xref: /linux/fs/nfs/fs_context.c (revision 4b660dbd9ee2059850fd30e0df420ca7a38a1856)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * linux/fs/nfs/fs_context.c
4  *
5  * Copyright (C) 1992 Rick Sladkey
6  * Conversion to new mount api Copyright (C) David Howells
7  *
8  * NFS mount handling.
9  *
10  * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com>
11  */
12 
13 #include <linux/compat.h>
14 #include <linux/module.h>
15 #include <linux/fs.h>
16 #include <linux/fs_context.h>
17 #include <linux/fs_parser.h>
18 #include <linux/nfs_fs.h>
19 #include <linux/nfs_mount.h>
20 #include <linux/nfs4_mount.h>
21 
22 #include <net/handshake.h>
23 
24 #include "nfs.h"
25 #include "internal.h"
26 
27 #include "nfstrace.h"
28 
29 #define NFSDBG_FACILITY		NFSDBG_MOUNT
30 
31 #if IS_ENABLED(CONFIG_NFS_V3)
32 #define NFS_DEFAULT_VERSION 3
33 #else
34 #define NFS_DEFAULT_VERSION 2
35 #endif
36 
37 #define NFS_MAX_CONNECTIONS 16
38 
39 enum nfs_param {
40 	Opt_ac,
41 	Opt_acdirmax,
42 	Opt_acdirmin,
43 	Opt_acl,
44 	Opt_acregmax,
45 	Opt_acregmin,
46 	Opt_actimeo,
47 	Opt_addr,
48 	Opt_bg,
49 	Opt_bsize,
50 	Opt_clientaddr,
51 	Opt_cto,
52 	Opt_fg,
53 	Opt_fscache,
54 	Opt_fscache_flag,
55 	Opt_hard,
56 	Opt_intr,
57 	Opt_local_lock,
58 	Opt_lock,
59 	Opt_lookupcache,
60 	Opt_migration,
61 	Opt_minorversion,
62 	Opt_mountaddr,
63 	Opt_mounthost,
64 	Opt_mountport,
65 	Opt_mountproto,
66 	Opt_mountvers,
67 	Opt_namelen,
68 	Opt_nconnect,
69 	Opt_max_connect,
70 	Opt_port,
71 	Opt_posix,
72 	Opt_proto,
73 	Opt_rdirplus,
74 	Opt_rdma,
75 	Opt_resvport,
76 	Opt_retrans,
77 	Opt_retry,
78 	Opt_rsize,
79 	Opt_sec,
80 	Opt_sharecache,
81 	Opt_sloppy,
82 	Opt_soft,
83 	Opt_softerr,
84 	Opt_softreval,
85 	Opt_source,
86 	Opt_tcp,
87 	Opt_timeo,
88 	Opt_trunkdiscovery,
89 	Opt_udp,
90 	Opt_v,
91 	Opt_vers,
92 	Opt_wsize,
93 	Opt_write,
94 	Opt_xprtsec,
95 };
96 
97 enum {
98 	Opt_local_lock_all,
99 	Opt_local_lock_flock,
100 	Opt_local_lock_none,
101 	Opt_local_lock_posix,
102 };
103 
104 static const struct constant_table nfs_param_enums_local_lock[] = {
105 	{ "all",		Opt_local_lock_all },
106 	{ "flock",	Opt_local_lock_flock },
107 	{ "posix",	Opt_local_lock_posix },
108 	{ "none",		Opt_local_lock_none },
109 	{}
110 };
111 
112 enum {
113 	Opt_lookupcache_all,
114 	Opt_lookupcache_none,
115 	Opt_lookupcache_positive,
116 };
117 
118 static const struct constant_table nfs_param_enums_lookupcache[] = {
119 	{ "all",		Opt_lookupcache_all },
120 	{ "none",		Opt_lookupcache_none },
121 	{ "pos",		Opt_lookupcache_positive },
122 	{ "positive",		Opt_lookupcache_positive },
123 	{}
124 };
125 
126 enum {
127 	Opt_write_lazy,
128 	Opt_write_eager,
129 	Opt_write_wait,
130 };
131 
132 static const struct constant_table nfs_param_enums_write[] = {
133 	{ "lazy",		Opt_write_lazy },
134 	{ "eager",		Opt_write_eager },
135 	{ "wait",		Opt_write_wait },
136 	{}
137 };
138 
139 static const struct fs_parameter_spec nfs_fs_parameters[] = {
140 	fsparam_flag_no("ac",		Opt_ac),
141 	fsparam_u32   ("acdirmax",	Opt_acdirmax),
142 	fsparam_u32   ("acdirmin",	Opt_acdirmin),
143 	fsparam_flag_no("acl",		Opt_acl),
144 	fsparam_u32   ("acregmax",	Opt_acregmax),
145 	fsparam_u32   ("acregmin",	Opt_acregmin),
146 	fsparam_u32   ("actimeo",	Opt_actimeo),
147 	fsparam_string("addr",		Opt_addr),
148 	fsparam_flag  ("bg",		Opt_bg),
149 	fsparam_u32   ("bsize",		Opt_bsize),
150 	fsparam_string("clientaddr",	Opt_clientaddr),
151 	fsparam_flag_no("cto",		Opt_cto),
152 	fsparam_flag  ("fg",		Opt_fg),
153 	fsparam_flag_no("fsc",		Opt_fscache_flag),
154 	fsparam_string("fsc",		Opt_fscache),
155 	fsparam_flag  ("hard",		Opt_hard),
156 	__fsparam(NULL, "intr",		Opt_intr,
157 		  fs_param_neg_with_no|fs_param_deprecated, NULL),
158 	fsparam_enum  ("local_lock",	Opt_local_lock, nfs_param_enums_local_lock),
159 	fsparam_flag_no("lock",		Opt_lock),
160 	fsparam_enum  ("lookupcache",	Opt_lookupcache, nfs_param_enums_lookupcache),
161 	fsparam_flag_no("migration",	Opt_migration),
162 	fsparam_u32   ("minorversion",	Opt_minorversion),
163 	fsparam_string("mountaddr",	Opt_mountaddr),
164 	fsparam_string("mounthost",	Opt_mounthost),
165 	fsparam_u32   ("mountport",	Opt_mountport),
166 	fsparam_string("mountproto",	Opt_mountproto),
167 	fsparam_u32   ("mountvers",	Opt_mountvers),
168 	fsparam_u32   ("namlen",	Opt_namelen),
169 	fsparam_u32   ("nconnect",	Opt_nconnect),
170 	fsparam_u32   ("max_connect",	Opt_max_connect),
171 	fsparam_string("nfsvers",	Opt_vers),
172 	fsparam_u32   ("port",		Opt_port),
173 	fsparam_flag_no("posix",	Opt_posix),
174 	fsparam_string("proto",		Opt_proto),
175 	fsparam_flag_no("rdirplus",	Opt_rdirplus),
176 	fsparam_flag  ("rdma",		Opt_rdma),
177 	fsparam_flag_no("resvport",	Opt_resvport),
178 	fsparam_u32   ("retrans",	Opt_retrans),
179 	fsparam_string("retry",		Opt_retry),
180 	fsparam_u32   ("rsize",		Opt_rsize),
181 	fsparam_string("sec",		Opt_sec),
182 	fsparam_flag_no("sharecache",	Opt_sharecache),
183 	fsparam_flag  ("sloppy",	Opt_sloppy),
184 	fsparam_flag  ("soft",		Opt_soft),
185 	fsparam_flag  ("softerr",	Opt_softerr),
186 	fsparam_flag  ("softreval",	Opt_softreval),
187 	fsparam_string("source",	Opt_source),
188 	fsparam_flag  ("tcp",		Opt_tcp),
189 	fsparam_u32   ("timeo",		Opt_timeo),
190 	fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery),
191 	fsparam_flag  ("udp",		Opt_udp),
192 	fsparam_flag  ("v2",		Opt_v),
193 	fsparam_flag  ("v3",		Opt_v),
194 	fsparam_flag  ("v4",		Opt_v),
195 	fsparam_flag  ("v4.0",		Opt_v),
196 	fsparam_flag  ("v4.1",		Opt_v),
197 	fsparam_flag  ("v4.2",		Opt_v),
198 	fsparam_string("vers",		Opt_vers),
199 	fsparam_enum  ("write",		Opt_write, nfs_param_enums_write),
200 	fsparam_u32   ("wsize",		Opt_wsize),
201 	fsparam_string("xprtsec",	Opt_xprtsec),
202 	{}
203 };
204 
205 enum {
206 	Opt_vers_2,
207 	Opt_vers_3,
208 	Opt_vers_4,
209 	Opt_vers_4_0,
210 	Opt_vers_4_1,
211 	Opt_vers_4_2,
212 };
213 
214 static const struct constant_table nfs_vers_tokens[] = {
215 	{ "2",		Opt_vers_2 },
216 	{ "3",		Opt_vers_3 },
217 	{ "4",		Opt_vers_4 },
218 	{ "4.0",	Opt_vers_4_0 },
219 	{ "4.1",	Opt_vers_4_1 },
220 	{ "4.2",	Opt_vers_4_2 },
221 	{}
222 };
223 
224 enum {
225 	Opt_xprt_rdma,
226 	Opt_xprt_rdma6,
227 	Opt_xprt_tcp,
228 	Opt_xprt_tcp6,
229 	Opt_xprt_udp,
230 	Opt_xprt_udp6,
231 	nr__Opt_xprt
232 };
233 
234 static const struct constant_table nfs_xprt_protocol_tokens[] = {
235 	{ "rdma",	Opt_xprt_rdma },
236 	{ "rdma6",	Opt_xprt_rdma6 },
237 	{ "tcp",	Opt_xprt_tcp },
238 	{ "tcp6",	Opt_xprt_tcp6 },
239 	{ "udp",	Opt_xprt_udp },
240 	{ "udp6",	Opt_xprt_udp6 },
241 	{}
242 };
243 
244 enum {
245 	Opt_sec_krb5,
246 	Opt_sec_krb5i,
247 	Opt_sec_krb5p,
248 	Opt_sec_lkey,
249 	Opt_sec_lkeyi,
250 	Opt_sec_lkeyp,
251 	Opt_sec_none,
252 	Opt_sec_spkm,
253 	Opt_sec_spkmi,
254 	Opt_sec_spkmp,
255 	Opt_sec_sys,
256 	nr__Opt_sec
257 };
258 
259 static const struct constant_table nfs_secflavor_tokens[] = {
260 	{ "krb5",	Opt_sec_krb5 },
261 	{ "krb5i",	Opt_sec_krb5i },
262 	{ "krb5p",	Opt_sec_krb5p },
263 	{ "lkey",	Opt_sec_lkey },
264 	{ "lkeyi",	Opt_sec_lkeyi },
265 	{ "lkeyp",	Opt_sec_lkeyp },
266 	{ "none",	Opt_sec_none },
267 	{ "null",	Opt_sec_none },
268 	{ "spkm3",	Opt_sec_spkm },
269 	{ "spkm3i",	Opt_sec_spkmi },
270 	{ "spkm3p",	Opt_sec_spkmp },
271 	{ "sys",	Opt_sec_sys },
272 	{}
273 };
274 
275 enum {
276 	Opt_xprtsec_none,
277 	Opt_xprtsec_tls,
278 	Opt_xprtsec_mtls,
279 	nr__Opt_xprtsec
280 };
281 
282 static const struct constant_table nfs_xprtsec_policies[] = {
283 	{ "none",	Opt_xprtsec_none },
284 	{ "tls",	Opt_xprtsec_tls },
285 	{ "mtls",	Opt_xprtsec_mtls },
286 	{}
287 };
288 
289 /*
290  * Sanity-check a server address provided by the mount command.
291  *
292  * Address family must be initialized, and address must not be
293  * the ANY address for that family.
294  */
295 static int nfs_verify_server_address(struct sockaddr_storage *addr)
296 {
297 	switch (addr->ss_family) {
298 	case AF_INET: {
299 		struct sockaddr_in *sa = (struct sockaddr_in *)addr;
300 		return sa->sin_addr.s_addr != htonl(INADDR_ANY);
301 	}
302 	case AF_INET6: {
303 		struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr;
304 		return !ipv6_addr_any(sa);
305 	}
306 	}
307 
308 	return 0;
309 }
310 
311 #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT
312 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
313 {
314 	return true;
315 }
316 #else
317 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
318 {
319 	if (ctx->version == 4)
320 		return true;
321 	return false;
322 }
323 #endif
324 
325 /*
326  * Sanity check the NFS transport protocol.
327  */
328 static int nfs_validate_transport_protocol(struct fs_context *fc,
329 					   struct nfs_fs_context *ctx)
330 {
331 	switch (ctx->nfs_server.protocol) {
332 	case XPRT_TRANSPORT_UDP:
333 		if (nfs_server_transport_udp_invalid(ctx))
334 			goto out_invalid_transport_udp;
335 		break;
336 	case XPRT_TRANSPORT_TCP:
337 	case XPRT_TRANSPORT_RDMA:
338 		break;
339 	default:
340 		ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
341 	}
342 
343 	if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE)
344 		switch (ctx->nfs_server.protocol) {
345 		case XPRT_TRANSPORT_TCP:
346 			ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS;
347 			break;
348 		default:
349 			goto out_invalid_xprtsec_policy;
350 	}
351 
352 	return 0;
353 out_invalid_transport_udp:
354 	return nfs_invalf(fc, "NFS: Unsupported transport protocol udp");
355 out_invalid_xprtsec_policy:
356 	return nfs_invalf(fc, "NFS: Transport does not support xprtsec");
357 }
358 
359 /*
360  * For text based NFSv2/v3 mounts, the mount protocol transport default
361  * settings should depend upon the specified NFS transport.
362  */
363 static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx)
364 {
365 	if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP ||
366 	    ctx->mount_server.protocol == XPRT_TRANSPORT_TCP)
367 			return;
368 	switch (ctx->nfs_server.protocol) {
369 	case XPRT_TRANSPORT_UDP:
370 		ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
371 		break;
372 	case XPRT_TRANSPORT_TCP:
373 	case XPRT_TRANSPORT_RDMA:
374 		ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
375 	}
376 }
377 
378 /*
379  * Add 'flavor' to 'auth_info' if not already present.
380  * Returns true if 'flavor' ends up in the list, false otherwise
381  */
382 static int nfs_auth_info_add(struct fs_context *fc,
383 			     struct nfs_auth_info *auth_info,
384 			     rpc_authflavor_t flavor)
385 {
386 	unsigned int i;
387 	unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors);
388 
389 	/* make sure this flavor isn't already in the list */
390 	for (i = 0; i < auth_info->flavor_len; i++) {
391 		if (flavor == auth_info->flavors[i])
392 			return 0;
393 	}
394 
395 	if (auth_info->flavor_len + 1 >= max_flavor_len)
396 		return nfs_invalf(fc, "NFS: too many sec= flavors");
397 
398 	auth_info->flavors[auth_info->flavor_len++] = flavor;
399 	return 0;
400 }
401 
402 /*
403  * Parse the value of the 'sec=' option.
404  */
405 static int nfs_parse_security_flavors(struct fs_context *fc,
406 				      struct fs_parameter *param)
407 {
408 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
409 	rpc_authflavor_t pseudoflavor;
410 	char *string = param->string, *p;
411 	int ret;
412 
413 	trace_nfs_mount_assign(param->key, string);
414 
415 	while ((p = strsep(&string, ":")) != NULL) {
416 		if (!*p)
417 			continue;
418 		switch (lookup_constant(nfs_secflavor_tokens, p, -1)) {
419 		case Opt_sec_none:
420 			pseudoflavor = RPC_AUTH_NULL;
421 			break;
422 		case Opt_sec_sys:
423 			pseudoflavor = RPC_AUTH_UNIX;
424 			break;
425 		case Opt_sec_krb5:
426 			pseudoflavor = RPC_AUTH_GSS_KRB5;
427 			break;
428 		case Opt_sec_krb5i:
429 			pseudoflavor = RPC_AUTH_GSS_KRB5I;
430 			break;
431 		case Opt_sec_krb5p:
432 			pseudoflavor = RPC_AUTH_GSS_KRB5P;
433 			break;
434 		case Opt_sec_lkey:
435 			pseudoflavor = RPC_AUTH_GSS_LKEY;
436 			break;
437 		case Opt_sec_lkeyi:
438 			pseudoflavor = RPC_AUTH_GSS_LKEYI;
439 			break;
440 		case Opt_sec_lkeyp:
441 			pseudoflavor = RPC_AUTH_GSS_LKEYP;
442 			break;
443 		case Opt_sec_spkm:
444 			pseudoflavor = RPC_AUTH_GSS_SPKM;
445 			break;
446 		case Opt_sec_spkmi:
447 			pseudoflavor = RPC_AUTH_GSS_SPKMI;
448 			break;
449 		case Opt_sec_spkmp:
450 			pseudoflavor = RPC_AUTH_GSS_SPKMP;
451 			break;
452 		default:
453 			return nfs_invalf(fc, "NFS: sec=%s option not recognized", p);
454 		}
455 
456 		ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor);
457 		if (ret < 0)
458 			return ret;
459 	}
460 
461 	return 0;
462 }
463 
464 static int nfs_parse_xprtsec_policy(struct fs_context *fc,
465 				    struct fs_parameter *param)
466 {
467 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
468 
469 	trace_nfs_mount_assign(param->key, param->string);
470 
471 	switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) {
472 	case Opt_xprtsec_none:
473 		ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
474 		break;
475 	case Opt_xprtsec_tls:
476 		ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON;
477 		break;
478 	case Opt_xprtsec_mtls:
479 		ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509;
480 		break;
481 	default:
482 		return nfs_invalf(fc, "NFS: Unrecognized transport security policy");
483 	}
484 	return 0;
485 }
486 
487 static int nfs_parse_version_string(struct fs_context *fc,
488 				    const char *string)
489 {
490 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
491 
492 	ctx->flags &= ~NFS_MOUNT_VER3;
493 	switch (lookup_constant(nfs_vers_tokens, string, -1)) {
494 	case Opt_vers_2:
495 		ctx->version = 2;
496 		break;
497 	case Opt_vers_3:
498 		ctx->flags |= NFS_MOUNT_VER3;
499 		ctx->version = 3;
500 		break;
501 	case Opt_vers_4:
502 		/* Backward compatibility option. In future,
503 		 * the mount program should always supply
504 		 * a NFSv4 minor version number.
505 		 */
506 		ctx->version = 4;
507 		break;
508 	case Opt_vers_4_0:
509 		ctx->version = 4;
510 		ctx->minorversion = 0;
511 		break;
512 	case Opt_vers_4_1:
513 		ctx->version = 4;
514 		ctx->minorversion = 1;
515 		break;
516 	case Opt_vers_4_2:
517 		ctx->version = 4;
518 		ctx->minorversion = 2;
519 		break;
520 	default:
521 		return nfs_invalf(fc, "NFS: Unsupported NFS version");
522 	}
523 	return 0;
524 }
525 
526 /*
527  * Parse a single mount parameter.
528  */
529 static int nfs_fs_context_parse_param(struct fs_context *fc,
530 				      struct fs_parameter *param)
531 {
532 	struct fs_parse_result result;
533 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
534 	unsigned short protofamily, mountfamily;
535 	unsigned int len;
536 	int ret, opt;
537 
538 	trace_nfs_mount_option(param);
539 
540 	opt = fs_parse(fc, nfs_fs_parameters, param, &result);
541 	if (opt < 0)
542 		return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt;
543 
544 	if (fc->security)
545 		ctx->has_sec_mnt_opts = 1;
546 
547 	switch (opt) {
548 	case Opt_source:
549 		if (fc->source)
550 			return nfs_invalf(fc, "NFS: Multiple sources not supported");
551 		fc->source = param->string;
552 		param->string = NULL;
553 		break;
554 
555 		/*
556 		 * boolean options:  foo/nofoo
557 		 */
558 	case Opt_soft:
559 		ctx->flags |= NFS_MOUNT_SOFT;
560 		ctx->flags &= ~NFS_MOUNT_SOFTERR;
561 		break;
562 	case Opt_softerr:
563 		ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL;
564 		ctx->flags &= ~NFS_MOUNT_SOFT;
565 		break;
566 	case Opt_hard:
567 		ctx->flags &= ~(NFS_MOUNT_SOFT |
568 				NFS_MOUNT_SOFTERR |
569 				NFS_MOUNT_SOFTREVAL);
570 		break;
571 	case Opt_softreval:
572 		if (result.negated)
573 			ctx->flags &= ~NFS_MOUNT_SOFTREVAL;
574 		else
575 			ctx->flags |= NFS_MOUNT_SOFTREVAL;
576 		break;
577 	case Opt_posix:
578 		if (result.negated)
579 			ctx->flags &= ~NFS_MOUNT_POSIX;
580 		else
581 			ctx->flags |= NFS_MOUNT_POSIX;
582 		break;
583 	case Opt_cto:
584 		if (result.negated)
585 			ctx->flags |= NFS_MOUNT_NOCTO;
586 		else
587 			ctx->flags &= ~NFS_MOUNT_NOCTO;
588 		break;
589 	case Opt_trunkdiscovery:
590 		if (result.negated)
591 			ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY;
592 		else
593 			ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY;
594 		break;
595 	case Opt_ac:
596 		if (result.negated)
597 			ctx->flags |= NFS_MOUNT_NOAC;
598 		else
599 			ctx->flags &= ~NFS_MOUNT_NOAC;
600 		break;
601 	case Opt_lock:
602 		if (result.negated) {
603 			ctx->flags |= NFS_MOUNT_NONLM;
604 			ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
605 		} else {
606 			ctx->flags &= ~NFS_MOUNT_NONLM;
607 			ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
608 		}
609 		break;
610 	case Opt_udp:
611 		ctx->flags &= ~NFS_MOUNT_TCP;
612 		ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
613 		break;
614 	case Opt_tcp:
615 	case Opt_rdma:
616 		ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */
617 		ret = xprt_find_transport_ident(param->key);
618 		if (ret < 0)
619 			goto out_bad_transport;
620 		ctx->nfs_server.protocol = ret;
621 		break;
622 	case Opt_acl:
623 		if (result.negated)
624 			ctx->flags |= NFS_MOUNT_NOACL;
625 		else
626 			ctx->flags &= ~NFS_MOUNT_NOACL;
627 		break;
628 	case Opt_rdirplus:
629 		if (result.negated)
630 			ctx->flags |= NFS_MOUNT_NORDIRPLUS;
631 		else
632 			ctx->flags &= ~NFS_MOUNT_NORDIRPLUS;
633 		break;
634 	case Opt_sharecache:
635 		if (result.negated)
636 			ctx->flags |= NFS_MOUNT_UNSHARED;
637 		else
638 			ctx->flags &= ~NFS_MOUNT_UNSHARED;
639 		break;
640 	case Opt_resvport:
641 		if (result.negated)
642 			ctx->flags |= NFS_MOUNT_NORESVPORT;
643 		else
644 			ctx->flags &= ~NFS_MOUNT_NORESVPORT;
645 		break;
646 	case Opt_fscache_flag:
647 		if (result.negated)
648 			ctx->options &= ~NFS_OPTION_FSCACHE;
649 		else
650 			ctx->options |= NFS_OPTION_FSCACHE;
651 		kfree(ctx->fscache_uniq);
652 		ctx->fscache_uniq = NULL;
653 		break;
654 	case Opt_fscache:
655 		trace_nfs_mount_assign(param->key, param->string);
656 		ctx->options |= NFS_OPTION_FSCACHE;
657 		kfree(ctx->fscache_uniq);
658 		ctx->fscache_uniq = param->string;
659 		param->string = NULL;
660 		break;
661 	case Opt_migration:
662 		if (result.negated)
663 			ctx->options &= ~NFS_OPTION_MIGRATION;
664 		else
665 			ctx->options |= NFS_OPTION_MIGRATION;
666 		break;
667 
668 		/*
669 		 * options that take numeric values
670 		 */
671 	case Opt_port:
672 		if (result.uint_32 > USHRT_MAX)
673 			goto out_of_bounds;
674 		ctx->nfs_server.port = result.uint_32;
675 		break;
676 	case Opt_rsize:
677 		ctx->rsize = result.uint_32;
678 		break;
679 	case Opt_wsize:
680 		ctx->wsize = result.uint_32;
681 		break;
682 	case Opt_bsize:
683 		ctx->bsize = result.uint_32;
684 		break;
685 	case Opt_timeo:
686 		if (result.uint_32 < 1 || result.uint_32 > INT_MAX)
687 			goto out_of_bounds;
688 		ctx->timeo = result.uint_32;
689 		break;
690 	case Opt_retrans:
691 		if (result.uint_32 > INT_MAX)
692 			goto out_of_bounds;
693 		ctx->retrans = result.uint_32;
694 		break;
695 	case Opt_acregmin:
696 		ctx->acregmin = result.uint_32;
697 		break;
698 	case Opt_acregmax:
699 		ctx->acregmax = result.uint_32;
700 		break;
701 	case Opt_acdirmin:
702 		ctx->acdirmin = result.uint_32;
703 		break;
704 	case Opt_acdirmax:
705 		ctx->acdirmax = result.uint_32;
706 		break;
707 	case Opt_actimeo:
708 		ctx->acregmin = result.uint_32;
709 		ctx->acregmax = result.uint_32;
710 		ctx->acdirmin = result.uint_32;
711 		ctx->acdirmax = result.uint_32;
712 		break;
713 	case Opt_namelen:
714 		ctx->namlen = result.uint_32;
715 		break;
716 	case Opt_mountport:
717 		if (result.uint_32 > USHRT_MAX)
718 			goto out_of_bounds;
719 		ctx->mount_server.port = result.uint_32;
720 		break;
721 	case Opt_mountvers:
722 		if (result.uint_32 < NFS_MNT_VERSION ||
723 		    result.uint_32 > NFS_MNT3_VERSION)
724 			goto out_of_bounds;
725 		ctx->mount_server.version = result.uint_32;
726 		break;
727 	case Opt_minorversion:
728 		if (result.uint_32 > NFS4_MAX_MINOR_VERSION)
729 			goto out_of_bounds;
730 		ctx->minorversion = result.uint_32;
731 		break;
732 
733 		/*
734 		 * options that take text values
735 		 */
736 	case Opt_v:
737 		ret = nfs_parse_version_string(fc, param->key + 1);
738 		if (ret < 0)
739 			return ret;
740 		break;
741 	case Opt_vers:
742 		if (!param->string)
743 			goto out_invalid_value;
744 		trace_nfs_mount_assign(param->key, param->string);
745 		ret = nfs_parse_version_string(fc, param->string);
746 		if (ret < 0)
747 			return ret;
748 		break;
749 	case Opt_sec:
750 		ret = nfs_parse_security_flavors(fc, param);
751 		if (ret < 0)
752 			return ret;
753 		break;
754 	case Opt_xprtsec:
755 		ret = nfs_parse_xprtsec_policy(fc, param);
756 		if (ret < 0)
757 			return ret;
758 		break;
759 
760 	case Opt_proto:
761 		if (!param->string)
762 			goto out_invalid_value;
763 		trace_nfs_mount_assign(param->key, param->string);
764 		protofamily = AF_INET;
765 		switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
766 		case Opt_xprt_udp6:
767 			protofamily = AF_INET6;
768 			fallthrough;
769 		case Opt_xprt_udp:
770 			ctx->flags &= ~NFS_MOUNT_TCP;
771 			ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
772 			break;
773 		case Opt_xprt_tcp6:
774 			protofamily = AF_INET6;
775 			fallthrough;
776 		case Opt_xprt_tcp:
777 			ctx->flags |= NFS_MOUNT_TCP;
778 			ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
779 			break;
780 		case Opt_xprt_rdma6:
781 			protofamily = AF_INET6;
782 			fallthrough;
783 		case Opt_xprt_rdma:
784 			/* vector side protocols to TCP */
785 			ctx->flags |= NFS_MOUNT_TCP;
786 			ret = xprt_find_transport_ident(param->string);
787 			if (ret < 0)
788 				goto out_bad_transport;
789 			ctx->nfs_server.protocol = ret;
790 			break;
791 		default:
792 			goto out_bad_transport;
793 		}
794 
795 		ctx->protofamily = protofamily;
796 		break;
797 
798 	case Opt_mountproto:
799 		if (!param->string)
800 			goto out_invalid_value;
801 		trace_nfs_mount_assign(param->key, param->string);
802 		mountfamily = AF_INET;
803 		switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
804 		case Opt_xprt_udp6:
805 			mountfamily = AF_INET6;
806 			fallthrough;
807 		case Opt_xprt_udp:
808 			ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
809 			break;
810 		case Opt_xprt_tcp6:
811 			mountfamily = AF_INET6;
812 			fallthrough;
813 		case Opt_xprt_tcp:
814 			ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
815 			break;
816 		case Opt_xprt_rdma: /* not used for side protocols */
817 		default:
818 			goto out_bad_transport;
819 		}
820 		ctx->mountfamily = mountfamily;
821 		break;
822 
823 	case Opt_addr:
824 		trace_nfs_mount_assign(param->key, param->string);
825 		len = rpc_pton(fc->net_ns, param->string, param->size,
826 			       &ctx->nfs_server.address,
827 			       sizeof(ctx->nfs_server._address));
828 		if (len == 0)
829 			goto out_invalid_address;
830 		ctx->nfs_server.addrlen = len;
831 		break;
832 	case Opt_clientaddr:
833 		trace_nfs_mount_assign(param->key, param->string);
834 		kfree(ctx->client_address);
835 		ctx->client_address = param->string;
836 		param->string = NULL;
837 		break;
838 	case Opt_mounthost:
839 		trace_nfs_mount_assign(param->key, param->string);
840 		kfree(ctx->mount_server.hostname);
841 		ctx->mount_server.hostname = param->string;
842 		param->string = NULL;
843 		break;
844 	case Opt_mountaddr:
845 		trace_nfs_mount_assign(param->key, param->string);
846 		len = rpc_pton(fc->net_ns, param->string, param->size,
847 			       &ctx->mount_server.address,
848 			       sizeof(ctx->mount_server._address));
849 		if (len == 0)
850 			goto out_invalid_address;
851 		ctx->mount_server.addrlen = len;
852 		break;
853 	case Opt_nconnect:
854 		trace_nfs_mount_assign(param->key, param->string);
855 		if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS)
856 			goto out_of_bounds;
857 		ctx->nfs_server.nconnect = result.uint_32;
858 		break;
859 	case Opt_max_connect:
860 		trace_nfs_mount_assign(param->key, param->string);
861 		if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS)
862 			goto out_of_bounds;
863 		ctx->nfs_server.max_connect = result.uint_32;
864 		break;
865 	case Opt_lookupcache:
866 		trace_nfs_mount_assign(param->key, param->string);
867 		switch (result.uint_32) {
868 		case Opt_lookupcache_all:
869 			ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE);
870 			break;
871 		case Opt_lookupcache_positive:
872 			ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE;
873 			ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG;
874 			break;
875 		case Opt_lookupcache_none:
876 			ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE;
877 			break;
878 		default:
879 			goto out_invalid_value;
880 		}
881 		break;
882 	case Opt_local_lock:
883 		trace_nfs_mount_assign(param->key, param->string);
884 		switch (result.uint_32) {
885 		case Opt_local_lock_all:
886 			ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK |
887 				       NFS_MOUNT_LOCAL_FCNTL);
888 			break;
889 		case Opt_local_lock_flock:
890 			ctx->flags |= NFS_MOUNT_LOCAL_FLOCK;
891 			break;
892 		case Opt_local_lock_posix:
893 			ctx->flags |= NFS_MOUNT_LOCAL_FCNTL;
894 			break;
895 		case Opt_local_lock_none:
896 			ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK |
897 					NFS_MOUNT_LOCAL_FCNTL);
898 			break;
899 		default:
900 			goto out_invalid_value;
901 		}
902 		break;
903 	case Opt_write:
904 		trace_nfs_mount_assign(param->key, param->string);
905 		switch (result.uint_32) {
906 		case Opt_write_lazy:
907 			ctx->flags &=
908 				~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT);
909 			break;
910 		case Opt_write_eager:
911 			ctx->flags |= NFS_MOUNT_WRITE_EAGER;
912 			ctx->flags &= ~NFS_MOUNT_WRITE_WAIT;
913 			break;
914 		case Opt_write_wait:
915 			ctx->flags |=
916 				NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT;
917 			break;
918 		default:
919 			goto out_invalid_value;
920 		}
921 		break;
922 
923 		/*
924 		 * Special options
925 		 */
926 	case Opt_sloppy:
927 		ctx->sloppy = true;
928 		break;
929 	}
930 
931 	return 0;
932 
933 out_invalid_value:
934 	return nfs_invalf(fc, "NFS: Bad mount option value specified");
935 out_invalid_address:
936 	return nfs_invalf(fc, "NFS: Bad IP address specified");
937 out_of_bounds:
938 	return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key);
939 out_bad_transport:
940 	return nfs_invalf(fc, "NFS: Unrecognized transport protocol");
941 }
942 
943 /*
944  * Split fc->source into "hostname:export_path".
945  *
946  * The leftmost colon demarks the split between the server's hostname
947  * and the export path.  If the hostname starts with a left square
948  * bracket, then it may contain colons.
949  *
950  * Note: caller frees hostname and export path, even on error.
951  */
952 static int nfs_parse_source(struct fs_context *fc,
953 			    size_t maxnamlen, size_t maxpathlen)
954 {
955 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
956 	const char *dev_name = fc->source;
957 	size_t len;
958 	const char *end;
959 
960 	if (unlikely(!dev_name || !*dev_name))
961 		return -EINVAL;
962 
963 	/* Is the host name protected with square brakcets? */
964 	if (*dev_name == '[') {
965 		end = strchr(++dev_name, ']');
966 		if (end == NULL || end[1] != ':')
967 			goto out_bad_devname;
968 
969 		len = end - dev_name;
970 		end++;
971 	} else {
972 		const char *comma;
973 
974 		end = strchr(dev_name, ':');
975 		if (end == NULL)
976 			goto out_bad_devname;
977 		len = end - dev_name;
978 
979 		/* kill possible hostname list: not supported */
980 		comma = memchr(dev_name, ',', len);
981 		if (comma)
982 			len = comma - dev_name;
983 	}
984 
985 	if (len > maxnamlen)
986 		goto out_hostname;
987 
988 	kfree(ctx->nfs_server.hostname);
989 
990 	/* N.B. caller will free nfs_server.hostname in all cases */
991 	ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL);
992 	if (!ctx->nfs_server.hostname)
993 		goto out_nomem;
994 	len = strlen(++end);
995 	if (len > maxpathlen)
996 		goto out_path;
997 	ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL);
998 	if (!ctx->nfs_server.export_path)
999 		goto out_nomem;
1000 
1001 	trace_nfs_mount_path(ctx->nfs_server.export_path);
1002 	return 0;
1003 
1004 out_bad_devname:
1005 	return nfs_invalf(fc, "NFS: device name not in host:path format");
1006 out_nomem:
1007 	nfs_errorf(fc, "NFS: not enough memory to parse device name");
1008 	return -ENOMEM;
1009 out_hostname:
1010 	nfs_errorf(fc, "NFS: server hostname too long");
1011 	return -ENAMETOOLONG;
1012 out_path:
1013 	nfs_errorf(fc, "NFS: export pathname too long");
1014 	return -ENAMETOOLONG;
1015 }
1016 
1017 static inline bool is_remount_fc(struct fs_context *fc)
1018 {
1019 	return fc->root != NULL;
1020 }
1021 
1022 /*
1023  * Parse monolithic NFS2/NFS3 mount data
1024  * - fills in the mount root filehandle
1025  *
1026  * For option strings, user space handles the following behaviors:
1027  *
1028  * + DNS: mapping server host name to IP address ("addr=" option)
1029  *
1030  * + failure mode: how to behave if a mount request can't be handled
1031  *   immediately ("fg/bg" option)
1032  *
1033  * + retry: how often to retry a mount request ("retry=" option)
1034  *
1035  * + breaking back: trying proto=udp after proto=tcp, v2 after v3,
1036  *   mountproto=tcp after mountproto=udp, and so on
1037  */
1038 static int nfs23_parse_monolithic(struct fs_context *fc,
1039 				  struct nfs_mount_data *data)
1040 {
1041 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
1042 	struct nfs_fh *mntfh = ctx->mntfh;
1043 	struct sockaddr_storage *sap = &ctx->nfs_server._address;
1044 	int extra_flags = NFS_MOUNT_LEGACY_INTERFACE;
1045 	int ret;
1046 
1047 	if (data == NULL)
1048 		goto out_no_data;
1049 
1050 	ctx->version = NFS_DEFAULT_VERSION;
1051 	switch (data->version) {
1052 	case 1:
1053 		data->namlen = 0;
1054 		fallthrough;
1055 	case 2:
1056 		data->bsize = 0;
1057 		fallthrough;
1058 	case 3:
1059 		if (data->flags & NFS_MOUNT_VER3)
1060 			goto out_no_v3;
1061 		data->root.size = NFS2_FHSIZE;
1062 		memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE);
1063 		/* Turn off security negotiation */
1064 		extra_flags |= NFS_MOUNT_SECFLAVOUR;
1065 		fallthrough;
1066 	case 4:
1067 		if (data->flags & NFS_MOUNT_SECFLAVOUR)
1068 			goto out_no_sec;
1069 		fallthrough;
1070 	case 5:
1071 		memset(data->context, 0, sizeof(data->context));
1072 		fallthrough;
1073 	case 6:
1074 		if (data->flags & NFS_MOUNT_VER3) {
1075 			if (data->root.size > NFS3_FHSIZE || data->root.size == 0)
1076 				goto out_invalid_fh;
1077 			mntfh->size = data->root.size;
1078 			ctx->version = 3;
1079 		} else {
1080 			mntfh->size = NFS2_FHSIZE;
1081 			ctx->version = 2;
1082 		}
1083 
1084 
1085 		memcpy(mntfh->data, data->root.data, mntfh->size);
1086 		if (mntfh->size < sizeof(mntfh->data))
1087 			memset(mntfh->data + mntfh->size, 0,
1088 			       sizeof(mntfh->data) - mntfh->size);
1089 
1090 		/*
1091 		 * for proto == XPRT_TRANSPORT_UDP, which is what uses
1092 		 * to_exponential, implying shift: limit the shift value
1093 		 * to BITS_PER_LONG (majortimeo is unsigned long)
1094 		 */
1095 		if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */
1096 			if (data->retrans >= 64) /* shift value is too large */
1097 				goto out_invalid_data;
1098 
1099 		/*
1100 		 * Translate to nfs_fs_context, which nfs_fill_super
1101 		 * can deal with.
1102 		 */
1103 		ctx->flags	= data->flags & NFS_MOUNT_FLAGMASK;
1104 		ctx->flags	|= extra_flags;
1105 		ctx->rsize	= data->rsize;
1106 		ctx->wsize	= data->wsize;
1107 		ctx->timeo	= data->timeo;
1108 		ctx->retrans	= data->retrans;
1109 		ctx->acregmin	= data->acregmin;
1110 		ctx->acregmax	= data->acregmax;
1111 		ctx->acdirmin	= data->acdirmin;
1112 		ctx->acdirmax	= data->acdirmax;
1113 		ctx->need_mount	= false;
1114 
1115 		memcpy(sap, &data->addr, sizeof(data->addr));
1116 		ctx->nfs_server.addrlen = sizeof(data->addr);
1117 		ctx->nfs_server.port = ntohs(data->addr.sin_port);
1118 		if (sap->ss_family != AF_INET ||
1119 		    !nfs_verify_server_address(sap))
1120 			goto out_no_address;
1121 
1122 		if (!(data->flags & NFS_MOUNT_TCP))
1123 			ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
1124 		/* N.B. caller will free nfs_server.hostname in all cases */
1125 		ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
1126 		if (!ctx->nfs_server.hostname)
1127 			goto out_nomem;
1128 
1129 		ctx->namlen		= data->namlen;
1130 		ctx->bsize		= data->bsize;
1131 
1132 		if (data->flags & NFS_MOUNT_SECFLAVOUR)
1133 			ctx->selected_flavor = data->pseudoflavor;
1134 		else
1135 			ctx->selected_flavor = RPC_AUTH_UNIX;
1136 
1137 		if (!(data->flags & NFS_MOUNT_NONLM))
1138 			ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK|
1139 					 NFS_MOUNT_LOCAL_FCNTL);
1140 		else
1141 			ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK|
1142 					NFS_MOUNT_LOCAL_FCNTL);
1143 
1144 		/*
1145 		 * The legacy version 6 binary mount data from userspace has a
1146 		 * field used only to transport selinux information into the
1147 		 * kernel.  To continue to support that functionality we
1148 		 * have a touch of selinux knowledge here in the NFS code. The
1149 		 * userspace code converted context=blah to just blah so we are
1150 		 * converting back to the full string selinux understands.
1151 		 */
1152 		if (data->context[0]){
1153 #ifdef CONFIG_SECURITY_SELINUX
1154 			int ret;
1155 
1156 			data->context[NFS_MAX_CONTEXT_LEN] = '\0';
1157 			ret = vfs_parse_fs_string(fc, "context",
1158 						  data->context, strlen(data->context));
1159 			if (ret < 0)
1160 				return ret;
1161 #else
1162 			return -EINVAL;
1163 #endif
1164 		}
1165 
1166 		break;
1167 	default:
1168 		goto generic;
1169 	}
1170 
1171 	ret = nfs_validate_transport_protocol(fc, ctx);
1172 	if (ret)
1173 		return ret;
1174 
1175 	ctx->skip_reconfig_option_check = true;
1176 	return 0;
1177 
1178 generic:
1179 	return generic_parse_monolithic(fc, data);
1180 
1181 out_no_data:
1182 	if (is_remount_fc(fc)) {
1183 		ctx->skip_reconfig_option_check = true;
1184 		return 0;
1185 	}
1186 	return nfs_invalf(fc, "NFS: mount program didn't pass any mount data");
1187 
1188 out_no_v3:
1189 	return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3");
1190 
1191 out_no_sec:
1192 	return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS");
1193 
1194 out_nomem:
1195 	return -ENOMEM;
1196 
1197 out_no_address:
1198 	return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1199 
1200 out_invalid_fh:
1201 	return nfs_invalf(fc, "NFS: invalid root filehandle");
1202 
1203 out_invalid_data:
1204 	return nfs_invalf(fc, "NFS: invalid binary mount data");
1205 }
1206 
1207 #if IS_ENABLED(CONFIG_NFS_V4)
1208 struct compat_nfs_string {
1209 	compat_uint_t len;
1210 	compat_uptr_t data;
1211 };
1212 
1213 static inline void compat_nfs_string(struct nfs_string *dst,
1214 				     struct compat_nfs_string *src)
1215 {
1216 	dst->data = compat_ptr(src->data);
1217 	dst->len = src->len;
1218 }
1219 
1220 struct compat_nfs4_mount_data_v1 {
1221 	compat_int_t version;
1222 	compat_int_t flags;
1223 	compat_int_t rsize;
1224 	compat_int_t wsize;
1225 	compat_int_t timeo;
1226 	compat_int_t retrans;
1227 	compat_int_t acregmin;
1228 	compat_int_t acregmax;
1229 	compat_int_t acdirmin;
1230 	compat_int_t acdirmax;
1231 	struct compat_nfs_string client_addr;
1232 	struct compat_nfs_string mnt_path;
1233 	struct compat_nfs_string hostname;
1234 	compat_uint_t host_addrlen;
1235 	compat_uptr_t host_addr;
1236 	compat_int_t proto;
1237 	compat_int_t auth_flavourlen;
1238 	compat_uptr_t auth_flavours;
1239 };
1240 
1241 static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data)
1242 {
1243 	struct compat_nfs4_mount_data_v1 *compat =
1244 			(struct compat_nfs4_mount_data_v1 *)data;
1245 
1246 	/* copy the fields backwards */
1247 	data->auth_flavours = compat_ptr(compat->auth_flavours);
1248 	data->auth_flavourlen = compat->auth_flavourlen;
1249 	data->proto = compat->proto;
1250 	data->host_addr = compat_ptr(compat->host_addr);
1251 	data->host_addrlen = compat->host_addrlen;
1252 	compat_nfs_string(&data->hostname, &compat->hostname);
1253 	compat_nfs_string(&data->mnt_path, &compat->mnt_path);
1254 	compat_nfs_string(&data->client_addr, &compat->client_addr);
1255 	data->acdirmax = compat->acdirmax;
1256 	data->acdirmin = compat->acdirmin;
1257 	data->acregmax = compat->acregmax;
1258 	data->acregmin = compat->acregmin;
1259 	data->retrans = compat->retrans;
1260 	data->timeo = compat->timeo;
1261 	data->wsize = compat->wsize;
1262 	data->rsize = compat->rsize;
1263 	data->flags = compat->flags;
1264 	data->version = compat->version;
1265 }
1266 
1267 /*
1268  * Validate NFSv4 mount options
1269  */
1270 static int nfs4_parse_monolithic(struct fs_context *fc,
1271 				 struct nfs4_mount_data *data)
1272 {
1273 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
1274 	struct sockaddr_storage *sap = &ctx->nfs_server._address;
1275 	int ret;
1276 	char *c;
1277 
1278 	if (!data) {
1279 		if (is_remount_fc(fc))
1280 			goto done;
1281 		return nfs_invalf(fc,
1282 			"NFS4: mount program didn't pass any mount data");
1283 	}
1284 
1285 	ctx->version = 4;
1286 
1287 	if (data->version != 1)
1288 		return generic_parse_monolithic(fc, data);
1289 
1290 	if (in_compat_syscall())
1291 		nfs4_compat_mount_data_conv(data);
1292 
1293 	if (data->host_addrlen > sizeof(ctx->nfs_server.address))
1294 		goto out_no_address;
1295 	if (data->host_addrlen == 0)
1296 		goto out_no_address;
1297 	ctx->nfs_server.addrlen = data->host_addrlen;
1298 	if (copy_from_user(sap, data->host_addr, data->host_addrlen))
1299 		return -EFAULT;
1300 	if (!nfs_verify_server_address(sap))
1301 		goto out_no_address;
1302 	ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port);
1303 
1304 	if (data->auth_flavourlen) {
1305 		rpc_authflavor_t pseudoflavor;
1306 
1307 		if (data->auth_flavourlen > 1)
1308 			goto out_inval_auth;
1309 		if (copy_from_user(&pseudoflavor, data->auth_flavours,
1310 				   sizeof(pseudoflavor)))
1311 			return -EFAULT;
1312 		ctx->selected_flavor = pseudoflavor;
1313 	} else {
1314 		ctx->selected_flavor = RPC_AUTH_UNIX;
1315 	}
1316 
1317 	c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN);
1318 	if (IS_ERR(c))
1319 		return PTR_ERR(c);
1320 	ctx->nfs_server.hostname = c;
1321 
1322 	c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN);
1323 	if (IS_ERR(c))
1324 		return PTR_ERR(c);
1325 	ctx->nfs_server.export_path = c;
1326 	trace_nfs_mount_path(c);
1327 
1328 	c = strndup_user(data->client_addr.data, 16);
1329 	if (IS_ERR(c))
1330 		return PTR_ERR(c);
1331 	ctx->client_address = c;
1332 
1333 	/*
1334 	 * Translate to nfs_fs_context, which nfs_fill_super
1335 	 * can deal with.
1336 	 */
1337 
1338 	ctx->flags	= data->flags & NFS4_MOUNT_FLAGMASK;
1339 	ctx->rsize	= data->rsize;
1340 	ctx->wsize	= data->wsize;
1341 	ctx->timeo	= data->timeo;
1342 	ctx->retrans	= data->retrans;
1343 	ctx->acregmin	= data->acregmin;
1344 	ctx->acregmax	= data->acregmax;
1345 	ctx->acdirmin	= data->acdirmin;
1346 	ctx->acdirmax	= data->acdirmax;
1347 	ctx->nfs_server.protocol = data->proto;
1348 	ret = nfs_validate_transport_protocol(fc, ctx);
1349 	if (ret)
1350 		return ret;
1351 done:
1352 	ctx->skip_reconfig_option_check = true;
1353 	return 0;
1354 
1355 out_inval_auth:
1356 	return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d",
1357 		      data->auth_flavourlen);
1358 
1359 out_no_address:
1360 	return nfs_invalf(fc, "NFS4: mount program didn't pass remote address");
1361 }
1362 #endif
1363 
1364 /*
1365  * Parse a monolithic block of data from sys_mount().
1366  */
1367 static int nfs_fs_context_parse_monolithic(struct fs_context *fc,
1368 					   void *data)
1369 {
1370 	if (fc->fs_type == &nfs_fs_type)
1371 		return nfs23_parse_monolithic(fc, data);
1372 
1373 #if IS_ENABLED(CONFIG_NFS_V4)
1374 	if (fc->fs_type == &nfs4_fs_type)
1375 		return nfs4_parse_monolithic(fc, data);
1376 #endif
1377 
1378 	return nfs_invalf(fc, "NFS: Unsupported monolithic data version");
1379 }
1380 
1381 /*
1382  * Validate the preparsed information in the config.
1383  */
1384 static int nfs_fs_context_validate(struct fs_context *fc)
1385 {
1386 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
1387 	struct nfs_subversion *nfs_mod;
1388 	struct sockaddr_storage *sap = &ctx->nfs_server._address;
1389 	int max_namelen = PAGE_SIZE;
1390 	int max_pathlen = NFS_MAXPATHLEN;
1391 	int port = 0;
1392 	int ret;
1393 
1394 	if (!fc->source)
1395 		goto out_no_device_name;
1396 
1397 	/* Check for sanity first. */
1398 	if (ctx->minorversion && ctx->version != 4)
1399 		goto out_minorversion_mismatch;
1400 
1401 	if (ctx->options & NFS_OPTION_MIGRATION &&
1402 	    (ctx->version != 4 || ctx->minorversion != 0))
1403 		goto out_migration_misuse;
1404 
1405 	/* Verify that any proto=/mountproto= options match the address
1406 	 * families in the addr=/mountaddr= options.
1407 	 */
1408 	if (ctx->protofamily != AF_UNSPEC &&
1409 	    ctx->protofamily != ctx->nfs_server.address.sa_family)
1410 		goto out_proto_mismatch;
1411 
1412 	if (ctx->mountfamily != AF_UNSPEC) {
1413 		if (ctx->mount_server.addrlen) {
1414 			if (ctx->mountfamily != ctx->mount_server.address.sa_family)
1415 				goto out_mountproto_mismatch;
1416 		} else {
1417 			if (ctx->mountfamily != ctx->nfs_server.address.sa_family)
1418 				goto out_mountproto_mismatch;
1419 		}
1420 	}
1421 
1422 	if (!nfs_verify_server_address(sap))
1423 		goto out_no_address;
1424 
1425 	ret = nfs_validate_transport_protocol(fc, ctx);
1426 	if (ret)
1427 		return ret;
1428 
1429 	if (ctx->version == 4) {
1430 		if (IS_ENABLED(CONFIG_NFS_V4)) {
1431 			if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1432 				port = NFS_RDMA_PORT;
1433 			else
1434 				port = NFS_PORT;
1435 			max_namelen = NFS4_MAXNAMLEN;
1436 			max_pathlen = NFS4_MAXPATHLEN;
1437 			ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL |
1438 					NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK |
1439 					NFS_MOUNT_LOCAL_FCNTL);
1440 		} else {
1441 			goto out_v4_not_compiled;
1442 		}
1443 	} else {
1444 		nfs_set_mount_transport_protocol(ctx);
1445 		if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1446 			port = NFS_RDMA_PORT;
1447 	}
1448 
1449 	nfs_set_port(sap, &ctx->nfs_server.port, port);
1450 
1451 	ret = nfs_parse_source(fc, max_namelen, max_pathlen);
1452 	if (ret < 0)
1453 		return ret;
1454 
1455 	/* Load the NFS protocol module if we haven't done so yet */
1456 	if (!ctx->nfs_mod) {
1457 		nfs_mod = get_nfs_version(ctx->version);
1458 		if (IS_ERR(nfs_mod)) {
1459 			ret = PTR_ERR(nfs_mod);
1460 			goto out_version_unavailable;
1461 		}
1462 		ctx->nfs_mod = nfs_mod;
1463 	}
1464 
1465 	/* Ensure the filesystem context has the correct fs_type */
1466 	if (fc->fs_type != ctx->nfs_mod->nfs_fs) {
1467 		module_put(fc->fs_type->owner);
1468 		__module_get(ctx->nfs_mod->nfs_fs->owner);
1469 		fc->fs_type = ctx->nfs_mod->nfs_fs;
1470 	}
1471 	return 0;
1472 
1473 out_no_device_name:
1474 	return nfs_invalf(fc, "NFS: Device name not specified");
1475 out_v4_not_compiled:
1476 	nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel");
1477 	return -EPROTONOSUPPORT;
1478 out_no_address:
1479 	return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1480 out_mountproto_mismatch:
1481 	return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option");
1482 out_proto_mismatch:
1483 	return nfs_invalf(fc, "NFS: Server address does not match proto= option");
1484 out_minorversion_mismatch:
1485 	return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u",
1486 			  ctx->version, ctx->minorversion);
1487 out_migration_misuse:
1488 	return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version");
1489 out_version_unavailable:
1490 	nfs_errorf(fc, "NFS: Version unavailable");
1491 	return ret;
1492 }
1493 
1494 /*
1495  * Create an NFS superblock by the appropriate method.
1496  */
1497 static int nfs_get_tree(struct fs_context *fc)
1498 {
1499 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
1500 	int err = nfs_fs_context_validate(fc);
1501 
1502 	if (err)
1503 		return err;
1504 	if (!ctx->internal)
1505 		return ctx->nfs_mod->rpc_ops->try_get_tree(fc);
1506 	else
1507 		return nfs_get_tree_common(fc);
1508 }
1509 
1510 /*
1511  * Handle duplication of a configuration.  The caller copied *src into *sc, but
1512  * it can't deal with resource pointers in the filesystem context, so we have
1513  * to do that.  We need to clear pointers, copy data or get extra refs as
1514  * appropriate.
1515  */
1516 static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc)
1517 {
1518 	struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx;
1519 
1520 	ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL);
1521 	if (!ctx)
1522 		return -ENOMEM;
1523 
1524 	ctx->mntfh = nfs_alloc_fhandle();
1525 	if (!ctx->mntfh) {
1526 		kfree(ctx);
1527 		return -ENOMEM;
1528 	}
1529 	nfs_copy_fh(ctx->mntfh, src->mntfh);
1530 
1531 	__module_get(ctx->nfs_mod->owner);
1532 	ctx->client_address		= NULL;
1533 	ctx->mount_server.hostname	= NULL;
1534 	ctx->nfs_server.export_path	= NULL;
1535 	ctx->nfs_server.hostname	= NULL;
1536 	ctx->fscache_uniq		= NULL;
1537 	ctx->clone_data.fattr		= NULL;
1538 	fc->fs_private = ctx;
1539 	return 0;
1540 }
1541 
1542 static void nfs_fs_context_free(struct fs_context *fc)
1543 {
1544 	struct nfs_fs_context *ctx = nfs_fc2context(fc);
1545 
1546 	if (ctx) {
1547 		if (ctx->server)
1548 			nfs_free_server(ctx->server);
1549 		if (ctx->nfs_mod)
1550 			put_nfs_version(ctx->nfs_mod);
1551 		kfree(ctx->client_address);
1552 		kfree(ctx->mount_server.hostname);
1553 		kfree(ctx->nfs_server.export_path);
1554 		kfree(ctx->nfs_server.hostname);
1555 		kfree(ctx->fscache_uniq);
1556 		nfs_free_fhandle(ctx->mntfh);
1557 		nfs_free_fattr(ctx->clone_data.fattr);
1558 		kfree(ctx);
1559 	}
1560 }
1561 
1562 static const struct fs_context_operations nfs_fs_context_ops = {
1563 	.free			= nfs_fs_context_free,
1564 	.dup			= nfs_fs_context_dup,
1565 	.parse_param		= nfs_fs_context_parse_param,
1566 	.parse_monolithic	= nfs_fs_context_parse_monolithic,
1567 	.get_tree		= nfs_get_tree,
1568 	.reconfigure		= nfs_reconfigure,
1569 };
1570 
1571 /*
1572  * Prepare superblock configuration.  We use the namespaces attached to the
1573  * context.  This may be the current process's namespaces, or it may be a
1574  * container's namespaces.
1575  */
1576 static int nfs_init_fs_context(struct fs_context *fc)
1577 {
1578 	struct nfs_fs_context *ctx;
1579 
1580 	ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL);
1581 	if (unlikely(!ctx))
1582 		return -ENOMEM;
1583 
1584 	ctx->mntfh = nfs_alloc_fhandle();
1585 	if (unlikely(!ctx->mntfh)) {
1586 		kfree(ctx);
1587 		return -ENOMEM;
1588 	}
1589 
1590 	ctx->protofamily	= AF_UNSPEC;
1591 	ctx->mountfamily	= AF_UNSPEC;
1592 	ctx->mount_server.port	= NFS_UNSPEC_PORT;
1593 
1594 	if (fc->root) {
1595 		/* reconfigure, start with the current config */
1596 		struct nfs_server *nfss = fc->root->d_sb->s_fs_info;
1597 		struct net *net = nfss->nfs_client->cl_net;
1598 
1599 		ctx->flags		= nfss->flags;
1600 		ctx->rsize		= nfss->rsize;
1601 		ctx->wsize		= nfss->wsize;
1602 		ctx->retrans		= nfss->client->cl_timeout->to_retries;
1603 		ctx->selected_flavor	= nfss->client->cl_auth->au_flavor;
1604 		ctx->acregmin		= nfss->acregmin / HZ;
1605 		ctx->acregmax		= nfss->acregmax / HZ;
1606 		ctx->acdirmin		= nfss->acdirmin / HZ;
1607 		ctx->acdirmax		= nfss->acdirmax / HZ;
1608 		ctx->timeo		= 10U * nfss->client->cl_timeout->to_initval / HZ;
1609 		ctx->nfs_server.port	= nfss->port;
1610 		ctx->nfs_server.addrlen	= nfss->nfs_client->cl_addrlen;
1611 		ctx->version		= nfss->nfs_client->rpc_ops->version;
1612 		ctx->minorversion	= nfss->nfs_client->cl_minorversion;
1613 
1614 		memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr,
1615 			ctx->nfs_server.addrlen);
1616 
1617 		if (fc->net_ns != net) {
1618 			put_net(fc->net_ns);
1619 			fc->net_ns = get_net(net);
1620 		}
1621 
1622 		ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod;
1623 		__module_get(ctx->nfs_mod->owner);
1624 	} else {
1625 		/* defaults */
1626 		ctx->timeo		= NFS_UNSPEC_TIMEO;
1627 		ctx->retrans		= NFS_UNSPEC_RETRANS;
1628 		ctx->acregmin		= NFS_DEF_ACREGMIN;
1629 		ctx->acregmax		= NFS_DEF_ACREGMAX;
1630 		ctx->acdirmin		= NFS_DEF_ACDIRMIN;
1631 		ctx->acdirmax		= NFS_DEF_ACDIRMAX;
1632 		ctx->nfs_server.port	= NFS_UNSPEC_PORT;
1633 		ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
1634 		ctx->selected_flavor	= RPC_AUTH_MAXFLAVOR;
1635 		ctx->minorversion	= 0;
1636 		ctx->need_mount		= true;
1637 		ctx->xprtsec.policy	= RPC_XPRTSEC_NONE;
1638 		ctx->xprtsec.cert_serial	= TLS_NO_CERT;
1639 		ctx->xprtsec.privkey_serial	= TLS_NO_PRIVKEY;
1640 
1641 		fc->s_iflags		|= SB_I_STABLE_WRITES;
1642 	}
1643 	fc->fs_private = ctx;
1644 	fc->ops = &nfs_fs_context_ops;
1645 	return 0;
1646 }
1647 
1648 struct file_system_type nfs_fs_type = {
1649 	.owner			= THIS_MODULE,
1650 	.name			= "nfs",
1651 	.init_fs_context	= nfs_init_fs_context,
1652 	.parameters		= nfs_fs_parameters,
1653 	.kill_sb		= nfs_kill_super,
1654 	.fs_flags		= FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1655 };
1656 MODULE_ALIAS_FS("nfs");
1657 EXPORT_SYMBOL_GPL(nfs_fs_type);
1658 
1659 #if IS_ENABLED(CONFIG_NFS_V4)
1660 struct file_system_type nfs4_fs_type = {
1661 	.owner			= THIS_MODULE,
1662 	.name			= "nfs4",
1663 	.init_fs_context	= nfs_init_fs_context,
1664 	.parameters		= nfs_fs_parameters,
1665 	.kill_sb		= nfs_kill_super,
1666 	.fs_flags		= FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1667 };
1668 MODULE_ALIAS_FS("nfs4");
1669 MODULE_ALIAS("nfs4");
1670 EXPORT_SYMBOL_GPL(nfs4_fs_type);
1671 #endif /* CONFIG_NFS_V4 */
1672