1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifsglob.h"
30 #include "cifsproto.h"
31 #include "cifs_unicode.h"
32 #include "cifs_debug.h"
33 #include "cifs_fs_sb.h"
34 #include "ntlmssp.h"
35 #include "nterr.h"
36 #include "rfc1002pdu.h"
37 #include "fs_context.h"
38
39 DEFINE_MUTEX(cifs_mount_mutex);
40
41 static const match_table_t cifs_smb_version_tokens = {
42 { Smb_1, SMB1_VERSION_STRING },
43 { Smb_20, SMB20_VERSION_STRING},
44 { Smb_21, SMB21_VERSION_STRING },
45 { Smb_30, SMB30_VERSION_STRING },
46 { Smb_302, SMB302_VERSION_STRING },
47 { Smb_302, ALT_SMB302_VERSION_STRING },
48 { Smb_311, SMB311_VERSION_STRING },
49 { Smb_311, ALT_SMB311_VERSION_STRING },
50 { Smb_3any, SMB3ANY_VERSION_STRING },
51 { Smb_default, SMBDEFAULT_VERSION_STRING },
52 { Smb_version_err, NULL }
53 };
54
55 static const match_table_t cifs_secflavor_tokens = {
56 { Opt_sec_krb5, "krb5" },
57 { Opt_sec_krb5i, "krb5i" },
58 { Opt_sec_krb5p, "krb5p" },
59 { Opt_sec_ntlmsspi, "ntlmsspi" },
60 { Opt_sec_ntlmssp, "ntlmssp" },
61 { Opt_sec_ntlmv2, "nontlm" },
62 { Opt_sec_ntlmv2, "ntlmv2" },
63 { Opt_sec_ntlmv2i, "ntlmv2i" },
64 { Opt_sec_none, "none" },
65
66 { Opt_sec_err, NULL }
67 };
68
69 static const match_table_t cifs_upcall_target = {
70 { Opt_upcall_target_mount, "mount" },
71 { Opt_upcall_target_application, "app" },
72 { Opt_upcall_target_err, NULL }
73 };
74
75 const struct fs_parameter_spec smb3_fs_parameters[] = {
76 /* Mount options that take no arguments */
77 fsparam_flag_no("user_xattr", Opt_user_xattr),
78 fsparam_flag_no("forceuid", Opt_forceuid),
79 fsparam_flag_no("multichannel", Opt_multichannel),
80 fsparam_flag_no("forcegid", Opt_forcegid),
81 fsparam_flag("noblocksend", Opt_noblocksend),
82 fsparam_flag("noautotune", Opt_noautotune),
83 fsparam_flag_no("lease", Opt_lease),
84 fsparam_flag_no("hard", Opt_hard),
85 fsparam_flag_no("soft", Opt_soft),
86 fsparam_flag_no("perm", Opt_perm),
87 fsparam_flag("nodelete", Opt_nodelete),
88 fsparam_flag_no("mapposix", Opt_mapposix),
89 fsparam_flag("mapchars", Opt_mapchars),
90 fsparam_flag("nomapchars", Opt_nomapchars),
91 fsparam_flag_no("sfu", Opt_sfu),
92 fsparam_flag("nodfs", Opt_nodfs),
93 fsparam_flag_no("posixpaths", Opt_posixpaths),
94 fsparam_flag_no("unix", Opt_unix),
95 fsparam_flag_no("linux", Opt_unix),
96 fsparam_flag_no("posix", Opt_unix),
97 fsparam_flag("nocase", Opt_nocase),
98 fsparam_flag("ignorecase", Opt_nocase),
99 fsparam_flag_no("brl", Opt_brl),
100 fsparam_flag_no("handlecache", Opt_handlecache),
101 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
102 fsparam_flag("forcemand", Opt_forcemandatorylock),
103 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
104 fsparam_flag("idsfromsid", Opt_setuidfromacl),
105 fsparam_flag_no("setuids", Opt_setuids),
106 fsparam_flag_no("dynperm", Opt_dynperm),
107 fsparam_flag_no("intr", Opt_intr),
108 fsparam_flag_no("strictsync", Opt_strictsync),
109 fsparam_flag_no("serverino", Opt_serverino),
110 fsparam_flag("rwpidforward", Opt_rwpidforward),
111 fsparam_flag("cifsacl", Opt_cifsacl),
112 fsparam_flag_no("acl", Opt_acl),
113 fsparam_flag("locallease", Opt_locallease),
114 fsparam_flag("sign", Opt_sign),
115 fsparam_flag("ignore_signature", Opt_ignore_signature),
116 fsparam_flag("signloosely", Opt_ignore_signature),
117 fsparam_flag("seal", Opt_seal),
118 fsparam_flag("noac", Opt_noac),
119 fsparam_flag("fsc", Opt_fsc),
120 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
121 fsparam_flag("multiuser", Opt_multiuser),
122 fsparam_flag("sloppy", Opt_sloppy),
123 fsparam_flag("nosharesock", Opt_nosharesock),
124 fsparam_flag_no("persistenthandles", Opt_persistent),
125 fsparam_flag_no("resilienthandles", Opt_resilient),
126 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
127 fsparam_flag("nosparse", Opt_nosparse),
128 fsparam_flag("domainauto", Opt_domainauto),
129 fsparam_flag("rdma", Opt_rdma),
130 fsparam_flag("modesid", Opt_modesid),
131 fsparam_flag("modefromsid", Opt_modesid),
132 fsparam_flag("rootfs", Opt_rootfs),
133 fsparam_flag("compress", Opt_compress),
134 fsparam_flag("witness", Opt_witness),
135 fsparam_flag_no("nativesocket", Opt_nativesocket),
136 fsparam_flag_no("unicode", Opt_unicode),
137 fsparam_flag_no("nbsessinit", Opt_nbsessinit),
138
139 /* Mount options which take uid or gid */
140 fsparam_uid("backupuid", Opt_backupuid),
141 fsparam_gid("backupgid", Opt_backupgid),
142 fsparam_uid("uid", Opt_uid),
143 fsparam_uid("cruid", Opt_cruid),
144 fsparam_gid("gid", Opt_gid),
145
146 /* Mount options which take numeric value */
147 fsparam_u32("file_mode", Opt_file_mode),
148 fsparam_u32("dirmode", Opt_dirmode),
149 fsparam_u32("dir_mode", Opt_dirmode),
150 fsparam_u32("port", Opt_port),
151 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
152 fsparam_u32("retrans", Opt_retrans),
153 fsparam_u32("esize", Opt_min_enc_offload),
154 fsparam_u32("bsize", Opt_blocksize),
155 fsparam_u32("rasize", Opt_rasize),
156 fsparam_u32("rsize", Opt_rsize),
157 fsparam_u32("wsize", Opt_wsize),
158 fsparam_u32("actimeo", Opt_actimeo),
159 fsparam_u32("acdirmax", Opt_acdirmax),
160 fsparam_u32("acregmax", Opt_acregmax),
161 fsparam_u32("closetimeo", Opt_closetimeo),
162 fsparam_u32("echo_interval", Opt_echo_interval),
163 fsparam_u32("max_credits", Opt_max_credits),
164 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs),
165 fsparam_u32("handletimeout", Opt_handletimeout),
166 fsparam_u64("snapshot", Opt_snapshot),
167 fsparam_u32("max_channels", Opt_max_channels),
168
169 /* Mount options which take string value */
170 fsparam_string("source", Opt_source),
171 fsparam_string("user", Opt_user),
172 fsparam_string("username", Opt_user),
173 fsparam_string("pass", Opt_pass),
174 fsparam_string("password", Opt_pass),
175 fsparam_string("pass2", Opt_pass2),
176 fsparam_string("password2", Opt_pass2),
177 fsparam_string("ip", Opt_ip),
178 fsparam_string("addr", Opt_ip),
179 fsparam_string("domain", Opt_domain),
180 fsparam_string("dom", Opt_domain),
181 fsparam_string("srcaddr", Opt_srcaddr),
182 fsparam_string("iocharset", Opt_iocharset),
183 fsparam_string("netbiosname", Opt_netbiosname),
184 fsparam_string("servern", Opt_servern),
185 fsparam_string("ver", Opt_ver),
186 fsparam_string("vers", Opt_vers),
187 fsparam_string("sec", Opt_sec),
188 fsparam_string("cache", Opt_cache),
189 fsparam_string("reparse", Opt_reparse),
190 fsparam_string("upcall_target", Opt_upcalltarget),
191 fsparam_string("symlink", Opt_symlink),
192 fsparam_string("symlinkroot", Opt_symlinkroot),
193
194 /* Arguments that should be ignored */
195 fsparam_flag("guest", Opt_ignore),
196 fsparam_flag("noatime", Opt_ignore),
197 fsparam_flag("relatime", Opt_ignore),
198 fsparam_flag("_netdev", Opt_ignore),
199 fsparam_flag_no("suid", Opt_ignore),
200 fsparam_flag_no("exec", Opt_ignore),
201 fsparam_flag_no("dev", Opt_ignore),
202 fsparam_flag_no("mand", Opt_ignore),
203 fsparam_flag_no("auto", Opt_ignore),
204 fsparam_string("cred", Opt_ignore),
205 fsparam_string("credentials", Opt_ignore),
206 /*
207 * UNC and prefixpath is now extracted from Opt_source
208 * in the new mount API so we can just ignore them going forward.
209 */
210 fsparam_string("unc", Opt_ignore),
211 fsparam_string("prefixpath", Opt_ignore),
212 {}
213 };
214
215 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)216 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
217 {
218
219 substring_t args[MAX_OPT_ARGS];
220
221 /*
222 * With mount options, the last one should win. Reset any existing
223 * settings back to default.
224 */
225 ctx->sectype = Unspecified;
226 ctx->sign = false;
227
228 switch (match_token(value, cifs_secflavor_tokens, args)) {
229 case Opt_sec_krb5p:
230 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n");
231 return 1;
232 case Opt_sec_krb5i:
233 ctx->sign = true;
234 fallthrough;
235 case Opt_sec_krb5:
236 ctx->sectype = Kerberos;
237 break;
238 case Opt_sec_ntlmsspi:
239 ctx->sign = true;
240 fallthrough;
241 case Opt_sec_ntlmssp:
242 ctx->sectype = RawNTLMSSP;
243 break;
244 case Opt_sec_ntlmv2i:
245 ctx->sign = true;
246 fallthrough;
247 case Opt_sec_ntlmv2:
248 ctx->sectype = NTLMv2;
249 break;
250 case Opt_sec_none:
251 ctx->nullauth = 1;
252 kfree(ctx->username);
253 ctx->username = NULL;
254 break;
255 default:
256 cifs_errorf(fc, "bad security option: %s\n", value);
257 return 1;
258 }
259
260 return 0;
261 }
262
263 static int
cifs_parse_upcall_target(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)264 cifs_parse_upcall_target(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
265 {
266 substring_t args[MAX_OPT_ARGS];
267
268 ctx->upcall_target = UPTARGET_UNSPECIFIED;
269
270 switch (match_token(value, cifs_upcall_target, args)) {
271 case Opt_upcall_target_mount:
272 ctx->upcall_target = UPTARGET_MOUNT;
273 break;
274 case Opt_upcall_target_application:
275 ctx->upcall_target = UPTARGET_APP;
276 break;
277
278 default:
279 cifs_errorf(fc, "bad upcall target: %s\n", value);
280 return 1;
281 }
282
283 return 0;
284 }
285
286 static const match_table_t cifs_cacheflavor_tokens = {
287 { Opt_cache_loose, "loose" },
288 { Opt_cache_strict, "strict" },
289 { Opt_cache_none, "none" },
290 { Opt_cache_ro, "ro" },
291 { Opt_cache_rw, "singleclient" },
292 { Opt_cache_err, NULL }
293 };
294
295 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)296 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
297 {
298 substring_t args[MAX_OPT_ARGS];
299
300 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
301 case Opt_cache_loose:
302 ctx->direct_io = false;
303 ctx->strict_io = false;
304 ctx->cache_ro = false;
305 ctx->cache_rw = false;
306 break;
307 case Opt_cache_strict:
308 ctx->direct_io = false;
309 ctx->strict_io = true;
310 ctx->cache_ro = false;
311 ctx->cache_rw = false;
312 break;
313 case Opt_cache_none:
314 ctx->direct_io = true;
315 ctx->strict_io = false;
316 ctx->cache_ro = false;
317 ctx->cache_rw = false;
318 break;
319 case Opt_cache_ro:
320 ctx->direct_io = false;
321 ctx->strict_io = false;
322 ctx->cache_ro = true;
323 ctx->cache_rw = false;
324 break;
325 case Opt_cache_rw:
326 ctx->direct_io = false;
327 ctx->strict_io = false;
328 ctx->cache_ro = false;
329 ctx->cache_rw = true;
330 break;
331 default:
332 cifs_errorf(fc, "bad cache= option: %s\n", value);
333 return 1;
334 }
335 return 0;
336 }
337
338 static const match_table_t reparse_flavor_tokens = {
339 { Opt_reparse_default, "default" },
340 { Opt_reparse_none, "none" },
341 { Opt_reparse_nfs, "nfs" },
342 { Opt_reparse_wsl, "wsl" },
343 { Opt_reparse_err, NULL },
344 };
345
parse_reparse_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)346 static int parse_reparse_flavor(struct fs_context *fc, char *value,
347 struct smb3_fs_context *ctx)
348 {
349 substring_t args[MAX_OPT_ARGS];
350
351 switch (match_token(value, reparse_flavor_tokens, args)) {
352 case Opt_reparse_default:
353 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
354 break;
355 case Opt_reparse_none:
356 ctx->reparse_type = CIFS_REPARSE_TYPE_NONE;
357 break;
358 case Opt_reparse_nfs:
359 ctx->reparse_type = CIFS_REPARSE_TYPE_NFS;
360 break;
361 case Opt_reparse_wsl:
362 ctx->reparse_type = CIFS_REPARSE_TYPE_WSL;
363 break;
364 default:
365 cifs_errorf(fc, "bad reparse= option: %s\n", value);
366 return 1;
367 }
368 return 0;
369 }
370
371 static const match_table_t symlink_flavor_tokens = {
372 { Opt_symlink_default, "default" },
373 { Opt_symlink_none, "none" },
374 { Opt_symlink_native, "native" },
375 { Opt_symlink_unix, "unix" },
376 { Opt_symlink_mfsymlinks, "mfsymlinks" },
377 { Opt_symlink_sfu, "sfu" },
378 { Opt_symlink_nfs, "nfs" },
379 { Opt_symlink_wsl, "wsl" },
380 { Opt_symlink_err, NULL },
381 };
382
parse_symlink_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)383 static int parse_symlink_flavor(struct fs_context *fc, char *value,
384 struct smb3_fs_context *ctx)
385 {
386 substring_t args[MAX_OPT_ARGS];
387
388 switch (match_token(value, symlink_flavor_tokens, args)) {
389 case Opt_symlink_default:
390 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
391 break;
392 case Opt_symlink_none:
393 ctx->symlink_type = CIFS_SYMLINK_TYPE_NONE;
394 break;
395 case Opt_symlink_native:
396 ctx->symlink_type = CIFS_SYMLINK_TYPE_NATIVE;
397 break;
398 case Opt_symlink_unix:
399 ctx->symlink_type = CIFS_SYMLINK_TYPE_UNIX;
400 break;
401 case Opt_symlink_mfsymlinks:
402 ctx->symlink_type = CIFS_SYMLINK_TYPE_MFSYMLINKS;
403 break;
404 case Opt_symlink_sfu:
405 ctx->symlink_type = CIFS_SYMLINK_TYPE_SFU;
406 break;
407 case Opt_symlink_nfs:
408 ctx->symlink_type = CIFS_SYMLINK_TYPE_NFS;
409 break;
410 case Opt_symlink_wsl:
411 ctx->symlink_type = CIFS_SYMLINK_TYPE_WSL;
412 break;
413 default:
414 cifs_errorf(fc, "bad symlink= option: %s\n", value);
415 return 1;
416 }
417 return 0;
418 }
419
420 #define DUP_CTX_STR(field) \
421 do { \
422 if (ctx->field) { \
423 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
424 if (new_ctx->field == NULL) { \
425 smb3_cleanup_fs_context_contents(new_ctx); \
426 return -ENOMEM; \
427 } \
428 } \
429 } while (0)
430
431 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)432 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
433 {
434 memcpy(new_ctx, ctx, sizeof(*ctx));
435 new_ctx->prepath = NULL;
436 new_ctx->nodename = NULL;
437 new_ctx->username = NULL;
438 new_ctx->password = NULL;
439 new_ctx->password2 = NULL;
440 new_ctx->server_hostname = NULL;
441 new_ctx->domainname = NULL;
442 new_ctx->UNC = NULL;
443 new_ctx->source = NULL;
444 new_ctx->iocharset = NULL;
445 new_ctx->leaf_fullpath = NULL;
446 new_ctx->dns_dom = NULL;
447 new_ctx->symlinkroot = NULL;
448 /*
449 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
450 */
451 DUP_CTX_STR(prepath);
452 DUP_CTX_STR(username);
453 DUP_CTX_STR(password);
454 DUP_CTX_STR(password2);
455 DUP_CTX_STR(server_hostname);
456 DUP_CTX_STR(UNC);
457 DUP_CTX_STR(source);
458 DUP_CTX_STR(domainname);
459 DUP_CTX_STR(nodename);
460 DUP_CTX_STR(iocharset);
461 DUP_CTX_STR(leaf_fullpath);
462 DUP_CTX_STR(dns_dom);
463 DUP_CTX_STR(symlinkroot);
464
465 return 0;
466 }
467
468 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)469 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
470 {
471 substring_t args[MAX_OPT_ARGS];
472
473 switch (match_token(value, cifs_smb_version_tokens, args)) {
474 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
475 case Smb_1:
476 if (disable_legacy_dialects) {
477 cifs_errorf(fc, "mount with legacy dialect disabled\n");
478 return 1;
479 }
480 if (is_smb3) {
481 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
482 return 1;
483 }
484 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
485 ctx->ops = &smb1_operations;
486 ctx->vals = &smb1_values;
487 break;
488 case Smb_20:
489 if (disable_legacy_dialects) {
490 cifs_errorf(fc, "mount with legacy dialect disabled\n");
491 return 1;
492 }
493 if (is_smb3) {
494 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
495 return 1;
496 }
497 ctx->ops = &smb20_operations;
498 ctx->vals = &smb20_values;
499 break;
500 #else
501 case Smb_1:
502 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
503 return 1;
504 case Smb_20:
505 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
506 return 1;
507 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
508 case Smb_21:
509 ctx->ops = &smb21_operations;
510 ctx->vals = &smb21_values;
511 break;
512 case Smb_30:
513 ctx->ops = &smb30_operations;
514 ctx->vals = &smb30_values;
515 break;
516 case Smb_302:
517 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
518 ctx->vals = &smb302_values;
519 break;
520 case Smb_311:
521 ctx->ops = &smb311_operations;
522 ctx->vals = &smb311_values;
523 break;
524 case Smb_3any:
525 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
526 ctx->vals = &smb3any_values;
527 break;
528 case Smb_default:
529 ctx->ops = &smb30_operations;
530 ctx->vals = &smbdefault_values;
531 break;
532 default:
533 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
534 return 1;
535 }
536 return 0;
537 }
538
539 /*
540 * Remove duplicate path delimiters. Windows is supposed to do that
541 * but there are some bugs that prevent rename from working if there are
542 * multiple delimiters.
543 *
544 * Return a sanitized duplicate of @path or NULL for empty prefix paths.
545 * Otherwise, return ERR_PTR.
546 *
547 * @gfp indicates the GFP_* flags for kstrdup.
548 * The caller is responsible for freeing the original.
549 */
550 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
cifs_sanitize_prepath(char * prepath,gfp_t gfp)551 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
552 {
553 char *cursor1 = prepath, *cursor2 = prepath;
554 char *s;
555
556 /* skip all prepended delimiters */
557 while (IS_DELIM(*cursor1))
558 cursor1++;
559
560 /* exit in case of only delimiters */
561 if (!*cursor1)
562 return NULL;
563
564 /* copy the first letter */
565 *cursor2 = *cursor1;
566
567 /* copy the remainder... */
568 while (*(cursor1++)) {
569 /* ... skipping all duplicated delimiters */
570 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
571 continue;
572 *(++cursor2) = *cursor1;
573 }
574
575 /* if the last character is a delimiter, skip it */
576 if (IS_DELIM(*(cursor2 - 1)))
577 cursor2--;
578
579 *cursor2 = '\0';
580 if (!*prepath)
581 return NULL;
582 s = kstrdup(prepath, gfp);
583 if (!s)
584 return ERR_PTR(-ENOMEM);
585 return s;
586 }
587
588 /*
589 * Return full path based on the values of @ctx->{UNC,prepath}.
590 *
591 * It is assumed that both values were already parsed by smb3_parse_devname().
592 */
smb3_fs_context_fullpath(const struct smb3_fs_context * ctx,char dirsep)593 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep)
594 {
595 size_t ulen, plen;
596 char *s;
597
598 ulen = strlen(ctx->UNC);
599 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0;
600
601 s = kmalloc(ulen + plen + 1, GFP_KERNEL);
602 if (!s)
603 return ERR_PTR(-ENOMEM);
604 memcpy(s, ctx->UNC, ulen);
605 if (plen) {
606 s[ulen] = dirsep;
607 memcpy(s + ulen + 1, ctx->prepath, plen);
608 }
609 s[ulen + plen] = '\0';
610 convert_delimiter(s, dirsep);
611 return s;
612 }
613
614 /*
615 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
616 * fields with the result. Returns 0 on success and an error otherwise
617 * (e.g. ENOMEM or EINVAL)
618 */
619 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)620 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
621 {
622 char *pos;
623 const char *delims = "/\\";
624 size_t len;
625 int rc;
626
627 if (unlikely(!devname || !*devname)) {
628 cifs_dbg(VFS, "Device name not specified\n");
629 return -EINVAL;
630 }
631
632 /* make sure we have a valid UNC double delimiter prefix */
633 len = strspn(devname, delims);
634 if (len != 2) {
635 cifs_dbg(VFS, "UNC: path must begin with // or \\\\\n");
636 return -EINVAL;
637 }
638
639 /* find delimiter between host and sharename */
640 pos = strpbrk(devname + 2, delims);
641 if (!pos) {
642 cifs_dbg(VFS, "UNC: missing delimiter between hostname and share name\n");
643 return -EINVAL;
644 }
645
646 /* record the server hostname */
647 kfree(ctx->server_hostname);
648 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
649 if (!ctx->server_hostname)
650 return -ENOMEM;
651
652 /* skip past delimiter */
653 ++pos;
654
655 /* now go until next delimiter or end of string */
656 len = strcspn(pos, delims);
657 if (!len) {
658 cifs_dbg(VFS, "UNC: missing share name\n");
659 return -EINVAL;
660 }
661
662 /* move "pos" up to delimiter or NULL */
663 pos += len;
664 kfree(ctx->UNC);
665 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
666 if (!ctx->UNC)
667 return -ENOMEM;
668
669 convert_delimiter(ctx->UNC, '\\');
670
671 /* skip any delimiter */
672 if (*pos == '/' || *pos == '\\')
673 pos++;
674
675 kfree(ctx->prepath);
676 ctx->prepath = NULL;
677
678 /* If pos is NULL then no prepath */
679 if (!*pos)
680 return 0;
681
682 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
683 if (IS_ERR(ctx->prepath)) {
684 rc = PTR_ERR(ctx->prepath);
685 ctx->prepath = NULL;
686 return rc;
687 }
688
689 return 0;
690 }
691
smb3_handle_conflicting_options(struct fs_context * fc)692 static int smb3_handle_conflicting_options(struct fs_context *fc)
693 {
694 struct smb3_fs_context *ctx = smb3_fc2context(fc);
695
696 if (ctx->multichannel_specified) {
697 if (ctx->multichannel) {
698 if (!ctx->max_channels_specified) {
699 ctx->max_channels = 2;
700 } else if (ctx->max_channels == 1) {
701 cifs_errorf(fc,
702 "max_channels must be greater than 1 when multichannel is enabled\n");
703 return -EINVAL;
704 }
705 } else {
706 if (!ctx->max_channels_specified) {
707 ctx->max_channels = 1;
708 } else if (ctx->max_channels > 1) {
709 cifs_errorf(fc,
710 "max_channels must be equal to 1 when multichannel is disabled\n");
711 return -EINVAL;
712 }
713 }
714 } else {
715 if (ctx->max_channels_specified) {
716 if (ctx->max_channels > 1)
717 ctx->multichannel = true;
718 else
719 ctx->multichannel = false;
720 } else {
721 ctx->multichannel = false;
722 ctx->max_channels = 1;
723 }
724 }
725
726 //resetting default values as remount doesn't initialize fs_context again
727 ctx->multichannel_specified = false;
728 ctx->max_channels_specified = false;
729
730 return 0;
731 }
732
733 static void smb3_fs_context_free(struct fs_context *fc);
734 static int smb3_fs_context_parse_param(struct fs_context *fc,
735 struct fs_parameter *param);
736 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
737 void *data);
738 static int smb3_get_tree(struct fs_context *fc);
739 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels);
740 static int smb3_reconfigure(struct fs_context *fc);
741
742 static const struct fs_context_operations smb3_fs_context_ops = {
743 .free = smb3_fs_context_free,
744 .parse_param = smb3_fs_context_parse_param,
745 .parse_monolithic = smb3_fs_context_parse_monolithic,
746 .get_tree = smb3_get_tree,
747 .reconfigure = smb3_reconfigure,
748 };
749
750 /*
751 * Parse a monolithic block of data from sys_mount().
752 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
753 * @ctx: The superblock configuration to fill in.
754 * @data: The data to parse
755 *
756 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
757 * called from the ->monolithic_mount_data() fs_context operation.
758 *
759 * Returns 0 on success or the error returned by the ->parse_option() fs_context
760 * operation on failure.
761 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)762 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
763 void *data)
764 {
765 char *options = data, *key;
766 int ret = 0;
767
768 if (!options)
769 return 0;
770
771 ret = security_sb_eat_lsm_opts(options, &fc->security);
772 if (ret)
773 return ret;
774
775 /* BB Need to add support for sep= here TBD */
776 while ((key = strsep(&options, ",")) != NULL) {
777 size_t len;
778 char *value;
779
780 if (*key == 0)
781 break;
782
783 /* Check if following character is the deliminator If yes,
784 * we have encountered a double deliminator reset the NULL
785 * character to the deliminator
786 */
787 while (options && options[0] == ',') {
788 len = strlen(key);
789 strcpy(key + len, options);
790 options = strchr(options, ',');
791 if (options)
792 *options++ = 0;
793 }
794
795
796 value = strchr(key, '=');
797 if (value) {
798 if (value == key)
799 continue;
800 *value++ = 0;
801 }
802
803 ret = vfs_parse_fs_string(fc, key, value);
804 if (ret < 0)
805 break;
806 }
807 return ret ?: smb3_handle_conflicting_options(fc);
808 }
809
810 /*
811 * Validate the preparsed information in the config.
812 */
smb3_fs_context_validate(struct fs_context * fc)813 static int smb3_fs_context_validate(struct fs_context *fc)
814 {
815 struct smb3_fs_context *ctx = smb3_fc2context(fc);
816
817 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
818 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
819 return -EOPNOTSUPP;
820 }
821
822 #ifndef CONFIG_KEYS
823 /* Muliuser mounts require CONFIG_KEYS support */
824 if (ctx->multiuser) {
825 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
826 return -1;
827 }
828 #endif
829
830 if (ctx->got_version == false)
831 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
832
833
834 if (!ctx->UNC) {
835 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
836 return -1;
837 }
838
839 /* make sure UNC has a share name */
840 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
841 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
842 return -ENOENT;
843 }
844
845 if (!ctx->got_ip) {
846 int len;
847 const char *slash;
848
849 /* No ip= option specified? Try to get it from UNC */
850 /* Use the address part of the UNC. */
851 slash = strchr(&ctx->UNC[2], '\\');
852 len = slash - &ctx->UNC[2];
853 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
854 &ctx->UNC[2], len)) {
855 pr_err("Unable to determine destination address\n");
856 return -EHOSTUNREACH;
857 }
858 }
859
860 /* set the port that we got earlier */
861 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
862
863 if (ctx->uid_specified && !ctx->forceuid_specified) {
864 ctx->override_uid = 1;
865 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n");
866 }
867
868 if (ctx->gid_specified && !ctx->forcegid_specified) {
869 ctx->override_gid = 1;
870 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n");
871 }
872
873 if (ctx->override_uid && !ctx->uid_specified) {
874 ctx->override_uid = 0;
875 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
876 }
877
878 if (ctx->override_gid && !ctx->gid_specified) {
879 ctx->override_gid = 0;
880 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
881 }
882
883 return 0;
884 }
885
smb3_get_tree_common(struct fs_context * fc)886 static int smb3_get_tree_common(struct fs_context *fc)
887 {
888 struct smb3_fs_context *ctx = smb3_fc2context(fc);
889 struct dentry *root;
890 int rc = 0;
891
892 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
893 if (IS_ERR(root))
894 return PTR_ERR(root);
895
896 fc->root = root;
897
898 return rc;
899 }
900
901 /*
902 * Create an SMB3 superblock from the parameters passed.
903 */
smb3_get_tree(struct fs_context * fc)904 static int smb3_get_tree(struct fs_context *fc)
905 {
906 int err = smb3_fs_context_validate(fc);
907 int ret;
908
909 if (err)
910 return err;
911 cifs_mount_lock();
912 ret = smb3_get_tree_common(fc);
913 cifs_mount_unlock();
914 return ret;
915 }
916
smb3_fs_context_free(struct fs_context * fc)917 static void smb3_fs_context_free(struct fs_context *fc)
918 {
919 struct smb3_fs_context *ctx = smb3_fc2context(fc);
920
921 smb3_cleanup_fs_context(ctx);
922 }
923
924 /*
925 * Compare the old and new proposed context during reconfigure
926 * and check if the changes are compatible.
927 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx,bool need_recon)928 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
929 struct smb3_fs_context *new_ctx,
930 struct smb3_fs_context *old_ctx, bool need_recon)
931 {
932 if (new_ctx->posix_paths != old_ctx->posix_paths) {
933 cifs_errorf(fc, "can not change posixpaths during remount\n");
934 return -EINVAL;
935 }
936 if (new_ctx->sectype != old_ctx->sectype) {
937 cifs_errorf(fc, "can not change sec during remount\n");
938 return -EINVAL;
939 }
940 if (new_ctx->multiuser != old_ctx->multiuser) {
941 cifs_errorf(fc, "can not change multiuser during remount\n");
942 return -EINVAL;
943 }
944 if (new_ctx->UNC &&
945 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
946 cifs_errorf(fc, "can not change UNC during remount\n");
947 return -EINVAL;
948 }
949 if (new_ctx->username &&
950 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
951 cifs_errorf(fc, "can not change username during remount\n");
952 return -EINVAL;
953 }
954 if (new_ctx->password &&
955 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
956 if (need_recon == false) {
957 cifs_errorf(fc,
958 "can not change password of active session during remount\n");
959 return -EINVAL;
960 } else if (old_ctx->sectype == Kerberos) {
961 cifs_errorf(fc,
962 "can not change password for Kerberos via remount\n");
963 return -EINVAL;
964 }
965 }
966 if (new_ctx->domainname &&
967 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
968 cifs_errorf(fc, "can not change domainname during remount\n");
969 return -EINVAL;
970 }
971 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
972 cifs_errorf(fc, "can not change workstation_name during remount\n");
973 return -EINVAL;
974 }
975 if (new_ctx->nodename &&
976 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
977 cifs_errorf(fc, "can not change nodename during remount\n");
978 return -EINVAL;
979 }
980 if (new_ctx->iocharset &&
981 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
982 cifs_errorf(fc, "can not change iocharset during remount\n");
983 return -EINVAL;
984 }
985 if (new_ctx->unicode != old_ctx->unicode) {
986 cifs_errorf(fc, "can not change unicode during remount\n");
987 return -EINVAL;
988 }
989 if (new_ctx->rfc1001_sessinit != old_ctx->rfc1001_sessinit) {
990 cifs_errorf(fc, "can not change nbsessinit during remount\n");
991 return -EINVAL;
992 }
993
994 return 0;
995 }
996
997 #define STEAL_STRING(cifs_sb, ctx, field) \
998 do { \
999 kfree(ctx->field); \
1000 ctx->field = cifs_sb->ctx->field; \
1001 cifs_sb->ctx->field = NULL; \
1002 } while (0)
1003
1004 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \
1005 do { \
1006 kfree_sensitive(ctx->field); \
1007 ctx->field = cifs_sb->ctx->field; \
1008 cifs_sb->ctx->field = NULL; \
1009 } while (0)
1010
smb3_sync_session_ctx_passwords(struct cifs_sb_info * cifs_sb,struct cifs_ses * ses)1011 int smb3_sync_session_ctx_passwords(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses)
1012 {
1013 if (ses->password &&
1014 cifs_sb->ctx->password &&
1015 strcmp(ses->password, cifs_sb->ctx->password)) {
1016 kfree_sensitive(cifs_sb->ctx->password);
1017 cifs_sb->ctx->password = kstrdup(ses->password, GFP_KERNEL);
1018 if (!cifs_sb->ctx->password)
1019 return -ENOMEM;
1020 }
1021 if (ses->password2 &&
1022 cifs_sb->ctx->password2 &&
1023 strcmp(ses->password2, cifs_sb->ctx->password2)) {
1024 kfree_sensitive(cifs_sb->ctx->password2);
1025 cifs_sb->ctx->password2 = kstrdup(ses->password2, GFP_KERNEL);
1026 if (!cifs_sb->ctx->password2) {
1027 kfree_sensitive(cifs_sb->ctx->password);
1028 cifs_sb->ctx->password = NULL;
1029 return -ENOMEM;
1030 }
1031 }
1032 return 0;
1033 }
1034
1035 /*
1036 * smb3_sync_ses_chan_max - Synchronize the session's maximum channel count
1037 * @ses: pointer to the old CIFS session structure
1038 * @max_channels: new maximum number of channels to allow
1039 *
1040 * Updates the session's chan_max field to the new value, protecting the update
1041 * with the session's channel lock. This should be called whenever the maximum
1042 * allowed channels for a session changes (e.g., after a remount or reconfigure).
1043 */
smb3_sync_ses_chan_max(struct cifs_ses * ses,unsigned int max_channels)1044 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels)
1045 {
1046 spin_lock(&ses->chan_lock);
1047 ses->chan_max = max_channels;
1048 spin_unlock(&ses->chan_lock);
1049 }
1050
smb3_reconfigure(struct fs_context * fc)1051 static int smb3_reconfigure(struct fs_context *fc)
1052 {
1053 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1054 struct dentry *root = fc->root;
1055 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
1056 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses;
1057 unsigned int rsize = ctx->rsize, wsize = ctx->wsize;
1058 char *new_password = NULL, *new_password2 = NULL;
1059 bool need_recon = false;
1060 int rc;
1061
1062 if (ses->expired_pwd)
1063 need_recon = true;
1064
1065 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon);
1066 if (rc)
1067 return rc;
1068
1069 /*
1070 * We can not change UNC/username/password/domainname/
1071 * workstation_name/nodename/iocharset
1072 * during reconnect so ignore what we have in the new context and
1073 * just use what we already have in cifs_sb->ctx.
1074 */
1075 STEAL_STRING(cifs_sb, ctx, UNC);
1076 STEAL_STRING(cifs_sb, ctx, source);
1077 STEAL_STRING(cifs_sb, ctx, username);
1078
1079 if (need_recon == false)
1080 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1081 else {
1082 if (ctx->password) {
1083 new_password = kstrdup(ctx->password, GFP_KERNEL);
1084 if (!new_password)
1085 return -ENOMEM;
1086 } else
1087 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1088 }
1089
1090 /*
1091 * if a new password2 has been specified, then reset it's value
1092 * inside the ses struct
1093 */
1094 if (ctx->password2) {
1095 new_password2 = kstrdup(ctx->password2, GFP_KERNEL);
1096 if (!new_password2) {
1097 kfree_sensitive(new_password);
1098 return -ENOMEM;
1099 }
1100 } else
1101 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password2);
1102
1103 /*
1104 * we may update the passwords in the ses struct below. Make sure we do
1105 * not race with smb2_reconnect
1106 */
1107 mutex_lock(&ses->session_mutex);
1108
1109 /*
1110 * smb2_reconnect may swap password and password2 in case session setup
1111 * failed. First get ctx passwords in sync with ses passwords. It should
1112 * be okay to do this even if this function were to return an error at a
1113 * later stage
1114 */
1115 rc = smb3_sync_session_ctx_passwords(cifs_sb, ses);
1116 if (rc) {
1117 mutex_unlock(&ses->session_mutex);
1118 kfree_sensitive(new_password);
1119 kfree_sensitive(new_password2);
1120 return rc;
1121 }
1122
1123 /*
1124 * now that allocations for passwords are done, commit them
1125 */
1126 if (new_password) {
1127 kfree_sensitive(ses->password);
1128 ses->password = new_password;
1129 }
1130 if (new_password2) {
1131 kfree_sensitive(ses->password2);
1132 ses->password2 = new_password2;
1133 }
1134
1135 /*
1136 * If multichannel or max_channels has changed, update the session's channels accordingly.
1137 * This may add or remove channels to match the new configuration.
1138 */
1139 if ((ctx->multichannel != cifs_sb->ctx->multichannel) ||
1140 (ctx->max_channels != cifs_sb->ctx->max_channels)) {
1141
1142 /* Synchronize ses->chan_max with the new mount context */
1143 smb3_sync_ses_chan_max(ses, ctx->max_channels);
1144 /* Now update the session's channels to match the new configuration */
1145 /* Prevent concurrent scaling operations */
1146 spin_lock(&ses->ses_lock);
1147 if (ses->flags & CIFS_SES_FLAG_SCALE_CHANNELS) {
1148 spin_unlock(&ses->ses_lock);
1149 mutex_unlock(&ses->session_mutex);
1150 return -EINVAL;
1151 }
1152 ses->flags |= CIFS_SES_FLAG_SCALE_CHANNELS;
1153 spin_unlock(&ses->ses_lock);
1154
1155 mutex_unlock(&ses->session_mutex);
1156
1157 rc = smb3_update_ses_channels(ses, ses->server,
1158 false /* from_reconnect */,
1159 false /* disable_mchan */);
1160
1161 /* Clear scaling flag after operation */
1162 spin_lock(&ses->ses_lock);
1163 ses->flags &= ~CIFS_SES_FLAG_SCALE_CHANNELS;
1164 spin_unlock(&ses->ses_lock);
1165 } else {
1166 mutex_unlock(&ses->session_mutex);
1167 }
1168
1169 STEAL_STRING(cifs_sb, ctx, domainname);
1170 STEAL_STRING(cifs_sb, ctx, nodename);
1171 STEAL_STRING(cifs_sb, ctx, iocharset);
1172
1173 /* if rsize or wsize not passed in on remount, use previous values */
1174 ctx->rsize = rsize ? CIFS_ALIGN_RSIZE(fc, rsize) : cifs_sb->ctx->rsize;
1175 ctx->wsize = wsize ? CIFS_ALIGN_WSIZE(fc, wsize) : cifs_sb->ctx->wsize;
1176
1177 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
1178 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
1179 smb3_update_mnt_flags(cifs_sb);
1180 #ifdef CONFIG_CIFS_DFS_UPCALL
1181 if (!rc)
1182 rc = dfs_cache_remount_fs(cifs_sb);
1183 #endif
1184
1185 return rc;
1186 }
1187
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)1188 static int smb3_fs_context_parse_param(struct fs_context *fc,
1189 struct fs_parameter *param)
1190 {
1191 struct fs_parse_result result;
1192 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1193 int i, opt;
1194 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
1195 bool skip_parsing = false;
1196 char *hostname;
1197
1198 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
1199
1200 /*
1201 * fs_parse can not handle string options with an empty value so
1202 * we will need special handling of them.
1203 */
1204 if (param->type == fs_value_is_string && param->string[0] == 0) {
1205 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
1206 skip_parsing = true;
1207 opt = Opt_pass;
1208 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
1209 skip_parsing = true;
1210 opt = Opt_user;
1211 } else if (!strcmp("pass2", param->key) || !strcmp("password2", param->key)) {
1212 skip_parsing = true;
1213 opt = Opt_pass2;
1214 }
1215 }
1216
1217 if (!skip_parsing) {
1218 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
1219 if (opt < 0)
1220 return ctx->sloppy ? 1 : opt;
1221 }
1222
1223 switch (opt) {
1224 case Opt_compress:
1225 if (!IS_ENABLED(CONFIG_CIFS_COMPRESSION)) {
1226 cifs_errorf(fc, "CONFIG_CIFS_COMPRESSION kernel config option is unset\n");
1227 goto cifs_parse_mount_err;
1228 }
1229 ctx->compress = true;
1230 cifs_dbg(VFS, "SMB3 compression support is experimental\n");
1231 break;
1232 case Opt_nodfs:
1233 ctx->nodfs = 1;
1234 break;
1235 case Opt_hard:
1236 if (result.negated) {
1237 if (ctx->retry == 1)
1238 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n");
1239 ctx->retry = 0;
1240 } else
1241 ctx->retry = 1;
1242 break;
1243 case Opt_soft:
1244 if (result.negated)
1245 ctx->retry = 1;
1246 else {
1247 if (ctx->retry == 1)
1248 cifs_dbg(VFS, "conflicting hard vs soft mount options\n");
1249 ctx->retry = 0;
1250 }
1251 break;
1252 case Opt_mapposix:
1253 if (result.negated)
1254 ctx->remap = false;
1255 else {
1256 ctx->remap = true;
1257 ctx->sfu_remap = false; /* disable SFU mapping */
1258 }
1259 break;
1260 case Opt_mapchars:
1261 if (result.negated)
1262 ctx->sfu_remap = false;
1263 else {
1264 ctx->sfu_remap = true;
1265 ctx->remap = false; /* disable SFM (mapposix) mapping */
1266 }
1267 break;
1268 case Opt_user_xattr:
1269 if (result.negated)
1270 ctx->no_xattr = 1;
1271 else
1272 ctx->no_xattr = 0;
1273 break;
1274 case Opt_forceuid:
1275 if (result.negated)
1276 ctx->override_uid = 0;
1277 else
1278 ctx->override_uid = 1;
1279 ctx->forceuid_specified = true;
1280 break;
1281 case Opt_forcegid:
1282 if (result.negated)
1283 ctx->override_gid = 0;
1284 else
1285 ctx->override_gid = 1;
1286 ctx->forcegid_specified = true;
1287 break;
1288 case Opt_perm:
1289 if (result.negated)
1290 ctx->noperm = 1;
1291 else
1292 ctx->noperm = 0;
1293 break;
1294 case Opt_dynperm:
1295 if (result.negated)
1296 ctx->dynperm = 0;
1297 else
1298 ctx->dynperm = 1;
1299 break;
1300 case Opt_sfu:
1301 if (result.negated)
1302 ctx->sfu_emul = 0;
1303 else
1304 ctx->sfu_emul = 1;
1305 break;
1306 case Opt_noblocksend:
1307 ctx->noblocksnd = 1;
1308 break;
1309 case Opt_noautotune:
1310 ctx->noautotune = 1;
1311 break;
1312 case Opt_lease:
1313 ctx->no_lease = result.negated;
1314 break;
1315 case Opt_nosparse:
1316 ctx->no_sparse = 1;
1317 break;
1318 case Opt_nodelete:
1319 ctx->nodelete = 1;
1320 break;
1321 case Opt_multichannel:
1322 ctx->multichannel_specified = true;
1323 if (result.negated)
1324 ctx->multichannel = false;
1325 else
1326 ctx->multichannel = true;
1327 break;
1328 case Opt_uid:
1329 ctx->linux_uid = result.uid;
1330 ctx->uid_specified = true;
1331 break;
1332 case Opt_cruid:
1333 ctx->cred_uid = result.uid;
1334 ctx->cruid_specified = true;
1335 break;
1336 case Opt_backupuid:
1337 ctx->backupuid = result.uid;
1338 ctx->backupuid_specified = true;
1339 break;
1340 case Opt_backupgid:
1341 ctx->backupgid = result.gid;
1342 ctx->backupgid_specified = true;
1343 break;
1344 case Opt_gid:
1345 ctx->linux_gid = result.gid;
1346 ctx->gid_specified = true;
1347 break;
1348 case Opt_port:
1349 ctx->port = result.uint_32;
1350 break;
1351 case Opt_file_mode:
1352 ctx->file_mode = result.uint_32;
1353 break;
1354 case Opt_dirmode:
1355 ctx->dir_mode = result.uint_32;
1356 break;
1357 case Opt_min_enc_offload:
1358 ctx->min_offload = result.uint_32;
1359 break;
1360 case Opt_retrans:
1361 ctx->retrans = result.uint_32;
1362 break;
1363 case Opt_blocksize:
1364 /*
1365 * inode blocksize realistically should never need to be
1366 * less than 16K or greater than 16M and default is 1MB.
1367 * Note that small inode block sizes (e.g. 64K) can lead
1368 * to very poor performance of common tools like cp and scp
1369 */
1370 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1371 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1372 cifs_errorf(fc, "%s: Invalid blocksize\n",
1373 __func__);
1374 goto cifs_parse_mount_err;
1375 }
1376 ctx->bsize = CIFS_ALIGN_BSIZE(fc, result.uint_32);
1377 ctx->got_bsize = true;
1378 break;
1379 case Opt_rasize:
1380 /*
1381 * readahead size realistically should never need to be
1382 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1383 * (perhaps an exception should be considered in the
1384 * for the case of a large number of channels
1385 * when multichannel is negotiated) since that would lead
1386 * to plenty of parallel I/O in flight to the server.
1387 * Note that smaller read ahead sizes would
1388 * hurt performance of common tools like cp and scp
1389 * which often trigger sequential i/o with read ahead
1390 */
1391 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1392 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1393 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1394 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1395 goto cifs_parse_mount_err;
1396 }
1397 ctx->rasize = result.uint_32;
1398 break;
1399 case Opt_rsize:
1400 ctx->rsize = CIFS_ALIGN_RSIZE(fc, result.uint_32);
1401 ctx->got_rsize = true;
1402 ctx->vol_rsize = ctx->rsize;
1403 break;
1404 case Opt_wsize:
1405 ctx->wsize = CIFS_ALIGN_WSIZE(fc, result.uint_32);
1406 ctx->got_wsize = true;
1407 ctx->vol_wsize = ctx->wsize;
1408 break;
1409 case Opt_acregmax:
1410 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1411 cifs_errorf(fc, "acregmax too large\n");
1412 goto cifs_parse_mount_err;
1413 }
1414 ctx->acregmax = HZ * result.uint_32;
1415 break;
1416 case Opt_acdirmax:
1417 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1418 cifs_errorf(fc, "acdirmax too large\n");
1419 goto cifs_parse_mount_err;
1420 }
1421 ctx->acdirmax = HZ * result.uint_32;
1422 break;
1423 case Opt_actimeo:
1424 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1425 cifs_errorf(fc, "timeout too large\n");
1426 goto cifs_parse_mount_err;
1427 }
1428 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1429 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1430 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1431 break;
1432 }
1433 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1434 break;
1435 case Opt_closetimeo:
1436 if (result.uint_32 > SMB3_MAX_DCLOSETIMEO / HZ) {
1437 cifs_errorf(fc, "closetimeo too large\n");
1438 goto cifs_parse_mount_err;
1439 }
1440 ctx->closetimeo = HZ * result.uint_32;
1441 break;
1442 case Opt_echo_interval:
1443 if (result.uint_32 < SMB_ECHO_INTERVAL_MIN ||
1444 result.uint_32 > SMB_ECHO_INTERVAL_MAX) {
1445 cifs_errorf(fc, "echo interval is out of bounds\n");
1446 goto cifs_parse_mount_err;
1447 }
1448 ctx->echo_interval = result.uint_32;
1449 break;
1450 case Opt_snapshot:
1451 ctx->snapshot_time = result.uint_64;
1452 break;
1453 case Opt_max_credits:
1454 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1455 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1456 __func__);
1457 goto cifs_parse_mount_err;
1458 }
1459 ctx->max_credits = result.uint_32;
1460 break;
1461 case Opt_max_channels:
1462 ctx->max_channels_specified = true;
1463 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1464 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1465 __func__, CIFS_MAX_CHANNELS);
1466 goto cifs_parse_mount_err;
1467 }
1468 ctx->max_channels = result.uint_32;
1469 break;
1470 case Opt_max_cached_dirs:
1471 if (result.uint_32 < 1) {
1472 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n",
1473 __func__);
1474 goto cifs_parse_mount_err;
1475 }
1476 ctx->max_cached_dirs = result.uint_32;
1477 break;
1478 case Opt_handletimeout:
1479 ctx->handle_timeout = result.uint_32;
1480 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1481 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1482 goto cifs_parse_mount_err;
1483 }
1484 break;
1485 case Opt_source:
1486 kfree(ctx->UNC);
1487 ctx->UNC = NULL;
1488 switch (smb3_parse_devname(param->string, ctx)) {
1489 case 0:
1490 break;
1491 case -ENOMEM:
1492 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1493 goto cifs_parse_mount_err;
1494 case -EINVAL:
1495 cifs_errorf(fc, "Malformed UNC in devname\n");
1496 goto cifs_parse_mount_err;
1497 default:
1498 cifs_errorf(fc, "Unknown error parsing devname\n");
1499 goto cifs_parse_mount_err;
1500 }
1501 kfree(ctx->source);
1502 ctx->source = smb3_fs_context_fullpath(ctx, '/');
1503 if (IS_ERR(ctx->source)) {
1504 ctx->source = NULL;
1505 cifs_errorf(fc, "OOM when copying UNC string\n");
1506 goto cifs_parse_mount_err;
1507 }
1508 kfree(fc->source);
1509 fc->source = kstrdup(ctx->source, GFP_KERNEL);
1510 if (fc->source == NULL) {
1511 cifs_errorf(fc, "OOM when copying UNC string\n");
1512 goto cifs_parse_mount_err;
1513 }
1514 hostname = extract_hostname(ctx->UNC);
1515 if (IS_ERR(hostname)) {
1516 cifs_errorf(fc, "Cannot extract hostname from UNC string\n");
1517 goto cifs_parse_mount_err;
1518 }
1519 /* last byte, type, is 0x20 for servr type */
1520 memset(ctx->target_rfc1001_name, 0x20, RFC1001_NAME_LEN_WITH_NULL);
1521 for (i = 0; i < RFC1001_NAME_LEN && hostname[i] != 0; i++)
1522 ctx->target_rfc1001_name[i] = toupper(hostname[i]);
1523 kfree(hostname);
1524 break;
1525 case Opt_user:
1526 kfree(ctx->username);
1527 ctx->username = NULL;
1528 if (ctx->nullauth)
1529 break;
1530 if (strlen(param->string) == 0) {
1531 /* null user, ie. anonymous authentication */
1532 ctx->nullauth = 1;
1533 break;
1534 }
1535
1536 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) ==
1537 CIFS_MAX_USERNAME_LEN) {
1538 pr_warn("username too long\n");
1539 goto cifs_parse_mount_err;
1540 }
1541 ctx->username = no_free_ptr(param->string);
1542 break;
1543 case Opt_pass:
1544 kfree_sensitive(ctx->password);
1545 ctx->password = NULL;
1546 if (strlen(param->string) == 0)
1547 break;
1548 ctx->password = no_free_ptr(param->string);
1549 break;
1550 case Opt_pass2:
1551 kfree_sensitive(ctx->password2);
1552 ctx->password2 = NULL;
1553 if (strlen(param->string) == 0)
1554 break;
1555 ctx->password2 = no_free_ptr(param->string);
1556 break;
1557 case Opt_ip:
1558 if (strlen(param->string) == 0) {
1559 ctx->got_ip = false;
1560 break;
1561 }
1562 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1563 param->string,
1564 strlen(param->string))) {
1565 pr_err("bad ip= option (%s)\n", param->string);
1566 goto cifs_parse_mount_err;
1567 }
1568 ctx->got_ip = true;
1569 break;
1570 case Opt_domain:
1571 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1572 == CIFS_MAX_DOMAINNAME_LEN) {
1573 pr_warn("domain name too long\n");
1574 goto cifs_parse_mount_err;
1575 }
1576
1577 kfree(ctx->domainname);
1578 ctx->domainname = no_free_ptr(param->string);
1579 cifs_dbg(FYI, "Domain name set\n");
1580 break;
1581 case Opt_srcaddr:
1582 if (!cifs_convert_address(
1583 (struct sockaddr *)&ctx->srcaddr,
1584 param->string, strlen(param->string))) {
1585 pr_warn("Could not parse srcaddr: %s\n",
1586 param->string);
1587 goto cifs_parse_mount_err;
1588 }
1589 break;
1590 case Opt_iocharset:
1591 if (strnlen(param->string, 1024) >= 65) {
1592 pr_warn("iocharset name too long\n");
1593 goto cifs_parse_mount_err;
1594 }
1595
1596 if (strncasecmp(param->string, "default", 7) != 0) {
1597 kfree(ctx->iocharset);
1598 ctx->iocharset = no_free_ptr(param->string);
1599 }
1600 /* if iocharset not set then load_nls_default
1601 * is used by caller
1602 */
1603 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1604 break;
1605 case Opt_netbiosname:
1606 memset(ctx->source_rfc1001_name, 0x20,
1607 RFC1001_NAME_LEN);
1608 /*
1609 * FIXME: are there cases in which a comma can
1610 * be valid in workstation netbios name (and
1611 * need special handling)?
1612 */
1613 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1614 /* don't ucase netbiosname for user */
1615 if (param->string[i] == 0)
1616 break;
1617 ctx->source_rfc1001_name[i] = param->string[i];
1618 }
1619 /* The string has 16th byte zero still from
1620 * set at top of the function
1621 */
1622 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1623 pr_warn("netbiosname longer than 15 truncated\n");
1624 break;
1625 case Opt_servern:
1626 /* last byte, type, is 0x20 for servr type */
1627 memset(ctx->target_rfc1001_name, 0x20,
1628 RFC1001_NAME_LEN_WITH_NULL);
1629 /*
1630 * BB are there cases in which a comma can be valid in this
1631 * workstation netbios name (and need special handling)?
1632 */
1633
1634 /* user or mount helper must uppercase the netbios name */
1635 for (i = 0; i < 15; i++) {
1636 if (param->string[i] == 0)
1637 break;
1638 ctx->target_rfc1001_name[i] = param->string[i];
1639 }
1640
1641 /* The string has 16th byte zero still from set at top of function */
1642 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1643 pr_warn("server netbiosname longer than 15 truncated\n");
1644 break;
1645 case Opt_nbsessinit:
1646 ctx->rfc1001_sessinit = !result.negated;
1647 cifs_dbg(FYI, "rfc1001_sessinit set to %d\n", ctx->rfc1001_sessinit);
1648 break;
1649 case Opt_ver:
1650 /* version of mount userspace tools, not dialect */
1651 /* If interface changes in mount.cifs bump to new ver */
1652 if (strncasecmp(param->string, "1", 1) == 0) {
1653 if (strlen(param->string) > 1) {
1654 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1655 param->string);
1656 goto cifs_parse_mount_err;
1657 }
1658 /* This is the default */
1659 break;
1660 }
1661 /* For all other value, error */
1662 pr_warn("Invalid mount helper version specified\n");
1663 goto cifs_parse_mount_err;
1664 case Opt_vers:
1665 /* protocol version (dialect) */
1666 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1667 goto cifs_parse_mount_err;
1668 ctx->got_version = true;
1669 break;
1670 case Opt_sec:
1671 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1672 goto cifs_parse_mount_err;
1673 break;
1674 case Opt_upcalltarget:
1675 if (cifs_parse_upcall_target(fc, param->string, ctx) != 0)
1676 goto cifs_parse_mount_err;
1677 break;
1678 case Opt_cache:
1679 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1680 goto cifs_parse_mount_err;
1681 break;
1682 case Opt_witness:
1683 #ifndef CONFIG_CIFS_SWN_UPCALL
1684 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1685 goto cifs_parse_mount_err;
1686 #endif
1687 ctx->witness = true;
1688 pr_warn_once("Witness protocol support is experimental\n");
1689 break;
1690 case Opt_unicode:
1691 ctx->unicode = !result.negated;
1692 cifs_dbg(FYI, "unicode set to %d\n", ctx->unicode);
1693 break;
1694 case Opt_rootfs:
1695 #ifndef CONFIG_CIFS_ROOT
1696 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1697 goto cifs_parse_mount_err;
1698 #endif
1699 ctx->rootfs = true;
1700 break;
1701 case Opt_posixpaths:
1702 if (result.negated)
1703 ctx->posix_paths = 0;
1704 else
1705 ctx->posix_paths = 1;
1706 break;
1707 case Opt_unix:
1708 if (result.negated) {
1709 if (ctx->linux_ext == 1)
1710 pr_warn_once("conflicting posix mount options specified\n");
1711 ctx->linux_ext = 0;
1712 ctx->no_linux_ext = 1;
1713 } else {
1714 if (ctx->no_linux_ext == 1)
1715 pr_warn_once("conflicting posix mount options specified\n");
1716 ctx->linux_ext = 1;
1717 ctx->no_linux_ext = 0;
1718 ctx->nonativesocket = 1; /* POSIX mounts use NFS style reparse points */
1719 }
1720 break;
1721 case Opt_nocase:
1722 ctx->nocase = 1;
1723 break;
1724 case Opt_brl:
1725 if (result.negated) {
1726 /*
1727 * turn off mandatory locking in mode
1728 * if remote locking is turned off since the
1729 * local vfs will do advisory
1730 */
1731 if (ctx->file_mode ==
1732 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1733 ctx->file_mode = S_IALLUGO;
1734 ctx->nobrl = 1;
1735 } else
1736 ctx->nobrl = 0;
1737 break;
1738 case Opt_handlecache:
1739 if (result.negated)
1740 ctx->nohandlecache = 1;
1741 else
1742 ctx->nohandlecache = 0;
1743 break;
1744 case Opt_forcemandatorylock:
1745 ctx->mand_lock = 1;
1746 break;
1747 case Opt_setuids:
1748 ctx->setuids = result.negated;
1749 break;
1750 case Opt_intr:
1751 ctx->intr = !result.negated;
1752 break;
1753 case Opt_setuidfromacl:
1754 ctx->setuidfromacl = 1;
1755 break;
1756 case Opt_strictsync:
1757 ctx->nostrictsync = result.negated;
1758 break;
1759 case Opt_serverino:
1760 ctx->server_ino = !result.negated;
1761 break;
1762 case Opt_rwpidforward:
1763 ctx->rwpidforward = 1;
1764 break;
1765 case Opt_modesid:
1766 ctx->mode_ace = 1;
1767 break;
1768 case Opt_cifsacl:
1769 ctx->cifs_acl = !result.negated;
1770 break;
1771 case Opt_acl:
1772 ctx->no_psx_acl = result.negated;
1773 break;
1774 case Opt_locallease:
1775 ctx->local_lease = 1;
1776 break;
1777 case Opt_sign:
1778 ctx->sign = true;
1779 break;
1780 case Opt_ignore_signature:
1781 ctx->sign = true;
1782 ctx->ignore_signature = true;
1783 break;
1784 case Opt_seal:
1785 /* we do not do the following in secFlags because seal
1786 * is a per tree connection (mount) not a per socket
1787 * or per-smb connection option in the protocol
1788 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1789 */
1790 ctx->seal = 1;
1791 break;
1792 case Opt_noac:
1793 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1794 break;
1795 case Opt_fsc:
1796 #ifndef CONFIG_CIFS_FSCACHE
1797 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1798 goto cifs_parse_mount_err;
1799 #endif
1800 ctx->fsc = true;
1801 break;
1802 case Opt_mfsymlinks:
1803 ctx->mfsymlinks = true;
1804 break;
1805 case Opt_multiuser:
1806 ctx->multiuser = true;
1807 break;
1808 case Opt_sloppy:
1809 ctx->sloppy = true;
1810 break;
1811 case Opt_nosharesock:
1812 ctx->nosharesock = true;
1813 break;
1814 case Opt_persistent:
1815 if (result.negated) {
1816 ctx->nopersistent = true;
1817 if (ctx->persistent) {
1818 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1819 goto cifs_parse_mount_err;
1820 }
1821 } else {
1822 ctx->persistent = true;
1823 if ((ctx->nopersistent) || (ctx->resilient)) {
1824 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1825 goto cifs_parse_mount_err;
1826 }
1827 }
1828 break;
1829 case Opt_resilient:
1830 if (result.negated) {
1831 ctx->resilient = false; /* already the default */
1832 } else {
1833 ctx->resilient = true;
1834 if (ctx->persistent) {
1835 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1836 goto cifs_parse_mount_err;
1837 }
1838 }
1839 break;
1840 case Opt_tcp_nodelay:
1841 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1842 if (result.negated)
1843 ctx->sockopt_tcp_nodelay = false;
1844 else
1845 ctx->sockopt_tcp_nodelay = true;
1846 break;
1847 case Opt_domainauto:
1848 ctx->domainauto = true;
1849 break;
1850 case Opt_rdma:
1851 ctx->rdma = true;
1852 break;
1853 case Opt_reparse:
1854 if (parse_reparse_flavor(fc, param->string, ctx))
1855 goto cifs_parse_mount_err;
1856 break;
1857 case Opt_nativesocket:
1858 ctx->nonativesocket = result.negated;
1859 break;
1860 case Opt_symlink:
1861 if (parse_symlink_flavor(fc, param->string, ctx))
1862 goto cifs_parse_mount_err;
1863 break;
1864 case Opt_symlinkroot:
1865 if (param->string[0] != '/') {
1866 cifs_errorf(fc, "symlinkroot mount options must be absolute path\n");
1867 goto cifs_parse_mount_err;
1868 }
1869 if (strnlen(param->string, PATH_MAX) == PATH_MAX) {
1870 cifs_errorf(fc, "symlinkroot path too long (max path length: %u)\n",
1871 PATH_MAX - 1);
1872 goto cifs_parse_mount_err;
1873 }
1874 kfree(ctx->symlinkroot);
1875 ctx->symlinkroot = param->string;
1876 param->string = NULL;
1877 break;
1878 }
1879 /* case Opt_ignore: - is ignored as expected ... */
1880
1881 if (ctx->multiuser && ctx->upcall_target == UPTARGET_MOUNT) {
1882 cifs_errorf(fc, "multiuser mount option not supported with upcalltarget set as 'mount'\n");
1883 goto cifs_parse_mount_err;
1884 }
1885
1886 return 0;
1887
1888 cifs_parse_mount_err:
1889 kfree_sensitive(ctx->password);
1890 ctx->password = NULL;
1891 kfree_sensitive(ctx->password2);
1892 ctx->password2 = NULL;
1893 kfree(ctx->source);
1894 ctx->source = NULL;
1895 kfree(fc->source);
1896 fc->source = NULL;
1897 return -EINVAL;
1898 }
1899
smb3_init_fs_context(struct fs_context * fc)1900 int smb3_init_fs_context(struct fs_context *fc)
1901 {
1902 struct smb3_fs_context *ctx;
1903 char *nodename = utsname()->nodename;
1904 int i;
1905
1906 ctx = kzalloc_obj(struct smb3_fs_context);
1907 if (unlikely(!ctx))
1908 return -ENOMEM;
1909
1910 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1911
1912 /*
1913 * does not have to be perfect mapping since field is
1914 * informational, only used for servers that do not support
1915 * port 445 and it can be overridden at mount time
1916 */
1917 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1918 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1919 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1920 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1921
1922 /*
1923 * null target name indicates to use *SMBSERVR default called name
1924 * if we end up sending RFC1001 session initialize
1925 */
1926 ctx->target_rfc1001_name[0] = 0;
1927
1928 ctx->rfc1001_sessinit = -1; /* autodetect based on port number */
1929
1930 ctx->cred_uid = current_uid();
1931 ctx->linux_uid = current_uid();
1932 ctx->linux_gid = current_gid();
1933 /* By default 4MB read ahead size, 1MB block size */
1934 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1935 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1936
1937 /*
1938 * default to SFM style remapping of seven reserved characters
1939 * unless user overrides it or we negotiate CIFS POSIX where
1940 * it is unnecessary. Can not simultaneously use more than one mapping
1941 * since then readdir could list files that open could not open
1942 */
1943 ctx->remap = true;
1944
1945 /* default to only allowing write access to owner of the mount */
1946 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1947
1948 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1949 /* default is always to request posix paths. */
1950 ctx->posix_paths = 1;
1951 /* default to using server inode numbers where available */
1952 ctx->server_ino = 1;
1953
1954 /* default is to use strict cifs caching semantics */
1955 ctx->strict_io = true;
1956
1957 ctx->acregmax = CIFS_DEF_ACTIMEO;
1958 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1959 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1960 ctx->max_cached_dirs = MAX_CACHED_FIDS;
1961 /* Most clients set timeout to 0, allows server to use its default */
1962 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1963
1964 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1965 ctx->ops = &smb30_operations;
1966 ctx->vals = &smbdefault_values;
1967
1968 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1969
1970 /* default to no multichannel (single server connection) */
1971 ctx->multichannel = false;
1972 ctx->multichannel_specified = false;
1973 ctx->max_channels_specified = false;
1974 ctx->max_channels = 1;
1975
1976 ctx->backupuid_specified = false; /* no backup intent for a user */
1977 ctx->backupgid_specified = false; /* no backup intent for a group */
1978
1979 ctx->retrans = 0;
1980 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
1981 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
1982 ctx->nonativesocket = 0;
1983
1984 ctx->unicode = -1; /* autodetect, but prefer UNICODE mode */
1985
1986 /*
1987 * short int override_uid = -1;
1988 * short int override_gid = -1;
1989 * char *nodename = strdup(utsname()->nodename);
1990 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1991 */
1992
1993 fc->fs_private = ctx;
1994 fc->ops = &smb3_fs_context_ops;
1995 return 0;
1996 }
1997
1998 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1999 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
2000 {
2001 if (ctx == NULL)
2002 return;
2003
2004 /*
2005 * Make sure this stays in sync with smb3_fs_context_dup()
2006 */
2007 kfree(ctx->username);
2008 ctx->username = NULL;
2009 kfree_sensitive(ctx->password);
2010 ctx->password = NULL;
2011 kfree_sensitive(ctx->password2);
2012 ctx->password2 = NULL;
2013 kfree(ctx->server_hostname);
2014 ctx->server_hostname = NULL;
2015 kfree(ctx->UNC);
2016 ctx->UNC = NULL;
2017 kfree(ctx->source);
2018 ctx->source = NULL;
2019 kfree(ctx->domainname);
2020 ctx->domainname = NULL;
2021 kfree(ctx->nodename);
2022 ctx->nodename = NULL;
2023 kfree(ctx->iocharset);
2024 ctx->iocharset = NULL;
2025 kfree(ctx->prepath);
2026 ctx->prepath = NULL;
2027 kfree(ctx->leaf_fullpath);
2028 ctx->leaf_fullpath = NULL;
2029 kfree(ctx->dns_dom);
2030 ctx->dns_dom = NULL;
2031 kfree(ctx->symlinkroot);
2032 ctx->symlinkroot = NULL;
2033 }
2034
2035 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)2036 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
2037 {
2038 if (!ctx)
2039 return;
2040 smb3_cleanup_fs_context_contents(ctx);
2041 kfree(ctx);
2042 }
2043
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)2044 unsigned int smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
2045 {
2046 unsigned int sbflags = cifs_sb_flags(cifs_sb);
2047 struct smb3_fs_context *ctx = cifs_sb->ctx;
2048
2049 if (ctx->nodfs)
2050 sbflags |= CIFS_MOUNT_NO_DFS;
2051 else
2052 sbflags &= ~CIFS_MOUNT_NO_DFS;
2053
2054 if (ctx->noperm)
2055 sbflags |= CIFS_MOUNT_NO_PERM;
2056 else
2057 sbflags &= ~CIFS_MOUNT_NO_PERM;
2058
2059 if (ctx->setuids)
2060 sbflags |= CIFS_MOUNT_SET_UID;
2061 else
2062 sbflags &= ~CIFS_MOUNT_SET_UID;
2063
2064 if (ctx->setuidfromacl)
2065 sbflags |= CIFS_MOUNT_UID_FROM_ACL;
2066 else
2067 sbflags &= ~CIFS_MOUNT_UID_FROM_ACL;
2068
2069 if (ctx->server_ino)
2070 sbflags |= CIFS_MOUNT_SERVER_INUM;
2071 else
2072 sbflags &= ~CIFS_MOUNT_SERVER_INUM;
2073
2074 if (ctx->remap)
2075 sbflags |= CIFS_MOUNT_MAP_SFM_CHR;
2076 else
2077 sbflags &= ~CIFS_MOUNT_MAP_SFM_CHR;
2078
2079 if (ctx->sfu_remap)
2080 sbflags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2081 else
2082 sbflags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
2083
2084 if (ctx->no_xattr)
2085 sbflags |= CIFS_MOUNT_NO_XATTR;
2086 else
2087 sbflags &= ~CIFS_MOUNT_NO_XATTR;
2088
2089 if (ctx->sfu_emul)
2090 sbflags |= CIFS_MOUNT_UNX_EMUL;
2091 else
2092 sbflags &= ~CIFS_MOUNT_UNX_EMUL;
2093
2094 if (ctx->nobrl)
2095 sbflags |= CIFS_MOUNT_NO_BRL;
2096 else
2097 sbflags &= ~CIFS_MOUNT_NO_BRL;
2098
2099 if (ctx->nohandlecache)
2100 sbflags |= CIFS_MOUNT_NO_HANDLE_CACHE;
2101 else
2102 sbflags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
2103
2104 if (ctx->nostrictsync)
2105 sbflags |= CIFS_MOUNT_NOSSYNC;
2106 else
2107 sbflags &= ~CIFS_MOUNT_NOSSYNC;
2108
2109 if (ctx->mand_lock)
2110 sbflags |= CIFS_MOUNT_NOPOSIXBRL;
2111 else
2112 sbflags &= ~CIFS_MOUNT_NOPOSIXBRL;
2113
2114 if (ctx->rwpidforward)
2115 sbflags |= CIFS_MOUNT_RWPIDFORWARD;
2116 else
2117 sbflags &= ~CIFS_MOUNT_RWPIDFORWARD;
2118
2119 if (ctx->mode_ace)
2120 sbflags |= CIFS_MOUNT_MODE_FROM_SID;
2121 else
2122 sbflags &= ~CIFS_MOUNT_MODE_FROM_SID;
2123
2124 if (ctx->cifs_acl)
2125 sbflags |= CIFS_MOUNT_CIFS_ACL;
2126 else
2127 sbflags &= ~CIFS_MOUNT_CIFS_ACL;
2128
2129 if (ctx->backupuid_specified)
2130 sbflags |= CIFS_MOUNT_CIFS_BACKUPUID;
2131 else
2132 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
2133
2134 if (ctx->backupgid_specified)
2135 sbflags |= CIFS_MOUNT_CIFS_BACKUPGID;
2136 else
2137 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
2138
2139 if (ctx->override_uid)
2140 sbflags |= CIFS_MOUNT_OVERR_UID;
2141 else
2142 sbflags &= ~CIFS_MOUNT_OVERR_UID;
2143
2144 if (ctx->override_gid)
2145 sbflags |= CIFS_MOUNT_OVERR_GID;
2146 else
2147 sbflags &= ~CIFS_MOUNT_OVERR_GID;
2148
2149 if (ctx->dynperm)
2150 sbflags |= CIFS_MOUNT_DYNPERM;
2151 else
2152 sbflags &= ~CIFS_MOUNT_DYNPERM;
2153
2154 if (ctx->fsc)
2155 sbflags |= CIFS_MOUNT_FSCACHE;
2156 else
2157 sbflags &= ~CIFS_MOUNT_FSCACHE;
2158
2159 if (ctx->multiuser)
2160 sbflags |= CIFS_MOUNT_MULTIUSER | CIFS_MOUNT_NO_PERM;
2161 else
2162 sbflags &= ~CIFS_MOUNT_MULTIUSER;
2163
2164
2165 if (ctx->strict_io)
2166 sbflags |= CIFS_MOUNT_STRICT_IO;
2167 else
2168 sbflags &= ~CIFS_MOUNT_STRICT_IO;
2169
2170 if (ctx->direct_io)
2171 sbflags |= CIFS_MOUNT_DIRECT_IO;
2172 else
2173 sbflags &= ~CIFS_MOUNT_DIRECT_IO;
2174
2175 if (ctx->mfsymlinks)
2176 sbflags |= CIFS_MOUNT_MF_SYMLINKS;
2177 else
2178 sbflags &= ~CIFS_MOUNT_MF_SYMLINKS;
2179
2180 if (ctx->mfsymlinks && ctx->sfu_emul) {
2181 /*
2182 * Our SFU ("Services for Unix") emulation allows now
2183 * creating new and reading existing SFU symlinks.
2184 * Older Linux kernel versions were not able to neither
2185 * read existing nor create new SFU symlinks. But
2186 * creating and reading SFU style mknod and FIFOs was
2187 * supported for long time. When "mfsymlinks" and
2188 * "sfu" are both enabled at the same time, it allows
2189 * reading both types of symlinks, but will only create
2190 * them with mfsymlinks format. This allows better
2191 * Apple compatibility, compatibility with older Linux
2192 * kernel clients (probably better for Samba too)
2193 * while still recognizing old Windows style symlinks.
2194 */
2195 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
2196 }
2197 sbflags &= ~CIFS_MOUNT_SHUTDOWN;
2198 atomic_set(&cifs_sb->mnt_cifs_flags, sbflags);
2199 return sbflags;
2200 }
2201