1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2022 Paulo Alcantara <palcantara@suse.de> 4 */ 5 6 #include "cifsproto.h" 7 #include "cifs_debug.h" 8 #include "dns_resolve.h" 9 #include "fs_context.h" 10 #include "dfs.h" 11 12 #define DFS_DOM(ctx) (ctx->dfs_root_ses ? ctx->dfs_root_ses->dns_dom : NULL) 13 14 /** 15 * dfs_parse_target_referral - set fs context for dfs target referral 16 * 17 * @full_path: full path in UNC format. 18 * @ref: dfs referral pointer. 19 * @ctx: smb3 fs context pointer. 20 * 21 * Return zero if dfs referral was parsed correctly, otherwise non-zero. 22 */ 23 int dfs_parse_target_referral(const char *full_path, const struct dfs_info3_param *ref, 24 struct smb3_fs_context *ctx) 25 { 26 int rc; 27 const char *prepath = NULL; 28 char *path; 29 30 if (!full_path || !*full_path || !ref || !ctx) 31 return -EINVAL; 32 33 if (WARN_ON_ONCE(!ref->node_name || ref->path_consumed < 0)) 34 return -EINVAL; 35 36 if (strlen(full_path) - ref->path_consumed) { 37 prepath = full_path + ref->path_consumed; 38 /* skip initial delimiter */ 39 if (*prepath == '/' || *prepath == '\\') 40 prepath++; 41 } 42 43 path = cifs_build_devname(ref->node_name, prepath); 44 if (IS_ERR(path)) 45 return PTR_ERR(path); 46 47 rc = smb3_parse_devname(path, ctx); 48 if (rc) 49 goto out; 50 51 rc = dns_resolve_unc(DFS_DOM(ctx), path, 52 (struct sockaddr *)&ctx->dstaddr); 53 out: 54 kfree(path); 55 return rc; 56 } 57 58 static int get_session(struct cifs_mount_ctx *mnt_ctx, const char *full_path) 59 { 60 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 61 int rc; 62 63 ctx->leaf_fullpath = (char *)full_path; 64 ctx->dns_dom = DFS_DOM(ctx); 65 rc = cifs_mount_get_session(mnt_ctx); 66 ctx->leaf_fullpath = ctx->dns_dom = NULL; 67 68 return rc; 69 } 70 71 /* 72 * Get an active reference of @ses so that next call to cifs_put_tcon() won't 73 * release it as any new DFS referrals must go through its IPC tcon. 74 */ 75 static void set_root_smb_session(struct cifs_mount_ctx *mnt_ctx) 76 { 77 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 78 struct cifs_ses *ses = mnt_ctx->ses; 79 80 if (ses) { 81 spin_lock(&cifs_tcp_ses_lock); 82 cifs_smb_ses_inc_refcount(ses); 83 spin_unlock(&cifs_tcp_ses_lock); 84 } 85 ctx->dfs_root_ses = ses; 86 } 87 88 static inline int parse_dfs_target(struct smb3_fs_context *ctx, 89 struct dfs_ref_walk *rw, 90 struct dfs_info3_param *tgt) 91 { 92 int rc; 93 const char *fpath = ref_walk_fpath(rw) + 1; 94 95 rc = ref_walk_get_tgt(rw, tgt); 96 if (!rc) 97 rc = dfs_parse_target_referral(fpath, tgt, ctx); 98 return rc; 99 } 100 101 static int setup_dfs_ref(struct dfs_info3_param *tgt, struct dfs_ref_walk *rw) 102 { 103 struct cifs_sb_info *cifs_sb = rw->mnt_ctx->cifs_sb; 104 struct smb3_fs_context *ctx = rw->mnt_ctx->fs_ctx; 105 char *ref_path, *full_path; 106 int rc; 107 108 set_root_smb_session(rw->mnt_ctx); 109 ref_walk_ses(rw) = ctx->dfs_root_ses; 110 111 full_path = smb3_fs_context_fullpath(ctx, CIFS_DIR_SEP(cifs_sb)); 112 if (IS_ERR(full_path)) 113 return PTR_ERR(full_path); 114 115 if (!tgt || (tgt->server_type == DFS_TYPE_LINK && 116 DFS_INTERLINK(tgt->flags))) 117 ref_path = dfs_get_path(cifs_sb, ctx->UNC); 118 else 119 ref_path = dfs_get_path(cifs_sb, full_path); 120 if (IS_ERR(ref_path)) { 121 rc = PTR_ERR(ref_path); 122 kfree(full_path); 123 return rc; 124 } 125 ref_walk_path(rw) = ref_path; 126 ref_walk_fpath(rw) = full_path; 127 128 return dfs_get_referral(rw->mnt_ctx, 129 ref_walk_path(rw) + 1, 130 ref_walk_tl(rw)); 131 } 132 133 static int __dfs_referral_walk(struct dfs_ref_walk *rw) 134 { 135 struct smb3_fs_context *ctx = rw->mnt_ctx->fs_ctx; 136 struct cifs_mount_ctx *mnt_ctx = rw->mnt_ctx; 137 struct dfs_info3_param tgt = {}; 138 int rc = -ENOENT; 139 140 again: 141 do { 142 ctx->dfs_root_ses = ref_walk_ses(rw); 143 while (ref_walk_next_tgt(rw)) { 144 rc = parse_dfs_target(ctx, rw, &tgt); 145 if (rc) 146 continue; 147 148 cifs_mount_put_conns(mnt_ctx); 149 rc = get_session(mnt_ctx, ref_walk_path(rw)); 150 if (rc) 151 continue; 152 153 if (tgt.flags & DFSREF_STORAGE_SERVER) { 154 rc = cifs_mount_get_tcon(mnt_ctx); 155 if (!rc) 156 rc = cifs_is_path_remote(mnt_ctx); 157 if (!rc) { 158 ref_walk_set_tgt_hint(rw); 159 break; 160 } 161 if (rc != -EREMOTE) 162 continue; 163 } 164 165 rc = ref_walk_advance(rw); 166 if (!rc) { 167 rc = setup_dfs_ref(&tgt, rw); 168 if (rc) 169 break; 170 ref_walk_mark_end(rw); 171 goto again; 172 } 173 } 174 } while (rc && ref_walk_descend(rw)); 175 176 free_dfs_info_param(&tgt); 177 return rc; 178 } 179 180 static int dfs_referral_walk(struct cifs_mount_ctx *mnt_ctx, 181 struct dfs_ref_walk **rw) 182 { 183 int rc; 184 185 *rw = ref_walk_alloc(); 186 if (IS_ERR(*rw)) { 187 rc = PTR_ERR(*rw); 188 *rw = NULL; 189 return rc; 190 } 191 192 ref_walk_init(*rw, mnt_ctx); 193 rc = setup_dfs_ref(NULL, *rw); 194 if (!rc) 195 rc = __dfs_referral_walk(*rw); 196 return rc; 197 } 198 199 static int __dfs_mount_share(struct cifs_mount_ctx *mnt_ctx) 200 { 201 struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb; 202 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 203 struct dfs_ref_walk *rw = NULL; 204 struct cifs_tcon *tcon; 205 char *origin_fullpath; 206 int rc; 207 208 origin_fullpath = dfs_get_path(cifs_sb, ctx->source); 209 if (IS_ERR(origin_fullpath)) 210 return PTR_ERR(origin_fullpath); 211 212 rc = dfs_referral_walk(mnt_ctx, &rw); 213 if (!rc) { 214 /* 215 * Prevent superblock from being created with any missing 216 * connections. 217 */ 218 if (WARN_ON(!mnt_ctx->server)) 219 rc = -EHOSTDOWN; 220 else if (WARN_ON(!mnt_ctx->ses)) 221 rc = -EACCES; 222 else if (WARN_ON(!mnt_ctx->tcon)) 223 rc = -ENOENT; 224 } 225 if (rc) 226 goto out; 227 228 tcon = mnt_ctx->tcon; 229 spin_lock(&tcon->tc_lock); 230 tcon->origin_fullpath = origin_fullpath; 231 origin_fullpath = NULL; 232 ref_walk_set_tcon(rw, tcon); 233 spin_unlock(&tcon->tc_lock); 234 queue_delayed_work(dfscache_wq, &tcon->dfs_cache_work, 235 dfs_cache_get_ttl() * HZ); 236 237 out: 238 kfree(origin_fullpath); 239 ref_walk_free(rw); 240 return rc; 241 } 242 243 /* 244 * If @ctx->dfs_automount, then update @ctx->dstaddr earlier with the DFS root 245 * server from where we'll start following any referrals. Otherwise rely on the 246 * value provided by mount(2) as the user might not have dns_resolver key set up 247 * and therefore failing to upcall to resolve UNC hostname under @ctx->source. 248 */ 249 static int update_fs_context_dstaddr(struct smb3_fs_context *ctx) 250 { 251 struct sockaddr *addr = (struct sockaddr *)&ctx->dstaddr; 252 int rc = 0; 253 254 if (!ctx->nodfs && ctx->dfs_automount) { 255 rc = dns_resolve_unc(NULL, ctx->source, addr); 256 if (!rc) 257 cifs_set_port(addr, ctx->port); 258 ctx->dfs_automount = false; 259 } 260 return rc; 261 } 262 263 int dfs_mount_share(struct cifs_mount_ctx *mnt_ctx) 264 { 265 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 266 bool nodfs = ctx->nodfs; 267 int rc; 268 269 rc = update_fs_context_dstaddr(ctx); 270 if (rc) 271 return rc; 272 273 rc = get_session(mnt_ctx, NULL); 274 if (rc) 275 return rc; 276 277 /* 278 * If called with 'nodfs' mount option, then skip DFS resolving. Otherwise unconditionally 279 * try to get an DFS referral (even cached) to determine whether it is an DFS mount. 280 * 281 * Skip prefix path to provide support for DFS referrals from w2k8 servers which don't seem 282 * to respond with PATH_NOT_COVERED to requests that include the prefix. 283 */ 284 if (!nodfs) { 285 rc = dfs_get_referral(mnt_ctx, ctx->UNC + 1, NULL); 286 if (rc) { 287 cifs_dbg(FYI, "%s: no dfs referral for %s: %d\n", 288 __func__, ctx->UNC + 1, rc); 289 cifs_dbg(FYI, "%s: assuming non-dfs mount...\n", __func__); 290 nodfs = true; 291 } 292 } 293 if (nodfs) { 294 rc = cifs_mount_get_tcon(mnt_ctx); 295 if (!rc) 296 rc = cifs_is_path_remote(mnt_ctx); 297 return rc; 298 } 299 300 if (!ctx->dfs_conn) { 301 ctx->dfs_conn = true; 302 cifs_mount_put_conns(mnt_ctx); 303 rc = get_session(mnt_ctx, NULL); 304 } 305 if (!rc) 306 rc = __dfs_mount_share(mnt_ctx); 307 return rc; 308 } 309 310 static int target_share_matches_server(struct TCP_Server_Info *server, char *share, 311 bool *target_match) 312 { 313 int rc = 0; 314 const char *dfs_host; 315 size_t dfs_host_len; 316 317 *target_match = true; 318 extract_unc_hostname(share, &dfs_host, &dfs_host_len); 319 320 /* Check if hostnames or addresses match */ 321 cifs_server_lock(server); 322 if (dfs_host_len != strlen(server->hostname) || 323 strncasecmp(dfs_host, server->hostname, dfs_host_len)) { 324 cifs_dbg(FYI, "%s: %.*s doesn't match %s\n", __func__, 325 (int)dfs_host_len, dfs_host, server->hostname); 326 rc = match_target_ip(server, dfs_host, dfs_host_len, target_match); 327 if (rc) 328 cifs_dbg(VFS, "%s: failed to match target ip: %d\n", __func__, rc); 329 } 330 cifs_server_unlock(server); 331 return rc; 332 } 333 334 static int tree_connect_dfs_target(const unsigned int xid, 335 struct cifs_tcon *tcon, 336 struct cifs_sb_info *cifs_sb, 337 char *tree, bool islink, 338 struct dfs_cache_tgt_list *tl) 339 { 340 const struct smb_version_operations *ops = tcon->ses->server->ops; 341 struct TCP_Server_Info *server = tcon->ses->server; 342 struct dfs_cache_tgt_iterator *tit; 343 char *share = NULL, *prefix = NULL; 344 bool target_match; 345 int rc = -ENOENT; 346 347 /* Try to tree connect to all dfs targets */ 348 for (tit = dfs_cache_get_tgt_iterator(tl); 349 tit; tit = dfs_cache_get_next_tgt(tl, tit)) { 350 kfree(share); 351 kfree(prefix); 352 share = prefix = NULL; 353 354 /* Check if share matches with tcp ses */ 355 rc = dfs_cache_get_tgt_share(server->leaf_fullpath + 1, tit, &share, &prefix); 356 if (rc) { 357 cifs_dbg(VFS, "%s: failed to parse target share: %d\n", __func__, rc); 358 break; 359 } 360 361 rc = target_share_matches_server(server, share, &target_match); 362 if (rc) 363 break; 364 if (!target_match) { 365 rc = -EHOSTUNREACH; 366 continue; 367 } 368 369 dfs_cache_noreq_update_tgthint(server->leaf_fullpath + 1, tit); 370 scnprintf(tree, MAX_TREE_SIZE, "\\%s", share); 371 rc = ops->tree_connect(xid, tcon->ses, tree, 372 tcon, tcon->ses->local_nls); 373 if (islink && !rc && cifs_sb) 374 rc = cifs_update_super_prepath(cifs_sb, prefix); 375 break; 376 } 377 378 kfree(share); 379 kfree(prefix); 380 dfs_cache_free_tgts(tl); 381 return rc; 382 } 383 384 int cifs_tree_connect(const unsigned int xid, struct cifs_tcon *tcon) 385 { 386 int rc; 387 struct TCP_Server_Info *server = tcon->ses->server; 388 const struct smb_version_operations *ops = server->ops; 389 DFS_CACHE_TGT_LIST(tl); 390 struct cifs_sb_info *cifs_sb = NULL; 391 struct super_block *sb = NULL; 392 struct dfs_info3_param ref = {0}; 393 char *tree; 394 395 /* only send once per connect */ 396 spin_lock(&tcon->tc_lock); 397 398 /* if tcon is marked for needing reconnect, update state */ 399 if (tcon->need_reconnect) 400 tcon->status = TID_NEED_TCON; 401 402 if (tcon->status == TID_GOOD) { 403 spin_unlock(&tcon->tc_lock); 404 return 0; 405 } 406 407 if (tcon->status != TID_NEW && 408 tcon->status != TID_NEED_TCON) { 409 spin_unlock(&tcon->tc_lock); 410 return -EHOSTDOWN; 411 } 412 413 tcon->status = TID_IN_TCON; 414 spin_unlock(&tcon->tc_lock); 415 416 tree = kzalloc(MAX_TREE_SIZE, GFP_KERNEL); 417 if (!tree) { 418 rc = -ENOMEM; 419 goto out; 420 } 421 422 if (tcon->ipc) { 423 cifs_server_lock(server); 424 scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname); 425 cifs_server_unlock(server); 426 rc = ops->tree_connect(xid, tcon->ses, tree, 427 tcon, tcon->ses->local_nls); 428 goto out; 429 } 430 431 sb = cifs_get_dfs_tcon_super(tcon); 432 if (!IS_ERR(sb)) 433 cifs_sb = CIFS_SB(sb); 434 435 /* Tree connect to last share in @tcon->tree_name if no DFS referral */ 436 if (!server->leaf_fullpath || 437 dfs_cache_noreq_find(server->leaf_fullpath + 1, &ref, &tl)) { 438 rc = ops->tree_connect(xid, tcon->ses, tcon->tree_name, 439 tcon, tcon->ses->local_nls); 440 goto out; 441 } 442 443 rc = tree_connect_dfs_target(xid, tcon, cifs_sb, tree, ref.server_type == DFS_TYPE_LINK, 444 &tl); 445 free_dfs_info_param(&ref); 446 447 out: 448 kfree(tree); 449 cifs_put_tcp_super(sb); 450 451 if (rc) { 452 spin_lock(&tcon->tc_lock); 453 if (tcon->status == TID_IN_TCON) 454 tcon->status = TID_NEED_TCON; 455 spin_unlock(&tcon->tc_lock); 456 } else { 457 spin_lock(&tcon->tc_lock); 458 if (tcon->status == TID_IN_TCON) 459 tcon->status = TID_GOOD; 460 tcon->need_reconnect = false; 461 spin_unlock(&tcon->tc_lock); 462 } 463 464 return rc; 465 } 466