1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifspdu.h" 30 #include "cifsglob.h" 31 #include "cifsproto.h" 32 #include "cifs_unicode.h" 33 #include "cifs_debug.h" 34 #include "cifs_fs_sb.h" 35 #include "ntlmssp.h" 36 #include "nterr.h" 37 #include "rfc1002pdu.h" 38 #include "fs_context.h" 39 40 static DEFINE_MUTEX(cifs_mount_mutex); 41 42 static const match_table_t cifs_smb_version_tokens = { 43 { Smb_1, SMB1_VERSION_STRING }, 44 { Smb_20, SMB20_VERSION_STRING}, 45 { Smb_21, SMB21_VERSION_STRING }, 46 { Smb_30, SMB30_VERSION_STRING }, 47 { Smb_302, SMB302_VERSION_STRING }, 48 { Smb_302, ALT_SMB302_VERSION_STRING }, 49 { Smb_311, SMB311_VERSION_STRING }, 50 { Smb_311, ALT_SMB311_VERSION_STRING }, 51 { Smb_3any, SMB3ANY_VERSION_STRING }, 52 { Smb_default, SMBDEFAULT_VERSION_STRING }, 53 { Smb_version_err, NULL } 54 }; 55 56 static const match_table_t cifs_secflavor_tokens = { 57 { Opt_sec_krb5, "krb5" }, 58 { Opt_sec_krb5i, "krb5i" }, 59 { Opt_sec_krb5p, "krb5p" }, 60 { Opt_sec_ntlmsspi, "ntlmsspi" }, 61 { Opt_sec_ntlmssp, "ntlmssp" }, 62 { Opt_sec_ntlmv2, "nontlm" }, 63 { Opt_sec_ntlmv2, "ntlmv2" }, 64 { Opt_sec_ntlmv2i, "ntlmv2i" }, 65 { Opt_sec_none, "none" }, 66 67 { Opt_sec_err, NULL } 68 }; 69 70 const struct fs_parameter_spec smb3_fs_parameters[] = { 71 /* Mount options that take no arguments */ 72 fsparam_flag_no("user_xattr", Opt_user_xattr), 73 fsparam_flag_no("forceuid", Opt_forceuid), 74 fsparam_flag_no("multichannel", Opt_multichannel), 75 fsparam_flag_no("forcegid", Opt_forcegid), 76 fsparam_flag("noblocksend", Opt_noblocksend), 77 fsparam_flag("noautotune", Opt_noautotune), 78 fsparam_flag("nolease", Opt_nolease), 79 fsparam_flag_no("hard", Opt_hard), 80 fsparam_flag_no("soft", Opt_soft), 81 fsparam_flag_no("perm", Opt_perm), 82 fsparam_flag("nodelete", Opt_nodelete), 83 fsparam_flag_no("mapposix", Opt_mapposix), 84 fsparam_flag("mapchars", Opt_mapchars), 85 fsparam_flag("nomapchars", Opt_nomapchars), 86 fsparam_flag_no("sfu", Opt_sfu), 87 fsparam_flag("nodfs", Opt_nodfs), 88 fsparam_flag_no("posixpaths", Opt_posixpaths), 89 fsparam_flag_no("unix", Opt_unix), 90 fsparam_flag_no("linux", Opt_unix), 91 fsparam_flag_no("posix", Opt_unix), 92 fsparam_flag("nocase", Opt_nocase), 93 fsparam_flag("ignorecase", Opt_nocase), 94 fsparam_flag_no("brl", Opt_brl), 95 fsparam_flag_no("handlecache", Opt_handlecache), 96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 97 fsparam_flag("forcemand", Opt_forcemandatorylock), 98 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 99 fsparam_flag("idsfromsid", Opt_setuidfromacl), 100 fsparam_flag_no("setuids", Opt_setuids), 101 fsparam_flag_no("dynperm", Opt_dynperm), 102 fsparam_flag_no("intr", Opt_intr), 103 fsparam_flag_no("strictsync", Opt_strictsync), 104 fsparam_flag_no("serverino", Opt_serverino), 105 fsparam_flag("rwpidforward", Opt_rwpidforward), 106 fsparam_flag("cifsacl", Opt_cifsacl), 107 fsparam_flag_no("acl", Opt_acl), 108 fsparam_flag("locallease", Opt_locallease), 109 fsparam_flag("sign", Opt_sign), 110 fsparam_flag("ignore_signature", Opt_ignore_signature), 111 fsparam_flag("signloosely", Opt_ignore_signature), 112 fsparam_flag("seal", Opt_seal), 113 fsparam_flag("noac", Opt_noac), 114 fsparam_flag("fsc", Opt_fsc), 115 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 116 fsparam_flag("multiuser", Opt_multiuser), 117 fsparam_flag("sloppy", Opt_sloppy), 118 fsparam_flag("nosharesock", Opt_nosharesock), 119 fsparam_flag_no("persistenthandles", Opt_persistent), 120 fsparam_flag_no("resilienthandles", Opt_resilient), 121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 122 fsparam_flag("nosparse", Opt_nosparse), 123 fsparam_flag("domainauto", Opt_domainauto), 124 fsparam_flag("rdma", Opt_rdma), 125 fsparam_flag("modesid", Opt_modesid), 126 fsparam_flag("modefromsid", Opt_modesid), 127 fsparam_flag("rootfs", Opt_rootfs), 128 fsparam_flag("compress", Opt_compress), 129 fsparam_flag("witness", Opt_witness), 130 131 /* Mount options which take numeric value */ 132 fsparam_u32("backupuid", Opt_backupuid), 133 fsparam_u32("backupgid", Opt_backupgid), 134 fsparam_u32("uid", Opt_uid), 135 fsparam_u32("cruid", Opt_cruid), 136 fsparam_u32("gid", Opt_gid), 137 fsparam_u32("file_mode", Opt_file_mode), 138 fsparam_u32("dirmode", Opt_dirmode), 139 fsparam_u32("dir_mode", Opt_dirmode), 140 fsparam_u32("port", Opt_port), 141 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 142 fsparam_u32("retrans", Opt_retrans), 143 fsparam_u32("esize", Opt_min_enc_offload), 144 fsparam_u32("bsize", Opt_blocksize), 145 fsparam_u32("rasize", Opt_rasize), 146 fsparam_u32("rsize", Opt_rsize), 147 fsparam_u32("wsize", Opt_wsize), 148 fsparam_u32("actimeo", Opt_actimeo), 149 fsparam_u32("acdirmax", Opt_acdirmax), 150 fsparam_u32("acregmax", Opt_acregmax), 151 fsparam_u32("closetimeo", Opt_closetimeo), 152 fsparam_u32("echo_interval", Opt_echo_interval), 153 fsparam_u32("max_credits", Opt_max_credits), 154 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs), 155 fsparam_u32("handletimeout", Opt_handletimeout), 156 fsparam_u64("snapshot", Opt_snapshot), 157 fsparam_u32("max_channels", Opt_max_channels), 158 159 /* Mount options which take string value */ 160 fsparam_string("source", Opt_source), 161 fsparam_string("user", Opt_user), 162 fsparam_string("username", Opt_user), 163 fsparam_string("pass", Opt_pass), 164 fsparam_string("password", Opt_pass), 165 fsparam_string("ip", Opt_ip), 166 fsparam_string("addr", Opt_ip), 167 fsparam_string("domain", Opt_domain), 168 fsparam_string("dom", Opt_domain), 169 fsparam_string("srcaddr", Opt_srcaddr), 170 fsparam_string("iocharset", Opt_iocharset), 171 fsparam_string("netbiosname", Opt_netbiosname), 172 fsparam_string("servern", Opt_servern), 173 fsparam_string("ver", Opt_ver), 174 fsparam_string("vers", Opt_vers), 175 fsparam_string("sec", Opt_sec), 176 fsparam_string("cache", Opt_cache), 177 178 /* Arguments that should be ignored */ 179 fsparam_flag("guest", Opt_ignore), 180 fsparam_flag("noatime", Opt_ignore), 181 fsparam_flag("relatime", Opt_ignore), 182 fsparam_flag("_netdev", Opt_ignore), 183 fsparam_flag_no("suid", Opt_ignore), 184 fsparam_flag_no("exec", Opt_ignore), 185 fsparam_flag_no("dev", Opt_ignore), 186 fsparam_flag_no("mand", Opt_ignore), 187 fsparam_flag_no("auto", Opt_ignore), 188 fsparam_string("cred", Opt_ignore), 189 fsparam_string("credentials", Opt_ignore), 190 /* 191 * UNC and prefixpath is now extracted from Opt_source 192 * in the new mount API so we can just ignore them going forward. 193 */ 194 fsparam_string("unc", Opt_ignore), 195 fsparam_string("prefixpath", Opt_ignore), 196 {} 197 }; 198 199 static int 200 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 201 { 202 203 substring_t args[MAX_OPT_ARGS]; 204 205 /* 206 * With mount options, the last one should win. Reset any existing 207 * settings back to default. 208 */ 209 ctx->sectype = Unspecified; 210 ctx->sign = false; 211 212 switch (match_token(value, cifs_secflavor_tokens, args)) { 213 case Opt_sec_krb5p: 214 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n"); 215 return 1; 216 case Opt_sec_krb5i: 217 ctx->sign = true; 218 fallthrough; 219 case Opt_sec_krb5: 220 ctx->sectype = Kerberos; 221 break; 222 case Opt_sec_ntlmsspi: 223 ctx->sign = true; 224 fallthrough; 225 case Opt_sec_ntlmssp: 226 ctx->sectype = RawNTLMSSP; 227 break; 228 case Opt_sec_ntlmv2i: 229 ctx->sign = true; 230 fallthrough; 231 case Opt_sec_ntlmv2: 232 ctx->sectype = NTLMv2; 233 break; 234 case Opt_sec_none: 235 ctx->nullauth = 1; 236 kfree(ctx->username); 237 ctx->username = NULL; 238 break; 239 default: 240 cifs_errorf(fc, "bad security option: %s\n", value); 241 return 1; 242 } 243 244 return 0; 245 } 246 247 static const match_table_t cifs_cacheflavor_tokens = { 248 { Opt_cache_loose, "loose" }, 249 { Opt_cache_strict, "strict" }, 250 { Opt_cache_none, "none" }, 251 { Opt_cache_ro, "ro" }, 252 { Opt_cache_rw, "singleclient" }, 253 { Opt_cache_err, NULL } 254 }; 255 256 static int 257 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 258 { 259 substring_t args[MAX_OPT_ARGS]; 260 261 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 262 case Opt_cache_loose: 263 ctx->direct_io = false; 264 ctx->strict_io = false; 265 ctx->cache_ro = false; 266 ctx->cache_rw = false; 267 break; 268 case Opt_cache_strict: 269 ctx->direct_io = false; 270 ctx->strict_io = true; 271 ctx->cache_ro = false; 272 ctx->cache_rw = false; 273 break; 274 case Opt_cache_none: 275 ctx->direct_io = true; 276 ctx->strict_io = false; 277 ctx->cache_ro = false; 278 ctx->cache_rw = false; 279 break; 280 case Opt_cache_ro: 281 ctx->direct_io = false; 282 ctx->strict_io = false; 283 ctx->cache_ro = true; 284 ctx->cache_rw = false; 285 break; 286 case Opt_cache_rw: 287 ctx->direct_io = false; 288 ctx->strict_io = false; 289 ctx->cache_ro = false; 290 ctx->cache_rw = true; 291 break; 292 default: 293 cifs_errorf(fc, "bad cache= option: %s\n", value); 294 return 1; 295 } 296 return 0; 297 } 298 299 #define DUP_CTX_STR(field) \ 300 do { \ 301 if (ctx->field) { \ 302 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 303 if (new_ctx->field == NULL) { \ 304 smb3_cleanup_fs_context_contents(new_ctx); \ 305 return -ENOMEM; \ 306 } \ 307 } \ 308 } while (0) 309 310 int 311 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 312 { 313 memcpy(new_ctx, ctx, sizeof(*ctx)); 314 new_ctx->prepath = NULL; 315 new_ctx->nodename = NULL; 316 new_ctx->username = NULL; 317 new_ctx->password = NULL; 318 new_ctx->server_hostname = NULL; 319 new_ctx->domainname = NULL; 320 new_ctx->UNC = NULL; 321 new_ctx->source = NULL; 322 new_ctx->iocharset = NULL; 323 new_ctx->leaf_fullpath = NULL; 324 /* 325 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 326 */ 327 DUP_CTX_STR(prepath); 328 DUP_CTX_STR(username); 329 DUP_CTX_STR(password); 330 DUP_CTX_STR(server_hostname); 331 DUP_CTX_STR(UNC); 332 DUP_CTX_STR(source); 333 DUP_CTX_STR(domainname); 334 DUP_CTX_STR(nodename); 335 DUP_CTX_STR(iocharset); 336 DUP_CTX_STR(leaf_fullpath); 337 338 return 0; 339 } 340 341 static int 342 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 343 { 344 substring_t args[MAX_OPT_ARGS]; 345 346 switch (match_token(value, cifs_smb_version_tokens, args)) { 347 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 348 case Smb_1: 349 if (disable_legacy_dialects) { 350 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 351 return 1; 352 } 353 if (is_smb3) { 354 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 355 return 1; 356 } 357 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 358 ctx->ops = &smb1_operations; 359 ctx->vals = &smb1_values; 360 break; 361 case Smb_20: 362 if (disable_legacy_dialects) { 363 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 364 return 1; 365 } 366 if (is_smb3) { 367 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 368 return 1; 369 } 370 ctx->ops = &smb20_operations; 371 ctx->vals = &smb20_values; 372 break; 373 #else 374 case Smb_1: 375 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 376 return 1; 377 case Smb_20: 378 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 379 return 1; 380 #endif /* CIFS_ALLOW_INSECURE_LEGACY */ 381 case Smb_21: 382 ctx->ops = &smb21_operations; 383 ctx->vals = &smb21_values; 384 break; 385 case Smb_30: 386 ctx->ops = &smb30_operations; 387 ctx->vals = &smb30_values; 388 break; 389 case Smb_302: 390 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 391 ctx->vals = &smb302_values; 392 break; 393 case Smb_311: 394 ctx->ops = &smb311_operations; 395 ctx->vals = &smb311_values; 396 break; 397 case Smb_3any: 398 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 399 ctx->vals = &smb3any_values; 400 break; 401 case Smb_default: 402 ctx->ops = &smb30_operations; 403 ctx->vals = &smbdefault_values; 404 break; 405 default: 406 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 407 return 1; 408 } 409 return 0; 410 } 411 412 int smb3_parse_opt(const char *options, const char *key, char **val) 413 { 414 int rc = -ENOENT; 415 char *opts, *orig, *p; 416 417 orig = opts = kstrdup(options, GFP_KERNEL); 418 if (!opts) 419 return -ENOMEM; 420 421 while ((p = strsep(&opts, ","))) { 422 char *nval; 423 424 if (!*p) 425 continue; 426 if (strncasecmp(p, key, strlen(key))) 427 continue; 428 nval = strchr(p, '='); 429 if (nval) { 430 if (nval == p) 431 continue; 432 *nval++ = 0; 433 *val = kstrdup(nval, GFP_KERNEL); 434 rc = !*val ? -ENOMEM : 0; 435 goto out; 436 } 437 } 438 out: 439 kfree(orig); 440 return rc; 441 } 442 443 /* 444 * Remove duplicate path delimiters. Windows is supposed to do that 445 * but there are some bugs that prevent rename from working if there are 446 * multiple delimiters. 447 * 448 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 449 * Otherwise, return ERR_PTR. 450 * 451 * @gfp indicates the GFP_* flags for kstrdup. 452 * The caller is responsible for freeing the original. 453 */ 454 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 455 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 456 { 457 char *cursor1 = prepath, *cursor2 = prepath; 458 char *s; 459 460 /* skip all prepended delimiters */ 461 while (IS_DELIM(*cursor1)) 462 cursor1++; 463 464 /* copy the first letter */ 465 *cursor2 = *cursor1; 466 467 /* copy the remainder... */ 468 while (*(cursor1++)) { 469 /* ... skipping all duplicated delimiters */ 470 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 471 continue; 472 *(++cursor2) = *cursor1; 473 } 474 475 /* if the last character is a delimiter, skip it */ 476 if (IS_DELIM(*(cursor2 - 1))) 477 cursor2--; 478 479 *cursor2 = '\0'; 480 if (!*prepath) 481 return NULL; 482 s = kstrdup(prepath, gfp); 483 if (!s) 484 return ERR_PTR(-ENOMEM); 485 return s; 486 } 487 488 /* 489 * Return full path based on the values of @ctx->{UNC,prepath}. 490 * 491 * It is assumed that both values were already parsed by smb3_parse_devname(). 492 */ 493 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 494 { 495 size_t ulen, plen; 496 char *s; 497 498 ulen = strlen(ctx->UNC); 499 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 500 501 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 502 if (!s) 503 return ERR_PTR(-ENOMEM); 504 memcpy(s, ctx->UNC, ulen); 505 if (plen) { 506 s[ulen] = dirsep; 507 memcpy(s + ulen + 1, ctx->prepath, plen); 508 } 509 s[ulen + plen] = '\0'; 510 convert_delimiter(s, dirsep); 511 return s; 512 } 513 514 /* 515 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 516 * fields with the result. Returns 0 on success and an error otherwise 517 * (e.g. ENOMEM or EINVAL) 518 */ 519 int 520 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 521 { 522 char *pos; 523 const char *delims = "/\\"; 524 size_t len; 525 int rc; 526 527 if (unlikely(!devname || !*devname)) { 528 cifs_dbg(VFS, "Device name not specified\n"); 529 return -EINVAL; 530 } 531 532 /* make sure we have a valid UNC double delimiter prefix */ 533 len = strspn(devname, delims); 534 if (len != 2) 535 return -EINVAL; 536 537 /* find delimiter between host and sharename */ 538 pos = strpbrk(devname + 2, delims); 539 if (!pos) 540 return -EINVAL; 541 542 /* record the server hostname */ 543 kfree(ctx->server_hostname); 544 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 545 if (!ctx->server_hostname) 546 return -ENOMEM; 547 548 /* skip past delimiter */ 549 ++pos; 550 551 /* now go until next delimiter or end of string */ 552 len = strcspn(pos, delims); 553 if (!len) 554 return -EINVAL; 555 556 /* move "pos" up to delimiter or NULL */ 557 pos += len; 558 kfree(ctx->UNC); 559 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 560 if (!ctx->UNC) 561 return -ENOMEM; 562 563 convert_delimiter(ctx->UNC, '\\'); 564 565 /* skip any delimiter */ 566 if (*pos == '/' || *pos == '\\') 567 pos++; 568 569 kfree(ctx->prepath); 570 ctx->prepath = NULL; 571 572 /* If pos is NULL then no prepath */ 573 if (!*pos) 574 return 0; 575 576 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 577 if (IS_ERR(ctx->prepath)) { 578 rc = PTR_ERR(ctx->prepath); 579 ctx->prepath = NULL; 580 return rc; 581 } 582 583 return 0; 584 } 585 586 static void smb3_fs_context_free(struct fs_context *fc); 587 static int smb3_fs_context_parse_param(struct fs_context *fc, 588 struct fs_parameter *param); 589 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 590 void *data); 591 static int smb3_get_tree(struct fs_context *fc); 592 static int smb3_reconfigure(struct fs_context *fc); 593 594 static const struct fs_context_operations smb3_fs_context_ops = { 595 .free = smb3_fs_context_free, 596 .parse_param = smb3_fs_context_parse_param, 597 .parse_monolithic = smb3_fs_context_parse_monolithic, 598 .get_tree = smb3_get_tree, 599 .reconfigure = smb3_reconfigure, 600 }; 601 602 /* 603 * Parse a monolithic block of data from sys_mount(). 604 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 605 * @ctx: The superblock configuration to fill in. 606 * @data: The data to parse 607 * 608 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 609 * called from the ->monolithic_mount_data() fs_context operation. 610 * 611 * Returns 0 on success or the error returned by the ->parse_option() fs_context 612 * operation on failure. 613 */ 614 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 615 void *data) 616 { 617 char *options = data, *key; 618 int ret = 0; 619 620 if (!options) 621 return 0; 622 623 ret = security_sb_eat_lsm_opts(options, &fc->security); 624 if (ret) 625 return ret; 626 627 /* BB Need to add support for sep= here TBD */ 628 while ((key = strsep(&options, ",")) != NULL) { 629 size_t len; 630 char *value; 631 632 if (*key == 0) 633 break; 634 635 /* Check if following character is the deliminator If yes, 636 * we have encountered a double deliminator reset the NULL 637 * character to the deliminator 638 */ 639 while (options && options[0] == ',') { 640 len = strlen(key); 641 strcpy(key + len, options); 642 options = strchr(options, ','); 643 if (options) 644 *options++ = 0; 645 } 646 647 648 len = 0; 649 value = strchr(key, '='); 650 if (value) { 651 if (value == key) 652 continue; 653 *value++ = 0; 654 len = strlen(value); 655 } 656 657 ret = vfs_parse_fs_string(fc, key, value, len); 658 if (ret < 0) 659 break; 660 } 661 662 return ret; 663 } 664 665 /* 666 * Validate the preparsed information in the config. 667 */ 668 static int smb3_fs_context_validate(struct fs_context *fc) 669 { 670 struct smb3_fs_context *ctx = smb3_fc2context(fc); 671 672 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 673 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 674 return -EOPNOTSUPP; 675 } 676 677 #ifndef CONFIG_KEYS 678 /* Muliuser mounts require CONFIG_KEYS support */ 679 if (ctx->multiuser) { 680 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 681 return -1; 682 } 683 #endif 684 685 if (ctx->got_version == false) 686 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 687 688 689 if (!ctx->UNC) { 690 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 691 return -1; 692 } 693 694 /* make sure UNC has a share name */ 695 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 696 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 697 return -ENOENT; 698 } 699 700 if (!ctx->got_ip) { 701 int len; 702 const char *slash; 703 704 /* No ip= option specified? Try to get it from UNC */ 705 /* Use the address part of the UNC. */ 706 slash = strchr(&ctx->UNC[2], '\\'); 707 len = slash - &ctx->UNC[2]; 708 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 709 &ctx->UNC[2], len)) { 710 pr_err("Unable to determine destination address\n"); 711 return -EHOSTUNREACH; 712 } 713 } 714 715 /* set the port that we got earlier */ 716 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 717 718 if (ctx->override_uid && !ctx->uid_specified) { 719 ctx->override_uid = 0; 720 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 721 } 722 723 if (ctx->override_gid && !ctx->gid_specified) { 724 ctx->override_gid = 0; 725 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 726 } 727 728 return 0; 729 } 730 731 static int smb3_get_tree_common(struct fs_context *fc) 732 { 733 struct smb3_fs_context *ctx = smb3_fc2context(fc); 734 struct dentry *root; 735 int rc = 0; 736 737 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 738 if (IS_ERR(root)) 739 return PTR_ERR(root); 740 741 fc->root = root; 742 743 return rc; 744 } 745 746 /* 747 * Create an SMB3 superblock from the parameters passed. 748 */ 749 static int smb3_get_tree(struct fs_context *fc) 750 { 751 int err = smb3_fs_context_validate(fc); 752 int ret; 753 754 if (err) 755 return err; 756 mutex_lock(&cifs_mount_mutex); 757 ret = smb3_get_tree_common(fc); 758 mutex_unlock(&cifs_mount_mutex); 759 return ret; 760 } 761 762 static void smb3_fs_context_free(struct fs_context *fc) 763 { 764 struct smb3_fs_context *ctx = smb3_fc2context(fc); 765 766 smb3_cleanup_fs_context(ctx); 767 } 768 769 /* 770 * Compare the old and new proposed context during reconfigure 771 * and check if the changes are compatible. 772 */ 773 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 774 struct smb3_fs_context *new_ctx, 775 struct smb3_fs_context *old_ctx) 776 { 777 if (new_ctx->posix_paths != old_ctx->posix_paths) { 778 cifs_errorf(fc, "can not change posixpaths during remount\n"); 779 return -EINVAL; 780 } 781 if (new_ctx->sectype != old_ctx->sectype) { 782 cifs_errorf(fc, "can not change sec during remount\n"); 783 return -EINVAL; 784 } 785 if (new_ctx->multiuser != old_ctx->multiuser) { 786 cifs_errorf(fc, "can not change multiuser during remount\n"); 787 return -EINVAL; 788 } 789 if (new_ctx->UNC && 790 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 791 cifs_errorf(fc, "can not change UNC during remount\n"); 792 return -EINVAL; 793 } 794 if (new_ctx->username && 795 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 796 cifs_errorf(fc, "can not change username during remount\n"); 797 return -EINVAL; 798 } 799 if (new_ctx->password && 800 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 801 cifs_errorf(fc, "can not change password during remount\n"); 802 return -EINVAL; 803 } 804 if (new_ctx->domainname && 805 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 806 cifs_errorf(fc, "can not change domainname during remount\n"); 807 return -EINVAL; 808 } 809 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 810 cifs_errorf(fc, "can not change workstation_name during remount\n"); 811 return -EINVAL; 812 } 813 if (new_ctx->nodename && 814 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 815 cifs_errorf(fc, "can not change nodename during remount\n"); 816 return -EINVAL; 817 } 818 if (new_ctx->iocharset && 819 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 820 cifs_errorf(fc, "can not change iocharset during remount\n"); 821 return -EINVAL; 822 } 823 824 return 0; 825 } 826 827 #define STEAL_STRING(cifs_sb, ctx, field) \ 828 do { \ 829 kfree(ctx->field); \ 830 ctx->field = cifs_sb->ctx->field; \ 831 cifs_sb->ctx->field = NULL; \ 832 } while (0) 833 834 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 835 do { \ 836 kfree_sensitive(ctx->field); \ 837 ctx->field = cifs_sb->ctx->field; \ 838 cifs_sb->ctx->field = NULL; \ 839 } while (0) 840 841 static int smb3_reconfigure(struct fs_context *fc) 842 { 843 struct smb3_fs_context *ctx = smb3_fc2context(fc); 844 struct dentry *root = fc->root; 845 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 846 int rc; 847 848 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx); 849 if (rc) 850 return rc; 851 852 /* 853 * We can not change UNC/username/password/domainname/ 854 * workstation_name/nodename/iocharset 855 * during reconnect so ignore what we have in the new context and 856 * just use what we already have in cifs_sb->ctx. 857 */ 858 STEAL_STRING(cifs_sb, ctx, UNC); 859 STEAL_STRING(cifs_sb, ctx, source); 860 STEAL_STRING(cifs_sb, ctx, username); 861 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 862 STEAL_STRING(cifs_sb, ctx, domainname); 863 STEAL_STRING(cifs_sb, ctx, nodename); 864 STEAL_STRING(cifs_sb, ctx, iocharset); 865 866 /* if rsize or wsize not passed in on remount, use previous values */ 867 if (ctx->rsize == 0) 868 ctx->rsize = cifs_sb->ctx->rsize; 869 if (ctx->wsize == 0) 870 ctx->wsize = cifs_sb->ctx->wsize; 871 872 873 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 874 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 875 smb3_update_mnt_flags(cifs_sb); 876 #ifdef CONFIG_CIFS_DFS_UPCALL 877 if (!rc) 878 rc = dfs_cache_remount_fs(cifs_sb); 879 #endif 880 881 return rc; 882 } 883 884 static int smb3_fs_context_parse_param(struct fs_context *fc, 885 struct fs_parameter *param) 886 { 887 struct fs_parse_result result; 888 struct smb3_fs_context *ctx = smb3_fc2context(fc); 889 int i, opt; 890 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 891 bool skip_parsing = false; 892 kuid_t uid; 893 kgid_t gid; 894 895 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 896 897 /* 898 * fs_parse can not handle string options with an empty value so 899 * we will need special handling of them. 900 */ 901 if (param->type == fs_value_is_string && param->string[0] == 0) { 902 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 903 skip_parsing = true; 904 opt = Opt_pass; 905 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 906 skip_parsing = true; 907 opt = Opt_user; 908 } 909 } 910 911 if (!skip_parsing) { 912 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 913 if (opt < 0) 914 return ctx->sloppy ? 1 : opt; 915 } 916 917 switch (opt) { 918 case Opt_compress: 919 ctx->compression = UNKNOWN_TYPE; 920 cifs_dbg(VFS, 921 "SMB3 compression support is experimental\n"); 922 break; 923 case Opt_nodfs: 924 ctx->nodfs = 1; 925 break; 926 case Opt_hard: 927 if (result.negated) { 928 if (ctx->retry == 1) 929 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 930 ctx->retry = 0; 931 } else 932 ctx->retry = 1; 933 break; 934 case Opt_soft: 935 if (result.negated) 936 ctx->retry = 1; 937 else { 938 if (ctx->retry == 1) 939 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 940 ctx->retry = 0; 941 } 942 break; 943 case Opt_mapposix: 944 if (result.negated) 945 ctx->remap = false; 946 else { 947 ctx->remap = true; 948 ctx->sfu_remap = false; /* disable SFU mapping */ 949 } 950 break; 951 case Opt_mapchars: 952 if (result.negated) 953 ctx->sfu_remap = false; 954 else { 955 ctx->sfu_remap = true; 956 ctx->remap = false; /* disable SFM (mapposix) mapping */ 957 } 958 break; 959 case Opt_user_xattr: 960 if (result.negated) 961 ctx->no_xattr = 1; 962 else 963 ctx->no_xattr = 0; 964 break; 965 case Opt_forceuid: 966 if (result.negated) 967 ctx->override_uid = 0; 968 else 969 ctx->override_uid = 1; 970 break; 971 case Opt_forcegid: 972 if (result.negated) 973 ctx->override_gid = 0; 974 else 975 ctx->override_gid = 1; 976 break; 977 case Opt_perm: 978 if (result.negated) 979 ctx->noperm = 1; 980 else 981 ctx->noperm = 0; 982 break; 983 case Opt_dynperm: 984 if (result.negated) 985 ctx->dynperm = 0; 986 else 987 ctx->dynperm = 1; 988 break; 989 case Opt_sfu: 990 if (result.negated) 991 ctx->sfu_emul = 0; 992 else 993 ctx->sfu_emul = 1; 994 break; 995 case Opt_noblocksend: 996 ctx->noblocksnd = 1; 997 break; 998 case Opt_noautotune: 999 ctx->noautotune = 1; 1000 break; 1001 case Opt_nolease: 1002 ctx->no_lease = 1; 1003 break; 1004 case Opt_nosparse: 1005 ctx->no_sparse = 1; 1006 break; 1007 case Opt_nodelete: 1008 ctx->nodelete = 1; 1009 break; 1010 case Opt_multichannel: 1011 if (result.negated) { 1012 ctx->multichannel = false; 1013 ctx->max_channels = 1; 1014 } else { 1015 ctx->multichannel = true; 1016 /* if number of channels not specified, default to 2 */ 1017 if (ctx->max_channels < 2) 1018 ctx->max_channels = 2; 1019 } 1020 break; 1021 case Opt_uid: 1022 uid = make_kuid(current_user_ns(), result.uint_32); 1023 if (!uid_valid(uid)) 1024 goto cifs_parse_mount_err; 1025 ctx->linux_uid = uid; 1026 ctx->uid_specified = true; 1027 break; 1028 case Opt_cruid: 1029 uid = make_kuid(current_user_ns(), result.uint_32); 1030 if (!uid_valid(uid)) 1031 goto cifs_parse_mount_err; 1032 ctx->cred_uid = uid; 1033 ctx->cruid_specified = true; 1034 break; 1035 case Opt_backupuid: 1036 uid = make_kuid(current_user_ns(), result.uint_32); 1037 if (!uid_valid(uid)) 1038 goto cifs_parse_mount_err; 1039 ctx->backupuid = uid; 1040 ctx->backupuid_specified = true; 1041 break; 1042 case Opt_backupgid: 1043 gid = make_kgid(current_user_ns(), result.uint_32); 1044 if (!gid_valid(gid)) 1045 goto cifs_parse_mount_err; 1046 ctx->backupgid = gid; 1047 ctx->backupgid_specified = true; 1048 break; 1049 case Opt_gid: 1050 gid = make_kgid(current_user_ns(), result.uint_32); 1051 if (!gid_valid(gid)) 1052 goto cifs_parse_mount_err; 1053 ctx->linux_gid = gid; 1054 ctx->gid_specified = true; 1055 break; 1056 case Opt_port: 1057 ctx->port = result.uint_32; 1058 break; 1059 case Opt_file_mode: 1060 ctx->file_mode = result.uint_32; 1061 break; 1062 case Opt_dirmode: 1063 ctx->dir_mode = result.uint_32; 1064 break; 1065 case Opt_min_enc_offload: 1066 ctx->min_offload = result.uint_32; 1067 break; 1068 case Opt_retrans: 1069 ctx->retrans = result.uint_32; 1070 break; 1071 case Opt_blocksize: 1072 /* 1073 * inode blocksize realistically should never need to be 1074 * less than 16K or greater than 16M and default is 1MB. 1075 * Note that small inode block sizes (e.g. 64K) can lead 1076 * to very poor performance of common tools like cp and scp 1077 */ 1078 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1079 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1080 cifs_errorf(fc, "%s: Invalid blocksize\n", 1081 __func__); 1082 goto cifs_parse_mount_err; 1083 } 1084 ctx->bsize = result.uint_32; 1085 ctx->got_bsize = true; 1086 break; 1087 case Opt_rasize: 1088 /* 1089 * readahead size realistically should never need to be 1090 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1091 * (perhaps an exception should be considered in the 1092 * for the case of a large number of channels 1093 * when multichannel is negotiated) since that would lead 1094 * to plenty of parallel I/O in flight to the server. 1095 * Note that smaller read ahead sizes would 1096 * hurt performance of common tools like cp and scp 1097 * which often trigger sequential i/o with read ahead 1098 */ 1099 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1100 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1101 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1102 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1103 goto cifs_parse_mount_err; 1104 } 1105 ctx->rasize = result.uint_32; 1106 break; 1107 case Opt_rsize: 1108 ctx->rsize = result.uint_32; 1109 ctx->got_rsize = true; 1110 break; 1111 case Opt_wsize: 1112 ctx->wsize = result.uint_32; 1113 ctx->got_wsize = true; 1114 if (ctx->wsize % PAGE_SIZE != 0) { 1115 ctx->wsize = round_down(ctx->wsize, PAGE_SIZE); 1116 if (ctx->wsize == 0) { 1117 ctx->wsize = PAGE_SIZE; 1118 cifs_dbg(VFS, "wsize too small, reset to minimum %ld\n", PAGE_SIZE); 1119 } else { 1120 cifs_dbg(VFS, 1121 "wsize rounded down to %d to multiple of PAGE_SIZE %ld\n", 1122 ctx->wsize, PAGE_SIZE); 1123 } 1124 } 1125 break; 1126 case Opt_acregmax: 1127 ctx->acregmax = HZ * result.uint_32; 1128 if (ctx->acregmax > CIFS_MAX_ACTIMEO) { 1129 cifs_errorf(fc, "acregmax too large\n"); 1130 goto cifs_parse_mount_err; 1131 } 1132 break; 1133 case Opt_acdirmax: 1134 ctx->acdirmax = HZ * result.uint_32; 1135 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) { 1136 cifs_errorf(fc, "acdirmax too large\n"); 1137 goto cifs_parse_mount_err; 1138 } 1139 break; 1140 case Opt_actimeo: 1141 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) { 1142 cifs_errorf(fc, "timeout too large\n"); 1143 goto cifs_parse_mount_err; 1144 } 1145 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1146 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1147 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1148 break; 1149 } 1150 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1151 break; 1152 case Opt_closetimeo: 1153 ctx->closetimeo = HZ * result.uint_32; 1154 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) { 1155 cifs_errorf(fc, "closetimeo too large\n"); 1156 goto cifs_parse_mount_err; 1157 } 1158 break; 1159 case Opt_echo_interval: 1160 ctx->echo_interval = result.uint_32; 1161 break; 1162 case Opt_snapshot: 1163 ctx->snapshot_time = result.uint_64; 1164 break; 1165 case Opt_max_credits: 1166 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1167 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1168 __func__); 1169 goto cifs_parse_mount_err; 1170 } 1171 ctx->max_credits = result.uint_32; 1172 break; 1173 case Opt_max_channels: 1174 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1175 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1176 __func__, CIFS_MAX_CHANNELS); 1177 goto cifs_parse_mount_err; 1178 } 1179 ctx->max_channels = result.uint_32; 1180 /* If more than one channel requested ... they want multichan */ 1181 if (result.uint_32 > 1) 1182 ctx->multichannel = true; 1183 break; 1184 case Opt_max_cached_dirs: 1185 if (result.uint_32 < 1) { 1186 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n", 1187 __func__); 1188 goto cifs_parse_mount_err; 1189 } 1190 ctx->max_cached_dirs = result.uint_32; 1191 break; 1192 case Opt_handletimeout: 1193 ctx->handle_timeout = result.uint_32; 1194 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1195 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1196 goto cifs_parse_mount_err; 1197 } 1198 break; 1199 case Opt_source: 1200 kfree(ctx->UNC); 1201 ctx->UNC = NULL; 1202 switch (smb3_parse_devname(param->string, ctx)) { 1203 case 0: 1204 break; 1205 case -ENOMEM: 1206 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1207 goto cifs_parse_mount_err; 1208 case -EINVAL: 1209 cifs_errorf(fc, "Malformed UNC in devname\n"); 1210 goto cifs_parse_mount_err; 1211 default: 1212 cifs_errorf(fc, "Unknown error parsing devname\n"); 1213 goto cifs_parse_mount_err; 1214 } 1215 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1216 if (IS_ERR(ctx->source)) { 1217 ctx->source = NULL; 1218 cifs_errorf(fc, "OOM when copying UNC string\n"); 1219 goto cifs_parse_mount_err; 1220 } 1221 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1222 if (fc->source == NULL) { 1223 cifs_errorf(fc, "OOM when copying UNC string\n"); 1224 goto cifs_parse_mount_err; 1225 } 1226 break; 1227 case Opt_user: 1228 kfree(ctx->username); 1229 ctx->username = NULL; 1230 if (ctx->nullauth) 1231 break; 1232 if (strlen(param->string) == 0) { 1233 /* null user, ie. anonymous authentication */ 1234 ctx->nullauth = 1; 1235 break; 1236 } 1237 1238 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) > 1239 CIFS_MAX_USERNAME_LEN) { 1240 pr_warn("username too long\n"); 1241 goto cifs_parse_mount_err; 1242 } 1243 ctx->username = kstrdup(param->string, GFP_KERNEL); 1244 if (ctx->username == NULL) { 1245 cifs_errorf(fc, "OOM when copying username string\n"); 1246 goto cifs_parse_mount_err; 1247 } 1248 break; 1249 case Opt_pass: 1250 kfree_sensitive(ctx->password); 1251 ctx->password = NULL; 1252 if (strlen(param->string) == 0) 1253 break; 1254 1255 ctx->password = kstrdup(param->string, GFP_KERNEL); 1256 if (ctx->password == NULL) { 1257 cifs_errorf(fc, "OOM when copying password string\n"); 1258 goto cifs_parse_mount_err; 1259 } 1260 break; 1261 case Opt_ip: 1262 if (strlen(param->string) == 0) { 1263 ctx->got_ip = false; 1264 break; 1265 } 1266 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1267 param->string, 1268 strlen(param->string))) { 1269 pr_err("bad ip= option (%s)\n", param->string); 1270 goto cifs_parse_mount_err; 1271 } 1272 ctx->got_ip = true; 1273 break; 1274 case Opt_domain: 1275 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1276 == CIFS_MAX_DOMAINNAME_LEN) { 1277 pr_warn("domain name too long\n"); 1278 goto cifs_parse_mount_err; 1279 } 1280 1281 kfree(ctx->domainname); 1282 ctx->domainname = kstrdup(param->string, GFP_KERNEL); 1283 if (ctx->domainname == NULL) { 1284 cifs_errorf(fc, "OOM when copying domainname string\n"); 1285 goto cifs_parse_mount_err; 1286 } 1287 cifs_dbg(FYI, "Domain name set\n"); 1288 break; 1289 case Opt_srcaddr: 1290 if (!cifs_convert_address( 1291 (struct sockaddr *)&ctx->srcaddr, 1292 param->string, strlen(param->string))) { 1293 pr_warn("Could not parse srcaddr: %s\n", 1294 param->string); 1295 goto cifs_parse_mount_err; 1296 } 1297 break; 1298 case Opt_iocharset: 1299 if (strnlen(param->string, 1024) >= 65) { 1300 pr_warn("iocharset name too long\n"); 1301 goto cifs_parse_mount_err; 1302 } 1303 1304 if (strncasecmp(param->string, "default", 7) != 0) { 1305 kfree(ctx->iocharset); 1306 ctx->iocharset = kstrdup(param->string, GFP_KERNEL); 1307 if (ctx->iocharset == NULL) { 1308 cifs_errorf(fc, "OOM when copying iocharset string\n"); 1309 goto cifs_parse_mount_err; 1310 } 1311 } 1312 /* if iocharset not set then load_nls_default 1313 * is used by caller 1314 */ 1315 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1316 break; 1317 case Opt_netbiosname: 1318 memset(ctx->source_rfc1001_name, 0x20, 1319 RFC1001_NAME_LEN); 1320 /* 1321 * FIXME: are there cases in which a comma can 1322 * be valid in workstation netbios name (and 1323 * need special handling)? 1324 */ 1325 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1326 /* don't ucase netbiosname for user */ 1327 if (param->string[i] == 0) 1328 break; 1329 ctx->source_rfc1001_name[i] = param->string[i]; 1330 } 1331 /* The string has 16th byte zero still from 1332 * set at top of the function 1333 */ 1334 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1335 pr_warn("netbiosname longer than 15 truncated\n"); 1336 break; 1337 case Opt_servern: 1338 /* last byte, type, is 0x20 for servr type */ 1339 memset(ctx->target_rfc1001_name, 0x20, 1340 RFC1001_NAME_LEN_WITH_NULL); 1341 /* 1342 * BB are there cases in which a comma can be valid in this 1343 * workstation netbios name (and need special handling)? 1344 */ 1345 1346 /* user or mount helper must uppercase the netbios name */ 1347 for (i = 0; i < 15; i++) { 1348 if (param->string[i] == 0) 1349 break; 1350 ctx->target_rfc1001_name[i] = param->string[i]; 1351 } 1352 1353 /* The string has 16th byte zero still from set at top of function */ 1354 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1355 pr_warn("server netbiosname longer than 15 truncated\n"); 1356 break; 1357 case Opt_ver: 1358 /* version of mount userspace tools, not dialect */ 1359 /* If interface changes in mount.cifs bump to new ver */ 1360 if (strncasecmp(param->string, "1", 1) == 0) { 1361 if (strlen(param->string) > 1) { 1362 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1363 param->string); 1364 goto cifs_parse_mount_err; 1365 } 1366 /* This is the default */ 1367 break; 1368 } 1369 /* For all other value, error */ 1370 pr_warn("Invalid mount helper version specified\n"); 1371 goto cifs_parse_mount_err; 1372 case Opt_vers: 1373 /* protocol version (dialect) */ 1374 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1375 goto cifs_parse_mount_err; 1376 ctx->got_version = true; 1377 break; 1378 case Opt_sec: 1379 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1380 goto cifs_parse_mount_err; 1381 break; 1382 case Opt_cache: 1383 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1384 goto cifs_parse_mount_err; 1385 break; 1386 case Opt_witness: 1387 #ifndef CONFIG_CIFS_SWN_UPCALL 1388 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1389 goto cifs_parse_mount_err; 1390 #endif 1391 ctx->witness = true; 1392 pr_warn_once("Witness protocol support is experimental\n"); 1393 break; 1394 case Opt_rootfs: 1395 #ifndef CONFIG_CIFS_ROOT 1396 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1397 goto cifs_parse_mount_err; 1398 #endif 1399 ctx->rootfs = true; 1400 break; 1401 case Opt_posixpaths: 1402 if (result.negated) 1403 ctx->posix_paths = 0; 1404 else 1405 ctx->posix_paths = 1; 1406 break; 1407 case Opt_unix: 1408 if (result.negated) { 1409 if (ctx->linux_ext == 1) 1410 pr_warn_once("conflicting posix mount options specified\n"); 1411 ctx->linux_ext = 0; 1412 ctx->no_linux_ext = 1; 1413 } else { 1414 if (ctx->no_linux_ext == 1) 1415 pr_warn_once("conflicting posix mount options specified\n"); 1416 ctx->linux_ext = 1; 1417 ctx->no_linux_ext = 0; 1418 } 1419 break; 1420 case Opt_nocase: 1421 ctx->nocase = 1; 1422 break; 1423 case Opt_brl: 1424 if (result.negated) { 1425 /* 1426 * turn off mandatory locking in mode 1427 * if remote locking is turned off since the 1428 * local vfs will do advisory 1429 */ 1430 if (ctx->file_mode == 1431 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1432 ctx->file_mode = S_IALLUGO; 1433 ctx->nobrl = 1; 1434 } else 1435 ctx->nobrl = 0; 1436 break; 1437 case Opt_handlecache: 1438 if (result.negated) 1439 ctx->nohandlecache = 1; 1440 else 1441 ctx->nohandlecache = 0; 1442 break; 1443 case Opt_forcemandatorylock: 1444 ctx->mand_lock = 1; 1445 break; 1446 case Opt_setuids: 1447 ctx->setuids = result.negated; 1448 break; 1449 case Opt_intr: 1450 ctx->intr = !result.negated; 1451 break; 1452 case Opt_setuidfromacl: 1453 ctx->setuidfromacl = 1; 1454 break; 1455 case Opt_strictsync: 1456 ctx->nostrictsync = result.negated; 1457 break; 1458 case Opt_serverino: 1459 ctx->server_ino = !result.negated; 1460 break; 1461 case Opt_rwpidforward: 1462 ctx->rwpidforward = 1; 1463 break; 1464 case Opt_modesid: 1465 ctx->mode_ace = 1; 1466 break; 1467 case Opt_cifsacl: 1468 ctx->cifs_acl = !result.negated; 1469 break; 1470 case Opt_acl: 1471 ctx->no_psx_acl = result.negated; 1472 break; 1473 case Opt_locallease: 1474 ctx->local_lease = 1; 1475 break; 1476 case Opt_sign: 1477 ctx->sign = true; 1478 break; 1479 case Opt_ignore_signature: 1480 ctx->sign = true; 1481 ctx->ignore_signature = true; 1482 break; 1483 case Opt_seal: 1484 /* we do not do the following in secFlags because seal 1485 * is a per tree connection (mount) not a per socket 1486 * or per-smb connection option in the protocol 1487 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1488 */ 1489 ctx->seal = 1; 1490 break; 1491 case Opt_noac: 1492 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1493 break; 1494 case Opt_fsc: 1495 #ifndef CONFIG_CIFS_FSCACHE 1496 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1497 goto cifs_parse_mount_err; 1498 #endif 1499 ctx->fsc = true; 1500 break; 1501 case Opt_mfsymlinks: 1502 ctx->mfsymlinks = true; 1503 break; 1504 case Opt_multiuser: 1505 ctx->multiuser = true; 1506 break; 1507 case Opt_sloppy: 1508 ctx->sloppy = true; 1509 break; 1510 case Opt_nosharesock: 1511 ctx->nosharesock = true; 1512 break; 1513 case Opt_persistent: 1514 if (result.negated) { 1515 ctx->nopersistent = true; 1516 if (ctx->persistent) { 1517 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1518 goto cifs_parse_mount_err; 1519 } 1520 } else { 1521 ctx->persistent = true; 1522 if ((ctx->nopersistent) || (ctx->resilient)) { 1523 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1524 goto cifs_parse_mount_err; 1525 } 1526 } 1527 break; 1528 case Opt_resilient: 1529 if (result.negated) { 1530 ctx->resilient = false; /* already the default */ 1531 } else { 1532 ctx->resilient = true; 1533 if (ctx->persistent) { 1534 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1535 goto cifs_parse_mount_err; 1536 } 1537 } 1538 break; 1539 case Opt_tcp_nodelay: 1540 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1541 if (result.negated) 1542 ctx->sockopt_tcp_nodelay = false; 1543 else 1544 ctx->sockopt_tcp_nodelay = true; 1545 break; 1546 case Opt_domainauto: 1547 ctx->domainauto = true; 1548 break; 1549 case Opt_rdma: 1550 ctx->rdma = true; 1551 break; 1552 } 1553 /* case Opt_ignore: - is ignored as expected ... */ 1554 1555 return 0; 1556 1557 cifs_parse_mount_err: 1558 kfree_sensitive(ctx->password); 1559 ctx->password = NULL; 1560 return -EINVAL; 1561 } 1562 1563 int smb3_init_fs_context(struct fs_context *fc) 1564 { 1565 struct smb3_fs_context *ctx; 1566 char *nodename = utsname()->nodename; 1567 int i; 1568 1569 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL); 1570 if (unlikely(!ctx)) 1571 return -ENOMEM; 1572 1573 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1574 1575 /* 1576 * does not have to be perfect mapping since field is 1577 * informational, only used for servers that do not support 1578 * port 445 and it can be overridden at mount time 1579 */ 1580 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1581 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1582 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1583 1584 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1585 /* 1586 * null target name indicates to use *SMBSERVR default called name 1587 * if we end up sending RFC1001 session initialize 1588 */ 1589 ctx->target_rfc1001_name[0] = 0; 1590 ctx->cred_uid = current_uid(); 1591 ctx->linux_uid = current_uid(); 1592 ctx->linux_gid = current_gid(); 1593 /* By default 4MB read ahead size, 1MB block size */ 1594 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1595 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1596 1597 /* 1598 * default to SFM style remapping of seven reserved characters 1599 * unless user overrides it or we negotiate CIFS POSIX where 1600 * it is unnecessary. Can not simultaneously use more than one mapping 1601 * since then readdir could list files that open could not open 1602 */ 1603 ctx->remap = true; 1604 1605 /* default to only allowing write access to owner of the mount */ 1606 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1607 1608 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1609 /* default is always to request posix paths. */ 1610 ctx->posix_paths = 1; 1611 /* default to using server inode numbers where available */ 1612 ctx->server_ino = 1; 1613 1614 /* default is to use strict cifs caching semantics */ 1615 ctx->strict_io = true; 1616 1617 ctx->acregmax = CIFS_DEF_ACTIMEO; 1618 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1619 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1620 ctx->max_cached_dirs = MAX_CACHED_FIDS; 1621 /* Most clients set timeout to 0, allows server to use its default */ 1622 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1623 1624 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1625 ctx->ops = &smb30_operations; 1626 ctx->vals = &smbdefault_values; 1627 1628 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1629 1630 /* default to no multichannel (single server connection) */ 1631 ctx->multichannel = false; 1632 ctx->max_channels = 1; 1633 1634 ctx->backupuid_specified = false; /* no backup intent for a user */ 1635 ctx->backupgid_specified = false; /* no backup intent for a group */ 1636 1637 ctx->retrans = 1; 1638 1639 /* 1640 * short int override_uid = -1; 1641 * short int override_gid = -1; 1642 * char *nodename = strdup(utsname()->nodename); 1643 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 1644 */ 1645 1646 fc->fs_private = ctx; 1647 fc->ops = &smb3_fs_context_ops; 1648 return 0; 1649 } 1650 1651 void 1652 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 1653 { 1654 if (ctx == NULL) 1655 return; 1656 1657 /* 1658 * Make sure this stays in sync with smb3_fs_context_dup() 1659 */ 1660 kfree(ctx->username); 1661 ctx->username = NULL; 1662 kfree_sensitive(ctx->password); 1663 ctx->password = NULL; 1664 kfree(ctx->server_hostname); 1665 ctx->server_hostname = NULL; 1666 kfree(ctx->UNC); 1667 ctx->UNC = NULL; 1668 kfree(ctx->source); 1669 ctx->source = NULL; 1670 kfree(ctx->domainname); 1671 ctx->domainname = NULL; 1672 kfree(ctx->nodename); 1673 ctx->nodename = NULL; 1674 kfree(ctx->iocharset); 1675 ctx->iocharset = NULL; 1676 kfree(ctx->prepath); 1677 ctx->prepath = NULL; 1678 kfree(ctx->leaf_fullpath); 1679 ctx->leaf_fullpath = NULL; 1680 } 1681 1682 void 1683 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 1684 { 1685 if (!ctx) 1686 return; 1687 smb3_cleanup_fs_context_contents(ctx); 1688 kfree(ctx); 1689 } 1690 1691 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 1692 { 1693 struct smb3_fs_context *ctx = cifs_sb->ctx; 1694 1695 if (ctx->nodfs) 1696 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS; 1697 else 1698 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS; 1699 1700 if (ctx->noperm) 1701 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1702 else 1703 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM; 1704 1705 if (ctx->setuids) 1706 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID; 1707 else 1708 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID; 1709 1710 if (ctx->setuidfromacl) 1711 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL; 1712 else 1713 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL; 1714 1715 if (ctx->server_ino) 1716 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM; 1717 else 1718 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM; 1719 1720 if (ctx->remap) 1721 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR; 1722 else 1723 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR; 1724 1725 if (ctx->sfu_remap) 1726 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 1727 else 1728 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 1729 1730 if (ctx->no_xattr) 1731 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR; 1732 else 1733 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR; 1734 1735 if (ctx->sfu_emul) 1736 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL; 1737 else 1738 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL; 1739 1740 if (ctx->nobrl) 1741 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL; 1742 else 1743 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL; 1744 1745 if (ctx->nohandlecache) 1746 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE; 1747 else 1748 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 1749 1750 if (ctx->nostrictsync) 1751 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC; 1752 else 1753 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC; 1754 1755 if (ctx->mand_lock) 1756 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL; 1757 else 1758 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL; 1759 1760 if (ctx->rwpidforward) 1761 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 1762 else 1763 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD; 1764 1765 if (ctx->mode_ace) 1766 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID; 1767 else 1768 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID; 1769 1770 if (ctx->cifs_acl) 1771 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 1772 else 1773 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL; 1774 1775 if (ctx->backupuid_specified) 1776 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 1777 else 1778 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 1779 1780 if (ctx->backupgid_specified) 1781 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 1782 else 1783 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 1784 1785 if (ctx->override_uid) 1786 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 1787 else 1788 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID; 1789 1790 if (ctx->override_gid) 1791 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID; 1792 else 1793 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID; 1794 1795 if (ctx->dynperm) 1796 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM; 1797 else 1798 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM; 1799 1800 if (ctx->fsc) 1801 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE; 1802 else 1803 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE; 1804 1805 if (ctx->multiuser) 1806 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 1807 CIFS_MOUNT_NO_PERM); 1808 else 1809 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER; 1810 1811 1812 if (ctx->strict_io) 1813 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO; 1814 else 1815 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO; 1816 1817 if (ctx->direct_io) 1818 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 1819 else 1820 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO; 1821 1822 if (ctx->mfsymlinks) 1823 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS; 1824 else 1825 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS; 1826 if (ctx->mfsymlinks) { 1827 if (ctx->sfu_emul) { 1828 /* 1829 * Our SFU ("Services for Unix" emulation does not allow 1830 * creating symlinks but does allow reading existing SFU 1831 * symlinks (it does allow both creating and reading SFU 1832 * style mknod and FIFOs though). When "mfsymlinks" and 1833 * "sfu" are both enabled at the same time, it allows 1834 * reading both types of symlinks, but will only create 1835 * them with mfsymlinks format. This allows better 1836 * Apple compatibility (probably better for Samba too) 1837 * while still recognizing old Windows style symlinks. 1838 */ 1839 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 1840 } 1841 } 1842 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN; 1843 1844 return; 1845 } 1846