1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifspdu.h" 30 #include "cifsglob.h" 31 #include "cifsproto.h" 32 #include "cifs_unicode.h" 33 #include "cifs_debug.h" 34 #include "cifs_fs_sb.h" 35 #include "ntlmssp.h" 36 #include "nterr.h" 37 #include "rfc1002pdu.h" 38 #include "fs_context.h" 39 40 static DEFINE_MUTEX(cifs_mount_mutex); 41 42 static const match_table_t cifs_smb_version_tokens = { 43 { Smb_1, SMB1_VERSION_STRING }, 44 { Smb_20, SMB20_VERSION_STRING}, 45 { Smb_21, SMB21_VERSION_STRING }, 46 { Smb_30, SMB30_VERSION_STRING }, 47 { Smb_302, SMB302_VERSION_STRING }, 48 { Smb_302, ALT_SMB302_VERSION_STRING }, 49 { Smb_311, SMB311_VERSION_STRING }, 50 { Smb_311, ALT_SMB311_VERSION_STRING }, 51 { Smb_3any, SMB3ANY_VERSION_STRING }, 52 { Smb_default, SMBDEFAULT_VERSION_STRING }, 53 { Smb_version_err, NULL } 54 }; 55 56 static const match_table_t cifs_secflavor_tokens = { 57 { Opt_sec_krb5, "krb5" }, 58 { Opt_sec_krb5i, "krb5i" }, 59 { Opt_sec_krb5p, "krb5p" }, 60 { Opt_sec_ntlmsspi, "ntlmsspi" }, 61 { Opt_sec_ntlmssp, "ntlmssp" }, 62 { Opt_sec_ntlmv2, "nontlm" }, 63 { Opt_sec_ntlmv2, "ntlmv2" }, 64 { Opt_sec_ntlmv2i, "ntlmv2i" }, 65 { Opt_sec_none, "none" }, 66 67 { Opt_sec_err, NULL } 68 }; 69 70 const struct fs_parameter_spec smb3_fs_parameters[] = { 71 /* Mount options that take no arguments */ 72 fsparam_flag_no("user_xattr", Opt_user_xattr), 73 fsparam_flag_no("forceuid", Opt_forceuid), 74 fsparam_flag_no("multichannel", Opt_multichannel), 75 fsparam_flag_no("forcegid", Opt_forcegid), 76 fsparam_flag("noblocksend", Opt_noblocksend), 77 fsparam_flag("noautotune", Opt_noautotune), 78 fsparam_flag("nolease", Opt_nolease), 79 fsparam_flag_no("hard", Opt_hard), 80 fsparam_flag_no("soft", Opt_soft), 81 fsparam_flag_no("perm", Opt_perm), 82 fsparam_flag("nodelete", Opt_nodelete), 83 fsparam_flag_no("mapposix", Opt_mapposix), 84 fsparam_flag("mapchars", Opt_mapchars), 85 fsparam_flag("nomapchars", Opt_nomapchars), 86 fsparam_flag_no("sfu", Opt_sfu), 87 fsparam_flag("nodfs", Opt_nodfs), 88 fsparam_flag_no("posixpaths", Opt_posixpaths), 89 fsparam_flag_no("unix", Opt_unix), 90 fsparam_flag_no("linux", Opt_unix), 91 fsparam_flag_no("posix", Opt_unix), 92 fsparam_flag("nocase", Opt_nocase), 93 fsparam_flag("ignorecase", Opt_nocase), 94 fsparam_flag_no("brl", Opt_brl), 95 fsparam_flag_no("handlecache", Opt_handlecache), 96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 97 fsparam_flag("forcemand", Opt_forcemandatorylock), 98 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 99 fsparam_flag("idsfromsid", Opt_setuidfromacl), 100 fsparam_flag_no("setuids", Opt_setuids), 101 fsparam_flag_no("dynperm", Opt_dynperm), 102 fsparam_flag_no("intr", Opt_intr), 103 fsparam_flag_no("strictsync", Opt_strictsync), 104 fsparam_flag_no("serverino", Opt_serverino), 105 fsparam_flag("rwpidforward", Opt_rwpidforward), 106 fsparam_flag("cifsacl", Opt_cifsacl), 107 fsparam_flag_no("acl", Opt_acl), 108 fsparam_flag("locallease", Opt_locallease), 109 fsparam_flag("sign", Opt_sign), 110 fsparam_flag("ignore_signature", Opt_ignore_signature), 111 fsparam_flag("signloosely", Opt_ignore_signature), 112 fsparam_flag("seal", Opt_seal), 113 fsparam_flag("noac", Opt_noac), 114 fsparam_flag("fsc", Opt_fsc), 115 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 116 fsparam_flag("multiuser", Opt_multiuser), 117 fsparam_flag("sloppy", Opt_sloppy), 118 fsparam_flag("nosharesock", Opt_nosharesock), 119 fsparam_flag_no("persistenthandles", Opt_persistent), 120 fsparam_flag_no("resilienthandles", Opt_resilient), 121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 122 fsparam_flag("nosparse", Opt_nosparse), 123 fsparam_flag("domainauto", Opt_domainauto), 124 fsparam_flag("rdma", Opt_rdma), 125 fsparam_flag("modesid", Opt_modesid), 126 fsparam_flag("modefromsid", Opt_modesid), 127 fsparam_flag("rootfs", Opt_rootfs), 128 fsparam_flag("compress", Opt_compress), 129 fsparam_flag("witness", Opt_witness), 130 131 /* Mount options which take numeric value */ 132 fsparam_u32("backupuid", Opt_backupuid), 133 fsparam_u32("backupgid", Opt_backupgid), 134 fsparam_u32("uid", Opt_uid), 135 fsparam_u32("cruid", Opt_cruid), 136 fsparam_u32("gid", Opt_gid), 137 fsparam_u32("file_mode", Opt_file_mode), 138 fsparam_u32("dirmode", Opt_dirmode), 139 fsparam_u32("dir_mode", Opt_dirmode), 140 fsparam_u32("port", Opt_port), 141 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 142 fsparam_u32("esize", Opt_min_enc_offload), 143 fsparam_u32("bsize", Opt_blocksize), 144 fsparam_u32("rasize", Opt_rasize), 145 fsparam_u32("rsize", Opt_rsize), 146 fsparam_u32("wsize", Opt_wsize), 147 fsparam_u32("actimeo", Opt_actimeo), 148 fsparam_u32("acdirmax", Opt_acdirmax), 149 fsparam_u32("acregmax", Opt_acregmax), 150 fsparam_u32("closetimeo", Opt_closetimeo), 151 fsparam_u32("echo_interval", Opt_echo_interval), 152 fsparam_u32("max_credits", Opt_max_credits), 153 fsparam_u32("handletimeout", Opt_handletimeout), 154 fsparam_u64("snapshot", Opt_snapshot), 155 fsparam_u32("max_channels", Opt_max_channels), 156 157 /* Mount options which take string value */ 158 fsparam_string("source", Opt_source), 159 fsparam_string("user", Opt_user), 160 fsparam_string("username", Opt_user), 161 fsparam_string("pass", Opt_pass), 162 fsparam_string("password", Opt_pass), 163 fsparam_string("ip", Opt_ip), 164 fsparam_string("addr", Opt_ip), 165 fsparam_string("domain", Opt_domain), 166 fsparam_string("dom", Opt_domain), 167 fsparam_string("srcaddr", Opt_srcaddr), 168 fsparam_string("iocharset", Opt_iocharset), 169 fsparam_string("netbiosname", Opt_netbiosname), 170 fsparam_string("servern", Opt_servern), 171 fsparam_string("ver", Opt_ver), 172 fsparam_string("vers", Opt_vers), 173 fsparam_string("sec", Opt_sec), 174 fsparam_string("cache", Opt_cache), 175 176 /* Arguments that should be ignored */ 177 fsparam_flag("guest", Opt_ignore), 178 fsparam_flag("noatime", Opt_ignore), 179 fsparam_flag("relatime", Opt_ignore), 180 fsparam_flag("_netdev", Opt_ignore), 181 fsparam_flag_no("suid", Opt_ignore), 182 fsparam_flag_no("exec", Opt_ignore), 183 fsparam_flag_no("dev", Opt_ignore), 184 fsparam_flag_no("mand", Opt_ignore), 185 fsparam_flag_no("auto", Opt_ignore), 186 fsparam_string("cred", Opt_ignore), 187 fsparam_string("credentials", Opt_ignore), 188 /* 189 * UNC and prefixpath is now extracted from Opt_source 190 * in the new mount API so we can just ignore them going forward. 191 */ 192 fsparam_string("unc", Opt_ignore), 193 fsparam_string("prefixpath", Opt_ignore), 194 {} 195 }; 196 197 static int 198 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 199 { 200 201 substring_t args[MAX_OPT_ARGS]; 202 203 /* 204 * With mount options, the last one should win. Reset any existing 205 * settings back to default. 206 */ 207 ctx->sectype = Unspecified; 208 ctx->sign = false; 209 210 switch (match_token(value, cifs_secflavor_tokens, args)) { 211 case Opt_sec_krb5p: 212 cifs_errorf(fc, "sec=krb5p is not supported!\n"); 213 return 1; 214 case Opt_sec_krb5i: 215 ctx->sign = true; 216 fallthrough; 217 case Opt_sec_krb5: 218 ctx->sectype = Kerberos; 219 break; 220 case Opt_sec_ntlmsspi: 221 ctx->sign = true; 222 fallthrough; 223 case Opt_sec_ntlmssp: 224 ctx->sectype = RawNTLMSSP; 225 break; 226 case Opt_sec_ntlmv2i: 227 ctx->sign = true; 228 fallthrough; 229 case Opt_sec_ntlmv2: 230 ctx->sectype = NTLMv2; 231 break; 232 case Opt_sec_none: 233 ctx->nullauth = 1; 234 break; 235 default: 236 cifs_errorf(fc, "bad security option: %s\n", value); 237 return 1; 238 } 239 240 return 0; 241 } 242 243 static const match_table_t cifs_cacheflavor_tokens = { 244 { Opt_cache_loose, "loose" }, 245 { Opt_cache_strict, "strict" }, 246 { Opt_cache_none, "none" }, 247 { Opt_cache_ro, "ro" }, 248 { Opt_cache_rw, "singleclient" }, 249 { Opt_cache_err, NULL } 250 }; 251 252 static int 253 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 254 { 255 substring_t args[MAX_OPT_ARGS]; 256 257 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 258 case Opt_cache_loose: 259 ctx->direct_io = false; 260 ctx->strict_io = false; 261 ctx->cache_ro = false; 262 ctx->cache_rw = false; 263 break; 264 case Opt_cache_strict: 265 ctx->direct_io = false; 266 ctx->strict_io = true; 267 ctx->cache_ro = false; 268 ctx->cache_rw = false; 269 break; 270 case Opt_cache_none: 271 ctx->direct_io = true; 272 ctx->strict_io = false; 273 ctx->cache_ro = false; 274 ctx->cache_rw = false; 275 break; 276 case Opt_cache_ro: 277 ctx->direct_io = false; 278 ctx->strict_io = false; 279 ctx->cache_ro = true; 280 ctx->cache_rw = false; 281 break; 282 case Opt_cache_rw: 283 ctx->direct_io = false; 284 ctx->strict_io = false; 285 ctx->cache_ro = false; 286 ctx->cache_rw = true; 287 break; 288 default: 289 cifs_errorf(fc, "bad cache= option: %s\n", value); 290 return 1; 291 } 292 return 0; 293 } 294 295 #define DUP_CTX_STR(field) \ 296 do { \ 297 if (ctx->field) { \ 298 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 299 if (new_ctx->field == NULL) { \ 300 smb3_cleanup_fs_context_contents(new_ctx); \ 301 return -ENOMEM; \ 302 } \ 303 } \ 304 } while (0) 305 306 int 307 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 308 { 309 memcpy(new_ctx, ctx, sizeof(*ctx)); 310 new_ctx->prepath = NULL; 311 new_ctx->nodename = NULL; 312 new_ctx->username = NULL; 313 new_ctx->password = NULL; 314 new_ctx->server_hostname = NULL; 315 new_ctx->domainname = NULL; 316 new_ctx->UNC = NULL; 317 new_ctx->source = NULL; 318 new_ctx->iocharset = NULL; 319 new_ctx->leaf_fullpath = NULL; 320 /* 321 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 322 */ 323 DUP_CTX_STR(prepath); 324 DUP_CTX_STR(username); 325 DUP_CTX_STR(password); 326 DUP_CTX_STR(server_hostname); 327 DUP_CTX_STR(UNC); 328 DUP_CTX_STR(source); 329 DUP_CTX_STR(domainname); 330 DUP_CTX_STR(nodename); 331 DUP_CTX_STR(iocharset); 332 DUP_CTX_STR(leaf_fullpath); 333 334 return 0; 335 } 336 337 static int 338 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 339 { 340 substring_t args[MAX_OPT_ARGS]; 341 342 switch (match_token(value, cifs_smb_version_tokens, args)) { 343 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 344 case Smb_1: 345 if (disable_legacy_dialects) { 346 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 347 return 1; 348 } 349 if (is_smb3) { 350 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 351 return 1; 352 } 353 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 354 ctx->ops = &smb1_operations; 355 ctx->vals = &smb1_values; 356 break; 357 case Smb_20: 358 if (disable_legacy_dialects) { 359 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 360 return 1; 361 } 362 if (is_smb3) { 363 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 364 return 1; 365 } 366 ctx->ops = &smb20_operations; 367 ctx->vals = &smb20_values; 368 break; 369 #else 370 case Smb_1: 371 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 372 return 1; 373 case Smb_20: 374 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 375 return 1; 376 #endif /* CIFS_ALLOW_INSECURE_LEGACY */ 377 case Smb_21: 378 ctx->ops = &smb21_operations; 379 ctx->vals = &smb21_values; 380 break; 381 case Smb_30: 382 ctx->ops = &smb30_operations; 383 ctx->vals = &smb30_values; 384 break; 385 case Smb_302: 386 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 387 ctx->vals = &smb302_values; 388 break; 389 case Smb_311: 390 ctx->ops = &smb311_operations; 391 ctx->vals = &smb311_values; 392 break; 393 case Smb_3any: 394 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 395 ctx->vals = &smb3any_values; 396 break; 397 case Smb_default: 398 ctx->ops = &smb30_operations; 399 ctx->vals = &smbdefault_values; 400 break; 401 default: 402 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 403 return 1; 404 } 405 return 0; 406 } 407 408 int smb3_parse_opt(const char *options, const char *key, char **val) 409 { 410 int rc = -ENOENT; 411 char *opts, *orig, *p; 412 413 orig = opts = kstrdup(options, GFP_KERNEL); 414 if (!opts) 415 return -ENOMEM; 416 417 while ((p = strsep(&opts, ","))) { 418 char *nval; 419 420 if (!*p) 421 continue; 422 if (strncasecmp(p, key, strlen(key))) 423 continue; 424 nval = strchr(p, '='); 425 if (nval) { 426 if (nval == p) 427 continue; 428 *nval++ = 0; 429 *val = kstrdup(nval, GFP_KERNEL); 430 rc = !*val ? -ENOMEM : 0; 431 goto out; 432 } 433 } 434 out: 435 kfree(orig); 436 return rc; 437 } 438 439 /* 440 * Remove duplicate path delimiters. Windows is supposed to do that 441 * but there are some bugs that prevent rename from working if there are 442 * multiple delimiters. 443 * 444 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 445 * Otherwise, return ERR_PTR. 446 * 447 * @gfp indicates the GFP_* flags for kstrdup. 448 * The caller is responsible for freeing the original. 449 */ 450 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 451 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 452 { 453 char *cursor1 = prepath, *cursor2 = prepath; 454 char *s; 455 456 /* skip all prepended delimiters */ 457 while (IS_DELIM(*cursor1)) 458 cursor1++; 459 460 /* copy the first letter */ 461 *cursor2 = *cursor1; 462 463 /* copy the remainder... */ 464 while (*(cursor1++)) { 465 /* ... skipping all duplicated delimiters */ 466 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 467 continue; 468 *(++cursor2) = *cursor1; 469 } 470 471 /* if the last character is a delimiter, skip it */ 472 if (IS_DELIM(*(cursor2 - 1))) 473 cursor2--; 474 475 *cursor2 = '\0'; 476 if (!*prepath) 477 return NULL; 478 s = kstrdup(prepath, gfp); 479 if (!s) 480 return ERR_PTR(-ENOMEM); 481 return s; 482 } 483 484 /* 485 * Return full path based on the values of @ctx->{UNC,prepath}. 486 * 487 * It is assumed that both values were already parsed by smb3_parse_devname(). 488 */ 489 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 490 { 491 size_t ulen, plen; 492 char *s; 493 494 ulen = strlen(ctx->UNC); 495 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 496 497 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 498 if (!s) 499 return ERR_PTR(-ENOMEM); 500 memcpy(s, ctx->UNC, ulen); 501 if (plen) { 502 s[ulen] = dirsep; 503 memcpy(s + ulen + 1, ctx->prepath, plen); 504 } 505 s[ulen + plen] = '\0'; 506 convert_delimiter(s, dirsep); 507 return s; 508 } 509 510 /* 511 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 512 * fields with the result. Returns 0 on success and an error otherwise 513 * (e.g. ENOMEM or EINVAL) 514 */ 515 int 516 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 517 { 518 char *pos; 519 const char *delims = "/\\"; 520 size_t len; 521 int rc; 522 523 if (unlikely(!devname || !*devname)) { 524 cifs_dbg(VFS, "Device name not specified\n"); 525 return -EINVAL; 526 } 527 528 /* make sure we have a valid UNC double delimiter prefix */ 529 len = strspn(devname, delims); 530 if (len != 2) 531 return -EINVAL; 532 533 /* find delimiter between host and sharename */ 534 pos = strpbrk(devname + 2, delims); 535 if (!pos) 536 return -EINVAL; 537 538 /* record the server hostname */ 539 kfree(ctx->server_hostname); 540 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 541 if (!ctx->server_hostname) 542 return -ENOMEM; 543 544 /* skip past delimiter */ 545 ++pos; 546 547 /* now go until next delimiter or end of string */ 548 len = strcspn(pos, delims); 549 if (!len) 550 return -EINVAL; 551 552 /* move "pos" up to delimiter or NULL */ 553 pos += len; 554 kfree(ctx->UNC); 555 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 556 if (!ctx->UNC) 557 return -ENOMEM; 558 559 convert_delimiter(ctx->UNC, '\\'); 560 561 /* skip any delimiter */ 562 if (*pos == '/' || *pos == '\\') 563 pos++; 564 565 kfree(ctx->prepath); 566 ctx->prepath = NULL; 567 568 /* If pos is NULL then no prepath */ 569 if (!*pos) 570 return 0; 571 572 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 573 if (IS_ERR(ctx->prepath)) { 574 rc = PTR_ERR(ctx->prepath); 575 ctx->prepath = NULL; 576 return rc; 577 } 578 579 return 0; 580 } 581 582 static void smb3_fs_context_free(struct fs_context *fc); 583 static int smb3_fs_context_parse_param(struct fs_context *fc, 584 struct fs_parameter *param); 585 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 586 void *data); 587 static int smb3_get_tree(struct fs_context *fc); 588 static int smb3_reconfigure(struct fs_context *fc); 589 590 static const struct fs_context_operations smb3_fs_context_ops = { 591 .free = smb3_fs_context_free, 592 .parse_param = smb3_fs_context_parse_param, 593 .parse_monolithic = smb3_fs_context_parse_monolithic, 594 .get_tree = smb3_get_tree, 595 .reconfigure = smb3_reconfigure, 596 }; 597 598 /* 599 * Parse a monolithic block of data from sys_mount(). 600 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 601 * @ctx: The superblock configuration to fill in. 602 * @data: The data to parse 603 * 604 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 605 * called from the ->monolithic_mount_data() fs_context operation. 606 * 607 * Returns 0 on success or the error returned by the ->parse_option() fs_context 608 * operation on failure. 609 */ 610 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 611 void *data) 612 { 613 char *options = data, *key; 614 int ret = 0; 615 616 if (!options) 617 return 0; 618 619 ret = security_sb_eat_lsm_opts(options, &fc->security); 620 if (ret) 621 return ret; 622 623 /* BB Need to add support for sep= here TBD */ 624 while ((key = strsep(&options, ",")) != NULL) { 625 size_t len; 626 char *value; 627 628 if (*key == 0) 629 break; 630 631 /* Check if following character is the deliminator If yes, 632 * we have encountered a double deliminator reset the NULL 633 * character to the deliminator 634 */ 635 while (options && options[0] == ',') { 636 len = strlen(key); 637 strcpy(key + len, options); 638 options = strchr(options, ','); 639 if (options) 640 *options++ = 0; 641 } 642 643 644 len = 0; 645 value = strchr(key, '='); 646 if (value) { 647 if (value == key) 648 continue; 649 *value++ = 0; 650 len = strlen(value); 651 } 652 653 ret = vfs_parse_fs_string(fc, key, value, len); 654 if (ret < 0) 655 break; 656 } 657 658 return ret; 659 } 660 661 /* 662 * Validate the preparsed information in the config. 663 */ 664 static int smb3_fs_context_validate(struct fs_context *fc) 665 { 666 struct smb3_fs_context *ctx = smb3_fc2context(fc); 667 668 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 669 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 670 return -EOPNOTSUPP; 671 } 672 673 #ifndef CONFIG_KEYS 674 /* Muliuser mounts require CONFIG_KEYS support */ 675 if (ctx->multiuser) { 676 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 677 return -1; 678 } 679 #endif 680 681 if (ctx->got_version == false) 682 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 683 684 685 if (!ctx->UNC) { 686 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 687 return -1; 688 } 689 690 /* make sure UNC has a share name */ 691 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 692 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 693 return -ENOENT; 694 } 695 696 if (!ctx->got_ip) { 697 int len; 698 const char *slash; 699 700 /* No ip= option specified? Try to get it from UNC */ 701 /* Use the address part of the UNC. */ 702 slash = strchr(&ctx->UNC[2], '\\'); 703 len = slash - &ctx->UNC[2]; 704 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 705 &ctx->UNC[2], len)) { 706 pr_err("Unable to determine destination address\n"); 707 return -EHOSTUNREACH; 708 } 709 } 710 711 /* set the port that we got earlier */ 712 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 713 714 if (ctx->override_uid && !ctx->uid_specified) { 715 ctx->override_uid = 0; 716 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 717 } 718 719 if (ctx->override_gid && !ctx->gid_specified) { 720 ctx->override_gid = 0; 721 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 722 } 723 724 return 0; 725 } 726 727 static int smb3_get_tree_common(struct fs_context *fc) 728 { 729 struct smb3_fs_context *ctx = smb3_fc2context(fc); 730 struct dentry *root; 731 int rc = 0; 732 733 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 734 if (IS_ERR(root)) 735 return PTR_ERR(root); 736 737 fc->root = root; 738 739 return rc; 740 } 741 742 /* 743 * Create an SMB3 superblock from the parameters passed. 744 */ 745 static int smb3_get_tree(struct fs_context *fc) 746 { 747 int err = smb3_fs_context_validate(fc); 748 int ret; 749 750 if (err) 751 return err; 752 mutex_lock(&cifs_mount_mutex); 753 ret = smb3_get_tree_common(fc); 754 mutex_unlock(&cifs_mount_mutex); 755 return ret; 756 } 757 758 static void smb3_fs_context_free(struct fs_context *fc) 759 { 760 struct smb3_fs_context *ctx = smb3_fc2context(fc); 761 762 smb3_cleanup_fs_context(ctx); 763 } 764 765 /* 766 * Compare the old and new proposed context during reconfigure 767 * and check if the changes are compatible. 768 */ 769 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 770 struct smb3_fs_context *new_ctx, 771 struct smb3_fs_context *old_ctx) 772 { 773 if (new_ctx->posix_paths != old_ctx->posix_paths) { 774 cifs_errorf(fc, "can not change posixpaths during remount\n"); 775 return -EINVAL; 776 } 777 if (new_ctx->sectype != old_ctx->sectype) { 778 cifs_errorf(fc, "can not change sec during remount\n"); 779 return -EINVAL; 780 } 781 if (new_ctx->multiuser != old_ctx->multiuser) { 782 cifs_errorf(fc, "can not change multiuser during remount\n"); 783 return -EINVAL; 784 } 785 if (new_ctx->UNC && 786 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 787 cifs_errorf(fc, "can not change UNC during remount\n"); 788 return -EINVAL; 789 } 790 if (new_ctx->username && 791 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 792 cifs_errorf(fc, "can not change username during remount\n"); 793 return -EINVAL; 794 } 795 if (new_ctx->password && 796 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 797 cifs_errorf(fc, "can not change password during remount\n"); 798 return -EINVAL; 799 } 800 if (new_ctx->domainname && 801 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 802 cifs_errorf(fc, "can not change domainname during remount\n"); 803 return -EINVAL; 804 } 805 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 806 cifs_errorf(fc, "can not change workstation_name during remount\n"); 807 return -EINVAL; 808 } 809 if (new_ctx->nodename && 810 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 811 cifs_errorf(fc, "can not change nodename during remount\n"); 812 return -EINVAL; 813 } 814 if (new_ctx->iocharset && 815 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 816 cifs_errorf(fc, "can not change iocharset during remount\n"); 817 return -EINVAL; 818 } 819 820 return 0; 821 } 822 823 #define STEAL_STRING(cifs_sb, ctx, field) \ 824 do { \ 825 kfree(ctx->field); \ 826 ctx->field = cifs_sb->ctx->field; \ 827 cifs_sb->ctx->field = NULL; \ 828 } while (0) 829 830 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 831 do { \ 832 kfree_sensitive(ctx->field); \ 833 ctx->field = cifs_sb->ctx->field; \ 834 cifs_sb->ctx->field = NULL; \ 835 } while (0) 836 837 static int smb3_reconfigure(struct fs_context *fc) 838 { 839 struct smb3_fs_context *ctx = smb3_fc2context(fc); 840 struct dentry *root = fc->root; 841 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 842 int rc; 843 844 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx); 845 if (rc) 846 return rc; 847 848 /* 849 * We can not change UNC/username/password/domainname/ 850 * workstation_name/nodename/iocharset 851 * during reconnect so ignore what we have in the new context and 852 * just use what we already have in cifs_sb->ctx. 853 */ 854 STEAL_STRING(cifs_sb, ctx, UNC); 855 STEAL_STRING(cifs_sb, ctx, source); 856 STEAL_STRING(cifs_sb, ctx, username); 857 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 858 STEAL_STRING(cifs_sb, ctx, domainname); 859 STEAL_STRING(cifs_sb, ctx, nodename); 860 STEAL_STRING(cifs_sb, ctx, iocharset); 861 862 /* if rsize or wsize not passed in on remount, use previous values */ 863 if (ctx->rsize == 0) 864 ctx->rsize = cifs_sb->ctx->rsize; 865 if (ctx->wsize == 0) 866 ctx->wsize = cifs_sb->ctx->wsize; 867 868 869 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 870 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 871 smb3_update_mnt_flags(cifs_sb); 872 #ifdef CONFIG_CIFS_DFS_UPCALL 873 if (!rc) 874 rc = dfs_cache_remount_fs(cifs_sb); 875 #endif 876 877 return rc; 878 } 879 880 static int smb3_fs_context_parse_param(struct fs_context *fc, 881 struct fs_parameter *param) 882 { 883 struct fs_parse_result result; 884 struct smb3_fs_context *ctx = smb3_fc2context(fc); 885 int i, opt; 886 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 887 bool skip_parsing = false; 888 kuid_t uid; 889 kgid_t gid; 890 891 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 892 893 /* 894 * fs_parse can not handle string options with an empty value so 895 * we will need special handling of them. 896 */ 897 if (param->type == fs_value_is_string && param->string[0] == 0) { 898 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 899 skip_parsing = true; 900 opt = Opt_pass; 901 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 902 skip_parsing = true; 903 opt = Opt_user; 904 } 905 } 906 907 if (!skip_parsing) { 908 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 909 if (opt < 0) 910 return ctx->sloppy ? 1 : opt; 911 } 912 913 switch (opt) { 914 case Opt_compress: 915 ctx->compression = UNKNOWN_TYPE; 916 cifs_dbg(VFS, 917 "SMB3 compression support is experimental\n"); 918 break; 919 case Opt_nodfs: 920 ctx->nodfs = 1; 921 break; 922 case Opt_hard: 923 if (result.negated) { 924 if (ctx->retry == 1) 925 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 926 ctx->retry = 0; 927 } else 928 ctx->retry = 1; 929 break; 930 case Opt_soft: 931 if (result.negated) 932 ctx->retry = 1; 933 else { 934 if (ctx->retry == 1) 935 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 936 ctx->retry = 0; 937 } 938 break; 939 case Opt_mapposix: 940 if (result.negated) 941 ctx->remap = false; 942 else { 943 ctx->remap = true; 944 ctx->sfu_remap = false; /* disable SFU mapping */ 945 } 946 break; 947 case Opt_mapchars: 948 if (result.negated) 949 ctx->sfu_remap = false; 950 else { 951 ctx->sfu_remap = true; 952 ctx->remap = false; /* disable SFM (mapposix) mapping */ 953 } 954 break; 955 case Opt_user_xattr: 956 if (result.negated) 957 ctx->no_xattr = 1; 958 else 959 ctx->no_xattr = 0; 960 break; 961 case Opt_forceuid: 962 if (result.negated) 963 ctx->override_uid = 0; 964 else 965 ctx->override_uid = 1; 966 break; 967 case Opt_forcegid: 968 if (result.negated) 969 ctx->override_gid = 0; 970 else 971 ctx->override_gid = 1; 972 break; 973 case Opt_perm: 974 if (result.negated) 975 ctx->noperm = 1; 976 else 977 ctx->noperm = 0; 978 break; 979 case Opt_dynperm: 980 if (result.negated) 981 ctx->dynperm = 0; 982 else 983 ctx->dynperm = 1; 984 break; 985 case Opt_sfu: 986 if (result.negated) 987 ctx->sfu_emul = 0; 988 else 989 ctx->sfu_emul = 1; 990 break; 991 case Opt_noblocksend: 992 ctx->noblocksnd = 1; 993 break; 994 case Opt_noautotune: 995 ctx->noautotune = 1; 996 break; 997 case Opt_nolease: 998 ctx->no_lease = 1; 999 break; 1000 case Opt_nosparse: 1001 ctx->no_sparse = 1; 1002 break; 1003 case Opt_nodelete: 1004 ctx->nodelete = 1; 1005 break; 1006 case Opt_multichannel: 1007 if (result.negated) { 1008 ctx->multichannel = false; 1009 ctx->max_channels = 1; 1010 } else { 1011 ctx->multichannel = true; 1012 /* if number of channels not specified, default to 2 */ 1013 if (ctx->max_channels < 2) 1014 ctx->max_channels = 2; 1015 } 1016 break; 1017 case Opt_uid: 1018 uid = make_kuid(current_user_ns(), result.uint_32); 1019 if (!uid_valid(uid)) 1020 goto cifs_parse_mount_err; 1021 ctx->linux_uid = uid; 1022 ctx->uid_specified = true; 1023 break; 1024 case Opt_cruid: 1025 uid = make_kuid(current_user_ns(), result.uint_32); 1026 if (!uid_valid(uid)) 1027 goto cifs_parse_mount_err; 1028 ctx->cred_uid = uid; 1029 ctx->cruid_specified = true; 1030 break; 1031 case Opt_backupuid: 1032 uid = make_kuid(current_user_ns(), result.uint_32); 1033 if (!uid_valid(uid)) 1034 goto cifs_parse_mount_err; 1035 ctx->backupuid = uid; 1036 ctx->backupuid_specified = true; 1037 break; 1038 case Opt_backupgid: 1039 gid = make_kgid(current_user_ns(), result.uint_32); 1040 if (!gid_valid(gid)) 1041 goto cifs_parse_mount_err; 1042 ctx->backupgid = gid; 1043 ctx->backupgid_specified = true; 1044 break; 1045 case Opt_gid: 1046 gid = make_kgid(current_user_ns(), result.uint_32); 1047 if (!gid_valid(gid)) 1048 goto cifs_parse_mount_err; 1049 ctx->linux_gid = gid; 1050 ctx->gid_specified = true; 1051 break; 1052 case Opt_port: 1053 ctx->port = result.uint_32; 1054 break; 1055 case Opt_file_mode: 1056 ctx->file_mode = result.uint_32; 1057 break; 1058 case Opt_dirmode: 1059 ctx->dir_mode = result.uint_32; 1060 break; 1061 case Opt_min_enc_offload: 1062 ctx->min_offload = result.uint_32; 1063 break; 1064 case Opt_blocksize: 1065 /* 1066 * inode blocksize realistically should never need to be 1067 * less than 16K or greater than 16M and default is 1MB. 1068 * Note that small inode block sizes (e.g. 64K) can lead 1069 * to very poor performance of common tools like cp and scp 1070 */ 1071 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1072 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1073 cifs_errorf(fc, "%s: Invalid blocksize\n", 1074 __func__); 1075 goto cifs_parse_mount_err; 1076 } 1077 ctx->bsize = result.uint_32; 1078 ctx->got_bsize = true; 1079 break; 1080 case Opt_rasize: 1081 /* 1082 * readahead size realistically should never need to be 1083 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1084 * (perhaps an exception should be considered in the 1085 * for the case of a large number of channels 1086 * when multichannel is negotiated) since that would lead 1087 * to plenty of parallel I/O in flight to the server. 1088 * Note that smaller read ahead sizes would 1089 * hurt performance of common tools like cp and scp 1090 * which often trigger sequential i/o with read ahead 1091 */ 1092 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1093 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1094 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1095 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1096 goto cifs_parse_mount_err; 1097 } 1098 ctx->rasize = result.uint_32; 1099 break; 1100 case Opt_rsize: 1101 ctx->rsize = result.uint_32; 1102 ctx->got_rsize = true; 1103 break; 1104 case Opt_wsize: 1105 ctx->wsize = result.uint_32; 1106 ctx->got_wsize = true; 1107 break; 1108 case Opt_acregmax: 1109 ctx->acregmax = HZ * result.uint_32; 1110 if (ctx->acregmax > CIFS_MAX_ACTIMEO) { 1111 cifs_errorf(fc, "acregmax too large\n"); 1112 goto cifs_parse_mount_err; 1113 } 1114 break; 1115 case Opt_acdirmax: 1116 ctx->acdirmax = HZ * result.uint_32; 1117 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) { 1118 cifs_errorf(fc, "acdirmax too large\n"); 1119 goto cifs_parse_mount_err; 1120 } 1121 break; 1122 case Opt_actimeo: 1123 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) { 1124 cifs_errorf(fc, "timeout too large\n"); 1125 goto cifs_parse_mount_err; 1126 } 1127 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1128 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1129 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1130 break; 1131 } 1132 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1133 break; 1134 case Opt_closetimeo: 1135 ctx->closetimeo = HZ * result.uint_32; 1136 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) { 1137 cifs_errorf(fc, "closetimeo too large\n"); 1138 goto cifs_parse_mount_err; 1139 } 1140 break; 1141 case Opt_echo_interval: 1142 ctx->echo_interval = result.uint_32; 1143 break; 1144 case Opt_snapshot: 1145 ctx->snapshot_time = result.uint_64; 1146 break; 1147 case Opt_max_credits: 1148 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1149 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1150 __func__); 1151 goto cifs_parse_mount_err; 1152 } 1153 ctx->max_credits = result.uint_32; 1154 break; 1155 case Opt_max_channels: 1156 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1157 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1158 __func__, CIFS_MAX_CHANNELS); 1159 goto cifs_parse_mount_err; 1160 } 1161 ctx->max_channels = result.uint_32; 1162 /* If more than one channel requested ... they want multichan */ 1163 if (result.uint_32 > 1) 1164 ctx->multichannel = true; 1165 break; 1166 case Opt_handletimeout: 1167 ctx->handle_timeout = result.uint_32; 1168 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1169 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1170 goto cifs_parse_mount_err; 1171 } 1172 break; 1173 case Opt_source: 1174 kfree(ctx->UNC); 1175 ctx->UNC = NULL; 1176 switch (smb3_parse_devname(param->string, ctx)) { 1177 case 0: 1178 break; 1179 case -ENOMEM: 1180 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1181 goto cifs_parse_mount_err; 1182 case -EINVAL: 1183 cifs_errorf(fc, "Malformed UNC in devname\n"); 1184 goto cifs_parse_mount_err; 1185 default: 1186 cifs_errorf(fc, "Unknown error parsing devname\n"); 1187 goto cifs_parse_mount_err; 1188 } 1189 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1190 if (IS_ERR(ctx->source)) { 1191 ctx->source = NULL; 1192 cifs_errorf(fc, "OOM when copying UNC string\n"); 1193 goto cifs_parse_mount_err; 1194 } 1195 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1196 if (fc->source == NULL) { 1197 cifs_errorf(fc, "OOM when copying UNC string\n"); 1198 goto cifs_parse_mount_err; 1199 } 1200 break; 1201 case Opt_user: 1202 kfree(ctx->username); 1203 ctx->username = NULL; 1204 if (strlen(param->string) == 0) { 1205 /* null user, ie. anonymous authentication */ 1206 ctx->nullauth = 1; 1207 break; 1208 } 1209 1210 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) > 1211 CIFS_MAX_USERNAME_LEN) { 1212 pr_warn("username too long\n"); 1213 goto cifs_parse_mount_err; 1214 } 1215 ctx->username = kstrdup(param->string, GFP_KERNEL); 1216 if (ctx->username == NULL) { 1217 cifs_errorf(fc, "OOM when copying username string\n"); 1218 goto cifs_parse_mount_err; 1219 } 1220 break; 1221 case Opt_pass: 1222 kfree_sensitive(ctx->password); 1223 ctx->password = NULL; 1224 if (strlen(param->string) == 0) 1225 break; 1226 1227 ctx->password = kstrdup(param->string, GFP_KERNEL); 1228 if (ctx->password == NULL) { 1229 cifs_errorf(fc, "OOM when copying password string\n"); 1230 goto cifs_parse_mount_err; 1231 } 1232 break; 1233 case Opt_ip: 1234 if (strlen(param->string) == 0) { 1235 ctx->got_ip = false; 1236 break; 1237 } 1238 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1239 param->string, 1240 strlen(param->string))) { 1241 pr_err("bad ip= option (%s)\n", param->string); 1242 goto cifs_parse_mount_err; 1243 } 1244 ctx->got_ip = true; 1245 break; 1246 case Opt_domain: 1247 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1248 == CIFS_MAX_DOMAINNAME_LEN) { 1249 pr_warn("domain name too long\n"); 1250 goto cifs_parse_mount_err; 1251 } 1252 1253 kfree(ctx->domainname); 1254 ctx->domainname = kstrdup(param->string, GFP_KERNEL); 1255 if (ctx->domainname == NULL) { 1256 cifs_errorf(fc, "OOM when copying domainname string\n"); 1257 goto cifs_parse_mount_err; 1258 } 1259 cifs_dbg(FYI, "Domain name set\n"); 1260 break; 1261 case Opt_srcaddr: 1262 if (!cifs_convert_address( 1263 (struct sockaddr *)&ctx->srcaddr, 1264 param->string, strlen(param->string))) { 1265 pr_warn("Could not parse srcaddr: %s\n", 1266 param->string); 1267 goto cifs_parse_mount_err; 1268 } 1269 break; 1270 case Opt_iocharset: 1271 if (strnlen(param->string, 1024) >= 65) { 1272 pr_warn("iocharset name too long\n"); 1273 goto cifs_parse_mount_err; 1274 } 1275 1276 if (strncasecmp(param->string, "default", 7) != 0) { 1277 kfree(ctx->iocharset); 1278 ctx->iocharset = kstrdup(param->string, GFP_KERNEL); 1279 if (ctx->iocharset == NULL) { 1280 cifs_errorf(fc, "OOM when copying iocharset string\n"); 1281 goto cifs_parse_mount_err; 1282 } 1283 } 1284 /* if iocharset not set then load_nls_default 1285 * is used by caller 1286 */ 1287 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1288 break; 1289 case Opt_netbiosname: 1290 memset(ctx->source_rfc1001_name, 0x20, 1291 RFC1001_NAME_LEN); 1292 /* 1293 * FIXME: are there cases in which a comma can 1294 * be valid in workstation netbios name (and 1295 * need special handling)? 1296 */ 1297 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1298 /* don't ucase netbiosname for user */ 1299 if (param->string[i] == 0) 1300 break; 1301 ctx->source_rfc1001_name[i] = param->string[i]; 1302 } 1303 /* The string has 16th byte zero still from 1304 * set at top of the function 1305 */ 1306 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1307 pr_warn("netbiosname longer than 15 truncated\n"); 1308 break; 1309 case Opt_servern: 1310 /* last byte, type, is 0x20 for servr type */ 1311 memset(ctx->target_rfc1001_name, 0x20, 1312 RFC1001_NAME_LEN_WITH_NULL); 1313 /* 1314 * BB are there cases in which a comma can be valid in this 1315 * workstation netbios name (and need special handling)? 1316 */ 1317 1318 /* user or mount helper must uppercase the netbios name */ 1319 for (i = 0; i < 15; i++) { 1320 if (param->string[i] == 0) 1321 break; 1322 ctx->target_rfc1001_name[i] = param->string[i]; 1323 } 1324 1325 /* The string has 16th byte zero still from set at top of function */ 1326 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1327 pr_warn("server netbiosname longer than 15 truncated\n"); 1328 break; 1329 case Opt_ver: 1330 /* version of mount userspace tools, not dialect */ 1331 /* If interface changes in mount.cifs bump to new ver */ 1332 if (strncasecmp(param->string, "1", 1) == 0) { 1333 if (strlen(param->string) > 1) { 1334 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1335 param->string); 1336 goto cifs_parse_mount_err; 1337 } 1338 /* This is the default */ 1339 break; 1340 } 1341 /* For all other value, error */ 1342 pr_warn("Invalid mount helper version specified\n"); 1343 goto cifs_parse_mount_err; 1344 case Opt_vers: 1345 /* protocol version (dialect) */ 1346 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1347 goto cifs_parse_mount_err; 1348 ctx->got_version = true; 1349 break; 1350 case Opt_sec: 1351 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1352 goto cifs_parse_mount_err; 1353 break; 1354 case Opt_cache: 1355 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1356 goto cifs_parse_mount_err; 1357 break; 1358 case Opt_witness: 1359 #ifndef CONFIG_CIFS_SWN_UPCALL 1360 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1361 goto cifs_parse_mount_err; 1362 #endif 1363 ctx->witness = true; 1364 pr_warn_once("Witness protocol support is experimental\n"); 1365 break; 1366 case Opt_rootfs: 1367 #ifndef CONFIG_CIFS_ROOT 1368 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1369 goto cifs_parse_mount_err; 1370 #endif 1371 ctx->rootfs = true; 1372 break; 1373 case Opt_posixpaths: 1374 if (result.negated) 1375 ctx->posix_paths = 0; 1376 else 1377 ctx->posix_paths = 1; 1378 break; 1379 case Opt_unix: 1380 if (result.negated) { 1381 if (ctx->linux_ext == 1) 1382 pr_warn_once("conflicting posix mount options specified\n"); 1383 ctx->linux_ext = 0; 1384 ctx->no_linux_ext = 1; 1385 } else { 1386 if (ctx->no_linux_ext == 1) 1387 pr_warn_once("conflicting posix mount options specified\n"); 1388 ctx->linux_ext = 1; 1389 ctx->no_linux_ext = 0; 1390 } 1391 break; 1392 case Opt_nocase: 1393 ctx->nocase = 1; 1394 break; 1395 case Opt_brl: 1396 if (result.negated) { 1397 /* 1398 * turn off mandatory locking in mode 1399 * if remote locking is turned off since the 1400 * local vfs will do advisory 1401 */ 1402 if (ctx->file_mode == 1403 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1404 ctx->file_mode = S_IALLUGO; 1405 ctx->nobrl = 1; 1406 } else 1407 ctx->nobrl = 0; 1408 break; 1409 case Opt_handlecache: 1410 if (result.negated) 1411 ctx->nohandlecache = 1; 1412 else 1413 ctx->nohandlecache = 0; 1414 break; 1415 case Opt_forcemandatorylock: 1416 ctx->mand_lock = 1; 1417 break; 1418 case Opt_setuids: 1419 ctx->setuids = result.negated; 1420 break; 1421 case Opt_intr: 1422 ctx->intr = !result.negated; 1423 break; 1424 case Opt_setuidfromacl: 1425 ctx->setuidfromacl = 1; 1426 break; 1427 case Opt_strictsync: 1428 ctx->nostrictsync = result.negated; 1429 break; 1430 case Opt_serverino: 1431 ctx->server_ino = !result.negated; 1432 break; 1433 case Opt_rwpidforward: 1434 ctx->rwpidforward = 1; 1435 break; 1436 case Opt_modesid: 1437 ctx->mode_ace = 1; 1438 break; 1439 case Opt_cifsacl: 1440 ctx->cifs_acl = !result.negated; 1441 break; 1442 case Opt_acl: 1443 ctx->no_psx_acl = result.negated; 1444 break; 1445 case Opt_locallease: 1446 ctx->local_lease = 1; 1447 break; 1448 case Opt_sign: 1449 ctx->sign = true; 1450 break; 1451 case Opt_ignore_signature: 1452 ctx->sign = true; 1453 ctx->ignore_signature = true; 1454 break; 1455 case Opt_seal: 1456 /* we do not do the following in secFlags because seal 1457 * is a per tree connection (mount) not a per socket 1458 * or per-smb connection option in the protocol 1459 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1460 */ 1461 ctx->seal = 1; 1462 break; 1463 case Opt_noac: 1464 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1465 break; 1466 case Opt_fsc: 1467 #ifndef CONFIG_CIFS_FSCACHE 1468 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1469 goto cifs_parse_mount_err; 1470 #endif 1471 ctx->fsc = true; 1472 break; 1473 case Opt_mfsymlinks: 1474 ctx->mfsymlinks = true; 1475 break; 1476 case Opt_multiuser: 1477 ctx->multiuser = true; 1478 break; 1479 case Opt_sloppy: 1480 ctx->sloppy = true; 1481 break; 1482 case Opt_nosharesock: 1483 ctx->nosharesock = true; 1484 break; 1485 case Opt_persistent: 1486 if (result.negated) { 1487 ctx->nopersistent = true; 1488 if (ctx->persistent) { 1489 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1490 goto cifs_parse_mount_err; 1491 } 1492 } else { 1493 ctx->persistent = true; 1494 if ((ctx->nopersistent) || (ctx->resilient)) { 1495 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1496 goto cifs_parse_mount_err; 1497 } 1498 } 1499 break; 1500 case Opt_resilient: 1501 if (result.negated) { 1502 ctx->resilient = false; /* already the default */ 1503 } else { 1504 ctx->resilient = true; 1505 if (ctx->persistent) { 1506 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1507 goto cifs_parse_mount_err; 1508 } 1509 } 1510 break; 1511 case Opt_tcp_nodelay: 1512 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1513 if (result.negated) 1514 ctx->sockopt_tcp_nodelay = false; 1515 else 1516 ctx->sockopt_tcp_nodelay = true; 1517 break; 1518 case Opt_domainauto: 1519 ctx->domainauto = true; 1520 break; 1521 case Opt_rdma: 1522 ctx->rdma = true; 1523 break; 1524 } 1525 /* case Opt_ignore: - is ignored as expected ... */ 1526 1527 return 0; 1528 1529 cifs_parse_mount_err: 1530 kfree_sensitive(ctx->password); 1531 return -EINVAL; 1532 } 1533 1534 int smb3_init_fs_context(struct fs_context *fc) 1535 { 1536 struct smb3_fs_context *ctx; 1537 char *nodename = utsname()->nodename; 1538 int i; 1539 1540 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL); 1541 if (unlikely(!ctx)) 1542 return -ENOMEM; 1543 1544 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1545 1546 /* 1547 * does not have to be perfect mapping since field is 1548 * informational, only used for servers that do not support 1549 * port 445 and it can be overridden at mount time 1550 */ 1551 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1552 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1553 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1554 1555 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1556 /* 1557 * null target name indicates to use *SMBSERVR default called name 1558 * if we end up sending RFC1001 session initialize 1559 */ 1560 ctx->target_rfc1001_name[0] = 0; 1561 ctx->cred_uid = current_uid(); 1562 ctx->linux_uid = current_uid(); 1563 ctx->linux_gid = current_gid(); 1564 /* By default 4MB read ahead size, 1MB block size */ 1565 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1566 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1567 1568 /* 1569 * default to SFM style remapping of seven reserved characters 1570 * unless user overrides it or we negotiate CIFS POSIX where 1571 * it is unnecessary. Can not simultaneously use more than one mapping 1572 * since then readdir could list files that open could not open 1573 */ 1574 ctx->remap = true; 1575 1576 /* default to only allowing write access to owner of the mount */ 1577 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1578 1579 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1580 /* default is always to request posix paths. */ 1581 ctx->posix_paths = 1; 1582 /* default to using server inode numbers where available */ 1583 ctx->server_ino = 1; 1584 1585 /* default is to use strict cifs caching semantics */ 1586 ctx->strict_io = true; 1587 1588 ctx->acregmax = CIFS_DEF_ACTIMEO; 1589 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1590 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1591 1592 /* Most clients set timeout to 0, allows server to use its default */ 1593 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1594 1595 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1596 ctx->ops = &smb30_operations; 1597 ctx->vals = &smbdefault_values; 1598 1599 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1600 1601 /* default to no multichannel (single server connection) */ 1602 ctx->multichannel = false; 1603 ctx->max_channels = 1; 1604 1605 ctx->backupuid_specified = false; /* no backup intent for a user */ 1606 ctx->backupgid_specified = false; /* no backup intent for a group */ 1607 1608 /* 1609 * short int override_uid = -1; 1610 * short int override_gid = -1; 1611 * char *nodename = strdup(utsname()->nodename); 1612 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 1613 */ 1614 1615 fc->fs_private = ctx; 1616 fc->ops = &smb3_fs_context_ops; 1617 return 0; 1618 } 1619 1620 void 1621 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 1622 { 1623 if (ctx == NULL) 1624 return; 1625 1626 /* 1627 * Make sure this stays in sync with smb3_fs_context_dup() 1628 */ 1629 kfree(ctx->username); 1630 ctx->username = NULL; 1631 kfree_sensitive(ctx->password); 1632 ctx->password = NULL; 1633 kfree(ctx->server_hostname); 1634 ctx->server_hostname = NULL; 1635 kfree(ctx->UNC); 1636 ctx->UNC = NULL; 1637 kfree(ctx->source); 1638 ctx->source = NULL; 1639 kfree(ctx->domainname); 1640 ctx->domainname = NULL; 1641 kfree(ctx->nodename); 1642 ctx->nodename = NULL; 1643 kfree(ctx->iocharset); 1644 ctx->iocharset = NULL; 1645 kfree(ctx->prepath); 1646 ctx->prepath = NULL; 1647 kfree(ctx->leaf_fullpath); 1648 ctx->leaf_fullpath = NULL; 1649 } 1650 1651 void 1652 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 1653 { 1654 if (!ctx) 1655 return; 1656 smb3_cleanup_fs_context_contents(ctx); 1657 kfree(ctx); 1658 } 1659 1660 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 1661 { 1662 struct smb3_fs_context *ctx = cifs_sb->ctx; 1663 1664 if (ctx->nodfs) 1665 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS; 1666 else 1667 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS; 1668 1669 if (ctx->noperm) 1670 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1671 else 1672 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM; 1673 1674 if (ctx->setuids) 1675 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID; 1676 else 1677 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID; 1678 1679 if (ctx->setuidfromacl) 1680 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL; 1681 else 1682 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL; 1683 1684 if (ctx->server_ino) 1685 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM; 1686 else 1687 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM; 1688 1689 if (ctx->remap) 1690 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR; 1691 else 1692 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR; 1693 1694 if (ctx->sfu_remap) 1695 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 1696 else 1697 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 1698 1699 if (ctx->no_xattr) 1700 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR; 1701 else 1702 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR; 1703 1704 if (ctx->sfu_emul) 1705 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL; 1706 else 1707 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL; 1708 1709 if (ctx->nobrl) 1710 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL; 1711 else 1712 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL; 1713 1714 if (ctx->nohandlecache) 1715 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE; 1716 else 1717 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 1718 1719 if (ctx->nostrictsync) 1720 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC; 1721 else 1722 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC; 1723 1724 if (ctx->mand_lock) 1725 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL; 1726 else 1727 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL; 1728 1729 if (ctx->rwpidforward) 1730 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 1731 else 1732 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD; 1733 1734 if (ctx->mode_ace) 1735 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID; 1736 else 1737 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID; 1738 1739 if (ctx->cifs_acl) 1740 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 1741 else 1742 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL; 1743 1744 if (ctx->backupuid_specified) 1745 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 1746 else 1747 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 1748 1749 if (ctx->backupgid_specified) 1750 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 1751 else 1752 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 1753 1754 if (ctx->override_uid) 1755 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 1756 else 1757 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID; 1758 1759 if (ctx->override_gid) 1760 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID; 1761 else 1762 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID; 1763 1764 if (ctx->dynperm) 1765 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM; 1766 else 1767 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM; 1768 1769 if (ctx->fsc) 1770 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE; 1771 else 1772 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE; 1773 1774 if (ctx->multiuser) 1775 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 1776 CIFS_MOUNT_NO_PERM); 1777 else 1778 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER; 1779 1780 1781 if (ctx->strict_io) 1782 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO; 1783 else 1784 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO; 1785 1786 if (ctx->direct_io) 1787 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 1788 else 1789 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO; 1790 1791 if (ctx->mfsymlinks) 1792 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS; 1793 else 1794 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS; 1795 if (ctx->mfsymlinks) { 1796 if (ctx->sfu_emul) { 1797 /* 1798 * Our SFU ("Services for Unix" emulation does not allow 1799 * creating symlinks but does allow reading existing SFU 1800 * symlinks (it does allow both creating and reading SFU 1801 * style mknod and FIFOs though). When "mfsymlinks" and 1802 * "sfu" are both enabled at the same time, it allows 1803 * reading both types of symlinks, but will only create 1804 * them with mfsymlinks format. This allows better 1805 * Apple compatibility (probably better for Samba too) 1806 * while still recognizing old Windows style symlinks. 1807 */ 1808 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 1809 } 1810 } 1811 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN; 1812 1813 return; 1814 } 1815