1 // SPDX-License-Identifier: LGPL-2.1
2 /*
3 *
4 * Copyright (C) International Business Machines Corp., 2002, 2011
5 * Etersoft, 2012
6 * Author(s): Pavel Shilovsky (pshilovsky@samba.org),
7 * Steve French (sfrench@us.ibm.com)
8 *
9 */
10 #include <linux/fs.h>
11 #include <linux/stat.h>
12 #include <linux/slab.h>
13 #include <linux/pagemap.h>
14 #include <asm/div64.h>
15 #include "cifsfs.h"
16 #include "cifsglob.h"
17 #include "cifsproto.h"
18 #include "cifs_debug.h"
19 #include "cifs_fs_sb.h"
20 #include "cifs_unicode.h"
21 #include "fscache.h"
22 #include "smb2glob.h"
23 #include "smb2proto.h"
24 #include "cached_dir.h"
25 #include "../common/smb2status.h"
26 #include "../common/smbfsctl.h"
27
reparse_buf_ptr(struct kvec * iov)28 static struct reparse_data_buffer *reparse_buf_ptr(struct kvec *iov)
29 {
30 struct reparse_data_buffer *buf;
31 struct smb2_ioctl_rsp *io = iov->iov_base;
32 u32 off, count, len;
33 u16 rdlen;
34
35 count = le32_to_cpu(io->OutputCount);
36 off = le32_to_cpu(io->OutputOffset);
37 if (check_add_overflow(off, count, &len) || len > iov->iov_len)
38 return ERR_PTR(smb_EIO2(smb_eio_trace_reparse_overlong,
39 off, count));
40
41 buf = (struct reparse_data_buffer *)((u8 *)io + off);
42 len = sizeof(*buf);
43 rdlen = le16_to_cpu(buf->ReparseDataLength);
44
45 if (count < len || count < rdlen + len)
46 return ERR_PTR(smb_EIO2(smb_eio_trace_reparse_rdlen, count, rdlen));
47 return buf;
48 }
49
file_create_options(struct dentry * dentry)50 static inline __u32 file_create_options(struct dentry *dentry)
51 {
52 struct cifsInodeInfo *ci;
53
54 if (dentry) {
55 ci = CIFS_I(d_inode(dentry));
56 if (ci->cifsAttrs & ATTR_REPARSE_POINT)
57 return OPEN_REPARSE_POINT;
58 }
59 return 0;
60 }
61
62 /* Parse owner and group from SMB3.1.1 POSIX query info */
parse_posix_sids(struct cifs_open_info_data * data,struct kvec * rsp_iov)63 static int parse_posix_sids(struct cifs_open_info_data *data,
64 struct kvec *rsp_iov)
65 {
66 struct smb2_query_info_rsp *qi = rsp_iov->iov_base;
67 unsigned int out_len = le32_to_cpu(qi->OutputBufferLength);
68 unsigned int qi_len = sizeof(data->posix_fi);
69 int owner_len, group_len;
70 u8 *sidsbuf, *sidsbuf_end;
71
72 if (out_len <= qi_len)
73 return -EINVAL;
74
75 sidsbuf = (u8 *)qi + le16_to_cpu(qi->OutputBufferOffset) + qi_len;
76 sidsbuf_end = sidsbuf + out_len - qi_len;
77
78 owner_len = posix_info_sid_size(sidsbuf, sidsbuf_end);
79 if (owner_len == -1)
80 return -EINVAL;
81
82 memcpy(&data->posix_owner, sidsbuf, owner_len);
83 group_len = posix_info_sid_size(sidsbuf + owner_len, sidsbuf_end);
84 if (group_len == -1)
85 return -EINVAL;
86
87 memcpy(&data->posix_group, sidsbuf + owner_len, group_len);
88 return 0;
89 }
90
91 struct wsl_query_ea {
92 __le32 next;
93 __u8 name_len;
94 __u8 name[SMB2_WSL_XATTR_NAME_LEN + 1];
95 } __packed;
96
97 #define NEXT_OFF cpu_to_le32(sizeof(struct wsl_query_ea))
98
99 static const struct wsl_query_ea wsl_query_eas[] = {
100 { .next = NEXT_OFF, .name_len = SMB2_WSL_XATTR_NAME_LEN, .name = SMB2_WSL_XATTR_UID, },
101 { .next = NEXT_OFF, .name_len = SMB2_WSL_XATTR_NAME_LEN, .name = SMB2_WSL_XATTR_GID, },
102 { .next = NEXT_OFF, .name_len = SMB2_WSL_XATTR_NAME_LEN, .name = SMB2_WSL_XATTR_MODE, },
103 { .next = 0, .name_len = SMB2_WSL_XATTR_NAME_LEN, .name = SMB2_WSL_XATTR_DEV, },
104 };
105
check_wsl_eas(struct kvec * rsp_iov)106 static int check_wsl_eas(struct kvec *rsp_iov)
107 {
108 struct smb2_file_full_ea_info *ea;
109 struct smb2_query_info_rsp *rsp = rsp_iov->iov_base;
110 unsigned long addr;
111 u32 outlen, next;
112 u16 vlen;
113 u8 nlen;
114 u8 *ea_end, *iov_end;
115
116 outlen = le32_to_cpu(rsp->OutputBufferLength);
117 if (outlen < SMB2_WSL_MIN_QUERY_EA_RESP_SIZE ||
118 outlen > SMB2_WSL_MAX_QUERY_EA_RESP_SIZE)
119 return -EINVAL;
120
121 ea = (void *)((u8 *)rsp_iov->iov_base +
122 le16_to_cpu(rsp->OutputBufferOffset));
123 ea_end = (u8 *)ea + outlen;
124 iov_end = (u8 *)rsp_iov->iov_base + rsp_iov->iov_len;
125 if (ea_end > iov_end)
126 return -EINVAL;
127
128 for (;;) {
129 if ((u8 *)ea > ea_end - sizeof(*ea))
130 return -EINVAL;
131
132 nlen = ea->ea_name_length;
133 vlen = le16_to_cpu(ea->ea_value_length);
134 if (nlen != SMB2_WSL_XATTR_NAME_LEN ||
135 (u8 *)ea->ea_data + nlen + 1 + vlen > ea_end)
136 return -EINVAL;
137
138 switch (vlen) {
139 case 4:
140 if (strncmp(ea->ea_data, SMB2_WSL_XATTR_UID, nlen) &&
141 strncmp(ea->ea_data, SMB2_WSL_XATTR_GID, nlen) &&
142 strncmp(ea->ea_data, SMB2_WSL_XATTR_MODE, nlen))
143 return -EINVAL;
144 break;
145 case 8:
146 if (strncmp(ea->ea_data, SMB2_WSL_XATTR_DEV, nlen))
147 return -EINVAL;
148 break;
149 case 0:
150 if (!strncmp(ea->ea_data, SMB2_WSL_XATTR_UID, nlen) ||
151 !strncmp(ea->ea_data, SMB2_WSL_XATTR_GID, nlen) ||
152 !strncmp(ea->ea_data, SMB2_WSL_XATTR_MODE, nlen) ||
153 !strncmp(ea->ea_data, SMB2_WSL_XATTR_DEV, nlen))
154 break;
155 fallthrough;
156 default:
157 return -EINVAL;
158 }
159
160 next = le32_to_cpu(ea->next_entry_offset);
161 if (!next)
162 break;
163 if (!IS_ALIGNED(next, 4) ||
164 check_add_overflow((unsigned long)ea, next, &addr))
165 return -EINVAL;
166 ea = (void *)addr;
167 }
168 return 0;
169 }
170
171 /*
172 * If @cfile is NULL, then need to account for trailing CLOSE request in the
173 * compound chain.
174 */
set_next_compound(struct cifs_tcon * tcon,struct cifsFileInfo * cfile,int i,int num_cmds,struct smb_rqst * rqst,int * num_rqst)175 static void set_next_compound(struct cifs_tcon *tcon,
176 struct cifsFileInfo *cfile,
177 int i, int num_cmds,
178 struct smb_rqst *rqst, int *num_rqst)
179 {
180 int k = !cfile ? 1 : 0;
181
182 if (i + 1 < num_cmds + k)
183 smb2_set_next_command(tcon, &rqst[*num_rqst]);
184 if (i + k > 0)
185 smb2_set_related(&rqst[*num_rqst]);
186 (*num_rqst)++;
187 }
188
189 #define COMP_PID(cfile) ((cfile) ? (cfile)->fid.persistent_fid : COMPOUND_FID)
190 #define COMP_VID(cfile) ((cfile) ? (cfile)->fid.volatile_fid : COMPOUND_FID)
191
192 /*
193 * note: If cfile is passed, the reference to it is dropped here.
194 * So make sure that you do not reuse cfile after return from this func.
195 *
196 * If passing @out_iov and @out_buftype, ensure to make them both large enough
197 * (>= 3) to hold all compounded responses. Caller is also responsible for
198 * freeing them up with free_rsp_buf().
199 */
smb2_compound_op(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,const char * full_path,struct cifs_open_parms * oparms,struct kvec * in_iov,int * cmds,int num_cmds,struct cifsFileInfo * cfile,struct kvec * out_iov,int * out_buftype,struct dentry * dentry)200 static int smb2_compound_op(const unsigned int xid, struct cifs_tcon *tcon,
201 struct cifs_sb_info *cifs_sb, const char *full_path,
202 struct cifs_open_parms *oparms, struct kvec *in_iov,
203 int *cmds, int num_cmds, struct cifsFileInfo *cfile,
204 struct kvec *out_iov, int *out_buftype, struct dentry *dentry)
205 {
206
207 struct smb2_create_rsp *create_rsp = NULL;
208 struct smb2_query_info_rsp *qi_rsp = NULL;
209 struct smb2_compound_vars *vars = NULL;
210 __u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
211 struct cifs_open_info_data *idata;
212 struct cifs_ses *ses = tcon->ses;
213 struct reparse_data_buffer *rbuf;
214 struct TCP_Server_Info *server;
215 int resp_buftype[MAX_COMPOUND];
216 int retries = 0, cur_sleep = 0;
217 __u8 delete_pending[8] = {1,};
218 struct kvec *rsp_iov, *iov;
219 struct inode *inode = NULL;
220 __le16 *utf16_path = NULL;
221 struct smb_rqst *rqst;
222 unsigned int size[2];
223 struct cifs_fid fid;
224 int num_rqst = 0, i;
225 unsigned int len;
226 int tmp_rc, rc;
227 int flags = 0;
228 void *data[2];
229
230 replay_again:
231 /* reinitialize for possible replay */
232 flags = 0;
233 oplock = SMB2_OPLOCK_LEVEL_NONE;
234 num_rqst = 0;
235 server = cifs_pick_channel(ses);
236
237 vars = kzalloc_obj(*vars, GFP_KERNEL);
238 if (vars == NULL) {
239 rc = -ENOMEM;
240 goto out;
241 }
242 rqst = &vars->rqst[0];
243 rsp_iov = &vars->rsp_iov[0];
244
245 if (smb3_encryption_required(tcon))
246 flags |= CIFS_TRANSFORM_REQ;
247
248 for (i = 0; i < ARRAY_SIZE(resp_buftype); i++)
249 resp_buftype[i] = CIFS_NO_BUFFER;
250
251 /* We already have a handle so we can skip the open */
252 if (cfile)
253 goto after_open;
254
255 /* Open */
256 utf16_path = cifs_convert_path_to_utf16(full_path, cifs_sb);
257 if (!utf16_path) {
258 rc = -ENOMEM;
259 goto finished;
260 }
261
262 /* if there is an existing lease, reuse it */
263
264 /*
265 * note: files with hardlinks cause unexpected behaviour. As per MS-SMB2,
266 * lease keys are associated with the filepath. We are maintaining lease keys
267 * with the inode on the client. If the file has hardlinks, it is possible
268 * that the lease for a file be reused for an operation on its hardlink or
269 * vice versa.
270 * As a workaround, send request using an existing lease key and if the server
271 * returns STATUS_INVALID_PARAMETER, which maps to EINVAL, send the request
272 * again without the lease.
273 */
274 if (dentry) {
275 inode = d_inode(dentry);
276 if (CIFS_I(inode)->lease_granted && server->ops->get_lease_key) {
277 oplock = SMB2_OPLOCK_LEVEL_LEASE;
278 server->ops->get_lease_key(inode, &fid);
279 }
280 }
281
282 vars->oparms = *oparms;
283 vars->oparms.fid = &fid;
284
285 rqst[num_rqst].rq_iov = &vars->open_iov[0];
286 rqst[num_rqst].rq_nvec = SMB2_CREATE_IOV_SIZE;
287 rc = SMB2_open_init(tcon, server,
288 &rqst[num_rqst], &oplock, &vars->oparms,
289 utf16_path);
290 kfree(utf16_path);
291 if (rc)
292 goto finished;
293
294 smb2_set_next_command(tcon, &rqst[num_rqst]);
295 after_open:
296 num_rqst++;
297 rc = 0;
298
299 i = 0;
300
301 /* Skip the leading explicit OPEN operation */
302 if (num_cmds > 0 && cmds[0] == SMB2_OP_OPEN_QUERY)
303 i++;
304
305 for (; i < num_cmds; i++) {
306 /* Operation */
307 switch (cmds[i]) {
308 case SMB2_OP_QUERY_INFO:
309 rqst[num_rqst].rq_iov = &vars->qi_iov;
310 rqst[num_rqst].rq_nvec = 1;
311
312 rc = SMB2_query_info_init(tcon, server,
313 &rqst[num_rqst],
314 COMP_PID(cfile), COMP_VID(cfile),
315 FILE_ALL_INFORMATION,
316 SMB2_O_INFO_FILE, 0,
317 sizeof(struct smb2_file_all_info) +
318 PATH_MAX * 2, 0, NULL);
319 if (rc)
320 goto finished;
321 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
322 trace_smb3_query_info_compound_enter(xid, tcon->tid,
323 ses->Suid, full_path);
324 break;
325 case SMB2_OP_POSIX_QUERY_INFO:
326 rqst[num_rqst].rq_iov = &vars->qi_iov;
327 rqst[num_rqst].rq_nvec = 1;
328
329 /* TBD: fix following to allow for longer SIDs */
330 rc = SMB2_query_info_init(tcon, server,
331 &rqst[num_rqst],
332 COMP_PID(cfile), COMP_VID(cfile),
333 SMB_FIND_FILE_POSIX_INFO,
334 SMB2_O_INFO_FILE, 0,
335 sizeof(struct smb311_posix_qinfo) +
336 (PATH_MAX * 2) +
337 (sizeof(struct smb_sid) * 2), 0, NULL);
338 if (rc)
339 goto finished;
340 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
341 trace_smb3_posix_query_info_compound_enter(xid, tcon->tid,
342 ses->Suid, full_path);
343 break;
344 case SMB2_OP_MKDIR:
345 /*
346 * Directories are created through parameters in the
347 * SMB2_open() call.
348 */
349 trace_smb3_mkdir_enter(xid, tcon->tid, ses->Suid, full_path);
350 break;
351 case SMB2_OP_UNLINK:
352 rqst[num_rqst].rq_iov = vars->unlink_iov;
353 rqst[num_rqst].rq_nvec = 1;
354
355 size[0] = 1; /* sizeof __u8 See MS-FSCC section 2.4.11 */
356 data[0] = &delete_pending[0];
357
358 rc = SMB2_set_info_init(tcon, server,
359 &rqst[num_rqst],
360 COMP_PID(cfile), COMP_VID(cfile),
361 current->tgid, FILE_DISPOSITION_INFORMATION,
362 SMB2_O_INFO_FILE, 0,
363 data, size);
364 if (rc)
365 goto finished;
366 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
367 trace_smb3_unlink_enter(xid, tcon->tid, ses->Suid, full_path);
368 break;
369 case SMB2_OP_SET_EOF:
370 rqst[num_rqst].rq_iov = &vars->si_iov[0];
371 rqst[num_rqst].rq_nvec = 1;
372
373 size[0] = in_iov[i].iov_len;
374 data[0] = in_iov[i].iov_base;
375
376 rc = SMB2_set_info_init(tcon, server,
377 &rqst[num_rqst],
378 COMP_PID(cfile), COMP_VID(cfile),
379 current->tgid, FILE_END_OF_FILE_INFORMATION,
380 SMB2_O_INFO_FILE, 0,
381 data, size);
382 if (rc)
383 goto finished;
384 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
385 trace_smb3_set_eof_enter(xid, tcon->tid, ses->Suid, full_path);
386 break;
387 case SMB2_OP_SET_INFO:
388 rqst[num_rqst].rq_iov = &vars->si_iov[0];
389 rqst[num_rqst].rq_nvec = 1;
390
391 size[0] = in_iov[i].iov_len;
392 data[0] = in_iov[i].iov_base;
393
394 rc = SMB2_set_info_init(tcon, server,
395 &rqst[num_rqst],
396 COMP_PID(cfile), COMP_VID(cfile),
397 current->tgid, FILE_BASIC_INFORMATION,
398 SMB2_O_INFO_FILE, 0, data, size);
399 if (rc)
400 goto finished;
401 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
402 trace_smb3_set_info_compound_enter(xid, tcon->tid,
403 ses->Suid, full_path);
404 break;
405 case SMB2_OP_RENAME:
406 rqst[num_rqst].rq_iov = vars->rename_iov;
407 rqst[num_rqst].rq_nvec = 2;
408
409 len = in_iov[i].iov_len;
410
411 vars->rename_info.ReplaceIfExists = 1;
412 vars->rename_info.RootDirectory = 0;
413 vars->rename_info.FileNameLength = cpu_to_le32(len);
414
415 size[0] = sizeof(struct smb2_file_rename_info);
416 data[0] = &vars->rename_info;
417
418 size[1] = len + 2 /* null */;
419 data[1] = in_iov[i].iov_base;
420
421 rc = SMB2_set_info_init(tcon, server,
422 &rqst[num_rqst],
423 COMP_PID(cfile), COMP_VID(cfile),
424 current->tgid, FILE_RENAME_INFORMATION,
425 SMB2_O_INFO_FILE, 0, data, size);
426
427 if (rc)
428 goto finished;
429 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
430 trace_smb3_rename_enter(xid, tcon->tid, ses->Suid, full_path);
431 break;
432 case SMB2_OP_HARDLINK:
433 rqst[num_rqst].rq_iov = vars->hl_iov;
434 rqst[num_rqst].rq_nvec = 2;
435
436 len = in_iov[i].iov_len;
437
438 vars->link_info.ReplaceIfExists = 0;
439 vars->link_info.RootDirectory = 0;
440 vars->link_info.FileNameLength = cpu_to_le32(len);
441
442 size[0] = sizeof(struct smb2_file_link_info);
443 data[0] = &vars->link_info;
444
445 size[1] = len + 2 /* null */;
446 data[1] = in_iov[i].iov_base;
447
448 rc = SMB2_set_info_init(tcon, server,
449 &rqst[num_rqst],
450 COMP_PID(cfile), COMP_VID(cfile),
451 current->tgid, FILE_LINK_INFORMATION,
452 SMB2_O_INFO_FILE, 0, data, size);
453 if (rc)
454 goto finished;
455 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
456 trace_smb3_hardlink_enter(xid, tcon->tid, ses->Suid, full_path);
457 break;
458 case SMB2_OP_SET_REPARSE:
459 rqst[num_rqst].rq_iov = vars->io_iov;
460 rqst[num_rqst].rq_nvec = ARRAY_SIZE(vars->io_iov);
461
462 rc = SMB2_ioctl_init(tcon, server, &rqst[num_rqst],
463 COMP_PID(cfile), COMP_VID(cfile),
464 FSCTL_SET_REPARSE_POINT,
465 in_iov[i].iov_base,
466 in_iov[i].iov_len, 0);
467 if (rc)
468 goto finished;
469 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
470 trace_smb3_set_reparse_compound_enter(xid, tcon->tid,
471 ses->Suid, full_path);
472 break;
473 case SMB2_OP_GET_REPARSE:
474 rqst[num_rqst].rq_iov = vars->io_iov;
475 rqst[num_rqst].rq_nvec = ARRAY_SIZE(vars->io_iov);
476
477 rc = SMB2_ioctl_init(tcon, server, &rqst[num_rqst],
478 COMP_PID(cfile), COMP_VID(cfile),
479 FSCTL_GET_REPARSE_POINT,
480 NULL, 0, CIFSMaxBufSize);
481 if (rc)
482 goto finished;
483 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
484 trace_smb3_get_reparse_compound_enter(xid, tcon->tid,
485 ses->Suid, full_path);
486 break;
487 case SMB2_OP_QUERY_WSL_EA:
488 rqst[num_rqst].rq_iov = &vars->ea_iov;
489 rqst[num_rqst].rq_nvec = 1;
490
491 rc = SMB2_query_info_init(tcon, server,
492 &rqst[num_rqst],
493 COMP_PID(cfile), COMP_VID(cfile),
494 FILE_FULL_EA_INFORMATION,
495 SMB2_O_INFO_FILE, 0,
496 SMB2_WSL_MAX_QUERY_EA_RESP_SIZE,
497 sizeof(wsl_query_eas),
498 (void *)wsl_query_eas);
499 if (rc)
500 goto finished;
501 set_next_compound(tcon, cfile, i, num_cmds, rqst, &num_rqst);
502 trace_smb3_query_wsl_ea_compound_enter(xid, tcon->tid,
503 ses->Suid, full_path);
504 break;
505 default:
506 cifs_dbg(VFS, "Invalid command\n");
507 rc = -EINVAL;
508 }
509 }
510 if (rc)
511 goto finished;
512
513 /* We already have a handle so we can skip the close */
514 if (cfile)
515 goto after_close;
516 /* Close */
517 flags |= CIFS_CP_CREATE_CLOSE_OP;
518 rqst[num_rqst].rq_iov = &vars->close_iov;
519 rqst[num_rqst].rq_nvec = 1;
520 rc = SMB2_close_init(tcon, server,
521 &rqst[num_rqst], COMPOUND_FID,
522 COMPOUND_FID, false);
523 smb2_set_related(&rqst[num_rqst]);
524 if (rc)
525 goto finished;
526 after_close:
527 num_rqst++;
528
529 if (cfile) {
530 if (retries) {
531 /* Back-off before retry */
532 if (cur_sleep)
533 msleep(cur_sleep);
534 for (i = 1; i < num_rqst - 2; i++)
535 smb2_set_replay(server, &rqst[i]);
536 }
537
538 rc = compound_send_recv(xid, ses, server,
539 flags, num_rqst - 2,
540 &rqst[1], &resp_buftype[1],
541 &rsp_iov[1]);
542 } else {
543 if (retries) {
544 /* Back-off before retry */
545 if (cur_sleep)
546 msleep(cur_sleep);
547 for (i = 0; i < num_rqst; i++)
548 smb2_set_replay(server, &rqst[i]);
549 }
550
551 rc = compound_send_recv(xid, ses, server,
552 flags, num_rqst,
553 rqst, resp_buftype,
554 rsp_iov);
555 }
556
557 finished:
558 num_rqst = 0;
559 SMB2_open_free(&rqst[num_rqst++]);
560 if (rc == -EREMCHG) {
561 pr_warn_once("server share %s deleted\n", tcon->tree_name);
562 tcon->need_reconnect = true;
563 }
564
565 tmp_rc = rc;
566
567 if (rc == 0 && num_cmds > 0 && cmds[0] == SMB2_OP_OPEN_QUERY) {
568 create_rsp = rsp_iov[0].iov_base;
569 idata = in_iov[0].iov_base;
570 idata->fi.CreationTime = create_rsp->CreationTime;
571 idata->fi.LastAccessTime = create_rsp->LastAccessTime;
572 idata->fi.LastWriteTime = create_rsp->LastWriteTime;
573 idata->fi.ChangeTime = create_rsp->ChangeTime;
574 idata->fi.Attributes = create_rsp->FileAttributes;
575 idata->fi.AllocationSize = create_rsp->AllocationSize;
576 idata->fi.EndOfFile = create_rsp->EndofFile;
577 if (le32_to_cpu(idata->fi.NumberOfLinks) == 0)
578 idata->fi.NumberOfLinks = cpu_to_le32(1); /* dummy value */
579 idata->fi.DeletePending = 0; /* successful open = not delete pending */
580 idata->fi.Directory = !!(le32_to_cpu(create_rsp->FileAttributes) & ATTR_DIRECTORY);
581
582 /* smb2_parse_contexts() fills idata->fi.IndexNumber */
583 rc = smb2_parse_contexts(server, &rsp_iov[0], &oparms->fid->epoch,
584 oparms->fid->lease_key, &oplock, &idata->fi, NULL);
585 if (rc)
586 cifs_dbg(VFS, "rc: %d parsing context of compound op\n", rc);
587 }
588
589 for (i = 0; i < num_cmds; i++) {
590 char *buf = rsp_iov[i + 1].iov_base;
591
592 if (buf && resp_buftype[i + 1] != CIFS_NO_BUFFER)
593 rc = server->ops->map_error(buf, false);
594 else
595 rc = tmp_rc;
596 switch (cmds[i]) {
597 case SMB2_OP_QUERY_INFO:
598 idata = in_iov[i].iov_base;
599 idata->contains_posix_file_info = false;
600 if (rc == 0 && cfile && cfile->symlink_target) {
601 idata->symlink_target = kstrdup(cfile->symlink_target, GFP_KERNEL);
602 if (!idata->symlink_target)
603 rc = -ENOMEM;
604 }
605 if (rc == 0) {
606 qi_rsp = (struct smb2_query_info_rsp *)
607 rsp_iov[i + 1].iov_base;
608 rc = smb2_validate_and_copy_iov(
609 le16_to_cpu(qi_rsp->OutputBufferOffset),
610 le32_to_cpu(qi_rsp->OutputBufferLength),
611 &rsp_iov[i + 1], sizeof(idata->fi), (char *)&idata->fi);
612 }
613 SMB2_query_info_free(&rqst[num_rqst++]);
614 if (rc)
615 trace_smb3_query_info_compound_err(xid, tcon->tid,
616 ses->Suid, rc);
617 else
618 trace_smb3_query_info_compound_done(xid, tcon->tid,
619 ses->Suid);
620 break;
621 case SMB2_OP_POSIX_QUERY_INFO:
622 idata = in_iov[i].iov_base;
623 idata->contains_posix_file_info = true;
624 if (rc == 0 && cfile && cfile->symlink_target) {
625 idata->symlink_target = kstrdup(cfile->symlink_target, GFP_KERNEL);
626 if (!idata->symlink_target)
627 rc = -ENOMEM;
628 }
629 if (rc == 0) {
630 qi_rsp = (struct smb2_query_info_rsp *)
631 rsp_iov[i + 1].iov_base;
632 rc = smb2_validate_and_copy_iov(
633 le16_to_cpu(qi_rsp->OutputBufferOffset),
634 le32_to_cpu(qi_rsp->OutputBufferLength),
635 &rsp_iov[i + 1], sizeof(idata->posix_fi) /* add SIDs */,
636 (char *)&idata->posix_fi);
637 }
638 if (rc == 0)
639 rc = parse_posix_sids(idata, &rsp_iov[i + 1]);
640
641 SMB2_query_info_free(&rqst[num_rqst++]);
642 if (rc)
643 trace_smb3_posix_query_info_compound_err(xid, tcon->tid,
644 ses->Suid, rc);
645 else
646 trace_smb3_posix_query_info_compound_done(xid, tcon->tid,
647 ses->Suid);
648 break;
649 case SMB2_OP_MKDIR:
650 if (rc)
651 trace_smb3_mkdir_err(xid, tcon->tid, ses->Suid, rc);
652 else
653 trace_smb3_mkdir_done(xid, tcon->tid, ses->Suid);
654 break;
655 case SMB2_OP_HARDLINK:
656 if (rc)
657 trace_smb3_hardlink_err(xid, tcon->tid, ses->Suid, rc);
658 else
659 trace_smb3_hardlink_done(xid, tcon->tid, ses->Suid);
660 SMB2_set_info_free(&rqst[num_rqst++]);
661 break;
662 case SMB2_OP_RENAME:
663 if (rc)
664 trace_smb3_rename_err(xid, tcon->tid, ses->Suid, rc);
665 else
666 trace_smb3_rename_done(xid, tcon->tid, ses->Suid);
667 SMB2_set_info_free(&rqst[num_rqst++]);
668 break;
669 case SMB2_OP_UNLINK:
670 if (!rc)
671 trace_smb3_unlink_done(xid, tcon->tid, ses->Suid);
672 else
673 trace_smb3_unlink_err(xid, tcon->tid, ses->Suid, rc);
674 SMB2_set_info_free(&rqst[num_rqst++]);
675 break;
676 case SMB2_OP_SET_EOF:
677 if (rc)
678 trace_smb3_set_eof_err(xid, tcon->tid, ses->Suid, rc);
679 else
680 trace_smb3_set_eof_done(xid, tcon->tid, ses->Suid);
681 SMB2_set_info_free(&rqst[num_rqst++]);
682 break;
683 case SMB2_OP_SET_INFO:
684 if (rc)
685 trace_smb3_set_info_compound_err(xid, tcon->tid,
686 ses->Suid, rc);
687 else
688 trace_smb3_set_info_compound_done(xid, tcon->tid,
689 ses->Suid);
690 SMB2_set_info_free(&rqst[num_rqst++]);
691 break;
692 case SMB2_OP_SET_REPARSE:
693 if (rc) {
694 trace_smb3_set_reparse_compound_err(xid, tcon->tid,
695 ses->Suid, rc);
696 } else {
697 trace_smb3_set_reparse_compound_done(xid, tcon->tid,
698 ses->Suid);
699 }
700 SMB2_ioctl_free(&rqst[num_rqst++]);
701 break;
702 case SMB2_OP_GET_REPARSE:
703 if (!rc) {
704 iov = &rsp_iov[i + 1];
705 idata = in_iov[i].iov_base;
706 idata->reparse.io.iov = *iov;
707 idata->reparse.io.buftype = resp_buftype[i + 1];
708 idata->contains_posix_file_info = false; /* BB VERIFY */
709 rbuf = reparse_buf_ptr(iov);
710 if (IS_ERR(rbuf)) {
711 rc = PTR_ERR(rbuf);
712 trace_smb3_get_reparse_compound_err(xid, tcon->tid,
713 ses->Suid, rc);
714 } else {
715 idata->reparse.tag = le32_to_cpu(rbuf->ReparseTag);
716 trace_smb3_get_reparse_compound_done(xid, tcon->tid,
717 ses->Suid);
718 }
719 memset(iov, 0, sizeof(*iov));
720 resp_buftype[i + 1] = CIFS_NO_BUFFER;
721 } else {
722 trace_smb3_get_reparse_compound_err(xid, tcon->tid,
723 ses->Suid, rc);
724 }
725 SMB2_ioctl_free(&rqst[num_rqst++]);
726 break;
727 case SMB2_OP_QUERY_WSL_EA:
728 if (!rc) {
729 idata = in_iov[i].iov_base;
730 idata->contains_posix_file_info = false;
731 qi_rsp = rsp_iov[i + 1].iov_base;
732 data[0] = (u8 *)qi_rsp + le16_to_cpu(qi_rsp->OutputBufferOffset);
733 size[0] = le32_to_cpu(qi_rsp->OutputBufferLength);
734 rc = check_wsl_eas(&rsp_iov[i + 1]);
735 if (!rc) {
736 memcpy(idata->wsl.eas, data[0], size[0]);
737 idata->wsl.eas_len = size[0];
738 }
739 }
740 if (!rc) {
741 trace_smb3_query_wsl_ea_compound_done(xid, tcon->tid,
742 ses->Suid);
743 } else {
744 trace_smb3_query_wsl_ea_compound_err(xid, tcon->tid,
745 ses->Suid, rc);
746 }
747 SMB2_query_info_free(&rqst[num_rqst++]);
748 break;
749 }
750 }
751 SMB2_close_free(&rqst[num_rqst]);
752 rc = tmp_rc;
753
754 num_cmds += 2;
755 if (out_iov && out_buftype) {
756 memcpy(out_iov, rsp_iov, num_cmds * sizeof(*out_iov));
757 memcpy(out_buftype, resp_buftype,
758 num_cmds * sizeof(*out_buftype));
759 } else {
760 for (i = 0; i < num_cmds; i++)
761 free_rsp_buf(resp_buftype[i], rsp_iov[i].iov_base);
762 }
763 num_cmds -= 2; /* correct num_cmds as there could be a retry */
764 kfree(vars);
765
766 if (is_replayable_error(rc) &&
767 smb2_should_replay(tcon, &retries, &cur_sleep))
768 goto replay_again;
769
770 out:
771 if (cfile)
772 cifsFileInfo_put(cfile);
773
774 return rc;
775 }
776
parse_create_response(struct cifs_open_info_data * data,struct cifs_sb_info * cifs_sb,const char * full_path,const struct kvec * iov)777 static int parse_create_response(struct cifs_open_info_data *data,
778 struct cifs_sb_info *cifs_sb,
779 const char *full_path,
780 const struct kvec *iov)
781 {
782 struct smb2_create_rsp *rsp = iov->iov_base;
783 bool reparse_point = false;
784 u32 tag = 0;
785 int rc = 0;
786
787 switch (rsp->hdr.Status) {
788 case STATUS_IO_REPARSE_TAG_NOT_HANDLED:
789 reparse_point = true;
790 break;
791 case STATUS_STOPPED_ON_SYMLINK:
792 rc = smb2_parse_symlink_response(cifs_sb, iov,
793 full_path,
794 &data->symlink_target);
795 if (rc)
796 return rc;
797 tag = IO_REPARSE_TAG_SYMLINK;
798 reparse_point = true;
799 break;
800 case STATUS_SUCCESS:
801 reparse_point = !!(rsp->Flags & SMB2_CREATE_FLAG_REPARSEPOINT);
802 break;
803 }
804 data->reparse_point = reparse_point;
805 data->reparse.tag = tag;
806 return rc;
807 }
808
809 /* Check only if SMB2_OP_QUERY_WSL_EA command failed in the compound chain */
ea_unsupported(int * cmds,int num_cmds,struct kvec * out_iov,int * out_buftype)810 static bool ea_unsupported(int *cmds, int num_cmds,
811 struct kvec *out_iov, int *out_buftype)
812 {
813 int i;
814
815 if (cmds[num_cmds - 1] != SMB2_OP_QUERY_WSL_EA)
816 return false;
817
818 for (i = 1; i < num_cmds - 1; i++) {
819 struct smb2_hdr *hdr = out_iov[i].iov_base;
820
821 if (out_buftype[i] == CIFS_NO_BUFFER || !hdr ||
822 hdr->Status != STATUS_SUCCESS)
823 return false;
824 }
825 return true;
826 }
827
free_rsp_iov(struct kvec * iovs,int * buftype,int count)828 static inline void free_rsp_iov(struct kvec *iovs, int *buftype, int count)
829 {
830 int i;
831
832 for (i = 0; i < count; i++) {
833 free_rsp_buf(buftype[i], iovs[i].iov_base);
834 memset(&iovs[i], 0, sizeof(*iovs));
835 buftype[i] = CIFS_NO_BUFFER;
836 }
837 }
838
smb2_query_path_info(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,const char * full_path,struct cifs_open_info_data * data)839 int smb2_query_path_info(const unsigned int xid,
840 struct cifs_tcon *tcon,
841 struct cifs_sb_info *cifs_sb,
842 const char *full_path,
843 struct cifs_open_info_data *data)
844 {
845 struct kvec in_iov[3], out_iov[5] = {};
846 struct cached_fid *cfid = NULL;
847 struct cifs_open_parms oparms;
848 struct cifsFileInfo *cfile;
849 __u32 create_options = 0;
850 int out_buftype[5] = {};
851 struct smb2_hdr *hdr;
852 int num_cmds = 0;
853 int cmds[3];
854 bool islink;
855 int rc, rc2;
856
857 data->adjust_tz = false;
858 data->reparse_point = false;
859
860 /*
861 * BB TODO: Add support for using cached root handle in SMB3.1.1 POSIX.
862 * Create SMB2_query_posix_info worker function to do non-compounded
863 * query when we already have an open file handle for this. For now this
864 * is fast enough (always using the compounded version).
865 */
866 if (!tcon->posix_extensions) {
867 if (*full_path) {
868 rc = -ENOENT;
869 } else {
870 rc = open_cached_dir(xid, tcon, full_path,
871 cifs_sb, false, &cfid);
872 }
873 /* If it is a root and its handle is cached then use it */
874 if (!rc) {
875 if (cfid->file_all_info_is_valid) {
876 memcpy(&data->fi, &cfid->file_all_info,
877 sizeof(data->fi));
878 } else {
879 rc = SMB2_query_info(xid, tcon,
880 cfid->fid.persistent_fid,
881 cfid->fid.volatile_fid,
882 &data->fi);
883 }
884 close_cached_dir(cfid);
885 return rc;
886 }
887 cmds[num_cmds++] = SMB2_OP_QUERY_INFO;
888 } else {
889 cmds[num_cmds++] = SMB2_OP_POSIX_QUERY_INFO;
890 }
891
892 in_iov[0].iov_base = data;
893 in_iov[0].iov_len = sizeof(*data);
894 in_iov[1] = in_iov[0];
895 in_iov[2] = in_iov[0];
896
897 cifs_get_readable_path(tcon, full_path, &cfile);
898 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path, FILE_READ_ATTRIBUTES,
899 FILE_OPEN, create_options, ACL_NO_MODE);
900 rc = smb2_compound_op(xid, tcon, cifs_sb, full_path,
901 &oparms, in_iov, cmds, num_cmds,
902 cfile, out_iov, out_buftype, NULL);
903 hdr = out_iov[0].iov_base;
904 /*
905 * If first iov is unset, then SMB session was dropped or we've got a
906 * cached open file (@cfile).
907 */
908 if (!hdr || out_buftype[0] == CIFS_NO_BUFFER)
909 goto out;
910
911 switch (rc) {
912 case 0:
913 rc = parse_create_response(data, cifs_sb, full_path, &out_iov[0]);
914 break;
915 case -EACCES:
916 /*
917 * If SMB2_OP_QUERY_INFO (called when POSIX extensions are not used) failed with
918 * STATUS_ACCESS_DENIED then it means that caller does not have permission to
919 * open the path with FILE_READ_ATTRIBUTES access and therefore cannot issue
920 * SMB2_OP_QUERY_INFO command.
921 *
922 * There is an alternative way how to query limited information about path but still
923 * suitable for stat() syscall. SMB2 OPEN/CREATE operation returns in its successful
924 * response subset of query information.
925 *
926 * So try to open the path without FILE_READ_ATTRIBUTES but with MAXIMUM_ALLOWED
927 * access which will grant the maximum possible access to the file and the response
928 * will contain required query information for stat() syscall.
929 */
930
931 if (tcon->posix_extensions)
932 break;
933
934 num_cmds = 1;
935 cmds[0] = SMB2_OP_OPEN_QUERY;
936 in_iov[0].iov_base = data;
937 in_iov[0].iov_len = sizeof(*data);
938 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path, MAXIMUM_ALLOWED,
939 FILE_OPEN, create_options, ACL_NO_MODE);
940 free_rsp_iov(out_iov, out_buftype, ARRAY_SIZE(out_iov));
941 rc = smb2_compound_op(xid, tcon, cifs_sb, full_path,
942 &oparms, in_iov, cmds, num_cmds,
943 cfile, out_iov, out_buftype, NULL);
944
945 hdr = out_iov[0].iov_base;
946 if (!hdr || out_buftype[0] == CIFS_NO_BUFFER)
947 goto out;
948
949 if (!rc)
950 rc = parse_create_response(data, cifs_sb, full_path, &out_iov[0]);
951 break;
952 case -EOPNOTSUPP:
953 /*
954 * BB TODO: When support for special files added to Samba
955 * re-verify this path.
956 */
957 rc = parse_create_response(data, cifs_sb, full_path, &out_iov[0]);
958 if (rc || !data->reparse_point)
959 goto out;
960
961 /*
962 * Skip SMB2_OP_GET_REPARSE if symlink already parsed in create
963 * response.
964 */
965 if (data->reparse.tag != IO_REPARSE_TAG_SYMLINK) {
966 cmds[num_cmds++] = SMB2_OP_GET_REPARSE;
967 if (!tcon->posix_extensions)
968 cmds[num_cmds++] = SMB2_OP_QUERY_WSL_EA;
969 }
970
971 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path,
972 FILE_READ_ATTRIBUTES |
973 FILE_READ_EA | SYNCHRONIZE,
974 FILE_OPEN, create_options |
975 OPEN_REPARSE_POINT, ACL_NO_MODE);
976 cifs_get_readable_path(tcon, full_path, &cfile);
977 free_rsp_iov(out_iov, out_buftype, ARRAY_SIZE(out_iov));
978 rc = smb2_compound_op(xid, tcon, cifs_sb, full_path,
979 &oparms, in_iov, cmds, num_cmds,
980 cfile, out_iov, out_buftype, NULL);
981 if (rc && ea_unsupported(cmds, num_cmds,
982 out_iov, out_buftype)) {
983 if (data->reparse.tag != IO_REPARSE_TAG_LX_BLK &&
984 data->reparse.tag != IO_REPARSE_TAG_LX_CHR)
985 rc = 0;
986 else
987 rc = -EOPNOTSUPP;
988 }
989
990 if (data->reparse.tag == IO_REPARSE_TAG_SYMLINK && !rc) {
991 bool directory = le32_to_cpu(data->fi.Attributes) & ATTR_DIRECTORY;
992 rc = smb2_fix_symlink_target_type(&data->symlink_target, directory, cifs_sb);
993 }
994 break;
995 case -EREMOTE:
996 break;
997 default:
998 if (hdr->Status != STATUS_OBJECT_NAME_INVALID)
999 break;
1000 rc2 = cifs_inval_name_dfs_link_error(xid, tcon, cifs_sb,
1001 full_path, &islink);
1002 if (rc2) {
1003 rc = rc2;
1004 goto out;
1005 }
1006 if (islink)
1007 rc = -EREMOTE;
1008 }
1009
1010 out:
1011 free_rsp_iov(out_iov, out_buftype, ARRAY_SIZE(out_iov));
1012 return rc;
1013 }
1014
1015 int
smb2_mkdir(const unsigned int xid,struct inode * parent_inode,umode_t mode,struct cifs_tcon * tcon,const char * name,struct cifs_sb_info * cifs_sb)1016 smb2_mkdir(const unsigned int xid, struct inode *parent_inode, umode_t mode,
1017 struct cifs_tcon *tcon, const char *name,
1018 struct cifs_sb_info *cifs_sb)
1019 {
1020 struct cifs_open_parms oparms;
1021
1022 oparms = CIFS_OPARMS(cifs_sb, tcon, name, FILE_WRITE_ATTRIBUTES,
1023 FILE_CREATE, CREATE_NOT_FILE, mode);
1024 return smb2_compound_op(xid, tcon, cifs_sb,
1025 name, &oparms, NULL,
1026 &(int){SMB2_OP_MKDIR}, 1,
1027 NULL, NULL, NULL, NULL);
1028 }
1029
1030 void
smb2_mkdir_setinfo(struct inode * inode,const char * name,struct cifs_sb_info * cifs_sb,struct cifs_tcon * tcon,const unsigned int xid)1031 smb2_mkdir_setinfo(struct inode *inode, const char *name,
1032 struct cifs_sb_info *cifs_sb, struct cifs_tcon *tcon,
1033 const unsigned int xid)
1034 {
1035 struct cifs_open_parms oparms;
1036 FILE_BASIC_INFO data = {};
1037 struct cifsInodeInfo *cifs_i;
1038 struct cifsFileInfo *cfile;
1039 struct kvec in_iov;
1040 u32 dosattrs;
1041 int tmprc;
1042
1043 in_iov.iov_base = &data;
1044 in_iov.iov_len = sizeof(data);
1045 cifs_i = CIFS_I(inode);
1046 dosattrs = cifs_i->cifsAttrs | ATTR_READONLY;
1047 data.Attributes = cpu_to_le32(dosattrs);
1048 cifs_get_writable_path(tcon, name, inode, FIND_ANY, &cfile);
1049 oparms = CIFS_OPARMS(cifs_sb, tcon, name, FILE_WRITE_ATTRIBUTES,
1050 FILE_CREATE, CREATE_NOT_FILE, ACL_NO_MODE);
1051 tmprc = smb2_compound_op(xid, tcon, cifs_sb, name,
1052 &oparms, &in_iov,
1053 &(int){SMB2_OP_SET_INFO}, 1,
1054 cfile, NULL, NULL, NULL);
1055 if (tmprc == 0)
1056 cifs_i->cifsAttrs = dosattrs;
1057 }
1058
1059 int
smb2_rmdir(const unsigned int xid,struct cifs_tcon * tcon,const char * name,struct cifs_sb_info * cifs_sb)1060 smb2_rmdir(const unsigned int xid, struct cifs_tcon *tcon, const char *name,
1061 struct cifs_sb_info *cifs_sb)
1062 {
1063 struct cifs_open_parms oparms;
1064
1065 drop_cached_dir_by_name(xid, tcon, name, cifs_sb);
1066 oparms = CIFS_OPARMS(cifs_sb, tcon, name, DELETE,
1067 FILE_OPEN, CREATE_NOT_FILE, ACL_NO_MODE);
1068 return smb2_compound_op(xid, tcon, cifs_sb,
1069 name, &oparms, NULL,
1070 &(int){SMB2_OP_UNLINK}, 1,
1071 NULL, NULL, NULL, NULL);
1072 }
1073
1074 int
smb2_unlink(const unsigned int xid,struct cifs_tcon * tcon,const char * name,struct cifs_sb_info * cifs_sb,struct dentry * dentry)1075 smb2_unlink(const unsigned int xid, struct cifs_tcon *tcon, const char *name,
1076 struct cifs_sb_info *cifs_sb, struct dentry *dentry)
1077 {
1078 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
1079 __le16 *utf16_path __free(kfree) = NULL;
1080 int retries = 0, cur_sleep = 0;
1081 struct TCP_Server_Info *server;
1082 struct cifs_open_parms oparms;
1083 struct smb2_create_req *creq;
1084 struct inode *inode = NULL;
1085 struct smb_rqst rqst[2];
1086 struct kvec rsp_iov[2];
1087 struct kvec close_iov;
1088 int resp_buftype[2];
1089 struct cifs_fid fid;
1090 int flags = 0;
1091 __u8 oplock;
1092 int rc;
1093
1094 utf16_path = cifs_convert_path_to_utf16(name, cifs_sb);
1095 if (!utf16_path)
1096 return -ENOMEM;
1097
1098 if (smb3_encryption_required(tcon))
1099 flags |= CIFS_TRANSFORM_REQ;
1100 again:
1101 oplock = SMB2_OPLOCK_LEVEL_NONE;
1102 server = cifs_pick_channel(tcon->ses);
1103
1104 memset(rqst, 0, sizeof(rqst));
1105 memset(resp_buftype, 0, sizeof(resp_buftype));
1106 memset(rsp_iov, 0, sizeof(rsp_iov));
1107
1108 memset(open_iov, 0, sizeof(open_iov));
1109 rqst[0].rq_iov = open_iov;
1110 rqst[0].rq_nvec = ARRAY_SIZE(open_iov);
1111
1112 oparms = CIFS_OPARMS(cifs_sb, tcon, name, DELETE | FILE_READ_ATTRIBUTES,
1113 FILE_OPEN, CREATE_DELETE_ON_CLOSE |
1114 OPEN_REPARSE_POINT, ACL_NO_MODE);
1115 oparms.fid = &fid;
1116
1117 if (dentry) {
1118 inode = d_inode(dentry);
1119 if (CIFS_I(inode)->lease_granted && server->ops->get_lease_key) {
1120 oplock = SMB2_OPLOCK_LEVEL_LEASE;
1121 server->ops->get_lease_key(inode, &fid);
1122 }
1123 }
1124
1125 rc = SMB2_open_init(tcon, server,
1126 &rqst[0], &oplock, &oparms, utf16_path);
1127 if (rc)
1128 goto err_free;
1129 smb2_set_next_command(tcon, &rqst[0]);
1130 creq = rqst[0].rq_iov[0].iov_base;
1131 creq->ShareAccess = FILE_SHARE_DELETE_LE;
1132
1133 memset(&close_iov, 0, sizeof(close_iov));
1134 rqst[1].rq_iov = &close_iov;
1135 rqst[1].rq_nvec = 1;
1136
1137 rc = SMB2_close_init(tcon, server, &rqst[1],
1138 COMPOUND_FID, COMPOUND_FID, false);
1139 if (rc)
1140 goto err_free;
1141 smb2_set_related(&rqst[1]);
1142
1143 if (retries) {
1144 /* Back-off before retry */
1145 if (cur_sleep)
1146 msleep(cur_sleep);
1147 for (int i = 0; i < ARRAY_SIZE(rqst); i++)
1148 smb2_set_replay(server, &rqst[i]);
1149 }
1150
1151 rc = compound_send_recv(xid, tcon->ses, server, flags,
1152 ARRAY_SIZE(rqst), rqst,
1153 resp_buftype, rsp_iov);
1154 SMB2_open_free(&rqst[0]);
1155 SMB2_close_free(&rqst[1]);
1156 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
1157 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
1158
1159 if (is_replayable_error(rc) &&
1160 smb2_should_replay(tcon, &retries, &cur_sleep))
1161 goto again;
1162
1163 /* Retry compound request without lease */
1164 if (rc == -EINVAL && dentry) {
1165 dentry = NULL;
1166 retries = 0;
1167 cur_sleep = 0;
1168 goto again;
1169 }
1170 /*
1171 * If dentry (hence, inode) is NULL, lease break is going to
1172 * take care of degrading leases on handles for deleted files.
1173 */
1174 if (!rc && inode)
1175 cifs_mark_open_handles_for_deleted_file(inode, name);
1176
1177 return rc;
1178
1179 err_free:
1180 SMB2_open_free(&rqst[0]);
1181 SMB2_close_free(&rqst[1]);
1182 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
1183 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
1184 return rc;
1185 }
1186
smb2_set_path_attr(const unsigned int xid,struct cifs_tcon * tcon,const char * from_name,const char * to_name,struct cifs_sb_info * cifs_sb,__u32 create_options,__u32 access,int command,struct cifsFileInfo * cfile,struct dentry * dentry)1187 static int smb2_set_path_attr(const unsigned int xid, struct cifs_tcon *tcon,
1188 const char *from_name, const char *to_name,
1189 struct cifs_sb_info *cifs_sb,
1190 __u32 create_options, __u32 access,
1191 int command, struct cifsFileInfo *cfile,
1192 struct dentry *dentry)
1193 {
1194 struct cifs_open_parms oparms;
1195 struct kvec in_iov;
1196 __le16 *smb2_to_name = NULL;
1197 int rc;
1198
1199 smb2_to_name = cifs_convert_path_to_utf16(to_name, cifs_sb);
1200 if (smb2_to_name == NULL) {
1201 rc = -ENOMEM;
1202 if (cfile)
1203 cifsFileInfo_put(cfile);
1204 goto smb2_rename_path;
1205 }
1206 in_iov.iov_base = smb2_to_name;
1207 in_iov.iov_len = 2 * UniStrnlen((wchar_t *)smb2_to_name, PATH_MAX);
1208 oparms = CIFS_OPARMS(cifs_sb, tcon, from_name, access, FILE_OPEN,
1209 create_options, ACL_NO_MODE);
1210 rc = smb2_compound_op(xid, tcon, cifs_sb, from_name,
1211 &oparms, &in_iov, &command, 1,
1212 cfile, NULL, NULL, dentry);
1213 smb2_rename_path:
1214 kfree(smb2_to_name);
1215 return rc;
1216 }
1217
smb2_rename_path(const unsigned int xid,struct cifs_tcon * tcon,struct dentry * source_dentry,const char * from_name,const char * to_name,struct cifs_sb_info * cifs_sb)1218 int smb2_rename_path(const unsigned int xid,
1219 struct cifs_tcon *tcon,
1220 struct dentry *source_dentry,
1221 const char *from_name, const char *to_name,
1222 struct cifs_sb_info *cifs_sb)
1223 {
1224 struct inode *inode = source_dentry ? d_inode(source_dentry) : NULL;
1225 struct cifsFileInfo *cfile;
1226 __u32 co = file_create_options(source_dentry);
1227
1228 drop_cached_dir_by_name(xid, tcon, from_name, cifs_sb);
1229 cifs_get_writable_path(tcon, from_name, inode,
1230 FIND_WITH_DELETE, &cfile);
1231
1232 int rc = smb2_set_path_attr(xid, tcon, from_name, to_name, cifs_sb,
1233 co, DELETE, SMB2_OP_RENAME, cfile, source_dentry);
1234 if (rc == -EINVAL) {
1235 cifs_dbg(FYI, "invalid lease key, resending request without lease");
1236 cifs_get_writable_path(tcon, from_name, inode,
1237 FIND_WITH_DELETE, &cfile);
1238 rc = smb2_set_path_attr(xid, tcon, from_name, to_name, cifs_sb,
1239 co, DELETE, SMB2_OP_RENAME, cfile, NULL);
1240 }
1241 return rc;
1242 }
1243
clear_tmpfile_attr(const unsigned int xid,struct cifs_tcon * tcon,struct inode * inode,const char * full_path)1244 static int clear_tmpfile_attr(const unsigned int xid, struct cifs_tcon *tcon,
1245 struct inode *inode, const char *full_path)
1246 {
1247 struct TCP_Server_Info *server = cifs_pick_channel(tcon->ses);
1248 struct cifsInodeInfo *cinode = CIFS_I(inode);
1249 FILE_BASIC_INFO fi;
1250
1251 cinode->cifsAttrs &= ~(ATTR_TEMPORARY | ATTR_HIDDEN);
1252 fi = (FILE_BASIC_INFO) {
1253 .Attributes = cpu_to_le32(cinode->cifsAttrs),
1254 };
1255 return server->ops->set_file_info(inode, full_path, &fi, xid);
1256 }
1257
smb2_create_hardlink(const unsigned int xid,struct cifs_tcon * tcon,struct dentry * source_dentry,const char * from_name,const char * to_name,struct cifs_sb_info * cifs_sb)1258 int smb2_create_hardlink(const unsigned int xid,
1259 struct cifs_tcon *tcon,
1260 struct dentry *source_dentry,
1261 const char *from_name, const char *to_name,
1262 struct cifs_sb_info *cifs_sb)
1263 {
1264 struct inode *inode = source_dentry ? d_inode(source_dentry) : NULL;
1265 __u32 co = file_create_options(source_dentry);
1266 struct cifsFileInfo *cfile;
1267 int rc;
1268
1269 if (inode && test_bit(CIFS_INO_TMPFILE, &CIFS_I(inode)->flags)) {
1270 rc = clear_tmpfile_attr(xid, tcon, inode, from_name);
1271 if (rc)
1272 return rc;
1273 }
1274
1275 cifs_get_writable_path(tcon, from_name, inode,
1276 FIND_WITH_DELETE, &cfile);
1277 return smb2_set_path_attr(xid, tcon, from_name, to_name,
1278 cifs_sb, co, FILE_READ_ATTRIBUTES,
1279 SMB2_OP_HARDLINK, cfile, NULL);
1280 }
1281
1282 int
smb2_set_path_size(const unsigned int xid,struct cifs_tcon * tcon,const char * full_path,__u64 size,struct cifs_sb_info * cifs_sb,bool set_alloc,struct dentry * dentry)1283 smb2_set_path_size(const unsigned int xid, struct cifs_tcon *tcon,
1284 const char *full_path, __u64 size,
1285 struct cifs_sb_info *cifs_sb, bool set_alloc,
1286 struct dentry *dentry)
1287 {
1288 struct inode *inode = dentry ? d_inode(dentry) : NULL;
1289 __le64 eof = cpu_to_le64(size);
1290 struct cifs_open_parms oparms;
1291 struct cifsFileInfo *cfile;
1292 struct kvec in_iov;
1293 int rc;
1294
1295 in_iov.iov_base = &eof;
1296 in_iov.iov_len = sizeof(eof);
1297 cifs_get_writable_path(tcon, full_path, inode, FIND_ANY, &cfile);
1298
1299 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path, FILE_WRITE_DATA,
1300 FILE_OPEN, 0, ACL_NO_MODE);
1301 rc = smb2_compound_op(xid, tcon, cifs_sb,
1302 full_path, &oparms, &in_iov,
1303 &(int){SMB2_OP_SET_EOF}, 1,
1304 cfile, NULL, NULL, dentry);
1305 if (rc == -EINVAL) {
1306 cifs_dbg(FYI, "invalid lease key, resending request without lease");
1307 cifs_get_writable_path(tcon, full_path,
1308 inode, FIND_ANY, &cfile);
1309 rc = smb2_compound_op(xid, tcon, cifs_sb,
1310 full_path, &oparms, &in_iov,
1311 &(int){SMB2_OP_SET_EOF}, 1,
1312 cfile, NULL, NULL, NULL);
1313 }
1314 return rc;
1315 }
1316
1317 int
smb2_set_file_info(struct inode * inode,const char * full_path,FILE_BASIC_INFO * buf,const unsigned int xid)1318 smb2_set_file_info(struct inode *inode, const char *full_path,
1319 FILE_BASIC_INFO *buf, const unsigned int xid)
1320 {
1321 struct kvec in_iov = { .iov_base = buf, .iov_len = sizeof(*buf), };
1322 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
1323 struct cifsFileInfo *cfile = NULL;
1324 struct cifs_open_parms oparms;
1325 struct tcon_link *tlink;
1326 struct cifs_tcon *tcon;
1327 int rc = 0;
1328
1329 tlink = cifs_sb_tlink(cifs_sb);
1330 if (IS_ERR(tlink))
1331 return PTR_ERR(tlink);
1332 tcon = tlink_tcon(tlink);
1333
1334 if ((buf->CreationTime == 0) && (buf->LastAccessTime == 0) &&
1335 (buf->LastWriteTime == 0) && (buf->ChangeTime == 0)) {
1336 if (buf->Attributes == 0)
1337 goto out; /* would be a no op, no sense sending this */
1338 cifs_get_writable_path(tcon, full_path,
1339 inode, FIND_ANY, &cfile);
1340 }
1341
1342 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path, FILE_WRITE_ATTRIBUTES,
1343 FILE_OPEN, 0, ACL_NO_MODE);
1344 rc = smb2_compound_op(xid, tcon, cifs_sb,
1345 full_path, &oparms, &in_iov,
1346 &(int){SMB2_OP_SET_INFO}, 1,
1347 cfile, NULL, NULL, NULL);
1348 out:
1349 cifs_put_tlink(tlink);
1350 return rc;
1351 }
1352
smb2_create_reparse_inode(struct cifs_open_info_data * data,struct super_block * sb,const unsigned int xid,struct cifs_tcon * tcon,const char * full_path,bool directory,struct kvec * reparse_iov,struct kvec * xattr_iov)1353 struct inode *smb2_create_reparse_inode(struct cifs_open_info_data *data,
1354 struct super_block *sb,
1355 const unsigned int xid,
1356 struct cifs_tcon *tcon,
1357 const char *full_path,
1358 bool directory,
1359 struct kvec *reparse_iov,
1360 struct kvec *xattr_iov)
1361 {
1362 struct cifs_open_parms oparms;
1363 struct cifs_sb_info *cifs_sb = CIFS_SB(sb);
1364 struct cifsFileInfo *cfile;
1365 struct inode *new = NULL;
1366 int out_buftype[4] = {};
1367 struct kvec out_iov[4] = {};
1368 struct kvec in_iov[2];
1369 int cmds[2];
1370 int rc;
1371 int i;
1372
1373 /*
1374 * If server filesystem does not support reparse points then do not
1375 * attempt to create reparse point. This will prevent creating unusable
1376 * empty object on the server.
1377 */
1378 if (!CIFS_REPARSE_SUPPORT(tcon))
1379 return ERR_PTR(-EOPNOTSUPP);
1380
1381 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path,
1382 SYNCHRONIZE | DELETE |
1383 FILE_READ_ATTRIBUTES |
1384 FILE_WRITE_ATTRIBUTES,
1385 FILE_CREATE,
1386 (directory ? CREATE_NOT_FILE : CREATE_NOT_DIR) | OPEN_REPARSE_POINT,
1387 ACL_NO_MODE);
1388 if (xattr_iov)
1389 oparms.ea_cctx = xattr_iov;
1390
1391 cmds[0] = SMB2_OP_SET_REPARSE;
1392 in_iov[0] = *reparse_iov;
1393 in_iov[1].iov_base = data;
1394 in_iov[1].iov_len = sizeof(*data);
1395
1396 if (tcon->posix_extensions) {
1397 cmds[1] = SMB2_OP_POSIX_QUERY_INFO;
1398 cifs_get_writable_path(tcon, full_path, NULL, FIND_ANY, &cfile);
1399 rc = smb2_compound_op(xid, tcon, cifs_sb, full_path, &oparms,
1400 in_iov, cmds, 2, cfile, out_iov, out_buftype, NULL);
1401 if (!rc) {
1402 rc = smb311_posix_get_inode_info(&new, full_path,
1403 data, sb, xid);
1404 }
1405 } else {
1406 cmds[1] = SMB2_OP_QUERY_INFO;
1407 cifs_get_writable_path(tcon, full_path, NULL, FIND_ANY, &cfile);
1408 rc = smb2_compound_op(xid, tcon, cifs_sb, full_path, &oparms,
1409 in_iov, cmds, 2, cfile, out_iov, out_buftype, NULL);
1410 if (!rc) {
1411 rc = cifs_get_inode_info(&new, full_path,
1412 data, sb, xid, NULL);
1413 }
1414 }
1415
1416
1417 /*
1418 * If CREATE was successful but SMB2_OP_SET_REPARSE failed then
1419 * remove the intermediate object created by CREATE. Otherwise
1420 * empty object stay on the server when reparse call failed.
1421 */
1422 if (rc &&
1423 out_iov[0].iov_base != NULL && out_buftype[0] != CIFS_NO_BUFFER &&
1424 ((struct smb2_hdr *)out_iov[0].iov_base)->Status == STATUS_SUCCESS &&
1425 (out_iov[1].iov_base == NULL || out_buftype[1] == CIFS_NO_BUFFER ||
1426 ((struct smb2_hdr *)out_iov[1].iov_base)->Status != STATUS_SUCCESS))
1427 smb2_unlink(xid, tcon, full_path, cifs_sb, NULL);
1428
1429 for (i = 0; i < ARRAY_SIZE(out_buftype); i++)
1430 free_rsp_buf(out_buftype[i], out_iov[i].iov_base);
1431
1432 return rc ? ERR_PTR(rc) : new;
1433 }
1434
smb2_query_reparse_point(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,const char * full_path,u32 * tag,struct kvec * rsp,int * rsp_buftype)1435 int smb2_query_reparse_point(const unsigned int xid,
1436 struct cifs_tcon *tcon,
1437 struct cifs_sb_info *cifs_sb,
1438 const char *full_path,
1439 u32 *tag, struct kvec *rsp,
1440 int *rsp_buftype)
1441 {
1442 struct cifs_open_parms oparms;
1443 struct cifs_open_info_data data = {};
1444 struct cifsFileInfo *cfile;
1445 struct kvec in_iov = { .iov_base = &data, .iov_len = sizeof(data), };
1446 int rc;
1447
1448 cifs_dbg(FYI, "%s: path: %s\n", __func__, full_path);
1449
1450 cifs_get_readable_path(tcon, full_path, &cfile);
1451 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path,
1452 FILE_READ_ATTRIBUTES | FILE_READ_EA | SYNCHRONIZE,
1453 FILE_OPEN, OPEN_REPARSE_POINT, ACL_NO_MODE);
1454 rc = smb2_compound_op(xid, tcon, cifs_sb,
1455 full_path, &oparms, &in_iov,
1456 &(int){SMB2_OP_GET_REPARSE}, 1,
1457 cfile, NULL, NULL, NULL);
1458 if (rc)
1459 goto out;
1460
1461 *tag = data.reparse.tag;
1462 *rsp = data.reparse.io.iov;
1463 *rsp_buftype = data.reparse.io.buftype;
1464 memset(&data.reparse.io.iov, 0, sizeof(data.reparse.io.iov));
1465 data.reparse.io.buftype = CIFS_NO_BUFFER;
1466 out:
1467 cifs_free_open_info(&data);
1468 return rc;
1469 }
1470
utf16_smb2_path(struct cifs_sb_info * cifs_sb,const char * name,size_t namelen)1471 static inline __le16 *utf16_smb2_path(struct cifs_sb_info *cifs_sb,
1472 const char *name, size_t namelen)
1473 {
1474 int len;
1475
1476 if (*name == '\\' ||
1477 (cifs_sb_master_tlink(cifs_sb) &&
1478 cifs_sb_master_tcon(cifs_sb)->posix_extensions && *name == '/'))
1479 name++;
1480 return cifs_strndup_to_utf16(name, namelen, &len,
1481 cifs_sb->local_nls,
1482 cifs_remap(cifs_sb));
1483 }
1484
smb2_rename_pending_delete(const char * full_path,struct dentry * dentry,const unsigned int xid)1485 int smb2_rename_pending_delete(const char *full_path,
1486 struct dentry *dentry,
1487 const unsigned int xid)
1488 {
1489 struct cifsInodeInfo *cinode = CIFS_I(d_inode(dentry));
1490 struct cifs_sb_info *cifs_sb = CIFS_SB(dentry);
1491 __le16 *utf16_path __free(kfree) = NULL;
1492 __u32 co = file_create_options(dentry);
1493 int cmds[] = {
1494 SMB2_OP_SET_INFO,
1495 SMB2_OP_RENAME,
1496 SMB2_OP_UNLINK,
1497 };
1498 const int num_cmds = ARRAY_SIZE(cmds);
1499 char *to_name __free(kfree) = NULL;
1500 __u32 attrs = cinode->cifsAttrs;
1501 struct cifs_open_parms oparms;
1502 struct cifsFileInfo *cfile;
1503 struct tcon_link *tlink;
1504 struct cifs_tcon *tcon;
1505 struct kvec iov[2];
1506 int rc;
1507
1508 tlink = cifs_sb_tlink(cifs_sb);
1509 if (IS_ERR(tlink))
1510 return PTR_ERR(tlink);
1511 tcon = tlink_tcon(tlink);
1512
1513 to_name = cifs_silly_fullpath(dentry);
1514 if (IS_ERR(to_name)) {
1515 rc = PTR_ERR(to_name);
1516 to_name = NULL;
1517 goto out;
1518 }
1519
1520 utf16_path = utf16_smb2_path(cifs_sb, to_name, strlen(to_name));
1521 if (!utf16_path) {
1522 rc = -ENOMEM;
1523 goto out;
1524 }
1525
1526 drop_cached_dir_by_name(xid, tcon, full_path, cifs_sb);
1527 oparms = CIFS_OPARMS(cifs_sb, tcon, full_path,
1528 DELETE | FILE_WRITE_ATTRIBUTES,
1529 FILE_OPEN, co, ACL_NO_MODE);
1530
1531 attrs &= ~ATTR_READONLY;
1532 if (!attrs)
1533 attrs = ATTR_NORMAL;
1534 if (d_inode(dentry)->i_nlink <= 1)
1535 attrs |= ATTR_HIDDEN;
1536 iov[0].iov_base = &(FILE_BASIC_INFO) {
1537 .Attributes = cpu_to_le32(attrs),
1538 };
1539 iov[0].iov_len = sizeof(FILE_BASIC_INFO);
1540 iov[1].iov_base = utf16_path;
1541 iov[1].iov_len = sizeof(*utf16_path) * UniStrlen((wchar_t *)utf16_path);
1542
1543 cifs_get_writable_path(tcon, full_path, d_inode(dentry),
1544 FIND_WITH_DELETE, &cfile);
1545 rc = smb2_compound_op(xid, tcon, cifs_sb, full_path, &oparms, iov,
1546 cmds, num_cmds, cfile, NULL, NULL, dentry);
1547 if (rc == -EINVAL) {
1548 cifs_dbg(FYI, "invalid lease key, resending request without lease\n");
1549 cifs_get_writable_path(tcon, full_path, d_inode(dentry),
1550 FIND_WITH_DELETE, &cfile);
1551 rc = smb2_compound_op(xid, tcon, cifs_sb, full_path, &oparms, iov,
1552 cmds, num_cmds, cfile, NULL, NULL, NULL);
1553 }
1554 if (!rc) {
1555 set_bit(CIFS_INO_DELETE_PENDING, &cinode->flags);
1556 } else {
1557 cifs_tcon_dbg(FYI, "%s: failed to rename '%s' to '%s': %d\n",
1558 __func__, full_path, to_name, rc);
1559 rc = smb_EIO1(smb_eio_trace_pend_del_fail, rc);
1560 }
1561 out:
1562 cifs_put_tlink(tlink);
1563 return rc;
1564 }
1565