS_SYMLINK_TYPE_UNIX;
401 break;
402 case Opt_symlink_mfsymlinks:
403 ctx->symlink_type = CIFS_SYMLINK_TYPE_MFSYMLINKS;
404 break;
405 case Opt_symlink_sfu:
406 ctx->symlink_type = CIFS_SYMLINK_TYPE_SFU;
407 break;
408 case Opt_symlink_nfs:
409 ctx->symlink_type = CIFS_SYMLINK_TYPE_NFS;
410 break;
411 case Opt_symlink_wsl:
412 ctx->symlink_type = CIFS_SYMLINK_TYPE_WSL;
413 break;
414 default:
415 cifs_errorf(fc, "bad symlink= option: %s\n", value);
416 return 1;
417 }
418 return 0;
419 }
420
421 #define DUP_CTX_STR(field) \
422 do { \
423 if (ctx->field) { \
424 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
425 if (new_ctx->field == NULL) { \
426 smb3_cleanup_fs_context_contents(new_ctx); \
427 return -ENOMEM; \
428 } \
429 } \
430 } while (0)
431
432 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)433 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
434 {
435 memcpy(new_ctx, ctx, sizeof(*ctx));
436 new_ctx->prepath = NULL;
437 new_ctx->nodename = NULL;
438 new_ctx->username = NULL;
439 new_ctx->password = NULL;
440 new_ctx->password2 = NULL;
441 new_ctx->server_hostname = NULL;
442 new_ctx->domainname = NULL;
443 new_ctx->UNC = NULL;
444 new_ctx->source = NULL;
445 new_ctx->iocharset = NULL;
446 new_ctx->leaf_fullpath = NULL;
447 new_ctx->dns_dom = NULL;
448 new_ctx->symlinkroot = NULL;
449 /*
450 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
451 */
452 DUP_CTX_STR(prepath);
453 DUP_CTX_STR(username);
454 DUP_CTX_STR(password);
455 DUP_CTX_STR(password2);
456 DUP_CTX_STR(server_hostname);
457 DUP_CTX_STR(UNC);
458 DUP_CTX_STR(source);
459 DUP_CTX_STR(domainname);
460 DUP_CTX_STR(nodename);
461 DUP_CTX_STR(iocharset);
462 DUP_CTX_STR(leaf_fullpath);
463 DUP_CTX_STR(dns_dom);
464 DUP_CTX_STR(symlinkroot);
465
466 return 0;
467 }
468
469 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)470 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
471 {
472 substring_t args[MAX_OPT_ARGS];
473
474 switch (match_token(value, cifs_smb_version_tokens, args)) {
475 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
476 case Smb_1:
477 if (disable_legacy_dialects) {
478 cifs_errorf(fc, "mount with legacy dialect disabled\n");
479 return 1;
480 }
481 if (is_smb3) {
482 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
483 return 1;
484 }
485 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
486 ctx->ops = &smb1_operations;
487 ctx->vals = &smb1_values;
488 break;
489 case Smb_20:
490 if (disable_legacy_dialects) {
491 cifs_errorf(fc, "mount with legacy dialect disabled\n");
492 return 1;
493 }
494 if (is_smb3) {
495 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
496 return 1;
497 }
498 ctx->ops = &smb20_operations;
499 ctx->vals = &smb20_values;
500 break;
501 #else
502 case Smb_1:
503 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
504 return 1;
505 case Smb_20:
506 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
507 return 1;
508 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
509 case Smb_21:
510 ctx->ops = &smb21_operations;
511 ctx->vals = &smb21_values;
512 break;
513 case Smb_30:
514 ctx->ops = &smb30_operations;
515 ctx->vals = &smb30_values;
516 break;
517 case Smb_302:
518 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
519 ctx->vals = &smb302_values;
520 break;
521 case Smb_311:
522 ctx->ops = &smb311_operations;
523 ctx->vals = &smb311_values;
524 break;
525 case Smb_3any:
526 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
527 ctx->vals = &smb3any_values;
528 break;
529 case Smb_default:
530 ctx->ops = &smb30_operations;
531 ctx->vals = &smbdefault_values;
532 break;
533 default:
534 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
535 return 1;
536 }
537 return 0;
538 }
539
smb3_parse_opt(const char * options,const char * key,char ** val)540 int smb3_parse_opt(const char *options, const char *key, char **val)
541 {
542 int rc = -ENOENT;
543 char *opts, *orig, *p;
544
545 orig = opts = kstrdup(options, GFP_KERNEL);
546 if (!opts)
547 return -ENOMEM;
548
549 while ((p = strsep(&opts, ","))) {
550 char *nval;
551
552 if (!*p)
553 continue;
554 if (strncasecmp(p, key, strlen(key)))
555 continue;
556 nval = strchr(p, '=');
557 if (nval) {
558 if (nval == p)
559 continue;
560 *nval++ = 0;
561 *val = kstrdup(nval, GFP_KERNEL);
562 rc = !*val ? -ENOMEM : 0;
563 goto out;
564 }
565 }
566 out:
567 kfree(orig);
568 return rc;
569 }
570
571 /*
572 * Remove duplicate path delimiters. Windows is supposed to do that
573 * but there are some bugs that prevent rename from working if there are
574 * multiple delimiters.
575 *
576 * Return a sanitized duplicate of @path or NULL for empty prefix paths.
577 * Otherwise, return ERR_PTR.
578 *
579 * @gfp indicates the GFP_* flags for kstrdup.
580 * The caller is responsible for freeing the original.
581 */
582 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
cifs_sanitize_prepath(char * prepath,gfp_t gfp)583 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
584 {
585 char *cursor1 = prepath, *cursor2 = prepath;
586 char *s;
587
588 /* skip all prepended delimiters */
589 while (IS_DELIM(*cursor1))
590 cursor1++;
591
592 /* copy the first letter */
593 *cursor2 = *cursor1;
594
595 /* copy the remainder... */
596 while (*(cursor1++)) {
597 /* ... skipping all duplicated delimiters */
598 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
599 continue;
600 *(++cursor2) = *cursor1;
601 }
602
603 /* if the last character is a delimiter, skip it */
604 if (IS_DELIM(*(cursor2 - 1)))
605 cursor2--;
606
607 *cursor2 = '\0';
608 if (!*prepath)
609 return NULL;
610 s = kstrdup(prepath, gfp);
611 if (!s)
612 return ERR_PTR(-ENOMEM);
613 return s;
614 }
615
616 /*
617 * Return full path based on the values of @ctx->{UNC,prepath}.
618 *
619 * It is assumed that both values were already parsed by smb3_parse_devname().
620 */
smb3_fs_context_fullpath(const struct smb3_fs_context * ctx,char dirsep)621 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep)
622 {
623 size_t ulen, plen;
624 char *s;
625
626 ulen = strlen(ctx->UNC);
627 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0;
628
629 s = kmalloc(ulen + plen + 1, GFP_KERNEL);
630 if (!s)
631 return ERR_PTR(-ENOMEM);
632 memcpy(s, ctx->UNC, ulen);
633 if (plen) {
634 s[ulen] = dirsep;
635 memcpy(s + ulen + 1, ctx->prepath, plen);
636 }
637 s[ulen + plen] = '\0';
638 convert_delimiter(s, dirsep);
639 return s;
640 }
641
642 /*
643 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
644 * fields with the result. Returns 0 on success and an error otherwise
645 * (e.g. ENOMEM or EINVAL)
646 */
647 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)648 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
649 {
650 char *pos;
651 const char *delims = "/\\";
652 size_t len;
653 int rc;
654
655 if (unlikely(!devname || !*devname)) {
656 cifs_dbg(VFS, "Device name not specified\n");
657 return -EINVAL;
658 }
659
660 /* make sure we have a valid UNC double delimiter prefix */
661 len = strspn(devname, delims);
662 if (len != 2)
663 return -EINVAL;
664
665 /* find delimiter between host and sharename */
666 pos = strpbrk(devname + 2, delims);
667 if (!pos)
668 return -EINVAL;
669
670 /* record the server hostname */
671 kfree(ctx->server_hostname);
672 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
673 if (!ctx->server_hostname)
674 return -ENOMEM;
675
676 /* skip past delimiter */
677 ++pos;
678
679 /* now go until next delimiter or end of string */
680 len = strcspn(pos, delims);
681 if (!len)
682 return -EINVAL;
683
684 /* move "pos" up to delimiter or NULL */
685 pos += len;
686 kfree(ctx->UNC);
687 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
688 if (!ctx->UNC)
689 return -ENOMEM;
690
691 convert_delimiter(ctx->UNC, '\\');
692
693 /* skip any delimiter */
694 if (*pos == '/' || *pos == '\\')
695 pos++;
696
697 kfree(ctx->prepath);
698 ctx->prepath = NULL;
699
700 /* If pos is NULL then no prepath */
701 if (!*pos)
702 return 0;
703
704 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
705 if (IS_ERR(ctx->prepath)) {
706 rc = PTR_ERR(ctx->prepath);
707 ctx->prepath = NULL;
708 return rc;
709 }
710
711 return 0;
712 }
713
smb3_handle_conflicting_options(struct fs_context * fc)714 static int smb3_handle_conflicting_options(struct fs_context *fc)
715 {
716 struct smb3_fs_context *ctx = smb3_fc2context(fc);
717
718 if (ctx->multichannel_specified) {
719 if (ctx->multichannel) {
720 if (!ctx->max_channels_specified) {
721 ctx->max_channels = 2;
722 } else if (ctx->max_channels == 1) {
723 cifs_errorf(fc,
724 "max_channels must be greater than 1 when multichannel is enabled\n");
725 return -EINVAL;
726 }
727 } else {
728 if (!ctx->max_channels_specified) {
729 ctx->max_channels = 1;
730 } else if (ctx->max_channels > 1) {
731 cifs_errorf(fc,
732 "max_channels must be equal to 1 when multichannel is disabled\n");
733 return -EINVAL;
734 }
735 }
736 } else {
737 if (ctx->max_channels_specified) {
738 if (ctx->max_channels > 1)
739 ctx->multichannel = true;
740 else
741 ctx->multichannel = false;
742 } else {
743 ctx->multichannel = false;
744 ctx->max_channels = 1;
745 }
746 }
747
748 //resetting default values as remount doesn't initialize fs_context again
749 ctx->multichannel_specified = false;
750 ctx->max_channels_specified = false;
751
752 return 0;
753 }
754
755 static void smb3_fs_context_free(struct fs_context *fc);
756 static int smb3_fs_context_parse_param(struct fs_context *fc,
757 struct fs_parameter *param);
758 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
759 void *data);
760 static int smb3_get_tree(struct fs_context *fc);
761 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels);
762 static int smb3_reconfigure(struct fs_context *fc);
763
764 static const struct fs_context_operations smb3_fs_context_ops = {
765 .free = smb3_fs_context_free,
766 .parse_param = smb3_fs_context_parse_param,
767 .parse_monolithic = smb3_fs_context_parse_monolithic,
768 .get_tree = smb3_get_tree,
769 .reconfigure = smb3_reconfigure,
770 };
771
772 /*
773 * Parse a monolithic block of data from sys_mount().
774 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
775 * @ctx: The superblock configuration to fill in.
776 * @data: The data to parse
777 *
778 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
779 * called from the ->monolithic_mount_data() fs_context operation.
780 *
781 * Returns 0 on success or the error returned by the ->parse_option() fs_context
782 * operation on failure.
783 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)784 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
785 void *data)
786 {
787 char *options = data, *key;
788 int ret = 0;
789
790 if (!options)
791 return 0;
792
793 ret = security_sb_eat_lsm_opts(options, &fc->security);
794 if (ret)
795 return ret;
796
797 /* BB Need to add support for sep= here TBD */
798 while ((key = strsep(&options, ",")) != NULL) {
799 size_t len;
800 char *value;
801
802 if (*key == 0)
803 break;
804
805 /* Check if following character is the deliminator If yes,
806 * we have encountered a double deliminator reset the NULL
807 * character to the deliminator
808 */
809 while (options && options[0] == ',') {
810 len = strlen(key);
811 strcpy(key + len, options);
812 options = strchr(options, ',');
813 if (options)
814 *options++ = 0;
815 }
816
817
818 value = strchr(key, '=');
819 if (value) {
820 if (value == key)
821 continue;
822 *value++ = 0;
823 }
824
825 ret = vfs_parse_fs_string(fc, key, value);
826 if (ret < 0)
827 break;
828 }
829 ret = smb3_handle_conflicting_options(fc);
830
831 return ret;
832 }
833
834 /*
835 * Validate the preparsed information in the config.
836 */
smb3_fs_context_validate(struct fs_context * fc)837 static int smb3_fs_context_validate(struct fs_context *fc)
838 {
839 struct smb3_fs_context *ctx = smb3_fc2context(fc);
840
841 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
842 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
843 return -EOPNOTSUPP;
844 }
845
846 #ifndef CONFIG_KEYS
847 /* Muliuser mounts require CONFIG_KEYS support */
848 if (ctx->multiuser) {
849 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
850 return -1;
851 }
852 #endif
853
854 if (ctx->got_version == false)
855 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
856
857
858 if (!ctx->UNC) {
859 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
860 return -1;
861 }
862
863 /* make sure UNC has a share name */
864 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
865 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
866 return -ENOENT;
867 }
868
869 if (!ctx->got_ip) {
870 int len;
871 const char *slash;
872
873 /* No ip= option specified? Try to get it from UNC */
874 /* Use the address part of the UNC. */
875 slash = strchr(&ctx->UNC[2], '\\');
876 len = slash - &ctx->UNC[2];
877 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
878 &ctx->UNC[2], len)) {
879 pr_err("Unable to determine destination address\n");
880 return -EHOSTUNREACH;
881 }
882 }
883
884 /* set the port that we got earlier */
885 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
886
887 if (ctx->uid_specified && !ctx->forceuid_specified) {
888 ctx->override_uid = 1;
889 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n");
890 }
891
892 if (ctx->gid_specified && !ctx->forcegid_specified) {
893 ctx->override_gid = 1;
894 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n");
895 }
896
897 if (ctx->override_uid && !ctx->uid_specified) {
898 ctx->override_uid = 0;
899 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
900 }
901
902 if (ctx->override_gid && !ctx->gid_specified) {
903 ctx->override_gid = 0;
904 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
905 }
906
907 return 0;
908 }
909
smb3_get_tree_common(struct fs_context * fc)910 static int smb3_get_tree_common(struct fs_context *fc)
911 {
912 struct smb3_fs_context *ctx = smb3_fc2context(fc);
913 struct dentry *root;
914 int rc = 0;
915
916 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
917 if (IS_ERR(root))
918 return PTR_ERR(root);
919
920 fc->root = root;
921
922 return rc;
923 }
924
925 /*
926 * Create an SMB3 superblock from the parameters passed.
927 */
smb3_get_tree(struct fs_context * fc)928 static int smb3_get_tree(struct fs_context *fc)
929 {
930 int err = smb3_fs_context_validate(fc);
931 int ret;
932
933 if (err)
934 return err;
935 cifs_mount_lock();
936 ret = smb3_get_tree_common(fc);
937 cifs_mount_unlock();
938 return ret;
939 }
940
smb3_fs_context_free(struct fs_context * fc)941 static void smb3_fs_context_free(struct fs_context *fc)
942 {
943 struct smb3_fs_context *ctx = smb3_fc2context(fc);
944
945 smb3_cleanup_fs_context(ctx);
946 }
947
948 /*
949 * Compare the old and new proposed context during reconfigure
950 * and check if the changes are compatible.
951 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx,bool need_recon)952 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
953 struct smb3_fs_context *new_ctx,
954 struct smb3_fs_context *old_ctx, bool need_recon)
955 {
956 if (new_ctx->posix_paths != old_ctx->posix_paths) {
957 cifs_errorf(fc, "can not change posixpaths during remount\n");
958 return -EINVAL;
959 }
960 if (new_ctx->sectype != old_ctx->sectype) {
961 cifs_errorf(fc, "can not change sec during remount\n");
962 return -EINVAL;
963 }
964 if (new_ctx->multiuser != old_ctx->multiuser) {
965 cifs_errorf(fc, "can not change multiuser during remount\n");
966 return -EINVAL;
967 }
968 if (new_ctx->UNC &&
969 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
970 cifs_errorf(fc, "can not change UNC during remount\n");
971 return -EINVAL;
972 }
973 if (new_ctx->username &&
974 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
975 cifs_errorf(fc, "can not change username during remount\n");
976 return -EINVAL;
977 }
978 if (new_ctx->password &&
979 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
980 if (need_recon == false) {
981 cifs_errorf(fc,
982 "can not change password of active session during remount\n");
983 return -EINVAL;
984 } else if (old_ctx->sectype == Kerberos) {
985 cifs_errorf(fc,
986 "can not change password for Kerberos via remount\n");
987 return -EINVAL;
988 }
989 }
990 if (new_ctx->domainname &&
991 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
992 cifs_errorf(fc, "can not change domainname during remount\n");
993 return -EINVAL;
994 }
995 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
996 cifs_errorf(fc, "can not change workstation_name during remount\n");
997 return -EINVAL;
998 }
999 if (new_ctx->nodename &&
1000 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
1001 cifs_errorf(fc, "can not change nodename during remount\n");
1002 return -EINVAL;
1003 }
1004 if (new_ctx->iocharset &&
1005 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
1006 cifs_errorf(fc, "can not change iocharset during remount\n");
1007 return -EINVAL;
1008 }
1009 if (new_ctx->unicode != old_ctx->unicode) {
1010 cifs_errorf(fc, "can not change unicode during remount\n");
1011 return -EINVAL;
1012 }
1013 if (new_ctx->rfc1001_sessinit != old_ctx->rfc1001_sessinit) {
1014 cifs_errorf(fc, "can not change nbsessinit during remount\n");
1015 return -EINVAL;
1016 }
1017
1018 return 0;
1019 }
1020
1021 #define STEAL_STRING(cifs_sb, ctx, field) \
1022 do { \
1023 kfree(ctx->field); \
1024 ctx->field = cifs_sb->ctx->field; \
1025 cifs_sb->ctx->field = NULL; \
1026 } while (0)
1027
1028 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \
1029 do { \
1030 kfree_sensitive(ctx->field); \
1031 ctx->field = cifs_sb->ctx->field; \
1032 cifs_sb->ctx->field = NULL; \
1033 } while (0)
1034
smb3_sync_session_ctx_passwords(struct cifs_sb_info * cifs_sb,struct cifs_ses * ses)1035 int smb3_sync_session_ctx_passwords(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses)
1036 {
1037 if (ses->password &&
1038 cifs_sb->ctx->password &&
1039 strcmp(ses->password, cifs_sb->ctx->password)) {
1040 kfree_sensitive(cifs_sb->ctx->password);
1041 cifs_sb->ctx->password = kstrdup(ses->password, GFP_KERNEL);
1042 if (!cifs_sb->ctx->password)
1043 return -ENOMEM;
1044 }
1045 if (ses->password2 &&
1046 cifs_sb->ctx->password2 &&
1047 strcmp(ses->password2, cifs_sb->ctx->password2)) {
1048 kfree_sensitive(cifs_sb->ctx->password2);
1049 cifs_sb->ctx->password2 = kstrdup(ses->password2, GFP_KERNEL);
1050 if (!cifs_sb->ctx->password2) {
1051 kfree_sensitive(cifs_sb->ctx->password);
1052 cifs_sb->ctx->password = NULL;
1053 return -ENOMEM;
1054 }
1055 }
1056 return 0;
1057 }
1058
1059 /*
1060 * smb3_sync_ses_chan_max - Synchronize the session's maximum channel count
1061 * @ses: pointer to the old CIFS session structure
1062 * @max_channels: new maximum number of channels to allow
1063 *
1064 * Updates the session's chan_max field to the new value, protecting the update
1065 * with the session's channel lock. This should be called whenever the maximum
1066 * allowed channels for a session changes (e.g., after a remount or reconfigure).
1067 */
smb3_sync_ses_chan_max(struct cifs_ses * ses,unsigned int max_channels)1068 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels)
1069 {
1070 spin_lock(&ses->chan_lock);
1071 ses->chan_max = max_channels;
1072 spin_unlock(&ses->chan_lock);
1073 }
1074
smb3_reconfigure(struct fs_context * fc)1075 static int smb3_reconfigure(struct fs_context *fc)
1076 {
1077 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1078 struct dentry *root = fc->root;
1079 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
1080 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses;
1081 unsigned int rsize = ctx->rsize, wsize = ctx->wsize;
1082 char *new_password = NULL, *new_password2 = NULL;
1083 bool need_recon = false;
1084 int rc;
1085
1086 if (ses->expired_pwd)
1087 need_recon = true;
1088
1089 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon);
1090 if (rc)
1091 return rc;
1092
1093 /*
1094 * We can not change UNC/username/password/domainname/
1095 * workstation_name/nodename/iocharset
1096 * during reconnect so ignore what we have in the new context and
1097 * just use what we already have in cifs_sb->ctx.
1098 */
1099 STEAL_STRING(cifs_sb, ctx, UNC);
1100 STEAL_STRING(cifs_sb, ctx, source);
1101 STEAL_STRING(cifs_sb, ctx, username);
1102
1103 if (need_recon == false)
1104 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1105 else {
1106 if (ctx->password) {
1107 new_password = kstrdup(ctx->password, GFP_KERNEL);
1108 if (!new_password)
1109 return -ENOMEM;
1110 } else
1111 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1112 }
1113
1114 /*
1115 * if a new password2 has been specified, then reset it's value
1116 * inside the ses struct
1117 */
1118 if (ctx->password2) {
1119 new_password2 = kstrdup(ctx->password2, GFP_KERNEL);
1120 if (!new_password2) {
1121 kfree_sensitive(new_password);
1122 return -ENOMEM;
1123 }
1124 } else
1125 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password2);
1126
1127 /*
1128 * we may update the passwords in the ses struct below. Make sure we do
1129 * not race with smb2_reconnect
1130 */
1131 mutex_lock(&ses->session_mutex);
1132
1133 /*
1134 * smb2_reconnect may swap password and password2 in case session setup
1135 * failed. First get ctx passwords in sync with ses passwords. It should
1136 * be okay to do this even if this function were to return an error at a
1137 * later stage
1138 */
1139 rc = smb3_sync_session_ctx_passwords(cifs_sb, ses);
1140 if (rc) {
1141 mutex_unlock(&ses->session_mutex);
1142 kfree_sensitive(new_password);
1143 kfree_sensitive(new_password2);
1144 return rc;
1145 }
1146
1147 /*
1148 * now that allocations for passwords are done, commit them
1149 */
1150 if (new_password) {
1151 kfree_sensitive(ses->password);
1152 ses->password = new_password;
1153 }
1154 if (new_password2) {
1155 kfree_sensitive(ses->password2);
1156 ses->password2 = new_password2;
1157 }
1158
1159 /*
1160 * If multichannel or max_channels has changed, update the session's channels accordingly.
1161 * This may add or remove channels to match the new configuration.
1162 */
1163 if ((ctx->multichannel != cifs_sb->ctx->multichannel) ||
1164 (ctx->max_channels != cifs_sb->ctx->max_channels)) {
1165
1166 /* Synchronize ses->chan_max with the new mount context */
1167 smb3_sync_ses_chan_max(ses, ctx->max_channels);
1168 /* Now update the session's channels to match the new configuration */
1169 /* Prevent concurrent scaling operations */
1170 spin_lock(&ses->ses_lock);
1171 if (ses->flags & CIFS_SES_FLAG_SCALE_CHANNELS) {
1172 spin_unlock(&ses->ses_lock);
1173 mutex_unlock(&ses->session_mutex);
1174 return -EINVAL;
1175 }
1176 ses->flags |= CIFS_SES_FLAG_SCALE_CHANNELS;
1177 spin_unlock(&ses->ses_lock);
1178
1179 mutex_unlock(&ses->session_mutex);
1180
1181 rc = smb3_update_ses_channels(ses, ses->server,
1182 false /* from_reconnect */,
1183 false /* disable_mchan */);
1184
1185 /* Clear scaling flag after operation */
1186 spin_lock(&ses->ses_lock);
1187 ses->flags &= ~CIFS_SES_FLAG_SCALE_CHANNELS;
1188 spin_unlock(&ses->ses_lock);
1189 } else {
1190 mutex_unlock(&ses->session_mutex);
1191 }
1192
1193 STEAL_STRING(cifs_sb, ctx, domainname);
1194 STEAL_STRING(cifs_sb, ctx, nodename);
1195 STEAL_STRING(cifs_sb, ctx, iocharset);
1196
1197 /* if rsize or wsize not passed in on remount, use previous values */
1198 ctx->rsize = rsize ? CIFS_ALIGN_RSIZE(fc, rsize) : cifs_sb->ctx->rsize;
1199 ctx->wsize = wsize ? CIFS_ALIGN_WSIZE(fc, wsize) : cifs_sb->ctx->wsize;
1200
1201 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
1202 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
1203 smb3_update_mnt_flags(cifs_sb);
1204 #ifdef CONFIG_CIFS_DFS_UPCALL
1205 if (!rc)
1206 rc = dfs_cache_remount_fs(cifs_sb);
1207 #endif
1208
1209 return rc;
1210 }
1211
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)1212 static int smb3_fs_context_parse_param(struct fs_context *fc,
1213 struct fs_parameter *param)
1214 {
1215 struct fs_parse_result result;
1216 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1217 int i, opt;
1218 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
1219 bool skip_parsing = false;
1220 char *hostname;
1221
1222 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
1223
1224 /*
1225 * fs_parse can not handle string options with an empty value so
1226 * we will need special handling of them.
1227 */
1228 if (param->type == fs_value_is_string && param->string[0] == 0) {
1229 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
1230 skip_parsing = true;
1231 opt = Opt_pass;
1232 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
1233 skip_parsing = true;
1234 opt = Opt_user;
1235 } else if (!strcmp("pass2", param->key) || !strcmp("password2", param->key)) {
1236 skip_parsing = true;
1237 opt = Opt_pass2;
1238 }
1239 }
1240
1241 if (!skip_parsing) {
1242 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
1243 if (opt < 0)
1244 return ctx->sloppy ? 1 : opt;
1245 }
1246
1247 switch (opt) {
1248 case Opt_compress:
1249 if (!IS_ENABLED(CONFIG_CIFS_COMPRESSION)) {
1250 cifs_errorf(fc, "CONFIG_CIFS_COMPRESSION kernel config option is unset\n");
1251 goto cifs_parse_mount_err;
1252 }
1253 ctx->compress = true;
1254 cifs_dbg(VFS, "SMB3 compression support is experimental\n");
1255 break;
1256 case Opt_nodfs:
1257 ctx->nodfs = 1;
1258 break;
1259 case Opt_hard:
1260 if (result.negated) {
1261 if (ctx->retry == 1)
1262 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n");
1263 ctx->retry = 0;
1264 } else
1265 ctx->retry = 1;
1266 break;
1267 case Opt_soft:
1268 if (result.negated)
1269 ctx->retry = 1;
1270 else {
1271 if (ctx->retry == 1)
1272 cifs_dbg(VFS, "conflicting hard vs soft mount options\n");
1273 ctx->retry = 0;
1274 }
1275 break;
1276 case Opt_mapposix:
1277 if (result.negated)
1278 ctx->remap = false;
1279 else {
1280 ctx->remap = true;
1281 ctx->sfu_remap = false; /* disable SFU mapping */
1282 }
1283 break;
1284 case Opt_mapchars:
1285 if (result.negated)
1286 ctx->sfu_remap = false;
1287 else {
1288 ctx->sfu_remap = true;
1289 ctx->remap = false; /* disable SFM (mapposix) mapping */
1290 }
1291 break;
1292 case Opt_user_xattr:
1293 if (result.negated)
1294 ctx->no_xattr = 1;
1295 else
1296 ctx->no_xattr = 0;
1297 break;
1298 case Opt_forceuid:
1299 if (result.negated)
1300 ctx->override_uid = 0;
1301 else
1302 ctx->override_uid = 1;
1303 ctx->forceuid_specified = true;
1304 break;
1305 case Opt_forcegid:
1306 if (result.negated)
1307 ctx->override_gid = 0;
1308 else
1309 ctx->override_gid = 1;
1310 ctx->forcegid_specified = true;
1311 break;
1312 case Opt_perm:
1313 if (result.negated)
1314 ctx->noperm = 1;
1315 else
1316 ctx->noperm = 0;
1317 break;
1318 case Opt_dynperm:
1319 if (result.negated)
1320 ctx->dynperm = 0;
1321 else
1322 ctx->dynperm = 1;
1323 break;
1324 case Opt_sfu:
1325 if (result.negated)
1326 ctx->sfu_emul = 0;
1327 else
1328 ctx->sfu_emul = 1;
1329 break;
1330 case Opt_noblocksend:
1331 ctx->noblocksnd = 1;
1332 break;
1333 case Opt_noautotune:
1334 ctx->noautotune = 1;
1335 break;
1336 case Opt_nolease:
1337 ctx->no_lease = 1;
1338 break;
1339 case Opt_nosparse:
1340 ctx->no_sparse = 1;
1341 break;
1342 case Opt_nodelete:
1343 ctx->nodelete = 1;
1344 break;
1345 case Opt_multichannel:
1346 ctx->multichannel_specified = true;
1347 if (result.negated)
1348 ctx->multichannel = false;
1349 else
1350 ctx->multichannel = true;
1351 break;
1352 case Opt_uid:
1353 ctx->linux_uid = result.uid;
1354 ctx->uid_specified = true;
1355 break;
1356 case Opt_cruid:
1357 ctx->cred_uid = result.uid;
1358 ctx->cruid_specified = true;
1359 break;
1360 case Opt_backupuid:
1361 ctx->backupuid = result.uid;
1362 ctx->backupuid_specified = true;
1363 break;
1364 case Opt_backupgid:
1365 ctx->backupgid = result.gid;
1366 ctx->backupgid_specified = true;
1367 break;
1368 case Opt_gid:
1369 ctx->linux_gid = result.gid;
1370 ctx->gid_specified = true;
1371 break;
1372 case Opt_port:
1373 ctx->port = result.uint_32;
1374 break;
1375 case Opt_file_mode:
1376 ctx->file_mode = result.uint_32;
1377 break;
1378 case Opt_dirmode:
1379 ctx->dir_mode = result.uint_32;
1380 break;
1381 case Opt_min_enc_offload:
1382 ctx->min_offload = result.uint_32;
1383 break;
1384 case Opt_retrans:
1385 ctx->retrans = result.uint_32;
1386 break;
1387 case Opt_blocksize:
1388 /*
1389 * inode blocksize realistically should never need to be
1390 * less than 16K or greater than 16M and default is 1MB.
1391 * Note that small inode block sizes (e.g. 64K) can lead
1392 * to very poor performance of common tools like cp and scp
1393 */
1394 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1395 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1396 cifs_errorf(fc, "%s: Invalid blocksize\n",
1397 __func__);
1398 goto cifs_parse_mount_err;
1399 }
1400 ctx->bsize = CIFS_ALIGN_BSIZE(fc, result.uint_32);
1401 ctx->got_bsize = true;
1402 break;
1403 case Opt_rasize:
1404 /*
1405 * readahead size realistically should never need to be
1406 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1407 * (perhaps an exception should be considered in the
1408 * for the case of a large number of channels
1409 * when multichannel is negotiated) since that would lead
1410 * to plenty of parallel I/O in flight to the server.
1411 * Note that smaller read ahead sizes would
1412 * hurt performance of common tools like cp and scp
1413 * which often trigger sequential i/o with read ahead
1414 */
1415 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1416 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1417 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1418 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1419 goto cifs_parse_mount_err;
1420 }
1421 ctx->rasize = result.uint_32;
1422 break;
1423 case Opt_rsize:
1424 ctx->rsize = CIFS_ALIGN_RSIZE(fc, result.uint_32);
1425 ctx->got_rsize = true;
1426 ctx->vol_rsize = ctx->rsize;
1427 break;
1428 case Opt_wsize:
1429 ctx->wsize = CIFS_ALIGN_WSIZE(fc, result.uint_32);
1430 ctx->got_wsize = true;
1431 ctx->vol_wsize = ctx->wsize;
1432 break;
1433 case Opt_acregmax:
1434 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1435 cifs_errorf(fc, "acregmax too large\n");
1436 goto cifs_parse_mount_err;
1437 }
1438 ctx->acregmax = HZ * result.uint_32;
1439 break;
1440 case Opt_acdirmax:
1441 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1442 cifs_errorf(fc, "acdirmax too large\n");
1443 goto cifs_parse_mount_err;
1444 }
1445 ctx->acdirmax = HZ * result.uint_32;
1446 break;
1447 case Opt_actimeo:
1448 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1449 cifs_errorf(fc, "timeout too large\n");
1450 goto cifs_parse_mount_err;
1451 }
1452 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1453 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1454 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1455 break;
1456 }
1457 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1458 break;
1459 case Opt_closetimeo:
1460 if (result.uint_32 > SMB3_MAX_DCLOSETIMEO / HZ) {
1461 cifs_errorf(fc, "closetimeo too large\n");
1462 goto cifs_parse_mount_err;
1463 }
1464 ctx->closetimeo = HZ * result.uint_32;
1465 break;
1466 case Opt_echo_interval:
1467 if (result.uint_32 < SMB_ECHO_INTERVAL_MIN ||
1468 result.uint_32 > SMB_ECHO_INTERVAL_MAX) {
1469 cifs_errorf(fc, "echo interval is out of bounds\n");
1470 goto cifs_parse_mount_err;
1471 }
1472 ctx->echo_interval = result.uint_32;
1473 break;
1474 case Opt_snapshot:
1475 ctx->snapshot_time = result.uint_64;
1476 break;
1477 case Opt_max_credits:
1478 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1479 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1480 __func__);
1481 goto cifs_parse_mount_err;
1482 }
1483 ctx->max_credits = result.uint_32;
1484 break;
1485 case Opt_max_channels:
1486 ctx->max_channels_specified = true;
1487 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1488 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1489 __func__, CIFS_MAX_CHANNELS);
1490 goto cifs_parse_mount_err;
1491 }
1492 ctx->max_channels = result.uint_32;
1493 break;
1494 case Opt_max_cached_dirs:
1495 if (result.uint_32 < 1) {
1496 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n",
1497 __func__);
1498 goto cifs_parse_mount_err;
1499 }
1500 ctx->max_cached_dirs = result.uint_32;
1501 break;
1502 case Opt_handletimeout:
1503 ctx->handle_timeout = result.uint_32;
1504 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1505 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1506 goto cifs_parse_mount_err;
1507 }
1508 break;
1509 case Opt_source:
1510 kfree(ctx->UNC);
1511 ctx->UNC = NULL;
1512 switch (smb3_parse_devname(param->string, ctx)) {
1513 case 0:
1514 break;
1515 case -ENOMEM:
1516 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1517 goto cifs_parse_mount_err;
1518 case -EINVAL:
1519 cifs_errorf(fc, "Malformed UNC in devname\n");
1520 goto cifs_parse_mount_err;
1521 default:
1522 cifs_errorf(fc, "Unknown error parsing devname\n");
1523 goto cifs_parse_mount_err;
1524 }
1525 kfree(ctx->source);
1526 ctx->source = smb3_fs_context_fullpath(ctx, '/');
1527 if (IS_ERR(ctx->source)) {
1528 ctx->source = NULL;
1529 cifs_errorf(fc, "OOM when copying UNC string\n");
1530 goto cifs_parse_mount_err;
1531 }
1532 kfree(fc->source);
1533 fc->source = kstrdup(ctx->source, GFP_KERNEL);
1534 if (fc->source == NULL) {
1535 cifs_errorf(fc, "OOM when copying UNC string\n");
1536 goto cifs_parse_mount_err;
1537 }
1538 hostname = extract_hostname(ctx->UNC);
1539 if (IS_ERR(hostname)) {
1540 cifs_errorf(fc, "Cannot extract hostname from UNC string\n");
1541 goto cifs_parse_mount_err;
1542 }
1543 /* last byte, type, is 0x20 for servr type */
1544 memset(ctx->target_rfc1001_name, 0x20, RFC1001_NAME_LEN_WITH_NULL);
1545 for (i = 0; i < RFC1001_NAME_LEN && hostname[i] != 0; i++)
1546 ctx->target_rfc1001_name[i] = toupper(hostname[i]);
1547 kfree(hostname);
1548 break;
1549 case Opt_user:
1550 kfree(ctx->username);
1551 ctx->username = NULL;
1552 if (ctx->nullauth)
1553 break;
1554 if (strlen(param->string) == 0) {
1555 /* null user, ie. anonymous authentication */
1556 ctx->nullauth = 1;
1557 break;
1558 }
1559
1560 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) ==
1561 CIFS_MAX_USERNAME_LEN) {
1562 pr_warn("username too long\n");
1563 goto cifs_parse_mount_err;
1564 }
1565 ctx->username = no_free_ptr(param->string);
1566 break;
1567 case Opt_pass:
1568 kfree_sensitive(ctx->password);
1569 ctx->password = NULL;
1570 if (strlen(param->string) == 0)
1571 break;
1572 ctx->password = no_free_ptr(param->string);
1573 break;
1574 case Opt_pass2:
1575 kfree_sensitive(ctx->password2);
1576 ctx->password2 = NULL;
1577 if (strlen(param->string) == 0)
1578 break;
1579 ctx->password2 = no_free_ptr(param->string);
1580 break;
1581 case Opt_ip:
1582 if (strlen(param->string) == 0) {
1583 ctx->got_ip = false;
1584 break;
1585 }
1586 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1587 param->string,
1588 strlen(param->string))) {
1589 pr_err("bad ip= option (%s)\n", param->string);
1590 goto cifs_parse_mount_err;
1591 }
1592 ctx->got_ip = true;
1593 break;
1594 case Opt_domain:
1595 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1596 == CIFS_MAX_DOMAINNAME_LEN) {
1597 pr_warn("domain name too long\n");
1598 goto cifs_parse_mount_err;
1599 }
1600
1601 kfree(ctx->domainname);
1602 ctx->domainname = no_free_ptr(param->string);
1603 cifs_dbg(FYI, "Domain name set\n");
1604 break;
1605 case Opt_srcaddr:
1606 if (!cifs_convert_address(
1607 (struct sockaddr *)&ctx->srcaddr,
1608 param->string, strlen(param->string))) {
1609 pr_warn("Could not parse srcaddr: %s\n",
1610 param->string);
1611 goto cifs_parse_mount_err;
1612 }
1613 break;
1614 case Opt_iocharset:
1615 if (strnlen(param->string, 1024) >= 65) {
1616 pr_warn("iocharset name too long\n");
1617 goto cifs_parse_mount_err;
1618 }
1619
1620 if (strncasecmp(param->string, "default", 7) != 0) {
1621 kfree(ctx->iocharset);
1622 ctx->iocharset = no_free_ptr(param->string);
1623 }
1624 /* if iocharset not set then load_nls_default
1625 * is used by caller
1626 */
1627 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1628 break;
1629 case Opt_netbiosname:
1630 memset(ctx->source_rfc1001_name, 0x20,
1631 RFC1001_NAME_LEN);
1632 /*
1633 * FIXME: are there cases in which a comma can
1634 * be valid in workstation netbios name (and
1635 * need special handling)?
1636 */
1637 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1638 /* don't ucase netbiosname for user */
1639 if (param->string[i] == 0)
1640 break;
1641 ctx->source_rfc1001_name[i] = param->string[i];
1642 }
1643 /* The string has 16th byte zero still from
1644 * set at top of the function
1645 */
1646 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1647 pr_warn("netbiosname longer than 15 truncated\n");
1648 break;
1649 case Opt_servern:
1650 /* last byte, type, is 0x20 for servr type */
1651 memset(ctx->target_rfc1001_name, 0x20,
1652 RFC1001_NAME_LEN_WITH_NULL);
1653 /*
1654 * BB are there cases in which a comma can be valid in this
1655 * workstation netbios name (and need special handling)?
1656 */
1657
1658 /* user or mount helper must uppercase the netbios name */
1659 for (i = 0; i < 15; i++) {
1660 if (param->string[i] == 0)
1661 break;
1662 ctx->target_rfc1001_name[i] = param->string[i];
1663 }
1664
1665 /* The string has 16th byte zero still from set at top of function */
1666 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1667 pr_warn("server netbiosname longer than 15 truncated\n");
1668 break;
1669 case Opt_nbsessinit:
1670 ctx->rfc1001_sessinit = !result.negated;
1671 cifs_dbg(FYI, "rfc1001_sessinit set to %d\n", ctx->rfc1001_sessinit);
1672 break;
1673 case Opt_ver:
1674 /* version of mount userspace tools, not dialect */
1675 /* If interface changes in mount.cifs bump to new ver */
1676 if (strncasecmp(param->string, "1", 1) == 0) {
1677 if (strlen(param->string) > 1) {
1678 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1679 param->string);
1680 goto cifs_parse_mount_err;
1681 }
1682 /* This is the default */
1683 break;
1684 }
1685 /* For all other value, error */
1686 pr_warn("Invalid mount helper version specified\n");
1687 goto cifs_parse_mount_err;
1688 case Opt_vers:
1689 /* protocol version (dialect) */
1690 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1691 goto cifs_parse_mount_err;
1692 ctx->got_version = true;
1693 break;
1694 case Opt_sec:
1695 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1696 goto cifs_parse_mount_err;
1697 break;
1698 case Opt_upcalltarget:
1699 if (cifs_parse_upcall_target(fc, param->string, ctx) != 0)
1700 goto cifs_parse_mount_err;
1701 break;
1702 case Opt_cache:
1703 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1704 goto cifs_parse_mount_err;
1705 break;
1706 case Opt_witness:
1707 #ifndef CONFIG_CIFS_SWN_UPCALL
1708 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1709 goto cifs_parse_mount_err;
1710 #endif
1711 ctx->witness = true;
1712 pr_warn_once("Witness protocol support is experimental\n");
1713 break;
1714 case Opt_unicode:
1715 ctx->unicode = !result.negated;
1716 cifs_dbg(FYI, "unicode set to %d\n", ctx->unicode);
1717 break;
1718 case Opt_rootfs:
1719 #ifndef CONFIG_CIFS_ROOT
1720 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1721 goto cifs_parse_mount_err;
1722 #endif
1723 ctx->rootfs = true;
1724 break;
1725 case Opt_posixpaths:
1726 if (result.negated)
1727 ctx->posix_paths = 0;
1728 else
1729 ctx->posix_paths = 1;
1730 break;
1731 case Opt_unix:
1732 if (result.negated) {
1733 if (ctx->linux_ext == 1)
1734 pr_warn_once("conflicting posix mount options specified\n");
1735 ctx->linux_ext = 0;
1736 ctx->no_linux_ext = 1;
1737 } else {
1738 if (ctx->no_linux_ext == 1)
1739 pr_warn_once("conflicting posix mount options specified\n");
1740 ctx->linux_ext = 1;
1741 ctx->no_linux_ext = 0;
1742 ctx->nonativesocket = 1; /* POSIX mounts use NFS style reparse points */
1743 }
1744 break;
1745 case Opt_nocase:
1746 ctx->nocase = 1;
1747 break;
1748 case Opt_brl:
1749 if (result.negated) {
1750 /*
1751 * turn off mandatory locking in mode
1752 * if remote locking is turned off since the
1753 * local vfs will do advisory
1754 */
1755 if (ctx->file_mode ==
1756 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1757 ctx->file_mode = S_IALLUGO;
1758 ctx->nobrl = 1;
1759 } else
1760 ctx->nobrl = 0;
1761 break;
1762 case Opt_handlecache:
1763 if (result.negated)
1764 ctx->nohandlecache = 1;
1765 else
1766 ctx->nohandlecache = 0;
1767 break;
1768 case Opt_forcemandatorylock:
1769 ctx->mand_lock = 1;
1770 break;
1771 case Opt_setuids:
1772 ctx->setuids = result.negated;
1773 break;
1774 case Opt_intr:
1775 ctx->intr = !result.negated;
1776 break;
1777 case Opt_setuidfromacl:
1778 ctx->setuidfromacl = 1;
1779 break;
1780 case Opt_strictsync:
1781 ctx->nostrictsync = result.negated;
1782 break;
1783 case Opt_serverino:
1784 ctx->server_ino = !result.negated;
1785 break;
1786 case Opt_rwpidforward:
1787 ctx->rwpidforward = 1;
1788 break;
1789 case Opt_modesid:
1790 ctx->mode_ace = 1;
1791 break;
1792 case Opt_cifsacl:
1793 ctx->cifs_acl = !result.negated;
1794 break;
1795 case Opt_acl:
1796 ctx->no_psx_acl = result.negated;
1797 break;
1798 case Opt_locallease:
1799 ctx->local_lease = 1;
1800 break;
1801 case Opt_sign:
1802 ctx->sign = true;
1803 break;
1804 case Opt_ignore_signature:
1805 ctx->sign = true;
1806 ctx->ignore_signature = true;
1807 break;
1808 case Opt_seal:
1809 /* we do not do the following in secFlags because seal
1810 * is a per tree connection (mount) not a per socket
1811 * or per-smb connection option in the protocol
1812 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1813 */
1814 ctx->seal = 1;
1815 break;
1816 case Opt_noac:
1817 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1818 break;
1819 case Opt_fsc:
1820 #ifndef CONFIG_CIFS_FSCACHE
1821 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1822 goto cifs_parse_mount_err;
1823 #endif
1824 ctx->fsc = true;
1825 break;
1826 case Opt_mfsymlinks:
1827 ctx->mfsymlinks = true;
1828 break;
1829 case Opt_multiuser:
1830 ctx->multiuser = true;
1831 break;
1832 case Opt_sloppy:
1833 ctx->sloppy = true;
1834 break;
1835 case Opt_nosharesock:
1836 ctx->nosharesock = true;
1837 break;
1838 case Opt_persistent:
1839 if (result.negated) {
1840 ctx->nopersistent = true;
1841 if (ctx->persistent) {
1842 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1843 goto cifs_parse_mount_err;
1844 }
1845 } else {
1846 ctx->persistent = true;
1847 if ((ctx->nopersistent) || (ctx->resilient)) {
1848 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1849 goto cifs_parse_mount_err;
1850 }
1851 }
1852 break;
1853 case Opt_resilient:
1854 if (result.negated) {
1855 ctx->resilient = false; /* already the default */
1856 } else {
1857 ctx->resilient = true;
1858 if (ctx->persistent) {
1859 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1860 goto cifs_parse_mount_err;
1861 }
1862 }
1863 break;
1864 case Opt_tcp_nodelay:
1865 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1866 if (result.negated)
1867 ctx->sockopt_tcp_nodelay = false;
1868 else
1869 ctx->sockopt_tcp_nodelay = true;
1870 break;
1871 case Opt_domainauto:
1872 ctx->domainauto = true;
1873 break;
1874 case Opt_rdma:
1875 ctx->rdma = true;
1876 break;
1877 case Opt_reparse:
1878 if (parse_reparse_flavor(fc, param->string, ctx))
1879 goto cifs_parse_mount_err;
1880 break;
1881 case Opt_nativesocket:
1882 ctx->nonativesocket = result.negated;
1883 break;
1884 case Opt_symlink:
1885 if (parse_symlink_flavor(fc, param->string, ctx))
1886 goto cifs_parse_mount_err;
1887 break;
1888 case Opt_symlinkroot:
1889 if (param->string[0] != '/') {
1890 cifs_errorf(fc, "symlinkroot mount options must be absolute path\n");
1891 goto cifs_parse_mount_err;
1892 }
1893 if (strnlen(param->string, PATH_MAX) == PATH_MAX) {
1894 cifs_errorf(fc, "symlinkroot path too long (max path length: %u)\n",
1895 PATH_MAX - 1);
1896 goto cifs_parse_mount_err;
1897 }
1898 kfree(ctx->symlinkroot);
1899 ctx->symlinkroot = param->string;
1900 param->string = NULL;
1901 break;
1902 }
1903 /* case Opt_ignore: - is ignored as expected ... */
1904
1905 if (ctx->multiuser && ctx->upcall_target == UPTARGET_MOUNT) {
1906 cifs_errorf(fc, "multiuser mount option not supported with upcalltarget set as 'mount'\n");
1907 goto cifs_parse_mount_err;
1908 }
1909
1910 return 0;
1911
1912 cifs_parse_mount_err:
1913 kfree_sensitive(ctx->password);
1914 ctx->password = NULL;
1915 kfree_sensitive(ctx->password2);
1916 ctx->password2 = NULL;
1917 kfree(ctx->source);
1918 ctx->source = NULL;
1919 kfree(fc->source);
1920 fc->source = NULL;
1921 return -EINVAL;
1922 }
1923
smb3_init_fs_context(struct fs_context * fc)1924 int smb3_init_fs_context(struct fs_context *fc)
1925 {
1926 struct smb3_fs_context *ctx;
1927 char *nodename = utsname()->nodename;
1928 int i;
1929
1930 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1931 if (unlikely(!ctx))
1932 return -ENOMEM;
1933
1934 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1935
1936 /*
1937 * does not have to be perfect mapping since field is
1938 * informational, only used for servers that do not support
1939 * port 445 and it can be overridden at mount time
1940 */
1941 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1942 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1943 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1944 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1945
1946 /*
1947 * null target name indicates to use *SMBSERVR default called name
1948 * if we end up sending RFC1001 session initialize
1949 */
1950 ctx->target_rfc1001_name[0] = 0;
1951
1952 ctx->rfc1001_sessinit = -1; /* autodetect based on port number */
1953
1954 ctx->cred_uid = current_uid();
1955 ctx->linux_uid = current_uid();
1956 ctx->linux_gid = current_gid();
1957 /* By default 4MB read ahead size, 1MB block size */
1958 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1959 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1960
1961 /*
1962 * default to SFM style remapping of seven reserved characters
1963 * unless user overrides it or we negotiate CIFS POSIX where
1964 * it is unnecessary. Can not simultaneously use more than one mapping
1965 * since then readdir could list files that open could not open
1966 */
1967 ctx->remap = true;
1968
1969 /* default to only allowing write access to owner of the mount */
1970 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1971
1972 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1973 /* default is always to request posix paths. */
1974 ctx->posix_paths = 1;
1975 /* default to using server inode numbers where available */
1976 ctx->server_ino = 1;
1977
1978 /* default is to use strict cifs caching semantics */
1979 ctx->strict_io = true;
1980
1981 ctx->acregmax = CIFS_DEF_ACTIMEO;
1982 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1983 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1984 ctx->max_cached_dirs = MAX_CACHED_FIDS;
1985 /* Most clients set timeout to 0, allows server to use its default */
1986 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1987
1988 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1989 ctx->ops = &smb30_operations;
1990 ctx->vals = &smbdefault_values;
1991
1992 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1993
1994 /* default to no multichannel (single server connection) */
1995 ctx->multichannel = false;
1996 ctx->multichannel_specified = false;
1997 ctx->max_channels_specified = false;
1998 ctx->max_channels = 1;
1999
2000 ctx->backupuid_specified = false; /* no backup intent for a user */
2001 ctx->backupgid_specified = false; /* no backup intent for a group */
2002
2003 ctx->retrans = 1;
2004 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
2005 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
2006 ctx->nonativesocket = 0;
2007
2008 ctx->unicode = -1; /* autodetect, but prefer UNICODE mode */
2009
2010 /*
2011 * short int override_uid = -1;
2012 * short int override_gid = -1;
2013 * char *nodename = strdup(utsname()->nodename);
2014 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
2015 */
2016
2017 fc->fs_private = ctx;
2018 fc->ops = &smb3_fs_context_ops;
2019 return 0;
2020 }
2021
2022 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)2023 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
2024 {
2025 if (ctx == NULL)
2026 return;
2027
2028 /*
2029 * Make sure this stays in sync with smb3_fs_context_dup()
2030 */
2031 kfree(ctx->username);
2032 ctx->username = NULL;
2033 kfree_sensitive(ctx->password);
2034 ctx->password = NULL;
2035 kfree_sensitive(ctx->password2);
2036 ctx->password2 = NULL;
2037 kfree(ctx->server_hostname);
2038 ctx->server_hostname = NULL;
2039 kfree(ctx->UNC);
2040 ctx->UNC = NULL;
2041 kfree(ctx->source);
2042 ctx->source = NULL;
2043 kfree(ctx->domainname);
2044 ctx->domainname = NULL;
2045 kfree(ctx->nodename);
2046 ctx->nodename = NULL;
2047 kfree(ctx->iocharset);
2048 ctx->iocharset = NULL;
2049 kfree(ctx->prepath);
2050 ctx->prepath = NULL;
2051 kfree(ctx->leaf_fullpath);
2052 ctx->leaf_fullpath = NULL;
2053 kfree(ctx->dns_dom);
2054 ctx->dns_dom = NULL;
2055 kfree(ctx->symlinkroot);
2056 ctx->symlinkroot = NULL;
2057 }
2058
2059 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)2060 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
2061 {
2062 if (!ctx)
2063 return;
2064 smb3_cleanup_fs_context_contents(ctx);
2065 kfree(ctx);
2066 }
2067
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)2068 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
2069 {
2070 struct smb3_fs_context *ctx = cifs_sb->ctx;
2071
2072 if (ctx->nodfs)
2073 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
2074 else
2075 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
2076
2077 if (ctx->noperm)
2078 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2079 else
2080 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
2081
2082 if (ctx->setuids)
2083 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2084 else
2085 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
2086
2087 if (ctx->setuidfromacl)
2088 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
2089 else
2090 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
2091
2092 if (ctx->server_ino)
2093 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2094 else
2095 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
2096
2097 if (ctx->remap)
2098 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
2099 else
2100 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
2101
2102 if (ctx->sfu_remap)
2103 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2104 else
2105 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
2106
2107 if (ctx->no_xattr)
2108 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2109 else
2110 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
2111
2112 if (ctx->sfu_emul)
2113 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2114 else
2115 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
2116
2117 if (ctx->nobrl)
2118 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2119 else
2120 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
2121
2122 if (ctx->nohandlecache)
2123 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
2124 else
2125 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
2126
2127 if (ctx->nostrictsync)
2128 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2129 else
2130 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
2131
2132 if (ctx->mand_lock)
2133 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2134 else
2135 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
2136
2137 if (ctx->rwpidforward)
2138 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
2139 else
2140 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
2141
2142 if (ctx->mode_ace)
2143 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
2144 else
2145 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
2146
2147 if (ctx->cifs_acl)
2148 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2149 else
2150 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
2151
2152 if (ctx->backupuid_specified)
2153 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
2154 else
2155 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
2156
2157 if (ctx->backupgid_specified)
2158 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
2159 else
2160 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
2161
2162 if (ctx->override_uid)
2163 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2164 else
2165 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
2166
2167 if (ctx->override_gid)
2168 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2169 else
2170 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
2171
2172 if (ctx->dynperm)
2173 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2174 else
2175 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
2176
2177 if (ctx->fsc)
2178 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2179 else
2180 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
2181
2182 if (ctx->multiuser)
2183 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2184 CIFS_MOUNT_NO_PERM);
2185 else
2186 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
2187
2188
2189 if (ctx->strict_io)
2190 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2191 else
2192 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
2193
2194 if (ctx->direct_io)
2195 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2196 else
2197 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
2198
2199 if (ctx->mfsymlinks)
2200 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2201 else
2202 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
2203 if (ctx->mfsymlinks) {
2204 if (ctx->sfu_emul) {
2205 /*
2206 * Our SFU ("Services for Unix") emulation allows now
2207 * creating new and reading existing SFU symlinks.
2208 * Older Linux kernel versions were not able to neither
2209 * read existing nor create new SFU symlinks. But
2210 * creating and reading SFU style mknod and FIFOs was
2211 * supported for long time. When "mfsymlinks" and
2212 * "sfu" are both enabled at the same time, it allows
2213 * reading both types of symlinks, but will only create
2214 * them with mfsymlinks format. This allows better
2215 * Apple compatibility, compatibility with older Linux
2216 * kernel clients (probably better for Samba too)
2217 * while still recognizing old Windows style symlinks.
2218 */
2219 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
2220 }
2221 }
2222 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
2223
2224 return;
2225 }
2226