1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 DEFINE_MUTEX(cifs_mount_mutex);
41
42 static const match_table_t cifs_smb_version_tokens = {
43 { Smb_1, SMB1_VERSION_STRING },
44 { Smb_20, SMB20_VERSION_STRING},
45 { Smb_21, SMB21_VERSION_STRING },
46 { Smb_30, SMB30_VERSION_STRING },
47 { Smb_302, SMB302_VERSION_STRING },
48 { Smb_302, ALT_SMB302_VERSION_STRING },
49 { Smb_311, SMB311_VERSION_STRING },
50 { Smb_311, ALT_SMB311_VERSION_STRING },
51 { Smb_3any, SMB3ANY_VERSION_STRING },
52 { Smb_default, SMBDEFAULT_VERSION_STRING },
53 { Smb_version_err, NULL }
54 };
55
56 static const match_table_t cifs_secflavor_tokens = {
57 { Opt_sec_krb5, "krb5" },
58 { Opt_sec_krb5i, "krb5i" },
59 { Opt_sec_krb5p, "krb5p" },
60 { Opt_sec_ntlmsspi, "ntlmsspi" },
61 { Opt_sec_ntlmssp, "ntlmssp" },
62 { Opt_sec_ntlmv2, "nontlm" },
63 { Opt_sec_ntlmv2, "ntlmv2" },
64 { Opt_sec_ntlmv2i, "ntlmv2i" },
65 { Opt_sec_none, "none" },
66
67 { Opt_sec_err, NULL }
68 };
69
70 static const match_table_t cifs_upcall_target = {
71 { Opt_upcall_target_mount, "mount" },
72 { Opt_upcall_target_application, "app" },
73 { Opt_upcall_target_err, NULL }
74 };
75
76 const struct fs_parameter_spec smb3_fs_parameters[] = {
77 /* Mount options that take no arguments */
78 fsparam_flag_no("user_xattr", Opt_user_xattr),
79 fsparam_flag_no("forceuid", Opt_forceuid),
80 fsparam_flag_no("multichannel", Opt_multichannel),
81 fsparam_flag_no("forcegid", Opt_forcegid),
82 fsparam_flag("noblocksend", Opt_noblocksend),
83 fsparam_flag("noautotune", Opt_noautotune),
84 fsparam_flag("nolease", Opt_nolease),
85 fsparam_flag_no("hard", Opt_hard),
86 fsparam_flag_no("soft", Opt_soft),
87 fsparam_flag_no("perm", Opt_perm),
88 fsparam_flag("nodelete", Opt_nodelete),
89 fsparam_flag_no("mapposix", Opt_mapposix),
90 fsparam_flag("mapchars", Opt_mapchars),
91 fsparam_flag("nomapchars", Opt_nomapchars),
92 fsparam_flag_no("sfu", Opt_sfu),
93 fsparam_flag("nodfs", Opt_nodfs),
94 fsparam_flag_no("posixpaths", Opt_posixpaths),
95 fsparam_flag_no("unix", Opt_unix),
96 fsparam_flag_no("linux", Opt_unix),
97 fsparam_flag_no("posix", Opt_unix),
98 fsparam_flag("nocase", Opt_nocase),
99 fsparam_flag("ignorecase", Opt_nocase),
100 fsparam_flag_no("brl", Opt_brl),
101 fsparam_flag_no("handlecache", Opt_handlecache),
102 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
103 fsparam_flag("forcemand", Opt_forcemandatorylock),
104 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
105 fsparam_flag("idsfromsid", Opt_setuidfromacl),
106 fsparam_flag_no("setuids", Opt_setuids),
107 fsparam_flag_no("dynperm", Opt_dynperm),
108 fsparam_flag_no("intr", Opt_intr),
109 fsparam_flag_no("strictsync", Opt_strictsync),
110 fsparam_flag_no("serverino", Opt_serverino),
111 fsparam_flag("rwpidforward", Opt_rwpidforward),
112 fsparam_flag("cifsacl", Opt_cifsacl),
113 fsparam_flag_no("acl", Opt_acl),
114 fsparam_flag("locallease", Opt_locallease),
115 fsparam_flag("sign", Opt_sign),
116 fsparam_flag("ignore_signature", Opt_ignore_signature),
117 fsparam_flag("signloosely", Opt_ignore_signature),
118 fsparam_flag("seal", Opt_seal),
119 fsparam_flag("noac", Opt_noac),
120 fsparam_flag("fsc", Opt_fsc),
121 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
122 fsparam_flag("multiuser", Opt_multiuser),
123 fsparam_flag("sloppy", Opt_sloppy),
124 fsparam_flag("nosharesock", Opt_nosharesock),
125 fsparam_flag_no("persistenthandles", Opt_persistent),
126 fsparam_flag_no("resilienthandles", Opt_resilient),
127 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
128 fsparam_flag("nosparse", Opt_nosparse),
129 fsparam_flag("domainauto", Opt_domainauto),
130 fsparam_flag("rdma", Opt_rdma),
131 fsparam_flag("modesid", Opt_modesid),
132 fsparam_flag("modefromsid", Opt_modesid),
133 fsparam_flag("rootfs", Opt_rootfs),
134 fsparam_flag("compress", Opt_compress),
135 fsparam_flag("witness", Opt_witness),
136 fsparam_flag_no("nativesocket", Opt_nativesocket),
137 fsparam_flag_no("unicode", Opt_unicode),
138 fsparam_flag_no("nbsessinit", Opt_nbsessinit),
139
140 /* Mount options which take uid or gid */
141 fsparam_uid("backupuid", Opt_backupuid),
142 fsparam_gid("backupgid", Opt_backupgid),
143 fsparam_uid("uid", Opt_uid),
144 fsparam_uid("cruid", Opt_cruid),
145 fsparam_gid("gid", Opt_gid),
146
147 /* Mount options which take numeric value */
148 fsparam_u32("file_mode", Opt_file_mode),
149 fsparam_u32("dirmode", Opt_dirmode),
150 fsparam_u32("dir_mode", Opt_dirmode),
151 fsparam_u32("port", Opt_port),
152 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
153 fsparam_u32("retrans", Opt_retrans),
154 fsparam_u32("esize", Opt_min_enc_offload),
155 fsparam_u32("bsize", Opt_blocksize),
156 fsparam_u32("rasize", Opt_rasize),
157 fsparam_u32("rsize", Opt_rsize),
158 fsparam_u32("wsize", Opt_wsize),
159 fsparam_u32("actimeo", Opt_actimeo),
160 fsparam_u32("acdirmax", Opt_acdirmax),
161 fsparam_u32("acregmax", Opt_acregmax),
162 fsparam_u32("closetimeo", Opt_closetimeo),
163 fsparam_u32("echo_interval", Opt_echo_interval),
164 fsparam_u32("max_credits", Opt_max_credits),
165 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs),
166 fsparam_u32("handletimeout", Opt_handletimeout),
167 fsparam_u64("snapshot", Opt_snapshot),
168 fsparam_u32("max_channels", Opt_max_channels),
169
170 /* Mount options which take string value */
171 fsparam_string("source", Opt_source),
172 fsparam_string("user", Opt_user),
173 fsparam_string("username", Opt_user),
174 fsparam_string("pass", Opt_pass),
175 fsparam_string("password", Opt_pass),
176 fsparam_string("pass2", Opt_pass2),
177 fsparam_string("password2", Opt_pass2),
178 fsparam_string("ip", Opt_ip),
179 fsparam_string("addr", Opt_ip),
180 fsparam_string("domain", Opt_domain),
181 fsparam_string("dom", Opt_domain),
182 fsparam_string("srcaddr", Opt_srcaddr),
183 fsparam_string("iocharset", Opt_iocharset),
184 fsparam_string("netbiosname", Opt_netbiosname),
185 fsparam_string("servern", Opt_servern),
186 fsparam_string("ver", Opt_ver),
187 fsparam_string("vers", Opt_vers),
188 fsparam_string("sec", Opt_sec),
189 fsparam_string("cache", Opt_cache),
190 fsparam_string("reparse", Opt_reparse),
191 fsparam_string("upcall_target", Opt_upcalltarget),
192 fsparam_string("symlink", Opt_symlink),
193 fsparam_string("symlinkroot", Opt_symlinkroot),
194
195 /* Arguments that should be ignored */
196 fsparam_flag("guest", Opt_ignore),
197 fsparam_flag("noatime", Opt_ignore),
198 fsparam_flag("relatime", Opt_ignore),
199 fsparam_flag("_netdev", Opt_ignore),
200 fsparam_flag_no("suid", Opt_ignore),
201 fsparam_flag_no("exec", Opt_ignore),
202 fsparam_flag_no("dev", Opt_ignore),
203 fsparam_flag_no("mand", Opt_ignore),
204 fsparam_flag_no("auto", Opt_ignore),
205 fsparam_string("cred", Opt_ignore),
206 fsparam_string("credentials", Opt_ignore),
207 /*
208 * UNC and prefixpath is now extracted from Opt_source
209 * in the new mount API so we can just ignore them going forward.
210 */
211 fsparam_string("unc", Opt_ignore),
212 fsparam_string("prefixpath", Opt_ignore),
213 {}
214 };
215
216 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)217 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
218 {
219
220 substring_t args[MAX_OPT_ARGS];
221
222 /*
223 * With mount options, the last one should win. Reset any existing
224 * settings back to default.
225 */
226 ctx->sectype = Unspecified;
227 ctx->sign = false;
228
229 switch (match_token(value, cifs_secflavor_tokens, args)) {
230 case Opt_sec_krb5p:
231 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n");
232 return 1;
233 case Opt_sec_krb5i:
234 ctx->sign = true;
235 fallthrough;
236 case Opt_sec_krb5:
237 ctx->sectype = Kerberos;
238 break;
239 case Opt_sec_ntlmsspi:
240 ctx->sign = true;
241 fallthrough;
242 case Opt_sec_ntlmssp:
243 ctx->sectype = RawNTLMSSP;
244 break;
245 case Opt_sec_ntlmv2i:
246 ctx->sign = true;
247 fallthrough;
248 case Opt_sec_ntlmv2:
249 ctx->sectype = NTLMv2;
250 break;
251 case Opt_sec_none:
252 ctx->nullauth = 1;
253 kfree(ctx->username);
254 ctx->username = NULL;
255 break;
256 default:
257 cifs_errorf(fc, "bad security option: %s\n", value);
258 return 1;
259 }
260
261 return 0;
262 }
263
264 static int
cifs_parse_upcall_target(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)265 cifs_parse_upcall_target(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
266 {
267 substring_t args[MAX_OPT_ARGS];
268
269 ctx->upcall_target = UPTARGET_UNSPECIFIED;
270
271 switch (match_token(value, cifs_upcall_target, args)) {
272 case Opt_upcall_target_mount:
273 ctx->upcall_target = UPTARGET_MOUNT;
274 break;
275 case Opt_upcall_target_application:
276 ctx->upcall_target = UPTARGET_APP;
277 break;
278
279 default:
280 cifs_errorf(fc, "bad upcall target: %s\n", value);
281 return 1;
282 }
283
284 return 0;
285 }
286
287 static const match_table_t cifs_cacheflavor_tokens = {
288 { Opt_cache_loose, "loose" },
289 { Opt_cache_strict, "strict" },
290 { Opt_cache_none, "none" },
291 { Opt_cache_ro, "ro" },
292 { Opt_cache_rw, "singleclient" },
293 { Opt_cache_err, NULL }
294 };
295
296 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)297 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
298 {
299 substring_t args[MAX_OPT_ARGS];
300
301 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
302 case Opt_cache_loose:
303 ctx->direct_io = false;
304 ctx->strict_io = false;
305 ctx->cache_ro = false;
306 ctx->cache_rw = false;
307 break;
308 case Opt_cache_strict:
309 ctx->direct_io = false;
310 ctx->strict_io = true;
311 ctx->cache_ro = false;
312 ctx->cache_rw = false;
313 break;
314 case Opt_cache_none:
315 ctx->direct_io = true;
316 ctx->strict_io = false;
317 ctx->cache_ro = false;
318 ctx->cache_rw = false;
319 break;
320 case Opt_cache_ro:
321 ctx->direct_io = false;
322 ctx->strict_io = false;
323 ctx->cache_ro = true;
324 ctx->cache_rw = false;
325 break;
326 case Opt_cache_rw:
327 ctx->direct_io = false;
328 ctx->strict_io = false;
329 ctx->cache_ro = false;
330 ctx->cache_rw = true;
331 break;
332 default:
333 cifs_errorf(fc, "bad cache= option: %s\n", value);
334 return 1;
335 }
336 return 0;
337 }
338
339 static const match_table_t reparse_flavor_tokens = {
340 { Opt_reparse_default, "default" },
341 { Opt_reparse_none, "none" },
342 { Opt_reparse_nfs, "nfs" },
343 { Opt_reparse_wsl, "wsl" },
344 { Opt_reparse_err, NULL },
345 };
346
parse_reparse_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)347 static int parse_reparse_flavor(struct fs_context *fc, char *value,
348 struct smb3_fs_context *ctx)
349 {
350 substring_t args[MAX_OPT_ARGS];
351
352 switch (match_token(value, reparse_flavor_tokens, args)) {
353 case Opt_reparse_default:
354 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
355 break;
356 case Opt_reparse_none:
357 ctx->reparse_type = CIFS_REPARSE_TYPE_NONE;
358 break;
359 case Opt_reparse_nfs:
360 ctx->reparse_type = CIFS_REPARSE_TYPE_NFS;
361 break;
362 case Opt_reparse_wsl:
363 ctx->reparse_type = CIFS_REPARSE_TYPE_WSL;
364 break;
365 default:
366 cifs_errorf(fc, "bad reparse= option: %s\n", value);
367 return 1;
368 }
369 return 0;
370 }
371
372 static const match_table_t symlink_flavor_tokens = {
373 { Opt_symlink_default, "default" },
374 { Opt_symlink_none, "none" },
375 { Opt_symlink_native, "native" },
376 { Opt_symlink_unix, "unix" },
377 { Opt_symlink_mfsymlinks, "mfsymlinks" },
378 { Opt_symlink_sfu, "sfu" },
379 { Opt_symlink_nfs, "nfs" },
380 { Opt_symlink_wsl, "wsl" },
381 { Opt_symlink_err, NULL },
382 };
383
parse_symlink_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)384 static int parse_symlink_flavor(struct fs_context *fc, char *value,
385 struct smb3_fs_context *ctx)
386 {
387 substring_t args[MAX_OPT_ARGS];
388
389 switch (match_token(value, symlink_flavor_tokens, args)) {
390 case Opt_symlink_default:
391 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
392 break;
393 case Opt_symlink_none:
394 ctx->symlink_type = CIFS_SYMLINK_TYPE_NONE;
395 break;
396 case Opt_symlink_native:
397 ctx->symlink_type = CIFS_SYMLINK_TYPE_NATIVE;
398 break;
399 case Opt_symlink_unix:
400 ctx->symlink_type = CIFS_SYMLINK_TYPE_UNIX;
401 break;
402 case Opt_symlink_mfsymlinks:
403 ctx->symlink_type = CIFS_SYMLINK_TYPE_MFSYMLINKS;
404 break;
405 case Opt_symlink_sfu:
406 ctx->symlink_type = CIFS_SYMLINK_TYPE_SFU;
407 break;
408 case Opt_symlink_nfs:
409 ctx->symlink_type = CIFS_SYMLINK_TYPE_NFS;
410 break;
411 case Opt_symlink_wsl:
412 ctx->symlink_type = CIFS_SYMLINK_TYPE_WSL;
413 break;
414 default:
415 cifs_errorf(fc, "bad symlink= option: %s\n", value);
416 return 1;
417 }
418 return 0;
419 }
420
421 #define DUP_CTX_STR(field) \
422 do { \
423 if (ctx->field) { \
424 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
425 if (new_ctx->field == NULL) { \
426 smb3_cleanup_fs_context_contents(new_ctx); \
427 return -ENOMEM; \
428 } \
429 } \
430 } while (0)
431
432 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)433 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
434 {
435 memcpy(new_ctx, ctx, sizeof(*ctx));
436 new_ctx->prepath = NULL;
437 new_ctx->nodename = NULL;
438 new_ctx->username = NULL;
439 new_ctx->password = NULL;
440 new_ctx->password2 = NULL;
441 new_ctx->server_hostname = NULL;
442 new_ctx->domainname = NULL;
443 new_ctx->UNC = NULL;
444 new_ctx->source = NULL;
445 new_ctx->iocharset = NULL;
446 new_ctx->leaf_fullpath = NULL;
447 new_ctx->dns_dom = NULL;
448 new_ctx->symlinkroot = NULL;
449 /*
450 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
451 */
452 DUP_CTX_STR(prepath);
453 DUP_CTX_STR(username);
454 DUP_CTX_STR(password);
455 DUP_CTX_STR(password2);
456 DUP_CTX_STR(server_hostname);
457 DUP_CTX_STR(UNC);
458 DUP_CTX_STR(source);
459 DUP_CTX_STR(domainname);
460 DUP_CTX_STR(nodename);
461 DUP_CTX_STR(iocharset);
462 DUP_CTX_STR(leaf_fullpath);
463 DUP_CTX_STR(dns_dom);
464 DUP_CTX_STR(symlinkroot);
465
466 return 0;
467 }
468
469 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)470 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
471 {
472 substring_t args[MAX_OPT_ARGS];
473
474 switch (match_token(value, cifs_smb_version_tokens, args)) {
475 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
476 case Smb_1:
477 if (disable_legacy_dialects) {
478 cifs_errorf(fc, "mount with legacy dialect disabled\n");
479 return 1;
480 }
481 if (is_smb3) {
482 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
483 return 1;
484 }
485 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
486 ctx->ops = &smb1_operations;
487 ctx->vals = &smb1_values;
488 break;
489 case Smb_20:
490 if (disable_legacy_dialects) {
491 cifs_errorf(fc, "mount with legacy dialect disabled\n");
492 return 1;
493 }
494 if (is_smb3) {
495 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
496 return 1;
497 }
498 ctx->ops = &smb20_operations;
499 ctx->vals = &smb20_values;
500 break;
501 #else
502 case Smb_1:
503 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
504 return 1;
505 case Smb_20:
506 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
507 return 1;
508 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
509 case Smb_21:
510 ctx->ops = &smb21_operations;
511 ctx->vals = &smb21_values;
512 break;
513 case Smb_30:
514 ctx->ops = &smb30_operations;
515 ctx->vals = &smb30_values;
516 break;
517 case Smb_302:
518 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
519 ctx->vals = &smb302_values;
520 break;
521 case Smb_311:
522 ctx->ops = &smb311_operations;
523 ctx->vals = &smb311_values;
524 break;
525 case Smb_3any:
526 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
527 ctx->vals = &smb3any_values;
528 break;
529 case Smb_default:
530 ctx->ops = &smb30_operations;
531 ctx->vals = &smbdefault_values;
532 break;
533 default:
534 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
535 return 1;
536 }
537 return 0;
538 }
539
smb3_parse_opt(const char * options,const char * key,char ** val)540 int smb3_parse_opt(const char *options, const char *key, char **val)
541 {
542 int rc = -ENOENT;
543 char *opts, *orig, *p;
544
545 orig = opts = kstrdup(options, GFP_KERNEL);
546 if (!opts)
547 return -ENOMEM;
548
549 while ((p = strsep(&opts, ","))) {
550 char *nval;
551
552 if (!*p)
553 continue;
554 if (strncasecmp(p, key, strlen(key)))
555 continue;
556 nval = strchr(p, '=');
557 if (nval) {
558 if (nval == p)
559 continue;
560 *nval++ = 0;
561 *val = kstrdup(nval, GFP_KERNEL);
562 rc = !*val ? -ENOMEM : 0;
563 goto out;
564 }
565 }
566 out:
567 kfree(orig);
568 return rc;
569 }
570
571 /*
572 * Remove duplicate path delimiters. Windows is supposed to do that
573 * but there are some bugs that prevent rename from working if there are
574 * multiple delimiters.
575 *
576 * Return a sanitized duplicate of @path or NULL for empty prefix paths.
577 * Otherwise, return ERR_PTR.
578 *
579 * @gfp indicates the GFP_* flags for kstrdup.
580 * The caller is responsible for freeing the original.
581 */
582 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
cifs_sanitize_prepath(char * prepath,gfp_t gfp)583 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
584 {
585 char *cursor1 = prepath, *cursor2 = prepath;
586 char *s;
587
588 /* skip all prepended delimiters */
589 while (IS_DELIM(*cursor1))
590 cursor1++;
591
592 /* copy the first letter */
593 *cursor2 = *cursor1;
594
595 /* copy the remainder... */
596 while (*(cursor1++)) {
597 /* ... skipping all duplicated delimiters */
598 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
599 continue;
600 *(++cursor2) = *cursor1;
601 }
602
603 /* if the last character is a delimiter, skip it */
604 if (IS_DELIM(*(cursor2 - 1)))
605 cursor2--;
606
607 *cursor2 = '\0';
608 if (!*prepath)
609 return NULL;
610 s = kstrdup(prepath, gfp);
611 if (!s)
612 return ERR_PTR(-ENOMEM);
613 return s;
614 }
615
616 /*
617 * Return full path based on the values of @ctx->{UNC,prepath}.
618 *
619 * It is assumed that both values were already parsed by smb3_parse_devname().
620 */
smb3_fs_context_fullpath(const struct smb3_fs_context * ctx,char dirsep)621 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep)
622 {
623 size_t ulen, plen;
624 char *s;
625
626 ulen = strlen(ctx->UNC);
627 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0;
628
629 s = kmalloc(ulen + plen + 1, GFP_KERNEL);
630 if (!s)
631 return ERR_PTR(-ENOMEM);
632 memcpy(s, ctx->UNC, ulen);
633 if (plen) {
634 s[ulen] = dirsep;
635 memcpy(s + ulen + 1, ctx->prepath, plen);
636 }
637 s[ulen + plen] = '\0';
638 convert_delimiter(s, dirsep);
639 return s;
640 }
641
642 /*
643 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
644 * fields with the result. Returns 0 on success and an error otherwise
645 * (e.g. ENOMEM or EINVAL)
646 */
647 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)648 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
649 {
650 char *pos;
651 const char *delims = "/\\";
652 size_t len;
653 int rc;
654
655 if (unlikely(!devname || !*devname)) {
656 cifs_dbg(VFS, "Device name not specified\n");
657 return -EINVAL;
658 }
659
660 /* make sure we have a valid UNC double delimiter prefix */
661 len = strspn(devname, delims);
662 if (len != 2)
663 return -EINVAL;
664
665 /* find delimiter between host and sharename */
666 pos = strpbrk(devname + 2, delims);
667 if (!pos)
668 return -EINVAL;
669
670 /* record the server hostname */
671 kfree(ctx->server_hostname);
672 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
673 if (!ctx->server_hostname)
674 return -ENOMEM;
675
676 /* skip past delimiter */
677 ++pos;
678
679 /* now go until next delimiter or end of string */
680 len = strcspn(pos, delims);
681 if (!len)
682 return -EINVAL;
683
684 /* move "pos" up to delimiter or NULL */
685 pos += len;
686 kfree(ctx->UNC);
687 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
688 if (!ctx->UNC)
689 return -ENOMEM;
690
691 convert_delimiter(ctx->UNC, '\\');
692
693 /* skip any delimiter */
694 if (*pos == '/' || *pos == '\\')
695 pos++;
696
697 kfree(ctx->prepath);
698 ctx->prepath = NULL;
699
700 /* If pos is NULL then no prepath */
701 if (!*pos)
702 return 0;
703
704 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
705 if (IS_ERR(ctx->prepath)) {
706 rc = PTR_ERR(ctx->prepath);
707 ctx->prepath = NULL;
708 return rc;
709 }
710
711 return 0;
712 }
713
714 static void smb3_fs_context_free(struct fs_context *fc);
715 static int smb3_fs_context_parse_param(struct fs_context *fc,
716 struct fs_parameter *param);
717 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
718 void *data);
719 static int smb3_get_tree(struct fs_context *fc);
720 static int smb3_reconfigure(struct fs_context *fc);
721
722 static const struct fs_context_operations smb3_fs_context_ops = {
723 .free = smb3_fs_context_free,
724 .parse_param = smb3_fs_context_parse_param,
725 .parse_monolithic = smb3_fs_context_parse_monolithic,
726 .get_tree = smb3_get_tree,
727 .reconfigure = smb3_reconfigure,
728 };
729
730 /*
731 * Parse a monolithic block of data from sys_mount().
732 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
733 * @ctx: The superblock configuration to fill in.
734 * @data: The data to parse
735 *
736 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
737 * called from the ->monolithic_mount_data() fs_context operation.
738 *
739 * Returns 0 on success or the error returned by the ->parse_option() fs_context
740 * operation on failure.
741 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)742 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
743 void *data)
744 {
745 char *options = data, *key;
746 int ret = 0;
747
748 if (!options)
749 return 0;
750
751 ret = security_sb_eat_lsm_opts(options, &fc->security);
752 if (ret)
753 return ret;
754
755 /* BB Need to add support for sep= here TBD */
756 while ((key = strsep(&options, ",")) != NULL) {
757 size_t len;
758 char *value;
759
760 if (*key == 0)
761 break;
762
763 /* Check if following character is the deliminator If yes,
764 * we have encountered a double deliminator reset the NULL
765 * character to the deliminator
766 */
767 while (options && options[0] == ',') {
768 len = strlen(key);
769 strcpy(key + len, options);
770 options = strchr(options, ',');
771 if (options)
772 *options++ = 0;
773 }
774
775
776 value = strchr(key, '=');
777 if (value) {
778 if (value == key)
779 continue;
780 *value++ = 0;
781 }
782
783 ret = vfs_parse_fs_string(fc, key, value);
784 if (ret < 0)
785 break;
786 }
787
788 return ret;
789 }
790
791 /*
792 * Validate the preparsed information in the config.
793 */
smb3_fs_context_validate(struct fs_context * fc)794 static int smb3_fs_context_validate(struct fs_context *fc)
795 {
796 struct smb3_fs_context *ctx = smb3_fc2context(fc);
797
798 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
799 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
800 return -EOPNOTSUPP;
801 }
802
803 #ifndef CONFIG_KEYS
804 /* Muliuser mounts require CONFIG_KEYS support */
805 if (ctx->multiuser) {
806 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
807 return -1;
808 }
809 #endif
810
811 if (ctx->got_version == false)
812 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
813
814
815 if (!ctx->UNC) {
816 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
817 return -1;
818 }
819
820 /* make sure UNC has a share name */
821 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
822 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
823 return -ENOENT;
824 }
825
826 if (!ctx->got_ip) {
827 int len;
828 const char *slash;
829
830 /* No ip= option specified? Try to get it from UNC */
831 /* Use the address part of the UNC. */
832 slash = strchr(&ctx->UNC[2], '\\');
833 len = slash - &ctx->UNC[2];
834 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
835 &ctx->UNC[2], len)) {
836 pr_err("Unable to determine destination address\n");
837 return -EHOSTUNREACH;
838 }
839 }
840
841 /* set the port that we got earlier */
842 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
843
844 if (ctx->uid_specified && !ctx->forceuid_specified) {
845 ctx->override_uid = 1;
846 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n");
847 }
848
849 if (ctx->gid_specified && !ctx->forcegid_specified) {
850 ctx->override_gid = 1;
851 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n");
852 }
853
854 if (ctx->override_uid && !ctx->uid_specified) {
855 ctx->override_uid = 0;
856 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
857 }
858
859 if (ctx->override_gid && !ctx->gid_specified) {
860 ctx->override_gid = 0;
861 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
862 }
863
864 return 0;
865 }
866
smb3_get_tree_common(struct fs_context * fc)867 static int smb3_get_tree_common(struct fs_context *fc)
868 {
869 struct smb3_fs_context *ctx = smb3_fc2context(fc);
870 struct dentry *root;
871 int rc = 0;
872
873 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
874 if (IS_ERR(root))
875 return PTR_ERR(root);
876
877 fc->root = root;
878
879 return rc;
880 }
881
882 /*
883 * Create an SMB3 superblock from the parameters passed.
884 */
smb3_get_tree(struct fs_context * fc)885 static int smb3_get_tree(struct fs_context *fc)
886 {
887 int err = smb3_fs_context_validate(fc);
888 int ret;
889
890 if (err)
891 return err;
892 cifs_mount_lock();
893 ret = smb3_get_tree_common(fc);
894 cifs_mount_unlock();
895 return ret;
896 }
897
smb3_fs_context_free(struct fs_context * fc)898 static void smb3_fs_context_free(struct fs_context *fc)
899 {
900 struct smb3_fs_context *ctx = smb3_fc2context(fc);
901
902 smb3_cleanup_fs_context(ctx);
903 }
904
905 /*
906 * Compare the old and new proposed context during reconfigure
907 * and check if the changes are compatible.
908 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx,bool need_recon)909 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
910 struct smb3_fs_context *new_ctx,
911 struct smb3_fs_context *old_ctx, bool need_recon)
912 {
913 if (new_ctx->posix_paths != old_ctx->posix_paths) {
914 cifs_errorf(fc, "can not change posixpaths during remount\n");
915 return -EINVAL;
916 }
917 if (new_ctx->sectype != old_ctx->sectype) {
918 cifs_errorf(fc, "can not change sec during remount\n");
919 return -EINVAL;
920 }
921 if (new_ctx->multiuser != old_ctx->multiuser) {
922 cifs_errorf(fc, "can not change multiuser during remount\n");
923 return -EINVAL;
924 }
925 if (new_ctx->UNC &&
926 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
927 cifs_errorf(fc, "can not change UNC during remount\n");
928 return -EINVAL;
929 }
930 if (new_ctx->username &&
931 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
932 cifs_errorf(fc, "can not change username during remount\n");
933 return -EINVAL;
934 }
935 if (new_ctx->password &&
936 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
937 if (need_recon == false) {
938 cifs_errorf(fc,
939 "can not change password of active session during remount\n");
940 return -EINVAL;
941 } else if (old_ctx->sectype == Kerberos) {
942 cifs_errorf(fc,
943 "can not change password for Kerberos via remount\n");
944 return -EINVAL;
945 }
946 }
947 if (new_ctx->domainname &&
948 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
949 cifs_errorf(fc, "can not change domainname during remount\n");
950 return -EINVAL;
951 }
952 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
953 cifs_errorf(fc, "can not change workstation_name during remount\n");
954 return -EINVAL;
955 }
956 if (new_ctx->nodename &&
957 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
958 cifs_errorf(fc, "can not change nodename during remount\n");
959 return -EINVAL;
960 }
961 if (new_ctx->iocharset &&
962 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
963 cifs_errorf(fc, "can not change iocharset during remount\n");
964 return -EINVAL;
965 }
966 if (new_ctx->unicode != old_ctx->unicode) {
967 cifs_errorf(fc, "can not change unicode during remount\n");
968 return -EINVAL;
969 }
970 if (new_ctx->rfc1001_sessinit != old_ctx->rfc1001_sessinit) {
971 cifs_errorf(fc, "can not change nbsessinit during remount\n");
972 return -EINVAL;
973 }
974
975 return 0;
976 }
977
978 #define STEAL_STRING(cifs_sb, ctx, field) \
979 do { \
980 kfree(ctx->field); \
981 ctx->field = cifs_sb->ctx->field; \
982 cifs_sb->ctx->field = NULL; \
983 } while (0)
984
985 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \
986 do { \
987 kfree_sensitive(ctx->field); \
988 ctx->field = cifs_sb->ctx->field; \
989 cifs_sb->ctx->field = NULL; \
990 } while (0)
991
smb3_sync_session_ctx_passwords(struct cifs_sb_info * cifs_sb,struct cifs_ses * ses)992 int smb3_sync_session_ctx_passwords(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses)
993 {
994 if (ses->password &&
995 cifs_sb->ctx->password &&
996 strcmp(ses->password, cifs_sb->ctx->password)) {
997 kfree_sensitive(cifs_sb->ctx->password);
998 cifs_sb->ctx->password = kstrdup(ses->password, GFP_KERNEL);
999 if (!cifs_sb->ctx->password)
1000 return -ENOMEM;
1001 }
1002 if (ses->password2 &&
1003 cifs_sb->ctx->password2 &&
1004 strcmp(ses->password2, cifs_sb->ctx->password2)) {
1005 kfree_sensitive(cifs_sb->ctx->password2);
1006 cifs_sb->ctx->password2 = kstrdup(ses->password2, GFP_KERNEL);
1007 if (!cifs_sb->ctx->password2) {
1008 kfree_sensitive(cifs_sb->ctx->password);
1009 cifs_sb->ctx->password = NULL;
1010 return -ENOMEM;
1011 }
1012 }
1013 return 0;
1014 }
1015
smb3_reconfigure(struct fs_context * fc)1016 static int smb3_reconfigure(struct fs_context *fc)
1017 {
1018 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1019 struct dentry *root = fc->root;
1020 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
1021 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses;
1022 unsigned int rsize = ctx->rsize, wsize = ctx->wsize;
1023 char *new_password = NULL, *new_password2 = NULL;
1024 bool need_recon = false;
1025 int rc;
1026
1027 if (ses->expired_pwd)
1028 need_recon = true;
1029
1030 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon);
1031 if (rc)
1032 return rc;
1033
1034 /*
1035 * We can not change UNC/username/password/domainname/
1036 * workstation_name/nodename/iocharset
1037 * during reconnect so ignore what we have in the new context and
1038 * just use what we already have in cifs_sb->ctx.
1039 */
1040 STEAL_STRING(cifs_sb, ctx, UNC);
1041 STEAL_STRING(cifs_sb, ctx, source);
1042 STEAL_STRING(cifs_sb, ctx, username);
1043
1044 if (need_recon == false)
1045 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1046 else {
1047 if (ctx->password) {
1048 new_password = kstrdup(ctx->password, GFP_KERNEL);
1049 if (!new_password)
1050 return -ENOMEM;
1051 } else
1052 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1053 }
1054
1055 /*
1056 * if a new password2 has been specified, then reset it's value
1057 * inside the ses struct
1058 */
1059 if (ctx->password2) {
1060 new_password2 = kstrdup(ctx->password2, GFP_KERNEL);
1061 if (!new_password2) {
1062 kfree_sensitive(new_password);
1063 return -ENOMEM;
1064 }
1065 } else
1066 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password2);
1067
1068 /*
1069 * we may update the passwords in the ses struct below. Make sure we do
1070 * not race with smb2_reconnect
1071 */
1072 mutex_lock(&ses->session_mutex);
1073
1074 /*
1075 * smb2_reconnect may swap password and password2 in case session setup
1076 * failed. First get ctx passwords in sync with ses passwords. It should
1077 * be okay to do this even if this function were to return an error at a
1078 * later stage
1079 */
1080 rc = smb3_sync_session_ctx_passwords(cifs_sb, ses);
1081 if (rc) {
1082 mutex_unlock(&ses->session_mutex);
1083 return rc;
1084 }
1085
1086 /*
1087 * now that allocations for passwords are done, commit them
1088 */
1089 if (new_password) {
1090 kfree_sensitive(ses->password);
1091 ses->password = new_password;
1092 }
1093 if (new_password2) {
1094 kfree_sensitive(ses->password2);
1095 ses->password2 = new_password2;
1096 }
1097
1098 mutex_unlock(&ses->session_mutex);
1099
1100 STEAL_STRING(cifs_sb, ctx, domainname);
1101 STEAL_STRING(cifs_sb, ctx, nodename);
1102 STEAL_STRING(cifs_sb, ctx, iocharset);
1103
1104 /* if rsize or wsize not passed in on remount, use previous values */
1105 ctx->rsize = rsize ? CIFS_ALIGN_RSIZE(fc, rsize) : cifs_sb->ctx->rsize;
1106 ctx->wsize = wsize ? CIFS_ALIGN_WSIZE(fc, wsize) : cifs_sb->ctx->wsize;
1107
1108 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
1109 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
1110 smb3_update_mnt_flags(cifs_sb);
1111 #ifdef CONFIG_CIFS_DFS_UPCALL
1112 if (!rc)
1113 rc = dfs_cache_remount_fs(cifs_sb);
1114 #endif
1115
1116 return rc;
1117 }
1118
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)1119 static int smb3_fs_context_parse_param(struct fs_context *fc,
1120 struct fs_parameter *param)
1121 {
1122 struct fs_parse_result result;
1123 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1124 int i, opt;
1125 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
1126 bool skip_parsing = false;
1127 char *hostname;
1128
1129 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
1130
1131 /*
1132 * fs_parse can not handle string options with an empty value so
1133 * we will need special handling of them.
1134 */
1135 if (param->type == fs_value_is_string && param->string[0] == 0) {
1136 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
1137 skip_parsing = true;
1138 opt = Opt_pass;
1139 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
1140 skip_parsing = true;
1141 opt = Opt_user;
1142 } else if (!strcmp("pass2", param->key) || !strcmp("password2", param->key)) {
1143 skip_parsing = true;
1144 opt = Opt_pass2;
1145 }
1146 }
1147
1148 if (!skip_parsing) {
1149 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
1150 if (opt < 0)
1151 return ctx->sloppy ? 1 : opt;
1152 }
1153
1154 switch (opt) {
1155 case Opt_compress:
1156 if (!IS_ENABLED(CONFIG_CIFS_COMPRESSION)) {
1157 cifs_errorf(fc, "CONFIG_CIFS_COMPRESSION kernel config option is unset\n");
1158 goto cifs_parse_mount_err;
1159 }
1160 ctx->compress = true;
1161 cifs_dbg(VFS, "SMB3 compression support is experimental\n");
1162 break;
1163 case Opt_nodfs:
1164 ctx->nodfs = 1;
1165 break;
1166 case Opt_hard:
1167 if (result.negated) {
1168 if (ctx->retry == 1)
1169 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n");
1170 ctx->retry = 0;
1171 } else
1172 ctx->retry = 1;
1173 break;
1174 case Opt_soft:
1175 if (result.negated)
1176 ctx->retry = 1;
1177 else {
1178 if (ctx->retry == 1)
1179 cifs_dbg(VFS, "conflicting hard vs soft mount options\n");
1180 ctx->retry = 0;
1181 }
1182 break;
1183 case Opt_mapposix:
1184 if (result.negated)
1185 ctx->remap = false;
1186 else {
1187 ctx->remap = true;
1188 ctx->sfu_remap = false; /* disable SFU mapping */
1189 }
1190 break;
1191 case Opt_mapchars:
1192 if (result.negated)
1193 ctx->sfu_remap = false;
1194 else {
1195 ctx->sfu_remap = true;
1196 ctx->remap = false; /* disable SFM (mapposix) mapping */
1197 }
1198 break;
1199 case Opt_user_xattr:
1200 if (result.negated)
1201 ctx->no_xattr = 1;
1202 else
1203 ctx->no_xattr = 0;
1204 break;
1205 case Opt_forceuid:
1206 if (result.negated)
1207 ctx->override_uid = 0;
1208 else
1209 ctx->override_uid = 1;
1210 ctx->forceuid_specified = true;
1211 break;
1212 case Opt_forcegid:
1213 if (result.negated)
1214 ctx->override_gid = 0;
1215 else
1216 ctx->override_gid = 1;
1217 ctx->forcegid_specified = true;
1218 break;
1219 case Opt_perm:
1220 if (result.negated)
1221 ctx->noperm = 1;
1222 else
1223 ctx->noperm = 0;
1224 break;
1225 case Opt_dynperm:
1226 if (result.negated)
1227 ctx->dynperm = 0;
1228 else
1229 ctx->dynperm = 1;
1230 break;
1231 case Opt_sfu:
1232 if (result.negated)
1233 ctx->sfu_emul = 0;
1234 else
1235 ctx->sfu_emul = 1;
1236 break;
1237 case Opt_noblocksend:
1238 ctx->noblocksnd = 1;
1239 break;
1240 case Opt_noautotune:
1241 ctx->noautotune = 1;
1242 break;
1243 case Opt_nolease:
1244 ctx->no_lease = 1;
1245 break;
1246 case Opt_nosparse:
1247 ctx->no_sparse = 1;
1248 break;
1249 case Opt_nodelete:
1250 ctx->nodelete = 1;
1251 break;
1252 case Opt_multichannel:
1253 if (result.negated) {
1254 ctx->multichannel = false;
1255 ctx->max_channels = 1;
1256 } else {
1257 ctx->multichannel = true;
1258 /* if number of channels not specified, default to 2 */
1259 if (ctx->max_channels < 2)
1260 ctx->max_channels = 2;
1261 }
1262 break;
1263 case Opt_uid:
1264 ctx->linux_uid = result.uid;
1265 ctx->uid_specified = true;
1266 break;
1267 case Opt_cruid:
1268 ctx->cred_uid = result.uid;
1269 ctx->cruid_specified = true;
1270 break;
1271 case Opt_backupuid:
1272 ctx->backupuid = result.uid;
1273 ctx->backupuid_specified = true;
1274 break;
1275 case Opt_backupgid:
1276 ctx->backupgid = result.gid;
1277 ctx->backupgid_specified = true;
1278 break;
1279 case Opt_gid:
1280 ctx->linux_gid = result.gid;
1281 ctx->gid_specified = true;
1282 break;
1283 case Opt_port:
1284 ctx->port = result.uint_32;
1285 break;
1286 case Opt_file_mode:
1287 ctx->file_mode = result.uint_32;
1288 break;
1289 case Opt_dirmode:
1290 ctx->dir_mode = result.uint_32;
1291 break;
1292 case Opt_min_enc_offload:
1293 ctx->min_offload = result.uint_32;
1294 break;
1295 case Opt_retrans:
1296 ctx->retrans = result.uint_32;
1297 break;
1298 case Opt_blocksize:
1299 /*
1300 * inode blocksize realistically should never need to be
1301 * less than 16K or greater than 16M and default is 1MB.
1302 * Note that small inode block sizes (e.g. 64K) can lead
1303 * to very poor performance of common tools like cp and scp
1304 */
1305 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1306 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1307 cifs_errorf(fc, "%s: Invalid blocksize\n",
1308 __func__);
1309 goto cifs_parse_mount_err;
1310 }
1311 ctx->bsize = CIFS_ALIGN_BSIZE(fc, result.uint_32);
1312 ctx->got_bsize = true;
1313 break;
1314 case Opt_rasize:
1315 /*
1316 * readahead size realistically should never need to be
1317 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1318 * (perhaps an exception should be considered in the
1319 * for the case of a large number of channels
1320 * when multichannel is negotiated) since that would lead
1321 * to plenty of parallel I/O in flight to the server.
1322 * Note that smaller read ahead sizes would
1323 * hurt performance of common tools like cp and scp
1324 * which often trigger sequential i/o with read ahead
1325 */
1326 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1327 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1328 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1329 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1330 goto cifs_parse_mount_err;
1331 }
1332 ctx->rasize = result.uint_32;
1333 break;
1334 case Opt_rsize:
1335 ctx->rsize = CIFS_ALIGN_RSIZE(fc, result.uint_32);
1336 ctx->got_rsize = true;
1337 ctx->vol_rsize = ctx->rsize;
1338 break;
1339 case Opt_wsize:
1340 ctx->wsize = CIFS_ALIGN_WSIZE(fc, result.uint_32);
1341 ctx->got_wsize = true;
1342 ctx->vol_wsize = ctx->wsize;
1343 break;
1344 case Opt_acregmax:
1345 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1346 cifs_errorf(fc, "acregmax too large\n");
1347 goto cifs_parse_mount_err;
1348 }
1349 ctx->acregmax = HZ * result.uint_32;
1350 break;
1351 case Opt_acdirmax:
1352 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1353 cifs_errorf(fc, "acdirmax too large\n");
1354 goto cifs_parse_mount_err;
1355 }
1356 ctx->acdirmax = HZ * result.uint_32;
1357 break;
1358 case Opt_actimeo:
1359 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1360 cifs_errorf(fc, "timeout too large\n");
1361 goto cifs_parse_mount_err;
1362 }
1363 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1364 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1365 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1366 break;
1367 }
1368 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1369 break;
1370 case Opt_closetimeo:
1371 if (result.uint_32 > SMB3_MAX_DCLOSETIMEO / HZ) {
1372 cifs_errorf(fc, "closetimeo too large\n");
1373 goto cifs_parse_mount_err;
1374 }
1375 ctx->closetimeo = HZ * result.uint_32;
1376 break;
1377 case Opt_echo_interval:
1378 if (result.uint_32 < SMB_ECHO_INTERVAL_MIN ||
1379 result.uint_32 > SMB_ECHO_INTERVAL_MAX) {
1380 cifs_errorf(fc, "echo interval is out of bounds\n");
1381 goto cifs_parse_mount_err;
1382 }
1383 ctx->echo_interval = result.uint_32;
1384 break;
1385 case Opt_snapshot:
1386 ctx->snapshot_time = result.uint_64;
1387 break;
1388 case Opt_max_credits:
1389 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1390 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1391 __func__);
1392 goto cifs_parse_mount_err;
1393 }
1394 ctx->max_credits = result.uint_32;
1395 break;
1396 case Opt_max_channels:
1397 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1398 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1399 __func__, CIFS_MAX_CHANNELS);
1400 goto cifs_parse_mount_err;
1401 }
1402 ctx->max_channels = result.uint_32;
1403 /* If more than one channel requested ... they want multichan */
1404 if (result.uint_32 > 1)
1405 ctx->multichannel = true;
1406 break;
1407 case Opt_max_cached_dirs:
1408 if (result.uint_32 < 1) {
1409 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n",
1410 __func__);
1411 goto cifs_parse_mount_err;
1412 }
1413 ctx->max_cached_dirs = result.uint_32;
1414 break;
1415 case Opt_handletimeout:
1416 ctx->handle_timeout = result.uint_32;
1417 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1418 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1419 goto cifs_parse_mount_err;
1420 }
1421 break;
1422 case Opt_source:
1423 kfree(ctx->UNC);
1424 ctx->UNC = NULL;
1425 switch (smb3_parse_devname(param->string, ctx)) {
1426 case 0:
1427 break;
1428 case -ENOMEM:
1429 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1430 goto cifs_parse_mount_err;
1431 case -EINVAL:
1432 cifs_errorf(fc, "Malformed UNC in devname\n");
1433 goto cifs_parse_mount_err;
1434 default:
1435 cifs_errorf(fc, "Unknown error parsing devname\n");
1436 goto cifs_parse_mount_err;
1437 }
1438 kfree(ctx->source);
1439 ctx->source = smb3_fs_context_fullpath(ctx, '/');
1440 if (IS_ERR(ctx->source)) {
1441 ctx->source = NULL;
1442 cifs_errorf(fc, "OOM when copying UNC string\n");
1443 goto cifs_parse_mount_err;
1444 }
1445 kfree(fc->source);
1446 fc->source = kstrdup(ctx->source, GFP_KERNEL);
1447 if (fc->source == NULL) {
1448 cifs_errorf(fc, "OOM when copying UNC string\n");
1449 goto cifs_parse_mount_err;
1450 }
1451 hostname = extract_hostname(ctx->UNC);
1452 if (IS_ERR(hostname)) {
1453 cifs_errorf(fc, "Cannot extract hostname from UNC string\n");
1454 goto cifs_parse_mount_err;
1455 }
1456 /* last byte, type, is 0x20 for servr type */
1457 memset(ctx->target_rfc1001_name, 0x20, RFC1001_NAME_LEN_WITH_NULL);
1458 for (i = 0; i < RFC1001_NAME_LEN && hostname[i] != 0; i++)
1459 ctx->target_rfc1001_name[i] = toupper(hostname[i]);
1460 kfree(hostname);
1461 break;
1462 case Opt_user:
1463 kfree(ctx->username);
1464 ctx->username = NULL;
1465 if (ctx->nullauth)
1466 break;
1467 if (strlen(param->string) == 0) {
1468 /* null user, ie. anonymous authentication */
1469 ctx->nullauth = 1;
1470 break;
1471 }
1472
1473 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) ==
1474 CIFS_MAX_USERNAME_LEN) {
1475 pr_warn("username too long\n");
1476 goto cifs_parse_mount_err;
1477 }
1478 ctx->username = no_free_ptr(param->string);
1479 break;
1480 case Opt_pass:
1481 kfree_sensitive(ctx->password);
1482 ctx->password = NULL;
1483 if (strlen(param->string) == 0)
1484 break;
1485 ctx->password = no_free_ptr(param->string);
1486 break;
1487 case Opt_pass2:
1488 kfree_sensitive(ctx->password2);
1489 ctx->password2 = NULL;
1490 if (strlen(param->string) == 0)
1491 break;
1492 ctx->password2 = no_free_ptr(param->string);
1493 break;
1494 case Opt_ip:
1495 if (strlen(param->string) == 0) {
1496 ctx->got_ip = false;
1497 break;
1498 }
1499 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1500 param->string,
1501 strlen(param->string))) {
1502 pr_err("bad ip= option (%s)\n", param->string);
1503 goto cifs_parse_mount_err;
1504 }
1505 ctx->got_ip = true;
1506 break;
1507 case Opt_domain:
1508 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1509 == CIFS_MAX_DOMAINNAME_LEN) {
1510 pr_warn("domain name too long\n");
1511 goto cifs_parse_mount_err;
1512 }
1513
1514 kfree(ctx->domainname);
1515 ctx->domainname = no_free_ptr(param->string);
1516 cifs_dbg(FYI, "Domain name set\n");
1517 break;
1518 case Opt_srcaddr:
1519 if (!cifs_convert_address(
1520 (struct sockaddr *)&ctx->srcaddr,
1521 param->string, strlen(param->string))) {
1522 pr_warn("Could not parse srcaddr: %s\n",
1523 param->string);
1524 goto cifs_parse_mount_err;
1525 }
1526 break;
1527 case Opt_iocharset:
1528 if (strnlen(param->string, 1024) >= 65) {
1529 pr_warn("iocharset name too long\n");
1530 goto cifs_parse_mount_err;
1531 }
1532
1533 if (strncasecmp(param->string, "default", 7) != 0) {
1534 kfree(ctx->iocharset);
1535 ctx->iocharset = no_free_ptr(param->string);
1536 }
1537 /* if iocharset not set then load_nls_default
1538 * is used by caller
1539 */
1540 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1541 break;
1542 case Opt_netbiosname:
1543 memset(ctx->source_rfc1001_name, 0x20,
1544 RFC1001_NAME_LEN);
1545 /*
1546 * FIXME: are there cases in which a comma can
1547 * be valid in workstation netbios name (and
1548 * need special handling)?
1549 */
1550 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1551 /* don't ucase netbiosname for user */
1552 if (param->string[i] == 0)
1553 break;
1554 ctx->source_rfc1001_name[i] = param->string[i];
1555 }
1556 /* The string has 16th byte zero still from
1557 * set at top of the function
1558 */
1559 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1560 pr_warn("netbiosname longer than 15 truncated\n");
1561 break;
1562 case Opt_servern:
1563 /* last byte, type, is 0x20 for servr type */
1564 memset(ctx->target_rfc1001_name, 0x20,
1565 RFC1001_NAME_LEN_WITH_NULL);
1566 /*
1567 * BB are there cases in which a comma can be valid in this
1568 * workstation netbios name (and need special handling)?
1569 */
1570
1571 /* user or mount helper must uppercase the netbios name */
1572 for (i = 0; i < 15; i++) {
1573 if (param->string[i] == 0)
1574 break;
1575 ctx->target_rfc1001_name[i] = param->string[i];
1576 }
1577
1578 /* The string has 16th byte zero still from set at top of function */
1579 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1580 pr_warn("server netbiosname longer than 15 truncated\n");
1581 break;
1582 case Opt_nbsessinit:
1583 ctx->rfc1001_sessinit = !result.negated;
1584 cifs_dbg(FYI, "rfc1001_sessinit set to %d\n", ctx->rfc1001_sessinit);
1585 break;
1586 case Opt_ver:
1587 /* version of mount userspace tools, not dialect */
1588 /* If interface changes in mount.cifs bump to new ver */
1589 if (strncasecmp(param->string, "1", 1) == 0) {
1590 if (strlen(param->string) > 1) {
1591 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1592 param->string);
1593 goto cifs_parse_mount_err;
1594 }
1595 /* This is the default */
1596 break;
1597 }
1598 /* For all other value, error */
1599 pr_warn("Invalid mount helper version specified\n");
1600 goto cifs_parse_mount_err;
1601 case Opt_vers:
1602 /* protocol version (dialect) */
1603 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1604 goto cifs_parse_mount_err;
1605 ctx->got_version = true;
1606 break;
1607 case Opt_sec:
1608 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1609 goto cifs_parse_mount_err;
1610 break;
1611 case Opt_upcalltarget:
1612 if (cifs_parse_upcall_target(fc, param->string, ctx) != 0)
1613 goto cifs_parse_mount_err;
1614 break;
1615 case Opt_cache:
1616 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1617 goto cifs_parse_mount_err;
1618 break;
1619 case Opt_witness:
1620 #ifndef CONFIG_CIFS_SWN_UPCALL
1621 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1622 goto cifs_parse_mount_err;
1623 #endif
1624 ctx->witness = true;
1625 pr_warn_once("Witness protocol support is experimental\n");
1626 break;
1627 case Opt_unicode:
1628 ctx->unicode = !result.negated;
1629 cifs_dbg(FYI, "unicode set to %d\n", ctx->unicode);
1630 break;
1631 case Opt_rootfs:
1632 #ifndef CONFIG_CIFS_ROOT
1633 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1634 goto cifs_parse_mount_err;
1635 #endif
1636 ctx->rootfs = true;
1637 break;
1638 case Opt_posixpaths:
1639 if (result.negated)
1640 ctx->posix_paths = 0;
1641 else
1642 ctx->posix_paths = 1;
1643 break;
1644 case Opt_unix:
1645 if (result.negated) {
1646 if (ctx->linux_ext == 1)
1647 pr_warn_once("conflicting posix mount options specified\n");
1648 ctx->linux_ext = 0;
1649 ctx->no_linux_ext = 1;
1650 } else {
1651 if (ctx->no_linux_ext == 1)
1652 pr_warn_once("conflicting posix mount options specified\n");
1653 ctx->linux_ext = 1;
1654 ctx->no_linux_ext = 0;
1655 ctx->nonativesocket = 1; /* POSIX mounts use NFS style reparse points */
1656 }
1657 break;
1658 case Opt_nocase:
1659 ctx->nocase = 1;
1660 break;
1661 case Opt_brl:
1662 if (result.negated) {
1663 /*
1664 * turn off mandatory locking in mode
1665 * if remote locking is turned off since the
1666 * local vfs will do advisory
1667 */
1668 if (ctx->file_mode ==
1669 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1670 ctx->file_mode = S_IALLUGO;
1671 ctx->nobrl = 1;
1672 } else
1673 ctx->nobrl = 0;
1674 break;
1675 case Opt_handlecache:
1676 if (result.negated)
1677 ctx->nohandlecache = 1;
1678 else
1679 ctx->nohandlecache = 0;
1680 break;
1681 case Opt_forcemandatorylock:
1682 ctx->mand_lock = 1;
1683 break;
1684 case Opt_setuids:
1685 ctx->setuids = result.negated;
1686 break;
1687 case Opt_intr:
1688 ctx->intr = !result.negated;
1689 break;
1690 case Opt_setuidfromacl:
1691 ctx->setuidfromacl = 1;
1692 break;
1693 case Opt_strictsync:
1694 ctx->nostrictsync = result.negated;
1695 break;
1696 case Opt_serverino:
1697 ctx->server_ino = !result.negated;
1698 break;
1699 case Opt_rwpidforward:
1700 ctx->rwpidforward = 1;
1701 break;
1702 case Opt_modesid:
1703 ctx->mode_ace = 1;
1704 break;
1705 case Opt_cifsacl:
1706 ctx->cifs_acl = !result.negated;
1707 break;
1708 case Opt_acl:
1709 ctx->no_psx_acl = result.negated;
1710 break;
1711 case Opt_locallease:
1712 ctx->local_lease = 1;
1713 break;
1714 case Opt_sign:
1715 ctx->sign = true;
1716 break;
1717 case Opt_ignore_signature:
1718 ctx->sign = true;
1719 ctx->ignore_signature = true;
1720 break;
1721 case Opt_seal:
1722 /* we do not do the following in secFlags because seal
1723 * is a per tree connection (mount) not a per socket
1724 * or per-smb connection option in the protocol
1725 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1726 */
1727 ctx->seal = 1;
1728 break;
1729 case Opt_noac:
1730 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1731 break;
1732 case Opt_fsc:
1733 #ifndef CONFIG_CIFS_FSCACHE
1734 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1735 goto cifs_parse_mount_err;
1736 #endif
1737 ctx->fsc = true;
1738 break;
1739 case Opt_mfsymlinks:
1740 ctx->mfsymlinks = true;
1741 break;
1742 case Opt_multiuser:
1743 ctx->multiuser = true;
1744 break;
1745 case Opt_sloppy:
1746 ctx->sloppy = true;
1747 break;
1748 case Opt_nosharesock:
1749 ctx->nosharesock = true;
1750 break;
1751 case Opt_persistent:
1752 if (result.negated) {
1753 ctx->nopersistent = true;
1754 if (ctx->persistent) {
1755 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1756 goto cifs_parse_mount_err;
1757 }
1758 } else {
1759 ctx->persistent = true;
1760 if ((ctx->nopersistent) || (ctx->resilient)) {
1761 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1762 goto cifs_parse_mount_err;
1763 }
1764 }
1765 break;
1766 case Opt_resilient:
1767 if (result.negated) {
1768 ctx->resilient = false; /* already the default */
1769 } else {
1770 ctx->resilient = true;
1771 if (ctx->persistent) {
1772 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1773 goto cifs_parse_mount_err;
1774 }
1775 }
1776 break;
1777 case Opt_tcp_nodelay:
1778 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1779 if (result.negated)
1780 ctx->sockopt_tcp_nodelay = false;
1781 else
1782 ctx->sockopt_tcp_nodelay = true;
1783 break;
1784 case Opt_domainauto:
1785 ctx->domainauto = true;
1786 break;
1787 case Opt_rdma:
1788 ctx->rdma = true;
1789 break;
1790 case Opt_reparse:
1791 if (parse_reparse_flavor(fc, param->string, ctx))
1792 goto cifs_parse_mount_err;
1793 break;
1794 case Opt_nativesocket:
1795 ctx->nonativesocket = result.negated;
1796 break;
1797 case Opt_symlink:
1798 if (parse_symlink_flavor(fc, param->string, ctx))
1799 goto cifs_parse_mount_err;
1800 break;
1801 case Opt_symlinkroot:
1802 if (param->string[0] != '/') {
1803 cifs_errorf(fc, "symlinkroot mount options must be absolute path\n");
1804 goto cifs_parse_mount_err;
1805 }
1806 if (strnlen(param->string, PATH_MAX) == PATH_MAX) {
1807 cifs_errorf(fc, "symlinkroot path too long (max path length: %u)\n",
1808 PATH_MAX - 1);
1809 goto cifs_parse_mount_err;
1810 }
1811 kfree(ctx->symlinkroot);
1812 ctx->symlinkroot = param->string;
1813 param->string = NULL;
1814 break;
1815 }
1816 /* case Opt_ignore: - is ignored as expected ... */
1817
1818 if (ctx->multiuser && ctx->upcall_target == UPTARGET_MOUNT) {
1819 cifs_errorf(fc, "multiuser mount option not supported with upcalltarget set as 'mount'\n");
1820 goto cifs_parse_mount_err;
1821 }
1822
1823 /*
1824 * Multichannel is not meaningful if max_channels is 1.
1825 * Force multichannel to false to ensure consistent configuration.
1826 */
1827 if (ctx->multichannel && ctx->max_channels == 1)
1828 ctx->multichannel = false;
1829
1830 return 0;
1831
1832 cifs_parse_mount_err:
1833 kfree_sensitive(ctx->password);
1834 ctx->password = NULL;
1835 kfree_sensitive(ctx->password2);
1836 ctx->password2 = NULL;
1837 return -EINVAL;
1838 }
1839
smb3_init_fs_context(struct fs_context * fc)1840 int smb3_init_fs_context(struct fs_context *fc)
1841 {
1842 struct smb3_fs_context *ctx;
1843 char *nodename = utsname()->nodename;
1844 int i;
1845
1846 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1847 if (unlikely(!ctx))
1848 return -ENOMEM;
1849
1850 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1851
1852 /*
1853 * does not have to be perfect mapping since field is
1854 * informational, only used for servers that do not support
1855 * port 445 and it can be overridden at mount time
1856 */
1857 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1858 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1859 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1860 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1861
1862 /*
1863 * null target name indicates to use *SMBSERVR default called name
1864 * if we end up sending RFC1001 session initialize
1865 */
1866 ctx->target_rfc1001_name[0] = 0;
1867
1868 ctx->rfc1001_sessinit = -1; /* autodetect based on port number */
1869
1870 ctx->cred_uid = current_uid();
1871 ctx->linux_uid = current_uid();
1872 ctx->linux_gid = current_gid();
1873 /* By default 4MB read ahead size, 1MB block size */
1874 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1875 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1876
1877 /*
1878 * default to SFM style remapping of seven reserved characters
1879 * unless user overrides it or we negotiate CIFS POSIX where
1880 * it is unnecessary. Can not simultaneously use more than one mapping
1881 * since then readdir could list files that open could not open
1882 */
1883 ctx->remap = true;
1884
1885 /* default to only allowing write access to owner of the mount */
1886 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1887
1888 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1889 /* default is always to request posix paths. */
1890 ctx->posix_paths = 1;
1891 /* default to using server inode numbers where available */
1892 ctx->server_ino = 1;
1893
1894 /* default is to use strict cifs caching semantics */
1895 ctx->strict_io = true;
1896
1897 ctx->acregmax = CIFS_DEF_ACTIMEO;
1898 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1899 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1900 ctx->max_cached_dirs = MAX_CACHED_FIDS;
1901 /* Most clients set timeout to 0, allows server to use its default */
1902 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1903
1904 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1905 ctx->ops = &smb30_operations;
1906 ctx->vals = &smbdefault_values;
1907
1908 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1909
1910 /* default to no multichannel (single server connection) */
1911 ctx->multichannel = false;
1912 ctx->max_channels = 1;
1913
1914 ctx->backupuid_specified = false; /* no backup intent for a user */
1915 ctx->backupgid_specified = false; /* no backup intent for a group */
1916
1917 ctx->retrans = 1;
1918 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
1919 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
1920 ctx->nonativesocket = 0;
1921
1922 ctx->unicode = -1; /* autodetect, but prefer UNICODE mode */
1923
1924 /*
1925 * short int override_uid = -1;
1926 * short int override_gid = -1;
1927 * char *nodename = strdup(utsname()->nodename);
1928 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1929 */
1930
1931 fc->fs_private = ctx;
1932 fc->ops = &smb3_fs_context_ops;
1933 return 0;
1934 }
1935
1936 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1937 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1938 {
1939 if (ctx == NULL)
1940 return;
1941
1942 /*
1943 * Make sure this stays in sync with smb3_fs_context_dup()
1944 */
1945 kfree(ctx->username);
1946 ctx->username = NULL;
1947 kfree_sensitive(ctx->password);
1948 ctx->password = NULL;
1949 kfree_sensitive(ctx->password2);
1950 ctx->password2 = NULL;
1951 kfree(ctx->server_hostname);
1952 ctx->server_hostname = NULL;
1953 kfree(ctx->UNC);
1954 ctx->UNC = NULL;
1955 kfree(ctx->source);
1956 ctx->source = NULL;
1957 kfree(ctx->domainname);
1958 ctx->domainname = NULL;
1959 kfree(ctx->nodename);
1960 ctx->nodename = NULL;
1961 kfree(ctx->iocharset);
1962 ctx->iocharset = NULL;
1963 kfree(ctx->prepath);
1964 ctx->prepath = NULL;
1965 kfree(ctx->leaf_fullpath);
1966 ctx->leaf_fullpath = NULL;
1967 kfree(ctx->dns_dom);
1968 ctx->dns_dom = NULL;
1969 kfree(ctx->symlinkroot);
1970 ctx->symlinkroot = NULL;
1971 }
1972
1973 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1974 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1975 {
1976 if (!ctx)
1977 return;
1978 smb3_cleanup_fs_context_contents(ctx);
1979 kfree(ctx);
1980 }
1981
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1982 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1983 {
1984 struct smb3_fs_context *ctx = cifs_sb->ctx;
1985
1986 if (ctx->nodfs)
1987 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1988 else
1989 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1990
1991 if (ctx->noperm)
1992 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1993 else
1994 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1995
1996 if (ctx->setuids)
1997 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1998 else
1999 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
2000
2001 if (ctx->setuidfromacl)
2002 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
2003 else
2004 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
2005
2006 if (ctx->server_ino)
2007 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2008 else
2009 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
2010
2011 if (ctx->remap)
2012 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
2013 else
2014 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
2015
2016 if (ctx->sfu_remap)
2017 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2018 else
2019 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
2020
2021 if (ctx->no_xattr)
2022 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2023 else
2024 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
2025
2026 if (ctx->sfu_emul)
2027 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2028 else
2029 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
2030
2031 if (ctx->nobrl)
2032 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2033 else
2034 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
2035
2036 if (ctx->nohandlecache)
2037 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
2038 else
2039 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
2040
2041 if (ctx->nostrictsync)
2042 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2043 else
2044 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
2045
2046 if (ctx->mand_lock)
2047 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2048 else
2049 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
2050
2051 if (ctx->rwpidforward)
2052 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
2053 else
2054 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
2055
2056 if (ctx->mode_ace)
2057 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
2058 else
2059 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
2060
2061 if (ctx->cifs_acl)
2062 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2063 else
2064 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
2065
2066 if (ctx->backupuid_specified)
2067 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
2068 else
2069 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
2070
2071 if (ctx->backupgid_specified)
2072 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
2073 else
2074 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
2075
2076 if (ctx->override_uid)
2077 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2078 else
2079 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
2080
2081 if (ctx->override_gid)
2082 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2083 else
2084 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
2085
2086 if (ctx->dynperm)
2087 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2088 else
2089 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
2090
2091 if (ctx->fsc)
2092 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2093 else
2094 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
2095
2096 if (ctx->multiuser)
2097 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2098 CIFS_MOUNT_NO_PERM);
2099 else
2100 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
2101
2102
2103 if (ctx->strict_io)
2104 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2105 else
2106 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
2107
2108 if (ctx->direct_io)
2109 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2110 else
2111 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
2112
2113 if (ctx->mfsymlinks)
2114 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2115 else
2116 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
2117 if (ctx->mfsymlinks) {
2118 if (ctx->sfu_emul) {
2119 /*
2120 * Our SFU ("Services for Unix") emulation allows now
2121 * creating new and reading existing SFU symlinks.
2122 * Older Linux kernel versions were not able to neither
2123 * read existing nor create new SFU symlinks. But
2124 * creating and reading SFU style mknod and FIFOs was
2125 * supported for long time. When "mfsymlinks" and
2126 * "sfu" are both enabled at the same time, it allows
2127 * reading both types of symlinks, but will only create
2128 * them with mfsymlinks format. This allows better
2129 * Apple compatibility, compatibility with older Linux
2130 * kernel clients (probably better for Samba too)
2131 * while still recognizing old Windows style symlinks.
2132 */
2133 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
2134 }
2135 }
2136 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
2137
2138 return;
2139 }
2140