1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * linux/fs/nfs/fs_context.c 4 * 5 * Copyright (C) 1992 Rick Sladkey 6 * Conversion to new mount api Copyright (C) David Howells 7 * 8 * NFS mount handling. 9 * 10 * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com> 11 */ 12 13 #include <linux/compat.h> 14 #include <linux/module.h> 15 #include <linux/fs.h> 16 #include <linux/fs_context.h> 17 #include <linux/fs_parser.h> 18 #include <linux/nfs_fs.h> 19 #include <linux/nfs_mount.h> 20 #include <linux/nfs4_mount.h> 21 22 #include <net/handshake.h> 23 24 #include "nfs.h" 25 #include "internal.h" 26 27 #include "nfstrace.h" 28 29 #define NFSDBG_FACILITY NFSDBG_MOUNT 30 31 #if IS_ENABLED(CONFIG_NFS_V3) 32 #define NFS_DEFAULT_VERSION 3 33 #else 34 #define NFS_DEFAULT_VERSION 2 35 #endif 36 37 #define NFS_MAX_CONNECTIONS 16 38 39 enum nfs_param { 40 Opt_ac, 41 Opt_acdirmax, 42 Opt_acdirmin, 43 Opt_acl, 44 Opt_acregmax, 45 Opt_acregmin, 46 Opt_actimeo, 47 Opt_addr, 48 Opt_bg, 49 Opt_bsize, 50 Opt_clientaddr, 51 Opt_cto, 52 Opt_alignwrite, 53 Opt_fg, 54 Opt_fscache, 55 Opt_fscache_flag, 56 Opt_hard, 57 Opt_intr, 58 Opt_local_lock, 59 Opt_lock, 60 Opt_lookupcache, 61 Opt_migration, 62 Opt_minorversion, 63 Opt_mountaddr, 64 Opt_mounthost, 65 Opt_mountport, 66 Opt_mountproto, 67 Opt_mountvers, 68 Opt_namelen, 69 Opt_nconnect, 70 Opt_max_connect, 71 Opt_port, 72 Opt_posix, 73 Opt_proto, 74 Opt_rdirplus, 75 Opt_rdma, 76 Opt_resvport, 77 Opt_retrans, 78 Opt_retry, 79 Opt_rsize, 80 Opt_sec, 81 Opt_sharecache, 82 Opt_sloppy, 83 Opt_soft, 84 Opt_softerr, 85 Opt_softreval, 86 Opt_source, 87 Opt_tcp, 88 Opt_timeo, 89 Opt_trunkdiscovery, 90 Opt_udp, 91 Opt_v, 92 Opt_vers, 93 Opt_wsize, 94 Opt_write, 95 Opt_xprtsec, 96 }; 97 98 enum { 99 Opt_local_lock_all, 100 Opt_local_lock_flock, 101 Opt_local_lock_none, 102 Opt_local_lock_posix, 103 }; 104 105 static const struct constant_table nfs_param_enums_local_lock[] = { 106 { "all", Opt_local_lock_all }, 107 { "flock", Opt_local_lock_flock }, 108 { "posix", Opt_local_lock_posix }, 109 { "none", Opt_local_lock_none }, 110 {} 111 }; 112 113 enum { 114 Opt_lookupcache_all, 115 Opt_lookupcache_none, 116 Opt_lookupcache_positive, 117 }; 118 119 static const struct constant_table nfs_param_enums_lookupcache[] = { 120 { "all", Opt_lookupcache_all }, 121 { "none", Opt_lookupcache_none }, 122 { "pos", Opt_lookupcache_positive }, 123 { "positive", Opt_lookupcache_positive }, 124 {} 125 }; 126 127 enum { 128 Opt_write_lazy, 129 Opt_write_eager, 130 Opt_write_wait, 131 }; 132 133 static const struct constant_table nfs_param_enums_write[] = { 134 { "lazy", Opt_write_lazy }, 135 { "eager", Opt_write_eager }, 136 { "wait", Opt_write_wait }, 137 {} 138 }; 139 140 static const struct fs_parameter_spec nfs_fs_parameters[] = { 141 fsparam_flag_no("ac", Opt_ac), 142 fsparam_u32 ("acdirmax", Opt_acdirmax), 143 fsparam_u32 ("acdirmin", Opt_acdirmin), 144 fsparam_flag_no("acl", Opt_acl), 145 fsparam_u32 ("acregmax", Opt_acregmax), 146 fsparam_u32 ("acregmin", Opt_acregmin), 147 fsparam_u32 ("actimeo", Opt_actimeo), 148 fsparam_string("addr", Opt_addr), 149 fsparam_flag ("bg", Opt_bg), 150 fsparam_u32 ("bsize", Opt_bsize), 151 fsparam_string("clientaddr", Opt_clientaddr), 152 fsparam_flag_no("cto", Opt_cto), 153 fsparam_flag_no("alignwrite", Opt_alignwrite), 154 fsparam_flag ("fg", Opt_fg), 155 fsparam_flag_no("fsc", Opt_fscache_flag), 156 fsparam_string("fsc", Opt_fscache), 157 fsparam_flag ("hard", Opt_hard), 158 __fsparam(NULL, "intr", Opt_intr, 159 fs_param_neg_with_no|fs_param_deprecated, NULL), 160 fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock), 161 fsparam_flag_no("lock", Opt_lock), 162 fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache), 163 fsparam_flag_no("migration", Opt_migration), 164 fsparam_u32 ("minorversion", Opt_minorversion), 165 fsparam_string("mountaddr", Opt_mountaddr), 166 fsparam_string("mounthost", Opt_mounthost), 167 fsparam_u32 ("mountport", Opt_mountport), 168 fsparam_string("mountproto", Opt_mountproto), 169 fsparam_u32 ("mountvers", Opt_mountvers), 170 fsparam_u32 ("namlen", Opt_namelen), 171 fsparam_u32 ("nconnect", Opt_nconnect), 172 fsparam_u32 ("max_connect", Opt_max_connect), 173 fsparam_string("nfsvers", Opt_vers), 174 fsparam_u32 ("port", Opt_port), 175 fsparam_flag_no("posix", Opt_posix), 176 fsparam_string("proto", Opt_proto), 177 fsparam_flag_no("rdirplus", Opt_rdirplus), 178 fsparam_flag ("rdma", Opt_rdma), 179 fsparam_flag_no("resvport", Opt_resvport), 180 fsparam_u32 ("retrans", Opt_retrans), 181 fsparam_string("retry", Opt_retry), 182 fsparam_u32 ("rsize", Opt_rsize), 183 fsparam_string("sec", Opt_sec), 184 fsparam_flag_no("sharecache", Opt_sharecache), 185 fsparam_flag ("sloppy", Opt_sloppy), 186 fsparam_flag ("soft", Opt_soft), 187 fsparam_flag ("softerr", Opt_softerr), 188 fsparam_flag ("softreval", Opt_softreval), 189 fsparam_string("source", Opt_source), 190 fsparam_flag ("tcp", Opt_tcp), 191 fsparam_u32 ("timeo", Opt_timeo), 192 fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery), 193 fsparam_flag ("udp", Opt_udp), 194 fsparam_flag ("v2", Opt_v), 195 fsparam_flag ("v3", Opt_v), 196 fsparam_flag ("v4", Opt_v), 197 fsparam_flag ("v4.0", Opt_v), 198 fsparam_flag ("v4.1", Opt_v), 199 fsparam_flag ("v4.2", Opt_v), 200 fsparam_string("vers", Opt_vers), 201 fsparam_enum ("write", Opt_write, nfs_param_enums_write), 202 fsparam_u32 ("wsize", Opt_wsize), 203 fsparam_string("xprtsec", Opt_xprtsec), 204 {} 205 }; 206 207 enum { 208 Opt_vers_2, 209 Opt_vers_3, 210 Opt_vers_4, 211 Opt_vers_4_0, 212 Opt_vers_4_1, 213 Opt_vers_4_2, 214 }; 215 216 static const struct constant_table nfs_vers_tokens[] = { 217 { "2", Opt_vers_2 }, 218 { "3", Opt_vers_3 }, 219 { "4", Opt_vers_4 }, 220 { "4.0", Opt_vers_4_0 }, 221 { "4.1", Opt_vers_4_1 }, 222 { "4.2", Opt_vers_4_2 }, 223 {} 224 }; 225 226 enum { 227 Opt_xprt_rdma, 228 Opt_xprt_rdma6, 229 Opt_xprt_tcp, 230 Opt_xprt_tcp6, 231 Opt_xprt_udp, 232 Opt_xprt_udp6, 233 nr__Opt_xprt 234 }; 235 236 static const struct constant_table nfs_xprt_protocol_tokens[] = { 237 { "rdma", Opt_xprt_rdma }, 238 { "rdma6", Opt_xprt_rdma6 }, 239 { "tcp", Opt_xprt_tcp }, 240 { "tcp6", Opt_xprt_tcp6 }, 241 { "udp", Opt_xprt_udp }, 242 { "udp6", Opt_xprt_udp6 }, 243 {} 244 }; 245 246 enum { 247 Opt_sec_krb5, 248 Opt_sec_krb5i, 249 Opt_sec_krb5p, 250 Opt_sec_lkey, 251 Opt_sec_lkeyi, 252 Opt_sec_lkeyp, 253 Opt_sec_none, 254 Opt_sec_spkm, 255 Opt_sec_spkmi, 256 Opt_sec_spkmp, 257 Opt_sec_sys, 258 nr__Opt_sec 259 }; 260 261 static const struct constant_table nfs_secflavor_tokens[] = { 262 { "krb5", Opt_sec_krb5 }, 263 { "krb5i", Opt_sec_krb5i }, 264 { "krb5p", Opt_sec_krb5p }, 265 { "lkey", Opt_sec_lkey }, 266 { "lkeyi", Opt_sec_lkeyi }, 267 { "lkeyp", Opt_sec_lkeyp }, 268 { "none", Opt_sec_none }, 269 { "null", Opt_sec_none }, 270 { "spkm3", Opt_sec_spkm }, 271 { "spkm3i", Opt_sec_spkmi }, 272 { "spkm3p", Opt_sec_spkmp }, 273 { "sys", Opt_sec_sys }, 274 {} 275 }; 276 277 enum { 278 Opt_xprtsec_none, 279 Opt_xprtsec_tls, 280 Opt_xprtsec_mtls, 281 nr__Opt_xprtsec 282 }; 283 284 static const struct constant_table nfs_xprtsec_policies[] = { 285 { "none", Opt_xprtsec_none }, 286 { "tls", Opt_xprtsec_tls }, 287 { "mtls", Opt_xprtsec_mtls }, 288 {} 289 }; 290 291 /* 292 * Sanity-check a server address provided by the mount command. 293 * 294 * Address family must be initialized, and address must not be 295 * the ANY address for that family. 296 */ 297 static int nfs_verify_server_address(struct sockaddr_storage *addr) 298 { 299 switch (addr->ss_family) { 300 case AF_INET: { 301 struct sockaddr_in *sa = (struct sockaddr_in *)addr; 302 return sa->sin_addr.s_addr != htonl(INADDR_ANY); 303 } 304 case AF_INET6: { 305 struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr; 306 return !ipv6_addr_any(sa); 307 } 308 } 309 310 return 0; 311 } 312 313 #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT 314 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx) 315 { 316 return true; 317 } 318 #else 319 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx) 320 { 321 if (ctx->version == 4) 322 return true; 323 return false; 324 } 325 #endif 326 327 /* 328 * Sanity check the NFS transport protocol. 329 */ 330 static int nfs_validate_transport_protocol(struct fs_context *fc, 331 struct nfs_fs_context *ctx) 332 { 333 switch (ctx->nfs_server.protocol) { 334 case XPRT_TRANSPORT_UDP: 335 if (nfs_server_transport_udp_invalid(ctx)) 336 goto out_invalid_transport_udp; 337 break; 338 case XPRT_TRANSPORT_TCP: 339 case XPRT_TRANSPORT_RDMA: 340 break; 341 default: 342 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 343 } 344 345 if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE) 346 switch (ctx->nfs_server.protocol) { 347 case XPRT_TRANSPORT_TCP: 348 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS; 349 break; 350 default: 351 goto out_invalid_xprtsec_policy; 352 } 353 354 return 0; 355 out_invalid_transport_udp: 356 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp"); 357 out_invalid_xprtsec_policy: 358 return nfs_invalf(fc, "NFS: Transport does not support xprtsec"); 359 } 360 361 /* 362 * For text based NFSv2/v3 mounts, the mount protocol transport default 363 * settings should depend upon the specified NFS transport. 364 */ 365 static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx) 366 { 367 if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP || 368 ctx->mount_server.protocol == XPRT_TRANSPORT_TCP) 369 return; 370 switch (ctx->nfs_server.protocol) { 371 case XPRT_TRANSPORT_UDP: 372 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; 373 break; 374 case XPRT_TRANSPORT_TCP: 375 case XPRT_TRANSPORT_RDMA: 376 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; 377 } 378 } 379 380 /* 381 * Add 'flavor' to 'auth_info' if not already present. 382 * Returns true if 'flavor' ends up in the list, false otherwise 383 */ 384 static int nfs_auth_info_add(struct fs_context *fc, 385 struct nfs_auth_info *auth_info, 386 rpc_authflavor_t flavor) 387 { 388 unsigned int i; 389 unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors); 390 391 /* make sure this flavor isn't already in the list */ 392 for (i = 0; i < auth_info->flavor_len; i++) { 393 if (flavor == auth_info->flavors[i]) 394 return 0; 395 } 396 397 if (auth_info->flavor_len + 1 >= max_flavor_len) 398 return nfs_invalf(fc, "NFS: too many sec= flavors"); 399 400 auth_info->flavors[auth_info->flavor_len++] = flavor; 401 return 0; 402 } 403 404 /* 405 * Parse the value of the 'sec=' option. 406 */ 407 static int nfs_parse_security_flavors(struct fs_context *fc, 408 struct fs_parameter *param) 409 { 410 struct nfs_fs_context *ctx = nfs_fc2context(fc); 411 rpc_authflavor_t pseudoflavor; 412 char *string = param->string, *p; 413 int ret; 414 415 trace_nfs_mount_assign(param->key, string); 416 417 while ((p = strsep(&string, ":")) != NULL) { 418 if (!*p) 419 continue; 420 switch (lookup_constant(nfs_secflavor_tokens, p, -1)) { 421 case Opt_sec_none: 422 pseudoflavor = RPC_AUTH_NULL; 423 break; 424 case Opt_sec_sys: 425 pseudoflavor = RPC_AUTH_UNIX; 426 break; 427 case Opt_sec_krb5: 428 pseudoflavor = RPC_AUTH_GSS_KRB5; 429 break; 430 case Opt_sec_krb5i: 431 pseudoflavor = RPC_AUTH_GSS_KRB5I; 432 break; 433 case Opt_sec_krb5p: 434 pseudoflavor = RPC_AUTH_GSS_KRB5P; 435 break; 436 case Opt_sec_lkey: 437 pseudoflavor = RPC_AUTH_GSS_LKEY; 438 break; 439 case Opt_sec_lkeyi: 440 pseudoflavor = RPC_AUTH_GSS_LKEYI; 441 break; 442 case Opt_sec_lkeyp: 443 pseudoflavor = RPC_AUTH_GSS_LKEYP; 444 break; 445 case Opt_sec_spkm: 446 pseudoflavor = RPC_AUTH_GSS_SPKM; 447 break; 448 case Opt_sec_spkmi: 449 pseudoflavor = RPC_AUTH_GSS_SPKMI; 450 break; 451 case Opt_sec_spkmp: 452 pseudoflavor = RPC_AUTH_GSS_SPKMP; 453 break; 454 default: 455 return nfs_invalf(fc, "NFS: sec=%s option not recognized", p); 456 } 457 458 ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor); 459 if (ret < 0) 460 return ret; 461 } 462 463 return 0; 464 } 465 466 static int nfs_parse_xprtsec_policy(struct fs_context *fc, 467 struct fs_parameter *param) 468 { 469 struct nfs_fs_context *ctx = nfs_fc2context(fc); 470 471 trace_nfs_mount_assign(param->key, param->string); 472 473 switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) { 474 case Opt_xprtsec_none: 475 ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 476 break; 477 case Opt_xprtsec_tls: 478 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON; 479 break; 480 case Opt_xprtsec_mtls: 481 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509; 482 break; 483 default: 484 return nfs_invalf(fc, "NFS: Unrecognized transport security policy"); 485 } 486 return 0; 487 } 488 489 static int nfs_parse_version_string(struct fs_context *fc, 490 const char *string) 491 { 492 struct nfs_fs_context *ctx = nfs_fc2context(fc); 493 494 ctx->flags &= ~NFS_MOUNT_VER3; 495 switch (lookup_constant(nfs_vers_tokens, string, -1)) { 496 case Opt_vers_2: 497 ctx->version = 2; 498 break; 499 case Opt_vers_3: 500 ctx->flags |= NFS_MOUNT_VER3; 501 ctx->version = 3; 502 break; 503 case Opt_vers_4: 504 /* Backward compatibility option. In future, 505 * the mount program should always supply 506 * a NFSv4 minor version number. 507 */ 508 ctx->version = 4; 509 break; 510 case Opt_vers_4_0: 511 ctx->version = 4; 512 ctx->minorversion = 0; 513 break; 514 case Opt_vers_4_1: 515 ctx->version = 4; 516 ctx->minorversion = 1; 517 break; 518 case Opt_vers_4_2: 519 ctx->version = 4; 520 ctx->minorversion = 2; 521 break; 522 default: 523 return nfs_invalf(fc, "NFS: Unsupported NFS version"); 524 } 525 return 0; 526 } 527 528 /* 529 * Parse a single mount parameter. 530 */ 531 static int nfs_fs_context_parse_param(struct fs_context *fc, 532 struct fs_parameter *param) 533 { 534 struct fs_parse_result result; 535 struct nfs_fs_context *ctx = nfs_fc2context(fc); 536 unsigned short protofamily, mountfamily; 537 unsigned int len; 538 int ret, opt; 539 540 trace_nfs_mount_option(param); 541 542 opt = fs_parse(fc, nfs_fs_parameters, param, &result); 543 if (opt < 0) 544 return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt; 545 546 if (fc->security) 547 ctx->has_sec_mnt_opts = 1; 548 549 switch (opt) { 550 case Opt_source: 551 if (fc->source) 552 return nfs_invalf(fc, "NFS: Multiple sources not supported"); 553 fc->source = param->string; 554 param->string = NULL; 555 break; 556 557 /* 558 * boolean options: foo/nofoo 559 */ 560 case Opt_soft: 561 ctx->flags |= NFS_MOUNT_SOFT; 562 ctx->flags &= ~NFS_MOUNT_SOFTERR; 563 break; 564 case Opt_softerr: 565 ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL; 566 ctx->flags &= ~NFS_MOUNT_SOFT; 567 break; 568 case Opt_hard: 569 ctx->flags &= ~(NFS_MOUNT_SOFT | 570 NFS_MOUNT_SOFTERR | 571 NFS_MOUNT_SOFTREVAL); 572 break; 573 case Opt_softreval: 574 if (result.negated) 575 ctx->flags &= ~NFS_MOUNT_SOFTREVAL; 576 else 577 ctx->flags |= NFS_MOUNT_SOFTREVAL; 578 break; 579 case Opt_posix: 580 if (result.negated) 581 ctx->flags &= ~NFS_MOUNT_POSIX; 582 else 583 ctx->flags |= NFS_MOUNT_POSIX; 584 break; 585 case Opt_cto: 586 if (result.negated) 587 ctx->flags |= NFS_MOUNT_NOCTO; 588 else 589 ctx->flags &= ~NFS_MOUNT_NOCTO; 590 break; 591 case Opt_trunkdiscovery: 592 if (result.negated) 593 ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY; 594 else 595 ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY; 596 break; 597 case Opt_alignwrite: 598 if (result.negated) 599 ctx->flags |= NFS_MOUNT_NO_ALIGNWRITE; 600 else 601 ctx->flags &= ~NFS_MOUNT_NO_ALIGNWRITE; 602 break; 603 case Opt_ac: 604 if (result.negated) 605 ctx->flags |= NFS_MOUNT_NOAC; 606 else 607 ctx->flags &= ~NFS_MOUNT_NOAC; 608 break; 609 case Opt_lock: 610 if (result.negated) { 611 ctx->lock_status = NFS_LOCK_NOLOCK; 612 ctx->flags |= NFS_MOUNT_NONLM; 613 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); 614 } else { 615 ctx->lock_status = NFS_LOCK_LOCK; 616 ctx->flags &= ~NFS_MOUNT_NONLM; 617 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); 618 } 619 break; 620 case Opt_udp: 621 ctx->flags &= ~NFS_MOUNT_TCP; 622 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 623 break; 624 case Opt_tcp: 625 case Opt_rdma: 626 ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */ 627 ret = xprt_find_transport_ident(param->key); 628 if (ret < 0) 629 goto out_bad_transport; 630 ctx->nfs_server.protocol = ret; 631 break; 632 case Opt_acl: 633 if (result.negated) 634 ctx->flags |= NFS_MOUNT_NOACL; 635 else 636 ctx->flags &= ~NFS_MOUNT_NOACL; 637 break; 638 case Opt_rdirplus: 639 if (result.negated) 640 ctx->flags |= NFS_MOUNT_NORDIRPLUS; 641 else 642 ctx->flags &= ~NFS_MOUNT_NORDIRPLUS; 643 break; 644 case Opt_sharecache: 645 if (result.negated) 646 ctx->flags |= NFS_MOUNT_UNSHARED; 647 else 648 ctx->flags &= ~NFS_MOUNT_UNSHARED; 649 break; 650 case Opt_resvport: 651 if (result.negated) 652 ctx->flags |= NFS_MOUNT_NORESVPORT; 653 else 654 ctx->flags &= ~NFS_MOUNT_NORESVPORT; 655 break; 656 case Opt_fscache_flag: 657 if (result.negated) 658 ctx->options &= ~NFS_OPTION_FSCACHE; 659 else 660 ctx->options |= NFS_OPTION_FSCACHE; 661 kfree(ctx->fscache_uniq); 662 ctx->fscache_uniq = NULL; 663 break; 664 case Opt_fscache: 665 trace_nfs_mount_assign(param->key, param->string); 666 ctx->options |= NFS_OPTION_FSCACHE; 667 kfree(ctx->fscache_uniq); 668 ctx->fscache_uniq = param->string; 669 param->string = NULL; 670 break; 671 case Opt_migration: 672 if (result.negated) 673 ctx->options &= ~NFS_OPTION_MIGRATION; 674 else 675 ctx->options |= NFS_OPTION_MIGRATION; 676 break; 677 678 /* 679 * options that take numeric values 680 */ 681 case Opt_port: 682 if (result.uint_32 > USHRT_MAX) 683 goto out_of_bounds; 684 ctx->nfs_server.port = result.uint_32; 685 break; 686 case Opt_rsize: 687 ctx->rsize = result.uint_32; 688 break; 689 case Opt_wsize: 690 ctx->wsize = result.uint_32; 691 break; 692 case Opt_bsize: 693 ctx->bsize = result.uint_32; 694 break; 695 case Opt_timeo: 696 if (result.uint_32 < 1 || result.uint_32 > INT_MAX) 697 goto out_of_bounds; 698 ctx->timeo = result.uint_32; 699 break; 700 case Opt_retrans: 701 if (result.uint_32 > INT_MAX) 702 goto out_of_bounds; 703 ctx->retrans = result.uint_32; 704 break; 705 case Opt_acregmin: 706 ctx->acregmin = result.uint_32; 707 break; 708 case Opt_acregmax: 709 ctx->acregmax = result.uint_32; 710 break; 711 case Opt_acdirmin: 712 ctx->acdirmin = result.uint_32; 713 break; 714 case Opt_acdirmax: 715 ctx->acdirmax = result.uint_32; 716 break; 717 case Opt_actimeo: 718 ctx->acregmin = result.uint_32; 719 ctx->acregmax = result.uint_32; 720 ctx->acdirmin = result.uint_32; 721 ctx->acdirmax = result.uint_32; 722 break; 723 case Opt_namelen: 724 ctx->namlen = result.uint_32; 725 break; 726 case Opt_mountport: 727 if (result.uint_32 > USHRT_MAX) 728 goto out_of_bounds; 729 ctx->mount_server.port = result.uint_32; 730 break; 731 case Opt_mountvers: 732 if (result.uint_32 < NFS_MNT_VERSION || 733 result.uint_32 > NFS_MNT3_VERSION) 734 goto out_of_bounds; 735 ctx->mount_server.version = result.uint_32; 736 break; 737 case Opt_minorversion: 738 if (result.uint_32 > NFS4_MAX_MINOR_VERSION) 739 goto out_of_bounds; 740 ctx->minorversion = result.uint_32; 741 break; 742 743 /* 744 * options that take text values 745 */ 746 case Opt_v: 747 ret = nfs_parse_version_string(fc, param->key + 1); 748 if (ret < 0) 749 return ret; 750 break; 751 case Opt_vers: 752 if (!param->string) 753 goto out_invalid_value; 754 trace_nfs_mount_assign(param->key, param->string); 755 ret = nfs_parse_version_string(fc, param->string); 756 if (ret < 0) 757 return ret; 758 break; 759 case Opt_sec: 760 ret = nfs_parse_security_flavors(fc, param); 761 if (ret < 0) 762 return ret; 763 break; 764 case Opt_xprtsec: 765 ret = nfs_parse_xprtsec_policy(fc, param); 766 if (ret < 0) 767 return ret; 768 break; 769 770 case Opt_proto: 771 if (!param->string) 772 goto out_invalid_value; 773 trace_nfs_mount_assign(param->key, param->string); 774 protofamily = AF_INET; 775 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { 776 case Opt_xprt_udp6: 777 protofamily = AF_INET6; 778 fallthrough; 779 case Opt_xprt_udp: 780 ctx->flags &= ~NFS_MOUNT_TCP; 781 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 782 break; 783 case Opt_xprt_tcp6: 784 protofamily = AF_INET6; 785 fallthrough; 786 case Opt_xprt_tcp: 787 ctx->flags |= NFS_MOUNT_TCP; 788 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 789 break; 790 case Opt_xprt_rdma6: 791 protofamily = AF_INET6; 792 fallthrough; 793 case Opt_xprt_rdma: 794 /* vector side protocols to TCP */ 795 ctx->flags |= NFS_MOUNT_TCP; 796 ret = xprt_find_transport_ident(param->string); 797 if (ret < 0) 798 goto out_bad_transport; 799 ctx->nfs_server.protocol = ret; 800 break; 801 default: 802 goto out_bad_transport; 803 } 804 805 ctx->protofamily = protofamily; 806 break; 807 808 case Opt_mountproto: 809 if (!param->string) 810 goto out_invalid_value; 811 trace_nfs_mount_assign(param->key, param->string); 812 mountfamily = AF_INET; 813 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { 814 case Opt_xprt_udp6: 815 mountfamily = AF_INET6; 816 fallthrough; 817 case Opt_xprt_udp: 818 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; 819 break; 820 case Opt_xprt_tcp6: 821 mountfamily = AF_INET6; 822 fallthrough; 823 case Opt_xprt_tcp: 824 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; 825 break; 826 case Opt_xprt_rdma: /* not used for side protocols */ 827 default: 828 goto out_bad_transport; 829 } 830 ctx->mountfamily = mountfamily; 831 break; 832 833 case Opt_addr: 834 trace_nfs_mount_assign(param->key, param->string); 835 len = rpc_pton(fc->net_ns, param->string, param->size, 836 &ctx->nfs_server.address, 837 sizeof(ctx->nfs_server._address)); 838 if (len == 0) 839 goto out_invalid_address; 840 ctx->nfs_server.addrlen = len; 841 break; 842 case Opt_clientaddr: 843 trace_nfs_mount_assign(param->key, param->string); 844 kfree(ctx->client_address); 845 ctx->client_address = param->string; 846 param->string = NULL; 847 break; 848 case Opt_mounthost: 849 trace_nfs_mount_assign(param->key, param->string); 850 kfree(ctx->mount_server.hostname); 851 ctx->mount_server.hostname = param->string; 852 param->string = NULL; 853 break; 854 case Opt_mountaddr: 855 trace_nfs_mount_assign(param->key, param->string); 856 len = rpc_pton(fc->net_ns, param->string, param->size, 857 &ctx->mount_server.address, 858 sizeof(ctx->mount_server._address)); 859 if (len == 0) 860 goto out_invalid_address; 861 ctx->mount_server.addrlen = len; 862 break; 863 case Opt_nconnect: 864 trace_nfs_mount_assign(param->key, param->string); 865 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS) 866 goto out_of_bounds; 867 ctx->nfs_server.nconnect = result.uint_32; 868 break; 869 case Opt_max_connect: 870 trace_nfs_mount_assign(param->key, param->string); 871 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS) 872 goto out_of_bounds; 873 ctx->nfs_server.max_connect = result.uint_32; 874 break; 875 case Opt_lookupcache: 876 trace_nfs_mount_assign(param->key, param->string); 877 switch (result.uint_32) { 878 case Opt_lookupcache_all: 879 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE); 880 break; 881 case Opt_lookupcache_positive: 882 ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE; 883 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG; 884 break; 885 case Opt_lookupcache_none: 886 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE; 887 break; 888 default: 889 goto out_invalid_value; 890 } 891 break; 892 case Opt_local_lock: 893 trace_nfs_mount_assign(param->key, param->string); 894 switch (result.uint_32) { 895 case Opt_local_lock_all: 896 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | 897 NFS_MOUNT_LOCAL_FCNTL); 898 break; 899 case Opt_local_lock_flock: 900 ctx->flags |= NFS_MOUNT_LOCAL_FLOCK; 901 break; 902 case Opt_local_lock_posix: 903 ctx->flags |= NFS_MOUNT_LOCAL_FCNTL; 904 break; 905 case Opt_local_lock_none: 906 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | 907 NFS_MOUNT_LOCAL_FCNTL); 908 break; 909 default: 910 goto out_invalid_value; 911 } 912 break; 913 case Opt_write: 914 trace_nfs_mount_assign(param->key, param->string); 915 switch (result.uint_32) { 916 case Opt_write_lazy: 917 ctx->flags &= 918 ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT); 919 break; 920 case Opt_write_eager: 921 ctx->flags |= NFS_MOUNT_WRITE_EAGER; 922 ctx->flags &= ~NFS_MOUNT_WRITE_WAIT; 923 break; 924 case Opt_write_wait: 925 ctx->flags |= 926 NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT; 927 break; 928 default: 929 goto out_invalid_value; 930 } 931 break; 932 933 /* 934 * Special options 935 */ 936 case Opt_sloppy: 937 ctx->sloppy = true; 938 break; 939 } 940 941 return 0; 942 943 out_invalid_value: 944 return nfs_invalf(fc, "NFS: Bad mount option value specified"); 945 out_invalid_address: 946 return nfs_invalf(fc, "NFS: Bad IP address specified"); 947 out_of_bounds: 948 return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key); 949 out_bad_transport: 950 return nfs_invalf(fc, "NFS: Unrecognized transport protocol"); 951 } 952 953 /* 954 * Split fc->source into "hostname:export_path". 955 * 956 * The leftmost colon demarks the split between the server's hostname 957 * and the export path. If the hostname starts with a left square 958 * bracket, then it may contain colons. 959 * 960 * Note: caller frees hostname and export path, even on error. 961 */ 962 static int nfs_parse_source(struct fs_context *fc, 963 size_t maxnamlen, size_t maxpathlen) 964 { 965 struct nfs_fs_context *ctx = nfs_fc2context(fc); 966 const char *dev_name = fc->source; 967 size_t len; 968 const char *end; 969 970 if (unlikely(!dev_name || !*dev_name)) 971 return -EINVAL; 972 973 /* Is the host name protected with square brakcets? */ 974 if (*dev_name == '[') { 975 end = strchr(++dev_name, ']'); 976 if (end == NULL || end[1] != ':') 977 goto out_bad_devname; 978 979 len = end - dev_name; 980 end++; 981 } else { 982 const char *comma; 983 984 end = strchr(dev_name, ':'); 985 if (end == NULL) 986 goto out_bad_devname; 987 len = end - dev_name; 988 989 /* kill possible hostname list: not supported */ 990 comma = memchr(dev_name, ',', len); 991 if (comma) 992 len = comma - dev_name; 993 } 994 995 if (len > maxnamlen) 996 goto out_hostname; 997 998 kfree(ctx->nfs_server.hostname); 999 1000 /* N.B. caller will free nfs_server.hostname in all cases */ 1001 ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL); 1002 if (!ctx->nfs_server.hostname) 1003 goto out_nomem; 1004 len = strlen(++end); 1005 if (len > maxpathlen) 1006 goto out_path; 1007 ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL); 1008 if (!ctx->nfs_server.export_path) 1009 goto out_nomem; 1010 1011 trace_nfs_mount_path(ctx->nfs_server.export_path); 1012 return 0; 1013 1014 out_bad_devname: 1015 return nfs_invalf(fc, "NFS: device name not in host:path format"); 1016 out_nomem: 1017 nfs_errorf(fc, "NFS: not enough memory to parse device name"); 1018 return -ENOMEM; 1019 out_hostname: 1020 nfs_errorf(fc, "NFS: server hostname too long"); 1021 return -ENAMETOOLONG; 1022 out_path: 1023 nfs_errorf(fc, "NFS: export pathname too long"); 1024 return -ENAMETOOLONG; 1025 } 1026 1027 static inline bool is_remount_fc(struct fs_context *fc) 1028 { 1029 return fc->root != NULL; 1030 } 1031 1032 /* 1033 * Parse monolithic NFS2/NFS3 mount data 1034 * - fills in the mount root filehandle 1035 * 1036 * For option strings, user space handles the following behaviors: 1037 * 1038 * + DNS: mapping server host name to IP address ("addr=" option) 1039 * 1040 * + failure mode: how to behave if a mount request can't be handled 1041 * immediately ("fg/bg" option) 1042 * 1043 * + retry: how often to retry a mount request ("retry=" option) 1044 * 1045 * + breaking back: trying proto=udp after proto=tcp, v2 after v3, 1046 * mountproto=tcp after mountproto=udp, and so on 1047 */ 1048 static int nfs23_parse_monolithic(struct fs_context *fc, 1049 struct nfs_mount_data *data) 1050 { 1051 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1052 struct nfs_fh *mntfh = ctx->mntfh; 1053 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1054 int extra_flags = NFS_MOUNT_LEGACY_INTERFACE; 1055 int ret; 1056 1057 if (data == NULL) 1058 goto out_no_data; 1059 1060 ctx->version = NFS_DEFAULT_VERSION; 1061 switch (data->version) { 1062 case 1: 1063 data->namlen = 0; 1064 fallthrough; 1065 case 2: 1066 data->bsize = 0; 1067 fallthrough; 1068 case 3: 1069 if (data->flags & NFS_MOUNT_VER3) 1070 goto out_no_v3; 1071 data->root.size = NFS2_FHSIZE; 1072 memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE); 1073 /* Turn off security negotiation */ 1074 extra_flags |= NFS_MOUNT_SECFLAVOUR; 1075 fallthrough; 1076 case 4: 1077 if (data->flags & NFS_MOUNT_SECFLAVOUR) 1078 goto out_no_sec; 1079 fallthrough; 1080 case 5: 1081 memset(data->context, 0, sizeof(data->context)); 1082 fallthrough; 1083 case 6: 1084 if (data->flags & NFS_MOUNT_VER3) { 1085 if (data->root.size > NFS3_FHSIZE || data->root.size == 0) 1086 goto out_invalid_fh; 1087 mntfh->size = data->root.size; 1088 ctx->version = 3; 1089 } else { 1090 mntfh->size = NFS2_FHSIZE; 1091 ctx->version = 2; 1092 } 1093 1094 1095 memcpy(mntfh->data, data->root.data, mntfh->size); 1096 if (mntfh->size < sizeof(mntfh->data)) 1097 memset(mntfh->data + mntfh->size, 0, 1098 sizeof(mntfh->data) - mntfh->size); 1099 1100 /* 1101 * for proto == XPRT_TRANSPORT_UDP, which is what uses 1102 * to_exponential, implying shift: limit the shift value 1103 * to BITS_PER_LONG (majortimeo is unsigned long) 1104 */ 1105 if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */ 1106 if (data->retrans >= 64) /* shift value is too large */ 1107 goto out_invalid_data; 1108 1109 /* 1110 * Translate to nfs_fs_context, which nfs_fill_super 1111 * can deal with. 1112 */ 1113 ctx->flags = data->flags & NFS_MOUNT_FLAGMASK; 1114 ctx->flags |= extra_flags; 1115 ctx->rsize = data->rsize; 1116 ctx->wsize = data->wsize; 1117 ctx->timeo = data->timeo; 1118 ctx->retrans = data->retrans; 1119 ctx->acregmin = data->acregmin; 1120 ctx->acregmax = data->acregmax; 1121 ctx->acdirmin = data->acdirmin; 1122 ctx->acdirmax = data->acdirmax; 1123 ctx->need_mount = false; 1124 1125 if (!is_remount_fc(fc)) { 1126 memcpy(sap, &data->addr, sizeof(data->addr)); 1127 ctx->nfs_server.addrlen = sizeof(data->addr); 1128 ctx->nfs_server.port = ntohs(data->addr.sin_port); 1129 } 1130 1131 if (sap->ss_family != AF_INET || 1132 !nfs_verify_server_address(sap)) 1133 goto out_no_address; 1134 1135 if (!(data->flags & NFS_MOUNT_TCP)) 1136 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 1137 /* N.B. caller will free nfs_server.hostname in all cases */ 1138 ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL); 1139 if (!ctx->nfs_server.hostname) 1140 goto out_nomem; 1141 1142 ctx->namlen = data->namlen; 1143 ctx->bsize = data->bsize; 1144 1145 if (data->flags & NFS_MOUNT_SECFLAVOUR) 1146 ctx->selected_flavor = data->pseudoflavor; 1147 else 1148 ctx->selected_flavor = RPC_AUTH_UNIX; 1149 1150 if (!(data->flags & NFS_MOUNT_NONLM)) 1151 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK| 1152 NFS_MOUNT_LOCAL_FCNTL); 1153 else 1154 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK| 1155 NFS_MOUNT_LOCAL_FCNTL); 1156 1157 /* 1158 * The legacy version 6 binary mount data from userspace has a 1159 * field used only to transport selinux information into the 1160 * kernel. To continue to support that functionality we 1161 * have a touch of selinux knowledge here in the NFS code. The 1162 * userspace code converted context=blah to just blah so we are 1163 * converting back to the full string selinux understands. 1164 */ 1165 if (data->context[0]){ 1166 #ifdef CONFIG_SECURITY_SELINUX 1167 int ret; 1168 1169 data->context[NFS_MAX_CONTEXT_LEN] = '\0'; 1170 ret = vfs_parse_fs_string(fc, "context", 1171 data->context, strlen(data->context)); 1172 if (ret < 0) 1173 return ret; 1174 #else 1175 return -EINVAL; 1176 #endif 1177 } 1178 1179 break; 1180 default: 1181 goto generic; 1182 } 1183 1184 ret = nfs_validate_transport_protocol(fc, ctx); 1185 if (ret) 1186 return ret; 1187 1188 ctx->skip_reconfig_option_check = true; 1189 return 0; 1190 1191 generic: 1192 return generic_parse_monolithic(fc, data); 1193 1194 out_no_data: 1195 if (is_remount_fc(fc)) { 1196 ctx->skip_reconfig_option_check = true; 1197 return 0; 1198 } 1199 return nfs_invalf(fc, "NFS: mount program didn't pass any mount data"); 1200 1201 out_no_v3: 1202 return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3"); 1203 1204 out_no_sec: 1205 return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS"); 1206 1207 out_nomem: 1208 return -ENOMEM; 1209 1210 out_no_address: 1211 return nfs_invalf(fc, "NFS: mount program didn't pass remote address"); 1212 1213 out_invalid_fh: 1214 return nfs_invalf(fc, "NFS: invalid root filehandle"); 1215 1216 out_invalid_data: 1217 return nfs_invalf(fc, "NFS: invalid binary mount data"); 1218 } 1219 1220 #if IS_ENABLED(CONFIG_NFS_V4) 1221 struct compat_nfs_string { 1222 compat_uint_t len; 1223 compat_uptr_t data; 1224 }; 1225 1226 static inline void compat_nfs_string(struct nfs_string *dst, 1227 struct compat_nfs_string *src) 1228 { 1229 dst->data = compat_ptr(src->data); 1230 dst->len = src->len; 1231 } 1232 1233 struct compat_nfs4_mount_data_v1 { 1234 compat_int_t version; 1235 compat_int_t flags; 1236 compat_int_t rsize; 1237 compat_int_t wsize; 1238 compat_int_t timeo; 1239 compat_int_t retrans; 1240 compat_int_t acregmin; 1241 compat_int_t acregmax; 1242 compat_int_t acdirmin; 1243 compat_int_t acdirmax; 1244 struct compat_nfs_string client_addr; 1245 struct compat_nfs_string mnt_path; 1246 struct compat_nfs_string hostname; 1247 compat_uint_t host_addrlen; 1248 compat_uptr_t host_addr; 1249 compat_int_t proto; 1250 compat_int_t auth_flavourlen; 1251 compat_uptr_t auth_flavours; 1252 }; 1253 1254 static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data) 1255 { 1256 struct compat_nfs4_mount_data_v1 *compat = 1257 (struct compat_nfs4_mount_data_v1 *)data; 1258 1259 /* copy the fields backwards */ 1260 data->auth_flavours = compat_ptr(compat->auth_flavours); 1261 data->auth_flavourlen = compat->auth_flavourlen; 1262 data->proto = compat->proto; 1263 data->host_addr = compat_ptr(compat->host_addr); 1264 data->host_addrlen = compat->host_addrlen; 1265 compat_nfs_string(&data->hostname, &compat->hostname); 1266 compat_nfs_string(&data->mnt_path, &compat->mnt_path); 1267 compat_nfs_string(&data->client_addr, &compat->client_addr); 1268 data->acdirmax = compat->acdirmax; 1269 data->acdirmin = compat->acdirmin; 1270 data->acregmax = compat->acregmax; 1271 data->acregmin = compat->acregmin; 1272 data->retrans = compat->retrans; 1273 data->timeo = compat->timeo; 1274 data->wsize = compat->wsize; 1275 data->rsize = compat->rsize; 1276 data->flags = compat->flags; 1277 data->version = compat->version; 1278 } 1279 1280 /* 1281 * Validate NFSv4 mount options 1282 */ 1283 static int nfs4_parse_monolithic(struct fs_context *fc, 1284 struct nfs4_mount_data *data) 1285 { 1286 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1287 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1288 int ret; 1289 char *c; 1290 1291 if (!data) { 1292 if (is_remount_fc(fc)) 1293 goto done; 1294 return nfs_invalf(fc, 1295 "NFS4: mount program didn't pass any mount data"); 1296 } 1297 1298 ctx->version = 4; 1299 1300 if (data->version != 1) 1301 return generic_parse_monolithic(fc, data); 1302 1303 if (in_compat_syscall()) 1304 nfs4_compat_mount_data_conv(data); 1305 1306 if (data->host_addrlen > sizeof(ctx->nfs_server.address)) 1307 goto out_no_address; 1308 if (data->host_addrlen == 0) 1309 goto out_no_address; 1310 ctx->nfs_server.addrlen = data->host_addrlen; 1311 if (copy_from_user(sap, data->host_addr, data->host_addrlen)) 1312 return -EFAULT; 1313 if (!nfs_verify_server_address(sap)) 1314 goto out_no_address; 1315 ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); 1316 1317 if (data->auth_flavourlen) { 1318 rpc_authflavor_t pseudoflavor; 1319 1320 if (data->auth_flavourlen > 1) 1321 goto out_inval_auth; 1322 if (copy_from_user(&pseudoflavor, data->auth_flavours, 1323 sizeof(pseudoflavor))) 1324 return -EFAULT; 1325 ctx->selected_flavor = pseudoflavor; 1326 } else { 1327 ctx->selected_flavor = RPC_AUTH_UNIX; 1328 } 1329 1330 c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN); 1331 if (IS_ERR(c)) 1332 return PTR_ERR(c); 1333 ctx->nfs_server.hostname = c; 1334 1335 c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN); 1336 if (IS_ERR(c)) 1337 return PTR_ERR(c); 1338 ctx->nfs_server.export_path = c; 1339 trace_nfs_mount_path(c); 1340 1341 c = strndup_user(data->client_addr.data, 16); 1342 if (IS_ERR(c)) 1343 return PTR_ERR(c); 1344 ctx->client_address = c; 1345 1346 /* 1347 * Translate to nfs_fs_context, which nfs_fill_super 1348 * can deal with. 1349 */ 1350 1351 ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK; 1352 ctx->rsize = data->rsize; 1353 ctx->wsize = data->wsize; 1354 ctx->timeo = data->timeo; 1355 ctx->retrans = data->retrans; 1356 ctx->acregmin = data->acregmin; 1357 ctx->acregmax = data->acregmax; 1358 ctx->acdirmin = data->acdirmin; 1359 ctx->acdirmax = data->acdirmax; 1360 ctx->nfs_server.protocol = data->proto; 1361 ret = nfs_validate_transport_protocol(fc, ctx); 1362 if (ret) 1363 return ret; 1364 done: 1365 ctx->skip_reconfig_option_check = true; 1366 return 0; 1367 1368 out_inval_auth: 1369 return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d", 1370 data->auth_flavourlen); 1371 1372 out_no_address: 1373 return nfs_invalf(fc, "NFS4: mount program didn't pass remote address"); 1374 } 1375 #endif 1376 1377 /* 1378 * Parse a monolithic block of data from sys_mount(). 1379 */ 1380 static int nfs_fs_context_parse_monolithic(struct fs_context *fc, 1381 void *data) 1382 { 1383 if (fc->fs_type == &nfs_fs_type) 1384 return nfs23_parse_monolithic(fc, data); 1385 1386 #if IS_ENABLED(CONFIG_NFS_V4) 1387 if (fc->fs_type == &nfs4_fs_type) 1388 return nfs4_parse_monolithic(fc, data); 1389 #endif 1390 1391 return nfs_invalf(fc, "NFS: Unsupported monolithic data version"); 1392 } 1393 1394 /* 1395 * Validate the preparsed information in the config. 1396 */ 1397 static int nfs_fs_context_validate(struct fs_context *fc) 1398 { 1399 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1400 struct nfs_subversion *nfs_mod; 1401 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1402 int max_namelen = PAGE_SIZE; 1403 int max_pathlen = NFS_MAXPATHLEN; 1404 int port = 0; 1405 int ret; 1406 1407 if (!fc->source) 1408 goto out_no_device_name; 1409 1410 /* Check for sanity first. */ 1411 if (ctx->minorversion && ctx->version != 4) 1412 goto out_minorversion_mismatch; 1413 1414 if (ctx->options & NFS_OPTION_MIGRATION && 1415 (ctx->version != 4 || ctx->minorversion != 0)) 1416 goto out_migration_misuse; 1417 1418 /* Verify that any proto=/mountproto= options match the address 1419 * families in the addr=/mountaddr= options. 1420 */ 1421 if (ctx->protofamily != AF_UNSPEC && 1422 ctx->protofamily != ctx->nfs_server.address.sa_family) 1423 goto out_proto_mismatch; 1424 1425 if (ctx->mountfamily != AF_UNSPEC) { 1426 if (ctx->mount_server.addrlen) { 1427 if (ctx->mountfamily != ctx->mount_server.address.sa_family) 1428 goto out_mountproto_mismatch; 1429 } else { 1430 if (ctx->mountfamily != ctx->nfs_server.address.sa_family) 1431 goto out_mountproto_mismatch; 1432 } 1433 } 1434 1435 if (!nfs_verify_server_address(sap)) 1436 goto out_no_address; 1437 1438 ret = nfs_validate_transport_protocol(fc, ctx); 1439 if (ret) 1440 return ret; 1441 1442 if (ctx->version == 4) { 1443 if (IS_ENABLED(CONFIG_NFS_V4)) { 1444 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) 1445 port = NFS_RDMA_PORT; 1446 else 1447 port = NFS_PORT; 1448 max_namelen = NFS4_MAXNAMLEN; 1449 max_pathlen = NFS4_MAXPATHLEN; 1450 ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL | 1451 NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK | 1452 NFS_MOUNT_LOCAL_FCNTL); 1453 } else { 1454 goto out_v4_not_compiled; 1455 } 1456 } else { 1457 nfs_set_mount_transport_protocol(ctx); 1458 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) 1459 port = NFS_RDMA_PORT; 1460 } 1461 1462 nfs_set_port(sap, &ctx->nfs_server.port, port); 1463 1464 ret = nfs_parse_source(fc, max_namelen, max_pathlen); 1465 if (ret < 0) 1466 return ret; 1467 1468 /* Load the NFS protocol module if we haven't done so yet */ 1469 if (!ctx->nfs_mod) { 1470 nfs_mod = get_nfs_version(ctx->version); 1471 if (IS_ERR(nfs_mod)) { 1472 ret = PTR_ERR(nfs_mod); 1473 goto out_version_unavailable; 1474 } 1475 ctx->nfs_mod = nfs_mod; 1476 } 1477 1478 /* Ensure the filesystem context has the correct fs_type */ 1479 if (fc->fs_type != ctx->nfs_mod->nfs_fs) { 1480 module_put(fc->fs_type->owner); 1481 __module_get(ctx->nfs_mod->nfs_fs->owner); 1482 fc->fs_type = ctx->nfs_mod->nfs_fs; 1483 } 1484 return 0; 1485 1486 out_no_device_name: 1487 return nfs_invalf(fc, "NFS: Device name not specified"); 1488 out_v4_not_compiled: 1489 nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel"); 1490 return -EPROTONOSUPPORT; 1491 out_no_address: 1492 return nfs_invalf(fc, "NFS: mount program didn't pass remote address"); 1493 out_mountproto_mismatch: 1494 return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option"); 1495 out_proto_mismatch: 1496 return nfs_invalf(fc, "NFS: Server address does not match proto= option"); 1497 out_minorversion_mismatch: 1498 return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u", 1499 ctx->version, ctx->minorversion); 1500 out_migration_misuse: 1501 return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version"); 1502 out_version_unavailable: 1503 nfs_errorf(fc, "NFS: Version unavailable"); 1504 return ret; 1505 } 1506 1507 /* 1508 * Create an NFS superblock by the appropriate method. 1509 */ 1510 static int nfs_get_tree(struct fs_context *fc) 1511 { 1512 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1513 int err = nfs_fs_context_validate(fc); 1514 1515 if (err) 1516 return err; 1517 if (!ctx->internal) 1518 return ctx->nfs_mod->rpc_ops->try_get_tree(fc); 1519 else 1520 return nfs_get_tree_common(fc); 1521 } 1522 1523 /* 1524 * Handle duplication of a configuration. The caller copied *src into *sc, but 1525 * it can't deal with resource pointers in the filesystem context, so we have 1526 * to do that. We need to clear pointers, copy data or get extra refs as 1527 * appropriate. 1528 */ 1529 static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc) 1530 { 1531 struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx; 1532 1533 ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL); 1534 if (!ctx) 1535 return -ENOMEM; 1536 1537 ctx->mntfh = nfs_alloc_fhandle(); 1538 if (!ctx->mntfh) { 1539 kfree(ctx); 1540 return -ENOMEM; 1541 } 1542 nfs_copy_fh(ctx->mntfh, src->mntfh); 1543 1544 __module_get(ctx->nfs_mod->owner); 1545 ctx->client_address = NULL; 1546 ctx->mount_server.hostname = NULL; 1547 ctx->nfs_server.export_path = NULL; 1548 ctx->nfs_server.hostname = NULL; 1549 ctx->fscache_uniq = NULL; 1550 ctx->clone_data.fattr = NULL; 1551 fc->fs_private = ctx; 1552 return 0; 1553 } 1554 1555 static void nfs_fs_context_free(struct fs_context *fc) 1556 { 1557 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1558 1559 if (ctx) { 1560 if (ctx->server) 1561 nfs_free_server(ctx->server); 1562 if (ctx->nfs_mod) 1563 put_nfs_version(ctx->nfs_mod); 1564 kfree(ctx->client_address); 1565 kfree(ctx->mount_server.hostname); 1566 kfree(ctx->nfs_server.export_path); 1567 kfree(ctx->nfs_server.hostname); 1568 kfree(ctx->fscache_uniq); 1569 nfs_free_fhandle(ctx->mntfh); 1570 nfs_free_fattr(ctx->clone_data.fattr); 1571 kfree(ctx); 1572 } 1573 } 1574 1575 static const struct fs_context_operations nfs_fs_context_ops = { 1576 .free = nfs_fs_context_free, 1577 .dup = nfs_fs_context_dup, 1578 .parse_param = nfs_fs_context_parse_param, 1579 .parse_monolithic = nfs_fs_context_parse_monolithic, 1580 .get_tree = nfs_get_tree, 1581 .reconfigure = nfs_reconfigure, 1582 }; 1583 1584 /* 1585 * Prepare superblock configuration. We use the namespaces attached to the 1586 * context. This may be the current process's namespaces, or it may be a 1587 * container's namespaces. 1588 */ 1589 static int nfs_init_fs_context(struct fs_context *fc) 1590 { 1591 struct nfs_fs_context *ctx; 1592 1593 ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL); 1594 if (unlikely(!ctx)) 1595 return -ENOMEM; 1596 1597 ctx->mntfh = nfs_alloc_fhandle(); 1598 if (unlikely(!ctx->mntfh)) { 1599 kfree(ctx); 1600 return -ENOMEM; 1601 } 1602 1603 ctx->protofamily = AF_UNSPEC; 1604 ctx->mountfamily = AF_UNSPEC; 1605 ctx->mount_server.port = NFS_UNSPEC_PORT; 1606 1607 if (fc->root) { 1608 /* reconfigure, start with the current config */ 1609 struct nfs_server *nfss = fc->root->d_sb->s_fs_info; 1610 struct net *net = nfss->nfs_client->cl_net; 1611 1612 ctx->flags = nfss->flags; 1613 ctx->rsize = nfss->rsize; 1614 ctx->wsize = nfss->wsize; 1615 ctx->retrans = nfss->client->cl_timeout->to_retries; 1616 ctx->selected_flavor = nfss->client->cl_auth->au_flavor; 1617 ctx->acregmin = nfss->acregmin / HZ; 1618 ctx->acregmax = nfss->acregmax / HZ; 1619 ctx->acdirmin = nfss->acdirmin / HZ; 1620 ctx->acdirmax = nfss->acdirmax / HZ; 1621 ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ; 1622 ctx->nfs_server.port = nfss->port; 1623 ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen; 1624 ctx->version = nfss->nfs_client->rpc_ops->version; 1625 ctx->minorversion = nfss->nfs_client->cl_minorversion; 1626 1627 memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr, 1628 ctx->nfs_server.addrlen); 1629 1630 if (fc->net_ns != net) { 1631 put_net(fc->net_ns); 1632 fc->net_ns = get_net(net); 1633 } 1634 1635 ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod; 1636 __module_get(ctx->nfs_mod->owner); 1637 } else { 1638 /* defaults */ 1639 ctx->timeo = NFS_UNSPEC_TIMEO; 1640 ctx->retrans = NFS_UNSPEC_RETRANS; 1641 ctx->acregmin = NFS_DEF_ACREGMIN; 1642 ctx->acregmax = NFS_DEF_ACREGMAX; 1643 ctx->acdirmin = NFS_DEF_ACDIRMIN; 1644 ctx->acdirmax = NFS_DEF_ACDIRMAX; 1645 ctx->nfs_server.port = NFS_UNSPEC_PORT; 1646 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 1647 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR; 1648 ctx->minorversion = 0; 1649 ctx->need_mount = true; 1650 ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 1651 ctx->xprtsec.cert_serial = TLS_NO_CERT; 1652 ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY; 1653 1654 fc->s_iflags |= SB_I_STABLE_WRITES; 1655 } 1656 fc->fs_private = ctx; 1657 fc->ops = &nfs_fs_context_ops; 1658 return 0; 1659 } 1660 1661 struct file_system_type nfs_fs_type = { 1662 .owner = THIS_MODULE, 1663 .name = "nfs", 1664 .init_fs_context = nfs_init_fs_context, 1665 .parameters = nfs_fs_parameters, 1666 .kill_sb = nfs_kill_super, 1667 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, 1668 }; 1669 MODULE_ALIAS_FS("nfs"); 1670 EXPORT_SYMBOL_GPL(nfs_fs_type); 1671 1672 #if IS_ENABLED(CONFIG_NFS_V4) 1673 struct file_system_type nfs4_fs_type = { 1674 .owner = THIS_MODULE, 1675 .name = "nfs4", 1676 .init_fs_context = nfs_init_fs_context, 1677 .parameters = nfs_fs_parameters, 1678 .kill_sb = nfs_kill_super, 1679 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, 1680 }; 1681 MODULE_ALIAS_FS("nfs4"); 1682 MODULE_ALIAS("nfs4"); 1683 EXPORT_SYMBOL_GPL(nfs4_fs_type); 1684 #endif /* CONFIG_NFS_V4 */ 1685