1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifsglob.h" 30 #include "cifsproto.h" 31 #include "cifs_unicode.h" 32 #include "cifs_debug.h" 33 #include "cifs_fs_sb.h" 34 #include "ntlmssp.h" 35 #include "nterr.h" 36 #include "rfc1002pdu.h" 37 #include "fs_context.h" 38 39 DEFINE_MUTEX(cifs_mount_mutex); 40 41 static const match_table_t cifs_smb_version_tokens = { 42 { Smb_1, SMB1_VERSION_STRING }, 43 { Smb_20, SMB20_VERSION_STRING}, 44 { Smb_21, SMB21_VERSION_STRING }, 45 { Smb_30, SMB30_VERSION_STRING }, 46 { Smb_302, SMB302_VERSION_STRING }, 47 { Smb_302, ALT_SMB302_VERSION_STRING }, 48 { Smb_311, SMB311_VERSION_STRING }, 49 { Smb_311, ALT_SMB311_VERSION_STRING }, 50 { Smb_3any, SMB3ANY_VERSION_STRING }, 51 { Smb_default, SMBDEFAULT_VERSION_STRING }, 52 { Smb_version_err, NULL } 53 }; 54 55 static const match_table_t cifs_secflavor_tokens = { 56 { Opt_sec_krb5, "krb5" }, 57 { Opt_sec_krb5i, "krb5i" }, 58 { Opt_sec_krb5p, "krb5p" }, 59 { Opt_sec_ntlmsspi, "ntlmsspi" }, 60 { Opt_sec_ntlmssp, "ntlmssp" }, 61 { Opt_sec_ntlmv2, "nontlm" }, 62 { Opt_sec_ntlmv2, "ntlmv2" }, 63 { Opt_sec_ntlmv2i, "ntlmv2i" }, 64 { Opt_sec_none, "none" }, 65 66 { Opt_sec_err, NULL } 67 }; 68 69 static const match_table_t cifs_upcall_target = { 70 { Opt_upcall_target_mount, "mount" }, 71 { Opt_upcall_target_application, "app" }, 72 { Opt_upcall_target_err, NULL } 73 }; 74 75 const struct fs_parameter_spec smb3_fs_parameters[] = { 76 /* Mount options that take no arguments */ 77 fsparam_flag_no("user_xattr", Opt_user_xattr), 78 fsparam_flag_no("forceuid", Opt_forceuid), 79 fsparam_flag_no("multichannel", Opt_multichannel), 80 fsparam_flag_no("forcegid", Opt_forcegid), 81 fsparam_flag("noblocksend", Opt_noblocksend), 82 fsparam_flag("noautotune", Opt_noautotune), 83 fsparam_flag("nolease", Opt_nolease), 84 fsparam_flag_no("hard", Opt_hard), 85 fsparam_flag_no("soft", Opt_soft), 86 fsparam_flag_no("perm", Opt_perm), 87 fsparam_flag("nodelete", Opt_nodelete), 88 fsparam_flag_no("mapposix", Opt_mapposix), 89 fsparam_flag("mapchars", Opt_mapchars), 90 fsparam_flag("nomapchars", Opt_nomapchars), 91 fsparam_flag_no("sfu", Opt_sfu), 92 fsparam_flag("nodfs", Opt_nodfs), 93 fsparam_flag_no("posixpaths", Opt_posixpaths), 94 fsparam_flag_no("unix", Opt_unix), 95 fsparam_flag_no("linux", Opt_unix), 96 fsparam_flag_no("posix", Opt_unix), 97 fsparam_flag("nocase", Opt_nocase), 98 fsparam_flag("ignorecase", Opt_nocase), 99 fsparam_flag_no("brl", Opt_brl), 100 fsparam_flag_no("handlecache", Opt_handlecache), 101 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 102 fsparam_flag("forcemand", Opt_forcemandatorylock), 103 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 104 fsparam_flag("idsfromsid", Opt_setuidfromacl), 105 fsparam_flag_no("setuids", Opt_setuids), 106 fsparam_flag_no("dynperm", Opt_dynperm), 107 fsparam_flag_no("intr", Opt_intr), 108 fsparam_flag_no("strictsync", Opt_strictsync), 109 fsparam_flag_no("serverino", Opt_serverino), 110 fsparam_flag("rwpidforward", Opt_rwpidforward), 111 fsparam_flag("cifsacl", Opt_cifsacl), 112 fsparam_flag_no("acl", Opt_acl), 113 fsparam_flag("locallease", Opt_locallease), 114 fsparam_flag("sign", Opt_sign), 115 fsparam_flag("ignore_signature", Opt_ignore_signature), 116 fsparam_flag("signloosely", Opt_ignore_signature), 117 fsparam_flag("seal", Opt_seal), 118 fsparam_flag("noac", Opt_noac), 119 fsparam_flag("fsc", Opt_fsc), 120 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 121 fsparam_flag("multiuser", Opt_multiuser), 122 fsparam_flag("sloppy", Opt_sloppy), 123 fsparam_flag("nosharesock", Opt_nosharesock), 124 fsparam_flag_no("persistenthandles", Opt_persistent), 125 fsparam_flag_no("resilienthandles", Opt_resilient), 126 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 127 fsparam_flag("nosparse", Opt_nosparse), 128 fsparam_flag("domainauto", Opt_domainauto), 129 fsparam_flag("rdma", Opt_rdma), 130 fsparam_flag("modesid", Opt_modesid), 131 fsparam_flag("modefromsid", Opt_modesid), 132 fsparam_flag("rootfs", Opt_rootfs), 133 fsparam_flag("compress", Opt_compress), 134 fsparam_flag("witness", Opt_witness), 135 fsparam_flag_no("nativesocket", Opt_nativesocket), 136 fsparam_flag_no("unicode", Opt_unicode), 137 fsparam_flag_no("nbsessinit", Opt_nbsessinit), 138 139 /* Mount options which take uid or gid */ 140 fsparam_uid("backupuid", Opt_backupuid), 141 fsparam_gid("backupgid", Opt_backupgid), 142 fsparam_uid("uid", Opt_uid), 143 fsparam_uid("cruid", Opt_cruid), 144 fsparam_gid("gid", Opt_gid), 145 146 /* Mount options which take numeric value */ 147 fsparam_u32("file_mode", Opt_file_mode), 148 fsparam_u32("dirmode", Opt_dirmode), 149 fsparam_u32("dir_mode", Opt_dirmode), 150 fsparam_u32("port", Opt_port), 151 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 152 fsparam_u32("retrans", Opt_retrans), 153 fsparam_u32("esize", Opt_min_enc_offload), 154 fsparam_u32("bsize", Opt_blocksize), 155 fsparam_u32("rasize", Opt_rasize), 156 fsparam_u32("rsize", Opt_rsize), 157 fsparam_u32("wsize", Opt_wsize), 158 fsparam_u32("actimeo", Opt_actimeo), 159 fsparam_u32("acdirmax", Opt_acdirmax), 160 fsparam_u32("acregmax", Opt_acregmax), 161 fsparam_u32("closetimeo", Opt_closetimeo), 162 fsparam_u32("echo_interval", Opt_echo_interval), 163 fsparam_u32("max_credits", Opt_max_credits), 164 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs), 165 fsparam_u32("handletimeout", Opt_handletimeout), 166 fsparam_u64("snapshot", Opt_snapshot), 167 fsparam_u32("max_channels", Opt_max_channels), 168 169 /* Mount options which take string value */ 170 fsparam_string("source", Opt_source), 171 fsparam_string("user", Opt_user), 172 fsparam_string("username", Opt_user), 173 fsparam_string("pass", Opt_pass), 174 fsparam_string("password", Opt_pass), 175 fsparam_string("pass2", Opt_pass2), 176 fsparam_string("password2", Opt_pass2), 177 fsparam_string("ip", Opt_ip), 178 fsparam_string("addr", Opt_ip), 179 fsparam_string("domain", Opt_domain), 180 fsparam_string("dom", Opt_domain), 181 fsparam_string("srcaddr", Opt_srcaddr), 182 fsparam_string("iocharset", Opt_iocharset), 183 fsparam_string("netbiosname", Opt_netbiosname), 184 fsparam_string("servern", Opt_servern), 185 fsparam_string("ver", Opt_ver), 186 fsparam_string("vers", Opt_vers), 187 fsparam_string("sec", Opt_sec), 188 fsparam_string("cache", Opt_cache), 189 fsparam_string("reparse", Opt_reparse), 190 fsparam_string("upcall_target", Opt_upcalltarget), 191 fsparam_string("symlink", Opt_symlink), 192 fsparam_string("symlinkroot", Opt_symlinkroot), 193 194 /* Arguments that should be ignored */ 195 fsparam_flag("guest", Opt_ignore), 196 fsparam_flag("noatime", Opt_ignore), 197 fsparam_flag("relatime", Opt_ignore), 198 fsparam_flag("_netdev", Opt_ignore), 199 fsparam_flag_no("suid", Opt_ignore), 200 fsparam_flag_no("exec", Opt_ignore), 201 fsparam_flag_no("dev", Opt_ignore), 202 fsparam_flag_no("mand", Opt_ignore), 203 fsparam_flag_no("auto", Opt_ignore), 204 fsparam_string("cred", Opt_ignore), 205 fsparam_string("credentials", Opt_ignore), 206 /* 207 * UNC and prefixpath is now extracted from Opt_source 208 * in the new mount API so we can just ignore them going forward. 209 */ 210 fsparam_string("unc", Opt_ignore), 211 fsparam_string("prefixpath", Opt_ignore), 212 {} 213 }; 214 215 static int 216 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 217 { 218 219 substring_t args[MAX_OPT_ARGS]; 220 221 /* 222 * With mount options, the last one should win. Reset any existing 223 * settings back to default. 224 */ 225 ctx->sectype = Unspecified; 226 ctx->sign = false; 227 228 switch (match_token(value, cifs_secflavor_tokens, args)) { 229 case Opt_sec_krb5p: 230 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n"); 231 return 1; 232 case Opt_sec_krb5i: 233 ctx->sign = true; 234 fallthrough; 235 case Opt_sec_krb5: 236 ctx->sectype = Kerberos; 237 break; 238 case Opt_sec_ntlmsspi: 239 ctx->sign = true; 240 fallthrough; 241 case Opt_sec_ntlmssp: 242 ctx->sectype = RawNTLMSSP; 243 break; 244 case Opt_sec_ntlmv2i: 245 ctx->sign = true; 246 fallthrough; 247 case Opt_sec_ntlmv2: 248 ctx->sectype = NTLMv2; 249 break; 250 case Opt_sec_none: 251 ctx->nullauth = 1; 252 kfree(ctx->username); 253 ctx->username = NULL; 254 break; 255 default: 256 cifs_errorf(fc, "bad security option: %s\n", value); 257 return 1; 258 } 259 260 return 0; 261 } 262 263 static int 264 cifs_parse_upcall_target(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 265 { 266 substring_t args[MAX_OPT_ARGS]; 267 268 ctx->upcall_target = UPTARGET_UNSPECIFIED; 269 270 switch (match_token(value, cifs_upcall_target, args)) { 271 case Opt_upcall_target_mount: 272 ctx->upcall_target = UPTARGET_MOUNT; 273 break; 274 case Opt_upcall_target_application: 275 ctx->upcall_target = UPTARGET_APP; 276 break; 277 278 default: 279 cifs_errorf(fc, "bad upcall target: %s\n", value); 280 return 1; 281 } 282 283 return 0; 284 } 285 286 static const match_table_t cifs_cacheflavor_tokens = { 287 { Opt_cache_loose, "loose" }, 288 { Opt_cache_strict, "strict" }, 289 { Opt_cache_none, "none" }, 290 { Opt_cache_ro, "ro" }, 291 { Opt_cache_rw, "singleclient" }, 292 { Opt_cache_err, NULL } 293 }; 294 295 static int 296 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 297 { 298 substring_t args[MAX_OPT_ARGS]; 299 300 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 301 case Opt_cache_loose: 302 ctx->direct_io = false; 303 ctx->strict_io = false; 304 ctx->cache_ro = false; 305 ctx->cache_rw = false; 306 break; 307 case Opt_cache_strict: 308 ctx->direct_io = false; 309 ctx->strict_io = true; 310 ctx->cache_ro = false; 311 ctx->cache_rw = false; 312 break; 313 case Opt_cache_none: 314 ctx->direct_io = true; 315 ctx->strict_io = false; 316 ctx->cache_ro = false; 317 ctx->cache_rw = false; 318 break; 319 case Opt_cache_ro: 320 ctx->direct_io = false; 321 ctx->strict_io = false; 322 ctx->cache_ro = true; 323 ctx->cache_rw = false; 324 break; 325 case Opt_cache_rw: 326 ctx->direct_io = false; 327 ctx->strict_io = false; 328 ctx->cache_ro = false; 329 ctx->cache_rw = true; 330 break; 331 default: 332 cifs_errorf(fc, "bad cache= option: %s\n", value); 333 return 1; 334 } 335 return 0; 336 } 337 338 static const match_table_t reparse_flavor_tokens = { 339 { Opt_reparse_default, "default" }, 340 { Opt_reparse_none, "none" }, 341 { Opt_reparse_nfs, "nfs" }, 342 { Opt_reparse_wsl, "wsl" }, 343 { Opt_reparse_err, NULL }, 344 }; 345 346 static int parse_reparse_flavor(struct fs_context *fc, char *value, 347 struct smb3_fs_context *ctx) 348 { 349 substring_t args[MAX_OPT_ARGS]; 350 351 switch (match_token(value, reparse_flavor_tokens, args)) { 352 case Opt_reparse_default: 353 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT; 354 break; 355 case Opt_reparse_none: 356 ctx->reparse_type = CIFS_REPARSE_TYPE_NONE; 357 break; 358 case Opt_reparse_nfs: 359 ctx->reparse_type = CIFS_REPARSE_TYPE_NFS; 360 break; 361 case Opt_reparse_wsl: 362 ctx->reparse_type = CIFS_REPARSE_TYPE_WSL; 363 break; 364 default: 365 cifs_errorf(fc, "bad reparse= option: %s\n", value); 366 return 1; 367 } 368 return 0; 369 } 370 371 static const match_table_t symlink_flavor_tokens = { 372 { Opt_symlink_default, "default" }, 373 { Opt_symlink_none, "none" }, 374 { Opt_symlink_native, "native" }, 375 { Opt_symlink_unix, "unix" }, 376 { Opt_symlink_mfsymlinks, "mfsymlinks" }, 377 { Opt_symlink_sfu, "sfu" }, 378 { Opt_symlink_nfs, "nfs" }, 379 { Opt_symlink_wsl, "wsl" }, 380 { Opt_symlink_err, NULL }, 381 }; 382 383 static int parse_symlink_flavor(struct fs_context *fc, char *value, 384 struct smb3_fs_context *ctx) 385 { 386 substring_t args[MAX_OPT_ARGS]; 387 388 switch (match_token(value, symlink_flavor_tokens, args)) { 389 case Opt_symlink_default: 390 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT; 391 break; 392 case Opt_symlink_none: 393 ctx->symlink_type = CIFS_SYMLINK_TYPE_NONE; 394 break; 395 case Opt_symlink_native: 396 ctx->symlink_type = CIFS_SYMLINK_TYPE_NATIVE; 397 break; 398 case Opt_symlink_unix: 399 ctx->symlink_type = CIFS_SYMLINK_TYPE_UNIX; 400 break; 401 case Opt_symlink_mfsymlinks: 402 ctx->symlink_type = CIFS_SYMLINK_TYPE_MFSYMLINKS; 403 break; 404 case Opt_symlink_sfu: 405 ctx->symlink_type = CIFS_SYMLINK_TYPE_SFU; 406 break; 407 case Opt_symlink_nfs: 408 ctx->symlink_type = CIFS_SYMLINK_TYPE_NFS; 409 break; 410 case Opt_symlink_wsl: 411 ctx->symlink_type = CIFS_SYMLINK_TYPE_WSL; 412 break; 413 default: 414 cifs_errorf(fc, "bad symlink= option: %s\n", value); 415 return 1; 416 } 417 return 0; 418 } 419 420 #define DUP_CTX_STR(field) \ 421 do { \ 422 if (ctx->field) { \ 423 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 424 if (new_ctx->field == NULL) { \ 425 smb3_cleanup_fs_context_contents(new_ctx); \ 426 return -ENOMEM; \ 427 } \ 428 } \ 429 } while (0) 430 431 int 432 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 433 { 434 memcpy(new_ctx, ctx, sizeof(*ctx)); 435 new_ctx->prepath = NULL; 436 new_ctx->nodename = NULL; 437 new_ctx->username = NULL; 438 new_ctx->password = NULL; 439 new_ctx->password2 = NULL; 440 new_ctx->server_hostname = NULL; 441 new_ctx->domainname = NULL; 442 new_ctx->UNC = NULL; 443 new_ctx->source = NULL; 444 new_ctx->iocharset = NULL; 445 new_ctx->leaf_fullpath = NULL; 446 new_ctx->dns_dom = NULL; 447 new_ctx->symlinkroot = NULL; 448 /* 449 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 450 */ 451 DUP_CTX_STR(prepath); 452 DUP_CTX_STR(username); 453 DUP_CTX_STR(password); 454 DUP_CTX_STR(password2); 455 DUP_CTX_STR(server_hostname); 456 DUP_CTX_STR(UNC); 457 DUP_CTX_STR(source); 458 DUP_CTX_STR(domainname); 459 DUP_CTX_STR(nodename); 460 DUP_CTX_STR(iocharset); 461 DUP_CTX_STR(leaf_fullpath); 462 DUP_CTX_STR(dns_dom); 463 DUP_CTX_STR(symlinkroot); 464 465 return 0; 466 } 467 468 static int 469 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 470 { 471 substring_t args[MAX_OPT_ARGS]; 472 473 switch (match_token(value, cifs_smb_version_tokens, args)) { 474 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 475 case Smb_1: 476 if (disable_legacy_dialects) { 477 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 478 return 1; 479 } 480 if (is_smb3) { 481 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 482 return 1; 483 } 484 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 485 ctx->ops = &smb1_operations; 486 ctx->vals = &smb1_values; 487 break; 488 case Smb_20: 489 if (disable_legacy_dialects) { 490 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 491 return 1; 492 } 493 if (is_smb3) { 494 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 495 return 1; 496 } 497 ctx->ops = &smb20_operations; 498 ctx->vals = &smb20_values; 499 break; 500 #else 501 case Smb_1: 502 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 503 return 1; 504 case Smb_20: 505 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 506 return 1; 507 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */ 508 case Smb_21: 509 ctx->ops = &smb21_operations; 510 ctx->vals = &smb21_values; 511 break; 512 case Smb_30: 513 ctx->ops = &smb30_operations; 514 ctx->vals = &smb30_values; 515 break; 516 case Smb_302: 517 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 518 ctx->vals = &smb302_values; 519 break; 520 case Smb_311: 521 ctx->ops = &smb311_operations; 522 ctx->vals = &smb311_values; 523 break; 524 case Smb_3any: 525 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 526 ctx->vals = &smb3any_values; 527 break; 528 case Smb_default: 529 ctx->ops = &smb30_operations; 530 ctx->vals = &smbdefault_values; 531 break; 532 default: 533 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 534 return 1; 535 } 536 return 0; 537 } 538 539 int smb3_parse_opt(const char *options, const char *key, char **val) 540 { 541 int rc = -ENOENT; 542 char *opts, *orig, *p; 543 544 orig = opts = kstrdup(options, GFP_KERNEL); 545 if (!opts) 546 return -ENOMEM; 547 548 while ((p = strsep(&opts, ","))) { 549 char *nval; 550 551 if (!*p) 552 continue; 553 if (strncasecmp(p, key, strlen(key))) 554 continue; 555 nval = strchr(p, '='); 556 if (nval) { 557 if (nval == p) 558 continue; 559 *nval++ = 0; 560 *val = kstrdup(nval, GFP_KERNEL); 561 rc = !*val ? -ENOMEM : 0; 562 goto out; 563 } 564 } 565 out: 566 kfree(orig); 567 return rc; 568 } 569 570 /* 571 * Remove duplicate path delimiters. Windows is supposed to do that 572 * but there are some bugs that prevent rename from working if there are 573 * multiple delimiters. 574 * 575 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 576 * Otherwise, return ERR_PTR. 577 * 578 * @gfp indicates the GFP_* flags for kstrdup. 579 * The caller is responsible for freeing the original. 580 */ 581 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 582 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 583 { 584 char *cursor1 = prepath, *cursor2 = prepath; 585 char *s; 586 587 /* skip all prepended delimiters */ 588 while (IS_DELIM(*cursor1)) 589 cursor1++; 590 591 /* exit in case of only delimiters */ 592 if (!*cursor1) 593 return NULL; 594 595 /* copy the first letter */ 596 *cursor2 = *cursor1; 597 598 /* copy the remainder... */ 599 while (*(cursor1++)) { 600 /* ... skipping all duplicated delimiters */ 601 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 602 continue; 603 *(++cursor2) = *cursor1; 604 } 605 606 /* if the last character is a delimiter, skip it */ 607 if (IS_DELIM(*(cursor2 - 1))) 608 cursor2--; 609 610 *cursor2 = '\0'; 611 if (!*prepath) 612 return NULL; 613 s = kstrdup(prepath, gfp); 614 if (!s) 615 return ERR_PTR(-ENOMEM); 616 return s; 617 } 618 619 /* 620 * Return full path based on the values of @ctx->{UNC,prepath}. 621 * 622 * It is assumed that both values were already parsed by smb3_parse_devname(). 623 */ 624 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 625 { 626 size_t ulen, plen; 627 char *s; 628 629 ulen = strlen(ctx->UNC); 630 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 631 632 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 633 if (!s) 634 return ERR_PTR(-ENOMEM); 635 memcpy(s, ctx->UNC, ulen); 636 if (plen) { 637 s[ulen] = dirsep; 638 memcpy(s + ulen + 1, ctx->prepath, plen); 639 } 640 s[ulen + plen] = '\0'; 641 convert_delimiter(s, dirsep); 642 return s; 643 } 644 645 /* 646 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 647 * fields with the result. Returns 0 on success and an error otherwise 648 * (e.g. ENOMEM or EINVAL) 649 */ 650 int 651 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 652 { 653 char *pos; 654 const char *delims = "/\\"; 655 size_t len; 656 int rc; 657 658 if (unlikely(!devname || !*devname)) { 659 cifs_dbg(VFS, "Device name not specified\n"); 660 return -EINVAL; 661 } 662 663 /* make sure we have a valid UNC double delimiter prefix */ 664 len = strspn(devname, delims); 665 if (len != 2) 666 return -EINVAL; 667 668 /* find delimiter between host and sharename */ 669 pos = strpbrk(devname + 2, delims); 670 if (!pos) 671 return -EINVAL; 672 673 /* record the server hostname */ 674 kfree(ctx->server_hostname); 675 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 676 if (!ctx->server_hostname) 677 return -ENOMEM; 678 679 /* skip past delimiter */ 680 ++pos; 681 682 /* now go until next delimiter or end of string */ 683 len = strcspn(pos, delims); 684 if (!len) 685 return -EINVAL; 686 687 /* move "pos" up to delimiter or NULL */ 688 pos += len; 689 kfree(ctx->UNC); 690 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 691 if (!ctx->UNC) 692 return -ENOMEM; 693 694 convert_delimiter(ctx->UNC, '\\'); 695 696 /* skip any delimiter */ 697 if (*pos == '/' || *pos == '\\') 698 pos++; 699 700 kfree(ctx->prepath); 701 ctx->prepath = NULL; 702 703 /* If pos is NULL then no prepath */ 704 if (!*pos) 705 return 0; 706 707 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 708 if (IS_ERR(ctx->prepath)) { 709 rc = PTR_ERR(ctx->prepath); 710 ctx->prepath = NULL; 711 return rc; 712 } 713 714 return 0; 715 } 716 717 static int smb3_handle_conflicting_options(struct fs_context *fc) 718 { 719 struct smb3_fs_context *ctx = smb3_fc2context(fc); 720 721 if (ctx->multichannel_specified) { 722 if (ctx->multichannel) { 723 if (!ctx->max_channels_specified) { 724 ctx->max_channels = 2; 725 } else if (ctx->max_channels == 1) { 726 cifs_errorf(fc, 727 "max_channels must be greater than 1 when multichannel is enabled\n"); 728 return -EINVAL; 729 } 730 } else { 731 if (!ctx->max_channels_specified) { 732 ctx->max_channels = 1; 733 } else if (ctx->max_channels > 1) { 734 cifs_errorf(fc, 735 "max_channels must be equal to 1 when multichannel is disabled\n"); 736 return -EINVAL; 737 } 738 } 739 } else { 740 if (ctx->max_channels_specified) { 741 if (ctx->max_channels > 1) 742 ctx->multichannel = true; 743 else 744 ctx->multichannel = false; 745 } else { 746 ctx->multichannel = false; 747 ctx->max_channels = 1; 748 } 749 } 750 751 //resetting default values as remount doesn't initialize fs_context again 752 ctx->multichannel_specified = false; 753 ctx->max_channels_specified = false; 754 755 return 0; 756 } 757 758 static void smb3_fs_context_free(struct fs_context *fc); 759 static int smb3_fs_context_parse_param(struct fs_context *fc, 760 struct fs_parameter *param); 761 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 762 void *data); 763 static int smb3_get_tree(struct fs_context *fc); 764 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels); 765 static int smb3_reconfigure(struct fs_context *fc); 766 767 static const struct fs_context_operations smb3_fs_context_ops = { 768 .free = smb3_fs_context_free, 769 .parse_param = smb3_fs_context_parse_param, 770 .parse_monolithic = smb3_fs_context_parse_monolithic, 771 .get_tree = smb3_get_tree, 772 .reconfigure = smb3_reconfigure, 773 }; 774 775 /* 776 * Parse a monolithic block of data from sys_mount(). 777 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 778 * @ctx: The superblock configuration to fill in. 779 * @data: The data to parse 780 * 781 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 782 * called from the ->monolithic_mount_data() fs_context operation. 783 * 784 * Returns 0 on success or the error returned by the ->parse_option() fs_context 785 * operation on failure. 786 */ 787 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 788 void *data) 789 { 790 char *options = data, *key; 791 int ret = 0; 792 793 if (!options) 794 return 0; 795 796 ret = security_sb_eat_lsm_opts(options, &fc->security); 797 if (ret) 798 return ret; 799 800 /* BB Need to add support for sep= here TBD */ 801 while ((key = strsep(&options, ",")) != NULL) { 802 size_t len; 803 char *value; 804 805 if (*key == 0) 806 break; 807 808 /* Check if following character is the deliminator If yes, 809 * we have encountered a double deliminator reset the NULL 810 * character to the deliminator 811 */ 812 while (options && options[0] == ',') { 813 len = strlen(key); 814 strcpy(key + len, options); 815 options = strchr(options, ','); 816 if (options) 817 *options++ = 0; 818 } 819 820 821 value = strchr(key, '='); 822 if (value) { 823 if (value == key) 824 continue; 825 *value++ = 0; 826 } 827 828 ret = vfs_parse_fs_string(fc, key, value); 829 if (ret < 0) 830 break; 831 } 832 return ret ?: smb3_handle_conflicting_options(fc); 833 } 834 835 /* 836 * Validate the preparsed information in the config. 837 */ 838 static int smb3_fs_context_validate(struct fs_context *fc) 839 { 840 struct smb3_fs_context *ctx = smb3_fc2context(fc); 841 842 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 843 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 844 return -EOPNOTSUPP; 845 } 846 847 #ifndef CONFIG_KEYS 848 /* Muliuser mounts require CONFIG_KEYS support */ 849 if (ctx->multiuser) { 850 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 851 return -1; 852 } 853 #endif 854 855 if (ctx->got_version == false) 856 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 857 858 859 if (!ctx->UNC) { 860 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 861 return -1; 862 } 863 864 /* make sure UNC has a share name */ 865 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 866 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 867 return -ENOENT; 868 } 869 870 if (!ctx->got_ip) { 871 int len; 872 const char *slash; 873 874 /* No ip= option specified? Try to get it from UNC */ 875 /* Use the address part of the UNC. */ 876 slash = strchr(&ctx->UNC[2], '\\'); 877 len = slash - &ctx->UNC[2]; 878 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 879 &ctx->UNC[2], len)) { 880 pr_err("Unable to determine destination address\n"); 881 return -EHOSTUNREACH; 882 } 883 } 884 885 /* set the port that we got earlier */ 886 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 887 888 if (ctx->uid_specified && !ctx->forceuid_specified) { 889 ctx->override_uid = 1; 890 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n"); 891 } 892 893 if (ctx->gid_specified && !ctx->forcegid_specified) { 894 ctx->override_gid = 1; 895 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n"); 896 } 897 898 if (ctx->override_uid && !ctx->uid_specified) { 899 ctx->override_uid = 0; 900 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 901 } 902 903 if (ctx->override_gid && !ctx->gid_specified) { 904 ctx->override_gid = 0; 905 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 906 } 907 908 return 0; 909 } 910 911 static int smb3_get_tree_common(struct fs_context *fc) 912 { 913 struct smb3_fs_context *ctx = smb3_fc2context(fc); 914 struct dentry *root; 915 int rc = 0; 916 917 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 918 if (IS_ERR(root)) 919 return PTR_ERR(root); 920 921 fc->root = root; 922 923 return rc; 924 } 925 926 /* 927 * Create an SMB3 superblock from the parameters passed. 928 */ 929 static int smb3_get_tree(struct fs_context *fc) 930 { 931 int err = smb3_fs_context_validate(fc); 932 int ret; 933 934 if (err) 935 return err; 936 cifs_mount_lock(); 937 ret = smb3_get_tree_common(fc); 938 cifs_mount_unlock(); 939 return ret; 940 } 941 942 static void smb3_fs_context_free(struct fs_context *fc) 943 { 944 struct smb3_fs_context *ctx = smb3_fc2context(fc); 945 946 smb3_cleanup_fs_context(ctx); 947 } 948 949 /* 950 * Compare the old and new proposed context during reconfigure 951 * and check if the changes are compatible. 952 */ 953 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 954 struct smb3_fs_context *new_ctx, 955 struct smb3_fs_context *old_ctx, bool need_recon) 956 { 957 if (new_ctx->posix_paths != old_ctx->posix_paths) { 958 cifs_errorf(fc, "can not change posixpaths during remount\n"); 959 return -EINVAL; 960 } 961 if (new_ctx->sectype != old_ctx->sectype) { 962 cifs_errorf(fc, "can not change sec during remount\n"); 963 return -EINVAL; 964 } 965 if (new_ctx->multiuser != old_ctx->multiuser) { 966 cifs_errorf(fc, "can not change multiuser during remount\n"); 967 return -EINVAL; 968 } 969 if (new_ctx->UNC && 970 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 971 cifs_errorf(fc, "can not change UNC during remount\n"); 972 return -EINVAL; 973 } 974 if (new_ctx->username && 975 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 976 cifs_errorf(fc, "can not change username during remount\n"); 977 return -EINVAL; 978 } 979 if (new_ctx->password && 980 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 981 if (need_recon == false) { 982 cifs_errorf(fc, 983 "can not change password of active session during remount\n"); 984 return -EINVAL; 985 } else if (old_ctx->sectype == Kerberos) { 986 cifs_errorf(fc, 987 "can not change password for Kerberos via remount\n"); 988 return -EINVAL; 989 } 990 } 991 if (new_ctx->domainname && 992 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 993 cifs_errorf(fc, "can not change domainname during remount\n"); 994 return -EINVAL; 995 } 996 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 997 cifs_errorf(fc, "can not change workstation_name during remount\n"); 998 return -EINVAL; 999 } 1000 if (new_ctx->nodename && 1001 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 1002 cifs_errorf(fc, "can not change nodename during remount\n"); 1003 return -EINVAL; 1004 } 1005 if (new_ctx->iocharset && 1006 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 1007 cifs_errorf(fc, "can not change iocharset during remount\n"); 1008 return -EINVAL; 1009 } 1010 if (new_ctx->unicode != old_ctx->unicode) { 1011 cifs_errorf(fc, "can not change unicode during remount\n"); 1012 return -EINVAL; 1013 } 1014 if (new_ctx->rfc1001_sessinit != old_ctx->rfc1001_sessinit) { 1015 cifs_errorf(fc, "can not change nbsessinit during remount\n"); 1016 return -EINVAL; 1017 } 1018 1019 return 0; 1020 } 1021 1022 #define STEAL_STRING(cifs_sb, ctx, field) \ 1023 do { \ 1024 kfree(ctx->field); \ 1025 ctx->field = cifs_sb->ctx->field; \ 1026 cifs_sb->ctx->field = NULL; \ 1027 } while (0) 1028 1029 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 1030 do { \ 1031 kfree_sensitive(ctx->field); \ 1032 ctx->field = cifs_sb->ctx->field; \ 1033 cifs_sb->ctx->field = NULL; \ 1034 } while (0) 1035 1036 int smb3_sync_session_ctx_passwords(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses) 1037 { 1038 if (ses->password && 1039 cifs_sb->ctx->password && 1040 strcmp(ses->password, cifs_sb->ctx->password)) { 1041 kfree_sensitive(cifs_sb->ctx->password); 1042 cifs_sb->ctx->password = kstrdup(ses->password, GFP_KERNEL); 1043 if (!cifs_sb->ctx->password) 1044 return -ENOMEM; 1045 } 1046 if (ses->password2 && 1047 cifs_sb->ctx->password2 && 1048 strcmp(ses->password2, cifs_sb->ctx->password2)) { 1049 kfree_sensitive(cifs_sb->ctx->password2); 1050 cifs_sb->ctx->password2 = kstrdup(ses->password2, GFP_KERNEL); 1051 if (!cifs_sb->ctx->password2) { 1052 kfree_sensitive(cifs_sb->ctx->password); 1053 cifs_sb->ctx->password = NULL; 1054 return -ENOMEM; 1055 } 1056 } 1057 return 0; 1058 } 1059 1060 /* 1061 * smb3_sync_ses_chan_max - Synchronize the session's maximum channel count 1062 * @ses: pointer to the old CIFS session structure 1063 * @max_channels: new maximum number of channels to allow 1064 * 1065 * Updates the session's chan_max field to the new value, protecting the update 1066 * with the session's channel lock. This should be called whenever the maximum 1067 * allowed channels for a session changes (e.g., after a remount or reconfigure). 1068 */ 1069 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels) 1070 { 1071 spin_lock(&ses->chan_lock); 1072 ses->chan_max = max_channels; 1073 spin_unlock(&ses->chan_lock); 1074 } 1075 1076 static int smb3_reconfigure(struct fs_context *fc) 1077 { 1078 struct smb3_fs_context *ctx = smb3_fc2context(fc); 1079 struct dentry *root = fc->root; 1080 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 1081 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses; 1082 unsigned int rsize = ctx->rsize, wsize = ctx->wsize; 1083 char *new_password = NULL, *new_password2 = NULL; 1084 bool need_recon = false; 1085 int rc; 1086 1087 if (ses->expired_pwd) 1088 need_recon = true; 1089 1090 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon); 1091 if (rc) 1092 return rc; 1093 1094 /* 1095 * We can not change UNC/username/password/domainname/ 1096 * workstation_name/nodename/iocharset 1097 * during reconnect so ignore what we have in the new context and 1098 * just use what we already have in cifs_sb->ctx. 1099 */ 1100 STEAL_STRING(cifs_sb, ctx, UNC); 1101 STEAL_STRING(cifs_sb, ctx, source); 1102 STEAL_STRING(cifs_sb, ctx, username); 1103 1104 if (need_recon == false) 1105 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 1106 else { 1107 if (ctx->password) { 1108 new_password = kstrdup(ctx->password, GFP_KERNEL); 1109 if (!new_password) 1110 return -ENOMEM; 1111 } else 1112 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 1113 } 1114 1115 /* 1116 * if a new password2 has been specified, then reset it's value 1117 * inside the ses struct 1118 */ 1119 if (ctx->password2) { 1120 new_password2 = kstrdup(ctx->password2, GFP_KERNEL); 1121 if (!new_password2) { 1122 kfree_sensitive(new_password); 1123 return -ENOMEM; 1124 } 1125 } else 1126 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password2); 1127 1128 /* 1129 * we may update the passwords in the ses struct below. Make sure we do 1130 * not race with smb2_reconnect 1131 */ 1132 mutex_lock(&ses->session_mutex); 1133 1134 /* 1135 * smb2_reconnect may swap password and password2 in case session setup 1136 * failed. First get ctx passwords in sync with ses passwords. It should 1137 * be okay to do this even if this function were to return an error at a 1138 * later stage 1139 */ 1140 rc = smb3_sync_session_ctx_passwords(cifs_sb, ses); 1141 if (rc) { 1142 mutex_unlock(&ses->session_mutex); 1143 kfree_sensitive(new_password); 1144 kfree_sensitive(new_password2); 1145 return rc; 1146 } 1147 1148 /* 1149 * now that allocations for passwords are done, commit them 1150 */ 1151 if (new_password) { 1152 kfree_sensitive(ses->password); 1153 ses->password = new_password; 1154 } 1155 if (new_password2) { 1156 kfree_sensitive(ses->password2); 1157 ses->password2 = new_password2; 1158 } 1159 1160 /* 1161 * If multichannel or max_channels has changed, update the session's channels accordingly. 1162 * This may add or remove channels to match the new configuration. 1163 */ 1164 if ((ctx->multichannel != cifs_sb->ctx->multichannel) || 1165 (ctx->max_channels != cifs_sb->ctx->max_channels)) { 1166 1167 /* Synchronize ses->chan_max with the new mount context */ 1168 smb3_sync_ses_chan_max(ses, ctx->max_channels); 1169 /* Now update the session's channels to match the new configuration */ 1170 /* Prevent concurrent scaling operations */ 1171 spin_lock(&ses->ses_lock); 1172 if (ses->flags & CIFS_SES_FLAG_SCALE_CHANNELS) { 1173 spin_unlock(&ses->ses_lock); 1174 mutex_unlock(&ses->session_mutex); 1175 return -EINVAL; 1176 } 1177 ses->flags |= CIFS_SES_FLAG_SCALE_CHANNELS; 1178 spin_unlock(&ses->ses_lock); 1179 1180 mutex_unlock(&ses->session_mutex); 1181 1182 rc = smb3_update_ses_channels(ses, ses->server, 1183 false /* from_reconnect */, 1184 false /* disable_mchan */); 1185 1186 /* Clear scaling flag after operation */ 1187 spin_lock(&ses->ses_lock); 1188 ses->flags &= ~CIFS_SES_FLAG_SCALE_CHANNELS; 1189 spin_unlock(&ses->ses_lock); 1190 } else { 1191 mutex_unlock(&ses->session_mutex); 1192 } 1193 1194 STEAL_STRING(cifs_sb, ctx, domainname); 1195 STEAL_STRING(cifs_sb, ctx, nodename); 1196 STEAL_STRING(cifs_sb, ctx, iocharset); 1197 1198 /* if rsize or wsize not passed in on remount, use previous values */ 1199 ctx->rsize = rsize ? CIFS_ALIGN_RSIZE(fc, rsize) : cifs_sb->ctx->rsize; 1200 ctx->wsize = wsize ? CIFS_ALIGN_WSIZE(fc, wsize) : cifs_sb->ctx->wsize; 1201 1202 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 1203 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 1204 smb3_update_mnt_flags(cifs_sb); 1205 #ifdef CONFIG_CIFS_DFS_UPCALL 1206 if (!rc) 1207 rc = dfs_cache_remount_fs(cifs_sb); 1208 #endif 1209 1210 return rc; 1211 } 1212 1213 static int smb3_fs_context_parse_param(struct fs_context *fc, 1214 struct fs_parameter *param) 1215 { 1216 struct fs_parse_result result; 1217 struct smb3_fs_context *ctx = smb3_fc2context(fc); 1218 int i, opt; 1219 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 1220 bool skip_parsing = false; 1221 char *hostname; 1222 1223 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 1224 1225 /* 1226 * fs_parse can not handle string options with an empty value so 1227 * we will need special handling of them. 1228 */ 1229 if (param->type == fs_value_is_string && param->string[0] == 0) { 1230 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 1231 skip_parsing = true; 1232 opt = Opt_pass; 1233 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 1234 skip_parsing = true; 1235 opt = Opt_user; 1236 } else if (!strcmp("pass2", param->key) || !strcmp("password2", param->key)) { 1237 skip_parsing = true; 1238 opt = Opt_pass2; 1239 } 1240 } 1241 1242 if (!skip_parsing) { 1243 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 1244 if (opt < 0) 1245 return ctx->sloppy ? 1 : opt; 1246 } 1247 1248 switch (opt) { 1249 case Opt_compress: 1250 if (!IS_ENABLED(CONFIG_CIFS_COMPRESSION)) { 1251 cifs_errorf(fc, "CONFIG_CIFS_COMPRESSION kernel config option is unset\n"); 1252 goto cifs_parse_mount_err; 1253 } 1254 ctx->compress = true; 1255 cifs_dbg(VFS, "SMB3 compression support is experimental\n"); 1256 break; 1257 case Opt_nodfs: 1258 ctx->nodfs = 1; 1259 break; 1260 case Opt_hard: 1261 if (result.negated) { 1262 if (ctx->retry == 1) 1263 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 1264 ctx->retry = 0; 1265 } else 1266 ctx->retry = 1; 1267 break; 1268 case Opt_soft: 1269 if (result.negated) 1270 ctx->retry = 1; 1271 else { 1272 if (ctx->retry == 1) 1273 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 1274 ctx->retry = 0; 1275 } 1276 break; 1277 case Opt_mapposix: 1278 if (result.negated) 1279 ctx->remap = false; 1280 else { 1281 ctx->remap = true; 1282 ctx->sfu_remap = false; /* disable SFU mapping */ 1283 } 1284 break; 1285 case Opt_mapchars: 1286 if (result.negated) 1287 ctx->sfu_remap = false; 1288 else { 1289 ctx->sfu_remap = true; 1290 ctx->remap = false; /* disable SFM (mapposix) mapping */ 1291 } 1292 break; 1293 case Opt_user_xattr: 1294 if (result.negated) 1295 ctx->no_xattr = 1; 1296 else 1297 ctx->no_xattr = 0; 1298 break; 1299 case Opt_forceuid: 1300 if (result.negated) 1301 ctx->override_uid = 0; 1302 else 1303 ctx->override_uid = 1; 1304 ctx->forceuid_specified = true; 1305 break; 1306 case Opt_forcegid: 1307 if (result.negated) 1308 ctx->override_gid = 0; 1309 else 1310 ctx->override_gid = 1; 1311 ctx->forcegid_specified = true; 1312 break; 1313 case Opt_perm: 1314 if (result.negated) 1315 ctx->noperm = 1; 1316 else 1317 ctx->noperm = 0; 1318 break; 1319 case Opt_dynperm: 1320 if (result.negated) 1321 ctx->dynperm = 0; 1322 else 1323 ctx->dynperm = 1; 1324 break; 1325 case Opt_sfu: 1326 if (result.negated) 1327 ctx->sfu_emul = 0; 1328 else 1329 ctx->sfu_emul = 1; 1330 break; 1331 case Opt_noblocksend: 1332 ctx->noblocksnd = 1; 1333 break; 1334 case Opt_noautotune: 1335 ctx->noautotune = 1; 1336 break; 1337 case Opt_nolease: 1338 ctx->no_lease = 1; 1339 break; 1340 case Opt_nosparse: 1341 ctx->no_sparse = 1; 1342 break; 1343 case Opt_nodelete: 1344 ctx->nodelete = 1; 1345 break; 1346 case Opt_multichannel: 1347 ctx->multichannel_specified = true; 1348 if (result.negated) 1349 ctx->multichannel = false; 1350 else 1351 ctx->multichannel = true; 1352 break; 1353 case Opt_uid: 1354 ctx->linux_uid = result.uid; 1355 ctx->uid_specified = true; 1356 break; 1357 case Opt_cruid: 1358 ctx->cred_uid = result.uid; 1359 ctx->cruid_specified = true; 1360 break; 1361 case Opt_backupuid: 1362 ctx->backupuid = result.uid; 1363 ctx->backupuid_specified = true; 1364 break; 1365 case Opt_backupgid: 1366 ctx->backupgid = result.gid; 1367 ctx->backupgid_specified = true; 1368 break; 1369 case Opt_gid: 1370 ctx->linux_gid = result.gid; 1371 ctx->gid_specified = true; 1372 break; 1373 case Opt_port: 1374 ctx->port = result.uint_32; 1375 break; 1376 case Opt_file_mode: 1377 ctx->file_mode = result.uint_32; 1378 break; 1379 case Opt_dirmode: 1380 ctx->dir_mode = result.uint_32; 1381 break; 1382 case Opt_min_enc_offload: 1383 ctx->min_offload = result.uint_32; 1384 break; 1385 case Opt_retrans: 1386 ctx->retrans = result.uint_32; 1387 break; 1388 case Opt_blocksize: 1389 /* 1390 * inode blocksize realistically should never need to be 1391 * less than 16K or greater than 16M and default is 1MB. 1392 * Note that small inode block sizes (e.g. 64K) can lead 1393 * to very poor performance of common tools like cp and scp 1394 */ 1395 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1396 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1397 cifs_errorf(fc, "%s: Invalid blocksize\n", 1398 __func__); 1399 goto cifs_parse_mount_err; 1400 } 1401 ctx->bsize = CIFS_ALIGN_BSIZE(fc, result.uint_32); 1402 ctx->got_bsize = true; 1403 break; 1404 case Opt_rasize: 1405 /* 1406 * readahead size realistically should never need to be 1407 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1408 * (perhaps an exception should be considered in the 1409 * for the case of a large number of channels 1410 * when multichannel is negotiated) since that would lead 1411 * to plenty of parallel I/O in flight to the server. 1412 * Note that smaller read ahead sizes would 1413 * hurt performance of common tools like cp and scp 1414 * which often trigger sequential i/o with read ahead 1415 */ 1416 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1417 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1418 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1419 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1420 goto cifs_parse_mount_err; 1421 } 1422 ctx->rasize = result.uint_32; 1423 break; 1424 case Opt_rsize: 1425 ctx->rsize = CIFS_ALIGN_RSIZE(fc, result.uint_32); 1426 ctx->got_rsize = true; 1427 ctx->vol_rsize = ctx->rsize; 1428 break; 1429 case Opt_wsize: 1430 ctx->wsize = CIFS_ALIGN_WSIZE(fc, result.uint_32); 1431 ctx->got_wsize = true; 1432 ctx->vol_wsize = ctx->wsize; 1433 break; 1434 case Opt_acregmax: 1435 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) { 1436 cifs_errorf(fc, "acregmax too large\n"); 1437 goto cifs_parse_mount_err; 1438 } 1439 ctx->acregmax = HZ * result.uint_32; 1440 break; 1441 case Opt_acdirmax: 1442 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) { 1443 cifs_errorf(fc, "acdirmax too large\n"); 1444 goto cifs_parse_mount_err; 1445 } 1446 ctx->acdirmax = HZ * result.uint_32; 1447 break; 1448 case Opt_actimeo: 1449 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) { 1450 cifs_errorf(fc, "timeout too large\n"); 1451 goto cifs_parse_mount_err; 1452 } 1453 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1454 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1455 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1456 break; 1457 } 1458 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1459 break; 1460 case Opt_closetimeo: 1461 if (result.uint_32 > SMB3_MAX_DCLOSETIMEO / HZ) { 1462 cifs_errorf(fc, "closetimeo too large\n"); 1463 goto cifs_parse_mount_err; 1464 } 1465 ctx->closetimeo = HZ * result.uint_32; 1466 break; 1467 case Opt_echo_interval: 1468 if (result.uint_32 < SMB_ECHO_INTERVAL_MIN || 1469 result.uint_32 > SMB_ECHO_INTERVAL_MAX) { 1470 cifs_errorf(fc, "echo interval is out of bounds\n"); 1471 goto cifs_parse_mount_err; 1472 } 1473 ctx->echo_interval = result.uint_32; 1474 break; 1475 case Opt_snapshot: 1476 ctx->snapshot_time = result.uint_64; 1477 break; 1478 case Opt_max_credits: 1479 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1480 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1481 __func__); 1482 goto cifs_parse_mount_err; 1483 } 1484 ctx->max_credits = result.uint_32; 1485 break; 1486 case Opt_max_channels: 1487 ctx->max_channels_specified = true; 1488 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1489 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1490 __func__, CIFS_MAX_CHANNELS); 1491 goto cifs_parse_mount_err; 1492 } 1493 ctx->max_channels = result.uint_32; 1494 break; 1495 case Opt_max_cached_dirs: 1496 if (result.uint_32 < 1) { 1497 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n", 1498 __func__); 1499 goto cifs_parse_mount_err; 1500 } 1501 ctx->max_cached_dirs = result.uint_32; 1502 break; 1503 case Opt_handletimeout: 1504 ctx->handle_timeout = result.uint_32; 1505 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1506 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1507 goto cifs_parse_mount_err; 1508 } 1509 break; 1510 case Opt_source: 1511 kfree(ctx->UNC); 1512 ctx->UNC = NULL; 1513 switch (smb3_parse_devname(param->string, ctx)) { 1514 case 0: 1515 break; 1516 case -ENOMEM: 1517 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1518 goto cifs_parse_mount_err; 1519 case -EINVAL: 1520 cifs_errorf(fc, "Malformed UNC in devname\n"); 1521 goto cifs_parse_mount_err; 1522 default: 1523 cifs_errorf(fc, "Unknown error parsing devname\n"); 1524 goto cifs_parse_mount_err; 1525 } 1526 kfree(ctx->source); 1527 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1528 if (IS_ERR(ctx->source)) { 1529 ctx->source = NULL; 1530 cifs_errorf(fc, "OOM when copying UNC string\n"); 1531 goto cifs_parse_mount_err; 1532 } 1533 kfree(fc->source); 1534 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1535 if (fc->source == NULL) { 1536 cifs_errorf(fc, "OOM when copying UNC string\n"); 1537 goto cifs_parse_mount_err; 1538 } 1539 hostname = extract_hostname(ctx->UNC); 1540 if (IS_ERR(hostname)) { 1541 cifs_errorf(fc, "Cannot extract hostname from UNC string\n"); 1542 goto cifs_parse_mount_err; 1543 } 1544 /* last byte, type, is 0x20 for servr type */ 1545 memset(ctx->target_rfc1001_name, 0x20, RFC1001_NAME_LEN_WITH_NULL); 1546 for (i = 0; i < RFC1001_NAME_LEN && hostname[i] != 0; i++) 1547 ctx->target_rfc1001_name[i] = toupper(hostname[i]); 1548 kfree(hostname); 1549 break; 1550 case Opt_user: 1551 kfree(ctx->username); 1552 ctx->username = NULL; 1553 if (ctx->nullauth) 1554 break; 1555 if (strlen(param->string) == 0) { 1556 /* null user, ie. anonymous authentication */ 1557 ctx->nullauth = 1; 1558 break; 1559 } 1560 1561 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) == 1562 CIFS_MAX_USERNAME_LEN) { 1563 pr_warn("username too long\n"); 1564 goto cifs_parse_mount_err; 1565 } 1566 ctx->username = no_free_ptr(param->string); 1567 break; 1568 case Opt_pass: 1569 kfree_sensitive(ctx->password); 1570 ctx->password = NULL; 1571 if (strlen(param->string) == 0) 1572 break; 1573 ctx->password = no_free_ptr(param->string); 1574 break; 1575 case Opt_pass2: 1576 kfree_sensitive(ctx->password2); 1577 ctx->password2 = NULL; 1578 if (strlen(param->string) == 0) 1579 break; 1580 ctx->password2 = no_free_ptr(param->string); 1581 break; 1582 case Opt_ip: 1583 if (strlen(param->string) == 0) { 1584 ctx->got_ip = false; 1585 break; 1586 } 1587 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1588 param->string, 1589 strlen(param->string))) { 1590 pr_err("bad ip= option (%s)\n", param->string); 1591 goto cifs_parse_mount_err; 1592 } 1593 ctx->got_ip = true; 1594 break; 1595 case Opt_domain: 1596 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1597 == CIFS_MAX_DOMAINNAME_LEN) { 1598 pr_warn("domain name too long\n"); 1599 goto cifs_parse_mount_err; 1600 } 1601 1602 kfree(ctx->domainname); 1603 ctx->domainname = no_free_ptr(param->string); 1604 cifs_dbg(FYI, "Domain name set\n"); 1605 break; 1606 case Opt_srcaddr: 1607 if (!cifs_convert_address( 1608 (struct sockaddr *)&ctx->srcaddr, 1609 param->string, strlen(param->string))) { 1610 pr_warn("Could not parse srcaddr: %s\n", 1611 param->string); 1612 goto cifs_parse_mount_err; 1613 } 1614 break; 1615 case Opt_iocharset: 1616 if (strnlen(param->string, 1024) >= 65) { 1617 pr_warn("iocharset name too long\n"); 1618 goto cifs_parse_mount_err; 1619 } 1620 1621 if (strncasecmp(param->string, "default", 7) != 0) { 1622 kfree(ctx->iocharset); 1623 ctx->iocharset = no_free_ptr(param->string); 1624 } 1625 /* if iocharset not set then load_nls_default 1626 * is used by caller 1627 */ 1628 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1629 break; 1630 case Opt_netbiosname: 1631 memset(ctx->source_rfc1001_name, 0x20, 1632 RFC1001_NAME_LEN); 1633 /* 1634 * FIXME: are there cases in which a comma can 1635 * be valid in workstation netbios name (and 1636 * need special handling)? 1637 */ 1638 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1639 /* don't ucase netbiosname for user */ 1640 if (param->string[i] == 0) 1641 break; 1642 ctx->source_rfc1001_name[i] = param->string[i]; 1643 } 1644 /* The string has 16th byte zero still from 1645 * set at top of the function 1646 */ 1647 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1648 pr_warn("netbiosname longer than 15 truncated\n"); 1649 break; 1650 case Opt_servern: 1651 /* last byte, type, is 0x20 for servr type */ 1652 memset(ctx->target_rfc1001_name, 0x20, 1653 RFC1001_NAME_LEN_WITH_NULL); 1654 /* 1655 * BB are there cases in which a comma can be valid in this 1656 * workstation netbios name (and need special handling)? 1657 */ 1658 1659 /* user or mount helper must uppercase the netbios name */ 1660 for (i = 0; i < 15; i++) { 1661 if (param->string[i] == 0) 1662 break; 1663 ctx->target_rfc1001_name[i] = param->string[i]; 1664 } 1665 1666 /* The string has 16th byte zero still from set at top of function */ 1667 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1668 pr_warn("server netbiosname longer than 15 truncated\n"); 1669 break; 1670 case Opt_nbsessinit: 1671 ctx->rfc1001_sessinit = !result.negated; 1672 cifs_dbg(FYI, "rfc1001_sessinit set to %d\n", ctx->rfc1001_sessinit); 1673 break; 1674 case Opt_ver: 1675 /* version of mount userspace tools, not dialect */ 1676 /* If interface changes in mount.cifs bump to new ver */ 1677 if (strncasecmp(param->string, "1", 1) == 0) { 1678 if (strlen(param->string) > 1) { 1679 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1680 param->string); 1681 goto cifs_parse_mount_err; 1682 } 1683 /* This is the default */ 1684 break; 1685 } 1686 /* For all other value, error */ 1687 pr_warn("Invalid mount helper version specified\n"); 1688 goto cifs_parse_mount_err; 1689 case Opt_vers: 1690 /* protocol version (dialect) */ 1691 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1692 goto cifs_parse_mount_err; 1693 ctx->got_version = true; 1694 break; 1695 case Opt_sec: 1696 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1697 goto cifs_parse_mount_err; 1698 break; 1699 case Opt_upcalltarget: 1700 if (cifs_parse_upcall_target(fc, param->string, ctx) != 0) 1701 goto cifs_parse_mount_err; 1702 break; 1703 case Opt_cache: 1704 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1705 goto cifs_parse_mount_err; 1706 break; 1707 case Opt_witness: 1708 #ifndef CONFIG_CIFS_SWN_UPCALL 1709 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1710 goto cifs_parse_mount_err; 1711 #endif 1712 ctx->witness = true; 1713 pr_warn_once("Witness protocol support is experimental\n"); 1714 break; 1715 case Opt_unicode: 1716 ctx->unicode = !result.negated; 1717 cifs_dbg(FYI, "unicode set to %d\n", ctx->unicode); 1718 break; 1719 case Opt_rootfs: 1720 #ifndef CONFIG_CIFS_ROOT 1721 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1722 goto cifs_parse_mount_err; 1723 #endif 1724 ctx->rootfs = true; 1725 break; 1726 case Opt_posixpaths: 1727 if (result.negated) 1728 ctx->posix_paths = 0; 1729 else 1730 ctx->posix_paths = 1; 1731 break; 1732 case Opt_unix: 1733 if (result.negated) { 1734 if (ctx->linux_ext == 1) 1735 pr_warn_once("conflicting posix mount options specified\n"); 1736 ctx->linux_ext = 0; 1737 ctx->no_linux_ext = 1; 1738 } else { 1739 if (ctx->no_linux_ext == 1) 1740 pr_warn_once("conflicting posix mount options specified\n"); 1741 ctx->linux_ext = 1; 1742 ctx->no_linux_ext = 0; 1743 ctx->nonativesocket = 1; /* POSIX mounts use NFS style reparse points */ 1744 } 1745 break; 1746 case Opt_nocase: 1747 ctx->nocase = 1; 1748 break; 1749 case Opt_brl: 1750 if (result.negated) { 1751 /* 1752 * turn off mandatory locking in mode 1753 * if remote locking is turned off since the 1754 * local vfs will do advisory 1755 */ 1756 if (ctx->file_mode == 1757 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1758 ctx->file_mode = S_IALLUGO; 1759 ctx->nobrl = 1; 1760 } else 1761 ctx->nobrl = 0; 1762 break; 1763 case Opt_handlecache: 1764 if (result.negated) 1765 ctx->nohandlecache = 1; 1766 else 1767 ctx->nohandlecache = 0; 1768 break; 1769 case Opt_forcemandatorylock: 1770 ctx->mand_lock = 1; 1771 break; 1772 case Opt_setuids: 1773 ctx->setuids = result.negated; 1774 break; 1775 case Opt_intr: 1776 ctx->intr = !result.negated; 1777 break; 1778 case Opt_setuidfromacl: 1779 ctx->setuidfromacl = 1; 1780 break; 1781 case Opt_strictsync: 1782 ctx->nostrictsync = result.negated; 1783 break; 1784 case Opt_serverino: 1785 ctx->server_ino = !result.negated; 1786 break; 1787 case Opt_rwpidforward: 1788 ctx->rwpidforward = 1; 1789 break; 1790 case Opt_modesid: 1791 ctx->mode_ace = 1; 1792 break; 1793 case Opt_cifsacl: 1794 ctx->cifs_acl = !result.negated; 1795 break; 1796 case Opt_acl: 1797 ctx->no_psx_acl = result.negated; 1798 break; 1799 case Opt_locallease: 1800 ctx->local_lease = 1; 1801 break; 1802 case Opt_sign: 1803 ctx->sign = true; 1804 break; 1805 case Opt_ignore_signature: 1806 ctx->sign = true; 1807 ctx->ignore_signature = true; 1808 break; 1809 case Opt_seal: 1810 /* we do not do the following in secFlags because seal 1811 * is a per tree connection (mount) not a per socket 1812 * or per-smb connection option in the protocol 1813 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1814 */ 1815 ctx->seal = 1; 1816 break; 1817 case Opt_noac: 1818 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1819 break; 1820 case Opt_fsc: 1821 #ifndef CONFIG_CIFS_FSCACHE 1822 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1823 goto cifs_parse_mount_err; 1824 #endif 1825 ctx->fsc = true; 1826 break; 1827 case Opt_mfsymlinks: 1828 ctx->mfsymlinks = true; 1829 break; 1830 case Opt_multiuser: 1831 ctx->multiuser = true; 1832 break; 1833 case Opt_sloppy: 1834 ctx->sloppy = true; 1835 break; 1836 case Opt_nosharesock: 1837 ctx->nosharesock = true; 1838 break; 1839 case Opt_persistent: 1840 if (result.negated) { 1841 ctx->nopersistent = true; 1842 if (ctx->persistent) { 1843 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1844 goto cifs_parse_mount_err; 1845 } 1846 } else { 1847 ctx->persistent = true; 1848 if ((ctx->nopersistent) || (ctx->resilient)) { 1849 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1850 goto cifs_parse_mount_err; 1851 } 1852 } 1853 break; 1854 case Opt_resilient: 1855 if (result.negated) { 1856 ctx->resilient = false; /* already the default */ 1857 } else { 1858 ctx->resilient = true; 1859 if (ctx->persistent) { 1860 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1861 goto cifs_parse_mount_err; 1862 } 1863 } 1864 break; 1865 case Opt_tcp_nodelay: 1866 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1867 if (result.negated) 1868 ctx->sockopt_tcp_nodelay = false; 1869 else 1870 ctx->sockopt_tcp_nodelay = true; 1871 break; 1872 case Opt_domainauto: 1873 ctx->domainauto = true; 1874 break; 1875 case Opt_rdma: 1876 ctx->rdma = true; 1877 break; 1878 case Opt_reparse: 1879 if (parse_reparse_flavor(fc, param->string, ctx)) 1880 goto cifs_parse_mount_err; 1881 break; 1882 case Opt_nativesocket: 1883 ctx->nonativesocket = result.negated; 1884 break; 1885 case Opt_symlink: 1886 if (parse_symlink_flavor(fc, param->string, ctx)) 1887 goto cifs_parse_mount_err; 1888 break; 1889 case Opt_symlinkroot: 1890 if (param->string[0] != '/') { 1891 cifs_errorf(fc, "symlinkroot mount options must be absolute path\n"); 1892 goto cifs_parse_mount_err; 1893 } 1894 if (strnlen(param->string, PATH_MAX) == PATH_MAX) { 1895 cifs_errorf(fc, "symlinkroot path too long (max path length: %u)\n", 1896 PATH_MAX - 1); 1897 goto cifs_parse_mount_err; 1898 } 1899 kfree(ctx->symlinkroot); 1900 ctx->symlinkroot = param->string; 1901 param->string = NULL; 1902 break; 1903 } 1904 /* case Opt_ignore: - is ignored as expected ... */ 1905 1906 if (ctx->multiuser && ctx->upcall_target == UPTARGET_MOUNT) { 1907 cifs_errorf(fc, "multiuser mount option not supported with upcalltarget set as 'mount'\n"); 1908 goto cifs_parse_mount_err; 1909 } 1910 1911 return 0; 1912 1913 cifs_parse_mount_err: 1914 kfree_sensitive(ctx->password); 1915 ctx->password = NULL; 1916 kfree_sensitive(ctx->password2); 1917 ctx->password2 = NULL; 1918 kfree(ctx->source); 1919 ctx->source = NULL; 1920 kfree(fc->source); 1921 fc->source = NULL; 1922 return -EINVAL; 1923 } 1924 1925 int smb3_init_fs_context(struct fs_context *fc) 1926 { 1927 struct smb3_fs_context *ctx; 1928 char *nodename = utsname()->nodename; 1929 int i; 1930 1931 ctx = kzalloc_obj(struct smb3_fs_context); 1932 if (unlikely(!ctx)) 1933 return -ENOMEM; 1934 1935 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1936 1937 /* 1938 * does not have to be perfect mapping since field is 1939 * informational, only used for servers that do not support 1940 * port 445 and it can be overridden at mount time 1941 */ 1942 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1943 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1944 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1945 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1946 1947 /* 1948 * null target name indicates to use *SMBSERVR default called name 1949 * if we end up sending RFC1001 session initialize 1950 */ 1951 ctx->target_rfc1001_name[0] = 0; 1952 1953 ctx->rfc1001_sessinit = -1; /* autodetect based on port number */ 1954 1955 ctx->cred_uid = current_uid(); 1956 ctx->linux_uid = current_uid(); 1957 ctx->linux_gid = current_gid(); 1958 /* By default 4MB read ahead size, 1MB block size */ 1959 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1960 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1961 1962 /* 1963 * default to SFM style remapping of seven reserved characters 1964 * unless user overrides it or we negotiate CIFS POSIX where 1965 * it is unnecessary. Can not simultaneously use more than one mapping 1966 * since then readdir could list files that open could not open 1967 */ 1968 ctx->remap = true; 1969 1970 /* default to only allowing write access to owner of the mount */ 1971 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1972 1973 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1974 /* default is always to request posix paths. */ 1975 ctx->posix_paths = 1; 1976 /* default to using server inode numbers where available */ 1977 ctx->server_ino = 1; 1978 1979 /* default is to use strict cifs caching semantics */ 1980 ctx->strict_io = true; 1981 1982 ctx->acregmax = CIFS_DEF_ACTIMEO; 1983 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1984 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1985 ctx->max_cached_dirs = MAX_CACHED_FIDS; 1986 /* Most clients set timeout to 0, allows server to use its default */ 1987 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1988 1989 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1990 ctx->ops = &smb30_operations; 1991 ctx->vals = &smbdefault_values; 1992 1993 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1994 1995 /* default to no multichannel (single server connection) */ 1996 ctx->multichannel = false; 1997 ctx->multichannel_specified = false; 1998 ctx->max_channels_specified = false; 1999 ctx->max_channels = 1; 2000 2001 ctx->backupuid_specified = false; /* no backup intent for a user */ 2002 ctx->backupgid_specified = false; /* no backup intent for a group */ 2003 2004 ctx->retrans = 0; 2005 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT; 2006 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT; 2007 ctx->nonativesocket = 0; 2008 2009 ctx->unicode = -1; /* autodetect, but prefer UNICODE mode */ 2010 2011 /* 2012 * short int override_uid = -1; 2013 * short int override_gid = -1; 2014 * char *nodename = strdup(utsname()->nodename); 2015 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 2016 */ 2017 2018 fc->fs_private = ctx; 2019 fc->ops = &smb3_fs_context_ops; 2020 return 0; 2021 } 2022 2023 void 2024 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 2025 { 2026 if (ctx == NULL) 2027 return; 2028 2029 /* 2030 * Make sure this stays in sync with smb3_fs_context_dup() 2031 */ 2032 kfree(ctx->username); 2033 ctx->username = NULL; 2034 kfree_sensitive(ctx->password); 2035 ctx->password = NULL; 2036 kfree_sensitive(ctx->password2); 2037 ctx->password2 = NULL; 2038 kfree(ctx->server_hostname); 2039 ctx->server_hostname = NULL; 2040 kfree(ctx->UNC); 2041 ctx->UNC = NULL; 2042 kfree(ctx->source); 2043 ctx->source = NULL; 2044 kfree(ctx->domainname); 2045 ctx->domainname = NULL; 2046 kfree(ctx->nodename); 2047 ctx->nodename = NULL; 2048 kfree(ctx->iocharset); 2049 ctx->iocharset = NULL; 2050 kfree(ctx->prepath); 2051 ctx->prepath = NULL; 2052 kfree(ctx->leaf_fullpath); 2053 ctx->leaf_fullpath = NULL; 2054 kfree(ctx->dns_dom); 2055 ctx->dns_dom = NULL; 2056 kfree(ctx->symlinkroot); 2057 ctx->symlinkroot = NULL; 2058 } 2059 2060 void 2061 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 2062 { 2063 if (!ctx) 2064 return; 2065 smb3_cleanup_fs_context_contents(ctx); 2066 kfree(ctx); 2067 } 2068 2069 unsigned int smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 2070 { 2071 unsigned int sbflags = cifs_sb_flags(cifs_sb); 2072 struct smb3_fs_context *ctx = cifs_sb->ctx; 2073 2074 if (ctx->nodfs) 2075 sbflags |= CIFS_MOUNT_NO_DFS; 2076 else 2077 sbflags &= ~CIFS_MOUNT_NO_DFS; 2078 2079 if (ctx->noperm) 2080 sbflags |= CIFS_MOUNT_NO_PERM; 2081 else 2082 sbflags &= ~CIFS_MOUNT_NO_PERM; 2083 2084 if (ctx->setuids) 2085 sbflags |= CIFS_MOUNT_SET_UID; 2086 else 2087 sbflags &= ~CIFS_MOUNT_SET_UID; 2088 2089 if (ctx->setuidfromacl) 2090 sbflags |= CIFS_MOUNT_UID_FROM_ACL; 2091 else 2092 sbflags &= ~CIFS_MOUNT_UID_FROM_ACL; 2093 2094 if (ctx->server_ino) 2095 sbflags |= CIFS_MOUNT_SERVER_INUM; 2096 else 2097 sbflags &= ~CIFS_MOUNT_SERVER_INUM; 2098 2099 if (ctx->remap) 2100 sbflags |= CIFS_MOUNT_MAP_SFM_CHR; 2101 else 2102 sbflags &= ~CIFS_MOUNT_MAP_SFM_CHR; 2103 2104 if (ctx->sfu_remap) 2105 sbflags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 2106 else 2107 sbflags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 2108 2109 if (ctx->no_xattr) 2110 sbflags |= CIFS_MOUNT_NO_XATTR; 2111 else 2112 sbflags &= ~CIFS_MOUNT_NO_XATTR; 2113 2114 if (ctx->sfu_emul) 2115 sbflags |= CIFS_MOUNT_UNX_EMUL; 2116 else 2117 sbflags &= ~CIFS_MOUNT_UNX_EMUL; 2118 2119 if (ctx->nobrl) 2120 sbflags |= CIFS_MOUNT_NO_BRL; 2121 else 2122 sbflags &= ~CIFS_MOUNT_NO_BRL; 2123 2124 if (ctx->nohandlecache) 2125 sbflags |= CIFS_MOUNT_NO_HANDLE_CACHE; 2126 else 2127 sbflags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 2128 2129 if (ctx->nostrictsync) 2130 sbflags |= CIFS_MOUNT_NOSSYNC; 2131 else 2132 sbflags &= ~CIFS_MOUNT_NOSSYNC; 2133 2134 if (ctx->mand_lock) 2135 sbflags |= CIFS_MOUNT_NOPOSIXBRL; 2136 else 2137 sbflags &= ~CIFS_MOUNT_NOPOSIXBRL; 2138 2139 if (ctx->rwpidforward) 2140 sbflags |= CIFS_MOUNT_RWPIDFORWARD; 2141 else 2142 sbflags &= ~CIFS_MOUNT_RWPIDFORWARD; 2143 2144 if (ctx->mode_ace) 2145 sbflags |= CIFS_MOUNT_MODE_FROM_SID; 2146 else 2147 sbflags &= ~CIFS_MOUNT_MODE_FROM_SID; 2148 2149 if (ctx->cifs_acl) 2150 sbflags |= CIFS_MOUNT_CIFS_ACL; 2151 else 2152 sbflags &= ~CIFS_MOUNT_CIFS_ACL; 2153 2154 if (ctx->backupuid_specified) 2155 sbflags |= CIFS_MOUNT_CIFS_BACKUPUID; 2156 else 2157 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 2158 2159 if (ctx->backupgid_specified) 2160 sbflags |= CIFS_MOUNT_CIFS_BACKUPGID; 2161 else 2162 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 2163 2164 if (ctx->override_uid) 2165 sbflags |= CIFS_MOUNT_OVERR_UID; 2166 else 2167 sbflags &= ~CIFS_MOUNT_OVERR_UID; 2168 2169 if (ctx->override_gid) 2170 sbflags |= CIFS_MOUNT_OVERR_GID; 2171 else 2172 sbflags &= ~CIFS_MOUNT_OVERR_GID; 2173 2174 if (ctx->dynperm) 2175 sbflags |= CIFS_MOUNT_DYNPERM; 2176 else 2177 sbflags &= ~CIFS_MOUNT_DYNPERM; 2178 2179 if (ctx->fsc) 2180 sbflags |= CIFS_MOUNT_FSCACHE; 2181 else 2182 sbflags &= ~CIFS_MOUNT_FSCACHE; 2183 2184 if (ctx->multiuser) 2185 sbflags |= CIFS_MOUNT_MULTIUSER | CIFS_MOUNT_NO_PERM; 2186 else 2187 sbflags &= ~CIFS_MOUNT_MULTIUSER; 2188 2189 2190 if (ctx->strict_io) 2191 sbflags |= CIFS_MOUNT_STRICT_IO; 2192 else 2193 sbflags &= ~CIFS_MOUNT_STRICT_IO; 2194 2195 if (ctx->direct_io) 2196 sbflags |= CIFS_MOUNT_DIRECT_IO; 2197 else 2198 sbflags &= ~CIFS_MOUNT_DIRECT_IO; 2199 2200 if (ctx->mfsymlinks) 2201 sbflags |= CIFS_MOUNT_MF_SYMLINKS; 2202 else 2203 sbflags &= ~CIFS_MOUNT_MF_SYMLINKS; 2204 2205 if (ctx->mfsymlinks && ctx->sfu_emul) { 2206 /* 2207 * Our SFU ("Services for Unix") emulation allows now 2208 * creating new and reading existing SFU symlinks. 2209 * Older Linux kernel versions were not able to neither 2210 * read existing nor create new SFU symlinks. But 2211 * creating and reading SFU style mknod and FIFOs was 2212 * supported for long time. When "mfsymlinks" and 2213 * "sfu" are both enabled at the same time, it allows 2214 * reading both types of symlinks, but will only create 2215 * them with mfsymlinks format. This allows better 2216 * Apple compatibility, compatibility with older Linux 2217 * kernel clients (probably better for Samba too) 2218 * while still recognizing old Windows style symlinks. 2219 */ 2220 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 2221 } 2222 sbflags &= ~CIFS_MOUNT_SHUTDOWN; 2223 atomic_set(&cifs_sb->mnt_cifs_flags, sbflags); 2224 return sbflags; 2225 } 2226