1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * linux/fs/nfs/fs_context.c
4 *
5 * Copyright (C) 1992 Rick Sladkey
6 * Conversion to new mount api Copyright (C) David Howells
7 *
8 * NFS mount handling.
9 *
10 * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com>
11 */
12
13 #include <linux/compat.h>
14 #include <linux/module.h>
15 #include <linux/fs.h>
16 #include <linux/fs_context.h>
17 #include <linux/fs_parser.h>
18 #include <linux/nfs_fs.h>
19 #include <linux/nfs_mount.h>
20 #include <linux/nfs4_mount.h>
21
22 #include <net/handshake.h>
23
24 #include "nfs.h"
25 #include "internal.h"
26
27 #include "nfstrace.h"
28
29 #define NFSDBG_FACILITY NFSDBG_MOUNT
30
31 #if IS_ENABLED(CONFIG_NFS_V3)
32 #define NFS_DEFAULT_VERSION 3
33 #else
34 #define NFS_DEFAULT_VERSION 2
35 #endif
36
37 #define NFS_MAX_CONNECTIONS 16
38
39 enum nfs_param {
40 Opt_ac,
41 Opt_acdirmax,
42 Opt_acdirmin,
43 Opt_acl,
44 Opt_acregmax,
45 Opt_acregmin,
46 Opt_actimeo,
47 Opt_addr,
48 Opt_bg,
49 Opt_bsize,
50 Opt_clientaddr,
51 Opt_cto,
52 Opt_fg,
53 Opt_fscache,
54 Opt_fscache_flag,
55 Opt_hard,
56 Opt_intr,
57 Opt_local_lock,
58 Opt_lock,
59 Opt_lookupcache,
60 Opt_migration,
61 Opt_minorversion,
62 Opt_mountaddr,
63 Opt_mounthost,
64 Opt_mountport,
65 Opt_mountproto,
66 Opt_mountvers,
67 Opt_namelen,
68 Opt_nconnect,
69 Opt_max_connect,
70 Opt_port,
71 Opt_posix,
72 Opt_proto,
73 Opt_rdirplus,
74 Opt_rdma,
75 Opt_resvport,
76 Opt_retrans,
77 Opt_retry,
78 Opt_rsize,
79 Opt_sec,
80 Opt_sharecache,
81 Opt_sloppy,
82 Opt_soft,
83 Opt_softerr,
84 Opt_softreval,
85 Opt_source,
86 Opt_tcp,
87 Opt_timeo,
88 Opt_trunkdiscovery,
89 Opt_udp,
90 Opt_v,
91 Opt_vers,
92 Opt_wsize,
93 Opt_write,
94 Opt_xprtsec,
95 };
96
97 enum {
98 Opt_local_lock_all,
99 Opt_local_lock_flock,
100 Opt_local_lock_none,
101 Opt_local_lock_posix,
102 };
103
104 static const struct constant_table nfs_param_enums_local_lock[] = {
105 { "all", Opt_local_lock_all },
106 { "flock", Opt_local_lock_flock },
107 { "posix", Opt_local_lock_posix },
108 { "none", Opt_local_lock_none },
109 {}
110 };
111
112 enum {
113 Opt_lookupcache_all,
114 Opt_lookupcache_none,
115 Opt_lookupcache_positive,
116 };
117
118 static const struct constant_table nfs_param_enums_lookupcache[] = {
119 { "all", Opt_lookupcache_all },
120 { "none", Opt_lookupcache_none },
121 { "pos", Opt_lookupcache_positive },
122 { "positive", Opt_lookupcache_positive },
123 {}
124 };
125
126 enum {
127 Opt_write_lazy,
128 Opt_write_eager,
129 Opt_write_wait,
130 };
131
132 static const struct constant_table nfs_param_enums_write[] = {
133 { "lazy", Opt_write_lazy },
134 { "eager", Opt_write_eager },
135 { "wait", Opt_write_wait },
136 {}
137 };
138
139 static const struct fs_parameter_spec nfs_fs_parameters[] = {
140 fsparam_flag_no("ac", Opt_ac),
141 fsparam_u32 ("acdirmax", Opt_acdirmax),
142 fsparam_u32 ("acdirmin", Opt_acdirmin),
143 fsparam_flag_no("acl", Opt_acl),
144 fsparam_u32 ("acregmax", Opt_acregmax),
145 fsparam_u32 ("acregmin", Opt_acregmin),
146 fsparam_u32 ("actimeo", Opt_actimeo),
147 fsparam_string("addr", Opt_addr),
148 fsparam_flag ("bg", Opt_bg),
149 fsparam_u32 ("bsize", Opt_bsize),
150 fsparam_string("clientaddr", Opt_clientaddr),
151 fsparam_flag_no("cto", Opt_cto),
152 fsparam_flag ("fg", Opt_fg),
153 fsparam_flag_no("fsc", Opt_fscache_flag),
154 fsparam_string("fsc", Opt_fscache),
155 fsparam_flag ("hard", Opt_hard),
156 __fsparam(NULL, "intr", Opt_intr,
157 fs_param_neg_with_no|fs_param_deprecated, NULL),
158 fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock),
159 fsparam_flag_no("lock", Opt_lock),
160 fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache),
161 fsparam_flag_no("migration", Opt_migration),
162 fsparam_u32 ("minorversion", Opt_minorversion),
163 fsparam_string("mountaddr", Opt_mountaddr),
164 fsparam_string("mounthost", Opt_mounthost),
165 fsparam_u32 ("mountport", Opt_mountport),
166 fsparam_string("mountproto", Opt_mountproto),
167 fsparam_u32 ("mountvers", Opt_mountvers),
168 fsparam_u32 ("namlen", Opt_namelen),
169 fsparam_u32 ("nconnect", Opt_nconnect),
170 fsparam_u32 ("max_connect", Opt_max_connect),
171 fsparam_string("nfsvers", Opt_vers),
172 fsparam_u32 ("port", Opt_port),
173 fsparam_flag_no("posix", Opt_posix),
174 fsparam_string("proto", Opt_proto),
175 fsparam_flag_no("rdirplus", Opt_rdirplus),
176 fsparam_flag ("rdma", Opt_rdma),
177 fsparam_flag_no("resvport", Opt_resvport),
178 fsparam_u32 ("retrans", Opt_retrans),
179 fsparam_string("retry", Opt_retry),
180 fsparam_u32 ("rsize", Opt_rsize),
181 fsparam_string("sec", Opt_sec),
182 fsparam_flag_no("sharecache", Opt_sharecache),
183 fsparam_flag ("sloppy", Opt_sloppy),
184 fsparam_flag ("soft", Opt_soft),
185 fsparam_flag ("softerr", Opt_softerr),
186 fsparam_flag ("softreval", Opt_softreval),
187 fsparam_string("source", Opt_source),
188 fsparam_flag ("tcp", Opt_tcp),
189 fsparam_u32 ("timeo", Opt_timeo),
190 fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery),
191 fsparam_flag ("udp", Opt_udp),
192 fsparam_flag ("v2", Opt_v),
193 fsparam_flag ("v3", Opt_v),
194 fsparam_flag ("v4", Opt_v),
195 fsparam_flag ("v4.0", Opt_v),
196 fsparam_flag ("v4.1", Opt_v),
197 fsparam_flag ("v4.2", Opt_v),
198 fsparam_string("vers", Opt_vers),
199 fsparam_enum ("write", Opt_write, nfs_param_enums_write),
200 fsparam_u32 ("wsize", Opt_wsize),
201 fsparam_string("xprtsec", Opt_xprtsec),
202 {}
203 };
204
205 enum {
206 Opt_vers_2,
207 Opt_vers_3,
208 Opt_vers_4,
209 Opt_vers_4_0,
210 Opt_vers_4_1,
211 Opt_vers_4_2,
212 };
213
214 static const struct constant_table nfs_vers_tokens[] = {
215 { "2", Opt_vers_2 },
216 { "3", Opt_vers_3 },
217 { "4", Opt_vers_4 },
218 { "4.0", Opt_vers_4_0 },
219 { "4.1", Opt_vers_4_1 },
220 { "4.2", Opt_vers_4_2 },
221 {}
222 };
223
224 enum {
225 Opt_xprt_rdma,
226 Opt_xprt_rdma6,
227 Opt_xprt_tcp,
228 Opt_xprt_tcp6,
229 Opt_xprt_udp,
230 Opt_xprt_udp6,
231 nr__Opt_xprt
232 };
233
234 static const struct constant_table nfs_xprt_protocol_tokens[] = {
235 { "rdma", Opt_xprt_rdma },
236 { "rdma6", Opt_xprt_rdma6 },
237 { "tcp", Opt_xprt_tcp },
238 { "tcp6", Opt_xprt_tcp6 },
239 { "udp", Opt_xprt_udp },
240 { "udp6", Opt_xprt_udp6 },
241 {}
242 };
243
244 enum {
245 Opt_sec_krb5,
246 Opt_sec_krb5i,
247 Opt_sec_krb5p,
248 Opt_sec_lkey,
249 Opt_sec_lkeyi,
250 Opt_sec_lkeyp,
251 Opt_sec_none,
252 Opt_sec_spkm,
253 Opt_sec_spkmi,
254 Opt_sec_spkmp,
255 Opt_sec_sys,
256 nr__Opt_sec
257 };
258
259 static const struct constant_table nfs_secflavor_tokens[] = {
260 { "krb5", Opt_sec_krb5 },
261 { "krb5i", Opt_sec_krb5i },
262 { "krb5p", Opt_sec_krb5p },
263 { "lkey", Opt_sec_lkey },
264 { "lkeyi", Opt_sec_lkeyi },
265 { "lkeyp", Opt_sec_lkeyp },
266 { "none", Opt_sec_none },
267 { "null", Opt_sec_none },
268 { "spkm3", Opt_sec_spkm },
269 { "spkm3i", Opt_sec_spkmi },
270 { "spkm3p", Opt_sec_spkmp },
271 { "sys", Opt_sec_sys },
272 {}
273 };
274
275 enum {
276 Opt_xprtsec_none,
277 Opt_xprtsec_tls,
278 Opt_xprtsec_mtls,
279 nr__Opt_xprtsec
280 };
281
282 static const struct constant_table nfs_xprtsec_policies[] = {
283 { "none", Opt_xprtsec_none },
284 { "tls", Opt_xprtsec_tls },
285 { "mtls", Opt_xprtsec_mtls },
286 {}
287 };
288
289 /*
290 * Sanity-check a server address provided by the mount command.
291 *
292 * Address family must be initialized, and address must not be
293 * the ANY address for that family.
294 */
nfs_verify_server_address(struct sockaddr_storage * addr)295 static int nfs_verify_server_address(struct sockaddr_storage *addr)
296 {
297 switch (addr->ss_family) {
298 case AF_INET: {
299 struct sockaddr_in *sa = (struct sockaddr_in *)addr;
300 return sa->sin_addr.s_addr != htonl(INADDR_ANY);
301 }
302 case AF_INET6: {
303 struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr;
304 return !ipv6_addr_any(sa);
305 }
306 }
307
308 return 0;
309 }
310
311 #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT
nfs_server_transport_udp_invalid(const struct nfs_fs_context * ctx)312 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
313 {
314 return true;
315 }
316 #else
nfs_server_transport_udp_invalid(const struct nfs_fs_context * ctx)317 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
318 {
319 if (ctx->version == 4)
320 return true;
321 return false;
322 }
323 #endif
324
325 /*
326 * Sanity check the NFS transport protocol.
327 */
nfs_validate_transport_protocol(struct fs_context * fc,struct nfs_fs_context * ctx)328 static int nfs_validate_transport_protocol(struct fs_context *fc,
329 struct nfs_fs_context *ctx)
330 {
331 switch (ctx->nfs_server.protocol) {
332 case XPRT_TRANSPORT_UDP:
333 if (nfs_server_transport_udp_invalid(ctx))
334 goto out_invalid_transport_udp;
335 break;
336 case XPRT_TRANSPORT_TCP:
337 case XPRT_TRANSPORT_RDMA:
338 break;
339 default:
340 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
341 }
342
343 if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE)
344 switch (ctx->nfs_server.protocol) {
345 case XPRT_TRANSPORT_TCP:
346 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS;
347 break;
348 default:
349 goto out_invalid_xprtsec_policy;
350 }
351
352 return 0;
353 out_invalid_transport_udp:
354 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp");
355 out_invalid_xprtsec_policy:
356 return nfs_invalf(fc, "NFS: Transport does not support xprtsec");
357 }
358
359 /*
360 * For text based NFSv2/v3 mounts, the mount protocol transport default
361 * settings should depend upon the specified NFS transport.
362 */
nfs_set_mount_transport_protocol(struct nfs_fs_context * ctx)363 static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx)
364 {
365 if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP ||
366 ctx->mount_server.protocol == XPRT_TRANSPORT_TCP)
367 return;
368 switch (ctx->nfs_server.protocol) {
369 case XPRT_TRANSPORT_UDP:
370 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
371 break;
372 case XPRT_TRANSPORT_TCP:
373 case XPRT_TRANSPORT_RDMA:
374 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
375 }
376 }
377
378 /*
379 * Add 'flavor' to 'auth_info' if not already present.
380 * Returns true if 'flavor' ends up in the list, false otherwise
381 */
nfs_auth_info_add(struct fs_context * fc,struct nfs_auth_info * auth_info,rpc_authflavor_t flavor)382 static int nfs_auth_info_add(struct fs_context *fc,
383 struct nfs_auth_info *auth_info,
384 rpc_authflavor_t flavor)
385 {
386 unsigned int i;
387 unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors);
388
389 /* make sure this flavor isn't already in the list */
390 for (i = 0; i < auth_info->flavor_len; i++) {
391 if (flavor == auth_info->flavors[i])
392 return 0;
393 }
394
395 if (auth_info->flavor_len + 1 >= max_flavor_len)
396 return nfs_invalf(fc, "NFS: too many sec= flavors");
397
398 auth_info->flavors[auth_info->flavor_len++] = flavor;
399 return 0;
400 }
401
402 /*
403 * Parse the value of the 'sec=' option.
404 */
nfs_parse_security_flavors(struct fs_context * fc,struct fs_parameter * param)405 static int nfs_parse_security_flavors(struct fs_context *fc,
406 struct fs_parameter *param)
407 {
408 struct nfs_fs_context *ctx = nfs_fc2context(fc);
409 rpc_authflavor_t pseudoflavor;
410 char *string = param->string, *p;
411 int ret;
412
413 trace_nfs_mount_assign(param->key, string);
414
415 while ((p = strsep(&string, ":")) != NULL) {
416 if (!*p)
417 continue;
418 switch (lookup_constant(nfs_secflavor_tokens, p, -1)) {
419 case Opt_sec_none:
420 pseudoflavor = RPC_AUTH_NULL;
421 break;
422 case Opt_sec_sys:
423 pseudoflavor = RPC_AUTH_UNIX;
424 break;
425 case Opt_sec_krb5:
426 pseudoflavor = RPC_AUTH_GSS_KRB5;
427 break;
428 case Opt_sec_krb5i:
429 pseudoflavor = RPC_AUTH_GSS_KRB5I;
430 break;
431 case Opt_sec_krb5p:
432 pseudoflavor = RPC_AUTH_GSS_KRB5P;
433 break;
434 case Opt_sec_lkey:
435 pseudoflavor = RPC_AUTH_GSS_LKEY;
436 break;
437 case Opt_sec_lkeyi:
438 pseudoflavor = RPC_AUTH_GSS_LKEYI;
439 break;
440 case Opt_sec_lkeyp:
441 pseudoflavor = RPC_AUTH_GSS_LKEYP;
442 break;
443 case Opt_sec_spkm:
444 pseudoflavor = RPC_AUTH_GSS_SPKM;
445 break;
446 case Opt_sec_spkmi:
447 pseudoflavor = RPC_AUTH_GSS_SPKMI;
448 break;
449 case Opt_sec_spkmp:
450 pseudoflavor = RPC_AUTH_GSS_SPKMP;
451 break;
452 default:
453 return nfs_invalf(fc, "NFS: sec=%s option not recognized", p);
454 }
455
456 ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor);
457 if (ret < 0)
458 return ret;
459 }
460
461 return 0;
462 }
463
nfs_parse_xprtsec_policy(struct fs_context * fc,struct fs_parameter * param)464 static int nfs_parse_xprtsec_policy(struct fs_context *fc,
465 struct fs_parameter *param)
466 {
467 struct nfs_fs_context *ctx = nfs_fc2context(fc);
468
469 trace_nfs_mount_assign(param->key, param->string);
470
471 switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) {
472 case Opt_xprtsec_none:
473 ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
474 break;
475 case Opt_xprtsec_tls:
476 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON;
477 break;
478 case Opt_xprtsec_mtls:
479 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509;
480 break;
481 default:
482 return nfs_invalf(fc, "NFS: Unrecognized transport security policy");
483 }
484 return 0;
485 }
486
nfs_parse_version_string(struct fs_context * fc,const char * string)487 static int nfs_parse_version_string(struct fs_context *fc,
488 const char *string)
489 {
490 struct nfs_fs_context *ctx = nfs_fc2context(fc);
491
492 ctx->flags &= ~NFS_MOUNT_VER3;
493 switch (lookup_constant(nfs_vers_tokens, string, -1)) {
494 case Opt_vers_2:
495 ctx->version = 2;
496 break;
497 case Opt_vers_3:
498 ctx->flags |= NFS_MOUNT_VER3;
499 ctx->version = 3;
500 break;
501 case Opt_vers_4:
502 /* Backward compatibility option. In future,
503 * the mount program should always supply
504 * a NFSv4 minor version number.
505 */
506 ctx->version = 4;
507 break;
508 case Opt_vers_4_0:
509 ctx->version = 4;
510 ctx->minorversion = 0;
511 break;
512 case Opt_vers_4_1:
513 ctx->version = 4;
514 ctx->minorversion = 1;
515 break;
516 case Opt_vers_4_2:
517 ctx->version = 4;
518 ctx->minorversion = 2;
519 break;
520 default:
521 return nfs_invalf(fc, "NFS: Unsupported NFS version");
522 }
523 return 0;
524 }
525
526 /*
527 * Parse a single mount parameter.
528 */
nfs_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)529 static int nfs_fs_context_parse_param(struct fs_context *fc,
530 struct fs_parameter *param)
531 {
532 struct fs_parse_result result;
533 struct nfs_fs_context *ctx = nfs_fc2context(fc);
534 unsigned short protofamily, mountfamily;
535 unsigned int len;
536 int ret, opt;
537
538 trace_nfs_mount_option(param);
539
540 opt = fs_parse(fc, nfs_fs_parameters, param, &result);
541 if (opt < 0)
542 return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt;
543
544 if (fc->security)
545 ctx->has_sec_mnt_opts = 1;
546
547 switch (opt) {
548 case Opt_source:
549 if (fc->source)
550 return nfs_invalf(fc, "NFS: Multiple sources not supported");
551 fc->source = param->string;
552 param->string = NULL;
553 break;
554
555 /*
556 * boolean options: foo/nofoo
557 */
558 case Opt_soft:
559 ctx->flags |= NFS_MOUNT_SOFT;
560 ctx->flags &= ~NFS_MOUNT_SOFTERR;
561 break;
562 case Opt_softerr:
563 ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL;
564 ctx->flags &= ~NFS_MOUNT_SOFT;
565 break;
566 case Opt_hard:
567 ctx->flags &= ~(NFS_MOUNT_SOFT |
568 NFS_MOUNT_SOFTERR |
569 NFS_MOUNT_SOFTREVAL);
570 break;
571 case Opt_softreval:
572 if (result.negated)
573 ctx->flags &= ~NFS_MOUNT_SOFTREVAL;
574 else
575 ctx->flags |= NFS_MOUNT_SOFTREVAL;
576 break;
577 case Opt_posix:
578 if (result.negated)
579 ctx->flags &= ~NFS_MOUNT_POSIX;
580 else
581 ctx->flags |= NFS_MOUNT_POSIX;
582 break;
583 case Opt_cto:
584 if (result.negated)
585 ctx->flags |= NFS_MOUNT_NOCTO;
586 else
587 ctx->flags &= ~NFS_MOUNT_NOCTO;
588 break;
589 case Opt_trunkdiscovery:
590 if (result.negated)
591 ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY;
592 else
593 ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY;
594 break;
595 case Opt_ac:
596 if (result.negated)
597 ctx->flags |= NFS_MOUNT_NOAC;
598 else
599 ctx->flags &= ~NFS_MOUNT_NOAC;
600 break;
601 case Opt_lock:
602 if (result.negated) {
603 ctx->flags |= NFS_MOUNT_NONLM;
604 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
605 } else {
606 ctx->flags &= ~NFS_MOUNT_NONLM;
607 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
608 }
609 break;
610 case Opt_udp:
611 ctx->flags &= ~NFS_MOUNT_TCP;
612 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
613 break;
614 case Opt_tcp:
615 case Opt_rdma:
616 ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */
617 ret = xprt_find_transport_ident(param->key);
618 if (ret < 0)
619 goto out_bad_transport;
620 ctx->nfs_server.protocol = ret;
621 break;
622 case Opt_acl:
623 if (result.negated)
624 ctx->flags |= NFS_MOUNT_NOACL;
625 else
626 ctx->flags &= ~NFS_MOUNT_NOACL;
627 break;
628 case Opt_rdirplus:
629 if (result.negated)
630 ctx->flags |= NFS_MOUNT_NORDIRPLUS;
631 else
632 ctx->flags &= ~NFS_MOUNT_NORDIRPLUS;
633 break;
634 case Opt_sharecache:
635 if (result.negated)
636 ctx->flags |= NFS_MOUNT_UNSHARED;
637 else
638 ctx->flags &= ~NFS_MOUNT_UNSHARED;
639 break;
640 case Opt_resvport:
641 if (result.negated)
642 ctx->flags |= NFS_MOUNT_NORESVPORT;
643 else
644 ctx->flags &= ~NFS_MOUNT_NORESVPORT;
645 break;
646 case Opt_fscache_flag:
647 if (result.negated)
648 ctx->options &= ~NFS_OPTION_FSCACHE;
649 else
650 ctx->options |= NFS_OPTION_FSCACHE;
651 kfree(ctx->fscache_uniq);
652 ctx->fscache_uniq = NULL;
653 break;
654 case Opt_fscache:
655 ctx->options |= NFS_OPTION_FSCACHE;
656 kfree(ctx->fscache_uniq);
657 ctx->fscache_uniq = param->string;
658 param->string = NULL;
659 break;
660 case Opt_migration:
661 if (result.negated)
662 ctx->options &= ~NFS_OPTION_MIGRATION;
663 else
664 ctx->options |= NFS_OPTION_MIGRATION;
665 break;
666
667 /*
668 * options that take numeric values
669 */
670 case Opt_port:
671 if (result.uint_32 > USHRT_MAX)
672 goto out_of_bounds;
673 ctx->nfs_server.port = result.uint_32;
674 break;
675 case Opt_rsize:
676 ctx->rsize = result.uint_32;
677 break;
678 case Opt_wsize:
679 ctx->wsize = result.uint_32;
680 break;
681 case Opt_bsize:
682 ctx->bsize = result.uint_32;
683 break;
684 case Opt_timeo:
685 if (result.uint_32 < 1 || result.uint_32 > INT_MAX)
686 goto out_of_bounds;
687 ctx->timeo = result.uint_32;
688 break;
689 case Opt_retrans:
690 if (result.uint_32 > INT_MAX)
691 goto out_of_bounds;
692 ctx->retrans = result.uint_32;
693 break;
694 case Opt_acregmin:
695 ctx->acregmin = result.uint_32;
696 break;
697 case Opt_acregmax:
698 ctx->acregmax = result.uint_32;
699 break;
700 case Opt_acdirmin:
701 ctx->acdirmin = result.uint_32;
702 break;
703 case Opt_acdirmax:
704 ctx->acdirmax = result.uint_32;
705 break;
706 case Opt_actimeo:
707 ctx->acregmin = result.uint_32;
708 ctx->acregmax = result.uint_32;
709 ctx->acdirmin = result.uint_32;
710 ctx->acdirmax = result.uint_32;
711 break;
712 case Opt_namelen:
713 ctx->namlen = result.uint_32;
714 break;
715 case Opt_mountport:
716 if (result.uint_32 > USHRT_MAX)
717 goto out_of_bounds;
718 ctx->mount_server.port = result.uint_32;
719 break;
720 case Opt_mountvers:
721 if (result.uint_32 < NFS_MNT_VERSION ||
722 result.uint_32 > NFS_MNT3_VERSION)
723 goto out_of_bounds;
724 ctx->mount_server.version = result.uint_32;
725 break;
726 case Opt_minorversion:
727 if (result.uint_32 > NFS4_MAX_MINOR_VERSION)
728 goto out_of_bounds;
729 ctx->minorversion = result.uint_32;
730 break;
731
732 /*
733 * options that take text values
734 */
735 case Opt_v:
736 ret = nfs_parse_version_string(fc, param->key + 1);
737 if (ret < 0)
738 return ret;
739 break;
740 case Opt_vers:
741 if (!param->string)
742 goto out_invalid_value;
743 trace_nfs_mount_assign(param->key, param->string);
744 ret = nfs_parse_version_string(fc, param->string);
745 if (ret < 0)
746 return ret;
747 break;
748 case Opt_sec:
749 ret = nfs_parse_security_flavors(fc, param);
750 if (ret < 0)
751 return ret;
752 break;
753 case Opt_xprtsec:
754 ret = nfs_parse_xprtsec_policy(fc, param);
755 if (ret < 0)
756 return ret;
757 break;
758
759 case Opt_proto:
760 if (!param->string)
761 goto out_invalid_value;
762 trace_nfs_mount_assign(param->key, param->string);
763 protofamily = AF_INET;
764 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
765 case Opt_xprt_udp6:
766 protofamily = AF_INET6;
767 fallthrough;
768 case Opt_xprt_udp:
769 ctx->flags &= ~NFS_MOUNT_TCP;
770 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
771 break;
772 case Opt_xprt_tcp6:
773 protofamily = AF_INET6;
774 fallthrough;
775 case Opt_xprt_tcp:
776 ctx->flags |= NFS_MOUNT_TCP;
777 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
778 break;
779 case Opt_xprt_rdma6:
780 protofamily = AF_INET6;
781 fallthrough;
782 case Opt_xprt_rdma:
783 /* vector side protocols to TCP */
784 ctx->flags |= NFS_MOUNT_TCP;
785 ret = xprt_find_transport_ident(param->string);
786 if (ret < 0)
787 goto out_bad_transport;
788 ctx->nfs_server.protocol = ret;
789 break;
790 default:
791 goto out_bad_transport;
792 }
793
794 ctx->protofamily = protofamily;
795 break;
796
797 case Opt_mountproto:
798 if (!param->string)
799 goto out_invalid_value;
800 trace_nfs_mount_assign(param->key, param->string);
801 mountfamily = AF_INET;
802 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
803 case Opt_xprt_udp6:
804 mountfamily = AF_INET6;
805 fallthrough;
806 case Opt_xprt_udp:
807 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
808 break;
809 case Opt_xprt_tcp6:
810 mountfamily = AF_INET6;
811 fallthrough;
812 case Opt_xprt_tcp:
813 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
814 break;
815 case Opt_xprt_rdma: /* not used for side protocols */
816 default:
817 goto out_bad_transport;
818 }
819 ctx->mountfamily = mountfamily;
820 break;
821
822 case Opt_addr:
823 trace_nfs_mount_assign(param->key, param->string);
824 len = rpc_pton(fc->net_ns, param->string, param->size,
825 &ctx->nfs_server.address,
826 sizeof(ctx->nfs_server._address));
827 if (len == 0)
828 goto out_invalid_address;
829 ctx->nfs_server.addrlen = len;
830 break;
831 case Opt_clientaddr:
832 trace_nfs_mount_assign(param->key, param->string);
833 kfree(ctx->client_address);
834 ctx->client_address = param->string;
835 param->string = NULL;
836 break;
837 case Opt_mounthost:
838 trace_nfs_mount_assign(param->key, param->string);
839 kfree(ctx->mount_server.hostname);
840 ctx->mount_server.hostname = param->string;
841 param->string = NULL;
842 break;
843 case Opt_mountaddr:
844 trace_nfs_mount_assign(param->key, param->string);
845 len = rpc_pton(fc->net_ns, param->string, param->size,
846 &ctx->mount_server.address,
847 sizeof(ctx->mount_server._address));
848 if (len == 0)
849 goto out_invalid_address;
850 ctx->mount_server.addrlen = len;
851 break;
852 case Opt_nconnect:
853 trace_nfs_mount_assign(param->key, param->string);
854 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS)
855 goto out_of_bounds;
856 ctx->nfs_server.nconnect = result.uint_32;
857 break;
858 case Opt_max_connect:
859 trace_nfs_mount_assign(param->key, param->string);
860 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS)
861 goto out_of_bounds;
862 ctx->nfs_server.max_connect = result.uint_32;
863 break;
864 case Opt_lookupcache:
865 trace_nfs_mount_assign(param->key, param->string);
866 switch (result.uint_32) {
867 case Opt_lookupcache_all:
868 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE);
869 break;
870 case Opt_lookupcache_positive:
871 ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE;
872 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG;
873 break;
874 case Opt_lookupcache_none:
875 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE;
876 break;
877 default:
878 goto out_invalid_value;
879 }
880 break;
881 case Opt_local_lock:
882 trace_nfs_mount_assign(param->key, param->string);
883 switch (result.uint_32) {
884 case Opt_local_lock_all:
885 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK |
886 NFS_MOUNT_LOCAL_FCNTL);
887 break;
888 case Opt_local_lock_flock:
889 ctx->flags |= NFS_MOUNT_LOCAL_FLOCK;
890 break;
891 case Opt_local_lock_posix:
892 ctx->flags |= NFS_MOUNT_LOCAL_FCNTL;
893 break;
894 case Opt_local_lock_none:
895 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK |
896 NFS_MOUNT_LOCAL_FCNTL);
897 break;
898 default:
899 goto out_invalid_value;
900 }
901 break;
902 case Opt_write:
903 trace_nfs_mount_assign(param->key, param->string);
904 switch (result.uint_32) {
905 case Opt_write_lazy:
906 ctx->flags &=
907 ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT);
908 break;
909 case Opt_write_eager:
910 ctx->flags |= NFS_MOUNT_WRITE_EAGER;
911 ctx->flags &= ~NFS_MOUNT_WRITE_WAIT;
912 break;
913 case Opt_write_wait:
914 ctx->flags |=
915 NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT;
916 break;
917 default:
918 goto out_invalid_value;
919 }
920 break;
921
922 /*
923 * Special options
924 */
925 case Opt_sloppy:
926 ctx->sloppy = true;
927 break;
928 }
929
930 return 0;
931
932 out_invalid_value:
933 return nfs_invalf(fc, "NFS: Bad mount option value specified");
934 out_invalid_address:
935 return nfs_invalf(fc, "NFS: Bad IP address specified");
936 out_of_bounds:
937 return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key);
938 out_bad_transport:
939 return nfs_invalf(fc, "NFS: Unrecognized transport protocol");
940 }
941
942 /*
943 * Split fc->source into "hostname:export_path".
944 *
945 * The leftmost colon demarks the split between the server's hostname
946 * and the export path. If the hostname starts with a left square
947 * bracket, then it may contain colons.
948 *
949 * Note: caller frees hostname and export path, even on error.
950 */
nfs_parse_source(struct fs_context * fc,size_t maxnamlen,size_t maxpathlen)951 static int nfs_parse_source(struct fs_context *fc,
952 size_t maxnamlen, size_t maxpathlen)
953 {
954 struct nfs_fs_context *ctx = nfs_fc2context(fc);
955 const char *dev_name = fc->source;
956 size_t len;
957 const char *end;
958
959 if (unlikely(!dev_name || !*dev_name))
960 return -EINVAL;
961
962 /* Is the host name protected with square brakcets? */
963 if (*dev_name == '[') {
964 end = strchr(++dev_name, ']');
965 if (end == NULL || end[1] != ':')
966 goto out_bad_devname;
967
968 len = end - dev_name;
969 end++;
970 } else {
971 const char *comma;
972
973 end = strchr(dev_name, ':');
974 if (end == NULL)
975 goto out_bad_devname;
976 len = end - dev_name;
977
978 /* kill possible hostname list: not supported */
979 comma = memchr(dev_name, ',', len);
980 if (comma)
981 len = comma - dev_name;
982 }
983
984 if (len > maxnamlen)
985 goto out_hostname;
986
987 kfree(ctx->nfs_server.hostname);
988
989 /* N.B. caller will free nfs_server.hostname in all cases */
990 ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL);
991 if (!ctx->nfs_server.hostname)
992 goto out_nomem;
993 len = strlen(++end);
994 if (len > maxpathlen)
995 goto out_path;
996 ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL);
997 if (!ctx->nfs_server.export_path)
998 goto out_nomem;
999
1000 trace_nfs_mount_path(ctx->nfs_server.export_path);
1001 return 0;
1002
1003 out_bad_devname:
1004 return nfs_invalf(fc, "NFS: device name not in host:path format");
1005 out_nomem:
1006 nfs_errorf(fc, "NFS: not enough memory to parse device name");
1007 return -ENOMEM;
1008 out_hostname:
1009 nfs_errorf(fc, "NFS: server hostname too long");
1010 return -ENAMETOOLONG;
1011 out_path:
1012 nfs_errorf(fc, "NFS: export pathname too long");
1013 return -ENAMETOOLONG;
1014 }
1015
is_remount_fc(struct fs_context * fc)1016 static inline bool is_remount_fc(struct fs_context *fc)
1017 {
1018 return fc->root != NULL;
1019 }
1020
1021 /*
1022 * Parse monolithic NFS2/NFS3 mount data
1023 * - fills in the mount root filehandle
1024 *
1025 * For option strings, user space handles the following behaviors:
1026 *
1027 * + DNS: mapping server host name to IP address ("addr=" option)
1028 *
1029 * + failure mode: how to behave if a mount request can't be handled
1030 * immediately ("fg/bg" option)
1031 *
1032 * + retry: how often to retry a mount request ("retry=" option)
1033 *
1034 * + breaking back: trying proto=udp after proto=tcp, v2 after v3,
1035 * mountproto=tcp after mountproto=udp, and so on
1036 */
nfs23_parse_monolithic(struct fs_context * fc,struct nfs_mount_data * data)1037 static int nfs23_parse_monolithic(struct fs_context *fc,
1038 struct nfs_mount_data *data)
1039 {
1040 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1041 struct nfs_fh *mntfh = ctx->mntfh;
1042 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1043 int extra_flags = NFS_MOUNT_LEGACY_INTERFACE;
1044 int ret;
1045
1046 if (data == NULL)
1047 goto out_no_data;
1048
1049 ctx->version = NFS_DEFAULT_VERSION;
1050 switch (data->version) {
1051 case 1:
1052 data->namlen = 0;
1053 fallthrough;
1054 case 2:
1055 data->bsize = 0;
1056 fallthrough;
1057 case 3:
1058 if (data->flags & NFS_MOUNT_VER3)
1059 goto out_no_v3;
1060 data->root.size = NFS2_FHSIZE;
1061 memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE);
1062 /* Turn off security negotiation */
1063 extra_flags |= NFS_MOUNT_SECFLAVOUR;
1064 fallthrough;
1065 case 4:
1066 if (data->flags & NFS_MOUNT_SECFLAVOUR)
1067 goto out_no_sec;
1068 fallthrough;
1069 case 5:
1070 memset(data->context, 0, sizeof(data->context));
1071 fallthrough;
1072 case 6:
1073 if (data->flags & NFS_MOUNT_VER3) {
1074 if (data->root.size > NFS3_FHSIZE || data->root.size == 0)
1075 goto out_invalid_fh;
1076 mntfh->size = data->root.size;
1077 ctx->version = 3;
1078 } else {
1079 mntfh->size = NFS2_FHSIZE;
1080 ctx->version = 2;
1081 }
1082
1083
1084 memcpy(mntfh->data, data->root.data, mntfh->size);
1085 if (mntfh->size < sizeof(mntfh->data))
1086 memset(mntfh->data + mntfh->size, 0,
1087 sizeof(mntfh->data) - mntfh->size);
1088
1089 /*
1090 * for proto == XPRT_TRANSPORT_UDP, which is what uses
1091 * to_exponential, implying shift: limit the shift value
1092 * to BITS_PER_LONG (majortimeo is unsigned long)
1093 */
1094 if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */
1095 if (data->retrans >= 64) /* shift value is too large */
1096 goto out_invalid_data;
1097
1098 /*
1099 * Translate to nfs_fs_context, which nfs_fill_super
1100 * can deal with.
1101 */
1102 ctx->flags = data->flags & NFS_MOUNT_FLAGMASK;
1103 ctx->flags |= extra_flags;
1104 ctx->rsize = data->rsize;
1105 ctx->wsize = data->wsize;
1106 ctx->timeo = data->timeo;
1107 ctx->retrans = data->retrans;
1108 ctx->acregmin = data->acregmin;
1109 ctx->acregmax = data->acregmax;
1110 ctx->acdirmin = data->acdirmin;
1111 ctx->acdirmax = data->acdirmax;
1112 ctx->need_mount = false;
1113
1114 memcpy(sap, &data->addr, sizeof(data->addr));
1115 ctx->nfs_server.addrlen = sizeof(data->addr);
1116 ctx->nfs_server.port = ntohs(data->addr.sin_port);
1117 if (sap->ss_family != AF_INET ||
1118 !nfs_verify_server_address(sap))
1119 goto out_no_address;
1120
1121 if (!(data->flags & NFS_MOUNT_TCP))
1122 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
1123 /* N.B. caller will free nfs_server.hostname in all cases */
1124 ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
1125 if (!ctx->nfs_server.hostname)
1126 goto out_nomem;
1127
1128 ctx->namlen = data->namlen;
1129 ctx->bsize = data->bsize;
1130
1131 if (data->flags & NFS_MOUNT_SECFLAVOUR)
1132 ctx->selected_flavor = data->pseudoflavor;
1133 else
1134 ctx->selected_flavor = RPC_AUTH_UNIX;
1135
1136 if (!(data->flags & NFS_MOUNT_NONLM))
1137 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK|
1138 NFS_MOUNT_LOCAL_FCNTL);
1139 else
1140 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK|
1141 NFS_MOUNT_LOCAL_FCNTL);
1142
1143 /*
1144 * The legacy version 6 binary mount data from userspace has a
1145 * field used only to transport selinux information into the
1146 * kernel. To continue to support that functionality we
1147 * have a touch of selinux knowledge here in the NFS code. The
1148 * userspace code converted context=blah to just blah so we are
1149 * converting back to the full string selinux understands.
1150 */
1151 if (data->context[0]){
1152 #ifdef CONFIG_SECURITY_SELINUX
1153 int ret;
1154
1155 data->context[NFS_MAX_CONTEXT_LEN] = '\0';
1156 ret = vfs_parse_fs_string(fc, "context",
1157 data->context, strlen(data->context));
1158 if (ret < 0)
1159 return ret;
1160 #else
1161 return -EINVAL;
1162 #endif
1163 }
1164
1165 break;
1166 default:
1167 goto generic;
1168 }
1169
1170 ret = nfs_validate_transport_protocol(fc, ctx);
1171 if (ret)
1172 return ret;
1173
1174 ctx->skip_reconfig_option_check = true;
1175 return 0;
1176
1177 generic:
1178 return generic_parse_monolithic(fc, data);
1179
1180 out_no_data:
1181 if (is_remount_fc(fc)) {
1182 ctx->skip_reconfig_option_check = true;
1183 return 0;
1184 }
1185 return nfs_invalf(fc, "NFS: mount program didn't pass any mount data");
1186
1187 out_no_v3:
1188 return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3");
1189
1190 out_no_sec:
1191 return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS");
1192
1193 out_nomem:
1194 return -ENOMEM;
1195
1196 out_no_address:
1197 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1198
1199 out_invalid_fh:
1200 return nfs_invalf(fc, "NFS: invalid root filehandle");
1201
1202 out_invalid_data:
1203 return nfs_invalf(fc, "NFS: invalid binary mount data");
1204 }
1205
1206 #if IS_ENABLED(CONFIG_NFS_V4)
1207 struct compat_nfs_string {
1208 compat_uint_t len;
1209 compat_uptr_t data;
1210 };
1211
compat_nfs_string(struct nfs_string * dst,struct compat_nfs_string * src)1212 static inline void compat_nfs_string(struct nfs_string *dst,
1213 struct compat_nfs_string *src)
1214 {
1215 dst->data = compat_ptr(src->data);
1216 dst->len = src->len;
1217 }
1218
1219 struct compat_nfs4_mount_data_v1 {
1220 compat_int_t version;
1221 compat_int_t flags;
1222 compat_int_t rsize;
1223 compat_int_t wsize;
1224 compat_int_t timeo;
1225 compat_int_t retrans;
1226 compat_int_t acregmin;
1227 compat_int_t acregmax;
1228 compat_int_t acdirmin;
1229 compat_int_t acdirmax;
1230 struct compat_nfs_string client_addr;
1231 struct compat_nfs_string mnt_path;
1232 struct compat_nfs_string hostname;
1233 compat_uint_t host_addrlen;
1234 compat_uptr_t host_addr;
1235 compat_int_t proto;
1236 compat_int_t auth_flavourlen;
1237 compat_uptr_t auth_flavours;
1238 };
1239
nfs4_compat_mount_data_conv(struct nfs4_mount_data * data)1240 static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data)
1241 {
1242 struct compat_nfs4_mount_data_v1 *compat =
1243 (struct compat_nfs4_mount_data_v1 *)data;
1244
1245 /* copy the fields backwards */
1246 data->auth_flavours = compat_ptr(compat->auth_flavours);
1247 data->auth_flavourlen = compat->auth_flavourlen;
1248 data->proto = compat->proto;
1249 data->host_addr = compat_ptr(compat->host_addr);
1250 data->host_addrlen = compat->host_addrlen;
1251 compat_nfs_string(&data->hostname, &compat->hostname);
1252 compat_nfs_string(&data->mnt_path, &compat->mnt_path);
1253 compat_nfs_string(&data->client_addr, &compat->client_addr);
1254 data->acdirmax = compat->acdirmax;
1255 data->acdirmin = compat->acdirmin;
1256 data->acregmax = compat->acregmax;
1257 data->acregmin = compat->acregmin;
1258 data->retrans = compat->retrans;
1259 data->timeo = compat->timeo;
1260 data->wsize = compat->wsize;
1261 data->rsize = compat->rsize;
1262 data->flags = compat->flags;
1263 data->version = compat->version;
1264 }
1265
1266 /*
1267 * Validate NFSv4 mount options
1268 */
nfs4_parse_monolithic(struct fs_context * fc,struct nfs4_mount_data * data)1269 static int nfs4_parse_monolithic(struct fs_context *fc,
1270 struct nfs4_mount_data *data)
1271 {
1272 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1273 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1274 int ret;
1275 char *c;
1276
1277 if (!data) {
1278 if (is_remount_fc(fc))
1279 goto done;
1280 return nfs_invalf(fc,
1281 "NFS4: mount program didn't pass any mount data");
1282 }
1283
1284 ctx->version = 4;
1285
1286 if (data->version != 1)
1287 return generic_parse_monolithic(fc, data);
1288
1289 if (in_compat_syscall())
1290 nfs4_compat_mount_data_conv(data);
1291
1292 if (data->host_addrlen > sizeof(ctx->nfs_server.address))
1293 goto out_no_address;
1294 if (data->host_addrlen == 0)
1295 goto out_no_address;
1296 ctx->nfs_server.addrlen = data->host_addrlen;
1297 if (copy_from_user(sap, data->host_addr, data->host_addrlen))
1298 return -EFAULT;
1299 if (!nfs_verify_server_address(sap))
1300 goto out_no_address;
1301 ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port);
1302
1303 if (data->auth_flavourlen) {
1304 rpc_authflavor_t pseudoflavor;
1305
1306 if (data->auth_flavourlen > 1)
1307 goto out_inval_auth;
1308 if (copy_from_user(&pseudoflavor, data->auth_flavours,
1309 sizeof(pseudoflavor)))
1310 return -EFAULT;
1311 ctx->selected_flavor = pseudoflavor;
1312 } else {
1313 ctx->selected_flavor = RPC_AUTH_UNIX;
1314 }
1315
1316 c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN);
1317 if (IS_ERR(c))
1318 return PTR_ERR(c);
1319 ctx->nfs_server.hostname = c;
1320
1321 c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN);
1322 if (IS_ERR(c))
1323 return PTR_ERR(c);
1324 ctx->nfs_server.export_path = c;
1325 trace_nfs_mount_path(c);
1326
1327 c = strndup_user(data->client_addr.data, 16);
1328 if (IS_ERR(c))
1329 return PTR_ERR(c);
1330 ctx->client_address = c;
1331
1332 /*
1333 * Translate to nfs_fs_context, which nfs_fill_super
1334 * can deal with.
1335 */
1336
1337 ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK;
1338 ctx->rsize = data->rsize;
1339 ctx->wsize = data->wsize;
1340 ctx->timeo = data->timeo;
1341 ctx->retrans = data->retrans;
1342 ctx->acregmin = data->acregmin;
1343 ctx->acregmax = data->acregmax;
1344 ctx->acdirmin = data->acdirmin;
1345 ctx->acdirmax = data->acdirmax;
1346 ctx->nfs_server.protocol = data->proto;
1347 ret = nfs_validate_transport_protocol(fc, ctx);
1348 if (ret)
1349 return ret;
1350 done:
1351 ctx->skip_reconfig_option_check = true;
1352 return 0;
1353
1354 out_inval_auth:
1355 return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d",
1356 data->auth_flavourlen);
1357
1358 out_no_address:
1359 return nfs_invalf(fc, "NFS4: mount program didn't pass remote address");
1360 }
1361 #endif
1362
1363 /*
1364 * Parse a monolithic block of data from sys_mount().
1365 */
nfs_fs_context_parse_monolithic(struct fs_context * fc,void * data)1366 static int nfs_fs_context_parse_monolithic(struct fs_context *fc,
1367 void *data)
1368 {
1369 if (fc->fs_type == &nfs_fs_type)
1370 return nfs23_parse_monolithic(fc, data);
1371
1372 #if IS_ENABLED(CONFIG_NFS_V4)
1373 if (fc->fs_type == &nfs4_fs_type)
1374 return nfs4_parse_monolithic(fc, data);
1375 #endif
1376
1377 return nfs_invalf(fc, "NFS: Unsupported monolithic data version");
1378 }
1379
1380 /*
1381 * Validate the preparsed information in the config.
1382 */
nfs_fs_context_validate(struct fs_context * fc)1383 static int nfs_fs_context_validate(struct fs_context *fc)
1384 {
1385 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1386 struct nfs_subversion *nfs_mod;
1387 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1388 int max_namelen = PAGE_SIZE;
1389 int max_pathlen = NFS_MAXPATHLEN;
1390 int port = 0;
1391 int ret;
1392
1393 if (!fc->source)
1394 goto out_no_device_name;
1395
1396 /* Check for sanity first. */
1397 if (ctx->minorversion && ctx->version != 4)
1398 goto out_minorversion_mismatch;
1399
1400 if (ctx->options & NFS_OPTION_MIGRATION &&
1401 (ctx->version != 4 || ctx->minorversion != 0))
1402 goto out_migration_misuse;
1403
1404 /* Verify that any proto=/mountproto= options match the address
1405 * families in the addr=/mountaddr= options.
1406 */
1407 if (ctx->protofamily != AF_UNSPEC &&
1408 ctx->protofamily != ctx->nfs_server.address.sa_family)
1409 goto out_proto_mismatch;
1410
1411 if (ctx->mountfamily != AF_UNSPEC) {
1412 if (ctx->mount_server.addrlen) {
1413 if (ctx->mountfamily != ctx->mount_server.address.sa_family)
1414 goto out_mountproto_mismatch;
1415 } else {
1416 if (ctx->mountfamily != ctx->nfs_server.address.sa_family)
1417 goto out_mountproto_mismatch;
1418 }
1419 }
1420
1421 if (!nfs_verify_server_address(sap))
1422 goto out_no_address;
1423
1424 ret = nfs_validate_transport_protocol(fc, ctx);
1425 if (ret)
1426 return ret;
1427
1428 if (ctx->version == 4) {
1429 if (IS_ENABLED(CONFIG_NFS_V4)) {
1430 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1431 port = NFS_RDMA_PORT;
1432 else
1433 port = NFS_PORT;
1434 max_namelen = NFS4_MAXNAMLEN;
1435 max_pathlen = NFS4_MAXPATHLEN;
1436 ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL |
1437 NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK |
1438 NFS_MOUNT_LOCAL_FCNTL);
1439 } else {
1440 goto out_v4_not_compiled;
1441 }
1442 } else {
1443 nfs_set_mount_transport_protocol(ctx);
1444 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1445 port = NFS_RDMA_PORT;
1446 }
1447
1448 nfs_set_port(sap, &ctx->nfs_server.port, port);
1449
1450 ret = nfs_parse_source(fc, max_namelen, max_pathlen);
1451 if (ret < 0)
1452 return ret;
1453
1454 /* Load the NFS protocol module if we haven't done so yet */
1455 if (!ctx->nfs_mod) {
1456 nfs_mod = get_nfs_version(ctx->version);
1457 if (IS_ERR(nfs_mod)) {
1458 ret = PTR_ERR(nfs_mod);
1459 goto out_version_unavailable;
1460 }
1461 ctx->nfs_mod = nfs_mod;
1462 }
1463
1464 /* Ensure the filesystem context has the correct fs_type */
1465 if (fc->fs_type != ctx->nfs_mod->nfs_fs) {
1466 module_put(fc->fs_type->owner);
1467 __module_get(ctx->nfs_mod->nfs_fs->owner);
1468 fc->fs_type = ctx->nfs_mod->nfs_fs;
1469 }
1470 return 0;
1471
1472 out_no_device_name:
1473 return nfs_invalf(fc, "NFS: Device name not specified");
1474 out_v4_not_compiled:
1475 nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel");
1476 return -EPROTONOSUPPORT;
1477 out_no_address:
1478 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1479 out_mountproto_mismatch:
1480 return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option");
1481 out_proto_mismatch:
1482 return nfs_invalf(fc, "NFS: Server address does not match proto= option");
1483 out_minorversion_mismatch:
1484 return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u",
1485 ctx->version, ctx->minorversion);
1486 out_migration_misuse:
1487 return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version");
1488 out_version_unavailable:
1489 nfs_errorf(fc, "NFS: Version unavailable");
1490 return ret;
1491 }
1492
1493 /*
1494 * Create an NFS superblock by the appropriate method.
1495 */
nfs_get_tree(struct fs_context * fc)1496 static int nfs_get_tree(struct fs_context *fc)
1497 {
1498 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1499 int err = nfs_fs_context_validate(fc);
1500
1501 if (err)
1502 return err;
1503 if (!ctx->internal)
1504 return ctx->nfs_mod->rpc_ops->try_get_tree(fc);
1505 else
1506 return nfs_get_tree_common(fc);
1507 }
1508
1509 /*
1510 * Handle duplication of a configuration. The caller copied *src into *sc, but
1511 * it can't deal with resource pointers in the filesystem context, so we have
1512 * to do that. We need to clear pointers, copy data or get extra refs as
1513 * appropriate.
1514 */
nfs_fs_context_dup(struct fs_context * fc,struct fs_context * src_fc)1515 static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc)
1516 {
1517 struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx;
1518
1519 ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL);
1520 if (!ctx)
1521 return -ENOMEM;
1522
1523 ctx->mntfh = nfs_alloc_fhandle();
1524 if (!ctx->mntfh) {
1525 kfree(ctx);
1526 return -ENOMEM;
1527 }
1528 nfs_copy_fh(ctx->mntfh, src->mntfh);
1529
1530 __module_get(ctx->nfs_mod->owner);
1531 ctx->client_address = NULL;
1532 ctx->mount_server.hostname = NULL;
1533 ctx->nfs_server.export_path = NULL;
1534 ctx->nfs_server.hostname = NULL;
1535 ctx->fscache_uniq = NULL;
1536 ctx->clone_data.fattr = NULL;
1537 fc->fs_private = ctx;
1538 return 0;
1539 }
1540
nfs_fs_context_free(struct fs_context * fc)1541 static void nfs_fs_context_free(struct fs_context *fc)
1542 {
1543 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1544
1545 if (ctx) {
1546 if (ctx->server)
1547 nfs_free_server(ctx->server);
1548 if (ctx->nfs_mod)
1549 put_nfs_version(ctx->nfs_mod);
1550 kfree(ctx->client_address);
1551 kfree(ctx->mount_server.hostname);
1552 kfree(ctx->nfs_server.export_path);
1553 kfree(ctx->nfs_server.hostname);
1554 kfree(ctx->fscache_uniq);
1555 nfs_free_fhandle(ctx->mntfh);
1556 nfs_free_fattr(ctx->clone_data.fattr);
1557 kfree(ctx);
1558 }
1559 }
1560
1561 static const struct fs_context_operations nfs_fs_context_ops = {
1562 .free = nfs_fs_context_free,
1563 .dup = nfs_fs_context_dup,
1564 .parse_param = nfs_fs_context_parse_param,
1565 .parse_monolithic = nfs_fs_context_parse_monolithic,
1566 .get_tree = nfs_get_tree,
1567 .reconfigure = nfs_reconfigure,
1568 };
1569
1570 /*
1571 * Prepare superblock configuration. We use the namespaces attached to the
1572 * context. This may be the current process's namespaces, or it may be a
1573 * container's namespaces.
1574 */
nfs_init_fs_context(struct fs_context * fc)1575 static int nfs_init_fs_context(struct fs_context *fc)
1576 {
1577 struct nfs_fs_context *ctx;
1578
1579 ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL);
1580 if (unlikely(!ctx))
1581 return -ENOMEM;
1582
1583 ctx->mntfh = nfs_alloc_fhandle();
1584 if (unlikely(!ctx->mntfh)) {
1585 kfree(ctx);
1586 return -ENOMEM;
1587 }
1588
1589 ctx->protofamily = AF_UNSPEC;
1590 ctx->mountfamily = AF_UNSPEC;
1591 ctx->mount_server.port = NFS_UNSPEC_PORT;
1592
1593 if (fc->root) {
1594 /* reconfigure, start with the current config */
1595 struct nfs_server *nfss = fc->root->d_sb->s_fs_info;
1596 struct net *net = nfss->nfs_client->cl_net;
1597
1598 ctx->flags = nfss->flags;
1599 ctx->rsize = nfss->rsize;
1600 ctx->wsize = nfss->wsize;
1601 ctx->retrans = nfss->client->cl_timeout->to_retries;
1602 ctx->selected_flavor = nfss->client->cl_auth->au_flavor;
1603 ctx->acregmin = nfss->acregmin / HZ;
1604 ctx->acregmax = nfss->acregmax / HZ;
1605 ctx->acdirmin = nfss->acdirmin / HZ;
1606 ctx->acdirmax = nfss->acdirmax / HZ;
1607 ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ;
1608 ctx->nfs_server.port = nfss->port;
1609 ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen;
1610 ctx->version = nfss->nfs_client->rpc_ops->version;
1611 ctx->minorversion = nfss->nfs_client->cl_minorversion;
1612
1613 memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr,
1614 ctx->nfs_server.addrlen);
1615
1616 if (fc->net_ns != net) {
1617 put_net(fc->net_ns);
1618 fc->net_ns = get_net(net);
1619 }
1620
1621 ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod;
1622 __module_get(ctx->nfs_mod->owner);
1623 } else {
1624 /* defaults */
1625 ctx->timeo = NFS_UNSPEC_TIMEO;
1626 ctx->retrans = NFS_UNSPEC_RETRANS;
1627 ctx->acregmin = NFS_DEF_ACREGMIN;
1628 ctx->acregmax = NFS_DEF_ACREGMAX;
1629 ctx->acdirmin = NFS_DEF_ACDIRMIN;
1630 ctx->acdirmax = NFS_DEF_ACDIRMAX;
1631 ctx->nfs_server.port = NFS_UNSPEC_PORT;
1632 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
1633 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR;
1634 ctx->minorversion = 0;
1635 ctx->need_mount = true;
1636 ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
1637 ctx->xprtsec.cert_serial = TLS_NO_CERT;
1638 ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY;
1639
1640 fc->s_iflags |= SB_I_STABLE_WRITES;
1641 }
1642 fc->fs_private = ctx;
1643 fc->ops = &nfs_fs_context_ops;
1644 return 0;
1645 }
1646
1647 struct file_system_type nfs_fs_type = {
1648 .owner = THIS_MODULE,
1649 .name = "nfs",
1650 .init_fs_context = nfs_init_fs_context,
1651 .parameters = nfs_fs_parameters,
1652 .kill_sb = nfs_kill_super,
1653 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1654 };
1655 MODULE_ALIAS_FS("nfs");
1656 EXPORT_SYMBOL_GPL(nfs_fs_type);
1657
1658 #if IS_ENABLED(CONFIG_NFS_V4)
1659 struct file_system_type nfs4_fs_type = {
1660 .owner = THIS_MODULE,
1661 .name = "nfs4",
1662 .init_fs_context = nfs_init_fs_context,
1663 .parameters = nfs_fs_parameters,
1664 .kill_sb = nfs_kill_super,
1665 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1666 };
1667 MODULE_ALIAS_FS("nfs4");
1668 MODULE_ALIAS("nfs4");
1669 EXPORT_SYMBOL_GPL(nfs4_fs_type);
1670 #endif /* CONFIG_NFS_V4 */
1671