1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifsglob.h"
30 #include "cifsproto.h"
31 #include "cifs_unicode.h"
32 #include "cifs_debug.h"
33 #include "cifs_fs_sb.h"
34 #include "ntlmssp.h"
35 #include "nterr.h"
36 #include "rfc1002pdu.h"
37 #include "fs_context.h"
38
39 DEFINE_MUTEX(cifs_mount_mutex);
40
41 static const match_table_t cifs_smb_version_tokens = {
42 { Smb_1, SMB1_VERSION_STRING },
43 { Smb_20, SMB20_VERSION_STRING},
44 { Smb_21, SMB21_VERSION_STRING },
45 { Smb_30, SMB30_VERSION_STRING },
46 { Smb_302, SMB302_VERSION_STRING },
47 { Smb_302, ALT_SMB302_VERSION_STRING },
48 { Smb_311, SMB311_VERSION_STRING },
49 { Smb_311, ALT_SMB311_VERSION_STRING },
50 { Smb_3any, SMB3ANY_VERSION_STRING },
51 { Smb_default, SMBDEFAULT_VERSION_STRING },
52 { Smb_version_err, NULL }
53 };
54
55 static const match_table_t cifs_secflavor_tokens = {
56 { Opt_sec_krb5, "krb5" },
57 { Opt_sec_krb5i, "krb5i" },
58 { Opt_sec_krb5p, "krb5p" },
59 { Opt_sec_ntlmsspi, "ntlmsspi" },
60 { Opt_sec_ntlmssp, "ntlmssp" },
61 { Opt_sec_ntlmv2, "nontlm" },
62 { Opt_sec_ntlmv2, "ntlmv2" },
63 { Opt_sec_ntlmv2i, "ntlmv2i" },
64 { Opt_sec_none, "none" },
65
66 { Opt_sec_err, NULL }
67 };
68
69 static const match_table_t cifs_upcall_target = {
70 { Opt_upcall_target_mount, "mount" },
71 { Opt_upcall_target_application, "app" },
72 { Opt_upcall_target_err, NULL }
73 };
74
75 const struct fs_parameter_spec smb3_fs_parameters[] = {
76 /* Mount options that take no arguments */
77 fsparam_flag_no("user_xattr", Opt_user_xattr),
78 fsparam_flag_no("forceuid", Opt_forceuid),
79 fsparam_flag_no("multichannel", Opt_multichannel),
80 fsparam_flag_no("forcegid", Opt_forcegid),
81 fsparam_flag("noblocksend", Opt_noblocksend),
82 fsparam_flag("noautotune", Opt_noautotune),
83 fsparam_flag_no("lease", Opt_lease),
84 fsparam_flag_no("hard", Opt_hard),
85 fsparam_flag_no("soft", Opt_soft),
86 fsparam_flag_no("perm", Opt_perm),
87 fsparam_flag("nodelete", Opt_nodelete),
88 fsparam_flag_no("mapposix", Opt_mapposix),
89 fsparam_flag("mapchars", Opt_mapchars),
90 fsparam_flag("nomapchars", Opt_nomapchars),
91 fsparam_flag_no("sfu", Opt_sfu),
92 fsparam_flag("nodfs", Opt_nodfs),
93 fsparam_flag_no("posixpaths", Opt_posixpaths),
94 fsparam_flag_no("unix", Opt_unix),
95 fsparam_flag_no("linux", Opt_unix),
96 fsparam_flag_no("posix", Opt_unix),
97 fsparam_flag("nocase", Opt_nocase),
98 fsparam_flag("ignorecase", Opt_nocase),
99 fsparam_flag_no("brl", Opt_brl),
100 fsparam_flag_no("handlecache", Opt_handlecache),
101 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
102 fsparam_flag("forcemand", Opt_forcemandatorylock),
103 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
104 fsparam_flag("idsfromsid", Opt_setuidfromacl),
105 fsparam_flag_no("setuids", Opt_setuids),
106 fsparam_flag_no("dynperm", Opt_dynperm),
107 fsparam_flag_no("intr", Opt_intr),
108 fsparam_flag_no("strictsync", Opt_strictsync),
109 fsparam_flag_no("serverino", Opt_serverino),
110 fsparam_flag("rwpidforward", Opt_rwpidforward),
111 fsparam_flag("cifsacl", Opt_cifsacl),
112 fsparam_flag_no("acl", Opt_acl),
113 fsparam_flag("locallease", Opt_locallease),
114 fsparam_flag("sign", Opt_sign),
115 fsparam_flag("ignore_signature", Opt_ignore_signature),
116 fsparam_flag("signloosely", Opt_ignore_signature),
117 fsparam_flag("seal", Opt_seal),
118 fsparam_flag("noac", Opt_noac),
119 fsparam_flag("fsc", Opt_fsc),
120 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
121 fsparam_flag("multiuser", Opt_multiuser),
122 fsparam_flag("sloppy", Opt_sloppy),
123 fsparam_flag("nosharesock", Opt_nosharesock),
124 fsparam_flag_no("persistenthandles", Opt_persistent),
125 fsparam_flag_no("resilienthandles", Opt_resilient),
126 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
127 fsparam_flag("nosparse", Opt_nosparse),
128 fsparam_flag("domainauto", Opt_domainauto),
129 fsparam_flag("rdma", Opt_rdma),
130 fsparam_flag("modesid", Opt_modesid),
131 fsparam_flag("modefromsid", Opt_modesid),
132 fsparam_flag("rootfs", Opt_rootfs),
133 fsparam_flag("compress", Opt_compress),
134 fsparam_flag("witness", Opt_witness),
135 fsparam_flag_no("nativesocket", Opt_nativesocket),
136 fsparam_flag_no("unicode", Opt_unicode),
137 fsparam_flag_no("nbsessinit", Opt_nbsessinit),
138
139 /* Mount options which take uid or gid */
140 fsparam_uid("backupuid", Opt_backupuid),
141 fsparam_gid("backupgid", Opt_backupgid),
142 fsparam_uid("uid", Opt_uid),
143 fsparam_uid("cruid", Opt_cruid),
144 fsparam_gid("gid", Opt_gid),
145
146 /* Mount options which take numeric value */
147 fsparam_u32("file_mode", Opt_file_mode),
148 fsparam_u32("dirmode", Opt_dirmode),
149 fsparam_u32("dir_mode", Opt_dirmode),
150 fsparam_u32("port", Opt_port),
151 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
152 fsparam_u32("retrans", Opt_retrans),
153 fsparam_u32("esize", Opt_min_enc_offload),
154 fsparam_u32("bsize", Opt_blocksize),
155 fsparam_u32("rasize", Opt_rasize),
156 fsparam_u32("rsize", Opt_rsize),
157 fsparam_u32("wsize", Opt_wsize),
158 fsparam_u32("actimeo", Opt_actimeo),
159 fsparam_u32("acdirmax", Opt_acdirmax),
160 fsparam_u32("acregmax", Opt_acregmax),
161 fsparam_u32("closetimeo", Opt_closetimeo),
162 fsparam_u32("echo_interval", Opt_echo_interval),
163 fsparam_u32("max_credits", Opt_max_credits),
164 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs),
165 fsparam_u32("handletimeout", Opt_handletimeout),
166 fsparam_u64("snapshot", Opt_snapshot),
167 fsparam_u32("max_channels", Opt_max_channels),
168
169 /* Mount options which take string value */
170 fsparam_string("source", Opt_source),
171 fsparam_string("user", Opt_user),
172 fsparam_string("username", Opt_user),
173 fsparam_string("pass", Opt_pass),
174 fsparam_string("password", Opt_pass),
175 fsparam_string("pass2", Opt_pass2),
176 fsparam_string("password2", Opt_pass2),
177 fsparam_string("ip", Opt_ip),
178 fsparam_string("addr", Opt_ip),
179 fsparam_string("domain", Opt_domain),
180 fsparam_string("dom", Opt_domain),
181 fsparam_string("srcaddr", Opt_srcaddr),
182 fsparam_string("iocharset", Opt_iocharset),
183 fsparam_string("netbiosname", Opt_netbiosname),
184 fsparam_string("servern", Opt_servern),
185 fsparam_string("ver", Opt_ver),
186 fsparam_string("vers", Opt_vers),
187 fsparam_string("sec", Opt_sec),
188 fsparam_string("cache", Opt_cache),
189 fsparam_string("reparse", Opt_reparse),
190 fsparam_string("upcall_target", Opt_upcalltarget),
191 fsparam_string("symlink", Opt_symlink),
192 fsparam_string("symlinkroot", Opt_symlinkroot),
193
194 /* Arguments that should be ignored */
195 fsparam_flag("guest", Opt_ignore),
196 fsparam_flag("noatime", Opt_ignore),
197 fsparam_flag("relatime", Opt_ignore),
198 fsparam_flag("_netdev", Opt_ignore),
199 fsparam_flag_no("suid", Opt_ignore),
200 fsparam_flag_no("exec", Opt_ignore),
201 fsparam_flag_no("dev", Opt_ignore),
202 fsparam_flag_no("mand", Opt_ignore),
203 fsparam_flag_no("auto", Opt_ignore),
204 fsparam_string("cred", Opt_ignore),
205 fsparam_string("credentials", Opt_ignore),
206 /*
207 * UNC and prefixpath is now extracted from Opt_source
208 * in the new mount API so we can just ignore them going forward.
209 */
210 fsparam_string("unc", Opt_ignore),
211 fsparam_string("prefixpath", Opt_ignore),
212 {}
213 };
214
215 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)216 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
217 {
218
219 substring_t args[MAX_OPT_ARGS];
220
221 /*
222 * With mount options, the last one should win. Reset any existing
223 * settings back to default.
224 */
225 ctx->sectype = Unspecified;
226 ctx->sign = false;
227
228 switch (match_token(value, cifs_secflavor_tokens, args)) {
229 case Opt_sec_krb5p:
230 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n");
231 return 1;
232 case Opt_sec_krb5i:
233 ctx->sign = true;
234 fallthrough;
235 case Opt_sec_krb5:
236 ctx->sectype = Kerberos;
237 break;
238 case Opt_sec_ntlmsspi:
239 ctx->sign = true;
240 fallthrough;
241 case Opt_sec_ntlmssp:
242 ctx->sectype = RawNTLMSSP;
243 break;
244 case Opt_sec_ntlmv2i:
245 ctx->sign = true;
246 fallthrough;
247 case Opt_sec_ntlmv2:
248 ctx->sectype = NTLMv2;
249 break;
250 case Opt_sec_none:
251 ctx->nullauth = 1;
252 kfree(ctx->username);
253 ctx->username = NULL;
254 break;
255 default:
256 cifs_errorf(fc, "bad security option: %s\n", value);
257 return 1;
258 }
259
260 return 0;
261 }
262
263 static int
cifs_parse_upcall_target(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)264 cifs_parse_upcall_target(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
265 {
266 substring_t args[MAX_OPT_ARGS];
267
268 ctx->upcall_target = UPTARGET_UNSPECIFIED;
269
270 switch (match_token(value, cifs_upcall_target, args)) {
271 case Opt_upcall_target_mount:
272 ctx->upcall_target = UPTARGET_MOUNT;
273 break;
274 case Opt_upcall_target_application:
275 ctx->upcall_target = UPTARGET_APP;
276 break;
277
278 default:
279 cifs_errorf(fc, "bad upcall target: %s\n", value);
280 return 1;
281 }
282
283 return 0;
284 }
285
286 static const match_table_t cifs_cacheflavor_tokens = {
287 { Opt_cache_loose, "loose" },
288 { Opt_cache_strict, "strict" },
289 { Opt_cache_none, "none" },
290 { Opt_cache_ro, "ro" },
291 { Opt_cache_rw, "singleclient" },
292 { Opt_cache_err, NULL }
293 };
294
295 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)296 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
297 {
298 substring_t args[MAX_OPT_ARGS];
299
300 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
301 case Opt_cache_loose:
302 ctx->direct_io = false;
303 ctx->strict_io = false;
304 ctx->cache_ro = false;
305 ctx->cache_rw = false;
306 break;
307 case Opt_cache_strict:
308 ctx->direct_io = false;
309 ctx->strict_io = true;
310 ctx->cache_ro = false;
311 ctx->cache_rw = false;
312 break;
313 case Opt_cache_none:
314 ctx->direct_io = true;
315 ctx->strict_io = false;
316 ctx->cache_ro = false;
317 ctx->cache_rw = false;
318 break;
319 case Opt_cache_ro:
320 ctx->direct_io = false;
321 ctx->strict_io = false;
322 ctx->cache_ro = true;
323 ctx->cache_rw = false;
324 break;
325 case Opt_cache_rw:
326 ctx->direct_io = false;
327 ctx->strict_io = false;
328 ctx->cache_ro = false;
329 ctx->cache_rw = true;
330 break;
331 default:
332 cifs_errorf(fc, "bad cache= option: %s\n", value);
333 return 1;
334 }
335 return 0;
336 }
337
338 static const match_table_t reparse_flavor_tokens = {
339 { Opt_reparse_default, "default" },
340 { Opt_reparse_none, "none" },
341 { Opt_reparse_nfs, "nfs" },
342 { Opt_reparse_wsl, "wsl" },
343 { Opt_reparse_err, NULL },
344 };
345
parse_reparse_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)346 static int parse_reparse_flavor(struct fs_context *fc, char *value,
347 struct smb3_fs_context *ctx)
348 {
349 substring_t args[MAX_OPT_ARGS];
350
351 switch (match_token(value, reparse_flavor_tokens, args)) {
352 case Opt_reparse_default:
353 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
354 break;
355 case Opt_reparse_none:
356 ctx->reparse_type = CIFS_REPARSE_TYPE_NONE;
357 break;
358 case Opt_reparse_nfs:
359 ctx->reparse_type = CIFS_REPARSE_TYPE_NFS;
360 break;
361 case Opt_reparse_wsl:
362 ctx->reparse_type = CIFS_REPARSE_TYPE_WSL;
363 break;
364 default:
365 cifs_errorf(fc, "bad reparse= option: %s\n", value);
366 return 1;
367 }
368 return 0;
369 }
370
371 static const match_table_t symlink_flavor_tokens = {
372 { Opt_symlink_default, "default" },
373 { Opt_symlink_none, "none" },
374 { Opt_symlink_native, "native" },
375 { Opt_symlink_unix, "unix" },
376 { Opt_symlink_mfsymlinks, "mfsymlinks" },
377 { Opt_symlink_sfu, "sfu" },
378 { Opt_symlink_nfs, "nfs" },
379 { Opt_symlink_wsl, "wsl" },
380 { Opt_symlink_err, NULL },
381 };
382
parse_symlink_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)383 static int parse_symlink_flavor(struct fs_context *fc, char *value,
384 struct smb3_fs_context *ctx)
385 {
386 substring_t args[MAX_OPT_ARGS];
387
388 switch (match_token(value, symlink_flavor_tokens, args)) {
389 case Opt_symlink_default:
390 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
391 break;
392 case Opt_symlink_none:
393 ctx->symlink_type = CIFS_SYMLINK_TYPE_NONE;
394 break;
395 case Opt_symlink_native:
396 ctx->symlink_type = CIFS_SYMLINK_TYPE_NATIVE;
397 break;
398 case Opt_symlink_unix:
399 ctx->symlink_type = CIFS_SYMLINK_TYPE_UNIX;
400 break;
401 case Opt_symlink_mfsymlinks:
402 ctx->symlink_type = CIFS_SYMLINK_TYPE_MFSYMLINKS;
403 break;
404 case Opt_symlink_sfu:
405 ctx->symlink_type = CIFS_SYMLINK_TYPE_SFU;
406 break;
407 case Opt_symlink_nfs:
408 ctx->symlink_type = CIFS_SYMLINK_TYPE_NFS;
409 break;
410 case Opt_symlink_wsl:
411 ctx->symlink_type = CIFS_SYMLINK_TYPE_WSL;
412 break;
413 default:
414 cifs_errorf(fc, "bad symlink= option: %s\n", value);
415 return 1;
416 }
417 return 0;
418 }
419
420 #define DUP_CTX_STR(field) \
421 do { \
422 if (ctx->field) { \
423 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
424 if (new_ctx->field == NULL) { \
425 smb3_cleanup_fs_context_contents(new_ctx); \
426 return -ENOMEM; \
427 } \
428 } \
429 } while (0)
430
431 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)432 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
433 {
434 memcpy(new_ctx, ctx, sizeof(*ctx));
435 new_ctx->prepath = NULL;
436 new_ctx->nodename = NULL;
437 new_ctx->username = NULL;
438 new_ctx->password = NULL;
439 new_ctx->password2 = NULL;
440 new_ctx->server_hostname = NULL;
441 new_ctx->domainname = NULL;
442 new_ctx->UNC = NULL;
443 new_ctx->source = NULL;
444 new_ctx->iocharset = NULL;
445 new_ctx->leaf_fullpath = NULL;
446 new_ctx->dns_dom = NULL;
447 new_ctx->symlinkroot = NULL;
448 /*
449 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
450 */
451 DUP_CTX_STR(prepath);
452 DUP_CTX_STR(username);
453 DUP_CTX_STR(password);
454 DUP_CTX_STR(password2);
455 DUP_CTX_STR(server_hostname);
456 DUP_CTX_STR(UNC);
457 DUP_CTX_STR(source);
458 DUP_CTX_STR(domainname);
459 DUP_CTX_STR(nodename);
460 DUP_CTX_STR(iocharset);
461 DUP_CTX_STR(leaf_fullpath);
462 DUP_CTX_STR(dns_dom);
463 DUP_CTX_STR(symlinkroot);
464
465 return 0;
466 }
467
468 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)469 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
470 {
471 substring_t args[MAX_OPT_ARGS];
472
473 switch (match_token(value, cifs_smb_version_tokens, args)) {
474 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
475 case Smb_1:
476 if (disable_legacy_dialects) {
477 cifs_errorf(fc, "mount with legacy dialect disabled\n");
478 return 1;
479 }
480 if (is_smb3) {
481 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
482 return 1;
483 }
484 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
485 ctx->ops = &smb1_operations;
486 ctx->vals = &smb1_values;
487 break;
488 case Smb_20:
489 if (disable_legacy_dialects) {
490 cifs_errorf(fc, "mount with legacy dialect disabled\n");
491 return 1;
492 }
493 if (is_smb3) {
494 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
495 return 1;
496 }
497 ctx->ops = &smb20_operations;
498 ctx->vals = &smb20_values;
499 break;
500 #else
501 case Smb_1:
502 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
503 return 1;
504 case Smb_20:
505 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
506 return 1;
507 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
508 case Smb_21:
509 ctx->ops = &smb21_operations;
510 ctx->vals = &smb21_values;
511 break;
512 case Smb_30:
513 ctx->ops = &smb30_operations;
514 ctx->vals = &smb30_values;
515 break;
516 case Smb_302:
517 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
518 ctx->vals = &smb302_values;
519 break;
520 case Smb_311:
521 ctx->ops = &smb311_operations;
522 ctx->vals = &smb311_values;
523 break;
524 case Smb_3any:
525 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
526 ctx->vals = &smb3any_values;
527 break;
528 case Smb_default:
529 ctx->ops = &smb30_operations;
530 ctx->vals = &smbdefault_values;
531 break;
532 default:
533 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
534 return 1;
535 }
536 return 0;
537 }
538
539 /*
540 * Remove duplicate path delimiters. Windows is supposed to do that
541 * but there are some bugs that prevent rename from working if there are
542 * multiple delimiters.
543 *
544 * Return a sanitized duplicate of @path or NULL for empty prefix paths.
545 * Otherwise, return ERR_PTR.
546 *
547 * @gfp indicates the GFP_* flags for kstrdup.
548 * The caller is responsible for freeing the original.
549 */
550 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
cifs_sanitize_prepath(char * prepath,gfp_t gfp)551 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
552 {
553 char *cursor1 = prepath, *cursor2 = prepath;
554 char *s;
555
556 /* skip all prepended delimiters */
557 while (IS_DELIM(*cursor1))
558 cursor1++;
559
560 /* exit in case of only delimiters */
561 if (!*cursor1)
562 return NULL;
563
564 /* copy the first letter */
565 *cursor2 = *cursor1;
566
567 /* copy the remainder... */
568 while (*(cursor1++)) {
569 /* ... skipping all duplicated delimiters */
570 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
571 continue;
572 *(++cursor2) = *cursor1;
573 }
574
575 /* if the last character is a delimiter, skip it */
576 if (IS_DELIM(*(cursor2 - 1)))
577 cursor2--;
578
579 *cursor2 = '\0';
580 if (!*prepath)
581 return NULL;
582 s = kstrdup(prepath, gfp);
583 if (!s)
584 return ERR_PTR(-ENOMEM);
585 return s;
586 }
587
588 /*
589 * Return full path based on the values of @ctx->{UNC,prepath}.
590 *
591 * It is assumed that both values were already parsed by smb3_parse_devname().
592 */
smb3_fs_context_fullpath(const struct smb3_fs_context * ctx,char dirsep)593 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep)
594 {
595 size_t ulen, plen;
596 char *s;
597
598 ulen = strlen(ctx->UNC);
599 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0;
600
601 s = kmalloc(ulen + plen + 1, GFP_KERNEL);
602 if (!s)
603 return ERR_PTR(-ENOMEM);
604 memcpy(s, ctx->UNC, ulen);
605 if (plen) {
606 s[ulen] = dirsep;
607 memcpy(s + ulen + 1, ctx->prepath, plen);
608 }
609 s[ulen + plen] = '\0';
610 convert_delimiter(s, dirsep);
611 return s;
612 }
613
614 /*
615 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
616 * fields with the result. Returns 0 on success and an error otherwise
617 * (e.g. ENOMEM or EINVAL)
618 */
619 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)620 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
621 {
622 char *pos;
623 const char *delims = "/\\";
624 size_t len;
625 int rc;
626
627 if (unlikely(!devname || !*devname)) {
628 cifs_dbg(VFS, "Device name not specified\n");
629 return -EINVAL;
630 }
631
632 /* make sure we have a valid UNC double delimiter prefix */
633 len = strspn(devname, delims);
634 if (len != 2) {
635 cifs_dbg(VFS, "UNC: path must begin with // or \\\\\n");
636 return -EINVAL;
637 }
638
639 /* find delimiter between host and sharename */
640 pos = strpbrk(devname + 2, delims);
641 if (!pos) {
642 cifs_dbg(VFS, "UNC: missing delimiter between hostname and share name\n");
643 return -EINVAL;
644 }
645
646 /* record the server hostname */
647 kfree(ctx->server_hostname);
648 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
649 if (!ctx->server_hostname)
650 return -ENOMEM;
651
652 /* skip past delimiter */
653 ++pos;
654
655 /* now go until next delimiter or end of string */
656 len = strcspn(pos, delims);
657 if (!len) {
658 cifs_dbg(VFS, "UNC: missing share name\n");
659 return -EINVAL;
660 }
661
662 /* move "pos" up to delimiter or NULL */
663 pos += len;
664 kfree(ctx->UNC);
665 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
666 if (!ctx->UNC)
667 return -ENOMEM;
668
669 convert_delimiter(ctx->UNC, '\\');
670
671 /* skip any delimiter */
672 if (*pos == '/' || *pos == '\\')
673 pos++;
674
675 kfree(ctx->prepath);
676 ctx->prepath = NULL;
677
678 /* If pos is NULL then no prepath */
679 if (!*pos)
680 return 0;
681
682 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
683 if (IS_ERR(ctx->prepath)) {
684 rc = PTR_ERR(ctx->prepath);
685 ctx->prepath = NULL;
686 return rc;
687 }
688
689 return 0;
690 }
691
smb3_handle_conflicting_options(struct fs_context * fc)692 static int smb3_handle_conflicting_options(struct fs_context *fc)
693 {
694 struct smb3_fs_context *ctx = smb3_fc2context(fc);
695
696 if (ctx->multichannel_specified) {
697 if (ctx->multichannel) {
698 if (!ctx->max_channels_specified) {
699 ctx->max_channels = 2;
700 } else if (ctx->max_channels == 1) {
701 cifs_errorf(fc,
702 "max_channels must be greater than 1 when multichannel is enabled\n");
703 return -EINVAL;
704 }
705 } else {
706 if (!ctx->max_channels_specified) {
707 ctx->max_channels = 1;
708 } else if (ctx->max_channels > 1) {
709 cifs_errorf(fc,
710 "max_channels must be equal to 1 when multichannel is disabled\n");
711 return -EINVAL;
712 }
713 }
714 } else {
715 if (ctx->max_channels_specified) {
716 if (ctx->max_channels > 1)
717 ctx->multichannel = true;
718 else
719 ctx->multichannel = false;
720 } else {
721 ctx->multichannel = false;
722 ctx->max_channels = 1;
723 }
724 }
725
726 //resetting default values as remount doesn't initialize fs_context again
727 ctx->multichannel_specified = false;
728 ctx->max_channels_specified = false;
729
730 return 0;
731 }
732
733 static void smb3_fs_context_free(struct fs_context *fc);
734 static int smb3_fs_context_parse_param(struct fs_context *fc,
735 struct fs_parameter *param);
736 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
737 void *data);
738 static int smb3_get_tree(struct fs_context *fc);
739 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, size_t max_channels);
740 static int smb3_reconfigure(struct fs_context *fc);
741
742 static const struct fs_context_operations smb3_fs_context_ops = {
743 .free = smb3_fs_context_free,
744 .parse_param = smb3_fs_context_parse_param,
745 .parse_monolithic = smb3_fs_context_parse_monolithic,
746 .get_tree = smb3_get_tree,
747 .reconfigure = smb3_reconfigure,
748 };
749
750 /*
751 * Parse a monolithic block of data from sys_mount().
752 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
753 * @ctx: The superblock configuration to fill in.
754 * @data: The data to parse
755 *
756 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
757 * called from the ->monolithic_mount_data() fs_context operation.
758 *
759 * Returns 0 on success or the error returned by the ->parse_option() fs_context
760 * operation on failure.
761 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)762 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
763 void *data)
764 {
765 char *options = data, *key;
766 int ret = 0;
767
768 if (!options)
769 return 0;
770
771 ret = security_sb_eat_lsm_opts(options, &fc->security);
772 if (ret)
773 return ret;
774
775 /* BB Need to add support for sep= here TBD */
776 while ((key = strsep(&options, ",")) != NULL) {
777 size_t len;
778 char *value;
779
780 if (*key == 0)
781 break;
782
783 /* Check if following character is the deliminator If yes,
784 * we have encountered a double deliminator reset the NULL
785 * character to the deliminator
786 */
787 while (options && options[0] == ',') {
788 len = strlen(key);
789 strcpy(key + len, options);
790 options = strchr(options, ',');
791 if (options)
792 *options++ = 0;
793 }
794
795
796 value = strchr(key, '=');
797 if (value) {
798 if (value == key)
799 continue;
800 *value++ = 0;
801 }
802
803 ret = vfs_parse_fs_string(fc, key, value);
804 if (ret < 0)
805 break;
806 }
807 return ret ?: smb3_handle_conflicting_options(fc);
808 }
809
810 /*
811 * Validate the preparsed information in the config.
812 */
smb3_fs_context_validate(struct fs_context * fc)813 static int smb3_fs_context_validate(struct fs_context *fc)
814 {
815 struct smb3_fs_context *ctx = smb3_fc2context(fc);
816
817 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
818 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
819 return -EOPNOTSUPP;
820 }
821
822 #ifndef CONFIG_KEYS
823 /* Muliuser mounts require CONFIG_KEYS support */
824 if (ctx->multiuser) {
825 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
826 return -1;
827 }
828 #endif
829
830 if (ctx->got_version == false)
831 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
832
833
834 if (!ctx->UNC) {
835 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
836 return -1;
837 }
838
839 /* make sure UNC has a share name */
840 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
841 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
842 return -ENOENT;
843 }
844
845 if (!ctx->got_ip) {
846 int len;
847 const char *slash;
848
849 /* No ip= option specified? Try to get it from UNC */
850 /* Use the address part of the UNC. */
851 slash = strchr(&ctx->UNC[2], '\\');
852 len = slash - &ctx->UNC[2];
853 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
854 &ctx->UNC[2], len)) {
855 pr_err("Unable to determine destination address\n");
856 return -EHOSTUNREACH;
857 }
858 }
859
860 /* set the port that we got earlier */
861 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
862
863 if (ctx->uid_specified && !ctx->forceuid_specified) {
864 ctx->override_uid = 1;
865 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n");
866 }
867
868 if (ctx->gid_specified && !ctx->forcegid_specified) {
869 ctx->override_gid = 1;
870 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n");
871 }
872
873 if (ctx->override_uid && !ctx->uid_specified) {
874 ctx->override_uid = 0;
875 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
876 }
877
878 if (ctx->override_gid && !ctx->gid_specified) {
879 ctx->override_gid = 0;
880 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
881 }
882
883 return 0;
884 }
885
smb3_get_tree_common(struct fs_context * fc)886 static int smb3_get_tree_common(struct fs_context *fc)
887 {
888 struct smb3_fs_context *ctx = smb3_fc2context(fc);
889 struct dentry *root;
890 int rc = 0;
891
892 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
893 if (IS_ERR(root))
894 return PTR_ERR(root);
895
896 fc->root = root;
897
898 return rc;
899 }
900
901 /*
902 * Create an SMB3 superblock from the parameters passed.
903 */
smb3_get_tree(struct fs_context * fc)904 static int smb3_get_tree(struct fs_context *fc)
905 {
906 int err = smb3_fs_context_validate(fc);
907 int ret;
908
909 if (err)
910 return err;
911 cifs_mount_lock();
912 ret = smb3_get_tree_common(fc);
913 cifs_mount_unlock();
914 return ret;
915 }
916
smb3_fs_context_free(struct fs_context * fc)917 static void smb3_fs_context_free(struct fs_context *fc)
918 {
919 struct smb3_fs_context *ctx = smb3_fc2context(fc);
920
921 smb3_cleanup_fs_context(ctx);
922 }
923
924 /*
925 * Compare the old and new proposed context during reconfigure
926 * and check if the changes are compatible.
927 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx,bool need_recon)928 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
929 struct smb3_fs_context *new_ctx,
930 struct smb3_fs_context *old_ctx, bool need_recon)
931 {
932 if (new_ctx->posix_paths != old_ctx->posix_paths) {
933 cifs_errorf(fc, "can not change posixpaths during remount\n");
934 return -EINVAL;
935 }
936 if (new_ctx->sectype != old_ctx->sectype) {
937 cifs_errorf(fc, "can not change sec during remount\n");
938 return -EINVAL;
939 }
940 if (new_ctx->multiuser != old_ctx->multiuser) {
941 cifs_errorf(fc, "can not change multiuser during remount\n");
942 return -EINVAL;
943 }
944 if (new_ctx->UNC &&
945 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
946 cifs_errorf(fc, "can not change UNC during remount\n");
947 return -EINVAL;
948 }
949 if (new_ctx->username &&
950 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
951 cifs_errorf(fc, "can not change username during remount\n");
952 return -EINVAL;
953 }
954 if (new_ctx->password &&
955 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
956 if (need_recon == false) {
957 cifs_errorf(fc,
958 "can not change password of active session during remount\n");
959 return -EINVAL;
960 } else if (old_ctx->sectype == Kerberos) {
961 cifs_errorf(fc,
962 "can not change password for Kerberos via remount\n");
963 return -EINVAL;
964 }
965 }
966 if (new_ctx->domainname &&
967 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
968 cifs_errorf(fc, "can not change domainname during remount\n");
969 return -EINVAL;
970 }
971 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
972 cifs_errorf(fc, "can not change workstation_name during remount\n");
973 return -EINVAL;
974 }
975 if (new_ctx->nodename &&
976 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
977 cifs_errorf(fc, "can not change nodename during remount\n");
978 return -EINVAL;
979 }
980 if (new_ctx->iocharset &&
981 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
982 cifs_errorf(fc, "can not change iocharset during remount\n");
983 return -EINVAL;
984 }
985 if (new_ctx->unicode != old_ctx->unicode) {
986 cifs_errorf(fc, "can not change unicode during remount\n");
987 return -EINVAL;
988 }
989 if (new_ctx->rfc1001_sessinit != old_ctx->rfc1001_sessinit) {
990 cifs_errorf(fc, "can not change nbsessinit during remount\n");
991 return -EINVAL;
992 }
993
994 return 0;
995 }
996
997 #define STEAL_STRING(cifs_sb, ctx, field) \
998 do { \
999 kfree(ctx->field); \
1000 ctx->field = cifs_sb->ctx->field; \
1001 cifs_sb->ctx->field = NULL; \
1002 } while (0)
1003
1004 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \
1005 do { \
1006 kfree_sensitive(ctx->field); \
1007 ctx->field = cifs_sb->ctx->field; \
1008 cifs_sb->ctx->field = NULL; \
1009 } while (0)
1010
smb3_sync_session_ctx_passwords(struct cifs_sb_info * cifs_sb,struct cifs_ses * ses)1011 int smb3_sync_session_ctx_passwords(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses)
1012 {
1013 char *password = NULL, *password2 = NULL;
1014
1015 if (ses->password &&
1016 cifs_sb->ctx->password &&
1017 strcmp(ses->password, cifs_sb->ctx->password)) {
1018 password = kstrdup(ses->password, GFP_KERNEL);
1019 if (!password)
1020 return -ENOMEM;
1021 }
1022 if (ses->password2 &&
1023 cifs_sb->ctx->password2 &&
1024 strcmp(ses->password2, cifs_sb->ctx->password2)) {
1025 password2 = kstrdup(ses->password2, GFP_KERNEL);
1026 if (!password2) {
1027 kfree_sensitive(password);
1028 return -ENOMEM;
1029 }
1030 }
1031
1032 if (password) {
1033 kfree_sensitive(cifs_sb->ctx->password);
1034 cifs_sb->ctx->password = password;
1035 }
1036 if (password2) {
1037 kfree_sensitive(cifs_sb->ctx->password2);
1038 cifs_sb->ctx->password2 = password2;
1039 }
1040
1041 return 0;
1042 }
1043
1044 /*
1045 * smb3_sync_ses_chan_max - Synchronize the session's maximum channel count
1046 * @ses: pointer to the old CIFS session structure
1047 * @max_channels: new maximum number of channels to allow
1048 *
1049 * Updates the session's chan_max field to the new value, protecting the update
1050 * with the session's channel lock. This should be called whenever the maximum
1051 * allowed channels for a session changes (e.g., after a remount or reconfigure).
1052 */
smb3_sync_ses_chan_max(struct cifs_ses * ses,size_t max_channels)1053 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, size_t max_channels)
1054 {
1055 spin_lock(&ses->chan_lock);
1056 ses->chan_max = max_channels;
1057 spin_unlock(&ses->chan_lock);
1058 }
1059
smb3_reconfigure(struct fs_context * fc)1060 static int smb3_reconfigure(struct fs_context *fc)
1061 {
1062 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1063 struct smb3_fs_context *new_ctx = NULL;
1064 struct smb3_fs_context *old_ctx = NULL;
1065 struct dentry *root = fc->root;
1066 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
1067 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses;
1068 unsigned int rsize = ctx->rsize, wsize = ctx->wsize;
1069 char *new_password = NULL, *new_password2 = NULL;
1070 bool need_recon = false;
1071 bool need_mchan_update;
1072 int rc;
1073
1074 if (ses->expired_pwd)
1075 need_recon = true;
1076
1077 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon);
1078 if (rc)
1079 return rc;
1080
1081 old_ctx = kzalloc_obj(*old_ctx);
1082 if (!old_ctx)
1083 return -ENOMEM;
1084
1085 rc = smb3_fs_context_dup(old_ctx, cifs_sb->ctx);
1086 if (rc) {
1087 kfree(old_ctx);
1088 return rc;
1089 }
1090
1091 /*
1092 * We can not change UNC/username/password/domainname/
1093 * workstation_name/nodename/iocharset
1094 * during reconnect so ignore what we have in the new context and
1095 * just use what we already have in cifs_sb->ctx.
1096 */
1097 STEAL_STRING(cifs_sb, ctx, UNC);
1098 STEAL_STRING(cifs_sb, ctx, source);
1099 STEAL_STRING(cifs_sb, ctx, username);
1100 STEAL_STRING(cifs_sb, ctx, domainname);
1101 STEAL_STRING(cifs_sb, ctx, nodename);
1102 STEAL_STRING(cifs_sb, ctx, iocharset);
1103
1104 if (!need_recon) {
1105 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1106 } else {
1107 if (ctx->password) {
1108 new_password = kstrdup(ctx->password, GFP_KERNEL);
1109 if (!new_password) {
1110 rc = -ENOMEM;
1111 goto restore_ctx;
1112 }
1113 } else {
1114 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1115 }
1116 }
1117
1118 /*
1119 * if a new password2 has been specified, then reset it's value
1120 * inside the ses struct
1121 */
1122 if (ctx->password2) {
1123 new_password2 = kstrdup(ctx->password2, GFP_KERNEL);
1124 if (!new_password2) {
1125 rc = -ENOMEM;
1126 goto restore_ctx;
1127 }
1128 } else {
1129 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password2);
1130 }
1131
1132 /* if rsize or wsize not passed in on remount, use previous values */
1133 ctx->rsize = rsize ? CIFS_ALIGN_RSIZE(fc, rsize) : cifs_sb->ctx->rsize;
1134 ctx->wsize = wsize ? CIFS_ALIGN_WSIZE(fc, wsize) : cifs_sb->ctx->wsize;
1135
1136 new_ctx = kzalloc_obj(*new_ctx);
1137 if (!new_ctx) {
1138 rc = -ENOMEM;
1139 goto restore_ctx;
1140 }
1141
1142 rc = smb3_fs_context_dup(new_ctx, ctx);
1143 if (rc)
1144 goto restore_ctx;
1145
1146 need_mchan_update = ctx->multichannel != cifs_sb->ctx->multichannel ||
1147 ctx->max_channels != cifs_sb->ctx->max_channels;
1148
1149 /*
1150 * we may update the passwords in the ses struct below. Make sure we do
1151 * not race with smb2_reconnect
1152 */
1153 mutex_lock(&ses->session_mutex);
1154
1155 /*
1156 * smb2_reconnect may swap password and password2 in case session setup
1157 * failed. First get ctx passwords in sync with ses passwords. It should
1158 * be done before committing new passwords.
1159 */
1160 rc = smb3_sync_session_ctx_passwords(cifs_sb, ses);
1161 if (rc) {
1162 mutex_unlock(&ses->session_mutex);
1163 goto cleanup_new_ctx;
1164 }
1165
1166 /*
1167 * If multichannel or max_channels has changed, update the session's channels accordingly.
1168 * This may add or remove channels to match the new configuration.
1169 */
1170 if (need_mchan_update) {
1171 /* Prevent concurrent scaling operations */
1172 spin_lock(&ses->ses_lock);
1173 if (ses->flags & CIFS_SES_FLAG_SCALE_CHANNELS) {
1174 spin_unlock(&ses->ses_lock);
1175 mutex_unlock(&ses->session_mutex);
1176 rc = -EINVAL;
1177 goto cleanup_new_ctx;
1178 }
1179 ses->flags |= CIFS_SES_FLAG_SCALE_CHANNELS;
1180 spin_unlock(&ses->ses_lock);
1181 }
1182
1183 /*
1184 * Commit session passwords before any channel work so newly added
1185 * channels authenticate with the new credentials.
1186 */
1187 if (new_password) {
1188 kfree_sensitive(ses->password);
1189 ses->password = new_password;
1190 new_password = NULL;
1191 }
1192 if (new_password2) {
1193 kfree_sensitive(ses->password2);
1194 ses->password2 = new_password2;
1195 new_password2 = NULL;
1196 }
1197
1198 if (need_mchan_update) {
1199 /* Synchronize ses->chan_max with the new mount context */
1200 smb3_sync_ses_chan_max(ses, ctx->max_channels);
1201
1202 mutex_unlock(&ses->session_mutex);
1203
1204 smb3_update_ses_channels(ses, ses->server,
1205 false /* from_reconnect */,
1206 false /* disable_mchan */);
1207
1208 /* Clear scaling flag after operation */
1209 spin_lock(&ses->ses_lock);
1210 ses->flags &= ~CIFS_SES_FLAG_SCALE_CHANNELS;
1211 spin_unlock(&ses->ses_lock);
1212 } else {
1213 mutex_unlock(&ses->session_mutex);
1214 }
1215
1216 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
1217 memcpy(cifs_sb->ctx, new_ctx, sizeof(*new_ctx));
1218 kfree(new_ctx);
1219 new_ctx = NULL;
1220 smb3_cleanup_fs_context(old_ctx);
1221 old_ctx = NULL;
1222 smb3_update_mnt_flags(cifs_sb);
1223 #ifdef CONFIG_CIFS_DFS_UPCALL
1224 if (!rc)
1225 rc = dfs_cache_remount_fs(cifs_sb);
1226 #endif
1227
1228 return rc;
1229
1230 cleanup_new_ctx:
1231 smb3_cleanup_fs_context_contents(new_ctx);
1232 restore_ctx:
1233 kfree(new_ctx);
1234 kfree_sensitive(new_password);
1235 kfree_sensitive(new_password2);
1236 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
1237 memcpy(cifs_sb->ctx, old_ctx, sizeof(*old_ctx));
1238 kfree(old_ctx);
1239
1240 return rc;
1241 }
1242
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)1243 static int smb3_fs_context_parse_param(struct fs_context *fc,
1244 struct fs_parameter *param)
1245 {
1246 struct fs_parse_result result;
1247 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1248 int i, opt;
1249 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
1250 bool skip_parsing = false;
1251 char *hostname;
1252
1253 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
1254
1255 /*
1256 * fs_parse can not handle string options with an empty value so
1257 * we will need special handling of them.
1258 */
1259 if (param->type == fs_value_is_string && param->string[0] == 0) {
1260 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
1261 skip_parsing = true;
1262 opt = Opt_pass;
1263 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
1264 skip_parsing = true;
1265 opt = Opt_user;
1266 } else if (!strcmp("pass2", param->key) || !strcmp("password2", param->key)) {
1267 skip_parsing = true;
1268 opt = Opt_pass2;
1269 }
1270 }
1271
1272 if (!skip_parsing) {
1273 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
1274 if (opt < 0)
1275 return ctx->sloppy ? 1 : opt;
1276 }
1277
1278 switch (opt) {
1279 case Opt_compress:
1280 if (!IS_ENABLED(CONFIG_CIFS_COMPRESSION)) {
1281 cifs_errorf(fc, "CONFIG_CIFS_COMPRESSION kernel config option is unset\n");
1282 goto cifs_parse_mount_err;
1283 }
1284 ctx->compress = true;
1285 cifs_dbg(VFS, "SMB3 compression support is experimental\n");
1286 break;
1287 case Opt_nodfs:
1288 ctx->nodfs = 1;
1289 break;
1290 case Opt_hard:
1291 if (result.negated) {
1292 if (ctx->retry == 1)
1293 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n");
1294 ctx->retry = 0;
1295 } else
1296 ctx->retry = 1;
1297 break;
1298 case Opt_soft:
1299 if (result.negated)
1300 ctx->retry = 1;
1301 else {
1302 if (ctx->retry == 1)
1303 cifs_dbg(VFS, "conflicting hard vs soft mount options\n");
1304 ctx->retry = 0;
1305 }
1306 break;
1307 case Opt_mapposix:
1308 if (result.negated)
1309 ctx->remap = false;
1310 else {
1311 ctx->remap = true;
1312 ctx->sfu_remap = false; /* disable SFU mapping */
1313 }
1314 break;
1315 case Opt_mapchars:
1316 if (result.negated)
1317 ctx->sfu_remap = false;
1318 else {
1319 ctx->sfu_remap = true;
1320 ctx->remap = false; /* disable SFM (mapposix) mapping */
1321 }
1322 break;
1323 case Opt_user_xattr:
1324 if (result.negated)
1325 ctx->no_xattr = 1;
1326 else
1327 ctx->no_xattr = 0;
1328 break;
1329 case Opt_forceuid:
1330 if (result.negated)
1331 ctx->override_uid = 0;
1332 else
1333 ctx->override_uid = 1;
1334 ctx->forceuid_specified = true;
1335 break;
1336 case Opt_forcegid:
1337 if (result.negated)
1338 ctx->override_gid = 0;
1339 else
1340 ctx->override_gid = 1;
1341 ctx->forcegid_specified = true;
1342 break;
1343 case Opt_perm:
1344 if (result.negated)
1345 ctx->noperm = 1;
1346 else
1347 ctx->noperm = 0;
1348 break;
1349 case Opt_dynperm:
1350 if (result.negated)
1351 ctx->dynperm = 0;
1352 else
1353 ctx->dynperm = 1;
1354 break;
1355 case Opt_sfu:
1356 if (result.negated)
1357 ctx->sfu_emul = 0;
1358 else
1359 ctx->sfu_emul = 1;
1360 break;
1361 case Opt_noblocksend:
1362 ctx->noblocksnd = 1;
1363 break;
1364 case Opt_noautotune:
1365 ctx->noautotune = 1;
1366 break;
1367 case Opt_lease:
1368 ctx->no_lease = result.negated;
1369 break;
1370 case Opt_nosparse:
1371 ctx->no_sparse = 1;
1372 break;
1373 case Opt_nodelete:
1374 ctx->nodelete = 1;
1375 break;
1376 case Opt_multichannel:
1377 ctx->multichannel_specified = true;
1378 if (result.negated)
1379 ctx->multichannel = false;
1380 else
1381 ctx->multichannel = true;
1382 break;
1383 case Opt_uid:
1384 ctx->linux_uid = result.uid;
1385 ctx->uid_specified = true;
1386 break;
1387 case Opt_cruid:
1388 ctx->cred_uid = result.uid;
1389 ctx->cruid_specified = true;
1390 break;
1391 case Opt_backupuid:
1392 ctx->backupuid = result.uid;
1393 ctx->backupuid_specified = true;
1394 break;
1395 case Opt_backupgid:
1396 ctx->backupgid = result.gid;
1397 ctx->backupgid_specified = true;
1398 break;
1399 case Opt_gid:
1400 ctx->linux_gid = result.gid;
1401 ctx->gid_specified = true;
1402 break;
1403 case Opt_port:
1404 ctx->port = result.uint_32;
1405 break;
1406 case Opt_file_mode:
1407 ctx->file_mode = result.uint_32;
1408 break;
1409 case Opt_dirmode:
1410 ctx->dir_mode = result.uint_32;
1411 break;
1412 case Opt_min_enc_offload:
1413 ctx->min_offload = result.uint_32;
1414 break;
1415 case Opt_retrans:
1416 ctx->retrans = result.uint_32;
1417 break;
1418 case Opt_blocksize:
1419 /*
1420 * inode blocksize realistically should never need to be
1421 * less than 16K or greater than 16M and default is 1MB.
1422 * Note that small inode block sizes (e.g. 64K) can lead
1423 * to very poor performance of common tools like cp and scp
1424 */
1425 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1426 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1427 cifs_errorf(fc, "%s: Invalid blocksize\n",
1428 __func__);
1429 goto cifs_parse_mount_err;
1430 }
1431 ctx->bsize = CIFS_ALIGN_BSIZE(fc, result.uint_32);
1432 ctx->got_bsize = true;
1433 break;
1434 case Opt_rasize:
1435 /*
1436 * readahead size realistically should never need to be
1437 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1438 * (perhaps an exception should be considered in the
1439 * for the case of a large number of channels
1440 * when multichannel is negotiated) since that would lead
1441 * to plenty of parallel I/O in flight to the server.
1442 * Note that smaller read ahead sizes would
1443 * hurt performance of common tools like cp and scp
1444 * which often trigger sequential i/o with read ahead
1445 */
1446 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1447 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1448 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1449 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1450 goto cifs_parse_mount_err;
1451 }
1452 ctx->rasize = result.uint_32;
1453 break;
1454 case Opt_rsize:
1455 ctx->rsize = CIFS_ALIGN_RSIZE(fc, result.uint_32);
1456 ctx->got_rsize = true;
1457 ctx->vol_rsize = ctx->rsize;
1458 break;
1459 case Opt_wsize:
1460 ctx->wsize = CIFS_ALIGN_WSIZE(fc, result.uint_32);
1461 ctx->got_wsize = true;
1462 ctx->vol_wsize = ctx->wsize;
1463 break;
1464 case Opt_acregmax:
1465 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1466 cifs_errorf(fc, "acregmax too large\n");
1467 goto cifs_parse_mount_err;
1468 }
1469 ctx->acregmax = HZ * result.uint_32;
1470 break;
1471 case Opt_acdirmax:
1472 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1473 cifs_errorf(fc, "acdirmax too large\n");
1474 goto cifs_parse_mount_err;
1475 }
1476 ctx->acdirmax = HZ * result.uint_32;
1477 break;
1478 case Opt_actimeo:
1479 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1480 cifs_errorf(fc, "timeout too large\n");
1481 goto cifs_parse_mount_err;
1482 }
1483 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1484 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1485 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1486 break;
1487 }
1488 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1489 break;
1490 case Opt_closetimeo:
1491 if (result.uint_32 > SMB3_MAX_DCLOSETIMEO / HZ) {
1492 cifs_errorf(fc, "closetimeo too large\n");
1493 goto cifs_parse_mount_err;
1494 }
1495 ctx->closetimeo = HZ * result.uint_32;
1496 break;
1497 case Opt_echo_interval:
1498 if (result.uint_32 < SMB_ECHO_INTERVAL_MIN ||
1499 result.uint_32 > SMB_ECHO_INTERVAL_MAX) {
1500 cifs_errorf(fc, "echo interval is out of bounds\n");
1501 goto cifs_parse_mount_err;
1502 }
1503 ctx->echo_interval = result.uint_32;
1504 break;
1505 case Opt_snapshot:
1506 ctx->snapshot_time = result.uint_64;
1507 break;
1508 case Opt_max_credits:
1509 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1510 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1511 __func__);
1512 goto cifs_parse_mount_err;
1513 }
1514 ctx->max_credits = result.uint_32;
1515 break;
1516 case Opt_max_channels:
1517 ctx->max_channels_specified = true;
1518 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1519 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1520 __func__, CIFS_MAX_CHANNELS);
1521 goto cifs_parse_mount_err;
1522 }
1523 ctx->max_channels = result.uint_32;
1524 break;
1525 case Opt_max_cached_dirs:
1526 if (result.uint_32 < 1) {
1527 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n",
1528 __func__);
1529 goto cifs_parse_mount_err;
1530 }
1531 ctx->max_cached_dirs = result.uint_32;
1532 break;
1533 case Opt_handletimeout:
1534 ctx->handle_timeout = result.uint_32;
1535 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1536 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1537 goto cifs_parse_mount_err;
1538 }
1539 break;
1540 case Opt_source:
1541 kfree(ctx->UNC);
1542 ctx->UNC = NULL;
1543 switch (smb3_parse_devname(param->string, ctx)) {
1544 case 0:
1545 break;
1546 case -ENOMEM:
1547 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1548 goto cifs_parse_mount_err;
1549 case -EINVAL:
1550 cifs_errorf(fc, "Malformed UNC in devname\n");
1551 goto cifs_parse_mount_err;
1552 default:
1553 cifs_errorf(fc, "Unknown error parsing devname\n");
1554 goto cifs_parse_mount_err;
1555 }
1556 kfree(ctx->source);
1557 ctx->source = smb3_fs_context_fullpath(ctx, '/');
1558 if (IS_ERR(ctx->source)) {
1559 ctx->source = NULL;
1560 cifs_errorf(fc, "OOM when copying UNC string\n");
1561 goto cifs_parse_mount_err;
1562 }
1563 kfree(fc->source);
1564 fc->source = kstrdup(ctx->source, GFP_KERNEL);
1565 if (fc->source == NULL) {
1566 cifs_errorf(fc, "OOM when copying UNC string\n");
1567 goto cifs_parse_mount_err;
1568 }
1569 hostname = extract_hostname(ctx->UNC);
1570 if (IS_ERR(hostname)) {
1571 cifs_errorf(fc, "Cannot extract hostname from UNC string\n");
1572 goto cifs_parse_mount_err;
1573 }
1574 /* last byte, type, is 0x20 for servr type */
1575 memset(ctx->target_rfc1001_name, 0x20, RFC1001_NAME_LEN_WITH_NULL);
1576 for (i = 0; i < RFC1001_NAME_LEN && hostname[i] != 0; i++)
1577 ctx->target_rfc1001_name[i] = toupper(hostname[i]);
1578 kfree(hostname);
1579 break;
1580 case Opt_user:
1581 kfree(ctx->username);
1582 ctx->username = NULL;
1583 if (ctx->nullauth)
1584 break;
1585 if (strlen(param->string) == 0) {
1586 /* null user, ie. anonymous authentication */
1587 ctx->nullauth = 1;
1588 break;
1589 }
1590
1591 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) ==
1592 CIFS_MAX_USERNAME_LEN) {
1593 pr_warn("username too long\n");
1594 goto cifs_parse_mount_err;
1595 }
1596 ctx->username = no_free_ptr(param->string);
1597 break;
1598 case Opt_pass:
1599 kfree_sensitive(ctx->password);
1600 ctx->password = NULL;
1601 if (strlen(param->string) == 0)
1602 break;
1603 ctx->password = no_free_ptr(param->string);
1604 break;
1605 case Opt_pass2:
1606 kfree_sensitive(ctx->password2);
1607 ctx->password2 = NULL;
1608 if (strlen(param->string) == 0)
1609 break;
1610 ctx->password2 = no_free_ptr(param->string);
1611 break;
1612 case Opt_ip:
1613 if (strlen(param->string) == 0) {
1614 ctx->got_ip = false;
1615 break;
1616 }
1617 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1618 param->string,
1619 strlen(param->string))) {
1620 pr_err("bad ip= option (%s)\n", param->string);
1621 goto cifs_parse_mount_err;
1622 }
1623 ctx->got_ip = true;
1624 break;
1625 case Opt_domain:
1626 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1627 == CIFS_MAX_DOMAINNAME_LEN) {
1628 pr_warn("domain name too long\n");
1629 goto cifs_parse_mount_err;
1630 }
1631
1632 kfree(ctx->domainname);
1633 ctx->domainname = no_free_ptr(param->string);
1634 cifs_dbg(FYI, "Domain name set\n");
1635 break;
1636 case Opt_srcaddr:
1637 if (!cifs_convert_address(
1638 (struct sockaddr *)&ctx->srcaddr,
1639 param->string, strlen(param->string))) {
1640 pr_warn("Could not parse srcaddr: %s\n",
1641 param->string);
1642 goto cifs_parse_mount_err;
1643 }
1644 break;
1645 case Opt_iocharset:
1646 if (strnlen(param->string, 1024) >= 65) {
1647 pr_warn("iocharset name too long\n");
1648 goto cifs_parse_mount_err;
1649 }
1650
1651 if (strncasecmp(param->string, "default", 7) != 0) {
1652 kfree(ctx->iocharset);
1653 ctx->iocharset = no_free_ptr(param->string);
1654 }
1655 /* if iocharset not set then load_nls_default
1656 * is used by caller
1657 */
1658 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1659 break;
1660 case Opt_netbiosname:
1661 memset(ctx->source_rfc1001_name, 0x20,
1662 RFC1001_NAME_LEN);
1663 /*
1664 * FIXME: are there cases in which a comma can
1665 * be valid in workstation netbios name (and
1666 * need special handling)?
1667 */
1668 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1669 /* don't ucase netbiosname for user */
1670 if (param->string[i] == 0)
1671 break;
1672 ctx->source_rfc1001_name[i] = param->string[i];
1673 }
1674 /* The string has 16th byte zero still from
1675 * set at top of the function
1676 */
1677 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1678 pr_warn("netbiosname longer than 15 truncated\n");
1679 break;
1680 case Opt_servern:
1681 /* last byte, type, is 0x20 for servr type */
1682 memset(ctx->target_rfc1001_name, 0x20,
1683 RFC1001_NAME_LEN_WITH_NULL);
1684 /*
1685 * BB are there cases in which a comma can be valid in this
1686 * workstation netbios name (and need special handling)?
1687 */
1688
1689 /* user or mount helper must uppercase the netbios name */
1690 for (i = 0; i < 15; i++) {
1691 if (param->string[i] == 0)
1692 break;
1693 ctx->target_rfc1001_name[i] = param->string[i];
1694 }
1695
1696 /* The string has 16th byte zero still from set at top of function */
1697 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1698 pr_warn("server netbiosname longer than 15 truncated\n");
1699 break;
1700 case Opt_nbsessinit:
1701 ctx->rfc1001_sessinit = !result.negated;
1702 cifs_dbg(FYI, "rfc1001_sessinit set to %d\n", ctx->rfc1001_sessinit);
1703 break;
1704 case Opt_ver:
1705 /* version of mount userspace tools, not dialect */
1706 /* If interface changes in mount.cifs bump to new ver */
1707 if (strncasecmp(param->string, "1", 1) == 0) {
1708 if (strlen(param->string) > 1) {
1709 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1710 param->string);
1711 goto cifs_parse_mount_err;
1712 }
1713 /* This is the default */
1714 break;
1715 }
1716 /* For all other value, error */
1717 pr_warn("Invalid mount helper version specified\n");
1718 goto cifs_parse_mount_err;
1719 case Opt_vers:
1720 /* protocol version (dialect) */
1721 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1722 goto cifs_parse_mount_err;
1723 ctx->got_version = true;
1724 break;
1725 case Opt_sec:
1726 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1727 goto cifs_parse_mount_err;
1728 break;
1729 case Opt_upcalltarget:
1730 if (cifs_parse_upcall_target(fc, param->string, ctx) != 0)
1731 goto cifs_parse_mount_err;
1732 break;
1733 case Opt_cache:
1734 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1735 goto cifs_parse_mount_err;
1736 break;
1737 case Opt_witness:
1738 #ifndef CONFIG_CIFS_SWN_UPCALL
1739 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1740 goto cifs_parse_mount_err;
1741 #endif
1742 ctx->witness = true;
1743 pr_warn_once("Witness protocol support is experimental\n");
1744 break;
1745 case Opt_unicode:
1746 ctx->unicode = !result.negated;
1747 cifs_dbg(FYI, "unicode set to %d\n", ctx->unicode);
1748 break;
1749 case Opt_rootfs:
1750 #ifndef CONFIG_CIFS_ROOT
1751 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1752 goto cifs_parse_mount_err;
1753 #endif
1754 ctx->rootfs = true;
1755 break;
1756 case Opt_posixpaths:
1757 if (result.negated)
1758 ctx->posix_paths = 0;
1759 else
1760 ctx->posix_paths = 1;
1761 break;
1762 case Opt_unix:
1763 if (result.negated) {
1764 if (ctx->linux_ext == 1)
1765 pr_warn_once("conflicting posix mount options specified\n");
1766 ctx->linux_ext = 0;
1767 ctx->no_linux_ext = 1;
1768 } else {
1769 if (ctx->no_linux_ext == 1)
1770 pr_warn_once("conflicting posix mount options specified\n");
1771 ctx->linux_ext = 1;
1772 ctx->no_linux_ext = 0;
1773 ctx->nonativesocket = 1; /* POSIX mounts use NFS style reparse points */
1774 }
1775 break;
1776 case Opt_nocase:
1777 ctx->nocase = 1;
1778 break;
1779 case Opt_brl:
1780 if (result.negated) {
1781 /*
1782 * turn off mandatory locking in mode
1783 * if remote locking is turned off since the
1784 * local vfs will do advisory
1785 */
1786 if (ctx->file_mode ==
1787 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1788 ctx->file_mode = S_IALLUGO;
1789 ctx->nobrl = 1;
1790 } else
1791 ctx->nobrl = 0;
1792 break;
1793 case Opt_handlecache:
1794 if (result.negated)
1795 ctx->nohandlecache = 1;
1796 else
1797 ctx->nohandlecache = 0;
1798 break;
1799 case Opt_forcemandatorylock:
1800 ctx->mand_lock = 1;
1801 break;
1802 case Opt_setuids:
1803 ctx->setuids = result.negated;
1804 break;
1805 case Opt_intr:
1806 ctx->intr = !result.negated;
1807 break;
1808 case Opt_setuidfromacl:
1809 ctx->setuidfromacl = 1;
1810 break;
1811 case Opt_strictsync:
1812 ctx->nostrictsync = result.negated;
1813 break;
1814 case Opt_serverino:
1815 ctx->server_ino = !result.negated;
1816 break;
1817 case Opt_rwpidforward:
1818 ctx->rwpidforward = 1;
1819 break;
1820 case Opt_modesid:
1821 ctx->mode_ace = 1;
1822 break;
1823 case Opt_cifsacl:
1824 ctx->cifs_acl = !result.negated;
1825 break;
1826 case Opt_acl:
1827 ctx->no_psx_acl = result.negated;
1828 break;
1829 case Opt_locallease:
1830 ctx->local_lease = 1;
1831 break;
1832 case Opt_sign:
1833 ctx->sign = true;
1834 break;
1835 case Opt_ignore_signature:
1836 ctx->sign = true;
1837 ctx->ignore_signature = true;
1838 break;
1839 case Opt_seal:
1840 /* we do not do the following in secFlags because seal
1841 * is a per tree connection (mount) not a per socket
1842 * or per-smb connection option in the protocol
1843 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1844 */
1845 ctx->seal = 1;
1846 break;
1847 case Opt_noac:
1848 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1849 break;
1850 case Opt_fsc:
1851 #ifndef CONFIG_CIFS_FSCACHE
1852 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1853 goto cifs_parse_mount_err;
1854 #endif
1855 ctx->fsc = true;
1856 break;
1857 case Opt_mfsymlinks:
1858 ctx->mfsymlinks = true;
1859 break;
1860 case Opt_multiuser:
1861 ctx->multiuser = true;
1862 break;
1863 case Opt_sloppy:
1864 ctx->sloppy = true;
1865 break;
1866 case Opt_nosharesock:
1867 ctx->nosharesock = true;
1868 break;
1869 case Opt_persistent:
1870 if (result.negated) {
1871 ctx->nopersistent = true;
1872 if (ctx->persistent) {
1873 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1874 goto cifs_parse_mount_err;
1875 }
1876 } else {
1877 ctx->persistent = true;
1878 if ((ctx->nopersistent) || (ctx->resilient)) {
1879 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1880 goto cifs_parse_mount_err;
1881 }
1882 }
1883 break;
1884 case Opt_resilient:
1885 if (result.negated) {
1886 ctx->resilient = false; /* already the default */
1887 } else {
1888 ctx->resilient = true;
1889 if (ctx->persistent) {
1890 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1891 goto cifs_parse_mount_err;
1892 }
1893 }
1894 break;
1895 case Opt_tcp_nodelay:
1896 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1897 if (result.negated)
1898 ctx->sockopt_tcp_nodelay = false;
1899 else
1900 ctx->sockopt_tcp_nodelay = true;
1901 break;
1902 case Opt_domainauto:
1903 ctx->domainauto = true;
1904 break;
1905 case Opt_rdma:
1906 ctx->rdma = true;
1907 break;
1908 case Opt_reparse:
1909 if (parse_reparse_flavor(fc, param->string, ctx))
1910 goto cifs_parse_mount_err;
1911 break;
1912 case Opt_nativesocket:
1913 ctx->nonativesocket = result.negated;
1914 break;
1915 case Opt_symlink:
1916 if (parse_symlink_flavor(fc, param->string, ctx))
1917 goto cifs_parse_mount_err;
1918 break;
1919 case Opt_symlinkroot:
1920 if (param->string[0] != '/') {
1921 cifs_errorf(fc, "symlinkroot mount options must be absolute path\n");
1922 goto cifs_parse_mount_err;
1923 }
1924 if (strnlen(param->string, PATH_MAX) == PATH_MAX) {
1925 cifs_errorf(fc, "symlinkroot path too long (max path length: %u)\n",
1926 PATH_MAX - 1);
1927 goto cifs_parse_mount_err;
1928 }
1929 kfree(ctx->symlinkroot);
1930 ctx->symlinkroot = param->string;
1931 param->string = NULL;
1932 break;
1933 }
1934 /* case Opt_ignore: - is ignored as expected ... */
1935
1936 if (ctx->multiuser && ctx->upcall_target == UPTARGET_MOUNT) {
1937 cifs_errorf(fc, "multiuser mount option not supported with upcalltarget set as 'mount'\n");
1938 goto cifs_parse_mount_err;
1939 }
1940
1941 return 0;
1942
1943 cifs_parse_mount_err:
1944 kfree_sensitive(ctx->password);
1945 ctx->password = NULL;
1946 kfree_sensitive(ctx->password2);
1947 ctx->password2 = NULL;
1948 kfree(ctx->source);
1949 ctx->source = NULL;
1950 kfree(fc->source);
1951 fc->source = NULL;
1952 return -EINVAL;
1953 }
1954
smb3_init_fs_context(struct fs_context * fc)1955 int smb3_init_fs_context(struct fs_context *fc)
1956 {
1957 struct smb3_fs_context *ctx;
1958 char *nodename = utsname()->nodename;
1959 int i;
1960
1961 ctx = kzalloc_obj(struct smb3_fs_context);
1962 if (unlikely(!ctx))
1963 return -ENOMEM;
1964
1965 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1966
1967 /*
1968 * does not have to be perfect mapping since field is
1969 * informational, only used for servers that do not support
1970 * port 445 and it can be overridden at mount time
1971 */
1972 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1973 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1974 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1975 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1976
1977 /*
1978 * null target name indicates to use *SMBSERVR default called name
1979 * if we end up sending RFC1001 session initialize
1980 */
1981 ctx->target_rfc1001_name[0] = 0;
1982
1983 ctx->rfc1001_sessinit = -1; /* autodetect based on port number */
1984
1985 ctx->cred_uid = current_uid();
1986 ctx->linux_uid = current_uid();
1987 ctx->linux_gid = current_gid();
1988 /* By default 4MB read ahead size, 1MB block size */
1989 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1990 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1991
1992 /*
1993 * default to SFM style remapping of seven reserved characters
1994 * unless user overrides it or we negotiate CIFS POSIX where
1995 * it is unnecessary. Can not simultaneously use more than one mapping
1996 * since then readdir could list files that open could not open
1997 */
1998 ctx->remap = true;
1999
2000 /* default to only allowing write access to owner of the mount */
2001 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
2002
2003 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
2004 /* default is always to request posix paths. */
2005 ctx->posix_paths = 1;
2006 /* default to using server inode numbers where available */
2007 ctx->server_ino = 1;
2008
2009 /* default is to use strict cifs caching semantics */
2010 ctx->strict_io = true;
2011
2012 ctx->acregmax = CIFS_DEF_ACTIMEO;
2013 ctx->acdirmax = CIFS_DEF_ACTIMEO;
2014 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
2015 ctx->max_cached_dirs = MAX_CACHED_FIDS;
2016 /* Most clients set timeout to 0, allows server to use its default */
2017 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
2018
2019 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
2020 ctx->ops = &smb30_operations;
2021 ctx->vals = &smbdefault_values;
2022
2023 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
2024
2025 /* default to no multichannel (single server connection) */
2026 ctx->multichannel = false;
2027 ctx->multichannel_specified = false;
2028 ctx->max_channels_specified = false;
2029 ctx->max_channels = 1;
2030
2031 ctx->backupuid_specified = false; /* no backup intent for a user */
2032 ctx->backupgid_specified = false; /* no backup intent for a group */
2033
2034 ctx->retrans = 0;
2035 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
2036 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
2037 ctx->nonativesocket = 0;
2038
2039 ctx->unicode = -1; /* autodetect, but prefer UNICODE mode */
2040
2041 /*
2042 * short int override_uid = -1;
2043 * short int override_gid = -1;
2044 * char *nodename = strdup(utsname()->nodename);
2045 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
2046 */
2047
2048 fc->fs_private = ctx;
2049 fc->ops = &smb3_fs_context_ops;
2050 return 0;
2051 }
2052
2053 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)2054 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
2055 {
2056 if (ctx == NULL)
2057 return;
2058
2059 /*
2060 * Make sure this stays in sync with smb3_fs_context_dup()
2061 */
2062 kfree(ctx->username);
2063 ctx->username = NULL;
2064 kfree_sensitive(ctx->password);
2065 ctx->password = NULL;
2066 kfree_sensitive(ctx->password2);
2067 ctx->password2 = NULL;
2068 kfree(ctx->server_hostname);
2069 ctx->server_hostname = NULL;
2070 kfree(ctx->UNC);
2071 ctx->UNC = NULL;
2072 kfree(ctx->source);
2073 ctx->source = NULL;
2074 kfree(ctx->domainname);
2075 ctx->domainname = NULL;
2076 kfree(ctx->nodename);
2077 ctx->nodename = NULL;
2078 kfree(ctx->iocharset);
2079 ctx->iocharset = NULL;
2080 kfree(ctx->prepath);
2081 ctx->prepath = NULL;
2082 kfree(ctx->leaf_fullpath);
2083 ctx->leaf_fullpath = NULL;
2084 kfree(ctx->dns_dom);
2085 ctx->dns_dom = NULL;
2086 kfree(ctx->symlinkroot);
2087 ctx->symlinkroot = NULL;
2088 }
2089
2090 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)2091 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
2092 {
2093 if (!ctx)
2094 return;
2095 smb3_cleanup_fs_context_contents(ctx);
2096 kfree(ctx);
2097 }
2098
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)2099 unsigned int smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
2100 {
2101 unsigned int sbflags = cifs_sb_flags(cifs_sb);
2102 struct smb3_fs_context *ctx = cifs_sb->ctx;
2103
2104 if (ctx->nodfs)
2105 sbflags |= CIFS_MOUNT_NO_DFS;
2106 else
2107 sbflags &= ~CIFS_MOUNT_NO_DFS;
2108
2109 if (ctx->noperm)
2110 sbflags |= CIFS_MOUNT_NO_PERM;
2111 else
2112 sbflags &= ~CIFS_MOUNT_NO_PERM;
2113
2114 if (ctx->setuids)
2115 sbflags |= CIFS_MOUNT_SET_UID;
2116 else
2117 sbflags &= ~CIFS_MOUNT_SET_UID;
2118
2119 if (ctx->setuidfromacl)
2120 sbflags |= CIFS_MOUNT_UID_FROM_ACL;
2121 else
2122 sbflags &= ~CIFS_MOUNT_UID_FROM_ACL;
2123
2124 if (ctx->server_ino)
2125 sbflags |= CIFS_MOUNT_SERVER_INUM;
2126 else
2127 sbflags &= ~CIFS_MOUNT_SERVER_INUM;
2128
2129 if (ctx->remap)
2130 sbflags |= CIFS_MOUNT_MAP_SFM_CHR;
2131 else
2132 sbflags &= ~CIFS_MOUNT_MAP_SFM_CHR;
2133
2134 if (ctx->sfu_remap)
2135 sbflags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2136 else
2137 sbflags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
2138
2139 if (ctx->no_xattr)
2140 sbflags |= CIFS_MOUNT_NO_XATTR;
2141 else
2142 sbflags &= ~CIFS_MOUNT_NO_XATTR;
2143
2144 if (ctx->sfu_emul)
2145 sbflags |= CIFS_MOUNT_UNX_EMUL;
2146 else
2147 sbflags &= ~CIFS_MOUNT_UNX_EMUL;
2148
2149 if (ctx->nobrl)
2150 sbflags |= CIFS_MOUNT_NO_BRL;
2151 else
2152 sbflags &= ~CIFS_MOUNT_NO_BRL;
2153
2154 if (ctx->nohandlecache)
2155 sbflags |= CIFS_MOUNT_NO_HANDLE_CACHE;
2156 else
2157 sbflags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
2158
2159 if (ctx->nostrictsync)
2160 sbflags |= CIFS_MOUNT_NOSSYNC;
2161 else
2162 sbflags &= ~CIFS_MOUNT_NOSSYNC;
2163
2164 if (ctx->mand_lock)
2165 sbflags |= CIFS_MOUNT_NOPOSIXBRL;
2166 else
2167 sbflags &= ~CIFS_MOUNT_NOPOSIXBRL;
2168
2169 if (ctx->rwpidforward)
2170 sbflags |= CIFS_MOUNT_RWPIDFORWARD;
2171 else
2172 sbflags &= ~CIFS_MOUNT_RWPIDFORWARD;
2173
2174 if (ctx->mode_ace)
2175 sbflags |= CIFS_MOUNT_MODE_FROM_SID;
2176 else
2177 sbflags &= ~CIFS_MOUNT_MODE_FROM_SID;
2178
2179 if (ctx->cifs_acl)
2180 sbflags |= CIFS_MOUNT_CIFS_ACL;
2181 else
2182 sbflags &= ~CIFS_MOUNT_CIFS_ACL;
2183
2184 if (ctx->backupuid_specified)
2185 sbflags |= CIFS_MOUNT_CIFS_BACKUPUID;
2186 else
2187 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
2188
2189 if (ctx->backupgid_specified)
2190 sbflags |= CIFS_MOUNT_CIFS_BACKUPGID;
2191 else
2192 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
2193
2194 if (ctx->override_uid)
2195 sbflags |= CIFS_MOUNT_OVERR_UID;
2196 else
2197 sbflags &= ~CIFS_MOUNT_OVERR_UID;
2198
2199 if (ctx->override_gid)
2200 sbflags |= CIFS_MOUNT_OVERR_GID;
2201 else
2202 sbflags &= ~CIFS_MOUNT_OVERR_GID;
2203
2204 if (ctx->dynperm)
2205 sbflags |= CIFS_MOUNT_DYNPERM;
2206 else
2207 sbflags &= ~CIFS_MOUNT_DYNPERM;
2208
2209 if (ctx->fsc)
2210 sbflags |= CIFS_MOUNT_FSCACHE;
2211 else
2212 sbflags &= ~CIFS_MOUNT_FSCACHE;
2213
2214 if (ctx->multiuser)
2215 sbflags |= CIFS_MOUNT_MULTIUSER | CIFS_MOUNT_NO_PERM;
2216 else
2217 sbflags &= ~CIFS_MOUNT_MULTIUSER;
2218
2219
2220 if (ctx->strict_io)
2221 sbflags |= CIFS_MOUNT_STRICT_IO;
2222 else
2223 sbflags &= ~CIFS_MOUNT_STRICT_IO;
2224
2225 if (ctx->direct_io)
2226 sbflags |= CIFS_MOUNT_DIRECT_IO;
2227 else
2228 sbflags &= ~CIFS_MOUNT_DIRECT_IO;
2229
2230 if (ctx->mfsymlinks)
2231 sbflags |= CIFS_MOUNT_MF_SYMLINKS;
2232 else
2233 sbflags &= ~CIFS_MOUNT_MF_SYMLINKS;
2234
2235 if (ctx->mfsymlinks && ctx->sfu_emul) {
2236 /*
2237 * Our SFU ("Services for Unix") emulation allows now
2238 * creating new and reading existing SFU symlinks.
2239 * Older Linux kernel versions were not able to neither
2240 * read existing nor create new SFU symlinks. But
2241 * creating and reading SFU style mknod and FIFOs was
2242 * supported for long time. When "mfsymlinks" and
2243 * "sfu" are both enabled at the same time, it allows
2244 * reading both types of symlinks, but will only create
2245 * them with mfsymlinks format. This allows better
2246 * Apple compatibility, compatibility with older Linux
2247 * kernel clients (probably better for Samba too)
2248 * while still recognizing old Windows style symlinks.
2249 */
2250 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
2251 }
2252 sbflags &= ~CIFS_MOUNT_SHUTDOWN;
2253 atomic_set(&cifs_sb->mnt_cifs_flags, sbflags);
2254 return sbflags;
2255 }
2256