1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 static DEFINE_MUTEX(cifs_mount_mutex);
41
42 static const match_table_t cifs_smb_version_tokens = {
43 { Smb_1, SMB1_VERSION_STRING },
44 { Smb_20, SMB20_VERSION_STRING},
45 { Smb_21, SMB21_VERSION_STRING },
46 { Smb_30, SMB30_VERSION_STRING },
47 { Smb_302, SMB302_VERSION_STRING },
48 { Smb_302, ALT_SMB302_VERSION_STRING },
49 { Smb_311, SMB311_VERSION_STRING },
50 { Smb_311, ALT_SMB311_VERSION_STRING },
51 { Smb_3any, SMB3ANY_VERSION_STRING },
52 { Smb_default, SMBDEFAULT_VERSION_STRING },
53 { Smb_version_err, NULL }
54 };
55
56 static const match_table_t cifs_secflavor_tokens = {
57 { Opt_sec_krb5, "krb5" },
58 { Opt_sec_krb5i, "krb5i" },
59 { Opt_sec_krb5p, "krb5p" },
60 { Opt_sec_ntlmsspi, "ntlmsspi" },
61 { Opt_sec_ntlmssp, "ntlmssp" },
62 { Opt_sec_ntlmv2, "nontlm" },
63 { Opt_sec_ntlmv2, "ntlmv2" },
64 { Opt_sec_ntlmv2i, "ntlmv2i" },
65 { Opt_sec_none, "none" },
66
67 { Opt_sec_err, NULL }
68 };
69
70 const struct fs_parameter_spec smb3_fs_parameters[] = {
71 /* Mount options that take no arguments */
72 fsparam_flag_no("user_xattr", Opt_user_xattr),
73 fsparam_flag_no("forceuid", Opt_forceuid),
74 fsparam_flag_no("multichannel", Opt_multichannel),
75 fsparam_flag_no("forcegid", Opt_forcegid),
76 fsparam_flag("noblocksend", Opt_noblocksend),
77 fsparam_flag("noautotune", Opt_noautotune),
78 fsparam_flag("nolease", Opt_nolease),
79 fsparam_flag_no("hard", Opt_hard),
80 fsparam_flag_no("soft", Opt_soft),
81 fsparam_flag_no("perm", Opt_perm),
82 fsparam_flag("nodelete", Opt_nodelete),
83 fsparam_flag_no("mapposix", Opt_mapposix),
84 fsparam_flag("mapchars", Opt_mapchars),
85 fsparam_flag("nomapchars", Opt_nomapchars),
86 fsparam_flag_no("sfu", Opt_sfu),
87 fsparam_flag("nodfs", Opt_nodfs),
88 fsparam_flag_no("posixpaths", Opt_posixpaths),
89 fsparam_flag_no("unix", Opt_unix),
90 fsparam_flag_no("linux", Opt_unix),
91 fsparam_flag_no("posix", Opt_unix),
92 fsparam_flag("nocase", Opt_nocase),
93 fsparam_flag("ignorecase", Opt_nocase),
94 fsparam_flag_no("brl", Opt_brl),
95 fsparam_flag_no("handlecache", Opt_handlecache),
96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
97 fsparam_flag("forcemand", Opt_forcemandatorylock),
98 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
99 fsparam_flag("idsfromsid", Opt_setuidfromacl),
100 fsparam_flag_no("setuids", Opt_setuids),
101 fsparam_flag_no("dynperm", Opt_dynperm),
102 fsparam_flag_no("intr", Opt_intr),
103 fsparam_flag_no("strictsync", Opt_strictsync),
104 fsparam_flag_no("serverino", Opt_serverino),
105 fsparam_flag("rwpidforward", Opt_rwpidforward),
106 fsparam_flag("cifsacl", Opt_cifsacl),
107 fsparam_flag_no("acl", Opt_acl),
108 fsparam_flag("locallease", Opt_locallease),
109 fsparam_flag("sign", Opt_sign),
110 fsparam_flag("ignore_signature", Opt_ignore_signature),
111 fsparam_flag("signloosely", Opt_ignore_signature),
112 fsparam_flag("seal", Opt_seal),
113 fsparam_flag("noac", Opt_noac),
114 fsparam_flag("fsc", Opt_fsc),
115 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
116 fsparam_flag("multiuser", Opt_multiuser),
117 fsparam_flag("sloppy", Opt_sloppy),
118 fsparam_flag("nosharesock", Opt_nosharesock),
119 fsparam_flag_no("persistenthandles", Opt_persistent),
120 fsparam_flag_no("resilienthandles", Opt_resilient),
121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
122 fsparam_flag("nosparse", Opt_nosparse),
123 fsparam_flag("domainauto", Opt_domainauto),
124 fsparam_flag("rdma", Opt_rdma),
125 fsparam_flag("modesid", Opt_modesid),
126 fsparam_flag("modefromsid", Opt_modesid),
127 fsparam_flag("rootfs", Opt_rootfs),
128 fsparam_flag("compress", Opt_compress),
129 fsparam_flag("witness", Opt_witness),
130
131 /* Mount options which take numeric value */
132 fsparam_u32("backupuid", Opt_backupuid),
133 fsparam_u32("backupgid", Opt_backupgid),
134 fsparam_u32("uid", Opt_uid),
135 fsparam_u32("cruid", Opt_cruid),
136 fsparam_u32("gid", Opt_gid),
137 fsparam_u32("file_mode", Opt_file_mode),
138 fsparam_u32("dirmode", Opt_dirmode),
139 fsparam_u32("dir_mode", Opt_dirmode),
140 fsparam_u32("port", Opt_port),
141 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
142 fsparam_u32("esize", Opt_min_enc_offload),
143 fsparam_u32("bsize", Opt_blocksize),
144 fsparam_u32("rasize", Opt_rasize),
145 fsparam_u32("rsize", Opt_rsize),
146 fsparam_u32("wsize", Opt_wsize),
147 fsparam_u32("actimeo", Opt_actimeo),
148 fsparam_u32("acdirmax", Opt_acdirmax),
149 fsparam_u32("acregmax", Opt_acregmax),
150 fsparam_u32("echo_interval", Opt_echo_interval),
151 fsparam_u32("max_credits", Opt_max_credits),
152 fsparam_u32("handletimeout", Opt_handletimeout),
153 fsparam_u64("snapshot", Opt_snapshot),
154 fsparam_u32("max_channels", Opt_max_channels),
155
156 /* Mount options which take string value */
157 fsparam_string("source", Opt_source),
158 fsparam_string("user", Opt_user),
159 fsparam_string("username", Opt_user),
160 fsparam_string("pass", Opt_pass),
161 fsparam_string("password", Opt_pass),
162 fsparam_string("ip", Opt_ip),
163 fsparam_string("addr", Opt_ip),
164 fsparam_string("domain", Opt_domain),
165 fsparam_string("dom", Opt_domain),
166 fsparam_string("srcaddr", Opt_srcaddr),
167 fsparam_string("iocharset", Opt_iocharset),
168 fsparam_string("netbiosname", Opt_netbiosname),
169 fsparam_string("servern", Opt_servern),
170 fsparam_string("ver", Opt_ver),
171 fsparam_string("vers", Opt_vers),
172 fsparam_string("sec", Opt_sec),
173 fsparam_string("cache", Opt_cache),
174
175 /* Arguments that should be ignored */
176 fsparam_flag("guest", Opt_ignore),
177 fsparam_flag("noatime", Opt_ignore),
178 fsparam_flag("relatime", Opt_ignore),
179 fsparam_flag("_netdev", Opt_ignore),
180 fsparam_flag_no("suid", Opt_ignore),
181 fsparam_flag_no("exec", Opt_ignore),
182 fsparam_flag_no("dev", Opt_ignore),
183 fsparam_flag_no("mand", Opt_ignore),
184 fsparam_flag_no("auto", Opt_ignore),
185 fsparam_string("cred", Opt_ignore),
186 fsparam_string("credentials", Opt_ignore),
187 /*
188 * UNC and prefixpath is now extracted from Opt_source
189 * in the new mount API so we can just ignore them going forward.
190 */
191 fsparam_string("unc", Opt_ignore),
192 fsparam_string("prefixpath", Opt_ignore),
193 {}
194 };
195
196 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)197 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
198 {
199
200 substring_t args[MAX_OPT_ARGS];
201
202 /*
203 * With mount options, the last one should win. Reset any existing
204 * settings back to default.
205 */
206 ctx->sectype = Unspecified;
207 ctx->sign = false;
208
209 switch (match_token(value, cifs_secflavor_tokens, args)) {
210 case Opt_sec_krb5p:
211 cifs_errorf(fc, "sec=krb5p is not supported!\n");
212 return 1;
213 case Opt_sec_krb5i:
214 ctx->sign = true;
215 fallthrough;
216 case Opt_sec_krb5:
217 ctx->sectype = Kerberos;
218 break;
219 case Opt_sec_ntlmsspi:
220 ctx->sign = true;
221 fallthrough;
222 case Opt_sec_ntlmssp:
223 ctx->sectype = RawNTLMSSP;
224 break;
225 case Opt_sec_ntlmv2i:
226 ctx->sign = true;
227 fallthrough;
228 case Opt_sec_ntlmv2:
229 ctx->sectype = NTLMv2;
230 break;
231 case Opt_sec_none:
232 ctx->nullauth = 1;
233 break;
234 default:
235 cifs_errorf(fc, "bad security option: %s\n", value);
236 return 1;
237 }
238
239 return 0;
240 }
241
242 static const match_table_t cifs_cacheflavor_tokens = {
243 { Opt_cache_loose, "loose" },
244 { Opt_cache_strict, "strict" },
245 { Opt_cache_none, "none" },
246 { Opt_cache_ro, "ro" },
247 { Opt_cache_rw, "singleclient" },
248 { Opt_cache_err, NULL }
249 };
250
251 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)252 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
253 {
254 substring_t args[MAX_OPT_ARGS];
255
256 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
257 case Opt_cache_loose:
258 ctx->direct_io = false;
259 ctx->strict_io = false;
260 ctx->cache_ro = false;
261 ctx->cache_rw = false;
262 break;
263 case Opt_cache_strict:
264 ctx->direct_io = false;
265 ctx->strict_io = true;
266 ctx->cache_ro = false;
267 ctx->cache_rw = false;
268 break;
269 case Opt_cache_none:
270 ctx->direct_io = true;
271 ctx->strict_io = false;
272 ctx->cache_ro = false;
273 ctx->cache_rw = false;
274 break;
275 case Opt_cache_ro:
276 ctx->direct_io = false;
277 ctx->strict_io = false;
278 ctx->cache_ro = true;
279 ctx->cache_rw = false;
280 break;
281 case Opt_cache_rw:
282 ctx->direct_io = false;
283 ctx->strict_io = false;
284 ctx->cache_ro = false;
285 ctx->cache_rw = true;
286 break;
287 default:
288 cifs_errorf(fc, "bad cache= option: %s\n", value);
289 return 1;
290 }
291 return 0;
292 }
293
294 #define DUP_CTX_STR(field) \
295 do { \
296 if (ctx->field) { \
297 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
298 if (new_ctx->field == NULL) { \
299 smb3_cleanup_fs_context_contents(new_ctx); \
300 return -ENOMEM; \
301 } \
302 } \
303 } while (0)
304
305 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)306 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
307 {
308 memcpy(new_ctx, ctx, sizeof(*ctx));
309 new_ctx->prepath = NULL;
310 new_ctx->mount_options = NULL;
311 new_ctx->nodename = NULL;
312 new_ctx->username = NULL;
313 new_ctx->password = NULL;
314 new_ctx->server_hostname = NULL;
315 new_ctx->domainname = NULL;
316 new_ctx->UNC = NULL;
317 new_ctx->source = NULL;
318 new_ctx->iocharset = NULL;
319 /*
320 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
321 */
322 DUP_CTX_STR(prepath);
323 DUP_CTX_STR(mount_options);
324 DUP_CTX_STR(username);
325 DUP_CTX_STR(password);
326 DUP_CTX_STR(server_hostname);
327 DUP_CTX_STR(UNC);
328 DUP_CTX_STR(source);
329 DUP_CTX_STR(domainname);
330 DUP_CTX_STR(nodename);
331 DUP_CTX_STR(iocharset);
332
333 return 0;
334 }
335
336 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)337 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
338 {
339 substring_t args[MAX_OPT_ARGS];
340
341 switch (match_token(value, cifs_smb_version_tokens, args)) {
342 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
343 case Smb_1:
344 if (disable_legacy_dialects) {
345 cifs_errorf(fc, "mount with legacy dialect disabled\n");
346 return 1;
347 }
348 if (is_smb3) {
349 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
350 return 1;
351 }
352 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
353 ctx->ops = &smb1_operations;
354 ctx->vals = &smb1_values;
355 break;
356 case Smb_20:
357 if (disable_legacy_dialects) {
358 cifs_errorf(fc, "mount with legacy dialect disabled\n");
359 return 1;
360 }
361 if (is_smb3) {
362 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
363 return 1;
364 }
365 ctx->ops = &smb20_operations;
366 ctx->vals = &smb20_values;
367 break;
368 #else
369 case Smb_1:
370 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
371 return 1;
372 case Smb_20:
373 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
374 return 1;
375 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
376 case Smb_21:
377 ctx->ops = &smb21_operations;
378 ctx->vals = &smb21_values;
379 break;
380 case Smb_30:
381 ctx->ops = &smb30_operations;
382 ctx->vals = &smb30_values;
383 break;
384 case Smb_302:
385 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
386 ctx->vals = &smb302_values;
387 break;
388 case Smb_311:
389 ctx->ops = &smb311_operations;
390 ctx->vals = &smb311_values;
391 break;
392 case Smb_3any:
393 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
394 ctx->vals = &smb3any_values;
395 break;
396 case Smb_default:
397 ctx->ops = &smb30_operations;
398 ctx->vals = &smbdefault_values;
399 break;
400 default:
401 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
402 return 1;
403 }
404 return 0;
405 }
406
smb3_parse_opt(const char * options,const char * key,char ** val)407 int smb3_parse_opt(const char *options, const char *key, char **val)
408 {
409 int rc = -ENOENT;
410 char *opts, *orig, *p;
411
412 orig = opts = kstrdup(options, GFP_KERNEL);
413 if (!opts)
414 return -ENOMEM;
415
416 while ((p = strsep(&opts, ","))) {
417 char *nval;
418
419 if (!*p)
420 continue;
421 if (strncasecmp(p, key, strlen(key)))
422 continue;
423 nval = strchr(p, '=');
424 if (nval) {
425 if (nval == p)
426 continue;
427 *nval++ = 0;
428 *val = kstrdup(nval, GFP_KERNEL);
429 rc = !*val ? -ENOMEM : 0;
430 goto out;
431 }
432 }
433 out:
434 kfree(orig);
435 return rc;
436 }
437
438 /*
439 * Remove duplicate path delimiters. Windows is supposed to do that
440 * but there are some bugs that prevent rename from working if there are
441 * multiple delimiters.
442 *
443 * Returns a sanitized duplicate of @path. The caller is responsible for
444 * cleaning up the original.
445 */
446 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
sanitize_path(char * path)447 static char *sanitize_path(char *path)
448 {
449 char *cursor1 = path, *cursor2 = path;
450
451 /* skip all prepended delimiters */
452 while (IS_DELIM(*cursor1))
453 cursor1++;
454
455 /* copy the first letter */
456 *cursor2 = *cursor1;
457
458 /* copy the remainder... */
459 while (*(cursor1++)) {
460 /* ... skipping all duplicated delimiters */
461 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
462 continue;
463 *(++cursor2) = *cursor1;
464 }
465
466 /* if the last character is a delimiter, skip it */
467 if (IS_DELIM(*(cursor2 - 1)))
468 cursor2--;
469
470 *(cursor2) = '\0';
471 return kstrdup(path, GFP_KERNEL);
472 }
473
474 /*
475 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
476 * fields with the result. Returns 0 on success and an error otherwise
477 * (e.g. ENOMEM or EINVAL)
478 */
479 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)480 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
481 {
482 char *pos;
483 const char *delims = "/\\";
484 size_t len;
485
486 if (unlikely(!devname || !*devname)) {
487 cifs_dbg(VFS, "Device name not specified\n");
488 return -EINVAL;
489 }
490
491 /* make sure we have a valid UNC double delimiter prefix */
492 len = strspn(devname, delims);
493 if (len != 2)
494 return -EINVAL;
495
496 /* find delimiter between host and sharename */
497 pos = strpbrk(devname + 2, delims);
498 if (!pos)
499 return -EINVAL;
500
501 /* record the server hostname */
502 kfree(ctx->server_hostname);
503 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
504 if (!ctx->server_hostname)
505 return -ENOMEM;
506
507 /* skip past delimiter */
508 ++pos;
509
510 /* now go until next delimiter or end of string */
511 len = strcspn(pos, delims);
512
513 /* move "pos" up to delimiter or NULL */
514 pos += len;
515 kfree(ctx->UNC);
516 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
517 if (!ctx->UNC)
518 return -ENOMEM;
519
520 convert_delimiter(ctx->UNC, '\\');
521
522 /* skip any delimiter */
523 if (*pos == '/' || *pos == '\\')
524 pos++;
525
526 kfree(ctx->prepath);
527 ctx->prepath = NULL;
528
529 /* If pos is NULL then no prepath */
530 if (!*pos)
531 return 0;
532
533 ctx->prepath = sanitize_path(pos);
534 if (!ctx->prepath)
535 return -ENOMEM;
536
537 return 0;
538 }
539
540 static void smb3_fs_context_free(struct fs_context *fc);
541 static int smb3_fs_context_parse_param(struct fs_context *fc,
542 struct fs_parameter *param);
543 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
544 void *data);
545 static int smb3_get_tree(struct fs_context *fc);
546 static int smb3_reconfigure(struct fs_context *fc);
547
548 static const struct fs_context_operations smb3_fs_context_ops = {
549 .free = smb3_fs_context_free,
550 .parse_param = smb3_fs_context_parse_param,
551 .parse_monolithic = smb3_fs_context_parse_monolithic,
552 .get_tree = smb3_get_tree,
553 .reconfigure = smb3_reconfigure,
554 };
555
556 /*
557 * Parse a monolithic block of data from sys_mount().
558 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
559 * @ctx: The superblock configuration to fill in.
560 * @data: The data to parse
561 *
562 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
563 * called from the ->monolithic_mount_data() fs_context operation.
564 *
565 * Returns 0 on success or the error returned by the ->parse_option() fs_context
566 * operation on failure.
567 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)568 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
569 void *data)
570 {
571 struct smb3_fs_context *ctx = smb3_fc2context(fc);
572 char *options = data, *key;
573 int ret = 0;
574
575 if (!options)
576 return 0;
577
578 ctx->mount_options = kstrdup(data, GFP_KERNEL);
579 if (ctx->mount_options == NULL)
580 return -ENOMEM;
581
582 ret = security_sb_eat_lsm_opts(options, &fc->security);
583 if (ret)
584 return ret;
585
586 /* BB Need to add support for sep= here TBD */
587 while ((key = strsep(&options, ",")) != NULL) {
588 size_t len;
589 char *value;
590
591 if (*key == 0)
592 break;
593
594 /* Check if following character is the deliminator If yes,
595 * we have encountered a double deliminator reset the NULL
596 * character to the deliminator
597 */
598 while (options && options[0] == ',') {
599 len = strlen(key);
600 strcpy(key + len, options);
601 options = strchr(options, ',');
602 if (options)
603 *options++ = 0;
604 }
605
606
607 len = 0;
608 value = strchr(key, '=');
609 if (value) {
610 if (value == key)
611 continue;
612 *value++ = 0;
613 len = strlen(value);
614 }
615
616 ret = vfs_parse_fs_string(fc, key, value, len);
617 if (ret < 0)
618 break;
619 }
620
621 return ret;
622 }
623
624 /*
625 * Validate the preparsed information in the config.
626 */
smb3_fs_context_validate(struct fs_context * fc)627 static int smb3_fs_context_validate(struct fs_context *fc)
628 {
629 struct smb3_fs_context *ctx = smb3_fc2context(fc);
630
631 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
632 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
633 return -EOPNOTSUPP;
634 }
635
636 #ifndef CONFIG_KEYS
637 /* Muliuser mounts require CONFIG_KEYS support */
638 if (ctx->multiuser) {
639 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
640 return -1;
641 }
642 #endif
643
644 if (ctx->got_version == false)
645 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
646
647
648 if (!ctx->UNC) {
649 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
650 return -1;
651 }
652
653 /* make sure UNC has a share name */
654 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
655 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
656 return -ENOENT;
657 }
658
659 if (!ctx->got_ip) {
660 int len;
661 const char *slash;
662
663 /* No ip= option specified? Try to get it from UNC */
664 /* Use the address part of the UNC. */
665 slash = strchr(&ctx->UNC[2], '\\');
666 len = slash - &ctx->UNC[2];
667 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
668 &ctx->UNC[2], len)) {
669 pr_err("Unable to determine destination address\n");
670 return -EHOSTUNREACH;
671 }
672 }
673
674 /* set the port that we got earlier */
675 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
676
677 if (ctx->override_uid && !ctx->uid_specified) {
678 ctx->override_uid = 0;
679 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
680 }
681
682 if (ctx->override_gid && !ctx->gid_specified) {
683 ctx->override_gid = 0;
684 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
685 }
686
687 return 0;
688 }
689
smb3_get_tree_common(struct fs_context * fc)690 static int smb3_get_tree_common(struct fs_context *fc)
691 {
692 struct smb3_fs_context *ctx = smb3_fc2context(fc);
693 struct dentry *root;
694 int rc = 0;
695
696 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
697 if (IS_ERR(root))
698 return PTR_ERR(root);
699
700 fc->root = root;
701
702 return rc;
703 }
704
705 /*
706 * Create an SMB3 superblock from the parameters passed.
707 */
smb3_get_tree(struct fs_context * fc)708 static int smb3_get_tree(struct fs_context *fc)
709 {
710 int err = smb3_fs_context_validate(fc);
711 int ret;
712
713 if (err)
714 return err;
715 mutex_lock(&cifs_mount_mutex);
716 ret = smb3_get_tree_common(fc);
717 mutex_unlock(&cifs_mount_mutex);
718 return ret;
719 }
720
smb3_fs_context_free(struct fs_context * fc)721 static void smb3_fs_context_free(struct fs_context *fc)
722 {
723 struct smb3_fs_context *ctx = smb3_fc2context(fc);
724
725 smb3_cleanup_fs_context(ctx);
726 }
727
728 /*
729 * Compare the old and new proposed context during reconfigure
730 * and check if the changes are compatible.
731 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx)732 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
733 struct smb3_fs_context *new_ctx,
734 struct smb3_fs_context *old_ctx)
735 {
736 if (new_ctx->posix_paths != old_ctx->posix_paths) {
737 cifs_errorf(fc, "can not change posixpaths during remount\n");
738 return -EINVAL;
739 }
740 if (new_ctx->sectype != old_ctx->sectype) {
741 cifs_errorf(fc, "can not change sec during remount\n");
742 return -EINVAL;
743 }
744 if (new_ctx->multiuser != old_ctx->multiuser) {
745 cifs_errorf(fc, "can not change multiuser during remount\n");
746 return -EINVAL;
747 }
748 if (new_ctx->UNC &&
749 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
750 cifs_errorf(fc, "can not change UNC during remount\n");
751 return -EINVAL;
752 }
753 if (new_ctx->username &&
754 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
755 cifs_errorf(fc, "can not change username during remount\n");
756 return -EINVAL;
757 }
758 if (new_ctx->password &&
759 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
760 cifs_errorf(fc, "can not change password during remount\n");
761 return -EINVAL;
762 }
763 if (new_ctx->domainname &&
764 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
765 cifs_errorf(fc, "can not change domainname during remount\n");
766 return -EINVAL;
767 }
768 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
769 cifs_errorf(fc, "can not change workstation_name during remount\n");
770 return -EINVAL;
771 }
772 if (new_ctx->nodename &&
773 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
774 cifs_errorf(fc, "can not change nodename during remount\n");
775 return -EINVAL;
776 }
777 if (new_ctx->iocharset &&
778 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
779 cifs_errorf(fc, "can not change iocharset during remount\n");
780 return -EINVAL;
781 }
782
783 return 0;
784 }
785
786 #define STEAL_STRING(cifs_sb, ctx, field) \
787 do { \
788 kfree(ctx->field); \
789 ctx->field = cifs_sb->ctx->field; \
790 cifs_sb->ctx->field = NULL; \
791 } while (0)
792
smb3_reconfigure(struct fs_context * fc)793 static int smb3_reconfigure(struct fs_context *fc)
794 {
795 struct smb3_fs_context *ctx = smb3_fc2context(fc);
796 struct dentry *root = fc->root;
797 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
798 int rc;
799
800 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
801 if (rc)
802 return rc;
803
804 /*
805 * We can not change UNC/username/password/domainname/
806 * workstation_name/nodename/iocharset
807 * during reconnect so ignore what we have in the new context and
808 * just use what we already have in cifs_sb->ctx.
809 */
810 STEAL_STRING(cifs_sb, ctx, UNC);
811 STEAL_STRING(cifs_sb, ctx, source);
812 STEAL_STRING(cifs_sb, ctx, username);
813 STEAL_STRING(cifs_sb, ctx, password);
814 STEAL_STRING(cifs_sb, ctx, domainname);
815 STEAL_STRING(cifs_sb, ctx, nodename);
816 STEAL_STRING(cifs_sb, ctx, iocharset);
817
818 /* if rsize or wsize not passed in on remount, use previous values */
819 if (ctx->rsize == 0)
820 ctx->rsize = cifs_sb->ctx->rsize;
821 if (ctx->wsize == 0)
822 ctx->wsize = cifs_sb->ctx->wsize;
823
824
825 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
826 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
827 smb3_update_mnt_flags(cifs_sb);
828 #ifdef CONFIG_CIFS_DFS_UPCALL
829 if (!rc)
830 rc = dfs_cache_remount_fs(cifs_sb);
831 #endif
832
833 return rc;
834 }
835
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)836 static int smb3_fs_context_parse_param(struct fs_context *fc,
837 struct fs_parameter *param)
838 {
839 struct fs_parse_result result;
840 struct smb3_fs_context *ctx = smb3_fc2context(fc);
841 int i, opt;
842 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
843 bool skip_parsing = false;
844 kuid_t uid;
845 kgid_t gid;
846
847 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
848
849 /*
850 * fs_parse can not handle string options with an empty value so
851 * we will need special handling of them.
852 */
853 if (param->type == fs_value_is_string && param->string[0] == 0) {
854 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
855 skip_parsing = true;
856 opt = Opt_pass;
857 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
858 skip_parsing = true;
859 opt = Opt_user;
860 }
861 }
862
863 if (!skip_parsing) {
864 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
865 if (opt < 0)
866 return ctx->sloppy ? 1 : opt;
867 }
868
869 switch (opt) {
870 case Opt_compress:
871 ctx->compression = UNKNOWN_TYPE;
872 cifs_dbg(VFS,
873 "SMB3 compression support is experimental\n");
874 break;
875 case Opt_nodfs:
876 ctx->nodfs = 1;
877 break;
878 case Opt_hard:
879 if (result.negated)
880 ctx->retry = 0;
881 else
882 ctx->retry = 1;
883 break;
884 case Opt_soft:
885 if (result.negated)
886 ctx->retry = 1;
887 else
888 ctx->retry = 0;
889 break;
890 case Opt_mapposix:
891 if (result.negated)
892 ctx->remap = false;
893 else {
894 ctx->remap = true;
895 ctx->sfu_remap = false; /* disable SFU mapping */
896 }
897 break;
898 case Opt_user_xattr:
899 if (result.negated)
900 ctx->no_xattr = 1;
901 else
902 ctx->no_xattr = 0;
903 break;
904 case Opt_forceuid:
905 if (result.negated)
906 ctx->override_uid = 0;
907 else
908 ctx->override_uid = 1;
909 break;
910 case Opt_forcegid:
911 if (result.negated)
912 ctx->override_gid = 0;
913 else
914 ctx->override_gid = 1;
915 break;
916 case Opt_perm:
917 if (result.negated)
918 ctx->noperm = 1;
919 else
920 ctx->noperm = 0;
921 break;
922 case Opt_dynperm:
923 if (result.negated)
924 ctx->dynperm = 0;
925 else
926 ctx->dynperm = 1;
927 break;
928 case Opt_sfu:
929 if (result.negated)
930 ctx->sfu_emul = 0;
931 else
932 ctx->sfu_emul = 1;
933 break;
934 case Opt_noblocksend:
935 ctx->noblocksnd = 1;
936 break;
937 case Opt_noautotune:
938 ctx->noautotune = 1;
939 break;
940 case Opt_nolease:
941 ctx->no_lease = 1;
942 break;
943 case Opt_nosparse:
944 ctx->no_sparse = 1;
945 break;
946 case Opt_nodelete:
947 ctx->nodelete = 1;
948 break;
949 case Opt_multichannel:
950 if (result.negated) {
951 ctx->multichannel = false;
952 ctx->max_channels = 1;
953 } else {
954 ctx->multichannel = true;
955 /* if number of channels not specified, default to 2 */
956 if (ctx->max_channels < 2)
957 ctx->max_channels = 2;
958 }
959 break;
960 case Opt_uid:
961 uid = make_kuid(current_user_ns(), result.uint_32);
962 if (!uid_valid(uid))
963 goto cifs_parse_mount_err;
964 ctx->linux_uid = uid;
965 ctx->uid_specified = true;
966 break;
967 case Opt_cruid:
968 uid = make_kuid(current_user_ns(), result.uint_32);
969 if (!uid_valid(uid))
970 goto cifs_parse_mount_err;
971 ctx->cred_uid = uid;
972 ctx->cruid_specified = true;
973 break;
974 case Opt_backupuid:
975 uid = make_kuid(current_user_ns(), result.uint_32);
976 if (!uid_valid(uid))
977 goto cifs_parse_mount_err;
978 ctx->backupuid = uid;
979 ctx->backupuid_specified = true;
980 break;
981 case Opt_backupgid:
982 gid = make_kgid(current_user_ns(), result.uint_32);
983 if (!gid_valid(gid))
984 goto cifs_parse_mount_err;
985 ctx->backupgid = gid;
986 ctx->backupgid_specified = true;
987 break;
988 case Opt_gid:
989 gid = make_kgid(current_user_ns(), result.uint_32);
990 if (!gid_valid(gid))
991 goto cifs_parse_mount_err;
992 ctx->linux_gid = gid;
993 ctx->gid_specified = true;
994 break;
995 case Opt_port:
996 ctx->port = result.uint_32;
997 break;
998 case Opt_file_mode:
999 ctx->file_mode = result.uint_32;
1000 break;
1001 case Opt_dirmode:
1002 ctx->dir_mode = result.uint_32;
1003 break;
1004 case Opt_min_enc_offload:
1005 ctx->min_offload = result.uint_32;
1006 break;
1007 case Opt_blocksize:
1008 /*
1009 * inode blocksize realistically should never need to be
1010 * less than 16K or greater than 16M and default is 1MB.
1011 * Note that small inode block sizes (e.g. 64K) can lead
1012 * to very poor performance of common tools like cp and scp
1013 */
1014 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1015 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1016 cifs_errorf(fc, "%s: Invalid blocksize\n",
1017 __func__);
1018 goto cifs_parse_mount_err;
1019 }
1020 ctx->bsize = result.uint_32;
1021 ctx->got_bsize = true;
1022 break;
1023 case Opt_rasize:
1024 /*
1025 * readahead size realistically should never need to be
1026 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1027 * (perhaps an exception should be considered in the
1028 * for the case of a large number of channels
1029 * when multichannel is negotiated) since that would lead
1030 * to plenty of parallel I/O in flight to the server.
1031 * Note that smaller read ahead sizes would
1032 * hurt performance of common tools like cp and scp
1033 * which often trigger sequential i/o with read ahead
1034 */
1035 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1036 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1037 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1038 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1039 goto cifs_parse_mount_err;
1040 }
1041 ctx->rasize = result.uint_32;
1042 break;
1043 case Opt_rsize:
1044 ctx->rsize = result.uint_32;
1045 ctx->got_rsize = true;
1046 break;
1047 case Opt_wsize:
1048 ctx->wsize = result.uint_32;
1049 ctx->got_wsize = true;
1050 break;
1051 case Opt_acregmax:
1052 ctx->acregmax = HZ * result.uint_32;
1053 if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
1054 cifs_errorf(fc, "acregmax too large\n");
1055 goto cifs_parse_mount_err;
1056 }
1057 break;
1058 case Opt_acdirmax:
1059 ctx->acdirmax = HZ * result.uint_32;
1060 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
1061 cifs_errorf(fc, "acdirmax too large\n");
1062 goto cifs_parse_mount_err;
1063 }
1064 break;
1065 case Opt_actimeo:
1066 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
1067 cifs_errorf(fc, "timeout too large\n");
1068 goto cifs_parse_mount_err;
1069 }
1070 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1071 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1072 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1073 break;
1074 }
1075 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1076 break;
1077 case Opt_echo_interval:
1078 ctx->echo_interval = result.uint_32;
1079 break;
1080 case Opt_snapshot:
1081 ctx->snapshot_time = result.uint_64;
1082 break;
1083 case Opt_max_credits:
1084 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1085 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1086 __func__);
1087 goto cifs_parse_mount_err;
1088 }
1089 ctx->max_credits = result.uint_32;
1090 break;
1091 case Opt_max_channels:
1092 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1093 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1094 __func__, CIFS_MAX_CHANNELS);
1095 goto cifs_parse_mount_err;
1096 }
1097 ctx->max_channels = result.uint_32;
1098 /* If more than one channel requested ... they want multichan */
1099 if (result.uint_32 > 1)
1100 ctx->multichannel = true;
1101 break;
1102 case Opt_handletimeout:
1103 ctx->handle_timeout = result.uint_32;
1104 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1105 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1106 goto cifs_parse_mount_err;
1107 }
1108 break;
1109 case Opt_source:
1110 kfree(ctx->UNC);
1111 ctx->UNC = NULL;
1112 switch (smb3_parse_devname(param->string, ctx)) {
1113 case 0:
1114 break;
1115 case -ENOMEM:
1116 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1117 goto cifs_parse_mount_err;
1118 case -EINVAL:
1119 cifs_errorf(fc, "Malformed UNC in devname\n");
1120 goto cifs_parse_mount_err;
1121 default:
1122 cifs_errorf(fc, "Unknown error parsing devname\n");
1123 goto cifs_parse_mount_err;
1124 }
1125 ctx->source = kstrdup(param->string, GFP_KERNEL);
1126 if (ctx->source == NULL) {
1127 cifs_errorf(fc, "OOM when copying UNC string\n");
1128 goto cifs_parse_mount_err;
1129 }
1130 fc->source = kstrdup(param->string, GFP_KERNEL);
1131 if (fc->source == NULL) {
1132 cifs_errorf(fc, "OOM when copying UNC string\n");
1133 goto cifs_parse_mount_err;
1134 }
1135 break;
1136 case Opt_user:
1137 kfree(ctx->username);
1138 ctx->username = NULL;
1139 if (strlen(param->string) == 0) {
1140 /* null user, ie. anonymous authentication */
1141 ctx->nullauth = 1;
1142 break;
1143 }
1144
1145 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1146 CIFS_MAX_USERNAME_LEN) {
1147 pr_warn("username too long\n");
1148 goto cifs_parse_mount_err;
1149 }
1150 ctx->username = kstrdup(param->string, GFP_KERNEL);
1151 if (ctx->username == NULL) {
1152 cifs_errorf(fc, "OOM when copying username string\n");
1153 goto cifs_parse_mount_err;
1154 }
1155 break;
1156 case Opt_pass:
1157 kfree(ctx->password);
1158 ctx->password = NULL;
1159 if (strlen(param->string) == 0)
1160 break;
1161
1162 ctx->password = kstrdup(param->string, GFP_KERNEL);
1163 if (ctx->password == NULL) {
1164 cifs_errorf(fc, "OOM when copying password string\n");
1165 goto cifs_parse_mount_err;
1166 }
1167 break;
1168 case Opt_ip:
1169 if (strlen(param->string) == 0) {
1170 ctx->got_ip = false;
1171 break;
1172 }
1173 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1174 param->string,
1175 strlen(param->string))) {
1176 pr_err("bad ip= option (%s)\n", param->string);
1177 goto cifs_parse_mount_err;
1178 }
1179 ctx->got_ip = true;
1180 break;
1181 case Opt_domain:
1182 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1183 == CIFS_MAX_DOMAINNAME_LEN) {
1184 pr_warn("domain name too long\n");
1185 goto cifs_parse_mount_err;
1186 }
1187
1188 kfree(ctx->domainname);
1189 ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1190 if (ctx->domainname == NULL) {
1191 cifs_errorf(fc, "OOM when copying domainname string\n");
1192 goto cifs_parse_mount_err;
1193 }
1194 cifs_dbg(FYI, "Domain name set\n");
1195 break;
1196 case Opt_srcaddr:
1197 if (!cifs_convert_address(
1198 (struct sockaddr *)&ctx->srcaddr,
1199 param->string, strlen(param->string))) {
1200 pr_warn("Could not parse srcaddr: %s\n",
1201 param->string);
1202 goto cifs_parse_mount_err;
1203 }
1204 break;
1205 case Opt_iocharset:
1206 if (strnlen(param->string, 1024) >= 65) {
1207 pr_warn("iocharset name too long\n");
1208 goto cifs_parse_mount_err;
1209 }
1210
1211 if (strncasecmp(param->string, "default", 7) != 0) {
1212 kfree(ctx->iocharset);
1213 ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1214 if (ctx->iocharset == NULL) {
1215 cifs_errorf(fc, "OOM when copying iocharset string\n");
1216 goto cifs_parse_mount_err;
1217 }
1218 }
1219 /* if iocharset not set then load_nls_default
1220 * is used by caller
1221 */
1222 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1223 break;
1224 case Opt_netbiosname:
1225 memset(ctx->source_rfc1001_name, 0x20,
1226 RFC1001_NAME_LEN);
1227 /*
1228 * FIXME: are there cases in which a comma can
1229 * be valid in workstation netbios name (and
1230 * need special handling)?
1231 */
1232 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1233 /* don't ucase netbiosname for user */
1234 if (param->string[i] == 0)
1235 break;
1236 ctx->source_rfc1001_name[i] = param->string[i];
1237 }
1238 /* The string has 16th byte zero still from
1239 * set at top of the function
1240 */
1241 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1242 pr_warn("netbiosname longer than 15 truncated\n");
1243 break;
1244 case Opt_servern:
1245 /* last byte, type, is 0x20 for servr type */
1246 memset(ctx->target_rfc1001_name, 0x20,
1247 RFC1001_NAME_LEN_WITH_NULL);
1248 /*
1249 * BB are there cases in which a comma can be valid in this
1250 * workstation netbios name (and need special handling)?
1251 */
1252
1253 /* user or mount helper must uppercase the netbios name */
1254 for (i = 0; i < 15; i++) {
1255 if (param->string[i] == 0)
1256 break;
1257 ctx->target_rfc1001_name[i] = param->string[i];
1258 }
1259
1260 /* The string has 16th byte zero still from set at top of function */
1261 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1262 pr_warn("server netbiosname longer than 15 truncated\n");
1263 break;
1264 case Opt_ver:
1265 /* version of mount userspace tools, not dialect */
1266 /* If interface changes in mount.cifs bump to new ver */
1267 if (strncasecmp(param->string, "1", 1) == 0) {
1268 if (strlen(param->string) > 1) {
1269 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1270 param->string);
1271 goto cifs_parse_mount_err;
1272 }
1273 /* This is the default */
1274 break;
1275 }
1276 /* For all other value, error */
1277 pr_warn("Invalid mount helper version specified\n");
1278 goto cifs_parse_mount_err;
1279 case Opt_vers:
1280 /* protocol version (dialect) */
1281 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1282 goto cifs_parse_mount_err;
1283 ctx->got_version = true;
1284 break;
1285 case Opt_sec:
1286 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1287 goto cifs_parse_mount_err;
1288 break;
1289 case Opt_cache:
1290 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1291 goto cifs_parse_mount_err;
1292 break;
1293 case Opt_witness:
1294 #ifndef CONFIG_CIFS_SWN_UPCALL
1295 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1296 goto cifs_parse_mount_err;
1297 #endif
1298 ctx->witness = true;
1299 pr_warn_once("Witness protocol support is experimental\n");
1300 break;
1301 case Opt_rootfs:
1302 #ifndef CONFIG_CIFS_ROOT
1303 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1304 goto cifs_parse_mount_err;
1305 #endif
1306 ctx->rootfs = true;
1307 break;
1308 case Opt_posixpaths:
1309 if (result.negated)
1310 ctx->posix_paths = 0;
1311 else
1312 ctx->posix_paths = 1;
1313 break;
1314 case Opt_unix:
1315 if (result.negated) {
1316 if (ctx->linux_ext == 1)
1317 pr_warn_once("conflicting posix mount options specified\n");
1318 ctx->linux_ext = 0;
1319 ctx->no_linux_ext = 1;
1320 } else {
1321 if (ctx->no_linux_ext == 1)
1322 pr_warn_once("conflicting posix mount options specified\n");
1323 ctx->linux_ext = 1;
1324 ctx->no_linux_ext = 0;
1325 }
1326 break;
1327 case Opt_nocase:
1328 ctx->nocase = 1;
1329 break;
1330 case Opt_brl:
1331 if (result.negated) {
1332 /*
1333 * turn off mandatory locking in mode
1334 * if remote locking is turned off since the
1335 * local vfs will do advisory
1336 */
1337 if (ctx->file_mode ==
1338 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1339 ctx->file_mode = S_IALLUGO;
1340 ctx->nobrl = 1;
1341 } else
1342 ctx->nobrl = 0;
1343 break;
1344 case Opt_handlecache:
1345 if (result.negated)
1346 ctx->nohandlecache = 1;
1347 else
1348 ctx->nohandlecache = 0;
1349 break;
1350 case Opt_forcemandatorylock:
1351 ctx->mand_lock = 1;
1352 break;
1353 case Opt_setuids:
1354 ctx->setuids = result.negated;
1355 break;
1356 case Opt_intr:
1357 ctx->intr = !result.negated;
1358 break;
1359 case Opt_setuidfromacl:
1360 ctx->setuidfromacl = 1;
1361 break;
1362 case Opt_strictsync:
1363 ctx->nostrictsync = result.negated;
1364 break;
1365 case Opt_serverino:
1366 ctx->server_ino = !result.negated;
1367 break;
1368 case Opt_rwpidforward:
1369 ctx->rwpidforward = 1;
1370 break;
1371 case Opt_modesid:
1372 ctx->mode_ace = 1;
1373 break;
1374 case Opt_cifsacl:
1375 ctx->cifs_acl = !result.negated;
1376 break;
1377 case Opt_acl:
1378 ctx->no_psx_acl = result.negated;
1379 break;
1380 case Opt_locallease:
1381 ctx->local_lease = 1;
1382 break;
1383 case Opt_sign:
1384 ctx->sign = true;
1385 break;
1386 case Opt_ignore_signature:
1387 ctx->sign = true;
1388 ctx->ignore_signature = true;
1389 break;
1390 case Opt_seal:
1391 /* we do not do the following in secFlags because seal
1392 * is a per tree connection (mount) not a per socket
1393 * or per-smb connection option in the protocol
1394 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1395 */
1396 ctx->seal = 1;
1397 break;
1398 case Opt_noac:
1399 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1400 break;
1401 case Opt_fsc:
1402 #ifndef CONFIG_CIFS_FSCACHE
1403 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1404 goto cifs_parse_mount_err;
1405 #endif
1406 ctx->fsc = true;
1407 break;
1408 case Opt_mfsymlinks:
1409 ctx->mfsymlinks = true;
1410 break;
1411 case Opt_multiuser:
1412 ctx->multiuser = true;
1413 break;
1414 case Opt_sloppy:
1415 ctx->sloppy = true;
1416 break;
1417 case Opt_nosharesock:
1418 ctx->nosharesock = true;
1419 break;
1420 case Opt_persistent:
1421 if (result.negated) {
1422 ctx->nopersistent = true;
1423 if (ctx->persistent) {
1424 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1425 goto cifs_parse_mount_err;
1426 }
1427 } else {
1428 ctx->persistent = true;
1429 if ((ctx->nopersistent) || (ctx->resilient)) {
1430 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1431 goto cifs_parse_mount_err;
1432 }
1433 }
1434 break;
1435 case Opt_resilient:
1436 if (result.negated) {
1437 ctx->resilient = false; /* already the default */
1438 } else {
1439 ctx->resilient = true;
1440 if (ctx->persistent) {
1441 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1442 goto cifs_parse_mount_err;
1443 }
1444 }
1445 break;
1446 case Opt_tcp_nodelay:
1447 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1448 if (result.negated)
1449 ctx->sockopt_tcp_nodelay = false;
1450 else
1451 ctx->sockopt_tcp_nodelay = true;
1452 break;
1453 case Opt_domainauto:
1454 ctx->domainauto = true;
1455 break;
1456 case Opt_rdma:
1457 ctx->rdma = true;
1458 break;
1459 }
1460 /* case Opt_ignore: - is ignored as expected ... */
1461
1462 return 0;
1463
1464 cifs_parse_mount_err:
1465 return -EINVAL;
1466 }
1467
smb3_init_fs_context(struct fs_context * fc)1468 int smb3_init_fs_context(struct fs_context *fc)
1469 {
1470 struct smb3_fs_context *ctx;
1471 char *nodename = utsname()->nodename;
1472 int i;
1473
1474 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1475 if (unlikely(!ctx))
1476 return -ENOMEM;
1477
1478 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1479
1480 /*
1481 * does not have to be perfect mapping since field is
1482 * informational, only used for servers that do not support
1483 * port 445 and it can be overridden at mount time
1484 */
1485 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1486 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1487 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1488
1489 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1490 /*
1491 * null target name indicates to use *SMBSERVR default called name
1492 * if we end up sending RFC1001 session initialize
1493 */
1494 ctx->target_rfc1001_name[0] = 0;
1495 ctx->cred_uid = current_uid();
1496 ctx->linux_uid = current_uid();
1497 ctx->linux_gid = current_gid();
1498 /* By default 4MB read ahead size, 1MB block size */
1499 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1500 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1501
1502 /*
1503 * default to SFM style remapping of seven reserved characters
1504 * unless user overrides it or we negotiate CIFS POSIX where
1505 * it is unnecessary. Can not simultaneously use more than one mapping
1506 * since then readdir could list files that open could not open
1507 */
1508 ctx->remap = true;
1509
1510 /* default to only allowing write access to owner of the mount */
1511 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1512
1513 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1514 /* default is always to request posix paths. */
1515 ctx->posix_paths = 1;
1516 /* default to using server inode numbers where available */
1517 ctx->server_ino = 1;
1518
1519 /* default is to use strict cifs caching semantics */
1520 ctx->strict_io = true;
1521
1522 ctx->acregmax = CIFS_DEF_ACTIMEO;
1523 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1524
1525 /* Most clients set timeout to 0, allows server to use its default */
1526 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1527
1528 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1529 ctx->ops = &smb30_operations;
1530 ctx->vals = &smbdefault_values;
1531
1532 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1533
1534 /* default to no multichannel (single server connection) */
1535 ctx->multichannel = false;
1536 ctx->max_channels = 1;
1537
1538 ctx->backupuid_specified = false; /* no backup intent for a user */
1539 ctx->backupgid_specified = false; /* no backup intent for a group */
1540
1541 /*
1542 * short int override_uid = -1;
1543 * short int override_gid = -1;
1544 * char *nodename = strdup(utsname()->nodename);
1545 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1546 */
1547
1548 fc->fs_private = ctx;
1549 fc->ops = &smb3_fs_context_ops;
1550 return 0;
1551 }
1552
1553 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1554 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1555 {
1556 if (ctx == NULL)
1557 return;
1558
1559 /*
1560 * Make sure this stays in sync with smb3_fs_context_dup()
1561 */
1562 kfree(ctx->mount_options);
1563 ctx->mount_options = NULL;
1564 kfree(ctx->username);
1565 ctx->username = NULL;
1566 kfree_sensitive(ctx->password);
1567 ctx->password = NULL;
1568 kfree(ctx->server_hostname);
1569 ctx->server_hostname = NULL;
1570 kfree(ctx->UNC);
1571 ctx->UNC = NULL;
1572 kfree(ctx->source);
1573 ctx->source = NULL;
1574 kfree(ctx->domainname);
1575 ctx->domainname = NULL;
1576 kfree(ctx->nodename);
1577 ctx->nodename = NULL;
1578 kfree(ctx->iocharset);
1579 ctx->iocharset = NULL;
1580 kfree(ctx->prepath);
1581 ctx->prepath = NULL;
1582 }
1583
1584 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1585 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1586 {
1587 if (!ctx)
1588 return;
1589 smb3_cleanup_fs_context_contents(ctx);
1590 kfree(ctx);
1591 }
1592
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1593 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1594 {
1595 struct smb3_fs_context *ctx = cifs_sb->ctx;
1596
1597 if (ctx->nodfs)
1598 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1599 else
1600 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1601
1602 if (ctx->noperm)
1603 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1604 else
1605 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1606
1607 if (ctx->setuids)
1608 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1609 else
1610 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1611
1612 if (ctx->setuidfromacl)
1613 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1614 else
1615 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1616
1617 if (ctx->server_ino)
1618 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1619 else
1620 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1621
1622 if (ctx->remap)
1623 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1624 else
1625 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1626
1627 if (ctx->sfu_remap)
1628 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1629 else
1630 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1631
1632 if (ctx->no_xattr)
1633 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1634 else
1635 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1636
1637 if (ctx->sfu_emul)
1638 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1639 else
1640 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1641
1642 if (ctx->nobrl)
1643 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1644 else
1645 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1646
1647 if (ctx->nohandlecache)
1648 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1649 else
1650 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1651
1652 if (ctx->nostrictsync)
1653 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1654 else
1655 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1656
1657 if (ctx->mand_lock)
1658 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1659 else
1660 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1661
1662 if (ctx->rwpidforward)
1663 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1664 else
1665 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1666
1667 if (ctx->mode_ace)
1668 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1669 else
1670 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1671
1672 if (ctx->cifs_acl)
1673 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1674 else
1675 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1676
1677 if (ctx->backupuid_specified)
1678 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1679 else
1680 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1681
1682 if (ctx->backupgid_specified)
1683 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1684 else
1685 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1686
1687 if (ctx->override_uid)
1688 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1689 else
1690 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1691
1692 if (ctx->override_gid)
1693 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1694 else
1695 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1696
1697 if (ctx->dynperm)
1698 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1699 else
1700 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1701
1702 if (ctx->fsc)
1703 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1704 else
1705 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1706
1707 if (ctx->multiuser)
1708 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1709 CIFS_MOUNT_NO_PERM);
1710 else
1711 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1712
1713
1714 if (ctx->strict_io)
1715 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1716 else
1717 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1718
1719 if (ctx->direct_io)
1720 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1721 else
1722 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1723
1724 if (ctx->mfsymlinks)
1725 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1726 else
1727 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1728 if (ctx->mfsymlinks) {
1729 if (ctx->sfu_emul) {
1730 /*
1731 * Our SFU ("Services for Unix" emulation does not allow
1732 * creating symlinks but does allow reading existing SFU
1733 * symlinks (it does allow both creating and reading SFU
1734 * style mknod and FIFOs though). When "mfsymlinks" and
1735 * "sfu" are both enabled at the same time, it allows
1736 * reading both types of symlinks, but will only create
1737 * them with mfsymlinks format. This allows better
1738 * Apple compatibility (probably better for Samba too)
1739 * while still recognizing old Windows style symlinks.
1740 */
1741 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1742 }
1743 }
1744 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1745
1746 return;
1747 }
1748