1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 static const match_table_t cifs_smb_version_tokens = {
41 { Smb_1, SMB1_VERSION_STRING },
42 { Smb_20, SMB20_VERSION_STRING},
43 { Smb_21, SMB21_VERSION_STRING },
44 { Smb_30, SMB30_VERSION_STRING },
45 { Smb_302, SMB302_VERSION_STRING },
46 { Smb_302, ALT_SMB302_VERSION_STRING },
47 { Smb_311, SMB311_VERSION_STRING },
48 { Smb_311, ALT_SMB311_VERSION_STRING },
49 { Smb_3any, SMB3ANY_VERSION_STRING },
50 { Smb_default, SMBDEFAULT_VERSION_STRING },
51 { Smb_version_err, NULL }
52 };
53
54 static const match_table_t cifs_secflavor_tokens = {
55 { Opt_sec_krb5, "krb5" },
56 { Opt_sec_krb5i, "krb5i" },
57 { Opt_sec_krb5p, "krb5p" },
58 { Opt_sec_ntlmsspi, "ntlmsspi" },
59 { Opt_sec_ntlmssp, "ntlmssp" },
60 { Opt_sec_ntlmv2, "nontlm" },
61 { Opt_sec_ntlmv2, "ntlmv2" },
62 { Opt_sec_ntlmv2i, "ntlmv2i" },
63 { Opt_sec_none, "none" },
64
65 { Opt_sec_err, NULL }
66 };
67
68 const struct fs_parameter_spec smb3_fs_parameters[] = {
69 /* Mount options that take no arguments */
70 fsparam_flag_no("user_xattr", Opt_user_xattr),
71 fsparam_flag_no("forceuid", Opt_forceuid),
72 fsparam_flag_no("multichannel", Opt_multichannel),
73 fsparam_flag_no("forcegid", Opt_forcegid),
74 fsparam_flag("noblocksend", Opt_noblocksend),
75 fsparam_flag("noautotune", Opt_noautotune),
76 fsparam_flag("nolease", Opt_nolease),
77 fsparam_flag_no("hard", Opt_hard),
78 fsparam_flag_no("soft", Opt_soft),
79 fsparam_flag_no("perm", Opt_perm),
80 fsparam_flag("nodelete", Opt_nodelete),
81 fsparam_flag_no("mapposix", Opt_mapposix),
82 fsparam_flag("mapchars", Opt_mapchars),
83 fsparam_flag("nomapchars", Opt_nomapchars),
84 fsparam_flag_no("sfu", Opt_sfu),
85 fsparam_flag("nodfs", Opt_nodfs),
86 fsparam_flag_no("posixpaths", Opt_posixpaths),
87 fsparam_flag_no("unix", Opt_unix),
88 fsparam_flag_no("linux", Opt_unix),
89 fsparam_flag_no("posix", Opt_unix),
90 fsparam_flag("nocase", Opt_nocase),
91 fsparam_flag("ignorecase", Opt_nocase),
92 fsparam_flag_no("brl", Opt_brl),
93 fsparam_flag_no("handlecache", Opt_handlecache),
94 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
95 fsparam_flag("forcemand", Opt_forcemandatorylock),
96 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
97 fsparam_flag("idsfromsid", Opt_setuidfromacl),
98 fsparam_flag_no("setuids", Opt_setuids),
99 fsparam_flag_no("dynperm", Opt_dynperm),
100 fsparam_flag_no("intr", Opt_intr),
101 fsparam_flag_no("strictsync", Opt_strictsync),
102 fsparam_flag_no("serverino", Opt_serverino),
103 fsparam_flag("rwpidforward", Opt_rwpidforward),
104 fsparam_flag("cifsacl", Opt_cifsacl),
105 fsparam_flag_no("acl", Opt_acl),
106 fsparam_flag("locallease", Opt_locallease),
107 fsparam_flag("sign", Opt_sign),
108 fsparam_flag("ignore_signature", Opt_ignore_signature),
109 fsparam_flag("signloosely", Opt_ignore_signature),
110 fsparam_flag("seal", Opt_seal),
111 fsparam_flag("noac", Opt_noac),
112 fsparam_flag("fsc", Opt_fsc),
113 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
114 fsparam_flag("multiuser", Opt_multiuser),
115 fsparam_flag("sloppy", Opt_sloppy),
116 fsparam_flag("nosharesock", Opt_nosharesock),
117 fsparam_flag_no("persistenthandles", Opt_persistent),
118 fsparam_flag_no("resilienthandles", Opt_resilient),
119 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
120 fsparam_flag("domainauto", Opt_domainauto),
121 fsparam_flag("rdma", Opt_rdma),
122 fsparam_flag("modesid", Opt_modesid),
123 fsparam_flag("modefromsid", Opt_modesid),
124 fsparam_flag("rootfs", Opt_rootfs),
125 fsparam_flag("compress", Opt_compress),
126 fsparam_flag("witness", Opt_witness),
127
128 /* Mount options which take numeric value */
129 fsparam_u32("backupuid", Opt_backupuid),
130 fsparam_u32("backupgid", Opt_backupgid),
131 fsparam_u32("uid", Opt_uid),
132 fsparam_u32("cruid", Opt_cruid),
133 fsparam_u32("gid", Opt_gid),
134 fsparam_u32("file_mode", Opt_file_mode),
135 fsparam_u32("dirmode", Opt_dirmode),
136 fsparam_u32("dir_mode", Opt_dirmode),
137 fsparam_u32("port", Opt_port),
138 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
139 fsparam_u32("esize", Opt_min_enc_offload),
140 fsparam_u32("bsize", Opt_blocksize),
141 fsparam_u32("rasize", Opt_rasize),
142 fsparam_u32("rsize", Opt_rsize),
143 fsparam_u32("wsize", Opt_wsize),
144 fsparam_u32("actimeo", Opt_actimeo),
145 fsparam_u32("acdirmax", Opt_acdirmax),
146 fsparam_u32("acregmax", Opt_acregmax),
147 fsparam_u32("echo_interval", Opt_echo_interval),
148 fsparam_u32("max_credits", Opt_max_credits),
149 fsparam_u32("handletimeout", Opt_handletimeout),
150 fsparam_u32("snapshot", Opt_snapshot),
151 fsparam_u32("max_channels", Opt_max_channels),
152
153 /* Mount options which take string value */
154 fsparam_string("source", Opt_source),
155 fsparam_string("user", Opt_user),
156 fsparam_string("username", Opt_user),
157 fsparam_string("pass", Opt_pass),
158 fsparam_string("password", Opt_pass),
159 fsparam_string("ip", Opt_ip),
160 fsparam_string("addr", Opt_ip),
161 fsparam_string("domain", Opt_domain),
162 fsparam_string("dom", Opt_domain),
163 fsparam_string("srcaddr", Opt_srcaddr),
164 fsparam_string("iocharset", Opt_iocharset),
165 fsparam_string("netbiosname", Opt_netbiosname),
166 fsparam_string("servern", Opt_servern),
167 fsparam_string("ver", Opt_ver),
168 fsparam_string("vers", Opt_vers),
169 fsparam_string("sec", Opt_sec),
170 fsparam_string("cache", Opt_cache),
171
172 /* Arguments that should be ignored */
173 fsparam_flag("guest", Opt_ignore),
174 fsparam_flag("noatime", Opt_ignore),
175 fsparam_flag("relatime", Opt_ignore),
176 fsparam_flag("_netdev", Opt_ignore),
177 fsparam_flag_no("suid", Opt_ignore),
178 fsparam_flag_no("exec", Opt_ignore),
179 fsparam_flag_no("dev", Opt_ignore),
180 fsparam_flag_no("mand", Opt_ignore),
181 fsparam_flag_no("auto", Opt_ignore),
182 fsparam_string("cred", Opt_ignore),
183 fsparam_string("credentials", Opt_ignore),
184 /*
185 * UNC and prefixpath is now extracted from Opt_source
186 * in the new mount API so we can just ignore them going forward.
187 */
188 fsparam_string("unc", Opt_ignore),
189 fsparam_string("prefixpath", Opt_ignore),
190 {}
191 };
192
193 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)194 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
195 {
196
197 substring_t args[MAX_OPT_ARGS];
198
199 /*
200 * With mount options, the last one should win. Reset any existing
201 * settings back to default.
202 */
203 ctx->sectype = Unspecified;
204 ctx->sign = false;
205
206 switch (match_token(value, cifs_secflavor_tokens, args)) {
207 case Opt_sec_krb5p:
208 cifs_errorf(fc, "sec=krb5p is not supported!\n");
209 return 1;
210 case Opt_sec_krb5i:
211 ctx->sign = true;
212 fallthrough;
213 case Opt_sec_krb5:
214 ctx->sectype = Kerberos;
215 break;
216 case Opt_sec_ntlmsspi:
217 ctx->sign = true;
218 fallthrough;
219 case Opt_sec_ntlmssp:
220 ctx->sectype = RawNTLMSSP;
221 break;
222 case Opt_sec_ntlmv2i:
223 ctx->sign = true;
224 fallthrough;
225 case Opt_sec_ntlmv2:
226 ctx->sectype = NTLMv2;
227 break;
228 case Opt_sec_none:
229 ctx->nullauth = 1;
230 break;
231 default:
232 cifs_errorf(fc, "bad security option: %s\n", value);
233 return 1;
234 }
235
236 return 0;
237 }
238
239 static const match_table_t cifs_cacheflavor_tokens = {
240 { Opt_cache_loose, "loose" },
241 { Opt_cache_strict, "strict" },
242 { Opt_cache_none, "none" },
243 { Opt_cache_ro, "ro" },
244 { Opt_cache_rw, "singleclient" },
245 { Opt_cache_err, NULL }
246 };
247
248 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)249 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
250 {
251 substring_t args[MAX_OPT_ARGS];
252
253 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
254 case Opt_cache_loose:
255 ctx->direct_io = false;
256 ctx->strict_io = false;
257 ctx->cache_ro = false;
258 ctx->cache_rw = false;
259 break;
260 case Opt_cache_strict:
261 ctx->direct_io = false;
262 ctx->strict_io = true;
263 ctx->cache_ro = false;
264 ctx->cache_rw = false;
265 break;
266 case Opt_cache_none:
267 ctx->direct_io = true;
268 ctx->strict_io = false;
269 ctx->cache_ro = false;
270 ctx->cache_rw = false;
271 break;
272 case Opt_cache_ro:
273 ctx->direct_io = false;
274 ctx->strict_io = false;
275 ctx->cache_ro = true;
276 ctx->cache_rw = false;
277 break;
278 case Opt_cache_rw:
279 ctx->direct_io = false;
280 ctx->strict_io = false;
281 ctx->cache_ro = false;
282 ctx->cache_rw = true;
283 break;
284 default:
285 cifs_errorf(fc, "bad cache= option: %s\n", value);
286 return 1;
287 }
288 return 0;
289 }
290
291 #define DUP_CTX_STR(field) \
292 do { \
293 if (ctx->field) { \
294 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
295 if (new_ctx->field == NULL) { \
296 smb3_cleanup_fs_context_contents(new_ctx); \
297 return -ENOMEM; \
298 } \
299 } \
300 } while (0)
301
302 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)303 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
304 {
305 memcpy(new_ctx, ctx, sizeof(*ctx));
306 new_ctx->prepath = NULL;
307 new_ctx->mount_options = NULL;
308 new_ctx->nodename = NULL;
309 new_ctx->username = NULL;
310 new_ctx->password = NULL;
311 new_ctx->server_hostname = NULL;
312 new_ctx->domainname = NULL;
313 new_ctx->workstation_name = NULL;
314 new_ctx->UNC = NULL;
315 new_ctx->source = NULL;
316 new_ctx->iocharset = NULL;
317 /*
318 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
319 */
320 DUP_CTX_STR(prepath);
321 DUP_CTX_STR(mount_options);
322 DUP_CTX_STR(username);
323 DUP_CTX_STR(password);
324 DUP_CTX_STR(server_hostname);
325 DUP_CTX_STR(UNC);
326 DUP_CTX_STR(source);
327 DUP_CTX_STR(domainname);
328 DUP_CTX_STR(workstation_name);
329 DUP_CTX_STR(nodename);
330 DUP_CTX_STR(iocharset);
331
332 return 0;
333 }
334
335 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)336 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
337 {
338 substring_t args[MAX_OPT_ARGS];
339
340 switch (match_token(value, cifs_smb_version_tokens, args)) {
341 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
342 case Smb_1:
343 if (disable_legacy_dialects) {
344 cifs_errorf(fc, "mount with legacy dialect disabled\n");
345 return 1;
346 }
347 if (is_smb3) {
348 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
349 return 1;
350 }
351 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
352 ctx->ops = &smb1_operations;
353 ctx->vals = &smb1_values;
354 break;
355 case Smb_20:
356 if (disable_legacy_dialects) {
357 cifs_errorf(fc, "mount with legacy dialect disabled\n");
358 return 1;
359 }
360 if (is_smb3) {
361 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
362 return 1;
363 }
364 ctx->ops = &smb20_operations;
365 ctx->vals = &smb20_values;
366 break;
367 #else
368 case Smb_1:
369 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
370 return 1;
371 case Smb_20:
372 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
373 return 1;
374 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
375 case Smb_21:
376 ctx->ops = &smb21_operations;
377 ctx->vals = &smb21_values;
378 break;
379 case Smb_30:
380 ctx->ops = &smb30_operations;
381 ctx->vals = &smb30_values;
382 break;
383 case Smb_302:
384 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
385 ctx->vals = &smb302_values;
386 break;
387 case Smb_311:
388 ctx->ops = &smb311_operations;
389 ctx->vals = &smb311_values;
390 break;
391 case Smb_3any:
392 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
393 ctx->vals = &smb3any_values;
394 break;
395 case Smb_default:
396 ctx->ops = &smb30_operations;
397 ctx->vals = &smbdefault_values;
398 break;
399 default:
400 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
401 return 1;
402 }
403 return 0;
404 }
405
smb3_parse_opt(const char * options,const char * key,char ** val)406 int smb3_parse_opt(const char *options, const char *key, char **val)
407 {
408 int rc = -ENOENT;
409 char *opts, *orig, *p;
410
411 orig = opts = kstrdup(options, GFP_KERNEL);
412 if (!opts)
413 return -ENOMEM;
414
415 while ((p = strsep(&opts, ","))) {
416 char *nval;
417
418 if (!*p)
419 continue;
420 if (strncasecmp(p, key, strlen(key)))
421 continue;
422 nval = strchr(p, '=');
423 if (nval) {
424 if (nval == p)
425 continue;
426 *nval++ = 0;
427 *val = kstrdup(nval, GFP_KERNEL);
428 rc = !*val ? -ENOMEM : 0;
429 goto out;
430 }
431 }
432 out:
433 kfree(orig);
434 return rc;
435 }
436
437 /*
438 * Remove duplicate path delimiters. Windows is supposed to do that
439 * but there are some bugs that prevent rename from working if there are
440 * multiple delimiters.
441 *
442 * Returns a sanitized duplicate of @path. The caller is responsible for
443 * cleaning up the original.
444 */
445 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
sanitize_path(char * path)446 static char *sanitize_path(char *path)
447 {
448 char *cursor1 = path, *cursor2 = path;
449
450 /* skip all prepended delimiters */
451 while (IS_DELIM(*cursor1))
452 cursor1++;
453
454 /* copy the first letter */
455 *cursor2 = *cursor1;
456
457 /* copy the remainder... */
458 while (*(cursor1++)) {
459 /* ... skipping all duplicated delimiters */
460 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
461 continue;
462 *(++cursor2) = *cursor1;
463 }
464
465 /* if the last character is a delimiter, skip it */
466 if (IS_DELIM(*(cursor2 - 1)))
467 cursor2--;
468
469 *(cursor2) = '\0';
470 return kstrdup(path, GFP_KERNEL);
471 }
472
473 /*
474 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
475 * fields with the result. Returns 0 on success and an error otherwise
476 * (e.g. ENOMEM or EINVAL)
477 */
478 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)479 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
480 {
481 char *pos;
482 const char *delims = "/\\";
483 size_t len;
484
485 if (unlikely(!devname || !*devname)) {
486 cifs_dbg(VFS, "Device name not specified\n");
487 return -EINVAL;
488 }
489
490 /* make sure we have a valid UNC double delimiter prefix */
491 len = strspn(devname, delims);
492 if (len != 2)
493 return -EINVAL;
494
495 /* find delimiter between host and sharename */
496 pos = strpbrk(devname + 2, delims);
497 if (!pos)
498 return -EINVAL;
499
500 /* record the server hostname */
501 kfree(ctx->server_hostname);
502 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
503 if (!ctx->server_hostname)
504 return -ENOMEM;
505
506 /* skip past delimiter */
507 ++pos;
508
509 /* now go until next delimiter or end of string */
510 len = strcspn(pos, delims);
511
512 /* move "pos" up to delimiter or NULL */
513 pos += len;
514 kfree(ctx->UNC);
515 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
516 if (!ctx->UNC)
517 return -ENOMEM;
518
519 convert_delimiter(ctx->UNC, '\\');
520
521 /* skip any delimiter */
522 if (*pos == '/' || *pos == '\\')
523 pos++;
524
525 kfree(ctx->prepath);
526 ctx->prepath = NULL;
527
528 /* If pos is NULL then no prepath */
529 if (!*pos)
530 return 0;
531
532 ctx->prepath = sanitize_path(pos);
533 if (!ctx->prepath)
534 return -ENOMEM;
535
536 return 0;
537 }
538
539 static void smb3_fs_context_free(struct fs_context *fc);
540 static int smb3_fs_context_parse_param(struct fs_context *fc,
541 struct fs_parameter *param);
542 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
543 void *data);
544 static int smb3_get_tree(struct fs_context *fc);
545 static int smb3_reconfigure(struct fs_context *fc);
546
547 static const struct fs_context_operations smb3_fs_context_ops = {
548 .free = smb3_fs_context_free,
549 .parse_param = smb3_fs_context_parse_param,
550 .parse_monolithic = smb3_fs_context_parse_monolithic,
551 .get_tree = smb3_get_tree,
552 .reconfigure = smb3_reconfigure,
553 };
554
555 /*
556 * Parse a monolithic block of data from sys_mount().
557 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
558 * @ctx: The superblock configuration to fill in.
559 * @data: The data to parse
560 *
561 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
562 * called from the ->monolithic_mount_data() fs_context operation.
563 *
564 * Returns 0 on success or the error returned by the ->parse_option() fs_context
565 * operation on failure.
566 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)567 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
568 void *data)
569 {
570 struct smb3_fs_context *ctx = smb3_fc2context(fc);
571 char *options = data, *key;
572 int ret = 0;
573
574 if (!options)
575 return 0;
576
577 ctx->mount_options = kstrdup(data, GFP_KERNEL);
578 if (ctx->mount_options == NULL)
579 return -ENOMEM;
580
581 ret = security_sb_eat_lsm_opts(options, &fc->security);
582 if (ret)
583 return ret;
584
585 /* BB Need to add support for sep= here TBD */
586 while ((key = strsep(&options, ",")) != NULL) {
587 size_t len;
588 char *value;
589
590 if (*key == 0)
591 break;
592
593 /* Check if following character is the deliminator If yes,
594 * we have encountered a double deliminator reset the NULL
595 * character to the deliminator
596 */
597 while (options && options[0] == ',') {
598 len = strlen(key);
599 strcpy(key + len, options);
600 options = strchr(options, ',');
601 if (options)
602 *options++ = 0;
603 }
604
605
606 len = 0;
607 value = strchr(key, '=');
608 if (value) {
609 if (value == key)
610 continue;
611 *value++ = 0;
612 len = strlen(value);
613 }
614
615 ret = vfs_parse_fs_string(fc, key, value, len);
616 if (ret < 0)
617 break;
618 }
619
620 return ret;
621 }
622
623 /*
624 * Validate the preparsed information in the config.
625 */
smb3_fs_context_validate(struct fs_context * fc)626 static int smb3_fs_context_validate(struct fs_context *fc)
627 {
628 struct smb3_fs_context *ctx = smb3_fc2context(fc);
629
630 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
631 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
632 return -EOPNOTSUPP;
633 }
634
635 #ifndef CONFIG_KEYS
636 /* Muliuser mounts require CONFIG_KEYS support */
637 if (ctx->multiuser) {
638 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
639 return -1;
640 }
641 #endif
642
643 if (ctx->got_version == false)
644 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
645
646
647 if (!ctx->UNC) {
648 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
649 return -1;
650 }
651
652 /* make sure UNC has a share name */
653 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
654 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
655 return -ENOENT;
656 }
657
658 if (!ctx->got_ip) {
659 int len;
660 const char *slash;
661
662 /* No ip= option specified? Try to get it from UNC */
663 /* Use the address part of the UNC. */
664 slash = strchr(&ctx->UNC[2], '\\');
665 len = slash - &ctx->UNC[2];
666 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
667 &ctx->UNC[2], len)) {
668 pr_err("Unable to determine destination address\n");
669 return -EHOSTUNREACH;
670 }
671 }
672
673 /* set the port that we got earlier */
674 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
675
676 if (ctx->override_uid && !ctx->uid_specified) {
677 ctx->override_uid = 0;
678 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
679 }
680
681 if (ctx->override_gid && !ctx->gid_specified) {
682 ctx->override_gid = 0;
683 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
684 }
685
686 return 0;
687 }
688
smb3_get_tree_common(struct fs_context * fc)689 static int smb3_get_tree_common(struct fs_context *fc)
690 {
691 struct smb3_fs_context *ctx = smb3_fc2context(fc);
692 struct dentry *root;
693 int rc = 0;
694
695 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
696 if (IS_ERR(root))
697 return PTR_ERR(root);
698
699 fc->root = root;
700
701 return rc;
702 }
703
704 /*
705 * Create an SMB3 superblock from the parameters passed.
706 */
smb3_get_tree(struct fs_context * fc)707 static int smb3_get_tree(struct fs_context *fc)
708 {
709 int err = smb3_fs_context_validate(fc);
710
711 if (err)
712 return err;
713 return smb3_get_tree_common(fc);
714 }
715
smb3_fs_context_free(struct fs_context * fc)716 static void smb3_fs_context_free(struct fs_context *fc)
717 {
718 struct smb3_fs_context *ctx = smb3_fc2context(fc);
719
720 smb3_cleanup_fs_context(ctx);
721 }
722
723 /*
724 * Compare the old and new proposed context during reconfigure
725 * and check if the changes are compatible.
726 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx)727 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
728 struct smb3_fs_context *new_ctx,
729 struct smb3_fs_context *old_ctx)
730 {
731 if (new_ctx->posix_paths != old_ctx->posix_paths) {
732 cifs_errorf(fc, "can not change posixpaths during remount\n");
733 return -EINVAL;
734 }
735 if (new_ctx->sectype != old_ctx->sectype) {
736 cifs_errorf(fc, "can not change sec during remount\n");
737 return -EINVAL;
738 }
739 if (new_ctx->multiuser != old_ctx->multiuser) {
740 cifs_errorf(fc, "can not change multiuser during remount\n");
741 return -EINVAL;
742 }
743 if (new_ctx->UNC &&
744 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
745 cifs_errorf(fc, "can not change UNC during remount\n");
746 return -EINVAL;
747 }
748 if (new_ctx->username &&
749 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
750 cifs_errorf(fc, "can not change username during remount\n");
751 return -EINVAL;
752 }
753 if (new_ctx->password &&
754 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
755 cifs_errorf(fc, "can not change password during remount\n");
756 return -EINVAL;
757 }
758 if (new_ctx->domainname &&
759 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
760 cifs_errorf(fc, "can not change domainname during remount\n");
761 return -EINVAL;
762 }
763 if (new_ctx->workstation_name &&
764 (!old_ctx->workstation_name || strcmp(new_ctx->workstation_name, old_ctx->workstation_name))) {
765 cifs_errorf(fc, "can not change workstation_name during remount\n");
766 return -EINVAL;
767 }
768 if (new_ctx->nodename &&
769 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
770 cifs_errorf(fc, "can not change nodename during remount\n");
771 return -EINVAL;
772 }
773 if (new_ctx->iocharset &&
774 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
775 cifs_errorf(fc, "can not change iocharset during remount\n");
776 return -EINVAL;
777 }
778
779 return 0;
780 }
781
782 #define STEAL_STRING(cifs_sb, ctx, field) \
783 do { \
784 kfree(ctx->field); \
785 ctx->field = cifs_sb->ctx->field; \
786 cifs_sb->ctx->field = NULL; \
787 } while (0)
788
smb3_reconfigure(struct fs_context * fc)789 static int smb3_reconfigure(struct fs_context *fc)
790 {
791 struct smb3_fs_context *ctx = smb3_fc2context(fc);
792 struct dentry *root = fc->root;
793 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
794 int rc;
795
796 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
797 if (rc)
798 return rc;
799
800 /*
801 * We can not change UNC/username/password/domainname/
802 * workstation_name/nodename/iocharset
803 * during reconnect so ignore what we have in the new context and
804 * just use what we already have in cifs_sb->ctx.
805 */
806 STEAL_STRING(cifs_sb, ctx, UNC);
807 STEAL_STRING(cifs_sb, ctx, source);
808 STEAL_STRING(cifs_sb, ctx, username);
809 STEAL_STRING(cifs_sb, ctx, password);
810 STEAL_STRING(cifs_sb, ctx, domainname);
811 STEAL_STRING(cifs_sb, ctx, workstation_name);
812 STEAL_STRING(cifs_sb, ctx, nodename);
813 STEAL_STRING(cifs_sb, ctx, iocharset);
814
815 /* if rsize or wsize not passed in on remount, use previous values */
816 if (ctx->rsize == 0)
817 ctx->rsize = cifs_sb->ctx->rsize;
818 if (ctx->wsize == 0)
819 ctx->wsize = cifs_sb->ctx->wsize;
820
821
822 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
823 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
824 smb3_update_mnt_flags(cifs_sb);
825 #ifdef CONFIG_CIFS_DFS_UPCALL
826 if (!rc)
827 rc = dfs_cache_remount_fs(cifs_sb);
828 #endif
829
830 return rc;
831 }
832
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)833 static int smb3_fs_context_parse_param(struct fs_context *fc,
834 struct fs_parameter *param)
835 {
836 struct fs_parse_result result;
837 struct smb3_fs_context *ctx = smb3_fc2context(fc);
838 int i, opt;
839 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
840 bool skip_parsing = false;
841 kuid_t uid;
842 kgid_t gid;
843
844 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
845
846 /*
847 * fs_parse can not handle string options with an empty value so
848 * we will need special handling of them.
849 */
850 if (param->type == fs_value_is_string && param->string[0] == 0) {
851 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
852 skip_parsing = true;
853 opt = Opt_pass;
854 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
855 skip_parsing = true;
856 opt = Opt_user;
857 }
858 }
859
860 if (!skip_parsing) {
861 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
862 if (opt < 0)
863 return ctx->sloppy ? 1 : opt;
864 }
865
866 switch (opt) {
867 case Opt_compress:
868 ctx->compression = UNKNOWN_TYPE;
869 cifs_dbg(VFS,
870 "SMB3 compression support is experimental\n");
871 break;
872 case Opt_nodfs:
873 ctx->nodfs = 1;
874 break;
875 case Opt_hard:
876 if (result.negated)
877 ctx->retry = 0;
878 else
879 ctx->retry = 1;
880 break;
881 case Opt_soft:
882 if (result.negated)
883 ctx->retry = 1;
884 else
885 ctx->retry = 0;
886 break;
887 case Opt_mapposix:
888 if (result.negated)
889 ctx->remap = false;
890 else {
891 ctx->remap = true;
892 ctx->sfu_remap = false; /* disable SFU mapping */
893 }
894 break;
895 case Opt_user_xattr:
896 if (result.negated)
897 ctx->no_xattr = 1;
898 else
899 ctx->no_xattr = 0;
900 break;
901 case Opt_forceuid:
902 if (result.negated)
903 ctx->override_uid = 0;
904 else
905 ctx->override_uid = 1;
906 break;
907 case Opt_forcegid:
908 if (result.negated)
909 ctx->override_gid = 0;
910 else
911 ctx->override_gid = 1;
912 break;
913 case Opt_perm:
914 if (result.negated)
915 ctx->noperm = 1;
916 else
917 ctx->noperm = 0;
918 break;
919 case Opt_dynperm:
920 if (result.negated)
921 ctx->dynperm = 0;
922 else
923 ctx->dynperm = 1;
924 break;
925 case Opt_sfu:
926 if (result.negated)
927 ctx->sfu_emul = 0;
928 else
929 ctx->sfu_emul = 1;
930 break;
931 case Opt_noblocksend:
932 ctx->noblocksnd = 1;
933 break;
934 case Opt_noautotune:
935 ctx->noautotune = 1;
936 break;
937 case Opt_nolease:
938 ctx->no_lease = 1;
939 break;
940 case Opt_nodelete:
941 ctx->nodelete = 1;
942 break;
943 case Opt_multichannel:
944 if (result.negated) {
945 ctx->multichannel = false;
946 ctx->max_channels = 1;
947 } else {
948 ctx->multichannel = true;
949 /* if number of channels not specified, default to 2 */
950 if (ctx->max_channels < 2)
951 ctx->max_channels = 2;
952 }
953 break;
954 case Opt_uid:
955 uid = make_kuid(current_user_ns(), result.uint_32);
956 if (!uid_valid(uid))
957 goto cifs_parse_mount_err;
958 ctx->linux_uid = uid;
959 ctx->uid_specified = true;
960 break;
961 case Opt_cruid:
962 uid = make_kuid(current_user_ns(), result.uint_32);
963 if (!uid_valid(uid))
964 goto cifs_parse_mount_err;
965 ctx->cred_uid = uid;
966 ctx->cruid_specified = true;
967 break;
968 case Opt_backupuid:
969 uid = make_kuid(current_user_ns(), result.uint_32);
970 if (!uid_valid(uid))
971 goto cifs_parse_mount_err;
972 ctx->backupuid = uid;
973 ctx->backupuid_specified = true;
974 break;
975 case Opt_backupgid:
976 gid = make_kgid(current_user_ns(), result.uint_32);
977 if (!gid_valid(gid))
978 goto cifs_parse_mount_err;
979 ctx->backupgid = gid;
980 ctx->backupgid_specified = true;
981 break;
982 case Opt_gid:
983 gid = make_kgid(current_user_ns(), result.uint_32);
984 if (!gid_valid(gid))
985 goto cifs_parse_mount_err;
986 ctx->linux_gid = gid;
987 ctx->gid_specified = true;
988 break;
989 case Opt_port:
990 ctx->port = result.uint_32;
991 break;
992 case Opt_file_mode:
993 ctx->file_mode = result.uint_32;
994 break;
995 case Opt_dirmode:
996 ctx->dir_mode = result.uint_32;
997 break;
998 case Opt_min_enc_offload:
999 ctx->min_offload = result.uint_32;
1000 break;
1001 case Opt_blocksize:
1002 /*
1003 * inode blocksize realistically should never need to be
1004 * less than 16K or greater than 16M and default is 1MB.
1005 * Note that small inode block sizes (e.g. 64K) can lead
1006 * to very poor performance of common tools like cp and scp
1007 */
1008 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1009 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1010 cifs_errorf(fc, "%s: Invalid blocksize\n",
1011 __func__);
1012 goto cifs_parse_mount_err;
1013 }
1014 ctx->bsize = result.uint_32;
1015 ctx->got_bsize = true;
1016 break;
1017 case Opt_rasize:
1018 /*
1019 * readahead size realistically should never need to be
1020 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1021 * (perhaps an exception should be considered in the
1022 * for the case of a large number of channels
1023 * when multichannel is negotiated) since that would lead
1024 * to plenty of parallel I/O in flight to the server.
1025 * Note that smaller read ahead sizes would
1026 * hurt performance of common tools like cp and scp
1027 * which often trigger sequential i/o with read ahead
1028 */
1029 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1030 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1031 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1032 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1033 goto cifs_parse_mount_err;
1034 }
1035 ctx->rasize = result.uint_32;
1036 break;
1037 case Opt_rsize:
1038 ctx->rsize = result.uint_32;
1039 ctx->got_rsize = true;
1040 break;
1041 case Opt_wsize:
1042 ctx->wsize = result.uint_32;
1043 ctx->got_wsize = true;
1044 break;
1045 case Opt_acregmax:
1046 ctx->acregmax = HZ * result.uint_32;
1047 if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
1048 cifs_errorf(fc, "acregmax too large\n");
1049 goto cifs_parse_mount_err;
1050 }
1051 break;
1052 case Opt_acdirmax:
1053 ctx->acdirmax = HZ * result.uint_32;
1054 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
1055 cifs_errorf(fc, "acdirmax too large\n");
1056 goto cifs_parse_mount_err;
1057 }
1058 break;
1059 case Opt_actimeo:
1060 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
1061 cifs_errorf(fc, "timeout too large\n");
1062 goto cifs_parse_mount_err;
1063 }
1064 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1065 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1066 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1067 break;
1068 }
1069 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1070 break;
1071 case Opt_echo_interval:
1072 ctx->echo_interval = result.uint_32;
1073 break;
1074 case Opt_snapshot:
1075 ctx->snapshot_time = result.uint_32;
1076 break;
1077 case Opt_max_credits:
1078 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1079 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1080 __func__);
1081 goto cifs_parse_mount_err;
1082 }
1083 ctx->max_credits = result.uint_32;
1084 break;
1085 case Opt_max_channels:
1086 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1087 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1088 __func__, CIFS_MAX_CHANNELS);
1089 goto cifs_parse_mount_err;
1090 }
1091 ctx->max_channels = result.uint_32;
1092 /* If more than one channel requested ... they want multichan */
1093 if (result.uint_32 > 1)
1094 ctx->multichannel = true;
1095 break;
1096 case Opt_handletimeout:
1097 ctx->handle_timeout = result.uint_32;
1098 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1099 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1100 goto cifs_parse_mount_err;
1101 }
1102 break;
1103 case Opt_source:
1104 kfree(ctx->UNC);
1105 ctx->UNC = NULL;
1106 switch (smb3_parse_devname(param->string, ctx)) {
1107 case 0:
1108 break;
1109 case -ENOMEM:
1110 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1111 goto cifs_parse_mount_err;
1112 case -EINVAL:
1113 cifs_errorf(fc, "Malformed UNC in devname\n");
1114 goto cifs_parse_mount_err;
1115 default:
1116 cifs_errorf(fc, "Unknown error parsing devname\n");
1117 goto cifs_parse_mount_err;
1118 }
1119 ctx->source = kstrdup(param->string, GFP_KERNEL);
1120 if (ctx->source == NULL) {
1121 cifs_errorf(fc, "OOM when copying UNC string\n");
1122 goto cifs_parse_mount_err;
1123 }
1124 fc->source = kstrdup(param->string, GFP_KERNEL);
1125 if (fc->source == NULL) {
1126 cifs_errorf(fc, "OOM when copying UNC string\n");
1127 goto cifs_parse_mount_err;
1128 }
1129 break;
1130 case Opt_user:
1131 kfree(ctx->username);
1132 ctx->username = NULL;
1133 if (strlen(param->string) == 0) {
1134 /* null user, ie. anonymous authentication */
1135 ctx->nullauth = 1;
1136 break;
1137 }
1138
1139 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1140 CIFS_MAX_USERNAME_LEN) {
1141 pr_warn("username too long\n");
1142 goto cifs_parse_mount_err;
1143 }
1144 ctx->username = kstrdup(param->string, GFP_KERNEL);
1145 if (ctx->username == NULL) {
1146 cifs_errorf(fc, "OOM when copying username string\n");
1147 goto cifs_parse_mount_err;
1148 }
1149 break;
1150 case Opt_pass:
1151 kfree(ctx->password);
1152 ctx->password = NULL;
1153 if (strlen(param->string) == 0)
1154 break;
1155
1156 ctx->password = kstrdup(param->string, GFP_KERNEL);
1157 if (ctx->password == NULL) {
1158 cifs_errorf(fc, "OOM when copying password string\n");
1159 goto cifs_parse_mount_err;
1160 }
1161 break;
1162 case Opt_ip:
1163 if (strlen(param->string) == 0) {
1164 ctx->got_ip = false;
1165 break;
1166 }
1167 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1168 param->string,
1169 strlen(param->string))) {
1170 pr_err("bad ip= option (%s)\n", param->string);
1171 goto cifs_parse_mount_err;
1172 }
1173 ctx->got_ip = true;
1174 break;
1175 case Opt_domain:
1176 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1177 == CIFS_MAX_DOMAINNAME_LEN) {
1178 pr_warn("domain name too long\n");
1179 goto cifs_parse_mount_err;
1180 }
1181
1182 kfree(ctx->domainname);
1183 ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1184 if (ctx->domainname == NULL) {
1185 cifs_errorf(fc, "OOM when copying domainname string\n");
1186 goto cifs_parse_mount_err;
1187 }
1188 cifs_dbg(FYI, "Domain name set\n");
1189 break;
1190 case Opt_srcaddr:
1191 if (!cifs_convert_address(
1192 (struct sockaddr *)&ctx->srcaddr,
1193 param->string, strlen(param->string))) {
1194 pr_warn("Could not parse srcaddr: %s\n",
1195 param->string);
1196 goto cifs_parse_mount_err;
1197 }
1198 break;
1199 case Opt_iocharset:
1200 if (strnlen(param->string, 1024) >= 65) {
1201 pr_warn("iocharset name too long\n");
1202 goto cifs_parse_mount_err;
1203 }
1204
1205 if (strncasecmp(param->string, "default", 7) != 0) {
1206 kfree(ctx->iocharset);
1207 ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1208 if (ctx->iocharset == NULL) {
1209 cifs_errorf(fc, "OOM when copying iocharset string\n");
1210 goto cifs_parse_mount_err;
1211 }
1212 }
1213 /* if iocharset not set then load_nls_default
1214 * is used by caller
1215 */
1216 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1217 break;
1218 case Opt_netbiosname:
1219 memset(ctx->source_rfc1001_name, 0x20,
1220 RFC1001_NAME_LEN);
1221 /*
1222 * FIXME: are there cases in which a comma can
1223 * be valid in workstation netbios name (and
1224 * need special handling)?
1225 */
1226 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1227 /* don't ucase netbiosname for user */
1228 if (param->string[i] == 0)
1229 break;
1230 ctx->source_rfc1001_name[i] = param->string[i];
1231 }
1232 /* The string has 16th byte zero still from
1233 * set at top of the function
1234 */
1235 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1236 pr_warn("netbiosname longer than 15 truncated\n");
1237 break;
1238 case Opt_servern:
1239 /* last byte, type, is 0x20 for servr type */
1240 memset(ctx->target_rfc1001_name, 0x20,
1241 RFC1001_NAME_LEN_WITH_NULL);
1242 /*
1243 * BB are there cases in which a comma can be valid in this
1244 * workstation netbios name (and need special handling)?
1245 */
1246
1247 /* user or mount helper must uppercase the netbios name */
1248 for (i = 0; i < 15; i++) {
1249 if (param->string[i] == 0)
1250 break;
1251 ctx->target_rfc1001_name[i] = param->string[i];
1252 }
1253
1254 /* The string has 16th byte zero still from set at top of function */
1255 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1256 pr_warn("server netbiosname longer than 15 truncated\n");
1257 break;
1258 case Opt_ver:
1259 /* version of mount userspace tools, not dialect */
1260 /* If interface changes in mount.cifs bump to new ver */
1261 if (strncasecmp(param->string, "1", 1) == 0) {
1262 if (strlen(param->string) > 1) {
1263 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1264 param->string);
1265 goto cifs_parse_mount_err;
1266 }
1267 /* This is the default */
1268 break;
1269 }
1270 /* For all other value, error */
1271 pr_warn("Invalid mount helper version specified\n");
1272 goto cifs_parse_mount_err;
1273 case Opt_vers:
1274 /* protocol version (dialect) */
1275 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1276 goto cifs_parse_mount_err;
1277 ctx->got_version = true;
1278 break;
1279 case Opt_sec:
1280 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1281 goto cifs_parse_mount_err;
1282 break;
1283 case Opt_cache:
1284 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1285 goto cifs_parse_mount_err;
1286 break;
1287 case Opt_witness:
1288 #ifndef CONFIG_CIFS_SWN_UPCALL
1289 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1290 goto cifs_parse_mount_err;
1291 #endif
1292 ctx->witness = true;
1293 pr_warn_once("Witness protocol support is experimental\n");
1294 break;
1295 case Opt_rootfs:
1296 #ifndef CONFIG_CIFS_ROOT
1297 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1298 goto cifs_parse_mount_err;
1299 #endif
1300 ctx->rootfs = true;
1301 break;
1302 case Opt_posixpaths:
1303 if (result.negated)
1304 ctx->posix_paths = 0;
1305 else
1306 ctx->posix_paths = 1;
1307 break;
1308 case Opt_unix:
1309 if (result.negated) {
1310 if (ctx->linux_ext == 1)
1311 pr_warn_once("conflicting posix mount options specified\n");
1312 ctx->linux_ext = 0;
1313 ctx->no_linux_ext = 1;
1314 } else {
1315 if (ctx->no_linux_ext == 1)
1316 pr_warn_once("conflicting posix mount options specified\n");
1317 ctx->linux_ext = 1;
1318 ctx->no_linux_ext = 0;
1319 }
1320 break;
1321 case Opt_nocase:
1322 ctx->nocase = 1;
1323 break;
1324 case Opt_brl:
1325 if (result.negated) {
1326 /*
1327 * turn off mandatory locking in mode
1328 * if remote locking is turned off since the
1329 * local vfs will do advisory
1330 */
1331 if (ctx->file_mode ==
1332 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1333 ctx->file_mode = S_IALLUGO;
1334 ctx->nobrl = 1;
1335 } else
1336 ctx->nobrl = 0;
1337 break;
1338 case Opt_handlecache:
1339 if (result.negated)
1340 ctx->nohandlecache = 1;
1341 else
1342 ctx->nohandlecache = 0;
1343 break;
1344 case Opt_forcemandatorylock:
1345 ctx->mand_lock = 1;
1346 break;
1347 case Opt_setuids:
1348 ctx->setuids = result.negated;
1349 break;
1350 case Opt_intr:
1351 ctx->intr = !result.negated;
1352 break;
1353 case Opt_setuidfromacl:
1354 ctx->setuidfromacl = 1;
1355 break;
1356 case Opt_strictsync:
1357 ctx->nostrictsync = result.negated;
1358 break;
1359 case Opt_serverino:
1360 ctx->server_ino = !result.negated;
1361 break;
1362 case Opt_rwpidforward:
1363 ctx->rwpidforward = 1;
1364 break;
1365 case Opt_modesid:
1366 ctx->mode_ace = 1;
1367 break;
1368 case Opt_cifsacl:
1369 ctx->cifs_acl = !result.negated;
1370 break;
1371 case Opt_acl:
1372 ctx->no_psx_acl = result.negated;
1373 break;
1374 case Opt_locallease:
1375 ctx->local_lease = 1;
1376 break;
1377 case Opt_sign:
1378 ctx->sign = true;
1379 break;
1380 case Opt_ignore_signature:
1381 ctx->sign = true;
1382 ctx->ignore_signature = true;
1383 break;
1384 case Opt_seal:
1385 /* we do not do the following in secFlags because seal
1386 * is a per tree connection (mount) not a per socket
1387 * or per-smb connection option in the protocol
1388 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1389 */
1390 ctx->seal = 1;
1391 break;
1392 case Opt_noac:
1393 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1394 break;
1395 case Opt_fsc:
1396 #ifndef CONFIG_CIFS_FSCACHE
1397 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1398 goto cifs_parse_mount_err;
1399 #endif
1400 ctx->fsc = true;
1401 break;
1402 case Opt_mfsymlinks:
1403 ctx->mfsymlinks = true;
1404 break;
1405 case Opt_multiuser:
1406 ctx->multiuser = true;
1407 break;
1408 case Opt_sloppy:
1409 ctx->sloppy = true;
1410 break;
1411 case Opt_nosharesock:
1412 ctx->nosharesock = true;
1413 break;
1414 case Opt_persistent:
1415 if (result.negated) {
1416 ctx->nopersistent = true;
1417 if (ctx->persistent) {
1418 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1419 goto cifs_parse_mount_err;
1420 }
1421 } else {
1422 ctx->persistent = true;
1423 if ((ctx->nopersistent) || (ctx->resilient)) {
1424 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1425 goto cifs_parse_mount_err;
1426 }
1427 }
1428 break;
1429 case Opt_resilient:
1430 if (result.negated) {
1431 ctx->resilient = false; /* already the default */
1432 } else {
1433 ctx->resilient = true;
1434 if (ctx->persistent) {
1435 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1436 goto cifs_parse_mount_err;
1437 }
1438 }
1439 break;
1440 case Opt_tcp_nodelay:
1441 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1442 if (result.negated)
1443 ctx->sockopt_tcp_nodelay = false;
1444 else
1445 ctx->sockopt_tcp_nodelay = true;
1446 break;
1447 case Opt_domainauto:
1448 ctx->domainauto = true;
1449 break;
1450 case Opt_rdma:
1451 ctx->rdma = true;
1452 break;
1453 }
1454 /* case Opt_ignore: - is ignored as expected ... */
1455
1456 return 0;
1457
1458 cifs_parse_mount_err:
1459 return -EINVAL;
1460 }
1461
smb3_init_fs_context(struct fs_context * fc)1462 int smb3_init_fs_context(struct fs_context *fc)
1463 {
1464 int rc;
1465 struct smb3_fs_context *ctx;
1466 char *nodename = utsname()->nodename;
1467 int i;
1468
1469 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1470 if (unlikely(!ctx)) {
1471 rc = -ENOMEM;
1472 goto err_exit;
1473 }
1474
1475 ctx->workstation_name = kstrdup(nodename, GFP_KERNEL);
1476 if (unlikely(!ctx->workstation_name)) {
1477 rc = -ENOMEM;
1478 goto err_exit;
1479 }
1480
1481 /*
1482 * does not have to be perfect mapping since field is
1483 * informational, only used for servers that do not support
1484 * port 445 and it can be overridden at mount time
1485 */
1486 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1487 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1488 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1489
1490 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1491 /*
1492 * null target name indicates to use *SMBSERVR default called name
1493 * if we end up sending RFC1001 session initialize
1494 */
1495 ctx->target_rfc1001_name[0] = 0;
1496 ctx->cred_uid = current_uid();
1497 ctx->linux_uid = current_uid();
1498 ctx->linux_gid = current_gid();
1499 /* By default 4MB read ahead size, 1MB block size */
1500 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1501 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1502
1503 /*
1504 * default to SFM style remapping of seven reserved characters
1505 * unless user overrides it or we negotiate CIFS POSIX where
1506 * it is unnecessary. Can not simultaneously use more than one mapping
1507 * since then readdir could list files that open could not open
1508 */
1509 ctx->remap = true;
1510
1511 /* default to only allowing write access to owner of the mount */
1512 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1513
1514 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1515 /* default is always to request posix paths. */
1516 ctx->posix_paths = 1;
1517 /* default to using server inode numbers where available */
1518 ctx->server_ino = 1;
1519
1520 /* default is to use strict cifs caching semantics */
1521 ctx->strict_io = true;
1522
1523 ctx->acregmax = CIFS_DEF_ACTIMEO;
1524 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1525
1526 /* Most clients set timeout to 0, allows server to use its default */
1527 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1528
1529 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1530 ctx->ops = &smb30_operations;
1531 ctx->vals = &smbdefault_values;
1532
1533 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1534
1535 /* default to no multichannel (single server connection) */
1536 ctx->multichannel = false;
1537 ctx->max_channels = 1;
1538
1539 ctx->backupuid_specified = false; /* no backup intent for a user */
1540 ctx->backupgid_specified = false; /* no backup intent for a group */
1541
1542 /*
1543 * short int override_uid = -1;
1544 * short int override_gid = -1;
1545 * char *nodename = strdup(utsname()->nodename);
1546 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1547 */
1548
1549 fc->fs_private = ctx;
1550 fc->ops = &smb3_fs_context_ops;
1551 return 0;
1552
1553 err_exit:
1554 if (ctx) {
1555 kfree(ctx->workstation_name);
1556 kfree(ctx);
1557 }
1558
1559 return rc;
1560 }
1561
1562 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1563 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1564 {
1565 if (ctx == NULL)
1566 return;
1567
1568 /*
1569 * Make sure this stays in sync with smb3_fs_context_dup()
1570 */
1571 kfree(ctx->mount_options);
1572 ctx->mount_options = NULL;
1573 kfree(ctx->username);
1574 ctx->username = NULL;
1575 kfree_sensitive(ctx->password);
1576 ctx->password = NULL;
1577 kfree(ctx->server_hostname);
1578 ctx->server_hostname = NULL;
1579 kfree(ctx->UNC);
1580 ctx->UNC = NULL;
1581 kfree(ctx->source);
1582 ctx->source = NULL;
1583 kfree(ctx->domainname);
1584 ctx->domainname = NULL;
1585 kfree(ctx->workstation_name);
1586 ctx->workstation_name = NULL;
1587 kfree(ctx->nodename);
1588 ctx->nodename = NULL;
1589 kfree(ctx->iocharset);
1590 ctx->iocharset = NULL;
1591 kfree(ctx->prepath);
1592 ctx->prepath = NULL;
1593 }
1594
1595 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1596 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1597 {
1598 if (!ctx)
1599 return;
1600 smb3_cleanup_fs_context_contents(ctx);
1601 kfree(ctx);
1602 }
1603
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1604 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1605 {
1606 struct smb3_fs_context *ctx = cifs_sb->ctx;
1607
1608 if (ctx->nodfs)
1609 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1610 else
1611 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1612
1613 if (ctx->noperm)
1614 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1615 else
1616 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1617
1618 if (ctx->setuids)
1619 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1620 else
1621 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1622
1623 if (ctx->setuidfromacl)
1624 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1625 else
1626 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1627
1628 if (ctx->server_ino)
1629 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1630 else
1631 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1632
1633 if (ctx->remap)
1634 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1635 else
1636 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1637
1638 if (ctx->sfu_remap)
1639 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1640 else
1641 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1642
1643 if (ctx->no_xattr)
1644 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1645 else
1646 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1647
1648 if (ctx->sfu_emul)
1649 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1650 else
1651 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1652
1653 if (ctx->nobrl)
1654 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1655 else
1656 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1657
1658 if (ctx->nohandlecache)
1659 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1660 else
1661 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1662
1663 if (ctx->nostrictsync)
1664 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1665 else
1666 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1667
1668 if (ctx->mand_lock)
1669 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1670 else
1671 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1672
1673 if (ctx->rwpidforward)
1674 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1675 else
1676 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1677
1678 if (ctx->mode_ace)
1679 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1680 else
1681 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1682
1683 if (ctx->cifs_acl)
1684 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1685 else
1686 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1687
1688 if (ctx->backupuid_specified)
1689 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1690 else
1691 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1692
1693 if (ctx->backupgid_specified)
1694 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1695 else
1696 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1697
1698 if (ctx->override_uid)
1699 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1700 else
1701 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1702
1703 if (ctx->override_gid)
1704 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1705 else
1706 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1707
1708 if (ctx->dynperm)
1709 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1710 else
1711 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1712
1713 if (ctx->fsc)
1714 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1715 else
1716 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1717
1718 if (ctx->multiuser)
1719 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1720 CIFS_MOUNT_NO_PERM);
1721 else
1722 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1723
1724
1725 if (ctx->strict_io)
1726 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1727 else
1728 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1729
1730 if (ctx->direct_io)
1731 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1732 else
1733 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1734
1735 if (ctx->mfsymlinks)
1736 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1737 else
1738 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1739 if (ctx->mfsymlinks) {
1740 if (ctx->sfu_emul) {
1741 /*
1742 * Our SFU ("Services for Unix" emulation does not allow
1743 * creating symlinks but does allow reading existing SFU
1744 * symlinks (it does allow both creating and reading SFU
1745 * style mknod and FIFOs though). When "mfsymlinks" and
1746 * "sfu" are both enabled at the same time, it allows
1747 * reading both types of symlinks, but will only create
1748 * them with mfsymlinks format. This allows better
1749 * Apple compatibility (probably better for Samba too)
1750 * while still recognizing old Windows style symlinks.
1751 */
1752 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1753 }
1754 }
1755 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1756
1757 return;
1758 }
1759