1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifsglob.h" 30 #include "cifsproto.h" 31 #include "cifs_unicode.h" 32 #include "cifs_debug.h" 33 #include "cifs_fs_sb.h" 34 #include "ntlmssp.h" 35 #include "nterr.h" 36 #include "rfc1002pdu.h" 37 #include "fs_context.h" 38 39 DEFINE_MUTEX(cifs_mount_mutex); 40 41 static const match_table_t cifs_smb_version_tokens = { 42 { Smb_1, SMB1_VERSION_STRING }, 43 { Smb_20, SMB20_VERSION_STRING}, 44 { Smb_21, SMB21_VERSION_STRING }, 45 { Smb_30, SMB30_VERSION_STRING }, 46 { Smb_302, SMB302_VERSION_STRING }, 47 { Smb_302, ALT_SMB302_VERSION_STRING }, 48 { Smb_311, SMB311_VERSION_STRING }, 49 { Smb_311, ALT_SMB311_VERSION_STRING }, 50 { Smb_3any, SMB3ANY_VERSION_STRING }, 51 { Smb_default, SMBDEFAULT_VERSION_STRING }, 52 { Smb_version_err, NULL } 53 }; 54 55 static const match_table_t cifs_secflavor_tokens = { 56 { Opt_sec_krb5, "krb5" }, 57 { Opt_sec_krb5i, "krb5i" }, 58 { Opt_sec_krb5p, "krb5p" }, 59 { Opt_sec_ntlmsspi, "ntlmsspi" }, 60 { Opt_sec_ntlmssp, "ntlmssp" }, 61 { Opt_sec_ntlmv2, "nontlm" }, 62 { Opt_sec_ntlmv2, "ntlmv2" }, 63 { Opt_sec_ntlmv2i, "ntlmv2i" }, 64 { Opt_sec_none, "none" }, 65 66 { Opt_sec_err, NULL } 67 }; 68 69 static const match_table_t cifs_upcall_target = { 70 { Opt_upcall_target_mount, "mount" }, 71 { Opt_upcall_target_application, "app" }, 72 { Opt_upcall_target_err, NULL } 73 }; 74 75 const struct fs_parameter_spec smb3_fs_parameters[] = { 76 /* Mount options that take no arguments */ 77 fsparam_flag_no("user_xattr", Opt_user_xattr), 78 fsparam_flag_no("forceuid", Opt_forceuid), 79 fsparam_flag_no("multichannel", Opt_multichannel), 80 fsparam_flag_no("forcegid", Opt_forcegid), 81 fsparam_flag("noblocksend", Opt_noblocksend), 82 fsparam_flag("noautotune", Opt_noautotune), 83 fsparam_flag_no("lease", Opt_lease), 84 fsparam_flag_no("hard", Opt_hard), 85 fsparam_flag_no("soft", Opt_soft), 86 fsparam_flag_no("perm", Opt_perm), 87 fsparam_flag("nodelete", Opt_nodelete), 88 fsparam_flag_no("mapposix", Opt_mapposix), 89 fsparam_flag("mapchars", Opt_mapchars), 90 fsparam_flag("nomapchars", Opt_nomapchars), 91 fsparam_flag_no("sfu", Opt_sfu), 92 fsparam_flag("nodfs", Opt_nodfs), 93 fsparam_flag_no("posixpaths", Opt_posixpaths), 94 fsparam_flag_no("unix", Opt_unix), 95 fsparam_flag_no("linux", Opt_unix), 96 fsparam_flag_no("posix", Opt_unix), 97 fsparam_flag("nocase", Opt_nocase), 98 fsparam_flag("ignorecase", Opt_nocase), 99 fsparam_flag_no("brl", Opt_brl), 100 fsparam_flag_no("handlecache", Opt_handlecache), 101 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 102 fsparam_flag("forcemand", Opt_forcemandatorylock), 103 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 104 fsparam_flag("idsfromsid", Opt_setuidfromacl), 105 fsparam_flag_no("setuids", Opt_setuids), 106 fsparam_flag_no("dynperm", Opt_dynperm), 107 fsparam_flag_no("intr", Opt_intr), 108 fsparam_flag_no("strictsync", Opt_strictsync), 109 fsparam_flag_no("serverino", Opt_serverino), 110 fsparam_flag("rwpidforward", Opt_rwpidforward), 111 fsparam_flag("cifsacl", Opt_cifsacl), 112 fsparam_flag_no("acl", Opt_acl), 113 fsparam_flag("locallease", Opt_locallease), 114 fsparam_flag("sign", Opt_sign), 115 fsparam_flag("ignore_signature", Opt_ignore_signature), 116 fsparam_flag("signloosely", Opt_ignore_signature), 117 fsparam_flag("seal", Opt_seal), 118 fsparam_flag("noac", Opt_noac), 119 fsparam_flag("fsc", Opt_fsc), 120 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 121 fsparam_flag("multiuser", Opt_multiuser), 122 fsparam_flag("sloppy", Opt_sloppy), 123 fsparam_flag("nosharesock", Opt_nosharesock), 124 fsparam_flag_no("persistenthandles", Opt_persistent), 125 fsparam_flag_no("resilienthandles", Opt_resilient), 126 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 127 fsparam_flag("nosparse", Opt_nosparse), 128 fsparam_flag("domainauto", Opt_domainauto), 129 fsparam_flag("rdma", Opt_rdma), 130 fsparam_flag("modesid", Opt_modesid), 131 fsparam_flag("modefromsid", Opt_modesid), 132 fsparam_flag("rootfs", Opt_rootfs), 133 fsparam_flag("compress", Opt_compress), 134 fsparam_flag("witness", Opt_witness), 135 fsparam_flag_no("nativesocket", Opt_nativesocket), 136 fsparam_flag_no("unicode", Opt_unicode), 137 fsparam_flag_no("nbsessinit", Opt_nbsessinit), 138 139 /* Mount options which take uid or gid */ 140 fsparam_uid("backupuid", Opt_backupuid), 141 fsparam_gid("backupgid", Opt_backupgid), 142 fsparam_uid("uid", Opt_uid), 143 fsparam_uid("cruid", Opt_cruid), 144 fsparam_gid("gid", Opt_gid), 145 146 /* Mount options which take numeric value */ 147 fsparam_u32("file_mode", Opt_file_mode), 148 fsparam_u32("dirmode", Opt_dirmode), 149 fsparam_u32("dir_mode", Opt_dirmode), 150 fsparam_u32("port", Opt_port), 151 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 152 fsparam_u32("retrans", Opt_retrans), 153 fsparam_u32("esize", Opt_min_enc_offload), 154 fsparam_u32("bsize", Opt_blocksize), 155 fsparam_u32("rasize", Opt_rasize), 156 fsparam_u32("rsize", Opt_rsize), 157 fsparam_u32("wsize", Opt_wsize), 158 fsparam_u32("actimeo", Opt_actimeo), 159 fsparam_u32("acdirmax", Opt_acdirmax), 160 fsparam_u32("acregmax", Opt_acregmax), 161 fsparam_u32("closetimeo", Opt_closetimeo), 162 fsparam_u32("echo_interval", Opt_echo_interval), 163 fsparam_u32("max_credits", Opt_max_credits), 164 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs), 165 fsparam_u32("handletimeout", Opt_handletimeout), 166 fsparam_u64("snapshot", Opt_snapshot), 167 fsparam_u32("max_channels", Opt_max_channels), 168 169 /* Mount options which take string value */ 170 fsparam_string("source", Opt_source), 171 fsparam_string("user", Opt_user), 172 fsparam_string("username", Opt_user), 173 fsparam_string("pass", Opt_pass), 174 fsparam_string("password", Opt_pass), 175 fsparam_string("pass2", Opt_pass2), 176 fsparam_string("password2", Opt_pass2), 177 fsparam_string("ip", Opt_ip), 178 fsparam_string("addr", Opt_ip), 179 fsparam_string("domain", Opt_domain), 180 fsparam_string("dom", Opt_domain), 181 fsparam_string("srcaddr", Opt_srcaddr), 182 fsparam_string("iocharset", Opt_iocharset), 183 fsparam_string("netbiosname", Opt_netbiosname), 184 fsparam_string("servern", Opt_servern), 185 fsparam_string("ver", Opt_ver), 186 fsparam_string("vers", Opt_vers), 187 fsparam_string("sec", Opt_sec), 188 fsparam_string("cache", Opt_cache), 189 fsparam_string("reparse", Opt_reparse), 190 fsparam_string("upcall_target", Opt_upcalltarget), 191 fsparam_string("symlink", Opt_symlink), 192 fsparam_string("symlinkroot", Opt_symlinkroot), 193 194 /* Arguments that should be ignored */ 195 fsparam_flag("guest", Opt_ignore), 196 fsparam_flag("noatime", Opt_ignore), 197 fsparam_flag("relatime", Opt_ignore), 198 fsparam_flag("_netdev", Opt_ignore), 199 fsparam_flag_no("suid", Opt_ignore), 200 fsparam_flag_no("exec", Opt_ignore), 201 fsparam_flag_no("dev", Opt_ignore), 202 fsparam_flag_no("mand", Opt_ignore), 203 fsparam_flag_no("auto", Opt_ignore), 204 fsparam_string("cred", Opt_ignore), 205 fsparam_string("credentials", Opt_ignore), 206 /* 207 * UNC and prefixpath is now extracted from Opt_source 208 * in the new mount API so we can just ignore them going forward. 209 */ 210 fsparam_string("unc", Opt_ignore), 211 fsparam_string("prefixpath", Opt_ignore), 212 {} 213 }; 214 215 static int 216 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 217 { 218 219 substring_t args[MAX_OPT_ARGS]; 220 221 /* 222 * With mount options, the last one should win. Reset any existing 223 * settings back to default. 224 */ 225 ctx->sectype = Unspecified; 226 ctx->sign = false; 227 228 switch (match_token(value, cifs_secflavor_tokens, args)) { 229 case Opt_sec_krb5p: 230 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n"); 231 return 1; 232 case Opt_sec_krb5i: 233 ctx->sign = true; 234 fallthrough; 235 case Opt_sec_krb5: 236 ctx->sectype = Kerberos; 237 break; 238 case Opt_sec_ntlmsspi: 239 ctx->sign = true; 240 fallthrough; 241 case Opt_sec_ntlmssp: 242 ctx->sectype = RawNTLMSSP; 243 break; 244 case Opt_sec_ntlmv2i: 245 ctx->sign = true; 246 fallthrough; 247 case Opt_sec_ntlmv2: 248 ctx->sectype = NTLMv2; 249 break; 250 case Opt_sec_none: 251 ctx->nullauth = 1; 252 kfree(ctx->username); 253 ctx->username = NULL; 254 break; 255 default: 256 cifs_errorf(fc, "bad security option: %s\n", value); 257 return 1; 258 } 259 260 return 0; 261 } 262 263 static int 264 cifs_parse_upcall_target(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 265 { 266 substring_t args[MAX_OPT_ARGS]; 267 268 ctx->upcall_target = UPTARGET_UNSPECIFIED; 269 270 switch (match_token(value, cifs_upcall_target, args)) { 271 case Opt_upcall_target_mount: 272 ctx->upcall_target = UPTARGET_MOUNT; 273 break; 274 case Opt_upcall_target_application: 275 ctx->upcall_target = UPTARGET_APP; 276 break; 277 278 default: 279 cifs_errorf(fc, "bad upcall target: %s\n", value); 280 return 1; 281 } 282 283 return 0; 284 } 285 286 static const match_table_t cifs_cacheflavor_tokens = { 287 { Opt_cache_loose, "loose" }, 288 { Opt_cache_strict, "strict" }, 289 { Opt_cache_none, "none" }, 290 { Opt_cache_ro, "ro" }, 291 { Opt_cache_rw, "singleclient" }, 292 { Opt_cache_err, NULL } 293 }; 294 295 static int 296 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 297 { 298 substring_t args[MAX_OPT_ARGS]; 299 300 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 301 case Opt_cache_loose: 302 ctx->direct_io = false; 303 ctx->strict_io = false; 304 ctx->cache_ro = false; 305 ctx->cache_rw = false; 306 break; 307 case Opt_cache_strict: 308 ctx->direct_io = false; 309 ctx->strict_io = true; 310 ctx->cache_ro = false; 311 ctx->cache_rw = false; 312 break; 313 case Opt_cache_none: 314 ctx->direct_io = true; 315 ctx->strict_io = false; 316 ctx->cache_ro = false; 317 ctx->cache_rw = false; 318 break; 319 case Opt_cache_ro: 320 ctx->direct_io = false; 321 ctx->strict_io = false; 322 ctx->cache_ro = true; 323 ctx->cache_rw = false; 324 break; 325 case Opt_cache_rw: 326 ctx->direct_io = false; 327 ctx->strict_io = false; 328 ctx->cache_ro = false; 329 ctx->cache_rw = true; 330 break; 331 default: 332 cifs_errorf(fc, "bad cache= option: %s\n", value); 333 return 1; 334 } 335 return 0; 336 } 337 338 static const match_table_t reparse_flavor_tokens = { 339 { Opt_reparse_default, "default" }, 340 { Opt_reparse_none, "none" }, 341 { Opt_reparse_nfs, "nfs" }, 342 { Opt_reparse_wsl, "wsl" }, 343 { Opt_reparse_err, NULL }, 344 }; 345 346 static int parse_reparse_flavor(struct fs_context *fc, char *value, 347 struct smb3_fs_context *ctx) 348 { 349 substring_t args[MAX_OPT_ARGS]; 350 351 switch (match_token(value, reparse_flavor_tokens, args)) { 352 case Opt_reparse_default: 353 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT; 354 break; 355 case Opt_reparse_none: 356 ctx->reparse_type = CIFS_REPARSE_TYPE_NONE; 357 break; 358 case Opt_reparse_nfs: 359 ctx->reparse_type = CIFS_REPARSE_TYPE_NFS; 360 break; 361 case Opt_reparse_wsl: 362 ctx->reparse_type = CIFS_REPARSE_TYPE_WSL; 363 break; 364 default: 365 cifs_errorf(fc, "bad reparse= option: %s\n", value); 366 return 1; 367 } 368 return 0; 369 } 370 371 static const match_table_t symlink_flavor_tokens = { 372 { Opt_symlink_default, "default" }, 373 { Opt_symlink_none, "none" }, 374 { Opt_symlink_native, "native" }, 375 { Opt_symlink_unix, "unix" }, 376 { Opt_symlink_mfsymlinks, "mfsymlinks" }, 377 { Opt_symlink_sfu, "sfu" }, 378 { Opt_symlink_nfs, "nfs" }, 379 { Opt_symlink_wsl, "wsl" }, 380 { Opt_symlink_err, NULL }, 381 }; 382 383 static int parse_symlink_flavor(struct fs_context *fc, char *value, 384 struct smb3_fs_context *ctx) 385 { 386 substring_t args[MAX_OPT_ARGS]; 387 388 switch (match_token(value, symlink_flavor_tokens, args)) { 389 case Opt_symlink_default: 390 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT; 391 break; 392 case Opt_symlink_none: 393 ctx->symlink_type = CIFS_SYMLINK_TYPE_NONE; 394 break; 395 case Opt_symlink_native: 396 ctx->symlink_type = CIFS_SYMLINK_TYPE_NATIVE; 397 break; 398 case Opt_symlink_unix: 399 ctx->symlink_type = CIFS_SYMLINK_TYPE_UNIX; 400 break; 401 case Opt_symlink_mfsymlinks: 402 ctx->symlink_type = CIFS_SYMLINK_TYPE_MFSYMLINKS; 403 break; 404 case Opt_symlink_sfu: 405 ctx->symlink_type = CIFS_SYMLINK_TYPE_SFU; 406 break; 407 case Opt_symlink_nfs: 408 ctx->symlink_type = CIFS_SYMLINK_TYPE_NFS; 409 break; 410 case Opt_symlink_wsl: 411 ctx->symlink_type = CIFS_SYMLINK_TYPE_WSL; 412 break; 413 default: 414 cifs_errorf(fc, "bad symlink= option: %s\n", value); 415 return 1; 416 } 417 return 0; 418 } 419 420 #define DUP_CTX_STR(field) \ 421 do { \ 422 if (ctx->field) { \ 423 new_ctx->field = kstrdup(ctx->field, GFP_KERNEL); \ 424 if (new_ctx->field == NULL) { \ 425 smb3_cleanup_fs_context_contents(new_ctx); \ 426 return -ENOMEM; \ 427 } \ 428 } \ 429 } while (0) 430 431 int 432 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 433 { 434 memcpy(new_ctx, ctx, sizeof(*ctx)); 435 new_ctx->prepath = NULL; 436 new_ctx->nodename = NULL; 437 new_ctx->username = NULL; 438 new_ctx->password = NULL; 439 new_ctx->password2 = NULL; 440 new_ctx->server_hostname = NULL; 441 new_ctx->domainname = NULL; 442 new_ctx->UNC = NULL; 443 new_ctx->source = NULL; 444 new_ctx->iocharset = NULL; 445 new_ctx->leaf_fullpath = NULL; 446 new_ctx->dns_dom = NULL; 447 new_ctx->symlinkroot = NULL; 448 /* 449 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 450 */ 451 DUP_CTX_STR(prepath); 452 DUP_CTX_STR(username); 453 DUP_CTX_STR(password); 454 DUP_CTX_STR(password2); 455 DUP_CTX_STR(server_hostname); 456 DUP_CTX_STR(UNC); 457 DUP_CTX_STR(source); 458 DUP_CTX_STR(domainname); 459 DUP_CTX_STR(nodename); 460 DUP_CTX_STR(iocharset); 461 DUP_CTX_STR(leaf_fullpath); 462 DUP_CTX_STR(dns_dom); 463 DUP_CTX_STR(symlinkroot); 464 465 return 0; 466 } 467 468 static int 469 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 470 { 471 substring_t args[MAX_OPT_ARGS]; 472 473 switch (match_token(value, cifs_smb_version_tokens, args)) { 474 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 475 case Smb_1: 476 if (disable_legacy_dialects) { 477 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 478 return 1; 479 } 480 if (is_smb3) { 481 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 482 return 1; 483 } 484 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 485 ctx->ops = &smb1_operations; 486 ctx->vals = &smb1_values; 487 break; 488 case Smb_20: 489 if (disable_legacy_dialects) { 490 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 491 return 1; 492 } 493 if (is_smb3) { 494 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 495 return 1; 496 } 497 ctx->ops = &smb20_operations; 498 ctx->vals = &smb20_values; 499 break; 500 #else 501 case Smb_1: 502 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 503 return 1; 504 case Smb_20: 505 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 506 return 1; 507 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */ 508 case Smb_21: 509 ctx->ops = &smb21_operations; 510 ctx->vals = &smb21_values; 511 break; 512 case Smb_30: 513 ctx->ops = &smb30_operations; 514 ctx->vals = &smb30_values; 515 break; 516 case Smb_302: 517 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 518 ctx->vals = &smb302_values; 519 break; 520 case Smb_311: 521 ctx->ops = &smb311_operations; 522 ctx->vals = &smb311_values; 523 break; 524 case Smb_3any: 525 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 526 ctx->vals = &smb3any_values; 527 break; 528 case Smb_default: 529 ctx->ops = &smb30_operations; 530 ctx->vals = &smbdefault_values; 531 break; 532 default: 533 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 534 return 1; 535 } 536 return 0; 537 } 538 539 /* 540 * Remove duplicate path delimiters. Windows is supposed to do that 541 * but there are some bugs that prevent rename from working if there are 542 * multiple delimiters. 543 * 544 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 545 * Otherwise, return ERR_PTR. 546 * 547 * @gfp indicates the GFP_* flags for kstrdup. 548 * The caller is responsible for freeing the original. 549 */ 550 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 551 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 552 { 553 char *cursor1 = prepath, *cursor2 = prepath; 554 char *s; 555 556 /* skip all prepended delimiters */ 557 while (IS_DELIM(*cursor1)) 558 cursor1++; 559 560 /* exit in case of only delimiters */ 561 if (!*cursor1) 562 return NULL; 563 564 /* copy the first letter */ 565 *cursor2 = *cursor1; 566 567 /* copy the remainder... */ 568 while (*(cursor1++)) { 569 /* ... skipping all duplicated delimiters */ 570 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 571 continue; 572 *(++cursor2) = *cursor1; 573 } 574 575 /* if the last character is a delimiter, skip it */ 576 if (IS_DELIM(*(cursor2 - 1))) 577 cursor2--; 578 579 *cursor2 = '\0'; 580 if (!*prepath) 581 return NULL; 582 s = kstrdup(prepath, gfp); 583 if (!s) 584 return ERR_PTR(-ENOMEM); 585 return s; 586 } 587 588 /* 589 * Return full path based on the values of @ctx->{UNC,prepath}. 590 * 591 * It is assumed that both values were already parsed by smb3_parse_devname(). 592 */ 593 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 594 { 595 size_t ulen, plen; 596 char *s; 597 598 ulen = strlen(ctx->UNC); 599 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 600 601 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 602 if (!s) 603 return ERR_PTR(-ENOMEM); 604 memcpy(s, ctx->UNC, ulen); 605 if (plen) { 606 s[ulen] = dirsep; 607 memcpy(s + ulen + 1, ctx->prepath, plen); 608 } 609 s[ulen + plen] = '\0'; 610 convert_delimiter(s, dirsep); 611 return s; 612 } 613 614 /* 615 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 616 * fields with the result. Returns 0 on success and an error otherwise 617 * (e.g. ENOMEM or EINVAL) 618 */ 619 int 620 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 621 { 622 char *pos; 623 const char *delims = "/\\"; 624 size_t len; 625 int rc; 626 627 if (unlikely(!devname || !*devname)) { 628 cifs_dbg(VFS, "Device name not specified\n"); 629 return -EINVAL; 630 } 631 632 /* make sure we have a valid UNC double delimiter prefix */ 633 len = strspn(devname, delims); 634 if (len != 2) { 635 cifs_dbg(VFS, "UNC: path must begin with // or \\\\\n"); 636 return -EINVAL; 637 } 638 639 /* find delimiter between host and sharename */ 640 pos = strpbrk(devname + 2, delims); 641 if (!pos) { 642 cifs_dbg(VFS, "UNC: missing delimiter between hostname and share name\n"); 643 return -EINVAL; 644 } 645 646 /* record the server hostname */ 647 kfree(ctx->server_hostname); 648 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 649 if (!ctx->server_hostname) 650 return -ENOMEM; 651 652 /* skip past delimiter */ 653 ++pos; 654 655 /* now go until next delimiter or end of string */ 656 len = strcspn(pos, delims); 657 if (!len) { 658 cifs_dbg(VFS, "UNC: missing share name\n"); 659 return -EINVAL; 660 } 661 662 /* move "pos" up to delimiter or NULL */ 663 pos += len; 664 kfree(ctx->UNC); 665 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 666 if (!ctx->UNC) 667 return -ENOMEM; 668 669 convert_delimiter(ctx->UNC, '\\'); 670 671 /* skip any delimiter */ 672 if (*pos == '/' || *pos == '\\') 673 pos++; 674 675 kfree(ctx->prepath); 676 ctx->prepath = NULL; 677 678 /* If pos is NULL then no prepath */ 679 if (!*pos) 680 return 0; 681 682 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 683 if (IS_ERR(ctx->prepath)) { 684 rc = PTR_ERR(ctx->prepath); 685 ctx->prepath = NULL; 686 return rc; 687 } 688 689 return 0; 690 } 691 692 static int smb3_handle_conflicting_options(struct fs_context *fc) 693 { 694 struct smb3_fs_context *ctx = smb3_fc2context(fc); 695 696 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 697 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 698 return -EOPNOTSUPP; 699 } 700 701 if (ctx->multiuser && !IS_ENABLED(CONFIG_KEYS)) { 702 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 703 return -EOPNOTSUPP; 704 } 705 706 if (ctx->multiuser && ctx->upcall_target == UPTARGET_MOUNT) { 707 cifs_errorf(fc, "multiuser mount option not supported with upcalltarget set as 'mount'\n"); 708 return -EINVAL; 709 } 710 711 if (ctx->uid_specified && !ctx->forceuid_specified) { 712 ctx->override_uid = 1; 713 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n"); 714 } 715 716 if (ctx->gid_specified && !ctx->forcegid_specified) { 717 ctx->override_gid = 1; 718 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n"); 719 } 720 721 if (ctx->override_uid && !ctx->uid_specified) { 722 ctx->override_uid = 0; 723 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 724 } 725 726 if (ctx->override_gid && !ctx->gid_specified) { 727 ctx->override_gid = 0; 728 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 729 } 730 731 if (ctx->multichannel_specified) { 732 if (ctx->multichannel) { 733 if (!ctx->max_channels_specified) { 734 ctx->max_channels = 2; 735 } else if (ctx->max_channels == 1) { 736 cifs_errorf(fc, 737 "max_channels must be greater than 1 when multichannel is enabled\n"); 738 return -EINVAL; 739 } 740 } else { 741 if (!ctx->max_channels_specified) { 742 ctx->max_channels = 1; 743 } else if (ctx->max_channels > 1) { 744 cifs_errorf(fc, 745 "max_channels must be equal to 1 when multichannel is disabled\n"); 746 return -EINVAL; 747 } 748 } 749 } else if (ctx->max_channels_specified) { 750 if (ctx->max_channels > 1) 751 ctx->multichannel = true; 752 else 753 ctx->multichannel = false; 754 } 755 756 /* clear parse-time latches so they don't persist across remounts */ 757 ctx->multichannel_specified = false; 758 ctx->max_channels_specified = false; 759 760 return 0; 761 } 762 763 static void smb3_fs_context_free(struct fs_context *fc); 764 static int smb3_fs_context_parse_param(struct fs_context *fc, 765 struct fs_parameter *param); 766 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 767 void *data); 768 static int smb3_get_tree(struct fs_context *fc); 769 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, size_t max_channels); 770 static int smb3_reconfigure(struct fs_context *fc); 771 772 static const struct fs_context_operations smb3_fs_context_ops = { 773 .free = smb3_fs_context_free, 774 .parse_param = smb3_fs_context_parse_param, 775 .parse_monolithic = smb3_fs_context_parse_monolithic, 776 .get_tree = smb3_get_tree, 777 .reconfigure = smb3_reconfigure, 778 }; 779 780 /* 781 * Parse a monolithic block of data from sys_mount(). 782 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 783 * @ctx: The superblock configuration to fill in. 784 * @data: The data to parse 785 * 786 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 787 * called from the ->monolithic_mount_data() fs_context operation. 788 * 789 * Returns 0 on success or the error returned by the ->parse_option() fs_context 790 * operation on failure. 791 */ 792 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 793 void *data) 794 { 795 char *options = data, *key; 796 int ret = 0; 797 798 if (!options) 799 return 0; 800 801 ret = security_sb_eat_lsm_opts(options, &fc->security); 802 if (ret) 803 return ret; 804 805 /* BB Need to add support for sep= here TBD */ 806 while ((key = strsep(&options, ",")) != NULL) { 807 size_t len; 808 char *value; 809 810 if (*key == 0) 811 break; 812 813 /* Check if following character is the deliminator If yes, 814 * we have encountered a double deliminator reset the NULL 815 * character to the deliminator 816 */ 817 while (options && options[0] == ',') { 818 len = strlen(key); 819 strcpy(key + len, options); 820 options = strchr(options, ','); 821 if (options) 822 *options++ = 0; 823 } 824 825 826 value = strchr(key, '='); 827 if (value) { 828 if (value == key) 829 continue; 830 *value++ = 0; 831 } 832 833 ret = vfs_parse_fs_string(fc, key, value); 834 if (ret < 0) 835 break; 836 } 837 return ret; 838 } 839 840 /* 841 * smb3_fs_context_validate - check initial-mount-only constraints: 842 * UNC presence, address resolution, dialect warnings 843 * 844 * @fc: generic mount context 845 */ 846 static int smb3_fs_context_validate(struct fs_context *fc) 847 { 848 struct smb3_fs_context *ctx = smb3_fc2context(fc); 849 int rc; 850 851 rc = smb3_handle_conflicting_options(fc); 852 if (rc) 853 return rc; 854 855 if (ctx->got_version == false) 856 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 857 858 859 if (!ctx->UNC) { 860 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 861 return -1; 862 } 863 864 /* make sure UNC has a share name */ 865 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 866 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 867 return -ENOENT; 868 } 869 870 if (!ctx->got_ip) { 871 int len; 872 const char *slash; 873 874 /* No ip= option specified? Try to get it from UNC */ 875 /* Use the address part of the UNC. */ 876 slash = strchr(&ctx->UNC[2], '\\'); 877 len = slash - &ctx->UNC[2]; 878 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 879 &ctx->UNC[2], len)) { 880 pr_err("Unable to determine destination address\n"); 881 return -EHOSTUNREACH; 882 } 883 } 884 885 /* set the port that we got earlier */ 886 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 887 888 return 0; 889 } 890 891 static int smb3_get_tree_common(struct fs_context *fc) 892 { 893 struct smb3_fs_context *ctx = smb3_fc2context(fc); 894 struct dentry *root; 895 int rc = 0; 896 897 root = cifs_smb3_do_mount(fc, ctx); 898 if (IS_ERR(root)) 899 return PTR_ERR(root); 900 901 fc->root = root; 902 903 return rc; 904 } 905 906 /* 907 * Create an SMB3 superblock from the parameters passed. 908 */ 909 static int smb3_get_tree(struct fs_context *fc) 910 { 911 int err = smb3_fs_context_validate(fc); 912 int ret; 913 914 if (err) 915 return err; 916 cifs_mount_lock(); 917 ret = smb3_get_tree_common(fc); 918 cifs_mount_unlock(); 919 return ret; 920 } 921 922 static void smb3_fs_context_free(struct fs_context *fc) 923 { 924 struct smb3_fs_context *ctx = smb3_fc2context(fc); 925 926 smb3_cleanup_fs_context(ctx); 927 } 928 929 /* 930 * Compare the old and new proposed context during reconfigure 931 * and check if the changes are compatible. 932 */ 933 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 934 struct smb3_fs_context *new_ctx, 935 struct smb3_fs_context *old_ctx, bool need_recon) 936 { 937 if (new_ctx->posix_paths != old_ctx->posix_paths) { 938 cifs_errorf(fc, "can not change posixpaths during remount\n"); 939 return -EINVAL; 940 } 941 if (new_ctx->sectype != old_ctx->sectype) { 942 cifs_errorf(fc, "can not change sec during remount\n"); 943 return -EINVAL; 944 } 945 if (new_ctx->multiuser != old_ctx->multiuser) { 946 cifs_errorf(fc, "can not change multiuser during remount\n"); 947 return -EINVAL; 948 } 949 if (new_ctx->UNC && 950 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 951 cifs_errorf(fc, "can not change UNC during remount\n"); 952 return -EINVAL; 953 } 954 if (new_ctx->username && 955 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 956 cifs_errorf(fc, "can not change username during remount\n"); 957 return -EINVAL; 958 } 959 if (new_ctx->password && 960 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 961 if (need_recon == false) { 962 cifs_errorf(fc, 963 "can not change password of active session during remount\n"); 964 return -EINVAL; 965 } else if (old_ctx->sectype == Kerberos) { 966 cifs_errorf(fc, 967 "can not change password for Kerberos via remount\n"); 968 return -EINVAL; 969 } 970 } 971 if (new_ctx->domainname && 972 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 973 cifs_errorf(fc, "can not change domainname during remount\n"); 974 return -EINVAL; 975 } 976 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 977 cifs_errorf(fc, "can not change workstation_name during remount\n"); 978 return -EINVAL; 979 } 980 if (new_ctx->nodename && 981 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 982 cifs_errorf(fc, "can not change nodename during remount\n"); 983 return -EINVAL; 984 } 985 if (new_ctx->iocharset && 986 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 987 cifs_errorf(fc, "can not change iocharset during remount\n"); 988 return -EINVAL; 989 } 990 if (new_ctx->unicode != old_ctx->unicode) { 991 cifs_errorf(fc, "can not change unicode during remount\n"); 992 return -EINVAL; 993 } 994 if (new_ctx->rfc1001_sessinit != old_ctx->rfc1001_sessinit) { 995 cifs_errorf(fc, "can not change nbsessinit during remount\n"); 996 return -EINVAL; 997 } 998 999 return 0; 1000 } 1001 1002 #define STEAL_STRING(cifs_sb, ctx, field) \ 1003 do { \ 1004 kfree(ctx->field); \ 1005 ctx->field = cifs_sb->ctx->field; \ 1006 cifs_sb->ctx->field = NULL; \ 1007 } while (0) 1008 1009 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 1010 do { \ 1011 kfree_sensitive(ctx->field); \ 1012 ctx->field = cifs_sb->ctx->field; \ 1013 cifs_sb->ctx->field = NULL; \ 1014 } while (0) 1015 1016 int smb3_sync_session_ctx_passwords(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses) 1017 { 1018 char *password = NULL, *password2 = NULL; 1019 1020 if (ses->password && 1021 cifs_sb->ctx->password && 1022 strcmp(ses->password, cifs_sb->ctx->password)) { 1023 password = kstrdup(ses->password, GFP_KERNEL); 1024 if (!password) 1025 return -ENOMEM; 1026 } 1027 if (ses->password2 && 1028 cifs_sb->ctx->password2 && 1029 strcmp(ses->password2, cifs_sb->ctx->password2)) { 1030 password2 = kstrdup(ses->password2, GFP_KERNEL); 1031 if (!password2) { 1032 kfree_sensitive(password); 1033 return -ENOMEM; 1034 } 1035 } 1036 1037 if (password) { 1038 kfree_sensitive(cifs_sb->ctx->password); 1039 cifs_sb->ctx->password = password; 1040 } 1041 if (password2) { 1042 kfree_sensitive(cifs_sb->ctx->password2); 1043 cifs_sb->ctx->password2 = password2; 1044 } 1045 1046 return 0; 1047 } 1048 1049 /* 1050 * smb3_sync_ses_chan_max - Synchronize the session's maximum channel count 1051 * @ses: pointer to the old CIFS session structure 1052 * @max_channels: new maximum number of channels to allow 1053 * 1054 * Updates the session's chan_max field to the new value, protecting the update 1055 * with the session's channel lock. This should be called whenever the maximum 1056 * allowed channels for a session changes (e.g., after a remount or reconfigure). 1057 */ 1058 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, size_t max_channels) 1059 { 1060 spin_lock(&ses->chan_lock); 1061 ses->chan_max = max_channels; 1062 spin_unlock(&ses->chan_lock); 1063 } 1064 1065 static int smb3_reconfigure(struct fs_context *fc) 1066 { 1067 struct smb3_fs_context *ctx = smb3_fc2context(fc); 1068 struct smb3_fs_context *new_ctx = NULL; 1069 struct smb3_fs_context *old_ctx = NULL; 1070 struct dentry *root = fc->root; 1071 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 1072 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses; 1073 unsigned int rsize = ctx->rsize, wsize = ctx->wsize; 1074 char *new_password = NULL, *new_password2 = NULL; 1075 bool need_recon = false; 1076 bool need_mchan_update; 1077 int rc; 1078 1079 if (ses->expired_pwd) 1080 need_recon = true; 1081 1082 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon); 1083 if (rc) 1084 return rc; 1085 1086 rc = smb3_handle_conflicting_options(fc); 1087 if (rc) 1088 return rc; 1089 1090 old_ctx = kzalloc_obj(*old_ctx); 1091 if (!old_ctx) 1092 return -ENOMEM; 1093 1094 rc = smb3_fs_context_dup(old_ctx, cifs_sb->ctx); 1095 if (rc) 1096 goto free_old_ctx; 1097 1098 /* 1099 * We can not change UNC/username/password/domainname/ 1100 * workstation_name/nodename/iocharset 1101 * during reconnect so ignore what we have in the new context and 1102 * just use what we already have in cifs_sb->ctx. 1103 */ 1104 STEAL_STRING(cifs_sb, ctx, UNC); 1105 STEAL_STRING(cifs_sb, ctx, source); 1106 STEAL_STRING(cifs_sb, ctx, username); 1107 STEAL_STRING(cifs_sb, ctx, domainname); 1108 STEAL_STRING(cifs_sb, ctx, nodename); 1109 STEAL_STRING(cifs_sb, ctx, iocharset); 1110 1111 if (!need_recon) { 1112 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 1113 } else { 1114 if (ctx->password) { 1115 new_password = kstrdup(ctx->password, GFP_KERNEL); 1116 if (!new_password) { 1117 rc = -ENOMEM; 1118 goto restore_ctx; 1119 } 1120 } else { 1121 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 1122 } 1123 } 1124 1125 /* 1126 * if a new password2 has been specified, then reset it's value 1127 * inside the ses struct 1128 */ 1129 if (ctx->password2) { 1130 new_password2 = kstrdup(ctx->password2, GFP_KERNEL); 1131 if (!new_password2) { 1132 rc = -ENOMEM; 1133 goto restore_ctx; 1134 } 1135 } else { 1136 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password2); 1137 } 1138 1139 /* if rsize or wsize not passed in on remount, use previous values */ 1140 ctx->rsize = rsize ? CIFS_ALIGN_RSIZE(fc, rsize) : cifs_sb->ctx->rsize; 1141 ctx->wsize = wsize ? CIFS_ALIGN_WSIZE(fc, wsize) : cifs_sb->ctx->wsize; 1142 1143 new_ctx = kzalloc_obj(*new_ctx); 1144 if (!new_ctx) { 1145 rc = -ENOMEM; 1146 goto restore_ctx; 1147 } 1148 1149 rc = smb3_fs_context_dup(new_ctx, ctx); 1150 if (rc) 1151 goto restore_ctx; 1152 1153 need_mchan_update = ctx->multichannel != cifs_sb->ctx->multichannel || 1154 ctx->max_channels != cifs_sb->ctx->max_channels; 1155 1156 /* 1157 * we may update the passwords in the ses struct below. Make sure we do 1158 * not race with smb2_reconnect 1159 */ 1160 mutex_lock(&ses->session_mutex); 1161 1162 /* 1163 * smb2_reconnect may swap password and password2 in case session setup 1164 * failed. First get ctx passwords in sync with ses passwords. It should 1165 * be done before committing new passwords. 1166 */ 1167 rc = smb3_sync_session_ctx_passwords(cifs_sb, ses); 1168 if (rc) { 1169 mutex_unlock(&ses->session_mutex); 1170 goto cleanup_new_ctx; 1171 } 1172 1173 /* 1174 * If multichannel or max_channels has changed, update the session's channels accordingly. 1175 * This may add or remove channels to match the new configuration. 1176 */ 1177 if (need_mchan_update) { 1178 /* Prevent concurrent scaling operations */ 1179 spin_lock(&ses->ses_lock); 1180 if (ses->flags & CIFS_SES_FLAG_SCALE_CHANNELS) { 1181 spin_unlock(&ses->ses_lock); 1182 mutex_unlock(&ses->session_mutex); 1183 rc = -EINVAL; 1184 goto cleanup_new_ctx; 1185 } 1186 ses->flags |= CIFS_SES_FLAG_SCALE_CHANNELS; 1187 spin_unlock(&ses->ses_lock); 1188 } 1189 1190 /* 1191 * Commit session passwords before any channel work so newly added 1192 * channels authenticate with the new credentials. 1193 */ 1194 if (new_password) { 1195 kfree_sensitive(ses->password); 1196 ses->password = new_password; 1197 new_password = NULL; 1198 } 1199 if (new_password2) { 1200 kfree_sensitive(ses->password2); 1201 ses->password2 = new_password2; 1202 new_password2 = NULL; 1203 } 1204 1205 if (need_mchan_update) { 1206 /* Synchronize ses->chan_max with the new mount context */ 1207 smb3_sync_ses_chan_max(ses, ctx->max_channels); 1208 1209 mutex_unlock(&ses->session_mutex); 1210 1211 smb3_update_ses_channels(ses, ses->server, 1212 false /* from_reconnect */, 1213 false /* disable_mchan */); 1214 1215 /* Clear scaling flag after operation */ 1216 spin_lock(&ses->ses_lock); 1217 ses->flags &= ~CIFS_SES_FLAG_SCALE_CHANNELS; 1218 spin_unlock(&ses->ses_lock); 1219 } else { 1220 mutex_unlock(&ses->session_mutex); 1221 } 1222 1223 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 1224 memcpy(cifs_sb->ctx, new_ctx, sizeof(*new_ctx)); 1225 kfree(new_ctx); 1226 new_ctx = NULL; 1227 smb3_cleanup_fs_context(old_ctx); 1228 old_ctx = NULL; 1229 smb3_update_mnt_flags(cifs_sb); 1230 #ifdef CONFIG_CIFS_DFS_UPCALL 1231 if (!rc) 1232 rc = dfs_cache_remount_fs(cifs_sb); 1233 #endif 1234 1235 return rc; 1236 1237 cleanup_new_ctx: 1238 smb3_cleanup_fs_context_contents(new_ctx); 1239 restore_ctx: 1240 kfree(new_ctx); 1241 kfree_sensitive(new_password); 1242 kfree_sensitive(new_password2); 1243 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 1244 memcpy(cifs_sb->ctx, old_ctx, sizeof(*old_ctx)); 1245 free_old_ctx: 1246 kfree(old_ctx); 1247 1248 return rc; 1249 } 1250 1251 static int smb3_fs_context_parse_param(struct fs_context *fc, 1252 struct fs_parameter *param) 1253 { 1254 struct fs_parse_result result; 1255 struct smb3_fs_context *ctx = smb3_fc2context(fc); 1256 int i, opt; 1257 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 1258 bool skip_parsing = false; 1259 char *hostname; 1260 1261 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 1262 1263 /* 1264 * fs_parse can not handle string options with an empty value so 1265 * we will need special handling of them. 1266 */ 1267 if (param->type == fs_value_is_string && param->string[0] == 0) { 1268 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 1269 skip_parsing = true; 1270 opt = Opt_pass; 1271 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 1272 skip_parsing = true; 1273 opt = Opt_user; 1274 } else if (!strcmp("pass2", param->key) || !strcmp("password2", param->key)) { 1275 skip_parsing = true; 1276 opt = Opt_pass2; 1277 } 1278 } 1279 1280 if (!skip_parsing) { 1281 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 1282 if (opt < 0) 1283 return ctx->sloppy ? 1 : opt; 1284 } 1285 1286 switch (opt) { 1287 case Opt_compress: 1288 if (!IS_ENABLED(CONFIG_CIFS_COMPRESSION)) { 1289 cifs_errorf(fc, "CONFIG_CIFS_COMPRESSION kernel config option is unset\n"); 1290 goto cifs_parse_mount_err; 1291 } 1292 ctx->compress = true; 1293 cifs_dbg(VFS, "SMB3 compression support is experimental\n"); 1294 break; 1295 case Opt_nodfs: 1296 ctx->nodfs = 1; 1297 break; 1298 case Opt_hard: 1299 if (result.negated) { 1300 if (ctx->retry == 1) 1301 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 1302 ctx->retry = 0; 1303 } else 1304 ctx->retry = 1; 1305 break; 1306 case Opt_soft: 1307 if (result.negated) 1308 ctx->retry = 1; 1309 else { 1310 if (ctx->retry == 1) 1311 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 1312 ctx->retry = 0; 1313 } 1314 break; 1315 case Opt_mapposix: 1316 if (result.negated) 1317 ctx->remap = false; 1318 else { 1319 ctx->remap = true; 1320 ctx->sfu_remap = false; /* disable SFU mapping */ 1321 } 1322 break; 1323 case Opt_mapchars: 1324 if (result.negated) 1325 ctx->sfu_remap = false; 1326 else { 1327 ctx->sfu_remap = true; 1328 ctx->remap = false; /* disable SFM (mapposix) mapping */ 1329 } 1330 break; 1331 case Opt_user_xattr: 1332 if (result.negated) 1333 ctx->no_xattr = 1; 1334 else 1335 ctx->no_xattr = 0; 1336 break; 1337 case Opt_forceuid: 1338 if (result.negated) 1339 ctx->override_uid = 0; 1340 else 1341 ctx->override_uid = 1; 1342 ctx->forceuid_specified = true; 1343 break; 1344 case Opt_forcegid: 1345 if (result.negated) 1346 ctx->override_gid = 0; 1347 else 1348 ctx->override_gid = 1; 1349 ctx->forcegid_specified = true; 1350 break; 1351 case Opt_perm: 1352 if (result.negated) 1353 ctx->noperm = 1; 1354 else 1355 ctx->noperm = 0; 1356 break; 1357 case Opt_dynperm: 1358 if (result.negated) 1359 ctx->dynperm = 0; 1360 else 1361 ctx->dynperm = 1; 1362 break; 1363 case Opt_sfu: 1364 if (result.negated) 1365 ctx->sfu_emul = 0; 1366 else 1367 ctx->sfu_emul = 1; 1368 break; 1369 case Opt_noblocksend: 1370 ctx->noblocksnd = 1; 1371 break; 1372 case Opt_noautotune: 1373 ctx->noautotune = 1; 1374 break; 1375 case Opt_lease: 1376 ctx->no_lease = result.negated; 1377 break; 1378 case Opt_nosparse: 1379 ctx->no_sparse = 1; 1380 break; 1381 case Opt_nodelete: 1382 ctx->nodelete = 1; 1383 break; 1384 case Opt_multichannel: 1385 ctx->multichannel_specified = true; 1386 if (result.negated) 1387 ctx->multichannel = false; 1388 else 1389 ctx->multichannel = true; 1390 break; 1391 case Opt_uid: 1392 ctx->linux_uid = result.uid; 1393 ctx->uid_specified = true; 1394 break; 1395 case Opt_cruid: 1396 ctx->cred_uid = result.uid; 1397 ctx->cruid_specified = true; 1398 break; 1399 case Opt_backupuid: 1400 ctx->backupuid = result.uid; 1401 ctx->backupuid_specified = true; 1402 break; 1403 case Opt_backupgid: 1404 ctx->backupgid = result.gid; 1405 ctx->backupgid_specified = true; 1406 break; 1407 case Opt_gid: 1408 ctx->linux_gid = result.gid; 1409 ctx->gid_specified = true; 1410 break; 1411 case Opt_port: 1412 ctx->port = result.uint_32; 1413 break; 1414 case Opt_file_mode: 1415 ctx->file_mode = result.uint_32; 1416 break; 1417 case Opt_dirmode: 1418 ctx->dir_mode = result.uint_32; 1419 break; 1420 case Opt_min_enc_offload: 1421 ctx->min_offload = result.uint_32; 1422 break; 1423 case Opt_retrans: 1424 ctx->retrans = result.uint_32; 1425 break; 1426 case Opt_blocksize: 1427 /* 1428 * inode blocksize realistically should never need to be 1429 * less than 16K or greater than 16M and default is 1MB. 1430 * Note that small inode block sizes (e.g. 64K) can lead 1431 * to very poor performance of common tools like cp and scp 1432 */ 1433 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1434 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1435 cifs_errorf(fc, "%s: Invalid blocksize\n", 1436 __func__); 1437 goto cifs_parse_mount_err; 1438 } 1439 ctx->bsize = CIFS_ALIGN_BSIZE(fc, result.uint_32); 1440 ctx->got_bsize = true; 1441 break; 1442 case Opt_rasize: 1443 /* 1444 * readahead size realistically should never need to be 1445 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1446 * (perhaps an exception should be considered in the 1447 * for the case of a large number of channels 1448 * when multichannel is negotiated) since that would lead 1449 * to plenty of parallel I/O in flight to the server. 1450 * Note that smaller read ahead sizes would 1451 * hurt performance of common tools like cp and scp 1452 * which often trigger sequential i/o with read ahead 1453 */ 1454 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1455 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1456 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1457 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1458 goto cifs_parse_mount_err; 1459 } 1460 ctx->rasize = result.uint_32; 1461 break; 1462 case Opt_rsize: 1463 ctx->rsize = CIFS_ALIGN_RSIZE(fc, result.uint_32); 1464 ctx->got_rsize = true; 1465 ctx->vol_rsize = ctx->rsize; 1466 break; 1467 case Opt_wsize: 1468 ctx->wsize = CIFS_ALIGN_WSIZE(fc, result.uint_32); 1469 ctx->got_wsize = true; 1470 ctx->vol_wsize = ctx->wsize; 1471 break; 1472 case Opt_acregmax: 1473 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) { 1474 cifs_errorf(fc, "acregmax too large\n"); 1475 goto cifs_parse_mount_err; 1476 } 1477 ctx->acregmax = HZ * result.uint_32; 1478 break; 1479 case Opt_acdirmax: 1480 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) { 1481 cifs_errorf(fc, "acdirmax too large\n"); 1482 goto cifs_parse_mount_err; 1483 } 1484 ctx->acdirmax = HZ * result.uint_32; 1485 break; 1486 case Opt_actimeo: 1487 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) { 1488 cifs_errorf(fc, "timeout too large\n"); 1489 goto cifs_parse_mount_err; 1490 } 1491 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1492 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1493 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1494 break; 1495 } 1496 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1497 break; 1498 case Opt_closetimeo: 1499 if (result.uint_32 > SMB3_MAX_DCLOSETIMEO / HZ) { 1500 cifs_errorf(fc, "closetimeo too large\n"); 1501 goto cifs_parse_mount_err; 1502 } 1503 ctx->closetimeo = HZ * result.uint_32; 1504 break; 1505 case Opt_echo_interval: 1506 if (result.uint_32 < SMB_ECHO_INTERVAL_MIN || 1507 result.uint_32 > SMB_ECHO_INTERVAL_MAX) { 1508 cifs_errorf(fc, "echo interval is out of bounds\n"); 1509 goto cifs_parse_mount_err; 1510 } 1511 ctx->echo_interval = result.uint_32; 1512 break; 1513 case Opt_snapshot: 1514 ctx->snapshot_time = result.uint_64; 1515 break; 1516 case Opt_max_credits: 1517 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1518 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1519 __func__); 1520 goto cifs_parse_mount_err; 1521 } 1522 ctx->max_credits = result.uint_32; 1523 break; 1524 case Opt_max_channels: 1525 ctx->max_channels_specified = true; 1526 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1527 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1528 __func__, CIFS_MAX_CHANNELS); 1529 goto cifs_parse_mount_err; 1530 } 1531 ctx->max_channels = result.uint_32; 1532 break; 1533 case Opt_max_cached_dirs: 1534 if (result.uint_32 < 1) { 1535 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n", 1536 __func__); 1537 goto cifs_parse_mount_err; 1538 } 1539 ctx->max_cached_dirs = result.uint_32; 1540 break; 1541 case Opt_handletimeout: 1542 ctx->handle_timeout = result.uint_32; 1543 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1544 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1545 goto cifs_parse_mount_err; 1546 } 1547 break; 1548 case Opt_source: 1549 kfree(ctx->UNC); 1550 ctx->UNC = NULL; 1551 switch (smb3_parse_devname(param->string, ctx)) { 1552 case 0: 1553 break; 1554 case -ENOMEM: 1555 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1556 goto cifs_parse_mount_err; 1557 case -EINVAL: 1558 cifs_errorf(fc, "Malformed UNC in devname\n"); 1559 goto cifs_parse_mount_err; 1560 default: 1561 cifs_errorf(fc, "Unknown error parsing devname\n"); 1562 goto cifs_parse_mount_err; 1563 } 1564 kfree(ctx->source); 1565 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1566 if (IS_ERR(ctx->source)) { 1567 ctx->source = NULL; 1568 cifs_errorf(fc, "OOM when copying UNC string\n"); 1569 goto cifs_parse_mount_err; 1570 } 1571 kfree(fc->source); 1572 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1573 if (fc->source == NULL) { 1574 cifs_errorf(fc, "OOM when copying UNC string\n"); 1575 goto cifs_parse_mount_err; 1576 } 1577 hostname = extract_hostname(ctx->UNC); 1578 if (IS_ERR(hostname)) { 1579 cifs_errorf(fc, "Cannot extract hostname from UNC string\n"); 1580 goto cifs_parse_mount_err; 1581 } 1582 /* last byte, type, is 0x20 for servr type */ 1583 memset(ctx->target_rfc1001_name, 0x20, RFC1001_NAME_LEN_WITH_NULL); 1584 for (i = 0; i < RFC1001_NAME_LEN && hostname[i] != 0; i++) 1585 ctx->target_rfc1001_name[i] = toupper(hostname[i]); 1586 kfree(hostname); 1587 break; 1588 case Opt_user: 1589 kfree(ctx->username); 1590 ctx->username = NULL; 1591 if (ctx->nullauth) 1592 break; 1593 if (strlen(param->string) == 0) { 1594 /* null user, ie. anonymous authentication */ 1595 ctx->nullauth = 1; 1596 break; 1597 } 1598 1599 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) == 1600 CIFS_MAX_USERNAME_LEN) { 1601 pr_warn("username too long\n"); 1602 goto cifs_parse_mount_err; 1603 } 1604 ctx->username = no_free_ptr(param->string); 1605 break; 1606 case Opt_pass: 1607 kfree_sensitive(ctx->password); 1608 ctx->password = NULL; 1609 if (strlen(param->string) == 0) 1610 break; 1611 ctx->password = no_free_ptr(param->string); 1612 break; 1613 case Opt_pass2: 1614 kfree_sensitive(ctx->password2); 1615 ctx->password2 = NULL; 1616 if (strlen(param->string) == 0) 1617 break; 1618 ctx->password2 = no_free_ptr(param->string); 1619 break; 1620 case Opt_ip: 1621 if (strlen(param->string) == 0) { 1622 ctx->got_ip = false; 1623 break; 1624 } 1625 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1626 param->string, 1627 strlen(param->string))) { 1628 pr_err("bad ip= option (%s)\n", param->string); 1629 goto cifs_parse_mount_err; 1630 } 1631 ctx->got_ip = true; 1632 break; 1633 case Opt_domain: 1634 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1635 == CIFS_MAX_DOMAINNAME_LEN) { 1636 pr_warn("domain name too long\n"); 1637 goto cifs_parse_mount_err; 1638 } 1639 1640 kfree(ctx->domainname); 1641 ctx->domainname = no_free_ptr(param->string); 1642 cifs_dbg(FYI, "Domain name set\n"); 1643 break; 1644 case Opt_srcaddr: 1645 if (!cifs_convert_address( 1646 (struct sockaddr *)&ctx->srcaddr, 1647 param->string, strlen(param->string))) { 1648 pr_warn("Could not parse srcaddr: %s\n", 1649 param->string); 1650 goto cifs_parse_mount_err; 1651 } 1652 break; 1653 case Opt_iocharset: 1654 if (strnlen(param->string, 1024) >= 65) { 1655 pr_warn("iocharset name too long\n"); 1656 goto cifs_parse_mount_err; 1657 } 1658 1659 if (strncasecmp(param->string, "default", 7) != 0) { 1660 kfree(ctx->iocharset); 1661 ctx->iocharset = no_free_ptr(param->string); 1662 } 1663 /* if iocharset not set then load_nls_default 1664 * is used by caller 1665 */ 1666 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1667 break; 1668 case Opt_netbiosname: 1669 memset(ctx->source_rfc1001_name, 0x20, 1670 RFC1001_NAME_LEN); 1671 /* 1672 * FIXME: are there cases in which a comma can 1673 * be valid in workstation netbios name (and 1674 * need special handling)? 1675 */ 1676 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1677 /* don't ucase netbiosname for user */ 1678 if (param->string[i] == 0) 1679 break; 1680 ctx->source_rfc1001_name[i] = param->string[i]; 1681 } 1682 /* The string has 16th byte zero still from 1683 * set at top of the function 1684 */ 1685 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1686 pr_warn("netbiosname longer than 15 truncated\n"); 1687 break; 1688 case Opt_servern: 1689 /* last byte, type, is 0x20 for servr type */ 1690 memset(ctx->target_rfc1001_name, 0x20, 1691 RFC1001_NAME_LEN_WITH_NULL); 1692 /* 1693 * BB are there cases in which a comma can be valid in this 1694 * workstation netbios name (and need special handling)? 1695 */ 1696 1697 /* user or mount helper must uppercase the netbios name */ 1698 for (i = 0; i < 15; i++) { 1699 if (param->string[i] == 0) 1700 break; 1701 ctx->target_rfc1001_name[i] = param->string[i]; 1702 } 1703 1704 /* The string has 16th byte zero still from set at top of function */ 1705 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1706 pr_warn("server netbiosname longer than 15 truncated\n"); 1707 break; 1708 case Opt_nbsessinit: 1709 ctx->rfc1001_sessinit = !result.negated; 1710 cifs_dbg(FYI, "rfc1001_sessinit set to %d\n", ctx->rfc1001_sessinit); 1711 break; 1712 case Opt_ver: 1713 /* version of mount userspace tools, not dialect */ 1714 /* If interface changes in mount.cifs bump to new ver */ 1715 if (strncasecmp(param->string, "1", 1) == 0) { 1716 if (strlen(param->string) > 1) { 1717 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1718 param->string); 1719 goto cifs_parse_mount_err; 1720 } 1721 /* This is the default */ 1722 break; 1723 } 1724 /* For all other value, error */ 1725 pr_warn("Invalid mount helper version specified\n"); 1726 goto cifs_parse_mount_err; 1727 case Opt_vers: 1728 /* protocol version (dialect) */ 1729 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1730 goto cifs_parse_mount_err; 1731 ctx->got_version = true; 1732 break; 1733 case Opt_sec: 1734 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1735 goto cifs_parse_mount_err; 1736 break; 1737 case Opt_upcalltarget: 1738 if (cifs_parse_upcall_target(fc, param->string, ctx) != 0) 1739 goto cifs_parse_mount_err; 1740 break; 1741 case Opt_cache: 1742 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1743 goto cifs_parse_mount_err; 1744 break; 1745 case Opt_witness: 1746 #ifndef CONFIG_CIFS_SWN_UPCALL 1747 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1748 goto cifs_parse_mount_err; 1749 #endif 1750 ctx->witness = true; 1751 pr_warn_once("Witness protocol support is experimental\n"); 1752 break; 1753 case Opt_unicode: 1754 ctx->unicode = !result.negated; 1755 cifs_dbg(FYI, "unicode set to %d\n", ctx->unicode); 1756 break; 1757 case Opt_rootfs: 1758 #ifndef CONFIG_CIFS_ROOT 1759 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1760 goto cifs_parse_mount_err; 1761 #endif 1762 ctx->rootfs = true; 1763 break; 1764 case Opt_posixpaths: 1765 if (result.negated) 1766 ctx->posix_paths = 0; 1767 else 1768 ctx->posix_paths = 1; 1769 break; 1770 case Opt_unix: 1771 if (result.negated) { 1772 if (ctx->linux_ext == 1) 1773 pr_warn_once("conflicting posix mount options specified\n"); 1774 ctx->linux_ext = 0; 1775 ctx->no_linux_ext = 1; 1776 } else { 1777 if (ctx->no_linux_ext == 1) 1778 pr_warn_once("conflicting posix mount options specified\n"); 1779 ctx->linux_ext = 1; 1780 ctx->no_linux_ext = 0; 1781 ctx->nonativesocket = 1; /* POSIX mounts use NFS style reparse points */ 1782 } 1783 break; 1784 case Opt_nocase: 1785 ctx->nocase = 1; 1786 break; 1787 case Opt_brl: 1788 if (result.negated) { 1789 /* 1790 * turn off mandatory locking in mode 1791 * if remote locking is turned off since the 1792 * local vfs will do advisory 1793 */ 1794 if (ctx->file_mode == 1795 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1796 ctx->file_mode = S_IALLUGO; 1797 ctx->nobrl = 1; 1798 } else 1799 ctx->nobrl = 0; 1800 break; 1801 case Opt_handlecache: 1802 if (result.negated) 1803 ctx->nohandlecache = 1; 1804 else 1805 ctx->nohandlecache = 0; 1806 break; 1807 case Opt_forcemandatorylock: 1808 ctx->mand_lock = 1; 1809 break; 1810 case Opt_setuids: 1811 ctx->setuids = result.negated; 1812 break; 1813 case Opt_intr: 1814 ctx->intr = !result.negated; 1815 break; 1816 case Opt_setuidfromacl: 1817 ctx->setuidfromacl = 1; 1818 break; 1819 case Opt_strictsync: 1820 ctx->nostrictsync = result.negated; 1821 break; 1822 case Opt_serverino: 1823 ctx->server_ino = !result.negated; 1824 break; 1825 case Opt_rwpidforward: 1826 ctx->rwpidforward = 1; 1827 break; 1828 case Opt_modesid: 1829 ctx->mode_ace = 1; 1830 break; 1831 case Opt_cifsacl: 1832 ctx->cifs_acl = !result.negated; 1833 break; 1834 case Opt_acl: 1835 ctx->no_psx_acl = result.negated; 1836 break; 1837 case Opt_locallease: 1838 ctx->local_lease = 1; 1839 break; 1840 case Opt_sign: 1841 ctx->sign = true; 1842 break; 1843 case Opt_ignore_signature: 1844 ctx->sign = true; 1845 ctx->ignore_signature = true; 1846 break; 1847 case Opt_seal: 1848 /* we do not do the following in secFlags because seal 1849 * is a per tree connection (mount) not a per socket 1850 * or per-smb connection option in the protocol 1851 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1852 */ 1853 ctx->seal = 1; 1854 break; 1855 case Opt_noac: 1856 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1857 break; 1858 case Opt_fsc: 1859 #ifndef CONFIG_CIFS_FSCACHE 1860 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1861 goto cifs_parse_mount_err; 1862 #endif 1863 ctx->fsc = true; 1864 break; 1865 case Opt_mfsymlinks: 1866 ctx->mfsymlinks = true; 1867 break; 1868 case Opt_multiuser: 1869 ctx->multiuser = true; 1870 break; 1871 case Opt_sloppy: 1872 ctx->sloppy = true; 1873 break; 1874 case Opt_nosharesock: 1875 ctx->nosharesock = true; 1876 break; 1877 case Opt_persistent: 1878 if (result.negated) { 1879 ctx->nopersistent = true; 1880 if (ctx->persistent) { 1881 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1882 goto cifs_parse_mount_err; 1883 } 1884 } else { 1885 ctx->persistent = true; 1886 if ((ctx->nopersistent) || (ctx->resilient)) { 1887 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1888 goto cifs_parse_mount_err; 1889 } 1890 } 1891 break; 1892 case Opt_resilient: 1893 if (result.negated) { 1894 ctx->resilient = false; /* already the default */ 1895 } else { 1896 ctx->resilient = true; 1897 if (ctx->persistent) { 1898 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1899 goto cifs_parse_mount_err; 1900 } 1901 } 1902 break; 1903 case Opt_tcp_nodelay: 1904 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1905 if (result.negated) 1906 ctx->sockopt_tcp_nodelay = false; 1907 else 1908 ctx->sockopt_tcp_nodelay = true; 1909 break; 1910 case Opt_domainauto: 1911 ctx->domainauto = true; 1912 break; 1913 case Opt_rdma: 1914 ctx->rdma = true; 1915 break; 1916 case Opt_reparse: 1917 if (parse_reparse_flavor(fc, param->string, ctx)) 1918 goto cifs_parse_mount_err; 1919 break; 1920 case Opt_nativesocket: 1921 ctx->nonativesocket = result.negated; 1922 break; 1923 case Opt_symlink: 1924 if (parse_symlink_flavor(fc, param->string, ctx)) 1925 goto cifs_parse_mount_err; 1926 break; 1927 case Opt_symlinkroot: 1928 if (param->string[0] != '/') { 1929 cifs_errorf(fc, "symlinkroot mount options must be absolute path\n"); 1930 goto cifs_parse_mount_err; 1931 } 1932 if (strnlen(param->string, PATH_MAX) == PATH_MAX) { 1933 cifs_errorf(fc, "symlinkroot path too long (max path length: %u)\n", 1934 PATH_MAX - 1); 1935 goto cifs_parse_mount_err; 1936 } 1937 kfree(ctx->symlinkroot); 1938 ctx->symlinkroot = param->string; 1939 param->string = NULL; 1940 break; 1941 } 1942 /* case Opt_ignore: - is ignored as expected ... */ 1943 1944 return 0; 1945 1946 cifs_parse_mount_err: 1947 kfree_sensitive(ctx->password); 1948 ctx->password = NULL; 1949 kfree_sensitive(ctx->password2); 1950 ctx->password2 = NULL; 1951 kfree(ctx->source); 1952 ctx->source = NULL; 1953 kfree(fc->source); 1954 fc->source = NULL; 1955 return -EINVAL; 1956 } 1957 1958 int smb3_init_fs_context(struct fs_context *fc) 1959 { 1960 struct smb3_fs_context *ctx; 1961 char *nodename = utsname()->nodename; 1962 int i; 1963 1964 ctx = kzalloc_obj(struct smb3_fs_context); 1965 if (unlikely(!ctx)) 1966 return -ENOMEM; 1967 1968 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1969 1970 /* 1971 * does not have to be perfect mapping since field is 1972 * informational, only used for servers that do not support 1973 * port 445 and it can be overridden at mount time 1974 */ 1975 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1976 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1977 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1978 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1979 1980 /* 1981 * null target name indicates to use *SMBSERVR default called name 1982 * if we end up sending RFC1001 session initialize 1983 */ 1984 ctx->target_rfc1001_name[0] = 0; 1985 1986 ctx->rfc1001_sessinit = -1; /* autodetect based on port number */ 1987 1988 ctx->cred_uid = current_uid(); 1989 ctx->linux_uid = current_uid(); 1990 ctx->linux_gid = current_gid(); 1991 /* By default 4MB read ahead size, 1MB block size */ 1992 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1993 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1994 1995 /* 1996 * default to SFM style remapping of seven reserved characters 1997 * unless user overrides it or we negotiate CIFS POSIX where 1998 * it is unnecessary. Can not simultaneously use more than one mapping 1999 * since then readdir could list files that open could not open 2000 */ 2001 ctx->remap = true; 2002 2003 /* default to only allowing write access to owner of the mount */ 2004 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 2005 2006 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 2007 /* default is always to request posix paths. */ 2008 ctx->posix_paths = 1; 2009 /* default to using server inode numbers where available */ 2010 ctx->server_ino = 1; 2011 2012 /* default is to use strict cifs caching semantics */ 2013 ctx->strict_io = true; 2014 2015 ctx->acregmax = CIFS_DEF_ACTIMEO; 2016 ctx->acdirmax = CIFS_DEF_ACTIMEO; 2017 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 2018 ctx->max_cached_dirs = MAX_CACHED_FIDS; 2019 /* Most clients set timeout to 0, allows server to use its default */ 2020 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 2021 2022 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 2023 ctx->ops = &smb30_operations; 2024 ctx->vals = &smbdefault_values; 2025 2026 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 2027 2028 /* default to no multichannel (single server connection) */ 2029 ctx->multichannel = false; 2030 ctx->multichannel_specified = false; 2031 ctx->max_channels_specified = false; 2032 ctx->max_channels = 1; 2033 2034 ctx->backupuid_specified = false; /* no backup intent for a user */ 2035 ctx->backupgid_specified = false; /* no backup intent for a group */ 2036 2037 ctx->retrans = 0; 2038 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT; 2039 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT; 2040 ctx->nonativesocket = 0; 2041 2042 ctx->unicode = -1; /* autodetect, but prefer UNICODE mode */ 2043 2044 /* 2045 * short int override_uid = -1; 2046 * short int override_gid = -1; 2047 * char *nodename = strdup(utsname()->nodename); 2048 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 2049 */ 2050 2051 fc->fs_private = ctx; 2052 fc->ops = &smb3_fs_context_ops; 2053 return 0; 2054 } 2055 2056 void 2057 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 2058 { 2059 if (ctx == NULL) 2060 return; 2061 2062 /* 2063 * Make sure this stays in sync with smb3_fs_context_dup() 2064 */ 2065 kfree(ctx->username); 2066 ctx->username = NULL; 2067 kfree_sensitive(ctx->password); 2068 ctx->password = NULL; 2069 kfree_sensitive(ctx->password2); 2070 ctx->password2 = NULL; 2071 kfree(ctx->server_hostname); 2072 ctx->server_hostname = NULL; 2073 kfree(ctx->UNC); 2074 ctx->UNC = NULL; 2075 kfree(ctx->source); 2076 ctx->source = NULL; 2077 kfree(ctx->domainname); 2078 ctx->domainname = NULL; 2079 kfree(ctx->nodename); 2080 ctx->nodename = NULL; 2081 kfree(ctx->iocharset); 2082 ctx->iocharset = NULL; 2083 kfree(ctx->prepath); 2084 ctx->prepath = NULL; 2085 kfree(ctx->leaf_fullpath); 2086 ctx->leaf_fullpath = NULL; 2087 kfree(ctx->dns_dom); 2088 ctx->dns_dom = NULL; 2089 kfree(ctx->symlinkroot); 2090 ctx->symlinkroot = NULL; 2091 } 2092 2093 void 2094 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 2095 { 2096 if (!ctx) 2097 return; 2098 smb3_cleanup_fs_context_contents(ctx); 2099 kfree(ctx); 2100 } 2101 2102 unsigned int smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 2103 { 2104 unsigned int sbflags = cifs_sb_flags(cifs_sb); 2105 struct smb3_fs_context *ctx = cifs_sb->ctx; 2106 2107 if (ctx->nodfs) 2108 sbflags |= CIFS_MOUNT_NO_DFS; 2109 else 2110 sbflags &= ~CIFS_MOUNT_NO_DFS; 2111 2112 if (ctx->noperm) 2113 sbflags |= CIFS_MOUNT_NO_PERM; 2114 else 2115 sbflags &= ~CIFS_MOUNT_NO_PERM; 2116 2117 if (ctx->setuids) 2118 sbflags |= CIFS_MOUNT_SET_UID; 2119 else 2120 sbflags &= ~CIFS_MOUNT_SET_UID; 2121 2122 if (ctx->setuidfromacl) 2123 sbflags |= CIFS_MOUNT_UID_FROM_ACL; 2124 else 2125 sbflags &= ~CIFS_MOUNT_UID_FROM_ACL; 2126 2127 if (ctx->server_ino) 2128 sbflags |= CIFS_MOUNT_SERVER_INUM; 2129 else 2130 sbflags &= ~CIFS_MOUNT_SERVER_INUM; 2131 2132 if (ctx->remap) 2133 sbflags |= CIFS_MOUNT_MAP_SFM_CHR; 2134 else 2135 sbflags &= ~CIFS_MOUNT_MAP_SFM_CHR; 2136 2137 if (ctx->sfu_remap) 2138 sbflags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 2139 else 2140 sbflags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 2141 2142 if (ctx->no_xattr) 2143 sbflags |= CIFS_MOUNT_NO_XATTR; 2144 else 2145 sbflags &= ~CIFS_MOUNT_NO_XATTR; 2146 2147 if (ctx->sfu_emul) 2148 sbflags |= CIFS_MOUNT_UNX_EMUL; 2149 else 2150 sbflags &= ~CIFS_MOUNT_UNX_EMUL; 2151 2152 if (ctx->nobrl) 2153 sbflags |= CIFS_MOUNT_NO_BRL; 2154 else 2155 sbflags &= ~CIFS_MOUNT_NO_BRL; 2156 2157 if (ctx->nohandlecache) 2158 sbflags |= CIFS_MOUNT_NO_HANDLE_CACHE; 2159 else 2160 sbflags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 2161 2162 if (ctx->nostrictsync) 2163 sbflags |= CIFS_MOUNT_NOSSYNC; 2164 else 2165 sbflags &= ~CIFS_MOUNT_NOSSYNC; 2166 2167 if (ctx->mand_lock) 2168 sbflags |= CIFS_MOUNT_NOPOSIXBRL; 2169 else 2170 sbflags &= ~CIFS_MOUNT_NOPOSIXBRL; 2171 2172 if (ctx->rwpidforward) 2173 sbflags |= CIFS_MOUNT_RWPIDFORWARD; 2174 else 2175 sbflags &= ~CIFS_MOUNT_RWPIDFORWARD; 2176 2177 if (ctx->mode_ace) 2178 sbflags |= CIFS_MOUNT_MODE_FROM_SID; 2179 else 2180 sbflags &= ~CIFS_MOUNT_MODE_FROM_SID; 2181 2182 if (ctx->cifs_acl) 2183 sbflags |= CIFS_MOUNT_CIFS_ACL; 2184 else 2185 sbflags &= ~CIFS_MOUNT_CIFS_ACL; 2186 2187 if (ctx->backupuid_specified) 2188 sbflags |= CIFS_MOUNT_CIFS_BACKUPUID; 2189 else 2190 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 2191 2192 if (ctx->backupgid_specified) 2193 sbflags |= CIFS_MOUNT_CIFS_BACKUPGID; 2194 else 2195 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 2196 2197 if (ctx->override_uid) 2198 sbflags |= CIFS_MOUNT_OVERR_UID; 2199 else 2200 sbflags &= ~CIFS_MOUNT_OVERR_UID; 2201 2202 if (ctx->override_gid) 2203 sbflags |= CIFS_MOUNT_OVERR_GID; 2204 else 2205 sbflags &= ~CIFS_MOUNT_OVERR_GID; 2206 2207 if (ctx->dynperm) 2208 sbflags |= CIFS_MOUNT_DYNPERM; 2209 else 2210 sbflags &= ~CIFS_MOUNT_DYNPERM; 2211 2212 if (ctx->fsc) 2213 sbflags |= CIFS_MOUNT_FSCACHE; 2214 else 2215 sbflags &= ~CIFS_MOUNT_FSCACHE; 2216 2217 if (ctx->multiuser) 2218 sbflags |= CIFS_MOUNT_MULTIUSER | CIFS_MOUNT_NO_PERM; 2219 else 2220 sbflags &= ~CIFS_MOUNT_MULTIUSER; 2221 2222 2223 if (ctx->strict_io) 2224 sbflags |= CIFS_MOUNT_STRICT_IO; 2225 else 2226 sbflags &= ~CIFS_MOUNT_STRICT_IO; 2227 2228 if (ctx->direct_io) 2229 sbflags |= CIFS_MOUNT_DIRECT_IO; 2230 else 2231 sbflags &= ~CIFS_MOUNT_DIRECT_IO; 2232 2233 if (ctx->mfsymlinks) 2234 sbflags |= CIFS_MOUNT_MF_SYMLINKS; 2235 else 2236 sbflags &= ~CIFS_MOUNT_MF_SYMLINKS; 2237 2238 if (ctx->mfsymlinks && ctx->sfu_emul) { 2239 /* 2240 * Our SFU ("Services for Unix") emulation allows now 2241 * creating new and reading existing SFU symlinks. 2242 * Older Linux kernel versions were not able to neither 2243 * read existing nor create new SFU symlinks. But 2244 * creating and reading SFU style mknod and FIFOs was 2245 * supported for long time. When "mfsymlinks" and 2246 * "sfu" are both enabled at the same time, it allows 2247 * reading both types of symlinks, but will only create 2248 * them with mfsymlinks format. This allows better 2249 * Apple compatibility, compatibility with older Linux 2250 * kernel clients (probably better for Samba too) 2251 * while still recognizing old Windows style symlinks. 2252 */ 2253 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 2254 } 2255 sbflags &= ~CIFS_MOUNT_SHUTDOWN; 2256 atomic_set(&cifs_sb->mnt_cifs_flags, sbflags); 2257 return sbflags; 2258 } 2259