1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifspdu.h" 30 #include "cifsglob.h" 31 #include "cifsproto.h" 32 #include "cifs_unicode.h" 33 #include "cifs_debug.h" 34 #include "cifs_fs_sb.h" 35 #include "ntlmssp.h" 36 #include "nterr.h" 37 #include "rfc1002pdu.h" 38 #include "fs_context.h" 39 40 static DEFINE_MUTEX(cifs_mount_mutex); 41 42 static const match_table_t cifs_smb_version_tokens = { 43 { Smb_1, SMB1_VERSION_STRING }, 44 { Smb_20, SMB20_VERSION_STRING}, 45 { Smb_21, SMB21_VERSION_STRING }, 46 { Smb_30, SMB30_VERSION_STRING }, 47 { Smb_302, SMB302_VERSION_STRING }, 48 { Smb_302, ALT_SMB302_VERSION_STRING }, 49 { Smb_311, SMB311_VERSION_STRING }, 50 { Smb_311, ALT_SMB311_VERSION_STRING }, 51 { Smb_3any, SMB3ANY_VERSION_STRING }, 52 { Smb_default, SMBDEFAULT_VERSION_STRING }, 53 { Smb_version_err, NULL } 54 }; 55 56 static const match_table_t cifs_secflavor_tokens = { 57 { Opt_sec_krb5, "krb5" }, 58 { Opt_sec_krb5i, "krb5i" }, 59 { Opt_sec_krb5p, "krb5p" }, 60 { Opt_sec_ntlmsspi, "ntlmsspi" }, 61 { Opt_sec_ntlmssp, "ntlmssp" }, 62 { Opt_sec_ntlmv2, "nontlm" }, 63 { Opt_sec_ntlmv2, "ntlmv2" }, 64 { Opt_sec_ntlmv2i, "ntlmv2i" }, 65 { Opt_sec_none, "none" }, 66 67 { Opt_sec_err, NULL } 68 }; 69 70 const struct fs_parameter_spec smb3_fs_parameters[] = { 71 /* Mount options that take no arguments */ 72 fsparam_flag_no("user_xattr", Opt_user_xattr), 73 fsparam_flag_no("forceuid", Opt_forceuid), 74 fsparam_flag_no("multichannel", Opt_multichannel), 75 fsparam_flag_no("forcegid", Opt_forcegid), 76 fsparam_flag("noblocksend", Opt_noblocksend), 77 fsparam_flag("noautotune", Opt_noautotune), 78 fsparam_flag("nolease", Opt_nolease), 79 fsparam_flag_no("hard", Opt_hard), 80 fsparam_flag_no("soft", Opt_soft), 81 fsparam_flag_no("perm", Opt_perm), 82 fsparam_flag("nodelete", Opt_nodelete), 83 fsparam_flag_no("mapposix", Opt_mapposix), 84 fsparam_flag("mapchars", Opt_mapchars), 85 fsparam_flag("nomapchars", Opt_nomapchars), 86 fsparam_flag_no("sfu", Opt_sfu), 87 fsparam_flag("nodfs", Opt_nodfs), 88 fsparam_flag_no("posixpaths", Opt_posixpaths), 89 fsparam_flag_no("unix", Opt_unix), 90 fsparam_flag_no("linux", Opt_unix), 91 fsparam_flag_no("posix", Opt_unix), 92 fsparam_flag("nocase", Opt_nocase), 93 fsparam_flag("ignorecase", Opt_nocase), 94 fsparam_flag_no("brl", Opt_brl), 95 fsparam_flag_no("handlecache", Opt_handlecache), 96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 97 fsparam_flag("forcemand", Opt_forcemandatorylock), 98 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 99 fsparam_flag("idsfromsid", Opt_setuidfromacl), 100 fsparam_flag_no("setuids", Opt_setuids), 101 fsparam_flag_no("dynperm", Opt_dynperm), 102 fsparam_flag_no("intr", Opt_intr), 103 fsparam_flag_no("strictsync", Opt_strictsync), 104 fsparam_flag_no("serverino", Opt_serverino), 105 fsparam_flag("rwpidforward", Opt_rwpidforward), 106 fsparam_flag("cifsacl", Opt_cifsacl), 107 fsparam_flag_no("acl", Opt_acl), 108 fsparam_flag("locallease", Opt_locallease), 109 fsparam_flag("sign", Opt_sign), 110 fsparam_flag("ignore_signature", Opt_ignore_signature), 111 fsparam_flag("signloosely", Opt_ignore_signature), 112 fsparam_flag("seal", Opt_seal), 113 fsparam_flag("noac", Opt_noac), 114 fsparam_flag("fsc", Opt_fsc), 115 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 116 fsparam_flag("multiuser", Opt_multiuser), 117 fsparam_flag("sloppy", Opt_sloppy), 118 fsparam_flag("nosharesock", Opt_nosharesock), 119 fsparam_flag_no("persistenthandles", Opt_persistent), 120 fsparam_flag_no("resilienthandles", Opt_resilient), 121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 122 fsparam_flag("nosparse", Opt_nosparse), 123 fsparam_flag("domainauto", Opt_domainauto), 124 fsparam_flag("rdma", Opt_rdma), 125 fsparam_flag("modesid", Opt_modesid), 126 fsparam_flag("modefromsid", Opt_modesid), 127 fsparam_flag("rootfs", Opt_rootfs), 128 fsparam_flag("compress", Opt_compress), 129 fsparam_flag("witness", Opt_witness), 130 131 /* Mount options which take numeric value */ 132 fsparam_u32("backupuid", Opt_backupuid), 133 fsparam_u32("backupgid", Opt_backupgid), 134 fsparam_u32("uid", Opt_uid), 135 fsparam_u32("cruid", Opt_cruid), 136 fsparam_u32("gid", Opt_gid), 137 fsparam_u32("file_mode", Opt_file_mode), 138 fsparam_u32("dirmode", Opt_dirmode), 139 fsparam_u32("dir_mode", Opt_dirmode), 140 fsparam_u32("port", Opt_port), 141 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 142 fsparam_u32("retrans", Opt_retrans), 143 fsparam_u32("esize", Opt_min_enc_offload), 144 fsparam_u32("bsize", Opt_blocksize), 145 fsparam_u32("rasize", Opt_rasize), 146 fsparam_u32("rsize", Opt_rsize), 147 fsparam_u32("wsize", Opt_wsize), 148 fsparam_u32("actimeo", Opt_actimeo), 149 fsparam_u32("acdirmax", Opt_acdirmax), 150 fsparam_u32("acregmax", Opt_acregmax), 151 fsparam_u32("closetimeo", Opt_closetimeo), 152 fsparam_u32("echo_interval", Opt_echo_interval), 153 fsparam_u32("max_credits", Opt_max_credits), 154 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs), 155 fsparam_u32("handletimeout", Opt_handletimeout), 156 fsparam_u64("snapshot", Opt_snapshot), 157 fsparam_u32("max_channels", Opt_max_channels), 158 159 /* Mount options which take string value */ 160 fsparam_string("source", Opt_source), 161 fsparam_string("user", Opt_user), 162 fsparam_string("username", Opt_user), 163 fsparam_string("pass", Opt_pass), 164 fsparam_string("password", Opt_pass), 165 fsparam_string("ip", Opt_ip), 166 fsparam_string("addr", Opt_ip), 167 fsparam_string("domain", Opt_domain), 168 fsparam_string("dom", Opt_domain), 169 fsparam_string("srcaddr", Opt_srcaddr), 170 fsparam_string("iocharset", Opt_iocharset), 171 fsparam_string("netbiosname", Opt_netbiosname), 172 fsparam_string("servern", Opt_servern), 173 fsparam_string("ver", Opt_ver), 174 fsparam_string("vers", Opt_vers), 175 fsparam_string("sec", Opt_sec), 176 fsparam_string("cache", Opt_cache), 177 178 /* Arguments that should be ignored */ 179 fsparam_flag("guest", Opt_ignore), 180 fsparam_flag("noatime", Opt_ignore), 181 fsparam_flag("relatime", Opt_ignore), 182 fsparam_flag("_netdev", Opt_ignore), 183 fsparam_flag_no("suid", Opt_ignore), 184 fsparam_flag_no("exec", Opt_ignore), 185 fsparam_flag_no("dev", Opt_ignore), 186 fsparam_flag_no("mand", Opt_ignore), 187 fsparam_flag_no("auto", Opt_ignore), 188 fsparam_string("cred", Opt_ignore), 189 fsparam_string("credentials", Opt_ignore), 190 /* 191 * UNC and prefixpath is now extracted from Opt_source 192 * in the new mount API so we can just ignore them going forward. 193 */ 194 fsparam_string("unc", Opt_ignore), 195 fsparam_string("prefixpath", Opt_ignore), 196 {} 197 }; 198 199 static int 200 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 201 { 202 203 substring_t args[MAX_OPT_ARGS]; 204 205 /* 206 * With mount options, the last one should win. Reset any existing 207 * settings back to default. 208 */ 209 ctx->sectype = Unspecified; 210 ctx->sign = false; 211 212 switch (match_token(value, cifs_secflavor_tokens, args)) { 213 case Opt_sec_krb5p: 214 cifs_errorf(fc, "sec=krb5p is not supported!\n"); 215 return 1; 216 case Opt_sec_krb5i: 217 ctx->sign = true; 218 fallthrough; 219 case Opt_sec_krb5: 220 ctx->sectype = Kerberos; 221 break; 222 case Opt_sec_ntlmsspi: 223 ctx->sign = true; 224 fallthrough; 225 case Opt_sec_ntlmssp: 226 ctx->sectype = RawNTLMSSP; 227 break; 228 case Opt_sec_ntlmv2i: 229 ctx->sign = true; 230 fallthrough; 231 case Opt_sec_ntlmv2: 232 ctx->sectype = NTLMv2; 233 break; 234 case Opt_sec_none: 235 ctx->nullauth = 1; 236 kfree(ctx->username); 237 ctx->username = NULL; 238 break; 239 default: 240 cifs_errorf(fc, "bad security option: %s\n", value); 241 return 1; 242 } 243 244 return 0; 245 } 246 247 static const match_table_t cifs_cacheflavor_tokens = { 248 { Opt_cache_loose, "loose" }, 249 { Opt_cache_strict, "strict" }, 250 { Opt_cache_none, "none" }, 251 { Opt_cache_ro, "ro" }, 252 { Opt_cache_rw, "singleclient" }, 253 { Opt_cache_err, NULL } 254 }; 255 256 static int 257 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 258 { 259 substring_t args[MAX_OPT_ARGS]; 260 261 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 262 case Opt_cache_loose: 263 ctx->direct_io = false; 264 ctx->strict_io = false; 265 ctx->cache_ro = false; 266 ctx->cache_rw = false; 267 break; 268 case Opt_cache_strict: 269 ctx->direct_io = false; 270 ctx->strict_io = true; 271 ctx->cache_ro = false; 272 ctx->cache_rw = false; 273 break; 274 case Opt_cache_none: 275 ctx->direct_io = true; 276 ctx->strict_io = false; 277 ctx->cache_ro = false; 278 ctx->cache_rw = false; 279 break; 280 case Opt_cache_ro: 281 ctx->direct_io = false; 282 ctx->strict_io = false; 283 ctx->cache_ro = true; 284 ctx->cache_rw = false; 285 break; 286 case Opt_cache_rw: 287 ctx->direct_io = false; 288 ctx->strict_io = false; 289 ctx->cache_ro = false; 290 ctx->cache_rw = true; 291 break; 292 default: 293 cifs_errorf(fc, "bad cache= option: %s\n", value); 294 return 1; 295 } 296 return 0; 297 } 298 299 #define DUP_CTX_STR(field) \ 300 do { \ 301 if (ctx->field) { \ 302 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 303 if (new_ctx->field == NULL) { \ 304 smb3_cleanup_fs_context_contents(new_ctx); \ 305 return -ENOMEM; \ 306 } \ 307 } \ 308 } while (0) 309 310 int 311 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 312 { 313 memcpy(new_ctx, ctx, sizeof(*ctx)); 314 new_ctx->prepath = NULL; 315 new_ctx->nodename = NULL; 316 new_ctx->username = NULL; 317 new_ctx->password = NULL; 318 new_ctx->server_hostname = NULL; 319 new_ctx->domainname = NULL; 320 new_ctx->UNC = NULL; 321 new_ctx->source = NULL; 322 new_ctx->iocharset = NULL; 323 new_ctx->leaf_fullpath = NULL; 324 /* 325 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 326 */ 327 DUP_CTX_STR(prepath); 328 DUP_CTX_STR(username); 329 DUP_CTX_STR(password); 330 DUP_CTX_STR(server_hostname); 331 DUP_CTX_STR(UNC); 332 DUP_CTX_STR(source); 333 DUP_CTX_STR(domainname); 334 DUP_CTX_STR(nodename); 335 DUP_CTX_STR(iocharset); 336 DUP_CTX_STR(leaf_fullpath); 337 338 return 0; 339 } 340 341 static int 342 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 343 { 344 substring_t args[MAX_OPT_ARGS]; 345 346 switch (match_token(value, cifs_smb_version_tokens, args)) { 347 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 348 case Smb_1: 349 if (disable_legacy_dialects) { 350 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 351 return 1; 352 } 353 if (is_smb3) { 354 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 355 return 1; 356 } 357 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 358 ctx->ops = &smb1_operations; 359 ctx->vals = &smb1_values; 360 break; 361 case Smb_20: 362 if (disable_legacy_dialects) { 363 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 364 return 1; 365 } 366 if (is_smb3) { 367 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 368 return 1; 369 } 370 ctx->ops = &smb20_operations; 371 ctx->vals = &smb20_values; 372 break; 373 #else 374 case Smb_1: 375 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 376 return 1; 377 case Smb_20: 378 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 379 return 1; 380 #endif /* CIFS_ALLOW_INSECURE_LEGACY */ 381 case Smb_21: 382 ctx->ops = &smb21_operations; 383 ctx->vals = &smb21_values; 384 break; 385 case Smb_30: 386 ctx->ops = &smb30_operations; 387 ctx->vals = &smb30_values; 388 break; 389 case Smb_302: 390 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 391 ctx->vals = &smb302_values; 392 break; 393 case Smb_311: 394 ctx->ops = &smb311_operations; 395 ctx->vals = &smb311_values; 396 break; 397 case Smb_3any: 398 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 399 ctx->vals = &smb3any_values; 400 break; 401 case Smb_default: 402 ctx->ops = &smb30_operations; 403 ctx->vals = &smbdefault_values; 404 break; 405 default: 406 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 407 return 1; 408 } 409 return 0; 410 } 411 412 int smb3_parse_opt(const char *options, const char *key, char **val) 413 { 414 int rc = -ENOENT; 415 char *opts, *orig, *p; 416 417 orig = opts = kstrdup(options, GFP_KERNEL); 418 if (!opts) 419 return -ENOMEM; 420 421 while ((p = strsep(&opts, ","))) { 422 char *nval; 423 424 if (!*p) 425 continue; 426 if (strncasecmp(p, key, strlen(key))) 427 continue; 428 nval = strchr(p, '='); 429 if (nval) { 430 if (nval == p) 431 continue; 432 *nval++ = 0; 433 *val = kstrdup(nval, GFP_KERNEL); 434 rc = !*val ? -ENOMEM : 0; 435 goto out; 436 } 437 } 438 out: 439 kfree(orig); 440 return rc; 441 } 442 443 /* 444 * Remove duplicate path delimiters. Windows is supposed to do that 445 * but there are some bugs that prevent rename from working if there are 446 * multiple delimiters. 447 * 448 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 449 * Otherwise, return ERR_PTR. 450 * 451 * @gfp indicates the GFP_* flags for kstrdup. 452 * The caller is responsible for freeing the original. 453 */ 454 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 455 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 456 { 457 char *cursor1 = prepath, *cursor2 = prepath; 458 char *s; 459 460 /* skip all prepended delimiters */ 461 while (IS_DELIM(*cursor1)) 462 cursor1++; 463 464 /* copy the first letter */ 465 *cursor2 = *cursor1; 466 467 /* copy the remainder... */ 468 while (*(cursor1++)) { 469 /* ... skipping all duplicated delimiters */ 470 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 471 continue; 472 *(++cursor2) = *cursor1; 473 } 474 475 /* if the last character is a delimiter, skip it */ 476 if (IS_DELIM(*(cursor2 - 1))) 477 cursor2--; 478 479 *cursor2 = '\0'; 480 if (!*prepath) 481 return NULL; 482 s = kstrdup(prepath, gfp); 483 if (!s) 484 return ERR_PTR(-ENOMEM); 485 return s; 486 } 487 488 /* 489 * Return full path based on the values of @ctx->{UNC,prepath}. 490 * 491 * It is assumed that both values were already parsed by smb3_parse_devname(). 492 */ 493 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 494 { 495 size_t ulen, plen; 496 char *s; 497 498 ulen = strlen(ctx->UNC); 499 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 500 501 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 502 if (!s) 503 return ERR_PTR(-ENOMEM); 504 memcpy(s, ctx->UNC, ulen); 505 if (plen) { 506 s[ulen] = dirsep; 507 memcpy(s + ulen + 1, ctx->prepath, plen); 508 } 509 s[ulen + plen] = '\0'; 510 convert_delimiter(s, dirsep); 511 return s; 512 } 513 514 /* 515 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 516 * fields with the result. Returns 0 on success and an error otherwise 517 * (e.g. ENOMEM or EINVAL) 518 */ 519 int 520 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 521 { 522 char *pos; 523 const char *delims = "/\\"; 524 size_t len; 525 int rc; 526 527 if (unlikely(!devname || !*devname)) { 528 cifs_dbg(VFS, "Device name not specified\n"); 529 return -EINVAL; 530 } 531 532 /* make sure we have a valid UNC double delimiter prefix */ 533 len = strspn(devname, delims); 534 if (len != 2) 535 return -EINVAL; 536 537 /* find delimiter between host and sharename */ 538 pos = strpbrk(devname + 2, delims); 539 if (!pos) 540 return -EINVAL; 541 542 /* record the server hostname */ 543 kfree(ctx->server_hostname); 544 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 545 if (!ctx->server_hostname) 546 return -ENOMEM; 547 548 /* skip past delimiter */ 549 ++pos; 550 551 /* now go until next delimiter or end of string */ 552 len = strcspn(pos, delims); 553 if (!len) 554 return -EINVAL; 555 556 /* move "pos" up to delimiter or NULL */ 557 pos += len; 558 kfree(ctx->UNC); 559 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 560 if (!ctx->UNC) 561 return -ENOMEM; 562 563 convert_delimiter(ctx->UNC, '\\'); 564 565 /* skip any delimiter */ 566 if (*pos == '/' || *pos == '\\') 567 pos++; 568 569 kfree(ctx->prepath); 570 ctx->prepath = NULL; 571 572 /* If pos is NULL then no prepath */ 573 if (!*pos) 574 return 0; 575 576 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 577 if (IS_ERR(ctx->prepath)) { 578 rc = PTR_ERR(ctx->prepath); 579 ctx->prepath = NULL; 580 return rc; 581 } 582 583 return 0; 584 } 585 586 static void smb3_fs_context_free(struct fs_context *fc); 587 static int smb3_fs_context_parse_param(struct fs_context *fc, 588 struct fs_parameter *param); 589 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 590 void *data); 591 static int smb3_get_tree(struct fs_context *fc); 592 static int smb3_reconfigure(struct fs_context *fc); 593 594 static const struct fs_context_operations smb3_fs_context_ops = { 595 .free = smb3_fs_context_free, 596 .parse_param = smb3_fs_context_parse_param, 597 .parse_monolithic = smb3_fs_context_parse_monolithic, 598 .get_tree = smb3_get_tree, 599 .reconfigure = smb3_reconfigure, 600 }; 601 602 /* 603 * Parse a monolithic block of data from sys_mount(). 604 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 605 * @ctx: The superblock configuration to fill in. 606 * @data: The data to parse 607 * 608 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 609 * called from the ->monolithic_mount_data() fs_context operation. 610 * 611 * Returns 0 on success or the error returned by the ->parse_option() fs_context 612 * operation on failure. 613 */ 614 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 615 void *data) 616 { 617 char *options = data, *key; 618 int ret = 0; 619 620 if (!options) 621 return 0; 622 623 ret = security_sb_eat_lsm_opts(options, &fc->security); 624 if (ret) 625 return ret; 626 627 /* BB Need to add support for sep= here TBD */ 628 while ((key = strsep(&options, ",")) != NULL) { 629 size_t len; 630 char *value; 631 632 if (*key == 0) 633 break; 634 635 /* Check if following character is the deliminator If yes, 636 * we have encountered a double deliminator reset the NULL 637 * character to the deliminator 638 */ 639 while (options && options[0] == ',') { 640 len = strlen(key); 641 strcpy(key + len, options); 642 options = strchr(options, ','); 643 if (options) 644 *options++ = 0; 645 } 646 647 648 len = 0; 649 value = strchr(key, '='); 650 if (value) { 651 if (value == key) 652 continue; 653 *value++ = 0; 654 len = strlen(value); 655 } 656 657 ret = vfs_parse_fs_string(fc, key, value, len); 658 if (ret < 0) 659 break; 660 } 661 662 return ret; 663 } 664 665 /* 666 * Validate the preparsed information in the config. 667 */ 668 static int smb3_fs_context_validate(struct fs_context *fc) 669 { 670 struct smb3_fs_context *ctx = smb3_fc2context(fc); 671 672 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 673 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 674 return -EOPNOTSUPP; 675 } 676 677 #ifndef CONFIG_KEYS 678 /* Muliuser mounts require CONFIG_KEYS support */ 679 if (ctx->multiuser) { 680 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 681 return -1; 682 } 683 #endif 684 685 if (ctx->got_version == false) 686 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 687 688 689 if (!ctx->UNC) { 690 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 691 return -1; 692 } 693 694 /* make sure UNC has a share name */ 695 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 696 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 697 return -ENOENT; 698 } 699 700 if (!ctx->got_ip) { 701 int len; 702 const char *slash; 703 704 /* No ip= option specified? Try to get it from UNC */ 705 /* Use the address part of the UNC. */ 706 slash = strchr(&ctx->UNC[2], '\\'); 707 len = slash - &ctx->UNC[2]; 708 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 709 &ctx->UNC[2], len)) { 710 pr_err("Unable to determine destination address\n"); 711 return -EHOSTUNREACH; 712 } 713 } 714 715 /* set the port that we got earlier */ 716 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 717 718 if (ctx->override_uid && !ctx->uid_specified) { 719 ctx->override_uid = 0; 720 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 721 } 722 723 if (ctx->override_gid && !ctx->gid_specified) { 724 ctx->override_gid = 0; 725 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 726 } 727 728 return 0; 729 } 730 731 static int smb3_get_tree_common(struct fs_context *fc) 732 { 733 struct smb3_fs_context *ctx = smb3_fc2context(fc); 734 struct dentry *root; 735 int rc = 0; 736 737 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 738 if (IS_ERR(root)) 739 return PTR_ERR(root); 740 741 fc->root = root; 742 743 return rc; 744 } 745 746 /* 747 * Create an SMB3 superblock from the parameters passed. 748 */ 749 static int smb3_get_tree(struct fs_context *fc) 750 { 751 int err = smb3_fs_context_validate(fc); 752 int ret; 753 754 if (err) 755 return err; 756 mutex_lock(&cifs_mount_mutex); 757 ret = smb3_get_tree_common(fc); 758 mutex_unlock(&cifs_mount_mutex); 759 return ret; 760 } 761 762 static void smb3_fs_context_free(struct fs_context *fc) 763 { 764 struct smb3_fs_context *ctx = smb3_fc2context(fc); 765 766 smb3_cleanup_fs_context(ctx); 767 } 768 769 /* 770 * Compare the old and new proposed context during reconfigure 771 * and check if the changes are compatible. 772 */ 773 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 774 struct smb3_fs_context *new_ctx, 775 struct smb3_fs_context *old_ctx) 776 { 777 if (new_ctx->posix_paths != old_ctx->posix_paths) { 778 cifs_errorf(fc, "can not change posixpaths during remount\n"); 779 return -EINVAL; 780 } 781 if (new_ctx->sectype != old_ctx->sectype) { 782 cifs_errorf(fc, "can not change sec during remount\n"); 783 return -EINVAL; 784 } 785 if (new_ctx->multiuser != old_ctx->multiuser) { 786 cifs_errorf(fc, "can not change multiuser during remount\n"); 787 return -EINVAL; 788 } 789 if (new_ctx->UNC && 790 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 791 cifs_errorf(fc, "can not change UNC during remount\n"); 792 return -EINVAL; 793 } 794 if (new_ctx->username && 795 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 796 cifs_errorf(fc, "can not change username during remount\n"); 797 return -EINVAL; 798 } 799 if (new_ctx->password && 800 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 801 cifs_errorf(fc, "can not change password during remount\n"); 802 return -EINVAL; 803 } 804 if (new_ctx->domainname && 805 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 806 cifs_errorf(fc, "can not change domainname during remount\n"); 807 return -EINVAL; 808 } 809 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 810 cifs_errorf(fc, "can not change workstation_name during remount\n"); 811 return -EINVAL; 812 } 813 if (new_ctx->nodename && 814 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 815 cifs_errorf(fc, "can not change nodename during remount\n"); 816 return -EINVAL; 817 } 818 if (new_ctx->iocharset && 819 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 820 cifs_errorf(fc, "can not change iocharset during remount\n"); 821 return -EINVAL; 822 } 823 824 return 0; 825 } 826 827 #define STEAL_STRING(cifs_sb, ctx, field) \ 828 do { \ 829 kfree(ctx->field); \ 830 ctx->field = cifs_sb->ctx->field; \ 831 cifs_sb->ctx->field = NULL; \ 832 } while (0) 833 834 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 835 do { \ 836 kfree_sensitive(ctx->field); \ 837 ctx->field = cifs_sb->ctx->field; \ 838 cifs_sb->ctx->field = NULL; \ 839 } while (0) 840 841 static int smb3_reconfigure(struct fs_context *fc) 842 { 843 struct smb3_fs_context *ctx = smb3_fc2context(fc); 844 struct dentry *root = fc->root; 845 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 846 int rc; 847 848 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx); 849 if (rc) 850 return rc; 851 852 /* 853 * We can not change UNC/username/password/domainname/ 854 * workstation_name/nodename/iocharset 855 * during reconnect so ignore what we have in the new context and 856 * just use what we already have in cifs_sb->ctx. 857 */ 858 STEAL_STRING(cifs_sb, ctx, UNC); 859 STEAL_STRING(cifs_sb, ctx, source); 860 STEAL_STRING(cifs_sb, ctx, username); 861 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 862 STEAL_STRING(cifs_sb, ctx, domainname); 863 STEAL_STRING(cifs_sb, ctx, nodename); 864 STEAL_STRING(cifs_sb, ctx, iocharset); 865 866 /* if rsize or wsize not passed in on remount, use previous values */ 867 if (ctx->rsize == 0) 868 ctx->rsize = cifs_sb->ctx->rsize; 869 if (ctx->wsize == 0) 870 ctx->wsize = cifs_sb->ctx->wsize; 871 872 873 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 874 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 875 smb3_update_mnt_flags(cifs_sb); 876 #ifdef CONFIG_CIFS_DFS_UPCALL 877 if (!rc) 878 rc = dfs_cache_remount_fs(cifs_sb); 879 #endif 880 881 return rc; 882 } 883 884 static int smb3_fs_context_parse_param(struct fs_context *fc, 885 struct fs_parameter *param) 886 { 887 struct fs_parse_result result; 888 struct smb3_fs_context *ctx = smb3_fc2context(fc); 889 int i, opt; 890 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 891 bool skip_parsing = false; 892 kuid_t uid; 893 kgid_t gid; 894 895 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 896 897 /* 898 * fs_parse can not handle string options with an empty value so 899 * we will need special handling of them. 900 */ 901 if (param->type == fs_value_is_string && param->string[0] == 0) { 902 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 903 skip_parsing = true; 904 opt = Opt_pass; 905 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 906 skip_parsing = true; 907 opt = Opt_user; 908 } 909 } 910 911 if (!skip_parsing) { 912 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 913 if (opt < 0) 914 return ctx->sloppy ? 1 : opt; 915 } 916 917 switch (opt) { 918 case Opt_compress: 919 ctx->compression = UNKNOWN_TYPE; 920 cifs_dbg(VFS, 921 "SMB3 compression support is experimental\n"); 922 break; 923 case Opt_nodfs: 924 ctx->nodfs = 1; 925 break; 926 case Opt_hard: 927 if (result.negated) { 928 if (ctx->retry == 1) 929 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 930 ctx->retry = 0; 931 } else 932 ctx->retry = 1; 933 break; 934 case Opt_soft: 935 if (result.negated) 936 ctx->retry = 1; 937 else { 938 if (ctx->retry == 1) 939 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 940 ctx->retry = 0; 941 } 942 break; 943 case Opt_mapposix: 944 if (result.negated) 945 ctx->remap = false; 946 else { 947 ctx->remap = true; 948 ctx->sfu_remap = false; /* disable SFU mapping */ 949 } 950 break; 951 case Opt_mapchars: 952 if (result.negated) 953 ctx->sfu_remap = false; 954 else { 955 ctx->sfu_remap = true; 956 ctx->remap = false; /* disable SFM (mapposix) mapping */ 957 } 958 break; 959 case Opt_user_xattr: 960 if (result.negated) 961 ctx->no_xattr = 1; 962 else 963 ctx->no_xattr = 0; 964 break; 965 case Opt_forceuid: 966 if (result.negated) 967 ctx->override_uid = 0; 968 else 969 ctx->override_uid = 1; 970 break; 971 case Opt_forcegid: 972 if (result.negated) 973 ctx->override_gid = 0; 974 else 975 ctx->override_gid = 1; 976 break; 977 case Opt_perm: 978 if (result.negated) 979 ctx->noperm = 1; 980 else 981 ctx->noperm = 0; 982 break; 983 case Opt_dynperm: 984 if (result.negated) 985 ctx->dynperm = 0; 986 else 987 ctx->dynperm = 1; 988 break; 989 case Opt_sfu: 990 if (result.negated) 991 ctx->sfu_emul = 0; 992 else 993 ctx->sfu_emul = 1; 994 break; 995 case Opt_noblocksend: 996 ctx->noblocksnd = 1; 997 break; 998 case Opt_noautotune: 999 ctx->noautotune = 1; 1000 break; 1001 case Opt_nolease: 1002 ctx->no_lease = 1; 1003 break; 1004 case Opt_nosparse: 1005 ctx->no_sparse = 1; 1006 break; 1007 case Opt_nodelete: 1008 ctx->nodelete = 1; 1009 break; 1010 case Opt_multichannel: 1011 if (result.negated) { 1012 ctx->multichannel = false; 1013 ctx->max_channels = 1; 1014 } else { 1015 ctx->multichannel = true; 1016 /* if number of channels not specified, default to 2 */ 1017 if (ctx->max_channels < 2) 1018 ctx->max_channels = 2; 1019 } 1020 break; 1021 case Opt_uid: 1022 uid = make_kuid(current_user_ns(), result.uint_32); 1023 if (!uid_valid(uid)) 1024 goto cifs_parse_mount_err; 1025 ctx->linux_uid = uid; 1026 ctx->uid_specified = true; 1027 break; 1028 case Opt_cruid: 1029 uid = make_kuid(current_user_ns(), result.uint_32); 1030 if (!uid_valid(uid)) 1031 goto cifs_parse_mount_err; 1032 ctx->cred_uid = uid; 1033 ctx->cruid_specified = true; 1034 break; 1035 case Opt_backupuid: 1036 uid = make_kuid(current_user_ns(), result.uint_32); 1037 if (!uid_valid(uid)) 1038 goto cifs_parse_mount_err; 1039 ctx->backupuid = uid; 1040 ctx->backupuid_specified = true; 1041 break; 1042 case Opt_backupgid: 1043 gid = make_kgid(current_user_ns(), result.uint_32); 1044 if (!gid_valid(gid)) 1045 goto cifs_parse_mount_err; 1046 ctx->backupgid = gid; 1047 ctx->backupgid_specified = true; 1048 break; 1049 case Opt_gid: 1050 gid = make_kgid(current_user_ns(), result.uint_32); 1051 if (!gid_valid(gid)) 1052 goto cifs_parse_mount_err; 1053 ctx->linux_gid = gid; 1054 ctx->gid_specified = true; 1055 break; 1056 case Opt_port: 1057 ctx->port = result.uint_32; 1058 break; 1059 case Opt_file_mode: 1060 ctx->file_mode = result.uint_32; 1061 break; 1062 case Opt_dirmode: 1063 ctx->dir_mode = result.uint_32; 1064 break; 1065 case Opt_min_enc_offload: 1066 ctx->min_offload = result.uint_32; 1067 break; 1068 case Opt_retrans: 1069 ctx->retrans = result.uint_32; 1070 break; 1071 case Opt_blocksize: 1072 /* 1073 * inode blocksize realistically should never need to be 1074 * less than 16K or greater than 16M and default is 1MB. 1075 * Note that small inode block sizes (e.g. 64K) can lead 1076 * to very poor performance of common tools like cp and scp 1077 */ 1078 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1079 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1080 cifs_errorf(fc, "%s: Invalid blocksize\n", 1081 __func__); 1082 goto cifs_parse_mount_err; 1083 } 1084 ctx->bsize = result.uint_32; 1085 ctx->got_bsize = true; 1086 break; 1087 case Opt_rasize: 1088 /* 1089 * readahead size realistically should never need to be 1090 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1091 * (perhaps an exception should be considered in the 1092 * for the case of a large number of channels 1093 * when multichannel is negotiated) since that would lead 1094 * to plenty of parallel I/O in flight to the server. 1095 * Note that smaller read ahead sizes would 1096 * hurt performance of common tools like cp and scp 1097 * which often trigger sequential i/o with read ahead 1098 */ 1099 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1100 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1101 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1102 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1103 goto cifs_parse_mount_err; 1104 } 1105 ctx->rasize = result.uint_32; 1106 break; 1107 case Opt_rsize: 1108 ctx->rsize = result.uint_32; 1109 ctx->got_rsize = true; 1110 break; 1111 case Opt_wsize: 1112 ctx->wsize = result.uint_32; 1113 ctx->got_wsize = true; 1114 break; 1115 case Opt_acregmax: 1116 ctx->acregmax = HZ * result.uint_32; 1117 if (ctx->acregmax > CIFS_MAX_ACTIMEO) { 1118 cifs_errorf(fc, "acregmax too large\n"); 1119 goto cifs_parse_mount_err; 1120 } 1121 break; 1122 case Opt_acdirmax: 1123 ctx->acdirmax = HZ * result.uint_32; 1124 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) { 1125 cifs_errorf(fc, "acdirmax too large\n"); 1126 goto cifs_parse_mount_err; 1127 } 1128 break; 1129 case Opt_actimeo: 1130 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) { 1131 cifs_errorf(fc, "timeout too large\n"); 1132 goto cifs_parse_mount_err; 1133 } 1134 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1135 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1136 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1137 break; 1138 } 1139 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1140 break; 1141 case Opt_closetimeo: 1142 ctx->closetimeo = HZ * result.uint_32; 1143 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) { 1144 cifs_errorf(fc, "closetimeo too large\n"); 1145 goto cifs_parse_mount_err; 1146 } 1147 break; 1148 case Opt_echo_interval: 1149 ctx->echo_interval = result.uint_32; 1150 break; 1151 case Opt_snapshot: 1152 ctx->snapshot_time = result.uint_64; 1153 break; 1154 case Opt_max_credits: 1155 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1156 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1157 __func__); 1158 goto cifs_parse_mount_err; 1159 } 1160 ctx->max_credits = result.uint_32; 1161 break; 1162 case Opt_max_channels: 1163 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1164 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1165 __func__, CIFS_MAX_CHANNELS); 1166 goto cifs_parse_mount_err; 1167 } 1168 ctx->max_channels = result.uint_32; 1169 /* If more than one channel requested ... they want multichan */ 1170 if (result.uint_32 > 1) 1171 ctx->multichannel = true; 1172 break; 1173 case Opt_max_cached_dirs: 1174 if (result.uint_32 < 1) { 1175 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n", 1176 __func__); 1177 goto cifs_parse_mount_err; 1178 } 1179 ctx->max_cached_dirs = result.uint_32; 1180 break; 1181 case Opt_handletimeout: 1182 ctx->handle_timeout = result.uint_32; 1183 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1184 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1185 goto cifs_parse_mount_err; 1186 } 1187 break; 1188 case Opt_source: 1189 kfree(ctx->UNC); 1190 ctx->UNC = NULL; 1191 switch (smb3_parse_devname(param->string, ctx)) { 1192 case 0: 1193 break; 1194 case -ENOMEM: 1195 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1196 goto cifs_parse_mount_err; 1197 case -EINVAL: 1198 cifs_errorf(fc, "Malformed UNC in devname\n"); 1199 goto cifs_parse_mount_err; 1200 default: 1201 cifs_errorf(fc, "Unknown error parsing devname\n"); 1202 goto cifs_parse_mount_err; 1203 } 1204 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1205 if (IS_ERR(ctx->source)) { 1206 ctx->source = NULL; 1207 cifs_errorf(fc, "OOM when copying UNC string\n"); 1208 goto cifs_parse_mount_err; 1209 } 1210 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1211 if (fc->source == NULL) { 1212 cifs_errorf(fc, "OOM when copying UNC string\n"); 1213 goto cifs_parse_mount_err; 1214 } 1215 break; 1216 case Opt_user: 1217 kfree(ctx->username); 1218 ctx->username = NULL; 1219 if (ctx->nullauth) 1220 break; 1221 if (strlen(param->string) == 0) { 1222 /* null user, ie. anonymous authentication */ 1223 ctx->nullauth = 1; 1224 break; 1225 } 1226 1227 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) > 1228 CIFS_MAX_USERNAME_LEN) { 1229 pr_warn("username too long\n"); 1230 goto cifs_parse_mount_err; 1231 } 1232 ctx->username = kstrdup(param->string, GFP_KERNEL); 1233 if (ctx->username == NULL) { 1234 cifs_errorf(fc, "OOM when copying username string\n"); 1235 goto cifs_parse_mount_err; 1236 } 1237 break; 1238 case Opt_pass: 1239 kfree_sensitive(ctx->password); 1240 ctx->password = NULL; 1241 if (strlen(param->string) == 0) 1242 break; 1243 1244 ctx->password = kstrdup(param->string, GFP_KERNEL); 1245 if (ctx->password == NULL) { 1246 cifs_errorf(fc, "OOM when copying password string\n"); 1247 goto cifs_parse_mount_err; 1248 } 1249 break; 1250 case Opt_ip: 1251 if (strlen(param->string) == 0) { 1252 ctx->got_ip = false; 1253 break; 1254 } 1255 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1256 param->string, 1257 strlen(param->string))) { 1258 pr_err("bad ip= option (%s)\n", param->string); 1259 goto cifs_parse_mount_err; 1260 } 1261 ctx->got_ip = true; 1262 break; 1263 case Opt_domain: 1264 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1265 == CIFS_MAX_DOMAINNAME_LEN) { 1266 pr_warn("domain name too long\n"); 1267 goto cifs_parse_mount_err; 1268 } 1269 1270 kfree(ctx->domainname); 1271 ctx->domainname = kstrdup(param->string, GFP_KERNEL); 1272 if (ctx->domainname == NULL) { 1273 cifs_errorf(fc, "OOM when copying domainname string\n"); 1274 goto cifs_parse_mount_err; 1275 } 1276 cifs_dbg(FYI, "Domain name set\n"); 1277 break; 1278 case Opt_srcaddr: 1279 if (!cifs_convert_address( 1280 (struct sockaddr *)&ctx->srcaddr, 1281 param->string, strlen(param->string))) { 1282 pr_warn("Could not parse srcaddr: %s\n", 1283 param->string); 1284 goto cifs_parse_mount_err; 1285 } 1286 break; 1287 case Opt_iocharset: 1288 if (strnlen(param->string, 1024) >= 65) { 1289 pr_warn("iocharset name too long\n"); 1290 goto cifs_parse_mount_err; 1291 } 1292 1293 if (strncasecmp(param->string, "default", 7) != 0) { 1294 kfree(ctx->iocharset); 1295 ctx->iocharset = kstrdup(param->string, GFP_KERNEL); 1296 if (ctx->iocharset == NULL) { 1297 cifs_errorf(fc, "OOM when copying iocharset string\n"); 1298 goto cifs_parse_mount_err; 1299 } 1300 } 1301 /* if iocharset not set then load_nls_default 1302 * is used by caller 1303 */ 1304 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1305 break; 1306 case Opt_netbiosname: 1307 memset(ctx->source_rfc1001_name, 0x20, 1308 RFC1001_NAME_LEN); 1309 /* 1310 * FIXME: are there cases in which a comma can 1311 * be valid in workstation netbios name (and 1312 * need special handling)? 1313 */ 1314 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1315 /* don't ucase netbiosname for user */ 1316 if (param->string[i] == 0) 1317 break; 1318 ctx->source_rfc1001_name[i] = param->string[i]; 1319 } 1320 /* The string has 16th byte zero still from 1321 * set at top of the function 1322 */ 1323 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1324 pr_warn("netbiosname longer than 15 truncated\n"); 1325 break; 1326 case Opt_servern: 1327 /* last byte, type, is 0x20 for servr type */ 1328 memset(ctx->target_rfc1001_name, 0x20, 1329 RFC1001_NAME_LEN_WITH_NULL); 1330 /* 1331 * BB are there cases in which a comma can be valid in this 1332 * workstation netbios name (and need special handling)? 1333 */ 1334 1335 /* user or mount helper must uppercase the netbios name */ 1336 for (i = 0; i < 15; i++) { 1337 if (param->string[i] == 0) 1338 break; 1339 ctx->target_rfc1001_name[i] = param->string[i]; 1340 } 1341 1342 /* The string has 16th byte zero still from set at top of function */ 1343 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1344 pr_warn("server netbiosname longer than 15 truncated\n"); 1345 break; 1346 case Opt_ver: 1347 /* version of mount userspace tools, not dialect */ 1348 /* If interface changes in mount.cifs bump to new ver */ 1349 if (strncasecmp(param->string, "1", 1) == 0) { 1350 if (strlen(param->string) > 1) { 1351 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1352 param->string); 1353 goto cifs_parse_mount_err; 1354 } 1355 /* This is the default */ 1356 break; 1357 } 1358 /* For all other value, error */ 1359 pr_warn("Invalid mount helper version specified\n"); 1360 goto cifs_parse_mount_err; 1361 case Opt_vers: 1362 /* protocol version (dialect) */ 1363 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1364 goto cifs_parse_mount_err; 1365 ctx->got_version = true; 1366 break; 1367 case Opt_sec: 1368 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1369 goto cifs_parse_mount_err; 1370 break; 1371 case Opt_cache: 1372 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1373 goto cifs_parse_mount_err; 1374 break; 1375 case Opt_witness: 1376 #ifndef CONFIG_CIFS_SWN_UPCALL 1377 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1378 goto cifs_parse_mount_err; 1379 #endif 1380 ctx->witness = true; 1381 pr_warn_once("Witness protocol support is experimental\n"); 1382 break; 1383 case Opt_rootfs: 1384 #ifndef CONFIG_CIFS_ROOT 1385 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1386 goto cifs_parse_mount_err; 1387 #endif 1388 ctx->rootfs = true; 1389 break; 1390 case Opt_posixpaths: 1391 if (result.negated) 1392 ctx->posix_paths = 0; 1393 else 1394 ctx->posix_paths = 1; 1395 break; 1396 case Opt_unix: 1397 if (result.negated) { 1398 if (ctx->linux_ext == 1) 1399 pr_warn_once("conflicting posix mount options specified\n"); 1400 ctx->linux_ext = 0; 1401 ctx->no_linux_ext = 1; 1402 } else { 1403 if (ctx->no_linux_ext == 1) 1404 pr_warn_once("conflicting posix mount options specified\n"); 1405 ctx->linux_ext = 1; 1406 ctx->no_linux_ext = 0; 1407 } 1408 break; 1409 case Opt_nocase: 1410 ctx->nocase = 1; 1411 break; 1412 case Opt_brl: 1413 if (result.negated) { 1414 /* 1415 * turn off mandatory locking in mode 1416 * if remote locking is turned off since the 1417 * local vfs will do advisory 1418 */ 1419 if (ctx->file_mode == 1420 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1421 ctx->file_mode = S_IALLUGO; 1422 ctx->nobrl = 1; 1423 } else 1424 ctx->nobrl = 0; 1425 break; 1426 case Opt_handlecache: 1427 if (result.negated) 1428 ctx->nohandlecache = 1; 1429 else 1430 ctx->nohandlecache = 0; 1431 break; 1432 case Opt_forcemandatorylock: 1433 ctx->mand_lock = 1; 1434 break; 1435 case Opt_setuids: 1436 ctx->setuids = result.negated; 1437 break; 1438 case Opt_intr: 1439 ctx->intr = !result.negated; 1440 break; 1441 case Opt_setuidfromacl: 1442 ctx->setuidfromacl = 1; 1443 break; 1444 case Opt_strictsync: 1445 ctx->nostrictsync = result.negated; 1446 break; 1447 case Opt_serverino: 1448 ctx->server_ino = !result.negated; 1449 break; 1450 case Opt_rwpidforward: 1451 ctx->rwpidforward = 1; 1452 break; 1453 case Opt_modesid: 1454 ctx->mode_ace = 1; 1455 break; 1456 case Opt_cifsacl: 1457 ctx->cifs_acl = !result.negated; 1458 break; 1459 case Opt_acl: 1460 ctx->no_psx_acl = result.negated; 1461 break; 1462 case Opt_locallease: 1463 ctx->local_lease = 1; 1464 break; 1465 case Opt_sign: 1466 ctx->sign = true; 1467 break; 1468 case Opt_ignore_signature: 1469 ctx->sign = true; 1470 ctx->ignore_signature = true; 1471 break; 1472 case Opt_seal: 1473 /* we do not do the following in secFlags because seal 1474 * is a per tree connection (mount) not a per socket 1475 * or per-smb connection option in the protocol 1476 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1477 */ 1478 ctx->seal = 1; 1479 break; 1480 case Opt_noac: 1481 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1482 break; 1483 case Opt_fsc: 1484 #ifndef CONFIG_CIFS_FSCACHE 1485 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1486 goto cifs_parse_mount_err; 1487 #endif 1488 ctx->fsc = true; 1489 break; 1490 case Opt_mfsymlinks: 1491 ctx->mfsymlinks = true; 1492 break; 1493 case Opt_multiuser: 1494 ctx->multiuser = true; 1495 break; 1496 case Opt_sloppy: 1497 ctx->sloppy = true; 1498 break; 1499 case Opt_nosharesock: 1500 ctx->nosharesock = true; 1501 break; 1502 case Opt_persistent: 1503 if (result.negated) { 1504 ctx->nopersistent = true; 1505 if (ctx->persistent) { 1506 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1507 goto cifs_parse_mount_err; 1508 } 1509 } else { 1510 ctx->persistent = true; 1511 if ((ctx->nopersistent) || (ctx->resilient)) { 1512 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1513 goto cifs_parse_mount_err; 1514 } 1515 } 1516 break; 1517 case Opt_resilient: 1518 if (result.negated) { 1519 ctx->resilient = false; /* already the default */ 1520 } else { 1521 ctx->resilient = true; 1522 if (ctx->persistent) { 1523 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1524 goto cifs_parse_mount_err; 1525 } 1526 } 1527 break; 1528 case Opt_tcp_nodelay: 1529 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1530 if (result.negated) 1531 ctx->sockopt_tcp_nodelay = false; 1532 else 1533 ctx->sockopt_tcp_nodelay = true; 1534 break; 1535 case Opt_domainauto: 1536 ctx->domainauto = true; 1537 break; 1538 case Opt_rdma: 1539 ctx->rdma = true; 1540 break; 1541 } 1542 /* case Opt_ignore: - is ignored as expected ... */ 1543 1544 return 0; 1545 1546 cifs_parse_mount_err: 1547 kfree_sensitive(ctx->password); 1548 ctx->password = NULL; 1549 return -EINVAL; 1550 } 1551 1552 int smb3_init_fs_context(struct fs_context *fc) 1553 { 1554 struct smb3_fs_context *ctx; 1555 char *nodename = utsname()->nodename; 1556 int i; 1557 1558 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL); 1559 if (unlikely(!ctx)) 1560 return -ENOMEM; 1561 1562 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1563 1564 /* 1565 * does not have to be perfect mapping since field is 1566 * informational, only used for servers that do not support 1567 * port 445 and it can be overridden at mount time 1568 */ 1569 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1570 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1571 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1572 1573 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1574 /* 1575 * null target name indicates to use *SMBSERVR default called name 1576 * if we end up sending RFC1001 session initialize 1577 */ 1578 ctx->target_rfc1001_name[0] = 0; 1579 ctx->cred_uid = current_uid(); 1580 ctx->linux_uid = current_uid(); 1581 ctx->linux_gid = current_gid(); 1582 /* By default 4MB read ahead size, 1MB block size */ 1583 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1584 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1585 1586 /* 1587 * default to SFM style remapping of seven reserved characters 1588 * unless user overrides it or we negotiate CIFS POSIX where 1589 * it is unnecessary. Can not simultaneously use more than one mapping 1590 * since then readdir could list files that open could not open 1591 */ 1592 ctx->remap = true; 1593 1594 /* default to only allowing write access to owner of the mount */ 1595 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1596 1597 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1598 /* default is always to request posix paths. */ 1599 ctx->posix_paths = 1; 1600 /* default to using server inode numbers where available */ 1601 ctx->server_ino = 1; 1602 1603 /* default is to use strict cifs caching semantics */ 1604 ctx->strict_io = true; 1605 1606 ctx->acregmax = CIFS_DEF_ACTIMEO; 1607 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1608 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1609 ctx->max_cached_dirs = MAX_CACHED_FIDS; 1610 /* Most clients set timeout to 0, allows server to use its default */ 1611 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1612 1613 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1614 ctx->ops = &smb30_operations; 1615 ctx->vals = &smbdefault_values; 1616 1617 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1618 1619 /* default to no multichannel (single server connection) */ 1620 ctx->multichannel = false; 1621 ctx->max_channels = 1; 1622 1623 ctx->backupuid_specified = false; /* no backup intent for a user */ 1624 ctx->backupgid_specified = false; /* no backup intent for a group */ 1625 1626 ctx->retrans = 1; 1627 1628 /* 1629 * short int override_uid = -1; 1630 * short int override_gid = -1; 1631 * char *nodename = strdup(utsname()->nodename); 1632 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 1633 */ 1634 1635 fc->fs_private = ctx; 1636 fc->ops = &smb3_fs_context_ops; 1637 return 0; 1638 } 1639 1640 void 1641 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 1642 { 1643 if (ctx == NULL) 1644 return; 1645 1646 /* 1647 * Make sure this stays in sync with smb3_fs_context_dup() 1648 */ 1649 kfree(ctx->username); 1650 ctx->username = NULL; 1651 kfree_sensitive(ctx->password); 1652 ctx->password = NULL; 1653 kfree(ctx->server_hostname); 1654 ctx->server_hostname = NULL; 1655 kfree(ctx->UNC); 1656 ctx->UNC = NULL; 1657 kfree(ctx->source); 1658 ctx->source = NULL; 1659 kfree(ctx->domainname); 1660 ctx->domainname = NULL; 1661 kfree(ctx->nodename); 1662 ctx->nodename = NULL; 1663 kfree(ctx->iocharset); 1664 ctx->iocharset = NULL; 1665 kfree(ctx->prepath); 1666 ctx->prepath = NULL; 1667 kfree(ctx->leaf_fullpath); 1668 ctx->leaf_fullpath = NULL; 1669 } 1670 1671 void 1672 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 1673 { 1674 if (!ctx) 1675 return; 1676 smb3_cleanup_fs_context_contents(ctx); 1677 kfree(ctx); 1678 } 1679 1680 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 1681 { 1682 struct smb3_fs_context *ctx = cifs_sb->ctx; 1683 1684 if (ctx->nodfs) 1685 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS; 1686 else 1687 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS; 1688 1689 if (ctx->noperm) 1690 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1691 else 1692 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM; 1693 1694 if (ctx->setuids) 1695 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID; 1696 else 1697 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID; 1698 1699 if (ctx->setuidfromacl) 1700 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL; 1701 else 1702 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL; 1703 1704 if (ctx->server_ino) 1705 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM; 1706 else 1707 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM; 1708 1709 if (ctx->remap) 1710 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR; 1711 else 1712 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR; 1713 1714 if (ctx->sfu_remap) 1715 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 1716 else 1717 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 1718 1719 if (ctx->no_xattr) 1720 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR; 1721 else 1722 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR; 1723 1724 if (ctx->sfu_emul) 1725 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL; 1726 else 1727 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL; 1728 1729 if (ctx->nobrl) 1730 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL; 1731 else 1732 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL; 1733 1734 if (ctx->nohandlecache) 1735 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE; 1736 else 1737 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 1738 1739 if (ctx->nostrictsync) 1740 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC; 1741 else 1742 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC; 1743 1744 if (ctx->mand_lock) 1745 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL; 1746 else 1747 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL; 1748 1749 if (ctx->rwpidforward) 1750 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 1751 else 1752 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD; 1753 1754 if (ctx->mode_ace) 1755 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID; 1756 else 1757 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID; 1758 1759 if (ctx->cifs_acl) 1760 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 1761 else 1762 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL; 1763 1764 if (ctx->backupuid_specified) 1765 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 1766 else 1767 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 1768 1769 if (ctx->backupgid_specified) 1770 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 1771 else 1772 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 1773 1774 if (ctx->override_uid) 1775 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 1776 else 1777 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID; 1778 1779 if (ctx->override_gid) 1780 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID; 1781 else 1782 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID; 1783 1784 if (ctx->dynperm) 1785 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM; 1786 else 1787 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM; 1788 1789 if (ctx->fsc) 1790 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE; 1791 else 1792 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE; 1793 1794 if (ctx->multiuser) 1795 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 1796 CIFS_MOUNT_NO_PERM); 1797 else 1798 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER; 1799 1800 1801 if (ctx->strict_io) 1802 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO; 1803 else 1804 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO; 1805 1806 if (ctx->direct_io) 1807 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 1808 else 1809 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO; 1810 1811 if (ctx->mfsymlinks) 1812 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS; 1813 else 1814 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS; 1815 if (ctx->mfsymlinks) { 1816 if (ctx->sfu_emul) { 1817 /* 1818 * Our SFU ("Services for Unix" emulation does not allow 1819 * creating symlinks but does allow reading existing SFU 1820 * symlinks (it does allow both creating and reading SFU 1821 * style mknod and FIFOs though). When "mfsymlinks" and 1822 * "sfu" are both enabled at the same time, it allows 1823 * reading both types of symlinks, but will only create 1824 * them with mfsymlinks format. This allows better 1825 * Apple compatibility (probably better for Samba too) 1826 * while still recognizing old Windows style symlinks. 1827 */ 1828 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 1829 } 1830 } 1831 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN; 1832 1833 return; 1834 } 1835