1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 */
17
18 #include <linux/ctype.h>
19 #include <linux/fs_context.h>
20 #include <linux/fs_parser.h>
21 #include <linux/fs.h>
22 #include <linux/mount.h>
23 #include <linux/parser.h>
24 #include <linux/utsname.h>
25 #include "cifsfs.h"
26 #include "cifspdu.h"
27 #include "cifsglob.h"
28 #include "cifsproto.h"
29 #include "cifs_unicode.h"
30 #include "cifs_debug.h"
31 #include "cifs_fs_sb.h"
32 #include "ntlmssp.h"
33 #include "nterr.h"
34 #include "rfc1002pdu.h"
35 #include "fs_context.h"
36
37 static const match_table_t cifs_smb_version_tokens = {
38 { Smb_1, SMB1_VERSION_STRING },
39 { Smb_20, SMB20_VERSION_STRING},
40 { Smb_21, SMB21_VERSION_STRING },
41 { Smb_30, SMB30_VERSION_STRING },
42 { Smb_302, SMB302_VERSION_STRING },
43 { Smb_302, ALT_SMB302_VERSION_STRING },
44 { Smb_311, SMB311_VERSION_STRING },
45 { Smb_311, ALT_SMB311_VERSION_STRING },
46 { Smb_3any, SMB3ANY_VERSION_STRING },
47 { Smb_default, SMBDEFAULT_VERSION_STRING },
48 { Smb_version_err, NULL }
49 };
50
51 static const match_table_t cifs_secflavor_tokens = {
52 { Opt_sec_krb5, "krb5" },
53 { Opt_sec_krb5i, "krb5i" },
54 { Opt_sec_krb5p, "krb5p" },
55 { Opt_sec_ntlmsspi, "ntlmsspi" },
56 { Opt_sec_ntlmssp, "ntlmssp" },
57 { Opt_ntlm, "ntlm" },
58 { Opt_sec_ntlmi, "ntlmi" },
59 { Opt_sec_ntlmv2, "nontlm" },
60 { Opt_sec_ntlmv2, "ntlmv2" },
61 { Opt_sec_ntlmv2i, "ntlmv2i" },
62 { Opt_sec_lanman, "lanman" },
63 { Opt_sec_none, "none" },
64
65 { Opt_sec_err, NULL }
66 };
67
68 const struct fs_parameter_spec smb3_fs_parameters[] = {
69 /* Mount options that take no arguments */
70 fsparam_flag_no("user_xattr", Opt_user_xattr),
71 fsparam_flag_no("forceuid", Opt_forceuid),
72 fsparam_flag_no("multichannel", Opt_multichannel),
73 fsparam_flag_no("forcegid", Opt_forcegid),
74 fsparam_flag("noblocksend", Opt_noblocksend),
75 fsparam_flag("noautotune", Opt_noautotune),
76 fsparam_flag("nolease", Opt_nolease),
77 fsparam_flag_no("hard", Opt_hard),
78 fsparam_flag_no("soft", Opt_soft),
79 fsparam_flag_no("perm", Opt_perm),
80 fsparam_flag("nodelete", Opt_nodelete),
81 fsparam_flag_no("mapposix", Opt_mapposix),
82 fsparam_flag("mapchars", Opt_mapchars),
83 fsparam_flag("nomapchars", Opt_nomapchars),
84 fsparam_flag_no("sfu", Opt_sfu),
85 fsparam_flag("nodfs", Opt_nodfs),
86 fsparam_flag_no("posixpaths", Opt_posixpaths),
87 fsparam_flag_no("unix", Opt_unix),
88 fsparam_flag_no("linux", Opt_unix),
89 fsparam_flag_no("posix", Opt_unix),
90 fsparam_flag("nocase", Opt_nocase),
91 fsparam_flag("ignorecase", Opt_nocase),
92 fsparam_flag_no("brl", Opt_brl),
93 fsparam_flag_no("handlecache", Opt_handlecache),
94 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
95 fsparam_flag("forcemand", Opt_forcemandatorylock),
96 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
97 fsparam_flag("idsfromsid", Opt_setuidfromacl),
98 fsparam_flag_no("setuids", Opt_setuids),
99 fsparam_flag_no("dynperm", Opt_dynperm),
100 fsparam_flag_no("intr", Opt_intr),
101 fsparam_flag_no("strictsync", Opt_strictsync),
102 fsparam_flag_no("serverino", Opt_serverino),
103 fsparam_flag("rwpidforward", Opt_rwpidforward),
104 fsparam_flag("cifsacl", Opt_cifsacl),
105 fsparam_flag_no("acl", Opt_acl),
106 fsparam_flag("locallease", Opt_locallease),
107 fsparam_flag("sign", Opt_sign),
108 fsparam_flag("ignore_signature", Opt_ignore_signature),
109 fsparam_flag("signloosely", Opt_ignore_signature),
110 fsparam_flag("seal", Opt_seal),
111 fsparam_flag("noac", Opt_noac),
112 fsparam_flag("fsc", Opt_fsc),
113 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
114 fsparam_flag("multiuser", Opt_multiuser),
115 fsparam_flag("sloppy", Opt_sloppy),
116 fsparam_flag("nosharesock", Opt_nosharesock),
117 fsparam_flag_no("persistenthandles", Opt_persistent),
118 fsparam_flag_no("resilienthandles", Opt_resilient),
119 fsparam_flag("domainauto", Opt_domainauto),
120 fsparam_flag("rdma", Opt_rdma),
121 fsparam_flag("modesid", Opt_modesid),
122 fsparam_flag("modefromsid", Opt_modesid),
123 fsparam_flag("rootfs", Opt_rootfs),
124 fsparam_flag("compress", Opt_compress),
125 fsparam_flag("witness", Opt_witness),
126
127 /* Mount options which take numeric value */
128 fsparam_u32("backupuid", Opt_backupuid),
129 fsparam_u32("backupgid", Opt_backupgid),
130 fsparam_u32("uid", Opt_uid),
131 fsparam_u32("cruid", Opt_cruid),
132 fsparam_u32("gid", Opt_gid),
133 fsparam_u32("file_mode", Opt_file_mode),
134 fsparam_u32("dirmode", Opt_dirmode),
135 fsparam_u32("dir_mode", Opt_dirmode),
136 fsparam_u32("port", Opt_port),
137 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
138 fsparam_u32("esize", Opt_min_enc_offload),
139 fsparam_u32("bsize", Opt_blocksize),
140 fsparam_u32("rasize", Opt_rasize),
141 fsparam_u32("rsize", Opt_rsize),
142 fsparam_u32("wsize", Opt_wsize),
143 fsparam_u32("actimeo", Opt_actimeo),
144 fsparam_u32("acdirmax", Opt_acdirmax),
145 fsparam_u32("acregmax", Opt_acregmax),
146 fsparam_u32("echo_interval", Opt_echo_interval),
147 fsparam_u32("max_credits", Opt_max_credits),
148 fsparam_u32("handletimeout", Opt_handletimeout),
149 fsparam_u32("snapshot", Opt_snapshot),
150 fsparam_u32("max_channels", Opt_max_channels),
151
152 /* Mount options which take string value */
153 fsparam_string("source", Opt_source),
154 fsparam_string("user", Opt_user),
155 fsparam_string("username", Opt_user),
156 fsparam_string("pass", Opt_pass),
157 fsparam_string("password", Opt_pass),
158 fsparam_string("ip", Opt_ip),
159 fsparam_string("addr", Opt_ip),
160 fsparam_string("domain", Opt_domain),
161 fsparam_string("dom", Opt_domain),
162 fsparam_string("srcaddr", Opt_srcaddr),
163 fsparam_string("iocharset", Opt_iocharset),
164 fsparam_string("netbiosname", Opt_netbiosname),
165 fsparam_string("servern", Opt_servern),
166 fsparam_string("ver", Opt_ver),
167 fsparam_string("vers", Opt_vers),
168 fsparam_string("sec", Opt_sec),
169 fsparam_string("cache", Opt_cache),
170
171 /* Arguments that should be ignored */
172 fsparam_flag("guest", Opt_ignore),
173 fsparam_flag("noatime", Opt_ignore),
174 fsparam_flag("relatime", Opt_ignore),
175 fsparam_flag("_netdev", Opt_ignore),
176 fsparam_flag_no("suid", Opt_ignore),
177 fsparam_flag_no("exec", Opt_ignore),
178 fsparam_flag_no("dev", Opt_ignore),
179 fsparam_flag_no("mand", Opt_ignore),
180 fsparam_flag_no("auto", Opt_ignore),
181 fsparam_string("cred", Opt_ignore),
182 fsparam_string("credentials", Opt_ignore),
183 /*
184 * UNC and prefixpath is now extracted from Opt_source
185 * in the new mount API so we can just ignore them going forward.
186 */
187 fsparam_string("unc", Opt_ignore),
188 fsparam_string("prefixpath", Opt_ignore),
189 {}
190 };
191
192 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)193 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
194 {
195
196 substring_t args[MAX_OPT_ARGS];
197
198 /*
199 * With mount options, the last one should win. Reset any existing
200 * settings back to default.
201 */
202 ctx->sectype = Unspecified;
203 ctx->sign = false;
204
205 switch (match_token(value, cifs_secflavor_tokens, args)) {
206 case Opt_sec_krb5p:
207 cifs_errorf(fc, "sec=krb5p is not supported!\n");
208 return 1;
209 case Opt_sec_krb5i:
210 ctx->sign = true;
211 fallthrough;
212 case Opt_sec_krb5:
213 ctx->sectype = Kerberos;
214 break;
215 case Opt_sec_ntlmsspi:
216 ctx->sign = true;
217 fallthrough;
218 case Opt_sec_ntlmssp:
219 ctx->sectype = RawNTLMSSP;
220 break;
221 case Opt_sec_ntlmi:
222 ctx->sign = true;
223 fallthrough;
224 case Opt_ntlm:
225 ctx->sectype = NTLM;
226 break;
227 case Opt_sec_ntlmv2i:
228 ctx->sign = true;
229 fallthrough;
230 case Opt_sec_ntlmv2:
231 ctx->sectype = NTLMv2;
232 break;
233 #ifdef CONFIG_CIFS_WEAK_PW_HASH
234 case Opt_sec_lanman:
235 ctx->sectype = LANMAN;
236 break;
237 #endif
238 case Opt_sec_none:
239 ctx->nullauth = 1;
240 break;
241 default:
242 cifs_errorf(fc, "bad security option: %s\n", value);
243 return 1;
244 }
245
246 return 0;
247 }
248
249 static const match_table_t cifs_cacheflavor_tokens = {
250 { Opt_cache_loose, "loose" },
251 { Opt_cache_strict, "strict" },
252 { Opt_cache_none, "none" },
253 { Opt_cache_ro, "ro" },
254 { Opt_cache_rw, "singleclient" },
255 { Opt_cache_err, NULL }
256 };
257
258 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)259 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
260 {
261 substring_t args[MAX_OPT_ARGS];
262
263 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
264 case Opt_cache_loose:
265 ctx->direct_io = false;
266 ctx->strict_io = false;
267 ctx->cache_ro = false;
268 ctx->cache_rw = false;
269 break;
270 case Opt_cache_strict:
271 ctx->direct_io = false;
272 ctx->strict_io = true;
273 ctx->cache_ro = false;
274 ctx->cache_rw = false;
275 break;
276 case Opt_cache_none:
277 ctx->direct_io = true;
278 ctx->strict_io = false;
279 ctx->cache_ro = false;
280 ctx->cache_rw = false;
281 break;
282 case Opt_cache_ro:
283 ctx->direct_io = false;
284 ctx->strict_io = false;
285 ctx->cache_ro = true;
286 ctx->cache_rw = false;
287 break;
288 case Opt_cache_rw:
289 ctx->direct_io = false;
290 ctx->strict_io = false;
291 ctx->cache_ro = false;
292 ctx->cache_rw = true;
293 break;
294 default:
295 cifs_errorf(fc, "bad cache= option: %s\n", value);
296 return 1;
297 }
298 return 0;
299 }
300
301 #define DUP_CTX_STR(field) \
302 do { \
303 if (ctx->field) { \
304 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
305 if (new_ctx->field == NULL) { \
306 smb3_cleanup_fs_context_contents(new_ctx); \
307 return -ENOMEM; \
308 } \
309 } \
310 } while (0)
311
312 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)313 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
314 {
315 memcpy(new_ctx, ctx, sizeof(*ctx));
316 new_ctx->prepath = NULL;
317 new_ctx->mount_options = NULL;
318 new_ctx->nodename = NULL;
319 new_ctx->username = NULL;
320 new_ctx->password = NULL;
321 new_ctx->domainname = NULL;
322 new_ctx->UNC = NULL;
323 new_ctx->source = NULL;
324 new_ctx->iocharset = NULL;
325
326 /*
327 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
328 */
329 DUP_CTX_STR(prepath);
330 DUP_CTX_STR(mount_options);
331 DUP_CTX_STR(username);
332 DUP_CTX_STR(password);
333 DUP_CTX_STR(UNC);
334 DUP_CTX_STR(source);
335 DUP_CTX_STR(domainname);
336 DUP_CTX_STR(nodename);
337 DUP_CTX_STR(iocharset);
338
339 return 0;
340 }
341
342 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)343 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
344 {
345 substring_t args[MAX_OPT_ARGS];
346
347 switch (match_token(value, cifs_smb_version_tokens, args)) {
348 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
349 case Smb_1:
350 if (disable_legacy_dialects) {
351 cifs_errorf(fc, "mount with legacy dialect disabled\n");
352 return 1;
353 }
354 if (is_smb3) {
355 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
356 return 1;
357 }
358 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
359 ctx->ops = &smb1_operations;
360 ctx->vals = &smb1_values;
361 break;
362 case Smb_20:
363 if (disable_legacy_dialects) {
364 cifs_errorf(fc, "mount with legacy dialect disabled\n");
365 return 1;
366 }
367 if (is_smb3) {
368 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
369 return 1;
370 }
371 ctx->ops = &smb20_operations;
372 ctx->vals = &smb20_values;
373 break;
374 #else
375 case Smb_1:
376 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
377 return 1;
378 case Smb_20:
379 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
380 return 1;
381 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
382 case Smb_21:
383 ctx->ops = &smb21_operations;
384 ctx->vals = &smb21_values;
385 break;
386 case Smb_30:
387 ctx->ops = &smb30_operations;
388 ctx->vals = &smb30_values;
389 break;
390 case Smb_302:
391 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
392 ctx->vals = &smb302_values;
393 break;
394 case Smb_311:
395 ctx->ops = &smb311_operations;
396 ctx->vals = &smb311_values;
397 break;
398 case Smb_3any:
399 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
400 ctx->vals = &smb3any_values;
401 break;
402 case Smb_default:
403 ctx->ops = &smb30_operations;
404 ctx->vals = &smbdefault_values;
405 break;
406 default:
407 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
408 return 1;
409 }
410 return 0;
411 }
412
smb3_parse_opt(const char * options,const char * key,char ** val)413 int smb3_parse_opt(const char *options, const char *key, char **val)
414 {
415 int rc = -ENOENT;
416 char *opts, *orig, *p;
417
418 orig = opts = kstrdup(options, GFP_KERNEL);
419 if (!opts)
420 return -ENOMEM;
421
422 while ((p = strsep(&opts, ","))) {
423 char *nval;
424
425 if (!*p)
426 continue;
427 if (strncasecmp(p, key, strlen(key)))
428 continue;
429 nval = strchr(p, '=');
430 if (nval) {
431 if (nval == p)
432 continue;
433 *nval++ = 0;
434 *val = kstrdup(nval, GFP_KERNEL);
435 rc = !*val ? -ENOMEM : 0;
436 goto out;
437 }
438 }
439 out:
440 kfree(orig);
441 return rc;
442 }
443
444 /*
445 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
446 * fields with the result. Returns 0 on success and an error otherwise
447 * (e.g. ENOMEM or EINVAL)
448 */
449 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)450 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
451 {
452 char *pos;
453 const char *delims = "/\\";
454 size_t len;
455
456 if (unlikely(!devname || !*devname)) {
457 cifs_dbg(VFS, "Device name not specified\n");
458 return -EINVAL;
459 }
460
461 /* make sure we have a valid UNC double delimiter prefix */
462 len = strspn(devname, delims);
463 if (len != 2)
464 return -EINVAL;
465
466 /* find delimiter between host and sharename */
467 pos = strpbrk(devname + 2, delims);
468 if (!pos)
469 return -EINVAL;
470
471 /* skip past delimiter */
472 ++pos;
473
474 /* now go until next delimiter or end of string */
475 len = strcspn(pos, delims);
476
477 /* move "pos" up to delimiter or NULL */
478 pos += len;
479 kfree(ctx->UNC);
480 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
481 if (!ctx->UNC)
482 return -ENOMEM;
483
484 convert_delimiter(ctx->UNC, '\\');
485
486 /* skip any delimiter */
487 if (*pos == '/' || *pos == '\\')
488 pos++;
489
490 kfree(ctx->prepath);
491 ctx->prepath = NULL;
492
493 /* If pos is NULL then no prepath */
494 if (!*pos)
495 return 0;
496
497 ctx->prepath = kstrdup(pos, GFP_KERNEL);
498 if (!ctx->prepath)
499 return -ENOMEM;
500
501 return 0;
502 }
503
504 static void smb3_fs_context_free(struct fs_context *fc);
505 static int smb3_fs_context_parse_param(struct fs_context *fc,
506 struct fs_parameter *param);
507 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
508 void *data);
509 static int smb3_get_tree(struct fs_context *fc);
510 static int smb3_reconfigure(struct fs_context *fc);
511
512 static const struct fs_context_operations smb3_fs_context_ops = {
513 .free = smb3_fs_context_free,
514 .parse_param = smb3_fs_context_parse_param,
515 .parse_monolithic = smb3_fs_context_parse_monolithic,
516 .get_tree = smb3_get_tree,
517 .reconfigure = smb3_reconfigure,
518 };
519
520 /*
521 * Parse a monolithic block of data from sys_mount().
522 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
523 * @ctx: The superblock configuration to fill in.
524 * @data: The data to parse
525 *
526 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
527 * called from the ->monolithic_mount_data() fs_context operation.
528 *
529 * Returns 0 on success or the error returned by the ->parse_option() fs_context
530 * operation on failure.
531 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)532 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
533 void *data)
534 {
535 struct smb3_fs_context *ctx = smb3_fc2context(fc);
536 char *options = data, *key;
537 int ret = 0;
538
539 if (!options)
540 return 0;
541
542 ctx->mount_options = kstrdup(data, GFP_KERNEL);
543 if (ctx->mount_options == NULL)
544 return -ENOMEM;
545
546 ret = security_sb_eat_lsm_opts(options, &fc->security);
547 if (ret)
548 return ret;
549
550 /* BB Need to add support for sep= here TBD */
551 while ((key = strsep(&options, ",")) != NULL) {
552 size_t len;
553 char *value;
554
555 if (*key == 0)
556 break;
557
558 /* Check if following character is the deliminator If yes,
559 * we have encountered a double deliminator reset the NULL
560 * character to the deliminator
561 */
562 while (options && options[0] == ',') {
563 len = strlen(key);
564 strcpy(key + len, options);
565 options = strchr(options, ',');
566 if (options)
567 *options++ = 0;
568 }
569
570
571 len = 0;
572 value = strchr(key, '=');
573 if (value) {
574 if (value == key)
575 continue;
576 *value++ = 0;
577 len = strlen(value);
578 }
579
580 ret = vfs_parse_fs_string(fc, key, value, len);
581 if (ret < 0)
582 break;
583 }
584
585 return ret;
586 }
587
588 /*
589 * Validate the preparsed information in the config.
590 */
smb3_fs_context_validate(struct fs_context * fc)591 static int smb3_fs_context_validate(struct fs_context *fc)
592 {
593 struct smb3_fs_context *ctx = smb3_fc2context(fc);
594
595 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
596 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
597 return -EOPNOTSUPP;
598 }
599
600 #ifndef CONFIG_KEYS
601 /* Muliuser mounts require CONFIG_KEYS support */
602 if (ctx->multiuser) {
603 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
604 return -1;
605 }
606 #endif
607
608 if (ctx->got_version == false)
609 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
610
611
612 if (!ctx->UNC) {
613 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
614 return -1;
615 }
616
617 /* make sure UNC has a share name */
618 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
619 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
620 return -ENOENT;
621 }
622
623 if (!ctx->got_ip) {
624 int len;
625 const char *slash;
626
627 /* No ip= option specified? Try to get it from UNC */
628 /* Use the address part of the UNC. */
629 slash = strchr(&ctx->UNC[2], '\\');
630 len = slash - &ctx->UNC[2];
631 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
632 &ctx->UNC[2], len)) {
633 pr_err("Unable to determine destination address\n");
634 return -EHOSTUNREACH;
635 }
636 }
637
638 /* set the port that we got earlier */
639 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
640
641 if (ctx->override_uid && !ctx->uid_specified) {
642 ctx->override_uid = 0;
643 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
644 }
645
646 if (ctx->override_gid && !ctx->gid_specified) {
647 ctx->override_gid = 0;
648 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
649 }
650
651 return 0;
652 }
653
smb3_get_tree_common(struct fs_context * fc)654 static int smb3_get_tree_common(struct fs_context *fc)
655 {
656 struct smb3_fs_context *ctx = smb3_fc2context(fc);
657 struct dentry *root;
658 int rc = 0;
659
660 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
661 if (IS_ERR(root))
662 return PTR_ERR(root);
663
664 fc->root = root;
665
666 return rc;
667 }
668
669 /*
670 * Create an SMB3 superblock from the parameters passed.
671 */
smb3_get_tree(struct fs_context * fc)672 static int smb3_get_tree(struct fs_context *fc)
673 {
674 int err = smb3_fs_context_validate(fc);
675
676 if (err)
677 return err;
678 return smb3_get_tree_common(fc);
679 }
680
smb3_fs_context_free(struct fs_context * fc)681 static void smb3_fs_context_free(struct fs_context *fc)
682 {
683 struct smb3_fs_context *ctx = smb3_fc2context(fc);
684
685 smb3_cleanup_fs_context(ctx);
686 }
687
688 /*
689 * Compare the old and new proposed context during reconfigure
690 * and check if the changes are compatible.
691 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx)692 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
693 struct smb3_fs_context *new_ctx,
694 struct smb3_fs_context *old_ctx)
695 {
696 if (new_ctx->posix_paths != old_ctx->posix_paths) {
697 cifs_errorf(fc, "can not change posixpaths during remount\n");
698 return -EINVAL;
699 }
700 if (new_ctx->sectype != old_ctx->sectype) {
701 cifs_errorf(fc, "can not change sec during remount\n");
702 return -EINVAL;
703 }
704 if (new_ctx->multiuser != old_ctx->multiuser) {
705 cifs_errorf(fc, "can not change multiuser during remount\n");
706 return -EINVAL;
707 }
708 if (new_ctx->UNC &&
709 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
710 cifs_errorf(fc, "can not change UNC during remount\n");
711 return -EINVAL;
712 }
713 if (new_ctx->username &&
714 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
715 cifs_errorf(fc, "can not change username during remount\n");
716 return -EINVAL;
717 }
718 if (new_ctx->password &&
719 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
720 cifs_errorf(fc, "can not change password during remount\n");
721 return -EINVAL;
722 }
723 if (new_ctx->domainname &&
724 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
725 cifs_errorf(fc, "can not change domainname during remount\n");
726 return -EINVAL;
727 }
728 if (new_ctx->nodename &&
729 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
730 cifs_errorf(fc, "can not change nodename during remount\n");
731 return -EINVAL;
732 }
733 if (new_ctx->iocharset &&
734 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
735 cifs_errorf(fc, "can not change iocharset during remount\n");
736 return -EINVAL;
737 }
738
739 return 0;
740 }
741
742 #define STEAL_STRING(cifs_sb, ctx, field) \
743 do { \
744 kfree(ctx->field); \
745 ctx->field = cifs_sb->ctx->field; \
746 cifs_sb->ctx->field = NULL; \
747 } while (0)
748
smb3_reconfigure(struct fs_context * fc)749 static int smb3_reconfigure(struct fs_context *fc)
750 {
751 struct smb3_fs_context *ctx = smb3_fc2context(fc);
752 struct dentry *root = fc->root;
753 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
754 int rc;
755
756 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
757 if (rc)
758 return rc;
759
760 /*
761 * We can not change UNC/username/password/domainname/nodename/iocharset
762 * during reconnect so ignore what we have in the new context and
763 * just use what we already have in cifs_sb->ctx.
764 */
765 STEAL_STRING(cifs_sb, ctx, UNC);
766 STEAL_STRING(cifs_sb, ctx, source);
767 STEAL_STRING(cifs_sb, ctx, username);
768 STEAL_STRING(cifs_sb, ctx, password);
769 STEAL_STRING(cifs_sb, ctx, domainname);
770 STEAL_STRING(cifs_sb, ctx, nodename);
771 STEAL_STRING(cifs_sb, ctx, iocharset);
772
773 /* if rsize or wsize not passed in on remount, use previous values */
774 if (ctx->rsize == 0)
775 ctx->rsize = cifs_sb->ctx->rsize;
776 if (ctx->wsize == 0)
777 ctx->wsize = cifs_sb->ctx->wsize;
778
779
780 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
781 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
782 smb3_update_mnt_flags(cifs_sb);
783
784 return rc;
785 }
786
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)787 static int smb3_fs_context_parse_param(struct fs_context *fc,
788 struct fs_parameter *param)
789 {
790 struct fs_parse_result result;
791 struct smb3_fs_context *ctx = smb3_fc2context(fc);
792 int i, opt;
793 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
794 bool skip_parsing = false;
795
796 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
797
798 /*
799 * fs_parse can not handle string options with an empty value so
800 * we will need special handling of them.
801 */
802 if (param->type == fs_value_is_string && param->string[0] == 0) {
803 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
804 skip_parsing = true;
805 opt = Opt_pass;
806 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
807 skip_parsing = true;
808 opt = Opt_user;
809 }
810 }
811
812 if (!skip_parsing) {
813 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
814 if (opt < 0)
815 return ctx->sloppy ? 1 : opt;
816 }
817
818 switch (opt) {
819 case Opt_compress:
820 ctx->compression = UNKNOWN_TYPE;
821 cifs_dbg(VFS,
822 "SMB3 compression support is experimental\n");
823 break;
824 case Opt_nodfs:
825 ctx->nodfs = 1;
826 break;
827 case Opt_hard:
828 if (result.negated)
829 ctx->retry = 0;
830 else
831 ctx->retry = 1;
832 break;
833 case Opt_soft:
834 if (result.negated)
835 ctx->retry = 1;
836 else
837 ctx->retry = 0;
838 break;
839 case Opt_mapposix:
840 if (result.negated)
841 ctx->remap = false;
842 else {
843 ctx->remap = true;
844 ctx->sfu_remap = false; /* disable SFU mapping */
845 }
846 break;
847 case Opt_user_xattr:
848 if (result.negated)
849 ctx->no_xattr = 1;
850 else
851 ctx->no_xattr = 0;
852 break;
853 case Opt_forceuid:
854 if (result.negated)
855 ctx->override_uid = 0;
856 else
857 ctx->override_uid = 1;
858 break;
859 case Opt_forcegid:
860 if (result.negated)
861 ctx->override_gid = 0;
862 else
863 ctx->override_gid = 1;
864 break;
865 case Opt_perm:
866 if (result.negated)
867 ctx->noperm = 1;
868 else
869 ctx->noperm = 0;
870 break;
871 case Opt_dynperm:
872 if (result.negated)
873 ctx->dynperm = 0;
874 else
875 ctx->dynperm = 1;
876 break;
877 case Opt_sfu:
878 if (result.negated)
879 ctx->sfu_emul = 0;
880 else
881 ctx->sfu_emul = 1;
882 break;
883 case Opt_noblocksend:
884 ctx->noblocksnd = 1;
885 break;
886 case Opt_noautotune:
887 ctx->noautotune = 1;
888 break;
889 case Opt_nolease:
890 ctx->no_lease = 1;
891 break;
892 case Opt_nodelete:
893 ctx->nodelete = 1;
894 break;
895 case Opt_multichannel:
896 if (result.negated) {
897 ctx->multichannel = false;
898 ctx->max_channels = 1;
899 } else {
900 ctx->multichannel = true;
901 /* if number of channels not specified, default to 2 */
902 if (ctx->max_channels < 2)
903 ctx->max_channels = 2;
904 }
905 break;
906 case Opt_uid:
907 ctx->linux_uid.val = result.uint_32;
908 ctx->uid_specified = true;
909 break;
910 case Opt_cruid:
911 ctx->cred_uid.val = result.uint_32;
912 break;
913 case Opt_backupgid:
914 ctx->backupgid.val = result.uint_32;
915 ctx->backupgid_specified = true;
916 break;
917 case Opt_gid:
918 ctx->linux_gid.val = result.uint_32;
919 ctx->gid_specified = true;
920 break;
921 case Opt_port:
922 ctx->port = result.uint_32;
923 break;
924 case Opt_file_mode:
925 ctx->file_mode = result.uint_32;
926 break;
927 case Opt_dirmode:
928 ctx->dir_mode = result.uint_32;
929 break;
930 case Opt_min_enc_offload:
931 ctx->min_offload = result.uint_32;
932 break;
933 case Opt_blocksize:
934 /*
935 * inode blocksize realistically should never need to be
936 * less than 16K or greater than 16M and default is 1MB.
937 * Note that small inode block sizes (e.g. 64K) can lead
938 * to very poor performance of common tools like cp and scp
939 */
940 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
941 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
942 cifs_errorf(fc, "%s: Invalid blocksize\n",
943 __func__);
944 goto cifs_parse_mount_err;
945 }
946 ctx->bsize = result.uint_32;
947 ctx->got_bsize = true;
948 break;
949 case Opt_rasize:
950 /*
951 * readahead size realistically should never need to be
952 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
953 * (perhaps an exception should be considered in the
954 * for the case of a large number of channels
955 * when multichannel is negotiated) since that would lead
956 * to plenty of parallel I/O in flight to the server.
957 * Note that smaller read ahead sizes would
958 * hurt performance of common tools like cp and scp
959 * which often trigger sequential i/o with read ahead
960 */
961 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
962 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
963 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
964 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
965 goto cifs_parse_mount_err;
966 }
967 ctx->rasize = result.uint_32;
968 break;
969 case Opt_rsize:
970 ctx->rsize = result.uint_32;
971 ctx->got_rsize = true;
972 break;
973 case Opt_wsize:
974 ctx->wsize = result.uint_32;
975 ctx->got_wsize = true;
976 break;
977 case Opt_acregmax:
978 ctx->acregmax = HZ * result.uint_32;
979 if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
980 cifs_errorf(fc, "acregmax too large\n");
981 goto cifs_parse_mount_err;
982 }
983 break;
984 case Opt_acdirmax:
985 ctx->acdirmax = HZ * result.uint_32;
986 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
987 cifs_errorf(fc, "acdirmax too large\n");
988 goto cifs_parse_mount_err;
989 }
990 break;
991 case Opt_actimeo:
992 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
993 cifs_errorf(fc, "timeout too large\n");
994 goto cifs_parse_mount_err;
995 }
996 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
997 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
998 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
999 break;
1000 }
1001 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1002 break;
1003 case Opt_echo_interval:
1004 ctx->echo_interval = result.uint_32;
1005 break;
1006 case Opt_snapshot:
1007 ctx->snapshot_time = result.uint_32;
1008 break;
1009 case Opt_max_credits:
1010 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1011 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1012 __func__);
1013 goto cifs_parse_mount_err;
1014 }
1015 ctx->max_credits = result.uint_32;
1016 break;
1017 case Opt_max_channels:
1018 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1019 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1020 __func__, CIFS_MAX_CHANNELS);
1021 goto cifs_parse_mount_err;
1022 }
1023 ctx->max_channels = result.uint_32;
1024 /* If more than one channel requested ... they want multichan */
1025 if (result.uint_32 > 1)
1026 ctx->multichannel = true;
1027 break;
1028 case Opt_handletimeout:
1029 ctx->handle_timeout = result.uint_32;
1030 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1031 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1032 goto cifs_parse_mount_err;
1033 }
1034 break;
1035 case Opt_source:
1036 kfree(ctx->UNC);
1037 ctx->UNC = NULL;
1038 switch (smb3_parse_devname(param->string, ctx)) {
1039 case 0:
1040 break;
1041 case -ENOMEM:
1042 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1043 goto cifs_parse_mount_err;
1044 case -EINVAL:
1045 cifs_errorf(fc, "Malformed UNC in devname\n");
1046 goto cifs_parse_mount_err;
1047 default:
1048 cifs_errorf(fc, "Unknown error parsing devname\n");
1049 goto cifs_parse_mount_err;
1050 }
1051 ctx->source = kstrdup(param->string, GFP_KERNEL);
1052 if (ctx->source == NULL) {
1053 cifs_errorf(fc, "OOM when copying UNC string\n");
1054 goto cifs_parse_mount_err;
1055 }
1056 fc->source = kstrdup(param->string, GFP_KERNEL);
1057 if (fc->source == NULL) {
1058 cifs_errorf(fc, "OOM when copying UNC string\n");
1059 goto cifs_parse_mount_err;
1060 }
1061 break;
1062 case Opt_user:
1063 kfree(ctx->username);
1064 ctx->username = NULL;
1065 if (strlen(param->string) == 0) {
1066 /* null user, ie. anonymous authentication */
1067 ctx->nullauth = 1;
1068 break;
1069 }
1070
1071 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1072 CIFS_MAX_USERNAME_LEN) {
1073 pr_warn("username too long\n");
1074 goto cifs_parse_mount_err;
1075 }
1076 ctx->username = kstrdup(param->string, GFP_KERNEL);
1077 if (ctx->username == NULL) {
1078 cifs_errorf(fc, "OOM when copying username string\n");
1079 goto cifs_parse_mount_err;
1080 }
1081 break;
1082 case Opt_pass:
1083 kfree(ctx->password);
1084 ctx->password = NULL;
1085 if (strlen(param->string) == 0)
1086 break;
1087
1088 ctx->password = kstrdup(param->string, GFP_KERNEL);
1089 if (ctx->password == NULL) {
1090 cifs_errorf(fc, "OOM when copying password string\n");
1091 goto cifs_parse_mount_err;
1092 }
1093 break;
1094 case Opt_ip:
1095 if (strlen(param->string) == 0) {
1096 ctx->got_ip = false;
1097 break;
1098 }
1099 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1100 param->string,
1101 strlen(param->string))) {
1102 pr_err("bad ip= option (%s)\n", param->string);
1103 goto cifs_parse_mount_err;
1104 }
1105 ctx->got_ip = true;
1106 break;
1107 case Opt_domain:
1108 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1109 == CIFS_MAX_DOMAINNAME_LEN) {
1110 pr_warn("domain name too long\n");
1111 goto cifs_parse_mount_err;
1112 }
1113
1114 kfree(ctx->domainname);
1115 ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1116 if (ctx->domainname == NULL) {
1117 cifs_errorf(fc, "OOM when copying domainname string\n");
1118 goto cifs_parse_mount_err;
1119 }
1120 cifs_dbg(FYI, "Domain name set\n");
1121 break;
1122 case Opt_srcaddr:
1123 if (!cifs_convert_address(
1124 (struct sockaddr *)&ctx->srcaddr,
1125 param->string, strlen(param->string))) {
1126 pr_warn("Could not parse srcaddr: %s\n",
1127 param->string);
1128 goto cifs_parse_mount_err;
1129 }
1130 break;
1131 case Opt_iocharset:
1132 if (strnlen(param->string, 1024) >= 65) {
1133 pr_warn("iocharset name too long\n");
1134 goto cifs_parse_mount_err;
1135 }
1136
1137 if (strncasecmp(param->string, "default", 7) != 0) {
1138 kfree(ctx->iocharset);
1139 ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1140 if (ctx->iocharset == NULL) {
1141 cifs_errorf(fc, "OOM when copying iocharset string\n");
1142 goto cifs_parse_mount_err;
1143 }
1144 }
1145 /* if iocharset not set then load_nls_default
1146 * is used by caller
1147 */
1148 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1149 break;
1150 case Opt_netbiosname:
1151 memset(ctx->source_rfc1001_name, 0x20,
1152 RFC1001_NAME_LEN);
1153 /*
1154 * FIXME: are there cases in which a comma can
1155 * be valid in workstation netbios name (and
1156 * need special handling)?
1157 */
1158 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1159 /* don't ucase netbiosname for user */
1160 if (param->string[i] == 0)
1161 break;
1162 ctx->source_rfc1001_name[i] = param->string[i];
1163 }
1164 /* The string has 16th byte zero still from
1165 * set at top of the function
1166 */
1167 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1168 pr_warn("netbiosname longer than 15 truncated\n");
1169 break;
1170 case Opt_servern:
1171 /* last byte, type, is 0x20 for servr type */
1172 memset(ctx->target_rfc1001_name, 0x20,
1173 RFC1001_NAME_LEN_WITH_NULL);
1174 /*
1175 * BB are there cases in which a comma can be valid in this
1176 * workstation netbios name (and need special handling)?
1177 */
1178
1179 /* user or mount helper must uppercase the netbios name */
1180 for (i = 0; i < 15; i++) {
1181 if (param->string[i] == 0)
1182 break;
1183 ctx->target_rfc1001_name[i] = param->string[i];
1184 }
1185
1186 /* The string has 16th byte zero still from set at top of function */
1187 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1188 pr_warn("server netbiosname longer than 15 truncated\n");
1189 break;
1190 case Opt_ver:
1191 /* version of mount userspace tools, not dialect */
1192 /* If interface changes in mount.cifs bump to new ver */
1193 if (strncasecmp(param->string, "1", 1) == 0) {
1194 if (strlen(param->string) > 1) {
1195 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1196 param->string);
1197 goto cifs_parse_mount_err;
1198 }
1199 /* This is the default */
1200 break;
1201 }
1202 /* For all other value, error */
1203 pr_warn("Invalid mount helper version specified\n");
1204 goto cifs_parse_mount_err;
1205 case Opt_vers:
1206 /* protocol version (dialect) */
1207 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1208 goto cifs_parse_mount_err;
1209 ctx->got_version = true;
1210 break;
1211 case Opt_sec:
1212 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1213 goto cifs_parse_mount_err;
1214 break;
1215 case Opt_cache:
1216 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1217 goto cifs_parse_mount_err;
1218 break;
1219 case Opt_witness:
1220 #ifndef CONFIG_CIFS_SWN_UPCALL
1221 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1222 goto cifs_parse_mount_err;
1223 #endif
1224 ctx->witness = true;
1225 pr_warn_once("Witness protocol support is experimental\n");
1226 break;
1227 case Opt_rootfs:
1228 #ifndef CONFIG_CIFS_ROOT
1229 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1230 goto cifs_parse_mount_err;
1231 #endif
1232 ctx->rootfs = true;
1233 break;
1234 case Opt_posixpaths:
1235 if (result.negated)
1236 ctx->posix_paths = 0;
1237 else
1238 ctx->posix_paths = 1;
1239 break;
1240 case Opt_unix:
1241 if (result.negated)
1242 ctx->linux_ext = 0;
1243 else
1244 ctx->no_linux_ext = 1;
1245 break;
1246 case Opt_nocase:
1247 ctx->nocase = 1;
1248 break;
1249 case Opt_brl:
1250 if (result.negated) {
1251 /*
1252 * turn off mandatory locking in mode
1253 * if remote locking is turned off since the
1254 * local vfs will do advisory
1255 */
1256 if (ctx->file_mode ==
1257 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1258 ctx->file_mode = S_IALLUGO;
1259 ctx->nobrl = 1;
1260 } else
1261 ctx->nobrl = 0;
1262 break;
1263 case Opt_handlecache:
1264 if (result.negated)
1265 ctx->nohandlecache = 1;
1266 else
1267 ctx->nohandlecache = 0;
1268 break;
1269 case Opt_forcemandatorylock:
1270 ctx->mand_lock = 1;
1271 break;
1272 case Opt_setuids:
1273 ctx->setuids = result.negated;
1274 break;
1275 case Opt_intr:
1276 ctx->intr = !result.negated;
1277 break;
1278 case Opt_setuidfromacl:
1279 ctx->setuidfromacl = 1;
1280 break;
1281 case Opt_strictsync:
1282 ctx->nostrictsync = result.negated;
1283 break;
1284 case Opt_serverino:
1285 ctx->server_ino = !result.negated;
1286 break;
1287 case Opt_rwpidforward:
1288 ctx->rwpidforward = 1;
1289 break;
1290 case Opt_modesid:
1291 ctx->mode_ace = 1;
1292 break;
1293 case Opt_cifsacl:
1294 ctx->cifs_acl = !result.negated;
1295 break;
1296 case Opt_acl:
1297 ctx->no_psx_acl = result.negated;
1298 break;
1299 case Opt_locallease:
1300 ctx->local_lease = 1;
1301 break;
1302 case Opt_sign:
1303 ctx->sign = true;
1304 break;
1305 case Opt_ignore_signature:
1306 ctx->sign = true;
1307 ctx->ignore_signature = true;
1308 break;
1309 case Opt_seal:
1310 /* we do not do the following in secFlags because seal
1311 * is a per tree connection (mount) not a per socket
1312 * or per-smb connection option in the protocol
1313 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1314 */
1315 ctx->seal = 1;
1316 break;
1317 case Opt_noac:
1318 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1319 break;
1320 case Opt_fsc:
1321 #ifndef CONFIG_CIFS_FSCACHE
1322 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1323 goto cifs_parse_mount_err;
1324 #endif
1325 ctx->fsc = true;
1326 break;
1327 case Opt_mfsymlinks:
1328 ctx->mfsymlinks = true;
1329 break;
1330 case Opt_multiuser:
1331 ctx->multiuser = true;
1332 break;
1333 case Opt_sloppy:
1334 ctx->sloppy = true;
1335 break;
1336 case Opt_nosharesock:
1337 ctx->nosharesock = true;
1338 break;
1339 case Opt_persistent:
1340 if (result.negated) {
1341 ctx->nopersistent = true;
1342 if (ctx->persistent) {
1343 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1344 goto cifs_parse_mount_err;
1345 }
1346 } else {
1347 ctx->persistent = true;
1348 if ((ctx->nopersistent) || (ctx->resilient)) {
1349 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1350 goto cifs_parse_mount_err;
1351 }
1352 }
1353 break;
1354 case Opt_resilient:
1355 if (result.negated) {
1356 ctx->resilient = false; /* already the default */
1357 } else {
1358 ctx->resilient = true;
1359 if (ctx->persistent) {
1360 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1361 goto cifs_parse_mount_err;
1362 }
1363 }
1364 break;
1365 case Opt_domainauto:
1366 ctx->domainauto = true;
1367 break;
1368 case Opt_rdma:
1369 ctx->rdma = true;
1370 break;
1371 }
1372 /* case Opt_ignore: - is ignored as expected ... */
1373
1374 return 0;
1375
1376 cifs_parse_mount_err:
1377 return -EINVAL;
1378 }
1379
smb3_init_fs_context(struct fs_context * fc)1380 int smb3_init_fs_context(struct fs_context *fc)
1381 {
1382 struct smb3_fs_context *ctx;
1383 char *nodename = utsname()->nodename;
1384 int i;
1385
1386 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1387 if (unlikely(!ctx))
1388 return -ENOMEM;
1389
1390 /*
1391 * does not have to be perfect mapping since field is
1392 * informational, only used for servers that do not support
1393 * port 445 and it can be overridden at mount time
1394 */
1395 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1396 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1397 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1398
1399 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1400 /*
1401 * null target name indicates to use *SMBSERVR default called name
1402 * if we end up sending RFC1001 session initialize
1403 */
1404 ctx->target_rfc1001_name[0] = 0;
1405 ctx->cred_uid = current_uid();
1406 ctx->linux_uid = current_uid();
1407 ctx->linux_gid = current_gid();
1408 /* By default 4MB read ahead size, 1MB block size */
1409 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1410 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1411
1412 /*
1413 * default to SFM style remapping of seven reserved characters
1414 * unless user overrides it or we negotiate CIFS POSIX where
1415 * it is unnecessary. Can not simultaneously use more than one mapping
1416 * since then readdir could list files that open could not open
1417 */
1418 ctx->remap = true;
1419
1420 /* default to only allowing write access to owner of the mount */
1421 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1422
1423 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1424 /* default is always to request posix paths. */
1425 ctx->posix_paths = 1;
1426 /* default to using server inode numbers where available */
1427 ctx->server_ino = 1;
1428
1429 /* default is to use strict cifs caching semantics */
1430 ctx->strict_io = true;
1431
1432 ctx->acregmax = CIFS_DEF_ACTIMEO;
1433 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1434
1435 /* Most clients set timeout to 0, allows server to use its default */
1436 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1437
1438 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1439 ctx->ops = &smb30_operations;
1440 ctx->vals = &smbdefault_values;
1441
1442 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1443
1444 /* default to no multichannel (single server connection) */
1445 ctx->multichannel = false;
1446 ctx->max_channels = 1;
1447
1448 ctx->backupuid_specified = false; /* no backup intent for a user */
1449 ctx->backupgid_specified = false; /* no backup intent for a group */
1450
1451 /*
1452 * short int override_uid = -1;
1453 * short int override_gid = -1;
1454 * char *nodename = strdup(utsname()->nodename);
1455 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1456 */
1457
1458 fc->fs_private = ctx;
1459 fc->ops = &smb3_fs_context_ops;
1460 return 0;
1461 }
1462
1463 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1464 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1465 {
1466 if (ctx == NULL)
1467 return;
1468
1469 /*
1470 * Make sure this stays in sync with smb3_fs_context_dup()
1471 */
1472 kfree(ctx->mount_options);
1473 ctx->mount_options = NULL;
1474 kfree(ctx->username);
1475 ctx->username = NULL;
1476 kfree_sensitive(ctx->password);
1477 ctx->password = NULL;
1478 kfree(ctx->UNC);
1479 ctx->UNC = NULL;
1480 kfree(ctx->source);
1481 ctx->source = NULL;
1482 kfree(ctx->domainname);
1483 ctx->domainname = NULL;
1484 kfree(ctx->nodename);
1485 ctx->nodename = NULL;
1486 kfree(ctx->iocharset);
1487 ctx->iocharset = NULL;
1488 kfree(ctx->prepath);
1489 ctx->prepath = NULL;
1490 }
1491
1492 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1493 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1494 {
1495 if (!ctx)
1496 return;
1497 smb3_cleanup_fs_context_contents(ctx);
1498 kfree(ctx);
1499 }
1500
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1501 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1502 {
1503 struct smb3_fs_context *ctx = cifs_sb->ctx;
1504
1505 if (ctx->nodfs)
1506 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1507 else
1508 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1509
1510 if (ctx->noperm)
1511 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1512 else
1513 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1514
1515 if (ctx->setuids)
1516 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1517 else
1518 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1519
1520 if (ctx->setuidfromacl)
1521 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1522 else
1523 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1524
1525 if (ctx->server_ino)
1526 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1527 else
1528 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1529
1530 if (ctx->remap)
1531 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1532 else
1533 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1534
1535 if (ctx->sfu_remap)
1536 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1537 else
1538 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1539
1540 if (ctx->no_xattr)
1541 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1542 else
1543 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1544
1545 if (ctx->sfu_emul)
1546 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1547 else
1548 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1549
1550 if (ctx->nobrl)
1551 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1552 else
1553 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1554
1555 if (ctx->nohandlecache)
1556 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1557 else
1558 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1559
1560 if (ctx->nostrictsync)
1561 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1562 else
1563 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1564
1565 if (ctx->mand_lock)
1566 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1567 else
1568 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1569
1570 if (ctx->rwpidforward)
1571 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1572 else
1573 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1574
1575 if (ctx->mode_ace)
1576 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1577 else
1578 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1579
1580 if (ctx->cifs_acl)
1581 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1582 else
1583 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1584
1585 if (ctx->backupuid_specified)
1586 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1587 else
1588 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1589
1590 if (ctx->backupgid_specified)
1591 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1592 else
1593 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1594
1595 if (ctx->override_uid)
1596 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1597 else
1598 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1599
1600 if (ctx->override_gid)
1601 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1602 else
1603 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1604
1605 if (ctx->dynperm)
1606 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1607 else
1608 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1609
1610 if (ctx->fsc)
1611 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1612 else
1613 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1614
1615 if (ctx->multiuser)
1616 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1617 CIFS_MOUNT_NO_PERM);
1618 else
1619 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1620
1621
1622 if (ctx->strict_io)
1623 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1624 else
1625 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1626
1627 if (ctx->direct_io)
1628 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1629 else
1630 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1631
1632 if (ctx->mfsymlinks)
1633 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1634 else
1635 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1636 if (ctx->mfsymlinks) {
1637 if (ctx->sfu_emul) {
1638 /*
1639 * Our SFU ("Services for Unix" emulation does not allow
1640 * creating symlinks but does allow reading existing SFU
1641 * symlinks (it does allow both creating and reading SFU
1642 * style mknod and FIFOs though). When "mfsymlinks" and
1643 * "sfu" are both enabled at the same time, it allows
1644 * reading both types of symlinks, but will only create
1645 * them with mfsymlinks format. This allows better
1646 * Apple compatibility (probably better for Samba too)
1647 * while still recognizing old Windows style symlinks.
1648 */
1649 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1650 }
1651 }
1652 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1653
1654 return;
1655 }
1656